#include <time.h>
#include "io/stream.h"
#include "cert/certfn.h"

Classes
struct	SELECTION_INFO

struct	SELECTION_STATE

struct	CERT_CERT_INFO

struct	CERT_INFO

Macros
#define	MIN_ATTRIBUTE_SIZE 12

#define	MAX_CHAINLENGTH 16

#define	DEFAULT_SERIALNO_SIZE 8

#define	SERIALNO_BUFSIZE 32

#define	MAX_SERIALNO_SIZE 256

#define	PKIUSER_AUTHENTICATOR_SIZE 12

#define	PKIUSER_ENCR_AUTHENTICATOR_SIZE 32

#define	ENCODING_FIFO_SIZE 10

#define	MIN_CERT_TIME_VALUE ( ( 1996 - 1970 ) * 365 * 86400L )

#define	CERT_FLAG_NONE 0x00 /* No flag */

#define	CERT_FLAG_SELFSIGNED 0x01 /* Certificate is self-signed */

#define	CERT_FLAG_SIGCHECKED 0x02 /* Signature has been checked */

#define	CERT_FLAG_DATAONLY 0x04 /* Certificate is data-only (no context) */

#define	CERT_FLAG_CRLENTRY 0x08 /* CRL is a standalone single entry */

#define	CERT_FLAG_CERTCOLLECTION 0x10 /* Certificate chain is unordered collection */

#define	CERT_FLAG_PATHKLUDGE 0x20 /* Certificate is a PKIX path kludge */

#define	CERT_FLAG_MAX 0x3F /* Maximum possible flag value */

#define	setErrorValues(locus, type) errorLocus = ( locus ); errorType = ( type )

#define	CHECKKEY_FLAG_NONE 0x00 /* No specific checks */

#define	CHECKKEY_FLAG_CA 0x01 /* Must be CA key */

#define	CHECKKEY_FLAG_PRIVATEKEY 0x02 /* Check priv.key constraints */

#define	CHECKKEY_FLAG_GENCHECK 0x04 /* General details check */

#define	CHECKKEY_FLAG_MAX 0x07 /* Maximum possible flag value */

#define	PRE_SET_NONE 0x0000 /* No setup actions */

#define	PRE_SET_STANDARDATTR 0x0001 /* Set up standard extensions */

#define	PRE_SET_ISSUERATTR 0x0002 /* Copy issuer attr.to subject */

#define	PRE_SET_ISSUERDN 0x0004 /* Copy issuer DN to subject */

#define	PRE_SET_VALIDITYPERIOD 0x0008 /* Constrain subj.val.to issuer val.*/

#define	PRE_SET_VALINFO 0x0010 /* Set up validity information */

#define	PRE_SET_REVINFO 0x0020 /* Set up revocation information */

#define	PRE_SET_FLAG_NONE 0x0000 /* No setup actions */

#define	PRE_SET_FLAG_MAX 0x003F /* Maximum possible flag value */

#define	PRE_CHECK_NONE 0x0000 /* No check actions */

#define	PRE_CHECK_SPKI 0x0001 /* SPKI present */

#define	PRE_CHECK_DN 0x0002 /* Subject DN present */

#define	PRE_CHECK_DN_PARTIAL 0x0004 /* Partial subject DN present */

#define	PRE_CHECK_ISSUERDN 0x0008 /* Issuer DN present */

#define	PRE_CHECK_ISSUERCERTDN 0x0010 /* Issuer cert DN == subj.issuer DN */

#define	PRE_CHECK_NONSELFSIGNED_DN 0x0020 /* Issuer DN != subject DN */

#define	PRE_CHECK_SERIALNO 0x0040 /* SerialNo present */

#define	PRE_CHECK_VALENTRIES 0x0080 /* Validity entries present */

#define	PRE_CHECK_REVENTRIES 0x0100 /* Revocation entries present */

#define	PRE_CHECK_FLAG_NONE 0x0000 /* No check actions */

#define	PRE_CHECK_FLAG_MAX 0x01FF /* Maximum possible flag value */

#define	PRE_FLAG_NONE 0x0000 /* No special control options */

#define	PRE_FLAG_DN_IN_ISSUERCERT 0x0001/* Issuer DN is in issuer cert */

#define	PRE_FLAG_MAX 0x0001 /* Maximum possible flag value */

#define	CHECKDN_FLAG_NONE 0x00 /* No DN check */

#define	CHECKDN_FLAG_COUNTRY 0x01 /* Check DN has C */

#define	CHECKDN_FLAG_COMMONNAME 0x02 /* Check DN has CN */

#define	CHECKDN_FLAG_WELLFORMED 0x04 /* Check DN is well-formed */

#define	CHECKDN_FLAG_MAX 0x0F /* Maximum possible flag value */

#define	ATTRIBUTE_PTR void

#define	ATTRIBUTE_PTR_STORAGE char[ 64 ]

#define	DN_PTR void

#define	DN_PTR_STORAGE char[ 32 ]

#define	initSelectionInfo(certInfoPtr)

#define	saveSelectionState(savedState, certInfoPtr)

#define	restoreSelectionState(savedState, certInfoPtr)

#define	cCertCert certInfo.certInfo

#define	cCertReq certInfo.reqInfo

#define	cCertRev certInfo.revInfo

#define	cCertVal certInfo.valInfo

#define	cCertUser certInfo.pkiUserInfo

#define	isDNSelectionComponent(certInfoType)

#define	isDNComponent(certInfoType)

#define	isGeneralNameComponent(certInfoType)

#define	isPseudoInformation(certInfoType)

#define	isRevocationEntryComponent(certInfoType)

#define	isValidAttributeField(attributePtr) ( ( attributePtr )->attributeID > 0 )

Typedefs
typedef CHECK_RETVAL_FNPTR	STDC_NONNULL_ARG ((1, 2)) int(READCERT_FUNCTION)(INOUT STREAM stream

typedef CHECK_RETVAL_FNPTR INOUT CERT_INFO *	certInfoPtr

typedef CHECK_RETVAL_FNPTR INOUT CERT_INFO *	subjectCertInfoPtr

typedef CHECK_RETVAL_FNPTR INOUT CERT_INFO IN_OPT const CERT_INFO *	issuerCertInfoPtr

typedef CHECK_RETVAL_FNPTR INOUT CERT_INFO IN_OPT const CERT_INFO IN_HANDLE_OPT const CRYPT_CONTEXT	iIssuerCryptContext

Enumerations
enum	RTCSRESPONSE_TYPE { RTCSRESPONSE_TYPE_NONE, RTCSRESPONSE_TYPE_BASIC, RTCSRESPONSE_TYPE_EXTENDED, RTCSRESPONSE_TYPE_LAST }

enum	ATTRIBUTE_TYPE { ATTRIBUTE_CERTIFICATE, ATTRIBUTE_CMS, ATTRIBUTE_LAST }

enum	POLICY_TYPE { POLICY_NONE, POLICY_NONE_SPECIFIC, POLICY_SUBJECT, POLICY_SUBJECT_SPECIFIC, POLICY_BOTH, POLICY_BOTH_SPECIFIC, POLICY_LAST }

enum	SELECTION_OPTION { SELECTION_OPTION_NONE, MAY_BE_ABSENT, MUST_BE_PRESENT, CREATE_IF_ABSENT, SELECTION_OPTION_LAST }

enum	{ CTAG_CE_VERSION, CTAG_CE_ISSUERUNIQUEID, CTAG_CE_SUBJECTUNIQUEID, CTAG_CE_EXTENSIONS }

enum	{ CTAG_AC_HOLDER_BASECERTIFICATEID, CTAG_AC_HOLDER_ENTITYNAME, CTAG_AC_HOLDER_OBJECTDIGESTINFO }

enum	{ CTAG_AC_ISSUER_BASECERTIFICATEID, CTAG_AC_ISSUER_OBJECTDIGESTINFO }

enum	{ CTAG_CR_ATTRIBUTES }

enum	{ CTAG_CL_EXTENSIONS }

enum	{ CTAG_CF_VERSION, CTAG_CF_SERIALNUMBER, CTAG_CF_SIGNINGALG, CTAG_CF_ISSUER, CTAG_CF_VALIDITY, CTAG_CF_SUBJECT, CTAG_CF_PUBLICKEY, CTAG_CF_ISSUERUID, CTAG_CF_SUBJECTUID, CTAG_CF_EXTENSIONS }

enum	{ CTAG_CF_POP_NONE, CTAG_CF_POP_SIGNATURE, CTAG_CF_POP_ENCRKEY }

enum	{ CTAG_RP_EXTENSIONS }

enum	{ CTAG_OR_VERSION, CTAG_OR_DUMMY, CTAG_OR_EXTENSIONS }

enum	{ CTAG_OR_SR_EXTENSIONS }

enum	{ CTAG_OP_VERSION, CTAG_OP_EXTENSIONS }

enum	{ CTAG_SI_AUTHENTICATEDATTRIBUTES }

Functions
CHECK_RETVAL_PTR READCERT_FUNCTION	getCertReadFunction (IN_ENUM(CRYPT_CERTTYPE) const CRYPT_CERTTYPE_TYPE certType)

CHECK_RETVAL_PTR WRITECERT_FUNCTION	getCertWriteFunction (IN_ENUM(CRYPT_CERTTYPE) const CRYPT_CERTTYPE_TYPE certType)

CHECK_RETVAL_BOOL BOOLEAN	isGeneralNameSelectionComponent (IN_ATTRIBUTE const CRYPT_ATTRIBUTE_TYPE certInfoType)

Macro Definition Documentation

#define ATTRIBUTE_PTR void

Definition at line 335 of file cert.h.

#define ATTRIBUTE_PTR_STORAGE char[ 64 ]

Definition at line 336 of file cert.h.

#define cCertCert certInfo.certInfo

Definition at line 665 of file cert.h.

#define cCertReq certInfo.reqInfo

Definition at line 666 of file cert.h.

#define cCertRev certInfo.revInfo

Definition at line 667 of file cert.h.

#define cCertUser certInfo.pkiUserInfo

Definition at line 669 of file cert.h.

#define cCertVal certInfo.valInfo

Definition at line 668 of file cert.h.

#define CERT_FLAG_CERTCOLLECTION 0x10 /* Certificate chain is unordered collection */

Definition at line 110 of file cert.h.

#define CERT_FLAG_CRLENTRY 0x08 /* CRL is a standalone single entry */

Definition at line 109 of file cert.h.

#define CERT_FLAG_DATAONLY 0x04 /* Certificate is data-only (no context) */

Definition at line 108 of file cert.h.

#define CERT_FLAG_MAX 0x3F /* Maximum possible flag value */

Definition at line 112 of file cert.h.

#define CERT_FLAG_NONE 0x00 /* No flag */

Definition at line 105 of file cert.h.

#define CERT_FLAG_PATHKLUDGE 0x20 /* Certificate is a PKIX path kludge */

Definition at line 111 of file cert.h.

#define CERT_FLAG_SELFSIGNED 0x01 /* Certificate is self-signed */

Definition at line 106 of file cert.h.

#define CERT_FLAG_SIGCHECKED 0x02 /* Signature has been checked */

Definition at line 107 of file cert.h.

#define CHECKDN_FLAG_COMMONNAME 0x02 /* Check DN has CN */

Definition at line 269 of file cert.h.

#define CHECKDN_FLAG_COUNTRY 0x01 /* Check DN has C */

Definition at line 268 of file cert.h.

#define CHECKDN_FLAG_MAX 0x0F /* Maximum possible flag value */

Definition at line 271 of file cert.h.

#define CHECKDN_FLAG_NONE 0x00 /* No DN check */

Definition at line 267 of file cert.h.

#define CHECKDN_FLAG_WELLFORMED 0x04 /* Check DN is well-formed */

Definition at line 270 of file cert.h.

#define CHECKKEY_FLAG_CA 0x01 /* Must be CA key */

Definition at line 187 of file cert.h.

#define CHECKKEY_FLAG_GENCHECK 0x04 /* General details check */

Definition at line 189 of file cert.h.

#define CHECKKEY_FLAG_MAX 0x07 /* Maximum possible flag value */

Definition at line 190 of file cert.h.

#define CHECKKEY_FLAG_NONE 0x00 /* No specific checks */

Definition at line 186 of file cert.h.

#define CHECKKEY_FLAG_PRIVATEKEY 0x02 /* Check priv.key constraints */

Definition at line 188 of file cert.h.

#define DEFAULT_SERIALNO_SIZE 8

Definition at line 47 of file cert.h.

#define DN_PTR void

Definition at line 337 of file cert.h.

#define DN_PTR_STORAGE char[ 32 ]

Definition at line 338 of file cert.h.

#define ENCODING_FIFO_SIZE 10

Definition at line 62 of file cert.h.

#define initSelectionInfo ( certInfoPtr )

Value:

memset( &( certInfoPtr )->currentSelection, 0, sizeof( SELECTION_INFO ) ); \

( certInfoPtr )->currentSelection.dnPtr = &( ( certInfoPtr )->subjectName )

Definition at line 364 of file cert.h.

#define isDNComponent ( certInfoType )

Value:

( ( certInfoType ) >= CRYPT_CERTINFO_FIRST_DN && \

( certInfoType ) <= CRYPT_CERTINFO_LAST_DN )

Definition at line 851 of file cert.h.

#define isDNSelectionComponent ( certInfoType )

Value:

( ( certInfoType ) == CRYPT_CERTINFO_ISSUERNAME || \
      ( certInfoType ) == CRYPT_CERTINFO_SUBJECTNAME || \
      ( certInfoType ) == CRYPT_CERTINFO_DIRECTORYNAME )

Definition at line 839 of file cert.h.

#define isGeneralNameComponent ( certInfoType )

Value:

( ( certInfoType ) >= CRYPT_CERTINFO_FIRST_GENERALNAME && \

( certInfoType ) <= CRYPT_CERTINFO_LAST_GENERALNAME )

Definition at line 855 of file cert.h.

#define isPseudoInformation ( certInfoType )

Value:

( ( certInfoType ) >= CRYPT_CERTINFO_FIRST_PSEUDOINFO && \

( certInfoType ) <= CRYPT_CERTINFO_LAST_PSEUDOINFO )

Definition at line 863 of file cert.h.

#define isRevocationEntryComponent ( certInfoType )

Value:

( ( certInfoType ) == CRYPT_CERTINFO_CRLREASON || \
      ( certInfoType ) == CRYPT_CERTINFO_HOLDINSTRUCTIONCODE || \
      ( certInfoType ) == CRYPT_CERTINFO_INVALIDITYDATE )

Definition at line 871 of file cert.h.

#define isValidAttributeField ( attributePtr ) ( ( attributePtr )->attributeID > 0 )

Definition at line 880 of file cert.h.

#define MAX_CHAINLENGTH 16

Definition at line 35 of file cert.h.

#define MAX_SERIALNO_SIZE 256

Definition at line 49 of file cert.h.

#define MIN_ATTRIBUTE_SIZE 12

Definition at line 27 of file cert.h.

#define MIN_CERT_TIME_VALUE ( ( 1996 - 1970 ) * 365 * 86400L )

Definition at line 70 of file cert.h.

#define PKIUSER_AUTHENTICATOR_SIZE 12

Definition at line 57 of file cert.h.

#define PKIUSER_ENCR_AUTHENTICATOR_SIZE 32

Definition at line 58 of file cert.h.

#define PRE_CHECK_DN 0x0002 /* Subject DN present */

Definition at line 247 of file cert.h.

#define PRE_CHECK_DN_PARTIAL 0x0004 /* Partial subject DN present */

Definition at line 248 of file cert.h.

#define PRE_CHECK_FLAG_MAX 0x01FF /* Maximum possible flag value */

Definition at line 257 of file cert.h.

#define PRE_CHECK_FLAG_NONE 0x0000 /* No check actions */

Definition at line 256 of file cert.h.

#define PRE_CHECK_ISSUERCERTDN 0x0010 /* Issuer cert DN == subj.issuer DN */

Definition at line 250 of file cert.h.

#define PRE_CHECK_ISSUERDN 0x0008 /* Issuer DN present */

Definition at line 249 of file cert.h.

#define PRE_CHECK_NONE 0x0000 /* No check actions */

Definition at line 245 of file cert.h.

#define PRE_CHECK_NONSELFSIGNED_DN 0x0020 /* Issuer DN != subject DN */

Definition at line 251 of file cert.h.

#define PRE_CHECK_REVENTRIES 0x0100 /* Revocation entries present */

Definition at line 254 of file cert.h.

#define PRE_CHECK_SERIALNO 0x0040 /* SerialNo present */

Definition at line 252 of file cert.h.

#define PRE_CHECK_SPKI 0x0001 /* SPKI present */

Definition at line 246 of file cert.h.

#define PRE_CHECK_VALENTRIES 0x0080 /* Validity entries present */

Definition at line 253 of file cert.h.

#define PRE_FLAG_DN_IN_ISSUERCERT 0x0001/* Issuer DN is in issuer cert */

Definition at line 262 of file cert.h.

#define PRE_FLAG_MAX 0x0001 /* Maximum possible flag value */

Definition at line 263 of file cert.h.

#define PRE_FLAG_NONE 0x0000 /* No special control options */

Definition at line 261 of file cert.h.

#define PRE_SET_FLAG_MAX 0x003F /* Maximum possible flag value */

Definition at line 218 of file cert.h.

#define PRE_SET_FLAG_NONE 0x0000 /* No setup actions */

Definition at line 217 of file cert.h.

#define PRE_SET_ISSUERATTR 0x0002 /* Copy issuer attr.to subject */

Definition at line 211 of file cert.h.

#define PRE_SET_ISSUERDN 0x0004 /* Copy issuer DN to subject */

Definition at line 212 of file cert.h.

#define PRE_SET_NONE 0x0000 /* No setup actions */

Definition at line 209 of file cert.h.

#define PRE_SET_REVINFO 0x0020 /* Set up revocation information */

Definition at line 215 of file cert.h.

#define PRE_SET_STANDARDATTR 0x0001 /* Set up standard extensions */

Definition at line 210 of file cert.h.

#define PRE_SET_VALIDITYPERIOD 0x0008 /* Constrain subj.val.to issuer val.*/

Definition at line 213 of file cert.h.

#define PRE_SET_VALINFO 0x0010 /* Set up validity information */

Definition at line 214 of file cert.h.

#define restoreSelectionState	(	savedState,
		certInfoPtr
	)

Value:

{ \
    if( ( certInfoPtr )->type == CRYPT_CERTTYPE_CERTCHAIN ) \
        ( certInfoPtr )->cCertCert->chainPos = ( savedState ).savedChainPos; \
    ( certInfoPtr )->currentSelection = ( savedState ).savedSelectionInfo; \
    ( certInfoPtr )->attributeCursor = ( savedState ).savedAttributeCursor; \
    }

Definition at line 390 of file cert.h.

#define saveSelectionState	(	savedState,
		certInfoPtr
	)

Value:

{ \
    memset( &( savedState ), 0, sizeof( SELECTION_STATE ) ); \
    if( ( certInfoPtr )->type == CRYPT_CERTTYPE_CERTCHAIN ) \
        ( savedState ).savedChainPos = ( certInfoPtr )->cCertCert->chainPos; \
    ( savedState ).savedSelectionInfo = ( certInfoPtr )->currentSelection; \
    ( savedState ).savedAttributeCursor = ( certInfoPtr )->attributeCursor; \
    }

Definition at line 381 of file cert.h.

#define SERIALNO_BUFSIZE 32

Definition at line 48 of file cert.h.

#define setErrorValues	(	locus,
		type
	)	errorLocus = ( locus ); errorType = ( type )

Definition at line 132 of file cert.h.

Typedef Documentation

CHECK_RETVAL *certObjectLength void IN_LENGTH const int OUT_LENGTH_Z int const CERT_INFO * certInfoPtr

Definition at line 811 of file cert.h.

typedef CHECK_RETVAL_FNPTR INOUT CERT_INFO IN_OPT const CERT_INFO IN_HANDLE_OPT const CRYPT_CONTEXT iIssuerCryptContext

Definition at line 814 of file cert.h.

CHECK_RETVAL IN_OPT const CERT_INFO * issuerCertInfoPtr

Definition at line 814 of file cert.h.

STDC_NONNULL_ARG ( (1, 2) )

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

Definition at line 809 of file cert.h.

typedef CHECK_RETVAL_FNPTR INOUT CERT_INFO* subjectCertInfoPtr

Definition at line 814 of file cert.h.

Enumeration Type Documentation

anonymous enum

Enumerator:

CTAG_CE_VERSION
CTAG_CE_ISSUERUNIQUEID
CTAG_CE_SUBJECTUNIQUEID
CTAG_CE_EXTENSIONS

Definition at line 281 of file cert.h.

anonymous enum

Enumerator:

CTAG_OR_SR_EXTENSIONS

Definition at line 314 of file cert.h.

anonymous enum

Enumerator:

CTAG_OP_VERSION
CTAG_OP_EXTENSIONS

Definition at line 318 of file cert.h.

anonymous enum

Enumerator:

CTAG_SI_AUTHENTICATEDATTRIBUTES

Definition at line 322 of file cert.h.

anonymous enum

Enumerator:

CTAG_AC_HOLDER_BASECERTIFICATEID
CTAG_AC_HOLDER_ENTITYNAME
CTAG_AC_HOLDER_OBJECTDIGESTINFO

Definition at line 286 of file cert.h.

anonymous enum

Enumerator:

CTAG_AC_ISSUER_BASECERTIFICATEID
CTAG_AC_ISSUER_OBJECTDIGESTINFO

Definition at line 288 of file cert.h.

anonymous enum

Enumerator:

CTAG_CR_ATTRIBUTES

Definition at line 292 of file cert.h.

anonymous enum

Enumerator:

CTAG_CL_EXTENSIONS

Definition at line 296 of file cert.h.

anonymous enum

Enumerator:

CTAG_CF_VERSION
CTAG_CF_SERIALNUMBER
CTAG_CF_SIGNINGALG
CTAG_CF_ISSUER
CTAG_CF_VALIDITY
CTAG_CF_SUBJECT
CTAG_CF_PUBLICKEY
CTAG_CF_ISSUERUID
CTAG_CF_SUBJECTUID
CTAG_CF_EXTENSIONS

Definition at line 301 of file cert.h.

anonymous enum

Enumerator:

CTAG_CF_POP_NONE
CTAG_CF_POP_SIGNATURE
CTAG_CF_POP_ENCRKEY

Definition at line 304 of file cert.h.

anonymous enum

Enumerator:

CTAG_RP_EXTENSIONS

Definition at line 308 of file cert.h.

anonymous enum

Enumerator:

CTAG_OR_VERSION
CTAG_OR_DUMMY
CTAG_OR_EXTENSIONS

Definition at line 313 of file cert.h.

enum ATTRIBUTE_TYPE

Enumerator:

ATTRIBUTE_CERTIFICATE
ATTRIBUTE_CMS
ATTRIBUTE_LAST

Definition at line 140 of file cert.h.

enum POLICY_TYPE

Enumerator:

POLICY_NONE
POLICY_NONE_SPECIFIC
POLICY_SUBJECT
POLICY_SUBJECT_SPECIFIC
POLICY_BOTH
POLICY_BOTH_SPECIFIC
POLICY_LAST

Definition at line 152 of file cert.h.

enum RTCSRESPONSE_TYPE

Enumerator:

RTCSRESPONSE_TYPE_NONE
RTCSRESPONSE_TYPE_BASIC
RTCSRESPONSE_TYPE_EXTENDED
RTCSRESPONSE_TYPE_LAST

Definition at line 119 of file cert.h.

enum SELECTION_OPTION

Enumerator:

SELECTION_OPTION_NONE
MAY_BE_ABSENT
MUST_BE_PRESENT
CREATE_IF_ABSENT
SELECTION_OPTION_LAST

Definition at line 166 of file cert.h.

Function Documentation

CHECK_RETVAL_PTR READCERT_FUNCTION getCertReadFunction ( IN_ENUM(CRYPT_CERTTYPE) const CRYPT_CERTTYPE_TYPE certType )

CHECK_RETVAL_PTR WRITECERT_FUNCTION getCertWriteFunction ( IN_ENUM(CRYPT_CERTTYPE) const CRYPT_CERTTYPE_TYPE certType )

CHECK_RETVAL_BOOL BOOLEAN isGeneralNameSelectionComponent ( IN_ATTRIBUTE const CRYPT_ATTRIBUTE_TYPE certInfoType )

Classes

Macros

Typedefs

Enumerations

Functions

Macro Definition Documentation

Typedef Documentation

Enumeration Type Documentation

Function Documentation