From f4f6726262d1096974d191de3f3220b6e1a41c06 Mon Sep 17 00:00:00 2001
From: Jack Lloyd <jack@randombit.net>
Date: Fri, 25 Nov 2016 12:01:10 -0500
Subject: Add TLS::Policy::minimum_signature_strength

Changes TLS callback API for cert verify to accept Policy&

Sets default signature strength to 110 to force RSA ~2048.
---
 src/cli/tls_client.cpp        | 5 +++--
 src/lib/tls/tls_callbacks.cpp | 6 ++++--
 src/lib/tls/tls_callbacks.h   | 4 +++-
 src/lib/tls/tls_client.cpp    | 3 ++-
 src/lib/tls/tls_policy.cpp    | 5 +++++
 src/lib/tls/tls_policy.h      | 9 +++++++++
 src/lib/tls/tls_server.cpp    | 3 ++-
 7 files changed, 28 insertions(+), 7 deletions(-)

diff --git a/src/cli/tls_client.cpp b/src/cli/tls_client.cpp
index 6fbb59e6f..8e21e21e5 100644
--- a/src/cli/tls_client.cpp
+++ b/src/cli/tls_client.cpp
@@ -255,12 +255,13 @@ class TLS_Client final : public Command, public Botan::TLS::Callbacks
          const std::vector<Botan::X509_Certificate>& cert_chain,
          const std::vector<Botan::Certificate_Store*>& trusted_roots,
          Botan::Usage_Type usage,
-         const std::string& hostname) override
+         const std::string& hostname,
+         const Botan::TLS::Policy& policy) override
          {
          if(cert_chain.empty())
             throw std::invalid_argument("Certificate chain was empty");
 
-         Botan::Path_Validation_Restrictions restrictions(true, 80);
+         Botan::Path_Validation_Restrictions restrictions(true, policy.minimum_signature_strength());
 
          auto ocsp_timeout = std::chrono::milliseconds(300);
 
diff --git a/src/lib/tls/tls_callbacks.cpp b/src/lib/tls/tls_callbacks.cpp
index f43890e20..e95b1c0f7 100644
--- a/src/lib/tls/tls_callbacks.cpp
+++ b/src/lib/tls/tls_callbacks.cpp
@@ -6,6 +6,7 @@
 */
 
 #include <botan/tls_callbacks.h>
+#include <botan/tls_policy.h>
 #include <botan/x509path.h>
 #include <botan/ocsp.h>
 #include <botan/certstor.h>
@@ -28,12 +29,13 @@ void TLS::Callbacks::tls_verify_cert_chain(
    const std::vector<X509_Certificate>& cert_chain,
    const std::vector<Certificate_Store*>& trusted_roots,
    Usage_Type usage,
-   const std::string& hostname)
+   const std::string& hostname,
+   const TLS::Policy& policy)
    {
    if(cert_chain.empty())
       throw Invalid_Argument("Certificate chain was empty");
 
-   Path_Validation_Restrictions restrictions;
+   Path_Validation_Restrictions restrictions(true, policy.minimum_signature_strength());
 
    Path_Validation_Result result =
       x509_path_validate(cert_chain,
diff --git a/src/lib/tls/tls_callbacks.h b/src/lib/tls/tls_callbacks.h
index 8714058c1..200885173 100644
--- a/src/lib/tls/tls_callbacks.h
+++ b/src/lib/tls/tls_callbacks.h
@@ -26,6 +26,7 @@ class Response;
 namespace TLS {
 
 class Handshake_Message;
+class Policy;
 
 /**
 * Encapsulates the callbacks that a TLS channel will make which are due to
@@ -122,7 +123,8 @@ class BOTAN_DLL Callbacks
           const std::vector<X509_Certificate>& cert_chain,
           const std::vector<Certificate_Store*>& trusted_roots,
           Usage_Type usage,
-          const std::string& hostname);
+          const std::string& hostname,
+          const TLS::Policy& policy);
 
        /**
        * Called by default `tls_verify_cert_chain` to get the timeout to use for OCSP
diff --git a/src/lib/tls/tls_client.cpp b/src/lib/tls/tls_client.cpp
index 99b4ac731..185084734 100644
--- a/src/lib/tls/tls_client.cpp
+++ b/src/lib/tls/tls_client.cpp
@@ -396,7 +396,8 @@ void Client::process_handshake_msg(const Handshake_State* active_state,
          callbacks().tls_verify_cert_chain(server_certs,
                                            trusted_CAs,
                                            Usage_Type::TLS_SERVER_AUTH,
-                                           m_info.hostname());
+                                           m_info.hostname(),
+                                           policy());
          }
       catch(std::exception& e)
          {
diff --git a/src/lib/tls/tls_policy.cpp b/src/lib/tls/tls_policy.cpp
index 49a8ad1fc..4dc1206e7 100644
--- a/src/lib/tls/tls_policy.cpp
+++ b/src/lib/tls/tls_policy.cpp
@@ -156,6 +156,11 @@ size_t Policy::minimum_ecdh_group_size() const
    return 255;
    }
 
+size_t Policy::minimum_signature_strength() const
+   {
+   return 110;
+   }
+
 size_t Policy::minimum_rsa_bits() const
    {
    /* Default assumption is all end-entity certificates should
diff --git a/src/lib/tls/tls_policy.h b/src/lib/tls/tls_policy.h
index efef7e1f7..92814277f 100644
--- a/src/lib/tls/tls_policy.h
+++ b/src/lib/tls/tls_policy.h
@@ -57,6 +57,15 @@ class BOTAN_DLL Policy
       */
       virtual std::vector<std::string> allowed_signature_methods() const;
 
+      /**
+      * The minimum signature strength we will accept
+      * Returning 80 allows RSA 1024 and SHA-1. Values larger than 80 disable SHA-1 support.
+      * Returning 110 allows RSA 2048.
+      * Return 128 to force ECC (P-256) or large (~3000 bit) RSA keys.
+      * Default is 110
+      */
+      virtual size_t minimum_signature_strength() const;
+
       bool allowed_signature_method(const std::string& sig_method) const;
 
       /**
diff --git a/src/lib/tls/tls_server.cpp b/src/lib/tls/tls_server.cpp
index abe22df3c..4e07b5f7c 100644
--- a/src/lib/tls/tls_server.cpp
+++ b/src/lib/tls/tls_server.cpp
@@ -529,7 +529,8 @@ void Server::process_certificate_verify_msg(Server_Handshake_State& pending_stat
         callbacks().tls_verify_cert_chain(client_certs,
                                           trusted_CAs,
                                           Usage_Type::TLS_CLIENT_AUTH,
-                                          sni_hostname);
+                                          sni_hostname,
+                                          policy());
         }
     catch ( std::exception& e )
         {
-- 
cgit v1.2.3