Botan  2.4.0
Crypto and TLS for C++11
tls_ciphersuite.h
Go to the documentation of this file.
1 /*
2 * TLS Cipher Suites
3 * (C) 2004-2011,2012 Jack Lloyd
4 *
5 * Botan is released under the Simplified BSD License (see license.txt)
6 */
7 
8 #ifndef BOTAN_TLS_CIPHER_SUITES_H_
9 #define BOTAN_TLS_CIPHER_SUITES_H_
10 
11 #include <botan/types.h>
12 #include <string>
13 #include <vector>
14 
15 namespace Botan {
16 
17 namespace TLS {
18 
19 /**
20 * Ciphersuite Information
21 */
22 class BOTAN_PUBLIC_API(2,0) Ciphersuite final
23  {
24  public:
25  /**
26  * Convert an SSL/TLS ciphersuite to algorithm fields
27  * @param suite the ciphersuite code number
28  * @return ciphersuite object
29  */
30  static Ciphersuite by_id(uint16_t suite);
31 
32  /**
33  * Returns true iff this suite is a known SCSV
34  */
35  static bool is_scsv(uint16_t suite);
36 
37  /**
38  * Generate a static list of all known ciphersuites and return it.
39  *
40  * @return list of all known ciphersuites
41  */
42  static const std::vector<Ciphersuite>& all_known_ciphersuites();
43 
44  /**
45  * Formats the ciphersuite back to an RFC-style ciphersuite string
46  * @return RFC ciphersuite string identifier
47  */
48  std::string to_string() const { return m_iana_id; }
49 
50  /**
51  * @return ciphersuite number
52  */
53  uint16_t ciphersuite_code() const { return m_ciphersuite_code; }
54 
55  /**
56  * @return true if this is a PSK ciphersuite
57  */
58  bool psk_ciphersuite() const;
59 
60  /**
61  * @return true if this is an ECC ciphersuite
62  */
63  bool ecc_ciphersuite() const;
64 
65  /**
66  * @return true if this suite uses a CBC cipher
67  */
68  bool cbc_ciphersuite() const;
69 
70  /**
71  * @return key exchange algorithm used by this ciphersuite
72  */
73  std::string kex_algo() const { return m_kex_algo; }
74 
75  /**
76  * @return signature algorithm used by this ciphersuite
77  */
78  std::string sig_algo() const { return m_sig_algo; }
79 
80  /**
81  * @return symmetric cipher algorithm used by this ciphersuite
82  */
83  std::string cipher_algo() const { return m_cipher_algo; }
84 
85  /**
86  * @return message authentication algorithm used by this ciphersuite
87  */
88  std::string mac_algo() const { return m_mac_algo; }
89 
90  std::string prf_algo() const
91  {
92  if(m_prf_algo && *m_prf_algo)
93  return m_prf_algo;
94  return m_mac_algo;
95  }
96 
97  /**
98  * @return cipher key length used by this ciphersuite
99  */
100  size_t cipher_keylen() const { return m_cipher_keylen; }
101 
102  size_t nonce_bytes_from_record() const { return m_nonce_bytes_from_record; }
103 
104  size_t nonce_bytes_from_handshake() const { return m_nonce_bytes_from_handshake; }
105 
106  size_t mac_keylen() const { return m_mac_keylen; }
107 
108  /**
109  * @return true if this is a valid/known ciphersuite
110  */
111  bool valid() const { return m_usable; }
112 
113  bool operator<(const Ciphersuite& o) const { return ciphersuite_code() < o.ciphersuite_code(); }
114  bool operator<(const uint16_t c) const { return ciphersuite_code() < c; }
115 
116  Ciphersuite() = default;
117 
118  private:
119 
120  bool is_usable() const;
121 
122  Ciphersuite(uint16_t ciphersuite_code,
123  const char* iana_id,
124  const char* sig_algo,
125  const char* kex_algo,
126  const char* cipher_algo,
127  size_t cipher_keylen,
128  size_t nonce_bytes_from_handshake,
129  size_t nonce_bytes_from_record,
130  const char* mac_algo,
131  size_t mac_keylen,
132  const char* prf_algo) :
133  m_ciphersuite_code(ciphersuite_code),
134  m_iana_id(iana_id),
135  m_sig_algo(sig_algo),
136  m_kex_algo(kex_algo),
137  m_prf_algo(prf_algo),
138  m_cipher_algo(cipher_algo),
139  m_mac_algo(mac_algo),
140  m_cipher_keylen(cipher_keylen),
141  m_nonce_bytes_from_handshake(nonce_bytes_from_handshake),
142  m_nonce_bytes_from_record(nonce_bytes_from_record),
143  m_mac_keylen(mac_keylen)
144  {
145  m_usable = is_usable();
146  }
147 
148  uint16_t m_ciphersuite_code = 0;
149 
150  /*
151  All of these const char* strings are references to compile time
152  constants in tls_suite_info.cpp
153  */
154  const char* m_iana_id = nullptr;
155 
156  const char* m_sig_algo = nullptr;
157  const char* m_kex_algo = nullptr;
158  const char* m_prf_algo = nullptr;
159 
160  const char* m_cipher_algo = nullptr;
161  const char* m_mac_algo = nullptr;
162 
163  size_t m_cipher_keylen = 0;
164  size_t m_nonce_bytes_from_handshake = 0;
165  size_t m_nonce_bytes_from_record = 0;
166  size_t m_mac_keylen = 0;
167 
168  bool m_usable = false;
169  };
170 
171 }
172 
173 }
174 
175 #endif
std::string mac_algo() const
size_t nonce_bytes_from_record() const
std::string prf_algo() const
std::string kex_algo() const
#define BOTAN_PUBLIC_API(maj, min)
Definition: compiler.h:27
uint16_t ciphersuite_code() const
size_t cipher_keylen() const
size_t nonce_bytes_from_handshake() const
Definition: alg_id.cpp:13
std::string to_string() const
std::string sig_algo() const
bool operator<(const Ciphersuite &o) const
std::string cipher_algo() const
bool operator<(const uint16_t c) const