]> git.saurik.com Git - apple/security.git/blob - AppleX509CL/DecodedExtensions.h
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Security-163.tar.gz
[apple/security.git] / AppleX509CL / DecodedExtensions.h
1 /*
2 * Copyright (c) 2000-2002 Apple Computer, Inc. All Rights Reserved.
3 *
4 * The contents of this file constitute Original Code as defined in and are
5 * subject to the Apple Public Source License Version 1.2 (the 'License').
6 * You may not use this file except in compliance with the License. Please obtain
7 * a copy of the License at http://www.apple.com/publicsource and read it before
8 * using this file.
9 *
10 * This Original Code and all software distributed under the License are
11 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
12 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
13 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
14 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
15 * specific language governing rights and limitations under the License.
16 */
17
18
19 /*
20 * DecodedExtensions.h - Intermediate representation of extensions.
21 */
22
23 #ifndef _DECODED_EXTENSIONS_H_
24 #define _DECODED_EXTENSIONS_H_
25
26 #include <Security/cssmtype.h>
27 #include <Security/cssmdata.h>
28
29 #include <SecurityNssAsn1/SecNssCoder.h>
30 #include <SecurityNssAsn1/X509Templates.h>
31
32 #include "cldebugging.h"
33
34 class DecodedExten
35 {
36 NOCOPY(DecodedExten)
37 public:
38
39 /* member variables only set on construct */
40 DecodedExten(
41 const CSSM_OID &extnId, // copied
42 bool critical,
43 void *nssObj, // NSS_KeyUsage, NSS_BasicConstraints,
44 // etc. NOT COPIED, exists in same
45 // memory space as coder
46 bool berEncoded, // indicates unknown extension
47 // which we do not BER-decode
48 // when parsing a cert
49 const SEC_ASN1Template *templ, // to decode/encode if !berEncoded
50 SecNssCoder &coder, // all local allocs from here
51 const CSSM_DATA *rawExtn=NULL); // NSS_CertExtension.value, copied to
52 // mRawExtn, optional (not present
53 // during a SetField op)
54 ~DecodedExten();
55
56 /*
57 * Convert this extension to a CSSM_X509_EXTENSION, after its contents
58 * have been converted to a native CDSA object (CE_KeyUsage, etc.).
59 * This is the final step of a getField op involving an extension.
60 */
61 void convertToCdsa(
62 void *cdsaObj, // e.g. CE_KeyUsage
63 // CSSM_DATA_PTR for berEncoded
64 CSSM_X509_EXTENSION_PTR cssmExt, // contents mallocd in alloc's space
65 // and RETURNED
66 CssmAllocator &alloc) const;
67
68 /*
69 * Convert a DecodedExten to a CSSM_X509_EXTENSION. This includes
70 * the mapping of the extnId to a known CDSA type and type and doing the
71 * actual NSS-to-CDSA conversion.
72 */
73 void parse(
74 CSSM_X509_EXTENSION_PTR cssmExt, // mallocd by caller, contents
75 // mallocd in alloc's space,
76 // RETURNED
77 CssmAllocator &alloc) const;
78
79 const CSSM_OID &extnId() const { return mExtnId; }
80 bool critical() const { return mCritical; }
81 void *nssObj() const { return mNssObj; }
82 bool berEncoded() const { return mBerEncoded; }
83 const SEC_ASN1Template *templ() const { return mTempl; }
84 CSSM_DATA *rawExtn() const { return mRawExtn; }
85 private:
86 CSSM_OID mExtnId;
87 bool mCritical;
88 void *mNssObj; // NSS_KeyUsage, NSS_BasicConstraints, etc.
89 bool mBerEncoded; // indicates unknown extension which we
90 // do not BER-decode when parsing a cert
91 const SEC_ASN1Template *mTempl;
92 // used for decode/encode
93 SecNssCoder &mCoder;
94 CSSM_DATA *mRawExtn; // optional BER-encoded extension data, not
95 // present if created via SetField()
96 };
97
98 /*
99 * A variable-size array of DecodedExtens.
100 * Used for storing cert and CRL extensions as well as per-CRL-entry
101 * extensions.
102 */
103 class DecodedExtensions
104 {
105 NOCOPY(DecodedExtensions)
106 public:
107 DecodedExtensions(
108 SecNssCoder &coder, // for local allocs
109 CssmAllocator &alloc); // for user space (copyout) allocs
110 ~DecodedExtensions();
111
112 /* Initialize by decoding an NSS-style NSS_CertExtension array */
113 void decodeFromNss(
114 NSS_CertExtension **extensions);
115
116 /* Encode into a NSS-style NSS_CertExtension array, allocating
117 * both the array pointers and the NSS_Extension elements themselves */
118 void encodeToNss(
119 NSS_CertExtension **&extensions);
120
121 /* add/retrieve entries */
122 void addExtension(
123 const CSSM_OID &extnId, // copied
124 bool critical,
125 void *nssObj, // NSS_BasicConstraints,
126 // etc. NOT COPIED, exists in same
127 // memory space as coder
128 bool berEncoded, // indicates unknown extension
129 // which we do not BER-decode
130 // when parsing a cert
131 const SEC_ASN1Template *templ, // required if !berEncoded
132 const CSSM_DATA *rawExtn=NULL); // NSS_CertExtension.value, copied,
133 // optional (not present during a
134 // SetField op)
135 const DecodedExten *getExtension(
136 unsigned extenDex) const;
137
138 /*
139 * Convert to CSSM_X509_EXTENSIONS, including conversion to
140 * native CDSA C structs. Only used on CRL side, on a getField
141 * returning the entire parsed CRL. */
142 void convertToCdsa(
143 CSSM_X509_EXTENSIONS &cssmExtens,
144 CssmAllocator &alloc) const;
145
146 unsigned numExtensions() const { return mNumExtensions; }
147
148 private:
149 SecNssCoder &mCoder;
150 CssmAllocator &mAlloc;
151 DecodedExten **mExtensions;
152 unsigned mNumExtensions; // # valid DecodedExtens
153 unsigned mSizeofExtensions; // mallocd size in mExtensions
154 };
155
156 #endif /* _DECODED_EXTENSIONS_H_ */
mirror of Security