Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(21)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: nss/lib/certhigh/ocspi.h

Issue 1843333003: Update NSPR to 4.12 and NSS to 3.23 on iOS (Closed) Base URL: https://chromium.googlesource.com/chromium/deps/nss.git@master
Patch Set: Created 4 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « nss/lib/certhigh/ocsp.c ('k') | nss/lib/certhigh/ocspsig.c » ('j') | nss/lib/util/secoid.c » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* This Source Code Form is subject to the terms of the Mozilla Public 1 /* This Source Code Form is subject to the terms of the Mozilla Public
2 * License, v. 2.0. If a copy of the MPL was not distributed with this 2 * License, v. 2.0. If a copy of the MPL was not distributed with this
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4 /* 4 /*
5 * ocspi.h - NSS internal interfaces to OCSP code 5 * ocspi.h - NSS internal interfaces to OCSP code
6 */ 6 */
7 7
8 #ifndef _OCSPI_H_ 8 #ifndef _OCSPI_H_
9 #define _OCSPI_H_ 9 #define _OCSPI_H_
10 10
(...skipping 17 matching lines...) Expand all
28 ocsp_GetSignerCertificate(CERTCertDBHandle *handle, ocspResponseData *tbsData, 28 ocsp_GetSignerCertificate(CERTCertDBHandle *handle, ocspResponseData *tbsData,
29 ocspSignature *signature, CERTCertificate *issuer); 29 ocspSignature *signature, CERTCertificate *issuer);
30 30
31 SECStatus 31 SECStatus
32 ocsp_VerifyResponseSignature(CERTCertificate *signerCert, 32 ocsp_VerifyResponseSignature(CERTCertificate *signerCert,
33 ocspSignature *signature, 33 ocspSignature *signature,
34 SECItem *tbsResponseDataDER, 34 SECItem *tbsResponseDataDER,
35 void *pwArg); 35 void *pwArg);
36 36
37 CERTOCSPRequest * 37 CERTOCSPRequest *
38 cert_CreateSingleCertOCSPRequest(CERTOCSPCertID *certID, 38 cert_CreateSingleCertOCSPRequest(CERTOCSPCertID *certID,
39 CERTCertificate *singleCert, 39 CERTCertificate *singleCert,
40 PRTime time, 40 PRTime time,
41 PRBool addServiceLocator, 41 PRBool addServiceLocator,
42 CERTCertificate *signerCert); 42 CERTCertificate *signerCert);
43 43
44 typedef enum { ocspMissing, ocspFresh, ocspStale } OCSPFreshness; 44 typedef enum { ocspMissing,
45 ocspFresh,
46 ocspStale } OCSPFreshness;
45 47
46 SECStatus 48 SECStatus
47 ocsp_GetCachedOCSPResponseStatus(CERTOCSPCertID *certID, 49 ocsp_GetCachedOCSPResponseStatus(CERTOCSPCertID *certID,
48 PRTime time, 50 PRTime time,
49 PRBool ignoreOcspFailureMode, 51 PRBool ignoreOcspFailureMode,
50 SECStatus *rvOcsp, 52 SECStatus *rvOcsp,
51 SECErrorCodes *missingResponseError, 53 SECErrorCodes *missingResponseError,
52 OCSPFreshness *freshness); 54 OCSPFreshness *freshness);
53 55
54 /* 56 /*
(...skipping 22 matching lines...) Expand all
77 * transferred to the OCSP cache. 79 * transferred to the OCSP cache.
78 * SECStatus *cacheUpdateStatus 80 * SECStatus *cacheUpdateStatus
79 * This optional out parameter will contain the result 81 * This optional out parameter will contain the result
80 * of the cache update operation (if requested). 82 * of the cache update operation (if requested).
81 * RETURN: 83 * RETURN:
82 * The return value is not influenced by the cache operation, 84 * The return value is not influenced by the cache operation,
83 * it matches the documentation for CERT_CheckOCSPStatus 85 * it matches the documentation for CERT_CheckOCSPStatus
84 */ 86 */
85 87
86 SECStatus 88 SECStatus
87 cert_ProcessOCSPResponse(CERTCertDBHandle *handle, 89 cert_ProcessOCSPResponse(CERTCertDBHandle *handle,
88 CERTOCSPResponse *response, 90 CERTOCSPResponse *response,
89 CERTOCSPCertID *certID, 91 CERTOCSPCertID *certID,
90 CERTCertificate *signerCert, 92 CERTCertificate *signerCert,
91 PRTime time, 93 PRTime time,
92 PRBool *certIDWasConsumed, 94 PRBool *certIDWasConsumed,
93 SECStatus *cacheUpdateStatus); 95 SECStatus *cacheUpdateStatus);
94 96
95 /* 97 /*
96 * FUNCTION: cert_RememberOCSPProcessingFailure 98 * FUNCTION: cert_RememberOCSPProcessingFailure
97 * If an application notices a failure during OCSP processing, 99 * If an application notices a failure during OCSP processing,
98 * it should finally call this function. The failure will be recorded 100 * it should finally call this function. The failure will be recorded
99 * in the OCSP cache in order to avoid repetitive failures. 101 * in the OCSP cache in order to avoid repetitive failures.
100 * INPUTS: 102 * INPUTS:
101 * CERTOCSPCertID *certID 103 * CERTOCSPCertID *certID
102 * the ID that was used for the failed OCSP processing 104 * the ID that was used for the failed OCSP processing
103 * PRBool *certIDWasConsumed 105 * PRBool *certIDWasConsumed
104 * Out parameter, if set to true, ownership of parameter certID was 106 * Out parameter, if set to true, ownership of parameter certID was
105 * transferred to the OCSP cache. 107 * transferred to the OCSP cache.
106 * RETURN: 108 * RETURN:
107 * Status of the cache update operation. 109 * Status of the cache update operation.
108 */ 110 */
109 111
110 SECStatus 112 SECStatus
111 cert_RememberOCSPProcessingFailure(CERTOCSPCertID *certID, 113 cert_RememberOCSPProcessingFailure(CERTOCSPCertID *certID,
112 PRBool *certIDWasConsumed); 114 PRBool *certIDWasConsumed);
113 115
114 /* 116 /*
115 * FUNCTION: ocsp_GetResponderLocation 117 * FUNCTION: ocsp_GetResponderLocation
116 * Check ocspx context for user-designated responder URI first. If not 118 * Check ocspx context for user-designated responder URI first. If not
117 * found, checks cert AIA extension. 119 * found, checks cert AIA extension.
118 * INPUTS: 120 * INPUTS:
119 * CERTCertDBHandle *handle 121 * CERTCertDBHandle *handle
120 * certificate DB of the cert that is being checked 122 * certificate DB of the cert that is being checked
121 * CERTCertificate *cert 123 * CERTCertificate *cert
122 * The certificate being examined. 124 * The certificate being examined.
(...skipping 16 matching lines...) Expand all
139 * if PR_TRUE is returned, then treat fetching as a 141 * if PR_TRUE is returned, then treat fetching as a
140 * revoked cert status. 142 * revoked cert status.
141 */ 143 */
142 PRBool 144 PRBool
143 ocsp_FetchingFailureIsVerificationFailure(void); 145 ocsp_FetchingFailureIsVerificationFailure(void);
144 146
145 size_t 147 size_t
146 ocsp_UrlEncodeBase64Buf(const char *base64Buf, char *outputBuf); 148 ocsp_UrlEncodeBase64Buf(const char *base64Buf, char *outputBuf);
147 149
148 SECStatus 150 SECStatus
149 ocsp_GetVerifiedSingleResponseForCertID(CERTCertDBHandle *handle, 151 ocsp_GetVerifiedSingleResponseForCertID(CERTCertDBHandle *handle,
150 CERTOCSPResponse *response, 152 CERTOCSPResponse *response,
151 CERTOCSPCertID *certID, 153 CERTOCSPCertID *certID,
152 CERTCertificate *signerCert, 154 CERTCertificate *signerCert,
153 PRTime time, 155 PRTime time,
154 CERTOCSPSingleResponse **pSingleResponse ); 156 CERTOCSPSingleResponse **pSingleResponse );
155 157
156 SECStatus 158 SECStatus
157 ocsp_CertHasGoodStatus(ocspCertStatus *status, PRTime time); 159 ocsp_CertHasGoodStatus(ocspCertStatus *status, PRTime time);
158 160
159 void 161 void
160 ocsp_CacheSingleResponse(CERTOCSPCertID *certID, 162 ocsp_CacheSingleResponse(CERTOCSPCertID *certID,
161 » » » CERTOCSPSingleResponse *single, 163 CERTOCSPSingleResponse *single,
162 » » » PRBool *certIDWasConsumed); 164 PRBool *certIDWasConsumed);
163 165
164 #endif /* _OCSPI_H_ */ 166 #endif /* _OCSPI_H_ */
OLDNEW
« no previous file with comments | « nss/lib/certhigh/ocsp.c ('k') | nss/lib/certhigh/ocspsig.c » ('j') | nss/lib/util/secoid.c » ('J')

Powered by Google App Engine
This is Rietveld 408576698