From d517d69ff3dd9d440d5adad3db04f8dcd597c3a6 Mon Sep 17 00:00:00 2001
From: Nalin Dahyabhai <nalin@dahyabhai.net>
Date: Mon, 27 Sep 2010 19:18:39 -0400
Subject: [PATCH 004/150] - assuming we end up with the KDC's cert in
 id->cert, implement create_issuerAndSerial()

---
 src/plugins/preauth/pkinit/pkinit_crypto_nss.c |   29 +++++++++++++++++++++++-
 1 files changed, 28 insertions(+), 1 deletions(-)

diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_nss.c b/src/plugins/preauth/pkinit/pkinit_crypto_nss.c
index 414945f..c25148b 100644
--- a/src/plugins/preauth/pkinit/pkinit_crypto_nss.c
+++ b/src/plugins/preauth/pkinit/pkinit_crypto_nss.c
@@ -759,7 +759,34 @@ create_issuerAndSerial(krb5_context context,
 		       unsigned char **kdcId_buf,
 		       unsigned int *kdcId_len)
 {
-	return ENOSYS;
+	PLArenaPool *pool;
+	struct issuer_and_serial_number isn;
+	SECItem item;
+
+	pool = PORT_NewArena(sizeof(double));
+	if (pool == NULL) {
+		return ENOMEM;
+	}
+
+	if (id_cryptoctx->cert == NULL) {
+		return ENOENT;
+	}
+	isn.issuer = id_cryptoctx->cert->derIssuer;
+	isn.serial = id_cryptoctx->cert->serialNumber;
+
+	if (SEC_ASN1EncodeItem(id_cryptoctx->cert->arena, &item, &isn,
+			       issuer_and_serial_number_template) != &item) {
+		PORT_FreeArena(pool, PR_TRUE);
+		return ENOMEM;
+	}
+
+	if (secitem_to_buf_len(&item, kdcId_buf, kdcId_len) != 0) {
+		PORT_FreeArena(pool, PR_TRUE);
+		return ENOMEM;
+	}
+
+	PORT_FreeArena(pool, PR_TRUE);
+	return 0;
 }
 
 krb5_error_code
-- 
1.7.6.4