69 #ifdef USE_CERTIFICATES
93 status = getKeyUsageFromExtKeyUsage( certInfoPtr, &extKeyUsage,
94 &certInfoPtr->errorLocus, &certInfoPtr->errorType );
97 status = getAttributeFieldValue( certInfoPtr->attributes,
122 const int effectiveKeyUsage = \
125 if( ( keyUsage & effectiveKeyUsage ) != effectiveKeyUsage )
136 status = getAttributeFieldValue( certInfoPtr->attributes,
165 if( extKeyUsage <= 0 && !isCA )
197 if(
isSigAlgo( certInfoPtr->publicKeyAlgo ) )
201 if(
isKeyxAlgo( certInfoPtr->publicKeyAlgo ) )
210 keyUsage = extKeyUsage;
226 usageOK =
isSigAlgo( certInfoPtr->publicKeyAlgo );
243 if( certInfoPtr->publicKeyFeatures > 0 )
248 certInfoPtr->publicKeyFeatures );
254 return( addCertComponentString( certInfoPtr,
270 #ifdef USE_CERTLEVEL_PKIX_FULL
305 status = getAttributeFieldValue( subjectCertInfoPtr->attributes,
319 if( attributePtr == NULL )
339 IN_FLAGS( PRE_SET )
const int actions )
344 assert( ( issuerCertInfoPtr == NULL ) || \
351 issuerCertInfoPtr != NULL ) || \
365 if( subjectCertInfoPtr->publicKeyInfo == NULL )
374 if( subjectCertInfoPtr->version >= 3 )
376 status = addStandardExtensions( subjectCertInfoPtr );
390 status = copyIssuerAttributes( &subjectCertInfoPtr->attributes,
391 issuerCertInfoPtr->attributes,
392 subjectCertInfoPtr->type,
393 &subjectCertInfoPtr->errorLocus,
394 &subjectCertInfoPtr->errorType );
405 if( subjectCertInfoPtr->issuerName == NULL )
407 status = copyDN( &subjectCertInfoPtr->issuerName,
408 issuerCertInfoPtr->subjectName );
420 if( subjectCertInfoPtr->startTime < issuerCertInfoPtr->startTime )
421 subjectCertInfoPtr->startTime = issuerCertInfoPtr->startTime;
422 if( subjectCertInfoPtr->endTime > issuerCertInfoPtr->endTime )
423 subjectCertInfoPtr->endTime = issuerCertInfoPtr->endTime;
431 status = prepareValidityEntries( subjectCertInfoPtr->cCertVal->validityInfo,
432 &subjectCertInfoPtr->cCertVal->currentValidity,
433 &subjectCertInfoPtr->errorLocus,
434 &subjectCertInfoPtr->errorType );
445 REVOCATION_INFO *revocationErrorEntry;
448 status = prepareRevocationEntries( subjectCertInfoPtr->cCertRev->revocations,
449 subjectCertInfoPtr->cCertRev->revocationTime,
450 &revocationErrorEntry, isCrlEntry,
451 &subjectCertInfoPtr->errorLocus,
452 &subjectCertInfoPtr->errorType );
459 subjectCertInfoPtr->cCertRev->currentRevocation = \
460 revocationErrorEntry;
475 IN_FLAGS( PRE_CHECK )
const int actions,
481 assert( ( issuerCertInfoPtr == NULL ) || \
490 issuerCertInfoPtr != NULL ) || \
501 if( subjectCertInfoPtr->publicKeyInfo == NULL )
513 status = checkDN( subjectCertInfoPtr->subjectName,
515 &subjectCertInfoPtr->errorLocus,
516 &subjectCertInfoPtr->errorType );
519 #ifdef USE_CERTLEVEL_PKIX_FULL
523 !checkEmptyDnOK( subjectCertInfoPtr ) )
534 status = checkDN( subjectCertInfoPtr->subjectName,
536 &subjectCertInfoPtr->errorLocus,
537 &subjectCertInfoPtr->errorType );
547 if( issuerCertInfoPtr == NULL || \
548 issuerCertInfoPtr->subjectDNptr == NULL || \
549 issuerCertInfoPtr->subjectDNsize < 1 )
562 if( ( subjectCertInfoPtr->issuerName == NULL ) &&
563 ( subjectCertInfoPtr->issuerDNptr == NULL || \
564 subjectCertInfoPtr->issuerDNsize < 1 ) )
580 if( !
compareDN( subjectCertInfoPtr->issuerName,
581 issuerCertInfoPtr->subjectName,
FALSE, NULL ) )
597 if(
compareDN( issuerCertInfoPtr->subjectName,
598 subjectCertInfoPtr->subjectName,
FALSE, NULL ) )
612 if( subjectCertInfoPtr->cCertReq->serialNumberLength <= 0 )
622 if( subjectCertInfoPtr->cCertCert->serialNumberLength <= 0 )
635 if( subjectCertInfoPtr->cCertVal->validityInfo == NULL )
646 if( subjectCertInfoPtr->cCertRev->revocations == NULL )
658 if( subjectCertInfoPtr->attributes != NULL )
660 status = checkAttributes( ( subjectCertInfoPtr->type == \
663 subjectCertInfoPtr->attributes,
664 &subjectCertInfoPtr->errorLocus,
665 &subjectCertInfoPtr->errorType );
669 status = checkCert( subjectCertInfoPtr, issuerCertInfoPtr,
FALSE,
670 &subjectCertInfoPtr->errorLocus,
671 &subjectCertInfoPtr->errorType );
683 subjectCertInfoPtr->cCertCert->maxCheckLevel = \
684 CRYPT_COMPLIANCELEVEL_PKIX_FULL;