diff options
author | lloyd <[email protected]> | 2012-06-29 14:55:56 +0000 |
---|---|---|
committer | lloyd <[email protected]> | 2012-06-29 14:55:56 +0000 |
commit | c0a3a3046dbc39b05056f5539e68060c67a25f17 (patch) | |
tree | d3e0c8253125375a32bcd0c0ef0d281a981326cf /src/tls/tls_policy.cpp | |
parent | 4b1568e323f95015cb217bf3d1b6a80bf786230e (diff) |
Split TLS::Policy::allowed_hashes into allowed_signature_hashes and
allowed_macs. This allows someone to turn on MD5 for message auth,
which is a little sketchy but probably OK, without also (likely
unintentionally) enabling MD5 for TLS v1.2 signatures, which would be
a big problem.
Prioritize RC4 over 3DES in default policy.
Disable ECC curves smaller than 224 bits by default.
More updates to the TLS policy documentation.
Diffstat (limited to 'src/tls/tls_policy.cpp')
-rw-r--r-- | src/tls/tls_policy.cpp | 43 |
1 files changed, 26 insertions, 17 deletions
diff --git a/src/tls/tls_policy.cpp b/src/tls/tls_policy.cpp index 87f8b5a14..c48ed274e 100644 --- a/src/tls/tls_policy.cpp +++ b/src/tls/tls_policy.cpp @@ -21,15 +21,15 @@ std::vector<std::string> Policy::allowed_ciphers() const return std::vector<std::string>({ "AES-256", "AES-128", - "3DES", "ARC4", + "3DES", //"Camellia-256", //"Camellia-128", //"SEED" }); } -std::vector<std::string> Policy::allowed_hashes() const +std::vector<std::string> Policy::allowed_signature_hashes() const { return std::vector<std::string>({ "SHA-512", @@ -41,6 +41,16 @@ std::vector<std::string> Policy::allowed_hashes() const }); } +std::vector<std::string> Policy::allowed_macs() const + { + return std::vector<std::string>({ + "SHA-384", + "SHA-256", + "SHA-1", + //"MD5", + }); + } + std::vector<std::string> Policy::allowed_key_exchange_methods() const { return std::vector<std::string>({ @@ -73,11 +83,11 @@ std::vector<std::string> Policy::allowed_ecc_curves() const "secp256k1", "secp224r1", "secp224k1", - "secp192r1", - "secp192k1", - "secp160r2", - "secp160r1", - "secp160k1", + //"secp192r1", + //"secp192k1", + //"secp160r2", + //"secp160r1", + //"secp160k1", }); } @@ -136,10 +146,10 @@ class Ciphersuite_Preference_Ordering { public: Ciphersuite_Preference_Ordering(const std::vector<std::string>& ciphers, - const std::vector<std::string>& hashes, + const std::vector<std::string>& macs, const std::vector<std::string>& kex, const std::vector<std::string>& sigs) : - m_ciphers(ciphers), m_hashes(hashes), m_kex(kex), m_sigs(sigs) {} + m_ciphers(ciphers), m_macs(macs), m_kex(kex), m_sigs(sigs) {} bool operator()(const Ciphersuite& a, const Ciphersuite& b) const { @@ -186,11 +196,11 @@ class Ciphersuite_Preference_Ordering if(a.mac_algo() != b.mac_algo()) { - for(size_t i = 0; i != m_hashes.size(); ++i) + for(size_t i = 0; i != m_macs.size(); ++i) { - if(a.mac_algo() == m_hashes[i]) + if(a.mac_algo() == m_macs[i]) return true; - if(b.mac_algo() == m_hashes[i]) + if(b.mac_algo() == m_macs[i]) return false; } } @@ -198,8 +208,7 @@ class Ciphersuite_Preference_Ordering return false; // equal (?!?) } private: - std::vector<std::string> m_ciphers, m_hashes, m_kex, m_sigs; - + std::vector<std::string> m_ciphers, m_macs, m_kex, m_sigs; }; } @@ -208,11 +217,11 @@ std::vector<u16bit> ciphersuite_list(const Policy& policy, bool have_srp) { const std::vector<std::string> ciphers = policy.allowed_ciphers(); - const std::vector<std::string> hashes = policy.allowed_hashes(); + const std::vector<std::string> macs = policy.allowed_macs(); const std::vector<std::string> kex = policy.allowed_key_exchange_methods(); const std::vector<std::string> sigs = policy.allowed_signature_methods(); - Ciphersuite_Preference_Ordering order(ciphers, hashes, kex, sigs); + Ciphersuite_Preference_Ordering order(ciphers, macs, kex, sigs); std::set<Ciphersuite, Ciphersuite_Preference_Ordering> ciphersuites(order); @@ -227,7 +236,7 @@ std::vector<u16bit> ciphersuite_list(const Policy& policy, if(!value_exists(ciphers, suite.cipher_algo())) continue; // unsupported cipher - if(!value_exists(hashes, suite.mac_algo())) + if(!value_exists(macs, suite.mac_algo())) continue; // unsupported MAC algo if(!value_exists(sigs, suite.sig_algo())) |