diff options
Diffstat (limited to 'nss/lib/smime/cmssiginfo.c')
| -rw-r--r-- | nss/lib/smime/cmssiginfo.c | 795 |
1 files changed, 402 insertions, 393 deletions
diff --git a/nss/lib/smime/cmssiginfo.c b/nss/lib/smime/cmssiginfo.c index f3635c2..ce4f87c 100644 --- a/nss/lib/smime/cmssiginfo.c +++ b/nss/lib/smime/cmssiginfo.c @@ -25,32 +25,36 @@ * SIGNERINFO */ NSSCMSSignerInfo * -nss_cmssignerinfo_create(NSSCMSMessage *cmsg, NSSCMSSignerIDSelector type, - CERTCertificate *cert, SECItem *subjKeyID, SECKEYPublicKey *pubKey, - SECKEYPrivateKey *signingKey, SECOidTag digestalgtag); +nss_cmssignerinfo_create(NSSCMSMessage *cmsg, NSSCMSSignerIDSelector type, + CERTCertificate *cert, SECItem *subjKeyID, SECKEYPublicKey *pubKey, + SECKEYPrivateKey *signingKey, SECOidTag digestalgtag); NSSCMSSignerInfo * -NSS_CMSSignerInfo_CreateWithSubjKeyID(NSSCMSMessage *cmsg, SECItem *subjKeyID, - SECKEYPublicKey *pubKey, SECKEYPrivateKey *signingKey, SECOidTag digestalgtag) +NSS_CMSSignerInfo_CreateWithSubjKeyID(NSSCMSMessage *cmsg, SECItem *subjKeyID, + SECKEYPublicKey *pubKey, + SECKEYPrivateKey *signingKey, SECOidTag digestalgtag) { - return nss_cmssignerinfo_create(cmsg, NSSCMSSignerID_SubjectKeyID, NULL, subjKeyID, pubKey, signingKey, digestalgtag); + return nss_cmssignerinfo_create(cmsg, NSSCMSSignerID_SubjectKeyID, NULL, + subjKeyID, pubKey, signingKey, digestalgtag); } NSSCMSSignerInfo * NSS_CMSSignerInfo_Create(NSSCMSMessage *cmsg, CERTCertificate *cert, SECOidTag digestalgtag) { - return nss_cmssignerinfo_create(cmsg, NSSCMSSignerID_IssuerSN, cert, NULL, NULL, NULL, digestalgtag); + return nss_cmssignerinfo_create(cmsg, NSSCMSSignerID_IssuerSN, cert, NULL, + NULL, NULL, digestalgtag); } NSSCMSSignerInfo * -nss_cmssignerinfo_create(NSSCMSMessage *cmsg, NSSCMSSignerIDSelector type, - CERTCertificate *cert, SECItem *subjKeyID, SECKEYPublicKey *pubKey, - SECKEYPrivateKey *signingKey, SECOidTag digestalgtag) +nss_cmssignerinfo_create(NSSCMSMessage *cmsg, NSSCMSSignerIDSelector type, + CERTCertificate *cert, SECItem *subjKeyID, SECKEYPublicKey *pubKey, + SECKEYPrivateKey *signingKey, SECOidTag digestalgtag) { void *mark; NSSCMSSignerInfo *signerinfo; int version; PLArenaPool *poolp; + SECStatus rv; poolp = cmsg->poolp; @@ -58,50 +62,52 @@ nss_cmssignerinfo_create(NSSCMSMessage *cmsg, NSSCMSSignerIDSelector type, signerinfo = (NSSCMSSignerInfo *)PORT_ArenaZAlloc(poolp, sizeof(NSSCMSSignerInfo)); if (signerinfo == NULL) { - PORT_ArenaRelease(poolp, mark); - return NULL; + PORT_ArenaRelease(poolp, mark); + return NULL; } - signerinfo->cmsg = cmsg; - switch(type) { - case NSSCMSSignerID_IssuerSN: - signerinfo->signerIdentifier.identifierType = NSSCMSSignerID_IssuerSN; - if ((signerinfo->cert = CERT_DupCertificate(cert)) == NULL) - goto loser; - if ((signerinfo->signerIdentifier.id.issuerAndSN = CERT_GetCertIssuerAndSN(poolp, cert)) == NULL) - goto loser; - break; - case NSSCMSSignerID_SubjectKeyID: - signerinfo->signerIdentifier.identifierType = NSSCMSSignerID_SubjectKeyID; - PORT_Assert(subjKeyID); - if (!subjKeyID) - goto loser; - - signerinfo->signerIdentifier.id.subjectKeyID = PORT_ArenaNew(poolp, SECItem); - SECITEM_CopyItem(poolp, signerinfo->signerIdentifier.id.subjectKeyID, - subjKeyID); - signerinfo->signingKey = SECKEY_CopyPrivateKey(signingKey); - if (!signerinfo->signingKey) - goto loser; - signerinfo->pubKey = SECKEY_CopyPublicKey(pubKey); - if (!signerinfo->pubKey) + switch (type) { + case NSSCMSSignerID_IssuerSN: + signerinfo->signerIdentifier.identifierType = NSSCMSSignerID_IssuerSN; + if ((signerinfo->cert = CERT_DupCertificate(cert)) == NULL) + goto loser; + if ((signerinfo->signerIdentifier.id.issuerAndSN = CERT_GetCertIssuerAndSN(poolp, cert)) == NULL) + goto loser; + break; + case NSSCMSSignerID_SubjectKeyID: + signerinfo->signerIdentifier.identifierType = NSSCMSSignerID_SubjectKeyID; + PORT_Assert(subjKeyID); + if (!subjKeyID) + goto loser; + + signerinfo->signerIdentifier.id.subjectKeyID = PORT_ArenaNew(poolp, SECItem); + rv = SECITEM_CopyItem(poolp, signerinfo->signerIdentifier.id.subjectKeyID, + subjKeyID); + if (rv != SECSuccess) { + goto loser; + } + signerinfo->signingKey = SECKEY_CopyPrivateKey(signingKey); + if (!signerinfo->signingKey) + goto loser; + signerinfo->pubKey = SECKEY_CopyPublicKey(pubKey); + if (!signerinfo->pubKey) + goto loser; + break; + default: goto loser; - break; - default: - goto loser; } /* set version right now */ version = NSS_CMS_SIGNER_INFO_VERSION_ISSUERSN; /* RFC2630 5.3 "version is the syntax version number. If the .... " */ if (signerinfo->signerIdentifier.identifierType == NSSCMSSignerID_SubjectKeyID) - version = NSS_CMS_SIGNER_INFO_VERSION_SUBJKEY; + version = NSS_CMS_SIGNER_INFO_VERSION_SUBJKEY; (void)SEC_ASN1EncodeInteger(poolp, &(signerinfo->version), (long)version); if (SECOID_SetAlgorithmID(poolp, &signerinfo->digestAlg, digestalgtag, NULL) != SECSuccess) - goto loser; + goto loser; PORT_ArenaUnmark(poolp, mark); return signerinfo; @@ -118,10 +124,10 @@ void NSS_CMSSignerInfo_Destroy(NSSCMSSignerInfo *si) { if (si->cert != NULL) - CERT_DestroyCertificate(si->cert); + CERT_DestroyCertificate(si->cert); - if (si->certList != NULL) - CERT_DestroyCertificateList(si->certList); + if (si->certList != NULL) + CERT_DestroyCertificateList(si->certList); /* XXX storage ??? */ } @@ -131,7 +137,7 @@ NSS_CMSSignerInfo_Destroy(NSSCMSSignerInfo *si) * */ SECStatus -NSS_CMSSignerInfo_Sign(NSSCMSSignerInfo *signerinfo, SECItem *digest, +NSS_CMSSignerInfo_Sign(NSSCMSSignerInfo *signerinfo, SECItem *digest, SECItem *contentType) { CERTCertificate *cert; @@ -144,31 +150,31 @@ NSS_CMSSignerInfo_Sign(NSSCMSSignerInfo *signerinfo, SECItem *digest, SECAlgorithmID *algID, freeAlgID; CERTSubjectPublicKeyInfo *spki; - PORT_Assert (digest != NULL); + PORT_Assert(digest != NULL); poolp = signerinfo->cmsg->poolp; switch (signerinfo->signerIdentifier.identifierType) { - case NSSCMSSignerID_IssuerSN: - cert = signerinfo->cert; - - privkey = PK11_FindKeyByAnyCert(cert, signerinfo->cmsg->pwfn_arg); - if (privkey == NULL) - goto loser; - algID = &cert->subjectPublicKeyInfo.algorithm; - break; - case NSSCMSSignerID_SubjectKeyID: - privkey = signerinfo->signingKey; - signerinfo->signingKey = NULL; - spki = SECKEY_CreateSubjectPublicKeyInfo(signerinfo->pubKey); - SECKEY_DestroyPublicKey(signerinfo->pubKey); - signerinfo->pubKey = NULL; - SECOID_CopyAlgorithmID(NULL, &freeAlgID, &spki->algorithm); - SECKEY_DestroySubjectPublicKeyInfo(spki); - algID = &freeAlgID; - break; - default: - goto loser; + case NSSCMSSignerID_IssuerSN: + cert = signerinfo->cert; + + privkey = PK11_FindKeyByAnyCert(cert, signerinfo->cmsg->pwfn_arg); + if (privkey == NULL) + goto loser; + algID = &cert->subjectPublicKeyInfo.algorithm; + break; + case NSSCMSSignerID_SubjectKeyID: + privkey = signerinfo->signingKey; + signerinfo->signingKey = NULL; + spki = SECKEY_CreateSubjectPublicKeyInfo(signerinfo->pubKey); + SECKEY_DestroyPublicKey(signerinfo->pubKey); + signerinfo->pubKey = NULL; + SECOID_CopyAlgorithmID(NULL, &freeAlgID, &spki->algorithm); + SECKEY_DestroySubjectPublicKeyInfo(spki); + algID = &freeAlgID; + break; + default: + goto loser; } digestalgtag = NSS_CMSSignerInfo_GetDigestAlgTag(signerinfo); /* @@ -177,105 +183,104 @@ NSS_CMSSignerInfo_Sign(NSSCMSSignerInfo *signerinfo, SECItem *digest, */ pubkAlgTag = SECOID_GetAlgorithmTag(algID); if (signerinfo->signerIdentifier.identifierType == NSSCMSSignerID_SubjectKeyID) { - SECOID_DestroyAlgorithmID(&freeAlgID, PR_FALSE); + SECOID_DestroyAlgorithmID(&freeAlgID, PR_FALSE); } if (signerinfo->authAttr != NULL) { - SECOidTag signAlgTag; - SECItem encoded_attrs; - - /* find and fill in the message digest attribute. */ - rv = NSS_CMSAttributeArray_SetAttr(poolp, &(signerinfo->authAttr), - SEC_OID_PKCS9_MESSAGE_DIGEST, digest, PR_FALSE); - if (rv != SECSuccess) - goto loser; - - if (contentType != NULL) { - /* if the caller wants us to, find and fill in the content type attribute. */ - rv = NSS_CMSAttributeArray_SetAttr(poolp, &(signerinfo->authAttr), - SEC_OID_PKCS9_CONTENT_TYPE, contentType, PR_FALSE); - if (rv != SECSuccess) - goto loser; - } - - if ((tmppoolp = PORT_NewArena (1024)) == NULL) { - PORT_SetError(SEC_ERROR_NO_MEMORY); - goto loser; - } - - /* - * Before encoding, reorder the attributes so that when they - * are encoded, they will be conforming DER, which is required - * to have a specific order and that is what must be used for - * the hash/signature. We do this here, rather than building - * it into EncodeAttributes, because we do not want to do - * such reordering on incoming messages (which also uses - * EncodeAttributes) or our old signatures (and other "broken" - * implementations) will not verify. So, we want to guarantee - * that we send out good DER encodings of attributes, but not - * to expect to receive them. - */ - if (NSS_CMSAttributeArray_Reorder(signerinfo->authAttr) != SECSuccess) - goto loser; - - encoded_attrs.data = NULL; - encoded_attrs.len = 0; - if (NSS_CMSAttributeArray_Encode(tmppoolp, &(signerinfo->authAttr), - &encoded_attrs) == NULL) - goto loser; - - signAlgTag = SEC_GetSignatureAlgorithmOidTag(privkey->keyType, + SECOidTag signAlgTag; + SECItem encoded_attrs; + + /* find and fill in the message digest attribute. */ + rv = NSS_CMSAttributeArray_SetAttr(poolp, &(signerinfo->authAttr), + SEC_OID_PKCS9_MESSAGE_DIGEST, digest, PR_FALSE); + if (rv != SECSuccess) + goto loser; + + if (contentType != NULL) { + /* if the caller wants us to, find and fill in the content type attribute. */ + rv = NSS_CMSAttributeArray_SetAttr(poolp, &(signerinfo->authAttr), + SEC_OID_PKCS9_CONTENT_TYPE, contentType, PR_FALSE); + if (rv != SECSuccess) + goto loser; + } + + if ((tmppoolp = PORT_NewArena(1024)) == NULL) { + PORT_SetError(SEC_ERROR_NO_MEMORY); + goto loser; + } + + /* + * Before encoding, reorder the attributes so that when they + * are encoded, they will be conforming DER, which is required + * to have a specific order and that is what must be used for + * the hash/signature. We do this here, rather than building + * it into EncodeAttributes, because we do not want to do + * such reordering on incoming messages (which also uses + * EncodeAttributes) or our old signatures (and other "broken" + * implementations) will not verify. So, we want to guarantee + * that we send out good DER encodings of attributes, but not + * to expect to receive them. + */ + if (NSS_CMSAttributeArray_Reorder(signerinfo->authAttr) != SECSuccess) + goto loser; + + encoded_attrs.data = NULL; + encoded_attrs.len = 0; + if (NSS_CMSAttributeArray_Encode(tmppoolp, &(signerinfo->authAttr), + &encoded_attrs) == NULL) + goto loser; + + signAlgTag = SEC_GetSignatureAlgorithmOidTag(privkey->keyType, digestalgtag); - if (signAlgTag == SEC_OID_UNKNOWN) { - PORT_SetError(SEC_ERROR_INVALID_ALGORITHM); - goto loser; - } - - rv = SEC_SignData(&signature, encoded_attrs.data, encoded_attrs.len, - privkey, signAlgTag); - PORT_FreeArena(tmppoolp, PR_FALSE); /* awkward memory management :-( */ - tmppoolp = 0; + if (signAlgTag == SEC_OID_UNKNOWN) { + PORT_SetError(SEC_ERROR_INVALID_ALGORITHM); + goto loser; + } + + rv = SEC_SignData(&signature, encoded_attrs.data, encoded_attrs.len, + privkey, signAlgTag); + PORT_FreeArena(tmppoolp, PR_FALSE); /* awkward memory management :-( */ + tmppoolp = 0; } else { - rv = SGN_Digest(privkey, digestalgtag, &signature, digest); + rv = SGN_Digest(privkey, digestalgtag, &signature, digest); } SECKEY_DestroyPrivateKey(privkey); privkey = NULL; if (rv != SECSuccess) - goto loser; + goto loser; - if (SECITEM_CopyItem(poolp, &(signerinfo->encDigest), &signature) - != SECSuccess) - goto loser; + if (SECITEM_CopyItem(poolp, &(signerinfo->encDigest), &signature) != SECSuccess) + goto loser; SECITEM_FreeItem(&signature, PR_FALSE); - if (SECOID_SetAlgorithmID(poolp, &(signerinfo->digestEncAlg), pubkAlgTag, + if (SECOID_SetAlgorithmID(poolp, &(signerinfo->digestEncAlg), pubkAlgTag, NULL) != SECSuccess) - goto loser; + goto loser; return SECSuccess; loser: if (signature.len != 0) - SECITEM_FreeItem (&signature, PR_FALSE); + SECITEM_FreeItem(&signature, PR_FALSE); if (privkey) - SECKEY_DestroyPrivateKey(privkey); + SECKEY_DestroyPrivateKey(privkey); if (tmppoolp) - PORT_FreeArena(tmppoolp, PR_FALSE); + PORT_FreeArena(tmppoolp, PR_FALSE); return SECFailure; } SECStatus NSS_CMSSignerInfo_VerifyCertificate(NSSCMSSignerInfo *signerinfo, CERTCertDBHandle *certdb, - SECCertUsage certusage) + SECCertUsage certusage) { CERTCertificate *cert; PRTime stime; if ((cert = NSS_CMSSignerInfo_GetSigningCertificate(signerinfo, certdb)) == NULL) { - signerinfo->verificationStatus = NSSCMSVS_SigningCertNotFound; - return SECFailure; + signerinfo->verificationStatus = NSSCMSVS_SigningCertNotFound; + return SECFailure; } /* @@ -283,9 +288,9 @@ NSS_CMSSignerInfo_VerifyCertificate(NSSCMSSignerInfo *signerinfo, CERTCertDBHand * both on the cert verification and for importing the sender * email profile. */ - if (NSS_CMSSignerInfo_GetSigningTime (signerinfo, &stime) != SECSuccess) - stime = PR_Now(); /* not found or conversion failed, so check against now */ - + if (NSS_CMSSignerInfo_GetSigningTime(signerinfo, &stime) != SECSuccess) + stime = PR_Now(); /* not found or conversion failed, so check against now */ + /* * XXX This uses the signing time, if available. Additionally, we * might want to, if there is no signing time, get the message time @@ -294,10 +299,10 @@ NSS_CMSSignerInfo_VerifyCertificate(NSSCMSSignerInfo *signerinfo, CERTCertDBHand * in a time (and for non-S/MIME callers to pass in nothing, or * maybe make them pass in the current time, always?). */ - if (CERT_VerifyCert(certdb, cert, PR_TRUE, certusage, stime, + if (CERT_VerifyCert(certdb, cert, PR_TRUE, certusage, stime, signerinfo->cmsg->pwfn_arg, NULL) != SECSuccess) { - signerinfo->verificationStatus = NSSCMSVS_SigningCertNotTrusted; - return SECFailure; + signerinfo->verificationStatus = NSSCMSVS_SigningCertNotTrusted; + return SECFailure; } return SECSuccess; } @@ -305,13 +310,13 @@ NSS_CMSSignerInfo_VerifyCertificate(NSSCMSSignerInfo *signerinfo, CERTCertDBHand /* * NSS_CMSSignerInfo_Verify - verify the signature of a single SignerInfo * - * Just verifies the signature. The assumption is that verification of + * Just verifies the signature. The assumption is that verification of * the certificate is done already. */ SECStatus -NSS_CMSSignerInfo_Verify(NSSCMSSignerInfo *signerinfo, - SECItem *digest, /* may be NULL */ - SECItem *contentType) /* may be NULL */ +NSS_CMSSignerInfo_Verify(NSSCMSSignerInfo *signerinfo, + SECItem *digest, /* may be NULL */ + SECItem *contentType) /* may be NULL */ { SECKEYPublicKey *publickey = NULL; NSSCMSAttribute *attr; @@ -319,152 +324,154 @@ NSS_CMSSignerInfo_Verify(NSSCMSSignerInfo *signerinfo, CERTCertificate *cert; NSSCMSVerificationStatus vs = NSSCMSVS_Unverified; PLArenaPool *poolp; - SECOidTag digestalgtag; - SECOidTag pubkAlgTag; + SECOidTag digestalgtag; + SECOidTag pubkAlgTag; if (signerinfo == NULL) - return SECFailure; + return SECFailure; - /* NSS_CMSSignerInfo_GetSigningCertificate will fail if 2nd parm is NULL - ** and cert has not been verified + /* NSS_CMSSignerInfo_GetSigningCertificate will fail if 2nd parm is NULL + ** and cert has not been verified */ cert = NSS_CMSSignerInfo_GetSigningCertificate(signerinfo, NULL); if (cert == NULL) { - vs = NSSCMSVS_SigningCertNotFound; - goto loser; + vs = NSSCMSVS_SigningCertNotFound; + goto loser; } if ((publickey = CERT_ExtractPublicKey(cert)) == NULL) { - vs = NSSCMSVS_ProcessingError; - goto loser; + vs = NSSCMSVS_ProcessingError; + goto loser; } digestalgtag = NSS_CMSSignerInfo_GetDigestAlgTag(signerinfo); pubkAlgTag = SECOID_GetAlgorithmTag(&(signerinfo->digestEncAlg)); if ((pubkAlgTag == SEC_OID_UNKNOWN) || (digestalgtag == SEC_OID_UNKNOWN)) { - vs = NSSCMSVS_SignatureAlgorithmUnknown; - goto loser; + vs = NSSCMSVS_SignatureAlgorithmUnknown; + goto loser; } if (!NSS_CMSArray_IsEmpty((void **)signerinfo->authAttr)) { - if (contentType) { - /* - * Check content type - * - * RFC2630 sez that if there are any authenticated attributes, - * then there must be one for content type which matches the - * content type of the content being signed, and there must - * be one for message digest which matches our message digest. - * So check these things first. - */ - attr = NSS_CMSAttributeArray_FindAttrByOidTag(signerinfo->authAttr, - SEC_OID_PKCS9_CONTENT_TYPE, PR_TRUE); - if (attr == NULL) { - vs = NSSCMSVS_MalformedSignature; - goto loser; - } - - if (NSS_CMSAttribute_CompareValue(attr, contentType) == PR_FALSE) { - vs = NSSCMSVS_MalformedSignature; - goto loser; - } - } - - /* - * Check digest - */ - attr = NSS_CMSAttributeArray_FindAttrByOidTag(signerinfo->authAttr, - SEC_OID_PKCS9_MESSAGE_DIGEST, PR_TRUE); - if (attr == NULL) { - vs = NSSCMSVS_MalformedSignature; - goto loser; - } - if (!digest || - NSS_CMSAttribute_CompareValue(attr, digest) == PR_FALSE) { - vs = NSSCMSVS_DigestMismatch; - goto loser; - } - - if ((poolp = PORT_NewArena (1024)) == NULL) { - vs = NSSCMSVS_ProcessingError; - goto loser; - } - - /* - * Check signature - * - * The signature is based on a digest of the DER-encoded authenticated - * attributes. So, first we encode and then we digest/verify. - * we trust the decoder to have the attributes in the right (sorted) - * order - */ - encoded_attrs.data = NULL; - encoded_attrs.len = 0; - - if (NSS_CMSAttributeArray_Encode(poolp, &(signerinfo->authAttr), - &encoded_attrs) == NULL || - encoded_attrs.data == NULL || encoded_attrs.len == 0) { - PORT_FreeArena(poolp, PR_FALSE); - vs = NSSCMSVS_ProcessingError; - goto loser; - } - - vs = (VFY_VerifyDataDirect(encoded_attrs.data, encoded_attrs.len, - publickey, &(signerinfo->encDigest), pubkAlgTag, - digestalgtag, NULL, signerinfo->cmsg->pwfn_arg) != SECSuccess) - ? NSSCMSVS_BadSignature : NSSCMSVS_GoodSignature; - - PORT_FreeArena(poolp, PR_FALSE); /* awkward memory management :-( */ + if (contentType) { + /* + * Check content type + * + * RFC2630 sez that if there are any authenticated attributes, + * then there must be one for content type which matches the + * content type of the content being signed, and there must + * be one for message digest which matches our message digest. + * So check these things first. + */ + attr = NSS_CMSAttributeArray_FindAttrByOidTag(signerinfo->authAttr, + SEC_OID_PKCS9_CONTENT_TYPE, PR_TRUE); + if (attr == NULL) { + vs = NSSCMSVS_MalformedSignature; + goto loser; + } + + if (NSS_CMSAttribute_CompareValue(attr, contentType) == PR_FALSE) { + vs = NSSCMSVS_MalformedSignature; + goto loser; + } + } + + /* + * Check digest + */ + attr = NSS_CMSAttributeArray_FindAttrByOidTag(signerinfo->authAttr, + SEC_OID_PKCS9_MESSAGE_DIGEST, PR_TRUE); + if (attr == NULL) { + vs = NSSCMSVS_MalformedSignature; + goto loser; + } + if (!digest || + NSS_CMSAttribute_CompareValue(attr, digest) == PR_FALSE) { + vs = NSSCMSVS_DigestMismatch; + goto loser; + } + + if ((poolp = PORT_NewArena(1024)) == NULL) { + vs = NSSCMSVS_ProcessingError; + goto loser; + } + + /* + * Check signature + * + * The signature is based on a digest of the DER-encoded authenticated + * attributes. So, first we encode and then we digest/verify. + * we trust the decoder to have the attributes in the right (sorted) + * order + */ + encoded_attrs.data = NULL; + encoded_attrs.len = 0; + + if (NSS_CMSAttributeArray_Encode(poolp, &(signerinfo->authAttr), + &encoded_attrs) == NULL || + encoded_attrs.data == NULL || encoded_attrs.len == 0) { + PORT_FreeArena(poolp, PR_FALSE); + vs = NSSCMSVS_ProcessingError; + goto loser; + } + + vs = (VFY_VerifyDataDirect(encoded_attrs.data, encoded_attrs.len, + publickey, &(signerinfo->encDigest), pubkAlgTag, + digestalgtag, NULL, signerinfo->cmsg->pwfn_arg) != SECSuccess) + ? NSSCMSVS_BadSignature + : NSSCMSVS_GoodSignature; + + PORT_FreeArena(poolp, PR_FALSE); /* awkward memory management :-( */ } else { - SECItem *sig; - - /* No authenticated attributes. - ** The signature is based on the plain message digest. - */ - sig = &(signerinfo->encDigest); - if (sig->len == 0) - goto loser; - - vs = (!digest || - VFY_VerifyDigestDirect(digest, publickey, sig, pubkAlgTag, - digestalgtag, signerinfo->cmsg->pwfn_arg) != SECSuccess) - ? NSSCMSVS_BadSignature : NSSCMSVS_GoodSignature; + SECItem *sig; + + /* No authenticated attributes. + ** The signature is based on the plain message digest. + */ + sig = &(signerinfo->encDigest); + if (sig->len == 0) + goto loser; + + vs = (!digest || + VFY_VerifyDigestDirect(digest, publickey, sig, pubkAlgTag, + digestalgtag, signerinfo->cmsg->pwfn_arg) != SECSuccess) + ? NSSCMSVS_BadSignature + : NSSCMSVS_GoodSignature; } if (vs == NSSCMSVS_BadSignature) { - int error = PORT_GetError(); - /* - * XXX Change the generic error into our specific one, because - * in that case we get a better explanation out of the Security - * Advisor. This is really a bug in the PSM error strings (the - * "generic" error has a lousy/wrong message associated with it - * which assumes the signature verification was done for the - * purposes of checking the issuer signature on a certificate) - * but this is at least an easy workaround and/or in the - * Security Advisor, which specifically checks for the error - * SEC_ERROR_PKCS7_BAD_SIGNATURE and gives more explanation - * in that case but does not similarly check for - * SEC_ERROR_BAD_SIGNATURE. It probably should, but then would - * probably say the wrong thing in the case that it *was* the - * certificate signature check that failed during the cert - * verification done above. Our error handling is really a mess. - */ - if (error == SEC_ERROR_BAD_SIGNATURE) - PORT_SetError(SEC_ERROR_PKCS7_BAD_SIGNATURE); - /* - * map algorithm failures to NSSCMSVS values - */ - if ((error == SEC_ERROR_PKCS7_KEYALG_MISMATCH) || - (error == SEC_ERROR_INVALID_ALGORITHM)) { - /* keep the same error code as 3.11 and before */ - PORT_SetError(SEC_ERROR_PKCS7_BAD_SIGNATURE); - vs = NSSCMSVS_SignatureAlgorithmUnsupported; - } + int error = PORT_GetError(); + /* + * XXX Change the generic error into our specific one, because + * in that case we get a better explanation out of the Security + * Advisor. This is really a bug in the PSM error strings (the + * "generic" error has a lousy/wrong message associated with it + * which assumes the signature verification was done for the + * purposes of checking the issuer signature on a certificate) + * but this is at least an easy workaround and/or in the + * Security Advisor, which specifically checks for the error + * SEC_ERROR_PKCS7_BAD_SIGNATURE and gives more explanation + * in that case but does not similarly check for + * SEC_ERROR_BAD_SIGNATURE. It probably should, but then would + * probably say the wrong thing in the case that it *was* the + * certificate signature check that failed during the cert + * verification done above. Our error handling is really a mess. + */ + if (error == SEC_ERROR_BAD_SIGNATURE) + PORT_SetError(SEC_ERROR_PKCS7_BAD_SIGNATURE); + /* + * map algorithm failures to NSSCMSVS values + */ + if ((error == SEC_ERROR_PKCS7_KEYALG_MISMATCH) || + (error == SEC_ERROR_INVALID_ALGORITHM)) { + /* keep the same error code as 3.11 and before */ + PORT_SetError(SEC_ERROR_PKCS7_BAD_SIGNATURE); + vs = NSSCMSVS_SignatureAlgorithmUnsupported; + } } if (publickey != NULL) - SECKEY_DestroyPublicKey (publickey); + SECKEY_DestroyPublicKey(publickey); signerinfo->verificationStatus = vs; @@ -472,11 +479,11 @@ NSS_CMSSignerInfo_Verify(NSSCMSSignerInfo *signerinfo, loser: if (publickey != NULL) - SECKEY_DestroyPublicKey (publickey); + SECKEY_DestroyPublicKey(publickey); signerinfo->verificationStatus = vs; - PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE); + PORT_SetError(SEC_ERROR_PKCS7_BAD_SIGNATURE); return SECFailure; } @@ -490,27 +497,26 @@ SECOidData * NSS_CMSSignerInfo_GetDigestAlg(NSSCMSSignerInfo *signerinfo) { SECOidData *algdata; - SECOidTag algtag; + SECOidTag algtag; - algdata = SECOID_FindOID (&(signerinfo->digestAlg.algorithm)); + algdata = SECOID_FindOID(&(signerinfo->digestAlg.algorithm)); if (algdata == NULL) { - return algdata; + return algdata; } - /* Windows may have given us a signer algorithm oid instead of a digest - * algorithm oid. This call will map to a signer oid to a digest one, + /* Windows may have given us a signer algorithm oid instead of a digest + * algorithm oid. This call will map to a signer oid to a digest one, * otherwise it leaves the oid alone and let the chips fall as they may * if it's not a digest oid. */ algtag = NSS_CMSUtil_MapSignAlgs(algdata->offset); if (algtag != algdata->offset) { - /* if the tags don't match, then we must have received a signer - * algorithID. Now we need to get the oid data for the digest - * oid, which the rest of the code is expecting */ - algdata = SECOID_FindOIDByTag(algtag); + /* if the tags don't match, then we must have received a signer + * algorithID. Now we need to get the oid data for the digest + * oid, which the rest of the code is expecting */ + algdata = SECOID_FindOIDByTag(algtag); } return algdata; - } SECOidTag @@ -525,9 +531,9 @@ NSS_CMSSignerInfo_GetDigestAlgTag(NSSCMSSignerInfo *signerinfo) algdata = NSS_CMSSignerInfo_GetDigestAlg(signerinfo); if (algdata != NULL) - return algdata->offset; + return algdata->offset; else - return SEC_OID_UNKNOWN; + return SEC_OID_UNKNOWN; } CERTCertificateList * @@ -543,14 +549,14 @@ NSS_CMSSignerInfo_GetVersion(NSSCMSSignerInfo *signerinfo) /* always take apart the SECItem */ if (SEC_ASN1DecodeInteger(&(signerinfo->version), &version) != SECSuccess) - return 0; + return 0; else - return (int)version; + return (int)version; } /* * NSS_CMSSignerInfo_GetSigningTime - return the signing time, - * in UTCTime or GeneralizedTime format, + * in UTCTime or GeneralizedTime format, * of a CMS signerInfo. * * sinfo - signerInfo data for this signer @@ -565,20 +571,21 @@ NSS_CMSSignerInfo_GetSigningTime(NSSCMSSignerInfo *sinfo, PRTime *stime) SECItem *value; if (sinfo == NULL) - return SECFailure; + return SECFailure; if (sinfo->signingTime != 0) { - *stime = sinfo->signingTime; /* cached copy */ - return SECSuccess; + *stime = sinfo->signingTime; /* cached copy */ + return SECSuccess; } - attr = NSS_CMSAttributeArray_FindAttrByOidTag(sinfo->authAttr, SEC_OID_PKCS9_SIGNING_TIME, PR_TRUE); + attr = NSS_CMSAttributeArray_FindAttrByOidTag(sinfo->authAttr, + SEC_OID_PKCS9_SIGNING_TIME, PR_TRUE); /* XXXX multi-valued attributes NIH */ if (attr == NULL || (value = NSS_CMSAttribute_GetValue(attr)) == NULL) - return SECFailure; + return SECFailure; if (DER_DecodeTimeChoice(stime, value) != SECSuccess) - return SECFailure; - sinfo->signingTime = *stime; /* make cached copy */ + return SECFailure; + sinfo->signingTime = *stime; /* make cached copy */ return SECSuccess; } @@ -594,11 +601,11 @@ NSS_CMSSignerInfo_GetSigningCertificate(NSSCMSSignerInfo *signerinfo, CERTCertDB NSSCMSSignerIdentifier *sid; if (signerinfo->cert != NULL) - return signerinfo->cert; + return signerinfo->cert; /* no certdb, and cert hasn't been set yet? */ if (certdb == NULL) - return NULL; + return NULL; /* * This cert will also need to be freed, but since we save it @@ -608,19 +615,19 @@ NSS_CMSSignerInfo_GetSigningCertificate(NSSCMSSignerInfo *signerinfo, CERTCertDB */ sid = &signerinfo->signerIdentifier; switch (sid->identifierType) { - case NSSCMSSignerID_IssuerSN: - cert = CERT_FindCertByIssuerAndSN(certdb, sid->id.issuerAndSN); - break; - case NSSCMSSignerID_SubjectKeyID: - cert = CERT_FindCertBySubjectKeyID(certdb, sid->id.subjectKeyID); - break; - default: - cert = NULL; - break; + case NSSCMSSignerID_IssuerSN: + cert = CERT_FindCertByIssuerAndSN(certdb, sid->id.issuerAndSN); + break; + case NSSCMSSignerID_SubjectKeyID: + cert = CERT_FindCertBySubjectKeyID(certdb, sid->id.subjectKeyID); + break; + default: + cert = NULL; + break; } /* cert can be NULL at that point */ - signerinfo->cert = cert; /* earmark it */ + signerinfo->cert = cert; /* earmark it */ return cert; } @@ -640,7 +647,7 @@ NSS_CMSSignerInfo_GetSignerCommonName(NSSCMSSignerInfo *sinfo) /* will fail if cert is not verified */ if ((signercert = NSS_CMSSignerInfo_GetSigningCertificate(sinfo, NULL)) == NULL) - return NULL; + return NULL; return (CERT_GetCommonName(&signercert->subject)); } @@ -659,17 +666,17 @@ NSS_CMSSignerInfo_GetSignerEmailAddress(NSSCMSSignerInfo *sinfo) CERTCertificate *signercert; if ((signercert = NSS_CMSSignerInfo_GetSigningCertificate(sinfo, NULL)) == NULL) - return NULL; + return NULL; if (!signercert->emailAddr || !signercert->emailAddr[0]) - return NULL; + return NULL; return (PORT_Strdup(signercert->emailAddr)); } /* * NSS_CMSSignerInfo_AddAuthAttr - add an attribute to the - * authenticated (i.e. signed) attributes of "signerinfo". + * authenticated (i.e. signed) attributes of "signerinfo". */ SECStatus NSS_CMSSignerInfo_AddAuthAttr(NSSCMSSignerInfo *signerinfo, NSSCMSAttribute *attr) @@ -679,7 +686,7 @@ NSS_CMSSignerInfo_AddAuthAttr(NSSCMSSignerInfo *signerinfo, NSSCMSAttribute *att /* * NSS_CMSSignerInfo_AddUnauthAttr - add an attribute to the - * unauthenticated attributes of "signerinfo". + * unauthenticated attributes of "signerinfo". */ SECStatus NSS_CMSSignerInfo_AddUnauthAttr(NSSCMSSignerInfo *signerinfo, NSSCMSAttribute *attr) @@ -687,9 +694,9 @@ NSS_CMSSignerInfo_AddUnauthAttr(NSSCMSSignerInfo *signerinfo, NSSCMSAttribute *a return NSS_CMSAttributeArray_AddAttr(signerinfo->cmsg->poolp, &(signerinfo->unAuthAttr), attr); } -/* +/* * NSS_CMSSignerInfo_AddSigningTime - add the signing time to the - * authenticated (i.e. signed) attributes of "signerinfo". + * authenticated (i.e. signed) attributes of "signerinfo". * * This is expected to be included in outgoing signed * messages for email (S/MIME) but is likely useful in other situations. @@ -714,30 +721,30 @@ NSS_CMSSignerInfo_AddSigningTime(NSSCMSSignerInfo *signerinfo, PRTime t) /* create new signing time attribute */ if (DER_EncodeTimeChoice(NULL, &stime, t) != SECSuccess) - goto loser; + goto loser; if ((attr = NSS_CMSAttribute_Create(poolp, SEC_OID_PKCS9_SIGNING_TIME, &stime, PR_FALSE)) == NULL) { - SECITEM_FreeItem (&stime, PR_FALSE); - goto loser; + SECITEM_FreeItem(&stime, PR_FALSE); + goto loser; } - SECITEM_FreeItem (&stime, PR_FALSE); + SECITEM_FreeItem(&stime, PR_FALSE); if (NSS_CMSSignerInfo_AddAuthAttr(signerinfo, attr) != SECSuccess) - goto loser; + goto loser; - PORT_ArenaUnmark (poolp, mark); + PORT_ArenaUnmark(poolp, mark); return SECSuccess; loser: - PORT_ArenaRelease (poolp, mark); + PORT_ArenaRelease(poolp, mark); return SECFailure; } -/* +/* * NSS_CMSSignerInfo_AddSMIMECaps - add a SMIMECapabilities attribute to the - * authenticated (i.e. signed) attributes of "signerinfo". + * authenticated (i.e. signed) attributes of "signerinfo". * * This is expected to be included in outgoing signed * messages for email (S/MIME). @@ -756,29 +763,29 @@ NSS_CMSSignerInfo_AddSMIMECaps(NSSCMSSignerInfo *signerinfo) smimecaps = SECITEM_AllocItem(poolp, NULL, 0); if (smimecaps == NULL) - goto loser; + goto loser; /* create new signing time attribute */ if (NSS_SMIMEUtil_CreateSMIMECapabilities(poolp, smimecaps) != SECSuccess) - goto loser; + goto loser; if ((attr = NSS_CMSAttribute_Create(poolp, SEC_OID_PKCS9_SMIME_CAPABILITIES, smimecaps, PR_TRUE)) == NULL) - goto loser; + goto loser; if (NSS_CMSSignerInfo_AddAuthAttr(signerinfo, attr) != SECSuccess) - goto loser; + goto loser; - PORT_ArenaUnmark (poolp, mark); + PORT_ArenaUnmark(poolp, mark); return SECSuccess; loser: - PORT_ArenaRelease (poolp, mark); + PORT_ArenaRelease(poolp, mark); return SECFailure; } -/* +/* * NSS_CMSSignerInfo_AddSMIMEEncKeyPrefs - add a SMIMEEncryptionKeyPreferences attribute to the - * authenticated (i.e. signed) attributes of "signerinfo". + * authenticated (i.e. signed) attributes of "signerinfo". * * This is expected to be included in outgoing signed messages for email (S/MIME). */ @@ -792,7 +799,7 @@ NSS_CMSSignerInfo_AddSMIMEEncKeyPrefs(NSSCMSSignerInfo *signerinfo, CERTCertific /* verify this cert for encryption */ if (CERT_VerifyCert(certdb, cert, PR_TRUE, certUsageEmailRecipient, PR_Now(), signerinfo->cmsg->pwfn_arg, NULL) != SECSuccess) { - return SECFailure; + return SECFailure; } poolp = signerinfo->cmsg->poolp; @@ -800,27 +807,27 @@ NSS_CMSSignerInfo_AddSMIMEEncKeyPrefs(NSSCMSSignerInfo *signerinfo, CERTCertific smimeekp = SECITEM_AllocItem(poolp, NULL, 0); if (smimeekp == NULL) - goto loser; + goto loser; /* create new signing time attribute */ if (NSS_SMIMEUtil_CreateSMIMEEncKeyPrefs(poolp, smimeekp, cert) != SECSuccess) - goto loser; + goto loser; if ((attr = NSS_CMSAttribute_Create(poolp, SEC_OID_SMIME_ENCRYPTION_KEY_PREFERENCE, smimeekp, PR_TRUE)) == NULL) - goto loser; + goto loser; if (NSS_CMSSignerInfo_AddAuthAttr(signerinfo, attr) != SECSuccess) - goto loser; + goto loser; - PORT_ArenaUnmark (poolp, mark); + PORT_ArenaUnmark(poolp, mark); return SECSuccess; loser: - PORT_ArenaRelease (poolp, mark); + PORT_ArenaRelease(poolp, mark); return SECFailure; } -/* +/* * NSS_CMSSignerInfo_AddMSSMIMEEncKeyPrefs - add a SMIMEEncryptionKeyPreferences attribute to the * authenticated (i.e. signed) attributes of "signerinfo", using the OID preferred by Microsoft. * @@ -837,7 +844,7 @@ NSS_CMSSignerInfo_AddMSSMIMEEncKeyPrefs(NSSCMSSignerInfo *signerinfo, CERTCertif /* verify this cert for encryption */ if (CERT_VerifyCert(certdb, cert, PR_TRUE, certUsageEmailRecipient, PR_Now(), signerinfo->cmsg->pwfn_arg, NULL) != SECSuccess) { - return SECFailure; + return SECFailure; } poolp = signerinfo->cmsg->poolp; @@ -845,27 +852,27 @@ NSS_CMSSignerInfo_AddMSSMIMEEncKeyPrefs(NSSCMSSignerInfo *signerinfo, CERTCertif smimeekp = SECITEM_AllocItem(poolp, NULL, 0); if (smimeekp == NULL) - goto loser; + goto loser; /* create new signing time attribute */ if (NSS_SMIMEUtil_CreateMSSMIMEEncKeyPrefs(poolp, smimeekp, cert) != SECSuccess) - goto loser; + goto loser; if ((attr = NSS_CMSAttribute_Create(poolp, SEC_OID_MS_SMIME_ENCRYPTION_KEY_PREFERENCE, smimeekp, PR_TRUE)) == NULL) - goto loser; + goto loser; if (NSS_CMSSignerInfo_AddAuthAttr(signerinfo, attr) != SECSuccess) - goto loser; + goto loser; - PORT_ArenaUnmark (poolp, mark); + PORT_ArenaUnmark(poolp, mark); return SECSuccess; loser: - PORT_ArenaRelease (poolp, mark); + PORT_ArenaRelease(poolp, mark); return SECFailure; } -/* +/* * NSS_CMSSignerInfo_AddCounterSignature - countersign a signerinfo * * 1. digest the DER-encoded signature value of the original signerinfo @@ -880,7 +887,7 @@ loser: */ SECStatus NSS_CMSSignerInfo_AddCounterSignature(NSSCMSSignerInfo *signerinfo, - SECOidTag digestalg, CERTCertificate signingcert) + SECOidTag digestalg, CERTCertificate signingcert) { /* XXXX TBD XXXX */ return SECFailure; @@ -907,42 +914,41 @@ NSS_SMIMESignerInfo_SaveSMIMEProfile(NSSCMSSignerInfo *signerinfo) /* sanity check - see if verification status is ok (unverified does not count...) */ if (signerinfo->verificationStatus != NSSCMSVS_GoodSignature) - return SECFailure; + return SECFailure; /* find preferred encryption cert */ if (!NSS_CMSArray_IsEmpty((void **)signerinfo->authAttr) && - (attr = NSS_CMSAttributeArray_FindAttrByOidTag(signerinfo->authAttr, - SEC_OID_SMIME_ENCRYPTION_KEY_PREFERENCE, PR_TRUE)) != NULL) - { /* we have a SMIME_ENCRYPTION_KEY_PREFERENCE attribute! */ - ekp = NSS_CMSAttribute_GetValue(attr); - if (ekp == NULL) - return SECFailure; - - /* we assume that all certs coming with the message have been imported to the */ - /* temporary database */ - cert = NSS_SMIMEUtil_GetCertFromEncryptionKeyPreference(certdb, ekp); - if (cert == NULL) - return SECFailure; - must_free_cert = PR_TRUE; + (attr = NSS_CMSAttributeArray_FindAttrByOidTag(signerinfo->authAttr, + SEC_OID_SMIME_ENCRYPTION_KEY_PREFERENCE, PR_TRUE)) != NULL) { /* we have a SMIME_ENCRYPTION_KEY_PREFERENCE attribute! */ + ekp = NSS_CMSAttribute_GetValue(attr); + if (ekp == NULL) + return SECFailure; + + /* we assume that all certs coming with the message have been imported to the */ + /* temporary database */ + cert = NSS_SMIMEUtil_GetCertFromEncryptionKeyPreference(certdb, ekp); + if (cert == NULL) + return SECFailure; + must_free_cert = PR_TRUE; } if (cert == NULL) { - /* no preferred cert found? - * find the cert the signerinfo is signed with instead */ - cert = NSS_CMSSignerInfo_GetSigningCertificate(signerinfo, certdb); - if (cert == NULL || cert->emailAddr == NULL || !cert->emailAddr[0]) - return SECFailure; + /* no preferred cert found? + * find the cert the signerinfo is signed with instead */ + cert = NSS_CMSSignerInfo_GetSigningCertificate(signerinfo, certdb); + if (cert == NULL || cert->emailAddr == NULL || !cert->emailAddr[0]) + return SECFailure; } - /* verify this cert for encryption (has been verified for signing so far) */ - /* don't verify this cert for encryption. It may just be a signing cert. +/* verify this cert for encryption (has been verified for signing so far) */ +/* don't verify this cert for encryption. It may just be a signing cert. * that's OK, we can still save the S/MIME profile. The encryption cert * should have already been saved */ #ifdef notdef if (CERT_VerifyCert(certdb, cert, PR_TRUE, certUsageEmailRecipient, PR_Now(), signerinfo->cmsg->pwfn_arg, NULL) != SECSuccess) { - if (must_free_cert) - CERT_DestroyCertificate(cert); - return SECFailure; + if (must_free_cert) + CERT_DestroyCertificate(cert); + return SECFailure; } #endif @@ -955,25 +961,25 @@ NSS_SMIMESignerInfo_SaveSMIMEProfile(NSSCMSSignerInfo *signerinfo) save_error = PORT_GetError(); if (!NSS_CMSArray_IsEmpty((void **)signerinfo->authAttr)) { - attr = NSS_CMSAttributeArray_FindAttrByOidTag(signerinfo->authAttr, - SEC_OID_PKCS9_SMIME_CAPABILITIES, - PR_TRUE); - profile = NSS_CMSAttribute_GetValue(attr); - attr = NSS_CMSAttributeArray_FindAttrByOidTag(signerinfo->authAttr, - SEC_OID_PKCS9_SIGNING_TIME, - PR_TRUE); - stime = NSS_CMSAttribute_GetValue(attr); + attr = NSS_CMSAttributeArray_FindAttrByOidTag(signerinfo->authAttr, + SEC_OID_PKCS9_SMIME_CAPABILITIES, + PR_TRUE); + profile = NSS_CMSAttribute_GetValue(attr); + attr = NSS_CMSAttributeArray_FindAttrByOidTag(signerinfo->authAttr, + SEC_OID_PKCS9_SIGNING_TIME, + PR_TRUE); + stime = NSS_CMSAttribute_GetValue(attr); } - rv = CERT_SaveSMimeProfile (cert, profile, stime); + rv = CERT_SaveSMimeProfile(cert, profile, stime); if (must_free_cert) - CERT_DestroyCertificate(cert); + CERT_DestroyCertificate(cert); /* * Restore the saved error in case the calls above set a new * one that we do not actually care about. */ - PORT_SetError (save_error); + PORT_SetError(save_error); return rv; } @@ -982,34 +988,37 @@ NSS_SMIMESignerInfo_SaveSMIMEProfile(NSSCMSSignerInfo *signerinfo) * NSS_CMSSignerInfo_IncludeCerts - set cert chain inclusion mode for this signer */ SECStatus -NSS_CMSSignerInfo_IncludeCerts(NSSCMSSignerInfo *signerinfo, NSSCMSCertChainMode cm, SECCertUsage usage) +NSS_CMSSignerInfo_IncludeCerts(NSSCMSSignerInfo *signerinfo, + NSSCMSCertChainMode cm, SECCertUsage usage) { if (signerinfo->cert == NULL) - return SECFailure; + return SECFailure; /* don't leak if we get called twice */ if (signerinfo->certList != NULL) { - CERT_DestroyCertificateList(signerinfo->certList); - signerinfo->certList = NULL; + CERT_DestroyCertificateList(signerinfo->certList); + signerinfo->certList = NULL; } switch (cm) { - case NSSCMSCM_None: - signerinfo->certList = NULL; - break; - case NSSCMSCM_CertOnly: - signerinfo->certList = CERT_CertListFromCert(signerinfo->cert); - break; - case NSSCMSCM_CertChain: - signerinfo->certList = CERT_CertChainFromCert(signerinfo->cert, usage, PR_FALSE); - break; - case NSSCMSCM_CertChainWithRoot: - signerinfo->certList = CERT_CertChainFromCert(signerinfo->cert, usage, PR_TRUE); - break; + case NSSCMSCM_None: + signerinfo->certList = NULL; + break; + case NSSCMSCM_CertOnly: + signerinfo->certList = CERT_CertListFromCert(signerinfo->cert); + break; + case NSSCMSCM_CertChain: + signerinfo->certList = CERT_CertChainFromCert(signerinfo->cert, + usage, PR_FALSE); + break; + case NSSCMSCM_CertChainWithRoot: + signerinfo->certList = CERT_CertChainFromCert(signerinfo->cert, + usage, PR_TRUE); + break; } if (cm != NSSCMSCM_None && signerinfo->certList == NULL) - return SECFailure; - + return SECFailure; + return SECSuccess; } |