LibTLS: Rename NamedCurve to SupportedGroup

This matches the wording used in the IANA registry and TLS 1.3
Also add missing values from the IANA registry

5 files changed, 87 insertions, 24 deletions

diff --git a/Userland/Libraries/LibTLS/Certificate.cpp b/Userland/Libraries/LibTLS/Certificate.cpp
index e93474fe82..f857d22c38 100644
--- a/Userland/Libraries/LibTLS/Certificate.cpp
+++ b/Userland/Libraries/LibTLS/Certificate.cpp
@@ -11,7 +11,7 @@
 #include <LibCrypto/ASN1/ASN1.h>
 #include <LibCrypto/ASN1/DER.h>
 #include <LibCrypto/ASN1/PEM.h>
-#include <LibTLS/CipherSuite.h>
+#include <LibTLS/Extensions.h>
 
 namespace TLS {
 
@@ -112,12 +112,12 @@ constexpr static Array<int, 4>
         }                                                                               \
     } while (0)
 
-static ErrorOr<NamedCurve> oid_to_curve(Vector<int> curve)
+static ErrorOr<SupportedGroup> oid_to_curve(Vector<int> curve)
 {
     if (curve == curve_ansip384r1)
-        return NamedCurve::secp384r1;
+        return SupportedGroup::SECP384R1;
     else if (curve == curve_prime256)
-        return NamedCurve::secp256r1;
+        return SupportedGroup::SECP256R1;
 
     return Error::from_string_view(TRY(String::formatted("Unknown curve oid {}", curve)));
 }
@@ -175,7 +175,7 @@ static ErrorOr<Crypto::UnsignedBigInteger> parse_serial_number(Crypto::ASN1::Dec
     return serial;
 }
 
-static ErrorOr<NamedCurve> parse_ec_parameters(Crypto::ASN1::Decoder& decoder, Vector<StringView> current_scope)
+static ErrorOr<SupportedGroup> parse_ec_parameters(Crypto::ASN1::Decoder& decoder, Vector<StringView> current_scope)
 {
     // ECParameters ::= CHOICE {
     //     namedCurve      OBJECT IDENTIFIER
@@ -314,9 +314,9 @@ static ErrorOr<CertificateKeyAlgorithm> parse_algorithm_identifier(Crypto::ASN1:
         auto ec_parameters = TRY(parse_ec_parameters(decoder, current_scope));
         EXIT_SCOPE();
 
-        if (ec_parameters == NamedCurve::secp256r1)
+        if (ec_parameters == SupportedGroup::SECP256R1)
             return CertificateKeyAlgorithm::ECDSA_SECP256R1;
-        else if (ec_parameters == NamedCurve::secp384r1)
+        else if (ec_parameters == SupportedGroup::SECP384R1)
             return CertificateKeyAlgorithm::ECDSA_SECP384R1;
     }
 
diff --git a/Userland/Libraries/LibTLS/CipherSuite.h b/Userland/Libraries/LibTLS/CipherSuite.h
index 91f9b4e733..422ddc61c0 100644
--- a/Userland/Libraries/LibTLS/CipherSuite.h
+++ b/Userland/Libraries/LibTLS/CipherSuite.h
@@ -189,14 +189,6 @@ constexpr size_t cipher_key_size(CipherAlgorithm algorithm)
     }
 }
 
-enum class NamedCurve : u16 {
-    secp256r1 = 23,
-    secp384r1 = 24,
-    secp521r1 = 25,
-    x25519 = 29,
-    x448 = 30,
-};
-
 enum class ECPointFormat : u8 {
     Uncompressed = 0,
 };
diff --git a/Userland/Libraries/LibTLS/Extensions.h b/Userland/Libraries/LibTLS/Extensions.h
index 0ae608dfeb..54cc5845d6 100644
--- a/Userland/Libraries/LibTLS/Extensions.h
+++ b/Userland/Libraries/LibTLS/Extensions.h
@@ -176,6 +176,77 @@ enum class ECCurveType : u8 {
     __ENUM_EC_CURVE_TYPES
 };
 
+// https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8
+#define __ENUM_SUPPORTED_GROUPS                              \
+    _ENUM_KEY_VALUE(SECT163K1, 0x0001)                       \
+    _ENUM_KEY_VALUE(SECT163R1, 0x0002)                       \
+    _ENUM_KEY_VALUE(SECT163R2, 0x0003)                       \
+    _ENUM_KEY_VALUE(SECT193R1, 0x0004)                       \
+    _ENUM_KEY_VALUE(SECT193R2, 0x0005)                       \
+    _ENUM_KEY_VALUE(SECT233K1, 0x0006)                       \
+    _ENUM_KEY_VALUE(SECT233R1, 0x0007)                       \
+    _ENUM_KEY_VALUE(SECT239K1, 0x0008)                       \
+    _ENUM_KEY_VALUE(SECT283K1, 0x0009)                       \
+    _ENUM_KEY_VALUE(SECT283R1, 0x000a)                       \
+    _ENUM_KEY_VALUE(SECT409K1, 0x000b)                       \
+    _ENUM_KEY_VALUE(SECT409R1, 0x000c)                       \
+    _ENUM_KEY_VALUE(SECT571K1, 0x000d)                       \
+    _ENUM_KEY_VALUE(SECT571R1, 0x000e)                       \
+    _ENUM_KEY_VALUE(SECP160K1, 0x000f)                       \
+    _ENUM_KEY_VALUE(SECP160R1, 0x0010)                       \
+    _ENUM_KEY_VALUE(SECP160R2, 0x0011)                       \
+    _ENUM_KEY_VALUE(SECP192K1, 0x0012)                       \
+    _ENUM_KEY_VALUE(SECP192R1, 0x0013)                       \
+    _ENUM_KEY_VALUE(SECP224K1, 0x0014)                       \
+    _ENUM_KEY_VALUE(SECP224R1, 0x0015)                       \
+    _ENUM_KEY_VALUE(SECP256K1, 0x0016)                       \
+    _ENUM_KEY_VALUE(SECP256R1, 0x0017)                       \
+    _ENUM_KEY_VALUE(SECP384R1, 0x0018)                       \
+    _ENUM_KEY_VALUE(SECP521R1, 0x0019)                       \
+    _ENUM_KEY_VALUE(BRAINPOOLP256R1, 0x001a)                 \
+    _ENUM_KEY_VALUE(BRAINPOOLP384R1, 0x001b)                 \
+    _ENUM_KEY_VALUE(BRAINPOOLP512R1, 0x001c)                 \
+    _ENUM_KEY_VALUE(X25519, 0x001d)                          \
+    _ENUM_KEY_VALUE(X448, 0x001e)                            \
+    _ENUM_KEY_VALUE(BRAINPOOLP256R1TLS13, 0x001f)            \
+    _ENUM_KEY_VALUE(BRAINPOOLP384R1TLS13, 0x0020)            \
+    _ENUM_KEY_VALUE(BRAINPOOLP512R1TLS13, 0x0021)            \
+    _ENUM_KEY_VALUE(GC256A, 0x0022)                          \
+    _ENUM_KEY_VALUE(GC256B, 0x0023)                          \
+    _ENUM_KEY_VALUE(GC256C, 0x0024)                          \
+    _ENUM_KEY_VALUE(GC256D, 0x0025)                          \
+    _ENUM_KEY_VALUE(GC512A, 0x0026)                          \
+    _ENUM_KEY_VALUE(GC512B, 0x0027)                          \
+    _ENUM_KEY_VALUE(GC512C, 0x0028)                          \
+    _ENUM_KEY_VALUE(CURVESM2, 0x0029)                        \
+    _ENUM_KEY_VALUE(FFDHE2048, 0x0100)                       \
+    _ENUM_KEY_VALUE(FFDHE3072, 0x0101)                       \
+    _ENUM_KEY_VALUE(FFDHE4096, 0x0102)                       \
+    _ENUM_KEY_VALUE(FFDHE6144, 0x0103)                       \
+    _ENUM_KEY_VALUE(FFDHE8192, 0x0104)                       \
+    _ENUM_KEY_VALUE(ARBITRARY_EXPLICIT_PRIME_CURVES, 0xff01) \
+    _ENUM_KEY_VALUE(ARBITRARY_EXPLICIT_CHAR2_CURVES, 0xff02) \
+    _ENUM_KEY_VALUE(GREASE_0, 0x0A0A)                        \
+    _ENUM_KEY_VALUE(GREASE_1, 0x1A1A)                        \
+    _ENUM_KEY_VALUE(GREASE_2, 0x2A2A)                        \
+    _ENUM_KEY_VALUE(GREASE_3, 0x3A3A)                        \
+    _ENUM_KEY_VALUE(GREASE_4, 0x4A4A)                        \
+    _ENUM_KEY_VALUE(GREASE_5, 0x5A5A)                        \
+    _ENUM_KEY_VALUE(GREASE_6, 0x6A6A)                        \
+    _ENUM_KEY_VALUE(GREASE_7, 0x7A7A)                        \
+    _ENUM_KEY_VALUE(GREASE_8, 0x8A8A)                        \
+    _ENUM_KEY_VALUE(GREASE_9, 0x9A9A)                        \
+    _ENUM_KEY_VALUE(GREASE_A, 0xAAAA)                        \
+    _ENUM_KEY_VALUE(GREASE_B, 0xBABA)                        \
+    _ENUM_KEY_VALUE(GREASE_C, 0xCACA)                        \
+    _ENUM_KEY_VALUE(GREASE_D, 0xDADA)                        \
+    _ENUM_KEY_VALUE(GREASE_E, 0xEAEA)                        \
+    _ENUM_KEY_VALUE(GREASE_F, 0xFAFA)
+
+enum class SupportedGroup : u16 {
+    __ENUM_SUPPORTED_GROUPS
+};
+
 #undef _ENUM_KEY
 #undef _ENUM_KEY_VALUE
 
diff --git a/Userland/Libraries/LibTLS/HandshakeServer.cpp b/Userland/Libraries/LibTLS/HandshakeServer.cpp
index f3cf7998ec..1268f52a52 100644
--- a/Userland/Libraries/LibTLS/HandshakeServer.cpp
+++ b/Userland/Libraries/LibTLS/HandshakeServer.cpp
@@ -301,18 +301,18 @@ ssize_t TLSv12::handle_ecdhe_rsa_server_key_exchange(ReadonlyBytes buffer)
     if (curve_type != (u8)ECCurveType::NAMED_CURVE)
         return (i8)Error::NotUnderstood;
 
-    auto curve = static_cast<NamedCurve>(AK::convert_between_host_and_network_endian(ByteReader::load16(buffer.offset_pointer(4))));
+    auto curve = static_cast<SupportedGroup>(AK::convert_between_host_and_network_endian(ByteReader::load16(buffer.offset_pointer(4))));
     if (!m_context.options.elliptic_curves.contains_slow(curve))
         return (i8)Error::NotUnderstood;
 
-    switch ((NamedCurve)curve) {
-    case NamedCurve::x25519:
+    switch ((SupportedGroup)curve) {
+    case SupportedGroup::X25519:
         m_context.server_key_exchange_curve = make<Crypto::Curves::X25519>();
         break;
-    case NamedCurve::x448:
+    case SupportedGroup::X448:
         m_context.server_key_exchange_curve = make<Crypto::Curves::X448>();
         break;
-    case NamedCurve::secp256r1:
+    case SupportedGroup::SECP256R1:
         m_context.server_key_exchange_curve = make<Crypto::Curves::SECP256r1>();
         break;
     default:
diff --git a/Userland/Libraries/LibTLS/TLSv12.h b/Userland/Libraries/LibTLS/TLSv12.h
index 66d8c628d0..78498310e8 100644
--- a/Userland/Libraries/LibTLS/TLSv12.h
+++ b/Userland/Libraries/LibTLS/TLSv12.h
@@ -211,10 +211,10 @@ struct Options {
         { HashAlgorithm::SHA384, SignatureAlgorithm::RSA },
         { HashAlgorithm::SHA256, SignatureAlgorithm::RSA },
         { HashAlgorithm::SHA1, SignatureAlgorithm::RSA });
-    OPTION_WITH_DEFAULTS(Vector<NamedCurve>, elliptic_curves,
-        NamedCurve::x25519,
-        NamedCurve::secp256r1,
-        NamedCurve::x448)
+    OPTION_WITH_DEFAULTS(Vector<SupportedGroup>, elliptic_curves,
+        SupportedGroup::X25519,
+        SupportedGroup::SECP256R1,
+        SupportedGroup::X448)
     OPTION_WITH_DEFAULTS(Vector<ECPointFormat>, supported_ec_point_formats, ECPointFormat::Uncompressed)
 
     OPTION_WITH_DEFAULTS(bool, use_sni, true)