mozilla/security/nss/lib/certdb/polcyxtn.c - Issue 14249009: Change the NSS and NSPR source tree to the new directory structure to be

Side by Side Diff: mozilla/security/nss/lib/certdb/polcyxtn.c

Issue 14249009: Change the NSS and NSPR source tree to the new directory structure to be (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/deps/third_party/nss/

Patch Set: Created 7 years, 8 months ago

Use n/p to move between diff chunks; N/P to move between comments.

Jump to:

View unified diff | | Annotate | Revision Log

OLD	NEW
	(Empty)
1 /* This Source Code Form is subject to the terms of the Mozilla Public

2 * License, v. 2.0. If a copy of the MPL was not distributed with this

3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

4

5 /*

6 * Support for various policy related extensions

7 *

8 * $Id: polcyxtn.c,v 1.14 2012/04/25 14:49:27 gerv%gerv.net Exp $

9 */

10

11 #include "seccomon.h"

12 #include "secport.h"

13 #include "secder.h"

14 #include "cert.h"

15 #include "secoid.h"

16 #include "secasn1.h"

17 #include "secerr.h"

18 #include "nspr.h"

19

20 SEC_ASN1_MKSUB(SEC_IntegerTemplate)

21 SEC_ASN1_MKSUB(SEC_ObjectIDTemplate)

22

23 const SEC_ASN1Template CERT_DisplayTextTypeTemplate[] = {

24 { SEC_ASN1_CHOICE, offsetof(SECItem, type), 0, sizeof(SECItem) },

25 { SEC_ASN1_IA5_STRING, 0, 0, siAsciiString},

26 { SEC_ASN1_VISIBLE_STRING , 0, 0, siVisibleString},

27 { SEC_ASN1_BMP_STRING , 0, 0, siBMPString },

28 { SEC_ASN1_UTF8_STRING , 0, 0, siUTF8String },

29 { 0 }

30 };

31

32 const SEC_ASN1Template CERT_NoticeReferenceTemplate[] = {

33 { SEC_ASN1_SEQUENCE,

34 0, NULL, sizeof(CERTNoticeReference) },

35 { SEC_ASN1_INLINE,

36 offsetof(CERTNoticeReference, organization),

37 CERT_DisplayTextTypeTemplate, 0 },

38 { SEC_ASN1_SEQUENCE_OF \| SEC_ASN1_XTRN,

39 offsetof(CERTNoticeReference, noticeNumbers),

40 SEC_ASN1_SUB(SEC_IntegerTemplate) },

41 { 0 }

42 };

43

44 const SEC_ASN1Template CERT_UserNoticeTemplate[] = {

45 { SEC_ASN1_SEQUENCE,

46 0, NULL, sizeof(CERTUserNotice) },

47 { SEC_ASN1_INLINE \| SEC_ASN1_OPTIONAL,

48 offsetof(CERTUserNotice, noticeReference),

49 CERT_NoticeReferenceTemplate, 0 },

50 { SEC_ASN1_INLINE \| SEC_ASN1_OPTIONAL,

51 offsetof(CERTUserNotice, displayText),

52 CERT_DisplayTextTypeTemplate, 0 },

53 { 0 }

54 };

55

56 const SEC_ASN1Template CERT_PolicyQualifierTemplate[] = {

57 { SEC_ASN1_SEQUENCE,

58 0, NULL, sizeof(CERTPolicyQualifier) },

59 { SEC_ASN1_OBJECT_ID,

60 offsetof(CERTPolicyQualifier, qualifierID) },

61 { SEC_ASN1_ANY,

62 offsetof(CERTPolicyQualifier, qualifierValue) },

63 { 0 }

64 };

65

66 const SEC_ASN1Template CERT_PolicyInfoTemplate[] = {

67 { SEC_ASN1_SEQUENCE,

68 0, NULL, sizeof(CERTPolicyInfo) },

69 { SEC_ASN1_OBJECT_ID,

70 offsetof(CERTPolicyInfo, policyID) },

71 { SEC_ASN1_SEQUENCE_OF \| SEC_ASN1_OPTIONAL,

72 offsetof(CERTPolicyInfo, policyQualifiers),

73 CERT_PolicyQualifierTemplate },

74 { 0 }

75 };

76

77 const SEC_ASN1Template CERT_CertificatePoliciesTemplate[] = {

78 { SEC_ASN1_SEQUENCE_OF,

79 offsetof(CERTCertificatePolicies, policyInfos),

80 CERT_PolicyInfoTemplate, sizeof(CERTCertificatePolicies) }

81 };

82

83 const SEC_ASN1Template CERT_PolicyMapTemplate[] = {

84 { SEC_ASN1_SEQUENCE,

85 0, NULL, sizeof(CERTPolicyMap) },

86 { SEC_ASN1_OBJECT_ID,

87 offsetof(CERTPolicyMap, issuerDomainPolicy) },

88 { SEC_ASN1_OBJECT_ID,

89 offsetof(CERTPolicyMap, subjectDomainPolicy) },

90 { 0 }

91 };

92

93 const SEC_ASN1Template CERT_PolicyMappingsTemplate[] = {

94 { SEC_ASN1_SEQUENCE_OF,

95 offsetof(CERTCertificatePolicyMappings, policyMaps),

96 CERT_PolicyMapTemplate, sizeof(CERTPolicyMap) }

97 };

98

99 const SEC_ASN1Template CERT_PolicyConstraintsTemplate[] = {

100 { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CERTCertificatePolicyConstraints) },

101 { SEC_ASN1_OPTIONAL \| SEC_ASN1_CONTEXT_SPECIFIC \| SEC_ASN1_XTRN \| 0,

102 offsetof(CERTCertificatePolicyConstraints, explicitPolicySkipCerts),

103 SEC_ASN1_SUB(SEC_IntegerTemplate) },

104 { SEC_ASN1_OPTIONAL \| SEC_ASN1_CONTEXT_SPECIFIC \| SEC_ASN1_XTRN \| 1,

105 offsetof(CERTCertificatePolicyConstraints, inhibitMappingSkipCerts),

106 SEC_ASN1_SUB(SEC_IntegerTemplate) },

107 { 0 }

108 };

109

110 const SEC_ASN1Template CERT_InhibitAnyTemplate[] = {

111 { SEC_ASN1_INTEGER,

112 offsetof(CERTCertificateInhibitAny, inhibitAnySkipCerts),

113 NULL, sizeof(CERTCertificateInhibitAny) }

114 };

115

116 static void

117 breakLines(char *string)

118 {

119 char *tmpstr;

120 char *lastspace = NULL;

121 int curlen = 0;

122 int c;

123

124 tmpstr = string;

125

126 while ( ( c = *tmpstr ) != '\0' ) {

127 switch ( c ) {

128 case ' ':

129 lastspace = tmpstr;

130 break;

131 case '\n':

132 lastspace = NULL;

133 curlen = 0;

134 break;

135 }

136

137 if ( ( curlen >= 55 ) && ( lastspace != NULL ) ) {

138 *lastspace = '\n';

139 curlen = ( tmpstr - lastspace );

140 lastspace = NULL;

141 }

142

143 curlen++;

144 tmpstr++;

145 }

146

147 return;

148 }

149

150 CERTCertificatePolicies *

151 CERT_DecodeCertificatePoliciesExtension(SECItem *extnValue)

152 {

153 PRArenaPool *arena = NULL;

154 SECStatus rv;

155 CERTCertificatePolicies *policies;

156 CERTPolicyInfo *policyInfos, policyInfo;

157 CERTPolicyQualifier *policyQualifiers, policyQualifier;

158 SECItem newExtnValue;

159

160 /* make a new arena */

161 arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);

162

163 if ( !arena ) {

164 goto loser;

165 }

166

167 /* allocate the certificate policies structure */

168 policies = (CERTCertificatePolicies *)

169 PORT_ArenaZAlloc(arena, sizeof(CERTCertificatePolicies));

170

171 if ( policies == NULL ) {

172 goto loser;

173 }

174

175 policies->arena = arena;

176

177 /* copy the DER into the arena, since Quick DER returns data that points

178 into the DER input, which may get freed by the caller */

179 rv = SECITEM_CopyItem(arena, &newExtnValue, extnValue);

180 if ( rv != SECSuccess ) {

181 goto loser;

182 }

183

184 /* decode the policy info */

185 rv = SEC_QuickDERDecodeItem(arena, policies, CERT_CertificatePoliciesTemplat e,

186 &newExtnValue);

187

188 if ( rv != SECSuccess ) {

189 goto loser;

190 }

191

192 /* initialize the oid tags */

193 policyInfos = policies->policyInfos;

194 while (*policyInfos != NULL ) {

195 policyInfo = *policyInfos;

196 policyInfo->oid = SECOID_FindOIDTag(&policyInfo->policyID);

197 policyQualifiers = policyInfo->policyQualifiers;

198 while ( policyQualifiers != NULL && *policyQualifiers != NULL ) {

199 policyQualifier = *policyQualifiers;

200 policyQualifier->oid =

201 SECOID_FindOIDTag(&policyQualifier->qualifierID);

202 policyQualifiers++;

203 }

204 policyInfos++;

205 }

206

207 return(policies);

208

209 loser:

210 if ( arena != NULL ) {

211 PORT_FreeArena(arena, PR_FALSE);

212 }

213

214 return(NULL);

215 }

216

217 void

218 CERT_DestroyCertificatePoliciesExtension(CERTCertificatePolicies *policies)

219 {

220 if ( policies != NULL ) {

221 PORT_FreeArena(policies->arena, PR_FALSE);

222 }

223 return;

224 }

225

226 CERTCertificatePolicyMappings *

227 CERT_DecodePolicyMappingsExtension(SECItem *extnValue)

228 {

229 PRArenaPool *arena = NULL;

230 SECStatus rv;

231 CERTCertificatePolicyMappings *mappings;

232 SECItem newExtnValue;

233

234 /* make a new arena */

235 arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);

236 if ( !arena ) {

237 goto loser;

238 }

239

240 /* allocate the policy mappings structure */

241 mappings = (CERTCertificatePolicyMappings *)

242 PORT_ArenaZAlloc(arena, sizeof(CERTCertificatePolicyMappings));

243 if ( mappings == NULL ) {

244 goto loser;

245 }

246 mappings->arena = arena;

247

248 /* copy the DER into the arena, since Quick DER returns data that points

249 into the DER input, which may get freed by the caller */

250 rv = SECITEM_CopyItem(arena, &newExtnValue, extnValue);

251 if ( rv != SECSuccess ) {

252 goto loser;

253 }

254

255 /* decode the policy mappings */

256 rv = SEC_QuickDERDecodeItem

257 (arena, mappings, CERT_PolicyMappingsTemplate, &newExtnValue);

258 if ( rv != SECSuccess ) {

259 goto loser;

260 }

261

262 return(mappings);

263

264 loser:

265 if ( arena != NULL ) {

266 PORT_FreeArena(arena, PR_FALSE);

267 }

268

269 return(NULL);

270 }

271

272 SECStatus

273 CERT_DestroyPolicyMappingsExtension(CERTCertificatePolicyMappings *mappings)

274 {

275 if ( mappings != NULL ) {

276 PORT_FreeArena(mappings->arena, PR_FALSE);

277 }

278 return SECSuccess;

279 }

280

281 SECStatus

282 CERT_DecodePolicyConstraintsExtension

283 (CERTCertificatePolicyConstraints *decodedValue,

284 SECItem *encodedValue)

285 {

286 CERTCertificatePolicyConstraints decodeContext;

287 PRArenaPool *arena = NULL;

288 SECStatus rv = SECSuccess;

289

290 /* initialize so we can tell when an optional component is omitted */

291 PORT_Memset(&decodeContext, 0, sizeof(decodeContext));

292

293 /* make a new arena */

294 arena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);

295 if (!arena) {

296 return SECFailure;

297 }

298

299 do {

300 /* decode the policy constraints */

301 rv = SEC_QuickDERDecodeItem(arena,

302 &decodeContext, CERT_PolicyConstraintsTemplate, encodedValue);

303

304 if ( rv != SECSuccess ) {

305 break;

306 }

307

308 if (decodeContext.explicitPolicySkipCerts.len == 0) {

309 (PRInt32 )decodedValue->explicitPolicySkipCerts.data = -1;

310 } else {

311 (PRInt32 )decodedValue->explicitPolicySkipCerts.data =

312 DER_GetInteger(&decodeContext.explicitPolicySkipCerts);

313 }

314

315 if (decodeContext.inhibitMappingSkipCerts.len == 0) {

316 (PRInt32 )decodedValue->inhibitMappingSkipCerts.data = -1;

317 } else {

318 (PRInt32 )decodedValue->inhibitMappingSkipCerts.data =

319 DER_GetInteger(&decodeContext.inhibitMappingSkipCerts);

320 }

321

322 if (((PRInt32 )decodedValue->explicitPolicySkipCerts.data ==

323 PR_INT32_MIN) \|\|

324 ((PRInt32 )decodedValue->explicitPolicySkipCerts.data ==

325 PR_INT32_MAX) \|\|

326 ((PRInt32 )decodedValue->inhibitMappingSkipCerts.data ==

327 PR_INT32_MIN) \|\|

328 ((PRInt32 )decodedValue->inhibitMappingSkipCerts.data ==

329 PR_INT32_MAX)) {

330 rv = SECFailure;

331 }

332

333 } while (0);

334

335 PORT_FreeArena(arena, PR_FALSE);

336 return(rv);

337 }

338

339 SECStatus CERT_DecodeInhibitAnyExtension

340 (CERTCertificateInhibitAny decodedValue, SECItem encodedValue)

341 {

342 CERTCertificateInhibitAny decodeContext;

343 PRArenaPool *arena = NULL;

344 SECStatus rv = SECSuccess;

345

346 /* make a new arena */

347 arena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);

348 if ( !arena ) {

349 return SECFailure;

350 }

351

352 do {

353

354 /* decode the policy mappings */

355 decodeContext.inhibitAnySkipCerts.type = siUnsignedInteger;

356 rv = SEC_QuickDERDecodeItem(arena,

357 &decodeContext, CERT_InhibitAnyTemplate, encodedValue);

358

359 if ( rv != SECSuccess ) {

360 break;

361 }

362

363 (PRInt32 )decodedValue->inhibitAnySkipCerts.data =

364 DER_GetInteger(&decodeContext.inhibitAnySkipCerts);

365

366 } while (0);

367

368 PORT_FreeArena(arena, PR_FALSE);

369 return(rv);

370 }

371

372 CERTUserNotice *

373 CERT_DecodeUserNotice(SECItem *noticeItem)

374 {

375 PRArenaPool *arena = NULL;

376 SECStatus rv;

377 CERTUserNotice *userNotice;

378 SECItem newNoticeItem;

379

380 /* make a new arena */

381 arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);

382

383 if ( !arena ) {

384 goto loser;

385 }

386

387 /* allocate the userNotice structure */

388 userNotice = (CERTUserNotice *)PORT_ArenaZAlloc(arena,

389 sizeof(CERTUserNotice));

390

391 if ( userNotice == NULL ) {

392 goto loser;

393 }

394

395 userNotice->arena = arena;

396

397 /* copy the DER into the arena, since Quick DER returns data that points

398 into the DER input, which may get freed by the caller */

399 rv = SECITEM_CopyItem(arena, &newNoticeItem, noticeItem);

400 if ( rv != SECSuccess ) {

401 goto loser;

402 }

403

404 /* decode the user notice */

405 rv = SEC_QuickDERDecodeItem(arena, userNotice, CERT_UserNoticeTemplate,

406 &newNoticeItem);

407

408 if ( rv != SECSuccess ) {

409 goto loser;

410 }

411

412 if (userNotice->derNoticeReference.data != NULL) {

413

414 rv = SEC_QuickDERDecodeItem(arena, &userNotice->noticeReference,

415 CERT_NoticeReferenceTemplate,

416 &userNotice->derNoticeReference);

417 if (rv == SECFailure) {

418 goto loser;

419 }

420 }

421

422 return(userNotice);

423

424 loser:

425 if ( arena != NULL ) {

426 PORT_FreeArena(arena, PR_FALSE);

427 }

428

429 return(NULL);

430 }

431

432 void

433 CERT_DestroyUserNotice(CERTUserNotice *userNotice)

434 {

435 if ( userNotice != NULL ) {

436 PORT_FreeArena(userNotice->arena, PR_FALSE);

437 }

438 return;

439 }

440

441 static CERTPolicyStringCallback policyStringCB = NULL;

442 static void *policyStringCBArg = NULL;

443

444 void

445 CERT_SetCAPolicyStringCallback(CERTPolicyStringCallback cb, void *cbarg)

446 {

447 policyStringCB = cb;

448 policyStringCBArg = cbarg;

449 return;

450 }

451

452 char *

453 stringFromUserNotice(SECItem *noticeItem)

454 {

455 SECItem *org;

456 unsigned int len, headerlen;

457 char *stringbuf;

458 CERTUserNotice *userNotice;

459 char *policystr;

460 char *retstr = NULL;

461 SECItem *displayText;

462 SECItem **noticeNumbers;

463 unsigned int strnum;

464

465 /* decode the user notice */

466 userNotice = CERT_DecodeUserNotice(noticeItem);

467 if ( userNotice == NULL ) {

468 return(NULL);

469 }

470

471 org = &userNotice->noticeReference.organization;

472 if ( (org->len != 0 ) && ( policyStringCB != NULL ) ) {

473 /* has a noticeReference */

474

475 /* extract the org string */

476 len = org->len;

477 stringbuf = (char*)PORT_Alloc(len + 1);

478 if ( stringbuf != NULL ) {

479 PORT_Memcpy(stringbuf, org->data, len);

480 stringbuf[len] = '\0';

481

482 noticeNumbers = userNotice->noticeReference.noticeNumbers;

483 while ( *noticeNumbers != NULL ) {

484 /* XXX - only one byte integers right now*/

485 strnum = (*noticeNumbers)->data[0];

486 policystr = (* policyStringCB)(stringbuf,

487 strnum,

488 policyStringCBArg);

489 if ( policystr != NULL ) {

490 if ( retstr != NULL ) {

491 retstr = PR_sprintf_append(retstr, "\n%s", policystr);

492 } else {

493 retstr = PR_sprintf_append(retstr, "%s", policystr);

494 }

495

496 PORT_Free(policystr);

497 }

498

499 noticeNumbers++;

500 }

501

502 PORT_Free(stringbuf);

503 }

504 }

505

506 if ( retstr == NULL ) {

507 if ( userNotice->displayText.len != 0 ) {

508 displayText = &userNotice->displayText;

509

510 if ( displayText->len > 2 ) {

511 if ( displayText->data[0] == SEC_ASN1_VISIBLE_STRING ) {

512 headerlen = 2;

513 if ( displayText->data[1] & 0x80 ) {

514 /* multibyte length */

515 headerlen += ( displayText->data[1] & 0x7f );

516 }

517

518 len = displayText->len - headerlen;

519 retstr = (char*)PORT_Alloc(len + 1);

520 if ( retstr != NULL ) {

521 PORT_Memcpy(retstr, &displayText->data[headerlen],len);

522 retstr[len] = '\0';

523 }

524 }

525 }

526 }

527 }

528

529 CERT_DestroyUserNotice(userNotice);

530

531 return(retstr);

532 }

533

534 char *

535 CERT_GetCertCommentString(CERTCertificate *cert)

536 {

537 char *retstring = NULL;

538 SECStatus rv;

539 SECItem policyItem;

540 CERTCertificatePolicies *policies = NULL;

541 CERTPolicyInfo **policyInfos;

542 CERTPolicyQualifier *policyQualifiers, qualifier;

543

544 policyItem.data = NULL;

545

546 rv = CERT_FindCertExtension(cert, SEC_OID_X509_CERTIFICATE_POLICIES,

547 &policyItem);

548 if ( rv != SECSuccess ) {

549 goto nopolicy;

550 }

551

552 policies = CERT_DecodeCertificatePoliciesExtension(&policyItem);

553 if ( policies == NULL ) {

554 goto nopolicy;

555 }

556

557 policyInfos = policies->policyInfos;

558 /* search through policyInfos looking for the verisign policy */

559 while (*policyInfos != NULL ) {

560 if ( (*policyInfos)->oid == SEC_OID_VERISIGN_USER_NOTICES ) {

561 policyQualifiers = (*policyInfos)->policyQualifiers;

562 /* search through the policy qualifiers looking for user notice */

563 while ( policyQualifiers != NULL && *policyQualifiers != NULL ) {

564 qualifier = *policyQualifiers;

565 if ( qualifier->oid == SEC_OID_PKIX_USER_NOTICE_QUALIFIER ) {

566 retstring =

567 stringFromUserNotice(&qualifier->qualifierValue);

568 break;

569 }

570

571 policyQualifiers++;

572 }

573 break;

574 }

575 policyInfos++;

576 }

577

578 nopolicy:

579 if ( policyItem.data != NULL ) {

580 PORT_Free(policyItem.data);

581 }

582

583 if ( policies != NULL ) {

584 CERT_DestroyCertificatePoliciesExtension(policies);

585 }

586

587 if ( retstring == NULL ) {

588 retstring = CERT_FindNSStringExtension(cert,

589 SEC_OID_NS_CERT_EXT_COMMENT);

590 }

591

592 if ( retstring != NULL ) {

593 breakLines(retstring);

594 }

595

596 return(retstring);

597 }

598

599

600 const SEC_ASN1Template CERT_OidSeqTemplate[] = {

601 { SEC_ASN1_SEQUENCE_OF \| SEC_ASN1_XTRN,

602 offsetof(CERTOidSequence, oids),

603 SEC_ASN1_SUB(SEC_ObjectIDTemplate) }

604 };

605

606 CERTOidSequence *

607 CERT_DecodeOidSequence(SECItem *seqItem)

608 {

609 PRArenaPool *arena = NULL;

610 SECStatus rv;

611 CERTOidSequence *oidSeq;

612 SECItem newSeqItem;

613

614 /* make a new arena */

615 arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);

616

617 if ( !arena ) {

618 goto loser;

619 }

620

621 /* allocate the userNotice structure */

622 oidSeq = (CERTOidSequence *)PORT_ArenaZAlloc(arena,

623 sizeof(CERTOidSequence));

624

625 if ( oidSeq == NULL ) {

626 goto loser;

627 }

628

629 oidSeq->arena = arena;

630

631 /* copy the DER into the arena, since Quick DER returns data that points

632 into the DER input, which may get freed by the caller */

633 rv = SECITEM_CopyItem(arena, &newSeqItem, seqItem);

634 if ( rv != SECSuccess ) {

635 goto loser;

636 }

637

638 /* decode the user notice */

639 rv = SEC_QuickDERDecodeItem(arena, oidSeq, CERT_OidSeqTemplate, &newSeqItem) ;

640

641 if ( rv != SECSuccess ) {

642 goto loser;

643 }

644

645 return(oidSeq);

646

647 loser:

648 return(NULL);

649 }

650

651

652 void

653 CERT_DestroyOidSequence(CERTOidSequence *oidSeq)

654 {

655 if ( oidSeq != NULL ) {

656 PORT_FreeArena(oidSeq->arena, PR_FALSE);

657 }

658 return;

659 }

660

661 PRBool

662 CERT_GovtApprovedBitSet(CERTCertificate *cert)

663 {

664 SECStatus rv;

665 SECItem extItem;

666 CERTOidSequence *oidSeq = NULL;

667 PRBool ret;

668 SECItem **oids;

669 SECItem *oid;

670 SECOidTag oidTag;

671

672 extItem.data = NULL;

673 rv = CERT_FindCertExtension(cert, SEC_OID_X509_EXT_KEY_USAGE, &extItem);

674 if ( rv != SECSuccess ) {

675 goto loser;

676 }

677

678 oidSeq = CERT_DecodeOidSequence(&extItem);

679 if ( oidSeq == NULL ) {

680 goto loser;

681 }

682

683 oids = oidSeq->oids;

684 while ( oids != NULL && *oids != NULL ) {

685 oid = *oids;

686

687 oidTag = SECOID_FindOIDTag(oid);

688

689 if ( oidTag == SEC_OID_NS_KEY_USAGE_GOVT_APPROVED ) {

690 goto success;

691 }

692

693 oids++;

694 }

695

696 loser:

697 ret = PR_FALSE;

698 goto done;

699 success:

700 ret = PR_TRUE;

701 done:

702 if ( oidSeq != NULL ) {

703 CERT_DestroyOidSequence(oidSeq);

704 }

705 if (extItem.data != NULL) {

706 PORT_Free(extItem.data);

707 }

708 return(ret);

709 }

710

711

712 SECStatus

713 CERT_EncodePolicyConstraintsExtension(PRArenaPool *arena,

714 CERTCertificatePolicyConstraints *constr,

715 SECItem *dest)

716 {

717 SECStatus rv = SECSuccess;

718

719 PORT_Assert(constr != NULL && dest != NULL);

720 if (constr == NULL \|\| dest == NULL) {

721 return SECFailure;

722 }

723

724 if (SEC_ASN1EncodeItem (arena, dest, constr,

725 CERT_PolicyConstraintsTemplate) == NULL) {

726 rv = SECFailure;

727 }

728 return(rv);

729 }

730

731 SECStatus

732 CERT_EncodePolicyMappingExtension(PRArenaPool *arena,

733 CERTCertificatePolicyMappings *mapping,

734 SECItem *dest)

735 {

736 SECStatus rv = SECSuccess;

737

738 PORT_Assert(mapping != NULL && dest != NULL);

739 if (mapping == NULL \|\| dest == NULL) {

740 return SECFailure;

741 }

742

743 if (SEC_ASN1EncodeItem (arena, dest, mapping,

744 CERT_PolicyMappingsTemplate) == NULL) {

745 rv = SECFailure;

746 }

747 return(rv);

748 }

749

750

751

752 SECStatus

753 CERT_EncodeCertPoliciesExtension(PRArenaPool *arena,

754 CERTPolicyInfo **info,

755 SECItem *dest)

756 {

757 SECStatus rv = SECSuccess;

758

759 PORT_Assert(info != NULL && dest != NULL);

760 if (info == NULL \|\| dest == NULL) {

761 return SECFailure;

762 }

763

764 if (SEC_ASN1EncodeItem (arena, dest, info,

765 CERT_CertificatePoliciesTemplate) == NULL) {

766 rv = SECFailure;

767 }

768 return(rv);

769 }

770

771 SECStatus

772 CERT_EncodeUserNotice(PRArenaPool *arena,

773 CERTUserNotice *notice,

774 SECItem *dest)

775 {

776 SECStatus rv = SECSuccess;

777

778 PORT_Assert(notice != NULL && dest != NULL);

779 if (notice == NULL \|\| dest == NULL) {

780 return SECFailure;

781 }

782

783 if (SEC_ASN1EncodeItem(arena, dest,

784 notice, CERT_UserNoticeTemplate) == NULL) {

785 rv = SECFailure;

786 }

787

788 return(rv);

789 }

790

791 SECStatus

792 CERT_EncodeNoticeReference(PRArenaPool *arena,

793 CERTNoticeReference *reference,

794 SECItem *dest)

795 {

796 SECStatus rv = SECSuccess;

797

798 PORT_Assert(reference != NULL && dest != NULL);

799 if (reference == NULL \|\| dest == NULL) {

800 return SECFailure;

801 }

802

803 if (SEC_ASN1EncodeItem (arena, dest, reference,

804 CERT_NoticeReferenceTemplate) == NULL) {

805 rv = SECFailure;

806 }

807

808 return(rv);

809 }

810

811 SECStatus

812 CERT_EncodeInhibitAnyExtension(PRArenaPool *arena,

813 CERTCertificateInhibitAny *certInhibitAny,

814 SECItem *dest)

815 {

816 SECStatus rv = SECSuccess;

817

818 PORT_Assert(certInhibitAny != NULL && dest != NULL);

819 if (certInhibitAny == NULL \|\| dest == NULL) {

820 return SECFailure;

821 }

822

823 if (SEC_ASN1EncodeItem (arena, dest, certInhibitAny,

824 CERT_InhibitAnyTemplate) == NULL) {

825 rv = SECFailure;

826 }

827 return(rv);

828 }

OLD	NEW

« no previous file with comments | « mozilla/security/nss/lib/certdb/genname.c ('k') | mozilla/security/nss/lib/certdb/secname.c » ('j') | no next file with comments »