Botan 2.19.0
Crypto and TLS for C&
tls_algos.cpp
Go to the documentation of this file.
1/*
2* (C) 2017 Jack Lloyd
3*
4* Botan is released under the Simplified BSD License (see license.txt)
5*/
6
7#include <botan/tls_algos.h>
8#include <botan/exceptn.h>
9
10namespace Botan {
11
12namespace TLS {
13
14std::string kdf_algo_to_string(KDF_Algo algo)
15 {
16 switch(algo)
17 {
18 case KDF_Algo::SHA_1:
19 return "SHA-1";
20 case KDF_Algo::SHA_256:
21 return "SHA-256";
22 case KDF_Algo::SHA_384:
23 return "SHA-384";
24 }
25
26 throw Invalid_State("kdf_algo_to_string unknown enum value");
27 }
28
29std::string kex_method_to_string(Kex_Algo method)
30 {
31 switch(method)
32 {
33 case Kex_Algo::STATIC_RSA:
34 return "RSA";
35 case Kex_Algo::DH:
36 return "DH";
37 case Kex_Algo::ECDH:
38 return "ECDH";
39 case Kex_Algo::CECPQ1:
40 return "CECPQ1";
41 case Kex_Algo::SRP_SHA:
42 return "SRP_SHA";
43 case Kex_Algo::PSK:
44 return "PSK";
45 case Kex_Algo::DHE_PSK:
46 return "DHE_PSK";
47 case Kex_Algo::ECDHE_PSK:
48 return "ECDHE_PSK";
49 }
50
51 throw Invalid_State("kex_method_to_string unknown enum value");
52 }
53
54Kex_Algo kex_method_from_string(const std::string& str)
55 {
56 if(str == "RSA")
57 return Kex_Algo::STATIC_RSA;
58
59 if(str == "DH")
60 return Kex_Algo::DH;
61
62 if(str == "ECDH")
63 return Kex_Algo::ECDH;
64
65 if(str == "CECPQ1")
66 return Kex_Algo::CECPQ1;
67
68 if(str == "SRP_SHA")
69 return Kex_Algo::SRP_SHA;
70
71 if(str == "PSK")
72 return Kex_Algo::PSK;
73
74 if(str == "DHE_PSK")
75 return Kex_Algo::DHE_PSK;
76
77 if(str == "ECDHE_PSK")
78 return Kex_Algo::ECDHE_PSK;
79
80 throw Invalid_Argument("Unknown kex method " + str);
81 }
82
83std::string auth_method_to_string(Auth_Method method)
84 {
85 switch(method)
86 {
87 case Auth_Method::RSA:
88 return "RSA";
89 case Auth_Method::DSA:
90 return "DSA";
91 case Auth_Method::ECDSA:
92 return "ECDSA";
93 case Auth_Method::IMPLICIT:
94 return "IMPLICIT";
95 case Auth_Method::ANONYMOUS:
96 return "ANONYMOUS";
97 }
98
99 throw Invalid_State("auth_method_to_string unknown enum value");
100 }
101
102Auth_Method auth_method_from_string(const std::string& str)
103 {
104 if(str == "RSA")
105 return Auth_Method::RSA;
106 if(str == "DSA")
107 return Auth_Method::DSA;
108 if(str == "ECDSA")
109 return Auth_Method::ECDSA;
110 if(str == "IMPLICIT")
111 return Auth_Method::IMPLICIT;
112 if(str == "ANONYMOUS" || str == "")
113 return Auth_Method::ANONYMOUS;
114
115 throw Invalid_Argument("Bad signature method " + str);
116 }
117
118bool group_param_is_dh(Group_Params group)
119 {
120 uint16_t group_id = static_cast<uint16_t>(group);
121 return (group_id >= 256 && group_id < 512);
122 }
123
124Group_Params group_param_from_string(const std::string& group_name)
125 {
126 if(group_name == "secp256r1")
127 return Group_Params::SECP256R1;
128 if(group_name == "secp384r1")
129 return Group_Params::SECP384R1;
130 if(group_name == "secp521r1")
131 return Group_Params::SECP521R1;
132 if(group_name == "brainpool256r1")
133 return Group_Params::BRAINPOOL256R1;
134 if(group_name == "brainpool384r1")
135 return Group_Params::BRAINPOOL384R1;
136 if(group_name == "brainpool512r1")
137 return Group_Params::BRAINPOOL512R1;
138 if(group_name == "x25519")
139 return Group_Params::X25519;
140
141 if(group_name == "ffdhe/ietf/2048")
142 return Group_Params::FFDHE_2048;
143 if(group_name == "ffdhe/ietf/3072")
144 return Group_Params::FFDHE_3072;
145 if(group_name == "ffdhe/ietf/4096")
146 return Group_Params::FFDHE_4096;
147 if(group_name == "ffdhe/ietf/6144")
148 return Group_Params::FFDHE_6144;
149 if(group_name == "ffdhe/ietf/8192")
150 return Group_Params::FFDHE_8192;
151
152 return Group_Params::NONE; // unknown
153 }
154
155std::string group_param_to_string(Group_Params group)
156 {
157 switch(group)
158 {
159 case Group_Params::SECP256R1:
160 return "secp256r1";
161 case Group_Params::SECP384R1:
162 return "secp384r1";
163 case Group_Params::SECP521R1:
164 return "secp521r1";
165 case Group_Params::BRAINPOOL256R1:
166 return "brainpool256r1";
167 case Group_Params::BRAINPOOL384R1:
168 return "brainpool384r1";
169 case Group_Params::BRAINPOOL512R1:
170 return "brainpool512r1";
171 case Group_Params::X25519:
172 return "x25519";
173
174 case Group_Params::FFDHE_2048:
175 return "ffdhe/ietf/2048";
176 case Group_Params::FFDHE_3072:
177 return "ffdhe/ietf/3072";
178 case Group_Params::FFDHE_4096:
179 return "ffdhe/ietf/4096";
180 case Group_Params::FFDHE_6144:
181 return "ffdhe/ietf/6144";
182 case Group_Params::FFDHE_8192:
183 return "ffdhe/ietf/8192";
184
185 default:
186 return "";
187 }
188 }
189
190
191std::string hash_function_of_scheme(Signature_Scheme scheme)
192 {
193 switch(scheme)
194 {
195 case Signature_Scheme::DSA_SHA1:
196 case Signature_Scheme::ECDSA_SHA1:
197 case Signature_Scheme::RSA_PKCS1_SHA1:
198 return "SHA-1";
199
200 case Signature_Scheme::DSA_SHA256:
201 case Signature_Scheme::ECDSA_SHA256:
202 case Signature_Scheme::RSA_PKCS1_SHA256:
203 case Signature_Scheme::RSA_PSS_SHA256:
204 return "SHA-256";
205
206 case Signature_Scheme::DSA_SHA384:
207 case Signature_Scheme::ECDSA_SHA384:
208 case Signature_Scheme::RSA_PKCS1_SHA384:
209 case Signature_Scheme::RSA_PSS_SHA384:
210 return "SHA-384";
211
212 case Signature_Scheme::DSA_SHA512:
213 case Signature_Scheme::ECDSA_SHA512:
214 case Signature_Scheme::RSA_PKCS1_SHA512:
215 case Signature_Scheme::RSA_PSS_SHA512:
216 return "SHA-512";
217
218 case Signature_Scheme::EDDSA_25519:
219 case Signature_Scheme::EDDSA_448:
220 return "Pure";
221
222 case Signature_Scheme::NONE:
223 return "";
224 }
225
226 throw Invalid_State("hash_function_of_scheme: Unknown signature algorithm enum");
227 }
228
229const std::vector<Signature_Scheme>& all_signature_schemes()
230 {
231 /*
232 * This is ordered in some approximate order of preference
233 */
234 static const std::vector<Signature_Scheme> all_schemes = {
235 //Signature_Scheme::EDDSA_448,
236 //Signature_Scheme::EDDSA_25519,
237
238 Signature_Scheme::RSA_PSS_SHA384,
239 Signature_Scheme::RSA_PSS_SHA256,
240 Signature_Scheme::RSA_PSS_SHA512,
241
242 Signature_Scheme::RSA_PKCS1_SHA384,
243 Signature_Scheme::RSA_PKCS1_SHA512,
244 Signature_Scheme::RSA_PKCS1_SHA256,
245
246 Signature_Scheme::ECDSA_SHA384,
247 Signature_Scheme::ECDSA_SHA512,
248 Signature_Scheme::ECDSA_SHA256,
249
250 Signature_Scheme::DSA_SHA384,
251 Signature_Scheme::DSA_SHA512,
252 Signature_Scheme::DSA_SHA256,
253
254 Signature_Scheme::RSA_PKCS1_SHA1,
255 Signature_Scheme::ECDSA_SHA1,
256 Signature_Scheme::DSA_SHA1,
257 };
258
259 return all_schemes;
260 }
261
262bool signature_scheme_is_known(Signature_Scheme scheme)
263 {
264 switch(scheme)
265 {
266 case Signature_Scheme::RSA_PKCS1_SHA1:
267 case Signature_Scheme::RSA_PKCS1_SHA256:
268 case Signature_Scheme::RSA_PKCS1_SHA384:
269 case Signature_Scheme::RSA_PKCS1_SHA512:
270 case Signature_Scheme::RSA_PSS_SHA256:
271 case Signature_Scheme::RSA_PSS_SHA384:
272 case Signature_Scheme::RSA_PSS_SHA512:
273
274 case Signature_Scheme::DSA_SHA1:
275 case Signature_Scheme::DSA_SHA256:
276 case Signature_Scheme::DSA_SHA384:
277 case Signature_Scheme::DSA_SHA512:
278
279 case Signature_Scheme::ECDSA_SHA1:
280 case Signature_Scheme::ECDSA_SHA256:
281 case Signature_Scheme::ECDSA_SHA384:
282 case Signature_Scheme::ECDSA_SHA512:
283 return true;
284
285 default:
286 return false;
287 }
288
289 }
290
291std::string signature_algorithm_of_scheme(Signature_Scheme scheme)
292 {
293 switch(scheme)
294 {
295 case Signature_Scheme::RSA_PKCS1_SHA1:
296 case Signature_Scheme::RSA_PKCS1_SHA256:
297 case Signature_Scheme::RSA_PKCS1_SHA384:
298 case Signature_Scheme::RSA_PKCS1_SHA512:
299 case Signature_Scheme::RSA_PSS_SHA256:
300 case Signature_Scheme::RSA_PSS_SHA384:
301 case Signature_Scheme::RSA_PSS_SHA512:
302 return "RSA";
303
304 case Signature_Scheme::DSA_SHA1:
305 case Signature_Scheme::DSA_SHA256:
306 case Signature_Scheme::DSA_SHA384:
307 case Signature_Scheme::DSA_SHA512:
308 return "DSA";
309
310 case Signature_Scheme::ECDSA_SHA1:
311 case Signature_Scheme::ECDSA_SHA256:
312 case Signature_Scheme::ECDSA_SHA384:
313 case Signature_Scheme::ECDSA_SHA512:
314 return "ECDSA";
315
316 case Signature_Scheme::EDDSA_25519:
317 return "Ed25519";
318
319 case Signature_Scheme::EDDSA_448:
320 return "Ed448";
321
322 case Signature_Scheme::NONE:
323 return "";
324 }
325
326 throw Invalid_State("signature_algorithm_of_scheme: Unknown signature algorithm enum");
327 }
328
329std::string sig_scheme_to_string(Signature_Scheme scheme)
330 {
331 switch(scheme)
332 {
333 case Signature_Scheme::RSA_PKCS1_SHA1:
334 return "RSA_PKCS1_SHA1";
335 case Signature_Scheme::RSA_PKCS1_SHA256:
336 return "RSA_PKCS1_SHA256";
337 case Signature_Scheme::RSA_PKCS1_SHA384:
338 return "RSA_PKCS1_SHA384";
339 case Signature_Scheme::RSA_PKCS1_SHA512:
340 return "RSA_PKCS1_SHA512";
341
342 case Signature_Scheme::DSA_SHA1:
343 return "DSA_SHA1";
344 case Signature_Scheme::DSA_SHA256:
345 return "DSA_SHA256";
346 case Signature_Scheme::DSA_SHA384:
347 return "DSA_SHA384";
348 case Signature_Scheme::DSA_SHA512:
349 return "DSA_SHA512";
350
351 case Signature_Scheme::ECDSA_SHA1:
352 return "ECDSA_SHA1";
353 case Signature_Scheme::ECDSA_SHA256:
354 return "ECDSA_SHA256";
355 case Signature_Scheme::ECDSA_SHA384:
356 return "ECDSA_SHA384";
357 case Signature_Scheme::ECDSA_SHA512:
358 return "ECDSA_SHA512";
359
360 case Signature_Scheme::RSA_PSS_SHA256:
361 return "RSA_PSS_SHA256";
362 case Signature_Scheme::RSA_PSS_SHA384:
363 return "RSA_PSS_SHA384";
364 case Signature_Scheme::RSA_PSS_SHA512:
365 return "RSA_PSS_SHA512";
366
367 case Signature_Scheme::EDDSA_25519:
368 return "EDDSA_25519";
369 case Signature_Scheme::EDDSA_448:
370 return "EDDSA_448";
371
372 case Signature_Scheme::NONE:
373 return "";
374 }
375
376 throw Invalid_State("sig_scheme_to_string: Unknown signature algorithm enum");
377 }
378
379std::string padding_string_for_scheme(Signature_Scheme scheme)
380 {
381 switch(scheme)
382 {
383 case Signature_Scheme::RSA_PKCS1_SHA1:
384 return "EMSA_PKCS1(SHA-1)";
385 case Signature_Scheme::RSA_PKCS1_SHA256:
386 return "EMSA_PKCS1(SHA-256)";
387 case Signature_Scheme::RSA_PKCS1_SHA384:
388 return "EMSA_PKCS1(SHA-384)";
389 case Signature_Scheme::RSA_PKCS1_SHA512:
390 return "EMSA_PKCS1(SHA-512)";
391
392 case Signature_Scheme::DSA_SHA1:
393 case Signature_Scheme::ECDSA_SHA1:
394 return "EMSA1(SHA-1)";
395 case Signature_Scheme::DSA_SHA256:
396 case Signature_Scheme::ECDSA_SHA256:
397 return "EMSA1(SHA-256)";
398 case Signature_Scheme::DSA_SHA384:
399 case Signature_Scheme::ECDSA_SHA384:
400 return "EMSA1(SHA-384)";
401 case Signature_Scheme::DSA_SHA512:
402 case Signature_Scheme::ECDSA_SHA512:
403 return "EMSA1(SHA-512)";
404
405 case Signature_Scheme::RSA_PSS_SHA256:
406 return "PSSR(SHA-256,MGF1,32)";
407 case Signature_Scheme::RSA_PSS_SHA384:
408 return "PSSR(SHA-384,MGF1,48)";
409 case Signature_Scheme::RSA_PSS_SHA512:
410 return "PSSR(SHA-512,MGF1,64)";
411
412 case Signature_Scheme::EDDSA_25519:
413 return "Pure";
414 case Signature_Scheme::EDDSA_448:
415 return "Pure";
416
417 case Signature_Scheme::NONE:
418 return "";
419 }
420
421 throw Invalid_State("padding_string_for_scheme: Unknown signature algorithm enum");
422 }
423
424}
425
426}
Botan::Invalid_Argument
Definition: exceptn.h:137
Botan::Invalid_State
Definition: exceptn.h:216
Botan::TLS::all_signature_schemes
const std::vector< Signature_Scheme > & all_signature_schemes()
Definition: tls_algos.cpp:229
Botan::TLS::auth_method_from_string
Auth_Method auth_method_from_string(const std::string &str)
Definition: tls_algos.cpp:102
Botan::TLS::signature_scheme_is_known
bool signature_scheme_is_known(Signature_Scheme scheme)
Definition: tls_algos.cpp:262
Botan::TLS::group_param_from_string
Group_Params group_param_from_string(const std::string &group_name)
Definition: tls_algos.cpp:124
Botan::TLS::kdf_algo_to_string
std::string kdf_algo_to_string(KDF_Algo algo)
Definition: tls_algos.cpp:14
Botan::TLS::kex_method_to_string
std::string kex_method_to_string(Kex_Algo method)
Definition: tls_algos.cpp:29
Botan::TLS::group_param_is_dh
bool group_param_is_dh(Group_Params group)
Definition: tls_algos.cpp:118
Botan::TLS::Signature_Scheme
Signature_Scheme
Definition: tls_algos.h:86
Botan::TLS::hash_function_of_scheme
std::string hash_function_of_scheme(Signature_Scheme scheme)
Definition: tls_algos.cpp:191
Botan::TLS::group_param_to_string
std::string group_param_to_string(Group_Params group)
Definition: tls_algos.cpp:155
Botan::TLS::padding_string_for_scheme
std::string padding_string_for_scheme(Signature_Scheme scheme)
Definition: tls_algos.cpp:379
Botan::TLS::auth_method_to_string
std::string auth_method_to_string(Auth_Method method)
Definition: tls_algos.cpp:83
Botan::TLS::kex_method_from_string
Kex_Algo kex_method_from_string(const std::string &str)
Definition: tls_algos.cpp:54
Botan::TLS::sig_scheme_to_string
std::string sig_scheme_to_string(Signature_Scheme scheme)
Definition: tls_algos.cpp:329
Botan::TLS::signature_algorithm_of_scheme
std::string signature_algorithm_of_scheme(Signature_Scheme scheme)
Definition: tls_algos.cpp:291
Botan
Definition: alg_id.cpp:13
Generated by doxygen 1.9.3