Botan 3.7.1
Crypto and TLS for C&
tls_algos.h
Go to the documentation of this file.
1/*
2* (C) 2017 Jack Lloyd
3*
4* Botan is released under the Simplified BSD License (see license.txt)
5*/
6
7#ifndef BOTAN_TLS_ALGO_IDS_H_
8#define BOTAN_TLS_ALGO_IDS_H_
9
10#include <botan/asn1_obj.h>
11#include <botan/pk_keys.h>
12#include <botan/types.h>
13#include <optional>
14#include <string>
15#include <vector>
16
17//BOTAN_FUTURE_INTERNAL_HEADER(tls_algos.h)
18
19namespace Botan::TLS {
20
48
54
55std::string BOTAN_DLL kdf_algo_to_string(KDF_Algo algo);
56
62
63// TODO encoding should match signature_algorithms extension
64// TODO this should include hash etc as in TLS v1.3
65enum class Auth_Method {
68
69 // To support TLS 1.3 ciphersuites, which do not determine the auth method
71
72 // These are placed outside the encodable range
73 IMPLICIT = 0x10000
74};
75
78
79/*
80* Matches with wire encoding
81*/
82enum class Group_Params_Code : uint16_t {
83 NONE = 0,
84
91
92 X25519 = 29,
93 X448 = 30,
94
100
101 // https://datatracker.ietf.org/doc/draft-connolly-tls-mlkem-key-agreement/05/
102 ML_KEM_512 = 0x0200,
103 ML_KEM_768 = 0x0201,
104 ML_KEM_1024 = 0x0202,
105
106 // libOQS defines those in:
107 // https://github.com/open-quantum-safe/oqs-provider/blob/main/ALGORITHMS.md
114
115 // https://datatracker.ietf.org/doc/draft-kwiatkowski-tls-ecdhe-mlkem/03/
118
119 // https://github.com/open-quantum-safe/oqs-provider/blob/main/ALGORITHMS.md
122
125
128
131
134};
135
137 public:
138 using enum Group_Params_Code;
139
140 constexpr Group_Params() : m_code(Group_Params_Code::NONE) {}
141
142 constexpr Group_Params(Group_Params_Code code) : m_code(code) {}
143
144 constexpr Group_Params(uint16_t code) : m_code(static_cast<Group_Params_Code>(code)) {}
145
146 /**
147 * @returns std::nullopt if an unknown name
148 */
149 static std::optional<Group_Params> from_string(std::string_view group_name);
150
151 constexpr bool operator==(Group_Params_Code code) const { return m_code == code; }
152
153 constexpr bool operator==(Group_Params other) const { return m_code == other.m_code; }
154
155 constexpr bool operator<(Group_Params other) const { return m_code < other.m_code; }
156
157 constexpr Group_Params_Code code() const { return m_code; }
158
159 constexpr uint16_t wire_code() const { return static_cast<uint16_t>(m_code); }
160
161 /**
162 * Returns false if this group/KEX is not available in the build configuration
163 */
164 bool is_available() const;
165
166 constexpr bool is_x25519() const { return m_code == Group_Params_Code::X25519; }
167
168 constexpr bool is_x448() const { return m_code == Group_Params_Code::X448; }
169
175
176 constexpr bool is_in_ffdhe_range() const {
177 // See RFC 7919
178 return wire_code() >= 256 && wire_code() < 512;
179 }
180
181 constexpr bool is_dh_named_group() const {
182 return m_code == Group_Params_Code::FFDHE_2048 || m_code == Group_Params_Code::FFDHE_3072 ||
185 }
186
187 constexpr bool is_pure_ml_kem() const {
188 return m_code == Group_Params_Code::ML_KEM_512 || m_code == Group_Params_Code::ML_KEM_768 ||
190 }
191
200
201 constexpr bool is_pure_ecc_group() const { return is_x25519() || is_x448() || is_ecdh_named_curve(); }
202
211
216
229
230 constexpr bool is_pqc_hybrid() const { return is_pqc_hybrid_ml_kem() || is_pqc_hybrid_frodokem(); }
231
240
241 // If this is a pqc hybrid group, returns the ECC ID
242 std::optional<Group_Params_Code> pqc_hybrid_ecc() const;
243
244 // Returns std::nullopt if the param has no known name
245 std::optional<std::string> to_string() const;
246
247 private:
248 Group_Params_Code m_code;
249};
250
251enum class Kex_Algo {
262
263 // To support TLS 1.3 ciphersuites, which do not determine the kex algo
265};
266
269
271 return (m == Kex_Algo::PSK || m == Kex_Algo::ECDHE_PSK || m == Kex_Algo::DHE_PSK);
272}
273
274} // namespace Botan::TLS
275
276#endif
#define BOTAN_DIAGNOSTIC_POP
Definition api.h:108
#define BOTAN_DIAGNOSTIC_PUSH
Definition api.h:105
#define BOTAN_DIAGNOSTIC_IGNORE_DEPRECATED_DECLARATIONS
Definition api.h:106
#define BOTAN_PUBLIC_API(maj, min)
Definition api.h:19
#define BOTAN_TEST_API
Definition api.h:39
constexpr bool operator==(Group_Params other) const
Definition tls_algos.h:153
constexpr bool is_dh_named_group() const
Definition tls_algos.h:181
constexpr bool is_in_ffdhe_range() const
Definition tls_algos.h:176
constexpr bool operator<(Group_Params other) const
Definition tls_algos.h:155
constexpr bool is_pqc_hybrid() const
Definition tls_algos.h:230
constexpr bool is_kem() const
Definition tls_algos.h:232
constexpr bool is_post_quantum() const
Definition tls_algos.h:203
constexpr bool operator==(Group_Params_Code code) const
Definition tls_algos.h:151
constexpr bool is_ecdh_named_curve() const
Definition tls_algos.h:170
constexpr uint16_t wire_code() const
Definition tls_algos.h:159
constexpr bool is_pure_frodokem() const
Definition tls_algos.h:192
constexpr Group_Params_Code code() const
Definition tls_algos.h:157
constexpr Group_Params(uint16_t code)
Definition tls_algos.h:144
constexpr bool is_pqc_hybrid_frodokem() const
Definition tls_algos.h:217
constexpr bool is_pure_ml_kem() const
Definition tls_algos.h:187
constexpr Group_Params(Group_Params_Code code)
Definition tls_algos.h:142
constexpr bool is_pqc_hybrid_ml_kem() const
Definition tls_algos.h:212
constexpr bool is_x448() const
Definition tls_algos.h:168
constexpr bool is_pure_ecc_group() const
Definition tls_algos.h:201
constexpr bool is_x25519() const
Definition tls_algos.h:166
#define BOTAN_DLL
Definition build.h:85
Kex_Algo kex_method_from_string(std::string_view str)
Definition tls_algos.cpp:57
Auth_Method auth_method_from_string(std::string_view str)
std::string kdf_algo_to_string(KDF_Algo algo)
Definition tls_algos.cpp:15
std::string kex_method_to_string(Kex_Algo method)
Definition tls_algos.cpp:28
bool key_exchange_is_psk(Kex_Algo m)
Definition tls_algos.h:270
std::string auth_method_to_string(Auth_Method method)
std::string to_string(ErrorType type)
Convert an ErrorType to string.
Definition exceptn.cpp:13