Botan 3.0.0
Crypto and TLS for C&
msg_certificate_12.cpp
Go to the documentation of this file.
1/*
2* Certificate Message
3* (C) 2004-2006,2012,2020 Jack Lloyd
4*
5* Botan is released under the Simplified BSD License (see license.txt)
6*/
7
8#include <botan/tls_messages.h>
9#include <botan/tls_extensions.h>
10#include <botan/tls_exceptn.h>
11#include <botan/tls_alert.h>
12#include <botan/internal/tls_reader.h>
13#include <botan/internal/tls_handshake_io.h>
14#include <botan/internal/tls_handshake_hash.h>
15#include <botan/internal/loadstor.h>
16#include <botan/data_src.h>
17
18namespace Botan::TLS {
19
20/**
21* Create a new Certificate message
22*/
24 Handshake_Hash& hash,
25 const std::vector<X509_Certificate>& cert_list) :
26 m_certs(cert_list)
27 {
28 hash.update(io.send(*this));
29 }
30
31/**
32* Deserialize a Certificate message
33*/
34Certificate_12::Certificate_12(const std::vector<uint8_t>& buf, const Policy& policy)
35 {
36 if(buf.size() < 3)
37 throw Decoding_Error("Certificate: Message malformed");
38
39 const size_t total_size = make_uint32(0, buf[0], buf[1], buf[2]);
40
41 if(total_size != buf.size() - 3)
42 throw Decoding_Error("Certificate: Message malformed");
43
44 const size_t max_size = policy.maximum_certificate_chain_size();
45 if(max_size > 0 && total_size > max_size)
46 throw Decoding_Error("Certificate chain exceeds policy specified maximum size");
47
48 const uint8_t* certs = buf.data() + 3;
49
50 while(size_t remaining_bytes = buf.data() + buf.size() - certs)
51 {
52 if(remaining_bytes < 3)
53 throw Decoding_Error("Certificate: Message malformed");
54
55 const size_t cert_size = make_uint32(0, certs[0], certs[1], certs[2]);
56
57 if(remaining_bytes < (3 + cert_size))
58 throw Decoding_Error("Certificate: Message malformed");
59
60 DataSource_Memory cert_buf(&certs[3], cert_size);
61 m_certs.push_back(X509_Certificate(cert_buf));
62
63 certs += cert_size + 3;
64 }
65
66 /*
67 * TLS 1.0 through 1.2 all seem to require that the certificate be
68 * precisely a v3 certificate. In fact the strict wording would seem
69 * to require that every certificate in the chain be v3. But often
70 * the intermediates are outside of the control of the server.
71 * But, require that the leaf certificate be v3
72 */
73 if(!m_certs.empty() && m_certs[0].x509_version() != 3)
74 {
75 throw TLS_Exception(Alert::BadCertificate,
76 "The leaf certificate must be v3");
77 }
78 }
79
80/**
81* Serialize a Certificate message
82*/
83std::vector<uint8_t> Certificate_12::serialize() const
84 {
85 std::vector<uint8_t> buf(3);
86
87 for(const auto& cert : m_certs)
88 {
89 const auto raw_cert = cert.BER_encode();
90 const size_t cert_size = raw_cert.size();
91 for(size_t j = 0; j != 3; ++j)
92 {
93 buf.push_back(get_byte_var(j+1, static_cast<uint32_t>(cert_size)));
94 }
95 buf += raw_cert;
96 }
97
98 const size_t buf_size = buf.size() - 3;
99 for(size_t i = 0; i != 3; ++i)
100 buf[i] = get_byte_var(i+1, static_cast<uint32_t>(buf_size));
101
102 return buf;
103 }
104
105}
Certificate_12(Handshake_IO &io, Handshake_Hash &hash, const std::vector< X509_Certificate > &certs)
std::vector< uint8_t > serialize() const override
void update(const uint8_t in[], size_t length)
virtual std::vector< uint8_t > send(const Handshake_Message &msg)=0
virtual size_t maximum_certificate_chain_size() const
Definition: tls_policy.cpp:384
constexpr uint32_t make_uint32(uint8_t i0, uint8_t i1, uint8_t i2, uint8_t i3)
Definition: loadstor.h:78
constexpr uint8_t get_byte_var(size_t byte_num, T input)
Definition: loadstor.h:39