Ejemplo n.º 1
0
std::vector<uint8_t> Buf1() {
  SequenceRecord_I_IO_I_t val1;
  memset(&val1, 0, sizeof(val1));
  val1.type = 1;
  val1.type3 = 3;
  SequenceRecord_I_IO_I_t val3;
  memset(&val3, 0, sizeof(val3));
  val3.type = -1;
  val3.type3 = -3;
  
  std::vector<uint8_t> buf(DEFAULT_BUF_SIZE);
  SetRecord_ISet_Seqs_of_seq_t rec;
  memset(&rec, 0, sizeof(rec));
  asn_set_add(&rec.set.field1, &val1);
  asn_set_add(&rec.set.field3, &val3);
  asn_enc_rval_t rval;
  rval = der_encode_to_buffer(&asn_DEF_SetRecord_ISet_Seqs_of_seq, &rec, (void*)buf.data(), buf.size());
  if (rval.encoded >= 0) {
    buf.resize(rval.encoded);
  } else {
    printf("cannot encode record in Buf1");
    exit(0);
  }
  return std::move(buf);
}
Ejemplo n.º 2
0
// Dodaj certyfikat do listy certyfikat�.
// Najpierw sprawd, czy taki jest obecny na licie
// Certyfikat jest umieszczany jako kopia !
long SignedData_add_Certificate(SignedData_t *sigData, Certificate_t *cert)
{
	long err = 0;
	CertificateChoices_t *cc = NULL;
	Certificate_t *cptr = NULL;
	if (( sigData == NULL ) || ( cert == NULL ))
		return ERR_WRONG_ARGUMENT;
	err = SignedData_is_Certificate(sigData, cert);
	if ( err < 0 )
		return err;
	if ( err == 1 )
		return 0;
	if ( sigData->certificates == NULL )
	{
		sigData->certificates = mallocStructure(sizeof(CertificateSet_t));
		if ( sigData->certificates == NULL )
			return ERR_NO_MEMORY;
//		memset(sigData->certificates, 0, sizeof(CertificateSet_t));
	}
	cc = mallocStructure(sizeof(CertificateChoices_t));
	if ( cc == NULL )
			return ERR_NO_MEMORY;
//	memset(cc, 0, sizeof(CertificateChoices_t));
	cc->present = CertificateChoices_PR_certificate;
	cptr = &cc->choice.certificate;
	/*cptr = NULL;*/
	asn_cloneContent(&asn_DEF_Certificate, (void *)cert, (void **)&cptr);
//	memmove(&(cc->choice), cert, sizeof(Certificate_t));

	if ( asn_set_add(&(sigData->certificates->list), cc) )
		return ERR_OPERATION_FAILED;
	return 0;
}
Ejemplo n.º 3
0
/*
 * Dodanie do listy algorytmow nowego algorytmu.
 * Funkcja przy dodawaniu sprawdza, czy dany algorytm juz istnieje,
 * jezeli stwierdzi istnienie, nie zwraca bledu.
 */
long SignedData_add_DigestAlgorithm(SignedData_t *sigData, DigestAlgorithmIdentifier_t *digest)
{
	long err = 0;
	long i;
	long *arcs = NULL;
	long arccnt;
	if (( sigData == NULL ) || ( digest == NULL ))
		return ERR_WRONG_ARGUMENT;
	arccnt = OID_to_ulong_alloc2(&(digest->algorithm), &arcs);
	if ( arccnt < 0 )
		return ERR_OPERATION_FAILED;
	// sprawdz, czy nie jest ju na liscie
	for (i =0; i<sigData->digestAlgorithms.list.count; i++)
	{
		AlgorithmIdentifier_t *aid = sigData->digestAlgorithms.list.array[i];
		if ( !AlgorithmIdentifier_cmp_OID(aid, arcs, arccnt) )
		{
			free(arcs);
			return 0;
		}
	}
	if ( asn_set_add(&(sigData->digestAlgorithms.list), digest) != 0 )
	{
		free(arcs);
		return ERR_OPERATION_FAILED;
	}
	free(arcs);
	return err;
}
Ejemplo n.º 4
0
// Dodanie listy CRL do struktury SignedData
// Struktura jest dodawana poprzez wykonanie kopiowania
long SignedData_add_CRL(SignedData_t *sigData, CertificateList_t *crl)
{
	RevocationInfoChoice_t *rc = NULL;
	CertificateList_t *clptr = NULL;
	if ((sigData == NULL) || (crl == NULL))
		return ERR_WRONG_ARGUMENT;
	if ( sigData->crls == NULL )
	{
		sigData->crls = mallocStructure(sizeof(RevocationInfoChoices_t));
		if ( sigData->crls == NULL )
			return ERR_NO_MEMORY;
//		memset(sigData->crls, 0, sizeof(RevocationInfoChoices_t));
	}
	rc = mallocStructure(sizeof(RevocationInfoChoice_t));
	if ( rc == NULL )
			return ERR_NO_MEMORY;
//	memset(rc, 0, sizeof(RevocationInfoChoice_t));
	rc->present = RevocationInfoChoice_PR_crl;
	clptr = &(rc->choice.crl);
	/*clptr=NULL;*/
	asn_cloneContent(&asn_DEF_CertificateList, (void *)crl, (void **)&clptr);
	if ( asn_set_add(&(sigData->crls->list), rc) )
		return ERR_OPERATION_FAILED;
	return 0;
}
Ejemplo n.º 5
0
// Dodaj certyfikat do listy certyfikat�.
// Najpierw sprawd, czy taki jest obecny na licie
// Certyfikat jest umieszczany jako kopia !
long EnvelopedData_add_Certificate(EnvelopedData_t *envData, Certificate_t *cert)
{
	long err = 0;
	CertificateChoices_t *cc = NULL;
	Certificate_t *cptr = NULL;

	if (( envData == NULL ) || ( cert == NULL ))
		return ERR_WRONG_ARGUMENT;
	err = EnvelopedData_is_Certificate(envData, cert);
	if ( err < 0 )
		return err;
	if ( err == 1 )
		return 0;
	// budowanie struktur zawierajacych
	if ( envData->originatorInfo == NULL )
		envData->originatorInfo = mallocStructure(sizeof(OriginatorInfo_t));
	if ( envData->originatorInfo == NULL )
		return ERR_NO_MEMORY;
	envData->originatorInfo->certs = mallocStructure(sizeof(CertificateSet_t));
	if ( envData->originatorInfo->certs == NULL )
		return ERR_NO_MEMORY;
	// budowanie struktury dla certyfikatu
	cc = mallocStructure(sizeof(CertificateChoices_t));
	if ( cc == NULL )
			return ERR_NO_MEMORY;
	cc->present = CertificateChoices_PR_certificate;
	cptr = &cc->choice.certificate;
	asn_cloneContent(&asn_DEF_Certificate, (void *)cert, (void **)&cptr);
	// dodanie certu do listy
	if ( asn_set_add(&(envData->originatorInfo->certs->list), cc) )
		return ERR_OPERATION_FAILED;
	return err;
}
Ejemplo n.º 6
0
Archivo: dvcs.c Proyecto: unizeto/bmd
long _add_to_Data_VPKC(Certificate_t *certificate, long flag, Data_t *data)
{
	long ret_val=0;
	TargetEtcChain_t *target_chain=NULL;

	if(certificate == NULL)
		{ return -1; }
	if(flag != CERT_CONTENT && flag != CERT_HASH)
		{ return -2; }
	if(data == NULL)
		{ return -3; }

	data->present=Data_PR_certs1;

	ret_val=_create_TargetEtcChain(certificate, flag, &target_chain);
	if(ret_val != 0)
	{
		return -4;
	}

	ret_val=asn_set_add(&(data->choice.certs1.list), (void*)target_chain);
	if(ret_val != 0 )
	{
		asn_DEF_TargetEtcChain.free_struct(&asn_DEF_TargetEtcChain, target_chain, 1);
		free(target_chain);
		return -5;
	}

	return 0;
}
Ejemplo n.º 7
0
/*
 * Dodanie RecipientInfo do EnvelopedData
 * Nastepuje dodanie do listy wskazania ! Nie usuwac dodwanych danych !
 */
long EnvelopedData_add_RecipientInfo(EnvelopedData_t *envData, RecipientInfo_t *recInfo)
{
	if ( (envData == NULL) || (recInfo == NULL) )
		return ERR_WRONG_ARGUMENT;
	if ( asn_set_add( &(envData->recipientInfos.list), recInfo) != 0 )
		return ERR_OPERATION_FAILED;
	return 0;
}
Ejemplo n.º 8
0
/*
 * Dodanie SignerInfo do SignedData
 * Nastepuje dodanie wskazania do listy, wiec nie usuwac dancyh
 */
long SignedData_add_SignerInfo(SignedData_t *sigData, SignerInfo_t *sigInfo)
{
	if (( sigData == NULL ) || ( sigInfo == NULL ))
		return ERR_WRONG_ARGUMENT;
	if ( asn_set_add(&(sigData->signerInfos.list), sigInfo) != 0 )
		return ERR_OPERATION_FAILED;
	return 0;
}
Ejemplo n.º 9
0
// Dodanie atrybutu do atrybutow niepodpisanych
// Atrybut jest dodawany do listy poprzez wskazanie, wiec nie nalezy
// usuwac go z pamieci po dodaniu
long UnsignedAttributes_add_Attribute(
	UnsignedAttributes_t *attrs,
	Attribute_t *attr)
{
	if ( (attrs==NULL) || (attr==NULL) )
		return ERR_WRONG_ARGUMENT;
	if ( asn_set_add( &(attrs->list), attr ) != 0 )
		return ERR_OPERATION_FAILED;
	return 0;
}
Ejemplo n.º 10
0
std::vector<uint8_t> Buf2() {
  SequenceRecord_I_IO_I_t val1;
  memset(&val1, 0, sizeof(val1));
  val1.type = 1;
  val1.type3 = 3;
  
  SequenceRecord_I_IO_I_t val2;
  memset(&val2, 0, sizeof(val2));
  val2.type = 10;
  val2.type3 = 30;
  
  SequenceRecord_I_IO_I_t val3;
  memset(&val3, 0, sizeof(val3));
  val3.type = -1;
  val3.type3 = -3;
  
  SequenceRecord_I_IO_I_t val4;
  memset(&val4, 0, sizeof(val4));
  val4.type = -10;
  val4.type3 = -30;
  
  std::vector<uint8_t> buf(DEFAULT_BUF_SIZE);
  SetRecord_ISet_Seqs_of_seq_t rec;
  memset(&rec, 0, sizeof(rec));
  asn_set_add(&rec.set.field1, &val1);
  rec.set.field2 = (struct SeqOfSequenceRecord_I_IO_I*)malloc(sizeof(struct SeqOfSequenceRecord_I_IO_I));
  memset(rec.set.field2, 0, sizeof(*rec.set.field2));
  asn_set_add(rec.set.field2, &val2);
  asn_set_add(&rec.set.field3, &val3);
  rec.set.field4 = (struct SetRecord_ISet_Seqs_of_seq::set::field4*)malloc(sizeof(*rec.set.field4));
  memset(rec.set.field4, 0, sizeof(*rec.set.field4));
  asn_set_add(rec.set.field4, &val4);
  asn_enc_rval_t rval;
  rval = der_encode_to_buffer(&asn_DEF_SetRecord_ISet_Seqs_of_seq, &rec, (void*)buf.data(), buf.size());
  if (rval.encoded >= 0) {
    buf.resize(rval.encoded);
  } else {
    printf("cannot encode record in Buf2");
    exit(0);
  }
  return std::move(buf);
}
Ejemplo n.º 11
0
std::vector<uint8_t> Buf1() {
  std::vector<uint8_t> buf(DEFAULT_BUF_SIZE);
  SetOfSelfRec_t val1;
  memset(&val1, 0, sizeof(val1));
  SetOfSelfRec_t val2;
  memset(&val2, 0, sizeof(val2));
  SetOfSelfRec_t rec;
  memset(&rec, 0, sizeof(rec));
  asn_set_add(&rec.list, &val1);
  asn_set_add(&rec.list, &val2);
  asn_enc_rval_t rval;
  rval = der_encode_to_buffer(&asn_DEF_SetOfSelfRec, &rec, (void*)buf.data(), buf.size());
  if (rval.encoded >= 0) {
    buf.resize(rval.encoded);
  } else {
    printf("cannot encode record in Buf1");
    exit(0);
  }
  return std::move(buf);
}
Ejemplo n.º 12
0
std::vector<uint8_t> Buf1() {
  std::vector<uint8_t> buf(DEFAULT_BUF_SIZE);
  long val1 = Member::Member_value1;
  long val2 = Member::Member_value2;
  long val3 = Member::Member_value3;
  SetOfEnumerated_t rec;
  memset(&rec, 0, sizeof(rec));
  asn_set_add(&rec.list, &val1);
  asn_set_add(&rec.list, &val2);
  asn_set_add(&rec.list, &val3);
  asn_enc_rval_t rval;
  rval = der_encode_to_buffer(&asn_DEF_SetOfEnumerated, &rec, (void*)buf.data(), buf.size());
  if (rval.encoded >= 0) {
    buf.resize(rval.encoded);
  } else {
    printf("cannot encode record in Buf1");
    exit(0);
  }
  return std::move(buf);
}
Ejemplo n.º 13
0
void
metautils_message_add_field(MESSAGE m, const char *n, const void *v, gsize vs)
{
	EXTRA_ASSERT (m!=NULL);
	EXTRA_ASSERT (n!=NULL);
	if (!v || !vs)
		return ;
	Parameter_t *pMember = calloc(1, sizeof(Parameter_t));
	OCTET_STRING_fromBuf(&(pMember->name), n, strlen(n));
	OCTET_STRING_fromBuf(&(pMember->value), v, vs);
	asn_set_add(&(m->content.list), pMember);
}
Ejemplo n.º 14
0
std::vector<uint8_t> Buf2() {
  long val3;
  val3 = e_SetRecord_ISet_Sets_of_enumerated__set__field3__Member::SetRecord_ISet_Sets_of_enumerated__set__field3__Member_value2;
  
  long val4;
  val4 = e_SetRecord_ISet_Sets_of_enumerated__set__field4__Member::SetRecord_ISet_Sets_of_enumerated__set__field4__Member_value3;
  
  std::vector<uint8_t> buf(DEFAULT_BUF_SIZE);
  SetRecord_ISet_Sets_of_enumerated_t rec;
  memset(&rec, 0, sizeof(rec));
  asn_set_add(&rec.set.field3, &val3);
  rec.set.field4 = (struct SetRecord_ISet_Sets_of_enumerated::SetRecord_ISet_Sets_of_enumerated__set::SetRecord_ISet_Sets_of_enumerated__set__field4*)malloc(sizeof(*rec.set.field4));
  memset(rec.set.field4, 0, sizeof(*rec.set.field4));
  asn_set_add(rec.set.field4, &val4);
  asn_enc_rval_t rval;
  rval = der_encode_to_buffer(&asn_DEF_SetRecord_ISet_Sets_of_enumerated, &rec, (void*)buf.data(), buf.size());
  if (rval.encoded >= 0) {
    buf.resize(rval.encoded);
  } else {
    printf("cannot encode record in Buf2");
    exit(0);
  }
  return std::move(buf);
}
Ejemplo n.º 15
0
	void func_fill(gpointer d, gpointer u)
	{
		asn_anonymous_set_ *p_set;
		void *asn1_form;

		if (error_occured || !d)
			return;
		asn1_form = calloc(1, h->asn1_size);
		if (!h->map_API_to_ASN1(d, asn1_form)) {
			free(asn1_form);
			GSETERROR(err, "Element of type [%s] serialization failed!", h->type_name);
			error_occured = TRUE;
		} else {
			p_set = &(((struct anonymous_sequence_s *) u)->list);
			asn_set_add(_A_SET_FROM_VOID(p_set), asn1_form);
		}
	}
Ejemplo n.º 16
0
Archivo: dvcs.c Proyecto: unizeto/bmd
long _create_CertEtcToken(CertEtcToken_PR flag, Certificate_t *certificate, CertEtcToken_t **cert_token)
{
	CertEtcToken_t *certTok=NULL;
	Certificate_t *cert=NULL;

	bmd_crypt_ctx_t *hash_context=NULL;
	GenBuf_t *der=NULL;
	GenBuf_t *hash=NULL;
	long ret_val=0;
	OCTET_STRING_t *octet_str=NULL;
	long status;
	CertificateSerialNumber_t *sn=NULL;
	Name_t *issuer=NULL;
	IssuerSerial_t *issuer_serial=NULL;
	GeneralNames_t *general_list=NULL;
	GeneralName_t *general_name=NULL;


	if(certificate == NULL)
		{ return -1; }
	if(cert_token == NULL)
		{ return -2; }
	if(*cert_token != NULL)
		{ return -3; }

	//wartosci niewymienione w nawiasie nie sa dopuszczalne w DVCSRequest
	if(flag != CertEtcToken_PR_certificate && flag != CertEtcToken_PR_esscertid && flag != CertEtcToken_PR_extension && flag != CertEtcToken_PR_oscpcertid)
		{ return -4; }

	//niezaimplementowane
	if(flag == CertEtcToken_PR_extension || flag == CertEtcToken_PR_oscpcertid)
		{ return -5; }

	certTok=(CertEtcToken_t*)calloc(1, sizeof(CertEtcToken_t));
	if(certTok == NULL)
		{ return -6; }

	//caly certyfikat wrzucany
	if(flag == CertEtcToken_PR_certificate)
	{
		certTok->present=CertEtcToken_PR_certificate;
		ret_val=asn_cloneContent(&asn_DEF_Certificate, (void *)certificate, (void **)&cert);
		if(ret_val != 0)
		{
			free(certTok);
			return -7;
		}
		certTok->choice.certificate=*cert;
		//niszczenie samego opakowania - zawartosc zostala przypisana
		free(cert); cert=NULL;
	}
	//hash z certyfikatu wrzucany (ESSCertId)
	else
	{
		if(flag == CertEtcToken_PR_esscertid)
		{
			certTok->present=CertEtcToken_PR_esscertid;

			status=asn1_encode(&asn_DEF_Certificate,certificate, NULL, &der);
			if( status != BMD_OK )
				return -8;

			//certyfikat zakodoany
			//liczenie hashu
			//liczenie skroutu z danych za pomoca SHA-1
			bmd_set_ctx_hash(&hash_context,BMD_HASH_ALGO_SHA1);
			bmd_hash_data(der, &hash_context, &hash, NULL);
			free_gen_buf(&der);
			bmd_ctx_destroy(&hash_context);

			//hash wyliczony
			/*Hash_t jest typedefem na OCTET_STRING_t*/
			octet_str=OCTET_STRING_new_fromBuf(&asn_DEF_OCTET_STRING, (const char*)hash->buf, hash->size);
			free_gen_buf(&hash);
			if(hash == NULL)
			{
				free(certTok);
				return -12;
			}
			//
			certTok->choice.esscertid.certHash=*octet_str;
			//niszczenie samego opakowania - zawartosc zostala przypisana
			free(octet_str); octet_str=NULL;

			/*!DONE issuerSerial*/

			//klonowanie seriala certyfikatu z Certificate_t
			ret_val=asn_cloneContent( &asn_DEF_CertificateSerialNumber, &(cert->tbsCertificate.serialNumber), (void **)&(sn));
			if(ret_val != 0)
			{
				asn_DEF_CertEtcToken.free_struct(&asn_DEF_CertEtcToken, certTok ,1);
				free(certTok);
				return -13;
			}

			ret_val=asn_cloneContent( &asn_DEF_Name, &(cert->tbsCertificate.issuer), (void **)&(issuer));
			if(ret_val != 0)
			{
				asn_DEF_CertEtcToken.free_struct(&asn_DEF_CertEtcToken, certTok ,1);
				free(certTok);
				asn_DEF_CertificateSerialNumber.free_struct(&asn_DEF_CertificateSerialNumber, sn, 1);
				free(sn); sn=NULL;
				return -14;
			}

			general_name=(GeneralName_t*)calloc(1, sizeof(GeneralName_t));
			if(general_name == NULL)
			{
				asn_DEF_CertEtcToken.free_struct(&asn_DEF_CertEtcToken, certTok ,1);
				free(certTok);
				asn_DEF_CertificateSerialNumber.free_struct(&asn_DEF_CertificateSerialNumber, sn, 1);
				free(sn); sn=NULL;
				asn_DEF_Name.free_struct(&asn_DEF_Name, issuer, 1);
				free(issuer); issuer=NULL;
				return -15;
			}

			general_name->present=GeneralName_PR_directoryName;
			general_name->choice.directoryName=*issuer;
			free(issuer); issuer=NULL; //opakowanie mozna zwolnic (bebechy przypisane wewnatrz general_name)

			general_list=(GeneralNames_t*)calloc(1, sizeof(GeneralNames_t));
			if(general_list == NULL)
			{
				asn_DEF_CertEtcToken.free_struct(&asn_DEF_CertEtcToken, certTok ,1);
				free(certTok);
				asn_DEF_CertificateSerialNumber.free_struct(&asn_DEF_CertificateSerialNumber, sn, 1);
				free(sn); sn=NULL;
				//opakowanie issuer zostalo zwolnione a bebechy odpowiednio przypisane do general_name
				asn_DEF_GeneralName.free_struct(&asn_DEF_GeneralName, general_name, 1);
				free(general_name); general_name=NULL;
				return -16;
			}

			//binduje wskaznik, wiec juz z general_name nic nie trzeba juz robic
			if( (asn_set_add((void*)&(general_list->list), (void*)general_name)) != 0 )
			{
				asn_DEF_CertEtcToken.free_struct(&asn_DEF_CertEtcToken, certTok ,1);
				free(certTok);
				asn_DEF_CertificateSerialNumber.free_struct(&asn_DEF_CertificateSerialNumber, sn, 1);
				free(sn); sn=NULL;
				asn_DEF_GeneralName.free_struct(&asn_DEF_GeneralName, general_name, 1);
				free(general_name); general_name=NULL;
				free(general_list); general_list=NULL;
				return -17;
			}

			issuer_serial=(IssuerSerial_t*)calloc(1, sizeof(IssuerSerial_t));
			if(issuer_serial == NULL)
			{
				asn_DEF_CertEtcToken.free_struct(&asn_DEF_CertEtcToken, certTok ,1);
				free(certTok);
				asn_DEF_CertificateSerialNumber.free_struct(&asn_DEF_CertificateSerialNumber, sn, 1);
				free(sn); sn=NULL;
				asn_DEF_GeneralNames.free_struct(&asn_DEF_GeneralNames, general_list, 1);
				free(general_list); general_list=NULL;
				return -18;
			}

			issuer_serial->issuer=*general_list;
			free(general_list); general_list=NULL; //opakowanie mozna zwolnic, bebechy odpowiendio przypisane

			issuer_serial->serial=*sn;
			free(sn); sn=NULL; //opakowanie mozna zwolnic, bebechy odpowiendio przypisane

			//binduje wskazniki
			certTok->choice.esscertid.issuerSerial=issuer_serial;

			/*!DONE issuerSerial*/
		}
	}

	*cert_token=certTok;
	return 0;
}
Ejemplo n.º 17
0
long _PR2_BMDDatagram_set_metadata(	MetaDataBuf_t **mtds,
						long no,
						long type,
						BMDDatagram_t **asn1_dtg)
{
long i				= 0;

long lenOfOids			= 0;
long lenOfMyIds			= 0;
long lenOfOwnerIds		= 0;
long lenOfOwnerTypes		= 0;
long lenOfDatas			= 0;

char **OID_str_array		= NULL;
char **myId_str_array		= NULL;
char **ownerId_str_array	= NULL;
char **ownerType_str_array	= NULL;

char *OIDs_str			= NULL;
char *myIds_str			= NULL;
char *ownerIds_str		= NULL;
char *ownerTypes_str		= NULL;
char *datas_str			= NULL;

char *pointer_temp		= NULL;
INTEGER_t *INTEGER_temp		= NULL;

struct MetaDatas *tmp_mtd	= NULL;


	if(mtds==NULL)		{	BMD_FOK(BMD_ERR_PARAM1);	}
	if(no<0)			{	BMD_FOK(BMD_ERR_PARAM2);	}

	if( (type!=_PR2_SYS_MTD) && (type!=_PR2_ACT_MTD) &&
	    (type!=_PR2_ADD_MTD) && (type!=_PR2_PKI_MTD) )
	{
		BMD_FOK(BMD_ERR_PARAM3);
	}

	if(asn1_dtg==NULL)		{	BMD_FOK(BMD_ERR_PARAM4);	}
	if((*asn1_dtg)==NULL)		{	BMD_FOK(BMD_ERR_PARAM4);	}


	tmp_mtd=(struct MetaDatas *)malloc(sizeof(struct MetaDatas));
	if(tmp_mtd == NULL)		{       BMD_FOK(NO_MEMORY);	}
	memset(tmp_mtd,0,sizeof(struct MetaDatas));


	OID_str_array = (char **)malloc( (no + 1) * sizeof(char *));
	if(OID_str_array == NULL)	{	BMD_FOK(NO_MEMORY);	}
	memset(OID_str_array, 0, (no + 1) * sizeof(char *));

	myId_str_array = (char **)malloc( (no + 1) * sizeof(char *));
	if(myId_str_array == NULL)	{	BMD_FOK(NO_MEMORY);	}
	memset(myId_str_array, 0, (no + 1) * sizeof(char *));

	ownerId_str_array = (char **)malloc( (no + 1) * sizeof(char *));
	if(ownerId_str_array == NULL)	{	BMD_FOK(NO_MEMORY);	}
	memset(ownerId_str_array, 0, (no + 1) * sizeof(char *));

	ownerType_str_array = (char **)malloc( (no + 1) * sizeof(char *));
	if(ownerType_str_array == NULL)	{	BMD_FOK(NO_MEMORY);	}
	memset(ownerType_str_array, 0, (no + 1) * sizeof(char *));

	/*Konwersja na char* oraz zliczenie wielkosci potrzebnych buforow*/
	for(i=0;i<no;i++)
	{
		OID_str_array[i]=(char*)malloc(sizeof(char)*(strlen(mtds[i]->OIDTableBuf)+1));
		memset(OID_str_array[i], 0, strlen(mtds[i]->OIDTableBuf)+1);
		memcpy(OID_str_array[i], mtds[i]->OIDTableBuf, strlen(mtds[i]->OIDTableBuf));
// 		PRINT_TEST("LIBBMDPRVDEBUG Encoding loop i: %li, OID_str_array[i]: %s\n", i, OID_str_array[i]);
		lenOfOids = lenOfOids + (long)strlen(OID_str_array[i]) + 1;

		asprintf(&(myId_str_array[i]), "%li", mtds[i]->myId);
		if(myId_str_array[i] == NULL)		{	 BMD_FOK(NO_MEMORY);	}
// 		PRINT_TEST("LIBBMDPRVDEBUG Encoding loop i: %li, myId_str_array[i]: %s\n", i, myId_str_array[i]);
		lenOfMyIds = lenOfMyIds + (long)strlen(myId_str_array[i]) + 1;

		asprintf(&(ownerId_str_array[i]), "%li", mtds[i]->ownerId);
		if(ownerId_str_array[i] == NULL)	{	BMD_FOK(NO_MEMORY);	}
// 		PRINT_TEST("LIBBMDPRVDEBUG Encoding loop i: %li, ownerId_str_array[i]: %s\n", i, ownerId_str_array[i]);
		lenOfOwnerIds = lenOfOwnerIds + (long)strlen(ownerId_str_array[i]) + 1;

		asprintf(&(ownerType_str_array[i]), "%li", mtds[i]->ownerType);
		if(ownerType_str_array[i] == NULL)	{	BMD_FOK(NO_MEMORY);	}
// 		PRINT_TEST("LIBBMDPRVDEBUG Encoding loop i: %li, ownerType_str_array[i]: %s\n", i, ownerType_str_array[i]);
		lenOfOwnerTypes = lenOfOwnerTypes + (long)strlen(ownerType_str_array[i]) + 1;

		lenOfDatas = lenOfDatas + mtds[i]->AnySize + 1;
	}

	/*Po kolei tworze bufory przechowujace odpowiednie lancuchy i kopiuje do nich wczesniej pobrane dane*/
	OIDs_str = malloc(lenOfOids * sizeof(char));
	if(OIDs_str == NULL) {	BMD_FOK(NO_MEMORY);	}
	memset(OIDs_str, 0, lenOfOids * sizeof(char));
	pointer_temp = OIDs_str;
	for(i = 0; i < no; i++)
	{
		memcpy(pointer_temp, OID_str_array[i], strlen(OID_str_array[i]));
// 		PRINT_VDEBUG("LIBBMDPRVDEBUG Encoding loop i: %li, OID_str: %s\n", i, pointer_temp);
		pointer_temp = pointer_temp + strlen( OID_str_array[i] ) + 1;

		INTEGER_temp = (INTEGER_t*)malloc(sizeof(INTEGER_t));
		if(INTEGER_temp == NULL)        {       BMD_FOK(NO_MEMORY);     }
		memset(INTEGER_temp, 0, sizeof(INTEGER_t));
		BMD_FOK(asn_long2INTEGER(INTEGER_temp, (long)strlen( OID_str_array[i] )));
		asn_set_add( &(tmp_mtd->lenOfOids.list), INTEGER_temp);
		INTEGER_temp = NULL;
		free(OID_str_array[i]);
		OID_str_array[i] = NULL;
	}
	free(OID_str_array); OID_str_array = NULL;

	myIds_str = malloc(lenOfMyIds * sizeof(char));
	if(myIds_str == NULL)                            {       BMD_FOK(NO_MEMORY);     }
	memset(myIds_str, 0, lenOfMyIds * sizeof(char));
	pointer_temp = myIds_str;
	for(i = 0; i < no; i++)
	{
		memcpy(pointer_temp, myId_str_array[i], strlen(myId_str_array[i]));
// 		PRINT_VDEBUG("LIBBMDPRVDEBUG Encoding loop i: %li, myId_str: %s\n", i, pointer_temp);
		pointer_temp = pointer_temp + strlen(myId_str_array[i]) + 1;

		INTEGER_temp = (INTEGER_t*)malloc(sizeof(INTEGER_t));
		if(INTEGER_temp == NULL)        {       BMD_FOK(NO_MEMORY);     }
		memset(INTEGER_temp, 0, sizeof(INTEGER_t));
		BMD_FOK(asn_long2INTEGER(INTEGER_temp, (long)strlen(myId_str_array[i])));
		asn_set_add( &(tmp_mtd->lenOfMyIds.list), INTEGER_temp);
		INTEGER_temp = NULL;

		free(myId_str_array[i]);
		myId_str_array[i] = NULL;
	}
	free(myId_str_array); myId_str_array = NULL;


	ownerIds_str = malloc(lenOfOwnerIds * sizeof(char));
	if(ownerIds_str == NULL)			{	BMD_FOK(NO_MEMORY);	}
	memset(ownerIds_str, 0, lenOfOwnerIds * sizeof(char));
	pointer_temp = ownerIds_str;
	for(i = 0; i < no; i++)
	{
		memcpy(pointer_temp, ownerId_str_array[i], strlen(ownerId_str_array[i]));
// 		PRINT_VDEBUG("LIBBMDPRVDEBUG Encoding loop i: %li, ownerIds_str: %s\n", i, pointer_temp);
		pointer_temp = pointer_temp + strlen(ownerId_str_array[i]) + 1;

		INTEGER_temp = (INTEGER_t*)malloc(sizeof(INTEGER_t));
		if(INTEGER_temp == NULL)        {       BMD_FOK(NO_MEMORY);     }
		memset(INTEGER_temp, 0, sizeof(INTEGER_t));
		BMD_FOK(asn_long2INTEGER(INTEGER_temp, (long)strlen(ownerId_str_array[i])));
		asn_set_add( &(tmp_mtd->lenOfOwnerIds.list), INTEGER_temp);
		INTEGER_temp = NULL;

		free(ownerId_str_array[i]);
		ownerId_str_array[i] = NULL;
	}
	free(ownerId_str_array); ownerId_str_array = NULL;


	ownerTypes_str = malloc(lenOfOwnerTypes * sizeof(char));
	if(ownerTypes_str == NULL)			{	BMD_FOK(NO_MEMORY);	}
	memset(ownerTypes_str, 0, lenOfOwnerTypes * sizeof(char));
	pointer_temp = ownerTypes_str;
	for(i = 0; i < no; i++)
	{
		memcpy(pointer_temp, ownerType_str_array[i], strlen(ownerType_str_array[i]));
// 		PRINT_VDEBUG("LIBBMDPRVDEBUG Encoding loop i: %li, ownerType_str: %s\n", i, pointer_temp);
		pointer_temp = pointer_temp + strlen(ownerType_str_array[i]) + 1;

		INTEGER_temp = (INTEGER_t*)malloc(sizeof(INTEGER_t));
		if(INTEGER_temp == NULL)        {       BMD_FOK(NO_MEMORY);     }
		memset(INTEGER_temp, 0, sizeof(INTEGER_t));
		BMD_FOK(asn_long2INTEGER(INTEGER_temp, (long)strlen(ownerType_str_array[i])));
		asn_set_add( &(tmp_mtd->lenOfOwnerTypes.list), INTEGER_temp);
		INTEGER_temp = NULL;

		free(ownerType_str_array[i]);
		ownerType_str_array[i] = NULL;
	}
	free(ownerType_str_array); ownerType_str_array = NULL;


	datas_str = malloc(lenOfDatas * sizeof(char));
	if(datas_str == NULL)				{	BMD_FOK(NO_MEMORY);	}
	memset(datas_str, 0, lenOfDatas * sizeof(char));
	pointer_temp = datas_str;
	for(i = 0; i < no; i++)
	{
		memcpy(pointer_temp, mtds[i]->AnyBuf, mtds[i]->AnySize);
// PRINT_VDEBUG("LIBBMDPRVDEBUG Encoding loop i: %li, data string len: %li\n", i, mtds[i]->AnySize);
		pointer_temp = pointer_temp + mtds[i]->AnySize + 1;

		INTEGER_temp = (INTEGER_t*)malloc(sizeof(INTEGER_t));
		if(INTEGER_temp == NULL)        {       BMD_FOK(NO_MEMORY);     }
		memset(INTEGER_temp, 0, sizeof(INTEGER_t));
		BMD_FOK(asn_long2INTEGER(INTEGER_temp, mtds[i]->AnySize));
		asn_set_add( &(tmp_mtd->lenOfDatas.list), INTEGER_temp);
		INTEGER_temp = NULL;

        }


	BMD_FOK(OCTET_STRING_fromBuf( &(tmp_mtd->datas), datas_str, lenOfDatas));
	free(datas_str); datas_str = NULL;

	BMD_FOK(OCTET_STRING_fromBuf( &(tmp_mtd->oids), OIDs_str, lenOfOids));
	free(OIDs_str); OIDs_str = NULL;

	BMD_FOK(OCTET_STRING_fromBuf( &(tmp_mtd->myIds), myIds_str, lenOfMyIds));
	free(myIds_str); myIds_str = NULL;

	BMD_FOK(OCTET_STRING_fromBuf( &(tmp_mtd->ownerIds), ownerIds_str , lenOfOwnerIds));
	free(ownerIds_str); ownerIds_str = NULL;

	BMD_FOK(OCTET_STRING_fromBuf( &(tmp_mtd->ownerTypes), ownerTypes_str, lenOfOwnerTypes));
	free(ownerTypes_str); ownerTypes_str = NULL;

	switch(type)
	{
		case _PR2_SYS_MTD:
			(*asn1_dtg)->sysMetaDatas = tmp_mtd;
			break;
		case _PR2_ACT_MTD:
			(*asn1_dtg)->actionMetaDatas = tmp_mtd;
			break;
		case _PR2_ADD_MTD:
			(*asn1_dtg)->additionalMetaDatas = tmp_mtd;
			break;
		case _PR2_PKI_MTD:
			(*asn1_dtg)->pkiMetaDatas = tmp_mtd;
			break;
	};
	tmp_mtd = NULL; /*Nie zwalniac*/

	return BMD_OK;
}
Ejemplo n.º 18
0
Archivo: dvcs.c Proyecto: unizeto/bmd
long _add_to_Data_VSD_External(GenBuf_t *signedData, GenBuf_t *dataContent, long dataContentType, char* hashAlgorithmOid, Data_t *data)
{
	long retVal=0;
	DigestInfo_t *digestInfo=NULL;
	long sha1_oid[] = { OID_SHA_1_LONG};
	GenBuf_t *hash = NULL;
	bmd_crypt_ctx_t *hash_ctx=NULL;
	

	if(signedData == NULL)
		{ return -1; }
	if(signedData->buf == NULL)
		{ return -2; }
	if(dataContent == NULL)
		{ return -3; }
	if(dataContent->buf == NULL)
		{ return -4; }
	if(data == NULL)
		{ return -5; }
	// gdy przekazany podpisany dokument, parametr hashAlgorithmOid jest ignorowany
	if(dataContentType == BMDDVCS_EXTERNAL_DOCUMENT_HASH && hashAlgorithmOid == NULL)
		{ return -6; }

	data->present=Data_PR_messageInfo;

	//ustawienie podpisu zewnetrznego

	retVal=OCTET_STRING_fromBuf( &(data->choice.messageInfo.message), signedData->buf, signedData->size);
	if(retVal != 0)
		{ return -10; }


	//ustawienie skrotu z podpisanych danych

	digestInfo=(DigestInfo_t*)calloc(1, sizeof(DigestInfo_t));
	if(digestInfo == NULL)
	{
		asn_DEF_MessageInfo.free_struct(&asn_DEF_MessageInfo, &(data->choice.messageInfo), 1);
		return -11;
	}

	//ustawienie oidu funkcji skrotu (jesli przekazany byl skrot, a nie caly dokument)
	if(dataContentType == BMDDVCS_EXTERNAL_DOCUMENT_HASH)
	{
		retVal=String2OID(	hashAlgorithmOid, &(digestInfo->digestAlgorithm.algorithm));
		if(retVal < 0)
		{
			asn_DEF_MessageInfo.free_struct(&asn_DEF_MessageInfo, &(data->choice.messageInfo), 1);
			free(digestInfo);
			return -20;
		}
	}
	else
	{
		retVal=OBJECT_IDENTIFIER_set_arcs( &(digestInfo->digestAlgorithm.algorithm), sha1_oid, sizeof(long), sizeof(sha1_oid)/sizeof(long));
		if(retVal != 0)
		{
			asn_DEF_MessageInfo.free_struct(&asn_DEF_MessageInfo, &(data->choice.messageInfo), 1);
			free(digestInfo);
			return -12;
		}
	}

	//ustawienie wartosci skrotu
	if(dataContentType == BMDDVCS_EXTERNAL_DOCUMENT_HASH) //gotowy skrot
	{
		
		retVal=OCTET_STRING_fromBuf( &(digestInfo->digest), dataContent->buf, dataContent->size);
		if(retVal != 0)
		{
			asn_DEF_MessageInfo.free_struct(&asn_DEF_MessageInfo, &(data->choice.messageInfo), 1);
			asn_DEF_DigestInfo.free_struct(&asn_DEF_DigestInfo, digestInfo, 1);
			free(digestInfo);
			return -13;
		}

	}
	else //wyliczanie skrotu
	{
		retVal=bmd_set_ctx_hash(&hash_ctx, BMD_HASH_ALGO_SHA1);
		if(retVal != BMD_OK)
		{
			asn_DEF_MessageInfo.free_struct(&asn_DEF_MessageInfo, &(data->choice.messageInfo), 1);
			asn_DEF_DigestInfo.free_struct(&asn_DEF_DigestInfo, digestInfo, 1);
			free(digestInfo);
			return -14;
		}

		retVal=bmd_hash_data(dataContent, &hash_ctx, &hash, NULL);
		bmd_ctx_destroy(&hash_ctx);
		if(retVal != BMD_OK)
		{
			asn_DEF_MessageInfo.free_struct(&asn_DEF_MessageInfo, &(data->choice.messageInfo), 1);
			asn_DEF_DigestInfo.free_struct(&asn_DEF_DigestInfo, digestInfo, 1);
			free(digestInfo);
			return -15;
		}
		
		retVal=OCTET_STRING_fromBuf( &(digestInfo->digest), hash->buf, hash->size);
		free_gen_buf(&hash);
		if(retVal != 0)
		{
			asn_DEF_MessageInfo.free_struct(&asn_DEF_MessageInfo, &(data->choice.messageInfo), 1);
			asn_DEF_DigestInfo.free_struct(&asn_DEF_DigestInfo, digestInfo, 1);
			free(digestInfo);
			return -16;
		}
		
	}
	
	//wstawienie digestInfo do zbioru externalData
	if( (asn_set_add((void*)&(data->choice.messageInfo.externalData.list), (void*)digestInfo)) != 0 )
	{
		asn_DEF_MessageInfo.free_struct(&asn_DEF_MessageInfo, &(data->choice.messageInfo), 1);
		asn_DEF_DigestInfo.free_struct(&asn_DEF_DigestInfo, digestInfo, 1);
		free(digestInfo);
		return -17;
	}
	

	return 0;
}
Ejemplo n.º 19
0
/*
WSZ porzdki - BMD_ERR_LOAD_SIG_POLICY (-77)
@return BMD_ERR_LOAD_SIG_POLICY (-77) jesli nie mona zaladowac badz zdekodowac wskazanej polityki podpisu
@return BMDPKI_ERR_FIND_CERT_STORE (-78) jesli nie mozna odnalezc magazynu certyfikatow zaufanych
z funkcji bmd_verify_cert_with_crl():
@return BMD_ERR_PARAM1				- niewlasciwe wywolanie
@return BMD_ERR_OP_FAILED			- wiele bledow nie okreslonych blizej
@return BMD_ERR_PKI_NO_CRL (-56)	- nie moze wczytac listy CRL
@return BMD_ERR_PKI_VERIFY			- blad weryfikacji certyfikatu
*/
long bmd_set_signature_params_policy(bmd_signature_params_t *sig_params,char *sig_policy,long auto_params_create,GenBuf_t *cert, CertExtConfig_t *certCheckParams)
{
long status;
GenBuf_t *buf=NULL;
SignaturePolicy_t *policy=NULL;
asn_dec_rval_t rval;
CMSAttrs_t *policy_signed_attrs=NULL;
SignerAndVerifierRules_t *SigVerRules=NULL;
long i=0;
long j=0;
long type;
char *policy_oid=NULL;
bmd_crypt_ctx_t *hash_ctx=NULL;
GenBuf_t *policy_hash_buf=NULL;
GenBuf_t *cert_hash_buf=NULL;
Attribute_t *sig_pol_attr=NULL;
Attribute_t *cert_attr=NULL;
Attribute_t *time_attr=NULL;
Certificate_t *asn1_cert=NULL;
CertificateTrustPoint_t *trust_point=NULL;
CertificateTrustTrees_t *trust_trees=NULL;
SigningCertTrustCondition_t *sig_cert_trust=NULL;
GeneralNames_t *g_names=NULL;
GeneralName_t *g_name=NULL;
char *policy_url=NULL;
long trust_condition=0;

GenBuf_t **trusted_certs=NULL;
GenBuf_t **constructed_cert_path=NULL;
long cert_path_length=0;

long flag_trust_found=0;

	if(sig_params==NULL)
	{
		PRINT_DEBUG("LIBBMDPKIERR Invalid first parameter value. Error=%i\n",BMD_ERR_PARAM1);
		return BMD_ERR_PARAM1;
	}
	if(sig_policy==NULL)
	{
		PRINT_DEBUG("LIBBMDPKIERR Invalid second parameter value. Error=%i\n",BMD_ERR_PARAM2);
		return BMD_ERR_PARAM2;
	}

	status=_bmd_load_signature_policy(sig_policy,&buf);
	if(status!=BMD_OK)
	{
		PRINT_DEBUG("LIBBMDPKIERR Error loading signature policy. Error=%i\n",BMDPKI_ERR_LOAD_SIG_POLICY);
		return BMDPKI_ERR_LOAD_SIG_POLICY;
	}
	rval=ber_decode(NULL,&asn_DEF_SignaturePolicy,&(sig_params->signature_policy),buf->buf,buf->size);
	if(rval.code!=RC_OK)
	{
		PRINT_DEBUG("LIBBMDPKIERR Error loading signature policy. Error=%i\n",BMDPKI_ERR_LOAD_SIG_POLICY);
		return BMDPKI_ERR_LOAD_SIG_POLICY;
	}

	policy=(SignaturePolicy_t *)sig_params->signature_policy;
	/* pobranie zaufanych certyfikatow dla podpisujacego z polityki podpisu */
	trust_trees=&(policy->signPolicyInfo.signatureValidationPolicy.commonRules.signingCertTrustCondition->signerTrustTrees);
	trusted_certs=(GenBuf_t **)calloc((trust_trees->list.count+2), sizeof(GenBuf_t *));
	for(i=0;i<trust_trees->list.count;i++)
	{
		trust_point=trust_trees->list.array[i];
		asn1_encode(&asn_DEF_Certificate,&(trust_point->trustpoint), NULL, &(trusted_certs[i]));
	}

	if(sig_params->tcc) /* jesli ustawiono Trusted Cert Store */
	{
		status=bmd_verify_cert_path(cert,sig_params->tcc,&constructed_cert_path,NULL);
		if(status==BMD_OK)
		{
			i=0;
			while(constructed_cert_path[i])
			{
				i++;
			}
			cert_path_length=i;

			i=0;
			while(trusted_certs[i])
			{
				if(trusted_certs[i]->size==constructed_cert_path[cert_path_length-1]->size)
				{
					if(memcmp(trusted_certs[i]->buf,constructed_cert_path[cert_path_length-1]->buf,trusted_certs[i]->size)==0)
					{
						flag_trust_found=1;
						break;
					}
				}
				i++;
			}
			if(flag_trust_found==0)
			{
				PRINT_DEBUG("LIBBMDPKIERR Error. Error=%i\n",BMD_ERR_OP_FAILED);
				return BMD_ERR_OP_FAILED;
			}
		}
		else
		{
			PRINT_DEBUG("LIBBMDPKIERR Error in finding cert store. Error=%i\n",BMDPKI_ERR_FIND_CERT_STORE);
			return BMDPKI_ERR_FIND_CERT_STORE;
		}
	}
	else
	{
		PRINT_DEBUG("LIBBMDPKIERR Error. Error=%i\n",BMD_ERR_OP_FAILED);
		return BMD_ERR_OP_FAILED;
	}

	/* sprawdzenie czy certyfikat ktorym ma sie wykonac podpis jest na CRL - jesli tylko to jest w polityce */
	sig_cert_trust=policy->signPolicyInfo.signatureValidationPolicy.commonRules.signingCertTrustCondition;
	asn_INTEGER2long(&(sig_cert_trust->signerRevReq.endCertRevReq.enuRevReq),&trust_condition);
	if(trust_condition==EnuRevReq_clrCheck)
	{
		if(certCheckParams==NULL) /*na podstawie CRL distribution point w certyfikacie*/
		{
			status=bmd_verify_cert_with_crl(cert, NULL, NULL);
		}
		else if(certCheckParams->check_with_crl > 0)
		{
			if(certCheckParams->download_crl > 0)
			{
				status=bmd_verify_cert_with_crl(cert, certCheckParams->url_of_crl, NULL);
			}
			else if(certCheckParams->use_crl_file > 0)
			{
				status=bmd_verify_cert_with_crl(cert, NULL, certCheckParams->crl_file_path);
			}
			else /*na podstawie CRL distribution point w certyfikacie*/
			{
				status=bmd_verify_cert_with_crl(cert, NULL, NULL);
			}
		}
		else /*jesli wylaczona weryfikacja crl*/
		{
			status=BMD_OK;
		}

		if(status!=BMD_OK)
		{
			PRINT_DEBUG("LIBBMDPKIERR Error. Error=%li\n",status);
			return status;
		}
	}

	/* w tym momencie wiemy ze certyfikat moze wykonac podpis ??? */

	if(auto_params_create==1) /* stworzenie parametrow stalych do podpisu  */
	{
		policy=(SignaturePolicy_t *)sig_params->signature_policy;
		/* ustaw wskaznik na liste obowiazkowych atrybutow podpisanych */
		SigVerRules=policy->signPolicyInfo.signatureValidationPolicy.commonRules.signerAndVeriferRules;
		policy_signed_attrs=&(SigVerRules->signerRules.mandatedSignedAttr);
		sig_params->signed_attributes=(SignedAttributes_t *)malloc(sizeof(SignedAttributes_t));
		memset(sig_params->signed_attributes,0,sizeof(SignedAttributes_t));

		for(i=0;i<policy_signed_attrs->list.count;i++)
		{
			__bmd_determine_signed_attr_type(policy_signed_attrs->list.array[i],&type);
			switch(type)
			{
				case BMD_CMS_ATTR_CONTENT_TYPE: /* rozszerzenie standardowe - nic nie trzeba robic */
					break;
				case BMD_CMS_ATTR_MESSAGE_DIGEST: /* rozszerzenie standardowe - nic nie trzeba robic */
					break;
				case BMD_CMS_ATTR_SIGNING_TIME: /* zostanie stworzony pozniej */
					SigAttr_Create_SigningTime(&time_attr);
					asn_set_add(sig_params->signed_attributes,time_attr);
					break;
				case BMD_CMS_ATTR_SIGNING_CERT:
					if(cert)
					{
						bmd_ctx_destroy(&hash_ctx);
						bmd_set_ctx_hash(&hash_ctx,BMD_HASH_ALGO_SHA1);
						status=bmd_hash_data(cert,&hash_ctx,&cert_hash_buf,NULL);
						ber_decode(NULL,&asn_DEF_Certificate,(void **)&asn1_cert,cert->buf,cert->size);
						SigAttr_Create_SigningCertificate(cert_hash_buf,asn1_cert,&cert_attr);

						asn_set_add(sig_params->signed_attributes,cert_attr);
						bmd_ctx_destroy(&hash_ctx);
						asn_DEF_Certificate.free_struct(&asn_DEF_Certificate,asn1_cert,0);asn1_cert=NULL;
						free_gen_buf(&cert_hash_buf);
					}
					else
					{
						PRINT_DEBUG("LIBBMDPKIERR Error. Error=%i\n",BMD_ERR_OP_FAILED);
						return BMD_ERR_OP_FAILED;
					}
					break;
				case BMD_CMS_ATTR_SIG_POLICY_ID:
					status=OBJECT_IDENTIFIER2string(&(policy->signPolicyInfo.signPolicyIdentifier),&policy_oid);
					if(status!=BMD_OK)
					{
						PRINT_DEBUG("LIBBMDPKIERR Error. Error=%i\n",BMD_ERR_OP_FAILED);
						return BMD_ERR_OP_FAILED;
					}

					/* (by WSZ)  zmiana sposobu wyliczania skrotu polityki podipsu (ProCertum API compatible)
					bmd_ctx_destroy(&hash_ctx);
					status=bmd_set_ctx_hash(&hash_ctx,BMD_HASH_ALGO_SHA1);
					status=bmd_hash_data(buf,&hash_ctx,&policy_hash_buf,NULL);
					*/
					status=bmd_hash_SignaturePolicy(buf, &policy_hash_buf);
					g_names=&(policy->signPolicyInfo.policyIssuerName);
					for(j=0;j<g_names->list.count;j++)
					{
						g_name=g_names->list.array[j];
						if(g_name->present==GeneralName_PR_dNSName)
						{
							GeneralName2string(g_name,&policy_url);
							break;
						}
					}

					SigAttr_Create_SignaturePolicyId(policy_oid,policy_url,policy_hash_buf,&sig_pol_attr);
					asn_set_add(sig_params->signed_attributes,(void *)sig_pol_attr);
					free(policy_oid);
					free(policy_url);
					bmd_ctx_destroy(&hash_ctx);
					free_gen_buf(&policy_hash_buf);

					break;
			}
		}
	}

	i=0;
	if(trusted_certs)
	{
		while(trusted_certs[i])
		{
			free_gen_buf(&(trusted_certs[i]));
			i++;
		}
		free(trusted_certs);trusted_certs=NULL;
	}

	i=0;
	if(constructed_cert_path)
	{
		while(constructed_cert_path[i])
		{
			free_gen_buf(&(constructed_cert_path[i]));
			i++;
		}
		free(constructed_cert_path);constructed_cert_path=NULL;
	}

	return BMD_OK;
}