Botan 3.3.0
Crypto and TLS for C&
Public Member Functions | Protected Member Functions | List of all members
Botan::TLS::Text_Policy Class Reference

#include <tls_policy.h>

Inheritance diagram for Botan::TLS::Text_Policy:
Botan::TLS::Policy

Public Member Functions

virtual bool abort_connection_on_undesired_renegotiation () const
 
virtual std::optional< std::vector< Signature_Scheme > > acceptable_certificate_signature_schemes () const
 
virtual bool acceptable_ciphersuite (const Ciphersuite &suite) const
 
virtual bool acceptable_protocol_version (Protocol_Version version) const
 
virtual std::vector< Signature_Schemeacceptable_signature_schemes () const
 
std::vector< Certificate_Typeaccepted_client_certificate_types () const override
 
std::vector< Certificate_Typeaccepted_server_certificate_types () const override
 
bool allow_client_initiated_renegotiation () const override
 
bool allow_dtls12 () const override
 
virtual bool allow_dtls_epoch0_restart () const
 
bool allow_insecure_renegotiation () const override
 
virtual bool allow_resumption_for_renegotiation () const
 
bool allow_server_initiated_renegotiation () const override
 
bool allow_tls12 () const override
 
bool allow_tls13 () const override
 
std::vector< std::string > allowed_ciphers () const override
 
std::vector< std::string > allowed_key_exchange_methods () const override
 
std::vector< std::string > allowed_macs () const override
 
bool allowed_signature_hash (std::string_view hash) const
 
std::vector< std::string > allowed_signature_hashes () const override
 
bool allowed_signature_method (std::string_view sig_method) const
 
std::vector< std::string > allowed_signature_methods () const override
 
virtual std::vector< Signature_Schemeallowed_signature_schemes () const
 
virtual void check_peer_key_acceptable (const Public_Key &public_key) const
 
virtual Group_Params choose_key_exchange_group (const std::vector< Group_Params > &supported_by_peer, const std::vector< Group_Params > &offered_by_peer) const
 
virtual std::vector< uint16_t > ciphersuite_list (Protocol_Version version) const
 
virtual Group_Params default_dh_group () const
 
size_t dtls_default_mtu () const override
 
size_t dtls_initial_timeout () const override
 
size_t dtls_maximum_timeout () const override
 
bool hash_hello_random () const override
 
bool hide_unknown_users () const override
 
bool include_time_in_hello_random () const override
 
std::vector< Group_Paramskey_exchange_groups () const override
 
std::vector< Group_Paramskey_exchange_groups_to_offer () const override
 
virtual Protocol_Version latest_supported_version (bool datagram) const
 
virtual size_t maximum_certificate_chain_size () const
 
size_t maximum_session_tickets_per_client_hello () const override
 
size_t minimum_dh_group_size () const override
 
size_t minimum_ecdh_group_size () const override
 
size_t minimum_ecdsa_group_size () const override
 
size_t minimum_rsa_bits () const override
 
size_t minimum_signature_strength () const override
 
bool negotiate_encrypt_then_mac () const override
 
size_t new_session_tickets_upon_handshake_success () const override
 
virtual bool only_resume_with_exact_version () const
 
virtual void print (std::ostream &o) const
 
std::optional< uint16_t > record_size_limit () const override
 
virtual bool request_client_certificate_authentication () const
 
bool require_cert_revocation_info () const override
 
bool require_client_certificate_authentication () const override
 
bool reuse_session_tickets () const override
 
bool server_uses_own_ciphersuite_preferences () const override
 
std::chrono::seconds session_ticket_lifetime () const override
 
void set (const std::string &key, const std::string &value)
 
std::vector< uint16_t > srtp_profiles () const override
 
bool support_cert_status_message () const override
 
 Text_Policy (std::istream &in)
 
 Text_Policy (std::string_view s)
 
bool tls_13_middlebox_compatibility_mode () const override
 
std::string to_string () const
 
bool use_ecc_point_compression () const override
 

Protected Member Functions

bool get_bool (const std::string &key, bool def) const
 
std::chrono::seconds get_duration (const std::string &key, std::chrono::seconds def) const
 
size_t get_len (const std::string &key, size_t def) const
 
std::vector< std::string > get_list (const std::string &key, const std::vector< std::string > &def) const
 
std::string get_str (const std::string &key, const std::string &def="") const
 
std::vector< Certificate_Typeread_cert_type_list (const std::string &cert_type_str) const
 
std::vector< Group_Paramsread_group_list (std::string_view group_str) const
 
bool set_value (const std::string &key, std::string_view val, bool overwrite)
 

Detailed Description

Definition at line 630 of file tls_policy.h.

Constructor & Destructor Documentation

◆ Text_Policy() [1/2]

Botan::TLS::Text_Policy::Text_Policy ( std::string_view s)
explicit

Definition at line 210 of file tls_text_policy.cpp.

210 {
211 std::istringstream iss{std::string(s)}; // FIXME C++23 avoid copy
212 m_kv = read_cfg(iss);
213}
std::map< std::string, std::string > read_cfg(std::istream &is)
Definition read_cfg.cpp:34

References Botan::read_cfg().

◆ Text_Policy() [2/2]

Botan::TLS::Text_Policy::Text_Policy ( std::istream & in)
explicit

Definition at line 215 of file tls_text_policy.cpp.

215: m_kv(read_cfg(in)) {}

Member Function Documentation

◆ abort_connection_on_undesired_renegotiation()

bool Botan::TLS::Policy::abort_connection_on_undesired_renegotiation ( ) const
virtualinherited

If true, a request to renegotiate will close the connection with a fatal alert. Otherwise, a warning alert is sent.

Note
Has no effect for TLS 1.3 connections.

Definition at line 386 of file tls_policy.cpp.

386 {
387 return false;
388}

◆ acceptable_certificate_signature_schemes()

std::optional< std::vector< Signature_Scheme > > Botan::TLS::Policy::acceptable_certificate_signature_schemes ( ) const
virtualinherited

Definition at line 42 of file tls_policy.cpp.

42 {
43 // the restrictions of ::acceptable_signature_schemes() shall apply
44 return std::nullopt;
45}

Referenced by Botan::TLS::Client_Hello_12::Client_Hello_12(), Botan::TLS::Client_Hello_12::Client_Hello_12(), and Botan::TLS::Client_Hello_13::Client_Hello_13().

◆ acceptable_ciphersuite()

bool Botan::TLS::Policy::acceptable_ciphersuite ( const Ciphersuite & suite) const
virtualinherited

Allows policy to reject any ciphersuites which are undesirable for whatever reason without having to reimplement ciphersuite_list

Definition at line 297 of file tls_policy.cpp.

297 {
298 return value_exists(allowed_ciphers(), ciphersuite.cipher_algo()) &&
299 value_exists(allowed_macs(), ciphersuite.mac_algo());
300}
virtual std::vector< std::string > allowed_macs() const
virtual std::vector< std::string > allowed_ciphers() const
bool value_exists(const std::vector< T > &vec, const OT &val)
Definition stl_util.h:117

References Botan::TLS::Policy::allowed_ciphers(), Botan::TLS::Policy::allowed_macs(), Botan::TLS::Ciphersuite::cipher_algo(), Botan::TLS::Ciphersuite::mac_algo(), and Botan::value_exists().

Referenced by Botan::TLS::Policy::ciphersuite_list().

◆ acceptable_protocol_version()

bool Botan::TLS::Policy::acceptable_protocol_version ( Protocol_Version version) const
virtualinherited
Returns
true if and only if we are willing to accept this version Default accepts TLS v1.2 and later or DTLS v1.2 or later.

Definition at line 258 of file tls_policy.cpp.

258 {
259#if defined(BOTAN_HAS_TLS_13)
260 if(version == Protocol_Version::TLS_V13 && allow_tls13()) {
261 return true;
262 }
263#endif
264
265#if defined(BOTAN_HAS_TLS_12)
266 if(version == Protocol_Version::TLS_V12 && allow_tls12()) {
267 return true;
268 }
269
270 if(version == Protocol_Version::DTLS_V12 && allow_dtls12()) {
271 return true;
272 }
273#endif
274
275 return false;
276}
virtual bool allow_tls12() const
virtual bool allow_tls13() const
virtual bool allow_dtls12() const

References Botan::TLS::Policy::allow_dtls12(), Botan::TLS::Policy::allow_tls12(), and Botan::TLS::Policy::allow_tls13().

Referenced by Botan::TLS::Client_Hello_12::Client_Hello_12(), Botan::TLS::Client_Hello_12::Client_Hello_12(), Botan::TLS::Client_Hello_13::highest_supported_version(), and Botan::TLS::Policy::latest_supported_version().

◆ acceptable_signature_schemes()

std::vector< Signature_Scheme > Botan::TLS::Policy::acceptable_signature_schemes ( ) const
virtualinherited

Return a list of schemes we are willing to accept

Definition at line 38 of file tls_policy.cpp.

38 {
39 return this->allowed_signature_schemes();
40}
virtual std::vector< Signature_Scheme > allowed_signature_schemes() const

References Botan::TLS::Policy::allowed_signature_schemes().

Referenced by Botan::TLS::Client_Hello_12::Client_Hello_12(), Botan::TLS::Client_Hello_12::Client_Hello_12(), and Botan::TLS::Client_Hello_13::Client_Hello_13().

◆ accepted_client_certificate_types()

std::vector< Certificate_Type > Botan::TLS::Text_Policy::accepted_client_certificate_types ( ) const
overridevirtual

Returns a list of accepted certificate types for client authentication in order of preference. See RFC 7250 and RFC 8446 4.4.2 for details. Defaults to X509 only.

Note that it is the application's responsibility to provide public keys and/or certificates according to the specification in this list via the Credentials_Manager.

Reimplemented from Botan::TLS::Policy.

Definition at line 70 of file tls_text_policy.cpp.

70 {
71 const auto cert_types = get_str("accepted_client_certificate_types");
72 return (cert_types.empty()) ? Policy::accepted_client_certificate_types() : read_cert_type_list(cert_types);
73}
virtual std::vector< Certificate_Type > accepted_client_certificate_types() const
std::string get_str(const std::string &key, const std::string &def="") const
std::vector< Certificate_Type > read_cert_type_list(const std::string &cert_type_str) const

References Botan::TLS::Policy::accepted_client_certificate_types(), get_str(), and read_cert_type_list().

◆ accepted_server_certificate_types()

std::vector< Certificate_Type > Botan::TLS::Text_Policy::accepted_server_certificate_types ( ) const
overridevirtual

Returns a list of accepted certificate types for server authentication in order of preference. See RFC 7250 and RFC 8446 4.4.2 for details. Defaults to X509 only.

Note that it is the application's responsibility to provide public keys and/or certificates according to the specification in this list via the Credentials_Manager.

Reimplemented from Botan::TLS::Policy.

Definition at line 75 of file tls_text_policy.cpp.

75 {
76 const auto cert_types = get_str("accepted_server_certificate_types");
77 return (cert_types.empty()) ? Policy::accepted_server_certificate_types() : read_cert_type_list(cert_types);
78}
virtual std::vector< Certificate_Type > accepted_server_certificate_types() const

References Botan::TLS::Policy::accepted_server_certificate_types(), get_str(), and read_cert_type_list().

◆ allow_client_initiated_renegotiation()

bool Botan::TLS::Text_Policy::allow_client_initiated_renegotiation ( ) const
overridevirtual

Consulted by server side. If true, allows clients to initiate a new handshake

Note
Has no effect for TLS 1.3 connections.

Reimplemented from Botan::TLS::Policy.

Definition at line 66 of file tls_text_policy.cpp.

66 {
67 return get_bool("allow_client_initiated_renegotiation", Policy::allow_client_initiated_renegotiation());
68}
virtual bool allow_client_initiated_renegotiation() const
bool get_bool(const std::string &key, bool def) const

References Botan::TLS::Policy::allow_client_initiated_renegotiation(), and get_bool().

◆ allow_dtls12()

bool Botan::TLS::Text_Policy::allow_dtls12 ( ) const
overridevirtual

Allow DTLS v1.2

Reimplemented from Botan::TLS::Policy.

Definition at line 50 of file tls_text_policy.cpp.

50 {
51 return get_bool("allow_dtls12", Policy::allow_dtls12());
52}

References Botan::TLS::Policy::allow_dtls12(), and get_bool().

◆ allow_dtls_epoch0_restart()

bool Botan::TLS::Policy::allow_dtls_epoch0_restart ( ) const
virtualinherited

If true, then allow a DTLS client to restart a connection to the same server association as described in section 4.2.8 of the DTLS RFC

Definition at line 398 of file tls_policy.cpp.

398 {
399 return false;
400}

Referenced by Botan::TLS::Channel_Impl_12::from_peer().

◆ allow_insecure_renegotiation()

bool Botan::TLS::Text_Policy::allow_insecure_renegotiation ( ) const
overridevirtual

Allow renegotiation even if the counterparty doesn't support the secure renegotiation extension.

Warning
Changing this to true exposes you to injected plaintext attacks. Read RFC 5746 for background.
Note
Has no effect for TLS 1.3 connections.

Reimplemented from Botan::TLS::Policy.

Definition at line 54 of file tls_text_policy.cpp.

54 {
55 return get_bool("allow_insecure_renegotiation", Policy::allow_insecure_renegotiation());
56}
virtual bool allow_insecure_renegotiation() const

References Botan::TLS::Policy::allow_insecure_renegotiation(), and get_bool().

◆ allow_resumption_for_renegotiation()

bool Botan::TLS::Policy::allow_resumption_for_renegotiation ( ) const
virtualinherited
Note
Has no effect for TLS 1.3 connections.

Definition at line 362 of file tls_policy.cpp.

362 {
363 return true;
364}

Referenced by Botan::TLS::Channel_Impl_12::renegotiate().

◆ allow_server_initiated_renegotiation()

bool Botan::TLS::Text_Policy::allow_server_initiated_renegotiation ( ) const
overridevirtual

Consulted by client side. If true, allows servers to initiate a new handshake

Note
Has no effect for TLS 1.3 connections.

Reimplemented from Botan::TLS::Policy.

Definition at line 80 of file tls_text_policy.cpp.

80 {
81 return get_bool("allow_server_initiated_renegotiation", Policy::allow_server_initiated_renegotiation());
82}
virtual bool allow_server_initiated_renegotiation() const

References Botan::TLS::Policy::allow_server_initiated_renegotiation(), and get_bool().

◆ allow_tls12()

bool Botan::TLS::Text_Policy::allow_tls12 ( ) const
overridevirtual

Allow TLS v1.2

Reimplemented from Botan::TLS::Policy.

Definition at line 42 of file tls_text_policy.cpp.

42 {
43 return get_bool("allow_tls12", Policy::allow_tls12());
44}

References Botan::TLS::Policy::allow_tls12(), and get_bool().

◆ allow_tls13()

bool Botan::TLS::Text_Policy::allow_tls13 ( ) const
overridevirtual

Allow TLS v1.3

Reimplemented from Botan::TLS::Policy.

Definition at line 46 of file tls_text_policy.cpp.

46 {
47 return get_bool("allow_tls13", Policy::allow_tls13());
48}

References Botan::TLS::Policy::allow_tls13(), and get_bool().

◆ allowed_ciphers()

std::vector< std::string > Botan::TLS::Text_Policy::allowed_ciphers ( ) const
overridevirtual

Returns a list of ciphers we are willing to negotiate, in order of preference.

Reimplemented from Botan::TLS::Policy.

Definition at line 18 of file tls_text_policy.cpp.

18 {
19 return get_list("ciphers", Policy::allowed_ciphers());
20}
std::vector< std::string > get_list(const std::string &key, const std::vector< std::string > &def) const

References Botan::TLS::Policy::allowed_ciphers(), and get_list().

◆ allowed_key_exchange_methods()

std::vector< std::string > Botan::TLS::Text_Policy::allowed_key_exchange_methods ( ) const
overridevirtual

Returns a list of key exchange algorithms we are willing to use, in order of preference. Allowed values: DH, empty string (representing RSA using server certificate key)

Reimplemented from Botan::TLS::Policy.

Definition at line 30 of file tls_text_policy.cpp.

30 {
31 return get_list("key_exchange_methods", Policy::allowed_key_exchange_methods());
32}
virtual std::vector< std::string > allowed_key_exchange_methods() const

References Botan::TLS::Policy::allowed_key_exchange_methods(), and get_list().

◆ allowed_macs()

std::vector< std::string > Botan::TLS::Text_Policy::allowed_macs ( ) const
overridevirtual

Returns a list of MAC algorithms we are willing to use.

Reimplemented from Botan::TLS::Policy.

Definition at line 26 of file tls_text_policy.cpp.

26 {
27 return get_list("macs", Policy::allowed_macs());
28}

References Botan::TLS::Policy::allowed_macs(), and get_list().

◆ allowed_signature_hash()

bool Botan::TLS::Policy::allowed_signature_hash ( std::string_view hash) const
inherited

Definition at line 110 of file tls_policy.cpp.

110 {
111 return value_exists(allowed_signature_hashes(), sig_hash);
112}
virtual std::vector< std::string > allowed_signature_hashes() const

References Botan::TLS::Policy::allowed_signature_hashes(), and Botan::value_exists().

Referenced by Botan::TLS::Policy::allowed_signature_schemes(), and Botan::TLS::Handshake_State::choose_sig_format().

◆ allowed_signature_hashes()

std::vector< std::string > Botan::TLS::Text_Policy::allowed_signature_hashes ( ) const
overridevirtual

Returns a list of hash algorithms we are willing to use for signatures, in order of preference.

Reimplemented from Botan::TLS::Policy.

Definition at line 22 of file tls_text_policy.cpp.

22 {
23 return get_list("signature_hashes", Policy::allowed_signature_hashes());
24}

References Botan::TLS::Policy::allowed_signature_hashes(), and get_list().

◆ allowed_signature_method()

bool Botan::TLS::Policy::allowed_signature_method ( std::string_view sig_method) const
inherited

◆ allowed_signature_methods()

std::vector< std::string > Botan::TLS::Text_Policy::allowed_signature_methods ( ) const
overridevirtual

Returns a list of signature algorithms we are willing to use, in order of preference.

Reimplemented from Botan::TLS::Policy.

Definition at line 34 of file tls_text_policy.cpp.

34 {
35 return get_list("signature_methods", Policy::allowed_signature_methods());
36}

References Botan::TLS::Policy::allowed_signature_methods(), and get_list().

◆ allowed_signature_schemes()

std::vector< Signature_Scheme > Botan::TLS::Policy::allowed_signature_schemes ( ) const
virtualinherited

Definition at line 23 of file tls_policy.cpp.

23 {
24 std::vector<Signature_Scheme> schemes;
25
26 for(Signature_Scheme scheme : Signature_Scheme::all_available_schemes()) {
27 const bool sig_allowed = allowed_signature_method(scheme.algorithm_name());
28 const bool hash_allowed = allowed_signature_hash(scheme.hash_function_name());
29
30 if(sig_allowed && hash_allowed) {
31 schemes.push_back(scheme);
32 }
33 }
34
35 return schemes;
36}
bool allowed_signature_method(std::string_view sig_method) const
bool allowed_signature_hash(std::string_view hash) const

References Botan::TLS::Signature_Scheme::all_available_schemes(), Botan::TLS::Policy::allowed_signature_hash(), and Botan::TLS::Policy::allowed_signature_method().

Referenced by Botan::TLS::Policy::acceptable_signature_schemes(), Botan::TLS::Certificate_Verify_13::Certificate_Verify_13(), and Botan::TLS::Handshake_State::choose_sig_format().

◆ check_peer_key_acceptable()

void Botan::TLS::Policy::check_peer_key_acceptable ( const Public_Key & public_key) const
virtualinherited

Throw an exception if you don't like the peer's key. Default impl checks the key size against minimum_rsa_bits, minimum_ecdsa_group_size, or minimum_ecdh_group_size depending on the key's type. Override if you'd like to perform some other kind of test on (or logging of) the peer's keys.

Definition at line 216 of file tls_policy.cpp.

216 {
217 const std::string algo_name = public_key.algo_name();
218
219 const size_t keylength = public_key.key_length();
220 size_t expected_keylength = 0;
221
222 if(algo_name == "RSA") {
223 expected_keylength = minimum_rsa_bits();
224 } else if(algo_name == "DH") {
225 expected_keylength = minimum_dh_group_size();
226 } else if(algo_name == "ECDH" || algo_name == "Curve25519") {
227 expected_keylength = minimum_ecdh_group_size();
228 } else if(algo_name == "ECDSA") {
229 expected_keylength = minimum_ecdsa_group_size();
230 }
231 // else some other algo, so leave expected_keylength as zero and the check is a no-op
232
233 if(keylength < expected_keylength) {
234 throw TLS_Exception(Alert::InsufficientSecurity,
235 "Peer sent " + std::to_string(keylength) + " bit " + algo_name +
236 " key"
237 ", policy requires at least " +
238 std::to_string(expected_keylength));
239 }
240}
virtual size_t minimum_ecdh_group_size() const
virtual size_t minimum_rsa_bits() const
virtual size_t minimum_dh_group_size() const
virtual size_t minimum_ecdsa_group_size() const

References Botan::Asymmetric_Key::algo_name(), Botan::Public_Key::key_length(), Botan::TLS::Policy::minimum_dh_group_size(), Botan::TLS::Policy::minimum_ecdh_group_size(), Botan::TLS::Policy::minimum_ecdsa_group_size(), and Botan::TLS::Policy::minimum_rsa_bits().

Referenced by Botan::TLS::Certificate_13::Certificate_13(), Botan::TLS::Callbacks::tls_ephemeral_key_agreement(), Botan::TLS::Server_Key_Exchange::verify(), and Botan::TLS::Certificate_Verify_12::verify().

◆ choose_key_exchange_group()

Group_Params Botan::TLS::Policy::choose_key_exchange_group ( const std::vector< Group_Params > & supported_by_peer,
const std::vector< Group_Params > & offered_by_peer ) const
virtualinherited

Select a key exchange group to use, from the list of groups sent by the peer. In TLS 1.3 handshakes the peer might have provided cryptographic material for a subset of its available groups. Choosing a group for which no share was provided will result in an additional round trip. If none are acceptable, return Group_Params::NONE.

By default this will try to optimize for less round trips even if this results in the usage of a less preferred group.

Definition at line 118 of file tls_policy.cpp.

119 {
120 if(supported_by_peer.empty()) {
121 return Group_Params::NONE;
122 }
123
124 const std::vector<Group_Params> our_groups = key_exchange_groups();
125
126 // Prefer groups that were offered by the peer for the sake of saving
127 // an additional round trip. For TLS 1.2, this won't be used.
128 for(auto g : offered_by_peer) {
129 if(value_exists(our_groups, g)) {
130 return g;
131 }
132 }
133
134 // If no pre-offered groups fit our supported set, we prioritize our
135 // own preference.
136 for(auto g : our_groups) {
137 if(value_exists(supported_by_peer, g)) {
138 return g;
139 }
140 }
141
142 return Group_Params::NONE;
143}
virtual std::vector< Group_Params > key_exchange_groups() const

References Botan::TLS::Policy::key_exchange_groups(), and Botan::value_exists().

Referenced by Botan::TLS::Client_Key_Exchange::Client_Key_Exchange(), Botan::TLS::Server_Hello_13::create(), and Botan::TLS::Server_Key_Exchange::Server_Key_Exchange().

◆ ciphersuite_list()

std::vector< uint16_t > Botan::TLS::Policy::ciphersuite_list ( Protocol_Version version) const
virtualinherited

Return allowed ciphersuites, in order of preference for the provided protocol version.

Parameters
versionthe exact protocol version to select supported and allowed ciphersuites for

Definition at line 497 of file tls_policy.cpp.

497 {
498 const std::vector<std::string> ciphers = allowed_ciphers();
499 const std::vector<std::string> macs = allowed_macs();
500 const std::vector<std::string> kex = allowed_key_exchange_methods();
501 const std::vector<std::string> sigs = allowed_signature_methods();
502
503 std::vector<Ciphersuite> ciphersuites;
504
505 for(auto&& suite : Ciphersuite::all_known_ciphersuites()) {
506 // Can we use it?
507 if(!suite.valid()) {
508 continue;
509 }
510
511 // Can we use it in this version?
512 if(!suite.usable_in_version(version)) {
513 continue;
514 }
515
516 // Is it acceptable to the policy?
517 if(!this->acceptable_ciphersuite(suite)) {
518 continue;
519 }
520
521 if(!value_exists(ciphers, suite.cipher_algo())) {
522 continue; // unsupported cipher
523 }
524
525 // these checks are irrelevant for TLS 1.3
526 // TODO: consider making a method for this logic
527 if(version.is_pre_tls_13()) {
528 if(!value_exists(kex, suite.kex_algo())) {
529 continue; // unsupported key exchange
530 }
531
532 if(!value_exists(macs, suite.mac_algo())) {
533 continue; // unsupported MAC algo
534 }
535
536 if(!value_exists(sigs, suite.sig_algo())) {
537 // allow if it's an empty sig algo and we want to use PSK
538 if(suite.auth_method() != Auth_Method::IMPLICIT || !suite.psk_ciphersuite()) {
539 continue;
540 }
541 }
542 }
543
544 // OK, consider it
545 ciphersuites.push_back(suite);
546 }
547
548 if(ciphersuites.empty()) {
549 throw Invalid_State("Policy does not allow any available cipher suite");
550 }
551
552 Ciphersuite_Preference_Ordering order(ciphers, macs, kex, sigs);
553 std::sort(ciphersuites.begin(), ciphersuites.end(), order);
554
555 std::vector<uint16_t> ciphersuite_codes;
556 ciphersuite_codes.reserve(ciphersuites.size());
557 for(auto i : ciphersuites) {
558 ciphersuite_codes.push_back(i.ciphersuite_code());
559 }
560 return ciphersuite_codes;
561}
virtual bool acceptable_ciphersuite(const Ciphersuite &suite) const

References Botan::TLS::Policy::acceptable_ciphersuite(), Botan::TLS::Ciphersuite::all_known_ciphersuites(), Botan::TLS::Policy::allowed_ciphers(), Botan::TLS::Policy::allowed_key_exchange_methods(), Botan::TLS::Policy::allowed_macs(), Botan::TLS::Policy::allowed_signature_methods(), Botan::TLS::IMPLICIT, Botan::TLS::Protocol_Version::is_pre_tls_13(), and Botan::value_exists().

Referenced by Botan::TLS::Client_Hello_12::Client_Hello_12(), Botan::TLS::Client_Hello_12::Client_Hello_12(), and Botan::TLS::Client_Hello_13::Client_Hello_13().

◆ default_dh_group()

Group_Params Botan::TLS::Policy::default_dh_group ( ) const
virtualinherited
Note
Has no effect for TLS 1.3 connections.

Definition at line 145 of file tls_policy.cpp.

145 {
146 /*
147 * Return the first listed or just default to 2048
148 */
149 for(auto g : key_exchange_groups()) {
150 if(g.is_dh_named_group()) {
151 return g;
152 }
153 }
154
155 return Group_Params::FFDHE_2048;
156}

References Botan::TLS::Policy::key_exchange_groups().

Referenced by Botan::TLS::Server_Key_Exchange::Server_Key_Exchange().

◆ dtls_default_mtu()

size_t Botan::TLS::Text_Policy::dtls_default_mtu ( ) const
overridevirtual
Returns
the default MTU for DTLS

Reimplemented from Botan::TLS::Policy.

Definition at line 154 of file tls_text_policy.cpp.

154 {
155 return get_len("dtls_default_mtu", Policy::dtls_default_mtu());
156}
virtual size_t dtls_default_mtu() const
size_t get_len(const std::string &key, size_t def) const

References Botan::TLS::Policy::dtls_default_mtu(), and get_len().

◆ dtls_initial_timeout()

size_t Botan::TLS::Text_Policy::dtls_initial_timeout ( ) const
overridevirtual
Returns
the initial timeout for DTLS

Reimplemented from Botan::TLS::Policy.

Definition at line 158 of file tls_text_policy.cpp.

158 {
159 return get_len("dtls_initial_timeout", Policy::dtls_initial_timeout());
160}
virtual size_t dtls_initial_timeout() const

References Botan::TLS::Policy::dtls_initial_timeout(), and get_len().

◆ dtls_maximum_timeout()

size_t Botan::TLS::Text_Policy::dtls_maximum_timeout ( ) const
overridevirtual
Returns
the maximum timeout for DTLS

Reimplemented from Botan::TLS::Policy.

Definition at line 162 of file tls_text_policy.cpp.

162 {
163 return get_len("dtls_maximum_timeout", Policy::dtls_maximum_timeout());
164}
virtual size_t dtls_maximum_timeout() const

References Botan::TLS::Policy::dtls_maximum_timeout(), and get_len().

◆ get_bool()

bool Botan::TLS::Text_Policy::get_bool ( const std::string & key,
bool def ) const
protected

Definition at line 303 of file tls_text_policy.cpp.

303 {
304 const std::string v = get_str(key);
305
306 if(v.empty()) {
307 return def;
308 }
309
310 if(v == "true" || v == "True") {
311 return true;
312 } else if(v == "false" || v == "False") {
313 return false;
314 } else {
315 throw Decoding_Error("Invalid boolean '" + v + "'");
316 }
317}

References get_str().

Referenced by allow_client_initiated_renegotiation(), allow_dtls12(), allow_insecure_renegotiation(), allow_server_initiated_renegotiation(), allow_tls12(), allow_tls13(), hash_hello_random(), hide_unknown_users(), include_time_in_hello_random(), negotiate_encrypt_then_mac(), require_cert_revocation_info(), require_client_certificate_authentication(), reuse_session_tickets(), server_uses_own_ciphersuite_preferences(), support_cert_status_message(), tls_13_middlebox_compatibility_mode(), and use_ecc_point_compression().

◆ get_duration()

std::chrono::seconds Botan::TLS::Text_Policy::get_duration ( const std::string & key,
std::chrono::seconds def ) const
protected

Definition at line 284 of file tls_text_policy.cpp.

284 {
285 using rep_t = std::chrono::seconds::rep;
286 constexpr rep_t max_seconds = std::chrono::seconds::max().count();
287 constexpr auto max_sizet = std::numeric_limits<size_t>::max();
288 using ull = unsigned long long;
289
290 // The concrete type of `rep` is not specified exactly. Let's play it extra safe...
291 // e.g. on 32-bit platforms size_t is 32 bits but rep_t is "at least 35 bits"
292
293 // at least zero and certainly fitting into rep_t
294 const rep_t positive_default = std::max(def.count(), rep_t(0));
295 // at least zero but capped to whatever size_t can handle
296 const size_t positive_capped_default = static_cast<size_t>(std::min<ull>(positive_default, max_sizet));
297 // at least zero but capped to whatever rep_t can handle
298 const rep_t result = static_cast<rep_t>(std::min<ull>(get_len(key, positive_capped_default), max_seconds));
299
300 return std::chrono::seconds(result);
301}

References get_len().

Referenced by session_ticket_lifetime().

◆ get_len()

size_t Botan::TLS::Text_Policy::get_len ( const std::string & key,
size_t def ) const
protected

◆ get_list()

std::vector< std::string > Botan::TLS::Text_Policy::get_list ( const std::string & key,
const std::vector< std::string > & def ) const
protected

Definition at line 217 of file tls_text_policy.cpp.

217 {
218 const std::string v = get_str(key);
219
220 if(v.empty()) {
221 return def;
222 }
223
224 return split_on(v, ' ');
225}
std::vector< std::string > split_on(std::string_view str, char delim)
Definition parsing.cpp:111

References get_str(), and Botan::split_on().

Referenced by allowed_ciphers(), allowed_key_exchange_methods(), allowed_macs(), allowed_signature_hashes(), allowed_signature_methods(), and srtp_profiles().

◆ get_str()

std::string Botan::TLS::Text_Policy::get_str ( const std::string & key,
const std::string & def = "" ) const
protected

Definition at line 319 of file tls_text_policy.cpp.

319 {
320 auto i = m_kv.find(key);
321 if(i == m_kv.end()) {
322 return def;
323 }
324
325 return i->second;
326}

Referenced by accepted_client_certificate_types(), accepted_server_certificate_types(), get_bool(), get_len(), get_list(), key_exchange_groups(), and key_exchange_groups_to_offer().

◆ hash_hello_random()

bool Botan::TLS::Text_Policy::hash_hello_random ( ) const
overridevirtual

Hash the RNG output for the client/server hello random. This is a pre-caution to avoid writing "raw" RNG output to the wire.

There's not normally a reason to disable this, except when deterministic output is required for testing.

Reimplemented from Botan::TLS::Policy.

Definition at line 202 of file tls_text_policy.cpp.

202 {
203 return get_bool("hash_hello_random", Policy::hash_hello_random());
204}
virtual bool hash_hello_random() const

References get_bool(), and Botan::TLS::Policy::hash_hello_random().

◆ hide_unknown_users()

bool Botan::TLS::Text_Policy::hide_unknown_users ( ) const
overridevirtual

If this function returns false, unknown PSK identifiers will be rejected with an unknown_psk_identifier alert as soon as the non-existence is identified. Otherwise, a false identifier value will be used and the protocol allowed to proceed, causing the handshake to eventually fail without revealing that the username does not exist on this system.

Reimplemented from Botan::TLS::Policy.

Definition at line 170 of file tls_text_policy.cpp.

170 {
171 return get_bool("hide_unknown_users", Policy::hide_unknown_users());
172}
virtual bool hide_unknown_users() const

References get_bool(), and Botan::TLS::Policy::hide_unknown_users().

◆ include_time_in_hello_random()

bool Botan::TLS::Text_Policy::include_time_in_hello_random ( ) const
overridevirtual

The protocol dictates that the first 32 bits of the random field are the current time in seconds. However this allows client fingerprinting attacks. Set to false to disable, in which case random bytes will be used instead.

Reimplemented from Botan::TLS::Policy.

Definition at line 58 of file tls_text_policy.cpp.

58 {
59 return get_bool("include_time_in_hello_random", Policy::include_time_in_hello_random());
60}
virtual bool include_time_in_hello_random() const

References get_bool(), and Botan::TLS::Policy::include_time_in_hello_random().

◆ key_exchange_groups()

std::vector< Group_Params > Botan::TLS::Text_Policy::key_exchange_groups ( ) const
overridevirtual

Return list of ECC curves and FFDHE groups we are willing to use in order of preference.

Reimplemented from Botan::TLS::Policy.

Definition at line 104 of file tls_text_policy.cpp.

104 {
105 std::string group_str = get_str("key_exchange_groups");
106
107 if(group_str.empty()) {
108 // fall back to previously used name
109 group_str = get_str("groups");
110 }
111
112 if(group_str.empty()) {
114 }
115
116 return read_group_list(group_str);
117}
std::vector< Group_Params > read_group_list(std::string_view group_str) const

References get_str(), Botan::TLS::Policy::key_exchange_groups(), and read_group_list().

◆ key_exchange_groups_to_offer()

std::vector< Group_Params > Botan::TLS::Text_Policy::key_exchange_groups_to_offer ( ) const
overridevirtual

Return a list of groups to provide prepared key share offers in the initial client hello for. Groups in this list must be reflected in key_exchange_groups() and in the same order. By default this returns the most preferred group from key_exchange_groups(). If an empty list is returned, no prepared key share offers are sent and the decision of the group to use is left to the server.

Note
Has an effect on TLS 1.3 clients, only.

Reimplemented from Botan::TLS::Policy.

Definition at line 119 of file tls_text_policy.cpp.

119 {
120 std::string group_str = get_str("key_exchange_groups_to_offer", "notset");
121
122 if(group_str.empty() || group_str == "notset") {
123 // policy was not set, fall back to default behaviour
125 }
126
127 if(group_str == "none") {
128 return {};
129 }
130
131 return read_group_list(group_str);
132}
virtual std::vector< Group_Params > key_exchange_groups_to_offer() const

References get_str(), Botan::TLS::Policy::key_exchange_groups_to_offer(), and read_group_list().

◆ latest_supported_version()

Protocol_Version Botan::TLS::Policy::latest_supported_version ( bool datagram) const
virtualinherited

Returns the most recent protocol version we are willing to use, for either TLS or DTLS depending on datagram param. Shouldn't ever need to override this unless you want to allow a user to disable specific TLS versions.

Definition at line 278 of file tls_policy.cpp.

278 {
279 if(datagram) {
280 if(acceptable_protocol_version(Protocol_Version::DTLS_V12)) {
281 return Protocol_Version::DTLS_V12;
282 }
283 throw Invalid_State("Policy forbids all available DTLS version");
284 } else {
285#if defined(BOTAN_HAS_TLS_13)
286 if(acceptable_protocol_version(Protocol_Version::TLS_V13)) {
287 return Protocol_Version::TLS_V13;
288 }
289#endif
290 if(acceptable_protocol_version(Protocol_Version::TLS_V12)) {
291 return Protocol_Version::TLS_V12;
292 }
293 throw Invalid_State("Policy forbids all available TLS version");
294 }
295}
virtual bool acceptable_protocol_version(Protocol_Version version) const

References Botan::TLS::Policy::acceptable_protocol_version().

◆ maximum_certificate_chain_size()

size_t Botan::TLS::Policy::maximum_certificate_chain_size ( ) const
virtualinherited
Returns
the maximum size of the certificate chain, in bytes. Return 0 to disable this and accept any size.

Definition at line 402 of file tls_policy.cpp.

402 {
403 return 0;
404}

Referenced by Botan::TLS::Certificate_12::Certificate_12(), and Botan::TLS::Certificate_13::Certificate_13().

◆ maximum_session_tickets_per_client_hello()

size_t Botan::TLS::Text_Policy::maximum_session_tickets_per_client_hello ( ) const
overridevirtual

Defines the maximum number of session tickets a client might offer in a single resumption attempt. Must be greater than 0.

TODO: Currently, the TLS 1.3 client implementation supports exactly one ticket per handshake. RFC 8446 allows for an arbitrary amount, though.

Note
Has an effect on TLS 1.3 connections, only.

Reimplemented from Botan::TLS::Policy.

Definition at line 174 of file tls_text_policy.cpp.

174 {
175 return get_len("maximum_session_tickets_per_client_hello", Policy::maximum_session_tickets_per_client_hello());
176}
virtual size_t maximum_session_tickets_per_client_hello() const

References get_len(), and Botan::TLS::Policy::maximum_session_tickets_per_client_hello().

◆ minimum_dh_group_size()

size_t Botan::TLS::Text_Policy::minimum_dh_group_size ( ) const
overridevirtual

Return the minimum DH group size we're willing to use Default is currently 1024 (insecure), should be 2048

Reimplemented from Botan::TLS::Policy.

Definition at line 142 of file tls_text_policy.cpp.

142 {
143 return get_len("minimum_dh_group_size", Policy::minimum_dh_group_size());
144}

References get_len(), and Botan::TLS::Policy::minimum_dh_group_size().

◆ minimum_ecdh_group_size()

size_t Botan::TLS::Text_Policy::minimum_ecdh_group_size ( ) const
overridevirtual

Return the minimum ECDH group size we're willing to use for key exchange

Default 255, allowing x25519 and larger x25519 is the smallest curve we will negotiate P-521 is the largest

Reimplemented from Botan::TLS::Policy.

Definition at line 134 of file tls_text_policy.cpp.

134 {
135 return get_len("minimum_ecdh_group_size", Policy::minimum_ecdh_group_size());
136}

References get_len(), and Botan::TLS::Policy::minimum_ecdh_group_size().

◆ minimum_ecdsa_group_size()

size_t Botan::TLS::Text_Policy::minimum_ecdsa_group_size ( ) const
overridevirtual

For ECDSA authenticated ciphersuites, the smallest key size the client will accept. This policy is currently only enforced on the server by the client.

Reimplemented from Botan::TLS::Policy.

Definition at line 138 of file tls_text_policy.cpp.

138 {
139 return get_len("minimum_ecdsa_group_size", Policy::minimum_ecdsa_group_size());
140}

References get_len(), and Botan::TLS::Policy::minimum_ecdsa_group_size().

◆ minimum_rsa_bits()

size_t Botan::TLS::Text_Policy::minimum_rsa_bits ( ) const
overridevirtual

Return the minimum bit size we're willing to accept for RSA key exchange or server signatures.

It does not place any requirements on the size of any RSA signature(s) which were used to check the server certificate. This is only concerned with the server's public key.

Default is 2048 which is smallest RSA key size still secure for medium term security.

Reimplemented from Botan::TLS::Policy.

Definition at line 146 of file tls_text_policy.cpp.

146 {
147 return get_len("minimum_rsa_bits", Policy::minimum_rsa_bits());
148}

References get_len(), and Botan::TLS::Policy::minimum_rsa_bits().

◆ minimum_signature_strength()

size_t Botan::TLS::Text_Policy::minimum_signature_strength ( ) const
overridevirtual

The minimum signature strength we will accept Returning 80 allows RSA 1024 and SHA-1. Values larger than 80 disable SHA-1 support. Returning 110 allows RSA 2048. Return 128 to force ECC (P-256) or large (~3000 bit) RSA keys. Default is 110

Reimplemented from Botan::TLS::Policy.

Definition at line 150 of file tls_text_policy.cpp.

150 {
151 return get_len("minimum_signature_strength", Policy::minimum_signature_strength());
152}
virtual size_t minimum_signature_strength() const

References get_len(), and Botan::TLS::Policy::minimum_signature_strength().

◆ negotiate_encrypt_then_mac()

bool Botan::TLS::Text_Policy::negotiate_encrypt_then_mac ( ) const
overridevirtual

Indicates whether the encrypt-then-MAC extension should be negotiated (RFC 7366)

Note
Has no effect for TLS 1.3 connections.

Reimplemented from Botan::TLS::Policy.

Definition at line 88 of file tls_text_policy.cpp.

88 {
89 return get_bool("negotiate_encrypt_then_mac", Policy::negotiate_encrypt_then_mac());
90}
virtual bool negotiate_encrypt_then_mac() const

References get_bool(), and Botan::TLS::Policy::negotiate_encrypt_then_mac().

◆ new_session_tickets_upon_handshake_success()

size_t Botan::TLS::Text_Policy::new_session_tickets_upon_handshake_success ( ) const
overridevirtual

Return the number of new session tickets a TLS 1.3 server should issue automatically upon a successful handshake. Note that applications can use TLS::Server::send_new_session_tickets() regardless of this policy.

For convenience (and compatibility with the TLS 1.2 behaviour), this returns '1' by default.

Note
Has an effect on TLS 1.3 connections, only.

Reimplemented from Botan::TLS::Policy.

Definition at line 186 of file tls_text_policy.cpp.

186 {
187 return get_len("new_session_tickets_upon_handshake_success", Policy::new_session_tickets_upon_handshake_success());
188}
virtual size_t new_session_tickets_upon_handshake_success() const

References get_len(), and Botan::TLS::Policy::new_session_tickets_upon_handshake_success().

◆ only_resume_with_exact_version()

bool Botan::TLS::Policy::only_resume_with_exact_version ( ) const
virtualinherited

Definition at line 374 of file tls_policy.cpp.

374 {
375 return true;
376}

◆ print()

void Botan::TLS::Policy::print ( std::ostream & o) const
virtualinherited

Convert this policy to a printable format.

Parameters
ostream to be printed to

Definition at line 613 of file tls_policy.cpp.

613 {
614 print_bool(o, "allow_tls12", allow_tls12());
615 print_bool(o, "allow_tls13", allow_tls13());
616 print_bool(o, "allow_dtls12", allow_dtls12());
617 print_vec(o, "ciphers", allowed_ciphers());
618 print_vec(o, "macs", allowed_macs());
619 print_vec(o, "signature_hashes", allowed_signature_hashes());
620 print_vec(o, "signature_methods", allowed_signature_methods());
621 print_vec(o, "key_exchange_methods", allowed_key_exchange_methods());
622 print_vec(o, "key_exchange_groups", key_exchange_groups());
623 const auto groups_to_offer = key_exchange_groups_to_offer();
624 if(groups_to_offer.empty()) {
625 print_vec(o, "key_exchange_groups_to_offer", {std::string("none")});
626 } else {
627 print_vec(o, "key_exchange_groups_to_offer", groups_to_offer);
628 }
629 print_bool(o, "allow_insecure_renegotiation", allow_insecure_renegotiation());
630 print_bool(o, "include_time_in_hello_random", include_time_in_hello_random());
631 print_bool(o, "allow_server_initiated_renegotiation", allow_server_initiated_renegotiation());
632 print_bool(o, "hide_unknown_users", hide_unknown_users());
633 print_bool(o, "server_uses_own_ciphersuite_preferences", server_uses_own_ciphersuite_preferences());
634 print_bool(o, "negotiate_encrypt_then_mac", negotiate_encrypt_then_mac());
635 print_bool(o, "support_cert_status_message", support_cert_status_message());
636 print_bool(o, "tls_13_middlebox_compatibility_mode", tls_13_middlebox_compatibility_mode());
637 print_vec(o, "accepted_client_certificate_types", accepted_client_certificate_types());
638 print_vec(o, "accepted_server_certificate_types", accepted_server_certificate_types());
639 print_bool(o, "hash_hello_random", hash_hello_random());
640 if(record_size_limit().has_value()) {
641 o << "record_size_limit = " << record_size_limit().value() << '\n';
642 }
643 o << "maximum_session_tickets_per_client_hello = " << maximum_session_tickets_per_client_hello() << '\n';
644 o << "session_ticket_lifetime = " << session_ticket_lifetime().count() << '\n';
645 o << "reuse_session_tickets = " << reuse_session_tickets() << '\n';
646 o << "new_session_tickets_upon_handshake_success = " << new_session_tickets_upon_handshake_success() << '\n';
647 o << "minimum_dh_group_size = " << minimum_dh_group_size() << '\n';
648 o << "minimum_ecdh_group_size = " << minimum_ecdh_group_size() << '\n';
649 o << "minimum_rsa_bits = " << minimum_rsa_bits() << '\n';
650 o << "minimum_signature_strength = " << minimum_signature_strength() << '\n';
651}
virtual bool reuse_session_tickets() const
virtual bool tls_13_middlebox_compatibility_mode() const
virtual bool server_uses_own_ciphersuite_preferences() const
virtual bool support_cert_status_message() const
virtual std::optional< uint16_t > record_size_limit() const
virtual std::chrono::seconds session_ticket_lifetime() const

References Botan::TLS::Policy::accepted_client_certificate_types(), Botan::TLS::Policy::accepted_server_certificate_types(), Botan::TLS::Policy::allow_dtls12(), Botan::TLS::Policy::allow_insecure_renegotiation(), Botan::TLS::Policy::allow_server_initiated_renegotiation(), Botan::TLS::Policy::allow_tls12(), Botan::TLS::Policy::allow_tls13(), Botan::TLS::Policy::allowed_ciphers(), Botan::TLS::Policy::allowed_key_exchange_methods(), Botan::TLS::Policy::allowed_macs(), Botan::TLS::Policy::allowed_signature_hashes(), Botan::TLS::Policy::allowed_signature_methods(), Botan::TLS::Policy::hash_hello_random(), Botan::TLS::Policy::hide_unknown_users(), Botan::TLS::Policy::include_time_in_hello_random(), Botan::TLS::Policy::key_exchange_groups(), Botan::TLS::Policy::key_exchange_groups_to_offer(), Botan::TLS::Policy::maximum_session_tickets_per_client_hello(), Botan::TLS::Policy::minimum_dh_group_size(), Botan::TLS::Policy::minimum_ecdh_group_size(), Botan::TLS::Policy::minimum_rsa_bits(), Botan::TLS::Policy::minimum_signature_strength(), Botan::TLS::Policy::negotiate_encrypt_then_mac(), Botan::TLS::Policy::new_session_tickets_upon_handshake_success(), Botan::TLS::Policy::record_size_limit(), Botan::TLS::Policy::reuse_session_tickets(), Botan::TLS::Policy::server_uses_own_ciphersuite_preferences(), Botan::TLS::Policy::session_ticket_lifetime(), Botan::TLS::Policy::support_cert_status_message(), and Botan::TLS::Policy::tls_13_middlebox_compatibility_mode().

Referenced by Botan::TLS::Policy::to_string().

◆ read_cert_type_list()

std::vector< Certificate_Type > Botan::TLS::Text_Policy::read_cert_type_list ( const std::string & cert_type_str) const
protected

Definition at line 265 of file tls_text_policy.cpp.

265 {
266 std::vector<Certificate_Type> cert_types;
267 for(const std::string& cert_type_name : split_on(cert_type_names, ' ')) {
268 cert_types.push_back(certificate_type_from_string(cert_type_name));
269 }
270
271 return cert_types;
272}
Certificate_Type certificate_type_from_string(const std::string &type_str)

References Botan::TLS::certificate_type_from_string(), and Botan::split_on().

Referenced by accepted_client_certificate_types(), and accepted_server_certificate_types().

◆ read_group_list()

std::vector< Group_Params > Botan::TLS::Text_Policy::read_group_list ( std::string_view group_str) const
protected

Definition at line 227 of file tls_text_policy.cpp.

227 {
228 std::vector<Group_Params> groups;
229 for(const auto& group_name : split_on(group_str, ' ')) {
230 Group_Params group_id = Group_Params::from_string(group_name).value_or(Group_Params::NONE);
231
232#if !defined(BOTAN_HAS_CURVE_25519)
233 if(group_id == Group_Params::X25519)
234 continue;
235#endif
236
237 if(group_id == Group_Params::NONE) {
238 try {
239 size_t consumed = 0;
240 unsigned long ll_id = std::stoul(group_name, &consumed, 0);
241 if(consumed != group_name.size()) {
242 continue; // some other cruft
243 }
244
245 const uint16_t id = static_cast<uint16_t>(ll_id);
246
247 if(id != ll_id) {
248 continue; // integer too large
249 }
250
251 group_id = static_cast<Group_Params>(id);
252 } catch(...) {
253 continue;
254 }
255 }
256
257 if(group_id != Group_Params::NONE) {
258 groups.push_back(group_id);
259 }
260 }
261
262 return groups;
263}
static std::optional< Group_Params > from_string(std::string_view group_name)

References Botan::TLS::Group_Params::from_string(), and Botan::split_on().

Referenced by key_exchange_groups(), and key_exchange_groups_to_offer().

◆ record_size_limit()

std::optional< uint16_t > Botan::TLS::Text_Policy::record_size_limit ( ) const
overridevirtual

Defines the maximum TLS record length for TLS connections. This is based on the Record Size Limit extension described in RFC 8449. By default (i.e. if std::nullopt is returned), TLS clients will omit this extension altogether.

This value may be between 64 and 16385 (TLS 1.3) or 16384 (TLS 1.2).

Note
This is currently not implemented for TLS 1.2, hence the limit won't be negotiated by TLS 1.3 clients that support downgrading to TLS 1.2 (i.e. allow_tls12() returning true).

Reimplemented from Botan::TLS::Policy.

Definition at line 92 of file tls_text_policy.cpp.

92 {
93 const auto limit = get_len("record_size_limit", 0);
94 // RFC 8449 4.
95 // TLS 1.3 uses a limit of 2^14+1 octets.
96 BOTAN_ARG_CHECK(limit <= 16385, "record size limit too large");
97 return (limit > 0) ? std::make_optional(static_cast<uint16_t>(limit)) : std::nullopt;
98}
#define BOTAN_ARG_CHECK(expr, msg)
Definition assert.h:29

References BOTAN_ARG_CHECK, and get_len().

◆ request_client_certificate_authentication()

bool Botan::TLS::Policy::request_client_certificate_authentication ( ) const
virtualinherited

Indicate if client certificate authentication is requested. If true, then a cert will be requested.

Definition at line 382 of file tls_policy.cpp.

382 {
384}
virtual bool require_client_certificate_authentication() const

References Botan::TLS::Policy::require_client_certificate_authentication().

Referenced by Botan::TLS::Encrypted_Extensions::Encrypted_Extensions(), and Botan::TLS::Certificate_Request_13::maybe_create().

◆ require_cert_revocation_info()

bool Botan::TLS::Text_Policy::require_cert_revocation_info ( ) const
overridevirtual

Return if cert revocation info (CRL/OCSP) is required If true, validation will fail unless a valid CRL or OCSP response was examined.

Reimplemented from Botan::TLS::Policy.

Definition at line 166 of file tls_text_policy.cpp.

166 {
167 return get_bool("require_cert_revocation_info", Policy::require_cert_revocation_info());
168}
virtual bool require_cert_revocation_info() const

References get_bool(), and Botan::TLS::Policy::require_cert_revocation_info().

◆ require_client_certificate_authentication()

bool Botan::TLS::Text_Policy::require_client_certificate_authentication ( ) const
overridevirtual

Indicate if client certificate authentication is required. If true, then a cert will be requested and if the client does not send a certificate the connection will be closed.

Reimplemented from Botan::TLS::Policy.

Definition at line 62 of file tls_text_policy.cpp.

62 {
63 return get_bool("require_client_certificate_authentication", Policy::require_client_certificate_authentication());
64}

References get_bool(), and Botan::TLS::Policy::require_client_certificate_authentication().

◆ reuse_session_tickets()

bool Botan::TLS::Text_Policy::reuse_session_tickets ( ) const
overridevirtual

Decides whether stored session tickets should be used multiple times (until their lifetime runs out). This might allow passive observers to correlate connections (RFC 8446 Appendix C.4). This has no effect on TLS 1.2 resumptions based on session IDs as those are negotiated in the clear anyway.

Reimplemented from Botan::TLS::Policy.

Definition at line 182 of file tls_text_policy.cpp.

182 {
183 return get_bool("reuse_session_tickets", Policy::reuse_session_tickets());
184}

References get_bool(), and Botan::TLS::Policy::reuse_session_tickets().

◆ server_uses_own_ciphersuite_preferences()

bool Botan::TLS::Text_Policy::server_uses_own_ciphersuite_preferences ( ) const
overridevirtual
Returns
true if servers should choose the ciphersuite matching their highest preference, rather than the clients. Has no effect on client side.

Reimplemented from Botan::TLS::Policy.

Definition at line 84 of file tls_text_policy.cpp.

84 {
85 return get_bool("server_uses_own_ciphersuite_preferences", Policy::server_uses_own_ciphersuite_preferences());
86}

References get_bool(), and Botan::TLS::Policy::server_uses_own_ciphersuite_preferences().

◆ session_ticket_lifetime()

std::chrono::seconds Botan::TLS::Text_Policy::session_ticket_lifetime ( ) const
overridevirtual

Return the allowed lifetime of a session ticket. If 0, session tickets do not expire until the session ticket key rolls over. For TLS 1.3 session tickets the lifetime must not be longer than seven days. Expired session tickets cannot be used to resume a session.

Reimplemented from Botan::TLS::Policy.

Definition at line 178 of file tls_text_policy.cpp.

178 {
179 return get_duration("session_ticket_lifetime", Policy::session_ticket_lifetime());
180}
std::chrono::seconds get_duration(const std::string &key, std::chrono::seconds def) const

References get_duration(), and Botan::TLS::Policy::session_ticket_lifetime().

◆ set()

void Botan::TLS::Text_Policy::set ( const std::string & key,
const std::string & value )

Definition at line 206 of file tls_text_policy.cpp.

206 {
207 m_kv[key] = value;
208}

◆ set_value()

bool Botan::TLS::Text_Policy::set_value ( const std::string & key,
std::string_view val,
bool overwrite )
protected

Definition at line 328 of file tls_text_policy.cpp.

328 {
329 auto i = m_kv.find(key);
330
331 if(overwrite == false && i != m_kv.end()) {
332 return false;
333 }
334
335 m_kv.insert(i, std::make_pair(key, val));
336 return true;
337}

◆ srtp_profiles()

std::vector< uint16_t > Botan::TLS::Text_Policy::srtp_profiles ( ) const
overridevirtual

If this returns a non-empty vector, and DTLS is negotiated, then we will also attempt to negotiate the SRTP extension from RFC 5764 using the returned values as the profile ids.

Reimplemented from Botan::TLS::Policy.

Definition at line 190 of file tls_text_policy.cpp.

190 {
191 std::vector<uint16_t> r;
192 for(const auto& p : get_list("srtp_profiles", std::vector<std::string>())) {
193 r.push_back(to_uint16(p));
194 }
195 return r;
196}
uint16_t to_uint16(std::string_view str)
Definition parsing.cpp:22

References get_list(), and Botan::to_uint16().

◆ support_cert_status_message()

bool Botan::TLS::Text_Policy::support_cert_status_message ( ) const
overridevirtual

Indicates whether certificate status messages should be supported

Reimplemented from Botan::TLS::Policy.

Definition at line 100 of file tls_text_policy.cpp.

100 {
101 return get_bool("support_cert_status_message", Policy::support_cert_status_message());
102}

References get_bool(), and Botan::TLS::Policy::support_cert_status_message().

◆ tls_13_middlebox_compatibility_mode()

bool Botan::TLS::Text_Policy::tls_13_middlebox_compatibility_mode ( ) const
overridevirtual

Defines whether or not the middlebox compatibility mode should be used. Enabled by default.

RFC 8446 Appendix D.4 [This makes] the TLS 1.3 handshake resemble TLS 1.2 session resumption, which improves the chance of successfully connecting through middleboxes.

Note
Has an effect on TLS 1.3 connections, only.

Reimplemented from Botan::TLS::Policy.

Definition at line 198 of file tls_text_policy.cpp.

198 {
199 return get_bool("tls_13_middlebox_compatibility_mode", Policy::tls_13_middlebox_compatibility_mode());
200}

References get_bool(), and Botan::TLS::Policy::tls_13_middlebox_compatibility_mode().

◆ to_string()

std::string Botan::TLS::Policy::to_string ( ) const
inherited

Convert this policy to a printable format. Same as calling print on a ostringstream and reading o.str()

Definition at line 653 of file tls_policy.cpp.

653 {
654 std::ostringstream oss;
655 this->print(oss);
656 return oss.str();
657}
virtual void print(std::ostream &o) const

References Botan::TLS::Policy::print().

◆ use_ecc_point_compression()

bool Botan::TLS::Text_Policy::use_ecc_point_compression ( ) const
overridevirtual

Request that ECC curve points are sent compressed

Note
Has no effect for TLS 1.3 connections. RFC 8446 4.2.8.2 Versions of TLS prior to 1.3 permitted point format negotiation; TLS 1.3 removes this feature in favor of a single point format for each curve.

Reimplemented from Botan::TLS::Policy.

Definition at line 38 of file tls_text_policy.cpp.

38 {
39 return get_bool("use_ecc_point_compression", Policy::use_ecc_point_compression());
40}
virtual bool use_ecc_point_compression() const

References get_bool(), and Botan::TLS::Policy::use_ecc_point_compression().


The documentation for this class was generated from the following files: