/src/botan/src/lib/tls/msg_cert_verify.cpp
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * Certificate Verify Message |
3 | | * (C) 2004,2006,2011,2012 Jack Lloyd |
4 | | * 2017 Harry Reimann, Rohde & Schwarz Cybersecurity |
5 | | * 2021 Elektrobit Automotive GmbH |
6 | | * 2022 René Meusel, Hannes Rantzsch - neXenio GmbH |
7 | | * |
8 | | * Botan is released under the Simplified BSD License (see license.txt) |
9 | | */ |
10 | | |
11 | | #include <botan/tls_messages.h> |
12 | | |
13 | | #include <botan/internal/tls_handshake_io.h> |
14 | | #include <botan/internal/tls_handshake_state.h> |
15 | | #include <botan/internal/tls_reader.h> |
16 | | #include <botan/pk_keys.h> |
17 | | #include <botan/tls_algos.h> |
18 | | #include <botan/tls_extensions.h> |
19 | | |
20 | | namespace Botan::TLS { |
21 | | |
22 | | /* |
23 | | * Create a new Certificate Verify message |
24 | | */ |
25 | | Certificate_Verify::Certificate_Verify(Handshake_IO& io, |
26 | | Handshake_State& state, |
27 | | const Policy& policy, |
28 | | RandomNumberGenerator& rng, |
29 | | const Private_Key* priv_key) |
30 | 0 | { |
31 | 0 | BOTAN_ASSERT_NONNULL(priv_key); |
32 | |
|
33 | 0 | std::pair<std::string, Signature_Format> format = |
34 | 0 | state.choose_sig_format(*priv_key, m_scheme, true, policy); |
35 | |
|
36 | 0 | m_signature = |
37 | 0 | state.callbacks().tls_sign_message(*priv_key, rng, format.first, format.second, |
38 | 0 | state.hash().get_contents()); |
39 | |
|
40 | 0 | state.hash().update(io.send(*this)); |
41 | 0 | } |
42 | | |
43 | | /* |
44 | | * Deserialize a Certificate Verify message |
45 | | */ |
46 | | Certificate_Verify::Certificate_Verify(const std::vector<uint8_t>& buf) |
47 | 0 | { |
48 | 0 | TLS_Data_Reader reader("CertificateVerify", buf); |
49 | |
|
50 | 0 | m_scheme = static_cast<Signature_Scheme>(reader.get_uint16_t()); |
51 | 0 | m_signature = reader.get_range<uint8_t>(2, 0, 65535); |
52 | 0 | reader.assert_done(); |
53 | |
|
54 | 0 | if(m_scheme == Signature_Scheme::NONE) |
55 | 0 | { throw Decoding_Error("Counterparty did not send hash/sig IDS"); } |
56 | |
|
57 | 0 | } |
58 | | |
59 | | /* |
60 | | * Serialize a Certificate Verify message |
61 | | */ |
62 | | std::vector<uint8_t> Certificate_Verify::serialize() const |
63 | 0 | { |
64 | 0 | std::vector<uint8_t> buf; |
65 | |
|
66 | 0 | if(m_scheme != Signature_Scheme::NONE) |
67 | 0 | { |
68 | 0 | const uint16_t scheme_code = static_cast<uint16_t>(m_scheme); |
69 | 0 | buf.push_back(get_byte<0>(scheme_code)); |
70 | 0 | buf.push_back(get_byte<1>(scheme_code)); |
71 | 0 | } |
72 | |
|
73 | 0 | if(m_signature.size() > 0xFFFF) |
74 | 0 | { throw Encoding_Error("Certificate_Verify signature too long to encode"); } |
75 | | |
76 | 0 | const uint16_t sig_len = static_cast<uint16_t>(m_signature.size()); |
77 | 0 | buf.push_back(get_byte<0>(sig_len)); |
78 | 0 | buf.push_back(get_byte<1>(sig_len)); |
79 | 0 | buf += m_signature; |
80 | |
|
81 | 0 | return buf; |
82 | 0 | } |
83 | | |
84 | | |
85 | | bool Certificate_Verify_12::verify(const X509_Certificate& cert, |
86 | | const Handshake_State& state, |
87 | | const Policy& policy) const |
88 | 0 | { |
89 | 0 | std::unique_ptr<Public_Key> key(cert.subject_public_key()); |
90 | |
|
91 | 0 | policy.check_peer_key_acceptable(*key); |
92 | |
|
93 | 0 | std::pair<std::string, Signature_Format> format = |
94 | 0 | state.parse_sig_format(*key.get(), m_scheme, state.client_hello()->signature_schemes(), true, policy); |
95 | |
|
96 | 0 | const bool signature_valid = |
97 | 0 | state.callbacks().tls_verify_message(*key, format.first, format.second, |
98 | 0 | state.hash().get_contents(), m_signature); |
99 | |
|
100 | 0 | #if defined(BOTAN_UNSAFE_FUZZER_MODE) |
101 | 0 | BOTAN_UNUSED(signature_valid); |
102 | 0 | return true; |
103 | | #else |
104 | | return signature_valid; |
105 | | #endif |
106 | 0 | } |
107 | | |
108 | | } |