Botan::TLS::Text_Policy Class Reference

#include <tls_policy.h>

Inheritance diagram for Botan::TLS::Text_Policy:

Public Member Functions
virtual bool	acceptable_ciphersuite (const Ciphersuite &suite) const
virtual bool	acceptable_protocol_version (Protocol_Version version) const
bool	allow_client_initiated_renegotiation () const override
bool	allow_dtls10 () const override
bool	allow_dtls12 () const override
bool	allow_insecure_renegotiation () const override
bool	allow_server_initiated_renegotiation () const override
bool	allow_tls10 () const override
bool	allow_tls11 () const override
bool	allow_tls12 () const override
std::vector< std::string >	allowed_ciphers () const override
std::vector< std::string >	allowed_key_exchange_methods () const override
std::vector< std::string >	allowed_macs () const override
bool	allowed_signature_hash (const std::string &hash) const
std::vector< std::string >	allowed_signature_hashes () const override
bool	allowed_signature_method (const std::string &sig_method) const
std::vector< std::string >	allowed_signature_methods () const override
virtual std::vector< Signature_Scheme >	allowed_signature_schemes () const
virtual void	check_peer_key_acceptable (const Public_Key &public_key) const
virtual Group_Params	choose_key_exchange_group (const std::vector< Group_Params > &peer_groups) const
virtual std::vector< uint16_t >	ciphersuite_list (Protocol_Version version, bool have_srp) const
virtual Group_Params	default_dh_group () const
size_t	dtls_default_mtu () const override
size_t	dtls_initial_timeout () const override
size_t	dtls_maximum_timeout () const override
bool	hide_unknown_users () const override
bool	include_time_in_hello_random () const override
std::vector< Group_Params >	key_exchange_groups () const override
virtual Protocol_Version	latest_supported_version (bool datagram) const
size_t	minimum_dh_group_size () const override
virtual size_t	minimum_dsa_group_size () const
size_t	minimum_ecdh_group_size () const override
size_t	minimum_ecdsa_group_size () const override
size_t	minimum_rsa_bits () const override
size_t	minimum_signature_strength () const override
bool	negotiate_encrypt_then_mac () const override
virtual void	print (std::ostream &o) const
bool	require_cert_revocation_info () const override
bool	send_fallback_scsv (Protocol_Version version) const override
bool	server_uses_own_ciphersuite_preferences () const override
uint32_t	session_ticket_lifetime () const override
void	set (const std::string &k, const std::string &v)
std::vector< uint16_t >	srtp_profiles () const override
bool	support_cert_status_message () const override
	Text_Policy (const std::string &s)
	Text_Policy (std::istream &in)
std::string	to_string () const
bool	use_ecc_point_compression () const override

Protected Member Functions
bool	get_bool (const std::string &key, bool def) const
size_t	get_len (const std::string &key, size_t def) const
std::vector< std::string >	get_list (const std::string &key, const std::vector< std::string > &def) const
std::string	get_str (const std::string &key, const std::string &def="") const
bool	set_value (const std::string &key, const std::string &val, bool overwrite)

Detailed Description

Definition at line 487 of file tls_policy.h.

Constructor & Destructor Documentation

Text_Policy() [1/2]

Botan::TLS::Text_Policy::Text_Policy ( const std::string &  s )

explicit

Definition at line 232 of file tls_text_policy.cpp.

References Botan::read_cfg().

   {
   std::istringstream iss(s);
   m_kv = read_cfg(iss);
   }

Text_Policy() [2/2]

Botan::TLS::Text_Policy::Text_Policy ( std::istream &  in )

explicit

Definition at line 238 of file tls_text_policy.cpp.

                                       : m_kv(read_cfg(in))
   {}

Member Function Documentation

acceptable_ciphersuite()

bool Botan::TLS::Policy::acceptable_ciphersuite ( const Ciphersuite &  suite ) const

virtualinherited

Allows policy to reject any ciphersuites which are undesirable for whatever reason without having to reimplement ciphersuite_list

Definition at line 313 of file tls_policy.cpp.

References Botan::TLS::Policy::allowed_ciphers(), Botan::TLS::Policy::allowed_macs(), Botan::TLS::Ciphersuite::cipher_algo(), Botan::TLS::Ciphersuite::mac_algo(), and Botan::value_exists().

Referenced by Botan::TLS::Policy::ciphersuite_list().

   {
   return value_exists(allowed_ciphers(), ciphersuite.cipher_algo()) &&
          value_exists(allowed_macs(), ciphersuite.mac_algo());
   }

acceptable_protocol_version()

bool Botan::TLS::Policy::acceptable_protocol_version ( Protocol_Version  version ) const

virtualinherited

Returns

true if and only if we are willing to accept this version Default accepts TLS v1.0 and later or DTLS v1.2 or later.

Definition at line 276 of file tls_policy.cpp.

References Botan::TLS::Policy::allow_dtls10(), Botan::TLS::Policy::allow_dtls12(), Botan::TLS::Policy::allow_tls10(), Botan::TLS::Policy::allow_tls11(), Botan::TLS::Policy::allow_tls12(), Botan::TLS::Protocol_Version::DTLS_V10, Botan::TLS::Protocol_Version::DTLS_V12, Botan::TLS::Protocol_Version::TLS_V10, Botan::TLS::Protocol_Version::TLS_V11, and Botan::TLS::Protocol_Version::TLS_V12.

Referenced by Botan::TLS::Client_Hello::Client_Hello().

   {
   // Uses boolean optimization:
   // First check the current version (left part), then if it is allowed 
   // (right part)
   // checks are ordered according to their probability
   return (
           ( ( version == Protocol_Version::TLS_V12)  && allow_tls12()  ) ||
           ( ( version == Protocol_Version::TLS_V10)  && allow_tls10()  ) ||
           ( ( version == Protocol_Version::TLS_V11)  && allow_tls11()  ) ||
           ( ( version == Protocol_Version::DTLS_V12) && allow_dtls12() ) ||
           ( ( version == Protocol_Version::DTLS_V10) && allow_dtls10() )
        );
   }

allow_client_initiated_renegotiation()

bool Botan::TLS::Text_Policy::allow_client_initiated_renegotiation ( ) const

overridevirtual

Consulted by server side. If true, allows clients to initiate a new handshake

Reimplemented from Botan::TLS::Policy.

Definition at line 83 of file tls_text_policy.cpp.

References Botan::TLS::Policy::allow_client_initiated_renegotiation(), and get_bool().

   {
   return get_bool("allow_client_initiated_renegotiation", Policy::allow_client_initiated_renegotiation());
   }

allow_dtls10()

bool Botan::TLS::Text_Policy::allow_dtls10 ( ) const

overridevirtual

Allow DTLS v1.0

Reimplemented from Botan::TLS::Policy.

Definition at line 63 of file tls_text_policy.cpp.

References Botan::TLS::Policy::allow_dtls10(), and get_bool().

   {
   return get_bool("allow_dtls10", Policy::allow_dtls10());
   }

allow_dtls12()

bool Botan::TLS::Text_Policy::allow_dtls12 ( ) const

overridevirtual

Allow DTLS v1.2

Reimplemented from Botan::TLS::Policy.

Definition at line 68 of file tls_text_policy.cpp.

References Botan::TLS::Policy::allow_dtls12(), and get_bool().

   {
   return get_bool("allow_dtls12", Policy::allow_dtls12());
   }

allow_insecure_renegotiation()

bool Botan::TLS::Text_Policy::allow_insecure_renegotiation ( ) const

overridevirtual

Allow renegotiation even if the counterparty doesn't support the secure renegotiation extension.

Warning

Changing this to true exposes you to injected plaintext attacks. Read RFC 5746 for background.

Reimplemented from Botan::TLS::Policy.

Definition at line 73 of file tls_text_policy.cpp.

References Botan::TLS::Policy::allow_insecure_renegotiation(), and get_bool().

   {
   return get_bool("allow_insecure_renegotiation", Policy::allow_insecure_renegotiation());
   }

allow_server_initiated_renegotiation()

bool Botan::TLS::Text_Policy::allow_server_initiated_renegotiation ( ) const

overridevirtual

Consulted by client side. If true, allows servers to initiate a new handshake

Reimplemented from Botan::TLS::Policy.

Definition at line 88 of file tls_text_policy.cpp.

References Botan::TLS::Policy::allow_server_initiated_renegotiation(), and get_bool().

   {
   return get_bool("allow_server_initiated_renegotiation", Policy::allow_server_initiated_renegotiation());
   }

allow_tls10()

bool Botan::TLS::Text_Policy::allow_tls10 ( ) const

overridevirtual

Allow TLS v1.0

Reimplemented from Botan::TLS::Policy.

Definition at line 48 of file tls_text_policy.cpp.

References Botan::TLS::Policy::allow_tls10(), and get_bool().

   {
   return get_bool("allow_tls10", Policy::allow_tls10());
   }

allow_tls11()

bool Botan::TLS::Text_Policy::allow_tls11 ( ) const

overridevirtual

Allow TLS v1.1

Reimplemented from Botan::TLS::Policy.

Definition at line 53 of file tls_text_policy.cpp.

References Botan::TLS::Policy::allow_tls11(), and get_bool().

   {
   return get_bool("allow_tls11", Policy::allow_tls11());
   }

allow_tls12()

bool Botan::TLS::Text_Policy::allow_tls12 ( ) const

overridevirtual

Allow TLS v1.2

Reimplemented from Botan::TLS::Policy.

Definition at line 58 of file tls_text_policy.cpp.

References Botan::TLS::Policy::allow_tls12(), and get_bool().

   {
   return get_bool("allow_tls12", Policy::allow_tls12());
   }

allowed_ciphers()

std::vector< std::string > Botan::TLS::Text_Policy::allowed_ciphers ( ) const

overridevirtual

Returns a list of ciphers we are willing to negotiate, in order of preference.

Reimplemented from Botan::TLS::Policy.

Definition at line 18 of file tls_text_policy.cpp.

References Botan::TLS::Policy::allowed_ciphers(), and get_list().

   {
   return get_list("ciphers", Policy::allowed_ciphers());
   }

allowed_key_exchange_methods()

std::vector< std::string > Botan::TLS::Text_Policy::allowed_key_exchange_methods ( ) const

overridevirtual

Returns a list of key exchange algorithms we are willing to use, in order of preference. Allowed values: DH, empty string (representing RSA using server certificate key)

Reimplemented from Botan::TLS::Policy.

Definition at line 33 of file tls_text_policy.cpp.

References Botan::TLS::Policy::allowed_key_exchange_methods(), and get_list().

   {
   return get_list("key_exchange_methods", Policy::allowed_key_exchange_methods());
   }

allowed_macs()

std::vector< std::string > Botan::TLS::Text_Policy::allowed_macs ( ) const

overridevirtual

Returns a list of MAC algorithms we are willing to use.

Reimplemented from Botan::TLS::Policy.

Definition at line 28 of file tls_text_policy.cpp.

References Botan::TLS::Policy::allowed_macs(), and get_list().

   {
   return get_list("macs", Policy::allowed_macs());
   }

allowed_signature_hash()

bool Botan::TLS::Policy::allowed_signature_hash ( const std::string &  hash ) const

inherited

Definition at line 120 of file tls_policy.cpp.

References Botan::TLS::Policy::allowed_signature_hashes(), and Botan::value_exists().

Referenced by Botan::TLS::Policy::allowed_signature_schemes(), and Botan::TLS::Handshake_State::choose_sig_format().

   {
   return value_exists(allowed_signature_hashes(), sig_hash);
   }

allowed_signature_hashes()

std::vector< std::string > Botan::TLS::Text_Policy::allowed_signature_hashes ( ) const

overridevirtual

Returns a list of hash algorithms we are willing to use for signatures, in order of preference.

Reimplemented from Botan::TLS::Policy.

Definition at line 23 of file tls_text_policy.cpp.

References Botan::TLS::Policy::allowed_signature_hashes(), and get_list().

   {
   return get_list("signature_hashes", Policy::allowed_signature_hashes());
   }

allowed_signature_method()

bool Botan::TLS::Policy::allowed_signature_method ( const std::string &  sig_method ) const

inherited

Definition at line 115 of file tls_policy.cpp.

References Botan::TLS::Policy::allowed_signature_methods(), and Botan::value_exists().

Referenced by Botan::TLS::Policy::allowed_signature_schemes(), and Botan::TLS::Handshake_State::parse_sig_format().

   {
   return value_exists(allowed_signature_methods(), sig_method);
   }

allowed_signature_methods()

std::vector< std::string > Botan::TLS::Text_Policy::allowed_signature_methods ( ) const

overridevirtual

Returns a list of signature algorithms we are willing to use, in order of preference. Allowed values RSA and DSA.

Reimplemented from Botan::TLS::Policy.

Definition at line 38 of file tls_text_policy.cpp.

References Botan::TLS::Policy::allowed_signature_methods(), and get_list().

   {
   return get_list("signature_methods", Policy::allowed_signature_methods());
   }

allowed_signature_schemes()

std::vector< Signature_Scheme > Botan::TLS::Policy::allowed_signature_schemes ( ) const

virtualinherited

Definition at line 22 of file tls_policy.cpp.

References Botan::TLS::all_signature_schemes(), Botan::TLS::Policy::allowed_signature_hash(), Botan::TLS::Policy::allowed_signature_method(), Botan::TLS::hash_function_of_scheme(), and Botan::TLS::signature_algorithm_of_scheme().

Referenced by Botan::TLS::Handshake_State::choose_sig_format(), and Botan::TLS::Client_Hello::Client_Hello().

   {
   std::vector<Signature_Scheme> schemes;

   for(Signature_Scheme scheme : all_signature_schemes())
      {
      const bool sig_allowed = allowed_signature_method(signature_algorithm_of_scheme(scheme));
      const bool hash_allowed = allowed_signature_hash(hash_function_of_scheme(scheme));

      if(sig_allowed && hash_allowed)
         {
         schemes.push_back(scheme);
         }
      }

   return schemes;
   }

check_peer_key_acceptable()

void Botan::TLS::Policy::check_peer_key_acceptable ( const Public_Key &  public_key ) const

virtualinherited

Throw an exception if you don't like the peer's key. Default impl checks the key size against minimum_rsa_bits, minimum_ecdsa_group_size, or minimum_ecdh_group_size depending on the key's type. Override if you'd like to perform some other kind of test on (or logging of) the peer's keys.

Definition at line 229 of file tls_policy.cpp.

References Botan::Public_Key::algo_name(), Botan::TLS::Alert::INSUFFICIENT_SECURITY, Botan::Public_Key::key_length(), Botan::TLS::Policy::minimum_dh_group_size(), Botan::TLS::Policy::minimum_dsa_group_size(), Botan::TLS::Policy::minimum_ecdh_group_size(), Botan::TLS::Policy::minimum_ecdsa_group_size(), Botan::TLS::Policy::minimum_rsa_bits(), and Botan::ASN1::to_string().

Referenced by Botan::TLS::Callbacks::tls_dh_agree(), Botan::TLS::Callbacks::tls_ecdh_agree(), Botan::TLS::Certificate_Verify::verify(), and Botan::TLS::Server_Key_Exchange::verify().

   {
   const std::string algo_name = public_key.algo_name();

   const size_t keylength = public_key.key_length();
   size_t expected_keylength = 0;

   if(algo_name == "RSA")
      {
      expected_keylength = minimum_rsa_bits();
      }
   else if(algo_name == "DH")
      {
      expected_keylength = minimum_dh_group_size();
      }
   else if(algo_name == "DSA")
      {
      expected_keylength = minimum_dsa_group_size();
      }
   else if(algo_name == "ECDH" || algo_name == "Curve25519")
      {
      expected_keylength = minimum_ecdh_group_size();
      }
   else if(algo_name == "ECDSA")
      {
      expected_keylength = minimum_ecdsa_group_size();
      }
   // else some other algo, so leave expected_keylength as zero and the check is a no-op

   if(keylength < expected_keylength)
      throw TLS_Exception(Alert::INSUFFICIENT_SECURITY,
                          "Peer sent " + 
                           std::to_string(keylength) + " bit " + algo_name + " key"
                           ", policy requires at least " +
                           std::to_string(expected_keylength));
   }

choose_key_exchange_group()

Group_Params Botan::TLS::Policy::choose_key_exchange_group ( const std::vector< Group_Params > &  peer_groups ) const

virtualinherited

Select a key exchange group to use, from the list of groups sent by the peer. If none are acceptable, return Group_Params::NONE

Definition at line 130 of file tls_policy.cpp.

References Botan::TLS::Policy::key_exchange_groups(), Botan::TLS::NONE, and Botan::value_exists().

Referenced by Botan::TLS::Client_Key_Exchange::Client_Key_Exchange(), and Botan::TLS::Server_Key_Exchange::Server_Key_Exchange().

   {
   if(peer_groups.empty())
      return Group_Params::NONE;

   const std::vector<Group_Params> our_groups = key_exchange_groups();

   for(auto g : our_groups)
      {
      if(value_exists(peer_groups, g))
         return g;
      }

   return Group_Params::NONE;
   }

ciphersuite_list()

std::vector< uint16_t > Botan::TLS::Policy::ciphersuite_list ( Protocol_Version  version, bool  have_srp  ) const

virtualinherited

Return allowed ciphersuites, in order of preference

Definition at line 421 of file tls_policy.cpp.

References Botan::TLS::Policy::acceptable_ciphersuite(), Botan::TLS::Ciphersuite::all_known_ciphersuites(), Botan::TLS::Policy::allowed_ciphers(), Botan::TLS::Policy::allowed_key_exchange_methods(), Botan::TLS::Policy::allowed_macs(), Botan::TLS::Policy::allowed_signature_methods(), Botan::TLS::CECPQ1, Botan::TLS::IMPLICIT, Botan::TLS::Policy::key_exchange_groups(), Botan::TLS::SRP_SHA, Botan::TLS::Protocol_Version::supports_aead_modes(), Botan::value_exists(), and Botan::TLS::X25519.

   {
   const std::vector<std::string> ciphers = allowed_ciphers();
   const std::vector<std::string> macs = allowed_macs();
   const std::vector<std::string> kex = allowed_key_exchange_methods();
   const std::vector<std::string> sigs = allowed_signature_methods();

   std::vector<Ciphersuite> ciphersuites;

   for(auto&& suite : Ciphersuite::all_known_ciphersuites())
      {
      // Can we use it?
      if(suite.valid() == false)
         continue;

      // Is it acceptable to the policy?
      if(!this->acceptable_ciphersuite(suite))
         continue;

      // Are we doing SRP?
      if(!have_srp && suite.kex_method() == Kex_Algo::SRP_SHA)
         continue;

      if(!version.supports_aead_modes())
         {
         // Are we doing AEAD in a non-AEAD version?
         if(suite.mac_algo() == "AEAD")
            continue;

         // Older (v1.0/v1.1) versions also do not support any hash but SHA-1
         if(suite.mac_algo() != "SHA-1")
            continue;
         }

      if(!value_exists(kex, suite.kex_algo()))
         continue; // unsupported key exchange

      if(!value_exists(ciphers, suite.cipher_algo()))
         continue; // unsupported cipher

      if(!value_exists(macs, suite.mac_algo()))
         continue; // unsupported MAC algo

      if(!value_exists(sigs, suite.sig_algo()))
         {
         // allow if it's an empty sig algo and we want to use PSK
         if(suite.auth_method() != Auth_Method::IMPLICIT || !suite.psk_ciphersuite())
            continue;
         }

      /*
      CECPQ1 always uses x25519 for ECDH, so treat the applications
      removal of x25519 from the ECC curve list as equivalent to
      saying they do not trust CECPQ1
      */
      if(suite.kex_method() == Kex_Algo::CECPQ1)
         {
         if(value_exists(key_exchange_groups(), Group_Params::X25519) == false)
            continue;
         }

      // OK, consider it
      ciphersuites.push_back(suite);
      }

   if(ciphersuites.empty())
      {
      throw Invalid_State("Policy does not allow any available cipher suite");
      }

   Ciphersuite_Preference_Ordering order(ciphers, macs, kex, sigs);
   std::sort(ciphersuites.begin(), ciphersuites.end(), order);

   std::vector<uint16_t> ciphersuite_codes;
   for(auto i : ciphersuites)
      ciphersuite_codes.push_back(i.ciphersuite_code());
   return ciphersuite_codes;
   }

default_dh_group()

Group_Params Botan::TLS::Policy::default_dh_group ( ) const

virtualinherited

Definition at line 146 of file tls_policy.cpp.

References Botan::TLS::FFDHE_2048, Botan::TLS::group_param_is_dh(), and Botan::TLS::Policy::key_exchange_groups().

Referenced by Botan::TLS::Server_Key_Exchange::Server_Key_Exchange().

   {
   /*
   * Return the first listed or just default to 2048
   */
   for(auto g : key_exchange_groups())
      {
      if(group_param_is_dh(g))
         return g;
      }

   return Group_Params::FFDHE_2048;
   }

dtls_default_mtu()

size_t Botan::TLS::Text_Policy::dtls_default_mtu ( ) const

overridevirtual

Returns

the default MTU for DTLS

Reimplemented from Botan::TLS::Policy.

Definition at line 182 of file tls_text_policy.cpp.

References Botan::TLS::Policy::dtls_default_mtu(), and get_len().

   {
   return get_len("dtls_default_mtu", Policy::dtls_default_mtu());
   }

dtls_initial_timeout()

size_t Botan::TLS::Text_Policy::dtls_initial_timeout ( ) const

overridevirtual

Returns

the initial timeout for DTLS

Reimplemented from Botan::TLS::Policy.

Definition at line 187 of file tls_text_policy.cpp.

References Botan::TLS::Policy::dtls_initial_timeout(), and get_len().

   {
   return get_len("dtls_initial_timeout", Policy::dtls_initial_timeout());
   }

dtls_maximum_timeout()

size_t Botan::TLS::Text_Policy::dtls_maximum_timeout ( ) const

overridevirtual

Returns

the maximum timeout for DTLS

Reimplemented from Botan::TLS::Policy.

Definition at line 192 of file tls_text_policy.cpp.

References Botan::TLS::Policy::dtls_maximum_timeout(), and get_len().

   {
   return get_len("dtls_maximum_timeout", Policy::dtls_maximum_timeout());
   }

get_bool()

bool Botan::TLS::Text_Policy::get_bool ( const std::string &  key, bool  def  ) const

protected

Definition at line 267 of file tls_text_policy.cpp.

References get_str().

Referenced by allow_client_initiated_renegotiation(), allow_dtls10(), allow_dtls12(), allow_insecure_renegotiation(), allow_server_initiated_renegotiation(), allow_tls10(), allow_tls11(), allow_tls12(), hide_unknown_users(), include_time_in_hello_random(), negotiate_encrypt_then_mac(), require_cert_revocation_info(), send_fallback_scsv(), server_uses_own_ciphersuite_preferences(), support_cert_status_message(), and use_ecc_point_compression().

   {
   const std::string v = get_str(key);

   if(v.empty())
      {
      return def;
      }

   if(v == "true" || v == "True")
      {
      return true;
      }
   else if(v == "false" || v == "False")
      {
      return false;
      }
   else
      {
      throw Decoding_Error("Invalid boolean '" + v + "'");
      }
   }

get_len()

size_t Botan::TLS::Text_Policy::get_len ( const std::string &  key, size_t  def  ) const

protected

Definition at line 255 of file tls_text_policy.cpp.

References get_str(), and Botan::to_u32bit().

Referenced by dtls_default_mtu(), dtls_initial_timeout(), dtls_maximum_timeout(), minimum_dh_group_size(), minimum_ecdh_group_size(), minimum_ecdsa_group_size(), minimum_rsa_bits(), minimum_signature_strength(), and session_ticket_lifetime().

   {
   const std::string v = get_str(key);

   if(v.empty())
      {
      return def;
      }

   return to_u32bit(v);
   }

get_list()

std::vector< std::string > Botan::TLS::Text_Policy::get_list ( const std::string &  key, const std::vector< std::string > &  def  ) const

protected

Definition at line 242 of file tls_text_policy.cpp.

References get_str(), and Botan::split_on().

Referenced by allowed_ciphers(), allowed_key_exchange_methods(), allowed_macs(), allowed_signature_hashes(), allowed_signature_methods(), and srtp_profiles().

   {
   const std::string v = get_str(key);

   if(v.empty())
      {
      return def;
      }

   return split_on(v, ' ');
   }

get_str()

std::string Botan::TLS::Text_Policy::get_str ( const std::string &  key, const std::string &  def = ""  ) const

protected

Definition at line 290 of file tls_text_policy.cpp.

Referenced by get_bool(), get_len(), get_list(), and key_exchange_groups().

   {
   auto i = m_kv.find(key);
   if(i == m_kv.end())
      {
      return def;
      }

   return i->second;
   }

hide_unknown_users()

bool Botan::TLS::Text_Policy::hide_unknown_users ( ) const

overridevirtual

If this function returns false, unknown SRP/PSK identifiers will be rejected with an unknown_psk_identifier alert as soon as the non-existence is identified. Otherwise, a false identifier value will be used and the protocol allowed to proceed, causing the handshake to eventually fail without revealing that the username does not exist on this system.

Reimplemented from Botan::TLS::Policy.

Definition at line 202 of file tls_text_policy.cpp.

References get_bool(), and Botan::TLS::Policy::hide_unknown_users().

   {
   return get_bool("hide_unknown_users", Policy::hide_unknown_users());
   }

include_time_in_hello_random()

bool Botan::TLS::Text_Policy::include_time_in_hello_random ( ) const

overridevirtual

The protocol dictates that the first 32 bits of the random field are the current time in seconds. However this allows client fingerprinting attacks. Set to false to disable, in which case random bytes will be used instead.

Reimplemented from Botan::TLS::Policy.

Definition at line 78 of file tls_text_policy.cpp.

References get_bool(), and Botan::TLS::Policy::include_time_in_hello_random().

   {
   return get_bool("include_time_in_hello_random", Policy::include_time_in_hello_random());
   }

key_exchange_groups()

std::vector< Group_Params > Botan::TLS::Text_Policy::key_exchange_groups ( ) const

overridevirtual

Return list of ECC curves and FFDHE groups we are willing to use in order of preference.

Reimplemented from Botan::TLS::Policy.

Definition at line 108 of file tls_text_policy.cpp.

References get_str(), Botan::TLS::group_param_from_string(), Botan::TLS::Policy::key_exchange_groups(), Botan::TLS::NONE, and Botan::split_on().

   {
   std::string group_str = get_str("key_exchange_groups");

   if(group_str.empty())
      {
      // fall back to previously used name
      group_str = get_str("groups");
      }

   if(group_str.empty())
      {
      return Policy::key_exchange_groups();
      }

   std::vector<Group_Params> groups;
   for(std::string group_name : split_on(group_str, ' '))
      {
      Group_Params group_id = group_param_from_string(group_name);

      if(group_id == Group_Params::NONE)
         {
         try
            {
            size_t consumed = 0;
            unsigned long ll_id = std::stoul(group_name, &consumed, 0);
            if(consumed != group_name.size())
               continue; // some other cruft

            const uint16_t id = static_cast<uint16_t>(ll_id);

            if(id != ll_id)
               continue; // integer too large

            group_id = static_cast<Group_Params>(id);
            }
         catch(...)
            {
            continue;
            }
         }

      if(group_id != Group_Params::NONE)
         groups.push_back(group_id);
      }

   return groups;
   }

latest_supported_version()

Protocol_Version Botan::TLS::Policy::latest_supported_version ( bool  datagram ) const

virtualinherited

Returns the more recent protocol version we are willing to use, for either TLS or DTLS depending on datagram param. Shouldn't ever need to override this unless you want to allow a user to disable use of TLS v1.2 (which is not recommended)

Definition at line 291 of file tls_policy.cpp.

References Botan::TLS::Policy::allow_dtls10(), Botan::TLS::Policy::allow_dtls12(), Botan::TLS::Policy::allow_tls10(), Botan::TLS::Policy::allow_tls11(), Botan::TLS::Policy::allow_tls12(), Botan::TLS::Protocol_Version::DTLS_V10, Botan::TLS::Protocol_Version::DTLS_V12, Botan::TLS::Protocol_Version::TLS_V10, Botan::TLS::Protocol_Version::TLS_V11, and Botan::TLS::Protocol_Version::TLS_V12.

Referenced by Botan::TLS::Policy::send_fallback_scsv().

   {
   if(datagram)
      {
      if(allow_dtls12())
         return Protocol_Version::DTLS_V12;
      if(allow_dtls10())
         return Protocol_Version::DTLS_V10;
      throw Invalid_State("Policy forbids all available DTLS version");
      }
   else
      {
      if(allow_tls12())
         return Protocol_Version::TLS_V12;
      if(allow_tls11())
         return Protocol_Version::TLS_V11;
      if(allow_tls10())
         return Protocol_Version::TLS_V10;
      throw Invalid_State("Policy forbids all available TLS version");
      }
   }

minimum_dh_group_size()

size_t Botan::TLS::Text_Policy::minimum_dh_group_size ( ) const

overridevirtual

Return the minimum DH group size we're willing to use Default is currently 1024 (insecure), should be 2048

Reimplemented from Botan::TLS::Policy.

Definition at line 167 of file tls_text_policy.cpp.

References get_len(), and Botan::TLS::Policy::minimum_dh_group_size().

   {
   return get_len("minimum_dh_group_size", Policy::minimum_dh_group_size());
   }

minimum_dsa_group_size()

size_t Botan::TLS::Policy::minimum_dsa_group_size ( ) const

virtualinherited

Minimum DSA group size, default 2048 bits

Reimplemented in Botan::TLS::BSI_TR_02102_2.

Definition at line 223 of file tls_policy.cpp.

Referenced by Botan::TLS::Policy::check_peer_key_acceptable().

   {
   // FIPS 186-3
   return 2048;
   }

minimum_ecdh_group_size()

size_t Botan::TLS::Text_Policy::minimum_ecdh_group_size ( ) const

overridevirtual

Return the minimum ECDH group size we're willing to use for key exchange

Default 255, allowing x25519 and larger x25519 is the smallest curve we will negotiate P-521 is the largest

Reimplemented from Botan::TLS::Policy.

Definition at line 157 of file tls_text_policy.cpp.

References get_len(), and Botan::TLS::Policy::minimum_ecdh_group_size().

   {
   return get_len("minimum_ecdh_group_size", Policy::minimum_ecdh_group_size());
   }

minimum_ecdsa_group_size()

size_t Botan::TLS::Text_Policy::minimum_ecdsa_group_size ( ) const

overridevirtual

For ECDSA authenticated ciphersuites, the smallest key size the client will accept. This policy is currently only enforced on the server by the client.

Reimplemented from Botan::TLS::Policy.

Definition at line 162 of file tls_text_policy.cpp.

References get_len(), and Botan::TLS::Policy::minimum_ecdsa_group_size().

   {
   return get_len("minimum_ecdsa_group_size", Policy::minimum_ecdsa_group_size());
   }

minimum_rsa_bits()

size_t Botan::TLS::Text_Policy::minimum_rsa_bits ( ) const

overridevirtual

Return the minimum bit size we're willing to accept for RSA key exchange or server signatures.

It does not place any requirements on the size of any RSA signature(s) which were used to check the server certificate. This is only concerned with the server's public key.

Default is 2048 which is smallest RSA key size still secure for medium term security.

Reimplemented from Botan::TLS::Policy.

Definition at line 172 of file tls_text_policy.cpp.

References get_len(), and Botan::TLS::Policy::minimum_rsa_bits().

   {
   return get_len("minimum_rsa_bits", Policy::minimum_rsa_bits());
   }

minimum_signature_strength()

size_t Botan::TLS::Text_Policy::minimum_signature_strength ( ) const

overridevirtual

The minimum signature strength we will accept Returning 80 allows RSA 1024 and SHA-1. Values larger than 80 disable SHA-1 support. Returning 110 allows RSA 2048. Return 128 to force ECC (P-256) or large (~3000 bit) RSA keys. Default is 110

Reimplemented from Botan::TLS::Policy.

Definition at line 177 of file tls_text_policy.cpp.

References get_len(), and Botan::TLS::Policy::minimum_signature_strength().

   {
   return get_len("minimum_signature_strength", Policy::minimum_signature_strength());
   }

negotiate_encrypt_then_mac()

bool Botan::TLS::Text_Policy::negotiate_encrypt_then_mac ( ) const

overridevirtual

Indicates whether the encrypt-then-MAC extension should be negotiated (RFC 7366)

Reimplemented from Botan::TLS::Policy.

Definition at line 98 of file tls_text_policy.cpp.

References get_bool(), and Botan::TLS::Policy::negotiate_encrypt_then_mac().

   {
   return get_bool("negotiate_encrypt_then_mac", Policy::negotiate_encrypt_then_mac());
   }

print()

void Botan::TLS::Policy::print ( std::ostream &  o ) const

virtualinherited

Convert this policy to a printable format.

Parameters

o	stream to be printed to

Definition at line 539 of file tls_policy.cpp.

References Botan::TLS::Policy::allow_dtls10(), Botan::TLS::Policy::allow_dtls12(), Botan::TLS::Policy::allow_insecure_renegotiation(), Botan::TLS::Policy::allow_server_initiated_renegotiation(), Botan::TLS::Policy::allow_tls10(), Botan::TLS::Policy::allow_tls11(), Botan::TLS::Policy::allow_tls12(), Botan::TLS::Policy::allowed_ciphers(), Botan::TLS::Policy::allowed_key_exchange_methods(), Botan::TLS::Policy::allowed_macs(), Botan::TLS::Policy::allowed_signature_hashes(), Botan::TLS::Policy::allowed_signature_methods(), Botan::TLS::Policy::hide_unknown_users(), Botan::TLS::Policy::include_time_in_hello_random(), Botan::TLS::Policy::key_exchange_groups(), Botan::TLS::Policy::minimum_dh_group_size(), Botan::TLS::Policy::minimum_ecdh_group_size(), Botan::TLS::Policy::minimum_rsa_bits(), Botan::TLS::Policy::minimum_signature_strength(), Botan::TLS::Policy::negotiate_encrypt_then_mac(), Botan::TLS::Policy::server_uses_own_ciphersuite_preferences(), Botan::TLS::Policy::session_ticket_lifetime(), and Botan::TLS::Policy::support_cert_status_message().

Referenced by Botan::TLS::Policy::to_string().

   {
   print_bool(o, "allow_tls10", allow_tls10());
   print_bool(o, "allow_tls11", allow_tls11());
   print_bool(o, "allow_tls12", allow_tls12());
   print_bool(o, "allow_dtls10", allow_dtls10());
   print_bool(o, "allow_dtls12", allow_dtls12());
   print_vec(o, "ciphers", allowed_ciphers());
   print_vec(o, "macs", allowed_macs());
   print_vec(o, "signature_hashes", allowed_signature_hashes());
   print_vec(o, "signature_methods", allowed_signature_methods());
   print_vec(o, "key_exchange_methods", allowed_key_exchange_methods());
   print_vec(o, "key_exchange_groups", key_exchange_groups());

   print_bool(o, "allow_insecure_renegotiation", allow_insecure_renegotiation());
   print_bool(o, "include_time_in_hello_random", include_time_in_hello_random());
   print_bool(o, "allow_server_initiated_renegotiation", allow_server_initiated_renegotiation());
   print_bool(o, "hide_unknown_users", hide_unknown_users());
   print_bool(o, "server_uses_own_ciphersuite_preferences", server_uses_own_ciphersuite_preferences());
   print_bool(o, "negotiate_encrypt_then_mac", negotiate_encrypt_then_mac());
   print_bool(o, "support_cert_status_message", support_cert_status_message());
   o << "session_ticket_lifetime = " << session_ticket_lifetime() << '\n';
   o << "minimum_dh_group_size = " << minimum_dh_group_size() << '\n';
   o << "minimum_ecdh_group_size = " << minimum_ecdh_group_size() << '\n';
   o << "minimum_rsa_bits = " << minimum_rsa_bits() << '\n';
   o << "minimum_signature_strength = " << minimum_signature_strength() << '\n';
   }

require_cert_revocation_info()

bool Botan::TLS::Text_Policy::require_cert_revocation_info ( ) const

overridevirtual

Return if cert revocation info (CRL/OCSP) is required If true, validation will fail unless a valid CRL or OCSP response was examined.

Reimplemented from Botan::TLS::Policy.

Definition at line 197 of file tls_text_policy.cpp.

References get_bool(), and Botan::TLS::Policy::require_cert_revocation_info().

   {
   return get_bool("require_cert_revocation_info", Policy::require_cert_revocation_info());
   }

send_fallback_scsv()

bool Botan::TLS::Text_Policy::send_fallback_scsv ( Protocol_Version  version ) const

overridevirtual

When offering this version, should we send a fallback SCSV? Default returns true iff version is not the latest version the policy allows, exists to allow override in case of interop problems.

Reimplemented from Botan::TLS::Policy.

Definition at line 212 of file tls_text_policy.cpp.

References get_bool(), and Botan::TLS::Policy::send_fallback_scsv().

   {
   return get_bool("send_fallback_scsv", false) ? Policy::send_fallback_scsv(version) : false;
   }

server_uses_own_ciphersuite_preferences()

bool Botan::TLS::Text_Policy::server_uses_own_ciphersuite_preferences ( ) const

overridevirtual

Returns

true if servers should choose the ciphersuite matching their highest preference, rather than the clients. Has no effect on client side.

Reimplemented from Botan::TLS::Policy.

Definition at line 93 of file tls_text_policy.cpp.

References get_bool(), and Botan::TLS::Policy::server_uses_own_ciphersuite_preferences().

   {
   return get_bool("server_uses_own_ciphersuite_preferences", Policy::server_uses_own_ciphersuite_preferences());
   }

session_ticket_lifetime()

uint32_t Botan::TLS::Text_Policy::session_ticket_lifetime ( ) const

overridevirtual

Return the allowed lifetime of a session ticket. If 0, session tickets do not expire until the session ticket key rolls over. Expired session tickets cannot be used to resume a session.

Reimplemented from Botan::TLS::Policy.

Definition at line 207 of file tls_text_policy.cpp.

References get_len(), and Botan::TLS::Policy::session_ticket_lifetime().

   {
   return static_cast<uint32_t>(get_len("session_ticket_lifetime", Policy::session_ticket_lifetime()));
   }

set()

void Botan::TLS::Text_Policy::set	(	const std::string &	k,
		const std::string &	v
	)

Definition at line 227 of file tls_text_policy.cpp.

   {
   m_kv[k] = v;
   }

set_value()

bool Botan::TLS::Text_Policy::set_value ( const std::string &  key, const std::string &  val, bool  overwrite  )

protected

Definition at line 301 of file tls_text_policy.cpp.

   {
   auto i = m_kv.find(key);

   if(overwrite == false && i != m_kv.end())
      return false;

   m_kv.insert(i, std::make_pair(key, val));
   return true;
   }

srtp_profiles()

std::vector< uint16_t > Botan::TLS::Text_Policy::srtp_profiles ( ) const

overridevirtual

If this returns a non-empty vector, and DTLS is negotiated, then we will also attempt to negotiate the SRTP extension from RFC 5764 using the returned values as the profile ids.

Reimplemented from Botan::TLS::Policy.

Definition at line 217 of file tls_text_policy.cpp.

References get_list(), and Botan::to_uint16().

   {
   std::vector<uint16_t> r;
   for(std::string p : get_list("srtp_profiles", std::vector<std::string>()))
      {
      r.push_back(to_uint16(p));
      }
   return r;
   }

support_cert_status_message()

bool Botan::TLS::Text_Policy::support_cert_status_message ( ) const

overridevirtual

Indicates whether certificate status messages should be supported

Reimplemented from Botan::TLS::Policy.

Definition at line 103 of file tls_text_policy.cpp.

References get_bool(), and Botan::TLS::Policy::support_cert_status_message().

   {
   return get_bool("support_cert_status_message", Policy::support_cert_status_message());
   }

to_string()

std::string Botan::TLS::Policy::to_string ( ) const

inherited

Convert this policy to a printable format. Same as calling print on a ostringstream and reading o.str()

Definition at line 567 of file tls_policy.cpp.

References Botan::TLS::Policy::print().

   {
   std::ostringstream oss;
   this->print(oss);
   return oss.str();
   }

use_ecc_point_compression()

bool Botan::TLS::Text_Policy::use_ecc_point_compression ( ) const

overridevirtual

Request that ECC curve points are sent compressed

Reimplemented from Botan::TLS::Policy.

Definition at line 43 of file tls_text_policy.cpp.

References get_bool(), and Botan::TLS::Policy::use_ecc_point_compression().

   {
   return get_bool("use_ecc_point_compression", Policy::use_ecc_point_compression());
   }

---

The documentation for this class was generated from the following files:

• src/lib/tls/tls_policy.h
• src/lib/tls/tls_text_policy.cpp