Skip to content

Commit

Permalink
introduce TLS 1.3 specific code points for brainpool (RFC 8734)
Browse files Browse the repository at this point in the history
  • Loading branch information
@reneme
reneme committed Nov 17, 2023
1 parent 056220e commit 837453c
Show file tree
Hide file tree
Showing 10 changed files with 48 additions and 9 deletions.
26 changes: 26 additions & 0 deletions src/lib/tls/tls_algos.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -153,6 +153,15 @@ std::optional<Group_Params> Group_Params::from_string(std::string_view group_nam
if(group_name == "brainpool512r1") {
return Group_Params::BRAINPOOL512R1;
}
if(group_name == "brainpool256r1tls13") {
return Group_Params::BRAINPOOL256R1_TLS13;
}
if(group_name == "brainpool384r1tls13") {
return Group_Params::BRAINPOOL384R1_TLS13;
}
if(group_name == "brainpool512r1tls13") {
return Group_Params::BRAINPOOL512R1_TLS13;
}
if(group_name == "x25519") {
return Group_Params::X25519;
}
Expand Down Expand Up @@ -224,6 +233,12 @@ std::optional<std::string> Group_Params::to_string() const {
return "brainpool384r1";
case Group_Params::BRAINPOOL512R1:
return "brainpool512r1";
case Group_Params::BRAINPOOL256R1_TLS13:
return "brainpool256r1tls13";
case Group_Params::BRAINPOOL384R1_TLS13:
return "brainpool384r1tls13";
case Group_Params::BRAINPOOL512R1_TLS13:
return "brainpool512r1tls13";
case Group_Params::X25519:
return "x25519";

Expand Down Expand Up @@ -269,6 +284,17 @@ std::optional<std::string> Group_Params::to_string() const {

std::optional<std::string> Group_Params::to_algorithm_spec() const {
switch(m_code) {
// Brainpool curves have two sets of code points. See RFCs 7027 and 8734.
case Group_Params::BRAINPOOL256R1:
case Group_Params::BRAINPOOL256R1_TLS13:
return "brainpool256r1";
case Group_Params::BRAINPOOL384R1:
case Group_Params::BRAINPOOL384R1_TLS13:
return "brainpool384r1";
case Group_Params::BRAINPOOL512R1:
case Group_Params::BRAINPOOL512R1_TLS13:
return "brainpool512r1";

default:
return to_string();
}
Expand Down
11 changes: 10 additions & 1 deletion src/lib/tls/tls_algos.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -91,6 +91,13 @@ enum class Group_Params_Code : uint16_t {

X25519 = 29,

// The original brainpool code points (see above) were deprecated by IETF
// and should therefore not be used in TLS 1.3 and above.
// RFC 8734 re-introduced them for TLS 1.3, as new code points. -.-
BRAINPOOL256R1_TLS13 = 31,
BRAINPOOL384R1_TLS13 = 32,
BRAINPOOL512R1_TLS13 = 33,

FFDHE_2048 = 256,
FFDHE_3072 = 257,
FFDHE_4096 = 258,
Expand Down Expand Up @@ -151,7 +158,9 @@ class BOTAN_PUBLIC_API(3, 2) Group_Params final {
constexpr bool is_ecdh_named_curve() const {
return m_code == Group_Params_Code::SECP256R1 || m_code == Group_Params_Code::SECP384R1 ||
m_code == Group_Params_Code::SECP521R1 || m_code == Group_Params_Code::BRAINPOOL256R1 ||
m_code == Group_Params_Code::BRAINPOOL384R1 || m_code == Group_Params_Code::BRAINPOOL512R1;
m_code == Group_Params_Code::BRAINPOOL384R1 || m_code == Group_Params_Code::BRAINPOOL512R1 ||
m_code == Group_Params_Code::BRAINPOOL256R1_TLS13 ||
m_code == Group_Params_Code::BRAINPOOL384R1_TLS13 || m_code == Group_Params_Code::BRAINPOOL512R1_TLS13;
}

constexpr bool is_in_ffdhe_range() const {
Expand Down
5 changes: 3 additions & 2 deletions src/lib/tls/tls_policy.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -162,8 +162,9 @@ std::vector<Group_Params> Policy::key_exchange_groups() const {
Group_Params::X25519,
#endif

Group_Params::SECP256R1, Group_Params::BRAINPOOL256R1, Group_Params::SECP384R1, Group_Params::BRAINPOOL384R1,
Group_Params::SECP521R1, Group_Params::BRAINPOOL512R1,
Group_Params::SECP256R1, Group_Params::BRAINPOOL256R1, Group_Params::BRAINPOOL256R1_TLS13,
Group_Params::SECP384R1, Group_Params::BRAINPOOL384R1, Group_Params::BRAINPOOL384R1_TLS13,
Group_Params::SECP521R1, Group_Params::BRAINPOOL512R1, Group_Params::BRAINPOOL512R1_TLS13,

Group_Params::FFDHE_2048, Group_Params::FFDHE_3072, Group_Params::FFDHE_4096, Group_Params::FFDHE_6144,
Group_Params::FFDHE_8192,
Expand Down
3 changes: 3 additions & 0 deletions src/lib/tls/tls_policy.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -561,8 +561,11 @@ class BOTAN_PUBLIC_API(2, 0) BSI_TR_02102_2 : public Policy {

std::vector<Group_Params> key_exchange_groups() const override {
return std::vector<Group_Params>({Group_Params::BRAINPOOL512R1,
Group_Params::BRAINPOOL512R1_TLS13,
Group_Params::BRAINPOOL384R1,
Group_Params::BRAINPOOL384R1_TLS13,
Group_Params::BRAINPOOL256R1,
Group_Params::BRAINPOOL256R1_TLS13,
Group_Params::SECP521R1,
Group_Params::SECP384R1,
Group_Params::SECP256R1,
Expand Down
2 changes: 1 addition & 1 deletion src/tests/data/tls-policy/bsi.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ signature_hashes = SHA-512 SHA-384 SHA-256
macs = AEAD SHA-384 SHA-256
key_exchange_methods = ECDH DH ECDHE_PSK
signature_methods = ECDSA RSA DSA
key_exchange_groups = brainpool512r1 brainpool384r1 brainpool256r1 secp521r1 secp384r1 secp256r1 ffdhe/ietf/4096 ffdhe/ietf/3072
key_exchange_groups = brainpool512r1 brainpool512r1tls13 brainpool384r1 brainpool384r1tls13 brainpool256r1 brainpool256r1tls13 secp521r1 secp384r1 secp256r1 ffdhe/ietf/4096 ffdhe/ietf/3072
minimum_signature_strength = 120
minimum_dh_group_size = 3000
minimum_dsa_group_size = 3000
Expand Down
2 changes: 1 addition & 1 deletion src/tests/data/tls-policy/datagram.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ macs = AEAD
signature_hashes = SHA-512 SHA-384 SHA-256
signature_methods = ECDSA RSA
key_exchange_methods = ECDH DH
key_exchange_groups = x25519 secp256r1 brainpool256r1 secp384r1 brainpool384r1 secp521r1 brainpool512r1 ffdhe/ietf/2048 ffdhe/ietf/3072 ffdhe/ietf/4096 ffdhe/ietf/6144 ffdhe/ietf/8192
key_exchange_groups = x25519 secp256r1 brainpool256r1 brainpool256r1tls13 secp384r1 brainpool384r1 brainpool384r1tls13 secp521r1 brainpool512r1 brainpool512r1tls13 ffdhe/ietf/2048 ffdhe/ietf/3072 ffdhe/ietf/4096 ffdhe/ietf/6144 ffdhe/ietf/8192
allow_insecure_renegotiation = false
include_time_in_hello_random = true
allow_server_initiated_renegotiation = false
Expand Down
2 changes: 1 addition & 1 deletion src/tests/data/tls-policy/default.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ macs = AEAD SHA-256 SHA-384 SHA-1
signature_hashes = SHA-512 SHA-384 SHA-256
signature_methods = ECDSA RSA
key_exchange_methods = ECDH DH
key_exchange_groups = x25519 secp256r1 brainpool256r1 secp384r1 brainpool384r1 secp521r1 brainpool512r1 ffdhe/ietf/2048 ffdhe/ietf/3072 ffdhe/ietf/4096 ffdhe/ietf/6144 ffdhe/ietf/8192
key_exchange_groups = x25519 secp256r1 brainpool256r1 brainpool256r1tls13 secp384r1 brainpool384r1 brainpool384r1tls13 secp521r1 brainpool512r1 brainpool512r1tls13 ffdhe/ietf/2048 ffdhe/ietf/3072 ffdhe/ietf/4096 ffdhe/ietf/6144 ffdhe/ietf/8192
allow_insecure_renegotiation = false
include_time_in_hello_random = true
allow_server_initiated_renegotiation = false
Expand Down
2 changes: 1 addition & 1 deletion src/tests/data/tls-policy/default_tls13.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ macs = AEAD SHA-256 SHA-384 SHA-1
signature_hashes = SHA-512 SHA-384 SHA-256
signature_methods = ECDSA RSA
key_exchange_methods = ECDH DH
key_exchange_groups = x25519 secp256r1 brainpool256r1 secp384r1 brainpool384r1 secp521r1 brainpool512r1 ffdhe/ietf/2048 ffdhe/ietf/3072 ffdhe/ietf/4096 ffdhe/ietf/6144 ffdhe/ietf/8192
key_exchange_groups = x25519 secp256r1 brainpool256r1 brainpool256r1tls13 secp384r1 brainpool384r1 brainpool384r1tls13 secp521r1 brainpool512r1 brainpool512r1tls13 ffdhe/ietf/2048 ffdhe/ietf/3072 ffdhe/ietf/4096 ffdhe/ietf/6144 ffdhe/ietf/8192
allow_insecure_renegotiation = false
include_time_in_hello_random = true
allow_server_initiated_renegotiation = false
Expand Down
2 changes: 1 addition & 1 deletion src/tests/data/tls-policy/strict.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ macs = AEAD
signature_hashes = SHA-512 SHA-384
signature_methods = ECDSA RSA
key_exchange_methods = ECDH
key_exchange_groups = x25519 secp256r1 brainpool256r1 secp384r1 brainpool384r1 secp521r1 brainpool512r1 ffdhe/ietf/2048 ffdhe/ietf/3072 ffdhe/ietf/4096 ffdhe/ietf/6144 ffdhe/ietf/8192
key_exchange_groups = x25519 secp256r1 brainpool256r1 brainpool256r1tls13 secp384r1 brainpool384r1 brainpool384r1tls13 secp521r1 brainpool512r1 brainpool512r1tls13 ffdhe/ietf/2048 ffdhe/ietf/3072 ffdhe/ietf/4096 ffdhe/ietf/6144 ffdhe/ietf/8192
allow_insecure_renegotiation = false
include_time_in_hello_random = true
allow_server_initiated_renegotiation = false
Expand Down
2 changes: 1 addition & 1 deletion src/tests/data/tls-policy/strict_tls13.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ macs = AEAD
signature_hashes = SHA-512 SHA-384
signature_methods = ECDSA RSA
key_exchange_methods = ECDH
key_exchange_groups = x25519 secp256r1 brainpool256r1 secp384r1 brainpool384r1 secp521r1 brainpool512r1 ffdhe/ietf/2048 ffdhe/ietf/3072 ffdhe/ietf/4096 ffdhe/ietf/6144 ffdhe/ietf/8192
key_exchange_groups = x25519 secp256r1 brainpool256r1 brainpool256r1tls13 secp384r1 brainpool384r1 brainpool384r1tls13 secp521r1 brainpool512r1 brainpool512r1tls13 ffdhe/ietf/2048 ffdhe/ietf/3072 ffdhe/ietf/4096 ffdhe/ietf/6144 ffdhe/ietf/8192
allow_insecure_renegotiation = false
include_time_in_hello_random = true
allow_server_initiated_renegotiation = false
Expand Down

0 comments on commit 837453c

Please sign in to comment.