1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-25 14:37:46 +00:00

LibTLS: Rename NamedCurve to SupportedGroup

This matches the wording used in the IANA registry and TLS 1.3
Also add missing values from the IANA registry
This commit is contained in:
stelar7 2023-04-14 00:16:18 +02:00 committed by Sam Atkins
parent 6df3ffaf45
commit a4855aef17
5 changed files with 87 additions and 24 deletions

View file

@ -11,7 +11,7 @@
#include <LibCrypto/ASN1/ASN1.h>
#include <LibCrypto/ASN1/DER.h>
#include <LibCrypto/ASN1/PEM.h>
#include <LibTLS/CipherSuite.h>
#include <LibTLS/Extensions.h>
namespace TLS {
@ -112,12 +112,12 @@ constexpr static Array<int, 4>
} \
} while (0)
static ErrorOr<NamedCurve> oid_to_curve(Vector<int> curve)
static ErrorOr<SupportedGroup> oid_to_curve(Vector<int> curve)
{
if (curve == curve_ansip384r1)
return NamedCurve::secp384r1;
return SupportedGroup::SECP384R1;
else if (curve == curve_prime256)
return NamedCurve::secp256r1;
return SupportedGroup::SECP256R1;
return Error::from_string_view(TRY(String::formatted("Unknown curve oid {}", curve)));
}
@ -175,7 +175,7 @@ static ErrorOr<Crypto::UnsignedBigInteger> parse_serial_number(Crypto::ASN1::Dec
return serial;
}
static ErrorOr<NamedCurve> parse_ec_parameters(Crypto::ASN1::Decoder& decoder, Vector<StringView> current_scope)
static ErrorOr<SupportedGroup> parse_ec_parameters(Crypto::ASN1::Decoder& decoder, Vector<StringView> current_scope)
{
// ECParameters ::= CHOICE {
// namedCurve OBJECT IDENTIFIER
@ -314,9 +314,9 @@ static ErrorOr<CertificateKeyAlgorithm> parse_algorithm_identifier(Crypto::ASN1:
auto ec_parameters = TRY(parse_ec_parameters(decoder, current_scope));
EXIT_SCOPE();
if (ec_parameters == NamedCurve::secp256r1)
if (ec_parameters == SupportedGroup::SECP256R1)
return CertificateKeyAlgorithm::ECDSA_SECP256R1;
else if (ec_parameters == NamedCurve::secp384r1)
else if (ec_parameters == SupportedGroup::SECP384R1)
return CertificateKeyAlgorithm::ECDSA_SECP384R1;
}

View file

@ -189,14 +189,6 @@ constexpr size_t cipher_key_size(CipherAlgorithm algorithm)
}
}
enum class NamedCurve : u16 {
secp256r1 = 23,
secp384r1 = 24,
secp521r1 = 25,
x25519 = 29,
x448 = 30,
};
enum class ECPointFormat : u8 {
Uncompressed = 0,
};

View file

@ -176,6 +176,77 @@ enum class ECCurveType : u8 {
__ENUM_EC_CURVE_TYPES
};
// https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8
#define __ENUM_SUPPORTED_GROUPS \
_ENUM_KEY_VALUE(SECT163K1, 0x0001) \
_ENUM_KEY_VALUE(SECT163R1, 0x0002) \
_ENUM_KEY_VALUE(SECT163R2, 0x0003) \
_ENUM_KEY_VALUE(SECT193R1, 0x0004) \
_ENUM_KEY_VALUE(SECT193R2, 0x0005) \
_ENUM_KEY_VALUE(SECT233K1, 0x0006) \
_ENUM_KEY_VALUE(SECT233R1, 0x0007) \
_ENUM_KEY_VALUE(SECT239K1, 0x0008) \
_ENUM_KEY_VALUE(SECT283K1, 0x0009) \
_ENUM_KEY_VALUE(SECT283R1, 0x000a) \
_ENUM_KEY_VALUE(SECT409K1, 0x000b) \
_ENUM_KEY_VALUE(SECT409R1, 0x000c) \
_ENUM_KEY_VALUE(SECT571K1, 0x000d) \
_ENUM_KEY_VALUE(SECT571R1, 0x000e) \
_ENUM_KEY_VALUE(SECP160K1, 0x000f) \
_ENUM_KEY_VALUE(SECP160R1, 0x0010) \
_ENUM_KEY_VALUE(SECP160R2, 0x0011) \
_ENUM_KEY_VALUE(SECP192K1, 0x0012) \
_ENUM_KEY_VALUE(SECP192R1, 0x0013) \
_ENUM_KEY_VALUE(SECP224K1, 0x0014) \
_ENUM_KEY_VALUE(SECP224R1, 0x0015) \
_ENUM_KEY_VALUE(SECP256K1, 0x0016) \
_ENUM_KEY_VALUE(SECP256R1, 0x0017) \
_ENUM_KEY_VALUE(SECP384R1, 0x0018) \
_ENUM_KEY_VALUE(SECP521R1, 0x0019) \
_ENUM_KEY_VALUE(BRAINPOOLP256R1, 0x001a) \
_ENUM_KEY_VALUE(BRAINPOOLP384R1, 0x001b) \
_ENUM_KEY_VALUE(BRAINPOOLP512R1, 0x001c) \
_ENUM_KEY_VALUE(X25519, 0x001d) \
_ENUM_KEY_VALUE(X448, 0x001e) \
_ENUM_KEY_VALUE(BRAINPOOLP256R1TLS13, 0x001f) \
_ENUM_KEY_VALUE(BRAINPOOLP384R1TLS13, 0x0020) \
_ENUM_KEY_VALUE(BRAINPOOLP512R1TLS13, 0x0021) \
_ENUM_KEY_VALUE(GC256A, 0x0022) \
_ENUM_KEY_VALUE(GC256B, 0x0023) \
_ENUM_KEY_VALUE(GC256C, 0x0024) \
_ENUM_KEY_VALUE(GC256D, 0x0025) \
_ENUM_KEY_VALUE(GC512A, 0x0026) \
_ENUM_KEY_VALUE(GC512B, 0x0027) \
_ENUM_KEY_VALUE(GC512C, 0x0028) \
_ENUM_KEY_VALUE(CURVESM2, 0x0029) \
_ENUM_KEY_VALUE(FFDHE2048, 0x0100) \
_ENUM_KEY_VALUE(FFDHE3072, 0x0101) \
_ENUM_KEY_VALUE(FFDHE4096, 0x0102) \
_ENUM_KEY_VALUE(FFDHE6144, 0x0103) \
_ENUM_KEY_VALUE(FFDHE8192, 0x0104) \
_ENUM_KEY_VALUE(ARBITRARY_EXPLICIT_PRIME_CURVES, 0xff01) \
_ENUM_KEY_VALUE(ARBITRARY_EXPLICIT_CHAR2_CURVES, 0xff02) \
_ENUM_KEY_VALUE(GREASE_0, 0x0A0A) \
_ENUM_KEY_VALUE(GREASE_1, 0x1A1A) \
_ENUM_KEY_VALUE(GREASE_2, 0x2A2A) \
_ENUM_KEY_VALUE(GREASE_3, 0x3A3A) \
_ENUM_KEY_VALUE(GREASE_4, 0x4A4A) \
_ENUM_KEY_VALUE(GREASE_5, 0x5A5A) \
_ENUM_KEY_VALUE(GREASE_6, 0x6A6A) \
_ENUM_KEY_VALUE(GREASE_7, 0x7A7A) \
_ENUM_KEY_VALUE(GREASE_8, 0x8A8A) \
_ENUM_KEY_VALUE(GREASE_9, 0x9A9A) \
_ENUM_KEY_VALUE(GREASE_A, 0xAAAA) \
_ENUM_KEY_VALUE(GREASE_B, 0xBABA) \
_ENUM_KEY_VALUE(GREASE_C, 0xCACA) \
_ENUM_KEY_VALUE(GREASE_D, 0xDADA) \
_ENUM_KEY_VALUE(GREASE_E, 0xEAEA) \
_ENUM_KEY_VALUE(GREASE_F, 0xFAFA)
enum class SupportedGroup : u16 {
__ENUM_SUPPORTED_GROUPS
};
#undef _ENUM_KEY
#undef _ENUM_KEY_VALUE

View file

@ -301,18 +301,18 @@ ssize_t TLSv12::handle_ecdhe_rsa_server_key_exchange(ReadonlyBytes buffer)
if (curve_type != (u8)ECCurveType::NAMED_CURVE)
return (i8)Error::NotUnderstood;
auto curve = static_cast<NamedCurve>(AK::convert_between_host_and_network_endian(ByteReader::load16(buffer.offset_pointer(4))));
auto curve = static_cast<SupportedGroup>(AK::convert_between_host_and_network_endian(ByteReader::load16(buffer.offset_pointer(4))));
if (!m_context.options.elliptic_curves.contains_slow(curve))
return (i8)Error::NotUnderstood;
switch ((NamedCurve)curve) {
case NamedCurve::x25519:
switch ((SupportedGroup)curve) {
case SupportedGroup::X25519:
m_context.server_key_exchange_curve = make<Crypto::Curves::X25519>();
break;
case NamedCurve::x448:
case SupportedGroup::X448:
m_context.server_key_exchange_curve = make<Crypto::Curves::X448>();
break;
case NamedCurve::secp256r1:
case SupportedGroup::SECP256R1:
m_context.server_key_exchange_curve = make<Crypto::Curves::SECP256r1>();
break;
default:

View file

@ -211,10 +211,10 @@ struct Options {
{ HashAlgorithm::SHA384, SignatureAlgorithm::RSA },
{ HashAlgorithm::SHA256, SignatureAlgorithm::RSA },
{ HashAlgorithm::SHA1, SignatureAlgorithm::RSA });
OPTION_WITH_DEFAULTS(Vector<NamedCurve>, elliptic_curves,
NamedCurve::x25519,
NamedCurve::secp256r1,
NamedCurve::x448)
OPTION_WITH_DEFAULTS(Vector<SupportedGroup>, elliptic_curves,
SupportedGroup::X25519,
SupportedGroup::SECP256R1,
SupportedGroup::X448)
OPTION_WITH_DEFAULTS(Vector<ECPointFormat>, supported_ec_point_formats, ECPointFormat::Uncompressed)
OPTION_WITH_DEFAULTS(bool, use_sni, true)