Botan  2.11.0
Crypto and TLS for C++11
msg_certificate.cpp
Go to the documentation of this file.
1 /*
2 * Certificate Message
3 * (C) 2004-2006,2012 Jack Lloyd
4 *
5 * Botan is released under the Simplified BSD License (see license.txt)
6 */
7 
8 #include <botan/tls_messages.h>
9 #include <botan/tls_extensions.h>
10 #include <botan/internal/tls_reader.h>
11 #include <botan/internal/tls_handshake_io.h>
12 #include <botan/internal/tls_handshake_hash.h>
13 #include <botan/loadstor.h>
14 #include <botan/data_src.h>
15 
16 namespace Botan {
17 
18 namespace TLS {
19 
20 /**
21 * Create a new Certificate message
22 */
25  const std::vector<X509_Certificate>& cert_list) :
26  m_certs(cert_list)
27  {
28  hash.update(io.send(*this));
29  }
30 
31 /**
32 * Deserialize a Certificate message
33 */
34 Certificate::Certificate(const std::vector<uint8_t>& buf, const Policy& policy)
35  {
36  if(buf.size() < 3)
37  throw Decoding_Error("Certificate: Message malformed");
38 
39  const size_t total_size = make_uint32(0, buf[0], buf[1], buf[2]);
40 
41  if(total_size != buf.size() - 3)
42  throw Decoding_Error("Certificate: Message malformed");
43 
44  const size_t max_size = policy.maximum_certificate_chain_size();
45  if(max_size > 0 && total_size > max_size)
46  throw Decoding_Error("Certificate chain exceeds policy specified maximum size");
47 
48  const uint8_t* certs = buf.data() + 3;
49 
50  while(size_t remaining_bytes = buf.data() + buf.size() - certs)
51  {
52  if(remaining_bytes < 3)
53  throw Decoding_Error("Certificate: Message malformed");
54 
55  const size_t cert_size = make_uint32(0, certs[0], certs[1], certs[2]);
56 
57  if(remaining_bytes < (3 + cert_size))
58  throw Decoding_Error("Certificate: Message malformed");
59 
60  DataSource_Memory cert_buf(&certs[3], cert_size);
61  m_certs.push_back(X509_Certificate(cert_buf));
62 
63  certs += cert_size + 3;
64  }
65  }
66 
67 /**
68 * Serialize a Certificate message
69 */
70 std::vector<uint8_t> Certificate::serialize() const
71  {
72  std::vector<uint8_t> buf(3);
73 
74  for(size_t i = 0; i != m_certs.size(); ++i)
75  {
76  std::vector<uint8_t> raw_cert = m_certs[i].BER_encode();
77  const size_t cert_size = raw_cert.size();
78  for(size_t j = 0; j != 3; ++j)
79  {
80  buf.push_back(get_byte(j+1, static_cast<uint32_t>(cert_size)));
81  }
82  buf += raw_cert;
83  }
84 
85  const size_t buf_size = buf.size() - 3;
86  for(size_t i = 0; i != 3; ++i)
87  buf[i] = get_byte(i+1, static_cast<uint32_t>(buf_size));
88 
89  return buf;
90  }
91 
92 }
93 
94 }
virtual std::vector< uint8_t > send(const Handshake_Message &msg)=0
Certificate(Handshake_IO &io, Handshake_Hash &hash, const std::vector< X509_Certificate > &certs)
const uint8_t * buf
Definition: ffi.h:371
constexpr uint8_t get_byte(size_t byte_num, T input)
Definition: loadstor.h:39
constexpr uint32_t make_uint32(uint8_t i0, uint8_t i1, uint8_t i2, uint8_t i3)
Definition: loadstor.h:65
Definition: alg_id.cpp:13
bool size_t const std::string & hash
Definition: argon2.h:105