Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(44)

Unified Diff: nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_crlentry.c

Issue 2078763002: Delete bundled copy of NSS and replace with README. (Closed) Base URL: https://chromium.googlesource.com/chromium/deps/nss@master
Patch Set: Delete bundled copy of NSS and replace with README. Created 4 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_crlentry.h ('k') | nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_date.h » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_crlentry.c
diff --git a/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_crlentry.c b/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_crlentry.c
deleted file mode 100644
index e2b3e02688e1084c1609c97fe78dc3297830c55e..0000000000000000000000000000000000000000
--- a/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_crlentry.c
+++ /dev/null
@@ -1,880 +0,0 @@
-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-/*
- * pkix_pl_crlentry.c
- *
- * CRLENTRY Function Definitions
- *
- */
-
-#include "pkix_pl_crlentry.h"
-
-/* --Private-CRLEntry-Functions------------------------------------- */
-
-/*
- * FUNCTION: pkix_pl_CRLEntry_Destroy
- * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
- */
-static PKIX_Error *
-pkix_pl_CRLEntry_Destroy(
- PKIX_PL_Object *object,
- void *plContext)
-{
- PKIX_PL_CRLEntry *crlEntry = NULL;
-
- PKIX_ENTER(CRLENTRY, "pkix_pl_CRLEntry_Destroy");
- PKIX_NULLCHECK_ONE(object);
-
- PKIX_CHECK(pkix_CheckType(object, PKIX_CRLENTRY_TYPE, plContext),
- PKIX_OBJECTNOTCRLENTRY);
-
- crlEntry = (PKIX_PL_CRLEntry*)object;
-
- /* crlEntry->nssCrlEntry is freed by NSS when freeing CRL */
- crlEntry->userReasonCode = 0;
- crlEntry->userReasonCodeAbsent = PKIX_FALSE;
- crlEntry->nssCrlEntry = NULL;
- PKIX_DECREF(crlEntry->serialNumber);
- PKIX_DECREF(crlEntry->critExtOids);
-
-cleanup:
-
- PKIX_RETURN(CRLENTRY);
-}
-
-/*
- * FUNCTION: pkix_pl_CRLEntry_ToString_Helper
- *
- * DESCRIPTION:
- * Helper function that creates a string representation of the CRLEntry
- * pointed to by "crlEntry" and stores it at "pString".
- *
- * PARAMETERS
- * "crlEntry"
- * Address of CRLEntry whose string representation is desired.
- * Must be non-NULL.
- * "pString"
- * Address where object pointer will be stored. Must be non-NULL.
- * "plContext"
- * Platform-specific context pointer.
- * THREAD SAFETY:
- * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
- * RETURNS:
- * Returns NULL if the function succeeds.
- * Returns a CRLEntry Error if the function fails in a non-fatal way.
- * Returns a Fatal Error if the function fails in an unrecoverable way.
- */
-PKIX_Error *
-pkix_pl_CRLEntry_ToString_Helper(
- PKIX_PL_CRLEntry *crlEntry,
- PKIX_PL_String **pString,
- void *plContext)
-{
- char *asciiFormat = NULL;
- PKIX_List *critExtOIDs = NULL;
- PKIX_PL_String *crlEntryString = NULL;
- PKIX_PL_String *formatString = NULL;
- PKIX_PL_String *crlSerialNumberString = NULL;
- PKIX_PL_String *crlRevocationDateString = NULL;
- PKIX_PL_String *critExtOIDsString = NULL;
- PKIX_Int32 reasonCode = 0;
-
- PKIX_ENTER(CRLENTRY, "pkix_pl_CRLEntry_ToString_Helper");
- PKIX_NULLCHECK_FOUR
- (crlEntry,
- crlEntry->serialNumber,
- crlEntry->nssCrlEntry,
- pString);
-
- asciiFormat =
- "\n\t[\n"
- "\tSerialNumber: %s\n"
- "\tReasonCode: %d\n"
- "\tRevocationDate: %s\n"
- "\tCritExtOIDs: %s\n"
- "\t]\n\t";
-
- PKIX_CHECK(PKIX_PL_String_Create
- (PKIX_ESCASCII,
- asciiFormat,
- 0,
- &formatString,
- plContext),
- PKIX_STRINGCREATEFAILED);
-
- /* SerialNumber */
- PKIX_CHECK(PKIX_PL_Object_ToString
- ((PKIX_PL_Object *)crlEntry->serialNumber,
- &crlSerialNumberString,
- plContext),
- PKIX_BIGINTTOSTRINGHELPERFAILED);
-
- /* RevocationDate - No Date object created, use nss data directly */
- PKIX_CHECK(pkix_pl_Date_ToString_Helper
- (&(crlEntry->nssCrlEntry->revocationDate),
- &crlRevocationDateString,
- plContext),
- PKIX_DATETOSTRINGHELPERFAILED);
-
- /* CriticalExtensionOIDs */
- PKIX_CHECK(PKIX_PL_CRLEntry_GetCriticalExtensionOIDs
- (crlEntry, &critExtOIDs, plContext),
- PKIX_CRLENTRYGETCRITICALEXTENSIONOIDSFAILED);
-
- PKIX_TOSTRING(critExtOIDs, &critExtOIDsString, plContext,
- PKIX_LISTTOSTRINGFAILED);
-
- /* Revocation Reason Code */
- PKIX_CHECK(PKIX_PL_CRLEntry_GetCRLEntryReasonCode
- (crlEntry, &reasonCode, plContext),
- PKIX_CRLENTRYGETCRLENTRYREASONCODEFAILED);
-
- PKIX_CHECK(PKIX_PL_Sprintf
- (&crlEntryString,
- plContext,
- formatString,
- crlSerialNumberString,
- reasonCode,
- crlRevocationDateString,
- critExtOIDsString),
- PKIX_SPRINTFFAILED);
-
- *pString = crlEntryString;
-
-cleanup:
-
- PKIX_DECREF(critExtOIDs);
- PKIX_DECREF(crlSerialNumberString);
- PKIX_DECREF(crlRevocationDateString);
- PKIX_DECREF(critExtOIDsString);
- PKIX_DECREF(formatString);
-
- PKIX_RETURN(CRLENTRY);
-}
-
-/*
- * FUNCTION: pkix_pl_CRLEntry_ToString
- * (see comments for PKIX_PL_ToStringCallback in pkix_pl_system.h)
- */
-static PKIX_Error *
-pkix_pl_CRLEntry_ToString(
- PKIX_PL_Object *object,
- PKIX_PL_String **pString,
- void *plContext)
-{
- PKIX_PL_String *crlEntryString = NULL;
- PKIX_PL_CRLEntry *crlEntry = NULL;
-
- PKIX_ENTER(CRLENTRY, "pkix_pl_CRLEntry_ToString");
- PKIX_NULLCHECK_TWO(object, pString);
-
- PKIX_CHECK(pkix_CheckType(object, PKIX_CRLENTRY_TYPE, plContext),
- PKIX_OBJECTNOTCRLENTRY);
-
- crlEntry = (PKIX_PL_CRLEntry *) object;
-
- PKIX_CHECK(pkix_pl_CRLEntry_ToString_Helper
- (crlEntry, &crlEntryString, plContext),
- PKIX_CRLENTRYTOSTRINGHELPERFAILED);
-
- *pString = crlEntryString;
-
-cleanup:
-
- PKIX_RETURN(CRLENTRY);
-}
-
-/*
- * FUNCTION: pkix_pl_CRLEntry_Extensions_Hashcode
- * DESCRIPTION:
- *
- * For each CRL Entry extension stored at NSS structure CERTCertExtension,
- * get its derbyte data and do the hash.
- *
- * PARAMETERS
- * "extensions"
- * Address of arrray of CERTCertExtension whose hash value is desired.
- * Must be non-NULL.
- * "pHashValue"
- * Address where the final hash value is returned. Must be non-NULL.
- * "plContext"
- * Platform-specific context pointer.
- * THREAD SAFETY:
- * Conditional Thread Safe
- * Though the value of extensions once created is not supposed to change,
- * it may be de-allocated while we are accessing it. But since we are
- * validating the object, it is unlikely we or someone is de-allocating
- * at the moment.
- * RETURNS:
- * Returns NULL if the function succeeds.
- * Returns an OID Error if the function fails in a non-fatal way.
- * Returns a Fatal Error if the function fails in an unrecoverable way.
- */
-static PKIX_Error *
-pkix_pl_CRLEntry_Extensions_Hashcode(
- CERTCertExtension **extensions,
- PKIX_UInt32 *pHashValue,
- void *plContext)
-{
- CERTCertExtension *extension = NULL;
- PLArenaPool *arena = NULL;
- PKIX_UInt32 extHash = 0;
- PKIX_UInt32 hashValue = 0;
- SECItem *derBytes = NULL;
- SECItem *resultSecItem = NULL;
-
- PKIX_ENTER(CRLENTRY, "pkix_pl_CRLEntry_Extensions_Hashcode");
- PKIX_NULLCHECK_TWO(extensions, pHashValue);
-
- if (extensions) {
-
- PKIX_CRLENTRY_DEBUG("\t\tCalling PORT_NewArena\n");
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- PKIX_ERROR(PKIX_OUTOFMEMORY);
- }
-
- while (*extensions) {
-
- extension = *extensions++;
-
- PKIX_NULLCHECK_ONE(extension);
-
- PKIX_CRLENTRY_DEBUG("\t\tCalling PORT_ArenaZNew\n");
- derBytes = PORT_ArenaZNew(arena, SECItem);
- if (derBytes == NULL) {
- PKIX_ERROR(PKIX_PORTARENAALLOCFAILED);
- }
-
- PKIX_CRLENTRY_DEBUG
- ("\t\tCalling SEC_ASN1EncodeItem\n");
- resultSecItem = SEC_ASN1EncodeItem
- (arena,
- derBytes,
- extension,
- CERT_CertExtensionTemplate);
-
- if (resultSecItem == NULL){
- PKIX_ERROR(PKIX_SECASN1ENCODEITEMFAILED);
- }
-
- PKIX_CHECK(pkix_hash
- (derBytes->data,
- derBytes->len,
- &extHash,
- plContext),
- PKIX_HASHFAILED);
-
- hashValue += (extHash << 7);
-
- }
- }
-
- *pHashValue = hashValue;
-
-cleanup:
-
- if (arena){
- /* Note that freeing the arena also frees derBytes */
- PKIX_CRLENTRY_DEBUG("\t\tCalling PORT_FreeArena\n");
- PORT_FreeArena(arena, PR_FALSE);
- arena = NULL;
- }
- PKIX_RETURN(CRLENTRY);
-}
-
-/*
- * FUNCTION: pkix_pl_CRLEntry_Hashcode
- * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
- */
-static PKIX_Error *
-pkix_pl_CRLEntry_Hashcode(
- PKIX_PL_Object *object,
- PKIX_UInt32 *pHashcode,
- void *plContext)
-{
- SECItem *nssDate = NULL;
- PKIX_PL_CRLEntry *crlEntry = NULL;
- PKIX_UInt32 crlEntryHash;
- PKIX_UInt32 hashValue;
- PKIX_Int32 reasonCode = 0;
-
- PKIX_ENTER(CRLENTRY, "pkix_pl_CRLEntry_Hashcode");
- PKIX_NULLCHECK_TWO(object, pHashcode);
-
- PKIX_CHECK(pkix_CheckType(object, PKIX_CRLENTRY_TYPE, plContext),
- PKIX_OBJECTNOTCRLENTRY);
-
- crlEntry = (PKIX_PL_CRLEntry *)object;
-
- PKIX_NULLCHECK_ONE(crlEntry->nssCrlEntry);
- nssDate = &(crlEntry->nssCrlEntry->revocationDate);
-
- PKIX_NULLCHECK_ONE(nssDate->data);
-
- PKIX_CHECK(pkix_hash
- ((const unsigned char *)nssDate->data,
- nssDate->len,
- &crlEntryHash,
- plContext),
- PKIX_ERRORGETTINGHASHCODE);
-
- PKIX_CHECK(PKIX_PL_Object_Hashcode
- ((PKIX_PL_Object *)crlEntry->serialNumber,
- &hashValue,
- plContext),
- PKIX_OBJECTHASHCODEFAILED);
-
- crlEntryHash += (hashValue << 7);
-
- hashValue = 0;
-
- if (crlEntry->nssCrlEntry->extensions) {
-
- PKIX_CHECK(pkix_pl_CRLEntry_Extensions_Hashcode
- (crlEntry->nssCrlEntry->extensions, &hashValue, plContext),
- PKIX_CRLENTRYEXTENSIONSHASHCODEFAILED);
- }
-
- crlEntryHash += (hashValue << 7);
-
- PKIX_CHECK(PKIX_PL_CRLEntry_GetCRLEntryReasonCode
- (crlEntry, &reasonCode, plContext),
- PKIX_CRLENTRYGETCRLENTRYREASONCODEFAILED);
-
- crlEntryHash += (reasonCode + 777) << 3;
-
- *pHashcode = crlEntryHash;
-
-cleanup:
-
- PKIX_RETURN(CRLENTRY);
-}
-
-/*
- * FUNCTION: pkix_pl_CRLENTRY_Extensions_Equals
- * DESCRIPTION:
- *
- * Compare each extension's DERbyte data in "firstExtensions" with extension
- * in "secondExtensions" in sequential order and store the result in
- * "pResult".
- *
- * PARAMETERS
- * "firstExtensions"
- * Address of first NSS structure CERTCertExtension to be compared.
- * Must be non-NULL.
- * "secondExtensions"
- * Address of second NSS structure CERTCertExtension to be compared.
- * Must be non-NULL.
- * "pResult"
- * Address where the comparison result is returned. Must be non-NULL.
- * "plContext"
- * Platform-specific context pointer.
- * THREAD SAFETY:
- * Conditionally Thread Safe
- * Though the value of extensions once created is not supposed to change,
- * it may be de-allocated while we are accessing it. But since we are
- * validating the object, it is unlikely we or someone is de-allocating
- * at the moment.
- * RETURNS:
- * Returns NULL if the function succeeds.
- * Returns an OID Error if the function fails in a non-fatal way.
- * Returns a Fatal Error if the function fails in an unrecoverable way.
- */
-static PKIX_Error *
-pkix_pl_CRLEntry_Extensions_Equals(
- CERTCertExtension **extensions1,
- CERTCertExtension **extensions2,
- PKIX_Boolean *pResult,
- void *plContext)
-{
- CERTCertExtension **firstExtensions;
- CERTCertExtension **secondExtensions;
- CERTCertExtension *firstExtension = NULL;
- CERTCertExtension *secondExtension = NULL;
- PLArenaPool *arena = NULL;
- PKIX_Boolean cmpResult = PKIX_FALSE;
- SECItem *firstDerBytes = NULL;
- SECItem *secondDerBytes = NULL;
- SECItem *firstResultSecItem = NULL;
- SECItem *secondResultSecItem = NULL;
- PKIX_UInt32 firstNumExt = 0;
- PKIX_UInt32 secondNumExt = 0;
- SECComparison secResult;
-
- PKIX_ENTER(CRLENTRY, "pkix_pl_CRLEntry_Extensions_Equals");
- PKIX_NULLCHECK_THREE(extensions1, extensions2, pResult);
-
- firstExtensions = extensions1;
- secondExtensions = extensions2;
-
- if (firstExtensions) {
- while (*firstExtensions) {
- firstExtension = *firstExtensions++;
- firstNumExt++;
- }
- }
-
- if (secondExtensions) {
- while (*secondExtensions) {
- secondExtension = *secondExtensions++;
- secondNumExt++;
- }
- }
-
- if (firstNumExt != secondNumExt) {
- *pResult = PKIX_FALSE;
- goto cleanup;
- }
-
- if (firstNumExt == 0 && secondNumExt == 0) {
- *pResult = PKIX_TRUE;
- goto cleanup;
- }
-
- /* now have equal number, but non-zero extension items to compare */
-
- firstExtensions = extensions1;
- secondExtensions = extensions2;
-
- cmpResult = PKIX_TRUE;
-
- PKIX_CRLENTRY_DEBUG("\t\tCalling PORT_NewArena\n");
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE*2);
- if (arena == NULL) {
- PKIX_ERROR(PKIX_OUTOFMEMORY);
- }
-
- while (firstNumExt--) {
-
- firstExtension = *firstExtensions++;
- secondExtension = *secondExtensions++;
-
- PKIX_NULLCHECK_TWO(firstExtension, secondExtension);
-
- PKIX_CRLENTRY_DEBUG("\t\tCalling PORT_ArenaZNew\n");
- firstDerBytes = PORT_ArenaZNew(arena, SECItem);
- if (firstDerBytes == NULL) {
- PKIX_ERROR(PKIX_PORTARENAALLOCFAILED);
- }
-
- PKIX_CRLENTRY_DEBUG("\t\tCalling PORT_ArenaZNew\n");
- secondDerBytes = PORT_ArenaZNew(arena, SECItem);
- if (secondDerBytes == NULL) {
- PKIX_ERROR(PKIX_PORTARENAALLOCFAILED);
- }
-
- PKIX_CRLENTRY_DEBUG
- ("\t\tCalling SEC_ASN1EncodeItem\n");
- firstResultSecItem = SEC_ASN1EncodeItem
- (arena,
- firstDerBytes,
- firstExtension,
- CERT_CertExtensionTemplate);
-
- if (firstResultSecItem == NULL){
- PKIX_ERROR(PKIX_SECASN1ENCODEITEMFAILED);
- }
-
- PKIX_CRLENTRY_DEBUG
- ("\t\tCalling SEC_ASN1EncodeItem\n");
- secondResultSecItem = SEC_ASN1EncodeItem
- (arena,
- secondDerBytes,
- secondExtension,
- CERT_CertExtensionTemplate);
-
- if (secondResultSecItem == NULL){
- PKIX_ERROR(PKIX_SECASN1ENCODEITEMFAILED);
- }
-
- PKIX_CRLENTRY_DEBUG("\t\tCalling SECITEM_CompareItem\n");
- secResult = SECITEM_CompareItem
- (firstResultSecItem, secondResultSecItem);
-
- if (secResult != SECEqual) {
- cmpResult = PKIX_FALSE;
- break;
- }
-
- }
-
- *pResult = cmpResult;
-
-cleanup:
-
- if (arena){
- /* Note that freeing the arena also frees derBytes */
- PKIX_CRLENTRY_DEBUG("\t\tCalling PORT_FreeArena\n");
- PORT_FreeArena(arena, PR_FALSE);
- arena = NULL;
- }
-
- PKIX_RETURN(CRLENTRY);
-}
-
-/*
- * FUNCTION: pkix_pl_CRLEntry_Equals
- * (see comments for PKIX_PL_Equals_Callback in pkix_pl_system.h)
- */
-static PKIX_Error *
-pkix_pl_CRLEntry_Equals(
- PKIX_PL_Object *firstObject,
- PKIX_PL_Object *secondObject,
- PKIX_Boolean *pResult,
- void *plContext)
-{
- PKIX_PL_CRLEntry *firstCrlEntry = NULL;
- PKIX_PL_CRLEntry *secondCrlEntry = NULL;
- PKIX_UInt32 secondType;
- PKIX_Boolean cmpResult = PKIX_FALSE;
-
- PKIX_ENTER(CRLENTRY, "pkix_pl_CRLEntry_Equals");
- PKIX_NULLCHECK_THREE(firstObject, secondObject, pResult);
-
- /* test that firstObject is a CRLEntry */
- PKIX_CHECK(pkix_CheckType(firstObject, PKIX_CRLENTRY_TYPE, plContext),
- PKIX_FIRSTOBJECTNOTCRLENTRY);
-
- firstCrlEntry = (PKIX_PL_CRLEntry *)firstObject;
- secondCrlEntry = (PKIX_PL_CRLEntry *)secondObject;
-
- PKIX_NULLCHECK_TWO
- (firstCrlEntry->nssCrlEntry, secondCrlEntry->nssCrlEntry);
-
- /*
- * Since we know firstObject is a CRLEntry, if both references are
- * identical, they must be equal
- */
- if (firstCrlEntry == secondCrlEntry){
- *pResult = PKIX_TRUE;
- goto cleanup;
- }
-
- /*
- * If secondCrlEntry isn't a CRL Entry, we don't throw an error.
- * We simply return a Boolean result of FALSE
- */
- *pResult = PKIX_FALSE;
- PKIX_CHECK(PKIX_PL_Object_GetType
- ((PKIX_PL_Object *)secondCrlEntry, &secondType, plContext),
- PKIX_COULDNOTGETTYPEOFSECONDARGUMENT);
- if (secondType != PKIX_CRLENTRY_TYPE) goto cleanup;
-
- /* Compare userSerialNumber */
- PKIX_CRLENTRY_DEBUG("\t\tCalling SECITEM_CompareItem\n");
- if (SECITEM_CompareItem(
- &(((PKIX_PL_CRLEntry *)firstCrlEntry)->nssCrlEntry->serialNumber),
- &(((PKIX_PL_CRLEntry *)secondCrlEntry)->nssCrlEntry->serialNumber))
- != SECEqual) {
- *pResult = PKIX_FALSE;
- goto cleanup;
- }
-
- /* Compare revocationDate */
- PKIX_CRLENTRY_DEBUG("\t\tCalling SECITEM_CompareItem\n");
- if (SECITEM_CompareItem
- (&(((PKIX_PL_CRLEntry *)firstCrlEntry)->nssCrlEntry->
- revocationDate),
- &(((PKIX_PL_CRLEntry *)secondCrlEntry)->nssCrlEntry->
- revocationDate))
- != SECEqual) {
- *pResult = PKIX_FALSE;
- goto cleanup;
- }
-
- /* Compare Critical Extension List */
- PKIX_CHECK(pkix_pl_CRLEntry_Extensions_Equals
- (firstCrlEntry->nssCrlEntry->extensions,
- secondCrlEntry->nssCrlEntry->extensions,
- &cmpResult,
- plContext),
- PKIX_CRLENTRYEXTENSIONSEQUALSFAILED);
-
- if (cmpResult != PKIX_TRUE){
- *pResult = PKIX_FALSE;
- goto cleanup;
- }
-
- cmpResult = (firstCrlEntry->userReasonCode ==
- secondCrlEntry->userReasonCode);
-
- *pResult = cmpResult;
-
-cleanup:
-
- PKIX_RETURN(CRLENTRY);
-}
-
-/*
- * FUNCTION: pkix_pl_CRLEntry_RegisterSelf
- * DESCRIPTION:
- * Registers PKIX_CRLEntry_TYPE and its related functions with systemClasses[]
- * THREAD SAFETY:
- * Not Thread Safe - for performance and complexity reasons
- *
- * Since this function is only called by PKIX_PL_Initialize, which should
- * only be called once, it is acceptable that this function is not
- * thread-safe.
- */
-PKIX_Error *
-pkix_pl_CRLEntry_RegisterSelf(void *plContext)
-{
-
- extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
- pkix_ClassTable_Entry entry;
-
- PKIX_ENTER(CRLENTRY, "pkix_pl_CRLEntry_RegisterSelf");
-
- entry.description = "CRLEntry";
- entry.objCounter = 0;
- entry.typeObjectSize = sizeof(PKIX_PL_CRLEntry);
- entry.destructor = pkix_pl_CRLEntry_Destroy;
- entry.equalsFunction = pkix_pl_CRLEntry_Equals;
- entry.hashcodeFunction = pkix_pl_CRLEntry_Hashcode;
- entry.toStringFunction = pkix_pl_CRLEntry_ToString;
- entry.comparator = NULL;
- entry.duplicateFunction = pkix_duplicateImmutable;
-
- systemClasses[PKIX_CRLENTRY_TYPE] = entry;
-
- PKIX_RETURN(CRLENTRY);
-}
-
-/*
- * FUNCTION: pkix_pl_CRLEntry_CreateEntry
- * DESCRIPTION:
- *
- * Creates a new CRLEntry using the CertCrlEntry pointed to by "nssCrlEntry"
- * and stores it at "pCrlEntry". Once created, a CRLEntry is immutable.
- *
- * revokedCertificates SEQUENCE OF SEQUENCE {
- * userCertificate CertificateSerialNumber,
- * revocationDate Time,
- * crlEntryExtensions Extensions OPTIONAL
- * -- if present, MUST be v2
- *
- * PARAMETERS:
- * "nssCrlEntry"
- * Address of CERTCrlEntry representing an NSS CRL entry.
- * Must be non-NULL.
- * "pCrlEntry"
- * Address where object pointer will be stored. Must be non-NULL.
- * "plContext"
- * Platform-specific context pointer.
- * THREAD SAFETY:
- * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
- * RETURNS:
- * Returns NULL if the function succeeds.
- * Returns a CRLEntry Error if the function fails in a non-fatal way.
- * Returns a Fatal Error if the function fails in an unrecoverable way.
- */
-static PKIX_Error *
-pkix_pl_CRLEntry_CreateEntry(
- CERTCrlEntry *nssCrlEntry, /* entry data to be created from */
- PKIX_PL_CRLEntry **pCrlEntry,
- void *plContext)
-{
- PKIX_PL_CRLEntry *crlEntry = NULL;
-
- PKIX_ENTER(CRLENTRY, "pkix_pl_CRLEntry_CreateEntry");
- PKIX_NULLCHECK_TWO(nssCrlEntry, pCrlEntry);
-
- PKIX_CHECK(PKIX_PL_Object_Alloc
- (PKIX_CRLENTRY_TYPE,
- sizeof (PKIX_PL_CRLEntry),
- (PKIX_PL_Object **)&crlEntry,
- plContext),
- PKIX_COULDNOTCREATECRLENTRYOBJECT);
-
- crlEntry->nssCrlEntry = nssCrlEntry;
- crlEntry->serialNumber = NULL;
- crlEntry->critExtOids = NULL;
- crlEntry->userReasonCode = 0;
- crlEntry->userReasonCodeAbsent = PKIX_FALSE;
-
- *pCrlEntry = crlEntry;
-
-cleanup:
-
- PKIX_RETURN(CRLENTRY);
-}
-
-/*
- * FUNCTION: pkix_pl_CRLEntry_Create
- * DESCRIPTION:
- *
- * Creates a List of CRLEntries using the array of CERTCrlEntries pointed to
- * by "nssCrlEntries" and stores it at "pCrlEntryList". If "nssCrlEntries" is
- * NULL, this function stores an empty List at "pCrlEntryList".
- * }
- * PARAMETERS:
- * "nssCrlEntries"
- * Address of array of CERTCrlEntries representing NSS CRL entries.
- * Can be NULL if CRL has no NSS CRL entries.
- * "pCrlEntryList"
- * Address where object pointer will be stored. Must be non-NULL.
- * "plContext"
- * Platform-specific context pointer.
- * THREAD SAFETY:
- * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
- * RETURNS:
- * Returns NULL if the function succeeds.
- * Returns a CRLEntry Error if the function fails in a non-fatal way.
- * Returns a Fatal Error if the function fails in an unrecoverable way.
- */
-PKIX_Error *
-pkix_pl_CRLEntry_Create(
- CERTCrlEntry **nssCrlEntries, /* head of entry list */
- PKIX_List **pCrlEntryList,
- void *plContext)
-{
- PKIX_List *entryList = NULL;
- PKIX_PL_CRLEntry *crlEntry = NULL;
- CERTCrlEntry **entries = NULL;
- SECItem serialNumberItem;
- PKIX_PL_BigInt *serialNumber;
- char *bytes = NULL;
- PKIX_UInt32 length;
-
- PKIX_ENTER(CRLENTRY, "pkix_pl_CRLEntry_Create");
- PKIX_NULLCHECK_ONE(pCrlEntryList);
-
- entries = nssCrlEntries;
-
- PKIX_CHECK(PKIX_List_Create(&entryList, plContext),
- PKIX_LISTCREATEFAILED);
-
- if (entries) {
- while (*entries){
- PKIX_CHECK(pkix_pl_CRLEntry_CreateEntry
- (*entries, &crlEntry, plContext),
- PKIX_COULDNOTCREATECRLENTRYOBJECT);
-
- /* Get Serial Number */
- serialNumberItem = (*entries)->serialNumber;
- length = serialNumberItem.len;
- bytes = (char *)serialNumberItem.data;
-
- PKIX_CHECK(pkix_pl_BigInt_CreateWithBytes
- (bytes, length, &serialNumber, plContext),
- PKIX_BIGINTCREATEWITHBYTESFAILED);
-
- crlEntry->serialNumber = serialNumber;
- crlEntry->nssCrlEntry = *entries;
-
- PKIX_CHECK(PKIX_List_AppendItem
- (entryList, (PKIX_PL_Object *)crlEntry, plContext),
- PKIX_LISTAPPENDITEMFAILED);
-
- PKIX_DECREF(crlEntry);
-
- entries++;
- }
- }
-
- *pCrlEntryList = entryList;
-
-cleanup:
- PKIX_DECREF(crlEntry);
-
- if (PKIX_ERROR_RECEIVED){
- PKIX_DECREF(entryList);
- }
-
- PKIX_RETURN(CRLENTRY);
-}
-
-/* --Public-CRLENTRY-Functions------------------------------------- */
-
-/*
- * FUNCTION: PKIX_PL_CRLEntry_GetCRLEntryReasonCode
- * (see comments in pkix_pl_pki.h)
- */
-PKIX_Error *
-PKIX_PL_CRLEntry_GetCRLEntryReasonCode (
- PKIX_PL_CRLEntry *crlEntry,
- PKIX_Int32 *pReason,
- void *plContext)
-{
- SECStatus status;
- CERTCRLEntryReasonCode nssReasonCode;
-
- PKIX_ENTER(CRLENTRY, "PKIX_PL_CRLEntry_GetCRLEntryReasonCode");
- PKIX_NULLCHECK_TWO(crlEntry, pReason);
-
- if (!crlEntry->userReasonCodeAbsent && crlEntry->userReasonCode == 0) {
-
- PKIX_OBJECT_LOCK(crlEntry);
-
- if (!crlEntry->userReasonCodeAbsent &&
- crlEntry->userReasonCode == 0) {
-
- /* reason code has not been cached in */
- PKIX_CRLENTRY_DEBUG("\t\tCERT_FindCRLEntryReasonExten.\n");
- status = CERT_FindCRLEntryReasonExten
- (crlEntry->nssCrlEntry, &nssReasonCode);
-
- if (status == SECSuccess) {
- crlEntry->userReasonCode = (PKIX_Int32) nssReasonCode;
- } else {
- crlEntry->userReasonCodeAbsent = PKIX_TRUE;
- }
- }
-
- PKIX_OBJECT_UNLOCK(crlEntry);
-
- }
-
- *pReason = crlEntry->userReasonCode;
-
-cleanup:
-
- PKIX_RETURN(CRLENTRY);
-}
-
-/*
- * FUNCTION: PKIX_PL_CRLEntry_GetCriticalExtensionOIDs
- * (see comments in pkix_pl_pki.h)
- */
-PKIX_Error *
-PKIX_PL_CRLEntry_GetCriticalExtensionOIDs (
- PKIX_PL_CRLEntry *crlEntry,
- PKIX_List **pList, /* list of PKIX_PL_OID */
- void *plContext)
-{
- PKIX_List *oidsList = NULL;
- CERTCertExtension **extensions;
-
- PKIX_ENTER(CRLENTRY, "PKIX_PL_CRLEntry_GetCriticalExtensionOIDs");
- PKIX_NULLCHECK_THREE(crlEntry, crlEntry->nssCrlEntry, pList);
-
- /* if we don't have a cached copy from before, we create one */
- if (crlEntry->critExtOids == NULL) {
-
- PKIX_OBJECT_LOCK(crlEntry);
-
- if (crlEntry->critExtOids == NULL) {
-
- extensions = crlEntry->nssCrlEntry->extensions;
-
- PKIX_CHECK(pkix_pl_OID_GetCriticalExtensionOIDs
- (extensions, &oidsList, plContext),
- PKIX_GETCRITICALEXTENSIONOIDSFAILED);
-
- crlEntry->critExtOids = oidsList;
- }
-
- PKIX_OBJECT_UNLOCK(crlEntry);
-
- }
-
- /* We should return a copy of the List since this list changes */
- PKIX_DUPLICATE(crlEntry->critExtOids, pList, plContext,
- PKIX_OBJECTDUPLICATELISTFAILED);
-
-cleanup:
-
- PKIX_RETURN(CRLENTRY);
-}
« no previous file with comments | « nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_crlentry.h ('k') | nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_date.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698