aboutsummaryrefslogtreecommitdiffstats
path: root/src/tls/cert_req.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'src/tls/cert_req.cpp')
-rw-r--r--src/tls/cert_req.cpp19
1 files changed, 17 insertions, 2 deletions
diff --git a/src/tls/cert_req.cpp b/src/tls/cert_req.cpp
index 4e86a3270..7fbe2a809 100644
--- a/src/tls/cert_req.cpp
+++ b/src/tls/cert_req.cpp
@@ -60,9 +60,24 @@ Certificate_Req::Certificate_Req(const MemoryRegion<byte>& buf,
if(version >= TLS_V12)
{
- std::vector<u16bit> sig_hash_algs = reader.get_range_vector<u16bit>(2, 2, 65534);
+ std::vector<byte> sig_hash_algs = reader.get_range_vector<byte>(2, 2, 65534);
- // FIXME, do something with this
+ if(sig_hash_algs.size() % 2 != 0)
+ throw Decoding_Error("Bad length for signature IDs in certificate request");
+
+ for(size_t i = 0; i != sig_hash_algs.size(); i += 2)
+ {
+ std::string hash = Signature_Algorithms::hash_algo_name(sig_hash_algs[i]);
+ std::string sig = Signature_Algorithms::sig_algo_name(sig_hash_algs[i+1]);
+ m_supported_algos.push_back(std::make_pair(hash, sig));
+ }
+ }
+ else
+ {
+ // The hardcoded settings from previous protocol versions
+ m_supported_algos.push_back(std::make_pair("TLS.Digest.0", "RSA"));
+ m_supported_algos.push_back(std::make_pair("SHA-1", "DSA"));
+ m_supported_algos.push_back(std::make_pair("SHA-1", "ECDSA"));
}
u16bit purported_size = reader.get_u16bit();