diff options
Diffstat (limited to 'nss/lib/crmf/asn1cmn.c')
| -rw-r--r-- | nss/lib/crmf/asn1cmn.c | 202 |
1 files changed, 99 insertions, 103 deletions
diff --git a/nss/lib/crmf/asn1cmn.c b/nss/lib/crmf/asn1cmn.c index af86670..6cf469f 100644 --- a/nss/lib/crmf/asn1cmn.c +++ b/nss/lib/crmf/asn1cmn.c @@ -11,94 +11,94 @@ SEC_ASN1_MKSUB(SEC_IntegerTemplate) SEC_ASN1_MKSUB(SEC_SignedCertificateTemplate) static const SEC_ASN1Template CMMFCertResponseTemplate[] = { - { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CMMFCertResponse)}, - { SEC_ASN1_INTEGER, offsetof(CMMFCertResponse, certReqId)}, - { SEC_ASN1_INLINE, offsetof(CMMFCertResponse, status), - CMMFPKIStatusInfoTemplate}, - { SEC_ASN1_OPTIONAL | SEC_ASN1_POINTER, + { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CMMFCertResponse) }, + { SEC_ASN1_INTEGER, offsetof(CMMFCertResponse, certReqId) }, + { SEC_ASN1_INLINE, offsetof(CMMFCertResponse, status), + CMMFPKIStatusInfoTemplate }, + { SEC_ASN1_OPTIONAL | SEC_ASN1_POINTER, offsetof(CMMFCertResponse, certifiedKeyPair), - CMMFCertifiedKeyPairTemplate}, + CMMFCertifiedKeyPairTemplate }, { 0 } }; static const SEC_ASN1Template CMMFCertOrEncCertTemplate[] = { - { SEC_ASN1_ANY, offsetof(CMMFCertOrEncCert, derValue), NULL, - sizeof(CMMFCertOrEncCert)}, + { SEC_ASN1_ANY, offsetof(CMMFCertOrEncCert, derValue), NULL, + sizeof(CMMFCertOrEncCert) }, { 0 } }; const SEC_ASN1Template CMMFCertifiedKeyPairTemplate[] = { - { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CMMFCertifiedKeyPair)}, + { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CMMFCertifiedKeyPair) }, { SEC_ASN1_INLINE, offsetof(CMMFCertifiedKeyPair, certOrEncCert), CMMFCertOrEncCertTemplate }, { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER | 0, offsetof(CMMFCertifiedKeyPair, privateKey), - CRMFEncryptedValueTemplate}, - { SEC_ASN1_NO_STREAM | SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | - SEC_ASN1_XTRN | 1, - offsetof (CMMFCertifiedKeyPair, derPublicationInfo), + CRMFEncryptedValueTemplate }, + { SEC_ASN1_NO_STREAM | SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | + SEC_ASN1_XTRN | 1, + offsetof(CMMFCertifiedKeyPair, derPublicationInfo), SEC_ASN1_SUB(SEC_AnyTemplate) }, { 0 } }; const SEC_ASN1Template CMMFPKIStatusInfoTemplate[] = { - { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CMMFPKIStatusInfo)}, - { SEC_ASN1_INTEGER, offsetof(CMMFPKIStatusInfo, status)}, - { SEC_ASN1_OPTIONAL | SEC_ASN1_UTF8_STRING, - offsetof(CMMFPKIStatusInfo, statusString)}, - { SEC_ASN1_OPTIONAL | SEC_ASN1_BIT_STRING, - offsetof(CMMFPKIStatusInfo, failInfo)}, + { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CMMFPKIStatusInfo) }, + { SEC_ASN1_INTEGER, offsetof(CMMFPKIStatusInfo, status) }, + { SEC_ASN1_OPTIONAL | SEC_ASN1_UTF8_STRING, + offsetof(CMMFPKIStatusInfo, statusString) }, + { SEC_ASN1_OPTIONAL | SEC_ASN1_BIT_STRING, + offsetof(CMMFPKIStatusInfo, failInfo) }, { 0 } }; const SEC_ASN1Template CMMFSequenceOfCertsTemplate[] = { - { SEC_ASN1_SEQUENCE_OF| SEC_ASN1_XTRN, 0, - SEC_ASN1_SUB(SEC_SignedCertificateTemplate)} + { SEC_ASN1_SEQUENCE_OF | SEC_ASN1_XTRN, 0, + SEC_ASN1_SUB(SEC_SignedCertificateTemplate) } }; const SEC_ASN1Template CMMFRandTemplate[] = { - { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CMMFRand)}, - { SEC_ASN1_INTEGER, offsetof(CMMFRand, integer)}, - { SEC_ASN1_OCTET_STRING, offsetof(CMMFRand, senderHash)}, + { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CMMFRand) }, + { SEC_ASN1_INTEGER, offsetof(CMMFRand, integer) }, + { SEC_ASN1_OCTET_STRING, offsetof(CMMFRand, senderHash) }, { 0 } }; const SEC_ASN1Template CMMFPOPODecKeyRespContentTemplate[] = { - { SEC_ASN1_SEQUENCE_OF | SEC_ASN1_XTRN, + { SEC_ASN1_SEQUENCE_OF | SEC_ASN1_XTRN, offsetof(CMMFPOPODecKeyRespContent, responses), - SEC_ASN1_SUB(SEC_IntegerTemplate), - sizeof(CMMFPOPODecKeyRespContent)}, + SEC_ASN1_SUB(SEC_IntegerTemplate), + sizeof(CMMFPOPODecKeyRespContent) }, { 0 } }; const SEC_ASN1Template CMMFCertOrEncCertEncryptedCertTemplate[] = { { SEC_ASN1_CONTEXT_SPECIFIC | 1, 0, - CRMFEncryptedValueTemplate}, + CRMFEncryptedValueTemplate }, { 0 } }; const SEC_ASN1Template CMMFCertOrEncCertCertificateTemplate[] = { { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0, 0, - SEC_ASN1_SUB(SEC_SignedCertificateTemplate)}, + SEC_ASN1_SUB(SEC_SignedCertificateTemplate) }, { 0 } }; const SEC_ASN1Template CMMFCertRepContentTemplate[] = { - { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CMMFCertRepContent)}, + { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CMMFCertRepContent) }, { SEC_ASN1_CONSTRUCTED | SEC_ASN1_OPTIONAL | - SEC_ASN1_CONTEXT_SPECIFIC | 1, + SEC_ASN1_CONTEXT_SPECIFIC | 1, offsetof(CMMFCertRepContent, caPubs), CMMFSequenceOfCertsTemplate }, { SEC_ASN1_SEQUENCE_OF, offsetof(CMMFCertRepContent, response), - CMMFCertResponseTemplate}, + CMMFCertResponseTemplate }, { 0 } }; static const SEC_ASN1Template CMMFChallengeTemplate[] = { - { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CMMFChallenge)}, - { SEC_ASN1_POINTER | SEC_ASN1_OPTIONAL | SEC_ASN1_XTRN, + { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CMMFChallenge) }, + { SEC_ASN1_POINTER | SEC_ASN1_OPTIONAL | SEC_ASN1_XTRN, offsetof(CMMFChallenge, owf), SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) }, { SEC_ASN1_OCTET_STRING, offsetof(CMMFChallenge, witness) }, @@ -109,27 +109,27 @@ static const SEC_ASN1Template CMMFChallengeTemplate[] = { }; const SEC_ASN1Template CMMFPOPODecKeyChallContentTemplate[] = { - { SEC_ASN1_SEQUENCE_OF,offsetof(CMMFPOPODecKeyChallContent, challenges), + { SEC_ASN1_SEQUENCE_OF, offsetof(CMMFPOPODecKeyChallContent, challenges), CMMFChallengeTemplate, sizeof(CMMFPOPODecKeyChallContent) }, { 0 } }; SECStatus -cmmf_decode_process_cert_response(PLArenaPool *poolp, - CERTCertDBHandle *db, - CMMFCertResponse *inCertResp) +cmmf_decode_process_cert_response(PLArenaPool *poolp, + CERTCertDBHandle *db, + CMMFCertResponse *inCertResp) { SECStatus rv = SECSuccess; - + if (inCertResp->certifiedKeyPair != NULL) { - rv = cmmf_decode_process_certified_key_pair(poolp, - db, - inCertResp->certifiedKeyPair); + rv = cmmf_decode_process_certified_key_pair(poolp, + db, + inCertResp->certifiedKeyPair); } return rv; } -static CERTCertificate* +static CERTCertificate * cmmf_DecodeDERCertificate(CERTCertDBHandle *db, SECItem *derCert) { CERTCertificate *newCert; @@ -141,80 +141,76 @@ cmmf_DecodeDERCertificate(CERTCertDBHandle *db, SECItem *derCert) static CMMFCertOrEncCertChoice cmmf_get_certorenccertchoice_from_der(SECItem *der) { - CMMFCertOrEncCertChoice retChoice; - - switch(der->data[0] & 0x0f) { - case 0: - retChoice = cmmfCertificate; - break; - case 1: - retChoice = cmmfEncryptedCert; - break; - default: - retChoice = cmmfNoCertOrEncCert; - break; + CMMFCertOrEncCertChoice retChoice; + + switch (der->data[0] & 0x0f) { + case 0: + retChoice = cmmfCertificate; + break; + case 1: + retChoice = cmmfEncryptedCert; + break; + default: + retChoice = cmmfNoCertOrEncCert; + break; } return retChoice; } static SECStatus -cmmf_decode_process_certorenccert(PLArenaPool *poolp, - CERTCertDBHandle *db, - CMMFCertOrEncCert *inCertOrEncCert) +cmmf_decode_process_certorenccert(PLArenaPool *poolp, + CERTCertDBHandle *db, + CMMFCertOrEncCert *inCertOrEncCert) { SECStatus rv = SECSuccess; - inCertOrEncCert->choice = + inCertOrEncCert->choice = cmmf_get_certorenccertchoice_from_der(&inCertOrEncCert->derValue); switch (inCertOrEncCert->choice) { - case cmmfCertificate: - { - /* The DER has implicit tagging, so we gotta switch it to - * un-tagged in order for the ASN1 parser to understand it. - * Saving the bits that were changed. - */ - inCertOrEncCert->derValue.data[0] = 0x30; - inCertOrEncCert->cert.certificate = - cmmf_DecodeDERCertificate(db, &inCertOrEncCert->derValue); - if (inCertOrEncCert->cert.certificate == NULL) { - rv = SECFailure; - } - - } - break; - case cmmfEncryptedCert: - PORT_Assert(poolp); - if (!poolp) { - PORT_SetError(SEC_ERROR_INVALID_ARGS); - rv = SECFailure; - break; - } - inCertOrEncCert->cert.encryptedCert = - PORT_ArenaZNew(poolp, CRMFEncryptedValue); - if (inCertOrEncCert->cert.encryptedCert == NULL) { - rv = SECFailure; - break; - } - rv = SEC_ASN1Decode(poolp, inCertOrEncCert->cert.encryptedCert, - CMMFCertOrEncCertEncryptedCertTemplate, - (const char*)inCertOrEncCert->derValue.data, - inCertOrEncCert->derValue.len); - break; - default: - rv = SECFailure; + case cmmfCertificate: { + /* The DER has implicit tagging, so we gotta switch it to + * un-tagged in order for the ASN1 parser to understand it. + * Saving the bits that were changed. + */ + inCertOrEncCert->derValue.data[0] = 0x30; + inCertOrEncCert->cert.certificate = + cmmf_DecodeDERCertificate(db, &inCertOrEncCert->derValue); + if (inCertOrEncCert->cert.certificate == NULL) { + rv = SECFailure; + } + + } break; + case cmmfEncryptedCert: + PORT_Assert(poolp); + if (!poolp) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + rv = SECFailure; + break; + } + inCertOrEncCert->cert.encryptedCert = + PORT_ArenaZNew(poolp, CRMFEncryptedValue); + if (inCertOrEncCert->cert.encryptedCert == NULL) { + rv = SECFailure; + break; + } + rv = SEC_ASN1Decode(poolp, inCertOrEncCert->cert.encryptedCert, + CMMFCertOrEncCertEncryptedCertTemplate, + (const char *)inCertOrEncCert->derValue.data, + inCertOrEncCert->derValue.len); + break; + default: + rv = SECFailure; } return rv; } -SECStatus -cmmf_decode_process_certified_key_pair(PLArenaPool *poolp, - CERTCertDBHandle *db, - CMMFCertifiedKeyPair *inCertKeyPair) +SECStatus +cmmf_decode_process_certified_key_pair(PLArenaPool *poolp, + CERTCertDBHandle *db, + CMMFCertifiedKeyPair *inCertKeyPair) { - return cmmf_decode_process_certorenccert (poolp, - db, - &inCertKeyPair->certOrEncCert); + return cmmf_decode_process_certorenccert(poolp, + db, + &inCertKeyPair->certOrEncCert); } - - |