reqtls/message/
certificate.rs

1use super::super::bytes::Bytes;
2use super::HandshakeType;
3use crate::bytes::ByteRef;
4use crate::error::RlsResult;
5use crate::{CertType, SignatureAlgorithm, WriteExt};
6use std::fmt::Debug;
7
8#[derive(Debug)]
9pub struct Certificates<'a> {
10    handshake_type: HandshakeType,
11    certificate_len: u32,
12    certificates: Vec<ByteRef<'a>>,
13}
14
15impl<'a> Default for Certificates<'a> {
16    fn default() -> Self {
17        Certificates {
18            handshake_type: HandshakeType::Certificate,
19            certificate_len: 0,
20            certificates: vec![],
21        }
22    }
23}
24
25impl<'a> Certificates<'a> {
26    pub fn from_bytes(ht: HandshakeType, bytes: &[u8]) -> RlsResult<Certificates<'_>> {
27        let mut res = Certificates {
28            handshake_type: ht,
29            certificate_len: u32::from_be_bytes([0, bytes[4], bytes[5], bytes[6]]),
30            ..Certificates::default()
31        };
32        let mut index = 7;
33        while index < res.certificate_len as usize + 7 {
34            let len = u32::from_be_bytes([0, bytes[index], bytes[index + 1], bytes[index + 2]]) as usize;
35            index += 3;
36            res.certificates.push(ByteRef::new(&bytes[index..index + len]));
37            index += len
38        }
39        Ok(res)
40    }
41
42    pub fn len(&self) -> usize {
43        7 + self.certificates.iter().map(|x| 3 + x.len()).sum::<usize>()
44    }
45
46    pub fn write_to<W: WriteExt>(self, writer: &mut W) {
47        writer.write_u8(self.handshake_type as u8);
48        writer.write_u32(self.len() as u32 - 4, true);
49        writer.write_u32(self.len() as u32 - 7, true);
50        for certificate in self.certificates {
51            writer.write_u32(certificate.len() as u32, true);
52            writer.write_slice(certificate.as_ref());
53        }
54    }
55
56    pub fn is_empty(&self) -> bool {
57        self.len() == 0
58    }
59
60    pub fn add_certificate(&mut self, cert: &'a [u8]) {
61        self.certificates.push(ByteRef::new(cert));
62    }
63
64    pub fn certificates(&self) -> &Vec<ByteRef<'_>> {
65        &self.certificates
66    }
67}
68
69#[derive(Debug)]
70pub struct CertificateStatus {
71    // handshake_type: HandshakeType,
72    bytes: Bytes,
73}
74
75impl CertificateStatus {
76    pub fn from_bytes(_ht: HandshakeType, bytes: &[u8]) -> CertificateStatus {
77        CertificateStatus {
78            // handshake_type:ht,
79            bytes: Bytes::new(bytes.to_vec()),
80        }
81    }
82
83    pub fn len(&self) -> usize { self.bytes.len() }
84
85    pub fn write_to<W: WriteExt>(self, writer: &mut W) {
86        writer.write_slice(self.bytes.as_ref())
87    }
88}
89
90
91
92#[derive(Debug)]
93pub struct CertificateRequest<'a> {
94    handshake_type: HandshakeType,
95    cert_type: Vec<CertType>,
96    hashes: Vec<SignatureAlgorithm>,
97    distinguished_name: ByteRef<'a>,
98}
99
100impl<'a> Default for CertificateRequest<'a> {
101    fn default() -> Self {
102        CertificateRequest {
103            handshake_type: HandshakeType::CertificateRequest,
104            cert_type: vec![],
105            hashes: vec![],
106            distinguished_name: Default::default(),
107        }
108    }
109}
110
111impl<'a> CertificateRequest<'a> {
112    pub fn random() -> CertificateRequest<'a> {
113        let mut res = CertificateRequest {
114            cert_type: vec![CertType::RSA, CertType::ECDSA],
115            hashes: vec![
116                SignatureAlgorithm::RSA_PSS_PSS_SHA256,
117                SignatureAlgorithm::RSA_PSS_PSS_SHA384,
118                SignatureAlgorithm::RSA_PSS_PSS_SHA512,
119            ],
120            ..CertificateRequest::default()
121        };
122        for hash in SignatureAlgorithm::ALL {
123            if res.hashes.len() >= 10 { break; }
124            if res.hashes.contains(&SignatureAlgorithm::new(hash)) { continue; }
125            res.hashes.push(SignatureAlgorithm::new(hash));
126        }
127        res
128    }
129
130    pub fn from_bytes(ht: HandshakeType, bytes: &'a [u8]) -> CertificateRequest<'a> {
131        let mut res = CertificateRequest {
132            handshake_type: ht,
133            ..Default::default()
134        };
135        for count in 0..bytes[4] {
136            res.cert_type.push(CertType::new(bytes[5 + count as usize]));
137        }
138        let mut index = 5 + bytes[4] as usize;
139        let len = u16::from_be_bytes([bytes[index], bytes[index + 1]]) as usize;
140        index += 2;
141        for chunk in bytes[index..index + len].chunks(2) {
142            let value = u16::from_be_bytes([chunk[0], chunk[1]]);
143            res.hashes.push(SignatureAlgorithm::new(value));
144        }
145        index += len;
146        let len = u16::from_be_bytes([bytes[index], bytes[index + 1]]) as usize;
147        index += 2;
148        res.distinguished_name = ByteRef::new(&bytes[index..index + len]);
149        res
150    }
151
152    pub fn is_empty(&self) -> bool {
153        self.len() == 0
154    }
155
156    pub fn len(&self) -> usize {
157        9 + self.cert_type.len() + self.hashes.len() * 2 + self.distinguished_name.len()
158    }
159
160    pub fn write_to<W: WriteExt>(self, writer: &mut W) {
161        writer.write_u8(self.handshake_type as u8);
162        writer.write_u32(self.len() as u32 - 4, true);
163        writer.write_u8(self.cert_type.len() as u8);
164        writer.write_u16(self.hashes.len() as u16 * 2);
165        for hash in self.hashes {
166            writer.write_u16(hash.into_inner());
167        }
168        writer.write_u16(self.distinguished_name.len() as u16);
169        writer.write_slice(self.distinguished_name.as_ref());
170    }
171
172    pub fn hashes(&self) -> &Vec<SignatureAlgorithm> {
173        &self.hashes
174    }
175
176    pub fn into_hashes(self) -> Vec<SignatureAlgorithm> {
177        self.hashes
178    }
179}
180
181#[derive(Debug)]
182pub struct CertificateVerify<'a> {
183    handshake_type: HandshakeType,
184    sign_hash: SignatureAlgorithm,
185    sign: ByteRef<'a>,
186}
187
188impl<'a> Default for CertificateVerify<'a> {
189    fn default() -> Self {
190        CertificateVerify {
191            handshake_type: HandshakeType::CertificateVerify,
192            sign_hash: SignatureAlgorithm::RSA_PSS_RSAE_SHA256,
193            sign: Default::default(),
194        }
195    }
196}
197
198impl<'a> CertificateVerify<'a> {
199    pub fn from_bytes(ht: HandshakeType, bytes: &'a [u8]) -> CertificateVerify<'a> {
200        let sign_len = u16::from_be_bytes([bytes[6], bytes[7]]);
201        CertificateVerify {
202            handshake_type: ht,
203            sign_hash: SignatureAlgorithm::new(u16::from_be_bytes([bytes[4], bytes[5]])),
204            sign: ByteRef::new(&bytes[8..8 + sign_len as usize]),
205        }
206    }
207
208    pub fn is_empty(&self) -> bool {
209        self.len() == 0
210    }
211
212    pub fn len(&self) -> usize {
213        8 + self.sign.len()
214    }
215
216    pub fn write_to<W: WriteExt>(self, writer: &mut W) {
217        writer.write_u8(self.handshake_type as u8);
218        writer.write_u32(self.len() as u32 - 4, true);
219        writer.write_u16(self.sign_hash.into_inner());
220        writer.write_u16(self.sign.len() as u16);
221        writer.write_slice(self.sign.as_ref());
222    }
223
224    pub fn set_hash(&mut self, hash: SignatureAlgorithm) {
225        self.sign_hash = hash;
226    }
227
228    pub fn set_sign(&mut self, sign: &'a [u8]) {
229        self.sign = ByteRef::new(sign);
230    }
231}
reqtls/message/certificate.rs

reqtls/message/
certificate.rs
