The Tor Browser / file revision

security/nss/lib/certhigh/crlv2.c@6474c204b198

security/nss/lib/certhigh/crlv2.c

Wed, 31 Dec 2014 06:09:35 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Wed, 31 Dec 2014 06:09:35 +0100
changeset 0
6474c204b198
permissions
-rw-r--r--

Cloned upstream origin tor-browser at tor-browser-31.3.0esr-4.5-1-build1
revision ID fc1c9ff7c1b2defdbc039f12214767608f46423f for hacking purpose.

     1 /* This Source Code Form is subject to the terms of the Mozilla Public

     2  * License, v. 2.0. If a copy of the MPL was not distributed with this

     3  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

     4 

     5 /*

     6  * Code for dealing with x.509 v3 crl and crl entries extensions.

     7  */

     8 

     9 #include "cert.h"

    10 #include "secitem.h"

    11 #include "secoid.h"

    12 #include "secoidt.h"

    13 #include "secder.h"

    14 #include "secasn1.h"

    15 #include "certxutl.h"

    16 

    17 SECStatus

    18 CERT_FindCRLExtensionByOID(CERTCrl *crl, SECItem *oid, SECItem *value)

    19 {

    20     return (cert_FindExtensionByOID (crl->extensions, oid, value));

    21 }

    22     

    23 

    24 SECStatus

    25 CERT_FindCRLExtension(CERTCrl *crl, int tag, SECItem *value)

    26 {

    27     return (cert_FindExtension (crl->extensions, tag, value));

    28 }

    29 

    30 

    31 /* Callback to set extensions and adjust verison */

    32 static void

    33 SetCrlExts(void *object, CERTCertExtension **exts)

    34 {

    35     CERTCrl *crl = (CERTCrl *)object;

    36 

    37     crl->extensions = exts;

    38     DER_SetUInteger (crl->arena, &crl->version, SEC_CRL_VERSION_2);

    39 }

    40 

    41 void *

    42 CERT_StartCRLExtensions(CERTCrl *crl)

    43 {

    44     return (cert_StartExtensions ((void *)crl, crl->arena, SetCrlExts));

    45 }

    46 

    47 static void

    48 SetCrlEntryExts(void *object, CERTCertExtension **exts)

    49 {

    50     CERTCrlEntry *crlEntry = (CERTCrlEntry *)object;

    51 

    52     crlEntry->extensions = exts;

    53 }

    54 

    55 void *

    56 CERT_StartCRLEntryExtensions(CERTCrl *crl, CERTCrlEntry *entry)

    57 {

    58     return (cert_StartExtensions (entry, crl->arena, SetCrlEntryExts));

    59 }

    60 

    61 SECStatus CERT_FindCRLNumberExten (PLArenaPool *arena, CERTCrl *crl,

    62                                    SECItem *value)

    63 {

    64     SECItem encodedExtenValue;

    65     SECItem *tmpItem = NULL;

    66     SECStatus rv;

    67     void *mark = NULL;

    68 

    69     encodedExtenValue.data = NULL;

    70     encodedExtenValue.len = 0;

    71 

    72     rv = cert_FindExtension(crl->extensions, SEC_OID_X509_CRL_NUMBER,

    73 			  &encodedExtenValue);

    74     if ( rv != SECSuccess )

    75 	return (rv);

    76 

    77     mark = PORT_ArenaMark(arena);

    78 

    79     tmpItem = SECITEM_ArenaDupItem(arena, &encodedExtenValue);

    80     if (tmpItem) {

    81         rv = SEC_QuickDERDecodeItem (arena, value,

    82                                      SEC_ASN1_GET(SEC_IntegerTemplate),

    83                                      tmpItem);

    84     } else {

    85         rv = SECFailure;

    86     }

    87 

    88     PORT_Free (encodedExtenValue.data);

    89     if (rv == SECFailure) {

    90         PORT_ArenaRelease(arena, mark);

    91     } else {

    92         PORT_ArenaUnmark(arena, mark);

    93     }

    94     return (rv);

    95 }

    96 

    97 SECStatus CERT_FindCRLEntryReasonExten (CERTCrlEntry *crlEntry,

    98                                         CERTCRLEntryReasonCode *value)

    99 {

   100     SECItem wrapperItem = {siBuffer,0};

   101     SECItem tmpItem = {siBuffer,0};

   102     SECStatus rv;

   103     PLArenaPool *arena = NULL;

   104 

   105     arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);   

   106     if ( ! arena ) {

   107 	return(SECFailure);

   108     }

   109     

   110     rv = cert_FindExtension(crlEntry->extensions, SEC_OID_X509_REASON_CODE, 

   111                             &wrapperItem);

   112     if ( rv != SECSuccess ) {

   113 	goto loser;

   114     }

   115 

   116     rv = SEC_QuickDERDecodeItem(arena, &tmpItem,

   117                                 SEC_ASN1_GET(SEC_EnumeratedTemplate),

   118                                 &wrapperItem);

   119 

   120     if ( rv != SECSuccess ) {

   121 	goto loser;

   122     }

   123 

   124     *value = (CERTCRLEntryReasonCode) DER_GetInteger(&tmpItem);

   125 

   126 loser:

   127     if ( arena ) {

   128 	PORT_FreeArena(arena, PR_FALSE);

   129     }

   130     

   131     if ( wrapperItem.data ) {

   132 	PORT_Free(wrapperItem.data);

   133     }

   134 

   135     return (rv);

   136 }

   137 

   138 SECStatus CERT_FindInvalidDateExten (CERTCrl *crl, PRTime *value)

   139 {

   140     SECItem encodedExtenValue;

   141     SECItem decodedExtenValue = {siBuffer,0};

   142     SECStatus rv;

   143 

   144     encodedExtenValue.data = decodedExtenValue.data = NULL;

   145     encodedExtenValue.len = decodedExtenValue.len = 0;

   146 

   147     rv = cert_FindExtension

   148 	 (crl->extensions, SEC_OID_X509_INVALID_DATE, &encodedExtenValue);

   149     if ( rv != SECSuccess )

   150 	return (rv);

   151 

   152     rv = SEC_ASN1DecodeItem (NULL, &decodedExtenValue,

   153 			     SEC_ASN1_GET(SEC_GeneralizedTimeTemplate),

   154                              &encodedExtenValue);

   155     if (rv == SECSuccess)

   156 	rv = DER_GeneralizedTimeToTime(value, &encodedExtenValue);

   157     PORT_Free (decodedExtenValue.data);

   158     PORT_Free (encodedExtenValue.data);

   159     return (rv);

   160 }

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial