diff options
author | lloyd <[email protected]> | 2012-03-16 17:32:40 +0000 |
---|---|---|
committer | lloyd <[email protected]> | 2012-03-16 17:32:40 +0000 |
commit | 1fce3fe2274cf3368e1f29827ed0f41cebba3726 (patch) | |
tree | 7a83f1d6d8fcf08dc8120aafba718dd11c1e52b7 /src/tls/tls_policy.h | |
parent | 4c6327c95bd01de54487b3159b77a5152ed39564 (diff) | |
parent | 7371f7c59ae722769fbc0dc810583a0cd0e38877 (diff) |
propagate from branch 'net.randombit.botan.tls-state-machine' (head c24b5d6b012131b177d38bddb8b06d73f81f70c4)
to branch 'net.randombit.botan.tls-session-ticket' (head 9977d4c118e1ac26425cef676ebf26cd5b2a470e)
Diffstat (limited to 'src/tls/tls_policy.h')
-rw-r--r-- | src/tls/tls_policy.h | 115 |
1 files changed, 86 insertions, 29 deletions
diff --git a/src/tls/tls_policy.h b/src/tls/tls_policy.h index 48ff9185e..f53b9bab6 100644 --- a/src/tls/tls_policy.h +++ b/src/tls/tls_policy.h @@ -8,62 +8,119 @@ #ifndef BOTAN_TLS_POLICY_H__ #define BOTAN_TLS_POLICY_H__ -#include <botan/tls_magic.h> +#include <botan/tls_version.h> #include <botan/x509cert.h> #include <botan/dl_group.h> #include <vector> namespace Botan { +namespace TLS { + /** * TLS Policy Base Class -* Inherit and overload as desired to suite local policy concerns +* Inherit and overload as desired to suit local policy concerns */ -class BOTAN_DLL TLS_Policy +class BOTAN_DLL Policy { public: - std::vector<u16bit> ciphersuites(bool have_srp) const; - virtual std::vector<byte> compression() const; - virtual u16bit choose_suite(const std::vector<u16bit>& client_suites, - bool rsa_ok, - bool dsa_ok, - bool srp_ok) const; + /** + * Returns a list of ciphers we are willing to negotiate, in + * order of preference. Allowed values: any block cipher name, or + * ARC4. + */ + virtual std::vector<std::string> allowed_ciphers() const; + + /** + * Returns a list of hash algorithms we are willing to use, in + * order of preference. This is used for both MACs and signatures. + * Allowed values: any hash name, though currently only MD5, + * SHA-1, and the SHA-2 variants are used. + */ + virtual std::vector<std::string> allowed_hashes() const; + + /** + * Returns a list of key exchange algorithms we are willing to + * use, in order of preference. Allowed values: DH, empty string + * (representing RSA using server certificate key) + */ + virtual std::vector<std::string> allowed_key_exchange_methods() const; - virtual byte choose_compression(const std::vector<byte>& client) const; + /** + * Returns a list of signature algorithms we are willing to + * use, in order of preference. Allowed values RSA and DSA. + */ + virtual std::vector<std::string> allowed_signature_methods() const; - virtual bool allow_static_rsa() const { return true; } - virtual bool allow_edh_rsa() const { return true; } - virtual bool allow_edh_dsa() const { return true; } - virtual bool allow_srp() const { return true; } + /** + * Return list of ECC curves we are willing to use in order of preference + */ + virtual std::vector<std::string> allowed_ecc_curves() const; - virtual bool require_client_auth() const { return false; } + /** + * Returns a list of signature algorithms we are willing to use, + * in order of preference. Allowed values any value of + * Compression_Method. + */ + virtual std::vector<byte> compression() const; + /** + * Choose an elliptic curve to use + */ + virtual std::string choose_curve(const std::vector<std::string>& curve_names) const; + + /** + * Require support for RFC 5746 extensions to enable + * renegotiation. + * + * @warning Changing this to false exposes you to injected + * plaintext attacks. Read the RFC for background. + */ virtual bool require_secure_renegotiation() const { return true; } - virtual DL_Group dh_group() const; - virtual size_t rsa_export_keysize() const { return 512; } + /** + * Return the group to use for ephemeral Diffie-Hellman key agreement + */ + virtual DL_Group dh_group() const { return DL_Group("modp/ietf/1536"); } + + /** + * If this function returns false, unknown SRP/PSK identifiers + * will be rejected with an unknown_psk_identifier alert as soon + * as the non-existence is identified. Otherwise, a false + * identifier value will be used and the protocol allowed to + * proceed, causing the login to eventually fail without + * revealing that the username does not exist on this system. + */ + virtual bool hide_unknown_users() const { return false; } - /* - * @return the minimum version that we will negotiate + /** + * @return the minimum version that we are willing to negotiate */ - virtual Version_Code min_version() const { return SSL_V3; } + virtual Protocol_Version min_version() const; - /* + /** * @return the version we would prefer to negotiate */ - virtual Version_Code pref_version() const { return TLS_V11; } + virtual Protocol_Version pref_version() const; - virtual bool check_cert(const std::vector<X509_Certificate>& cert_chain) const = 0; + /** + * Return allowed ciphersuites, in order of preference + */ + std::vector<u16bit> ciphersuite_list(bool have_srp) const; + + u16bit choose_suite(const std::vector<u16bit>& client_suites, + const std::vector<std::string>& available_cert_types, + bool have_shared_ecc_curve, + bool have_srp) const; + + byte choose_compression(const std::vector<byte>& client_algos) const; - virtual ~TLS_Policy() {} - private: - virtual std::vector<u16bit> suite_list(bool use_rsa, - bool use_edh_rsa, - bool use_edh_dsa, - bool use_srp) const; + virtual ~Policy() {} }; } +} + #endif |