Botan
1.11.15
|
00001 /* 00002 * TLS Cipher Suites 00003 * (C) 2004-2011,2012 Jack Lloyd 00004 * 00005 * Botan is released under the Simplified BSD License (see license.txt) 00006 */ 00007 00008 #ifndef BOTAN_TLS_CIPHER_SUITES_H__ 00009 #define BOTAN_TLS_CIPHER_SUITES_H__ 00010 00011 #include <botan/types.h> 00012 #include <string> 00013 #include <vector> 00014 00015 namespace Botan { 00016 00017 namespace TLS { 00018 00019 /** 00020 * Ciphersuite Information 00021 */ 00022 class BOTAN_DLL Ciphersuite 00023 { 00024 public: 00025 /** 00026 * Convert an SSL/TLS ciphersuite to algorithm fields 00027 * @param suite the ciphersuite code number 00028 * @return ciphersuite object 00029 */ 00030 static Ciphersuite by_id(u16bit suite); 00031 00032 /** 00033 * Returns true iff this suite is a known SCSV 00034 */ 00035 static bool is_scsv(u16bit suite); 00036 00037 /** 00038 * Lookup a ciphersuite by name 00039 * @param name the name (eg TLS_RSA_WITH_RC4_128_SHA) 00040 * @return ciphersuite object 00041 */ 00042 static Ciphersuite by_name(const std::string& name); 00043 00044 /** 00045 * Generate a static list of all known ciphersuites and return it. 00046 * 00047 * @return list of all known ciphersuites 00048 */ 00049 static const std::vector<Ciphersuite>& all_known_ciphersuites(); 00050 00051 /** 00052 * Formats the ciphersuite back to an RFC-style ciphersuite string 00053 * @return RFC ciphersuite string identifier 00054 */ 00055 std::string to_string() const; 00056 00057 /** 00058 * @return ciphersuite number 00059 */ 00060 u16bit ciphersuite_code() const { return m_ciphersuite_code; } 00061 00062 /** 00063 * @return true if this is a PSK ciphersuite 00064 */ 00065 bool psk_ciphersuite() const; 00066 00067 /** 00068 * @return true if this is an ECC ciphersuite 00069 */ 00070 bool ecc_ciphersuite() const; 00071 00072 /** 00073 * @return key exchange algorithm used by this ciphersuite 00074 */ 00075 const std::string& kex_algo() const { return m_kex_algo; } 00076 00077 /** 00078 * @return signature algorithm used by this ciphersuite 00079 */ 00080 const std::string& sig_algo() const { return m_sig_algo; } 00081 00082 /** 00083 * @return symmetric cipher algorithm used by this ciphersuite 00084 */ 00085 const std::string& cipher_algo() const { return m_cipher_algo; } 00086 00087 /** 00088 * @return message authentication algorithm used by this ciphersuite 00089 */ 00090 const std::string& mac_algo() const { return m_mac_algo; } 00091 00092 const std::string& prf_algo() const 00093 { 00094 return (m_prf_algo != "") ? m_prf_algo : m_mac_algo; 00095 } 00096 00097 /** 00098 * @return cipher key length used by this ciphersuite 00099 */ 00100 size_t cipher_keylen() const { return m_cipher_keylen; } 00101 00102 size_t nonce_bytes_from_record() const { return m_nonce_bytes_from_record; } 00103 00104 size_t nonce_bytes_from_handshake() const { return m_nonce_bytes_from_handshake; } 00105 00106 size_t mac_keylen() const { return m_mac_keylen; } 00107 00108 /** 00109 * @return true if this is a valid/known ciphersuite 00110 */ 00111 bool valid() const; 00112 00113 Ciphersuite() {} 00114 00115 private: 00116 00117 Ciphersuite(u16bit ciphersuite_code, 00118 const char* sig_algo, 00119 const char* kex_algo, 00120 const char* cipher_algo, 00121 size_t cipher_keylen, 00122 size_t nonce_bytes_from_handshake, 00123 size_t nonce_bytes_from_record, 00124 const char* mac_algo, 00125 size_t mac_keylen, 00126 const char* prf_algo = ""); 00127 00128 u16bit m_ciphersuite_code = 0; 00129 00130 std::string m_sig_algo; 00131 std::string m_kex_algo; 00132 std::string m_prf_algo; 00133 00134 std::string m_cipher_algo; 00135 size_t m_cipher_keylen = 0; 00136 size_t m_nonce_bytes_from_handshake = 0; 00137 size_t m_nonce_bytes_from_record = 0; 00138 00139 std::string m_mac_algo; 00140 size_t m_mac_keylen = 0; 00141 }; 00142 00143 } 00144 00145 } 00146 00147 #endif