]> git.saurik.com Git - apple/security.git/blob - OSX/libsecurity_keychain/lib/tsaDERUtilities.c
Security-57336.1.9.tar.gz
[apple/security.git] / OSX / libsecurity_keychain / lib / tsaDERUtilities.c
1 /*
2 * Copyright (c) 2012,2014 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 *
23 * tsaDERUtilities.c - ASN1 templates Time Stamping Authority requests and responses.
24 * see rfc3161.asn1 for ASN.1 and other comments
25 */
26
27 #include <libDER/asn1Types.h>
28 #include <libDER/DER_Decode.h>
29 #include <AssertMacros.h>
30 #include <Security/cssmtype.h>
31 #include <stdlib.h>
32 #include "tsaDERUtilities.h"
33
34 #ifndef DER_MULTIBYTE_TAGS
35 #error We expect DER_MULTIBYTE_TAGS
36 #endif
37
38 /* PKIStatusInfo */
39 typedef struct {
40 DERItem status; // INTEGER
41 DERItem statusString; // UTF8_STRING | SEC_ASN1_OPTIONAL
42 DERItem failInfo; // BIT_STRING | SEC_ASN1_OPTIONAL
43 } DERPKIStatusInfo;
44
45 /* xx */
46 typedef struct {
47 DERItem statusString; // UTF8_STRING | SEC_ASN1_OPTIONAL
48 } DERPKIStatusStringInner;
49
50 /* TimeStampResp */
51 typedef struct
52 {
53 DERItem status; /* PKIStatusInfo */
54 DERItem timeStampToken; /* TimeStampToken */
55 } DERTimeStampResp;
56
57 /* TimeStampResp */
58 const DERItemSpec DERTimeStampRespItemSpecs[] =
59 {
60 { DER_OFFSET(DERTimeStampResp, status),
61 ASN1_CONSTR_SEQUENCE, DER_DEC_NO_OPTS },
62 { DER_OFFSET(DERTimeStampResp, timeStampToken),
63 ASN1_CONSTR_SEQUENCE, DER_DEC_NO_OPTS | DER_DEC_OPTIONAL | DER_DEC_SAVE_DER}
64 };
65 const DERSize DERNumTimeStampRespItemSpecs = sizeof(DERTimeStampRespItemSpecs) / sizeof(DERItemSpec);
66
67 /*
68 This code is here rather than in libsecurity_smime because
69 libsecurity_smime doesn't know about libDER
70 */
71
72 int DERDecodeTimeStampResponse(
73 const CSSM_DATA *contents,
74 CSSM_DATA *derStatus,
75 CSSM_DATA *derTimeStampToken,
76 size_t *numUsedBytes) /* RETURNED */
77 {
78 DERReturn drtn = DR_ParamErr;
79 DERDecodedInfo decodedPackage;
80
81 if (contents)
82 {
83 DERItem derContents = {.data = contents->Data, .length = contents->Length };
84 DERTimeStampResp derResponse = {{0,},{0,}};
85 DERReturn rx;
86 require_noerr(DERDecodeItem(&derContents, &decodedPackage), badResponse);
87
88 rx = DERParseSequenceContent(&decodedPackage.content,
89 DERNumTimeStampRespItemSpecs, DERTimeStampRespItemSpecs,
90 &derResponse, 0);
91 if (rx != DR_Success)
92 goto badResponse;
93 /*
94 require_noerr(DERParseSequenceContent(&decodedPackage.content,
95 DERNumTimeStampRespItemSpecs, DERTimeStampRespItemSpecs,
96 &derResponse, 0), badResponse);
97 */
98 if (derStatus && derResponse.status.data)
99 {
100 derStatus->Data = malloc(derResponse.status.length);
101 derStatus->Length = derResponse.status.length;
102 memcpy(derStatus->Data, derResponse.status.data, derStatus->Length);
103 }
104 if (derTimeStampToken && derResponse.timeStampToken.data)
105 {
106 derTimeStampToken->Data = malloc(derResponse.timeStampToken.length);
107 derTimeStampToken->Length = derResponse.timeStampToken.length;
108 memcpy(derTimeStampToken->Data, derResponse.timeStampToken.data, derTimeStampToken->Length);
109 }
110 }
111
112 drtn = DR_Success;
113
114 badResponse:
115 if (numUsedBytes)
116 *numUsedBytes = decodedPackage.content.length +
117 decodedPackage.content.data - contents->Data;
118
119 return drtn;
120 }
121