The Tor Browser / file diff

diff: security/nss/lib/certhigh/crlv2.c

security/nss/lib/certhigh/crlv2.c

changeset 0
6474c204b198
     1.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     1.2 +++ b/security/nss/lib/certhigh/crlv2.c	Wed Dec 31 06:09:35 2014 +0100
     1.3 @@ -0,0 +1,160 @@
     1.4 +/* This Source Code Form is subject to the terms of the Mozilla Public
     1.5 + * License, v. 2.0. If a copy of the MPL was not distributed with this
     1.6 + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
     1.7 +
     1.8 +/*
     1.9 + * Code for dealing with x.509 v3 crl and crl entries extensions.
    1.10 + */
    1.11 +
    1.12 +#include "cert.h"
    1.13 +#include "secitem.h"
    1.14 +#include "secoid.h"
    1.15 +#include "secoidt.h"
    1.16 +#include "secder.h"
    1.17 +#include "secasn1.h"
    1.18 +#include "certxutl.h"
    1.19 +
    1.20 +SECStatus
    1.21 +CERT_FindCRLExtensionByOID(CERTCrl *crl, SECItem *oid, SECItem *value)
    1.22 +{
    1.23 +    return (cert_FindExtensionByOID (crl->extensions, oid, value));
    1.24 +}
    1.25 +    
    1.26 +
    1.27 +SECStatus
    1.28 +CERT_FindCRLExtension(CERTCrl *crl, int tag, SECItem *value)
    1.29 +{
    1.30 +    return (cert_FindExtension (crl->extensions, tag, value));
    1.31 +}
    1.32 +
    1.33 +
    1.34 +/* Callback to set extensions and adjust verison */
    1.35 +static void
    1.36 +SetCrlExts(void *object, CERTCertExtension **exts)
    1.37 +{
    1.38 +    CERTCrl *crl = (CERTCrl *)object;
    1.39 +
    1.40 +    crl->extensions = exts;
    1.41 +    DER_SetUInteger (crl->arena, &crl->version, SEC_CRL_VERSION_2);
    1.42 +}
    1.43 +
    1.44 +void *
    1.45 +CERT_StartCRLExtensions(CERTCrl *crl)
    1.46 +{
    1.47 +    return (cert_StartExtensions ((void *)crl, crl->arena, SetCrlExts));
    1.48 +}
    1.49 +
    1.50 +static void
    1.51 +SetCrlEntryExts(void *object, CERTCertExtension **exts)
    1.52 +{
    1.53 +    CERTCrlEntry *crlEntry = (CERTCrlEntry *)object;
    1.54 +
    1.55 +    crlEntry->extensions = exts;
    1.56 +}
    1.57 +
    1.58 +void *
    1.59 +CERT_StartCRLEntryExtensions(CERTCrl *crl, CERTCrlEntry *entry)
    1.60 +{
    1.61 +    return (cert_StartExtensions (entry, crl->arena, SetCrlEntryExts));
    1.62 +}
    1.63 +
    1.64 +SECStatus CERT_FindCRLNumberExten (PLArenaPool *arena, CERTCrl *crl,
    1.65 +                                   SECItem *value)
    1.66 +{
    1.67 +    SECItem encodedExtenValue;
    1.68 +    SECItem *tmpItem = NULL;
    1.69 +    SECStatus rv;
    1.70 +    void *mark = NULL;
    1.71 +
    1.72 +    encodedExtenValue.data = NULL;
    1.73 +    encodedExtenValue.len = 0;
    1.74 +
    1.75 +    rv = cert_FindExtension(crl->extensions, SEC_OID_X509_CRL_NUMBER,
    1.76 +			  &encodedExtenValue);
    1.77 +    if ( rv != SECSuccess )
    1.78 +	return (rv);
    1.79 +
    1.80 +    mark = PORT_ArenaMark(arena);
    1.81 +
    1.82 +    tmpItem = SECITEM_ArenaDupItem(arena, &encodedExtenValue);
    1.83 +    if (tmpItem) {
    1.84 +        rv = SEC_QuickDERDecodeItem (arena, value,
    1.85 +                                     SEC_ASN1_GET(SEC_IntegerTemplate),
    1.86 +                                     tmpItem);
    1.87 +    } else {
    1.88 +        rv = SECFailure;
    1.89 +    }
    1.90 +
    1.91 +    PORT_Free (encodedExtenValue.data);
    1.92 +    if (rv == SECFailure) {
    1.93 +        PORT_ArenaRelease(arena, mark);
    1.94 +    } else {
    1.95 +        PORT_ArenaUnmark(arena, mark);
    1.96 +    }
    1.97 +    return (rv);
    1.98 +}
    1.99 +
   1.100 +SECStatus CERT_FindCRLEntryReasonExten (CERTCrlEntry *crlEntry,
   1.101 +                                        CERTCRLEntryReasonCode *value)
   1.102 +{
   1.103 +    SECItem wrapperItem = {siBuffer,0};
   1.104 +    SECItem tmpItem = {siBuffer,0};
   1.105 +    SECStatus rv;
   1.106 +    PLArenaPool *arena = NULL;
   1.107 +
   1.108 +    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);   
   1.109 +    if ( ! arena ) {
   1.110 +	return(SECFailure);
   1.111 +    }
   1.112 +    
   1.113 +    rv = cert_FindExtension(crlEntry->extensions, SEC_OID_X509_REASON_CODE, 
   1.114 +                            &wrapperItem);
   1.115 +    if ( rv != SECSuccess ) {
   1.116 +	goto loser;
   1.117 +    }
   1.118 +
   1.119 +    rv = SEC_QuickDERDecodeItem(arena, &tmpItem,
   1.120 +                                SEC_ASN1_GET(SEC_EnumeratedTemplate),
   1.121 +                                &wrapperItem);
   1.122 +
   1.123 +    if ( rv != SECSuccess ) {
   1.124 +	goto loser;
   1.125 +    }
   1.126 +
   1.127 +    *value = (CERTCRLEntryReasonCode) DER_GetInteger(&tmpItem);
   1.128 +
   1.129 +loser:
   1.130 +    if ( arena ) {
   1.131 +	PORT_FreeArena(arena, PR_FALSE);
   1.132 +    }
   1.133 +    
   1.134 +    if ( wrapperItem.data ) {
   1.135 +	PORT_Free(wrapperItem.data);
   1.136 +    }
   1.137 +
   1.138 +    return (rv);
   1.139 +}
   1.140 +
   1.141 +SECStatus CERT_FindInvalidDateExten (CERTCrl *crl, PRTime *value)
   1.142 +{
   1.143 +    SECItem encodedExtenValue;
   1.144 +    SECItem decodedExtenValue = {siBuffer,0};
   1.145 +    SECStatus rv;
   1.146 +
   1.147 +    encodedExtenValue.data = decodedExtenValue.data = NULL;
   1.148 +    encodedExtenValue.len = decodedExtenValue.len = 0;
   1.149 +
   1.150 +    rv = cert_FindExtension
   1.151 +	 (crl->extensions, SEC_OID_X509_INVALID_DATE, &encodedExtenValue);
   1.152 +    if ( rv != SECSuccess )
   1.153 +	return (rv);
   1.154 +
   1.155 +    rv = SEC_ASN1DecodeItem (NULL, &decodedExtenValue,
   1.156 +			     SEC_ASN1_GET(SEC_GeneralizedTimeTemplate),
   1.157 +                             &encodedExtenValue);
   1.158 +    if (rv == SECSuccess)
   1.159 +	rv = DER_GeneralizedTimeToTime(value, &encodedExtenValue);
   1.160 +    PORT_Free (decodedExtenValue.data);
   1.161 +    PORT_Free (encodedExtenValue.data);
   1.162 +    return (rv);
   1.163 +}

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial