diff options
| -rw-r--r-- | news.rst | 4 | ||||
| -rw-r--r-- | src/lib/tls/tls_policy.cpp | 3 | ||||
| -rw-r--r-- | src/lib/tls/tls_policy.h | 55 | ||||
| -rw-r--r-- | src/tests/data/tls-policy/bsi.txt (renamed from tls-policy/BSI_TR-02102-2.txt) | 2 | ||||
| -rw-r--r-- | src/tests/data/tls-policy/datagram.txt | 2 | ||||
| -rw-r--r-- | src/tests/data/tls-policy/default.txt | 2 | ||||
| -rw-r--r-- | src/tests/data/tls-policy/strict.txt | 2 | ||||
| -rw-r--r-- | src/tests/data/tls-policy/suiteb.txt | 2 | ||||
| -rw-r--r-- | src/tests/unit_tls.cpp | 4 |
9 files changed, 68 insertions, 8 deletions
@@ -24,6 +24,10 @@ Version 1.11.35, Not Yet Released * Allow use of custom extensions when creating X.509 certificates (GH #744) +* The default TLS policy now requires 2048 or larger DH groups by default. + +* Add BSI_TR_02102_2 TLS::Policy subclass representing BSI TR-02102-2 recomendations. + * The default Path_Validation_Restrictions constructor has changed to require at least 110 bit signature strength. This means 1024 bit RSA certificates and also SHA-1 certificates are rejected by default. diff --git a/src/lib/tls/tls_policy.cpp b/src/lib/tls/tls_policy.cpp index ae200ff47..1fff936fa 100644 --- a/src/lib/tls/tls_policy.cpp +++ b/src/lib/tls/tls_policy.cpp @@ -140,8 +140,7 @@ std::string Policy::dh_group() const size_t Policy::minimum_dh_group_size() const { - // Many servers still send 1024 bit - return 1024; + return 2048; } size_t Policy::minimum_ecdsa_group_size() const diff --git a/src/lib/tls/tls_policy.h b/src/lib/tls/tls_policy.h index 9fd3561a3..6f617c673 100644 --- a/src/lib/tls/tls_policy.h +++ b/src/lib/tls/tls_policy.h @@ -334,6 +334,61 @@ class BOTAN_DLL NSA_Suite_B_128 : public Policy }; /** +* BSI TR-02102-2 Policy +*/ +class BOTAN_DLL BSI_TR_02102_2 : public Policy + { + public: + std::vector<std::string> allowed_ciphers() const override + { + return std::vector<std::string>({"AES-256/GCM", "AES-128/GCM", "AES-256", "AES-128" }); + } + + std::vector<std::string> allowed_signature_hashes() const override + { + return std::vector<std::string>({"SHA-384", "SHA-256"}); + } + + std::vector<std::string> allowed_macs() const override + { + return std::vector<std::string>({"AEAD", "SHA-384", "SHA-256"}); + } + + std::vector<std::string> allowed_key_exchange_methods() const override + { + return std::vector<std::string>({"ECDH", "DH", "PSK", "ECDHE_PSK", "DHE_PSK"}); + } + + std::vector<std::string> allowed_signature_methods() const override + { + return std::vector<std::string>({"ECDSA", "RSA", "DSA"}); + } + + std::vector<std::string> allowed_ecc_curves() const override + { + return std::vector<std::string>({"brainpool512r1", "brainpool384r1", "brainpool256r1", "secp384r1", "secp256r1"}); + } + + bool allow_insecure_renegotiation() const override { return false; } + bool allow_server_initiated_renegotiation() const override { return true; } + bool server_uses_own_ciphersuite_preferences() const override { return true; } + bool negotiate_encrypt_then_mac() const override { return true; } + + size_t minimum_rsa_bits() const override { return 2000; } + size_t minimum_dh_group_size() const override { return 2000; } + size_t minimum_dsa_group_size() const override { return 2000; } + + size_t minimum_ecdh_group_size() const override { return 250; } + size_t minimum_ecdsa_group_size() const override { return 250; } + + bool allow_tls10() const override { return false; } + bool allow_tls11() const override { return false; } + bool allow_tls12() const override { return true; } + bool allow_dtls10() const override { return false; } + bool allow_dtls12() const override { return false; } + }; + +/** * Policy for DTLS. We require DTLS v1.2 and an AEAD mode. */ class BOTAN_DLL Datagram_Policy : public Policy diff --git a/tls-policy/BSI_TR-02102-2.txt b/src/tests/data/tls-policy/bsi.txt index 734aea428..763c05219 100644 --- a/tls-policy/BSI_TR-02102-2.txt +++ b/src/tests/data/tls-policy/bsi.txt @@ -19,4 +19,4 @@ minimum_rsa_bits=2000 allow_insecure_renegotiation=false allow_server_initiated_renegotiation=true server_uses_own_ciphersuite_preferences=true -negotiate_encrypt_then_mac=true
\ No newline at end of file +negotiate_encrypt_then_mac=true diff --git a/src/tests/data/tls-policy/datagram.txt b/src/tests/data/tls-policy/datagram.txt index e78429238..6a9819aff 100644 --- a/src/tests/data/tls-policy/datagram.txt +++ b/src/tests/data/tls-policy/datagram.txt @@ -17,7 +17,7 @@ server_uses_own_ciphersuite_preferences = true negotiate_encrypt_then_mac = true session_ticket_lifetime = 86400 dh_group = modp/ietf/2048 -minimum_dh_group_size = 1024 +minimum_dh_group_size = 2048 minimum_ecdh_group_size = 255 minimum_rsa_bits = 2048 minimum_signature_strength = 110 diff --git a/src/tests/data/tls-policy/default.txt b/src/tests/data/tls-policy/default.txt index eb4ee245c..c96f91d96 100644 --- a/src/tests/data/tls-policy/default.txt +++ b/src/tests/data/tls-policy/default.txt @@ -17,7 +17,7 @@ server_uses_own_ciphersuite_preferences = true negotiate_encrypt_then_mac = true session_ticket_lifetime = 86400 dh_group = modp/ietf/2048 -minimum_dh_group_size = 1024 +minimum_dh_group_size = 2048 minimum_ecdh_group_size = 255 minimum_rsa_bits = 2048 minimum_signature_strength = 110 diff --git a/src/tests/data/tls-policy/strict.txt b/src/tests/data/tls-policy/strict.txt index 2f8dfbb3d..f59aaf271 100644 --- a/src/tests/data/tls-policy/strict.txt +++ b/src/tests/data/tls-policy/strict.txt @@ -17,7 +17,7 @@ server_uses_own_ciphersuite_preferences = true negotiate_encrypt_then_mac = true session_ticket_lifetime = 86400 dh_group = modp/ietf/2048 -minimum_dh_group_size = 1024 +minimum_dh_group_size = 2048 minimum_ecdh_group_size = 255 minimum_rsa_bits = 2048 minimum_signature_strength = 110 diff --git a/src/tests/data/tls-policy/suiteb.txt b/src/tests/data/tls-policy/suiteb.txt index 77e7ce5a0..51d8fec12 100644 --- a/src/tests/data/tls-policy/suiteb.txt +++ b/src/tests/data/tls-policy/suiteb.txt @@ -17,7 +17,7 @@ server_uses_own_ciphersuite_preferences = true negotiate_encrypt_then_mac = true session_ticket_lifetime = 86400 dh_group = modp/ietf/2048 -minimum_dh_group_size = 1024 +minimum_dh_group_size = 2048 minimum_ecdh_group_size = 255 minimum_rsa_bits = 2048 minimum_signature_strength = 128 diff --git a/src/tests/unit_tls.cpp b/src/tests/unit_tls.cpp index cb52b349b..6922dd2a8 100644 --- a/src/tests/unit_tls.cpp +++ b/src/tests/unit_tls.cpp @@ -918,6 +918,8 @@ std::string tls_policy_string(const std::string& policy_str) policy.reset(new Botan::TLS::Policy); else if(policy_str == "suiteb") policy.reset(new Botan::TLS::NSA_Suite_B_128); + else if(policy_str == "bsi") + policy.reset(new Botan::TLS::BSI_TR_02102_2); else if(policy_str == "strict") policy.reset(new Botan::TLS::Strict_Policy); else if(policy_str == "datagram") @@ -932,7 +934,7 @@ Test::Result test_tls_policy() { Test::Result result("TLS Policy"); - const std::vector<std::string> policies = { "default", "suiteb", "strict", "datagram" }; + const std::vector<std::string> policies = { "default", "suiteb", "strict", "datagram", "bsi" }; for(std::string policy : policies) { |