The Tor Browser: security/nss/lib/crmf/respcmn.c@b8a032363ba2 (annotated)

security/nss/lib/crmf/respcmn.c@b8a032363ba2 (annotated)

security/nss/lib/crmf/respcmn.c

Thu, 22 Jan 2015 13:21:57 +0100

author: Michael Schloh von Bennewitz <michael@schloh.com>
date: Thu, 22 Jan 2015 13:21:57 +0100
branch: TOR_BUG_9701
changeset 15: b8a032363ba2
permissions: -rw-r--r--

Incorporate requested changes from Mozilla in review:
https://bugzilla.mozilla.org/show_bug.cgi?id=1123480#c6

 /* -*- Mode: C; tab-width: 8 -*-*/
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 #include "cmmf.h"
 #include "cmmfi.h"
 #include "secitem.h"
 #include "secder.h"
 SECStatus
 cmmf_DestroyPKIStatusInfo (CMMFPKIStatusInfo *info, PRBool freeit)
 {
     if (info->status.data != NULL) {
         PORT_Free(info->status.data);
         info->status.data = NULL;
     }
     if (info->statusString.data != NULL) {
         PORT_Free(info->statusString.data);
         info->statusString.data = NULL;
     }
     if (info->failInfo.data != NULL) {
         PORT_Free(info->failInfo.data);
         info->failInfo.data = NULL;
     }
     if (freeit) {
         PORT_Free(info);
     }
     return SECSuccess;
 }
 SECStatus
 CMMF_DestroyCertResponse(CMMFCertResponse *inCertResp)
 {
     PORT_Assert(inCertResp != NULL);
     if (inCertResp != NULL) {
         if (inCertResp->certReqId.data != NULL) {
 	    PORT_Free(inCertResp->certReqId.data);
 	}
 	cmmf_DestroyPKIStatusInfo(&inCertResp->status, PR_FALSE);
 	if (inCertResp->certifiedKeyPair != NULL) {
 	    CMMF_DestroyCertifiedKeyPair(inCertResp->certifiedKeyPair);
 	}
 	PORT_Free(inCertResp);
     }
     return SECSuccess;
 }
 SECStatus
 CMMF_DestroyCertRepContent(CMMFCertRepContent *inCertRepContent)
 {
     PORT_Assert(inCertRepContent != NULL);
     if (inCertRepContent != NULL) {
         CMMFCertResponse   **pResponse = inCertRepContent->response;
         if (pResponse != NULL) {
             for (; *pResponse != NULL; pResponse++) {
 	        CMMFCertifiedKeyPair *certKeyPair = (*pResponse)->certifiedKeyPair;
 		/* XXX Why not call CMMF_DestroyCertifiedKeyPair or
 		** XXX cmmf_DestroyCertOrEncCert ?
 		*/
                 if (certKeyPair != NULL                    &&
                     certKeyPair->certOrEncCert.choice == cmmfCertificate &&
                     certKeyPair->certOrEncCert.cert.certificate != NULL) {
                     CERT_DestroyCertificate
                                  (certKeyPair->certOrEncCert.cert.certificate);
 		    certKeyPair->certOrEncCert.cert.certificate = NULL;
                 }
             }
         }
 	if (inCertRepContent->caPubs) {
 	    CERTCertificate     **caPubs = inCertRepContent->caPubs;
 	    for (; *caPubs; ++caPubs) {
 		CERT_DestroyCertificate(*caPubs);
 		*caPubs = NULL;
 	    }
 	}
 	if (inCertRepContent->poolp != NULL) {
 	    PORT_FreeArena(inCertRepContent->poolp, PR_TRUE);
 	}
     }
     return SECSuccess;
 }
 SECStatus
 CMMF_DestroyPOPODecKeyChallContent(CMMFPOPODecKeyChallContent *inDecKeyCont)
 {
     PORT_Assert(inDecKeyCont != NULL);
     if (inDecKeyCont != NULL && inDecKeyCont->poolp) {
         PORT_FreeArena(inDecKeyCont->poolp, PR_FALSE);
     }
     return SECSuccess;
 }
 SECStatus
 crmf_create_prtime(SECItem *src, PRTime **dest)
 {
    *dest = PORT_ZNew(PRTime);
     return DER_DecodeTimeChoice(*dest, src);
 }
 CRMFCertExtension*
 crmf_copy_cert_extension(PLArenaPool *poolp, CRMFCertExtension *inExtension)
 {
     PRBool             isCritical;
     SECOidTag          id;
     SECItem           *data;
     CRMFCertExtension *newExt;
     PORT_Assert(inExtension != NULL);
     if (inExtension == NULL) {
         return NULL;
     }
     id         = CRMF_CertExtensionGetOidTag(inExtension);
     isCritical = CRMF_CertExtensionGetIsCritical(inExtension);
     data       = CRMF_CertExtensionGetValue(inExtension);
     newExt = crmf_create_cert_extension(poolp, id,
 					isCritical,
 					data);
     SECITEM_FreeItem(data, PR_TRUE);
     return newExt;
 }
 static SECItem*
 cmmf_encode_certificate(CERTCertificate *inCert)
 {
     return SEC_ASN1EncodeItem(NULL, NULL, inCert,
 			      SEC_ASN1_GET(SEC_SignedCertificateTemplate));
 }
 CERTCertList*
 cmmf_MakeCertList(CERTCertificate **inCerts)
 {
     CERTCertList    *certList;
     CERTCertificate *currCert;
     SECItem         *derCert, *freeCert = NULL;
     SECStatus        rv;
     int              i;
     certList = CERT_NewCertList();
     if (certList == NULL) {
         return NULL;
     }
     for (i=0; inCerts[i] != NULL; i++) {
         derCert = &inCerts[i]->derCert;
 	if (derCert->data == NULL) {
 	    derCert = freeCert = cmmf_encode_certificate(inCerts[i]);
 	}
 	currCert=CERT_NewTempCertificate(CERT_GetDefaultCertDB(),
 	                                 derCert, NULL, PR_FALSE, PR_TRUE);
 	if (freeCert != NULL) {
 	    SECITEM_FreeItem(freeCert, PR_TRUE);
 	    freeCert = NULL;
 	}
 	if (currCert == NULL) {
 	    goto loser;
 	}
 	rv = CERT_AddCertToListTail(certList, currCert);
 	if (rv != SECSuccess) {
 	    goto loser;
 	}
     }
     return certList;
  loser:
     CERT_DestroyCertList(certList);
     return NULL;
 }
 CMMFPKIStatus
 cmmf_PKIStatusInfoGetStatus(CMMFPKIStatusInfo *inStatus)
 {
     long derVal;
     derVal = DER_GetInteger(&inStatus->status);
     if (derVal == -1 || derVal < cmmfGranted || derVal >= cmmfNumPKIStatus) {
         return cmmfNoPKIStatus;
     }
     return (CMMFPKIStatus)derVal;
 }
 int
 CMMF_CertRepContentGetNumResponses(CMMFCertRepContent *inCertRepContent)
 {
     int numResponses = 0;
     PORT_Assert (inCertRepContent != NULL);
     if (inCertRepContent != NULL && inCertRepContent->response != NULL) {
         while (inCertRepContent->response[numResponses] != NULL) {
 	    numResponses++;
 	}
     }
     return numResponses;
 }
 SECStatus
 cmmf_DestroyCertOrEncCert(CMMFCertOrEncCert *certOrEncCert, PRBool freeit)
 {
     switch (certOrEncCert->choice) {
     case cmmfCertificate:
         CERT_DestroyCertificate(certOrEncCert->cert.certificate);
 	certOrEncCert->cert.certificate = NULL;
 	break;
     case cmmfEncryptedCert:
         crmf_destroy_encrypted_value(certOrEncCert->cert.encryptedCert,
 				     PR_TRUE);
         certOrEncCert->cert.encryptedCert = NULL;
 	break;
     default:
         break;
     }
     if (freeit) {
         PORT_Free(certOrEncCert);
     }
     return SECSuccess;
 }
 SECStatus
 cmmf_copy_secitem (PLArenaPool *poolp, SECItem *dest, SECItem *src)
 {
     SECStatus rv;
     if (src->data != NULL) {
         rv = SECITEM_CopyItem(poolp, dest, src);
     } else {
         dest->data = NULL;
 	dest->len  = 0;
 	rv = SECSuccess;
     }
     return rv;
 }
 SECStatus
 CMMF_DestroyCertifiedKeyPair(CMMFCertifiedKeyPair *inCertKeyPair)
 {
     PORT_Assert(inCertKeyPair != NULL);
     if (inCertKeyPair != NULL) {
         cmmf_DestroyCertOrEncCert(&inCertKeyPair->certOrEncCert, PR_FALSE);
         if (inCertKeyPair->privateKey) {
             crmf_destroy_encrypted_value(inCertKeyPair->privateKey, PR_TRUE);
         }
         if (inCertKeyPair->derPublicationInfo.data) {
             PORT_Free(inCertKeyPair->derPublicationInfo.data);
         }
         PORT_Free(inCertKeyPair);
     }
     return SECSuccess;
 }
 SECStatus
 cmmf_CopyCertResponse(PLArenaPool      *poolp,
 		      CMMFCertResponse *dest,
 		      CMMFCertResponse *src)
 {
     SECStatus rv;
     if (src->certReqId.data != NULL) {
         rv = SECITEM_CopyItem(poolp, &dest->certReqId, &src->certReqId);
 	if (rv != SECSuccess) {
 	    return rv;
 	}
     }
     rv = cmmf_CopyPKIStatusInfo(poolp, &dest->status, &src->status);
     if (rv != SECSuccess) {
         return rv;
     }
     if (src->certifiedKeyPair != NULL) {
 	CMMFCertifiedKeyPair *destKeyPair;
 	destKeyPair = (poolp == NULL) ? PORT_ZNew(CMMFCertifiedKeyPair) :
 	                        PORT_ArenaZNew(poolp, CMMFCertifiedKeyPair);
 	if (!destKeyPair) {
 	    return SECFailure;
 	}
 	rv = cmmf_CopyCertifiedKeyPair(poolp, destKeyPair,
 				       src->certifiedKeyPair);
 	if (rv != SECSuccess) {
 	    if (!poolp) {
 	        CMMF_DestroyCertifiedKeyPair(destKeyPair);
 	    }
 	    return rv;
 	}
 	dest->certifiedKeyPair = destKeyPair;
     }
     return SECSuccess;
 }
 static SECStatus
 cmmf_CopyCertOrEncCert(PLArenaPool *poolp, CMMFCertOrEncCert *dest,
 		       CMMFCertOrEncCert *src)
 {
     SECStatus           rv = SECSuccess;
     CRMFEncryptedValue *encVal;
     dest->choice = src->choice;
     rv = cmmf_copy_secitem(poolp, &dest->derValue, &src->derValue);
     switch (src->choice) {
     case cmmfCertificate:
         dest->cert.certificate = CERT_DupCertificate(src->cert.certificate);
 	break;
     case cmmfEncryptedCert:
  	encVal = (poolp == NULL) ? PORT_ZNew(CRMFEncryptedValue) :
 	                           PORT_ArenaZNew(poolp, CRMFEncryptedValue);
 	if (encVal == NULL) {
 	    return SECFailure;
 	}
         rv = crmf_copy_encryptedvalue(poolp, src->cert.encryptedCert, encVal);
 	if (rv != SECSuccess) {
 	    if (!poolp) {
 	        crmf_destroy_encrypted_value(encVal, PR_TRUE);
 	    }
 	    return rv;
 	}
 	dest->cert.encryptedCert = encVal;
 	break;
     default:
         rv = SECFailure;
     }
     return rv;
 }
 SECStatus
 cmmf_CopyCertifiedKeyPair(PLArenaPool *poolp, CMMFCertifiedKeyPair *dest,
 			  CMMFCertifiedKeyPair *src)
 {
     SECStatus rv;
     rv = cmmf_CopyCertOrEncCert(poolp, &dest->certOrEncCert,
 				&src->certOrEncCert);
     if (rv != SECSuccess) {
         return rv;
     }
     if (src->privateKey != NULL) {
 	CRMFEncryptedValue *encVal;
 	encVal = (poolp == NULL) ? PORT_ZNew(CRMFEncryptedValue) :
 	                           PORT_ArenaZNew(poolp, CRMFEncryptedValue);
 	if (encVal == NULL) {
 	    return SECFailure;
 	}
 	rv = crmf_copy_encryptedvalue(poolp, src->privateKey,
 				      encVal);
 	if (rv != SECSuccess) {
 	    if (!poolp) {
 	        crmf_destroy_encrypted_value(encVal, PR_TRUE);
 	    }
 	    return rv;
 	}
 	dest->privateKey = encVal;
     }
     rv = cmmf_copy_secitem(poolp, &dest->derPublicationInfo,
 			   &src->derPublicationInfo);
     return rv;
 }
 SECStatus
 cmmf_CopyPKIStatusInfo(PLArenaPool *poolp, CMMFPKIStatusInfo *dest,
 		       CMMFPKIStatusInfo *src)
 {
     SECStatus rv;
     rv = cmmf_copy_secitem (poolp, &dest->status, &src->status);
     if (rv != SECSuccess) {
         return rv;
     }
     rv = cmmf_copy_secitem (poolp, &dest->statusString, &src->statusString);
     if (rv != SECSuccess) {
         return rv;
     }
     rv = cmmf_copy_secitem (poolp, &dest->failInfo, &src->failInfo);
     return rv;
 }
 CERTCertificate*
 cmmf_CertOrEncCertGetCertificate(CMMFCertOrEncCert *certOrEncCert,
 				 CERTCertDBHandle  *certdb)
 {
     if (certOrEncCert->choice           != cmmfCertificate ||
 	certOrEncCert->cert.certificate == NULL) {
         return NULL;
     }
     return CERT_NewTempCertificate(certdb,
 				   &certOrEncCert->cert.certificate->derCert,
 				   NULL, PR_FALSE, PR_TRUE);
 }
 SECStatus
 cmmf_PKIStatusInfoSetStatus(CMMFPKIStatusInfo    *statusInfo,
 			    PLArenaPool          *poolp,
 			    CMMFPKIStatus         inStatus)
 {
     SECItem *dummy;
     if (inStatus <cmmfGranted || inStatus >= cmmfNumPKIStatus) {
         return SECFailure;
     }
     dummy = SEC_ASN1EncodeInteger(poolp, &statusInfo->status, inStatus);
     PORT_Assert(dummy == &statusInfo->status);
     if (dummy != &statusInfo->status) {
         SECITEM_FreeItem(dummy, PR_TRUE);
 	return SECFailure;
     }
     return SECSuccess;
 }

The Tor Browser / annotate

security/nss/lib/crmf/respcmn.c@b8a032363ba2 (annotated)

security/nss/lib/crmf/respcmn.c