| OLD | NEW |
|---|
| (Empty) |
| 1 /* This Source Code Form is subject to the terms of the Mozilla Public | |
| 2 * License, v. 2.0. If a copy of the MPL was not distributed with this | |
| 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | |
| 4 /* | |
| 5 * pkix_pl_crldp.c | |
| 6 * | |
| 7 * Crl DP Object Functions | |
| 8 * | |
| 9 */ | |
| 10 | |
| 11 #include "pkix_pl_crldp.h" | |
| 12 | |
| 13 static PKIX_Error * | |
| 14 pkix_pl_CrlDp_Destroy( | |
| 15 PKIX_PL_Object *object, | |
| 16 void *plContext) | |
| 17 { | |
| 18 pkix_pl_CrlDp *crldp = NULL; | |
| 19 | |
| 20 PKIX_ENTER(CRLCHECKER, "pkix_CrlDp_Destroy"); | |
| 21 PKIX_NULLCHECK_ONE(object); | |
| 22 | |
| 23 /* Check that this object is a default CRL checker state */ | |
| 24 PKIX_CHECK( | |
| 25 pkix_CheckType(object, PKIX_CRLDP_TYPE, plContext), | |
| 26 PKIX_OBJECTNOTCRLCHECKER); | |
| 27 | |
| 28 crldp = (pkix_pl_CrlDp *)object; | |
| 29 if (crldp->distPointType == relativeDistinguishedName) { | |
| 30 CERT_DestroyName(crldp->name.issuerName); | |
| 31 crldp->name.issuerName = NULL; | |
| 32 } | |
| 33 crldp->nssdp = NULL; | |
| 34 cleanup: | |
| 35 PKIX_RETURN(CRLCHECKER); | |
| 36 } | |
| 37 | |
| 38 /* | |
| 39 * FUNCTION: pkix_pl_CrlDp_RegisterSelf | |
| 40 * | |
| 41 * DESCRIPTION: | |
| 42 * Registers PKIX_CRLDP_TYPE and its related functions | |
| 43 * with systemClasses[] | |
| 44 * | |
| 45 * THREAD SAFETY: | |
| 46 * Not Thread Safe (see Thread Safety Definitions in Programmer's Guide) | |
| 47 * | |
| 48 * Since this function is only called by PKIX_PL_Initialize, which should | |
| 49 * only be called once, it is acceptable that this function is not | |
| 50 * thread-safe. | |
| 51 */ | |
| 52 PKIX_Error * | |
| 53 pkix_pl_CrlDp_RegisterSelf(void *plContext) | |
| 54 { | |
| 55 extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES]; | |
| 56 pkix_ClassTable_Entry* entry = &systemClasses[PKIX_CRLDP_TYPE]; | |
| 57 | |
| 58 PKIX_ENTER(CRLCHECKER, "pkix_CrlDp_RegisterSelf"); | |
| 59 | |
| 60 entry->description = "CrlDistPoint"; | |
| 61 entry->typeObjectSize = sizeof(pkix_pl_CrlDp); | |
| 62 entry->destructor = pkix_pl_CrlDp_Destroy; | |
| 63 entry->duplicateFunction = pkix_duplicateImmutable; | |
| 64 | |
| 65 PKIX_RETURN(CRLCHECKER); | |
| 66 } | |
| 67 | |
| 68 | |
| 69 | |
| 70 PKIX_Error * | |
| 71 pkix_pl_CrlDp_Create( | |
| 72 const CRLDistributionPoint *dp, | |
| 73 const CERTName *certIssuerName, | |
| 74 pkix_pl_CrlDp **pPkixDP, | |
| 75 void *plContext) | |
| 76 { | |
| 77 PLArenaPool *rdnArena = NULL; | |
| 78 CERTName *issuerNameCopy = NULL; | |
| 79 pkix_pl_CrlDp *dpl = NULL; | |
| 80 | |
| 81 /* Need to save the following info to update crl cache: | |
| 82 * - reasons if partitioned(but can not return revocation check | |
| 83 * success if not all crl are downloaded) | |
| 84 * - issuer name if different from issuer of the cert | |
| 85 * - url to upload a crl if needed. | |
| 86 * */ | |
| 87 PKIX_ENTER(CRLDP, "pkix_pl_CrlDp_Create"); | |
| 88 PKIX_NULLCHECK_ONE(dp); | |
| 89 | |
| 90 PKIX_CHECK( | |
| 91 PKIX_PL_Object_Alloc(PKIX_CRLDP_TYPE, | |
| 92 sizeof (pkix_pl_CrlDp), | |
| 93 (PKIX_PL_Object **)&dpl, | |
| 94 plContext), | |
| 95 PKIX_COULDNOTCREATEOBJECT); | |
| 96 | |
| 97 dpl->nssdp = dp; | |
| 98 dpl->isPartitionedByReasonCode = PKIX_FALSE; | |
| 99 if (dp->reasons.data) { | |
| 100 dpl->isPartitionedByReasonCode = PKIX_TRUE; | |
| 101 } | |
| 102 if (dp->distPointType == generalName) { | |
| 103 dpl->distPointType = generalName; | |
| 104 dpl->name.fullName = dp->distPoint.fullName; | |
| 105 } else { | |
| 106 SECStatus rv; | |
| 107 const CERTName *issuerName = NULL; | |
| 108 const CERTRDN *relName = &dp->distPoint.relativeName; | |
| 109 | |
| 110 if (dp->crlIssuer) { | |
| 111 if (dp->crlIssuer->l.next) { | |
| 112 /* Violate RFC 5280: in this case crlIssuer | |
| 113 * should have only one name and should be | |
| 114 * a distinguish name. */ | |
| 115 PKIX_ERROR(PKIX_NOTCONFORMINGCRLDP); | |
| 116 } | |
| 117 issuerName = &dp->crlIssuer->name.directoryName; | |
| 118 } else { | |
| 119 issuerName = certIssuerName; | |
| 120 } | |
| 121 rdnArena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); | |
| 122 if (!rdnArena) { | |
| 123 PKIX_ERROR(PKIX_PORTARENAALLOCFAILED); | |
| 124 } | |
| 125 issuerNameCopy = (CERTName *)PORT_ArenaZNew(rdnArena, CERTName); | |
| 126 if (!issuerNameCopy) { | |
| 127 PKIX_ERROR(PKIX_ALLOCERROR); | |
| 128 } | |
| 129 rv = CERT_CopyName(rdnArena, issuerNameCopy, (CERTName*)issuerName); | |
| 130 if (rv == SECFailure) { | |
| 131 PKIX_ERROR(PKIX_ALLOCERROR); | |
| 132 } | |
| 133 rv = CERT_AddRDN(issuerNameCopy, (CERTRDN*)relName); | |
| 134 if (rv == SECFailure) { | |
| 135 PKIX_ERROR(PKIX_ALLOCERROR); | |
| 136 } | |
| 137 dpl->distPointType = relativeDistinguishedName; | |
| 138 dpl->name.issuerName = issuerNameCopy; | |
| 139 rdnArena = NULL; | |
| 140 } | |
| 141 *pPkixDP = dpl; | |
| 142 dpl = NULL; | |
| 143 | |
| 144 cleanup: | |
| 145 if (rdnArena) { | |
| 146 PORT_FreeArena(rdnArena, PR_FALSE); | |
| 147 } | |
| 148 PKIX_DECREF(dpl); | |
| 149 | |
| 150 PKIX_RETURN(CRLDP); | |
| 151 } | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2078763002:
Delete bundled copy of NSS and replace with README. (Closed)
Base URL: https://chromium.googlesource.com/chromium/deps/nss@master