| blob | 15cdd361b1081ce5cd40e818a0adfeeab49340ee |
1 /* ***** BEGIN LICENSE BLOCK *****
2 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
3 *
4 * The contents of this file are subject to the Mozilla Public License Version
5 * 1.1 (the "License"); you may not use this file except in compliance with
6 * the License. You may obtain a copy of the License at
7 * http://www.mozilla.org/MPL/
8 *
9 * Software distributed under the License is distributed on an "AS IS" basis,
10 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
11 * for the specific language governing rights and limitations under the
12 * License.
13 *
14 * The Original Code is the Netscape security libraries.
15 *
16 * The Initial Developer of the Original Code is
17 * Netscape Communications Corporation.
18 * Portions created by the Initial Developer are Copyright (C) 1994-2000
19 * the Initial Developer. All Rights Reserved.
20 *
21 * Contributor(s):
22 * Sun Microsystems
23 *
24 * Alternatively, the contents of this file may be used under the terms of
25 * either the GNU General Public License Version 2 or later (the "GPL"), or
26 * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
27 * in which case the provisions of the GPL or the LGPL are applicable instead
28 * of those above. If you wish to allow use of your version of this file only
29 * under the terms of either the GPL or the LGPL, and not to allow others to
30 * use your version of this file under the terms of the MPL, indicate your
31 * decision by deleting the provisions above and replace them with the notice
32 * and other provisions required by the GPL or the LGPL. If you do not delete
33 * the provisions above, a recipient may use your version of this file under
34 * the terms of any one of the MPL, the GPL or the LGPL.
35 *
36 * ***** END LICENSE BLOCK ***** */
37 /*
38 * pkix_pl_x500name.c
39 *
40 * X500Name Object Functions
41 *
42 */
46 /* --Private-X500Name-Functions------------------------------------- */
48 /*
49 * FUNCTION: pkix_pl_X500Name_CompareDERBytes
50 * DESCRIPTION:
51 *
52 * Checks whether the DER encoding of the X500Name pointed to by
53 * "firstX500Name" is byte-for-byte equal with the DER encoding of the
54 * X500Name pointed to by "secondX500Name" and stores the Boolean result at
55 * "pResult".
56 *
57 * PARAMETERS
58 * "firstX500Name"
59 * Address of first X500Name. Must be non-NULL.
60 * "secondX500Name"
61 * Address of second X500Name. Must be non-NULL.
62 * "pResult"
63 * Address where Boolean will be stored. Must be non-NULL.
64 * "plContext"
65 * Platform-specific context pointer.
66 * THREAD SAFETY:
67 * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
68 * RETURNS:
69 * Returns NULL if the function succeeds.
70 * Returns a X500Name Error if the function fails in a non-fatal way.
71 * Returns a Fatal Error if the function fails in an unrecoverable way.
72 */
79 {
91 SECComparison rv;
104 /* if array of rdn's not same length, names can't be equal */
110 }
118 }
124 /* if array of ava's not same length, names can't be equal */
130 }
138 }
146 }
154 }
155 }
156 }
160 cleanup:
163 }
165 /*
166 * FUNCTION: pkix_pl_X500Name_ToString_Helper
167 * DESCRIPTION:
168 *
169 * Helper function that creates a string representation of the X500Name
170 * pointed to by "name" and stores it at "pString".
171 *
172 * PARAMETERS
173 * "name"
174 * Address of X500Name whose string representation is desired.
175 * Must be non-NULL.
176 * "pString"
177 * Address where object pointer will be stored. Must be non-NULL.
178 * "plContext" - Platform-specific context pointer.
179 * THREAD SAFETY:
180 * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
181 * RETURNS:
182 * Returns NULL if the function succeeds.
183 * Returns a X500Name Error if the function fails in a non-fatal way.
184 * Returns a Fatal Error if the function fails in an unrecoverable way.
185 */
191 {
194 PKIX_UInt32 utf8Length;
201 /* this should really be called CERT_NameToUTF8 */
205 }
212 PKIX_STRINGCREATEFAILED);
214 cleanup:
219 }
221 /*
222 * FUNCTION: pkix_pl_X500Name_Destroy
223 * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
224 */
229 {
236 PKIX_OBJECTNOTANX500NAME);
244 cleanup:
247 }
249 /*
250 * FUNCTION: pkix_pl_X500Name_ToString
251 * (see comments for PKIX_PL_ToStringCallback in pkix_pl_system.h)
252 */
258 {
266 PKIX_OBJECTNOTANX500NAME);
272 PKIX_X500NAMETOSTRINGHELPERFAILED);
276 cleanup:
279 }
281 /*
282 * FUNCTION: pkix_pl_X500Name_Hashcode
283 * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
284 */
290 {
295 PKIX_UInt32 nameHash;
302 PKIX_OBJECTNOTANX500NAME);
306 /* we hash over the bytes in the DER encoding */
314 }
320 }
323 resultSecItem =
328 }
332 PKIX_HASHFAILED);
336 cleanup:
339 /* Note that freeing the arena also frees derBytes */
342 }
345 }
348 /*
349 * FUNCTION: pkix_pl_X500Name_Equals
350 * (see comments for PKIX_PL_Equals_Callback in pkix_pl_system.h)
351 */
358 {
361 PKIX_UInt32 secondType;
366 /* test that firstObject is an X500Name */
368 PKIX_FIRSTOBJECTARGUMENTNOTANX500NAME);
370 /*
371 * Since we know firstObject is an X500Name, if both references are
372 * identical, they must be equal
373 */
377 }
379 /*
380 * If secondObject isn't an X500Name, we don't throw an error.
381 * We simply return a Boolean result of FALSE
382 */
386 PKIX_COULDNOTGETTYPEOFSECONDARGUMENT);
392 /* we simply do byte comparison on DER encodings of DN's */
395 PKIX_X500NAMECOMPAREDERBYTESFAILED);
397 cleanup:
400 }
402 /*
403 * FUNCTION: pkix_pl_X500Name_RegisterSelf
404 * DESCRIPTION:
405 * Registers PKIX_X500NAME_TYPE and its related functions with systemClasses[]
406 * THREAD SAFETY:
407 * Not Thread Safe - for performance and complexity reasons
408 *
409 * Since this function is only called by PKIX_PL_Initialize, which should
410 * only be called once, it is acceptable that this function is not
411 * thread-safe.
412 */
413 PKIX_Error *
415 {
418 pkix_ClassTable_Entry entry;
433 }
435 /* --Public-Functions------------------------------------------------------- */
437 /*
438 * FUNCTION: PKIX_PL_X500Name_Create (see comments in pkix_pl_pki.h)
439 */
440 PKIX_Error *
445 {
449 PKIX_UInt32 utf8Length;
454 /*
455 * convert the input PKIX_PL_String to PKIX_UTF8_NULL_TERM.
456 * we need to use this format specifier because
457 * CERT_AsciiToName expects a NULL-terminated UTF8 string.
458 * Since UTF8 allow NUL characters in the middle of the
459 * string, this is buggy. However, as a workaround, using
460 * PKIX_UTF8_NULL_TERM gives us a NULL-terminated UTF8 string.
461 */
465 PKIX_UTF8_NULL_TERM,
468 plContext),
469 PKIX_STRINGGETENCODEDFAILED);
472 /* this should be really be called CERT_UTF8ToName */
476 }
478 /* create a PKIX_PL_X500Name object */
483 plContext),
484 PKIX_COULDNOTCREATEX500NAMEOBJECT);
486 /* populate the nssDN field */
491 cleanup:
499 }
502 }
504 /*
505 * FUNCTION: PKIX_PL_X500Name_Match (see comments in pkix_pl_pki.h)
506 */
507 PKIX_Error *
513 {
516 SECComparison cmpResult;
524 }
536 cleanup:
539 }
541 /*
542 * FUNCTION: pkix_pl_X500Name_GetSECName
543 *
544 * DESCRIPTION:
545 * Encodes as a SECItem the CERTName embodied by the X500Name object pointed
546 * to by "xname", using the arena pointed to by "arena", and stores the result
547 * at "pSECName". If the name cannot be successfully encoded, NULL is stored
548 * at "pSECName".
549 *
550 * PARAMETERS:
551 * "xname"
552 * Address of X500Name whose CERTName flag is to be encoded. Must be
553 * non-NULL.
554 * "arena"
555 * Address of the PRArenaPool to be used in the encoding, and in which
556 * "pSECName" will be allocated. Must be non-NULL.
557 * "pSECName"
558 * Address where result will be stored. Must be non-NULL.
559 * "plContext"
560 * Platform-specific context pointer.
561 *
562 * THREAD SAFETY:
563 * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
564 *
565 * RETURNS:
566 * Returns NULL if the function succeeds.
567 * Returns a Fatal Error if the function fails in an unrecoverable way.
568 */
569 PKIX_Error *
575 {
581 /*
582 * SEC_ASN1EncodeItem returns NULL if unsuccessful. We just
583 * store the NULL result.
584 */
589 }
591 /*
592 * FUNCTION: pkix_pl_X500Name_CreateFromUtf8
593 *
594 * DESCRIPTION:
595 * Creates an X500Name object from the RFC1485 string representation pointed
596 * to by "stringRep", and stores the result at "pName". If the string cannot
597 * be successfully converted, a non-fatal error is returned.
598 *
599 * PARAMETERS:
600 * "stringRep"
601 * Address of the RFC1485 string to be converted. Must be non-NULL.
602 * "pName"
603 * Address where the X500Name result will be stored. Must be non-NULL.
604 * "plContext"
605 * Platform-specific context pointer.
606 *
607 * THREAD SAFETY:
608 * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
609 *
610 * RETURNS:
611 * Returns NULL if the function succeeds.
612 * Returns an X500NAME Error if the function fails in a non-fatal way.
613 * Returns a Fatal Error if the function fails in an unrecoverable way.
614 */
615 PKIX_Error *
620 {
631 }
633 /* create a PKIX_PL_X500Name object */
638 plContext),
639 PKIX_COULDNOTCREATEX500NAMEOBJECT);
641 /* populate the nssDN field */
646 cleanup:
652 }
655 }
657 /*
658 * FUNCTION: pkix_pl_X500Name_GetCommonName
659 *
660 * DESCRIPTION:
661 * Extracts the CommonName component of the X500Name object pointed to by
662 * "xname", and stores the result at "pCommonName". If the CommonName cannot
663 * be successfully extracted, NULL is stored at "pCommonName".
664 *
665 * The returned string must be freed with PORT_Free.
666 *
667 * PARAMETERS:
668 * "xname"
669 * Address of X500Name whose CommonName is to be extracted. Must be
670 * non-NULL.
671 * "pCommonName"
672 * Address where result will be stored. Must be non-NULL.
673 * "plContext"
674 * Platform-specific context pointer.
675 *
676 * THREAD SAFETY:
677 * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
678 *
679 * RETURNS:
680 * Returns NULL if the function succeeds.
681 * Returns a Fatal Error if the function fails in an unrecoverable way.
682 */
683 PKIX_Error *
688 {
692 PKIX_PL_NSSCALLRV
699 }
701 /*
702 * FUNCTION: pkix_pl_X500Name_GetCountryName
703 *
704 * DESCRIPTION:
705 * Extracts the CountryName component of the X500Name object pointed to by
706 * "xname", and stores the result at "pCountryName". If the CountryName cannot
707 * be successfully extracted, NULL is stored at "pCountryName".
708 *
709 * The returned string must be freed with PORT_Free.
710 *
711 * PARAMETERS:
712 * "xname"
713 * Address of X500Name whose CountryName is to be extracted. Must be
714 * non-NULL.
715 * "pCountryName"
716 * Address where result will be stored. Must be non-NULL.
717 * "plContext"
718 * Platform-specific context pointer.
719 *
720 * THREAD SAFETY:
721 * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
722 *
723 * RETURNS:
724 * Returns NULL if the function succeeds.
725 * Returns a Fatal Error if the function fails in an unrecoverable way.
726 */
727 PKIX_Error *
732 {
736 PKIX_PL_NSSCALLRV
743 }
745 /*
746 * FUNCTION: pkix_pl_X500Name_GetOrgName
747 *
748 * DESCRIPTION:
749 * Extracts the OrganizationName component of the X500Name object pointed to by
750 * "xname", and stores the result at "pOrgName". If the OrganizationName cannot
751 * be successfully extracted, NULL is stored at "pOrgName".
752 *
753 * The returned string must be freed with PORT_Free.
754 *
755 * PARAMETERS:
756 * "xname"
757 * Address of X500Name whose OrganizationName is to be extracted. Must be
758 * non-NULL.
759 * "pOrgName"
760 * Address where result will be stored. Must be non-NULL.
761 * "plContext"
762 * Platform-specific context pointer.
763 *
764 * THREAD SAFETY:
765 * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
766 *
767 * RETURNS:
768 * Returns NULL if the function succeeds.
769 * Returns a Fatal Error if the function fails in an unrecoverable way.
770 */
771 PKIX_Error *
776 {
780 PKIX_PL_NSSCALLRV
787 }
788 PKIX_Error *
793 {
800 }