Startsida Utforska Hjälp
Logga in
khronosschoty
/
palemoon-dev
Bevaka 2
Stjärnmärk 1
Fork 0
Filer Ärenden 0 Pull-förfrågningar 0 Wiki
Träd: ac60e7ecec
Grenar Taggar
palemoon-dev
/
platform
/
security
/
nss
/
lib
/
smime
/
cmsreclist.c

cmsreclist.c 6.0 KB
Historik

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171 
  1. /* This Source Code Form is subject to the terms of the Mozilla Public
    2. 

  2.  * License, v. 2.0. If a copy of the MPL was not distributed with this
    3. 

  3.  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
    4. 

  4. 

  5. /*
    6. 

  6.  * CMS recipient list functions
    7. 

  7.  */
    8. 

  8. 

  9. #include "cmslocal.h"
    10. 

  10. 

  11. #include "cert.h"
    12. 

  12. #include "keyhi.h"
    13. 

  13. #include "secasn1.h"
    14. 

  14. #include "secitem.h"
    15. 

  15. #include "secoid.h"
    16. 

  16. #include "pk11func.h"
    17. 

  17. #include "prtime.h"
    18. 

  18. #include "secerr.h"
    19. 

  19. 

  20. static int
    21. 

  21. nss_cms_recipients_traverse(NSSCMSRecipientInfo **recipientinfos,
    22. 

  22.                             NSSCMSRecipient **recipient_list)
    23. 

  23. {
    24. 

  24.     int count = 0;
    25. 

  25.     int rlindex = 0;
    26. 

  26.     int i, j;
    27. 

  27.     NSSCMSRecipient *rle;
    28. 

  28.     NSSCMSRecipientInfo *ri;
    29. 

  29.     NSSCMSRecipientEncryptedKey *rek;
    30. 

  30. 

  31.     for (i = 0; recipientinfos[i] != NULL; i++) {
    32. 

  32.         ri = recipientinfos[i];
    33. 

  33.         switch (ri->recipientInfoType) {
    34. 

  34.             case NSSCMSRecipientInfoID_KeyTrans:
    35. 

  35.                 if (recipient_list) {
    36. 

  36.                     NSSCMSRecipientIdentifier *recipId =
    37. 

  37.                         &ri->ri.keyTransRecipientInfo.recipientIdentifier;
    38. 

  38. 

  39.                     if (recipId->identifierType != NSSCMSRecipientID_IssuerSN &&
    40. 

  40.                         recipId->identifierType != NSSCMSRecipientID_SubjectKeyID) {
    41. 

  41.                         PORT_SetError(SEC_ERROR_INVALID_ARGS);
    42. 

  42.                         return -1;
    43. 

  43.                     }
    44. 

  44.                     /* alloc one & fill it out */
    45. 

  45.                     rle = (NSSCMSRecipient *)PORT_ZAlloc(sizeof(NSSCMSRecipient));
    46. 

  46.                     if (!rle)
    47. 

  47.                         return -1;
    48. 

  48. 

  49.                     rle->riIndex = i;
    50. 

  50.                     rle->subIndex = -1;
    51. 

  51.                     switch (recipId->identifierType) {
    52. 

  52.                         case NSSCMSRecipientID_IssuerSN:
    53. 

  53.                             rle->kind = RLIssuerSN;
    54. 

  54.                             rle->id.issuerAndSN = recipId->id.issuerAndSN;
    55. 

  55.                             break;
    56. 

  56.                         case NSSCMSRecipientID_SubjectKeyID:
    57. 

  57.                             rle->kind = RLSubjKeyID;
    58. 

  58.                             rle->id.subjectKeyID = recipId->id.subjectKeyID;
    59. 

  59.                             break;
    60. 

  60.                         default: /* we never get here because of identifierType check
    61. 

  61.                                     we done before. Leaving it to kill compiler warning */
    62. 

  62.                             break;
    63. 

  63.                     }
    64. 

  64.                     recipient_list[rlindex++] = rle;
    65. 

  65.                 } else {
    66. 

  66.                     count++;
    67. 

  67.                 }
    68. 

  68.                 break;
    69. 

  69.             case NSSCMSRecipientInfoID_KeyAgree:
    70. 

  70.                 if (ri->ri.keyAgreeRecipientInfo.recipientEncryptedKeys == NULL)
    71. 

  71.                     break;
    72. 

  72.                 for (j = 0; ri->ri.keyAgreeRecipientInfo.recipientEncryptedKeys[j] != NULL; j++) {
    73. 

  73.                     if (recipient_list) {
    74. 

  74.                         rek = ri->ri.keyAgreeRecipientInfo.recipientEncryptedKeys[j];
    75. 

  75.                         /* alloc one & fill it out */
    76. 

  76.                         rle = (NSSCMSRecipient *)PORT_ZAlloc(sizeof(NSSCMSRecipient));
    77. 

  77.                         if (!rle)
    78. 

  78.                             return -1;
    79. 

  79. 

  80.                         rle->riIndex = i;
    81. 

  81.                         rle->subIndex = j;
    82. 

  82.                         switch (rek->recipientIdentifier.identifierType) {
    83. 

  83.                             case NSSCMSKeyAgreeRecipientID_IssuerSN:
    84. 

  84.                                 rle->kind = RLIssuerSN;
    85. 

  85.                                 rle->id.issuerAndSN = rek->recipientIdentifier.id.issuerAndSN;
    86. 

  86.                                 break;
    87. 

  87.                             case NSSCMSKeyAgreeRecipientID_RKeyID:
    88. 

  88.                                 rle->kind = RLSubjKeyID;
    89. 

  89.                                 rle->id.subjectKeyID =
    90. 

  90.                                     rek->recipientIdentifier.id.recipientKeyIdentifier.subjectKeyIdentifier;
    91. 

  91.                                 break;
    92. 

  92.                         }
    93. 

  93.                         recipient_list[rlindex++] = rle;
    94. 

  94.                     } else {
    95. 

  95.                         count++;
    96. 

  96.                     }
    97. 

  97.                 }
    98. 

  98.                 break;
    99. 

  99.             case NSSCMSRecipientInfoID_KEK:
    100. 

  100.                 /* KEK is not implemented */
    101. 

  101.                 break;
    102. 

  102.         }
    103. 

  103.     }
    104. 

  104.     /* if we have a recipient list, we return on success (-1, above, on failure) */
    105. 

  105.     /* otherwise, we return the count. */
    106. 

  106.     if (recipient_list) {
    107. 

  107.         recipient_list[rlindex] = NULL;
    108. 

  108.         return 0;
    109. 

  109.     } else {
    110. 

  110.         return count;
    111. 

  111.     }
    112. 

  112. }
    113. 

  113. 

  114. NSSCMSRecipient **
    115. 

  115. nss_cms_recipient_list_create(NSSCMSRecipientInfo **recipientinfos)
    116. 

  116. {
    117. 

  117.     int count, rv;
    118. 

  118.     NSSCMSRecipient **recipient_list;
    119. 

  119. 

  120.     /* count the number of recipient identifiers */
    121. 

  121.     count = nss_cms_recipients_traverse(recipientinfos, NULL);
    122. 

  122.     if (count <= 0) {
    123. 

  123.         /* no recipients? */
    124. 

  124.         PORT_SetError(SEC_ERROR_BAD_DATA);
    125. 

  125. #if 0
    126. 

  126.     PORT_SetErrorString("Cannot find recipient data in envelope.");
    127. 

  127. #endif
    128. 

  128.         return NULL;
    129. 

  129.     }
    130. 

  130. 

  131.     /* allocate an array of pointers */
    132. 

  132.     recipient_list = (NSSCMSRecipient **)
    133. 

  133.         PORT_ZAlloc((count + 1) * sizeof(NSSCMSRecipient *));
    134. 

  134.     if (recipient_list == NULL)
    135. 

  135.         return NULL;
    136. 

  136. 

  137.     /* now fill in the recipient_list */
    138. 

  138.     rv = nss_cms_recipients_traverse(recipientinfos, recipient_list);
    139. 

  139.     if (rv < 0) {
    140. 

  140.         nss_cms_recipient_list_destroy(recipient_list);
    141. 

  141.         return NULL;
    142. 

  142.     }
    143. 

  143.     return recipient_list;
    144. 

  144. }
    145. 

  145. 

  146. void
    147. 

  147. nss_cms_recipient_list_destroy(NSSCMSRecipient **recipient_list)
    148. 

  148. {
    149. 

  149.     int i;
    150. 

  150.     NSSCMSRecipient *recipient;
    151. 

  151. 

  152.     for (i = 0; recipient_list[i] != NULL; i++) {
    153. 

  153.         recipient = recipient_list[i];
    154. 

  154.         if (recipient->cert)
    155. 

  155.             CERT_DestroyCertificate(recipient->cert);
    156. 

  156.         if (recipient->privkey)
    157. 

  157.             SECKEY_DestroyPrivateKey(recipient->privkey);
    158. 

  158.         if (recipient->slot)
    159. 

  159.             PK11_FreeSlot(recipient->slot);
    160. 

  160.         PORT_Free(recipient);
    161. 

  161.     }
    162. 

  162.     PORT_Free(recipient_list);
    163. 

  163. }
    164. 

  164. 

  165. NSSCMSRecipientEncryptedKey *
    166. 

  166. NSS_CMSRecipientEncryptedKey_Create(PLArenaPool *poolp)
    167. 

  167. {
    168. 

  168.     return (NSSCMSRecipientEncryptedKey *)PORT_ArenaZAlloc(poolp,
    169. 

  169.                                                            sizeof(NSSCMSRecipientEncryptedKey));
    170. 

  170. }
    171. 

  171.