projects / BearSSL / blob
? search:


3ea7f1b31f7e1a4ce6000f79003896d38f07f5ac
[BearSSL] / tools / names.c
1 /*
2 * Copyright (c) 2016 Thomas Pornin <pornin@bolet.org>
3 *
4 * Permission is hereby granted, free of charge, to any person obtaining
5 * a copy of this software and associated documentation files (the
6 * "Software"), to deal in the Software without restriction, including
7 * without limitation the rights to use, copy, modify, merge, publish,
8 * distribute, sublicense, and/or sell copies of the Software, and to
9 * permit persons to whom the Software is furnished to do so, subject to
10 * the following conditions:
11 *
12 * The above copyright notice and this permission notice shall be
13 * included in all copies or substantial portions of the Software.
14 *
15 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
16 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
17 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
18 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
19 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
20 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
21 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
22 * SOFTWARE.
23 */
24
25 #include "brssl.h"
26 #include "bearssl.h"
27
28 /* see brssl.h */
29 const protocol_version protocol_versions[] = {
30 { "tls10", BR_TLS10, "TLS 1.0" },
31 { "tls11", BR_TLS11, "TLS 1.1" },
32 { "tls12", BR_TLS12, "TLS 1.2" },
33 { NULL, 0, NULL }
34 };
35
36 /* see brssl.h */
37 const hash_function hash_functions[] = {
38 { "md5", &br_md5_vtable, "MD5" },
39 { "sha1", &br_sha1_vtable, "SHA-1" },
40 { "sha224", &br_sha224_vtable, "SHA-224" },
41 { "sha256", &br_sha256_vtable, "SHA-256" },
42 { "sha384", &br_sha384_vtable, "SHA-384" },
43 { "sha512", &br_sha512_vtable, "SHA-512" },
44 { NULL, 0, NULL }
45 };
46
47 /* see brssl.h */
48 const cipher_suite cipher_suites[] = {
49 {
50 "ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256",
51 BR_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
52 REQ_ECDHE_ECDSA | REQ_CHAPOL | REQ_SHA256 | REQ_TLS12,
53 "ECDHE with ECDSA, ChaCha20+Poly1305 encryption (TLS 1.2+)"
54 },
55 {
56 "ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
57 BR_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
58 REQ_ECDHE_RSA | REQ_CHAPOL | REQ_SHA256 | REQ_TLS12,
59 "ECDHE with RSA, ChaCha20+Poly1305 encryption (TLS 1.2+)"
60 },
61 {
62 "ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
63 BR_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
64 REQ_ECDHE_ECDSA | REQ_AESGCM | REQ_SHA256 | REQ_TLS12,
65 "ECDHE with ECDSA, AES-128/GCM encryption (TLS 1.2+)"
66 },
67 {
68 "ECDHE_RSA_WITH_AES_128_GCM_SHA256",
69 BR_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
70 REQ_ECDHE_RSA | REQ_AESGCM | REQ_SHA256 | REQ_TLS12,
71 "ECDHE with RSA, AES-128/GCM encryption (TLS 1.2+)"
72 },
73 {
74 "ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
75 BR_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
76 REQ_ECDHE_ECDSA | REQ_AESGCM | REQ_SHA384 | REQ_TLS12,
77 "ECDHE with ECDSA, AES-256/GCM encryption (TLS 1.2+)"
78 },
79 {
80 "ECDHE_RSA_WITH_AES_256_GCM_SHA384",
81 BR_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
82 REQ_ECDHE_RSA | REQ_AESGCM | REQ_SHA384 | REQ_TLS12,
83 "ECDHE with RSA, AES-256/GCM encryption (TLS 1.2+)"
84 },
85 {
86 "ECDHE_ECDSA_WITH_AES_128_CCM",
87 BR_TLS_ECDHE_ECDSA_WITH_AES_128_CCM,
88 REQ_ECDHE_ECDSA | REQ_AESCCM | REQ_SHA256 | REQ_TLS12,
89 "ECDHE with ECDSA, AES-128/CCM encryption (TLS 1.2+)"
90 },
91 {
92 "ECDHE_ECDSA_WITH_AES_256_CCM",
93 BR_TLS_ECDHE_ECDSA_WITH_AES_256_CCM,
94 REQ_ECDHE_ECDSA | REQ_AESCCM | REQ_SHA256 | REQ_TLS12,
95 "ECDHE with ECDSA, AES-256/CCM encryption (TLS 1.2+)"
96 },
97 {
98 "ECDHE_ECDSA_WITH_AES_128_CCM_8",
99 BR_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8,
100 REQ_ECDHE_ECDSA | REQ_AESCCM | REQ_SHA256 | REQ_TLS12,
101 "ECDHE with ECDSA, AES-128/CCM_8 encryption (TLS 1.2+)"
102 },
103 {
104 "ECDHE_ECDSA_WITH_AES_256_CCM_8",
105 BR_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8,
106 REQ_ECDHE_ECDSA | REQ_AESCCM | REQ_SHA256 | REQ_TLS12,
107 "ECDHE with ECDSA, AES-256/CCM_8 encryption (TLS 1.2+)"
108 },
109 {
110 "ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
111 BR_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
112 REQ_ECDHE_ECDSA | REQ_AESCBC | REQ_SHA256 | REQ_TLS12,
113 "ECDHE with ECDSA, AES-128/CBC + SHA-256 (TLS 1.2+)"
114 },
115 {
116 "ECDHE_RSA_WITH_AES_128_CBC_SHA256",
117 BR_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
118 REQ_ECDHE_RSA | REQ_AESCBC | REQ_SHA256 | REQ_TLS12,
119 "ECDHE with RSA, AES-128/CBC + SHA-256 (TLS 1.2+)"
120 },
121 {
122 "ECDHE_ECDSA_WITH_AES_256_CBC_SHA384",
123 BR_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
124 REQ_ECDHE_ECDSA | REQ_AESCBC | REQ_SHA384 | REQ_TLS12,
125 "ECDHE with ECDSA, AES-256/CBC + SHA-384 (TLS 1.2+)"
126 },
127 {
128 "ECDHE_RSA_WITH_AES_256_CBC_SHA384",
129 BR_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
130 REQ_ECDHE_RSA | REQ_AESCBC | REQ_SHA384 | REQ_TLS12,
131 "ECDHE with RSA, AES-256/CBC + SHA-384 (TLS 1.2+)"
132 },
133 {
134 "ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
135 BR_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
136 REQ_ECDHE_ECDSA | REQ_AESCBC | REQ_SHA1,
137 "ECDHE with ECDSA, AES-128/CBC + SHA-1"
138 },
139 {
140 "ECDHE_RSA_WITH_AES_128_CBC_SHA",
141 BR_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
142 REQ_ECDHE_RSA | REQ_AESCBC | REQ_SHA1,
143 "ECDHE with RSA, AES-128/CBC + SHA-1"
144 },
145 {
146 "ECDHE_ECDSA_WITH_AES_256_CBC_SHA",
147 BR_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
148 REQ_ECDHE_ECDSA | REQ_AESCBC | REQ_SHA1,
149 "ECDHE with ECDSA, AES-256/CBC + SHA-1"
150 },
151 {
152 "ECDHE_RSA_WITH_AES_256_CBC_SHA",
153 BR_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
154 REQ_ECDHE_RSA | REQ_AESCBC | REQ_SHA1,
155 "ECDHE with RSA, AES-256/CBC + SHA-1"
156 },
157 {
158 "ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
159 BR_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
160 REQ_ECDH | REQ_AESGCM | REQ_SHA256 | REQ_TLS12,
161 "ECDH key exchange (EC cert), AES-128/GCM (TLS 1.2+)"
162 },
163 {
164 "ECDH_RSA_WITH_AES_128_GCM_SHA256",
165 BR_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,
166 REQ_ECDH | REQ_AESGCM | REQ_SHA256 | REQ_TLS12,
167 "ECDH key exchange (RSA cert), AES-128/GCM (TLS 1.2+)"
168 },
169 {
170 "ECDH_ECDSA_WITH_AES_256_GCM_SHA384",
171 BR_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
172 REQ_ECDH | REQ_AESGCM | REQ_SHA384 | REQ_TLS12,
173 "ECDH key exchange (EC cert), AES-256/GCM (TLS 1.2+)"
174 },
175 {
176 "ECDH_RSA_WITH_AES_256_GCM_SHA384",
177 BR_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,
178 REQ_ECDH | REQ_AESGCM | REQ_SHA384 | REQ_TLS12,
179 "ECDH key exchange (RSA cert), AES-256/GCM (TLS 1.2+)"
180 },
181 {
182 "ECDH_ECDSA_WITH_AES_128_CBC_SHA256",
183 BR_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,
184 REQ_ECDH | REQ_AESCBC | REQ_SHA256 | REQ_TLS12,
185 "ECDH key exchange (EC cert), AES-128/CBC + HMAC/SHA-256 (TLS 1.2+)"
186 },
187 {
188 "ECDH_RSA_WITH_AES_128_CBC_SHA256",
189 BR_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,
190 REQ_ECDH | REQ_AESCBC | REQ_SHA256 | REQ_TLS12,
191 "ECDH key exchange (RSA cert), AES-128/CBC + HMAC/SHA-256 (TLS 1.2+)"
192 },
193 {
194 "ECDH_ECDSA_WITH_AES_256_CBC_SHA384",
195 BR_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,
196 REQ_ECDH | REQ_AESCBC | REQ_SHA384 | REQ_TLS12,
197 "ECDH key exchange (EC cert), AES-256/CBC + HMAC/SHA-384 (TLS 1.2+)"
198 },
199 {
200 "ECDH_RSA_WITH_AES_256_CBC_SHA384",
201 BR_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,
202 REQ_ECDH | REQ_AESCBC | REQ_SHA384 | REQ_TLS12,
203 "ECDH key exchange (RSA cert), AES-256/CBC + HMAC/SHA-384 (TLS 1.2+)"
204 },
205 {
206 "ECDH_ECDSA_WITH_AES_128_CBC_SHA",
207 BR_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
208 REQ_ECDH | REQ_AESCBC | REQ_SHA1,
209 "ECDH key exchange (EC cert), AES-128/CBC + HMAC/SHA-1"
210 },
211 {
212 "ECDH_RSA_WITH_AES_128_CBC_SHA",
213 BR_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
214 REQ_ECDH | REQ_AESCBC | REQ_SHA1,
215 "ECDH key exchange (RSA cert), AES-128/CBC + HMAC/SHA-1"
216 },
217 {
218 "ECDH_ECDSA_WITH_AES_256_CBC_SHA",
219 BR_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
220 REQ_ECDH | REQ_AESCBC | REQ_SHA1,
221 "ECDH key exchange (EC cert), AES-256/CBC + HMAC/SHA-1"
222 },
223 {
224 "ECDH_RSA_WITH_AES_256_CBC_SHA",
225 BR_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
226 REQ_ECDH | REQ_AESCBC | REQ_SHA1,
227 "ECDH key exchange (RSA cert), AES-256/CBC + HMAC/SHA-1"
228 },
229 {
230 "RSA_WITH_AES_128_GCM_SHA256",
231 BR_TLS_RSA_WITH_AES_128_GCM_SHA256,
232 REQ_RSAKEYX | REQ_AESGCM | REQ_SHA256 | REQ_TLS12,
233 "RSA key exchange, AES-128/GCM encryption (TLS 1.2+)"
234 },
235 {
236 "RSA_WITH_AES_256_GCM_SHA384",
237 BR_TLS_RSA_WITH_AES_256_GCM_SHA384,
238 REQ_RSAKEYX | REQ_AESGCM | REQ_SHA384 | REQ_TLS12,
239 "RSA key exchange, AES-256/GCM encryption (TLS 1.2+)"
240 },
241 {
242 "RSA_WITH_AES_128_CCM",
243 BR_TLS_RSA_WITH_AES_128_CCM,
244 REQ_RSAKEYX | REQ_AESCCM | REQ_SHA256 | REQ_TLS12,
245 "RSA key exchange, AES-128/CCM encryption (TLS 1.2+)"
246 },
247 {
248 "RSA_WITH_AES_256_CCM",
249 BR_TLS_RSA_WITH_AES_256_CCM,
250 REQ_RSAKEYX | REQ_AESCCM | REQ_SHA256 | REQ_TLS12,
251 "RSA key exchange, AES-256/CCM encryption (TLS 1.2+)"
252 },
253 {
254 "RSA_WITH_AES_128_CCM_8",
255 BR_TLS_RSA_WITH_AES_128_CCM_8,
256 REQ_RSAKEYX | REQ_AESCCM | REQ_SHA256 | REQ_TLS12,
257 "RSA key exchange, AES-128/CCM_8 encryption (TLS 1.2+)"
258 },
259 {
260 "RSA_WITH_AES_256_CCM_8",
261 BR_TLS_RSA_WITH_AES_256_CCM_8,
262 REQ_RSAKEYX | REQ_AESCCM | REQ_SHA256 | REQ_TLS12,
263 "RSA key exchange, AES-256/CCM_8 encryption (TLS 1.2+)"
264 },
265 {
266 "RSA_WITH_AES_128_CBC_SHA256",
267 BR_TLS_RSA_WITH_AES_128_CBC_SHA256,
268 REQ_RSAKEYX | REQ_AESCBC | REQ_SHA256 | REQ_TLS12,
269 "RSA key exchange, AES-128/CBC + HMAC/SHA-256 (TLS 1.2+)"
270 },
271 {
272 "RSA_WITH_AES_256_CBC_SHA256",
273 BR_TLS_RSA_WITH_AES_256_CBC_SHA256,
274 REQ_RSAKEYX | REQ_AESCBC | REQ_SHA256 | REQ_TLS12,
275 "RSA key exchange, AES-256/CBC + HMAC/SHA-256 (TLS 1.2+)"
276 },
277 {
278 "RSA_WITH_AES_128_CBC_SHA",
279 BR_TLS_RSA_WITH_AES_128_CBC_SHA,
280 REQ_RSAKEYX | REQ_AESCBC | REQ_SHA1,
281 "RSA key exchange, AES-128/CBC + HMAC/SHA-1"
282 },
283 {
284 "RSA_WITH_AES_256_CBC_SHA",
285 BR_TLS_RSA_WITH_AES_256_CBC_SHA,
286 REQ_RSAKEYX | REQ_AESCBC | REQ_SHA1,
287 "RSA key exchange, AES-256/CBC + HMAC/SHA-1"
288 },
289 {
290 "ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA",
291 BR_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
292 REQ_ECDHE_ECDSA | REQ_3DESCBC | REQ_SHA1,
293 "ECDHE with ECDSA, 3DES/CBC + SHA-1"
294 },
295 {
296 "ECDHE_RSA_WITH_3DES_EDE_CBC_SHA",
297 BR_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
298 REQ_ECDHE_RSA | REQ_3DESCBC | REQ_SHA1,
299 "ECDHE with RSA, 3DES/CBC + SHA-1"
300 },
301 {
302 "ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA",
303 BR_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,
304 REQ_ECDH | REQ_3DESCBC | REQ_SHA1,
305 "ECDH key exchange (EC cert), 3DES/CBC + HMAC/SHA-1"
306 },
307 {
308 "ECDH_RSA_WITH_3DES_EDE_CBC_SHA",
309 BR_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
310 REQ_ECDH | REQ_3DESCBC | REQ_SHA1,
311 "ECDH key exchange (RSA cert), 3DES/CBC + HMAC/SHA-1"
312 },
313 {
314 "RSA_WITH_3DES_EDE_CBC_SHA",
315 BR_TLS_RSA_WITH_3DES_EDE_CBC_SHA,
316 REQ_RSAKEYX | REQ_3DESCBC | REQ_SHA1,
317 "RSA key exchange, 3DES/CBC + HMAC/SHA-1"
318 },
319 { NULL, 0, 0, NULL }
320 };
321
322 static const struct {
323 int id;
324 const char *name;
325 } curves[] = {
326 { BR_EC_sect163k1,
327 "sect163k1" },
328 { BR_EC_sect163r1,
329 "sect163r1" },
330 { BR_EC_sect163r2,
331 "sect163r2" },
332 { BR_EC_sect193r1,
333 "sect193r1" },
334 { BR_EC_sect193r2,
335 "sect193r2" },
336 { BR_EC_sect233k1,
337 "sect233k1" },
338 { BR_EC_sect233r1,
339 "sect233r1" },
340 { BR_EC_sect239k1,
341 "sect239k1" },
342 { BR_EC_sect283k1,
343 "sect283k1" },
344 { BR_EC_sect283r1,
345 "sect283r1" },
346 { BR_EC_sect409k1,
347 "sect409k1" },
348 { BR_EC_sect409r1,
349 "sect409r1" },
350 { BR_EC_sect571k1,
351 "sect571k1" },
352 { BR_EC_sect571r1,
353 "sect571r1" },
354 { BR_EC_secp160k1,
355 "secp160k1" },
356 { BR_EC_secp160r1,
357 "secp160r1" },
358 { BR_EC_secp160r2,
359 "secp160r2" },
360 { BR_EC_secp192k1,
361 "secp192k1" },
362 { BR_EC_secp192r1,
363 "secp192r1" },
364 { BR_EC_secp224k1,
365 "secp224k1" },
366 { BR_EC_secp224r1,
367 "secp224r1" },
368 { BR_EC_secp256k1,
369 "secp256k1" },
370 { BR_EC_secp256r1,
371 "secp256r1 (P-256)" },
372 { BR_EC_secp384r1,
373 "secp384r1 (P-384)" },
374 { BR_EC_secp521r1,
375 "secp521r1 (P-521)" },
376 { BR_EC_brainpoolP256r1,
377 "brainpoolP256r1" },
378 { BR_EC_brainpoolP384r1,
379 "brainpoolP384r1" },
380 { BR_EC_brainpoolP512r1,
381 "brainpoolP512r1" },
382 { BR_EC_curve25519,
383 "Curve25519" },
384 { BR_EC_curve448,
385 "Curve448" },
386 { 0, 0 }
387 };
388
389 static const struct {
390 const char *long_name;
391 const char *short_name;
392 const void *impl;
393 } algo_names[] = {
394 /* Block ciphers */
395 { "aes_big_cbcenc", "big", &br_aes_big_cbcenc_vtable },
396 { "aes_big_cbcdec", "big", &br_aes_big_cbcdec_vtable },
397 { "aes_big_ctr", "big", &br_aes_big_ctr_vtable },
398 { "aes_big_ctrcbc", "big", &br_aes_big_ctrcbc_vtable },
399 { "aes_small_cbcenc", "small", &br_aes_small_cbcenc_vtable },
400 { "aes_small_cbcdec", "small", &br_aes_small_cbcdec_vtable },
401 { "aes_small_ctr", "small", &br_aes_small_ctr_vtable },
402 { "aes_small_ctrcbc", "small", &br_aes_small_ctrcbc_vtable },
403 { "aes_ct_cbcenc", "ct", &br_aes_ct_cbcenc_vtable },
404 { "aes_ct_cbcdec", "ct", &br_aes_ct_cbcdec_vtable },
405 { "aes_ct_ctr", "ct", &br_aes_ct_ctr_vtable },
406 { "aes_ct_ctrcbc", "ct", &br_aes_ct_ctrcbc_vtable },
407 { "aes_ct64_cbcenc", "ct64", &br_aes_ct64_cbcenc_vtable },
408 { "aes_ct64_cbcdec", "ct64", &br_aes_ct64_cbcdec_vtable },
409 { "aes_ct64_ctr", "ct64", &br_aes_ct64_ctr_vtable },
410 { "aes_ct64_ctrcbc", "ct64", &br_aes_ct64_ctrcbc_vtable },
411
412 { "des_tab_cbcenc", "tab", &br_des_tab_cbcenc_vtable },
413 { "des_tab_cbcdec", "tab", &br_des_tab_cbcdec_vtable },
414 { "des_ct_cbcenc", "ct", &br_des_ct_cbcenc_vtable },
415 { "des_ct_cbcdec", "ct", &br_des_ct_cbcdec_vtable },
416
417 { "chacha20_ct", "ct", &br_chacha20_ct_run },
418
419 { "ghash_ctmul", "ctmul", &br_ghash_ctmul },
420 { "ghash_ctmul32", "ctmul32", &br_ghash_ctmul32 },
421 { "ghash_ctmul64", "ctmul64", &br_ghash_ctmul64 },
422
423 { "poly1305_ctmul", "ctmul", &br_poly1305_ctmul_run },
424 { "poly1305_ctmul32", "ctmul32", &br_poly1305_ctmul32_run },
425
426 { "ec_all_m15", "all_m15", &br_ec_all_m15 },
427 { "ec_all_m31", "all_m31", &br_ec_all_m31 },
428 { "ec_c25519_i15", "c25519_i15", &br_ec_c25519_i15 },
429 { "ec_c25519_i31", "c25519_i31", &br_ec_c25519_i31 },
430 { "ec_c25519_m15", "c25519_m15", &br_ec_c25519_m15 },
431 { "ec_c25519_m31", "c25519_m31", &br_ec_c25519_m31 },
432 { "ec_p256_m15", "p256_m15", &br_ec_p256_m15 },
433 { "ec_p256_m31", "p256_m31", &br_ec_p256_m31 },
434 { "ec_prime_i15", "prime_i15", &br_ec_prime_i15 },
435 { "ec_prime_i31", "prime_i31", &br_ec_prime_i31 },
436
437 { "ecdsa_i15_sign_asn1", "i15_asn1", &br_ecdsa_i15_sign_asn1 },
438 { "ecdsa_i15_sign_raw", "i15_raw", &br_ecdsa_i15_sign_raw },
439 { "ecdsa_i31_sign_asn1", "i31_asn1", &br_ecdsa_i31_sign_asn1 },
440 { "ecdsa_i31_sign_raw", "i31_raw", &br_ecdsa_i31_sign_raw },
441 { "ecdsa_i15_vrfy_asn1", "i15_asn1", &br_ecdsa_i15_vrfy_asn1 },
442 { "ecdsa_i15_vrfy_raw", "i15_raw", &br_ecdsa_i15_vrfy_raw },
443 { "ecdsa_i31_vrfy_asn1", "i31_asn1", &br_ecdsa_i31_vrfy_asn1 },
444 { "ecdsa_i31_vrfy_raw", "i31_raw", &br_ecdsa_i31_vrfy_raw },
445
446 { "rsa_i15_pkcs1_sign", "i15", &br_rsa_i15_pkcs1_sign },
447 { "rsa_i31_pkcs1_sign", "i31", &br_rsa_i31_pkcs1_sign },
448 { "rsa_i32_pkcs1_sign", "i32", &br_rsa_i32_pkcs1_sign },
449 { "rsa_i15_pkcs1_vrfy", "i15", &br_rsa_i15_pkcs1_vrfy },
450 { "rsa_i31_pkcs1_vrfy", "i31", &br_rsa_i31_pkcs1_vrfy },
451 { "rsa_i32_pkcs1_vrfy", "i32", &br_rsa_i32_pkcs1_vrfy },
452
453 { 0, 0, 0 }
454 };
455
456 static const struct {
457 const char *long_name;
458 const char *short_name;
459 const void *(*get)(void);
460 } algo_names_dyn[] = {
461 { "aes_pwr8_cbcenc", "pwr8",
462 (const void *(*)(void))&br_aes_pwr8_cbcenc_get_vtable },
463 { "aes_pwr8_cbcdec", "pwr8",
464 (const void *(*)(void))&br_aes_pwr8_cbcdec_get_vtable },
465 { "aes_pwr8_ctr", "pwr8",
466 (const void *(*)(void))&br_aes_pwr8_ctr_get_vtable },
467 { "aes_x86ni_cbcenc", "x86ni",
468 (const void *(*)(void))&br_aes_x86ni_cbcenc_get_vtable },
469 { "aes_x86ni_cbcdec", "x86ni",
470 (const void *(*)(void))&br_aes_x86ni_cbcdec_get_vtable },
471 { "aes_x86ni_ctr", "x86ni",
472 (const void *(*)(void))&br_aes_x86ni_ctr_get_vtable },
473 { "aes_x86ni_ctrcbc", "x86ni",
474 (const void *(*)(void))&br_aes_x86ni_ctrcbc_get_vtable },
475 { "chacha20_sse2", "sse2",
476 (const void *(*)(void))&br_chacha20_sse2_get },
477 { "ghash_pclmul", "pclmul",
478 (const void *(*)(void))&br_ghash_pclmul_get },
479 { "ghash_pwr8", "pwr8",
480 (const void *(*)(void))&br_ghash_pwr8_get },
481 { "poly1305_ctmulq", "ctmulq",
482 (const void *(*)(void))&br_poly1305_ctmulq_get },
483 { "rsa_i62_pkcs1_sign", "i62",
484 (const void *(*)(void))&br_rsa_i62_pkcs1_sign_get },
485 { "rsa_i62_pkcs1_vrfy", "i62",
486 (const void *(*)(void))&br_rsa_i62_pkcs1_vrfy_get },
487 { 0, 0, 0, }
488 };
489
490 /* see brssl.h */
491 const char *
492 get_algo_name(const void *impl, int long_name)
493 {
494 size_t u;
495
496 for (u = 0; algo_names[u].long_name; u ++) {
497 if (impl == algo_names[u].impl) {
498 return long_name
499 ? algo_names[u].long_name
500 : algo_names[u].short_name;
501 }
502 }
503 for (u = 0; algo_names_dyn[u].long_name; u ++) {
504 if (impl == algo_names_dyn[u].get()) {
505 return long_name
506 ? algo_names_dyn[u].long_name
507 : algo_names_dyn[u].short_name;
508 }
509 }
510 return "UNKNOWN";
511 }
512
513 /* see brssl.h */
514 const char *
515 get_curve_name(int id)
516 {
517 size_t u;
518
519 for (u = 0; curves[u].name; u ++) {
520 if (curves[u].id == id) {
521 return curves[u].name;
522 }
523 }
524 return NULL;
525 }
526
527 /* see brssl.h */
528 int
529 get_curve_name_ext(int id, char *dst, size_t len)
530 {
531 const char *name;
532 char tmp[30];
533 size_t n;
534
535 name = get_curve_name(id);
536 if (name == NULL) {
537 sprintf(tmp, "unknown (%d)", id);
538 name = tmp;
539 }
540 n = 1 + strlen(name);
541 if (n > len) {
542 if (len > 0) {
543 dst[0] = 0;
544 }
545 return -1;
546 }
547 memcpy(dst, name, n);
548 return 0;
549 }
550
551 /* see brssl.h */
552 const char *
553 get_suite_name(unsigned suite)
554 {
555 size_t u;
556
557 for (u = 0; cipher_suites[u].name; u ++) {
558 if (cipher_suites[u].suite == suite) {
559 return cipher_suites[u].name;
560 }
561 }
562 return NULL;
563 }
564
565 /* see brssl.h */
566 int
567 get_suite_name_ext(unsigned suite, char *dst, size_t len)
568 {
569 const char *name;
570 char tmp[30];
571 size_t n;
572
573 name = get_suite_name(suite);
574 if (name == NULL) {
575 sprintf(tmp, "unknown (0x%04X)", suite);
576 name = tmp;
577 }
578 n = 1 + strlen(name);
579 if (n > len) {
580 if (len > 0) {
581 dst[0] = 0;
582 }
583 return -1;
584 }
585 memcpy(dst, name, n);
586 return 0;
587 }
588
589 /* see brssl.h */
590 int
591 uses_ecdhe(unsigned suite)
592 {
593 size_t u;
594
595 for (u = 0; cipher_suites[u].name; u ++) {
596 if (cipher_suites[u].suite == suite) {
597 return (cipher_suites[u].req
598 & (REQ_ECDHE_RSA | REQ_ECDHE_ECDSA)) != 0;
599 }
600 }
601 return 0;
602 }
603
604 /* see brssl.h */
605 void
606 list_names(void)
607 {
608 size_t u;
609
610 printf("Protocol versions:\n");
611 for (u = 0; protocol_versions[u].name; u ++) {
612 printf(" %-8s %s\n",
613 protocol_versions[u].name,
614 protocol_versions[u].comment);
615 }
616 printf("Hash functions:\n");
617 for (u = 0; hash_functions[u].name; u ++) {
618 printf(" %-8s %s\n",
619 hash_functions[u].name,
620 hash_functions[u].comment);
621 }
622 printf("Cipher suites:\n");
623 for (u = 0; cipher_suites[u].name; u ++) {
624 printf(" %s\n %s\n",
625 cipher_suites[u].name,
626 cipher_suites[u].comment);
627 }
628 }
629
630 static int
631 is_ign(int c)
632 {
633 if (c == 0) {
634 return 0;
635 }
636 if (c <= 32 || c == '-' || c == '_' || c == '.'
637 || c == '/' || c == '+' || c == ':')
638 {
639 return 1;
640 }
641 return 0;
642 }
643
644 /*
645 * Get next non-ignored character, normalised:
646 * ASCII letters are converted to lowercase
647 * control characters, space, '-', '_', '.', '/', '+' and ':' are ignored
648 * A terminating zero is returned as 0.
649 */
650 static int
651 next_char(const char **ps, const char *limit)
652 {
653 for (;;) {
654 int c;
655
656 if (*ps == limit) {
657 return 0;
658 }
659 c = *(*ps) ++;
660 if (c == 0) {
661 return 0;
662 }
663 if (c >= 'A' && c <= 'Z') {
664 c += 'a' - 'A';
665 }
666 if (!is_ign(c)) {
667 return c;
668 }
669 }
670 }
671
672 /*
673 * Partial string equality comparison, with normalisation.
674 */
675 static int
676 eqstr_chunk(const char *s1, size_t s1_len, const char *s2, size_t s2_len)
677 {
678 const char *lim1, *lim2;
679
680 lim1 = s1 + s1_len;
681 lim2 = s2 + s2_len;
682 for (;;) {
683 int c1, c2;
684
685 c1 = next_char(&s1, lim1);
686 c2 = next_char(&s2, lim2);
687 if (c1 != c2) {
688 return 0;
689 }
690 if (c1 == 0) {
691 return 1;
692 }
693 }
694 }
695
696 /* see brssl.h */
697 int
698 eqstr(const char *s1, const char *s2)
699 {
700 return eqstr_chunk(s1, strlen(s1), s2, strlen(s2));
701 }
702
703 static int
704 hexval(int c)
705 {
706 if (c >= '0' && c <= '9') {
707 return c - '0';
708 } else if (c >= 'A' && c <= 'F') {
709 return c - 'A' + 10;
710 } else if (c >= 'a' && c <= 'f') {
711 return c - 'a' + 10;
712 } else {
713 return -1;
714 }
715 }
716
717 /* see brssl.h */
718 size_t
719 parse_size(const char *s)
720 {
721 int radix;
722 size_t acc;
723 const char *t;
724
725 t = s;
726 if (t[0] == '0' && (t[1] == 'x' || t[1] == 'X')) {
727 radix = 16;
728 t += 2;
729 } else {
730 radix = 10;
731 }
732 acc = 0;
733 for (;;) {
734 int c, d;
735 size_t z;
736
737 c = *t ++;
738 if (c == 0) {
739 return acc;
740 }
741 d = hexval(c);
742 if (d < 0 || d >= radix) {
743 fprintf(stderr, "ERROR: not a valid digit: '%c'\n", c);
744 return (size_t)-1;
745 }
746 z = acc * (size_t)radix + (size_t)d;
747 if (z < (size_t)d || (z / (size_t)radix) != acc
748 || z == (size_t)-1)
749 {
750 fprintf(stderr, "ERROR: value too large: %s\n", s);
751 return (size_t)-1;
752 }
753 acc = z;
754 }
755 }
756
757 /*
758 * Comma-separated list enumeration. This returns a pointer to the first
759 * word in the string, skipping leading ignored characters. '*len' is
760 * set to the word length (not counting trailing ignored characters).
761 * '*str' is updated to point to immediately after the next comma, or to
762 * the terminating zero, whichever comes first.
763 *
764 * Empty words are skipped. If there is no next non-empty word, then this
765 * function returns NULL and sets *len to 0.
766 */
767 static const char *
768 next_word(const char **str, size_t *len)
769 {
770 int c;
771 const char *begin;
772 size_t u;
773
774 /*
775 * Find next non-ignored character which is not a comma.
776 */
777 for (;;) {
778 c = **str;
779 if (c == 0) {
780 *len = 0;
781 return NULL;
782 }
783 if (!is_ign(c) && c != ',') {
784 break;
785 }
786 (*str) ++;
787 }
788
789 /*
790 * Find next comma or terminator.
791 */
792 begin = *str;
793 for (;;) {
794 c = *(*str);
795 if (c == 0 || c == ',') {
796 break;
797 }
798 (*str) ++;
799 }
800
801 /*
802 * Remove trailing ignored characters.
803 */
804 u = (size_t)(*str - begin);
805 while (u > 0 && is_ign(begin[u - 1])) {
806 u --;
807 }
808 if (c == ',') {
809 (*str) ++;
810 }
811 *len = u;
812 return begin;
813 }
814
815 /* see brssl.h */
816 unsigned
817 parse_version(const char *name, size_t len)
818 {
819 size_t u;
820
821 for (u = 0;; u ++) {
822 const char *ref;
823
824 ref = protocol_versions[u].name;
825 if (ref == NULL) {
826 fprintf(stderr, "ERROR: unrecognised protocol"
827 " version name: '%s'\n", name);
828 return 0;
829 }
830 if (eqstr_chunk(ref, strlen(ref), name, len)) {
831 return protocol_versions[u].version;
832 }
833 }
834 }
835
836 /* see brssl.h */
837 unsigned
838 parse_hash_functions(const char *arg)
839 {
840 unsigned r;
841
842 r = 0;
843 for (;;) {
844 const char *name;
845 size_t len;
846 size_t u;
847
848 name = next_word(&arg, &len);
849 if (name == NULL) {
850 break;
851 }
852 for (u = 0;; u ++) {
853 const char *ref;
854
855 ref = hash_functions[u].name;
856 if (ref == 0) {
857 fprintf(stderr, "ERROR: unrecognised"
858 " hash function name: '");
859 fwrite(name, 1, len, stderr);
860 fprintf(stderr, "'\n");
861 return 0;
862 }
863 if (eqstr_chunk(ref, strlen(ref), name, len)) {
864 int id;
865
866 id = (hash_functions[u].hclass->desc
867 >> BR_HASHDESC_ID_OFF)
868 & BR_HASHDESC_ID_MASK;
869 r |= (unsigned)1 << id;
870 break;
871 }
872 }
873 }
874 if (r == 0) {
875 fprintf(stderr, "ERROR: no hash function name provided\n");
876 }
877 return r;
878 }
879
880 /* see brssl.h */
881 cipher_suite *
882 parse_suites(const char *arg, size_t *num)
883 {
884 VECTOR(cipher_suite) suites = VEC_INIT;
885 cipher_suite *r;
886
887 for (;;) {
888 const char *name;
889 size_t u, len;
890
891 name = next_word(&arg, &len);
892 if (name == NULL) {
893 break;
894 }
895 for (u = 0;; u ++) {
896 const char *ref;
897
898 ref = cipher_suites[u].name;
899 if (ref == NULL) {
900 fprintf(stderr, "ERROR: unrecognised"
901 " cipher suite '");
902 fwrite(name, 1, len, stderr);
903 fprintf(stderr, "'\n");
904 return 0;
905 }
906 if (eqstr_chunk(ref, strlen(ref), name, len)) {
907 VEC_ADD(suites, cipher_suites[u]);
908 break;
909 }
910 }
911 }
912 if (VEC_LEN(suites) == 0) {
913 fprintf(stderr, "ERROR: no cipher suite provided\n");
914 }
915 r = VEC_TOARRAY(suites);
916 *num = VEC_LEN(suites);
917 VEC_CLEAR(suites);
918 return r;
919 }
920
921 /* see brssl.h */
922 const char *
923 ec_curve_name(int curve)
924 {
925 switch (curve) {
926 case BR_EC_sect163k1: return "sect163k1";
927 case BR_EC_sect163r1: return "sect163r1";
928 case BR_EC_sect163r2: return "sect163r2";
929 case BR_EC_sect193r1: return "sect193r1";
930 case BR_EC_sect193r2: return "sect193r2";
931 case BR_EC_sect233k1: return "sect233k1";
932 case BR_EC_sect233r1: return "sect233r1";
933 case BR_EC_sect239k1: return "sect239k1";
934 case BR_EC_sect283k1: return "sect283k1";
935 case BR_EC_sect283r1: return "sect283r1";
936 case BR_EC_sect409k1: return "sect409k1";
937 case BR_EC_sect409r1: return "sect409r1";
938 case BR_EC_sect571k1: return "sect571k1";
939 case BR_EC_sect571r1: return "sect571r1";
940 case BR_EC_secp160k1: return "secp160k1";
941 case BR_EC_secp160r1: return "secp160r1";
942 case BR_EC_secp160r2: return "secp160r2";
943 case BR_EC_secp192k1: return "secp192k1";
944 case BR_EC_secp192r1: return "secp192r1";
945 case BR_EC_secp224k1: return "secp224k1";
946 case BR_EC_secp224r1: return "secp224r1";
947 case BR_EC_secp256k1: return "secp256k1";
948 case BR_EC_secp256r1: return "secp256r1";
949 case BR_EC_secp384r1: return "secp384r1";
950 case BR_EC_secp521r1: return "secp521r1";
951 case BR_EC_brainpoolP256r1: return "brainpoolP256r1";
952 case BR_EC_brainpoolP384r1: return "brainpoolP384r1";
953 case BR_EC_brainpoolP512r1: return "brainpoolP512r1";
954 default:
955 return "unknown";
956 }
957 }
958
959 /* see brssl.h */
960 const char *
961 hash_function_name(int id)
962 {
963 switch (id) {
964 case br_md5sha1_ID: return "MD5+SHA-1";
965 case br_md5_ID: return "MD5";
966 case br_sha1_ID: return "SHA-1";
967 case br_sha224_ID: return "SHA-224";
968 case br_sha256_ID: return "SHA-256";
969 case br_sha384_ID: return "SHA-384";
970 case br_sha512_ID: return "SHA-512";
971 default:
972 return "unknown";
973 }
974 }
The BearSSL library and tools.