| blob | 2dde1136372416cb09dbcc2ae97bd062202879da |
1 /* ***** BEGIN LICENSE BLOCK *****
2 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
3 *
4 * The contents of this file are subject to the Mozilla Public License Version
5 * 1.1 (the "License"); you may not use this file except in compliance with
6 * the License. You may obtain a copy of the License at
7 * http://www.mozilla.org/MPL/
8 *
9 * Software distributed under the License is distributed on an "AS IS" basis,
10 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
11 * for the specific language governing rights and limitations under the
12 * License.
13 *
14 * The Original Code is the Netscape security libraries.
15 *
16 * The Initial Developer of the Original Code is
17 * Netscape Communications Corporation.
18 * Portions created by the Initial Developer are Copyright (C) 1994-2000
19 * the Initial Developer. All Rights Reserved.
20 *
21 * Contributor(s):
22 *
23 * Alternatively, the contents of this file may be used under the terms of
24 * either the GNU General Public License Version 2 or later (the "GPL"), or
25 * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
26 * in which case the provisions of the GPL or the LGPL are applicable instead
27 * of those above. If you wish to allow use of your version of this file only
28 * under the terms of either the GPL or the LGPL, and not to allow others to
29 * use your version of this file under the terms of the MPL, indicate your
30 * decision by deleting the provisions above and replace them with the notice
31 * and other provisions required by the GPL or the LGPL. If you do not delete
32 * the provisions above, a recipient may use your version of this file under
33 * the terms of any one of the MPL, the GPL or the LGPL.
34 *
35 * ***** END LICENSE BLOCK ***** */
37 /*
38 * Code for dealing with X509.V3 extensions.
39 *
40 * $Id: certv3.c,v 1.9 2006/09/29 20:20:21 alexei.volkov.bugs%sun.com Exp $
41 */
51 SECStatus
54 {
56 }
59 SECStatus
61 {
63 }
65 static void
67 {
72 }
76 {
78 }
80 /* find the given extension in the certificate of the Issuer of 'cert' */
81 SECStatus
83 {
85 SECStatus rv;
93 }
96 }
98 /* find a URL extension in the cert or its CA
99 * apply the base URL string if it exists
100 */
103 {
104 SECStatus rv;
110 PRBool hasbase;
121 }
131 }
134 /* if the cert doesn't have the extensions, see if the issuer does */
138 }
143 }
146 }
153 }
160 }
161 }
168 }
170 /* copy the URL base first */
173 /* if the urlstring has a : in it, then we assume it is an absolute
174 * URL, and will not get the base string pre-pended
175 */
179 }
180 }
185 }
187 nobase:
188 /* copy the rest (or all) of the URL */
195 loser:
198 }
201 done:
204 }
207 }
210 }
213 }
215 /*
216 * get the value of the Netscape Certificate Type Extension
217 */
218 SECStatus
220 {
224 }
227 /*
228 * get the value of a string type extension
229 */
232 {
234 SECStatus rv;
245 }
251 }
258 }
263 }
268 loser:
271 }
275 }
278 }
280 /*
281 * get the value of the X.509 v3 Key Usage Extension
282 */
283 SECStatus
285 {
289 }
291 /*
292 * get the value of the X.509 v3 Key Usage Extension
293 */
294 SECStatus
296 {
298 SECStatus rv;
302 rv = cert_FindExtension
308 SEC_OctetStringTemplate,
312 }
316 }
317 }
320 }
322 SECStatus
325 {
326 SECItem encodedExtenValue;
327 SECStatus rv;
336 }
340 /* free the raw extension data */
345 }
347 CERTAuthKeyID *
349 {
350 SECItem encodedExtenValue;
351 SECStatus rv;
361 }
369 }
371 SECStatus
373 {
374 SECItem keyUsage;
375 SECStatus rv;
377 /* There is no extension, v1 or v2 certificate */
380 }
384 /* This code formerly ignored the Key Usage extension if it was
385 ** marked non-critical. That was wrong. Since we do understand it,
386 ** we are obligated to honor it, whether or not it is critical.
387 */
395 }
398 }