projects / BearSSL / blob
? search:


06b2cdb344f70feb96895b0c9483dc49aa8d1180
[BearSSL] / names.c
1 /*
2 * Copyright (c) 2016 Thomas Pornin <pornin@bolet.org>
3 *
4 * Permission is hereby granted, free of charge, to any person obtaining
5 * a copy of this software and associated documentation files (the
6 * "Software"), to deal in the Software without restriction, including
7 * without limitation the rights to use, copy, modify, merge, publish,
8 * distribute, sublicense, and/or sell copies of the Software, and to
9 * permit persons to whom the Software is furnished to do so, subject to
10 * the following conditions:
11 *
12 * The above copyright notice and this permission notice shall be
13 * included in all copies or substantial portions of the Software.
14 *
15 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
16 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
17 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
18 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
19 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
20 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
21 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
22 * SOFTWARE.
23 */
24
25 #include "brssl.h"
26 #include "bearssl.h"
27
28 /* see brssl.h */
29 const protocol_version protocol_versions[] = {
30 { "tls10", BR_TLS10, "TLS 1.0" },
31 { "tls11", BR_TLS11, "TLS 1.1" },
32 { "tls12", BR_TLS12, "TLS 1.2" },
33 { NULL, 0, NULL }
34 };
35
36 /* see brssl.h */
37 const hash_function hash_functions[] = {
38 { "md5", &br_md5_vtable, "MD5" },
39 { "sha1", &br_sha1_vtable, "SHA-1" },
40 { "sha224", &br_sha224_vtable, "SHA-224" },
41 { "sha256", &br_sha256_vtable, "SHA-256" },
42 { "sha384", &br_sha384_vtable, "SHA-384" },
43 { "sha512", &br_sha512_vtable, "SHA-512" },
44 { NULL, 0, NULL }
45 };
46
47 /* see brssl.h */
48 const cipher_suite cipher_suites[] = {
49 {
50 "ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
51 BR_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
52 REQ_ECDHE_ECDSA | REQ_AESGCM | REQ_SHA256 | REQ_TLS12,
53 "ECDHE with ECDSA, AES-128/GCM encryption (TLS 1.2+)"
54 },
55 {
56 "ECDHE_RSA_WITH_AES_128_GCM_SHA256",
57 BR_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
58 REQ_ECDHE_RSA | REQ_AESGCM | REQ_SHA256 | REQ_TLS12,
59 "ECDHE with RSA, AES-128/GCM encryption (TLS 1.2+)"
60 },
61 {
62 "ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
63 BR_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
64 REQ_ECDHE_ECDSA | REQ_AESGCM | REQ_SHA384 | REQ_TLS12,
65 "ECDHE with ECDSA, AES-256/GCM encryption (TLS 1.2+)"
66 },
67 {
68 "ECDHE_RSA_WITH_AES_256_GCM_SHA384",
69 BR_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
70 REQ_ECDHE_RSA | REQ_AESGCM | REQ_SHA384 | REQ_TLS12,
71 "ECDHE with RSA, AES-256/GCM encryption (TLS 1.2+)"
72 },
73 {
74 "ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
75 BR_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
76 REQ_ECDHE_ECDSA | REQ_AESCBC | REQ_SHA256 | REQ_TLS12,
77 "ECDHE with ECDSA, AES-128/CBC + SHA-256 (TLS 1.2+)"
78 },
79 {
80 "ECDHE_RSA_WITH_AES_128_CBC_SHA256",
81 BR_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
82 REQ_ECDHE_RSA | REQ_AESCBC | REQ_SHA256 | REQ_TLS12,
83 "ECDHE with RSA, AES-128/CBC + SHA-256 (TLS 1.2+)"
84 },
85 {
86 "ECDHE_ECDSA_WITH_AES_256_CBC_SHA384",
87 BR_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
88 REQ_ECDHE_ECDSA | REQ_AESCBC | REQ_SHA384 | REQ_TLS12,
89 "ECDHE with ECDSA, AES-256/CBC + SHA-384 (TLS 1.2+)"
90 },
91 {
92 "ECDHE_RSA_WITH_AES_256_CBC_SHA384",
93 BR_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
94 REQ_ECDHE_RSA | REQ_AESCBC | REQ_SHA384 | REQ_TLS12,
95 "ECDHE with RSA, AES-256/CBC + SHA-384 (TLS 1.2+)"
96 },
97 {
98 "ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
99 BR_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
100 REQ_ECDHE_ECDSA | REQ_AESCBC | REQ_SHA1,
101 "ECDHE with ECDSA, AES-128/CBC + SHA-1"
102 },
103 {
104 "ECDHE_RSA_WITH_AES_128_CBC_SHA",
105 BR_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
106 REQ_ECDHE_RSA | REQ_AESCBC | REQ_SHA1,
107 "ECDHE with RSA, AES-128/CBC + SHA-1"
108 },
109 {
110 "ECDHE_ECDSA_WITH_AES_256_CBC_SHA",
111 BR_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
112 REQ_ECDHE_ECDSA | REQ_AESCBC | REQ_SHA1,
113 "ECDHE with ECDSA, AES-256/CBC + SHA-1"
114 },
115 {
116 "ECDHE_RSA_WITH_AES_256_CBC_SHA",
117 BR_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
118 REQ_ECDHE_RSA | REQ_AESCBC | REQ_SHA1,
119 "ECDHE with RSA, AES-256/CBC + SHA-1"
120 },
121 {
122 "ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
123 BR_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
124 REQ_ECDH | REQ_AESGCM | REQ_SHA256 | REQ_TLS12,
125 "ECDH key exchange (EC cert), AES-128/GCM (TLS 1.2+)"
126 },
127 {
128 "ECDH_RSA_WITH_AES_128_GCM_SHA256",
129 BR_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,
130 REQ_ECDH | REQ_AESGCM | REQ_SHA256 | REQ_TLS12,
131 "ECDH key exchange (RSA cert), AES-128/GCM (TLS 1.2+)"
132 },
133 {
134 "ECDH_ECDSA_WITH_AES_256_GCM_SHA384",
135 BR_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
136 REQ_ECDH | REQ_AESGCM | REQ_SHA384 | REQ_TLS12,
137 "ECDH key exchange (EC cert), AES-256/GCM (TLS 1.2+)"
138 },
139 {
140 "ECDH_RSA_WITH_AES_256_GCM_SHA384",
141 BR_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,
142 REQ_ECDH | REQ_AESGCM | REQ_SHA384 | REQ_TLS12,
143 "ECDH key exchange (RSA cert), AES-256/GCM (TLS 1.2+)"
144 },
145 {
146 "ECDH_ECDSA_WITH_AES_128_CBC_SHA256",
147 BR_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,
148 REQ_ECDH | REQ_AESCBC | REQ_SHA256 | REQ_TLS12,
149 "ECDH key exchange (EC cert), AES-128/CBC + HMAC/SHA-256 (TLS 1.2+)"
150 },
151 {
152 "ECDH_RSA_WITH_AES_128_CBC_SHA256",
153 BR_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,
154 REQ_ECDH | REQ_AESCBC | REQ_SHA256 | REQ_TLS12,
155 "ECDH key exchange (RSA cert), AES-128/CBC + HMAC/SHA-256 (TLS 1.2+)"
156 },
157 {
158 "ECDH_ECDSA_WITH_AES_256_CBC_SHA384",
159 BR_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,
160 REQ_ECDH | REQ_AESCBC | REQ_SHA384 | REQ_TLS12,
161 "ECDH key exchange (EC cert), AES-256/CBC + HMAC/SHA-384 (TLS 1.2+)"
162 },
163 {
164 "ECDH_RSA_WITH_AES_256_CBC_SHA384",
165 BR_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,
166 REQ_ECDH | REQ_AESCBC | REQ_SHA384 | REQ_TLS12,
167 "ECDH key exchange (RSA cert), AES-256/CBC + HMAC/SHA-384 (TLS 1.2+)"
168 },
169 {
170 "ECDH_ECDSA_WITH_AES_128_CBC_SHA",
171 BR_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
172 REQ_ECDH | REQ_AESCBC | REQ_SHA1,
173 "ECDH key exchange (EC cert), AES-128/CBC + HMAC/SHA-1"
174 },
175 {
176 "ECDH_RSA_WITH_AES_128_CBC_SHA",
177 BR_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
178 REQ_ECDH | REQ_AESCBC | REQ_SHA1,
179 "ECDH key exchange (RSA cert), AES-128/CBC + HMAC/SHA-1"
180 },
181 {
182 "ECDH_ECDSA_WITH_AES_256_CBC_SHA",
183 BR_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
184 REQ_ECDH | REQ_AESCBC | REQ_SHA1,
185 "ECDH key exchange (EC cert), AES-256/CBC + HMAC/SHA-1"
186 },
187 {
188 "ECDH_RSA_WITH_AES_256_CBC_SHA",
189 BR_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
190 REQ_ECDH | REQ_AESCBC | REQ_SHA1,
191 "ECDH key exchange (RSA cert), AES-256/CBC + HMAC/SHA-1"
192 },
193 {
194 "RSA_WITH_AES_128_GCM_SHA256",
195 BR_TLS_RSA_WITH_AES_128_GCM_SHA256,
196 REQ_RSAKEYX | REQ_AESGCM | REQ_SHA256 | REQ_TLS12,
197 "RSA key exchange, AES-128/GCM encryption (TLS 1.2+)"
198 },
199 {
200 "RSA_WITH_AES_256_GCM_SHA384",
201 BR_TLS_RSA_WITH_AES_256_GCM_SHA384,
202 REQ_RSAKEYX | REQ_AESGCM | REQ_SHA384 | REQ_TLS12,
203 "RSA key exchange, AES-256/GCM encryption (TLS 1.2+)"
204 },
205 {
206 "RSA_WITH_AES_128_CBC_SHA256",
207 BR_TLS_RSA_WITH_AES_128_CBC_SHA256,
208 REQ_RSAKEYX | REQ_AESCBC | REQ_SHA256 | REQ_TLS12,
209 "RSA key exchange, AES-128/CBC + HMAC/SHA-256 (TLS 1.2+)"
210 },
211 {
212 "RSA_WITH_AES_256_CBC_SHA256",
213 BR_TLS_RSA_WITH_AES_256_CBC_SHA256,
214 REQ_RSAKEYX | REQ_AESCBC | REQ_SHA256 | REQ_TLS12,
215 "RSA key exchange, AES-256/CBC + HMAC/SHA-256 (TLS 1.2+)"
216 },
217 {
218 "RSA_WITH_AES_128_CBC_SHA",
219 BR_TLS_RSA_WITH_AES_128_CBC_SHA,
220 REQ_RSAKEYX | REQ_AESCBC | REQ_SHA1,
221 "RSA key exchange, AES-128/CBC + HMAC/SHA-1"
222 },
223 {
224 "RSA_WITH_AES_256_CBC_SHA",
225 BR_TLS_RSA_WITH_AES_256_CBC_SHA,
226 REQ_RSAKEYX | REQ_AESCBC | REQ_SHA1,
227 "RSA key exchange, AES-256/CBC + HMAC/SHA-1"
228 },
229 {
230 "ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA",
231 BR_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
232 REQ_ECDHE_ECDSA | REQ_3DESCBC | REQ_SHA1,
233 "ECDHE with ECDSA, 3DES/CBC + SHA-1"
234 },
235 {
236 "ECDHE_RSA_WITH_3DES_EDE_CBC_SHA",
237 BR_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
238 REQ_ECDHE_RSA | REQ_3DESCBC | REQ_SHA1,
239 "ECDHE with RSA, 3DES/CBC + SHA-1"
240 },
241 {
242 "ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA",
243 BR_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,
244 REQ_ECDH | REQ_3DESCBC | REQ_SHA1,
245 "ECDH key exchange (EC cert), 3DES/CBC + HMAC/SHA-1"
246 },
247 {
248 "ECDH_RSA_WITH_3DES_EDE_CBC_SHA",
249 BR_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
250 REQ_ECDH | REQ_3DESCBC | REQ_SHA1,
251 "ECDH key exchange (RSA cert), 3DES/CBC + HMAC/SHA-1"
252 },
253 {
254 "RSA_WITH_3DES_EDE_CBC_SHA",
255 BR_TLS_RSA_WITH_3DES_EDE_CBC_SHA,
256 REQ_RSAKEYX | REQ_3DESCBC | REQ_SHA1,
257 "RSA key exchange, 3DES/CBC + HMAC/SHA-1"
258 },
259 { NULL, 0, 0, NULL }
260 };
261
262 /* see brssl.h */
263 const char *
264 get_suite_name(unsigned suite)
265 {
266 size_t u;
267
268 for (u = 0; cipher_suites[u].name; u ++) {
269 if (cipher_suites[u].suite == suite) {
270 return cipher_suites[u].name;
271 }
272 }
273 return NULL;
274 }
275
276 /* see brssl.h */
277 int
278 get_suite_name_ext(unsigned suite, char *dst, size_t len)
279 {
280 const char *name;
281 char tmp[30];
282 size_t n;
283
284 name = get_suite_name(suite);
285 if (name == NULL) {
286 sprintf(tmp, "unknown (0x%04X)", suite);
287 name = tmp;
288 }
289 n = 1 + strlen(name);
290 if (n > len) {
291 if (len > 0) {
292 dst[0] = 0;
293 }
294 return -1;
295 }
296 memcpy(dst, name, n);
297 return 0;
298 }
299
300 /* see brssl.h */
301 void
302 list_names(void)
303 {
304 size_t u;
305
306 printf("Protocol versions:\n");
307 for (u = 0; protocol_versions[u].name; u ++) {
308 printf(" %-8s %s\n",
309 protocol_versions[u].name,
310 protocol_versions[u].comment);
311 }
312 printf("Hash functions:\n");
313 for (u = 0; hash_functions[u].name; u ++) {
314 printf(" %-8s %s\n",
315 hash_functions[u].name,
316 hash_functions[u].comment);
317 }
318 printf("Cipher suites:\n");
319 for (u = 0; cipher_suites[u].name; u ++) {
320 printf(" %s\n %s\n",
321 cipher_suites[u].name,
322 cipher_suites[u].comment);
323 }
324 }
325
326 static int
327 is_ign(int c)
328 {
329 if (c == 0) {
330 return 0;
331 }
332 if (c <= 32 || c == '-' || c == '_' || c == '.'
333 || c == '/' || c == '+' || c == ':')
334 {
335 return 1;
336 }
337 return 0;
338 }
339
340 /*
341 * Get next non-ignored character, normalised:
342 * ASCII letters are converted to lowercase
343 * control characters, space, '-', '_', '.', '/', '+' and ':' are ignored
344 * A terminating zero is returned as 0.
345 */
346 static int
347 next_char(const char **ps, const char *limit)
348 {
349 for (;;) {
350 int c;
351
352 if (*ps == limit) {
353 return 0;
354 }
355 c = *(*ps) ++;
356 if (c == 0) {
357 return 0;
358 }
359 if (c >= 'A' && c <= 'Z') {
360 c += 'a' - 'A';
361 }
362 if (!is_ign(c)) {
363 return c;
364 }
365 }
366 }
367
368 /*
369 * Partial string equality comparison, with normalisation.
370 */
371 static int
372 eqstr_chunk(const char *s1, size_t s1_len, const char *s2, size_t s2_len)
373 {
374 const char *lim1, *lim2;
375
376 lim1 = s1 + s1_len;
377 lim2 = s2 + s2_len;
378 for (;;) {
379 int c1, c2;
380
381 c1 = next_char(&s1, lim1);
382 c2 = next_char(&s2, lim2);
383 if (c1 != c2) {
384 return 0;
385 }
386 if (c1 == 0) {
387 return 1;
388 }
389 }
390 }
391
392 /* see brssl.h */
393 int
394 eqstr(const char *s1, const char *s2)
395 {
396 return eqstr_chunk(s1, strlen(s1), s2, strlen(s2));
397 }
398
399 static int
400 hexval(int c)
401 {
402 if (c >= '0' && c <= '9') {
403 return c - '0';
404 } else if (c >= 'A' && c <= 'F') {
405 return c - 'A' + 10;
406 } else if (c >= 'a' && c <= 'f') {
407 return c - 'a' + 10;
408 } else {
409 return -1;
410 }
411 }
412
413 /* see brssl.h */
414 size_t
415 parse_size(const char *s)
416 {
417 int radix;
418 size_t acc;
419 const char *t;
420
421 t = s;
422 if (t[0] == '0' && (t[1] == 'x' || t[1] == 'X')) {
423 radix = 16;
424 t += 2;
425 } else {
426 radix = 10;
427 }
428 acc = 0;
429 for (;;) {
430 int c, d;
431 size_t z;
432
433 c = *t ++;
434 if (c == 0) {
435 return acc;
436 }
437 d = hexval(c);
438 if (d < 0 || d >= radix) {
439 fprintf(stderr, "ERROR: not a valid digit: '%c'\n", c);
440 return (size_t)-1;
441 }
442 z = acc * (size_t)radix + (size_t)d;
443 if (z < (size_t)d || (z / (size_t)radix) != acc
444 || z == (size_t)-1)
445 {
446 fprintf(stderr, "ERROR: value too large: %s\n", s);
447 return (size_t)-1;
448 }
449 acc = z;
450 }
451 }
452
453 /*
454 * Comma-separated list enumeration. This returns a pointer to the first
455 * word in the string, skipping leading ignored characters. '*len' is
456 * set to the word length (not counting trailing ignored characters).
457 * '*str' is updated to point to immediately after the next comma, or to
458 * the terminating zero, whichever comes first.
459 *
460 * Empty words are skipped. If there is no next non-empty word, then this
461 * function returns NULL and sets *len to 0.
462 */
463 static const char *
464 next_word(const char **str, size_t *len)
465 {
466 int c;
467 const char *begin;
468 size_t u;
469
470 /*
471 * Find next non-ignored character which is not a comma.
472 */
473 for (;;) {
474 c = **str;
475 if (c == 0) {
476 *len = 0;
477 return NULL;
478 }
479 if (!is_ign(c) && c != ',') {
480 break;
481 }
482 (*str) ++;
483 }
484
485 /*
486 * Find next comma or terminator.
487 */
488 begin = *str;
489 for (;;) {
490 c = *(*str);
491 if (c == 0 || c == ',') {
492 break;
493 }
494 (*str) ++;
495 }
496
497 /*
498 * Remove trailing ignored characters.
499 */
500 u = (size_t)(*str - begin);
501 while (u > 0 && is_ign(begin[u - 1])) {
502 u --;
503 }
504 if (c == ',') {
505 (*str) ++;
506 }
507 *len = u;
508 return begin;
509 }
510
511 /* see brssl.h */
512 unsigned
513 parse_version(const char *name, size_t len)
514 {
515 size_t u;
516
517 for (u = 0;; u ++) {
518 const char *ref;
519
520 ref = protocol_versions[u].name;
521 if (ref == NULL) {
522 fprintf(stderr, "ERROR: unrecognised protocol"
523 " version name: '%s'\n", name);
524 return 0;
525 }
526 if (eqstr_chunk(ref, strlen(ref), name, len)) {
527 return protocol_versions[u].version;
528 }
529 }
530 }
531
532 /* see brssl.h */
533 unsigned
534 parse_hash_functions(const char *arg)
535 {
536 unsigned r;
537
538 r = 0;
539 for (;;) {
540 const char *name;
541 size_t len;
542 size_t u;
543
544 name = next_word(&arg, &len);
545 if (name == NULL) {
546 break;
547 }
548 for (u = 0;; u ++) {
549 const char *ref;
550
551 ref = hash_functions[u].name;
552 if (ref == 0) {
553 fprintf(stderr, "ERROR: unrecognised"
554 " hash function name: '");
555 fwrite(name, 1, len, stderr);
556 fprintf(stderr, "'\n");
557 return 0;
558 }
559 if (eqstr_chunk(ref, strlen(ref), name, len)) {
560 int id;
561
562 id = (hash_functions[u].hclass->desc
563 >> BR_HASHDESC_ID_OFF)
564 & BR_HASHDESC_ID_MASK;
565 r |= (unsigned)1 << id;
566 break;
567 }
568 }
569 }
570 if (r == 0) {
571 fprintf(stderr, "ERROR: no hash function name provided\n");
572 }
573 return r;
574 }
575
576 /* see brssl.h */
577 cipher_suite *
578 parse_suites(const char *arg, size_t *num)
579 {
580 VECTOR(cipher_suite) suites = VEC_INIT;
581 cipher_suite *r;
582
583 for (;;) {
584 const char *name;
585 size_t u, len;
586
587 name = next_word(&arg, &len);
588 if (name == NULL) {
589 break;
590 }
591 for (u = 0;; u ++) {
592 const char *ref;
593
594 ref = cipher_suites[u].name;
595 if (ref == NULL) {
596 fprintf(stderr, "ERROR: unrecognised"
597 " cipher suite '");
598 fwrite(name, 1, len, stderr);
599 fprintf(stderr, "'\n");
600 return 0;
601 }
602 if (eqstr_chunk(ref, strlen(ref), name, len)) {
603 VEC_ADD(suites, cipher_suites[u]);
604 break;
605 }
606 }
607 }
608 if (VEC_LEN(suites) == 0) {
609 fprintf(stderr, "ERROR: no cipher suite provided\n");
610 }
611 r = VEC_TOARRAY(suites);
612 *num = VEC_LEN(suites);
613 VEC_CLEAR(suites);
614 return r;
615 }
616
617 /* see brssl.h */
618 const char *
619 ec_curve_name(int curve)
620 {
621 switch (curve) {
622 case BR_EC_sect163k1: return "sect163k1";
623 case BR_EC_sect163r1: return "sect163r1";
624 case BR_EC_sect163r2: return "sect163r2";
625 case BR_EC_sect193r1: return "sect193r1";
626 case BR_EC_sect193r2: return "sect193r2";
627 case BR_EC_sect233k1: return "sect233k1";
628 case BR_EC_sect233r1: return "sect233r1";
629 case BR_EC_sect239k1: return "sect239k1";
630 case BR_EC_sect283k1: return "sect283k1";
631 case BR_EC_sect283r1: return "sect283r1";
632 case BR_EC_sect409k1: return "sect409k1";
633 case BR_EC_sect409r1: return "sect409r1";
634 case BR_EC_sect571k1: return "sect571k1";
635 case BR_EC_sect571r1: return "sect571r1";
636 case BR_EC_secp160k1: return "secp160k1";
637 case BR_EC_secp160r1: return "secp160r1";
638 case BR_EC_secp160r2: return "secp160r2";
639 case BR_EC_secp192k1: return "secp192k1";
640 case BR_EC_secp192r1: return "secp192r1";
641 case BR_EC_secp224k1: return "secp224k1";
642 case BR_EC_secp224r1: return "secp224r1";
643 case BR_EC_secp256k1: return "secp256k1";
644 case BR_EC_secp256r1: return "secp256r1";
645 case BR_EC_secp384r1: return "secp384r1";
646 case BR_EC_secp521r1: return "secp521r1";
647 case BR_EC_brainpoolP256r1: return "brainpoolP256r1";
648 case BR_EC_brainpoolP384r1: return "brainpoolP384r1";
649 case BR_EC_brainpoolP512r1: return "brainpoolP512r1";
650 default:
651 return "unknown";
652 }
653 }
654
655 /* see brssl.h */
656 const char *
657 hash_function_name(int id)
658 {
659 switch (id) {
660 case br_md5sha1_ID: return "MD5+SHA-1";
661 case br_md5_ID: return "MD5";
662 case br_sha1_ID: return "SHA-1";
663 case br_sha224_ID: return "SHA-224";
664 case br_sha256_ID: return "SHA-256";
665 case br_sha384_ID: return "SHA-384";
666 case br_sha512_ID: return "SHA-512";
667 default:
668 return "unknown";
669 }
670 }
The BearSSL library and tools.