The Tor Browser: comparison security/nss/lib/libpkix/pkix/checker/pkix

--1:000000000000
+:a7952518770e
+/* This Source Code Form is subject to the terms of the Mozilla Public
+* License, v. 2.0. If a copy of the MPL was not distributed with this
+* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+* pkix_expirationchecker.c
+*
+* Functions for expiration validation
+*
+*/
+#include "pkix_expirationchecker.h"
+/* --Private-Functions-------------------------------------------- */
+/*
+* FUNCTION: pkix_ExpirationChecker_Check
+* (see comments for PKIX_CertChainChecker_CheckCallback in pkix_checker.h)
+*/
+PKIX_Error *
+pkix_ExpirationChecker_Check(
+PKIX_CertChainChecker *checker,
+PKIX_PL_Cert *cert,
+PKIX_List *unresolvedCriticalExtensions,
+void **pNBIOContext,
+void *plContext)
+{
+PKIX_PL_Date *testDate = NULL;
+PKIX_ENTER(CERTCHAINCHECKER, "pkix_ExpirationChecker_Check");
+PKIX_NULLCHECK_THREE(checker, cert, pNBIOContext);
+*pNBIOContext = NULL; /* we never block on pending I/O */
+PKIX_CHECK(PKIX_CertChainChecker_GetCertChainCheckerState
+(checker, (PKIX_PL_Object **)&testDate, plContext),
+PKIX_CERTCHAINCHECKERGETCERTCHAINCHECKERSTATEFAILED);
+PKIX_CHECK(PKIX_PL_Cert_CheckValidity(cert, testDate, plContext),
+PKIX_CERTCHECKVALIDITYFAILED);
+cleanup:
+PKIX_DECREF(testDate);
+PKIX_RETURN(CERTCHAINCHECKER);
+}
+/*
+* FUNCTION: pkix_ExpirationChecker_Initialize
+* DESCRIPTION:
+*
+*  Creates a new CertChainChecker and stores it at "pChecker", where it will
+*  used by pkix_ExpirationChecker_Check to check that the certificate has not
+*  expired with respect to the Date pointed to by "testDate." If "testDate"
+*  is NULL, then the CertChainChecker will check that a certificate has not
+*  expired with respect to the current date and time.
+*
+* PARAMETERS:
+*  "testDate"
+*      Address of Date representing the point in time at which the cert is to
+*      be validated. If "testDate" is NULL, the current date and time is used.
+*  "pChecker"
+*      Address where object pointer will be stored. Must be non-NULL.
+*  "plContext"
+*      Platform-specific context pointer.
+* THREAD SAFETY:
+*  Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+* RETURNS:
+*  Returns NULL if the function succeeds.
+*  Returns a CertChainChecker Error if the function fails in a non-fatal way.
+*  Returns a Fatal Error if the function fails in an unrecoverable way.
+*/
+PKIX_Error *
+pkix_ExpirationChecker_Initialize(
+PKIX_PL_Date *testDate,
+PKIX_CertChainChecker **pChecker,
+void *plContext)
+{
+PKIX_PL_Date *myDate = NULL;
+PKIX_PL_Date *nowDate = NULL;
+PKIX_ENTER(CERTCHAINCHECKER, "pkix_ExpirationChecker_Initialize");
+PKIX_NULLCHECK_ONE(pChecker);
+/* if testDate is NULL, we use the current time */
+if (!testDate){
+PKIX_CHECK(PKIX_PL_Date_Create_UTCTime
+(NULL, &nowDate, plContext),
+PKIX_DATECREATEUTCTIMEFAILED);
+myDate = nowDate;
+} else {
+myDate = testDate;
+}
+PKIX_CHECK(PKIX_CertChainChecker_Create
+(pkix_ExpirationChecker_Check,
+PKIX_TRUE,
+PKIX_FALSE,
+NULL,
+(PKIX_PL_Object *)myDate,
+pChecker,
+plContext),
+PKIX_CERTCHAINCHECKERCREATEFAILED);
+cleanup:
+PKIX_DECREF(nowDate);
+PKIX_RETURN(CERTCHAINCHECKER);
+}

The Tor Browser / file comparison

comparison: security/nss/lib/libpkix/pkix/checker/pkix_expirationchecker.c

security/nss/lib/libpkix/pkix/checker/pkix_expirationchecker.c