static chunk_t build_extensions(private_x509_ac_t *this)
{
return asn1_wrap(ASN1_SEQUENCE, "mc",
- build_authorityKeyID(this),
+ build_authorityKeyIdentifier(this),
ASN1_noRevAvail_ext);
}
static chunk_t build_ac(private_x509_ac_t *this)
{
chunk_t signatureValue;
- chunk_t attributeCertificateInfo = build_attr_cert_info(this);
-/*
- signerkey->build_emsa_pkcs1_signature(signerkey, HASH_SHA1,
- attributeCertificateInfo, &signatureValue);
-*/
+ chunk_t attributeCertificateInfo;
+
+ DBG1("build_ac:");
+ attributeCertificateInfo = build_attr_cert_info(this);
+
+ this->signerKey->sign(this->signerKey, SIGN_RSA_EMSA_PKCS1_SHA1,
+ attributeCertificateInfo, &signatureValue);
+
return asn1_wrap(ASN1_SEQUENCE, "mcm",
attributeCertificateInfo,
asn1_algorithmIdentifier(OID_SHA1_WITH_RSA),
this->signerKey = NULL;
this->charging = linked_list_create();
this->groups = linked_list_create();
+ this->ref = 1;
return this;
}
case BUILD_NOT_AFTER_TIME:
this->ac->notAfter = va_arg(args, time_t);
break;
+ case BUILD_SERIAL:
+ this->ac->serialNumber = va_arg(args, chunk_t);
+ break;
case BUILD_CERT:
cert = va_arg(args, certificate_t*);
if (cert->get_type(cert) == CERT_X509)
}
break;
case BUILD_SIGNING_CERT:
+ cert = va_arg(args, certificate_t*);
if (cert->get_type(cert) == CERT_X509)
{
this->ac->signerCert = cert;
BUILD_CERT, user_cert,
BUILD_NOT_BEFORE_TIME, notBefore,
BUILD_NOT_AFTER_TIME, notAfter,
+ BUILD_SERIAL, serial,
BUILD_SIGNING_CERT, signer_cert,
BUILD_SIGNING_KEY, signer_key,
BUILD_END);
if (!attr_cert)
{
- status = 1;
goto end;
}
end:
/* delete all dynamically allocated objects */
+ DESTROY_IF(attr_cert);
DESTROY_IF(signer_key);
DESTROY_IF(signer_cert);
DESTROY_IF(user_cert);
- DESTROY_IF(attr_cert);
free(attr_chunk.ptr);
free(serial.ptr);
closelog();