18 #ifdef USE_CERTIFICATES
40 errorLocus < CRYPT_IATTRIBUTE_LAST );
46 DEBUG_DIAG((
"Caught attempt to set invalid error locus" ));
62 IN_RANGE( 1, 5 )
const int maxVersion )
71 REQUIRES( maxVersion >= 1 && maxVersion <= 5 );
82 certInfoPtr->version = 1;
94 if( peekTag( stream ) !=
MAKE_CTAG( tag ) )
96 status = readConstructed( stream, NULL, tag );
106 if( version < 0 || version > maxVersion )
108 certInfoPtr->version = version + 1;
130 &integerLength, tag );
139 if( integerLength <= 0 )
146 return( setSerialNumber( certInfoPtr, integer, integerLength ) );
162 status = getStreamObjectLength( stream, &length );
165 certInfoPtr->subjectDNsize =
length;
166 status = sMemGetDataBlock( stream, &certInfoPtr->subjectDNptr,
170 status = readDN( stream, &certInfoPtr->subjectName );
188 status = getStreamObjectLength( stream, &length );
191 certInfoPtr->issuerDNsize =
length;
192 status = sMemGetDataBlock( stream, &certInfoPtr->issuerDNptr,
196 status = readDN( stream, &certInfoPtr->issuerName );
208 static
int readPublicKeyInfo(
INOUT STREAM *stream,
217 status = getStreamObjectLength( stream, &length );
220 certInfoPtr->publicKeyInfoSize =
length;
221 status = sMemGetDataBlock( stream, &certInfoPtr->publicKeyInfo,
226 return( certErrorReturn( certInfoPtr,
250 status = readAlgoIDparam( stream, &certInfoPtr->publicKeyAlgo,
254 if( parameterLength > 0 )
255 sSkip( stream, parameterLength );
256 status = readUniversal( stream );
261 status = iCryptReadSubjectPublicKey( stream,
262 &certInfoPtr->iPubkeyContext,
268 &certInfoPtr->publicKeyAlgo,
274 return( certErrorReturn( certInfoPtr,
299 status = readSequence( stream, NULL );
303 status =
readUTCTime( stream, &certInfoPtr->startTime );
312 status =
readUTCTime( stream, &certInfoPtr->endTime );
323 #ifdef USE_CERT_OBSOLETE
342 status = readBitStringHole( stream, &length, 1,
346 if(
cryptStatusOK( status ) && ( length < 1 || length > 1024 ) )
352 if( ( bufPtr =
clDynAlloc(
"readUniqueID", length ) ) == NULL )
356 certInfoPtr->cCertCert->subjectUniqueID = bufPtr;
357 certInfoPtr->cCertCert->subjectUniqueIDlength =
length;
361 certInfoPtr->cCertCert->issuerUniqueID = bufPtr;
362 certInfoPtr->cCertCert->issuerUniqueIDlength =
length;
364 status = sread( stream, bufPtr, length );
367 return( certErrorReturn( certInfoPtr, type, status ) );
371 #define readUniqueID( stream, certInfoPtr, type ) readUniversal( stream );
398 status = readSequence( stream, &length );
401 endPos = stell( stream ) +
length;
415 status = readSerialNumber( stream, certInfoPtr,
DEFAULT_TAG );
418 status = readAlgoIDex( stream, &dummyAlgo, \
419 &certInfoPtr->cCertCert->hashAlgo,
426 status = readIssuerDN( stream, certInfoPtr );
428 status = readValidity( stream, certInfoPtr );
430 status = readSubjectDN( stream, certInfoPtr );
435 if( certInfoPtr->issuerDNsize == certInfoPtr->subjectDNsize && \
436 !memcmp( certInfoPtr->issuerDNptr, certInfoPtr->subjectDNptr,
437 certInfoPtr->subjectDNsize ) )
441 status = readPublicKeyInfo( stream, certInfoPtr );
448 status = readUniqueID( stream, certInfoPtr,
455 status = readUniqueID( stream, certInfoPtr,
467 status = readAttributes( stream, &certInfoPtr->attributes,
469 &certInfoPtr->errorLocus, &certInfoPtr->errorType );
475 return( fixAttributes( certInfoPtr ) );
521 static
int readAttributeCertInfo(
INOUT STREAM *stream,
530 status = readSequence( stream, &length );
533 endPos = stell( stream ) +
length;
534 status = readVersion( stream, certInfoPtr,
BER_INTEGER, 2 );
540 status = readSequence( stream, &length );
543 innerEndPos = stell( stream ) +
length;
546 status = readUniversal( stream );
550 if( stell( stream ) < innerEndPos && \
554 readConstructed( stream, NULL, 4 );
555 status = readSubjectDN( stream, certInfoPtr );
559 if( stell( stream ) < innerEndPos && \
565 status = readUniversal( stream );
569 status = readConstructed( stream, &length, 0 );
572 innerEndPos = stell( stream ) +
length;
575 readSequence( stream, NULL );
576 readConstructed( stream, NULL, 4 );
577 status = readIssuerDN( stream, certInfoPtr );
581 if( stell( stream ) < innerEndPos && \
584 status = readUniversal( stream );
588 if( stell( stream ) < innerEndPos && \
592 status = readUniversal( stream );
602 readUniversal( stream );
605 status = readSerialNumber( stream, certInfoPtr,
DEFAULT_TAG );
607 status = readValidity( stream, certInfoPtr );
612 status = readUniversal( stream );
619 status = readUniqueID( stream, certInfoPtr,
631 status = readAttributes( stream, &certInfoPtr->attributes,
633 &certInfoPtr->errorLocus, &certInfoPtr->errorType );
665 CERT_REV_INFO *certRevInfo = certInfoPtr->cCertRev;
675 return( readCRLentry( stream, &certRevInfo->revocations, 1,
676 &certInfoPtr->errorLocus,
677 &certInfoPtr->errorType ) );
681 status = readLongSequence( stream, &length );
690 endPos = stell( stream ) +
length;
691 status = readVersion( stream, certInfoPtr,
BER_INTEGER, 2 );
701 readUniversal( stream );
704 status = readIssuerDN( stream, certInfoPtr );
707 status =
readUTCTime( stream, &certInfoPtr->startTime );
713 status =
readUTCTime( stream, &certInfoPtr->endTime );
732 status = readLongSequence( stream, &length );
741 for( noCrlEntries = 0;
746 const long innerStartPos = stell( stream );
750 status = readCRLentry( stream, &certRevInfo->revocations,
751 noCrlEntries, &certInfoPtr->errorLocus,
752 &certInfoPtr->errorType );
754 length -= stell( stream ) - innerStartPos;
756 ENSURES( noCrlEntries < FAILSAFE_ITERATIONS_MAX );
765 certRevInfo->currentRevocation = certRevInfo->revocations;
773 status = readAttributes( stream, &certInfoPtr->attributes,
775 &certInfoPtr->errorLocus, &certInfoPtr->errorType );
781 return( fixAttributes( certInfoPtr ) );
811 tag = peekTag( stream );
816 readConstructed( stream, NULL, 0 );
818 status =
readUTCTime( stream, &certInfoPtr->startTime );
826 tag = peekTag( stream );
832 readConstructed( stream, NULL, 1 );
834 status =
readUTCTime( stream, &certInfoPtr->endTime );
867 ( optTerminatorTag1 > 0 && optTerminatorTag1 <=
MAX_TAG ) );
869 ( optTerminatorTag2 > 0 && optTerminatorTag2 <=
MAX_TAG ) );
872 for( fieldsProcessed = 0;
881 tag = peekTag( stream );
884 if( tag == terminatorTag )
886 if( optTerminatorTag1 !=
NO_TAG && tag == optTerminatorTag1 )
888 if( optTerminatorTag2 !=
NO_TAG && tag == optTerminatorTag2 )
892 status = readUniversal( stream );
896 if( fieldsProcessed >= 8 )
926 static
int readCertRequestInfo(
INOUT STREAM *stream,
936 status = readSequence( stream, &length );
939 endPos = stell( stream ) +
length;
940 status = readVersion( stream, certInfoPtr,
DEFAULT_TAG, 1 );
946 status = readSubjectDN( stream, certInfoPtr );
948 status = readPublicKeyInfo( stream, certInfoPtr );
959 status = readAttributes( stream, &certInfoPtr->attributes,
961 &certInfoPtr->errorLocus,
962 &certInfoPtr->errorType );
972 return( fixAttributes( certInfoPtr ) );
994 static
int readCrmfRequestInfo(
INOUT STREAM *stream,
1003 status = readSequence( stream, &length );
1006 endPos = stell( stream ) +
length;
1007 readUniversal( stream );
1008 status = readSequence( stream, NULL );
1014 status = skipCrmfJunk( stream, endPos,
1024 status = readCrmfValidity( stream, certInfoPtr );
1033 status = readSubjectDN( stream, certInfoPtr );
1045 return( certErrorReturn( certInfoPtr,
1049 status = readPublicKeyInfo( stream, certInfoPtr );
1051 return( certErrorReturn( certInfoPtr,
1061 status = readAttributes( stream, &certInfoPtr->attributes,
1063 &certInfoPtr->errorLocus, &certInfoPtr->errorType );
1070 status = fixAttributes( certInfoPtr );
1082 readUniversal( stream );
1089 tag = peekTag( stream );
1106 return( readConstructed( stream, NULL,
EXTRACT_CTAG( tag ) ) );
1123 static
int readRevRequestInfo(
INOUT STREAM *stream,
1132 status = readSequence( stream, &length );
1135 endPos = stell( stream ) +
length;
1138 status = skipCrmfJunk( stream, endPos,
1142 status = readSerialNumber( stream, certInfoPtr,
1155 status = readIssuerDN( stream, certInfoPtr );
1174 status = readAttributes( stream, &certInfoPtr->attributes,
1176 length, &certInfoPtr->errorLocus,
1177 &certInfoPtr->errorType );
1184 return( fixAttributes( certInfoPtr ) );
1206 static
int readRtcsRequestInfo(
INOUT STREAM *stream,
1209 CERT_VAL_INFO *certValInfo = certInfoPtr->cCertVal;
1217 status = readSequence( stream, &length );
1220 endPos = stell( stream ) +
length;
1221 status = readSequence( stream, &length );
1222 for( fieldsProcessed = 0;
1227 const int innerStartPos = stell( stream );
1231 status = readRtcsRequestEntry( stream, &certValInfo->validityInfo,
1234 length -= stell( stream ) - innerStartPos;
1237 fieldsProcessed >= FAILSAFE_ITERATIONS_LARGE )
1247 certValInfo->currentValidity = certValInfo->validityInfo;
1254 status = readAttributes( stream, &certInfoPtr->attributes,
1256 &certInfoPtr->errorLocus, &certInfoPtr->errorType );
1262 return( fixAttributes( certInfoPtr ) );
1273 static
int readRtcsResponseInfo(
INOUT STREAM *stream,
1276 CERT_VAL_INFO *certValInfo = certInfoPtr->cCertVal;
1284 status = readSequence( stream, &length );
1287 endPos = stell( stream ) +
length;
1288 for( fieldsProcessed = 0;
1293 const int innerStartPos = stell( stream );
1297 status = readRtcsResponseEntry( stream, &certValInfo->validityInfo,
1298 certInfoPtr,
FALSE );
1300 length -= stell( stream ) - innerStartPos;
1303 fieldsProcessed >= FAILSAFE_ITERATIONS_LARGE )
1313 certValInfo->currentValidity = certValInfo->validityInfo;
1320 status = readAttributes( stream, &certInfoPtr->attributes,
1322 &certInfoPtr->errorLocus, &certInfoPtr->errorType );
1362 static
int readOcspRequestInfo(
INOUT STREAM *stream,
1365 CERT_REV_INFO *certRevInfo = certInfoPtr->cCertRev;
1372 status = readSequence( stream, &length );
1375 endPos = stell( stream ) +
length;
1381 readUniversal( stream );
1385 status = readSequence( stream, &length );
1386 for( fieldsProcessed = 0;
1391 const int innerStartPos = stell( stream );
1395 status = readOcspRequestEntry( stream, &certRevInfo->revocations,
1398 length -= stell( stream ) - innerStartPos;
1401 fieldsProcessed >= FAILSAFE_ITERATIONS_LARGE )
1411 certRevInfo->currentRevocation = certRevInfo->revocations;
1418 status = readAttributes( stream, &certInfoPtr->attributes,
1420 &certInfoPtr->errorLocus, &certInfoPtr->errorType );
1426 return( fixAttributes( certInfoPtr ) );
1440 static
int readOcspResponseInfo(
INOUT STREAM *stream,
1443 CERT_REV_INFO *certRevInfo = certInfoPtr->cCertRev;
1451 status = readSequence( stream, &length );
1454 endPos = stell( stream ) +
length;
1459 if( peekTag( stream ) ==
MAKE_CTAG( 1 ) )
1463 readConstructed( stream, NULL, 1 );
1464 status = readIssuerDN( stream, certInfoPtr );
1473 readUniversal( stream );
1481 status = readSequence( stream, &length );
1482 for( fieldsProcessed = 0;
1487 const int innerStartPos = stell( stream );
1491 status = readOcspResponseEntry( stream, &certRevInfo->revocations,
1494 length -= stell( stream ) - innerStartPos;
1497 fieldsProcessed >= FAILSAFE_ITERATIONS_LARGE )
1507 certRevInfo->currentRevocation = certRevInfo->revocations;
1512 status = readAttributes( stream, &certInfoPtr->attributes,
1514 &certInfoPtr->errorLocus, &certInfoPtr->errorType );
1541 static
int readCmsAttributes(
INOUT STREAM *stream,
1550 return( readAttributes( stream, &attributeInfoPtr->attributes,
1552 &attributeInfoPtr->errorLocus,
1553 &attributeInfoPtr->errorType ) );
1579 CERT_PKIUSER_INFO *certUserInfo = userInfoPtr->cCertUser;
1586 BYTE userInfo[ 128 + 8 ];
1594 status = getStreamObjectLength( stream, &length );
1597 userInfoPtr->subjectDNsize =
length;
1598 status = sMemGetDataBlock( stream, &userInfoPtr->subjectDNptr,
1602 status = readDN( stream, &userInfoPtr->subjectName );
1605 status = readContextAlgoID( stream, NULL, &queryInfo,
DEFAULT_TAG,
1636 userInfo, userInfoSize );
1645 sMemConnect( &userInfoStream, userInfo, userInfoSize );
1646 readSequence( &userInfoStream, NULL );
1652 sMemDisconnect( &userInfoStream );
1653 zeroise( userInfo, userInfoSize );
1658 status = readAttributes( stream, &userInfoPtr->attributes,
1660 &userInfoPtr->errorLocus,
1661 &userInfoPtr->errorType );
1673 getFirstAttribute( &attrEnumInfo,
1674 userInfoPtr->attributes,
1677 attributeCursor != NULL && \
1678 iterationCount < FAILSAFE_ITERATIONS_MAX;
1680 getNextAttribute( &attrEnumInfo ), \
1683 setAttributeProperty( attributeCursor,
1686 ENSURES( iterationCount < FAILSAFE_ITERATIONS_MAX );
1700 const READCERT_FUNCTION
function;
1702 static const CERTREAD_INFO
FAR_BSS certReadTable[] = {
1743 if( certReadTable[ i ].type == certType )
1744 return( certReadTable[ i ].
function );