1# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. 2# 3# Licensed under the Apache License 2.0 (the "License"). You may not use 4# this file except in compliance with the License. You can obtain a copy 5# in the file LICENSE in the source distribution or at 6# https://www.openssl.org/source/license.html 7 8use strict; 9 10package TLSProxy::CertificateVerify; 11 12use vars '@ISA'; 13push @ISA, 'TLSProxy::Message'; 14 15sub new 16{ 17 my $class = shift; 18 my ($server, 19 $data, 20 $records, 21 $startoffset, 22 $message_frag_lens) = @_; 23 24 my $self = $class->SUPER::new( 25 $server, 26 TLSProxy::Message::MT_CERTIFICATE_VERIFY, 27 $data, 28 $records, 29 $startoffset, 30 $message_frag_lens); 31 32 $self->{sigalg} = -1; 33 $self->{signature} = ""; 34 35 return $self; 36} 37 38sub parse 39{ 40 my $self = shift; 41 42 my $sigalg = -1; 43 my $remdata = $self->data; 44 my $record = ${$self->records}[0]; 45 46 if (TLSProxy::Proxy->is_tls13() 47 || $record->version() == TLSProxy::Record::VERS_TLS_1_2) { 48 $sigalg = unpack('n', $remdata); 49 $remdata = substr($remdata, 2); 50 } 51 52 my $siglen = unpack('n', substr($remdata, 0, 2)); 53 my $sig = substr($remdata, 2); 54 55 die "Invalid CertificateVerify signature length" if length($sig) != $siglen; 56 57 print " SigAlg:".$sigalg."\n"; 58 print " Signature Len:".$siglen."\n"; 59 60 $self->sigalg($sigalg); 61 $self->signature($sig); 62} 63 64#Reconstruct the on-the-wire message data following changes 65sub set_message_contents 66{ 67 my $self = shift; 68 my $data = ""; 69 my $sig = $self->signature(); 70 my $olddata = $self->data(); 71 72 $data .= pack("n", $self->sigalg()) if ($self->sigalg() != -1); 73 $data .= pack("n", length($sig)); 74 $data .= $sig; 75 76 $self->data($data); 77} 78 79#Read/write accessors 80sub sigalg 81{ 82 my $self = shift; 83 if (@_) { 84 $self->{sigalg} = shift; 85 } 86 return $self->{sigalg}; 87} 88sub signature 89{ 90 my $self = shift; 91 if (@_) { 92 $self->{signature} = shift; 93 } 94 return $self->{signature}; 95} 961; 97