20 #ifdef USE_CERTIFICATES
44 void *serialNumberPtr;
48 assert( ( serialNumber == NULL && serialNumberLength == 0 ) || \
49 (
isReadPtr( serialNumber, serialNumberLength ) ) );
55 REQUIRES( ( serialNumber == NULL && serialNumberLength == 0 ) || \
56 ( serialNumber != NULL && \
57 serialNumberLength > 0 && \
65 switch( certInfoPtr->type )
70 if( certInfoPtr->cCertCert->serialNumber != NULL )
72 ENSURES( serialNumber == NULL && serialNumberLength == 0 );
76 serialNumberPtr = certInfoPtr->cCertCert->serialNumberBuffer;
81 if( certInfoPtr->cCertReq->serialNumber != NULL )
83 ENSURES( serialNumber == NULL && serialNumberLength == 0 );
87 serialNumberPtr = certInfoPtr->cCertReq->serialNumberBuffer;
97 if( serialNumber != NULL )
102 status = writeInteger( &stream, serialNumber, serialNumberLength,
105 length = stell( &stream );
106 sMemDisconnect( &stream );
116 if( ( serialNumberPtr =
clDynAlloc(
"setSerialNumber",
134 CRYPT_IATTRIBUTE_RANDOM_NONCE );
138 if( buffer[ 0 ] == 0 )
144 if( buffer[ 0 ] == 0 )
154 certInfoPtr->cCertReq->serialNumber = serialNumberPtr;
155 certInfoPtr->cCertReq->serialNumberLength =
length;
160 certInfoPtr->cCertCert->serialNumber = serialNumberPtr;
161 certInfoPtr->cCertCert->serialNumberLength =
length;
163 memcpy( serialNumberPtr, buffer + bufPos, length );
176 const void *canonSerialNumber,
179 const void *serialNumber,
182 const BYTE *canonSerialNumberPtr = canonSerialNumber;
183 const BYTE *serialNumberPtr = serialNumber;
187 assert(
isReadPtr( canonSerialNumber, canonSerialNumberLength ) );
188 assert(
isReadPtr( serialNumber, serialNumberLength ) );
190 REQUIRES( canonSerialNumberLength > 0 && \
192 REQUIRES( serialNumberLength > 0 && \
197 if( canonSerialNumberPtr[ 0 ] == 0 )
199 canonSerialNumberPtr++;
202 ENSURES( canonSerialLength == 0 || canonSerialNumberPtr[ 0 ] != 0 );
206 for( serialLength = serialNumberLength;
207 serialLength > 0 && serialNumberPtr[ 0 ] == 0;
208 serialLength--, serialNumberPtr++ );
211 if( canonSerialLength != serialLength )
213 if( canonSerialLength == 0 )
218 return( memcmp( canonSerialNumberPtr, serialNumberPtr,
235 CRYPT_KEYUSAGE_KEYENCIPHERMENT;
250 if( attributePtr != NULL )
255 status = getAttributeDataPtr( attributePtr, &policyOidPtr,
274 certInfoPtr->startTime = certInfoPtr->endTime = 0;
276 ( void ) deleteCertComponent( certInfoPtr,
282 certInfoPtr->startTime = currentTime;
283 certInfoPtr->endTime = certInfoPtr->startTime + ( 86400L * 365 * 20 );
290 status = addCertComponentString( certInfoPtr,
298 ENSURES( attributePtr != NULL );
304 #ifdef USE_CERT_DNSTRING
310 IN_BUFFER( dnStringLength )
const void *dnString,
317 assert(
isReadPtr( dnString, dnStringLength ) );
327 *certInfoPtr->currentSelection.dnPtr == NULL )
342 status = readDNstring( certInfoPtr->currentSelection.dnPtr,
343 dnString, dnStringLength );
345 certInfoPtr->currentSelection.updateCursor )
351 ( void ) selectGeneralName( certInfoPtr,
352 certInfoPtr->currentSelection.generalName,
389 status = selectGeneralName( certInfoPtr, certInfoType,
399 if( ( certInfoType >= CRYPT_CERTINFO_FIRST_EXTENSION && \
400 certInfoType <= CRYPT_CERTINFO_LAST_EXTENSION ) || \
401 ( certInfoType >= CRYPT_CERTINFO_FIRST_CMS && \
402 certInfoType <= CRYPT_CERTINFO_LAST_CMS ) )
420 #if defined( USE_CERTREV ) || defined( USE_CERTVAL )
428 if( certInfoPtr->cCertVal->currentValidity == NULL )
430 return( addAttributeField( \
431 &certInfoPtr->cCertVal->currentValidity->attributes,
434 &certInfoPtr->errorType ) );
442 if( certInfoPtr->cCertRev->currentRevocation == NULL )
444 return( addAttributeField( \
445 &certInfoPtr->cCertRev->currentRevocation->attributes,
448 &certInfoPtr->errorType ) );
453 return( addAttributeField( &certInfoPtr->attributes,
456 &certInfoPtr->errorType ) );
460 switch( certInfoType )
470 return( setXyzzyInfo( certInfoPtr ) );
473 return( setCertificateCursor( certInfoPtr, certInfo ) );
478 return( setAttributeCursor( certInfoPtr, certInfoType, certInfo ) );
481 certInfoPtr->cCertCert->trustedUsage =
certInfo;
489 status = getAttributeFieldValue( certInfoPtr->attributes,
500 &certInfoPtr->objectHandle,
507 certInfoPtr->cCertRev->signatureLevel =
certInfo;
516 return( copyPublicKeyInfo( certInfoPtr, certInfo, NULL ) );
538 for( i = 0; i < certCertInfoPtr->
chainEnd && \
543 &certCertInfoPtr->chain[ i ],
552 ENSURES( i < MAX_CHAINLENGTH );
564 return( copyCertObject( certInfoPtr, addedCert,
572 if( certInfoPtr->certHashSet )
578 ENSURES( certInfoPtr->version == 1 );
591 return( copyCertObject( certInfoPtr, addedCert,
598 if( ( certInfoPtr->iPubkeyContext !=
CRYPT_ERROR || \
599 certInfoPtr->publicKeyInfo != NULL ) || \
600 certInfoPtr->subjectName != NULL )
607 return( copyCertObject( certInfoPtr, certInfo,
611 case CRYPT_IATTRIBUTE_CERTCOLLECTION:
612 return( copyCertChain( certInfoPtr, certInfo,
TRUE ) );
614 case CRYPT_IATTRIBUTE_RTCSREQUEST:
615 case CRYPT_IATTRIBUTE_OCSPREQUEST:
616 case CRYPT_IATTRIBUTE_REVREQUEST:
617 case CRYPT_IATTRIBUTE_PKIUSERINFO:
618 case CRYPT_IATTRIBUTE_BLOCKEDATTRS:
619 return( copyCertObject( certInfoPtr, certInfo, certInfoType,
635 assert(
isReadPtr( certInfo, certInfoLength ) );
656 if( certInfoPtr->attributeCursor != NULL )
658 status = getAttributeIdInfo( certInfoPtr->attributeCursor, NULL,
664 fieldID = certInfoPtr->currentSelection.generalName;
665 status = addAttributeFieldString( &certInfoPtr->attributes,
666 fieldID, certInfoType, certInfo, certInfoLength,
668 &certInfoPtr->errorType );
671 if( certInfoPtr->currentSelection.updateCursor )
678 ( void ) selectGeneralName( certInfoPtr,
679 certInfoPtr->currentSelection.generalName,
694 status = insertDNComponent( certInfoPtr->currentSelection.dnPtr,
695 certInfoType, certInfo,
696 certInfoLength, &certInfoPtr->errorType );
698 certInfoPtr->currentSelection.updateCursor )
705 ( void ) selectGeneralName( certInfoPtr,
706 certInfoPtr->currentSelection.generalName,
710 certInfoPtr->errorLocus = certInfoType;
716 if( ( certInfoType >= CRYPT_CERTINFO_FIRST_EXTENSION && \
717 certInfoType <= CRYPT_CERTINFO_LAST_EXTENSION ) || \
718 ( certInfoType >= CRYPT_CERTINFO_FIRST_CMS && \
719 certInfoType <= CRYPT_CERTINFO_LAST_CMS ) )
727 #if defined( USE_CERTREV ) || defined( USE_CERTVAL )
735 if( certInfoPtr->cCertVal->currentValidity == NULL )
737 return( addAttributeFieldString( \
738 &certInfoPtr->cCertVal->currentValidity->attributes,
741 &certInfoPtr->errorLocus, &certInfoPtr->errorType ) );
749 if( certInfoPtr->cCertRev->currentRevocation == NULL )
751 return( addAttributeFieldString( \
752 &certInfoPtr->cCertRev->currentRevocation->attributes,
755 &certInfoPtr->errorLocus, &certInfoPtr->errorType ) );
760 return( addAttributeFieldString( &certInfoPtr->attributes,
763 &certInfoPtr->errorLocus, &certInfoPtr->errorType ) );
767 switch( certInfoType )
771 if( certInfoPtr->cCertCert->serialNumber != NULL )
777 return( setSerialNumber( certInfoPtr, certInfo,
783 time_t certTime = *( ( time_t * ) certInfo );
785 if( certInfoPtr->startTime > 0 )
791 if( certInfoPtr->endTime > 0 && \
792 certTime >= certInfoPtr->endTime )
800 certInfoPtr->startTime = certTime;
807 time_t certTime = *( ( time_t * ) certInfo );
809 if( certInfoPtr->endTime > 0 )
815 if( certInfoPtr->startTime > 0 && \
816 certTime <= certInfoPtr->startTime )
824 certInfoPtr->endTime = certTime;
831 time_t certTime = *( ( time_t * ) certInfo );
832 time_t *revocationTimePtr = getRevocationTimePtr( certInfoPtr );
834 if( *revocationTimePtr > 0 )
840 *revocationTimePtr = certTime;
845 #ifdef USE_CERT_DNSTRING
847 return( getEncodedDn( certInfoPtr, certInfo, certInfoLength ) );
851 case CRYPT_IATTRIBUTE_CRLENTRY:
860 sMemConnect( &stream, certInfo, certInfoLength );
861 status = readCRLentry( &stream,
862 &certInfoPtr->cCertRev->revocations, 0,
863 &certInfoPtr->errorLocus,
864 &certInfoPtr->errorType );
865 sMemDisconnect( &stream );
871 case CRYPT_IATTRIBUTE_AUTHCERTID:
873 memcpy( certInfoPtr->cCertReq->authCertID, certInfo,
KEYID_SIZE );