From 944915ea880ab34af37c6c3b83b45afbec30e5a2 Mon Sep 17 00:00:00 2001 From: Franziskus Kiefer Date: Fri, 3 Aug 2018 12:11:13 +0200 Subject: [PATCH] Bug 1479787 - clang-format, r=mt,keeler Differential Revision: https://phabricator.services.mozilla.com/D2721 --HG-- extra : rebase_source : 8b075cdf10c7864c532017d27785644446f4d33f --- gtests/mozpkix_gtest/pkixgtest.h | 128 ++++----- lib/mozpkix/include/pkix-test/pkixtestnss.h | 13 +- lib/mozpkix/include/pkix-test/pkixtestutil.h | 207 ++++++--------- lib/mozpkix/include/pkix/Input.h | 124 ++++----- lib/mozpkix/include/pkix/Result.h | 248 ++++++++---------- lib/mozpkix/include/pkix/Time.h | 84 +++--- lib/mozpkix/include/pkix/pkix.h | 29 +-- lib/mozpkix/include/pkix/pkixcheck.h | 25 +- lib/mozpkix/include/pkix/pkixder.h | 258 ++++++++----------- lib/mozpkix/include/pkix/pkixnss.h | 28 +- lib/mozpkix/include/pkix/pkixtypes.h | 148 +++++------ lib/mozpkix/include/pkix/pkixutil.h | 138 ++++------ nss-tool/enc/enctool.h | 2 +- 13 files changed, 598 insertions(+), 834 deletions(-) diff --git a/gtests/mozpkix_gtest/pkixgtest.h b/gtests/mozpkix_gtest/pkixgtest.h index 4f362e78be..bb3491d444 100644 --- a/gtests/mozpkix_gtest/pkixgtest.h +++ b/gtests/mozpkix_gtest/pkixgtest.h @@ -40,10 +40,10 @@ #pragma warning(push, 3) // C4224: Nonstandard extension used: formal parameter 'X' was previously // defined as a type. -#pragma warning(disable: 4224) +#pragma warning(disable : 4224) // C4826: Conversion from 'type1 ' to 'type_2' is sign - extended. This may // cause unexpected runtime behavior. -#pragma warning(disable: 4826) +#pragma warning(disable : 4826) #endif #include "gtest/gtest.h" @@ -60,11 +60,10 @@ #include "mozpkix/test/pkixtestutil.h" // PrintTo must be in the same namespace as the type we're overloading it for. -namespace mozilla { namespace pkix { +namespace mozilla { +namespace pkix { -inline void -PrintTo(const Result& result, ::std::ostream* os) -{ +inline void PrintTo(const Result& result, ::std::ostream* os) { const char* stringified = MapResultToName(result); if (stringified) { *os << stringified; @@ -72,10 +71,12 @@ PrintTo(const Result& result, ::std::ostream* os) *os << "mozilla::pkix::Result(" << static_cast(result) << ")"; } } +} +} // namespace mozilla::pkix -} } // namespace mozilla::pkix - -namespace mozilla { namespace pkix { namespace test { +namespace mozilla { +namespace pkix { +namespace test { extern const std::time_t oneDayBeforeNow; extern const std::time_t oneDayAfterNow; @@ -84,172 +85,145 @@ extern const std::time_t twoDaysAfterNow; extern const std::time_t tenDaysBeforeNow; extern const std::time_t tenDaysAfterNow; - -class EverythingFailsByDefaultTrustDomain : public TrustDomain -{ -public: - Result GetCertTrust(EndEntityOrCA, const CertPolicyId&, - Input, /*out*/ TrustLevel&) override - { +class EverythingFailsByDefaultTrustDomain : public TrustDomain { + public: + Result GetCertTrust(EndEntityOrCA, const CertPolicyId&, Input, + /*out*/ TrustLevel&) override { ADD_FAILURE(); return NotReached("GetCertTrust should not be called", Result::FATAL_ERROR_LIBRARY_FAILURE); } - Result FindIssuer(Input, IssuerChecker&, Time) override - { + Result FindIssuer(Input, IssuerChecker&, Time) override { ADD_FAILURE(); return NotReached("FindIssuer should not be called", Result::FATAL_ERROR_LIBRARY_FAILURE); } Result CheckRevocation(EndEntityOrCA, const CertID&, Time, Duration, - /*optional*/ const Input*, - /*optional*/ const Input*) override - { + /*optional*/ const Input*, + /*optional*/ const Input*) override { ADD_FAILURE(); return NotReached("CheckRevocation should not be called", Result::FATAL_ERROR_LIBRARY_FAILURE); } - Result IsChainValid(const DERArray&, Time, const CertPolicyId&) override - { + Result IsChainValid(const DERArray&, Time, const CertPolicyId&) override { ADD_FAILURE(); return NotReached("IsChainValid should not be called", Result::FATAL_ERROR_LIBRARY_FAILURE); } - Result DigestBuf(Input, DigestAlgorithm, /*out*/ uint8_t*, size_t) override - { + Result DigestBuf(Input, DigestAlgorithm, /*out*/ uint8_t*, size_t) override { ADD_FAILURE(); return NotReached("DigestBuf should not be called", Result::FATAL_ERROR_LIBRARY_FAILURE); } - Result CheckSignatureDigestAlgorithm(DigestAlgorithm, - EndEntityOrCA, - Time) override - { + Result CheckSignatureDigestAlgorithm(DigestAlgorithm, EndEntityOrCA, + Time) override { ADD_FAILURE(); return NotReached("CheckSignatureDigestAlgorithm should not be called", Result::FATAL_ERROR_LIBRARY_FAILURE); } - Result CheckECDSACurveIsAcceptable(EndEntityOrCA, NamedCurve) override - { + Result CheckECDSACurveIsAcceptable(EndEntityOrCA, NamedCurve) override { ADD_FAILURE(); return NotReached("CheckECDSACurveIsAcceptable should not be called", Result::FATAL_ERROR_LIBRARY_FAILURE); } - Result VerifyECDSASignedDigest(const SignedDigest&, Input) override - { + Result VerifyECDSASignedDigest(const SignedDigest&, Input) override { ADD_FAILURE(); return NotReached("VerifyECDSASignedDigest should not be called", Result::FATAL_ERROR_LIBRARY_FAILURE); } - Result CheckRSAPublicKeyModulusSizeInBits(EndEntityOrCA, unsigned int) - override - { + Result CheckRSAPublicKeyModulusSizeInBits(EndEntityOrCA, + unsigned int) override { ADD_FAILURE(); return NotReached("CheckRSAPublicKeyModulusSizeInBits should not be called", Result::FATAL_ERROR_LIBRARY_FAILURE); } - Result VerifyRSAPKCS1SignedDigest(const SignedDigest&, Input) override - { + Result VerifyRSAPKCS1SignedDigest(const SignedDigest&, Input) override { ADD_FAILURE(); return NotReached("VerifyRSAPKCS1SignedDigest should not be called", Result::FATAL_ERROR_LIBRARY_FAILURE); } - Result CheckValidityIsAcceptable(Time, Time, EndEntityOrCA, KeyPurposeId) - override - { + Result CheckValidityIsAcceptable(Time, Time, EndEntityOrCA, + KeyPurposeId) override { ADD_FAILURE(); return NotReached("CheckValidityIsAcceptable should not be called", Result::FATAL_ERROR_LIBRARY_FAILURE); } - Result NetscapeStepUpMatchesServerAuth(Time, bool&) override - { + Result NetscapeStepUpMatchesServerAuth(Time, bool&) override { ADD_FAILURE(); return NotReached("NetscapeStepUpMatchesServerAuth should not be called", Result::FATAL_ERROR_LIBRARY_FAILURE); } - virtual void NoteAuxiliaryExtension(AuxiliaryExtension, Input) override - { + virtual void NoteAuxiliaryExtension(AuxiliaryExtension, Input) override { ADD_FAILURE(); } }; -class DefaultCryptoTrustDomain : public EverythingFailsByDefaultTrustDomain -{ +class DefaultCryptoTrustDomain : public EverythingFailsByDefaultTrustDomain { Result DigestBuf(Input item, DigestAlgorithm digestAlg, - /*out*/ uint8_t* digestBuf, size_t digestBufLen) override - { + /*out*/ uint8_t* digestBuf, size_t digestBufLen) override { return TestDigestBuf(item, digestAlg, digestBuf, digestBufLen); } - Result CheckSignatureDigestAlgorithm(DigestAlgorithm, EndEntityOrCA, Time) - override - { + Result CheckSignatureDigestAlgorithm(DigestAlgorithm, EndEntityOrCA, + Time) override { return Success; } - Result CheckECDSACurveIsAcceptable(EndEntityOrCA, NamedCurve) override - { + Result CheckECDSACurveIsAcceptable(EndEntityOrCA, NamedCurve) override { return Success; } Result VerifyECDSASignedDigest(const SignedDigest& signedDigest, - Input subjectPublicKeyInfo) override - { + Input subjectPublicKeyInfo) override { return TestVerifyECDSASignedDigest(signedDigest, subjectPublicKeyInfo); } - Result CheckRSAPublicKeyModulusSizeInBits(EndEntityOrCA, unsigned int) - override - { + Result CheckRSAPublicKeyModulusSizeInBits(EndEntityOrCA, + unsigned int) override { return Success; } Result VerifyRSAPKCS1SignedDigest(const SignedDigest& signedDigest, - Input subjectPublicKeyInfo) override - { + Input subjectPublicKeyInfo) override { return TestVerifyRSAPKCS1SignedDigest(signedDigest, subjectPublicKeyInfo); } - Result CheckValidityIsAcceptable(Time, Time, EndEntityOrCA, KeyPurposeId) - override - { + Result CheckValidityIsAcceptable(Time, Time, EndEntityOrCA, + KeyPurposeId) override { return Success; } - Result NetscapeStepUpMatchesServerAuth(Time, /*out*/ bool& matches) override - { + Result NetscapeStepUpMatchesServerAuth(Time, /*out*/ bool& matches) override { matches = true; return Success; } - void NoteAuxiliaryExtension(AuxiliaryExtension, Input) override - { - } + void NoteAuxiliaryExtension(AuxiliaryExtension, Input) override {} }; -class DefaultNameMatchingPolicy : public NameMatchingPolicy -{ -public: +class DefaultNameMatchingPolicy : public NameMatchingPolicy { + public: virtual Result FallBackToCommonName( - Time, /*out*/ FallBackToSearchWithinSubject& fallBackToCommonName) override - { + Time, + /*out*/ FallBackToSearchWithinSubject& fallBackToCommonName) override { fallBackToCommonName = FallBackToSearchWithinSubject::Yes; return Success; } }; +} +} +} // namespace mozilla::pkix::test -} } } // namespace mozilla::pkix::test - -#endif // mozilla_pkix_pkixgtest_h +#endif // mozilla_pkix_pkixgtest_h diff --git a/lib/mozpkix/include/pkix-test/pkixtestnss.h b/lib/mozpkix/include/pkix-test/pkixtestnss.h index 199659d7f6..5ae776f6ad 100644 --- a/lib/mozpkix/include/pkix-test/pkixtestnss.h +++ b/lib/mozpkix/include/pkix-test/pkixtestnss.h @@ -31,15 +31,18 @@ #include #include -#include "mozpkix/test/pkixtestutil.h" #include "mozpkix/nss_scoped_ptrs.h" +#include "mozpkix/test/pkixtestutil.h" -namespace mozilla { namespace pkix { namespace test { +namespace mozilla { +namespace pkix { +namespace test { TestKeyPair* CreateTestKeyPair(const TestPublicKeyAlgorithm publicKeyAlg, const ScopedSECKEYPublicKey& publicKey, const ScopedSECKEYPrivateKey& privateKey); +} +} +} // namespace mozilla::pkix::test -} } } // namespace mozilla::pkix::test - -#endif // mozilla_pkix_test_pkixtestnss_h +#endif // mozilla_pkix_test_pkixtestnss_h diff --git a/lib/mozpkix/include/pkix-test/pkixtestutil.h b/lib/mozpkix/include/pkix-test/pkixtestutil.h index f917341ffd..55c435419f 100644 --- a/lib/mozpkix/include/pkix-test/pkixtestutil.h +++ b/lib/mozpkix/include/pkix-test/pkixtestutil.h @@ -25,23 +25,23 @@ #ifndef mozilla_pkix_test_pkixtestutil_h #define mozilla_pkix_test_pkixtestutil_h -#include #include -#include #include +#include +#include #include "mozpkix/pkixtypes.h" -namespace mozilla { namespace pkix { namespace test { +namespace mozilla { +namespace pkix { +namespace test { typedef std::basic_string ByteString; inline bool ENCODING_FAILED(const ByteString& bs) { return bs.empty(); } template -inline ByteString -BytesToByteString(const uint8_t (&bytes)[L]) -{ +inline ByteString BytesToByteString(const uint8_t (&bytes)[L]) { return ByteString(bytes, L); } @@ -64,17 +64,14 @@ bool InputEqualsByteString(Input input, const ByteString& bs); ByteString InputToByteString(Input input); // python DottedOIDToCode.py --tlv id-kp-OCSPSigning 1.3.6.1.5.5.7.3.9 -static const uint8_t tlv_id_kp_OCSPSigning[] = { - 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x09 -}; +static const uint8_t tlv_id_kp_OCSPSigning[] = {0x06, 0x08, 0x2b, 0x06, 0x01, + 0x05, 0x05, 0x07, 0x03, 0x09}; // python DottedOIDToCode.py --tlv id-kp-serverAuth 1.3.6.1.5.5.7.3.1 -static const uint8_t tlv_id_kp_serverAuth[] = { - 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01 -}; +static const uint8_t tlv_id_kp_serverAuth[] = {0x06, 0x08, 0x2b, 0x06, 0x01, + 0x05, 0x05, 0x07, 0x03, 0x01}; -enum class TestDigestAlgorithmID -{ +enum class TestDigestAlgorithmID { MD2, MD5, SHA1, @@ -84,12 +81,10 @@ enum class TestDigestAlgorithmID SHA512, }; -struct TestPublicKeyAlgorithm -{ +struct TestPublicKeyAlgorithm { explicit TestPublicKeyAlgorithm(const ByteString& aAlgorithmIdentifier) - : algorithmIdentifier(aAlgorithmIdentifier) { } - bool operator==(const TestPublicKeyAlgorithm& other) const - { + : algorithmIdentifier(aAlgorithmIdentifier) {} + bool operator==(const TestPublicKeyAlgorithm& other) const { return algorithmIdentifier == other.algorithmIdentifier; } ByteString algorithmIdentifier; @@ -102,12 +97,10 @@ ByteString DSS_G(); TestPublicKeyAlgorithm DSS(); TestPublicKeyAlgorithm RSA_PKCS1(); -struct TestSignatureAlgorithm -{ +struct TestSignatureAlgorithm { TestSignatureAlgorithm(const TestPublicKeyAlgorithm& publicKeyAlg, TestDigestAlgorithmID digestAlg, - const ByteString& algorithmIdentifier, - bool accepted); + const ByteString& algorithmIdentifier, bool accepted); TestPublicKeyAlgorithm publicKeyAlg; TestDigestAlgorithmID digestAlg; @@ -126,9 +119,7 @@ mozilla::pkix::Time YMDHMS(uint16_t year, uint16_t month, uint16_t day, ByteString TLV(uint8_t tag, size_t length, const ByteString& value); -inline ByteString -TLV(uint8_t tag, const ByteString& value) -{ +inline ByteString TLV(uint8_t tag, const ByteString& value) { return TLV(tag, value.length(), value); } @@ -137,18 +128,14 @@ TLV(uint8_t tag, const ByteString& value) // string literals as the last parameter to the following two functions. template -inline ByteString -TLV(uint8_t tag, const char(&value)[N]) -{ +inline ByteString TLV(uint8_t tag, const char (&value)[N]) { static_assert(N > 0, "cannot have string literal of size 0"); assert(value[N - 1] == 0); return TLV(tag, ByteString(reinterpret_cast(&value), N - 1)); } template -inline ByteString -TLV(uint8_t tag, size_t length, const char(&value)[N]) -{ +inline ByteString TLV(uint8_t tag, size_t length, const char (&value)[N]) { static_assert(N > 0, "cannot have string literal of size 0"); assert(value[N - 1] == 0); return TLV(tag, length, @@ -160,29 +147,27 @@ ByteString Integer(long value); ByteString CN(const ByteString&, uint8_t encodingTag = 0x0c /*UTF8String*/); -inline ByteString -CN(const char* value, uint8_t encodingTag = 0x0c /*UTF8String*/) -{ - return CN(ByteString(reinterpret_cast(value), - std::strlen(value)), encodingTag); +inline ByteString CN(const char* value, + uint8_t encodingTag = 0x0c /*UTF8String*/) { + return CN( + ByteString(reinterpret_cast(value), std::strlen(value)), + encodingTag); } ByteString OU(const ByteString&, uint8_t encodingTag = 0x0c /*UTF8String*/); -inline ByteString -OU(const char* value, uint8_t encodingTag = 0x0c /*UTF8String*/) -{ - return OU(ByteString(reinterpret_cast(value), - std::strlen(value)), encodingTag); +inline ByteString OU(const char* value, + uint8_t encodingTag = 0x0c /*UTF8String*/) { + return OU( + ByteString(reinterpret_cast(value), std::strlen(value)), + encodingTag); } ByteString emailAddress(const ByteString&); -inline ByteString -emailAddress(const char* value) -{ - return emailAddress(ByteString(reinterpret_cast(value), - std::strlen(value))); +inline ByteString emailAddress(const char* value) { + return emailAddress( + ByteString(reinterpret_cast(value), std::strlen(value))); } // RelativeDistinguishedName ::= @@ -197,17 +182,11 @@ ByteString RDN(const ByteString& avas); // ByteString Name(const ByteString& rdns); -inline ByteString -CNToDERName(const ByteString& cn) -{ +inline ByteString CNToDERName(const ByteString& cn) { return Name(RDN(CN(cn))); } -inline ByteString -CNToDERName(const char* cn) -{ - return Name(RDN(CN(cn))); -} +inline ByteString CNToDERName(const char* cn) { return Name(RDN(CN(cn))); } // GeneralName ::= CHOICE { // otherName [0] OtherName, @@ -220,55 +199,40 @@ CNToDERName(const char* cn) // iPAddress [7] OCTET STRING, // registeredID [8] OBJECT IDENTIFIER } -inline ByteString -RFC822Name(const ByteString& name) -{ +inline ByteString RFC822Name(const ByteString& name) { // (2 << 6) means "context-specific", 1 is the GeneralName tag. return TLV((2 << 6) | 1, name); } template -inline ByteString -RFC822Name(const char (&bytes)[L]) -{ - return RFC822Name(ByteString(reinterpret_cast(&bytes), - L - 1)); +inline ByteString RFC822Name(const char (&bytes)[L]) { + return RFC822Name( + ByteString(reinterpret_cast(&bytes), L - 1)); } -inline ByteString -DNSName(const ByteString& name) -{ +inline ByteString DNSName(const ByteString& name) { // (2 << 6) means "context-specific", 2 is the GeneralName tag. return TLV((2 << 6) | 2, name); } template -inline ByteString -DNSName(const char (&bytes)[L]) -{ - return DNSName(ByteString(reinterpret_cast(&bytes), - L - 1)); +inline ByteString DNSName(const char (&bytes)[L]) { + return DNSName(ByteString(reinterpret_cast(&bytes), L - 1)); } -inline ByteString -DirectoryName(const ByteString& name) -{ +inline ByteString DirectoryName(const ByteString& name) { // (2 << 6) means "context-specific", (1 << 5) means "constructed", and 4 is // the DirectoryName tag. return TLV((2 << 6) | (1 << 5) | 4, name); } -inline ByteString -IPAddress() -{ +inline ByteString IPAddress() { // (2 << 6) means "context-specific", 7 is the GeneralName tag. return TLV((2 << 6) | 7, ByteString()); } template -inline ByteString -IPAddress(const uint8_t (&bytes)[L]) -{ +inline ByteString IPAddress(const uint8_t (&bytes)[L]) { // (2 << 6) means "context-specific", 7 is the GeneralName tag. return TLV((2 << 6) | 7, ByteString(bytes, L)); } @@ -282,10 +246,9 @@ IPAddress(const uint8_t (&bytes)[L]) ByteString CreateEncodedSubjectAltName(const ByteString& names); ByteString CreateEncodedEmptySubjectAltName(); -class TestKeyPair -{ -public: - virtual ~TestKeyPair() { } +class TestKeyPair { + public: + virtual ~TestKeyPair() {} const TestPublicKeyAlgorithm publicKeyAlg; @@ -302,8 +265,10 @@ class TestKeyPair /*out*/ ByteString& signature) const = 0; virtual TestKeyPair* Clone() const = 0; -protected: - TestKeyPair(const TestPublicKeyAlgorithm& publicKeyAlg, const ByteString& spk); + + protected: + TestKeyPair(const TestPublicKeyAlgorithm& publicKeyAlg, + const ByteString& spk); TestKeyPair(const TestKeyPair&) = delete; void operator=(const TestKeyPair&) = delete; }; @@ -347,24 +312,21 @@ enum Version { v1 = 0, v2 = 1, v3 = 2 }; // extensions must point to an array of ByteStrings, terminated with an empty // ByteString. (If the first item of the array is empty then an empty // Extensions sequence will be encoded.) -ByteString CreateEncodedCertificate(long version, - const TestSignatureAlgorithm& signature, - const ByteString& serialNumber, - const ByteString& issuerNameDER, - time_t notBefore, time_t notAfter, - const ByteString& subjectNameDER, - const TestKeyPair& subjectKeyPair, - /*optional*/ const ByteString* extensions, - const TestKeyPair& issuerKeyPair, - const TestSignatureAlgorithm& signatureAlgorithm); +ByteString CreateEncodedCertificate( + long version, const TestSignatureAlgorithm& signature, + const ByteString& serialNumber, const ByteString& issuerNameDER, + time_t notBefore, time_t notAfter, const ByteString& subjectNameDER, + const TestKeyPair& subjectKeyPair, + /*optional*/ const ByteString* extensions, const TestKeyPair& issuerKeyPair, + const TestSignatureAlgorithm& signatureAlgorithm); ByteString CreateEncodedSerialNumber(long value); enum class Critical { No = 0, Yes = 1 }; -ByteString CreateEncodedBasicConstraints(bool isCA, - /*optional in*/ const long* pathLenConstraint, - Critical critical); +ByteString CreateEncodedBasicConstraints( + bool isCA, + /*optional in*/ const long* pathLenConstraint, Critical critical); // Creates a DER-encoded extKeyUsage extension with one EKU OID. ByteString CreateEncodedEKUExtension(Input eku, Critical critical); @@ -372,9 +334,8 @@ ByteString CreateEncodedEKUExtension(Input eku, Critical critical); /////////////////////////////////////////////////////////////////////////////// // Encode OCSP responses -class OCSPResponseExtension final -{ -public: +class OCSPResponseExtension final { + public: OCSPResponseExtension(); ByteString id; @@ -383,9 +344,8 @@ class OCSPResponseExtension final OCSPResponseExtension* next; }; -class OCSPResponseContext final -{ -public: +class OCSPResponseContext final { + public: OCSPResponseContext(const CertID& certID, std::time_t time); const CertID& certID; @@ -393,8 +353,7 @@ class OCSPResponseContext final // The fields below are in the order that they appear in an OCSP response. - enum OCSPResponseStatus - { + enum OCSPResponseStatus { successful = 0, malformedRequest = 1, internalError = 2, @@ -403,13 +362,13 @@ class OCSPResponseContext final sigRequired = 5, unauthorized = 6, }; - uint8_t responseStatus; // an OCSPResponseStatus or an invalid value - bool skipResponseBytes; // If true, don't include responseBytes + uint8_t responseStatus; // an OCSPResponseStatus or an invalid value + bool skipResponseBytes; // If true, don't include responseBytes // responderID - ByteString signerNameDER; // If set, responderID will use the byName - // form; otherwise responderID will use the - // byKeyHash form. + ByteString signerNameDER; // If set, responderID will use the byName + // form; otherwise responderID will use the + // byKeyHash form. std::time_t producedAt; @@ -417,31 +376,31 @@ class OCSPResponseContext final OCSPResponseExtension* singleExtensions; // ResponseData extensions. OCSPResponseExtension* responseExtensions; - bool includeEmptyExtensions; // If true, include the extension wrapper - // regardless of if there are any actual - // extensions. + bool includeEmptyExtensions; // If true, include the extension wrapper + // regardless of if there are any actual + // extensions. ScopedTestKeyPair signerKeyPair; TestSignatureAlgorithm signatureAlgorithm; - bool badSignature; // If true, alter the signature to fail verification - const ByteString* certs; // optional; array terminated by an empty string + bool badSignature; // If true, alter the signature to fail verification + const ByteString* certs; // optional; array terminated by an empty string // The following fields are on a per-SingleResponse basis. In the future we // may support including multiple SingleResponses per response. - enum CertStatus - { + enum CertStatus { good = 0, revoked = 1, unknown = 2, }; - uint8_t certStatus; // CertStatus or an invalid value - std::time_t revocationTime; // For certStatus == revoked + uint8_t certStatus; // CertStatus or an invalid value + std::time_t revocationTime; // For certStatus == revoked std::time_t thisUpdate; std::time_t nextUpdate; bool includeNextUpdate; }; ByteString CreateEncodedOCSPResponse(OCSPResponseContext& context); +} +} +} // namespace mozilla::pkix::test -} } } // namespace mozilla::pkix::test - -#endif // mozilla_pkix_test_pkixtestutil_h +#endif // mozilla_pkix_test_pkixtestutil_h diff --git a/lib/mozpkix/include/pkix/Input.h b/lib/mozpkix/include/pkix/Input.h index df93652640..11b2a0f7e4 100644 --- a/lib/mozpkix/include/pkix/Input.h +++ b/lib/mozpkix/include/pkix/Input.h @@ -30,7 +30,8 @@ #include "mozpkix/Result.h" #include "stdint.h" -namespace mozilla { namespace pkix { +namespace mozilla { +namespace pkix { class Reader; @@ -49,9 +50,8 @@ class Reader; // // Note that in the example, GoodExample has the same performance // characteristics as WorseExample, but with much better safety guarantees. -class Input final -{ -public: +class Input final { + public: typedef uint16_t size_type; // This constructor is useful for inputs that are statically known to be of a @@ -66,26 +66,17 @@ class Input final // Input expected; // Result rv = expected.Init(EXPECTED_BYTES, sizeof EXPECTED_BYTES); template - explicit Input(const uint8_t (&aData)[N]) - : data(aData) - , len(N) - { - } + explicit Input(const uint8_t (&aData)[N]) : data(aData), len(N) {} // Construct a valid, empty, Init-able Input. - Input() - : data(nullptr) - , len(0u) - { - } + Input() : data(nullptr), len(0u) {} // This is intentionally not explicit in order to allow value semantics. Input(const Input&) = default; // Initialize the input. data must be non-null and len must be less than // 65536. Init may not be called more than once. - Result Init(const uint8_t* aData, size_t aLen) - { + Result Init(const uint8_t* aData, size_t aLen) { if (this->data) { // already initialized return Result::FATAL_ERROR_INVALID_ARGS; @@ -107,10 +98,7 @@ class Input final // This is basically operator=, but it wasn't given that name because // normally callers do not check the result of operator=, and normally // operator= can be used multiple times. - Result Init(Input other) - { - return Init(other.data, other.len); - } + Result Init(Input other) { return Init(other.data, other.len); } // Returns the length of the input. // @@ -122,18 +110,17 @@ class Input final // don't want to declare in this header file. const uint8_t* UnsafeGetData() const { return data; } -private: + private: const uint8_t* data; size_t len; - void operator=(const Input&) = delete; // Use Init instead. + void operator=(const Input&) = delete; // Use Init instead. }; -inline bool -InputsAreEqual(const Input& a, const Input& b) -{ +inline bool InputsAreEqual(const Input& a, const Input& b) { return a.GetLength() == b.GetLength() && - std::equal(a.UnsafeGetData(), a.UnsafeGetData() + a.GetLength(), b.UnsafeGetData()); + std::equal(a.UnsafeGetData(), a.UnsafeGetData() + a.GetLength(), + b.UnsafeGetData()); } // An Reader is a cursor/iterator through the contents of an Input, designed to @@ -144,23 +131,15 @@ InputsAreEqual(const Input& a, const Input& b) // // In general, Reader allows for one byte of lookahead and no backtracking. // However, the Match* functions internally may have more lookahead. -class Reader final -{ -public: - Reader() - : input(nullptr) - , end(nullptr) - { - } +class Reader final { + public: + Reader() : input(nullptr), end(nullptr) {} explicit Reader(Input aInput) - : input(aInput.UnsafeGetData()) - , end(aInput.UnsafeGetData() + aInput.GetLength()) - { - } + : input(aInput.UnsafeGetData()), + end(aInput.UnsafeGetData() + aInput.GetLength()) {} - Result Init(Input aInput) - { + Result Init(Input aInput) { if (this->input) { return Result::FATAL_ERROR_INVALID_ARGS; } @@ -169,13 +148,11 @@ class Reader final return Success; } - bool Peek(uint8_t expectedByte) const - { + bool Peek(uint8_t expectedByte) const { return input < end && *input == expectedByte; } - Result Read(uint8_t& out) - { + Result Read(uint8_t& out) { Result rv = EnsureLength(1); if (rv != Success) { return rv; @@ -184,8 +161,7 @@ class Reader final return Success; } - Result Read(uint16_t& out) - { + Result Read(uint16_t& out) { Result rv = EnsureLength(2); if (rv != Success) { return rv; @@ -197,8 +173,7 @@ class Reader final } template - bool MatchRest(const uint8_t (&toMatch)[N]) - { + bool MatchRest(const uint8_t (&toMatch)[N]) { // Normally we use EnsureLength which compares (input + len < end), but // here we want to be sure that there is nothing following the matched // bytes @@ -212,8 +187,7 @@ class Reader final return true; } - bool MatchRest(Input toMatch) - { + bool MatchRest(Input toMatch) { // Normally we use EnsureLength which compares (input + len < end), but // here we want to be sure that there is nothing following the matched // bytes @@ -228,8 +202,7 @@ class Reader final return true; } - Result Skip(Input::size_type len) - { + Result Skip(Input::size_type len) { Result rv = EnsureLength(len); if (rv != Success) { return rv; @@ -238,8 +211,7 @@ class Reader final return Success; } - Result Skip(Input::size_type len, Reader& skipped) - { + Result Skip(Input::size_type len, Reader& skipped) { Result rv = EnsureLength(len); if (rv != Success) { return rv; @@ -252,8 +224,7 @@ class Reader final return Success; } - Result Skip(Input::size_type len, /*out*/ Input& skipped) - { + Result Skip(Input::size_type len, /*out*/ Input& skipped) { Result rv = EnsureLength(len); if (rv != Success) { return rv; @@ -266,18 +237,13 @@ class Reader final return Success; } - void SkipToEnd() - { - input = end; - } + void SkipToEnd() { input = end; } - Result SkipToEnd(/*out*/ Input& skipped) - { + Result SkipToEnd(/*out*/ Input& skipped) { return Skip(static_cast(end - input), skipped); } - Result EnsureLength(Input::size_type len) - { + Result EnsureLength(Input::size_type len) { if (static_cast(end - input) < len) { return Result::ERROR_BAD_DER; } @@ -286,13 +252,13 @@ class Reader final bool AtEnd() const { return input == end; } - class Mark final - { - public: - Mark(const Mark&) = default; // Intentionally not explicit. - private: + class Mark final { + public: + Mark(const Mark&) = default; // Intentionally not explicit. + private: friend class Reader; - Mark(const Reader& aInput, const uint8_t* aMark) : input(aInput), mark(aMark) { } + Mark(const Reader& aInput, const uint8_t* aMark) + : input(aInput), mark(aMark) {} const Reader& input; const uint8_t* const mark; void operator=(const Mark&) = delete; @@ -300,8 +266,7 @@ class Reader final Mark GetMark() const { return Mark(*this, input); } - Result GetInput(const Mark& mark, /*out*/ Input& item) - { + Result GetInput(const Mark& mark, /*out*/ Input& item) { if (&mark.input != this || mark.mark > input) { return NotReached("invalid mark", Result::FATAL_ERROR_INVALID_ARGS); } @@ -309,9 +274,8 @@ class Reader final static_cast(input - mark.mark)); } -private: - Result Init(const uint8_t* data, Input::size_type len) - { + private: + Result Init(const uint8_t* data, Input::size_type len) { if (input) { // already initialized return Result::FATAL_ERROR_INVALID_ARGS; @@ -328,9 +292,7 @@ class Reader final void operator=(const Reader&) = delete; }; -inline bool -InputContains(const Input& input, uint8_t toFind) -{ +inline bool InputContains(const Input& input, uint8_t toFind) { Reader reader(input); for (;;) { uint8_t b; @@ -342,7 +304,7 @@ InputContains(const Input& input, uint8_t toFind) } } } +} +} // namespace mozilla::pkix -} } // namespace mozilla::pkix - -#endif // mozilla_pkix_Input_h +#endif // mozilla_pkix_Input_h diff --git a/lib/mozpkix/include/pkix/Result.h b/lib/mozpkix/include/pkix/Result.h index a4241b84b9..29461dc1a5 100644 --- a/lib/mozpkix/include/pkix/Result.h +++ b/lib/mozpkix/include/pkix/Result.h @@ -27,7 +27,8 @@ #include -namespace mozilla { namespace pkix { +namespace mozilla { +namespace pkix { static const unsigned int FATAL_ERROR_FLAG = 0x800; @@ -83,132 +84,113 @@ static const unsigned int FATAL_ERROR_FLAG = 0x800; // The third argument to MOZILLA_PKIX_MAP() is used, along with the first // argument, for maintaining the mapping of mozilla::pkix error codes to // NSS/NSPR error codes in pkixnss.cpp. -#define MOZILLA_PKIX_MAP_LIST \ - MOZILLA_PKIX_MAP(Success, 0, 0) \ - MOZILLA_PKIX_MAP(ERROR_BAD_DER, 1, \ - SEC_ERROR_BAD_DER) \ - MOZILLA_PKIX_MAP(ERROR_CA_CERT_INVALID, 2, \ - SEC_ERROR_CA_CERT_INVALID) \ - MOZILLA_PKIX_MAP(ERROR_BAD_SIGNATURE, 3, \ - SEC_ERROR_BAD_SIGNATURE) \ - MOZILLA_PKIX_MAP(ERROR_CERT_BAD_ACCESS_LOCATION, 4, \ - SEC_ERROR_CERT_BAD_ACCESS_LOCATION) \ - MOZILLA_PKIX_MAP(ERROR_CERT_NOT_IN_NAME_SPACE, 5, \ - SEC_ERROR_CERT_NOT_IN_NAME_SPACE) \ - MOZILLA_PKIX_MAP(ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED, 6, \ - SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED) \ - MOZILLA_PKIX_MAP(ERROR_CONNECT_REFUSED, 7, \ - PR_CONNECT_REFUSED_ERROR) \ - MOZILLA_PKIX_MAP(ERROR_EXPIRED_CERTIFICATE, 8, \ - SEC_ERROR_EXPIRED_CERTIFICATE) \ - MOZILLA_PKIX_MAP(ERROR_EXTENSION_VALUE_INVALID, 9, \ - SEC_ERROR_EXTENSION_VALUE_INVALID) \ - MOZILLA_PKIX_MAP(ERROR_INADEQUATE_CERT_TYPE, 10, \ - SEC_ERROR_INADEQUATE_CERT_TYPE) \ - MOZILLA_PKIX_MAP(ERROR_INADEQUATE_KEY_USAGE, 11, \ - SEC_ERROR_INADEQUATE_KEY_USAGE) \ - MOZILLA_PKIX_MAP(ERROR_INVALID_ALGORITHM, 12, \ - SEC_ERROR_INVALID_ALGORITHM) \ - MOZILLA_PKIX_MAP(ERROR_INVALID_DER_TIME, 13, \ - SEC_ERROR_INVALID_TIME) \ - MOZILLA_PKIX_MAP(ERROR_KEY_PINNING_FAILURE, 14, \ - MOZILLA_PKIX_ERROR_KEY_PINNING_FAILURE) \ - MOZILLA_PKIX_MAP(ERROR_PATH_LEN_CONSTRAINT_INVALID, 15, \ - SEC_ERROR_PATH_LEN_CONSTRAINT_INVALID) \ - MOZILLA_PKIX_MAP(ERROR_POLICY_VALIDATION_FAILED, 16, \ - SEC_ERROR_POLICY_VALIDATION_FAILED) \ - MOZILLA_PKIX_MAP(ERROR_REVOKED_CERTIFICATE, 17, \ - SEC_ERROR_REVOKED_CERTIFICATE) \ - MOZILLA_PKIX_MAP(ERROR_UNKNOWN_CRITICAL_EXTENSION, 18, \ - SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION) \ - MOZILLA_PKIX_MAP(ERROR_UNKNOWN_ERROR, 19, \ - PR_UNKNOWN_ERROR) \ - MOZILLA_PKIX_MAP(ERROR_UNKNOWN_ISSUER, 20, \ - SEC_ERROR_UNKNOWN_ISSUER) \ - MOZILLA_PKIX_MAP(ERROR_UNTRUSTED_CERT, 21, \ - SEC_ERROR_UNTRUSTED_CERT) \ - MOZILLA_PKIX_MAP(ERROR_UNTRUSTED_ISSUER, 22, \ - SEC_ERROR_UNTRUSTED_ISSUER) \ - MOZILLA_PKIX_MAP(ERROR_OCSP_BAD_SIGNATURE, 23, \ - SEC_ERROR_OCSP_BAD_SIGNATURE) \ - MOZILLA_PKIX_MAP(ERROR_OCSP_INVALID_SIGNING_CERT, 24, \ - SEC_ERROR_OCSP_INVALID_SIGNING_CERT) \ - MOZILLA_PKIX_MAP(ERROR_OCSP_MALFORMED_REQUEST, 25, \ - SEC_ERROR_OCSP_MALFORMED_REQUEST) \ - MOZILLA_PKIX_MAP(ERROR_OCSP_MALFORMED_RESPONSE, 26, \ - SEC_ERROR_OCSP_MALFORMED_RESPONSE) \ - MOZILLA_PKIX_MAP(ERROR_OCSP_OLD_RESPONSE, 27, \ - SEC_ERROR_OCSP_OLD_RESPONSE) \ - MOZILLA_PKIX_MAP(ERROR_OCSP_REQUEST_NEEDS_SIG, 28, \ - SEC_ERROR_OCSP_REQUEST_NEEDS_SIG) \ - MOZILLA_PKIX_MAP(ERROR_OCSP_RESPONDER_CERT_INVALID, 29, \ - SEC_ERROR_OCSP_RESPONDER_CERT_INVALID) \ - MOZILLA_PKIX_MAP(ERROR_OCSP_SERVER_ERROR, 30, \ - SEC_ERROR_OCSP_SERVER_ERROR) \ - MOZILLA_PKIX_MAP(ERROR_OCSP_TRY_SERVER_LATER, 31, \ - SEC_ERROR_OCSP_TRY_SERVER_LATER) \ - MOZILLA_PKIX_MAP(ERROR_OCSP_UNAUTHORIZED_REQUEST, 32, \ - SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST) \ - MOZILLA_PKIX_MAP(ERROR_OCSP_UNKNOWN_RESPONSE_STATUS, 33, \ - SEC_ERROR_OCSP_UNKNOWN_RESPONSE_STATUS) \ - MOZILLA_PKIX_MAP(ERROR_OCSP_UNKNOWN_CERT, 34, \ - SEC_ERROR_OCSP_UNKNOWN_CERT) \ - MOZILLA_PKIX_MAP(ERROR_OCSP_FUTURE_RESPONSE, 35, \ - SEC_ERROR_OCSP_FUTURE_RESPONSE) \ - MOZILLA_PKIX_MAP(ERROR_INVALID_KEY, 36, \ - SEC_ERROR_INVALID_KEY) \ - MOZILLA_PKIX_MAP(ERROR_UNSUPPORTED_KEYALG, 37, \ - SEC_ERROR_UNSUPPORTED_KEYALG) \ - MOZILLA_PKIX_MAP(ERROR_EXPIRED_ISSUER_CERTIFICATE, 38, \ - SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE) \ - MOZILLA_PKIX_MAP(ERROR_CA_CERT_USED_AS_END_ENTITY, 39, \ - MOZILLA_PKIX_ERROR_CA_CERT_USED_AS_END_ENTITY) \ - MOZILLA_PKIX_MAP(ERROR_INADEQUATE_KEY_SIZE, 40, \ - MOZILLA_PKIX_ERROR_INADEQUATE_KEY_SIZE) \ - MOZILLA_PKIX_MAP(ERROR_V1_CERT_USED_AS_CA, 41, \ - MOZILLA_PKIX_ERROR_V1_CERT_USED_AS_CA) \ - MOZILLA_PKIX_MAP(ERROR_BAD_CERT_DOMAIN, 42, \ - SSL_ERROR_BAD_CERT_DOMAIN) \ - MOZILLA_PKIX_MAP(ERROR_NO_RFC822NAME_MATCH, 43, \ - MOZILLA_PKIX_ERROR_NO_RFC822NAME_MATCH) \ - MOZILLA_PKIX_MAP(ERROR_UNSUPPORTED_ELLIPTIC_CURVE, 44, \ - SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE) \ - MOZILLA_PKIX_MAP(ERROR_NOT_YET_VALID_CERTIFICATE, 45, \ - MOZILLA_PKIX_ERROR_NOT_YET_VALID_CERTIFICATE) \ - MOZILLA_PKIX_MAP(ERROR_NOT_YET_VALID_ISSUER_CERTIFICATE, 46, \ - MOZILLA_PKIX_ERROR_NOT_YET_VALID_ISSUER_CERTIFICATE) \ - MOZILLA_PKIX_MAP(ERROR_UNSUPPORTED_EC_POINT_FORM, 47, \ - SEC_ERROR_UNSUPPORTED_EC_POINT_FORM) \ - MOZILLA_PKIX_MAP(ERROR_SIGNATURE_ALGORITHM_MISMATCH, 48, \ - MOZILLA_PKIX_ERROR_SIGNATURE_ALGORITHM_MISMATCH) \ - MOZILLA_PKIX_MAP(ERROR_OCSP_RESPONSE_FOR_CERT_MISSING, 49, \ - MOZILLA_PKIX_ERROR_OCSP_RESPONSE_FOR_CERT_MISSING) \ - MOZILLA_PKIX_MAP(ERROR_VALIDITY_TOO_LONG, 50, \ - MOZILLA_PKIX_ERROR_VALIDITY_TOO_LONG) \ - MOZILLA_PKIX_MAP(ERROR_REQUIRED_TLS_FEATURE_MISSING, 51, \ - MOZILLA_PKIX_ERROR_REQUIRED_TLS_FEATURE_MISSING) \ - MOZILLA_PKIX_MAP(ERROR_INVALID_INTEGER_ENCODING, 52, \ - MOZILLA_PKIX_ERROR_INVALID_INTEGER_ENCODING) \ - MOZILLA_PKIX_MAP(ERROR_EMPTY_ISSUER_NAME, 53, \ - MOZILLA_PKIX_ERROR_EMPTY_ISSUER_NAME) \ - MOZILLA_PKIX_MAP(ERROR_ADDITIONAL_POLICY_CONSTRAINT_FAILED, 54, \ - MOZILLA_PKIX_ERROR_ADDITIONAL_POLICY_CONSTRAINT_FAILED) \ - MOZILLA_PKIX_MAP(ERROR_SELF_SIGNED_CERT, 55, \ - MOZILLA_PKIX_ERROR_SELF_SIGNED_CERT) \ - MOZILLA_PKIX_MAP(ERROR_MITM_DETECTED, 56, \ - MOZILLA_PKIX_ERROR_MITM_DETECTED) \ - MOZILLA_PKIX_MAP(FATAL_ERROR_INVALID_ARGS, FATAL_ERROR_FLAG | 1, \ - SEC_ERROR_INVALID_ARGS) \ - MOZILLA_PKIX_MAP(FATAL_ERROR_INVALID_STATE, FATAL_ERROR_FLAG | 2, \ - PR_INVALID_STATE_ERROR) \ - MOZILLA_PKIX_MAP(FATAL_ERROR_LIBRARY_FAILURE, FATAL_ERROR_FLAG | 3, \ - SEC_ERROR_LIBRARY_FAILURE) \ - MOZILLA_PKIX_MAP(FATAL_ERROR_NO_MEMORY, FATAL_ERROR_FLAG | 4, \ - SEC_ERROR_NO_MEMORY) \ - /* nothing here */ +#define MOZILLA_PKIX_MAP_LIST \ + MOZILLA_PKIX_MAP(Success, 0, 0) \ + MOZILLA_PKIX_MAP(ERROR_BAD_DER, 1, SEC_ERROR_BAD_DER) \ + MOZILLA_PKIX_MAP(ERROR_CA_CERT_INVALID, 2, SEC_ERROR_CA_CERT_INVALID) \ + MOZILLA_PKIX_MAP(ERROR_BAD_SIGNATURE, 3, SEC_ERROR_BAD_SIGNATURE) \ + MOZILLA_PKIX_MAP(ERROR_CERT_BAD_ACCESS_LOCATION, 4, \ + SEC_ERROR_CERT_BAD_ACCESS_LOCATION) \ + MOZILLA_PKIX_MAP(ERROR_CERT_NOT_IN_NAME_SPACE, 5, \ + SEC_ERROR_CERT_NOT_IN_NAME_SPACE) \ + MOZILLA_PKIX_MAP(ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED, 6, \ + SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED) \ + MOZILLA_PKIX_MAP(ERROR_CONNECT_REFUSED, 7, PR_CONNECT_REFUSED_ERROR) \ + MOZILLA_PKIX_MAP(ERROR_EXPIRED_CERTIFICATE, 8, \ + SEC_ERROR_EXPIRED_CERTIFICATE) \ + MOZILLA_PKIX_MAP(ERROR_EXTENSION_VALUE_INVALID, 9, \ + SEC_ERROR_EXTENSION_VALUE_INVALID) \ + MOZILLA_PKIX_MAP(ERROR_INADEQUATE_CERT_TYPE, 10, \ + SEC_ERROR_INADEQUATE_CERT_TYPE) \ + MOZILLA_PKIX_MAP(ERROR_INADEQUATE_KEY_USAGE, 11, \ + SEC_ERROR_INADEQUATE_KEY_USAGE) \ + MOZILLA_PKIX_MAP(ERROR_INVALID_ALGORITHM, 12, SEC_ERROR_INVALID_ALGORITHM) \ + MOZILLA_PKIX_MAP(ERROR_INVALID_DER_TIME, 13, SEC_ERROR_INVALID_TIME) \ + MOZILLA_PKIX_MAP(ERROR_KEY_PINNING_FAILURE, 14, \ + MOZILLA_PKIX_ERROR_KEY_PINNING_FAILURE) \ + MOZILLA_PKIX_MAP(ERROR_PATH_LEN_CONSTRAINT_INVALID, 15, \ + SEC_ERROR_PATH_LEN_CONSTRAINT_INVALID) \ + MOZILLA_PKIX_MAP(ERROR_POLICY_VALIDATION_FAILED, 16, \ + SEC_ERROR_POLICY_VALIDATION_FAILED) \ + MOZILLA_PKIX_MAP(ERROR_REVOKED_CERTIFICATE, 17, \ + SEC_ERROR_REVOKED_CERTIFICATE) \ + MOZILLA_PKIX_MAP(ERROR_UNKNOWN_CRITICAL_EXTENSION, 18, \ + SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION) \ + MOZILLA_PKIX_MAP(ERROR_UNKNOWN_ERROR, 19, PR_UNKNOWN_ERROR) \ + MOZILLA_PKIX_MAP(ERROR_UNKNOWN_ISSUER, 20, SEC_ERROR_UNKNOWN_ISSUER) \ + MOZILLA_PKIX_MAP(ERROR_UNTRUSTED_CERT, 21, SEC_ERROR_UNTRUSTED_CERT) \ + MOZILLA_PKIX_MAP(ERROR_UNTRUSTED_ISSUER, 22, SEC_ERROR_UNTRUSTED_ISSUER) \ + MOZILLA_PKIX_MAP(ERROR_OCSP_BAD_SIGNATURE, 23, SEC_ERROR_OCSP_BAD_SIGNATURE) \ + MOZILLA_PKIX_MAP(ERROR_OCSP_INVALID_SIGNING_CERT, 24, \ + SEC_ERROR_OCSP_INVALID_SIGNING_CERT) \ + MOZILLA_PKIX_MAP(ERROR_OCSP_MALFORMED_REQUEST, 25, \ + SEC_ERROR_OCSP_MALFORMED_REQUEST) \ + MOZILLA_PKIX_MAP(ERROR_OCSP_MALFORMED_RESPONSE, 26, \ + SEC_ERROR_OCSP_MALFORMED_RESPONSE) \ + MOZILLA_PKIX_MAP(ERROR_OCSP_OLD_RESPONSE, 27, SEC_ERROR_OCSP_OLD_RESPONSE) \ + MOZILLA_PKIX_MAP(ERROR_OCSP_REQUEST_NEEDS_SIG, 28, \ + SEC_ERROR_OCSP_REQUEST_NEEDS_SIG) \ + MOZILLA_PKIX_MAP(ERROR_OCSP_RESPONDER_CERT_INVALID, 29, \ + SEC_ERROR_OCSP_RESPONDER_CERT_INVALID) \ + MOZILLA_PKIX_MAP(ERROR_OCSP_SERVER_ERROR, 30, SEC_ERROR_OCSP_SERVER_ERROR) \ + MOZILLA_PKIX_MAP(ERROR_OCSP_TRY_SERVER_LATER, 31, \ + SEC_ERROR_OCSP_TRY_SERVER_LATER) \ + MOZILLA_PKIX_MAP(ERROR_OCSP_UNAUTHORIZED_REQUEST, 32, \ + SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST) \ + MOZILLA_PKIX_MAP(ERROR_OCSP_UNKNOWN_RESPONSE_STATUS, 33, \ + SEC_ERROR_OCSP_UNKNOWN_RESPONSE_STATUS) \ + MOZILLA_PKIX_MAP(ERROR_OCSP_UNKNOWN_CERT, 34, SEC_ERROR_OCSP_UNKNOWN_CERT) \ + MOZILLA_PKIX_MAP(ERROR_OCSP_FUTURE_RESPONSE, 35, \ + SEC_ERROR_OCSP_FUTURE_RESPONSE) \ + MOZILLA_PKIX_MAP(ERROR_INVALID_KEY, 36, SEC_ERROR_INVALID_KEY) \ + MOZILLA_PKIX_MAP(ERROR_UNSUPPORTED_KEYALG, 37, SEC_ERROR_UNSUPPORTED_KEYALG) \ + MOZILLA_PKIX_MAP(ERROR_EXPIRED_ISSUER_CERTIFICATE, 38, \ + SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE) \ + MOZILLA_PKIX_MAP(ERROR_CA_CERT_USED_AS_END_ENTITY, 39, \ + MOZILLA_PKIX_ERROR_CA_CERT_USED_AS_END_ENTITY) \ + MOZILLA_PKIX_MAP(ERROR_INADEQUATE_KEY_SIZE, 40, \ + MOZILLA_PKIX_ERROR_INADEQUATE_KEY_SIZE) \ + MOZILLA_PKIX_MAP(ERROR_V1_CERT_USED_AS_CA, 41, \ + MOZILLA_PKIX_ERROR_V1_CERT_USED_AS_CA) \ + MOZILLA_PKIX_MAP(ERROR_BAD_CERT_DOMAIN, 42, SSL_ERROR_BAD_CERT_DOMAIN) \ + MOZILLA_PKIX_MAP(ERROR_NO_RFC822NAME_MATCH, 43, \ + MOZILLA_PKIX_ERROR_NO_RFC822NAME_MATCH) \ + MOZILLA_PKIX_MAP(ERROR_UNSUPPORTED_ELLIPTIC_CURVE, 44, \ + SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE) \ + MOZILLA_PKIX_MAP(ERROR_NOT_YET_VALID_CERTIFICATE, 45, \ + MOZILLA_PKIX_ERROR_NOT_YET_VALID_CERTIFICATE) \ + MOZILLA_PKIX_MAP(ERROR_NOT_YET_VALID_ISSUER_CERTIFICATE, 46, \ + MOZILLA_PKIX_ERROR_NOT_YET_VALID_ISSUER_CERTIFICATE) \ + MOZILLA_PKIX_MAP(ERROR_UNSUPPORTED_EC_POINT_FORM, 47, \ + SEC_ERROR_UNSUPPORTED_EC_POINT_FORM) \ + MOZILLA_PKIX_MAP(ERROR_SIGNATURE_ALGORITHM_MISMATCH, 48, \ + MOZILLA_PKIX_ERROR_SIGNATURE_ALGORITHM_MISMATCH) \ + MOZILLA_PKIX_MAP(ERROR_OCSP_RESPONSE_FOR_CERT_MISSING, 49, \ + MOZILLA_PKIX_ERROR_OCSP_RESPONSE_FOR_CERT_MISSING) \ + MOZILLA_PKIX_MAP(ERROR_VALIDITY_TOO_LONG, 50, \ + MOZILLA_PKIX_ERROR_VALIDITY_TOO_LONG) \ + MOZILLA_PKIX_MAP(ERROR_REQUIRED_TLS_FEATURE_MISSING, 51, \ + MOZILLA_PKIX_ERROR_REQUIRED_TLS_FEATURE_MISSING) \ + MOZILLA_PKIX_MAP(ERROR_INVALID_INTEGER_ENCODING, 52, \ + MOZILLA_PKIX_ERROR_INVALID_INTEGER_ENCODING) \ + MOZILLA_PKIX_MAP(ERROR_EMPTY_ISSUER_NAME, 53, \ + MOZILLA_PKIX_ERROR_EMPTY_ISSUER_NAME) \ + MOZILLA_PKIX_MAP(ERROR_ADDITIONAL_POLICY_CONSTRAINT_FAILED, 54, \ + MOZILLA_PKIX_ERROR_ADDITIONAL_POLICY_CONSTRAINT_FAILED) \ + MOZILLA_PKIX_MAP(ERROR_SELF_SIGNED_CERT, 55, \ + MOZILLA_PKIX_ERROR_SELF_SIGNED_CERT) \ + MOZILLA_PKIX_MAP(ERROR_MITM_DETECTED, 56, MOZILLA_PKIX_ERROR_MITM_DETECTED) \ + MOZILLA_PKIX_MAP(FATAL_ERROR_INVALID_ARGS, FATAL_ERROR_FLAG | 1, \ + SEC_ERROR_INVALID_ARGS) \ + MOZILLA_PKIX_MAP(FATAL_ERROR_INVALID_STATE, FATAL_ERROR_FLAG | 2, \ + PR_INVALID_STATE_ERROR) \ + MOZILLA_PKIX_MAP(FATAL_ERROR_LIBRARY_FAILURE, FATAL_ERROR_FLAG | 3, \ + SEC_ERROR_LIBRARY_FAILURE) \ + MOZILLA_PKIX_MAP(FATAL_ERROR_NO_MEMORY, FATAL_ERROR_FLAG | 4, \ + SEC_ERROR_NO_MEMORY) \ +/* nothing here */ -enum class Result -{ +enum class Result { #define MOZILLA_PKIX_MAP(name, value, nss_name) name = value, MOZILLA_PKIX_MAP_LIST #undef MOZILLA_PKIX_MAP @@ -223,19 +205,15 @@ const char* MapResultToName(Result result); // results in less line wrapping. static const Result Success = Result::Success; -inline bool -IsFatalError(Result rv) -{ +inline bool IsFatalError(Result rv) { return (static_cast(rv) & FATAL_ERROR_FLAG) != 0; } -inline Result -NotReached(const char* /*explanation*/, Result result) -{ +inline Result NotReached(const char* /*explanation*/, Result result) { assert(false); return result; } +} +} // namespace mozilla::pkix -} } // namespace mozilla::pkix - -#endif // mozilla_pkix_Result_h +#endif // mozilla_pkix_Result_h diff --git a/lib/mozpkix/include/pkix/Time.h b/lib/mozpkix/include/pkix/Time.h index d3f7378ad0..8aea5479bf 100644 --- a/lib/mozpkix/include/pkix/Time.h +++ b/lib/mozpkix/include/pkix/Time.h @@ -25,22 +25,22 @@ #ifndef mozilla_pkix_Time_h #define mozilla_pkix_Time_h +#include #include #include -#include #include "mozpkix/Result.h" -namespace mozilla { namespace pkix { +namespace mozilla { +namespace pkix { // Time with a range from the first second of year 0 (AD) through at least the // last second of year 9999, which is the range of legal times in X.509 and // OCSP. This type has second-level precision. The time zone is always UTC. // // Pass by value, not by reference. -class Time final -{ -public: +class Time final { + public: // Construct an uninitialized instance. // // This will fail to compile because there is no default constructor: @@ -49,52 +49,44 @@ class Time final // This will succeed, leaving the time uninitialized: // Time x(Time::uninitialized); enum Uninitialized { uninitialized }; - explicit Time(Uninitialized) { } + explicit Time(Uninitialized) {} - bool operator==(const Time& other) const - { + bool operator==(const Time& other) const { return elapsedSecondsAD == other.elapsedSecondsAD; } - bool operator>(const Time& other) const - { + bool operator>(const Time& other) const { return elapsedSecondsAD > other.elapsedSecondsAD; } - bool operator>=(const Time& other) const - { + bool operator>=(const Time& other) const { return elapsedSecondsAD >= other.elapsedSecondsAD; } - bool operator<(const Time& other) const - { + bool operator<(const Time& other) const { return elapsedSecondsAD < other.elapsedSecondsAD; } - bool operator<=(const Time& other) const - { + bool operator<=(const Time& other) const { return elapsedSecondsAD <= other.elapsedSecondsAD; } - Result AddSeconds(uint64_t seconds) - { - if (std::numeric_limits::max() - elapsedSecondsAD - < seconds) { - return Result::FATAL_ERROR_INVALID_ARGS; // integer overflow + Result AddSeconds(uint64_t seconds) { + if (std::numeric_limits::max() - elapsedSecondsAD < seconds) { + return Result::FATAL_ERROR_INVALID_ARGS; // integer overflow } elapsedSecondsAD += seconds; return Success; } - Result SubtractSeconds(uint64_t seconds) - { + Result SubtractSeconds(uint64_t seconds) { if (seconds > elapsedSecondsAD) { - return Result::FATAL_ERROR_INVALID_ARGS; // integer overflow + return Result::FATAL_ERROR_INVALID_ARGS; // integer overflow } elapsedSecondsAD -= seconds; return Success; } - static const uint64_t ONE_DAY_IN_SECONDS - = UINT64_C(24) * UINT64_C(60) * UINT64_C(60); + static const uint64_t ONE_DAY_IN_SECONDS = + UINT64_C(24) * UINT64_C(60) * UINT64_C(60); -private: + private: // This constructor is hidden to prevent accidents like this: // // Time foo(time_t t) @@ -103,17 +95,14 @@ class Time final // return Time(t); // } explicit Time(uint64_t aElapsedSecondsAD) - : elapsedSecondsAD(aElapsedSecondsAD) - { - } + : elapsedSecondsAD(aElapsedSecondsAD) {} friend Time TimeFromElapsedSecondsAD(uint64_t); friend class Duration; uint64_t elapsedSecondsAD; }; -inline Time TimeFromElapsedSecondsAD(uint64_t aElapsedSecondsAD) -{ +inline Time TimeFromElapsedSecondsAD(uint64_t aElapsedSecondsAD) { return Time(aElapsedSecondsAD); } @@ -122,34 +111,27 @@ Time Now(); // Note the epoch is the unix epoch (ie 00:00:00 UTC, 1 January 1970) Time TimeFromEpochInSeconds(uint64_t secondsSinceEpoch); -class Duration final -{ -public: +class Duration final { + public: Duration(Time timeA, Time timeB) - : durationInSeconds(timeA < timeB - ? timeB.elapsedSecondsAD - timeA.elapsedSecondsAD - : timeA.elapsedSecondsAD - timeB.elapsedSecondsAD) - { - } + : durationInSeconds( + timeA < timeB ? timeB.elapsedSecondsAD - timeA.elapsedSecondsAD + : timeA.elapsedSecondsAD - timeB.elapsedSecondsAD) {} explicit Duration(uint64_t aDurationInSeconds) - : durationInSeconds(aDurationInSeconds) - { - } + : durationInSeconds(aDurationInSeconds) {} - bool operator>(const Duration& other) const - { + bool operator>(const Duration& other) const { return durationInSeconds > other.durationInSeconds; } - bool operator<(const Duration& other) const - { + bool operator<(const Duration& other) const { return durationInSeconds < other.durationInSeconds; } -private: + private: uint64_t durationInSeconds; }; +} +} // namespace mozilla::pkix -} } // namespace mozilla::pkix - -#endif // mozilla_pkix_Time_h +#endif // mozilla_pkix_Time_h diff --git a/lib/mozpkix/include/pkix/pkix.h b/lib/mozpkix/include/pkix/pkix.h index 42ba26b931..1cd6548e48 100644 --- a/lib/mozpkix/include/pkix/pkix.h +++ b/lib/mozpkix/include/pkix/pkix.h @@ -27,7 +27,8 @@ #include "mozpkix/pkixtypes.h" -namespace mozilla { namespace pkix { +namespace mozilla { +namespace pkix { // ---------------------------------------------------------------------------- // LIMITED SUPPORT FOR CERTIFICATE POLICIES @@ -103,8 +104,8 @@ namespace mozilla { namespace pkix { // requiredPolicy: // This is the policy to apply; typically included in EV certificates. // If there is no policy, pass in CertPolicyId::anyPolicy. -Result BuildCertChain(TrustDomain& trustDomain, Input cert, - Time time, EndEntityOrCA endEntityOrCA, +Result BuildCertChain(TrustDomain& trustDomain, Input cert, Time time, + EndEntityOrCA endEntityOrCA, KeyUsage requiredKeyUsageIfPresent, KeyPurposeId requiredEKUIfPresent, const CertPolicyId& requiredPolicy, @@ -122,8 +123,7 @@ Result CheckCertHostname(Input cert, Input hostname, // Construct an RFC-6960-encoded OCSP request, ready for submission to a // responder, for the provided CertID. The request has no extensions. static const size_t OCSP_REQUEST_MAX_LENGTH = 127; -Result CreateEncodedOCSPRequest(TrustDomain& trustDomain, - const CertID& certID, +Result CreateEncodedOCSPRequest(TrustDomain& trustDomain, const CertID& certID, /*out*/ uint8_t (&out)[OCSP_REQUEST_MAX_LENGTH], /*out*/ size_t& outLen); @@ -140,13 +140,12 @@ Result CreateEncodedOCSPRequest(TrustDomain& trustDomain, // which the encoded response is considered trustworthy (that is, as long as // the given time at which to validate is less than or equal to validThrough, // the response will be considered trustworthy). -Result VerifyEncodedOCSPResponse(TrustDomain& trustDomain, - const CertID& certID, Time time, - uint16_t maxLifetimeInDays, - Input encodedResponse, - /* out */ bool& expired, - /* optional out */ Time* thisUpdate = nullptr, - /* optional out */ Time* validThrough = nullptr); +Result VerifyEncodedOCSPResponse( + TrustDomain& trustDomain, const CertID& certID, Time time, + uint16_t maxLifetimeInDays, Input encodedResponse, + /* out */ bool& expired, + /* optional out */ Time* thisUpdate = nullptr, + /* optional out */ Time* validThrough = nullptr); // Check that the TLSFeature extensions in a given end-entity cert (which is // assumed to have been already validated with BuildCertChain) are satisfied. @@ -155,7 +154,7 @@ Result VerifyEncodedOCSPResponse(TrustDomain& trustDomain, // requirement for another value. Empty extensions are also rejected. Result CheckTLSFeaturesAreSatisfied(Input& cert, const Input* stapledOCSPResponse); +} +} // namespace mozilla::pkix -} } // namespace mozilla::pkix - -#endif // mozilla_pkix_pkix_h +#endif // mozilla_pkix_pkix_h diff --git a/lib/mozpkix/include/pkix/pkixcheck.h b/lib/mozpkix/include/pkix/pkixcheck.h index 5b47c7cdab..e04780e572 100644 --- a/lib/mozpkix/include/pkix/pkixcheck.h +++ b/lib/mozpkix/include/pkix/pkixcheck.h @@ -27,19 +27,18 @@ #include "mozpkix/pkixtypes.h" -namespace mozilla { namespace pkix { +namespace mozilla { +namespace pkix { class BackCert; -Result CheckIssuerIndependentProperties( - TrustDomain& trustDomain, - const BackCert& cert, - Time time, - KeyUsage requiredKeyUsageIfPresent, - KeyPurposeId requiredEKUIfPresent, - const CertPolicyId& requiredPolicy, - unsigned int subCACount, - /*out*/ TrustLevel& trustLevel); +Result CheckIssuerIndependentProperties(TrustDomain& trustDomain, + const BackCert& cert, Time time, + KeyUsage requiredKeyUsageIfPresent, + KeyPurposeId requiredEKUIfPresent, + const CertPolicyId& requiredPolicy, + unsigned int subCACount, + /*out*/ TrustLevel& trustLevel); Result CheckNameConstraints(Input encodedNameConstraints, const BackCert& firstChild, @@ -60,7 +59,7 @@ Result CheckValidity(Time time, Time notBefore, Time notAfter); // Check that a subject has TLS Feature (rfc7633) requirements that match its // potential issuer Result CheckTLSFeatures(const BackCert& subject, BackCert& potentialIssuer); +} +} // namespace mozilla::pkix -} } // namespace mozilla::pkix - -#endif // mozilla_pkix_pkixcheck_h +#endif // mozilla_pkix_pkixcheck_h diff --git a/lib/mozpkix/include/pkix/pkixder.h b/lib/mozpkix/include/pkix/pkixder.h index 0c9e8670ad..3aae0ecf69 100644 --- a/lib/mozpkix/include/pkix/pkixder.h +++ b/lib/mozpkix/include/pkix/pkixder.h @@ -40,23 +40,20 @@ #include "mozpkix/Input.h" #include "mozpkix/pkixtypes.h" -namespace mozilla { namespace pkix { namespace der { - -enum Class : uint8_t -{ - UNIVERSAL = 0 << 6, -// APPLICATION = 1 << 6, // unused - CONTEXT_SPECIFIC = 2 << 6, -// PRIVATE = 3 << 6 // unused +namespace mozilla { +namespace pkix { +namespace der { + +enum Class : uint8_t { + UNIVERSAL = 0 << 6, + // APPLICATION = 1 << 6, // unused + CONTEXT_SPECIFIC = 2 << 6, + // PRIVATE = 3 << 6 // unused }; -enum Constructed -{ - CONSTRUCTED = 1 << 5 -}; +enum Constructed { CONSTRUCTED = 1 << 5 }; -enum Tag : uint8_t -{ +enum Tag : uint8_t { BOOLEAN = UNIVERSAL | 0x01, INTEGER = UNIVERSAL | 0x02, BIT_STRING = UNIVERSAL | 0x03, @@ -65,8 +62,8 @@ enum Tag : uint8_t OIDTag = UNIVERSAL | 0x06, ENUMERATED = UNIVERSAL | 0x0a, UTF8String = UNIVERSAL | 0x0c, - SEQUENCE = UNIVERSAL | CONSTRUCTED | 0x10, // 0x30 - SET = UNIVERSAL | CONSTRUCTED | 0x11, // 0x31 + SEQUENCE = UNIVERSAL | CONSTRUCTED | 0x10, // 0x30 + SET = UNIVERSAL | CONSTRUCTED | 0x11, // 0x31 PrintableString = UNIVERSAL | 0x13, TeletexString = UNIVERSAL | 0x14, IA5String = UNIVERSAL | 0x16, @@ -80,9 +77,8 @@ Result ReadTagAndGetValue(Reader& input, /*out*/ uint8_t& tag, /*out*/ Input& value); Result End(Reader& input); -inline Result -ExpectTagAndGetValue(Reader& input, uint8_t tag, /*out*/ Input& value) -{ +inline Result ExpectTagAndGetValue(Reader& input, uint8_t tag, + /*out*/ Input& value) { uint8_t actualTag; Result rv = ReadTagAndGetValue(input, actualTag, value); if (rv != Success) { @@ -94,9 +90,8 @@ ExpectTagAndGetValue(Reader& input, uint8_t tag, /*out*/ Input& value) return Success; } -inline Result -ExpectTagAndGetValue(Reader& input, uint8_t tag, /*out*/ Reader& value) -{ +inline Result ExpectTagAndGetValue(Reader& input, uint8_t tag, + /*out*/ Reader& value) { Input valueInput; Result rv = ExpectTagAndGetValue(input, tag, valueInput); if (rv != Success) { @@ -105,9 +100,7 @@ ExpectTagAndGetValue(Reader& input, uint8_t tag, /*out*/ Reader& value) return value.Init(valueInput); } -inline Result -ExpectTagAndEmptyValue(Reader& input, uint8_t tag) -{ +inline Result ExpectTagAndEmptyValue(Reader& input, uint8_t tag) { Reader value; Result rv = ExpectTagAndGetValue(input, tag, value); if (rv != Success) { @@ -116,18 +109,15 @@ ExpectTagAndEmptyValue(Reader& input, uint8_t tag) return End(value); } -inline Result -ExpectTagAndSkipValue(Reader& input, uint8_t tag) -{ +inline Result ExpectTagAndSkipValue(Reader& input, uint8_t tag) { Input ignoredValue; return ExpectTagAndGetValue(input, tag, ignoredValue); } // Like ExpectTagAndGetValue, except the output Input will contain the // encoded tag and length along with the value. -inline Result -ExpectTagAndGetTLV(Reader& input, uint8_t tag, /*out*/ Input& tlv) -{ +inline Result ExpectTagAndGetTLV(Reader& input, uint8_t tag, + /*out*/ Input& tlv) { Reader::Mark mark(input.GetMark()); Result rv = ExpectTagAndSkipValue(input, tag); if (rv != Success) { @@ -136,9 +126,7 @@ ExpectTagAndGetTLV(Reader& input, uint8_t tag, /*out*/ Input& tlv) return input.GetInput(mark, tlv); } -inline Result -End(Reader& input) -{ +inline Result End(Reader& input) { if (!input.AtEnd()) { return Result::ERROR_BAD_DER; } @@ -147,9 +135,7 @@ End(Reader& input) } template -inline Result -Nested(Reader& input, uint8_t tag, Decoder decoder) -{ +inline Result Nested(Reader& input, uint8_t tag, Decoder decoder) { Reader nested; Result rv = ExpectTagAndGetValue(input, tag, nested); if (rv != Success) { @@ -163,9 +149,8 @@ Nested(Reader& input, uint8_t tag, Decoder decoder) } template -inline Result -Nested(Reader& input, uint8_t outerTag, uint8_t innerTag, Decoder decoder) -{ +inline Result Nested(Reader& input, uint8_t outerTag, uint8_t innerTag, + Decoder decoder) { Reader nestedInput; Result rv = ExpectTagAndGetValue(input, outerTag, nestedInput); if (rv != Success) { @@ -206,10 +191,8 @@ Nested(Reader& input, uint8_t outerTag, uint8_t innerTag, Decoder decoder) // foos. // template -inline Result -NestedOf(Reader& input, uint8_t outerTag, uint8_t innerTag, - EmptyAllowed mayBeEmpty, Decoder decoder) -{ +inline Result NestedOf(Reader& input, uint8_t outerTag, uint8_t innerTag, + EmptyAllowed mayBeEmpty, Decoder decoder) { Reader inner; Result rv = ExpectTagAndGetValue(input, outerTag, inner); if (rv != Success) { @@ -237,10 +220,8 @@ NestedOf(Reader& input, uint8_t outerTag, uint8_t innerTag, // DER-encoded data wrapped in a SEQUENCE (or similar) with nothing after it. // This function reduces the boilerplate necessary for stripping the outermost // SEQUENCE (or similar) and ensuring that nothing follows it. -inline Result -ExpectTagAndGetValueAtEnd(Reader& outer, uint8_t expectedTag, - /*out*/ Reader& inner) -{ +inline Result ExpectTagAndGetValueAtEnd(Reader& outer, uint8_t expectedTag, + /*out*/ Reader& inner) { Result rv = der::ExpectTagAndGetValue(outer, expectedTag, inner); if (rv != Success) { return rv; @@ -249,10 +230,8 @@ ExpectTagAndGetValueAtEnd(Reader& outer, uint8_t expectedTag, } // Similar to the above, but takes an Input instead of a Reader&. -inline Result -ExpectTagAndGetValueAtEnd(Input outer, uint8_t expectedTag, - /*out*/ Reader& inner) -{ +inline Result ExpectTagAndGetValueAtEnd(Input outer, uint8_t expectedTag, + /*out*/ Reader& inner) { Reader outerReader(outer); return ExpectTagAndGetValueAtEnd(outerReader, expectedTag, inner); } @@ -261,30 +240,26 @@ ExpectTagAndGetValueAtEnd(Input outer, uint8_t expectedTag, namespace internal { -enum class IntegralValueRestriction -{ +enum class IntegralValueRestriction { NoRestriction, MustBePositive, MustBe0To127, }; -Result IntegralBytes(Reader& input, uint8_t tag, - IntegralValueRestriction valueRestriction, - /*out*/ Input& value, +Result IntegralBytes( + Reader& input, uint8_t tag, IntegralValueRestriction valueRestriction, + /*out*/ Input& value, /*optional out*/ Input::size_type* significantBytes = nullptr); // This parser will only parse values between 0..127. If this range is // increased then callers will need to be changed. Result IntegralValue(Reader& input, uint8_t tag, /*out*/ uint8_t& value); -} // namespace internal +} // namespace internal -Result -BitStringWithNoUnusedBits(Reader& input, /*out*/ Input& value); +Result BitStringWithNoUnusedBits(Reader& input, /*out*/ Input& value); -inline Result -Boolean(Reader& input, /*out*/ bool& value) -{ +inline Result Boolean(Reader& input, /*out*/ bool& value) { Reader valueReader; Result rv = ExpectTagAndGetValue(input, BOOLEAN, valueReader); if (rv != Success) { @@ -301,8 +276,12 @@ Boolean(Reader& input, /*out*/ bool& value) return rv; } switch (intValue) { - case 0: value = false; return Success; - case 0xFF: value = true; return Success; + case 0: + value = false; + return Success; + case 0xFF: + value = true; + return Success; default: return Result::ERROR_BAD_DER; } @@ -314,9 +293,7 @@ Boolean(Reader& input, /*out*/ bool& value) // default value." However, it appears to be common that other libraries // incorrectly include the value of a BOOLEAN even when it's equal to the // default value, so we allow invalid explicit encodings here. -inline Result -OptionalBoolean(Reader& input, /*out*/ bool& value) -{ +inline Result OptionalBoolean(Reader& input, /*out*/ bool& value) { value = false; if (input.Peek(BOOLEAN)) { Result rv = Boolean(input, value); @@ -329,9 +306,7 @@ OptionalBoolean(Reader& input, /*out*/ bool& value) // This parser will only parse values between 0..127. If this range is // increased then callers will need to be changed. -inline Result -Enumerated(Reader& input, uint8_t& value) -{ +inline Result Enumerated(Reader& input, uint8_t& value) { return internal::IntegralValue(input, ENUMERATED | 0, value); } @@ -345,23 +320,19 @@ namespace internal { // time formats that start at 1970. Result TimeChoice(Reader& input, uint8_t tag, /*out*/ Time& time); -} // namespace internal +} // namespace internal // Only times from 1970-01-01-00:00:00 onward are accepted, in order to // eliminate the chance for complications in converting times to traditional // time formats that start at 1970. -inline Result -GeneralizedTime(Reader& input, /*out*/ Time& time) -{ +inline Result GeneralizedTime(Reader& input, /*out*/ Time& time) { return internal::TimeChoice(input, GENERALIZED_TIME, time); } // Only times from 1970-01-01-00:00:00 onward are accepted, in order to // eliminate the chance for complications in converting times to traditional // time formats that start at 1970. -inline Result -TimeChoice(Reader& input, /*out*/ Time& time) -{ +inline Result TimeChoice(Reader& input, /*out*/ Time& time) { uint8_t expectedTag = input.Peek(UTCTime) ? UTCTime : GENERALIZED_TIME; return internal::TimeChoice(input, expectedTag, time); } @@ -370,20 +341,17 @@ TimeChoice(Reader& input, /*out*/ Time& time) // zero are rejected. If significantBytes is not null, then it will be set to // the number of significant bytes in the value (the length of the value, less // the length of any leading padding), which is useful for key size checks. -inline Result -PositiveInteger(Reader& input, /*out*/ Input& value, - /*optional out*/ Input::size_type* significantBytes = nullptr) -{ +inline Result PositiveInteger( + Reader& input, /*out*/ Input& value, + /*optional out*/ Input::size_type* significantBytes = nullptr) { return internal::IntegralBytes( - input, INTEGER, internal::IntegralValueRestriction::MustBePositive, - value, significantBytes); + input, INTEGER, internal::IntegralValueRestriction::MustBePositive, value, + significantBytes); } // This parser will only parse values between 0..127. If this range is // increased then callers will need to be changed. -inline Result -Integer(Reader& input, /*out*/ uint8_t& value) -{ +inline Result Integer(Reader& input, /*out*/ uint8_t& value) { return internal::IntegralValue(input, INTEGER, value); } @@ -391,9 +359,8 @@ Integer(Reader& input, /*out*/ uint8_t& value) // increased then callers will need to be changed. The default value must be // -1; defaultValue is only a parameter to make it clear in the calling code // what the default value is. -inline Result -OptionalInteger(Reader& input, long defaultValue, /*out*/ long& value) -{ +inline Result OptionalInteger(Reader& input, long defaultValue, + /*out*/ long& value) { // If we need to support a different default value in the future, we need to // test that parsedValue != defaultValue. if (defaultValue != -1) { @@ -414,16 +381,12 @@ OptionalInteger(Reader& input, long defaultValue, /*out*/ long& value) return Success; } -inline Result -Null(Reader& input) -{ +inline Result Null(Reader& input) { return ExpectTagAndEmptyValue(input, NULLTag); } template -Result -OID(Reader& input, const uint8_t (&expectedOid)[Len]) -{ +Result OID(Reader& input, const uint8_t (&expectedOid)[Len]) { Reader value; Result rv = ExpectTagAndGetValue(input, OIDTag, value); if (rv != Success) { @@ -437,9 +400,7 @@ OID(Reader& input, const uint8_t (&expectedOid)[Len]) // PKI-specific types -inline Result -CertificateSerialNumber(Reader& input, /*out*/ Input& value) -{ +inline Result CertificateSerialNumber(Reader& input, /*out*/ Input& value) { // http://tools.ietf.org/html/rfc5280#section-4.1.2.2: // // * "The serial number MUST be a positive integer assigned by the CA to @@ -451,8 +412,7 @@ CertificateSerialNumber(Reader& input, /*out*/ Input& value) // that are negative or zero. Certificate users SHOULD be prepared to // gracefully handle such certificates." return internal::IntegralBytes( - input, INTEGER, internal::IntegralValueRestriction::NoRestriction, - value); + input, INTEGER, internal::IntegralValueRestriction::NoRestriction, value); } // x.509 and OCSP both use this same version numbering scheme, though OCSP @@ -466,10 +426,8 @@ enum class Version { v1 = 0, v2 = 1, v3 = 2, v4 = 3, Uninitialized = 255 }; Result OptionalVersion(Reader& input, /*out*/ Version& version); template -inline Result -OptionalExtensions(Reader& input, uint8_t tag, - ExtensionHandler extensionHandler) -{ +inline Result OptionalExtensions(Reader& input, uint8_t tag, + ExtensionHandler extensionHandler) { if (!input.Peek(tag)) { return Success; } @@ -480,59 +438,54 @@ OptionalExtensions(Reader& input, uint8_t tag, // TODO(bug 997994): According to the specification, there should never be // an empty sequence of extensions but we've found OCSP responses that have // that (see bug 991898). - return NestedOf(tagged, SEQUENCE, SEQUENCE, EmptyAllowed::Yes, - [extensionHandler](Reader& extension) -> Result { - // Extension ::= SEQUENCE { - // extnID OBJECT IDENTIFIER, - // critical BOOLEAN DEFAULT FALSE, - // extnValue OCTET STRING - // } - Reader extnID; - Result rv = ExpectTagAndGetValue(extension, OIDTag, extnID); - if (rv != Success) { - return rv; - } - bool critical; - rv = OptionalBoolean(extension, critical); - if (rv != Success) { - return rv; - } - Input extnValue; - rv = ExpectTagAndGetValue(extension, OCTET_STRING, extnValue); - if (rv != Success) { - return rv; - } - bool understood = false; - rv = extensionHandler(extnID, extnValue, critical, understood); - if (rv != Success) { - return rv; - } - if (critical && !understood) { - return Result::ERROR_UNKNOWN_CRITICAL_EXTENSION; - } - return Success; - }); + return NestedOf( + tagged, SEQUENCE, SEQUENCE, EmptyAllowed::Yes, + [extensionHandler](Reader& extension) -> Result { + // Extension ::= SEQUENCE { + // extnID OBJECT IDENTIFIER, + // critical BOOLEAN DEFAULT FALSE, + // extnValue OCTET STRING + // } + Reader extnID; + Result rv = ExpectTagAndGetValue(extension, OIDTag, extnID); + if (rv != Success) { + return rv; + } + bool critical; + rv = OptionalBoolean(extension, critical); + if (rv != Success) { + return rv; + } + Input extnValue; + rv = ExpectTagAndGetValue(extension, OCTET_STRING, extnValue); + if (rv != Success) { + return rv; + } + bool understood = false; + rv = extensionHandler(extnID, extnValue, critical, understood); + if (rv != Success) { + return rv; + } + if (critical && !understood) { + return Result::ERROR_UNKNOWN_CRITICAL_EXTENSION; + } + return Success; + }); }); } Result DigestAlgorithmIdentifier(Reader& input, /*out*/ DigestAlgorithm& algorithm); -enum class PublicKeyAlgorithm -{ - RSA_PKCS1, - ECDSA, - Uninitialized -}; +enum class PublicKeyAlgorithm { RSA_PKCS1, ECDSA, Uninitialized }; Result SignatureAlgorithmIdentifierValue( - Reader& input, - /*out*/ PublicKeyAlgorithm& publicKeyAlgorithm, - /*out*/ DigestAlgorithm& digestAlgorithm); + Reader& input, + /*out*/ PublicKeyAlgorithm& publicKeyAlgorithm, + /*out*/ DigestAlgorithm& digestAlgorithm); -struct SignedDataWithSignature final -{ -public: +struct SignedDataWithSignature final { + public: Input data; Input algorithm; Input signature; @@ -560,7 +513,8 @@ struct SignedDataWithSignature final // certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL } Result SignedData(Reader& input, /*out*/ Reader& tbs, /*out*/ SignedDataWithSignature& signedDataWithSignature); +} +} +} // namespace mozilla::pkix::der -} } } // namespace mozilla::pkix::der - -#endif // mozilla_pkix_pkixder_h +#endif // mozilla_pkix_pkixder_h diff --git a/lib/mozpkix/include/pkix/pkixnss.h b/lib/mozpkix/include/pkix/pkixnss.h index 74a9466b59..b181ca541e 100644 --- a/lib/mozpkix/include/pkix/pkixnss.h +++ b/lib/mozpkix/include/pkix/pkixnss.h @@ -29,7 +29,8 @@ #include "mozpkix/pkixtypes.h" #include "prerror.h" -namespace mozilla { namespace pkix { +namespace mozilla { +namespace pkix { // Verifies the PKCS#1.5 signature on the given data using the given RSA public // key. @@ -54,10 +55,8 @@ Result VerifyECDSASignedDigestNSS(const SignedDigest& sd, // TODO: Taking the output buffer as (uint8_t*, size_t) is counter to our // other, extensive, memory safety efforts in mozilla::pkix, and we should find // a way to provide a more-obviously-safe interface. -Result DigestBufNSS(Input item, - DigestAlgorithm digestAlg, - /*out*/ uint8_t* digestBuf, - size_t digestBufLen); +Result DigestBufNSS(Input item, DigestAlgorithm digestAlg, + /*out*/ uint8_t* digestBuf, size_t digestBufLen); Result MapPRErrorCodeToResult(PRErrorCode errorCode); PRErrorCode MapResultToPRErrorCode(Result result); @@ -72,8 +71,7 @@ PRErrorCode MapResultToPRErrorCode(Result result); static const PRErrorCode ERROR_BASE = -0x4000; static const PRErrorCode ERROR_LIMIT = ERROR_BASE + 1000; -enum ErrorCode -{ +enum ErrorCode { MOZILLA_PKIX_ERROR_KEY_PINNING_FAILURE = ERROR_BASE + 0, MOZILLA_PKIX_ERROR_CA_CERT_USED_AS_END_ENTITY = ERROR_BASE + 1, MOZILLA_PKIX_ERROR_INADEQUATE_KEY_SIZE = ERROR_BASE + 2, @@ -95,18 +93,14 @@ enum ErrorCode void RegisterErrorTable(); -inline SECItem UnsafeMapInputToSECItem(Input input) -{ - SECItem result = { - siBuffer, - const_cast(input.UnsafeGetData()), - input.GetLength() - }; +inline SECItem UnsafeMapInputToSECItem(Input input) { + SECItem result = {siBuffer, const_cast(input.UnsafeGetData()), + input.GetLength()}; static_assert(sizeof(decltype(input.GetLength())) <= sizeof(result.len), "input.GetLength() must fit in a SECItem"); return result; } +} +} // namespace mozilla::pkix -} } // namespace mozilla::pkix - -#endif // mozilla_pkix_pkixnss_h +#endif // mozilla_pkix_pkixnss_h diff --git a/lib/mozpkix/include/pkix/pkixtypes.h b/lib/mozpkix/include/pkix/pkixtypes.h index e9929f9a58..6b12edbb10 100644 --- a/lib/mozpkix/include/pkix/pkixtypes.h +++ b/lib/mozpkix/include/pkix/pkixtypes.h @@ -31,18 +31,17 @@ #include "mozpkix/Time.h" #include "stdint.h" -namespace mozilla { namespace pkix { +namespace mozilla { +namespace pkix { -enum class DigestAlgorithm -{ +enum class DigestAlgorithm { sha512 = 1, sha384 = 2, sha256 = 3, sha1 = 4, }; -enum class NamedCurve -{ +enum class NamedCurve { // secp521r1 (OID 1.3.132.0.35, RFC 5480) secp521r1 = 1, @@ -53,8 +52,7 @@ enum class NamedCurve secp256r1 = 3, }; -struct SignedDigest final -{ +struct SignedDigest final { Input digest; DigestAlgorithm digestAlgorithm; Input signature; @@ -64,32 +62,29 @@ struct SignedDigest final enum class EndEntityOrCA { MustBeEndEntity = 0, MustBeCA = 1 }; -enum class KeyUsage : uint8_t -{ +enum class KeyUsage : uint8_t { digitalSignature = 0, - nonRepudiation = 1, - keyEncipherment = 2, + nonRepudiation = 1, + keyEncipherment = 2, dataEncipherment = 3, - keyAgreement = 4, - keyCertSign = 5, + keyAgreement = 4, + keyCertSign = 5, // cRLSign = 6, // encipherOnly = 7, // decipherOnly = 8, noParticularKeyUsageRequired = 0xff, }; -enum class KeyPurposeId -{ +enum class KeyPurposeId { anyExtendedKeyUsage = 0, - id_kp_serverAuth = 1, // id-kp-serverAuth - id_kp_clientAuth = 2, // id-kp-clientAuth - id_kp_codeSigning = 3, // id-kp-codeSigning - id_kp_emailProtection = 4, // id-kp-emailProtection - id_kp_OCSPSigning = 9, // id-kp-OCSPSigning + id_kp_serverAuth = 1, // id-kp-serverAuth + id_kp_clientAuth = 2, // id-kp-clientAuth + id_kp_codeSigning = 3, // id-kp-codeSigning + id_kp_emailProtection = 4, // id-kp-emailProtection + id_kp_OCSPSigning = 9, // id-kp-OCSPSigning }; -struct CertPolicyId final -{ +struct CertPolicyId final { uint16_t numBytes; static const uint16_t MAX_BYTES = 24; uint8_t bytes[MAX_BYTES]; @@ -100,18 +95,16 @@ struct CertPolicyId final static const CertPolicyId anyPolicy; }; -enum class TrustLevel -{ - TrustAnchor = 1, // certificate is a trusted root CA certificate or - // equivalent *for the given policy*. - ActivelyDistrusted = 2, // certificate is known to be bad - InheritsTrust = 3 // certificate must chain to a trust anchor +enum class TrustLevel { + TrustAnchor = 1, // certificate is a trusted root CA certificate or + // equivalent *for the given policy*. + ActivelyDistrusted = 2, // certificate is known to be bad + InheritsTrust = 3 // certificate must chain to a trust anchor }; // Extensions extracted during the verification flow. // See TrustDomain::NoteAuxiliaryExtension. -enum class AuxiliaryExtension -{ +enum class AuxiliaryExtension { // Certificate Transparency data, specifically Signed Certificate // Timestamps (SCTs). See RFC 6962. @@ -134,15 +127,12 @@ enum class AuxiliaryExtension // field from the issuer's certificate. serialNumber is the entire DER-encoded // serial number from the subject certificate (the certificate for which we are // checking the revocation status). -struct CertID final -{ -public: +struct CertID final { + public: CertID(Input aIssuer, Input aIssuerSubjectPublicKeyInfo, Input aSerialNumber) - : issuer(aIssuer) - , issuerSubjectPublicKeyInfo(aIssuerSubjectPublicKeyInfo) - , serialNumber(aSerialNumber) - { - } + : issuer(aIssuer), + issuerSubjectPublicKeyInfo(aIssuerSubjectPublicKeyInfo), + serialNumber(aSerialNumber) {} const Input issuer; const Input issuerSubjectPublicKeyInfo; const Input serialNumber; @@ -151,9 +141,8 @@ struct CertID final }; typedef std::unique_ptr ScopedCertID; -class DERArray -{ -public: +class DERArray { + public: // Returns the number of DER-encoded items in the array. virtual size_t GetLength() const = 0; @@ -161,19 +150,19 @@ class DERArray // (0-indexed). The result is guaranteed to be non-null if i < GetLength(), // and the result is guaranteed to be nullptr if i >= GetLength(). virtual const Input* GetDER(size_t i) const = 0; -protected: - DERArray() { } - virtual ~DERArray() { } + + protected: + DERArray() {} + virtual ~DERArray() {} }; // Applications control the behavior of path building and verification by // implementing the TrustDomain interface. The TrustDomain is used for all // cryptography and for determining which certificates are trusted or // distrusted. -class TrustDomain -{ -public: - virtual ~TrustDomain() { } +class TrustDomain { + public: + virtual ~TrustDomain() {} // Determine the level of trust in the given certificate for the given role. // This will be called for every certificate encountered during path @@ -192,9 +181,8 @@ class TrustDomain Input candidateCertDER, /*out*/ TrustLevel& trustLevel) = 0; - class IssuerChecker - { - public: + class IssuerChecker { + public: // potentialIssuerDER is the complete DER encoding of the certificate to // be checked as a potential issuer. // @@ -203,9 +191,10 @@ class TrustDomain // constraints will be checked in addition to any any name constraints // contained in potentialIssuerDER. virtual Result Check(Input potentialIssuerDER, - /*optional*/ const Input* additionalNameConstraints, - /*out*/ bool& keepGoing) = 0; - protected: + /*optional*/ const Input* additionalNameConstraints, + /*out*/ bool& keepGoing) = 0; + + protected: IssuerChecker(); virtual ~IssuerChecker(); @@ -259,8 +248,8 @@ class TrustDomain // implementation has an efficient way of filtering potential issuers by name // and/or validity period itself, then it is probably better for performance // for it to do so. - virtual Result FindIssuer(Input encodedIssuerName, - IssuerChecker& checker, Time time) = 0; + virtual Result FindIssuer(Input encodedIssuerName, IssuerChecker& checker, + Time time) = 0; // Called as soon as we think we have a valid chain but before revocation // checks are done. This function can be used to compute additional checks, @@ -270,7 +259,8 @@ class TrustDomain // // This function may be called multiple times, regardless of whether it // returns success or failure. It is guaranteed that BuildCertChain will not - // return Success unless the last call to IsChainValid returns Success. Further, + // return Success unless the last call to IsChainValid returns Success. + // Further, // it is guaranteed that when BuildCertChain returns Success the last chain // passed to IsChainValid is the valid chain that should be used for further // operations that require the whole chain. @@ -289,8 +279,8 @@ class TrustDomain virtual Result CheckRevocation(EndEntityOrCA endEntityOrCA, const CertID& certID, Time time, Duration validityDuration, - /*optional*/ const Input* stapledOCSPresponse, - /*optional*/ const Input* aiaExtension) = 0; + /*optional*/ const Input* stapledOCSPresponse, + /*optional*/ const Input* aiaExtension) = 0; // Check that the given digest algorithm is acceptable for use in signatures. // @@ -307,8 +297,7 @@ class TrustDomain // Result::ERROR_INADEQUATE_KEY_SIZE if the key size is not acceptable, // or another error code if another error occurred. virtual Result CheckRSAPublicKeyModulusSizeInBits( - EndEntityOrCA endEntityOrCA, - unsigned int modulusSizeInBits) = 0; + EndEntityOrCA endEntityOrCA, unsigned int modulusSizeInBits) = 0; // Verify the given RSA PKCS#1.5 signature on the given digest using the // given RSA public key. @@ -317,9 +306,8 @@ class TrustDomain // function, so it is not necessary to repeat those checks here. However, // VerifyRSAPKCS1SignedDigest *is* responsible for doing the mathematical // verification of the public key validity as specified in NIST SP 800-56A. - virtual Result VerifyRSAPKCS1SignedDigest( - const SignedDigest& signedDigest, - Input subjectPublicKeyInfo) = 0; + virtual Result VerifyRSAPKCS1SignedDigest(const SignedDigest& signedDigest, + Input subjectPublicKeyInfo) = 0; // Check that the given named ECC curve is acceptable for ECDSA signatures. // @@ -374,12 +362,11 @@ class TrustDomain // TODO: Taking the output buffer as (uint8_t*, size_t) is counter to our // other, extensive, memory safety efforts in mozilla::pkix, and we should // find a way to provide a more-obviously-safe interface. - virtual Result DigestBuf(Input item, - DigestAlgorithm digestAlg, - /*out*/ uint8_t* digestBuf, - size_t digestBufLen) = 0; -protected: - TrustDomain() { } + virtual Result DigestBuf(Input item, DigestAlgorithm digestAlg, + /*out*/ uint8_t* digestBuf, size_t digestBufLen) = 0; + + protected: + TrustDomain() {} TrustDomain(const TrustDomain&) = delete; void operator=(const TrustDomain&) = delete; @@ -390,25 +377,24 @@ enum class FallBackToSearchWithinSubject { No = 0, Yes = 1 }; // Applications control the behavior of matching presented name information from // a certificate against a reference hostname by implementing the // NameMatchingPolicy interface. Used in concert with CheckCertHostname. -class NameMatchingPolicy -{ -public: - virtual ~NameMatchingPolicy() { } +class NameMatchingPolicy { + public: + virtual ~NameMatchingPolicy() {} // Given that the certificate in question has a notBefore field with the given // value, should name matching fall back to searching within the subject // common name field? virtual Result FallBackToCommonName( - Time notBefore, - /*out*/ FallBackToSearchWithinSubject& fallBackToCommonName) = 0; + Time notBefore, + /*out*/ FallBackToSearchWithinSubject& fallBackToCommonName) = 0; -protected: - NameMatchingPolicy() { } + protected: + NameMatchingPolicy() {} NameMatchingPolicy(const NameMatchingPolicy&) = delete; void operator=(const NameMatchingPolicy&) = delete; }; +} +} // namespace mozilla::pkix -} } // namespace mozilla::pkix - -#endif // mozilla_pkix_pkixtypes_h +#endif // mozilla_pkix_pkixtypes_h diff --git a/lib/mozpkix/include/pkix/pkixutil.h b/lib/mozpkix/include/pkix/pkixutil.h index 3fc02c56e6..ca5b5a2d7b 100644 --- a/lib/mozpkix/include/pkix/pkixutil.h +++ b/lib/mozpkix/include/pkix/pkixutil.h @@ -27,7 +27,8 @@ #include "mozpkix/pkixder.h" -namespace mozilla { namespace pkix { +namespace mozilla { +namespace pkix { // During path building and verification, we build a linked list of BackCerts // from the current cert toward the end-entity certificate. The linked list @@ -38,19 +39,15 @@ namespace mozilla { namespace pkix { // Each BackCert contains pointers to all the given certificate's extensions // so that we can parse the extension block once and then process the // extensions in an order that may be different than they appear in the cert. -class BackCert final -{ -public: +class BackCert final { + public: // certDER and childCert must be valid for the lifetime of BackCert. - BackCert(Input aCertDER, - EndEntityOrCA aEndEntityOrCA, + BackCert(Input aCertDER, EndEntityOrCA aEndEntityOrCA, const BackCert* aChildCert) - : der(aCertDER) - , endEntityOrCA(aEndEntityOrCA) - , childCert(aChildCert) - , version(der::Version::Uninitialized) - { - } + : der(aCertDER), + endEntityOrCA(aEndEntityOrCA), + childCert(aChildCert), + version(der::Version::Uninitialized) {} Result Init(); @@ -68,67 +65,47 @@ class BackCert final // RFC 5280 names for everything. const Input GetValidity() const { return validity; } const Input GetSubject() const { return subject; } - const Input GetSubjectPublicKeyInfo() const - { - return subjectPublicKeyInfo; - } - const Input* GetAuthorityInfoAccess() const - { + const Input GetSubjectPublicKeyInfo() const { return subjectPublicKeyInfo; } + const Input* GetAuthorityInfoAccess() const { return MaybeInput(authorityInfoAccess); } - const Input* GetBasicConstraints() const - { + const Input* GetBasicConstraints() const { return MaybeInput(basicConstraints); } - const Input* GetCertificatePolicies() const - { + const Input* GetCertificatePolicies() const { return MaybeInput(certificatePolicies); } - const Input* GetExtKeyUsage() const - { - return MaybeInput(extKeyUsage); - } - const Input* GetKeyUsage() const - { - return MaybeInput(keyUsage); - } - const Input* GetInhibitAnyPolicy() const - { + const Input* GetExtKeyUsage() const { return MaybeInput(extKeyUsage); } + const Input* GetKeyUsage() const { return MaybeInput(keyUsage); } + const Input* GetInhibitAnyPolicy() const { return MaybeInput(inhibitAnyPolicy); } - const Input* GetNameConstraints() const - { + const Input* GetNameConstraints() const { return MaybeInput(nameConstraints); } - const Input* GetSubjectAltName() const - { - return MaybeInput(subjectAltName); - } - const Input* GetRequiredTLSFeatures() const - { + const Input* GetSubjectAltName() const { return MaybeInput(subjectAltName); } + const Input* GetRequiredTLSFeatures() const { return MaybeInput(requiredTLSFeatures); } - const Input* GetSignedCertificateTimestamps() const - { + const Input* GetSignedCertificateTimestamps() const { return MaybeInput(signedCertificateTimestamps); } -private: + private: const Input der; -public: + public: const EndEntityOrCA endEntityOrCA; BackCert const* const childCert; -private: + private: // When parsing certificates in BackCert::Init, we don't accept empty // extensions. Consequently, we don't have to store a distinction between // empty extensions and extensions that weren't included. However, when // *processing* extensions, we distinguish between whether an extension was // included or not based on whetehr the GetXXX function for the extension // returns nullptr. - static inline const Input* MaybeInput(const Input& item) - { + static inline const Input* MaybeInput(const Input& item) { return item.GetLength() > 0 ? &item : nullptr; } @@ -155,7 +132,7 @@ class BackCert final Input subjectAltName; Input criticalNetscapeCertificateType; Input requiredTLSFeatures; - Input signedCertificateTimestamps; // RFC 6962 (Certificate Transparency) + Input signedCertificateTimestamps; // RFC 6962 (Certificate Transparency) Result RememberExtension(Reader& extnID, Input extnValue, bool critical, /*out*/ bool& understood); @@ -164,29 +141,24 @@ class BackCert final void operator=(const BackCert&) = delete; }; -class NonOwningDERArray final : public DERArray -{ -public: - NonOwningDERArray() - : numItems(0) - { +class NonOwningDERArray final : public DERArray { + public: + NonOwningDERArray() : numItems(0) { // we don't need to initialize the items array because we always check // numItems before accessing i. } size_t GetLength() const override { return numItems; } - const Input* GetDER(size_t i) const override - { + const Input* GetDER(size_t i) const override { return i < numItems ? &items[i] : nullptr; } - Result Append(Input der) - { + Result Append(Input der) { if (numItems >= MAX_LENGTH) { return Result::FATAL_ERROR_INVALID_ARGS; } - Result rv = items[numItems].Init(der); // structure assignment + Result rv = items[numItems].Init(der); // structure assignment if (rv != Success) { return rv; } @@ -196,8 +168,9 @@ class NonOwningDERArray final : public DERArray // Public so we can static_assert on this. Keep in sync with MAX_SUBCA_COUNT. static const size_t MAX_LENGTH = 8; -private: - Input items[MAX_LENGTH]; // avoids any heap allocations + + private: + Input items[MAX_LENGTH]; // avoids any heap allocations size_t numItems; NonOwningDERArray(const NonOwningDERArray&) = delete; @@ -206,25 +179,22 @@ class NonOwningDERArray final : public DERArray // Extracts the SignedCertificateTimestampList structure which is encoded as an // OCTET STRING within the X.509v3 / OCSP extensions (see RFC 6962 section 3.3). -Result -ExtractSignedCertificateTimestampListFromExtension(Input extnValue, - Input& sctList); +Result ExtractSignedCertificateTimestampListFromExtension(Input extnValue, + Input& sctList); -inline unsigned int -DaysBeforeYear(unsigned int year) -{ +inline unsigned int DaysBeforeYear(unsigned int year) { assert(year <= 9999); - return ((year - 1u) * 365u) - + ((year - 1u) / 4u) // leap years are every 4 years, - - ((year - 1u) / 100u) // except years divisible by 100, - + ((year - 1u) / 400u); // except years divisible by 400. + return ((year - 1u) * 365u) + + ((year - 1u) / 4u) // leap years are every 4 years, + - ((year - 1u) / 100u) // except years divisible by 100, + + ((year - 1u) / 400u); // except years divisible by 400. } -static const size_t MAX_DIGEST_SIZE_IN_BYTES = 512 / 8; // sha-512 +static const size_t MAX_DIGEST_SIZE_IN_BYTES = 512 / 8; // sha-512 Result DigestSignedData(TrustDomain& trustDomain, const der::SignedDataWithSignature& signedData, - /*out*/ uint8_t(&digestBuf)[MAX_DIGEST_SIZE_IN_BYTES], + /*out*/ uint8_t (&digestBuf)[MAX_DIGEST_SIZE_IN_BYTES], /*out*/ der::PublicKeyAlgorithm& publicKeyAlg, /*out*/ SignedDigest& signedDigest); @@ -240,9 +210,9 @@ Result VerifySignedData(TrustDomain& trustDomain, // Extracts the key parameters from |subjectPublicKeyInfo|, invoking // the relevant methods of |trustDomain|. -Result -CheckSubjectPublicKeyInfo(Input subjectPublicKeyInfo, TrustDomain& trustDomain, - EndEntityOrCA endEntityOrCA); +Result CheckSubjectPublicKeyInfo(Input subjectPublicKeyInfo, + TrustDomain& trustDomain, + EndEntityOrCA endEntityOrCA); // In a switch over an enum, sometimes some compilers are not satisfied that // all control flow paths have been considered unless there is a default case. @@ -271,21 +241,25 @@ CheckSubjectPublicKeyInfo(Input subjectPublicKeyInfo, TrustDomain& trustDomain, // (-W-covered-switch-default). Versions prior to 3.5 warned about unreachable // code in such default cases (-Wunreachable-code) even when // -W-covered-switch-default was disabled, but that changed in Clang 3.5. -#define MOZILLA_PKIX_UNREACHABLE_DEFAULT_ENUM // empty +#define MOZILLA_PKIX_UNREACHABLE_DEFAULT_ENUM // empty #elif defined(__GNUC__) // GCC will warn if not all cases are covered (-Wswitch-enum). It does not // assume that the default case is unreachable. #define MOZILLA_PKIX_UNREACHABLE_DEFAULT_ENUM \ - default: assert(false); __builtin_unreachable(); + default: \ + assert(false); \ + __builtin_unreachable(); #elif defined(_MSC_VER) // MSVC will warn if not all cases are covered (C4061, level 4). It does not // assume that the default case is unreachable. #define MOZILLA_PKIX_UNREACHABLE_DEFAULT_ENUM \ - default: assert(false); __assume(0); + default: \ + assert(false); \ + __assume(0); #else #error Unsupported compiler for MOZILLA_PKIX_UNREACHABLE_DEFAULT. #endif +} +} // namespace mozilla::pkix -} } // namespace mozilla::pkix - -#endif // mozilla_pkix_pkixutil_h +#endif // mozilla_pkix_pkixutil_h diff --git a/nss-tool/enc/enctool.h b/nss-tool/enc/enctool.h index df5f449507..f2296bb267 100644 --- a/nss-tool/enc/enctool.h +++ b/nss-tool/enc/enctool.h @@ -8,8 +8,8 @@ #include #include #include "argparse.h" -#include "prerror.h" #include "nss_scoped_ptrs.h" +#include "prerror.h" #include "tool.h" class EncTool : public Tool {