/src/botan/src/lib/tls/msg_cert_status.cpp
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * Certificate Status |
3 | | * (C) 2016 Jack Lloyd |
4 | | * |
5 | | * Botan is released under the Simplified BSD License (see license.txt) |
6 | | */ |
7 | | |
8 | | #include <botan/tls_messages.h> |
9 | | #include <botan/tls_extensions.h> |
10 | | #include <botan/internal/tls_reader.h> |
11 | | #include <botan/internal/tls_handshake_io.h> |
12 | | #include <botan/internal/tls_handshake_hash.h> |
13 | | #include <botan/der_enc.h> |
14 | | #include <botan/ber_dec.h> |
15 | | |
16 | | namespace Botan { |
17 | | |
18 | | namespace TLS { |
19 | | |
20 | | Certificate_Status::Certificate_Status(const std::vector<uint8_t>& buf) |
21 | 12 | { |
22 | 12 | if(buf.size() < 5) |
23 | 2 | throw Decoding_Error("Invalid Certificate_Status message: too small"); |
24 | 10 | |
25 | 10 | if(buf[0] != 1) // not OCSP |
26 | 2 | throw Decoding_Error("Unexpected Certificate_Status message: unexpected response type"); |
27 | 8 | |
28 | 8 | size_t len = make_uint32(0, buf[1], buf[2], buf[3]); |
29 | 8 | |
30 | 8 | // Verify the redundant length field... |
31 | 8 | if(buf.size() != len + 4) |
32 | 7 | throw Decoding_Error("Invalid Certificate_Status: invalid length field"); |
33 | 1 | |
34 | 1 | m_response.assign(buf.begin() + 4, buf.end()); |
35 | 1 | } |
36 | | |
37 | | Certificate_Status::Certificate_Status(Handshake_IO& io, |
38 | | Handshake_Hash& hash, |
39 | | std::shared_ptr<const OCSP::Response> ocsp) : |
40 | | m_response(ocsp->raw_bits()) |
41 | 0 | { |
42 | 0 | hash.update(io.send(*this)); |
43 | 0 | } |
44 | | |
45 | | Certificate_Status::Certificate_Status(Handshake_IO& io, |
46 | | Handshake_Hash& hash, |
47 | | const std::vector<uint8_t>& raw_response_bytes) : |
48 | | m_response(raw_response_bytes) |
49 | 0 | { |
50 | 0 | hash.update(io.send(*this)); |
51 | 0 | } |
52 | | |
53 | | std::vector<uint8_t> Certificate_Status::serialize() const |
54 | 0 | { |
55 | 0 | if(m_response.size() > 0xFFFFFF) // unlikely |
56 | 0 | throw Encoding_Error("OCSP response too long to encode in TLS"); |
57 | 0 | |
58 | 0 | const uint32_t response_len = static_cast<uint32_t>(m_response.size()); |
59 | 0 |
|
60 | 0 | std::vector<uint8_t> buf; |
61 | 0 | buf.push_back(1); // type OCSP |
62 | 0 | for(size_t i = 1; i < 4; ++i) |
63 | 0 | buf.push_back(get_byte(i, response_len)); |
64 | 0 |
|
65 | 0 | buf += m_response; |
66 | 0 | return buf; |
67 | 0 | } |
68 | | |
69 | | } |
70 | | |
71 | | } |