Botan 3.4.0
Crypto and TLS for C&
Public Member Functions | List of all members
Botan::TLS::Strict_Policy Class Reference

#include <tls_policy.h>

Inheritance diagram for Botan::TLS::Strict_Policy:
Botan::TLS::Policy

Public Member Functions

virtual bool abort_connection_on_undesired_renegotiation () const
 
virtual std::optional< std::vector< Signature_Scheme > > acceptable_certificate_signature_schemes () const
 
virtual bool acceptable_ciphersuite (const Ciphersuite &suite) const
 
virtual bool acceptable_protocol_version (Protocol_Version version) const
 
virtual std::vector< Signature_Schemeacceptable_signature_schemes () const
 
virtual std::vector< Certificate_Typeaccepted_client_certificate_types () const
 
virtual std::vector< Certificate_Typeaccepted_server_certificate_types () const
 
virtual bool allow_client_initiated_renegotiation () const
 
virtual bool allow_dtls12 () const
 
virtual bool allow_dtls_epoch0_restart () const
 
virtual bool allow_insecure_renegotiation () const
 
virtual bool allow_resumption_for_renegotiation () const
 
virtual bool allow_server_initiated_renegotiation () const
 
virtual bool allow_tls12 () const
 
virtual bool allow_tls13 () const
 
std::vector< std::string > allowed_ciphers () const override
 
std::vector< std::string > allowed_key_exchange_methods () const override
 
std::vector< std::string > allowed_macs () const override
 
bool allowed_signature_hash (std::string_view hash) const
 
std::vector< std::string > allowed_signature_hashes () const override
 
bool allowed_signature_method (std::string_view sig_method) const
 
virtual std::vector< std::string > allowed_signature_methods () const
 
virtual std::vector< Signature_Schemeallowed_signature_schemes () const
 
virtual void check_peer_key_acceptable (const Public_Key &public_key) const
 
virtual Group_Params choose_key_exchange_group (const std::vector< Group_Params > &supported_by_peer, const std::vector< Group_Params > &offered_by_peer) const
 
virtual std::vector< uint16_t > ciphersuite_list (Protocol_Version version) const
 
virtual Group_Params default_dh_group () const
 
virtual size_t dtls_default_mtu () const
 
virtual size_t dtls_initial_timeout () const
 
virtual size_t dtls_maximum_timeout () const
 
virtual bool hash_hello_random () const
 
virtual bool hide_unknown_users () const
 
virtual bool include_time_in_hello_random () const
 
virtual std::vector< Group_Paramskey_exchange_groups () const
 
virtual std::vector< Group_Paramskey_exchange_groups_to_offer () const
 
virtual Protocol_Version latest_supported_version (bool datagram) const
 
virtual size_t maximum_certificate_chain_size () const
 
virtual size_t maximum_session_tickets_per_client_hello () const
 
virtual size_t minimum_dh_group_size () const
 
virtual size_t minimum_ecdh_group_size () const
 
virtual size_t minimum_ecdsa_group_size () const
 
virtual size_t minimum_rsa_bits () const
 
virtual size_t minimum_signature_strength () const
 
virtual bool negotiate_encrypt_then_mac () const
 
virtual size_t new_session_tickets_upon_handshake_success () const
 
virtual bool only_resume_with_exact_version () const
 
virtual void print (std::ostream &o) const
 
virtual std::optional< uint16_t > record_size_limit () const
 
virtual bool request_client_certificate_authentication () const
 
virtual bool require_cert_revocation_info () const
 
virtual bool require_client_certificate_authentication () const
 
virtual bool reuse_session_tickets () const
 
virtual bool server_uses_own_ciphersuite_preferences () const
 
virtual std::chrono::seconds session_ticket_lifetime () const
 
virtual std::vector< uint16_t > srtp_profiles () const
 
virtual bool support_cert_status_message () const
 
virtual bool tls_13_middlebox_compatibility_mode () const
 
std::string to_string () const
 
virtual bool use_ecc_point_compression () const
 

Detailed Description

Definition at line 619 of file tls_policy.h.

Member Function Documentation

◆ abort_connection_on_undesired_renegotiation()

bool Botan::TLS::Policy::abort_connection_on_undesired_renegotiation ( ) const
virtualinherited

If true, a request to renegotiate will close the connection with a fatal alert. Otherwise, a warning alert is sent.

Note
Has no effect for TLS 1.3 connections.

Definition at line 389 of file tls_policy.cpp.

389 {
390 return false;
391}

◆ acceptable_certificate_signature_schemes()

std::optional< std::vector< Signature_Scheme > > Botan::TLS::Policy::acceptable_certificate_signature_schemes ( ) const
virtualinherited

Definition at line 42 of file tls_policy.cpp.

42 {
43 // the restrictions of ::acceptable_signature_schemes() shall apply
44 return std::nullopt;
45}

Referenced by Botan::TLS::Client_Hello_12::Client_Hello_12(), Botan::TLS::Client_Hello_12::Client_Hello_12(), and Botan::TLS::Client_Hello_13::Client_Hello_13().

◆ acceptable_ciphersuite()

bool Botan::TLS::Policy::acceptable_ciphersuite ( const Ciphersuite & suite) const
virtualinherited

Allows policy to reject any ciphersuites which are undesirable for whatever reason without having to reimplement ciphersuite_list

Definition at line 300 of file tls_policy.cpp.

300 {
301 return value_exists(allowed_ciphers(), ciphersuite.cipher_algo()) &&
302 value_exists(allowed_macs(), ciphersuite.mac_algo());
303}
Botan::TLS::Policy::allowed_macs
virtual std::vector< std::string > allowed_macs() const
Definition tls_policy.cpp:75
Botan::TLS::Policy::allowed_ciphers
virtual std::vector< std::string > allowed_ciphers() const
Definition tls_policy.cpp:47
Botan::value_exists
bool value_exists(const std::vector< T > &vec, const OT &val)
Definition stl_util.h:118

References Botan::TLS::Policy::allowed_ciphers(), Botan::TLS::Policy::allowed_macs(), Botan::TLS::Ciphersuite::cipher_algo(), Botan::TLS::Ciphersuite::mac_algo(), and Botan::value_exists().

Referenced by Botan::TLS::Policy::ciphersuite_list().

◆ acceptable_protocol_version()

bool Botan::TLS::Policy::acceptable_protocol_version ( Protocol_Version version) const
virtualinherited
Returns
true if and only if we are willing to accept this version Default accepts TLS v1.2 and later or DTLS v1.2 or later.

Definition at line 261 of file tls_policy.cpp.

261 {
262#if defined(BOTAN_HAS_TLS_13)
263 if(version == Protocol_Version::TLS_V13 && allow_tls13()) {
264 return true;
265 }
266#endif
267
268#if defined(BOTAN_HAS_TLS_12)
269 if(version == Protocol_Version::TLS_V12 && allow_tls12()) {
270 return true;
271 }
272
273 if(version == Protocol_Version::DTLS_V12 && allow_dtls12()) {
274 return true;
275 }
276#endif
277
278 return false;
279}
Botan::TLS::Policy::allow_tls12
virtual bool allow_tls12() const
Definition tls_policy.cpp:317
Botan::TLS::Policy::allow_tls13
virtual bool allow_tls13() const
Definition tls_policy.cpp:325
Botan::TLS::Policy::allow_dtls12
virtual bool allow_dtls12() const
Definition tls_policy.cpp:333

References Botan::TLS::Policy::allow_dtls12(), Botan::TLS::Policy::allow_tls12(), and Botan::TLS::Policy::allow_tls13().

Referenced by Botan::TLS::Client_Hello_12::Client_Hello_12(), Botan::TLS::Client_Hello_12::Client_Hello_12(), Botan::TLS::Client_Hello_13::highest_supported_version(), and Botan::TLS::Policy::latest_supported_version().

◆ acceptable_signature_schemes()

std::vector< Signature_Scheme > Botan::TLS::Policy::acceptable_signature_schemes ( ) const
virtualinherited

Return a list of schemes we are willing to accept

Definition at line 38 of file tls_policy.cpp.

38 {
39 return this->allowed_signature_schemes();
40}
Botan::TLS::Policy::allowed_signature_schemes
virtual std::vector< Signature_Scheme > allowed_signature_schemes() const
Definition tls_policy.cpp:23

References Botan::TLS::Policy::allowed_signature_schemes().

Referenced by Botan::TLS::Client_Hello_12::Client_Hello_12(), Botan::TLS::Client_Hello_12::Client_Hello_12(), and Botan::TLS::Client_Hello_13::Client_Hello_13().

◆ accepted_client_certificate_types()

std::vector< Certificate_Type > Botan::TLS::Policy::accepted_client_certificate_types ( ) const
virtualinherited

Returns a list of accepted certificate types for client authentication in order of preference. See RFC 7250 and RFC 8446 4.4.2 for details. Defaults to X509 only.

Note that it is the application's responsibility to provide public keys and/or certificates according to the specification in this list via the Credentials_Manager.

Reimplemented in Botan::TLS::Text_Policy.

Definition at line 393 of file tls_policy.cpp.

393 {
394 return {Certificate_Type::X509};
395}

References Botan::TLS::X509.

Referenced by Botan::TLS::Text_Policy::accepted_client_certificate_types(), Botan::TLS::Client_Hello_13::Client_Hello_13(), and Botan::TLS::Policy::print().

◆ accepted_server_certificate_types()

std::vector< Certificate_Type > Botan::TLS::Policy::accepted_server_certificate_types ( ) const
virtualinherited

Returns a list of accepted certificate types for server authentication in order of preference. See RFC 7250 and RFC 8446 4.4.2 for details. Defaults to X509 only.

Note that it is the application's responsibility to provide public keys and/or certificates according to the specification in this list via the Credentials_Manager.

Reimplemented in Botan::TLS::Text_Policy.

Definition at line 397 of file tls_policy.cpp.

397 {
398 return {Certificate_Type::X509};
399}

References Botan::TLS::X509.

Referenced by Botan::TLS::Text_Policy::accepted_server_certificate_types(), Botan::TLS::Client_Hello_13::Client_Hello_13(), and Botan::TLS::Policy::print().

◆ allow_client_initiated_renegotiation()

bool Botan::TLS::Policy::allow_client_initiated_renegotiation ( ) const
virtualinherited

Consulted by server side. If true, allows clients to initiate a new handshake

Note
Has no effect for TLS 1.3 connections.

Reimplemented in Botan::TLS::Text_Policy.

Definition at line 305 of file tls_policy.cpp.

305 {
306 return false;
307}

Referenced by Botan::TLS::Text_Policy::allow_client_initiated_renegotiation().

◆ allow_dtls12()

bool Botan::TLS::Policy::allow_dtls12 ( ) const
virtualinherited

Allow DTLS v1.2

Reimplemented in Botan::TLS::NSA_Suite_B_128, Botan::TLS::NSA_Suite_B_192, Botan::TLS::BSI_TR_02102_2, Botan::TLS::Datagram_Policy, and Botan::TLS::Text_Policy.

Definition at line 333 of file tls_policy.cpp.

333 {
334#if defined(BOTAN_HAS_TLS_12)
335 return true;
336#else
337 return false;
338#endif
339}

Referenced by Botan::TLS::Policy::acceptable_protocol_version(), Botan::TLS::Text_Policy::allow_dtls12(), Botan::TLS::make_hello_random(), Botan::TLS::Policy::print(), and Botan::TLS::Supported_Versions::Supported_Versions().

◆ allow_dtls_epoch0_restart()

bool Botan::TLS::Policy::allow_dtls_epoch0_restart ( ) const
virtualinherited

If true, then allow a DTLS client to restart a connection to the same server association as described in section 4.2.8 of the DTLS RFC

Definition at line 401 of file tls_policy.cpp.

401 {
402 return false;
403}

Referenced by Botan::TLS::Channel_Impl_12::from_peer().

◆ allow_insecure_renegotiation()

bool Botan::TLS::Policy::allow_insecure_renegotiation ( ) const
virtualinherited

Allow renegotiation even if the counterparty doesn't support the secure renegotiation extension.

Warning
Changing this to true exposes you to injected plaintext attacks. Read RFC 5746 for background.
Note
Has no effect for TLS 1.3 connections.

Reimplemented in Botan::TLS::BSI_TR_02102_2, and Botan::TLS::Text_Policy.

Definition at line 313 of file tls_policy.cpp.

313 {
314 return false;
315}

Referenced by Botan::TLS::Text_Policy::allow_insecure_renegotiation(), and Botan::TLS::Policy::print().

◆ allow_resumption_for_renegotiation()

bool Botan::TLS::Policy::allow_resumption_for_renegotiation ( ) const
virtualinherited
Note
Has no effect for TLS 1.3 connections.

Definition at line 365 of file tls_policy.cpp.

365 {
366 return true;
367}

Referenced by Botan::TLS::Channel_Impl_12::renegotiate().

◆ allow_server_initiated_renegotiation()

bool Botan::TLS::Policy::allow_server_initiated_renegotiation ( ) const
virtualinherited

Consulted by client side. If true, allows servers to initiate a new handshake

Note
Has no effect for TLS 1.3 connections.

Reimplemented in Botan::TLS::BSI_TR_02102_2, and Botan::TLS::Text_Policy.

Definition at line 309 of file tls_policy.cpp.

309 {
310 return false;
311}

Referenced by Botan::TLS::Text_Policy::allow_server_initiated_renegotiation(), and Botan::TLS::Policy::print().

◆ allow_tls12()

bool Botan::TLS::Policy::allow_tls12 ( ) const
virtualinherited

Allow TLS v1.2

Reimplemented in Botan::TLS::NSA_Suite_B_128, Botan::TLS::NSA_Suite_B_192, Botan::TLS::BSI_TR_02102_2, Botan::TLS::Datagram_Policy, and Botan::TLS::Text_Policy.

Definition at line 317 of file tls_policy.cpp.

317 {
318#if defined(BOTAN_HAS_TLS_12)
319 return true;
320#else
321 return false;
322#endif
323}

Referenced by Botan::TLS::Policy::acceptable_protocol_version(), Botan::TLS::Text_Policy::allow_tls12(), Botan::TLS::Client_Hello_13::Client_Hello_13(), Botan::TLS::Client_Impl_13::Client_Impl_13(), Botan::TLS::make_hello_random(), Botan::TLS::Policy::print(), Botan::TLS::Server_Impl_13::Server_Impl_13(), and Botan::TLS::Supported_Versions::Supported_Versions().

◆ allow_tls13()

bool Botan::TLS::Policy::allow_tls13 ( ) const
virtualinherited

Allow TLS v1.3

Reimplemented in Botan::TLS::NSA_Suite_B_128, Botan::TLS::NSA_Suite_B_192, Botan::TLS::BSI_TR_02102_2, Botan::TLS::Datagram_Policy, and Botan::TLS::Text_Policy.

Definition at line 325 of file tls_policy.cpp.

325 {
326#if defined(BOTAN_HAS_TLS_13)
327 return true;
328#else
329 return false;
330#endif
331}

Referenced by Botan::TLS::Policy::acceptable_protocol_version(), Botan::TLS::Text_Policy::allow_tls13(), Botan::TLS::Policy::print(), and Botan::TLS::Supported_Versions::Supported_Versions().

◆ allowed_ciphers()

std::vector< std::string > Botan::TLS::Strict_Policy::allowed_ciphers ( ) const
overridevirtual

Returns a list of ciphers we are willing to negotiate, in order of preference.

Reimplemented from Botan::TLS::Policy.

Definition at line 662 of file tls_policy.cpp.

662 {
663 return {"ChaCha20Poly1305", "AES-256/GCM", "AES-128/GCM"};
664}

◆ allowed_key_exchange_methods()

std::vector< std::string > Botan::TLS::Strict_Policy::allowed_key_exchange_methods ( ) const
overridevirtual

Returns a list of key exchange algorithms we are willing to use, in order of preference. Allowed values: DH, empty string (representing RSA using server certificate key)

Reimplemented from Botan::TLS::Policy.

Definition at line 674 of file tls_policy.cpp.

674 {
675 return {"ECDH"};
676}

◆ allowed_macs()

std::vector< std::string > Botan::TLS::Strict_Policy::allowed_macs ( ) const
overridevirtual

Returns a list of MAC algorithms we are willing to use.

Reimplemented from Botan::TLS::Policy.

Definition at line 670 of file tls_policy.cpp.

670 {
671 return {"AEAD"};
672}

◆ allowed_signature_hash()

bool Botan::TLS::Policy::allowed_signature_hash ( std::string_view hash) const
inherited

Definition at line 110 of file tls_policy.cpp.

110 {
111 return value_exists(allowed_signature_hashes(), sig_hash);
112}
Botan::TLS::Policy::allowed_signature_hashes
virtual std::vector< std::string > allowed_signature_hashes() const
Definition tls_policy.cpp:67

References Botan::TLS::Policy::allowed_signature_hashes(), and Botan::value_exists().

Referenced by Botan::TLS::Policy::allowed_signature_schemes(), and Botan::TLS::Handshake_State::choose_sig_format().

◆ allowed_signature_hashes()

std::vector< std::string > Botan::TLS::Strict_Policy::allowed_signature_hashes ( ) const
overridevirtual

Returns a list of hash algorithms we are willing to use for signatures, in order of preference.

Reimplemented from Botan::TLS::Policy.

Definition at line 666 of file tls_policy.cpp.

666 {
667 return {"SHA-512", "SHA-384"};
668}

◆ allowed_signature_method()

bool Botan::TLS::Policy::allowed_signature_method ( std::string_view sig_method) const
inherited

Definition at line 106 of file tls_policy.cpp.

106 {
107 return value_exists(allowed_signature_methods(), sig_method);
108}
Botan::TLS::Policy::allowed_signature_methods
virtual std::vector< std::string > allowed_signature_methods() const
Definition tls_policy.cpp:99

References Botan::TLS::Policy::allowed_signature_methods(), and Botan::value_exists().

Referenced by Botan::TLS::Policy::allowed_signature_schemes(), Botan::TLS::Certificate_13::Certificate_13(), and Botan::TLS::Handshake_State::parse_sig_format().

◆ allowed_signature_methods()

std::vector< std::string > Botan::TLS::Policy::allowed_signature_methods ( ) const
virtualinherited

Returns a list of signature algorithms we are willing to use, in order of preference.

Reimplemented in Botan::TLS::NSA_Suite_B_128, Botan::TLS::NSA_Suite_B_192, Botan::TLS::BSI_TR_02102_2, and Botan::TLS::Text_Policy.

Definition at line 99 of file tls_policy.cpp.

99 {
100 return {
101 "ECDSA", "RSA",
102 //"IMPLICIT",
103 };
104}

Referenced by Botan::TLS::Policy::allowed_signature_method(), Botan::TLS::Text_Policy::allowed_signature_methods(), Botan::TLS::Policy::ciphersuite_list(), and Botan::TLS::Policy::print().

◆ allowed_signature_schemes()

std::vector< Signature_Scheme > Botan::TLS::Policy::allowed_signature_schemes ( ) const
virtualinherited

Definition at line 23 of file tls_policy.cpp.

23 {
24 std::vector<Signature_Scheme> schemes;
25
26 for(Signature_Scheme scheme : Signature_Scheme::all_available_schemes()) {
27 const bool sig_allowed = allowed_signature_method(scheme.algorithm_name());
28 const bool hash_allowed = allowed_signature_hash(scheme.hash_function_name());
29
30 if(sig_allowed && hash_allowed) {
31 schemes.push_back(scheme);
32 }
33 }
34
35 return schemes;
36}
Botan::TLS::Policy::allowed_signature_method
bool allowed_signature_method(std::string_view sig_method) const
Definition tls_policy.cpp:106
Botan::TLS::Policy::allowed_signature_hash
bool allowed_signature_hash(std::string_view hash) const
Definition tls_policy.cpp:110

References Botan::TLS::Signature_Scheme::all_available_schemes(), Botan::TLS::Policy::allowed_signature_hash(), and Botan::TLS::Policy::allowed_signature_method().

Referenced by Botan::TLS::Policy::acceptable_signature_schemes(), Botan::TLS::Certificate_Verify_13::Certificate_Verify_13(), and Botan::TLS::Handshake_State::choose_sig_format().

◆ check_peer_key_acceptable()

void Botan::TLS::Policy::check_peer_key_acceptable ( const Public_Key & public_key) const
virtualinherited

Throw an exception if you don't like the peer's key. Default impl checks the key size against minimum_rsa_bits, minimum_ecdsa_group_size, or minimum_ecdh_group_size depending on the key's type. Override if you'd like to perform some other kind of test on (or logging of) the peer's keys.

Definition at line 219 of file tls_policy.cpp.

219 {
220 const std::string algo_name = public_key.algo_name();
221
222 const size_t keylength = public_key.key_length();
223 size_t expected_keylength = 0;
224
225 if(algo_name == "RSA") {
226 expected_keylength = minimum_rsa_bits();
227 } else if(algo_name == "DH") {
228 expected_keylength = minimum_dh_group_size();
229 } else if(algo_name == "ECDH" || algo_name == "Curve25519" || algo_name == "X448") {
230 expected_keylength = minimum_ecdh_group_size();
231 } else if(algo_name == "ECDSA") {
232 expected_keylength = minimum_ecdsa_group_size();
233 }
234 // else some other algo, so leave expected_keylength as zero and the check is a no-op
235
236 if(keylength < expected_keylength) {
237 throw TLS_Exception(Alert::InsufficientSecurity,
238 "Peer sent " + std::to_string(keylength) + " bit " + algo_name +
239 " key"
240 ", policy requires at least " +
241 std::to_string(expected_keylength));
242 }
243}
Botan::TLS::Policy::minimum_ecdh_group_size
virtual size_t minimum_ecdh_group_size() const
Definition tls_policy.cpp:195
Botan::TLS::Policy::minimum_rsa_bits
virtual size_t minimum_rsa_bits() const
Definition tls_policy.cpp:208
Botan::TLS::Policy::minimum_dh_group_size
virtual size_t minimum_dh_group_size() const
Definition tls_policy.cpp:186
Botan::TLS::Policy::minimum_ecdsa_group_size
virtual size_t minimum_ecdsa_group_size() const
Definition tls_policy.cpp:190

References Botan::Asymmetric_Key::algo_name(), Botan::Public_Key::key_length(), Botan::TLS::Policy::minimum_dh_group_size(), Botan::TLS::Policy::minimum_ecdh_group_size(), Botan::TLS::Policy::minimum_ecdsa_group_size(), and Botan::TLS::Policy::minimum_rsa_bits().

Referenced by Botan::TLS::Certificate_13::Certificate_13(), Botan::TLS::Callbacks::tls_ephemeral_key_agreement(), Botan::TLS::Server_Key_Exchange::verify(), and Botan::TLS::Certificate_Verify_12::verify().

◆ choose_key_exchange_group()

Group_Params Botan::TLS::Policy::choose_key_exchange_group ( const std::vector< Group_Params > & supported_by_peer,
const std::vector< Group_Params > & offered_by_peer ) const
virtualinherited

Select a key exchange group to use, from the list of groups sent by the peer. In TLS 1.3 handshakes the peer might have provided cryptographic material for a subset of its available groups. Choosing a group for which no share was provided will result in an additional round trip. If none are acceptable, return Group_Params::NONE.

By default this will try to optimize for less round trips even if this results in the usage of a less preferred group.

Definition at line 118 of file tls_policy.cpp.

119 {
120 if(supported_by_peer.empty()) {
121 return Group_Params::NONE;
122 }
123
124 const std::vector<Group_Params> our_groups = key_exchange_groups();
125
126 // Prefer groups that were offered by the peer for the sake of saving
127 // an additional round trip. For TLS 1.2, this won't be used.
128 for(auto g : offered_by_peer) {
129 if(value_exists(our_groups, g)) {
130 return g;
131 }
132 }
133
134 // If no pre-offered groups fit our supported set, we prioritize our
135 // own preference.
136 for(auto g : our_groups) {
137 if(value_exists(supported_by_peer, g)) {
138 return g;
139 }
140 }
141
142 return Group_Params::NONE;
143}
Botan::TLS::Policy::key_exchange_groups
virtual std::vector< Group_Params > key_exchange_groups() const
Definition tls_policy.cpp:158

References Botan::TLS::Policy::key_exchange_groups(), and Botan::value_exists().

Referenced by Botan::TLS::Client_Key_Exchange::Client_Key_Exchange(), Botan::TLS::Server_Hello_13::create(), and Botan::TLS::Server_Key_Exchange::Server_Key_Exchange().

◆ ciphersuite_list()

std::vector< uint16_t > Botan::TLS::Policy::ciphersuite_list ( Protocol_Version version) const
virtualinherited

Return allowed ciphersuites, in order of preference for the provided protocol version.

Parameters
versionthe exact protocol version to select supported and allowed ciphersuites for

Definition at line 500 of file tls_policy.cpp.

500 {
501 const std::vector<std::string> ciphers = allowed_ciphers();
502 const std::vector<std::string> macs = allowed_macs();
503 const std::vector<std::string> kex = allowed_key_exchange_methods();
504 const std::vector<std::string> sigs = allowed_signature_methods();
505
506 std::vector<Ciphersuite> ciphersuites;
507
508 for(auto&& suite : Ciphersuite::all_known_ciphersuites()) {
509 // Can we use it?
510 if(!suite.valid()) {
511 continue;
512 }
513
514 // Can we use it in this version?
515 if(!suite.usable_in_version(version)) {
516 continue;
517 }
518
519 // Is it acceptable to the policy?
520 if(!this->acceptable_ciphersuite(suite)) {
521 continue;
522 }
523
524 if(!value_exists(ciphers, suite.cipher_algo())) {
525 continue; // unsupported cipher
526 }
527
528 // these checks are irrelevant for TLS 1.3
529 // TODO: consider making a method for this logic
530 if(version.is_pre_tls_13()) {
531 if(!value_exists(kex, suite.kex_algo())) {
532 continue; // unsupported key exchange
533 }
534
535 if(!value_exists(macs, suite.mac_algo())) {
536 continue; // unsupported MAC algo
537 }
538
539 if(!value_exists(sigs, suite.sig_algo())) {
540 // allow if it's an empty sig algo and we want to use PSK
541 if(suite.auth_method() != Auth_Method::IMPLICIT || !suite.psk_ciphersuite()) {
542 continue;
543 }
544 }
545 }
546
547 // OK, consider it
548 ciphersuites.push_back(suite);
549 }
550
551 if(ciphersuites.empty()) {
552 throw Invalid_State("Policy does not allow any available cipher suite");
553 }
554
555 Ciphersuite_Preference_Ordering order(ciphers, macs, kex, sigs);
556 std::sort(ciphersuites.begin(), ciphersuites.end(), order);
557
558 std::vector<uint16_t> ciphersuite_codes;
559 ciphersuite_codes.reserve(ciphersuites.size());
560 for(auto i : ciphersuites) {
561 ciphersuite_codes.push_back(i.ciphersuite_code());
562 }
563 return ciphersuite_codes;
564}
Botan::TLS::Policy::acceptable_ciphersuite
virtual bool acceptable_ciphersuite(const Ciphersuite &suite) const
Definition tls_policy.cpp:300
Botan::TLS::Policy::allowed_key_exchange_methods
virtual std::vector< std::string > allowed_key_exchange_methods() const
Definition tls_policy.cpp:89

References Botan::TLS::Policy::acceptable_ciphersuite(), Botan::TLS::Ciphersuite::all_known_ciphersuites(), Botan::TLS::Policy::allowed_ciphers(), Botan::TLS::Policy::allowed_key_exchange_methods(), Botan::TLS::Policy::allowed_macs(), Botan::TLS::Policy::allowed_signature_methods(), Botan::TLS::IMPLICIT, Botan::TLS::Protocol_Version::is_pre_tls_13(), and Botan::value_exists().

Referenced by Botan::TLS::Client_Hello_12::Client_Hello_12(), Botan::TLS::Client_Hello_12::Client_Hello_12(), and Botan::TLS::Client_Hello_13::Client_Hello_13().

◆ default_dh_group()

Group_Params Botan::TLS::Policy::default_dh_group ( ) const
virtualinherited
Note
Has no effect for TLS 1.3 connections.

Definition at line 145 of file tls_policy.cpp.

145 {
146 /*
147 * Return the first listed or just default to 2048
148 */
149 for(auto g : key_exchange_groups()) {
150 if(g.is_dh_named_group()) {
151 return g;
152 }
153 }
154
155 return Group_Params::FFDHE_2048;
156}

References Botan::TLS::Policy::key_exchange_groups().

Referenced by Botan::TLS::Server_Key_Exchange::Server_Key_Exchange().

◆ dtls_default_mtu()

size_t Botan::TLS::Policy::dtls_default_mtu ( ) const
virtualinherited
Returns
the default MTU for DTLS

Reimplemented in Botan::TLS::Text_Policy.

Definition at line 418 of file tls_policy.cpp.

418 {
419 // default MTU is IPv6 min MTU minus UDP/IP headers
420 return 1280 - 40 - 8;
421}

Referenced by Botan::TLS::Text_Policy::dtls_default_mtu().

◆ dtls_initial_timeout()

size_t Botan::TLS::Policy::dtls_initial_timeout ( ) const
virtualinherited
Returns
the initial timeout for DTLS

Reimplemented in Botan::TLS::Text_Policy.

Definition at line 410 of file tls_policy.cpp.

410 {
411 return 1 * 1000;
412}

Referenced by Botan::TLS::Text_Policy::dtls_initial_timeout().

◆ dtls_maximum_timeout()

size_t Botan::TLS::Policy::dtls_maximum_timeout ( ) const
virtualinherited
Returns
the maximum timeout for DTLS

Reimplemented in Botan::TLS::Text_Policy.

Definition at line 414 of file tls_policy.cpp.

414 {
415 return 60 * 1000;
416}

Referenced by Botan::TLS::Text_Policy::dtls_maximum_timeout().

◆ hash_hello_random()

bool Botan::TLS::Policy::hash_hello_random ( ) const
virtualinherited

Hash the RNG output for the client/server hello random. This is a pre-caution to avoid writing "raw" RNG output to the wire.

There's not normally a reason to disable this, except when deterministic output is required for testing.

Reimplemented in Botan::TLS::Text_Policy.

Definition at line 373 of file tls_policy.cpp.

373 {
374 return true;
375}

Referenced by Botan::TLS::Text_Policy::hash_hello_random(), Botan::TLS::make_hello_random(), and Botan::TLS::Policy::print().

◆ hide_unknown_users()

bool Botan::TLS::Policy::hide_unknown_users ( ) const
virtualinherited

If this function returns false, unknown PSK identifiers will be rejected with an unknown_psk_identifier alert as soon as the non-existence is identified. Otherwise, a false identifier value will be used and the protocol allowed to proceed, causing the handshake to eventually fail without revealing that the username does not exist on this system.

Reimplemented in Botan::TLS::Text_Policy.

Definition at line 345 of file tls_policy.cpp.

345 {
346 return false;
347}

Referenced by Botan::TLS::Client_Key_Exchange::Client_Key_Exchange(), Botan::TLS::Text_Policy::hide_unknown_users(), and Botan::TLS::Policy::print().

◆ include_time_in_hello_random()

bool Botan::TLS::Policy::include_time_in_hello_random ( ) const
virtualinherited

The protocol dictates that the first 32 bits of the random field are the current time in seconds. However this allows client fingerprinting attacks. Set to false to disable, in which case random bytes will be used instead.

Reimplemented in Botan::TLS::Text_Policy.

Definition at line 341 of file tls_policy.cpp.

341 {
342 return true;
343}

Referenced by Botan::TLS::Text_Policy::include_time_in_hello_random(), Botan::TLS::make_hello_random(), and Botan::TLS::Policy::print().

◆ key_exchange_groups()

std::vector< Group_Params > Botan::TLS::Policy::key_exchange_groups ( ) const
virtualinherited

Return list of ECC curves and FFDHE groups we are willing to use in order of preference.

Reimplemented in Botan::TLS::NSA_Suite_B_128, Botan::TLS::NSA_Suite_B_192, Botan::TLS::BSI_TR_02102_2, and Botan::TLS::Text_Policy.

Definition at line 158 of file tls_policy.cpp.

158 {
159 // Default list is ordered by performance
160 return {
161#if defined(BOTAN_HAS_CURVE_25519)
162 Group_Params::X25519,
163#endif
164#if defined(BOTAN_HAS_X448)
165 Group_Params::X448,
166#endif
167
168 Group_Params::SECP256R1, Group_Params::BRAINPOOL256R1, Group_Params::SECP384R1, Group_Params::BRAINPOOL384R1,
169 Group_Params::SECP521R1, Group_Params::BRAINPOOL512R1,
170
171 Group_Params::FFDHE_2048, Group_Params::FFDHE_3072, Group_Params::FFDHE_4096, Group_Params::FFDHE_6144,
172 Group_Params::FFDHE_8192,
173 };
174}

Referenced by Botan::TLS::Policy::choose_key_exchange_group(), Botan::TLS::Client_Hello_13::Client_Hello_13(), Botan::TLS::Policy::default_dh_group(), Botan::TLS::Encrypted_Extensions::Encrypted_Extensions(), Botan::TLS::Text_Policy::key_exchange_groups(), Botan::TLS::Policy::key_exchange_groups_to_offer(), and Botan::TLS::Policy::print().

◆ key_exchange_groups_to_offer()

std::vector< Group_Params > Botan::TLS::Policy::key_exchange_groups_to_offer ( ) const
virtualinherited

Return a list of groups to provide prepared key share offers in the initial client hello for. Groups in this list must be reflected in key_exchange_groups() and in the same order. By default this returns the most preferred group from key_exchange_groups(). If an empty list is returned, no prepared key share offers are sent and the decision of the group to use is left to the server.

Note
Has an effect on TLS 1.3 clients, only.

Reimplemented in Botan::TLS::Text_Policy.

Definition at line 176 of file tls_policy.cpp.

176 {
177 // by default, we offer a key share for the most-preferred group, only
178 std::vector<Group_Params> groups_to_offer;
179 const auto supported_groups = key_exchange_groups();
180 if(!supported_groups.empty()) {
181 groups_to_offer.push_back(supported_groups.front());
182 }
183 return groups_to_offer;
184}

References Botan::TLS::Policy::key_exchange_groups().

Referenced by Botan::TLS::Text_Policy::key_exchange_groups_to_offer(), and Botan::TLS::Policy::print().

◆ latest_supported_version()

Protocol_Version Botan::TLS::Policy::latest_supported_version ( bool datagram) const
virtualinherited

Returns the most recent protocol version we are willing to use, for either TLS or DTLS depending on datagram param. Shouldn't ever need to override this unless you want to allow a user to disable specific TLS versions.

Definition at line 281 of file tls_policy.cpp.

281 {
282 if(datagram) {
283 if(acceptable_protocol_version(Protocol_Version::DTLS_V12)) {
284 return Protocol_Version::DTLS_V12;
285 }
286 throw Invalid_State("Policy forbids all available DTLS version");
287 } else {
288#if defined(BOTAN_HAS_TLS_13)
289 if(acceptable_protocol_version(Protocol_Version::TLS_V13)) {
290 return Protocol_Version::TLS_V13;
291 }
292#endif
293 if(acceptable_protocol_version(Protocol_Version::TLS_V12)) {
294 return Protocol_Version::TLS_V12;
295 }
296 throw Invalid_State("Policy forbids all available TLS version");
297 }
298}
Botan::TLS::Policy::acceptable_protocol_version
virtual bool acceptable_protocol_version(Protocol_Version version) const
Definition tls_policy.cpp:261

References Botan::TLS::Policy::acceptable_protocol_version().

◆ maximum_certificate_chain_size()

size_t Botan::TLS::Policy::maximum_certificate_chain_size ( ) const
virtualinherited
Returns
the maximum size of the certificate chain, in bytes. Return 0 to disable this and accept any size.

Definition at line 405 of file tls_policy.cpp.

405 {
406 return 0;
407}

Referenced by Botan::TLS::Certificate_12::Certificate_12(), and Botan::TLS::Certificate_13::Certificate_13().

◆ maximum_session_tickets_per_client_hello()

size_t Botan::TLS::Policy::maximum_session_tickets_per_client_hello ( ) const
virtualinherited

Defines the maximum number of session tickets a client might offer in a single resumption attempt. Must be greater than 0.

TODO: Currently, the TLS 1.3 client implementation supports exactly one ticket per handshake. RFC 8446 allows for an arbitrary amount, though.

Note
Has an effect on TLS 1.3 connections, only.

Reimplemented in Botan::TLS::Text_Policy.

Definition at line 245 of file tls_policy.cpp.

245 {
246 return 1;
247}

Referenced by Botan::TLS::Session_Manager::find(), Botan::TLS::Text_Policy::maximum_session_tickets_per_client_hello(), and Botan::TLS::Policy::print().

◆ minimum_dh_group_size()

size_t Botan::TLS::Policy::minimum_dh_group_size ( ) const
virtualinherited

Return the minimum DH group size we're willing to use Default is currently 1024 (insecure), should be 2048

Reimplemented in Botan::TLS::BSI_TR_02102_2, and Botan::TLS::Text_Policy.

Definition at line 186 of file tls_policy.cpp.

186 {
187 return 2048;
188}

Referenced by Botan::TLS::Policy::check_peer_key_acceptable(), Botan::TLS::Text_Policy::minimum_dh_group_size(), and Botan::TLS::Policy::print().

◆ minimum_ecdh_group_size()

size_t Botan::TLS::Policy::minimum_ecdh_group_size ( ) const
virtualinherited

Return the minimum ECDH group size we're willing to use for key exchange

Default 255, allowing x25519 and larger x25519 is the smallest curve we will negotiate P-521 is the largest

Reimplemented in Botan::TLS::BSI_TR_02102_2, and Botan::TLS::Text_Policy.

Definition at line 195 of file tls_policy.cpp.

195 {
196 // x25519 is smallest curve currently supported for TLS key exchange
197 return 255;
198}

Referenced by Botan::TLS::Policy::check_peer_key_acceptable(), Botan::TLS::Text_Policy::minimum_ecdh_group_size(), and Botan::TLS::Policy::print().

◆ minimum_ecdsa_group_size()

size_t Botan::TLS::Policy::minimum_ecdsa_group_size ( ) const
virtualinherited

For ECDSA authenticated ciphersuites, the smallest key size the client will accept. This policy is currently only enforced on the server by the client.

Reimplemented in Botan::TLS::BSI_TR_02102_2, and Botan::TLS::Text_Policy.

Definition at line 190 of file tls_policy.cpp.

190 {
191 // Here we are at the mercy of whatever the CA signed, but most certs should be 256 bit by now
192 return 256;
193}

Referenced by Botan::TLS::Policy::check_peer_key_acceptable(), and Botan::TLS::Text_Policy::minimum_ecdsa_group_size().

◆ minimum_rsa_bits()

size_t Botan::TLS::Policy::minimum_rsa_bits ( ) const
virtualinherited

Return the minimum bit size we're willing to accept for RSA key exchange or server signatures.

It does not place any requirements on the size of any RSA signature(s) which were used to check the server certificate. This is only concerned with the server's public key.

Default is 2048 which is smallest RSA key size still secure for medium term security.

Reimplemented in Botan::TLS::BSI_TR_02102_2, and Botan::TLS::Text_Policy.

Definition at line 208 of file tls_policy.cpp.

208 {
209 /* Default assumption is all end-entity certificates should
210 be at least 2048 bits these days.
211
212 If you are connecting to arbitrary servers on the Internet
213 (ie as a web browser or SMTP client) you'll probably have to reduce this
214 to 1024 bits, or perhaps even lower.
215 */
216 return 2048;
217}

Referenced by Botan::TLS::Policy::check_peer_key_acceptable(), Botan::TLS::Text_Policy::minimum_rsa_bits(), and Botan::TLS::Policy::print().

◆ minimum_signature_strength()

size_t Botan::TLS::Policy::minimum_signature_strength ( ) const
virtualinherited

The minimum signature strength we will accept Returning 80 allows RSA 1024 and SHA-1. Values larger than 80 disable SHA-1 support. Returning 110 allows RSA 2048. Return 128 to force ECC (P-256) or large (~3000 bit) RSA keys. Default is 110

Reimplemented in Botan::TLS::NSA_Suite_B_128, Botan::TLS::NSA_Suite_B_192, Botan::TLS::BSI_TR_02102_2, and Botan::TLS::Text_Policy.

Definition at line 200 of file tls_policy.cpp.

200 {
201 return 110;
202}

Referenced by Botan::TLS::Text_Policy::minimum_signature_strength(), Botan::TLS::Policy::print(), and Botan::TLS::Callbacks::tls_verify_cert_chain().

◆ negotiate_encrypt_then_mac()

bool Botan::TLS::Policy::negotiate_encrypt_then_mac ( ) const
virtualinherited

Indicates whether the encrypt-then-MAC extension should be negotiated (RFC 7366)

Note
Has no effect for TLS 1.3 connections.

Reimplemented in Botan::TLS::BSI_TR_02102_2, and Botan::TLS::Text_Policy.

Definition at line 353 of file tls_policy.cpp.

353 {
354 return true;
355}

Referenced by Botan::TLS::Client_Hello_12::Client_Hello_12(), Botan::TLS::Client_Hello_13::Client_Hello_13(), Botan::TLS::Text_Policy::negotiate_encrypt_then_mac(), Botan::TLS::Policy::print(), Botan::TLS::Server_Hello_12::Server_Hello_12(), and Botan::TLS::Server_Hello_12::Server_Hello_12().

◆ new_session_tickets_upon_handshake_success()

size_t Botan::TLS::Policy::new_session_tickets_upon_handshake_success ( ) const
virtualinherited

Return the number of new session tickets a TLS 1.3 server should issue automatically upon a successful handshake. Note that applications can use TLS::Server::send_new_session_tickets() regardless of this policy.

For convenience (and compatibility with the TLS 1.2 behaviour), this returns '1' by default.

Note
Has an effect on TLS 1.3 connections, only.

Reimplemented in Botan::TLS::Text_Policy.

Definition at line 257 of file tls_policy.cpp.

257 {
258 return 1;
259}

Referenced by Botan::TLS::Text_Policy::new_session_tickets_upon_handshake_success(), and Botan::TLS::Policy::print().

◆ only_resume_with_exact_version()

bool Botan::TLS::Policy::only_resume_with_exact_version ( ) const
virtualinherited

Definition at line 377 of file tls_policy.cpp.

377 {
378 return true;
379}

◆ print()

void Botan::TLS::Policy::print ( std::ostream & o) const
virtualinherited

Convert this policy to a printable format.

Parameters
ostream to be printed to

Definition at line 616 of file tls_policy.cpp.

616 {
617 print_bool(o, "allow_tls12", allow_tls12());
618 print_bool(o, "allow_tls13", allow_tls13());
619 print_bool(o, "allow_dtls12", allow_dtls12());
620 print_vec(o, "ciphers", allowed_ciphers());
621 print_vec(o, "macs", allowed_macs());
622 print_vec(o, "signature_hashes", allowed_signature_hashes());
623 print_vec(o, "signature_methods", allowed_signature_methods());
624 print_vec(o, "key_exchange_methods", allowed_key_exchange_methods());
625 print_vec(o, "key_exchange_groups", key_exchange_groups());
626 const auto groups_to_offer = key_exchange_groups_to_offer();
627 if(groups_to_offer.empty()) {
628 print_vec(o, "key_exchange_groups_to_offer", {std::string("none")});
629 } else {
630 print_vec(o, "key_exchange_groups_to_offer", groups_to_offer);
631 }
632 print_bool(o, "allow_insecure_renegotiation", allow_insecure_renegotiation());
633 print_bool(o, "include_time_in_hello_random", include_time_in_hello_random());
634 print_bool(o, "allow_server_initiated_renegotiation", allow_server_initiated_renegotiation());
635 print_bool(o, "hide_unknown_users", hide_unknown_users());
636 print_bool(o, "server_uses_own_ciphersuite_preferences", server_uses_own_ciphersuite_preferences());
637 print_bool(o, "negotiate_encrypt_then_mac", negotiate_encrypt_then_mac());
638 print_bool(o, "support_cert_status_message", support_cert_status_message());
639 print_bool(o, "tls_13_middlebox_compatibility_mode", tls_13_middlebox_compatibility_mode());
640 print_vec(o, "accepted_client_certificate_types", accepted_client_certificate_types());
641 print_vec(o, "accepted_server_certificate_types", accepted_server_certificate_types());
642 print_bool(o, "hash_hello_random", hash_hello_random());
643 if(record_size_limit().has_value()) {
644 o << "record_size_limit = " << record_size_limit().value() << '\n';
645 }
646 o << "maximum_session_tickets_per_client_hello = " << maximum_session_tickets_per_client_hello() << '\n';
647 o << "session_ticket_lifetime = " << session_ticket_lifetime().count() << '\n';
648 o << "reuse_session_tickets = " << reuse_session_tickets() << '\n';
649 o << "new_session_tickets_upon_handshake_success = " << new_session_tickets_upon_handshake_success() << '\n';
650 o << "minimum_dh_group_size = " << minimum_dh_group_size() << '\n';
651 o << "minimum_ecdh_group_size = " << minimum_ecdh_group_size() << '\n';
652 o << "minimum_rsa_bits = " << minimum_rsa_bits() << '\n';
653 o << "minimum_signature_strength = " << minimum_signature_strength() << '\n';
654}
Botan::TLS::Policy::include_time_in_hello_random
virtual bool include_time_in_hello_random() const
Definition tls_policy.cpp:341
Botan::TLS::Policy::reuse_session_tickets
virtual bool reuse_session_tickets() const
Definition tls_policy.cpp:253
Botan::TLS::Policy::accepted_server_certificate_types
virtual std::vector< Certificate_Type > accepted_server_certificate_types() const
Definition tls_policy.cpp:397
Botan::TLS::Policy::accepted_client_certificate_types
virtual std::vector< Certificate_Type > accepted_client_certificate_types() const
Definition tls_policy.cpp:393
Botan::TLS::Policy::new_session_tickets_upon_handshake_success
virtual size_t new_session_tickets_upon_handshake_success() const
Definition tls_policy.cpp:257
Botan::TLS::Policy::key_exchange_groups_to_offer
virtual std::vector< Group_Params > key_exchange_groups_to_offer() const
Definition tls_policy.cpp:176
Botan::TLS::Policy::tls_13_middlebox_compatibility_mode
virtual bool tls_13_middlebox_compatibility_mode() const
Definition tls_policy.cpp:369
Botan::TLS::Policy::negotiate_encrypt_then_mac
virtual bool negotiate_encrypt_then_mac() const
Definition tls_policy.cpp:353
Botan::TLS::Policy::server_uses_own_ciphersuite_preferences
virtual bool server_uses_own_ciphersuite_preferences() const
Definition tls_policy.cpp:349
Botan::TLS::Policy::support_cert_status_message
virtual bool support_cert_status_message() const
Definition tls_policy.cpp:361
Botan::TLS::Policy::hide_unknown_users
virtual bool hide_unknown_users() const
Definition tls_policy.cpp:345
Botan::TLS::Policy::hash_hello_random
virtual bool hash_hello_random() const
Definition tls_policy.cpp:373
Botan::TLS::Policy::maximum_session_tickets_per_client_hello
virtual size_t maximum_session_tickets_per_client_hello() const
Definition tls_policy.cpp:245
Botan::TLS::Policy::allow_insecure_renegotiation
virtual bool allow_insecure_renegotiation() const
Definition tls_policy.cpp:313
Botan::TLS::Policy::record_size_limit
virtual std::optional< uint16_t > record_size_limit() const
Definition tls_policy.cpp:357
Botan::TLS::Policy::session_ticket_lifetime
virtual std::chrono::seconds session_ticket_lifetime() const
Definition tls_policy.cpp:249
Botan::TLS::Policy::minimum_signature_strength
virtual size_t minimum_signature_strength() const
Definition tls_policy.cpp:200
Botan::TLS::Policy::allow_server_initiated_renegotiation
virtual bool allow_server_initiated_renegotiation() const
Definition tls_policy.cpp:309

References Botan::TLS::Policy::accepted_client_certificate_types(), Botan::TLS::Policy::accepted_server_certificate_types(), Botan::TLS::Policy::allow_dtls12(), Botan::TLS::Policy::allow_insecure_renegotiation(), Botan::TLS::Policy::allow_server_initiated_renegotiation(), Botan::TLS::Policy::allow_tls12(), Botan::TLS::Policy::allow_tls13(), Botan::TLS::Policy::allowed_ciphers(), Botan::TLS::Policy::allowed_key_exchange_methods(), Botan::TLS::Policy::allowed_macs(), Botan::TLS::Policy::allowed_signature_hashes(), Botan::TLS::Policy::allowed_signature_methods(), Botan::TLS::Policy::hash_hello_random(), Botan::TLS::Policy::hide_unknown_users(), Botan::TLS::Policy::include_time_in_hello_random(), Botan::TLS::Policy::key_exchange_groups(), Botan::TLS::Policy::key_exchange_groups_to_offer(), Botan::TLS::Policy::maximum_session_tickets_per_client_hello(), Botan::TLS::Policy::minimum_dh_group_size(), Botan::TLS::Policy::minimum_ecdh_group_size(), Botan::TLS::Policy::minimum_rsa_bits(), Botan::TLS::Policy::minimum_signature_strength(), Botan::TLS::Policy::negotiate_encrypt_then_mac(), Botan::TLS::Policy::new_session_tickets_upon_handshake_success(), Botan::TLS::Policy::record_size_limit(), Botan::TLS::Policy::reuse_session_tickets(), Botan::TLS::Policy::server_uses_own_ciphersuite_preferences(), Botan::TLS::Policy::session_ticket_lifetime(), Botan::TLS::Policy::support_cert_status_message(), and Botan::TLS::Policy::tls_13_middlebox_compatibility_mode().

Referenced by Botan::TLS::Policy::to_string().

◆ record_size_limit()

std::optional< uint16_t > Botan::TLS::Policy::record_size_limit ( ) const
virtualinherited

Defines the maximum TLS record length for TLS connections. This is based on the Record Size Limit extension described in RFC 8449. By default (i.e. if std::nullopt is returned), TLS clients will omit this extension altogether.

This value may be between 64 and 16385 (TLS 1.3) or 16384 (TLS 1.2).

Note
This is currently not implemented for TLS 1.2, hence the limit won't be negotiated by TLS 1.3 clients that support downgrading to TLS 1.2 (i.e. allow_tls12() returning true).

Reimplemented in Botan::TLS::Text_Policy.

Definition at line 357 of file tls_policy.cpp.

357 {
358 return std::nullopt;
359}

Referenced by Botan::TLS::Client_Hello_13::Client_Hello_13(), Botan::TLS::Encrypted_Extensions::Encrypted_Extensions(), and Botan::TLS::Policy::print().

◆ request_client_certificate_authentication()

bool Botan::TLS::Policy::request_client_certificate_authentication ( ) const
virtualinherited

Indicate if client certificate authentication is requested. If true, then a cert will be requested.

Definition at line 385 of file tls_policy.cpp.

385 {
386 return require_client_certificate_authentication();
387}
Botan::TLS::Policy::require_client_certificate_authentication
virtual bool require_client_certificate_authentication() const
Definition tls_policy.cpp:381

References Botan::TLS::Policy::require_client_certificate_authentication().

Referenced by Botan::TLS::Encrypted_Extensions::Encrypted_Extensions(), and Botan::TLS::Certificate_Request_13::maybe_create().

◆ require_cert_revocation_info()

bool Botan::TLS::Policy::require_cert_revocation_info ( ) const
virtualinherited

Return if cert revocation info (CRL/OCSP) is required If true, validation will fail unless a valid CRL or OCSP response was examined.

Reimplemented in Botan::TLS::Text_Policy.

Definition at line 204 of file tls_policy.cpp.

204 {
205 return true;
206}

Referenced by Botan::TLS::Text_Policy::require_cert_revocation_info(), and Botan::TLS::Callbacks::tls_verify_cert_chain().

◆ require_client_certificate_authentication()

bool Botan::TLS::Policy::require_client_certificate_authentication ( ) const
virtualinherited

Indicate if client certificate authentication is required. If true, then a cert will be requested and if the client does not send a certificate the connection will be closed.

Reimplemented in Botan::TLS::Text_Policy.

Definition at line 381 of file tls_policy.cpp.

381 {
382 return false;
383}

Referenced by Botan::TLS::Policy::request_client_certificate_authentication(), and Botan::TLS::Text_Policy::require_client_certificate_authentication().

◆ reuse_session_tickets()

bool Botan::TLS::Policy::reuse_session_tickets ( ) const
virtualinherited

Decides whether stored session tickets should be used multiple times (until their lifetime runs out). This might allow passive observers to correlate connections (RFC 8446 Appendix C.4). This has no effect on TLS 1.2 resumptions based on session IDs as those are negotiated in the clear anyway.

Reimplemented in Botan::TLS::Text_Policy.

Definition at line 253 of file tls_policy.cpp.

253 {
254 return false;
255}

Referenced by Botan::TLS::Session_Manager::find(), Botan::TLS::Policy::print(), and Botan::TLS::Text_Policy::reuse_session_tickets().

◆ server_uses_own_ciphersuite_preferences()

bool Botan::TLS::Policy::server_uses_own_ciphersuite_preferences ( ) const
virtualinherited
Returns
true if servers should choose the ciphersuite matching their highest preference, rather than the clients. Has no effect on client side.

Reimplemented in Botan::TLS::BSI_TR_02102_2, and Botan::TLS::Text_Policy.

Definition at line 349 of file tls_policy.cpp.

349 {
350 return true;
351}

Referenced by Botan::TLS::Policy::print(), and Botan::TLS::Text_Policy::server_uses_own_ciphersuite_preferences().

◆ session_ticket_lifetime()

std::chrono::seconds Botan::TLS::Policy::session_ticket_lifetime ( ) const
virtualinherited

Return the allowed lifetime of a session ticket. If 0, session tickets do not expire until the session ticket key rolls over. For TLS 1.3 session tickets the lifetime must not be longer than seven days. Expired session tickets cannot be used to resume a session.

Reimplemented in Botan::TLS::Text_Policy.

Definition at line 249 of file tls_policy.cpp.

249 {
250 return std::chrono::days(1);
251}

Referenced by Botan::TLS::Policy::print(), Botan::TLS::Session_Manager::retrieve(), and Botan::TLS::Text_Policy::session_ticket_lifetime().

◆ srtp_profiles()

std::vector< uint16_t > Botan::TLS::Policy::srtp_profiles ( ) const
virtualinherited

If this returns a non-empty vector, and DTLS is negotiated, then we will also attempt to negotiate the SRTP extension from RFC 5764 using the returned values as the profile ids.

Reimplemented in Botan::TLS::Text_Policy.

Definition at line 423 of file tls_policy.cpp.

423 {
424 return std::vector<uint16_t>();
425}

Referenced by Botan::TLS::Client_Hello_12::Client_Hello_12(), and Botan::TLS::Server_Hello_12::Server_Hello_12().

◆ support_cert_status_message()

bool Botan::TLS::Policy::support_cert_status_message ( ) const
virtualinherited

Indicates whether certificate status messages should be supported

Reimplemented in Botan::TLS::Text_Policy.

Definition at line 361 of file tls_policy.cpp.

361 {
362 return true;
363}

Referenced by Botan::TLS::Client_Hello_12::Client_Hello_12(), Botan::TLS::Client_Hello_12::Client_Hello_12(), Botan::TLS::Client_Hello_13::Client_Hello_13(), Botan::TLS::Policy::print(), Botan::TLS::Server_Hello_12::Server_Hello_12(), and Botan::TLS::Text_Policy::support_cert_status_message().

◆ tls_13_middlebox_compatibility_mode()

bool Botan::TLS::Policy::tls_13_middlebox_compatibility_mode ( ) const
virtualinherited

Defines whether or not the middlebox compatibility mode should be used. Enabled by default.

RFC 8446 Appendix D.4 [This makes] the TLS 1.3 handshake resemble TLS 1.2 session resumption, which improves the chance of successfully connecting through middleboxes.

Note
Has an effect on TLS 1.3 connections, only.

Reimplemented in Botan::TLS::Text_Policy.

Definition at line 369 of file tls_policy.cpp.

369 {
370 return true;
371}

Referenced by Botan::TLS::Client_Hello_13::Client_Hello_13(), Botan::TLS::Client_Impl_13::Client_Impl_13(), Botan::TLS::Policy::print(), and Botan::TLS::Text_Policy::tls_13_middlebox_compatibility_mode().

◆ to_string()

std::string Botan::TLS::Policy::to_string ( ) const
inherited

Convert this policy to a printable format. Same as calling print on a ostringstream and reading o.str()

Definition at line 656 of file tls_policy.cpp.

656 {
657 std::ostringstream oss;
658 this->print(oss);
659 return oss.str();
660}
Botan::TLS::Policy::print
virtual void print(std::ostream &o) const
Definition tls_policy.cpp:616

References Botan::TLS::Policy::print().

◆ use_ecc_point_compression()

bool Botan::TLS::Policy::use_ecc_point_compression ( ) const
virtualinherited

Request that ECC curve points are sent compressed

Note
Has no effect for TLS 1.3 connections. RFC 8446 4.2.8.2 Versions of TLS prior to 1.3 permitted point format negotiation; TLS 1.3 removes this feature in favor of a single point format for each curve.

Reimplemented in Botan::TLS::Text_Policy.

Definition at line 114 of file tls_policy.cpp.

114 {
115 return false;
116}

Referenced by Botan::TLS::Client_Hello_13::Client_Hello_13(), Botan::TLS::Server_Hello_12::Server_Hello_12(), Botan::TLS::Server_Hello_12::Server_Hello_12(), and Botan::TLS::Text_Policy::use_ecc_point_compression().

The documentation for this class was generated from the following files:
Generated by doxygen 1.10.0