| OLD | NEW |
|---|
| 1 /* This Source Code Form is subject to the terms of the Mozilla Public | 1 /* This Source Code Form is subject to the terms of the Mozilla Public |
| 2 * License, v. 2.0. If a copy of the MPL was not distributed with this | 2 * License, v. 2.0. If a copy of the MPL was not distributed with this |
| 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
| 4 | 4 |
| 5 /* | 5 /* |
| 6 * Code for dealing with x.509 v3 crl and crl entries extensions. | 6 * Code for dealing with x.509 v3 crl and crl entries extensions. |
| 7 */ | 7 */ |
| 8 | 8 |
| 9 #include "cert.h" | 9 #include "cert.h" |
| 10 #include "secitem.h" | 10 #include "secitem.h" |
| 11 #include "secoid.h" | 11 #include "secoid.h" |
| 12 #include "secoidt.h" | 12 #include "secoidt.h" |
| 13 #include "secder.h" | 13 #include "secder.h" |
| 14 #include "secasn1.h" | 14 #include "secasn1.h" |
| 15 #include "certxutl.h" | 15 #include "certxutl.h" |
| 16 | 16 |
| 17 SECStatus | 17 SECStatus |
| 18 CERT_FindCRLExtensionByOID(CERTCrl *crl, SECItem *oid, SECItem *value) | 18 CERT_FindCRLExtensionByOID(CERTCrl *crl, SECItem *oid, SECItem *value) |
| 19 { | 19 { |
| 20 return (cert_FindExtensionByOID (crl->extensions, oid, value)); | 20 return (cert_FindExtensionByOID(crl->extensions, oid, value)); |
| 21 } | 21 } |
| 22 | |
| 23 | 22 |
| 24 SECStatus | 23 SECStatus |
| 25 CERT_FindCRLExtension(CERTCrl *crl, int tag, SECItem *value) | 24 CERT_FindCRLExtension(CERTCrl *crl, int tag, SECItem *value) |
| 26 { | 25 { |
| 27 return (cert_FindExtension (crl->extensions, tag, value)); | 26 return (cert_FindExtension(crl->extensions, tag, value)); |
| 28 } | 27 } |
| 29 | 28 |
| 30 | |
| 31 /* Callback to set extensions and adjust verison */ | 29 /* Callback to set extensions and adjust verison */ |
| 32 static void | 30 static void |
| 33 SetCrlExts(void *object, CERTCertExtension **exts) | 31 SetCrlExts(void *object, CERTCertExtension **exts) |
| 34 { | 32 { |
| 35 CERTCrl *crl = (CERTCrl *)object; | 33 CERTCrl *crl = (CERTCrl *)object; |
| 36 | 34 |
| 37 crl->extensions = exts; | 35 crl->extensions = exts; |
| 38 DER_SetUInteger (crl->arena, &crl->version, SEC_CRL_VERSION_2); | 36 DER_SetUInteger(crl->arena, &crl->version, SEC_CRL_VERSION_2); |
| 39 } | 37 } |
| 40 | 38 |
| 41 void * | 39 void * |
| 42 CERT_StartCRLExtensions(CERTCrl *crl) | 40 CERT_StartCRLExtensions(CERTCrl *crl) |
| 43 { | 41 { |
| 44 return (cert_StartExtensions ((void *)crl, crl->arena, SetCrlExts)); | 42 return (cert_StartExtensions((void *)crl, crl->arena, SetCrlExts)); |
| 45 } | 43 } |
| 46 | 44 |
| 47 static void | 45 static void |
| 48 SetCrlEntryExts(void *object, CERTCertExtension **exts) | 46 SetCrlEntryExts(void *object, CERTCertExtension **exts) |
| 49 { | 47 { |
| 50 CERTCrlEntry *crlEntry = (CERTCrlEntry *)object; | 48 CERTCrlEntry *crlEntry = (CERTCrlEntry *)object; |
| 51 | 49 |
| 52 crlEntry->extensions = exts; | 50 crlEntry->extensions = exts; |
| 53 } | 51 } |
| 54 | 52 |
| 55 void * | 53 void * |
| 56 CERT_StartCRLEntryExtensions(CERTCrl *crl, CERTCrlEntry *entry) | 54 CERT_StartCRLEntryExtensions(CERTCrl *crl, CERTCrlEntry *entry) |
| 57 { | 55 { |
| 58 return (cert_StartExtensions (entry, crl->arena, SetCrlEntryExts)); | 56 return (cert_StartExtensions(entry, crl->arena, SetCrlEntryExts)); |
| 59 } | 57 } |
| 60 | 58 |
| 61 SECStatus CERT_FindCRLNumberExten (PLArenaPool *arena, CERTCrl *crl, | 59 SECStatus |
| 62 SECItem *value) | 60 CERT_FindCRLNumberExten(PLArenaPool *arena, CERTCrl *crl, |
| 61 SECItem *value) |
| 63 { | 62 { |
| 64 SECItem encodedExtenValue; | 63 SECItem encodedExtenValue; |
| 65 SECItem *tmpItem = NULL; | 64 SECItem *tmpItem = NULL; |
| 66 SECStatus rv; | 65 SECStatus rv; |
| 67 void *mark = NULL; | 66 void *mark = NULL; |
| 68 | 67 |
| 69 encodedExtenValue.data = NULL; | 68 encodedExtenValue.data = NULL; |
| 70 encodedExtenValue.len = 0; | 69 encodedExtenValue.len = 0; |
| 71 | 70 |
| 72 rv = cert_FindExtension(crl->extensions, SEC_OID_X509_CRL_NUMBER, | 71 rv = cert_FindExtension(crl->extensions, SEC_OID_X509_CRL_NUMBER, |
| 73 » » » &encodedExtenValue); | 72 &encodedExtenValue); |
| 74 if ( rv != SECSuccess ) | 73 if (rv != SECSuccess) |
| 75 » return (rv); | 74 return (rv); |
| 76 | 75 |
| 77 mark = PORT_ArenaMark(arena); | 76 mark = PORT_ArenaMark(arena); |
| 78 | 77 |
| 79 tmpItem = SECITEM_ArenaDupItem(arena, &encodedExtenValue); | 78 tmpItem = SECITEM_ArenaDupItem(arena, &encodedExtenValue); |
| 80 if (tmpItem) { | 79 if (tmpItem) { |
| 81 rv = SEC_QuickDERDecodeItem (arena, value, | 80 rv = SEC_QuickDERDecodeItem(arena, value, |
| 82 SEC_ASN1_GET(SEC_IntegerTemplate), | 81 SEC_ASN1_GET(SEC_IntegerTemplate), |
| 83 tmpItem); | 82 tmpItem); |
| 84 } else { | 83 } else { |
| 85 rv = SECFailure; | 84 rv = SECFailure; |
| 86 } | 85 } |
| 87 | 86 |
| 88 PORT_Free (encodedExtenValue.data); | 87 PORT_Free(encodedExtenValue.data); |
| 89 if (rv == SECFailure) { | 88 if (rv == SECFailure) { |
| 90 PORT_ArenaRelease(arena, mark); | 89 PORT_ArenaRelease(arena, mark); |
| 91 } else { | 90 } else { |
| 92 PORT_ArenaUnmark(arena, mark); | 91 PORT_ArenaUnmark(arena, mark); |
| 93 } | 92 } |
| 94 return (rv); | 93 return (rv); |
| 95 } | 94 } |
| 96 | 95 |
| 97 SECStatus CERT_FindCRLEntryReasonExten (CERTCrlEntry *crlEntry, | 96 SECStatus |
| 98 CERTCRLEntryReasonCode *value) | 97 CERT_FindCRLEntryReasonExten(CERTCrlEntry *crlEntry, |
| 98 CERTCRLEntryReasonCode *value) |
| 99 { | 99 { |
| 100 SECItem wrapperItem = {siBuffer,0}; | 100 SECItem wrapperItem = { siBuffer, 0 }; |
| 101 SECItem tmpItem = {siBuffer,0}; | 101 SECItem tmpItem = { siBuffer, 0 }; |
| 102 SECStatus rv; | 102 SECStatus rv; |
| 103 PLArenaPool *arena = NULL; | 103 PLArenaPool *arena = NULL; |
| 104 | 104 |
| 105 arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); | 105 arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); |
| 106 if ( ! arena ) { | 106 if (!arena) { |
| 107 » return(SECFailure); | 107 return (SECFailure); |
| 108 } | 108 } |
| 109 | 109 |
| 110 rv = cert_FindExtension(crlEntry->extensions, SEC_OID_X509_REASON_CODE, | 110 rv = cert_FindExtension(crlEntry->extensions, SEC_OID_X509_REASON_CODE, |
| 111 &wrapperItem); | 111 &wrapperItem); |
| 112 if ( rv != SECSuccess ) { | 112 if (rv != SECSuccess) { |
| 113 » goto loser; | 113 goto loser; |
| 114 } | 114 } |
| 115 | 115 |
| 116 rv = SEC_QuickDERDecodeItem(arena, &tmpItem, | 116 rv = SEC_QuickDERDecodeItem(arena, &tmpItem, |
| 117 SEC_ASN1_GET(SEC_EnumeratedTemplate), | 117 SEC_ASN1_GET(SEC_EnumeratedTemplate), |
| 118 &wrapperItem); | 118 &wrapperItem); |
| 119 | 119 |
| 120 if ( rv != SECSuccess ) { | 120 if (rv != SECSuccess) { |
| 121 » goto loser; | 121 goto loser; |
| 122 } | 122 } |
| 123 | 123 |
| 124 *value = (CERTCRLEntryReasonCode) DER_GetInteger(&tmpItem); | 124 *value = (CERTCRLEntryReasonCode)DER_GetInteger(&tmpItem); |
| 125 | 125 |
| 126 loser: | 126 loser: |
| 127 if ( arena ) { | 127 if (arena) { |
| 128 » PORT_FreeArena(arena, PR_FALSE); | 128 PORT_FreeArena(arena, PR_FALSE); |
| 129 } | 129 } |
| 130 | 130 |
| 131 if ( wrapperItem.data ) { | 131 if (wrapperItem.data) { |
| 132 » PORT_Free(wrapperItem.data); | 132 PORT_Free(wrapperItem.data); |
| 133 } | 133 } |
| 134 | 134 |
| 135 return (rv); | 135 return (rv); |
| 136 } | 136 } |
| 137 | 137 |
| 138 SECStatus CERT_FindInvalidDateExten (CERTCrl *crl, PRTime *value) | 138 SECStatus |
| 139 CERT_FindInvalidDateExten(CERTCrl *crl, PRTime *value) |
| 139 { | 140 { |
| 140 SECItem encodedExtenValue; | 141 SECItem encodedExtenValue; |
| 141 SECItem decodedExtenValue = {siBuffer,0}; | 142 SECItem decodedExtenValue = { siBuffer, 0 }; |
| 142 SECStatus rv; | 143 SECStatus rv; |
| 143 | 144 |
| 144 encodedExtenValue.data = decodedExtenValue.data = NULL; | 145 encodedExtenValue.data = decodedExtenValue.data = NULL; |
| 145 encodedExtenValue.len = decodedExtenValue.len = 0; | 146 encodedExtenValue.len = decodedExtenValue.len = 0; |
| 146 | 147 |
| 147 rv = cert_FindExtension | 148 rv = cert_FindExtension(crl->extensions, SEC_OID_X509_INVALID_DATE, &encoded
ExtenValue); |
| 148 » (crl->extensions, SEC_OID_X509_INVALID_DATE, &encodedExtenValue); | 149 if (rv != SECSuccess) |
| 149 if ( rv != SECSuccess ) | 150 return (rv); |
| 150 » return (rv); | |
| 151 | 151 |
| 152 rv = SEC_ASN1DecodeItem (NULL, &decodedExtenValue, | 152 rv = SEC_ASN1DecodeItem(NULL, &decodedExtenValue, |
| 153 » » » SEC_ASN1_GET(SEC_GeneralizedTimeTemplate), | 153 SEC_ASN1_GET(SEC_GeneralizedTimeTemplate), |
| 154 &encodedExtenValue); | 154 &encodedExtenValue); |
| 155 if (rv == SECSuccess) | 155 if (rv == SECSuccess) |
| 156 » rv = DER_GeneralizedTimeToTime(value, &encodedExtenValue); | 156 rv = DER_GeneralizedTimeToTime(value, &encodedExtenValue); |
| 157 PORT_Free (decodedExtenValue.data); | 157 PORT_Free(decodedExtenValue.data); |
| 158 PORT_Free (encodedExtenValue.data); | 158 PORT_Free(encodedExtenValue.data); |
| 159 return (rv); | 159 return (rv); |
| 160 } | 160 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1843333003:
Update NSPR to 4.12 and NSS to 3.23 on iOS (Closed)
Base URL: https://chromium.googlesource.com/chromium/deps/nss.git@master