Botan  2.4.0
Crypto and TLS for C++11
Public Member Functions | Static Public Member Functions | List of all members
Botan::TLS::Signature_Algorithms Class Referencefinal

#include <tls_extensions.h>

Inheritance diagram for Botan::TLS::Signature_Algorithms:
Botan::TLS::Extension

Public Member Functions

bool empty () const override
 
std::vector< uint8_t > serialize () const override
 
 Signature_Algorithms (const std::vector< std::string > &hashes, const std::vector< std::string > &sig_algos)
 
 Signature_Algorithms (const std::vector< std::pair< std::string, std::string >> &algos)
 
 Signature_Algorithms (TLS_Data_Reader &reader, uint16_t extension_size)
 
const std::vector< std::pair< std::string, std::string > > & supported_signature_algorthms () const
 
Handshake_Extension_Type type () const override
 

Static Public Member Functions

static uint8_t hash_algo_code (const std::string &name)
 
static std::string hash_algo_name (uint8_t code)
 
static uint8_t sig_algo_code (const std::string &name)
 
static std::string sig_algo_name (uint8_t code)
 
static Handshake_Extension_Type static_type ()
 

Detailed Description

Signature Algorithms Extension for TLS 1.2 (RFC 5246)

Definition at line 301 of file tls_extensions.h.

Constructor & Destructor Documentation

◆ Signature_Algorithms() [1/3]

Botan::TLS::Signature_Algorithms::Signature_Algorithms ( const std::vector< std::string > &  hashes,
const std::vector< std::string > &  sig_algos 
)

Definition at line 576 of file tls_extensions.cpp.

578  {
579  for(size_t i = 0; i != hashes.size(); ++i)
580  for(size_t j = 0; j != sigs.size(); ++j)
581  m_supported_algos.push_back(std::make_pair(hashes[i], sigs[j]));
582  }

◆ Signature_Algorithms() [2/3]

Botan::TLS::Signature_Algorithms::Signature_Algorithms ( const std::vector< std::pair< std::string, std::string >> &  algos)
inlineexplicit

Definition at line 329 of file tls_extensions.h.

329  :
330  m_supported_algos(algos) {}

◆ Signature_Algorithms() [3/3]

Botan::TLS::Signature_Algorithms::Signature_Algorithms ( TLS_Data_Reader reader,
uint16_t  extension_size 
)

Definition at line 584 of file tls_extensions.cpp.

References Botan::TLS::Alert::DECODE_ERROR, Botan::TLS::TLS_Data_Reader::get_byte(), and Botan::TLS::TLS_Data_Reader::get_uint16_t().

586  {
587  uint16_t len = reader.get_uint16_t();
588 
589  if(len + 2 != extension_size || len % 2 == 1 || len == 0)
590  throw Decoding_Error("Bad encoding on signature algorithms extension");
591 
592  while(len)
593  {
594  const uint8_t hash_code = reader.get_byte();
595  const uint8_t sig_code = reader.get_byte();
596  len -= 2;
597 
598  if(sig_code == 0)
599  {
600  /*
601  RFC 5247 7.4.1.4.1 explicitly prohibits anonymous (0) signature code in
602  the client hello. ("It MUST NOT appear in this extension.")
603  */
604  throw TLS_Exception(Alert::DECODE_ERROR, "Client sent ANON signature");
605  }
606 
607  const std::string hash_name = hash_algo_name(hash_code);
608  const std::string sig_name = sig_algo_name(sig_code);
609 
610  // If not something we know, ignore it completely
611  if(hash_name.empty() || sig_name.empty())
612  continue;
613 
614  m_supported_algos.push_back(std::make_pair(hash_name, sig_name));
615  }
616  }
static std::string sig_algo_name(uint8_t code)
static std::string hash_algo_name(uint8_t code)

Member Function Documentation

◆ empty()

bool Botan::TLS::Signature_Algorithms::empty ( ) const
inlineoverridevirtual
Returns
if we should encode this extension or not

Implements Botan::TLS::Extension.

Definition at line 324 of file tls_extensions.h.

324 { return false; }

◆ hash_algo_code()

uint8_t Botan::TLS::Signature_Algorithms::hash_algo_code ( const std::string &  name)
static

Definition at line 506 of file tls_extensions.cpp.

Referenced by Botan::TLS::Certificate_Verify::Certificate_Verify(), and Botan::TLS::Server_Key_Exchange::Server_Key_Exchange().

507  {
508  if(name == "SHA-1")
509  return 2;
510 
511  if(name == "SHA-256")
512  return 4;
513 
514  if(name == "SHA-384")
515  return 5;
516 
517  if(name == "SHA-512")
518  return 6;
519 
520  throw Internal_Error("Unknown hash ID " + name + " for signature_algorithms");
521  }

◆ hash_algo_name()

std::string Botan::TLS::Signature_Algorithms::hash_algo_name ( uint8_t  code)
static

Definition at line 484 of file tls_extensions.cpp.

Referenced by Botan::TLS::Certificate_Req::Certificate_Req(), Botan::TLS::Certificate_Verify::Certificate_Verify(), and Botan::TLS::Server_Key_Exchange::Server_Key_Exchange().

485  {
486  switch(code)
487  {
488  // code 1 is MD5 - ignore it
489 
490  case 2:
491  return "SHA-1";
492 
493  // code 3 is SHA-224
494 
495  case 4:
496  return "SHA-256";
497  case 5:
498  return "SHA-384";
499  case 6:
500  return "SHA-512";
501  default:
502  return "";
503  }
504  }

◆ serialize()

std::vector< uint8_t > Botan::TLS::Signature_Algorithms::serialize ( ) const
overridevirtual
Returns
serialized binary for the extension

Implements Botan::TLS::Extension.

Definition at line 552 of file tls_extensions.cpp.

References Botan::get_byte().

Referenced by Botan::TLS::Certificate_Req::Certificate_Req().

553  {
554  std::vector<uint8_t> buf(2);
555 
556  for(size_t i = 0; i != m_supported_algos.size(); ++i)
557  {
558  try
559  {
560  const uint8_t hash_code = hash_algo_code(m_supported_algos[i].first);
561  const uint8_t sig_code = sig_algo_code(m_supported_algos[i].second);
562 
563  buf.push_back(hash_code);
564  buf.push_back(sig_code);
565  }
566  catch(...)
567  {}
568  }
569 
570  buf[0] = get_byte(0, static_cast<uint16_t>(buf.size()-2));
571  buf[1] = get_byte(1, static_cast<uint16_t>(buf.size()-2));
572 
573  return buf;
574  }
static uint8_t sig_algo_code(const std::string &name)
static uint8_t hash_algo_code(const std::string &name)
uint8_t get_byte(size_t byte_num, T input)
Definition: loadstor.h:39

◆ sig_algo_code()

uint8_t Botan::TLS::Signature_Algorithms::sig_algo_code ( const std::string &  name)
static

Definition at line 538 of file tls_extensions.cpp.

Referenced by Botan::TLS::Certificate_Verify::Certificate_Verify(), and Botan::TLS::Server_Key_Exchange::Server_Key_Exchange().

539  {
540  if(name == "RSA")
541  return 1;
542 
543  if(name == "DSA")
544  return 2;
545 
546  if(name == "ECDSA")
547  return 3;
548 
549  throw Internal_Error("Unknown sig ID " + name + " for signature_algorithms");
550  }

◆ sig_algo_name()

std::string Botan::TLS::Signature_Algorithms::sig_algo_name ( uint8_t  code)
static

Definition at line 523 of file tls_extensions.cpp.

Referenced by Botan::TLS::Certificate_Req::Certificate_Req(), Botan::TLS::Certificate_Verify::Certificate_Verify(), and Botan::TLS::Server_Key_Exchange::Server_Key_Exchange().

524  {
525  switch(code)
526  {
527  case 1:
528  return "RSA";
529  case 2:
530  return "DSA";
531  case 3:
532  return "ECDSA";
533  default:
534  return "";
535  }
536  }

◆ static_type()

static Handshake_Extension_Type Botan::TLS::Signature_Algorithms::static_type ( )
inlinestatic

◆ supported_signature_algorthms()

const std::vector<std::pair<std::string, std::string> >& Botan::TLS::Signature_Algorithms::supported_signature_algorthms ( ) const
inline

Definition at line 317 of file tls_extensions.h.

References Botan::TLS::Extension::serialize().

318  {
319  return m_supported_algos;
320  }

◆ type()

Handshake_Extension_Type Botan::TLS::Signature_Algorithms::type ( ) const
inlineoverridevirtual
Returns
code number of the extension

Implements Botan::TLS::Extension.

Definition at line 307 of file tls_extensions.h.

307 { return static_type(); }
static Handshake_Extension_Type static_type()

The documentation for this class was generated from the following files: