PKIFTSP_helpers.cpp

Go to the documentation of this file.
00001 
00009 //This file contains trivial wrappers to contain data to be encoded 
00010 //using objective der encoding library (see PKIFTSP.cpp for the rest
00011 //of the TSP code).
00012 
00013 //#include "PKIFCAPIRaw.h"  //for auto-hash feature in MessageImprint
00014 //#include "PKIFX509Extensions2.h"
00015 //#include "SignedData.h"
00016 //#include "PKIFOCSPChecker.h"
00017 //#include "PKIFTSP.h"
00018 //#include "PKIFCommonErrors.h"
00019 //#include "PKIFFuncStorage.h"
00020 
00021 #include "PKIFPathInterfaces.h"
00022 #include "components.h"
00023 #include "PKIFCertificateNodeEntry.h"
00024 #include "ExtendedKeyUsage.h"
00025 #include "ToolkitUtils.h"
00026 #include "Certificate.h"
00027 #include "OID.h"
00028 #include "GottaMatch.h"
00029 #include <vector>
00030 
00031 //*****************************************************************
00032 //  Time stamp token info
00033 //*****************************************************************
00034 
00035 //*****************************************************************
00036 //  PKI status info
00037 //*****************************************************************
00038 
00039 
00040 
00041 //*****************************************************************
00042 //  CPKIFTimestampVerifier
00043 //*****************************************************************
00044 
00054 void EKUChecker_TimestampTSP(
00057     const CPKIFCertificateNodeEntryPtr& certNode, 
00059     CPKIFPathValidationResults& results, 
00061     CertificateType type)
00062 {
00063     LOG_STRING_DEBUG("EKUChecker_TimestampTSP", TOOLKIT_TSP_TIMESTAMP_VERIFIER, 0, NULL);
00064 
00065     if(EE == type)
00066     {
00067         CPKIFCertificatePtr curCert = certNode->GetCert();
00068 
00069         //TO BE RFC 3161 COMPLIANT WE SHOULD NOT PERMIT ANY EKU AND WE SHOULD
00070         //REQUIRE A SINGLE KEY PURPOSE IF AND SHOULD REQUIRE CRITICALITY.  WE
00071         //ARE NOT COMPLIANT.
00072 
00073         CPKIFExtendedKeyUsagePtr eku = curCert->GetExtension<CPKIFExtendedKeyUsage>();
00074         if(eku != (CPKIFExtendedKeyUsage*)NULL)
00075         {
00076             std::vector<CPKIFOIDPtr> keyPurposeIDs;
00077             eku->KeyPurposeIDs(keyPurposeIDs);
00078 
00079             GottaMatch<CPKIFOIDPtr> gm;
00080             gm.SetRHS(g_timestampingEKU);
00081 
00082             std::vector<CPKIFOIDPtr>::iterator end = keyPurposeIDs.end();
00083             if(end != find_if(keyPurposeIDs.begin(), keyPurposeIDs.end(), gm))
00084             {
00085                 CPKIFX509ExtensionPtr eku2 = eku;
00086                 certNode->MarkExtensionAsProcessed(eku2);
00087             }
00088             else
00089             {
00090                 gm.SetRHS(g_anyEKU);
00091                 if(end != find_if(keyPurposeIDs.begin(), keyPurposeIDs.end(), gm))
00092                 {
00093                     CPKIFX509ExtensionPtr eku2 = eku;
00094                     certNode->MarkExtensionAsProcessed(eku2);
00095                 }
00096             }
00097         }
00098     }
00099 }
00100
Generated on Mon Nov 15 11:15:55 2010 for PublicKeyInfrastructureFramework(PKIF) by  doxygen 1.5.6