19012754211

Committed 02 Nov 2025 01:10PM UTC coverage: 90.677% (+0.006%) from 90.671%

Build # 19012754211

Build Type

push

github

Committed by

web-flow

Commit Message

Merge pull request #5137 from randombit/jack/clang-tidy-includes

Remove various unused includes flagged by clang-tidy misc-include-cleaner

Run Details

100457 of 110786 relevant lines covered (90.68%)

12189873.8 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

90.24

/src/lib/tls/tls12/msg_certificate_12.cpp

/*
* Certificate Message
* (C) 2004-2006,2012,2020 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/

#include <botan/tls_messages.h>

#include <botan/data_src.h>
#include <botan/tls_alert.h>
#include <botan/tls_exceptn.h>
#include <botan/tls_extensions.h>
#include <botan/internal/loadstor.h>
#include <botan/internal/tls_handshake_hash.h>
#include <botan/internal/tls_handshake_io.h>

namespace Botan::TLS {

/**
* Create a new Certificate message
*/
Certificate_12::Certificate_12(Handshake_IO& io, Handshake_Hash& hash, const std::vector<X509_Certificate>& cert_list) :
      m_certs(cert_list) {
   hash.update(io.send(*this));
}

/**
* Deserialize a Certificate message
*/
Certificate_12::Certificate_12(const std::vector<uint8_t>& buf, const Policy& policy) {
   if(buf.size() < 3) {
      throw Decoding_Error("Certificate: Message malformed");
   }

   const size_t total_size = make_uint32(0, buf[0], buf[1], buf[2]);

   if(total_size != buf.size() - 3) {
      throw Decoding_Error("Certificate: Message malformed");
   }

   const size_t max_size = policy.maximum_certificate_chain_size();
   if(max_size > 0 && total_size > max_size) {
      throw Decoding_Error("Certificate chain exceeds policy specified maximum size");
   }

   const uint8_t* certs = buf.data() + 3;

   while(size_t remaining_bytes = buf.data() + buf.size() - certs) {
      if(remaining_bytes < 3) {
         throw Decoding_Error("Certificate: Message malformed");
      }

      const size_t cert_size = make_uint32(0, certs[0], certs[1], certs[2]);

      if(remaining_bytes < (3 + cert_size)) {
         throw Decoding_Error("Certificate: Message malformed");
      }

      DataSource_Memory cert_buf(&certs[3], cert_size);
      m_certs.push_back(X509_Certificate(cert_buf));

      certs += cert_size + 3;
   }

   /*
   * TLS 1.0 through 1.2 all seem to require that the certificate be
   * precisely a v3 certificate. In fact the strict wording would seem
   * to require that every certificate in the chain be v3. But often
   * the intermediates are outside of the control of the server.
   * But, require that the leaf certificate be v3
   */
   if(!m_certs.empty() && m_certs[0].x509_version() != 3) {
      throw TLS_Exception(Alert::BadCertificate, "The leaf certificate must be v3");
   }
}

/**
* Serialize a Certificate message
*/
std::vector<uint8_t> Certificate_12::serialize() const {
   std::vector<uint8_t> buf(3);

   for(const auto& cert : m_certs) {
      const auto raw_cert = cert.BER_encode();
      const size_t cert_size = raw_cert.size();
      for(size_t j = 0; j != 3; ++j) {
         buf.push_back(get_byte_var(j + 1, static_cast<uint32_t>(cert_size)));
      }
      buf += raw_cert;
   }

   const size_t buf_size = buf.size() - 3;
   for(size_t i = 0; i != 3; ++i) {
      buf[i] = get_byte_var(i + 1, static_cast<uint32_t>(buf_size));
   }

   return buf;
}

}  // namespace Botan::TLS

1	/*
2	* Certificate Message
3	* (C) 2004-2006,2012,2020 Jack Lloyd
4	*
5	* Botan is released under the Simplified BSD License (see license.txt)
6	*/
7
8	#include <botan/tls_messages.h>
9
10	#include <botan/data_src.h>
11	#include <botan/tls_alert.h>
12	#include <botan/tls_exceptn.h>
13	#include <botan/tls_extensions.h>
14	#include <botan/internal/loadstor.h>
15	#include <botan/internal/tls_handshake_hash.h>
16	#include <botan/internal/tls_handshake_io.h>
17
18	namespace Botan::TLS {
19
20	/**
21	* Create a new Certificate message
22	*/
23	Certificate_12::Certificate_12(Handshake_IO& io, Handshake_Hash& hash, const std::vector<X509_Certificate>& cert_list) :	877✔
24	m_certs(cert_list) {	877✔
25	hash.update(io.send(*this));	1,754✔
26	}	877✔
27
28	/**
29	* Deserialize a Certificate message
30	*/
31	Certificate_12::Certificate_12(const std::vector<uint8_t>& buf, const Policy& policy) {	1,997✔
32	if(buf.size() < 3) {	1,997✔
33	throw Decoding_Error("Certificate: Message malformed");	×
34	}
35
36	const size_t total_size = make_uint32(0, buf[0], buf[1], buf[2]);	1,997✔
37
38	if(total_size != buf.size() - 3) {	1,997✔
39	throw Decoding_Error("Certificate: Message malformed");	7✔
40	}
41
42	const size_t max_size = policy.maximum_certificate_chain_size();	1,990✔
43	if(max_size > 0 && total_size > max_size) {	1,990✔
44	throw Decoding_Error("Certificate chain exceeds policy specified maximum size");	1✔
45	}
46
47	const uint8_t* certs = buf.data() + 3;	1,989✔
48
49	while(size_t remaining_bytes = buf.data() + buf.size() - certs) {	3,699✔
50	if(remaining_bytes < 3) {	2,218✔
51	throw Decoding_Error("Certificate: Message malformed");	×
52	}
53
54	const size_t cert_size = make_uint32(0, certs[0], certs[1], certs[2]);	2,218✔
55
56	if(remaining_bytes < (3 + cert_size)) {	2,218✔
57	throw Decoding_Error("Certificate: Message malformed");	5✔
58	}
59
60	DataSource_Memory cert_buf(&certs[3], cert_size);	2,213✔
61	m_certs.push_back(X509_Certificate(cert_buf));	3,923✔
62
63	certs += cert_size + 3;	1,710✔
64	}	2,213✔
65
66	/*
67	* TLS 1.0 through 1.2 all seem to require that the certificate be
68	* precisely a v3 certificate. In fact the strict wording would seem
69	* to require that every certificate in the chain be v3. But often
70	* the intermediates are outside of the control of the server.
71	* But, require that the leaf certificate be v3
72	*/
73	if(!m_certs.empty() && m_certs[0].x509_version() != 3) {	1,481✔
74	throw TLS_Exception(Alert::BadCertificate, "The leaf certificate must be v3");	×
75	}
76	}	1,997✔
77
78	/**
79	* Serialize a Certificate message
80	*/
81	std::vector<uint8_t> Certificate_12::serialize() const {	877✔
82	std::vector<uint8_t> buf(3);	877✔
83
84	for(const auto& cert : m_certs) {	1,762✔
85	const auto raw_cert = cert.BER_encode();	885✔
86	const size_t cert_size = raw_cert.size();	885✔
87	for(size_t j = 0; j != 3; ++j) {	3,540✔
88	buf.push_back(get_byte_var(j + 1, static_cast<uint32_t>(cert_size)));	2,655✔
89	}
90	buf += raw_cert;	885✔
91	}	885✔
92
93	const size_t buf_size = buf.size() - 3;	877✔
94	for(size_t i = 0; i != 3; ++i) {	3,508✔
95	buf[i] = get_byte_var(i + 1, static_cast<uint32_t>(buf_size));	2,631✔
96	}
97
98	return buf;	877✔
99	}	×
100
101	} // namespace Botan::TLS

randombit / botan / 19012754211

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous