• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * This file is part of the openHiTLS project.
3  *
4  * openHiTLS is licensed under the Mulan PSL v2.
5  * You can use this software according to the terms and conditions of the Mulan PSL v2.
6  * You may obtain a copy of Mulan PSL v2 at:
7  *
8  *     http://license.coscl.org.cn/MulanPSL2
9  *
10  * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND,
11  * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT,
12  * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE.
13  * See the Mulan PSL v2 for more details.
14  */
15 #include "hitls_build.h"
16 #if defined(HITLS_TLS_HOST_CLIENT) || defined(HITLS_TLS_PROTO_TLS13)
17 #include <stdint.h>
18 #include "securec.h"
19 #include "tls_binlog_id.h"
20 #include "bsl_log_internal.h"
21 #include "bsl_log.h"
22 #include "bsl_err_internal.h"
23 #include "bsl_bytes.h"
24 #include "pack_common.h"
25 #include "hitls_error.h"
26 #include "tls.h"
27 #include "hs_ctx.h"
28 
PackCertificateVerify(const TLS_Ctx * ctx,uint8_t * buf,uint32_t bufLen,uint32_t * usedLen)29 int32_t PackCertificateVerify(const TLS_Ctx *ctx, uint8_t *buf, uint32_t bufLen, uint32_t *usedLen)
30 {
31     uint32_t offset = 0u;
32     const HS_Ctx *hsCtx = (HS_Ctx *)ctx->hsCtx;
33 
34     if (hsCtx->verifyCtx->verifyDataSize == 0u) {
35         BSL_ERR_PUSH_ERROR(HITLS_INTERNAL_EXCEPTION);
36         BSL_LOG_BINLOG_FIXLEN(BINLOG_ID15824, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN,
37             "the verify data is illegal.", 0, 0, 0, 0);
38         return HITLS_INTERNAL_EXCEPTION;
39     }
40 
41     if (bufLen < sizeof(uint16_t) + sizeof(uint16_t) + hsCtx->verifyCtx->verifyDataSize) {
42         return PackBufLenError(BINLOG_ID15825, BINGLOG_STR("cert verify"));
43     }
44 #if defined(HITLS_TLS_PROTO_TLS12) || defined(HITLS_TLS_PROTO_DTLS12) || defined(HITLS_TLS_PROTO_TLS13)
45 
46     if (ctx->negotiatedInfo.version != HITLS_VERSION_TLCP_DTLCP11) {
47         BSL_Uint16ToByte((uint16_t)ctx->negotiatedInfo.signScheme, &buf[offset]);
48         offset += sizeof(uint16_t);
49     }
50 #endif
51     /* Verify the data is the signature data. The maximum length of the signature data is 1024 bytes */
52     BSL_Uint16ToByte((uint16_t)hsCtx->verifyCtx->verifyDataSize, &buf[offset]);
53     offset += sizeof(uint16_t);
54 
55     (void)memcpy_s(&buf[offset], bufLen - offset, hsCtx->verifyCtx->verifyData, hsCtx->verifyCtx->verifyDataSize);
56     offset += hsCtx->verifyCtx->verifyDataSize;
57 
58     *usedLen = offset;
59     return HITLS_SUCCESS;
60 }
61 #endif /* HITLS_TLS_HOST_CLIENT || HITLS_TLS_PROTO_TLS13 */