Back to index

lightning-sunbird  0.9+nobinonly
Typedefs | Functions
pcert.h File Reference
#include "plarena.h"
#include "prlong.h"
#include "pcertt.h"
#include "lowkeyti.h"
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Typedefs

typedef SECStatus(PR_CALLBACKPermCertCallback )(NSSLOWCERTCertificate *cert, SECItem *k, void *pdata)

Functions

SEC_BEGIN_PROTOS SECStatus nsslowcert_InitLocks (void)
SECStatus nsslowcert_AddPermCert (NSSLOWCERTCertDBHandle *handle, NSSLOWCERTCertificate *cert, char *nickname, NSSLOWCERTCertTrust *trust)
SECStatus nsslowcert_AddPermNickname (NSSLOWCERTCertDBHandle *dbhandle, NSSLOWCERTCertificate *cert, char *nickname)
SECStatus nsslowcert_DeletePermCertificate (NSSLOWCERTCertificate *cert)
SECStatus nsslowcert_TraversePermCerts (NSSLOWCERTCertDBHandle *handle, PermCertCallback certfunc, void *udata)
PRBool nsslowcert_CertDBKeyConflict (SECItem *derCert, NSSLOWCERTCertDBHandle *handle)
certDBEntryRevocation * nsslowcert_FindCrlByKey (NSSLOWCERTCertDBHandle *handle, SECItem *crlKey, PRBool isKRL)
SECStatus nsslowcert_DeletePermCRL (NSSLOWCERTCertDBHandle *handle, SECItem *derName, PRBool isKRL)
SECStatus nsslowcert_AddCrl (NSSLOWCERTCertDBHandle *handle, SECItem *derCrl, SECItem *derKey, char *url, PRBool isKRL)
NSSLOWCERTCertDBHandle * nsslowcert_GetDefaultCertDB ()
NSSLOWKEYPublicKey * nsslowcert_ExtractPublicKey (NSSLOWCERTCertificate *)
NSSLOWCERTCertificate * nsslowcert_NewTempCertificate (NSSLOWCERTCertDBHandle *handle, SECItem *derCert, char *nickname, PRBool isperm, PRBool copyDER)
NSSLOWCERTCertificate * nsslowcert_DupCertificate (NSSLOWCERTCertificate *cert)
void nsslowcert_DestroyCertificate (NSSLOWCERTCertificate *cert)
void nsslowcert_DestroyTrust (NSSLOWCERTTrust *Trust)
NSSLOWCERTCertificate * nsslowcert_FindCertByKey (NSSLOWCERTCertDBHandle *handle, SECItem *certKey)
NSSLOWCERTTrust * nsslowcert_FindTrustByKey (NSSLOWCERTCertDBHandle *handle, SECItem *certKey)
NSSLOWCERTCertificate * nsslowcert_FindCertByIssuerAndSN (NSSLOWCERTCertDBHandle *handle, NSSLOWCERTIssuerAndSN *issuerAndSN)
NSSLOWCERTTrust * nsslowcert_FindTrustByIssuerAndSN (NSSLOWCERTCertDBHandle *handle, NSSLOWCERTIssuerAndSN *issuerAndSN)
NSSLOWCERTCertificate * nsslowcert_FindCertByDERCert (NSSLOWCERTCertDBHandle *handle, SECItem *derCert)
char * nsslowcert_FixupEmailAddr (char *emailAddr)
NSSLOWCERTCertificate * nsslowcert_DecodeDERCertificate (SECItem *derSignedCert, char *nickname)
SECStatus nsslowcert_KeyFromDERCert (PRArenaPool *arena, SECItem *derCert, SECItem *key)
certDBEntrySMimensslowcert_ReadDBSMimeEntry (NSSLOWCERTCertDBHandle *certHandle, char *emailAddr)
void nsslowcert_DestroyDBEntry (certDBEntry *entry)
SECStatus nsslowcert_OpenCertDB (NSSLOWCERTCertDBHandle *handle, PRBool readOnly, const char *domain, const char *prefix, NSSLOWCERTDBNameFunc namecb, void *cbarg, PRBool openVolatile)
void nsslowcert_ClosePermCertDB (NSSLOWCERTCertDBHandle *handle)
PRBool nsslowcert_IsNewer (NSSLOWCERTCertificate *certa, NSSLOWCERTCertificate *certb)
SECStatus nsslowcert_TraverseDBEntries (NSSLOWCERTCertDBHandle *handle, certDBEntryType type, SECStatus(*callback)(SECItem *data, SECItem *key, certDBEntryType type, void *pdata), void *udata)
SECStatus nsslowcert_TraversePermCertsForSubject (NSSLOWCERTCertDBHandle *handle, SECItem *derSubject, NSSLOWCERTCertCallback cb, void *cbarg)
int nsslowcert_NumPermCertsForSubject (NSSLOWCERTCertDBHandle *handle, SECItem *derSubject)
SECStatus nsslowcert_TraversePermCertsForNickname (NSSLOWCERTCertDBHandle *handle, char *nickname, NSSLOWCERTCertCallback cb, void *cbarg)
int nsslowcert_NumPermCertsForNickname (NSSLOWCERTCertDBHandle *handle, char *nickname)
SECStatus nsslowcert_GetCertTrust (NSSLOWCERTCertificate *cert, NSSLOWCERTCertTrust *trust)
SECStatus nsslowcert_SaveSMimeProfile (NSSLOWCERTCertDBHandle *dbhandle, char *emailAddr, SECItem *derSubject, SECItem *emailProfile, SECItem *profileTime)
SECStatus nsslowcert_ChangeCertTrust (NSSLOWCERTCertDBHandle *handle, NSSLOWCERTCertificate *cert, NSSLOWCERTCertTrust *trust)
PRBool nsslowcert_needDBVerify (NSSLOWCERTCertDBHandle *handle)
void nsslowcert_setDBVerify (NSSLOWCERTCertDBHandle *handle, PRBool value)
PRBool nsslowcert_hasTrust (NSSLOWCERTCertTrust *trust)
void nsslowcert_DestroyFreeLists (void)
void nsslowcert_DestroyGlobalLocks (void)
void pkcs11_freeNickname (char *nickname, char *space)
char * pkcs11_copyNickname (char *nickname, char *space, int spaceLen)
void pkcs11_freeStaticData (unsigned char *data, unsigned char *space)
unsigned char * pkcs11_allocStaticData (int datalen, unsigned char *space, int spaceLen)
unsigned char * pkcs11_copyStaticData (unsigned char *data, int datalen, unsigned char *space, int spaceLen)
NSSLOWCERTCertificate * nsslowcert_CreateCert (void)
certDBEntrynsslowcert_DecodeAnyDBEntry (SECItem *dbData, SECItem *dbKey, certDBEntryType entryType, void *pdata)

Typedef Documentation

typedef SECStatus(PR_CALLBACK * PermCertCallback)(NSSLOWCERTCertificate *cert, SECItem *k, void *pdata)

Definition at line 67 of file pcert.h.


Function Documentation

SECStatus nsslowcert_AddCrl ( NSSLOWCERTCertDBHandle *  handle,
SECItem *  derCrl,
SECItem *  derKey,
char *  url,
PRBool  isKRL 
)

Definition at line 5218 of file pcertdb.c.

{
    SECStatus rv;

    rv = db_BeginTransaction(handle->permCertDB);
    if (rv != SECSuccess) {
       return SECFailure;
    }
    rv = nsslowcert_UpdateCrl(handle, derCrl, crlKey, url, isKRL);

    db_FinishTransaction(handle->permCertDB, rv != SECSuccess);
    return rv;
}

Here is the caller graph for this function:

SECStatus nsslowcert_AddPermCert ( NSSLOWCERTCertDBHandle *  handle,
NSSLOWCERTCertificate *  cert,
char *  nickname,
NSSLOWCERTCertTrust *  trust 
)

Definition at line 4629 of file pcertdb.c.

{
    SECStatus ret;
    SECStatus rv;

    nsslowcert_LockDB(dbhandle);
    rv = db_BeginTransaction(dbhandle->permCertDB);
    if (rv != SECSuccess) {
       nsslowcert_UnlockDB(dbhandle);
       return SECFailure;
    }

    ret = nsslowcert_UpdatePermCert(dbhandle, cert, nickname, trust);
    
    db_FinishTransaction(dbhandle->permCertDB, ret != SECSuccess);
    nsslowcert_UnlockDB(dbhandle);
    return(ret);
}

Here is the caller graph for this function:

SECStatus nsslowcert_AddPermNickname ( NSSLOWCERTCertDBHandle *  dbhandle,
NSSLOWCERTCertificate *  cert,
char *  nickname 
)

Definition at line 3283 of file pcertdb.c.

{
    SECStatus rv = SECFailure;
    certDBEntrySubject *entry = NULL;
    certDBEntryNickname *nicknameEntry = NULL;
    
    nsslowcert_LockDB(dbhandle);

    entry = ReadDBSubjectEntry(dbhandle, &cert->derSubject);
    if (entry == NULL) goto loser;

    if ( entry->nickname == NULL ) {

       /* no nickname for subject */
       rv = AddNicknameToSubject(dbhandle, cert, nickname);
       if ( rv != SECSuccess ) {
           goto loser;
       }
       rv = AddNicknameToPermCert(dbhandle, cert, nickname);
       if ( rv != SECSuccess ) {
           goto loser;
       }
       nicknameEntry = NewDBNicknameEntry(nickname, &cert->derSubject, 0);
       if ( nicknameEntry == NULL ) {
           goto loser;
       }
    
       rv = WriteDBNicknameEntry(dbhandle, nicknameEntry);
       if ( rv != SECSuccess ) {
           goto loser;
       }
    } else {
       /* subject already has a nickname */
       rv = AddNicknameToPermCert(dbhandle, cert, entry->nickname);
       if ( rv != SECSuccess ) {
           goto loser;
       }
       /* make sure nickname entry exists. If the database was corrupted,
        * we may have lost the nickname entry. Add it back now  */
       nicknameEntry = ReadDBNicknameEntry(dbhandle, entry->nickname);
       if (nicknameEntry == NULL ) {
           nicknameEntry = NewDBNicknameEntry(entry->nickname, 
                                                 &cert->derSubject, 0);
           if ( nicknameEntry == NULL ) {
              goto loser;
           }
    
           rv = WriteDBNicknameEntry(dbhandle, nicknameEntry);
           if ( rv != SECSuccess ) {
              goto loser;
           }
       }
    }
    rv = SECSuccess;

loser:
    if (entry) {
       DestroyDBEntry((certDBEntry *)entry);
    }
    if (nicknameEntry) {
       DestroyDBEntry((certDBEntry *)nicknameEntry);
    }
    nsslowcert_UnlockDB(dbhandle);
    return(rv);
}

Here is the caller graph for this function:

PRBool nsslowcert_CertDBKeyConflict ( SECItem *  derCert,
NSSLOWCERTCertDBHandle *  handle 
)

Definition at line 3941 of file pcertdb.c.

{
    SECStatus rv;
    DBT tmpdata;
    DBT namekey;
    int ret;
    SECItem keyitem;
    PRArenaPool *arena = NULL;
    SECItem derKey;
    
    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
    if ( arena == NULL ) {
       goto loser;
    }

    /* get the db key of the cert */
    rv = nsslowcert_KeyFromDERCert(arena, derCert, &derKey);
    if ( rv != SECSuccess ) {
        goto loser;
    }

    rv = EncodeDBCertKey(&derKey, arena, &keyitem);
    if ( rv != SECSuccess ) {
       goto loser;
    }
    
    namekey.data = keyitem.data;
    namekey.size = keyitem.len;
    
    ret = certdb_Get(handle->permCertDB, &namekey, &tmpdata, 0);
    if ( ret == 0 ) {
       goto loser;
    }

    PORT_FreeArena(arena, PR_FALSE);
    
    return(PR_FALSE);
loser:
    if ( arena ) {
       PORT_FreeArena(arena, PR_FALSE);
    }
    
    return(PR_TRUE);
}
SECStatus nsslowcert_ChangeCertTrust ( NSSLOWCERTCertDBHandle *  handle,
NSSLOWCERTCertificate *  cert,
NSSLOWCERTCertTrust *  trust 
)

Definition at line 4548 of file pcertdb.c.

{
    certDBEntryCert *entry;
    int rv;
    SECStatus ret;
    
    nsslowcert_LockDB(handle);
    nsslowcert_LockCertTrust(cert);
    /* only set the trust on permanent certs */
    if ( cert->trust == NULL ) {
       ret = SECFailure;
       goto done;
    }

    *cert->trust = *trust;
    if ( cert->dbEntry == NULL ) {
       ret = SECSuccess; /* not in permanent database */
       goto done;
    }
    
    entry = cert->dbEntry;
    entry->trust = *trust;
    
    rv = WriteDBCertEntry(handle, entry);
    if ( rv ) {
       ret = SECFailure;
       goto done;
    }

    ret = SECSuccess;
    
done:
    nsslowcert_UnlockCertTrust(cert);
    nsslowcert_UnlockDB(handle);
    return(ret);
}

Here is the caller graph for this function:

void nsslowcert_ClosePermCertDB ( NSSLOWCERTCertDBHandle *  handle)

Definition at line 4507 of file pcertdb.c.

{
    if ( handle ) {
       if ( handle->permCertDB ) {
           certdb_Close( handle->permCertDB );
           handle->permCertDB = NULL;
       }
       if (handle->dbMon) {
           PZ_DestroyMonitor(handle->dbMon);
           handle->dbMon = NULL;
       }
    }
    return;
}

Here is the caller graph for this function:

NSSLOWCERTCertificate* nsslowcert_CreateCert ( void  )

Definition at line 5072 of file pcertdb.c.

{
    NSSLOWCERTCertificate *cert;
    nsslowcert_LockFreeList();
    cert = certListHead;
    if (cert) {
       certListHead = cert->next;
       certListCount--;
    }
    PORT_Assert(certListCount >= 0);
    nsslowcert_UnlockFreeList();
    if (cert) {
       return cert;
    }
    return PORT_ZNew(NSSLOWCERTCertificate);
}

Here is the caller graph for this function:

certDBEntry* nsslowcert_DecodeAnyDBEntry ( SECItem *  dbData,
SECItem *  dbKey,
certDBEntryType  entryType,
void pdata 
)

Definition at line 5376 of file pcertdb.c.

{
    PLArenaPool *arena = NULL;
    certDBEntry *entry;
    SECStatus rv;
    SECItem dbEntry;


    if ((dbData->len < SEC_DB_ENTRY_HEADER_LEN) || (dbKey->len == 0)) {
       PORT_SetError(SEC_ERROR_INVALID_ARGS);
       goto loser;
    }
    dbEntry.data = &dbData->data[SEC_DB_ENTRY_HEADER_LEN];
    dbEntry.len  = dbData->len - SEC_DB_ENTRY_HEADER_LEN;

    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
    if (arena == NULL) {
       goto loser;
    }
    entry = PORT_ArenaZNew(arena, certDBEntry);
    if (!entry)
       goto loser;

    entry->common.version = (unsigned int)dbData->data[0];
    entry->common.flags   = (unsigned int)dbData->data[2];
    entry->common.type    = entryType;
    entry->common.arena   = arena;

    switch (entryType) {
    case certDBEntryTypeContentVersion: /* This type appears to be unused */
    case certDBEntryTypeVersion:        /* This type has only the common hdr */
       rv = SECSuccess;
       break;

    case certDBEntryTypeSubject:
       rv = DecodeDBSubjectEntry(&entry->subject, &dbEntry, dbKey);
       break;

    case certDBEntryTypeNickname:
       rv = DecodeDBNicknameEntry(&entry->nickname, &dbEntry,
                                   (char *)dbKey->data);
       break;

    /* smime profiles need entries created after the certs have
     * been imported, loop over them in a second run */
    case certDBEntryTypeSMimeProfile:
       rv = DecodeDBSMimeEntry(&entry->smime, &dbEntry, (char *)dbKey->data);
       break;

    case certDBEntryTypeCert:
       rv = DecodeDBCertEntry(&entry->cert, &dbEntry);
       break;

    case certDBEntryTypeKeyRevocation:
    case certDBEntryTypeRevocation:
       rv = DecodeDBCrlEntry(&entry->revocation, &dbEntry);
       break;

    default:
       PORT_SetError(SEC_ERROR_INVALID_ARGS);
       rv = SECFailure;
    }

    if (rv == SECSuccess)
       return entry;

loser:
    if (arena)
       PORT_FreeArena(arena, PR_FALSE);
    return NULL;
}

Here is the caller graph for this function:

NSSLOWCERTCertificate* nsslowcert_DecodeDERCertificate ( SECItem *  derSignedCert,
char *  nickname 
)

Definition at line 420 of file lowcert.c.

{
    NSSLOWCERTCertificate *cert;
    int rv;

    /* allocate the certificate structure */
    cert = nsslowcert_CreateCert();
    
    if ( !cert ) {
       goto loser;
    }
    
       /* point to passed in DER data */
    cert->derCert = *derSignedCert;
    cert->nickname = NULL;
    cert->certKey.data = NULL;
    cert->referenceCount = 1;

    /* decode the certificate info */
    rv = nsslowcert_GetCertFields(cert->derCert.data, cert->derCert.len,
       &cert->derIssuer, &cert->serialNumber, &cert->derSN, &cert->derSubject,
       &cert->validity, &cert->derSubjKeyInfo);

    /* cert->subjectKeyID;   x509v3 subject key identifier */
    cert->subjectKeyID.data = NULL;
    cert->subjectKeyID.len = 0;
    cert->dbEntry = NULL;
    cert ->trust = NULL;
    cert ->dbhandle = NULL;

    /* generate and save the database key for the cert */
    rv = nsslowcert_KeyFromIssuerAndSNStatic(cert->certKeySpace,
              sizeof(cert->certKeySpace), &cert->derIssuer, 
              &cert->serialNumber, &cert->certKey);
    if ( rv ) {
       goto loser;
    }

    /* set the nickname */
    if ( nickname == NULL ) {
       cert->nickname = NULL;
    } else {
       /* copy and install the nickname */
       cert->nickname = pkcs11_copyNickname(nickname,cert->nicknameSpace,
                            sizeof(cert->nicknameSpace));
    }

#ifdef FIXME
    /* initialize the subjectKeyID */
    rv = cert_GetKeyID(cert);
    if ( rv != SECSuccess ) {
       goto loser;
    }

    /* set the email address */
    cert->emailAddr = CERT_GetCertificateEmailAddress(cert);
    
#endif
    
    cert->referenceCount = 1;
    
    return(cert);
    
loser:
    if (cert) {
       nsslowcert_DestroyCertificate(cert);
    }
    
    return(0);
}
SECStatus nsslowcert_DeletePermCertificate ( NSSLOWCERTCertificate *  cert)

Definition at line 4242 of file pcertdb.c.

{
    SECStatus rv;
    
    nsslowcert_LockDB(cert->dbhandle);

    rv = db_BeginTransaction(cert->dbhandle->permCertDB);
    if ( rv != SECSuccess ) {
       goto loser;
    }
    /* delete the records from the permanent database */
    rv = DeletePermCert(cert);

    /* get rid of dbcert and stuff pointing to it */
    DestroyDBEntry((certDBEntry *)cert->dbEntry);
    cert->dbEntry = NULL;
    cert->trust = NULL;

    db_FinishTransaction(cert->dbhandle->permCertDB,rv != SECSuccess);
loser:
       
    nsslowcert_UnlockDB(cert->dbhandle);
    return(rv);
}

Here is the caller graph for this function:

SECStatus nsslowcert_DeletePermCRL ( NSSLOWCERTCertDBHandle *  handle,
SECItem *  derName,
PRBool  isKRL 
)

Definition at line 5234 of file pcertdb.c.

{
    SECStatus rv;
    certDBEntryType crlType = isKRL ? certDBEntryTypeKeyRevocation  
                                   : certDBEntryTypeRevocation;
    rv = db_BeginTransaction(handle->permCertDB);
    if (rv != SECSuccess) {
       return SECFailure;
    }
    
    rv = DeleteDBCrlEntry(handle, derName, crlType);
    if (rv != SECSuccess) goto done;
  
done:
    db_FinishTransaction(handle->permCertDB, rv != SECSuccess);
    return rv;
}

Here is the caller graph for this function:

void nsslowcert_DestroyCertificate ( NSSLOWCERTCertificate *  cert)

Definition at line 5133 of file pcertdb.c.

Here is the caller graph for this function:

Definition at line 1444 of file pcertdb.c.

{
    DestroyDBEntry(entry);
    return;
}

Here is the caller graph for this function:

Definition at line 5349 of file pcertdb.c.

Here is the caller graph for this function:

Definition at line 5359 of file pcertdb.c.

Here is the caller graph for this function:

void nsslowcert_DestroyTrust ( NSSLOWCERTTrust *  Trust)

Definition at line 5106 of file pcertdb.c.

{
    certDBEntryCert *entry  = trust->dbEntry;

    if ( entry ) {
       DestroyDBEntry((certDBEntry *)entry);
    }
    if (trust->dbhandle) {
       sftk_freeCertDB(trust->dbhandle);
    }
    pkcs11_freeStaticData(trust->dbKey.data,trust->dbKeySpace);
    PORT_Memset(trust, 0, sizeof(*trust));

    nsslowcert_LockFreeList();
    if (trustListCount > MAX_TRUST_LIST_COUNT) {
       PORT_Free(trust);
    } else {
       trustListCount++;
       trust->next = trustListHead;
       trustListHead = trust;
    }
    nsslowcert_UnlockFreeList();

    return;
}

Here is the caller graph for this function:

NSSLOWCERTCertificate* nsslowcert_DupCertificate ( NSSLOWCERTCertificate *  cert)

Definition at line 260 of file pcertdb.c.

{
    if (c) {
       nsslowcert_LockCertRefCount(c);
       ++c->referenceCount;
       nsslowcert_UnlockCertRefCount(c);
    }
    return c;
}

Here is the caller graph for this function:

NSSLOWKEYPublicKey* nsslowcert_ExtractPublicKey ( NSSLOWCERTCertificate *  )

Definition at line 543 of file lowcert.c.

{
    NSSLOWCERTSubjectPublicKeyInfo spki;
    NSSLOWKEYPublicKey *pubk;
    SECItem os;
    SECStatus rv;
    PRArenaPool *arena;
    SECOidTag tag;
    SECItem newDerSubjKeyInfo;

    arena = PORT_NewArena (DER_DEFAULT_CHUNKSIZE);
    if (arena == NULL)
        return NULL;

    pubk = (NSSLOWKEYPublicKey *) 
              PORT_ArenaZAlloc(arena, sizeof(NSSLOWKEYPublicKey));
    if (pubk == NULL) {
        PORT_FreeArena (arena, PR_FALSE);
        return NULL;
    }

    pubk->arena = arena;
    PORT_Memset(&spki,0,sizeof(spki));

    /* copy the DER into the arena, since Quick DER returns data that points
       into the DER input, which may get freed by the caller */
    rv = SECITEM_CopyItem(arena, &newDerSubjKeyInfo, &cert->derSubjKeyInfo);
    if ( rv != SECSuccess ) {
        PORT_FreeArena (arena, PR_FALSE);
        return NULL;
    }

    /* we haven't bothered decoding the spki struct yet, do it now */
    rv = SEC_QuickDERDecodeItem(arena, &spki, 
              nsslowcert_SubjectPublicKeyInfoTemplate, &newDerSubjKeyInfo);
    if (rv != SECSuccess) {
       PORT_FreeArena (arena, PR_FALSE);
       return NULL;
    }

    /* Convert bit string length from bits to bytes */
    os = spki.subjectPublicKey;
    DER_ConvertBitString (&os);

    tag = SECOID_GetAlgorithmTag(&spki.algorithm);
    switch ( tag ) {
      case SEC_OID_X500_RSA_ENCRYPTION:
      case SEC_OID_PKCS1_RSA_ENCRYPTION:
        pubk->keyType = NSSLOWKEYRSAKey;
        prepare_low_rsa_pub_key_for_asn1(pubk);
        rv = SEC_QuickDERDecodeItem(arena, pubk, 
                            nsslowcert_RSAPublicKeyTemplate, &os);
        if (rv == SECSuccess)
            return pubk;
        break;
      case SEC_OID_ANSIX9_DSA_SIGNATURE:
        pubk->keyType = NSSLOWKEYDSAKey;
        prepare_low_dsa_pub_key_for_asn1(pubk);
        rv = SEC_QuickDERDecodeItem(arena, pubk,
                             nsslowcert_DSAPublicKeyTemplate, &os);
        if (rv == SECSuccess) return pubk;
        break;
      case SEC_OID_X942_DIFFIE_HELMAN_KEY:
        pubk->keyType = NSSLOWKEYDHKey;
        prepare_low_dh_pub_key_for_asn1(pubk);
        rv = SEC_QuickDERDecodeItem(arena, pubk,
                             nsslowcert_DHPublicKeyTemplate, &os);
        if (rv == SECSuccess) return pubk;
        break;
#ifdef NSS_ENABLE_ECC
      case SEC_OID_ANSIX962_EC_PUBLIC_KEY:
        pubk->keyType = NSSLOWKEYECKey;
       /* Since PKCS#11 directly takes the DER encoding of EC params
        * and public value, we don't need any decoding here.
        */
        rv = SECITEM_CopyItem(arena, &pubk->u.ec.ecParams.DEREncoding, 
           &spki.algorithm.parameters);
        if ( rv != SECSuccess )
            break;   

       /* Fill out the rest of the ecParams structure 
        * based on the encoded params
        */
       if (EC_FillParams(arena, &pubk->u.ec.ecParams.DEREncoding,
           &pubk->u.ec.ecParams) != SECSuccess) 
           break;

        rv = SECITEM_CopyItem(arena, &pubk->u.ec.publicValue, &os);
       if (rv == SECSuccess) return pubk;
        break;
#endif /* NSS_ENABLE_ECC */
      default:
        rv = SECFailure;
        break;
    }

    nsslowkey_DestroyPublicKey (pubk);
    return NULL;
}
NSSLOWCERTCertificate* nsslowcert_FindCertByDERCert ( NSSLOWCERTCertDBHandle *  handle,
SECItem *  derCert 
)

Definition at line 4977 of file pcertdb.c.

{
    PRArenaPool *arena;
    SECItem certKey;
    SECStatus rv;
    NSSLOWCERTCertificate *cert = NULL;
    
    /* create a scratch arena */
    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
    if ( arena == NULL ) {
       return(NULL);
    }
    
    /* extract the database key from the cert */
    rv = nsslowcert_KeyFromDERCert(arena, derCert, &certKey);
    if ( rv != SECSuccess ) {
       goto loser;
    }

    /* find the certificate */
    cert = nsslowcert_FindCertByKey(handle, &certKey);
    
loser:
    PORT_FreeArena(arena, PR_FALSE);
    return(cert);
}

Here is the caller graph for this function:

NSSLOWCERTCertificate* nsslowcert_FindCertByIssuerAndSN ( NSSLOWCERTCertDBHandle *  handle,
NSSLOWCERTIssuerAndSN *  issuerAndSN 
)

Definition at line 4799 of file pcertdb.c.

{
    SECItem certKey;
    SECItem *sn = &issuerAndSN->serialNumber;
    SECItem *issuer = &issuerAndSN->derIssuer;
    NSSLOWCERTCertificate *cert;
    int data_left = sn->len-1;
    int data_len = sn->len;
    int index = 0;

    /* automatically detect DER encoded serial numbers and remove the der
     * encoding since the database expects unencoded data. 
     * if it's DER encoded, there must be at least 3 bytes, tag, len, data */
    if ((sn->len >= 3) && (sn->data[0] == 0x2)) {
       /* remove the der encoding of the serial number before generating the
        * key.. */
       data_left = sn->len-2;
       data_len = sn->data[1];
       index = 2;

       /* extended length ? (not very likely for a serial number) */
       if (data_len & 0x80) {
           int len_count = data_len & 0x7f;

           data_len = 0;
           data_left -= len_count;
           if (data_left > 0) {
              while (len_count --) {
                  data_len = (data_len << 8) | sn->data[index++];
              }
           } 
       }
       /* XXX leaving any leading zeros on the serial number for backwards
        * compatibility
        */
       /* not a valid der, must be just an unlucky serial number value */
       if (data_len != data_left) {
           data_len = sn->len;
           index = 0;
       }
    }

    certKey.type = 0;
    certKey.data = (unsigned char*)PORT_Alloc(sn->len + issuer->len);
    certKey.len = data_len + issuer->len;
    
    if ( certKey.data == NULL ) {
       return(0);
    }

    /* first try the serial number as hand-decoded above*/
    /* copy the serialNumber */
    PORT_Memcpy(certKey.data, &sn->data[index], data_len);

    /* copy the issuer */
    PORT_Memcpy( &certKey.data[data_len],issuer->data,issuer->len);

    cert = nsslowcert_FindCertByKey(handle, &certKey);
    if (cert) {
       PORT_Free(certKey.data);
       return (cert);
    }

    /* didn't find it, try by der encoded serial number */
    /* copy the serialNumber */
    PORT_Memcpy(certKey.data, sn->data, sn->len);

    /* copy the issuer */
    PORT_Memcpy( &certKey.data[sn->len], issuer->data, issuer->len);
    certKey.len = sn->len + issuer->len;

    cert = nsslowcert_FindCertByKey(handle, &certKey);
    
    PORT_Free(certKey.data);
    
    return(cert);
}

Here is the caller graph for this function:

NSSLOWCERTCertificate* nsslowcert_FindCertByKey ( NSSLOWCERTCertDBHandle *  handle,
SECItem *  certKey 
)

Definition at line 4780 of file pcertdb.c.

{
    return(FindCertByKey(handle, certKey, PR_FALSE));
}

Here is the caller graph for this function:

certDBEntryRevocation* nsslowcert_FindCrlByKey ( NSSLOWCERTCertDBHandle *  handle,
SECItem *  crlKey,
PRBool  isKRL 
)

Definition at line 5151 of file pcertdb.c.

{
    SECItem keyitem;
    DBT key;
    SECStatus rv;
    PRArenaPool *arena = NULL;
    certDBEntryRevocation *entry = NULL;
    certDBEntryType crlType = isKRL ? certDBEntryTypeKeyRevocation  
                                   : certDBEntryTypeRevocation;
    
    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
    if ( arena == NULL ) {
       goto loser;
    }
    
    rv = EncodeDBGenericKey(crlKey, arena, &keyitem, crlType);
    if ( rv != SECSuccess ) {
       goto loser;
    }
    
    key.data = keyitem.data;
    key.size = keyitem.len;

    /* find in perm database */
    entry = ReadDBCrlEntry(handle, crlKey, crlType);
       
    if ( entry == NULL ) {
       goto loser;
    }

loser:
    if ( arena ) {
       PORT_FreeArena(arena, PR_FALSE);
    }
    
    return entry;
}

Here is the caller graph for this function:

NSSLOWCERTTrust* nsslowcert_FindTrustByIssuerAndSN ( NSSLOWCERTCertDBHandle *  handle,
NSSLOWCERTIssuerAndSN *  issuerAndSN 
)

Definition at line 4882 of file pcertdb.c.

{
    SECItem certKey;
    SECItem *sn = &issuerAndSN->serialNumber;
    SECItem *issuer = &issuerAndSN->derIssuer;
    NSSLOWCERTTrust *trust;
    unsigned char keyBuf[512];
    int data_left = sn->len-1;
    int data_len = sn->len;
    int index = 0;
    int len;

    /* automatically detect DER encoded serial numbers and remove the der
     * encoding since the database expects unencoded data. 
     * if it's DER encoded, there must be at least 3 bytes, tag, len, data */
    if ((sn->len >= 3) && (sn->data[0] == 0x2)) {
       /* remove the der encoding of the serial number before generating the
        * key.. */
       data_left = sn->len-2;
       data_len = sn->data[1];
       index = 2;

       /* extended length ? (not very likely for a serial number) */
       if (data_len & 0x80) {
           int len_count = data_len & 0x7f;

           data_len = 0;
           data_left -= len_count;
           if (data_left > 0) {
              while (len_count --) {
                  data_len = (data_len << 8) | sn->data[index++];
              }
           } 
       }
       /* XXX leaving any leading zeros on the serial number for backwards
        * compatibility
        */
       /* not a valid der, must be just an unlucky serial number value */
       if (data_len != data_left) {
           data_len = sn->len;
           index = 0;
       }
    }

    certKey.type = 0;
    certKey.len = data_len + issuer->len;
    len = sn->len + issuer->len;
    if (len > sizeof (keyBuf)) {
       certKey.data = (unsigned char*)PORT_Alloc(len);
    } else {
       certKey.data = keyBuf;
    }
    
    if ( certKey.data == NULL ) {
       return(0);
    }

    /* first try the serial number as hand-decoded above*/
    /* copy the serialNumber */
    PORT_Memcpy(certKey.data, &sn->data[index], data_len);

    /* copy the issuer */
    PORT_Memcpy( &certKey.data[data_len],issuer->data,issuer->len);

    trust = nsslowcert_FindTrustByKey(handle, &certKey);
    if (trust) {
       pkcs11_freeStaticData(certKey.data, keyBuf);
       return (trust);
    }

    if (index == 0) {
       pkcs11_freeStaticData(certKey.data, keyBuf);
       return NULL;
    }

    /* didn't find it, try by der encoded serial number */
    /* copy the serialNumber */
    PORT_Memcpy(certKey.data, sn->data, sn->len);

    /* copy the issuer */
    PORT_Memcpy( &certKey.data[sn->len], issuer->data, issuer->len);
    certKey.len = sn->len + issuer->len;

    trust = nsslowcert_FindTrustByKey(handle, &certKey);
    
    pkcs11_freeStaticData(certKey.data, keyBuf);
    
    return(trust);
}

Here is the caller graph for this function:

NSSLOWCERTTrust* nsslowcert_FindTrustByKey ( NSSLOWCERTCertDBHandle *  handle,
SECItem *  certKey 
)

Definition at line 4789 of file pcertdb.c.

{
    return(FindTrustByKey(handle, certKey, PR_FALSE));
}

Here is the caller graph for this function:

char* nsslowcert_FixupEmailAddr ( char *  emailAddr)

Definition at line 492 of file lowcert.c.

{
    char *retaddr;
    char *str;

    if ( emailAddr == NULL ) {
       return(NULL);
    }
    
    /* copy the string */
    str = retaddr = PORT_Strdup(emailAddr);
    if ( str == NULL ) {
       return(NULL);
    }
    
    /* make it lower case */
    while ( *str ) {
       *str = tolower( *str );
       str++;
    }
    
    return(retaddr);
}
SECStatus nsslowcert_GetCertTrust ( NSSLOWCERTCertificate *  cert,
NSSLOWCERTCertTrust *  trust 
)

Definition at line 4526 of file pcertdb.c.

{
    SECStatus rv;
    
    nsslowcert_LockCertTrust(cert);
    
    if ( cert->trust == NULL ) {
       rv = SECFailure;
    } else {
       *trust = *cert->trust;
       rv = SECSuccess;
    }
    
    nsslowcert_UnlockCertTrust(cert);
    return(rv);
}

Here is the caller graph for this function:

NSSLOWCERTCertDBHandle* nsslowcert_GetDefaultCertDB ( )

Definition at line 129 of file lowcert.c.

PRBool nsslowcert_hasTrust ( NSSLOWCERTCertTrust *  trust)

Definition at line 5255 of file pcertdb.c.

{
    if (trust == NULL) {
       return PR_FALSE;
    }
    return !((trust->sslFlags & CERTDB_TRUSTED_UNKNOWN) && 
              (trust->emailFlags & CERTDB_TRUSTED_UNKNOWN) && 
                     (trust->objectSigningFlags & CERTDB_TRUSTED_UNKNOWN));
}

Here is the caller graph for this function:

Definition at line 107 of file pcertdb.c.

Here is the caller graph for this function:

PRBool nsslowcert_IsNewer ( NSSLOWCERTCertificate *  certa,
NSSLOWCERTCertificate *  certb 
)

Definition at line 306 of file lowcert.c.

{
    PRTime notBeforeA, notAfterA, notBeforeB, notAfterB, now;
    SECStatus rv;
    PRBool newerbefore, newerafter;
    
    rv = nsslowcert_GetCertTimes(certa, &notBeforeA, &notAfterA);
    if ( rv != SECSuccess ) {
       return(PR_FALSE);
    }
    
    rv = nsslowcert_GetCertTimes(certb, &notBeforeB, &notAfterB);
    if ( rv != SECSuccess ) {
       return(PR_TRUE);
    }

    newerbefore = PR_FALSE;
    if ( LL_CMP(notBeforeA, >, notBeforeB) ) {
       newerbefore = PR_TRUE;
    }

    newerafter = PR_FALSE;
    if ( LL_CMP(notAfterA, >, notAfterB) ) {
       newerafter = PR_TRUE;
    }
    
    if ( newerbefore && newerafter ) {
       return(PR_TRUE);
    }
    
    if ( ( !newerbefore ) && ( !newerafter ) ) {
       return(PR_FALSE);
    }

    /* get current time */
    now = PR_Now();

    if ( newerbefore ) {
       /* cert A was issued after cert B, but expires sooner */
       /* if A is expired, then pick B */
       if ( LL_CMP(notAfterA, <, now ) ) {
           return(PR_FALSE);
       }
       return(PR_TRUE);
    } else {
       /* cert B was issued after cert A, but expires sooner */
       /* if B is expired, then pick A */
       if ( LL_CMP(notAfterB, <, now ) ) {
           return(PR_TRUE);
       }
       return(PR_FALSE);
    }
}
SECStatus nsslowcert_KeyFromDERCert ( PRArenaPool arena,
SECItem *  derCert,
SECItem *  key 
)

Definition at line 522 of file lowcert.c.

{
    int rv;
    NSSLOWCERTCertKey certkey;

    PORT_Memset(&certkey, 0, sizeof(NSSLOWCERTCertKey));    

    rv = nsslowcert_GetCertFields(derCert->data, derCert->len,
       &certkey.derIssuer, &certkey.serialNumber, NULL, NULL, NULL, NULL);

    if ( rv ) {
       goto loser;
    }

    return(nsslowcert_KeyFromIssuerAndSN(arena, &certkey.derIssuer,
                               &certkey.serialNumber, key));
loser:
    return(SECFailure);
}
PRBool nsslowcert_needDBVerify ( NSSLOWCERTCertDBHandle *  handle)

Definition at line 4681 of file pcertdb.c.

{
    if (!handle) return PR_FALSE;
    return handle->dbVerify;
}

Here is the caller graph for this function:

NSSLOWCERTCertificate* nsslowcert_NewTempCertificate ( NSSLOWCERTCertDBHandle *  handle,
SECItem *  derCert,
char *  nickname,
PRBool  isperm,
PRBool  copyDER 
)
int nsslowcert_NumPermCertsForNickname ( NSSLOWCERTCertDBHandle *  handle,
char *  nickname 
)

Definition at line 3224 of file pcertdb.c.

{
    certDBEntryNickname *entry;
    int ret;
    
    entry = ReadDBNicknameEntry(handle, nickname);
    
    if ( entry ) {
       ret = nsslowcert_NumPermCertsForSubject(handle, &entry->subjectName);
       DestroyDBEntry((certDBEntry *)entry);
    } else {
       ret = 0;
    }
    return(ret);
}

Here is the caller graph for this function:

int nsslowcert_NumPermCertsForSubject ( NSSLOWCERTCertDBHandle *  handle,
SECItem *  derSubject 
)

Definition at line 3168 of file pcertdb.c.

{
    certDBEntrySubject *entry;
    int ret;
    
    entry = ReadDBSubjectEntry(handle, derSubject);

    if ( entry == NULL ) {
       return(SECFailure);
    }

    ret = entry->ncerts;
    
    DestroyDBEntry((certDBEntry *)entry);
    
    return(ret);
}

Here is the caller graph for this function:

SECStatus nsslowcert_OpenCertDB ( NSSLOWCERTCertDBHandle *  handle,
PRBool  readOnly,
const char *  domain,
const char *  prefix,
NSSLOWCERTDBNameFunc  namecb,
void cbarg,
PRBool  openVolatile 
)

Definition at line 4654 of file pcertdb.c.

{
    int rv;

    certdb_InitDBLock(handle);
    
    handle->dbMon = PZ_NewMonitor(nssILockCertDB);
    PORT_Assert(handle->dbMon != NULL);
    handle->dbVerify = PR_FALSE;

    rv = nsslowcert_OpenPermCertDB(handle, readOnly, appName, prefix, 
                                                 namecb, cbarg);
    if ( rv ) {
       goto loser;
    }

    return (SECSuccess);
    
loser:

    PORT_SetError(SEC_ERROR_BAD_DATABASE);
    return(SECFailure);
}

Here is the caller graph for this function:

certDBEntrySMime* nsslowcert_ReadDBSMimeEntry ( NSSLOWCERTCertDBHandle *  certHandle,
char *  emailAddr 
)

Definition at line 2040 of file pcertdb.c.

{
    PRArenaPool *arena = NULL;
    PRArenaPool *tmparena = NULL;
    certDBEntrySMime *entry;
    SECItem dbkey;
    SECItem dbentry;
    SECStatus rv;
    
    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
    if ( arena == NULL ) {
       PORT_SetError(SEC_ERROR_NO_MEMORY);
       goto loser;
    }

    tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
    if ( tmparena == NULL ) {
       PORT_SetError(SEC_ERROR_NO_MEMORY);
       goto loser;
    }
    
    entry = (certDBEntrySMime *)PORT_ArenaAlloc(arena,
                                          sizeof(certDBEntrySMime));
    if ( entry == NULL ) {
       PORT_SetError(SEC_ERROR_NO_MEMORY);
       goto loser;
    }
    entry->common.arena = arena;
    entry->common.type = certDBEntryTypeSMimeProfile;

    rv = EncodeDBSMimeKey(emailAddr, tmparena, &dbkey);
    if ( rv != SECSuccess ) {
       goto loser;
    }
    
    rv = ReadDBEntry(handle, &entry->common, &dbkey, &dbentry, tmparena);
    if ( rv == SECFailure ) {
       goto loser;
    }

    /* is record long enough for header? */
    if ( dbentry.len < DB_SMIME_ENTRY_HEADER_LEN ) {
       PORT_SetError(SEC_ERROR_BAD_DATABASE);
       goto loser;
    }

    rv = DecodeDBSMimeEntry(entry, &dbentry, emailAddr);
    if ( rv != SECSuccess ) {
       goto loser;
    }
    
    PORT_FreeArena(tmparena, PR_FALSE);
    return(entry);
    
loser:
    if ( tmparena ) {
       PORT_FreeArena(tmparena, PR_FALSE);
    }
    if ( arena ) {
       PORT_FreeArena(arena, PR_FALSE);
    }
    
    return(NULL);
}

Here is the caller graph for this function:

SECStatus nsslowcert_SaveSMimeProfile ( NSSLOWCERTCertDBHandle *  dbhandle,
char *  emailAddr,
SECItem *  derSubject,
SECItem *  emailProfile,
SECItem *  profileTime 
)

Definition at line 5331 of file pcertdb.c.

{
    SECStatus rv = SECFailure;;

    rv = db_BeginTransaction(dbhandle->permCertDB);
    if (rv != SECSuccess) {
       return SECFailure;
    }

    rv = nsslowcert_UpdateSMimeProfile(dbhandle, emailAddr, 
        derSubject, emailProfile, profileTime);
    
    db_FinishTransaction(dbhandle->permCertDB, rv != SECSuccess);
    return(rv);
}

Here is the caller graph for this function:

void nsslowcert_setDBVerify ( NSSLOWCERTCertDBHandle *  handle,
PRBool  value 
)

Definition at line 4688 of file pcertdb.c.

{
    handle->dbVerify = value;
}
SECStatus nsslowcert_TraverseDBEntries ( NSSLOWCERTCertDBHandle *  handle,
certDBEntryType  type,
SECStatus(*)(SECItem *data, SECItem *key, certDBEntryType type, void *pdata)  callback,
void udata 
)

Definition at line 4272 of file pcertdb.c.

{
    DBT data;
    DBT key;
    SECStatus rv;
    int ret;
    SECItem dataitem;
    SECItem keyitem;
    unsigned char *buf;
    unsigned char *keybuf;
    
    ret = certdb_Seq(handle->permCertDB, &key, &data, R_FIRST);

    if ( ret ) {
       return(SECFailure);
    }
    
    do {
       buf = (unsigned char *)data.data;
       
       if ( buf[1] == (unsigned char)type ) {
           dataitem.len = data.size;
           dataitem.data = buf;
            dataitem.type = siBuffer;
           keyitem.len = key.size - SEC_DB_KEY_HEADER_LEN;
           keybuf = (unsigned char *)key.data;
           keyitem.data = &keybuf[SEC_DB_KEY_HEADER_LEN];
            keyitem.type = siBuffer;
           /* type should equal keybuf[0].  */

           rv = (* callback)(&dataitem, &keyitem, type, udata);
           if ( rv != SECSuccess ) {
              return(rv);
           }
       }
    } while ( certdb_Seq(handle->permCertDB, &key, &data, R_NEXT) == 0 );

    return(SECSuccess);
}

Here is the caller graph for this function:

SECStatus nsslowcert_TraversePermCerts ( NSSLOWCERTCertDBHandle *  handle,
PermCertCallback  certfunc,
void udata 
)

Here is the caller graph for this function:

SECStatus nsslowcert_TraversePermCertsForNickname ( NSSLOWCERTCertDBHandle *  handle,
char *  nickname,
NSSLOWCERTCertCallback  cb,
void cbarg 
)

Definition at line 3188 of file pcertdb.c.

{
    certDBEntryNickname *nnentry = NULL;
    certDBEntrySMime *smentry = NULL;
    SECStatus rv;
    SECItem *derSubject = NULL;
    
    nnentry = ReadDBNicknameEntry(handle, nickname);
    if ( nnentry ) {
       derSubject = &nnentry->subjectName;
    } else {
       smentry = nsslowcert_ReadDBSMimeEntry(handle, nickname);
       if ( smentry ) {
           derSubject = &smentry->subjectName;
       }
    }
    
    if ( derSubject ) {
       rv = nsslowcert_TraversePermCertsForSubject(handle, derSubject,
                                         cb, cbarg);
    } else {
       rv = SECFailure;
    }

    if ( nnentry ) {
       DestroyDBEntry((certDBEntry *)nnentry);
    }
    if ( smentry ) {
       DestroyDBEntry((certDBEntry *)smentry);
    }
    
    return(rv);
}

Here is the caller graph for this function:

SECStatus nsslowcert_TraversePermCertsForSubject ( NSSLOWCERTCertDBHandle *  handle,
SECItem *  derSubject,
NSSLOWCERTCertCallback  cb,
void cbarg 
)

Definition at line 3135 of file pcertdb.c.

{
    certDBEntrySubject *entry;
    unsigned int i;
    NSSLOWCERTCertificate *cert;
    SECStatus rv = SECSuccess;
    
    entry = ReadDBSubjectEntry(handle, derSubject);

    if ( entry == NULL ) {
       return(SECFailure);
    }
    
    for( i = 0; i < entry->ncerts; i++ ) {
       cert = nsslowcert_FindCertByKey(handle, &entry->certKeys[i]);
       if (!cert) {
           continue;
       }
       rv = (* cb)(cert, cbarg);
       nsslowcert_DestroyCertificate(cert);
       if ( rv == SECFailure ) {
           break;
       }
    }

    DestroyDBEntry((certDBEntry *)entry);

    return(rv);
}

Here is the caller graph for this function:

unsigned char* pkcs11_allocStaticData ( int  datalen,
unsigned char *  space,
int  spaceLen 
)

Definition at line 405 of file pcertdb.c.

{
    unsigned char *data = NULL;

    if (len <= spaceLen) {
       data = space;
    } else {
       data = (unsigned char *) PORT_Alloc(len);
    }

    return data;
}

Here is the caller graph for this function:

char* pkcs11_copyNickname ( char *  nickname,
char *  space,
int  spaceLen 
)

Definition at line 380 of file pcertdb.c.

{
    int len;
    char *copy = NULL;

    len = PORT_Strlen(nickname)+1;
    if (len <= spaceLen) {
       copy = space;
       PORT_Memcpy(copy,nickname,len);
    } else {
       copy = PORT_Strdup(nickname);
    }

    return copy;
}

Here is the caller graph for this function:

unsigned char* pkcs11_copyStaticData ( unsigned char *  data,
int  datalen,
unsigned char *  space,
int  spaceLen 
)

Definition at line 419 of file pcertdb.c.

{
    unsigned char *copy = pkcs11_allocStaticData(len, space, spaceLen);
    if (copy) {
       PORT_Memcpy(copy,data,len);
    }

    return copy;
}

Here is the caller graph for this function:

void pkcs11_freeNickname ( char *  nickname,
char *  space 
)

Definition at line 372 of file pcertdb.c.

{
    if (nickname && nickname != space) {
       PORT_Free(nickname);
    }
}

Here is the caller graph for this function:

void pkcs11_freeStaticData ( unsigned char *  data,
unsigned char *  space 
)

Definition at line 397 of file pcertdb.c.

{
    if (data && data != space) {
       PORT_Free(data);
    }
}

Here is the caller graph for this function: