oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

add hx509_ca_tbs_set_serialnumber

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19729 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2007-01-05 18:40:46 +00:00
parent d5a4dea1e1
commit dfcfc51c66
1 changed files with 33 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
lib/hx509/ca.c
View File

@@ -41,10 +41,12 @@ struct hx509_ca_tbs {
ExtKeyUsage eku; ExtKeyUsage eku;
GeneralNames san; GeneralNames san;
unsigned key_usage; unsigned key_usage;
heim_integer serial;
struct { struct {
unsigned int proxy:1; unsigned int proxy:1;
unsigned int ca:1; unsigned int ca:1;
unsigned int key:1; unsigned int key:1;
unsigned int serial:1;
} flags; } flags;
time_t notBefore; time_t notBefore;
time_t notAfter; time_t notAfter;
@@ -77,6 +79,7 @@ hx509_ca_tbs_free(hx509_ca_tbs *tbs)
free_SubjectPublicKeyInfo(&(*tbs)->spki); free_SubjectPublicKeyInfo(&(*tbs)->spki);
free_GeneralNames(&(*tbs)->san); free_GeneralNames(&(*tbs)->san);
free_ExtKeyUsage(&(*tbs)->eku); free_ExtKeyUsage(&(*tbs)->eku);
der_free_heim_integer(&(*tbs)->serial);
hx509_name_free(&(*tbs)->subject); hx509_name_free(&(*tbs)->subject);
@@ -133,7 +136,7 @@ hx509_ca_tbs_set_proxy(hx509_context context,
int int
hx509_ca_tbs_set_spki(hx509_context contex, hx509_ca_tbs_set_spki(hx509_context context,
hx509_ca_tbs tbs, hx509_ca_tbs tbs,
const SubjectPublicKeyInfo *spki) const SubjectPublicKeyInfo *spki)
{ {
@@ -144,6 +147,18 @@ hx509_ca_tbs_set_spki(hx509_context contex,
return ret; return ret;
} }
int
hx509_ca_tbs_set_serialnumber(hx509_context context,
hx509_ca_tbs tbs,
const heim_integer *serialNumber)
{
int ret;
der_free_heim_integer(&tbs->serial);
ret = der_copy_heim_integer(serialNumber, &tbs->serial);
tbs->flags.serial = !ret;
return ret;
}
int int
hx509_ca_tbs_add_eku(hx509_context contex, hx509_ca_tbs_add_eku(hx509_context contex,
hx509_ca_tbs tbs, hx509_ca_tbs tbs,
@@ -467,16 +482,24 @@ ca_sign(hx509_context context,
} }
*tbsc->version = rfc3280_version_3; *tbsc->version = rfc3280_version_3;
/* serialNumber CertificateSerialNumber, */ /* serialNumber CertificateSerialNumber, */
tbsc->serialNumber.length = 20; if (tbs->flags.serial) {
tbsc->serialNumber.data = malloc(tbsc->serialNumber.length); ret = der_copy_heim_integer(&tbs->serial, &tbsc->serialNumber);
if (tbsc->serialNumber.data == NULL){ if (ret) {
ret = ENOMEM; hx509_set_error_string(context, 0, ret, "Out of memory");
hx509_set_error_string(context, 0, ret, "Out of memory"); goto out;
goto out; }
} else {
tbsc->serialNumber.length = 20;
tbsc->serialNumber.data = malloc(tbsc->serialNumber.length);
if (tbsc->serialNumber.data == NULL){
ret = ENOMEM;
hx509_set_error_string(context, 0, ret, "Out of memory");
goto out;
}
/* XXX diffrent */
RAND_bytes(tbsc->serialNumber.data, tbsc->serialNumber.length);
((unsigned char *)tbsc->serialNumber.data)[0] &= 0x7f;
} }
/* XXX diffrent */
RAND_bytes(tbsc->serialNumber.data, tbsc->serialNumber.length);
((unsigned char *)tbsc->serialNumber.data)[0] &= 0x7f;
/* signature AlgorithmIdentifier, */ /* signature AlgorithmIdentifier, */
ret = copy_AlgorithmIdentifier(sigalg, &tbsc->signature); ret = copy_AlgorithmIdentifier(sigalg, &tbsc->signature);
if (ret) { if (ret) {