зеркало из https://github.com/mozilla/pjs.git
Import base64 encoded certificate files with old MAC line endings.
Bug 221272. sr=wtc.
This commit is contained in:
Родитель
b32885f9d9
Коммит
1e6e264133
|
@ -2953,6 +2953,7 @@ secuCommandFlag certutil_options[] =
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* -A -E or -S Add the cert to the DB */
|
||||||
if (certutil.commands[cmd_CreateAndAddCert].activated ||
|
if (certutil.commands[cmd_CreateAndAddCert].activated ||
|
||||||
certutil.commands[cmd_AddCert].activated ||
|
certutil.commands[cmd_AddCert].activated ||
|
||||||
certutil.commands[cmd_AddEmailCert].activated) {
|
certutil.commands[cmd_AddEmailCert].activated) {
|
||||||
|
|
|
@ -657,10 +657,10 @@ SECStatus
|
||||||
SECU_ReadDERFromFile(SECItem *der, PRFileDesc *inFile, PRBool ascii)
|
SECU_ReadDERFromFile(SECItem *der, PRFileDesc *inFile, PRBool ascii)
|
||||||
{
|
{
|
||||||
SECStatus rv;
|
SECStatus rv;
|
||||||
char *asc, *body, *trailer;
|
|
||||||
if (ascii) {
|
if (ascii) {
|
||||||
/* First convert ascii to binary */
|
/* First convert ascii to binary */
|
||||||
SECItem filedata;
|
SECItem filedata;
|
||||||
|
char *asc, *body;
|
||||||
|
|
||||||
/* Read in ascii data */
|
/* Read in ascii data */
|
||||||
rv = SECU_FileToItem(&filedata, inFile);
|
rv = SECU_FileToItem(&filedata, inFile);
|
||||||
|
@ -672,8 +672,13 @@ SECU_ReadDERFromFile(SECItem *der, PRFileDesc *inFile, PRBool ascii)
|
||||||
|
|
||||||
/* check for headers and trailers and remove them */
|
/* check for headers and trailers and remove them */
|
||||||
if ((body = strstr(asc, "-----BEGIN")) != NULL) {
|
if ((body = strstr(asc, "-----BEGIN")) != NULL) {
|
||||||
body = PORT_Strchr(body, '\n') + 1;
|
char *trailer = NULL;
|
||||||
trailer = strstr(body, "-----END");
|
asc = body;
|
||||||
|
body = PORT_Strchr(body, '\n');
|
||||||
|
if (!body)
|
||||||
|
body = PORT_Strchr(asc, '\r'); /* maybe this is a MAC file */
|
||||||
|
if (body)
|
||||||
|
trailer = strstr(++body, "-----END");
|
||||||
if (trailer != NULL) {
|
if (trailer != NULL) {
|
||||||
*trailer = '\0';
|
*trailer = '\0';
|
||||||
} else {
|
} else {
|
||||||
|
|
|
@ -294,27 +294,22 @@ CERT_DecodeCertPackage(char *certbuf,
|
||||||
void *arg)
|
void *arg)
|
||||||
{
|
{
|
||||||
unsigned char *cp;
|
unsigned char *cp;
|
||||||
int seqLen, seqLenLen;
|
unsigned char *bincert = NULL;
|
||||||
int cl;
|
char * ascCert = NULL;
|
||||||
unsigned char *bincert = NULL, *certbegin = NULL, *certend = NULL;
|
|
||||||
unsigned int binLen;
|
|
||||||
char *ascCert = NULL;
|
|
||||||
int asciilen;
|
|
||||||
CERTCertificate *cert;
|
|
||||||
SECItem certitem, oiditem;
|
|
||||||
SECStatus rv;
|
SECStatus rv;
|
||||||
SECOidData *oiddata;
|
|
||||||
SECItem *pcertitem = &certitem;
|
|
||||||
|
|
||||||
if ( certbuf == NULL ) {
|
if ( certbuf == NULL ) {
|
||||||
return(SECFailure);
|
return(SECFailure);
|
||||||
}
|
}
|
||||||
|
|
||||||
cert = 0;
|
|
||||||
cp = (unsigned char *)certbuf;
|
cp = (unsigned char *)certbuf;
|
||||||
|
|
||||||
/* is a DER encoded certificate of some type? */
|
/* is a DER encoded certificate of some type? */
|
||||||
if ( ( *cp & 0x1f ) == SEC_ASN1_SEQUENCE ) {
|
if ( ( *cp & 0x1f ) == SEC_ASN1_SEQUENCE ) {
|
||||||
|
SECItem certitem;
|
||||||
|
SECItem *pcertitem = &certitem;
|
||||||
|
int seqLen, seqLenLen;
|
||||||
|
|
||||||
cp++;
|
cp++;
|
||||||
|
|
||||||
if ( *cp & 0x80) {
|
if ( *cp & 0x80) {
|
||||||
|
@ -370,6 +365,8 @@ CERT_DecodeCertPackage(char *certbuf,
|
||||||
|
|
||||||
return(rv);
|
return(rv);
|
||||||
} else if ( cp[0] == SEC_ASN1_OBJECT_ID ) {
|
} else if ( cp[0] == SEC_ASN1_OBJECT_ID ) {
|
||||||
|
SECOidData *oiddata;
|
||||||
|
SECItem oiditem;
|
||||||
/* XXX - assume DER encoding of OID len!! */
|
/* XXX - assume DER encoding of OID len!! */
|
||||||
oiditem.len = cp[1];
|
oiditem.len = cp[1];
|
||||||
oiditem.data = (unsigned char *)&cp[2];
|
oiditem.data = (unsigned char *)&cp[2];
|
||||||
|
@ -404,10 +401,32 @@ CERT_DecodeCertPackage(char *certbuf,
|
||||||
|
|
||||||
/* now look for a netscape base64 ascii encoded cert */
|
/* now look for a netscape base64 ascii encoded cert */
|
||||||
notder:
|
notder:
|
||||||
cp = (unsigned char *)certbuf;
|
{
|
||||||
|
unsigned char *certbegin = NULL;
|
||||||
|
unsigned char *certend = NULL;
|
||||||
|
char *pc;
|
||||||
|
int cl;
|
||||||
|
|
||||||
|
/* Convert the ASCII data into a nul-terminated string */
|
||||||
|
ascCert = (char *)PORT_Alloc(certlen + 1);
|
||||||
|
if (!ascCert) {
|
||||||
|
rv = SECFailure;
|
||||||
|
goto loser;
|
||||||
|
}
|
||||||
|
|
||||||
|
PORT_Memcpy(ascCert, certbuf, certlen);
|
||||||
|
ascCert[certlen] = '\0';
|
||||||
|
|
||||||
|
pc = PORT_Strchr(ascCert, '\n'); /* find an EOL */
|
||||||
|
if (!pc) { /* maybe this is a MAC file */
|
||||||
|
pc = ascCert;
|
||||||
|
while (*pc && NULL != (pc = PORT_Strchr(pc, '\r'))) {
|
||||||
|
*pc++ = '\n';
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
cp = (unsigned char *)ascCert;
|
||||||
cl = certlen;
|
cl = certlen;
|
||||||
certbegin = 0;
|
|
||||||
certend = 0;
|
|
||||||
|
|
||||||
/* find the beginning marker */
|
/* find the beginning marker */
|
||||||
while ( cl > sizeof(NS_CERT_HEADER) ) {
|
while ( cl > sizeof(NS_CERT_HEADER) ) {
|
||||||
|
@ -432,7 +451,6 @@ notder:
|
||||||
}
|
}
|
||||||
|
|
||||||
if ( certbegin ) {
|
if ( certbegin ) {
|
||||||
|
|
||||||
/* find the ending marker */
|
/* find the ending marker */
|
||||||
while ( cl > sizeof(NS_CERT_TRAILER) ) {
|
while ( cl > sizeof(NS_CERT_TRAILER) ) {
|
||||||
if ( !PORT_Strncasecmp((char *)cp, NS_CERT_TRAILER,
|
if ( !PORT_Strncasecmp((char *)cp, NS_CERT_TRAILER,
|
||||||
|
@ -456,20 +474,11 @@ notder:
|
||||||
}
|
}
|
||||||
|
|
||||||
if ( certbegin && certend ) {
|
if ( certbegin && certend ) {
|
||||||
|
unsigned int binLen;
|
||||||
|
|
||||||
/* Convert the ASCII data into a nul-terminated string */
|
*certend = 0;
|
||||||
asciilen = certend - certbegin;
|
|
||||||
ascCert = (char *)PORT_Alloc(asciilen+1);
|
|
||||||
if (!ascCert) {
|
|
||||||
rv = SECFailure;
|
|
||||||
goto loser;
|
|
||||||
}
|
|
||||||
|
|
||||||
PORT_Memcpy(ascCert, certbegin, asciilen);
|
|
||||||
ascCert[asciilen] = '\0';
|
|
||||||
|
|
||||||
/* convert to binary */
|
/* convert to binary */
|
||||||
bincert = ATOB_AsciiToData(ascCert, &binLen);
|
bincert = ATOB_AsciiToData(certbegin, &binLen);
|
||||||
if (!bincert) {
|
if (!bincert) {
|
||||||
rv = SECFailure;
|
rv = SECFailure;
|
||||||
goto loser;
|
goto loser;
|
||||||
|
@ -481,6 +490,7 @@ notder:
|
||||||
} else {
|
} else {
|
||||||
rv = SECFailure;
|
rv = SECFailure;
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
loser:
|
loser:
|
||||||
|
|
||||||
|
|
Загрузка…
Ссылка в новой задаче