Mercurial > mozilla-central / changeset / 7176ac3db029ec2b533736d31fe253989574b341
summary | shortlog | changelog | pushlog | graph | tags | bookmarks | branches | files | changeset | raw | zip | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
bug 1007962 - CreateEncodedCertificate should take a SECItem as its serialNumber argument r=mmc
authorDavid Keeler <dkeeler@mozilla.com>
Thu, 08 May 2014 15:33:38 -0700
changeset 182470 7176ac3db029ec2b533736d31fe253989574b341
parent 182469 7a515c1d5a21162e24b17b8d418539603597bbab
child 182471 e9cfc11a722d6103570ec24161ec45101359b057
push id26764
push usercbook@mozilla.com
push dateMon, 12 May 2014 11:35:17 +0000
treeherdermozilla-central@a64ed5aba131 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersmmc
bugs1007962
milestone32.0a1
first release with
nightly linux32
4b6d63b05a0a / 32.0a1 / 20140513030201 / files
nightly linux64
4b6d63b05a0a / 32.0a1 / 20140513030201 / files
nightly mac
4b6d63b05a0a / 32.0a1 / 20140513030201 / files
nightly win32
4b6d63b05a0a / 32.0a1 / 20140513030201 / files
nightly win64
4b6d63b05a0a / 32.0a1 / 20140513030201 / files
last release without
nightly linux32
cf89b5d018f8 / 32.0a1 / 20140509030227 / files
nightly linux64
cf89b5d018f8 / 32.0a1 / 20140509030227 / files
nightly mac
cf89b5d018f8 / 32.0a1 / 20140509030227 / files
nightly win32
cf89b5d018f8 / 32.0a1 / 20140509030227 / files
nightly win64
cf89b5d018f8 / 32.0a1 / 20140509030227 / files
bug 1007962 - CreateEncodedCertificate should take a SECItem as its serialNumber argument r=mmc
security/pkix/test/lib/pkixtestutil.cpp file | annotate | diff | comparison | revisions
security/pkix/test/lib/pkixtestutil.h file | annotate | diff | comparison | revisions 
--- a/security/pkix/test/lib/pkixtestutil.cpp
+++ b/security/pkix/test/lib/pkixtestutil.cpp
@@ -606,29 +606,29 @@ GenerateKeyPair(/*out*/ ScopedSECKEYPubl
   return SECSuccess;
 }
 
 
 ///////////////////////////////////////////////////////////////////////////////
 // Certificates
 
 static SECItem* TBSCertificate(PLArenaPool* arena, long version,
-                               long serialNumber, SECOidTag signature,
+                               SECItem* serialNumber, SECOidTag signature,
                                const SECItem* issuer, PRTime notBefore,
                                PRTime notAfter, const SECItem* subject,
                                const SECKEYPublicKey* subjectPublicKey,
                                /*optional*/ SECItem const* const* extensions);
 
 // Certificate  ::=  SEQUENCE  {
 //         tbsCertificate       TBSCertificate,
 //         signatureAlgorithm   AlgorithmIdentifier,
 //         signatureValue       BIT STRING  }
 SECItem*
 CreateEncodedCertificate(PLArenaPool* arena, long version,
-                         SECOidTag signature, long serialNumber,
+                         SECOidTag signature, SECItem* serialNumber,
                          const SECItem* issuerNameDER, PRTime notBefore,
                          PRTime notAfter, const SECItem* subjectNameDER,
                          /*optional*/ SECItem const* const* extensions,
                          /*optional*/ SECKEYPrivateKey* issuerPrivateKey,
                          SECOidTag signatureHashAlg,
                          /*out*/ ScopedSECKEYPrivateKey& privateKey)
 {
   PR_ASSERT(arena);
@@ -669,17 +669,17 @@ CreateEncodedCertificate(PLArenaPool* ar
 //      issuerUniqueID  [1]  IMPLICIT UniqueIdentifier OPTIONAL,
 //                           -- If present, version MUST be v2 or v3
 //      subjectUniqueID [2]  IMPLICIT UniqueIdentifier OPTIONAL,
 //                           -- If present, version MUST be v2 or v3
 //      extensions      [3]  Extensions OPTIONAL
 //                           -- If present, version MUST be v3 --  }
 static SECItem*
 TBSCertificate(PLArenaPool* arena, long versionValue,
-               long serialNumberValue, SECOidTag signatureOidTag,
+               SECItem* serialNumber, SECOidTag signatureOidTag,
                const SECItem* issuer, PRTime notBeforeTime,
                PRTime notAfterTime, const SECItem* subject,
                const SECKEYPublicKey* subjectPublicKey,
                /*optional*/ SECItem const* const* extensions)
 {
   PR_ASSERT(arena);
   PR_ASSERT(issuer);
   PR_ASSERT(subject);
@@ -702,20 +702,16 @@ TBSCertificate(PLArenaPool* arena, long 
     if (!version) {
       return nullptr;
     }
     if (output.Add(version) != der::Success) {
       return nullptr;
     }
   }
 
-  SECItem* serialNumber(Integer(arena, serialNumberValue));
-  if (!serialNumber) {
-    return nullptr;
-  }
   if (output.Add(serialNumber) != der::Success) {
     return nullptr;
   }
 
   SECItem* signature(AlgorithmIdentifier(arena, signatureOidTag));
   if (!signature) {
     return nullptr;
   }
--- a/security/pkix/test/lib/pkixtestutil.h
+++ b/security/pkix/test/lib/pkixtestutil.h
@@ -55,28 +55,30 @@ extern const PRTime ONE_DAY;
 SECStatus GenerateKeyPair(/*out*/ ScopedSECKEYPublicKey& publicKey,
                           /*out*/ ScopedSECKEYPrivateKey& privateKey);
 
 ///////////////////////////////////////////////////////////////////////////////
 // Encode Certificates
 
 enum Version { v1 = 0, v2 = 1, v3 = 2 };
 
+// serialNumber is assumed to be the DER encoding of an INTEGER.
+//
 // If extensions is null, then no extensions will be encoded. Otherwise,
 // extensions must point to a null-terminated array of SECItem*. If the first
 // item of the array is null then an empty Extensions sequence will be encoded.
 //
 // If issuerPrivateKey is null, then the certificate will be self-signed.
 // Parameter order is based on the order of the attributes of the certificate
 // in RFC 5280.
 //
 // The return value, if non-null, is owned by the arena in the context and
 // MUST NOT be freed.
 SECItem* CreateEncodedCertificate(PLArenaPool* arena, long version,
-                                  SECOidTag signature, long serialNumber,
+                                  SECOidTag signature, SECItem* serialNumber,
                                   const SECItem* issuerNameDER,
                                   PRTime notBefore, PRTime notAfter,
                                   const SECItem* subjectNameDER,
                      /*optional*/ SECItem const* const* extensions,
                      /*optional*/ SECKEYPrivateKey* issuerPrivateKey,
                                   SECOidTag signatureHashAlg,
                           /*out*/ ScopedSECKEYPrivateKey& privateKey);
mozilla-central
Deployed from 80bb07ef5c17 at 2020-12-01T16:21:09Z.