API Reference | developer.brewmp.com API Reference | developer.brewmp.com

Developer

API Reference

PFNCERTCHAINEXT

Brew Release
Brew MP 1.0.2
See Also
ICertChain_VerifyV()
Description
This is the data type of the call back function that allows the caller to handle arbitrary X.509 v3 certificate extensions.
Params
pUser
[]:
User specified data supplied via CERTDATAOPT_UNKNOWN_EXT_CTX.
pPart
[]:
The extension data
nCertxOptID
[]:
Informs the client as to whether this extension belongs to a root, intermediate or leaf cert - i.e. CERTDATAOPT_ROOT_CERTS, CERTDATAOPT_BRANCH_CERTS or CERTDATAOPT_LEAF_CERT.
puErr
[]:
Error placeholder. Must be populated by the callback routine in the event of errors. Errors will be added to final trust result
Prototype
  •     void (*PFNCERTCHAINEXT)(void *pUser, CertDataCertPart *pPart, 
                                int32 nCertxOptID, uint32 *puErr);
        
Comments
We allow the caller to parse unknown extensions by using xOpts to supply a callback function, together with a context, and either a) the ASN1OID, or b) the Raw OID of the extension that he is interested in. The client may receive all unknown extensions by specifying ASNOID_ANY as a value for the ASN1OID or a NULL value for the Raw OID. For more information on the relevant xOpts, take a look at the description of ICertChain_Verify below. Example usage: nErr = ICertChain_AddCert(pICertChain, CERTDATAOPT_LEAF_CERT, pbCert, uCertLen); awozList[i].nId = CERTDATAOPT_UNKNOWN_EXT_ASN1OID; awozList[i++].pVal = (void*)ASNOID_ANY; awozList[i].nId = CERTDATAOPT_UNKNOWN_EXT_CB; awozList[i++].pVal = (void*)MyExtParser; awozList[i].nId = CERTDATAOPT_UNKNOWN_EXT_CTX; awozList[i++].pVal = (void*)pme->piEnv; ICertChain_AddOpt(pICertChain, awozList); ICertChain_VerifyV(pICertChain, &TR, NULL, NULL);