-/*
- * Copyright (c) 2002-2004,2011,2013-2014 Apple Inc. All Rights Reserved.
- *
- * @APPLE_LICENSE_HEADER_START@
- *
- * This file contains Original Code and/or Modifications of Original Code
- * as defined in and that are subject to the Apple Public Source License
- * Version 2.0 (the 'License'). You may not use this file except in
- * compliance with the License. Please obtain a copy of the License at
- * http://www.opensource.apple.com/apsl/ and read it before using this
- * file.
- *
- * The Original Code and all software distributed under the License are
- * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
- * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
- * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
- * Please see the License for the specific language governing rights and
- * limitations under the License.
- *
- * @APPLE_LICENSE_HEADER_END@
- */
-
-#include <Security/SecCertificateRequest.h>
-
-#include "SecBridge.h"
-#include "CertificateRequest.h"
-#include "SecImportExport.h"
-#include "SecCertificate.h"
-
-CFTypeID
-SecCertificateRequestGetTypeID(void)
-{
- BEGIN_SECAPI
-
- return gTypes().CertificateRequest.typeID;
-
- END_SECAPI1(_kCFRuntimeNotATypeID)
-}
-
-
-OSStatus SecCertificateRequestCreate(
- const CSSM_OID *policy,
- CSSM_CERT_TYPE certificateType,
- CSSM_TP_AUTHORITY_REQUEST_TYPE requestType,
- SecKeyRef privateKeyItemRef,
- SecKeyRef publicKeyItemRef,
- const SecCertificateRequestAttributeList* attributeList,
- SecCertificateRequestRef* certRequest)
-{
- BEGIN_SECAPI
- Required(certRequest);
- Required(policy);
- *certRequest = (new CertificateRequest(*policy, certificateType, requestType,
- privateKeyItemRef, publicKeyItemRef, attributeList))->handle();
- END_SECAPI
-}
-
-
-OSStatus SecCertificateRequestSubmit(
- SecCertificateRequestRef certRequest,
- sint32* estimatedTime)
-{
- BEGIN_SECAPI
-
- CertificateRequest::required(certRequest)->submit(estimatedTime);
-
- END_SECAPI
-}
-
-
-OSStatus SecCertificateRequestGetType(
- SecCertificateRequestRef certRequestRef,
- CSSM_TP_AUTHORITY_REQUEST_TYPE *requestType)
-{
- BEGIN_SECAPI
-
- Required(requestType);
- *requestType = CertificateRequest::required(certRequestRef)->reqType();
-
- END_SECAPI
-}
-
-OSStatus SecCertificateRequestGetResult(
- SecCertificateRequestRef certRequestRef,
- SecKeychainRef keychain,
- sint32 *estimatedTime,
- SecCertificateRef *certificateRef)
-{
- BEGIN_SECAPI
-
- CssmData certData;
- *certificateRef = NULL;
- CertificateRequest::required(certRequestRef)->getResult(estimatedTime, certData);
- if(certData.data() != NULL) {
- /*
- * Convert to SecCertifcateRef, optionally import.
- */
- CFDataRef cfCert = CFDataCreate(NULL, (UInt8 *)certData.data(), certData.Length);
- SecExternalItemType itemType = kSecItemTypeCertificate;
- CFArrayRef outItems = NULL;
- bool freeKcRef = false;
- OSStatus ortn;
-
- if(keychain == NULL) {
- /*
- * Unlike most Sec* calls, if the keychain argument to SecKeychainItemImport()
- * is NULL, the item is not imported to the default keychain. At our
- * interface, however, a NULL keychain means "import to the default
- * keychain".
- */
- ortn = SecKeychainCopyDefault(&keychain);
- if(ortn) {
- certReqDbg("GetResult: SecKeychainCopyDefault failure");
- /* oh well, there's nothing we can do about this */
- }
- else {
- freeKcRef = true;
- }
- }
- ortn = SecKeychainItemImport(cfCert, NULL,
- NULL, // format, don't care
- &itemType,
- 0, // flags
- NULL, // keyParams
- keychain, // optional, like ours
- &outItems);
- CFRelease(cfCert);
- if(freeKcRef) {
- CFRelease(keychain);
- }
- if(ortn) {
- certReqDbg("SecCertificateRequestGetResult: SecKeychainItemImport failure");
- MacOSError::throwMe(ortn);
- }
- CFIndex numItems = CFArrayGetCount(outItems);
- switch(numItems) {
- case 0:
- certReqDbg("SecCertificateRequestGetResult: import zero items");
- MacOSError::throwMe(errSecInternalComponent);
- default:
- certReqDbg("SecCertificateRequestGetResult: import %d items",
- (int)numItems);
- /* but drop thru anyway, take the first one */
- case 1:
- SecCertificateRef certRef =
- (SecCertificateRef)(CFArrayGetValueAtIndex(outItems, 0));
- if(CFGetTypeID(certRef) != SecCertificateGetTypeID()) {
- certReqDbg("SecCertificateRequestGetResult: bad type");
- }
- else {
- CFRetain(certRef);
- *certificateRef = certRef;
- }
- }
- CFRelease(outItems);
- }
- END_SECAPI
-}
-
-OSStatus SecCertificateFindRequest(
- const CSSM_OID *policy,
- CSSM_CERT_TYPE certificateType,
- CSSM_TP_AUTHORITY_REQUEST_TYPE requestType,
- SecKeyRef publicKeyItemRef,
- SecKeyRef privateKeyItemRef,
- const SecCertificateRequestAttributeList* attributeList,
- SecCertificateRequestRef* certRequest)
-{
- BEGIN_SECAPI
-
- Required(certRequest);
- Required(policy);
- *certRequest = (new CertificateRequest(*policy, certificateType, requestType,
- privateKeyItemRef, publicKeyItemRef, attributeList, false))->handle();
- END_SECAPI
-}
-
-
-OSStatus SecCertificateRequestGetData(
- SecCertificateRequestRef certRequestRef,
- CSSM_DATA *data)
-{
- BEGIN_SECAPI
-
- Required(data);
- CertificateRequest::required(certRequestRef)->getReturnData(CssmData::overlay(*data));
-
- END_SECAPI
-}
projects / apple / security.git / blobdiff