projects / BearSSL / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Added API to share precomputations in EAX.
[BearSSL] / tools / names.c
1 /*
2 * Copyright (c) 2016 Thomas Pornin <pornin@bolet.org>
3 *
4 * Permission is hereby granted, free of charge, to any person obtaining
5 * a copy of this software and associated documentation files (the
6 * "Software"), to deal in the Software without restriction, including
7 * without limitation the rights to use, copy, modify, merge, publish,
8 * distribute, sublicense, and/or sell copies of the Software, and to
9 * permit persons to whom the Software is furnished to do so, subject to
10 * the following conditions:
11 *
12 * The above copyright notice and this permission notice shall be
13 * included in all copies or substantial portions of the Software.
14 *
15 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
16 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
17 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
18 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
19 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
20 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
21 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
22 * SOFTWARE.
23 */
24
25 #include "brssl.h"
26 #include "bearssl.h"
27
28 /* see brssl.h */
29 const protocol_version protocol_versions[] = {
30 { "tls10", BR_TLS10, "TLS 1.0" },
31 { "tls11", BR_TLS11, "TLS 1.1" },
32 { "tls12", BR_TLS12, "TLS 1.2" },
33 { NULL, 0, NULL }
34 };
35
36 /* see brssl.h */
37 const hash_function hash_functions[] = {
38 { "md5", &br_md5_vtable, "MD5" },
39 { "sha1", &br_sha1_vtable, "SHA-1" },
40 { "sha224", &br_sha224_vtable, "SHA-224" },
41 { "sha256", &br_sha256_vtable, "SHA-256" },
42 { "sha384", &br_sha384_vtable, "SHA-384" },
43 { "sha512", &br_sha512_vtable, "SHA-512" },
44 { NULL, 0, NULL }
45 };
46
47 /* see brssl.h */
48 const cipher_suite cipher_suites[] = {
49 {
50 "ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256",
51 BR_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
52 REQ_ECDHE_ECDSA | REQ_CHAPOL | REQ_SHA256 | REQ_TLS12,
53 "ECDHE with ECDSA, ChaCha20+Poly1305 encryption (TLS 1.2+)"
54 },
55 {
56 "ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
57 BR_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
58 REQ_ECDHE_RSA | REQ_CHAPOL | REQ_SHA256 | REQ_TLS12,
59 "ECDHE with RSA, ChaCha20+Poly1305 encryption (TLS 1.2+)"
60 },
61 {
62 "ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
63 BR_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
64 REQ_ECDHE_ECDSA | REQ_AESGCM | REQ_SHA256 | REQ_TLS12,
65 "ECDHE with ECDSA, AES-128/GCM encryption (TLS 1.2+)"
66 },
67 {
68 "ECDHE_RSA_WITH_AES_128_GCM_SHA256",
69 BR_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
70 REQ_ECDHE_RSA | REQ_AESGCM | REQ_SHA256 | REQ_TLS12,
71 "ECDHE with RSA, AES-128/GCM encryption (TLS 1.2+)"
72 },
73 {
74 "ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
75 BR_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
76 REQ_ECDHE_ECDSA | REQ_AESGCM | REQ_SHA384 | REQ_TLS12,
77 "ECDHE with ECDSA, AES-256/GCM encryption (TLS 1.2+)"
78 },
79 {
80 "ECDHE_RSA_WITH_AES_256_GCM_SHA384",
81 BR_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
82 REQ_ECDHE_RSA | REQ_AESGCM | REQ_SHA384 | REQ_TLS12,
83 "ECDHE with RSA, AES-256/GCM encryption (TLS 1.2+)"
84 },
85 {
86 "ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
87 BR_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
88 REQ_ECDHE_ECDSA | REQ_AESCBC | REQ_SHA256 | REQ_TLS12,
89 "ECDHE with ECDSA, AES-128/CBC + SHA-256 (TLS 1.2+)"
90 },
91 {
92 "ECDHE_RSA_WITH_AES_128_CBC_SHA256",
93 BR_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
94 REQ_ECDHE_RSA | REQ_AESCBC | REQ_SHA256 | REQ_TLS12,
95 "ECDHE with RSA, AES-128/CBC + SHA-256 (TLS 1.2+)"
96 },
97 {
98 "ECDHE_ECDSA_WITH_AES_256_CBC_SHA384",
99 BR_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
100 REQ_ECDHE_ECDSA | REQ_AESCBC | REQ_SHA384 | REQ_TLS12,
101 "ECDHE with ECDSA, AES-256/CBC + SHA-384 (TLS 1.2+)"
102 },
103 {
104 "ECDHE_RSA_WITH_AES_256_CBC_SHA384",
105 BR_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
106 REQ_ECDHE_RSA | REQ_AESCBC | REQ_SHA384 | REQ_TLS12,
107 "ECDHE with RSA, AES-256/CBC + SHA-384 (TLS 1.2+)"
108 },
109 {
110 "ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
111 BR_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
112 REQ_ECDHE_ECDSA | REQ_AESCBC | REQ_SHA1,
113 "ECDHE with ECDSA, AES-128/CBC + SHA-1"
114 },
115 {
116 "ECDHE_RSA_WITH_AES_128_CBC_SHA",
117 BR_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
118 REQ_ECDHE_RSA | REQ_AESCBC | REQ_SHA1,
119 "ECDHE with RSA, AES-128/CBC + SHA-1"
120 },
121 {
122 "ECDHE_ECDSA_WITH_AES_256_CBC_SHA",
123 BR_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
124 REQ_ECDHE_ECDSA | REQ_AESCBC | REQ_SHA1,
125 "ECDHE with ECDSA, AES-256/CBC + SHA-1"
126 },
127 {
128 "ECDHE_RSA_WITH_AES_256_CBC_SHA",
129 BR_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
130 REQ_ECDHE_RSA | REQ_AESCBC | REQ_SHA1,
131 "ECDHE with RSA, AES-256/CBC + SHA-1"
132 },
133 {
134 "ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
135 BR_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
136 REQ_ECDH | REQ_AESGCM | REQ_SHA256 | REQ_TLS12,
137 "ECDH key exchange (EC cert), AES-128/GCM (TLS 1.2+)"
138 },
139 {
140 "ECDH_RSA_WITH_AES_128_GCM_SHA256",
141 BR_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,
142 REQ_ECDH | REQ_AESGCM | REQ_SHA256 | REQ_TLS12,
143 "ECDH key exchange (RSA cert), AES-128/GCM (TLS 1.2+)"
144 },
145 {
146 "ECDH_ECDSA_WITH_AES_256_GCM_SHA384",
147 BR_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
148 REQ_ECDH | REQ_AESGCM | REQ_SHA384 | REQ_TLS12,
149 "ECDH key exchange (EC cert), AES-256/GCM (TLS 1.2+)"
150 },
151 {
152 "ECDH_RSA_WITH_AES_256_GCM_SHA384",
153 BR_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,
154 REQ_ECDH | REQ_AESGCM | REQ_SHA384 | REQ_TLS12,
155 "ECDH key exchange (RSA cert), AES-256/GCM (TLS 1.2+)"
156 },
157 {
158 "ECDH_ECDSA_WITH_AES_128_CBC_SHA256",
159 BR_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,
160 REQ_ECDH | REQ_AESCBC | REQ_SHA256 | REQ_TLS12,
161 "ECDH key exchange (EC cert), AES-128/CBC + HMAC/SHA-256 (TLS 1.2+)"
162 },
163 {
164 "ECDH_RSA_WITH_AES_128_CBC_SHA256",
165 BR_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,
166 REQ_ECDH | REQ_AESCBC | REQ_SHA256 | REQ_TLS12,
167 "ECDH key exchange (RSA cert), AES-128/CBC + HMAC/SHA-256 (TLS 1.2+)"
168 },
169 {
170 "ECDH_ECDSA_WITH_AES_256_CBC_SHA384",
171 BR_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,
172 REQ_ECDH | REQ_AESCBC | REQ_SHA384 | REQ_TLS12,
173 "ECDH key exchange (EC cert), AES-256/CBC + HMAC/SHA-384 (TLS 1.2+)"
174 },
175 {
176 "ECDH_RSA_WITH_AES_256_CBC_SHA384",
177 BR_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,
178 REQ_ECDH | REQ_AESCBC | REQ_SHA384 | REQ_TLS12,
179 "ECDH key exchange (RSA cert), AES-256/CBC + HMAC/SHA-384 (TLS 1.2+)"
180 },
181 {
182 "ECDH_ECDSA_WITH_AES_128_CBC_SHA",
183 BR_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
184 REQ_ECDH | REQ_AESCBC | REQ_SHA1,
185 "ECDH key exchange (EC cert), AES-128/CBC + HMAC/SHA-1"
186 },
187 {
188 "ECDH_RSA_WITH_AES_128_CBC_SHA",
189 BR_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
190 REQ_ECDH | REQ_AESCBC | REQ_SHA1,
191 "ECDH key exchange (RSA cert), AES-128/CBC + HMAC/SHA-1"
192 },
193 {
194 "ECDH_ECDSA_WITH_AES_256_CBC_SHA",
195 BR_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
196 REQ_ECDH | REQ_AESCBC | REQ_SHA1,
197 "ECDH key exchange (EC cert), AES-256/CBC + HMAC/SHA-1"
198 },
199 {
200 "ECDH_RSA_WITH_AES_256_CBC_SHA",
201 BR_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
202 REQ_ECDH | REQ_AESCBC | REQ_SHA1,
203 "ECDH key exchange (RSA cert), AES-256/CBC + HMAC/SHA-1"
204 },
205 {
206 "RSA_WITH_AES_128_GCM_SHA256",
207 BR_TLS_RSA_WITH_AES_128_GCM_SHA256,
208 REQ_RSAKEYX | REQ_AESGCM | REQ_SHA256 | REQ_TLS12,
209 "RSA key exchange, AES-128/GCM encryption (TLS 1.2+)"
210 },
211 {
212 "RSA_WITH_AES_256_GCM_SHA384",
213 BR_TLS_RSA_WITH_AES_256_GCM_SHA384,
214 REQ_RSAKEYX | REQ_AESGCM | REQ_SHA384 | REQ_TLS12,
215 "RSA key exchange, AES-256/GCM encryption (TLS 1.2+)"
216 },
217 {
218 "RSA_WITH_AES_128_CBC_SHA256",
219 BR_TLS_RSA_WITH_AES_128_CBC_SHA256,
220 REQ_RSAKEYX | REQ_AESCBC | REQ_SHA256 | REQ_TLS12,
221 "RSA key exchange, AES-128/CBC + HMAC/SHA-256 (TLS 1.2+)"
222 },
223 {
224 "RSA_WITH_AES_256_CBC_SHA256",
225 BR_TLS_RSA_WITH_AES_256_CBC_SHA256,
226 REQ_RSAKEYX | REQ_AESCBC | REQ_SHA256 | REQ_TLS12,
227 "RSA key exchange, AES-256/CBC + HMAC/SHA-256 (TLS 1.2+)"
228 },
229 {
230 "RSA_WITH_AES_128_CBC_SHA",
231 BR_TLS_RSA_WITH_AES_128_CBC_SHA,
232 REQ_RSAKEYX | REQ_AESCBC | REQ_SHA1,
233 "RSA key exchange, AES-128/CBC + HMAC/SHA-1"
234 },
235 {
236 "RSA_WITH_AES_256_CBC_SHA",
237 BR_TLS_RSA_WITH_AES_256_CBC_SHA,
238 REQ_RSAKEYX | REQ_AESCBC | REQ_SHA1,
239 "RSA key exchange, AES-256/CBC + HMAC/SHA-1"
240 },
241 {
242 "ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA",
243 BR_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
244 REQ_ECDHE_ECDSA | REQ_3DESCBC | REQ_SHA1,
245 "ECDHE with ECDSA, 3DES/CBC + SHA-1"
246 },
247 {
248 "ECDHE_RSA_WITH_3DES_EDE_CBC_SHA",
249 BR_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
250 REQ_ECDHE_RSA | REQ_3DESCBC | REQ_SHA1,
251 "ECDHE with RSA, 3DES/CBC + SHA-1"
252 },
253 {
254 "ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA",
255 BR_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,
256 REQ_ECDH | REQ_3DESCBC | REQ_SHA1,
257 "ECDH key exchange (EC cert), 3DES/CBC + HMAC/SHA-1"
258 },
259 {
260 "ECDH_RSA_WITH_3DES_EDE_CBC_SHA",
261 BR_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
262 REQ_ECDH | REQ_3DESCBC | REQ_SHA1,
263 "ECDH key exchange (RSA cert), 3DES/CBC + HMAC/SHA-1"
264 },
265 {
266 "RSA_WITH_3DES_EDE_CBC_SHA",
267 BR_TLS_RSA_WITH_3DES_EDE_CBC_SHA,
268 REQ_RSAKEYX | REQ_3DESCBC | REQ_SHA1,
269 "RSA key exchange, 3DES/CBC + HMAC/SHA-1"
270 },
271 { NULL, 0, 0, NULL }
272 };
273
274 static const struct {
275 int id;
276 const char *name;
277 } curves[] = {
278 { BR_EC_sect163k1,
279 "sect163k1" },
280 { BR_EC_sect163r1,
281 "sect163r1" },
282 { BR_EC_sect163r2,
283 "sect163r2" },
284 { BR_EC_sect193r1,
285 "sect193r1" },
286 { BR_EC_sect193r2,
287 "sect193r2" },
288 { BR_EC_sect233k1,
289 "sect233k1" },
290 { BR_EC_sect233r1,
291 "sect233r1" },
292 { BR_EC_sect239k1,
293 "sect239k1" },
294 { BR_EC_sect283k1,
295 "sect283k1" },
296 { BR_EC_sect283r1,
297 "sect283r1" },
298 { BR_EC_sect409k1,
299 "sect409k1" },
300 { BR_EC_sect409r1,
301 "sect409r1" },
302 { BR_EC_sect571k1,
303 "sect571k1" },
304 { BR_EC_sect571r1,
305 "sect571r1" },
306 { BR_EC_secp160k1,
307 "secp160k1" },
308 { BR_EC_secp160r1,
309 "secp160r1" },
310 { BR_EC_secp160r2,
311 "secp160r2" },
312 { BR_EC_secp192k1,
313 "secp192k1" },
314 { BR_EC_secp192r1,
315 "secp192r1" },
316 { BR_EC_secp224k1,
317 "secp224k1" },
318 { BR_EC_secp224r1,
319 "secp224r1" },
320 { BR_EC_secp256k1,
321 "secp256k1" },
322 { BR_EC_secp256r1,
323 "secp256r1 (P-256)" },
324 { BR_EC_secp384r1,
325 "secp384r1 (P-384)" },
326 { BR_EC_secp521r1,
327 "secp521r1 (P-521)" },
328 { BR_EC_brainpoolP256r1,
329 "brainpoolP256r1" },
330 { BR_EC_brainpoolP384r1,
331 "brainpoolP384r1" },
332 { BR_EC_brainpoolP512r1,
333 "brainpoolP512r1" },
334 { BR_EC_curve25519,
335 "Curve25519" },
336 { BR_EC_curve448,
337 "Curve448" },
338 { 0, 0 }
339 };
340
341 static const struct {
342 const char *long_name;
343 const char *short_name;
344 const void *impl;
345 } algo_names[] = {
346 /* Block ciphers */
347 { "aes_big_cbcenc", "big", &br_aes_big_cbcenc_vtable },
348 { "aes_big_cbcdec", "big", &br_aes_big_cbcdec_vtable },
349 { "aes_big_ctr", "big", &br_aes_big_ctr_vtable },
350 { "aes_small_cbcenc", "small", &br_aes_small_cbcenc_vtable },
351 { "aes_small_cbcdec", "small", &br_aes_small_cbcdec_vtable },
352 { "aes_small_ctr", "small", &br_aes_small_ctr_vtable },
353 { "aes_ct_cbcenc", "ct", &br_aes_ct_cbcenc_vtable },
354 { "aes_ct_cbcdec", "ct", &br_aes_ct_cbcdec_vtable },
355 { "aes_ct_ctr", "ct", &br_aes_ct_ctr_vtable },
356 { "aes_ct64_cbcenc", "ct64", &br_aes_ct64_cbcenc_vtable },
357 { "aes_ct64_cbcdec", "ct64", &br_aes_ct64_cbcdec_vtable },
358 { "aes_ct64_ctr", "ct64", &br_aes_ct64_ctr_vtable },
359
360 { "des_tab_cbcenc", "tab", &br_des_tab_cbcenc_vtable },
361 { "des_tab_cbcdec", "tab", &br_des_tab_cbcdec_vtable },
362 { "des_ct_cbcenc", "ct", &br_des_ct_cbcenc_vtable },
363 { "des_ct_cbcdec", "ct", &br_des_ct_cbcdec_vtable },
364
365 { "chacha20_ct", "ct", &br_chacha20_ct_run },
366
367 { "ghash_ctmul", "ctmul", &br_ghash_ctmul },
368 { "ghash_ctmul32", "ctmul32", &br_ghash_ctmul32 },
369 { "ghash_ctmul64", "ctmul64", &br_ghash_ctmul64 },
370
371 { "poly1305_ctmul", "ctmul", &br_poly1305_ctmul_run },
372 { "poly1305_ctmul32", "ctmul32", &br_poly1305_ctmul32_run },
373
374 { "ec_all_m15", "all_m15", &br_ec_all_m15 },
375 { "ec_all_m31", "all_m31", &br_ec_all_m31 },
376 { "ec_c25519_i15", "c25519_i15", &br_ec_c25519_i15 },
377 { "ec_c25519_i31", "c25519_i31", &br_ec_c25519_i31 },
378 { "ec_c25519_m15", "c25519_m15", &br_ec_c25519_m15 },
379 { "ec_c25519_m31", "c25519_m31", &br_ec_c25519_m31 },
380 { "ec_p256_m15", "p256_m15", &br_ec_p256_m15 },
381 { "ec_p256_m31", "p256_m31", &br_ec_p256_m31 },
382 { "ec_prime_i15", "prime_i15", &br_ec_prime_i15 },
383 { "ec_prime_i31", "prime_i31", &br_ec_prime_i31 },
384
385 { "ecdsa_i15_sign_asn1", "i15_asn1", &br_ecdsa_i15_sign_asn1 },
386 { "ecdsa_i15_sign_raw", "i15_raw", &br_ecdsa_i15_sign_raw },
387 { "ecdsa_i31_sign_asn1", "i31_asn1", &br_ecdsa_i31_sign_asn1 },
388 { "ecdsa_i31_sign_raw", "i31_raw", &br_ecdsa_i31_sign_raw },
389 { "ecdsa_i15_vrfy_asn1", "i15_asn1", &br_ecdsa_i15_vrfy_asn1 },
390 { "ecdsa_i15_vrfy_raw", "i15_raw", &br_ecdsa_i15_vrfy_raw },
391 { "ecdsa_i31_vrfy_asn1", "i31_asn1", &br_ecdsa_i31_vrfy_asn1 },
392 { "ecdsa_i31_vrfy_raw", "i31_raw", &br_ecdsa_i31_vrfy_raw },
393
394 { "rsa_i15_pkcs1_sign", "i15", &br_rsa_i15_pkcs1_sign },
395 { "rsa_i31_pkcs1_sign", "i31", &br_rsa_i31_pkcs1_sign },
396 { "rsa_i32_pkcs1_sign", "i32", &br_rsa_i32_pkcs1_sign },
397 { "rsa_i15_pkcs1_vrfy", "i15", &br_rsa_i15_pkcs1_vrfy },
398 { "rsa_i31_pkcs1_vrfy", "i31", &br_rsa_i31_pkcs1_vrfy },
399 { "rsa_i32_pkcs1_vrfy", "i32", &br_rsa_i32_pkcs1_vrfy },
400
401 { 0, 0, 0 }
402 };
403
404 static const struct {
405 const char *long_name;
406 const char *short_name;
407 const void *(*get)(void);
408 } algo_names_dyn[] = {
409 { "aes_pwr8_cbcenc", "pwr8",
410 (const void *(*)(void))&br_aes_pwr8_cbcenc_get_vtable },
411 { "aes_pwr8_cbcdec", "pwr8",
412 (const void *(*)(void))&br_aes_pwr8_cbcdec_get_vtable },
413 { "aes_pwr8_ctr", "pwr8",
414 (const void *(*)(void))&br_aes_pwr8_ctr_get_vtable },
415 { "aes_x86ni_cbcenc", "x86ni",
416 (const void *(*)(void))&br_aes_x86ni_cbcenc_get_vtable },
417 { "aes_x86ni_cbcdec", "x86ni",
418 (const void *(*)(void))&br_aes_x86ni_cbcdec_get_vtable },
419 { "aes_x86ni_ctr", "x86ni",
420 (const void *(*)(void))&br_aes_x86ni_ctr_get_vtable },
421 { "chacha20_sse2", "sse2",
422 (const void *(*)(void))&br_chacha20_sse2_get },
423 { "ghash_pclmul", "pclmul",
424 (const void *(*)(void))&br_ghash_pclmul_get },
425 { "ghash_pwr8", "pwr8",
426 (const void *(*)(void))&br_ghash_pwr8_get },
427 { "poly1305_ctmulq", "ctmulq",
428 (const void *(*)(void))&br_poly1305_ctmulq_get },
429 { "rsa_i62_pkcs1_sign", "i62",
430 (const void *(*)(void))&br_rsa_i62_pkcs1_sign_get },
431 { "rsa_i62_pkcs1_vrfy", "i62",
432 (const void *(*)(void))&br_rsa_i62_pkcs1_vrfy_get },
433 { 0, 0, 0, }
434 };
435
436 /* see brssl.h */
437 const char *
438 get_algo_name(const void *impl, int long_name)
439 {
440 size_t u;
441
442 for (u = 0; algo_names[u].long_name; u ++) {
443 if (impl == algo_names[u].impl) {
444 return long_name
445 ? algo_names[u].long_name
446 : algo_names[u].short_name;
447 }
448 }
449 for (u = 0; algo_names_dyn[u].long_name; u ++) {
450 if (impl == algo_names_dyn[u].get()) {
451 return long_name
452 ? algo_names_dyn[u].long_name
453 : algo_names_dyn[u].short_name;
454 }
455 }
456 return "UNKNOWN";
457 }
458
459 /* see brssl.h */
460 const char *
461 get_curve_name(int id)
462 {
463 size_t u;
464
465 for (u = 0; curves[u].name; u ++) {
466 if (curves[u].id == id) {
467 return curves[u].name;
468 }
469 }
470 return NULL;
471 }
472
473 /* see brssl.h */
474 int
475 get_curve_name_ext(int id, char *dst, size_t len)
476 {
477 const char *name;
478 char tmp[30];
479 size_t n;
480
481 name = get_curve_name(id);
482 if (name == NULL) {
483 sprintf(tmp, "unknown (%d)", id);
484 name = tmp;
485 }
486 n = 1 + strlen(name);
487 if (n > len) {
488 if (len > 0) {
489 dst[0] = 0;
490 }
491 return -1;
492 }
493 memcpy(dst, name, n);
494 return 0;
495 }
496
497 /* see brssl.h */
498 const char *
499 get_suite_name(unsigned suite)
500 {
501 size_t u;
502
503 for (u = 0; cipher_suites[u].name; u ++) {
504 if (cipher_suites[u].suite == suite) {
505 return cipher_suites[u].name;
506 }
507 }
508 return NULL;
509 }
510
511 /* see brssl.h */
512 int
513 get_suite_name_ext(unsigned suite, char *dst, size_t len)
514 {
515 const char *name;
516 char tmp[30];
517 size_t n;
518
519 name = get_suite_name(suite);
520 if (name == NULL) {
521 sprintf(tmp, "unknown (0x%04X)", suite);
522 name = tmp;
523 }
524 n = 1 + strlen(name);
525 if (n > len) {
526 if (len > 0) {
527 dst[0] = 0;
528 }
529 return -1;
530 }
531 memcpy(dst, name, n);
532 return 0;
533 }
534
535 /* see brssl.h */
536 int
537 uses_ecdhe(unsigned suite)
538 {
539 size_t u;
540
541 for (u = 0; cipher_suites[u].name; u ++) {
542 if (cipher_suites[u].suite == suite) {
543 return (cipher_suites[u].req
544 & (REQ_ECDHE_RSA | REQ_ECDHE_ECDSA)) != 0;
545 }
546 }
547 return 0;
548 }
549
550 /* see brssl.h */
551 void
552 list_names(void)
553 {
554 size_t u;
555
556 printf("Protocol versions:\n");
557 for (u = 0; protocol_versions[u].name; u ++) {
558 printf(" %-8s %s\n",
559 protocol_versions[u].name,
560 protocol_versions[u].comment);
561 }
562 printf("Hash functions:\n");
563 for (u = 0; hash_functions[u].name; u ++) {
564 printf(" %-8s %s\n",
565 hash_functions[u].name,
566 hash_functions[u].comment);
567 }
568 printf("Cipher suites:\n");
569 for (u = 0; cipher_suites[u].name; u ++) {
570 printf(" %s\n %s\n",
571 cipher_suites[u].name,
572 cipher_suites[u].comment);
573 }
574 }
575
576 static int
577 is_ign(int c)
578 {
579 if (c == 0) {
580 return 0;
581 }
582 if (c <= 32 || c == '-' || c == '_' || c == '.'
583 || c == '/' || c == '+' || c == ':')
584 {
585 return 1;
586 }
587 return 0;
588 }
589
590 /*
591 * Get next non-ignored character, normalised:
592 * ASCII letters are converted to lowercase
593 * control characters, space, '-', '_', '.', '/', '+' and ':' are ignored
594 * A terminating zero is returned as 0.
595 */
596 static int
597 next_char(const char **ps, const char *limit)
598 {
599 for (;;) {
600 int c;
601
602 if (*ps == limit) {
603 return 0;
604 }
605 c = *(*ps) ++;
606 if (c == 0) {
607 return 0;
608 }
609 if (c >= 'A' && c <= 'Z') {
610 c += 'a' - 'A';
611 }
612 if (!is_ign(c)) {
613 return c;
614 }
615 }
616 }
617
618 /*
619 * Partial string equality comparison, with normalisation.
620 */
621 static int
622 eqstr_chunk(const char *s1, size_t s1_len, const char *s2, size_t s2_len)
623 {
624 const char *lim1, *lim2;
625
626 lim1 = s1 + s1_len;
627 lim2 = s2 + s2_len;
628 for (;;) {
629 int c1, c2;
630
631 c1 = next_char(&s1, lim1);
632 c2 = next_char(&s2, lim2);
633 if (c1 != c2) {
634 return 0;
635 }
636 if (c1 == 0) {
637 return 1;
638 }
639 }
640 }
641
642 /* see brssl.h */
643 int
644 eqstr(const char *s1, const char *s2)
645 {
646 return eqstr_chunk(s1, strlen(s1), s2, strlen(s2));
647 }
648
649 static int
650 hexval(int c)
651 {
652 if (c >= '0' && c <= '9') {
653 return c - '0';
654 } else if (c >= 'A' && c <= 'F') {
655 return c - 'A' + 10;
656 } else if (c >= 'a' && c <= 'f') {
657 return c - 'a' + 10;
658 } else {
659 return -1;
660 }
661 }
662
663 /* see brssl.h */
664 size_t
665 parse_size(const char *s)
666 {
667 int radix;
668 size_t acc;
669 const char *t;
670
671 t = s;
672 if (t[0] == '0' && (t[1] == 'x' || t[1] == 'X')) {
673 radix = 16;
674 t += 2;
675 } else {
676 radix = 10;
677 }
678 acc = 0;
679 for (;;) {
680 int c, d;
681 size_t z;
682
683 c = *t ++;
684 if (c == 0) {
685 return acc;
686 }
687 d = hexval(c);
688 if (d < 0 || d >= radix) {
689 fprintf(stderr, "ERROR: not a valid digit: '%c'\n", c);
690 return (size_t)-1;
691 }
692 z = acc * (size_t)radix + (size_t)d;
693 if (z < (size_t)d || (z / (size_t)radix) != acc
694 || z == (size_t)-1)
695 {
696 fprintf(stderr, "ERROR: value too large: %s\n", s);
697 return (size_t)-1;
698 }
699 acc = z;
700 }
701 }
702
703 /*
704 * Comma-separated list enumeration. This returns a pointer to the first
705 * word in the string, skipping leading ignored characters. '*len' is
706 * set to the word length (not counting trailing ignored characters).
707 * '*str' is updated to point to immediately after the next comma, or to
708 * the terminating zero, whichever comes first.
709 *
710 * Empty words are skipped. If there is no next non-empty word, then this
711 * function returns NULL and sets *len to 0.
712 */
713 static const char *
714 next_word(const char **str, size_t *len)
715 {
716 int c;
717 const char *begin;
718 size_t u;
719
720 /*
721 * Find next non-ignored character which is not a comma.
722 */
723 for (;;) {
724 c = **str;
725 if (c == 0) {
726 *len = 0;
727 return NULL;
728 }
729 if (!is_ign(c) && c != ',') {
730 break;
731 }
732 (*str) ++;
733 }
734
735 /*
736 * Find next comma or terminator.
737 */
738 begin = *str;
739 for (;;) {
740 c = *(*str);
741 if (c == 0 || c == ',') {
742 break;
743 }
744 (*str) ++;
745 }
746
747 /*
748 * Remove trailing ignored characters.
749 */
750 u = (size_t)(*str - begin);
751 while (u > 0 && is_ign(begin[u - 1])) {
752 u --;
753 }
754 if (c == ',') {
755 (*str) ++;
756 }
757 *len = u;
758 return begin;
759 }
760
761 /* see brssl.h */
762 unsigned
763 parse_version(const char *name, size_t len)
764 {
765 size_t u;
766
767 for (u = 0;; u ++) {
768 const char *ref;
769
770 ref = protocol_versions[u].name;
771 if (ref == NULL) {
772 fprintf(stderr, "ERROR: unrecognised protocol"
773 " version name: '%s'\n", name);
774 return 0;
775 }
776 if (eqstr_chunk(ref, strlen(ref), name, len)) {
777 return protocol_versions[u].version;
778 }
779 }
780 }
781
782 /* see brssl.h */
783 unsigned
784 parse_hash_functions(const char *arg)
785 {
786 unsigned r;
787
788 r = 0;
789 for (;;) {
790 const char *name;
791 size_t len;
792 size_t u;
793
794 name = next_word(&arg, &len);
795 if (name == NULL) {
796 break;
797 }
798 for (u = 0;; u ++) {
799 const char *ref;
800
801 ref = hash_functions[u].name;
802 if (ref == 0) {
803 fprintf(stderr, "ERROR: unrecognised"
804 " hash function name: '");
805 fwrite(name, 1, len, stderr);
806 fprintf(stderr, "'\n");
807 return 0;
808 }
809 if (eqstr_chunk(ref, strlen(ref), name, len)) {
810 int id;
811
812 id = (hash_functions[u].hclass->desc
813 >> BR_HASHDESC_ID_OFF)
814 & BR_HASHDESC_ID_MASK;
815 r |= (unsigned)1 << id;
816 break;
817 }
818 }
819 }
820 if (r == 0) {
821 fprintf(stderr, "ERROR: no hash function name provided\n");
822 }
823 return r;
824 }
825
826 /* see brssl.h */
827 cipher_suite *
828 parse_suites(const char *arg, size_t *num)
829 {
830 VECTOR(cipher_suite) suites = VEC_INIT;
831 cipher_suite *r;
832
833 for (;;) {
834 const char *name;
835 size_t u, len;
836
837 name = next_word(&arg, &len);
838 if (name == NULL) {
839 break;
840 }
841 for (u = 0;; u ++) {
842 const char *ref;
843
844 ref = cipher_suites[u].name;
845 if (ref == NULL) {
846 fprintf(stderr, "ERROR: unrecognised"
847 " cipher suite '");
848 fwrite(name, 1, len, stderr);
849 fprintf(stderr, "'\n");
850 return 0;
851 }
852 if (eqstr_chunk(ref, strlen(ref), name, len)) {
853 VEC_ADD(suites, cipher_suites[u]);
854 break;
855 }
856 }
857 }
858 if (VEC_LEN(suites) == 0) {
859 fprintf(stderr, "ERROR: no cipher suite provided\n");
860 }
861 r = VEC_TOARRAY(suites);
862 *num = VEC_LEN(suites);
863 VEC_CLEAR(suites);
864 return r;
865 }
866
867 /* see brssl.h */
868 const char *
869 ec_curve_name(int curve)
870 {
871 switch (curve) {
872 case BR_EC_sect163k1: return "sect163k1";
873 case BR_EC_sect163r1: return "sect163r1";
874 case BR_EC_sect163r2: return "sect163r2";
875 case BR_EC_sect193r1: return "sect193r1";
876 case BR_EC_sect193r2: return "sect193r2";
877 case BR_EC_sect233k1: return "sect233k1";
878 case BR_EC_sect233r1: return "sect233r1";
879 case BR_EC_sect239k1: return "sect239k1";
880 case BR_EC_sect283k1: return "sect283k1";
881 case BR_EC_sect283r1: return "sect283r1";
882 case BR_EC_sect409k1: return "sect409k1";
883 case BR_EC_sect409r1: return "sect409r1";
884 case BR_EC_sect571k1: return "sect571k1";
885 case BR_EC_sect571r1: return "sect571r1";
886 case BR_EC_secp160k1: return "secp160k1";
887 case BR_EC_secp160r1: return "secp160r1";
888 case BR_EC_secp160r2: return "secp160r2";
889 case BR_EC_secp192k1: return "secp192k1";
890 case BR_EC_secp192r1: return "secp192r1";
891 case BR_EC_secp224k1: return "secp224k1";
892 case BR_EC_secp224r1: return "secp224r1";
893 case BR_EC_secp256k1: return "secp256k1";
894 case BR_EC_secp256r1: return "secp256r1";
895 case BR_EC_secp384r1: return "secp384r1";
896 case BR_EC_secp521r1: return "secp521r1";
897 case BR_EC_brainpoolP256r1: return "brainpoolP256r1";
898 case BR_EC_brainpoolP384r1: return "brainpoolP384r1";
899 case BR_EC_brainpoolP512r1: return "brainpoolP512r1";
900 default:
901 return "unknown";
902 }
903 }
904
905 /* see brssl.h */
906 const char *
907 hash_function_name(int id)
908 {
909 switch (id) {
910 case br_md5sha1_ID: return "MD5+SHA-1";
911 case br_md5_ID: return "MD5";
912 case br_sha1_ID: return "SHA-1";
913 case br_sha224_ID: return "SHA-224";
914 case br_sha256_ID: return "SHA-256";
915 case br_sha384_ID: return "SHA-384";
916 case br_sha512_ID: return "SHA-512";
917 default:
918 return "unknown";
919 }
920 }
The BearSSL library and tools.