From 54eea9aba98c90d34b55b46b08a72bb8b88342b6 Mon Sep 17 00:00:00 2001
From: René Korthaus <r.korthaus@sirrix.com>
Date: Wed, 18 Oct 2017 14:31:19 +0200
Subject: Add allowed values for allowed groups

---
 src/lib/tls/tls_policy.h | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

diff --git a/src/lib/tls/tls_policy.h b/src/lib/tls/tls_policy.h
index 2d90de5c0..499ae91ba 100644
--- a/src/lib/tls/tls_policy.h
+++ b/src/lib/tls/tls_policy.h
@@ -77,12 +77,24 @@ class BOTAN_PUBLIC_API(2,0) Policy
       bool allowed_signature_hash(const std::string& hash) const;
 
       /**
-      * Return list of ECC curves we are willing to use in order of preference
+      * Return list of ECC curves we are willing to use in order of preference.
+      * Allowed values: x25519, secp256r1, secp384r1, secp521r1,
+      *                 brainpool256r1, brainpool384r1, brainpool512r1
       */
       virtual std::vector<std::string> allowed_ecc_curves() const;
 
       bool allowed_ecc_curve(const std::string& curve) const;
 
+      /**
+      * Return list of ECC curves and FFDHE groups
+      * we are willing to use in order of preference.
+      * Allowed values: x25519, secp256r1, secp384r1, secp521r1,
+      *                 brainpool256r1, brainpool384r1, brainpool512r1,
+      *                 ffdhe/ietf/2048, ffdhe/ietf/3072, ffdhe/ietf/4096,
+      *                 ffdhe/ietf/6144, ffdhe/ietf/8192
+      */
+      virtual std::vector<std::string> allowed_groups() const;
+
       /**
       * Request that ECC curve points are sent compressed
       */
@@ -161,8 +173,6 @@ class BOTAN_PUBLIC_API(2,0) Policy
 
       virtual std::string dh_group() const;
 
-      virtual std::vector<std::string> allowed_groups() const;
-
       /**
       * Return the minimum DH group size we're willing to use
       * Default is currently 1024 (insecure), should be 2048
-- 
cgit v1.2.3