Coverage Report

Created: 2024-11-21 07:03

/src/nss-nspr/nss/lib/certhigh/crlv2.c
Line
Count
Source (jump to first uncovered line)
1
/* This Source Code Form is subject to the terms of the Mozilla Public
2
 * License, v. 2.0. If a copy of the MPL was not distributed with this
3
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4
5
/*
6
 * Code for dealing with x.509 v3 crl and crl entries extensions.
7
 */
8
9
#include "cert.h"
10
#include "secitem.h"
11
#include "secoid.h"
12
#include "secoidt.h"
13
#include "secder.h"
14
#include "secasn1.h"
15
#include "certxutl.h"
16
17
SECStatus
18
CERT_FindCRLExtensionByOID(CERTCrl *crl, SECItem *oid, SECItem *value)
19
0
{
20
0
    return (cert_FindExtensionByOID(crl->extensions, oid, value));
21
0
}
22
23
SECStatus
24
CERT_FindCRLExtension(CERTCrl *crl, int tag, SECItem *value)
25
0
{
26
0
    return (cert_FindExtension(crl->extensions, tag, value));
27
0
}
28
29
/* Callback to set extensions and adjust verison */
30
static void
31
SetCrlExts(void *object, CERTCertExtension **exts)
32
0
{
33
0
    CERTCrl *crl = (CERTCrl *)object;
34
35
0
    crl->extensions = exts;
36
0
    DER_SetUInteger(crl->arena, &crl->version, SEC_CRL_VERSION_2);
37
0
}
38
39
void *
40
CERT_StartCRLExtensions(CERTCrl *crl)
41
0
{
42
0
    return (cert_StartExtensions((void *)crl, crl->arena, SetCrlExts));
43
0
}
44
45
static void
46
SetCrlEntryExts(void *object, CERTCertExtension **exts)
47
0
{
48
0
    CERTCrlEntry *crlEntry = (CERTCrlEntry *)object;
49
50
0
    crlEntry->extensions = exts;
51
0
}
52
53
void *
54
CERT_StartCRLEntryExtensions(CERTCrl *crl, CERTCrlEntry *entry)
55
0
{
56
0
    return (cert_StartExtensions(entry, crl->arena, SetCrlEntryExts));
57
0
}
58
59
SECStatus
60
CERT_FindCRLNumberExten(PLArenaPool *arena, CERTCrl *crl,
61
                        SECItem *value)
62
0
{
63
0
    SECItem encodedExtenValue;
64
0
    SECItem *tmpItem = NULL;
65
0
    SECStatus rv;
66
0
    void *mark = NULL;
67
68
0
    encodedExtenValue.data = NULL;
69
0
    encodedExtenValue.len = 0;
70
71
0
    rv = cert_FindExtension(crl->extensions, SEC_OID_X509_CRL_NUMBER,
72
0
                            &encodedExtenValue);
73
0
    if (rv != SECSuccess)
74
0
        return (rv);
75
76
0
    mark = PORT_ArenaMark(arena);
77
78
0
    tmpItem = SECITEM_ArenaDupItem(arena, &encodedExtenValue);
79
0
    if (tmpItem) {
80
0
        rv = SEC_QuickDERDecodeItem(arena, value,
81
0
                                    SEC_ASN1_GET(SEC_IntegerTemplate),
82
0
                                    tmpItem);
83
0
    } else {
84
0
        rv = SECFailure;
85
0
    }
86
87
0
    PORT_Free(encodedExtenValue.data);
88
0
    if (rv == SECFailure) {
89
0
        PORT_ArenaRelease(arena, mark);
90
0
    } else {
91
0
        PORT_ArenaUnmark(arena, mark);
92
0
    }
93
0
    return (rv);
94
0
}
95
96
SECStatus
97
CERT_FindCRLEntryReasonExten(CERTCrlEntry *crlEntry,
98
                             CERTCRLEntryReasonCode *value)
99
0
{
100
0
    SECItem wrapperItem = { siBuffer, 0 };
101
0
    SECItem tmpItem = { siBuffer, 0 };
102
0
    SECStatus rv;
103
0
    PLArenaPool *arena = NULL;
104
105
0
    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
106
0
    if (!arena) {
107
0
        return (SECFailure);
108
0
    }
109
110
0
    rv = cert_FindExtension(crlEntry->extensions, SEC_OID_X509_REASON_CODE,
111
0
                            &wrapperItem);
112
0
    if (rv != SECSuccess) {
113
0
        goto loser;
114
0
    }
115
116
0
    rv = SEC_QuickDERDecodeItem(arena, &tmpItem,
117
0
                                SEC_ASN1_GET(SEC_EnumeratedTemplate),
118
0
                                &wrapperItem);
119
120
0
    if (rv != SECSuccess) {
121
0
        goto loser;
122
0
    }
123
124
0
    *value = (CERTCRLEntryReasonCode)DER_GetInteger(&tmpItem);
125
126
0
loser:
127
0
    if (arena) {
128
0
        PORT_FreeArena(arena, PR_FALSE);
129
0
    }
130
131
0
    if (wrapperItem.data) {
132
0
        PORT_Free(wrapperItem.data);
133
0
    }
134
135
0
    return (rv);
136
0
}
137
138
SECStatus
139
CERT_FindInvalidDateExten(CERTCrl *crl, PRTime *value)
140
0
{
141
0
    SECItem encodedExtenValue;
142
0
    SECItem decodedExtenValue = { siBuffer, 0 };
143
0
    SECStatus rv;
144
145
0
    encodedExtenValue.data = decodedExtenValue.data = NULL;
146
0
    encodedExtenValue.len = decodedExtenValue.len = 0;
147
148
0
    rv = cert_FindExtension(crl->extensions, SEC_OID_X509_INVALID_DATE, &encodedExtenValue);
149
0
    if (rv != SECSuccess)
150
0
        return (rv);
151
152
0
    rv = SEC_ASN1DecodeItem(NULL, &decodedExtenValue,
153
0
                            SEC_ASN1_GET(SEC_GeneralizedTimeTemplate),
154
0
                            &encodedExtenValue);
155
0
    if (rv == SECSuccess)
156
0
        rv = DER_GeneralizedTimeToTime(value, &encodedExtenValue);
157
0
    PORT_Free(decodedExtenValue.data);
158
0
    PORT_Free(encodedExtenValue.data);
159
0
    return (rv);
160
0
}