[apple/security.git] / OSX / libsecurity_apple_x509_cl / lib / DecodedCrl.cpp

/*
 * Copyright (c) 2002,2011,2014 Apple Inc. All Rights Reserved.
 * 
 * The contents of this file constitute Original Code as defined in and are
 * subject to the Apple Public Source License Version 1.2 (the 'License').
 * You may not use this file except in compliance with the License. Please obtain
 * a copy of the License at http://www.apple.com/publicsource and read it before
 * using this file.
 * 
 * This Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
 * specific language governing rights and limitations under the License.
 */


/*
 * DecodedCrl.cpp - object representing a decoded CRL, in NSS format,
 * with extensions parsed and decoded (still in NSS format).
 *
 */

#include "DecodedCrl.h"
#include "cldebugging.h"
#include "AppleX509CLSession.h"
#include "CSPAttacher.h"
#include <Security/cssmapple.h>

DecodedCrl::DecodedCrl(
	AppleX509CLSession	&session)
	: DecodedItem(session)
{
	memset(&mCrl, 0, sizeof(mCrl));
}

/* one-shot constructor, decoding from DER-encoded data */
DecodedCrl::DecodedCrl(
	AppleX509CLSession	&session,
	const CssmData 		&encodedCrl)
	: DecodedItem(session)
{
	memset(&mCrl, 0, sizeof(mCrl));
	PRErrorCode prtn = mCoder.decode(encodedCrl.data(), encodedCrl.length(), 
		kSecAsn1SignedCrlTemplate, &mCrl);
	if(prtn) {
		CssmError::throwMe(CSSMERR_CL_UNKNOWN_FORMAT);
	}
	mDecodedExtensions.decodeFromNss(mCrl.tbs.extensions);
	mState = IS_DecodedAll;
}
		
DecodedCrl::~DecodedCrl()
{
}
	
/* decode mCrl.tbs and its extensions */
void DecodedCrl::decodeCts(
	const CssmData	&encodedCts)
{
	assert(mState == IS_Empty);
	memset(&mCrl, 0, sizeof(mCrl));
	PRErrorCode prtn = mCoder.decode(encodedCts.data(), encodedCts.length(), 
		kSecAsn1TBSCrlTemplate, &mCrl.tbs);
	if(prtn) {
		CssmError::throwMe(CSSMERR_CL_UNKNOWN_FORMAT);
	}
	mDecodedExtensions.decodeFromNss(mCrl.tbs.extensions);
	mState = IS_DecodedTBS;
}

void DecodedCrl::encodeExtensions()
{
	NSS_TBSCrl &tbs = mCrl.tbs;
	assert(mState == IS_Building);
	assert(tbs.extensions == NULL);

	if(mDecodedExtensions.numExtensions() == 0) {
		/* no extensions, no error */
		return;
	}
	mDecodedExtensions.encodeToNss(tbs.extensions);
}

/*
 * FIXME : how to determine max encoding size at run time!?
 */
#define MAX_TEMPLATE_SIZE	(16 * 1024)

/* encode TBS component; only called from CrlCreateTemplate */
void DecodedCrl::encodeCts(
	CssmOwnedData	&encodedCts)
{
	encodeExtensions();
	assert(mState == IS_Building);
	
	/* enforce required fields - could go deeper, maybe we should */
	NSS_TBSCrl &tbs = mCrl.tbs;
	if((tbs.signature.algorithm.Data == NULL) ||
	   (tbs.issuer.rdns == NULL)) {
		clErrorLog("DecodedCrl::encodeTbs: incomplete TBS");
		/* an odd, undocumented error return */
		CssmError::throwMe(CSSMERR_CL_NO_FIELD_VALUES);
	}
	
	PRErrorCode prtn;
	prtn = SecNssEncodeItemOdata(&tbs, kSecAsn1TBSCrlTemplate,
		encodedCts);
	if(prtn) {
		CssmError::throwMe(CSSMERR_CL_MEMORY_ERROR);
	}
}
Commit	Line	Data
b1ab9ed8	1	/*
d8f41ccd	2	* Copyright (c) 2002,2011,2014 Apple Inc. All Rights Reserved.
b1ab9ed8 A	3	*
	4	* The contents of this file constitute Original Code as defined in and are
	5	* subject to the Apple Public Source License Version 1.2 (the 'License').
	6	* You may not use this file except in compliance with the License. Please obtain
	7	* a copy of the License at http://www.apple.com/publicsource and read it before
	8	* using this file.
	9	*
	10	* This Original Code and all software distributed under the License are
	11	* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
	12	* OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
	13	* LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
	14	* PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
	15	* specific language governing rights and limitations under the License.
	16	*/
	17
	18
	19	/*
	20	* DecodedCrl.cpp - object representing a decoded CRL, in NSS format,
	21	* with extensions parsed and decoded (still in NSS format).
	22	*
b1ab9ed8 A	23	*/
	24
	25	#include "DecodedCrl.h"
	26	#include "cldebugging.h"
	27	#include "AppleX509CLSession.h"
	28	#include "CSPAttacher.h"
	29	#include <Security/cssmapple.h>
	30
	31	DecodedCrl::DecodedCrl(
	32	AppleX509CLSession &session)
	33	: DecodedItem(session)
	34	{
	35	memset(&mCrl, 0, sizeof(mCrl));
	36	}
	37
	38	/* one-shot constructor, decoding from DER-encoded data */
	39	DecodedCrl::DecodedCrl(
	40	AppleX509CLSession &session,
	41	const CssmData &encodedCrl)
	42	: DecodedItem(session)
	43	{
	44	memset(&mCrl, 0, sizeof(mCrl));
	45	PRErrorCode prtn = mCoder.decode(encodedCrl.data(), encodedCrl.length(),
	46	kSecAsn1SignedCrlTemplate, &mCrl);
	47	if(prtn) {
	48	CssmError::throwMe(CSSMERR_CL_UNKNOWN_FORMAT);
	49	}
	50	mDecodedExtensions.decodeFromNss(mCrl.tbs.extensions);
	51	mState = IS_DecodedAll;
	52	}
	53
	54	DecodedCrl::~DecodedCrl()
	55	{
	56	}
	57
	58	/* decode mCrl.tbs and its extensions */
	59	void DecodedCrl::decodeCts(
	60	const CssmData &encodedCts)
	61	{
	62	assert(mState == IS_Empty);
	63	memset(&mCrl, 0, sizeof(mCrl));
	64	PRErrorCode prtn = mCoder.decode(encodedCts.data(), encodedCts.length(),
	65	kSecAsn1TBSCrlTemplate, &mCrl.tbs);
	66	if(prtn) {
	67	CssmError::throwMe(CSSMERR_CL_UNKNOWN_FORMAT);
	68	}
	69	mDecodedExtensions.decodeFromNss(mCrl.tbs.extensions);
	70	mState = IS_DecodedTBS;
	71	}
	72
	73	void DecodedCrl::encodeExtensions()
	74	{
	75	NSS_TBSCrl &tbs = mCrl.tbs;
	76	assert(mState == IS_Building);
	77	assert(tbs.extensions == NULL);
	78
	79	if(mDecodedExtensions.numExtensions() == 0) {
	80	/* no extensions, no error */
	81	return;
	82	}
	83	mDecodedExtensions.encodeToNss(tbs.extensions);
	84	}
	85
	86	/*
87	* FIXME : how to determine max encoding size at run time!?
88	*/
89	#define MAX_TEMPLATE_SIZE (16 * 1024)
90
91	/* encode TBS component; only called from CrlCreateTemplate */
92	void DecodedCrl::encodeCts(
93	CssmOwnedData &encodedCts)
94	{
95	encodeExtensions();
96	assert(mState == IS_Building);
97
98	/* enforce required fields - could go deeper, maybe we should */
99	NSS_TBSCrl &tbs = mCrl.tbs;
100	if((tbs.signature.algorithm.Data == NULL) \|\|
101	(tbs.issuer.rdns == NULL)) {
102	clErrorLog("DecodedCrl::encodeTbs: incomplete TBS");
103	/* an odd, undocumented error return */
104	CssmError::throwMe(CSSMERR_CL_NO_FIELD_VALUES);
105	}
106
107	PRErrorCode prtn;
108	prtn = SecNssEncodeItemOdata(&tbs, kSecAsn1TBSCrlTemplate,
109	encodedCts);
110	if(prtn) {
111	CssmError::throwMe(CSSMERR_CL_MEMORY_ERROR);
112	}
113	}
114