Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(573)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: nss/lib/certdb/xauthkid.c

Issue 1843333003: Update NSPR to 4.12 and NSS to 3.23 on iOS (Closed) Base URL: https://chromium.googlesource.com/chromium/deps/nss.git@master
Patch Set: Created 4 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « nss/lib/certdb/stanpcertdb.c ('k') | nss/lib/certdb/xbsconst.c » ('j') | nss/lib/util/secoid.c » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* This Source Code Form is subject to the terms of the Mozilla Public 1 /* This Source Code Form is subject to the terms of the Mozilla Public
2 * License, v. 2.0. If a copy of the MPL was not distributed with this 2 * License, v. 2.0. If a copy of the MPL was not distributed with this
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4 4
5 /* 5 /*
6 * X.509 v3 Subject Key Usage Extension 6 * X.509 v3 Subject Key Usage Extension
7 * 7 *
8 */ 8 */
9 9
10 #include "prtypes.h" 10 #include "prtypes.h"
11 #include "seccomon.h" 11 #include "seccomon.h"
12 #include "secdert.h" 12 #include "secdert.h"
13 #include "secoidt.h" 13 #include "secoidt.h"
14 #include "secasn1t.h" 14 #include "secasn1t.h"
15 #include "secasn1.h" 15 #include "secasn1.h"
16 #include "secport.h" 16 #include "secport.h"
17 #include "certt.h" 17 #include "certt.h"
18 #include "genname.h" 18 #include "genname.h"
19 #include "secerr.h" 19 #include "secerr.h"
20 20
21 SEC_ASN1_MKSUB(SEC_IntegerTemplate) 21 SEC_ASN1_MKSUB(SEC_IntegerTemplate)
22 SEC_ASN1_MKSUB(SEC_OctetStringTemplate) 22 SEC_ASN1_MKSUB(SEC_OctetStringTemplate)
23 23
24 const SEC_ASN1Template CERTAuthKeyIDTemplate[] = { 24 const SEC_ASN1Template CERTAuthKeyIDTemplate[] = {
25 { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CERTAuthKeyID) }, 25 { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CERTAuthKeyID) },
26 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0, 26 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
27 » offsetof(CERTAuthKeyID,keyID), SEC_ASN1_SUB(SEC_OctetStringTemplate)}, 27 offsetof(CERTAuthKeyID, keyID), SEC_ASN1_SUB(SEC_OctetStringTemplate) },
28 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1, 28 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
29 offsetof(CERTAuthKeyID, DERAuthCertIssuer), CERT_GeneralNamesTemplate} , 29 offsetof(CERTAuthKeyID, DERAuthCertIssuer), CERT_GeneralNamesTemplate },
30 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 2, 30 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 2,
31 » offsetof(CERTAuthKeyID,authCertSerialNumber), 31 offsetof(CERTAuthKeyID, authCertSerialNumber),
32 SEC_ASN1_SUB(SEC_IntegerTemplate) }, 32 SEC_ASN1_SUB(SEC_IntegerTemplate) },
33 { 0 } 33 { 0 }
34 }; 34 };
35 35
36 36 SECStatus
37 37 CERT_EncodeAuthKeyID(PLArenaPool *arena, CERTAuthKeyID *value,
38 SECStatus CERT_EncodeAuthKeyID (PLArenaPool *arena, CERTAuthKeyID *value, SECIte m *encodedValue) 38 SECItem *encodedValue)
39 { 39 {
40 SECStatus rv = SECFailure; 40 SECStatus rv = SECFailure;
41 41
42 PORT_Assert (value); 42 PORT_Assert(value);
43 PORT_Assert (arena); 43 PORT_Assert(arena);
44 PORT_Assert (value->DERAuthCertIssuer == NULL); 44 PORT_Assert(value->DERAuthCertIssuer == NULL);
45 PORT_Assert (encodedValue); 45 PORT_Assert(encodedValue);
46 46
47 do { 47 do {
48
49 /* If both of the authCertIssuer and the serial number exist, encode
50 the name first. Otherwise, it is an error if one exist and the other
51 is not.
52 */
53 if (value->authCertIssuer) {
54 if (!value->authCertSerialNumber.data) {
55 PORT_SetError (SEC_ERROR_EXTENSION_VALUE_INVALID);
56 break;
57 }
58 48
59 » value->DERAuthCertIssuer = cert_EncodeGeneralNames 49 /* If both of the authCertIssuer and the serial number exist, encode
60 » » (arena, value->authCertIssuer); 50 the name first. Otherwise, it is an error if one exist and the other
61 » if (!value->DERAuthCertIssuer) { 51 is not.
62 » » PORT_SetError (SEC_ERROR_EXTENSION_VALUE_INVALID); 52 */
63 » » break; 53 if (value->authCertIssuer) {
64 » } 54 if (!value->authCertSerialNumber.data) {
65 » } 55 PORT_SetError(SEC_ERROR_EXTENSION_VALUE_INVALID);
66 » else if (value->authCertSerialNumber.data) { 56 break;
67 » » PORT_SetError (SEC_ERROR_EXTENSION_VALUE_INVALID); 57 }
68 » » break;
69 » }
70 58
71 » if (SEC_ASN1EncodeItem (arena, encodedValue, value, 59 value->DERAuthCertIssuer =
72 » » » » CERTAuthKeyIDTemplate) == NULL) 60 cert_EncodeGeneralNames(arena, value->authCertIssuer);
73 » break; 61 if (!value->DERAuthCertIssuer) {
74 » rv = SECSuccess; 62 PORT_SetError(SEC_ERROR_EXTENSION_VALUE_INVALID);
63 break;
64 }
65 } else if (value->authCertSerialNumber.data) {
66 PORT_SetError(SEC_ERROR_EXTENSION_VALUE_INVALID);
67 break;
68 }
69
70 if (SEC_ASN1EncodeItem(arena, encodedValue, value,
71 CERTAuthKeyIDTemplate) == NULL)
72 break;
73 rv = SECSuccess;
75 74
76 } while (0); 75 } while (0);
77 return(rv); 76 return (rv);
78 } 77 }
79 78
80 CERTAuthKeyID * 79 CERTAuthKeyID *
81 CERT_DecodeAuthKeyID (PLArenaPool *arena, const SECItem *encodedValue) 80 CERT_DecodeAuthKeyID(PLArenaPool *arena, const SECItem *encodedValue)
82 { 81 {
83 CERTAuthKeyID * value = NULL; 82 CERTAuthKeyID *value = NULL;
84 SECStatus rv = SECFailure; 83 SECStatus rv = SECFailure;
85 void * mark; 84 void *mark;
86 SECItem newEncodedValue; 85 SECItem newEncodedValue;
87 86
88 PORT_Assert (arena); 87 PORT_Assert(arena);
89 88
90 do { 89 do {
91 » mark = PORT_ArenaMark (arena); 90 mark = PORT_ArenaMark(arena);
92 » value = (CERTAuthKeyID*)PORT_ArenaZAlloc (arena, sizeof (*value)); 91 value = (CERTAuthKeyID *)PORT_ArenaZAlloc(arena, sizeof(*value));
93 » if (value == NULL) 92 if (value == NULL)
94 » break; 93 break;
95 » value->DERAuthCertIssuer = NULL; 94 value->DERAuthCertIssuer = NULL;
96 /* copy the DER into the arena, since Quick DER returns data that points 95 /* copy the DER into the arena, since Quick DER returns data that points
97 into the DER input, which may get freed by the caller */ 96 into the DER input, which may get freed by the caller */
98 rv = SECITEM_CopyItem(arena, &newEncodedValue, encodedValue); 97 rv = SECITEM_CopyItem(arena, &newEncodedValue, encodedValue);
99 if ( rv != SECSuccess ) { 98 if (rv != SECSuccess) {
100 » break; 99 break;
101 } 100 }
102 101
103 rv = SEC_QuickDERDecodeItem 102 rv = SEC_QuickDERDecodeItem(arena, value, CERTAuthKeyIDTemplate,
104 » (arena, value, CERTAuthKeyIDTemplate, &newEncodedValue); 103 &newEncodedValue);
105 » if (rv != SECSuccess) 104 if (rv != SECSuccess)
106 » break; 105 break;
107 106
108 value->authCertIssuer = cert_DecodeGeneralNames (arena, value->DERAuthCe rtIssuer); 107 value->authCertIssuer =
109 » if (value->authCertIssuer == NULL) 108 cert_DecodeGeneralNames(arena, value->DERAuthCertIssuer);
110 » break; 109 if (value->authCertIssuer == NULL)
111 » 110 break;
112 » /* what if the general name contains other format but not URI ? 111
113 » hl 112 /* what if the general name contains other format but not URI ?
114 » */ 113 hl
115 » if ((value->authCertSerialNumber.data && !value->authCertIssuer) || 114 */
116 » (!value->authCertSerialNumber.data && value->authCertIssuer)){ 115 if ((value->authCertSerialNumber.data && !value->authCertIssuer) ||
117 » PORT_SetError (SEC_ERROR_EXTENSION_VALUE_INVALID); 116 (!value->authCertSerialNumber.data && value->authCertIssuer)) {
118 » break; 117 PORT_SetError(SEC_ERROR_EXTENSION_VALUE_INVALID);
119 » } 118 break;
119 }
120 } while (0); 120 } while (0);
121 121
122 if (rv != SECSuccess) { 122 if (rv != SECSuccess) {
123 » PORT_ArenaRelease (arena, mark); 123 PORT_ArenaRelease(arena, mark);
124 » return ((CERTAuthKeyID *)NULL);» 124 return ((CERTAuthKeyID *)NULL);
125 } 125 }
126 PORT_ArenaUnmark(arena, mark); 126 PORT_ArenaUnmark(arena, mark);
127 return (value); 127 return (value);
128 } 128 }
OLDNEW
« no previous file with comments | « nss/lib/certdb/stanpcertdb.c ('k') | nss/lib/certdb/xbsconst.c » ('j') | nss/lib/util/secoid.c » ('J')

Powered by Google App Engine
This is Rietveld 408576698