Botan  2.4.0
Crypto and TLS for C++11
Public Member Functions | List of all members
Botan::TLS::Certificate_Req Class Referencefinal

#include <tls_messages.h>

Inheritance diagram for Botan::TLS::Certificate_Req:
Botan::TLS::Handshake_Message

Public Member Functions

std::vector< X509_DNacceptable_CAs () const
 
const std::vector< std::string > & acceptable_cert_types () const
 
 Certificate_Req (Handshake_IO &io, Handshake_Hash &hash, const Policy &policy, const std::vector< X509_DN > &allowed_cas, Protocol_Version version)
 
 Certificate_Req (const std::vector< uint8_t > &buf, Protocol_Version version)
 
std::vector< std::pair< std::string, std::string > > supported_algos () const
 
Handshake_Type type () const override
 
std::string type_string () const
 

Detailed Description

Certificate Request Message

Definition at line 404 of file tls_messages.h.

Constructor & Destructor Documentation

◆ Certificate_Req() [1/2]

Botan::TLS::Certificate_Req::Certificate_Req ( Handshake_IO io,
Handshake_Hash hash,
const Policy policy,
const std::vector< X509_DN > &  ca_certs,
Protocol_Version  version 
)

Create a new Certificate Request message

Definition at line 54 of file msg_cert_req.cpp.

References hash.

58  :
59  m_names(ca_certs),
60  m_cert_key_types({ "RSA", "DSA", "ECDSA" })
61  {
62  if(version.supports_negotiable_signature_algorithms())
63  {
64  std::vector<std::string> hashes = policy.allowed_signature_hashes();
65  std::vector<std::string> sigs = policy.allowed_signature_methods();
66 
67  for(size_t i = 0; i != hashes.size(); ++i)
68  for(size_t j = 0; j != sigs.size(); ++j)
69  m_supported_algos.push_back(std::make_pair(hashes[i], sigs[j]));
70  }
71 
72  hash.update(io.send(*this));
73  }
MechanismType hash

◆ Certificate_Req() [2/2]

Botan::TLS::Certificate_Req::Certificate_Req ( const std::vector< uint8_t > &  buf,
Protocol_Version  version 
)

Deserialize a Certificate Request message

Definition at line 78 of file msg_cert_req.cpp.

References Botan::TLS::append_tls_length_value(), Botan::DER_Encoder::encode(), Botan::DER_Encoder::get_contents(), Botan::TLS::TLS_Data_Reader::get_range_vector(), Botan::TLS::TLS_Data_Reader::get_uint16_t(), Botan::TLS::TLS_Data_Reader::has_remaining(), hash, Botan::TLS::Signature_Algorithms::hash_algo_name(), Botan::TLS::TLS_Data_Reader::remaining_bytes(), Botan::TLS::Signature_Algorithms::serialize(), Botan::TLS::Signature_Algorithms::sig_algo_name(), and Botan::TLS::Protocol_Version::supports_negotiable_signature_algorithms().

80  {
81  if(buf.size() < 4)
82  throw Decoding_Error("Certificate_Req: Bad certificate request");
83 
84  TLS_Data_Reader reader("CertificateRequest", buf);
85 
86  std::vector<uint8_t> cert_type_codes = reader.get_range_vector<uint8_t>(1, 1, 255);
87 
88  for(size_t i = 0; i != cert_type_codes.size(); ++i)
89  {
90  const std::string cert_type_name = cert_type_code_to_name(cert_type_codes[i]);
91 
92  if(cert_type_name.empty()) // something we don't know
93  continue;
94 
95  m_cert_key_types.push_back(cert_type_name);
96  }
97 
98  if(version.supports_negotiable_signature_algorithms())
99  {
100  std::vector<uint8_t> sig_hash_algs = reader.get_range_vector<uint8_t>(2, 2, 65534);
101 
102  if(sig_hash_algs.size() % 2 != 0)
103  throw Decoding_Error("Bad length for signature IDs in certificate request");
104 
105  for(size_t i = 0; i != sig_hash_algs.size(); i += 2)
106  {
107  std::string hash = Signature_Algorithms::hash_algo_name(sig_hash_algs[i]);
108  std::string sig = Signature_Algorithms::sig_algo_name(sig_hash_algs[i+1]);
109  m_supported_algos.push_back(std::make_pair(hash, sig));
110  }
111  }
112 
113  const uint16_t purported_size = reader.get_uint16_t();
114 
115  if(reader.remaining_bytes() != purported_size)
116  throw Decoding_Error("Inconsistent length in certificate request");
117 
118  while(reader.has_remaining())
119  {
120  std::vector<uint8_t> name_bits = reader.get_range_vector<uint8_t>(2, 0, 65535);
121 
122  BER_Decoder decoder(name_bits.data(), name_bits.size());
123  X509_DN name;
124  decoder.decode(name);
125  m_names.push_back(name);
126  }
127  }
static std::string sig_algo_name(uint8_t code)
MechanismType hash
static std::string hash_algo_name(uint8_t code)

Member Function Documentation

◆ acceptable_CAs()

std::vector<X509_DN> Botan::TLS::Certificate_Req::acceptable_CAs ( ) const
inline

Definition at line 412 of file tls_messages.h.

412 { return m_names; }

◆ acceptable_cert_types()

const std::vector<std::string>& Botan::TLS::Certificate_Req::acceptable_cert_types ( ) const
inline

Definition at line 409 of file tls_messages.h.

410  { return m_cert_key_types; }

◆ supported_algos()

std::vector<std::pair<std::string, std::string> > Botan::TLS::Certificate_Req::supported_algos ( ) const
inline

Definition at line 414 of file tls_messages.h.

References hash.

Referenced by Botan::TLS::Handshake_State::choose_sig_format(), and Botan::TLS::Handshake_State::parse_sig_format().

415  { return m_supported_algos; }

◆ type()

Handshake_Type Botan::TLS::Certificate_Req::type ( ) const
inlineoverridevirtual
Returns
the message type

Implements Botan::TLS::Handshake_Message.

Definition at line 407 of file tls_messages.h.

References Botan::TLS::CERTIFICATE_REQUEST.

◆ type_string()

std::string Botan::TLS::Handshake_Message::type_string ( ) const
inherited
Returns
string representation of this message type

Definition at line 19 of file tls_handshake_state.cpp.

References Botan::TLS::handshake_type_to_string(), and Botan::TLS::Handshake_Message::type().

20  {
22  }
virtual Handshake_Type type() const =0
const char * handshake_type_to_string(Handshake_Type type)

The documentation for this class was generated from the following files: