Botan  2.15.0
Crypto and TLS for C++11
Public Member Functions | List of all members
Botan::TLS::Certificate Class Referencefinal

#include <tls_messages.h>

Inheritance diagram for Botan::TLS::Certificate:
Botan::TLS::Handshake_Message

Public Member Functions

const std::vector< X509_Certificate > & cert_chain () const
 
 Certificate (Handshake_IO &io, Handshake_Hash &hash, const std::vector< X509_Certificate > &certs)
 
 Certificate (const std::vector< uint8_t > &buf, const Policy &policy)
 
size_t count () const
 
bool empty () const
 
Handshake_Type type () const override
 
std::string type_string () const
 

Detailed Description

Certificate Message

Definition at line 372 of file tls_messages.h.

Constructor & Destructor Documentation

◆ Certificate() [1/2]

Botan::TLS::Certificate::Certificate ( Handshake_IO io,
Handshake_Hash hash,
const std::vector< X509_Certificate > &  cert_list 
)

Create a new Certificate message

Definition at line 25 of file msg_certificate.cpp.

References hash, and Botan::TLS::Handshake_IO::send().

27  :
28  m_certs(cert_list)
29  {
30  hash.update(io.send(*this));
31  }
hash
MechanismType hash
Definition: p11_mechanism.cpp:64

◆ Certificate() [2/2]

Botan::TLS::Certificate::Certificate ( const std::vector< uint8_t > &  buf,
const Policy policy 
)
explicit

Deserialize a Certificate message

Definition at line 36 of file msg_certificate.cpp.

References Botan::TLS::Alert::BAD_CERTIFICATE, Botan::make_uint32(), and Botan::TLS::Policy::maximum_certificate_chain_size().

37  {
38  if(buf.size() < 3)
39  throw Decoding_Error("Certificate: Message malformed");
40 
41  const size_t total_size = make_uint32(0, buf[0], buf[1], buf[2]);
42 
43  if(total_size != buf.size() - 3)
44  throw Decoding_Error("Certificate: Message malformed");
45 
46  const size_t max_size = policy.maximum_certificate_chain_size();
47  if(max_size > 0 && total_size > max_size)
48  throw Decoding_Error("Certificate chain exceeds policy specified maximum size");
49 
50  const uint8_t* certs = buf.data() + 3;
51 
52  while(size_t remaining_bytes = buf.data() + buf.size() - certs)
53  {
54  if(remaining_bytes < 3)
55  throw Decoding_Error("Certificate: Message malformed");
56 
57  const size_t cert_size = make_uint32(0, certs[0], certs[1], certs[2]);
58 
59  if(remaining_bytes < (3 + cert_size))
60  throw Decoding_Error("Certificate: Message malformed");
61 
62  DataSource_Memory cert_buf(&certs[3], cert_size);
63  m_certs.push_back(X509_Certificate(cert_buf));
64 
65  certs += cert_size + 3;
66  }
67 
68  /*
69  * TLS 1.0 through 1.2 all seem to require that the certificate be
70  * precisely a v3 certificate. In fact the strict wording would seem
71  * to require that every certificate in the chain be v3. But often
72  * the intermediates are outside of the control of the server.
73  * But, require that the leaf certificate be v3
74  */
75  if(m_certs.size() > 0 && m_certs[0].x509_version() != 3)
76  {
77  throw TLS_Exception(Alert::BAD_CERTIFICATE,
78  "The leaf certificate must be v3");
79  }
80  }
Botan::make_uint32
constexpr uint32_t make_uint32(uint8_t i0, uint8_t i1, uint8_t i2, uint8_t i3)
Definition: loadstor.h:67

Member Function Documentation

◆ cert_chain()

const std::vector<X509_Certificate>& Botan::TLS::Certificate::cert_chain ( ) const
inline

Definition at line 376 of file tls_messages.h.

376 { return m_certs; }

◆ count()

size_t Botan::TLS::Certificate::count ( ) const
inline

Definition at line 378 of file tls_messages.h.

378 { return m_certs.size(); }

◆ empty()

bool Botan::TLS::Certificate::empty ( ) const
inline

Definition at line 379 of file tls_messages.h.

379 { return m_certs.empty(); }

◆ type()

Handshake_Type Botan::TLS::Certificate::type ( ) const
inlineoverridevirtual
Returns
the message type

Implements Botan::TLS::Handshake_Message.

Definition at line 375 of file tls_messages.h.

References Botan::TLS::CERTIFICATE.

375 { return CERTIFICATE; }

◆ type_string()

std::string Botan::TLS::Handshake_Message::type_string ( ) const
inherited
Returns
string representation of this message type

Definition at line 19 of file tls_handshake_state.cpp.

References Botan::TLS::handshake_type_to_string(), and Botan::TLS::Handshake_Message::type().

20  {
21  return handshake_type_to_string(type());
22  }
Botan::TLS::Handshake_Message::type
virtual Handshake_Type type() const =0
Botan::TLS::handshake_type_to_string
const char * handshake_type_to_string(Handshake_Type type)
Definition: tls_handshake_state.cpp:24
The documentation for this class was generated from the following files:
Generated by   doxygen 1.8.14