static void remove_subject_entry ( nssCertificateStore *store, NSSCertificate *cert ) { nssList *subjectList; /* Get the subject list for the cert's subject */ subjectList = (nssList *)nssHash_Lookup(store->subject, &cert->subject); if (subjectList) { /* Remove the cert from the subject hash */ nssList_Remove(subjectList, cert); nssHash_Remove(store->subject, &cert->subject); if (nssList_Count(subjectList) == 0) { nssList_Destroy(subjectList); } else { /* The cert being released may have keyed the subject entry. * Since there are still subject certs around, get another and * rekey the entry just in case. */ NSSCertificate *subjectCert; (void)nssList_GetArray(subjectList, (void **)&subjectCert, 1); nssHash_Add(store->subject, &subjectCert->subject, subjectList); } } }
static PRStatus remove_subject_entry ( nssTDCertificateCache *cache, NSSCertificate *cert, nssList **subjectList, NSSUTF8 **nickname, NSSArena **arena ) { PRStatus nssrv; cache_entry *ce; *subjectList = NULL; *arena = NULL; /* Get the subject list for the cert's subject */ ce = (cache_entry *)nssHash_Lookup(cache->subject, &cert->subject); if (ce) { /* Remove the cert from the subject hash */ nssList_Remove(ce->entry.list, cert); *subjectList = ce->entry.list; *nickname = ce->nickname; *arena = ce->arena; nssrv = PR_SUCCESS; #ifdef DEBUG_CACHE log_cert_ref("removed cert", cert); log_item_dump("from subject list", &cert->subject); #endif } else { nssrv = PR_FAILURE; } return nssrv; }
static PRStatus add_subject_entry ( nssCertificateStore *store, NSSCertificate *cert ) { PRStatus nssrv; nssList *subjectList; subjectList = (nssList *)nssHash_Lookup(store->subject, &cert->subject); if (subjectList) { /* The subject is already in, add this cert to the list */ nssrv = nssList_AddUnique(subjectList, cert); } else { /* Create a new subject list for the subject */ subjectList = nssList_Create(NULL, PR_FALSE); if (!subjectList) { return PR_FAILURE; } nssList_SetSortFunction(subjectList, nssCertificate_SubjectListSort); /* Add the cert entry to this list of subjects */ nssrv = nssList_Add(subjectList, cert); if (nssrv != PR_SUCCESS) { return nssrv; } /* Add the subject list to the cache */ nssrv = nssHash_Add(store->subject, &cert->subject, subjectList); } return nssrv; }
NSS_IMPLEMENT void nssCertificateStore_RemoveCertLOCKED ( nssCertificateStore *store, NSSCertificate *cert ) { certificate_hash_entry *entry; entry = (certificate_hash_entry *) nssHash_Lookup(store->issuer_and_serial, cert); if (entry && entry->cert == cert) { remove_certificate_entry(store, cert); remove_subject_entry(store, cert); } }
NSS_IMPLEMENT nssSMIMEProfile * nssCertificateStore_FindSMIMEProfileForCertificate ( nssCertificateStore *store, NSSCertificate *cert ) { certificate_hash_entry *entry; nssSMIMEProfile *rvProfile = NULL; PZ_Lock(store->lock); entry = (certificate_hash_entry *) nssHash_Lookup(store->issuer_and_serial, cert); if (entry && entry->profile) { rvProfile = nssSMIMEProfile_AddRef(entry->profile); } PZ_Unlock(store->lock); return rvProfile; }
NSS_IMPLEMENT NSSTrust * nssCertificateStore_FindTrustForCertificate ( nssCertificateStore *store, NSSCertificate *cert ) { certificate_hash_entry *entry; NSSTrust *rvTrust = NULL; PZ_Lock(store->lock); entry = (certificate_hash_entry *) nssHash_Lookup(store->issuer_and_serial, cert); if (entry && entry->trust) { rvTrust = nssTrust_AddRef(entry->trust); } PZ_Unlock(store->lock); return rvTrust; }
NSS_EXTERN PRStatus nssCertificateStore_AddSMIMEProfile ( nssCertificateStore *store, nssSMIMEProfile *profile ) { NSSCertificate *cert; certificate_hash_entry *entry; cert = profile->certificate; PZ_Lock(store->lock); entry = (certificate_hash_entry *) nssHash_Lookup(store->issuer_and_serial, cert); if (entry) { entry->profile = nssSMIMEProfile_AddRef(profile); } PZ_Unlock(store->lock); return (entry) ? PR_SUCCESS : PR_FAILURE; }
NSS_EXTERN PRStatus nssCertificateStore_AddTrust ( nssCertificateStore *store, NSSTrust *trust ) { NSSCertificate *cert; certificate_hash_entry *entry; cert = trust->certificate; PZ_Lock(store->lock); entry = (certificate_hash_entry *) nssHash_Lookup(store->issuer_and_serial, cert); if (entry) { entry->trust = nssTrust_AddRef(trust); } PZ_Unlock(store->lock); return (entry) ? PR_SUCCESS : PR_FAILURE; }
/* Caller holds store->lock */ static NSSCertificate * nssCertStore_FindCertByIssuerAndSerialNumberLocked ( nssCertificateStore *store, NSSDER *issuer, NSSDER *serial ) { certificate_hash_entry *entry; NSSCertificate *rvCert = NULL; NSSCertificate index; index.issuer = *issuer; index.serial = *serial; entry = (certificate_hash_entry *) nssHash_Lookup(store->issuer_and_serial, &index); if (entry) { rvCert = nssCertificate_AddRef(entry->cert); } return rvCert; }
static void remove_certificate_entry ( nssCertificateStore *store, NSSCertificate *cert ) { certificate_hash_entry *entry; entry = (certificate_hash_entry *) nssHash_Lookup(store->issuer_and_serial, cert); if (entry) { nssHash_Remove(store->issuer_and_serial, cert); if (entry->trust) { nssTrust_Destroy(entry->trust); } if (entry->profile) { nssSMIMEProfile_Destroy(entry->profile); } nss_ZFreeIf(entry); } }
NSS_IMPLEMENT void nssTrustDomain_RemoveCertFromCacheLOCKED ( NSSTrustDomain *td, NSSCertificate *cert ) { nssList *subjectList; cache_entry *ce; NSSArena *arena; NSSUTF8 *nickname; #ifdef DEBUG_CACHE log_cert_ref("attempt to remove cert", cert); #endif ce = (cache_entry *)nssHash_Lookup(td->cache->issuerAndSN, cert); if (!ce || ce->entry.cert != cert) { /* If it's not in the cache, or a different cert is (this is really * for safety reasons, though it shouldn't happen), do nothing */ #ifdef DEBUG_CACHE PR_LOG(s_log, PR_LOG_DEBUG, ("but it wasn't in the cache")); #endif return; } (void)remove_issuer_and_serial_entry(td->cache, cert); (void)remove_subject_entry(td->cache, cert, &subjectList, &nickname, &arena); if (nssList_Count(subjectList) == 0) { (void)remove_nickname_entry(td->cache, nickname, subjectList); (void)remove_email_entry(td->cache, cert, subjectList); (void)nssList_Destroy(subjectList); nssHash_Remove(td->cache->subject, &cert->subject); /* there are no entries left for this subject, free the space used * for both the nickname and subject entries */ if (arena) { nssArena_Destroy(arena); } } }
static PRStatus remove_email_entry( nssTDCertificateCache *cache, NSSCertificate *cert, nssList *subjectList) { PRStatus nssrv = PR_FAILURE; cache_entry *ce; /* Find the subject list in the email hash */ if (cert->email) { ce = (cache_entry *)nssHash_Lookup(cache->email, cert->email); if (ce) { nssList *subjects = ce->entry.list; /* Remove the subject list from the email hash */ if (subjects) { nssList_Remove(subjects, subjectList); #ifdef DEBUG_CACHE log_item_dump("removed subject list", &cert->subject); PR_LOG(s_log, PR_LOG_DEBUG, ("for email %s", cert->email)); #endif if (nssList_Count(subjects) == 0) { /* No more subject lists for email, delete list and * remove hash entry */ (void)nssList_Destroy(subjects); nssHash_Remove(cache->email, cert->email); /* there are no entries left for this address, free space * used for email entries */ nssArena_Destroy(ce->arena); #ifdef DEBUG_CACHE PR_LOG(s_log, PR_LOG_DEBUG, ("removed email %s", cert->email)); #endif } } nssrv = PR_SUCCESS; } } return nssrv; }