38 virtual std::vector<std::string> allowed_ciphers()
const;
44 virtual std::vector<std::string> allowed_signature_hashes()
const;
49 virtual std::vector<std::string> allowed_macs()
const;
56 virtual std::vector<std::string> allowed_key_exchange_methods()
const;
62 virtual std::vector<std::string> allowed_signature_methods()
const;
64 virtual std::vector<Signature_Scheme> allowed_signature_schemes()
const;
69 virtual std::vector<Signature_Scheme> acceptable_signature_schemes()
const;
71 virtual std::optional<std::vector<Signature_Scheme>> acceptable_certificate_signature_schemes()
const;
80 virtual size_t minimum_signature_strength()
const;
87 virtual bool require_cert_revocation_info()
const;
89 bool allowed_signature_method(std::string_view sig_method)
const;
90 bool allowed_signature_hash(std::string_view hash)
const;
96 virtual std::vector<Group_Params> key_exchange_groups()
const;
108 virtual std::vector<Group_Params> key_exchange_groups_to_offer()
const;
119 virtual bool use_ecc_point_compression()
const;
131 virtual Group_Params choose_key_exchange_group(
const std::vector<Group_Params>& supported_by_peer,
132 const std::vector<Group_Params>& offered_by_peer)
const;
143 virtual bool allow_insecure_renegotiation()
const;
151 virtual bool include_time_in_hello_random()
const;
158 virtual bool allow_client_initiated_renegotiation()
const;
165 virtual bool allow_server_initiated_renegotiation()
const;
173 virtual bool abort_connection_on_undesired_renegotiation()
const;
175 virtual bool only_resume_with_exact_version()
const;
180 virtual bool allow_tls12()
const;
185 virtual bool allow_tls13()
const;
190 virtual bool allow_dtls12()
const;
201 virtual size_t minimum_dh_group_size()
const;
208 virtual size_t minimum_ecdsa_group_size()
const;
218 virtual size_t minimum_ecdh_group_size()
const;
231 virtual size_t minimum_rsa_bits()
const;
240 virtual void check_peer_key_acceptable(
const Public_Key& public_key)
const;
250 virtual bool hide_unknown_users()
const;
262 virtual size_t maximum_session_tickets_per_client_hello()
const;
271 virtual std::chrono::seconds session_ticket_lifetime()
const;
280 virtual bool reuse_session_tickets()
const;
292 virtual size_t new_session_tickets_upon_handshake_success()
const;
299 virtual std::vector<uint16_t> srtp_profiles()
const;
319 virtual bool acceptable_ciphersuite(
const Ciphersuite& suite)
const;
326 virtual bool server_uses_own_ciphersuite_preferences()
const;
334 virtual bool negotiate_encrypt_then_mac()
const;
348 virtual std::optional<uint16_t> record_size_limit()
const;
353 virtual bool support_cert_status_message()
const;
360 virtual bool require_client_certificate_authentication()
const;
366 virtual bool request_client_certificate_authentication()
const;
377 virtual std::vector<Certificate_Type> accepted_client_certificate_types()
const;
388 virtual std::vector<Certificate_Type> accepted_server_certificate_types()
const;
394 virtual bool allow_dtls_epoch0_restart()
const;
403 virtual std::vector<uint16_t> ciphersuite_list(
Protocol_Version version)
const;
408 virtual size_t dtls_default_mtu()
const;
413 virtual size_t dtls_initial_timeout()
const;
418 virtual size_t dtls_maximum_timeout()
const;
424 virtual size_t maximum_certificate_chain_size()
const;
429 virtual bool allow_resumption_for_renegotiation()
const;
441 virtual bool tls_13_middlebox_compatibility_mode()
const;
450 virtual bool hash_hello_random()
const;
456 virtual void print(std::ostream& o)
const;
462 std::string to_string()
const;
632 std::vector<std::string> allowed_ciphers()
const override;
634 std::vector<std::string> allowed_signature_hashes()
const override;
636 std::vector<std::string> allowed_macs()
const override;
638 std::vector<std::string> allowed_key_exchange_methods()
const override;
640 std::vector<std::string> allowed_signature_methods()
const override;
642 std::vector<Group_Params> key_exchange_groups()
const override;
644 std::vector<Group_Params> key_exchange_groups_to_offer()
const override;
646 bool use_ecc_point_compression()
const override;
648 bool allow_tls12()
const override;
650 bool allow_tls13()
const override;
652 bool allow_dtls12()
const override;
654 bool allow_insecure_renegotiation()
const override;
656 bool include_time_in_hello_random()
const override;
658 bool allow_client_initiated_renegotiation()
const override;
659 bool allow_server_initiated_renegotiation()
const override;
661 bool server_uses_own_ciphersuite_preferences()
const override;
663 bool negotiate_encrypt_then_mac()
const override;
665 std::optional<uint16_t> record_size_limit()
const override;
667 bool support_cert_status_message()
const override;
669 bool require_client_certificate_authentication()
const override;
671 std::vector<Certificate_Type> accepted_client_certificate_types()
const override;
672 std::vector<Certificate_Type> accepted_server_certificate_types()
const override;
674 size_t minimum_ecdh_group_size()
const override;
676 size_t minimum_ecdsa_group_size()
const override;
678 size_t minimum_dh_group_size()
const override;
680 size_t minimum_rsa_bits()
const override;
682 size_t minimum_signature_strength()
const override;
684 size_t dtls_default_mtu()
const override;
686 size_t dtls_initial_timeout()
const override;
688 size_t dtls_maximum_timeout()
const override;
690 bool require_cert_revocation_info()
const override;
692 bool hide_unknown_users()
const override;
694 size_t maximum_session_tickets_per_client_hello()
const override;
696 std::chrono::seconds session_ticket_lifetime()
const override;
698 bool reuse_session_tickets()
const override;
700 size_t new_session_tickets_upon_handshake_success()
const override;
702 bool tls_13_middlebox_compatibility_mode()
const override;
704 bool hash_hello_random()
const override;
706 std::vector<uint16_t> srtp_profiles()
const override;
708 void set(
const std::string& key,
const std::string& value);
715 std::vector<std::string> get_list(
const std::string& key,
const std::vector<std::string>& def)
const;
717 std::vector<Group_Params> read_group_list(std::string_view group_str)
const;
718 std::vector<Certificate_Type> read_cert_type_list(
const std::string& cert_type_str)
const;
720 size_t get_len(
const std::string& key,
size_t def)
const;
722 std::chrono::seconds get_duration(
const std::string& key, std::chrono::seconds def)
const;
724 bool get_bool(
const std::string& key,
bool def)
const;
726 std::string get_str(
const std::string& key,
const std::string& def =
"")
const;
728 bool set_value(
const std::string& key, std::string_view val,
bool overwrite);
731 std::map<std::string, std::string> m_kv;