1/*
2 *  Licensed to the Apache Software Foundation (ASF) under one or more
3 *  contributor license agreements.  See the NOTICE file distributed with
4 *  this work for additional information regarding copyright ownership.
5 *  The ASF licenses this file to You under the Apache License, Version 2.0
6 *  (the "License"); you may not use this file except in compliance with
7 *  the License.  You may obtain a copy of the License at
8 *
9 *     http://www.apache.org/licenses/LICENSE-2.0
10 *
11 *  Unless required by applicable law or agreed to in writing, software
12 *  distributed under the License is distributed on an "AS IS" BASIS,
13 *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 *  See the License for the specific language governing permissions and
15 *  limitations under the License.
16 */
17
18package org.conscrypt;
19
20import java.io.IOException;
21
22/**
23 * Represents certificate verify message
24 * @see <a href="http://www.ietf.org/rfc/rfc2246.txt">TLS 1.0 spec., 7.4.8.
25 * Certificate verify</a>
26 */
27public class CertificateVerify extends Message {
28
29    /**
30     * Signature
31     */
32    byte[] signedHash;
33
34    /**
35     * Creates outbound message
36     *
37     * @param hash
38     */
39    public CertificateVerify(byte[] hash) {
40        if (hash == null || hash.length == 0) {
41            fatalAlert(AlertProtocol.INTERNAL_ERROR,
42                    "INTERNAL ERROR: incorrect certificate verify hash");
43        }
44        this.signedHash = hash;
45        length = hash.length + 2;
46    }
47
48    /**
49     * Creates inbound message
50     *
51     * @param in
52     * @param length
53     * @throws IOException
54     */
55    public CertificateVerify(HandshakeIODataStream in, int length)
56            throws IOException {
57        if (length == 0) {
58            fatalAlert(AlertProtocol.DECODE_ERROR,
59                    "DECODE ERROR: incorrect CertificateVerify");
60        } else {
61            if (in.readUint16() != length - 2) {
62                fatalAlert(AlertProtocol.DECODE_ERROR,
63                        "DECODE ERROR: incorrect CertificateVerify");
64            }
65            signedHash = in.read(length -2);
66        }
67        this.length = length;
68    }
69
70    /**
71     * Sends message
72     *
73     * @param out
74     */
75    @Override
76    public void send(HandshakeIODataStream out) {
77        if (signedHash.length != 0) {
78            out.writeUint16(signedHash.length);
79            out.write(signedHash);
80        }
81    }
82
83    /**
84     * Returns message type
85     */
86    @Override
87    public int getType() {
88        return Handshake.CERTIFICATE_VERIFY;
89    }
90}
91