/* see brssl.h */
const cipher_suite cipher_suites[] = {
+ {
+ "ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256",
+ BR_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
+ REQ_ECDHE_ECDSA | REQ_CHAPOL | REQ_SHA256 | REQ_TLS12,
+ "ECDHE with ECDSA, ChaCha20+Poly1305 encryption (TLS 1.2+)"
+ },
+ {
+ "ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
+ BR_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
+ REQ_ECDHE_RSA | REQ_CHAPOL | REQ_SHA256 | REQ_TLS12,
+ "ECDHE with RSA, ChaCha20+Poly1305 encryption (TLS 1.2+)"
+ },
{
"ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
BR_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
{ NULL, 0, 0, NULL }
};
+static struct {
+ int id;
+ const char *name;
+} curves[] = {
+ { BR_EC_sect163k1,
+ "sect163k1" },
+ { BR_EC_sect163r1,
+ "sect163r1" },
+ { BR_EC_sect163r2,
+ "sect163r2" },
+ { BR_EC_sect193r1,
+ "sect193r1" },
+ { BR_EC_sect193r2,
+ "sect193r2" },
+ { BR_EC_sect233k1,
+ "sect233k1" },
+ { BR_EC_sect233r1,
+ "sect233r1" },
+ { BR_EC_sect239k1,
+ "sect239k1" },
+ { BR_EC_sect283k1,
+ "sect283k1" },
+ { BR_EC_sect283r1,
+ "sect283r1" },
+ { BR_EC_sect409k1,
+ "sect409k1" },
+ { BR_EC_sect409r1,
+ "sect409r1" },
+ { BR_EC_sect571k1,
+ "sect571k1" },
+ { BR_EC_sect571r1,
+ "sect571r1" },
+ { BR_EC_secp160k1,
+ "secp160k1" },
+ { BR_EC_secp160r1,
+ "secp160r1" },
+ { BR_EC_secp160r2,
+ "secp160r2" },
+ { BR_EC_secp192k1,
+ "secp192k1" },
+ { BR_EC_secp192r1,
+ "secp192r1" },
+ { BR_EC_secp224k1,
+ "secp224k1" },
+ { BR_EC_secp224r1,
+ "secp224r1" },
+ { BR_EC_secp256k1,
+ "secp256k1" },
+ { BR_EC_secp256r1,
+ "secp256r1 (P-256)" },
+ { BR_EC_secp384r1,
+ "secp384r1 (P-384)" },
+ { BR_EC_secp521r1,
+ "secp521r1 (P-521)" },
+ { BR_EC_brainpoolP256r1,
+ "brainpoolP256r1" },
+ { BR_EC_brainpoolP384r1,
+ "brainpoolP384r1" },
+ { BR_EC_brainpoolP512r1,
+ "brainpoolP512r1" },
+ { BR_EC_curve25519,
+ "Curve25519" },
+ { BR_EC_curve448,
+ "Curve448" },
+ { 0, 0 }
+};
+
+/* see brssl.h */
+const char *
+get_curve_name(int id)
+{
+ size_t u;
+
+ for (u = 0; curves[u].name; u ++) {
+ if (curves[u].id == id) {
+ return curves[u].name;
+ }
+ }
+ return NULL;
+}
+
+/* see brssl.h */
+int
+get_curve_name_ext(int id, char *dst, size_t len)
+{
+ const char *name;
+ char tmp[30];
+ size_t n;
+
+ name = get_curve_name(id);
+ if (name == NULL) {
+ sprintf(tmp, "unknown (%d)", id);
+ name = tmp;
+ }
+ n = 1 + strlen(name);
+ if (n > len) {
+ if (len > 0) {
+ dst[0] = 0;
+ }
+ return -1;
+ }
+ memcpy(dst, name, n);
+ return 0;
+}
+
/* see brssl.h */
const char *
get_suite_name(unsigned suite)
return 0;
}
+/* see brssl.h */
+int
+uses_ecdhe(unsigned suite)
+{
+ size_t u;
+
+ for (u = 0; cipher_suites[u].name; u ++) {
+ if (cipher_suites[u].suite == suite) {
+ return (cipher_suites[u].req
+ & (REQ_ECDHE_RSA | REQ_ECDHE_ECDSA)) != 0;
+ }
+ }
+ return 0;
+}
+
/* see brssl.h */
void
list_names(void)
return eqstr_chunk(s1, strlen(s1), s2, strlen(s2));
}
+static int
+hexval(int c)
+{
+ if (c >= '0' && c <= '9') {
+ return c - '0';
+ } else if (c >= 'A' && c <= 'F') {
+ return c - 'A' + 10;
+ } else if (c >= 'a' && c <= 'f') {
+ return c - 'a' + 10;
+ } else {
+ return -1;
+ }
+}
+
+/* see brssl.h */
+size_t
+parse_size(const char *s)
+{
+ int radix;
+ size_t acc;
+ const char *t;
+
+ t = s;
+ if (t[0] == '0' && (t[1] == 'x' || t[1] == 'X')) {
+ radix = 16;
+ t += 2;
+ } else {
+ radix = 10;
+ }
+ acc = 0;
+ for (;;) {
+ int c, d;
+ size_t z;
+
+ c = *t ++;
+ if (c == 0) {
+ return acc;
+ }
+ d = hexval(c);
+ if (d < 0 || d >= radix) {
+ fprintf(stderr, "ERROR: not a valid digit: '%c'\n", c);
+ return (size_t)-1;
+ }
+ z = acc * (size_t)radix + (size_t)d;
+ if (z < (size_t)d || (z / (size_t)radix) != acc
+ || z == (size_t)-1)
+ {
+ fprintf(stderr, "ERROR: value too large: %s\n", s);
+ return (size_t)-1;
+ }
+ acc = z;
+ }
+}
+
/*
* Comma-separated list enumeration. This returns a pointer to the first
* word in the string, skipping leading ignored characters. '*len' is
return "unknown";
}
}
+
+/* see brssl.h */
+const char *
+hash_function_name(int id)
+{
+ switch (id) {
+ case br_md5sha1_ID: return "MD5+SHA-1";
+ case br_md5_ID: return "MD5";
+ case br_sha1_ID: return "SHA-1";
+ case br_sha224_ID: return "SHA-224";
+ case br_sha256_ID: return "SHA-256";
+ case br_sha384_ID: return "SHA-384";
+ case br_sha512_ID: return "SHA-512";
+ default:
+ return "unknown";
+ }
+}
projects / BearSSL / blobdiff