doxygen/tls__ciphersuite_8h_source.html

 /*
 * TLS Cipher Suites
 * (C) 2004-2011,2012 Jack Lloyd
 *
 * Botan is released under the Simplified BSD License (see license.txt)
 */

 #ifndef BOTAN_TLS_CIPHER_SUITES_H_
 #define BOTAN_TLS_CIPHER_SUITES_H_

 #include <botan/types.h>
 #include <botan/tls_algos.h>
 #include <botan/tls_version.h>
 #include <string>
 #include <vector>

 namespace Botan {

 namespace TLS {

 /**
 * Ciphersuite Information
 */
 class BOTAN_PUBLIC_API(2,0) Ciphersuite final
    {
    public:
       /**
       * Convert an SSL/TLS ciphersuite to algorithm fields
       * @param suite the ciphersuite code number
       * @return ciphersuite object
       */
       static Ciphersuite by_id(uint16_t suite);

       /**
       * Convert an SSL/TLS ciphersuite name to algorithm fields
       * @param name the IANA name for the desired ciphersuite
       * @return ciphersuite object
       */
       static Ciphersuite from_name(const std::string& name);

       /**
       * Returns true iff this suite is a known SCSV
       */
       static bool is_scsv(uint16_t suite);

       /**
       * Generate a static list of all known ciphersuites and return it.
       *
       * @return list of all known ciphersuites
       */
       static const std::vector<Ciphersuite>& all_known_ciphersuites();

       /**
       * Formats the ciphersuite back to an RFC-style ciphersuite string
       * @return RFC ciphersuite string identifier
       */
       std::string to_string() const { return m_iana_id; }

       /**
       * @return ciphersuite number
       */
       uint16_t ciphersuite_code() const { return m_ciphersuite_code; }

       /**
       * @return true if this is a PSK ciphersuite
       */
       bool psk_ciphersuite() const;

       /**
       * @return true if this is an ECC ciphersuite
       */
       bool ecc_ciphersuite() const;

       /**
        * @return true if this suite uses a CBC cipher
        */
       bool cbc_ciphersuite() const;

       bool signature_used() const;

       /**
       * @return key exchange algorithm used by this ciphersuite
       */
       std::string kex_algo() const { return kex_method_to_string(kex_method()); }

       Kex_Algo kex_method() const { return m_kex_algo; }

       /**
       * @return signature algorithm used by this ciphersuite
       */
       std::string sig_algo() const { return auth_method_to_string(auth_method()); }

       Auth_Method auth_method() const { return m_auth_method; }

       /**
       * @return symmetric cipher algorithm used by this ciphersuite
       */
       std::string cipher_algo() const { return m_cipher_algo; }

       /**
       * @return message authentication algorithm used by this ciphersuite
       */
       std::string mac_algo() const { return m_mac_algo; }

       std::string prf_algo() const
          {
          return kdf_algo_to_string(m_prf_algo);
          }

       /**
       * @return cipher key length used by this ciphersuite
       */
       size_t cipher_keylen() const { return m_cipher_keylen; }

       size_t nonce_bytes_from_handshake() const;

       size_t nonce_bytes_from_record(Protocol_Version version) const;

       Nonce_Format nonce_format() const { return m_nonce_format; }

       size_t mac_keylen() const { return m_mac_keylen; }

       /**
       * @return true if this is a valid/known ciphersuite
       */
       bool valid() const { return m_usable; }

       bool usable_in_version(Protocol_Version version) const;

       bool operator<(const Ciphersuite& o) const { return ciphersuite_code() < o.ciphersuite_code(); }
       bool operator<(const uint16_t c) const { return ciphersuite_code() < c; }

       Ciphersuite() = default;

    private:

       bool is_usable() const;

       Ciphersuite(uint16_t ciphersuite_code,
                   const char* iana_id,
                   Auth_Method auth_method,
                   Kex_Algo kex_algo,
                   const char* cipher_algo,
                   size_t cipher_keylen,
                   const char* mac_algo,
                   size_t mac_keylen,
                   KDF_Algo prf_algo,
                   Nonce_Format nonce_format) :
          m_ciphersuite_code(ciphersuite_code),
          m_iana_id(iana_id),
          m_auth_method(auth_method),
          m_kex_algo(kex_algo),
          m_prf_algo(prf_algo),
          m_nonce_format(nonce_format),
          m_cipher_algo(cipher_algo),
          m_mac_algo(mac_algo),
          m_cipher_keylen(cipher_keylen),
          m_mac_keylen(mac_keylen)
          {
          m_usable = is_usable();
          }

       uint16_t m_ciphersuite_code = 0;

       /*
       All of these const char* strings are references to compile time
       constants in tls_suite_info.cpp
       */
       const char* m_iana_id = nullptr;

       Auth_Method m_auth_method = Auth_Method::ANONYMOUS;
       Kex_Algo m_kex_algo = Kex_Algo::STATIC_RSA;
       KDF_Algo m_prf_algo = KDF_Algo::SHA_1;
       Nonce_Format m_nonce_format = Nonce_Format::CBC_MODE;

       const char* m_cipher_algo = nullptr;
       const char* m_mac_algo = nullptr;

       size_t m_cipher_keylen = 0;
       size_t m_mac_keylen = 0;

       bool m_usable = false;
    };

 }

 }

 #endif
Botan::TLS::Ciphersuite::mac_algo
std::string mac_algo() const
Definition: tls_ciphersuite.h:103

Botan::TLS::KDF_Algo
KDF_Algo
Definition: tls_algos.h:54

Botan::TLS::Ciphersuite::mac_keylen
size_t mac_keylen() const
Definition: tls_ciphersuite.h:121

Botan::TLS::Auth_Method
Auth_Method
Definition: tls_algos.h:70

Botan::TLS::Ciphersuite::prf_algo
std::string prf_algo() const
Definition: tls_ciphersuite.h:105

Botan::TLS::Ciphersuite::kex_algo
std::string kex_algo() const
Definition: tls_ciphersuite.h:84

Botan::TLS::Ciphersuite::auth_method
Auth_Method auth_method() const
Definition: tls_ciphersuite.h:93

final
int(* final)(unsigned char *, CTX *)
Definition: commoncrypto_hash.cpp:28

BOTAN_PUBLIC_API
#define BOTAN_PUBLIC_API(maj, min)
Definition: compiler.h:31

Botan::TLS::kex_method_to_string
std::string kex_method_to_string(Kex_Algo method)
Definition: tls_algos.cpp:29

Botan::TLS::Ciphersuite::kex_method
Kex_Algo kex_method() const
Definition: tls_ciphersuite.h:86

Botan::TLS::Auth_Method::ANONYMOUS

Botan::TLS::Protocol_Version
Definition: tls_version.h:21

Botan::TLS::Ciphersuite
Definition: tls_ciphersuite.h:24

Botan::TLS::Ciphersuite::nonce_format
Nonce_Format nonce_format() const
Definition: tls_ciphersuite.h:119

Botan::TLS::Ciphersuite::ciphersuite_code
uint16_t ciphersuite_code() const
Definition: tls_ciphersuite.h:62

Botan::TLS::Ciphersuite::cipher_keylen
size_t cipher_keylen() const
Definition: tls_ciphersuite.h:113

name
std::string name
Definition: commoncrypto_hash.cpp:23

Botan::TLS::Nonce_Format::CBC_MODE

Botan
Definition: alg_id.cpp:13

Botan::TLS::Kex_Algo::STATIC_RSA

Botan::TLS::KDF_Algo::SHA_1

Botan::TLS::auth_method_to_string
std::string auth_method_to_string(Auth_Method method)
Definition: tls_algos.cpp:83

Botan::TLS::Ciphersuite::to_string
std::string to_string() const
Definition: tls_ciphersuite.h:57

Botan::TLS::Ciphersuite::sig_algo
std::string sig_algo() const
Definition: tls_ciphersuite.h:91

Botan::TLS::kdf_algo_to_string
std::string kdf_algo_to_string(KDF_Algo algo)
Definition: tls_algos.cpp:14

Botan::TLS::Ciphersuite::operator<
bool operator<(const Ciphersuite &o) const
Definition: tls_ciphersuite.h:130

Botan::TLS::Nonce_Format
Nonce_Format
Definition: tls_algos.h:62

Botan::TLS::Kex_Algo
Kex_Algo
Definition: tls_algos.h:146

Botan::TLS::Ciphersuite::cipher_algo
std::string cipher_algo() const
Definition: tls_ciphersuite.h:98

Botan::TLS::Ciphersuite::operator<
bool operator<(const uint16_t c) const
Definition: tls_ciphersuite.h:131

Botan::TLS::Ciphersuite::valid
bool valid() const
Definition: tls_ciphersuite.h:126