SFBCertBag

Wrapper Class for the ICertBag interface.

#include <SFBCertBag.h.hpp>

class SFBCertBag : public SFBxOpts;

SFMTYPEDEFWRAPPER(SFBCertBag)

Inheritance diagram

Version

BREW 2.0	BREW 2.1	BREW 3.1	BREW 4.0
X	X	X	O

Reference

BREW API ICertBag

Member

Public Functions
`SFCError`	AddCert( `SInt32` certType , `UInt08ConstPtr` certificate , `SInt32` certLen , `SInt32Ptr` outLen ) The preferred alternate to SFBCertBag::AddOpt() to add certs
`SFCError`	AddCertBag( `SFBCertBagSmpConstRef` newBag ) Add one cert bag to another resulting in nested cert bags.
`SFCError`	GetCert( `SInt32` certType , `SInt32` index , `xOpt *` pCert ) Find a cert in the list of certs in the collection matching the type.
static `SFBCertBagSmp`	NewInstance( `SFCErrorPtr` exception = null ) Create a new SFBCertBag instance.
static `SFBCertBagSmp`	NewInstance( `AEECLSID` id , `SFCErrorPtr` exception = null ) Create a new SFBCertBag instance.
`SFCError`	RemoveCert( `SInt32` certType , `SInt32` index ) Remove a certificate from SFBCertBag.
`SFCError`	AddOpt( `xOpt *` opts ) (inherits from SFBxOpts) Adds the list of xOpt's to the current option set.
`SFCError`	GetOpt( `SInt32` id , `SInt32` index , `xOpt *` opt ) (inherits from SFBxOpts) Find a xOpt in the list of xOpts in index matching id.
`SFCError`	QueryInterface( `AEECLSID` clsid , `VoidHandle` handle ) (inherits from SFBQuery) Ask an object for another API contract from the object in question.
`SFCError`	QueryInterface( `AEECLSID` clsid , `SFBBaseSmpPtr` handle ) (inherits from SFBQuery) Ask an object for another API contract from the object in question.
`SFBBaseSmp`	QueryInterface( `AEECLSID` clsid ) (inherits from SFBQuery) Ask an object for another API contract from the object in question.
`SFCError`	RemoveOpt( `SInt32` id , `SInt32` index ) (inherits from SFBxOpts) remove the nIndex'th xOpt matching nOptId
`Void`	Self( `AEECLSID` clsidReq , `SFBQuerySmpPtr` clone , `AEECLSID` clsidImp ) (inherits from SFBQuery) Helper macro for those implementing an object with a single interface.
`SFBQuerySmp`	Self( `AEECLSID` clsidReq , `AEECLSID` clsidImp ) (inherits from SFBQuery) Helper macro for those implementing an object with a single interface.

Protected Functions
static `SFBBaseSmp`	FactoryByCreate( `AEECLSID` id , `SFCErrorPtr` exception = null ) (inherits from SFBBase) Create the instance for the specified ClassID's interface.
static `SFBBaseSmp`	FactoryByQuery( `SFBQuerySmpConstRef` query , `AEECLSID` id , `SFCErrorPtr` exception = null ) (inherits from SFBBase) Create the instance for the specified ClassID's interface using the SFBQuery instance.

SFBCertBag::AddCert

The preferred alternate to SFBCertBag::AddOpt() to add certs

[ public ]
SFCError AddCert(
    SInt32 certType              // CERTDATAOPT_ROOT_CERTS, CERTDATAOPT_LEAF_CERT or CERTDATAOPT_BRANCH_CERTS 
    UInt08ConstPtr certificate   // Pointer to DER encoded certificate in buffer 
    SInt32 certLen               // Length of input buffer certificate
    SInt32Ptr outLen             // Length of certificate actually added 
);

Return value

AEE_SUCCESS: Certificate was successfully added
AEE_ENOMEMORY: Can't add due to lack of memory
AEE_EMEMPTR: ASN.1/DER length of object greater than nDataLen.
AEE_EREADONLY: Cert bag is read only and certs can't be added

Description

ASN.1/DER formatted certs can be added directly with ICertBag_AddOpt(), however there is no proper buffer length checking when that is done and this may result in a buffer overrun if a corrupt cert is added. Often certificates come from untrusted servers so one cannot generally assume certs are not corrupt.

Reference

BREW API ICertBag_AddCert | BREW API ICertBag_AddOpt

SFBCertBag::AddCertBag

Add one cert bag to another resulting in nested cert bags.

[ public ]
SFCError AddCertBag(
    SFBCertBagSmpConstRef newBag   //  the bag to be added 
);

Return value

AEE_SUCCESS: if the options could be added successfully
AEE_EFAILED: if the specified xOpt couldn't be found
AEE_EBADPARM: if pItem is NULL
AEE_EREADONLY: if instance is read only

Description

This is exactly the same as IxOpt_AddOpt with opt ID XOPT_DEFAULTS. The bag being added, piNewBag, is addref'd. The indexing of certs in nested bags is handled the same as nesting for standard xOpts

Reference

BREW API ICERTBAG_AddBag

SFBCertBag::GetCert

Find a cert in the list of certs in the collection matching the type.

[ public ]
SFCError GetCert(
    SInt32 certType   // id of the certificate / option to find in the bag 
    SInt32 index      // which certificate (if there are multiple xOpts of the same id) to get. nIndex counts from most recently AddOpt()ed option, nIndex is zero-based 
    xOpt * pCert      // where to put the found certificate 
);

Return value

AEE_SUCCESS: if the options could be added successfully
AEE_EFAILED: if the specified xOpt couldn't be found
AEE_EBADPARM: if pCert is NULL

Reference

BREW API ICertBag_GetCert

SFBCertBag::NewInstance

Create a new SFBCertBag instance.

[ public, static ]
SFBCertBagSmp NewInstance(
    SFCErrorPtr exception = null   // Error
);

[ public, static ]
SFBCertBagSmp NewInstance(
    AEECLSID id                    // Class ID
    SFCErrorPtr exception = null   // Error
);

SFBCertBag::RemoveCert

Remove a certificate from SFBCertBag.

[ public ]
SFCError RemoveCert(
    SInt32 certType   // id of the option to find in the options list, XOPT_ANY returns the nIndexth option, if there is one...
    SInt32 index      // which item (if there are multiple xOpts of the same id) to get. nIndex counts from most recently AddOpt()ed option, nIndex is zero-based 
);

Return value

AEE_SUCCESS: if the options could be added successfully
AEE_EFAILED: if the specified xOpt couldn't be found
AEE_EBADPARM: if pItem is NULL
AEE_EREADONLY: if instance is read only

Description

This is exactly the same as SFBxOpts::RemoveOpt.

Reference

BREW API ICertBag_RemoveCert