static CK_RV prvCertAttParse()

in source/portable/mbedtls/core_pkcs11_mbedtls.c [497:578]

• 62 lines of code
• 12 McCabe index (conditional complexity)

static CK_RV prvCertAttParse( CK_ATTRIBUTE * pxAttribute,
                              CK_CERTIFICATE_TYPE * pxCertificateType,
                              CK_BYTE_PTR * ppxCertificateValue,
                              CK_ULONG * pxCertificateLength,
                              CK_ATTRIBUTE ** ppxLabel )
{
    CK_RV xResult = CKR_OK;
    /* See explanation in prvCheckValidSessionAndModule for this exception. */
    /* coverity[misra_c_2012_rule_10_5_violation] */
    CK_BBOOL xBool = ( CK_BBOOL ) CK_FALSE;

    switch( pxAttribute->type )
    {
        case ( CKA_VALUE ):
            *ppxCertificateValue = pxAttribute->pValue;
            *pxCertificateLength = pxAttribute->ulValueLen;
            break;

        case ( CKA_LABEL ):

            if( pxAttribute->ulValueLen <= pkcs11configMAX_LABEL_LENGTH )
            {
                *ppxLabel = pxAttribute;
            }
            else
            {
                LogError( ( "Failed parsing certificate template. Label length "
                            "was not in the valid range. Found %lu and expected %lu. "
                            "Consider updating pkcs11configMAX_LABEL_LENGTH.",
                            ( unsigned long int ) pxAttribute->ulValueLen,
                            ( unsigned long int ) pkcs11configMAX_LABEL_LENGTH ) );
                xResult = CKR_DATA_LEN_RANGE;
            }

            break;

        case ( CKA_CERTIFICATE_TYPE ):

            if( pxAttribute->ulValueLen == sizeof( CK_CERTIFICATE_TYPE ) )
            {
                ( void ) memcpy( pxCertificateType, pxAttribute->pValue, sizeof( CK_CERTIFICATE_TYPE ) );
            }

            if( *pxCertificateType != CKC_X_509 )
            {
                LogError( ( "Failed parsing certificate template. Certificate type was invalid. "
                            "Expected CKC_X_509, but found 0x%0lX.", ( unsigned long int ) *pxCertificateType ) );
                xResult = CKR_ATTRIBUTE_VALUE_INVALID;
            }

            break;

        case ( CKA_TOKEN ):

            if( pxAttribute->ulValueLen == sizeof( CK_BBOOL ) )
            {
                ( void ) memcpy( &xBool, pxAttribute->pValue, sizeof( CK_BBOOL ) );
            }

            /* See explanation in prvCheckValidSessionAndModule for this exception. */
            /* coverity[misra_c_2012_rule_10_5_violation] */
            if( xBool != ( CK_BBOOL ) CK_TRUE )
            {
                xResult = CKR_ATTRIBUTE_VALUE_INVALID;
            }

            break;

        case ( CKA_CLASS ):
        case ( CKA_SUBJECT ):
            /* Do nothing.  This was already parsed out of the template previously. */
            break;

        default:
            LogError( ( "Failed parsing certificate template. Received an unknown "
                        "template type with value 0x%0lX.", ( unsigned long int ) pxAttribute->type ) );
            xResult = CKR_ATTRIBUTE_TYPE_INVALID;
            break;
    }

    return xResult;
}