/* * Basic constructor given issuer's public key and name, and subject's * serial number. */ OCSPClientCertID::OCSPClientCertID( const CSSM_DATA &issuerName, const CSSM_DATA &issuerPubKey, const CSSM_DATA &subjectSerial) { mEncoded.Data = NULL; mEncoded.Length = 0; allocCopyData(issuerName, mIssuerName); allocCopyData(issuerPubKey, mIssuerPubKey); allocCopyData(subjectSerial, mSubjectSerial); }
/* * DER encode in specified coder's memory. */ const CSSM_DATA *OCSPClientCertID::encode() { if(mEncoded.Data != NULL) { return &mEncoded; } SecAsn1OCSPCertID certID; uint8 issuerNameHash[CC_SHA1_DIGEST_LENGTH]; uint8 pubKeyHash[CC_SHA1_DIGEST_LENGTH]; /* algId refers to the hash we'll perform in issuer name and key */ certID.algId.algorithm = CSSMOID_SHA1; certID.algId.parameters.Data = nullParam; certID.algId.parameters.Length = sizeof(nullParam); /* SHA1(issuerName) */ ocspdSha1(mIssuerName.Data, (CC_LONG)mIssuerName.Length, issuerNameHash); /* SHA1(issuer public key bytes) */ ocspdSha1(mIssuerPubKey.Data, (CC_LONG)mIssuerPubKey.Length, pubKeyHash); /* build the CertID from those components */ certID.issuerNameHash.Data = issuerNameHash; certID.issuerNameHash.Length = CC_SHA1_DIGEST_LENGTH; certID.issuerPubKeyHash.Data = pubKeyHash; certID.issuerPubKeyHash.Length = CC_SHA1_DIGEST_LENGTH; certID.serialNumber = mSubjectSerial; /* encode */ SecAsn1CoderRef coder; SecAsn1CoderCreate(&coder); CSSM_DATA tmp = {0, NULL}; SecAsn1EncodeItem(coder, &certID, kSecAsn1OCSPCertIDTemplate, &tmp); allocCopyData(tmp, mEncoded); SecAsn1CoderRelease(coder); return &mEncoded; }