search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Import 1.9b4 NSS tag from cvs
[mozilla-nss.git] / security / nss / lib / crmf / crmfget.c
blob05d8e7d542f306fc38b8c69c163a530f32e7906e
1 /* -*- Mode: C; tab-width: 8 -*-*/
2 /* ***** BEGIN LICENSE BLOCK *****
3 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
4 *
5 * The contents of this file are subject to the Mozilla Public License Version
6 * 1.1 (the "License"); you may not use this file except in compliance with
7 * the License. You may obtain a copy of the License at
8 * http://www.mozilla.org/MPL/
9 *
10 * Software distributed under the License is distributed on an "AS IS" basis,
11 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
12 * for the specific language governing rights and limitations under the
13 * License.
14 *
15 * The Original Code is the Netscape security libraries.
16 *
17 * The Initial Developer of the Original Code is
18 * Netscape Communications Corporation.
19 * Portions created by the Initial Developer are Copyright (C) 1994-2000
20 * the Initial Developer. All Rights Reserved.
21 *
22 * Contributor(s):
23 *
24 * Alternatively, the contents of this file may be used under the terms of
25 * either the GNU General Public License Version 2 or later (the "GPL"), or
26 * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
27 * in which case the provisions of the GPL or the LGPL are applicable instead
28 * of those above. If you wish to allow use of your version of this file only
29 * under the terms of either the GPL or the LGPL, and not to allow others to
30 * use your version of this file under the terms of the MPL, indicate your
31 * decision by deleting the provisions above and replace them with the notice
32 * and other provisions required by the GPL or the LGPL. If you do not delete
33 * the provisions above, a recipient may use your version of this file under
34 * the terms of any one of the MPL, the GPL or the LGPL.
35 *
36 * ***** END LICENSE BLOCK ***** */
37
38 #include "crmf.h"
39 #include "crmfi.h"
40 #include "keyhi.h"
41 #include "secder.h"
42
43
44 CRMFPOPChoice
45 CRMF_CertReqMsgGetPOPType(CRMFCertReqMsg *inCertReqMsg)
46 {
47 PORT_Assert(inCertReqMsg != NULL);
48 if (inCertReqMsg != NULL && inCertReqMsg->pop != NULL) {
49 return inCertReqMsg->pop->popUsed;
50 }
51 return crmfNoPOPChoice;
52 }
53
54 static SECStatus
55 crmf_destroy_validity(CRMFOptionalValidity *inValidity, PRBool freeit)
56 {
57 if (inValidity != NULL){
58 if (inValidity->notBefore.data != NULL) {
59 PORT_Free(inValidity->notBefore.data);
60 }
61 if (inValidity->notAfter.data != NULL) {
62 PORT_Free(inValidity->notAfter.data);
63 }
64 if (freeit) {
65 PORT_Free(inValidity);
66 }
67 }
68 return SECSuccess;
69 }
70
71 static SECStatus
72 crmf_copy_cert_request_validity(PRArenaPool *poolp,
73 CRMFOptionalValidity **destValidity,
74 CRMFOptionalValidity *srcValidity)
75 {
76 CRMFOptionalValidity *myValidity = NULL;
77 SECStatus rv;
78
79 *destValidity = myValidity = (poolp == NULL) ?
80 PORT_ZNew(CRMFOptionalValidity) :
81 PORT_ArenaZNew(poolp, CRMFOptionalValidity);
82 if (myValidity == NULL) {
83 goto loser;
84 }
85 if (srcValidity->notBefore.data != NULL) {
86 rv = SECITEM_CopyItem(poolp, &myValidity->notBefore,
87 &srcValidity->notBefore);
88 if (rv != SECSuccess) {
89 goto loser;
90 }
91 }
92 if (srcValidity->notAfter.data != NULL) {
93 rv = SECITEM_CopyItem(poolp, &myValidity->notAfter,
94 &srcValidity->notAfter);
95 if (rv != SECSuccess) {
96 goto loser;
97 }
98 }
99 return SECSuccess;
100 loser:
101 if (myValidity != NULL && poolp == NULL) {
102 crmf_destroy_validity(myValidity, PR_TRUE);
103 }
104 return SECFailure;
105 }
106
107 static SECStatus
108 crmf_copy_extensions(PRArenaPool *poolp,
109 CRMFCertTemplate *destTemplate,
110 CRMFCertExtension **srcExt)
111 {
112 int numExt = 0, i;
113 CRMFCertExtension **myExtArray = NULL;
114
115 while (srcExt[numExt] != NULL) {
116 numExt++;
117 }
118 if (numExt == 0) {
119 /*No extensions to copy.*/
120 destTemplate->extensions = NULL;
121 destTemplate->numExtensions = 0;
122 return SECSuccess;
123 }
124 destTemplate->extensions = myExtArray =
125 PORT_NewArray(CRMFCertExtension*, numExt+1);
126 if (myExtArray == NULL) {
127 goto loser;
128 }
129
130 for (i=0; i<numExt; i++) {
131 myExtArray[i] = crmf_copy_cert_extension(poolp, srcExt[i]);
132 if (myExtArray[i] == NULL) {
133 goto loser;
134 }
135 }
136 destTemplate->numExtensions = numExt;
137 myExtArray[numExt] = NULL;
138 return SECSuccess;
139 loser:
140 if (myExtArray != NULL) {
141 if (poolp == NULL) {
142 for (i=0; myExtArray[i] != NULL; i++) {
143 CRMF_DestroyCertExtension(myExtArray[i]);
144 }
145 }
146 PORT_Free(myExtArray);
147 }
148 destTemplate->extensions = NULL;
149 destTemplate->numExtensions = 0;
150 return SECFailure;
151 }
152
153 static SECStatus
154 crmf_copy_cert_request_template(PRArenaPool *poolp,
155 CRMFCertTemplate *destTemplate,
156 CRMFCertTemplate *srcTemplate)
157 {
158 SECStatus rv;
159
160 if (srcTemplate->version.data != NULL) {
161 rv = SECITEM_CopyItem(poolp, &destTemplate->version,
162 &srcTemplate->version);
163 if (rv != SECSuccess) {
164 goto loser;
165 }
166 }
167 if (srcTemplate->serialNumber.data != NULL) {
168 rv = SECITEM_CopyItem(poolp, &destTemplate->serialNumber,
169 &srcTemplate->serialNumber);
170 if (rv != SECSuccess) {
171 goto loser;
172 }
173 }
174 if (srcTemplate->signingAlg != NULL) {
175 rv = crmf_template_copy_secalg(poolp, &destTemplate->signingAlg,
176 srcTemplate->signingAlg);
177 if (rv != SECSuccess) {
178 goto loser;
179 }
180 }
181 if (srcTemplate->issuer != NULL) {
182 rv = crmf_copy_cert_name(poolp, &destTemplate->issuer,
183 srcTemplate->issuer);
184 if (rv != SECSuccess) {
185 goto loser;
186 }
187 }
188 if (srcTemplate->validity != NULL) {
189 rv = crmf_copy_cert_request_validity(poolp, &destTemplate->validity,
190 srcTemplate->validity);
191 if (rv != SECSuccess) {
192 goto loser;
193 }
194 }
195 if (srcTemplate->subject != NULL) {
196 rv = crmf_copy_cert_name(poolp, &destTemplate->subject,
197 srcTemplate->subject);
198 if (rv != SECSuccess) {
199 goto loser;
200 }
201 }
202 if (srcTemplate->publicKey != NULL) {
203 rv = crmf_template_add_public_key(poolp, &destTemplate->publicKey,
204 srcTemplate->publicKey);
205 if (rv != SECSuccess) {
206 goto loser;
207 }
208 }
209 if (srcTemplate->issuerUID.data != NULL) {
210 rv = crmf_make_bitstring_copy(poolp, &destTemplate->issuerUID,
211 &srcTemplate->issuerUID);
212 if (rv != SECSuccess) {
213 goto loser;
214 }
215 }
216 if (srcTemplate->subjectUID.data != NULL) {
217 rv = crmf_make_bitstring_copy(poolp, &destTemplate->subjectUID,
218 &srcTemplate->subjectUID);
219 if (rv != SECSuccess) {
220 goto loser;
221 }
222 }
223 if (srcTemplate->extensions != NULL) {
224 rv = crmf_copy_extensions(poolp, destTemplate,
225 srcTemplate->extensions);
226 if (rv != SECSuccess) {
227 goto loser;
228 }
229 }
230 return SECSuccess;
231 loser:
232 return SECFailure;
233 }
234
235 static CRMFControl*
236 crmf_copy_control(PRArenaPool *poolp, CRMFControl *srcControl)
237 {
238 CRMFControl *newControl;
239 SECStatus rv;
240
241 newControl = (poolp == NULL) ? PORT_ZNew(CRMFControl) :
242 PORT_ArenaZNew(poolp, CRMFControl);
243 if (newControl == NULL) {
244 goto loser;
245 }
246 newControl->tag = srcControl->tag;
247 rv = SECITEM_CopyItem(poolp, &newControl->derTag, &srcControl->derTag);
248 if (rv != SECSuccess) {
249 goto loser;
250 }
251 rv = SECITEM_CopyItem(poolp, &newControl->derValue, &srcControl->derValue);
252 if (rv != SECSuccess) {
253 goto loser;
254 }
255 /* We only handle PKIArchiveOptions Control right now. But if in
256 * the future, more controls that are part of the union are added,
257 * then they need to be handled here as well.
258 */
259 switch (newControl->tag) {
260 case SEC_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS:
261 rv = crmf_copy_pkiarchiveoptions(poolp,
262 &newControl->value.archiveOptions,
263 &srcControl->value.archiveOptions);
264 break;
265 default:
266 rv = SECSuccess;
267 }
268 if (rv != SECSuccess) {
269 goto loser;
270 }
271 return newControl;
272
273 loser:
274 if (poolp == NULL && newControl != NULL) {
275 CRMF_DestroyControl(newControl);
276 }
277 return NULL;
278 }
279
280 static SECStatus
281 crmf_copy_cert_request_controls(PRArenaPool *poolp,
282 CRMFCertRequest *destReq,
283 CRMFCertRequest *srcReq)
284 {
285 int numControls, i;
286 CRMFControl **myControls = NULL;
287
288 numControls = CRMF_CertRequestGetNumControls(srcReq);
289 if (numControls == 0) {
290 /* No Controls To Copy*/
291 return SECSuccess;
292 }
293 myControls = destReq->controls = PORT_NewArray(CRMFControl*,
294 numControls+1);
295 if (myControls == NULL) {
296 goto loser;
297 }
298 for (i=0; i<numControls; i++) {
299 myControls[i] = crmf_copy_control(poolp, srcReq->controls[i]);
300 if (myControls[i] == NULL) {
301 goto loser;
302 }
303 }
304 myControls[numControls] = NULL;
305 return SECSuccess;
306 loser:
307 if (myControls != NULL) {
308 if (poolp == NULL) {
309 for (i=0; myControls[i] != NULL; i++) {
310 CRMF_DestroyControl(myControls[i]);
311 }
312 }
313 PORT_Free(myControls);
314 }
315 return SECFailure;
316 }
317
318
319 CRMFCertRequest*
320 crmf_copy_cert_request(PRArenaPool *poolp, CRMFCertRequest *srcReq)
321 {
322 CRMFCertRequest *newReq = NULL;
323 SECStatus rv;
324
325 if (srcReq == NULL) {
326 return NULL;
327 }
328 newReq = (poolp == NULL) ? PORT_ZNew(CRMFCertRequest) :
329 PORT_ArenaZNew(poolp, CRMFCertRequest);
330 if (newReq == NULL) {
331 goto loser;
332 }
333 rv = SECITEM_CopyItem(poolp, &newReq->certReqId, &srcReq->certReqId);
334 if (rv != SECSuccess) {
335 goto loser;
336 }
337 rv = crmf_copy_cert_request_template(poolp, &newReq->certTemplate,
338 &srcReq->certTemplate);
339 if (rv != SECSuccess) {
340 goto loser;
341 }
342 rv = crmf_copy_cert_request_controls(poolp, newReq, srcReq);
343 if (rv != SECSuccess) {
344 goto loser;
345 }
346 return newReq;
347 loser:
348 if (newReq != NULL && poolp == NULL) {
349 CRMF_DestroyCertRequest(newReq);
350 PORT_Free(newReq);
351 }
352 return NULL;
353 }
354
355 SECStatus
356 CRMF_DestroyGetValidity(CRMFGetValidity *inValidity)
357 {
358 PORT_Assert(inValidity != NULL);
359 if (inValidity != NULL) {
360 if (inValidity->notAfter) {
361 PORT_Free(inValidity->notAfter);
362 inValidity->notAfter = NULL;
363 }
364 if (inValidity->notBefore) {
365 PORT_Free(inValidity->notBefore);
366 inValidity->notBefore = NULL;
367 }
368 }
369 return SECSuccess;
370 }
371
372 SECStatus
373 crmf_make_bitstring_copy(PRArenaPool *arena, SECItem *dest, SECItem *src)
374 {
375 int origLenBits;
376 int bytesToCopy;
377 SECStatus rv;
378
379 origLenBits = src->len;
380 bytesToCopy = CRMF_BITS_TO_BYTES(origLenBits);
381 src->len = bytesToCopy;
382 rv = SECITEM_CopyItem(arena, dest, src);
383 src->len = origLenBits;
384 if (rv != SECSuccess) {
385 return rv;
386 }
387 dest->len = origLenBits;
388 return SECSuccess;
389 }
390
391 int
392 CRMF_CertRequestGetNumberOfExtensions(CRMFCertRequest *inCertReq)
393 {
394 CRMFCertTemplate *certTemplate;
395 int count = 0;
396
397 certTemplate = &inCertReq->certTemplate;
398 if (certTemplate->extensions) {
399 while (certTemplate->extensions[count] != NULL)
400 count++;
401 }
402 return count;
403 }
404
405 SECOidTag
406 CRMF_CertExtensionGetOidTag(CRMFCertExtension *inExtension)
407 {
408 PORT_Assert(inExtension != NULL);
409 if (inExtension == NULL) {
410 return SEC_OID_UNKNOWN;
411 }
412 return SECOID_FindOIDTag(&inExtension->id);
413 }
414
415 PRBool
416 CRMF_CertExtensionGetIsCritical(CRMFCertExtension *inExt)
417 {
418 PORT_Assert(inExt != NULL);
419 if (inExt == NULL) {
420 return PR_FALSE;
421 }
422 return inExt->critical.data != NULL;
423 }
424
425 SECItem*
426 CRMF_CertExtensionGetValue(CRMFCertExtension *inExtension)
427 {
428 PORT_Assert(inExtension != NULL);
429 if (inExtension == NULL) {
430 return NULL;
431 }
432
433 return SECITEM_DupItem(&inExtension->value);
434 }
435
436
437 SECStatus
438 CRMF_DestroyPOPOSigningKey(CRMFPOPOSigningKey *inKey)
439 {
440 PORT_Assert(inKey != NULL);
441 if (inKey != NULL) {
442 if (inKey->derInput.data != NULL) {
443 SECITEM_FreeItem(&inKey->derInput, PR_FALSE);
444 }
445 if (inKey->algorithmIdentifier != NULL) {
446 SECOID_DestroyAlgorithmID(inKey->algorithmIdentifier, PR_TRUE);
447 }
448 if (inKey->signature.data != NULL) {
449 SECITEM_FreeItem(&inKey->signature, PR_FALSE);
450 }
451 PORT_Free(inKey);
452 }
453 return SECSuccess;
454 }
455
456 SECStatus
457 CRMF_DestroyPOPOPrivKey(CRMFPOPOPrivKey *inPrivKey)
458 {
459 PORT_Assert(inPrivKey != NULL);
460 if (inPrivKey != NULL) {
461 SECITEM_FreeItem(&inPrivKey->message.thisMessage, PR_FALSE);
462 PORT_Free(inPrivKey);
463 }
464 return SECSuccess;
465 }
466
467 int
468 CRMF_CertRequestGetNumControls(CRMFCertRequest *inCertReq)
469 {
470 int count = 0;
471
472 PORT_Assert(inCertReq != NULL);
473 if (inCertReq == NULL) {
474 return 0;
475 }
476 if (inCertReq->controls) {
477 while (inCertReq->controls[count] != NULL)
478 count++;
479 }
480 return count;
481 }
482
Mozilla NSS module