security/nss/lib/crmf/cmmfresp.c@b8a032363ba2
security/nss/lib/crmf/cmmfresp.c
Thu, 22 Jan 2015 13:21:57 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Thu, 22 Jan 2015 13:21:57 +0100
- branch
- TOR_BUG_9701
- changeset 15
- b8a032363ba2
- permissions
- -rw-r--r--
Incorporate requested changes from Mozilla in review:
https://bugzilla.mozilla.org/show_bug.cgi?id=1123480#c6
1 /* -*- Mode: C; tab-width: 8 -*-*/
2 /* This Source Code Form is subject to the terms of the Mozilla Public
3 * License, v. 2.0. If a copy of the MPL was not distributed with this
4 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
6 /*
7 * This file will contain all routines dealing with creating a
8 * CMMFCertRepContent structure through Create/Set functions.
9 */
11 #include "cmmf.h"
12 #include "cmmfi.h"
13 #include "crmf.h"
14 #include "crmfi.h"
15 #include "secitem.h"
16 #include "secder.h"
18 CMMFCertRepContent*
19 CMMF_CreateCertRepContent(void)
20 {
21 CMMFCertRepContent *retCertRep;
22 PLArenaPool *poolp;
24 poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
25 if (poolp == NULL) {
26 goto loser;
27 }
28 retCertRep = PORT_ArenaZNew(poolp, CMMFCertRepContent);
29 if (retCertRep == NULL) {
30 goto loser;
31 }
32 retCertRep->poolp = poolp;
33 return retCertRep;
34 loser:
35 if (poolp != NULL) {
36 PORT_FreeArena(poolp, PR_FALSE);
37 }
38 return NULL;
39 }
41 SECStatus
42 cmmf_CertOrEncCertSetCertificate(CMMFCertOrEncCert *certOrEncCert,
43 PLArenaPool *poolp,
44 CERTCertificate *inCert)
45 {
46 SECItem *derDest = NULL;
47 SECStatus rv = SECFailure;
49 if (inCert->derCert.data == NULL) {
50 derDest = SEC_ASN1EncodeItem(NULL, NULL, inCert,
51 CMMFCertOrEncCertCertificateTemplate);
52 if (derDest == NULL) {
53 goto loser;
54 }
55 } else {
56 derDest = SECITEM_DupItem(&inCert->derCert);
57 if (derDest == NULL) {
58 goto loser;
59 }
60 }
61 PORT_Assert(certOrEncCert->cert.certificate == NULL);
62 certOrEncCert->cert.certificate = CERT_DupCertificate(inCert);
63 certOrEncCert->choice = cmmfCertificate;
64 if (poolp != NULL) {
65 rv = SECITEM_CopyItem(poolp, &certOrEncCert->derValue, derDest);
66 if (rv != SECSuccess) {
67 goto loser;
68 }
69 } else {
70 certOrEncCert->derValue = *derDest;
71 }
72 PORT_Free(derDest);
73 return SECSuccess;
74 loser:
75 if (derDest != NULL) {
76 SECITEM_FreeItem(derDest, PR_TRUE);
77 }
78 return rv;
79 }
81 SECStatus
82 cmmf_ExtractCertsFromList(CERTCertList *inCertList,
83 PLArenaPool *poolp,
84 CERTCertificate ***certArray)
85 {
86 CERTCertificate **arrayLocalCopy;
87 CERTCertListNode *node;
88 int numNodes = 0, i;
90 for (node = CERT_LIST_HEAD(inCertList); !CERT_LIST_END(node, inCertList);
91 node = CERT_LIST_NEXT(node)) {
92 numNodes++;
93 }
95 arrayLocalCopy = *certArray = (poolp == NULL) ?
96 PORT_NewArray(CERTCertificate*, (numNodes+1)) :
97 PORT_ArenaNewArray(poolp, CERTCertificate*, (numNodes+1));
98 if (arrayLocalCopy == NULL) {
99 return SECFailure;
100 }
101 for (node = CERT_LIST_HEAD(inCertList), i=0;
102 !CERT_LIST_END(node, inCertList);
103 node = CERT_LIST_NEXT(node), i++) {
104 arrayLocalCopy[i] = CERT_DupCertificate(node->cert);
105 if (arrayLocalCopy[i] == NULL) {
106 int j;
108 for (j=0; j<i; j++) {
109 CERT_DestroyCertificate(arrayLocalCopy[j]);
110 }
111 if (poolp == NULL) {
112 PORT_Free(arrayLocalCopy);
113 }
114 *certArray = NULL;
115 return SECFailure;
116 }
117 }
118 arrayLocalCopy[numNodes] = NULL;
119 return SECSuccess;
120 }
122 SECStatus
123 CMMF_CertRepContentSetCertResponses(CMMFCertRepContent *inCertRepContent,
124 CMMFCertResponse **inCertResponses,
125 int inNumResponses)
126 {
127 PLArenaPool *poolp;
128 CMMFCertResponse **respArr, *newResp;
129 void *mark;
130 SECStatus rv;
131 int i;
133 PORT_Assert (inCertRepContent != NULL &&
134 inCertResponses != NULL &&
135 inNumResponses > 0);
136 if (inCertRepContent == NULL ||
137 inCertResponses == NULL ||
138 inCertRepContent->response != NULL) {
139 return SECFailure;
140 }
141 poolp = inCertRepContent->poolp;
142 mark = PORT_ArenaMark(poolp);
143 respArr = inCertRepContent->response =
144 PORT_ArenaZNewArray(poolp, CMMFCertResponse*, (inNumResponses+1));
145 if (respArr == NULL) {
146 goto loser;
147 }
148 for (i=0; i<inNumResponses; i++) {
149 newResp = PORT_ArenaZNew(poolp, CMMFCertResponse);
150 if (newResp == NULL) {
151 goto loser;
152 }
153 rv = cmmf_CopyCertResponse(poolp, newResp, inCertResponses[i]);
154 if (rv != SECSuccess) {
155 goto loser;
156 }
157 respArr[i] = newResp;
158 }
159 respArr[inNumResponses] = NULL;
160 PORT_ArenaUnmark(poolp, mark);
161 return SECSuccess;
163 loser:
164 PORT_ArenaRelease(poolp, mark);
165 return SECFailure;
166 }
168 CMMFCertResponse*
169 CMMF_CreateCertResponse(long inCertReqId)
170 {
171 SECItem *dummy;
172 CMMFCertResponse *newResp;
174 newResp = PORT_ZNew(CMMFCertResponse);
175 if (newResp == NULL) {
176 goto loser;
177 }
178 dummy = SEC_ASN1EncodeInteger(NULL, &newResp->certReqId, inCertReqId);
179 if (dummy != &newResp->certReqId) {
180 goto loser;
181 }
182 return newResp;
184 loser:
185 if (newResp != NULL) {
186 CMMF_DestroyCertResponse(newResp);
187 }
188 return NULL;
189 }
191 SECStatus
192 CMMF_CertResponseSetPKIStatusInfoStatus(CMMFCertResponse *inCertResp,
193 CMMFPKIStatus inPKIStatus)
194 {
195 PORT_Assert (inCertResp != NULL && inPKIStatus >= cmmfGranted
196 && inPKIStatus < cmmfNumPKIStatus);
198 if (inCertResp == NULL) {
199 return SECFailure;
200 }
201 return cmmf_PKIStatusInfoSetStatus(&inCertResp->status, NULL,
202 inPKIStatus);
203 }
205 SECStatus
206 CMMF_CertResponseSetCertificate (CMMFCertResponse *inCertResp,
207 CERTCertificate *inCertificate)
208 {
209 CMMFCertifiedKeyPair *keyPair = NULL;
210 SECStatus rv = SECFailure;
212 PORT_Assert(inCertResp != NULL && inCertificate != NULL);
213 if (inCertResp == NULL || inCertificate == NULL) {
214 return SECFailure;
215 }
216 if (inCertResp->certifiedKeyPair == NULL) {
217 keyPair = inCertResp->certifiedKeyPair =
218 PORT_ZNew(CMMFCertifiedKeyPair);
219 } else {
220 keyPair = inCertResp->certifiedKeyPair;
221 }
222 if (keyPair == NULL) {
223 goto loser;
224 }
225 rv = cmmf_CertOrEncCertSetCertificate(&keyPair->certOrEncCert, NULL,
226 inCertificate);
227 if (rv != SECSuccess) {
228 goto loser;
229 }
230 return SECSuccess;
231 loser:
232 if (keyPair) {
233 if (keyPair->certOrEncCert.derValue.data) {
234 PORT_Free(keyPair->certOrEncCert.derValue.data);
235 }
236 PORT_Free(keyPair);
237 }
238 return rv;
239 }
242 SECStatus
243 CMMF_CertRepContentSetCAPubs(CMMFCertRepContent *inCertRepContent,
244 CERTCertList *inCAPubs)
245 {
246 PLArenaPool *poolp;
247 void *mark;
248 SECStatus rv;
250 PORT_Assert(inCertRepContent != NULL &&
251 inCAPubs != NULL &&
252 inCertRepContent->caPubs == NULL);
254 if (inCertRepContent == NULL ||
255 inCAPubs == NULL || inCertRepContent == NULL) {
256 return SECFailure;
257 }
259 poolp = inCertRepContent->poolp;
260 mark = PORT_ArenaMark(poolp);
262 rv = cmmf_ExtractCertsFromList(inCAPubs, poolp,
263 &inCertRepContent->caPubs);
265 if (rv != SECSuccess) {
266 PORT_ArenaRelease(poolp, mark);
267 } else {
268 PORT_ArenaUnmark(poolp, mark);
269 }
270 return rv;
271 }
273 CERTCertificate*
274 CMMF_CertifiedKeyPairGetCertificate(CMMFCertifiedKeyPair *inCertKeyPair,
275 CERTCertDBHandle *inCertdb)
276 {
277 PORT_Assert(inCertKeyPair != NULL);
278 if (inCertKeyPair == NULL) {
279 return NULL;
280 }
281 return cmmf_CertOrEncCertGetCertificate(&inCertKeyPair->certOrEncCert,
282 inCertdb);
283 }
