33 static
void convertDate(
OUT CK_DATE *date,
const time_t theTime )
36 BYTE dateBuffer[ 32 + 8 ];
42 memset( date, 0,
sizeof(
CK_DATE ) );
46 sMemOpen( &stream, dateBuffer, 32 );
47 cryptStatus = writeGeneralizedTime( &stream, theTime,
DEFAULT_TAG );
48 sMemDisconnect( &stream );
50 memcpy( &date->year, dateBuffer + 2, 4 );
51 memcpy( &date->month, dateBuffer + 6, 2 );
52 memcpy( &date->day, dateBuffer + 8, 2 );
63 #define addTemplateValue( certTemplatePtr, valueType, valuePtr, valueLen ) \
65 ( certTemplatePtr ).type = valueType; \
66 ( certTemplatePtr ).pValue = valuePtr; \
67 ( certTemplatePtr ).ulValueLen = valueLen; \
89 { CKA_NONE, NULL_PTR, 0 },
90 { CKA_NONE, NULL_PTR, 0 },
91 { CKA_NONE, NULL_PTR, 0 },
92 { CKA_NONE, NULL_PTR, 0 },
97 DYNBUF subjectDB, iAndSDB, certDB;
102 int templateCount = 8, cryptStatus;
111 &msgData, CRYPT_IATTRIBUTE_KEYID );
114 certTemplate[ 3 ].
pValue = msgData.data;
135 cryptStatus = findObject( pkcs11Info, &hObject, keyTemplate, 2 );
140 cryptStatus = findObject( pkcs11Info, &hObject, keyTemplate, 2 );
154 convertDate( &startDate, theTime );
160 return( cryptStatus );
161 convertDate( &endDate, theTime );
164 cryptStatus = dynCreate( &subjectDB, iCryptHandle,
165 CRYPT_IATTRIBUTE_SUBJECT );
167 return( cryptStatus );
168 cryptStatus = dynCreate( &iAndSDB, iCryptHandle,
169 CRYPT_IATTRIBUTE_ISSUERANDSERIALNUMBER );
172 dynDestroy( &subjectDB );
173 return( cryptStatus );
177 cryptStatus = addIAndSToTemplate( &certTemplate[ 5 ],
dynData( iAndSDB ),
181 dynDestroy( &subjectDB );
182 dynDestroy( &iAndSDB );
183 return( cryptStatus );
187 cryptStatus = dynCreateCert( &certDB, iCryptHandle,
191 dynDestroy( &subjectDB );
192 dynDestroy( &iAndSDB );
193 return( cryptStatus );
202 &msgData, CRYPT_IATTRIBUTE_HOLDERNAME );
207 addTemplateValue( certTemplate[ templateCount ],
216 addTemplateValue( certTemplate[ templateCount ],
219 addTemplateValue( certTemplate[ templateCount ],
226 &msgData, CRYPT_IATTRIBUTE_HOLDERURI );
230 addTemplateValue( certTemplate[ templateCount ],
244 status = C_CreateObject( pkcs11Info->hSession,
255 status = C_CreateObject( pkcs11Info->hSession,
257 templateCount, &hObject );
266 status = C_CreateObject( pkcs11Info->hSession,
268 templateCount, &hObject );
274 dynDestroy( &subjectDB );
275 dynDestroy( &iAndSDB );
276 dynDestroy( &certDB );
277 return( cryptStatus );
295 int value, iterationCount, cryptStatus;
334 cryptStatus = dynCreate( &iAndSDB, iCryptCert,
335 CRYPT_IATTRIBUTE_ISSUERANDSERIALNUMBER );
337 return( cryptStatus );
338 cryptStatus = addIAndSToTemplate( &certTemplate[ 2 ],
347 dynDestroy( &iAndSDB );
348 return( cryptStatus );
350 cryptStatus = findObject( pkcs11Info, &hObject, certTemplate, 4 );
351 dynDestroy( &iAndSDB );
355 cryptStatus = updateCertificate( pkcs11Info, iCryptCert,
358 return( cryptStatus );
360 seenNonDuplicate =
TRUE;
370 ENSURES( iterationCount < FAILSAFE_ITERATIONS_MED );
388 PKCS11_INFO *pkcs11Info = deviceInfo->devicePKCS11;
389 int value, cryptStatus;
411 CRYPT_IATTRIBUTE_LOCKED );
413 return( cryptStatus );
418 cryptStatus = updateCertChain( pkcs11Info, iCryptCert );
422 return( cryptStatus );
458 PKCS11_INFO *pkcs11Info = deviceInfo->devicePKCS11;
462 assert(
isReadPtr( keyID, keyIDlength ) );
484 cryptStatus = findObjectEx( pkcs11Info, &hCertificate, certTemplate, 3 );
489 cryptStatus = findObjectFromObject( pkcs11Info, hCertificate,
492 hPubkey = CK_OBJECT_NONE;
493 cryptStatus = findObjectFromObject( pkcs11Info, hCertificate,
496 hPrivkey = CK_OBJECT_NONE;
502 cryptStatus = findObjectEx( pkcs11Info, &hPubkey, keyTemplate, 2 );
504 hPubkey = CK_OBJECT_NONE;
505 keyTemplate[ 0 ].pValue = (
CK_VOID_PTR ) &privkeyClass;
506 cryptStatus = findObjectEx( pkcs11Info, &hPrivkey, keyTemplate, 2 );
508 hPrivkey = CK_OBJECT_NONE;
509 keyTemplate[ 0 ].pValue = (
CK_VOID_PTR ) &secKeyClass;
510 cryptStatus = findObjectEx( pkcs11Info, &hSecretKey, keyTemplate, 2 );
512 hSecretKey = CK_OBJECT_NONE;
516 if( hPubkey != CK_OBJECT_NONE || hPrivkey != CK_OBJECT_NONE )
518 cryptStatus = findObjectFromObject( pkcs11Info,
519 ( hPrivkey != CK_OBJECT_NONE ) ? hPrivkey : hPubkey,
522 hCertificate = CK_OBJECT_NONE;
528 if( hPubkey != CK_OBJECT_NONE && hPrivkey == CK_OBJECT_NONE )
530 cryptStatus = findObjectFromObject( pkcs11Info, hPubkey,
533 hPrivkey = CK_OBJECT_NONE;
535 if( hPrivkey != CK_OBJECT_NONE && hPubkey == CK_OBJECT_NONE )
537 cryptStatus = findObjectFromObject( pkcs11Info, hPrivkey,
540 hPubkey = CK_OBJECT_NONE;
542 if( hPrivkey == CK_OBJECT_NONE && hPubkey == CK_OBJECT_NONE && \
543 hSecretKey == CK_OBJECT_NONE && hCertificate == CK_OBJECT_NONE )
552 if( hCertificate != CK_OBJECT_NONE )
553 status = C_DestroyObject( pkcs11Info->
hSession, hCertificate );
554 if( hPubkey != CK_OBJECT_NONE )
558 status2 = C_DestroyObject( pkcs11Info->
hSession, hPubkey );
562 if( hPrivkey != CK_OBJECT_NONE )
566 status2 = C_DestroyObject( pkcs11Info->
hSession, hPrivkey );
570 if( hSecretKey != CK_OBJECT_NONE )
574 status2 = C_DestroyObject( pkcs11Info->
hSession, hSecretKey );
580 return( cryptStatus );
596 deviceInfo->setItemFunction = setItemFunction;
597 deviceInfo->deleteItemFunction = deleteItemFunction;