Bug 1061021, Part 12: Stop using PLArenaPool for ResponseData encoding, r=keeler
authorBrian Smith <brian@briansmith.org>
Sat, 30 Aug 2014 20:42:19 -0700
changeset 14683 07b910800d29a8bd7552cfdca10b200eec54283f
parent 14682 86d4257c47bcafe5edd30bce4eea39cbdf4cb8ab
child 14684 1fd4a7e00bd180cf93d16905190eb62e46ac48e7
push id3202
push userfranziskuskiefer@gmail.com
push dateMon, 01 Oct 2018 08:30:12 +0000
reviewerskeeler
bugs1061021
Bug 1061021, Part 12: Stop using PLArenaPool for ResponseData encoding, r=keeler
lib/mozpkix/test/lib/pkixtestutil.cpp
--- a/lib/mozpkix/test/lib/pkixtestutil.cpp
+++ b/lib/mozpkix/test/lib/pkixtestutil.cpp
@@ -244,17 +244,17 @@ OCSPResponseContext::OCSPResponseContext
   , thisUpdate(time)
   , nextUpdate(time + 10)
   , includeNextUpdate(true)
 {
 }
 
 static ByteString ResponseBytes(OCSPResponseContext& context);
 static ByteString BasicOCSPResponse(OCSPResponseContext& context);
-static SECItem* ResponseData(OCSPResponseContext& context);
+static ByteString ResponseData(OCSPResponseContext& context);
 static ByteString ResponderID(OCSPResponseContext& context);
 static ByteString KeyHash(OCSPResponseContext& context);
 static ByteString SingleResponse(OCSPResponseContext& context);
 static ByteString CertID(OCSPResponseContext& context);
 static ByteString CertStatus(OCSPResponseContext& context);
 
 static ByteString
 HashedOctetString(const SECItem& bytes)
@@ -479,25 +479,25 @@ SignedData(const ByteString& tbsData,
     default:
       return ENCODING_FAILED;
   }
 
   SECItem signature;
   if (SEC_SignData(&signature, tbsData.data(), tbsData.length(), privKey,
                    signatureAlgorithmOidTag) != SECSuccess)
   {
-    return nullptr;
+    return ENCODING_FAILED;
   }
   // TODO: add ability to have signatures of bit length not divisible by 8,
   // resulting in unused bits in the bitstring encoding
   ByteString signatureNested(BitString(ByteString(signature.data, signature.len),
                                        corrupt));
   SECITEM_FreeItem(&signature, false);
   if (signatureNested == ENCODING_FAILED) {
-    return nullptr;
+    return ENCODING_FAILED;
   }
 
   ByteString certsNested;
   if (certs) {
     ByteString certsSequenceValue;
     while (*certs) {
       certsSequenceValue.append(ByteString((*certs)->data, (*certs)->len));
       ++certs;
@@ -992,23 +992,23 @@ ResponseBytes(OCSPResponseContext& conte
 // BasicOCSPResponse ::= SEQUENCE {
 //   tbsResponseData          ResponseData,
 //   signatureAlgorithm       AlgorithmIdentifier,
 //   signature                BIT STRING,
 //   certs                [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
 ByteString
 BasicOCSPResponse(OCSPResponseContext& context)
 {
-  SECItem* tbsResponseData = ResponseData(context);
-  if (!tbsResponseData) {
-    return nullptr;
+  ByteString tbsResponseData(ResponseData(context));
+  if (tbsResponseData == ENCODING_FAILED) {
+    return ENCODING_FAILED;
   }
 
   // TODO(bug 980538): certs
-  return SignedData(ByteString(tbsResponseData->data, tbsResponseData->len),
+  return SignedData(tbsResponseData,
                     context.signerPrivateKey.get(),
                     SignatureAlgorithm::rsa_pkcs1_with_sha256,
                     context.badSignature, context.certs);
 }
 
 // Extension ::= SEQUENCE {
 //   id               OBJECT IDENTIFIER,
 //   critical         BOOLEAN DEFAULT FALSE
@@ -1057,46 +1057,46 @@ Extensions(OCSPResponseContext& context)
 }
 
 // ResponseData ::= SEQUENCE {
 //    version             [0] EXPLICIT Version DEFAULT v1,
 //    responderID             ResponderID,
 //    producedAt              GeneralizedTime,
 //    responses               SEQUENCE OF SingleResponse,
 //    responseExtensions  [1] EXPLICIT Extensions OPTIONAL }
-SECItem*
+ByteString
 ResponseData(OCSPResponseContext& context)
 {
   ByteString responderID(ResponderID(context));
   if (responderID == ENCODING_FAILED) {
-    return nullptr;
+    return ENCODING_FAILED;
   }
   ByteString producedAtEncoded(TimeToGeneralizedTime(context.producedAt));
   if (producedAtEncoded == ENCODING_FAILED) {
-    return nullptr;
+    return ENCODING_FAILED;
   }
   ByteString response(SingleResponse(context));
   if (response == ENCODING_FAILED) {
-    return nullptr;
+    return ENCODING_FAILED;
   }
   ByteString responses(TLV(der::SEQUENCE, response));
   if (responses == ENCODING_FAILED) {
-    return nullptr;
+    return ENCODING_FAILED;
   }
   ByteString responseExtensions;
   if (context.extensions || context.includeEmptyExtensions) {
     responseExtensions = Extensions(context);
   }
 
-  Output output;
-  output.Add(responderID);
-  output.Add(producedAtEncoded);
-  output.Add(responses);
-  output.Add(responseExtensions);
-  return output.Squash(context.arena, der::SEQUENCE);
+  ByteString value;
+  value.append(responderID);
+  value.append(producedAtEncoded);
+  value.append(responses);
+  value.append(responseExtensions);
+  return TLV(der::SEQUENCE, value);
 }
 
 // ResponderID ::= CHOICE {
 //    byName              [1] Name,
 //    byKey               [2] KeyHash }
 // }
 ByteString
 ResponderID(OCSPResponseContext& context)