Add m-esr52 at 52.6.0

1 files changed, 399 insertions, 0 deletions

diff --git a/security/nss/lib/crmf/respcmn.c b/security/nss/lib/crmf/respcmn.c
new file mode 100644
index 000000000..f9e4155a3
--- /dev/null
+++ b/security/nss/lib/crmf/respcmn.c
@@ -0,0 +1,399 @@
+/* -*- Mode: C; tab-width: 8 -*-*/
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "cmmf.h"
+#include "cmmfi.h"
+#include "secitem.h"
+#include "secder.h"
+
+SECStatus
+cmmf_DestroyPKIStatusInfo(CMMFPKIStatusInfo *info, PRBool freeit)
+{
+    if (info->status.data != NULL) {
+        PORT_Free(info->status.data);
+        info->status.data = NULL;
+    }
+    if (info->statusString.data != NULL) {
+        PORT_Free(info->statusString.data);
+        info->statusString.data = NULL;
+    }
+    if (info->failInfo.data != NULL) {
+        PORT_Free(info->failInfo.data);
+        info->failInfo.data = NULL;
+    }
+    if (freeit) {
+        PORT_Free(info);
+    }
+    return SECSuccess;
+}
+
+SECStatus
+CMMF_DestroyCertResponse(CMMFCertResponse *inCertResp)
+{
+    PORT_Assert(inCertResp != NULL);
+    if (inCertResp != NULL) {
+        if (inCertResp->certReqId.data != NULL) {
+            PORT_Free(inCertResp->certReqId.data);
+        }
+        cmmf_DestroyPKIStatusInfo(&inCertResp->status, PR_FALSE);
+        if (inCertResp->certifiedKeyPair != NULL) {
+            CMMF_DestroyCertifiedKeyPair(inCertResp->certifiedKeyPair);
+        }
+        PORT_Free(inCertResp);
+    }
+    return SECSuccess;
+}
+
+SECStatus
+CMMF_DestroyCertRepContent(CMMFCertRepContent *inCertRepContent)
+{
+    PORT_Assert(inCertRepContent != NULL);
+    if (inCertRepContent != NULL) {
+        CMMFCertResponse **pResponse = inCertRepContent->response;
+        if (pResponse != NULL) {
+            for (; *pResponse != NULL; pResponse++) {
+                CMMFCertifiedKeyPair *certKeyPair = (*pResponse)->certifiedKeyPair;
+                /* XXX Why not call CMMF_DestroyCertifiedKeyPair or
+                 ** XXX cmmf_DestroyCertOrEncCert ?
+                 */
+                if (certKeyPair != NULL &&
+                    certKeyPair->certOrEncCert.choice == cmmfCertificate &&
+                    certKeyPair->certOrEncCert.cert.certificate != NULL) {
+                    CERT_DestroyCertificate(certKeyPair->certOrEncCert.cert.certificate);
+                    certKeyPair->certOrEncCert.cert.certificate = NULL;
+                }
+            }
+        }
+        if (inCertRepContent->caPubs) {
+            CERTCertificate **caPubs = inCertRepContent->caPubs;
+            for (; *caPubs; ++caPubs) {
+                CERT_DestroyCertificate(*caPubs);
+                *caPubs = NULL;
+            }
+        }
+        if (inCertRepContent->poolp != NULL) {
+            PORT_FreeArena(inCertRepContent->poolp, PR_TRUE);
+        }
+    }
+    return SECSuccess;
+}
+
+SECStatus
+CMMF_DestroyPOPODecKeyChallContent(CMMFPOPODecKeyChallContent *inDecKeyCont)
+{
+    PORT_Assert(inDecKeyCont != NULL);
+    if (inDecKeyCont != NULL && inDecKeyCont->poolp) {
+        PORT_FreeArena(inDecKeyCont->poolp, PR_FALSE);
+    }
+    return SECSuccess;
+}
+
+SECStatus
+crmf_create_prtime(SECItem *src, PRTime **dest)
+{
+    *dest = PORT_ZNew(PRTime);
+    return DER_DecodeTimeChoice(*dest, src);
+}
+
+CRMFCertExtension *
+crmf_copy_cert_extension(PLArenaPool *poolp, CRMFCertExtension *inExtension)
+{
+    PRBool isCritical;
+    SECOidTag id;
+    SECItem *data;
+    CRMFCertExtension *newExt;
+
+    PORT_Assert(inExtension != NULL);
+    if (inExtension == NULL) {
+        return NULL;
+    }
+    id = CRMF_CertExtensionGetOidTag(inExtension);
+    isCritical = CRMF_CertExtensionGetIsCritical(inExtension);
+    data = CRMF_CertExtensionGetValue(inExtension);
+    newExt = crmf_create_cert_extension(poolp, id,
+                                        isCritical,
+                                        data);
+    SECITEM_FreeItem(data, PR_TRUE);
+    return newExt;
+}
+
+static SECItem *
+cmmf_encode_certificate(CERTCertificate *inCert)
+{
+    return SEC_ASN1EncodeItem(NULL, NULL, inCert,
+                              SEC_ASN1_GET(SEC_SignedCertificateTemplate));
+}
+
+CERTCertList *
+cmmf_MakeCertList(CERTCertificate **inCerts)
+{
+    CERTCertList *certList;
+    CERTCertificate *currCert;
+    SECItem *derCert, *freeCert = NULL;
+    SECStatus rv;
+    int i;
+
+    certList = CERT_NewCertList();
+    if (certList == NULL) {
+        return NULL;
+    }
+    for (i = 0; inCerts[i] != NULL; i++) {
+        derCert = &inCerts[i]->derCert;
+        if (derCert->data == NULL) {
+            derCert = freeCert = cmmf_encode_certificate(inCerts[i]);
+        }
+        currCert = CERT_NewTempCertificate(CERT_GetDefaultCertDB(),
+                                           derCert, NULL, PR_FALSE, PR_TRUE);
+        if (freeCert != NULL) {
+            SECITEM_FreeItem(freeCert, PR_TRUE);
+            freeCert = NULL;
+        }
+        if (currCert == NULL) {
+            goto loser;
+        }
+        rv = CERT_AddCertToListTail(certList, currCert);
+        if (rv != SECSuccess) {
+            goto loser;
+        }
+    }
+    return certList;
+loser:
+    CERT_DestroyCertList(certList);
+    return NULL;
+}
+
+CMMFPKIStatus
+cmmf_PKIStatusInfoGetStatus(CMMFPKIStatusInfo *inStatus)
+{
+    long derVal;
+
+    derVal = DER_GetInteger(&inStatus->status);
+    if (derVal == -1 || derVal < cmmfGranted || derVal >= cmmfNumPKIStatus) {
+        return cmmfNoPKIStatus;
+    }
+    return (CMMFPKIStatus)derVal;
+}
+
+int
+CMMF_CertRepContentGetNumResponses(CMMFCertRepContent *inCertRepContent)
+{
+    int numResponses = 0;
+    PORT_Assert(inCertRepContent != NULL);
+    if (inCertRepContent != NULL && inCertRepContent->response != NULL) {
+        while (inCertRepContent->response[numResponses] != NULL) {
+            numResponses++;
+        }
+    }
+    return numResponses;
+}
+
+SECStatus
+cmmf_DestroyCertOrEncCert(CMMFCertOrEncCert *certOrEncCert, PRBool freeit)
+{
+    switch (certOrEncCert->choice) {
+        case cmmfCertificate:
+            CERT_DestroyCertificate(certOrEncCert->cert.certificate);
+            certOrEncCert->cert.certificate = NULL;
+            break;
+        case cmmfEncryptedCert:
+            crmf_destroy_encrypted_value(certOrEncCert->cert.encryptedCert,
+                                         PR_TRUE);
+            certOrEncCert->cert.encryptedCert = NULL;
+            break;
+        default:
+            break;
+    }
+    if (freeit) {
+        PORT_Free(certOrEncCert);
+    }
+    return SECSuccess;
+}
+
+SECStatus
+cmmf_copy_secitem(PLArenaPool *poolp, SECItem *dest, SECItem *src)
+{
+    SECStatus rv;
+
+    if (src->data != NULL) {
+        rv = SECITEM_CopyItem(poolp, dest, src);
+    } else {
+        dest->data = NULL;
+        dest->len = 0;
+        rv = SECSuccess;
+    }
+    return rv;
+}
+
+SECStatus
+CMMF_DestroyCertifiedKeyPair(CMMFCertifiedKeyPair *inCertKeyPair)
+{
+    PORT_Assert(inCertKeyPair != NULL);
+    if (inCertKeyPair != NULL) {
+        cmmf_DestroyCertOrEncCert(&inCertKeyPair->certOrEncCert, PR_FALSE);
+        if (inCertKeyPair->privateKey) {
+            crmf_destroy_encrypted_value(inCertKeyPair->privateKey, PR_TRUE);
+        }
+        if (inCertKeyPair->derPublicationInfo.data) {
+            PORT_Free(inCertKeyPair->derPublicationInfo.data);
+        }
+        PORT_Free(inCertKeyPair);
+    }
+    return SECSuccess;
+}
+
+SECStatus
+cmmf_CopyCertResponse(PLArenaPool *poolp,
+                      CMMFCertResponse *dest,
+                      CMMFCertResponse *src)
+{
+    SECStatus rv;
+
+    if (src->certReqId.data != NULL) {
+        rv = SECITEM_CopyItem(poolp, &dest->certReqId, &src->certReqId);
+        if (rv != SECSuccess) {
+            return rv;
+        }
+    }
+    rv = cmmf_CopyPKIStatusInfo(poolp, &dest->status, &src->status);
+    if (rv != SECSuccess) {
+        return rv;
+    }
+    if (src->certifiedKeyPair != NULL) {
+        CMMFCertifiedKeyPair *destKeyPair;
+
+        destKeyPair = (poolp == NULL) ? PORT_ZNew(CMMFCertifiedKeyPair) : PORT_ArenaZNew(poolp, CMMFCertifiedKeyPair);
+        if (!destKeyPair) {
+            return SECFailure;
+        }
+        rv = cmmf_CopyCertifiedKeyPair(poolp, destKeyPair,
+                                       src->certifiedKeyPair);
+        if (rv != SECSuccess) {
+            if (!poolp) {
+                CMMF_DestroyCertifiedKeyPair(destKeyPair);
+            }
+            return rv;
+        }
+        dest->certifiedKeyPair = destKeyPair;
+    }
+    return SECSuccess;
+}
+
+static SECStatus
+cmmf_CopyCertOrEncCert(PLArenaPool *poolp, CMMFCertOrEncCert *dest,
+                       CMMFCertOrEncCert *src)
+{
+    SECStatus rv = SECSuccess;
+    CRMFEncryptedValue *encVal;
+
+    dest->choice = src->choice;
+    rv = cmmf_copy_secitem(poolp, &dest->derValue, &src->derValue);
+    switch (src->choice) {
+        case cmmfCertificate:
+            dest->cert.certificate = CERT_DupCertificate(src->cert.certificate);
+            break;
+        case cmmfEncryptedCert:
+            encVal = (poolp == NULL) ? PORT_ZNew(CRMFEncryptedValue) : PORT_ArenaZNew(poolp, CRMFEncryptedValue);
+            if (encVal == NULL) {
+                return SECFailure;
+            }
+            rv = crmf_copy_encryptedvalue(poolp, src->cert.encryptedCert, encVal);
+            if (rv != SECSuccess) {
+                if (!poolp) {
+                    crmf_destroy_encrypted_value(encVal, PR_TRUE);
+                }
+                return rv;
+            }
+            dest->cert.encryptedCert = encVal;
+            break;
+        default:
+            rv = SECFailure;
+    }
+    return rv;
+}
+
+SECStatus
+cmmf_CopyCertifiedKeyPair(PLArenaPool *poolp, CMMFCertifiedKeyPair *dest,
+                          CMMFCertifiedKeyPair *src)
+{
+    SECStatus rv;
+
+    rv = cmmf_CopyCertOrEncCert(poolp, &dest->certOrEncCert,
+                                &src->certOrEncCert);
+    if (rv != SECSuccess) {
+        return rv;
+    }
+
+    if (src->privateKey != NULL) {
+        CRMFEncryptedValue *encVal;
+
+        encVal = (poolp == NULL) ? PORT_ZNew(CRMFEncryptedValue) : PORT_ArenaZNew(poolp, CRMFEncryptedValue);
+        if (encVal == NULL) {
+            return SECFailure;
+        }
+        rv = crmf_copy_encryptedvalue(poolp, src->privateKey,
+                                      encVal);
+        if (rv != SECSuccess) {
+            if (!poolp) {
+                crmf_destroy_encrypted_value(encVal, PR_TRUE);
+            }
+            return rv;
+        }
+        dest->privateKey = encVal;
+    }
+    rv = cmmf_copy_secitem(poolp, &dest->derPublicationInfo,
+                           &src->derPublicationInfo);
+    return rv;
+}
+
+SECStatus
+cmmf_CopyPKIStatusInfo(PLArenaPool *poolp, CMMFPKIStatusInfo *dest,
+                       CMMFPKIStatusInfo *src)
+{
+    SECStatus rv;
+
+    rv = cmmf_copy_secitem(poolp, &dest->status, &src->status);
+    if (rv != SECSuccess) {
+        return rv;
+    }
+    rv = cmmf_copy_secitem(poolp, &dest->statusString, &src->statusString);
+    if (rv != SECSuccess) {
+        return rv;
+    }
+    rv = cmmf_copy_secitem(poolp, &dest->failInfo, &src->failInfo);
+    return rv;
+}
+
+CERTCertificate *
+cmmf_CertOrEncCertGetCertificate(CMMFCertOrEncCert *certOrEncCert,
+                                 CERTCertDBHandle *certdb)
+{
+    if (certOrEncCert->choice != cmmfCertificate ||
+        certOrEncCert->cert.certificate == NULL) {
+        return NULL;
+    }
+    return CERT_NewTempCertificate(certdb,
+                                   &certOrEncCert->cert.certificate->derCert,
+                                   NULL, PR_FALSE, PR_TRUE);
+}
+
+SECStatus
+cmmf_PKIStatusInfoSetStatus(CMMFPKIStatusInfo *statusInfo,
+                            PLArenaPool *poolp,
+                            CMMFPKIStatus inStatus)
+{
+    SECItem *dummy;
+
+    if (inStatus < cmmfGranted || inStatus >= cmmfNumPKIStatus) {
+        return SECFailure;
+    }
+
+    dummy = SEC_ASN1EncodeInteger(poolp, &statusInfo->status, inStatus);
+    PORT_Assert(dummy == &statusInfo->status);
+    if (dummy != &statusInfo->status) {
+        SECITEM_FreeItem(dummy, PR_TRUE);
+        return SECFailure;
+    }
+    return SECSuccess;
+}