diff options
Diffstat (limited to 'src/lib/tls/tls_policy.h')
| -rw-r--r-- | src/lib/tls/tls_policy.h | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/src/lib/tls/tls_policy.h b/src/lib/tls/tls_policy.h index f387361f6..efef7e1f7 100644 --- a/src/lib/tls/tls_policy.h +++ b/src/lib/tls/tls_policy.h @@ -151,11 +151,12 @@ class BOTAN_DLL Policy * Return the minimum ECDH group size we're willing to use * for key exchange * - * Default 256, allowing P-256 and larger - * P-256 is the smallest curve we will negotiate + * Default 255, allowing x25519 and larger + * x25519 is the smallest curve we will negotiate + * P-521 is the largest */ virtual size_t minimum_ecdh_group_size() const; - + /** * Return the minimum bit size we're willing to accept for RSA * key exchange or server signatures. @@ -170,6 +171,11 @@ class BOTAN_DLL Policy virtual size_t minimum_rsa_bits() const; /** + * Minimum DSA group size, default 2048 bits + */ + virtual size_t minimum_dsa_group_size() const; + + /** * Throw an exception if you don't like the peer's key. * Default impl checks the key size against minimum_rsa_bits, minimum_ecdsa_group_size, * or minimum_ecdh_group_size depending on the key's type. |