libsecurity_smime/lib/CMSUtils.c

   1 /*
   2  * Copyright (c) 2006,2011,2013-2014 Apple Inc. All Rights Reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. Please obtain a copy of the License at
  10  * http://www.opensource.apple.com/apsl/ and read it before using this
  11  * file.
  12  *
  13  * The Original Code and all software distributed under the License are
  14  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  * Please see the License for the specific language governing rights and
  19  * limitations under the License.
  20  *
  21  * @APPLE_LICENSE_HEADER_END@
  22  */
  23
  24 /*
  25  * CMSUtils.cpp - common utility routines for libCMS.
  26  */
  27
  28 #include "CMSUtils.h"
  29 #include <stdlib.h>
  30 #include <string.h>
  31 #include <security_asn1/secerr.h>
  32 #include <security_asn1/seccomon.h>
  33 #include <Security/SecBase.h>
  34
  35 /*
  36  * Copy a CSSM_DATA, mallocing the result.
  37  */
  38 void cmsCopyCmsData(
  39                     const SecAsn1Item *src,
  40                     SecAsn1Item *dst)
  41 {
  42     dst->Data = (uint8_t *)malloc(src->Length);
  43     memmove(dst->Data, src->Data, src->Length);
  44     dst->Length = src->Length;
  45 }
  46
  47 /*
  48  * Append a CF type, or the contents of an array, to another array.
  49  * destination array will be created if necessary.
  50  * If srcItemOrArray is not of the type specified in expectedType,
  51  * errSecParam will be returned.
  52  */
  53 OSStatus cmsAppendToArray(
  54                           CFTypeRef srcItemOrArray,
  55                           CFMutableArrayRef *dstArray,
  56                           CFTypeID expectedType)
  57 {
  58     if(srcItemOrArray == NULL) {
  59         return errSecSuccess;
  60     }
  61     if(*dstArray == NULL) {
  62         *dstArray = CFArrayCreateMutable(NULL, 0, &kCFTypeArrayCallBacks);
  63     }
  64     CFTypeID inType = CFGetTypeID(srcItemOrArray);
  65     if(inType == CFArrayGetTypeID()) {
  66         CFArrayRef srcArray = (CFArrayRef)srcItemOrArray;
  67         CFRange srcRange = {0, CFArrayGetCount(srcArray)};
  68         CFArrayAppendArray(*dstArray, srcArray, srcRange);
  69     }
  70     else if(inType == expectedType) {
  71         CFArrayAppendValue(*dstArray, srcItemOrArray);
  72     }
  73     else {
  74         return errSecParam;
  75     }
  76     return errSecSuccess;
  77 }
  78
  79 /*
  80  * Munge an OSStatus returned from libsecurity_smime, which may well be an ASN.1 private
  81  * error code, to a real OSStatus.
  82  */
  83 OSStatus cmsRtnToOSStatusDefault(OSStatus smimeRtn,             // from libsecurity_smime
  84                           OSStatus defaultRtn)  // use this if we can't map smimeRtn
  85 {
  86     if(smimeRtn == SECFailure) {
  87         /* This is a SECStatus. Try to get detailed error info. */
  88         smimeRtn = PORT_GetError();
  89         PORT_SetError(0); // clean up the thread since we're handling this error
  90         if(smimeRtn == 0) {
  91             /* S/MIME just gave us generic error; no further info available; punt. */
  92             dprintf("cmsRtnToOSStatus: SECFailure, no status avilable\n");
  93             return defaultRtn ? defaultRtn : errSecInternalComponent;
  94         }
  95         /* else proceed to map smimeRtn to OSStatus */
  96     }
  97     if(!IS_SEC_ERROR(smimeRtn)) {
  98         /* isn't ASN.1 or S/MIME error; use as is. */
  99         return smimeRtn;
 100     }
 101
 102     /* Convert SECErrorCodes to OSStatus */
 103     switch(smimeRtn) {
 104         case SEC_ERROR_BAD_DER:
 105         case SEC_ERROR_BAD_DATA:
 106             return errSecUnknownFormat;
 107         case SEC_ERROR_NO_MEMORY:
 108             return errSecAllocate;
 109         case SEC_ERROR_IO:
 110             return errSecIO;
 111         case SEC_ERROR_OUTPUT_LEN:
 112         case SEC_ERROR_INPUT_LEN:
 113         case SEC_ERROR_INVALID_ARGS:
 114         case SEC_ERROR_INVALID_ALGORITHM:
 115         case SEC_ERROR_INVALID_AVA:
 116         case SEC_ERROR_INVALID_TIME:
 117             return errSecParam;
 118         case SEC_ERROR_PKCS7_BAD_SIGNATURE:
 119         case SEC_ERROR_BAD_SIGNATURE:
 120             return errSecInvalidSignature;
 121         case SEC_ERROR_EXPIRED_CERTIFICATE:
 122         case SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE:
 123             return errSecCertificateExpired;
 124         case SEC_ERROR_REVOKED_CERTIFICATE:
 125             return errSecCertificateRevoked;
 126         case SEC_ERROR_UNKNOWN_ISSUER:
 127         case SEC_ERROR_UNTRUSTED_ISSUER:
 128         case SEC_ERROR_UNTRUSTED_CERT:
 129             return errSecNotTrusted;
 130         case SEC_ERROR_CERT_USAGES_INVALID:
 131         case SEC_ERROR_INADEQUATE_KEY_USAGE:
 132             return errSecKeyUsageIncorrect;
 133         case SEC_INTERNAL_ONLY:
 134             return errSecInternalComponent;
 135         case SEC_ERROR_NO_USER_INTERACTION:
 136             return errSecInteractionNotAllowed;
 137         case SEC_ERROR_USER_CANCELLED:
 138             return errSecUserCanceled;
 139         default:
 140             dprintf("cmsRtnToOSStatus: smimeRtn 0x%x\n", smimeRtn);
 141             return defaultRtn ? defaultRtn : errSecInternalComponent;
 142     }
 143 }
 144
 145 OSStatus cmsRtnToOSStatus(OSStatus smimeRtn) {
 146     return cmsRtnToOSStatusDefault(smimeRtn, 0);
 147 }