rustls/enums.rs
1#![allow(non_camel_case_types)]
2#![allow(missing_docs)]
3use crate::msgs::codec::{Codec, Reader};
4use crate::msgs::enums::HashAlgorithm;
5
6enum_builder! {
7 /// The `AlertDescription` TLS protocol enum. Values in this enum are taken
8 /// from the various RFCs covering TLS, and are listed by IANA.
9 /// The `Unknown` item is used when processing unrecognised ordinals.
10 #[repr(u8)]
11 pub enum AlertDescription {
12 CloseNotify => 0x00,
13 UnexpectedMessage => 0x0a,
14 BadRecordMac => 0x14,
15 DecryptionFailed => 0x15,
16 RecordOverflow => 0x16,
17 DecompressionFailure => 0x1e,
18 HandshakeFailure => 0x28,
19 NoCertificate => 0x29,
20 BadCertificate => 0x2a,
21 UnsupportedCertificate => 0x2b,
22 CertificateRevoked => 0x2c,
23 CertificateExpired => 0x2d,
24 CertificateUnknown => 0x2e,
25 IllegalParameter => 0x2f,
26 UnknownCa => 0x30,
27 AccessDenied => 0x31,
28 DecodeError => 0x32,
29 DecryptError => 0x33,
30 ExportRestriction => 0x3c,
31 ProtocolVersion => 0x46,
32 InsufficientSecurity => 0x47,
33 InternalError => 0x50,
34 InappropriateFallback => 0x56,
35 UserCanceled => 0x5a,
36 NoRenegotiation => 0x64,
37 MissingExtension => 0x6d,
38 UnsupportedExtension => 0x6e,
39 CertificateUnobtainable => 0x6f,
40 UnrecognizedName => 0x70,
41 BadCertificateStatusResponse => 0x71,
42 BadCertificateHashValue => 0x72,
43 UnknownPskIdentity => 0x73,
44 CertificateRequired => 0x74,
45 NoApplicationProtocol => 0x78,
46 EncryptedClientHelloRequired => 0x79, // https://datatracker.ietf.org/doc/html/draft-ietf-tls-esni-18#section-11.2
47 }
48}
49
50impl core::fmt::Display for AlertDescription {
51 fn fmt(&self, f: &mut core::fmt::Formatter<'_>) -> core::fmt::Result {
52 // these should be:
53 // - in past tense
54 // - be syntactically correct if prefaced with 'the peer' to describe
55 // received alerts
56 match self {
57 // this is normal.
58 Self::CloseNotify => write!(f, "cleanly closed the connection"),
59
60 // these are abnormal. they are usually symptomatic of an interop failure.
61 // please file a bug report.
62 Self::UnexpectedMessage => write!(f, "received an unexpected message"),
63 Self::BadRecordMac => write!(f, "failed to verify a message"),
64 Self::RecordOverflow => write!(f, "rejected an over-length message"),
65 Self::IllegalParameter => write!(
66 f,
67 "rejected a message because a field was incorrect or inconsistent"
68 ),
69 Self::DecodeError => write!(f, "failed to decode a message"),
70 Self::DecryptError => {
71 write!(f, "failed to perform a handshake cryptographic operation")
72 }
73 Self::InappropriateFallback => {
74 write!(f, "detected an attempted version downgrade")
75 }
76 Self::MissingExtension => {
77 write!(f, "required a specific extension that was not provided")
78 }
79 Self::UnsupportedExtension => write!(f, "rejected an unsolicited extension"),
80
81 // these are deprecated by TLS1.3 and should be very rare (but possible
82 // with TLS1.2 or earlier peers)
83 Self::DecryptionFailed => write!(f, "failed to decrypt a message"),
84 Self::DecompressionFailure => write!(f, "failed to decompress a message"),
85 Self::NoCertificate => write!(f, "found no certificate"),
86 Self::ExportRestriction => write!(f, "refused due to export restrictions"),
87 Self::NoRenegotiation => write!(f, "rejected an attempt at renegotiation"),
88 Self::CertificateUnobtainable => {
89 write!(f, "failed to retrieve its certificate")
90 }
91 Self::BadCertificateHashValue => {
92 write!(f, "rejected the `certificate_hash` extension")
93 }
94
95 // this is fairly normal. it means a server cannot choose compatible parameters
96 // given our offer. please use ssllabs.com or similar to investigate what parameters
97 // the server supports.
98 Self::HandshakeFailure => write!(
99 f,
100 "failed to negotiate an acceptable set of security parameters"
101 ),
102 Self::ProtocolVersion => write!(f, "did not support a suitable TLS version"),
103 Self::InsufficientSecurity => {
104 write!(f, "required a higher security level than was offered")
105 }
106
107 // these usually indicate a local misconfiguration, either in certificate selection
108 // or issuance.
109 Self::BadCertificate => {
110 write!(
111 f,
112 "rejected the certificate as corrupt or incorrectly signed"
113 )
114 }
115 Self::UnsupportedCertificate => {
116 write!(f, "did not support the certificate")
117 }
118 Self::CertificateRevoked => write!(f, "found the certificate to be revoked"),
119 Self::CertificateExpired => write!(f, "found the certificate to be expired"),
120 Self::CertificateUnknown => {
121 write!(f, "rejected the certificate for an unspecified reason")
122 }
123 Self::UnknownCa => write!(f, "found the certificate was not issued by a trusted CA"),
124 Self::BadCertificateStatusResponse => {
125 write!(f, "rejected the certificate status response")
126 }
127 // typically this means client authentication is required, in TLS1.2...
128 Self::AccessDenied => write!(f, "denied access"),
129 // and in TLS1.3...
130 Self::CertificateRequired => write!(f, "required a client certificate"),
131
132 Self::InternalError => write!(f, "encountered an internal error"),
133 Self::UserCanceled => write!(f, "canceled the handshake"),
134
135 // rejection of SNI (uncommon; usually servers behave as if it was not sent)
136 Self::UnrecognizedName => {
137 write!(f, "did not recognize a name in the `server_name` extension")
138 }
139
140 // rejection of PSK connections (NYI in this library); indicates a local
141 // misconfiguration.
142 Self::UnknownPskIdentity => {
143 write!(f, "did not recognize any offered PSK identity")
144 }
145
146 // rejection of ALPN (varying levels of support, but missing support is
147 // often dangerous if the peers fail to agree on the same protocol)
148 Self::NoApplicationProtocol => write!(
149 f,
150 "did not support any of the offered application protocols"
151 ),
152
153 // ECH requirement by clients, see
154 // <https://datatracker.ietf.org/doc/draft-ietf-tls-esni/25/>
155 Self::EncryptedClientHelloRequired => {
156 write!(f, "required use of encrypted client hello")
157 }
158
159 Self::Unknown(n) => write!(f, "sent an unknown alert (0x{n:02x?})"),
160 }
161 }
162}
163
164enum_builder! {
165 /// The `HandshakeType` TLS protocol enum. Values in this enum are taken
166 /// from the various RFCs covering TLS, and are listed by IANA.
167 /// The `Unknown` item is used when processing unrecognised ordinals.
168 #[repr(u8)]
169 pub enum HandshakeType {
170 HelloRequest => 0x00,
171 ClientHello => 0x01,
172 ServerHello => 0x02,
173 HelloVerifyRequest => 0x03,
174 NewSessionTicket => 0x04,
175 EndOfEarlyData => 0x05,
176 HelloRetryRequest => 0x06,
177 EncryptedExtensions => 0x08,
178 Certificate => 0x0b,
179 ServerKeyExchange => 0x0c,
180 CertificateRequest => 0x0d,
181 ServerHelloDone => 0x0e,
182 CertificateVerify => 0x0f,
183 ClientKeyExchange => 0x10,
184 Finished => 0x14,
185 CertificateURL => 0x15,
186 CertificateStatus => 0x16,
187 KeyUpdate => 0x18,
188 CompressedCertificate => 0x19,
189 MessageHash => 0xfe,
190 }
191}
192
193enum_builder! {
194 /// The `ContentType` TLS protocol enum. Values in this enum are taken
195 /// from the various RFCs covering TLS, and are listed by IANA.
196 /// The `Unknown` item is used when processing unrecognised ordinals.
197 #[repr(u8)]
198 pub enum ContentType {
199 ChangeCipherSpec => 0x14,
200 Alert => 0x15,
201 Handshake => 0x16,
202 ApplicationData => 0x17,
203 Heartbeat => 0x18,
204 }
205}
206
207enum_builder! {
208 /// The `ProtocolVersion` TLS protocol enum. Values in this enum are taken
209 /// from the various RFCs covering TLS, and are listed by IANA.
210 /// The `Unknown` item is used when processing unrecognised ordinals.
211 #[repr(u16)]
212 pub enum ProtocolVersion {
213 SSLv2 => 0x0002,
214 SSLv3 => 0x0300,
215 TLSv1_0 => 0x0301,
216 TLSv1_1 => 0x0302,
217 TLSv1_2 => 0x0303,
218 TLSv1_3 => 0x0304,
219 DTLSv1_0 => 0xFEFF,
220 DTLSv1_2 => 0xFEFD,
221 DTLSv1_3 => 0xFEFC,
222 }
223}
224
225enum_builder! {
226 /// The `CipherSuite` TLS protocol enum. Values in this enum are taken
227 /// from the various RFCs covering TLS, and are listed by IANA.
228 /// The `Unknown` item is used when processing unrecognised ordinals.
229 #[repr(u16)]
230 pub enum CipherSuite {
231 /// The `TLS_DHE_RSA_WITH_AES_128_GCM_SHA256` cipher suite. Recommended=Y. Defined in
232 /// <https://www.iana.org/go/rfc5288>
233 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 => 0x009e,
234
235 /// The `TLS_DHE_RSA_WITH_AES_256_GCM_SHA384` cipher suite. Recommended=Y. Defined in
236 /// <https://www.iana.org/go/rfc5288>
237 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 => 0x009f,
238
239 /// The `TLS_DHE_PSK_WITH_AES_128_GCM_SHA256` cipher suite. Recommended=Y. Defined in
240 /// <https://www.iana.org/go/rfc5487>
241 TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 => 0x00aa,
242
243 /// The `TLS_DHE_PSK_WITH_AES_256_GCM_SHA384` cipher suite. Recommended=Y. Defined in
244 /// <https://www.iana.org/go/rfc5487>
245 TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 => 0x00ab,
246
247 /// The `TLS_AES_128_GCM_SHA256` cipher suite. Recommended=Y. Defined in
248 /// <https://www.iana.org/go/rfc8446>
249 TLS13_AES_128_GCM_SHA256 => 0x1301,
250
251 /// The `TLS_AES_256_GCM_SHA384` cipher suite. Recommended=Y. Defined in
252 /// <https://www.iana.org/go/rfc8446>
253 TLS13_AES_256_GCM_SHA384 => 0x1302,
254
255 /// The `TLS_CHACHA20_POLY1305_SHA256` cipher suite. Recommended=Y. Defined in
256 /// <https://www.iana.org/go/rfc8446>
257 TLS13_CHACHA20_POLY1305_SHA256 => 0x1303,
258
259 /// The `TLS_AES_128_CCM_SHA256` cipher suite. Recommended=Y. Defined in
260 /// <https://www.iana.org/go/rfc8446>
261 TLS13_AES_128_CCM_SHA256 => 0x1304,
262
263 /// The `TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256` cipher suite. Recommended=Y. Defined in
264 /// <https://www.iana.org/go/rfc5289>
265 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 => 0xc02b,
266
267 /// The `TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384` cipher suite. Recommended=Y. Defined in
268 /// <https://www.iana.org/go/rfc5289>
269 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 => 0xc02c,
270
271 /// The `TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256` cipher suite. Recommended=Y. Defined in
272 /// <https://www.iana.org/go/rfc5289>
273 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 => 0xc02f,
274
275 /// The `TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384` cipher suite. Recommended=Y. Defined in
276 /// <https://www.iana.org/go/rfc5289>
277 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 => 0xc030,
278
279 /// The `TLS_DHE_RSA_WITH_AES_128_CCM` cipher suite. Recommended=Y. Defined in
280 /// <https://www.iana.org/go/rfc6655>
281 TLS_DHE_RSA_WITH_AES_128_CCM => 0xc09e,
282
283 /// The `TLS_DHE_RSA_WITH_AES_256_CCM` cipher suite. Recommended=Y. Defined in
284 /// <https://www.iana.org/go/rfc6655>
285 TLS_DHE_RSA_WITH_AES_256_CCM => 0xc09f,
286
287 /// The `TLS_DHE_PSK_WITH_AES_128_CCM` cipher suite. Recommended=Y. Defined in
288 /// <https://www.iana.org/go/rfc6655>
289 TLS_DHE_PSK_WITH_AES_128_CCM => 0xc0a6,
290
291 /// The `TLS_DHE_PSK_WITH_AES_256_CCM` cipher suite. Recommended=Y. Defined in
292 /// <https://www.iana.org/go/rfc6655>
293 TLS_DHE_PSK_WITH_AES_256_CCM => 0xc0a7,
294
295 /// The `TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256` cipher suite. Recommended=Y. Defined in
296 /// <https://www.iana.org/go/rfc7905>
297 TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 => 0xcca8,
298
299 /// The `TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256` cipher suite. Recommended=Y. Defined in
300 /// <https://www.iana.org/go/rfc7905>
301 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 => 0xcca9,
302
303 /// The `TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256` cipher suite. Recommended=Y. Defined in
304 /// <https://www.iana.org/go/rfc7905>
305 TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 => 0xccaa,
306
307 /// The `TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256` cipher suite. Recommended=Y. Defined in
308 /// <https://www.iana.org/go/rfc7905>
309 TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 => 0xccac,
310
311 /// The `TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256` cipher suite. Recommended=Y. Defined in
312 /// <https://www.iana.org/go/rfc7905>
313 TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256 => 0xccad,
314
315 /// The `TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256` cipher suite. Recommended=Y. Defined in
316 /// <https://www.iana.org/go/rfc8442>
317 TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256 => 0xd001,
318
319 /// The `TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384` cipher suite. Recommended=Y. Defined in
320 /// <https://www.iana.org/go/rfc8442>
321 TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384 => 0xd002,
322
323 /// The `TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256` cipher suite. Recommended=Y. Defined in
324 /// <https://www.iana.org/go/rfc8442>
325 TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256 => 0xd005,
326
327 !Debug:
328 /// The `TLS_RSA_WITH_AES_128_CBC_SHA` cipher suite. Recommended=N. Defined in
329 /// <https://www.iana.org/go/rfc5246>
330 TLS_RSA_WITH_AES_128_CBC_SHA => 0x002f,
331
332 /// The `TLS_DHE_RSA_WITH_AES_128_CBC_SHA` cipher suite. Recommended=N. Defined in
333 /// <https://www.iana.org/go/rfc5246>
334 TLS_DHE_RSA_WITH_AES_128_CBC_SHA => 0x0033,
335
336 /// The `TLS_RSA_WITH_AES_256_CBC_SHA` cipher suite. Recommended=N. Defined in
337 /// <https://www.iana.org/go/rfc5246>
338 TLS_RSA_WITH_AES_256_CBC_SHA => 0x0035,
339
340 /// The `TLS_DHE_RSA_WITH_AES_256_CBC_SHA` cipher suite. Recommended=N. Defined in
341 /// <https://www.iana.org/go/rfc5246>
342 TLS_DHE_RSA_WITH_AES_256_CBC_SHA => 0x0039,
343
344 /// The `TLS_RSA_WITH_AES_128_CBC_SHA256` cipher suite. Recommended=N. Defined in
345 /// <https://www.iana.org/go/rfc5246>
346 TLS_RSA_WITH_AES_128_CBC_SHA256 => 0x003c,
347
348 /// The `TLS_RSA_WITH_AES_256_CBC_SHA256` cipher suite. Recommended=N. Defined in
349 /// <https://www.iana.org/go/rfc5246>
350 TLS_RSA_WITH_AES_256_CBC_SHA256 => 0x003d,
351
352 /// The `TLS_DHE_RSA_WITH_AES_128_CBC_SHA256` cipher suite. Recommended=N. Defined in
353 /// <https://www.iana.org/go/rfc5246>
354 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 => 0x0067,
355
356 /// The `TLS_DHE_RSA_WITH_AES_256_CBC_SHA256` cipher suite. Recommended=N. Defined in
357 /// <https://www.iana.org/go/rfc5246>
358 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 => 0x006b,
359
360 /// The `TLS_PSK_WITH_AES_128_CBC_SHA` cipher suite. Recommended=N. Defined in
361 /// <https://www.iana.org/go/rfc4279>
362 TLS_PSK_WITH_AES_128_CBC_SHA => 0x008c,
363
364 /// The `TLS_PSK_WITH_AES_256_CBC_SHA` cipher suite. Recommended=N. Defined in
365 /// <https://www.iana.org/go/rfc4279>
366 TLS_PSK_WITH_AES_256_CBC_SHA => 0x008d,
367
368 /// The `TLS_DHE_PSK_WITH_AES_128_CBC_SHA` cipher suite. Recommended=N. Defined in
369 /// <https://www.iana.org/go/rfc4279>
370 TLS_DHE_PSK_WITH_AES_128_CBC_SHA => 0x0090,
371
372 /// The `TLS_DHE_PSK_WITH_AES_256_CBC_SHA` cipher suite. Recommended=N. Defined in
373 /// <https://www.iana.org/go/rfc4279>
374 TLS_DHE_PSK_WITH_AES_256_CBC_SHA => 0x0091,
375
376 /// The `TLS_RSA_PSK_WITH_AES_128_CBC_SHA` cipher suite. Recommended=N. Defined in
377 /// <https://www.iana.org/go/rfc4279>
378 TLS_RSA_PSK_WITH_AES_128_CBC_SHA => 0x0094,
379
380 /// The `TLS_RSA_PSK_WITH_AES_256_CBC_SHA` cipher suite. Recommended=N. Defined in
381 /// <https://www.iana.org/go/rfc4279>
382 TLS_RSA_PSK_WITH_AES_256_CBC_SHA => 0x0095,
383
384 /// The `TLS_RSA_WITH_AES_128_GCM_SHA256` cipher suite. Recommended=N. Defined in
385 /// <https://www.iana.org/go/rfc5288>
386 TLS_RSA_WITH_AES_128_GCM_SHA256 => 0x009c,
387
388 /// The `TLS_RSA_WITH_AES_256_GCM_SHA384` cipher suite. Recommended=N. Defined in
389 /// <https://www.iana.org/go/rfc5288>
390 TLS_RSA_WITH_AES_256_GCM_SHA384 => 0x009d,
391
392 /// The `TLS_PSK_WITH_AES_128_GCM_SHA256` cipher suite. Recommended=N. Defined in
393 /// <https://www.iana.org/go/rfc5487>
394 TLS_PSK_WITH_AES_128_GCM_SHA256 => 0x00a8,
395
396 /// The `TLS_PSK_WITH_AES_256_GCM_SHA384` cipher suite. Recommended=N. Defined in
397 /// <https://www.iana.org/go/rfc5487>
398 TLS_PSK_WITH_AES_256_GCM_SHA384 => 0x00a9,
399
400 /// The `TLS_RSA_PSK_WITH_AES_128_GCM_SHA256` cipher suite. Recommended=N. Defined in
401 /// <https://www.iana.org/go/rfc5487>
402 TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 => 0x00ac,
403
404 /// The `TLS_RSA_PSK_WITH_AES_256_GCM_SHA384` cipher suite. Recommended=N. Defined in
405 /// <https://www.iana.org/go/rfc5487>
406 TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 => 0x00ad,
407
408 /// The `TLS_PSK_WITH_AES_128_CBC_SHA256` cipher suite. Recommended=N. Defined in
409 /// <https://www.iana.org/go/rfc5487>
410 TLS_PSK_WITH_AES_128_CBC_SHA256 => 0x00ae,
411
412 /// The `TLS_PSK_WITH_AES_256_CBC_SHA384` cipher suite. Recommended=N. Defined in
413 /// <https://www.iana.org/go/rfc5487>
414 TLS_PSK_WITH_AES_256_CBC_SHA384 => 0x00af,
415
416 /// The `TLS_DHE_PSK_WITH_AES_128_CBC_SHA256` cipher suite. Recommended=N. Defined in
417 /// <https://www.iana.org/go/rfc5487>
418 TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 => 0x00b2,
419
420 /// The `TLS_DHE_PSK_WITH_AES_256_CBC_SHA384` cipher suite. Recommended=N. Defined in
421 /// <https://www.iana.org/go/rfc5487>
422 TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 => 0x00b3,
423
424 /// The `TLS_RSA_PSK_WITH_AES_128_CBC_SHA256` cipher suite. Recommended=N. Defined in
425 /// <https://www.iana.org/go/rfc5487>
426 TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 => 0x00b6,
427
428 /// The `TLS_RSA_PSK_WITH_AES_256_CBC_SHA384` cipher suite. Recommended=N. Defined in
429 /// <https://www.iana.org/go/rfc5487>
430 TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 => 0x00b7,
431
432 /// The `TLS_EMPTY_RENEGOTIATION_INFO_SCSV` cipher suite. Recommended=N. Defined in
433 /// <https://www.iana.org/go/rfc5746>
434 TLS_EMPTY_RENEGOTIATION_INFO_SCSV => 0x00ff,
435
436 /// The `TLS_AES_128_CCM_8_SHA256` cipher suite. Recommended=N. Defined in
437 /// <https://www.iana.org/go/rfc8446>
438 TLS13_AES_128_CCM_8_SHA256 => 0x1305,
439
440 /// The `TLS_FALLBACK_SCSV` cipher suite. Recommended=N. Defined in
441 /// <https://www.iana.org/go/rfc7507>
442 TLS_FALLBACK_SCSV => 0x5600,
443
444 /// The `TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA` cipher suite. Recommended=N. Defined in
445 /// <https://www.iana.org/go/rfc8422>
446 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA => 0xc009,
447
448 /// The `TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA` cipher suite. Recommended=N. Defined in
449 /// <https://www.iana.org/go/rfc8422>
450 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA => 0xc00a,
451
452 /// The `TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA` cipher suite. Recommended=N. Defined in
453 /// <https://www.iana.org/go/rfc8422>
454 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA => 0xc013,
455
456 /// The `TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA` cipher suite. Recommended=N. Defined in
457 /// <https://www.iana.org/go/rfc8422>
458 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA => 0xc014,
459
460 /// The `TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256` cipher suite. Recommended=N. Defined in
461 /// <https://www.iana.org/go/rfc5289>
462 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 => 0xc023,
463
464 /// The `TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384` cipher suite. Recommended=N. Defined in
465 /// <https://www.iana.org/go/rfc5289>
466 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 => 0xc024,
467
468 /// The `TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256` cipher suite. Recommended=N. Defined in
469 /// <https://www.iana.org/go/rfc5289>
470 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 => 0xc027,
471
472 /// The `TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384` cipher suite. Recommended=N. Defined in
473 /// <https://www.iana.org/go/rfc5289>
474 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 => 0xc028,
475
476 /// The `TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA` cipher suite. Recommended=N. Defined in
477 /// <https://www.iana.org/go/rfc5489>
478 TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA => 0xc035,
479
480 /// The `TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA` cipher suite. Recommended=N. Defined in
481 /// <https://www.iana.org/go/rfc5489>
482 TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA => 0xc036,
483
484 /// The `TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256` cipher suite. Recommended=N. Defined in
485 /// <https://www.iana.org/go/rfc5489>
486 TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 => 0xc037,
487
488 /// The `TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384` cipher suite. Recommended=N. Defined in
489 /// <https://www.iana.org/go/rfc5489>
490 TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 => 0xc038,
491
492 /// The `TLS_RSA_WITH_AES_128_CCM` cipher suite. Recommended=N. Defined in
493 /// <https://www.iana.org/go/rfc6655>
494 TLS_RSA_WITH_AES_128_CCM => 0xc09c,
495
496 /// The `TLS_RSA_WITH_AES_256_CCM` cipher suite. Recommended=N. Defined in
497 /// <https://www.iana.org/go/rfc6655>
498 TLS_RSA_WITH_AES_256_CCM => 0xc09d,
499
500 /// The `TLS_RSA_WITH_AES_128_CCM_8` cipher suite. Recommended=N. Defined in
501 /// <https://www.iana.org/go/rfc6655>
502 TLS_RSA_WITH_AES_128_CCM_8 => 0xc0a0,
503
504 /// The `TLS_RSA_WITH_AES_256_CCM_8` cipher suite. Recommended=N. Defined in
505 /// <https://www.iana.org/go/rfc6655>
506 TLS_RSA_WITH_AES_256_CCM_8 => 0xc0a1,
507
508 /// The `TLS_DHE_RSA_WITH_AES_128_CCM_8` cipher suite. Recommended=N. Defined in
509 /// <https://www.iana.org/go/rfc6655>
510 TLS_DHE_RSA_WITH_AES_128_CCM_8 => 0xc0a2,
511
512 /// The `TLS_DHE_RSA_WITH_AES_256_CCM_8` cipher suite. Recommended=N. Defined in
513 /// <https://www.iana.org/go/rfc6655>
514 TLS_DHE_RSA_WITH_AES_256_CCM_8 => 0xc0a3,
515
516 /// The `TLS_PSK_WITH_AES_128_CCM` cipher suite. Recommended=N. Defined in
517 /// <https://www.iana.org/go/rfc6655>
518 TLS_PSK_WITH_AES_128_CCM => 0xc0a4,
519
520 /// The `TLS_PSK_WITH_AES_256_CCM` cipher suite. Recommended=N. Defined in
521 /// <https://www.iana.org/go/rfc6655>
522 TLS_PSK_WITH_AES_256_CCM => 0xc0a5,
523
524 /// The `TLS_PSK_WITH_AES_128_CCM_8` cipher suite. Recommended=N. Defined in
525 /// <https://www.iana.org/go/rfc6655>
526 TLS_PSK_WITH_AES_128_CCM_8 => 0xc0a8,
527
528 /// The `TLS_PSK_WITH_AES_256_CCM_8` cipher suite. Recommended=N. Defined in
529 /// <https://www.iana.org/go/rfc6655>
530 TLS_PSK_WITH_AES_256_CCM_8 => 0xc0a9,
531
532 /// The `TLS_PSK_DHE_WITH_AES_128_CCM_8` cipher suite. Recommended=N. Defined in
533 /// <https://www.iana.org/go/rfc6655>
534 TLS_PSK_DHE_WITH_AES_128_CCM_8 => 0xc0aa,
535
536 /// The `TLS_PSK_DHE_WITH_AES_256_CCM_8` cipher suite. Recommended=N. Defined in
537 /// <https://www.iana.org/go/rfc6655>
538 TLS_PSK_DHE_WITH_AES_256_CCM_8 => 0xc0ab,
539
540 /// The `TLS_ECDHE_ECDSA_WITH_AES_128_CCM` cipher suite. Recommended=N. Defined in
541 /// <https://www.iana.org/go/rfc7251>
542 TLS_ECDHE_ECDSA_WITH_AES_128_CCM => 0xc0ac,
543
544 /// The `TLS_ECDHE_ECDSA_WITH_AES_256_CCM` cipher suite. Recommended=N. Defined in
545 /// <https://www.iana.org/go/rfc7251>
546 TLS_ECDHE_ECDSA_WITH_AES_256_CCM => 0xc0ad,
547
548 /// The `TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8` cipher suite. Recommended=N. Defined in
549 /// <https://www.iana.org/go/rfc7251>
550 TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 => 0xc0ae,
551
552 /// The `TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8` cipher suite. Recommended=N. Defined in
553 /// <https://www.iana.org/go/rfc7251>
554 TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 => 0xc0af,
555
556 /// The `TLS_SHA256_SHA256` cipher suite. Recommended=N. Defined in
557 /// <https://www.iana.org/go/rfc9150>
558 TLS_SHA256_SHA256 => 0xc0b4,
559
560 /// The `TLS_SHA384_SHA384` cipher suite. Recommended=N. Defined in
561 /// <https://www.iana.org/go/rfc9150>
562 TLS_SHA384_SHA384 => 0xc0b5,
563
564 /// The `TLS_PSK_WITH_CHACHA20_POLY1305_SHA256` cipher suite. Recommended=N. Defined in
565 /// <https://www.iana.org/go/rfc7905>
566 TLS_PSK_WITH_CHACHA20_POLY1305_SHA256 => 0xccab,
567
568 /// The `TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256` cipher suite. Recommended=N. Defined in
569 /// <https://www.iana.org/go/rfc7905>
570 TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256 => 0xccae,
571
572 /// The `TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256` cipher suite. Recommended=N. Defined in
573 /// <https://www.iana.org/go/rfc8442>
574 TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256 => 0xd003,
575 }
576}
577
578enum_builder! {
579 /// The `SignatureScheme` TLS protocol enum. Values in this enum are taken
580 /// from the various RFCs covering TLS, and are listed by IANA.
581 /// The `Unknown` item is used when processing unrecognised ordinals.
582 #[repr(u16)]
583 pub enum SignatureScheme {
584 RSA_PKCS1_SHA1 => 0x0201,
585 ECDSA_SHA1_Legacy => 0x0203,
586 RSA_PKCS1_SHA256 => 0x0401,
587 ECDSA_NISTP256_SHA256 => 0x0403,
588 RSA_PKCS1_SHA384 => 0x0501,
589 ECDSA_NISTP384_SHA384 => 0x0503,
590 RSA_PKCS1_SHA512 => 0x0601,
591 ECDSA_NISTP521_SHA512 => 0x0603,
592 RSA_PSS_SHA256 => 0x0804,
593 RSA_PSS_SHA384 => 0x0805,
594 RSA_PSS_SHA512 => 0x0806,
595 ED25519 => 0x0807,
596 ED448 => 0x0808,
597 // https://datatracker.ietf.org/doc/html/draft-ietf-tls-mldsa-00#name-iana-considerations
598 ML_DSA_44 => 0x0904,
599 ML_DSA_65 => 0x0905,
600 ML_DSA_87 => 0x0906,
601 }
602}
603
604impl SignatureScheme {
605 pub(crate) fn algorithm(&self) -> SignatureAlgorithm {
606 match *self {
607 Self::RSA_PKCS1_SHA1
608 | Self::RSA_PKCS1_SHA256
609 | Self::RSA_PKCS1_SHA384
610 | Self::RSA_PKCS1_SHA512
611 | Self::RSA_PSS_SHA256
612 | Self::RSA_PSS_SHA384
613 | Self::RSA_PSS_SHA512 => SignatureAlgorithm::RSA,
614 Self::ECDSA_SHA1_Legacy
615 | Self::ECDSA_NISTP256_SHA256
616 | Self::ECDSA_NISTP384_SHA384
617 | Self::ECDSA_NISTP521_SHA512 => SignatureAlgorithm::ECDSA,
618 Self::ED25519 => SignatureAlgorithm::ED25519,
619 Self::ED448 => SignatureAlgorithm::ED448,
620 _ => SignatureAlgorithm::Unknown(0),
621 }
622 }
623
624 /// Whether a particular `SignatureScheme` is allowed for TLS protocol signatures
625 /// in TLS1.3.
626 ///
627 /// This prevents (eg) RSA_PKCS1_SHA256 being offered or accepted, even if our
628 /// verifier supports it for other protocol versions.
629 ///
630 /// See RFC8446 s4.2.3: <https://datatracker.ietf.org/doc/html/rfc8446#section-4.2.3>
631 ///
632 /// This is a denylist so that newly-allocated `SignatureScheme`s values are
633 /// allowed in TLS1.3 by default.
634 pub(crate) fn supported_in_tls13(&self) -> bool {
635 let [hash, sign] = self.to_array();
636
637 // This covers both disallowing SHA1 items in `SignatureScheme`, and
638 // old hash functions. See the section beginning "Legacy algorithms:"
639 // and item starting "In TLS 1.2, the extension contained hash/signature
640 // pairs" in RFC8446 section 4.2.3.
641 match HashAlgorithm::from(hash) {
642 HashAlgorithm::NONE
643 | HashAlgorithm::MD5
644 | HashAlgorithm::SHA1
645 | HashAlgorithm::SHA224 => return false,
646 _ => (),
647 };
648
649 // RSA-PKCS1 is also disallowed for TLS1.3, see the section beginning
650 // "RSASSA-PKCS1-v1_5 algorithms:" in RFC8446 section 4.2.3.
651 //
652 // (nb. SignatureAlgorithm::RSA is RSA-PKCS1, and does not cover RSA-PSS
653 // or RSAE-PSS.)
654 //
655 // This also covers the outlawing of DSA mentioned elsewhere in 4.2.3.
656 !matches!(
657 SignatureAlgorithm::from(sign),
658 SignatureAlgorithm::Anonymous | SignatureAlgorithm::RSA | SignatureAlgorithm::DSA
659 )
660 }
661}
662
663enum_builder! {
664 /// The `SignatureAlgorithm` TLS protocol enum. Values in this enum are taken
665 /// from the various RFCs covering TLS, and are listed by IANA.
666 /// The `Unknown` item is used when processing unrecognised ordinals.
667 #[repr(u8)]
668 pub enum SignatureAlgorithm {
669 Anonymous => 0x00,
670 RSA => 0x01,
671 DSA => 0x02,
672 ECDSA => 0x03,
673 ED25519 => 0x07,
674 ED448 => 0x08,
675 }
676}
677
678enum_builder! {
679 /// The "TLS Certificate Compression Algorithm IDs" TLS protocol enum.
680 /// Values in this enum are taken from [RFC8879].
681 ///
682 /// [RFC8879]: https://www.rfc-editor.org/rfc/rfc8879.html#section-7.3
683 #[repr(u16)]
684 pub enum CertificateCompressionAlgorithm {
685 Zlib => 1,
686 Brotli => 2,
687 Zstd => 3,
688 }
689}
690
691enum_builder! {
692 /// The `CertificateType` enum sent in the cert_type extensions.
693 /// Values in this enum are taken from the various RFCs covering TLS, and are listed by IANA.
694 ///
695 /// [RFC 6091 Section 5]: <https://datatracker.ietf.org/doc/html/rfc6091#section-5>
696 /// [RFC 7250 Section 7]: <https://datatracker.ietf.org/doc/html/rfc7250#section-7>
697 #[repr(u8)]
698 pub enum CertificateType {
699 X509 => 0x00,
700 RawPublicKey => 0x02,
701 }
702}
703
704enum_builder! {
705 /// The type of Encrypted Client Hello (`EchClientHelloType`).
706 ///
707 /// Specified in [draft-ietf-tls-esni Section 5].
708 ///
709 /// [draft-ietf-tls-esni Section 5]: <https://www.ietf.org/archive/id/draft-ietf-tls-esni-18.html#section-5>
710 #[repr(u8)]
711 pub enum EchClientHelloType {
712 ClientHelloOuter => 0,
713 ClientHelloInner => 1
714 }
715}
716
717#[cfg(test)]
718mod tests {
719 use super::*;
720 use crate::msgs::enums::tests::{test_enum8, test_enum8_display, test_enum16};
721
722 #[test]
723 fn test_enums() {
724 test_enum8::<SignatureAlgorithm>(SignatureAlgorithm::Anonymous, SignatureAlgorithm::ECDSA);
725 test_enum8::<ContentType>(ContentType::ChangeCipherSpec, ContentType::Heartbeat);
726 test_enum8::<HandshakeType>(HandshakeType::HelloRequest, HandshakeType::MessageHash);
727 test_enum8_display::<AlertDescription>(
728 AlertDescription::CloseNotify,
729 AlertDescription::EncryptedClientHelloRequired,
730 );
731 test_enum16::<CertificateCompressionAlgorithm>(
732 CertificateCompressionAlgorithm::Zlib,
733 CertificateCompressionAlgorithm::Zstd,
734 );
735 test_enum8::<CertificateType>(CertificateType::X509, CertificateType::RawPublicKey);
736 }
737
738 #[test]
739 fn tls13_signature_restrictions() {
740 // rsa-pkcs1 denied
741 assert!(!SignatureScheme::RSA_PKCS1_SHA1.supported_in_tls13());
742 assert!(!SignatureScheme::RSA_PKCS1_SHA256.supported_in_tls13());
743 assert!(!SignatureScheme::RSA_PKCS1_SHA384.supported_in_tls13());
744 assert!(!SignatureScheme::RSA_PKCS1_SHA512.supported_in_tls13());
745
746 // dsa denied
747 assert!(!SignatureScheme::from(0x0201).supported_in_tls13());
748 assert!(!SignatureScheme::from(0x0202).supported_in_tls13());
749 assert!(!SignatureScheme::from(0x0203).supported_in_tls13());
750 assert!(!SignatureScheme::from(0x0204).supported_in_tls13());
751 assert!(!SignatureScheme::from(0x0205).supported_in_tls13());
752 assert!(!SignatureScheme::from(0x0206).supported_in_tls13());
753
754 // common
755 assert!(SignatureScheme::ED25519.supported_in_tls13());
756 assert!(SignatureScheme::ED448.supported_in_tls13());
757 assert!(SignatureScheme::RSA_PSS_SHA256.supported_in_tls13());
758 assert!(SignatureScheme::RSA_PSS_SHA384.supported_in_tls13());
759 assert!(SignatureScheme::RSA_PSS_SHA512.supported_in_tls13());
760
761 // rsa_pss_rsae_*
762 assert!(SignatureScheme::from(0x0804).supported_in_tls13());
763 assert!(SignatureScheme::from(0x0805).supported_in_tls13());
764 assert!(SignatureScheme::from(0x0806).supported_in_tls13());
765
766 // ecdsa_brainpool*
767 assert!(SignatureScheme::from(0x081a).supported_in_tls13());
768 assert!(SignatureScheme::from(0x081b).supported_in_tls13());
769 assert!(SignatureScheme::from(0x081c).supported_in_tls13());
770 }
771}