Mercurial > trustbridge > nss-cmake-static

diff nss/lib/certhigh/crlv2.c @ 0:1e5118fa0cb1

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
This is NSS with a Cmake Buildsyste To compile a static NSS library for Windows we've used the Chromium-NSS fork and added a Cmake buildsystem to compile it statically for Windows. See README.chromium for chromium changes and README.trustbridge for our modifications.
author Andre Heinecke <andre.heinecke@intevation.de>
date Mon, 28 Jul 2014 10:47:06 +0200
parents
children
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/nss/lib/certhigh/crlv2.c	Mon Jul 28 10:47:06 2014 +0200
@@ -0,0 +1,160 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * Code for dealing with x.509 v3 crl and crl entries extensions.
+ */
+
+#include "cert.h"
+#include "secitem.h"
+#include "secoid.h"
+#include "secoidt.h"
+#include "secder.h"
+#include "secasn1.h"
+#include "certxutl.h"
+
+SECStatus
+CERT_FindCRLExtensionByOID(CERTCrl *crl, SECItem *oid, SECItem *value)
+{
+    return (cert_FindExtensionByOID (crl->extensions, oid, value));
+}
+    
+
+SECStatus
+CERT_FindCRLExtension(CERTCrl *crl, int tag, SECItem *value)
+{
+    return (cert_FindExtension (crl->extensions, tag, value));
+}
+
+
+/* Callback to set extensions and adjust verison */
+static void
+SetCrlExts(void *object, CERTCertExtension **exts)
+{
+    CERTCrl *crl = (CERTCrl *)object;
+
+    crl->extensions = exts;
+    DER_SetUInteger (crl->arena, &crl->version, SEC_CRL_VERSION_2);
+}
+
+void *
+CERT_StartCRLExtensions(CERTCrl *crl)
+{
+    return (cert_StartExtensions ((void *)crl, crl->arena, SetCrlExts));
+}
+
+static void
+SetCrlEntryExts(void *object, CERTCertExtension **exts)
+{
+    CERTCrlEntry *crlEntry = (CERTCrlEntry *)object;
+
+    crlEntry->extensions = exts;
+}
+
+void *
+CERT_StartCRLEntryExtensions(CERTCrl *crl, CERTCrlEntry *entry)
+{
+    return (cert_StartExtensions (entry, crl->arena, SetCrlEntryExts));
+}
+
+SECStatus CERT_FindCRLNumberExten (PLArenaPool *arena, CERTCrl *crl,
+                                   SECItem *value)
+{
+    SECItem encodedExtenValue;
+    SECItem *tmpItem = NULL;
+    SECStatus rv;
+    void *mark = NULL;
+
+    encodedExtenValue.data = NULL;
+    encodedExtenValue.len = 0;
+
+    rv = cert_FindExtension(crl->extensions, SEC_OID_X509_CRL_NUMBER,
+			  &encodedExtenValue);
+    if ( rv != SECSuccess )
+	return (rv);
+
+    mark = PORT_ArenaMark(arena);
+
+    tmpItem = SECITEM_ArenaDupItem(arena, &encodedExtenValue);
+    if (tmpItem) {
+        rv = SEC_QuickDERDecodeItem (arena, value,
+                                     SEC_ASN1_GET(SEC_IntegerTemplate),
+                                     tmpItem);
+    } else {
+        rv = SECFailure;
+    }
+
+    PORT_Free (encodedExtenValue.data);
+    if (rv == SECFailure) {
+        PORT_ArenaRelease(arena, mark);
+    } else {
+        PORT_ArenaUnmark(arena, mark);
+    }
+    return (rv);
+}
+
+SECStatus CERT_FindCRLEntryReasonExten (CERTCrlEntry *crlEntry,
+                                        CERTCRLEntryReasonCode *value)
+{
+    SECItem wrapperItem = {siBuffer,0};
+    SECItem tmpItem = {siBuffer,0};
+    SECStatus rv;
+    PLArenaPool *arena = NULL;
+
+    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);   
+    if ( ! arena ) {
+	return(SECFailure);
+    }
+    
+    rv = cert_FindExtension(crlEntry->extensions, SEC_OID_X509_REASON_CODE, 
+                            &wrapperItem);
+    if ( rv != SECSuccess ) {
+	goto loser;
+    }
+
+    rv = SEC_QuickDERDecodeItem(arena, &tmpItem,
+                                SEC_ASN1_GET(SEC_EnumeratedTemplate),
+                                &wrapperItem);
+
+    if ( rv != SECSuccess ) {
+	goto loser;
+    }
+
+    *value = (CERTCRLEntryReasonCode) DER_GetInteger(&tmpItem);
+
+loser:
+    if ( arena ) {
+	PORT_FreeArena(arena, PR_FALSE);
+    }
+    
+    if ( wrapperItem.data ) {
+	PORT_Free(wrapperItem.data);
+    }
+
+    return (rv);
+}
+
+SECStatus CERT_FindInvalidDateExten (CERTCrl *crl, PRTime *value)
+{
+    SECItem encodedExtenValue;
+    SECItem decodedExtenValue = {siBuffer,0};
+    SECStatus rv;
+
+    encodedExtenValue.data = decodedExtenValue.data = NULL;
+    encodedExtenValue.len = decodedExtenValue.len = 0;
+
+    rv = cert_FindExtension
+	 (crl->extensions, SEC_OID_X509_INVALID_DATE, &encodedExtenValue);
+    if ( rv != SECSuccess )
+	return (rv);
+
+    rv = SEC_ASN1DecodeItem (NULL, &decodedExtenValue,
+			     SEC_ASN1_GET(SEC_GeneralizedTimeTemplate),
+                             &encodedExtenValue);
+    if (rv == SECSuccess)
+	rv = DER_GeneralizedTimeToTime(value, &encodedExtenValue);
+    PORT_Free (decodedExtenValue.data);
+    PORT_Free (encodedExtenValue.data);
+    return (rv);
+}
This site is hosted by Intevation GmbH (Datenschutzerklärung und Impressum | Privacy Policy and Imprint)