Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1020)

Unified Diff: nss/lib/libpkix/pkix/checker/pkix_basicconstraintschecker.c

Issue 2078763002: Delete bundled copy of NSS and replace with README. (Closed) Base URL: https://chromium.googlesource.com/chromium/deps/nss@master
Patch Set: Delete bundled copy of NSS and replace with README. Created 4 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: nss/lib/libpkix/pkix/checker/pkix_basicconstraintschecker.c
diff --git a/nss/lib/libpkix/pkix/checker/pkix_basicconstraintschecker.c b/nss/lib/libpkix/pkix/checker/pkix_basicconstraintschecker.c
deleted file mode 100755
index 0e7a87997d49527a984921df0f900fe28cbebbcf..0000000000000000000000000000000000000000
--- a/nss/lib/libpkix/pkix/checker/pkix_basicconstraintschecker.c
+++ /dev/null
@@ -1,306 +0,0 @@
-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-/*
- * pkix_basicconstraintschecker.c
- *
- * Functions for basic constraints validation
- *
- */
-
-#include "pkix_basicconstraintschecker.h"
-
-/* --Private-BasicConstraintsCheckerState-Functions------------------------- */
-
-/*
- * FUNCTION: pkix_BasicConstraintsCheckerState_Destroy
- * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
- */
-static PKIX_Error *
-pkix_BasicConstraintsCheckerState_Destroy(
- PKIX_PL_Object *object,
- void *plContext)
-{
- pkix_BasicConstraintsCheckerState *state = NULL;
-
- PKIX_ENTER(BASICCONSTRAINTSCHECKERSTATE,
- "pkix_BasicConstraintsCheckerState_Destroy");
-
- PKIX_NULLCHECK_ONE(object);
-
- /* Check that this object is a basic constraints checker state */
- PKIX_CHECK(pkix_CheckType
- (object, PKIX_BASICCONSTRAINTSCHECKERSTATE_TYPE, plContext),
- PKIX_OBJECTNOTBASICCONSTRAINTSCHECKERSTATE);
-
- state = (pkix_BasicConstraintsCheckerState *)object;
-
- PKIX_DECREF(state->basicConstraintsOID);
-
-cleanup:
-
- PKIX_RETURN(BASICCONSTRAINTSCHECKERSTATE);
-}
-
-/*
- * FUNCTION: pkix_BasicConstraintsCheckerState_RegisterSelf
- * DESCRIPTION:
- * Registers PKIX_CERT_TYPE and its related functions with systemClasses[]
- * THREAD SAFETY:
- * Not Thread Safe - for performance and complexity reasons
- *
- * Since this function is only called by PKIX_PL_Initialize, which should
- * only be called once, it is acceptable that this function is not
- * thread-safe.
- */
-PKIX_Error *
-pkix_BasicConstraintsCheckerState_RegisterSelf(void *plContext)
-{
- extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
- pkix_ClassTable_Entry entry;
-
- PKIX_ENTER(BASICCONSTRAINTSCHECKERSTATE,
- "pkix_BasicConstraintsCheckerState_RegisterSelf");
-
- entry.description = "BasicConstraintsCheckerState";
- entry.objCounter = 0;
- entry.typeObjectSize = sizeof(pkix_BasicConstraintsCheckerState);
- entry.destructor = pkix_BasicConstraintsCheckerState_Destroy;
- entry.equalsFunction = NULL;
- entry.hashcodeFunction = NULL;
- entry.toStringFunction = NULL;
- entry.comparator = NULL;
- entry.duplicateFunction = NULL;
-
- systemClasses[PKIX_BASICCONSTRAINTSCHECKERSTATE_TYPE] = entry;
-
- PKIX_RETURN(BASICCONSTRAINTSCHECKERSTATE);
-}
-
-/*
- * FUNCTION: pkix_BasicConstraintsCheckerState_Create
- * DESCRIPTION:
- *
- * Creates a new BasicConstraintsCheckerState using the number of certs in
- * the chain represented by "certsRemaining" and stores it at "pState".
- *
- * PARAMETERS:
- * "certsRemaining"
- * Number of certificates in the chain.
- * "pState"
- * Address where object pointer will be stored. Must be non-NULL.
- * "plContext"
- * Platform-specific context pointer.
- * THREAD SAFETY:
- * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
- * RETURNS:
- * Returns NULL if the function succeeds.
- * Returns a BasicConstraintsCheckerState Error if the function fails in a
- * non-fatal way.
- * Returns a Fatal Error if the function fails in an unrecoverable way.
- */
-static PKIX_Error *
-pkix_BasicConstraintsCheckerState_Create(
- PKIX_UInt32 certsRemaining,
- pkix_BasicConstraintsCheckerState **pState,
- void *plContext)
-{
- pkix_BasicConstraintsCheckerState *state = NULL;
-
- PKIX_ENTER(BASICCONSTRAINTSCHECKERSTATE,
- "pkix_BasicConstraintsCheckerState_Create");
-
- PKIX_NULLCHECK_ONE(pState);
-
- PKIX_CHECK(PKIX_PL_Object_Alloc
- (PKIX_BASICCONSTRAINTSCHECKERSTATE_TYPE,
- sizeof (pkix_BasicConstraintsCheckerState),
- (PKIX_PL_Object **)&state,
- plContext),
- PKIX_COULDNOTCREATEBASICCONSTRAINTSSTATEOBJECT);
-
- /* initialize fields */
- state->certsRemaining = certsRemaining;
- state->maxPathLength = PKIX_UNLIMITED_PATH_CONSTRAINT;
-
- PKIX_CHECK(PKIX_PL_OID_Create
- (PKIX_BASICCONSTRAINTS_OID,
- &state->basicConstraintsOID,
- plContext),
- PKIX_OIDCREATEFAILED);
-
- *pState = state;
- state = NULL;
-
-cleanup:
-
- PKIX_DECREF(state);
-
- PKIX_RETURN(BASICCONSTRAINTSCHECKERSTATE);
-}
-
-/* --Private-BasicConstraintsChecker-Functions------------------------------ */
-
-/*
- * FUNCTION: pkix_BasicConstraintsChecker_Check
- * (see comments for PKIX_CertChainChecker_CheckCallback in pkix_checker.h)
- */
-PKIX_Error *
-pkix_BasicConstraintsChecker_Check(
- PKIX_CertChainChecker *checker,
- PKIX_PL_Cert *cert,
- PKIX_List *unresolvedCriticalExtensions, /* list of PKIX_PL_OID */
- void **pNBIOContext,
- void *plContext)
-{
- PKIX_PL_CertBasicConstraints *basicConstraints = NULL;
- pkix_BasicConstraintsCheckerState *state = NULL;
- PKIX_Boolean caFlag = PKIX_FALSE;
- PKIX_Int32 pathLength = 0;
- PKIX_Int32 maxPathLength_now;
- PKIX_Boolean isSelfIssued = PKIX_FALSE;
-
- PKIX_ENTER(CERTCHAINCHECKER, "pkix_BasicConstraintsChecker_Check");
- PKIX_NULLCHECK_THREE(checker, cert, pNBIOContext);
-
- *pNBIOContext = NULL; /* we never block on pending I/O */
-
- PKIX_CHECK(PKIX_CertChainChecker_GetCertChainCheckerState
- (checker, (PKIX_PL_Object **)&state, plContext),
- PKIX_CERTCHAINCHECKERGETCERTCHAINCHECKERSTATEFAILED);
-
- state->certsRemaining--;
-
- if (state->certsRemaining != 0) {
-
- PKIX_CHECK(PKIX_PL_Cert_GetBasicConstraints
- (cert, &basicConstraints, plContext),
- PKIX_CERTGETBASICCONSTRAINTSFAILED);
-
- /* get CA Flag and path length */
- if (basicConstraints != NULL) {
- PKIX_CHECK(PKIX_PL_BasicConstraints_GetCAFlag
- (basicConstraints,
- &caFlag,
- plContext),
- PKIX_BASICCONSTRAINTSGETCAFLAGFAILED);
-
- if (caFlag == PKIX_TRUE) {
- PKIX_CHECK
- (PKIX_PL_BasicConstraints_GetPathLenConstraint
- (basicConstraints,
- &pathLength,
- plContext),
- PKIX_BASICCONSTRAINTSGETPATHLENCONSTRAINTFAILED);
- }
-
- }else{
- caFlag = PKIX_FALSE;
- pathLength = PKIX_UNLIMITED_PATH_CONSTRAINT;
- }
-
- PKIX_CHECK(pkix_IsCertSelfIssued
- (cert,
- &isSelfIssued,
- plContext),
- PKIX_ISCERTSELFISSUEDFAILED);
-
- maxPathLength_now = state->maxPathLength;
-
- if (isSelfIssued != PKIX_TRUE) {
-
- /* Not last CA Cert, but maxPathLength is down to zero */
- if (maxPathLength_now == 0) {
- PKIX_ERROR(PKIX_BASICCONSTRAINTSVALIDATIONFAILEDLN);
- }
-
- if (caFlag == PKIX_FALSE) {
- PKIX_ERROR(PKIX_BASICCONSTRAINTSVALIDATIONFAILEDCA);
- }
-
- if (maxPathLength_now > 0) { /* can be unlimited (-1) */
- maxPathLength_now--;
- }
-
- }
-
- if (caFlag == PKIX_TRUE) {
- if (maxPathLength_now == PKIX_UNLIMITED_PATH_CONSTRAINT){
- maxPathLength_now = pathLength;
- } else {
- /* If pathLength is not specified, don't set */
- if (pathLength != PKIX_UNLIMITED_PATH_CONSTRAINT) {
- maxPathLength_now =
- (maxPathLength_now > pathLength)?
- pathLength:maxPathLength_now;
- }
- }
- }
-
- state->maxPathLength = maxPathLength_now;
- }
-
- /* Remove Basic Constraints Extension OID from list */
- if (unresolvedCriticalExtensions != NULL) {
-
- PKIX_CHECK(pkix_List_Remove
- (unresolvedCriticalExtensions,
- (PKIX_PL_Object *) state->basicConstraintsOID,
- plContext),
- PKIX_LISTREMOVEFAILED);
- }
-
-
- PKIX_CHECK(PKIX_CertChainChecker_SetCertChainCheckerState
- (checker, (PKIX_PL_Object *)state, plContext),
- PKIX_CERTCHAINCHECKERSETCERTCHAINCHECKERSTATEFAILED);
-
-
-cleanup:
- PKIX_DECREF(state);
- PKIX_DECREF(basicConstraints);
- PKIX_RETURN(CERTCHAINCHECKER);
-
-}
-
-/*
- * FUNCTION: pkix_BasicConstraintsChecker_Initialize
- * DESCRIPTION:
- * Registers PKIX_CERT_TYPE and its related functions with systemClasses[]
- * THREAD SAFETY:
- * Not Thread Safe - for performance and complexity reasons
- *
- * Since this function is only called by PKIX_PL_Initialize, which should
- * only be called once, it is acceptable that this function is not
- * thread-safe.
- */
-PKIX_Error *
-pkix_BasicConstraintsChecker_Initialize(
- PKIX_UInt32 certsRemaining,
- PKIX_CertChainChecker **pChecker,
- void *plContext)
-{
- pkix_BasicConstraintsCheckerState *state = NULL;
-
- PKIX_ENTER(CERTCHAINCHECKER, "pkix_BasicConstraintsChecker_Initialize");
- PKIX_NULLCHECK_ONE(pChecker);
-
- PKIX_CHECK(pkix_BasicConstraintsCheckerState_Create
- (certsRemaining, &state, plContext),
- PKIX_BASICCONSTRAINTSCHECKERSTATECREATEFAILED);
-
- PKIX_CHECK(PKIX_CertChainChecker_Create
- (pkix_BasicConstraintsChecker_Check,
- PKIX_FALSE,
- PKIX_FALSE,
- NULL,
- (PKIX_PL_Object *)state,
- pChecker,
- plContext),
- PKIX_CERTCHAINCHECKERCHECKFAILED);
-
-cleanup:
- PKIX_DECREF(state);
-
- PKIX_RETURN(CERTCHAINCHECKER);
-}
« no previous file with comments | « nss/lib/libpkix/pkix/checker/pkix_basicconstraintschecker.h ('k') | nss/lib/libpkix/pkix/checker/pkix_certchainchecker.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698