00001 00010 #include "BasicConstraintsViolation.h" 00011 00012 #include "ToolkitUtils.h" // for LOG_STRING_DEBUG 00013 #include "components.h" 00014 00015 #include "BasicConstraints.h" 00016 #include "PolicyMappings.h" 00017 #include "PolicyInformationSet.h" 00018 #include "AuthorityKeyIdentifier.h" 00019 #include "Certificate.h" 00020 #include "KeyUsage.h" 00021 #include "ExtendedKeyUsage.h" 00022 #include "PKIFCertificateNodeEntry.h" 00023 00032 BasicConstraintsViolation::BasicConstraintsViolation() 00033 { 00034 m_numOfCAsBelowCurInPath = -1; 00035 } 00048 void BasicConstraintsViolation::SetCACount( 00050 int caCount) 00051 { 00052 m_numOfCAsBelowCurInPath = caCount; 00053 } 00068 bool BasicConstraintsViolation::operator()( 00070 const CPKIFCertificateNodeEntryPtr& entry) 00071 { 00072 LOG_STRING_DEBUG("BasicConstraintsViolation::operator()", TOOLKIT_PATH_MISC, 0, this); 00073 00074 if(entry == (CPKIFCertificateNodeEntry*)NULL) 00075 return true; 00076 00077 CPKIFCertificatePtr cert = entry->GetCert(); 00078 if(cert == (CPKIFCertificate*)NULL) 00079 return true; 00080 00081 CPKIFBasicConstraintsPtr basicConstraints = cert->GetExtension<CPKIFBasicConstraints>(); 00082 if(basicConstraints != (CPKIFBasicConstraints*)NULL) 00083 { 00084 if(basicConstraints->pathLengthPresent()) 00085 { 00086 if(m_numOfCAsBelowCurInPath >= 0 && basicConstraints->pathLength() < m_numOfCAsBelowCurInPath) 00087 return true; 00088 } 00089 } 00090 return false; 00091 } 00092
1.5.6