OLD | NEW |
| (Empty) |
1 /* This Source Code Form is subject to the terms of the Mozilla Public | |
2 * License, v. 2.0. If a copy of the MPL was not distributed with this | |
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | |
4 | |
5 /* | |
6 * Code for dealing with x.509 v3 crl and crl entries extensions. | |
7 */ | |
8 | |
9 #include "cert.h" | |
10 #include "secitem.h" | |
11 #include "secoid.h" | |
12 #include "secoidt.h" | |
13 #include "secder.h" | |
14 #include "secasn1.h" | |
15 #include "certxutl.h" | |
16 | |
17 SECStatus | |
18 CERT_FindCRLExtensionByOID(CERTCrl *crl, SECItem *oid, SECItem *value) | |
19 { | |
20 return (cert_FindExtensionByOID(crl->extensions, oid, value)); | |
21 } | |
22 | |
23 SECStatus | |
24 CERT_FindCRLExtension(CERTCrl *crl, int tag, SECItem *value) | |
25 { | |
26 return (cert_FindExtension(crl->extensions, tag, value)); | |
27 } | |
28 | |
29 /* Callback to set extensions and adjust verison */ | |
30 static void | |
31 SetCrlExts(void *object, CERTCertExtension **exts) | |
32 { | |
33 CERTCrl *crl = (CERTCrl *)object; | |
34 | |
35 crl->extensions = exts; | |
36 DER_SetUInteger(crl->arena, &crl->version, SEC_CRL_VERSION_2); | |
37 } | |
38 | |
39 void * | |
40 CERT_StartCRLExtensions(CERTCrl *crl) | |
41 { | |
42 return (cert_StartExtensions((void *)crl, crl->arena, SetCrlExts)); | |
43 } | |
44 | |
45 static void | |
46 SetCrlEntryExts(void *object, CERTCertExtension **exts) | |
47 { | |
48 CERTCrlEntry *crlEntry = (CERTCrlEntry *)object; | |
49 | |
50 crlEntry->extensions = exts; | |
51 } | |
52 | |
53 void * | |
54 CERT_StartCRLEntryExtensions(CERTCrl *crl, CERTCrlEntry *entry) | |
55 { | |
56 return (cert_StartExtensions(entry, crl->arena, SetCrlEntryExts)); | |
57 } | |
58 | |
59 SECStatus | |
60 CERT_FindCRLNumberExten(PLArenaPool *arena, CERTCrl *crl, | |
61 SECItem *value) | |
62 { | |
63 SECItem encodedExtenValue; | |
64 SECItem *tmpItem = NULL; | |
65 SECStatus rv; | |
66 void *mark = NULL; | |
67 | |
68 encodedExtenValue.data = NULL; | |
69 encodedExtenValue.len = 0; | |
70 | |
71 rv = cert_FindExtension(crl->extensions, SEC_OID_X509_CRL_NUMBER, | |
72 &encodedExtenValue); | |
73 if (rv != SECSuccess) | |
74 return (rv); | |
75 | |
76 mark = PORT_ArenaMark(arena); | |
77 | |
78 tmpItem = SECITEM_ArenaDupItem(arena, &encodedExtenValue); | |
79 if (tmpItem) { | |
80 rv = SEC_QuickDERDecodeItem(arena, value, | |
81 SEC_ASN1_GET(SEC_IntegerTemplate), | |
82 tmpItem); | |
83 } else { | |
84 rv = SECFailure; | |
85 } | |
86 | |
87 PORT_Free(encodedExtenValue.data); | |
88 if (rv == SECFailure) { | |
89 PORT_ArenaRelease(arena, mark); | |
90 } else { | |
91 PORT_ArenaUnmark(arena, mark); | |
92 } | |
93 return (rv); | |
94 } | |
95 | |
96 SECStatus | |
97 CERT_FindCRLEntryReasonExten(CERTCrlEntry *crlEntry, | |
98 CERTCRLEntryReasonCode *value) | |
99 { | |
100 SECItem wrapperItem = { siBuffer, 0 }; | |
101 SECItem tmpItem = { siBuffer, 0 }; | |
102 SECStatus rv; | |
103 PLArenaPool *arena = NULL; | |
104 | |
105 arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); | |
106 if (!arena) { | |
107 return (SECFailure); | |
108 } | |
109 | |
110 rv = cert_FindExtension(crlEntry->extensions, SEC_OID_X509_REASON_CODE, | |
111 &wrapperItem); | |
112 if (rv != SECSuccess) { | |
113 goto loser; | |
114 } | |
115 | |
116 rv = SEC_QuickDERDecodeItem(arena, &tmpItem, | |
117 SEC_ASN1_GET(SEC_EnumeratedTemplate), | |
118 &wrapperItem); | |
119 | |
120 if (rv != SECSuccess) { | |
121 goto loser; | |
122 } | |
123 | |
124 *value = (CERTCRLEntryReasonCode)DER_GetInteger(&tmpItem); | |
125 | |
126 loser: | |
127 if (arena) { | |
128 PORT_FreeArena(arena, PR_FALSE); | |
129 } | |
130 | |
131 if (wrapperItem.data) { | |
132 PORT_Free(wrapperItem.data); | |
133 } | |
134 | |
135 return (rv); | |
136 } | |
137 | |
138 SECStatus | |
139 CERT_FindInvalidDateExten(CERTCrl *crl, PRTime *value) | |
140 { | |
141 SECItem encodedExtenValue; | |
142 SECItem decodedExtenValue = { siBuffer, 0 }; | |
143 SECStatus rv; | |
144 | |
145 encodedExtenValue.data = decodedExtenValue.data = NULL; | |
146 encodedExtenValue.len = decodedExtenValue.len = 0; | |
147 | |
148 rv = cert_FindExtension(crl->extensions, SEC_OID_X509_INVALID_DATE, &encoded
ExtenValue); | |
149 if (rv != SECSuccess) | |
150 return (rv); | |
151 | |
152 rv = SEC_ASN1DecodeItem(NULL, &decodedExtenValue, | |
153 SEC_ASN1_GET(SEC_GeneralizedTimeTemplate), | |
154 &encodedExtenValue); | |
155 if (rv == SECSuccess) | |
156 rv = DER_GeneralizedTimeToTime(value, &encodedExtenValue); | |
157 PORT_Free(decodedExtenValue.data); | |
158 PORT_Free(encodedExtenValue.data); | |
159 return (rv); | |
160 } | |
OLD | NEW |