API Reference | developer.brewmp.com API Reference | developer.brewmp.com

Developer

API Reference

ICERTPARSE_SETCERTBYOPT()

Brew Release
Brew MP 1.0.2
See Also
Error Codes ICertParse ICertParse_SetCert()
Description
Set the certificate with an IxOpt containing the cert.
Params
pif
[]:
The interface pointer.
piCerts
[]:
An object with IxOpts interface to search for certs.
nOptID
[]:
The option ID to search for (usually the cert type).
nIndex
[]:
The index or instance of the cert to set for parsing.
Interface
Prototype
  •    int ICertParse_SetCertByOpt
       (
          const ICertParse *pif,
          IxOpts *piCerts,
          int nOptID,
          int nIndex
       );
    
Return
  • AEE_SUCCESS: Certificate successfully set. AEE_EFAILED: nOptID and nIndex couldn't be found in piCerts. AEESEC_X509_BAD_CERT: error parsing the certificate.
    Can also return other implementation specific error codes.
Side Effect
  • None
Comments
Sets the certificate to be parsed. The certificate is obtained from the IxOpts object, usually an ICertBag by option ID (certificate type) and index. It is generally safe to cast an ICertBag to an IxOpts. It is safe to ignore the error returned by this function. All the other parsing functions return proper error codes even when called after this function returns an error. The certificate is not copied. Only a pointer to it is kept so the life time of the IxOpts object passed and option containing the cert must extend to all calls to ICertParse and for the usage of pointers returned from parsing, particularly GetField and GetFieldPart. This requires particular care. For example if certificates are deleted out of the IxOpts object in some remote piece of code, trouble will result. This way of adding certificates always trusts the length of the certificate as represented by the xOpt. If the IxOpts object passed in has an ICertBag interface and ICertBag_AddCert was used to add the certificates, then all is safe against buffer overruns. However if ICertBag_AddCert is not used, then the internal ASN.1 length of the certificate should be confirmed to be smaller than the memory buffer it is in before it is added by parsing the first type and length in the ASN.1 DER encoding. There is no length checking here. There can't be because of the way IxOpts works.