1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
|
/*
* Certificate Message
* (C) 2004-2006,2012,2020 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
#include <botan/tls_messages.h>
#include <botan/tls_extensions.h>
#include <botan/tls_exceptn.h>
#include <botan/tls_alert.h>
#include <botan/internal/tls_reader.h>
#include <botan/internal/tls_handshake_io.h>
#include <botan/internal/tls_handshake_hash.h>
#include <botan/loadstor.h>
#include <botan/data_src.h>
namespace Botan {
namespace TLS {
/**
* Create a new Certificate message
*/
Certificate::Certificate(Handshake_IO& io,
Handshake_Hash& hash,
const std::vector<X509_Certificate>& cert_list) :
m_certs(cert_list)
{
hash.update(io.send(*this));
}
/**
* Deserialize a Certificate message
*/
Certificate::Certificate(const std::vector<uint8_t>& buf, const Policy& policy)
{
if(buf.size() < 3)
throw Decoding_Error("Certificate: Message malformed");
const size_t total_size = make_uint32(0, buf[0], buf[1], buf[2]);
if(total_size != buf.size() - 3)
throw Decoding_Error("Certificate: Message malformed");
const size_t max_size = policy.maximum_certificate_chain_size();
if(max_size > 0 && total_size > max_size)
throw Decoding_Error("Certificate chain exceeds policy specified maximum size");
const uint8_t* certs = buf.data() + 3;
while(size_t remaining_bytes = buf.data() + buf.size() - certs)
{
if(remaining_bytes < 3)
throw Decoding_Error("Certificate: Message malformed");
const size_t cert_size = make_uint32(0, certs[0], certs[1], certs[2]);
if(remaining_bytes < (3 + cert_size))
throw Decoding_Error("Certificate: Message malformed");
DataSource_Memory cert_buf(&certs[3], cert_size);
m_certs.push_back(X509_Certificate(cert_buf));
certs += cert_size + 3;
}
/*
* TLS 1.0 through 1.2 all seem to require that the certificate be
* precisely a v3 certificate. In fact the strict wording would seem
* to require that every certificate in the chain be v3. But often
* the intermediates are outside of the control of the server.
* But, require that the leaf certificate be v3
*/
if(m_certs.size() > 0 && m_certs[0].x509_version() != 3)
{
throw TLS_Exception(Alert::BAD_CERTIFICATE,
"The leaf certificate must be v3");
}
}
/**
* Serialize a Certificate message
*/
std::vector<uint8_t> Certificate::serialize() const
{
std::vector<uint8_t> buf(3);
for(size_t i = 0; i != m_certs.size(); ++i)
{
std::vector<uint8_t> raw_cert = m_certs[i].BER_encode();
const size_t cert_size = raw_cert.size();
for(size_t j = 0; j != 3; ++j)
{
buf.push_back(get_byte(j+1, static_cast<uint32_t>(cert_size)));
}
buf += raw_cert;
}
const size_t buf_size = buf.size() - 3;
for(size_t i = 0; i != 3; ++i)
buf[i] = get_byte(i+1, static_cast<uint32_t>(buf_size));
return buf;
}
}
}
|
