diff options
| author | Stef Walter <stef@memberwebs.com> | 2007-05-11 17:38:10 +0000 |
|---|---|---|
| committer | Stef Walter <stef@memberwebs.com> | 2007-05-11 17:38:10 +0000 |
| commit | 100c6af02cfe6f4b8b173d22bd93548a5dd79171 (patch) | |
| tree | 41fcdbb6231f0c007bd75906a6f628fe2690d53c | |
| parent | 725dc4b3e32ec3aa90c91e98f05536c194edab00 (diff) | |
Use proper usage functions.
| -rw-r--r-- | ckcapi-trust.c | 49 |
1 files changed, 18 insertions, 31 deletions
diff --git a/ckcapi-trust.c b/ckcapi-trust.c index 30e1200..327f385 100644 --- a/ckcapi-trust.c +++ b/ckcapi-trust.c @@ -54,14 +54,14 @@ typedef struct _TrustObjectData CkCapiObjectData base; PCCERT_CONTEXT cert; - CTL_USAGE* usage; + CERT_ENHKEY_USAGE* usage; } TrustObjectData; static CK_ULONG has_usage(TrustObjectData* tdata, const char* oid) { - CTL_USAGE* usage = tdata->usage; + CERT_ENHKEY_USAGE* usage = tdata->usage; DWORD i; /* No usages, means anything goes */ @@ -248,17 +248,15 @@ static const CkCapiObjectDataVtable trust_objdata_vtable = { }; static CK_RV -parse_usage(TrustObjectData* tdata) +parse_usage(TrustObjectData* tdata, DWORD flags) { - DWORD size, usize, err; - CTL_USAGE* usage; - void* buf; + DWORD size, err; + CERT_ENHKEY_USAGE* usage; ASSERT(!tdata->usage); - /* Get the size of the usage property */ - if(!CertGetCertificateContextProperty(tdata->cert, CERT_CTL_USAGE_PROP_ID, - NULL, &size)) + /* Get the size of the usage */ + if(!CertGetEnhancedKeyUsage(tdata->cert, flags, NULL, &size)) { err = GetLastError(); @@ -268,33 +266,19 @@ parse_usage(TrustObjectData* tdata) return ckcapi_winerr_to_ckr(err); } + usage = (CERT_ENHKEY_USAGE*)calloc(1, size); + if(!usage) + return CKR_HOST_MEMORY; + /* Now get the actual usage property */ - buf = _alloca(size); - if(!CertGetCertificateContextProperty(tdata->cert, CERT_CTL_USAGE_PROP_ID, - buf, &size)) + if(!CertGetEnhancedKeyUsage(tdata->cert, flags, usage, &size)) { err = GetLastError(); if(err == CRYPT_E_NOT_FOUND) - return CKR_OK; + return CKR_OK; return ckcapi_winerr_to_ckr(err); } - /* Get the decoded size of the usage property */ - if(!CryptDecodeObject(X509_ASN_ENCODING, X509_ENHANCED_KEY_USAGE, - buf, size, 0, NULL, &usize)) - return ckcapi_winerr_to_ckr(GetLastError()); - - /* Allocate and decode it */ - usage = (CTL_USAGE*)calloc(1, usize); - if(!usage) - return CKR_HOST_MEMORY; - if(!CryptDecodeObject(X509_ASN_ENCODING, X509_ENHANCED_KEY_USAGE, - buf, size, 0, buf, &usize)) - { - free(usage); - return ckcapi_winerr_to_ckr(GetLastError()); - } - tdata->usage = usage; return CKR_OK; } @@ -322,8 +306,11 @@ trust_load_data(CkCapiSession* sess, CkCapiObject* obj, CkCapiObjectData** objda tdata->cert = ckcapi_cert_object_data_get_certificate (certdata); ASSERT(tdata->cert); - /* Dig up the usage data */ - ret = parse_usage(tdata); + /* Dig up the usage data property, and then try the extension */ + ret = parse_usage(tdata, CERT_FIND_PROP_ONLY_ENHKEY_USAGE_FLAG); + if(ret == CKR_OK && !tdata->usage) + ret = parse_usage(tdata, CERT_FIND_EXT_ONLY_ENHKEY_USAGE_FLAG); + if(ret != CKR_OK) { free(tdata); |