1/*
2 * Copyright (c) 2003 Apple Computer, Inc. All Rights Reserved.
3 *
4 * The contents of this file constitute Original Code as defined in and are
5 * subject to the Apple Public Source License Version 1.2 (the 'License').
6 * You may not use this file except in compliance with the License. Please obtain
7 * a copy of the License at http://www.apple.com/publicsource and read it before
8 * using this file.
9 *
10 * This Original Code and all software distributed under the License are
11 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
12 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
13 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
14 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
15 * specific language governing rights and limitations under the License.
16 */
17
18/*
19 * clNssUtils.h - support for libnssasn1-based ASN1 encode/decode
20 */
21
22#ifndef	_CL_NSS_UTILS_H_
23#define _CL_NSS_UTILS_H_
24
25#include <security_asn1/SecNssCoder.h>
26#include <Security/certExtensionTemplates.h>
27#include <security_utilities/alloc.h>
28#include <Security/cssm.h>
29#include "DecodedCert.h"
30
31/*
32 * A Allocator which is actually based upon a PLArenaPool. This only
33 * mallocs, it doesn't have a free - all memory allocated with this
34 * object is freed when the SecNssCoder associated with this object is
35 * freed. It's used to malloc the fields in DecodedCert.mCert and
36 * DecodedCrl.mCrl.
37 */
38class ArenaAllocator : public Security::Allocator
39{
40	NOCOPY(ArenaAllocator)
41public:
42	ArenaAllocator(SecNssCoder &coder)
43		: mCoder(coder) { }
44	~ArenaAllocator() { }
45	void *malloc(size_t) throw(std::bad_alloc) ;
46	void free(void *) throw() ;
47	void *realloc(void *, size_t) throw(std::bad_alloc);
48private:
49	SecNssCoder		&mCoder;
50};
51
52/*
53 * Misc. alloc/copy with arbitrary Allocator
54 */
55
56/* malloc d.Data, set d.Length */
57void clAllocData(
58	Allocator	&alloc,
59	CSSM_DATA		&dst,
60	size_t			len);
61
62/* malloc and copy */
63void clAllocCopyData(
64	Allocator	&alloc,
65	const CSSM_DATA	&src,
66	CSSM_DATA		&dst);
67
68/* return true if two CSSM_DATAs (or two CSSM_OIDs) compare equal */
69bool clCompareCssmData(
70	const CSSM_DATA *data1,
71	const CSSM_DATA *data2);
72
73/*
74 * CSSM_DATA --> uint32
75 */
76uint32 clDataToInt(
77	const CSSM_DATA &cdata,
78	CSSM_RETURN toThrow = CSSMERR_CL_INVALID_CERT_POINTER);
79void clIntToData(
80	uint32 num,
81	CSSM_DATA &cdata,
82	Allocator &alloc);
83
84/* CSSM_BOOL <--> CSSM_DATA */
85CSSM_BOOL clNssBoolToCssm(
86	const CSSM_DATA	&nssBool);
87void clCssmBoolToNss(
88	CSSM_BOOL cBool,
89	CSSM_DATA &nssBool,
90	Allocator &alloc);
91
92/* Bit String */
93void clCssmBitStringToNss(
94	CSSM_DATA &b);
95void clNssBitStringToCssm(
96	CSSM_DATA &b);
97
98/* How many items in a NULL-terminated array of pointers? */
99unsigned clNssArraySize(
100	const void **array);
101
102/* malloc a NULL-ed array of pointers of size num+1 */
103void **clNssNullArray(
104	uint32 num,
105	SecNssCoder &coder);
106
107CE_KeyUsage clBitStringToKeyUsage(
108	const CSSM_DATA &cdata);
109
110CSSM_ALGORITHMS CL_oidToAlg(
111	const CSSM_OID &oid);
112
113void CL_copyAlgId(
114	const CSSM_X509_ALGORITHM_IDENTIFIER &srcAlgId,
115	CSSM_X509_ALGORITHM_IDENTIFIER &destAlgId,
116	Allocator &alloc);
117void CL_freeCssmAlgId(
118	CSSM_X509_ALGORITHM_IDENTIFIER	*cdsaObj,		// optional
119	Allocator 					&alloc);
120
121
122bool CL_nssTimeToCssm(
123	const NSS_Time	    &derTime,
124	CSSM_X509_TIME		&cssmObj,
125	Allocator 		&alloc);
126void CL_cssmTimeToNss(
127	const CSSM_X509_TIME &cssmTime,
128	NSS_Time			&nssTime,
129	SecNssCoder 		&coder);
130void CL_freeCssmTime(
131	CSSM_X509_TIME		*cssmTime,
132	Allocator		&alloc);
133
134void CL_nullAlgParams(
135	CSSM_X509_ALGORITHM_IDENTIFIER	&algId);
136
137void CL_copySubjPubKeyInfo(
138	const CSSM_X509_SUBJECT_PUBLIC_KEY_INFO &srcInfo,
139	bool srcInBits,
140	CSSM_X509_SUBJECT_PUBLIC_KEY_INFO &dstInfo,
141	bool dstInBits,
142	Allocator &alloc);
143CSSM_KEY_PTR CL_extractCSSMKeyNSS(
144	const CSSM_X509_SUBJECT_PUBLIC_KEY_INFO	&keyInfo,
145	Allocator				&alloc,
146	const DecodedCert		*decodedCert);			// optional
147void CL_CSSMKeyToSubjPubKeyInfoNSS(
148	const CSSM_KEY 						&cssmKey,
149	CSSM_X509_SUBJECT_PUBLIC_KEY_INFO	&nssKeyInfo,
150	SecNssCoder							&coder);
151void CL_freeCSSMKey(
152	CSSM_KEY_PTR		cssmKey,
153	Allocator			&alloc,
154	bool				freeTop = true);	// delete the actual key
155											// as well as contents
156
157void CL_cssmAuthorityKeyIdToNss(
158	const CE_AuthorityKeyID 	&cdsaObj,
159	NSS_AuthorityKeyId 			&nssObj,
160	SecNssCoder 				&coder);
161void CL_nssAuthorityKeyIdToCssm(
162	const NSS_AuthorityKeyId 	&nssObj,
163	CE_AuthorityKeyID 			&cdsaObj,
164	SecNssCoder 				&coder,	// for temp decoding
165	Allocator					&alloc);
166
167void CL_cssmInfoAccessToNss(
168	const CE_AuthorityInfoAccess	&cdsaObj,
169	NSS_AuthorityInfoAccess			&nssObj,
170	SecNssCoder						&coder);
171void CL_infoAccessToCssm(
172	const NSS_AuthorityInfoAccess 	&nssObj,
173	CE_AuthorityInfoAccess			&cdsaObj,
174	SecNssCoder						&coder,	// for temp decoding
175	Allocator						&alloc);
176void CL_freeInfoAccess(
177	CE_AuthorityInfoAccess			&cssmInfo,
178	Allocator						&alloc);
179
180void CL_cssmQualCertStatementsToNss(
181	const CE_QC_Statements	 	&cdsaObj,
182	NSS_QC_Statements 			&nssObj,
183	SecNssCoder 				&coder);
184void CL_qualCertStatementsToCssm(
185	const NSS_QC_Statements 	&nssObj,
186	CE_QC_Statements 			&cdsaObj,
187	SecNssCoder 				&coder,	// for temp decoding
188	Allocator					&alloc);
189void CL_freeQualCertStatements(
190	CE_QC_Statements			&cssmQCs,
191	Allocator					&alloc);
192
193void CL_decodeDistributionPointName(
194	const CSSM_DATA				&nssBlob,
195	CE_DistributionPointName	&cssmDpn,
196	SecNssCoder					&coder,
197	Allocator					&alloc);
198void CL_encodeDistributionPointName(
199	CE_DistributionPointName 	&cpoint,
200	CSSM_DATA 					&npoint,
201	SecNssCoder 				&coder);
202void CL_cssmDistPointsToNss(
203	const CE_CRLDistPointsSyntax 	&cdsaObj,
204	NSS_CRLDistributionPoints		&nssObj,
205	SecNssCoder 					&coder);
206void CL_nssDistPointsToCssm(
207	const NSS_CRLDistributionPoints	&nssObj,
208	CE_CRLDistPointsSyntax			&cdsaObj,
209	SecNssCoder 					&coder,	// for temp decoding
210	Allocator						&alloc);
211
212void CL_nssIssuingDistPointToCssm(
213	NSS_IssuingDistributionPoint	*nssIdp,
214	CE_IssuingDistributionPoint		*cssmIdp,
215	SecNssCoder						&coder,
216	Allocator						&alloc);
217
218void CL_cssmNameConstraintsToNss(
219	const CE_NameConstraints		&cdsaObj,
220	NSS_NameConstraints				&nssObj,
221	SecNssCoder 					&coder);
222void CL_nssNameConstraintsToCssm(
223	const NSS_NameConstraints		&nssObj,
224	CE_NameConstraints				&cdsaObj,
225	SecNssCoder 					&coder,	// for temp decoding
226	Allocator						&alloc);
227void CL_freeCssmNameConstraints(
228	CE_NameConstraints				*cssmNcs,
229	Allocator						&alloc);
230
231void CL_cssmPolicyMappingsToNss(
232	const CE_PolicyMappings			&cdsaObj,
233	NSS_PolicyMappings				&nssObj,
234	SecNssCoder						&coder);
235void CL_nssPolicyMappingsToCssm(
236	const NSS_PolicyMappings		&nssObj,
237	CE_PolicyMappings				&cdsaObj,
238	SecNssCoder 					&coder,	// for temp decoding
239	Allocator						&alloc);
240void CL_freeCssmPolicyMappings(
241	CE_PolicyMappings				*cssmPms,
242	Allocator						&alloc);
243
244void CL_cssmPolicyConstraintsToNss(
245	const CE_PolicyConstraints		*cdsaObj,
246	NSS_PolicyConstraints			*nssObj,
247	SecNssCoder						&coder);
248void CL_nssPolicyConstraintsToCssm(
249	const NSS_PolicyConstraints		*nssObj,
250	CE_PolicyConstraints			*cdsaObj,
251	SecNssCoder 					&coder,	// for temp decoding
252	Allocator						&alloc);
253void CL_freeCssmPolicyConstraints(
254	CE_PolicyConstraints			*cssmPcs,
255	Allocator						&alloc);
256
257CSSM_ALGORITHMS CL_nssDecodeECDSASigAlgParams(
258	const CSSM_DATA &algParams,
259	SecNssCoder &coder);
260
261void CL_certCrlDecodeComponents(
262	const CssmData 	&signedItem,		// DER-encoded cert or CRL
263	CssmOwnedData	&tbsBlob,			// still DER-encoded
264	CssmOwnedData	&algId,				// ditto
265	CssmOwnedData	&rawSig);			// raw bits (not an encoded AsnBits)
266void
267CL_certEncodeComponents(
268	const CssmData		&TBSCert,		// DER-encoded
269	const CssmData		&algId,			// ditto
270	const CssmData		&rawSig,		// raw bits, not encoded
271	CssmOwnedData 		&signedCert);	// DER-encoded
272
273#endif	/* _CL_NSS_UTILS_H_ */
274