gecko-dev/security/nss/lib/crmf/respcmn.c

400 строки
12 KiB
C

/* -*- Mode: C; tab-width: 8 -*-*/
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#include "cmmf.h"
#include "cmmfi.h"
#include "secitem.h"
#include "secder.h"
SECStatus
cmmf_DestroyPKIStatusInfo(CMMFPKIStatusInfo *info, PRBool freeit)
{
if (info->status.data != NULL) {
PORT_Free(info->status.data);
info->status.data = NULL;
}
if (info->statusString.data != NULL) {
PORT_Free(info->statusString.data);
info->statusString.data = NULL;
}
if (info->failInfo.data != NULL) {
PORT_Free(info->failInfo.data);
info->failInfo.data = NULL;
}
if (freeit) {
PORT_Free(info);
}
return SECSuccess;
}
SECStatus
CMMF_DestroyCertResponse(CMMFCertResponse *inCertResp)
{
PORT_Assert(inCertResp != NULL);
if (inCertResp != NULL) {
if (inCertResp->certReqId.data != NULL) {
PORT_Free(inCertResp->certReqId.data);
}
cmmf_DestroyPKIStatusInfo(&inCertResp->status, PR_FALSE);
if (inCertResp->certifiedKeyPair != NULL) {
CMMF_DestroyCertifiedKeyPair(inCertResp->certifiedKeyPair);
}
PORT_Free(inCertResp);
}
return SECSuccess;
}
SECStatus
CMMF_DestroyCertRepContent(CMMFCertRepContent *inCertRepContent)
{
PORT_Assert(inCertRepContent != NULL);
if (inCertRepContent != NULL) {
CMMFCertResponse **pResponse = inCertRepContent->response;
if (pResponse != NULL) {
for (; *pResponse != NULL; pResponse++) {
CMMFCertifiedKeyPair *certKeyPair = (*pResponse)->certifiedKeyPair;
/* XXX Why not call CMMF_DestroyCertifiedKeyPair or
** XXX cmmf_DestroyCertOrEncCert ?
*/
if (certKeyPair != NULL &&
certKeyPair->certOrEncCert.choice == cmmfCertificate &&
certKeyPair->certOrEncCert.cert.certificate != NULL) {
CERT_DestroyCertificate(certKeyPair->certOrEncCert.cert.certificate);
certKeyPair->certOrEncCert.cert.certificate = NULL;
}
}
}
if (inCertRepContent->caPubs) {
CERTCertificate **caPubs = inCertRepContent->caPubs;
for (; *caPubs; ++caPubs) {
CERT_DestroyCertificate(*caPubs);
*caPubs = NULL;
}
}
if (inCertRepContent->poolp != NULL) {
PORT_FreeArena(inCertRepContent->poolp, PR_TRUE);
}
}
return SECSuccess;
}
SECStatus
CMMF_DestroyPOPODecKeyChallContent(CMMFPOPODecKeyChallContent *inDecKeyCont)
{
PORT_Assert(inDecKeyCont != NULL);
if (inDecKeyCont != NULL && inDecKeyCont->poolp) {
PORT_FreeArena(inDecKeyCont->poolp, PR_FALSE);
}
return SECSuccess;
}
SECStatus
crmf_create_prtime(SECItem *src, PRTime **dest)
{
*dest = PORT_ZNew(PRTime);
return DER_DecodeTimeChoice(*dest, src);
}
CRMFCertExtension *
crmf_copy_cert_extension(PLArenaPool *poolp, CRMFCertExtension *inExtension)
{
PRBool isCritical;
SECOidTag id;
SECItem *data;
CRMFCertExtension *newExt;
PORT_Assert(inExtension != NULL);
if (inExtension == NULL) {
return NULL;
}
id = CRMF_CertExtensionGetOidTag(inExtension);
isCritical = CRMF_CertExtensionGetIsCritical(inExtension);
data = CRMF_CertExtensionGetValue(inExtension);
newExt = crmf_create_cert_extension(poolp, id,
isCritical,
data);
SECITEM_FreeItem(data, PR_TRUE);
return newExt;
}
static SECItem *
cmmf_encode_certificate(CERTCertificate *inCert)
{
return SEC_ASN1EncodeItem(NULL, NULL, inCert,
SEC_ASN1_GET(SEC_SignedCertificateTemplate));
}
CERTCertList *
cmmf_MakeCertList(CERTCertificate **inCerts)
{
CERTCertList *certList;
CERTCertificate *currCert;
SECItem *derCert, *freeCert = NULL;
SECStatus rv;
int i;
certList = CERT_NewCertList();
if (certList == NULL) {
return NULL;
}
for (i = 0; inCerts[i] != NULL; i++) {
derCert = &inCerts[i]->derCert;
if (derCert->data == NULL) {
derCert = freeCert = cmmf_encode_certificate(inCerts[i]);
}
currCert = CERT_NewTempCertificate(CERT_GetDefaultCertDB(),
derCert, NULL, PR_FALSE, PR_TRUE);
if (freeCert != NULL) {
SECITEM_FreeItem(freeCert, PR_TRUE);
freeCert = NULL;
}
if (currCert == NULL) {
goto loser;
}
rv = CERT_AddCertToListTail(certList, currCert);
if (rv != SECSuccess) {
goto loser;
}
}
return certList;
loser:
CERT_DestroyCertList(certList);
return NULL;
}
CMMFPKIStatus
cmmf_PKIStatusInfoGetStatus(CMMFPKIStatusInfo *inStatus)
{
long derVal;
derVal = DER_GetInteger(&inStatus->status);
if (derVal == -1 || derVal < cmmfGranted || derVal >= cmmfNumPKIStatus) {
return cmmfNoPKIStatus;
}
return (CMMFPKIStatus)derVal;
}
int
CMMF_CertRepContentGetNumResponses(CMMFCertRepContent *inCertRepContent)
{
int numResponses = 0;
PORT_Assert(inCertRepContent != NULL);
if (inCertRepContent != NULL && inCertRepContent->response != NULL) {
while (inCertRepContent->response[numResponses] != NULL) {
numResponses++;
}
}
return numResponses;
}
SECStatus
cmmf_DestroyCertOrEncCert(CMMFCertOrEncCert *certOrEncCert, PRBool freeit)
{
switch (certOrEncCert->choice) {
case cmmfCertificate:
CERT_DestroyCertificate(certOrEncCert->cert.certificate);
certOrEncCert->cert.certificate = NULL;
break;
case cmmfEncryptedCert:
crmf_destroy_encrypted_value(certOrEncCert->cert.encryptedCert,
PR_TRUE);
certOrEncCert->cert.encryptedCert = NULL;
break;
default:
break;
}
if (freeit) {
PORT_Free(certOrEncCert);
}
return SECSuccess;
}
SECStatus
cmmf_copy_secitem(PLArenaPool *poolp, SECItem *dest, SECItem *src)
{
SECStatus rv;
if (src->data != NULL) {
rv = SECITEM_CopyItem(poolp, dest, src);
} else {
dest->data = NULL;
dest->len = 0;
rv = SECSuccess;
}
return rv;
}
SECStatus
CMMF_DestroyCertifiedKeyPair(CMMFCertifiedKeyPair *inCertKeyPair)
{
PORT_Assert(inCertKeyPair != NULL);
if (inCertKeyPair != NULL) {
cmmf_DestroyCertOrEncCert(&inCertKeyPair->certOrEncCert, PR_FALSE);
if (inCertKeyPair->privateKey) {
crmf_destroy_encrypted_value(inCertKeyPair->privateKey, PR_TRUE);
}
if (inCertKeyPair->derPublicationInfo.data) {
PORT_Free(inCertKeyPair->derPublicationInfo.data);
}
PORT_Free(inCertKeyPair);
}
return SECSuccess;
}
SECStatus
cmmf_CopyCertResponse(PLArenaPool *poolp,
CMMFCertResponse *dest,
CMMFCertResponse *src)
{
SECStatus rv;
if (src->certReqId.data != NULL) {
rv = SECITEM_CopyItem(poolp, &dest->certReqId, &src->certReqId);
if (rv != SECSuccess) {
return rv;
}
}
rv = cmmf_CopyPKIStatusInfo(poolp, &dest->status, &src->status);
if (rv != SECSuccess) {
return rv;
}
if (src->certifiedKeyPair != NULL) {
CMMFCertifiedKeyPair *destKeyPair;
destKeyPair = (poolp == NULL) ? PORT_ZNew(CMMFCertifiedKeyPair) : PORT_ArenaZNew(poolp, CMMFCertifiedKeyPair);
if (!destKeyPair) {
return SECFailure;
}
rv = cmmf_CopyCertifiedKeyPair(poolp, destKeyPair,
src->certifiedKeyPair);
if (rv != SECSuccess) {
if (!poolp) {
CMMF_DestroyCertifiedKeyPair(destKeyPair);
}
return rv;
}
dest->certifiedKeyPair = destKeyPair;
}
return SECSuccess;
}
static SECStatus
cmmf_CopyCertOrEncCert(PLArenaPool *poolp, CMMFCertOrEncCert *dest,
CMMFCertOrEncCert *src)
{
SECStatus rv = SECSuccess;
CRMFEncryptedValue *encVal;
dest->choice = src->choice;
rv = cmmf_copy_secitem(poolp, &dest->derValue, &src->derValue);
switch (src->choice) {
case cmmfCertificate:
dest->cert.certificate = CERT_DupCertificate(src->cert.certificate);
break;
case cmmfEncryptedCert:
encVal = (poolp == NULL) ? PORT_ZNew(CRMFEncryptedValue) : PORT_ArenaZNew(poolp, CRMFEncryptedValue);
if (encVal == NULL) {
return SECFailure;
}
rv = crmf_copy_encryptedvalue(poolp, src->cert.encryptedCert, encVal);
if (rv != SECSuccess) {
if (!poolp) {
crmf_destroy_encrypted_value(encVal, PR_TRUE);
}
return rv;
}
dest->cert.encryptedCert = encVal;
break;
default:
rv = SECFailure;
}
return rv;
}
SECStatus
cmmf_CopyCertifiedKeyPair(PLArenaPool *poolp, CMMFCertifiedKeyPair *dest,
CMMFCertifiedKeyPair *src)
{
SECStatus rv;
rv = cmmf_CopyCertOrEncCert(poolp, &dest->certOrEncCert,
&src->certOrEncCert);
if (rv != SECSuccess) {
return rv;
}
if (src->privateKey != NULL) {
CRMFEncryptedValue *encVal;
encVal = (poolp == NULL) ? PORT_ZNew(CRMFEncryptedValue) : PORT_ArenaZNew(poolp, CRMFEncryptedValue);
if (encVal == NULL) {
return SECFailure;
}
rv = crmf_copy_encryptedvalue(poolp, src->privateKey,
encVal);
if (rv != SECSuccess) {
if (!poolp) {
crmf_destroy_encrypted_value(encVal, PR_TRUE);
}
return rv;
}
dest->privateKey = encVal;
}
rv = cmmf_copy_secitem(poolp, &dest->derPublicationInfo,
&src->derPublicationInfo);
return rv;
}
SECStatus
cmmf_CopyPKIStatusInfo(PLArenaPool *poolp, CMMFPKIStatusInfo *dest,
CMMFPKIStatusInfo *src)
{
SECStatus rv;
rv = cmmf_copy_secitem(poolp, &dest->status, &src->status);
if (rv != SECSuccess) {
return rv;
}
rv = cmmf_copy_secitem(poolp, &dest->statusString, &src->statusString);
if (rv != SECSuccess) {
return rv;
}
rv = cmmf_copy_secitem(poolp, &dest->failInfo, &src->failInfo);
return rv;
}
CERTCertificate *
cmmf_CertOrEncCertGetCertificate(CMMFCertOrEncCert *certOrEncCert,
CERTCertDBHandle *certdb)
{
if (certOrEncCert->choice != cmmfCertificate ||
certOrEncCert->cert.certificate == NULL) {
return NULL;
}
return CERT_NewTempCertificate(certdb,
&certOrEncCert->cert.certificate->derCert,
NULL, PR_FALSE, PR_TRUE);
}
SECStatus
cmmf_PKIStatusInfoSetStatus(CMMFPKIStatusInfo *statusInfo,
PLArenaPool *poolp,
CMMFPKIStatus inStatus)
{
SECItem *dummy;
if (inStatus < cmmfGranted || inStatus >= cmmfNumPKIStatus) {
return SECFailure;
}
dummy = SEC_ASN1EncodeInteger(poolp, &statusInfo->status, inStatus);
PORT_Assert(dummy == &statusInfo->status);
if (dummy != &statusInfo->status) {
SECITEM_FreeItem(dummy, PR_TRUE);
return SECFailure;
}
return SECSuccess;
}