Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(3)

Unified Diff: nss/lib/certdb/certxutl.c

Issue 2078763002: Delete bundled copy of NSS and replace with README. (Closed) Base URL: https://chromium.googlesource.com/chromium/deps/nss@master
Patch Set: Delete bundled copy of NSS and replace with README. Created 4 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « nss/lib/certdb/certxutl.h ('k') | nss/lib/certdb/crl.c » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: nss/lib/certdb/certxutl.c
diff --git a/nss/lib/certdb/certxutl.c b/nss/lib/certdb/certxutl.c
deleted file mode 100644
index 1610da2165ccaf3e51bbc05d6c06ab00dfc3af0d..0000000000000000000000000000000000000000
--- a/nss/lib/certdb/certxutl.c
+++ /dev/null
@@ -1,495 +0,0 @@
-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-/*
- * Certificate Extensions handling code
- *
- */
-
-#include "cert.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "secder.h"
-#include "secasn1.h"
-#include "certxutl.h"
-#include "secerr.h"
-
-#ifdef OLD
-#include "ocspti.h" /* XXX a better extensions interface would not
- * require knowledge of data structures of callers */
-#endif
-
-static CERTCertExtension *
-GetExtension(CERTCertExtension **extensions, SECItem *oid)
-{
- CERTCertExtension **exts;
- CERTCertExtension *ext = NULL;
- SECComparison comp;
-
- exts = extensions;
-
- if (exts) {
- while (*exts) {
- ext = *exts;
- comp = SECITEM_CompareItem(oid, &ext->id);
- if (comp == SECEqual)
- break;
-
- exts++;
- }
- return (*exts ? ext : NULL);
- }
- return (NULL);
-}
-
-SECStatus
-cert_FindExtensionByOID(CERTCertExtension **extensions, SECItem *oid,
- SECItem *value)
-{
- CERTCertExtension *ext;
- SECStatus rv = SECSuccess;
-
- ext = GetExtension(extensions, oid);
- if (ext == NULL) {
- PORT_SetError(SEC_ERROR_EXTENSION_NOT_FOUND);
- return (SECFailure);
- }
- if (value)
- rv = SECITEM_CopyItem(NULL, value, &ext->value);
- return (rv);
-}
-
-SECStatus
-CERT_GetExtenCriticality(CERTCertExtension **extensions, int tag,
- PRBool *isCritical)
-{
- CERTCertExtension *ext;
- SECOidData *oid;
-
- if (!isCritical)
- return (SECSuccess);
-
- /* find the extension in the extensions list */
- oid = SECOID_FindOIDByTag((SECOidTag)tag);
- if (!oid) {
- return (SECFailure);
- }
- ext = GetExtension(extensions, &oid->oid);
- if (ext == NULL) {
- PORT_SetError(SEC_ERROR_EXTENSION_NOT_FOUND);
- return (SECFailure);
- }
-
- /* If the criticality is omitted, then it is false by default.
- ex->critical.data is NULL */
- if (ext->critical.data == NULL)
- *isCritical = PR_FALSE;
- else
- *isCritical = (ext->critical.data[0] == 0xff) ? PR_TRUE : PR_FALSE;
- return (SECSuccess);
-}
-
-SECStatus
-cert_FindExtension(CERTCertExtension **extensions, int tag, SECItem *value)
-{
- SECOidData *oid;
-
- oid = SECOID_FindOIDByTag((SECOidTag)tag);
- if (!oid) {
- return (SECFailure);
- }
-
- return (cert_FindExtensionByOID(extensions, &oid->oid, value));
-}
-
-typedef struct _extNode {
- struct _extNode *next;
- CERTCertExtension *ext;
-} extNode;
-
-typedef struct {
- void (*setExts)(void *object, CERTCertExtension **exts);
- void *object;
- PLArenaPool *ownerArena;
- PLArenaPool *arena;
- extNode *head;
- int count;
-} extRec;
-
-/*
- * cert_StartExtensions
- *
- * NOTE: This interface changed significantly to remove knowledge
- * about callers data structures (owner objects)
- */
-void *
-cert_StartExtensions(void *owner, PLArenaPool *ownerArena,
- void (*setExts)(void *object, CERTCertExtension **exts))
-{
- PLArenaPool *arena;
- extRec *handle;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (!arena) {
- return (0);
- }
-
- handle = (extRec *)PORT_ArenaAlloc(arena, sizeof(extRec));
- if (!handle) {
- PORT_FreeArena(arena, PR_FALSE);
- return (0);
- }
-
- handle->object = owner;
- handle->ownerArena = ownerArena;
- handle->setExts = setExts;
-
- handle->arena = arena;
- handle->head = 0;
- handle->count = 0;
-
- return (handle);
-}
-
-static unsigned char hextrue = 0xff;
-
-/*
- * Note - assumes that data pointed to by oid->data will not move
- */
-SECStatus
-CERT_AddExtensionByOID(void *exthandle, SECItem *oid, SECItem *value,
- PRBool critical, PRBool copyData)
-{
- CERTCertExtension *ext;
- SECStatus rv;
- extNode *node;
- extRec *handle;
-
- handle = (extRec *)exthandle;
-
- /* allocate space for extension and list node */
- ext = (CERTCertExtension *)PORT_ArenaZAlloc(handle->ownerArena,
- sizeof(CERTCertExtension));
- if (!ext) {
- return (SECFailure);
- }
-
- node = (extNode *)PORT_ArenaAlloc(handle->arena, sizeof(extNode));
- if (!node) {
- return (SECFailure);
- }
-
- /* add to list */
- node->next = handle->head;
- handle->head = node;
-
- /* point to ext struct */
- node->ext = ext;
-
- /* the object ID of the extension */
- ext->id = *oid;
-
- /* set critical field */
- if (critical) {
- ext->critical.data = (unsigned char *)&hextrue;
- ext->critical.len = 1;
- }
-
- /* set the value */
- if (copyData) {
- rv = SECITEM_CopyItem(handle->ownerArena, &ext->value, value);
- if (rv) {
- return (SECFailure);
- }
- } else {
- ext->value = *value;
- }
-
- handle->count++;
-
- return (SECSuccess);
-}
-
-SECStatus
-CERT_AddExtension(void *exthandle, int idtag, SECItem *value, PRBool critical,
- PRBool copyData)
-{
- SECOidData *oid;
-
- oid = SECOID_FindOIDByTag((SECOidTag)idtag);
- if (!oid) {
- return (SECFailure);
- }
-
- return (CERT_AddExtensionByOID(exthandle, &oid->oid, value, critical,
- copyData));
-}
-
-SECStatus
-CERT_EncodeAndAddExtension(void *exthandle, int idtag, void *value,
- PRBool critical, const SEC_ASN1Template *atemplate)
-{
- extRec *handle;
- SECItem *encitem;
-
- handle = (extRec *)exthandle;
-
- encitem = SEC_ASN1EncodeItem(handle->ownerArena, NULL, value, atemplate);
- if (encitem == NULL) {
- return (SECFailure);
- }
-
- return CERT_AddExtension(exthandle, idtag, encitem, critical, PR_FALSE);
-}
-
-void
-PrepareBitStringForEncoding(SECItem *bitsmap, SECItem *value)
-{
- unsigned char onebyte;
- unsigned int i, len = 0;
-
- /* to prevent warning on some platform at compile time */
- onebyte = '\0';
- /* Get the position of the right-most turn-on bit */
- for (i = 0; i < (value->len) * 8; ++i) {
- if (i % 8 == 0)
- onebyte = value->data[i / 8];
- if (onebyte & 0x80)
- len = i;
- onebyte <<= 1;
- }
- bitsmap->data = value->data;
- /* Add one here since we work with base 1 */
- bitsmap->len = len + 1;
-}
-
-SECStatus
-CERT_EncodeAndAddBitStrExtension(void *exthandle, int idtag, SECItem *value,
- PRBool critical)
-{
- SECItem bitsmap;
-
- PrepareBitStringForEncoding(&bitsmap, value);
- return (CERT_EncodeAndAddExtension(exthandle, idtag, &bitsmap, critical,
- SEC_ASN1_GET(SEC_BitStringTemplate)));
-}
-
-SECStatus
-CERT_FinishExtensions(void *exthandle)
-{
- extRec *handle;
- extNode *node;
- CERTCertExtension **exts;
- SECStatus rv = SECFailure;
-
- handle = (extRec *)exthandle;
-
- /* allocate space for extensions array */
- exts = PORT_ArenaNewArray(handle->ownerArena, CERTCertExtension *,
- handle->count + 1);
- if (exts == NULL) {
- goto loser;
- }
-
-/* put extensions in owner object and update its version number */
-
-#ifdef OLD
- switch (handle->type) {
- case CertificateExtensions:
- handle->owner.cert->extensions = exts;
- DER_SetUInteger(ownerArena, &(handle->owner.cert->version),
- SEC_CERTIFICATE_VERSION_3);
- break;
- case CrlExtensions:
- handle->owner.crl->extensions = exts;
- DER_SetUInteger(ownerArena, &(handle->owner.crl->version),
- SEC_CRL_VERSION_2);
- break;
- case OCSPRequestExtensions:
- handle->owner.request->tbsRequest->requestExtensions = exts;
- break;
- case OCSPSingleRequestExtensions:
- handle->owner.singleRequest->singleRequestExtensions = exts;
- break;
- case OCSPResponseSingleExtensions:
- handle->owner.singleResponse->singleExtensions = exts;
- break;
- }
-#endif
-
- handle->setExts(handle->object, exts);
-
- /* update the version number */
-
- /* copy each extension pointer */
- node = handle->head;
- while (node) {
- *exts = node->ext;
-
- node = node->next;
- exts++;
- }
-
- /* terminate the array of extensions */
- *exts = 0;
-
- rv = SECSuccess;
-
-loser:
- /* free working arena */
- PORT_FreeArena(handle->arena, PR_FALSE);
- return rv;
-}
-
-SECStatus
-CERT_MergeExtensions(void *exthandle, CERTCertExtension **extensions)
-{
- CERTCertExtension *ext;
- SECStatus rv = SECSuccess;
- SECOidTag tag;
- extNode *node;
- extRec *handle = exthandle;
-
- if (!exthandle || !extensions) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- while ((ext = *extensions++) != NULL) {
- tag = SECOID_FindOIDTag(&ext->id);
- for (node = handle->head; node != NULL; node = node->next) {
- if (tag == 0) {
- if (SECITEM_ItemsAreEqual(&ext->id, &node->ext->id))
- break;
- } else {
- if (SECOID_FindOIDTag(&node->ext->id) == tag) {
- break;
- }
- }
- }
- if (node == NULL) {
- PRBool critical = (ext->critical.len != 0 &&
- ext->critical.data[ext->critical.len - 1] != 0);
- if (critical && tag == SEC_OID_UNKNOWN) {
- PORT_SetError(SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION);
- rv = SECFailure;
- break;
- }
- /* add to list */
- rv = CERT_AddExtensionByOID(exthandle, &ext->id, &ext->value,
- critical, PR_TRUE);
- if (rv != SECSuccess)
- break;
- }
- }
- return rv;
-}
-
-/*
- * get the value of the Netscape Certificate Type Extension
- */
-SECStatus
-CERT_FindBitStringExtension(CERTCertExtension **extensions, int tag,
- SECItem *retItem)
-{
- SECItem wrapperItem, tmpItem = { siBuffer, 0 };
- SECStatus rv;
- PLArenaPool *arena = NULL;
-
- wrapperItem.data = NULL;
- tmpItem.data = NULL;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-
- if (!arena) {
- return (SECFailure);
- }
-
- rv = cert_FindExtension(extensions, tag, &wrapperItem);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- rv = SEC_QuickDERDecodeItem(
- arena, &tmpItem, SEC_ASN1_GET(SEC_BitStringTemplate), &wrapperItem);
-
- if (rv != SECSuccess) {
- goto loser;
- }
-
- retItem->data = (unsigned char *)PORT_Alloc((tmpItem.len + 7) >> 3);
- if (retItem->data == NULL) {
- goto loser;
- }
-
- PORT_Memcpy(retItem->data, tmpItem.data, (tmpItem.len + 7) >> 3);
- retItem->len = tmpItem.len;
-
- rv = SECSuccess;
- goto done;
-
-loser:
- rv = SECFailure;
-
-done:
- if (arena) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- if (wrapperItem.data) {
- PORT_Free(wrapperItem.data);
- }
-
- return (rv);
-}
-
-PRBool
-cert_HasCriticalExtension(CERTCertExtension **extensions)
-{
- CERTCertExtension **exts;
- CERTCertExtension *ext = NULL;
- PRBool hasCriticalExten = PR_FALSE;
-
- exts = extensions;
-
- if (exts) {
- while (*exts) {
- ext = *exts;
- /* If the criticality is omitted, it's non-critical */
- if (ext->critical.data && ext->critical.data[0] == 0xff) {
- hasCriticalExten = PR_TRUE;
- break;
- }
- exts++;
- }
- }
- return (hasCriticalExten);
-}
-
-PRBool
-cert_HasUnknownCriticalExten(CERTCertExtension **extensions)
-{
- CERTCertExtension **exts;
- CERTCertExtension *ext = NULL;
- PRBool hasUnknownCriticalExten = PR_FALSE;
-
- exts = extensions;
-
- if (exts) {
- while (*exts) {
- ext = *exts;
- /* If the criticality is omitted, it's non-critical.
- If an extension is critical, make sure that we know
- how to process the extension.
- */
- if (ext->critical.data && ext->critical.data[0] == 0xff) {
- if (SECOID_KnownCertExtenOID(&ext->id) == PR_FALSE) {
- hasUnknownCriticalExten = PR_TRUE;
- break;
- }
- }
- exts++;
- }
- }
- return (hasUnknownCriticalExten);
-}
« no previous file with comments | « nss/lib/certdb/certxutl.h ('k') | nss/lib/certdb/crl.c » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698