Check USB device path access when prompting users to select a device.
[chromium-blink-merge.git] / net / third_party / nss / ssl / cmpcert.c
blob6d8423822d51579f7aca9f95e4fe016523b85670
1 /*
2 * NSS utility functions
4 * This Source Code Form is subject to the terms of the Mozilla Public
5 * License, v. 2.0. If a copy of the MPL was not distributed with this
6 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
8 #include <stdio.h>
9 #include <string.h>
10 #include "prerror.h"
11 #include "secitem.h"
12 #include "prnetdb.h"
13 #include "cert.h"
14 #include "nspr.h"
15 #include "secder.h"
16 #include "key.h"
17 #include "nss.h"
20 * Look to see if any of the signers in the cert chain for "cert" are found
21 * in the list of caNames.
22 * Returns SECSuccess if so, SECFailure if not.
24 SECStatus
25 NSS_CmpCertChainWCANames(CERTCertificate *cert, CERTDistNames *caNames)
27 SECItem * caname;
28 CERTCertificate * curcert;
29 CERTCertificate * oldcert;
30 PRInt32 contentlen;
31 int j;
32 int headerlen;
33 int depth;
34 SECStatus rv;
35 SECItem issuerName;
36 SECItem compatIssuerName;
38 if (!cert || !caNames || !caNames->nnames || !caNames->names ||
39 !caNames->names->data)
40 return SECFailure;
41 depth=0;
42 curcert = CERT_DupCertificate(cert);
44 while( curcert ) {
45 issuerName = curcert->derIssuer;
47 /* compute an alternate issuer name for compatibility with 2.0
48 * enterprise server, which send the CA names without
49 * the outer layer of DER header
51 rv = DER_Lengths(&issuerName, &headerlen, (PRUint32 *)&contentlen);
52 if ( rv == SECSuccess ) {
53 compatIssuerName.data = &issuerName.data[headerlen];
54 compatIssuerName.len = issuerName.len - headerlen;
55 } else {
56 compatIssuerName.data = NULL;
57 compatIssuerName.len = 0;
60 for (j = 0; j < caNames->nnames; j++) {
61 caname = &caNames->names[j];
62 if (SECITEM_CompareItem(&issuerName, caname) == SECEqual) {
63 rv = SECSuccess;
64 CERT_DestroyCertificate(curcert);
65 goto done;
66 } else if (SECITEM_CompareItem(&compatIssuerName, caname) == SECEqual) {
67 rv = SECSuccess;
68 CERT_DestroyCertificate(curcert);
69 goto done;
72 if ( ( depth <= 20 ) &&
73 ( SECITEM_CompareItem(&curcert->derIssuer, &curcert->derSubject)
74 != SECEqual ) ) {
75 oldcert = curcert;
76 curcert = CERT_FindCertByName(curcert->dbhandle,
77 &curcert->derIssuer);
78 CERT_DestroyCertificate(oldcert);
79 depth++;
80 } else {
81 CERT_DestroyCertificate(curcert);
82 curcert = NULL;
85 rv = SECFailure;
87 done:
88 return rv;