extern "C" BASIC_CONSTRAINTS* DecodeBasicConstraints(const unsigned char* buf, int32_t len) { if (!buf || !len) { return nullptr; } return d2i_BASIC_CONSTRAINTS(nullptr, &buf, len); }
extern "C" int32_t DecodeX509BasicConstraints2Extension(const unsigned char* encoded, int32_t encodedLength, int32_t* certificateAuthority, int32_t* hasPathLengthConstraint, int32_t* pathLengthConstraint) { if (!certificateAuthority || !hasPathLengthConstraint || !pathLengthConstraint) { return false; } *certificateAuthority = false; *hasPathLengthConstraint = false; *pathLengthConstraint = 0; int32_t result = false; BASIC_CONSTRAINTS* constraints = d2i_BASIC_CONSTRAINTS(nullptr, &encoded, encodedLength); if (constraints) { *certificateAuthority = constraints->ca != 0; if (constraints->pathlen != nullptr) { *hasPathLengthConstraint = true; long pathLength = ASN1_INTEGER_get(constraints->pathlen); // pathLengthConstraint needs to be in the Int32 range assert(pathLength <= INT32_MAX); *pathLengthConstraint = static_cast<int32_t>(pathLength); } else { *hasPathLengthConstraint = false; *pathLengthConstraint = 0; } BASIC_CONSTRAINTS_free(constraints); result = true; } return result; }