projects / BoarSSL / blob
? search:


40591947dbab7c6bdb24cd63f2e47e439721bc93
[BoarSSL] / SSLTLS / SSL.cs
1 /*
2 * Copyright (c) 2017 Thomas Pornin <pornin@bolet.org>
3 *
4 * Permission is hereby granted, free of charge, to any person obtaining
5 * a copy of this software and associated documentation files (the
6 * "Software"), to deal in the Software without restriction, including
7 * without limitation the rights to use, copy, modify, merge, publish,
8 * distribute, sublicense, and/or sell copies of the Software, and to
9 * permit persons to whom the Software is furnished to do so, subject to
10 * the following conditions:
11 *
12 * The above copyright notice and this permission notice shall be
13 * included in all copies or substantial portions of the Software.
14 *
15 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
16 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
17 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
18 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
19 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
20 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
21 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
22 * SOFTWARE.
23 */
24
25 using System;
26 using System.Collections.Generic;
27 using System.Security.Cryptography.X509Certificates;
28 using System.Text;
29
30 using Asn1;
31 using Crypto;
32 using XKeys;
33
34 namespace SSLTLS {
35
36 /*
37 * A fake class that serves as container for various constants.
38 */
39
40 public sealed class SSL {
41
42 /*
43 * Protocol versions.
44 */
45 public const int SSL30 = 0x0300;
46 public const int TLS10 = 0x0301;
47 public const int TLS11 = 0x0302;
48 public const int TLS12 = 0x0303;
49
50 /*
51 * Record types.
52 */
53 public const int CHANGE_CIPHER_SPEC = 20;
54 public const int ALERT = 21;
55 public const int HANDSHAKE = 22;
56 public const int APPLICATION_DATA = 23;
57
58 /*
59 * Alert levels.
60 */
61 public const int WARNING = 1;
62 public const int FATAL = 2;
63
64 /*
65 * Alert messages.
66 */
67 public const int CLOSE_NOTIFY = 0;
68 public const int UNEXPECTED_MESSAGE = 10;
69 public const int BAD_RECORD_MAC = 20;
70 public const int DECRYPTION_FAILED = 21;
71 public const int RECORD_OVERFLOW = 22;
72 public const int DECOMPRESSION_FAILURE = 30;
73 public const int HANDSHAKE_FAILURE = 40;
74 public const int BAD_CERTIFICATE = 42;
75 public const int UNSUPPORTED_CERTIFICATE = 43;
76 public const int CERTIFICATE_REVOKED = 44;
77 public const int CERTIFICATE_EXPIRED = 45;
78 public const int CERTIFICATE_UNKNOWN = 46;
79 public const int ILLEGAL_PARAMETER = 47;
80 public const int UNKNOWN_CA = 48;
81 public const int ACCESS_DENIED = 49;
82 public const int DECODE_ERROR = 50;
83 public const int DECRYPT_ERROR = 51;
84 public const int EXPORT_RESTRICTION = 60;
85 public const int PROTOCOL_VERSION = 70;
86 public const int INSUFFICIENT_SECURITY = 71;
87 public const int INTERNAL_ERROR = 80;
88 public const int USER_CANCELED = 90;
89 public const int NO_RENEGOTIATION = 100;
90
91 /*
92 * Handshake message types.
93 */
94 public const int HELLO_REQUEST = 0;
95 public const int CLIENT_HELLO = 1;
96 public const int SERVER_HELLO = 2;
97 public const int CERTIFICATE = 11;
98 public const int SERVER_KEY_EXCHANGE = 12;
99 public const int CERTIFICATE_REQUEST = 13;
100 public const int SERVER_HELLO_DONE = 14;
101 public const int CERTIFICATE_VERIFY = 15;
102 public const int CLIENT_KEY_EXCHANGE = 16;
103 public const int FINISHED = 20;
104
105 /*
106 * Cipher suites.
107 */
108
109 /* From RFC 5246 */
110 public const int NULL_WITH_NULL_NULL = 0x0000;
111 public const int RSA_WITH_NULL_MD5 = 0x0001;
112 public const int RSA_WITH_NULL_SHA = 0x0002;
113 public const int RSA_WITH_NULL_SHA256 = 0x003B;
114 public const int RSA_WITH_RC4_128_MD5 = 0x0004;
115 public const int RSA_WITH_RC4_128_SHA = 0x0005;
116 public const int RSA_WITH_3DES_EDE_CBC_SHA = 0x000A;
117 public const int RSA_WITH_AES_128_CBC_SHA = 0x002F;
118 public const int RSA_WITH_AES_256_CBC_SHA = 0x0035;
119 public const int RSA_WITH_AES_128_CBC_SHA256 = 0x003C;
120 public const int RSA_WITH_AES_256_CBC_SHA256 = 0x003D;
121 public const int DH_DSS_WITH_3DES_EDE_CBC_SHA = 0x000D;
122 public const int DH_RSA_WITH_3DES_EDE_CBC_SHA = 0x0010;
123 public const int DHE_DSS_WITH_3DES_EDE_CBC_SHA = 0x0013;
124 public const int DHE_RSA_WITH_3DES_EDE_CBC_SHA = 0x0016;
125 public const int DH_DSS_WITH_AES_128_CBC_SHA = 0x0030;
126 public const int DH_RSA_WITH_AES_128_CBC_SHA = 0x0031;
127 public const int DHE_DSS_WITH_AES_128_CBC_SHA = 0x0032;
128 public const int DHE_RSA_WITH_AES_128_CBC_SHA = 0x0033;
129 public const int DH_DSS_WITH_AES_256_CBC_SHA = 0x0036;
130 public const int DH_RSA_WITH_AES_256_CBC_SHA = 0x0037;
131 public const int DHE_DSS_WITH_AES_256_CBC_SHA = 0x0038;
132 public const int DHE_RSA_WITH_AES_256_CBC_SHA = 0x0039;
133 public const int DH_DSS_WITH_AES_128_CBC_SHA256 = 0x003E;
134 public const int DH_RSA_WITH_AES_128_CBC_SHA256 = 0x003F;
135 public const int DHE_DSS_WITH_AES_128_CBC_SHA256 = 0x0040;
136 public const int DHE_RSA_WITH_AES_128_CBC_SHA256 = 0x0067;
137 public const int DH_DSS_WITH_AES_256_CBC_SHA256 = 0x0068;
138 public const int DH_RSA_WITH_AES_256_CBC_SHA256 = 0x0069;
139 public const int DHE_DSS_WITH_AES_256_CBC_SHA256 = 0x006A;
140 public const int DHE_RSA_WITH_AES_256_CBC_SHA256 = 0x006B;
141 public const int DH_anon_WITH_RC4_128_MD5 = 0x0018;
142 public const int DH_anon_WITH_3DES_EDE_CBC_SHA = 0x001B;
143 public const int DH_anon_WITH_AES_128_CBC_SHA = 0x0034;
144 public const int DH_anon_WITH_AES_256_CBC_SHA = 0x003A;
145 public const int DH_anon_WITH_AES_128_CBC_SHA256 = 0x006C;
146 public const int DH_anon_WITH_AES_256_CBC_SHA256 = 0x006D;
147
148 /* From RFC 4492 */
149 public const int ECDH_ECDSA_WITH_NULL_SHA = 0xC001;
150 public const int ECDH_ECDSA_WITH_RC4_128_SHA = 0xC002;
151 public const int ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA = 0xC003;
152 public const int ECDH_ECDSA_WITH_AES_128_CBC_SHA = 0xC004;
153 public const int ECDH_ECDSA_WITH_AES_256_CBC_SHA = 0xC005;
154 public const int ECDHE_ECDSA_WITH_NULL_SHA = 0xC006;
155 public const int ECDHE_ECDSA_WITH_RC4_128_SHA = 0xC007;
156 public const int ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA = 0xC008;
157 public const int ECDHE_ECDSA_WITH_AES_128_CBC_SHA = 0xC009;
158 public const int ECDHE_ECDSA_WITH_AES_256_CBC_SHA = 0xC00A;
159 public const int ECDH_RSA_WITH_NULL_SHA = 0xC00B;
160 public const int ECDH_RSA_WITH_RC4_128_SHA = 0xC00C;
161 public const int ECDH_RSA_WITH_3DES_EDE_CBC_SHA = 0xC00D;
162 public const int ECDH_RSA_WITH_AES_128_CBC_SHA = 0xC00E;
163 public const int ECDH_RSA_WITH_AES_256_CBC_SHA = 0xC00F;
164 public const int ECDHE_RSA_WITH_NULL_SHA = 0xC010;
165 public const int ECDHE_RSA_WITH_RC4_128_SHA = 0xC011;
166 public const int ECDHE_RSA_WITH_3DES_EDE_CBC_SHA = 0xC012;
167 public const int ECDHE_RSA_WITH_AES_128_CBC_SHA = 0xC013;
168 public const int ECDHE_RSA_WITH_AES_256_CBC_SHA = 0xC014;
169 public const int ECDH_anon_WITH_NULL_SHA = 0xC015;
170 public const int ECDH_anon_WITH_RC4_128_SHA = 0xC016;
171 public const int ECDH_anon_WITH_3DES_EDE_CBC_SHA = 0xC017;
172 public const int ECDH_anon_WITH_AES_128_CBC_SHA = 0xC018;
173 public const int ECDH_anon_WITH_AES_256_CBC_SHA = 0xC019;
174
175 /* From RFC 5288 */
176 public const int RSA_WITH_AES_128_GCM_SHA256 = 0x009C;
177 public const int RSA_WITH_AES_256_GCM_SHA384 = 0x009D;
178 public const int DHE_RSA_WITH_AES_128_GCM_SHA256 = 0x009E;
179 public const int DHE_RSA_WITH_AES_256_GCM_SHA384 = 0x009F;
180 public const int DH_RSA_WITH_AES_128_GCM_SHA256 = 0x00A0;
181 public const int DH_RSA_WITH_AES_256_GCM_SHA384 = 0x00A1;
182 public const int DHE_DSS_WITH_AES_128_GCM_SHA256 = 0x00A2;
183 public const int DHE_DSS_WITH_AES_256_GCM_SHA384 = 0x00A3;
184 public const int DH_DSS_WITH_AES_128_GCM_SHA256 = 0x00A4;
185 public const int DH_DSS_WITH_AES_256_GCM_SHA384 = 0x00A5;
186 public const int DH_anon_WITH_AES_128_GCM_SHA256 = 0x00A6;
187 public const int DH_anon_WITH_AES_256_GCM_SHA384 = 0x00A7;
188
189 /* From RFC 5289 */
190 public const int ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 = 0xC023;
191 public const int ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 = 0xC024;
192 public const int ECDH_ECDSA_WITH_AES_128_CBC_SHA256 = 0xC025;
193 public const int ECDH_ECDSA_WITH_AES_256_CBC_SHA384 = 0xC026;
194 public const int ECDHE_RSA_WITH_AES_128_CBC_SHA256 = 0xC027;
195 public const int ECDHE_RSA_WITH_AES_256_CBC_SHA384 = 0xC028;
196 public const int ECDH_RSA_WITH_AES_128_CBC_SHA256 = 0xC029;
197 public const int ECDH_RSA_WITH_AES_256_CBC_SHA384 = 0xC02A;
198 public const int ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = 0xC02B;
199 public const int ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = 0xC02C;
200 public const int ECDH_ECDSA_WITH_AES_128_GCM_SHA256 = 0xC02D;
201 public const int ECDH_ECDSA_WITH_AES_256_GCM_SHA384 = 0xC02E;
202 public const int ECDHE_RSA_WITH_AES_128_GCM_SHA256 = 0xC02F;
203 public const int ECDHE_RSA_WITH_AES_256_GCM_SHA384 = 0xC030;
204 public const int ECDH_RSA_WITH_AES_128_GCM_SHA256 = 0xC031;
205 public const int ECDH_RSA_WITH_AES_256_GCM_SHA384 = 0xC032;
206
207 /* From RFC 7905 */
208 public const int ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0xCCA8;
209 public const int ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 = 0xCCA9;
210 public const int DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0xCCAA;
211 public const int PSK_WITH_CHACHA20_POLY1305_SHA256 = 0xCCAB;
212 public const int ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 = 0xCCAC;
213 public const int DHE_PSK_WITH_CHACHA20_POLY1305_SHA256 = 0xCCAD;
214 public const int RSA_PSK_WITH_CHACHA20_POLY1305_SHA256 = 0xCCAE;
215
216 /* From RFC 7507 */
217 public const int FALLBACK_SCSV = 0x5600;
218
219 /* From RFC 5746 */
220 public const int EMPTY_RENEGOTIATION_INFO_SCSV = 0x00FF;
221
222 /*
223 * Client certificate types.
224 */
225 public const int RSA_SIGN = 1;
226 public const int DSS_SIGN = 2;
227 public const int RSA_FIXED_DH = 3;
228 public const int DSS_FIXED_DH = 4;
229
230 /*
231 * Hash algorithm identifiers. The special "MD5SHA1" is for use
232 * with RSA signatures in TLS 1.0 and 1.1 only.
233 */
234 public const int MD5SHA1 = 0;
235 public const int MD5 = 1;
236 public const int SHA1 = 2;
237 public const int SHA224 = 3;
238 public const int SHA256 = 4;
239 public const int SHA384 = 5;
240 public const int SHA512 = 6;
241
242 /*
243 * Signature algorithm identifiers.
244 */
245 public const int RSA = 1;
246 public const int DSA = 2;
247 public const int ECDSA = 3;
248
249 /*
250 * Combined hash-and-sign algorithms.
251 */
252 public const int RSA_MD5SHA1 = (MD5SHA1 << 8) + RSA;
253 public const int RSA_MD5 = (MD5 << 8) + RSA;
254 public const int RSA_SHA1 = (SHA1 << 8) + RSA;
255 public const int RSA_SHA224 = (SHA224 << 8) + RSA;
256 public const int RSA_SHA256 = (SHA256 << 8) + RSA;
257 public const int RSA_SHA384 = (SHA384 << 8) + RSA;
258 public const int RSA_SHA512 = (SHA512 << 8) + RSA;
259 public const int ECDSA_MD5 = (MD5 << 8) + ECDSA;
260 public const int ECDSA_SHA1 = (SHA1 << 8) + ECDSA;
261 public const int ECDSA_SHA224 = (SHA224 << 8) + ECDSA;
262 public const int ECDSA_SHA256 = (SHA256 << 8) + ECDSA;
263 public const int ECDSA_SHA384 = (SHA384 << 8) + ECDSA;
264 public const int ECDSA_SHA512 = (SHA512 << 8) + ECDSA;
265
266 /*
267 * Symbolic identifiers for named curves.
268 */
269 public const int NIST_P256 = 23;
270 public const int NIST_P384 = 24;
271 public const int NIST_P521 = 25;
272 public const int Curve25519 = 29;
273
274 /*
275 * Get a human-readable name for a version.
276 */
277 public static string VersionName(int version)
278 {
279 switch (version) {
280 case SSL30: return "SSL 3.0";
281 case TLS10: return "TLS 1.0";
282 case TLS11: return "TLS 1.1";
283 case TLS12: return "TLS 1.2";
284 }
285 if ((version >> 8) == 3) {
286 return String.Format("TLS 1.{0}", (version & 0xFF) - 1);
287 }
288 return String.Format("UNKNOWN:0x{0:X4}", version);
289 }
290
291 /*
292 * Parse a version name.
293 */
294 public static int GetVersionByName(string s)
295 {
296 string t = s.Trim().Replace(" ", "").Replace(".", "")
297 .Replace("-", "").ToUpperInvariant();
298 switch (t) {
299 case "SSL3":
300 case "SSLV3":
301 case "SSL30":
302 case "SSLV30":
303 return SSL30;
304 case "TLS1":
305 case "TLSV1":
306 case "TLS10":
307 case "TLSV10":
308 return TLS10;
309 case "TLS11":
310 case "TLSV11":
311 return TLS11;
312 case "TLS12":
313 case "TLSV12":
314 return TLS12;
315 default:
316 throw new Exception(string.Format(
317 "Unknown protocol version: '{0}'", s));
318 }
319 }
320
321 /*
322 * Get a human-readable name for a cipher suite.
323 */
324 public static string CipherSuiteName(int cipherSuite)
325 {
326 switch (cipherSuite) {
327 case NULL_WITH_NULL_NULL:
328 return "NULL_WITH_NULL_NULL";
329 case RSA_WITH_NULL_MD5:
330 return "RSA_WITH_NULL_MD5";
331 case RSA_WITH_NULL_SHA:
332 return "RSA_WITH_NULL_SHA";
333 case RSA_WITH_NULL_SHA256:
334 return "RSA_WITH_NULL_SHA256";
335 case RSA_WITH_RC4_128_MD5:
336 return "RSA_WITH_RC4_128_MD5";
337 case RSA_WITH_RC4_128_SHA:
338 return "RSA_WITH_RC4_128_SHA";
339 case RSA_WITH_3DES_EDE_CBC_SHA:
340 return "RSA_WITH_3DES_EDE_CBC_SHA";
341 case RSA_WITH_AES_128_CBC_SHA:
342 return "RSA_WITH_AES_128_CBC_SHA";
343 case RSA_WITH_AES_256_CBC_SHA:
344 return "RSA_WITH_AES_256_CBC_SHA";
345 case RSA_WITH_AES_128_CBC_SHA256:
346 return "RSA_WITH_AES_128_CBC_SHA256";
347 case RSA_WITH_AES_256_CBC_SHA256:
348 return "RSA_WITH_AES_256_CBC_SHA256";
349 case DH_DSS_WITH_3DES_EDE_CBC_SHA:
350 return "DH_DSS_WITH_3DES_EDE_CBC_SHA";
351 case DH_RSA_WITH_3DES_EDE_CBC_SHA:
352 return "DH_RSA_WITH_3DES_EDE_CBC_SHA";
353 case DHE_DSS_WITH_3DES_EDE_CBC_SHA:
354 return "DHE_DSS_WITH_3DES_EDE_CBC_SHA";
355 case DHE_RSA_WITH_3DES_EDE_CBC_SHA:
356 return "DHE_RSA_WITH_3DES_EDE_CBC_SHA";
357 case DH_DSS_WITH_AES_128_CBC_SHA:
358 return "DH_DSS_WITH_AES_128_CBC_SHA";
359 case DH_RSA_WITH_AES_128_CBC_SHA:
360 return "DH_RSA_WITH_AES_128_CBC_SHA";
361 case DHE_DSS_WITH_AES_128_CBC_SHA:
362 return "DHE_DSS_WITH_AES_128_CBC_SHA";
363 case DHE_RSA_WITH_AES_128_CBC_SHA:
364 return "DHE_RSA_WITH_AES_128_CBC_SHA";
365 case DH_DSS_WITH_AES_256_CBC_SHA:
366 return "DH_DSS_WITH_AES_256_CBC_SHA";
367 case DH_RSA_WITH_AES_256_CBC_SHA:
368 return "DH_RSA_WITH_AES_256_CBC_SHA";
369 case DHE_DSS_WITH_AES_256_CBC_SHA:
370 return "DHE_DSS_WITH_AES_256_CBC_SHA";
371 case DHE_RSA_WITH_AES_256_CBC_SHA:
372 return "DHE_RSA_WITH_AES_256_CBC_SHA";
373 case DH_DSS_WITH_AES_128_CBC_SHA256:
374 return "DH_DSS_WITH_AES_128_CBC_SHA256";
375 case DH_RSA_WITH_AES_128_CBC_SHA256:
376 return "DH_RSA_WITH_AES_128_CBC_SHA256";
377 case DHE_DSS_WITH_AES_128_CBC_SHA256:
378 return "DHE_DSS_WITH_AES_128_CBC_SHA256";
379 case DHE_RSA_WITH_AES_128_CBC_SHA256:
380 return "DHE_RSA_WITH_AES_128_CBC_SHA256";
381 case DH_DSS_WITH_AES_256_CBC_SHA256:
382 return "DH_DSS_WITH_AES_256_CBC_SHA256";
383 case DH_RSA_WITH_AES_256_CBC_SHA256:
384 return "DH_RSA_WITH_AES_256_CBC_SHA256";
385 case DHE_DSS_WITH_AES_256_CBC_SHA256:
386 return "DHE_DSS_WITH_AES_256_CBC_SHA256";
387 case DHE_RSA_WITH_AES_256_CBC_SHA256:
388 return "DHE_RSA_WITH_AES_256_CBC_SHA256";
389 case DH_anon_WITH_RC4_128_MD5:
390 return "DH_anon_WITH_RC4_128_MD5";
391 case DH_anon_WITH_3DES_EDE_CBC_SHA:
392 return "DH_anon_WITH_3DES_EDE_CBC_SHA";
393 case DH_anon_WITH_AES_128_CBC_SHA:
394 return "DH_anon_WITH_AES_128_CBC_SHA";
395 case DH_anon_WITH_AES_256_CBC_SHA:
396 return "DH_anon_WITH_AES_256_CBC_SHA";
397 case DH_anon_WITH_AES_128_CBC_SHA256:
398 return "DH_anon_WITH_AES_128_CBC_SHA256";
399 case DH_anon_WITH_AES_256_CBC_SHA256:
400 return "DH_anon_WITH_AES_256_CBC_SHA256";
401 case ECDH_ECDSA_WITH_NULL_SHA:
402 return "ECDH_ECDSA_WITH_NULL_SHA";
403 case ECDH_ECDSA_WITH_RC4_128_SHA:
404 return "ECDH_ECDSA_WITH_RC4_128_SHA";
405 case ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA:
406 return "ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA";
407 case ECDH_ECDSA_WITH_AES_128_CBC_SHA:
408 return "ECDH_ECDSA_WITH_AES_128_CBC_SHA";
409 case ECDH_ECDSA_WITH_AES_256_CBC_SHA:
410 return "ECDH_ECDSA_WITH_AES_256_CBC_SHA";
411 case ECDHE_ECDSA_WITH_NULL_SHA:
412 return "ECDHE_ECDSA_WITH_NULL_SHA";
413 case ECDHE_ECDSA_WITH_RC4_128_SHA:
414 return "ECDHE_ECDSA_WITH_RC4_128_SHA";
415 case ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA:
416 return "ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA";
417 case ECDHE_ECDSA_WITH_AES_128_CBC_SHA:
418 return "ECDHE_ECDSA_WITH_AES_128_CBC_SHA";
419 case ECDHE_ECDSA_WITH_AES_256_CBC_SHA:
420 return "ECDHE_ECDSA_WITH_AES_256_CBC_SHA";
421 case ECDH_RSA_WITH_NULL_SHA:
422 return "ECDH_RSA_WITH_NULL_SHA";
423 case ECDH_RSA_WITH_RC4_128_SHA:
424 return "ECDH_RSA_WITH_RC4_128_SHA";
425 case ECDH_RSA_WITH_3DES_EDE_CBC_SHA:
426 return "ECDH_RSA_WITH_3DES_EDE_CBC_SHA";
427 case ECDH_RSA_WITH_AES_128_CBC_SHA:
428 return "ECDH_RSA_WITH_AES_128_CBC_SHA";
429 case ECDH_RSA_WITH_AES_256_CBC_SHA:
430 return "ECDH_RSA_WITH_AES_256_CBC_SHA";
431 case ECDHE_RSA_WITH_NULL_SHA:
432 return "ECDHE_RSA_WITH_NULL_SHA";
433 case ECDHE_RSA_WITH_RC4_128_SHA:
434 return "ECDHE_RSA_WITH_RC4_128_SHA";
435 case ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:
436 return "ECDHE_RSA_WITH_3DES_EDE_CBC_SHA";
437 case ECDHE_RSA_WITH_AES_128_CBC_SHA:
438 return "ECDHE_RSA_WITH_AES_128_CBC_SHA";
439 case ECDHE_RSA_WITH_AES_256_CBC_SHA:
440 return "ECDHE_RSA_WITH_AES_256_CBC_SHA";
441 case ECDH_anon_WITH_NULL_SHA:
442 return "ECDH_anon_WITH_NULL_SHA";
443 case ECDH_anon_WITH_RC4_128_SHA:
444 return "ECDH_anon_WITH_RC4_128_SHA";
445 case ECDH_anon_WITH_3DES_EDE_CBC_SHA:
446 return "ECDH_anon_WITH_3DES_EDE_CBC_SHA";
447 case ECDH_anon_WITH_AES_128_CBC_SHA:
448 return "ECDH_anon_WITH_AES_128_CBC_SHA";
449 case ECDH_anon_WITH_AES_256_CBC_SHA:
450 return "ECDH_anon_WITH_AES_256_CBC_SHA";
451 case RSA_WITH_AES_128_GCM_SHA256:
452 return "RSA_WITH_AES_128_GCM_SHA256";
453 case RSA_WITH_AES_256_GCM_SHA384:
454 return "RSA_WITH_AES_256_GCM_SHA384";
455 case DHE_RSA_WITH_AES_128_GCM_SHA256:
456 return "DHE_RSA_WITH_AES_128_GCM_SHA256";
457 case DHE_RSA_WITH_AES_256_GCM_SHA384:
458 return "DHE_RSA_WITH_AES_256_GCM_SHA384";
459 case DH_RSA_WITH_AES_128_GCM_SHA256:
460 return "DH_RSA_WITH_AES_128_GCM_SHA256";
461 case DH_RSA_WITH_AES_256_GCM_SHA384:
462 return "DH_RSA_WITH_AES_256_GCM_SHA384";
463 case DHE_DSS_WITH_AES_128_GCM_SHA256:
464 return "DHE_DSS_WITH_AES_128_GCM_SHA256";
465 case DHE_DSS_WITH_AES_256_GCM_SHA384:
466 return "DHE_DSS_WITH_AES_256_GCM_SHA384";
467 case DH_DSS_WITH_AES_128_GCM_SHA256:
468 return "DH_DSS_WITH_AES_128_GCM_SHA256";
469 case DH_DSS_WITH_AES_256_GCM_SHA384:
470 return "DH_DSS_WITH_AES_256_GCM_SHA384";
471 case DH_anon_WITH_AES_128_GCM_SHA256:
472 return "DH_anon_WITH_AES_128_GCM_SHA256";
473 case DH_anon_WITH_AES_256_GCM_SHA384:
474 return "DH_anon_WITH_AES_256_GCM_SHA384";
475 case ECDHE_ECDSA_WITH_AES_128_CBC_SHA256:
476 return "ECDHE_ECDSA_WITH_AES_128_CBC_SHA256";
477 case ECDHE_ECDSA_WITH_AES_256_CBC_SHA384:
478 return "ECDHE_ECDSA_WITH_AES_256_CBC_SHA384";
479 case ECDH_ECDSA_WITH_AES_128_CBC_SHA256:
480 return "ECDH_ECDSA_WITH_AES_128_CBC_SHA256";
481 case ECDH_ECDSA_WITH_AES_256_CBC_SHA384:
482 return "ECDH_ECDSA_WITH_AES_256_CBC_SHA384";
483 case ECDHE_RSA_WITH_AES_128_CBC_SHA256:
484 return "ECDHE_RSA_WITH_AES_128_CBC_SHA256";
485 case ECDHE_RSA_WITH_AES_256_CBC_SHA384:
486 return "ECDHE_RSA_WITH_AES_256_CBC_SHA384";
487 case ECDH_RSA_WITH_AES_128_CBC_SHA256:
488 return "ECDH_RSA_WITH_AES_128_CBC_SHA256";
489 case ECDH_RSA_WITH_AES_256_CBC_SHA384:
490 return "ECDH_RSA_WITH_AES_256_CBC_SHA384";
491 case ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:
492 return "ECDHE_ECDSA_WITH_AES_128_GCM_SHA256";
493 case ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:
494 return "ECDHE_ECDSA_WITH_AES_256_GCM_SHA384";
495 case ECDH_ECDSA_WITH_AES_128_GCM_SHA256:
496 return "ECDH_ECDSA_WITH_AES_128_GCM_SHA256";
497 case ECDH_ECDSA_WITH_AES_256_GCM_SHA384:
498 return "ECDH_ECDSA_WITH_AES_256_GCM_SHA384";
499 case ECDHE_RSA_WITH_AES_128_GCM_SHA256:
500 return "ECDHE_RSA_WITH_AES_128_GCM_SHA256";
501 case ECDHE_RSA_WITH_AES_256_GCM_SHA384:
502 return "ECDHE_RSA_WITH_AES_256_GCM_SHA384";
503 case ECDH_RSA_WITH_AES_128_GCM_SHA256:
504 return "ECDH_RSA_WITH_AES_128_GCM_SHA256";
505 case ECDH_RSA_WITH_AES_256_GCM_SHA384:
506 return "ECDH_RSA_WITH_AES_256_GCM_SHA384";
507 case ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
508 return "ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256";
509 case ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:
510 return "ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256";
511 case DHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
512 return "DHE_RSA_WITH_CHACHA20_POLY1305_SHA256";
513 case PSK_WITH_CHACHA20_POLY1305_SHA256:
514 return "PSK_WITH_CHACHA20_POLY1305_SHA256";
515 case ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256:
516 return "ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256";
517 case DHE_PSK_WITH_CHACHA20_POLY1305_SHA256:
518 return "DHE_PSK_WITH_CHACHA20_POLY1305_SHA256";
519 case RSA_PSK_WITH_CHACHA20_POLY1305_SHA256:
520 return "RSA_PSK_WITH_CHACHA20_POLY1305_SHA256";
521 case FALLBACK_SCSV:
522 return "FALLBACK_SCSV";
523 case EMPTY_RENEGOTIATION_INFO_SCSV:
524 return "EMPTY_RENEGOTIATION_INFO_SCSV";
525 default:
526 return String.Format("UNKNOWN:0x{0:X4}", cipherSuite);
527 }
528 }
529
530 /*
531 * Parse a cipher suite name.
532 */
533 public static int GetSuiteByName(string s)
534 {
535 string t = s.Trim().Replace("_", "").Replace("-", "")
536 .ToUpperInvariant();
537 if (t.StartsWith("TLS") || t.StartsWith("SSL")) {
538 t = t.Substring(3);
539 }
540 switch (t) {
541 case "NULLWITHNULLNULL":
542 return NULL_WITH_NULL_NULL;
543 case "RSAWITHNULLMD5":
544 return RSA_WITH_NULL_MD5;
545 case "RSAWITHNULLSHA":
546 return RSA_WITH_NULL_SHA;
547 case "RSAWITHNULLSHA256":
548 return RSA_WITH_NULL_SHA256;
549 case "RSAWITHRC4128MD5":
550 return RSA_WITH_RC4_128_MD5;
551 case "RSAWITHRC4128SHA":
552 return RSA_WITH_RC4_128_SHA;
553 case "RSAWITH3DESEDECBCSHA":
554 return RSA_WITH_3DES_EDE_CBC_SHA;
555 case "RSAWITHAES128CBCSHA":
556 return RSA_WITH_AES_128_CBC_SHA;
557 case "RSAWITHAES256CBCSHA":
558 return RSA_WITH_AES_256_CBC_SHA;
559 case "RSAWITHAES128CBCSHA256":
560 return RSA_WITH_AES_128_CBC_SHA256;
561 case "RSAWITHAES256CBCSHA256":
562 return RSA_WITH_AES_256_CBC_SHA256;
563 case "DHDSSWITH3DESEDECBCSHA":
564 return DH_DSS_WITH_3DES_EDE_CBC_SHA;
565 case "DHRSAWITH3DESEDECBCSHA":
566 return DH_RSA_WITH_3DES_EDE_CBC_SHA;
567 case "DHEDSSWITH3DESEDECBCSHA":
568 return DHE_DSS_WITH_3DES_EDE_CBC_SHA;
569 case "DHERSAWITH3DESEDECBCSHA":
570 return DHE_RSA_WITH_3DES_EDE_CBC_SHA;
571 case "DHDSSWITHAES128CBCSHA":
572 return DH_DSS_WITH_AES_128_CBC_SHA;
573 case "DHRSAWITHAES128CBCSHA":
574 return DH_RSA_WITH_AES_128_CBC_SHA;
575 case "DHEDSSWITHAES128CBCSHA":
576 return DHE_DSS_WITH_AES_128_CBC_SHA;
577 case "DHERSAWITHAES128CBCSHA":
578 return DHE_RSA_WITH_AES_128_CBC_SHA;
579 case "DHDSSWITHAES256CBCSHA":
580 return DH_DSS_WITH_AES_256_CBC_SHA;
581 case "DHRSAWITHAES256CBCSHA":
582 return DH_RSA_WITH_AES_256_CBC_SHA;
583 case "DHEDSSWITHAES256CBCSHA":
584 return DHE_DSS_WITH_AES_256_CBC_SHA;
585 case "DHERSAWITHAES256CBCSHA":
586 return DHE_RSA_WITH_AES_256_CBC_SHA;
587 case "DHDSSWITHAES128CBCSHA256":
588 return DH_DSS_WITH_AES_128_CBC_SHA256;
589 case "DHRSAWITHAES128CBCSHA256":
590 return DH_RSA_WITH_AES_128_CBC_SHA256;
591 case "DHEDSSWITHAES128CBCSHA256":
592 return DHE_DSS_WITH_AES_128_CBC_SHA256;
593 case "DHERSAWITHAES128CBCSHA256":
594 return DHE_RSA_WITH_AES_128_CBC_SHA256;
595 case "DHDSSWITHAES256CBCSHA256":
596 return DH_DSS_WITH_AES_256_CBC_SHA256;
597 case "DHRSAWITHAES256CBCSHA256":
598 return DH_RSA_WITH_AES_256_CBC_SHA256;
599 case "DHEDSSWITHAES256CBCSHA256":
600 return DHE_DSS_WITH_AES_256_CBC_SHA256;
601 case "DHERSAWITHAES256CBCSHA256":
602 return DHE_RSA_WITH_AES_256_CBC_SHA256;
603 case "DHANONWITHRC4128MD5":
604 return DH_anon_WITH_RC4_128_MD5;
605 case "DHANONWITH3DESEDECBCSHA":
606 return DH_anon_WITH_3DES_EDE_CBC_SHA;
607 case "DHANONWITHAES128CBCSHA":
608 return DH_anon_WITH_AES_128_CBC_SHA;
609 case "DHANONWITHAES256CBCSHA":
610 return DH_anon_WITH_AES_256_CBC_SHA;
611 case "DHANONWITHAES128CBCSHA256":
612 return DH_anon_WITH_AES_128_CBC_SHA256;
613 case "DHANONWITHAES256CBCSHA256":
614 return DH_anon_WITH_AES_256_CBC_SHA256;
615 case "ECDHECDSAWITHNULLSHA":
616 return ECDH_ECDSA_WITH_NULL_SHA;
617 case "ECDHECDSAWITHRC4128SHA":
618 return ECDH_ECDSA_WITH_RC4_128_SHA;
619 case "ECDHECDSAWITH3DESEDECBCSHA":
620 return ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA;
621 case "ECDHECDSAWITHAES128CBCSHA":
622 return ECDH_ECDSA_WITH_AES_128_CBC_SHA;
623 case "ECDHECDSAWITHAES256CBCSHA":
624 return ECDH_ECDSA_WITH_AES_256_CBC_SHA;
625 case "ECDHEECDSAWITHNULLSHA":
626 return ECDHE_ECDSA_WITH_NULL_SHA;
627 case "ECDHEECDSAWITHRC4128SHA":
628 return ECDHE_ECDSA_WITH_RC4_128_SHA;
629 case "ECDHEECDSAWITH3DESEDECBCSHA":
630 return ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA;
631 case "ECDHEECDSAWITHAES128CBCSHA":
632 return ECDHE_ECDSA_WITH_AES_128_CBC_SHA;
633 case "ECDHEECDSAWITHAES256CBCSHA":
634 return ECDHE_ECDSA_WITH_AES_256_CBC_SHA;
635 case "ECDHRSAWITHNULLSHA":
636 return ECDH_RSA_WITH_NULL_SHA;
637 case "ECDHRSAWITHRC4128SHA":
638 return ECDH_RSA_WITH_RC4_128_SHA;
639 case "ECDHRSAWITH3DESEDECBCSHA":
640 return ECDH_RSA_WITH_3DES_EDE_CBC_SHA;
641 case "ECDHRSAWITHAES128CBCSHA":
642 return ECDH_RSA_WITH_AES_128_CBC_SHA;
643 case "ECDHRSAWITHAES256CBCSHA":
644 return ECDH_RSA_WITH_AES_256_CBC_SHA;
645 case "ECDHERSAWITHNULLSHA":
646 return ECDHE_RSA_WITH_NULL_SHA;
647 case "ECDHERSAWITHRC4128SHA":
648 return ECDHE_RSA_WITH_RC4_128_SHA;
649 case "ECDHERSAWITH3DESEDECBCSHA":
650 return ECDHE_RSA_WITH_3DES_EDE_CBC_SHA;
651 case "ECDHERSAWITHAES128CBCSHA":
652 return ECDHE_RSA_WITH_AES_128_CBC_SHA;
653 case "ECDHERSAWITHAES256CBCSHA":
654 return ECDHE_RSA_WITH_AES_256_CBC_SHA;
655 case "ECDHANONWITHNULLSHA":
656 return ECDH_anon_WITH_NULL_SHA;
657 case "ECDHANONWITHRC4128SHA":
658 return ECDH_anon_WITH_RC4_128_SHA;
659 case "ECDHANONWITH3DESEDECBCSHA":
660 return ECDH_anon_WITH_3DES_EDE_CBC_SHA;
661 case "ECDHANONWITHAES128CBCSHA":
662 return ECDH_anon_WITH_AES_128_CBC_SHA;
663 case "ECDHANONWITHAES256CBCSHA":
664 return ECDH_anon_WITH_AES_256_CBC_SHA;
665 case "RSAWITHAES128GCMSHA256":
666 return RSA_WITH_AES_128_GCM_SHA256;
667 case "RSAWITHAES256GCMSHA384":
668 return RSA_WITH_AES_256_GCM_SHA384;
669 case "DHERSAWITHAES128GCMSHA256":
670 return DHE_RSA_WITH_AES_128_GCM_SHA256;
671 case "DHERSAWITHAES256GCMSHA384":
672 return DHE_RSA_WITH_AES_256_GCM_SHA384;
673 case "DHRSAWITHAES128GCMSHA256":
674 return DH_RSA_WITH_AES_128_GCM_SHA256;
675 case "DHRSAWITHAES256GCMSHA384":
676 return DH_RSA_WITH_AES_256_GCM_SHA384;
677 case "DHEDSSWITHAES128GCMSHA256":
678 return DHE_DSS_WITH_AES_128_GCM_SHA256;
679 case "DHEDSSWITHAES256GCMSHA384":
680 return DHE_DSS_WITH_AES_256_GCM_SHA384;
681 case "DHDSSWITHAES128GCMSHA256":
682 return DH_DSS_WITH_AES_128_GCM_SHA256;
683 case "DHDSSWITHAES256GCMSHA384":
684 return DH_DSS_WITH_AES_256_GCM_SHA384;
685 case "DHANONWITHAES128GCMSHA256":
686 return DH_anon_WITH_AES_128_GCM_SHA256;
687 case "DHANONWITHAES256GCMSHA384":
688 return DH_anon_WITH_AES_256_GCM_SHA384;
689 case "ECDHEECDSAWITHAES128CBCSHA256":
690 return ECDHE_ECDSA_WITH_AES_128_CBC_SHA256;
691 case "ECDHEECDSAWITHAES256CBCSHA384":
692 return ECDHE_ECDSA_WITH_AES_256_CBC_SHA384;
693 case "ECDHECDSAWITHAES128CBCSHA256":
694 return ECDH_ECDSA_WITH_AES_128_CBC_SHA256;
695 case "ECDHECDSAWITHAES256CBCSHA384":
696 return ECDH_ECDSA_WITH_AES_256_CBC_SHA384;
697 case "ECDHERSAWITHAES128CBCSHA256":
698 return ECDHE_RSA_WITH_AES_128_CBC_SHA256;
699 case "ECDHERSAWITHAES256CBCSHA384":
700 return ECDHE_RSA_WITH_AES_256_CBC_SHA384;
701 case "ECDHRSAWITHAES128CBCSHA256":
702 return ECDH_RSA_WITH_AES_128_CBC_SHA256;
703 case "ECDHRSAWITHAES256CBCSHA384":
704 return ECDH_RSA_WITH_AES_256_CBC_SHA384;
705 case "ECDHEECDSAWITHAES128GCMSHA256":
706 return ECDHE_ECDSA_WITH_AES_128_GCM_SHA256;
707 case "ECDHEECDSAWITHAES256GCMSHA384":
708 return ECDHE_ECDSA_WITH_AES_256_GCM_SHA384;
709 case "ECDHECDSAWITHAES128GCMSHA256":
710 return ECDH_ECDSA_WITH_AES_128_GCM_SHA256;
711 case "ECDHECDSAWITHAES256GCMSHA384":
712 return ECDH_ECDSA_WITH_AES_256_GCM_SHA384;
713 case "ECDHERSAWITHAES128GCMSHA256":
714 return ECDHE_RSA_WITH_AES_128_GCM_SHA256;
715 case "ECDHERSAWITHAES256GCMSHA384":
716 return ECDHE_RSA_WITH_AES_256_GCM_SHA384;
717 case "ECDHRSAWITHAES128GCMSHA256":
718 return ECDH_RSA_WITH_AES_128_GCM_SHA256;
719 case "ECDHRSAWITHAES256GCMSHA384":
720 return ECDH_RSA_WITH_AES_256_GCM_SHA384;
721 case "ECDHERSAWITHCHACHA20POLY1305SHA256":
722 return ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256;
723 case "ECDHEECDSAWITHCHACHA20POLY1305SHA256":
724 return ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256;
725 case "DHERSAWITHCHACHA20POLY1305SHA256":
726 return DHE_RSA_WITH_CHACHA20_POLY1305_SHA256;
727 case "PSKWITHCHACHA20POLY1305SHA256":
728 return PSK_WITH_CHACHA20_POLY1305_SHA256;
729 case "ECDHEPSKWITHCHACHA20POLY1305SHA256":
730 return ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256;
731 case "DHEPSKWITHCHACHA20POLY1305SHA256":
732 return DHE_PSK_WITH_CHACHA20_POLY1305_SHA256;
733 case "RSAPSKWITHCHACHA20POLY1305SHA256":
734 return RSA_PSK_WITH_CHACHA20_POLY1305_SHA256;
735
736 default:
737 throw new Exception(string.Format(
738 "Unknown cipher suite: '{0}'", s));
739 }
740 }
741
742 /*
743 * Get a human-readable name for a hash-and-sign algorithm.
744 */
745 public static string HashAndSignName(int hs)
746 {
747 switch (hs) {
748 case RSA_MD5: return "RSA_MD5";
749 case RSA_SHA1: return "RSA_SHA1";
750 case RSA_SHA224: return "RSA_SHA224";
751 case RSA_SHA256: return "RSA_SHA256";
752 case RSA_SHA384: return "RSA_SHA384";
753 case RSA_SHA512: return "RSA_SHA512";
754 case ECDSA_MD5: return "ECDSA_MD5";
755 case ECDSA_SHA1: return "ECDSA_SHA1";
756 case ECDSA_SHA224: return "ECDSA_SHA224";
757 case ECDSA_SHA256: return "ECDSA_SHA256";
758 case ECDSA_SHA384: return "ECDSA_SHA384";
759 case ECDSA_SHA512: return "ECDSA_SHA512";
760 default:
761 return String.Format("UNKNOWN:0x{0:X4}", hs);
762 }
763 }
764
765 /*
766 * Parse a hash-and-sign name.
767 */
768 public static int GetHashAndSignByName(string s)
769 {
770 string t = s.Trim().Replace(" ", "").Replace("_", "")
771 .Replace("-", "").Replace("/", "")
772 .ToUpperInvariant();
773 switch (t) {
774 case "RSAMD5": return RSA_MD5;
775 case "RSASHA1": return RSA_SHA1;
776 case "RSASHA224": return RSA_SHA224;
777 case "RSASHA256": return RSA_SHA256;
778 case "RSASHA384": return RSA_SHA384;
779 case "RSASHA512": return RSA_SHA512;
780 case "ECDSAMD5": return ECDSA_MD5;
781 case "ECDSASHA1": return ECDSA_SHA1;
782 case "ECDSASHA224": return ECDSA_SHA224;
783 case "ECDSASHA256": return ECDSA_SHA256;
784 case "ECDSASHA384": return ECDSA_SHA384;
785 case "ECDSASHA512": return ECDSA_SHA512;
786 default:
787 throw new Exception(string.Format(
788 "Unknown hash-and-sign: '{0}'", s));
789 }
790 }
791
792 /*
793 * Get a human-readable name for a curve.
794 */
795 public static string CurveName(int id)
796 {
797 switch (id) {
798 case Curve25519: return "Curve25519";
799 case NIST_P256: return "NIST_P256";
800 case NIST_P384: return "NIST_P384";
801 case NIST_P521: return "NIST_P521";
802 default:
803 return String.Format("UNKNOWN:0x{0:X4}", id);
804 }
805 }
806
807 /*
808 * Get a curve by name.
809 */
810 public static int GetCurveByName(string s)
811 {
812 string t = s.Trim().Replace(" ", "").Replace("_", "")
813 .Replace("-", "").ToLowerInvariant();
814 switch (t) {
815 case "c25519":
816 case "curve25519":
817 return Curve25519;
818 case "secp256r1":
819 case "p256":
820 case "nistp256":
821 case "prime256":
822 case "prime256v1":
823 return NIST_P256;
824 case "secp384r1":
825 case "p384":
826 case "nistp384":
827 return NIST_P384;
828 case "secp521r1":
829 case "p521":
830 case "nistp521":
831 return NIST_P521;
832 default:
833 throw new Exception(string.Format(
834 "Unknown curve: '{0}'", s));
835 }
836 }
837
838 /*
839 * Extract the public key from an encoded X.509 certificate.
840 * This does NOT make any attempt at validating the certificate.
841 */
842 internal static IPublicKey GetKeyFromCert(byte[] cert)
843 {
844 AsnElt ae = AsnElt.Decode(cert);
845 ae.CheckTag(AsnElt.SEQUENCE);
846 ae.CheckNumSub(3);
847 ae = ae.GetSub(0);
848 ae.CheckTag(AsnElt.SEQUENCE);
849 ae.CheckNumSubMin(6);
850 int off = 5;
851 if (ae.GetSub(0).TagValue != AsnElt.INTEGER) {
852 ae.CheckNumSubMin(7);
853 off ++;
854 }
855 return KF.DecodePublicKey(ae.GetSub(off));
856 }
857
858 internal static bool IsRSA(int cs)
859 {
860 switch (cs) {
861 case RSA_WITH_RC4_128_MD5:
862 case RSA_WITH_RC4_128_SHA:
863 case RSA_WITH_3DES_EDE_CBC_SHA:
864 case RSA_WITH_AES_128_CBC_SHA:
865 case RSA_WITH_AES_256_CBC_SHA:
866 case RSA_WITH_AES_128_CBC_SHA256:
867 case RSA_WITH_AES_256_CBC_SHA256:
868 case RSA_WITH_AES_128_GCM_SHA256:
869 case RSA_WITH_AES_256_GCM_SHA384:
870 return true;
871 default:
872 return false;
873 }
874 }
875
876 internal static bool IsDH_DSA(int cs)
877 {
878 switch (cs) {
879 case DH_DSS_WITH_3DES_EDE_CBC_SHA:
880 case DH_DSS_WITH_AES_128_CBC_SHA:
881 case DH_DSS_WITH_AES_256_CBC_SHA:
882 case DH_DSS_WITH_AES_128_CBC_SHA256:
883 case DH_DSS_WITH_AES_256_CBC_SHA256:
884 case DH_DSS_WITH_AES_128_GCM_SHA256:
885 case DH_DSS_WITH_AES_256_GCM_SHA384:
886 return true;
887 default:
888 return false;
889 }
890 }
891
892 internal static bool IsDH_RSA(int cs)
893 {
894 switch (cs) {
895 case DH_RSA_WITH_3DES_EDE_CBC_SHA:
896 case DH_RSA_WITH_AES_128_CBC_SHA:
897 case DH_RSA_WITH_AES_256_CBC_SHA:
898 case DH_RSA_WITH_AES_128_CBC_SHA256:
899 case DH_RSA_WITH_AES_256_CBC_SHA256:
900 case DH_RSA_WITH_AES_128_GCM_SHA256:
901 case DH_RSA_WITH_AES_256_GCM_SHA384:
902 return true;
903 default:
904 return false;
905 }
906 }
907
908 internal static bool IsDH(int cs)
909 {
910 return IsDH_DSA(cs) || IsDH_RSA(cs);
911 }
912
913 internal static bool IsDHE_DSS(int cs)
914 {
915 switch (cs) {
916 case DHE_DSS_WITH_3DES_EDE_CBC_SHA:
917 case DHE_DSS_WITH_AES_128_CBC_SHA:
918 case DHE_DSS_WITH_AES_256_CBC_SHA:
919 case DHE_DSS_WITH_AES_128_CBC_SHA256:
920 case DHE_DSS_WITH_AES_256_CBC_SHA256:
921 case DHE_DSS_WITH_AES_128_GCM_SHA256:
922 case DHE_DSS_WITH_AES_256_GCM_SHA384:
923 return true;
924 default:
925 return false;
926 }
927 }
928
929 internal static bool IsDHE_RSA(int cs)
930 {
931 switch (cs) {
932 case DHE_RSA_WITH_3DES_EDE_CBC_SHA:
933 case DHE_RSA_WITH_AES_128_CBC_SHA:
934 case DHE_RSA_WITH_AES_256_CBC_SHA:
935 case DHE_RSA_WITH_AES_128_CBC_SHA256:
936 case DHE_RSA_WITH_AES_256_CBC_SHA256:
937 case DHE_RSA_WITH_AES_128_GCM_SHA256:
938 case DHE_RSA_WITH_AES_256_GCM_SHA384:
939 case DHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
940 return true;
941 default:
942 return false;
943 }
944 }
945
946 internal static bool IsECDH_ECDSA(int cs)
947 {
948 switch (cs) {
949 case ECDH_ECDSA_WITH_NULL_SHA:
950 case ECDH_ECDSA_WITH_RC4_128_SHA:
951 case ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA:
952 case ECDH_ECDSA_WITH_AES_128_CBC_SHA:
953 case ECDH_ECDSA_WITH_AES_256_CBC_SHA:
954 case ECDH_ECDSA_WITH_AES_128_CBC_SHA256:
955 case ECDH_ECDSA_WITH_AES_256_CBC_SHA384:
956 case ECDH_ECDSA_WITH_AES_128_GCM_SHA256:
957 case ECDH_ECDSA_WITH_AES_256_GCM_SHA384:
958 return true;
959 default:
960 return false;
961 }
962 }
963
964 internal static bool IsECDH_RSA(int cs)
965 {
966 switch (cs) {
967 case ECDH_RSA_WITH_NULL_SHA:
968 case ECDH_RSA_WITH_RC4_128_SHA:
969 case ECDH_RSA_WITH_3DES_EDE_CBC_SHA:
970 case ECDH_RSA_WITH_AES_128_CBC_SHA:
971 case ECDH_RSA_WITH_AES_256_CBC_SHA:
972 case ECDH_RSA_WITH_AES_128_CBC_SHA256:
973 case ECDH_RSA_WITH_AES_256_CBC_SHA384:
974 case ECDH_RSA_WITH_AES_128_GCM_SHA256:
975 case ECDH_RSA_WITH_AES_256_GCM_SHA384:
976 return true;
977 default:
978 return false;
979 }
980 }
981
982 internal static bool IsECDH(int cs)
983 {
984 return IsECDH_ECDSA(cs) || IsECDH_RSA(cs);
985 }
986
987 internal static bool IsECDHE_ECDSA(int cs)
988 {
989 switch (cs) {
990 case ECDHE_ECDSA_WITH_NULL_SHA:
991 case ECDHE_ECDSA_WITH_RC4_128_SHA:
992 case ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA:
993 case ECDHE_ECDSA_WITH_AES_128_CBC_SHA:
994 case ECDHE_ECDSA_WITH_AES_256_CBC_SHA:
995 case ECDHE_ECDSA_WITH_AES_128_CBC_SHA256:
996 case ECDHE_ECDSA_WITH_AES_256_CBC_SHA384:
997 case ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:
998 case ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:
999 case ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:
1000 return true;
1001 default:
1002 return false;
1003 }
1004 }
1005
1006 internal static bool IsECDHE_RSA(int cs)
1007 {
1008 switch (cs) {
1009 case ECDHE_RSA_WITH_NULL_SHA:
1010 case ECDHE_RSA_WITH_RC4_128_SHA:
1011 case ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:
1012 case ECDHE_RSA_WITH_AES_128_CBC_SHA:
1013 case ECDHE_RSA_WITH_AES_256_CBC_SHA:
1014 case ECDHE_RSA_WITH_AES_128_CBC_SHA256:
1015 case ECDHE_RSA_WITH_AES_256_CBC_SHA384:
1016 case ECDHE_RSA_WITH_AES_128_GCM_SHA256:
1017 case ECDHE_RSA_WITH_AES_256_GCM_SHA384:
1018 case ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
1019 return true;
1020 default:
1021 return false;
1022 }
1023 }
1024
1025 internal static bool IsECDHE(int cs)
1026 {
1027 return IsECDHE_RSA(cs) || IsECDHE_ECDSA(cs);
1028 }
1029
1030 internal static bool IsSHA384(int cs)
1031 {
1032 switch (cs) {
1033 case RSA_WITH_AES_256_GCM_SHA384:
1034 case DH_DSS_WITH_AES_256_GCM_SHA384:
1035 case DH_RSA_WITH_AES_256_GCM_SHA384:
1036 case DHE_DSS_WITH_AES_256_GCM_SHA384:
1037 case DHE_RSA_WITH_AES_256_GCM_SHA384:
1038 case ECDH_ECDSA_WITH_AES_256_CBC_SHA384:
1039 case ECDH_ECDSA_WITH_AES_256_GCM_SHA384:
1040 case ECDH_RSA_WITH_AES_256_CBC_SHA384:
1041 case ECDH_RSA_WITH_AES_256_GCM_SHA384:
1042 case ECDHE_ECDSA_WITH_AES_256_CBC_SHA384:
1043 case ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:
1044 case ECDHE_RSA_WITH_AES_256_CBC_SHA384:
1045 case ECDHE_RSA_WITH_AES_256_GCM_SHA384:
1046 return true;
1047 default:
1048 return false;
1049 }
1050 }
1051
1052 internal static bool IsTLS12(int cs)
1053 {
1054 switch (cs) {
1055 case RSA_WITH_NULL_SHA256:
1056 case RSA_WITH_AES_128_CBC_SHA256:
1057 case RSA_WITH_AES_256_CBC_SHA256:
1058 case DH_DSS_WITH_AES_128_CBC_SHA256:
1059 case DH_RSA_WITH_AES_128_CBC_SHA256:
1060 case DHE_DSS_WITH_AES_128_CBC_SHA256:
1061 case DHE_RSA_WITH_AES_128_CBC_SHA256:
1062 case DH_DSS_WITH_AES_256_CBC_SHA256:
1063 case DH_RSA_WITH_AES_256_CBC_SHA256:
1064 case DHE_DSS_WITH_AES_256_CBC_SHA256:
1065 case DHE_RSA_WITH_AES_256_CBC_SHA256:
1066 case DH_anon_WITH_AES_128_CBC_SHA256:
1067 case DH_anon_WITH_AES_256_CBC_SHA256:
1068 case RSA_WITH_AES_128_GCM_SHA256:
1069 case RSA_WITH_AES_256_GCM_SHA384:
1070 case DHE_RSA_WITH_AES_128_GCM_SHA256:
1071 case DHE_RSA_WITH_AES_256_GCM_SHA384:
1072 case DH_RSA_WITH_AES_128_GCM_SHA256:
1073 case DH_RSA_WITH_AES_256_GCM_SHA384:
1074 case DHE_DSS_WITH_AES_128_GCM_SHA256:
1075 case DHE_DSS_WITH_AES_256_GCM_SHA384:
1076 case DH_DSS_WITH_AES_128_GCM_SHA256:
1077 case DH_DSS_WITH_AES_256_GCM_SHA384:
1078 case DH_anon_WITH_AES_128_GCM_SHA256:
1079 case DH_anon_WITH_AES_256_GCM_SHA384:
1080 case ECDHE_ECDSA_WITH_AES_128_CBC_SHA256:
1081 case ECDHE_ECDSA_WITH_AES_256_CBC_SHA384:
1082 case ECDH_ECDSA_WITH_AES_128_CBC_SHA256:
1083 case ECDH_ECDSA_WITH_AES_256_CBC_SHA384:
1084 case ECDHE_RSA_WITH_AES_128_CBC_SHA256:
1085 case ECDHE_RSA_WITH_AES_256_CBC_SHA384:
1086 case ECDH_RSA_WITH_AES_128_CBC_SHA256:
1087 case ECDH_RSA_WITH_AES_256_CBC_SHA384:
1088 case ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:
1089 case ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:
1090 case ECDH_ECDSA_WITH_AES_128_GCM_SHA256:
1091 case ECDH_ECDSA_WITH_AES_256_GCM_SHA384:
1092 case ECDHE_RSA_WITH_AES_128_GCM_SHA256:
1093 case ECDHE_RSA_WITH_AES_256_GCM_SHA384:
1094 case ECDH_RSA_WITH_AES_128_GCM_SHA256:
1095 case ECDH_RSA_WITH_AES_256_GCM_SHA384:
1096 case ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
1097 case ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:
1098 case DHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
1099 case PSK_WITH_CHACHA20_POLY1305_SHA256:
1100 case ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256:
1101 case DHE_PSK_WITH_CHACHA20_POLY1305_SHA256:
1102 case RSA_PSK_WITH_CHACHA20_POLY1305_SHA256:
1103 return true;
1104 default:
1105 return false;
1106 }
1107 }
1108
1109 internal static PRF GetPRFForTLS12(int cs)
1110 {
1111 return new PRF(IsSHA384(cs)
1112 ? (IDigest)new SHA384()
1113 : (IDigest)new SHA256());
1114 }
1115
1116 internal static ECCurve GetCurveByID(int id)
1117 {
1118 switch (id) {
1119 case NIST_P256: return EC.P256;
1120 case NIST_P384: return EC.P384;
1121 case NIST_P521: return EC.P521;
1122 case Curve25519: return EC.Curve25519;
1123 default:
1124 throw new SSLException("Unknown curve: " + id);
1125 }
1126 }
1127
1128 /*
1129 * Get ID for a curve. This returns -1 if the curve is not
1130 * recognised.
1131 */
1132 internal static int CurveToID(ECCurve curve)
1133 {
1134 switch (curve.Name) {
1135 case "P-256": return SSL.NIST_P256;
1136 case "P-384": return SSL.NIST_P384;
1137 case "P-521": return SSL.NIST_P521;
1138 case "Curve25519": return SSL.Curve25519;
1139 default:
1140 return -1;
1141 }
1142 }
1143
1144 internal static IDigest GetHashByID(int id)
1145 {
1146 switch (id) {
1147 case 1: return new MD5();
1148 case 2: return new SHA1();
1149 case 3: return new SHA224();
1150 case 4: return new SHA256();
1151 case 5: return new SHA384();
1152 case 6: return new SHA512();
1153 default:
1154 throw new SSLException("Unknown hash: " + id);
1155 }
1156 }
1157 }
1158
1159 }
Unnamed repository; edit this file 'description' to name the repository.