1 /* -*- Mode: C; tab-width: 8 -*-*/
2 /* ***** BEGIN LICENSE BLOCK *****
3 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
5 * The contents of this file are subject to the Mozilla Public License Version
6 * 1.1 (the "License"); you may not use this file except in compliance with
7 * the License. You may obtain a copy of the License at
8 * http://www.mozilla.org/MPL/
10 * Software distributed under the License is distributed on an "AS IS" basis,
11 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
12 * for the specific language governing rights and limitations under the
15 * The Original Code is the Netscape security libraries.
17 * The Initial Developer of the Original Code is
18 * Netscape Communications Corporation.
19 * Portions created by the Initial Developer are Copyright (C) 1994-2000
20 * the Initial Developer. All Rights Reserved.
24 * Alternatively, the contents of this file may be used under the terms of
25 * either the GNU General Public License Version 2 or later (the "GPL"), or
26 * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
27 * in which case the provisions of the GPL or the LGPL are applicable instead
28 * of those above. If you wish to allow use of your version of this file only
29 * under the terms of either the GPL or the LGPL, and not to allow others to
30 * use your version of this file under the terms of the MPL, indicate your
31 * decision by deleting the provisions above and replace them with the notice
32 * and other provisions required by the GPL or the LGPL. If you do not delete
33 * the provisions above, a recipient may use your version of this file under
34 * the terms of any one of the MPL, the GPL or the LGPL.
36 * ***** END LICENSE BLOCK ***** */
45 CRMFEncryptedKeyChoice
46 CRMF_EncryptedKeyGetChoice(CRMFEncryptedKey *inEncrKey)
48 PORT_Assert(inEncrKey != NULL);
49 if (inEncrKey == NULL) {
50 return crmfNoEncryptedKeyChoice;
52 return inEncrKey->encKeyChoice;
56 CRMF_EncryptedKeyGetEncryptedValue(CRMFEncryptedKey *inEncrKey)
58 CRMFEncryptedValue *newEncrValue = NULL;
61 PORT_Assert(inEncrKey != NULL);
62 if (inEncrKey == NULL ||
63 CRMF_EncryptedKeyGetChoice(inEncrKey) != crmfEncryptedValueChoice) {
66 newEncrValue = PORT_ZNew(CRMFEncryptedValue);
67 if (newEncrValue == NULL) {
70 rv = crmf_copy_encryptedvalue(NULL, &inEncrKey->value.encryptedValue,
72 if (rv != SECSuccess) {
77 if (newEncrValue != NULL) {
78 CRMF_DestroyEncryptedValue(newEncrValue);
84 crmf_get_encvalue_bitstring(SECItem *srcItem)
86 SECItem *newItem = NULL;
89 if (srcItem->data == NULL) {
92 newItem = PORT_ZNew(SECItem);
93 if (newItem == NULL) {
96 rv = crmf_make_bitstring_copy(NULL, newItem, srcItem);
97 if (rv != SECSuccess) {
102 if (newItem != NULL) {
103 SECITEM_FreeItem(newItem, PR_TRUE);
109 CRMF_EncryptedValueGetEncSymmKey(CRMFEncryptedValue *inEncValue)
111 if (inEncValue == NULL) {
114 return crmf_get_encvalue_bitstring(&inEncValue->encSymmKey);
118 CRMF_EncryptedValueGetEncValue(CRMFEncryptedValue *inEncrValue)
120 if (inEncrValue == NULL || inEncrValue->encValue.data == NULL) {
123 return crmf_get_encvalue_bitstring(&inEncrValue->encValue);
126 static SECAlgorithmID*
127 crmf_get_encvalue_algid(SECAlgorithmID *srcAlg)
130 SECAlgorithmID *newAlgID;
132 if (srcAlg == NULL) {
135 rv = crmf_copy_encryptedvalue_secalg(NULL, srcAlg, &newAlgID);
136 if (rv != SECSuccess) {
143 CRMF_EncryptedValueGetIntendedAlg(CRMFEncryptedValue *inEncValue)
145 if (inEncValue == NULL) {
148 return crmf_get_encvalue_algid(inEncValue->intendedAlg);
152 CRMF_EncryptedValueGetKeyAlg(CRMFEncryptedValue *inEncValue)
154 if (inEncValue == NULL) {
157 return crmf_get_encvalue_algid(inEncValue->keyAlg);
161 CRMF_EncryptedValueGetSymmAlg(CRMFEncryptedValue *inEncValue)
163 if (inEncValue == NULL) {
166 return crmf_get_encvalue_algid(inEncValue->symmAlg);
170 CRMF_EncryptedValueGetValueHint(CRMFEncryptedValue *inEncValue)
172 if (inEncValue == NULL || inEncValue->valueHint.data == NULL) {
175 return SECITEM_DupItem(&inEncValue->valueHint);
179 CRMF_PKIArchiveOptionsGetArchiveRemGenPrivKey(CRMFPKIArchiveOptions *inOpt,
182 if (inOpt == NULL || destVal == NULL ||
183 CRMF_PKIArchiveOptionsGetOptionType(inOpt) != crmfArchiveRemGenPrivKey){
186 *destVal = (inOpt->option.archiveRemGenPrivKey.data[0] == hexFalse)
193 CRMF_PKIArchiveOptionsGetEncryptedPrivKey(CRMFPKIArchiveOptions *inOpts)
195 CRMFEncryptedKey *newEncrKey = NULL;
198 PORT_Assert(inOpts != NULL);
199 if (inOpts == NULL ||
200 CRMF_PKIArchiveOptionsGetOptionType(inOpts) != crmfEncryptedPrivateKey){
203 newEncrKey = PORT_ZNew(CRMFEncryptedKey);
204 if (newEncrKey == NULL) {
207 rv = crmf_copy_encryptedkey(NULL, &inOpts->option.encryptedKey,
209 if (rv != SECSuccess) {
214 if (newEncrKey != NULL) {
215 CRMF_DestroyEncryptedKey(newEncrKey);
221 CRMF_PKIArchiveOptionsGetKeyGenParameters(CRMFPKIArchiveOptions *inOptions)
223 if (inOptions == NULL ||
224 CRMF_PKIArchiveOptionsGetOptionType(inOptions) != crmfKeyGenParameters ||
225 inOptions->option.keyGenParameters.data == NULL) {
228 return SECITEM_DupItem(&inOptions->option.keyGenParameters);
231 CRMFPKIArchiveOptionsType
232 CRMF_PKIArchiveOptionsGetOptionType(CRMFPKIArchiveOptions *inOptions)
234 PORT_Assert (inOptions != NULL);
235 if (inOptions == NULL) {
236 return crmfNoArchiveOptions;
238 return inOptions->archOption;
242 crmf_extract_long_from_item(SECItem *intItem, long *destLong)
244 *destLong = DER_GetInteger(intItem);
245 return (*destLong == -1) ? SECFailure : SECSuccess;
249 CRMF_POPOPrivGetKeySubseqMess(CRMFPOPOPrivKey *inKey,
250 CRMFSubseqMessOptions *destOpt)
255 PORT_Assert(inKey != NULL);
257 inKey->messageChoice != crmfSubsequentMessage) {
260 rv = crmf_extract_long_from_item(&inKey->message.subsequentMessage,&value);
261 if (rv != SECSuccess) {
266 *destOpt = crmfEncrCert;
269 *destOpt = crmfChallengeResp;
274 if (rv != SECSuccess) {
280 CRMFPOPOPrivKeyChoice
281 CRMF_POPOPrivKeyGetChoice(CRMFPOPOPrivKey *inPrivKey)
283 PORT_Assert(inPrivKey != NULL);
284 if (inPrivKey != NULL) {
285 return inPrivKey->messageChoice;
287 return crmfNoMessage;
291 CRMF_POPOPrivKeyGetDHMAC(CRMFPOPOPrivKey *inKey, SECItem *destMAC)
293 PORT_Assert(inKey != NULL);
294 if (inKey == NULL || inKey->message.dhMAC.data == NULL) {
297 return crmf_make_bitstring_copy(NULL, destMAC, &inKey->message.dhMAC);
301 CRMF_POPOPrivKeyGetThisMessage(CRMFPOPOPrivKey *inKey,
304 PORT_Assert(inKey != NULL);
306 inKey->messageChoice != crmfThisMessage) {
310 return crmf_make_bitstring_copy(NULL, destString,
311 &inKey->message.thisMessage);
315 CRMF_POPOSigningKeyGetAlgID(CRMFPOPOSigningKey *inSignKey)
317 SECAlgorithmID *newAlgId = NULL;
320 PORT_Assert(inSignKey != NULL);
321 if (inSignKey == NULL) {
324 newAlgId = PORT_ZNew(SECAlgorithmID);
325 if (newAlgId == NULL) {
328 rv = SECOID_CopyAlgorithmID(NULL, newAlgId,
329 inSignKey->algorithmIdentifier);
330 if (rv != SECSuccess) {
336 if (newAlgId != NULL) {
337 SECOID_DestroyAlgorithmID(newAlgId, PR_TRUE);
343 CRMF_POPOSigningKeyGetInput(CRMFPOPOSigningKey *inSignKey)
345 PORT_Assert(inSignKey != NULL);
346 if (inSignKey == NULL || inSignKey->derInput.data == NULL) {
349 return SECITEM_DupItem(&inSignKey->derInput);
353 CRMF_POPOSigningKeyGetSignature(CRMFPOPOSigningKey *inSignKey)
355 SECItem *newSig = NULL;
358 PORT_Assert(inSignKey != NULL);
359 if (inSignKey == NULL) {
362 newSig = PORT_ZNew(SECItem);
363 if (newSig == NULL) {
366 rv = crmf_make_bitstring_copy(NULL, newSig, &inSignKey->signature);
367 if (rv != SECSuccess) {
372 if (newSig != NULL) {
373 SECITEM_FreeItem(newSig, PR_TRUE);
379 crmf_copy_poposigningkey(PRArenaPool *poolp,
380 CRMFPOPOSigningKey *inPopoSignKey,
381 CRMFPOPOSigningKey *destPopoSignKey)
385 /* We don't support use of the POPOSigningKeyInput, so we'll only
386 * store away the DER encoding.
388 if (inPopoSignKey->derInput.data != NULL) {
389 rv = SECITEM_CopyItem(poolp, &destPopoSignKey->derInput,
390 &inPopoSignKey->derInput);
392 destPopoSignKey->algorithmIdentifier = (poolp == NULL) ?
393 PORT_ZNew(SECAlgorithmID) :
394 PORT_ArenaZNew(poolp, SECAlgorithmID);
396 if (destPopoSignKey->algorithmIdentifier == NULL) {
399 rv = SECOID_CopyAlgorithmID(poolp, destPopoSignKey->algorithmIdentifier,
400 inPopoSignKey->algorithmIdentifier);
401 if (rv != SECSuccess) {
405 rv = crmf_make_bitstring_copy(poolp, &destPopoSignKey->signature,
406 &inPopoSignKey->signature);
407 if (rv != SECSuccess) {
413 CRMF_DestroyPOPOSigningKey(destPopoSignKey);
419 crmf_copy_popoprivkey(PRArenaPool *poolp,
420 CRMFPOPOPrivKey *srcPrivKey,
421 CRMFPOPOPrivKey *destPrivKey)
425 destPrivKey->messageChoice = srcPrivKey->messageChoice;
426 switch (destPrivKey->messageChoice) {
427 case crmfThisMessage:
429 /* I've got a union, so taking the address of one, will also give
430 * me a pointer to the other (eg, message.dhMAC)
432 rv = crmf_make_bitstring_copy(poolp, &destPrivKey->message.thisMessage,
433 &srcPrivKey->message.thisMessage);
435 case crmfSubsequentMessage:
436 rv = SECITEM_CopyItem(poolp, &destPrivKey->message.subsequentMessage,
437 &srcPrivKey->message.subsequentMessage);
443 if (rv != SECSuccess && poolp == NULL) {
444 CRMF_DestroyPOPOPrivKey(destPrivKey);
449 static CRMFProofOfPossession*
450 crmf_copy_pop(PRArenaPool *poolp, CRMFProofOfPossession *srcPOP)
452 CRMFProofOfPossession *newPOP;
456 * Proof Of Possession structures are always part of the Request
457 * message, so there will always be an arena for allocating memory.
462 newPOP = PORT_ArenaZNew(poolp, CRMFProofOfPossession);
463 if (newPOP == NULL) {
466 switch (srcPOP->popUsed) {
468 newPOP->popChoice.raVerified.data = NULL;
469 newPOP->popChoice.raVerified.len = 0;
472 rv = crmf_copy_poposigningkey(poolp, &srcPOP->popChoice.signature,
473 &newPOP->popChoice.signature);
474 if (rv != SECSuccess) {
478 case crmfKeyEncipherment:
479 case crmfKeyAgreement:
480 /* We've got a union, so a pointer to one, is a pointer to the
483 rv = crmf_copy_popoprivkey(poolp, &srcPOP->popChoice.keyEncipherment,
484 &newPOP->popChoice.keyEncipherment);
485 if (rv != SECSuccess) {
492 newPOP->popUsed = srcPOP->popUsed;
499 static CRMFCertReqMsg*
500 crmf_copy_cert_req_msg(CRMFCertReqMsg *srcReqMsg)
502 CRMFCertReqMsg *newReqMsg;
505 poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
509 newReqMsg = PORT_ArenaZNew(poolp, CRMFCertReqMsg);
510 if (newReqMsg == NULL) {
511 PORT_FreeArena(poolp, PR_TRUE);
515 newReqMsg->poolp = poolp;
516 newReqMsg->certReq = crmf_copy_cert_request(poolp, srcReqMsg->certReq);
517 if (newReqMsg->certReq == NULL) {
520 newReqMsg->pop = crmf_copy_pop(poolp, srcReqMsg->pop);
521 if (newReqMsg->pop == NULL) {
524 /* None of my set/get routines operate on the regInfo field, so
525 * for now, that won't get copied over.
530 if (newReqMsg != NULL) {
531 CRMF_DestroyCertReqMsg(newReqMsg);
537 CRMF_CertReqMessagesGetCertReqMsgAtIndex(CRMFCertReqMessages *inReqMsgs,
542 PORT_Assert(inReqMsgs != NULL && index >= 0);
543 if (inReqMsgs == NULL) {
546 numMsgs = CRMF_CertReqMessagesGetNumMessages(inReqMsgs);
547 if (index < 0 || index >= numMsgs) {
550 return crmf_copy_cert_req_msg(inReqMsgs->messages[index]);
554 CRMF_CertReqMessagesGetNumMessages(CRMFCertReqMessages *inCertReqMsgs)
558 PORT_Assert(inCertReqMsgs != NULL);
559 if (inCertReqMsgs == NULL) {
562 while (inCertReqMsgs->messages[numMessages] != NULL) {
569 CRMF_CertReqMsgGetCertRequest(CRMFCertReqMsg *inCertReqMsg)
571 PRArenaPool *poolp = NULL;
572 CRMFCertRequest *newCertReq = NULL;
574 PORT_Assert(inCertReqMsg != NULL);
576 poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
580 newCertReq = crmf_copy_cert_request(poolp, inCertReqMsg->certReq);
581 if (newCertReq == NULL) {
584 newCertReq->poolp = poolp;
588 PORT_FreeArena(poolp, PR_FALSE);
594 CRMF_CertReqMsgGetID(CRMFCertReqMsg *inCertReqMsg, long *destID)
596 PORT_Assert(inCertReqMsg != NULL && destID != NULL);
597 if (inCertReqMsg == NULL || inCertReqMsg->certReq == NULL) {
600 return crmf_extract_long_from_item(&inCertReqMsg->certReq->certReqId,
605 CRMF_CertReqMsgGetPOPKeyAgreement(CRMFCertReqMsg *inCertReqMsg,
606 CRMFPOPOPrivKey **destKey)
608 PORT_Assert(inCertReqMsg != NULL && destKey != NULL);
609 if (inCertReqMsg == NULL || destKey == NULL ||
610 CRMF_CertReqMsgGetPOPType(inCertReqMsg) != crmfKeyAgreement) {
613 *destKey = PORT_ZNew(CRMFPOPOPrivKey);
614 if (*destKey == NULL) {
617 return crmf_copy_popoprivkey(NULL,
618 &inCertReqMsg->pop->popChoice.keyAgreement,
623 CRMF_CertReqMsgGetPOPKeyEncipherment(CRMFCertReqMsg *inCertReqMsg,
624 CRMFPOPOPrivKey **destKey)
626 PORT_Assert(inCertReqMsg != NULL && destKey != NULL);
627 if (inCertReqMsg == NULL || destKey == NULL ||
628 CRMF_CertReqMsgGetPOPType(inCertReqMsg) != crmfKeyEncipherment) {
631 *destKey = PORT_ZNew(CRMFPOPOPrivKey);
632 if (destKey == NULL) {
635 return crmf_copy_popoprivkey(NULL,
636 &inCertReqMsg->pop->popChoice.keyEncipherment,
641 CRMF_CertReqMsgGetPOPOSigningKey(CRMFCertReqMsg *inCertReqMsg,
642 CRMFPOPOSigningKey **destKey)
644 CRMFProofOfPossession *pop;
645 PORT_Assert(inCertReqMsg != NULL);
646 if (inCertReqMsg == NULL) {
649 pop = inCertReqMsg->pop;;
650 if (pop->popUsed != crmfSignature) {
653 *destKey = PORT_ZNew(CRMFPOPOSigningKey);
654 if (*destKey == NULL) {
657 return crmf_copy_poposigningkey(NULL,&pop->popChoice.signature, *destKey);
661 crmf_copy_name(CERTName *destName, CERTName *srcName)
663 PRArenaPool *poolp = NULL;
666 if (destName->arena != NULL) {
667 poolp = destName->arena;
669 poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
674 /* Need to do this so that CERT_CopyName doesn't free out
675 * the arena from underneath us.
677 destName->arena = NULL;
678 rv = CERT_CopyName(poolp, destName, srcName);
679 destName->arena = poolp;
684 CRMF_CertRequestGetCertTemplateIssuer(CRMFCertRequest *inCertReq,
685 CERTName *destIssuer)
687 PORT_Assert(inCertReq != NULL);
688 if (inCertReq == NULL) {
691 if (CRMF_DoesRequestHaveField(inCertReq, crmfIssuer)) {
692 return crmf_copy_name(destIssuer,
693 inCertReq->certTemplate.issuer);
699 CRMF_CertRequestGetCertTemplateIssuerUID(CRMFCertRequest *inCertReq,
700 SECItem *destIssuerUID)
702 PORT_Assert(inCertReq != NULL);
703 if (inCertReq == NULL) {
706 if (CRMF_DoesRequestHaveField(inCertReq, crmfIssuerUID)) {
707 return crmf_make_bitstring_copy(NULL, destIssuerUID,
708 &inCertReq->certTemplate.issuerUID);
714 CRMF_CertRequestGetCertTemplatePublicKey(CRMFCertRequest *inCertReq,
715 CERTSubjectPublicKeyInfo *destPublicKey)
717 PORT_Assert (inCertReq != NULL);
718 if (inCertReq == NULL) {
721 if (CRMF_DoesRequestHaveField(inCertReq, crmfPublicKey)) {
722 return SECKEY_CopySubjectPublicKeyInfo(NULL, destPublicKey,
723 inCertReq->certTemplate.publicKey);
729 CRMF_CertRequestGetCertTemplateSerialNumber(CRMFCertRequest *inCertReq,
732 PORT_Assert(inCertReq != NULL);
733 if (inCertReq == NULL) {
736 if (CRMF_DoesRequestHaveField(inCertReq, crmfSerialNumber)) {
738 crmf_extract_long_from_item(&inCertReq->certTemplate.serialNumber,
745 CRMF_CertRequestGetCertTemplateSigningAlg(CRMFCertRequest *inCertReq,
746 SECAlgorithmID *destAlg)
748 PORT_Assert(inCertReq != NULL);
749 if (inCertReq == NULL) {
752 if (CRMF_DoesRequestHaveField(inCertReq, crmfSigningAlg)) {
753 return SECOID_CopyAlgorithmID(NULL, destAlg,
754 inCertReq->certTemplate.signingAlg);
760 CRMF_CertRequestGetCertTemplateSubject(CRMFCertRequest *inCertReq,
761 CERTName *destSubject)
763 PORT_Assert(inCertReq != NULL);
764 if (inCertReq == NULL) {
767 if (CRMF_DoesRequestHaveField(inCertReq, crmfSubject)) {
768 return crmf_copy_name(destSubject, inCertReq->certTemplate.subject);
774 CRMF_CertRequestGetCertTemplateSubjectUID(CRMFCertRequest *inCertReq,
775 SECItem *destSubjectUID)
777 PORT_Assert(inCertReq != NULL);
778 if (inCertReq == NULL) {
781 if (CRMF_DoesRequestHaveField(inCertReq, crmfSubjectUID)) {
782 return crmf_make_bitstring_copy(NULL, destSubjectUID,
783 &inCertReq->certTemplate.subjectUID);
789 CRMF_CertRequestGetCertTemplateVersion(CRMFCertRequest *inCertReq,
792 PORT_Assert (inCertReq != NULL);
793 if (inCertReq == NULL) {
796 if (CRMF_DoesRequestHaveField(inCertReq, crmfVersion)) {
797 return crmf_extract_long_from_item(&inCertReq->certTemplate.version,
804 crmf_copy_validity(CRMFGetValidity *destValidity,
805 CRMFOptionalValidity *src)
809 destValidity->notBefore = destValidity->notAfter = NULL;
810 if (src->notBefore.data != NULL) {
811 rv = crmf_create_prtime(&src->notBefore,
812 &destValidity->notBefore);
813 if (rv != SECSuccess) {
817 if (src->notAfter.data != NULL) {
818 rv = crmf_create_prtime(&src->notAfter,
819 &destValidity->notAfter);
820 if (rv != SECSuccess) {
828 CRMF_CertRequestGetCertTemplateValidity(CRMFCertRequest *inCertReq,
829 CRMFGetValidity *destValidity)
831 PORT_Assert(inCertReq != NULL);
832 if (inCertReq == NULL) {
835 if (CRMF_DoesRequestHaveField(inCertReq, crmfValidity)) {
836 return crmf_copy_validity(destValidity,
837 inCertReq->certTemplate.validity);
843 CRMF_CertRequestGetControlAtIndex(CRMFCertRequest *inCertReq, int index)
845 CRMFControl *newControl, *srcControl;
849 PORT_Assert(inCertReq != NULL);
850 if (inCertReq == NULL) {
853 numControls = CRMF_CertRequestGetNumControls(inCertReq);
854 if (index >= numControls || index < 0) {
857 newControl = PORT_ZNew(CRMFControl);
858 if (newControl == NULL) {
861 srcControl = inCertReq->controls[index];
862 newControl->tag = srcControl->tag;
863 rv = SECITEM_CopyItem (NULL, &newControl->derTag, &srcControl->derTag);
864 if (rv != SECSuccess) {
868 rv = SECITEM_CopyItem(NULL, &newControl->derValue,
869 &srcControl->derValue);
870 if (rv != SECSuccess) {
873 /* Copy over the PKIArchiveOptions stuff */
874 switch (srcControl->tag) {
875 case SEC_OID_PKIX_REGCTRL_REGTOKEN:
876 case SEC_OID_PKIX_REGCTRL_AUTHENTICATOR:
877 /* No further processing necessary for these types. */
880 case SEC_OID_PKIX_REGCTRL_OLD_CERT_ID:
881 case SEC_OID_PKIX_REGCTRL_PKIPUBINFO:
882 case SEC_OID_PKIX_REGCTRL_PROTOCOL_ENC_KEY:
883 /* These aren't supported yet, so no post-processing will
884 * be done at this time. But we don't want to fail in case
885 * we read in DER that has one of these options.
889 case SEC_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS:
890 rv = crmf_copy_pkiarchiveoptions(NULL,
891 &newControl->value.archiveOptions,
892 &srcControl->value.archiveOptions);
897 if (rv != SECSuccess) {
902 if (newControl != NULL) {
903 CRMF_DestroyControl(newControl);
909 crmf_copy_control_value(CRMFControl *inControl)
911 return SECITEM_DupItem(&inControl->derValue);
915 CRMF_ControlGetAuthenticatorControlValue(CRMFControl *inControl)
917 PORT_Assert (inControl!= NULL);
918 if (inControl == NULL ||
919 CRMF_ControlGetControlType(inControl) != crmfAuthenticatorControl) {
922 return crmf_copy_control_value(inControl);
926 CRMF_ControlGetControlType(CRMFControl *inControl)
928 CRMFControlType retType;
930 PORT_Assert(inControl != NULL);
931 switch (inControl->tag) {
932 case SEC_OID_PKIX_REGCTRL_REGTOKEN:
933 retType = crmfRegTokenControl;
935 case SEC_OID_PKIX_REGCTRL_AUTHENTICATOR:
936 retType = crmfAuthenticatorControl;
938 case SEC_OID_PKIX_REGCTRL_PKIPUBINFO:
939 retType = crmfPKIPublicationInfoControl;
941 case SEC_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS:
942 retType = crmfPKIArchiveOptionsControl;
944 case SEC_OID_PKIX_REGCTRL_OLD_CERT_ID:
945 retType = crmfOldCertIDControl;
947 case SEC_OID_PKIX_REGCTRL_PROTOCOL_ENC_KEY:
948 retType = crmfProtocolEncrKeyControl;
951 retType = crmfNoControl;
956 CRMFPKIArchiveOptions*
957 CRMF_ControlGetPKIArchiveOptions(CRMFControl *inControl)
959 CRMFPKIArchiveOptions *newOpt = NULL;
962 PORT_Assert(inControl != NULL);
963 if (inControl == NULL ||
964 CRMF_ControlGetControlType(inControl) != crmfPKIArchiveOptionsControl){
967 newOpt = PORT_ZNew(CRMFPKIArchiveOptions);
968 if (newOpt == NULL) {
971 rv = crmf_copy_pkiarchiveoptions(NULL, newOpt,
972 &inControl->value.archiveOptions);
973 if (rv != SECSuccess) {
978 if (newOpt != NULL) {
979 CRMF_DestroyPKIArchiveOptions(newOpt);
985 CRMF_ControlGetRegTokenControlValue(CRMFControl *inControl)
987 PORT_Assert(inControl != NULL);
988 if (inControl == NULL ||
989 CRMF_ControlGetControlType(inControl) != crmfRegTokenControl) {
992 return crmf_copy_control_value(inControl);;
996 CRMF_CertRequestGetExtensionAtIndex(CRMFCertRequest *inCertReq,
1001 PORT_Assert(inCertReq != NULL);
1002 numExtensions = CRMF_CertRequestGetNumberOfExtensions(inCertReq);
1003 if (index >= numExtensions || index < 0) {
1007 crmf_copy_cert_extension(NULL,
1008 inCertReq->certTemplate.extensions[index]);