1 /*
2 * (C) 2017 Jack Lloyd
3 *
4 * Botan is released under the Simplified BSD License (see license.txt)
5 */
6
7 #ifndef BOTAN_TLS_ALGO_IDS_H_
8 #define BOTAN_TLS_ALGO_IDS_H_
9
10 #include <botan/types.h>
11 #include <string>
12 #include <vector>
13
14 //BOTAN_FUTURE_INTERNAL_HEADER(tls_algos.h)
15
16 namespace Botan {
17
18 namespace TLS {
19
20 enum class Cipher_Algo {
21 CHACHA20_POLY1305,
22
23 AES_128_CBC_HMAC_SHA1 = 100,
24 AES_128_CBC_HMAC_SHA256,
25 AES_128_CCM,
26 AES_128_CCM_8,
27 AES_128_GCM,
28 AES_128_OCB,
29
30 AES_256_CBC_HMAC_SHA1 = 200,
31 AES_256_CBC_HMAC_SHA256,
32 AES_256_CBC_HMAC_SHA384,
33 AES_256_CCM,
34 AES_256_CCM_8,
35 AES_256_GCM,
36 AES_256_OCB,
37
38 CAMELLIA_128_CBC_HMAC_SHA1 = 300,
39 CAMELLIA_128_CBC_HMAC_SHA256,
40 CAMELLIA_128_GCM,
41
42 CAMELLIA_256_CBC_HMAC_SHA1 = 400,
43 CAMELLIA_256_CBC_HMAC_SHA256,
44 CAMELLIA_256_CBC_HMAC_SHA384,
45 CAMELLIA_256_GCM,
46
47 ARIA_128_GCM = 500,
48 ARIA_256_GCM,
49
50 DES_EDE_CBC_HMAC_SHA1 = 1000,
51 SEED_CBC_HMAC_SHA1,
52 };
53
54 enum class KDF_Algo {
55 SHA_1,
56 SHA_256,
57 SHA_384,
58 };
59
60 std::string BOTAN_DLL kdf_algo_to_string(KDF_Algo algo);
61
62 enum class Nonce_Format {
63 CBC_MODE,
64 AEAD_IMPLICIT_4,
65 AEAD_XOR_12,
66 };
67
68 // TODO encoding should match signature_algorithms extension
69 // TODO this should include hash etc as in TLS v1.3
70 enum class Auth_Method {
71 RSA,
72 DSA,
73 ECDSA,
74
75 // These are placed outside the encodable range
76 IMPLICIT = 0x10000,
77 ANONYMOUS
78 };
79
80 std::string BOTAN_TEST_API auth_method_to_string(Auth_Method method);
81 Auth_Method BOTAN_TEST_API auth_method_from_string(const std::string& str);
82
83 /*
84 * This matches the wire encoding
85 */
86 enum class Signature_Scheme : uint16_t {
87 NONE = 0x0000,
88
89 RSA_PKCS1_SHA1 = 0x0201,
90 RSA_PKCS1_SHA256 = 0x0401,
91 RSA_PKCS1_SHA384 = 0x0501,
92 RSA_PKCS1_SHA512 = 0x0601,
93
94 DSA_SHA1 = 0x0202,
95 DSA_SHA256 = 0x0402,
96 DSA_SHA384 = 0x0502,
97 DSA_SHA512 = 0x0602,
98
99 ECDSA_SHA1 = 0x0203,
100 ECDSA_SHA256 = 0x0403,
101 ECDSA_SHA384 = 0x0503,
102 ECDSA_SHA512 = 0x0603,
103
104 RSA_PSS_SHA256 = 0x0804,
105 RSA_PSS_SHA384 = 0x0805,
106 RSA_PSS_SHA512 = 0x0806,
107
108 EDDSA_25519 = 0x0807,
109 EDDSA_448 = 0x0808,
110 };
111
112 BOTAN_UNSTABLE_API const std::vector<Signature_Scheme>& all_signature_schemes();
113
114 bool BOTAN_UNSTABLE_API signature_scheme_is_known(Signature_Scheme scheme);
115 std::string BOTAN_UNSTABLE_API sig_scheme_to_string(Signature_Scheme scheme);
116 std::string BOTAN_UNSTABLE_API hash_function_of_scheme(Signature_Scheme scheme);
117 std::string BOTAN_UNSTABLE_API padding_string_for_scheme(Signature_Scheme scheme);
118 std::string signature_algorithm_of_scheme(Signature_Scheme scheme);
119
120 /*
121 * Matches with wire encoding
122 */
123 enum class Group_Params : uint16_t {
124 NONE = 0,
125
126 SECP256R1 = 23,
127 SECP384R1 = 24,
128 SECP521R1 = 25,
129 BRAINPOOL256R1 = 26,
130 BRAINPOOL384R1 = 27,
131 BRAINPOOL512R1 = 28,
132
133 X25519 = 29,
134
135 FFDHE_2048 = 256,
136 FFDHE_3072 = 257,
137 FFDHE_4096 = 258,
138 FFDHE_6144 = 259,
139 FFDHE_8192 = 260,
140 };
141
142 std::string group_param_to_string(Group_Params group);
143 Group_Params group_param_from_string(const std::string& group_name);
144 bool group_param_is_dh(Group_Params group);
145
146 enum class Kex_Algo {
147 STATIC_RSA,
148 DH,
149 ECDH,
150 CECPQ1,
151 SRP_SHA,
152 PSK,
153 DHE_PSK,
154 ECDHE_PSK,
155 };
156
157 std::string BOTAN_TEST_API kex_method_to_string(Kex_Algo method);
158 Kex_Algo BOTAN_TEST_API kex_method_from_string(const std::string& str);
159
key_exchange_is_psk(Kex_Algo m)160 inline bool key_exchange_is_psk(Kex_Algo m)
161 {
162 return (m == Kex_Algo::PSK ||
163 m == Kex_Algo::DHE_PSK ||
164 m == Kex_Algo::ECDHE_PSK);
165 }
166
167 }
168
169 }
170
171 #endif
172