enums.rs source code [crates/rustls-0.22.2/src/enums.rs]

1	#![allow(non_camel_case_types)]
2	#![allow(missing_docs)]
3	use crate::msgs::codec::{Codec, Reader};
4
5	enum_builder! {
6	/// The `AlertDescription` TLS protocol enum. Values in this enum are taken
7	/// from the various RFCs covering TLS, and are listed by IANA.
8	/// The `Unknown` item is used when processing unrecognised ordinals.
9	@U8
10	pub enum AlertDescription {
11	CloseNotify => `0x00`,
12	UnexpectedMessage => `0x0a`,
13	BadRecordMac => `0x14`,
14	DecryptionFailed => `0x15`,
15	RecordOverflow => `0x16`,
16	DecompressionFailure => `0x1e`,
17	HandshakeFailure => `0x28`,
18	NoCertificate => `0x29`,
19	BadCertificate => `0x2a`,
20	UnsupportedCertificate => `0x2b`,
21	CertificateRevoked => `0x2c`,
22	CertificateExpired => `0x2d`,
23	CertificateUnknown => `0x2e`,
24	IllegalParameter => `0x2f`,
25	UnknownCA => `0x30`,
26	AccessDenied => `0x31`,
27	DecodeError => `0x32`,
28	DecryptError => `0x33`,
29	ExportRestriction => `0x3c`,
30	ProtocolVersion => `0x46`,
31	InsufficientSecurity => `0x47`,
32	InternalError => `0x50`,
33	InappropriateFallback => `0x56`,
34	UserCanceled => `0x5a`,
35	NoRenegotiation => `0x64`,
36	MissingExtension => `0x6d`,
37	UnsupportedExtension => `0x6e`,
38	CertificateUnobtainable => `0x6f`,
39	UnrecognisedName => `0x70`,
40	BadCertificateStatusResponse => `0x71`,
41	BadCertificateHashValue => `0x72`,
42	UnknownPSKIdentity => `0x73`,
43	CertificateRequired => `0x74`,
44	NoApplicationProtocol => `0x78`
45	}
46	}
47
48	enum_builder! {
49	/// The `HandshakeType` TLS protocol enum. Values in this enum are taken
50	/// from the various RFCs covering TLS, and are listed by IANA.
51	/// The `Unknown` item is used when processing unrecognised ordinals.
52	@U8
53	pub enum HandshakeType {
54	HelloRequest => `0x00`,
55	ClientHello => `0x01`,
56	ServerHello => `0x02`,
57	HelloVerifyRequest => `0x03`,
58	NewSessionTicket => `0x04`,
59	EndOfEarlyData => `0x05`,
60	HelloRetryRequest => `0x06`,
61	EncryptedExtensions => `0x08`,
62	Certificate => `0x0b`,
63	ServerKeyExchange => `0x0c`,
64	CertificateRequest => `0x0d`,
65	ServerHelloDone => `0x0e`,
66	CertificateVerify => `0x0f`,
67	ClientKeyExchange => `0x10`,
68	Finished => `0x14`,
69	CertificateURL => `0x15`,
70	CertificateStatus => `0x16`,
71	KeyUpdate => `0x18`,
72	MessageHash => `0xfe`
73	}
74	}
75
76	enum_builder! {
77	/// The `ContentType` TLS protocol enum. Values in this enum are taken
78	/// from the various RFCs covering TLS, and are listed by IANA.
79	/// The `Unknown` item is used when processing unrecognised ordinals.
80	@U8
81	pub enum ContentType {
82	ChangeCipherSpec => `0x14`,
83	Alert => `0x15`,
84	Handshake => `0x16`,
85	ApplicationData => `0x17`,
86	Heartbeat => `0x18`
87	}
88	}
89
90	enum_builder! {
91	/// The `ProtocolVersion` TLS protocol enum. Values in this enum are taken
92	/// from the various RFCs covering TLS, and are listed by IANA.
93	/// The `Unknown` item is used when processing unrecognised ordinals.
94	@U16
95	pub enum ProtocolVersion {
96	SSLv2 => `0x0200`,
97	SSLv3 => `0x0300`,
98	TLSv1_0 => `0x0301`,
99	TLSv1_1 => `0x0302`,
100	TLSv1_2 => `0x0303`,
101	TLSv1_3 => `0x0304`,
102	DTLSv1_0 => `0xFEFF`,
103	DTLSv1_2 => `0xFEFD`,
104	DTLSv1_3 => `0xFEFC`
105	}
106	}
107
108	enum_builder! {
109	/// The `CipherSuite` TLS protocol enum. Values in this enum are taken
110	/// from the various RFCs covering TLS, and are listed by IANA.
111	/// The `Unknown` item is used when processing unrecognised ordinals.
112	@U16
113	pub enum CipherSuite {
114	TLS_NULL_WITH_NULL_NULL => `0x0000`,
115	TLS_RSA_WITH_NULL_MD5 => `0x0001`,
116	TLS_RSA_WITH_NULL_SHA => `0x0002`,
117	TLS_RSA_EXPORT_WITH_RC4_40_MD5 => `0x0003`,
118	TLS_RSA_WITH_RC4_128_MD5 => `0x0004`,
119	TLS_RSA_WITH_RC4_128_SHA => `0x0005`,
120	TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 => `0x0006`,
121	TLS_RSA_WITH_IDEA_CBC_SHA => `0x0007`,
122	TLS_RSA_EXPORT_WITH_DES40_CBC_SHA => `0x0008`,
123	TLS_RSA_WITH_DES_CBC_SHA => `0x0009`,
124	TLS_RSA_WITH_3DES_EDE_CBC_SHA => `0x000a`,
125	TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA => `0x000b`,
126	TLS_DH_DSS_WITH_DES_CBC_SHA => `0x000c`,
127	TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA => `0x000d`,
128	TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA => `0x000e`,
129	TLS_DH_RSA_WITH_DES_CBC_SHA => `0x000f`,
130	TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA => `0x0010`,
131	TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA => `0x0011`,
132	TLS_DHE_DSS_WITH_DES_CBC_SHA => `0x0012`,
133	TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA => `0x0013`,
134	TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA => `0x0014`,
135	TLS_DHE_RSA_WITH_DES_CBC_SHA => `0x0015`,
136	TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA => `0x0016`,
137	TLS_DH_anon_EXPORT_WITH_RC4_40_MD5 => `0x0017`,
138	TLS_DH_anon_WITH_RC4_128_MD5 => `0x0018`,
139	TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA => `0x0019`,
140	TLS_DH_anon_WITH_DES_CBC_SHA => `0x001a`,
141	TLS_DH_anon_WITH_3DES_EDE_CBC_SHA => `0x001b`,
142	SSL_FORTEZZA_KEA_WITH_NULL_SHA => `0x001c`,
143	SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA => `0x001d`,
144	TLS_KRB5_WITH_DES_CBC_SHA_or_SSL_FORTEZZA_KEA_WITH_RC4_128_SHA => `0x001e`,
145	TLS_KRB5_WITH_3DES_EDE_CBC_SHA => `0x001f`,
146	TLS_KRB5_WITH_RC4_128_SHA => `0x0020`,
147	TLS_KRB5_WITH_IDEA_CBC_SHA => `0x0021`,
148	TLS_KRB5_WITH_DES_CBC_MD5 => `0x0022`,
149	TLS_KRB5_WITH_3DES_EDE_CBC_MD5 => `0x0023`,
150	TLS_KRB5_WITH_RC4_128_MD5 => `0x0024`,
151	TLS_KRB5_WITH_IDEA_CBC_MD5 => `0x0025`,
152	TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA => `0x0026`,
153	TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA => `0x0027`,
154	TLS_KRB5_EXPORT_WITH_RC4_40_SHA => `0x0028`,
155	TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5 => `0x0029`,
156	TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5 => `0x002a`,
157	TLS_KRB5_EXPORT_WITH_RC4_40_MD5 => `0x002b`,
158	TLS_PSK_WITH_NULL_SHA => `0x002c`,
159	TLS_DHE_PSK_WITH_NULL_SHA => `0x002d`,
160	TLS_RSA_PSK_WITH_NULL_SHA => `0x002e`,
161	TLS_RSA_WITH_AES_128_CBC_SHA => `0x002f`,
162	TLS_DH_DSS_WITH_AES_128_CBC_SHA => `0x0030`,
163	TLS_DH_RSA_WITH_AES_128_CBC_SHA => `0x0031`,
164	TLS_DHE_DSS_WITH_AES_128_CBC_SHA => `0x0032`,
165	TLS_DHE_RSA_WITH_AES_128_CBC_SHA => `0x0033`,
166	TLS_DH_anon_WITH_AES_128_CBC_SHA => `0x0034`,
167	TLS_RSA_WITH_AES_256_CBC_SHA => `0x0035`,
168	TLS_DH_DSS_WITH_AES_256_CBC_SHA => `0x0036`,
169	TLS_DH_RSA_WITH_AES_256_CBC_SHA => `0x0037`,
170	TLS_DHE_DSS_WITH_AES_256_CBC_SHA => `0x0038`,
171	TLS_DHE_RSA_WITH_AES_256_CBC_SHA => `0x0039`,
172	TLS_DH_anon_WITH_AES_256_CBC_SHA => `0x003a`,
173	TLS_RSA_WITH_NULL_SHA256 => `0x003b`,
174	TLS_RSA_WITH_AES_128_CBC_SHA256 => `0x003c`,
175	TLS_RSA_WITH_AES_256_CBC_SHA256 => `0x003d`,
176	TLS_DH_DSS_WITH_AES_128_CBC_SHA256 => `0x003e`,
177	TLS_DH_RSA_WITH_AES_128_CBC_SHA256 => `0x003f`,
178	TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 => `0x0040`,
179	TLS_RSA_WITH_CAMELLIA_128_CBC_SHA => `0x0041`,
180	TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA => `0x0042`,
181	TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA => `0x0043`,
182	TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA => `0x0044`,
183	TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA => `0x0045`,
184	TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA => `0x0046`,
185	TLS_ECDH_ECDSA_WITH_NULL_SHA_draft => `0x0047`,
186	TLS_ECDH_ECDSA_WITH_RC4_128_SHA_draft => `0x0048`,
187	TLS_ECDH_ECDSA_WITH_DES_CBC_SHA_draft => `0x0049`,
188	TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA_draft => `0x004a`,
189	TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA_draft => `0x004b`,
190	TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA_draft => `0x004c`,
191	TLS_ECDH_ECNRA_WITH_DES_CBC_SHA_draft => `0x004d`,
192	TLS_ECDH_ECNRA_WITH_3DES_EDE_CBC_SHA_draft => `0x004e`,
193	TLS_ECMQV_ECDSA_NULL_SHA_draft => `0x004f`,
194	TLS_ECMQV_ECDSA_WITH_RC4_128_SHA_draft => `0x0050`,
195	TLS_ECMQV_ECDSA_WITH_DES_CBC_SHA_draft => `0x0051`,
196	TLS_ECMQV_ECDSA_WITH_3DES_EDE_CBC_SHA_draft => `0x0052`,
197	TLS_ECMQV_ECNRA_NULL_SHA_draft => `0x0053`,
198	TLS_ECMQV_ECNRA_WITH_RC4_128_SHA_draft => `0x0054`,
199	TLS_ECMQV_ECNRA_WITH_DES_CBC_SHA_draft => `0x0055`,
200	TLS_ECMQV_ECNRA_WITH_3DES_EDE_CBC_SHA_draft => `0x0056`,
201	TLS_ECDH_anon_NULL_WITH_SHA_draft => `0x0057`,
202	TLS_ECDH_anon_WITH_RC4_128_SHA_draft => `0x0058`,
203	TLS_ECDH_anon_WITH_DES_CBC_SHA_draft => `0x0059`,
204	TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA_draft => `0x005a`,
205	TLS_ECDH_anon_EXPORT_WITH_DES40_CBC_SHA_draft => `0x005b`,
206	TLS_ECDH_anon_EXPORT_WITH_RC4_40_SHA_draft => `0x005c`,
207	TLS_RSA_EXPORT1024_WITH_RC4_56_MD5 => `0x0060`,
208	TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 => `0x0061`,
209	TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA => `0x0062`,
210	TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA => `0x0063`,
211	TLS_RSA_EXPORT1024_WITH_RC4_56_SHA => `0x0064`,
212	TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA => `0x0065`,
213	TLS_DHE_DSS_WITH_RC4_128_SHA => `0x0066`,
214	TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 => `0x0067`,
215	TLS_DH_DSS_WITH_AES_256_CBC_SHA256 => `0x0068`,
216	TLS_DH_RSA_WITH_AES_256_CBC_SHA256 => `0x0069`,
217	TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 => `0x006a`,
218	TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 => `0x006b`,
219	TLS_DH_anon_WITH_AES_128_CBC_SHA256 => `0x006c`,
220	TLS_DH_anon_WITH_AES_256_CBC_SHA256 => `0x006d`,
221	TLS_DHE_DSS_WITH_3DES_EDE_CBC_RMD => `0x0072`,
222	TLS_DHE_DSS_WITH_AES_128_CBC_RMD => `0x0073`,
223	TLS_DHE_DSS_WITH_AES_256_CBC_RMD => `0x0074`,
224	TLS_DHE_RSA_WITH_3DES_EDE_CBC_RMD => `0x0077`,
225	TLS_DHE_RSA_WITH_AES_128_CBC_RMD => `0x0078`,
226	TLS_DHE_RSA_WITH_AES_256_CBC_RMD => `0x0079`,
227	TLS_RSA_WITH_3DES_EDE_CBC_RMD => `0x007c`,
228	TLS_RSA_WITH_AES_128_CBC_RMD => `0x007d`,
229	TLS_RSA_WITH_AES_256_CBC_RMD => `0x007e`,
230	TLS_GOSTR341094_WITH_28147_CNT_IMIT => `0x0080`,
231	TLS_GOSTR341001_WITH_28147_CNT_IMIT => `0x0081`,
232	TLS_GOSTR341094_WITH_NULL_GOSTR3411 => `0x0082`,
233	TLS_GOSTR341001_WITH_NULL_GOSTR3411 => `0x0083`,
234	TLS_RSA_WITH_CAMELLIA_256_CBC_SHA => `0x0084`,
235	TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA => `0x0085`,
236	TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA => `0x0086`,
237	TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA => `0x0087`,
238	TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA => `0x0088`,
239	TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA => `0x0089`,
240	TLS_PSK_WITH_RC4_128_SHA => `0x008a`,
241	TLS_PSK_WITH_3DES_EDE_CBC_SHA => `0x008b`,
242	TLS_PSK_WITH_AES_128_CBC_SHA => `0x008c`,
243	TLS_PSK_WITH_AES_256_CBC_SHA => `0x008d`,
244	TLS_DHE_PSK_WITH_RC4_128_SHA => `0x008e`,
245	TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA => `0x008f`,
246	TLS_DHE_PSK_WITH_AES_128_CBC_SHA => `0x0090`,
247	TLS_DHE_PSK_WITH_AES_256_CBC_SHA => `0x0091`,
248	TLS_RSA_PSK_WITH_RC4_128_SHA => `0x0092`,
249	TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA => `0x0093`,
250	TLS_RSA_PSK_WITH_AES_128_CBC_SHA => `0x0094`,
251	TLS_RSA_PSK_WITH_AES_256_CBC_SHA => `0x0095`,
252	TLS_RSA_WITH_SEED_CBC_SHA => `0x0096`,
253	TLS_DH_DSS_WITH_SEED_CBC_SHA => `0x0097`,
254	TLS_DH_RSA_WITH_SEED_CBC_SHA => `0x0098`,
255	TLS_DHE_DSS_WITH_SEED_CBC_SHA => `0x0099`,
256	TLS_DHE_RSA_WITH_SEED_CBC_SHA => `0x009a`,
257	TLS_DH_anon_WITH_SEED_CBC_SHA => `0x009b`,
258	TLS_RSA_WITH_AES_128_GCM_SHA256 => `0x009c`,
259	TLS_RSA_WITH_AES_256_GCM_SHA384 => `0x009d`,
260	TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 => `0x009e`,
261	TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 => `0x009f`,
262	TLS_DH_RSA_WITH_AES_128_GCM_SHA256 => `0x00a0`,
263	TLS_DH_RSA_WITH_AES_256_GCM_SHA384 => `0x00a1`,
264	TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 => `0x00a2`,
265	TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 => `0x00a3`,
266	TLS_DH_DSS_WITH_AES_128_GCM_SHA256 => `0x00a4`,
267	TLS_DH_DSS_WITH_AES_256_GCM_SHA384 => `0x00a5`,
268	TLS_DH_anon_WITH_AES_128_GCM_SHA256 => `0x00a6`,
269	TLS_DH_anon_WITH_AES_256_GCM_SHA384 => `0x00a7`,
270	TLS_PSK_WITH_AES_128_GCM_SHA256 => `0x00a8`,
271	TLS_PSK_WITH_AES_256_GCM_SHA384 => `0x00a9`,
272	TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 => `0x00aa`,
273	TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 => `0x00ab`,
274	TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 => `0x00ac`,
275	TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 => `0x00ad`,
276	TLS_PSK_WITH_AES_128_CBC_SHA256 => `0x00ae`,
277	TLS_PSK_WITH_AES_256_CBC_SHA384 => `0x00af`,
278	TLS_PSK_WITH_NULL_SHA256 => `0x00b0`,
279	TLS_PSK_WITH_NULL_SHA384 => `0x00b1`,
280	TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 => `0x00b2`,
281	TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 => `0x00b3`,
282	TLS_DHE_PSK_WITH_NULL_SHA256 => `0x00b4`,
283	TLS_DHE_PSK_WITH_NULL_SHA384 => `0x00b5`,
284	TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 => `0x00b6`,
285	TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 => `0x00b7`,
286	TLS_RSA_PSK_WITH_NULL_SHA256 => `0x00b8`,
287	TLS_RSA_PSK_WITH_NULL_SHA384 => `0x00b9`,
288	TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 => `0x00ba`,
289	TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 => `0x00bb`,
290	TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 => `0x00bc`,
291	TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 => `0x00bd`,
292	TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 => `0x00be`,
293	TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256 => `0x00bf`,
294	TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 => `0x00c0`,
295	TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 => `0x00c1`,
296	TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 => `0x00c2`,
297	TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 => `0x00c3`,
298	TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 => `0x00c4`,
299	TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256 => `0x00c5`,
300	TLS_EMPTY_RENEGOTIATION_INFO_SCSV => `0x00ff`,
301	TLS13_AES_128_GCM_SHA256 => `0x1301`,
302	TLS13_AES_256_GCM_SHA384 => `0x1302`,
303	TLS13_CHACHA20_POLY1305_SHA256 => `0x1303`,
304	TLS13_AES_128_CCM_SHA256 => `0x1304`,
305	TLS13_AES_128_CCM_8_SHA256 => `0x1305`,
306	TLS_ECDH_ECDSA_WITH_NULL_SHA => `0xc001`,
307	TLS_ECDH_ECDSA_WITH_RC4_128_SHA => `0xc002`,
308	TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA => `0xc003`,
309	TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA => `0xc004`,
310	TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA => `0xc005`,
311	TLS_ECDHE_ECDSA_WITH_NULL_SHA => `0xc006`,
312	TLS_ECDHE_ECDSA_WITH_RC4_128_SHA => `0xc007`,
313	TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA => `0xc008`,
314	TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA => `0xc009`,
315	TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA => `0xc00a`,
316	TLS_ECDH_RSA_WITH_NULL_SHA => `0xc00b`,
317	TLS_ECDH_RSA_WITH_RC4_128_SHA => `0xc00c`,
318	TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA => `0xc00d`,
319	TLS_ECDH_RSA_WITH_AES_128_CBC_SHA => `0xc00e`,
320	TLS_ECDH_RSA_WITH_AES_256_CBC_SHA => `0xc00f`,
321	TLS_ECDHE_RSA_WITH_NULL_SHA => `0xc010`,
322	TLS_ECDHE_RSA_WITH_RC4_128_SHA => `0xc011`,
323	TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA => `0xc012`,
324	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA => `0xc013`,
325	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA => `0xc014`,
326	TLS_ECDH_anon_WITH_NULL_SHA => `0xc015`,
327	TLS_ECDH_anon_WITH_RC4_128_SHA => `0xc016`,
328	TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA => `0xc017`,
329	TLS_ECDH_anon_WITH_AES_128_CBC_SHA => `0xc018`,
330	TLS_ECDH_anon_WITH_AES_256_CBC_SHA => `0xc019`,
331	TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA => `0xc01a`,
332	TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA => `0xc01b`,
333	TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA => `0xc01c`,
334	TLS_SRP_SHA_WITH_AES_128_CBC_SHA => `0xc01d`,
335	TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA => `0xc01e`,
336	TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA => `0xc01f`,
337	TLS_SRP_SHA_WITH_AES_256_CBC_SHA => `0xc020`,
338	TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA => `0xc021`,
339	TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA => `0xc022`,
340	TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 => `0xc023`,
341	TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 => `0xc024`,
342	TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 => `0xc025`,
343	TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 => `0xc026`,
344	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 => `0xc027`,
345	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 => `0xc028`,
346	TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 => `0xc029`,
347	TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 => `0xc02a`,
348	TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 => `0xc02b`,
349	TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 => `0xc02c`,
350	TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 => `0xc02d`,
351	TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 => `0xc02e`,
352	TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 => `0xc02f`,
353	TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 => `0xc030`,
354	TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 => `0xc031`,
355	TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 => `0xc032`,
356	TLS_ECDHE_PSK_WITH_RC4_128_SHA => `0xc033`,
357	TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA => `0xc034`,
358	TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA => `0xc035`,
359	TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA => `0xc036`,
360	TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 => `0xc037`,
361	TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 => `0xc038`,
362	TLS_ECDHE_PSK_WITH_NULL_SHA => `0xc039`,
363	TLS_ECDHE_PSK_WITH_NULL_SHA256 => `0xc03a`,
364	TLS_ECDHE_PSK_WITH_NULL_SHA384 => `0xc03b`,
365	TLS_RSA_WITH_ARIA_128_CBC_SHA256 => `0xc03c`,
366	TLS_RSA_WITH_ARIA_256_CBC_SHA384 => `0xc03d`,
367	TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256 => `0xc03e`,
368	TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384 => `0xc03f`,
369	TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256 => `0xc040`,
370	TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384 => `0xc041`,
371	TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256 => `0xc042`,
372	TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384 => `0xc043`,
373	TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 => `0xc044`,
374	TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 => `0xc045`,
375	TLS_DH_anon_WITH_ARIA_128_CBC_SHA256 => `0xc046`,
376	TLS_DH_anon_WITH_ARIA_256_CBC_SHA384 => `0xc047`,
377	TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 => `0xc048`,
378	TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 => `0xc049`,
379	TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 => `0xc04a`,
380	TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384 => `0xc04b`,
381	TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 => `0xc04c`,
382	TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 => `0xc04d`,
383	TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256 => `0xc04e`,
384	TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384 => `0xc04f`,
385	TLS_RSA_WITH_ARIA_128_GCM_SHA256 => `0xc050`,
386	TLS_RSA_WITH_ARIA_256_GCM_SHA384 => `0xc051`,
387	TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 => `0xc052`,
388	TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 => `0xc053`,
389	TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256 => `0xc054`,
390	TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384 => `0xc055`,
391	TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256 => `0xc056`,
392	TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384 => `0xc057`,
393	TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256 => `0xc058`,
394	TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384 => `0xc059`,
395	TLS_DH_anon_WITH_ARIA_128_GCM_SHA256 => `0xc05a`,
396	TLS_DH_anon_WITH_ARIA_256_GCM_SHA384 => `0xc05b`,
397	TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 => `0xc05c`,
398	TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 => `0xc05d`,
399	TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 => `0xc05e`,
400	TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 => `0xc05f`,
401	TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 => `0xc060`,
402	TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 => `0xc061`,
403	TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 => `0xc062`,
404	TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 => `0xc063`,
405	TLS_PSK_WITH_ARIA_128_CBC_SHA256 => `0xc064`,
406	TLS_PSK_WITH_ARIA_256_CBC_SHA384 => `0xc065`,
407	TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 => `0xc066`,
408	TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 => `0xc067`,
409	TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 => `0xc068`,
410	TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 => `0xc069`,
411	TLS_PSK_WITH_ARIA_128_GCM_SHA256 => `0xc06a`,
412	TLS_PSK_WITH_ARIA_256_GCM_SHA384 => `0xc06b`,
413	TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 => `0xc06c`,
414	TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 => `0xc06d`,
415	TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 => `0xc06e`,
416	TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 => `0xc06f`,
417	TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 => `0xc070`,
418	TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 => `0xc071`,
419	TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 => `0xc072`,
420	TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 => `0xc073`,
421	TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 => `0xc074`,
422	TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 => `0xc075`,
423	TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 => `0xc076`,
424	TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 => `0xc077`,
425	TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 => `0xc078`,
426	TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 => `0xc079`,
427	TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 => `0xc07a`,
428	TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 => `0xc07b`,
429	TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 => `0xc07c`,
430	TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 => `0xc07d`,
431	TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256 => `0xc07e`,
432	TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384 => `0xc07f`,
433	TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256 => `0xc080`,
434	TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384 => `0xc081`,
435	TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256 => `0xc082`,
436	TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384 => `0xc083`,
437	TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256 => `0xc084`,
438	TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384 => `0xc085`,
439	TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 => `0xc086`,
440	TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 => `0xc087`,
441	TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 => `0xc088`,
442	TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 => `0xc089`,
443	TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 => `0xc08a`,
444	TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 => `0xc08b`,
445	TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 => `0xc08c`,
446	TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 => `0xc08d`,
447	TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 => `0xc08e`,
448	TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 => `0xc08f`,
449	TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 => `0xc090`,
450	TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 => `0xc091`,
451	TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 => `0xc092`,
452	TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 => `0xc093`,
453	TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 => `0xc094`,
454	TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 => `0xc095`,
455	TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 => `0xc096`,
456	TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 => `0xc097`,
457	TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 => `0xc098`,
458	TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 => `0xc099`,
459	TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 => `0xc09a`,
460	TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 => `0xc09b`,
461	TLS_RSA_WITH_AES_128_CCM => `0xc09c`,
462	TLS_RSA_WITH_AES_256_CCM => `0xc09d`,
463	TLS_DHE_RSA_WITH_AES_128_CCM => `0xc09e`,
464	TLS_DHE_RSA_WITH_AES_256_CCM => `0xc09f`,
465	TLS_RSA_WITH_AES_128_CCM_8 => `0xc0a0`,
466	TLS_RSA_WITH_AES_256_CCM_8 => `0xc0a1`,
467	TLS_DHE_RSA_WITH_AES_128_CCM_8 => `0xc0a2`,
468	TLS_DHE_RSA_WITH_AES_256_CCM_8 => `0xc0a3`,
469	TLS_PSK_WITH_AES_128_CCM => `0xc0a4`,
470	TLS_PSK_WITH_AES_256_CCM => `0xc0a5`,
471	TLS_DHE_PSK_WITH_AES_128_CCM => `0xc0a6`,
472	TLS_DHE_PSK_WITH_AES_256_CCM => `0xc0a7`,
473	TLS_PSK_WITH_AES_128_CCM_8 => `0xc0a8`,
474	TLS_PSK_WITH_AES_256_CCM_8 => `0xc0a9`,
475	TLS_PSK_DHE_WITH_AES_128_CCM_8 => `0xc0aa`,
476	TLS_PSK_DHE_WITH_AES_256_CCM_8 => `0xc0ab`,
477	TLS_ECDHE_ECDSA_WITH_AES_128_CCM => `0xc0ac`,
478	TLS_ECDHE_ECDSA_WITH_AES_256_CCM => `0xc0ad`,
479	TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 => `0xc0ae`,
480	TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 => `0xc0af`,
481	TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 => `0xcca8`,
482	TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 => `0xcca9`,
483	TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 => `0xccaa`,
484	TLS_PSK_WITH_CHACHA20_POLY1305_SHA256 => `0xccab`,
485	TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 => `0xccac`,
486	TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256 => `0xccad`,
487	TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256 => `0xccae`,
488	SSL_RSA_FIPS_WITH_DES_CBC_SHA => `0xfefe`,
489	SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA => `0xfeff`
490	}
491	}
492
493	enum_builder! {
494	/// The `SignatureScheme` TLS protocol enum. Values in this enum are taken
495	/// from the various RFCs covering TLS, and are listed by IANA.
496	/// The `Unknown` item is used when processing unrecognised ordinals.
497	@U16
498	pub enum SignatureScheme {
499	RSA_PKCS1_SHA1 => `0x0201`,
500	ECDSA_SHA1_Legacy => `0x0203`,
501	RSA_PKCS1_SHA256 => `0x0401`,
502	ECDSA_NISTP256_SHA256 => `0x0403`,
503	RSA_PKCS1_SHA384 => `0x0501`,
504	ECDSA_NISTP384_SHA384 => `0x0503`,
505	RSA_PKCS1_SHA512 => `0x0601`,
506	ECDSA_NISTP521_SHA512 => `0x0603`,
507	RSA_PSS_SHA256 => `0x0804`,
508	RSA_PSS_SHA384 => `0x0805`,
509	RSA_PSS_SHA512 => `0x0806`,
510	ED25519 => `0x0807`,
511	ED448 => `0x0808`
512	}
513	}
514
515	impl SignatureScheme {
516	pub(crate) fn sign(&self) -> SignatureAlgorithm {
517	match *self {
518	Self::RSA_PKCS1_SHA1
519	\| Self::RSA_PKCS1_SHA256
520	\| Self::RSA_PKCS1_SHA384
521	\| Self::RSA_PKCS1_SHA512
522	\| Self::RSA_PSS_SHA256
523	\| Self::RSA_PSS_SHA384
524	\| Self::RSA_PSS_SHA512 => SignatureAlgorithm::RSA,
525	Self::ECDSA_NISTP256_SHA256
526	\| Self::ECDSA_NISTP384_SHA384
527	\| Self::ECDSA_NISTP521_SHA512 => SignatureAlgorithm::ECDSA,
528	Self::ED25519 => SignatureAlgorithm::ED25519,
529	Self::ED448 => SignatureAlgorithm::ED448,
530	_ => SignatureAlgorithm::Unknown(`0`),
531	}
532	}
533
534	/// Whether a particular `SignatureScheme` is allowed for TLS protocol signatures
535	/// in TLS1.3.
536	///
537	/// This prevents (eg) RSA_PKCS1_SHA256 being offered or accepted, even if our
538	/// verifier supports it for other protocol versions.
539	///
540	/// See RFC8446 s4.2.3.
541	pub(crate) fn supported_in_tls13(&self) -> bool {
542	matches!(
543	*self,
544	Self::ECDSA_NISTP521_SHA512
545	\| Self::ECDSA_NISTP384_SHA384
546	\| Self::ECDSA_NISTP256_SHA256
547	\| Self::RSA_PSS_SHA512
548	\| Self::RSA_PSS_SHA384
549	\| Self::RSA_PSS_SHA256
550	\| Self::ED25519
551	)
552	}
553	}
554
555	enum_builder! {
556	/// The `SignatureAlgorithm` TLS protocol enum. Values in this enum are taken
557	/// from the various RFCs covering TLS, and are listed by IANA.
558	/// The `Unknown` item is used when processing unrecognised ordinals.
559	@U8
560	pub enum SignatureAlgorithm {
561	Anonymous => `0x00`,
562	RSA => `0x01`,
563	DSA => `0x02`,
564	ECDSA => `0x03`,
565	ED25519 => `0x07`,
566	ED448 => `0x08`
567	}
568	}
569
570	#[cfg(test)]
571	mod tests {
572	use super::*;
573	use crate::msgs::enums::tests::test_enum8;
574
575	#[test]
576	fn test_enums() {
577	test_enum8::<SignatureAlgorithm>(SignatureAlgorithm::Anonymous, SignatureAlgorithm::ECDSA);
578	test_enum8::<ContentType>(ContentType::ChangeCipherSpec, ContentType::Heartbeat);
579	test_enum8::<HandshakeType>(HandshakeType::HelloRequest, HandshakeType::MessageHash);
580	test_enum8::<AlertDescription>(
581	AlertDescription::CloseNotify,
582	AlertDescription::NoApplicationProtocol,
583	);
584	}
585	}
586