diff options
Diffstat (limited to 'nss/lib/libpkix/pkix')
-rw-r--r-- | nss/lib/libpkix/pkix/certsel/certsel.gyp | 24 | ||||
-rw-r--r-- | nss/lib/libpkix/pkix/certsel/exports.gyp | 26 | ||||
-rw-r--r-- | nss/lib/libpkix/pkix/checker/checker.gyp | 35 | ||||
-rw-r--r-- | nss/lib/libpkix/pkix/checker/exports.gyp | 37 | ||||
-rw-r--r-- | nss/lib/libpkix/pkix/crlsel/crlsel.gyp | 24 | ||||
-rw-r--r-- | nss/lib/libpkix/pkix/crlsel/exports.gyp | 26 | ||||
-rw-r--r-- | nss/lib/libpkix/pkix/params/exports.gyp | 28 | ||||
-rw-r--r-- | nss/lib/libpkix/pkix/params/params.gyp | 26 | ||||
-rw-r--r-- | nss/lib/libpkix/pkix/results/exports.gyp | 28 | ||||
-rw-r--r-- | nss/lib/libpkix/pkix/results/results.gyp | 26 | ||||
-rw-r--r-- | nss/lib/libpkix/pkix/store/exports.gyp | 25 | ||||
-rw-r--r-- | nss/lib/libpkix/pkix/store/store.gyp | 23 | ||||
-rw-r--r-- | nss/lib/libpkix/pkix/top/exports.gyp | 27 | ||||
-rwxr-xr-x | nss/lib/libpkix/pkix/top/pkix_build.c | 12 | ||||
-rw-r--r-- | nss/lib/libpkix/pkix/top/top.gyp | 25 | ||||
-rw-r--r-- | nss/lib/libpkix/pkix/util/exports.gyp | 28 | ||||
-rwxr-xr-x | nss/lib/libpkix/pkix/util/pkix_tools.h | 4 | ||||
-rw-r--r-- | nss/lib/libpkix/pkix/util/util.gyp | 27 |
18 files changed, 449 insertions, 2 deletions
diff --git a/nss/lib/libpkix/pkix/certsel/certsel.gyp b/nss/lib/libpkix/pkix/certsel/certsel.gyp new file mode 100644 index 0000000..a7ff65c --- /dev/null +++ b/nss/lib/libpkix/pkix/certsel/certsel.gyp @@ -0,0 +1,24 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. +{ + 'includes': [ + '../../../../coreconf/config.gypi' + ], + 'targets': [ + { + 'target_name': 'pkixcertsel', + 'type': 'static_library', + 'sources': [ + 'pkix_certselector.c', + 'pkix_comcertselparams.c' + ], + 'dependencies': [ + '<(DEPTH)/exports.gyp:nss_exports' + ] + } + ], + 'variables': { + 'module': 'nss' + } +}
\ No newline at end of file diff --git a/nss/lib/libpkix/pkix/certsel/exports.gyp b/nss/lib/libpkix/pkix/certsel/exports.gyp new file mode 100644 index 0000000..9cbd847 --- /dev/null +++ b/nss/lib/libpkix/pkix/certsel/exports.gyp @@ -0,0 +1,26 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. +{ + 'includes': [ + '../../../../coreconf/config.gypi' + ], + 'targets': [ + { + 'target_name': 'lib_libpkix_pkix_certsel_exports', + 'type': 'none', + 'copies': [ + { + 'files': [ + 'pkix_certselector.h', + 'pkix_comcertselparams.h' + ], + 'destination': '<(nss_private_dist_dir)/<(module)' + } + ] + } + ], + 'variables': { + 'module': 'nss' + } +} diff --git a/nss/lib/libpkix/pkix/checker/checker.gyp b/nss/lib/libpkix/pkix/checker/checker.gyp new file mode 100644 index 0000000..ac260fc --- /dev/null +++ b/nss/lib/libpkix/pkix/checker/checker.gyp @@ -0,0 +1,35 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. +{ + 'includes': [ + '../../../../coreconf/config.gypi' + ], + 'targets': [ + { + 'target_name': 'pkixchecker', + 'type': 'static_library', + 'sources': [ + 'pkix_basicconstraintschecker.c', + 'pkix_certchainchecker.c', + 'pkix_crlchecker.c', + 'pkix_ekuchecker.c', + 'pkix_expirationchecker.c', + 'pkix_namechainingchecker.c', + 'pkix_nameconstraintschecker.c', + 'pkix_ocspchecker.c', + 'pkix_policychecker.c', + 'pkix_revocationchecker.c', + 'pkix_revocationmethod.c', + 'pkix_signaturechecker.c', + 'pkix_targetcertchecker.c' + ], + 'dependencies': [ + '<(DEPTH)/exports.gyp:nss_exports' + ] + } + ], + 'variables': { + 'module': 'nss' + } +}
\ No newline at end of file diff --git a/nss/lib/libpkix/pkix/checker/exports.gyp b/nss/lib/libpkix/pkix/checker/exports.gyp new file mode 100644 index 0000000..4bd68b3 --- /dev/null +++ b/nss/lib/libpkix/pkix/checker/exports.gyp @@ -0,0 +1,37 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. +{ + 'includes': [ + '../../../../coreconf/config.gypi' + ], + 'targets': [ + { + 'target_name': 'lib_libpkix_pkix_checker_exports', + 'type': 'none', + 'copies': [ + { + 'files': [ + 'pkix_basicconstraintschecker.h', + 'pkix_certchainchecker.h', + 'pkix_crlchecker.h', + 'pkix_ekuchecker.h', + 'pkix_expirationchecker.h', + 'pkix_namechainingchecker.h', + 'pkix_nameconstraintschecker.h', + 'pkix_ocspchecker.h', + 'pkix_policychecker.h', + 'pkix_revocationchecker.h', + 'pkix_revocationmethod.h', + 'pkix_signaturechecker.h', + 'pkix_targetcertchecker.h' + ], + 'destination': '<(nss_private_dist_dir)/<(module)' + } + ] + } + ], + 'variables': { + 'module': 'nss' + } +} diff --git a/nss/lib/libpkix/pkix/crlsel/crlsel.gyp b/nss/lib/libpkix/pkix/crlsel/crlsel.gyp new file mode 100644 index 0000000..894569e --- /dev/null +++ b/nss/lib/libpkix/pkix/crlsel/crlsel.gyp @@ -0,0 +1,24 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. +{ + 'includes': [ + '../../../../coreconf/config.gypi' + ], + 'targets': [ + { + 'target_name': 'pkixcrlsel', + 'type': 'static_library', + 'sources': [ + 'pkix_comcrlselparams.c', + 'pkix_crlselector.c' + ], + 'dependencies': [ + '<(DEPTH)/exports.gyp:nss_exports' + ] + } + ], + 'variables': { + 'module': 'nss' + } +}
\ No newline at end of file diff --git a/nss/lib/libpkix/pkix/crlsel/exports.gyp b/nss/lib/libpkix/pkix/crlsel/exports.gyp new file mode 100644 index 0000000..a7001ff --- /dev/null +++ b/nss/lib/libpkix/pkix/crlsel/exports.gyp @@ -0,0 +1,26 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. +{ + 'includes': [ + '../../../../coreconf/config.gypi' + ], + 'targets': [ + { + 'target_name': 'lib_libpkix_pkix_crlsel_exports', + 'type': 'none', + 'copies': [ + { + 'files': [ + 'pkix_comcrlselparams.h', + 'pkix_crlselector.h' + ], + 'destination': '<(nss_private_dist_dir)/<(module)' + } + ] + } + ], + 'variables': { + 'module': 'nss' + } +} diff --git a/nss/lib/libpkix/pkix/params/exports.gyp b/nss/lib/libpkix/pkix/params/exports.gyp new file mode 100644 index 0000000..921f2ce --- /dev/null +++ b/nss/lib/libpkix/pkix/params/exports.gyp @@ -0,0 +1,28 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. +{ + 'includes': [ + '../../../../coreconf/config.gypi' + ], + 'targets': [ + { + 'target_name': 'lib_libpkix_pkix_params_exports', + 'type': 'none', + 'copies': [ + { + 'files': [ + 'pkix_procparams.h', + 'pkix_resourcelimits.h', + 'pkix_trustanchor.h', + 'pkix_valparams.h' + ], + 'destination': '<(nss_private_dist_dir)/<(module)' + } + ] + } + ], + 'variables': { + 'module': 'nss' + } +} diff --git a/nss/lib/libpkix/pkix/params/params.gyp b/nss/lib/libpkix/pkix/params/params.gyp new file mode 100644 index 0000000..a1463c4 --- /dev/null +++ b/nss/lib/libpkix/pkix/params/params.gyp @@ -0,0 +1,26 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. +{ + 'includes': [ + '../../../../coreconf/config.gypi' + ], + 'targets': [ + { + 'target_name': 'pkixparams', + 'type': 'static_library', + 'sources': [ + 'pkix_procparams.c', + 'pkix_resourcelimits.c', + 'pkix_trustanchor.c', + 'pkix_valparams.c' + ], + 'dependencies': [ + '<(DEPTH)/exports.gyp:nss_exports' + ] + } + ], + 'variables': { + 'module': 'nss' + } +}
\ No newline at end of file diff --git a/nss/lib/libpkix/pkix/results/exports.gyp b/nss/lib/libpkix/pkix/results/exports.gyp new file mode 100644 index 0000000..dfff689 --- /dev/null +++ b/nss/lib/libpkix/pkix/results/exports.gyp @@ -0,0 +1,28 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. +{ + 'includes': [ + '../../../../coreconf/config.gypi' + ], + 'targets': [ + { + 'target_name': 'lib_libpkix_pkix_results_exports', + 'type': 'none', + 'copies': [ + { + 'files': [ + 'pkix_buildresult.h', + 'pkix_policynode.h', + 'pkix_valresult.h', + 'pkix_verifynode.h' + ], + 'destination': '<(nss_private_dist_dir)/<(module)' + } + ] + } + ], + 'variables': { + 'module': 'nss' + } +} diff --git a/nss/lib/libpkix/pkix/results/results.gyp b/nss/lib/libpkix/pkix/results/results.gyp new file mode 100644 index 0000000..962fdb9 --- /dev/null +++ b/nss/lib/libpkix/pkix/results/results.gyp @@ -0,0 +1,26 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. +{ + 'includes': [ + '../../../../coreconf/config.gypi' + ], + 'targets': [ + { + 'target_name': 'pkixresults', + 'type': 'static_library', + 'sources': [ + 'pkix_buildresult.c', + 'pkix_policynode.c', + 'pkix_valresult.c', + 'pkix_verifynode.c' + ], + 'dependencies': [ + '<(DEPTH)/exports.gyp:nss_exports' + ] + } + ], + 'variables': { + 'module': 'nss' + } +}
\ No newline at end of file diff --git a/nss/lib/libpkix/pkix/store/exports.gyp b/nss/lib/libpkix/pkix/store/exports.gyp new file mode 100644 index 0000000..52f13f5 --- /dev/null +++ b/nss/lib/libpkix/pkix/store/exports.gyp @@ -0,0 +1,25 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. +{ + 'includes': [ + '../../../../coreconf/config.gypi' + ], + 'targets': [ + { + 'target_name': 'lib_libpkix_pkix_store_exports', + 'type': 'none', + 'copies': [ + { + 'files': [ + 'pkix_store.h' + ], + 'destination': '<(nss_private_dist_dir)/<(module)' + } + ] + } + ], + 'variables': { + 'module': 'nss' + } +} diff --git a/nss/lib/libpkix/pkix/store/store.gyp b/nss/lib/libpkix/pkix/store/store.gyp new file mode 100644 index 0000000..43aa177 --- /dev/null +++ b/nss/lib/libpkix/pkix/store/store.gyp @@ -0,0 +1,23 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. +{ + 'includes': [ + '../../../../coreconf/config.gypi' + ], + 'targets': [ + { + 'target_name': 'pkixstore', + 'type': 'static_library', + 'sources': [ + 'pkix_store.c' + ], + 'dependencies': [ + '<(DEPTH)/exports.gyp:nss_exports' + ] + } + ], + 'variables': { + 'module': 'nss' + } +}
\ No newline at end of file diff --git a/nss/lib/libpkix/pkix/top/exports.gyp b/nss/lib/libpkix/pkix/top/exports.gyp new file mode 100644 index 0000000..d41f2b5 --- /dev/null +++ b/nss/lib/libpkix/pkix/top/exports.gyp @@ -0,0 +1,27 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. +{ + 'includes': [ + '../../../../coreconf/config.gypi' + ], + 'targets': [ + { + 'target_name': 'lib_libpkix_pkix_top_exports', + 'type': 'none', + 'copies': [ + { + 'files': [ + 'pkix_build.h', + 'pkix_lifecycle.h', + 'pkix_validate.h' + ], + 'destination': '<(nss_private_dist_dir)/<(module)' + } + ] + } + ], + 'variables': { + 'module': 'nss' + } +} diff --git a/nss/lib/libpkix/pkix/top/pkix_build.c b/nss/lib/libpkix/pkix/top/pkix_build.c index 9451578..0c87ba3 100755 --- a/nss/lib/libpkix/pkix/top/pkix_build.c +++ b/nss/lib/libpkix/pkix/top/pkix_build.c @@ -1943,6 +1943,10 @@ pkix_PrepareForwardBuilderStateForAIA( state->status = BUILD_TRYAIA; } +extern SECStatus +isIssuerCertAllowedAtCertIssuanceTime(CERTCertificate *issuerCert, + CERTCertificate *referenceCert); + /* * FUNCTION: pkix_BuildForwardDepthFirstSearch * DESCRIPTION: @@ -2057,6 +2061,7 @@ pkix_BuildForwardDepthFirstSearch( PKIX_ComCertSelParams *certSelParams = NULL; PKIX_TrustAnchor *trustAnchor = NULL; PKIX_PL_Cert *trustedCert = NULL; + PKIX_PL_Cert *targetCert = NULL; PKIX_VerifyNode *verifyNode = NULL; PKIX_Error *verifyError = NULL; PKIX_Error *finalError = NULL; @@ -2072,6 +2077,7 @@ pkix_BuildForwardDepthFirstSearch( validityDate = state->validityDate; canBeCached = state->canBeCached; PKIX_DECREF(*pValResult); + targetCert = state->buildConstants.targetCert; /* * We return if successful; if we fall off the end @@ -2354,6 +2360,12 @@ pkix_BuildForwardDepthFirstSearch( plContext), PKIX_LISTGETITEMFAILED); + if (isIssuerCertAllowedAtCertIssuanceTime( + state->candidateCert->nssCert, targetCert->nssCert) + != SECSuccess) { + PKIX_ERROR(PKIX_CERTISBLACKLISTEDATISSUANCETIME); + } + if ((state->verifyNode) != NULL) { PKIX_CHECK_FATAL(pkix_VerifyNode_Create (state->candidateCert, diff --git a/nss/lib/libpkix/pkix/top/top.gyp b/nss/lib/libpkix/pkix/top/top.gyp new file mode 100644 index 0000000..fb1b08e --- /dev/null +++ b/nss/lib/libpkix/pkix/top/top.gyp @@ -0,0 +1,25 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. +{ + 'includes': [ + '../../../../coreconf/config.gypi' + ], + 'targets': [ + { + 'target_name': 'pkixtop', + 'type': 'static_library', + 'sources': [ + 'pkix_build.c', + 'pkix_lifecycle.c', + 'pkix_validate.c' + ], + 'dependencies': [ + '<(DEPTH)/exports.gyp:nss_exports' + ] + } + ], + 'variables': { + 'module': 'nss' + } +}
\ No newline at end of file diff --git a/nss/lib/libpkix/pkix/util/exports.gyp b/nss/lib/libpkix/pkix/util/exports.gyp new file mode 100644 index 0000000..8318c6c --- /dev/null +++ b/nss/lib/libpkix/pkix/util/exports.gyp @@ -0,0 +1,28 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. +{ + 'includes': [ + '../../../../coreconf/config.gypi' + ], + 'targets': [ + { + 'target_name': 'lib_libpkix_pkix_util_exports', + 'type': 'none', + 'copies': [ + { + 'files': [ + 'pkix_error.h', + 'pkix_list.h', + 'pkix_logger.h', + 'pkix_tools.h' + ], + 'destination': '<(nss_private_dist_dir)/<(module)' + } + ] + } + ], + 'variables': { + 'module': 'nss' + } +} diff --git a/nss/lib/libpkix/pkix/util/pkix_tools.h b/nss/lib/libpkix/pkix/util/pkix_tools.h index 1a4689d..5a8ef27 100755 --- a/nss/lib/libpkix/pkix/util/pkix_tools.h +++ b/nss/lib/libpkix/pkix/util/pkix_tools.h @@ -1458,8 +1458,8 @@ extern const char *PKIX_ERRORCLASSNAMES[PKIX_NUMERRORCLASSES]; extern PRLogModuleInfo *pkixLog; -#define PKIX_MAGIC_HEADER LL_INIT(0xFEEDC0FF, 0xEEFACADE) -#define PKIX_MAGIC_HEADER_DESTROYED LL_INIT(0xBAADF00D, 0xDEADBEEF) +#define PKIX_MAGIC_HEADER PR_UINT64(0xFEEDC0FFEEFACADE) +#define PKIX_MAGIC_HEADER_DESTROYED PR_UINT64(0xBAADF00DDEADBEEF) /* see source file for function documentation */ diff --git a/nss/lib/libpkix/pkix/util/util.gyp b/nss/lib/libpkix/pkix/util/util.gyp new file mode 100644 index 0000000..078852f --- /dev/null +++ b/nss/lib/libpkix/pkix/util/util.gyp @@ -0,0 +1,27 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. +{ + 'includes': [ + '../../../../coreconf/config.gypi' + ], + 'targets': [ + { + 'target_name': 'pkixutil', + 'type': 'static_library', + 'sources': [ + 'pkix_error.c', + 'pkix_errpaths.c', + 'pkix_list.c', + 'pkix_logger.c', + 'pkix_tools.c' + ], + 'dependencies': [ + '<(DEPTH)/exports.gyp:nss_exports' + ] + } + ], + 'variables': { + 'module': 'nss' + } +}
\ No newline at end of file |