Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(13)

Unified Diff: nss/lib/certdb/xbsconst.c

Issue 2078763002: Delete bundled copy of NSS and replace with README. (Closed) Base URL: https://chromium.googlesource.com/chromium/deps/nss@master
Patch Set: Delete bundled copy of NSS and replace with README. Created 4 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « nss/lib/certdb/xauthkid.c ('k') | nss/lib/certdb/xconst.h » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: nss/lib/certdb/xbsconst.c
diff --git a/nss/lib/certdb/xbsconst.c b/nss/lib/certdb/xbsconst.c
deleted file mode 100644
index 8a448eddfe9611c1de726c096fb051b5a5856c41..0000000000000000000000000000000000000000
--- a/nss/lib/certdb/xbsconst.c
+++ /dev/null
@@ -1,147 +0,0 @@
-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-/*
- * X.509 v3 Basic Constraints Extension
- */
-
-#include "prtypes.h"
-#include <limits.h> /* for LONG_MAX */
-#include "seccomon.h"
-#include "secdert.h"
-#include "secoidt.h"
-#include "secasn1t.h"
-#include "secasn1.h"
-#include "certt.h"
-#include "secder.h"
-#include "prprf.h"
-#include "secerr.h"
-
-typedef struct EncodedContext {
- SECItem isCA;
- SECItem pathLenConstraint;
- SECItem encodedValue;
- PLArenaPool *arena;
-} EncodedContext;
-
-static const SEC_ASN1Template CERTBasicConstraintsTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(EncodedContext) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_BOOLEAN, /* XXX DER_DEFAULT */
- offsetof(EncodedContext, isCA) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_INTEGER,
- offsetof(EncodedContext, pathLenConstraint) },
- { 0 }
-};
-
-static unsigned char hexTrue = 0xff;
-static unsigned char hexFalse = 0x00;
-
-#define GEN_BREAK(status) \
- rv = status; \
- break;
-
-SECStatus
-CERT_EncodeBasicConstraintValue(PLArenaPool *arena, CERTBasicConstraints *value,
- SECItem *encodedValue)
-{
- EncodedContext encodeContext;
- PLArenaPool *our_pool = NULL;
- SECStatus rv = SECSuccess;
-
- do {
- PORT_Memset(&encodeContext, 0, sizeof(encodeContext));
- if (!value->isCA && value->pathLenConstraint >= 0) {
- PORT_SetError(SEC_ERROR_EXTENSION_VALUE_INVALID);
- GEN_BREAK(SECFailure);
- }
-
- encodeContext.arena = arena;
- if (value->isCA == PR_TRUE) {
- encodeContext.isCA.data = &hexTrue;
- encodeContext.isCA.len = 1;
- }
-
- /* If the pathLenConstraint is less than 0, then it should be
- * omitted from the encoding.
- */
- if (value->isCA && value->pathLenConstraint >= 0) {
- our_pool = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
- if (our_pool == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- GEN_BREAK(SECFailure);
- }
- if (SEC_ASN1EncodeUnsignedInteger(
- our_pool, &encodeContext.pathLenConstraint,
- (unsigned long)value->pathLenConstraint) == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- GEN_BREAK(SECFailure);
- }
- }
- if (SEC_ASN1EncodeItem(arena, encodedValue, &encodeContext,
- CERTBasicConstraintsTemplate) == NULL) {
- GEN_BREAK(SECFailure);
- }
- } while (0);
- if (our_pool)
- PORT_FreeArena(our_pool, PR_FALSE);
- return (rv);
-}
-
-SECStatus
-CERT_DecodeBasicConstraintValue(CERTBasicConstraints *value,
- const SECItem *encodedValue)
-{
- EncodedContext decodeContext;
- PLArenaPool *our_pool;
- SECStatus rv = SECSuccess;
-
- do {
- PORT_Memset(&decodeContext, 0, sizeof(decodeContext));
- /* initialize the value just in case we got "0x30 00", or when the
- pathLenConstraint is omitted.
- */
- decodeContext.isCA.data = &hexFalse;
- decodeContext.isCA.len = 1;
-
- our_pool = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
- if (our_pool == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- GEN_BREAK(SECFailure);
- }
-
- rv = SEC_QuickDERDecodeItem(our_pool, &decodeContext,
- CERTBasicConstraintsTemplate, encodedValue);
- if (rv == SECFailure)
- break;
-
- value->isCA = decodeContext.isCA.data
- ? (PRBool)(decodeContext.isCA.data[0] != 0)
- : PR_FALSE;
- if (decodeContext.pathLenConstraint.data == NULL) {
- /* if the pathLenConstraint is not encoded, and the current setting
- is CA, then the pathLenConstraint should be set to a negative
- number
- for unlimited certificate path.
- */
- if (value->isCA)
- value->pathLenConstraint = CERT_UNLIMITED_PATH_CONSTRAINT;
- } else if (value->isCA) {
- long len = DER_GetInteger(&decodeContext.pathLenConstraint);
- if (len < 0 || len == LONG_MAX) {
- PORT_SetError(SEC_ERROR_BAD_DER);
- GEN_BREAK(SECFailure);
- }
- value->pathLenConstraint = len;
- } else {
- /* here we get an error where the subject is not a CA, but
- the pathLenConstraint is set */
- PORT_SetError(SEC_ERROR_BAD_DER);
- GEN_BREAK(SECFailure);
- break;
- }
-
- } while (0);
- PORT_FreeArena(our_pool, PR_FALSE);
- return (rv);
-}
« no previous file with comments | « nss/lib/certdb/xauthkid.c ('k') | nss/lib/certdb/xconst.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698