Allow NSS to be built with NO_NSPR_10_SUPPORT.

nss/lib/certhigh/certvfy.c

 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 #include "nspr.h"
 #include "secerr.h"
 #include "secport.h"
 #include "seccomon.h"
 #include "secoid.h"
 #include "sslerr.h"
 #include "genname.h"
@@ skipping 121 matching lines @@
         SECKEY_DestroyPublicKey(pubKey);
     }
     return rv;
 }
 
 /*
  * verify the signature of a signed data object with the given certificate
  */
 SECStatus
 CERT_VerifySignedData(CERTSignedData *sd, CERTCertificate *cert,
-                      int64 t, void *wincx)
+                      PRTime t, void *wincx)
 {
     SECKEYPublicKey *pubKey = 0;
     SECStatus        rv     = SECFailure;
     SECCertTimeValidity validity;
 
     /* check the certificate's validity */
     validity = CERT_CheckCertValidTimes(cert, t, PR_FALSE);
     if ( validity != secCertTimeValid ) {
         return rv;
     }
 
     /* get cert's public key */
     pubKey = CERT_ExtractPublicKey(cert);
     if (pubKey) {
         rv =  CERT_VerifySignedDataWithPublicKey(sd, pubKey, wincx);
         SECKEY_DestroyPublicKey(pubKey);
     }
     return rv;
 }
 
 
 SECStatus
 SEC_CheckCRL(CERTCertDBHandle *handle,CERTCertificate *cert,
-             CERTCertificate *caCert, int64 t, void * wincx)
+             CERTCertificate *caCert, PRTime t, void * wincx)
 {
     return CERT_CheckCRL(cert, caCert, NULL, t, wincx);
 }
 
 /*
  * Find the issuer of a cert.  Use the authorityKeyID if it exists.
  */
 CERTCertificate *
-CERT_FindCertIssuer(CERTCertificate *cert, int64 validTime, SECCertUsage usage)
+CERT_FindCertIssuer(CERTCertificate *cert, PRTime validTime, SECCertUsage usage)
 {
     NSSCertificate *me;
     NSSTime *nssTime;
     NSSTrustDomain *td;
     NSSCryptoContext *cc;
     NSSCertificate *chain[3];
     NSSUsage nssUsage;
     PRStatus status;
 
     me = STAN_GetNSSCertificate(cert);
@@ skipping 155 matching lines @@
 
 #define LOG_ERROR(log,cert,depth,arg) \
     if ( log != NULL ) { \
         cert_AddToVerifyLog(log, cert, PORT_GetError(), depth, \
                             (void *)(PRWord)arg); \
     }
 
 static SECStatus
 cert_VerifyCertChainOld(CERTCertDBHandle *handle, CERTCertificate *cert,
                      PRBool checkSig, PRBool* sigerror,
-                     SECCertUsage certUsage, int64 t, void *wincx,
+                     SECCertUsage certUsage, PRTime t, void *wincx,
                      CERTVerifyLog *log, PRBool* revoked)
 {
     SECTrustType trustType;
     CERTBasicConstraints basicConstraint;
     CERTCertificate *issuerCert = NULL;
     CERTCertificate *subjectCert = NULL;
     CERTCertificate *badCert = NULL;
     PRBool isca;
     SECStatus rv;
     SECStatus rvFinal = SECSuccess;
     int count;
     int currentPathLen = 0;
     int pathLengthLimit = CERT_UNLIMITED_PATH_CONSTRAINT;
     unsigned int caCertType;
     unsigned int requiredCAKeyUsage;
     unsigned int requiredFlags;
-    PRArenaPool *arena = NULL;
+    PLArenaPool *arena = NULL;
     CERTGeneralName *namesList = NULL;
     CERTCertificate **certsList      = NULL;
     int certsListLen = 16;
     int namesCount = 0;
     PRBool subjectCertIsSelfIssued;
     CERTCertTrust issuerTrust;
 
     if (revoked) {
         *revoked = PR_FALSE;
     }
@@ skipping 348 matching lines @@
 
     if ( arena != NULL ) {
         PORT_FreeArena(arena, PR_FALSE);
     }
     return rv;
 }
 
 SECStatus
 cert_VerifyCertChain(CERTCertDBHandle *handle, CERTCertificate *cert,
                      PRBool checkSig, PRBool* sigerror,
-                     SECCertUsage certUsage, int64 t, void *wincx,
+                     SECCertUsage certUsage, PRTime t, void *wincx,
                      CERTVerifyLog *log, PRBool* revoked)
 {
     if (CERT_GetUsePKIXForValidation()) {
         return cert_VerifyCertChainPkix(cert, checkSig, certUsage, t,
                                         wincx, log, sigerror, revoked);
     }
     return cert_VerifyCertChainOld(handle, cert, checkSig, sigerror,
                                    certUsage, t, wincx, log, revoked);
 }
 
 SECStatus
 CERT_VerifyCertChain(CERTCertDBHandle *handle, CERTCertificate *cert,
-                     PRBool checkSig, SECCertUsage certUsage, int64 t,
+                     PRBool checkSig, SECCertUsage certUsage, PRTime t,
                      void *wincx, CERTVerifyLog *log)
 {
     return cert_VerifyCertChain(handle, cert, checkSig, NULL, certUsage, t,
                          wincx, log, NULL);
 }
 
 /*
  * verify that a CA can sign a certificate with the requested usage.
  */
 SECStatus
 CERT_VerifyCACertForUsage(CERTCertDBHandle *handle, CERTCertificate *cert,
-                PRBool checkSig, SECCertUsage certUsage, int64 t,
+                PRBool checkSig, SECCertUsage certUsage, PRTime t,
                 void *wincx, CERTVerifyLog *log)
 {
     SECTrustType trustType;
     CERTBasicConstraints basicConstraint;
     PRBool isca;
     PRBool validCAOverride = PR_FALSE;
     SECStatus rv;
     SECStatus rvFinal = SECSuccess;
     unsigned int flags;
     unsigned int caCertType;
@@ skipping 330 matching lines @@
  * certificateUsage contains a bitfield of all cert usages that are
  * required for verification to succeed
  *
  * a bitfield of cert usages is returned in *returnedUsages
  * if requiredUsages is non-zero, the returned bitmap is only
  * for those required usages, otherwise it is for all usages
  *
  */
 SECStatus
 CERT_VerifyCertificate(CERTCertDBHandle *handle, CERTCertificate *cert,
-                PRBool checkSig, SECCertificateUsage requiredUsages, int64 t,
+                PRBool checkSig, SECCertificateUsage requiredUsages, PRTime t,
                 void *wincx, CERTVerifyLog *log, SECCertificateUsage* returnedUsages)
 {
     SECStatus rv;
     SECStatus valid;
     unsigned int requiredKeyUsage;
     unsigned int requiredCertType;
     unsigned int flags;
     unsigned int certType;
     PRBool       allowOverride;
     SECCertTimeValidity validity;
@@ skipping 144 matching lines @@
 
         NEXT_USAGE();
     }
     
 loser:
     return(valid);
 }
 
 SECStatus
 CERT_VerifyCert(CERTCertDBHandle *handle, CERTCertificate *cert,
-                PRBool checkSig, SECCertUsage certUsage, int64 t,
+                PRBool checkSig, SECCertUsage certUsage, PRTime t,
                 void *wincx, CERTVerifyLog *log)
 {
     SECStatus rv;
     unsigned int requiredKeyUsage;
     unsigned int requiredCertType;
     unsigned int flags;
     unsigned int certType;
     PRBool       trusted;
     PRBool       allowOverride;
     SECCertTimeValidity validity;
@@ skipping 133 matching lines @@
  *      certUsageSSLServer
  *      certUsageSSLServerWithStepUp
  *      certUsageEmailSigner
  *      certUsageEmailRecipient
  *      certUsageObjectSigner
  */
 
 CERTCertificate *
 CERT_FindMatchingCert(CERTCertDBHandle *handle, SECItem *derName,
                       CERTCertOwner owner, SECCertUsage usage,
-                      PRBool preferTrusted, int64 validTime, PRBool validOnly)
+                      PRBool preferTrusted, PRTime validTime, PRBool validOnly)
 {
     CERTCertList *certList = NULL;
     CERTCertificate *cert = NULL;
     CERTCertTrust certTrust;
     unsigned int requiredTrustFlags;
     SECTrustType requiredTrustType;
     unsigned int flags;
     
     PRBool lookingForCA = PR_FALSE;
     SECStatus rv;
@@ skipping 97 matching lines @@
 CERT_FilterCertListByCANames(CERTCertList *certList, int nCANames,
                              char **caNames, SECCertUsage usage)
 {
     CERTCertificate *issuerCert = NULL;
     CERTCertificate *subjectCert;
     CERTCertListNode *node, *freenode;
     CERTCertificate *cert;
     int n;
     char **names;
     PRBool found;
-    int64 time;
+    PRTime time;
     
     if ( nCANames <= 0 ) {
         return(SECSuccess);
     }
 
     time = PR_Now();
     
     node = CERT_LIST_HEAD(certList);
     
     while ( ! CERT_LIST_END(node, certList) ) {
@@ skipping 55 matching lines @@
  *
  * "arena" - arena to allocate returned string from.  If NULL, then heap
  *      is used.
  * "cert" - the cert to get nickname from
  * "expiredString" - the string to append to the nickname if the cert is
  *              expired.
  * "notYetGoodString" - the string to append to the nickname if the cert is
  *              not yet good.
  */
 char *
-CERT_GetCertNicknameWithValidity(PRArenaPool *arena, CERTCertificate *cert,
+CERT_GetCertNicknameWithValidity(PLArenaPool *arena, CERTCertificate *cert,
                                  char *expiredString, char *notYetGoodString)
 {
     SECCertTimeValidity validity;
     char *nickname = NULL, *tmpstr = NULL;
     
     validity = CERT_CheckCertValidTimes(cert, PR_Now(), PR_FALSE);
 
     /* if the cert is good, then just use the nickname directly */
     if ( validity == secCertTimeValid ) {
         if ( arena == NULL ) {
@@ skipping 51 matching lines @@
  * "certList" - the list of certificates
  * "expiredString" - the string to append to the nickname of any expired cert
  * "notYetGoodString" - the string to append to the nickname of any cert
  *              that is not yet valid
  */
 CERTCertNicknames *
 CERT_NicknameStringsFromCertList(CERTCertList *certList, char *expiredString,
                                  char *notYetGoodString)
 {
     CERTCertNicknames *names;
-    PRArenaPool *arena;
+    PLArenaPool *arena;
     CERTCertListNode *node;
     char **nn;
     
     /* allocate an arena */
     arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
     if ( arena == NULL ) {
         return(NULL);
     }
     
     /* allocate the structure */
@@ skipping 114 matching lines @@
     retstr = PORT_Strdup(namestring);
     
 done:
     return(retstr);
 
 loser:
     return(NULL);
 }
 
 CERTCertList *
-CERT_GetCertChainFromCert(CERTCertificate *cert, int64 time, SECCertUsage usage)
+CERT_GetCertChainFromCert(CERTCertificate *cert, PRTime time, SECCertUsage usage)
 {
     CERTCertList *chain = NULL;
     int count = 0;
 
     if (NULL == cert) {
         return NULL;
     }
     
     cert = CERT_DupCertificate(cert);
     if (NULL == cert) {
@@ skipping 19 matching lines @@
             return chain;
         }
 
         cert = CERT_FindCertIssuer(cert, time, usage);
     }
 
     /* return partial chain */
     PORT_SetError(SEC_ERROR_UNKNOWN_ISSUER);
     return chain;
 }