37 int Clength, SPlength, Llength, Olength, OUlength, CNlength, uriLength;
62 static
char *getDeleteString(
IN_ENUM( KEYMGMT_ITEM ) \
71 return(
"DELETE FROM pkiUsers WHERE " );
74 return(
"DELETE FROM certificates WHERE " );
122 certIdData->Clength = msgData.
length;
132 certIdData->SPlength = msgData.
length;
142 certIdData->Llength = msgData.
length;
152 certIdData->Olength = msgData.
length;
162 certIdData->OUlength = msgData.
length;
175 &msgData, CRYPT_IATTRIBUTE_HOLDERNAME );
177 certIdData->CNlength = msgData.
length;
218 for( i = 0; i < msgData.
length; i++ )
220 certIdData->uriLength = msgData.
length;
246 &certIdData->certIDlength, iCryptHandle,
255 &certIdData->nameIDlength, iCryptHandle,
256 CRYPT_IATTRIBUTE_SUBJECT );
259 &certIdData->issuerIDlength, iCryptHandle,
260 CRYPT_IATTRIBUTE_ISSUERANDSERIALNUMBER );
263 &certIdData->keyIDlength, iCryptHandle );
268 BYTE binaryKeyID[ 64 + 8 ];
270 int binaryKeyIDlength;
284 status = decodePKIUserValue( binaryKeyID, 64, &binaryKeyIDlength,
285 encKeyID, msgData.
length );
288 &certIdData->keyIDlength, CRYPT_IKEYID_KEYID,
289 binaryKeyID, binaryKeyIDlength );
292 &certIdData->nameIDlength, iCryptHandle,
293 CRYPT_IATTRIBUTE_SUBJECT );
321 &crlIdData->issuerIDlength, iCryptCRL,
322 CRYPT_IATTRIBUTE_ISSUERANDSERIALNUMBER );
334 &crlIdData->certIDlength, iCryptRevokeCert,
338 &crlIdData->nameIDlength, iCryptRevokeCert,
339 CRYPT_IATTRIBUTE_ISSUER );
367 const char *sqlString;
383 status = extractCertNameData( iCryptHandle, certType, &certIdData );
402 "Couldn't extract user identification information "
403 "from certificate" ) );
407 status = extractCertIdData( iCryptHandle, certType, &certIdData );
410 status = extractCertData( iCryptHandle,
412 CRYPT_ICERTFORMAT_DATA : \
422 "Couldn't extract certificate data from "
439 certData[ 0 ] = 0xFF;
448 setBoundData( boundDataPtr, 0, certIdData.C, certIdData.Clength );
449 setBoundData( boundDataPtr, 1, certIdData.SP, certIdData.SPlength );
450 setBoundData( boundDataPtr, 2, certIdData.L, certIdData.Llength );
451 setBoundData( boundDataPtr, 3, certIdData.O, certIdData.Olength );
452 setBoundData( boundDataPtr, 4, certIdData.OU, certIdData.OUlength );
453 setBoundData( boundDataPtr, 5, certIdData.CN, certIdData.CNlength );
458 certIdData.uriLength );
461 certIdData.nameIDlength );
463 certIdData.issuerIDlength );
465 certIdData.keyIDlength );
468 "INSERT INTO certificates VALUES (?, ?, ?, ?, ?, ?, ?,"
474 certIdData.uriLength );
478 "?, ?, ?, ?, ?, ?, ?, ?, ?)";
483 certIdData.nameIDlength );
485 certIdData.keyIDlength );
488 "INSERT INTO pkiUsers VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
494 setBoundData( boundDataPtr, boundDataIndex++, certIdData.certID,
495 certIdData.certIDlength );
499 certData, certDataLength );
503 int encodedCertDataLength;
506 &encodedCertDataLength, certData,
510 DEBUG_DIAG((
"Couldn't base64-encode data" ));
514 setBoundData( boundDataPtr, boundDataIndex, encodedCertData,
515 encodedCertDataLength );
517 status =
dbmsUpdate( sqlString, boundDataPtr, updateType );
522 "Certificate add operation failed: " ) );
540 const char *sqlString;
541 time_t expiryDate = 0;
556 status = extractCrlIdData( iCryptCRL, iCryptRevokeCert, &crlIdData );
558 status = extractCertData( iCryptCRL, CRYPT_IATTRIBUTE_CRLENTRY,
574 "Couldn't extract CRL data from CRL" ) );
586 crlIdData.nameIDlength );
588 crlIdData.issuerIDlength );
590 crlIdData.certIDlength );
592 sqlString =
"INSERT INTO CRLs VALUES (?, ?, ?, ?, ?)";
598 crlIdData.issuerIDlength );
600 sqlString =
"INSERT INTO CRLs VALUES (?, ?)";
609 int encodedCertDataLength;
612 &encodedCertDataLength, certData,
616 DEBUG_DIAG((
"Couldn't base64-encode data" ));
620 setBoundData( boundDataPtr, boundDataIndex, encodedCertData,
621 encodedCertDataLength );
623 status =
dbmsUpdate( sqlString, boundDataPtr, updateType );
628 "CRL add operation failed: " ) );
643 IN_FLAGS( KEYMGMT )
const int flags )
645 DBMS_INFO *dbmsInfo = keysetInfoPtr->keysetDBMS;
658 REQUIRES( password == NULL && passwordLength == 0 );
681 "Invalid item type for CA certificate store" ) );
697 return( caAddCertRequest( dbmsInfo, iCryptHandle, type,
709 "Item being added must be a CRL or certificate" ) );
730 CRYPT_IATTRIBUTE_LOCKED );
740 status = addCert( dbmsInfo, iCryptHandle,
750 seenNonDuplicate =
TRUE;
771 "No new %s were found to add to the certificate store",
773 "CRL entries" :
"certificates" ) );
789 DBMS_INFO *dbmsInfo = keysetInfoPtr->keysetDBMS;
793 const char *keyName =
getKeyName( keyIDtype );
794 const char *deleteString = getDeleteString( itemType );
795 int encodedKeyIDlength,
status;
798 assert(
isReadPtr( keyID, keyIDlength ) );
814 &encodedKeyIDlength, keyIDtype, keyID, keyIDlength );
825 "Invalid operation for CA certificate store" ) );
828 return( caDeletePKIUser( dbmsInfo, keyIDtype, keyID, keyIDlength,
831 ENSURES( keyName != NULL && deleteString != NULL );
836 setBoundData( boundDataPtr, 0, encodedKeyID, encodedKeyIDlength );
842 "Certificate delete operation failed: " ) );
860 keysetInfoPtr->setItemFunction = setItemFunction;
861 keysetInfoPtr->deleteItemFunction = deleteItemFunction;