37 const char *initialCertID,
45 assert(
isReadPtr( initialCertID, initialCertIDlength ) );
49 memcpy( certID, initialCertID, initialCertIDlength );
61 "SELECT certID FROM certLog WHERE subjCertID = ? "
63 certData, &certDataLength, certID,
70 memcpy( certID, certData,
72 certID[ MAX_ENCODED_DBXKEYID_SIZE ] =
'\0';
74 "SELECT certID FROM certLog WHERE reqCertID = ? "
76 certData, &certDataLength, certID,
82 base64decode( keyCertID, certData,
91 status = getItemData( dbmsInfo, iCertificate, &dummy,
96 if( chainingLevel >= FAILSAFE_ITERATIONS_MED )
132 int localCertIDlength =
certIDlength, sqlOffset, sqlLength, boundDataIndex;
135 assert( ( certID == NULL && certIDlength == 0 ) || \
137 assert( ( reqCertID == NULL && reqCertIDlength == 0 ) || \
138 isReadPtr( reqCertID, reqCertIDlength ) );
139 assert( ( subjCertID == NULL && subjCertIDlength == 0 ) || \
140 isReadPtr( subjCertID, subjCertIDlength ) );
141 assert( ( data == NULL && dataLength == 0 ) || \
146 REQUIRES( ( certID == NULL && certIDlength == 0 ) || \
147 ( certID != NULL && \
148 certIDlength > 0 && \
150 REQUIRES( ( reqCertID == NULL && reqCertIDlength == 0 ) || \
151 ( reqCertID != NULL && \
152 reqCertIDlength > 0 && \
154 REQUIRES( ( subjCertID == NULL && subjCertIDlength == 0 ) || \
155 ( subjCertID != NULL && \
156 subjCertIDlength > 0 && \
158 REQUIRES( ( data == NULL && dataLength == 0 ) || \
171 "INSERT INTO certLog (action, actionTime, certID" );
172 if( reqCertID != NULL )
174 if( subjCertID != NULL )
179 sqlOffset = strlen( sqlBuffer );
181 sprintf_s( sqlBuffer + sqlOffset, sqlLength,
"%d, ?, ?", action );
182 if( reqCertID != NULL )
183 strlcat_s( sqlBuffer + sqlOffset, sqlLength,
", ?" );
184 if( subjCertID != NULL )
185 strlcat_s( sqlBuffer + sqlOffset, sqlLength,
", ?" );
187 strlcat_s( sqlBuffer + sqlOffset, sqlLength,
", ?" );
188 strlcat_s( sqlBuffer + sqlOffset, sqlLength,
")" );
202 &msgData, CRYPT_IATTRIBUTE_RANDOM_NONCE );
217 memset( certIDbuffer,
'-', 4 );
218 certID = certIDbuffer;
225 setBoundData( boundDataPtr, 1, certID, localCertIDlength );
227 if( reqCertID != NULL )
228 setBoundData( boundDataPtr, boundDataIndex++, reqCertID,
230 if( subjCertID != NULL )
231 setBoundData( boundDataPtr, boundDataIndex++, subjCertID,
242 int encodedDataLength,
status;
245 &encodedDataLength, data, dataLength,
249 DEBUG_DIAG((
"Couldn't base64-encode data" ));
254 encodedCertData, encodedDataLength );
257 return(
dbmsUpdate( sqlBuffer, boundDataPtr, updateType ) );
275 const int errorStringLength = strlen( errorString );
279 assert( ( certID == NULL && certIDlength == 0 ) || \
281 assert( ( reqCertID == NULL && reqCertIDlength == 0 ) || \
282 isReadPtr( reqCertID, reqCertIDlength ) );
283 assert( ( subjCertID == NULL && subjCertIDlength == 0 ) || \
284 isReadPtr( subjCertID, subjCertIDlength ) );
285 assert( ( data == NULL && dataLength == 0 ) || \
290 REQUIRES( ( certID == NULL && certIDlength == 0 ) || \
291 ( certID != NULL && \
292 certIDlength > 0 && \
294 REQUIRES( ( reqCertID == NULL && reqCertIDlength == 0 ) || \
295 ( reqCertID != NULL && \
296 reqCertIDlength > 0 && \
298 REQUIRES( ( subjCertID == NULL && subjCertIDlength == 0 ) || \
299 ( subjCertID != NULL && \
300 subjCertIDlength > 0 && \
302 REQUIRES( ( data == NULL && dataLength == 0 ) || \
325 (
int ) sizeofObject( errorStringLength ) + \
327 writeShortInteger( &stream, -errorStatus,
DEFAULT_TAG );
328 status = writeCharacterString( &stream, errorString, errorStringLength,
331 status = swrite( &stream, data, dataLength );
333 errorDataLength = stell( &stream );
334 sMemDisconnect( &stream );
338 writeSequence( &stream, sizeofObject( 1 ) + sizeofObject( 31 ) );
340 status = writeCharacterString( &stream,
341 "Error writing error information", 31,
344 errorDataLength = stell( &stream );
345 sMemDisconnect( &stream );
352 certID, certIDlength, reqCertID, reqCertIDlength,
353 subjCertID, subjCertIDlength,
364 return( updateCertErrorLog( dbmsInfo, errorStatus, errorString,
365 NULL, 0, NULL, 0, NULL, 0, NULL, 0 ) );
387 IN_BUFFER( initialCertIDlength )
const char *initialCertID,
389 const int initialCertIDlength,
407 memcpy( certID, initialCertID, initialCertIDlength );
408 certIDlength = initialCertIDlength;
424 "SELECT action FROM certLog WHERE certID = ?",
441 "SELECT reqCertID FROM certLog WHERE certID = ?",
448 memcpy( certID, certData, certIDlength );
456 "SELECT reqCertID FROM certLog WHERE certID = ?",
463 memcpy( certID, certData, certIDlength );
465 if( chainingLevel >= FAILSAFE_ITERATIONS_MED )
473 CRYPT_IKEYID_CERTID, certID, certIDlength,
494 DBMS_INFO *dbmsInfo = keysetInfoPtr->keysetDBMS;
499 assert( ( iCertificate == NULL ) || \
544 if( iCertificate != NULL )
565 return( caIssueCertComplete( dbmsInfo, request, action,
586 "CA certificate isn't valid for CRL signing" ) );
601 "CA certificate isn't valid for certificate "
612 return( caIssueCRL( dbmsInfo, iCertificate, caKey,
KEYSET_ERRINFO ) );
621 "Certificate request information "
622 "inconsistent/invalid" ) );
633 setBoundData( boundDataPtr, 0, reqCertID, reqCertIDlength );
635 "SELECT certData FROM certRequests WHERE certID = ?",
636 NULL, 0, NULL, boundDataPtr,
642 "Certificate request doesn't correspond to any existing "
643 "request in the certificate store" ) );
660 return( caIssueCert( dbmsInfo, iCertificate, caKey, request, action,
673 keysetInfoPtr->keysetDBMS->certMgmtFunction = certMgmtFunction;