Botan 3.6.1
Crypto and TLS for C&
Public Member Functions | Protected Member Functions | List of all members
Botan::TLS::Text_Policy Class Reference

#include <tls_policy.h>

Inheritance diagram for Botan::TLS::Text_Policy:
Botan::TLS::Policy

Public Member Functions

virtual bool abort_connection_on_undesired_renegotiation () const
 
virtual std::optional< std::vector< Signature_Scheme > > acceptable_certificate_signature_schemes () const
 
virtual bool acceptable_ciphersuite (const Ciphersuite &suite) const
 
virtual bool acceptable_protocol_version (Protocol_Version version) const
 
virtual std::vector< Signature_Schemeacceptable_signature_schemes () const
 
std::vector< Certificate_Typeaccepted_client_certificate_types () const override
 
std::vector< Certificate_Typeaccepted_server_certificate_types () const override
 
bool allow_client_initiated_renegotiation () const override
 
bool allow_dtls12 () const override
 
virtual bool allow_dtls_epoch0_restart () const
 
bool allow_insecure_renegotiation () const override
 
virtual bool allow_resumption_for_renegotiation () const
 
bool allow_server_initiated_renegotiation () const override
 
bool allow_ssl_key_log_file () const override
 
bool allow_tls12 () const override
 
bool allow_tls13 () const override
 
std::vector< std::string > allowed_ciphers () const override
 
std::vector< std::string > allowed_key_exchange_methods () const override
 
std::vector< std::string > allowed_macs () const override
 
bool allowed_signature_hash (std::string_view hash) const
 
std::vector< std::string > allowed_signature_hashes () const override
 
bool allowed_signature_method (std::string_view sig_method) const
 
std::vector< std::string > allowed_signature_methods () const override
 
virtual std::vector< Signature_Schemeallowed_signature_schemes () const
 
virtual void check_peer_key_acceptable (const Public_Key &public_key) const
 
virtual Group_Params choose_key_exchange_group (const std::vector< Group_Params > &supported_by_peer, const std::vector< Group_Params > &offered_by_peer) const
 
virtual std::vector< uint16_t > ciphersuite_list (Protocol_Version version) const
 
virtual Group_Params default_dh_group () const
 
size_t dtls_default_mtu () const override
 
size_t dtls_initial_timeout () const override
 
size_t dtls_maximum_timeout () const override
 
bool hash_hello_random () const override
 
bool hide_unknown_users () const override
 
bool include_time_in_hello_random () const override
 
std::vector< Group_Paramskey_exchange_groups () const override
 
std::vector< Group_Paramskey_exchange_groups_to_offer () const override
 
virtual Protocol_Version latest_supported_version (bool datagram) const
 
virtual size_t maximum_certificate_chain_size () const
 
size_t maximum_session_tickets_per_client_hello () const override
 
size_t minimum_dh_group_size () const override
 
size_t minimum_ecdh_group_size () const override
 
size_t minimum_ecdsa_group_size () const override
 
size_t minimum_rsa_bits () const override
 
size_t minimum_signature_strength () const override
 
bool negotiate_encrypt_then_mac () const override
 
size_t new_session_tickets_upon_handshake_success () const override
 
virtual bool only_resume_with_exact_version () const
 
virtual void print (std::ostream &o) const
 
std::optional< uint16_t > record_size_limit () const override
 
virtual bool request_client_certificate_authentication () const
 
bool require_cert_revocation_info () const override
 
bool require_client_certificate_authentication () const override
 
bool reuse_session_tickets () const override
 
bool server_uses_own_ciphersuite_preferences () const override
 
std::chrono::seconds session_ticket_lifetime () const override
 
void set (const std::string &key, const std::string &value)
 
std::vector< uint16_t > srtp_profiles () const override
 
bool support_cert_status_message () const override
 
 Text_Policy (std::istream &in)
 
 Text_Policy (std::string_view s)
 
bool tls_13_middlebox_compatibility_mode () const override
 
std::string to_string () const
 
bool use_ecc_point_compression () const override
 

Protected Member Functions

bool get_bool (const std::string &key, bool def) const
 
std::chrono::seconds get_duration (const std::string &key, std::chrono::seconds def) const
 
size_t get_len (const std::string &key, size_t def) const
 
std::vector< std::string > get_list (const std::string &key, const std::vector< std::string > &def) const
 
std::string get_str (const std::string &key, const std::string &def="") const
 
std::vector< Certificate_Typeread_cert_type_list (const std::string &cert_type_str) const
 
std::vector< Group_Paramsread_group_list (std::string_view group_str) const
 
bool set_value (const std::string &key, std::string_view val, bool overwrite)
 

Detailed Description

Definition at line 730 of file tls_policy.h.

Constructor & Destructor Documentation

◆ Text_Policy() [1/2]

Botan::TLS::Text_Policy::Text_Policy ( std::string_view s)
explicit

Definition at line 214 of file tls_text_policy.cpp.

214 {
215 std::istringstream iss{std::string(s)}; // FIXME C++23 avoid copy
216 m_kv = read_cfg(iss);
217}
Botan::read_cfg
std::map< std::string, std::string > read_cfg(std::istream &is)
Definition read_cfg.cpp:34

References Botan::read_cfg().

◆ Text_Policy() [2/2]

Botan::TLS::Text_Policy::Text_Policy ( std::istream & in)
explicit

Definition at line 219 of file tls_text_policy.cpp.

219: m_kv(read_cfg(in)) {}

Member Function Documentation

◆ abort_connection_on_undesired_renegotiation()

bool Botan::TLS::Policy::abort_connection_on_undesired_renegotiation ( ) const
virtualinherited

If true, a request to renegotiate will close the connection with a fatal alert. Otherwise, a warning alert is sent.

See also
allow_client_initiated_renegotiation
allow_server_initiated_renegotiation

Default: false

Note
Has no effect for TLS 1.3 connections.

Definition at line 394 of file tls_policy.cpp.

394 {
395 return false;
396}

◆ acceptable_certificate_signature_schemes()

std::optional< std::vector< Signature_Scheme > > Botan::TLS::Policy::acceptable_certificate_signature_schemes ( ) const
virtualinherited

Return a list of schemes we are willing to accept for signatures in certificates.

By default, the same restrictions as in acceptable_signature_schemes() apply.

Returns
std::nullopt if the same restrictions as defined in acceptable_signature_schemes() should apply

Definition at line 47 of file tls_policy.cpp.

47 {
48 // the restrictions of ::acceptable_signature_schemes() shall apply
49 return std::nullopt;
50}

Referenced by Botan::TLS::Client_Hello_12::Client_Hello_12(), Botan::TLS::Client_Hello_12::Client_Hello_12(), and Botan::TLS::Client_Hello_13::Client_Hello_13().

◆ acceptable_ciphersuite()

bool Botan::TLS::Policy::acceptable_ciphersuite ( const Ciphersuite & suite) const
virtualinherited

Allows policy to reject any ciphersuites which are undesirable for whatever reason without having to reimplement ciphersuite_list

Definition at line 305 of file tls_policy.cpp.

305 {
306 return value_exists(allowed_ciphers(), ciphersuite.cipher_algo()) &&
307 value_exists(allowed_macs(), ciphersuite.mac_algo());
308}
Botan::TLS::Policy::allowed_macs
virtual std::vector< std::string > allowed_macs() const
Definition tls_policy.cpp:80
Botan::TLS::Policy::allowed_ciphers
virtual std::vector< std::string > allowed_ciphers() const
Definition tls_policy.cpp:52
Botan::value_exists
bool value_exists(const std::vector< T > &vec, const OT &val)
Definition stl_util.h:60

References Botan::TLS::Policy::allowed_ciphers(), Botan::TLS::Policy::allowed_macs(), Botan::TLS::Ciphersuite::cipher_algo(), Botan::TLS::Ciphersuite::mac_algo(), and Botan::value_exists().

Referenced by Botan::TLS::Policy::ciphersuite_list().

◆ acceptable_protocol_version()

bool Botan::TLS::Policy::acceptable_protocol_version ( Protocol_Version version) const
virtualinherited
Returns
true if and only if we are willing to accept this version Default accepts TLS v1.2 and later or DTLS v1.2 or later.

Definition at line 266 of file tls_policy.cpp.

266 {
267#if defined(BOTAN_HAS_TLS_13)
268 if(version == Protocol_Version::TLS_V13 && allow_tls13()) {
269 return true;
270 }
271#endif
272
273#if defined(BOTAN_HAS_TLS_12)
274 if(version == Protocol_Version::TLS_V12 && allow_tls12()) {
275 return true;
276 }
277
278 if(version == Protocol_Version::DTLS_V12 && allow_dtls12()) {
279 return true;
280 }
281#endif
282
283 return false;
284}
Botan::TLS::Policy::allow_tls12
virtual bool allow_tls12() const
Definition tls_policy.cpp:322
Botan::TLS::Policy::allow_tls13
virtual bool allow_tls13() const
Definition tls_policy.cpp:330
Botan::TLS::Policy::allow_dtls12
virtual bool allow_dtls12() const
Definition tls_policy.cpp:338

References Botan::TLS::Policy::allow_dtls12(), Botan::TLS::Policy::allow_tls12(), and Botan::TLS::Policy::allow_tls13().

Referenced by Botan::TLS::Client_Hello_12::Client_Hello_12(), Botan::TLS::Client_Hello_12::Client_Hello_12(), Botan::TLS::Client_Hello_13::highest_supported_version(), and Botan::TLS::Policy::latest_supported_version().

◆ acceptable_signature_schemes()

std::vector< Signature_Scheme > Botan::TLS::Policy::acceptable_signature_schemes ( ) const
virtualinherited

Return a list of schemes we are willing to accept

Definition at line 43 of file tls_policy.cpp.

43 {
44 return this->allowed_signature_schemes();
45}
Botan::TLS::Policy::allowed_signature_schemes
virtual std::vector< Signature_Scheme > allowed_signature_schemes() const
Definition tls_policy.cpp:28

References Botan::TLS::Policy::allowed_signature_schemes().

Referenced by Botan::TLS::Client_Hello_12::Client_Hello_12(), Botan::TLS::Client_Hello_12::Client_Hello_12(), and Botan::TLS::Client_Hello_13::Client_Hello_13().

◆ accepted_client_certificate_types()

std::vector< Certificate_Type > Botan::TLS::Text_Policy::accepted_client_certificate_types ( ) const
overridevirtual

Returns a list of accepted certificate types for client authentication in order of preference. See RFC 7250 and RFC 8446 4.4.2 for details. Defaults to X509 only.

Note that it is the application's responsibility to provide public keys and/or certificates according to the specification in this list via the Credentials_Manager.

Reimplemented from Botan::TLS::Policy.

Definition at line 74 of file tls_text_policy.cpp.

74 {
75 const auto cert_types = get_str("accepted_client_certificate_types");
76 return (cert_types.empty()) ? Policy::accepted_client_certificate_types() : read_cert_type_list(cert_types);
77}
Botan::TLS::Policy::accepted_client_certificate_types
virtual std::vector< Certificate_Type > accepted_client_certificate_types() const
Definition tls_policy.cpp:398
Botan::TLS::Text_Policy::get_str
std::string get_str(const std::string &key, const std::string &def="") const
Definition tls_text_policy.cpp:327
Botan::TLS::Text_Policy::read_cert_type_list
std::vector< Certificate_Type > read_cert_type_list(const std::string &cert_type_str) const
Definition tls_text_policy.cpp:273

References Botan::TLS::Policy::accepted_client_certificate_types(), get_str(), and read_cert_type_list().

◆ accepted_server_certificate_types()

std::vector< Certificate_Type > Botan::TLS::Text_Policy::accepted_server_certificate_types ( ) const
overridevirtual

Returns a list of accepted certificate types for server authentication in order of preference. See RFC 7250 and RFC 8446 4.4.2 for details. Defaults to X509 only.

Note that it is the application's responsibility to provide public keys and/or certificates according to the specification in this list via the Credentials_Manager.

Reimplemented from Botan::TLS::Policy.

Definition at line 79 of file tls_text_policy.cpp.

79 {
80 const auto cert_types = get_str("accepted_server_certificate_types");
81 return (cert_types.empty()) ? Policy::accepted_server_certificate_types() : read_cert_type_list(cert_types);
82}
Botan::TLS::Policy::accepted_server_certificate_types
virtual std::vector< Certificate_Type > accepted_server_certificate_types() const
Definition tls_policy.cpp:402

References Botan::TLS::Policy::accepted_server_certificate_types(), get_str(), and read_cert_type_list().

◆ allow_client_initiated_renegotiation()

bool Botan::TLS::Text_Policy::allow_client_initiated_renegotiation ( ) const
overridevirtual

Consulted by server side. If true, allows clients to initiate a new handshake

If this function returns true, a server will accept a client-initiated renegotiation attempt. Otherwise it will send the client a non-fatal TLS::AlertType::NoRenegotiation alert.

Default: false

Note
Has no effect for TLS 1.3 connections.

Reimplemented from Botan::TLS::Policy.

Definition at line 70 of file tls_text_policy.cpp.

70 {
71 return get_bool("allow_client_initiated_renegotiation", Policy::allow_client_initiated_renegotiation());
72}
Botan::TLS::Policy::allow_client_initiated_renegotiation
virtual bool allow_client_initiated_renegotiation() const
Definition tls_policy.cpp:310
Botan::TLS::Text_Policy::get_bool
bool get_bool(const std::string &key, bool def) const
Definition tls_text_policy.cpp:311

References Botan::TLS::Policy::allow_client_initiated_renegotiation(), and get_bool().

◆ allow_dtls12()

bool Botan::TLS::Text_Policy::allow_dtls12 ( ) const
overridevirtual

Allow DTLS v1.2

Reimplemented from Botan::TLS::Policy.

Definition at line 54 of file tls_text_policy.cpp.

54 {
55 return get_bool("allow_dtls12", Policy::allow_dtls12());
56}

References Botan::TLS::Policy::allow_dtls12(), and get_bool().

◆ allow_dtls_epoch0_restart()

bool Botan::TLS::Policy::allow_dtls_epoch0_restart ( ) const
virtualinherited

If true, then allow a DTLS client to restart a connection to the same server association as described in section 4.2.8 of the DTLS RFC

Definition at line 406 of file tls_policy.cpp.

406 {
407 return false;
408}

Referenced by Botan::TLS::Channel_Impl_12::from_peer().

◆ allow_insecure_renegotiation()

bool Botan::TLS::Text_Policy::allow_insecure_renegotiation ( ) const
overridevirtual

Allow renegotiation even if the counterparty doesn't support the secure renegotiation extension.

Default: false

Warning
Changing this to true exposes you to injected plaintext attacks. Read RFC 5746 for background.
Note
Has no effect for TLS 1.3 connections.

Reimplemented from Botan::TLS::Policy.

Definition at line 58 of file tls_text_policy.cpp.

58 {
59 return get_bool("allow_insecure_renegotiation", Policy::allow_insecure_renegotiation());
60}
Botan::TLS::Policy::allow_insecure_renegotiation
virtual bool allow_insecure_renegotiation() const
Definition tls_policy.cpp:318

References Botan::TLS::Policy::allow_insecure_renegotiation(), and get_bool().

◆ allow_resumption_for_renegotiation()

bool Botan::TLS::Policy::allow_resumption_for_renegotiation ( ) const
virtualinherited
Note
Has no effect for TLS 1.3 connections.

Definition at line 370 of file tls_policy.cpp.

370 {
371 return true;
372}

Referenced by Botan::TLS::Channel_Impl_12::renegotiate().

◆ allow_server_initiated_renegotiation()

bool Botan::TLS::Text_Policy::allow_server_initiated_renegotiation ( ) const
overridevirtual

Consulted by client side. If true, allows servers to initiate a new handshake

If this function returns true, a client will accept a server-initiated renegotiation attempt. Otherwise it will send the server a non-fatal TLS::AlertType::NoRenegotiation alert.

Default: false

Note
Has no effect for TLS 1.3 connections.

Reimplemented from Botan::TLS::Policy.

Definition at line 84 of file tls_text_policy.cpp.

84 {
85 return get_bool("allow_server_initiated_renegotiation", Policy::allow_server_initiated_renegotiation());
86}
Botan::TLS::Policy::allow_server_initiated_renegotiation
virtual bool allow_server_initiated_renegotiation() const
Definition tls_policy.cpp:314

References Botan::TLS::Policy::allow_server_initiated_renegotiation(), and get_bool().

◆ allow_ssl_key_log_file()

bool Botan::TLS::Text_Policy::allow_ssl_key_log_file ( ) const
overridevirtual

Allow ssl key log file

Note
If function returns true, then Callbacks::tls_ssl_key_log_data will be invoked containing secret information for logging purposes

Reimplemented from Botan::TLS::Policy.

Definition at line 18 of file tls_text_policy.cpp.

18 {
19 return get_bool("allow_ssl_key_log_file", Policy::allow_ssl_key_log_file());
20}
Botan::TLS::Policy::allow_ssl_key_log_file
virtual bool allow_ssl_key_log_file() const
Definition tls_policy.cpp:24

References Botan::TLS::Policy::allow_ssl_key_log_file(), and get_bool().

◆ allow_tls12()

bool Botan::TLS::Text_Policy::allow_tls12 ( ) const
overridevirtual

Allow TLS v1.2

Reimplemented from Botan::TLS::Policy.

Definition at line 46 of file tls_text_policy.cpp.

46 {
47 return get_bool("allow_tls12", Policy::allow_tls12());
48}

References Botan::TLS::Policy::allow_tls12(), and get_bool().

◆ allow_tls13()

bool Botan::TLS::Text_Policy::allow_tls13 ( ) const
overridevirtual

Allow TLS v1.3

Reimplemented from Botan::TLS::Policy.

Definition at line 50 of file tls_text_policy.cpp.

50 {
51 return get_bool("allow_tls13", Policy::allow_tls13());
52}

References Botan::TLS::Policy::allow_tls13(), and get_bool().

◆ allowed_ciphers()

std::vector< std::string > Botan::TLS::Text_Policy::allowed_ciphers ( ) const
overridevirtual

Returns a list of ciphers we are willing to negotiate, in order of preference.

Reimplemented from Botan::TLS::Policy.

Definition at line 22 of file tls_text_policy.cpp.

22 {
23 return get_list("ciphers", Policy::allowed_ciphers());
24}
Botan::TLS::Text_Policy::get_list
std::vector< std::string > get_list(const std::string &key, const std::vector< std::string > &def) const
Definition tls_text_policy.cpp:221

References Botan::TLS::Policy::allowed_ciphers(), and get_list().

◆ allowed_key_exchange_methods()

std::vector< std::string > Botan::TLS::Text_Policy::allowed_key_exchange_methods ( ) const
overridevirtual

Returns a list of key exchange algorithms we are willing to use, in order of preference. Allowed values: DH, empty string (representing RSA using server certificate key)

Reimplemented from Botan::TLS::Policy.

Definition at line 34 of file tls_text_policy.cpp.

34 {
35 return get_list("key_exchange_methods", Policy::allowed_key_exchange_methods());
36}
Botan::TLS::Policy::allowed_key_exchange_methods
virtual std::vector< std::string > allowed_key_exchange_methods() const
Definition tls_policy.cpp:94

References Botan::TLS::Policy::allowed_key_exchange_methods(), and get_list().

◆ allowed_macs()

std::vector< std::string > Botan::TLS::Text_Policy::allowed_macs ( ) const
overridevirtual

Returns a list of MAC algorithms we are willing to use.

Reimplemented from Botan::TLS::Policy.

Definition at line 30 of file tls_text_policy.cpp.

30 {
31 return get_list("macs", Policy::allowed_macs());
32}

References Botan::TLS::Policy::allowed_macs(), and get_list().

◆ allowed_signature_hash()

bool Botan::TLS::Policy::allowed_signature_hash ( std::string_view hash) const
inherited

Definition at line 115 of file tls_policy.cpp.

115 {
116 return value_exists(allowed_signature_hashes(), sig_hash);
117}
Botan::TLS::Policy::allowed_signature_hashes
virtual std::vector< std::string > allowed_signature_hashes() const
Definition tls_policy.cpp:72

References Botan::TLS::Policy::allowed_signature_hashes(), and Botan::value_exists().

Referenced by Botan::TLS::Policy::allowed_signature_schemes(), and Botan::TLS::Handshake_State::choose_sig_format().

◆ allowed_signature_hashes()

std::vector< std::string > Botan::TLS::Text_Policy::allowed_signature_hashes ( ) const
overridevirtual

Returns a list of hash algorithms we are willing to use for signatures, in order of preference.

Reimplemented from Botan::TLS::Policy.

Definition at line 26 of file tls_text_policy.cpp.

26 {
27 return get_list("signature_hashes", Policy::allowed_signature_hashes());
28}

References Botan::TLS::Policy::allowed_signature_hashes(), and get_list().

◆ allowed_signature_method()

bool Botan::TLS::Policy::allowed_signature_method ( std::string_view sig_method) const
inherited

Definition at line 111 of file tls_policy.cpp.

111 {
112 return value_exists(allowed_signature_methods(), sig_method);
113}
Botan::TLS::Policy::allowed_signature_methods
virtual std::vector< std::string > allowed_signature_methods() const
Definition tls_policy.cpp:104

References Botan::TLS::Policy::allowed_signature_methods(), and Botan::value_exists().

Referenced by Botan::TLS::Policy::allowed_signature_schemes(), Botan::TLS::Certificate_13::Certificate_13(), and Botan::TLS::Handshake_State::parse_sig_format().

◆ allowed_signature_methods()

std::vector< std::string > Botan::TLS::Text_Policy::allowed_signature_methods ( ) const
overridevirtual

Returns a list of signature algorithms we are willing to use, in order of preference.

Reimplemented from Botan::TLS::Policy.

Definition at line 38 of file tls_text_policy.cpp.

38 {
39 return get_list("signature_methods", Policy::allowed_signature_methods());
40}

References Botan::TLS::Policy::allowed_signature_methods(), and get_list().

◆ allowed_signature_schemes()

std::vector< Signature_Scheme > Botan::TLS::Policy::allowed_signature_schemes ( ) const
virtualinherited

Definition at line 28 of file tls_policy.cpp.

28 {
29 std::vector<Signature_Scheme> schemes;
30
31 for(Signature_Scheme scheme : Signature_Scheme::all_available_schemes()) {
32 const bool sig_allowed = allowed_signature_method(scheme.algorithm_name());
33 const bool hash_allowed = allowed_signature_hash(scheme.hash_function_name());
34
35 if(sig_allowed && hash_allowed) {
36 schemes.push_back(scheme);
37 }
38 }
39
40 return schemes;
41}
Botan::TLS::Policy::allowed_signature_method
bool allowed_signature_method(std::string_view sig_method) const
Definition tls_policy.cpp:111
Botan::TLS::Policy::allowed_signature_hash
bool allowed_signature_hash(std::string_view hash) const
Definition tls_policy.cpp:115
Botan::TLS::Signature_Scheme::all_available_schemes
static const std::vector< Signature_Scheme > & all_available_schemes()
Definition tls_signature_scheme.cpp:21

References Botan::TLS::Signature_Scheme::all_available_schemes(), Botan::TLS::Policy::allowed_signature_hash(), and Botan::TLS::Policy::allowed_signature_method().

Referenced by Botan::TLS::Policy::acceptable_signature_schemes(), Botan::TLS::Certificate_Verify_13::Certificate_Verify_13(), and Botan::TLS::Handshake_State::choose_sig_format().

◆ check_peer_key_acceptable()

void Botan::TLS::Policy::check_peer_key_acceptable ( const Public_Key & public_key) const
virtualinherited

Allows the policy to examine peer public keys. Throw an exception if the key should be rejected. Default implementation checks against policy values minimum_dh_group_size(), minimum_rsa_bits(), minimum_ecdsa_group_size(), and minimum_ecdh_group_size().

Override if you'd like to perform some other kind of test on (or logging of) the peer's keys.

Definition at line 224 of file tls_policy.cpp.

224 {
225 const std::string algo_name = public_key.algo_name();
226
227 const size_t keylength = public_key.key_length();
228 size_t expected_keylength = 0;
229
230 if(algo_name == "RSA") {
231 expected_keylength = minimum_rsa_bits();
232 } else if(algo_name == "DH") {
233 expected_keylength = minimum_dh_group_size();
234 } else if(algo_name == "ECDH" || algo_name == "X25519" || algo_name == "X448") {
235 expected_keylength = minimum_ecdh_group_size();
236 } else if(algo_name == "ECDSA") {
237 expected_keylength = minimum_ecdsa_group_size();
238 }
239 // else some other algo, so leave expected_keylength as zero and the check is a no-op
240
241 if(keylength < expected_keylength) {
242 throw TLS_Exception(Alert::InsufficientSecurity,
243 "Peer sent " + std::to_string(keylength) + " bit " + algo_name +
244 " key"
245 ", policy requires at least " +
246 std::to_string(expected_keylength));
247 }
248}
Botan::TLS::Policy::minimum_ecdh_group_size
virtual size_t minimum_ecdh_group_size() const
Definition tls_policy.cpp:200
Botan::TLS::Policy::minimum_rsa_bits
virtual size_t minimum_rsa_bits() const
Definition tls_policy.cpp:213
Botan::TLS::Policy::minimum_dh_group_size
virtual size_t minimum_dh_group_size() const
Definition tls_policy.cpp:191
Botan::TLS::Policy::minimum_ecdsa_group_size
virtual size_t minimum_ecdsa_group_size() const
Definition tls_policy.cpp:195

References Botan::Asymmetric_Key::algo_name(), Botan::Public_Key::key_length(), Botan::TLS::Policy::minimum_dh_group_size(), Botan::TLS::Policy::minimum_ecdh_group_size(), Botan::TLS::Policy::minimum_ecdsa_group_size(), and Botan::TLS::Policy::minimum_rsa_bits().

Referenced by Botan::TLS::Certificate_13::Certificate_13(), Botan::TLS::Callbacks::tls_ephemeral_key_agreement(), Botan::TLS::Callbacks::tls_kem_encapsulate(), Botan::TLS::Certificate_Verify_12::verify(), and Botan::TLS::Server_Key_Exchange::verify().

◆ choose_key_exchange_group()

Group_Params Botan::TLS::Policy::choose_key_exchange_group ( const std::vector< Group_Params > & supported_by_peer,
const std::vector< Group_Params > & offered_by_peer ) const
virtualinherited

Select a key exchange group to use, from the list of groups sent by the peer. In TLS 1.3 handshakes the peer might have provided cryptographic material for a subset of its available groups. Choosing a group for which no share was provided will result in an additional round trip. If none are acceptable, return Group_Params::NONE.

By default this will try to optimize for less round trips even if this results in the usage of a less preferred group.

Definition at line 123 of file tls_policy.cpp.

124 {
125 if(supported_by_peer.empty()) {
126 return Group_Params::NONE;
127 }
128
129 const std::vector<Group_Params> our_groups = key_exchange_groups();
130
131 // Prefer groups that were offered by the peer for the sake of saving
132 // an additional round trip. For TLS 1.2, this won't be used.
133 for(auto g : offered_by_peer) {
134 if(value_exists(our_groups, g)) {
135 return g;
136 }
137 }
138
139 // If no pre-offered groups fit our supported set, we prioritize our
140 // own preference.
141 for(auto g : our_groups) {
142 if(value_exists(supported_by_peer, g)) {
143 return g;
144 }
145 }
146
147 return Group_Params::NONE;
148}
Botan::TLS::Policy::key_exchange_groups
virtual std::vector< Group_Params > key_exchange_groups() const
Definition tls_policy.cpp:163

References Botan::TLS::Policy::key_exchange_groups(), and Botan::value_exists().

Referenced by Botan::TLS::Client_Key_Exchange::Client_Key_Exchange(), Botan::TLS::Server_Hello_13::create(), and Botan::TLS::Server_Key_Exchange::Server_Key_Exchange().

◆ ciphersuite_list()

std::vector< uint16_t > Botan::TLS::Policy::ciphersuite_list ( Protocol_Version version) const
virtualinherited

Return allowed ciphersuites, in order of preference for the provided protocol version.

Parameters
versionthe exact protocol version to select supported and allowed ciphersuites for

Definition at line 505 of file tls_policy.cpp.

505 {
506 const std::vector<std::string> ciphers = allowed_ciphers();
507 const std::vector<std::string> macs = allowed_macs();
508 const std::vector<std::string> kex = allowed_key_exchange_methods();
509 const std::vector<std::string> sigs = allowed_signature_methods();
510
511 std::vector<Ciphersuite> ciphersuites;
512
513 for(auto&& suite : Ciphersuite::all_known_ciphersuites()) {
514 // Can we use it?
515 if(!suite.valid()) {
516 continue;
517 }
518
519 // Can we use it in this version?
520 if(!suite.usable_in_version(version)) {
521 continue;
522 }
523
524 // Is it acceptable to the policy?
525 if(!this->acceptable_ciphersuite(suite)) {
526 continue;
527 }
528
529 if(!value_exists(ciphers, suite.cipher_algo())) {
530 continue; // unsupported cipher
531 }
532
533 // these checks are irrelevant for TLS 1.3
534 // TODO: consider making a method for this logic
535 if(version.is_pre_tls_13()) {
536 if(!value_exists(kex, suite.kex_algo())) {
537 continue; // unsupported key exchange
538 }
539
540 if(!value_exists(macs, suite.mac_algo())) {
541 continue; // unsupported MAC algo
542 }
543
544 if(!value_exists(sigs, suite.sig_algo())) {
545 // allow if it's an empty sig algo and we want to use PSK
546 if(suite.auth_method() != Auth_Method::IMPLICIT || !suite.psk_ciphersuite()) {
547 continue;
548 }
549 }
550 }
551
552 // OK, consider it
553 ciphersuites.push_back(suite);
554 }
555
556 if(ciphersuites.empty()) {
557 throw Invalid_State("Policy does not allow any available cipher suite");
558 }
559
560 Ciphersuite_Preference_Ordering order(ciphers, macs, kex, sigs);
561 std::sort(ciphersuites.begin(), ciphersuites.end(), order);
562
563 std::vector<uint16_t> ciphersuite_codes;
564 ciphersuite_codes.reserve(ciphersuites.size());
565 for(auto i : ciphersuites) {
566 ciphersuite_codes.push_back(i.ciphersuite_code());
567 }
568 return ciphersuite_codes;
569}
Botan::TLS::Ciphersuite::all_known_ciphersuites
static const std::vector< Ciphersuite > & all_known_ciphersuites()
Definition tls_suite_info.cpp:15
Botan::TLS::Policy::acceptable_ciphersuite
virtual bool acceptable_ciphersuite(const Ciphersuite &suite) const
Definition tls_policy.cpp:305

References Botan::TLS::Policy::acceptable_ciphersuite(), Botan::TLS::Ciphersuite::all_known_ciphersuites(), Botan::TLS::Policy::allowed_ciphers(), Botan::TLS::Policy::allowed_key_exchange_methods(), Botan::TLS::Policy::allowed_macs(), Botan::TLS::Policy::allowed_signature_methods(), Botan::TLS::IMPLICIT, Botan::TLS::Protocol_Version::is_pre_tls_13(), and Botan::value_exists().

Referenced by Botan::TLS::Client_Hello_12::Client_Hello_12(), Botan::TLS::Client_Hello_12::Client_Hello_12(), and Botan::TLS::Client_Hello_13::Client_Hello_13().

◆ default_dh_group()

Group_Params Botan::TLS::Policy::default_dh_group ( ) const
virtualinherited

For ephemeral Diffie-Hellman key exchange, the server sends a group parameter. Return the 2 Byte TLS group identifier specifying the group parameter a server should use.

Default: 2048 bit IETF IPsec group ("modp/ietf/2048")

Note
Has no effect for TLS 1.3 connections.

Definition at line 150 of file tls_policy.cpp.

150 {
151 /*
152 * Return the first listed or just default to 2048
153 */
154 for(auto g : key_exchange_groups()) {
155 if(g.is_dh_named_group()) {
156 return g;
157 }
158 }
159
160 return Group_Params::FFDHE_2048;
161}

References Botan::TLS::Policy::key_exchange_groups().

Referenced by Botan::TLS::Server_Key_Exchange::Server_Key_Exchange().

◆ dtls_default_mtu()

size_t Botan::TLS::Text_Policy::dtls_default_mtu ( ) const
overridevirtual
Returns
the default MTU for DTLS

Reimplemented from Botan::TLS::Policy.

Definition at line 158 of file tls_text_policy.cpp.

158 {
159 return get_len("dtls_default_mtu", Policy::dtls_default_mtu());
160}
Botan::TLS::Policy::dtls_default_mtu
virtual size_t dtls_default_mtu() const
Definition tls_policy.cpp:423
Botan::TLS::Text_Policy::get_len
size_t get_len(const std::string &key, size_t def) const
Definition tls_text_policy.cpp:282

References Botan::TLS::Policy::dtls_default_mtu(), and get_len().

◆ dtls_initial_timeout()

size_t Botan::TLS::Text_Policy::dtls_initial_timeout ( ) const
overridevirtual
Returns
the initial timeout for DTLS

Reimplemented from Botan::TLS::Policy.

Definition at line 162 of file tls_text_policy.cpp.

162 {
163 return get_len("dtls_initial_timeout", Policy::dtls_initial_timeout());
164}
Botan::TLS::Policy::dtls_initial_timeout
virtual size_t dtls_initial_timeout() const
Definition tls_policy.cpp:415

References Botan::TLS::Policy::dtls_initial_timeout(), and get_len().

◆ dtls_maximum_timeout()

size_t Botan::TLS::Text_Policy::dtls_maximum_timeout ( ) const
overridevirtual
Returns
the maximum timeout for DTLS

Reimplemented from Botan::TLS::Policy.

Definition at line 166 of file tls_text_policy.cpp.

166 {
167 return get_len("dtls_maximum_timeout", Policy::dtls_maximum_timeout());
168}
Botan::TLS::Policy::dtls_maximum_timeout
virtual size_t dtls_maximum_timeout() const
Definition tls_policy.cpp:419

References Botan::TLS::Policy::dtls_maximum_timeout(), and get_len().

◆ get_bool()

bool Botan::TLS::Text_Policy::get_bool ( const std::string & key,
bool def ) const
protected

Definition at line 311 of file tls_text_policy.cpp.

311 {
312 const std::string v = get_str(key);
313
314 if(v.empty()) {
315 return def;
316 }
317
318 if(v == "true" || v == "True") {
319 return true;
320 } else if(v == "false" || v == "False") {
321 return false;
322 } else {
323 throw Decoding_Error("Invalid boolean '" + v + "'");
324 }
325}

References get_str().

Referenced by allow_client_initiated_renegotiation(), allow_dtls12(), allow_insecure_renegotiation(), allow_server_initiated_renegotiation(), allow_ssl_key_log_file(), allow_tls12(), allow_tls13(), hash_hello_random(), hide_unknown_users(), include_time_in_hello_random(), negotiate_encrypt_then_mac(), require_cert_revocation_info(), require_client_certificate_authentication(), reuse_session_tickets(), server_uses_own_ciphersuite_preferences(), support_cert_status_message(), tls_13_middlebox_compatibility_mode(), and use_ecc_point_compression().

◆ get_duration()

std::chrono::seconds Botan::TLS::Text_Policy::get_duration ( const std::string & key,
std::chrono::seconds def ) const
protected

Definition at line 292 of file tls_text_policy.cpp.

292 {
293 using rep_t = std::chrono::seconds::rep;
294 constexpr rep_t max_seconds = std::chrono::seconds::max().count();
295 constexpr auto max_sizet = std::numeric_limits<size_t>::max();
296 using ull = unsigned long long;
297
298 // The concrete type of `rep` is not specified exactly. Let's play it extra safe...
299 // e.g. on 32-bit platforms size_t is 32 bits but rep_t is "at least 35 bits"
300
301 // at least zero and certainly fitting into rep_t
302 const rep_t positive_default = std::max(def.count(), rep_t(0));
303 // at least zero but capped to whatever size_t can handle
304 const size_t positive_capped_default = static_cast<size_t>(std::min<ull>(positive_default, max_sizet));
305 // at least zero but capped to whatever rep_t can handle
306 const rep_t result = static_cast<rep_t>(std::min<ull>(get_len(key, positive_capped_default), max_seconds));
307
308 return std::chrono::seconds(result);
309}

References get_len().

Referenced by session_ticket_lifetime().

◆ get_len()

size_t Botan::TLS::Text_Policy::get_len ( const std::string & key,
size_t def ) const
protected

Definition at line 282 of file tls_text_policy.cpp.

282 {
283 const std::string v = get_str(key);
284
285 if(v.empty()) {
286 return def;
287 }
288
289 return to_u32bit(v);
290}
Botan::to_u32bit
uint32_t to_u32bit(std::string_view str_view)
Definition parsing.cpp:32

References get_str(), and Botan::to_u32bit().

Referenced by dtls_default_mtu(), dtls_initial_timeout(), dtls_maximum_timeout(), get_duration(), maximum_session_tickets_per_client_hello(), minimum_dh_group_size(), minimum_ecdh_group_size(), minimum_ecdsa_group_size(), minimum_rsa_bits(), minimum_signature_strength(), new_session_tickets_upon_handshake_success(), and record_size_limit().

◆ get_list()

std::vector< std::string > Botan::TLS::Text_Policy::get_list ( const std::string & key,
const std::vector< std::string > & def ) const
protected

Definition at line 221 of file tls_text_policy.cpp.

221 {
222 const std::string v = get_str(key);
223
224 if(v.empty()) {
225 return def;
226 }
227
228 return split_on(v, ' ');
229}
Botan::split_on
std::vector< std::string > split_on(std::string_view str, char delim)
Definition parsing.cpp:111

References get_str(), and Botan::split_on().

Referenced by allowed_ciphers(), allowed_key_exchange_methods(), allowed_macs(), allowed_signature_hashes(), allowed_signature_methods(), and srtp_profiles().

◆ get_str()

std::string Botan::TLS::Text_Policy::get_str ( const std::string & key,
const std::string & def = "" ) const
protected

Definition at line 327 of file tls_text_policy.cpp.

327 {
328 auto i = m_kv.find(key);
329 if(i == m_kv.end()) {
330 return def;
331 }
332
333 return i->second;
334}

Referenced by accepted_client_certificate_types(), accepted_server_certificate_types(), get_bool(), get_len(), get_list(), key_exchange_groups(), and key_exchange_groups_to_offer().

◆ hash_hello_random()

bool Botan::TLS::Text_Policy::hash_hello_random ( ) const
overridevirtual

Hash the RNG output for the client/server hello random. This is a pre-caution to avoid writing "raw" RNG output to the wire.

There's not normally a reason to disable this, except when deterministic output is required for testing.

Default: true

Reimplemented from Botan::TLS::Policy.

Definition at line 206 of file tls_text_policy.cpp.

206 {
207 return get_bool("hash_hello_random", Policy::hash_hello_random());
208}
Botan::TLS::Policy::hash_hello_random
virtual bool hash_hello_random() const
Definition tls_policy.cpp:378

References get_bool(), and Botan::TLS::Policy::hash_hello_random().

◆ hide_unknown_users()

bool Botan::TLS::Text_Policy::hide_unknown_users ( ) const
overridevirtual

The PSK suites work using an identifier along with a shared secret. If this function returns true, when an identifier that the server does not recognize is provided by a client, a random shared secret will be generated in such a way that a client should not be able to tell the difference between the identifier not being known and the secret being wrong. This can help protect against some username probing attacks. If it returns false, the server will instead send an TLS::AlertType::UnknownPSKIdentity alert when an unknown identifier is used.

Default: false

Reimplemented from Botan::TLS::Policy.

Definition at line 174 of file tls_text_policy.cpp.

174 {
175 return get_bool("hide_unknown_users", Policy::hide_unknown_users());
176}
Botan::TLS::Policy::hide_unknown_users
virtual bool hide_unknown_users() const
Definition tls_policy.cpp:350

References get_bool(), and Botan::TLS::Policy::hide_unknown_users().

◆ include_time_in_hello_random()

bool Botan::TLS::Text_Policy::include_time_in_hello_random ( ) const
overridevirtual

The protocol dictates that the first 32 bits of the random field are the current time in seconds. However this allows client fingerprinting attacks. Set to false to disable, in which case random bytes will be used instead.

Default: true

Reimplemented from Botan::TLS::Policy.

Definition at line 62 of file tls_text_policy.cpp.

62 {
63 return get_bool("include_time_in_hello_random", Policy::include_time_in_hello_random());
64}
Botan::TLS::Policy::include_time_in_hello_random
virtual bool include_time_in_hello_random() const
Definition tls_policy.cpp:346

References get_bool(), and Botan::TLS::Policy::include_time_in_hello_random().

◆ key_exchange_groups()

std::vector< Group_Params > Botan::TLS::Text_Policy::key_exchange_groups ( ) const
overridevirtual

Return a list of ECC curve and DH group TLS identifiers we are willing to use, in order of preference. The default ordering puts the best performing ECC first.

Default: Group_Params::X25519, Group_Params::SECP256R1, Group_Params::BRAINPOOL256R1, Group_Params::SECP384R1, Group_Params::BRAINPOOL384R1, Group_Params::SECP521R1, Group_Params::BRAINPOOL512R1, Group_Params::FFDHE_2048, Group_Params::FFDHE_3072, Group_Params::FFDHE_4096, Group_Params::FFDHE_6144, Group_Params::FFDHE_8192

No other values are currently defined.

Reimplemented from Botan::TLS::Policy.

Definition at line 108 of file tls_text_policy.cpp.

108 {
109 std::string group_str = get_str("key_exchange_groups");
110
111 if(group_str.empty()) {
112 // fall back to previously used name
113 group_str = get_str("groups");
114 }
115
116 if(group_str.empty()) {
117 return Policy::key_exchange_groups();
118 }
119
120 return read_group_list(group_str);
121}
Botan::TLS::Text_Policy::read_group_list
std::vector< Group_Params > read_group_list(std::string_view group_str) const
Definition tls_text_policy.cpp:231

References get_str(), Botan::TLS::Policy::key_exchange_groups(), and read_group_list().

◆ key_exchange_groups_to_offer()

std::vector< Group_Params > Botan::TLS::Text_Policy::key_exchange_groups_to_offer ( ) const
overridevirtual

Return a list of groups to provide prepared key share offers in the initial client hello for. Groups in this list must be reflected in key_exchange_groups() and in the same order. If an empty list is returned, no prepared key share offers are sent and the decision of the group to use is left to the server.

Default: the most preferred group from key_exchange_groups().

Note
Has an effect on TLS 1.3 clients, only.

Reimplemented from Botan::TLS::Policy.

Definition at line 123 of file tls_text_policy.cpp.

123 {
124 std::string group_str = get_str("key_exchange_groups_to_offer", "notset");
125
126 if(group_str.empty() || group_str == "notset") {
127 // policy was not set, fall back to default behaviour
128 return Policy::key_exchange_groups_to_offer();
129 }
130
131 if(group_str == "none") {
132 return {};
133 }
134
135 return read_group_list(group_str);
136}
Botan::TLS::Policy::key_exchange_groups_to_offer
virtual std::vector< Group_Params > key_exchange_groups_to_offer() const
Definition tls_policy.cpp:181

References get_str(), Botan::TLS::Policy::key_exchange_groups_to_offer(), and read_group_list().

◆ latest_supported_version()

Protocol_Version Botan::TLS::Policy::latest_supported_version ( bool datagram) const
virtualinherited

Returns the most recent protocol version we are willing to use, for either TLS or DTLS depending on datagram param. Shouldn't ever need to override this unless you want to allow a user to disable specific TLS versions.

Definition at line 286 of file tls_policy.cpp.

286 {
287 if(datagram) {
288 if(acceptable_protocol_version(Protocol_Version::DTLS_V12)) {
289 return Protocol_Version::DTLS_V12;
290 }
291 throw Invalid_State("Policy forbids all available DTLS version");
292 } else {
293#if defined(BOTAN_HAS_TLS_13)
294 if(acceptable_protocol_version(Protocol_Version::TLS_V13)) {
295 return Protocol_Version::TLS_V13;
296 }
297#endif
298 if(acceptable_protocol_version(Protocol_Version::TLS_V12)) {
299 return Protocol_Version::TLS_V12;
300 }
301 throw Invalid_State("Policy forbids all available TLS version");
302 }
303}
Botan::TLS::Policy::acceptable_protocol_version
virtual bool acceptable_protocol_version(Protocol_Version version) const
Definition tls_policy.cpp:266

References Botan::TLS::Policy::acceptable_protocol_version().

◆ maximum_certificate_chain_size()

size_t Botan::TLS::Policy::maximum_certificate_chain_size ( ) const
virtualinherited
Returns
the maximum size of the certificate chain, in bytes. Return 0 to disable this and accept any size.

Definition at line 410 of file tls_policy.cpp.

410 {
411 return 0;
412}

Referenced by Botan::TLS::Certificate_12::Certificate_12(), and Botan::TLS::Certificate_13::Certificate_13().

◆ maximum_session_tickets_per_client_hello()

size_t Botan::TLS::Text_Policy::maximum_session_tickets_per_client_hello ( ) const
overridevirtual

Defines the maximum number of session tickets a client might offer in a single resumption attempt. Must be greater than 0.

TODO: Currently, the TLS 1.3 client implementation supports exactly one ticket per handshake. RFC 8446 allows for an arbitrary amount, though.

Default: 1

Note
Has an effect on TLS 1.3 connections, only.

Reimplemented from Botan::TLS::Policy.

Definition at line 178 of file tls_text_policy.cpp.

178 {
179 return get_len("maximum_session_tickets_per_client_hello", Policy::maximum_session_tickets_per_client_hello());
180}
Botan::TLS::Policy::maximum_session_tickets_per_client_hello
virtual size_t maximum_session_tickets_per_client_hello() const
Definition tls_policy.cpp:250

References get_len(), and Botan::TLS::Policy::maximum_session_tickets_per_client_hello().

◆ minimum_dh_group_size()

size_t Botan::TLS::Text_Policy::minimum_dh_group_size ( ) const
overridevirtual

Return the minimum DH group size we're willing to use

Return the minimum size in bits for a Diffie-Hellman group that a client will accept. Due to the design of the protocol the client has only two options - accept the group, or reject it with a fatal alert then attempt to reconnect after disabling ephemeral Diffie-Hellman.

Default: 2048 bits

Reimplemented from Botan::TLS::Policy.

Definition at line 146 of file tls_text_policy.cpp.

146 {
147 return get_len("minimum_dh_group_size", Policy::minimum_dh_group_size());
148}

References get_len(), and Botan::TLS::Policy::minimum_dh_group_size().

◆ minimum_ecdh_group_size()

size_t Botan::TLS::Text_Policy::minimum_ecdh_group_size ( ) const
overridevirtual

Return the minimum ECDH group size we're willing to use for key exchange

Default 255, allowing x25519 and larger x25519 is the smallest curve we will negotiate P-521 is the largest

Reimplemented from Botan::TLS::Policy.

Definition at line 138 of file tls_text_policy.cpp.

138 {
139 return get_len("minimum_ecdh_group_size", Policy::minimum_ecdh_group_size());
140}

References get_len(), and Botan::TLS::Policy::minimum_ecdh_group_size().

◆ minimum_ecdsa_group_size()

size_t Botan::TLS::Text_Policy::minimum_ecdsa_group_size ( ) const
overridevirtual

For ECDSA authenticated ciphersuites, the smallest key size the client will accept. This policy is currently only enforced on the server by the client.

Default: 256

Reimplemented from Botan::TLS::Policy.

Definition at line 142 of file tls_text_policy.cpp.

142 {
143 return get_len("minimum_ecdsa_group_size", Policy::minimum_ecdsa_group_size());
144}

References get_len(), and Botan::TLS::Policy::minimum_ecdsa_group_size().

◆ minimum_rsa_bits()

size_t Botan::TLS::Text_Policy::minimum_rsa_bits ( ) const
overridevirtual

Return the minimum bit size we're willing to accept for RSA key exchange or server signatures.

It does not place any requirements on the size of any RSA signature(s) which were used to check the server certificate. This is only concerned with the server's public key.

Default is 2048 which is smallest RSA key size still secure for medium term security.

Reimplemented from Botan::TLS::Policy.

Definition at line 150 of file tls_text_policy.cpp.

150 {
151 return get_len("minimum_rsa_bits", Policy::minimum_rsa_bits());
152}

References get_len(), and Botan::TLS::Policy::minimum_rsa_bits().

◆ minimum_signature_strength()

size_t Botan::TLS::Text_Policy::minimum_signature_strength ( ) const
overridevirtual

The minimum signature strength we will accept

Returning 80 allows RSA 1024 and SHA-1. Values larger than 80 disable SHA-1 support. Returning 110 allows RSA 2048. Return 128 to force ECC (P-256) or large (~3000 bit) RSA keys.

Default is 110

Reimplemented from Botan::TLS::Policy.

Definition at line 154 of file tls_text_policy.cpp.

154 {
155 return get_len("minimum_signature_strength", Policy::minimum_signature_strength());
156}
Botan::TLS::Policy::minimum_signature_strength
virtual size_t minimum_signature_strength() const
Definition tls_policy.cpp:205

References get_len(), and Botan::TLS::Policy::minimum_signature_strength().

◆ negotiate_encrypt_then_mac()

bool Botan::TLS::Text_Policy::negotiate_encrypt_then_mac ( ) const
overridevirtual

Indicates whether the encrypt-then-MAC extension should be negotiated (RFC 7366)

Note
Has no effect for TLS 1.3 connections.

Reimplemented from Botan::TLS::Policy.

Definition at line 92 of file tls_text_policy.cpp.

92 {
93 return get_bool("negotiate_encrypt_then_mac", Policy::negotiate_encrypt_then_mac());
94}
Botan::TLS::Policy::negotiate_encrypt_then_mac
virtual bool negotiate_encrypt_then_mac() const
Definition tls_policy.cpp:358

References get_bool(), and Botan::TLS::Policy::negotiate_encrypt_then_mac().

◆ new_session_tickets_upon_handshake_success()

size_t Botan::TLS::Text_Policy::new_session_tickets_upon_handshake_success ( ) const
overridevirtual

Return the number of new session tickets a TLS 1.3 server should issue automatically upon a successful handshake. Note that applications can use TLS::Server::send_new_session_tickets() regardless of this policy.

For convenience (and compatibility with the TLS 1.2 behaviour), this returns '1' by default.

Note
Has an effect on TLS 1.3 connections, only.

Reimplemented from Botan::TLS::Policy.

Definition at line 190 of file tls_text_policy.cpp.

190 {
191 return get_len("new_session_tickets_upon_handshake_success", Policy::new_session_tickets_upon_handshake_success());
192}
Botan::TLS::Policy::new_session_tickets_upon_handshake_success
virtual size_t new_session_tickets_upon_handshake_success() const
Definition tls_policy.cpp:262

References get_len(), and Botan::TLS::Policy::new_session_tickets_upon_handshake_success().

◆ only_resume_with_exact_version()

bool Botan::TLS::Policy::only_resume_with_exact_version ( ) const
virtualinherited

Only resume sessions when their original protocol version matches the current version exactly.

Default: true

Definition at line 382 of file tls_policy.cpp.

382 {
383 return true;
384}

◆ print()

void Botan::TLS::Policy::print ( std::ostream & o) const
virtualinherited

Convert this policy to a printable format.

Parameters
ostream to be printed to

Definition at line 621 of file tls_policy.cpp.

621 {
622 print_bool(o, "allow_tls12", allow_tls12());
623 print_bool(o, "allow_tls13", allow_tls13());
624 print_bool(o, "allow_dtls12", allow_dtls12());
625 print_bool(o, "allow_ssl_key_log_file", allow_ssl_key_log_file());
626 print_vec(o, "ciphers", allowed_ciphers());
627 print_vec(o, "macs", allowed_macs());
628 print_vec(o, "signature_hashes", allowed_signature_hashes());
629 print_vec(o, "signature_methods", allowed_signature_methods());
630 print_vec(o, "key_exchange_methods", allowed_key_exchange_methods());
631 print_vec(o, "key_exchange_groups", key_exchange_groups());
632 const auto groups_to_offer = key_exchange_groups_to_offer();
633 if(groups_to_offer.empty()) {
634 print_vec(o, "key_exchange_groups_to_offer", {std::string("none")});
635 } else {
636 print_vec(o, "key_exchange_groups_to_offer", groups_to_offer);
637 }
638 print_bool(o, "allow_insecure_renegotiation", allow_insecure_renegotiation());
639 print_bool(o, "include_time_in_hello_random", include_time_in_hello_random());
640 print_bool(o, "allow_server_initiated_renegotiation", allow_server_initiated_renegotiation());
641 print_bool(o, "hide_unknown_users", hide_unknown_users());
642 print_bool(o, "server_uses_own_ciphersuite_preferences", server_uses_own_ciphersuite_preferences());
643 print_bool(o, "negotiate_encrypt_then_mac", negotiate_encrypt_then_mac());
644 print_bool(o, "support_cert_status_message", support_cert_status_message());
645 print_bool(o, "tls_13_middlebox_compatibility_mode", tls_13_middlebox_compatibility_mode());
646 print_vec(o, "accepted_client_certificate_types", accepted_client_certificate_types());
647 print_vec(o, "accepted_server_certificate_types", accepted_server_certificate_types());
648 print_bool(o, "hash_hello_random", hash_hello_random());
649 if(record_size_limit().has_value()) {
650 o << "record_size_limit = " << record_size_limit().value() << '\n';
651 }
652 o << "maximum_session_tickets_per_client_hello = " << maximum_session_tickets_per_client_hello() << '\n';
653 o << "session_ticket_lifetime = " << session_ticket_lifetime().count() << '\n';
654 o << "reuse_session_tickets = " << reuse_session_tickets() << '\n';
655 o << "new_session_tickets_upon_handshake_success = " << new_session_tickets_upon_handshake_success() << '\n';
656 o << "minimum_dh_group_size = " << minimum_dh_group_size() << '\n';
657 o << "minimum_ecdh_group_size = " << minimum_ecdh_group_size() << '\n';
658 o << "minimum_rsa_bits = " << minimum_rsa_bits() << '\n';
659 o << "minimum_signature_strength = " << minimum_signature_strength() << '\n';
660}
Botan::TLS::Policy::reuse_session_tickets
virtual bool reuse_session_tickets() const
Definition tls_policy.cpp:258
Botan::TLS::Policy::tls_13_middlebox_compatibility_mode
virtual bool tls_13_middlebox_compatibility_mode() const
Definition tls_policy.cpp:374
Botan::TLS::Policy::server_uses_own_ciphersuite_preferences
virtual bool server_uses_own_ciphersuite_preferences() const
Definition tls_policy.cpp:354
Botan::TLS::Policy::support_cert_status_message
virtual bool support_cert_status_message() const
Definition tls_policy.cpp:366
Botan::TLS::Policy::record_size_limit
virtual std::optional< uint16_t > record_size_limit() const
Definition tls_policy.cpp:362
Botan::TLS::Policy::session_ticket_lifetime
virtual std::chrono::seconds session_ticket_lifetime() const
Definition tls_policy.cpp:254

References Botan::TLS::Policy::accepted_client_certificate_types(), Botan::TLS::Policy::accepted_server_certificate_types(), Botan::TLS::Policy::allow_dtls12(), Botan::TLS::Policy::allow_insecure_renegotiation(), Botan::TLS::Policy::allow_server_initiated_renegotiation(), Botan::TLS::Policy::allow_ssl_key_log_file(), Botan::TLS::Policy::allow_tls12(), Botan::TLS::Policy::allow_tls13(), Botan::TLS::Policy::allowed_ciphers(), Botan::TLS::Policy::allowed_key_exchange_methods(), Botan::TLS::Policy::allowed_macs(), Botan::TLS::Policy::allowed_signature_hashes(), Botan::TLS::Policy::allowed_signature_methods(), Botan::TLS::Policy::hash_hello_random(), Botan::TLS::Policy::hide_unknown_users(), Botan::TLS::Policy::include_time_in_hello_random(), Botan::TLS::Policy::key_exchange_groups(), Botan::TLS::Policy::key_exchange_groups_to_offer(), Botan::TLS::Policy::maximum_session_tickets_per_client_hello(), Botan::TLS::Policy::minimum_dh_group_size(), Botan::TLS::Policy::minimum_ecdh_group_size(), Botan::TLS::Policy::minimum_rsa_bits(), Botan::TLS::Policy::minimum_signature_strength(), Botan::TLS::Policy::negotiate_encrypt_then_mac(), Botan::TLS::Policy::new_session_tickets_upon_handshake_success(), Botan::TLS::Policy::record_size_limit(), Botan::TLS::Policy::reuse_session_tickets(), Botan::TLS::Policy::server_uses_own_ciphersuite_preferences(), Botan::TLS::Policy::session_ticket_lifetime(), Botan::TLS::Policy::support_cert_status_message(), and Botan::TLS::Policy::tls_13_middlebox_compatibility_mode().

Referenced by Botan::TLS::Policy::to_string().

◆ read_cert_type_list()

std::vector< Certificate_Type > Botan::TLS::Text_Policy::read_cert_type_list ( const std::string & cert_type_str) const
protected

Definition at line 273 of file tls_text_policy.cpp.

273 {
274 std::vector<Certificate_Type> cert_types;
275 for(const std::string& cert_type_name : split_on(cert_type_names, ' ')) {
276 cert_types.push_back(certificate_type_from_string(cert_type_name));
277 }
278
279 return cert_types;
280}
Botan::TLS::certificate_type_from_string
Certificate_Type certificate_type_from_string(const std::string &type_str)
Definition tls_extensions.cpp:377

References Botan::TLS::certificate_type_from_string(), and Botan::split_on().

Referenced by accepted_client_certificate_types(), and accepted_server_certificate_types().

◆ read_group_list()

std::vector< Group_Params > Botan::TLS::Text_Policy::read_group_list ( std::string_view group_str) const
protected

Definition at line 231 of file tls_text_policy.cpp.

231 {
232 std::vector<Group_Params> groups;
233 for(const auto& group_name : split_on(group_str, ' ')) {
234 Group_Params group_id = Group_Params::from_string(group_name).value_or(Group_Params::NONE);
235
236#if !defined(BOTAN_HAS_X25519)
237 if(group_id == Group_Params::X25519)
238 continue;
239#endif
240#if !defined(BOTAN_HAS_X448)
241 if(group_id == Group_Params::X448)
242 continue;
243#endif
244
245 if(group_id == Group_Params::NONE) {
246 try {
247 size_t consumed = 0;
248 unsigned long ll_id = std::stoul(group_name, &consumed, 0);
249 if(consumed != group_name.size()) {
250 continue; // some other cruft
251 }
252
253 const uint16_t id = static_cast<uint16_t>(ll_id);
254
255 if(id != ll_id) {
256 continue; // integer too large
257 }
258
259 group_id = static_cast<Group_Params>(id);
260 } catch(...) {
261 continue;
262 }
263 }
264
265 if(group_id != Group_Params::NONE) {
266 groups.push_back(group_id);
267 }
268 }
269
270 return groups;
271}
Botan::TLS::Group_Params::from_string
static std::optional< Group_Params > from_string(std::string_view group_name)
Definition tls_algos.cpp:137

References Botan::TLS::Group_Params::from_string(), and Botan::split_on().

Referenced by key_exchange_groups(), and key_exchange_groups_to_offer().

◆ record_size_limit()

std::optional< uint16_t > Botan::TLS::Text_Policy::record_size_limit ( ) const
overridevirtual

Defines the maximum TLS record length for TLS connections. This is based on the Record Size Limit extension described in RFC 8449. By default (i.e. if std::nullopt is returned), TLS clients will omit this extension altogether.

This value may be between 64 and 16385 (TLS 1.3) or 16384 (TLS 1.2).

Note
This is currently not implemented for TLS 1.2, hence the limit won't be negotiated by TLS 1.3 clients that support downgrading to TLS 1.2 (i.e. allow_tls12() returning true).

Reimplemented from Botan::TLS::Policy.

Definition at line 96 of file tls_text_policy.cpp.

96 {
97 const auto limit = get_len("record_size_limit", 0);
98 // RFC 8449 4.
99 // TLS 1.3 uses a limit of 2^14+1 octets.
100 BOTAN_ARG_CHECK(limit <= 16385, "record size limit too large");
101 return (limit > 0) ? std::make_optional(static_cast<uint16_t>(limit)) : std::nullopt;
102}
BOTAN_ARG_CHECK
#define BOTAN_ARG_CHECK(expr, msg)
Definition assert.h:29

References BOTAN_ARG_CHECK, and get_len().

◆ request_client_certificate_authentication()

bool Botan::TLS::Policy::request_client_certificate_authentication ( ) const
virtualinherited

Indicate if client certificate authentication is requested. If true, then a cert will be requested.

Definition at line 390 of file tls_policy.cpp.

390 {
391 return require_client_certificate_authentication();
392}
Botan::TLS::Policy::require_client_certificate_authentication
virtual bool require_client_certificate_authentication() const
Definition tls_policy.cpp:386

References Botan::TLS::Policy::require_client_certificate_authentication().

Referenced by Botan::TLS::Encrypted_Extensions::Encrypted_Extensions(), and Botan::TLS::Certificate_Request_13::maybe_create().

◆ require_cert_revocation_info()

bool Botan::TLS::Text_Policy::require_cert_revocation_info ( ) const
overridevirtual

Return if certificate revocation info (CRL/OCSP) is required

If true, certificates won't be trusted unless a valid CRL or OCSP response was examined.

Default: true

Reimplemented from Botan::TLS::Policy.

Definition at line 170 of file tls_text_policy.cpp.

170 {
171 return get_bool("require_cert_revocation_info", Policy::require_cert_revocation_info());
172}
Botan::TLS::Policy::require_cert_revocation_info
virtual bool require_cert_revocation_info() const
Definition tls_policy.cpp:209

References get_bool(), and Botan::TLS::Policy::require_cert_revocation_info().

◆ require_client_certificate_authentication()

bool Botan::TLS::Text_Policy::require_client_certificate_authentication ( ) const
overridevirtual

Indicate if client certificate authentication is required. If true, then a cert will be requested and if the client does not send a certificate the connection will be closed.

Reimplemented from Botan::TLS::Policy.

Definition at line 66 of file tls_text_policy.cpp.

66 {
67 return get_bool("require_client_certificate_authentication", Policy::require_client_certificate_authentication());
68}

References get_bool(), and Botan::TLS::Policy::require_client_certificate_authentication().

◆ reuse_session_tickets()

bool Botan::TLS::Text_Policy::reuse_session_tickets ( ) const
overridevirtual

Decides whether stored session tickets should be used multiple times (until their lifetime runs out). This might allow passive observers to correlate connections (RFC 8446 Appendix C.4). This has no effect on TLS 1.2 resumptions based on session IDs as those are negotiated in the clear anyway.

Default: false

Reimplemented from Botan::TLS::Policy.

Definition at line 186 of file tls_text_policy.cpp.

186 {
187 return get_bool("reuse_session_tickets", Policy::reuse_session_tickets());
188}

References get_bool(), and Botan::TLS::Policy::reuse_session_tickets().

◆ server_uses_own_ciphersuite_preferences()

bool Botan::TLS::Text_Policy::server_uses_own_ciphersuite_preferences ( ) const
overridevirtual

Default: true

Returns
true if servers should choose the ciphersuite matching their highest preference, rather than the clients. Has no effect on client side.

Reimplemented from Botan::TLS::Policy.

Definition at line 88 of file tls_text_policy.cpp.

88 {
89 return get_bool("server_uses_own_ciphersuite_preferences", Policy::server_uses_own_ciphersuite_preferences());
90}

References get_bool(), and Botan::TLS::Policy::server_uses_own_ciphersuite_preferences().

◆ session_ticket_lifetime()

std::chrono::seconds Botan::TLS::Text_Policy::session_ticket_lifetime ( ) const
overridevirtual

Return the allowed lifetime of a session ticket. If 0, session tickets do not expire until the session ticket key rolls over. For TLS 1.3 session tickets the lifetime must not be longer than seven days. Expired session tickets cannot be used to resume a session.

Default: 1 day

Reimplemented from Botan::TLS::Policy.

Definition at line 182 of file tls_text_policy.cpp.

182 {
183 return get_duration("session_ticket_lifetime", Policy::session_ticket_lifetime());
184}
Botan::TLS::Text_Policy::get_duration
std::chrono::seconds get_duration(const std::string &key, std::chrono::seconds def) const
Definition tls_text_policy.cpp:292

References get_duration(), and Botan::TLS::Policy::session_ticket_lifetime().

◆ set()

void Botan::TLS::Text_Policy::set ( const std::string & key,
const std::string & value )

Definition at line 210 of file tls_text_policy.cpp.

210 {
211 m_kv[key] = value;
212}

◆ set_value()

bool Botan::TLS::Text_Policy::set_value ( const std::string & key,
std::string_view val,
bool overwrite )
protected

Definition at line 336 of file tls_text_policy.cpp.

336 {
337 auto i = m_kv.find(key);
338
339 if(overwrite == false && i != m_kv.end()) {
340 return false;
341 }
342
343 m_kv.insert(i, std::make_pair(key, val));
344 return true;
345}

◆ srtp_profiles()

std::vector< uint16_t > Botan::TLS::Text_Policy::srtp_profiles ( ) const
overridevirtual

If this returns a non-empty vector, and DTLS is negotiated, then we will also attempt to negotiate the SRTP extension from RFC 5764 using the returned values as the profile ids.

Reimplemented from Botan::TLS::Policy.

Definition at line 194 of file tls_text_policy.cpp.

194 {
195 std::vector<uint16_t> r;
196 for(const auto& p : get_list("srtp_profiles", std::vector<std::string>())) {
197 r.push_back(to_uint16(p));
198 }
199 return r;
200}
Botan::to_uint16
uint16_t to_uint16(std::string_view str)
Definition parsing.cpp:22

References get_list(), and Botan::to_uint16().

◆ support_cert_status_message()

bool Botan::TLS::Text_Policy::support_cert_status_message ( ) const
overridevirtual

Indicates whether certificate status messages should be supported

Reimplemented from Botan::TLS::Policy.

Definition at line 104 of file tls_text_policy.cpp.

104 {
105 return get_bool("support_cert_status_message", Policy::support_cert_status_message());
106}

References get_bool(), and Botan::TLS::Policy::support_cert_status_message().

◆ tls_13_middlebox_compatibility_mode()

bool Botan::TLS::Text_Policy::tls_13_middlebox_compatibility_mode ( ) const
overridevirtual

Defines whether or not the middlebox compatibility mode should be used. Enabled by default.

RFC 8446 Appendix D.4 [This makes] the TLS 1.3 handshake resemble TLS 1.2 session resumption, which improves the chance of successfully connecting through middleboxes.

Default: true

Note
Has an effect on TLS 1.3 connections, only.

Reimplemented from Botan::TLS::Policy.

Definition at line 202 of file tls_text_policy.cpp.

202 {
203 return get_bool("tls_13_middlebox_compatibility_mode", Policy::tls_13_middlebox_compatibility_mode());
204}

References get_bool(), and Botan::TLS::Policy::tls_13_middlebox_compatibility_mode().

◆ to_string()

std::string Botan::TLS::Policy::to_string ( ) const
inherited

Convert this policy to a printable format. Same as calling print on a ostringstream and reading o.str()

Definition at line 662 of file tls_policy.cpp.

662 {
663 std::ostringstream oss;
664 this->print(oss);
665 return oss.str();
666}
Botan::TLS::Policy::print
virtual void print(std::ostream &o) const
Definition tls_policy.cpp:621

References Botan::TLS::Policy::print().

◆ use_ecc_point_compression()

bool Botan::TLS::Text_Policy::use_ecc_point_compression ( ) const
overridevirtual

Request that ECC curve points are sent compressed

Signals that we prefer ECC points to be compressed when transmitted to us. The other party may not support ECC point compression and therefore may still send points uncompressed.

Note that the certificate used during authentication must also follow the other party's preference.

Note
Support for EC point compression is deprecated and will be removed in a future major release. TLS 1.3 does not support point compression at all (see RFC 8446 4.2.8.2)

Reimplemented from Botan::TLS::Policy.

Definition at line 42 of file tls_text_policy.cpp.

42 {
43 return get_bool("use_ecc_point_compression", Policy::use_ecc_point_compression());
44}
Botan::TLS::Policy::use_ecc_point_compression
virtual bool use_ecc_point_compression() const
Definition tls_policy.cpp:119

References get_bool(), and Botan::TLS::Policy::use_ecc_point_compression().

The documentation for this class was generated from the following files:
Generated by doxygen 1.12.0