8 #include <botan/tls_messages.h>
9 #include <botan/tls_extensions.h>
10 #include <botan/internal/tls_reader.h>
11 #include <botan/internal/tls_handshake_io.h>
12 #include <botan/internal/tls_handshake_hash.h>
13 #include <botan/der_enc.h>
14 #include <botan/ber_dec.h>
15 #include <botan/loadstor.h>
23 std::string cert_type_code_to_name(uint8_t code)
38 uint8_t cert_type_name_to_code(
const std::string& name)
58 const std::vector<X509_DN>& ca_certs,
61 m_cert_key_types({
"RSA",
"DSA",
"ECDSA" })
63 if(version.supports_negotiable_signature_algorithms())
65 std::vector<std::string> hashes = policy.allowed_signature_hashes();
66 std::vector<std::string> sigs = policy.allowed_signature_methods();
68 for(
size_t i = 0; i != hashes.size(); ++i)
69 for(
size_t j = 0; j != sigs.size(); ++j)
70 m_supported_algos.push_back(std::make_pair(hashes[i], sigs[j]));
73 hash.update(io.send(*
this));
87 std::vector<uint8_t> cert_type_codes = reader.
get_range_vector<uint8_t>(1, 1, 255);
89 for(
size_t i = 0; i != cert_type_codes.size(); ++i)
91 const std::string cert_type_name = cert_type_code_to_name(cert_type_codes[i]);
93 if(cert_type_name.empty())
96 m_cert_key_types.push_back(cert_type_name);
101 std::vector<uint8_t> sig_hash_algs = reader.
get_range_vector<uint8_t>(2, 2, 65534);
103 if(sig_hash_algs.size() % 2 != 0)
104 throw Decoding_Error(
"Bad length for signature IDs in certificate request");
106 for(
size_t i = 0; i != sig_hash_algs.size(); i += 2)
110 m_supported_algos.push_back(std::make_pair(hash, sig));
117 throw Decoding_Error(
"Inconsistent length in certificate request");
121 std::vector<uint8_t> name_bits = reader.
get_range_vector<uint8_t>(2, 0, 65535);
123 BER_Decoder decoder(name_bits.data(), name_bits.size());
125 decoder.decode(name);
126 m_names.push_back(name);
133 std::vector<uint8_t> Certificate_Req::serialize()
const
135 std::vector<uint8_t> buf;
137 std::vector<uint8_t> cert_types;
139 for(
size_t i = 0; i != m_cert_key_types.size(); ++i)
140 cert_types.push_back(cert_type_name_to_code(m_cert_key_types[i]));
144 if(!m_supported_algos.empty())
147 std::vector<uint8_t> encoded_names;
149 for(
size_t i = 0; i != m_names.size(); ++i)
152 encoder.
encode(m_names[i]);
Certificate_Req(Handshake_IO &io, Handshake_Hash &hash, const Policy &policy, const std::vector< X509_DN > &allowed_cas, Protocol_Version version)
size_t remaining_bytes() const
secure_vector< uint8_t > get_contents()
DER_Encoder & encode(bool b)
std::vector< T > get_range_vector(size_t len_bytes, size_t min_elems, size_t max_elems)
std::vector< uint8_t > serialize() const override
bool has_remaining() const
static std::string sig_algo_name(uint8_t code)
bool supports_negotiable_signature_algorithms() const
static std::string hash_algo_name(uint8_t code)
void append_tls_length_value(std::vector< uint8_t, Alloc > &buf, const T *vals, size_t vals_size, size_t tag_size)