@@ -224,13 +224,7 @@
Loading
224 224
#endif
225 225
      }
226 226
227 -
   if(auth_method() == Auth_Method::DSA)
228 -
      {
229 -
#if !defined(BOTAN_HAS_DSA)
230 -
      return false;
231 -
#endif
232 -
      }
233 -
   else if(auth_method() == Auth_Method::ECDSA)
227 +
   if(auth_method() == Auth_Method::ECDSA)
234 228
      {
235 229
#if !defined(BOTAN_HAS_ECDSA)
236 230
      return false;

@@ -86,8 +86,6 @@
Loading
86 86
      {
87 87
      case Auth_Method::RSA:
88 88
         return "RSA";
89 -
      case Auth_Method::DSA:
90 -
         return "DSA";
91 89
      case Auth_Method::ECDSA:
92 90
         return "ECDSA";
93 91
      case Auth_Method::IMPLICIT:
@@ -101,8 +99,6 @@
Loading
101 99
   {
102 100
   if(str == "RSA")
103 101
      return Auth_Method::RSA;
104 -
   if(str == "DSA")
105 -
      return Auth_Method::DSA;
106 102
   if(str == "ECDSA")
107 103
      return Auth_Method::ECDSA;
108 104
   if(str == "IMPLICIT")
@@ -188,24 +184,20 @@
Loading
188 184
   {
189 185
   switch(scheme)
190 186
      {
191 -
      case Signature_Scheme::DSA_SHA1:
192 187
      case Signature_Scheme::ECDSA_SHA1:
193 188
      case Signature_Scheme::RSA_PKCS1_SHA1:
194 189
         return "SHA-1";
195 190
196 -
      case Signature_Scheme::DSA_SHA256:
197 191
      case Signature_Scheme::ECDSA_SHA256:
198 192
      case Signature_Scheme::RSA_PKCS1_SHA256:
199 193
      case Signature_Scheme::RSA_PSS_SHA256:
200 194
         return "SHA-256";
201 195
202 -
      case Signature_Scheme::DSA_SHA384:
203 196
      case Signature_Scheme::ECDSA_SHA384:
204 197
      case Signature_Scheme::RSA_PKCS1_SHA384:
205 198
      case Signature_Scheme::RSA_PSS_SHA384:
206 199
         return "SHA-384";
207 200
208 -
      case Signature_Scheme::DSA_SHA512:
209 201
      case Signature_Scheme::ECDSA_SHA512:
210 202
      case Signature_Scheme::RSA_PKCS1_SHA512:
211 203
      case Signature_Scheme::RSA_PSS_SHA512:
@@ -243,13 +235,8 @@
Loading
243 235
      Signature_Scheme::ECDSA_SHA512,
244 236
      Signature_Scheme::ECDSA_SHA256,
245 237
246 -
      Signature_Scheme::DSA_SHA384,
247 -
      Signature_Scheme::DSA_SHA512,
248 -
      Signature_Scheme::DSA_SHA256,
249 -
250 238
      Signature_Scheme::RSA_PKCS1_SHA1,
251 239
      Signature_Scheme::ECDSA_SHA1,
252 -
      Signature_Scheme::DSA_SHA1,
253 240
   };
254 241
255 242
   return all_schemes;
@@ -267,11 +254,6 @@
Loading
267 254
      case Signature_Scheme::RSA_PSS_SHA384:
268 255
      case Signature_Scheme::RSA_PSS_SHA512:
269 256
270 -
      case Signature_Scheme::DSA_SHA1:
271 -
      case Signature_Scheme::DSA_SHA256:
272 -
      case Signature_Scheme::DSA_SHA384:
273 -
      case Signature_Scheme::DSA_SHA512:
274 -
275 257
      case Signature_Scheme::ECDSA_SHA1:
276 258
      case Signature_Scheme::ECDSA_SHA256:
277 259
      case Signature_Scheme::ECDSA_SHA384:
@@ -297,12 +279,6 @@
Loading
297 279
      case Signature_Scheme::RSA_PSS_SHA512:
298 280
         return "RSA";
299 281
300 -
      case Signature_Scheme::DSA_SHA1:
301 -
      case Signature_Scheme::DSA_SHA256:
302 -
      case Signature_Scheme::DSA_SHA384:
303 -
      case Signature_Scheme::DSA_SHA512:
304 -
         return "DSA";
305 -
306 282
      case Signature_Scheme::ECDSA_SHA1:
307 283
      case Signature_Scheme::ECDSA_SHA256:
308 284
      case Signature_Scheme::ECDSA_SHA384:
@@ -335,15 +311,6 @@
Loading
335 311
      case Signature_Scheme::RSA_PKCS1_SHA512:
336 312
         return "RSA_PKCS1_SHA512";
337 313
338 -
      case Signature_Scheme::DSA_SHA1:
339 -
         return "DSA_SHA1";
340 -
      case Signature_Scheme::DSA_SHA256:
341 -
         return "DSA_SHA256";
342 -
      case Signature_Scheme::DSA_SHA384:
343 -
         return "DSA_SHA384";
344 -
      case Signature_Scheme::DSA_SHA512:
345 -
         return "DSA_SHA512";
346 -
347 314
      case Signature_Scheme::ECDSA_SHA1:
348 315
         return "ECDSA_SHA1";
349 316
      case Signature_Scheme::ECDSA_SHA256:
@@ -385,16 +352,12 @@
Loading
385 352
      case Signature_Scheme::RSA_PKCS1_SHA512:
386 353
         return "EMSA_PKCS1(SHA-512)";
387 354
388 -
      case Signature_Scheme::DSA_SHA1:
389 355
      case Signature_Scheme::ECDSA_SHA1:
390 356
         return "EMSA1(SHA-1)";
391 -
      case Signature_Scheme::DSA_SHA256:
392 357
      case Signature_Scheme::ECDSA_SHA256:
393 358
         return "EMSA1(SHA-256)";
394 -
      case Signature_Scheme::DSA_SHA384:
395 359
      case Signature_Scheme::ECDSA_SHA384:
396 360
         return "EMSA1(SHA-384)";
397 -
      case Signature_Scheme::DSA_SHA512:
398 361
      case Signature_Scheme::ECDSA_SHA512:
399 362
         return "EMSA1(SHA-512)";
400 363

@@ -3,7 +3,7 @@
Loading
3 3
*
4 4
* This file was automatically generated from the IANA assignments
5 5
* (tls-parameters.txt sha256 6412d7a966151d409d463681e5427e706cd9066f13d34ca7a89f8cc2f7dff4b2)
6 -
* by ./src/scripts/tls_suite_info.py on 2020-11-16
6 +
* by ./src/scripts/tls_suite_info.py on 2020-11-17
7 7
*
8 8
* Botan is released under the Simplified BSD License (see license.txt)
9 9
*/
@@ -18,25 +18,18 @@
Loading
18 18
   // Note that this list of ciphersuites is ordered by id!
19 19
   static const std::vector<Ciphersuite> g_ciphersuite_list = {
20 20
      Ciphersuite(0x000A, "RSA_WITH_3DES_EDE_CBC_SHA", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "3DES", 24, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
21 -
      Ciphersuite(0x0013, "DHE_DSS_WITH_3DES_EDE_CBC_SHA", Auth_Method::DSA, Kex_Algo::DH, "3DES", 24, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
22 21
      Ciphersuite(0x0016, "DHE_RSA_WITH_3DES_EDE_CBC_SHA", Auth_Method::RSA, Kex_Algo::DH, "3DES", 24, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
23 22
      Ciphersuite(0x002F, "RSA_WITH_AES_128_CBC_SHA", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "AES-128", 16, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
24 -
      Ciphersuite(0x0032, "DHE_DSS_WITH_AES_128_CBC_SHA", Auth_Method::DSA, Kex_Algo::DH, "AES-128", 16, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
25 23
      Ciphersuite(0x0033, "DHE_RSA_WITH_AES_128_CBC_SHA", Auth_Method::RSA, Kex_Algo::DH, "AES-128", 16, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
26 24
      Ciphersuite(0x0035, "RSA_WITH_AES_256_CBC_SHA", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "AES-256", 32, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
27 -
      Ciphersuite(0x0038, "DHE_DSS_WITH_AES_256_CBC_SHA", Auth_Method::DSA, Kex_Algo::DH, "AES-256", 32, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
28 25
      Ciphersuite(0x0039, "DHE_RSA_WITH_AES_256_CBC_SHA", Auth_Method::RSA, Kex_Algo::DH, "AES-256", 32, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
29 26
      Ciphersuite(0x003C, "RSA_WITH_AES_128_CBC_SHA256", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "AES-128", 16, "SHA-256", 32, KDF_Algo::SHA_256, Nonce_Format::CBC_MODE),
30 27
      Ciphersuite(0x003D, "RSA_WITH_AES_256_CBC_SHA256", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "AES-256", 32, "SHA-256", 32, KDF_Algo::SHA_256, Nonce_Format::CBC_MODE),
31 -
      Ciphersuite(0x0040, "DHE_DSS_WITH_AES_128_CBC_SHA256", Auth_Method::DSA, Kex_Algo::DH, "AES-128", 16, "SHA-256", 32, KDF_Algo::SHA_256, Nonce_Format::CBC_MODE),
32 28
      Ciphersuite(0x0041, "RSA_WITH_CAMELLIA_128_CBC_SHA", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "Camellia-128", 16, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
33 -
      Ciphersuite(0x0044, "DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", Auth_Method::DSA, Kex_Algo::DH, "Camellia-128", 16, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
34 29
      Ciphersuite(0x0045, "DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", Auth_Method::RSA, Kex_Algo::DH, "Camellia-128", 16, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
35 30
      Ciphersuite(0x0067, "DHE_RSA_WITH_AES_128_CBC_SHA256", Auth_Method::RSA, Kex_Algo::DH, "AES-128", 16, "SHA-256", 32, KDF_Algo::SHA_256, Nonce_Format::CBC_MODE),
36 -
      Ciphersuite(0x006A, "DHE_DSS_WITH_AES_256_CBC_SHA256", Auth_Method::DSA, Kex_Algo::DH, "AES-256", 32, "SHA-256", 32, KDF_Algo::SHA_256, Nonce_Format::CBC_MODE),
37 31
      Ciphersuite(0x006B, "DHE_RSA_WITH_AES_256_CBC_SHA256", Auth_Method::RSA, Kex_Algo::DH, "AES-256", 32, "SHA-256", 32, KDF_Algo::SHA_256, Nonce_Format::CBC_MODE),
38 32
      Ciphersuite(0x0084, "RSA_WITH_CAMELLIA_256_CBC_SHA", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "Camellia-256", 32, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
39 -
      Ciphersuite(0x0087, "DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", Auth_Method::DSA, Kex_Algo::DH, "Camellia-256", 32, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
40 33
      Ciphersuite(0x0088, "DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", Auth_Method::RSA, Kex_Algo::DH, "Camellia-256", 32, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
41 34
      Ciphersuite(0x008B, "PSK_WITH_3DES_EDE_CBC_SHA", Auth_Method::IMPLICIT, Kex_Algo::PSK, "3DES", 24, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
42 35
      Ciphersuite(0x008C, "PSK_WITH_AES_128_CBC_SHA", Auth_Method::IMPLICIT, Kex_Algo::PSK, "AES-128", 16, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
@@ -45,14 +38,11 @@
Loading
45 38
      Ciphersuite(0x0090, "DHE_PSK_WITH_AES_128_CBC_SHA", Auth_Method::IMPLICIT, Kex_Algo::DHE_PSK, "AES-128", 16, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
46 39
      Ciphersuite(0x0091, "DHE_PSK_WITH_AES_256_CBC_SHA", Auth_Method::IMPLICIT, Kex_Algo::DHE_PSK, "AES-256", 32, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
47 40
      Ciphersuite(0x0096, "RSA_WITH_SEED_CBC_SHA", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "SEED", 16, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
48 -
      Ciphersuite(0x0099, "DHE_DSS_WITH_SEED_CBC_SHA", Auth_Method::DSA, Kex_Algo::DH, "SEED", 16, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
49 41
      Ciphersuite(0x009A, "DHE_RSA_WITH_SEED_CBC_SHA", Auth_Method::RSA, Kex_Algo::DH, "SEED", 16, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
50 42
      Ciphersuite(0x009C, "RSA_WITH_AES_128_GCM_SHA256", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "AES-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
51 43
      Ciphersuite(0x009D, "RSA_WITH_AES_256_GCM_SHA384", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "AES-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4),
52 44
      Ciphersuite(0x009E, "DHE_RSA_WITH_AES_128_GCM_SHA256", Auth_Method::RSA, Kex_Algo::DH, "AES-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
53 45
      Ciphersuite(0x009F, "DHE_RSA_WITH_AES_256_GCM_SHA384", Auth_Method::RSA, Kex_Algo::DH, "AES-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4),
54 -
      Ciphersuite(0x00A2, "DHE_DSS_WITH_AES_128_GCM_SHA256", Auth_Method::DSA, Kex_Algo::DH, "AES-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
55 -
      Ciphersuite(0x00A3, "DHE_DSS_WITH_AES_256_GCM_SHA384", Auth_Method::DSA, Kex_Algo::DH, "AES-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4),
56 46
      Ciphersuite(0x00A8, "PSK_WITH_AES_128_GCM_SHA256", Auth_Method::IMPLICIT, Kex_Algo::PSK, "AES-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
57 47
      Ciphersuite(0x00A9, "PSK_WITH_AES_256_GCM_SHA384", Auth_Method::IMPLICIT, Kex_Algo::PSK, "AES-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4),
58 48
      Ciphersuite(0x00AA, "DHE_PSK_WITH_AES_128_GCM_SHA256", Auth_Method::IMPLICIT, Kex_Algo::DHE_PSK, "AES-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
@@ -62,10 +52,8 @@
Loading
62 52
      Ciphersuite(0x00B2, "DHE_PSK_WITH_AES_128_CBC_SHA256", Auth_Method::IMPLICIT, Kex_Algo::DHE_PSK, "AES-128", 16, "SHA-256", 32, KDF_Algo::SHA_256, Nonce_Format::CBC_MODE),
63 53
      Ciphersuite(0x00B3, "DHE_PSK_WITH_AES_256_CBC_SHA384", Auth_Method::IMPLICIT, Kex_Algo::DHE_PSK, "AES-256", 32, "SHA-384", 48, KDF_Algo::SHA_384, Nonce_Format::CBC_MODE),
64 54
      Ciphersuite(0x00BA, "RSA_WITH_CAMELLIA_128_CBC_SHA256", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "Camellia-128", 16, "SHA-256", 32, KDF_Algo::SHA_256, Nonce_Format::CBC_MODE),
65 -
      Ciphersuite(0x00BD, "DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256", Auth_Method::DSA, Kex_Algo::DH, "Camellia-128", 16, "SHA-256", 32, KDF_Algo::SHA_256, Nonce_Format::CBC_MODE),
66 55
      Ciphersuite(0x00BE, "DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256", Auth_Method::RSA, Kex_Algo::DH, "Camellia-128", 16, "SHA-256", 32, KDF_Algo::SHA_256, Nonce_Format::CBC_MODE),
67 56
      Ciphersuite(0x00C0, "RSA_WITH_CAMELLIA_256_CBC_SHA256", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "Camellia-256", 32, "SHA-256", 32, KDF_Algo::SHA_256, Nonce_Format::CBC_MODE),
68 -
      Ciphersuite(0x00C3, "DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256", Auth_Method::DSA, Kex_Algo::DH, "Camellia-256", 32, "SHA-256", 32, KDF_Algo::SHA_256, Nonce_Format::CBC_MODE),
69 57
      Ciphersuite(0x00C4, "DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256", Auth_Method::RSA, Kex_Algo::DH, "Camellia-256", 32, "SHA-256", 32, KDF_Algo::SHA_256, Nonce_Format::CBC_MODE),
70 58
      Ciphersuite(0x16B7, "CECPQ1_RSA_WITH_CHACHA20_POLY1305_SHA256", Auth_Method::RSA, Kex_Algo::CECPQ1, "ChaCha20Poly1305", 32, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_XOR_12),
71 59
      Ciphersuite(0x16B8, "CECPQ1_ECDSA_WITH_CHACHA20_POLY1305_SHA256", Auth_Method::ECDSA, Kex_Algo::CECPQ1, "ChaCha20Poly1305", 32, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_XOR_12),
@@ -79,13 +67,10 @@
Loading
79 67
      Ciphersuite(0xC014, "ECDHE_RSA_WITH_AES_256_CBC_SHA", Auth_Method::RSA, Kex_Algo::ECDH, "AES-256", 32, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
80 68
      Ciphersuite(0xC01A, "SRP_SHA_WITH_3DES_EDE_CBC_SHA", Auth_Method::IMPLICIT, Kex_Algo::SRP_SHA, "3DES", 24, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
81 69
      Ciphersuite(0xC01B, "SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA", Auth_Method::RSA, Kex_Algo::SRP_SHA, "3DES", 24, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
82 -
      Ciphersuite(0xC01C, "SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA", Auth_Method::DSA, Kex_Algo::SRP_SHA, "3DES", 24, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
83 70
      Ciphersuite(0xC01D, "SRP_SHA_WITH_AES_128_CBC_SHA", Auth_Method::IMPLICIT, Kex_Algo::SRP_SHA, "AES-128", 16, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
84 71
      Ciphersuite(0xC01E, "SRP_SHA_RSA_WITH_AES_128_CBC_SHA", Auth_Method::RSA, Kex_Algo::SRP_SHA, "AES-128", 16, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
85 -
      Ciphersuite(0xC01F, "SRP_SHA_DSS_WITH_AES_128_CBC_SHA", Auth_Method::DSA, Kex_Algo::SRP_SHA, "AES-128", 16, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
86 72
      Ciphersuite(0xC020, "SRP_SHA_WITH_AES_256_CBC_SHA", Auth_Method::IMPLICIT, Kex_Algo::SRP_SHA, "AES-256", 32, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
87 73
      Ciphersuite(0xC021, "SRP_SHA_RSA_WITH_AES_256_CBC_SHA", Auth_Method::RSA, Kex_Algo::SRP_SHA, "AES-256", 32, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
88 -
      Ciphersuite(0xC022, "SRP_SHA_DSS_WITH_AES_256_CBC_SHA", Auth_Method::DSA, Kex_Algo::SRP_SHA, "AES-256", 32, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
89 74
      Ciphersuite(0xC023, "ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", Auth_Method::ECDSA, Kex_Algo::ECDH, "AES-128", 16, "SHA-256", 32, KDF_Algo::SHA_256, Nonce_Format::CBC_MODE),
90 75
      Ciphersuite(0xC024, "ECDHE_ECDSA_WITH_AES_256_CBC_SHA384", Auth_Method::ECDSA, Kex_Algo::ECDH, "AES-256", 32, "SHA-384", 48, KDF_Algo::SHA_384, Nonce_Format::CBC_MODE),
91 76
      Ciphersuite(0xC027, "ECDHE_RSA_WITH_AES_128_CBC_SHA256", Auth_Method::RSA, Kex_Algo::ECDH, "AES-128", 16, "SHA-256", 32, KDF_Algo::SHA_256, Nonce_Format::CBC_MODE),
@@ -103,8 +88,6 @@
Loading
103 88
      Ciphersuite(0xC051, "RSA_WITH_ARIA_256_GCM_SHA384", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "ARIA-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4),
104 89
      Ciphersuite(0xC052, "DHE_RSA_WITH_ARIA_128_GCM_SHA256", Auth_Method::RSA, Kex_Algo::DH, "ARIA-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
105 90
      Ciphersuite(0xC053, "DHE_RSA_WITH_ARIA_256_GCM_SHA384", Auth_Method::RSA, Kex_Algo::DH, "ARIA-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4),
106 -
      Ciphersuite(0xC056, "DHE_DSS_WITH_ARIA_128_GCM_SHA256", Auth_Method::DSA, Kex_Algo::DH, "ARIA-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
107 -
      Ciphersuite(0xC057, "DHE_DSS_WITH_ARIA_256_GCM_SHA384", Auth_Method::DSA, Kex_Algo::DH, "ARIA-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4),
108 91
      Ciphersuite(0xC05C, "ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256", Auth_Method::ECDSA, Kex_Algo::ECDH, "ARIA-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
109 92
      Ciphersuite(0xC05D, "ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384", Auth_Method::ECDSA, Kex_Algo::ECDH, "ARIA-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4),
110 93
      Ciphersuite(0xC060, "ECDHE_RSA_WITH_ARIA_128_GCM_SHA256", Auth_Method::RSA, Kex_Algo::ECDH, "ARIA-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
@@ -121,8 +104,6 @@
Loading
121 104
      Ciphersuite(0xC07B, "RSA_WITH_CAMELLIA_256_GCM_SHA384", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "Camellia-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4),
122 105
      Ciphersuite(0xC07C, "DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256", Auth_Method::RSA, Kex_Algo::DH, "Camellia-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
123 106
      Ciphersuite(0xC07D, "DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384", Auth_Method::RSA, Kex_Algo::DH, "Camellia-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4),
124 -
      Ciphersuite(0xC080, "DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256", Auth_Method::DSA, Kex_Algo::DH, "Camellia-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
125 -
      Ciphersuite(0xC081, "DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384", Auth_Method::DSA, Kex_Algo::DH, "Camellia-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4),
126 107
      Ciphersuite(0xC086, "ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256", Auth_Method::ECDSA, Kex_Algo::ECDH, "Camellia-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
127 108
      Ciphersuite(0xC087, "ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384", Auth_Method::ECDSA, Kex_Algo::ECDH, "Camellia-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4),
128 109
      Ciphersuite(0xC08A, "ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256", Auth_Method::RSA, Kex_Algo::ECDH, "Camellia-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),

@@ -221,12 +221,6 @@
Loading
221 221
   return 2048;
222 222
   }
223 223
224 -
size_t Policy::minimum_dsa_group_size() const
225 -
   {
226 -
   // FIPS 186-3
227 -
   return 2048;
228 -
   }
229 -
230 224
void Policy::check_peer_key_acceptable(const Public_Key& public_key) const
231 225
   {
232 226
   const std::string algo_name = public_key.algo_name();
@@ -242,10 +236,6 @@
Loading
242 236
      {
243 237
      expected_keylength = minimum_dh_group_size();
244 238
      }
245 -
   else if(algo_name == "DSA")
246 -
      {
247 -
      expected_keylength = minimum_dsa_group_size();
248 -
      }
249 239
   else if(algo_name == "ECDH" || algo_name == "Curve25519")
250 240
      {
251 241
      expected_keylength = minimum_ecdh_group_size();

@@ -28,10 +28,6 @@
Loading
28 28
   #include <botan/x509_ca.h>
29 29
   #include <botan/x509self.h>
30 30
31 -
   #if defined(BOTAN_HAS_DSA)
32 -
      #include <botan/dsa.h>
33 -
   #endif
34 -
35 31
   #if defined(BOTAN_HAS_SRP6)
36 32
      #include <botan/srp6.h>
37 33
   #endif
@@ -58,21 +54,13 @@
Loading
58 54
                               const Botan::X509_Certificate& ecdsa_cert,
59 55
                               Botan::Private_Key* ecdsa_key,
60 56
                               const Botan::X509_Certificate& ecdsa_ca,
61 -
                               const Botan::X509_CRL& ecdsa_crl,
62 -
                               const Botan::X509_Certificate* dsa_cert,
63 -
                               Botan::Private_Key* dsa_key,
64 -
                               const Botan::X509_Certificate* dsa_ca,
65 -
                               Botan::X509_CRL* dsa_crl) :
57 +
                               const Botan::X509_CRL& ecdsa_crl) :
66 58
         m_rsa_cert(rsa_cert),
67 59
         m_rsa_ca(rsa_ca),
68 60
         m_rsa_key(rsa_key),
69 61
         m_ecdsa_cert(ecdsa_cert),
70 62
         m_ecdsa_ca(ecdsa_ca),
71 -
         m_ecdsa_key(ecdsa_key),
72 -
         m_dsa_cert(dsa_cert),
73 -
         m_dsa_ca(dsa_ca),
74 -
         m_dsa_key(dsa_key),
75 -
         m_dsa_crl(dsa_crl)
63 +
         m_ecdsa_key(ecdsa_key)
76 64
         {
77 65
         std::unique_ptr<Botan::Certificate_Store_In_Memory> store(new Botan::Certificate_Store_In_Memory);
78 66
         store->add_certificate(m_rsa_ca);
@@ -80,15 +68,6 @@
Loading
80 68
         store->add_crl(rsa_crl);
81 69
         store->add_crl(ecdsa_crl);
82 70
83 -
         if(m_dsa_ca != nullptr)
84 -
            {
85 -
            store->add_certificate(*m_dsa_ca);
86 -
            }
87 -
         if(m_dsa_crl != nullptr)
88 -
            {
89 -
            store->add_crl(*m_dsa_crl);
90 -
            }
91 -
92 71
         m_stores.push_back(std::move(store));
93 72
         m_provides_client_certs = with_client_certs;
94 73
         }
@@ -111,6 +90,7 @@
Loading
111 90
         const std::string& type,
112 91
         const std::string& context) override
113 92
         {
93 +
         BOTAN_UNUSED(context);
114 94
         std::vector<Botan::X509_Certificate> chain;
115 95
116 96
         if(m_acceptable_cas.empty())
@@ -132,20 +112,6 @@
Loading
132 112
                  chain.push_back(m_ecdsa_ca);
133 113
                  break;
134 114
                  }
135 -
#if defined(BOTAN_HAS_DSA)
136 -
               else if(key_type == "DSA")
137 -
                  {
138 -
                  if(m_dsa_cert == nullptr || m_dsa_ca == nullptr)
139 -
                     {
140 -
                     throw Test_Error("No DSA certificates set for " + type + "/" + context);
141 -
                     }
142 -
                  chain.push_back(*m_dsa_cert);
143 -
                  chain.push_back(*m_dsa_ca);
144 -
                  break;
145 -
                  }
146 -
#else
147 -
               BOTAN_UNUSED(context);
148 -
#endif
149 115
               }
150 116
            }
151 117
@@ -164,10 +130,6 @@
Loading
164 130
            {
165 131
            return m_ecdsa_key.get();
166 132
            }
167 -
         if(crt == *m_dsa_cert)
168 -
            {
169 -
            return m_dsa_key.get();
170 -
            }
171 133
         return nullptr;
172 134
         }
173 135
@@ -207,9 +169,6 @@
Loading
207 169
      Botan::X509_Certificate m_ecdsa_cert, m_ecdsa_ca;
208 170
      std::unique_ptr<Botan::Private_Key> m_ecdsa_key;
209 171
210 -
      std::unique_ptr<const Botan::X509_Certificate> m_dsa_cert, m_dsa_ca;
211 -
      std::unique_ptr<Botan::Private_Key> m_dsa_key;
212 -
      std::unique_ptr<Botan::X509_CRL> m_dsa_crl;
213 172
      std::vector<std::unique_ptr<Botan::Certificate_Store>> m_stores;
214 173
      bool m_provides_client_certs;
215 174
      std::vector<Botan::X509_DN> m_acceptable_cas;
@@ -270,33 +229,10 @@
Loading
270 229
   std::unique_ptr<Botan::X509_Certificate> dsa_srv_cert;
271 230
   std::unique_ptr<Botan::X509_Certificate> dsa_ca_cert;
272 231
273 -
#if defined(BOTAN_HAS_DSA)
274 -
   const Botan::DL_Group dsa_params("dsa/jce/1024");
275 -
276 -
   dsa_ca_key.reset(new Botan::DSA_PrivateKey(rng, dsa_params));
277 -
   dsa_srv_key.reset(new Botan::DSA_PrivateKey(rng, dsa_params));
278 -
279 -
   Botan::X509_Cert_Options dsa_ca_opts("DSA Test CA/VT");
280 -
   dsa_ca_opts.CA_key(1);
281 -
282 -
   dsa_ca_cert.reset(new Botan::X509_Certificate(
283 -
                        Botan::X509::create_self_signed_cert(dsa_ca_opts, *dsa_ca_key, "SHA-256", rng)));
284 -
285 -
   const Botan::PKCS10_Request dsa_req =
286 -
      Botan::X509::create_cert_req(server_opts, *dsa_srv_key, "SHA-256", rng);
287 -
288 -
   Botan::X509_CA dsa_ca(*dsa_ca_cert, *dsa_ca_key, "SHA-256", rng);
289 -
   dsa_srv_cert.reset(new Botan::X509_Certificate(
290 -
                         dsa_ca.sign_request(dsa_req, rng, start_time, end_time)));
291 -
292 -
   dsa_crl.reset(new Botan::X509_CRL(dsa_ca.new_crl(rng)));
293 -
#endif
294 -
295 232
   Credentials_Manager_Test* cmt = new Credentials_Manager_Test(
296 233
      with_client_certs,
297 234
      rsa_srv_cert, rsa_srv_key.release(), rsa_ca_cert, rsa_crl,
298 -
      ecdsa_srv_cert, ecdsa_srv_key.release(), ecdsa_ca_cert, ecdsa_crl,
299 -
      dsa_srv_cert.release(), dsa_srv_key.release(), dsa_ca_cert.release(), dsa_crl.release());
235 +
      ecdsa_srv_cert, ecdsa_srv_key.release(), ecdsa_ca_cert, ecdsa_crl);
300 236
301 237
   return cmt;
302 238
   }
@@ -722,7 +658,7 @@
Loading
722 658
723 659
            std::vector<Botan::X509_DN> acceptable_CAs = test_creds.get_acceptable_cas();
724 660
725 -
            m_results.test_gte("client got CA list", acceptable_CAs.size(), 2); // DSA is optional
661 +
            m_results.test_eq("client got CA list", acceptable_CAs.size(), 2); // RSA + ECDSA
726 662
727 663
            for(const Botan::X509_DN& dn : acceptable_CAs)
728 664
               {
@@ -781,11 +717,6 @@
Loading
781 717
         return 1024;
782 718
         }
783 719
784 -
      size_t minimum_dsa_group_size() const override
785 -
         {
786 -
         return 1024;
787 -
         }
788 -
789 720
      size_t minimum_signature_strength() const override
790 721
         {
791 722
         return 80;
@@ -977,17 +908,6 @@
Loading
977 908
978 909
         test_modern_versions("AES-128 DH", results, *client_ses, *server_ses, *creds, "DH", "AES-128", "SHA-256");
979 910
980 -
#if defined(BOTAN_HAS_DSA)
981 -
         if(Test::run_long_tests())
982 -
            {
983 -
            test_modern_versions("AES-128 DSA", results, *client_ses, *server_ses, *creds, "DH", "AES-128", "SHA-256",
984 -
                                 { { "signature_methods", "DSA" } });
985 -
986 -
            test_modern_versions("AES-128/GCM DSA", results, *client_ses, *server_ses, *creds, "DH", "AES-128/GCM", "AEAD",
987 -
                                 { { "signature_methods", "DSA" } });
988 -
            }
989 -
#endif
990 -
991 911
#if defined(BOTAN_HAS_SRP6)
992 912
         std::unique_ptr<Botan::Credentials_Manager> srp6_creds(create_srp6_creds(rng));
993 913
         test_all_versions("SRP6 AES", results, *client_ses, *server_ses, *srp6_creds, "SRP_SHA", "AES-128", "SHA-1", "false");

@@ -224,7 +224,6 @@
Loading
224 224
               // If empty, then implicit SHA-1 (TLS v1.2 rules)
225 225
               client_sig_methods.push_back(Signature_Scheme::RSA_PKCS1_SHA1);
226 226
               client_sig_methods.push_back(Signature_Scheme::ECDSA_SHA1);
227 -
               client_sig_methods.push_back(Signature_Scheme::DSA_SHA1);
228 227
               }
229 228
230 229
            bool we_support_some_hash_by_client = false;

@@ -29,10 +29,6 @@
Loading
29 29
   #include <botan/dh.h>
30 30
#endif
31 31
32 -
#if defined(BOTAN_HAS_DSA)
33 -
   #include <botan/dsa.h>
34 -
#endif
35 -
36 32
namespace Botan_Tests {
37 33
38 34
namespace {
@@ -49,7 +45,6 @@
Loading
49 45
         results.push_back(test_peer_key_acceptable_ecdh());
50 46
         results.push_back(test_peer_key_acceptable_ecdsa());
51 47
         results.push_back(test_peer_key_acceptable_dh());
52 -
         results.push_back(test_peer_key_acceptable_dsa());
53 48
54 49
         return results;
55 50
         }
@@ -154,33 +149,6 @@
Loading
154 149
         return result;
155 150
         }
156 151
157 -
      Test::Result test_peer_key_acceptable_dsa()
158 -
         {
159 -
         Test::Result result("TLS Policy DSA key verification");
160 -
#if defined(BOTAN_HAS_DSA)
161 -
         const Botan::DL_Group grp_1024("modp/ietf/1024");
162 -
         std::unique_ptr<Botan::Private_Key> dsa_1024(new Botan::DSA_PrivateKey(Test::rng(), grp_1024));
163 -
164 -
         Botan::TLS::Policy policy;
165 -
         try
166 -
            {
167 -
            policy.check_peer_key_acceptable(*dsa_1024);
168 -
            result.test_failure("Incorrectly accepting short bit DSA keys");
169 -
            }
170 -
         catch(Botan::TLS::TLS_Exception&)
171 -
            {
172 -
            result.test_success("Correctly rejecting short bit DSA keys");
173 -
            }
174 -
175 -
         const Botan::DL_Group grp_2048("modp/ietf/2048");
176 -
         std::unique_ptr<Botan::Private_Key> dsa_2048(new Botan::DSA_PrivateKey(Test::rng(), grp_2048));
177 -
         policy.check_peer_key_acceptable(*dsa_2048);
178 -
         result.test_success("Correctly accepting 2048 bit DSA keys");
179 -
#endif
180 -
         return result;
181 -
         }
182 -
183 -
184 152
   };
185 153
186 154
BOTAN_REGISTER_TEST("tls", "tls_policy", TLS_Policy_Unit_Tests);

@@ -442,7 +442,6 @@
Loading
442 442
443 443
         const std::vector<Botan::TLS::Auth_Method> auth_methods({
444 444
            Botan::TLS::Auth_Method::RSA,
445 -
            Botan::TLS::Auth_Method::DSA,
446 445
            Botan::TLS::Auth_Method::ECDSA,
447 446
            Botan::TLS::Auth_Method::IMPLICIT,
448 447
            });

@@ -415,7 +415,6 @@
Loading
415 415
         // Implicit SHA-1
416 416
         requested.push_back(Signature_Scheme::RSA_PKCS1_SHA1);
417 417
         requested.push_back(Signature_Scheme::ECDSA_SHA1);
418 -
         requested.push_back(Signature_Scheme::DSA_SHA1);
419 418
         }
420 419
421 420
      for(Signature_Scheme scheme : allowed)
Files Coverage
src 92.33%
Project Totals (563 files) 92.33%
1
---
2

3
# Documentation
4
# https://github.com/codecov/support/wiki/Codecov-Yaml#full-yaml
5
#
6
# Validate this file
7
# curl --data-binary @codecov.yml https://codecov.io/validate
8

9
coverage:
10
  status:
11
    project:
12
      default:
13
        # Random seeds in tests lead to a +/-0.05% coverage span even for PRs
14
        # that do not change source code
15
        threshold: 0.05
Sunburst
The inner-most circle is the entire project, moving away from the center are folders then, finally, a single file. The size and color of each slice is representing the number of statements and the coverage, respectively.
Icicle
The top section represents the entire project. Proceeding with folders and finally individual files. The size and color of each slice is representing the number of statements and the coverage, respectively.
Grid
Each block represents a single file in the project. The size and color of each block is represented by the number of statements and the coverage, respectively.
Loading