Botan  1.11.15
src/lib/tls/tls_ciphersuite.h
Go to the documentation of this file.
00001 /*
00002 * TLS Cipher Suites
00003 * (C) 2004-2011,2012 Jack Lloyd
00004 *
00005 * Botan is released under the Simplified BSD License (see license.txt)
00006 */
00007 
00008 #ifndef BOTAN_TLS_CIPHER_SUITES_H__
00009 #define BOTAN_TLS_CIPHER_SUITES_H__
00010 
00011 #include <botan/types.h>
00012 #include <string>
00013 #include <vector>
00014 
00015 namespace Botan {
00016 
00017 namespace TLS {
00018 
00019 /**
00020 * Ciphersuite Information
00021 */
00022 class BOTAN_DLL Ciphersuite
00023    {
00024    public:
00025       /**
00026       * Convert an SSL/TLS ciphersuite to algorithm fields
00027       * @param suite the ciphersuite code number
00028       * @return ciphersuite object
00029       */
00030       static Ciphersuite by_id(u16bit suite);
00031 
00032       /**
00033       * Returns true iff this suite is a known SCSV
00034       */
00035       static bool is_scsv(u16bit suite);
00036 
00037       /**
00038       * Lookup a ciphersuite by name
00039       * @param name the name (eg TLS_RSA_WITH_RC4_128_SHA)
00040       * @return ciphersuite object
00041       */
00042       static Ciphersuite by_name(const std::string& name);
00043 
00044       /**
00045       * Generate a static list of all known ciphersuites and return it.
00046       *
00047       * @return list of all known ciphersuites
00048       */
00049       static const std::vector<Ciphersuite>& all_known_ciphersuites();
00050 
00051       /**
00052       * Formats the ciphersuite back to an RFC-style ciphersuite string
00053       * @return RFC ciphersuite string identifier
00054       */
00055       std::string to_string() const;
00056 
00057       /**
00058       * @return ciphersuite number
00059       */
00060       u16bit ciphersuite_code() const { return m_ciphersuite_code; }
00061 
00062       /**
00063       * @return true if this is a PSK ciphersuite
00064       */
00065       bool psk_ciphersuite() const;
00066 
00067       /**
00068       * @return true if this is an ECC ciphersuite
00069       */
00070       bool ecc_ciphersuite() const;
00071 
00072       /**
00073       * @return key exchange algorithm used by this ciphersuite
00074       */
00075       const std::string& kex_algo() const { return m_kex_algo; }
00076 
00077       /**
00078       * @return signature algorithm used by this ciphersuite
00079       */
00080       const std::string& sig_algo() const { return m_sig_algo; }
00081 
00082       /**
00083       * @return symmetric cipher algorithm used by this ciphersuite
00084       */
00085       const std::string& cipher_algo() const { return m_cipher_algo; }
00086 
00087       /**
00088       * @return message authentication algorithm used by this ciphersuite
00089       */
00090       const std::string& mac_algo() const { return m_mac_algo; }
00091 
00092       const std::string& prf_algo() const
00093          {
00094          return (m_prf_algo != "") ? m_prf_algo : m_mac_algo;
00095          }
00096 
00097       /**
00098       * @return cipher key length used by this ciphersuite
00099       */
00100       size_t cipher_keylen() const { return m_cipher_keylen; }
00101 
00102       size_t nonce_bytes_from_record() const { return m_nonce_bytes_from_record; }
00103 
00104       size_t nonce_bytes_from_handshake() const { return m_nonce_bytes_from_handshake; }
00105 
00106       size_t mac_keylen() const { return m_mac_keylen; }
00107 
00108       /**
00109       * @return true if this is a valid/known ciphersuite
00110       */
00111       bool valid() const;
00112 
00113       Ciphersuite() {}
00114 
00115    private:
00116 
00117       Ciphersuite(u16bit ciphersuite_code,
00118                   const char* sig_algo,
00119                   const char* kex_algo,
00120                   const char* cipher_algo,
00121                   size_t cipher_keylen,
00122                   size_t nonce_bytes_from_handshake,
00123                   size_t nonce_bytes_from_record,
00124                   const char* mac_algo,
00125                   size_t mac_keylen,
00126                   const char* prf_algo = "");
00127 
00128       u16bit m_ciphersuite_code = 0;
00129 
00130       std::string m_sig_algo;
00131       std::string m_kex_algo;
00132       std::string m_prf_algo;
00133 
00134       std::string m_cipher_algo;
00135       size_t m_cipher_keylen = 0;
00136       size_t m_nonce_bytes_from_handshake = 0;
00137       size_t m_nonce_bytes_from_record = 0;
00138 
00139       std::string m_mac_algo;
00140       size_t m_mac_keylen = 0;
00141    };
00142 
00143 }
00144 
00145 }
00146 
00147 #endif