processmsg.c

安全开发库。含客户端建立ssl连接、签名、证书验证、证书发布和撤销等。编译用到nss

                               ctrl, request.socketStatus1Data.len,
                               request.socketStatus1Data.data) != PR_SUCCESS) {
        goto loser;
    }
    if (SSMSSLSocketStatus_Unpickle((SSMResource**)&ss2,
                               ctrl, request.socketStatus2Data.len,
                               request.socketStatus2Data.data) != PR_SUCCESS) {
        goto loser;
    }
    reply.value = 
        (CMInt32)CERT_CompareCertsForRedirection(ss1->m_cert, ss2->m_cert);
    if (CMT_EncodeMessage(SingleNumMessageTemplate, (CMTItem*)msg, &reply)
        != CMTSuccess) {
        goto loser;
    }
    msg->type = (SECItemType) (SSM_REPLY_OK_MESSAGE | SSM_CERT_ACTION | SSM_REDIRECT_COMPARE);
    SSMSSLSocketStatus_Destroy((SSMResource*)ss1, PR_TRUE);
    SSMSSLSocketStatus_Destroy((SSMResource*)ss2, PR_TRUE);
    SSM_DEBUG("Finished comparing certs for re-direction.\n");
    return PR_SUCCESS;
 loser:
    if (ss1 != NULL) {
        SSMSSLSocketStatus_Destroy((SSMResource*)ss1, PR_TRUE);
    }
    if (ss2 != NULL) {
        SSMSSLSocketStatus_Destroy((SSMResource*)ss2, PR_TRUE);
    }
    return PR_FAILURE;
}

SSMStatus
SSMControlConnection_ProcessDecodeCRLRequest(SSMControlConnection *ctrl, 
                                             SECItem *msg)
{
    DecodeAndAddCRLRequest request;
    SingleNumMessage reply;
    PRArenaPool *arena = NULL;
    CERTCertificate *caCert;
    SECItem derName = { siBuffer, NULL, 0 };
    CERTSignedData sd;
    SECStatus rv;
    int type;
    CERTSignedCrl *crl;

    SSM_DEBUG("Adding a CRL\n");
    reply.value = 0xffffffff; /* Set the return value to some invalid
                               * enumeration for localized strings.
                               */
    if (CMT_DecodeMessage(DecodeAndAddCRLRequestTemplate, &request,
			  (CMTItem*)msg) != CMTSuccess) {
        goto done;
    }
    type = request.type;
    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
    if (arena == NULL) {
        goto done;
    }
    memset(&sd, 0, sizeof(sd));

    /* The Crl inherits the arena passed in.*/
    rv = CERT_KeyFromDERCrl(arena, (SECItem*)&request.derCrl, &derName);
    if (rv != SECSuccess) {
        reply.value = (type == SEC_CRL_TYPE) ? SSM_STRING_INVALID_CRL :
	                                       SSM_STRING_INVALID_CKL;
	goto done;
    }
    caCert = CERT_FindCertByName(ctrl->m_certdb, &derName);
    if (caCert == NULL) {
        if (type == SEC_KRL_TYPE){
            reply.value = SSM_STRING_ROOT_CKL_CERT_NOT_FOUND;
            goto done;
        }
    } else {
        rv = SEC_ASN1DecodeItem(arena,
                                &sd, CERT_SignedDataTemplate, 
                                (SECItem*)&request.derCrl);
        if (rv != SECSuccess) {
            reply.value = (type == SEC_CRL_TYPE) ? SSM_STRING_INVALID_CRL :
                SSM_STRING_INVALID_CKL;
            goto done;
        }
        rv = CERT_VerifySignedData(&sd, caCert, PR_Now(),
                                   ctrl);
        if (rv != SECSuccess) {
            reply.value = 
                (type == SEC_CRL_TYPE) ? SSM_STRING_BAD_CRL_SIGNATURE :
                SSM_STRING_BAD_CKL_SIGNATURE;
        }
    }
    
    crl = SEC_NewCrl(ctrl->m_certdb, request.url, (SECItem*)&request.derCrl,
                     type);
    if (!crl) {
        reply.value = (type == SEC_CRL_TYPE) ? SSM_STRING_ERR_ADD_CRL :
                                               SSM_STRING_ERR_ADD_CKL;
        goto done;
    }
    reply.value = 0;
    /* Not sure if we still need to do this, but the old client code does it,
     * so I'll do it here as well.
     * -javi
     */
    SSL_ClearSessionCache();
    
    SEC_DestroyCrl(crl);
 done:
    if (CMT_EncodeMessage(SingleNumMessageTemplate, (CMTItem*)msg, &reply) 
        != CMTSuccess) {
        return PR_FAILURE;
    }
    msg->type = (SECItemType) (SSM_REPLY_OK_MESSAGE | SSM_CERT_ACTION  | SSM_DECODE_CRL);
    return PR_SUCCESS;
}

PRStatus 
SSMControlConnection_ProcessSecurityAdvsiorRequest(SSMControlConnection *ctrl, 
					     SECItem *msg)
{
    SecurityAdvisorRequest request;
    SingleNumMessage reply;
    InfoSecAdvisor infoSecAdvisor;
    SSMResource *resID = NULL;
    PRStatus rv;
    SSMResource *res;

    /* Decode the request message */
    if (CMT_DecodeMessage(SecurityAdvisorRequestTemplate, &request, (CMTItem*)msg) != CMTSuccess) {
        goto loser;
    }

    /* Get the request data */
    infoSecAdvisor.infoContext = request.infoContext;
    infoSecAdvisor.resID = request.resID;
    infoSecAdvisor.hostname = (request.hostname ? strdup(request.hostname) : NULL);
 	infoSecAdvisor.senderAddr = (request.senderAddr ? strdup(request.senderAddr) : NULL);
	infoSecAdvisor.encryptedP7CInfo = request.encryptedP7CInfo;
	infoSecAdvisor.signedP7CInfo = request.signedP7CInfo;
	infoSecAdvisor.decodeError = request.decodeError;
	infoSecAdvisor.verifyError = request.verifyError;
	infoSecAdvisor.encryptthis = request.encryptthis;
	infoSecAdvisor.signthis = request.signthis;
	infoSecAdvisor.numRecipients = request.numRecipients;
	infoSecAdvisor.recipients = request.recipients;

    /* Create the security advisor context. */
    rv = (PRStatus) SSMSecurityAdvisorContext_Create(ctrl, &infoSecAdvisor, &res);
    if (rv != PR_SUCCESS) {
        goto loser;
    }

    msg->type = (SECItemType) (SSM_SECURITY_ADVISOR | SSM_REPLY_OK_MESSAGE);
    /* Encode the reply */
    reply.value = res->m_id;
    if (CMT_EncodeMessage(SingleNumMessageTemplate, (CMTItem*)msg, &reply) != CMTSuccess) {
        goto loser;
    }

    return PR_SUCCESS;
loser:
    return PR_FAILURE;
}

/* XXX Do I need to destroy the cert in these functions??? */
PRStatus
SSMControlConnection_ProcessSCAddCertToTempDB(SSMControlConnection* ctrl,
                                              SECItem* msg)
{
    PRStatus rv = PR_FAILURE;
    SingleItemMessage request;
    CERTCertificate* impcert = NULL;
    CERTCertificate* cert = NULL;
    SingleItemMessage reply;

    SSM_DEBUG("SecurityConfig: add cert to temp DB\n");

    /* fill in reply in case of failure */
    reply.item.len = 0;
    reply.item.data = NULL;

    /* Decode the request */
    if (CMT_DecodeMessage(SingleItemMessageTemplate, &request, 
                          (CMTItem*)msg) != CMTSuccess) {
        goto loser;
    }

    /* decode the package that the cert came in */
    impcert = CERT_DecodeCertFromPackage((char *) request.item.data, (int) request.item.len);
    if (impcert == NULL) {
        goto done;
    }

    /* load the cert into the temporary database */
    cert = CERT_NewTempCertificate(ctrl->m_certdb, &impcert->derCert, NULL,
                                   PR_FALSE, PR_TRUE);
    CERT_DestroyCertificate(impcert);
    if (cert == NULL) {
        goto done;
    }

    reply.item.len = cert->certKey.len;
    reply.item.data = cert->certKey.data;

done:
    /* pack cert key into the reply */
    msg->type = (SECItemType) (SSM_REPLY_OK_MESSAGE | SSM_SEC_CFG_ACTION | 
						        SSM_ADD_CERT_TO_TEMP_DB);

    if (CMT_EncodeMessage(SingleItemMessageTemplate, (CMTItem*)msg, &reply) !=
        CMTSuccess) {
        goto loser;
    }

    rv = PR_SUCCESS;
loser:
    (void)SSMControlConnection_RecycleItem((SECItem*)&request.item);

    return rv;
}


PRStatus
SSMControlConnection_ProcessSCAddTempCertToPermDB(SSMControlConnection* ctrl,
                                                  SECItem* msg)
{
    PRStatus rv = PR_FAILURE;
    SECStatus srv = SECFailure;
    SCAddTempCertToPermDBRequest request;
    SingleNumMessage reply;
    CERTCertificate* cert = NULL;
    CERTCertTrust trust;

    SSM_DEBUG("SecurityConfig: add temp cert to perm DB\n");

    /* Decode the request */
    if (CMT_DecodeMessage(SCAddTempCertToPermDBRequestTemplate, &request, 
                          (CMTItem*)msg) != CMTSuccess) {
        goto loser;
    }

    /* look up cert in database */
    cert = CERT_FindCertByKey(ctrl->m_certdb, (SECItem*)&request.certKey);
    if (cert == NULL) {
        goto done;
    }

    /* decode the trust flags string */
    srv = CERT_DecodeTrustString(&trust, request.trustStr);
    if (srv != SECSuccess) { 
        goto done;
    }

    /* if no nickname was passed in, then there must already be a nickname
     * for the cert's subject name
     */
    if ((request.nickname == NULL) || (*request.nickname == '\0')) {
        if ((cert->subjectList == NULL) ||
            (cert->subjectList->entry == NULL) ||
            (cert->subjectList->entry->nickname == NULL)) {
            srv = SECFailure;
            goto done;
        }
        /* force zero length string case to null */
        request.nickname = NULL;
    }

    /* add the cert to the perm database */
    if (cert->isperm) {
        srv = SECFailure;
        goto done;
    }
    else {
        srv = CERT_AddTempCertToPerm(cert, request.nickname, &trust);
    }

done:
    /* pack the reply */
    msg->type = (SECItemType) (SSM_REPLY_OK_MESSAGE | SSM_SEC_CFG_ACTION | 
        SSM_ADD_TEMP_CERT_TO_DB);

    reply.value = (CMInt32)srv;
    if (CMT_EncodeMessage(SingleNumMessageTemplate, (CMTItem*)msg, &reply) !=
        CMTSuccess) {
        goto loser;
    }

    rv = PR_SUCCESS;
loser:
    (void)SSMControlConnection_RecycleItem((SECItem*)&request.certKey);
    if (request.trustStr != NULL) {
        PR_Free(request.trustStr);
    }
    if (request.nickname != NULL) {
        PR_Free(request.nickname);
    }

    return rv;
}


static SECStatus SC_DeleteCertCB(CERTCertificate* cert, void* arg)
{
    return SEC_DeletePermCertificate(cert);
}

PRStatus
SSMControlConnection_ProcessSCDeletePermCerts(SSMControlConnection* ctrl,
                                              SECItem* msg)
{
    PRStatus rv = PR_FAILURE;
    SECStatus srv = SECFailure;
    SCDeletePermCertsRequest request;
    SingleNumMessage reply;
    CERTCertificate* cert = NULL;

    SSM_DEBUG("SecurityConfig: delete perm certs\n");

    if (CMT_DecodeMessage(SCDeletePermCertsRequestTemplate, &request,
                          (CMTItem*)msg) != CMTSuccess) {
        goto loser;
    }

    cert = CERT_FindCertByKey(ctrl->m_certdb, (SECItem*)&request.certKey);
    if (cert == NULL) {
        goto done;
    }

    if (request.deleteAll == PR_TRUE) {
        srv = CERT_TraversePermCertsForSubject(ctrl->m_certdb, 
                                              &cert->derSubject,
                                              SC_DeleteCertCB, NULL);
    }
    else {
        srv = SEC_DeletePermCertificate(cert);
    }

    /* XXX the old client code actually returns PR_SUCCESS even if delete
     *     operation fails: what gives?
     */
done:
    /* pack the reply */
    msg->type = (SECItemType) (SSM_REPLY_OK_MESSAGE | SSM_SEC_CFG_ACTION | 
        SSM_DELETE_PERM_CERTS);
    reply.value = (CMInt32)srv;
    if (CMT_EncodeMessage(SingleNumMessageTemplate, (CMTItem*)msg, &reply) !=
        CMTSuccess) {
        goto loser;
    }

    rv = PR_SUCCESS;
loser:
    (void)SSMControlConnection_RecycleItem((SECItem*)&request.certKey);

    return rv;
}


PRStatus SSMControlConnection_ProcessSCFindKey(SSMControlConnection* ctrl,
                                               SECItem* msg)
{
    SingleStringMessage request;
    CERTCertificate* cert = NULL;
    SingleItemMessage reply;

    SSM_DEBUG("SecurityConfig: find key\n");

    if (CMT_DecodeMessage(SingleStringMessageTemplate, &request,
                          (CMTItem*)msg) != CMTSuccess) {
        return (PRStatus) SSM_FAILURE;
    }

    switch (msg->type & SSM_SPECIFIC_MASK) {
    case SSM_FIND_KEY_BY_NICKNAME:
        cert = CERT_FindCertByNickname(ctrl->m_certdb, request.string);
        msg->type = (SECItemType)(SSM_SEC_CFG_ACTION | SSM_FIND_CERT_KEY |
                                  SSM_FIND_KEY_BY_NICKNAME);
        break;
    case SSM_FIND_KEY_BY_EMAIL_ADDR:
        cert = CERT_FindCertByEmailAddr(ctrl->m_certdb, request.string);
        msg->type = (SECItemType)(SSM_SEC_CFG_ACTION | SSM_FIND_CERT_KEY |
                                  SSM_FIND_KEY_BY_EMAIL_ADDR);
        break;
    case SSM_FIND_KEY_BY_DN:
        cert = CERT_FindCertByNameString(ctrl->m_certdb, request.string);
        msg->type = (SECItemType)(SSM_SEC_CFG_ACTION | SSM_FIND_CERT_KEY |
                                  SSM_FIND_KEY_BY_DN);
        break;
    default:
        SSM_DEBUG("Wrong subtype!");
        break;
    }

    /* pack cert key into the reply */
    if (cert == NULL) {
        reply.item.len = 0;
        reply.item.data = NULL;
        msg->type = (SECItemType) ((long) msg->type | (long) SSM_REPLY_ERR_MESSAGE);
    }
    else {
        reply.item.len = cert->certKey.len;
        reply.item.data = cert->certKey.data;
        msg->type = (SECItemType) ((long) msg->type | (long) SSM_REPLY_OK_MESSAGE);
    }

    if (CMT_EncodeMessage(SingleItemMessageTemplate, (CMTItem*)msg, &reply) !=
        CMTSuccess) {
        return (PRStatus) SSM_FAILURE;
    }

    return (PRStatus) SSM_SUCCESS;
}

static SSMStatus 
SSMControlConnection_ProcessSCGetCertPropString(CERTCertificate* cert,
                                                SECItem* msg)
{
    SSMStatus rv = SSM_SUCCESS;
    SingleStringMessage reply;

    reply.string = NULL;
    switch (msg->type & SSM_SPECIFIC_MASK) {
    case SSM_SECCFG_GET_NICKNAME:
        if (cert->nickname != NULL) {
            reply.string = PL_strdup(cert->nickname);
        }
        break;
    case SSM_SECCFG_GET_EMAIL_ADDR:
        if (cert->emailAddr != NULL) {
            reply.string = PL_strdup(cert->emailAddr);
        }
        break;
    case SSM_SECCFG_G