Mercurial > trustbridge > nss-cmake-static
comparison nss/lib/certdb/xconst.c @ 0:1e5118fa0cb1
This is NSS with a Cmake Buildsyste
To compile a static NSS library for Windows we've used the
Chromium-NSS fork and added a Cmake buildsystem to compile
it statically for Windows. See README.chromium for chromium
changes and README.trustbridge for our modifications.
| author | Andre Heinecke <andre.heinecke@intevation.de> |
|---|---|
| date | Mon, 28 Jul 2014 10:47:06 +0200 |
| parents | |
| children |
comparison
equal
deleted
inserted
replaced
| -1:000000000000 | 0:1e5118fa0cb1 |
|---|---|
| 1 /* This Source Code Form is subject to the terms of the Mozilla Public | |
| 2 * License, v. 2.0. If a copy of the MPL was not distributed with this | |
| 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | |
| 4 | |
| 5 /* | |
| 6 * X.509 Extension Encoding | |
| 7 */ | |
| 8 | |
| 9 #include "prtypes.h" | |
| 10 #include "seccomon.h" | |
| 11 #include "secdert.h" | |
| 12 #include "secoidt.h" | |
| 13 #include "secasn1t.h" | |
| 14 #include "secasn1.h" | |
| 15 #include "cert.h" | |
| 16 #include "secder.h" | |
| 17 #include "prprf.h" | |
| 18 #include "xconst.h" | |
| 19 #include "genname.h" | |
| 20 #include "secasn1.h" | |
| 21 #include "secerr.h" | |
| 22 | |
| 23 | |
| 24 static const SEC_ASN1Template CERTSubjectKeyIDTemplate[] = { | |
| 25 { SEC_ASN1_OCTET_STRING } | |
| 26 }; | |
| 27 | |
| 28 | |
| 29 static const SEC_ASN1Template CERTIA5TypeTemplate[] = { | |
| 30 { SEC_ASN1_IA5_STRING } | |
| 31 }; | |
| 32 | |
| 33 SEC_ASN1_MKSUB(SEC_GeneralizedTimeTemplate) | |
| 34 | |
| 35 static const SEC_ASN1Template CERTPrivateKeyUsagePeriodTemplate[] = { | |
| 36 { SEC_ASN1_SEQUENCE, | |
| 37 0, NULL, sizeof(CERTPrivKeyUsagePeriod) }, | |
| 38 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0, | |
| 39 offsetof(CERTPrivKeyUsagePeriod, notBefore), | |
| 40 SEC_ASN1_SUB(SEC_GeneralizedTimeTemplate) }, | |
| 41 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 1, | |
| 42 offsetof(CERTPrivKeyUsagePeriod, notAfter), | |
| 43 SEC_ASN1_SUB(SEC_GeneralizedTimeTemplate)}, | |
| 44 { 0, } | |
| 45 }; | |
| 46 | |
| 47 | |
| 48 const SEC_ASN1Template CERTAltNameTemplate[] = { | |
| 49 { SEC_ASN1_CONSTRUCTED, offsetof(CERTAltNameEncodedContext, encodedGenName), | |
| 50 CERT_GeneralNamesTemplate} | |
| 51 }; | |
| 52 | |
| 53 const SEC_ASN1Template CERTAuthInfoAccessItemTemplate[] = { | |
| 54 { SEC_ASN1_SEQUENCE, | |
| 55 0, NULL, sizeof(CERTAuthInfoAccess) }, | |
| 56 { SEC_ASN1_OBJECT_ID, | |
| 57 offsetof(CERTAuthInfoAccess, method) }, | |
| 58 { SEC_ASN1_ANY, | |
| 59 offsetof(CERTAuthInfoAccess, derLocation) }, | |
| 60 { 0, } | |
| 61 }; | |
| 62 | |
| 63 const SEC_ASN1Template CERTAuthInfoAccessTemplate[] = { | |
| 64 { SEC_ASN1_SEQUENCE_OF, 0, CERTAuthInfoAccessItemTemplate } | |
| 65 }; | |
| 66 | |
| 67 | |
| 68 SECStatus | |
| 69 CERT_EncodeSubjectKeyID(PLArenaPool *arena, const SECItem* srcString, | |
| 70 SECItem *encodedValue) | |
| 71 { | |
| 72 SECStatus rv = SECSuccess; | |
| 73 | |
| 74 if (!srcString) { | |
| 75 PORT_SetError(SEC_ERROR_INVALID_ARGS); | |
| 76 return SECFailure; | |
| 77 } | |
| 78 if (SEC_ASN1EncodeItem (arena, encodedValue, srcString, | |
| 79 CERTSubjectKeyIDTemplate) == NULL) { | |
| 80 rv = SECFailure; | |
| 81 } | |
| 82 | |
| 83 return(rv); | |
| 84 } | |
| 85 | |
| 86 | |
| 87 SECStatus | |
| 88 CERT_EncodePrivateKeyUsagePeriod(PLArenaPool *arena, | |
| 89 CERTPrivKeyUsagePeriod *pkup, | |
| 90 SECItem *encodedValue) | |
| 91 { | |
| 92 SECStatus rv = SECSuccess; | |
| 93 | |
| 94 if (SEC_ASN1EncodeItem (arena, encodedValue, pkup, | |
| 95 CERTPrivateKeyUsagePeriodTemplate) == NULL) { | |
| 96 rv = SECFailure; | |
| 97 } | |
| 98 return(rv); | |
| 99 } | |
| 100 | |
| 101 CERTPrivKeyUsagePeriod * | |
| 102 CERT_DecodePrivKeyUsagePeriodExtension(PLArenaPool *arena, SECItem *extnValue) | |
| 103 { | |
| 104 SECStatus rv; | |
| 105 CERTPrivKeyUsagePeriod *pPeriod; | |
| 106 SECItem newExtnValue; | |
| 107 | |
| 108 /* allocate the certificate policies structure */ | |
| 109 pPeriod = PORT_ArenaZNew(arena, CERTPrivKeyUsagePeriod); | |
| 110 if ( pPeriod == NULL ) { | |
| 111 goto loser; | |
| 112 } | |
| 113 | |
| 114 pPeriod->arena = arena; | |
| 115 | |
| 116 /* copy the DER into the arena, since Quick DER returns data that points | |
| 117 into the DER input, which may get freed by the caller */ | |
| 118 rv = SECITEM_CopyItem(arena, &newExtnValue, extnValue); | |
| 119 if ( rv != SECSuccess ) { | |
| 120 goto loser; | |
| 121 } | |
| 122 | |
| 123 rv = SEC_QuickDERDecodeItem(arena, pPeriod, | |
| 124 CERTPrivateKeyUsagePeriodTemplate, | |
| 125 &newExtnValue); | |
| 126 if ( rv != SECSuccess ) { | |
| 127 goto loser; | |
| 128 } | |
| 129 return pPeriod; | |
| 130 | |
| 131 loser: | |
| 132 return NULL; | |
| 133 } | |
| 134 | |
| 135 | |
| 136 SECStatus | |
| 137 CERT_EncodeIA5TypeExtension(PLArenaPool *arena, char *value, SECItem *encodedValue) | |
| 138 { | |
| 139 SECItem encodeContext; | |
| 140 SECStatus rv = SECSuccess; | |
| 141 | |
| 142 | |
| 143 PORT_Memset (&encodeContext, 0, sizeof (encodeContext)); | |
| 144 | |
| 145 if (value != NULL) { | |
| 146 encodeContext.data = (unsigned char *)value; | |
| 147 encodeContext.len = strlen(value); | |
| 148 } | |
| 149 if (SEC_ASN1EncodeItem (arena, encodedValue, &encodeContext, | |
| 150 CERTIA5TypeTemplate) == NULL) { | |
| 151 rv = SECFailure; | |
| 152 } | |
| 153 | |
| 154 return(rv); | |
| 155 } | |
| 156 | |
| 157 SECStatus | |
| 158 CERT_EncodeAltNameExtension(PLArenaPool *arena, CERTGeneralName *value, SECItem *encodedValue) | |
| 159 { | |
| 160 SECItem **encodedGenName; | |
| 161 SECStatus rv = SECSuccess; | |
| 162 | |
| 163 encodedGenName = cert_EncodeGeneralNames(arena, value); | |
| 164 if (SEC_ASN1EncodeItem (arena, encodedValue, &encodedGenName, | |
| 165 CERT_GeneralNamesTemplate) == NULL) { | |
| 166 rv = SECFailure; | |
| 167 } | |
| 168 | |
| 169 return rv; | |
| 170 } | |
| 171 | |
| 172 CERTGeneralName * | |
| 173 CERT_DecodeAltNameExtension(PLArenaPool *reqArena, SECItem *EncodedAltName) | |
| 174 { | |
| 175 SECStatus rv = SECSuccess; | |
| 176 CERTAltNameEncodedContext encodedContext; | |
| 177 SECItem* newEncodedAltName; | |
| 178 | |
| 179 if (!reqArena) { | |
| 180 PORT_SetError(SEC_ERROR_INVALID_ARGS); | |
| 181 return NULL; | |
| 182 } | |
| 183 | |
| 184 newEncodedAltName = SECITEM_ArenaDupItem(reqArena, EncodedAltName); | |
| 185 if (!newEncodedAltName) { | |
| 186 return NULL; | |
| 187 } | |
| 188 | |
| 189 encodedContext.encodedGenName = NULL; | |
| 190 PORT_Memset(&encodedContext, 0, sizeof(CERTAltNameEncodedContext)); | |
| 191 rv = SEC_QuickDERDecodeItem (reqArena, &encodedContext, | |
| 192 CERT_GeneralNamesTemplate, newEncodedAltName); | |
| 193 if (rv == SECFailure) { | |
| 194 goto loser; | |
| 195 } | |
| 196 if (encodedContext.encodedGenName && encodedContext.encodedGenName[0]) | |
| 197 return cert_DecodeGeneralNames(reqArena, | |
| 198 encodedContext.encodedGenName); | |
| 199 /* Extension contained an empty GeneralNames sequence */ | |
| 200 /* Treat as extension not found */ | |
| 201 PORT_SetError(SEC_ERROR_EXTENSION_NOT_FOUND); | |
| 202 loser: | |
| 203 return NULL; | |
| 204 } | |
| 205 | |
| 206 | |
| 207 SECStatus | |
| 208 CERT_EncodeNameConstraintsExtension(PLArenaPool *arena, | |
| 209 CERTNameConstraints *value, | |
| 210 SECItem *encodedValue) | |
| 211 { | |
| 212 SECStatus rv = SECSuccess; | |
| 213 | |
| 214 rv = cert_EncodeNameConstraints(value, arena, encodedValue); | |
| 215 return rv; | |
| 216 } | |
| 217 | |
| 218 | |
| 219 CERTNameConstraints * | |
| 220 CERT_DecodeNameConstraintsExtension(PLArenaPool *arena, | |
| 221 const SECItem *encodedConstraints) | |
| 222 { | |
| 223 return cert_DecodeNameConstraints(arena, encodedConstraints); | |
| 224 } | |
| 225 | |
| 226 | |
| 227 CERTAuthInfoAccess ** | |
| 228 CERT_DecodeAuthInfoAccessExtension(PLArenaPool *reqArena, | |
| 229 SECItem *encodedExtension) | |
| 230 { | |
| 231 CERTAuthInfoAccess **info = NULL; | |
| 232 SECStatus rv; | |
| 233 int i; | |
| 234 SECItem* newEncodedExtension; | |
| 235 | |
| 236 if (!reqArena) { | |
| 237 PORT_SetError(SEC_ERROR_INVALID_ARGS); | |
| 238 return NULL; | |
| 239 } | |
| 240 | |
| 241 newEncodedExtension = SECITEM_ArenaDupItem(reqArena, encodedExtension); | |
| 242 if (!newEncodedExtension) { | |
| 243 return NULL; | |
| 244 } | |
| 245 | |
| 246 rv = SEC_QuickDERDecodeItem(reqArena, &info, CERTAuthInfoAccessTemplate, | |
| 247 newEncodedExtension); | |
| 248 if (rv != SECSuccess || info == NULL) { | |
| 249 return NULL; | |
| 250 } | |
| 251 | |
| 252 for (i = 0; info[i] != NULL; i++) { | |
| 253 info[i]->location = CERT_DecodeGeneralName(reqArena, | |
| 254 &(info[i]->derLocation), | |
| 255 NULL); | |
| 256 } | |
| 257 return info; | |
| 258 } | |
| 259 | |
| 260 SECStatus | |
| 261 CERT_EncodeInfoAccessExtension(PLArenaPool *arena, | |
| 262 CERTAuthInfoAccess **info, | |
| 263 SECItem *dest) | |
| 264 { | |
| 265 SECItem *dummy; | |
| 266 int i; | |
| 267 | |
| 268 PORT_Assert(info != NULL); | |
| 269 PORT_Assert(dest != NULL); | |
| 270 if (info == NULL || dest == NULL) { | |
| 271 return SECFailure; | |
| 272 } | |
| 273 | |
| 274 for (i = 0; info[i] != NULL; i++) { | |
| 275 if (CERT_EncodeGeneralName(info[i]->location, &(info[i]->derLocation), | |
| 276 arena) == NULL) | |
| 277 /* Note that this may leave some of the locations filled in. */ | |
| 278 return SECFailure; | |
| 279 } | |
| 280 dummy = SEC_ASN1EncodeItem(arena, dest, &info, | |
| 281 CERTAuthInfoAccessTemplate); | |
| 282 if (dummy == NULL) { | |
| 283 return SECFailure; | |
| 284 } | |
| 285 return SECSuccess; | |
| 286 } |