diff options
| author | nelsonb%netscape.com <devnull@localhost> | 2001-01-07 08:13:13 +0000 |
|---|---|---|
| committer | nelsonb%netscape.com <devnull@localhost> | 2001-01-07 08:13:13 +0000 |
| commit | 09bcb513a27be8edb6e06c9e92564c66eb948aab (patch) | |
| tree | d29b00b8add7f177020b5d071fb45be6d669312f /security/nss/lib | |
| parent | 33fa5f1efdab14c312b73593860b9b497310bd3f (diff) | |
| download | nss-hg-09bcb513a27be8edb6e06c9e92564c66eb948aab.tar.gz | |
MSVC won't let you initialize a pointer in a data structure with the
address of an external variable that comes from another DLL.
This is a fundamental difference between WIN32 DLLs and Unix DSOs.
So, for every SEC_ASN1Template inside of libnss3 that is referenced by
other templates outside of libnss3, a new "chooser" function was created
that returns the address of that template. For WIN32, the templates
outside of libnss3 access libnss3's templates by the chooser function
rather than by direct reference. Some simple macros allow Unix to
continue to use direct references, avoiding the extra function calls.
With these changes, all.sh (qa script) passes all tests on NT with DLLs.
Modified Files:
cmd/checkcert/checkcert.c cmd/lib/secutil.c lib/asn1/asn1t.h
lib/certdb/certdb.c lib/certdb/certt.h lib/certdb/crl.c
lib/certhigh/certreq.c lib/crmf/asn1cmn.c lib/crmf/crmfcont.c
lib/crmf/crmftmpl.c lib/cryptohi/secsign.c lib/nss/nss.def
lib/pkcs12/p12local.c lib/pkcs12/p12tmpl.c
lib/pkcs7/certread.c lib/pkcs7/p7decode.c lib/pkcs7/p7local.c
lib/smime/cmsasn1.c lib/smime/cmsattr.c lib/smime/cmspubkey.c
lib/smime/cmssigdata.c lib/smime/smimeutil.c
lib/softoken/keydb.c lib/softoken/keydbt.h lib/util/secalgid.c
lib/util/secasn1.h lib/util/secasn1d.c lib/util/secasn1t.h
lib/util/secasn1u.c lib/util/secdig.c lib/util/secdig.h
lib/util/secoid.h
Diffstat (limited to 'security/nss/lib')
30 files changed, 465 insertions, 256 deletions
diff --git a/security/nss/lib/asn1/asn1t.h b/security/nss/lib/asn1/asn1t.h index 6183b7fd7..2f6c52cea 100644 --- a/security/nss/lib/asn1/asn1t.h +++ b/security/nss/lib/asn1/asn1t.h @@ -144,7 +144,7 @@ typedef SEC_ASN1Template nssASN1Template; #define nssASN1_SET_OF SEC_ASN1_SET_OF #define nssASN1_ANY_CONTENTS SEC_ASN1_ANY_CONTENTS -typedef SEC_ChooseASN1TemplateFunc nssASN1ChooseTemplateFunction; +typedef SEC_ASN1TemplateChooserPtr nssASN1ChooseTemplateFunction; typedef SEC_ASN1DecoderContext nssASN1Decoder; typedef SEC_ASN1EncoderContext nssASN1Encoder; diff --git a/security/nss/lib/certdb/certdb.c b/security/nss/lib/certdb/certdb.c index 50d34165d..0b6aa42fb 100644 --- a/security/nss/lib/certdb/certdb.c +++ b/security/nss/lib/certdb/certdb.c @@ -207,7 +207,7 @@ const SEC_ASN1Template CERT_CertKeyTemplate[] = { { 0 } }; - +SEC_ASN1_CHOOSER_IMPLEMENT(CERT_CertificateTemplate) SECStatus CERT_KeyFromIssuerAndSN(PRArenaPool *arena, SECItem *issuer, SECItem *sn, diff --git a/security/nss/lib/certdb/certt.h b/security/nss/lib/certdb/certt.h index e3d05bc97..f4d200be3 100644 --- a/security/nss/lib/certdb/certt.h +++ b/security/nss/lib/certdb/certt.h @@ -801,4 +801,14 @@ extern const SEC_ASN1Template CERT_CrlTemplate[]; extern const SEC_ASN1Template CERT_AttributeTemplate[]; extern const SEC_ASN1Template CERT_SetOfAttributeTemplate[]; +/* These functions simply return the address of the above-declared templates. +** This is necessary for Windows DLLs. Sigh. +*/ +SEC_ASN1_CHOOSER_DECLARE(CERT_CertificateRequestTemplate); +SEC_ASN1_CHOOSER_DECLARE(CERT_CertificateTemplate); +SEC_ASN1_CHOOSER_DECLARE(CERT_CrlTemplate); +SEC_ASN1_CHOOSER_DECLARE(CERT_IssuerAndSNTemplate); +SEC_ASN1_CHOOSER_DECLARE(CERT_SetOfSignedCrlTemplate); +SEC_ASN1_CHOOSER_DECLARE(CERT_SignedDataTemplate); + #endif /* _CERTT_H_ */ diff --git a/security/nss/lib/certdb/crl.c b/security/nss/lib/certdb/crl.c index 1e0e909e1..8bfded225 100644 --- a/security/nss/lib/certdb/crl.c +++ b/security/nss/lib/certdb/crl.c @@ -385,3 +385,11 @@ loser: return(0); } + +/* These functions simply return the address of the above-declared templates. +** This is necessary for Windows DLLs. Sigh. +*/ +SEC_ASN1_CHOOSER_IMPLEMENT(CERT_IssuerAndSNTemplate) +SEC_ASN1_CHOOSER_IMPLEMENT(CERT_CrlTemplate) +SEC_ASN1_CHOOSER_IMPLEMENT(CERT_SetOfSignedCrlTemplate) + diff --git a/security/nss/lib/certhigh/certreq.c b/security/nss/lib/certhigh/certreq.c index 0c3038139..1588c1896 100644 --- a/security/nss/lib/certhigh/certreq.c +++ b/security/nss/lib/certhigh/certreq.c @@ -67,6 +67,8 @@ const SEC_ASN1Template CERT_CertificateRequestTemplate[] = { { 0 } }; +SEC_ASN1_CHOOSER_IMPLEMENT(CERT_CertificateRequestTemplate) + CERTCertificate * CERT_CreateCertificate(unsigned long serialNumber, CERTName *issuer, diff --git a/security/nss/lib/crmf/asn1cmn.c b/security/nss/lib/crmf/asn1cmn.c index 8dae9749c..7299bbdc6 100644 --- a/security/nss/lib/crmf/asn1cmn.c +++ b/security/nss/lib/crmf/asn1cmn.c @@ -34,6 +34,10 @@ #include "cmmf.h" #include "cmmfi.h" +SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate) +SEC_ASN1_MKSUB(SEC_AnyTemplate) +SEC_ASN1_MKSUB(SEC_IntegerTemplate) + static const SEC_ASN1Template CMMFCertResponseTemplate[] = { { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CMMFCertResponse)}, { SEC_ASN1_INTEGER, offsetof(CMMFCertResponse, certReqId)}, @@ -58,9 +62,9 @@ const SEC_ASN1Template CMMFCertifiedKeyPairTemplate[] = { { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER | 0, offsetof(CMMFCertifiedKeyPair, privateKey), CRMFEncryptedValueTemplate}, - { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | 1, + { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 1, offsetof (CMMFCertifiedKeyPair, derPublicationInfo), - SEC_AnyTemplate}, + SEC_ASN1_SUB(SEC_AnyTemplate) }, { 0 } }; @@ -86,8 +90,10 @@ const SEC_ASN1Template CMMFRandTemplate[] = { }; const SEC_ASN1Template CMMFPOPODecKeyRespContentTemplate[] = { - { SEC_ASN1_SEQUENCE_OF, offsetof(CMMFPOPODecKeyRespContent, responses), - SEC_IntegerTemplate, sizeof(CMMFPOPODecKeyRespContent)}, + { SEC_ASN1_SEQUENCE_OF | SEC_ASN1_XTRN, + offsetof(CMMFPOPODecKeyRespContent, responses), + SEC_ASN1_SUB(SEC_IntegerTemplate), + sizeof(CMMFPOPODecKeyRespContent)}, { 0 } }; @@ -118,8 +124,9 @@ const SEC_ASN1Template CMMFCertRepContentTemplate[] = { static const SEC_ASN1Template CMMFChallengeTemplate[] = { { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CMMFChallenge)}, - { SEC_ASN1_POINTER | SEC_ASN1_OPTIONAL, offsetof(CMMFChallenge, owf), - SECOID_AlgorithmIDTemplate }, + { SEC_ASN1_POINTER | SEC_ASN1_OPTIONAL | SEC_ASN1_XTRN, + offsetof(CMMFChallenge, owf), + SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) }, { SEC_ASN1_OCTET_STRING, offsetof(CMMFChallenge, witness) }, { SEC_ASN1_ANY, offsetof(CMMFChallenge, senderDER) }, { SEC_ASN1_OCTET_STRING, offsetof(CMMFChallenge, key) }, diff --git a/security/nss/lib/crmf/crmfcont.c b/security/nss/lib/crmf/crmfcont.c index b6e197522..3948023c2 100644 --- a/security/nss/lib/crmf/crmfcont.c +++ b/security/nss/lib/crmf/crmfcont.c @@ -616,7 +616,8 @@ crmf_decode_params(SECItem *inParams) SECStatus rv; params = PORT_ZNew(SECItem); - rv = SEC_ASN1DecodeItem(NULL, params, SEC_OctetStringTemplate, + rv = SEC_ASN1DecodeItem(NULL, params, + SEC_ASN1_GET(SEC_OctetStringTemplate), inParams); if (rv != SECSuccess) { SECITEM_FreeItem(params, PR_TRUE); @@ -814,7 +815,7 @@ crmf_create_encrypted_value_wrapped_privkey(SECKEYPrivateKey *inPrivKey, } dummy = SEC_ASN1EncodeItem(NULL, &encodedParam, iv, - SEC_OctetStringTemplate); + SEC_ASN1_GET(SEC_OctetStringTemplate)); if (dummy != &encodedParam) { SECITEM_FreeItem(dummy, PR_TRUE); goto loser; diff --git a/security/nss/lib/crmf/crmftmpl.c b/security/nss/lib/crmf/crmftmpl.c index da660cd6e..8cbc9895e 100644 --- a/security/nss/lib/crmf/crmftmpl.c +++ b/security/nss/lib/crmf/crmftmpl.c @@ -37,6 +37,12 @@ #include "secoid.h" #include "secasn1.h" +SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate) +SEC_ASN1_MKSUB(SEC_AnyTemplate) +SEC_ASN1_MKSUB(SEC_BitStringTemplate) +SEC_ASN1_MKSUB(SEC_IntegerTemplate) +SEC_ASN1_MKSUB(SEC_OctetStringTemplate) +SEC_ASN1_MKSUB(SEC_UTCTimeTemplate) /* * It's all implicit tagging. @@ -68,13 +74,13 @@ static const SEC_ASN1Template CRMFSequenceOfCertExtensionTemplate[] = { static const SEC_ASN1Template CRMFOptionalValidityTemplate[] = { { SEC_ASN1_SEQUENCE, 0, NULL, sizeof (CRMFOptionalValidity) }, { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | - SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL | 0, + SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL | SEC_ASN1_XTRN | 0, offsetof (CRMFOptionalValidity, notBefore), - SEC_UTCTimeTemplate}, + SEC_ASN1_SUB(SEC_UTCTimeTemplate) }, { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | - SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL | 1, + SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL | SEC_ASN1_XTRN | 1, offsetof (CRMFOptionalValidity, notAfter), - SEC_UTCTimeTemplate}, + SEC_ASN1_SUB(SEC_UTCTimeTemplate) }, { 0 } }; @@ -85,12 +91,16 @@ static const SEC_ASN1Template crmfPointerToNameTemplate[] = { static const SEC_ASN1Template CRMFCertTemplateTemplate[] = { { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFCertTemplate) }, - { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | 0, - offsetof(CRMFCertTemplate, version), SEC_IntegerTemplate }, - { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL | 1 , - offsetof (CRMFCertTemplate, serialNumber), SEC_IntegerTemplate }, - { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER | 2, - offsetof (CRMFCertTemplate, signingAlg), SECOID_AlgorithmIDTemplate }, + { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0, + offsetof(CRMFCertTemplate, version), + SEC_ASN1_SUB(SEC_IntegerTemplate) }, + { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL | SEC_ASN1_XTRN | 1 , + offsetof (CRMFCertTemplate, serialNumber), + SEC_ASN1_SUB(SEC_IntegerTemplate) }, + { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER | + SEC_ASN1_XTRN | 2, + offsetof (CRMFCertTemplate, signingAlg), + SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) }, { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | 3, offsetof (CRMFCertTemplate, issuer), crmfPointerToNameTemplate }, @@ -103,10 +113,12 @@ static const SEC_ASN1Template CRMFCertTemplateTemplate[] = { { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER | 6, offsetof (CRMFCertTemplate, publicKey), CERT_SubjectPublicKeyInfoTemplate }, - { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL | 7, - offsetof (CRMFCertTemplate, issuerUID), SEC_BitStringTemplate }, - { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL | 8, - offsetof (CRMFCertTemplate, subjectUID), SEC_BitStringTemplate }, + { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL | SEC_ASN1_XTRN | 7, + offsetof (CRMFCertTemplate, issuerUID), + SEC_ASN1_SUB(SEC_BitStringTemplate) }, + { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL | SEC_ASN1_XTRN | 8, + offsetof (CRMFCertTemplate, subjectUID), + SEC_ASN1_SUB(SEC_BitStringTemplate) }, { SEC_ASN1_CONSTRUCTED | SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | 9, offsetof (CRMFCertTemplate, extensions), @@ -172,12 +184,15 @@ const SEC_ASN1Template CRMFRAVerifiedTemplate[] = { /* This template will need to add POPOSigningKeyInput eventually, maybe*/ static const SEC_ASN1Template crmfPOPOSigningKeyTemplate[] = { { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFPOPOSigningKey) }, - { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | 0, - offsetof(CRMFPOPOSigningKey, derInput), SEC_AnyTemplate}, - { SEC_ASN1_POINTER, offsetof(CRMFPOPOSigningKey, algorithmIdentifier), - SECOID_AlgorithmIDTemplate }, - { SEC_ASN1_BIT_STRING, offsetof(CRMFPOPOSigningKey, signature), - SEC_BitStringTemplate}, + { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0, + offsetof(CRMFPOPOSigningKey, derInput), + SEC_ASN1_SUB(SEC_AnyTemplate) }, + { SEC_ASN1_POINTER | SEC_ASN1_XTRN, + offsetof(CRMFPOPOSigningKey, algorithmIdentifier), + SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) }, + { SEC_ASN1_BIT_STRING | SEC_ASN1_XTRN, + offsetof(CRMFPOPOSigningKey, signature), + SEC_ASN1_SUB(SEC_BitStringTemplate) }, { 0 } }; @@ -189,58 +204,62 @@ const SEC_ASN1Template CRMFPOPOSigningKeyTemplate[] = { }; const SEC_ASN1Template CRMFThisMessageTemplate[] = { - { SEC_ASN1_CONTEXT_SPECIFIC | 0, + { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0, 0, - SEC_BitStringTemplate}, + SEC_ASN1_SUB(SEC_BitStringTemplate) }, { 0 } }; const SEC_ASN1Template CRMFSubsequentMessageTemplate[] = { - { SEC_ASN1_CONTEXT_SPECIFIC | 1, + { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 1, 0, - SEC_IntegerTemplate}, + SEC_ASN1_SUB(SEC_IntegerTemplate) }, { 0 } }; const SEC_ASN1Template CRMFDHMACTemplate[] = { - { SEC_ASN1_CONTEXT_SPECIFIC | 0, + { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0, 0, - SEC_BitStringTemplate}, + SEC_ASN1_SUB(SEC_BitStringTemplate) }, { 0 } }; const SEC_ASN1Template CRMFPOPOKeyEnciphermentTemplate[] = { { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | - SEC_ASN1_CONTEXT_SPECIFIC | 2, + SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 2, 0, - SEC_AnyTemplate}, + SEC_ASN1_SUB(SEC_AnyTemplate) }, { 0 } }; const SEC_ASN1Template CRMFPOPOKeyAgreementTemplate[] = { { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | - SEC_ASN1_CONTEXT_SPECIFIC | 3, + SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 3, 0, - SEC_AnyTemplate}, + SEC_ASN1_SUB(SEC_AnyTemplate)}, { 0 } }; const SEC_ASN1Template CRMFEncryptedValueTemplate[] = { { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFEncryptedValue)}, - { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER | 0, + { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER | + SEC_ASN1_XTRN | 0, offsetof(CRMFEncryptedValue, intendedAlg), - SECOID_AlgorithmIDTemplate}, - { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER | 1, + SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) }, + { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER | + SEC_ASN1_XTRN | 1, offsetof (CRMFEncryptedValue, symmAlg), - SECOID_AlgorithmIDTemplate }, - { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL | 2, - offsetof(CRMFEncryptedValue, encSymmKey), SEC_BitStringTemplate}, - { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER | 3, + SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) }, + { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL | SEC_ASN1_XTRN | 2, + offsetof(CRMFEncryptedValue, encSymmKey), + SEC_ASN1_SUB(SEC_BitStringTemplate) }, + { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER | + SEC_ASN1_XTRN | 3, offsetof(CRMFEncryptedValue, keyAlg), - SECOID_AlgorithmIDTemplate }, - { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | 4, + SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) }, + { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 4, offsetof(CRMFEncryptedValue, valueHint), - SEC_OctetStringTemplate}, + SEC_ASN1_SUB(SEC_OctetStringTemplate) }, { SEC_ASN1_BIT_STRING, offsetof(CRMFEncryptedValue, encValue) }, { 0 } }; diff --git a/security/nss/lib/cryptohi/secsign.c b/security/nss/lib/cryptohi/secsign.c index 3583d709a..98131c6eb 100644 --- a/security/nss/lib/cryptohi/secsign.c +++ b/security/nss/lib/cryptohi/secsign.c @@ -381,6 +381,9 @@ const SEC_ASN1Template CERT_SignedDataTemplate[] = { 0, } }; +SEC_ASN1_CHOOSER_IMPLEMENT(CERT_SignedDataTemplate) + + SECStatus SEC_DerSignData(PRArenaPool *arena, SECItem *result, unsigned char *buf, int len, SECKEYPrivateKey *pk, SECOidTag algID) diff --git a/security/nss/lib/nss/nss.def b/security/nss/lib/nss/nss.def index 206256e36..e45883dd5 100644 --- a/security/nss/lib/nss/nss.def +++ b/security/nss/lib/nss/nss.def @@ -339,34 +339,59 @@ VFY_VerifyDigest; ;+# ;+# Data objects ;+# -;+# This isnt right, but it's better than we have now... -CERT_CrlTemplate DATA ; -CERT_SignedDataTemplate DATA ; -CERT_CertificateTemplate DATA ; -CERT_CertificateRequestTemplate DATA ; -CERT_IssuerAndSNTemplate DATA ; -CERT_SetOfSignedCrlTemplate DATA ; -SECAnyTemplate DATA ; -SECKEY_DSAPublicKeyTemplate DATA ; -SECKEY_EncryptedPrivateKeyInfoTemplate DATA ; -SECKEY_PointerToEncryptedPrivateKeyInfoTemplate DATA ; -SECKEY_PointerToPrivateKeyInfoTemplate DATA ; -SECKEY_PrivateKeyInfoTemplate DATA ; -SECKEY_RSAPublicKeyTemplate DATA ; -SECOID_AlgorithmIDTemplate DATA ; -SEC_AnyTemplate DATA ; -SEC_BMPStringTemplate DATA ; -SEC_BitStringTemplate DATA ; -SEC_GeneralizedTimeTemplate DATA ; -SEC_IA5StringTemplate DATA ; -SEC_IntegerTemplate DATA ; -SEC_ObjectIDTemplate DATA ; -SEC_OctetStringTemplate DATA ; -SEC_PointerToAnyTemplate DATA ; -SEC_PointerToOctetStringTemplate DATA ; -SEC_SetOfAnyTemplate DATA ; -SEC_UTCTimeTemplate DATA ; -sgn_DigestInfoTemplate DATA ; +;+# Don't export these DATA symbols on Windows because they don't work right. +;;CERT_CrlTemplate DATA ; +;;CERT_SignedDataTemplate DATA ; +;;CERT_CertificateTemplate DATA ; +;;CERT_CertificateRequestTemplate DATA ; +;;CERT_IssuerAndSNTemplate DATA ; +;;CERT_SetOfSignedCrlTemplate DATA ; +;;SECKEY_DSAPublicKeyTemplate DATA ; +;;SECKEY_EncryptedPrivateKeyInfoTemplate DATA ; +;;SECKEY_PointerToEncryptedPrivateKeyInfoTemplate DATA ; +;;SECKEY_PointerToPrivateKeyInfoTemplate DATA ; +;;SECKEY_PrivateKeyInfoTemplate DATA ; +;;SECKEY_RSAPublicKeyTemplate DATA ; +;;SECOID_AlgorithmIDTemplate DATA ; +;;SEC_AnyTemplate DATA ; +;;SEC_BMPStringTemplate DATA ; +;;SEC_BitStringTemplate DATA ; +;;SEC_GeneralizedTimeTemplate DATA ; +;;SEC_IA5StringTemplate DATA ; +;;SEC_IntegerTemplate DATA ; +;;SEC_ObjectIDTemplate DATA ; +;;SEC_OctetStringTemplate DATA ; +;;SEC_PointerToAnyTemplate DATA ; +;;SEC_PointerToOctetStringTemplate DATA ; +;;SEC_SetOfAnyTemplate DATA ; +;;SEC_UTCTimeTemplate DATA ; +;;sgn_DigestInfoTemplate DATA ; +NSS_Get_CERT_CrlTemplate; +NSS_Get_CERT_SignedDataTemplate; +NSS_Get_CERT_CertificateTemplate; +NSS_Get_CERT_CertificateRequestTemplate; +NSS_Get_CERT_IssuerAndSNTemplate; +NSS_Get_CERT_SetOfSignedCrlTemplate; +NSS_Get_SECKEY_DSAPublicKeyTemplate; +NSS_Get_SECKEY_EncryptedPrivateKeyInfoTemplate; +NSS_Get_SECKEY_PointerToEncryptedPrivateKeyInfoTemplate; +NSS_Get_SECKEY_PointerToPrivateKeyInfoTemplate; +NSS_Get_SECKEY_PrivateKeyInfoTemplate; +NSS_Get_SECKEY_RSAPublicKeyTemplate; +NSS_Get_SECOID_AlgorithmIDTemplate; +NSS_Get_SEC_AnyTemplate; +NSS_Get_SEC_BMPStringTemplate; +NSS_Get_SEC_BitStringTemplate; +NSS_Get_SEC_GeneralizedTimeTemplate; +NSS_Get_SEC_IA5StringTemplate; +NSS_Get_SEC_IntegerTemplate; +NSS_Get_SEC_ObjectIDTemplate; +NSS_Get_SEC_OctetStringTemplate; +NSS_Get_SEC_PointerToAnyTemplate; +NSS_Get_SEC_PointerToOctetStringTemplate; +NSS_Get_SEC_SetOfAnyTemplate; +NSS_Get_SEC_UTCTimeTemplate; +NSS_Get_sgn_DigestInfoTemplate; ;+# commands CERT_DecodeBasicConstraintValue; CERT_DecodeOidSequence; diff --git a/security/nss/lib/pkcs12/p12local.c b/security/nss/lib/pkcs12/p12local.c index d6e02ad02..b5d246f24 100644 --- a/security/nss/lib/pkcs12/p12local.c +++ b/security/nss/lib/pkcs12/p12local.c @@ -46,6 +46,9 @@ #define SALT_LENGTH 16 +SEC_ASN1_MKSUB(SECKEY_PrivateKeyInfoTemplate) +SEC_ASN1_MKSUB(sgn_DigestInfoTemplate) + /* helper functions */ /* returns proper bag type template based upon object type tag */ const SEC_ASN1Template * @@ -69,7 +72,7 @@ sec_pkcs12_choose_bag_type_old(void *src_or_dest, PRBool encoding) switch (oiddata->offset) { default: - theTemplate = SEC_PointerToAnyTemplate; + theTemplate = SEC_ASN1_GET(SEC_PointerToAnyTemplate); break; case SEC_OID_PKCS12_KEY_BAG_ID: theTemplate = SEC_PointerToPKCS12KeyBagTemplate; @@ -105,7 +108,7 @@ sec_pkcs12_choose_bag_type(void *src_or_dest, PRBool encoding) switch (oiddata->offset) { default: - theTemplate = SEC_AnyTemplate; + theTemplate = SEC_ASN1_GET(SEC_AnyTemplate); break; case SEC_OID_PKCS12_KEY_BAG_ID: theTemplate = SEC_PKCS12PrivateKeyBagTemplate; @@ -141,7 +144,7 @@ sec_pkcs12_choose_cert_crl_type_old(void *src_or_dest, PRBool encoding) switch (oiddata->offset) { default: - theTemplate = SEC_PointerToAnyTemplate; + theTemplate = SEC_ASN1_GET(SEC_PointerToAnyTemplate); break; case SEC_OID_PKCS12_X509_CERT_CRL_BAG: theTemplate = SEC_PointerToPKCS12X509CertCRLTemplate_OLD; @@ -173,7 +176,7 @@ sec_pkcs12_choose_cert_crl_type(void *src_or_dest, PRBool encoding) switch (oiddata->offset) { default: - theTemplate = SEC_PointerToAnyTemplate; + theTemplate = SEC_ASN1_GET(SEC_PointerToAnyTemplate); break; case SEC_OID_PKCS12_X509_CERT_CRL_BAG: theTemplate = SEC_PointerToPKCS12X509CertCRLTemplate; @@ -206,11 +209,11 @@ sec_pkcs12_choose_shroud_type(void *src_or_dest, PRBool encoding) switch (oiddata->offset) { default: - theTemplate = SEC_PointerToAnyTemplate; + theTemplate = SEC_ASN1_GET(SEC_PointerToAnyTemplate); break; case SEC_OID_PKCS12_PKCS8_KEY_SHROUDING: theTemplate = - SECKEY_PointerToEncryptedPrivateKeyInfoTemplate; + SEC_ASN1_GET(SECKEY_PointerToEncryptedPrivateKeyInfoTemplate); break; } return theTemplate; @@ -939,7 +942,7 @@ sec_pkcs12_convert_item_to_unicode(PRArenaPool *arena, SECItem *dest, } /* pkcs 12 templates */ -static SEC_ChooseASN1TemplateFunc sec_pkcs12_shroud_chooser = +static const SEC_ASN1TemplateChooserPtr sec_pkcs12_shroud_chooser = sec_pkcs12_choose_shroud_type; const SEC_ASN1Template SEC_PKCS12CodedSafeBagTemplate[] = @@ -1001,8 +1004,9 @@ const SEC_ASN1Template SEC_PKCS12PVKAdditionalDataTemplate[] = const SEC_ASN1Template SEC_PKCS12PVKSupportingDataTemplate_OLD[] = { { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12PVKSupportingData) }, - { SEC_ASN1_SET_OF, offsetof(SEC_PKCS12PVKSupportingData, assocCerts), - sgn_DigestInfoTemplate }, + { SEC_ASN1_SET_OF | SEC_ASN1_XTRN , + offsetof(SEC_PKCS12PVKSupportingData, assocCerts), + SEC_ASN1_SUB(sgn_DigestInfoTemplate) }, { SEC_ASN1_OPTIONAL | SEC_ASN1_BOOLEAN, offsetof(SEC_PKCS12PVKSupportingData, regenerable) }, { SEC_ASN1_PRINTABLE_STRING, @@ -1015,8 +1019,9 @@ const SEC_ASN1Template SEC_PKCS12PVKSupportingDataTemplate_OLD[] = const SEC_ASN1Template SEC_PKCS12PVKSupportingDataTemplate[] = { { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12PVKSupportingData) }, - { SEC_ASN1_SET_OF, offsetof(SEC_PKCS12PVKSupportingData, assocCerts), - sgn_DigestInfoTemplate }, + { SEC_ASN1_SET_OF | SEC_ASN1_XTRN , + offsetof(SEC_PKCS12PVKSupportingData, assocCerts), + SEC_ASN1_SUB(sgn_DigestInfoTemplate) }, { SEC_ASN1_OPTIONAL | SEC_ASN1_BOOLEAN, offsetof(SEC_PKCS12PVKSupportingData, regenerable) }, { SEC_ASN1_BMP_STRING, @@ -1050,10 +1055,10 @@ const SEC_ASN1Template SEC_PKCS12BaggageTemplate_OLD[] = SEC_PKCS12ESPVKItemTemplate_OLD }, }; -static SEC_ChooseASN1TemplateFunc sec_pkcs12_bag_chooser = +static const SEC_ASN1TemplateChooserPtr sec_pkcs12_bag_chooser = sec_pkcs12_choose_bag_type; -static SEC_ChooseASN1TemplateFunc sec_pkcs12_bag_chooser_old = +static const SEC_ASN1TemplateChooserPtr sec_pkcs12_bag_chooser_old = sec_pkcs12_choose_bag_type_old; const SEC_ASN1Template SEC_PKCS12SafeBagTemplate_OLD[] = @@ -1098,8 +1103,9 @@ const SEC_ASN1Template SEC_PKCS12PrivateKeyTemplate[] = { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12PrivateKey) }, { SEC_ASN1_INLINE, offsetof(SEC_PKCS12PrivateKey, pvkData), SEC_PKCS12PVKSupportingDataTemplate }, - { SEC_ASN1_INLINE, offsetof(SEC_PKCS12PrivateKey, pkcs8data), - SECKEY_PrivateKeyInfoTemplate }, + { SEC_ASN1_INLINE | SEC_ASN1_XTRN, + offsetof(SEC_PKCS12PrivateKey, pkcs8data), + SEC_ASN1_SUB(SECKEY_PrivateKeyInfoTemplate) }, { 0 } }; @@ -1116,8 +1122,9 @@ const SEC_ASN1Template SEC_PKCS12X509CertCRLTemplate_OLD[] = { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12X509CertCRL) }, { SEC_ASN1_INLINE, offsetof(SEC_PKCS12X509CertCRL, certOrCRL), sec_PKCS7ContentInfoTemplate }, - { SEC_ASN1_INLINE, offsetof(SEC_PKCS12X509CertCRL, thumbprint), - sgn_DigestInfoTemplate }, + { SEC_ASN1_INLINE | SEC_ASN1_XTRN , + offsetof(SEC_PKCS12X509CertCRL, thumbprint), + SEC_ASN1_SUB(sgn_DigestInfoTemplate) }, { 0 } }; @@ -1136,10 +1143,10 @@ const SEC_ASN1Template SEC_PKCS12SDSICertTemplate[] = { 0 } }; -static SEC_ChooseASN1TemplateFunc sec_pkcs12_cert_crl_chooser_old = +static const SEC_ASN1TemplateChooserPtr sec_pkcs12_cert_crl_chooser_old = sec_pkcs12_choose_cert_crl_type_old; -static SEC_ChooseASN1TemplateFunc sec_pkcs12_cert_crl_chooser = +static const SEC_ASN1TemplateChooserPtr sec_pkcs12_cert_crl_chooser = sec_pkcs12_choose_cert_crl_type; const SEC_ASN1Template SEC_PKCS12CertAndCRLTemplate_OLD[] = @@ -1218,8 +1225,8 @@ const SEC_ASN1Template SEC_PKCS12SecretBagTemplate[] = const SEC_ASN1Template SEC_PKCS12MacDataTemplate[] = { { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12PFXItem) }, - { SEC_ASN1_INLINE, offsetof(SEC_PKCS12MacData, safeMac), - sgn_DigestInfoTemplate }, + { SEC_ASN1_INLINE | SEC_ASN1_XTRN , offsetof(SEC_PKCS12MacData, safeMac), + SEC_ASN1_SUB(sgn_DigestInfoTemplate) }, { SEC_ASN1_BIT_STRING, offsetof(SEC_PKCS12MacData, macSalt) }, { 0 } }; @@ -1240,8 +1247,9 @@ const SEC_ASN1Template SEC_PKCS12PFXItemTemplate_OLD[] = { { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12PFXItem) }, { SEC_ASN1_OPTIONAL | - SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0, - offsetof(SEC_PKCS12PFXItem, old_safeMac), sgn_DigestInfoTemplate }, + SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0, + offsetof(SEC_PKCS12PFXItem, old_safeMac), + SEC_ASN1_SUB(sgn_DigestInfoTemplate) }, { SEC_ASN1_OPTIONAL | SEC_ASN1_BIT_STRING, offsetof(SEC_PKCS12PFXItem, old_macSalt) }, { SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1, diff --git a/security/nss/lib/pkcs12/p12tmpl.c b/security/nss/lib/pkcs12/p12tmpl.c index ebaed1183..e58816386 100644 --- a/security/nss/lib/pkcs12/p12tmpl.c +++ b/security/nss/lib/pkcs12/p12tmpl.c @@ -41,6 +41,9 @@ #include "secasn1.h" #include "p12t.h" +SEC_ASN1_MKSUB(SEC_AnyTemplate) +SEC_ASN1_MKSUB(sgn_DigestInfoTemplate) + static const SEC_ASN1Template * sec_pkcs12_choose_safe_bag_type(void *src_or_dest, PRBool encoding) { @@ -56,15 +59,15 @@ sec_pkcs12_choose_safe_bag_type(void *src_or_dest, PRBool encoding) oiddata = SECOID_FindOID(&safeBag->safeBagType); if(oiddata == NULL) { - return SEC_AnyTemplate; + return SEC_ASN1_GET(SEC_AnyTemplate); } switch (oiddata->offset) { default: - theTemplate = SEC_AnyTemplate; + theTemplate = SEC_ASN1_GET(SEC_AnyTemplate); break; case SEC_OID_PKCS12_V1_KEY_BAG_ID: - theTemplate = SECKEY_PointerToPrivateKeyInfoTemplate; + theTemplate = SEC_ASN1_GET(SECKEY_PointerToPrivateKeyInfoTemplate); break; case SEC_OID_PKCS12_V1_CERT_BAG_ID: theTemplate = sec_PKCS12PointerToCertBagTemplate; @@ -76,13 +79,14 @@ sec_pkcs12_choose_safe_bag_type(void *src_or_dest, PRBool encoding) theTemplate = sec_PKCS12PointerToSecretBagTemplate; break; case SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID: - theTemplate = SECKEY_PointerToEncryptedPrivateKeyInfoTemplate; + theTemplate = + SEC_ASN1_GET(SECKEY_PointerToEncryptedPrivateKeyInfoTemplate); break; case SEC_OID_PKCS12_V1_SAFE_CONTENTS_BAG_ID: if(encoding) { theTemplate = sec_PKCS12PointerToSafeContentsTemplate; } else { - theTemplate = SEC_PointerToAnyTemplate; + theTemplate = SEC_ASN1_GET(SEC_PointerToAnyTemplate); } break; } @@ -104,15 +108,15 @@ sec_pkcs12_choose_crl_bag_type(void *src_or_dest, PRBool encoding) oiddata = SECOID_FindOID(&crlbag->bagID); if(oiddata == NULL) { - return SEC_AnyTemplate; + return SEC_ASN1_GET(SEC_AnyTemplate); } switch (oiddata->offset) { default: - theTemplate = SEC_AnyTemplate; + theTemplate = SEC_ASN1_GET(SEC_AnyTemplate); break; case SEC_OID_PKCS9_X509_CRL: - theTemplate = SEC_OctetStringTemplate; + theTemplate = SEC_ASN1_GET(SEC_OctetStringTemplate); break; } return theTemplate; @@ -133,18 +137,18 @@ sec_pkcs12_choose_cert_bag_type(void *src_or_dest, PRBool encoding) oiddata = SECOID_FindOID(&certbag->bagID); if(oiddata == NULL) { - return SEC_AnyTemplate; + return SEC_ASN1_GET(SEC_AnyTemplate); } switch (oiddata->offset) { default: - theTemplate = SEC_AnyTemplate; + theTemplate = SEC_ASN1_GET(SEC_AnyTemplate); break; case SEC_OID_PKCS9_X509_CERT: - theTemplate = SEC_OctetStringTemplate; + theTemplate = SEC_ASN1_GET(SEC_OctetStringTemplate); break; case SEC_OID_PKCS9_SDSI_CERT: - theTemplate = SEC_IA5StringTemplate; + theTemplate = SEC_ASN1_GET(SEC_IA5StringTemplate); break; } return theTemplate; @@ -165,21 +169,21 @@ sec_pkcs12_choose_attr_type(void *src_or_dest, PRBool encoding) oiddata = SECOID_FindOID(&attr->attrType); if(oiddata == NULL) { - return SEC_AnyTemplate; + return SEC_ASN1_GET(SEC_AnyTemplate); } switch (oiddata->offset) { default: - theTemplate = SEC_AnyTemplate; + theTemplate = SEC_ASN1_GET(SEC_AnyTemplate); break; case SEC_OID_PKCS9_FRIENDLY_NAME: - theTemplate = SEC_BMPStringTemplate; + theTemplate = SEC_ASN1_GET(SEC_BMPStringTemplate); break; case SEC_OID_PKCS9_LOCAL_KEY_ID: - theTemplate = SEC_OctetStringTemplate; + theTemplate = SEC_ASN1_GET(SEC_OctetStringTemplate); break; case SEC_OID_PKCS12_KEY_USAGE: - theTemplate = SEC_BitStringTemplate; + theTemplate = SEC_ASN1_GET(SEC_BitStringTemplate); break; } @@ -191,16 +195,16 @@ const SEC_ASN1Template sec_PKCS12PointerToContentInfoTemplate[] = { { SEC_ASN1_POINTER | SEC_ASN1_MAY_STREAM, 0, sec_PKCS7ContentInfoTemplate } }; -static SEC_ChooseASN1TemplateFunc sec_pkcs12_crl_bag_chooser = +static const SEC_ASN1TemplateChooserPtr sec_pkcs12_crl_bag_chooser = sec_pkcs12_choose_crl_bag_type; -static SEC_ChooseASN1TemplateFunc sec_pkcs12_cert_bag_chooser = +static const SEC_ASN1TemplateChooserPtr sec_pkcs12_cert_bag_chooser = sec_pkcs12_choose_cert_bag_type; -static SEC_ChooseASN1TemplateFunc sec_pkcs12_safe_bag_chooser = +static const SEC_ASN1TemplateChooserPtr sec_pkcs12_safe_bag_chooser = sec_pkcs12_choose_safe_bag_type; -static SEC_ChooseASN1TemplateFunc sec_pkcs12_attr_chooser = +static const SEC_ASN1TemplateChooserPtr sec_pkcs12_attr_chooser = sec_pkcs12_choose_attr_type; const SEC_ASN1Template sec_PKCS12PointerToCertBagTemplate[] = { @@ -233,16 +237,17 @@ const SEC_ASN1Template sec_PKCS12PFXItemTemplate[] = { const SEC_ASN1Template sec_PKCS12MacDataTemplate[] = { { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(sec_PKCS12MacData) }, - { SEC_ASN1_INLINE, offsetof(sec_PKCS12MacData, safeMac), - sgn_DigestInfoTemplate }, + { SEC_ASN1_INLINE | SEC_ASN1_XTRN , offsetof(sec_PKCS12MacData, safeMac), + SEC_ASN1_SUB(sgn_DigestInfoTemplate) }, { SEC_ASN1_OCTET_STRING, offsetof(sec_PKCS12MacData, macSalt) }, { SEC_ASN1_OPTIONAL | SEC_ASN1_INTEGER, offsetof(sec_PKCS12MacData, iter) }, { 0 } }; const SEC_ASN1Template sec_PKCS12AuthenticatedSafeTemplate[] = { - { SEC_ASN1_SEQUENCE_OF | SEC_ASN1_MAY_STREAM, - offsetof(sec_PKCS12AuthenticatedSafe, encodedSafes), SEC_AnyTemplate } + { SEC_ASN1_SEQUENCE_OF | SEC_ASN1_MAY_STREAM | SEC_ASN1_XTRN , + offsetof(sec_PKCS12AuthenticatedSafe, encodedSafes), + SEC_ASN1_SUB(SEC_AnyTemplate) } }; const SEC_ASN1Template sec_PKCS12SafeBagTemplate[] = { @@ -265,8 +270,8 @@ const SEC_ASN1Template sec_PKCS12SafeContentsTemplate[] = { }; const SEC_ASN1Template sec_PKCS12SequenceOfAnyTemplate[] = { - { SEC_ASN1_SEQUENCE_OF | SEC_ASN1_MAY_STREAM, 0, - SEC_AnyTemplate } + { SEC_ASN1_SEQUENCE_OF | SEC_ASN1_MAY_STREAM | SEC_ASN1_XTRN , 0, + SEC_ASN1_SUB(SEC_AnyTemplate) } }; const SEC_ASN1Template sec_PKCS12NestedSafeContentsDecodeTemplate[] = { @@ -276,9 +281,9 @@ const SEC_ASN1Template sec_PKCS12NestedSafeContentsDecodeTemplate[] = { }; const SEC_ASN1Template sec_PKCS12SafeContentsDecodeTemplate[] = { - { SEC_ASN1_SEQUENCE_OF | SEC_ASN1_MAY_STREAM, + { SEC_ASN1_SEQUENCE_OF | SEC_ASN1_MAY_STREAM | SEC_ASN1_XTRN , offsetof(sec_PKCS12SafeContents, encodedSafeBags), - SEC_AnyTemplate } + SEC_ASN1_SUB(SEC_AnyTemplate) } }; const SEC_ASN1Template sec_PKCS12CRLBagTemplate[] = { diff --git a/security/nss/lib/pkcs7/certread.c b/security/nss/lib/pkcs7/certread.c index 5c5ddab78..c0762d83d 100644 --- a/security/nss/lib/pkcs7/certread.c +++ b/security/nss/lib/pkcs7/certread.c @@ -39,6 +39,8 @@ #include "secasn1.h" #include "secoid.h" +SEC_ASN1_MKSUB(SEC_AnyTemplate); + SECStatus SEC_ReadPKCS7Certs(SECItem *pkcs7Item, CERTImportCertificateFunc f, void *arg) { @@ -83,8 +85,7 @@ done: } const SEC_ASN1Template SEC_CertSequenceTemplate[] = { - { SEC_ASN1_SEQUENCE_OF, - 0, SECAnyTemplate } + { SEC_ASN1_SEQUENCE_OF | SEC_ASN1_XTRN, 0, SEC_ASN1_SUB(SEC_AnyTemplate) } }; SECStatus diff --git a/security/nss/lib/pkcs7/p7decode.c b/security/nss/lib/pkcs7/p7decode.c index 6400badc8..4e3b2bebb 100644 --- a/security/nss/lib/pkcs7/p7decode.c +++ b/security/nss/lib/pkcs7/p7decode.c @@ -55,6 +55,7 @@ #include "prtime.h" #include "secerr.h" #include "sechash.h" /* for HASH_GetHashObject() */ +#include "secder.h" struct sec_pkcs7_decoder_worker { int depth; @@ -582,8 +583,8 @@ sec_pkcs7_decoder_get_recipient_key (SEC_PKCS7DecoderContext *p7dcx, if (keaParams.bulkKeySize.len > 0) { p7dcx->error = SEC_ASN1DecodeItem(NULL, &bulkLength, - SEC_IntegerTemplate, - &keaParams.bulkKeySize); + SEC_ASN1_GET(SEC_IntegerTemplate), + &keaParams.bulkKeySize); } if (p7dcx->error != SECSuccess) diff --git a/security/nss/lib/pkcs7/p7local.c b/security/nss/lib/pkcs7/p7local.c index d3e58be50..68376cec0 100644 --- a/security/nss/lib/pkcs7/p7local.c +++ b/security/nss/lib/pkcs7/p7local.c @@ -76,6 +76,12 @@ struct sec_pkcs7_cipher_object { unsigned char pending_buf[BLOCK_SIZE]; }; +SEC_ASN1_MKSUB(CERT_IssuerAndSNTemplate) +SEC_ASN1_MKSUB(CERT_SetOfSignedCrlTemplate) +SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate) +SEC_ASN1_MKSUB(SEC_OctetStringTemplate) +SEC_ASN1_MKSUB(SEC_SetOfAnyTemplate) + /* * Create a cipher object to do decryption, based on the given bulk * encryption key and algorithm identifier (which may include an iv). @@ -900,7 +906,7 @@ sec_attr_choose_attr_value_template(void *src_or_dest, PRBool encoding) attribute = (SEC_PKCS7Attribute*)src_or_dest; if (encoding && attribute->encoded) - return SEC_AnyTemplate; + return SEC_ASN1_GET(SEC_AnyTemplate); oiddata = attribute->typeTag; if (oiddata == NULL) { @@ -910,30 +916,30 @@ sec_attr_choose_attr_value_template(void *src_or_dest, PRBool encoding) if (oiddata == NULL) { encoded = PR_TRUE; - theTemplate = SEC_AnyTemplate; + theTemplate = SEC_ASN1_GET(SEC_AnyTemplate); } else { switch (oiddata->offset) { default: encoded = PR_TRUE; - theTemplate = SEC_AnyTemplate; + theTemplate = SEC_ASN1_GET(SEC_AnyTemplate); break; case SEC_OID_PKCS9_EMAIL_ADDRESS: case SEC_OID_RFC1274_MAIL: case SEC_OID_PKCS9_UNSTRUCTURED_NAME: encoded = PR_FALSE; - theTemplate = SEC_IA5StringTemplate; + theTemplate = SEC_ASN1_GET(SEC_IA5StringTemplate); break; case SEC_OID_PKCS9_CONTENT_TYPE: encoded = PR_FALSE; - theTemplate = SEC_ObjectIDTemplate; + theTemplate = SEC_ASN1_GET(SEC_ObjectIDTemplate); break; case SEC_OID_PKCS9_MESSAGE_DIGEST: encoded = PR_FALSE; - theTemplate = SEC_OctetStringTemplate; + theTemplate = SEC_ASN1_GET(SEC_OctetStringTemplate); break; case SEC_OID_PKCS9_SIGNING_TIME: encoded = PR_FALSE; - theTemplate = SEC_UTCTimeTemplate; + theTemplate = SEC_ASN1_GET(SEC_UTCTimeTemplate); break; /* XXX Want other types here, too */ } @@ -958,7 +964,7 @@ sec_attr_choose_attr_value_template(void *src_or_dest, PRBool encoding) return theTemplate; } -static SEC_ChooseASN1TemplateFunc sec_attr_chooser +static const SEC_ASN1TemplateChooserPtr sec_attr_chooser = sec_attr_choose_attr_value_template; static const SEC_ASN1Template sec_pkcs7_attribute_template[] = { @@ -1146,7 +1152,7 @@ sec_PKCS7ReorderAttributes (SEC_PKCS7Attribute **attrs) static const SEC_ASN1Template * sec_pkcs7_choose_content_template(void *src_or_dest, PRBool encoding); -static SEC_ChooseASN1TemplateFunc sec_pkcs7_chooser +static const SEC_ASN1TemplateChooserPtr sec_pkcs7_chooser = sec_pkcs7_choose_content_template; const SEC_ASN1Template sec_PKCS7ContentInfoTemplate[] = { @@ -1168,18 +1174,18 @@ static const SEC_ASN1Template SEC_PKCS7SignerInfoTemplate[] = { 0, NULL, sizeof(SEC_PKCS7SignerInfo) }, { SEC_ASN1_INTEGER, offsetof(SEC_PKCS7SignerInfo,version) }, - { SEC_ASN1_POINTER, + { SEC_ASN1_POINTER | SEC_ASN1_XTRN, offsetof(SEC_PKCS7SignerInfo,issuerAndSN), - CERT_IssuerAndSNTemplate }, - { SEC_ASN1_INLINE, + SEC_ASN1_SUB(CERT_IssuerAndSNTemplate) }, + { SEC_ASN1_INLINE | SEC_ASN1_XTRN, offsetof(SEC_PKCS7SignerInfo,digestAlg), - SECOID_AlgorithmIDTemplate }, + SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) }, { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0, offsetof(SEC_PKCS7SignerInfo,authAttr), sec_pkcs7_set_of_attribute_template }, - { SEC_ASN1_INLINE, + { SEC_ASN1_INLINE | SEC_ASN1_XTRN, offsetof(SEC_PKCS7SignerInfo,digestEncAlg), - SECOID_AlgorithmIDTemplate }, + SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) }, { SEC_ASN1_OCTET_STRING, offsetof(SEC_PKCS7SignerInfo,encDigest) }, { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1, @@ -1193,18 +1199,20 @@ static const SEC_ASN1Template SEC_PKCS7SignedDataTemplate[] = { 0, NULL, sizeof(SEC_PKCS7SignedData) }, { SEC_ASN1_INTEGER, offsetof(SEC_PKCS7SignedData,version) }, - { SEC_ASN1_SET_OF, + { SEC_ASN1_SET_OF | SEC_ASN1_XTRN, offsetof(SEC_PKCS7SignedData,digestAlgorithms), - SECOID_AlgorithmIDTemplate }, + SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) }, { SEC_ASN1_INLINE, offsetof(SEC_PKCS7SignedData,contentInfo), sec_PKCS7ContentInfoTemplate }, - { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0, + { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | + SEC_ASN1_XTRN | 0, offsetof(SEC_PKCS7SignedData,rawCerts), - SEC_SetOfAnyTemplate }, - { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1, + SEC_ASN1_SUB(SEC_SetOfAnyTemplate) }, + { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | + SEC_ASN1_XTRN | 1, offsetof(SEC_PKCS7SignedData,crls), - CERT_SetOfSignedCrlTemplate }, + SEC_ASN1_SUB(CERT_SetOfSignedCrlTemplate) }, { SEC_ASN1_SET_OF, offsetof(SEC_PKCS7SignedData,signerInfos), SEC_PKCS7SignerInfoTemplate }, @@ -1220,12 +1228,12 @@ static const SEC_ASN1Template SEC_PKCS7RecipientInfoTemplate[] = { 0, NULL, sizeof(SEC_PKCS7RecipientInfo) }, { SEC_ASN1_INTEGER, offsetof(SEC_PKCS7RecipientInfo,version) }, - { SEC_ASN1_POINTER, + { SEC_ASN1_POINTER | SEC_ASN1_XTRN, offsetof(SEC_PKCS7RecipientInfo,issuerAndSN), - CERT_IssuerAndSNTemplate }, - { SEC_ASN1_INLINE, + SEC_ASN1_SUB(CERT_IssuerAndSNTemplate) }, + { SEC_ASN1_INLINE | SEC_ASN1_XTRN, offsetof(SEC_PKCS7RecipientInfo,keyEncAlg), - SECOID_AlgorithmIDTemplate }, + SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) }, { SEC_ASN1_OCTET_STRING, offsetof(SEC_PKCS7RecipientInfo,encKey) }, { 0 } @@ -1236,12 +1244,13 @@ static const SEC_ASN1Template SEC_PKCS7EncryptedContentInfoTemplate[] = { 0, NULL, sizeof(SEC_PKCS7EncryptedContentInfo) }, { SEC_ASN1_OBJECT_ID, offsetof(SEC_PKCS7EncryptedContentInfo,contentType) }, - { SEC_ASN1_INLINE, + { SEC_ASN1_INLINE | SEC_ASN1_XTRN, offsetof(SEC_PKCS7EncryptedContentInfo,contentEncAlg), - SECOID_AlgorithmIDTemplate }, - { SEC_ASN1_OPTIONAL | SEC_ASN1_MAY_STREAM | SEC_ASN1_CONTEXT_SPECIFIC | 0, + SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) }, + { SEC_ASN1_OPTIONAL | SEC_ASN1_MAY_STREAM | SEC_ASN1_CONTEXT_SPECIFIC | + SEC_ASN1_XTRN | 0, offsetof(SEC_PKCS7EncryptedContentInfo,encContent), - SEC_OctetStringTemplate }, + SEC_ASN1_SUB(SEC_OctetStringTemplate) }, { 0 } }; @@ -1271,18 +1280,20 @@ static const SEC_ASN1Template SEC_PKCS7SignedAndEnvelopedDataTemplate[] = { { SEC_ASN1_SET_OF, offsetof(SEC_PKCS7SignedAndEnvelopedData,recipientInfos), SEC_PKCS7RecipientInfoTemplate }, - { SEC_ASN1_SET_OF, + { SEC_ASN1_SET_OF | SEC_ASN1_XTRN, offsetof(SEC_PKCS7SignedAndEnvelopedData,digestAlgorithms), - SECOID_AlgorithmIDTemplate }, + SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) }, { SEC_ASN1_INLINE, offsetof(SEC_PKCS7SignedAndEnvelopedData,encContentInfo), SEC_PKCS7EncryptedContentInfoTemplate }, - { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0, + { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | + SEC_ASN1_XTRN | 0, offsetof(SEC_PKCS7SignedAndEnvelopedData,rawCerts), - SEC_SetOfAnyTemplate }, - { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1, + SEC_ASN1_SUB(SEC_SetOfAnyTemplate) }, + { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | + SEC_ASN1_XTRN | 1, offsetof(SEC_PKCS7SignedAndEnvelopedData,crls), - CERT_SetOfSignedCrlTemplate }, + SEC_ASN1_SUB(CERT_SetOfSignedCrlTemplate) }, { SEC_ASN1_SET_OF, offsetof(SEC_PKCS7SignedAndEnvelopedData,signerInfos), SEC_PKCS7SignerInfoTemplate }, @@ -1299,9 +1310,9 @@ static const SEC_ASN1Template SEC_PKCS7DigestedDataTemplate[] = { 0, NULL, sizeof(SEC_PKCS7DigestedData) }, { SEC_ASN1_INTEGER, offsetof(SEC_PKCS7DigestedData,version) }, - { SEC_ASN1_INLINE, + { SEC_ASN1_INLINE | SEC_ASN1_XTRN, offsetof(SEC_PKCS7DigestedData,digestAlg), - SECOID_AlgorithmIDTemplate }, + SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) }, { SEC_ASN1_INLINE, offsetof(SEC_PKCS7DigestedData,contentInfo), sec_PKCS7ContentInfoTemplate }, @@ -1401,10 +1412,10 @@ sec_pkcs7_choose_content_template(void *src_or_dest, PRBool encoding) kind = SEC_PKCS7ContentType (cinfo); switch (kind) { default: - theTemplate = SEC_PointerToAnyTemplate; + theTemplate = SEC_ASN1_GET(SEC_PointerToAnyTemplate); break; case SEC_OID_PKCS7_DATA: - theTemplate = SEC_PointerToOctetStringTemplate; + theTemplate = SEC_ASN1_GET(SEC_PointerToOctetStringTemplate); break; case SEC_OID_PKCS7_SIGNED_DATA: theTemplate = SEC_PointerToPKCS7SignedDataTemplate; diff --git a/security/nss/lib/smime/cmsasn1.c b/security/nss/lib/smime/cmsasn1.c index d649c4192..be44c7524 100644 --- a/security/nss/lib/smime/cmsasn1.c +++ b/security/nss/lib/smime/cmsasn1.c @@ -50,6 +50,14 @@ extern const SEC_ASN1Template nss_cms_set_of_attribute_template[]; +SEC_ASN1_MKSUB(CERT_IssuerAndSNTemplate) +SEC_ASN1_MKSUB(CERT_SetOfSignedCrlTemplate) +SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate) +SEC_ASN1_MKSUB(SEC_BitStringTemplate) +SEC_ASN1_MKSUB(SEC_OctetStringTemplate) +SEC_ASN1_MKSUB(SEC_PointerToOctetStringTemplate) +SEC_ASN1_MKSUB(SEC_SetOfAnyTemplate) + /* ----------------------------------------------------------------------------- * MESSAGE * (uses NSSCMSContentInfo) @@ -59,7 +67,7 @@ extern const SEC_ASN1Template nss_cms_set_of_attribute_template[]; static const SEC_ASN1Template * nss_cms_choose_content_template(void *src_or_dest, PRBool encoding); -static SEC_ChooseASN1TemplateFunc nss_cms_chooser +static const SEC_ASN1TemplateChooserPtr nss_cms_chooser = nss_cms_choose_content_template; const SEC_ASN1Template NSSCMSMessageTemplate[] = { @@ -88,9 +96,9 @@ static const SEC_ASN1Template NSSCMSEncapsulatedContentInfoTemplate[] = { { SEC_ASN1_OBJECT_ID, offsetof(NSSCMSContentInfo,contentType) }, { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT | SEC_ASN1_MAY_STREAM | - SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0, + SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0, offsetof(NSSCMSContentInfo,rawContent), - SEC_PointerToOctetStringTemplate }, + SEC_ASN1_SUB(SEC_PointerToOctetStringTemplate) }, { 0 } }; @@ -99,12 +107,13 @@ static const SEC_ASN1Template NSSCMSEncryptedContentInfoTemplate[] = { 0, NULL, sizeof(NSSCMSContentInfo) }, { SEC_ASN1_OBJECT_ID, offsetof(NSSCMSContentInfo,contentType) }, - { SEC_ASN1_INLINE, + { SEC_ASN1_INLINE | SEC_ASN1_XTRN, offsetof(NSSCMSContentInfo,contentEncAlg), - SECOID_AlgorithmIDTemplate }, - { SEC_ASN1_OPTIONAL | SEC_ASN1_POINTER | SEC_ASN1_MAY_STREAM | SEC_ASN1_CONTEXT_SPECIFIC | 0, + SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) }, + { SEC_ASN1_OPTIONAL | SEC_ASN1_POINTER | SEC_ASN1_MAY_STREAM | + SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0, offsetof(NSSCMSContentInfo,rawContent), - SEC_OctetStringTemplate }, + SEC_ASN1_SUB(SEC_OctetStringTemplate) }, { 0 } }; @@ -119,18 +128,20 @@ const SEC_ASN1Template NSSCMSSignedDataTemplate[] = { 0, NULL, sizeof(NSSCMSSignedData) }, { SEC_ASN1_INTEGER, offsetof(NSSCMSSignedData,version) }, - { SEC_ASN1_SET_OF, + { SEC_ASN1_SET_OF | SEC_ASN1_XTRN, offsetof(NSSCMSSignedData,digestAlgorithms), - SECOID_AlgorithmIDTemplate }, + SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) }, { SEC_ASN1_INLINE, offsetof(NSSCMSSignedData,contentInfo), NSSCMSEncapsulatedContentInfoTemplate }, - { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0, + { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | + SEC_ASN1_XTRN | 0, offsetof(NSSCMSSignedData,rawCerts), - SEC_SetOfAnyTemplate }, - { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1, + SEC_ASN1_SUB(SEC_SetOfAnyTemplate) }, + { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | + SEC_ASN1_XTRN | 1, offsetof(NSSCMSSignedData,crls), - CERT_SetOfSignedCrlTemplate }, + SEC_ASN1_SUB(CERT_SetOfSignedCrlTemplate) }, { SEC_ASN1_SET_OF, offsetof(NSSCMSSignedData,signerInfos), NSSCMSSignerInfoTemplate }, @@ -149,13 +160,13 @@ static const SEC_ASN1Template NSSCMSSignerIdentifierTemplate[] = { { SEC_ASN1_CHOICE, offsetof(NSSCMSSignerIdentifier,identifierType), NULL, sizeof(NSSCMSSignerIdentifier) }, - { SEC_ASN1_POINTER | SEC_ASN1_CONTEXT_SPECIFIC | 0, + { SEC_ASN1_POINTER | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0, offsetof(NSSCMSSignerIdentifier,id.subjectKeyID), - SEC_OctetStringTemplate, + SEC_ASN1_SUB(SEC_OctetStringTemplate) , NSSCMSRecipientID_SubjectKeyID }, - { SEC_ASN1_POINTER, + { SEC_ASN1_POINTER | SEC_ASN1_XTRN, offsetof(NSSCMSSignerIdentifier,id.issuerAndSN), - CERT_IssuerAndSNTemplate, + SEC_ASN1_SUB(CERT_IssuerAndSNTemplate), NSSCMSRecipientID_IssuerSN }, { 0 } }; @@ -172,15 +183,15 @@ const SEC_ASN1Template NSSCMSSignerInfoTemplate[] = { { SEC_ASN1_INLINE, offsetof(NSSCMSSignerInfo,signerIdentifier), NSSCMSSignerIdentifierTemplate }, - { SEC_ASN1_INLINE, + { SEC_ASN1_INLINE | SEC_ASN1_XTRN, offsetof(NSSCMSSignerInfo,digestAlg), - SECOID_AlgorithmIDTemplate }, + SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) }, { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0, offsetof(NSSCMSSignerInfo,authAttr), nss_cms_set_of_attribute_template }, - { SEC_ASN1_INLINE, + { SEC_ASN1_INLINE | SEC_ASN1_XTRN, offsetof(NSSCMSSignerInfo,digestEncAlg), - SECOID_AlgorithmIDTemplate }, + SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) }, { SEC_ASN1_OCTET_STRING, offsetof(NSSCMSSignerInfo,encDigest) }, { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1, @@ -196,12 +207,14 @@ const SEC_ASN1Template NSSCMSSignerInfoTemplate[] = { static const SEC_ASN1Template NSSCMSOriginatorInfoTemplate[] = { { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSCMSOriginatorInfo) }, - { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0, + { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | + SEC_ASN1_XTRN | 0, offsetof(NSSCMSOriginatorInfo,rawCerts), - SEC_SetOfAnyTemplate }, - { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1, + SEC_ASN1_SUB(SEC_SetOfAnyTemplate) }, + { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | + SEC_ASN1_XTRN | 1, offsetof(NSSCMSOriginatorInfo,crls), - CERT_SetOfSignedCrlTemplate }, + SEC_ASN1_SUB(CERT_SetOfSignedCrlTemplate) }, { 0 } }; @@ -241,13 +254,14 @@ static const SEC_ASN1Template NSSCMSRecipientIdentifierTemplate[] = { { SEC_ASN1_CHOICE, offsetof(NSSCMSRecipientIdentifier,identifierType), NULL, sizeof(NSSCMSRecipientIdentifier) }, - { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0, + { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | + SEC_ASN1_XTRN | 0, offsetof(NSSCMSRecipientIdentifier,id.subjectKeyID), - SEC_PointerToOctetStringTemplate, + SEC_ASN1_SUB(SEC_PointerToOctetStringTemplate) , NSSCMSRecipientID_SubjectKeyID }, - { SEC_ASN1_POINTER, + { SEC_ASN1_POINTER | SEC_ASN1_XTRN, offsetof(NSSCMSRecipientIdentifier,id.issuerAndSN), - CERT_IssuerAndSNTemplate, + SEC_ASN1_SUB(CERT_IssuerAndSNTemplate), NSSCMSRecipientID_IssuerSN }, { 0 } }; @@ -261,9 +275,9 @@ static const SEC_ASN1Template NSSCMSKeyTransRecipientInfoTemplate[] = { { SEC_ASN1_INLINE, offsetof(NSSCMSKeyTransRecipientInfo,recipientIdentifier), NSSCMSRecipientIdentifierTemplate }, - { SEC_ASN1_INLINE, + { SEC_ASN1_INLINE | SEC_ASN1_XTRN, offsetof(NSSCMSKeyTransRecipientInfo,keyEncAlg), - SECOID_AlgorithmIDTemplate }, + SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) }, { SEC_ASN1_OCTET_STRING, offsetof(NSSCMSKeyTransRecipientInfo,encKey) }, { 0 } @@ -276,12 +290,12 @@ static const SEC_ASN1Template NSSCMSKeyTransRecipientInfoTemplate[] = { static const SEC_ASN1Template NSSCMSOriginatorPublicKeyTemplate[] = { { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSCMSOriginatorPublicKey) }, - { SEC_ASN1_INLINE, + { SEC_ASN1_INLINE | SEC_ASN1_XTRN, offsetof(NSSCMSOriginatorPublicKey,algorithmIdentifier), - SECOID_AlgorithmIDTemplate }, - { SEC_ASN1_INLINE, + SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) }, + { SEC_ASN1_INLINE | SEC_ASN1_XTRN, offsetof(NSSCMSOriginatorPublicKey,publicKey), - SEC_BitStringTemplate }, + SEC_ASN1_SUB(SEC_BitStringTemplate) }, { 0 } }; @@ -290,13 +304,14 @@ static const SEC_ASN1Template NSSCMSOriginatorIdentifierOrKeyTemplate[] = { { SEC_ASN1_CHOICE, offsetof(NSSCMSOriginatorIdentifierOrKey,identifierType), NULL, sizeof(NSSCMSOriginatorIdentifierOrKey) }, - { SEC_ASN1_POINTER, + { SEC_ASN1_POINTER | SEC_ASN1_XTRN, offsetof(NSSCMSOriginatorIdentifierOrKey,id.issuerAndSN), - CERT_IssuerAndSNTemplate, + SEC_ASN1_SUB(CERT_IssuerAndSNTemplate), NSSCMSOriginatorIDOrKey_IssuerSN }, - { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1, + { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | + SEC_ASN1_XTRN | 1, offsetof(NSSCMSOriginatorIdentifierOrKey,id.subjectKeyID), - SEC_PointerToOctetStringTemplate, + SEC_ASN1_SUB(SEC_PointerToOctetStringTemplate) , NSSCMSOriginatorIDOrKey_SubjectKeyID }, { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 2, offsetof(NSSCMSOriginatorIdentifierOrKey,id.originatorPublicKey), @@ -322,9 +337,9 @@ static const SEC_ASN1Template NSSCMSKeyAgreeRecipientIdentifierTemplate[] = { { SEC_ASN1_CHOICE, offsetof(NSSCMSKeyAgreeRecipientIdentifier,identifierType), NULL, sizeof(NSSCMSKeyAgreeRecipientIdentifier) }, - { SEC_ASN1_POINTER, + { SEC_ASN1_POINTER | SEC_ASN1_XTRN, offsetof(NSSCMSKeyAgreeRecipientIdentifier,id.issuerAndSN), - CERT_IssuerAndSNTemplate, + SEC_ASN1_SUB(CERT_IssuerAndSNTemplate), NSSCMSKeyAgreeRecipientID_IssuerSN }, { SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0, offsetof(NSSCMSKeyAgreeRecipientIdentifier,id.recipientKeyIdentifier), @@ -339,9 +354,9 @@ static const SEC_ASN1Template NSSCMSRecipientEncryptedKeyTemplate[] = { { SEC_ASN1_INLINE, offsetof(NSSCMSRecipientEncryptedKey,recipientIdentifier), NSSCMSKeyAgreeRecipientIdentifierTemplate }, - { SEC_ASN1_INLINE, + { SEC_ASN1_INLINE | SEC_ASN1_XTRN, offsetof(NSSCMSRecipientEncryptedKey,encKey), - SEC_BitStringTemplate }, + SEC_ASN1_SUB(SEC_BitStringTemplate) }, { 0 } }; @@ -354,12 +369,12 @@ static const SEC_ASN1Template NSSCMSKeyAgreeRecipientInfoTemplate[] = { offsetof(NSSCMSKeyAgreeRecipientInfo,originatorIdentifierOrKey), NSSCMSOriginatorIdentifierOrKeyTemplate }, { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_EXPLICIT | - SEC_ASN1_CONTEXT_SPECIFIC | 1, + SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 1, offsetof(NSSCMSKeyAgreeRecipientInfo,ukm), - SEC_OctetStringTemplate }, - { SEC_ASN1_INLINE, + SEC_ASN1_SUB(SEC_OctetStringTemplate) }, + { SEC_ASN1_INLINE | SEC_ASN1_XTRN, offsetof(NSSCMSKeyAgreeRecipientInfo,keyEncAlg), - SECOID_AlgorithmIDTemplate }, + SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) }, { SEC_ASN1_SEQUENCE_OF, offsetof(NSSCMSKeyAgreeRecipientInfo,recipientEncryptedKeys), NSSCMSRecipientEncryptedKeyTemplate }, @@ -390,9 +405,9 @@ static const SEC_ASN1Template NSSCMSKEKRecipientInfoTemplate[] = { { SEC_ASN1_INLINE, offsetof(NSSCMSKEKRecipientInfo,kekIdentifier), NSSCMSKEKIdentifierTemplate }, - { SEC_ASN1_INLINE, + { SEC_ASN1_INLINE | SEC_ASN1_XTRN, offsetof(NSSCMSKEKRecipientInfo,keyEncAlg), - SECOID_AlgorithmIDTemplate }, + SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) }, { SEC_ASN1_OCTET_STRING, offsetof(NSSCMSKEKRecipientInfo,encKey) }, { 0 } @@ -429,9 +444,9 @@ const SEC_ASN1Template NSSCMSDigestedDataTemplate[] = { 0, NULL, sizeof(NSSCMSDigestedData) }, { SEC_ASN1_INTEGER, offsetof(NSSCMSDigestedData,version) }, - { SEC_ASN1_INLINE, + { SEC_ASN1_INLINE | SEC_ASN1_XTRN, offsetof(NSSCMSDigestedData,digestAlg), - SECOID_AlgorithmIDTemplate }, + SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) }, { SEC_ASN1_INLINE, offsetof(NSSCMSDigestedData,contentInfo), NSSCMSEncapsulatedContentInfoTemplate }, @@ -538,10 +553,10 @@ nss_cms_choose_content_template(void *src_or_dest, PRBool encoding) cinfo = (NSSCMSContentInfo *)src_or_dest; switch (NSS_CMSContentInfo_GetContentTypeTag(cinfo)) { default: - theTemplate = SEC_PointerToAnyTemplate; + theTemplate = SEC_ASN1_GET(SEC_PointerToAnyTemplate); break; case SEC_OID_PKCS7_DATA: - theTemplate = SEC_PointerToOctetStringTemplate; + theTemplate = SEC_ASN1_GET(SEC_PointerToOctetStringTemplate); break; case SEC_OID_PKCS7_SIGNED_DATA: theTemplate = NSS_PointerToCMSSignedDataTemplate; diff --git a/security/nss/lib/smime/cmsattr.c b/security/nss/lib/smime/cmsattr.c index 34016bd55..25bee424f 100644 --- a/security/nss/lib/smime/cmsattr.c +++ b/security/nss/lib/smime/cmsattr.c @@ -219,7 +219,7 @@ cms_attr_choose_attr_value_template(void *src_or_dest, PRBool encoding) if (encoding && attribute->encoded) /* we're encoding, and the attribute value is already encoded. */ - return SEC_AnyTemplate; + return SEC_ASN1_GET(SEC_AnyTemplate); /* get attribute's typeTag */ oiddata = attribute->typeTag; @@ -231,7 +231,7 @@ cms_attr_choose_attr_value_template(void *src_or_dest, PRBool encoding) if (oiddata == NULL) { /* still no OID tag? OID is unknown then. en/decode value as ANY. */ encoded = PR_TRUE; - theTemplate = SEC_AnyTemplate; + theTemplate = SEC_ASN1_GET(SEC_AnyTemplate); } else { switch (oiddata->offset) { SEC_OID_PKCS9_SMIME_CAPABILITIES: @@ -240,26 +240,26 @@ cms_attr_choose_attr_value_template(void *src_or_dest, PRBool encoding) default: /* same goes for OIDs that are not handled here */ encoded = PR_TRUE; - theTemplate = SEC_AnyTemplate; + theTemplate = SEC_ASN1_GET(SEC_AnyTemplate); break; /* otherwise choose proper template */ case SEC_OID_PKCS9_EMAIL_ADDRESS: case SEC_OID_RFC1274_MAIL: case SEC_OID_PKCS9_UNSTRUCTURED_NAME: encoded = PR_FALSE; - theTemplate = SEC_IA5StringTemplate; + theTemplate = SEC_ASN1_GET(SEC_IA5StringTemplate); break; case SEC_OID_PKCS9_CONTENT_TYPE: encoded = PR_FALSE; - theTemplate = SEC_ObjectIDTemplate; + theTemplate = SEC_ASN1_GET(SEC_ObjectIDTemplate); break; case SEC_OID_PKCS9_MESSAGE_DIGEST: encoded = PR_FALSE; - theTemplate = SEC_OctetStringTemplate; + theTemplate = SEC_ASN1_GET(SEC_OctetStringTemplate); break; case SEC_OID_PKCS9_SIGNING_TIME: encoded = PR_FALSE; - theTemplate = SEC_UTCTimeTemplate; + theTemplate = SEC_ASN1_GET(SEC_UTCTimeTemplate); break; /* XXX Want other types here, too */ } @@ -284,7 +284,7 @@ cms_attr_choose_attr_value_template(void *src_or_dest, PRBool encoding) return theTemplate; } -static SEC_ChooseASN1TemplateFunc cms_attr_chooser +static const SEC_ASN1TemplateChooserPtr cms_attr_chooser = cms_attr_choose_attr_value_template; const SEC_ASN1Template nss_cms_attribute_template[] = { diff --git a/security/nss/lib/smime/cmspubkey.c b/security/nss/lib/smime/cmspubkey.c index 9654ef26c..043b6cfc1 100644 --- a/security/nss/lib/smime/cmspubkey.c +++ b/security/nss/lib/smime/cmspubkey.c @@ -342,8 +342,8 @@ NSS_CMSUtil_DecryptSymKey_MISSI(SECKEYPrivateKey *privkey, SECItem *encKey, SECA bulk key size is different than the encrypted key size */ if (keaParams.bulkKeySize.len > 0) { err = SEC_ASN1DecodeItem(NULL, &bulkLength, - SEC_IntegerTemplate, - &keaParams.bulkKeySize); + SEC_ASN1_GET(SEC_IntegerTemplate), + &keaParams.bulkKeySize); if (err != SECSuccess) goto loser; } diff --git a/security/nss/lib/smime/cmssigdata.c b/security/nss/lib/smime/cmssigdata.c index b33d251d2..dc3744928 100644 --- a/security/nss/lib/smime/cmssigdata.c +++ b/security/nss/lib/smime/cmssigdata.c @@ -181,7 +181,8 @@ NSS_CMSSignedData_Encode_BeforeStart(NSSCMSSignedData *sigd) return SECFailure; /* this is a SET OF, so we need to sort them guys */ - rv = NSS_CMSArray_SortByDER((void **)sigd->digestAlgorithms, SECOID_AlgorithmIDTemplate, + rv = NSS_CMSArray_SortByDER((void **)sigd->digestAlgorithms, + SEC_ASN1_GET(SECOID_AlgorithmIDTemplate), (void **)sigd->digests); if (rv != SECSuccess) return SECFailure; diff --git a/security/nss/lib/smime/smimeutil.c b/security/nss/lib/smime/smimeutil.c index 7d98b6a09..1a4d4073e 100644 --- a/security/nss/lib/smime/smimeutil.c +++ b/security/nss/lib/smime/smimeutil.c @@ -48,6 +48,9 @@ #include "secerr.h" #include "cms.h" +SEC_ASN1_MKSUB(CERT_IssuerAndSNTemplate) +SEC_ASN1_MKSUB(SEC_OctetStringTemplate) + /* various integer's ASN.1 encoding */ static unsigned char asn1_int40[] = { SEC_ASN1_INTEGER, 0x01, 0x28 }; static unsigned char asn1_int64[] = { SEC_ASN1_INTEGER, 0x01, 0x40 }; @@ -108,17 +111,17 @@ static const SEC_ASN1Template smime_encryptionkeypref_template[] = { { SEC_ASN1_CHOICE, offsetof(NSSSMIMEEncryptionKeyPreference,selector), NULL, sizeof(NSSSMIMEEncryptionKeyPreference) }, - { SEC_ASN1_POINTER | SEC_ASN1_CONTEXT_SPECIFIC | 0, + { SEC_ASN1_POINTER | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0, offsetof(NSSSMIMEEncryptionKeyPreference,id.issuerAndSN), - CERT_IssuerAndSNTemplate, + SEC_ASN1_SUB(CERT_IssuerAndSNTemplate), NSSSMIMEEncryptionKeyPref_IssuerSN }, { SEC_ASN1_POINTER | SEC_ASN1_CONTEXT_SPECIFIC | 1, offsetof(NSSSMIMEEncryptionKeyPreference,id.recipientKeyID), NSSCMSRecipientKeyIdentifierTemplate, NSSSMIMEEncryptionKeyPref_IssuerSN }, - { SEC_ASN1_POINTER | SEC_ASN1_CONTEXT_SPECIFIC | 2, + { SEC_ASN1_POINTER | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 2, offsetof(NSSSMIMEEncryptionKeyPreference,id.subjectKeyID), - SEC_OctetStringTemplate, + SEC_ASN1_SUB(SEC_OctetStringTemplate), NSSSMIMEEncryptionKeyPref_SubjectKeyID }, { 0, } }; diff --git a/security/nss/lib/softoken/keydb.c b/security/nss/lib/softoken/keydb.c index a9e2aa8b4..b98018ed8 100644 --- a/security/nss/lib/softoken/keydb.c +++ b/security/nss/lib/softoken/keydb.c @@ -2308,3 +2308,14 @@ done: return (errors == 0 ? SECSuccess : SECFailure); } + +/* These functions simply return the address of the above-declared templates. +** This is necessary for Windows DLLs. Sigh. +*/ +SEC_ASN1_CHOOSER_IMPLEMENT(SECKEY_PrivateKeyInfoTemplate) +SEC_ASN1_CHOOSER_IMPLEMENT(SECKEY_PointerToPrivateKeyInfoTemplate) +SEC_ASN1_CHOOSER_IMPLEMENT(SECKEY_EncryptedPrivateKeyInfoTemplate) +SEC_ASN1_CHOOSER_IMPLEMENT(SECKEY_PointerToEncryptedPrivateKeyInfoTemplate) +SEC_ASN1_CHOOSER_IMPLEMENT(SECKEY_DSAPublicKeyTemplate) +SEC_ASN1_CHOOSER_IMPLEMENT(SECKEY_RSAPublicKeyTemplate) + diff --git a/security/nss/lib/softoken/keydbt.h b/security/nss/lib/softoken/keydbt.h index 1b781b939..31d518f53 100644 --- a/security/nss/lib/softoken/keydbt.h +++ b/security/nss/lib/softoken/keydbt.h @@ -86,4 +86,14 @@ extern const SEC_ASN1Template SECKEY_PointerToPrivateKeyInfoTemplate[]; extern const SEC_ASN1Template SECKEY_PQGParamsTemplate[]; extern const SEC_ASN1Template SECKEY_AttributeTemplate[]; +/* These functions simply return the address of the above-declared templates. +** This is necessary for Windows DLLs. Sigh. +*/ +extern SEC_ASN1TemplateChooser NSS_Get_SECKEY_PrivateKeyInfoTemplate; +extern SEC_ASN1TemplateChooser NSS_Get_SECKEY_PointerToPrivateKeyInfoTemplate; +extern SEC_ASN1TemplateChooser NSS_Get_SECKEY_EncryptedPrivateKeyInfoTemplate; +extern SEC_ASN1TemplateChooser NSS_Get_SECKEY_PointerToEncryptedPrivateKeyInfoTemplate; +extern SEC_ASN1TemplateChooser NSS_Get_SECKEY_DSAPublicKeyTemplate; +extern SEC_ASN1TemplateChooser NSS_Get_SECKEY_RSAPublicKeyTemplate; + #endif /* _KEYDBT_H_ */ diff --git a/security/nss/lib/util/secalgid.c b/security/nss/lib/util/secalgid.c index 7b04941a1..a9ef62d95 100644 --- a/security/nss/lib/util/secalgid.c +++ b/security/nss/lib/util/secalgid.c @@ -167,3 +167,7 @@ SECOID_CompareAlgorithmID(SECAlgorithmID *a, SECAlgorithmID *b) rv = SECITEM_CompareItem(&a->parameters, &b->parameters); return rv; } + +/* This functions simply returns the address of the above-declared template. */ +SEC_ASN1_CHOOSER_IMPLEMENT(SECOID_AlgorithmIDTemplate) + diff --git a/security/nss/lib/util/secasn1.h b/security/nss/lib/util/secasn1.h index f35860ea2..786985b89 100644 --- a/security/nss/lib/util/secasn1.h +++ b/security/nss/lib/util/secasn1.h @@ -260,5 +260,22 @@ extern const SEC_ASN1Template SEC_SetOfVisibleStringTemplate[]; */ extern const SEC_ASN1Template SEC_SkipTemplate[]; +/* These functions simply return the address of the above-declared templates. +** This is necessary for Windows DLLs. Sigh. +*/ +SEC_ASN1_CHOOSER_DECLARE(SEC_AnyTemplate) +SEC_ASN1_CHOOSER_DECLARE(SEC_BMPStringTemplate) +SEC_ASN1_CHOOSER_DECLARE(SEC_BitStringTemplate) +SEC_ASN1_CHOOSER_DECLARE(SEC_GeneralizedTimeTemplate) +SEC_ASN1_CHOOSER_DECLARE(SEC_IA5StringTemplate) +SEC_ASN1_CHOOSER_DECLARE(SEC_IntegerTemplate) +SEC_ASN1_CHOOSER_DECLARE(SEC_ObjectIDTemplate) +SEC_ASN1_CHOOSER_DECLARE(SEC_OctetStringTemplate) +SEC_ASN1_CHOOSER_DECLARE(SEC_UTCTimeTemplate) + +SEC_ASN1_CHOOSER_DECLARE(SEC_PointerToAnyTemplate) +SEC_ASN1_CHOOSER_DECLARE(SEC_PointerToOctetStringTemplate) + +SEC_ASN1_CHOOSER_DECLARE(SEC_SetOfAnyTemplate) #endif /* _SECASN1_H_ */ diff --git a/security/nss/lib/util/secasn1d.c b/security/nss/lib/util/secasn1d.c index 544210d3d..99ce8a542 100644 --- a/security/nss/lib/util/secasn1d.c +++ b/security/nss/lib/util/secasn1d.c @@ -2932,3 +2932,21 @@ const SEC_ASN1Template SEC_SetOfVisibleStringTemplate[] = { const SEC_ASN1Template SEC_SkipTemplate[] = { { SEC_ASN1_SKIP } }; + + +/* These functions simply return the address of the above-declared templates. +** This is necessary for Windows DLLs. Sigh. +*/ +SEC_ASN1_CHOOSER_IMPLEMENT(SEC_AnyTemplate) +SEC_ASN1_CHOOSER_IMPLEMENT(SEC_BMPStringTemplate) +SEC_ASN1_CHOOSER_IMPLEMENT(SEC_BitStringTemplate) +SEC_ASN1_CHOOSER_IMPLEMENT(SEC_IA5StringTemplate) +SEC_ASN1_CHOOSER_IMPLEMENT(SEC_GeneralizedTimeTemplate) +SEC_ASN1_CHOOSER_IMPLEMENT(SEC_IntegerTemplate) +SEC_ASN1_CHOOSER_IMPLEMENT(SEC_ObjectIDTemplate) +SEC_ASN1_CHOOSER_IMPLEMENT(SEC_OctetStringTemplate) +SEC_ASN1_CHOOSER_IMPLEMENT(SEC_UTCTimeTemplate) +SEC_ASN1_CHOOSER_IMPLEMENT(SEC_PointerToAnyTemplate) +SEC_ASN1_CHOOSER_IMPLEMENT(SEC_PointerToOctetStringTemplate) +SEC_ASN1_CHOOSER_IMPLEMENT(SEC_SetOfAnyTemplate) + diff --git a/security/nss/lib/util/secasn1t.h b/security/nss/lib/util/secasn1t.h index 1e87ed12c..711b9eae1 100644 --- a/security/nss/lib/util/secasn1t.h +++ b/security/nss/lib/util/secasn1t.h @@ -184,13 +184,34 @@ typedef struct sec_ASN1Template_struct { #define SEC_ASN1_SET_OF (SEC_ASN1_GROUP | SEC_ASN1_SET) #define SEC_ASN1_ANY_CONTENTS (SEC_ASN1_ANY | SEC_ASN1_INNER) + /* ** Function used for SEC_ASN1_DYNAMIC. ** "arg" is a pointer to the structure being encoded/decoded ** "enc", when true, means that we are encoding (false means decoding) */ -typedef const SEC_ASN1Template * (* SEC_ChooseASN1TemplateFunc)(void *arg, - PRBool enc); +typedef const SEC_ASN1Template * SEC_ASN1TemplateChooser(void *arg, PRBool enc); +typedef SEC_ASN1TemplateChooser * SEC_ASN1TemplateChooserPtr; + +#if defined(_WIN32) +#define SEC_ASN1_GET(x) NSS_Get_##x(NULL, PR_FALSE) +#define SEC_ASN1_SUB(x) &p_NSS_Get_##x +#define SEC_ASN1_XTRN SEC_ASN1_DYNAMIC +#define SEC_ASN1_MKSUB(x) \ +static const SEC_ASN1TemplateChooserPtr p_NSS_Get_##x = &NSS_Get_##x; +#else +#define SEC_ASN1_GET(x) x +#define SEC_ASN1_SUB(x) x +#define SEC_ASN1_XTRN 0 +#define SEC_ASN1_MKSUB(x) +#endif + +#define SEC_ASN1_CHOOSER_DECLARE(x) \ +extern SEC_ASN1TemplateChooser NSS_Get_##x; + +#define SEC_ASN1_CHOOSER_IMPLEMENT(x) \ +const SEC_ASN1Template * NSS_Get_##x(void * arg, PRBool enc) \ +{ return x; } /* ** Opaque object used by the decoder to store state. diff --git a/security/nss/lib/util/secasn1u.c b/security/nss/lib/util/secasn1u.c index ea068893b..83673ca0b 100644 --- a/security/nss/lib/util/secasn1u.c +++ b/security/nss/lib/util/secasn1u.c @@ -85,22 +85,22 @@ const SEC_ASN1Template * SEC_ASN1GetSubtemplate (const SEC_ASN1Template *theTemplate, void *thing, PRBool encoding) { - const SEC_ASN1Template *subt; + const SEC_ASN1Template *subt = NULL; PORT_Assert (theTemplate->sub != NULL); - if (theTemplate->kind & SEC_ASN1_DYNAMIC) { - SEC_ChooseASN1TemplateFunc chooser, *chooserp; + if (theTemplate->sub != NULL) { + if (theTemplate->kind & SEC_ASN1_DYNAMIC) { + SEC_ASN1TemplateChooserPtr chooserp; - chooserp = (SEC_ChooseASN1TemplateFunc *) theTemplate->sub; - if (chooserp == NULL || *chooserp == NULL) - return NULL; - chooser = *chooserp; - if (thing != NULL) - thing = (char *)thing - theTemplate->offset; - subt = (* chooser)(thing, encoding); - } else { - subt = (SEC_ASN1Template*)theTemplate->sub; + chooserp = *(SEC_ASN1TemplateChooserPtr *) theTemplate->sub; + if (chooserp) { + if (thing != NULL) + thing = (char *)thing - theTemplate->offset; + subt = (* chooserp)(thing, encoding); + } + } else { + subt = (SEC_ASN1Template*)theTemplate->sub; + } } - return subt; } diff --git a/security/nss/lib/util/secdig.c b/security/nss/lib/util/secdig.c index 020829b84..056068222 100644 --- a/security/nss/lib/util/secdig.c +++ b/security/nss/lib/util/secdig.c @@ -66,6 +66,8 @@ const SEC_ASN1Template sgn_DigestInfoTemplate[] = { { 0 } }; +SEC_ASN1_CHOOSER_IMPLEMENT(sgn_DigestInfoTemplate) + /* * XXX Want to have a SGN_DecodeDigestInfo, like: * SGNDigestInfo *SGN_DecodeDigestInfo(SECItem *didata); diff --git a/security/nss/lib/util/secdig.h b/security/nss/lib/util/secdig.h index bd2703f65..2b0fb2740 100644 --- a/security/nss/lib/util/secdig.h +++ b/security/nss/lib/util/secdig.h @@ -46,6 +46,9 @@ extern const SEC_ASN1Template sgn_DigestInfoTemplate[]; + +SEC_ASN1_CHOOSER_DECLARE(sgn_DigestInfoTemplate) + extern DERTemplate SGNDigestInfoTemplate[]; diff --git a/security/nss/lib/util/secoid.h b/security/nss/lib/util/secoid.h index 9f8c7b11c..cd17d7c66 100644 --- a/security/nss/lib/util/secoid.h +++ b/security/nss/lib/util/secoid.h @@ -47,6 +47,9 @@ extern const SEC_ASN1Template SECOID_AlgorithmIDTemplate[]; +/* This functions simply returns the address of the above-declared template. */ +SEC_ASN1_CHOOSER_DECLARE(SECOID_AlgorithmIDTemplate) + SEC_BEGIN_PROTOS /* |