From b5e025dea388e7fa1663cd41ee4a97bed4f30b13 Mon Sep 17 00:00:00 2001 From: "wtc%netscape.com" Date: Thu, 19 Dec 2002 00:26:34 +0000 Subject: [PATCH] Bug 183612: renamed some new functions to be consistent with existing function names containing SubjectKey and PublicKey. Moved internal functions to private headers and use the lowercase cert_ prefix for the internal functions for subject key ID mapping hash table. r=nelsonb. --- security/nss/cmd/certutil/certutil.c | 5 ++--- security/nss/lib/certdb/cert.h | 10 +++++----- security/nss/lib/certdb/certdb.c | 16 ++++++++-------- security/nss/lib/certdb/certdb.h | 22 ---------------------- security/nss/lib/certdb/certi.h | 23 ++++++++++++++++++++++- security/nss/lib/certhigh/certvfy.c | 6 +++--- security/nss/lib/nss/nss.def | 4 ++-- security/nss/lib/nss/nssinit.c | 8 ++++---- security/nss/lib/pk11wrap/manifest.mn | 2 ++ security/nss/lib/pk11wrap/pk11cert.c | 5 +++-- security/nss/lib/pk11wrap/pk11init.h | 3 --- security/nss/lib/pk11wrap/pk11sdr.c | 1 - security/nss/lib/pk11wrap/secmod.h | 16 ---------------- security/nss/lib/pk11wrap/secmodi.h | 20 ++++++++++++++++++++ security/nss/lib/smime/cmssiginfo.c | 4 ++-- 15 files changed, 73 insertions(+), 72 deletions(-) diff --git a/security/nss/cmd/certutil/certutil.c b/security/nss/cmd/certutil/certutil.c index 5dc88deb9e63..a78b75db8c77 100644 --- a/security/nss/cmd/certutil/certutil.c +++ b/security/nss/cmd/certutil/certutil.c @@ -243,9 +243,8 @@ GetCertRequest(PRFileDesc *inFile, PRBool ascii) } while (0); if (!rv) { - rv = CERT_VerifySignedDataWithPubKeyInfo(&signedData, - &certReq->subjectPublicKeyInfo, - NULL /* wincx */); + rv = CERT_VerifySignedDataWithPublicKeyInfo(&signedData, + &certReq->subjectPublicKeyInfo, NULL /* wincx */); } if (rv) { diff --git a/security/nss/lib/certdb/cert.h b/security/nss/lib/certdb/cert.h index 5d21146f9814..6c3da0398e73 100644 --- a/security/nss/lib/certdb/cert.h +++ b/security/nss/lib/certdb/cert.h @@ -34,7 +34,7 @@ /* * cert.h - public data structures and prototypes for the certificate library * - * $Id: cert.h,v 1.31 2002/12/17 01:39:36 wtc%netscape.com Exp $ + * $Id: cert.h,v 1.32 2002/12/19 00:26:23 wtc%netscape.com Exp $ */ #ifndef _CERT_H_ @@ -479,7 +479,7 @@ extern CERTCertificate * CERT_FindCertByIssuerAndSN (CERTCertDBHandle *handle, CERTIssuerAndSN *issuerAndSN); extern CERTCertificate * -CERT_FindCertBySubjKeyID (CERTCertDBHandle *handle, SECItem *subjKeyID); +CERT_FindCertBySubjectKeyID (CERTCertDBHandle *handle, SECItem *subjKeyID); /* ** Find a certificate in the database by a nickname @@ -572,9 +572,9 @@ extern SECStatus CERT_VerifySignedData(CERTSignedData *sd, ** verify the signature of a signed data object with the given DER publickey */ extern SECStatus -CERT_VerifySignedDataWithPubKeyInfo(CERTSignedData *sd, - CERTSubjectPublicKeyInfo *pubKeyInfo, - void *wincx); +CERT_VerifySignedDataWithPublicKeyInfo(CERTSignedData *sd, + CERTSubjectPublicKeyInfo *pubKeyInfo, + void *wincx); /* ** verify the signature of a signed data object with a SECKEYPublicKey. diff --git a/security/nss/lib/certdb/certdb.c b/security/nss/lib/certdb/certdb.c index 949d6eb6a06c..8bf3036deb2e 100644 --- a/security/nss/lib/certdb/certdb.c +++ b/security/nss/lib/certdb/certdb.c @@ -34,7 +34,7 @@ /* * Certificate handling code * - * $Id: certdb.c,v 1.48 2002/12/17 01:39:36 wtc%netscape.com Exp $ + * $Id: certdb.c,v 1.49 2002/12/19 00:26:23 wtc%netscape.com Exp $ */ #include "nssilock.h" @@ -2773,7 +2773,7 @@ static PLHashAllocOps cert_AllocOps = { }; SECStatus -CERT_CreateSubjKeyIDHashTable(void) +cert_CreateSubjectKeyIDHashTable(void) { gSubjKeyIDHash = PL_NewHashTable(0, SECITEM_Hash, SECITEM_HashCompare, SECITEM_HashCompare, @@ -2794,7 +2794,7 @@ CERT_CreateSubjKeyIDHashTable(void) } SECStatus -CERT_AddSubjKeyIDMapping(SECItem *subjKeyID, CERTCertificate *cert) +cert_AddSubjectKeyIDMapping(SECItem *subjKeyID, CERTCertificate *cert) { SECItem *newKeyID, *oldVal, *newVal; SECStatus rv = SECFailure; @@ -2835,7 +2835,7 @@ done: } SECStatus -CERT_RemoveSubjKeyIDMapping(SECItem *subjKeyID) +cert_RemoveSubjectKeyIDMapping(SECItem *subjKeyID) { SECStatus rv; if (!gSubjKeyIDLock) @@ -2849,7 +2849,7 @@ CERT_RemoveSubjKeyIDMapping(SECItem *subjKeyID) } SECStatus -CERT_DestroySubjKeyIDHashTable(void) +cert_DestroySubjectKeyIDHashTable(void) { if (gSubjKeyIDHash) { PR_Lock(gSubjKeyIDLock); @@ -2863,7 +2863,7 @@ CERT_DestroySubjKeyIDHashTable(void) } SECItem* -CERT_FindDERCertBySubjKeyID(SECItem *subjKeyID) +cert_FindDERCertBySubjectKeyID(SECItem *subjKeyID) { SECItem *val; @@ -2880,12 +2880,12 @@ CERT_FindDERCertBySubjKeyID(SECItem *subjKeyID) } CERTCertificate* -CERT_FindCertBySubjKeyID(CERTCertDBHandle *handle, SECItem *subjKeyID) +CERT_FindCertBySubjectKeyID(CERTCertDBHandle *handle, SECItem *subjKeyID) { CERTCertificate *cert = NULL; SECItem *derCert; - derCert = CERT_FindDERCertBySubjKeyID(subjKeyID); + derCert = cert_FindDERCertBySubjectKeyID(subjKeyID); if (derCert) { cert = CERT_FindCertByDERCert(handle, derCert); SECITEM_FreeItem(derCert, PR_TRUE); diff --git a/security/nss/lib/certdb/certdb.h b/security/nss/lib/certdb/certdb.h index 2c6cdd9aaea8..7340961c2396 100644 --- a/security/nss/lib/certdb/certdb.h +++ b/security/nss/lib/certdb/certdb.h @@ -154,28 +154,6 @@ SECStatus SEC_CrlReplaceUrl(PCERTSignedCrl *crl,char *url); #endif -/* - * These functions are used to map subjectKeyID extension values to certs. - */ -SECStatus -CERT_CreateSubjKeyIDHashTable(void); - -SECStatus -CERT_AddSubjKeyIDMapping(SECItem *subjKeyID, CERTCertificate *cert); - - -/* - * Call this function to remove an entry from the mapping table. - */ -SECStatus -CERT_RemoveSubjKeyIDMapping(SECItem *subjKeyID); - -SECStatus -CERT_DestroySubjKeyIDHashTable(void); - -SECItem* -CERT_FindDERCertBySubjKeyID(SECItem *subjKeyID); - SEC_END_PROTOS #endif /* _CERTDB_H_ */ diff --git a/security/nss/lib/certdb/certi.h b/security/nss/lib/certdb/certi.h index ec69fd2e1dff..1ea98e36857a 100644 --- a/security/nss/lib/certdb/certi.h +++ b/security/nss/lib/certdb/certi.h @@ -33,7 +33,7 @@ /* * certi.h - private data structures for the certificate library * - * $Id: certi.h,v 1.8 2002/10/23 20:50:51 nelsonb%netscape.com Exp $ + * $Id: certi.h,v 1.9 2002/12/19 00:26:25 wtc%netscape.com Exp $ */ #ifndef _CERTI_H_ #define _CERTI_H_ @@ -188,5 +188,26 @@ SECStatus ShutdownCRLCache(void); */ extern char * cert_GetCertificateEmailAddresses(CERTCertificate *cert); +/* + * These functions are used to map subjectKeyID extension values to certs. + */ +SECStatus +cert_CreateSubjectKeyIDHashTable(void); + +SECStatus +cert_AddSubjectKeyIDMapping(SECItem *subjKeyID, CERTCertificate *cert); + +/* + * Call this function to remove an entry from the mapping table. + */ +SECStatus +cert_RemoveSubjectKeyIDMapping(SECItem *subjKeyID); + +SECStatus +cert_DestroySubjectKeyIDHashTable(void); + +SECItem* +cert_FindDERCertBySubjectKeyID(SECItem *subjKeyID); + #endif /* _CERTI_H_ */ diff --git a/security/nss/lib/certhigh/certvfy.c b/security/nss/lib/certhigh/certvfy.c index 20d45401fff1..2aaad95e89a8 100644 --- a/security/nss/lib/certhigh/certvfy.c +++ b/security/nss/lib/certhigh/certvfy.c @@ -122,9 +122,9 @@ CERT_VerifySignedDataWithPublicKey(CERTSignedData *sd, * verify the signature of a signed data object with the given DER publickey */ SECStatus -CERT_VerifySignedDataWithPubKeyInfo(CERTSignedData *sd, - CERTSubjectPublicKeyInfo *pubKeyInfo, - void *wincx) +CERT_VerifySignedDataWithPublicKeyInfo(CERTSignedData *sd, + CERTSubjectPublicKeyInfo *pubKeyInfo, + void *wincx) { SECKEYPublicKey *pubKey; SECStatus rv = SECFailure; diff --git a/security/nss/lib/nss/nss.def b/security/nss/lib/nss/nss.def index f62c1750b4ce..383416292bd1 100644 --- a/security/nss/lib/nss/nss.def +++ b/security/nss/lib/nss/nss.def @@ -719,12 +719,12 @@ SECKEY_CopyPublicKey; CERT_CRLCacheRefreshIssuer; CERT_DestroyOCSPResponse; CERT_EncodeAltNameExtension; -CERT_FindCertBySubjKeyID; +CERT_FindCertBySubjectKeyID; CERT_FindSubjectKeyIDExtension; CERT_GetFirstEmailAddress; CERT_GetNextEmailAddress; -CERT_VerifySignedDataWithPubKeyInfo; CERT_VerifySignedDataWithPublicKey; +CERT_VerifySignedDataWithPublicKeyInfo; PK11_WaitForTokenEvent; ;+ local: ;+ *; diff --git a/security/nss/lib/nss/nssinit.c b/security/nss/lib/nss/nssinit.c index cc2f2862afad..be3cb7ef43f0 100644 --- a/security/nss/lib/nss/nssinit.c +++ b/security/nss/lib/nss/nssinit.c @@ -32,7 +32,7 @@ * may use your version of this file under either the MPL or the * GPL. * - # $Id: nssinit.c,v 1.58 2002/12/17 01:39:38 wtc%netscape.com Exp $ + # $Id: nssinit.c,v 1.59 2002/12/19 00:26:29 wtc%netscape.com Exp $ */ #include @@ -41,7 +41,6 @@ #include "prprf.h" #include "prmem.h" #include "cert.h" -#include "certdb.h" #include "key.h" #include "ssl.h" #include "sslproto.h" @@ -53,6 +52,7 @@ #include "pki3hack.h" #include "certi.h" +#include "secmodi.h" /* * On Windows nss3.dll needs to export the symbol 'mktemp' to be @@ -477,7 +477,7 @@ loser: } #endif pk11sdr_Init(); - CERT_CreateSubjKeyIDHashTable(); + cert_CreateSubjectKeyIDHashTable(); SECMOD_InitCallOnce(); nss_IsInitted = PR_TRUE; } @@ -548,7 +548,7 @@ NSS_Shutdown(void) ShutdownCRLCache(); SECOID_Shutdown(); STAN_Shutdown(); - CERT_DestroySubjKeyIDHashTable(); + cert_DestroySubjectKeyIDHashTable(); SECMOD_CleanupCallOnce(); rv = SECMOD_Shutdown(); pk11sdr_Shutdown(); diff --git a/security/nss/lib/pk11wrap/manifest.mn b/security/nss/lib/pk11wrap/manifest.mn index 49d7f3b6ebfb..d4abd991736c 100644 --- a/security/nss/lib/pk11wrap/manifest.mn +++ b/security/nss/lib/pk11wrap/manifest.mn @@ -42,6 +42,8 @@ EXPORTS = \ $(NULL) PRIVATE_EXPORTS = \ + secmodi.h \ + secmodti.h \ pk11init.h \ dev3hack.h \ $(NULL) diff --git a/security/nss/lib/pk11wrap/pk11cert.c b/security/nss/lib/pk11wrap/pk11cert.c index d4a192e1f628..ae4164da6bbe 100644 --- a/security/nss/lib/pk11wrap/pk11cert.c +++ b/security/nss/lib/pk11wrap/pk11cert.c @@ -43,6 +43,7 @@ #include "pkcs11.h" #include "pk11func.h" #include "cert.h" +#include "certi.h" #include "secitem.h" #include "key.h" #include "hasht.h" @@ -2154,7 +2155,7 @@ pk11_FindCertObjectByRecipientNew(PK11SlotInfo *slot, NSSCMSRecipient **recipien for (i=0; (ri = recipientlist[i]) != NULL; i++) { CERTCertificate *cert = NULL; if (ri->kind == RLSubjKeyID) { - SECItem *derCert = CERT_FindDERCertBySubjKeyID(ri->id.subjectKeyID); + SECItem *derCert = cert_FindDERCertBySubjectKeyID(ri->id.subjectKeyID); if (derCert) { cert = PK11_FindCertFromDERCertItem(slot, derCert, pwarg); SECITEM_FreeItem(derCert, PR_TRUE); @@ -2359,7 +2360,7 @@ pk11_keyIDHash_populate(void *wincx) if (CERT_FindSubjectKeyIDExtension(node->cert, &subjKeyID) == SECSuccess && subjKeyID.data != NULL) { - CERT_AddSubjKeyIDMapping(&subjKeyID, node->cert); + cert_AddSubjectKeyIDMapping(&subjKeyID, node->cert); SECITEM_FreeItem(&subjKeyID, PR_FALSE); } } diff --git a/security/nss/lib/pk11wrap/pk11init.h b/security/nss/lib/pk11wrap/pk11init.h index cf70f88b183f..ec25cf8bafe0 100644 --- a/security/nss/lib/pk11wrap/pk11init.h +++ b/security/nss/lib/pk11wrap/pk11init.h @@ -49,7 +49,4 @@ struct PK11PreSlotInfoStr { char hasRootTrust; /* is this the root cert PKCS #11 module? */ }; -extern void PK11SDR_Init(void); -extern void PK11SDR_Shutdown(void); - #endif /* _PK11_INIT_H_ 1 */ diff --git a/security/nss/lib/pk11wrap/pk11sdr.c b/security/nss/lib/pk11wrap/pk11sdr.c index faea0d39bb9d..f615e2ae1fc3 100644 --- a/security/nss/lib/pk11wrap/pk11sdr.c +++ b/security/nss/lib/pk11wrap/pk11sdr.c @@ -41,7 +41,6 @@ #include "pkcs11.h" #include "pk11func.h" #include "pk11sdr.h" -#include "pk11init.h" /* * Data structure and template for encoding the result of an SDR operation diff --git a/security/nss/lib/pk11wrap/secmod.h b/security/nss/lib/pk11wrap/secmod.h index 51fabec7572b..fd8037e653e5 100644 --- a/security/nss/lib/pk11wrap/secmod.h +++ b/security/nss/lib/pk11wrap/secmod.h @@ -148,22 +148,6 @@ extern unsigned long SECMOD_InternaltoPubMechFlags(unsigned long internalFlags); extern unsigned long SECMOD_PubCipherFlagstoInternal(unsigned long publicFlags); extern unsigned long SECMOD_InternaltoPubCipherFlags(unsigned long internalFlags); -typedef struct SECMODCallOnceType { - PRIntn initialized; - PRInt32 inProgress; - SECStatus status; -} SECMODCallOnceType; - -typedef SECStatus (PR_CALLBACK *SECMODCallOnceFN)(void *arg); - -extern void SECMOD_InitCallOnce(); - -extern SECStatus SECMOD_CallOnce(SECMODCallOnceType *once, - SECMODCallOnceFN func, - void *arg); - -extern void SECMOD_CleanupCallOnce(); - SEC_END_PROTOS #endif diff --git a/security/nss/lib/pk11wrap/secmodi.h b/security/nss/lib/pk11wrap/secmodi.h index 050f7de4f391..8541b1b6ff11 100644 --- a/security/nss/lib/pk11wrap/secmodi.h +++ b/security/nss/lib/pk11wrap/secmodi.h @@ -107,6 +107,26 @@ SECStatus PK11_CreateNewObject(PK11SlotInfo *slot, CK_SESSION_HANDLE session, SECStatus pbe_PK11AlgidToParam(SECAlgorithmID *algid,SECItem *mech); SECStatus PBE_PK11ParamToAlgid(SECOidTag algTag, SECItem *param, PRArenaPool *arena, SECAlgorithmID *algId); + +extern void pk11sdr_Init(void); +extern void pk11sdr_Shutdown(void); + +typedef struct SECMODCallOnceType { + PRIntn initialized; + PRInt32 inProgress; + SECStatus status; +} SECMODCallOnceType; + +typedef SECStatus (PR_CALLBACK *SECMODCallOnceFN)(void *arg); + +extern void SECMOD_InitCallOnce(); + +extern SECStatus SECMOD_CallOnce(SECMODCallOnceType *once, + SECMODCallOnceFN func, + void *arg); + +extern void SECMOD_CleanupCallOnce(); + SEC_END_PROTOS #endif diff --git a/security/nss/lib/smime/cmssiginfo.c b/security/nss/lib/smime/cmssiginfo.c index 0d124e342f32..94f7a432260b 100644 --- a/security/nss/lib/smime/cmssiginfo.c +++ b/security/nss/lib/smime/cmssiginfo.c @@ -34,7 +34,7 @@ /* * CMS signerInfo methods. * - * $Id: cmssiginfo.c,v 1.16 2002/12/17 02:08:51 wtc%netscape.com Exp $ + * $Id: cmssiginfo.c,v 1.17 2002/12/19 00:26:34 wtc%netscape.com Exp $ */ #include "cmslocal.h" @@ -596,7 +596,7 @@ NSS_CMSSignerInfo_GetSigningCertificate(NSSCMSSignerInfo *signerinfo, CERTCertDB cert = CERT_FindCertByIssuerAndSN(certdb, sid->id.issuerAndSN); break; case NSSCMSSignerID_SubjectKeyID: - cert = CERT_FindCertBySubjKeyID(certdb, sid->id.subjectKeyID); + cert = CERT_FindCertBySubjectKeyID(certdb, sid->id.subjectKeyID); break; default: cert = NULL;