Botan 3.11.0
Crypto and TLS for C&
tls_algos.h
Go to the documentation of this file.
1/*
2* (C) 2017 Jack Lloyd
3*
4* Botan is released under the Simplified BSD License (see license.txt)
5*/
6
7#ifndef BOTAN_TLS_ALGO_IDS_H_
8#define BOTAN_TLS_ALGO_IDS_H_
9
10#include <botan/types.h>
11#include <optional>
12#include <string>
13
14//BOTAN_FUTURE_INTERNAL_HEADER(tls_algos.h)
15
16namespace Botan::TLS {
17
45
46enum class KDF_Algo : uint8_t {
47 SHA_1,
48 SHA_256,
49 SHA_384,
50};
51
52std::string BOTAN_DLL kdf_algo_to_string(KDF_Algo algo);
53
60
61// TODO encoding should match signature_algorithms extension
62// TODO this should include hash etc as in TLS v1.3
63enum class Auth_Method : uint32_t {
64 RSA = 0,
65 ECDSA = 1,
66
67 // To support TLS 1.3 ciphersuites, which do not determine the auth method
68 UNDEFINED = 2,
69
70 // These are placed outside the encodable range
71 IMPLICIT = 0x10000
72};
73
74std::string BOTAN_TEST_API auth_method_to_string(Auth_Method method);
75Auth_Method BOTAN_TEST_API auth_method_from_string(std::string_view str);
76
77/*
78* Matches with wire encoding
79*/
80enum class Group_Params_Code : uint16_t {
81 NONE = 0,
82
83 SECP256R1 = 23,
84 SECP384R1 = 24,
85 SECP521R1 = 25,
86 BRAINPOOL256R1 = 26,
87 BRAINPOOL384R1 = 27,
88 BRAINPOOL512R1 = 28,
89
90 X25519 = 29,
91 X448 = 30,
92
93 FFDHE_2048 = 256,
94 FFDHE_3072 = 257,
95 FFDHE_4096 = 258,
96 FFDHE_6144 = 259,
97 FFDHE_8192 = 260,
98
99 // https://datatracker.ietf.org/doc/draft-connolly-tls-mlkem-key-agreement/05/
100 ML_KEM_512 = 0x0200,
101 ML_KEM_768 = 0x0201,
102 ML_KEM_1024 = 0x0202,
103
104 // libOQS defines those in:
105 // https://github.com/open-quantum-safe/oqs-provider/blob/main/ALGORITHMS.md
106 // (last update: 6th June 2025 - matching oqs commit 9447f68)
107 eFRODOKEM_640_SHAKE_OQS = 0xFE03,
108 eFRODOKEM_976_SHAKE_OQS = 0xFE09,
109 eFRODOKEM_1344_SHAKE_OQS = 0xFE0E,
110 eFRODOKEM_640_AES_OQS = 0xFE00,
111 eFRODOKEM_976_AES_OQS = 0xFE06,
112 eFRODOKEM_1344_AES_OQS = 0xFE0C,
113
114 // https://datatracker.ietf.org/doc/draft-kwiatkowski-tls-ecdhe-mlkem/03/
115 HYBRID_SECP256R1_ML_KEM_768 = 0x11EB,
116 HYBRID_SECP384R1_ML_KEM_1024 = 0x11ED,
117 HYBRID_X25519_ML_KEM_768 = 0x11EC,
118
119 // https://github.com/open-quantum-safe/oqs-provider/blob/main/ALGORITHMS.md
120 // (last update: 6th June 2025 - matching oqs commit 9447f68)
121 HYBRID_X25519_eFRODOKEM_640_SHAKE_OQS = 0xFE05,
122 HYBRID_X25519_eFRODOKEM_640_AES_OQS = 0xFE02,
123
124 HYBRID_X448_eFRODOKEM_976_SHAKE_OQS = 0xFE0B,
125 HYBRID_X448_eFRODOKEM_976_AES_OQS = 0xFE08,
126
127 HYBRID_SECP256R1_eFRODOKEM_640_SHAKE_OQS = 0xFE04,
128 HYBRID_SECP256R1_eFRODOKEM_640_AES_OQS = 0xFE01,
129
130 HYBRID_SECP384R1_eFRODOKEM_976_SHAKE_OQS = 0xFE0A,
131 HYBRID_SECP384R1_eFRODOKEM_976_AES_OQS = 0xFE07,
132
133 HYBRID_SECP521R1_eFRODOKEM_1344_SHAKE_OQS = 0xFE0F,
134 HYBRID_SECP521R1_eFRODOKEM_1344_AES_OQS = 0xFE0D,
135};
136
137class BOTAN_PUBLIC_API(3, 2) Group_Params final {
138 public:
139 using enum Group_Params_Code;
140
141 constexpr Group_Params() : m_code(Group_Params_Code::NONE) {}
142
143 // NOLINTNEXTLINE(*-explicit-conversions)
144 constexpr Group_Params(Group_Params_Code code) : m_code(code) {}
145
146 // NOLINTNEXTLINE(*-explicit-conversions)
147 constexpr Group_Params(uint16_t code) : m_code(static_cast<Group_Params_Code>(code)) {}
148
149 /**
150 * @returns std::nullopt if an unknown name
151 */
152 static std::optional<Group_Params> from_string(std::string_view group_name);
153
154 constexpr bool operator==(Group_Params_Code code) const { return m_code == code; }
155
156 constexpr bool operator==(Group_Params other) const { return m_code == other.m_code; }
157
158 constexpr bool operator<(Group_Params other) const { return m_code < other.m_code; }
159
160 constexpr Group_Params_Code code() const { return m_code; }
161
162 constexpr uint16_t wire_code() const { return static_cast<uint16_t>(m_code); }
163
164 /**
165 * Returns false if this group/KEX is not available in the build configuration
166 */
167 bool is_available() const;
168
169 constexpr bool is_x25519() const { return m_code == Group_Params_Code::X25519; }
170
171 constexpr bool is_x448() const { return m_code == Group_Params_Code::X448; }
172
178
179 constexpr bool is_in_ffdhe_range() const {
180 // See RFC 7919
181 return wire_code() >= 256 && wire_code() < 512;
182 }
183
184 constexpr bool is_dh_named_group() const {
185 return m_code == Group_Params_Code::FFDHE_2048 || m_code == Group_Params_Code::FFDHE_3072 ||
186 m_code == Group_Params_Code::FFDHE_4096 || m_code == Group_Params_Code::FFDHE_6144 ||
187 m_code == Group_Params_Code::FFDHE_8192;
188 }
189
190 constexpr bool is_pure_ml_kem() const {
191 return m_code == Group_Params_Code::ML_KEM_512 || m_code == Group_Params_Code::ML_KEM_768 ||
192 m_code == Group_Params_Code::ML_KEM_1024;
193 }
194
203
204 constexpr bool is_pure_ecc_group() const { return is_x25519() || is_x448() || is_ecdh_named_curve(); }
205
214
220
233
234 constexpr bool is_pqc_hybrid() const { return is_pqc_hybrid_ml_kem() || is_pqc_hybrid_frodokem(); }
235
244
245 // If this is a pqc hybrid group, returns the ECC ID
246 std::optional<Group_Params_Code> pqc_hybrid_ecc() const;
247
248 // Returns std::nullopt if the param has no known name
249 std::optional<std::string> to_string() const;
250
251 private:
252 Group_Params_Code m_code;
253};
254
255enum class Kex_Algo : uint8_t {
256 STATIC_RSA,
257 DH,
258 ECDH,
259 PSK,
260 ECDHE_PSK,
261 DHE_PSK,
262 KEM,
263 KEM_PSK,
264 HYBRID,
265 HYBRID_PSK,
266
267 // To support TLS 1.3 ciphersuites, which do not determine the kex algo
268 UNDEFINED
269};
270
271std::string BOTAN_TEST_API kex_method_to_string(Kex_Algo method);
272Kex_Algo BOTAN_TEST_API kex_method_from_string(std::string_view str);
273
274inline bool key_exchange_is_psk(Kex_Algo m) {
275 return (m == Kex_Algo::PSK || m == Kex_Algo::ECDHE_PSK || m == Kex_Algo::DHE_PSK);
276}
277
278// As defined in RFC 8446 4.4.2
279enum class Certificate_Type : uint8_t { X509 = 0, RawPublicKey = 2 };
280
281std::string certificate_type_to_string(Certificate_Type type);
282Certificate_Type certificate_type_from_string(const std::string& type_str);
283
284} // namespace Botan::TLS
285
286#endif
BOTAN_DIAGNOSTIC_POP
#define BOTAN_DIAGNOSTIC_POP
Definition api.h:122
BOTAN_DIAGNOSTIC_PUSH
#define BOTAN_DIAGNOSTIC_PUSH
Definition api.h:119
BOTAN_DIAGNOSTIC_IGNORE_DEPRECATED_DECLARATIONS
#define BOTAN_DIAGNOSTIC_IGNORE_DEPRECATED_DECLARATIONS
Definition api.h:120
BOTAN_PUBLIC_API
#define BOTAN_PUBLIC_API(maj, min)
Definition api.h:21
BOTAN_TEST_API
#define BOTAN_TEST_API
Definition api.h:41
Botan::SHA_1
Definition sha1.h:18
Botan::SHA_256
Definition sha2_32.h:59
Botan::SHA_384
Definition sha2_64.h:18
Botan::TLS::Group_Params::operator==
constexpr bool operator==(Group_Params other) const
Definition tls_algos.h:156
Botan::TLS::Group_Params::is_dh_named_group
constexpr bool is_dh_named_group() const
Definition tls_algos.h:184
Botan::TLS::Group_Params::is_in_ffdhe_range
constexpr bool is_in_ffdhe_range() const
Definition tls_algos.h:179
Botan::TLS::Group_Params::operator<
constexpr bool operator<(Group_Params other) const
Definition tls_algos.h:158
Botan::TLS::Group_Params::is_pqc_hybrid
constexpr bool is_pqc_hybrid() const
Definition tls_algos.h:234
Botan::TLS::Group_Params::Group_Params
constexpr Group_Params()
Definition tls_algos.h:141
Botan::TLS::Group_Params::is_kem
constexpr bool is_kem() const
Definition tls_algos.h:236
Botan::TLS::Group_Params::is_post_quantum
constexpr bool is_post_quantum() const
Definition tls_algos.h:206
Botan::TLS::Group_Params::operator==
constexpr bool operator==(Group_Params_Code code) const
Definition tls_algos.h:154
Botan::TLS::Group_Params::is_ecdh_named_curve
constexpr bool is_ecdh_named_curve() const
Definition tls_algos.h:173
Botan::TLS::Group_Params::wire_code
constexpr uint16_t wire_code() const
Definition tls_algos.h:162
Botan::TLS::Group_Params::is_pure_frodokem
constexpr bool is_pure_frodokem() const
Definition tls_algos.h:195
Botan::TLS::Group_Params::code
constexpr Group_Params_Code code() const
Definition tls_algos.h:160
Botan::TLS::Group_Params::Group_Params
constexpr Group_Params(uint16_t code)
Definition tls_algos.h:147
Botan::TLS::Group_Params::is_pqc_hybrid_frodokem
constexpr bool is_pqc_hybrid_frodokem() const
Definition tls_algos.h:221
Botan::TLS::Group_Params::is_pure_ml_kem
constexpr bool is_pure_ml_kem() const
Definition tls_algos.h:190
Botan::TLS::Group_Params::Group_Params
constexpr Group_Params(Group_Params_Code code)
Definition tls_algos.h:144
Botan::TLS::Group_Params::is_pqc_hybrid_ml_kem
constexpr bool is_pqc_hybrid_ml_kem() const
Definition tls_algos.h:215
Botan::TLS::Group_Params::is_x448
constexpr bool is_x448() const
Definition tls_algos.h:171
Botan::TLS::Group_Params::is_pure_ecc_group
constexpr bool is_pure_ecc_group() const
Definition tls_algos.h:204
Botan::TLS::Group_Params::is_x25519
constexpr bool is_x25519() const
Definition tls_algos.h:169
BOTAN_DLL
#define BOTAN_DLL
Definition build.h:93
Botan::TLS::kex_method_from_string
Kex_Algo kex_method_from_string(std::string_view str)
Definition tls_algos.cpp:56
Botan::TLS::certificate_type_to_string
std::string certificate_type_to_string(Certificate_Type type)
Definition tls_algos.cpp:408
Botan::TLS::auth_method_from_string
Auth_Method auth_method_from_string(std::string_view str)
Definition tls_algos.cpp:119
Botan::TLS::kdf_algo_to_string
std::string kdf_algo_to_string(KDF_Algo algo)
Definition tls_algos.cpp:14
Botan::TLS::kex_method_to_string
std::string kex_method_to_string(Kex_Algo method)
Definition tls_algos.cpp:27
Botan::TLS::key_exchange_is_psk
bool key_exchange_is_psk(Kex_Algo m)
Definition tls_algos.h:274
Botan::TLS::auth_method_to_string
std::string auth_method_to_string(Auth_Method method)
Definition tls_algos.cpp:104
Botan::TLS::certificate_type_from_string
Certificate_Type certificate_type_from_string(const std::string &type_str)
Definition tls_algos.cpp:419
Botan::NONE
@ NONE
Definition filter.h:170
Botan::to_string
std::string to_string(ErrorType type)
Convert an ErrorType to string.
Definition exceptn.cpp:13
Generated by doxygen 1.15.0