From 52b9356cec6c5ad9a5d00a8ecbbad10a672787e8 Mon Sep 17 00:00:00 2001 From: lloyd Date: Sat, 31 Dec 2011 03:26:57 +0000 Subject: Some basic infrastructure pieces for SRP (policy, etc) --- src/tls/tls_policy.cpp | 37 +++++++++++++++++++++++++++++-------- 1 file changed, 29 insertions(+), 8 deletions(-) (limited to 'src/tls/tls_policy.cpp') diff --git a/src/tls/tls_policy.cpp b/src/tls/tls_policy.cpp index b73ff7850..596f5e53e 100644 --- a/src/tls/tls_policy.cpp +++ b/src/tls/tls_policy.cpp @@ -13,9 +13,10 @@ namespace Botan { /* * Return allowed ciphersuites */ -std::vector TLS_Policy::ciphersuites() const +std::vector TLS_Policy::ciphersuites(bool have_srp) const { - return suite_list(allow_static_rsa(), allow_edh_rsa(), allow_edh_dsa()); + return suite_list(allow_static_rsa(), allow_edh_rsa(), allow_edh_dsa(), + allow_srp() && have_srp); } /* @@ -23,10 +24,28 @@ std::vector TLS_Policy::ciphersuites() const */ std::vector TLS_Policy::suite_list(bool use_rsa, bool use_edh_rsa, - bool use_edh_dsa) const + bool use_edh_dsa, + bool use_srp) const { std::vector suites; + if(use_srp) + { + if(use_edh_rsa) + { + suites.push_back(TLS_SRP_SHA_DSS_WITH_AES_256_SHA); + suites.push_back(TLS_SRP_SHA_DSS_WITH_AES_128_SHA); + suites.push_back(TLS_SRP_SHA_DSS_WITH_3DES_EDE_SHA); + } + + if(use_edh_dsa) + { + suites.push_back(TLS_SRP_SHA_RSA_WITH_AES_256_SHA); + suites.push_back(TLS_SRP_SHA_RSA_WITH_AES_128_SHA); + suites.push_back(TLS_SRP_SHA_RSA_WITH_3DES_EDE_SHA); + } + } + if(use_edh_dsa) { suites.push_back(TLS_DHE_DSS_WITH_AES_256_CBC_SHA); @@ -75,14 +94,16 @@ std::vector TLS_Policy::compression() const */ u16bit TLS_Policy::choose_suite(const std::vector& c_suites, bool have_rsa, - bool have_dsa) const + bool have_dsa, + bool have_srp) const { - bool use_static_rsa = allow_static_rsa() && have_rsa; - bool use_edh_rsa = allow_edh_rsa() && have_rsa; - bool use_edh_dsa = allow_edh_dsa() && have_dsa; + const bool use_static_rsa = allow_static_rsa() && have_rsa; + const bool use_edh_rsa = allow_edh_rsa() && have_rsa; + const bool use_edh_dsa = allow_edh_dsa() && have_dsa; + const bool use_srp = allow_srp() && have_srp; std::vector s_suites = suite_list(use_static_rsa, use_edh_rsa, - use_edh_dsa); + use_edh_dsa, use_srp); for(size_t i = 0; i != s_suites.size(); ++i) for(size_t j = 0; j != c_suites.size(); ++j) -- cgit v1.2.3