| Index: nss/lib/certhigh/ocspti.h
|
| diff --git a/nss/lib/certhigh/ocspti.h b/nss/lib/certhigh/ocspti.h
|
| index a2b3852f25cdddff57dec15cf981a47552b6ee05..d9297dba6a6479533cc0b19947518cd2d5548730 100644
|
| --- a/nss/lib/certhigh/ocspti.h
|
| +++ b/nss/lib/certhigh/ocspti.h
|
| @@ -16,7 +16,6 @@
|
| #include "seccomon.h"
|
| #include "secoidt.h"
|
|
|
| -
|
| /*
|
| * Some notes about naming conventions...
|
| *
|
| @@ -49,7 +48,6 @@
|
| * way around (reference before definition).
|
| */
|
|
|
| -
|
| /*
|
| * Forward-declarations of internal-only data structures.
|
| *
|
| @@ -67,12 +65,11 @@ typedef struct ocspSingleRequestStr ocspSingleRequest;
|
| typedef struct ocspSingleResponseStr ocspSingleResponse;
|
| typedef struct ocspTBSRequestStr ocspTBSRequest;
|
|
|
| -
|
| /*
|
| * An OCSPRequest; this is what is sent (encoded) to an OCSP responder.
|
| */
|
| struct CERTOCSPRequestStr {
|
| - PLArenaPool *arena; /* local; not part of encoding */
|
| + PLArenaPool *arena; /* local; not part of encoding */
|
| ocspTBSRequest *tbsRequest;
|
| ocspSignature *optionalSignature;
|
| };
|
| @@ -92,12 +89,12 @@ struct CERTOCSPRequestStr {
|
| * in-progress extensions as they are optionally added to the request.
|
| */
|
| struct ocspTBSRequestStr {
|
| - SECItem version; /* an INTEGER */
|
| - SECItem *derRequestorName; /* encoded GeneralName; see above */
|
| - CERTGeneralNameList *requestorName; /* local; not part of encoding */
|
| + SECItem version; /* an INTEGER */
|
| + SECItem *derRequestorName; /* encoded GeneralName; see above */
|
| + CERTGeneralNameList *requestorName; /* local; not part of encoding */
|
| ocspSingleRequest **requestList;
|
| CERTCertExtension **requestExtensions;
|
| - void *extensionHandle; /* local; not part of encoding */
|
| + void *extensionHandle; /* local; not part of encoding */
|
| };
|
|
|
| /*
|
| @@ -124,12 +121,12 @@ struct ocspTBSRequestStr {
|
| */
|
| struct ocspSignatureStr {
|
| SECAlgorithmID signatureAlgorithm;
|
| - SECItem signature; /* a BIT STRING */
|
| - SECItem **derCerts; /* a SEQUENCE OF Certificate */
|
| - CERTCertificate *cert; /* local; not part of encoding */
|
| - PRBool wasChecked; /* local; not part of encoding */
|
| - SECStatus status; /* local; not part of encoding */
|
| - int failureReason; /* local; not part of encoding */
|
| + SECItem signature; /* a BIT STRING */
|
| + SECItem **derCerts; /* a SEQUENCE OF Certificate */
|
| + CERTCertificate *cert; /* local; not part of encoding */
|
| + PRBool wasChecked; /* local; not part of encoding */
|
| + SECStatus status; /* local; not part of encoding */
|
| + int failureReason; /* local; not part of encoding */
|
| };
|
|
|
| /*
|
| @@ -140,11 +137,11 @@ struct ocspSignatureStr {
|
| * but since that seemed confusing (vs. an OCSPRequest) and to be more
|
| * consistent with the parallel type "SingleResponse", I called it a
|
| * "SingleRequest".
|
| - *
|
| + *
|
| * XXX figure out how to get rid of that arena -- there must be a way
|
| */
|
| struct ocspSingleRequestStr {
|
| - PLArenaPool *arena; /* just a copy of the response arena,
|
| + PLArenaPool *arena; /* just a copy of the response arena,
|
| * needed here for extension handling
|
| * routines, on creation only */
|
| CERTOCSPCertID *reqCert;
|
| @@ -160,14 +157,14 @@ struct ocspSingleRequestStr {
|
| */
|
| struct CERTOCSPCertIDStr {
|
| SECAlgorithmID hashAlgorithm;
|
| - SECItem issuerNameHash; /* an OCTET STRING */
|
| - SECItem issuerKeyHash; /* an OCTET STRING */
|
| - SECItem serialNumber; /* an INTEGER */
|
| - SECItem issuerSHA1NameHash; /* keep other hashes around when */
|
| - SECItem issuerMD5NameHash; /* we have them */
|
| + SECItem issuerNameHash; /* an OCTET STRING */
|
| + SECItem issuerKeyHash; /* an OCTET STRING */
|
| + SECItem serialNumber; /* an INTEGER */
|
| + SECItem issuerSHA1NameHash; /* keep other hashes around when */
|
| + SECItem issuerMD5NameHash; /* we have them */
|
| SECItem issuerMD2NameHash;
|
| - SECItem issuerSHA1KeyHash; /* keep other hashes around when */
|
| - SECItem issuerMD5KeyHash; /* we have them */
|
| + SECItem issuerSHA1KeyHash; /* keep other hashes around when */
|
| + SECItem issuerMD5KeyHash; /* we have them */
|
| SECItem issuerMD2KeyHash;
|
| PLArenaPool *poolp;
|
| };
|
| @@ -209,10 +206,10 @@ typedef enum {
|
| * type ocspResponseStatus.
|
| */
|
| struct CERTOCSPResponseStr {
|
| - PLArenaPool *arena; /* local; not part of encoding */
|
| - SECItem responseStatus; /* an ENUMERATED, see above */
|
| - ocspResponseStatus statusValue; /* local; not part of encoding */
|
| - ocspResponseBytes *responseBytes; /* only when status is successful */
|
| + PLArenaPool *arena; /* local; not part of encoding */
|
| + SECItem responseStatus; /* an ENUMERATED, see above */
|
| + ocspResponseStatus statusValue; /* local; not part of encoding */
|
| + ocspResponseBytes *responseBytes; /* only when status is successful */
|
| };
|
|
|
| /*
|
| @@ -230,12 +227,12 @@ struct CERTOCSPResponseStr {
|
| * response types, just add them to the union.
|
| */
|
| struct ocspResponseBytesStr {
|
| - SECItem responseType; /* an OBJECT IDENTIFIER */
|
| - SECOidTag responseTypeTag; /* local; not part of encoding */
|
| - SECItem response; /* an OCTET STRING */
|
| + SECItem responseType; /* an OBJECT IDENTIFIER */
|
| + SECOidTag responseTypeTag; /* local; not part of encoding */
|
| + SECItem response; /* an OCTET STRING */
|
| union {
|
| - ocspBasicOCSPResponse *basic; /* when type is id-pkix-ocsp-basic */
|
| - } decodedResponse; /* local; not part of encoding */
|
| + ocspBasicOCSPResponse *basic; /* when type is id-pkix-ocsp-basic */
|
| + } decodedResponse; /* local; not part of encoding */
|
| };
|
|
|
| /*
|
| @@ -250,7 +247,7 @@ struct ocspResponseBytesStr {
|
| */
|
| struct ocspBasicOCSPResponseStr {
|
| SECItem tbsResponseDataDER;
|
| - ocspResponseData *tbsResponseData; /* "tbs" == To Be Signed */
|
| + ocspResponseData *tbsResponseData; /* "tbs" == To Be Signed */
|
| ocspSignature responseSignature;
|
| };
|
|
|
| @@ -260,38 +257,38 @@ struct ocspBasicOCSPResponseStr {
|
| * (a per-certificate status).
|
| */
|
| struct ocspResponseDataStr {
|
| - SECItem version; /* an INTEGER */
|
| + SECItem version; /* an INTEGER */
|
| SECItem derResponderID;
|
| - ocspResponderID *responderID; /* local; not part of encoding */
|
| - SECItem producedAt; /* a GeneralizedTime */
|
| + ocspResponderID *responderID; /* local; not part of encoding */
|
| + SECItem producedAt; /* a GeneralizedTime */
|
| CERTOCSPSingleResponse **responses;
|
| CERTCertExtension **responseExtensions;
|
| };
|
|
|
| struct ocspResponderIDStr {
|
| - CERTOCSPResponderIDType responderIDType;/* local; not part of encoding */
|
| + CERTOCSPResponderIDType responderIDType; /* local; not part of encoding */
|
| union {
|
| - CERTName name; /* when ocspResponderID_byName */
|
| - SECItem keyHash; /* when ocspResponderID_byKey */
|
| - SECItem other; /* when ocspResponderID_other */
|
| + CERTName name; /* when ocspResponderID_byName */
|
| + SECItem keyHash; /* when ocspResponderID_byKey */
|
| + SECItem other; /* when ocspResponderID_other */
|
| } responderIDValue;
|
| };
|
|
|
| /*
|
| * The ResponseData in a BasicOCSPResponse contains a SEQUENCE OF
|
| * SingleResponse -- one for each certificate whose status is being supplied.
|
| - *
|
| + *
|
| * XXX figure out how to get rid of that arena -- there must be a way
|
| */
|
| struct CERTOCSPSingleResponseStr {
|
| - PLArenaPool *arena; /* just a copy of the response arena,
|
| + PLArenaPool *arena; /* just a copy of the response arena,
|
| * needed here for extension handling
|
| * routines, on creation only */
|
| CERTOCSPCertID *certID;
|
| SECItem derCertStatus;
|
| - ocspCertStatus *certStatus; /* local; not part of encoding */
|
| - SECItem thisUpdate; /* a GeneralizedTime */
|
| - SECItem *nextUpdate; /* a GeneralizedTime */
|
| + ocspCertStatus *certStatus; /* local; not part of encoding */
|
| + SECItem thisUpdate; /* a GeneralizedTime */
|
| + SECItem *nextUpdate; /* a GeneralizedTime */
|
| CERTCertExtension **singleExtensions;
|
| };
|
|
|
| @@ -313,10 +310,10 @@ struct CERTOCSPSingleResponseStr {
|
| */
|
|
|
| typedef enum {
|
| - ocspCertStatus_good, /* cert is not revoked */
|
| - ocspCertStatus_revoked, /* cert is revoked */
|
| - ocspCertStatus_unknown, /* cert was unknown to the responder */
|
| - ocspCertStatus_other /* status was not an expected value */
|
| + ocspCertStatus_good, /* cert is not revoked */
|
| + ocspCertStatus_revoked, /* cert is revoked */
|
| + ocspCertStatus_unknown, /* cert was unknown to the responder */
|
| + ocspCertStatus_other /* status was not an expected value */
|
| } ocspCertStatusType;
|
|
|
| /*
|
| @@ -327,13 +324,13 @@ typedef enum {
|
| * gives more detailed information.)
|
| */
|
| struct ocspCertStatusStr {
|
| - ocspCertStatusType certStatusType; /* local; not part of encoding */
|
| + ocspCertStatusType certStatusType; /* local; not part of encoding */
|
| union {
|
| - SECItem *goodInfo; /* when ocspCertStatus_good */
|
| - ocspRevokedInfo *revokedInfo; /* when ocspCertStatus_revoked */
|
| - SECItem *unknownInfo; /* when ocspCertStatus_unknown */
|
| - SECItem *otherInfo; /* when ocspCertStatus_other */
|
| - } certStatusInfo;
|
| + SECItem *goodInfo; /* when ocspCertStatus_good */
|
| + ocspRevokedInfo *revokedInfo; /* when ocspCertStatus_revoked */
|
| + SECItem *unknownInfo; /* when ocspCertStatus_unknown */
|
| + SECItem *otherInfo; /* when ocspCertStatus_other */
|
| + } certStatusInfo;
|
| };
|
|
|
| /*
|
| @@ -341,8 +338,8 @@ struct ocspCertStatusStr {
|
| * was revoked and why.
|
| */
|
| struct ocspRevokedInfoStr {
|
| - SECItem revocationTime; /* a GeneralizedTime */
|
| - SECItem *revocationReason; /* a CRLReason; ignored for now */
|
| + SECItem revocationTime; /* a GeneralizedTime */
|
| + SECItem *revocationReason; /* a CRLReason; ignored for now */
|
| };
|
|
|
| /*
|
| @@ -353,7 +350,7 @@ struct ocspRevokedInfoStr {
|
| */
|
| struct ocspServiceLocatorStr {
|
| CERTName *issuer;
|
| - SECItem locator; /* DER encoded authInfoAccess extension from cert */
|
| + SECItem locator; /* DER encoded authInfoAccess extension from cert */
|
| };
|
|
|
| #endif /* _OCSPTI_H_ */
|
|
|
Chromium Code Reviews
Issue 1843333003:
Update NSPR to 4.12 and NSS to 3.23 on iOS (Closed)
Base URL: https://chromium.googlesource.com/chromium/deps/nss.git@master