Botan  1.11.15
Public Member Functions | Static Public Member Functions
Botan::TLS::Ciphersuite Class Reference

#include <tls_ciphersuite.h>

List of all members.

Public Member Functions

const std::string & cipher_algo () const
size_t cipher_keylen () const
 Ciphersuite ()
u16bit ciphersuite_code () const
bool ecc_ciphersuite () const
const std::string & kex_algo () const
const std::string & mac_algo () const
size_t mac_keylen () const
size_t nonce_bytes_from_handshake () const
size_t nonce_bytes_from_record () const
const std::string & prf_algo () const
bool psk_ciphersuite () const
const std::string & sig_algo () const
std::string to_string () const
bool valid () const

Static Public Member Functions

static const std::vector
< Ciphersuite > & 
all_known_ciphersuites ()
static Ciphersuite by_id (u16bit suite)
static Ciphersuite by_name (const std::string &name)
static bool is_scsv (u16bit suite)

Detailed Description

Ciphersuite Information

Definition at line 22 of file tls_ciphersuite.h.


Constructor & Destructor Documentation

Definition at line 113 of file tls_ciphersuite.h.

Referenced by by_id(), and by_name().

{}

Member Function Documentation

const std::vector< Ciphersuite > & Botan::TLS::Ciphersuite::all_known_ciphersuites ( ) [static]

Generate a static list of all known ciphersuites and return it.

Returns:
list of all known ciphersuites

Definition at line 45 of file tls_ciphersuite.cpp.

Referenced by by_name(), and Botan::TLS::Policy::ciphersuite_list().

   {
   static std::vector<Ciphersuite> all_ciphersuites(gather_known_ciphersuites());
   return all_ciphersuites;
   }

Convert an SSL/TLS ciphersuite to algorithm fields

Parameters:
suitethe ciphersuite code number
Returns:
ciphersuite object

Definition at line 17 of file tls_suite_info.cpp.

References Ciphersuite().

Referenced by Botan::TLS::Session::ciphersuite(), and Botan::TLS::Handshake_State::server_hello().

   {
   switch(suite)
      {
      case 0x0013: // DHE_DSS_WITH_3DES_EDE_CBC_SHA
         return Ciphersuite(0x0013, "DSA", "DH", "3DES", 24, 8, 0, "SHA-1", 20);

      case 0x0032: // DHE_DSS_WITH_AES_128_CBC_SHA
         return Ciphersuite(0x0032, "DSA", "DH", "AES-128", 16, 16, 0, "SHA-1", 20);

      case 0x0040: // DHE_DSS_WITH_AES_128_CBC_SHA256
         return Ciphersuite(0x0040, "DSA", "DH", "AES-128", 16, 16, 0, "SHA-256", 32);

      case 0x00A2: // DHE_DSS_WITH_AES_128_GCM_SHA256
         return Ciphersuite(0x00A2, "DSA", "DH", "AES-128/GCM", 16, 4, 8, "AEAD", 0, "SHA-256");

      case 0x0038: // DHE_DSS_WITH_AES_256_CBC_SHA
         return Ciphersuite(0x0038, "DSA", "DH", "AES-256", 32, 16, 0, "SHA-1", 20);

      case 0x006A: // DHE_DSS_WITH_AES_256_CBC_SHA256
         return Ciphersuite(0x006A, "DSA", "DH", "AES-256", 32, 16, 0, "SHA-256", 32);

      case 0x00A3: // DHE_DSS_WITH_AES_256_GCM_SHA384
         return Ciphersuite(0x00A3, "DSA", "DH", "AES-256/GCM", 32, 4, 8, "AEAD", 0, "SHA-384");

      case 0x0044: // DHE_DSS_WITH_CAMELLIA_128_CBC_SHA
         return Ciphersuite(0x0044, "DSA", "DH", "Camellia-128", 16, 16, 0, "SHA-1", 20);

      case 0x00BD: // DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256
         return Ciphersuite(0x00BD, "DSA", "DH", "Camellia-128", 16, 16, 0, "SHA-256", 32);

      case 0xC080: // DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256
         return Ciphersuite(0xC080, "DSA", "DH", "Camellia-128/GCM", 16, 4, 8, "AEAD", 0, "SHA-256");

      case 0x0087: // DHE_DSS_WITH_CAMELLIA_256_CBC_SHA
         return Ciphersuite(0x0087, "DSA", "DH", "Camellia-256", 32, 16, 0, "SHA-1", 20);

      case 0x00C3: // DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256
         return Ciphersuite(0x00C3, "DSA", "DH", "Camellia-256", 32, 16, 0, "SHA-256", 32);

      case 0xC081: // DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384
         return Ciphersuite(0xC081, "DSA", "DH", "Camellia-256/GCM", 32, 4, 8, "AEAD", 0, "SHA-384");

      case 0x0066: // DHE_DSS_WITH_RC4_128_SHA
         return Ciphersuite(0x0066, "DSA", "DH", "RC4", 16, 0, 0, "SHA-1", 20);

      case 0x0099: // DHE_DSS_WITH_SEED_CBC_SHA
         return Ciphersuite(0x0099, "DSA", "DH", "SEED", 16, 16, 0, "SHA-1", 20);

      case 0x008F: // DHE_PSK_WITH_3DES_EDE_CBC_SHA
         return Ciphersuite(0x008F, "", "DHE_PSK", "3DES", 24, 8, 0, "SHA-1", 20);

      case 0x0090: // DHE_PSK_WITH_AES_128_CBC_SHA
         return Ciphersuite(0x0090, "", "DHE_PSK", "AES-128", 16, 16, 0, "SHA-1", 20);

      case 0x00B2: // DHE_PSK_WITH_AES_128_CBC_SHA256
         return Ciphersuite(0x00B2, "", "DHE_PSK", "AES-128", 16, 16, 0, "SHA-256", 32);

      case 0xC0A6: // DHE_PSK_WITH_AES_128_CCM
         return Ciphersuite(0xC0A6, "", "DHE_PSK", "AES-128/CCM", 16, 4, 8, "AEAD", 0, "SHA-256");

      case 0x00AA: // DHE_PSK_WITH_AES_128_GCM_SHA256
         return Ciphersuite(0x00AA, "", "DHE_PSK", "AES-128/GCM", 16, 4, 8, "AEAD", 0, "SHA-256");

      case 0xFFFA: // DHE_PSK_WITH_AES_128_OCB_SHA256
         return Ciphersuite(0xFFFA, "", "DHE_PSK", "AES-128/OCB(12)", 16, 4, 0, "AEAD", 0, "SHA-256");

      case 0x0091: // DHE_PSK_WITH_AES_256_CBC_SHA
         return Ciphersuite(0x0091, "", "DHE_PSK", "AES-256", 32, 16, 0, "SHA-1", 20);

      case 0x00B3: // DHE_PSK_WITH_AES_256_CBC_SHA384
         return Ciphersuite(0x00B3, "", "DHE_PSK", "AES-256", 32, 16, 0, "SHA-384", 48);

      case 0xC0A7: // DHE_PSK_WITH_AES_256_CCM
         return Ciphersuite(0xC0A7, "", "DHE_PSK", "AES-256/CCM", 32, 4, 8, "AEAD", 0, "SHA-256");

      case 0x00AB: // DHE_PSK_WITH_AES_256_GCM_SHA384
         return Ciphersuite(0x00AB, "", "DHE_PSK", "AES-256/GCM", 32, 4, 8, "AEAD", 0, "SHA-384");

      case 0xFFFB: // DHE_PSK_WITH_AES_256_OCB_SHA256
         return Ciphersuite(0xFFFB, "", "DHE_PSK", "AES-256/OCB(12)", 32, 4, 0, "AEAD", 0, "SHA-256");

      case 0xC096: // DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
         return Ciphersuite(0xC096, "", "DHE_PSK", "Camellia-128", 16, 16, 0, "SHA-256", 32);

      case 0xC090: // DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256
         return Ciphersuite(0xC090, "", "DHE_PSK", "Camellia-128/GCM", 16, 4, 8, "AEAD", 0, "SHA-256");

      case 0xC097: // DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
         return Ciphersuite(0xC097, "", "DHE_PSK", "Camellia-256", 32, 16, 0, "SHA-384", 48);

      case 0xC091: // DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384
         return Ciphersuite(0xC091, "", "DHE_PSK", "Camellia-256/GCM", 32, 4, 8, "AEAD", 0, "SHA-384");

      case 0x008E: // DHE_PSK_WITH_RC4_128_SHA
         return Ciphersuite(0x008E, "", "DHE_PSK", "RC4", 16, 0, 0, "SHA-1", 20);

      case 0x0016: // DHE_RSA_WITH_3DES_EDE_CBC_SHA
         return Ciphersuite(0x0016, "RSA", "DH", "3DES", 24, 8, 0, "SHA-1", 20);

      case 0x0033: // DHE_RSA_WITH_AES_128_CBC_SHA
         return Ciphersuite(0x0033, "RSA", "DH", "AES-128", 16, 16, 0, "SHA-1", 20);

      case 0x0067: // DHE_RSA_WITH_AES_128_CBC_SHA256
         return Ciphersuite(0x0067, "RSA", "DH", "AES-128", 16, 16, 0, "SHA-256", 32);

      case 0xC09E: // DHE_RSA_WITH_AES_128_CCM
         return Ciphersuite(0xC09E, "RSA", "DH", "AES-128/CCM", 16, 4, 8, "AEAD", 0, "SHA-256");

      case 0xC0A2: // DHE_RSA_WITH_AES_128_CCM_8
         return Ciphersuite(0xC0A2, "RSA", "DH", "AES-128/CCM(8)", 16, 4, 8, "AEAD", 0, "SHA-256");

      case 0x009E: // DHE_RSA_WITH_AES_128_GCM_SHA256
         return Ciphersuite(0x009E, "RSA", "DH", "AES-128/GCM", 16, 4, 8, "AEAD", 0, "SHA-256");

      case 0xFFF4: // DHE_RSA_WITH_AES_128_OCB_SHA256
         return Ciphersuite(0xFFF4, "RSA", "DH", "AES-128/OCB(12)", 16, 4, 0, "AEAD", 0, "SHA-256");

      case 0x0039: // DHE_RSA_WITH_AES_256_CBC_SHA
         return Ciphersuite(0x0039, "RSA", "DH", "AES-256", 32, 16, 0, "SHA-1", 20);

      case 0x006B: // DHE_RSA_WITH_AES_256_CBC_SHA256
         return Ciphersuite(0x006B, "RSA", "DH", "AES-256", 32, 16, 0, "SHA-256", 32);

      case 0xC09F: // DHE_RSA_WITH_AES_256_CCM
         return Ciphersuite(0xC09F, "RSA", "DH", "AES-256/CCM", 32, 4, 8, "AEAD", 0, "SHA-256");

      case 0xC0A3: // DHE_RSA_WITH_AES_256_CCM_8
         return Ciphersuite(0xC0A3, "RSA", "DH", "AES-256/CCM(8)", 32, 4, 8, "AEAD", 0, "SHA-256");

      case 0x009F: // DHE_RSA_WITH_AES_256_GCM_SHA384
         return Ciphersuite(0x009F, "RSA", "DH", "AES-256/GCM", 32, 4, 8, "AEAD", 0, "SHA-384");

      case 0xFFF5: // DHE_RSA_WITH_AES_256_OCB_SHA256
         return Ciphersuite(0xFFF5, "RSA", "DH", "AES-256/OCB(12)", 32, 4, 0, "AEAD", 0, "SHA-256");

      case 0x0045: // DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
         return Ciphersuite(0x0045, "RSA", "DH", "Camellia-128", 16, 16, 0, "SHA-1", 20);

      case 0x00BE: // DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
         return Ciphersuite(0x00BE, "RSA", "DH", "Camellia-128", 16, 16, 0, "SHA-256", 32);

      case 0xC07C: // DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
         return Ciphersuite(0xC07C, "RSA", "DH", "Camellia-128/GCM", 16, 4, 8, "AEAD", 0, "SHA-256");

      case 0x0088: // DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
         return Ciphersuite(0x0088, "RSA", "DH", "Camellia-256", 32, 16, 0, "SHA-1", 20);

      case 0x00C4: // DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
         return Ciphersuite(0x00C4, "RSA", "DH", "Camellia-256", 32, 16, 0, "SHA-256", 32);

      case 0xC07D: // DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
         return Ciphersuite(0xC07D, "RSA", "DH", "Camellia-256/GCM", 32, 4, 8, "AEAD", 0, "SHA-384");

      case 0xCC15: // DHE_RSA_WITH_CHACHA20_POLY1305_SHA256
         return Ciphersuite(0xCC15, "RSA", "DH", "ChaCha20Poly1305", 32, 0, 0, "AEAD", 0, "SHA-256");

      case 0x009A: // DHE_RSA_WITH_SEED_CBC_SHA
         return Ciphersuite(0x009A, "RSA", "DH", "SEED", 16, 16, 0, "SHA-1", 20);

      case 0x001B: // DH_anon_WITH_3DES_EDE_CBC_SHA
         return Ciphersuite(0x001B, "", "DH", "3DES", 24, 8, 0, "SHA-1", 20);

      case 0x0034: // DH_anon_WITH_AES_128_CBC_SHA
         return Ciphersuite(0x0034, "", "DH", "AES-128", 16, 16, 0, "SHA-1", 20);

      case 0x006C: // DH_anon_WITH_AES_128_CBC_SHA256
         return Ciphersuite(0x006C, "", "DH", "AES-128", 16, 16, 0, "SHA-256", 32);

      case 0x00A6: // DH_anon_WITH_AES_128_GCM_SHA256
         return Ciphersuite(0x00A6, "", "DH", "AES-128/GCM", 16, 4, 8, "AEAD", 0, "SHA-256");

      case 0x003A: // DH_anon_WITH_AES_256_CBC_SHA
         return Ciphersuite(0x003A, "", "DH", "AES-256", 32, 16, 0, "SHA-1", 20);

      case 0x006D: // DH_anon_WITH_AES_256_CBC_SHA256
         return Ciphersuite(0x006D, "", "DH", "AES-256", 32, 16, 0, "SHA-256", 32);

      case 0x00A7: // DH_anon_WITH_AES_256_GCM_SHA384
         return Ciphersuite(0x00A7, "", "DH", "AES-256/GCM", 32, 4, 8, "AEAD", 0, "SHA-384");

      case 0x0046: // DH_anon_WITH_CAMELLIA_128_CBC_SHA
         return Ciphersuite(0x0046, "", "DH", "Camellia-128", 16, 16, 0, "SHA-1", 20);

      case 0x00BF: // DH_anon_WITH_CAMELLIA_128_CBC_SHA256
         return Ciphersuite(0x00BF, "", "DH", "Camellia-128", 16, 16, 0, "SHA-256", 32);

      case 0xC084: // DH_anon_WITH_CAMELLIA_128_GCM_SHA256
         return Ciphersuite(0xC084, "", "DH", "Camellia-128/GCM", 16, 4, 8, "AEAD", 0, "SHA-256");

      case 0x0089: // DH_anon_WITH_CAMELLIA_256_CBC_SHA
         return Ciphersuite(0x0089, "", "DH", "Camellia-256", 32, 16, 0, "SHA-1", 20);

      case 0x00C5: // DH_anon_WITH_CAMELLIA_256_CBC_SHA256
         return Ciphersuite(0x00C5, "", "DH", "Camellia-256", 32, 16, 0, "SHA-256", 32);

      case 0xC085: // DH_anon_WITH_CAMELLIA_256_GCM_SHA384
         return Ciphersuite(0xC085, "", "DH", "Camellia-256/GCM", 32, 4, 8, "AEAD", 0, "SHA-384");

      case 0x0018: // DH_anon_WITH_RC4_128_MD5
         return Ciphersuite(0x0018, "", "DH", "RC4", 16, 0, 0, "MD5", 16);

      case 0x009B: // DH_anon_WITH_SEED_CBC_SHA
         return Ciphersuite(0x009B, "", "DH", "SEED", 16, 16, 0, "SHA-1", 20);

      case 0xC008: // ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
         return Ciphersuite(0xC008, "ECDSA", "ECDH", "3DES", 24, 8, 0, "SHA-1", 20);

      case 0xC009: // ECDHE_ECDSA_WITH_AES_128_CBC_SHA
         return Ciphersuite(0xC009, "ECDSA", "ECDH", "AES-128", 16, 16, 0, "SHA-1", 20);

      case 0xC023: // ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
         return Ciphersuite(0xC023, "ECDSA", "ECDH", "AES-128", 16, 16, 0, "SHA-256", 32);

      case 0xC0AC: // ECDHE_ECDSA_WITH_AES_128_CCM
         return Ciphersuite(0xC0AC, "ECDSA", "ECDH", "AES-128/CCM", 16, 4, 8, "AEAD", 0, "SHA-256");

      case 0xC0AE: // ECDHE_ECDSA_WITH_AES_128_CCM_8
         return Ciphersuite(0xC0AE, "ECDSA", "ECDH", "AES-128/CCM(8)", 16, 4, 8, "AEAD", 0, "SHA-256");

      case 0xC02B: // ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
         return Ciphersuite(0xC02B, "ECDSA", "ECDH", "AES-128/GCM", 16, 4, 8, "AEAD", 0, "SHA-256");

      case 0xFFF2: // ECDHE_ECDSA_WITH_AES_128_OCB_SHA256
         return Ciphersuite(0xFFF2, "ECDSA", "ECDH", "AES-128/OCB(12)", 16, 4, 0, "AEAD", 0, "SHA-256");

      case 0xC00A: // ECDHE_ECDSA_WITH_AES_256_CBC_SHA
         return Ciphersuite(0xC00A, "ECDSA", "ECDH", "AES-256", 32, 16, 0, "SHA-1", 20);

      case 0xC024: // ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
         return Ciphersuite(0xC024, "ECDSA", "ECDH", "AES-256", 32, 16, 0, "SHA-384", 48);

      case 0xC0AD: // ECDHE_ECDSA_WITH_AES_256_CCM
         return Ciphersuite(0xC0AD, "ECDSA", "ECDH", "AES-256/CCM", 32, 4, 8, "AEAD", 0, "SHA-256");

      case 0xC0AF: // ECDHE_ECDSA_WITH_AES_256_CCM_8
         return Ciphersuite(0xC0AF, "ECDSA", "ECDH", "AES-256/CCM(8)", 32, 4, 8, "AEAD", 0, "SHA-256");

      case 0xC02C: // ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
         return Ciphersuite(0xC02C, "ECDSA", "ECDH", "AES-256/GCM", 32, 4, 8, "AEAD", 0, "SHA-384");

      case 0xFFF3: // ECDHE_ECDSA_WITH_AES_256_OCB_SHA256
         return Ciphersuite(0xFFF3, "ECDSA", "ECDH", "AES-256/OCB(12)", 32, 4, 0, "AEAD", 0, "SHA-256");

      case 0xC072: // ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
         return Ciphersuite(0xC072, "ECDSA", "ECDH", "Camellia-128", 16, 16, 0, "SHA-256", 32);

      case 0xC086: // ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
         return Ciphersuite(0xC086, "ECDSA", "ECDH", "Camellia-128/GCM", 16, 4, 8, "AEAD", 0, "SHA-256");

      case 0xC073: // ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
         return Ciphersuite(0xC073, "ECDSA", "ECDH", "Camellia-256", 32, 16, 0, "SHA-384", 48);

      case 0xC087: // ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
         return Ciphersuite(0xC087, "ECDSA", "ECDH", "Camellia-256/GCM", 32, 4, 8, "AEAD", 0, "SHA-384");

      case 0xCC14: // ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
         return Ciphersuite(0xCC14, "ECDSA", "ECDH", "ChaCha20Poly1305", 32, 0, 0, "AEAD", 0, "SHA-256");

      case 0xC007: // ECDHE_ECDSA_WITH_RC4_128_SHA
         return Ciphersuite(0xC007, "ECDSA", "ECDH", "RC4", 16, 0, 0, "SHA-1", 20);

      case 0xC034: // ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
         return Ciphersuite(0xC034, "", "ECDHE_PSK", "3DES", 24, 8, 0, "SHA-1", 20);

      case 0xC035: // ECDHE_PSK_WITH_AES_128_CBC_SHA
         return Ciphersuite(0xC035, "", "ECDHE_PSK", "AES-128", 16, 16, 0, "SHA-1", 20);

      case 0xC037: // ECDHE_PSK_WITH_AES_128_CBC_SHA256
         return Ciphersuite(0xC037, "", "ECDHE_PSK", "AES-128", 16, 16, 0, "SHA-256", 32);

      case 0xFFF8: // ECDHE_PSK_WITH_AES_128_OCB_SHA256
         return Ciphersuite(0xFFF8, "", "ECDHE_PSK", "AES-128/OCB(12)", 16, 4, 0, "AEAD", 0, "SHA-256");

      case 0xC036: // ECDHE_PSK_WITH_AES_256_CBC_SHA
         return Ciphersuite(0xC036, "", "ECDHE_PSK", "AES-256", 32, 16, 0, "SHA-1", 20);

      case 0xC038: // ECDHE_PSK_WITH_AES_256_CBC_SHA384
         return Ciphersuite(0xC038, "", "ECDHE_PSK", "AES-256", 32, 16, 0, "SHA-384", 48);

      case 0xFFF9: // ECDHE_PSK_WITH_AES_256_OCB_SHA256
         return Ciphersuite(0xFFF9, "", "ECDHE_PSK", "AES-256/OCB(12)", 32, 4, 0, "AEAD", 0, "SHA-256");

      case 0xC09A: // ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
         return Ciphersuite(0xC09A, "", "ECDHE_PSK", "Camellia-128", 16, 16, 0, "SHA-256", 32);

      case 0xC09B: // ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
         return Ciphersuite(0xC09B, "", "ECDHE_PSK", "Camellia-256", 32, 16, 0, "SHA-384", 48);

      case 0xC033: // ECDHE_PSK_WITH_RC4_128_SHA
         return Ciphersuite(0xC033, "", "ECDHE_PSK", "RC4", 16, 0, 0, "SHA-1", 20);

      case 0xC012: // ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
         return Ciphersuite(0xC012, "RSA", "ECDH", "3DES", 24, 8, 0, "SHA-1", 20);

      case 0xC013: // ECDHE_RSA_WITH_AES_128_CBC_SHA
         return Ciphersuite(0xC013, "RSA", "ECDH", "AES-128", 16, 16, 0, "SHA-1", 20);

      case 0xC027: // ECDHE_RSA_WITH_AES_128_CBC_SHA256
         return Ciphersuite(0xC027, "RSA", "ECDH", "AES-128", 16, 16, 0, "SHA-256", 32);

      case 0xC02F: // ECDHE_RSA_WITH_AES_128_GCM_SHA256
         return Ciphersuite(0xC02F, "RSA", "ECDH", "AES-128/GCM", 16, 4, 8, "AEAD", 0, "SHA-256");

      case 0xFFF0: // ECDHE_RSA_WITH_AES_128_OCB_SHA256
         return Ciphersuite(0xFFF0, "RSA", "ECDH", "AES-128/OCB(12)", 16, 4, 0, "AEAD", 0, "SHA-256");

      case 0xC014: // ECDHE_RSA_WITH_AES_256_CBC_SHA
         return Ciphersuite(0xC014, "RSA", "ECDH", "AES-256", 32, 16, 0, "SHA-1", 20);

      case 0xC028: // ECDHE_RSA_WITH_AES_256_CBC_SHA384
         return Ciphersuite(0xC028, "RSA", "ECDH", "AES-256", 32, 16, 0, "SHA-384", 48);

      case 0xC030: // ECDHE_RSA_WITH_AES_256_GCM_SHA384
         return Ciphersuite(0xC030, "RSA", "ECDH", "AES-256/GCM", 32, 4, 8, "AEAD", 0, "SHA-384");

      case 0xFFF1: // ECDHE_RSA_WITH_AES_256_OCB_SHA256
         return Ciphersuite(0xFFF1, "RSA", "ECDH", "AES-256/OCB(12)", 32, 4, 0, "AEAD", 0, "SHA-256");

      case 0xC076: // ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
         return Ciphersuite(0xC076, "RSA", "ECDH", "Camellia-128", 16, 16, 0, "SHA-256", 32);

      case 0xC08A: // ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
         return Ciphersuite(0xC08A, "RSA", "ECDH", "Camellia-128/GCM", 16, 4, 8, "AEAD", 0, "SHA-256");

      case 0xC077: // ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
         return Ciphersuite(0xC077, "RSA", "ECDH", "Camellia-256", 32, 16, 0, "SHA-384", 48);

      case 0xC08B: // ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
         return Ciphersuite(0xC08B, "RSA", "ECDH", "Camellia-256/GCM", 32, 4, 8, "AEAD", 0, "SHA-384");

      case 0xCC13: // ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
         return Ciphersuite(0xCC13, "RSA", "ECDH", "ChaCha20Poly1305", 32, 0, 0, "AEAD", 0, "SHA-256");

      case 0xC011: // ECDHE_RSA_WITH_RC4_128_SHA
         return Ciphersuite(0xC011, "RSA", "ECDH", "RC4", 16, 0, 0, "SHA-1", 20);

      case 0xC017: // ECDH_anon_WITH_3DES_EDE_CBC_SHA
         return Ciphersuite(0xC017, "", "ECDH", "3DES", 24, 8, 0, "SHA-1", 20);

      case 0xC018: // ECDH_anon_WITH_AES_128_CBC_SHA
         return Ciphersuite(0xC018, "", "ECDH", "AES-128", 16, 16, 0, "SHA-1", 20);

      case 0xC019: // ECDH_anon_WITH_AES_256_CBC_SHA
         return Ciphersuite(0xC019, "", "ECDH", "AES-256", 32, 16, 0, "SHA-1", 20);

      case 0xC016: // ECDH_anon_WITH_RC4_128_SHA
         return Ciphersuite(0xC016, "", "ECDH", "RC4", 16, 0, 0, "SHA-1", 20);

      case 0xC0AA: // PSK_DHE_WITH_AES_128_CCM_8
         return Ciphersuite(0xC0AA, "", "DHE_PSK", "AES-128/CCM(8)", 16, 4, 8, "AEAD", 0, "SHA-256");

      case 0xC0AB: // PSK_DHE_WITH_AES_256_CCM_8
         return Ciphersuite(0xC0AB, "", "DHE_PSK", "AES-256/CCM(8)", 32, 4, 8, "AEAD", 0, "SHA-256");

      case 0x008B: // PSK_WITH_3DES_EDE_CBC_SHA
         return Ciphersuite(0x008B, "", "PSK", "3DES", 24, 8, 0, "SHA-1", 20);

      case 0x008C: // PSK_WITH_AES_128_CBC_SHA
         return Ciphersuite(0x008C, "", "PSK", "AES-128", 16, 16, 0, "SHA-1", 20);

      case 0x00AE: // PSK_WITH_AES_128_CBC_SHA256
         return Ciphersuite(0x00AE, "", "PSK", "AES-128", 16, 16, 0, "SHA-256", 32);

      case 0xC0A4: // PSK_WITH_AES_128_CCM
         return Ciphersuite(0xC0A4, "", "PSK", "AES-128/CCM", 16, 4, 8, "AEAD", 0, "SHA-256");

      case 0xC0A8: // PSK_WITH_AES_128_CCM_8
         return Ciphersuite(0xC0A8, "", "PSK", "AES-128/CCM(8)", 16, 4, 8, "AEAD", 0, "SHA-256");

      case 0x00A8: // PSK_WITH_AES_128_GCM_SHA256
         return Ciphersuite(0x00A8, "", "PSK", "AES-128/GCM", 16, 4, 8, "AEAD", 0, "SHA-256");

      case 0xFFF6: // PSK_WITH_AES_128_OCB_SHA256
         return Ciphersuite(0xFFF6, "", "PSK", "AES-128/OCB(12)", 16, 4, 0, "AEAD", 0, "SHA-256");

      case 0x008D: // PSK_WITH_AES_256_CBC_SHA
         return Ciphersuite(0x008D, "", "PSK", "AES-256", 32, 16, 0, "SHA-1", 20);

      case 0x00AF: // PSK_WITH_AES_256_CBC_SHA384
         return Ciphersuite(0x00AF, "", "PSK", "AES-256", 32, 16, 0, "SHA-384", 48);

      case 0xC0A5: // PSK_WITH_AES_256_CCM
         return Ciphersuite(0xC0A5, "", "PSK", "AES-256/CCM", 32, 4, 8, "AEAD", 0, "SHA-256");

      case 0xC0A9: // PSK_WITH_AES_256_CCM_8
         return Ciphersuite(0xC0A9, "", "PSK", "AES-256/CCM(8)", 32, 4, 8, "AEAD", 0, "SHA-256");

      case 0x00A9: // PSK_WITH_AES_256_GCM_SHA384
         return Ciphersuite(0x00A9, "", "PSK", "AES-256/GCM", 32, 4, 8, "AEAD", 0, "SHA-384");

      case 0xFFF7: // PSK_WITH_AES_256_OCB_SHA256
         return Ciphersuite(0xFFF7, "", "PSK", "AES-256/OCB(12)", 32, 4, 0, "AEAD", 0, "SHA-256");

      case 0xC094: // PSK_WITH_CAMELLIA_128_CBC_SHA256
         return Ciphersuite(0xC094, "", "PSK", "Camellia-128", 16, 16, 0, "SHA-256", 32);

      case 0xC08E: // PSK_WITH_CAMELLIA_128_GCM_SHA256
         return Ciphersuite(0xC08E, "", "PSK", "Camellia-128/GCM", 16, 4, 8, "AEAD", 0, "SHA-256");

      case 0xC095: // PSK_WITH_CAMELLIA_256_CBC_SHA384
         return Ciphersuite(0xC095, "", "PSK", "Camellia-256", 32, 16, 0, "SHA-384", 48);

      case 0xC08F: // PSK_WITH_CAMELLIA_256_GCM_SHA384
         return Ciphersuite(0xC08F, "", "PSK", "Camellia-256/GCM", 32, 4, 8, "AEAD", 0, "SHA-384");

      case 0x008A: // PSK_WITH_RC4_128_SHA
         return Ciphersuite(0x008A, "", "PSK", "RC4", 16, 0, 0, "SHA-1", 20);

      case 0x000A: // RSA_WITH_3DES_EDE_CBC_SHA
         return Ciphersuite(0x000A, "RSA", "RSA", "3DES", 24, 8, 0, "SHA-1", 20);

      case 0x002F: // RSA_WITH_AES_128_CBC_SHA
         return Ciphersuite(0x002F, "RSA", "RSA", "AES-128", 16, 16, 0, "SHA-1", 20);

      case 0x003C: // RSA_WITH_AES_128_CBC_SHA256
         return Ciphersuite(0x003C, "RSA", "RSA", "AES-128", 16, 16, 0, "SHA-256", 32);

      case 0xC09C: // RSA_WITH_AES_128_CCM
         return Ciphersuite(0xC09C, "RSA", "RSA", "AES-128/CCM", 16, 4, 8, "AEAD", 0, "SHA-256");

      case 0xC0A0: // RSA_WITH_AES_128_CCM_8
         return Ciphersuite(0xC0A0, "RSA", "RSA", "AES-128/CCM(8)", 16, 4, 8, "AEAD", 0, "SHA-256");

      case 0x009C: // RSA_WITH_AES_128_GCM_SHA256
         return Ciphersuite(0x009C, "RSA", "RSA", "AES-128/GCM", 16, 4, 8, "AEAD", 0, "SHA-256");

      case 0x0035: // RSA_WITH_AES_256_CBC_SHA
         return Ciphersuite(0x0035, "RSA", "RSA", "AES-256", 32, 16, 0, "SHA-1", 20);

      case 0x003D: // RSA_WITH_AES_256_CBC_SHA256
         return Ciphersuite(0x003D, "RSA", "RSA", "AES-256", 32, 16, 0, "SHA-256", 32);

      case 0xC09D: // RSA_WITH_AES_256_CCM
         return Ciphersuite(0xC09D, "RSA", "RSA", "AES-256/CCM", 32, 4, 8, "AEAD", 0, "SHA-256");

      case 0xC0A1: // RSA_WITH_AES_256_CCM_8
         return Ciphersuite(0xC0A1, "RSA", "RSA", "AES-256/CCM(8)", 32, 4, 8, "AEAD", 0, "SHA-256");

      case 0x009D: // RSA_WITH_AES_256_GCM_SHA384
         return Ciphersuite(0x009D, "RSA", "RSA", "AES-256/GCM", 32, 4, 8, "AEAD", 0, "SHA-384");

      case 0x0041: // RSA_WITH_CAMELLIA_128_CBC_SHA
         return Ciphersuite(0x0041, "RSA", "RSA", "Camellia-128", 16, 16, 0, "SHA-1", 20);

      case 0x00BA: // RSA_WITH_CAMELLIA_128_CBC_SHA256
         return Ciphersuite(0x00BA, "RSA", "RSA", "Camellia-128", 16, 16, 0, "SHA-256", 32);

      case 0xC07A: // RSA_WITH_CAMELLIA_128_GCM_SHA256
         return Ciphersuite(0xC07A, "RSA", "RSA", "Camellia-128/GCM", 16, 4, 8, "AEAD", 0, "SHA-256");

      case 0x0084: // RSA_WITH_CAMELLIA_256_CBC_SHA
         return Ciphersuite(0x0084, "RSA", "RSA", "Camellia-256", 32, 16, 0, "SHA-1", 20);

      case 0x00C0: // RSA_WITH_CAMELLIA_256_CBC_SHA256
         return Ciphersuite(0x00C0, "RSA", "RSA", "Camellia-256", 32, 16, 0, "SHA-256", 32);

      case 0xC07B: // RSA_WITH_CAMELLIA_256_GCM_SHA384
         return Ciphersuite(0xC07B, "RSA", "RSA", "Camellia-256/GCM", 32, 4, 8, "AEAD", 0, "SHA-384");

      case 0x0004: // RSA_WITH_RC4_128_MD5
         return Ciphersuite(0x0004, "RSA", "RSA", "RC4", 16, 0, 0, "MD5", 16);

      case 0x0005: // RSA_WITH_RC4_128_SHA
         return Ciphersuite(0x0005, "RSA", "RSA", "RC4", 16, 0, 0, "SHA-1", 20);

      case 0x0096: // RSA_WITH_SEED_CBC_SHA
         return Ciphersuite(0x0096, "RSA", "RSA", "SEED", 16, 16, 0, "SHA-1", 20);

      case 0xC01C: // SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA
         return Ciphersuite(0xC01C, "DSA", "SRP_SHA", "3DES", 24, 8, 0, "SHA-1", 20);

      case 0xC01F: // SRP_SHA_DSS_WITH_AES_128_CBC_SHA
         return Ciphersuite(0xC01F, "DSA", "SRP_SHA", "AES-128", 16, 16, 0, "SHA-1", 20);

      case 0xC022: // SRP_SHA_DSS_WITH_AES_256_CBC_SHA
         return Ciphersuite(0xC022, "DSA", "SRP_SHA", "AES-256", 32, 16, 0, "SHA-1", 20);

      case 0xC01B: // SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA
         return Ciphersuite(0xC01B, "RSA", "SRP_SHA", "3DES", 24, 8, 0, "SHA-1", 20);

      case 0xC01E: // SRP_SHA_RSA_WITH_AES_128_CBC_SHA
         return Ciphersuite(0xC01E, "RSA", "SRP_SHA", "AES-128", 16, 16, 0, "SHA-1", 20);

      case 0xC021: // SRP_SHA_RSA_WITH_AES_256_CBC_SHA
         return Ciphersuite(0xC021, "RSA", "SRP_SHA", "AES-256", 32, 16, 0, "SHA-1", 20);

      case 0xC01A: // SRP_SHA_WITH_3DES_EDE_CBC_SHA
         return Ciphersuite(0xC01A, "", "SRP_SHA", "3DES", 24, 8, 0, "SHA-1", 20);

      case 0xC01D: // SRP_SHA_WITH_AES_128_CBC_SHA
         return Ciphersuite(0xC01D, "", "SRP_SHA", "AES-128", 16, 16, 0, "SHA-1", 20);

      case 0xC020: // SRP_SHA_WITH_AES_256_CBC_SHA
         return Ciphersuite(0xC020, "", "SRP_SHA", "AES-256", 32, 16, 0, "SHA-1", 20);

      }

   return Ciphersuite(); // some unknown ciphersuite
   }
Ciphersuite Botan::TLS::Ciphersuite::by_name ( const std::string &  name) [static]

Lookup a ciphersuite by name

Parameters:
namethe name (eg TLS_RSA_WITH_RC4_128_SHA)
Returns:
ciphersuite object

Definition at line 51 of file tls_ciphersuite.cpp.

References all_known_ciphersuites(), and Ciphersuite().

   {
   for(auto suite : all_known_ciphersuites())
      {
      if(suite.to_string() == name)
         return suite;
      }

   return Ciphersuite(); // some unknown ciphersuite
   }
const std::string& Botan::TLS::Ciphersuite::cipher_algo ( ) const [inline]
Returns:
symmetric cipher algorithm used by this ciphersuite

Definition at line 85 of file tls_ciphersuite.h.

Referenced by Botan::TLS::Connection_Cipher_State::Connection_Cipher_State(), to_string(), and valid().

{ return m_cipher_algo; }
size_t Botan::TLS::Ciphersuite::cipher_keylen ( ) const [inline]
Returns:
cipher key length used by this ciphersuite

Definition at line 100 of file tls_ciphersuite.h.

Referenced by to_string().

{ return m_cipher_keylen; }
Returns:
ciphersuite number

Definition at line 60 of file tls_ciphersuite.h.

{ return m_ciphersuite_code; }
Returns:
true if this is an ECC ciphersuite

Definition at line 98 of file tls_ciphersuite.cpp.

References kex_algo(), and sig_algo().

   {
   return (sig_algo() == "ECDSA" || kex_algo() == "ECDH" || kex_algo() == "ECDHE_PSK");
   }
bool Botan::TLS::Ciphersuite::is_scsv ( u16bit  suite) [static]

Returns true iff this suite is a known SCSV

Definition at line 62 of file tls_ciphersuite.cpp.

   {
   // TODO: derive from IANA file in script
   return (suite == 0x00FF || suite == 0x5600);
   }
const std::string& Botan::TLS::Ciphersuite::kex_algo ( ) const [inline]
Returns:
key exchange algorithm used by this ciphersuite

Definition at line 75 of file tls_ciphersuite.h.

Referenced by Botan::TLS::Client_Key_Exchange::Client_Key_Exchange(), ecc_ciphersuite(), psk_ciphersuite(), Botan::TLS::Server_Key_Exchange::Server_Key_Exchange(), to_string(), and valid().

{ return m_kex_algo; }
const std::string& Botan::TLS::Ciphersuite::mac_algo ( ) const [inline]
Returns:
message authentication algorithm used by this ciphersuite

Definition at line 90 of file tls_ciphersuite.h.

Referenced by Botan::TLS::Connection_Cipher_State::Connection_Cipher_State(), to_string(), and valid().

{ return m_mac_algo; }
size_t Botan::TLS::Ciphersuite::mac_keylen ( ) const [inline]

Definition at line 106 of file tls_ciphersuite.h.

{ return m_mac_keylen; }

Definition at line 104 of file tls_ciphersuite.h.

{ return m_nonce_bytes_from_handshake; }

Definition at line 102 of file tls_ciphersuite.h.

{ return m_nonce_bytes_from_record; }
const std::string& Botan::TLS::Ciphersuite::prf_algo ( ) const [inline]

Definition at line 92 of file tls_ciphersuite.h.

Referenced by Botan::TLS::Handshake_State::protocol_specific_prf(), to_string(), and valid().

         {
         return (m_prf_algo != "") ? m_prf_algo : m_mac_algo;
         }
Returns:
true if this is a PSK ciphersuite

Definition at line 91 of file tls_ciphersuite.cpp.

References kex_algo().

   {
   return (kex_algo() == "PSK" ||
           kex_algo() == "DHE_PSK" ||
           kex_algo() == "ECDHE_PSK");
   }
const std::string& Botan::TLS::Ciphersuite::sig_algo ( ) const [inline]
Returns:
signature algorithm used by this ciphersuite

Definition at line 80 of file tls_ciphersuite.h.

Referenced by ecc_ciphersuite(), Botan::TLS::Server_Key_Exchange::Server_Key_Exchange(), to_string(), and valid().

{ return m_sig_algo; }
std::string Botan::TLS::Ciphersuite::to_string ( ) const

Formats the ciphersuite back to an RFC-style ciphersuite string

Returns:
RFC ciphersuite string identifier

Definition at line 214 of file tls_ciphersuite.cpp.

References cipher_algo(), cipher_keylen(), Botan::erase_chars(), kex_algo(), mac_algo(), prf_algo(), Botan::replace_chars(), and sig_algo().

   {
   if(m_cipher_keylen == 0)
      throw std::runtime_error("Ciphersuite::to_string - no value set");

   std::ostringstream out;

   out << "TLS_";

   if(kex_algo() != "RSA")
      {
      if(kex_algo() == "DH")
         out << "DHE";
      else if(kex_algo() == "ECDH")
         out << "ECDHE";
      else
         out << kex_algo();

      out << '_';
      }

   if(sig_algo() == "DSA")
      out << "DSS_";
   else if(sig_algo() != "")
      out << sig_algo() << '_';

   out << "WITH_";

   if(cipher_algo() == "RC4")
      {
      out << "RC4_128_";
      }
   else if(cipher_algo() == "ChaCha20Poly1305")
      {
      out << "CHACHA20_POLY1305_";
      }
   else
      {
      if(cipher_algo() == "3DES")
         out << "3DES_EDE";
      else if(cipher_algo().find("Camellia") == 0)
         out << "CAMELLIA_" << std::to_string(8*cipher_keylen());
      else
         {
         if(cipher_algo().find("OCB(12)") != std::string::npos)
            out << replace_chars(cipher_algo().substr(0, cipher_algo().size() - 4),
                                 {'-', '/'}, '_');
         else
            out << replace_chars(cipher_algo(), {'-', '/'}, '_');
         }

      if(cipher_algo().find("/") != std::string::npos)
         out << "_"; // some explicit mode already included
      else
         out << "_CBC_";
      }

   if(mac_algo() == "SHA-1")
      out << "SHA";
   else if(mac_algo() == "AEAD")
      out << erase_chars(prf_algo(), {'-'});
   else
      out << erase_chars(mac_algo(), {'-'});

   return out.str();
   }
Returns:
true if this is a valid/known ciphersuite

Definition at line 123 of file tls_ciphersuite.cpp.

References BOTAN_ASSERT, cipher_algo(), kex_algo(), mac_algo(), prf_algo(), sig_algo(), and Botan::split_on().

   {
   if(!m_cipher_keylen) // uninitialized object
      return false;

   if(!have_hash(prf_algo()))
      return false;

   if(mac_algo() == "AEAD")
      {
      if(cipher_algo() == "ChaCha20Poly1305")
         {
#if !defined(BOTAN_HAS_AEAD_CHACHA20_POLY1305)
         return false;
#endif
         }
      else
         {
         auto cipher_and_mode = split_on(cipher_algo(), '/');
         BOTAN_ASSERT(cipher_and_mode.size() == 2, "Expected format for AEAD algo");
         if(!have_cipher(cipher_and_mode[0]))
            return false;

         const auto mode = cipher_and_mode[1];

#if !defined(BOTAN_HAS_AEAD_CCM)
         if(mode == "CCM" || mode == "CCM-8")
            return false;
#endif

#if !defined(BOTAN_HAS_AEAD_GCM)
         if(mode == "GCM")
            return false;
#endif

#if !defined(BOTAN_HAS_AEAD_OCB)
         if(mode == "OCB(12)" || mode == "OCB")
            return false;
#endif
         }
      }
   else
      {
      // Old non-AEAD schemes
      if(!have_cipher(cipher_algo()))
         return false;
      if(!have_hash(mac_algo())) // HMAC
         return false;
      }

   if(kex_algo() == "SRP_SHA")
      {
#if !defined(BOTAN_HAS_SRP6)
      return false;
#endif
      }
   else if(kex_algo() == "ECDH" || kex_algo() == "ECDHE_PSK")
      {
#if !defined(BOTAN_HAS_ECDH)
      return false;
#endif
      }
   else if(kex_algo() == "DH" || kex_algo() == "DHE_PSK")
      {
#if !defined(BOTAN_HAS_DIFFIE_HELLMAN)
      return false;
#endif
      }

   if(sig_algo() == "DSA")
      {
#if !defined(BOTAN_HAS_DSA)
      return false;
#endif
      }
   else if(sig_algo() == "ECDSA")
      {
#if !defined(BOTAN_HAS_ECDSA)
      return false;
#endif
      }
   else if(sig_algo() == "RSA")
      {
#if !defined(BOTAN_HAS_RSA)
      return false;
#endif
      }

   return true;
   }

The documentation for this class was generated from the following files: