Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(2119)

Unified Diff: nss/lib/certdb/secname.c

Issue 2078763002: Delete bundled copy of NSS and replace with README. (Closed) Base URL: https://chromium.googlesource.com/chromium/deps/nss@master
Patch Set: Delete bundled copy of NSS and replace with README. Created 4 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « nss/lib/certdb/polcyxtn.c ('k') | nss/lib/certdb/stanpcertdb.c » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: nss/lib/certdb/secname.c
diff --git a/nss/lib/certdb/secname.c b/nss/lib/certdb/secname.c
deleted file mode 100644
index 1fcae97762f2eef9adc1490659a921f7844130b0..0000000000000000000000000000000000000000
--- a/nss/lib/certdb/secname.c
+++ /dev/null
@@ -1,708 +0,0 @@
-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-#include "cert.h"
-#include "secoid.h"
-#include "secder.h" /* XXX remove this when remove the DERTemplates */
-#include "secasn1.h"
-#include "secitem.h"
-#include <stdarg.h>
-#include "secerr.h"
-#include "certi.h"
-
-static const SEC_ASN1Template cert_AVATemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CERTAVA) },
- { SEC_ASN1_OBJECT_ID, offsetof(CERTAVA, type) },
- { SEC_ASN1_ANY, offsetof(CERTAVA, value) },
- { 0 }
-};
-
-const SEC_ASN1Template CERT_RDNTemplate[] = {
- { SEC_ASN1_SET_OF, offsetof(CERTRDN, avas), cert_AVATemplate,
- sizeof(CERTRDN) }
-};
-
-static int
-CountArray(void **array)
-{
- int count = 0;
- if (array) {
- while (*array++) {
- count++;
- }
- }
- return count;
-}
-
-static void **
-AddToArray(PLArenaPool *arena, void **array, void *element)
-{
- unsigned count;
- void **ap;
-
- /* Count up number of slots already in use in the array */
- count = 0;
- ap = array;
- if (ap) {
- while (*ap++) {
- count++;
- }
- }
-
- if (array) {
- array =
- (void **)PORT_ArenaGrow(arena, array, (count + 1) * sizeof(void *),
- (count + 2) * sizeof(void *));
- } else {
- array = (void **)PORT_ArenaAlloc(arena, (count + 2) * sizeof(void *));
- }
- if (array) {
- array[count] = element;
- array[count + 1] = 0;
- }
- return array;
-}
-
-SECOidTag
-CERT_GetAVATag(CERTAVA *ava)
-{
- SECOidData *oid;
- if (!ava->type.data)
- return (SECOidTag)-1;
-
- oid = SECOID_FindOID(&ava->type);
-
- if (oid) {
- return (oid->offset);
- }
- return (SECOidTag)-1;
-}
-
-static SECStatus
-SetupAVAType(PLArenaPool *arena, SECOidTag type, SECItem *it, unsigned *maxLenp)
-{
- unsigned char *oid;
- unsigned oidLen;
- unsigned char *cp;
- int maxLen;
- SECOidData *oidrec;
-
- oidrec = SECOID_FindOIDByTag(type);
- if (oidrec == NULL)
- return SECFailure;
-
- oid = oidrec->oid.data;
- oidLen = oidrec->oid.len;
-
- maxLen = cert_AVAOidTagToMaxLen(type);
- if (maxLen < 0) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- it->data = cp = (unsigned char *)PORT_ArenaAlloc(arena, oidLen);
- if (cp == NULL) {
- return SECFailure;
- }
- it->len = oidLen;
- PORT_Memcpy(cp, oid, oidLen);
- *maxLenp = (unsigned)maxLen;
- return SECSuccess;
-}
-
-static SECStatus
-SetupAVAValue(PLArenaPool *arena, int valueType, const SECItem *in,
- SECItem *out, unsigned maxLen)
-{
- PRUint8 *value, *cp, *ucs4Val;
- unsigned valueLen, valueLenLen, total;
- unsigned ucs4Len = 0, ucs4MaxLen;
-
- value = in->data;
- valueLen = in->len;
- switch (valueType) {
- case SEC_ASN1_PRINTABLE_STRING:
- case SEC_ASN1_IA5_STRING:
- case SEC_ASN1_T61_STRING:
- case SEC_ASN1_UTF8_STRING: /* no conversion required */
- break;
- case SEC_ASN1_UNIVERSAL_STRING:
- ucs4MaxLen = valueLen * 6;
- ucs4Val = (PRUint8 *)PORT_ArenaZAlloc(arena, ucs4MaxLen);
- if (!ucs4Val ||
- !PORT_UCS4_UTF8Conversion(PR_TRUE, value, valueLen, ucs4Val,
- ucs4MaxLen, &ucs4Len)) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- value = ucs4Val;
- valueLen = ucs4Len;
- maxLen *= 4;
- break;
- default:
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- if (valueLen > maxLen) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- valueLenLen = DER_LengthLength(valueLen);
- total = 1 + valueLenLen + valueLen;
- cp = (PRUint8 *)PORT_ArenaAlloc(arena, total);
- if (!cp) {
- return SECFailure;
- }
- out->data = cp;
- out->len = total;
- cp = (PRUint8 *)DER_StoreHeader(cp, valueType, valueLen);
- PORT_Memcpy(cp, value, valueLen);
- return SECSuccess;
-}
-
-CERTAVA *
-CERT_CreateAVAFromRaw(PLArenaPool *pool, const SECItem *OID,
- const SECItem *value)
-{
- CERTAVA *ava;
- int rv;
-
- ava = PORT_ArenaZNew(pool, CERTAVA);
- if (ava) {
- rv = SECITEM_CopyItem(pool, &ava->type, OID);
- if (rv)
- return NULL;
-
- rv = SECITEM_CopyItem(pool, &ava->value, value);
- if (rv)
- return NULL;
- }
- return ava;
-}
-
-CERTAVA *
-CERT_CreateAVAFromSECItem(PLArenaPool *arena, SECOidTag kind, int valueType,
- SECItem *value)
-{
- CERTAVA *ava;
- int rv;
- unsigned maxLen;
-
- ava = (CERTAVA *)PORT_ArenaZAlloc(arena, sizeof(CERTAVA));
- if (ava) {
- rv = SetupAVAType(arena, kind, &ava->type, &maxLen);
- if (rv) {
- /* Illegal AVA type */
- return NULL;
- }
- rv = SetupAVAValue(arena, valueType, value, &ava->value, maxLen);
- if (rv) {
- /* Illegal value type */
- return NULL;
- }
- }
- return ava;
-}
-
-CERTAVA *
-CERT_CreateAVA(PLArenaPool *arena, SECOidTag kind, int valueType, char *value)
-{
- SECItem item = { siBuffer, NULL, 0 };
-
- item.data = (PRUint8 *)value;
- item.len = PORT_Strlen(value);
-
- return CERT_CreateAVAFromSECItem(arena, kind, valueType, &item);
-}
-
-CERTAVA *
-CERT_CopyAVA(PLArenaPool *arena, CERTAVA *from)
-{
- CERTAVA *ava;
- int rv;
-
- ava = (CERTAVA *)PORT_ArenaZAlloc(arena, sizeof(CERTAVA));
- if (ava) {
- rv = SECITEM_CopyItem(arena, &ava->type, &from->type);
- if (rv)
- goto loser;
- rv = SECITEM_CopyItem(arena, &ava->value, &from->value);
- if (rv)
- goto loser;
- }
- return ava;
-
-loser:
- return 0;
-}
-
-CERTRDN *
-CERT_CreateRDN(PLArenaPool *arena, CERTAVA *ava0, ...)
-{
- CERTAVA *ava;
- CERTRDN *rdn;
- va_list ap;
- unsigned count;
- CERTAVA **avap;
-
- rdn = (CERTRDN *)PORT_ArenaAlloc(arena, sizeof(CERTRDN));
- if (rdn) {
- /* Count number of avas going into the rdn */
- count = 0;
- if (ava0) {
- count++;
- va_start(ap, ava0);
- while ((ava = va_arg(ap, CERTAVA *)) != 0) {
- count++;
- }
- va_end(ap);
- }
-
- /* Now fill in the pointers */
- rdn->avas = avap =
- (CERTAVA **)PORT_ArenaAlloc(arena, (count + 1) * sizeof(CERTAVA *));
- if (!avap) {
- return 0;
- }
- if (ava0) {
- *avap++ = ava0;
- va_start(ap, ava0);
- while ((ava = va_arg(ap, CERTAVA *)) != 0) {
- *avap++ = ava;
- }
- va_end(ap);
- }
- *avap++ = 0;
- }
- return rdn;
-}
-
-SECStatus
-CERT_AddAVA(PLArenaPool *arena, CERTRDN *rdn, CERTAVA *ava)
-{
- rdn->avas = (CERTAVA **)AddToArray(arena, (void **)rdn->avas, ava);
- return rdn->avas ? SECSuccess : SECFailure;
-}
-
-SECStatus
-CERT_CopyRDN(PLArenaPool *arena, CERTRDN *to, CERTRDN *from)
-{
- CERTAVA **avas, *fava, *tava;
- SECStatus rv = SECSuccess;
-
- /* Copy each ava from from */
- avas = from->avas;
- if (avas) {
- if (avas[0] == NULL) {
- rv = CERT_AddAVA(arena, to, NULL);
- return rv;
- }
- while ((fava = *avas++) != 0) {
- tava = CERT_CopyAVA(arena, fava);
- if (!tava) {
- rv = SECFailure;
- break;
- }
- rv = CERT_AddAVA(arena, to, tava);
- if (rv != SECSuccess)
- break;
- }
- }
- return rv;
-}
-
-/************************************************************************/
-
-const SEC_ASN1Template CERT_NameTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, offsetof(CERTName, rdns), CERT_RDNTemplate,
- sizeof(CERTName) }
-};
-
-SEC_ASN1_CHOOSER_IMPLEMENT(CERT_NameTemplate)
-
-CERTName *
-CERT_CreateName(CERTRDN *rdn0, ...)
-{
- CERTRDN *rdn;
- CERTName *name;
- va_list ap;
- unsigned count;
- CERTRDN **rdnp;
- PLArenaPool *arena;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (!arena) {
- return (0);
- }
-
- name = (CERTName *)PORT_ArenaAlloc(arena, sizeof(CERTName));
- if (name) {
- name->arena = arena;
-
- /* Count number of RDNs going into the Name */
- if (!rdn0) {
- count = 0;
- } else {
- count = 1;
- va_start(ap, rdn0);
- while ((rdn = va_arg(ap, CERTRDN *)) != 0) {
- count++;
- }
- va_end(ap);
- }
-
- /* Allocate space (including space for terminal null ptr) */
- name->rdns = rdnp =
- (CERTRDN **)PORT_ArenaAlloc(arena, (count + 1) * sizeof(CERTRDN *));
- if (!name->rdns) {
- goto loser;
- }
-
- /* Now fill in the pointers */
- if (count > 0) {
- *rdnp++ = rdn0;
- va_start(ap, rdn0);
- while ((rdn = va_arg(ap, CERTRDN *)) != 0) {
- *rdnp++ = rdn;
- }
- va_end(ap);
- }
-
- /* null terminate the list */
- *rdnp++ = 0;
- }
- return name;
-
-loser:
- PORT_FreeArena(arena, PR_FALSE);
- return (0);
-}
-
-void
-CERT_DestroyName(CERTName *name)
-{
- if (name) {
- PLArenaPool *arena = name->arena;
- name->rdns = NULL;
- name->arena = NULL;
- if (arena)
- PORT_FreeArena(arena, PR_FALSE);
- }
-}
-
-SECStatus
-CERT_AddRDN(CERTName *name, CERTRDN *rdn)
-{
- name->rdns = (CERTRDN **)AddToArray(name->arena, (void **)name->rdns, rdn);
- return name->rdns ? SECSuccess : SECFailure;
-}
-
-SECStatus
-CERT_CopyName(PLArenaPool *arena, CERTName *to, const CERTName *from)
-{
- CERTRDN **rdns, *frdn, *trdn;
- SECStatus rv = SECSuccess;
-
- if (!to || !from) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- CERT_DestroyName(to);
- to->arena = arena;
-
- /* Copy each rdn from from */
- rdns = from->rdns;
- if (rdns) {
- if (rdns[0] == NULL) {
- rv = CERT_AddRDN(to, NULL);
- return rv;
- }
- while ((frdn = *rdns++) != NULL) {
- trdn = CERT_CreateRDN(arena, NULL);
- if (!trdn) {
- rv = SECFailure;
- break;
- }
- rv = CERT_CopyRDN(arena, trdn, frdn);
- if (rv != SECSuccess)
- break;
- rv = CERT_AddRDN(to, trdn);
- if (rv != SECSuccess)
- break;
- }
- }
- return rv;
-}
-
-/************************************************************************/
-
-static void
-canonicalize(SECItem *foo)
-{
- int ch, lastch, len, src, dest;
-
- /* strip trailing whitespace. */
- len = foo->len;
- while (len > 0 && ((ch = foo->data[len - 1]) == ' ' || ch == '\t' ||
- ch == '\r' || ch == '\n')) {
- len--;
- }
-
- src = 0;
- /* strip leading whitespace. */
- while (src < len && ((ch = foo->data[src]) == ' ' || ch == '\t' ||
- ch == '\r' || ch == '\n')) {
- src++;
- }
- dest = 0;
- lastch = ' ';
- while (src < len) {
- ch = foo->data[src++];
- if (ch == ' ' || ch == '\t' || ch == '\r' || ch == '\n') {
- ch = ' ';
- if (ch == lastch)
- continue;
- } else if (ch >= 'A' && ch <= 'Z') {
- ch |= 0x20; /* downshift */
- }
- foo->data[dest++] = lastch = ch;
- }
- foo->len = dest;
-}
-
-/* SECItems a and b contain DER-encoded printable strings. */
-SECComparison
-CERT_CompareDERPrintableStrings(const SECItem *a, const SECItem *b)
-{
- SECComparison rv = SECLessThan;
- SECItem *aVal = CERT_DecodeAVAValue(a);
- SECItem *bVal = CERT_DecodeAVAValue(b);
-
- if (aVal && aVal->len && aVal->data && bVal && bVal->len && bVal->data) {
- canonicalize(aVal);
- canonicalize(bVal);
- rv = SECITEM_CompareItem(aVal, bVal);
- }
- SECITEM_FreeItem(aVal, PR_TRUE);
- SECITEM_FreeItem(bVal, PR_TRUE);
- return rv;
-}
-
-SECComparison
-CERT_CompareAVA(const CERTAVA *a, const CERTAVA *b)
-{
- SECComparison rv;
-
- rv = SECITEM_CompareItem(&a->type, &b->type);
- if (SECEqual != rv)
- return rv; /* Attribute types don't match. */
- /* Let's be optimistic. Maybe the values will just compare equal. */
- rv = SECITEM_CompareItem(&a->value, &b->value);
- if (SECEqual == rv)
- return rv; /* values compared exactly. */
- if (a->value.len && a->value.data && b->value.len && b->value.data) {
- /* Here, the values did not match.
- ** If the values had different encodings, convert them to the same
- ** encoding and compare that way.
- */
- if (a->value.data[0] != b->value.data[0]) {
- /* encodings differ. Convert both to UTF-8 and compare. */
- SECItem *aVal = CERT_DecodeAVAValue(&a->value);
- SECItem *bVal = CERT_DecodeAVAValue(&b->value);
- if (aVal && aVal->len && aVal->data && bVal && bVal->len &&
- bVal->data) {
- rv = SECITEM_CompareItem(aVal, bVal);
- }
- SECITEM_FreeItem(aVal, PR_TRUE);
- SECITEM_FreeItem(bVal, PR_TRUE);
- } else if (a->value.data[0] == 0x13) { /* both are printable strings. */
- /* printable strings */
- rv = CERT_CompareDERPrintableStrings(&a->value, &b->value);
- }
- }
- return rv;
-}
-
-SECComparison
-CERT_CompareRDN(const CERTRDN *a, const CERTRDN *b)
-{
- CERTAVA **aavas, *aava;
- CERTAVA **bavas, *bava;
- int ac, bc;
- SECComparison rv = SECEqual;
-
- aavas = a->avas;
- bavas = b->avas;
-
- /*
- ** Make sure array of ava's are the same length. If not, then we are
- ** not equal
- */
- ac = CountArray((void **)aavas);
- bc = CountArray((void **)bavas);
- if (ac < bc)
- return SECLessThan;
- if (ac > bc)
- return SECGreaterThan;
-
- while (NULL != (aava = *aavas++)) {
- for (bavas = b->avas; NULL != (bava = *bavas++);) {
- rv = SECITEM_CompareItem(&aava->type, &bava->type);
- if (SECEqual == rv) {
- rv = CERT_CompareAVA(aava, bava);
- if (SECEqual != rv)
- return rv;
- break;
- }
- }
- if (!bava) /* didn't find a match */
- return SECGreaterThan;
- }
- return rv;
-}
-
-SECComparison
-CERT_CompareName(const CERTName *a, const CERTName *b)
-{
- CERTRDN **ardns, *ardn;
- CERTRDN **brdns, *brdn;
- int ac, bc;
- SECComparison rv = SECEqual;
-
- ardns = a->rdns;
- brdns = b->rdns;
-
- /*
- ** Make sure array of rdn's are the same length. If not, then we are
- ** not equal
- */
- ac = CountArray((void **)ardns);
- bc = CountArray((void **)brdns);
- if (ac < bc)
- return SECLessThan;
- if (ac > bc)
- return SECGreaterThan;
-
- for (;;) {
- ardn = *ardns++;
- brdn = *brdns++;
- if (!ardn) {
- break;
- }
- rv = CERT_CompareRDN(ardn, brdn);
- if (rv)
- return rv;
- }
- return rv;
-}
-
-/* Moved from certhtml.c */
-SECItem *
-CERT_DecodeAVAValue(const SECItem *derAVAValue)
-{
- SECItem *retItem;
- const SEC_ASN1Template *theTemplate = NULL;
- enum { conv_none, conv_ucs4, conv_ucs2, conv_iso88591 } convert = conv_none;
- SECItem avaValue = { siBuffer, 0 };
- PLArenaPool *newarena = NULL;
-
- if (!derAVAValue || !derAVAValue->len || !derAVAValue->data) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return NULL;
- }
-
- switch (derAVAValue->data[0]) {
- case SEC_ASN1_UNIVERSAL_STRING:
- convert = conv_ucs4;
- theTemplate = SEC_ASN1_GET(SEC_UniversalStringTemplate);
- break;
- case SEC_ASN1_IA5_STRING:
- theTemplate = SEC_ASN1_GET(SEC_IA5StringTemplate);
- break;
- case SEC_ASN1_PRINTABLE_STRING:
- theTemplate = SEC_ASN1_GET(SEC_PrintableStringTemplate);
- break;
- case SEC_ASN1_T61_STRING:
- /*
- * Per common practice, we're not decoding actual T.61, but instead
- * treating T61-labeled strings as containing ISO-8859-1.
- */
- convert = conv_iso88591;
- theTemplate = SEC_ASN1_GET(SEC_T61StringTemplate);
- break;
- case SEC_ASN1_BMP_STRING:
- convert = conv_ucs2;
- theTemplate = SEC_ASN1_GET(SEC_BMPStringTemplate);
- break;
- case SEC_ASN1_UTF8_STRING:
- /* No conversion needed ! */
- theTemplate = SEC_ASN1_GET(SEC_UTF8StringTemplate);
- break;
- default:
- PORT_SetError(SEC_ERROR_INVALID_AVA);
- return NULL;
- }
-
- PORT_Memset(&avaValue, 0, sizeof(SECItem));
- newarena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (!newarena) {
- return NULL;
- }
- if (SEC_QuickDERDecodeItem(newarena, &avaValue, theTemplate, derAVAValue) !=
- SECSuccess) {
- PORT_FreeArena(newarena, PR_FALSE);
- return NULL;
- }
-
- if (convert != conv_none) {
- unsigned int utf8ValLen = avaValue.len * 3;
- unsigned char *utf8Val =
- (unsigned char *)PORT_ArenaZAlloc(newarena, utf8ValLen);
-
- switch (convert) {
- case conv_ucs4:
- if (avaValue.len % 4 != 0 ||
- !PORT_UCS4_UTF8Conversion(PR_FALSE, avaValue.data,
- avaValue.len, utf8Val, utf8ValLen,
- &utf8ValLen)) {
- PORT_FreeArena(newarena, PR_FALSE);
- PORT_SetError(SEC_ERROR_INVALID_AVA);
- return NULL;
- }
- break;
- case conv_ucs2:
- if (avaValue.len % 2 != 0 ||
- !PORT_UCS2_UTF8Conversion(PR_FALSE, avaValue.data,
- avaValue.len, utf8Val, utf8ValLen,
- &utf8ValLen)) {
- PORT_FreeArena(newarena, PR_FALSE);
- PORT_SetError(SEC_ERROR_INVALID_AVA);
- return NULL;
- }
- break;
- case conv_iso88591:
- if (!PORT_ISO88591_UTF8Conversion(avaValue.data, avaValue.len,
- utf8Val, utf8ValLen,
- &utf8ValLen)) {
- PORT_FreeArena(newarena, PR_FALSE);
- PORT_SetError(SEC_ERROR_INVALID_AVA);
- return NULL;
- }
- break;
- case conv_none:
- PORT_Assert(0); /* not reached */
- break;
- }
-
- avaValue.data = utf8Val;
- avaValue.len = utf8ValLen;
- }
-
- retItem = SECITEM_DupItem(&avaValue);
- PORT_FreeArena(newarena, PR_FALSE);
- return retItem;
-}
« no previous file with comments | « nss/lib/certdb/polcyxtn.c ('k') | nss/lib/certdb/stanpcertdb.c » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698