aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/tls/tls_extensions.cpp
diff options
context:
space:
mode:
authorRenĂ© Korthaus <[email protected]>2017-10-17 16:22:07 +0200
committerRenĂ© Korthaus <[email protected]>2017-10-17 16:49:57 +0200
commit824b2e56ca886585cc2dfd363bb1913c6d416904 (patch)
tree0de3aea53c9488bc1a1f90c0361d79c44a6f6f9b /src/lib/tls/tls_extensions.cpp
parentf01f37d142ef230b03ca6af46f1e1a0615e4879a (diff)
Add supported groups TLS extension (RFC 7919)
Diffstat (limited to 'src/lib/tls/tls_extensions.cpp')
-rw-r--r--src/lib/tls/tls_extensions.cpp81
1 files changed, 70 insertions, 11 deletions
diff --git a/src/lib/tls/tls_extensions.cpp b/src/lib/tls/tls_extensions.cpp
index 317d96b8d..8f13b2c6d 100644
--- a/src/lib/tls/tls_extensions.cpp
+++ b/src/lib/tls/tls_extensions.cpp
@@ -275,7 +275,23 @@ std::vector<uint8_t> Application_Layer_Protocol_Notification::serialize() const
return buf;
}
-std::string Supported_Elliptic_Curves::curve_id_to_name(uint16_t id)
+Supported_Groups::Supported_Groups(const std::vector<std::string>& groups) :
+ m_groups(groups)
+ {
+ for(const auto& group : m_groups)
+ {
+ if(is_dh_group(group))
+ {
+ m_dh_groups.push_back(group);
+ }
+ else
+ {
+ m_curves.push_back(group);
+ }
+ }
+ }
+
+std::string Supported_Groups::curve_id_to_name(uint16_t id)
{
switch(id)
{
@@ -302,12 +318,23 @@ std::string Supported_Elliptic_Curves::curve_id_to_name(uint16_t id)
return BOTAN_HOUSE_ECC_CURVE_NAME;
#endif
+ case 256:
+ return "ffdhe/ietf/2048";
+ case 257:
+ return "ffdhe/ietf/3072";
+ case 258:
+ return "ffdhe/ietf/4096";
+ case 259:
+ return "ffdhe/ietf/6144";
+ case 260:
+ return "ffdhe/ietf/8192";
+
default:
return ""; // something we don't know or support
}
}
-uint16_t Supported_Elliptic_Curves::name_to_curve_id(const std::string& name)
+uint16_t Supported_Groups::name_to_curve_id(const std::string& name)
{
if(name == "secp256r1")
return 23;
@@ -332,17 +359,39 @@ uint16_t Supported_Elliptic_Curves::name_to_curve_id(const std::string& name)
return BOTAN_HOUSE_ECC_CURVE_TLS_ID;
#endif
- // Unknown/unavailable EC curves are ignored
+ if(name == "ffdhe/ietf/2048")
+ return 256;
+ if(name == "ffdhe/ietf/3072")
+ return 257;
+ if(name == "ffdhe/ietf/4096")
+ return 258;
+ if(name == "ffdhe/ietf/6144")
+ return 259;
+ if(name == "ffdhe/ietf/8192")
+ return 260;
+
+ // Unknown/unavailable DH groups/EC curves are ignored
return 0;
}
-std::vector<uint8_t> Supported_Elliptic_Curves::serialize() const
+bool Supported_Groups::is_dh_group( const std::string& group_name )
+ {
+ if(group_name == "ffdhe/ietf/2048" || group_name == "ffdhe/ietf/3072"
+ || group_name == "ffdhe/ietf/4096" || group_name == "ffdhe/ietf/6144"
+ || group_name == "ffdhe/ietf/8192")
+ {
+ return true;
+ }
+ return false;
+ }
+
+std::vector<uint8_t> Supported_Groups::serialize() const
{
std::vector<uint8_t> buf(2);
- for(size_t i = 0; i != m_curves.size(); ++i)
+ for(size_t i = 0; i != m_groups.size(); ++i)
{
- const uint16_t id = name_to_curve_id(m_curves[i]);
+ const uint16_t id = name_to_curve_id(m_groups[i]);
if(id > 0)
{
@@ -357,16 +406,16 @@ std::vector<uint8_t> Supported_Elliptic_Curves::serialize() const
return buf;
}
-Supported_Elliptic_Curves::Supported_Elliptic_Curves(TLS_Data_Reader& reader,
- uint16_t extension_size)
+Supported_Groups::Supported_Groups(TLS_Data_Reader& reader,
+ uint16_t extension_size)
{
uint16_t len = reader.get_uint16_t();
if(len + 2 != extension_size)
- throw Decoding_Error("Inconsistent length field in elliptic curve list");
+ throw Decoding_Error("Inconsistent length field in supported groups list");
if(len % 2 == 1)
- throw Decoding_Error("Elliptic curve list of strange size");
+ throw Decoding_Error("Supported groups list of strange size");
len /= 2;
@@ -376,7 +425,17 @@ Supported_Elliptic_Curves::Supported_Elliptic_Curves(TLS_Data_Reader& reader,
const std::string name = curve_id_to_name(id);
if(!name.empty())
- m_curves.push_back(name);
+ {
+ m_groups.push_back(name);
+ if(is_dh_group(name))
+ {
+ m_dh_groups.push_back(name);
+ }
+ else
+ {
+ m_curves.push_back(name);
+ }
+ }
}
}