1 files changed, 0 insertions, 350 deletions
diff --git a/security/nss/lib/crmf/cmmfrec.c b/security/nss/lib/crmf/cmmfrec.c
deleted file mode 100644
index 6e80d7f0e..000000000
--- a/security/nss/lib/crmf/cmmfrec.c
+++ /dev/null
@@ -1,350 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-/*
- * This file will implement the functions related to key recovery in 
- * CMMF
- */
-
-#include "cmmf.h"
-#include "cmmfi.h"
-#include "secitem.h"
-#include "keyhi.h"
-
-CMMFKeyRecRepContent*
-CMMF_CreateKeyRecRepContent(void)
-{
-    PRArenaPool          *poolp;
-    CMMFKeyRecRepContent *keyRecContent;
-
-    poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
-    if (poolp == NULL) {
-        return NULL;
-    }
-    keyRecContent = PORT_ArenaZNew(poolp, CMMFKeyRecRepContent);
-    if (keyRecContent == NULL) {
-        PORT_FreeArena(poolp, PR_FALSE);
-	return NULL;
-    }
-    keyRecContent->poolp = poolp;
-    return keyRecContent;
-}
-
-SECStatus
-CMMF_DestroyKeyRecRepContent(CMMFKeyRecRepContent *inKeyRecRep)
-{
-    PORT_Assert(inKeyRecRep != NULL);
-    if (inKeyRecRep != NULL && inKeyRecRep->poolp != NULL) {
-	int i;
-
-	if (!inKeyRecRep->isDecoded && inKeyRecRep->newSigCert != NULL) {
-	    CERT_DestroyCertificate(inKeyRecRep->newSigCert);
-	}
-	if (inKeyRecRep->caCerts != NULL) {
-	    for (i=0; inKeyRecRep->caCerts[i] != NULL; i++) {
-		CERT_DestroyCertificate(inKeyRecRep->caCerts[i]);
-	    }
-	}
-	if (inKeyRecRep->keyPairHist != NULL) {
-	    for (i=0; inKeyRecRep->keyPairHist[i] != NULL; i++) {
-	        if (inKeyRecRep->keyPairHist[i]->certOrEncCert.choice ==
-			cmmfCertificate) {
-		    CERT_DestroyCertificate(inKeyRecRep->keyPairHist[i]->
-					       certOrEncCert.cert.certificate);
-		}
-	    }
-	}
-        PORT_FreeArena(inKeyRecRep->poolp, PR_TRUE);
-    }
-    return SECSuccess;
-}
-
-SECStatus
-CMMF_KeyRecRepContentSetPKIStatusInfoStatus(CMMFKeyRecRepContent *inKeyRecRep,
-					    CMMFPKIStatus         inPKIStatus)
-{
-    PORT_Assert(inKeyRecRep != NULL && inPKIStatus >= cmmfGranted &&
-		inPKIStatus < cmmfNumPKIStatus);
-    if (inKeyRecRep == NULL) {
-        return SECFailure;
-    }
-    
-    return cmmf_PKIStatusInfoSetStatus(&inKeyRecRep->status, 
-				       inKeyRecRep->poolp,
-				       inPKIStatus);
-}
-
-SECStatus
-CMMF_KeyRecRepContentSetNewSignCert(CMMFKeyRecRepContent *inKeyRecRep,
-				    CERTCertificate      *inNewSignCert)
-{
-    PORT_Assert (inKeyRecRep != NULL && inNewSignCert != NULL);
-    if (inKeyRecRep == NULL || inNewSignCert == NULL) {
-        return SECFailure;
-    }
-    if (!inKeyRecRep->isDecoded && inKeyRecRep->newSigCert) {
-	CERT_DestroyCertificate(inKeyRecRep->newSigCert);
-    }
-    inKeyRecRep->isDecoded = PR_FALSE;
-    inKeyRecRep->newSigCert = CERT_DupCertificate(inNewSignCert);
-    return (inKeyRecRep->newSigCert == NULL) ? SECFailure : SECSuccess;    
-}
-
-SECStatus
-CMMF_KeyRecRepContentSetCACerts(CMMFKeyRecRepContent *inKeyRecRep,
-				CERTCertList         *inCACerts)
-{
-    SECStatus rv;
-    void *mark;
-
-    PORT_Assert (inKeyRecRep != NULL && inCACerts != NULL);
-    if (inKeyRecRep == NULL || inCACerts == NULL) {
-        return SECFailure;
-    }
-    mark = PORT_ArenaMark(inKeyRecRep->poolp);
-    rv = cmmf_ExtractCertsFromList(inCACerts, inKeyRecRep->poolp,
-				   &inKeyRecRep->caCerts);
-    if (rv != SECSuccess) {
-        PORT_ArenaRelease(inKeyRecRep->poolp, mark);
-    } else {
-        PORT_ArenaUnmark(inKeyRecRep->poolp, mark);
-    }
-    return rv;
-}
-
-SECStatus
-CMMF_KeyRecRepContentSetCertifiedKeyPair(CMMFKeyRecRepContent *inKeyRecRep,
-					 CERTCertificate      *inCert,
-					 SECKEYPrivateKey     *inPrivKey,
-					 SECKEYPublicKey      *inPubKey)
-{
-    CMMFCertifiedKeyPair *keyPair;
-    CRMFEncryptedValue   *dummy;
-    PRArenaPool          *poolp;
-    void                 *mark;
-    SECStatus             rv;
-
-    PORT_Assert (inKeyRecRep != NULL &&
-		 inCert      != NULL &&
-		 inPrivKey   != NULL &&
-		 inPubKey    != NULL);
-    if (inKeyRecRep == NULL ||
-	inCert      == NULL ||
-	inPrivKey   == NULL ||
-	inPubKey    == NULL) {
-        return SECFailure;
-    }
-    poolp = inKeyRecRep->poolp;
-    mark = PORT_ArenaMark(poolp);
-    if (inKeyRecRep->keyPairHist == NULL) {
-        inKeyRecRep->keyPairHist = PORT_ArenaNewArray(poolp, 
-						      CMMFCertifiedKeyPair*,
-						      (CMMF_MAX_KEY_PAIRS+1));
-	if (inKeyRecRep->keyPairHist == NULL) {
-	    goto loser;
-	}
-	inKeyRecRep->allocKeyPairs = CMMF_MAX_KEY_PAIRS;
-	inKeyRecRep->numKeyPairs   = 0;
-    }
-
-    if (inKeyRecRep->allocKeyPairs == inKeyRecRep->numKeyPairs) {
-        goto loser;
-    }
-    
-    keyPair = PORT_ArenaZNew(poolp, CMMFCertifiedKeyPair);
-    if (keyPair == NULL) {
-        goto loser;
-    }
-    rv = cmmf_CertOrEncCertSetCertificate(&keyPair->certOrEncCert,
-					  poolp, inCert);
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-    keyPair->privateKey = PORT_ArenaZNew(poolp, CRMFEncryptedValue);
-    if (keyPair->privateKey == NULL) {
-        goto loser;
-    }
-    dummy = crmf_create_encrypted_value_wrapped_privkey(inPrivKey, inPubKey, 
-							keyPair->privateKey);
-    PORT_Assert(dummy == keyPair->privateKey);
-    if (dummy != keyPair->privateKey) {
-        crmf_destroy_encrypted_value(dummy, PR_TRUE);
-	goto loser;
-    }
-    inKeyRecRep->keyPairHist[inKeyRecRep->numKeyPairs] = keyPair;
-    inKeyRecRep->numKeyPairs++;
-    inKeyRecRep->keyPairHist[inKeyRecRep->numKeyPairs] = NULL;
-    PORT_ArenaUnmark(poolp, mark);
-    return SECSuccess;
-
- loser:
-    PORT_ArenaRelease(poolp, mark);
-    return SECFailure;
-}
-
-CMMFPKIStatus
-CMMF_KeyRecRepContentGetPKIStatusInfoStatus(CMMFKeyRecRepContent *inKeyRecRep)
-{
-    PORT_Assert(inKeyRecRep != NULL);
-    if (inKeyRecRep == NULL) {
-        return cmmfNoPKIStatus;
-    }
-    return cmmf_PKIStatusInfoGetStatus(&inKeyRecRep->status);
-}
-
-CERTCertificate*
-CMMF_KeyRecRepContentGetNewSignCert(CMMFKeyRecRepContent *inKeyRecRep)
-{
-    PORT_Assert(inKeyRecRep != NULL);
-    if (inKeyRecRep             == NULL ||
-	inKeyRecRep->newSigCert == NULL) {
-        return NULL;
-    }
-    /* newSigCert may not be a real certificate, it may be a hand decoded
-     * cert structure. This code makes sure we hand off a real, fully formed
-     * CERTCertificate to the caller. TODO: This should move into the decode
-     * portion so that we never wind up with a half formed CERTCertificate
-     * here. In this case the call would be to CERT_DupCertificate.
-     */
-    return CERT_NewTempCertificate(CERT_GetDefaultCertDB(), 
-			          &inKeyRecRep->newSigCert->signatureWrap.data,
-				   NULL, PR_FALSE, PR_TRUE);
-}
-
-CERTCertList*
-CMMF_KeyRecRepContentGetCACerts(CMMFKeyRecRepContent *inKeyRecRep)
-{
-    PORT_Assert(inKeyRecRep != NULL);
-    if (inKeyRecRep == NULL || inKeyRecRep->caCerts == NULL) {
-        return NULL;
-    }
-    return cmmf_MakeCertList(inKeyRecRep->caCerts);
-}
-
-int 
-CMMF_KeyRecRepContentGetNumKeyPairs(CMMFKeyRecRepContent *inKeyRecRep)
-{
-    PORT_Assert(inKeyRecRep != NULL);
-    return (inKeyRecRep == NULL) ? 0 : inKeyRecRep->numKeyPairs;
-}
-
-PRBool
-cmmf_KeyRecRepContentIsValidIndex(CMMFKeyRecRepContent *inKeyRecRep,
-				  int                   inIndex)
-{
-    int numKeyPairs = CMMF_KeyRecRepContentGetNumKeyPairs(inKeyRecRep);
-    
-    return (PRBool)(inIndex >= 0 && inIndex < numKeyPairs);
-}
-
-CMMFCertifiedKeyPair*
-CMMF_KeyRecRepContentGetCertKeyAtIndex(CMMFKeyRecRepContent *inKeyRecRep,
-				       int                   inIndex)
-{
-    CMMFCertifiedKeyPair *newKeyPair;
-    SECStatus             rv;
-
-    PORT_Assert(inKeyRecRep != NULL &&
-		cmmf_KeyRecRepContentIsValidIndex(inKeyRecRep, inIndex));
-    if (inKeyRecRep == NULL ||
-	!cmmf_KeyRecRepContentIsValidIndex(inKeyRecRep, inIndex)) {
-        return NULL;
-    }
-    newKeyPair = PORT_ZNew(CMMFCertifiedKeyPair);
-    if (newKeyPair == NULL) {
-        return NULL;
-    }
-    rv = cmmf_CopyCertifiedKeyPair(NULL, newKeyPair, 
-				   inKeyRecRep->keyPairHist[inIndex]);
-    if (rv != SECSuccess) {
-        CMMF_DestroyCertifiedKeyPair(newKeyPair);
-	newKeyPair = NULL;
-    }
-    return newKeyPair;
-}
-
-SECStatus 
-CMMF_CertifiedKeyPairUnwrapPrivKey(CMMFCertifiedKeyPair *inKeyPair,
-				   SECKEYPrivateKey     *inPrivKey,
-				   SECItem              *inNickName,
-				   PK11SlotInfo         *inSlot,
-				   CERTCertDBHandle     *inCertdb,
-				   SECKEYPrivateKey    **destPrivKey,
-				   void                 *wincx)
-{
-    CERTCertificate *cert;
-    SECItem keyUsageValue = {siBuffer, NULL, 0};
-    unsigned char keyUsage = 0x0;
-    SECKEYPublicKey *pubKey;
-    SECStatus rv;
-
-    PORT_Assert(inKeyPair != NULL &&
-		inPrivKey != NULL && inCertdb != NULL);
-    if (inKeyPair             == NULL ||
-	inPrivKey             == NULL ||
-	inKeyPair->privateKey == NULL ||
-	inCertdb              == NULL) {
-        return SECFailure;
-    }
-    
-    cert = CMMF_CertifiedKeyPairGetCertificate(inKeyPair, inCertdb);
-    CERT_FindKeyUsageExtension(cert, &keyUsageValue);
-    if (keyUsageValue.data != NULL) {
-        keyUsage = keyUsageValue.data[3];
-	PORT_Free(keyUsageValue.data);
-    }
-    pubKey = CERT_ExtractPublicKey(cert);
-    rv = crmf_encrypted_value_unwrap_priv_key(NULL, inKeyPair->privateKey,
-					      inPrivKey, pubKey, 
-					      inNickName, inSlot, keyUsage, 
-					      destPrivKey, wincx);
-    SECKEY_DestroyPublicKey(pubKey);
-    CERT_DestroyCertificate(cert);
-    return rv;
-}
-
-
-PRBool 
-CMMF_KeyRecRepContentHasCACerts(CMMFKeyRecRepContent *inKeyRecRep)
-{
-    PORT_Assert(inKeyRecRep != NULL);
-    if (inKeyRecRep == NULL) {
-        return PR_FALSE;
-    }
-    return (PRBool)(inKeyRecRep->caCerts    != NULL && 
-		    inKeyRecRep->caCerts[0] != NULL);
-}