wartheking
/
DataStudy


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420
							#if !BESTHTTP_DISABLE_ALTERNATE_SSL && (!UNITY_WEBGL || UNITY_EDITOR)
#pragma warning disable
using System;

namespace BestHTTP.SecureProtocol.Org.BouncyCastle.Tls
{
    /// <summary>RFC 7919</summary>
    public abstract class NamedGroup
    {
        /*
         * RFC 4492 5.1.1
         * <p>
         * The named curves defined here are those specified in SEC 2 [13]. Note that many of these curves
         * are also recommended in ANSI X9.62 [7] and FIPS 186-2 [11]. Values 0xFE00 through 0xFEFF are
         * reserved for private use. Values 0xFF01 and 0xFF02 indicate that the client supports arbitrary
         * prime and characteristic-2 curves, respectively (the curve parameters must be encoded explicitly
         * in ECParameters).
         */
        public const int sect163k1 = 1;
        public const int sect163r1 = 2;
        public const int sect163r2 = 3;
        public const int sect193r1 = 4;
        public const int sect193r2 = 5;
        public const int sect233k1 = 6;
        public const int sect233r1 = 7;
        public const int sect239k1 = 8;
        public const int sect283k1 = 9;
        public const int sect283r1 = 10;
        public const int sect409k1 = 11;
        public const int sect409r1 = 12;
        public const int sect571k1 = 13;
        public const int sect571r1 = 14;
        public const int secp160k1 = 15;
        public const int secp160r1 = 16;
        public const int secp160r2 = 17;
        public const int secp192k1 = 18;
        public const int secp192r1 = 19;
        public const int secp224k1 = 20;
        public const int secp224r1 = 21;
        public const int secp256k1 = 22;
        public const int secp256r1 = 23;
        public const int secp384r1 = 24;
        public const int secp521r1 = 25;

        /*
         * RFC 7027
         */
        public const int brainpoolP256r1 = 26;
        public const int brainpoolP384r1 = 27;
        public const int brainpoolP512r1 = 28;

        /*
         * RFC 8422
         */
        public const int x25519 = 29;
        public const int x448 = 30;

        /*
         * RFC 8734
         */
        public const int brainpoolP256r1tls13 = 31;
        public const int brainpoolP384r1tls13 = 32;
        public const int brainpoolP512r1tls13 = 33;

        /*
         * draft-smyshlyaev-tls12-gost-suites-10
         */
        public const int GC256A = 34;
        public const int GC256B = 35;
        public const int GC256C = 36;
        public const int GC256D = 37;
        public const int GC512A = 38;
        public const int GC512B = 39;
        public const int GC512C = 40;

        /*
         * RFC 8998
         */
        public const int curveSM2 = 41;

        /*
         * RFC 7919 2. Codepoints in the "Supported Groups Registry" with a high byte of 0x01 (that is,
         * between 256 and 511, inclusive) are set aside for FFDHE groups, though only a small number of
         * them are initially defined and we do not expect many other FFDHE groups to be added to this
         * range. No codepoints outside of this range will be allocated to FFDHE groups.
         */
        public const int ffdhe2048 = 256;
        public const int ffdhe3072 = 257;
        public const int ffdhe4096 = 258;
        public const int ffdhe6144 = 259;
        public const int ffdhe8192 = 260;

        /*
         * RFC 8446 reserved ffdhe_private_use (0x01FC..0x01FF)
         */

        /*
         * RFC 4492 reserved ecdhe_private_use (0xFE00..0xFEFF)
         */

        /*
         * RFC 4492
         */
        public const int arbitrary_explicit_prime_curves = 0xFF01;
        public const int arbitrary_explicit_char2_curves = 0xFF02;

        /* Names of the actual underlying elliptic curves (not necessarily matching the NamedGroup names). */
        private static readonly string[] CurveNames = new string[]{ "sect163k1", "sect163r1", "sect163r2", "sect193r1",
            "sect193r2", "sect233k1", "sect233r1", "sect239k1", "sect283k1", "sect283r1", "sect409k1", "sect409r1",
            "sect571k1", "sect571r1", "secp160k1", "secp160r1", "secp160r2", "secp192k1", "secp192r1", "secp224k1",
            "secp224r1", "secp256k1", "secp256r1", "secp384r1", "secp521r1", "brainpoolP256r1", "brainpoolP384r1",
            "brainpoolP512r1", "X25519", "X448", "brainpoolP256r1", "brainpoolP384r1", "brainpoolP512r1",
            "Tc26-Gost-3410-12-256-paramSetA", "GostR3410-2001-CryptoPro-A", "GostR3410-2001-CryptoPro-B",
            "GostR3410-2001-CryptoPro-C", "Tc26-Gost-3410-12-512-paramSetA", "Tc26-Gost-3410-12-512-paramSetB",
            "Tc26-Gost-3410-12-512-paramSetC", "sm2p256v1" };

        private static readonly string[] FiniteFieldNames = new string[]{ "ffdhe2048", "ffdhe3072", "ffdhe4096",
            "ffdhe6144", "ffdhe8192" };

        public static bool CanBeNegotiated(int namedGroup, ProtocolVersion version)
        {
            if (TlsUtilities.IsTlsV13(version))
            {
                if ((namedGroup >= sect163k1 && namedGroup <= secp256k1)
                    || (namedGroup >= brainpoolP256r1 && namedGroup <= brainpoolP512r1)
                    || (namedGroup >= GC256A && namedGroup <= GC512C)
                    || (namedGroup >= arbitrary_explicit_prime_curves && namedGroup <= arbitrary_explicit_char2_curves))
                {
                    return false;
                }
            }
            else
            {
                if ((namedGroup >= brainpoolP256r1tls13 && namedGroup <= brainpoolP512r1tls13)
                    || (namedGroup == curveSM2))
                {
                    return false;
                }
            }

            return IsValid(namedGroup);
        }

        public static int GetCurveBits(int namedGroup)
        {
            switch (namedGroup)
            {
            case secp160k1:
            case secp160r1:
            case secp160r2:
                return 160;

            case sect163k1:
            case sect163r1:
            case sect163r2:
                return 163;

            case secp192k1:
            case secp192r1:
                return 192;

            case sect193r1:
            case sect193r2:
                return 193;

            case secp224k1:
            case secp224r1:
                return 224;

            case sect233k1:
            case sect233r1:
                return 233;

            case sect239k1:
                return 239;

            case x25519:
                return 252;

            case brainpoolP256r1:
            case brainpoolP256r1tls13:
            case curveSM2:
            case GC256A:
            case GC256B:
            case GC256C:
            case GC256D:
            case secp256k1:
            case secp256r1:
                return 256;

            case sect283k1:
            case sect283r1:
                return 283;

            case brainpoolP384r1:
            case brainpoolP384r1tls13:
            case secp384r1:
                return 384;

            case sect409k1:
            case sect409r1:
                return 409;

            case x448:
                return 446;

            case brainpoolP512r1:
            case brainpoolP512r1tls13:
            case GC512A:
            case GC512B:
            case GC512C:
                return 512;

            case secp521r1:
                return 521;

            case sect571k1:
            case sect571r1:
                return 571;

            default:
                return 0;
            }
        }

        public static string GetCurveName(int namedGroup)
        {
            if (RefersToASpecificCurve(namedGroup))
            {
                return CurveNames[namedGroup - sect163k1];
            }

            return null;
        }

        public static int GetFiniteFieldBits(int namedGroup)
        {
            switch (namedGroup)
            {
            case ffdhe2048:
                return 2048;
            case ffdhe3072:
                return 3072;
            case ffdhe4096:
                return 4096;
            case ffdhe6144:
                return 6144;
            case ffdhe8192:
                return 8192;
            default:
                return 0;
            }
        }

        public static string GetFiniteFieldName(int namedGroup)
        {
            if (RefersToASpecificFiniteField(namedGroup))
            {
                return FiniteFieldNames[namedGroup - ffdhe2048];
            }

            return null;
        }

        public static int GetMaximumChar2CurveBits()
        {
            return 571;
        }

        public static int GetMaximumCurveBits()
        {
            return 571;
        }

        public static int GetMaximumFiniteFieldBits()
        {
            return 8192;
        }

        public static int GetMaximumPrimeCurveBits()
        {
            return 521;
        }

        public static string GetName(int namedGroup)
        {
            if (IsPrivate(namedGroup))
            {
                return "PRIVATE";
            }

            switch (namedGroup)
            {
            case x25519:
                return "x25519";
            case x448:
                return "x448";
            case brainpoolP256r1tls13:
                return "brainpoolP256r1tls13";
            case brainpoolP384r1tls13:
                return "brainpoolP384r1tls13";
            case brainpoolP512r1tls13:
                return "brainpoolP512r1tls13";
            case GC256A:
                return "GC256A";
            case GC256B:
                return "GC256B";
            case GC256C:
                return "GC256C";
            case GC256D:
                return "GC256D";
            case GC512A:
                return "GC512A";
            case GC512B:
                return "GC512B";
            case GC512C:
                return "GC512C";
            case curveSM2:
                return "curveSM2";
            case arbitrary_explicit_prime_curves:
                return "arbitrary_explicit_prime_curves";
            case arbitrary_explicit_char2_curves:
                return "arbitrary_explicit_char2_curves";
            }

            string standardName = GetStandardName(namedGroup);
            if (null != standardName)
            {
                return standardName;
            }

            return "UNKNOWN";
        }

        public static string GetStandardName(int namedGroup)
        {
            string curveName = GetCurveName(namedGroup);
            if (null != curveName)
            {
                return curveName;
            }

            string finiteFieldName = GetFiniteFieldName(namedGroup);
            if (null != finiteFieldName)
            {
                return finiteFieldName;
            }

            return null;
        }

        public static string GetText(int namedGroup)
        {
            return GetName(namedGroup) + "(" + namedGroup + ")";
        }

        public static bool IsChar2Curve(int namedGroup)
        {
            return (namedGroup >= sect163k1 && namedGroup <= sect571r1)
                || (namedGroup == arbitrary_explicit_char2_curves);
        }

        public static bool IsPrimeCurve(int namedGroup)
        {
            return (namedGroup >= secp160k1 && namedGroup <= curveSM2)
                || (namedGroup == arbitrary_explicit_prime_curves);
        }

        public static bool IsPrivate(int namedGroup)
        {
            return (namedGroup >> 2) == 0x7F || (namedGroup >> 8) == 0xFE;
        }

        public static bool IsValid(int namedGroup)
        {
            return RefersToASpecificGroup(namedGroup)
                || IsPrivate(namedGroup)
                || (namedGroup >= arbitrary_explicit_prime_curves && namedGroup <= arbitrary_explicit_char2_curves);
        }

        public static bool RefersToAnECDHCurve(int namedGroup)
        {
            return RefersToASpecificCurve(namedGroup);
        }

        public static bool RefersToAnECDSACurve(int namedGroup)
        {
            /*
             * TODO[RFC 8998] Double-check whether this method is only being used to mean
             * "signature-capable" or specifically ECDSA, and consider curveSM2 behaviour
             * accordingly.
             */
            return RefersToASpecificCurve(namedGroup)
                && !RefersToAnXDHCurve(namedGroup);
        }

        public static bool RefersToAnXDHCurve(int namedGroup)
        {
            return namedGroup >= x25519 && namedGroup <= x448;
        }

        public static bool RefersToASpecificCurve(int namedGroup)
        {
            return namedGroup >= sect163k1 && namedGroup <= curveSM2;
        }

        public static bool RefersToASpecificFiniteField(int namedGroup)
        {
            return namedGroup >= ffdhe2048 && namedGroup <= ffdhe8192;
        }

        public static bool RefersToASpecificGroup(int namedGroup)
        {
            return RefersToASpecificCurve(namedGroup)
                || RefersToASpecificFiniteField(namedGroup);
        }
    }
}
#pragma warning restore
#endif