Cryptography Reference
In-Depth Information
Therefore, the TLS
certifi cate
handshake message starts off with the length of
the certifi cate chain so that the receiver knows how many bytes of certifi cate fol-
low. If you are so inclined, you can infer this from the length of the handshake
message and the ASN.1 structure declaration that begins each certifi cate, but
explicitness can never hurt.
Certifi cate chain parsing, then, consists of reading the length of the certifi -
cate chain from the message, and then reading each certifi cate in turn, using
each to verify the last. Of course, the fi rst must also be verifi ed for freshness
and domain name validity. At a bare minimum, though, in order to complete
a TLS handshake, you need to read and store the public key contained within
the certifi cate because it's required to perform the key exchange. Listing 6-29
shows a bare-bones certifi cate chain parsing routine that doesn't actually verify
the certifi cate signatures or check validity parameters.
Listing 6-29:
“x509.c” parse_x509_chain
/**
* This is called by “receive_server_hello” when the “certificate” PDU
* is encountered. The input to this function should be a certificate chain.
* The most important certificate is the first one, since this contains the
* public key of the subject as well as the DNS name information (which
* has to be verified against).
* Each subsequent certificate acts as a signer for the previous certificate.
* Each signature is verified by this function.
* The public key of the first certificate in the chain will be returned in
* “server_public_key” (subsequent certificates are just needed for signature
* verification).
* TODO verify signatures.
*/
char *parse_x509_chain( unsigned char *buffer,
int pdu_length,
public_key_info *server_public_key )
{
int pos;
signed_x509_certificate certificate;
unsigned int chain_length, certificate_length;
unsigned char *ptr;
ptr = buffer;
pos = 0;
// TODO this won't work on a big-endian machine
chain_length = ( *ptr << 16 ) | ( *( ptr + 1 ) << 8 ) | ( *( ptr + 2 ) );
ptr += 3;
// The chain length is actually redundant since the length of the PDU has
// already been input.
assert ( chain_length == ( pdu_length - 3 ) );
Search WWH ::
Custom Search