Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(121)

Unified Diff: nss/lib/certdb/certv3.c

Issue 2078763002: Delete bundled copy of NSS and replace with README. (Closed) Base URL: https://chromium.googlesource.com/chromium/deps/nss@master
Patch Set: Delete bundled copy of NSS and replace with README. Created 4 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « nss/lib/certdb/certt.h ('k') | nss/lib/certdb/certxutl.h » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: nss/lib/certdb/certv3.c
diff --git a/nss/lib/certdb/certv3.c b/nss/lib/certdb/certv3.c
deleted file mode 100644
index 4918ec1635c665510f608591e9efd22340ab10db..0000000000000000000000000000000000000000
--- a/nss/lib/certdb/certv3.c
+++ /dev/null
@@ -1,225 +0,0 @@
-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-/*
- * Code for dealing with X509.V3 extensions.
- */
-
-#include "cert.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "secder.h"
-#include "secasn1.h"
-#include "certxutl.h"
-#include "secerr.h"
-
-SECStatus
-CERT_FindCertExtensionByOID(CERTCertificate *cert, SECItem *oid, SECItem *value)
-{
- return (cert_FindExtensionByOID(cert->extensions, oid, value));
-}
-
-SECStatus
-CERT_FindCertExtension(const CERTCertificate *cert, int tag, SECItem *value)
-{
- return (cert_FindExtension(cert->extensions, tag, value));
-}
-
-static void
-SetExts(void *object, CERTCertExtension **exts)
-{
- CERTCertificate *cert = (CERTCertificate *)object;
-
- cert->extensions = exts;
- DER_SetUInteger(cert->arena, &(cert->version), SEC_CERTIFICATE_VERSION_3);
-}
-
-void *
-CERT_StartCertExtensions(CERTCertificate *cert)
-{
- return (cert_StartExtensions((void *)cert, cert->arena, SetExts));
-}
-
-/*
- * get the value of the Netscape Certificate Type Extension
- */
-SECStatus
-CERT_FindNSCertTypeExtension(CERTCertificate *cert, SECItem *retItem)
-{
-
- return (CERT_FindBitStringExtension(
- cert->extensions, SEC_OID_NS_CERT_EXT_CERT_TYPE, retItem));
-}
-
-/*
- * get the value of a string type extension
- */
-char *
-CERT_FindNSStringExtension(CERTCertificate *cert, int oidtag)
-{
- SECItem wrapperItem, tmpItem = { siBuffer, 0 };
- SECStatus rv;
- PLArenaPool *arena = NULL;
- char *retstring = NULL;
-
- wrapperItem.data = NULL;
- tmpItem.data = NULL;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-
- if (!arena) {
- goto loser;
- }
-
- rv = cert_FindExtension(cert->extensions, oidtag, &wrapperItem);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- rv = SEC_QuickDERDecodeItem(
- arena, &tmpItem, SEC_ASN1_GET(SEC_IA5StringTemplate), &wrapperItem);
-
- if (rv != SECSuccess) {
- goto loser;
- }
-
- retstring = (char *)PORT_Alloc(tmpItem.len + 1);
- if (retstring == NULL) {
- goto loser;
- }
-
- PORT_Memcpy(retstring, tmpItem.data, tmpItem.len);
- retstring[tmpItem.len] = '\0';
-
-loser:
- if (arena) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- if (wrapperItem.data) {
- PORT_Free(wrapperItem.data);
- }
-
- return (retstring);
-}
-
-/*
- * get the value of the X.509 v3 Key Usage Extension
- */
-SECStatus
-CERT_FindKeyUsageExtension(CERTCertificate *cert, SECItem *retItem)
-{
-
- return (CERT_FindBitStringExtension(cert->extensions,
- SEC_OID_X509_KEY_USAGE, retItem));
-}
-
-/*
- * get the value of the X.509 v3 Key Usage Extension
- */
-SECStatus
-CERT_FindSubjectKeyIDExtension(CERTCertificate *cert, SECItem *retItem)
-{
-
- SECStatus rv;
- SECItem encodedValue = { siBuffer, NULL, 0 };
- SECItem decodedValue = { siBuffer, NULL, 0 };
-
- rv = cert_FindExtension(cert->extensions, SEC_OID_X509_SUBJECT_KEY_ID,
- &encodedValue);
- if (rv == SECSuccess) {
- PLArenaPool *tmpArena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (tmpArena) {
- rv = SEC_QuickDERDecodeItem(tmpArena, &decodedValue,
- SEC_ASN1_GET(SEC_OctetStringTemplate),
- &encodedValue);
- if (rv == SECSuccess) {
- rv = SECITEM_CopyItem(NULL, retItem, &decodedValue);
- }
- PORT_FreeArena(tmpArena, PR_FALSE);
- } else {
- rv = SECFailure;
- }
- }
- SECITEM_FreeItem(&encodedValue, PR_FALSE);
- return rv;
-}
-
-SECStatus
-CERT_FindBasicConstraintExten(CERTCertificate *cert,
- CERTBasicConstraints *value)
-{
- SECItem encodedExtenValue;
- SECStatus rv;
-
- encodedExtenValue.data = NULL;
- encodedExtenValue.len = 0;
-
- rv = cert_FindExtension(cert->extensions, SEC_OID_X509_BASIC_CONSTRAINTS,
- &encodedExtenValue);
- if (rv != SECSuccess) {
- return (rv);
- }
-
- rv = CERT_DecodeBasicConstraintValue(value, &encodedExtenValue);
-
- /* free the raw extension data */
- PORT_Free(encodedExtenValue.data);
- encodedExtenValue.data = NULL;
-
- return (rv);
-}
-
-CERTAuthKeyID *
-CERT_FindAuthKeyIDExten(PLArenaPool *arena, CERTCertificate *cert)
-{
- SECItem encodedExtenValue;
- SECStatus rv;
- CERTAuthKeyID *ret;
-
- encodedExtenValue.data = NULL;
- encodedExtenValue.len = 0;
-
- rv = cert_FindExtension(cert->extensions, SEC_OID_X509_AUTH_KEY_ID,
- &encodedExtenValue);
- if (rv != SECSuccess) {
- return (NULL);
- }
-
- ret = CERT_DecodeAuthKeyID(arena, &encodedExtenValue);
-
- PORT_Free(encodedExtenValue.data);
- encodedExtenValue.data = NULL;
-
- return (ret);
-}
-
-SECStatus
-CERT_CheckCertUsage(CERTCertificate *cert, unsigned char usage)
-{
- SECItem keyUsage;
- SECStatus rv;
-
- /* There is no extension, v1 or v2 certificate */
- if (cert->extensions == NULL) {
- return (SECSuccess);
- }
-
- keyUsage.data = NULL;
-
- /* This code formerly ignored the Key Usage extension if it was
- ** marked non-critical. That was wrong. Since we do understand it,
- ** we are obligated to honor it, whether or not it is critical.
- */
- rv = CERT_FindKeyUsageExtension(cert, &keyUsage);
- if (rv == SECFailure) {
- rv = (PORT_GetError() == SEC_ERROR_EXTENSION_NOT_FOUND) ? SECSuccess
- : SECFailure;
- } else if (!(keyUsage.data[0] & usage)) {
- PORT_SetError(SEC_ERROR_CERT_USAGES_INVALID);
- rv = SECFailure;
- }
- PORT_Free(keyUsage.data);
- return (rv);
-}
« no previous file with comments | « nss/lib/certdb/certt.h ('k') | nss/lib/certdb/certxutl.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698