28 #define USE_PKCS15V12_FORM
41 OUT_PTR void **newPubKeyDataPtr,
50 assert(
isWritePtr( newPubKeyDataPtr,
sizeof(
void * ) ) );
51 assert(
isWritePtr( newPubKeyDataSize,
sizeof(
int ) ) );
54 REQUIRES( pubKeyAttributeSize > 0 && \
59 *newPubKeyDataSize = sizeofObject( \
60 pubKeyAttributeSize + \
63 sizeofObject( pubKeySize ) + \
68 if( *newPubKeyDataSize <= pkcs15infoPtr->pubKeyDataSize )
72 newPubKeyData =
clAlloc(
"calculatePubkeyStorage", *newPubKeyDataSize );
73 if( newPubKeyData == NULL )
75 *newPubKeyDataPtr = newPubKeyData;
81 static
int calculateCertStorage(
const PKCS15_INFO *pkcs15infoPtr,
90 assert(
isWritePtr( newCertDataPtr,
sizeof(
void * ) ) );
91 assert(
isWritePtr( newCertDataSize,
sizeof(
int ) ) );
98 #ifdef USE_PKCS15V12_FORM
99 *newCertDataSize = sizeofObject( certAttributeSize + \
102 sizeofObject( certSize ) ) ) );
104 *newCertDataSize = sizeofObject( certAttributeSize + \
106 sizeofObject( certSize ) ) );
111 if( *newCertDataSize <= pkcs15infoPtr->certDataSize )
115 newCertData =
clAlloc(
"calculateCertStorage", *newCertDataSize );
116 if( newCertData == NULL )
118 *newCertDataPtr = newCertData;
131 zeroise( pkcs15infoPtr->pubKeyData, pkcs15infoPtr->pubKeyDataSize );
132 clFree(
"deletePubKey", pkcs15infoPtr->pubKeyData );
133 pkcs15infoPtr->pubKeyData = NULL;
134 pkcs15infoPtr->pubKeyDataSize = 0;
143 const void *newPubKeyData,
145 const int newPubKeyDataSize,
149 assert(
isReadPtr( newPubKeyData, newPubKeyDataSize ) );
154 newPubKeyOffset < newPubKeyDataSize && \
160 if( newPubKeyData != pkcs15infoPtr->pubKeyData )
162 if( pkcs15infoPtr->pubKeyData != NULL )
164 zeroise( pkcs15infoPtr->pubKeyData,
165 pkcs15infoPtr->pubKeyDataSize );
166 clFree(
"replacePubkeyData", pkcs15infoPtr->pubKeyData );
168 pkcs15infoPtr->pubKeyData = (
void * ) newPubKeyData;
172 pkcs15infoPtr->pubKeyDataSize = newPubKeyDataSize;
173 pkcs15infoPtr->pubKeyOffset = newPubKeyOffset;
179 const void *newCertData,
181 const int newCertDataSize,
185 assert(
isReadPtr( newCertData, newCertDataSize ) );
190 newCertOffset < newCertDataSize && \
196 if( newCertData != pkcs15infoPtr->certData )
198 if( pkcs15infoPtr->certData != NULL )
200 zeroise( pkcs15infoPtr->certData, pkcs15infoPtr->certDataSize );
201 clFree(
"replaceCertData", pkcs15infoPtr->certData );
203 pkcs15infoPtr->certData = (
void * ) newCertData;
207 pkcs15infoPtr->certDataSize = newCertDataSize;
208 pkcs15infoPtr->certOffset = newCertOffset;
232 void *newCertData = pkcs15infoPtr->certData;
233 void *newPrivKeyData = pkcs15infoPtr->privKeyData;
241 isReadPtr( privKeyAttributes, privKeyAttributeSize ) ) || \
244 privKeyAttributes == NULL && privKeyAttributeSize == 0 ) );
248 privKeyAttributes != NULL && \
249 privKeyAttributeSize > 0 && \
253 privKeyAttributes == NULL && privKeyAttributeSize == 0 ) );
277 "Only a trusted certificate can be added as a "
278 "standalone certificate" ) );
287 &certAttributeSize, pkcs15infoPtr,
293 "Couldn't write certificate attributes" ) );
304 privKeyInfoSize = pkcs15infoPtr->privKeyDataSize - \
305 pkcs15infoPtr->privKeyOffset;
306 status = calculatePrivkeyStorage( &newPrivKeyData, &newPrivKeyDataSize,
307 pkcs15infoPtr->privKeyData,
308 pkcs15infoPtr->privKeyDataSize,
310 privKeyAttributeSize, 0 );
319 certInfoSize = msgData.
length;
320 status = calculateCertStorage( pkcs15infoPtr, &newCertData,
321 &newCertDataSize, certAttributeSize,
326 if( newPrivKeyData != pkcs15infoPtr->privKeyData )
327 clFree(
"addCert", newPrivKeyData );
333 sMemOpen( &stream, newCertData, newCertDataSize );
334 #ifdef USE_PKCS15V12_FORM
335 writeSequence( &stream, certAttributeSize + \
338 sizeofObject( certInfoSize ) ) ) );
339 swrite( &stream, certAttributes, certAttributeSize );
340 writeConstructed( &stream, sizeofObject( \
341 sizeofObject( certInfoSize ) ),
343 writeSequence( &stream, sizeofObject( certInfoSize ) );
344 status = writeConstructed( &stream, certInfoSize,
CTAG_OV_DIRECT );
346 writeSequence( &stream, certAttributeSize + \
347 sizeofObject( sizeofObject( certInfoSize ) ) );
348 swrite( &stream, certAttributes, certAttributeSize );
349 writeConstructed( &stream, sizeofObject( certInfoSize ),
351 status = writeSequence( &stream, certInfoSize );
355 newCertOffset = stell( &stream );
356 status = exportCertToStream( &stream, iCryptCert,
359 sMemDisconnect( &stream );
364 DEBUG_DIAG((
"Failed to set up/write certificate data" ));
366 if( newPrivKeyData != pkcs15infoPtr->privKeyData )
367 clFree(
"addCert", newPrivKeyData );
368 if( newCertData != pkcs15infoPtr->certData && newCertData != NULL )
369 clFree(
"addCert", newCertData );
372 "Couldn't write PKCS #15 certificate data" ) );
375 newCertDataSize ) ) );
381 pkcs15infoPtr->type = subType;
382 replaceCertData( pkcs15infoPtr, newCertData, newCertDataSize,
386 updatePrivKeyAttributes( pkcs15infoPtr,
387 newPrivKeyData, newPrivKeyDataSize,
388 privKeyAttributes, privKeyAttributeSize,
389 privKeyInfoSize, keyTypeTag );
394 if( pkcs15infoPtr->pubKeyData != NULL )
395 deletePubKey( pkcs15infoPtr );
409 int iterationCount = 0,
status;
438 int iAndSIDlength,
index;
441 status = getCertID( iCryptCert, CRYPT_IATTRIBUTE_ISSUERANDSERIALNUMBER,
445 if( findEntry( pkcs15info, noPkcs15objects, CRYPT_IKEYID_ISSUERID,
451 pkcs15infoPtr = findFreeEntry( pkcs15info, noPkcs15objects, &index );
452 if( pkcs15infoPtr == NULL )
454 status = pkcs15AddCert( pkcs15infoPtr, iCryptCert, NULL, 0,
465 seenNonDuplicate =
TRUE;
484 "Couldn't find any new certificates to add" ) );
501 const void *pubKeyAttributes,
509 CRYPT_IATTRIBUTE_KEY_SPKI_PARTIAL : CRYPT_IATTRIBUTE_KEY_SPKI;
512 void *newPubKeyData = pkcs15infoPtr->pubKeyData;
513 int newPubKeyDataSize, newPubKeyOffset =
DUMMY_INIT, pubKeySize;
517 assert(
isReadPtr( pubKeyAttributes, pubKeyAttributeSize ) );
520 REQUIRES( pubKeyAttributeSize > 0 && \
532 status = getKeyTypeTag(
CRYPT_UNUSED, pkcCryptAlgo, &keyTypeTag );
544 &msgData, keyDataType );
547 pubKeySize = msgData.
length;
553 status = calculatePubkeyStorage( pkcs15infoPtr, &newPubKeyData,
554 &newPubKeyDataSize, pubKeySize,
555 pubKeyAttributeSize, extraDataSize );
560 sMemOpen( &stream, newPubKeyData, newPubKeyDataSize );
561 writeConstructed( &stream, pubKeyAttributeSize + \
564 sizeofObject( pubKeySize ) + \
567 swrite( &stream, pubKeyAttributes, pubKeyAttributeSize );
568 writeConstructed( &stream, sizeofObject( \
569 sizeofObject( pubKeySize ) + \
572 writeSequence( &stream, sizeofObject( pubKeySize ) + extraDataSize );
576 newPubKeyOffset = stell( &stream );
577 status = exportAttributeToStream( &stream, iCryptContext,
588 ( (
BYTE * ) newPubKeyData )[ newPubKeyOffset ] =
MAKE_CTAG( 1 );
589 status = writeShortInteger( &stream, modulusSize,
DEFAULT_TAG );
591 assert( stell( &stream ) == newPubKeyDataSize );
592 sMemDisconnect( &stream );
595 DEBUG_DIAG((
"Failed to set up/write public key data" ));
597 if( newPubKeyData != pkcs15infoPtr->pubKeyData )
598 clFree(
"addPublicKey", newPubKeyData );
601 "Couldn't write PKCS #15 public-key data" ) );
604 newPubKeyDataSize ) ) );
607 replacePubkeyData( pkcs15infoPtr, newPubKeyData, newPubKeyDataSize,