Botan 3.5.0
Crypto and TLS for C&
|
#include <tls_messages.h>
Classes | |
class | Certificate_Entry |
Public Member Functions | |
std::vector< X509_Certificate > | cert_chain () const |
Certificate_13 (const Certificate_Request_13 &cert_request, std::string_view hostname, Credentials_Manager &credentials_manager, Callbacks &callbacks, Certificate_Type cert_type) | |
Certificate_13 (const Client_Hello_13 &client_hello, Credentials_Manager &credentials_manager, Callbacks &callbacks, Certificate_Type cert_type) | |
Certificate_13 (const std::vector< uint8_t > &buf, const Policy &policy, Connection_Side side, Certificate_Type cert_type) | |
size_t | count () const |
bool | empty () const |
bool | has_certificate_chain () const |
bool | is_raw_public_key () const |
const X509_Certificate & | leaf () const |
std::shared_ptr< const Public_Key > | public_key () const |
const std::vector< uint8_t > & | request_context () const |
std::vector< uint8_t > | serialize () const override |
Handshake_Type | type () const override |
std::string | type_string () const |
void | validate_extensions (const std::set< Extension_Code > &requested_extensions, Callbacks &cb) const |
void | verify (Callbacks &callbacks, const Policy &policy, Credentials_Manager &creds, std::string_view hostname, bool use_ocsp) const |
virtual Handshake_Type | wire_type () const |
Certificate Message of TLS 1.3
Definition at line 549 of file tls_messages.h.
Botan::TLS::Certificate_13::Certificate_13 | ( | const Certificate_Request_13 & | cert_request, |
std::string_view | hostname, | ||
Credentials_Manager & | credentials_manager, | ||
Callbacks & | callbacks, | ||
Certificate_Type | cert_type ) |
Create a Client Certificate message ... in response to a Certificate Request message.
Create a Client Certificate message
Definition at line 188 of file msg_certificate_13.cpp.
References Botan::TLS::Certificate_Request_13::acceptable_CAs(), Botan::TLS::Certificate_Request_13::certificate_signature_schemes(), Botan::TLS::Certificate_Request_13::extensions(), Botan::Credentials_Manager::find_cert_chain(), Botan::Credentials_Manager::find_raw_public_key(), Botan::TLS::Extensions::get(), Botan::TLS::RawPublicKey, Botan::TLS::Certificate_Request_13::signature_schemes(), Botan::TLS::to_algorithm_identifiers(), and Botan::TLS::X509.
Botan::TLS::Certificate_13::Certificate_13 | ( | const Client_Hello_13 & | client_hello, |
Credentials_Manager & | credentials_manager, | ||
Callbacks & | callbacks, | ||
Certificate_Type | cert_type ) |
Create a Server Certificate message ... in response to a Client Hello indicating the need to authenticate with a server certificate.
Create a Server Certificate message
Definition at line 225 of file msg_certificate_13.cpp.
References BOTAN_ASSERT_NOMSG, cert_chain(), Botan::TLS::Client_Hello::certificate_signature_schemes(), Botan::TLS::Client_Hello::extensions(), Botan::Credentials_Manager::find_cert_chain(), Botan::Credentials_Manager::find_raw_public_key(), Botan::TLS::Extensions::get(), Botan::TLS::Extensions::has(), Botan::TLS::RawPublicKey, Botan::TLS::Client_Hello::signature_schemes(), Botan::TLS::Client_Hello::sni_hostname(), Botan::TLS::to_algorithm_identifiers(), and Botan::TLS::X509.
Botan::TLS::Certificate_13::Certificate_13 | ( | const std::vector< uint8_t > & | buf, |
const Policy & | policy, | ||
Connection_Side | side, | ||
Certificate_Type | cert_type ) |
Deserialize a Certificate message
buf | the serialized message |
policy | the TLS policy |
side | is this a Connection_Side::Server or Connection_Side::Client certificate message |
cert_type | is the certificate type that was negotiated during the handshake |
Deserialize a Certificate message
Definition at line 345 of file msg_certificate_13.cpp.
References Botan::TLS::Policy::allowed_signature_method(), BOTAN_ASSERT_NOMSG, Botan::TLS::Policy::check_peer_key_acceptable(), Botan::TLS::TLS_Data_Reader::get_range(), Botan::TLS::TLS_Data_Reader::get_uint24_t(), Botan::TLS::TLS_Data_Reader::has_remaining(), Botan::TLS::Policy::maximum_certificate_chain_size(), public_key(), Botan::TLS::RawPublicKey, Botan::TLS::TLS_Data_Reader::remaining_bytes(), Botan::TLS::Server, and Botan::TLS::X509.
std::vector< X509_Certificate > Botan::TLS::Certificate_13::cert_chain | ( | ) | const |
Definition at line 67 of file msg_certificate_13.cpp.
References BOTAN_STATE_CHECK, and has_certificate_chain().
Referenced by Certificate_13(), Botan::TLS::Client_Impl_13::peer_cert_chain(), and Botan::TLS::Server_Impl_13::peer_cert_chain().
|
inline |
Definition at line 582 of file tls_messages.h.
|
inline |
Definition at line 584 of file tls_messages.h.
Referenced by Botan::TLS::Certificate_Verify_13::Certificate_Verify_13(), has_certificate_chain(), is_raw_public_key(), leaf(), and public_key().
bool Botan::TLS::Certificate_13::has_certificate_chain | ( | ) | const |
Definition at line 59 of file msg_certificate_13.cpp.
References empty().
Referenced by cert_chain(), Botan::TLS::Certificate_Verify_13::Certificate_Verify_13(), is_raw_public_key(), Botan::TLS::Client_Impl_13::peer_cert_chain(), and Botan::TLS::Server_Impl_13::peer_cert_chain().
bool Botan::TLS::Certificate_13::is_raw_public_key | ( | ) | const |
Definition at line 63 of file msg_certificate_13.cpp.
References empty(), and has_certificate_chain().
Referenced by Botan::TLS::Client_Impl_13::peer_raw_public_key(), Botan::TLS::Server_Impl_13::peer_raw_public_key(), and verify().
const X509_Certificate & Botan::TLS::Certificate_13::leaf | ( | ) | const |
Definition at line 96 of file msg_certificate_13.cpp.
References BOTAN_STATE_CHECK, and empty().
Referenced by Botan::TLS::Certificate_Verify_13::Certificate_Verify_13().
std::shared_ptr< const Public_Key > Botan::TLS::Certificate_13::public_key | ( | ) | const |
Definition at line 91 of file msg_certificate_13.cpp.
References BOTAN_STATE_CHECK, and empty().
Referenced by Certificate_13(), Botan::TLS::Certificate_Verify_13::Certificate_Verify_13(), Botan::TLS::Client_Impl_13::peer_raw_public_key(), Botan::TLS::Server_Impl_13::peer_raw_public_key(), and verify().
|
inline |
Definition at line 589 of file tls_messages.h.
|
overridevirtual |
Serialize a Certificate message
Implements Botan::TLS::Handshake_Message.
Definition at line 425 of file msg_certificate_13.cpp.
References Botan::TLS::append_tls_length_value().
|
inlineoverridevirtual |
Implements Botan::TLS::Handshake_Message.
Definition at line 575 of file tls_messages.h.
Referenced by validate_extensions().
|
inherited |
Definition at line 19 of file tls_handshake_state.cpp.
References Botan::TLS::handshake_type_to_string(), and Botan::TLS::Handshake_Message::type().
void Botan::TLS::Certificate_13::validate_extensions | ( | const std::set< Extension_Code > & | requested_extensions, |
Callbacks & | cb ) const |
Validate a Certificate message regarding what extensions are expected based on previous handshake messages. Also call the tls_examine_extenions() callback for each entry.
requested_extensions | Extensions of Client_Hello or Certificate_Request messages |
cb | Callback that will be called for each extension. |
Definition at line 76 of file msg_certificate_13.cpp.
References Botan::TLS::Callbacks::tls_examine_extensions(), and type().
void Botan::TLS::Certificate_13::verify | ( | Callbacks & | callbacks, |
const Policy & | policy, | ||
Credentials_Manager & | creds, | ||
std::string_view | hostname, | ||
bool | use_ocsp ) const |
Verify the certificate chain
if | verification fails. |
Definition at line 101 of file msg_certificate_13.cpp.
References Botan::TLS::Client, is_raw_public_key(), public_key(), Botan::TLS_CLIENT_AUTH, Botan::TLS_SERVER_AUTH, and Botan::TLS::Callbacks::tls_verify_raw_public_key().
|
inlinevirtualinherited |
Reimplemented in Botan::TLS::Hello_Retry_Request.
Definition at line 39 of file tls_handshake_msg.h.
Referenced by Botan::TLS::Stream_Handshake_IO::send().