Mercurial > trustbridge > nss-cmake-static
diff nss/lib/certdb/xconst.c @ 0:1e5118fa0cb1
This is NSS with a Cmake Buildsyste
To compile a static NSS library for Windows we've used the
Chromium-NSS fork and added a Cmake buildsystem to compile
it statically for Windows. See README.chromium for chromium
changes and README.trustbridge for our modifications.
| author | Andre Heinecke <andre.heinecke@intevation.de> |
|---|---|
| date | Mon, 28 Jul 2014 10:47:06 +0200 |
| parents | |
| children |
line wrap: on
line diff
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/nss/lib/certdb/xconst.c Mon Jul 28 10:47:06 2014 +0200 @@ -0,0 +1,286 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +/* + * X.509 Extension Encoding + */ + +#include "prtypes.h" +#include "seccomon.h" +#include "secdert.h" +#include "secoidt.h" +#include "secasn1t.h" +#include "secasn1.h" +#include "cert.h" +#include "secder.h" +#include "prprf.h" +#include "xconst.h" +#include "genname.h" +#include "secasn1.h" +#include "secerr.h" + + +static const SEC_ASN1Template CERTSubjectKeyIDTemplate[] = { + { SEC_ASN1_OCTET_STRING } +}; + + +static const SEC_ASN1Template CERTIA5TypeTemplate[] = { + { SEC_ASN1_IA5_STRING } +}; + +SEC_ASN1_MKSUB(SEC_GeneralizedTimeTemplate) + +static const SEC_ASN1Template CERTPrivateKeyUsagePeriodTemplate[] = { + { SEC_ASN1_SEQUENCE, + 0, NULL, sizeof(CERTPrivKeyUsagePeriod) }, + { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0, + offsetof(CERTPrivKeyUsagePeriod, notBefore), + SEC_ASN1_SUB(SEC_GeneralizedTimeTemplate) }, + { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 1, + offsetof(CERTPrivKeyUsagePeriod, notAfter), + SEC_ASN1_SUB(SEC_GeneralizedTimeTemplate)}, + { 0, } +}; + + +const SEC_ASN1Template CERTAltNameTemplate[] = { + { SEC_ASN1_CONSTRUCTED, offsetof(CERTAltNameEncodedContext, encodedGenName), + CERT_GeneralNamesTemplate} +}; + +const SEC_ASN1Template CERTAuthInfoAccessItemTemplate[] = { + { SEC_ASN1_SEQUENCE, + 0, NULL, sizeof(CERTAuthInfoAccess) }, + { SEC_ASN1_OBJECT_ID, + offsetof(CERTAuthInfoAccess, method) }, + { SEC_ASN1_ANY, + offsetof(CERTAuthInfoAccess, derLocation) }, + { 0, } +}; + +const SEC_ASN1Template CERTAuthInfoAccessTemplate[] = { + { SEC_ASN1_SEQUENCE_OF, 0, CERTAuthInfoAccessItemTemplate } +}; + + +SECStatus +CERT_EncodeSubjectKeyID(PLArenaPool *arena, const SECItem* srcString, + SECItem *encodedValue) +{ + SECStatus rv = SECSuccess; + + if (!srcString) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + if (SEC_ASN1EncodeItem (arena, encodedValue, srcString, + CERTSubjectKeyIDTemplate) == NULL) { + rv = SECFailure; + } + + return(rv); +} + + +SECStatus +CERT_EncodePrivateKeyUsagePeriod(PLArenaPool *arena, + CERTPrivKeyUsagePeriod *pkup, + SECItem *encodedValue) +{ + SECStatus rv = SECSuccess; + + if (SEC_ASN1EncodeItem (arena, encodedValue, pkup, + CERTPrivateKeyUsagePeriodTemplate) == NULL) { + rv = SECFailure; + } + return(rv); +} + +CERTPrivKeyUsagePeriod * +CERT_DecodePrivKeyUsagePeriodExtension(PLArenaPool *arena, SECItem *extnValue) +{ + SECStatus rv; + CERTPrivKeyUsagePeriod *pPeriod; + SECItem newExtnValue; + + /* allocate the certificate policies structure */ + pPeriod = PORT_ArenaZNew(arena, CERTPrivKeyUsagePeriod); + if ( pPeriod == NULL ) { + goto loser; + } + + pPeriod->arena = arena; + + /* copy the DER into the arena, since Quick DER returns data that points + into the DER input, which may get freed by the caller */ + rv = SECITEM_CopyItem(arena, &newExtnValue, extnValue); + if ( rv != SECSuccess ) { + goto loser; + } + + rv = SEC_QuickDERDecodeItem(arena, pPeriod, + CERTPrivateKeyUsagePeriodTemplate, + &newExtnValue); + if ( rv != SECSuccess ) { + goto loser; + } + return pPeriod; + +loser: + return NULL; +} + + +SECStatus +CERT_EncodeIA5TypeExtension(PLArenaPool *arena, char *value, SECItem *encodedValue) +{ + SECItem encodeContext; + SECStatus rv = SECSuccess; + + + PORT_Memset (&encodeContext, 0, sizeof (encodeContext)); + + if (value != NULL) { + encodeContext.data = (unsigned char *)value; + encodeContext.len = strlen(value); + } + if (SEC_ASN1EncodeItem (arena, encodedValue, &encodeContext, + CERTIA5TypeTemplate) == NULL) { + rv = SECFailure; + } + + return(rv); +} + +SECStatus +CERT_EncodeAltNameExtension(PLArenaPool *arena, CERTGeneralName *value, SECItem *encodedValue) +{ + SECItem **encodedGenName; + SECStatus rv = SECSuccess; + + encodedGenName = cert_EncodeGeneralNames(arena, value); + if (SEC_ASN1EncodeItem (arena, encodedValue, &encodedGenName, + CERT_GeneralNamesTemplate) == NULL) { + rv = SECFailure; + } + + return rv; +} + +CERTGeneralName * +CERT_DecodeAltNameExtension(PLArenaPool *reqArena, SECItem *EncodedAltName) +{ + SECStatus rv = SECSuccess; + CERTAltNameEncodedContext encodedContext; + SECItem* newEncodedAltName; + + if (!reqArena) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return NULL; + } + + newEncodedAltName = SECITEM_ArenaDupItem(reqArena, EncodedAltName); + if (!newEncodedAltName) { + return NULL; + } + + encodedContext.encodedGenName = NULL; + PORT_Memset(&encodedContext, 0, sizeof(CERTAltNameEncodedContext)); + rv = SEC_QuickDERDecodeItem (reqArena, &encodedContext, + CERT_GeneralNamesTemplate, newEncodedAltName); + if (rv == SECFailure) { + goto loser; + } + if (encodedContext.encodedGenName && encodedContext.encodedGenName[0]) + return cert_DecodeGeneralNames(reqArena, + encodedContext.encodedGenName); + /* Extension contained an empty GeneralNames sequence */ + /* Treat as extension not found */ + PORT_SetError(SEC_ERROR_EXTENSION_NOT_FOUND); +loser: + return NULL; +} + + +SECStatus +CERT_EncodeNameConstraintsExtension(PLArenaPool *arena, + CERTNameConstraints *value, + SECItem *encodedValue) +{ + SECStatus rv = SECSuccess; + + rv = cert_EncodeNameConstraints(value, arena, encodedValue); + return rv; +} + + +CERTNameConstraints * +CERT_DecodeNameConstraintsExtension(PLArenaPool *arena, + const SECItem *encodedConstraints) +{ + return cert_DecodeNameConstraints(arena, encodedConstraints); +} + + +CERTAuthInfoAccess ** +CERT_DecodeAuthInfoAccessExtension(PLArenaPool *reqArena, + SECItem *encodedExtension) +{ + CERTAuthInfoAccess **info = NULL; + SECStatus rv; + int i; + SECItem* newEncodedExtension; + + if (!reqArena) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return NULL; + } + + newEncodedExtension = SECITEM_ArenaDupItem(reqArena, encodedExtension); + if (!newEncodedExtension) { + return NULL; + } + + rv = SEC_QuickDERDecodeItem(reqArena, &info, CERTAuthInfoAccessTemplate, + newEncodedExtension); + if (rv != SECSuccess || info == NULL) { + return NULL; + } + + for (i = 0; info[i] != NULL; i++) { + info[i]->location = CERT_DecodeGeneralName(reqArena, + &(info[i]->derLocation), + NULL); + } + return info; +} + +SECStatus +CERT_EncodeInfoAccessExtension(PLArenaPool *arena, + CERTAuthInfoAccess **info, + SECItem *dest) +{ + SECItem *dummy; + int i; + + PORT_Assert(info != NULL); + PORT_Assert(dest != NULL); + if (info == NULL || dest == NULL) { + return SECFailure; + } + + for (i = 0; info[i] != NULL; i++) { + if (CERT_EncodeGeneralName(info[i]->location, &(info[i]->derLocation), + arena) == NULL) + /* Note that this may leave some of the locations filled in. */ + return SECFailure; + } + dummy = SEC_ASN1EncodeItem(arena, dest, &info, + CERTAuthInfoAccessTemplate); + if (dummy == NULL) { + return SECFailure; + } + return SECSuccess; +}