Botan 2.19.1
Crypto and TLS for C&
Public Member Functions | List of all members
Botan::TLS::Certificate Class Referencefinal

#include <tls_messages.h>

Inheritance diagram for Botan::TLS::Certificate:
Botan::TLS::Handshake_Message

Public Member Functions

const std::vector< X509_Certificate > & cert_chain () const
 
 Certificate (const std::vector< uint8_t > &buf, const Policy &policy)
 
 Certificate (Handshake_IO &io, Handshake_Hash &hash, const std::vector< X509_Certificate > &certs)
 
size_t count () const
 
bool empty () const
 
Handshake_Type type () const override
 
std::string type_string () const
 

Detailed Description

Certificate Message

Definition at line 372 of file tls_messages.h.

Constructor & Destructor Documentation

◆ Certificate() [1/2]

Botan::TLS::Certificate::Certificate ( Handshake_IO io,
Handshake_Hash hash,
const std::vector< X509_Certificate > &  cert_list 
)

Create a new Certificate message

Definition at line 25 of file msg_certificate.cpp.

27 :
28 m_certs(cert_list)
29 {
30 hash.update(io.send(*this));
31 }
hash
MechanismType hash
Definition: p11_mechanism.cpp:64

References hash, and Botan::TLS::Handshake_IO::send().

◆ Certificate() [2/2]

Botan::TLS::Certificate::Certificate ( const std::vector< uint8_t > &  buf,
const Policy policy 
)
explicit

Deserialize a Certificate message

Definition at line 36 of file msg_certificate.cpp.

37 {
38 if(buf.size() < 3)
39 throw Decoding_Error("Certificate: Message malformed");
40
41 const size_t total_size = make_uint32(0, buf[0], buf[1], buf[2]);
42
43 if(total_size != buf.size() - 3)
44 throw Decoding_Error("Certificate: Message malformed");
45
46 const size_t max_size = policy.maximum_certificate_chain_size();
47 if(max_size > 0 && total_size > max_size)
48 throw Decoding_Error("Certificate chain exceeds policy specified maximum size");
49
50 const uint8_t* certs = buf.data() + 3;
51
52 while(size_t remaining_bytes = buf.data() + buf.size() - certs)
53 {
54 if(remaining_bytes < 3)
55 throw Decoding_Error("Certificate: Message malformed");
56
57 const size_t cert_size = make_uint32(0, certs[0], certs[1], certs[2]);
58
59 if(remaining_bytes < (3 + cert_size))
60 throw Decoding_Error("Certificate: Message malformed");
61
62 DataSource_Memory cert_buf(&certs[3], cert_size);
63 m_certs.push_back(X509_Certificate(cert_buf));
64
65 certs += cert_size + 3;
66 }
67
68 /*
69 * TLS 1.0 through 1.2 all seem to require that the certificate be
70 * precisely a v3 certificate. In fact the strict wording would seem
71 * to require that every certificate in the chain be v3. But often
72 * the intermediates are outside of the control of the server.
73 * But, require that the leaf certificate be v3
74 */
75 if(m_certs.size() > 0 && m_certs[0].x509_version() != 3)
76 {
77 throw TLS_Exception(Alert::BAD_CERTIFICATE,
78 "The leaf certificate must be v3");
79 }
80 }
Botan::make_uint32
constexpr uint32_t make_uint32(uint8_t i0, uint8_t i1, uint8_t i2, uint8_t i3)
Definition: loadstor.h:67

References Botan::TLS::Alert::BAD_CERTIFICATE, Botan::make_uint32(), and Botan::TLS::Policy::maximum_certificate_chain_size().

Member Function Documentation

◆ cert_chain()

const std::vector< X509_Certificate > & Botan::TLS::Certificate::cert_chain ( ) const
inline

Definition at line 376 of file tls_messages.h.

376{ return m_certs; }

◆ count()

size_t Botan::TLS::Certificate::count ( ) const
inline

Definition at line 378 of file tls_messages.h.

378{ return m_certs.size(); }

◆ empty()

bool Botan::TLS::Certificate::empty ( ) const
inline

Definition at line 379 of file tls_messages.h.

379{ return m_certs.empty(); }

◆ type()

Handshake_Type Botan::TLS::Certificate::type ( ) const
inlineoverridevirtual
Returns
the message type

Implements Botan::TLS::Handshake_Message.

Definition at line 375 of file tls_messages.h.

375{ return CERTIFICATE; }
Botan::TLS::CERTIFICATE
@ CERTIFICATE
Definition: tls_magic.h:51

References Botan::TLS::CERTIFICATE.

◆ type_string()

std::string Botan::TLS::Handshake_Message::type_string ( ) const
inherited
Returns
string representation of this message type

Definition at line 19 of file tls_handshake_state.cpp.

20 {
21 return handshake_type_to_string(type());
22 }
Botan::TLS::Handshake_Message::type
virtual Handshake_Type type() const =0
Botan::TLS::handshake_type_to_string
const char * handshake_type_to_string(Handshake_Type type)
Definition: tls_handshake_state.cpp:24

References Botan::TLS::handshake_type_to_string(), and Botan::TLS::Handshake_Message::type().

The documentation for this class was generated from the following files:
Generated by doxygen 1.9.3