OLD | NEW |
1 /* This Source Code Form is subject to the terms of the Mozilla Public | 1 /* This Source Code Form is subject to the terms of the Mozilla Public |
2 * License, v. 2.0. If a copy of the MPL was not distributed with this | 2 * License, v. 2.0. If a copy of the MPL was not distributed with this |
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
4 /* | 4 /* |
5 * nss_pkix_proxy.h | 5 * nss_pkix_proxy.h |
6 * | 6 * |
7 * PKIX - NSS proxy functions | 7 * PKIX - NSS proxy functions |
8 * | 8 * |
9 * NOTE: All structures, functions, data types are parts of library private | 9 * NOTE: All structures, functions, data types are parts of library private |
10 * api and are subjects to change in any following releases. | 10 * api and are subjects to change in any following releases. |
(...skipping 1394 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1405 PKIX_ProcessingParams *procParams, | 1405 PKIX_ProcessingParams *procParams, |
1406 const CERTRevocationTests *revTest, | 1406 const CERTRevocationTests *revTest, |
1407 CERTRevocationMethodIndex certRevMethod, | 1407 CERTRevocationMethodIndex certRevMethod, |
1408 PKIX_RevocationMethodType pkixRevMethod, | 1408 PKIX_RevocationMethodType pkixRevMethod, |
1409 PKIX_Boolean verifyResponderUsages, | 1409 PKIX_Boolean verifyResponderUsages, |
1410 PKIX_Boolean isLeafTest, | 1410 PKIX_Boolean isLeafTest, |
1411 void *plContext) | 1411 void *plContext) |
1412 { | 1412 { |
1413 PKIX_UInt32 methodFlags = 0; | 1413 PKIX_UInt32 methodFlags = 0; |
1414 PKIX_Error *error = NULL; | 1414 PKIX_Error *error = NULL; |
1415 int priority = 0; | 1415 PKIX_UInt32 priority = 0; |
1416 | 1416 |
1417 if (revTest->number_of_defined_methods <= certRevMethod) { | 1417 if (revTest->number_of_defined_methods <= (PRUint32)certRevMethod) { |
1418 return NULL; | 1418 return NULL; |
1419 } | 1419 } |
1420 if (revTest->preferred_methods) { | 1420 if (revTest->preferred_methods) { |
1421 int i = 0; | 1421 unsigned int i = 0; |
1422 for (;i < revTest->number_of_preferred_methods;i++) { | 1422 for (;i < revTest->number_of_preferred_methods;i++) { |
1423 if (revTest->preferred_methods[i] == certRevMethod) | 1423 if (revTest->preferred_methods[i] == certRevMethod) |
1424 break; | 1424 break; |
1425 } | 1425 } |
1426 priority = i; | 1426 priority = i; |
1427 } | 1427 } |
1428 methodFlags = revTest->cert_rev_flags_per_method[certRevMethod]; | 1428 methodFlags = revTest->cert_rev_flags_per_method[certRevMethod]; |
1429 if (verifyResponderUsages && | 1429 if (verifyResponderUsages && |
1430 pkixRevMethod == PKIX_RevocationMethod_OCSP) { | 1430 pkixRevMethod == PKIX_RevocationMethod_OCSP) { |
1431 methodFlags |= PKIX_REV_M_FORBID_NETWORK_FETCHING; | 1431 methodFlags |= PKIX_REV_M_FORBID_NETWORK_FETCHING; |
(...skipping 15 matching lines...) Expand all Loading... |
1447 SECStatus r=SECSuccess; | 1447 SECStatus r=SECSuccess; |
1448 PKIX_PL_Date *date = NULL; | 1448 PKIX_PL_Date *date = NULL; |
1449 PKIX_List *policyOIDList = NULL; | 1449 PKIX_List *policyOIDList = NULL; |
1450 PKIX_List *certListPkix = NULL; | 1450 PKIX_List *certListPkix = NULL; |
1451 const CERTRevocationFlags *flags; | 1451 const CERTRevocationFlags *flags; |
1452 SECErrorCodes errCode = SEC_ERROR_INVALID_ARGS; | 1452 SECErrorCodes errCode = SEC_ERROR_INVALID_ARGS; |
1453 const CERTCertList *certList = NULL; | 1453 const CERTCertList *certList = NULL; |
1454 CERTCertListNode *node; | 1454 CERTCertListNode *node; |
1455 PKIX_PL_Cert *certPkix = NULL; | 1455 PKIX_PL_Cert *certPkix = NULL; |
1456 PKIX_TrustAnchor *trustAnchor = NULL; | 1456 PKIX_TrustAnchor *trustAnchor = NULL; |
1457 PKIX_PL_Date *revDate = NULL; | |
1458 PKIX_RevocationChecker *revChecker = NULL; | 1457 PKIX_RevocationChecker *revChecker = NULL; |
1459 PKIX_PL_NssContext *nssContext = (PKIX_PL_NssContext *)plContext; | 1458 PKIX_PL_NssContext *nssContext = (PKIX_PL_NssContext *)plContext; |
1460 | 1459 |
1461 /* XXX we need a way to map generic PKIX error to generic NSS errors */ | 1460 /* XXX we need a way to map generic PKIX error to generic NSS errors */ |
1462 | 1461 |
1463 switch (param->type) { | 1462 switch (param->type) { |
1464 | 1463 |
1465 case cert_pi_policyOID: | 1464 case cert_pi_policyOID: |
1466 | 1465 |
1467 /* needed? */ | 1466 /* needed? */ |
(...skipping 189 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1657 r = SECFailure; | 1656 r = SECFailure; |
1658 break; | 1657 break; |
1659 } | 1658 } |
1660 | 1659 |
1661 if (policyOIDList != NULL) | 1660 if (policyOIDList != NULL) |
1662 PKIX_PL_Object_DecRef((PKIX_PL_Object *)policyOIDList, plContext); | 1661 PKIX_PL_Object_DecRef((PKIX_PL_Object *)policyOIDList, plContext); |
1663 | 1662 |
1664 if (date != NULL) | 1663 if (date != NULL) |
1665 PKIX_PL_Object_DecRef((PKIX_PL_Object *)date, plContext); | 1664 PKIX_PL_Object_DecRef((PKIX_PL_Object *)date, plContext); |
1666 | 1665 |
1667 if (revDate != NULL) | |
1668 PKIX_PL_Object_DecRef((PKIX_PL_Object *)revDate, plContext); | |
1669 | |
1670 if (revChecker != NULL) | 1666 if (revChecker != NULL) |
1671 PKIX_PL_Object_DecRef((PKIX_PL_Object *)revChecker, plContext); | 1667 PKIX_PL_Object_DecRef((PKIX_PL_Object *)revChecker, plContext); |
1672 | 1668 |
1673 if (certListPkix) | 1669 if (certListPkix) |
1674 PKIX_PL_Object_DecRef((PKIX_PL_Object *)certListPkix, plContext); | 1670 PKIX_PL_Object_DecRef((PKIX_PL_Object *)certListPkix, plContext); |
1675 | 1671 |
1676 if (trustAnchor) | 1672 if (trustAnchor) |
1677 PKIX_PL_Object_DecRef((PKIX_PL_Object *)trustAnchor, plContext); | 1673 PKIX_PL_Object_DecRef((PKIX_PL_Object *)trustAnchor, plContext); |
1678 | 1674 |
1679 if (certPkix) | 1675 if (certPkix) |
(...skipping 570 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2250 | 2246 |
2251 } while (errorGenerated); | 2247 } while (errorGenerated); |
2252 | 2248 |
2253 runningLeakTest = PKIX_FALSE; | 2249 runningLeakTest = PKIX_FALSE; |
2254 PR_ATOMIC_DECREMENT(¶llelFnInvocationCount); | 2250 PR_ATOMIC_DECREMENT(¶llelFnInvocationCount); |
2255 usePKIXValidationEngine = savedUsePkixEngFlag; | 2251 usePKIXValidationEngine = savedUsePkixEngFlag; |
2256 #endif /* PKIX_OBJECT_LEAK_TEST */ | 2252 #endif /* PKIX_OBJECT_LEAK_TEST */ |
2257 | 2253 |
2258 return r; | 2254 return r; |
2259 } | 2255 } |
OLD | NEW |