1# Copyright 2016-2024 The OpenSSL Project Authors. All Rights Reserved.
2#
3# Licensed under the Apache License 2.0 (the "License").  You may not use
4# this file except in compliance with the License.  You can obtain a copy
5# in the file LICENSE in the source distribution or at
6# https://www.openssl.org/source/license.html
7
8use strict;
9
10package TLSProxy::CertificateVerify;
11
12use vars '@ISA';
13push @ISA, 'TLSProxy::Message';
14
15sub new
16{
17    my $class = shift;
18    my ($isdtls,
19        $server,
20        $msgseq,
21        $msgfrag,
22        $msgfragoffs,
23        $data,
24        $records,
25        $startoffset,
26        $message_frag_lens) = @_;
27
28    my $self = $class->SUPER::new(
29        $isdtls,
30        $server,
31        TLSProxy::Message::MT_CERTIFICATE_VERIFY,
32        $msgseq,
33        $msgfrag,
34        $msgfragoffs,
35        $data,
36        $records,
37        $startoffset,
38        $message_frag_lens);
39
40    $self->{sigalg} = -1;
41    $self->{signature} = "";
42
43    return $self;
44}
45
46sub parse
47{
48    my $self = shift;
49
50    my $sigalg = -1;
51    my $remdata = $self->data;
52    my $record = ${$self->records}[0];
53
54    if (TLSProxy::Proxy->is_tls13()
55            || $record->version() == TLSProxy::Record::VERS_TLS_1_2
56            || $record->version() == TLSProxy::Record::VERS_DTLS_1_2) {
57        $sigalg = unpack('n', $remdata);
58        $remdata = substr($remdata, 2);
59    }
60
61    my $siglen = unpack('n', substr($remdata, 0, 2));
62    my $sig = substr($remdata, 2);
63
64    die "Invalid CertificateVerify signature length" if length($sig) != $siglen;
65
66    print "    SigAlg:".$sigalg."\n";
67    print "    Signature Len:".$siglen."\n";
68
69    $self->sigalg($sigalg);
70    $self->signature($sig);
71}
72
73#Reconstruct the on-the-wire message data following changes
74sub set_message_contents
75{
76    my $self = shift;
77    my $data = "";
78    my $sig = $self->signature();
79    my $olddata = $self->data();
80
81    $data .= pack("n", $self->sigalg()) if ($self->sigalg() != -1);
82    $data .= pack("n", length($sig));
83    $data .= $sig;
84
85    $self->data($data);
86}
87
88#Read/write accessors
89sub sigalg
90{
91    my $self = shift;
92    if (@_) {
93      $self->{sigalg} = shift;
94    }
95    return $self->{sigalg};
96}
97sub signature
98{
99    my $self = shift;
100    if (@_) {
101      $self->{signature} = shift;
102    }
103    return $self->{signature};
104}
1051;
106