search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Add `gnutls/dtls.h' to the distribution.
[gnutls.git] / lib / gnutls_algorithms.c
blobf636f6ab01f6425940dd9219556db35ccaf16d63
1 /*
2 * Copyright (C) 2000, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009,
3 * 2010 Free Software Foundation, Inc.
4 *
5 * Author: Nikos Mavrogiannopoulos
6 *
7 * This file is part of GnuTLS.
8 *
9 * The GnuTLS is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU Lesser General Public License
11 * as published by the Free Software Foundation; either version 2.1 of
12 * the License, or (at your option) any later version.
13 *
14 * This library is distributed in the hope that it will be useful, but
15 * WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
17 * Lesser General Public License for more details.
18 *
19 * You should have received a copy of the GNU Lesser General Public
20 * License along with this library; if not, write to the Free Software
21 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
22 * USA
23 *
24 */
25
26 #include "gnutls_int.h"
27 #include "gnutls_algorithms.h"
28 #include "gnutls_errors.h"
29 #include "gnutls_cert.h"
30 #include <x509/common.h>
31
32
33 typedef struct
34 {
35 const char *name;
36 gnutls_sec_param_t sec_param;
37 int bits; /* security level */
38 int pk_bits; /* DH, RSA, SRP */
39 int dsa_bits; /* bits for DSA. Handled differently since
40 * choice of key size in DSA is political.
41 */
42 int subgroup_bits; /* subgroup bits */
43 int ecc_bits; /* bits for ECC keys */
44 } gnutls_sec_params_entry;
45
46 static const gnutls_sec_params_entry sec_params[] = {
47 {"Weak", GNUTLS_SEC_PARAM_WEAK, 64, 816, 1024, 128, 128},
48 {"Low", GNUTLS_SEC_PARAM_LOW, 80, 1248, 2048, 160, 160},
49 {"Normal", GNUTLS_SEC_PARAM_NORMAL, 112, 2432, 3072, 224, 224},
50 {"High", GNUTLS_SEC_PARAM_HIGH, 128, 3248, 3072, 256, 256},
51 {"Ultra", GNUTLS_SEC_PARAM_ULTRA, 256, 15424, 3072, 512, 512},
52 {NULL, 0, 0, 0, 0, 0}
53 };
54
55 #define GNUTLS_SEC_PARAM_LOOP(b) \
56 { const gnutls_sec_params_entry *p; \
57 for(p = sec_params; p->name != NULL; p++) { b ; } }
58
59
60 /* Cred type mappings to KX algorithms
61 * FIXME: The mappings are not 1-1. Some KX such as SRP_RSA require
62 * more than one credentials type.
63 */
64 typedef struct
65 {
66 gnutls_kx_algorithm_t algorithm;
67 gnutls_credentials_type_t client_type;
68 gnutls_credentials_type_t server_type; /* The type of credentials a server
69 * needs to set */
70 } gnutls_cred_map;
71
72 static const gnutls_cred_map cred_mappings[] = {
73 {GNUTLS_KX_ANON_DH, GNUTLS_CRD_ANON, GNUTLS_CRD_ANON},
74 {GNUTLS_KX_RSA, GNUTLS_CRD_CERTIFICATE, GNUTLS_CRD_CERTIFICATE},
75 {GNUTLS_KX_RSA_EXPORT, GNUTLS_CRD_CERTIFICATE, GNUTLS_CRD_CERTIFICATE},
76 {GNUTLS_KX_DHE_DSS, GNUTLS_CRD_CERTIFICATE, GNUTLS_CRD_CERTIFICATE},
77 {GNUTLS_KX_DHE_RSA, GNUTLS_CRD_CERTIFICATE, GNUTLS_CRD_CERTIFICATE},
78 {GNUTLS_KX_PSK, GNUTLS_CRD_PSK, GNUTLS_CRD_PSK},
79 {GNUTLS_KX_DHE_PSK, GNUTLS_CRD_PSK, GNUTLS_CRD_PSK},
80 {GNUTLS_KX_SRP, GNUTLS_CRD_SRP, GNUTLS_CRD_SRP},
81 {GNUTLS_KX_SRP_RSA, GNUTLS_CRD_SRP, GNUTLS_CRD_CERTIFICATE},
82 {GNUTLS_KX_SRP_DSS, GNUTLS_CRD_SRP, GNUTLS_CRD_CERTIFICATE},
83 {0, 0, 0}
84 };
85
86 #define GNUTLS_KX_MAP_LOOP(b) \
87 const gnutls_cred_map *p; \
88 for(p = cred_mappings; p->algorithm != 0; p++) { b ; }
89
90 #define GNUTLS_KX_MAP_ALG_LOOP_SERVER(a) \
91 GNUTLS_KX_MAP_LOOP( if(p->server_type == type) { a; break; })
92
93 /* KX mappings to PK algorithms */
94 typedef struct
95 {
96 gnutls_kx_algorithm_t kx_algorithm;
97 gnutls_pk_algorithm_t pk_algorithm;
98 enum encipher_type encipher_type; /* CIPHER_ENCRYPT if this algorithm is to be used
99 * for encryption, CIPHER_SIGN if signature only,
100 * CIPHER_IGN if this does not apply at all.
101 *
102 * This is useful to certificate cipher suites, which check
103 * against the certificate key usage bits.
104 */
105 } gnutls_pk_map;
106
107 /* This table maps the Key exchange algorithms to
108 * the certificate algorithms. Eg. if we have
109 * RSA algorithm in the certificate then we can
110 * use GNUTLS_KX_RSA or GNUTLS_KX_DHE_RSA.
111 */
112 static const gnutls_pk_map pk_mappings[] = {
113 {GNUTLS_KX_RSA, GNUTLS_PK_RSA, CIPHER_ENCRYPT},
114 {GNUTLS_KX_RSA_EXPORT, GNUTLS_PK_RSA, CIPHER_SIGN},
115 {GNUTLS_KX_DHE_RSA, GNUTLS_PK_RSA, CIPHER_SIGN},
116 {GNUTLS_KX_SRP_RSA, GNUTLS_PK_RSA, CIPHER_SIGN},
117 {GNUTLS_KX_DHE_DSS, GNUTLS_PK_DSA, CIPHER_SIGN},
118 {GNUTLS_KX_SRP_DSS, GNUTLS_PK_DSA, CIPHER_SIGN},
119 {0, 0, 0}
120 };
121
122 #define GNUTLS_PK_MAP_LOOP(b) \
123 const gnutls_pk_map *p; \
124 for(p = pk_mappings; p->kx_algorithm != 0; p++) { b }
125
126 #define GNUTLS_PK_MAP_ALG_LOOP(a) \
127 GNUTLS_PK_MAP_LOOP( if(p->kx_algorithm == kx_algorithm) { a; break; })
128
129
130
131 /* TLS Versions */
132
133 typedef struct
134 {
135 const char *name;
136 gnutls_protocol_t id; /* gnutls internal version number */
137 int major; /* defined by the protocol */
138 int minor; /* defined by the protocol */
139 transport_t transport; /* Type of transport, stream or datagram */
140 int supported; /* 0 not supported, > 0 is supported */
141 } gnutls_version_entry;
142
143 static const gnutls_version_entry sup_versions[] = {
144 {"SSL3.0", GNUTLS_SSL3, 3, 0, GNUTLS_STREAM, 1},
145 {"TLS1.0", GNUTLS_TLS1, 3, 1, GNUTLS_STREAM, 1},
146 {"TLS1.1", GNUTLS_TLS1_1, 3, 2, GNUTLS_STREAM, 1},
147 {"TLS1.2", GNUTLS_TLS1_2, 3, 3, GNUTLS_STREAM, 1},
148 {"DTLS1.0", GNUTLS_DTLS1_0, 254, 255, GNUTLS_DGRAM, 1}, /* 1.1 over datagram */
149 {0, 0, 0, 0, 0}
150 };
151
152 /* Keep the contents of this struct the same as the previous one. */
153 static const gnutls_protocol_t supported_protocols[] = {
154 GNUTLS_SSL3,
155 GNUTLS_TLS1,
156 GNUTLS_TLS1_1,
157 GNUTLS_TLS1_2,
158 GNUTLS_DTLS1_0,
159 0
160 };
161
162 #define GNUTLS_VERSION_LOOP(b) \
163 const gnutls_version_entry *p; \
164 for(p = sup_versions; p->name != NULL; p++) { b ; }
165
166 #define GNUTLS_VERSION_ALG_LOOP(a) \
167 GNUTLS_VERSION_LOOP( if(p->id == version) { a; break; })
168
169 struct gnutls_cipher_entry
170 {
171 const char *name;
172 gnutls_cipher_algorithm_t id;
173 uint16_t blocksize;
174 uint16_t keysize;
175 unsigned block:1;
176 uint16_t iv; /* the size of IV */
177 unsigned export_flag:1; /* 0 non export */
178 unsigned auth:1; /* Whether it is authenc cipher */
179 };
180 typedef struct gnutls_cipher_entry gnutls_cipher_entry;
181
182 /* Note that all algorithms are in CBC or STREAM modes.
183 * Do not add any algorithms in other modes (avoid modified algorithms).
184 * View first: "The order of encryption and authentication for
185 * protecting communications" by Hugo Krawczyk - CRYPTO 2001
186 *
187 * Make sure to updated MAX_CIPHER_BLOCK_SIZE and MAX_CIPHER_KEY_SIZE as well.
188 */
189 static const gnutls_cipher_entry algorithms[] = {
190 {"AES-256-CBC", GNUTLS_CIPHER_AES_256_CBC, 16, 32, CIPHER_BLOCK, 16, 0, 0},
191 {"AES-192-CBC", GNUTLS_CIPHER_AES_192_CBC, 16, 24, CIPHER_BLOCK, 16, 0, 0},
192 {"AES-128-CBC", GNUTLS_CIPHER_AES_128_CBC, 16, 16, CIPHER_BLOCK, 16, 0, 0},
193 {"AES-128-GCM", GNUTLS_CIPHER_AES_128_GCM, 16, 16, CIPHER_STREAM, AEAD_IMPLICIT_DATA_SIZE, 0, 1},
194 {"3DES-CBC", GNUTLS_CIPHER_3DES_CBC, 8, 24, CIPHER_BLOCK, 8, 0, 0},
195 {"DES-CBC", GNUTLS_CIPHER_DES_CBC, 8, 8, CIPHER_BLOCK, 8, 0, 0},
196 {"ARCFOUR-128", GNUTLS_CIPHER_ARCFOUR_128, 1, 16, CIPHER_STREAM, 0, 0, 0},
197 {"ARCFOUR-40", GNUTLS_CIPHER_ARCFOUR_40, 1, 5, CIPHER_STREAM, 0, 1, 0},
198 {"RC2-40", GNUTLS_CIPHER_RC2_40_CBC, 8, 5, CIPHER_BLOCK, 8, 1, 0},
199 #ifdef ENABLE_CAMELLIA
200 {"CAMELLIA-256-CBC", GNUTLS_CIPHER_CAMELLIA_256_CBC, 16, 32, CIPHER_BLOCK,
201 16, 0, 0},
202 {"CAMELLIA-128-CBC", GNUTLS_CIPHER_CAMELLIA_128_CBC, 16, 16, CIPHER_BLOCK,
203 16, 0, 0},
204 #endif
205
206 #ifdef ENABLE_OPENPGP
207 {"IDEA-PGP-CFB", GNUTLS_CIPHER_IDEA_PGP_CFB, 8, 16, CIPHER_BLOCK, 8, 0, 0},
208 {"3DES-PGP-CFB", GNUTLS_CIPHER_3DES_PGP_CFB, 8, 24, CIPHER_BLOCK, 8, 0, 0},
209 {"CAST5-PGP-CFB", GNUTLS_CIPHER_CAST5_PGP_CFB, 8, 16, CIPHER_BLOCK, 8, 0, 0},
210 {"BLOWFISH-PGP-CFB", GNUTLS_CIPHER_BLOWFISH_PGP_CFB, 8,
211 16 /*actually unlimited */ , CIPHER_BLOCK, 8, 0, 0},
212 {"SAFER-SK128-PGP-CFB", GNUTLS_CIPHER_SAFER_SK128_PGP_CFB, 8, 16,
213 CIPHER_BLOCK, 8, 0, 0},
214 {"AES-128-PGP-CFB", GNUTLS_CIPHER_AES128_PGP_CFB, 16, 16, CIPHER_BLOCK, 16,
215 0, 0},
216 {"AES-192-PGP-CFB", GNUTLS_CIPHER_AES192_PGP_CFB, 16, 24, CIPHER_BLOCK, 16,
217 0, 0},
218 {"AES-256-PGP-CFB", GNUTLS_CIPHER_AES256_PGP_CFB, 16, 32, CIPHER_BLOCK, 16,
219 0, 0},
220 {"TWOFISH-PGP-CFB", GNUTLS_CIPHER_TWOFISH_PGP_CFB, 16, 16, CIPHER_BLOCK, 16,
221 0, 0},
222 #endif
223 {"NULL", GNUTLS_CIPHER_NULL, 1, 0, CIPHER_STREAM, 0, 0, 0},
224 {0, 0, 0, 0, 0, 0, 0}
225 };
226
227 /* Keep the contents of this struct the same as the previous one. */
228 static const gnutls_cipher_algorithm_t supported_ciphers[] = {
229 GNUTLS_CIPHER_AES_256_CBC,
230 GNUTLS_CIPHER_AES_128_CBC,
231 GNUTLS_CIPHER_3DES_CBC,
232 GNUTLS_CIPHER_DES_CBC,
233 GNUTLS_CIPHER_ARCFOUR_128,
234 GNUTLS_CIPHER_ARCFOUR_40,
235 GNUTLS_CIPHER_RC2_40_CBC,
236 #ifdef ENABLE_CAMELLIA
237 GNUTLS_CIPHER_CAMELLIA_256_CBC,
238 GNUTLS_CIPHER_CAMELLIA_128_CBC,
239 #endif
240 GNUTLS_CIPHER_NULL,
241 0
242 };
243
244 #define GNUTLS_LOOP(b) \
245 const gnutls_cipher_entry *p; \
246 for(p = algorithms; p->name != NULL; p++) { b ; }
247
248 #define GNUTLS_ALG_LOOP(a) \
249 GNUTLS_LOOP( if(p->id == algorithm) { a; break; } )
250
251
252 struct gnutls_hash_entry
253 {
254 const char *name;
255 const char *oid;
256 gnutls_mac_algorithm_t id;
257 size_t key_size; /* in case of mac */
258 };
259 typedef struct gnutls_hash_entry gnutls_hash_entry;
260
261 static const gnutls_hash_entry hash_algorithms[] = {
262 {"SHA1", HASH_OID_SHA1, GNUTLS_MAC_SHA1, 20},
263 {"MD5", HASH_OID_MD5, GNUTLS_MAC_MD5, 16},
264 {"SHA256", HASH_OID_SHA256, GNUTLS_MAC_SHA256, 32},
265 {"SHA384", HASH_OID_SHA384, GNUTLS_MAC_SHA384, 48},
266 {"SHA512", HASH_OID_SHA512, GNUTLS_MAC_SHA512, 64},
267 {"SHA224", HASH_OID_SHA224, GNUTLS_MAC_SHA224, 28},
268 {"AEAD", NULL, GNUTLS_MAC_AEAD, 0},
269 {"MD2", HASH_OID_MD2, GNUTLS_MAC_MD2, 0}, /* not used as MAC */
270 {"RIPEMD160", HASH_OID_RMD160, GNUTLS_MAC_RMD160, 20},
271 {"MAC-NULL", NULL, GNUTLS_MAC_NULL, 0},
272 {0, 0, 0, 0}
273 };
274
275 /* Keep the contents of this struct the same as the previous one. */
276 static const gnutls_mac_algorithm_t supported_macs[] = {
277 GNUTLS_MAC_SHA1,
278 GNUTLS_MAC_MD5,
279 GNUTLS_MAC_SHA256,
280 GNUTLS_MAC_SHA384,
281 GNUTLS_MAC_SHA512,
282 GNUTLS_MAC_MD2,
283 GNUTLS_MAC_RMD160,
284 GNUTLS_MAC_NULL,
285 0
286 };
287
288 #define GNUTLS_HASH_LOOP(b) \
289 const gnutls_hash_entry *p; \
290 for(p = hash_algorithms; p->name != NULL; p++) { b ; }
291
292 #define GNUTLS_HASH_ALG_LOOP(a) \
293 GNUTLS_HASH_LOOP( if(p->id == algorithm) { a; break; } )
294
295 /* Key Exchange Section */
296
297
298 extern mod_auth_st rsa_auth_struct;
299 extern mod_auth_st rsa_export_auth_struct;
300 extern mod_auth_st dhe_rsa_auth_struct;
301 extern mod_auth_st dhe_dss_auth_struct;
302 extern mod_auth_st anon_auth_struct;
303 extern mod_auth_st srp_auth_struct;
304 extern mod_auth_st psk_auth_struct;
305 extern mod_auth_st dhe_psk_auth_struct;
306 extern mod_auth_st srp_rsa_auth_struct;
307 extern mod_auth_st srp_dss_auth_struct;
308
309 struct gnutls_kx_algo_entry
310 {
311 const char *name;
312 gnutls_kx_algorithm_t algorithm;
313 mod_auth_st *auth_struct;
314 int needs_dh_params;
315 int needs_rsa_params;
316 };
317 typedef struct gnutls_kx_algo_entry gnutls_kx_algo_entry;
318
319 static const gnutls_kx_algo_entry _gnutls_kx_algorithms[] = {
320 #ifdef ENABLE_ANON
321 {"ANON-DH", GNUTLS_KX_ANON_DH, &anon_auth_struct, 1, 0},
322 #endif
323 {"RSA", GNUTLS_KX_RSA, &rsa_auth_struct, 0, 0},
324 {"RSA-EXPORT", GNUTLS_KX_RSA_EXPORT, &rsa_export_auth_struct, 0,
325 1 /* needs RSA params */ },
326 {"DHE-RSA", GNUTLS_KX_DHE_RSA, &dhe_rsa_auth_struct, 1, 0},
327 {"DHE-DSS", GNUTLS_KX_DHE_DSS, &dhe_dss_auth_struct, 1, 0},
328
329 #ifdef ENABLE_SRP
330 {"SRP-DSS", GNUTLS_KX_SRP_DSS, &srp_dss_auth_struct, 0, 0},
331 {"SRP-RSA", GNUTLS_KX_SRP_RSA, &srp_rsa_auth_struct, 0, 0},
332 {"SRP", GNUTLS_KX_SRP, &srp_auth_struct, 0, 0},
333 #endif
334 #ifdef ENABLE_PSK
335 {"PSK", GNUTLS_KX_PSK, &psk_auth_struct, 0, 0},
336 {"DHE-PSK", GNUTLS_KX_DHE_PSK, &dhe_psk_auth_struct,
337 1 /* needs DHE params */ , 0},
338 #endif
339 {0, 0, 0, 0, 0}
340 };
341
342 /* Keep the contents of this struct the same as the previous one. */
343 static const gnutls_kx_algorithm_t supported_kxs[] = {
344 #ifdef ENABLE_ANON
345 GNUTLS_KX_ANON_DH,
346 #endif
347 GNUTLS_KX_RSA,
348 GNUTLS_KX_RSA_EXPORT,
349 GNUTLS_KX_DHE_RSA,
350 GNUTLS_KX_DHE_DSS,
351 #ifdef ENABLE_SRP
352 GNUTLS_KX_SRP_DSS,
353 GNUTLS_KX_SRP_RSA,
354 GNUTLS_KX_SRP,
355 #endif
356 #ifdef ENABLE_PSK
357 GNUTLS_KX_PSK,
358 GNUTLS_KX_DHE_PSK,
359 #endif
360 0
361 };
362
363 #define GNUTLS_KX_LOOP(b) \
364 const gnutls_kx_algo_entry *p; \
365 for(p = _gnutls_kx_algorithms; p->name != NULL; p++) { b ; }
366
367 #define GNUTLS_KX_ALG_LOOP(a) \
368 GNUTLS_KX_LOOP( if(p->algorithm == algorithm) { a; break; } )
369
370
371
372 /* Cipher SUITES */
373 #define GNUTLS_CIPHER_SUITE_ENTRY( name, block_algorithm, kx_algorithm, mac_algorithm, min_version, max_version, dtls ) \
374 { #name, {name}, block_algorithm, kx_algorithm, mac_algorithm, min_version, max_version, dtls}
375
376 typedef struct
377 {
378 const char *name;
379 cipher_suite_st id;
380 gnutls_cipher_algorithm_t block_algorithm;
381 gnutls_kx_algorithm_t kx_algorithm;
382 gnutls_mac_algorithm_t mac_algorithm;
383 gnutls_protocol_t min_version; /* this cipher suite is supported
384 * from 'version' and above;
385 */
386 gnutls_protocol_t max_version; /* this cipher suite is not supported after that */
387 int dtls:1; /* whether this ciphersuite is valid in DTLS */
388 } gnutls_cipher_suite_entry;
389
390 /* RSA with NULL cipher and MD5 MAC
391 * for test purposes.
392 */
393 #define GNUTLS_RSA_NULL_MD5 { 0x00, 0x01 }
394 #define GNUTLS_RSA_NULL_SHA1 { 0x00, 0x02 }
395 #define GNUTLS_RSA_NULL_SHA256 { 0x00, 0x3B }
396
397 /* ANONymous cipher suites.
398 */
399
400 #define GNUTLS_ANON_DH_3DES_EDE_CBC_SHA1 { 0x00, 0x1B }
401 #define GNUTLS_ANON_DH_ARCFOUR_MD5 { 0x00, 0x18 }
402
403 /* rfc3268: */
404 #define GNUTLS_ANON_DH_AES_128_CBC_SHA1 { 0x00, 0x34 }
405 #define GNUTLS_ANON_DH_AES_256_CBC_SHA1 { 0x00, 0x3A }
406
407 /* rfc4132 */
408 #ifdef ENABLE_CAMELLIA
409 #define GNUTLS_ANON_DH_CAMELLIA_128_CBC_SHA1 { 0x00,0x46 }
410 #define GNUTLS_ANON_DH_CAMELLIA_256_CBC_SHA1 { 0x00,0x89 }
411 #endif
412
413 #define GNUTLS_ANON_DH_AES_128_CBC_SHA256 { 0x00, 0x6C }
414 #define GNUTLS_ANON_DH_AES_256_CBC_SHA256 { 0x00, 0x6D }
415
416 /* PSK (not in TLS 1.0)
417 * draft-ietf-tls-psk:
418 */
419 #define GNUTLS_PSK_SHA_ARCFOUR_SHA1 { 0x00, 0x8A }
420 #define GNUTLS_PSK_SHA_3DES_EDE_CBC_SHA1 { 0x00, 0x8B }
421 #define GNUTLS_PSK_SHA_AES_128_CBC_SHA1 { 0x00, 0x8C }
422 #define GNUTLS_PSK_SHA_AES_256_CBC_SHA1 { 0x00, 0x8D }
423
424 #define GNUTLS_DHE_PSK_SHA_ARCFOUR_SHA1 { 0x00, 0x8E }
425 #define GNUTLS_DHE_PSK_SHA_3DES_EDE_CBC_SHA1 { 0x00, 0x8F }
426 #define GNUTLS_DHE_PSK_SHA_AES_128_CBC_SHA1 { 0x00, 0x90 }
427 #define GNUTLS_DHE_PSK_SHA_AES_256_CBC_SHA1 { 0x00, 0x91 }
428
429
430 /* SRP (rfc5054)
431 */
432 #define GNUTLS_SRP_SHA_3DES_EDE_CBC_SHA1 { 0xC0, 0x1A }
433 #define GNUTLS_SRP_SHA_RSA_3DES_EDE_CBC_SHA1 { 0xC0, 0x1B }
434 #define GNUTLS_SRP_SHA_DSS_3DES_EDE_CBC_SHA1 { 0xC0, 0x1C }
435
436 #define GNUTLS_SRP_SHA_AES_128_CBC_SHA1 { 0xC0, 0x1D }
437 #define GNUTLS_SRP_SHA_RSA_AES_128_CBC_SHA1 { 0xC0, 0x1E }
438 #define GNUTLS_SRP_SHA_DSS_AES_128_CBC_SHA1 { 0xC0, 0x1F }
439
440 #define GNUTLS_SRP_SHA_AES_256_CBC_SHA1 { 0xC0, 0x20 }
441 #define GNUTLS_SRP_SHA_RSA_AES_256_CBC_SHA1 { 0xC0, 0x21 }
442 #define GNUTLS_SRP_SHA_DSS_AES_256_CBC_SHA1 { 0xC0, 0x22 }
443
444 /* RSA
445 */
446 #define GNUTLS_RSA_ARCFOUR_SHA1 { 0x00, 0x05 }
447 #define GNUTLS_RSA_ARCFOUR_MD5 { 0x00, 0x04 }
448 #define GNUTLS_RSA_3DES_EDE_CBC_SHA1 { 0x00, 0x0A }
449
450 #define GNUTLS_RSA_EXPORT_ARCFOUR_40_MD5 { 0x00, 0x03 }
451
452 /* rfc3268:
453 */
454 #define GNUTLS_RSA_AES_128_CBC_SHA1 { 0x00, 0x2F }
455 #define GNUTLS_RSA_AES_256_CBC_SHA1 { 0x00, 0x35 }
456
457 /* rfc4132 */
458 #ifdef ENABLE_CAMELLIA
459 #define GNUTLS_RSA_CAMELLIA_128_CBC_SHA1 { 0x00,0x41 }
460 #define GNUTLS_RSA_CAMELLIA_256_CBC_SHA1 { 0x00,0x84 }
461 #endif
462
463 #define GNUTLS_RSA_AES_128_CBC_SHA256 { 0x00, 0x3C }
464 #define GNUTLS_RSA_AES_256_CBC_SHA256 { 0x00, 0x3D }
465
466 /* DHE DSS
467 */
468
469 #define GNUTLS_DHE_DSS_3DES_EDE_CBC_SHA1 { 0x00, 0x13 }
470
471
472 /* draft-ietf-tls-56-bit-ciphersuites-01:
473 */
474 #define GNUTLS_DHE_DSS_ARCFOUR_SHA1 { 0x00, 0x66 }
475
476
477 /* rfc3268:
478 */
479 #define GNUTLS_DHE_DSS_AES_256_CBC_SHA1 { 0x00, 0x38 }
480 #define GNUTLS_DHE_DSS_AES_128_CBC_SHA1 { 0x00, 0x32 }
481
482 /* rfc4132 */
483 #ifdef ENABLE_CAMELLIA
484 #define GNUTLS_DHE_DSS_CAMELLIA_128_CBC_SHA1 { 0x00,0x44 }
485 #define GNUTLS_DHE_DSS_CAMELLIA_256_CBC_SHA1 { 0x00,0x87 }
486 #endif
487
488 #define GNUTLS_DHE_DSS_AES_128_CBC_SHA256 { 0x00, 0x40 }
489 #define GNUTLS_DHE_DSS_AES_256_CBC_SHA256 { 0x00, 0x6A }
490
491 /* DHE RSA
492 */
493 #define GNUTLS_DHE_RSA_3DES_EDE_CBC_SHA1 { 0x00, 0x16 }
494
495 /* rfc3268:
496 */
497 #define GNUTLS_DHE_RSA_AES_128_CBC_SHA1 { 0x00, 0x33 }
498 #define GNUTLS_DHE_RSA_AES_256_CBC_SHA1 { 0x00, 0x39 }
499
500 /* rfc4132 */
501 #ifdef ENABLE_CAMELLIA
502 #define GNUTLS_DHE_RSA_CAMELLIA_128_CBC_SHA1 { 0x00,0x45 }
503 #define GNUTLS_DHE_RSA_CAMELLIA_256_CBC_SHA1 { 0x00,0x88 }
504 #endif
505
506 #define GNUTLS_DHE_RSA_AES_128_CBC_SHA256 { 0x00, 0x67 }
507 #define GNUTLS_DHE_RSA_AES_256_CBC_SHA256 { 0x00, 0x6B }
508
509 /* GCM: RFC5288 */
510 #define GNUTLS_RSA_AES_128_GCM_SHA256 { 0x00, 0x9C }
511 #define GNUTLS_DHE_RSA_AES_128_GCM_SHA256 {0x00,0x9E}
512 #define GNUTLS_DHE_DSS_AES_128_GCM_SHA256 {0x00,0xA2}
513 #define GNUTLS_DH_ANON_AES_128_GCM_SHA256 {0x00,0xA6}
514
515 /* RFC 5487 */
516 /* GCM-PSK */
517 #define GNUTLS_PSK_AES_128_GCM_SHA256 { 0x00, 0xA8 }
518 #define GNUTLS_DHE_PSK_AES_128_GCM_SHA256 { 0x00, 0xAA }
519
520 /* PSK - SHA256 HMAC */
521 #define GNUTLS_PSK_AES_128_CBC_SHA256 { 0x00, 0xAE }
522 #define GNUTLS_DHE_PSK_AES_128_CBC_SHA256 { 0x00, 0xB2 }
523
524 #define GNUTLS_PSK_NULL_SHA256 { 0x00, 0xB0 }
525 #define GNUTLS_DHE_PSK_NULL_SHA256 { 0x00, 0xB4 }
526
527 /* Safe renegotiation */
528
529 #define CIPHER_SUITES_COUNT sizeof(cs_algorithms)/sizeof(gnutls_cipher_suite_entry)-1
530
531 /* FIXME: what we don't handle here is TLS 1.2 requirement
532 * that each ciphersuite has it's own PRF algorithm. Now we
533 * assume that each one uses the SHA-256 PRF in TLS 1.2.
534 */
535
536 static const gnutls_cipher_suite_entry cs_algorithms[] = {
537 /* ANON_DH */
538 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ANON_DH_ARCFOUR_MD5,
539 GNUTLS_CIPHER_ARCFOUR_128,
540 GNUTLS_KX_ANON_DH, GNUTLS_MAC_MD5,
541 GNUTLS_SSL3, GNUTLS_VERSION_MAX, 0),
542 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ANON_DH_3DES_EDE_CBC_SHA1,
543 GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_ANON_DH,
544 GNUTLS_MAC_SHA1, GNUTLS_SSL3,
545 GNUTLS_VERSION_MAX, 1),
546 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ANON_DH_AES_128_CBC_SHA1,
547 GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_ANON_DH,
548 GNUTLS_MAC_SHA1, GNUTLS_SSL3,
549 GNUTLS_VERSION_MAX, ),
550 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ANON_DH_AES_256_CBC_SHA1,
551 GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_ANON_DH,
552 GNUTLS_MAC_SHA1, GNUTLS_SSL3,
553 GNUTLS_VERSION_MAX, 1),
554 #ifdef ENABLE_CAMELLIA
555 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ANON_DH_CAMELLIA_128_CBC_SHA1,
556 GNUTLS_CIPHER_CAMELLIA_128_CBC,
557 GNUTLS_KX_ANON_DH,
558 GNUTLS_MAC_SHA1, GNUTLS_TLS1,
559 GNUTLS_VERSION_MAX, 1),
560 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ANON_DH_CAMELLIA_256_CBC_SHA1,
561 GNUTLS_CIPHER_CAMELLIA_256_CBC,
562 GNUTLS_KX_ANON_DH,
563 GNUTLS_MAC_SHA1, GNUTLS_TLS1,
564 GNUTLS_VERSION_MAX, 1),
565 #endif
566 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ANON_DH_AES_128_CBC_SHA256,
567 GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_ANON_DH,
568 GNUTLS_MAC_SHA256, GNUTLS_TLS1_2,
569 GNUTLS_VERSION_MAX, 1),
570 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ANON_DH_AES_256_CBC_SHA256,
571 GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_ANON_DH,
572 GNUTLS_MAC_SHA256, GNUTLS_TLS1_2,
573 GNUTLS_VERSION_MAX, 1),
574
575 /* PSK */
576 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_PSK_SHA_ARCFOUR_SHA1,
577 GNUTLS_CIPHER_ARCFOUR, GNUTLS_KX_PSK,
578 GNUTLS_MAC_SHA1, GNUTLS_TLS1,
579 GNUTLS_VERSION_MAX, 0),
580 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_PSK_SHA_3DES_EDE_CBC_SHA1,
581 GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_PSK,
582 GNUTLS_MAC_SHA1, GNUTLS_TLS1,
583 GNUTLS_VERSION_MAX, 1),
584 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_PSK_SHA_AES_128_CBC_SHA1,
585 GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_PSK,
586 GNUTLS_MAC_SHA1, GNUTLS_TLS1,
587 GNUTLS_VERSION_MAX, 1),
588 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_PSK_SHA_AES_256_CBC_SHA1,
589 GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_PSK,
590 GNUTLS_MAC_SHA1, GNUTLS_TLS1,
591 GNUTLS_VERSION_MAX, 1),
592 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_PSK_AES_128_CBC_SHA256,
593 GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_PSK,
594 GNUTLS_MAC_SHA256, GNUTLS_TLS1,
595 GNUTLS_VERSION_MAX, 1),
596 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_PSK_AES_128_GCM_SHA256,
597 GNUTLS_CIPHER_AES_128_GCM, GNUTLS_KX_PSK,
598 GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
599 GNUTLS_VERSION_MAX, 1),
600 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_PSK_NULL_SHA256,
601 GNUTLS_CIPHER_NULL, GNUTLS_KX_PSK,
602 GNUTLS_MAC_SHA256, GNUTLS_TLS1,
603 GNUTLS_VERSION_MAX, 1),
604
605 /* DHE-PSK */
606 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_PSK_SHA_ARCFOUR_SHA1,
607 GNUTLS_CIPHER_ARCFOUR, GNUTLS_KX_DHE_PSK,
608 GNUTLS_MAC_SHA1, GNUTLS_TLS1,
609 GNUTLS_VERSION_MAX, 0),
610 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_PSK_SHA_3DES_EDE_CBC_SHA1,
611 GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_DHE_PSK,
612 GNUTLS_MAC_SHA1, GNUTLS_TLS1,
613 GNUTLS_VERSION_MAX, 1),
614 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_PSK_SHA_AES_128_CBC_SHA1,
615 GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_DHE_PSK,
616 GNUTLS_MAC_SHA1, GNUTLS_TLS1,
617 GNUTLS_VERSION_MAX, 1),
618 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_PSK_SHA_AES_256_CBC_SHA1,
619 GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_DHE_PSK,
620 GNUTLS_MAC_SHA1, GNUTLS_TLS1,
621 GNUTLS_VERSION_MAX, 1),
622 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_PSK_AES_128_CBC_SHA256,
623 GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_DHE_PSK,
624 GNUTLS_MAC_SHA256, GNUTLS_TLS1,
625 GNUTLS_VERSION_MAX, 1),
626 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_PSK_AES_128_GCM_SHA256,
627 GNUTLS_CIPHER_AES_128_GCM, GNUTLS_KX_DHE_PSK,
628 GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
629 GNUTLS_VERSION_MAX, 1),
630 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_PSK_NULL_SHA256,
631 GNUTLS_CIPHER_NULL, GNUTLS_KX_DHE_PSK,
632 GNUTLS_MAC_SHA256, GNUTLS_TLS1,
633 GNUTLS_VERSION_MAX, 1),
634
635 /* SRP */
636 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_3DES_EDE_CBC_SHA1,
637 GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_SRP,
638 GNUTLS_MAC_SHA1, GNUTLS_TLS1,
639 GNUTLS_VERSION_MAX, 1),
640 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_AES_128_CBC_SHA1,
641 GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_SRP,
642 GNUTLS_MAC_SHA1, GNUTLS_TLS1,
643 GNUTLS_VERSION_MAX, 1),
644 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_AES_256_CBC_SHA1,
645 GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_SRP,
646 GNUTLS_MAC_SHA1, GNUTLS_TLS1,
647 GNUTLS_VERSION_MAX, 1),
648
649 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_DSS_3DES_EDE_CBC_SHA1,
650 GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_SRP_DSS,
651 GNUTLS_MAC_SHA1, GNUTLS_TLS1,
652 GNUTLS_VERSION_MAX, 1),
653
654 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_RSA_3DES_EDE_CBC_SHA1,
655 GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_SRP_RSA,
656 GNUTLS_MAC_SHA1, GNUTLS_TLS1,
657 GNUTLS_VERSION_MAX, 1),
658
659 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_DSS_AES_128_CBC_SHA1,
660 GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_SRP_DSS,
661 GNUTLS_MAC_SHA1, GNUTLS_TLS1,
662 GNUTLS_VERSION_MAX, 1),
663
664 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_RSA_AES_128_CBC_SHA1,
665 GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_SRP_RSA,
666 GNUTLS_MAC_SHA1, GNUTLS_TLS1,
667 GNUTLS_VERSION_MAX, 1),
668
669 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_DSS_AES_256_CBC_SHA1,
670 GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_SRP_DSS,
671 GNUTLS_MAC_SHA1, GNUTLS_TLS1,
672 GNUTLS_VERSION_MAX, 1),
673
674 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_RSA_AES_256_CBC_SHA1,
675 GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_SRP_RSA,
676 GNUTLS_MAC_SHA1, GNUTLS_TLS1,
677 GNUTLS_VERSION_MAX, 1),
678
679 /* DHE_DSS */
680 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_ARCFOUR_SHA1,
681 GNUTLS_CIPHER_ARCFOUR_128, GNUTLS_KX_DHE_DSS,
682 GNUTLS_MAC_SHA1, GNUTLS_TLS1,
683 GNUTLS_VERSION_MAX, 0),
684 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_3DES_EDE_CBC_SHA1,
685 GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_DHE_DSS,
686 GNUTLS_MAC_SHA1, GNUTLS_SSL3,
687 GNUTLS_VERSION_MAX, 1),
688 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_AES_128_CBC_SHA1,
689 GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_DHE_DSS,
690 GNUTLS_MAC_SHA1, GNUTLS_SSL3,
691 GNUTLS_VERSION_MAX, 1),
692 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_AES_256_CBC_SHA1,
693 GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_DHE_DSS,
694 GNUTLS_MAC_SHA1, GNUTLS_SSL3,
695 GNUTLS_VERSION_MAX, 1),
696 #ifdef ENABLE_CAMELLIA
697 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_CAMELLIA_128_CBC_SHA1,
698 GNUTLS_CIPHER_CAMELLIA_128_CBC,
699 GNUTLS_KX_DHE_DSS,
700 GNUTLS_MAC_SHA1, GNUTLS_TLS1,
701 GNUTLS_VERSION_MAX, 1),
702 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_CAMELLIA_256_CBC_SHA1,
703 GNUTLS_CIPHER_CAMELLIA_256_CBC,
704 GNUTLS_KX_DHE_DSS,
705 GNUTLS_MAC_SHA1, GNUTLS_TLS1,
706 GNUTLS_VERSION_MAX, 1),
707 #endif
708 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_AES_128_CBC_SHA256,
709 GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_DHE_DSS,
710 GNUTLS_MAC_SHA256, GNUTLS_TLS1_2,
711 GNUTLS_VERSION_MAX, 1),
712 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_AES_256_CBC_SHA256,
713 GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_DHE_DSS,
714 GNUTLS_MAC_SHA256, GNUTLS_TLS1_2,
715 GNUTLS_VERSION_MAX, 1),
716 /* DHE_RSA */
717 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_RSA_3DES_EDE_CBC_SHA1,
718 GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_DHE_RSA,
719 GNUTLS_MAC_SHA1, GNUTLS_SSL3,
720 GNUTLS_VERSION_MAX, 1),
721 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_RSA_AES_128_CBC_SHA1,
722 GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_DHE_RSA,
723 GNUTLS_MAC_SHA1, GNUTLS_SSL3,
724 GNUTLS_VERSION_MAX, 1),
725 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_RSA_AES_256_CBC_SHA1,
726 GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_DHE_RSA,
727 GNUTLS_MAC_SHA1, GNUTLS_SSL3,
728 GNUTLS_VERSION_MAX, 1),
729 #ifdef ENABLE_CAMELLIA
730 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_RSA_CAMELLIA_128_CBC_SHA1,
731 GNUTLS_CIPHER_CAMELLIA_128_CBC,
732 GNUTLS_KX_DHE_RSA,
733 GNUTLS_MAC_SHA1, GNUTLS_TLS1,
734 GNUTLS_VERSION_MAX, 1),
735 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_RSA_CAMELLIA_256_CBC_SHA1,
736 GNUTLS_CIPHER_CAMELLIA_256_CBC,
737 GNUTLS_KX_DHE_RSA,
738 GNUTLS_MAC_SHA1, GNUTLS_TLS1,
739 GNUTLS_VERSION_MAX, 1),
740 #endif
741 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_RSA_AES_128_CBC_SHA256,
742 GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_DHE_RSA,
743 GNUTLS_MAC_SHA256, GNUTLS_TLS1_2,
744 GNUTLS_VERSION_MAX, 1),
745 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_RSA_AES_256_CBC_SHA256,
746 GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_DHE_RSA,
747 GNUTLS_MAC_SHA256, GNUTLS_TLS1_2,
748 GNUTLS_VERSION_MAX, 1),
749 /* RSA-NULL */
750 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_NULL_MD5,
751 GNUTLS_CIPHER_NULL,
752 GNUTLS_KX_RSA, GNUTLS_MAC_MD5, GNUTLS_SSL3,
753 GNUTLS_VERSION_MAX, 1),
754 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_NULL_SHA1,
755 GNUTLS_CIPHER_NULL,
756 GNUTLS_KX_RSA, GNUTLS_MAC_SHA1, GNUTLS_SSL3,
757 GNUTLS_VERSION_MAX, 1),
758 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_NULL_SHA256,
759 GNUTLS_CIPHER_NULL,
760 GNUTLS_KX_RSA, GNUTLS_MAC_SHA256, GNUTLS_TLS1_2,
761 GNUTLS_VERSION_MAX, 1),
762
763 /* RSA-EXPORT */
764 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_EXPORT_ARCFOUR_40_MD5,
765 GNUTLS_CIPHER_ARCFOUR_40,
766 GNUTLS_KX_RSA_EXPORT, GNUTLS_MAC_MD5,
767 GNUTLS_SSL3, GNUTLS_TLS1_0, 0),
768
769 /* RSA */
770 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_ARCFOUR_SHA1,
771 GNUTLS_CIPHER_ARCFOUR_128,
772 GNUTLS_KX_RSA, GNUTLS_MAC_SHA1, GNUTLS_SSL3,
773 GNUTLS_VERSION_MAX, 0),
774 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_ARCFOUR_MD5,
775 GNUTLS_CIPHER_ARCFOUR_128,
776 GNUTLS_KX_RSA, GNUTLS_MAC_MD5, GNUTLS_SSL3,
777 GNUTLS_VERSION_MAX, 0),
778 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_3DES_EDE_CBC_SHA1,
779 GNUTLS_CIPHER_3DES_CBC,
780 GNUTLS_KX_RSA, GNUTLS_MAC_SHA1, GNUTLS_SSL3,
781 GNUTLS_VERSION_MAX, 1),
782 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_AES_128_CBC_SHA1,
783 GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_RSA,
784 GNUTLS_MAC_SHA1, GNUTLS_SSL3,
785 GNUTLS_VERSION_MAX, 1),
786 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_AES_256_CBC_SHA1,
787 GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_RSA,
788 GNUTLS_MAC_SHA1, GNUTLS_SSL3,
789 GNUTLS_VERSION_MAX, 1),
790 #ifdef ENABLE_CAMELLIA
791 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_CAMELLIA_128_CBC_SHA1,
792 GNUTLS_CIPHER_CAMELLIA_128_CBC, GNUTLS_KX_RSA,
793 GNUTLS_MAC_SHA1, GNUTLS_TLS1,
794 GNUTLS_VERSION_MAX, 1),
795 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_CAMELLIA_256_CBC_SHA1,
796 GNUTLS_CIPHER_CAMELLIA_256_CBC, GNUTLS_KX_RSA,
797 GNUTLS_MAC_SHA1, GNUTLS_TLS1,
798 GNUTLS_VERSION_MAX, 1),
799 #endif
800 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_AES_128_CBC_SHA256,
801 GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_RSA,
802 GNUTLS_MAC_SHA256, GNUTLS_TLS1_2,
803 GNUTLS_VERSION_MAX, 1),
804 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_AES_256_CBC_SHA256,
805 GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_RSA,
806 GNUTLS_MAC_SHA256, GNUTLS_TLS1_2,
807 GNUTLS_VERSION_MAX, 1),
808 /* GCM */
809 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_AES_128_GCM_SHA256,
810 GNUTLS_CIPHER_AES_128_GCM, GNUTLS_KX_RSA,
811 GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
812 GNUTLS_VERSION_MAX, 1),
813 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_RSA_AES_128_GCM_SHA256,
814 GNUTLS_CIPHER_AES_128_GCM, GNUTLS_KX_DHE_RSA,
815 GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
816 GNUTLS_VERSION_MAX, 1),
817 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_AES_128_GCM_SHA256,
818 GNUTLS_CIPHER_AES_128_GCM, GNUTLS_KX_DHE_DSS,
819 GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
820 GNUTLS_VERSION_MAX, 1),
821 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DH_ANON_AES_128_GCM_SHA256,
822 GNUTLS_CIPHER_AES_128_GCM, GNUTLS_KX_ANON_DH,
823 GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
824 GNUTLS_VERSION_MAX, 1),
825
826 {0, {{0, 0}}, 0, 0, 0, 0, 0, 0}
827 };
828
829 #define GNUTLS_CIPHER_SUITE_LOOP(b) \
830 const gnutls_cipher_suite_entry *p; \
831 for(p = cs_algorithms; p->name != NULL; p++) { b ; }
832
833 #define GNUTLS_CIPHER_SUITE_ALG_LOOP(a) \
834 GNUTLS_CIPHER_SUITE_LOOP( if( (p->id.suite[0] == suite->suite[0]) && (p->id.suite[1] == suite->suite[1])) { a; break; } )
835
836
837
838 /* Generic Functions */
839
840 int
841 _gnutls_mac_priority (gnutls_session_t session,
842 gnutls_mac_algorithm_t algorithm)
843 { /* actually returns the priority */
844 unsigned int i;
845 for (i = 0; i < session->internals.priorities.mac.algorithms; i++)
846 {
847 if (session->internals.priorities.mac.priority[i] == algorithm)
848 return i;
849 }
850 return -1;
851 }
852
853 /**
854 * gnutls_mac_get_name:
855 * @algorithm: is a MAC algorithm
856 *
857 * Convert a #gnutls_mac_algorithm_t value to a string.
858 *
859 * Returns: a string that contains the name of the specified MAC
860 * algorithm, or %NULL.
861 **/
862 const char *
863 gnutls_mac_get_name (gnutls_mac_algorithm_t algorithm)
864 {
865 const char *ret = NULL;
866
867 /* avoid prefix */
868 GNUTLS_HASH_ALG_LOOP (ret = p->name);
869
870 return ret;
871 }
872
873 /**
874 * gnutls_mac_get_id:
875 * @name: is a MAC algorithm name
876 *
877 * Convert a string to a #gnutls_mac_algorithm_t value. The names are
878 * compared in a case insensitive way.
879 *
880 * Returns: a #gnutls_mac_algorithm_t id of the specified MAC
881 * algorithm string, or %GNUTLS_MAC_UNKNOWN on failures.
882 **/
883 gnutls_mac_algorithm_t
884 gnutls_mac_get_id (const char *name)
885 {
886 gnutls_mac_algorithm_t ret = GNUTLS_MAC_UNKNOWN;
887
888 GNUTLS_HASH_LOOP (if (strcasecmp (p->name, name) == 0) ret = p->id);
889
890 return ret;
891 }
892
893 /**
894 * gnutls_mac_get_key_size:
895 * @algorithm: is an encryption algorithm
896 *
897 * Get size of MAC key.
898 *
899 * Returns: length (in bytes) of the given MAC key size, or 0 if the
900 * given MAC algorithm is invalid.
901 **/
902 size_t
903 gnutls_mac_get_key_size (gnutls_mac_algorithm_t algorithm)
904 {
905 size_t ret = 0;
906
907 /* avoid prefix */
908 GNUTLS_HASH_ALG_LOOP (ret = p->key_size);
909
910 return ret;
911 }
912
913 /**
914 * gnutls_mac_list:
915 *
916 * Get a list of hash algorithms for use as MACs. Note that not
917 * necessarily all MACs are supported in TLS cipher suites. For
918 * example, MD2 is not supported as a cipher suite, but is supported
919 * for other purposes (e.g., X.509 signature verification or similar).
920 *
921 * Returns: Return a zero-terminated list of #gnutls_mac_algorithm_t
922 * integers indicating the available MACs.
923 **/
924 const gnutls_mac_algorithm_t *
925 gnutls_mac_list (void)
926 {
927 return supported_macs;
928 }
929
930 const char *
931 _gnutls_x509_mac_to_oid (gnutls_mac_algorithm_t algorithm)
932 {
933 const char *ret = NULL;
934
935 /* avoid prefix */
936 GNUTLS_HASH_ALG_LOOP (ret = p->oid);
937
938 return ret;
939 }
940
941 gnutls_mac_algorithm_t
942 _gnutls_x509_oid2mac_algorithm (const char *oid)
943 {
944 gnutls_mac_algorithm_t ret = 0;
945
946 GNUTLS_HASH_LOOP (if (p->oid && strcmp (oid, p->oid) == 0)
947 {
948 ret = p->id; break;}
949 );
950
951 if (ret == 0)
952 return GNUTLS_MAC_UNKNOWN;
953 return ret;
954 }
955
956
957 int
958 _gnutls_mac_is_ok (gnutls_mac_algorithm_t algorithm)
959 {
960 ssize_t ret = -1;
961 GNUTLS_HASH_ALG_LOOP (ret = p->id);
962 if (ret >= 0)
963 ret = 0;
964 else
965 ret = 1;
966 return ret;
967 }
968
969 /* CIPHER functions */
970
971 /**
972 * gnutls_cipher_get_block_size:
973 * @algorithm: is an encryption algorithm
974 *
975 * Get block size for encryption algorithm.
976 *
977 * Returns: block size for encryption algorithm.
978 *
979 * Since: 2.10.0
980 **/
981 int
982 gnutls_cipher_get_block_size (gnutls_cipher_algorithm_t algorithm)
983 {
984 size_t ret = 0;
985 GNUTLS_ALG_LOOP (ret = p->blocksize);
986 return ret;
987
988 }
989
990 /* returns the priority */
991 int
992 _gnutls_cipher_priority (gnutls_session_t session,
993 gnutls_cipher_algorithm_t algorithm)
994 {
995 unsigned int i;
996 for (i = 0; i < session->internals.priorities.cipher.algorithms; i++)
997 {
998 if (session->internals.priorities.cipher.priority[i] == algorithm)
999 return i;
1000 }
1001 return -1;
1002 }
1003
1004
1005 int
1006 _gnutls_cipher_is_block (gnutls_cipher_algorithm_t algorithm)
1007 {
1008 size_t ret = 0;
1009
1010 GNUTLS_ALG_LOOP (ret = p->block);
1011 return ret;
1012
1013 }
1014
1015 int
1016 _gnutls_cipher_algo_is_aead (gnutls_cipher_algorithm_t algorithm)
1017 {
1018 size_t ret = 0;
1019
1020 GNUTLS_ALG_LOOP (ret = p->auth);
1021 return ret;
1022
1023 }
1024
1025 /**
1026 * gnutls_cipher_get_key_size:
1027 * @algorithm: is an encryption algorithm
1028 *
1029 * Get key size for cipher.
1030 *
1031 * Returns: length (in bytes) of the given cipher's key size, or 0 if
1032 * the given cipher is invalid.
1033 **/
1034 size_t
1035 gnutls_cipher_get_key_size (gnutls_cipher_algorithm_t algorithm)
1036 { /* In bytes */
1037 size_t ret = 0;
1038 GNUTLS_ALG_LOOP (ret = p->keysize);
1039 return ret;
1040
1041 }
1042
1043 int
1044 _gnutls_cipher_get_iv_size (gnutls_cipher_algorithm_t algorithm)
1045 { /* In bytes */
1046 size_t ret = 0;
1047 GNUTLS_ALG_LOOP (ret = p->iv);
1048 return ret;
1049
1050 }
1051
1052 int
1053 _gnutls_cipher_get_export_flag (gnutls_cipher_algorithm_t algorithm)
1054 { /* In bytes */
1055 size_t ret = 0;
1056 GNUTLS_ALG_LOOP (ret = p->export_flag);
1057 return ret;
1058
1059 }
1060
1061 /**
1062 * gnutls_cipher_get_name:
1063 * @algorithm: is an encryption algorithm
1064 *
1065 * Convert a #gnutls_cipher_algorithm_t type to a string.
1066 *
1067 * Returns: a pointer to a string that contains the name of the
1068 * specified cipher, or %NULL.
1069 **/
1070 const char *
1071 gnutls_cipher_get_name (gnutls_cipher_algorithm_t algorithm)
1072 {
1073 const char *ret = NULL;
1074
1075 /* avoid prefix */
1076 GNUTLS_ALG_LOOP (ret = p->name);
1077
1078 return ret;
1079 }
1080
1081 /**
1082 * gnutls_cipher_get_id:
1083 * @name: is a MAC algorithm name
1084 *
1085 * The names are compared in a case insensitive way.
1086 *
1087 * Returns: return a #gnutls_cipher_algorithm_t value corresponding to
1088 * the specified cipher, or %GNUTLS_CIPHER_UNKNOWN on error.
1089 **/
1090 gnutls_cipher_algorithm_t
1091 gnutls_cipher_get_id (const char *name)
1092 {
1093 gnutls_cipher_algorithm_t ret = GNUTLS_CIPHER_UNKNOWN;
1094
1095 GNUTLS_LOOP (if (strcasecmp (p->name, name) == 0) ret = p->id);
1096
1097 return ret;
1098 }
1099
1100 /**
1101 * gnutls_cipher_list:
1102 *
1103 * Get a list of supported cipher algorithms. Note that not
1104 * necessarily all ciphers are supported as TLS cipher suites. For
1105 * example, DES is not supported as a cipher suite, but is supported
1106 * for other purposes (e.g., PKCS#8 or similar).
1107 *
1108 * Returns: a zero-terminated list of #gnutls_cipher_algorithm_t
1109 * integers indicating the available ciphers.
1110 *
1111 **/
1112 const gnutls_cipher_algorithm_t *
1113 gnutls_cipher_list (void)
1114 {
1115 return supported_ciphers;
1116 }
1117
1118 int
1119 _gnutls_cipher_is_ok (gnutls_cipher_algorithm_t algorithm)
1120 {
1121 ssize_t ret = -1;
1122 GNUTLS_ALG_LOOP (ret = p->id);
1123 if (ret >= 0)
1124 ret = 0;
1125 else
1126 ret = 1;
1127 return ret;
1128 }
1129
1130 /* Key EXCHANGE functions */
1131 mod_auth_st *
1132 _gnutls_kx_auth_struct (gnutls_kx_algorithm_t algorithm)
1133 {
1134 mod_auth_st *ret = NULL;
1135 GNUTLS_KX_ALG_LOOP (ret = p->auth_struct);
1136 return ret;
1137
1138 }
1139
1140
1141 int
1142 _gnutls_kx_priority (gnutls_session_t session,
1143 gnutls_kx_algorithm_t algorithm)
1144 {
1145 unsigned int i;
1146 for (i = 0; i < session->internals.priorities.kx.algorithms; i++)
1147 {
1148 if (session->internals.priorities.kx.priority[i] == algorithm)
1149 return i;
1150 }
1151 return -1;
1152 }
1153
1154 /**
1155 * gnutls_kx_get_name:
1156 * @algorithm: is a key exchange algorithm
1157 *
1158 * Convert a #gnutls_kx_algorithm_t value to a string.
1159 *
1160 * Returns: a pointer to a string that contains the name of the
1161 * specified key exchange algorithm, or %NULL.
1162 **/
1163 const char *
1164 gnutls_kx_get_name (gnutls_kx_algorithm_t algorithm)
1165 {
1166 const char *ret = NULL;
1167
1168 /* avoid prefix */
1169 GNUTLS_KX_ALG_LOOP (ret = p->name);
1170
1171 return ret;
1172 }
1173
1174 /**
1175 * gnutls_kx_get_id:
1176 * @name: is a KX name
1177 *
1178 * Convert a string to a #gnutls_kx_algorithm_t value. The names are
1179 * compared in a case insensitive way.
1180 *
1181 * Returns: an id of the specified KX algorithm, or %GNUTLS_KX_UNKNOWN
1182 * on error.
1183 **/
1184 gnutls_kx_algorithm_t
1185 gnutls_kx_get_id (const char *name)
1186 {
1187 gnutls_cipher_algorithm_t ret = GNUTLS_KX_UNKNOWN;
1188
1189 GNUTLS_KX_LOOP (if (strcasecmp (p->name, name) == 0) ret = p->algorithm);
1190
1191 return ret;
1192 }
1193
1194 /**
1195 * gnutls_kx_list:
1196 *
1197 * Get a list of supported key exchange algorithms.
1198 *
1199 * Returns: a zero-terminated list of #gnutls_kx_algorithm_t integers
1200 * indicating the available key exchange algorithms.
1201 **/
1202 const gnutls_kx_algorithm_t *
1203 gnutls_kx_list (void)
1204 {
1205 return supported_kxs;
1206 }
1207
1208 int
1209 _gnutls_kx_is_ok (gnutls_kx_algorithm_t algorithm)
1210 {
1211 ssize_t ret = -1;
1212 GNUTLS_KX_ALG_LOOP (ret = p->algorithm);
1213 if (ret >= 0)
1214 ret = 0;
1215 else
1216 ret = 1;
1217 return ret;
1218 }
1219
1220 int
1221 _gnutls_kx_needs_rsa_params (gnutls_kx_algorithm_t algorithm)
1222 {
1223 ssize_t ret = 0;
1224 GNUTLS_KX_ALG_LOOP (ret = p->needs_rsa_params);
1225 return ret;
1226 }
1227
1228 int
1229 _gnutls_kx_needs_dh_params (gnutls_kx_algorithm_t algorithm)
1230 {
1231 ssize_t ret = 0;
1232 GNUTLS_KX_ALG_LOOP (ret = p->needs_dh_params);
1233 return ret;
1234 }
1235
1236
1237 /* Version */
1238 int
1239 _gnutls_version_priority (gnutls_session_t session, gnutls_protocol_t version)
1240 { /* actually returns the priority */
1241 unsigned int i;
1242
1243 for (i = 0; i < session->internals.priorities.protocol.algorithms; i++)
1244 {
1245 if (session->internals.priorities.protocol.priority[i] == version)
1246 return i;
1247 }
1248 return -1;
1249 }
1250
1251 gnutls_protocol_t
1252 _gnutls_version_lowest (gnutls_session_t session)
1253 { /* returns the lowest version supported */
1254 unsigned int i, min = 0xff;
1255 gnutls_protocol_t cur_prot;
1256
1257 for (i = 0; i < session->internals.priorities.protocol.algorithms; i++)
1258 {
1259 cur_prot = session->internals.priorities.protocol.priority[i];
1260
1261 if (cur_prot < min && _gnutls_version_is_supported(session, cur_prot))
1262 min = cur_prot;
1263 }
1264
1265 if (min == 0xff)
1266 return GNUTLS_VERSION_UNKNOWN; /* unknown version */
1267
1268 return min;
1269 }
1270
1271 gnutls_protocol_t
1272 _gnutls_version_max (gnutls_session_t session)
1273 { /* returns the maximum version supported */
1274 unsigned int i, max = 0x00;
1275 gnutls_protocol_t cur_prot;
1276
1277 for (i = 0; i < session->internals.priorities.protocol.algorithms; i++)
1278 {
1279 cur_prot = session->internals.priorities.protocol.priority[i];
1280
1281 if (cur_prot > max && _gnutls_version_is_supported(session, cur_prot))
1282 max = cur_prot;
1283 }
1284
1285 if (max == 0x00)
1286 return GNUTLS_VERSION_UNKNOWN; /* unknown version */
1287
1288 return max;
1289 }
1290
1291
1292 /**
1293 * gnutls_protocol_get_name:
1294 * @version: is a (gnutls) version number
1295 *
1296 * Convert a #gnutls_protocol_t value to a string.
1297 *
1298 * Returns: a string that contains the name of the specified TLS
1299 * version (e.g., "TLS1.0"), or %NULL.
1300 **/
1301 const char *
1302 gnutls_protocol_get_name (gnutls_protocol_t version)
1303 {
1304 const char *ret = NULL;
1305
1306 /* avoid prefix */
1307 GNUTLS_VERSION_ALG_LOOP (ret = p->name);
1308 return ret;
1309 }
1310
1311 /**
1312 * gnutls_protocol_get_id:
1313 * @name: is a protocol name
1314 *
1315 * The names are compared in a case insensitive way.
1316 *
1317 * Returns: an id of the specified protocol, or
1318 * %GNUTLS_VERSION_UNKNOWN on error.
1319 **/
1320 gnutls_protocol_t
1321 gnutls_protocol_get_id (const char *name)
1322 {
1323 gnutls_protocol_t ret = GNUTLS_VERSION_UNKNOWN;
1324
1325 GNUTLS_VERSION_LOOP (if (strcasecmp (p->name, name) == 0) ret = p->id);
1326
1327 return ret;
1328 }
1329
1330 /**
1331 * gnutls_protocol_list:
1332 *
1333 * Get a list of supported protocols, e.g. SSL 3.0, TLS 1.0 etc.
1334 *
1335 * Returns: a zero-terminated list of #gnutls_protocol_t integers
1336 * indicating the available protocols.
1337 *
1338 **/
1339 const gnutls_protocol_t *
1340 gnutls_protocol_list (void)
1341 {
1342 return supported_protocols;
1343 }
1344
1345 int
1346 _gnutls_version_get_minor (gnutls_protocol_t version)
1347 {
1348 int ret = -1;
1349
1350 GNUTLS_VERSION_ALG_LOOP (ret = p->minor);
1351 return ret;
1352 }
1353
1354 gnutls_protocol_t
1355 _gnutls_version_get (int major, int minor)
1356 {
1357 int ret = -1;
1358
1359 GNUTLS_VERSION_LOOP (if ((p->major == major) && (p->minor == minor))
1360 ret = p->id);
1361 return ret;
1362 }
1363
1364 int
1365 _gnutls_version_get_major (gnutls_protocol_t version)
1366 {
1367 int ret = -1;
1368
1369 GNUTLS_VERSION_ALG_LOOP (ret = p->major);
1370 return ret;
1371 }
1372
1373 /* Version Functions */
1374
1375 int
1376 _gnutls_version_is_supported (gnutls_session_t session,
1377 const gnutls_protocol_t version)
1378 {
1379 int ret = 0;
1380
1381 GNUTLS_VERSION_ALG_LOOP (ret = p->supported && p->transport == session->internals.transport);
1382
1383 if (ret == 0)
1384 return 0;
1385
1386 if (_gnutls_version_priority (session, version) < 0)
1387 return 0; /* disabled by the user */
1388 else
1389 return 1;
1390 }
1391
1392
1393 /* This function determines if the version specified has a
1394 cipher-suite selected PRF hash function instead of the old
1395 hardcoded MD5+SHA1. */
1396 int
1397 _gnutls_version_has_selectable_prf (gnutls_protocol_t version)
1398 {
1399 switch (version)
1400 {
1401 case GNUTLS_DTLS1_0:
1402 case GNUTLS_TLS1_1:
1403 case GNUTLS_TLS1_0:
1404 case GNUTLS_SSL3:
1405 return 0;
1406 default:
1407 return 1;
1408 }
1409 }
1410
1411 /* This function determines if the version specified has selectable
1412 signature/hash functions for certificate authentification. */
1413 int
1414 _gnutls_version_has_selectable_sighash (gnutls_protocol_t version)
1415 {
1416 switch (version)
1417 {
1418 case GNUTLS_DTLS1_0:
1419 case GNUTLS_TLS1_1:
1420 case GNUTLS_TLS1_0:
1421 case GNUTLS_SSL3:
1422 return 0;
1423 default:
1424 return 1;
1425 }
1426 }
1427
1428 /* This function determines if the version specified has support for
1429 TLS extensions. */
1430 int
1431 _gnutls_version_has_extensions (gnutls_protocol_t version)
1432 {
1433 switch (version)
1434 {
1435 case GNUTLS_SSL3:
1436 return 0;
1437 default:
1438 /* Versions after TLS 1.0 are required to handle extensions.
1439 * SSL 3.0 also required extensions to be ignored, but
1440 * some earlier draft didn't.
1441 */
1442 return 1;
1443 }
1444 }
1445
1446 /* This function determines if the version specified has explicit IVs
1447 (for CBC attack prevention). */
1448 int
1449 _gnutls_version_has_explicit_iv (gnutls_protocol_t version)
1450 {
1451 switch (version)
1452 {
1453 case GNUTLS_TLS1_0:
1454 case GNUTLS_SSL3:
1455 return 0;
1456 default:
1457 /* All versions after TLS 1.1 have explicit IV */
1458 return 1;
1459 }
1460 }
1461
1462 /* This function determines if the version specified can have
1463 non-minimal padding. */
1464 int
1465 _gnutls_version_has_variable_padding (gnutls_protocol_t version)
1466 {
1467 switch (version)
1468 {
1469 case GNUTLS_SSL3:
1470 return 0;
1471 default:
1472 return 1;
1473 }
1474 }
1475
1476 /* Type to KX mappings */
1477 gnutls_kx_algorithm_t
1478 _gnutls_map_kx_get_kx (gnutls_credentials_type_t type, int server)
1479 {
1480 gnutls_kx_algorithm_t ret = -1;
1481
1482 if (server)
1483 {
1484 GNUTLS_KX_MAP_ALG_LOOP_SERVER (ret = p->algorithm);
1485 }
1486 else
1487 {
1488 GNUTLS_KX_MAP_ALG_LOOP_SERVER (ret = p->algorithm);
1489 }
1490 return ret;
1491 }
1492
1493 /* Returns the credentials type required for this
1494 * Key exchange method.
1495 */
1496 gnutls_credentials_type_t
1497 _gnutls_map_kx_get_cred (gnutls_kx_algorithm_t algorithm, int server)
1498 {
1499 gnutls_credentials_type_t ret = -1;
1500 if (server)
1501 {
1502 GNUTLS_KX_MAP_LOOP (if (p->algorithm == algorithm) ret =
1503 p->server_type);
1504 }
1505 else
1506 {
1507 GNUTLS_KX_MAP_LOOP (if (p->algorithm == algorithm) ret =
1508 p->client_type);
1509 }
1510
1511 return ret;
1512 }
1513
1514
1515 /* Cipher Suite's functions */
1516 gnutls_cipher_algorithm_t
1517 _gnutls_cipher_suite_get_cipher_algo (const cipher_suite_st * suite)
1518 {
1519 int ret = 0;
1520 GNUTLS_CIPHER_SUITE_ALG_LOOP (ret = p->block_algorithm);
1521 return ret;
1522 }
1523
1524 static int
1525 _gnutls_cipher_suite_is_version_supported (gnutls_session_t session, const cipher_suite_st * suite)
1526 {
1527 int ret = 0;
1528 int version = gnutls_protocol_get_version( session);
1529
1530 GNUTLS_CIPHER_SUITE_ALG_LOOP (if (version >= p->min_version
1531 && version <= p->max_version) ret = 1;
1532 if (IS_DTLS(session) && p->dtls==0) ret = 0;);
1533 return ret;
1534 }
1535
1536 gnutls_kx_algorithm_t
1537 _gnutls_cipher_suite_get_kx_algo (const cipher_suite_st * suite)
1538 {
1539 int ret = 0;
1540
1541 GNUTLS_CIPHER_SUITE_ALG_LOOP (ret = p->kx_algorithm);
1542 return ret;
1543
1544 }
1545
1546 gnutls_mac_algorithm_t
1547 _gnutls_cipher_suite_get_mac_algo (const cipher_suite_st * suite)
1548 { /* In bytes */
1549 int ret = 0;
1550 GNUTLS_CIPHER_SUITE_ALG_LOOP (ret = p->mac_algorithm);
1551 return ret;
1552
1553 }
1554
1555 const char *
1556 _gnutls_cipher_suite_get_name (cipher_suite_st * suite)
1557 {
1558 const char *ret = NULL;
1559
1560 /* avoid prefix */
1561 GNUTLS_CIPHER_SUITE_ALG_LOOP (ret = p->name + sizeof ("GNUTLS_") - 1);
1562
1563 return ret;
1564 }
1565
1566 /**
1567 * gnutls_cipher_suite_get_name:
1568 * @kx_algorithm: is a Key exchange algorithm
1569 * @cipher_algorithm: is a cipher algorithm
1570 * @mac_algorithm: is a MAC algorithm
1571 *
1572 * Note that the full cipher suite name must be prepended by TLS or
1573 * SSL depending of the protocol in use.
1574 *
1575 * Returns: a string that contains the name of a TLS cipher suite,
1576 * specified by the given algorithms, or %NULL.
1577 **/
1578 const char *
1579 gnutls_cipher_suite_get_name (gnutls_kx_algorithm_t kx_algorithm,
1580 gnutls_cipher_algorithm_t cipher_algorithm,
1581 gnutls_mac_algorithm_t mac_algorithm)
1582 {
1583 const char *ret = NULL;
1584
1585 /* avoid prefix */
1586 GNUTLS_CIPHER_SUITE_LOOP (if (kx_algorithm == p->kx_algorithm &&
1587 cipher_algorithm == p->block_algorithm &&
1588 mac_algorithm == p->mac_algorithm)
1589 ret = p->name + sizeof ("GNUTLS_") - 1);
1590
1591 return ret;
1592 }
1593
1594 /**
1595 * gnutls_cipher_suite_info:
1596 * @idx: index of cipher suite to get information about, starts on 0.
1597 * @cs_id: output buffer with room for 2 bytes, indicating cipher suite value
1598 * @kx: output variable indicating key exchange algorithm, or %NULL.
1599 * @cipher: output variable indicating cipher, or %NULL.
1600 * @mac: output variable indicating MAC algorithm, or %NULL.
1601 * @version: output variable indicating TLS protocol version, or %NULL.
1602 *
1603 * Get information about supported cipher suites. Use the function
1604 * iteratively to get information about all supported cipher suites.
1605 * Call with idx=0 to get information about first cipher suite, then
1606 * idx=1 and so on until the function returns NULL.
1607 *
1608 * Returns: the name of @idx cipher suite, and set the information
1609 * about the cipher suite in the output variables. If @idx is out of
1610 * bounds, %NULL is returned.
1611 **/
1612 const char *
1613 gnutls_cipher_suite_info (size_t idx,
1614 char *cs_id,
1615 gnutls_kx_algorithm_t * kx,
1616 gnutls_cipher_algorithm_t * cipher,
1617 gnutls_mac_algorithm_t * mac,
1618 gnutls_protocol_t * min_version)
1619 {
1620 if (idx >= CIPHER_SUITES_COUNT)
1621 return NULL;
1622
1623 if (cs_id)
1624 memcpy (cs_id, cs_algorithms[idx].id.suite, 2);
1625 if (kx)
1626 *kx = cs_algorithms[idx].kx_algorithm;
1627 if (cipher)
1628 *cipher = cs_algorithms[idx].block_algorithm;
1629 if (mac)
1630 *mac = cs_algorithms[idx].mac_algorithm;
1631 if (min_version)
1632 *min_version = cs_algorithms[idx].min_version;
1633
1634 return cs_algorithms[idx].name + sizeof ("GNU") - 1;
1635 }
1636
1637
1638 static inline int
1639 _gnutls_cipher_suite_is_ok (cipher_suite_st * suite)
1640 {
1641 size_t ret;
1642 const char *name = NULL;
1643
1644 GNUTLS_CIPHER_SUITE_ALG_LOOP (name = p->name);
1645 if (name != NULL)
1646 ret = 0;
1647 else
1648 ret = 1;
1649 return ret;
1650
1651 }
1652
1653 #define SWAP(x, y) memcpy(tmp,x,size); \
1654 memcpy(x,y,size); \
1655 memcpy(y,tmp,size);
1656
1657 #define MAX_ELEM_SIZE 4
1658 static inline int
1659 _gnutls_partition (gnutls_session_t session, void *_base,
1660 size_t nmemb, size_t size,
1661 int (*compar) (gnutls_session_t,
1662 const void *, const void *))
1663 {
1664 uint8_t *base = _base;
1665 uint8_t tmp[MAX_ELEM_SIZE];
1666 uint8_t ptmp[MAX_ELEM_SIZE];
1667 unsigned int pivot;
1668 unsigned int i, j;
1669 unsigned int full;
1670
1671 i = pivot = 0;
1672 j = full = (nmemb - 1) * size;
1673
1674 memcpy (ptmp, &base[0], size); /* set pivot item */
1675
1676 while (i < j)
1677 {
1678 while ((compar (session, &base[i], ptmp) <= 0) && (i < full))
1679 {
1680 i += size;
1681 }
1682 while ((compar (session, &base[j], ptmp) >= 0) && (j > 0))
1683 j -= size;
1684
1685 if (i < j)
1686 {
1687 SWAP (&base[j], &base[i]);
1688 }
1689 }
1690
1691 if (j > pivot)
1692 {
1693 SWAP (&base[pivot], &base[j]);
1694 pivot = j;
1695 }
1696 else if (i < pivot)
1697 {
1698 SWAP (&base[pivot], &base[i]);
1699 pivot = i;
1700 }
1701 return pivot / size;
1702 }
1703
1704 static void
1705 _gnutls_qsort (gnutls_session_t session, void *_base, size_t nmemb,
1706 size_t size, int (*compar) (gnutls_session_t, const void *,
1707 const void *))
1708 {
1709 unsigned int pivot;
1710 char *base = _base;
1711 size_t snmemb = nmemb;
1712
1713 #ifdef DEBUG
1714 if (size > MAX_ELEM_SIZE)
1715 {
1716 gnutls_assert ();
1717 _gnutls_debug_log ("QSORT BUG\n");
1718 exit (1);
1719 }
1720 #endif
1721
1722 if (snmemb <= 1)
1723 return;
1724 pivot = _gnutls_partition (session, _base, nmemb, size, compar);
1725
1726 _gnutls_qsort (session, base, pivot < nmemb ? pivot + 1 : pivot, size,
1727 compar);
1728 _gnutls_qsort (session, &base[(pivot + 1) * size], nmemb - pivot - 1,
1729 size, compar);
1730 }
1731
1732
1733 /* a compare function for KX algorithms (using priorities).
1734 * For use with qsort
1735 */
1736 static int
1737 _gnutls_compare_algo (gnutls_session_t session, const void *i_A1,
1738 const void *i_A2)
1739 {
1740 gnutls_kx_algorithm_t kA1 =
1741 _gnutls_cipher_suite_get_kx_algo ((const cipher_suite_st *) i_A1);
1742 gnutls_kx_algorithm_t kA2 =
1743 _gnutls_cipher_suite_get_kx_algo ((const cipher_suite_st *) i_A2);
1744 gnutls_cipher_algorithm_t cA1 =
1745 _gnutls_cipher_suite_get_cipher_algo ((const cipher_suite_st *) i_A1);
1746 gnutls_cipher_algorithm_t cA2 =
1747 _gnutls_cipher_suite_get_cipher_algo ((const cipher_suite_st *) i_A2);
1748 gnutls_mac_algorithm_t mA1 =
1749 _gnutls_cipher_suite_get_mac_algo ((const cipher_suite_st *) i_A1);
1750 gnutls_mac_algorithm_t mA2 =
1751 _gnutls_cipher_suite_get_mac_algo ((const cipher_suite_st *) i_A2);
1752
1753 int p1 = (_gnutls_kx_priority (session, kA1) + 1) * 64;
1754 int p2 = (_gnutls_kx_priority (session, kA2) + 1) * 64;
1755 p1 += (_gnutls_cipher_priority (session, cA1) + 1) * 8;
1756 p2 += (_gnutls_cipher_priority (session, cA2) + 1) * 8;
1757 p1 += _gnutls_mac_priority (session, mA1);
1758 p2 += _gnutls_mac_priority (session, mA2);
1759
1760 if (p1 > p2)
1761 {
1762 return 1;
1763 }
1764 else
1765 {
1766 if (p1 == p2)
1767 {
1768 return 0;
1769 }
1770 return -1;
1771 }
1772 }
1773
1774 int
1775 _gnutls_supported_ciphersuites_sorted (gnutls_session_t session,
1776 cipher_suite_st ** ciphers)
1777 {
1778
1779 int count;
1780
1781 count = _gnutls_supported_ciphersuites (session, ciphers);
1782 if (count <= 0)
1783 {
1784 gnutls_assert ();
1785 return count;
1786 }
1787
1788 _gnutls_qsort (session, *ciphers, count,
1789 sizeof (cipher_suite_st), _gnutls_compare_algo);
1790
1791 return count;
1792 }
1793
1794 int
1795 _gnutls_supported_ciphersuites (gnutls_session_t session,
1796 cipher_suite_st ** _ciphers)
1797 {
1798
1799 unsigned int i, ret_count, j;
1800 unsigned int count = CIPHER_SUITES_COUNT;
1801 cipher_suite_st *tmp_ciphers;
1802 cipher_suite_st *ciphers;
1803
1804 if (count == 0)
1805 {
1806 return 0;
1807 }
1808
1809 tmp_ciphers = gnutls_malloc (count * sizeof (cipher_suite_st));
1810 if (tmp_ciphers == NULL)
1811 return GNUTLS_E_MEMORY_ERROR;
1812
1813 ciphers = gnutls_malloc (count * sizeof (cipher_suite_st));
1814 if (ciphers == NULL)
1815 {
1816 gnutls_free (tmp_ciphers);
1817 return GNUTLS_E_MEMORY_ERROR;
1818 }
1819
1820 for (i = 0; i < count; i++)
1821 {
1822 memcpy (&tmp_ciphers[i], &cs_algorithms[i].id,
1823 sizeof (cipher_suite_st));
1824 }
1825
1826 for (i = j = 0; i < count; i++)
1827 {
1828 /* remove private cipher suites, if requested.
1829 */
1830 if (tmp_ciphers[i].suite[0] == 0xFF &&
1831 session->internals.enable_private == 0)
1832 continue;
1833
1834 /* remove cipher suites which do not support the
1835 * protocol version used.
1836 */
1837 if (_gnutls_cipher_suite_is_version_supported (session, &tmp_ciphers[i])
1838 == 0)
1839 continue;
1840
1841 if (_gnutls_kx_priority
1842 (session, _gnutls_cipher_suite_get_kx_algo (&tmp_ciphers[i])) < 0)
1843 continue;
1844
1845 if (_gnutls_mac_priority
1846 (session, _gnutls_cipher_suite_get_mac_algo (&tmp_ciphers[i])) < 0)
1847 continue;
1848
1849 if (_gnutls_cipher_priority
1850 (session,
1851 _gnutls_cipher_suite_get_cipher_algo (&tmp_ciphers[i])) < 0)
1852 continue;
1853
1854 memcpy (&ciphers[j], &tmp_ciphers[i], sizeof (cipher_suite_st));
1855 j++;
1856 }
1857
1858 ret_count = j;
1859
1860 #if 0 /* expensive */
1861 if (ret_count > 0 && ret_count != count)
1862 {
1863 ciphers =
1864 gnutls_realloc_fast (ciphers, ret_count * sizeof (cipher_suite_st));
1865 }
1866 else
1867 {
1868 if (ret_count != count)
1869 {
1870 gnutls_free (ciphers);
1871 ciphers = NULL;
1872 }
1873 }
1874 #endif
1875
1876 gnutls_free (tmp_ciphers);
1877
1878 /* This function can no longer return 0 cipher suites.
1879 * It returns an error code instead.
1880 */
1881 if (ret_count == 0)
1882 {
1883 gnutls_assert ();
1884 gnutls_free (ciphers);
1885 return GNUTLS_E_NO_CIPHER_SUITES;
1886 }
1887 *_ciphers = ciphers;
1888 return ret_count;
1889 }
1890
1891 /**
1892 * gnutls_certificate_type_get_name:
1893 * @type: is a certificate type
1894 *
1895 * Convert a #gnutls_certificate_type_t type to a string.
1896 *
1897 * Returns: a string that contains the name of the specified
1898 * certificate type, or %NULL in case of unknown types.
1899 **/
1900 const char *
1901 gnutls_certificate_type_get_name (gnutls_certificate_type_t type)
1902 {
1903 const char *ret = NULL;
1904
1905 if (type == GNUTLS_CRT_X509)
1906 ret = "X.509";
1907 if (type == GNUTLS_CRT_OPENPGP)
1908 ret = "OPENPGP";
1909
1910 return ret;
1911 }
1912
1913 /**
1914 * gnutls_certificate_type_get_id:
1915 * @name: is a certificate type name
1916 *
1917 * The names are compared in a case insensitive way.
1918 *
1919 * Returns: a #gnutls_certificate_type_t for the specified in a
1920 * string certificate type, or %GNUTLS_CRT_UNKNOWN on error.
1921 **/
1922 gnutls_certificate_type_t
1923 gnutls_certificate_type_get_id (const char *name)
1924 {
1925 gnutls_certificate_type_t ret = GNUTLS_CRT_UNKNOWN;
1926
1927 if (strcasecmp (name, "X.509") == 0 || strcasecmp (name, "X509") == 0)
1928 return GNUTLS_CRT_X509;
1929 if (strcasecmp (name, "OPENPGP") == 0)
1930 return GNUTLS_CRT_OPENPGP;
1931
1932 return ret;
1933 }
1934
1935 static const gnutls_certificate_type_t supported_certificate_types[] = {
1936 GNUTLS_CRT_X509,
1937 GNUTLS_CRT_OPENPGP,
1938 0
1939 };
1940
1941 /**
1942 * gnutls_certificate_type_list:
1943 *
1944 * Get a list of certificate types. Note that to be able to use
1945 * OpenPGP certificates, you must link to libgnutls-extra and call
1946 * gnutls_global_init_extra().
1947 *
1948 * Returns: a zero-terminated list of #gnutls_certificate_type_t
1949 * integers indicating the available certificate types.
1950 **/
1951 const gnutls_certificate_type_t *
1952 gnutls_certificate_type_list (void)
1953 {
1954 return supported_certificate_types;
1955 }
1956
1957 /* returns the gnutls_pk_algorithm_t which is compatible with
1958 * the given gnutls_kx_algorithm_t.
1959 */
1960 gnutls_pk_algorithm_t
1961 _gnutls_map_pk_get_pk (gnutls_kx_algorithm_t kx_algorithm)
1962 {
1963 gnutls_pk_algorithm_t ret = -1;
1964
1965 GNUTLS_PK_MAP_ALG_LOOP (ret = p->pk_algorithm) return ret;
1966 }
1967
1968 /* Returns the encipher type for the given key exchange algorithm.
1969 * That one of CIPHER_ENCRYPT, CIPHER_SIGN, CIPHER_IGN.
1970 *
1971 * ex. GNUTLS_KX_RSA requires a certificate able to encrypt... so returns CIPHER_ENCRYPT.
1972 */
1973 enum encipher_type
1974 _gnutls_kx_encipher_type (gnutls_kx_algorithm_t kx_algorithm)
1975 {
1976 int ret = CIPHER_IGN;
1977 GNUTLS_PK_MAP_ALG_LOOP (ret = p->encipher_type) return ret;
1978
1979 }
1980
1981 /* signature algorithms;
1982 */
1983 struct gnutls_sign_entry
1984 {
1985 const char *name;
1986 const char *oid;
1987 gnutls_sign_algorithm_t id;
1988 gnutls_pk_algorithm_t pk;
1989 gnutls_mac_algorithm_t mac;
1990 /* See RFC 5246 HashAlgorithm and SignatureAlgorithm
1991 for values to use in aid struct. */
1992 const sign_algorithm_st aid;
1993 };
1994 typedef struct gnutls_sign_entry gnutls_sign_entry;
1995
1996 #define TLS_SIGN_AID_UNKNOWN {255, 255}
1997 static const sign_algorithm_st unknown_tls_aid = TLS_SIGN_AID_UNKNOWN;
1998
1999 static const gnutls_sign_entry sign_algorithms[] = {
2000 {"RSA-SHA1", SIG_RSA_SHA1_OID, GNUTLS_SIGN_RSA_SHA1, GNUTLS_PK_RSA,
2001 GNUTLS_MAC_SHA1, {2, 1}},
2002 {"RSA-SHA224", SIG_RSA_SHA224_OID, GNUTLS_SIGN_RSA_SHA224, GNUTLS_PK_RSA,
2003 GNUTLS_MAC_SHA224, {3, 1}},
2004 {"RSA-SHA256", SIG_RSA_SHA256_OID, GNUTLS_SIGN_RSA_SHA256, GNUTLS_PK_RSA,
2005 GNUTLS_MAC_SHA256, {4, 1}},
2006 {"RSA-SHA384", SIG_RSA_SHA384_OID, GNUTLS_SIGN_RSA_SHA384, GNUTLS_PK_RSA,
2007 GNUTLS_MAC_SHA384, {5, 1}},
2008 {"RSA-SHA512", SIG_RSA_SHA512_OID, GNUTLS_SIGN_RSA_SHA512, GNUTLS_PK_RSA,
2009 GNUTLS_MAC_SHA512, {6, 1}},
2010 {"RSA-RMD160", SIG_RSA_RMD160_OID, GNUTLS_SIGN_RSA_RMD160, GNUTLS_PK_RSA,
2011 GNUTLS_MAC_RMD160, TLS_SIGN_AID_UNKNOWN},
2012 {"DSA-SHA1", SIG_DSA_SHA1_OID, GNUTLS_SIGN_DSA_SHA1, GNUTLS_PK_DSA,
2013 GNUTLS_MAC_SHA1, {2, 2}},
2014 {"DSA-SHA224", SIG_DSA_SHA224_OID, GNUTLS_SIGN_DSA_SHA224, GNUTLS_PK_DSA,
2015 GNUTLS_MAC_SHA224, {3, 2}},
2016 {"DSA-SHA256", SIG_DSA_SHA256_OID, GNUTLS_SIGN_DSA_SHA256, GNUTLS_PK_DSA,
2017 GNUTLS_MAC_SHA256, {4, 2}},
2018 {"RSA-MD5", SIG_RSA_MD5_OID, GNUTLS_SIGN_RSA_MD5, GNUTLS_PK_RSA,
2019 GNUTLS_MAC_MD5, {1, 1}},
2020 {"RSA-MD2", SIG_RSA_MD2_OID, GNUTLS_SIGN_RSA_MD2, GNUTLS_PK_RSA,
2021 GNUTLS_MAC_MD2, TLS_SIGN_AID_UNKNOWN},
2022 {"GOST R 34.10-2001", SIG_GOST_R3410_2001_OID, 0, 0, 0,
2023 TLS_SIGN_AID_UNKNOWN},
2024 {"GOST R 34.10-94", SIG_GOST_R3410_94_OID, 0, 0, 0, TLS_SIGN_AID_UNKNOWN},
2025 {0, 0, 0, 0, 0, TLS_SIGN_AID_UNKNOWN}
2026 };
2027
2028 /* Keep the contents of this struct the same as the previous one. */
2029 static const gnutls_sign_algorithm_t supported_sign[] = {
2030 GNUTLS_SIGN_RSA_SHA1,
2031 GNUTLS_SIGN_RSA_SHA256,
2032 GNUTLS_SIGN_RSA_SHA384,
2033 GNUTLS_SIGN_RSA_SHA512,
2034 GNUTLS_SIGN_RSA_RMD160,
2035 GNUTLS_SIGN_DSA_SHA1,
2036 GNUTLS_SIGN_RSA_MD5,
2037 GNUTLS_SIGN_RSA_MD2,
2038 0
2039 };
2040
2041 #define GNUTLS_SIGN_LOOP(b) \
2042 do { \
2043 const gnutls_sign_entry *p; \
2044 for(p = sign_algorithms; p->name != NULL; p++) { b ; } \
2045 } while (0)
2046
2047 #define GNUTLS_SIGN_ALG_LOOP(a) \
2048 GNUTLS_SIGN_LOOP( if(p->id && p->id == sign) { a; break; } )
2049
2050 /**
2051 * gnutls_sign_get_name:
2052 * @sign: is a sign algorithm
2053 *
2054 * Convert a #gnutls_sign_algorithm_t value to a string.
2055 *
2056 * Returns: a string that contains the name of the specified sign
2057 * algorithm, or %NULL.
2058 **/
2059 const char *
2060 gnutls_sign_get_name (gnutls_sign_algorithm_t sign)
2061 {
2062 const char *ret = NULL;
2063
2064 /* avoid prefix */
2065 GNUTLS_SIGN_ALG_LOOP (ret = p->name);
2066
2067 return ret;
2068 }
2069
2070 /**
2071 * gnutls_sign_list:
2072 *
2073 * Get a list of supported public key signature algorithms.
2074 *
2075 * Returns: a zero-terminated list of #gnutls_sign_algorithm_t
2076 * integers indicating the available ciphers.
2077 *
2078 **/
2079 const gnutls_sign_algorithm_t *
2080 gnutls_sign_list (void)
2081 {
2082 return supported_sign;
2083 }
2084
2085 /**
2086 * gnutls_sign_get_id:
2087 * @name: is a MAC algorithm name
2088 *
2089 * The names are compared in a case insensitive way.
2090 *
2091 * Returns: return a #gnutls_sign_algorithm_t value corresponding to
2092 * the specified cipher, or %GNUTLS_SIGN_UNKNOWN on error.
2093 **/
2094 gnutls_sign_algorithm_t
2095 gnutls_sign_get_id (const char *name)
2096 {
2097 gnutls_sign_algorithm_t ret = GNUTLS_SIGN_UNKNOWN;
2098
2099 GNUTLS_SIGN_LOOP (if (strcasecmp (p->name, name) == 0) ret = p->id);
2100
2101 return ret;
2102
2103 }
2104
2105 gnutls_sign_algorithm_t
2106 _gnutls_x509_oid2sign_algorithm (const char *oid)
2107 {
2108 gnutls_sign_algorithm_t ret = 0;
2109
2110 GNUTLS_SIGN_LOOP (if (p->oid && strcmp (oid, p->oid) == 0)
2111 {
2112 ret = p->id; break;}
2113 );
2114
2115 if (ret == 0)
2116 {
2117 _gnutls_debug_log ("Unknown SIGN OID: '%s'\n", oid);
2118 return GNUTLS_SIGN_UNKNOWN;
2119 }
2120 return ret;
2121 }
2122
2123 gnutls_sign_algorithm_t
2124 _gnutls_x509_pk_to_sign (gnutls_pk_algorithm_t pk, gnutls_mac_algorithm_t mac)
2125 {
2126 gnutls_sign_algorithm_t ret = 0;
2127
2128 GNUTLS_SIGN_LOOP (if (pk == p->pk && mac == p->mac)
2129 {
2130 ret = p->id; break;}
2131 );
2132
2133 if (ret == 0)
2134 return GNUTLS_SIGN_UNKNOWN;
2135 return ret;
2136 }
2137
2138 const char *
2139 _gnutls_x509_sign_to_oid (gnutls_pk_algorithm_t pk,
2140 gnutls_mac_algorithm_t mac)
2141 {
2142 gnutls_sign_algorithm_t sign;
2143 const char *ret = NULL;
2144
2145 sign = _gnutls_x509_pk_to_sign (pk, mac);
2146 if (sign == GNUTLS_SIGN_UNKNOWN)
2147 return NULL;
2148
2149 GNUTLS_SIGN_ALG_LOOP (ret = p->oid);
2150 return ret;
2151 }
2152
2153 gnutls_mac_algorithm_t
2154 _gnutls_sign_get_hash_algorithm (gnutls_sign_algorithm_t sign)
2155 {
2156 gnutls_mac_algorithm_t ret = GNUTLS_DIG_UNKNOWN;
2157
2158 GNUTLS_SIGN_ALG_LOOP (ret = p->mac);
2159
2160 return ret;
2161 }
2162
2163 gnutls_pk_algorithm_t
2164 _gnutls_sign_get_pk_algorithm (gnutls_sign_algorithm_t sign)
2165 {
2166 gnutls_pk_algorithm_t ret = GNUTLS_PK_UNKNOWN;
2167
2168 GNUTLS_SIGN_ALG_LOOP (ret = p->pk);
2169
2170 return ret;
2171 }
2172
2173 gnutls_sign_algorithm_t
2174 _gnutls_tls_aid_to_sign (const sign_algorithm_st * aid)
2175 {
2176 gnutls_sign_algorithm_t ret = GNUTLS_SIGN_UNKNOWN;
2177
2178 if (memcmp(aid, &unknown_tls_aid, sizeof(aid))==0)
2179 return ret;
2180
2181 GNUTLS_SIGN_LOOP (if (p->aid.hash_algorithm == aid->hash_algorithm
2182 && p->aid.sign_algorithm == aid->sign_algorithm)
2183 {
2184 ret = p->id; break;
2185 }
2186 );
2187
2188
2189 return ret;
2190 }
2191
2192 /* Returns NULL if a valid AID is not found
2193 */
2194 const sign_algorithm_st*
2195 _gnutls_sign_to_tls_aid (gnutls_sign_algorithm_t sign)
2196 {
2197 const sign_algorithm_st * ret = NULL;
2198
2199 GNUTLS_SIGN_ALG_LOOP (ret = &p->aid);
2200
2201 if (ret != NULL && memcmp(ret, &unknown_tls_aid, sizeof(*ret))==0)
2202 return NULL;
2203
2204 return ret;
2205 }
2206
2207
2208
2209 /* pk algorithms;
2210 */
2211 struct gnutls_pk_entry
2212 {
2213 const char *name;
2214 const char *oid;
2215 gnutls_pk_algorithm_t id;
2216 };
2217 typedef struct gnutls_pk_entry gnutls_pk_entry;
2218
2219 static const gnutls_pk_entry pk_algorithms[] = {
2220 /* having duplicate entries is ok, as long as the one
2221 * we want to return OID from is first */
2222 {"RSA", PK_PKIX1_RSA_OID, GNUTLS_PK_RSA},
2223 {"RSA (X.509)", PK_X509_RSA_OID, GNUTLS_PK_RSA}, /* some certificates use this OID for RSA */
2224 {"RSA (MD5)", SIG_RSA_MD5_OID, GNUTLS_PK_RSA}, /* some other broken certificates set RSA with MD5 as an indicator of RSA */
2225 {"RSA (SHA1)", SIG_RSA_SHA1_OID, GNUTLS_PK_RSA}, /* some other broken certificates set RSA with SHA1 as an indicator of RSA */
2226 {"DSA", PK_DSA_OID, GNUTLS_PK_DSA},
2227 {"GOST R 34.10-2001", PK_GOST_R3410_2001_OID, GNUTLS_PK_UNKNOWN},
2228 {"GOST R 34.10-94", PK_GOST_R3410_94_OID, GNUTLS_PK_UNKNOWN},
2229 {0, 0, 0}
2230 };
2231
2232 /**
2233 * gnutls_pk_algorithm_get_name:
2234 * @algorithm: is a pk algorithm
2235 *
2236 * Convert a #gnutls_pk_algorithm_t value to a string.
2237 *
2238 * Returns: a string that contains the name of the specified public
2239 * key algorithm, or %NULL.
2240 **/
2241 const char *
2242 gnutls_pk_algorithm_get_name (gnutls_pk_algorithm_t algorithm)
2243 {
2244 const char *ret = NULL;
2245 const gnutls_pk_entry *p;
2246
2247 for (p = pk_algorithms; p->name != NULL; p++)
2248 if (p->id == algorithm)
2249 {
2250 ret = p->name;
2251 break;
2252 }
2253
2254 return ret;
2255 }
2256
2257 /**
2258 * gnutls_pk_list:
2259 *
2260 * Get a list of supported public key algorithms.
2261 *
2262 * Returns: a zero-terminated list of #gnutls_pk_algorithm_t integers
2263 * indicating the available ciphers.
2264 *
2265 * Since: 2.6.0
2266 **/
2267 const gnutls_pk_algorithm_t *
2268 gnutls_pk_list (void)
2269 {
2270 static const gnutls_pk_algorithm_t supported_pks[] = {
2271 GNUTLS_PK_RSA,
2272 GNUTLS_PK_DSA,
2273 /* GNUTLS_PK_DH is not returned because it is not
2274 * a real public key algorithm. I.e. cannot be used
2275 * as a public key algorithm of a certificate.
2276 */
2277 0
2278 };
2279
2280 return supported_pks;
2281 }
2282
2283 /**
2284 * gnutls_pk_get_id:
2285 * @name: is a string containing a public key algorithm name.
2286 *
2287 * Convert a string to a #gnutls_pk_algorithm_t value. The names are
2288 * compared in a case insensitive way. For example,
2289 * gnutls_pk_get_id("RSA") will return %GNUTLS_PK_RSA.
2290 *
2291 * Returns: a #gnutls_pk_algorithm_t id of the specified public key
2292 * algorithm string, or %GNUTLS_PK_UNKNOWN on failures.
2293 *
2294 * Since: 2.6.0
2295 **/
2296 gnutls_pk_algorithm_t
2297 gnutls_pk_get_id (const char *name)
2298 {
2299 gnutls_pk_algorithm_t ret = GNUTLS_PK_UNKNOWN;
2300 const gnutls_pk_entry *p;
2301
2302 for (p = pk_algorithms; p->name != NULL; p++)
2303 if (name && strcmp (p->name, name) == 0)
2304 {
2305 ret = p->id;
2306 break;
2307 }
2308
2309 return ret;
2310 }
2311
2312 /**
2313 * gnutls_pk_get_name:
2314 * @algorithm: is a public key algorithm
2315 *
2316 * Convert a #gnutls_pk_algorithm_t value to a string.
2317 *
2318 * Returns: a pointer to a string that contains the name of the
2319 * specified public key algorithm, or %NULL.
2320 *
2321 * Since: 2.6.0
2322 **/
2323 const char *
2324 gnutls_pk_get_name (gnutls_pk_algorithm_t algorithm)
2325 {
2326 const char *ret = "Unknown";
2327 const gnutls_pk_entry *p;
2328
2329 for (p = pk_algorithms; p->name != NULL; p++)
2330 if (algorithm == p->id)
2331 {
2332 ret = p->name;
2333 break;
2334 }
2335
2336 return ret;
2337 }
2338
2339 gnutls_pk_algorithm_t
2340 _gnutls_x509_oid2pk_algorithm (const char *oid)
2341 {
2342 gnutls_pk_algorithm_t ret = GNUTLS_PK_UNKNOWN;
2343 const gnutls_pk_entry *p;
2344
2345 for (p = pk_algorithms; p->name != NULL; p++)
2346 if (p->oid && strcmp (p->oid, oid) == 0)
2347 {
2348 ret = p->id;
2349 break;
2350 }
2351
2352 return ret;
2353 }
2354
2355 const char *
2356 _gnutls_x509_pk_to_oid (gnutls_pk_algorithm_t algorithm)
2357 {
2358 const char *ret = NULL;
2359 const gnutls_pk_entry *p;
2360
2361 for (p = pk_algorithms; p->name != NULL; p++)
2362 if (p->id == algorithm)
2363 {
2364 ret = p->oid;
2365 break;
2366 }
2367
2368 return ret;
2369 }
2370
2371 /**
2372 * gnutls_sec_param_to_pk_bits:
2373 * @algo: is a public key algorithm
2374 * @param: is a security parameter
2375 *
2376 * When generating private and public key pairs a difficult question
2377 * is which size of "bits" the modulus will be in RSA and the group size
2378 * in DSA. The easy answer is 1024, which is also wrong. This function
2379 * will convert a human understandable security parameter to an
2380 * appropriate size for the specific algorithm.
2381 *
2382 * Returns: The number of bits, or zero.
2383 *
2384 **/
2385 unsigned int
2386 gnutls_sec_param_to_pk_bits (gnutls_pk_algorithm_t algo,
2387 gnutls_sec_param_t param)
2388 {
2389 unsigned int ret = 0;
2390
2391 /* handle DSA differently */
2392 if (algo == GNUTLS_PK_DSA)
2393 {
2394 GNUTLS_SEC_PARAM_LOOP (if (p->sec_param == param)
2395 {
2396 ret = p->dsa_bits; break;}
2397 );
2398 return ret;
2399 }
2400
2401 GNUTLS_SEC_PARAM_LOOP (if (p->sec_param == param)
2402 {
2403 ret = p->pk_bits; break;}
2404 );
2405
2406 return ret;
2407 }
2408
2409 /* Returns the corresponding size for subgroup bits (q),
2410 * given the group bits (p).
2411 */
2412 unsigned int
2413 _gnutls_pk_bits_to_subgroup_bits (unsigned int pk_bits)
2414 {
2415 unsigned int ret = 0;
2416
2417 GNUTLS_SEC_PARAM_LOOP (if (p->pk_bits >= pk_bits)
2418 {
2419 ret = p->subgroup_bits; break;}
2420 );
2421
2422 return ret;
2423 }
2424
2425 /**
2426 * gnutls_sec_param_get_name:
2427 * @param: is a security parameter
2428 *
2429 * Convert a #gnutls_sec_param_t value to a string.
2430 *
2431 * Returns: a pointer to a string that contains the name of the
2432 * specified public key algorithm, or %NULL.
2433 *
2434 **/
2435 const char *
2436 gnutls_sec_param_get_name (gnutls_sec_param_t param)
2437 {
2438 const char *ret = "Unknown";
2439
2440 GNUTLS_SEC_PARAM_LOOP (if (p->sec_param == param)
2441 {
2442 ret = p->name; break;}
2443 );
2444
2445 return ret;
2446 }
2447
2448 /**
2449 * gnutls_pk_bits_to_sec_param:
2450 * @algo: is a public key algorithm
2451 * @bits: is the number of bits
2452 *
2453 * This is the inverse of gnutls_sec_param_to_pk_bits(). Given an algorithm
2454 * and the number of bits, it will return the security parameter. This is
2455 * a rough indication.
2456 *
2457 * Returns: The security parameter.
2458 *
2459 **/
2460 gnutls_sec_param_t
2461 gnutls_pk_bits_to_sec_param (gnutls_pk_algorithm_t algo, unsigned int bits)
2462 {
2463 gnutls_sec_param_t ret = GNUTLS_SEC_PARAM_WEAK;
2464
2465 GNUTLS_SEC_PARAM_LOOP (if (p->pk_bits > bits)
2466 {
2467 break;}
2468 ret = p->sec_param;);
2469
2470 return ret;
2471 }
Implementation of the SSL/TLS protocol