SecCertificateRequest.cpp [plain text]
#include <Security/SecCertificateRequest.h>
#include "SecBridge.h"
#include "CertificateRequest.h"
#include "SecImportExport.h"
#include "SecCertificate.h"
CFTypeID
SecCertificateRequestGetTypeID(void)
{
BEGIN_SECAPI
return gTypes().CertificateRequest.typeID;
END_SECAPI1(_kCFRuntimeNotATypeID)
}
OSStatus SecCertificateRequestCreate(
const CSSM_OID *policy,
CSSM_CERT_TYPE certificateType,
CSSM_TP_AUTHORITY_REQUEST_TYPE requestType,
SecKeyRef privateKeyItemRef,
SecKeyRef publicKeyItemRef,
const SecCertificateRequestAttributeList* attributeList,
SecCertificateRequestRef* certRequest)
{
BEGIN_SECAPI
Required(certRequest);
Required(policy);
*certRequest = (new CertificateRequest(*policy, certificateType, requestType,
privateKeyItemRef, publicKeyItemRef, attributeList))->handle();
END_SECAPI
}
OSStatus SecCertificateRequestSubmit(
SecCertificateRequestRef certRequest,
sint32* estimatedTime)
{
BEGIN_SECAPI
CertificateRequest::required(certRequest)->submit(estimatedTime);
END_SECAPI
}
OSStatus SecCertificateRequestGetType(
SecCertificateRequestRef certRequestRef,
CSSM_TP_AUTHORITY_REQUEST_TYPE *requestType)
{
BEGIN_SECAPI
Required(requestType);
*requestType = CertificateRequest::required(certRequestRef)->reqType();
END_SECAPI
}
OSStatus SecCertificateRequestGetResult(
SecCertificateRequestRef certRequestRef,
SecKeychainRef keychain,
sint32 *estimatedTime,
SecCertificateRef *certificateRef)
{
BEGIN_SECAPI
CssmData certData;
*certificateRef = NULL;
CertificateRequest::required(certRequestRef)->getResult(estimatedTime, certData);
if(certData.data() != NULL) {
CFDataRef cfCert = CFDataCreate(NULL, (UInt8 *)certData.data(), certData.Length);
SecExternalItemType itemType = kSecItemTypeCertificate;
CFArrayRef outItems = NULL;
bool freeKcRef = false;
OSStatus ortn;
if(keychain == NULL) {
ortn = SecKeychainCopyDefault(&keychain);
if(ortn) {
certReqDbg("GetResult: SecKeychainCopyDefault failure");
}
else {
freeKcRef = true;
}
}
ortn = SecKeychainItemImport(cfCert, NULL,
NULL, &itemType,
0, NULL, keychain, &outItems);
CFRelease(cfCert);
if(freeKcRef) {
CFRelease(keychain);
}
if(ortn) {
certReqDbg("SecCertificateRequestGetResult: SecKeychainItemImport failure");
MacOSError::throwMe(ortn);
}
CFIndex numItems = CFArrayGetCount(outItems);
switch(numItems) {
case 0:
certReqDbg("SecCertificateRequestGetResult: import zero items");
MacOSError::throwMe(errSecInternalComponent);
default:
certReqDbg("SecCertificateRequestGetResult: import %d items",
(int)numItems);
case 1:
SecCertificateRef certRef =
(SecCertificateRef)(CFArrayGetValueAtIndex(outItems, 0));
if(CFGetTypeID(certRef) != SecCertificateGetTypeID()) {
certReqDbg("SecCertificateRequestGetResult: bad type");
}
else {
CFRetain(certRef);
*certificateRef = certRef;
}
}
CFRelease(outItems);
}
END_SECAPI
}
OSStatus SecCertificateFindRequest(
const CSSM_OID *policy,
CSSM_CERT_TYPE certificateType,
CSSM_TP_AUTHORITY_REQUEST_TYPE requestType,
SecKeyRef publicKeyItemRef,
SecKeyRef privateKeyItemRef,
const SecCertificateRequestAttributeList* attributeList,
SecCertificateRequestRef* certRequest)
{
BEGIN_SECAPI
Required(certRequest);
Required(policy);
*certRequest = (new CertificateRequest(*policy, certificateType, requestType,
privateKeyItemRef, publicKeyItemRef, attributeList, false))->handle();
END_SECAPI
}
OSStatus SecCertificateRequestGetData(
SecCertificateRequestRef certRequestRef,
CSSM_DATA *data)
{
BEGIN_SECAPI
Required(data);
CertificateRequest::required(certRequestRef)->getReturnData(CssmData::overlay(*data));
END_SECAPI
}