/src/gnutls/lib/algorithms/groups.c
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * Copyright (C) 2017 Red Hat, Inc. |
3 | | * |
4 | | * Author: Nikos Mavrogiannopoulos |
5 | | * |
6 | | * This file is part of GnuTLS. |
7 | | * |
8 | | * The GnuTLS is free software; you can redistribute it and/or |
9 | | * modify it under the terms of the GNU Lesser General Public License |
10 | | * as published by the Free Software Foundation; either version 2.1 of |
11 | | * the License, or (at your option) any later version. |
12 | | * |
13 | | * This library is distributed in the hope that it will be useful, but |
14 | | * WITHOUT ANY WARRANTY; without even the implied warranty of |
15 | | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
16 | | * Lesser General Public License for more details. |
17 | | * |
18 | | * You should have received a copy of the GNU Lesser General Public License |
19 | | * along with this program. If not, see <https://www.gnu.org/licenses/> |
20 | | * |
21 | | */ |
22 | | |
23 | | #include "gnutls_int.h" |
24 | | #include "algorithms.h" |
25 | | #include "errors.h" |
26 | | #include "x509/common.h" |
27 | | #include "pk.h" |
28 | | #include "c-strcase.h" |
29 | | |
30 | | /* Supported ECC curves |
31 | | */ |
32 | | |
33 | | static const gnutls_group_entry_st supported_groups[] = { |
34 | | { |
35 | | .name = "SECP192R1", |
36 | | .id = GNUTLS_GROUP_SECP192R1, |
37 | | .curve = GNUTLS_ECC_CURVE_SECP192R1, |
38 | | .tls_id = 19, |
39 | | .pk = GNUTLS_PK_ECDSA, |
40 | | }, |
41 | | { |
42 | | .name = "SECP224R1", |
43 | | .id = GNUTLS_GROUP_SECP224R1, |
44 | | .curve = GNUTLS_ECC_CURVE_SECP224R1, |
45 | | .tls_id = 21, |
46 | | .pk = GNUTLS_PK_ECDSA, |
47 | | }, |
48 | | { |
49 | | .name = "SECP256R1", |
50 | | .id = GNUTLS_GROUP_SECP256R1, |
51 | | .curve = GNUTLS_ECC_CURVE_SECP256R1, |
52 | | .tls_id = 23, |
53 | | .pk = GNUTLS_PK_ECDSA, |
54 | | }, |
55 | | { |
56 | | .name = "SECP384R1", |
57 | | .id = GNUTLS_GROUP_SECP384R1, |
58 | | .curve = GNUTLS_ECC_CURVE_SECP384R1, |
59 | | .tls_id = 24, |
60 | | .pk = GNUTLS_PK_ECDSA, |
61 | | }, |
62 | | { |
63 | | .name = "SECP521R1", |
64 | | .id = GNUTLS_GROUP_SECP521R1, |
65 | | .curve = GNUTLS_ECC_CURVE_SECP521R1, |
66 | | .tls_id = 25, |
67 | | .pk = GNUTLS_PK_ECDSA, |
68 | | }, |
69 | | { .name = "X25519", |
70 | | .id = GNUTLS_GROUP_X25519, |
71 | | .curve = GNUTLS_ECC_CURVE_X25519, |
72 | | .tls_id = 29, |
73 | | .pk = GNUTLS_PK_ECDH_X25519 }, |
74 | | #ifdef ENABLE_GOST |
75 | | /* draft-smyshlyaev-tls12-gost-suites-06, Section 6 */ |
76 | | { |
77 | | .name = "GC256A", |
78 | | .id = GNUTLS_GROUP_GC256A, |
79 | | .curve = GNUTLS_ECC_CURVE_GOST256A, |
80 | | .pk = GNUTLS_PK_GOST_12_256, |
81 | | .tls_id = 34, |
82 | | }, |
83 | | { |
84 | | .name = "GC256B", |
85 | | .id = GNUTLS_GROUP_GC256B, |
86 | | .curve = GNUTLS_ECC_CURVE_GOST256B, |
87 | | .pk = GNUTLS_PK_GOST_12_256, |
88 | | .tls_id = 35, |
89 | | }, |
90 | | { |
91 | | .name = "GC256C", |
92 | | .id = GNUTLS_GROUP_GC256C, |
93 | | .curve = GNUTLS_ECC_CURVE_GOST256C, |
94 | | .pk = GNUTLS_PK_GOST_12_256, |
95 | | .tls_id = 36, |
96 | | }, |
97 | | { |
98 | | .name = "GC256D", |
99 | | .id = GNUTLS_GROUP_GC256D, |
100 | | .curve = GNUTLS_ECC_CURVE_GOST256D, |
101 | | .pk = GNUTLS_PK_GOST_12_256, |
102 | | .tls_id = 37, |
103 | | }, |
104 | | { |
105 | | .name = "GC512A", |
106 | | .id = GNUTLS_GROUP_GC512A, |
107 | | .curve = GNUTLS_ECC_CURVE_GOST512A, |
108 | | .pk = GNUTLS_PK_GOST_12_512, |
109 | | .tls_id = 38, |
110 | | }, |
111 | | { |
112 | | .name = "GC512B", |
113 | | .id = GNUTLS_GROUP_GC512B, |
114 | | .curve = GNUTLS_ECC_CURVE_GOST512B, |
115 | | .pk = GNUTLS_PK_GOST_12_512, |
116 | | .tls_id = 39, |
117 | | }, |
118 | | { |
119 | | .name = "GC512C", |
120 | | .id = GNUTLS_GROUP_GC512C, |
121 | | .curve = GNUTLS_ECC_CURVE_GOST512C, |
122 | | .pk = GNUTLS_PK_GOST_12_512, |
123 | | .tls_id = 40, |
124 | | }, |
125 | | #endif |
126 | | { .name = "X448", |
127 | | .id = GNUTLS_GROUP_X448, |
128 | | .curve = GNUTLS_ECC_CURVE_X448, |
129 | | .tls_id = 30, |
130 | | .pk = GNUTLS_PK_ECDH_X448 }, |
131 | | #ifdef ENABLE_DHE |
132 | | { .name = "FFDHE2048", |
133 | | .id = GNUTLS_GROUP_FFDHE2048, |
134 | | .generator = &gnutls_ffdhe_2048_group_generator, |
135 | | .prime = &gnutls_ffdhe_2048_group_prime, |
136 | | .q = &gnutls_ffdhe_2048_group_q, |
137 | | .q_bits = &gnutls_ffdhe_2048_key_bits, |
138 | | .pk = GNUTLS_PK_DH, |
139 | | .tls_id = 0x100 }, |
140 | | { .name = "FFDHE3072", |
141 | | .id = GNUTLS_GROUP_FFDHE3072, |
142 | | .generator = &gnutls_ffdhe_3072_group_generator, |
143 | | .prime = &gnutls_ffdhe_3072_group_prime, |
144 | | .q = &gnutls_ffdhe_3072_group_q, |
145 | | .q_bits = &gnutls_ffdhe_3072_key_bits, |
146 | | .pk = GNUTLS_PK_DH, |
147 | | .tls_id = 0x101 }, |
148 | | { .name = "FFDHE4096", |
149 | | .id = GNUTLS_GROUP_FFDHE4096, |
150 | | .generator = &gnutls_ffdhe_4096_group_generator, |
151 | | .prime = &gnutls_ffdhe_4096_group_prime, |
152 | | .q = &gnutls_ffdhe_4096_group_q, |
153 | | .q_bits = &gnutls_ffdhe_4096_key_bits, |
154 | | .pk = GNUTLS_PK_DH, |
155 | | .tls_id = 0x102 }, |
156 | | { .name = "FFDHE6144", |
157 | | .id = GNUTLS_GROUP_FFDHE6144, |
158 | | .generator = &gnutls_ffdhe_6144_group_generator, |
159 | | .prime = &gnutls_ffdhe_6144_group_prime, |
160 | | .q = &gnutls_ffdhe_6144_group_q, |
161 | | .q_bits = &gnutls_ffdhe_6144_key_bits, |
162 | | .pk = GNUTLS_PK_DH, |
163 | | .tls_id = 0x103 }, |
164 | | { .name = "FFDHE8192", |
165 | | .id = GNUTLS_GROUP_FFDHE8192, |
166 | | .generator = &gnutls_ffdhe_8192_group_generator, |
167 | | .prime = &gnutls_ffdhe_8192_group_prime, |
168 | | .q = &gnutls_ffdhe_8192_group_q, |
169 | | .q_bits = &gnutls_ffdhe_8192_key_bits, |
170 | | .pk = GNUTLS_PK_DH, |
171 | | .tls_id = 0x104 }, |
172 | | #endif |
173 | | #ifdef HAVE_LIBOQS |
174 | | { .name = "X25519-KYBER768", |
175 | | .id = GNUTLS_GROUP_EXP_X25519_KYBER768, |
176 | | .curve = GNUTLS_ECC_CURVE_X25519, |
177 | | .pk = GNUTLS_PK_ECDH_X25519, |
178 | | .pk2 = GNUTLS_PK_EXP_KYBER768, |
179 | | .tls_id = 0x6399 }, |
180 | | #endif |
181 | | { 0, 0, 0 } |
182 | | }; |
183 | | |
184 | | #define GNUTLS_GROUP_LOOP(b) \ |
185 | 0 | { \ |
186 | 0 | const gnutls_group_entry_st *p; \ |
187 | 0 | for (p = supported_groups; p->name != NULL; p++) { \ |
188 | 0 | b; \ |
189 | 0 | } \ |
190 | 0 | } |
191 | | |
192 | | /* Returns the TLS id of the given curve |
193 | | */ |
194 | | const gnutls_group_entry_st *_gnutls_tls_id_to_group(unsigned num) |
195 | 0 | { |
196 | 0 | GNUTLS_GROUP_LOOP( |
197 | 0 | if (p->tls_id == num && |
198 | 0 | (p->curve == 0 || |
199 | 0 | _gnutls_ecc_curve_is_supported(p->curve))) { return p; }); |
200 | |
|
201 | 0 | return NULL; |
202 | 0 | } |
203 | | |
204 | | const gnutls_group_entry_st *_gnutls_id_to_group(unsigned id) |
205 | 0 | { |
206 | 0 | if (id == 0) |
207 | 0 | return NULL; |
208 | | |
209 | 0 | GNUTLS_GROUP_LOOP( |
210 | 0 | if (p->id == id && (p->curve == 0 || |
211 | 0 | _gnutls_ecc_curve_is_supported(p->curve))) { |
212 | 0 | return p; |
213 | 0 | }); |
214 | |
|
215 | 0 | return NULL; |
216 | 0 | } |
217 | | |
218 | | /** |
219 | | * gnutls_group_list: |
220 | | * |
221 | | * Get the list of supported elliptic curves. |
222 | | * |
223 | | * This function is not thread safe. |
224 | | * |
225 | | * Returns: Return a (0)-terminated list of #gnutls_group_t |
226 | | * integers indicating the available groups. |
227 | | * |
228 | | * Since: 3.6.0 |
229 | | **/ |
230 | | const gnutls_group_t *gnutls_group_list(void) |
231 | 0 | { |
232 | 0 | static gnutls_group_t groups[MAX_ALGOS] = { 0 }; |
233 | |
|
234 | 0 | if (groups[0] == 0) { |
235 | 0 | int i = 0; |
236 | |
|
237 | 0 | GNUTLS_GROUP_LOOP(if (p->curve == 0 || |
238 | 0 | _gnutls_ecc_curve_is_supported(p->curve)) |
239 | 0 | groups[i++] = p->id;); |
240 | 0 | groups[i++] = 0; |
241 | 0 | } |
242 | |
|
243 | 0 | return groups; |
244 | 0 | } |
245 | | |
246 | | /** |
247 | | * gnutls_group_get_id: |
248 | | * @name: is a group name |
249 | | * |
250 | | * The names are compared in a case insensitive way. |
251 | | * |
252 | | * Returns: return a #gnutls_group_t value corresponding to |
253 | | * the specified group, or %GNUTLS_GROUP_INVALID on error. |
254 | | * |
255 | | * Since: 3.6.0 |
256 | | **/ |
257 | | gnutls_group_t gnutls_group_get_id(const char *name) |
258 | 0 | { |
259 | 0 | gnutls_group_t ret = GNUTLS_GROUP_INVALID; |
260 | |
|
261 | 0 | GNUTLS_GROUP_LOOP(if (c_strcasecmp(p->name, name) == 0 && |
262 | 0 | (p->curve == 0 || |
263 | 0 | _gnutls_ecc_curve_is_supported(p->curve))) { |
264 | 0 | ret = p->id; |
265 | 0 | break; |
266 | 0 | }); |
267 | |
|
268 | 0 | return ret; |
269 | 0 | } |
270 | | |
271 | | /* Similar to gnutls_group_get_id, except that it does not check if |
272 | | * the curve is supported. |
273 | | */ |
274 | | gnutls_group_t _gnutls_group_get_id(const char *name) |
275 | 0 | { |
276 | 0 | gnutls_group_t ret = GNUTLS_GROUP_INVALID; |
277 | |
|
278 | 0 | GNUTLS_GROUP_LOOP(if (c_strcasecmp(p->name, name) == 0) { |
279 | 0 | ret = p->id; |
280 | 0 | break; |
281 | 0 | }); |
282 | |
|
283 | 0 | return ret; |
284 | 0 | } |
285 | | |
286 | | /** |
287 | | * gnutls_group_get_name: |
288 | | * @group: is an element from %gnutls_group_t |
289 | | * |
290 | | * Convert a #gnutls_group_t value to a string. |
291 | | * |
292 | | * Returns: a string that contains the name of the specified |
293 | | * group or %NULL. |
294 | | * |
295 | | * Since: 3.6.0 |
296 | | **/ |
297 | | const char *gnutls_group_get_name(gnutls_group_t group) |
298 | 0 | { |
299 | 0 | GNUTLS_GROUP_LOOP(if (p->id == group) { return p->name; }); |
300 | |
|
301 | 0 | return NULL; |
302 | 0 | } |