net/third_party/nss/ssl/cmpcert.c - Issue 2185403003: Return the certificate chain in ClientCertStoreNSS.

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: net/third_party/nss/ssl/cmpcert.c

Issue 2185403003: Return the certificate chain in ClientCertStoreNSS. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: rsleevi comments Created 4 years, 4 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
	(Empty)
1 /*

2 * NSS utility functions

3 *

4 * This Source Code Form is subject to the terms of the Mozilla Public

5 * License, v. 2.0. If a copy of the MPL was not distributed with this

6 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

7

8 #include <stdio.h>

9 #include <string.h>

10 #include "prerror.h"

11 #include "secitem.h"

12 #include "prnetdb.h"

13 #include "cert.h"

14 #include "nspr.h"

15 #include "secder.h"

16 #include "key.h"

17 #include "nss.h"

18

19 /*

20 * Look to see if any of the signers in the cert chain for "cert" are found

21 * in the list of caNames.

22 * Returns SECSuccess if so, SECFailure if not.

23 */

24 SECStatus

25 NSS_CmpCertChainWCANames(CERTCertificate cert, CERTDistNames caNames)

26 {

27 SECItem *caname;

28 CERTCertificate *curcert;

29 CERTCertificate *oldcert;

30 PRInt32 contentlen;

31 int j;

32 int headerlen;

33 int depth;

34 SECStatus rv;

35 SECItem issuerName;

36 SECItem compatIssuerName;

37

38 if (!cert \|\| !caNames \|\| !caNames->nnames \|\| !caNames->names \|\|

39 !caNames->names->data)

40 return SECFailure;

41 depth = 0;

42 curcert = CERT_DupCertificate(cert);

43

44 while (curcert) {

45 issuerName = curcert->derIssuer;

46

47 /* compute an alternate issuer name for compatibility with 2.0

48 * enterprise server, which send the CA names without

49 * the outer layer of DER header

50 */

51 rv = DER_Lengths(&issuerName, &headerlen, (PRUint32 *)&contentlen);

52 if (rv == SECSuccess) {

53 compatIssuerName.data = &issuerName.data[headerlen];

54 compatIssuerName.len = issuerName.len - headerlen;

55 } else {

56 compatIssuerName.data = NULL;

57 compatIssuerName.len = 0;

58 }

59

60 for (j = 0; j < caNames->nnames; j++) {

61 caname = &caNames->names[j];

62 if (SECITEM_CompareItem(&issuerName, caname) == SECEqual) {

63 rv = SECSuccess;

64 CERT_DestroyCertificate(curcert);

65 goto done;

66 } else if (SECITEM_CompareItem(&compatIssuerName, caname) == SECEqua l) {

67 rv = SECSuccess;

68 CERT_DestroyCertificate(curcert);

69 goto done;

70 }

71 }

72 if ((depth <= 20) &&

73 (SECITEM_CompareItem(&curcert->derIssuer, &curcert->derSubject) !=

74 SECEqual)) {

75 oldcert = curcert;

76 curcert = CERT_FindCertByName(curcert->dbhandle,

77 &curcert->derIssuer);

78 CERT_DestroyCertificate(oldcert);

79 depth++;

80 } else {

81 CERT_DestroyCertificate(curcert);

82 curcert = NULL;

83 }

84 }

85 rv = SECFailure;

86

87 done:

88 return rv;

89 }

OLD	NEW

« no previous file with comments | « net/third_party/nss/ssl/cmpcert.h ('k') | net/third_party/nss/ssl/cmpcert.cc » ('j') | net/third_party/nss/ssl/cmpcert.cc » ('J')