static void setField_Issuer (
DecodedItem &item,
const CssmData &fieldValue)
{
DecodedCrl &crl = dynamic_cast<DecodedCrl &>(item);
const CSSM_X509_NAME *cssmName = (const CSSM_X509_NAME *)fieldValue.Data;
NSS_Name &nssName = crl.mCrl.tbs.issuer;
tbsSetCheck(nssName.rdns, fieldValue, sizeof(CSSM_X509_NAME),
"IssuerName");
CL_cssmNameToNss(*cssmName, nssName, crl.coder());
}
static void setField_Subject (
DecodedItem &item,
const CssmData &fieldValue)
{
DecodedCert &cert = dynamic_cast<DecodedCert &>(item);
const CSSM_X509_NAME *cssmName = (const CSSM_X509_NAME *)fieldValue.Data;
NSS_Name &nssName = cert.mCert.tbs.subject;
tbsSetCheck(nssName.rdns, fieldValue, sizeof(CSSM_X509_NAME),
"SubjectName");
CL_cssmNameToNss(*cssmName, nssName, cert.coder());
}
void CL_cssmGeneralNameToNss(
CE_GeneralName &cdsaObj,
NSS_GeneralName &nssObj, // actually an NSSTaggedItem
SecNssCoder &coder) // for temp decoding
{
memset(&nssObj, 0, sizeof(nssObj));
/*
* The default here is just to use the app-supplied data as is...
*/
nssObj.item = cdsaObj.name;
unsigned char itemTag; // for nssObj.tag
bool doCopy = false; // unless we have to modify tag byte
unsigned char overrideTag; // to force context-specific tag for
// an ASN_ANY
PRErrorCode prtn;
switch(cdsaObj.nameType) {
case GNT_OtherName:
/*
* Caller supplies an CE_OtherName. Encode it.
*/
if((cdsaObj.name.Length != sizeof(CE_OtherName)) ||
(cdsaObj.name.Data == NULL)) {
clErrorLog("CL_cssmGeneralNameToNss: OtherName.Length"
" error\n");
CssmError::throwMe(CSSMERR_CL_UNKNOWN_FORMAT);
}
prtn = coder.encodeItem(cdsaObj.name.Data,
kSecAsn1OtherNameTemplate, nssObj.item);
if(prtn) {
clErrorLog("CL_cssmGeneralNameToNss: OtherName encode"
" error\n");
CssmError::throwMe(CSSMERR_CL_MEMORY_ERROR);
}
itemTag = NGT_OtherName;
break;
case GNT_RFC822Name: // IA5String
itemTag = NGT_RFC822Name;
break;
case GNT_DNSName: // IA5String
itemTag = NGT_DNSName;
break;
case GNT_X400Address: // caller's resposibility
/*
* Encoded as ASN_ANY, the only thing we do is to
* force the correct context-specific tag
*/
itemTag = GNT_X400Address;
if(!cdsaObj.berEncoded) {
clErrorLog("CL_cssmGeneralNameToNss: X400Address must"
" be BER-encoded\n");
CssmError::throwMe(CSSMERR_CL_UNKNOWN_FORMAT);
}
overrideTag = SEC_ASN1_CONTEXT_SPECIFIC |
SEC_ASN1_CONSTRUCTED | NGT_X400Address;
doCopy = true;
break;
case GNT_DirectoryName:
{
/*
* Caller supplies an CSSM_X509_NAME. Convert to NSS
* format and encode it.
*/
if((cdsaObj.name.Length != sizeof(CSSM_X509_NAME)) ||
(cdsaObj.name.Data == NULL)) {
clErrorLog("CL_cssmGeneralNameToNss: DirectoryName.Length"
" error\n");
CssmError::throwMe(CSSMERR_CL_UNKNOWN_FORMAT);
}
NSS_Name nssName;
CSSM_X509_NAME_PTR cdsaName =
(CSSM_X509_NAME_PTR)cdsaObj.name.Data;
CL_cssmNameToNss(*cdsaName, nssName, coder);
prtn = coder.encodeItem(&nssName,
kSecAsn1NameTemplate, nssObj.item);
if(prtn) {
clErrorLog("CL_cssmGeneralNameToNss: X509Name encode"
" error\n");
CssmError::throwMe(CSSMERR_CL_MEMORY_ERROR);
}
itemTag = GNT_DirectoryName;
/*
* AND, munge the tag to make it a context-specific
* sequence
* no, not needed, this is wrapped in an explicit...
*/
//nssObj.item.Data[0] = SEC_ASN1_CONTEXT_SPECIFIC |
// SEC_ASN1_CONSTRUCTED | GNT_DirectoryName;
break;
}
case GNT_EdiPartyName: // caller's resposibility
/*
* Encoded as ASN_ANY, the only thing we do is to
* force the correct context-specific tag
*/
itemTag = GNT_EdiPartyName;
if(!cdsaObj.berEncoded) {
clErrorLog("CL_cssmGeneralNameToNss: EdiPartyName must"
" be BER-encoded\n");
CssmError::throwMe(CSSMERR_CL_UNKNOWN_FORMAT);
}
overrideTag = SEC_ASN1_CONTEXT_SPECIFIC | NGT_X400Address;
doCopy = true;
break;
case GNT_URI: // IA5String
itemTag = GNT_URI;
break;
case GNT_IPAddress: // OCTET_STRING
itemTag = NGT_IPAddress;
break;
case GNT_RegisteredID: // OID
itemTag = NGT_RegisteredID;
break;
default:
clErrorLog("CL_cssmGeneralNameToNss: bad name tag\n");
CssmError::throwMe(CSSMERR_CL_UNKNOWN_TAG);
}
if(doCopy) {
coder.allocCopyItem(cdsaObj.name, nssObj.item);
nssObj.item.Data[0] = overrideTag;
}
nssObj.tag = itemTag;
}
