[apple/security.git] / OSX / libsecurity_cms / lib / CMSUtils.cpp

/*
 * Copyright (c) 2006,2011,2013-2014 Apple Inc. All Rights Reserved.
 * 
 * @APPLE_LICENSE_HEADER_START@
 * 
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this
 * file.
 * 
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 * 
 * @APPLE_LICENSE_HEADER_END@
 */
 
/*
 * CMSUtils.cpp - common utility routines for libCMS.
 */

#include "CMSUtils.h"
#include <stdlib.h>
#include <string.h>
#include <security_asn1/secerr.h>
#include <security_asn1/seccomon.h>
#include <Security/SecBase.h>

/*
 * Copy a CSSM_DATA, mallocing the result.
 */
void cmsCopyCmsData(
	const CSSM_DATA *src,
	CSSM_DATA *dst)
{
	dst->Data = (uint8 *)malloc(src->Length);
	memmove(dst->Data, src->Data, src->Length);
	dst->Length = src->Length;
}

/* 
 * Append a CF type, or the contents of an array, to another array.
 * destination array will be created if necessary.
 * If srcItemOrArray is not of the type specified in expectedType,
 * errSecParam will be returned. 
 */
OSStatus cmsAppendToArray(
	CFTypeRef srcItemOrArray,
	CFMutableArrayRef *dstArray,
	CFTypeID expectedType)	
{
	if(srcItemOrArray == NULL) {
		return errSecSuccess;
	}
	if(*dstArray == NULL) {
		*dstArray = CFArrayCreateMutable(NULL, 0, &kCFTypeArrayCallBacks);
	}
	CFTypeID inType = CFGetTypeID(srcItemOrArray);
	if(inType == CFArrayGetTypeID()) {
		CFArrayRef srcArray = (CFArrayRef)srcItemOrArray;
		CFRange srcRange = {0, CFArrayGetCount(srcArray)};
		CFArrayAppendArray(*dstArray, srcArray, srcRange);
	}
	else if(inType == expectedType) {
		CFArrayAppendValue(*dstArray, srcItemOrArray);
	}
	else {
		return errSecParam;
	}
	return errSecSuccess;
}

/* 
 * Munge an OSStatus returned from libsecurity_smime, which may well be an ASN.1 private
 * error code, to a real OSStatus.
 */
OSStatus cmsRtnToOSStatus(
	OSStatus smimeRtn,		// from libsecurity_smime
	OSStatus defaultRtn)	// use this if we can't map smimeRtn
{
	if(smimeRtn == SECFailure) {
		/* This is a SECStatus. Try to get detailed error info. */
		smimeRtn = PORT_GetError();
		if(smimeRtn == 0) {
			/* S/MIME just gave us generic error; no further info available; punt. */
			dprintf("cmsRtnToOSStatus: SECFailure, no status avilable\n");
			return defaultRtn ? defaultRtn : errSecInternalComponent;
		}
		/* else proceed to map smimeRtn to OSStatus */
	}
	if(!IS_SEC_ERROR(smimeRtn)) {
		/* isn't ASN.1 or S/MIME error; use as is. */
		return smimeRtn;
	}
	
	/* Convert SECErrorCodes to OSStatus */
	switch(smimeRtn) {
		case SEC_ERROR_BAD_DER:
		case SEC_ERROR_BAD_DATA:
			return errSecUnknownFormat;
		case SEC_ERROR_NO_MEMORY:
			return errSecAllocate;
		case SEC_ERROR_IO:
			return errSecIO;
		case SEC_ERROR_OUTPUT_LEN:
		case SEC_ERROR_INPUT_LEN:
		case SEC_ERROR_INVALID_ARGS:
		case SEC_ERROR_INVALID_ALGORITHM:
		case SEC_ERROR_INVALID_AVA:
		case SEC_ERROR_INVALID_TIME:
			return errSecParam;
		case SEC_ERROR_PKCS7_BAD_SIGNATURE:
		case SEC_ERROR_BAD_SIGNATURE:
			return CSSMERR_CSP_VERIFY_FAILED;
		case SEC_ERROR_EXPIRED_CERTIFICATE:
		case SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE:
			return CSSMERR_TP_CERT_EXPIRED;
		case SEC_ERROR_REVOKED_CERTIFICATE:
			return CSSMERR_TP_CERT_REVOKED;
		case SEC_ERROR_UNKNOWN_ISSUER:
		case SEC_ERROR_UNTRUSTED_ISSUER:
		case SEC_ERROR_UNTRUSTED_CERT:
			return CSSMERR_TP_NOT_TRUSTED;
		case SEC_ERROR_CERT_USAGES_INVALID:
		case SEC_ERROR_INADEQUATE_KEY_USAGE:
			return CSSMERR_CSP_KEY_USAGE_INCORRECT;
		case SEC_INTERNAL_ONLY:
			return errSecInternalComponent;
		case SEC_ERROR_NO_USER_INTERACTION:
			return errSecInteractionNotAllowed;
		case SEC_ERROR_USER_CANCELLED:
			return errSecUserCanceled;
		default:
			dprintf("cmsRtnToOSStatus: smimeRtn 0x%x\n", smimeRtn);
			return defaultRtn ? defaultRtn : errSecInternalComponent;
	}
}
Commit	Line	Data
b1ab9ed8	1	/*
d8f41ccd	2	* Copyright (c) 2006,2011,2013-2014 Apple Inc. All Rights Reserved.
b1ab9ed8 A	3	*
	4	* @APPLE_LICENSE_HEADER_START@
	5	*
	6	* This file contains Original Code and/or Modifications of Original Code
	7	* as defined in and that are subject to the Apple Public Source License
	8	* Version 2.0 (the 'License'). You may not use this file except in
	9	* compliance with the License. Please obtain a copy of the License at
	10	* http://www.opensource.apple.com/apsl/ and read it before using this
	11	* file.
	12	*
	13	* The Original Code and all software distributed under the License are
	14	* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
	15	* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
	16	* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
	17	* FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
	18	* Please see the License for the specific language governing rights and
	19	* limitations under the License.
	20	*
	21	* @APPLE_LICENSE_HEADER_END@
	22	*/
	23
	24	/*
	25	* CMSUtils.cpp - common utility routines for libCMS.
b1ab9ed8 A	26	*/
	27
	28	#include "CMSUtils.h"
	29	#include <stdlib.h>
	30	#include <string.h>
b1ab9ed8 A	31	#include <security_asn1/secerr.h>
	32	#include <security_asn1/seccomon.h>
	33	#include <Security/SecBase.h>
	34
	35	/*
	36	* Copy a CSSM_DATA, mallocing the result.
	37	*/
	38	void cmsCopyCmsData(
	39	const CSSM_DATA *src,
	40	CSSM_DATA *dst)
	41	{
	42	dst->Data = (uint8 *)malloc(src->Length);
	43	memmove(dst->Data, src->Data, src->Length);
	44	dst->Length = src->Length;
	45	}
	46
	47	/*
	48	* Append a CF type, or the contents of an array, to another array.
	49	* destination array will be created if necessary.
	50	* If srcItemOrArray is not of the type specified in expectedType,
427c49bc	51	* errSecParam will be returned.
b1ab9ed8 A	52	*/
	53	OSStatus cmsAppendToArray(
	54	CFTypeRef srcItemOrArray,
	55	CFMutableArrayRef *dstArray,
	56	CFTypeID expectedType)
	57	{
	58	if(srcItemOrArray == NULL) {
427c49bc	59	return errSecSuccess;
b1ab9ed8 A	60	}
	61	if(*dstArray == NULL) {
	62	*dstArray = CFArrayCreateMutable(NULL, 0, &kCFTypeArrayCallBacks);
	63	}
	64	CFTypeID inType = CFGetTypeID(srcItemOrArray);
	65	if(inType == CFArrayGetTypeID()) {
	66	CFArrayRef srcArray = (CFArrayRef)srcItemOrArray;
	67	CFRange srcRange = {0, CFArrayGetCount(srcArray)};
	68	CFArrayAppendArray(*dstArray, srcArray, srcRange);
	69	}
	70	else if(inType == expectedType) {
	71	CFArrayAppendValue(*dstArray, srcItemOrArray);
	72	}
	73	else {
427c49bc	74	return errSecParam;
b1ab9ed8	75	}
427c49bc	76	return errSecSuccess;
b1ab9ed8 A	77	}
	78
	79	/*
	80	* Munge an OSStatus returned from libsecurity_smime, which may well be an ASN.1 private
	81	* error code, to a real OSStatus.
	82	*/
	83	OSStatus cmsRtnToOSStatus(
	84	OSStatus smimeRtn, // from libsecurity_smime
	85	OSStatus defaultRtn) // use this if we can't map smimeRtn
	86	{
	87	if(smimeRtn == SECFailure) {
	88	/* This is a SECStatus. Try to get detailed error info. */
	89	smimeRtn = PORT_GetError();
	90	if(smimeRtn == 0) {
	91	/* S/MIME just gave us generic error; no further info available; punt. */
	92	dprintf("cmsRtnToOSStatus: SECFailure, no status avilable\n");
427c49bc	93	return defaultRtn ? defaultRtn : errSecInternalComponent;
b1ab9ed8 A	94	}
	95	/* else proceed to map smimeRtn to OSStatus */
	96	}
	97	if(!IS_SEC_ERROR(smimeRtn)) {
	98	/* isn't ASN.1 or S/MIME error; use as is. */
	99	return smimeRtn;
	100	}
	101
	102	/* Convert SECErrorCodes to OSStatus */
	103	switch(smimeRtn) {
	104	case SEC_ERROR_BAD_DER:
	105	case SEC_ERROR_BAD_DATA:
	106	return errSecUnknownFormat;
	107	case SEC_ERROR_NO_MEMORY:
427c49bc	108	return errSecAllocate;
b1ab9ed8	109	case SEC_ERROR_IO:
427c49bc	110	return errSecIO;
b1ab9ed8 A	111	case SEC_ERROR_OUTPUT_LEN:
	112	case SEC_ERROR_INPUT_LEN:
	113	case SEC_ERROR_INVALID_ARGS:
	114	case SEC_ERROR_INVALID_ALGORITHM:
	115	case SEC_ERROR_INVALID_AVA:
	116	case SEC_ERROR_INVALID_TIME:
427c49bc	117	return errSecParam;
b1ab9ed8 A	118	case SEC_ERROR_PKCS7_BAD_SIGNATURE:
	119	case SEC_ERROR_BAD_SIGNATURE:
	120	return CSSMERR_CSP_VERIFY_FAILED;
	121	case SEC_ERROR_EXPIRED_CERTIFICATE:
	122	case SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE:
	123	return CSSMERR_TP_CERT_EXPIRED;
	124	case SEC_ERROR_REVOKED_CERTIFICATE:
	125	return CSSMERR_TP_CERT_REVOKED;
	126	case SEC_ERROR_UNKNOWN_ISSUER:
	127	case SEC_ERROR_UNTRUSTED_ISSUER:
	128	case SEC_ERROR_UNTRUSTED_CERT:
	129	return CSSMERR_TP_NOT_TRUSTED;
	130	case SEC_ERROR_CERT_USAGES_INVALID:
	131	case SEC_ERROR_INADEQUATE_KEY_USAGE:
	132	return CSSMERR_CSP_KEY_USAGE_INCORRECT;
	133	case SEC_INTERNAL_ONLY:
427c49bc	134	return errSecInternalComponent;
b1ab9ed8 A	135	case SEC_ERROR_NO_USER_INTERACTION:
	136	return errSecInteractionNotAllowed;
	137	case SEC_ERROR_USER_CANCELLED:
427c49bc	138	return errSecUserCanceled;
b1ab9ed8 A	139	default:
b1ab9ed8 A	140	dprintf("cmsRtnToOSStatus: smimeRtn 0x%x\n", smimeRtn);
427c49bc	141	return defaultRtn ? defaultRtn : errSecInternalComponent;
b1ab9ed8 A	142	}
b1ab9ed8 A	143	}