/security/nss/lib/crmf/crmfreq.c

http://github.com/zpao/v8monkey · C · 702 lines · 580 code · 64 blank · 58 comment · 139 complexity · cba3eb9002ece57a5b635e2cb9823e00 MD5 · raw file

  1. /* -*- Mode: C; tab-width: 8 -*-*/
  2. /* ***** BEGIN LICENSE BLOCK *****
  3. * Version: MPL 1.1/GPL 2.0/LGPL 2.1
  4. *
  5. * The contents of this file are subject to the Mozilla Public License Version
  6. * 1.1 (the "License"); you may not use this file except in compliance with
  7. * the License. You may obtain a copy of the License at
  8. * http://www.mozilla.org/MPL/
  9. *
  10. * Software distributed under the License is distributed on an "AS IS" basis,
  11. * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
  12. * for the specific language governing rights and limitations under the
  13. * License.
  14. *
  15. * The Original Code is the Netscape security libraries.
  16. *
  17. * The Initial Developer of the Original Code is
  18. * Netscape Communications Corporation.
  19. * Portions created by the Initial Developer are Copyright (C) 1994-2000
  20. * the Initial Developer. All Rights Reserved.
  21. *
  22. * Contributor(s):
  23. *
  24. * Alternatively, the contents of this file may be used under the terms of
  25. * either the GNU General Public License Version 2 or later (the "GPL"), or
  26. * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
  27. * in which case the provisions of the GPL or the LGPL are applicable instead
  28. * of those above. If you wish to allow use of your version of this file only
  29. * under the terms of either the GPL or the LGPL, and not to allow others to
  30. * use your version of this file under the terms of the MPL, indicate your
  31. * decision by deleting the provisions above and replace them with the notice
  32. * and other provisions required by the GPL or the LGPL. If you do not delete
  33. * the provisions above, a recipient may use your version of this file under
  34. * the terms of any one of the MPL, the GPL or the LGPL.
  35. *
  36. * ***** END LICENSE BLOCK ***** */
  37. #include "crmf.h"
  38. #include "crmfi.h"
  39. #include "keyhi.h"
  40. #include "secder.h"
  41. /*
  42. * Macro that returns PR_TRUE if the pointer is not NULL.
  43. * If the pointer is NULL, then the macro will return PR_FALSE.
  44. */
  45. #define IS_NOT_NULL(ptr) ((ptr) == NULL) ? PR_FALSE : PR_TRUE
  46. const unsigned char hexTrue = 0xff;
  47. const unsigned char hexFalse = 0x00;
  48. SECStatus
  49. crmf_encode_integer(PRArenaPool *poolp, SECItem *dest, long value)
  50. {
  51. SECItem *dummy;
  52. dummy = SEC_ASN1EncodeInteger(poolp, dest, value);
  53. PORT_Assert (dummy == dest);
  54. if (dummy == NULL) {
  55. return SECFailure;
  56. }
  57. return SECSuccess;
  58. }
  59. SECStatus
  60. crmf_encode_unsigned_integer(PRArenaPool *poolp, SECItem *dest,
  61. unsigned long value)
  62. {
  63. SECItem *dummy;
  64. dummy = SEC_ASN1EncodeUnsignedInteger(poolp, dest, value);
  65. PORT_Assert (dummy == dest);
  66. if (dummy != dest) {
  67. return SECFailure;
  68. }
  69. return SECSuccess;
  70. }
  71. static SECStatus
  72. crmf_copy_secitem (PRArenaPool *poolp, SECItem *dest, SECItem *src)
  73. {
  74. return SECITEM_CopyItem (poolp, dest, src);
  75. }
  76. PRBool
  77. CRMF_DoesRequestHaveField (CRMFCertRequest *inCertReq,
  78. CRMFCertTemplateField inField)
  79. {
  80. PORT_Assert(inCertReq != NULL);
  81. if (inCertReq == NULL) {
  82. return PR_FALSE;
  83. }
  84. switch (inField) {
  85. case crmfVersion:
  86. return inCertReq->certTemplate.version.data != NULL;
  87. case crmfSerialNumber:
  88. return inCertReq->certTemplate.serialNumber.data != NULL;
  89. case crmfSigningAlg:
  90. return inCertReq->certTemplate.signingAlg != NULL;
  91. case crmfIssuer:
  92. return inCertReq->certTemplate.issuer != NULL;
  93. case crmfValidity:
  94. return inCertReq->certTemplate.validity != NULL;
  95. case crmfSubject:
  96. return inCertReq->certTemplate.subject != NULL;
  97. case crmfPublicKey:
  98. return inCertReq->certTemplate.publicKey != NULL;
  99. case crmfIssuerUID:
  100. return inCertReq->certTemplate.issuerUID.data != NULL;
  101. case crmfSubjectUID:
  102. return inCertReq->certTemplate.subjectUID.data != NULL;
  103. case crmfExtension:
  104. return CRMF_CertRequestGetNumberOfExtensions(inCertReq) != 0;
  105. }
  106. return PR_FALSE;
  107. }
  108. CRMFCertRequest *
  109. CRMF_CreateCertRequest (PRUint32 inRequestID)
  110. {
  111. PRArenaPool *poolp;
  112. CRMFCertRequest *certReq;
  113. SECStatus rv;
  114. poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
  115. if (poolp == NULL) {
  116. goto loser;
  117. }
  118. certReq=PORT_ArenaZNew(poolp,CRMFCertRequest);
  119. if (certReq == NULL) {
  120. goto loser;
  121. }
  122. certReq->poolp = poolp;
  123. certReq->requestID = inRequestID;
  124. rv = crmf_encode_unsigned_integer(poolp, &(certReq->certReqId),
  125. inRequestID);
  126. if (rv != SECSuccess) {
  127. goto loser;
  128. }
  129. return certReq;
  130. loser:
  131. if (poolp) {
  132. PORT_FreeArena(poolp, PR_FALSE);
  133. }
  134. return NULL;
  135. }
  136. SECStatus
  137. CRMF_DestroyCertRequest(CRMFCertRequest *inCertReq)
  138. {
  139. PORT_Assert(inCertReq != NULL);
  140. if (inCertReq != NULL) {
  141. if (inCertReq->certTemplate.extensions) {
  142. PORT_Free(inCertReq->certTemplate.extensions);
  143. }
  144. if (inCertReq->controls) {
  145. /* Right now we don't support EnveloppedData option,
  146. * so we won't go through and delete each occurrence of
  147. * an EnveloppedData in the control.
  148. */
  149. PORT_Free(inCertReq->controls);
  150. }
  151. if (inCertReq->poolp) {
  152. PORT_FreeArena(inCertReq->poolp, PR_TRUE);
  153. }
  154. }
  155. return SECSuccess;
  156. }
  157. static SECStatus
  158. crmf_template_add_version(PRArenaPool *poolp, SECItem *dest, long version)
  159. {
  160. return (crmf_encode_integer(poolp, dest, version));
  161. }
  162. static SECStatus
  163. crmf_template_add_serialnumber(PRArenaPool *poolp, SECItem *dest, long serial)
  164. {
  165. return (crmf_encode_integer(poolp, dest, serial));
  166. }
  167. SECStatus
  168. crmf_template_copy_secalg (PRArenaPool *poolp, SECAlgorithmID **dest,
  169. SECAlgorithmID* src)
  170. {
  171. SECStatus rv;
  172. void *mark = NULL;
  173. SECAlgorithmID *mySecAlg;
  174. if (!poolp) {
  175. PORT_SetError(SEC_ERROR_INVALID_ARGS);
  176. return SECFailure;
  177. }
  178. mark = PORT_ArenaMark(poolp);
  179. *dest = mySecAlg = PORT_ArenaZNew(poolp, SECAlgorithmID);
  180. if (mySecAlg == NULL) {
  181. goto loser;
  182. }
  183. rv = SECOID_CopyAlgorithmID(poolp, mySecAlg, src);
  184. if (rv != SECSuccess) {
  185. goto loser;
  186. }
  187. if (mark) {
  188. PORT_ArenaUnmark(poolp, mark);
  189. }
  190. return SECSuccess;
  191. loser:
  192. *dest = NULL;
  193. if (mark) {
  194. PORT_ArenaRelease(poolp, mark);
  195. }
  196. return SECFailure;
  197. }
  198. SECStatus
  199. crmf_copy_cert_name(PRArenaPool *poolp, CERTName **dest,
  200. CERTName *src)
  201. {
  202. CERTName *newName;
  203. SECStatus rv;
  204. void *mark;
  205. mark = PORT_ArenaMark(poolp);
  206. *dest = newName = PORT_ArenaZNew(poolp, CERTName);
  207. if (newName == NULL) {
  208. goto loser;
  209. }
  210. rv = CERT_CopyName(poolp, newName, src);
  211. if (rv != SECSuccess) {
  212. goto loser;
  213. }
  214. PORT_ArenaUnmark(poolp, mark);
  215. return SECSuccess;
  216. loser:
  217. PORT_ArenaRelease(poolp, mark);
  218. *dest = NULL;
  219. return SECFailure;
  220. }
  221. static SECStatus
  222. crmf_template_add_issuer (PRArenaPool *poolp, CERTName **dest,
  223. CERTName* issuerName)
  224. {
  225. return crmf_copy_cert_name(poolp, dest, issuerName);
  226. }
  227. static SECStatus
  228. crmf_template_add_validity (PRArenaPool *poolp, CRMFOptionalValidity **dest,
  229. CRMFValidityCreationInfo *info)
  230. {
  231. SECStatus rv;
  232. void *mark;
  233. CRMFOptionalValidity *myValidity;
  234. /*First off, let's make sure at least one of the two fields is present*/
  235. if (!info || (!info->notBefore && !info->notAfter)) {
  236. return SECFailure;
  237. }
  238. mark = PORT_ArenaMark (poolp);
  239. *dest = myValidity = PORT_ArenaZNew(poolp, CRMFOptionalValidity);
  240. if (myValidity == NULL) {
  241. goto loser;
  242. }
  243. if (info->notBefore) {
  244. rv = DER_EncodeTimeChoice (poolp, &myValidity->notBefore,
  245. *info->notBefore);
  246. if (rv != SECSuccess) {
  247. goto loser;
  248. }
  249. }
  250. if (info->notAfter) {
  251. rv = DER_EncodeTimeChoice (poolp, &myValidity->notAfter,
  252. *info->notAfter);
  253. if (rv != SECSuccess) {
  254. goto loser;
  255. }
  256. }
  257. PORT_ArenaUnmark(poolp, mark);
  258. return SECSuccess;
  259. loser:
  260. PORT_ArenaRelease(poolp, mark);
  261. *dest = NULL;
  262. return SECFailure;
  263. }
  264. static SECStatus
  265. crmf_template_add_subject (PRArenaPool *poolp, CERTName **dest,
  266. CERTName *subject)
  267. {
  268. return crmf_copy_cert_name(poolp, dest, subject);
  269. }
  270. SECStatus
  271. crmf_template_add_public_key(PRArenaPool *poolp,
  272. CERTSubjectPublicKeyInfo **dest,
  273. CERTSubjectPublicKeyInfo *pubKey)
  274. {
  275. CERTSubjectPublicKeyInfo *spki;
  276. SECStatus rv;
  277. *dest = spki = (poolp == NULL) ?
  278. PORT_ZNew(CERTSubjectPublicKeyInfo) :
  279. PORT_ArenaZNew (poolp, CERTSubjectPublicKeyInfo);
  280. if (spki == NULL) {
  281. goto loser;
  282. }
  283. rv = SECKEY_CopySubjectPublicKeyInfo (poolp, spki, pubKey);
  284. if (rv != SECSuccess) {
  285. goto loser;
  286. }
  287. return SECSuccess;
  288. loser:
  289. if (poolp == NULL && spki != NULL) {
  290. SECKEY_DestroySubjectPublicKeyInfo(spki);
  291. }
  292. *dest = NULL;
  293. return SECFailure;
  294. }
  295. static SECStatus
  296. crmf_copy_bitstring (PRArenaPool *poolp, SECItem *dest, const SECItem *src)
  297. {
  298. SECStatus rv;
  299. SECItem byteSrc;
  300. byteSrc = *src;
  301. byteSrc.len = CRMF_BITS_TO_BYTES(byteSrc.len);
  302. rv = crmf_copy_secitem(poolp, dest, &byteSrc);
  303. dest->len = src->len;
  304. return rv;
  305. }
  306. static SECStatus
  307. crmf_template_add_issuer_uid(PRArenaPool *poolp, SECItem *dest,
  308. const SECItem *issuerUID)
  309. {
  310. return crmf_copy_bitstring (poolp, dest, issuerUID);
  311. }
  312. static SECStatus
  313. crmf_template_add_subject_uid(PRArenaPool *poolp, SECItem *dest,
  314. const SECItem *subjectUID)
  315. {
  316. return crmf_copy_bitstring (poolp, dest, subjectUID);
  317. }
  318. static void
  319. crmf_zeroize_new_extensions (CRMFCertExtension **extensions,
  320. int numToZeroize)
  321. {
  322. PORT_Memset((void*)extensions, 0, sizeof(CERTCertExtension*)*numToZeroize);
  323. }
  324. /*
  325. * The strategy for adding templates will differ from all the other
  326. * attributes in the template. First, we want to allow the client
  327. * of this API to set extensions more than just once. So we will
  328. * need the ability grow the array of extensions. Since arenas don't
  329. * give us the realloc function, we'll use the generic PORT_* functions
  330. * to allocate the array of pointers *ONLY*. Then we will allocate each
  331. * individual extension from the arena that comes along with the certReq
  332. * structure that owns this template.
  333. */
  334. static SECStatus
  335. crmf_template_add_extensions(PRArenaPool *poolp, CRMFCertTemplate *inTemplate,
  336. CRMFCertExtCreationInfo *extensions)
  337. {
  338. void *mark;
  339. int newSize, oldSize, i;
  340. SECStatus rv;
  341. CRMFCertExtension **extArray;
  342. CRMFCertExtension *newExt, *currExt;
  343. mark = PORT_ArenaMark(poolp);
  344. if (inTemplate->extensions == NULL) {
  345. newSize = extensions->numExtensions;
  346. extArray = PORT_ZNewArray(CRMFCertExtension*,newSize+1);
  347. } else {
  348. newSize = inTemplate->numExtensions + extensions->numExtensions;
  349. extArray = PORT_Realloc(inTemplate->extensions,
  350. sizeof(CRMFCertExtension*)*(newSize+1));
  351. }
  352. if (extArray == NULL) {
  353. goto loser;
  354. }
  355. oldSize = inTemplate->numExtensions;
  356. inTemplate->extensions = extArray;
  357. inTemplate->numExtensions = newSize;
  358. for (i=oldSize; i < newSize; i++) {
  359. newExt = PORT_ArenaZNew(poolp, CRMFCertExtension);
  360. if (newExt == NULL) {
  361. goto loser2;
  362. }
  363. currExt = extensions->extensions[i-oldSize];
  364. rv = crmf_copy_secitem(poolp, &(newExt->id), &(currExt->id));
  365. if (rv != SECSuccess) {
  366. goto loser2;
  367. }
  368. rv = crmf_copy_secitem(poolp, &(newExt->critical),
  369. &(currExt->critical));
  370. if (rv != SECSuccess) {
  371. goto loser2;
  372. }
  373. rv = crmf_copy_secitem(poolp, &(newExt->value), &(currExt->value));
  374. if (rv != SECSuccess) {
  375. goto loser2;
  376. }
  377. extArray[i] = newExt;
  378. }
  379. extArray[newSize] = NULL;
  380. PORT_ArenaUnmark(poolp, mark);
  381. return SECSuccess;
  382. loser2:
  383. crmf_zeroize_new_extensions (&(inTemplate->extensions[oldSize]),
  384. extensions->numExtensions);
  385. inTemplate->numExtensions = oldSize;
  386. loser:
  387. PORT_ArenaRelease(poolp, mark);
  388. return SECFailure;
  389. }
  390. SECStatus
  391. CRMF_CertRequestSetTemplateField(CRMFCertRequest *inCertReq,
  392. CRMFCertTemplateField inTemplateField,
  393. void *data)
  394. {
  395. CRMFCertTemplate *certTemplate;
  396. PRArenaPool *poolp;
  397. SECStatus rv = SECFailure;
  398. void *mark;
  399. if (inCertReq == NULL) {
  400. return SECFailure;
  401. }
  402. certTemplate = &(inCertReq->certTemplate);
  403. poolp = inCertReq->poolp;
  404. mark = PORT_ArenaMark(poolp);
  405. switch (inTemplateField) {
  406. case crmfVersion:
  407. rv = crmf_template_add_version(poolp,&(certTemplate->version),
  408. *(long*)data);
  409. break;
  410. case crmfSerialNumber:
  411. rv = crmf_template_add_serialnumber(poolp,
  412. &(certTemplate->serialNumber),
  413. *(long*)data);
  414. break;
  415. case crmfSigningAlg:
  416. rv = crmf_template_copy_secalg (poolp, &(certTemplate->signingAlg),
  417. (SECAlgorithmID*)data);
  418. break;
  419. case crmfIssuer:
  420. rv = crmf_template_add_issuer (poolp, &(certTemplate->issuer),
  421. (CERTName*)data);
  422. break;
  423. case crmfValidity:
  424. rv = crmf_template_add_validity (poolp, &(certTemplate->validity),
  425. (CRMFValidityCreationInfo*)data);
  426. break;
  427. case crmfSubject:
  428. rv = crmf_template_add_subject (poolp, &(certTemplate->subject),
  429. (CERTName*)data);
  430. break;
  431. case crmfPublicKey:
  432. rv = crmf_template_add_public_key(poolp, &(certTemplate->publicKey),
  433. (CERTSubjectPublicKeyInfo*)data);
  434. break;
  435. case crmfIssuerUID:
  436. rv = crmf_template_add_issuer_uid(poolp, &(certTemplate->issuerUID),
  437. (SECItem*)data);
  438. break;
  439. case crmfSubjectUID:
  440. rv = crmf_template_add_subject_uid(poolp, &(certTemplate->subjectUID),
  441. (SECItem*)data);
  442. break;
  443. case crmfExtension:
  444. rv = crmf_template_add_extensions(poolp, certTemplate,
  445. (CRMFCertExtCreationInfo*)data);
  446. break;
  447. }
  448. if (rv != SECSuccess) {
  449. PORT_ArenaRelease(poolp, mark);
  450. } else {
  451. PORT_ArenaUnmark(poolp, mark);
  452. }
  453. return rv;
  454. }
  455. SECStatus
  456. CRMF_CertReqMsgSetCertRequest (CRMFCertReqMsg *inCertReqMsg,
  457. CRMFCertRequest *inCertReq)
  458. {
  459. PORT_Assert (inCertReqMsg != NULL && inCertReq != NULL);
  460. if (inCertReqMsg == NULL || inCertReq == NULL) {
  461. return SECFailure;
  462. }
  463. inCertReqMsg->certReq = crmf_copy_cert_request(inCertReqMsg->poolp,
  464. inCertReq);
  465. return (inCertReqMsg->certReq == NULL) ? SECFailure : SECSuccess;
  466. }
  467. CRMFCertReqMsg*
  468. CRMF_CreateCertReqMsg(void)
  469. {
  470. PRArenaPool *poolp;
  471. CRMFCertReqMsg *reqMsg;
  472. poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
  473. if (poolp == NULL) {
  474. goto loser;
  475. }
  476. reqMsg = PORT_ArenaZNew(poolp, CRMFCertReqMsg);
  477. if (reqMsg == NULL) {
  478. goto loser;
  479. }
  480. reqMsg->poolp = poolp;
  481. return reqMsg;
  482. loser:
  483. if (poolp) {
  484. PORT_FreeArena(poolp, PR_FALSE);
  485. }
  486. return NULL;
  487. }
  488. SECStatus
  489. CRMF_DestroyCertReqMsg(CRMFCertReqMsg *inCertReqMsg)
  490. {
  491. PORT_Assert(inCertReqMsg != NULL && inCertReqMsg->poolp != NULL);
  492. if (!inCertReqMsg->isDecoded) {
  493. if (inCertReqMsg->certReq->certTemplate.extensions != NULL) {
  494. PORT_Free(inCertReqMsg->certReq->certTemplate.extensions);
  495. }
  496. if (inCertReqMsg->certReq->controls != NULL) {
  497. PORT_Free(inCertReqMsg->certReq->controls);
  498. }
  499. }
  500. PORT_FreeArena(inCertReqMsg->poolp, PR_TRUE);
  501. return SECSuccess;
  502. }
  503. CRMFCertExtension*
  504. crmf_create_cert_extension(PRArenaPool *poolp,
  505. SECOidTag id,
  506. PRBool isCritical,
  507. SECItem *data)
  508. {
  509. CRMFCertExtension *newExt;
  510. SECOidData *oidData;
  511. SECStatus rv;
  512. newExt = (poolp == NULL) ? PORT_ZNew(CRMFCertExtension) :
  513. PORT_ArenaZNew(poolp, CRMFCertExtension);
  514. if (newExt == NULL) {
  515. goto loser;
  516. }
  517. oidData = SECOID_FindOIDByTag(id);
  518. if (oidData == NULL ||
  519. oidData->supportedExtension != SUPPORTED_CERT_EXTENSION) {
  520. goto loser;
  521. }
  522. rv = SECITEM_CopyItem(poolp, &(newExt->id), &(oidData->oid));
  523. if (rv != SECSuccess) {
  524. goto loser;
  525. }
  526. rv = SECITEM_CopyItem(poolp, &(newExt->value), data);
  527. if (rv != SECSuccess) {
  528. goto loser;
  529. }
  530. if (isCritical) {
  531. newExt->critical.data = (poolp == NULL) ?
  532. PORT_New(unsigned char) :
  533. PORT_ArenaNew(poolp, unsigned char);
  534. if (newExt->critical.data == NULL) {
  535. goto loser;
  536. }
  537. newExt->critical.data[0] = hexTrue;
  538. newExt->critical.len = 1;
  539. }
  540. return newExt;
  541. loser:
  542. if (newExt != NULL && poolp == NULL) {
  543. CRMF_DestroyCertExtension(newExt);
  544. }
  545. return NULL;
  546. }
  547. CRMFCertExtension *
  548. CRMF_CreateCertExtension(SECOidTag id,
  549. PRBool isCritical,
  550. SECItem *data)
  551. {
  552. return crmf_create_cert_extension(NULL, id, isCritical, data);
  553. }
  554. static SECStatus
  555. crmf_destroy_cert_extension(CRMFCertExtension *inExtension, PRBool freeit)
  556. {
  557. if (inExtension != NULL) {
  558. SECITEM_FreeItem (&(inExtension->id), PR_FALSE);
  559. SECITEM_FreeItem (&(inExtension->value), PR_FALSE);
  560. SECITEM_FreeItem (&(inExtension->critical), PR_FALSE);
  561. if (freeit) {
  562. PORT_Free(inExtension);
  563. }
  564. }
  565. return SECSuccess;
  566. }
  567. SECStatus
  568. CRMF_DestroyCertExtension(CRMFCertExtension *inExtension)
  569. {
  570. return crmf_destroy_cert_extension(inExtension, PR_TRUE);
  571. }
  572. SECStatus
  573. CRMF_DestroyCertReqMessages(CRMFCertReqMessages *inCertReqMsgs)
  574. {
  575. PORT_Assert (inCertReqMsgs != NULL);
  576. if (inCertReqMsgs != NULL) {
  577. PORT_FreeArena(inCertReqMsgs->poolp, PR_TRUE);
  578. }
  579. return SECSuccess;
  580. }
  581. static PRBool
  582. crmf_item_has_data(SECItem *item)
  583. {
  584. if (item != NULL && item->data != NULL) {
  585. return PR_TRUE;
  586. }
  587. return PR_FALSE;
  588. }
  589. PRBool
  590. CRMF_CertRequestIsFieldPresent(CRMFCertRequest *inCertReq,
  591. CRMFCertTemplateField inTemplateField)
  592. {
  593. PRBool retVal;
  594. CRMFCertTemplate *certTemplate;
  595. PORT_Assert(inCertReq != NULL);
  596. if (inCertReq == NULL) {
  597. /* This is probably some kind of error, but this is
  598. * the safest return value for this function.
  599. */
  600. return PR_FALSE;
  601. }
  602. certTemplate = &inCertReq->certTemplate;
  603. switch (inTemplateField) {
  604. case crmfVersion:
  605. retVal = crmf_item_has_data(&certTemplate->version);
  606. break;
  607. case crmfSerialNumber:
  608. retVal = crmf_item_has_data(&certTemplate->serialNumber);
  609. break;
  610. case crmfSigningAlg:
  611. retVal = IS_NOT_NULL(certTemplate->signingAlg);
  612. break;
  613. case crmfIssuer:
  614. retVal = IS_NOT_NULL(certTemplate->issuer);
  615. break;
  616. case crmfValidity:
  617. retVal = IS_NOT_NULL(certTemplate->validity);
  618. break;
  619. case crmfSubject:
  620. retVal = IS_NOT_NULL(certTemplate->subject);
  621. break;
  622. case crmfPublicKey:
  623. retVal = IS_NOT_NULL(certTemplate->publicKey);
  624. break;
  625. case crmfIssuerUID:
  626. retVal = crmf_item_has_data(&certTemplate->issuerUID);
  627. break;
  628. case crmfSubjectUID:
  629. retVal = crmf_item_has_data(&certTemplate->subjectUID);
  630. break;
  631. case crmfExtension:
  632. retVal = IS_NOT_NULL(certTemplate->extensions);
  633. break;
  634. default:
  635. retVal = PR_FALSE;
  636. }
  637. return retVal;
  638. }