Index: nss/lib/certdb/polcyxtn.c |
diff --git a/nss/lib/certdb/polcyxtn.c b/nss/lib/certdb/polcyxtn.c |
deleted file mode 100644 |
index aae34e243370bc58d4a203927a3c30ba0cffd77d..0000000000000000000000000000000000000000 |
--- a/nss/lib/certdb/polcyxtn.c |
+++ /dev/null |
@@ -1,806 +0,0 @@ |
-/* This Source Code Form is subject to the terms of the Mozilla Public |
- * License, v. 2.0. If a copy of the MPL was not distributed with this |
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
- |
-/* |
- * Support for various policy related extensions |
- */ |
- |
-#include "seccomon.h" |
-#include "secport.h" |
-#include "secder.h" |
-#include "cert.h" |
-#include "secoid.h" |
-#include "secasn1.h" |
-#include "secerr.h" |
-#include "nspr.h" |
- |
-SEC_ASN1_MKSUB(SEC_IntegerTemplate) |
-SEC_ASN1_MKSUB(SEC_ObjectIDTemplate) |
- |
-const SEC_ASN1Template CERT_DisplayTextTypeTemplate[] = { |
- { SEC_ASN1_CHOICE, offsetof(SECItem, type), 0, sizeof(SECItem) }, |
- { SEC_ASN1_IA5_STRING, 0, 0, siAsciiString }, |
- { SEC_ASN1_VISIBLE_STRING, 0, 0, siVisibleString }, |
- { SEC_ASN1_BMP_STRING, 0, 0, siBMPString }, |
- { SEC_ASN1_UTF8_STRING, 0, 0, siUTF8String }, |
- { 0 } |
-}; |
- |
-const SEC_ASN1Template CERT_NoticeReferenceTemplate[] = { |
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CERTNoticeReference) }, |
- { SEC_ASN1_INLINE, offsetof(CERTNoticeReference, organization), |
- CERT_DisplayTextTypeTemplate, 0 }, |
- { SEC_ASN1_SEQUENCE_OF | SEC_ASN1_XTRN, |
- offsetof(CERTNoticeReference, noticeNumbers), |
- SEC_ASN1_SUB(SEC_IntegerTemplate) }, |
- { 0 } |
-}; |
- |
-const SEC_ASN1Template CERT_UserNoticeTemplate[] = { |
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CERTUserNotice) }, |
- { SEC_ASN1_INLINE | SEC_ASN1_OPTIONAL, |
- offsetof(CERTUserNotice, noticeReference), CERT_NoticeReferenceTemplate, |
- 0 }, |
- { SEC_ASN1_INLINE | SEC_ASN1_OPTIONAL, |
- offsetof(CERTUserNotice, displayText), CERT_DisplayTextTypeTemplate, 0 }, |
- { 0 } |
-}; |
- |
-const SEC_ASN1Template CERT_PolicyQualifierTemplate[] = { |
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CERTPolicyQualifier) }, |
- { SEC_ASN1_OBJECT_ID, offsetof(CERTPolicyQualifier, qualifierID) }, |
- { SEC_ASN1_ANY, offsetof(CERTPolicyQualifier, qualifierValue) }, |
- { 0 } |
-}; |
- |
-const SEC_ASN1Template CERT_PolicyInfoTemplate[] = { |
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CERTPolicyInfo) }, |
- { SEC_ASN1_OBJECT_ID, offsetof(CERTPolicyInfo, policyID) }, |
- { SEC_ASN1_SEQUENCE_OF | SEC_ASN1_OPTIONAL, |
- offsetof(CERTPolicyInfo, policyQualifiers), |
- CERT_PolicyQualifierTemplate }, |
- { 0 } |
-}; |
- |
-const SEC_ASN1Template CERT_CertificatePoliciesTemplate[] = { |
- { SEC_ASN1_SEQUENCE_OF, offsetof(CERTCertificatePolicies, policyInfos), |
- CERT_PolicyInfoTemplate, sizeof(CERTCertificatePolicies) } |
-}; |
- |
-const SEC_ASN1Template CERT_PolicyMapTemplate[] = { |
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CERTPolicyMap) }, |
- { SEC_ASN1_OBJECT_ID, offsetof(CERTPolicyMap, issuerDomainPolicy) }, |
- { SEC_ASN1_OBJECT_ID, offsetof(CERTPolicyMap, subjectDomainPolicy) }, |
- { 0 } |
-}; |
- |
-const SEC_ASN1Template CERT_PolicyMappingsTemplate[] = { |
- { SEC_ASN1_SEQUENCE_OF, offsetof(CERTCertificatePolicyMappings, policyMaps), |
- CERT_PolicyMapTemplate, sizeof(CERTPolicyMap) } |
-}; |
- |
-const SEC_ASN1Template CERT_PolicyConstraintsTemplate[] = { |
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CERTCertificatePolicyConstraints) }, |
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0, |
- offsetof(CERTCertificatePolicyConstraints, explicitPolicySkipCerts), |
- SEC_ASN1_SUB(SEC_IntegerTemplate) }, |
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 1, |
- offsetof(CERTCertificatePolicyConstraints, inhibitMappingSkipCerts), |
- SEC_ASN1_SUB(SEC_IntegerTemplate) }, |
- { 0 } |
-}; |
- |
-const SEC_ASN1Template CERT_InhibitAnyTemplate[] = { |
- { SEC_ASN1_INTEGER, |
- offsetof(CERTCertificateInhibitAny, inhibitAnySkipCerts), NULL, |
- sizeof(CERTCertificateInhibitAny) } |
-}; |
- |
-static void |
-breakLines(char *string) |
-{ |
- char *tmpstr; |
- char *lastspace = NULL; |
- int curlen = 0; |
- int c; |
- |
- tmpstr = string; |
- |
- while ((c = *tmpstr) != '\0') { |
- switch (c) { |
- case ' ': |
- lastspace = tmpstr; |
- break; |
- case '\n': |
- lastspace = NULL; |
- curlen = 0; |
- break; |
- } |
- |
- if ((curlen >= 55) && (lastspace != NULL)) { |
- *lastspace = '\n'; |
- curlen = (tmpstr - lastspace); |
- lastspace = NULL; |
- } |
- |
- curlen++; |
- tmpstr++; |
- } |
- |
- return; |
-} |
- |
-CERTCertificatePolicies * |
-CERT_DecodeCertificatePoliciesExtension(const SECItem *extnValue) |
-{ |
- PLArenaPool *arena = NULL; |
- SECStatus rv; |
- CERTCertificatePolicies *policies; |
- CERTPolicyInfo **policyInfos, *policyInfo; |
- CERTPolicyQualifier **policyQualifiers, *policyQualifier; |
- SECItem newExtnValue; |
- |
- /* make a new arena */ |
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); |
- |
- if (!arena) { |
- goto loser; |
- } |
- |
- /* allocate the certificate policies structure */ |
- policies = (CERTCertificatePolicies *)PORT_ArenaZAlloc( |
- arena, sizeof(CERTCertificatePolicies)); |
- |
- if (policies == NULL) { |
- goto loser; |
- } |
- |
- policies->arena = arena; |
- |
- /* copy the DER into the arena, since Quick DER returns data that points |
- into the DER input, which may get freed by the caller */ |
- rv = SECITEM_CopyItem(arena, &newExtnValue, extnValue); |
- if (rv != SECSuccess) { |
- goto loser; |
- } |
- |
- /* decode the policy info */ |
- rv = SEC_QuickDERDecodeItem( |
- arena, policies, CERT_CertificatePoliciesTemplate, &newExtnValue); |
- |
- if (rv != SECSuccess) { |
- goto loser; |
- } |
- |
- /* initialize the oid tags */ |
- policyInfos = policies->policyInfos; |
- while (*policyInfos != NULL) { |
- policyInfo = *policyInfos; |
- policyInfo->oid = SECOID_FindOIDTag(&policyInfo->policyID); |
- policyQualifiers = policyInfo->policyQualifiers; |
- while (policyQualifiers != NULL && *policyQualifiers != NULL) { |
- policyQualifier = *policyQualifiers; |
- policyQualifier->oid = |
- SECOID_FindOIDTag(&policyQualifier->qualifierID); |
- policyQualifiers++; |
- } |
- policyInfos++; |
- } |
- |
- return (policies); |
- |
-loser: |
- if (arena != NULL) { |
- PORT_FreeArena(arena, PR_FALSE); |
- } |
- |
- return (NULL); |
-} |
- |
-void |
-CERT_DestroyCertificatePoliciesExtension(CERTCertificatePolicies *policies) |
-{ |
- if (policies != NULL) { |
- PORT_FreeArena(policies->arena, PR_FALSE); |
- } |
- return; |
-} |
- |
-CERTCertificatePolicyMappings * |
-CERT_DecodePolicyMappingsExtension(SECItem *extnValue) |
-{ |
- PLArenaPool *arena = NULL; |
- SECStatus rv; |
- CERTCertificatePolicyMappings *mappings; |
- SECItem newExtnValue; |
- |
- /* make a new arena */ |
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); |
- if (!arena) { |
- goto loser; |
- } |
- |
- /* allocate the policy mappings structure */ |
- mappings = (CERTCertificatePolicyMappings *)PORT_ArenaZAlloc( |
- arena, sizeof(CERTCertificatePolicyMappings)); |
- if (mappings == NULL) { |
- goto loser; |
- } |
- mappings->arena = arena; |
- |
- /* copy the DER into the arena, since Quick DER returns data that points |
- into the DER input, which may get freed by the caller */ |
- rv = SECITEM_CopyItem(arena, &newExtnValue, extnValue); |
- if (rv != SECSuccess) { |
- goto loser; |
- } |
- |
- /* decode the policy mappings */ |
- rv = SEC_QuickDERDecodeItem(arena, mappings, CERT_PolicyMappingsTemplate, |
- &newExtnValue); |
- if (rv != SECSuccess) { |
- goto loser; |
- } |
- |
- return (mappings); |
- |
-loser: |
- if (arena != NULL) { |
- PORT_FreeArena(arena, PR_FALSE); |
- } |
- |
- return (NULL); |
-} |
- |
-SECStatus |
-CERT_DestroyPolicyMappingsExtension(CERTCertificatePolicyMappings *mappings) |
-{ |
- if (mappings != NULL) { |
- PORT_FreeArena(mappings->arena, PR_FALSE); |
- } |
- return SECSuccess; |
-} |
- |
-SECStatus |
-CERT_DecodePolicyConstraintsExtension( |
- CERTCertificatePolicyConstraints *decodedValue, const SECItem *encodedValue) |
-{ |
- CERTCertificatePolicyConstraints decodeContext; |
- PLArenaPool *arena = NULL; |
- SECStatus rv = SECSuccess; |
- |
- /* initialize so we can tell when an optional component is omitted */ |
- PORT_Memset(&decodeContext, 0, sizeof(decodeContext)); |
- |
- /* make a new arena */ |
- arena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE); |
- if (!arena) { |
- return SECFailure; |
- } |
- |
- do { |
- /* decode the policy constraints */ |
- rv = SEC_QuickDERDecodeItem(arena, &decodeContext, |
- CERT_PolicyConstraintsTemplate, |
- encodedValue); |
- |
- if (rv != SECSuccess) { |
- break; |
- } |
- |
- if (decodeContext.explicitPolicySkipCerts.len == 0) { |
- *(PRInt32 *)decodedValue->explicitPolicySkipCerts.data = -1; |
- } else { |
- *(PRInt32 *)decodedValue->explicitPolicySkipCerts.data = |
- DER_GetInteger(&decodeContext.explicitPolicySkipCerts); |
- } |
- |
- if (decodeContext.inhibitMappingSkipCerts.len == 0) { |
- *(PRInt32 *)decodedValue->inhibitMappingSkipCerts.data = -1; |
- } else { |
- *(PRInt32 *)decodedValue->inhibitMappingSkipCerts.data = |
- DER_GetInteger(&decodeContext.inhibitMappingSkipCerts); |
- } |
- |
- if ((*(PRInt32 *)decodedValue->explicitPolicySkipCerts.data == |
- PR_INT32_MIN) || |
- (*(PRInt32 *)decodedValue->explicitPolicySkipCerts.data == |
- PR_INT32_MAX) || |
- (*(PRInt32 *)decodedValue->inhibitMappingSkipCerts.data == |
- PR_INT32_MIN) || |
- (*(PRInt32 *)decodedValue->inhibitMappingSkipCerts.data == |
- PR_INT32_MAX)) { |
- rv = SECFailure; |
- } |
- |
- } while (0); |
- |
- PORT_FreeArena(arena, PR_FALSE); |
- return (rv); |
-} |
- |
-SECStatus |
-CERT_DecodeInhibitAnyExtension(CERTCertificateInhibitAny *decodedValue, |
- SECItem *encodedValue) |
-{ |
- CERTCertificateInhibitAny decodeContext; |
- PLArenaPool *arena = NULL; |
- SECStatus rv = SECSuccess; |
- |
- /* make a new arena */ |
- arena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE); |
- if (!arena) { |
- return SECFailure; |
- } |
- |
- do { |
- |
- /* decode the policy mappings */ |
- decodeContext.inhibitAnySkipCerts.type = siUnsignedInteger; |
- rv = SEC_QuickDERDecodeItem(arena, &decodeContext, |
- CERT_InhibitAnyTemplate, encodedValue); |
- |
- if (rv != SECSuccess) { |
- break; |
- } |
- |
- *(PRInt32 *)decodedValue->inhibitAnySkipCerts.data = |
- DER_GetInteger(&decodeContext.inhibitAnySkipCerts); |
- |
- } while (0); |
- |
- PORT_FreeArena(arena, PR_FALSE); |
- return (rv); |
-} |
- |
-CERTUserNotice * |
-CERT_DecodeUserNotice(SECItem *noticeItem) |
-{ |
- PLArenaPool *arena = NULL; |
- SECStatus rv; |
- CERTUserNotice *userNotice; |
- SECItem newNoticeItem; |
- |
- /* make a new arena */ |
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); |
- |
- if (!arena) { |
- goto loser; |
- } |
- |
- /* allocate the userNotice structure */ |
- userNotice = |
- (CERTUserNotice *)PORT_ArenaZAlloc(arena, sizeof(CERTUserNotice)); |
- |
- if (userNotice == NULL) { |
- goto loser; |
- } |
- |
- userNotice->arena = arena; |
- |
- /* copy the DER into the arena, since Quick DER returns data that points |
- into the DER input, which may get freed by the caller */ |
- rv = SECITEM_CopyItem(arena, &newNoticeItem, noticeItem); |
- if (rv != SECSuccess) { |
- goto loser; |
- } |
- |
- /* decode the user notice */ |
- rv = SEC_QuickDERDecodeItem(arena, userNotice, CERT_UserNoticeTemplate, |
- &newNoticeItem); |
- |
- if (rv != SECSuccess) { |
- goto loser; |
- } |
- |
- if (userNotice->derNoticeReference.data != NULL) { |
- |
- rv = SEC_QuickDERDecodeItem(arena, &userNotice->noticeReference, |
- CERT_NoticeReferenceTemplate, |
- &userNotice->derNoticeReference); |
- if (rv == SECFailure) { |
- goto loser; |
- } |
- } |
- |
- return (userNotice); |
- |
-loser: |
- if (arena != NULL) { |
- PORT_FreeArena(arena, PR_FALSE); |
- } |
- |
- return (NULL); |
-} |
- |
-void |
-CERT_DestroyUserNotice(CERTUserNotice *userNotice) |
-{ |
- if (userNotice != NULL) { |
- PORT_FreeArena(userNotice->arena, PR_FALSE); |
- } |
- return; |
-} |
- |
-static CERTPolicyStringCallback policyStringCB = NULL; |
-static void *policyStringCBArg = NULL; |
- |
-void |
-CERT_SetCAPolicyStringCallback(CERTPolicyStringCallback cb, void *cbarg) |
-{ |
- policyStringCB = cb; |
- policyStringCBArg = cbarg; |
- return; |
-} |
- |
-char * |
-stringFromUserNotice(SECItem *noticeItem) |
-{ |
- SECItem *org; |
- unsigned int len, headerlen; |
- char *stringbuf; |
- CERTUserNotice *userNotice; |
- char *policystr; |
- char *retstr = NULL; |
- SECItem *displayText; |
- SECItem **noticeNumbers; |
- unsigned int strnum; |
- |
- /* decode the user notice */ |
- userNotice = CERT_DecodeUserNotice(noticeItem); |
- if (userNotice == NULL) { |
- return (NULL); |
- } |
- |
- org = &userNotice->noticeReference.organization; |
- if ((org->len != 0) && (policyStringCB != NULL)) { |
- /* has a noticeReference */ |
- |
- /* extract the org string */ |
- len = org->len; |
- stringbuf = (char *)PORT_Alloc(len + 1); |
- if (stringbuf != NULL) { |
- PORT_Memcpy(stringbuf, org->data, len); |
- stringbuf[len] = '\0'; |
- |
- noticeNumbers = userNotice->noticeReference.noticeNumbers; |
- while (*noticeNumbers != NULL) { |
- /* XXX - only one byte integers right now*/ |
- strnum = (*noticeNumbers)->data[0]; |
- policystr = |
- (*policyStringCB)(stringbuf, strnum, policyStringCBArg); |
- if (policystr != NULL) { |
- if (retstr != NULL) { |
- retstr = PR_sprintf_append(retstr, "\n%s", policystr); |
- } else { |
- retstr = PR_sprintf_append(retstr, "%s", policystr); |
- } |
- |
- PORT_Free(policystr); |
- } |
- |
- noticeNumbers++; |
- } |
- |
- PORT_Free(stringbuf); |
- } |
- } |
- |
- if (retstr == NULL) { |
- if (userNotice->displayText.len != 0) { |
- displayText = &userNotice->displayText; |
- |
- if (displayText->len > 2) { |
- if (displayText->data[0] == SEC_ASN1_VISIBLE_STRING) { |
- headerlen = 2; |
- if (displayText->data[1] & 0x80) { |
- /* multibyte length */ |
- headerlen += (displayText->data[1] & 0x7f); |
- } |
- |
- len = displayText->len - headerlen; |
- retstr = (char *)PORT_Alloc(len + 1); |
- if (retstr != NULL) { |
- PORT_Memcpy(retstr, &displayText->data[headerlen], len); |
- retstr[len] = '\0'; |
- } |
- } |
- } |
- } |
- } |
- |
- CERT_DestroyUserNotice(userNotice); |
- |
- return (retstr); |
-} |
- |
-char * |
-CERT_GetCertCommentString(CERTCertificate *cert) |
-{ |
- char *retstring = NULL; |
- SECStatus rv; |
- SECItem policyItem; |
- CERTCertificatePolicies *policies = NULL; |
- CERTPolicyInfo **policyInfos; |
- CERTPolicyQualifier **policyQualifiers, *qualifier; |
- |
- policyItem.data = NULL; |
- |
- rv = CERT_FindCertExtension(cert, SEC_OID_X509_CERTIFICATE_POLICIES, |
- &policyItem); |
- if (rv != SECSuccess) { |
- goto nopolicy; |
- } |
- |
- policies = CERT_DecodeCertificatePoliciesExtension(&policyItem); |
- if (policies == NULL) { |
- goto nopolicy; |
- } |
- |
- policyInfos = policies->policyInfos; |
- /* search through policyInfos looking for the verisign policy */ |
- while (*policyInfos != NULL) { |
- if ((*policyInfos)->oid == SEC_OID_VERISIGN_USER_NOTICES) { |
- policyQualifiers = (*policyInfos)->policyQualifiers; |
- /* search through the policy qualifiers looking for user notice */ |
- while (policyQualifiers != NULL && *policyQualifiers != NULL) { |
- qualifier = *policyQualifiers; |
- if (qualifier->oid == SEC_OID_PKIX_USER_NOTICE_QUALIFIER) { |
- retstring = |
- stringFromUserNotice(&qualifier->qualifierValue); |
- break; |
- } |
- |
- policyQualifiers++; |
- } |
- break; |
- } |
- policyInfos++; |
- } |
- |
-nopolicy: |
- if (policyItem.data != NULL) { |
- PORT_Free(policyItem.data); |
- } |
- |
- if (policies != NULL) { |
- CERT_DestroyCertificatePoliciesExtension(policies); |
- } |
- |
- if (retstring == NULL) { |
- retstring = |
- CERT_FindNSStringExtension(cert, SEC_OID_NS_CERT_EXT_COMMENT); |
- } |
- |
- if (retstring != NULL) { |
- breakLines(retstring); |
- } |
- |
- return (retstring); |
-} |
- |
-const SEC_ASN1Template CERT_OidSeqTemplate[] = { |
- { SEC_ASN1_SEQUENCE_OF | SEC_ASN1_XTRN, offsetof(CERTOidSequence, oids), |
- SEC_ASN1_SUB(SEC_ObjectIDTemplate) } |
-}; |
- |
-CERTOidSequence * |
-CERT_DecodeOidSequence(const SECItem *seqItem) |
-{ |
- PLArenaPool *arena = NULL; |
- SECStatus rv; |
- CERTOidSequence *oidSeq; |
- SECItem newSeqItem; |
- |
- /* make a new arena */ |
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); |
- |
- if (!arena) { |
- goto loser; |
- } |
- |
- /* allocate the userNotice structure */ |
- oidSeq = |
- (CERTOidSequence *)PORT_ArenaZAlloc(arena, sizeof(CERTOidSequence)); |
- |
- if (oidSeq == NULL) { |
- goto loser; |
- } |
- |
- oidSeq->arena = arena; |
- |
- /* copy the DER into the arena, since Quick DER returns data that points |
- into the DER input, which may get freed by the caller */ |
- rv = SECITEM_CopyItem(arena, &newSeqItem, seqItem); |
- if (rv != SECSuccess) { |
- goto loser; |
- } |
- |
- /* decode the user notice */ |
- rv = |
- SEC_QuickDERDecodeItem(arena, oidSeq, CERT_OidSeqTemplate, &newSeqItem); |
- |
- if (rv != SECSuccess) { |
- goto loser; |
- } |
- |
- return (oidSeq); |
- |
-loser: |
- if (arena) { |
- PORT_FreeArena(arena, PR_FALSE); |
- } |
- return (NULL); |
-} |
- |
-void |
-CERT_DestroyOidSequence(CERTOidSequence *oidSeq) |
-{ |
- if (oidSeq != NULL) { |
- PORT_FreeArena(oidSeq->arena, PR_FALSE); |
- } |
- return; |
-} |
- |
-PRBool |
-CERT_GovtApprovedBitSet(CERTCertificate *cert) |
-{ |
- SECStatus rv; |
- SECItem extItem; |
- CERTOidSequence *oidSeq = NULL; |
- PRBool ret; |
- SECItem **oids; |
- SECItem *oid; |
- SECOidTag oidTag; |
- |
- extItem.data = NULL; |
- rv = CERT_FindCertExtension(cert, SEC_OID_X509_EXT_KEY_USAGE, &extItem); |
- if (rv != SECSuccess) { |
- goto loser; |
- } |
- |
- oidSeq = CERT_DecodeOidSequence(&extItem); |
- if (oidSeq == NULL) { |
- goto loser; |
- } |
- |
- oids = oidSeq->oids; |
- while (oids != NULL && *oids != NULL) { |
- oid = *oids; |
- |
- oidTag = SECOID_FindOIDTag(oid); |
- |
- if (oidTag == SEC_OID_NS_KEY_USAGE_GOVT_APPROVED) { |
- goto success; |
- } |
- |
- oids++; |
- } |
- |
-loser: |
- ret = PR_FALSE; |
- goto done; |
-success: |
- ret = PR_TRUE; |
-done: |
- if (oidSeq != NULL) { |
- CERT_DestroyOidSequence(oidSeq); |
- } |
- if (extItem.data != NULL) { |
- PORT_Free(extItem.data); |
- } |
- return (ret); |
-} |
- |
-SECStatus |
-CERT_EncodePolicyConstraintsExtension(PLArenaPool *arena, |
- CERTCertificatePolicyConstraints *constr, |
- SECItem *dest) |
-{ |
- SECStatus rv = SECSuccess; |
- |
- PORT_Assert(constr != NULL && dest != NULL); |
- if (constr == NULL || dest == NULL) { |
- return SECFailure; |
- } |
- |
- if (SEC_ASN1EncodeItem(arena, dest, constr, |
- CERT_PolicyConstraintsTemplate) == NULL) { |
- rv = SECFailure; |
- } |
- return (rv); |
-} |
- |
-SECStatus |
-CERT_EncodePolicyMappingExtension(PLArenaPool *arena, |
- CERTCertificatePolicyMappings *mapping, |
- SECItem *dest) |
-{ |
- SECStatus rv = SECSuccess; |
- |
- PORT_Assert(mapping != NULL && dest != NULL); |
- if (mapping == NULL || dest == NULL) { |
- return SECFailure; |
- } |
- |
- if (SEC_ASN1EncodeItem(arena, dest, mapping, CERT_PolicyMappingsTemplate) == |
- NULL) { |
- rv = SECFailure; |
- } |
- return (rv); |
-} |
- |
-SECStatus |
-CERT_EncodeCertPoliciesExtension(PLArenaPool *arena, CERTPolicyInfo **info, |
- SECItem *dest) |
-{ |
- SECStatus rv = SECSuccess; |
- |
- PORT_Assert(info != NULL && dest != NULL); |
- if (info == NULL || dest == NULL) { |
- return SECFailure; |
- } |
- |
- if (SEC_ASN1EncodeItem(arena, dest, info, |
- CERT_CertificatePoliciesTemplate) == NULL) { |
- rv = SECFailure; |
- } |
- return (rv); |
-} |
- |
-SECStatus |
-CERT_EncodeUserNotice(PLArenaPool *arena, CERTUserNotice *notice, SECItem *dest) |
-{ |
- SECStatus rv = SECSuccess; |
- |
- PORT_Assert(notice != NULL && dest != NULL); |
- if (notice == NULL || dest == NULL) { |
- return SECFailure; |
- } |
- |
- if (SEC_ASN1EncodeItem(arena, dest, notice, CERT_UserNoticeTemplate) == |
- NULL) { |
- rv = SECFailure; |
- } |
- |
- return (rv); |
-} |
- |
-SECStatus |
-CERT_EncodeNoticeReference(PLArenaPool *arena, CERTNoticeReference *reference, |
- SECItem *dest) |
-{ |
- SECStatus rv = SECSuccess; |
- |
- PORT_Assert(reference != NULL && dest != NULL); |
- if (reference == NULL || dest == NULL) { |
- return SECFailure; |
- } |
- |
- if (SEC_ASN1EncodeItem(arena, dest, reference, |
- CERT_NoticeReferenceTemplate) == NULL) { |
- rv = SECFailure; |
- } |
- |
- return (rv); |
-} |
- |
-SECStatus |
-CERT_EncodeInhibitAnyExtension(PLArenaPool *arena, |
- CERTCertificateInhibitAny *certInhibitAny, |
- SECItem *dest) |
-{ |
- SECStatus rv = SECSuccess; |
- |
- PORT_Assert(certInhibitAny != NULL && dest != NULL); |
- if (certInhibitAny == NULL || dest == NULL) { |
- return SECFailure; |
- } |
- |
- if (SEC_ASN1EncodeItem(arena, dest, certInhibitAny, |
- CERT_InhibitAnyTemplate) == NULL) { |
- rv = SECFailure; |
- } |
- return (rv); |
-} |