mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-11-28 23:31:56 +00:00
This patch incorporates additional suggestions to 342461 fix from Wan-Teh review.
This commit is contained in:
parent
f2f2471535
commit
87d8b45572
@ -38,7 +38,7 @@
|
||||
* Implementation of OCSP services, for both client and server.
|
||||
* (XXX, really, mostly just for client right now, but intended to do both.)
|
||||
*
|
||||
* $Id: ocsp.c,v 1.33 2007/01/04 20:38:29 alexei.volkov.bugs%sun.com Exp $
|
||||
* $Id: ocsp.c,v 1.34 2007/01/09 23:39:08 alexei.volkov.bugs%sun.com Exp $
|
||||
*/
|
||||
|
||||
#include "prerror.h"
|
||||
@ -1585,6 +1585,16 @@ loser:
|
||||
* is only used internally. When this interface is officially exported,
|
||||
* each assertion below will need to be followed-up with setting an error
|
||||
* and returning (null).
|
||||
*
|
||||
* FUNCTION: ocsp_GetResponseData
|
||||
* Returns ocspResponseData structure and a pointer to tbs response
|
||||
* data DER from a valid ocsp response.
|
||||
* INPUTS:
|
||||
* CERTOCSPResponse *response
|
||||
* structure of a valid ocsp response
|
||||
* RETURN:
|
||||
* Returns a pointer to ocspResponseData structure: decoded OCSP response
|
||||
* data, and a pointer(tbsResponseDataDER) to its undecoded data DER.
|
||||
*/
|
||||
static ocspResponseData *
|
||||
ocsp_GetResponseData(CERTOCSPResponse *response, SECItem **tbsResponseDataDER)
|
||||
@ -1608,6 +1618,8 @@ ocsp_GetResponseData(CERTOCSPResponse *response, SECItem **tbsResponseDataDER)
|
||||
if (tbsResponseDataDER) {
|
||||
*tbsResponseDataDER = &basic->tbsResponseDataDER;
|
||||
}
|
||||
PORT_Assert((*tbsResponseDataDER)->data != NULL);
|
||||
PORT_Assert((*tbsResponseDataDER)->len != 0);
|
||||
|
||||
return responseData;
|
||||
}
|
||||
@ -2560,7 +2572,6 @@ ocsp_CertGetDefaultResponder(CERTCertDBHandle *handle,CERTOCSPCertID *certID);
|
||||
*/
|
||||
static SECStatus
|
||||
ocsp_CheckSignature(ocspSignature *signature, SECItem *encodedTBS,
|
||||
const SEC_ASN1Template *encodeTemplate,
|
||||
CERTCertDBHandle *handle, SECCertUsage certUsage,
|
||||
int64 checkTime, PRBool lookupByName, void *certIndex,
|
||||
void *pwArg, CERTCertificate **pSignerCert,
|
||||
@ -2800,7 +2811,6 @@ CERT_VerifyOCSPResponseSignature(CERTOCSPResponse *response,
|
||||
|
||||
return ocsp_CheckSignature(ocsp_GetResponseSignature(response),
|
||||
tbsResponseDataDER,
|
||||
ocsp_ResponseDataTemplate,
|
||||
handle, certUsageStatusResponder, producedAt,
|
||||
byName, certIndex, pwArg, pSignerCert, issuer);
|
||||
}
|
||||
|
@ -37,7 +37,7 @@
|
||||
/*
|
||||
* Private header defining OCSP types.
|
||||
*
|
||||
* $Id: ocspti.h,v 1.6 2007/01/04 20:38:29 alexei.volkov.bugs%sun.com Exp $
|
||||
* $Id: ocspti.h,v 1.7 2007/01/09 23:39:08 alexei.volkov.bugs%sun.com Exp $
|
||||
*/
|
||||
|
||||
#ifndef _OCSPTI_H_
|
||||
@ -279,9 +279,9 @@ struct ocspResponseBytesStr {
|
||||
* the C data structure here and in some shared code to operate on them.
|
||||
*/
|
||||
struct ocspBasicOCSPResponseStr {
|
||||
SECItem tbsResponseDataDER;
|
||||
ocspResponseData *tbsResponseData; /* "tbs" == To Be Signed */
|
||||
ocspSignature responseSignature;
|
||||
SECItem tbsResponseDataDER;
|
||||
};
|
||||
|
||||
/*
|
||||
|
Loading…
Reference in New Issue
Block a user