Esempio n. 1
0
CRMFEncryptedKey *
CRMF_PKIArchiveOptionsGetEncryptedPrivKey(CRMFPKIArchiveOptions *inOpts)
{
    CRMFEncryptedKey *newEncrKey = NULL;
    SECStatus rv;

    PORT_Assert(inOpts != NULL);
    if (inOpts == NULL ||
        CRMF_PKIArchiveOptionsGetOptionType(inOpts) != crmfEncryptedPrivateKey) {
        return NULL;
    }
    newEncrKey = PORT_ZNew(CRMFEncryptedKey);
    if (newEncrKey == NULL) {
        goto loser;
    }
    rv = crmf_copy_encryptedkey(NULL, &inOpts->option.encryptedKey,
                                newEncrKey);
    if (rv != SECSuccess) {
        goto loser;
    }
    return newEncrKey;
loser:
    if (newEncrKey != NULL) {
        CRMF_DestroyEncryptedKey(newEncrKey);
    }
    return NULL;
}
Esempio n. 2
0
CRMFEncryptedKey *
CRMF_CreateEncryptedKeyWithEncryptedValue(SECKEYPrivateKey *inPrivKey,
        CERTCertificate *inCACert)
{
    SECKEYPublicKey *caPubKey = NULL;
    CRMFEncryptedKey *encKey = NULL;

    PORT_Assert(inPrivKey != NULL && inCACert != NULL);
    if (inPrivKey == NULL || inCACert == NULL) {
        return NULL;
    }

    caPubKey = CERT_ExtractPublicKey(inCACert);
    if (caPubKey == NULL) {
        goto loser;
    }

    encKey = PORT_ZNew(CRMFEncryptedKey);
    if (encKey == NULL) {
        goto loser;
    }
#ifdef DEBUG
    {
        CRMFEncryptedValue *dummy =
            crmf_create_encrypted_value_wrapped_privkey(
                inPrivKey, caPubKey, &encKey->value.encryptedValue);
        PORT_Assert(dummy == &encKey->value.encryptedValue);
    }
#else
    crmf_create_encrypted_value_wrapped_privkey(
        inPrivKey, caPubKey, &encKey->value.encryptedValue);
#endif
    /* We won't add the der value here, but rather when it
     * becomes part of a certificate request.
     */
    SECKEY_DestroyPublicKey(caPubKey);
    encKey->encKeyChoice = crmfEncryptedValueChoice;
    return encKey;
loser:
    if (encKey != NULL) {
        CRMF_DestroyEncryptedKey(encKey);
    }
    if (caPubKey != NULL) {
        SECKEY_DestroyPublicKey(caPubKey);
    }
    return NULL;
}