/*
* Basic constructor given issuer's public key and name, and subject's
* serial number.
*/
OCSPClientCertID::OCSPClientCertID(
const CSSM_DATA &issuerName,
const CSSM_DATA &issuerPubKey,
const CSSM_DATA &subjectSerial)
{
mEncoded.Data = NULL;
mEncoded.Length = 0;
allocCopyData(issuerName, mIssuerName);
allocCopyData(issuerPubKey, mIssuerPubKey);
allocCopyData(subjectSerial, mSubjectSerial);
}
/*
* DER encode in specified coder's memory.
*/
const CSSM_DATA *OCSPClientCertID::encode()
{
if(mEncoded.Data != NULL) {
return &mEncoded;
}
SecAsn1OCSPCertID certID;
uint8 issuerNameHash[CC_SHA1_DIGEST_LENGTH];
uint8 pubKeyHash[CC_SHA1_DIGEST_LENGTH];
/* algId refers to the hash we'll perform in issuer name and key */
certID.algId.algorithm = CSSMOID_SHA1;
certID.algId.parameters.Data = nullParam;
certID.algId.parameters.Length = sizeof(nullParam);
/* SHA1(issuerName) */
ocspdSha1(mIssuerName.Data, (CC_LONG)mIssuerName.Length, issuerNameHash);
/* SHA1(issuer public key bytes) */
ocspdSha1(mIssuerPubKey.Data, (CC_LONG)mIssuerPubKey.Length, pubKeyHash);
/* build the CertID from those components */
certID.issuerNameHash.Data = issuerNameHash;
certID.issuerNameHash.Length = CC_SHA1_DIGEST_LENGTH;
certID.issuerPubKeyHash.Data = pubKeyHash;
certID.issuerPubKeyHash.Length = CC_SHA1_DIGEST_LENGTH;
certID.serialNumber = mSubjectSerial;
/* encode */
SecAsn1CoderRef coder;
SecAsn1CoderCreate(&coder);
CSSM_DATA tmp = {0, NULL};
SecAsn1EncodeItem(coder, &certID, kSecAsn1OCSPCertIDTemplate, &tmp);
allocCopyData(tmp, mEncoded);
SecAsn1CoderRelease(coder);
return &mEncoded;
}
