| OLD | NEW |
|---|
| (Empty) |
| 1 /* This Source Code Form is subject to the terms of the Mozilla Public | |
| 2 * License, v. 2.0. If a copy of the MPL was not distributed with this | |
| 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | |
| 4 | |
| 5 /* | |
| 6 * Code for dealing with x.509 v3 crl and crl entries extensions. | |
| 7 */ | |
| 8 | |
| 9 #include "cert.h" | |
| 10 #include "secitem.h" | |
| 11 #include "secoid.h" | |
| 12 #include "secoidt.h" | |
| 13 #include "secder.h" | |
| 14 #include "secasn1.h" | |
| 15 #include "certxutl.h" | |
| 16 | |
| 17 SECStatus | |
| 18 CERT_FindCRLExtensionByOID(CERTCrl *crl, SECItem *oid, SECItem *value) | |
| 19 { | |
| 20 return (cert_FindExtensionByOID(crl->extensions, oid, value)); | |
| 21 } | |
| 22 | |
| 23 SECStatus | |
| 24 CERT_FindCRLExtension(CERTCrl *crl, int tag, SECItem *value) | |
| 25 { | |
| 26 return (cert_FindExtension(crl->extensions, tag, value)); | |
| 27 } | |
| 28 | |
| 29 /* Callback to set extensions and adjust verison */ | |
| 30 static void | |
| 31 SetCrlExts(void *object, CERTCertExtension **exts) | |
| 32 { | |
| 33 CERTCrl *crl = (CERTCrl *)object; | |
| 34 | |
| 35 crl->extensions = exts; | |
| 36 DER_SetUInteger(crl->arena, &crl->version, SEC_CRL_VERSION_2); | |
| 37 } | |
| 38 | |
| 39 void * | |
| 40 CERT_StartCRLExtensions(CERTCrl *crl) | |
| 41 { | |
| 42 return (cert_StartExtensions((void *)crl, crl->arena, SetCrlExts)); | |
| 43 } | |
| 44 | |
| 45 static void | |
| 46 SetCrlEntryExts(void *object, CERTCertExtension **exts) | |
| 47 { | |
| 48 CERTCrlEntry *crlEntry = (CERTCrlEntry *)object; | |
| 49 | |
| 50 crlEntry->extensions = exts; | |
| 51 } | |
| 52 | |
| 53 void * | |
| 54 CERT_StartCRLEntryExtensions(CERTCrl *crl, CERTCrlEntry *entry) | |
| 55 { | |
| 56 return (cert_StartExtensions(entry, crl->arena, SetCrlEntryExts)); | |
| 57 } | |
| 58 | |
| 59 SECStatus | |
| 60 CERT_FindCRLNumberExten(PLArenaPool *arena, CERTCrl *crl, | |
| 61 SECItem *value) | |
| 62 { | |
| 63 SECItem encodedExtenValue; | |
| 64 SECItem *tmpItem = NULL; | |
| 65 SECStatus rv; | |
| 66 void *mark = NULL; | |
| 67 | |
| 68 encodedExtenValue.data = NULL; | |
| 69 encodedExtenValue.len = 0; | |
| 70 | |
| 71 rv = cert_FindExtension(crl->extensions, SEC_OID_X509_CRL_NUMBER, | |
| 72 &encodedExtenValue); | |
| 73 if (rv != SECSuccess) | |
| 74 return (rv); | |
| 75 | |
| 76 mark = PORT_ArenaMark(arena); | |
| 77 | |
| 78 tmpItem = SECITEM_ArenaDupItem(arena, &encodedExtenValue); | |
| 79 if (tmpItem) { | |
| 80 rv = SEC_QuickDERDecodeItem(arena, value, | |
| 81 SEC_ASN1_GET(SEC_IntegerTemplate), | |
| 82 tmpItem); | |
| 83 } else { | |
| 84 rv = SECFailure; | |
| 85 } | |
| 86 | |
| 87 PORT_Free(encodedExtenValue.data); | |
| 88 if (rv == SECFailure) { | |
| 89 PORT_ArenaRelease(arena, mark); | |
| 90 } else { | |
| 91 PORT_ArenaUnmark(arena, mark); | |
| 92 } | |
| 93 return (rv); | |
| 94 } | |
| 95 | |
| 96 SECStatus | |
| 97 CERT_FindCRLEntryReasonExten(CERTCrlEntry *crlEntry, | |
| 98 CERTCRLEntryReasonCode *value) | |
| 99 { | |
| 100 SECItem wrapperItem = { siBuffer, 0 }; | |
| 101 SECItem tmpItem = { siBuffer, 0 }; | |
| 102 SECStatus rv; | |
| 103 PLArenaPool *arena = NULL; | |
| 104 | |
| 105 arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); | |
| 106 if (!arena) { | |
| 107 return (SECFailure); | |
| 108 } | |
| 109 | |
| 110 rv = cert_FindExtension(crlEntry->extensions, SEC_OID_X509_REASON_CODE, | |
| 111 &wrapperItem); | |
| 112 if (rv != SECSuccess) { | |
| 113 goto loser; | |
| 114 } | |
| 115 | |
| 116 rv = SEC_QuickDERDecodeItem(arena, &tmpItem, | |
| 117 SEC_ASN1_GET(SEC_EnumeratedTemplate), | |
| 118 &wrapperItem); | |
| 119 | |
| 120 if (rv != SECSuccess) { | |
| 121 goto loser; | |
| 122 } | |
| 123 | |
| 124 *value = (CERTCRLEntryReasonCode)DER_GetInteger(&tmpItem); | |
| 125 | |
| 126 loser: | |
| 127 if (arena) { | |
| 128 PORT_FreeArena(arena, PR_FALSE); | |
| 129 } | |
| 130 | |
| 131 if (wrapperItem.data) { | |
| 132 PORT_Free(wrapperItem.data); | |
| 133 } | |
| 134 | |
| 135 return (rv); | |
| 136 } | |
| 137 | |
| 138 SECStatus | |
| 139 CERT_FindInvalidDateExten(CERTCrl *crl, PRTime *value) | |
| 140 { | |
| 141 SECItem encodedExtenValue; | |
| 142 SECItem decodedExtenValue = { siBuffer, 0 }; | |
| 143 SECStatus rv; | |
| 144 | |
| 145 encodedExtenValue.data = decodedExtenValue.data = NULL; | |
| 146 encodedExtenValue.len = decodedExtenValue.len = 0; | |
| 147 | |
| 148 rv = cert_FindExtension(crl->extensions, SEC_OID_X509_INVALID_DATE, &encoded
ExtenValue); | |
| 149 if (rv != SECSuccess) | |
| 150 return (rv); | |
| 151 | |
| 152 rv = SEC_ASN1DecodeItem(NULL, &decodedExtenValue, | |
| 153 SEC_ASN1_GET(SEC_GeneralizedTimeTemplate), | |
| 154 &encodedExtenValue); | |
| 155 if (rv == SECSuccess) | |
| 156 rv = DER_GeneralizedTimeToTime(value, &encodedExtenValue); | |
| 157 PORT_Free(decodedExtenValue.data); | |
| 158 PORT_Free(encodedExtenValue.data); | |
| 159 return (rv); | |
| 160 } | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2078763002:
Delete bundled copy of NSS and replace with README. (Closed)
Base URL: https://chromium.googlesource.com/chromium/deps/nss@master