tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

cmmfresp.c (7870B)

      1 /* -*- Mode: C; tab-width: 8 -*-*/
      2 /* This Source Code Form is subject to the terms of the Mozilla Public
      3 * License, v. 2.0. If a copy of the MPL was not distributed with this
      4 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
      5 
      6 /*
      7 * This file will contain all routines dealing with creating a
      8 * CMMFCertRepContent structure through Create/Set functions.
      9 */
     10 
     11 #include "cmmf.h"
     12 #include "cmmfi.h"
     13 #include "crmf.h"
     14 #include "crmfi.h"
     15 #include "secitem.h"
     16 #include "secder.h"
     17 
     18 CMMFCertRepContent *
     19 CMMF_CreateCertRepContent(void)
     20 {
     21    CMMFCertRepContent *retCertRep;
     22    PLArenaPool *poolp;
     23 
     24    poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
     25    if (poolp == NULL) {
     26        goto loser;
     27    }
     28    retCertRep = PORT_ArenaZNew(poolp, CMMFCertRepContent);
     29    if (retCertRep == NULL) {
     30        goto loser;
     31    }
     32    retCertRep->poolp = poolp;
     33    return retCertRep;
     34 loser:
     35    if (poolp != NULL) {
     36        PORT_FreeArena(poolp, PR_FALSE);
     37    }
     38    return NULL;
     39 }
     40 
     41 SECStatus
     42 cmmf_CertOrEncCertSetCertificate(CMMFCertOrEncCert *certOrEncCert,
     43                                 PLArenaPool *poolp,
     44                                 CERTCertificate *inCert)
     45 {
     46    SECItem *derDest = NULL;
     47    SECStatus rv = SECFailure;
     48 
     49    if (inCert->derCert.data == NULL) {
     50        derDest = SEC_ASN1EncodeItem(NULL, NULL, inCert,
     51                                     CMMFCertOrEncCertCertificateTemplate);
     52        if (derDest == NULL) {
     53            goto loser;
     54        }
     55    } else {
     56        derDest = SECITEM_DupItem(&inCert->derCert);
     57        if (derDest == NULL) {
     58            goto loser;
     59        }
     60    }
     61    PORT_Assert(certOrEncCert->cert.certificate == NULL);
     62    certOrEncCert->cert.certificate = CERT_DupCertificate(inCert);
     63    certOrEncCert->choice = cmmfCertificate;
     64    if (poolp != NULL) {
     65        rv = SECITEM_CopyItem(poolp, &certOrEncCert->derValue, derDest);
     66        if (rv != SECSuccess) {
     67            goto loser;
     68        }
     69    } else {
     70        certOrEncCert->derValue = *derDest;
     71    }
     72    PORT_Free(derDest);
     73    return SECSuccess;
     74 loser:
     75    if (derDest != NULL) {
     76        SECITEM_FreeItem(derDest, PR_TRUE);
     77    }
     78    return rv;
     79 }
     80 
     81 SECStatus
     82 cmmf_ExtractCertsFromList(CERTCertList *inCertList,
     83                          PLArenaPool *poolp,
     84                          CERTCertificate ***certArray)
     85 {
     86    CERTCertificate **arrayLocalCopy;
     87    CERTCertListNode *node;
     88    int numNodes = 0, i;
     89 
     90    for (node = CERT_LIST_HEAD(inCertList); !CERT_LIST_END(node, inCertList);
     91         node = CERT_LIST_NEXT(node)) {
     92        numNodes++;
     93    }
     94 
     95    arrayLocalCopy = *certArray = (poolp == NULL) ? PORT_NewArray(CERTCertificate *, (numNodes + 1)) : PORT_ArenaNewArray(poolp, CERTCertificate *, (numNodes + 1));
     96    if (arrayLocalCopy == NULL) {
     97        return SECFailure;
     98    }
     99    for (node = CERT_LIST_HEAD(inCertList), i = 0;
    100         !CERT_LIST_END(node, inCertList);
    101         node = CERT_LIST_NEXT(node), i++) {
    102        arrayLocalCopy[i] = CERT_DupCertificate(node->cert);
    103        if (arrayLocalCopy[i] == NULL) {
    104            int j;
    105 
    106            for (j = 0; j < i; j++) {
    107                CERT_DestroyCertificate(arrayLocalCopy[j]);
    108            }
    109            if (poolp == NULL) {
    110                PORT_Free(arrayLocalCopy);
    111            }
    112            *certArray = NULL;
    113            return SECFailure;
    114        }
    115    }
    116    arrayLocalCopy[numNodes] = NULL;
    117    return SECSuccess;
    118 }
    119 
    120 SECStatus
    121 CMMF_CertRepContentSetCertResponses(CMMFCertRepContent *inCertRepContent,
    122                                    CMMFCertResponse **inCertResponses,
    123                                    int inNumResponses)
    124 {
    125    PLArenaPool *poolp;
    126    CMMFCertResponse **respArr, *newResp;
    127    void *mark;
    128    SECStatus rv;
    129    int i;
    130 
    131    PORT_Assert(inCertRepContent != NULL &&
    132                inCertResponses != NULL &&
    133                inNumResponses > 0);
    134    if (inCertRepContent == NULL ||
    135        inCertResponses == NULL ||
    136        inCertRepContent->response != NULL) {
    137        return SECFailure;
    138    }
    139    poolp = inCertRepContent->poolp;
    140    mark = PORT_ArenaMark(poolp);
    141    respArr = inCertRepContent->response =
    142        PORT_ArenaZNewArray(poolp, CMMFCertResponse *, (inNumResponses + 1));
    143    if (respArr == NULL) {
    144        goto loser;
    145    }
    146    for (i = 0; i < inNumResponses; i++) {
    147        newResp = PORT_ArenaZNew(poolp, CMMFCertResponse);
    148        if (newResp == NULL) {
    149            goto loser;
    150        }
    151        rv = cmmf_CopyCertResponse(poolp, newResp, inCertResponses[i]);
    152        if (rv != SECSuccess) {
    153            goto loser;
    154        }
    155        respArr[i] = newResp;
    156    }
    157    respArr[inNumResponses] = NULL;
    158    PORT_ArenaUnmark(poolp, mark);
    159    return SECSuccess;
    160 
    161 loser:
    162    PORT_ArenaRelease(poolp, mark);
    163    return SECFailure;
    164 }
    165 
    166 CMMFCertResponse *
    167 CMMF_CreateCertResponse(long inCertReqId)
    168 {
    169    SECItem *dummy;
    170    CMMFCertResponse *newResp;
    171 
    172    newResp = PORT_ZNew(CMMFCertResponse);
    173    if (newResp == NULL) {
    174        goto loser;
    175    }
    176    dummy = SEC_ASN1EncodeInteger(NULL, &newResp->certReqId, inCertReqId);
    177    if (dummy != &newResp->certReqId) {
    178        goto loser;
    179    }
    180    return newResp;
    181 
    182 loser:
    183    if (newResp != NULL) {
    184        CMMF_DestroyCertResponse(newResp);
    185    }
    186    return NULL;
    187 }
    188 
    189 SECStatus
    190 CMMF_CertResponseSetPKIStatusInfoStatus(CMMFCertResponse *inCertResp,
    191                                        CMMFPKIStatus inPKIStatus)
    192 {
    193    PORT_Assert(inCertResp != NULL && inPKIStatus >= cmmfGranted &&
    194                inPKIStatus < cmmfNumPKIStatus);
    195 
    196    if (inCertResp == NULL) {
    197        return SECFailure;
    198    }
    199    return cmmf_PKIStatusInfoSetStatus(&inCertResp->status, NULL,
    200                                       inPKIStatus);
    201 }
    202 
    203 SECStatus
    204 CMMF_CertResponseSetCertificate(CMMFCertResponse *inCertResp,
    205                                CERTCertificate *inCertificate)
    206 {
    207    CMMFCertifiedKeyPair *keyPair = NULL;
    208    SECStatus rv = SECFailure;
    209 
    210    PORT_Assert(inCertResp != NULL && inCertificate != NULL);
    211    if (inCertResp == NULL || inCertificate == NULL) {
    212        return SECFailure;
    213    }
    214    if (inCertResp->certifiedKeyPair == NULL) {
    215        keyPair = inCertResp->certifiedKeyPair =
    216            PORT_ZNew(CMMFCertifiedKeyPair);
    217    } else {
    218        keyPair = inCertResp->certifiedKeyPair;
    219    }
    220    if (keyPair == NULL) {
    221        goto loser;
    222    }
    223    rv = cmmf_CertOrEncCertSetCertificate(&keyPair->certOrEncCert, NULL,
    224                                          inCertificate);
    225    if (rv != SECSuccess) {
    226        goto loser;
    227    }
    228    return SECSuccess;
    229 loser:
    230    if (keyPair) {
    231        if (keyPair->certOrEncCert.derValue.data) {
    232            PORT_Free(keyPair->certOrEncCert.derValue.data);
    233        }
    234        PORT_Free(keyPair);
    235    }
    236    return rv;
    237 }
    238 
    239 SECStatus
    240 CMMF_CertRepContentSetCAPubs(CMMFCertRepContent *inCertRepContent,
    241                             CERTCertList *inCAPubs)
    242 {
    243    PLArenaPool *poolp;
    244    void *mark;
    245    SECStatus rv;
    246 
    247    PORT_Assert(inCertRepContent != NULL &&
    248                inCAPubs != NULL &&
    249                inCertRepContent->caPubs == NULL);
    250 
    251    if (inCertRepContent == NULL ||
    252        inCAPubs == NULL || inCertRepContent == NULL) {
    253        return SECFailure;
    254    }
    255 
    256    poolp = inCertRepContent->poolp;
    257    mark = PORT_ArenaMark(poolp);
    258 
    259    rv = cmmf_ExtractCertsFromList(inCAPubs, poolp,
    260                                   &inCertRepContent->caPubs);
    261 
    262    if (rv != SECSuccess) {
    263        PORT_ArenaRelease(poolp, mark);
    264    } else {
    265        PORT_ArenaUnmark(poolp, mark);
    266    }
    267    return rv;
    268 }
    269 
    270 CERTCertificate *
    271 CMMF_CertifiedKeyPairGetCertificate(CMMFCertifiedKeyPair *inCertKeyPair,
    272                                    CERTCertDBHandle *inCertdb)
    273 {
    274    PORT_Assert(inCertKeyPair != NULL);
    275    if (inCertKeyPair == NULL) {
    276        return NULL;
    277    }
    278    return cmmf_CertOrEncCertGetCertificate(&inCertKeyPair->certOrEncCert,
    279                                            inCertdb);
    280 }