/* * Policies * (C) 2004-2006 Jack Lloyd * * Released under the terms of the Botan license */ #ifndef BOTAN_TLS_POLICY_H__ #define BOTAN_TLS_POLICY_H__ #include #include #include #include namespace Botan { /** * TLS Policy Base Class * Inherit and overload as desired to suite local policy concerns */ class BOTAN_DLL TLS_Policy { public: std::vector ciphersuites(bool have_srp) const; virtual std::vector compression() const; virtual u16bit choose_suite(const std::vector& client_suites, bool rsa_ok, bool dsa_ok, bool srp_ok) const; virtual byte choose_compression(const std::vector& client) const; virtual bool allow_static_rsa() const { return true; } virtual bool allow_edh_rsa() const { return true; } virtual bool allow_edh_dsa() const { return true; } virtual bool allow_srp() const { return true; } virtual bool require_client_auth() const { return false; } virtual bool require_secure_renegotiation() const { return true; } virtual DL_Group dh_group() const; virtual size_t rsa_export_keysize() const { return 512; } /* * @return the minimum version that we will negotiate */ virtual Version_Code min_version() const { return SSL_V3; } /* * @return the version we would prefer to negotiate */ virtual Version_Code pref_version() const { return TLS_V11; } virtual bool check_cert(const std::vector& cert_chain) const = 0; virtual ~TLS_Policy() {} private: virtual std::vector suite_list(bool use_rsa, bool use_edh_rsa, bool use_edh_dsa, bool use_srp) const; }; } #endif