]> git.saurik.com Git - apple/security.git/blob - Security/libsecurity_apple_x509_cl/lib/DecodedExtensions.h
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Security-57031.1.35.tar.gz
[apple/security.git] / Security / libsecurity_apple_x509_cl / lib / DecodedExtensions.h
1 /*
2 * Copyright (c) 2000-2002,2011,2014 Apple Inc. All Rights Reserved.
3 *
4 * The contents of this file constitute Original Code as defined in and are
5 * subject to the Apple Public Source License Version 1.2 (the 'License').
6 * You may not use this file except in compliance with the License. Please obtain
7 * a copy of the License at http://www.apple.com/publicsource and read it before
8 * using this file.
9 *
10 * This Original Code and all software distributed under the License are
11 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
12 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
13 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
14 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
15 * specific language governing rights and limitations under the License.
16 */
17
18
19 /*
20 * DecodedExtensions.h - Intermediate representation of extensions.
21 */
22
23 #ifndef _DECODED_EXTENSIONS_H_
24 #define _DECODED_EXTENSIONS_H_
25
26 #include <Security/cssmtype.h>
27 #include <security_cdsa_utilities/cssmdata.h>
28
29 #include <security_asn1/SecNssCoder.h>
30 #include <Security/X509Templates.h>
31
32 #include "cldebugging.h"
33
34 class DecodedExten
35 {
36 NOCOPY(DecodedExten)
37 public:
38
39 /* member variables only set on construct */
40 DecodedExten(
41 const CSSM_OID &extnId, // copied
42 bool critical,
43 void *nssObj, // NSS_KeyUsage, NSS_BasicConstraints,
44 // etc. NOT COPIED, exists in same
45 // memory space as coder
46 bool berEncoded, // indicates unknown extension
47 // which we do not BER-decode
48 // when parsing a cert
49 const SecAsn1Template *templ, // to decode/encode if !berEncoded
50 SecNssCoder &coder, // all local allocs from here
51 const CSSM_DATA *rawExtn=NULL); // NSS_CertExtension.value, copied to
52 // mRawExtn, optional (not present
53 // during a SetField op)
54 ~DecodedExten();
55
56 /*
57 * Convert this extension to a CSSM_X509_EXTENSION, after its contents
58 * have been converted to a native CDSA object (CE_KeyUsage, etc.).
59 * This is the final step of a getField op involving an extension.
60 */
61 void convertToCdsa(
62 void *cdsaObj, // e.g. CE_KeyUsage
63 // CSSM_DATA_PTR for berEncoded
64 CSSM_X509_EXTENSION_PTR cssmExt, // contents mallocd in alloc's space
65 // and RETURNED
66 Allocator &alloc) const;
67
68 /*
69 * Convert a DecodedExten to a CSSM_X509_EXTENSION. This includes
70 * the mapping of the extnId to a known CDSA type and type and doing the
71 * actual NSS-to-CDSA conversion.
72 */
73 void parse(
74 CSSM_X509_EXTENSION_PTR cssmExt, // mallocd by caller, contents
75 // mallocd in alloc's space,
76 // RETURNED
77 Allocator &alloc) const;
78
79 const CSSM_OID &extnId() const { return mExtnId; }
80 bool critical() const { return mCritical; }
81 void *nssObj() const { return mNssObj; }
82 bool berEncoded() const { return mBerEncoded; }
83 const SecAsn1Template *templ() const { return mTempl; }
84 CSSM_DATA *rawExtn() const { return mRawExtn; }
85 private:
86 CSSM_X509EXT_TAGandVALUE *createTagAndValue(
87 const CSSM_DATA &berValue,
88 Allocator &alloc) const;
89
90 CSSM_OID mExtnId;
91 bool mCritical;
92 void *mNssObj; // NSS_KeyUsage, NSS_BasicConstraints, etc.
93 bool mBerEncoded; // indicates unknown extension which we
94 // do not BER-decode when parsing a cert
95 const SecAsn1Template *mTempl;
96 // used for decode/encode
97 SecNssCoder &mCoder;
98 CSSM_DATA *mRawExtn; // optional BER-encoded extension data, not
99 // present if created via SetField()
100 };
101
102 /*
103 * A variable-size array of DecodedExtens.
104 * Used for storing cert and CRL extensions as well as per-CRL-entry
105 * extensions.
106 */
107 class DecodedExtensions
108 {
109 NOCOPY(DecodedExtensions)
110 public:
111 DecodedExtensions(
112 SecNssCoder &coder, // for local allocs
113 Allocator &alloc); // for user space (copyout) allocs
114 ~DecodedExtensions();
115
116 /* Initialize by decoding an NSS-style NSS_CertExtension array */
117 void decodeFromNss(
118 NSS_CertExtension **extensions);
119
120 /* Encode into a NSS-style NSS_CertExtension array, allocating
121 * both the array pointers and the NSS_Extension elements themselves */
122 void encodeToNss(
123 NSS_CertExtension **&extensions);
124
125 /* add/retrieve entries */
126 void addExtension(
127 const CSSM_OID &extnId, // copied
128 bool critical,
129 void *nssObj, // NSS_BasicConstraints,
130 // etc. NOT COPIED, exists in same
131 // memory space as coder
132 bool berEncoded, // indicates unknown extension
133 // which we do not BER-decode
134 // when parsing a cert
135 const SecAsn1Template *templ, // required if !berEncoded
136 const CSSM_DATA *rawExtn=NULL); // NSS_CertExtension.value, copied,
137 // optional (not present during a
138 // SetField op)
139 const DecodedExten *getExtension(
140 unsigned extenDex) const;
141
142 /*
143 * Convert to CSSM_X509_EXTENSIONS, including conversion to
144 * native CDSA C structs. Only used on CRL side, on a getField
145 * returning the entire parsed CRL. */
146 void convertToCdsa(
147 CSSM_X509_EXTENSIONS &cssmExtens,
148 Allocator &alloc) const;
149
150 unsigned numExtensions() const { return mNumExtensions; }
151
152 private:
153 SecNssCoder &mCoder;
154 Allocator &mAlloc;
155 DecodedExten **mExtensions;
156 unsigned mNumExtensions; // # valid DecodedExtens
157 unsigned mSizeofExtensions; // mallocd size in mExtensions
158 };
159
160 #endif /* _DECODED_EXTENSIONS_H_ */
mirror of Security