+++ /dev/null
-/*
- * Copyright (c) 2003-2005 Apple Computer, Inc. All Rights Reserved.
- *
- * The contents of this file constitute Original Code as defined in and are
- * subject to the Apple Public Source License Version 1.2 (the 'License').
- * You may not use this file except in compliance with the License. Please
- * obtain a copy of the License at http://www.apple.com/publicsource and
- * read it before using this file.
- *
- * This Original Code and all software distributed under the License are
- * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
- * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
- * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
- * Please see the License for the specific language governing rights and
- * limitations under the License.
- */
-
-/*
- * CertParser.h - cert parser with autorelease of fetched fields
- *
- * Created 24 October 2003 by Doug Mitchell
- */
-
-#include "CertParser.h"
-#import <AvailabilityMacros.h>
-
-#define CP_DEBUG 1
-#if CP_DEBUG
-#define dprintf(args...) printf(args)
-#else
-#define dprintf(args...)
-#endif
-
-#pragma mark --- CP_FetchedField ---
-
-class CP_FetchedField
-{
-public:
- /* construct one fetched field (which will be stored in CertParser's
- * mFetchedFields) */
- CP_FetchedField(
- const CSSM_OID &fieldOid,
- CSSM_DATA_PTR fieldData,
- CSSM_CL_HANDLE clHand);
-
- /* Free the field via CL */
- ~CP_FetchedField();
-private:
- CSSM_OID mFieldOid;
- CSSM_DATA_PTR mFieldData;
- CSSM_CL_HANDLE mClHand;
-};
-
-CP_FetchedField::CP_FetchedField(
- const CSSM_OID &fieldOid,
- CSSM_DATA_PTR fieldData,
- CSSM_CL_HANDLE clHand)
- : mFieldOid(fieldOid), mFieldData(fieldData), mClHand(clHand)
-{
-}
-
-/* Free the field via CL */
-CP_FetchedField::~CP_FetchedField()
-{
- CSSM_CL_FreeFieldValue(mClHand, &mFieldOid, mFieldData);
-}
-
-#pragma mark --- CertParser implementation ---
-
-/* Construct with or without data - you can add the data later with
- * initWithData() to parse without exceptions */
-CertParser::CertParser()
-{
- initFields();
-}
-
-CertParser::CertParser(
- CSSM_CL_HANDLE clHand)
-{
- initFields();
- mClHand = clHand;
-}
-
-CertParser::CertParser(
- CSSM_CL_HANDLE clHand,
- const CSSM_DATA &certData)
-{
- initFields();
- mClHand = clHand;
- CSSM_RETURN crtn = initWithData(certData);
- if(crtn) {
- throw ((int)crtn);
- }
-}
-
-CertParser::CertParser(
- SecCertificateRef secCert)
-{
- initFields();
- OSStatus ortn = initWithSecCert(secCert);
- if(ortn) {
- throw ((int)ortn);
- }
-}
-
-/* frees all the fields we fetched */
-CertParser::~CertParser()
-{
- if(mClHand && mCacheHand) {
- CSSM_RETURN crtn = CSSM_CL_CertAbortCache(mClHand, mCacheHand);
- if(crtn) {
- /* almost certainly a bug */
- printf("Internal Error: CertParser error on free.");
- cssmPerror("CSSM_CL_CertAbortCache", crtn);
- }
- }
- vector<CP_FetchedField *>::iterator iter;
- for(iter=mFetchedFields.begin(); iter!=mFetchedFields.end(); iter++) {
- delete *iter;
- }
-}
-
-/* common init for all constructors */
-void CertParser::initFields()
-{
- mClHand = 0;
- mCacheHand = 0;
-}
-
-/*** NO MORE EXCEPTIONS ***/
-
-/*
- * No cert- or CDSA-related exceptions thrown by remainder.
- * This is the core initializer: have the CL parse and cache the cert.
- */
-CSSM_RETURN CertParser::initWithData(
- const CSSM_DATA &certData)
-{
- assert(mClHand != 0);
- CSSM_RETURN crtn = CSSM_CL_CertCache(mClHand, &certData, &mCacheHand);
- #if CP_DEBUG
- if(crtn) {
- cssmPerror("CSSM_CL_CertCache", crtn);
- }
- #endif
- return crtn;
-}
-
-OSStatus CertParser::initWithSecCert(
- SecCertificateRef secCert)
-{
- OSStatus ortn;
- CSSM_DATA certData;
-
- assert(mClHand == 0);
- ortn = SecCertificateGetCLHandle(secCert, &mClHand);
- if(ortn) {
- return ortn;
- }
- ortn = SecCertificateGetData(secCert, &certData);
- if(ortn) {
- return ortn;
- }
- return (OSStatus)initWithData(certData);
-}
-
-CSSM_RETURN CertParser::initWithCFData(
- CFDataRef cfData)
-{
- CSSM_DATA cdata;
-
- cdata.Data = (uint8 *)CFDataGetBytePtr(cfData);
- cdata.Length = CFDataGetLength(cfData);
- return initWithData(cdata);
-}
-
-/*
- * Obtain atrbitrary field from cached cert. This class takes care of freeing
- * the field in its destructor.
- *
- * Returns NULL if field not found (not exception).
- *
- * Caller optionally specifies field length to check - specifying zero means
- * "don't care, don't check". Actual field length always returned in fieldLength.
- */
-const void *CertParser::fieldForOid(
- const CSSM_OID &oid,
- CSSM_SIZE &fieldLength) // IN/OUT
-{
- CSSM_RETURN crtn;
-
- uint32 NumberOfFields = 0;
- CSSM_HANDLE resultHand = 0;
- CSSM_DATA_PTR fieldData = NULL;
-
- assert(mClHand != 0);
- assert(mCacheHand != 0);
- crtn = CSSM_CL_CertGetFirstCachedFieldValue(
- mClHand,
- mCacheHand,
- &oid,
- &resultHand,
- &NumberOfFields,
- &fieldData);
- if(crtn) {
- /* not an error; just means that the cert doesn't have this field */
- return NULL;
- }
- assert(NumberOfFields == 1);
- CSSM_CL_CertAbortQuery(mClHand, resultHand);
-
- if(fieldLength) {
- if(fieldLength != fieldData->Length) {
- /* FIXME what's a good way to log in this situation? */
- printf("***CertParser::fieldForOid: field length mismatch\n");
- return NULL;
- }
- }
- /* Store the OID and the field for autorelease */
- CP_FetchedField *cpField = new CP_FetchedField(oid, fieldData, mClHand);
- mFetchedFields.push_back(cpField);
- fieldLength = fieldData->Length;
- return fieldData->Data;
-}
-
-/*
- * Conveneince routine to fetch an extension we "know" the CL can parse.
- * The return value gets cast to one of the CE_Data types.
- */
-const void *CertParser::extensionForOid(
- const CSSM_OID &oid)
-{
- CSSM_SIZE len = sizeof(CSSM_X509_EXTENSION);
- CSSM_X509_EXTENSION *cssmExt =
- (CSSM_X509_EXTENSION *)fieldForOid(oid, len);
- if(cssmExt) {
- if(cssmExt->format != CSSM_X509_DATAFORMAT_PARSED) {
- printf("***Badly formatted extension");
- return NULL;
- }
- return cssmExt->value.parsedValue;
- }
- else {
- return NULL;
- }
-}
-
projects / apple / security.git / blobdiff