1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/security/nss/lib/smime/cmsreclist.c Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,167 @@
1.4 +/* This Source Code Form is subject to the terms of the Mozilla Public
1.5 + * License, v. 2.0. If a copy of the MPL was not distributed with this
1.6 + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
1.7 +
1.8 +/*
1.9 + * CMS recipient list functions
1.10 + */
1.11 +
1.12 +#include "cmslocal.h"
1.13 +
1.14 +#include "cert.h"
1.15 +#include "key.h"
1.16 +#include "secasn1.h"
1.17 +#include "secitem.h"
1.18 +#include "secoid.h"
1.19 +#include "pk11func.h"
1.20 +#include "prtime.h"
1.21 +#include "secerr.h"
1.22 +
1.23 +static int
1.24 +nss_cms_recipients_traverse(NSSCMSRecipientInfo **recipientinfos, NSSCMSRecipient **recipient_list)
1.25 +{
1.26 + int count = 0;
1.27 + int rlindex = 0;
1.28 + int i, j;
1.29 + NSSCMSRecipient *rle;
1.30 + NSSCMSRecipientInfo *ri;
1.31 + NSSCMSRecipientEncryptedKey *rek;
1.32 +
1.33 + for (i = 0; recipientinfos[i] != NULL; i++) {
1.34 + ri = recipientinfos[i];
1.35 + switch (ri->recipientInfoType) {
1.36 + case NSSCMSRecipientInfoID_KeyTrans:
1.37 + if (recipient_list) {
1.38 + NSSCMSRecipientIdentifier *recipId =
1.39 + &ri->ri.keyTransRecipientInfo.recipientIdentifier;
1.40 +
1.41 + if (recipId->identifierType != NSSCMSRecipientID_IssuerSN &&
1.42 + recipId->identifierType != NSSCMSRecipientID_SubjectKeyID) {
1.43 + PORT_SetError(SEC_ERROR_INVALID_ARGS);
1.44 + return -1;
1.45 + }
1.46 + /* alloc one & fill it out */
1.47 + rle = (NSSCMSRecipient *)PORT_ZAlloc(sizeof(NSSCMSRecipient));
1.48 + if (!rle)
1.49 + return -1;
1.50 +
1.51 + rle->riIndex = i;
1.52 + rle->subIndex = -1;
1.53 + switch (recipId->identifierType) {
1.54 + case NSSCMSRecipientID_IssuerSN:
1.55 + rle->kind = RLIssuerSN;
1.56 + rle->id.issuerAndSN = recipId->id.issuerAndSN;
1.57 + break;
1.58 + case NSSCMSRecipientID_SubjectKeyID:
1.59 + rle->kind = RLSubjKeyID;
1.60 + rle->id.subjectKeyID = recipId->id.subjectKeyID;
1.61 + break;
1.62 + default: /* we never get here because of identifierType check
1.63 + we done before. Leaving it to kill compiler warning */
1.64 + break;
1.65 + }
1.66 + recipient_list[rlindex++] = rle;
1.67 + } else {
1.68 + count++;
1.69 + }
1.70 + break;
1.71 + case NSSCMSRecipientInfoID_KeyAgree:
1.72 + if (ri->ri.keyAgreeRecipientInfo.recipientEncryptedKeys == NULL)
1.73 + break;
1.74 + for (j=0; ri->ri.keyAgreeRecipientInfo.recipientEncryptedKeys[j] != NULL; j++) {
1.75 + if (recipient_list) {
1.76 + rek = ri->ri.keyAgreeRecipientInfo.recipientEncryptedKeys[j];
1.77 + /* alloc one & fill it out */
1.78 + rle = (NSSCMSRecipient *)PORT_ZAlloc(sizeof(NSSCMSRecipient));
1.79 + if (!rle)
1.80 + return -1;
1.81 +
1.82 + rle->riIndex = i;
1.83 + rle->subIndex = j;
1.84 + switch (rek->recipientIdentifier.identifierType) {
1.85 + case NSSCMSKeyAgreeRecipientID_IssuerSN:
1.86 + rle->kind = RLIssuerSN;
1.87 + rle->id.issuerAndSN = rek->recipientIdentifier.id.issuerAndSN;
1.88 + break;
1.89 + case NSSCMSKeyAgreeRecipientID_RKeyID:
1.90 + rle->kind = RLSubjKeyID;
1.91 + rle->id.subjectKeyID = rek->recipientIdentifier.id.recipientKeyIdentifier.subjectKeyIdentifier;
1.92 + break;
1.93 + }
1.94 + recipient_list[rlindex++] = rle;
1.95 + } else {
1.96 + count++;
1.97 + }
1.98 + }
1.99 + break;
1.100 + case NSSCMSRecipientInfoID_KEK:
1.101 + /* KEK is not implemented */
1.102 + break;
1.103 + }
1.104 + }
1.105 + /* if we have a recipient list, we return on success (-1, above, on failure) */
1.106 + /* otherwise, we return the count. */
1.107 + if (recipient_list) {
1.108 + recipient_list[rlindex] = NULL;
1.109 + return 0;
1.110 + } else {
1.111 + return count;
1.112 + }
1.113 +}
1.114 +
1.115 +NSSCMSRecipient **
1.116 +nss_cms_recipient_list_create(NSSCMSRecipientInfo **recipientinfos)
1.117 +{
1.118 + int count, rv;
1.119 + NSSCMSRecipient **recipient_list;
1.120 +
1.121 + /* count the number of recipient identifiers */
1.122 + count = nss_cms_recipients_traverse(recipientinfos, NULL);
1.123 + if (count <= 0) {
1.124 + /* no recipients? */
1.125 + PORT_SetError(SEC_ERROR_BAD_DATA);
1.126 +#if 0
1.127 + PORT_SetErrorString("Cannot find recipient data in envelope.");
1.128 +#endif
1.129 + return NULL;
1.130 + }
1.131 +
1.132 + /* allocate an array of pointers */
1.133 + recipient_list = (NSSCMSRecipient **)
1.134 + PORT_ZAlloc((count + 1) * sizeof(NSSCMSRecipient *));
1.135 + if (recipient_list == NULL)
1.136 + return NULL;
1.137 +
1.138 + /* now fill in the recipient_list */
1.139 + rv = nss_cms_recipients_traverse(recipientinfos, recipient_list);
1.140 + if (rv < 0) {
1.141 + nss_cms_recipient_list_destroy(recipient_list);
1.142 + return NULL;
1.143 + }
1.144 + return recipient_list;
1.145 +}
1.146 +
1.147 +void
1.148 +nss_cms_recipient_list_destroy(NSSCMSRecipient **recipient_list)
1.149 +{
1.150 + int i;
1.151 + NSSCMSRecipient *recipient;
1.152 +
1.153 + for (i=0; recipient_list[i] != NULL; i++) {
1.154 + recipient = recipient_list[i];
1.155 + if (recipient->cert)
1.156 + CERT_DestroyCertificate(recipient->cert);
1.157 + if (recipient->privkey)
1.158 + SECKEY_DestroyPrivateKey(recipient->privkey);
1.159 + if (recipient->slot)
1.160 + PK11_FreeSlot(recipient->slot);
1.161 + PORT_Free(recipient);
1.162 + }
1.163 + PORT_Free(recipient_list);
1.164 +}
1.165 +
1.166 +NSSCMSRecipientEncryptedKey *
1.167 +NSS_CMSRecipientEncryptedKey_Create(PLArenaPool *poolp)
1.168 +{
1.169 + return (NSSCMSRecipientEncryptedKey *)PORT_ArenaZAlloc(poolp, sizeof(NSSCMSRecipientEncryptedKey));
1.170 +}
