Botan
1.11.15
|
#include <tls_messages.h>
Public Member Functions | |
Certificate_Verify (Handshake_IO &io, Handshake_State &state, const Policy &policy, RandomNumberGenerator &rng, const Private_Key *key) | |
Certificate_Verify (const std::vector< byte > &buf, Protocol_Version version) | |
Handshake_Type | type () const override |
bool | verify (const X509_Certificate &cert, const Handshake_State &state) const |
Certificate Verify Message
Definition at line 409 of file tls_messages.h.
Botan::TLS::Certificate_Verify::Certificate_Verify | ( | Handshake_IO & | io, |
Handshake_State & | state, | ||
const Policy & | policy, | ||
RandomNumberGenerator & | rng, | ||
const Private_Key * | key | ||
) |
Definition at line 20 of file msg_cert_verify.cpp.
References BOTAN_ASSERT_NONNULL, Botan::TLS::Handshake_State::choose_sig_format(), Botan::TLS::Handshake_Hash::get_contents(), Botan::TLS::Handshake_State::hash(), Botan::TLS::Handshake_IO::send(), Botan::PK_Signer::sign_message(), and Botan::TLS::Handshake_Hash::update().
{ BOTAN_ASSERT_NONNULL(priv_key); std::pair<std::string, Signature_Format> format = state.choose_sig_format(*priv_key, m_hash_algo, m_sig_algo, true, policy); PK_Signer signer(*priv_key, format.first, format.second); m_signature = signer.sign_message(state.hash().get_contents(), rng); state.hash().update(io.send(*this)); }
Botan::TLS::Certificate_Verify::Certificate_Verify | ( | const std::vector< byte > & | buf, |
Protocol_Version | version | ||
) |
Definition at line 41 of file msg_cert_verify.cpp.
References Botan::TLS::TLS_Data_Reader::get_byte(), Botan::TLS::TLS_Data_Reader::get_range(), Botan::TLS::Signature_Algorithms::hash_algo_name(), Botan::TLS::Signature_Algorithms::sig_algo_name(), and Botan::TLS::Protocol_Version::supports_negotiable_signature_algorithms().
{ TLS_Data_Reader reader("CertificateVerify", buf); if(version.supports_negotiable_signature_algorithms()) { m_hash_algo = Signature_Algorithms::hash_algo_name(reader.get_byte()); m_sig_algo = Signature_Algorithms::sig_algo_name(reader.get_byte()); } m_signature = reader.get_range<byte>(2, 0, 65535); }
Handshake_Type Botan::TLS::Certificate_Verify::type | ( | ) | const [inline, override, virtual] |
Implements Botan::TLS::Handshake_Message.
Definition at line 412 of file tls_messages.h.
References Botan::TLS::CERTIFICATE_VERIFY.
{ return CERTIFICATE_VERIFY; }
bool Botan::TLS::Certificate_Verify::verify | ( | const X509_Certificate & | cert, |
const Handshake_State & | state | ||
) | const |
Check the signature on a certificate verify message
cert | the purported certificate |
state | the handshake state |
Definition at line 79 of file msg_cert_verify.cpp.
References Botan::TLS::Handshake_Hash::get_contents(), Botan::TLS::Handshake_State::hash(), Botan::X509_Certificate::subject_public_key(), Botan::TLS::Handshake_State::understand_sig_format(), and Botan::PK_Verifier::verify_message().
{
std::unique_ptr<Public_Key> key(cert.subject_public_key());
std::pair<std::string, Signature_Format> format =
state.understand_sig_format(*key.get(), m_hash_algo, m_sig_algo);
PK_Verifier verifier(*key, format.first, format.second);
return verifier.verify_message(state.hash().get_contents(), m_signature);
}