protocolf.c

安全开发库。含客户端建立ssl连接、签名、证书验证、证书发布和撤销等。编译用到nss

  loser:
    if (importCertReply && *importCertReply)
      PR_Free(*importCertReply);
    return 0;
  }

PRStatus
SSM_ParseFindCertByNicknameRequest(void *request, char ** nickname)
{
    unsigned char * curPtr = request;
    PRStatus rv = PR_SUCCESS;

    /* Do some basic parameter checking */
    if (!request || !nickname) {
        rv = PR_FAILURE;
        goto loser;
    }

    /* Get the certificate nickname */
    rv = SSM_SSMStringToString(nickname, NULL, (SSMString*)curPtr);
    if (rv != PR_SUCCESS) {
        goto loser;
    }
    goto done;
loser:
done:
    if (request) {
        PR_Free(request);
    }
    return rv;
}

PRInt32
SSM_PackFindCertByNicknameReply(void ** reply, PRUint32 resourceID)
{
    unsigned char *curPtr;
    PRInt32 replyLength;

    /* Do some basic parameter checking */
    if (!reply) {
        goto loser;
    }

    /* Calculate the message length */
    replyLength = sizeof(PRUint32);

    curPtr = *reply = PR_Malloc(replyLength);
    if (!curPtr) {
        goto loser;
    }

    *(PRUint32*)curPtr = PR_htonl(resourceID);

    return replyLength;
loser:
    if (reply && *reply) {
        PR_Free(*reply);
    }
    return 0;
}

PRStatus
SSM_ParseFindCertByKeyRequest(void *request, SECItem ** key)
{
    unsigned char *curPtr = request;
    PRStatus rv = PR_SUCCESS;

    /* Do some basic parameter checking */
    if (!request || !key) {
        rv = PR_FAILURE;
        goto loser;
    }

    /* Allocate the key */
    *key = PR_NEWZAP(SECItem);
    if (!(*key)) {
        goto loser;
    }

    /* Get the key */
    rv = SSM_SSMStringToString(&((*key)->data), &((*key)->len),
			       (SSMString*)curPtr);
    if (rv != PR_SUCCESS) {
        goto loser;
    }
    goto done;
loser:
    if (*key) {
        if ((*key)->data) {
            PR_Free((*key)->data);
        }
        PR_Free(*key);
    }
done:
    if (request) {
        PR_Free(request);
    }
    return rv;
}

PRInt32
SSM_PackFindCertByKeyReply(void ** reply, PRUint32 resourceID)
{
    unsigned char *curPtr;
    PRInt32 replyLength;

    /* Do some basic parameter checking */
    if (!reply) {
        goto loser;
    }

    /* Calculate the message length */
    replyLength = sizeof(PRUint32);

    curPtr = *reply = PR_Malloc(replyLength);
    if (!curPtr) {
        goto loser;
    }

    *(PRUint32*)curPtr = PR_htonl(resourceID);

    return replyLength;
loser:
    if (reply && *reply) {
        PR_Free(*reply);
    }
    return 0;
}

PRStatus
SSM_ParseFindCertByEmailAddrRequest(void *request, char ** emailAddr)
{
    unsigned char * curPtr = request;
    PRStatus rv = PR_SUCCESS;

    /* Do some basic parameter checking */
    if (!request || !emailAddr) {
        rv = PR_FAILURE;
        goto loser;
    }

    /* Get the certificate nickname */
    rv = SSM_SSMStringToString(emailAddr, NULL, (SSMString*)curPtr);
    if (rv != PR_SUCCESS) {
        goto loser;
    }
    goto done;
loser:
done:
    if (request) {
        PR_Free(request);
    }
    return rv;
}

PRInt32
SSM_PackFindCertByEmailAddrReply(void ** reply, PRUint32 resourceID)
{
    unsigned char *curPtr;
    PRInt32 replyLength;

    /* Do some basic parameter checking */
    if (!reply) {
        goto loser;
    }

    /* Calculate the message length */
    replyLength = sizeof(PRUint32);

    curPtr = *reply = PR_Malloc(replyLength);
    if (!curPtr) {
        goto loser;
    }

    *(PRUint32*)curPtr = PR_htonl(resourceID);

    return replyLength;
loser:
    if (reply && *reply) {
        PR_Free(*reply);
    }
    return 0;
}

PRStatus
SSM_ParseAddTempCertToDBRequest(void *request, PRUint32 *resourceID, char ** nickname, PRInt32 *ssl, PRInt32 *email, PRInt32 *objectSigning)
{
    unsigned char * curPtr = request;
    PRStatus rv = PR_SUCCESS;

    /* Do some basic parameter checking */
    if (!request || !resourceID || !nickname) {
        rv = PR_FAILURE;
        goto loser;
    }

    /* Get the resource ID */
    *resourceID = PR_ntohl(*(PRInt32*)curPtr);
    curPtr += sizeof(PRInt32);

    /* Get the nickname */
    rv = SSM_SSMStringToString(nickname, NULL, (SSMString*)curPtr);
    if (rv != PR_SUCCESS) {
        goto loser;
    }

    /* SSL */
    *ssl = PR_ntohl(*(PRInt32*)curPtr);
    curPtr += sizeof(PRInt32);

    /* Email */
    *email = PR_ntohl(*(PRInt32*)curPtr);
    curPtr += sizeof(PRInt32);

    /* Object signing */
    *objectSigning = PR_ntohl(*(PRInt32*)curPtr);
    curPtr += sizeof(PRInt32);

    goto done;
loser:
    if (nickname && *nickname) {
        PR_Free(*nickname);
    }
done:
    if (request) {
        PR_Free(request);
    }
    return rv;
}

PRInt32
SSM_PackAddTempCertToDBReply(void ** reply)
{
    unsigned char *curPtr;
    PRInt32 replyLength;

    /* Do some basic parameter checking */
    if (!reply) {
        goto loser;
    }

    /* Calculate the message length */
    replyLength = sizeof(PRInt32)*3;

    curPtr = *reply = PR_Malloc(replyLength);
    if (!curPtr) {
        goto loser;
    }

    return replyLength;
loser:
    if (reply && *reply) {
        PR_Free(*reply);
    }
    return 0;
}

PRStatus SSM_ParseMatchUserCertRequest(void *request, MatchUserCertRequestData** data)
{
    MatchUserCertRequestData * requestData;
    char *curPtr = request;
    PRStatus rv = PR_SUCCESS;
    int i;

    /* Do some basic parameter checking */
    if (!request || !data) {
        rv = PR_FAILURE;
        goto loser;
    }

    /* Allocate the reply structure */
    requestData = PR_NEWZAP(MatchUserCertRequestData);
    if (NULL == requestData) {
        rv = PR_FAILURE;
        goto loser;
    }

    /* Get the cert type */
    requestData->certType = PR_ntohl(*(PRUint32*)curPtr);
    curPtr += sizeof(PRUint32);

    /* Get the number of CAs */
    requestData->numCANames = PR_ntohl(*(PRInt32*)curPtr);
    curPtr += sizeof(PRInt32);

    /* Get the CA names */
    for (i = 0; i < requestData->numCANames; i++) {
        rv = SSM_SSMStringToString(&(requestData->caNames[i]), NULL, (SSMString*)curPtr);
        if (rv != PR_SUCCESS) {
            goto loser;
        }
        curPtr += SSM_SIZEOF_STRING(*(SSMString*)curPtr);
    }

    *data = requestData;

    goto done;
loser:
    if (requestData) {
        PR_Free(requestData);
    }
done:
    if (request) {
        PR_Free(request);
    }
    return rv;
}

PRInt32 SSM_PackMatchUserCertReply(void **reply, SSMCertList * certList)
{
    unsigned char *curPtr;
    PRInt32 replyLength;
    int i;
    SSMCertListElement *head;

    /* Do some basic parameter checking */
    if (!reply) {
        goto loser;
    }

    /* Calculate the message length */
    replyLength = sizeof(PRInt32) + (certList->count)*sizeof(PRUint32);

    curPtr = *reply = PR_Malloc(replyLength);
    if (!curPtr) {
        goto loser;
    }

    /* Count */
    *((PRInt32*)curPtr) = PR_htonl(certList->count);
    curPtr += sizeof(PRInt32);

    /* Get the first element */
    head = SSM_CERT_LIST_ELEMENT_PTR(certList->certs.next);

    for (i = 0; i < certList->count; i++) {
        *((PRUint32*)curPtr) = PR_htonl(head->certResID);
        curPtr += sizeof(PRUint32);
        head = SSM_CERT_LIST_ELEMENT_PTR(head->links.next);
    }

    return replyLength;
loser:
    /* XXX Free memory here */
    return 0;
}

SSMPRInt32
SSM_PackErrorMessage(void ** errorReply, SSMPRInt32 result)
{
  SSMPRInt32 blobSize;
  
  if (!errorReply) {
    SSMPORT_SetError(SSMPR_INVALID_ARGUMENT_ERROR);
    return 0;
  }  
  *errorReply = NULL;
  blobSize = sizeof(SSMPRInt32) + sizeof(SSMPRUint32);

  /* allocate space for the "blob" */
  *errorReply = (void *)SSMPORT_ZAlloc(blobSize);
  if (!*errorReply) { 
    SSMPORT_SetError(SSMPR_OUT_OF_MEMORY_ERROR);
    return 0;
  }
  *(SSMPRInt32 *)(*errorReply) = SSMPR_htonl(result);
  return blobSize;
}

SSMPRStatus
SSM_ParseKeyPairGenRequest(void *keyPairGenRequest, SSMPRInt32 requestLen,
                           SSMPRUint32 *keyGenCtxtID,
			   SSMPRUint32 *genMechanism,  
			   SSMPRUint32 *keySize, unsigned char **params,
			   SSMPRUint32 *paramLen)
{
  unsigned char *curPtr = (unsigned char*)keyPairGenRequest;
  SSMPRStatus    rv     = SSMPR_SUCCESS;

  if (!keyPairGenRequest) {
    SSMPORT_SetError(SSMPR_INVALID_ARGUMENT_ERROR);
    return SSMPR_FAILURE;
  }

  /* Now fetch all of the stuff out */
  if (keyGenCtxtID)
    *keyGenCtxtID =SSMPR_ntohl(*((SSMPRInt32*)curPtr));
  curPtr += sizeof(SSMPRInt32);

  if (genMechanism)
    *genMechanism =SSMPR_ntohl(*((SSMPRInt32*)curPtr));
  curPtr += sizeof(SSMPRInt32);

  if (keySize)
    *keySize = SSMPR_ntohl(*((SSMPRInt32*)curPtr));
  curPtr += sizeof(SSMPRInt32);

  rv = SSM_SSMStringToString((char**)params, (int*)paramLen, 
			     (SSMString*)curPtr);
  return rv;
}

SSMPRInt32
SSM_PackKeyPairGenResponse(void ** keyPairGenResponse, SSMPRUint32 keyPairId)
{
  SSMPRInt32     blobSize;
  unsigned char *curPtr;

  blobSize = sizeof (SSMPRInt32);
  *keyPairGenResponse = curPtr = PORT_ZAlloc(blobSize);
  if (curPtr == NULL) {
      SSMPORT_SetError(SSMPR_OUT_OF_MEMORY_ERROR);
      return 0;
  }
  *((SSMPRInt32*)curPtr) = SSMPR_htonl(keyPairId);
  return blobSize;
}

PRStatus
SSM_ParseFinishKeyGenRequest(void    *finishKeyGenRequest,
                             PRInt32  requestLen,
                             PRInt32 *keyGenContext)
{
  if (!finishKeyGenRequest || !keyGenContext) {
    SSMPORT_SetError(SSMPR_INVALID_ARGUMENT_ERROR);
    return PR_FAILURE;
  }
  *keyGenContext = PR_ntohl(*((PRInt32*)finishKeyGenRequest));
  PR_ASSERT(requestLen == sizeof(PRInt32));
  return PR_SUCCESS;
}

SSMPRStatus 
SSM_ParseCreateCRMFReqRequest(void        *crmfReqRequest,
			      SSMPRInt32   requestLen,
			      SSMPRUint32 *keyPairId)
{
  if (!crmfReqRequest || !keyPairId) {
    SSMPORT_SetError(SSMPR_INVALID_ARGUMENT_ERROR);
    return SSMPR_FAILURE;
  }
  *keyPairId = SSMPR_ntohl(*((SSMPRInt32*)crmfReqRequest));
  return SSMPR_SUCCESS;
}


SSMPRInt32
SSM_PackCreateCRMFReqReply(void        **crmfReqReply,
			   SSMPRUint32   crmfReqId)
{
  SSMPRInt32 blobSize;
  unsigned char *curPtr;

  blobSize = sizeof(SSMPRInt32);
  *crmfReqReply = curPtr = (unsigned char *) PORT_ZAlloc(blobSize);
  *((SSMPRInt32*)curPtr) = SSMPR_htonl(crmfReqId);
  return blobSize;
}

SSMPRStatus
SSM_ParseEncodeCRMFReqRequest(void         *encodeReq,
			      SSMPRInt32    requestLen,
			      SSMPRUint32 **crmfReqIds,
			      SSMPRInt32   *numRequests)
{
  unsigned char *curPtr = (unsigned char*)encodeReq;
  SSMPRInt32 i;
  SSMPRUint32 *reqIdArr;
  if (!encodeReq || !crmfReqIds || !numRequests) {
    SSMPORT_SetError(SSMPR_INVALID_ARGUMENT_ERROR);
    return SSMPR_FAILURE;
  }
  *numRequests = SSMPR_ntohl(*((SSMPRInt32*)encodeReq));
  curPtr += sizeof(SSMPRInt32);
  *crmfReqIds = reqIdArr = SSMPORT_ZNewArray(SSMPRUint32, *numRequests);
  if (reqIdArr == NULL) {
    return SSMPR_FAILURE;
  }
  for (i=0; i<*numRequests;i++) {
    reqIdArr[i] = SSMPR_ntohl(*((SSMPRUint32*)curPtr));
    curPtr += sizeof(SSMPRUint32);
  } 
  return SSMPR_SUCCESS;
}

SSMPRInt32
SSM_PackEncodeCRMFReqReply(void        **encodeReply,
			   char         *crmfDER,
			   SSMPRUint32   derLen)
{
  char       *reply;
  SSMPRInt32  blobSize;

  blobSize = SSMSTRING_PADDED_LENGTH(derLen)+sizeof(SSMPRUint32);
  *encodeReply = reply = (char *) PORT_ZAlloc(blobSize);
  *((SSMPRUint32*)reply) = SSMPR_ntohl(derLen);
  reply += sizeof (SSMPRUint32);
  memcpy(reply, crmfDER, derLen);
  reply += derLen;
  memset(reply, 0 , blobSize - (reply - (*(char**)encodeReply)));
  return blobSize;
}

SSMPRStatus
SSM_ParseCMMFCertResponse(void        *encodedRes,
			  SSMPRInt32   encodeLen,
			  char       **nickname,
			  char       **base64Der,
			  PRBool      *doBackup)
{
  SSMPRStatus  rv;
  char        *curPtr;

  if (encodedRes == NULL || nickname == NULL || 
      base64Der  == NULL || doBackup == NULL) {
      return SSMPR_FAILURE;
  }
  curPtr = encodedRes;
  PR_ASSERT(*nickname == NULL && *base64Der == NULL);
  *nickname = *base64Der = NULL;
  rv = SSM_SSMStringToString(nickname, NULL, (SSMString*)curPtr);
  if (rv != SSMPR_SUCCESS) {
      goto loser;
  }
  curPtr += SSM_SIZEOF_STRING(*(SSMString*)curPtr);
  rv = SSM_SSMStringToString(base64Der, NULL, (SSMString*)curPtr);
  if (rv != SSMPR_SUCCESS) {
      goto loser;
  }
  curPtr += SSM_SIZEOF_STRING(*(SSMString*)curPtr);
  *doBackup = (SSMPR_ntohl(*(SSMPRUint32*)curPtr) == 0) ? PR_FALSE : PR_TRUE;
  return SSMPR_SUCCESS;
 loser:
  if (nickname && *nickname) {
      PR_Free(*nickname);
  }
  if (base64Der && *base64Der) {
      PR_Free(*base64Der);
  }
  return SSMPR_FAILURE;
}

PRStatus SSM_ParsePOPChallengeRequest(void     *challenge,
				      PRInt32   len,
				      char    **responseString)
{
  if (challenge == NULL || responseString == NULL) {
    return PR_FAILURE;
  }
  *responseString = NULL;
  return  SSM_SSMStringToString(responseString, NULL, (SSMString*)challenge);
    
}

PRInt32 SSM_PackPOPChallengeResponse(void   **response,
				     char    *responseString,
				     PRInt32  responseStringLen)
{
  PRInt32  blobSize;

  blobSize = SSMSTRING_PADDED_LENGTH(responseStringLen)+sizeof(PRInt32);
  *response = SSMPORT_ZNewArray(char, blobSize);
  if (SSM_StringToSSMString((SSMString**)response, responseStringLen,
			    responseString) != PR_SUCCESS) {
    return 0;
  }