diff options
Diffstat (limited to 'src/tls/cert_req.cpp')
-rw-r--r-- | src/tls/cert_req.cpp | 53 |
1 files changed, 50 insertions, 3 deletions
diff --git a/src/tls/cert_req.cpp b/src/tls/cert_req.cpp index 3f70c306b..f400a36d2 100644 --- a/src/tls/cert_req.cpp +++ b/src/tls/cert_req.cpp @@ -17,6 +17,37 @@ namespace Botan { namespace TLS { +namespace { + +std::string cert_type_code_to_name(byte code) + { + switch(code) + { + case 1: + return "RSA"; + case 2: + return "DSA"; + case 64: + return "ECDSA"; + default: + return ""; // DH or something else + } + } + +byte cert_type_name_to_code(const std::string& name) + { + if(name == "RSA") + return 1; + if(name == "DSA") + return 2; + if(name == "ECDSA") + return 64; + + throw Invalid_Argument("Unknown cert type " + name); + } + +} + /** * Create a new Certificate Request message */ @@ -29,8 +60,9 @@ Certificate_Req::Certificate_Req(Record_Writer& writer, for(size_t i = 0; i != ca_certs.size(); ++i) names.push_back(ca_certs[i].subject_dn()); - cert_types.push_back(RSA_CERT); - cert_types.push_back(DSS_CERT); + cert_key_types.push_back("RSA"); + cert_key_types.push_back("DSA"); + cert_key_types.push_back("ECDSA"); if(version >= Protocol_Version::TLS_V12) { @@ -56,7 +88,17 @@ Certificate_Req::Certificate_Req(const MemoryRegion<byte>& buf, TLS_Data_Reader reader(buf); - cert_types = reader.get_range_vector<byte>(1, 1, 255); + std::vector<byte> cert_type_codes = reader.get_range_vector<byte>(1, 1, 255); + + for(size_t i = 0; i != cert_type_codes.size(); ++i) + { + const std::string cert_type_name = cert_type_code_to_name(cert_type_codes[i]); + + if(cert_type_name == "") // something we don't know + continue; + + cert_key_types.push_back(cert_type_name); + } if(version >= Protocol_Version::TLS_V12) { @@ -103,6 +145,11 @@ MemoryVector<byte> Certificate_Req::serialize() const { MemoryVector<byte> buf; + std::vector<byte> cert_types; + + for(size_t i = 0; i != cert_key_types.size(); ++i) + cert_types.push_back(cert_type_name_to_code(cert_key_types[i])); + append_tls_length_value(buf, cert_types, 1); if(!m_supported_algos.empty()) |