Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(896)

Unified Diff: nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_colcertstore.c

Issue 2078763002: Delete bundled copy of NSS and replace with README. (Closed) Base URL: https://chromium.googlesource.com/chromium/deps/nss@master
Patch Set: Delete bundled copy of NSS and replace with README. Created 4 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_colcertstore.c
diff --git a/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_colcertstore.c b/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_colcertstore.c
deleted file mode 100755
index 57004b7709c3553182736ae806288444b2913d23..0000000000000000000000000000000000000000
--- a/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_colcertstore.c
+++ /dev/null
@@ -1,1282 +0,0 @@
-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-/*
- * pkix_pl_colcertstore.c
- *
- * CollectionCertStore Function Definitions
- *
- */
-
-#include "pkix_pl_colcertstore.h"
-
-/*
- * This Object is going to be taken out from libpkix SOON. The following
- * function is copied from nss/cmd library, but not supported by NSS as
- * public API. We use it since ColCertStore are read in Cert/Crl from
- * files and need this support.
- */
-
-static SECStatus
-SECU_FileToItem(SECItem *dst, PRFileDesc *src)
-{
- PRFileInfo info;
- PRInt32 numBytes;
- PRStatus prStatus;
-
- prStatus = PR_GetOpenFileInfo(src, &info);
-
- if (prStatus != PR_SUCCESS) {
- PORT_SetError(SEC_ERROR_IO);
- return SECFailure;
- }
-
- /* XXX workaround for 3.1, not all utils zero dst before sending */
- dst->data = 0;
- if (!SECITEM_AllocItem(NULL, dst, info.size))
- goto loser;
-
- numBytes = PR_Read(src, dst->data, info.size);
- if (numBytes != info.size) {
- PORT_SetError(SEC_ERROR_IO);
- goto loser;
- }
-
- return SECSuccess;
-loser:
- SECITEM_FreeItem(dst, PR_FALSE);
- return SECFailure;
-}
-
-static SECStatus
-SECU_ReadDERFromFile(SECItem *der, PRFileDesc *inFile, PRBool ascii)
-{
- SECStatus rv;
- if (ascii) {
- /* First convert ascii to binary */
- SECItem filedata;
- char *asc, *body;
-
- /* Read in ascii data */
- rv = SECU_FileToItem(&filedata, inFile);
- asc = (char *)filedata.data;
- if (!asc) {
- fprintf(stderr, "unable to read data from input file\n");
- return SECFailure;
- }
-
- /* check for headers and trailers and remove them */
- if ((body = strstr(asc, "-----BEGIN")) != NULL) {
- char *trailer = NULL;
- asc = body;
- body = PORT_Strchr(body, '\n');
- if (!body)
- body = PORT_Strchr(asc, '\r'); /* maybe this is a MAC file */
- if (body)
- trailer = strstr(++body, "-----END");
- if (trailer != NULL) {
- *trailer = '\0';
- } else {
- fprintf(stderr, "input has header but no trailer\n");
- PORT_Free(filedata.data);
- return SECFailure;
- }
- } else {
- body = asc;
- }
-
- /* Convert to binary */
- rv = ATOB_ConvertAsciiToItem(der, body);
- if (rv) {
- return SECFailure;
- }
-
- PORT_Free(filedata.data);
- } else {
- /* Read in binary der */
- rv = SECU_FileToItem(der, inFile);
- if (rv) {
- return SECFailure;
- }
- }
- return SECSuccess;
-}
-
-/*
- * FUNCTION: PKIX_PL_CollectionCertStoreContext_Create
- * DESCRIPTION:
- *
- * Creates a new CollectionCertStoreContext using the String pointed to
- * by "storeDir" and stores it at "pColCertStoreContext".
- *
- * PARAMETERS:
- * "storeDir"
- * The absolute path where *.crl and *.crt files are located.
- * "pColCertStoreContext"
- * Address where object pointer will be stored. Must be non-NULL.
- * "plContext"
- * Platform-specific context pointer.
- * THREAD SAFETY:
- * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
- * RETURNS:
- * Returns NULL if the function succeeds.
- * Returns a CollectionCertStoreContext Error if the function fails in
- * a non-fatal way.
- * Returns a Fatal Error if the function fails in an unrecoverable way.
- */
-static PKIX_Error *
-pkix_pl_CollectionCertStoreContext_Create(
- PKIX_PL_String *storeDir,
- PKIX_PL_CollectionCertStoreContext **pColCertStoreContext,
- void *plContext)
-{
- PKIX_PL_CollectionCertStoreContext *colCertStoreContext = NULL;
-
- PKIX_ENTER(COLLECTIONCERTSTORECONTEXT,
- "pkix_pl_CollectionCertStoreContext_Create");
- PKIX_NULLCHECK_TWO(storeDir, pColCertStoreContext);
-
- PKIX_CHECK(PKIX_PL_Object_Alloc
- (PKIX_COLLECTIONCERTSTORECONTEXT_TYPE,
- sizeof (PKIX_PL_CollectionCertStoreContext),
- (PKIX_PL_Object **)&colCertStoreContext,
- plContext),
- PKIX_COULDNOTCREATECOLLECTIONCERTSTORECONTEXTOBJECT);
-
- PKIX_INCREF(storeDir);
- colCertStoreContext->storeDir = storeDir;
-
- colCertStoreContext->crlList = NULL;
- colCertStoreContext->certList = NULL;
-
- *pColCertStoreContext = colCertStoreContext;
- colCertStoreContext = NULL;
-
-cleanup:
-
- PKIX_DECREF(colCertStoreContext);
-
- PKIX_RETURN(COLLECTIONCERTSTORECONTEXT);
-}
-
-/*
- * FUNCTION: pkix_pl_CollectionCertStoreContext_Destroy
- * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
- */
-static PKIX_Error *
-pkix_pl_CollectionCertStoreContext_Destroy(
- PKIX_PL_Object *object,
- void *plContext)
-{
- PKIX_PL_CollectionCertStoreContext *colCertStoreContext = NULL;
-
- PKIX_ENTER(COLLECTIONCERTSTORECONTEXT,
- "pkix_pl_CollectionCertStoreContext_Destroy");
- PKIX_NULLCHECK_ONE(object);
-
- PKIX_CHECK(pkix_CheckType
- (object, PKIX_COLLECTIONCERTSTORECONTEXT_TYPE, plContext),
- PKIX_OBJECTNOTCOLLECTIONCERTSTORECONTEXT);
-
- colCertStoreContext = (PKIX_PL_CollectionCertStoreContext *)object;
-
- PKIX_DECREF(colCertStoreContext->storeDir);
- PKIX_DECREF(colCertStoreContext->crlList);
- PKIX_DECREF(colCertStoreContext->certList);
-
-cleanup:
- PKIX_RETURN(COLLECTIONCERTSTORECONTEXT);
-}
-
-/*
- * FUNCTION: pkix_pl_CollectionCertStoreContext_Hashcode
- * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
- */
-static PKIX_Error *
-pkix_pl_CollectionCertStoreContext_Hashcode(
- PKIX_PL_Object *object,
- PKIX_UInt32 *pHashcode,
- void *plContext)
-{
- PKIX_PL_CollectionCertStoreContext *collectionCSContext = NULL;
- PKIX_UInt32 tempHash = 0;
-
- PKIX_ENTER(COLLECTIONCERTSTORECONTEXT,
- "pkix_pl_CollectionCertStoreContext_Hashcode");
- PKIX_NULLCHECK_TWO(object, pHashcode);
-
- PKIX_CHECK(pkix_CheckType
- (object,
- PKIX_COLLECTIONCERTSTORECONTEXT_TYPE,
- plContext),
- PKIX_OBJECTNOTCOLLECTIONCERTSTORECONTEXT);
-
- collectionCSContext = (PKIX_PL_CollectionCertStoreContext *)object;
-
- PKIX_CHECK(PKIX_PL_Object_Hashcode
- ((PKIX_PL_Object *) collectionCSContext->storeDir,
- &tempHash,
- plContext),
- PKIX_STRINGHASHCODEFAILED);
-
- *pHashcode = tempHash << 7;
-
- /* should not hash on crlList and certList, values are dynamic */
-
-cleanup:
- PKIX_RETURN(COLLECTIONCERTSTORECONTEXT);
-}
-
-/*
- * FUNCTION: pkix_pl_CollectionCertStoreContext_Equals
- * (see comments for PKIX_PL_EqualsCallback in pkix_pl_system.h)
- */
-static PKIX_Error *
-pkix_pl_CollectionCertStoreContext_Equals(
- PKIX_PL_Object *firstObject,
- PKIX_PL_Object *secondObject,
- PKIX_Int32 *pResult,
- void *plContext)
-{
- PKIX_PL_CollectionCertStoreContext *firstCCSContext = NULL;
- PKIX_PL_CollectionCertStoreContext *secondCCSContext = NULL;
- PKIX_Boolean cmpResult = 0;
-
- PKIX_ENTER(COLLECTIONCERTSTORECONTEXT,
- "pkix_pl_CollectionCertStoreContext_Equals");
- PKIX_NULLCHECK_THREE(firstObject, secondObject, pResult);
-
- PKIX_CHECK(pkix_CheckTypes
- (firstObject,
- secondObject,
- PKIX_COLLECTIONCERTSTORECONTEXT_TYPE,
- plContext),
- PKIX_OBJECTNOTCOLLECTIONCERTSTORECONTEXT);
-
- firstCCSContext = (PKIX_PL_CollectionCertStoreContext *)firstObject;
- secondCCSContext = (PKIX_PL_CollectionCertStoreContext *)secondObject;
-
- if (firstCCSContext->storeDir == secondCCSContext->storeDir) {
-
- cmpResult = PKIX_TRUE;
-
- } else {
-
- PKIX_CHECK(PKIX_PL_Object_Equals
- ((PKIX_PL_Object *) firstCCSContext->storeDir,
- (PKIX_PL_Object *) secondCCSContext->storeDir,
- &cmpResult,
- plContext),
- PKIX_STRINGEQUALSFAILED);
- }
-
- *pResult = cmpResult;
-
- /* should not check equal on crlList and certList, data are dynamic */
-
-cleanup:
- PKIX_RETURN(COLLECTIONCERTSTORECONTEXT);
-}
-
-/*
- * FUNCTION: pkix_pl_CollectionCertStore_CheckTrust
- * DESCRIPTION:
- * This function checks the trust status of this "cert" that was retrieved
- * from the CertStore "store" and returns its trust status at "pTrusted".
- *
- * PARAMETERS:
- * "store"
- * Address of the CertStore. Must be non-NULL.
- * "cert"
- * Address of the Cert. Must be non-NULL.
- * "pTrusted"
- * Address of PKIX_Boolean where the "cert" trust status is returned.
- * Must be non-NULL.
- * "plContext"
- * Platform-specific context pointer
- * THREAD SAFETY:
- * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
- * RETURNS:
- * Returns NULL if the function succeeds.
- * Returns a CertStore Error if the function fails in a non-fatal way.
- * Returns a Fatal Error if the function fails in an unrecoverable way.
- */
-static PKIX_Error *
-pkix_pl_CollectionCertStore_CheckTrust(
- PKIX_CertStore *store,
- PKIX_PL_Cert *cert,
- PKIX_Boolean *pTrusted,
- void *plContext)
-{
- PKIX_ENTER(CERTSTORE, "pkix_pl_CollectionCertStore_CheckTrust");
- PKIX_NULLCHECK_THREE(store, cert, pTrusted);
-
- *pTrusted = PKIX_TRUE;
-
- PKIX_RETURN(CERTSTORE);
-}
-
-/*
- * FUNCTION: pkix_pl_CollectionCertStoreContext_CreateCert
- * DESCRIPTION:
- *
- * Creates Cert using data file path name pointed to by "certFileName" and
- * stores it at "pCert". If the Cert can not be decoded, NULL is stored
- * at "pCert".
- *
- * PARAMETERS
- * "certFileName" - Address of Cert data file path name. Must be non-NULL.
- * "pCert" - Address where object pointer will be stored. Must be non-NULL.
- * "plContext" - Platform-specific context pointer.
- * THREAD SAFETY:
- * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
- * RETURNS:
- * Returns NULL if the function succeeds.
- * Returns a CollectionCertStoreContext Error if the function fails in
- * a non-fatal way.
- * Returns a Fatal Error if the function fails in an unrecoverable way.
- */
-static PKIX_Error *
-pkix_pl_CollectionCertStoreContext_CreateCert(
- const char *certFileName,
- PKIX_PL_Cert **pCert,
- void *plContext)
-{
- PKIX_PL_ByteArray *byteArray = NULL;
- PKIX_PL_Cert *cert = NULL;
- PRFileDesc *inFile = NULL;
- SECItem certDER;
- void *buf = NULL;
- PKIX_UInt32 len;
- SECStatus rv;
-
- PKIX_ENTER(COLLECTIONCERTSTORECONTEXT,
- "pkix_pl_CollectionCertStoreContext_CreateCert");
- PKIX_NULLCHECK_TWO(certFileName, pCert);
-
- *pCert = NULL;
- certDER.data = NULL;
-
- PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG("\t\t Calling PR_Open.\n");
- inFile = PR_Open(certFileName, PR_RDONLY, 0);
-
- if (!inFile){
- PKIX_ERROR(PKIX_UNABLETOOPENCERTFILE);
- } else {
- PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG
- ("\t\t Calling SECU_ReadDerFromFile.\n");
- rv = SECU_ReadDERFromFile(&certDER, inFile, PR_FALSE);
- if (!rv){
- buf = (void *)certDER.data;
- len = certDER.len;
-
- PKIX_CHECK(PKIX_PL_ByteArray_Create
- (buf, len, &byteArray, plContext),
- PKIX_BYTEARRAYCREATEFAILED);
-
- PKIX_CHECK(PKIX_PL_Cert_Create
- (byteArray, &cert, plContext),
- PKIX_CERTCREATEFAILED);
-
- PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG
- ("\t\t Calling SECITEM_FreeItem.\n");
- SECITEM_FreeItem(&certDER, PR_FALSE);
-
- } else {
- PKIX_ERROR(PKIX_UNABLETOREADDERFROMCERTFILE);
- }
- }
-
- *pCert = cert;
-
-cleanup:
- if (inFile){
- PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG
- ("\t\t Calling PR_CloseDir.\n");
- PR_Close(inFile);
- }
-
- if (PKIX_ERROR_RECEIVED){
- PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG
- ("\t\t Calling SECITEM_FreeItem).\n");
- SECITEM_FreeItem(&certDER, PR_FALSE);
-
- PKIX_DECREF(cert);
- }
- PKIX_DECREF(byteArray);
- PKIX_RETURN(COLLECTIONCERTSTORECONTEXT);
-}
-
-
-/*
- * FUNCTION: pkix_pl_CollectionCertStoreContext_CreateCRL
- * DESCRIPTION:
- *
- * Creates CRL using data file path name pointed to by "crlFileName" and
- * stores it at "pCrl". If the CRL can not be decoded, NULL is stored
- * at "pCrl".
- *
- * PARAMETERS
- * "crlFileName" - Address of CRL data file path name. Must be non-NULL.
- * "pCrl" - Address where object pointer will be stored. Must be non-NULL.
- * "plContext" - Platform-specific context pointer.
- * THREAD SAFETY:
- * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
- * RETURNS:
- * Returns NULL if the function succeeds.
- * Returns a CollectionCertStoreContext Error if the function fails in
- * a non-fatal way.
- * Returns a Fatal Error if the function fails in an unrecoverable way.
- */
-static PKIX_Error *
-pkix_pl_CollectionCertStoreContext_CreateCRL(
- const char *crlFileName,
- PKIX_PL_CRL **pCrl,
- void *plContext)
-{
- PKIX_PL_ByteArray *byteArray = NULL;
- PKIX_PL_CRL *crl = NULL;
- PRFileDesc *inFile = NULL;
- SECItem crlDER;
- void *buf = NULL;
- PKIX_UInt32 len;
- SECStatus rv;
-
- PKIX_ENTER(COLLECTIONCERTSTORECONTEXT,
- "pkix_pl_CollectionCertStoreContext_CreateCRL");
- PKIX_NULLCHECK_TWO(crlFileName, pCrl);
-
- *pCrl = NULL;
- crlDER.data = NULL;
-
- PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG("\t\t Calling PR_Open.\n");
- inFile = PR_Open(crlFileName, PR_RDONLY, 0);
-
- if (!inFile){
- PKIX_ERROR(PKIX_UNABLETOOPENCRLFILE);
- } else {
- PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG
- ("\t\t Calling SECU_ReadDerFromFile.\n");
- rv = SECU_ReadDERFromFile(&crlDER, inFile, PR_FALSE);
- if (!rv){
- buf = (void *)crlDER.data;
- len = crlDER.len;
-
- PKIX_CHECK(PKIX_PL_ByteArray_Create
- (buf, len, &byteArray, plContext),
- PKIX_BYTEARRAYCREATEFAILED);
-
- PKIX_CHECK(PKIX_PL_CRL_Create
- (byteArray, &crl, plContext),
- PKIX_CRLCREATEFAILED);
-
- PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG
- ("\t\t Calling SECITEM_FreeItem.\n");
- SECITEM_FreeItem(&crlDER, PR_FALSE);
-
- } else {
- PKIX_ERROR(PKIX_UNABLETOREADDERFROMCRLFILE);
- }
- }
-
- *pCrl = crl;
-
-cleanup:
- if (inFile){
- PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG
- ("\t\t Calling PR_CloseDir.\n");
- PR_Close(inFile);
- }
-
- if (PKIX_ERROR_RECEIVED){
- PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG
- ("\t\t Calling SECITEM_FreeItem).\n");
- SECITEM_FreeItem(&crlDER, PR_FALSE);
-
- PKIX_DECREF(crl);
- if (crlDER.data != NULL) {
- SECITEM_FreeItem(&crlDER, PR_FALSE);
- }
- }
-
- PKIX_DECREF(byteArray);
-
- PKIX_RETURN(COLLECTIONCERTSTORECONTEXT);
-}
-
-/*
- * FUNCTION: pkix_pl_CollectionCertStoreContext_PopulateCert
- * DESCRIPTION:
- *
- * Create list of Certs from *.crt files at directory specified in dirName,
- * Not recursive to sub-directory. Also assume the directory contents are
- * not changed dynamically.
- *
- * PARAMETERS
- * "colCertStoreContext" - Address of CollectionCertStoreContext
- * where the dirName is specified and where the return
- * Certs are stored as a list. Must be non-NULL.
- * "plContext" - Platform-specific context pointer.
- *
- * THREAD SAFETY:
- * Not Thread Safe - A lock at top level is required.
- *
- * RETURNS:
- * Returns NULL if the function succeeds.
- * Returns a CollectionCertStoreContext Error if the function fails in
- * a non-fatal way.
- * Returns a Fatal Error if the function fails in an unrecoverable way.
- */
-static PKIX_Error *
-pkix_pl_CollectionCertStoreContext_PopulateCert(
- PKIX_PL_CollectionCertStoreContext *colCertStoreContext,
- void *plContext)
-{
- PKIX_List *certList = NULL;
- PKIX_PL_Cert *certItem = NULL;
- char *dirName = NULL;
- char *pathName = NULL;
- PKIX_UInt32 dirNameLen = 0;
- PRErrorCode prError = 0;
- PRDir *dir = NULL;
- PRDirEntry *dirEntry = NULL;
-
- PKIX_ENTER(COLLECTIONCERTSTORECONTEXT,
- "pkix_pl_CollectionCertStoreContext_PopulateCert");
- PKIX_NULLCHECK_ONE(colCertStoreContext);
-
- /* convert directory to ascii */
-
- PKIX_CHECK(PKIX_PL_String_GetEncoded
- (colCertStoreContext->storeDir,
- PKIX_ESCASCII,
- (void **)&dirName,
- &dirNameLen,
- plContext),
- PKIX_STRINGGETENCODEDFAILED);
-
- /* create cert list, if no cert file, should return an empty list */
-
- PKIX_CHECK(PKIX_List_Create(&certList, plContext),
- PKIX_LISTCREATEFAILED);
-
- /* open directory and read in .crt files */
-
- PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG("\t\t Calling PR_OpenDir.\n");
- dir = PR_OpenDir(dirName);
-
- if (!dir) {
- PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG_ARG
- ("\t\t Directory Name:%s\n", dirName);
- PKIX_ERROR(PKIX_CANNOTOPENCOLLECTIONCERTSTORECONTEXTDIRECTORY);
- }
-
- PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG("\t\t Calling PR_ReadDir.\n");
- dirEntry = PR_ReadDir(dir, PR_SKIP_HIDDEN | PR_SKIP_BOTH);
-
- if (!dirEntry) {
- PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG
- ("\t\t Empty directory.\n");
- PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG
- ("\t\t Calling PR_GetError.\n");
- prError = PR_GetError();
- }
-
- PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG("\t\t Calling PR_SetError.\n");
- PR_SetError(0, 0);
-
- while (dirEntry != NULL && prError == 0) {
- if (PL_strrstr(dirEntry->name, ".crt") ==
- dirEntry->name + PL_strlen(dirEntry->name) - 4) {
-
- PKIX_CHECK_ONLY_FATAL
- (PKIX_PL_Malloc
- (dirNameLen + PL_strlen(dirEntry->name) + 2,
- (void **)&pathName,
- plContext),
- PKIX_MALLOCFAILED);
-
- if ((!PKIX_ERROR_RECEIVED) && (pathName != NULL)){
-
- PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG
- ("\t\t Calling PL_strcpy for dirName.\n");
- PL_strcpy(pathName, dirName);
- PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG
- ("\t\t Calling PL_strcat for dirName.\n");
- PL_strcat(pathName, "/");
- PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG
- ("\t\t Calling PL_strcat for /.\n");
- PL_strcat(pathName, dirEntry->name);
-
- PKIX_CHECK_ONLY_FATAL
- (pkix_pl_CollectionCertStoreContext_CreateCert
- (pathName, &certItem, plContext),
- PKIX_COLLECTIONCERTSTORECONTEXTCREATECERTFAILED);
-
- if (!PKIX_ERROR_RECEIVED){
- PKIX_CHECK_ONLY_FATAL
- (PKIX_List_AppendItem
- (certList,
- (PKIX_PL_Object *)certItem,
- plContext),
- PKIX_LISTAPPENDITEMFAILED);
- }
- }
-
- PKIX_DECREF(certItem);
- PKIX_FREE(pathName);
- }
-
- PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG
- ("\t\t Calling PR_SetError.\n");
- PR_SetError(0, 0);
-
- PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG
- ("\t\t Calling PR_ReadDir.\n");
- dirEntry = PR_ReadDir(dir, PR_SKIP_HIDDEN | PR_SKIP_BOTH);
-
- if (!dirEntry) {
- PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG
- ("\t\t Calling PR_GetError.\n");
- prError = PR_GetError();
- }
- }
-
- if ((prError != 0) && (prError != PR_NO_MORE_FILES_ERROR)) {
- PKIX_ERROR(PKIX_COLLECTIONCERTSTOREPOPULATECERTFAILED);
- }
-
- PKIX_CHECK(PKIX_List_SetImmutable(certList, plContext),
- PKIX_LISTSETIMMUTABLEFAILED);
-
- PKIX_INCREF(certList);
- colCertStoreContext->certList = certList;
-
-cleanup:
- if (dir) {
- PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG
- ("\t\t Calling PR_CloseDir.\n");
- PR_CloseDir(dir);
- }
-
- PKIX_FREE(pathName);
- PKIX_FREE(dirName);
-
- if (PKIX_ERROR_RECEIVED){
- PKIX_DECREF(certList);
- }
-
- PKIX_DECREF(certItem);
- PKIX_DECREF(certList);
-
- PKIX_RETURN(COLLECTIONCERTSTORECONTEXT);
-}
-
-/*
- * FUNCTION: pkix_pl_CollectionCertStoreContext_PopulateCRL
- * DESCRIPTION:
- *
- * Create list of CRLs from *.crl files at directory specified in dirName,
- * Not recursive to sub-dirctory. Also assume the directory contents are
- * not changed dynamically.
- *
- * PARAMETERS
- * "colCertStoreContext" - Address of CollectionCertStoreContext
- * where the dirName is specified and where the return
- * CRLs are stored as a list. Must be non-NULL.
- * "plContext" - Platform-specific context pointer.
- *
- * THREAD SAFETY:
- * Not Thread Safe - A lock at top level is required.
- *
- * RETURNS:
- * Returns NULL if the function succeeds.
- * Returns a CollectionCertStoreContext Error if the function fails in
- * a non-fatal way.
- * Returns a Fatal Error if the function fails in an unrecoverable way.
- */
-static PKIX_Error *
-pkix_pl_CollectionCertStoreContext_PopulateCRL(
- PKIX_PL_CollectionCertStoreContext *colCertStoreContext,
- void *plContext)
-{
- PKIX_List *crlList = NULL;
- PKIX_PL_CRL *crlItem = NULL;
- char *dirName = NULL;
- char *pathName = NULL;
- PKIX_UInt32 dirNameLen = 0;
- PRErrorCode prError = 0;
- PRDir *dir = NULL;
- PRDirEntry *dirEntry = NULL;
-
- PKIX_ENTER(COLLECTIONCERTSTORECONTEXT,
- "pkix_pl_CollectionCertStoreContext_PopulateCRL");
- PKIX_NULLCHECK_ONE(colCertStoreContext);
-
- /* convert directory to ascii */
-
- PKIX_CHECK(PKIX_PL_String_GetEncoded
- (colCertStoreContext->storeDir,
- PKIX_ESCASCII,
- (void **)&dirName,
- &dirNameLen,
- plContext),
- PKIX_STRINGGETENCODEDFAILED);
-
- /* create CRL list, if no CRL file, should return an empty list */
-
- PKIX_CHECK(PKIX_List_Create(&crlList, plContext),
- PKIX_LISTCREATEFAILED);
-
- /* open directory and read in .crl files */
-
- PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG("\t\t Calling PR_OpenDir.\n");
- dir = PR_OpenDir(dirName);
-
- if (!dir) {
- PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG_ARG
- ("\t\t Directory Name:%s\n", dirName);
- PKIX_ERROR(PKIX_CANNOTOPENCOLLECTIONCERTSTORECONTEXTDIRECTORY);
- }
-
- PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG("\t\t Calling PR_ReadDir.\n");
- dirEntry = PR_ReadDir(dir, PR_SKIP_HIDDEN | PR_SKIP_BOTH);
-
- if (!dirEntry) {
- PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG
- ("\t\t Empty directory.\n");
- PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG
- ("\t\t Calling PR_GetError.\n");
- prError = PR_GetError();
- }
-
- PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG("\t\t Calling PR_SetError.\n");
- PR_SetError(0, 0);
-
- while (dirEntry != NULL && prError == 0) {
- if (PL_strrstr(dirEntry->name, ".crl") ==
- dirEntry->name + PL_strlen(dirEntry->name) - 4) {
-
- PKIX_CHECK_ONLY_FATAL
- (PKIX_PL_Malloc
- (dirNameLen + PL_strlen(dirEntry->name) + 2,
- (void **)&pathName,
- plContext),
- PKIX_MALLOCFAILED);
-
- if ((!PKIX_ERROR_RECEIVED) && (pathName != NULL)){
-
- PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG
- ("\t\t Calling PL_strcpy for dirName.\n");
- PL_strcpy(pathName, dirName);
- PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG
- ("\t\t Calling PL_strcat for dirName.\n");
- PL_strcat(pathName, "/");
- PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG
- ("\t\t Calling PL_strcat for /.\n");
- PL_strcat(pathName, dirEntry->name);
-
- PKIX_CHECK_ONLY_FATAL
- (pkix_pl_CollectionCertStoreContext_CreateCRL
- (pathName, &crlItem, plContext),
- PKIX_COLLECTIONCERTSTORECONTEXTCREATECRLFAILED);
-
- if (!PKIX_ERROR_RECEIVED){
- PKIX_CHECK_ONLY_FATAL
- (PKIX_List_AppendItem
- (crlList,
- (PKIX_PL_Object *)crlItem,
- plContext),
- PKIX_LISTAPPENDITEMFAILED);
- }
- }
-
- PKIX_DECREF(crlItem);
- PKIX_FREE(pathName);
- }
-
- PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG
- ("\t\t Calling PR_SetError.\n");
- PR_SetError(0, 0);
-
- PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG
- ("\t\t Calling PR_ReadDir.\n");
- dirEntry = PR_ReadDir(dir, PR_SKIP_HIDDEN | PR_SKIP_BOTH);
-
- if (!dirEntry) {
- PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG
- ("\t\t Calling PR_GetError.\n");
- prError = PR_GetError();
- }
- }
-
- if ((prError != 0) && (prError != PR_NO_MORE_FILES_ERROR)) {
- PKIX_ERROR(PKIX_COLLECTIONCERTSTORECONTEXTGETSELECTCRLFAILED);
- }
-
- PKIX_CHECK(PKIX_List_SetImmutable(crlList, plContext),
- PKIX_LISTSETIMMUTABLEFAILED);
-
- PKIX_INCREF(crlList);
- colCertStoreContext->crlList = crlList;
-
-cleanup:
- if (dir) {
- PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG
- ("\t\t Calling PR_CloseDir.\n");
- PR_CloseDir(dir);
- }
-
- PKIX_FREE(pathName);
- PKIX_FREE(dirName);
-
- if (PKIX_ERROR_RECEIVED){
- PKIX_DECREF(crlList);
- }
-
- PKIX_DECREF(crlItem);
- PKIX_DECREF(crlList);
-
- PKIX_RETURN(COLLECTIONCERTSTORECONTEXT);
-}
-
-/*
- * FUNCTION: pkix_pl_CollectionCertStoreContext_GetSelectedCert
- * DESCRIPTION:
- *
- * Finds the Certs that match the criterion of the CertSelector pointed
- * to by "selector" using the List of Certs pointed to by "certList" and
- * stores the matching Certs at "pSelectedCertList".
- *
- * Not recursive to sub-directory.
- *
- * PARAMETERS
- * "certList" - Address of List of Certs to be searched. Must be non-NULL.
- * "colCertStoreContext" - Address of CollectionCertStoreContext
- * where the cached Certs are stored.
- * "selector" - CertSelector for chosing Cert based on Params set
- * "pSelectedCertList" - Certs that qualified by selector.
- * "plContext" - Platform-specific context pointer.
- *
- * THREAD SAFETY:
- * Not Thread Safe - A lock at top level is required.
- *
- * RETURNS:
- * Returns NULL if the function succeeds.
- * Returns a CollectionCertStoreContext Error if the function fails in
- * a non-fatal way.
- * Returns a Fatal Error if the function fails in an unrecoverable way.
- */
-static PKIX_Error *
-pkix_pl_CollectionCertStoreContext_GetSelectedCert(
- PKIX_List *certList,
- PKIX_CertSelector *selector,
- PKIX_List **pSelectedCertList,
- void *plContext)
-{
- PKIX_List *selectCertList = NULL;
- PKIX_PL_Cert *certItem = NULL;
- PKIX_CertSelector_MatchCallback certSelectorMatch = NULL;
- PKIX_UInt32 numCerts = 0;
- PKIX_UInt32 i = 0;
-
- PKIX_ENTER(COLLECTIONCERTSTORECONTEXT,
- "pkix_pl_CollectionCertStoreContext_GetSelectedCert");
- PKIX_NULLCHECK_THREE(certList, selector, pSelectedCertList);
-
- PKIX_CHECK(PKIX_CertSelector_GetMatchCallback
- (selector, &certSelectorMatch, plContext),
- PKIX_CERTSELECTORGETMATCHCALLBACKFAILED);
-
- PKIX_CHECK(PKIX_List_GetLength(certList, &numCerts, plContext),
- PKIX_LISTGETLENGTHFAILED);
-
- if (certSelectorMatch) {
-
- PKIX_CHECK(PKIX_List_Create(&selectCertList, plContext),
- PKIX_LISTCREATEFAILED);
-
- for (i = 0; i < numCerts; i++) {
- PKIX_CHECK_ONLY_FATAL
- (PKIX_List_GetItem
- (certList,
- i,
- (PKIX_PL_Object **) &certItem,
- plContext),
- PKIX_LISTGETITEMFAILED);
-
- if (!PKIX_ERROR_RECEIVED){
- PKIX_CHECK_ONLY_FATAL
- (certSelectorMatch
- (selector, certItem, plContext),
- PKIX_CERTSELECTORMATCHFAILED);
-
- if (!PKIX_ERROR_RECEIVED){
- PKIX_CHECK_ONLY_FATAL
- (PKIX_List_AppendItem
- (selectCertList,
- (PKIX_PL_Object *)certItem,
- plContext),
- PKIX_LISTAPPENDITEMFAILED);
- }
- }
-
- PKIX_DECREF(certItem);
- }
-
- } else {
-
- PKIX_INCREF(certList);
-
- selectCertList = certList;
- }
-
- *pSelectedCertList = selectCertList;
-
-cleanup:
- PKIX_RETURN(COLLECTIONCERTSTORECONTEXT);
-}
-
-/*
- * FUNCTION: pkix_pl_CollectionCertStoreContext_GetSelectedCRL
- * DESCRIPTION:
- *
- * Finds the CRLs that match the criterion of the CRLSelector pointed
- * to by "selector" using the List of CRLs pointed to by "crlList" and
- * stores the matching CRLs at "pSelectedCrlList".
- *
- * Not recursive to sub-directory.
- *
- * PARAMETERS
- * "crlList" - Address of List of CRLs to be searched. Must be non-NULL
- * "selector" - CRLSelector for chosing CRL based on Params set
- * "pSelectedCrlList" - CRLs that qualified by selector.
- * "plContext" - Platform-specific context pointer.
- *
- * THREAD SAFETY:
- * Not Thread Safe - A lock at top level is required.
- *
- * RETURNS:
- * Returns NULL if the function succeeds.
- * Returns a CollectionCertStoreContext Error if the function fails in
- * a non-fatal way.
- * Returns a Fatal Error if the function fails in an unrecoverable way.
- */
-static PKIX_Error *
-pkix_pl_CollectionCertStoreContext_GetSelectedCRL(
- PKIX_List *crlList,
- PKIX_CRLSelector *selector,
- PKIX_List **pSelectedCrlList,
- void *plContext)
-{
- PKIX_List *selectCrlList = NULL;
- PKIX_PL_CRL *crlItem = NULL;
- PKIX_CRLSelector_MatchCallback crlSelectorMatch = NULL;
- PKIX_UInt32 numCrls = 0;
- PKIX_UInt32 i = 0;
- PKIX_Boolean match = PKIX_FALSE;
-
- PKIX_ENTER(COLLECTIONCERTSTORECONTEXT,
- "pkix_pl_CollectionCertStoreContext_GetSelectedCRL");
- PKIX_NULLCHECK_THREE(crlList, selector, pSelectedCrlList);
-
- PKIX_CHECK(PKIX_CRLSelector_GetMatchCallback
- (selector, &crlSelectorMatch, plContext),
- PKIX_CRLSELECTORGETMATCHCALLBACKFAILED);
-
- PKIX_CHECK(PKIX_List_GetLength(crlList, &numCrls, plContext),
- PKIX_LISTGETLENGTHFAILED);
-
- if (crlSelectorMatch) {
-
- PKIX_CHECK(PKIX_List_Create(&selectCrlList, plContext),
- PKIX_LISTCREATEFAILED);
-
- for (i = 0; i < numCrls; i++) {
- PKIX_CHECK_ONLY_FATAL(PKIX_List_GetItem
- (crlList,
- i,
- (PKIX_PL_Object **) &crlItem,
- plContext),
- PKIX_LISTGETITEMFAILED);
-
- if (!PKIX_ERROR_RECEIVED){
- PKIX_CHECK_ONLY_FATAL
- (crlSelectorMatch
- (selector, crlItem, &match, plContext),
- PKIX_CRLSELECTORMATCHFAILED);
-
- if (!(PKIX_ERROR_RECEIVED) && match) {
- PKIX_CHECK_ONLY_FATAL
- (PKIX_List_AppendItem
- (selectCrlList,
- (PKIX_PL_Object *)crlItem,
- plContext),
- PKIX_LISTAPPENDITEMFAILED);
- }
- }
-
- PKIX_DECREF(crlItem);
- }
- } else {
-
- PKIX_INCREF(crlList);
-
- selectCrlList = crlList;
- }
-
- /* Don't throw away the list if one CRL was bad! */
- pkixTempErrorReceived = PKIX_FALSE;
-
- *pSelectedCrlList = selectCrlList;
-
-cleanup:
- PKIX_RETURN(COLLECTIONCERTSTORECONTEXT);
-}
-
-/*
- * FUNCTION: pkix_pl_CollectionCertStore_GetCert
- * DESCRIPTION:
- *
- * Retrieve Certs in a list of PKIX_PL_Cert object.
- *
- * PARAMETERS:
- * "colCertStoreContext"
- * The object CertStore is the object passed in by checker call.
- * "crlSelector"
- * CRLSelector specifies criteria for chosing CRL's
- * "pNBIOContext"
- * Address where platform-dependent information is returned for CertStores
- * that use non-blocking I/O. Must be non-NULL.
- * "pCertList"
- * Address where object pointer will be returned. Must be non-NULL.
- * "plContext"
- * Platform-specific context pointer.
- * THREAD SAFETY:
- * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
- * RETURNS:
- * Returns NULL if the function succeeds.
- * Returns a CertStore Error if the function fails in
- * a non-fatal way.
- * Returns a Fatal Error if the function fails in an unrecoverable way.
- */
-PKIX_Error *
-pkix_pl_CollectionCertStore_GetCert(
- PKIX_CertStore *certStore,
- PKIX_CertSelector *selector,
- PKIX_VerifyNode *verifyNode,
- void **pNBIOContext,
- PKIX_List **pCerts,
- void *plContext)
-{
- PKIX_PL_CollectionCertStoreContext *colCertStoreContext = NULL;
- PKIX_List *selectedCerts = NULL;
-
- PKIX_ENTER(CERTSTORE, "pkix_pl_CollectionCertStore_GetCert");
- PKIX_NULLCHECK_FOUR(certStore, selector, pNBIOContext, pCerts);
-
- *pNBIOContext = NULL; /* We don't use non-blocking I/O */
-
- PKIX_CHECK(PKIX_CertStore_GetCertStoreContext
- (certStore,
- (PKIX_PL_Object **) &colCertStoreContext,
- plContext),
- PKIX_CERTSTOREGETCERTSTORECONTEXTFAILED);
-
- if (colCertStoreContext->certList == NULL) {
-
- PKIX_OBJECT_LOCK(colCertStoreContext);
-
- /*
- * Certs in the directory are cached based on the
- * assumption that the directory contents won't be
- * changed dynamically.
- */
- if (colCertStoreContext->certList == NULL){
- PKIX_CHECK(pkix_pl_CollectionCertStoreContext_PopulateCert
- (colCertStoreContext, plContext),
- PKIX_COLLECTIONCERTSTORECONTEXTPOPULATECERTFAILED);
- }
-
- PKIX_OBJECT_UNLOCK(colCertStoreContext);
- }
-
- PKIX_CHECK(pkix_pl_CollectionCertStoreContext_GetSelectedCert
- (colCertStoreContext->certList,
- selector,
- &selectedCerts,
- plContext),
- PKIX_COLLECTIONCERTSTORECONTEXTGETSELECTCERTFAILED);
-
- *pCerts = selectedCerts;
-
-cleanup:
- PKIX_OBJECT_UNLOCK(lockedObject);
- PKIX_DECREF(colCertStoreContext);
- PKIX_RETURN(CERTSTORE);
-}
-
-/*
- * FUNCTION: pkix_pl_CollectionCertStore_GetCRL
- * DESCRIPTION:
- *
- * Retrieve CRL's in a list of PKIX_PL_CRL object.
- *
- * PARAMETERS:
- * "colCertStoreContext"
- * The object CertStore is passed in by checker call.
- * "crlSelector"
- * CRLSelector specifies criteria for chosing CRL's
- * "pNBIOContext"
- * Address where platform-dependent information is returned for CertStores
- * that use non-blocking I/O. Must be non-NULL.
- * "pCrlList"
- * Address where object pointer will be returned. Must be non-NULL.
- * "plContext"
- * Platform-specific context pointer.
- * THREAD SAFETY:
- * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
- * RETURNS:
- * Returns NULL if the function succeeds.
- * Returns a CertStore Error if the function fails in
- * a non-fatal way.
- * Returns a Fatal Error if the function fails in an unrecoverable way.
- */
-PKIX_Error *
-pkix_pl_CollectionCertStore_GetCRL(
- PKIX_CertStore *certStore,
- PKIX_CRLSelector *selector,
- void **pNBIOContext,
- PKIX_List **pCrlList,
- void *plContext)
-{
- PKIX_PL_CollectionCertStoreContext *colCertStoreContext = NULL;
- PKIX_List *selectCrl = NULL;
-
- PKIX_ENTER(CERTSTORE, "pkix_pl_CollectionCertStore_GetCRL");
- PKIX_NULLCHECK_FOUR(certStore, selector, pNBIOContext, pCrlList);
-
- *pNBIOContext = NULL; /* We don't use non-blocking I/O */
-
- PKIX_CHECK(PKIX_CertStore_GetCertStoreContext
- (certStore,
- (PKIX_PL_Object **) &colCertStoreContext,
- plContext),
- PKIX_CERTSTOREGETCERTSTORECONTEXTFAILED);
-
- if (colCertStoreContext->crlList == NULL) {
-
- PKIX_OBJECT_LOCK(colCertStoreContext);
-
- /*
- * CRLs in the directory are cached based on the
- * assumption that the directory contents won't be
- * changed dynamically.
- */
- if (colCertStoreContext->crlList == NULL){
- PKIX_CHECK(pkix_pl_CollectionCertStoreContext_PopulateCRL
- (colCertStoreContext, plContext),
- PKIX_COLLECTIONCERTSTORECONTEXTPOPULATECRLFAILED);
- }
-
- PKIX_OBJECT_UNLOCK(colCertStoreContext);
-
- }
-
- PKIX_CHECK(pkix_pl_CollectionCertStoreContext_GetSelectedCRL
- (colCertStoreContext->crlList,
- selector,
- &selectCrl,
- plContext),
- PKIX_COLLECTIONCERTSTORECONTEXTGETSELECTCRLFAILED);
-
- *pCrlList = selectCrl;
-
-cleanup:
- PKIX_OBJECT_UNLOCK(lockedObject);
- PKIX_DECREF(colCertStoreContext);
- PKIX_RETURN(CERTSTORE);
-}
-
-/*
- * FUNCTION: pkix_pl_CollectionCertStoreContext_RegisterSelf
- * DESCRIPTION:
- *
- * Registers PKIX_PL_COLLECTIONCERTSTORECONTEXT_TYPE and its related
- * functions with systemClasses[]
- *
- * THREAD SAFETY:
- * Not Thread Safe - for performance and complexity reasons
- *
- * Since this function is only called by PKIX_PL_Initialize, which should
- * only be called once, it is acceptable that this function is not
- * thread-safe.
- */
-PKIX_Error *
-pkix_pl_CollectionCertStoreContext_RegisterSelf(void *plContext)
-{
- extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
- pkix_ClassTable_Entry entry;
-
- PKIX_ENTER(COLLECTIONCERTSTORECONTEXT,
- "pkix_pl_CollectionCertStoreContext_RegisterSelf");
-
- entry.description = "CollectionCertStoreContext";
- entry.objCounter = 0;
- entry.typeObjectSize = sizeof(PKIX_PL_CollectionCertStoreContext);
- entry.destructor = pkix_pl_CollectionCertStoreContext_Destroy;
- entry.equalsFunction = pkix_pl_CollectionCertStoreContext_Equals;
- entry.hashcodeFunction = pkix_pl_CollectionCertStoreContext_Hashcode;
- entry.toStringFunction = NULL;
- entry.comparator = NULL;
- entry.duplicateFunction = NULL;
-
- systemClasses[PKIX_COLLECTIONCERTSTORECONTEXT_TYPE] = entry;
-
- PKIX_RETURN(COLLECTIONCERTSTORECONTEXT);
-}
-
-/* --Public-CollectionCertStoreContext-Functions--------------------------- */
-
-/*
- * FUNCTION: PKIX_PL_CollectionCertStore_Create
- * (see comments in pkix_samples_modules.h)
- */
-PKIX_Error *
-PKIX_PL_CollectionCertStore_Create(
- PKIX_PL_String *storeDir,
- PKIX_CertStore **pCertStore,
- void *plContext)
-{
- PKIX_PL_CollectionCertStoreContext *colCertStoreContext = NULL;
- PKIX_CertStore *certStore = NULL;
-
- PKIX_ENTER(CERTSTORE, "PKIX_PL_CollectionCertStore_Create");
- PKIX_NULLCHECK_TWO(storeDir, pCertStore);
-
- PKIX_CHECK(pkix_pl_CollectionCertStoreContext_Create
- (storeDir, &colCertStoreContext, plContext),
- PKIX_COULDNOTCREATECOLLECTIONCERTSTORECONTEXTOBJECT);
-
- PKIX_CHECK(PKIX_CertStore_Create
- (pkix_pl_CollectionCertStore_GetCert,
- pkix_pl_CollectionCertStore_GetCRL,
- NULL, /* GetCertContinue */
- NULL, /* GetCRLContinue */
- pkix_pl_CollectionCertStore_CheckTrust,
- NULL, /* can not store crls */
- NULL, /* can not do revocation check */
- (PKIX_PL_Object *)colCertStoreContext,
- PKIX_TRUE, /* cache flag */
- PKIX_TRUE, /* local - no network I/O */
- &certStore,
- plContext),
- PKIX_CERTSTORECREATEFAILED);
-
- PKIX_DECREF(colCertStoreContext);
-
- *pCertStore = certStore;
-
-cleanup:
- PKIX_RETURN(CERTSTORE);
-}
« no previous file with comments | « nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_colcertstore.h ('k') | nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_httpcertstore.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698