Botan 3.0.0
Crypto and TLS for C&
msg_cert_status.cpp
Go to the documentation of this file.
1/*
2* Certificate Status
3* (C) 2016 Jack Lloyd
4*
5* Botan is released under the Simplified BSD License (see license.txt)
6*/
7
8#include <botan/tls_messages.h>
9#include <botan/tls_extensions.h>
10#include <botan/internal/tls_reader.h>
11#include <botan/internal/tls_handshake_io.h>
12#include <botan/internal/tls_handshake_hash.h>
13#include <botan/der_enc.h>
14#include <botan/ber_dec.h>
15#include <botan/ocsp.h>
16
17namespace Botan::TLS {
18
19Certificate_Status::Certificate_Status(const std::vector<uint8_t>& buf, const Connection_Side)
20 {
21 if(buf.size() < 5)
22 throw Decoding_Error("Invalid Certificate_Status message: too small");
23
24 if(buf[0] != 1) // not OCSP
25 throw Decoding_Error("Unexpected Certificate_Status message: unexpected response type");
26
27 size_t len = make_uint32(0, buf[1], buf[2], buf[3]);
28
29 // Verify the redundant length field...
30 if(buf.size() != len + 4)
31 throw Decoding_Error("Invalid Certificate_Status: invalid length field");
32
33 m_response.assign(buf.begin() + 4, buf.end());
34 }
35
37 Handshake_Hash& hash,
38 const OCSP::Response& ocsp) :
39 m_response(ocsp.raw_bits())
40 {
41 hash.update(io.send(*this));
42 }
43
45 Handshake_Hash& hash,
46 std::vector<uint8_t> raw_response_bytes) :
47 Certificate_Status(std::move(raw_response_bytes))
48 {
49 hash.update(io.send(*this));
50 }
51
52Certificate_Status::Certificate_Status(std::vector<uint8_t> raw_response_bytes) :
53 m_response(std::move(raw_response_bytes)) {}
54
55std::vector<uint8_t> Certificate_Status::serialize() const
56 {
57 if(m_response.size() > 0xFFFFFF) // unlikely
58 throw Encoding_Error("OCSP response too long to encode in TLS");
59
60 const uint32_t response_len = static_cast<uint32_t>(m_response.size());
61
62 std::vector<uint8_t> buf;
63 buf.reserve(1 + 3 + m_response.size());
64 buf.push_back(1); // type OCSP
65 for(size_t i = 1; i < 4; ++i)
66 buf.push_back(get_byte_var(i, response_len));
67
68 buf += m_response;
69 return buf;
70 }
71
72}
Certificate_Status(const std::vector< uint8_t > &buf, const Connection_Side from)
std::vector< uint8_t > serialize() const override
void update(const uint8_t in[], size_t length)
virtual std::vector< uint8_t > send(const Handshake_Message &msg)=0
constexpr uint32_t make_uint32(uint8_t i0, uint8_t i1, uint8_t i2, uint8_t i3)
Definition: loadstor.h:78
constexpr uint8_t get_byte_var(size_t byte_num, T input)
Definition: loadstor.h:39
Definition: bigint.h:1092