mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Fix the case where the subjectID is an issuer/SN. don't build a dbkey in 

this case, return the actual subject cert id after looking up the cert
directly
This commit is contained in:
relyea%netscape.com 2002-01-18 03:36:44 +00:00
Родитель 5ec1498d89
Коммит cfb0db6aa1
1 изменённых файлов: 26 добавлений и 19 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

45
security/nss/lib/pki/pki3hack.c
Просмотреть файл

@ -32,7 +32,7 @@
*/
#ifdef DEBUG
static const char CVS_ID[] = "@(#) $RCSfile: pki3hack.c,v $ $Revision: 1.24 $ $Date: 2002/01/10 15:30:06 $ $Name: $";
static const char CVS_ID[] = "@(#) $RCSfile: pki3hack.c,v $ $Revision: 1.25 $ $Date: 2002/01/18 03:36:44 $ $Name: $";
#endif /* DEBUG */
/*
@ -199,32 +199,39 @@ nss3certificate_getIssuerIdentifier(nssDecodedCert *dc)
CERTAuthKeyID *cAuthKeyID;
PRArenaPool *tmpArena = NULL;
SECItem issuerCertKey;
SECItem *identifier = NULL;
NSSItem *rvID = NULL;
SECStatus secrv;
tmpArena = PORT_NewArena(512);
cAuthKeyID = CERT_FindAuthKeyIDExten(tmpArena, c);
if (cAuthKeyID) {
if (cAuthKeyID->keyID.data) {
identifier = &cAuthKeyID->keyID;
} else if (cAuthKeyID->authCertIssuer) {
SECItem *caName;
caName = (SECItem *)CERT_GetGeneralNameByType(
if (cAuthKeyID == NULL) {
goto done;
}
if (cAuthKeyID->keyID.data) {
rvID = nssItem_Create(NULL, NULL, cAuthKeyID->keyID.len,
cAuthKeyID->keyID.data);
} else if (cAuthKeyID->authCertIssuer) {
SECItem *caName = NULL;
CERTIssuerAndSN issuerSN;
CERTCertificate *issuer = NULL;
caName = (SECItem *)CERT_GetGeneralNameByType(
cAuthKeyID->authCertIssuer,
certDirectoryName, PR_TRUE);
if (caName) {
secrv = CERT_KeyFromIssuerAndSN(tmpArena, caName,
&cAuthKeyID->authCertSerialNumber,
&issuerCertKey);
if (secrv == SECSuccess) {
identifier = &issuerCertKey;
}
}
if (caName == NULL) {
goto done;
}
issuerSN.derIssuer.data = caName->data;
issuerSN.derIssuer.len = caName->len;
issuerSN.serialNumber.data = cAuthKeyID->authCertSerialNumber.data;
issuerSN.serialNumber.len = cAuthKeyID->authCertSerialNumber.len;
issuer = PK11_FindCertByIssuerAndSN(NULL, &issuerSN, NULL);
if (issuer) {
rvID = nssItem_Create(NULL, NULL, issuer->subjectKeyID.len,
issuer->subjectKeyID.data);
CERT_DestroyCertificate(issuer);
}
}
if (identifier) {
rvID = nssItem_Create(NULL, NULL, identifier->len, identifier->data);
}
done:
if (tmpArena) PORT_FreeArena(tmpArena, PR_FALSE);
return rvID;
}