blob: f28fe10d22d4cd007d59eb4532e87a112d6c454f (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
|
/*
* Certificate Status
* (C) 2016 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
#include <botan/internal/tls_messages.h>
#include <botan/internal/tls_reader.h>
#include <botan/internal/tls_extensions.h>
#include <botan/internal/tls_handshake_io.h>
#include <botan/der_enc.h>
#include <botan/ber_dec.h>
namespace Botan {
namespace TLS {
Certificate_Status::Certificate_Status(const std::vector<byte>& buf)
{
if(buf.size() < 5)
throw Decoding_Error("Invalid Certificate_Status message: too small");
if(buf[0] != 1)
throw Decoding_Error("Unexpected Certificate_Status message: unexpected message type");
size_t len = make_u32bit(0, buf[1], buf[2], buf[3]);
// Verify the redundant length field...
if(buf.size() != len + 4)
throw Decoding_Error("Invalid Certificate_Status: invalid length field");
m_response = std::make_shared<OCSP::Response>(buf.data() + 4, buf.size() - 4);
}
Certificate_Status::Certificate_Status(Handshake_IO& io,
Handshake_Hash& hash,
std::shared_ptr<const OCSP::Response> ocsp) :
m_response(ocsp)
{
hash.update(io.send(*this));
}
std::vector<byte> Certificate_Status::serialize() const
{
BOTAN_ASSERT_NONNULL(m_response);
const std::vector<byte>& m_resp_bits = m_response->raw_bits();
if(m_resp_bits.size() > 0xFFFFFF) // unlikely
throw Encoding_Error("OCSP response too long to encode in TLS");
const uint32_t m_resp_bits_len = static_cast<u32bit>(m_resp_bits.size());
std::vector<byte> buf;
buf.push_back(1); // type OCSP
for(size_t i = 1; i < 4; ++i)
buf[i] = get_byte(i, m_resp_bits_len);
buf += m_resp_bits;
return buf;
}
}
}
|
