Back to index

lightning-sunbird  0.9+nobinonly
Functions | Variables
certreq.c File Reference
#include "cert.h"
#include "certt.h"
#include "secder.h"
#include "key.h"
#include "secitem.h"
#include "secasn1.h"
#include "secerr.h"

Go to the source code of this file.

Functions

CERTCertificate * CERT_CreateCertificate (unsigned long serialNumber, CERTName *issuer, CERTValidity *validity, CERTCertificateRequest *req)
CERTCertificateRequest * CERT_CreateCertificateRequest (CERTName *subject, CERTSubjectPublicKeyInfo *spki, SECItem **attributes)
void CERT_DestroyCertificateRequest (CERTCertificateRequest *req)
static void setCRExt (void *o, CERTCertExtension **exts)
voidcert_StartExtensions (void *owner, PRArenaPool *ownerArena, void(*setExts)(void *object, CERTCertExtension **exts))
voidCERT_StartCertificateRequestAttributes (CERTCertificateRequest *req)
SECStatus CERT_FinishCertificateRequestAttributes (CERTCertificateRequest *req)
SECStatus CERT_GetCertificateRequestExtensions (CERTCertificateRequest *req, CERTCertExtension ***exts)

Variables

const SEC_ASN1Template CERT_AttributeTemplate []
const SEC_ASN1Template CERT_SetOfAttributeTemplate []
const SEC_ASN1Template CERT_CertificateRequestTemplate []

Function Documentation

CERTCertificate* CERT_CreateCertificate ( unsigned long  serialNumber,
CERTName *  issuer,
CERTValidity *  validity,
CERTCertificateRequest *  req 
)

Definition at line 78 of file certreq.c.

{
    CERTCertificate *c;
    int rv;
    PRArenaPool *arena;
    
    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
    
    if ( !arena ) {
       return(0);
    }

    c = (CERTCertificate *)PORT_ArenaZAlloc(arena, sizeof(CERTCertificate));
    
    if (c) {
       c->referenceCount = 1;
       c->arena = arena;

       /*
        * Default is a plain version 1.
        * If extensions are added, it will get changed as appropriate.
        */
       rv = DER_SetUInteger(arena, &c->version, SEC_CERTIFICATE_VERSION_1);
       if (rv) goto loser;

       rv = DER_SetUInteger(arena, &c->serialNumber, serialNumber);
       if (rv) goto loser;

       rv = CERT_CopyName(arena, &c->issuer, issuer);
       if (rv) goto loser;

       rv = CERT_CopyValidity(arena, &c->validity, validity);
       if (rv) goto loser;

       rv = CERT_CopyName(arena, &c->subject, &req->subject);
       if (rv) goto loser;
       rv = SECKEY_CopySubjectPublicKeyInfo(arena, &c->subjectPublicKeyInfo,
                                     &req->subjectPublicKeyInfo);
       if (rv) goto loser;
    }
    return c;

  loser:
    CERT_DestroyCertificate(c);
    return 0;
}

Here is the call graph for this function:

Here is the caller graph for this function:

CERTCertificateRequest* CERT_CreateCertificateRequest ( CERTName *  subject,
CERTSubjectPublicKeyInfo *  spki,
SECItem **  attributes 
)

Definition at line 148 of file certreq.c.

{
    CERTCertificateRequest *certreq;
    PRArenaPool *arena;
    CERTAttribute * attribute;
    SECOidData * oidData;
    SECStatus rv;
    int i = 0;

    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
    if ( arena == NULL ) {
       return NULL;
    }
    
    certreq = PORT_ArenaZNew(arena, CERTCertificateRequest);
    if (!certreq) {
       PORT_FreeArena(arena, PR_FALSE);
       return NULL;
    }
    /* below here it is safe to goto loser */

    certreq->arena = arena;
    
    rv = DER_SetUInteger(arena, &certreq->version,
                      SEC_CERTIFICATE_REQUEST_VERSION);
    if (rv != SECSuccess)
       goto loser;

    rv = CERT_CopyName(arena, &certreq->subject, subject);
    if (rv != SECSuccess)
       goto loser;

    rv = SECKEY_CopySubjectPublicKeyInfo(arena,
                                  &certreq->subjectPublicKeyInfo,
                                  spki);
    if (rv != SECSuccess)
       goto loser;

    certreq->attributes = PORT_ArenaZNewArray(arena, CERTAttribute*, 2);
    if(!certreq->attributes) 
       goto loser;

    /* Copy over attribute information */
    if (!attributes || !attributes[0]) {
       /*
        ** Invent empty attribute information. According to the
        ** pkcs#10 spec, attributes has this ASN.1 type:
        **
        ** attributes [0] IMPLICIT Attributes
        ** 
        ** Which means, we should create a NULL terminated list
        ** with the first entry being NULL;
        */
       certreq->attributes[0] = NULL;
       return certreq;
    }  

    /* allocate space for attributes */
    attribute = PORT_ArenaZNew(arena, CERTAttribute);
    if (!attribute) 
       goto loser;

    oidData = SECOID_FindOIDByTag( SEC_OID_PKCS9_EXTENSION_REQUEST );
    PORT_Assert(oidData);
    if (!oidData)
       goto loser;
    rv = SECITEM_CopyItem(arena, &attribute->attrType, &oidData->oid);
    if (rv != SECSuccess)
       goto loser;

    for (i = 0; attributes[i] != NULL ; i++) 
       ;
    attribute->attrValue = PORT_ArenaZNewArray(arena, SECItem *, i+1);
    if (!attribute->attrValue) 
       goto loser;

    /* copy attributes */
    for (i = 0; attributes[i]; i++) {
       /*
       ** Attributes are a SetOf Attribute which implies
       ** lexigraphical ordering.  It is assumes that the
       ** attributes are passed in sorted.  If we need to
       ** add functionality to sort them, there is an
       ** example in the PKCS 7 code.
       */
       attribute->attrValue[i] = SECITEM_ArenaDupItem(arena, attributes[i]);
       if(!attribute->attrValue[i]) 
           goto loser;
    }

    certreq->attributes[0] = attribute;

    return certreq;

loser:
    CERT_DestroyCertificateRequest(certreq);
    return NULL;
}

Here is the call graph for this function:

Here is the caller graph for this function:

void CERT_DestroyCertificateRequest ( CERTCertificateRequest *  req)

Definition at line 250 of file certreq.c.

{
    if (req && req->arena) {
       PORT_FreeArena(req->arena, PR_FALSE);
    }
    return;
}

Here is the call graph for this function:

Here is the caller graph for this function:

SECStatus CERT_FinishCertificateRequestAttributes ( CERTCertificateRequest *  req)

Definition at line 285 of file certreq.c.

{   SECItem *extlist;
    SECOidData *oidrec;
    CERTAttribute *attribute;
   
    if (!req || !req->arena) {
       PORT_SetError(SEC_ERROR_INVALID_ARGS);
        return SECFailure;
    }
    if (req->attributes == NULL || req->attributes[0] == NULL)
        return SECSuccess;

    extlist = SEC_ASN1EncodeItem(req->arena, NULL, &req->attributes,
                            SEC_ASN1_GET(CERT_SequenceOfCertExtensionTemplate));
    if (extlist == NULL)
        return(SECFailure);

    oidrec = SECOID_FindOIDByTag(SEC_OID_PKCS9_EXTENSION_REQUEST);
    if (oidrec == NULL)
       return SECFailure;

    /* now change the list of cert extensions into a list of attributes
     */
    req->attributes = PORT_ArenaZNewArray(req->arena, CERTAttribute*, 2);

    attribute = PORT_ArenaZNew(req->arena, CERTAttribute);
    
    if (req->attributes == NULL || attribute == NULL ||
        SECITEM_CopyItem(req->arena, &attribute->attrType, &oidrec->oid) != 0) {
        PORT_SetError(SEC_ERROR_NO_MEMORY);
       return SECFailure;
    }
    attribute->attrValue = PORT_ArenaZNewArray(req->arena, SECItem*, 2);

    if (attribute->attrValue == NULL)
        return SECFailure;

    attribute->attrValue[0] = extlist;
    attribute->attrValue[1] = NULL;
    req->attributes[0] = attribute;
    req->attributes[1] = NULL;

    return SECSuccess;
}

Here is the call graph for this function:

Here is the caller graph for this function:

SECStatus CERT_GetCertificateRequestExtensions ( CERTCertificateRequest *  req,
CERTCertExtension ***  exts 
)

Definition at line 331 of file certreq.c.

{
    if (req == NULL || exts == NULL) {
       PORT_SetError(SEC_ERROR_INVALID_ARGS);
        return SECFailure;
    }
    
    if (req->attributes == NULL || *req->attributes == NULL)
        return SECSuccess;
    
    if ((*req->attributes)->attrValue == NULL) {
       PORT_SetError(SEC_ERROR_INVALID_ARGS);
        return SECFailure;
    }

    return(SEC_ASN1DecodeItem(req->arena, exts, 
            SEC_ASN1_GET(CERT_SequenceOfCertExtensionTemplate),
            (*req->attributes)->attrValue[0]));
}

Here is the call graph for this function:

Here is the caller graph for this function:

void* CERT_StartCertificateRequestAttributes ( CERTCertificateRequest *  req)

Definition at line 272 of file certreq.c.

{
    return (cert_StartExtensions ((void *)req, req->arena, setCRExt));
}

Here is the call graph for this function:

Here is the caller graph for this function:

void* cert_StartExtensions ( void owner,
PRArenaPool ownerArena,
void(*)(void *object, CERTCertExtension **exts)  setExts 
)

Definition at line 159 of file certxutl.c.

{
    PRArenaPool *arena;
    extRec *handle;

    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
    if ( !arena ) {
       return(0);
    }

    handle = (extRec *)PORT_ArenaAlloc(arena, sizeof(extRec));
    if ( !handle ) {
       PORT_FreeArena(arena, PR_FALSE);
       return(0);
    }

    handle->object = owner;
    handle->ownerArena = ownerArena;
    handle->setExts = setExts;

    handle->arena = arena;
    handle->head = 0;
    handle->count = 0;
    
    return(handle);
}

Here is the call graph for this function:

Here is the caller graph for this function:

static void setCRExt ( void o,
CERTCertExtension **  exts 
) [static]

Definition at line 259 of file certreq.c.

{
    ((CERTCertificateRequest *)o)->attributes = (struct CERTAttributeStr **)exts;
}

Here is the caller graph for this function:


Variable Documentation

Initial value:
 {
    { SEC_ASN1_SEQUENCE,
       0, NULL, sizeof(CERTAttribute) },
    { SEC_ASN1_OBJECT_ID, offsetof(CERTAttribute, attrType) },
    { SEC_ASN1_SET_OF, offsetof(CERTAttribute, attrValue),
       SEC_AnyTemplate },
    { 0 }
}

Definition at line 45 of file certreq.c.

Initial value:
 {
    { SEC_ASN1_SEQUENCE,
         0, NULL, sizeof(CERTCertificateRequest) },
    { SEC_ASN1_INTEGER,
         offsetof(CERTCertificateRequest,version) },
    { SEC_ASN1_INLINE,
         offsetof(CERTCertificateRequest,subject),
         CERT_NameTemplate },
    { SEC_ASN1_INLINE,
         offsetof(CERTCertificateRequest,subjectPublicKeyInfo),
         CERT_SubjectPublicKeyInfoTemplate },
    { SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
         offsetof(CERTCertificateRequest,attributes), 
         CERT_SetOfAttributeTemplate },
    { 0 }
}

Definition at line 58 of file certreq.c.

Initial value:

Definition at line 54 of file certreq.c.