Back to index

lightning-sunbird  0.9+nobinonly
Functions | Variables
polcyxtn.c File Reference
#include "seccomon.h"
#include "secport.h"
#include "secder.h"
#include "cert.h"
#include "secoid.h"
#include "secasn1.h"
#include "secerr.h"
#include "nspr.h"

Go to the source code of this file.

Functions

static void breakLines (char *string)
CERTCertificatePoliciesCERT_DecodeCertificatePoliciesExtension (SECItem *extnValue)
void CERT_DestroyCertificatePoliciesExtension (CERTCertificatePolicies *policies)
CERTUserNoticeCERT_DecodeUserNotice (SECItem *noticeItem)
void CERT_DestroyUserNotice (CERTUserNotice *userNotice)
void CERT_SetCAPolicyStringCallback (CERTPolicyStringCallback cb, void *cbarg)
char * stringFromUserNotice (SECItem *noticeItem)
char * CERT_GetCertCommentString (CERTCertificate *cert)
CERTOidSequenceCERT_DecodeOidSequence (SECItem *seqItem)
void CERT_DestroyOidSequence (CERTOidSequence *oidSeq)
PRBool CERT_GovtApprovedBitSet (CERTCertificate *cert)

Variables

const SEC_ASN1Template CERT_NoticeReferenceTemplate []
const SEC_ASN1Template CERT_UserNoticeTemplate []
const SEC_ASN1Template CERT_PolicyQualifierTemplate []
const SEC_ASN1Template CERT_PolicyInfoTemplate []
const SEC_ASN1Template CERT_CertificatePoliciesTemplate []
static CERTPolicyStringCallback policyStringCB = NULL
static voidpolicyStringCBArg = NULL
const SEC_ASN1Template CERT_OidSeqTemplate []

Function Documentation

static void breakLines ( char *  string) [static]

Definition at line 103 of file polcyxtn.c.

{
    char *tmpstr;
    char *lastspace = NULL;
    int curlen = 0;
    int c;
    
    tmpstr = string;

    while ( ( c = *tmpstr ) != '\0' ) {
       switch ( c ) {
         case ' ':
           lastspace = tmpstr;
           break;
         case '\n':
           lastspace = NULL;
           curlen = 0;
           break;
       }
       
       if ( ( curlen >= 55 ) && ( lastspace != NULL ) ) {
           *lastspace = '\n';
           curlen = ( tmpstr - lastspace );
           lastspace = NULL;
       }
       
       curlen++;
       tmpstr++;
    }
    
    return;
}

Here is the caller graph for this function:

Definition at line 137 of file polcyxtn.c.

{
    PRArenaPool *arena = NULL;
    SECStatus rv;
    CERTCertificatePolicies *policies;
    CERTPolicyInfo **policyInfos, *policyInfo;
    CERTPolicyQualifier **policyQualifiers, *policyQualifier;
    SECItem newExtnValue;
    
    /* make a new arena */
    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
    
    if ( !arena ) {
       goto loser;
    }

    /* allocate the certifiate policies structure */
    policies = (CERTCertificatePolicies *)
       PORT_ArenaZAlloc(arena, sizeof(CERTCertificatePolicies));
    
    if ( policies == NULL ) {
       goto loser;
    }
    
    policies->arena = arena;

    /* copy the DER into the arena, since Quick DER returns data that points
       into the DER input, which may get freed by the caller */
    rv = SECITEM_CopyItem(arena, &newExtnValue, extnValue);
    if ( rv != SECSuccess ) {
       goto loser;
    }

    /* decode the policy info */
    rv = SEC_QuickDERDecodeItem(arena, policies, CERT_CertificatePoliciesTemplate,
                         &newExtnValue);

    if ( rv != SECSuccess ) {
       goto loser;
    }

    /* initialize the oid tags */
    policyInfos = policies->policyInfos;
    while (*policyInfos != NULL ) {
       policyInfo = *policyInfos;
       policyInfo->oid = SECOID_FindOIDTag(&policyInfo->policyID);
       policyQualifiers = policyInfo->policyQualifiers;
       while ( policyQualifiers != NULL && *policyQualifiers != NULL ) {
           policyQualifier = *policyQualifiers;
           policyQualifier->oid =
              SECOID_FindOIDTag(&policyQualifier->qualifierID);
           policyQualifiers++;
       }
       policyInfos++;
    }

    return(policies);
    
loser:
    if ( arena != NULL ) {
       PORT_FreeArena(arena, PR_FALSE);
    }
    
    return(NULL);
}
CERTOidSequence* CERT_DecodeOidSequence ( SECItem *  seqItem)

Definition at line 466 of file polcyxtn.c.

{
    PRArenaPool *arena = NULL;
    SECStatus rv;
    CERTOidSequence *oidSeq;
    SECItem newSeqItem;
    
    /* make a new arena */
    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
    
    if ( !arena ) {
       goto loser;
    }

    /* allocate the userNotice structure */
    oidSeq = (CERTOidSequence *)PORT_ArenaZAlloc(arena,
                                           sizeof(CERTOidSequence));
    
    if ( oidSeq == NULL ) {
       goto loser;
    }
    
    oidSeq->arena = arena;

    /* copy the DER into the arena, since Quick DER returns data that points
       into the DER input, which may get freed by the caller */
    rv = SECITEM_CopyItem(arena, &newSeqItem, seqItem);
    if ( rv != SECSuccess ) {
       goto loser;
    }

    /* decode the user notice */
    rv = SEC_QuickDERDecodeItem(arena, oidSeq, CERT_OidSeqTemplate, &newSeqItem);

    if ( rv != SECSuccess ) {
       goto loser;
    }

    return(oidSeq);
    
loser:
    return(NULL);
}
CERTUserNotice* CERT_DecodeUserNotice ( SECItem *  noticeItem)

Definition at line 214 of file polcyxtn.c.

{
    PRArenaPool *arena = NULL;
    SECStatus rv;
    CERTUserNotice *userNotice;
    SECItem newNoticeItem;
    
    /* make a new arena */
    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
    
    if ( !arena ) {
       goto loser;
    }

    /* allocate the userNotice structure */
    userNotice = (CERTUserNotice *)PORT_ArenaZAlloc(arena,
                                              sizeof(CERTUserNotice));
    
    if ( userNotice == NULL ) {
       goto loser;
    }
    
    userNotice->arena = arena;

    /* copy the DER into the arena, since Quick DER returns data that points
       into the DER input, which may get freed by the caller */
    rv = SECITEM_CopyItem(arena, &newNoticeItem, noticeItem);
    if ( rv != SECSuccess ) {
       goto loser;
    }

    /* decode the user notice */
    rv = SEC_QuickDERDecodeItem(arena, userNotice, CERT_UserNoticeTemplate, 
                         &newNoticeItem);

    if ( rv != SECSuccess ) {
       goto loser;
    }

    if (userNotice->derNoticeReference.data != NULL) {
       /* sigh, the asn1 parser stripped the sequence encoding, re add it
        * before we decode.
        */
       SECItem tmpbuf;
       int    newBytes;

       newBytes = SEC_ASN1LengthLength(userNotice->derNoticeReference.len)+1;
       tmpbuf.len = newBytes + userNotice->derNoticeReference.len;
       tmpbuf.data = PORT_ArenaZAlloc(arena, tmpbuf.len);
       if (tmpbuf.data == NULL) {
           goto loser;
       }
       tmpbuf.data[0] = SEC_ASN1_SEQUENCE | SEC_ASN1_CONSTRUCTED;
       SEC_ASN1EncodeLength(&tmpbuf.data[1],userNotice->derNoticeReference.len);
       PORT_Memcpy(&tmpbuf.data[newBytes],userNotice->derNoticeReference.data,
                            userNotice->derNoticeReference.len);

       /* OK, no decode it */
       rv = SEC_QuickDERDecodeItem(arena, &userNotice->noticeReference, 
           CERT_NoticeReferenceTemplate, &tmpbuf);

       PORT_Free(tmpbuf.data); tmpbuf.data = NULL;
       if ( rv != SECSuccess ) {
           goto loser;
       }
    }

    return(userNotice);
    
loser:
    if ( arena != NULL ) {
       PORT_FreeArena(arena, PR_FALSE);
    }
    
    return(NULL);
}

Definition at line 204 of file polcyxtn.c.

{
    if ( policies != NULL ) {
       PORT_FreeArena(policies->arena, PR_FALSE);
    }
    return;
}

Definition at line 512 of file polcyxtn.c.

{
    if ( oidSeq != NULL ) {
       PORT_FreeArena(oidSeq->arena, PR_FALSE);
    }
    return;
}

Definition at line 292 of file polcyxtn.c.

{
    if ( userNotice != NULL ) {
       PORT_FreeArena(userNotice->arena, PR_FALSE);
    }
    return;
}
char* CERT_GetCertCommentString ( CERTCertificate *  cert)

Definition at line 394 of file polcyxtn.c.

{
    char *retstring = NULL;
    SECStatus rv;
    SECItem policyItem;
    CERTCertificatePolicies *policies = NULL;
    CERTPolicyInfo **policyInfos;
    CERTPolicyQualifier **policyQualifiers, *qualifier;

    policyItem.data = NULL;
    
    rv = CERT_FindCertExtension(cert, SEC_OID_X509_CERTIFICATE_POLICIES,
                            &policyItem);
    if ( rv != SECSuccess ) {
       goto nopolicy;
    }

    policies = CERT_DecodeCertificatePoliciesExtension(&policyItem);
    if ( policies == NULL ) {
       goto nopolicy;
    }

    policyInfos = policies->policyInfos;
    /* search through policyInfos looking for the verisign policy */
    while (*policyInfos != NULL ) {
       if ( (*policyInfos)->oid == SEC_OID_VERISIGN_USER_NOTICES ) {
           policyQualifiers = (*policyInfos)->policyQualifiers;
           /* search through the policy qualifiers looking for user notice */
           while ( policyQualifiers != NULL && *policyQualifiers != NULL ) {
              qualifier = *policyQualifiers;
              if ( qualifier->oid == SEC_OID_PKIX_USER_NOTICE_QUALIFIER ) {
                  retstring =
                     stringFromUserNotice(&qualifier->qualifierValue);
                  break;
              }

              policyQualifiers++;
           }
           break;
       }
       policyInfos++;
    }

nopolicy:
    if ( policyItem.data != NULL ) {
       PORT_Free(policyItem.data);
    }

    if ( policies != NULL ) {
       CERT_DestroyCertificatePoliciesExtension(policies);
    }
    
    if ( retstring == NULL ) {
       retstring = CERT_FindNSStringExtension(cert,
                                          SEC_OID_NS_CERT_EXT_COMMENT);
    }
    
    if ( retstring != NULL ) {
       breakLines(retstring);
    }
    
    return(retstring);
}
PRBool CERT_GovtApprovedBitSet ( CERTCertificate *  cert)

Definition at line 521 of file polcyxtn.c.

{
    SECStatus rv;
    SECItem extItem;
    CERTOidSequence *oidSeq = NULL;
    PRBool ret;
    SECItem **oids;
    SECItem *oid;
    SECOidTag oidTag;
    
    extItem.data = NULL;
    rv = CERT_FindCertExtension(cert, SEC_OID_X509_EXT_KEY_USAGE, &extItem);
    if ( rv != SECSuccess ) {
       goto loser;
    }

    oidSeq = CERT_DecodeOidSequence(&extItem);
    if ( oidSeq == NULL ) {
       goto loser;
    }

    oids = oidSeq->oids;
    while ( oids != NULL && *oids != NULL ) {
       oid = *oids;
       
       oidTag = SECOID_FindOIDTag(oid);
       
       if ( oidTag == SEC_OID_NS_KEY_USAGE_GOVT_APPROVED ) {
           goto success;
       }
       
       oids++;
    }

loser:
    ret = PR_FALSE;
    goto done;
success:
    ret = PR_TRUE;
done:
    if ( oidSeq != NULL ) {
       CERT_DestroyOidSequence(oidSeq);
    }
    if (extItem.data != NULL) {
       PORT_Free(extItem.data);
    }
    return(ret);
}

Definition at line 304 of file polcyxtn.c.

{
    policyStringCB = cb;
    policyStringCBArg = cbarg;
    return;
}
char* stringFromUserNotice ( SECItem *  noticeItem)

Definition at line 312 of file polcyxtn.c.

{
    SECItem *org;
    unsigned int len, headerlen;
    char *stringbuf;
    CERTUserNotice *userNotice;
    char *policystr;
    char *retstr = NULL;
    SECItem *displayText;
    SECItem **noticeNumbers;
    unsigned int strnum;
    
    /* decode the user notice */
    userNotice = CERT_DecodeUserNotice(noticeItem);
    if ( userNotice == NULL ) {
       return(NULL);
    }
    
    org = &userNotice->noticeReference.organization;
    if ( (org->len != 0 ) && ( policyStringCB != NULL ) ) {
       /* has a noticeReference */

       /* extract the org string */
       len = org->len;
       stringbuf = (char*)PORT_Alloc(len + 1);
       if ( stringbuf != NULL ) {
           PORT_Memcpy(stringbuf, org->data, len);
           stringbuf[len] = '\0';

           noticeNumbers = userNotice->noticeReference.noticeNumbers;
           while ( *noticeNumbers != NULL ) {
              /* XXX - only one byte integers right now*/
              strnum = (*noticeNumbers)->data[0];
              policystr = (* policyStringCB)(stringbuf,
                                          strnum,
                                          policyStringCBArg);
              if ( policystr != NULL ) {
                  if ( retstr != NULL ) {
                     retstr = PR_sprintf_append(retstr, "\n%s", policystr);
                  } else {
                     retstr = PR_sprintf_append(retstr, "%s", policystr);
                  }

                  PORT_Free(policystr);
              }
              
              noticeNumbers++;
           }

           PORT_Free(stringbuf);
       }
    }

    if ( retstr == NULL ) {
       if ( userNotice->displayText.len != 0 ) {
           displayText = &userNotice->displayText;

           if ( displayText->len > 2 ) {
              if ( displayText->data[0] == SEC_ASN1_VISIBLE_STRING ) {
                  headerlen = 2;
                  if ( displayText->data[1] & 0x80 ) {
                     /* multibyte length */
                     headerlen += ( displayText->data[1] & 0x7f );
                  }

                  len = displayText->len - headerlen;
                  retstr = (char*)PORT_Alloc(len + 1);
                  if ( retstr != NULL ) {
                     PORT_Memcpy(retstr, &displayText->data[headerlen],len);
                     retstr[len] = '\0';
                  }
              }
           }
       }
    }
    
    CERT_DestroyUserNotice(userNotice);
    
    return(retstr);
}

Here is the call graph for this function:

Here is the caller graph for this function:


Variable Documentation

Initial value:

Definition at line 96 of file polcyxtn.c.

Initial value:

Definition at line 52 of file polcyxtn.c.

Initial value:

Definition at line 459 of file polcyxtn.c.

Initial value:

Definition at line 85 of file polcyxtn.c.

Initial value:

Definition at line 75 of file polcyxtn.c.

Initial value:

Definition at line 65 of file polcyxtn.c.

Definition at line 300 of file polcyxtn.c.

Definition at line 301 of file polcyxtn.c.