Add new function CERT_VerifySignedDataWithPublicKey containing common code

/*

 * cert.h - public data structures and prototypes for the certificate library

 *

 * $Id: cert.h,v 1.27 2002/10/23 20:50:51 nelsonb%netscape.com Exp $

 * $Id: cert.h,v 1.28 2002/10/25 03:21:19 nelsonb%netscape.com Exp $

 */

#ifndef _CERT_H_

                                    CERTSubjectPublicKeyInfo *pubKeyInfo,

                                    void *wincx);

/*

** verify the signature of a signed data object with a SECKEYPublicKey.

*/

extern SECStatus

CERT_VerifySignedDataWithPublicKey(CERTSignedData *sd,

                                   SECKEYPublicKey *pubKey, void *wincx);

/*

** NEW FUNCTIONS with new bit-field-FIELD SECCertificateUsage - please use

** verify a certificate by checking validity times against a certain time,

 * verify the signature of a signed data object with the given DER publickey

 */

SECStatus

CERT_VerifySignedDataWithPubKeyInfo(CERTSignedData *sd, 

                                    CERTSubjectPublicKeyInfo *pubKeyInfo,

CERT_VerifySignedDataWithPublicKey(CERTSignedData *sd, 

                                   SECKEYPublicKey *pubKey,

		                   void *wincx)

{

    SECKEYPublicKey *pubKey;

    SECStatus        rv;

    SECOidTag        algid;

    SECItem          sig;

    /* get cert's public key */

    pubKey = SECKEY_ExtractPublicKey(pubKeyInfo);

    if ( !pubKey )

    if ( !pubKey || !sd ) {

	PORT_SetError(PR_INVALID_ARGUMENT_ERROR);

	return SECFailure;

    }

    /* check the signature */

    sig = sd->signature;

    rv = VFY_VerifyData(sd->data.data, sd->data.len, pubKey, &sig,

			algid, wincx);

    SECKEY_DestroyPublicKey(pubKey);

    return rv ? SECFailure : SECSuccess;

}

/*

 * verify the signature of a signed data object with the given DER publickey

 */

SECStatus

CERT_VerifySignedDataWithPubKeyInfo(CERTSignedData *sd, 

                                    CERTSubjectPublicKeyInfo *pubKeyInfo,

		                    void *wincx)

{

    SECKEYPublicKey *pubKey;

    SECStatus        rv		= SECFailure;

    /* get cert's public key */

    pubKey = SECKEY_ExtractPublicKey(pubKeyInfo);

    if (pubKey) {

	rv =  CERT_VerifySignedDataWithPublicKey(sd, pubKey, wincx);

	SECKEY_DestroyPublicKey(pubKey);

    }

    return rv;

}

/*

 * verify the signature of a signed data object with the given certificate

 */

CERT_VerifySignedData(CERTSignedData *sd, CERTCertificate *cert,

		      int64 t, void *wincx)

{

    SECItem sig;

    SECKEYPublicKey *pubKey = 0;

    SECStatus rv;

    SECStatus        rv     = SECFailure;

    SECCertTimeValidity validity;

    SECOidTag algid;

    /* check the certificate's validity */

    validity = CERT_CheckCertValidTimes(cert, t, PR_FALSE);

    if ( validity != secCertTimeValid ) {

	return(SECFailure);

	return rv;

    }

    /* get cert's public key */

    pubKey = CERT_ExtractPublicKey(cert);

    if ( !pubKey ) {

	return(SECFailure);

    }

    /* check the signature */

    sig = sd->signature;

    DER_ConvertBitString(&sig);

    algid = SECOID_GetAlgorithmTag(&sd->signatureAlgorithm);

    rv = VFY_VerifyData(sd->data.data, sd->data.len, pubKey, &sig,

			algid, wincx);

    if (pubKey) {

	rv =  CERT_VerifySignedDataWithPublicKey(sd, pubKey, wincx);

	SECKEY_DestroyPublicKey(pubKey);

    if ( rv ) {

	return(SECFailure);

    }

    return(SECSuccess);

    return rv;

}

CERT_GetFirstEmailAddress;

CERT_GetNextEmailAddress;

CERT_VerifySignedDataWithPubKeyInfo;

CERT_VerifySignedDataWithPublicKey;

;+    local:

;+       *;

;+};