#include <tls_messages.h>
Public Member Functions | |
| Certificate_Verify (Handshake_IO &io, Handshake_State &state, const Policy &policy, RandomNumberGenerator &rng, const Private_Key *key) | |
| Certificate_Verify (const std::vector< byte > &buf, Protocol_Version version) | |
| Handshake_Type | type () const override |
| bool | verify (const X509_Certificate &cert, const Handshake_State &state) const |
Detailed Description
Certificate Verify Message
Definition at line 409 of file tls_messages.h.
Constructor & Destructor Documentation
| Botan::TLS::Certificate_Verify::Certificate_Verify | ( | Handshake_IO & | io, |
| Handshake_State & | state, | ||
| const Policy & | policy, | ||
| RandomNumberGenerator & | rng, | ||
| const Private_Key * | key | ||
| ) |
Definition at line 20 of file msg_cert_verify.cpp.
References BOTAN_ASSERT_NONNULL, Botan::TLS::Handshake_State::choose_sig_format(), Botan::TLS::Handshake_Hash::get_contents(), Botan::TLS::Handshake_State::hash(), Botan::TLS::Handshake_IO::send(), Botan::PK_Signer::sign_message(), and Botan::TLS::Handshake_Hash::update().
{
BOTAN_ASSERT_NONNULL(priv_key);
std::pair<std::string, Signature_Format> format =
state.choose_sig_format(*priv_key, m_hash_algo, m_sig_algo, true, policy);
PK_Signer signer(*priv_key, format.first, format.second);
m_signature = signer.sign_message(state.hash().get_contents(), rng);
state.hash().update(io.send(*this));
}
| Botan::TLS::Certificate_Verify::Certificate_Verify | ( | const std::vector< byte > & | buf, |
| Protocol_Version | version | ||
| ) |
Definition at line 41 of file msg_cert_verify.cpp.
References Botan::TLS::TLS_Data_Reader::get_byte(), Botan::TLS::TLS_Data_Reader::get_range(), Botan::TLS::Signature_Algorithms::hash_algo_name(), Botan::TLS::Signature_Algorithms::sig_algo_name(), and Botan::TLS::Protocol_Version::supports_negotiable_signature_algorithms().
{
TLS_Data_Reader reader("CertificateVerify", buf);
if(version.supports_negotiable_signature_algorithms())
{
m_hash_algo = Signature_Algorithms::hash_algo_name(reader.get_byte());
m_sig_algo = Signature_Algorithms::sig_algo_name(reader.get_byte());
}
m_signature = reader.get_range<byte>(2, 0, 65535);
}
Member Function Documentation
| Handshake_Type Botan::TLS::Certificate_Verify::type | ( | ) | const [inline, override, virtual] |
Implements Botan::TLS::Handshake_Message.
Definition at line 412 of file tls_messages.h.
References Botan::TLS::CERTIFICATE_VERIFY.
{ return CERTIFICATE_VERIFY; }
| bool Botan::TLS::Certificate_Verify::verify | ( | const X509_Certificate & | cert, |
| const Handshake_State & | state | ||
| ) | const |
Check the signature on a certificate verify message
- Parameters:
-
cert the purported certificate state the handshake state
Definition at line 79 of file msg_cert_verify.cpp.
References Botan::TLS::Handshake_Hash::get_contents(), Botan::TLS::Handshake_State::hash(), Botan::X509_Certificate::subject_public_key(), Botan::TLS::Handshake_State::understand_sig_format(), and Botan::PK_Verifier::verify_message().
{
std::unique_ptr<Public_Key> key(cert.subject_public_key());
std::pair<std::string, Signature_Format> format =
state.understand_sig_format(*key.get(), m_hash_algo, m_sig_algo);
PK_Verifier verifier(*key, format.first, format.second);
return verifier.verify_message(state.hash().get_contents(), m_signature);
}
The documentation for this class was generated from the following files:
- src/lib/tls/tls_messages.h
- src/lib/tls/msg_cert_verify.cpp
