Botan  1.10.9
tls_policy.h
Go to the documentation of this file.
1 /*
2 * Policies
3 * (C) 2004-2006 Jack Lloyd
4 *
5 * Released under the terms of the Botan license
6 */
7 
8 #ifndef BOTAN_TLS_POLICY_H__
9 #define BOTAN_TLS_POLICY_H__
10 
11 #include <botan/tls_magic.h>
12 #include <botan/x509cert.h>
13 #include <botan/dl_group.h>
14 #include <vector>
15 
16 namespace Botan {
17 
18 /**
19 * TLS Policy Base Class
20 * Inherit and overload as desired to suite local policy concerns
21 */
22 class BOTAN_DLL TLS_Policy
23  {
24  public:
25  std::vector<u16bit> ciphersuites() const;
26  virtual std::vector<byte> compression() const;
27 
28  virtual u16bit choose_suite(const std::vector<u16bit>& client_suites,
29  bool rsa_ok,
30  bool dsa_ok) const;
31 
32  virtual byte choose_compression(const std::vector<byte>& client) const;
33 
34  virtual bool allow_static_rsa() const { return true; }
35  virtual bool allow_edh_rsa() const { return true; }
36  virtual bool allow_edh_dsa() const { return true; }
37  virtual bool require_client_auth() const { return false; }
38 
39  virtual DL_Group dh_group() const;
40  virtual size_t rsa_export_keysize() const { return 512; }
41 
42  /*
43  * @return the minimum version that we will negotiate
44  */
45  virtual Version_Code min_version() const { return TLS_V10; }
46 
47  /*
48  * @return the version we would prefer to negotiate
49  */
50  virtual Version_Code pref_version() const { return TLS_V11; }
51 
52  virtual bool check_cert(const std::vector<X509_Certificate>& cert_chain) const = 0;
53 
54  virtual ~TLS_Policy() {}
55  private:
56  virtual std::vector<u16bit> suite_list(bool use_rsa,
57  bool use_edh_rsa,
58  bool use_edh_dsa) const;
59  };
60 
61 }
62 
63 #endif
virtual bool require_client_auth() const
Definition: tls_policy.h:37
virtual Version_Code pref_version() const
Definition: tls_policy.h:50
virtual Version_Code min_version() const
Definition: tls_policy.h:45
virtual bool allow_edh_rsa() const
Definition: tls_policy.h:35
virtual bool allow_edh_dsa() const
Definition: tls_policy.h:36
unsigned char byte
Definition: types.h:22
unsigned short u16bit
Definition: types.h:27
virtual bool allow_static_rsa() const
Definition: tls_policy.h:34
Version_Code
Definition: tls_magic.h:22
virtual size_t rsa_export_keysize() const
Definition: tls_policy.h:40
virtual ~TLS_Policy()
Definition: tls_policy.h:54