| Index: nss/lib/certhigh/certreq.c
|
| diff --git a/nss/lib/certhigh/certreq.c b/nss/lib/certhigh/certreq.c
|
| index f5098a0dd9c771fa2b65a438495c96d1bbea66c4..4087bc978e26f7752b90b1287f221e770cf18f24 100644
|
| --- a/nss/lib/certhigh/certreq.c
|
| +++ b/nss/lib/certhigh/certreq.c
|
| @@ -14,10 +14,10 @@ SEC_ASN1_MKSUB(SEC_AnyTemplate)
|
|
|
| const SEC_ASN1Template CERT_AttributeTemplate[] = {
|
| { SEC_ASN1_SEQUENCE,
|
| - 0, NULL, sizeof(CERTAttribute) },
|
| + 0, NULL, sizeof(CERTAttribute) },
|
| { SEC_ASN1_OBJECT_ID, offsetof(CERTAttribute, attrType) },
|
| { SEC_ASN1_SET_OF | SEC_ASN1_XTRN, offsetof(CERTAttribute, attrValue),
|
| - SEC_ASN1_SUB(SEC_AnyTemplate) },
|
| + SEC_ASN1_SUB(SEC_AnyTemplate) },
|
| { 0 }
|
| };
|
|
|
| @@ -27,18 +27,18 @@ const SEC_ASN1Template CERT_SetOfAttributeTemplate[] = {
|
|
|
| const SEC_ASN1Template CERT_CertificateRequestTemplate[] = {
|
| { SEC_ASN1_SEQUENCE,
|
| - 0, NULL, sizeof(CERTCertificateRequest) },
|
| + 0, NULL, sizeof(CERTCertificateRequest) },
|
| { SEC_ASN1_INTEGER,
|
| - offsetof(CERTCertificateRequest,version) },
|
| + offsetof(CERTCertificateRequest, version) },
|
| { SEC_ASN1_INLINE,
|
| - offsetof(CERTCertificateRequest,subject),
|
| - CERT_NameTemplate },
|
| + offsetof(CERTCertificateRequest, subject),
|
| + CERT_NameTemplate },
|
| { SEC_ASN1_INLINE,
|
| - offsetof(CERTCertificateRequest,subjectPublicKeyInfo),
|
| - CERT_SubjectPublicKeyInfoTemplate },
|
| + offsetof(CERTCertificateRequest, subjectPublicKeyInfo),
|
| + CERT_SubjectPublicKeyInfoTemplate },
|
| { SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
|
| - offsetof(CERTCertificateRequest,attributes),
|
| - CERT_SetOfAttributeTemplate },
|
| + offsetof(CERTCertificateRequest, attributes),
|
| + CERT_SetOfAttributeTemplate },
|
| { 0 }
|
| };
|
|
|
| @@ -46,25 +46,25 @@ SEC_ASN1_CHOOSER_IMPLEMENT(CERT_CertificateRequestTemplate)
|
|
|
| CERTCertificate *
|
| CERT_CreateCertificate(unsigned long serialNumber,
|
| - CERTName *issuer,
|
| - CERTValidity *validity,
|
| - CERTCertificateRequest *req)
|
| + CERTName *issuer,
|
| + CERTValidity *validity,
|
| + CERTCertificateRequest *req)
|
| {
|
| CERTCertificate *c;
|
| int rv;
|
| PLArenaPool *arena;
|
| -
|
| +
|
| arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
|
| -
|
| - if ( !arena ) {
|
| - return(0);
|
| +
|
| + if (!arena) {
|
| + return (0);
|
| }
|
|
|
| c = (CERTCertificate *)PORT_ArenaZAlloc(arena, sizeof(CERTCertificate));
|
| -
|
| +
|
| if (!c) {
|
| - PORT_FreeArena(arena, PR_FALSE);
|
| - return 0;
|
| + PORT_FreeArena(arena, PR_FALSE);
|
| + return 0;
|
| }
|
|
|
| c->referenceCount = 1;
|
| @@ -75,44 +75,50 @@ CERT_CreateCertificate(unsigned long serialNumber,
|
| * If extensions are added, it will get changed as appropriate.
|
| */
|
| rv = DER_SetUInteger(arena, &c->version, SEC_CERTIFICATE_VERSION_1);
|
| - if (rv) goto loser;
|
| + if (rv)
|
| + goto loser;
|
|
|
| rv = DER_SetUInteger(arena, &c->serialNumber, serialNumber);
|
| - if (rv) goto loser;
|
| + if (rv)
|
| + goto loser;
|
|
|
| rv = CERT_CopyName(arena, &c->issuer, issuer);
|
| - if (rv) goto loser;
|
| + if (rv)
|
| + goto loser;
|
|
|
| rv = CERT_CopyValidity(arena, &c->validity, validity);
|
| - if (rv) goto loser;
|
| + if (rv)
|
| + goto loser;
|
|
|
| rv = CERT_CopyName(arena, &c->subject, &req->subject);
|
| - if (rv) goto loser;
|
| + if (rv)
|
| + goto loser;
|
| rv = SECKEY_CopySubjectPublicKeyInfo(arena, &c->subjectPublicKeyInfo,
|
| - &req->subjectPublicKeyInfo);
|
| - if (rv) goto loser;
|
| + &req->subjectPublicKeyInfo);
|
| + if (rv)
|
| + goto loser;
|
|
|
| return c;
|
|
|
| - loser:
|
| +loser:
|
| CERT_DestroyCertificate(c);
|
| return 0;
|
| }
|
|
|
| /************************************************************************/
|
| -/* It's clear from the comments that the original author of this
|
| +/* It's clear from the comments that the original author of this
|
| * function expected the template for certificate requests to treat
|
| - * the attributes as a SET OF ANY. This function expected to be
|
| + * the attributes as a SET OF ANY. This function expected to be
|
| * passed an array of SECItems each of which contained an already encoded
|
| - * Attribute. But the cert request template does not treat the
|
| + * Attribute. But the cert request template does not treat the
|
| * Attributes as a SET OF ANY, and AFAIK never has. Instead the template
|
| * encodes attributes as a SET OF xxxxxxx. That is, it expects to encode
|
| - * each of the Attributes, not have them pre-encoded. Consequently an
|
| - * array of SECItems containing encoded Attributes is of no value to this
|
| + * each of the Attributes, not have them pre-encoded. Consequently an
|
| + * array of SECItems containing encoded Attributes is of no value to this
|
| * function. But we cannot change the signature of this public function.
|
| * It must continue to take SECItems.
|
| *
|
| - * I have recoded this function so that each SECItem contains an
|
| + * I have recoded this function so that each SECItem contains an
|
| * encoded cert extension. The encoded cert extensions form the list for the
|
| * single attribute of the cert request. In this implementation there is at most
|
| * one attribute and it is always of type SEC_OID_PKCS9_EXTENSION_REQUEST.
|
| @@ -120,95 +126,95 @@ CERT_CreateCertificate(unsigned long serialNumber,
|
|
|
| CERTCertificateRequest *
|
| CERT_CreateCertificateRequest(CERTName *subject,
|
| - CERTSubjectPublicKeyInfo *spki,
|
| - SECItem **attributes)
|
| + CERTSubjectPublicKeyInfo *spki,
|
| + SECItem **attributes)
|
| {
|
| CERTCertificateRequest *certreq;
|
| PLArenaPool *arena;
|
| - CERTAttribute * attribute;
|
| - SECOidData * oidData;
|
| + CERTAttribute *attribute;
|
| + SECOidData *oidData;
|
| SECStatus rv;
|
| int i = 0;
|
|
|
| arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
|
| - if ( arena == NULL ) {
|
| - return NULL;
|
| + if (arena == NULL) {
|
| + return NULL;
|
| }
|
| -
|
| +
|
| certreq = PORT_ArenaZNew(arena, CERTCertificateRequest);
|
| if (!certreq) {
|
| - PORT_FreeArena(arena, PR_FALSE);
|
| - return NULL;
|
| + PORT_FreeArena(arena, PR_FALSE);
|
| + return NULL;
|
| }
|
| /* below here it is safe to goto loser */
|
|
|
| certreq->arena = arena;
|
| -
|
| +
|
| rv = DER_SetUInteger(arena, &certreq->version,
|
| - SEC_CERTIFICATE_REQUEST_VERSION);
|
| + SEC_CERTIFICATE_REQUEST_VERSION);
|
| if (rv != SECSuccess)
|
| - goto loser;
|
| + goto loser;
|
|
|
| rv = CERT_CopyName(arena, &certreq->subject, subject);
|
| if (rv != SECSuccess)
|
| - goto loser;
|
| + goto loser;
|
|
|
| rv = SECKEY_CopySubjectPublicKeyInfo(arena,
|
| - &certreq->subjectPublicKeyInfo,
|
| - spki);
|
| + &certreq->subjectPublicKeyInfo,
|
| + spki);
|
| if (rv != SECSuccess)
|
| - goto loser;
|
| + goto loser;
|
|
|
| - certreq->attributes = PORT_ArenaZNewArray(arena, CERTAttribute*, 2);
|
| - if(!certreq->attributes)
|
| - goto loser;
|
| + certreq->attributes = PORT_ArenaZNewArray(arena, CERTAttribute *, 2);
|
| + if (!certreq->attributes)
|
| + goto loser;
|
|
|
| /* Copy over attribute information */
|
| if (!attributes || !attributes[0]) {
|
| - /*
|
| + /*
|
| ** Invent empty attribute information. According to the
|
| ** pkcs#10 spec, attributes has this ASN.1 type:
|
| **
|
| ** attributes [0] IMPLICIT Attributes
|
| - **
|
| + **
|
| ** Which means, we should create a NULL terminated list
|
| ** with the first entry being NULL;
|
| */
|
| - certreq->attributes[0] = NULL;
|
| - return certreq;
|
| - }
|
| + certreq->attributes[0] = NULL;
|
| + return certreq;
|
| + }
|
|
|
| /* allocate space for attributes */
|
| attribute = PORT_ArenaZNew(arena, CERTAttribute);
|
| - if (!attribute)
|
| - goto loser;
|
| + if (!attribute)
|
| + goto loser;
|
|
|
| - oidData = SECOID_FindOIDByTag( SEC_OID_PKCS9_EXTENSION_REQUEST );
|
| + oidData = SECOID_FindOIDByTag(SEC_OID_PKCS9_EXTENSION_REQUEST);
|
| PORT_Assert(oidData);
|
| if (!oidData)
|
| - goto loser;
|
| + goto loser;
|
| rv = SECITEM_CopyItem(arena, &attribute->attrType, &oidData->oid);
|
| if (rv != SECSuccess)
|
| - goto loser;
|
| + goto loser;
|
|
|
| - for (i = 0; attributes[i] != NULL ; i++)
|
| - ;
|
| - attribute->attrValue = PORT_ArenaZNewArray(arena, SECItem *, i+1);
|
| - if (!attribute->attrValue)
|
| - goto loser;
|
| + for (i = 0; attributes[i] != NULL; i++)
|
| + ;
|
| + attribute->attrValue = PORT_ArenaZNewArray(arena, SECItem *, i + 1);
|
| + if (!attribute->attrValue)
|
| + goto loser;
|
|
|
| /* copy attributes */
|
| for (i = 0; attributes[i]; i++) {
|
| - /*
|
| + /*
|
| ** Attributes are a SetOf Attribute which implies
|
| ** lexigraphical ordering. It is assumes that the
|
| ** attributes are passed in sorted. If we need to
|
| ** add functionality to sort them, there is an
|
| ** example in the PKCS 7 code.
|
| */
|
| - attribute->attrValue[i] = SECITEM_ArenaDupItem(arena, attributes[i]);
|
| - if(!attribute->attrValue[i])
|
| - goto loser;
|
| + attribute->attrValue[i] = SECITEM_ArenaDupItem(arena, attributes[i]);
|
| + if (!attribute->attrValue[i])
|
| + goto loser;
|
| }
|
|
|
| certreq->attributes[0] = attribute;
|
| @@ -224,7 +230,7 @@ void
|
| CERT_DestroyCertificateRequest(CERTCertificateRequest *req)
|
| {
|
| if (req && req->arena) {
|
| - PORT_FreeArena(req->arena, PR_FALSE);
|
| + PORT_FreeArena(req->arena, PR_FALSE);
|
| }
|
| return;
|
| }
|
| @@ -241,11 +247,11 @@ setCRExt(void *o, CERTCertExtension **exts)
|
| ** attribute list by CERT_FinishCRAttributes().
|
| */
|
| extern void *cert_StartExtensions(void *owner, PLArenaPool *ownerArena,
|
| - void (*setExts)(void *object, CERTCertExtension **exts));
|
| + void (*setExts)(void *object, CERTCertExtension **exts));
|
| void *
|
| CERT_StartCertificateRequestAttributes(CERTCertificateRequest *req)
|
| {
|
| - return (cert_StartExtensions ((void *)req, req->arena, setCRExt));
|
| + return (cert_StartExtensions((void *)req, req->arena, setCRExt));
|
| }
|
|
|
| /*
|
| @@ -257,38 +263,39 @@ CERT_StartCertificateRequestAttributes(CERTCertificateRequest *req)
|
| */
|
| SECStatus
|
| CERT_FinishCertificateRequestAttributes(CERTCertificateRequest *req)
|
| -{ SECItem *extlist;
|
| +{
|
| + SECItem *extlist;
|
| SECOidData *oidrec;
|
| CERTAttribute *attribute;
|
| -
|
| +
|
| if (!req || !req->arena) {
|
| - PORT_SetError(SEC_ERROR_INVALID_ARGS);
|
| + PORT_SetError(SEC_ERROR_INVALID_ARGS);
|
| return SECFailure;
|
| }
|
| if (req->attributes == NULL || req->attributes[0] == NULL)
|
| return SECSuccess;
|
|
|
| extlist = SEC_ASN1EncodeItem(req->arena, NULL, &req->attributes,
|
| - SEC_ASN1_GET(CERT_SequenceOfCertExtensionTemplate));
|
| + SEC_ASN1_GET(CERT_SequenceOfCertExtensionTemplate));
|
| if (extlist == NULL)
|
| - return(SECFailure);
|
| + return (SECFailure);
|
|
|
| oidrec = SECOID_FindOIDByTag(SEC_OID_PKCS9_EXTENSION_REQUEST);
|
| if (oidrec == NULL)
|
| - return SECFailure;
|
| + return SECFailure;
|
|
|
| /* now change the list of cert extensions into a list of attributes
|
| */
|
| - req->attributes = PORT_ArenaZNewArray(req->arena, CERTAttribute*, 2);
|
| + req->attributes = PORT_ArenaZNewArray(req->arena, CERTAttribute *, 2);
|
|
|
| attribute = PORT_ArenaZNew(req->arena, CERTAttribute);
|
| -
|
| +
|
| if (req->attributes == NULL || attribute == NULL ||
|
| SECITEM_CopyItem(req->arena, &attribute->attrType, &oidrec->oid) != 0) {
|
| PORT_SetError(SEC_ERROR_NO_MEMORY);
|
| - return SECFailure;
|
| + return SECFailure;
|
| }
|
| - attribute->attrValue = PORT_ArenaZNewArray(req->arena, SECItem*, 2);
|
| + attribute->attrValue = PORT_ArenaZNewArray(req->arena, SECItem *, 2);
|
|
|
| if (attribute->attrValue == NULL)
|
| return SECFailure;
|
| @@ -303,22 +310,22 @@ CERT_FinishCertificateRequestAttributes(CERTCertificateRequest *req)
|
|
|
| SECStatus
|
| CERT_GetCertificateRequestExtensions(CERTCertificateRequest *req,
|
| - CERTCertExtension ***exts)
|
| + CERTCertExtension ***exts)
|
| {
|
| if (req == NULL || exts == NULL) {
|
| - PORT_SetError(SEC_ERROR_INVALID_ARGS);
|
| + PORT_SetError(SEC_ERROR_INVALID_ARGS);
|
| return SECFailure;
|
| }
|
| -
|
| +
|
| if (req->attributes == NULL || *req->attributes == NULL)
|
| return SECSuccess;
|
| -
|
| +
|
| if ((*req->attributes)->attrValue == NULL) {
|
| - PORT_SetError(SEC_ERROR_INVALID_ARGS);
|
| + PORT_SetError(SEC_ERROR_INVALID_ARGS);
|
| return SECFailure;
|
| }
|
|
|
| - return(SEC_ASN1DecodeItem(req->arena, exts,
|
| - SEC_ASN1_GET(CERT_SequenceOfCertExtensionTemplate),
|
| - (*req->attributes)->attrValue[0]));
|
| + return (SEC_ASN1DecodeItem(req->arena, exts,
|
| + SEC_ASN1_GET(CERT_SequenceOfCertExtensionTemplate),
|
| + (*req->attributes)->attrValue[0]));
|
| }
|
|
|
Chromium Code Reviews
Issue 1843333003:
Update NSPR to 4.12 and NSS to 3.23 on iOS (Closed)
Base URL: https://chromium.googlesource.com/chromium/deps/nss.git@master