static CRMFProofOfPossession *
crmf_copy_pop(PLArenaPool *poolp, CRMFProofOfPossession *srcPOP)
{
CRMFProofOfPossession *newPOP;
SECStatus rv;
/*
* Proof Of Possession structures are always part of the Request
* message, so there will always be an arena for allocating memory.
*/
if (poolp == NULL) {
return NULL;
}
newPOP = PORT_ArenaZNew(poolp, CRMFProofOfPossession);
if (newPOP == NULL) {
return NULL;
}
switch (srcPOP->popUsed) {
case crmfRAVerified:
newPOP->popChoice.raVerified.data = NULL;
newPOP->popChoice.raVerified.len = 0;
break;
case crmfSignature:
rv = crmf_copy_poposigningkey(poolp, &srcPOP->popChoice.signature,
&newPOP->popChoice.signature);
if (rv != SECSuccess) {
goto loser;
}
break;
case crmfKeyEncipherment:
case crmfKeyAgreement:
/* We've got a union, so a pointer to one, is a pointer to the
* other one.
*/
rv = crmf_copy_popoprivkey(poolp, &srcPOP->popChoice.keyEncipherment,
&newPOP->popChoice.keyEncipherment);
if (rv != SECSuccess) {
goto loser;
}
break;
default:
goto loser;
}
newPOP->popUsed = srcPOP->popUsed;
return newPOP;
loser:
return NULL;
}
SECStatus
CRMF_CertReqMsgGetPOPOSigningKey(CRMFCertReqMsg *inCertReqMsg,
CRMFPOPOSigningKey **destKey)
{
CRMFProofOfPossession *pop;
PORT_Assert(inCertReqMsg != NULL);
if (inCertReqMsg == NULL) {
return SECFailure;
}
pop = inCertReqMsg->pop;;
if (pop->popUsed != crmfSignature) {
return SECFailure;
}
*destKey = PORT_ZNew(CRMFPOPOSigningKey);
if (*destKey == NULL) {
return SECFailure;
}
return crmf_copy_poposigningkey(NULL,&pop->popChoice.signature, *destKey);
}
