CRMFPKIArchiveOptions * CRMF_ControlGetPKIArchiveOptions(CRMFControl *inControl) { CRMFPKIArchiveOptions *newOpt = NULL; SECStatus rv; PORT_Assert(inControl != NULL); if (inControl == NULL || CRMF_ControlGetControlType(inControl) != crmfPKIArchiveOptionsControl) { goto loser; } newOpt = PORT_ZNew(CRMFPKIArchiveOptions); if (newOpt == NULL) { goto loser; } rv = crmf_copy_pkiarchiveoptions(NULL, newOpt, &inControl->value.archiveOptions); if (rv != SECSuccess) { goto loser; } loser: if (newOpt != NULL) { CRMF_DestroyPKIArchiveOptions(newOpt); } return NULL; }
SECStatus CRMF_CertRequestSetPKIArchiveOptions(CRMFCertRequest *inCertReq, CRMFPKIArchiveOptions *inOptions) { CRMFControl *newControl; PLArenaPool *poolp; SECStatus rv; void *mark; PORT_Assert(inCertReq != NULL && inOptions != NULL); if (inCertReq == NULL || inOptions == NULL) { return SECFailure; } poolp = inCertReq->poolp; mark = PORT_ArenaMark(poolp); rv = crmf_add_new_control(inCertReq, SEC_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS, &newControl); if (rv != SECSuccess) { goto loser; } rv = crmf_copy_pkiarchiveoptions(poolp, &newControl->value.archiveOptions, inOptions); if (rv != SECSuccess) { goto loser; } rv = crmf_encode_pkiarchiveoptions(poolp, newControl); if (rv != SECSuccess) { goto loser; } PORT_ArenaUnmark(poolp, mark); return SECSuccess; loser: PORT_ArenaRelease(poolp, mark); return SECFailure; }
CRMFControl * CRMF_CertRequestGetControlAtIndex(CRMFCertRequest *inCertReq, int index) { CRMFControl *newControl, *srcControl; int numControls; SECStatus rv; PORT_Assert(inCertReq != NULL); if (inCertReq == NULL) { return NULL; } numControls = CRMF_CertRequestGetNumControls(inCertReq); if (index >= numControls || index < 0) { return NULL; } newControl = PORT_ZNew(CRMFControl); if (newControl == NULL) { return NULL; } srcControl = inCertReq->controls[index]; newControl->tag = srcControl->tag; rv = SECITEM_CopyItem(NULL, &newControl->derTag, &srcControl->derTag); if (rv != SECSuccess) { goto loser; } rv = SECITEM_CopyItem(NULL, &newControl->derValue, &srcControl->derValue); if (rv != SECSuccess) { goto loser; } /* Copy over the PKIArchiveOptions stuff */ switch (srcControl->tag) { case SEC_OID_PKIX_REGCTRL_REGTOKEN: case SEC_OID_PKIX_REGCTRL_AUTHENTICATOR: /* No further processing necessary for these types. */ rv = SECSuccess; break; case SEC_OID_PKIX_REGCTRL_OLD_CERT_ID: case SEC_OID_PKIX_REGCTRL_PKIPUBINFO: case SEC_OID_PKIX_REGCTRL_PROTOCOL_ENC_KEY: /* These aren't supported yet, so no post-processing will * be done at this time. But we don't want to fail in case * we read in DER that has one of these options. */ rv = SECSuccess; break; case SEC_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS: rv = crmf_copy_pkiarchiveoptions(NULL, &newControl->value.archiveOptions, &srcControl->value.archiveOptions); break; default: rv = SECFailure; } if (rv != SECSuccess) { goto loser; } return newControl; loser: if (newControl != NULL) { CRMF_DestroyControl(newControl); } return NULL; }