From dfcfc51c66175f1a3642720d49c6a58327d13dbe Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= <lha@kth.se>
Date: Fri, 5 Jan 2007 18:40:46 +0000
Subject: [PATCH] add hx509_ca_tbs_set_serialnumber

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19729 ec53bebd-3082-4978-b11e-865c3cabbd6b
---
 lib/hx509/ca.c | 43 +++++++++++++++++++++++++++++++++----------
 1 file changed, 33 insertions(+), 10 deletions(-)

diff --git a/lib/hx509/ca.c b/lib/hx509/ca.c
index 63f9b7dbe..70fd33b70 100644
--- a/lib/hx509/ca.c
+++ b/lib/hx509/ca.c
@@ -41,10 +41,12 @@ struct hx509_ca_tbs {
     ExtKeyUsage eku;
     GeneralNames san;
     unsigned key_usage;
+    heim_integer serial;
     struct {
 	unsigned int proxy:1;
 	unsigned int ca:1;
 	unsigned int key:1;
+	unsigned int serial:1;
     } flags;
     time_t notBefore;
     time_t notAfter;
@@ -77,6 +79,7 @@ hx509_ca_tbs_free(hx509_ca_tbs *tbs)
     free_SubjectPublicKeyInfo(&(*tbs)->spki);
     free_GeneralNames(&(*tbs)->san);
     free_ExtKeyUsage(&(*tbs)->eku);
+    der_free_heim_integer(&(*tbs)->serial);
 
     hx509_name_free(&(*tbs)->subject);
 
@@ -133,7 +136,7 @@ hx509_ca_tbs_set_proxy(hx509_context context,
 
 
 int
-hx509_ca_tbs_set_spki(hx509_context contex,
+hx509_ca_tbs_set_spki(hx509_context context,
 		      hx509_ca_tbs tbs,
 		      const SubjectPublicKeyInfo *spki)
 {
@@ -144,6 +147,18 @@ hx509_ca_tbs_set_spki(hx509_context contex,
     return ret;
 }
 
+int
+hx509_ca_tbs_set_serialnumber(hx509_context context,
+			      hx509_ca_tbs tbs,
+			      const heim_integer *serialNumber)
+{
+    int ret;
+    der_free_heim_integer(&tbs->serial);
+    ret = der_copy_heim_integer(serialNumber, &tbs->serial);
+    tbs->flags.serial = !ret;
+    return ret;
+}
+
 int
 hx509_ca_tbs_add_eku(hx509_context contex,
 		     hx509_ca_tbs tbs,
@@ -467,16 +482,24 @@ ca_sign(hx509_context context,
     }
     *tbsc->version = rfc3280_version_3;
     /* serialNumber         CertificateSerialNumber, */
-    tbsc->serialNumber.length = 20;
-    tbsc->serialNumber.data = malloc(tbsc->serialNumber.length);
-    if (tbsc->serialNumber.data == NULL){
-	ret = ENOMEM;
-	hx509_set_error_string(context, 0, ret, "Out of memory");
-	goto out;
+    if (tbs->flags.serial) {
+	ret = der_copy_heim_integer(&tbs->serial, &tbsc->serialNumber);
+	if (ret) {
+	    hx509_set_error_string(context, 0, ret, "Out of memory");
+	    goto out;
+	}
+    } else {
+	tbsc->serialNumber.length = 20;
+	tbsc->serialNumber.data = malloc(tbsc->serialNumber.length);
+	if (tbsc->serialNumber.data == NULL){
+	    ret = ENOMEM;
+	    hx509_set_error_string(context, 0, ret, "Out of memory");
+	    goto out;
+	}
+	/* XXX diffrent */
+	RAND_bytes(tbsc->serialNumber.data, tbsc->serialNumber.length);
+	((unsigned char *)tbsc->serialNumber.data)[0] &= 0x7f;
     }
-    /* XXX diffrent */
-    RAND_bytes(tbsc->serialNumber.data, tbsc->serialNumber.length);
-    ((unsigned char *)tbsc->serialNumber.data)[0] &= 0x7f;
     /* signature            AlgorithmIdentifier, */
     ret = copy_AlgorithmIdentifier(sigalg, &tbsc->signature);
     if (ret) {