static SECStatus ssl_PopulateServerCert(sslServerCert *sc, CERTCertificate *cert, const CERTCertificateList *certChain) { if (sc->serverCert) { CERT_DestroyCertificate(sc->serverCert); } if (sc->serverCertChain) { CERT_DestroyCertificateList(sc->serverCertChain); } if (!cert) { sc->serverCert = NULL; sc->serverCertChain = NULL; return SECSuccess; } sc->serverCert = CERT_DupCertificate(cert); if (certChain) { sc->serverCertChain = CERT_DupCertList(certChain); } else { sc->serverCertChain = CERT_CertChainFromCert(sc->serverCert, certUsageSSLServer, PR_TRUE); } return sc->serverCertChain ? SECSuccess : SECFailure; }
/* * NSS_CMSSignerInfo_IncludeCerts - set cert chain inclusion mode for this signer */ SECStatus NSS_CMSSignerInfo_IncludeCerts(NSSCMSSignerInfo *signerinfo, NSSCMSCertChainMode cm, SECCertUsage usage) { if (signerinfo->cert == NULL) return SECFailure; /* don't leak if we get called twice */ if (signerinfo->certList != NULL) { CERT_DestroyCertificateList(signerinfo->certList); signerinfo->certList = NULL; } switch (cm) { case NSSCMSCM_None: signerinfo->certList = NULL; break; case NSSCMSCM_CertOnly: signerinfo->certList = CERT_CertListFromCert(signerinfo->cert); break; case NSSCMSCM_CertChain: signerinfo->certList = CERT_CertChainFromCert(signerinfo->cert, usage, PR_FALSE); break; case NSSCMSCM_CertChainWithRoot: signerinfo->certList = CERT_CertChainFromCert(signerinfo->cert, usage, PR_TRUE); break; } if (cm != NSSCMSCM_None && signerinfo->certList == NULL) return SECFailure; return SECSuccess; }