Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(56)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: nss/lib/libpkix/pkix/top/pkix_build.c

Issue 17773004: Update NSS to NSS_3_15_1_BETA2. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/deps/third_party/nss/
Patch Set: Created 7 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « nss/lib/certdb/stanpcertdb.c ('k') | nss/lib/nss/nss.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* This Source Code Form is subject to the terms of the Mozilla Public 1 /* This Source Code Form is subject to the terms of the Mozilla Public
2 * License, v. 2.0. If a copy of the MPL was not distributed with this 2 * License, v. 2.0. If a copy of the MPL was not distributed with this
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4 /* 4 /*
5 * pkix_build.c 5 * pkix_build.c
6 * 6 *
7 * Top level buildChain function 7 * Top level buildChain function
8 * 8 *
9 */ 9 */
10 10
(...skipping 1003 matching lines...) Expand 10 before | Expand all | Expand 10 after
1014 PKIX_Boolean chainRevalidationStage, 1014 PKIX_Boolean chainRevalidationStage,
1015 void *plContext) 1015 void *plContext)
1016 { 1016 {
1017 PKIX_List *checkers = NULL; 1017 PKIX_List *checkers = NULL;
1018 PKIX_List *initialPolicies = NULL; 1018 PKIX_List *initialPolicies = NULL;
1019 PKIX_List *reversedCertChain = NULL; 1019 PKIX_List *reversedCertChain = NULL;
1020 PKIX_List *buildCheckedCritExtOIDsList = NULL; 1020 PKIX_List *buildCheckedCritExtOIDsList = NULL;
1021 PKIX_ProcessingParams *procParams = NULL; 1021 PKIX_ProcessingParams *procParams = NULL;
1022 PKIX_PL_Cert *trustedCert = NULL; 1022 PKIX_PL_Cert *trustedCert = NULL;
1023 PKIX_PL_PublicKey *trustedPubKey = NULL; 1023 PKIX_PL_PublicKey *trustedPubKey = NULL;
1024 PKIX_PL_CertNameConstraints *trustedNC = NULL;
1024 PKIX_CertChainChecker *sigChecker = NULL; 1025 PKIX_CertChainChecker *sigChecker = NULL;
1025 PKIX_CertChainChecker *policyChecker = NULL; 1026 PKIX_CertChainChecker *policyChecker = NULL;
1026 PKIX_CertChainChecker *userChecker = NULL; 1027 PKIX_CertChainChecker *userChecker = NULL;
1028 PKIX_CertChainChecker *nameConstraintsChecker = NULL;
1027 PKIX_CertChainChecker *checker = NULL; 1029 PKIX_CertChainChecker *checker = NULL;
1028 PKIX_CertSelector *certSelector = NULL; 1030 PKIX_CertSelector *certSelector = NULL;
1029 PKIX_List *userCheckerExtOIDs = NULL; 1031 PKIX_List *userCheckerExtOIDs = NULL;
1030 PKIX_PL_OID *oid = NULL; 1032 PKIX_PL_OID *oid = NULL;
1031 PKIX_Boolean supportForwardChecking = PKIX_FALSE; 1033 PKIX_Boolean supportForwardChecking = PKIX_FALSE;
1032 PKIX_Boolean policyQualifiersRejected = PKIX_FALSE; 1034 PKIX_Boolean policyQualifiersRejected = PKIX_FALSE;
1033 PKIX_Boolean initialPolicyMappingInhibit = PKIX_FALSE; 1035 PKIX_Boolean initialPolicyMappingInhibit = PKIX_FALSE;
1034 PKIX_Boolean initialAnyPolicyInhibit = PKIX_FALSE; 1036 PKIX_Boolean initialAnyPolicyInhibit = PKIX_FALSE;
1035 PKIX_Boolean initialExplicitPolicy = PKIX_FALSE; 1037 PKIX_Boolean initialExplicitPolicy = PKIX_FALSE;
1036 PKIX_UInt32 numChainCerts; 1038 PKIX_UInt32 numChainCerts;
(...skipping 148 matching lines...) Expand 10 before | Expand all | Expand 10 after
1185 (PKIX_PL_Object *)userChecker, 1187 (PKIX_PL_Object *)userChecker,
1186 plContext), 1188 plContext),
1187 PKIX_LISTAPPENDITEMFAILED); 1189 PKIX_LISTAPPENDITEMFAILED);
1188 } 1190 }
1189 1191
1190 PKIX_DECREF(userCheckerExtOIDs); 1192 PKIX_DECREF(userCheckerExtOIDs);
1191 PKIX_DECREF(userChecker); 1193 PKIX_DECREF(userChecker);
1192 } 1194 }
1193 } 1195 }
1194 1196
1195 /* Inabling post chain building signature check on the certs. */ 1197 /* Enabling post chain building signature check on the certs. */
1196 PKIX_CHECK(PKIX_TrustAnchor_GetTrustedCert 1198 PKIX_CHECK(PKIX_TrustAnchor_GetTrustedCert
1197 (anchor, &trustedCert, plContext), 1199 (anchor, &trustedCert, plContext),
1198 PKIX_TRUSTANCHORGETTRUSTEDCERTFAILED); 1200 PKIX_TRUSTANCHORGETTRUSTEDCERTFAILED);
1199 1201
1200 PKIX_CHECK(PKIX_PL_Cert_GetSubjectPublicKey 1202 PKIX_CHECK(PKIX_PL_Cert_GetSubjectPublicKey
1201 (trustedCert, &trustedPubKey, plContext), 1203 (trustedCert, &trustedPubKey, plContext),
1202 PKIX_CERTGETSUBJECTPUBLICKEYFAILED); 1204 PKIX_CERTGETSUBJECTPUBLICKEYFAILED);
1203 1205
1204 PKIX_CHECK(pkix_SignatureChecker_Initialize 1206 PKIX_CHECK(pkix_SignatureChecker_Initialize
1205 (trustedPubKey, 1207 (trustedPubKey,
1206 numChainCerts, 1208 numChainCerts,
1207 &sigChecker, 1209 &sigChecker,
1208 plContext), 1210 plContext),
1209 PKIX_SIGNATURECHECKERINITIALIZEFAILED); 1211 PKIX_SIGNATURECHECKERINITIALIZEFAILED);
1210 1212
1211 PKIX_CHECK(PKIX_List_AppendItem 1213 PKIX_CHECK(PKIX_List_AppendItem
1212 (checkers, 1214 (checkers,
1213 (PKIX_PL_Object *)sigChecker, 1215 (PKIX_PL_Object *)sigChecker,
1214 plContext), 1216 plContext),
1215 PKIX_LISTAPPENDITEMFAILED); 1217 PKIX_LISTAPPENDITEMFAILED);
1216 1218
1219 /* Enabling post chain building name constraints check on the certs. */
1220 PKIX_CHECK(PKIX_TrustAnchor_GetNameConstraints
1221 (anchor, &trustedNC, plContext),
1222 PKIX_TRUSTANCHORGETNAMECONSTRAINTSFAILED);
1223
1224 PKIX_CHECK(pkix_NameConstraintsChecker_Initialize
1225 (trustedNC, numChainCerts, &nameConstraintsChecker,
1226 plContext),
1227 PKIX_NAMECONSTRAINTSCHECKERINITIALIZEFAILED);
1228
1229 PKIX_CHECK(PKIX_List_AppendItem
1230 (checkers,
1231 (PKIX_PL_Object *)nameConstraintsChecker,
1232 plContext),
1233 PKIX_LISTAPPENDITEMFAILED);
1234
1235
1217 PKIX_DECREF(state->reversedCertChain); 1236 PKIX_DECREF(state->reversedCertChain);
1218 PKIX_INCREF(reversedCertChain); 1237 PKIX_INCREF(reversedCertChain);
1219 state->reversedCertChain = reversedCertChain; 1238 state->reversedCertChain = reversedCertChain;
1220 PKIX_DECREF(state->checkedCritExtOIDs); 1239 PKIX_DECREF(state->checkedCritExtOIDs);
1221 PKIX_INCREF(buildCheckedCritExtOIDsList); 1240 PKIX_INCREF(buildCheckedCritExtOIDsList);
1222 state->checkedCritExtOIDs = buildCheckedCritExtOIDsList; 1241 state->checkedCritExtOIDs = buildCheckedCritExtOIDsList;
1223 PKIX_DECREF(state->checkerChain); 1242 PKIX_DECREF(state->checkerChain);
1224 state->checkerChain = checkers; 1243 state->checkerChain = checkers;
1225 checkers = NULL; 1244 checkers = NULL;
1226 state->certCheckedIndex = 0; 1245 state->certCheckedIndex = 0;
1227 state->checkerIndex = 0; 1246 state->checkerIndex = 0;
1228 state->revChecking = PKIX_FALSE; 1247 state->revChecking = PKIX_FALSE;
1229 1248
1230 1249
1231 cleanup: 1250 cleanup:
1232 1251
1233 PKIX_DECREF(oid); 1252 PKIX_DECREF(oid);
1234 PKIX_DECREF(reversedCertChain); 1253 PKIX_DECREF(reversedCertChain);
1235 PKIX_DECREF(buildCheckedCritExtOIDsList); 1254 PKIX_DECREF(buildCheckedCritExtOIDsList);
1236 PKIX_DECREF(checker); 1255 PKIX_DECREF(checker);
1237 PKIX_DECREF(checkers); 1256 PKIX_DECREF(checkers);
1238 PKIX_DECREF(initialPolicies); 1257 PKIX_DECREF(initialPolicies);
1239 PKIX_DECREF(trustedCert); 1258 PKIX_DECREF(trustedCert);
1240 PKIX_DECREF(trustedPubKey); 1259 PKIX_DECREF(trustedPubKey);
1241 PKIX_DECREF(certSelector); 1260 PKIX_DECREF(certSelector);
1242 PKIX_DECREF(sigChecker); 1261 PKIX_DECREF(sigChecker);
1262 PKIX_DECREF(trustedNC);
1263 PKIX_DECREF(nameConstraintsChecker);
1243 PKIX_DECREF(policyChecker); 1264 PKIX_DECREF(policyChecker);
1244 PKIX_DECREF(userChecker); 1265 PKIX_DECREF(userChecker);
1245 PKIX_DECREF(userCheckerExtOIDs); 1266 PKIX_DECREF(userCheckerExtOIDs);
1246 1267
1247 PKIX_RETURN(BUILD); 1268 PKIX_RETURN(BUILD);
1248 } 1269 }
1249 1270
1250 /* 1271 /*
1251 * FUNCTION: pkix_Build_ValidateEntireChain 1272 * FUNCTION: pkix_Build_ValidateEntireChain
1252 * DESCRIPTION: 1273 * DESCRIPTION:
(...skipping 2573 matching lines...) Expand 10 before | Expand all | Expand 10 after
3826 *pBuildResult = buildResult; 3847 *pBuildResult = buildResult;
3827 buildResult = NULL; 3848 buildResult = NULL;
3828 } 3849 }
3829 3850
3830 cleanup: 3851 cleanup:
3831 PKIX_DECREF(buildResult); 3852 PKIX_DECREF(buildResult);
3832 PKIX_DECREF(state); 3853 PKIX_DECREF(state);
3833 3854
3834 PKIX_RETURN(BUILD); 3855 PKIX_RETURN(BUILD);
3835 } 3856 }
OLDNEW
« no previous file with comments | « nss/lib/certdb/stanpcertdb.c ('k') | nss/lib/nss/nss.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698