| OLD | NEW |
|---|
| 1 /* This Source Code Form is subject to the terms of the Mozilla Public | 1 /* This Source Code Form is subject to the terms of the Mozilla Public |
| 2 * License, v. 2.0. If a copy of the MPL was not distributed with this | 2 * License, v. 2.0. If a copy of the MPL was not distributed with this |
| 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
| 4 /* | 4 /* |
| 5 * pkix_defaultcrlchecker.c | 5 * pkix_defaultcrlchecker.c |
| 6 * | 6 * |
| 7 * Functions for default CRL Checkers | 7 * Functions for default CRL Checkers |
| 8 * | 8 * |
| 9 */ | 9 */ |
| 10 #include "pkix.h" | 10 #include "pkix.h" |
| (...skipping 183 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 194 PKIX_ProcessingParams *procParams, | 194 PKIX_ProcessingParams *procParams, |
| 195 PKIX_UInt32 methodFlags, | 195 PKIX_UInt32 methodFlags, |
| 196 PKIX_Boolean chainVerificationState, | 196 PKIX_Boolean chainVerificationState, |
| 197 PKIX_RevocationStatus *pRevStatus, | 197 PKIX_RevocationStatus *pRevStatus, |
| 198 PKIX_UInt32 *pReasonCode, | 198 PKIX_UInt32 *pReasonCode, |
| 199 void *plContext) | 199 void *plContext) |
| 200 { | 200 { |
| 201 PKIX_CertStore_CheckRevokationByCrlCallback storeCheckRevocationFn; | 201 PKIX_CertStore_CheckRevokationByCrlCallback storeCheckRevocationFn; |
| 202 PKIX_CertStore *certStore = NULL; | 202 PKIX_CertStore *certStore = NULL; |
| 203 pkix_CrlChecker *state = NULL; | 203 pkix_CrlChecker *state = NULL; |
| 204 PKIX_UInt32 reasonCode = 0; | |
| 205 PKIX_UInt32 crlStoreIndex = 0; | 204 PKIX_UInt32 crlStoreIndex = 0; |
| 206 PKIX_UInt32 numCrlStores = 0; | 205 PKIX_UInt32 numCrlStores = 0; |
| 207 PKIX_Boolean storeIsLocal = PKIX_FALSE; | 206 PKIX_Boolean storeIsLocal = PKIX_FALSE; |
| 208 PKIX_RevocationStatus revStatus = PKIX_RevStatus_NoInfo; | 207 PKIX_RevocationStatus revStatus = PKIX_RevStatus_NoInfo; |
| 209 | 208 |
| 210 PKIX_ENTER(CERTCHAINCHECKER, "pkix_CrlChecker_CheckLocal"); | 209 PKIX_ENTER(CERTCHAINCHECKER, "pkix_CrlChecker_CheckLocal"); |
| 211 PKIX_NULLCHECK_FOUR(cert, issuer, checkerObject, checkerObject); | 210 PKIX_NULLCHECK_FOUR(cert, issuer, checkerObject, checkerObject); |
| 212 | 211 |
| 213 state = (pkix_CrlChecker*)checkerObject; | 212 state = (pkix_CrlChecker*)checkerObject; |
| 214 | 213 |
| (...skipping 20 matching lines...) Expand all Loading... |
| 235 PKIX_CERTSTOREGETCHECKREVBYCRLFAILED); | 234 PKIX_CERTSTOREGETCHECKREVBYCRLFAILED); |
| 236 | 235 |
| 237 if (storeCheckRevocationFn) { | 236 if (storeCheckRevocationFn) { |
| 238 PKIX_CHECK( | 237 PKIX_CHECK( |
| 239 (*storeCheckRevocationFn)(certStore, cert, issuer, | 238 (*storeCheckRevocationFn)(certStore, cert, issuer, |
| 240 /* delay sig check if building | 239 /* delay sig check if building |
| 241 * a chain by not specifying the time*/ | 240 * a chain by not specifying the time*/ |
| 242 chainVerificationState ? date : NULL, | 241 chainVerificationState ? date : NULL, |
| 243 /* crl downloading is not done. */ | 242 /* crl downloading is not done. */ |
| 244 PKIX_FALSE, | 243 PKIX_FALSE, |
| 245 &reasonCode, &revStatus, plContext), | 244 pReasonCode, &revStatus, plContext), |
| 246 PKIX_CERTSTORECRLCHECKFAILED); | 245 PKIX_CERTSTORECRLCHECKFAILED); |
| 247 if (revStatus == PKIX_RevStatus_Revoked) { | 246 if (revStatus == PKIX_RevStatus_Revoked) { |
| 248 break; | 247 break; |
| 249 } | 248 } |
| 250 } | 249 } |
| 251 } | 250 } |
| 252 PKIX_DECREF(certStore); | 251 PKIX_DECREF(certStore); |
| 253 } /* while */ | 252 } /* while */ |
| 254 | 253 |
| 255 cleanup: | 254 cleanup: |
| (...skipping 44 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 300 void *plContext) | 299 void *plContext) |
| 301 { | 300 { |
| 302 PKIX_CertStore_CheckRevokationByCrlCallback storeCheckRevocationFn = NULL; | 301 PKIX_CertStore_CheckRevokationByCrlCallback storeCheckRevocationFn = NULL; |
| 303 PKIX_CertStore_ImportCrlCallback storeImportCrlFn = NULL; | 302 PKIX_CertStore_ImportCrlCallback storeImportCrlFn = NULL; |
| 304 PKIX_RevocationStatus revStatus = PKIX_RevStatus_NoInfo; | 303 PKIX_RevocationStatus revStatus = PKIX_RevStatus_NoInfo; |
| 305 PKIX_CertStore *certStore = NULL; | 304 PKIX_CertStore *certStore = NULL; |
| 306 PKIX_CertStore *localStore = NULL; | 305 PKIX_CertStore *localStore = NULL; |
| 307 PKIX_CRLSelector *crlSelector = NULL; | 306 PKIX_CRLSelector *crlSelector = NULL; |
| 308 PKIX_PL_X500Name *issuerName = NULL; | 307 PKIX_PL_X500Name *issuerName = NULL; |
| 309 pkix_CrlChecker *state = NULL; | 308 pkix_CrlChecker *state = NULL; |
| 310 PKIX_UInt32 reasonCode = 0; | |
| 311 PKIX_UInt32 crlStoreIndex = 0; | 309 PKIX_UInt32 crlStoreIndex = 0; |
| 312 PKIX_UInt32 numCrlStores = 0; | 310 PKIX_UInt32 numCrlStores = 0; |
| 313 PKIX_Boolean storeIsLocal = PKIX_FALSE; | 311 PKIX_Boolean storeIsLocal = PKIX_FALSE; |
| 314 PKIX_List *crlList = NULL; | 312 PKIX_List *crlList = NULL; |
| 315 PKIX_List *dpList = NULL; | 313 PKIX_List *dpList = NULL; |
| 316 void *nbioContext = NULL; | 314 void *nbioContext = NULL; |
| 317 | 315 |
| 318 PKIX_ENTER(CERTCHAINCHECKER, "pkix_CrlChecker_CheckExternal"); | 316 PKIX_ENTER(CERTCHAINCHECKER, "pkix_CrlChecker_CheckExternal"); |
| 319 PKIX_NULLCHECK_FOUR(cert, issuer, checkerObject, pNBIOContext); | 317 PKIX_NULLCHECK_FOUR(cert, issuer, checkerObject, pNBIOContext); |
| 320 | 318 |
| (...skipping 82 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 403 PKIX_GETCRLSFAILED); | 401 PKIX_GETCRLSFAILED); |
| 404 | 402 |
| 405 PKIX_CHECK( | 403 PKIX_CHECK( |
| 406 (*storeImportCrlFn)(localStore, issuerName, crlList, plContext), | 404 (*storeImportCrlFn)(localStore, issuerName, crlList, plContext), |
| 407 PKIX_CERTSTOREFAILTOIMPORTCRLLIST); | 405 PKIX_CERTSTOREFAILTOIMPORTCRLLIST); |
| 408 | 406 |
| 409 PKIX_CHECK( | 407 PKIX_CHECK( |
| 410 (*storeCheckRevocationFn)(certStore, cert, issuer, date, | 408 (*storeCheckRevocationFn)(certStore, cert, issuer, date, |
| 411 /* done with crl downloading */ | 409 /* done with crl downloading */ |
| 412 PKIX_TRUE, | 410 PKIX_TRUE, |
| 413 &reasonCode, &revStatus, plContext), | 411 pReasonCode, &revStatus, plContext), |
| 414 PKIX_CERTSTORECRLCHECKFAILED); | 412 PKIX_CERTSTORECRLCHECKFAILED); |
| 415 if (revStatus != PKIX_RevStatus_NoInfo) { | 413 if (revStatus != PKIX_RevStatus_NoInfo) { |
| 416 break; | 414 break; |
| 417 } | 415 } |
| 418 PKIX_DECREF(crlList); | 416 PKIX_DECREF(crlList); |
| 419 PKIX_DECREF(certStore); | 417 PKIX_DECREF(certStore); |
| 420 } /* while */ | 418 } /* while */ |
| 421 | 419 |
| 422 cleanup: | 420 cleanup: |
| 423 /* Update return flags */ | 421 /* Update return flags */ |
| 424 if (revStatus == PKIX_RevStatus_NoInfo && | 422 if (revStatus == PKIX_RevStatus_NoInfo && |
| 425 ((dpList && dpList->length > 0) || | 423 ((dpList && dpList->length > 0) || |
| 426 (methodFlags & PKIX_REV_M_REQUIRE_INFO_ON_MISSING_SOURCE)) && | 424 (methodFlags & PKIX_REV_M_REQUIRE_INFO_ON_MISSING_SOURCE)) && |
| 427 methodFlags & PKIX_REV_M_FAIL_ON_MISSING_FRESH_INFO) { | 425 methodFlags & PKIX_REV_M_FAIL_ON_MISSING_FRESH_INFO) { |
| 428 revStatus = PKIX_RevStatus_Revoked; | 426 revStatus = PKIX_RevStatus_Revoked; |
| 429 } | 427 } |
| 430 *pRevStatus = revStatus; | 428 *pRevStatus = revStatus; |
| 431 | 429 |
| 432 PKIX_DECREF(dpList); | 430 PKIX_DECREF(dpList); |
| 433 PKIX_DECREF(crlList); | 431 PKIX_DECREF(crlList); |
| 434 PKIX_DECREF(certStore); | 432 PKIX_DECREF(certStore); |
| 435 PKIX_DECREF(issuerName); | 433 PKIX_DECREF(issuerName); |
| 436 PKIX_DECREF(localStore); | 434 PKIX_DECREF(localStore); |
| 437 PKIX_DECREF(crlSelector); | 435 PKIX_DECREF(crlSelector); |
| 438 | 436 |
| 439 PKIX_RETURN(CERTCHAINCHECKER); | 437 PKIX_RETURN(CERTCHAINCHECKER); |
| 440 } | 438 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 133273035:
Update third_party/nss to 3.15.5 Beta 2. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/deps/third_party/nss/