| 1 | # Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
|
|---|
| 2 | #
|
|---|
| 3 | # Licensed under the Apache License 2.0 (the "License"). You may not use
|
|---|
| 4 | # this file except in compliance with the License. You can obtain a copy
|
|---|
| 5 | # in the file LICENSE in the source distribution or at
|
|---|
| 6 | # https://www.openssl.org/source/license.html
|
|---|
| 7 |
|
|---|
| 8 | use strict;
|
|---|
| 9 |
|
|---|
| 10 | package TLSProxy::CertificateVerify;
|
|---|
| 11 |
|
|---|
| 12 | use vars '@ISA';
|
|---|
| 13 | push @ISA, 'TLSProxy::Message';
|
|---|
| 14 |
|
|---|
| 15 | sub new
|
|---|
| 16 | {
|
|---|
| 17 | my $class = shift;
|
|---|
| 18 | my ($server,
|
|---|
| 19 | $data,
|
|---|
| 20 | $records,
|
|---|
| 21 | $startoffset,
|
|---|
| 22 | $message_frag_lens) = @_;
|
|---|
| 23 |
|
|---|
| 24 | my $self = $class->SUPER::new(
|
|---|
| 25 | $server,
|
|---|
| 26 | TLSProxy::Message::MT_CERTIFICATE_VERIFY,
|
|---|
| 27 | $data,
|
|---|
| 28 | $records,
|
|---|
| 29 | $startoffset,
|
|---|
| 30 | $message_frag_lens);
|
|---|
| 31 |
|
|---|
| 32 | $self->{sigalg} = -1;
|
|---|
| 33 | $self->{signature} = "";
|
|---|
| 34 |
|
|---|
| 35 | return $self;
|
|---|
| 36 | }
|
|---|
| 37 |
|
|---|
| 38 | sub parse
|
|---|
| 39 | {
|
|---|
| 40 | my $self = shift;
|
|---|
| 41 |
|
|---|
| 42 | my $sigalg = -1;
|
|---|
| 43 | my $remdata = $self->data;
|
|---|
| 44 | my $record = ${$self->records}[0];
|
|---|
| 45 |
|
|---|
| 46 | if (TLSProxy::Proxy->is_tls13()
|
|---|
| 47 | || $record->version() == TLSProxy::Record::VERS_TLS_1_2) {
|
|---|
| 48 | $sigalg = unpack('n', $remdata);
|
|---|
| 49 | $remdata = substr($remdata, 2);
|
|---|
| 50 | }
|
|---|
| 51 |
|
|---|
| 52 | my $siglen = unpack('n', substr($remdata, 0, 2));
|
|---|
| 53 | my $sig = substr($remdata, 2);
|
|---|
| 54 |
|
|---|
| 55 | die "Invalid CertificateVerify signature length" if length($sig) != $siglen;
|
|---|
| 56 |
|
|---|
| 57 | print " SigAlg:".$sigalg."\n";
|
|---|
| 58 | print " Signature Len:".$siglen."\n";
|
|---|
| 59 |
|
|---|
| 60 | $self->sigalg($sigalg);
|
|---|
| 61 | $self->signature($sig);
|
|---|
| 62 | }
|
|---|
| 63 |
|
|---|
| 64 | #Reconstruct the on-the-wire message data following changes
|
|---|
| 65 | sub set_message_contents
|
|---|
| 66 | {
|
|---|
| 67 | my $self = shift;
|
|---|
| 68 | my $data = "";
|
|---|
| 69 | my $sig = $self->signature();
|
|---|
| 70 | my $olddata = $self->data();
|
|---|
| 71 |
|
|---|
| 72 | $data .= pack("n", $self->sigalg()) if ($self->sigalg() != -1);
|
|---|
| 73 | $data .= pack("n", length($sig));
|
|---|
| 74 | $data .= $sig;
|
|---|
| 75 |
|
|---|
| 76 | $self->data($data);
|
|---|
| 77 | }
|
|---|
| 78 |
|
|---|
| 79 | #Read/write accessors
|
|---|
| 80 | sub sigalg
|
|---|
| 81 | {
|
|---|
| 82 | my $self = shift;
|
|---|
| 83 | if (@_) {
|
|---|
| 84 | $self->{sigalg} = shift;
|
|---|
| 85 | }
|
|---|
| 86 | return $self->{sigalg};
|
|---|
| 87 | }
|
|---|
| 88 | sub signature
|
|---|
| 89 | {
|
|---|
| 90 | my $self = shift;
|
|---|
| 91 | if (@_) {
|
|---|
| 92 | $self->{signature} = shift;
|
|---|
| 93 | }
|
|---|
| 94 | return $self->{signature};
|
|---|
| 95 | }
|
|---|
| 96 | 1;
|
|---|
