Module: Miscellaneous
Definition in file ToolkitUtils.cpp.
#include "ToolkitUtils.h"
#include "PKIFAlgorithm.h"
#include "PKIFAiaOrSiaRetrieval.h"
#include "PKIFMediators.h"
#include "IPKIFTrustCacheUpdate.h"
#include "IPKIFCryptoKeyManagement.h"
#include "IPKIFCryptoKeyIDOperations.h"
#include "IPKIFDefaultPathManagement.h"
#include "PKIFCacheMediator2.h"
#include "CPKIFPathProcessingMediator2.h"
#include "CPKIFRevocationStatusMediator2.h"
#include "CPKIFCryptoMediator2.h"
#include "SimpleCertCache.h"
#include "SimpleCRLCache.h"
#include "PKIFCRLDPRetrieval.h"
#include "PKIFX509CRLChecker.h"
#include "PKIFCryptUtils.h"
#include "HttpServerBlacklist.h"
#include "PKIFOCSPChecker.h"
#include "CRLDistributionPoints.h"
#include "GeneralSubtree.h"
#include "DistributionPointName.h"
#include "CRLDistributionPoint.h"
#include "ASN1Helper.h"
#include "PKIX1Implicit88.h"
#include "PKIX1Explicit88.h"
#include "PKIFNameMemoryHelper.h"
#include "PKIFErrors.h"
#include "Buffer.h"
#include "OID.h"
#include "GeneralName.h"
#include "AlgorithmIdentifier.h"
#include "Certificate.h"
#include "ExtendedKeyUsage.h"
#include "GottaMatch.h"
#include "KeyUsage.h"
#include "IPKIFCryptoAlgSupport.h"
#include "PKIFNSSRepository.h"
#include "PKIFNSSPasswordStorage.h"
#include "PKIFNSSCertUpdate.h"
#include "PKIFNSSCRLUpdate.h"
#include "PKIFNSSTrustStore.h"
#include "PKIFNSSRaw.h"
#include "PKIFNSS.h"
#include "ASN1HelperLib.h"
#include "ToolkitutilsPrivate.h"
#include "LDAP_URL_Header.h"
#include "CSingletonLDAPConnection.h"
#include "boost/cstdint.hpp"
#include "boost/numeric/conversion/cast.hpp"
#include "boost/asio/io_service.hpp"
#include "boost/asio/ip/address.hpp"
#include "boost/asio/ip/address_v4.hpp"
#include "boost/asio/ip/address_v6.hpp"
#include <sstream>
#include <cstdio>
#include "curl/curl.h"
Go to the source code of this file.
Defines | |
| #define | STRCASECMP strcasecmp |
| #define | CERT_DIGITAL_SIGNATURE_KEY_USAGE 0x80 |
| #define | CERT_NON_REPUDIATION_KEY_USAGE 0x40 |
| #define | CERT_KEY_ENCIPHERMENT_KEY_USAGE 0x20 |
| #define | CERT_DATA_ENCIPHERMENT_KEY_USAGE 0x10 |
| #define | CERT_KEY_AGREEMENT_KEY_USAGE 0x08 |
| #define | CERT_KEY_CERT_SIGN_KEY_USAGE 0x04 |
| #define | CERT_OFFLINE_CRL_SIGN_KEY_USAGE 0x02 |
| #define | CERT_CRL_SIGN_KEY_USAGE 0x02 |
| #define | CERT_ENCIPHER_ONLY_KEY_USAGE 0x01 |
| #define | CERT_DECIPHER_ONLY_KEY_USAGE 0x80 |
| #define | RETURN(rv) |
| #define | RETURN(rv) |
| #define | ACCEPTABLE(a) ( binVal[a] != 0xF0 ) |
Functions | |
| CAC_API IPKIFCertRepository * | Get_IPKIFCertRepository (IPKIFMediatorPtr &m) |
| CAC_API IPKIFCertRepositoryUpdate * | Get_IPKIFCertRepositoryUpdate (IPKIFMediatorPtr &m) |
| CAC_API IPKIFCertSearch * | Get_IPKIFCertSearch (IPKIFMediatorPtr &m) |
| CAC_API IPKIFCRLRepository * | Get_IPKIFCRLRepository (IPKIFMediatorPtr &m) |
| CAC_API IPKIFCRLRepositoryUpdate * | Get_IPKIFCRLRepositoryUpdate (IPKIFMediatorPtr &m) |
| CAC_API IPKIFTrustCache * | Get_IPKIFTrustCache (IPKIFMediatorPtr &m) |
| CAC_API IPKIFTrustCacheUpdate * | Get_IPKIFTrustCacheUpdate (IPKIFMediatorPtr &m) |
| CAC_API IPKIFCryptoKeyManagement * | Get_IPKIFCryptoKeyManagement (IPKIFMediatorPtr &m) |
| CAC_API IPKIFCryptoKeyIDOperations * | Get_IPKIFCryptoKeyIDOperations (IPKIFMediatorPtr &m) |
| CAC_API IPKIFCryptoMisc * | Get_IPKIFCryptoMisc (IPKIFMediatorPtr &m) |
| CAC_API IPKIFCryptoRawOperations * | Get_IPKIFCryptoRawOperations (IPKIFMediatorPtr &m) |
| CAC_API IPKIFCryptoAlgSupport * | Get_IPKIFCryptoAlgSupport (IPKIFMediatorPtr &m) |
| CAC_API IPKIFDefaultPathManagement * | Get_IPKIFDefaultPathManagement (IPKIFMediatorPtr &m) |
| CAC_API void | AddCacheColleague (IPKIFMediatorPtr &m, IPKIFColleaguePtr &c) |
| CAC_API IPKIFMediatorPtr | MakeDefaultMediator (bool isService) |
| CAC_API IPKIFMediatorPtr | MakeDefaultMediator (bool isService, CPKIFOCSPCheckerPtr &trustedResponder) |
| CAC_API IPKIFMediatorPtr | MakeDefaultMediator (bool isService, CPKIFOCSPCheckerPtr &trustedResponder, CPKIFOCSPCheckerPtr &aiaColleague) |
| void CAC_API | FreeDefaultMediator (IPKIFMediator *p) |
| CAC_API IPKIFMediatorPtr | MakeDefaultMediatorNSS (const char *db) |
| CAC_API IPKIFMediatorPtr | MakeDefaultMediatorNSS (const char *db, CPKIFOCSPCheckerPtr &trustedResponder) |
| CAC_API IPKIFMediatorPtr | MakeDefaultMediatorNSS (const char *dbdir, CPKIFOCSPCheckerPtr &trustedResponder, CPKIFOCSPCheckerPtr &aiaColleague) |
| void CAC_API | FreeDefaultMediatorNSS (IPKIFMediator *p) |
| size_t | WriteCB (void *ptr, size_t size, size_t count, void *data) |
| BOOL CAC_API | PostRequestURL (CPKIFBufferPtr &encTSR, CPKIFBufferPtr &resp, const char *pstrURL, PKIFServiceType pst) |
| BOOL CAC_API | PostRequest (CPKIFBufferPtr &encTSR, CPKIFBufferPtr &resp, const char *pstrServer, int port, const char *pstrObject, PKIFServiceType pst) |
| BOOL CAC_API | GetRequest (const char *pstrURL, CPKIFBufferPtr &resp) |
| CPKIFAlgorithmIdentifierPtr CAC_API | GetHashAlgAI (PKIFCRYPTO::HASH_ALG hashAlgorithm) |
| AlgClass | GetAlgClass (const CPKIFAlgorithmIdentifierPtr &alg) |
| bool CAC_API | GetCACHashAlg (const CPKIFOIDPtr &alg, PKIFCRYPTO::HASH_ALG *hashAlg) |
| CPKIFBufferPtr CAC_API | EncodeCPKIFNameAsGenName (const CPKIFNamePtr &name) |
| CPKIFNamePtr CAC_API | GetPKIFNameFromStr (unsigned char *dn) |
| void | BuildCACX509V3DistinguishedName (unsigned char *dn, CACX509V3DistinguishedName *cacx509v3dn) |
| void | BuildCACX509V3RelativeDistinguishedName (unsigned char *rdn, CACX509V3RelativeDistinguishedName *cacx509v3rdn) |
| void | BuildCACX509V3AttributeTypeAndValue (char *attrTypeAndValue, CACX509V3AttributeTypeAndValue *cacx509v3atadv) |
| void | split (const string &text, string &separators, vector< string > &words) |
| CPKIFGeneralNamePtr | GetPKIFGenNameFromStr (unsigned char *name, int nameType) |
| CPKIFBufferPtr | GetEncGenNameFromStr (unsigned char *name, int nameType) |
| CPKIFBufferPtr CAC_API | EncodeGeneralName (CPKIFGeneralNamePtr &gn) |
| void | FreeName (CACX509V3Name **dest) |
| void | FreeGeneralName (CACX509V3GeneralName &objName) |
| CPKIFStringPtr | GetCertInfo (CPKIFCertificatePtr &targetCert) |
| bool | CertIsSelfIssued (const CPKIFCertificatePtr &cert) |
| void | CollectNamesFromCRLDP (const CPKIFCertificatePtr &cert, CPKIFGeneralNameList &namesFromCert) |
| int CAC_API | atob (char *byteval, char *ascval, unsigned int *alength) |
| void CAC_API | btoa (const char *byteval, char *ascval, unsigned int blength) |
| void | FormatErrorMessage (std::string &result, const char *primaryMessage, unsigned int code, const char *file, int lineNum) |
| bool | keyUsageTest (BYTE keyUse[2], bitset< 9 > *ku) |
| void | RemoveParentRelationships (std::vector< IPKIFColleaguePtr > &modules, IPKIFMediator *mediator) |
| void | FreeAdditionalModules (std::vector< IPKIFColleague * > &modules, IPKIFMediator *mediator) |
| void | FreeAdditionalModules2 (std::vector< IPKIFColleague * > &modules, IPKIFMediator *mediator, std::vector< void(*)(void *)> &vDeleteFuncs) |
| CAC_API char * | GetErrorCodeString (int errorCode, char *buf) |
| void CAC_API | keyUsageChecker_AnyEE (const CPKIFCertificateNodeEntryPtr &certNode, CPKIFPathValidationResults &results, CertificateType type) |
| void CAC_API | EKUChecker_Timestamp (const CPKIFCertificateNodeEntryPtr &certNode, CPKIFPathValidationResults &results, CertificateType type) |
| void CAC_API | EKUChecker_OcspSigning (const CPKIFCertificateNodeEntryPtr &certNode, CPKIFPathValidationResults &results, CertificateType type) |
| std::string | DecodeIPAndMask (const CPKIFBufferPtr &encodedIP) |
Variables | |
| char * | g_tspHeaders = "Content-Type: application/timestamp-query" |
| char * | g_scvpHeaders = "Content-Type: application/scvp-cv-request" |
| char * | g_scvpValPolHeaders = "Content-Type: application/scvp-vp-request" |
| char * | g_ocspHeaders = "Content-Type: application/ocsp-request" |
| #define ACCEPTABLE | ( | a | ) | ( binVal[a] != 0xF0 ) |
| #define CERT_CRL_SIGN_KEY_USAGE 0x02 |
Definition at line 133 of file ToolkitUtils.cpp.
| #define CERT_DATA_ENCIPHERMENT_KEY_USAGE 0x10 |
| #define CERT_DECIPHER_ONLY_KEY_USAGE 0x80 |
| #define CERT_DIGITAL_SIGNATURE_KEY_USAGE 0x80 |
| #define CERT_ENCIPHER_ONLY_KEY_USAGE 0x01 |
| #define CERT_KEY_AGREEMENT_KEY_USAGE 0x08 |
| #define CERT_KEY_CERT_SIGN_KEY_USAGE 0x04 |
| #define CERT_KEY_ENCIPHERMENT_KEY_USAGE 0x20 |
| #define CERT_NON_REPUDIATION_KEY_USAGE 0x40 |
| #define CERT_OFFLINE_CRL_SIGN_KEY_USAGE 0x02 |
| #define RETURN | ( | rv | ) |
Value:
{ \
if (NULL != url) \
{ free(url); url = NULL; } \
return rv; \
}
| #define RETURN | ( | rv | ) |
Value:
{ \
if (NULL != headers) \
{ curl_slist_free_all(headers); } \
if (NULL != hCurl) \
{ curl_easy_cleanup(hCurl); } \
return rv; \
}
| #define STRCASECMP strcasecmp |
Definition at line 109 of file ToolkitUtils.cpp.
Referenced by BuildCACX509V3AttributeTypeAndValue().
| CAC_API void AddCacheColleague | ( | IPKIFMediatorPtr & | m, | |
| IPKIFColleaguePtr & | c | |||
| ) |
Interface: External
This function will add the colleague which was passed in the c parameter to the cache mediator in m.
| m | [in/out] A pointer to a Mediator object to which the cache colleague will be added. |
| c | [in] A pointer to a Colleague object that will be added to the mediator. |
Definition at line 337 of file ToolkitUtils.cpp.
References CPKIFCacheMediator2::AddColleague().
| int CAC_API atob | ( | char * | byteval, | |
| char * | ascval, | |||
| unsigned int * | alength | |||
| ) |
Interface: External
This function converts a NULL terminated ASCII hexadecimal string to binary. The buffer passed via byteval must be at least strlen(ascval)/2 in size.
| byteval | [in/out] Buffer |
| ascval | [in] A NULL terminated ASCII hexadecimal string which will be converted to binary. |
| alength | [in] Integer value |
Definition at line 2837 of file ToolkitUtils.cpp.
References ACCEPTABLE.
Referenced by _CompareCRLNumbers(), _Verify(), CPKIFNSSRepository::FindCertificates(), CPKIFCAPIUserRepository2::FindCertificates(), CPKIFCAPITrustStore2::FindCertificates(), CPKIFCAPIRepository2::FindCertificates(), GetBufferFromAscii(), CPKIFNSS::MakeKeyID(), CPKIFCNGCAPI::MakeKeyID(), and CPKIFCAPI2::MakeKeyID().
| void CAC_API btoa | ( | const char * | byteval, | |
| char * | ascval, | |||
| unsigned int | blength | |||
| ) |
Interface: External
This function converts a binary buffer into a NULL terminated ASCII hexadecimal string. The buffer passed via ascval must be at least (2*blength)+1 in size.
| byteval | [in] A pointer to a binary buffer. |
| ascval | [in/out] A pointer to a string to receive the value that was converted from binary. |
| blength | [in] An unsigned integer value. |
Definition at line 2903 of file ToolkitUtils.cpp.
Referenced by AddOcspDetailsToManifest(), CPKIFNSSCredential::CPKIFNSSCredential(), DisplayCertificateDetails(), EncodeDSASignature(), GetBufAsAscii(), GetBufferAsAscii(), GetThumbprint(), GetThumbprintForSubjectAndIssuerPair(), CPKIFPathLogger::LogPath(), operator<<(), CPKIFGeneralCRLDetailsPanel::PopulateListExtensions(), CPKIFCapiCRLEntry::SerialNumber(), and CPKIFName::ToString().
| void BuildCACX509V3AttributeTypeAndValue | ( | char * | attrTypeAndValue, | |
| CACX509V3AttributeTypeAndValue * | cacx509v3atadv | |||
| ) |
Interface: Subsystem
This is a helper function that takes a char* to an attribute type and value string from an RDN (e.g. "cn=Joe") and returns ptr to populated CACX509V3AttributeTypeAndValue
| CPKIFException(COMMON_INVALID_INPUT) |
| attrTypeAndValue | [in] Pointer to a buffer containing an attribute type and value string from an RDN |
| cacx509v3atadv | [out] Pointer to CACX509V3AttributeTypeAndValue object |
Definition at line 1876 of file ToolkitUtils.cpp.
References CACASNWRAPPER_CREATE, COMMON_INVALID_INPUT, ConvertStringToASN1OBJID(), CopyOID(), MAXOID, STRCASECMP, and TOOLKIT_UTILS.
Referenced by BuildCACX509V3RelativeDistinguishedName().
| void BuildCACX509V3DistinguishedName | ( | unsigned char * | dn, | |
| CACX509V3DistinguishedName * | cacx509v3dn | |||
| ) |
Interface: Subsystem
This is a helper function that constructs a DistinguishedName
| CPKIFException(COMMON_INVALID_INPUT) |
| dn | [in] Pointer to a buffer containing a NULL-terminated string representation of a distinguished name |
| cacx509v3dn | [out] A pointer to CACX509V3DistinguishedName |
Definition at line 1517 of file ToolkitUtils.cpp.
References BuildCACX509V3RelativeDistinguishedName(), CACASNWRAPPER_CREATE, COMMON_INVALID_INPUT, NEW_NEXT_AND_ADVANCE, NEW_NODE, PKIFNameMemoryHelper::pCACX509V3RDN, SET_HEAD_TAIL_INCREMENT, and TOOLKIT_UTILS.
Referenced by GetEncGenNameFromStr(), GetPKIFGenNameFromStr(), and GetPKIFNameFromStr().
| void BuildCACX509V3RelativeDistinguishedName | ( | unsigned char * | rdn, | |
| CACX509V3RelativeDistinguishedName * | cacx509v3rdn | |||
| ) |
Interface: Subsystem
This is a
| CPKIFException(COMMON_INVALID_INPUT) |
| rdn | [in] Pointer to a buffer containing a NULL-terminated string representation of a relative distinguished name |
| cacx509v3rdn | A pointer to CACX509V3RelativeDistinguishedName |
Definition at line 1702 of file ToolkitUtils.cpp.
References BuildCACX509V3AttributeTypeAndValue(), COMMON_INVALID_INPUT, NEW_NEXT_AND_ADVANCE, NEW_NODE, SET_HEAD_TAIL_INCREMENT, and TOOLKIT_UTILS.
Referenced by BuildCACX509V3DistinguishedName().
| bool CertIsSelfIssued | ( | const CPKIFCertificatePtr & | cert | ) |
Interface: External
This is a helper function that determines if the certificat eis self issued
| cert | [in] A reference to a smart pointer to CPKIFCertificate object |
Definition at line 2704 of file ToolkitUtils.cpp.
Referenced by _GetCRLIssuersCert(), and CPKIFDefaultScoring::ScoreAndSortNodes().
| void CollectNamesFromCRLDP | ( | const CPKIFCertificatePtr & | cert, | |
| CPKIFGeneralNameList & | namesFromCert | |||
| ) |
Interface: Subsystem
This is a helper function that extracts GeneralNames from CRLDP
| cert | [in] A reference to a smart pointer to CPKIFCertificate from which the CRLDP will be obtained |
| namesFromCert | [out] A reference to CPKIFGeneralNameList object that will contain the GeneralNames |
Definition at line 2717 of file ToolkitUtils.cpp.
References CPKIFGeneralName::DIRECTORYNAME, GetPKIFNameFromStr(), PKIFLDAP::ldap_free_urldesc(), PKIFLDAP::ldap_url_parse(), and CPKIFGeneralName::URI.
| std::string DecodeIPAndMask | ( | const CPKIFBufferPtr & | encodedIP | ) |
Interface: Module
Helper function to decode encoded IPs
| encodedIP | [in] Encoded IP |
Definition at line 3724 of file ToolkitUtils.cpp.
Referenced by operator<<().
| void CAC_API EKUChecker_OcspSigning | ( | const CPKIFCertificateNodeEntryPtr & | certNode, | |
| CPKIFPathValidationResults & | results, | |||
| CertificateType | type | |||
| ) |
Interface: Subsystem
This function processes the extended key usage extension of the certificate pointed to by certNode, confirming that id-kp-OCSPSigning ("1.3.6.1.5.5.7.3.9") is present. If the extension is present and has the correct value, the certNode will mark that extension as processed.
| certNode | [in] The certificate to process. |
| results | [in] Not processed. |
| type | [in] The certificate type. |
Definition at line 3671 of file ToolkitUtils.cpp.
References PKIFENUMS::EE, g_anyEKU, g_ocspSigningEKU, LOG_STRING_DEBUG, GottaMatch< T >::SetRHS(), and TOOLKIT_TSP_TIMESTAMP_VERIFIER.
| void CAC_API EKUChecker_Timestamp | ( | const CPKIFCertificateNodeEntryPtr & | certNode, | |
| CPKIFPathValidationResults & | results, | |||
| CertificateType | type | |||
| ) |
Interface: Subsystem
This function processes the extended key usage extension of the certificate pointed to by certNode, confirming that id-kp-timeStamping ("1.3.6.1.5.5.7.3.8") is present. If the extension is present and has the correct value, the certNode will mark that extension as processed.
| certNode | [in] The certificate to process. |
| results | [in] Not processed. |
| type | [in] The certificate type. |
Definition at line 3615 of file ToolkitUtils.cpp.
References PKIFENUMS::EE, g_anyEKU, g_timestampingEKU, LOG_STRING_DEBUG, GottaMatch< T >::SetRHS(), and TOOLKIT_TSP_TIMESTAMP_VERIFIER.
| CPKIFBufferPtr CAC_API EncodeCPKIFNameAsGenName | ( | const CPKIFNamePtr & | name | ) |
| name | [in] A refernece to a smart pointer to a buffer containing distinguished name |
Definition at line 1421 of file ToolkitUtils.cpp.
References CACASNWRAPPER_CREATE.
Referenced by CPKIFGeneralName::CPKIFGeneralName().
| CPKIFBufferPtr CAC_API EncodeGeneralName | ( | CPKIFGeneralNamePtr & | gn | ) |
Interface: External
This function frees memory used by OOCTXT structure. These structures are created and used internally. Applications need not invoke this function. The OOCTXT structure is defined as follows.
//typedef struct _OOCTXT { // ASN.1 context block
//
// ASN1BUFFER buffer; // data buffer
// ASN1BUFSAVE savedInfo; // saved buffer info
// ASN1ErrInfo errInfo; // run-time error info
// ASN1MemBlk* memBlk_p; // memory block list
// OSUINT32 initCode; // code double word to indicate init
// OSUINT16 flags; // flag bits
// DList fieldList; // PER field list
// Asn1SizeCnst* pSizeConstraint; // Size constraint list
// const char* pCharSet; // String of permitted characters
// Asn1RTStack nameStack; // Element name stack
// DList evtHndlrList; // Event handler object list
// void* errHndlrCB; // Error handler callback function
//
//} OOCTXT;
//
| CPKIFException(COMMON_INVALID_INPUT) |
| gn | [in] A smart pointer to CPKIFGeneralName object. |
Definition at line 2562 of file ToolkitUtils.cpp.
References CACASNWRAPPER_CREATE, COMMON_INVALID_INPUT, CopyGeneralName(), CPKIFGeneralName::NOTSET, PKIFNameMemoryHelper::pCACX509V3GN, and TOOLKIT_UTILS.
| void FormatErrorMessage | ( | std::string & | result, | |
| const char * | primaryMessage, | |||
| unsigned int | code, | |||
| const char * | file, | |||
| int | lineNum | |||
| ) |
Interface: Subsystem
This function is not used by applications. It is used only in debug builds of PKIF to support internal testing.
| result | [in] String containing the result. |
| primaryMessage | [in] A NULL terminated string. |
| code | [in] Integer value which indicated error code. |
| file | [in] A NULL terminated string. |
| lineNum | [in] Integer value indicating the line number where the error occurred. |
Definition at line 2929 of file ToolkitUtils.cpp.
Referenced by SimpleCRLCache::GetCRLs(), CPKIFCNGCAPI::MakeKeyID(), CPKIFCAPI2::MakeKeyID(), and CPKIFCAPI2::Sign().
| void FreeAdditionalModules | ( | std::vector< IPKIFColleague * > & | modules, | |
| IPKIFMediator * | mediator | |||
| ) |
Interface: External
This is a helper function that frees modules
| modules | [in]A vector containing the list of modules |
| mediator | [in]Pointer to an IPKIFMediator object |
Definition at line 3045 of file ToolkitUtils.cpp.
Referenced by CPKIFX509ExtensionMediator2::Terminate().
| void FreeAdditionalModules2 | ( | std::vector< IPKIFColleague * > & | modules, | |
| IPKIFMediator * | mediator, | |||
| std::vector< void(*)(void *)> & | vDeleteFuncs | |||
| ) |
Interface: Subsystem
This is a helper function that frees modules
| modules | [in]A vector containing the list of modules |
| mediator | [in]Pointer to an IPKIFMediator object |
| vDeleteFuncs | [in] A vector that contains delete functions |
Definition at line 3077 of file ToolkitUtils.cpp.
| void CAC_API FreeDefaultMediator | ( | IPKIFMediator * | p | ) |
Interface: External
This function deletes the pointer passed via p. The object pointed to by p should have been created using MakeDefaultMediator. This function must not be used to delete application-allocated objects if the application is built using a different C runtime library, e.g. different heap, than PKIF.
| p | [in] Pointer to an IPKIFMediator object to delete |
Definition at line 700 of file ToolkitUtils.cpp.
References ShutdownCrypto().
| void CAC_API FreeDefaultMediatorNSS | ( | IPKIFMediator * | p | ) |
Interface: External
This function deletes the pointer passed via p. The object pointed to by p should have been created using MakeDefaultMediatorNSS. This function must not be used to delete application-allocated objects if the application is built using a different C runtime library, e.g. different heap, than PKIF.
| p | [in] Pointer to an IPKIFMediator object to delete |
Definition at line 901 of file ToolkitUtils.cpp.
References ShutdownCrypto().
| void FreeGeneralName | ( | CACX509V3GeneralName & | objName | ) |
Interface: Subsystem
This function frees the contents of the object that was passed as a parameter.
| objName | [in] A reference to CACX509V3GeneralName object. |
Definition at line 2641 of file ToolkitUtils.cpp.
References FreeName().
| void FreeName | ( | CACX509V3Name ** | dest | ) |
Interface: Subsystem
This function frees memory allocated by name creation functions
| dest | [in] A pointer to an object that will be freed |
Definition at line 2603 of file ToolkitUtils.cpp.
Referenced by FreeGeneralName().
| CAC_API IPKIFCertRepository* Get_IPKIFCertRepository | ( | IPKIFMediatorPtr & | m | ) |
Interface: External
This function is used to obtain a pointer to the IPKIFCertRepository interface of an IPKIFMediator object.
| m | [in] Pointer to a mediator object. |
Definition at line 150 of file ToolkitUtils.cpp.
| CAC_API IPKIFCertRepositoryUpdate* Get_IPKIFCertRepositoryUpdate | ( | IPKIFMediatorPtr & | m | ) |
Interface: External
This function is used to obtain a pointer to the IPKIFCertRepositoryUpdate interface of an IPKIFMediator object.
| m | [in] Pointer to a mediator object. |
Definition at line 163 of file ToolkitUtils.cpp.
| CAC_API IPKIFCertSearch* Get_IPKIFCertSearch | ( | IPKIFMediatorPtr & | m | ) |
Interface: External
This function is used to obtain a pointer to the IPKIFCertSearch interface of an IPKIFMediator object.
| m | [in] Pointer to a mediator object. |
Definition at line 176 of file ToolkitUtils.cpp.
| CAC_API IPKIFCRLRepository* Get_IPKIFCRLRepository | ( | IPKIFMediatorPtr & | m | ) |
Interface: External
This function is used to obtain a pointer to the IPKIFCRLRepository interface of an IPKIFMediator object.
| m | [in] Pointer to a mediator object. |
Definition at line 189 of file ToolkitUtils.cpp.
| CAC_API IPKIFCRLRepositoryUpdate* Get_IPKIFCRLRepositoryUpdate | ( | IPKIFMediatorPtr & | m | ) |
Interface: External
This function is used to obtain a pointer to the IPKIFCRLRepositoryUpdate interface of an IPKIFMediator object.
| m | [in] Pointer to a mediator object. |
Definition at line 202 of file ToolkitUtils.cpp.
| CAC_API IPKIFCryptoAlgSupport* Get_IPKIFCryptoAlgSupport | ( | IPKIFMediatorPtr & | m | ) |
Interface: External
This function is used to obtain a pointer to the IPKIFCryptoAlgSupport interface of an IPKIFMediator object.
| m | [in] Pointer to a mediator object. |
Definition at line 295 of file ToolkitUtils.cpp.
| CAC_API IPKIFCryptoKeyIDOperations* Get_IPKIFCryptoKeyIDOperations | ( | IPKIFMediatorPtr & | m | ) |
Interface: External
This function is used to obtain a pointer to the IPKIFCryptoKeyIDOperations interface of an IPKIFMediator object.
| m | [in] Pointer to a mediator object. |
Definition at line 256 of file ToolkitUtils.cpp.
| CAC_API IPKIFCryptoKeyManagement* Get_IPKIFCryptoKeyManagement | ( | IPKIFMediatorPtr & | m | ) |
Interface: External
This function is used to obtain a pointer to the IPKIFCryptoKeyManagement interface of an IPKIFMediator object.
| m | [in] Pointer to a mediator object. |
Definition at line 243 of file ToolkitUtils.cpp.
| CAC_API IPKIFCryptoMisc* Get_IPKIFCryptoMisc | ( | IPKIFMediatorPtr & | m | ) |
Interface: External
This function is used to obtain a pointer to the IPKIFCryptoMisc interface of an IPKIFMediator object.
| m | [in] Pointer to a mediator object. |
Definition at line 269 of file ToolkitUtils.cpp.
| CAC_API IPKIFCryptoRawOperations* Get_IPKIFCryptoRawOperations | ( | IPKIFMediatorPtr & | m | ) |
Interface: External
This function is used to obtain a pointer to the IPKIFCryptoRawOperations interface of an IPKIFMediator object.
| m | [in] Pointer to a mediator object. |
Definition at line 282 of file ToolkitUtils.cpp.
| CAC_API IPKIFDefaultPathManagement* Get_IPKIFDefaultPathManagement | ( | IPKIFMediatorPtr & | m | ) |
Interface: External
This function is used to obtain a pointer to the IPKIFDefaultPathManagement interface of an IPKIFMediator object.
| m | [in] Pointer to a mediator object. |
Definition at line 310 of file ToolkitUtils.cpp.
| CAC_API IPKIFTrustCache* Get_IPKIFTrustCache | ( | IPKIFMediatorPtr & | m | ) |
Interface: External
This function is used to obtain a pointer to the IPKIFTrustCache interface of an IPKIFMediator object.
| m | [in] Pointer to a mediator object. |
Definition at line 215 of file ToolkitUtils.cpp.
| CAC_API IPKIFTrustCacheUpdate* Get_IPKIFTrustCacheUpdate | ( | IPKIFMediatorPtr & | m | ) |
Interface: External
This function is used to obtain a pointer to the IPKIFTrustCacheUpdate interface of an IPKIFMediator object.
| m | [in] Pointer to a mediator object. |
Definition at line 228 of file ToolkitUtils.cpp.
| AlgClass GetAlgClass | ( | const CPKIFAlgorithmIdentifierPtr & | alg | ) |
Interface: External
This function is used to determine if the algorithm is RSA or DSA.
enum AlgClass
{
DSA_CLASS, RSA_CLASS, ECDSA_CLASS };
| CPKIFException(COMMON_UNSUPPORTED_ALG) |
| alg | [in] A smart pointer to CPKIFAlgorithmIdentifierPtr object |
Definition at line 1370 of file ToolkitUtils.cpp.
References COMMON_UNSUPPORTED_ALG, DSA_CLASS, ECDSA_CLASS, g_dsa, g_dsaWithSHA1, g_ecc, g_ecdsa_sha1, g_ecdsa_sha224, g_ecdsa_sha256, g_ecdsa_sha384, g_ecdsa_sha512, g_md2WithRSAEncryption, g_md5WithRSAEncryption, g_rsa, g_sha1WithRSAEncryption, g_sha224WithRSAEncryption, g_sha256WithRSAEncryption, g_sha384WithRSAEncryption, g_sha512WithRSAEncryption, RSA_CLASS, and TOOLKIT_UTILS_SUBCOMPONENT.
Referenced by CPKIFPathBasicChecks2::DoChecks(), GetSignerInfo(), PathSigChecker(), CPKIFDefaultScoring::ScoreAndSortNodes(), CPKIFCAPI2::Sign(), and CPKIFCNGCAPIRaw::SupportsAlgorithm().
| bool CAC_API GetCACHashAlg | ( | const CPKIFOIDPtr & | alg, | |
| PKIFCRYPTO::HASH_ALG * | hashAlg | |||
| ) |
Interface: External
This function takes a smart pointer to a CPKIFOID object and based on the oid creates HASH_ALG enum.
| alg | [in] A smart pointer to CPKIFOID object |
| hashAlg | [in/out] A pointer to a HASH_ALG enum |
Definition at line 1401 of file ToolkitUtils.cpp.
References CPKIFAlgorithm::GetAlg(), and CPKIFAlgorithm::HashAlg().
Referenced by ComputeSignedAttrHash(), Countersign(), PathSigChecker(), CPKIFParallelHash::SetDigestAlgs(), CPKIFTimestampVerifier::Verify(), and VerifyCounterSignatures().
| CPKIFStringPtr GetCertInfo | ( | CPKIFCertificatePtr & | targetCert | ) |
Interface: Subsystem
This is a helper function that extracts Issuer DN, Serial number, Subject DN and puts it into a string.
| targetCert | [in] A reference to a smart pointer to CPKIFCertificate that contains the certificate from which the information will be extracted |
Definition at line 2676 of file ToolkitUtils.cpp.
Referenced by AuditPathEvent().
| CPKIFBufferPtr GetEncGenNameFromStr | ( | unsigned char * | name, | |
| int | nameType | |||
| ) |
Interface: External
This function takes a pointer to a NULL terminated string representation of a general name and returns an encoded general name.
When specifying an ip address string that is passed in can be of this format: 10.60.100.62/255.255.255.0 If both mask and ip address is included they have to be separated by / if only ip address is included / is not needed.
This function is used internally. The acceptable values that may be passed via the nameType parameter are defined in the internal header file CertificateExtensions.h. The values are given below for convenience:
define T_CACX509V3GeneralName_otherName 1 define T_CACX509V3GeneralName_rfc822Name 2 define T_CACX509V3GeneralName_dNSName 3 define T_CACX509V3GeneralName_x400Address 4 define T_CACX509V3GeneralName_directoryName 5 define T_CACX509V3GeneralName_ediPartyName 6 define T_CACX509V3GeneralName_uniformResourceIdentifier 7 define T_CACX509V3GeneralName_iPAddress 8 define T_CACX509V3GeneralName_registeredID 9
Other values will result in a CPKIFException containing the error code COMMON_INVALID_INPUT. There is no support for the EDI party name form.
| CPKIFException(COMMON_INVALID_INPUT) |
| name | [in] Pointer to a buffer containing a NULL-terminated string representation of a distinguished name |
| nameType | [in] Integer value indicating the type of general name present in the name parameter |
Definition at line 2311 of file ToolkitUtils.cpp.
References BuildCACX509V3DistinguishedName(), CACASNWRAPPER_CREATE, COMMON_INVALID_INPUT, ConvertStringToASN1OBJID(), CopyOID(), PKIFNameMemoryHelper::pCACX509V3GN, split(), and TOOLKIT_UTILS.
| CAC_API char* GetErrorCodeString | ( | int | errorCode, | |
| char * | buf | |||
| ) |
Interface: External
This function takes an integer error code and an application allocated buffer, resolves the error code to a string description (if possible), copies the string description into the buffer and returns a pointer to the buffer.
| errorCode | [in] Integer containing the error code for which a string description is sought |
| buf | [in] Pointer to a buffer containing at least MAX_ERROR_CODE_STRING_SIZE bytes in size to receive the string description of the error code passed via errorCode |
Definition at line 3117 of file ToolkitUtils.cpp.
References ASN1_DECODE_ERROR, ASN1_ENCODE_ERROR, ASN1_INVALID_PERIOD, ASN1_INVALID_TIME, ASN1_UNRECOGNIZED_TIME_FORMAT, CACHE_CERT_STORE_OPEN_FAILED, CACHE_LDAP_CONNECT_AND_BIND_FAILED, CACHE_LDAP_ERROR, CACHE_PARSE_ERROR, CACHE_TRUST_STORE_OPEN_FAILED, CACHE_UPDATE_FAILED, COMMON_ALREADY_INITIALIZED, COMMON_INITIALIZATION_FAILED, COMMON_INVALID_INPUT, COMMON_MEDIATOR_MISSING, COMMON_MEMORY_ALLOC_FAILURE, COMMON_NOT_IMPLEMENTED, COMMON_NOT_INITIALIZED, COMMON_OPERATION_NOT_HANDLED, COMMON_OPERATION_NOT_SUCCESSFUL, COMMON_TERMINATION_ERROR, COMMON_UNKNOWN_ERROR, COMMON_UNSUPPORTED_ALG, COMMON_UNSUPPORTED_CHOICE, COMMON_UNSUPPORTED_VERSION, COMMON_URL_OPERATION_FAILED, COMMON_URL_TOO_BIG, CRYPTO_ALG_NOT_SUPPORTED, CRYPTO_DECRYPT_FAILED, CRYPTO_DEFAULT_KEY_TYPE_UNKNOWN, CRYPTO_ENCRYPT_FAILED, CRYPTO_KEY_USAGE_NOT_COMPATIBLE, CRYPTO_MISSING_IV, CRYPTO_MODE_NOT_SUPPORTED, CRYPTO_SIGN_FAILED, CRYPTO_UNRECOGNIZED_CREDENTIAL, CRYPTO_VERIFY_FAILED, MSG_DECODE_FAILED, MSG_ENCODE_FAILED, MSG_INCOMPLETE, MSG_INVALID_CREDENTIAL, MSG_INVALID_INDEX, MSG_INVALID_RECIP, MSG_INVALID_STATE, MSG_MISSING_PARAMS, MSG_NO_CERTIFICATE, MSG_SIGNATURE_GENERATION_ERROR, MSG_SYMKEY_DECRYPT_FAILED, OCSP_AIA_URL_PARSE_FAILED, OCSP_FAILED_TO_OBTAIN_RESPONSE, OCSP_MISSING_REQUIRED_FIELD, OCSP_NEXT_UPDATE_PASSED, OCSP_NO_RESPONSE_BODY, OCSP_NONCE_MISMATCH, OCSP_NONCE_MISSING, OCSP_PATH_BUILDING_FAILED, OCSP_PATH_STATUS_NOT_DETERMINED, OCSP_PATH_VALIDATION_FAILED, OCSP_RECEIVED_NON_SUCCESSFUL_RESPONSE, OCSP_RESPONDER_IS_TARGET, OCSP_RESPONDER_NOT_AUTHORIZED, OCSP_RESPONSE_SIG_VERIFICATION_FAILED, OCSP_SIGNER_MISMATCH, OCSP_STATUS_NOT_SUFFICIENTLY_RECENT, OCSP_TARGET_RESPONSE_NOT_INCLUDED, OCSP_TIME_CHECK_FAILED, OCSP_UNKNOWN_CERT_STATUS, OCSP_UNPROCESSED_CRITICAL_EXTENSION, OCSP_UNRECOGNIZED_CHOICE, OCSP_UNSUPPORTED_RESPONSE_TYPE, PATH_ALG_CHAINING_FAILURE, PATH_APP_DEFINED_CHECK_FAILED, PATH_BASIC_CONSTRAINTS_VIOLATION, PATH_CERT_REVOCATION_STATUS_NOT_DETERMINED, PATH_CERT_REVOKED, PATH_KEY_USAGE_VIOLATION, PATH_LENGTH_VIOLATION, PATH_NAME_CHAINING_VIOLATION, PATH_NAME_CONSTRAINTS_VIOLATION, PATH_NULL_AUTH_POLICY_SET, PATH_NULL_USER_POLICY_SET, PATH_SIGNATURE_VERIFICATION_FAILED, PATH_TRUST_ROOT_NO_CERT, PATH_TRUST_ROOT_NOT_SET, PATH_UNPROCESSED_CRITICAL_EXTENSION, PATH_VALIDITY_PERIOD_VIOLATION_EXPIRED, PATH_VALIDITY_PERIOD_VIOLATION_NOT_YET_VALID, PKIFCAPI_ACQUIRE_CONTEXT_FAILED, PKIFCAPI_CREATE_CERT_FAILED, PKIFCAPI_CREATE_HASH_FAILED, PKIFCAPI_DECRYPT_FAILED, PKIFCAPI_EMPTY_HASH_CONTEXT, PKIFCAPI_FAILED_TO_OPEN_CERT_STORE, PKIFCAPI_GEN_RANDOM_FAILED, PKIFCAPI_GET_NAME_FAILED, PKIFCAPI_GET_USER_KEY_FAILED, PKIFCAPI_INCORRECT_HASH_CONTEXT, PKIFCAPI_INVALID_HASH_STATE, PKIFCAPI_KEY_IMPORT_FAILED, PKIFCAPI_KEY_MATERIAL_NOT_SUPPORTED, PKIFCAPI_KEY_PROV_INFO_FAILED, PKIFCAPI_MISC_HASH_CALL_FAILED, PKIFCAPI_NO_KEY_ASSOCIATED, PKIFCAPI_SESSION_KEY_ENCRYPT_FAILED, PKIFCAPI_SET_IV_FAILED, PKIFCAPI_SET_MODE_FAILED, PKIFCAPI_SET_PASSWORD_FAILED, PKIFCAPI_SIGN_FAILED, and PKIFCAPI_VERIFY_FAILED.
Referenced by CPKIFPathLogger::LogPath(), LogString(), and CPKIFPathLogger::LogValidationResults().
| CPKIFAlgorithmIdentifierPtr CAC_API GetHashAlgAI | ( | PKIFCRYPTO::HASH_ALG | hashAlgorithm | ) |
Interface: External
This function creates a CPKIFAlgorithmIdentifier object based on the data pased by HASH_ALG parameter and returns a pointer to it.
| hashAlgorithm | [in] enum which identifies the hash algorithm |
Definition at line 1331 of file ToolkitUtils.cpp.
References g_md5AI, g_sha1AI, g_sha256AI, g_sha384AI, g_sha512AI, PKIFCRYPTO::MD5, PKIFCRYPTO::SHA1, PKIFCRYPTO::SHA256, PKIFCRYPTO::SHA384, and PKIFCRYPTO::SHA512.
Referenced by CPKIFMessageImprint::HashAndSet().
| CPKIFGeneralNamePtr GetPKIFGenNameFromStr | ( | unsigned char * | name, | |
| int | nameType | |||
| ) |
Interface: External
This function takes a pointer to a NULL terminated string representation of a general name and returns a smart pointer to a CPKIFGeneralName object.
When specifying an ip address string that is passed in can be of this format: 10.60.100.62/255.255.255.0 If both mask and ip address is included they have to be separated by / if only ip address is included / is not needed.
This function is used internally. The acceptable values that may be passed via the nameType parameter are defined in the internal header file CertificateExtensions.h. The values are given below for convenience:
define T_CACX509V3GeneralName_otherName 1 define T_CACX509V3GeneralName_rfc822Name 2 define T_CACX509V3GeneralName_dNSName 3 define T_CACX509V3GeneralName_x400Address 4 define T_CACX509V3GeneralName_directoryName 5 define T_CACX509V3GeneralName_ediPartyName 6 define T_CACX509V3GeneralName_uniformResourceIdentifier 7 define T_CACX509V3GeneralName_iPAddress 8 define T_CACX509V3GeneralName_registeredID 9
Other values will result in a CPKIFException containing the error code COMMON_INVALID_INPUT. There is no support for the EDI party name form.
| CPKIFException(COMMON_INVALID_INPUT) |
| name | [in] Pointer to a buffer containing a NULL-terminated string representation of a distinguished name |
| nameType | [in] Integer value indicating the type of general name present in the name parameter |
Definition at line 2072 of file ToolkitUtils.cpp.
References BuildCACX509V3DistinguishedName(), CACASNWRAPPER_CREATE, COMMON_INVALID_INPUT, ConvertStringToASN1OBJID(), CopyOID(), PKIFNameMemoryHelper::pCACX509V3GN, split(), and TOOLKIT_UTILS.
Referenced by CPKIFNameConstraintsEntryDlg::GetNameConstraint().
| CPKIFNamePtr CAC_API GetPKIFNameFromStr | ( | unsigned char * | dn | ) |
Interface: External
This function takes a pointer to a NULL terminated string representation of a distinguished name (e.g. c=US, o=Some Company, ou=Some Division, cn=Some Person) and returns a smart pointer to a CPKIFName object.
| CPKIFException(COMMON_INVALID_INPUT) |
| dn | [in] Pointer to a buffer containing a NULL-terminated string representation of a distinguished name |
Definition at line 1470 of file ToolkitUtils.cpp.
References BuildCACX509V3DistinguishedName(), CACASNWRAPPER_CREATE, COMMON_INVALID_INPUT, PKIFNameMemoryHelper::pCACX509V3Name, and TOOLKIT_UTILS.
Referenced by CollectNamesFromCRLDP(), and CPKIFNameBasedSearch::SetStringName().
| BOOL CAC_API GetRequest | ( | const char * | pstrURL, | |
| CPKIFBufferPtr & | resp | |||
| ) |
Interface: Subsystem
This is a helper function that calls PostRequestURL
| pstrURL | [in] Pointer to a buffer containing the NULL-terminated host name or IP address of the server to which the request passed via encReq should be posted |
| resp | [out] A reference to a smart pointer to CPKIFBuffer containing the OCSP response |
Definition at line 1232 of file ToolkitUtils.cpp.
References PKIF_NONE, and PostRequestURL().
Referenced by RetrieveCertGivenHTTPURL(), and RetrieveCRLGivenHTTPURL().
| void CAC_API keyUsageChecker_AnyEE | ( | const CPKIFCertificateNodeEntryPtr & | certNode, | |
| CPKIFPathValidationResults & | results, | |||
| CertificateType | type | |||
| ) |
GIB: move to ToolkitUtils since it's used outside CMS Interface: Subsystem
This function is intended for use as a functor for use during path validation to handle key usage extensions with any bits set. This function will extract the certificate from the certNode parameter and mark the key usage extension present in the certificate as processed if present the extension is present and any bits are set.
| certNode | [in] Pointer to the certificate node |
| results | [in] Reference to a CPKIFPathValidationResults object containing the result information that should be written to the log |
| type | [in] CertificateType value indicating the type of certificate, e.g. EE or CA |
Definition at line 3585 of file ToolkitUtils.cpp.
References PKIFENUMS::EE.
| bool keyUsageTest | ( | BYTE | keyUse[2], | |
| bitset< 9 > * | ku | |||
| ) |
Interface: Subsystem
This is a helper function that determines if key usage equeals to one of the following:
CERT_DIGITAL_SIGNATURE_KEY_USAGE CERT_NON_REPUDIATION_KEY_USAGE CERT_KEY_ENCIPHERMENT_KEY_USAGE CERT_DATA_ENCIPHERMENT_KEY_USAGE CERT_KEY_AGREEMENT_KEY_USAGE CERT_KEY_CERT_SIGN_KEY_USAGE CERT_OFFLINE_CRL_SIGN_KEY_USAGE CERT_ENCIPHER_ONLY_KEY_USAGE CERT_DECIPHER_ONLY_KEY_USAGE
Definition at line 2979 of file ToolkitUtils.cpp.
References CERT_DATA_ENCIPHERMENT_KEY_USAGE, CERT_DECIPHER_ONLY_KEY_USAGE, CERT_DIGITAL_SIGNATURE_KEY_USAGE, CERT_ENCIPHER_ONLY_KEY_USAGE, CERT_KEY_AGREEMENT_KEY_USAGE, CERT_KEY_CERT_SIGN_KEY_USAGE, CERT_KEY_ENCIPHERMENT_KEY_USAGE, CERT_NON_REPUDIATION_KEY_USAGE, and CERT_OFFLINE_CRL_SIGN_KEY_USAGE.
Referenced by CPKIFNSS::GetKeyList(), CPKIFCNGCAPI::GetKeyList(), and CPKIFCAPI2::GetKeyList().
| CAC_API IPKIFMediatorPtr MakeDefaultMediator | ( | bool | isService, | |
| CPKIFOCSPCheckerPtr & | trustedResponder, | |||
| CPKIFOCSPCheckerPtr & | aiaColleague | |||
| ) |
Interface: External
This function creates a collection of mediators each containing the default colleague associations. When the isService parameter is true, all CAPI resources are targeted to CERT_SYSTEM_STORE_LOCAL_MACHINE resources instead of the default CERT_SYSTEM_STORE_CURRENT_USER resources. When a trustedResponder is specified, the provided CPKIFOCSPChecker object is placed at the front of the list of revocation information sources consulted when performing certification path validation. When a aiaColleague is specified, the provided CPKIFOCSPChecker object is used for AIA-based OCSP responders.
The following interfaces will be available via mediator objects returned by this function:
Crypto interfaces: IPKIFCryptoMisc, IPKIFCryptoKeyIDOperations, IPKIFDefaultKeyManagement, IPKIFCryptoRawOperations
Cache interfaces: IPKIFTrustCache, IPKIFCertRepository, IPKIFCertRepositoryUpdate, IPKIFCRLRepository, IPKIFCRLRepositoryUpdate, IPKIFCertSearch
Path interfaces: IPKIFPathValidate, IPKIFPathBuild, IPKIFDefaultPathManagement, IPKIFPathBuildAndValidate
Revocation status interfaces: IPKIFRevocationStatus
This function is TSP enforcing.
| CPKIFCacheException(CACHE_CERT_STORE_OPEN_FAILED) | ||
| CPKIFCacheException(COMMON_ALREADY_INITIALIZED) | ||
| CPKIFCryptoException(COMMON_ALREADY_INITIALIZED) | ||
| CPKIFPathException(COMMON_ALREADY_INITIALIZED) |
| isService | [in] Boolean value indicating that the requested mediator is intended for use in a Windows service |
| trustedResponder | [in] Pointer to a CPKIFOCSPChecker object that serves as a trusted responder |
| aiaColleague | [out] Pointer to a CPKIFOCSPChecker object that handles AIA-based responders. |
Definition at line 433 of file ToolkitUtils.cpp.
References g_defCACCAPIStore, g_defCACCAPITrustStore, CPKIFBCryptGuard::IsCNGAvailable(), LOG_STRING_DEBUG, and TOOLKIT_UTILS_SUBCOMPONENT.
| CAC_API IPKIFMediatorPtr MakeDefaultMediator | ( | bool | isService, | |
| CPKIFOCSPCheckerPtr & | trustedResponder | |||
| ) |
Interface: External
This function simple calls IPKIFMediatorPtr MakeDefaultMediator( bool isService, CPKIFOCSPCheckerPtr& trustedResponder, CPKIFOCSPCheckerPtr& aiaColleague) passing a NULL parameter for the aiaColleague parameters.
This function is TSP enforcing.
| CPKIFCacheException(CACHE_CERT_STORE_OPEN_FAILED) | ||
| CPKIFCacheException(COMMON_ALREADY_INITIALIZED) | ||
| CPKIFCryptoException(COMMON_ALREADY_INITIALIZED) | ||
| CPKIFPathException(COMMON_ALREADY_INITIALIZED) |
| isService | [in] Boolean value indicating that the requested mediator is intended for use in a Windows service |
| trustedResponder | [in] Pointer to a CPKIFOCSPChecker object that serves as a trusted responder |
Definition at line 388 of file ToolkitUtils.cpp.
References MakeDefaultMediator().
| CAC_API IPKIFMediatorPtr MakeDefaultMediator | ( | bool | isService | ) |
Interface: External
This function simple calls IPKIFMediatorPtr MakeDefaultMediator( bool isService, CPKIFOCSPCheckerPtr& trustedResponder, CPKIFOCSPCheckerPtr& aiaColleague) passing a NULL parameter for the trustedResponder and aiaColleague parameters.
This function is TSP enforcing.
| CPKIFCacheException(CACHE_CERT_STORE_OPEN_FAILED) | ||
| CPKIFCacheException(COMMON_ALREADY_INITIALIZED) | ||
| CPKIFCryptoException(COMMON_ALREADY_INITIALIZED) | ||
| CPKIFPathException(COMMON_ALREADY_INITIALIZED) |
| isService | [in] Boolean value indicating that the requested mediator is intended for use in a Windows service |
Definition at line 364 of file ToolkitUtils.cpp.
References MakeDefaultMediator().
Referenced by GetCredential(), MakeDefaultMediator(), and CPKIFCredentialSelectorDlg::OnInitDialog().
| CAC_API IPKIFMediatorPtr MakeDefaultMediatorNSS | ( | const char * | dbdir, | |
| CPKIFOCSPCheckerPtr & | trustedResponder, | |||
| CPKIFOCSPCheckerPtr & | aiaColleague | |||
| ) |
Interface: External
This function creates a collection of NSS only mediators. When a trustedResponder is specified, a CPKIFOCSPChecker object is created and placed at the front of the list of revocation information sources consulted when performing certification path validation. When a aiaColleague is specified, a CPKIFOCSPChecker object is created and used for AIA-based OCSP responders.
The following interfaces will be available via mediator objects returned by this function:
Crypto interfaces: IPKIFCryptoMisc, IPKIFCryptoKeyIDOperations, IPKIFDefaultKeyManagement, IPKIFCryptoRawOperations
Cache interfaces: IPKIFTrustCache, IPKIFCertRepository, IPKIFCertRepositoryUpdate, IPKIFCRLRepository, IPKIFCRLRepositoryUpdate, IPKIFCertSearch
Path interfaces: IPKIFPathValidate, IPKIFPathBuild, IPKIFDefaultPathManagement, IPKIFPathBuildAndValidate
Revocation status interfaces: IPKIFRevocationStatus
| CPKIFCacheException(COMMON_ALREADY_INITIALIZED) |
| dbdir | [in] A NULL terminated string containing the location of NSS db |
| trustedResponder | [in] Pointer to a CPKIFOCSPChecker object that serves as a trusted responder |
| aiaColleague | [in] Pointer to a CPKIFOCSPChecker object that handles AIA-based responders. |
Definition at line 774 of file ToolkitUtils.cpp.
| CAC_API IPKIFMediatorPtr MakeDefaultMediatorNSS | ( | const char * | db, | |
| CPKIFOCSPCheckerPtr & | trustedResponder | |||
| ) |
Interface: External
This function simply calls IPKIFMediatorPtr MakeDefaultMediatorNSS(const char *dbdir, CPKIFOCSPCheckerPtr& trustedResponder, CPKIFOCSPCheckerPtr& aiaColleague) passing an NULL pointer for the aiaColleague parameter.
| CPKIFCacheException(COMMON_ALREADY_INITIALIZED) |
Definition at line 739 of file ToolkitUtils.cpp.
References MakeDefaultMediatorNSS().
| CAC_API IPKIFMediatorPtr MakeDefaultMediatorNSS | ( | const char * | db | ) |
Interface: External
This function simply calls IPKIFMediatorPtr MakeDefaultMediatorNSS(const char *dbdir, CPKIFOCSPCheckerPtr& trustedResponder, CPKIFOCSPCheckerPtr& aiaColleague) passing an NULL pointer for the trustedResponder and aiaColleague parameters.
| CPKIFCacheException(COMMON_ALREADY_INITIALIZED) |
Definition at line 722 of file ToolkitUtils.cpp.
References MakeDefaultMediatorNSS().
Referenced by MakeDefaultMediatorNSS().
| BOOL CAC_API PostRequest | ( | CPKIFBufferPtr & | encTSR, | |
| CPKIFBufferPtr & | resp, | |||
| const char * | pstrServer, | |||
| int | port, | |||
| const char * | pstrObject, | |||
| PKIFServiceType | pst | |||
| ) |
Interface: External
This function is used to post requests to a server using HTTP. This function can be used to submit the following types of requests: timestamp (RFC3161), TAP (PKIX I-D), OCSP (RFC 2560).
The pst value is used to determine the headers that to use.
| encTSR | [in] Reference to a smart pointer to a CPKIFBuffer object containing the request to submit to the server identified by the pStrServer parameter |
| resp | [out] Reference to a smart pointer to a CPKIFBuffer object to receive the response from the server |
| pstrServer | [in] Pointer to a buffer containing the NULL-terminated host name or IP address of the server to which the request passed via encReq should be posted |
| port | [in] Integer indicating the port to which the request should be posted on the server identified by the pStrServer parameter |
| pstrObject | [in] Pointer to a NULL-terminated string indicating the object to which the request is being posted, e.g. a CGI script, or NULL |
| pst | [in] PKIFServiceType value indicating the type of request passed via encTSR |
Definition at line 1183 of file ToolkitUtils.cpp.
References COMMON_URL_OPERATION_FAILED, LOG_STRING_ERROR, PostRequestURL(), RETURN, and TOOLKIT_UTILS.
| BOOL CAC_API PostRequestURL | ( | CPKIFBufferPtr & | encTSR, | |
| CPKIFBufferPtr & | resp, | |||
| const char * | pstrURL, | |||
| PKIFServiceType | pst | |||
| ) |
Interface: External
This function is a convenience function that parses the URL passed via pStrURL and invoked the PostRequest function.
The pst value is used to determine the headers that to use.
The return value does not indicate the status of the request itself, e.g. the response returned via resp may indicate failure.
| encTSR | [in] Reference to a smart pointer to a CPKIFBuffer object containing the request to submit to the server identified by the pStrServer parameter |
| resp | [out] Reference to a smart pointer to a CPKIFBuffer object to receive the response from the server |
| pstrURL | [in] Pointer to a buffer containing the NULL-terminated host name or IP address of the server to which the request passed via encReq should be posted |
| pst | [in] PKIFServiceType value indicating the type of request passed via encTSR |
Definition at line 980 of file ToolkitUtils.cpp.
References PKIFHTTP::AddBlacklistedHttpServer(), COMMON_URL_OPERATION_FAILED, g_ocspHeaders, g_scvpHeaders, g_scvpValPolHeaders, g_tspHeaders, PKIFHTTP::IsHttpServerBlacklisted(), LOG_STRING_ERROR, PKIF_NONE, PKIF_OCSP, PKIF_SCVP, PKIF_SCVP_VAL_POL, PKIF_TSA, RETURN, TOOLKIT_UTILS, and WriteCB().
Referenced by CPKIFScvpPathBuildAndValidate::BuildAndValidatePath(), CPKIFScvpPathBuild::BuildPath(), IPKIFScvpClient::FetchValPol(), GetRequest(), and PostRequest().
| void RemoveParentRelationships | ( | std::vector< IPKIFColleaguePtr > & | modules, | |
| IPKIFMediator * | mediator | |||
| ) |
Interface: Subsystem
This is a helper function that removes parent relationship
| modules | [in]A vector containing the list of modules |
| mediator | [in]Pointer to an IPKIFMediator object |
Definition at line 3016 of file ToolkitUtils.cpp.
Referenced by CPKIFCacheMediator2::Terminate(), CPKIFRevocationStatusMediator2::Terminate(), CPKIFPathProcessingMediator2::Terminate(), and CPKIFCryptoMediator2::Terminate().
| void split | ( | const string & | text, | |
| string & | separators, | |||
| vector< string > & | words | |||
| ) |
Interface: External
Helper function that splits a string by a given separator
Definition at line 2026 of file ToolkitUtils.cpp.
Referenced by GetEncGenNameFromStr(), GetPKIFGenNameFromStr(), and stringtok().
| size_t WriteCB | ( | void * | ptr, | |
| size_t | size, | |||
| size_t | count, | |||
| void * | data | |||
| ) |
Interface: Module
This is a helper function that is used for curl operations
| ptr | Pointer |
| size | size_t |
| count | size_t |
| data | Pointer to data |
Definition at line 925 of file ToolkitUtils.cpp.
References CPKIFBuffer::AllocateBuffer(), COMMON_INVALID_INPUT, CPKIFBuffer::GetBuffer(), CPKIFBuffer::GetLength(), and TOOLKIT_UTILS.
Referenced by PostRequestURL().
| char* g_ocspHeaders = "Content-Type: application/ocsp-request" |
| char* g_scvpHeaders = "Content-Type: application/scvp-cv-request" |
| char* g_scvpValPolHeaders = "Content-Type: application/scvp-vp-request" |
| char* g_tspHeaders = "Content-Type: application/timestamp-query" |
1.5.6