diff options
| author | Brian Smith <brian@briansmith.org> | 2015-01-06 18:28:09 -0800 |
|---|---|---|
| committer | Brian Smith <brian@briansmith.org> | 2015-01-06 18:28:09 -0800 |
| commit | d514cee99ca257a8fb1f37747c3266003200a2af (patch) | |
| tree | 880ebfeba882a2d427d8a86fbb71f740cd52a887 | |
| parent | dfd9d50bd8b319665f918d7f3b56c5cc9f8e1812 (diff) | |
| download | nss-hg-d514cee99ca257a8fb1f37747c3266003200a2af.tar.gz | |
Bug 1118599 - Remove now-unneeded MOZILLA_PKIX_ENUM_CLASS workaround for GCC enum class bugs. r=mmc
| -rw-r--r-- | lib/mozpkix/include/pkix/Result.h | 10 | ||||
| -rw-r--r-- | lib/mozpkix/include/pkix/enumclass.h | 38 | ||||
| -rw-r--r-- | lib/mozpkix/include/pkix/pkixtypes.h | 12 | ||||
| -rw-r--r-- | lib/mozpkix/lib/pkixder.h | 4 | ||||
| -rw-r--r-- | lib/mozpkix/lib/pkixnames.cpp | 75 | ||||
| -rw-r--r-- | lib/mozpkix/lib/pkixocsp.cpp | 4 | ||||
| -rw-r--r-- | lib/mozpkix/test/gtest/pkixbuild_tests.cpp | 3 | ||||
| -rw-r--r-- | lib/mozpkix/test/gtest/pkixcert_signature_algorithm_tests.cpp | 3 | ||||
| -rw-r--r-- | lib/mozpkix/test/gtest/pkixocsp_VerifyEncodedOCSPResponse.cpp | 22 | ||||
| -rw-r--r-- | lib/mozpkix/test/lib/pkixtestutil.cpp | 32 | ||||
| -rw-r--r-- | lib/mozpkix/test/lib/pkixtestutil.h | 8 |
11 files changed, 68 insertions, 143 deletions
diff --git a/lib/mozpkix/include/pkix/Result.h b/lib/mozpkix/include/pkix/Result.h index ebea29026..59015bc15 100644 --- a/lib/mozpkix/include/pkix/Result.h +++ b/lib/mozpkix/include/pkix/Result.h @@ -27,8 +27,6 @@ #include <cassert> -#include "pkix/enumclass.h" - namespace mozilla { namespace pkix { static const unsigned int FATAL_ERROR_FLAG = 0x800; @@ -183,7 +181,7 @@ static const unsigned int FATAL_ERROR_FLAG = 0x800; SEC_ERROR_NO_MEMORY) \ /* nothing here */ -MOZILLA_PKIX_ENUM_CLASS Result +enum class Result { #define MOZILLA_PKIX_MAP(name, value, nss_name) name = value, MOZILLA_PKIX_MAP_LIST @@ -197,13 +195,7 @@ const char* MapResultToName(Result result); // We write many comparisons as (x != Success), and this shortened name makes // those comparisons clearer, especially because the shortened name often // results in less line wrapping. -// -// If MOZILLA_PKIX_ENUM_CLASS doesn't expand to "enum class" then -// Result::Success will already be in scope, and compilation would fail if we -// were to try to define a variable named "Success" here. -#ifdef MOZILLA_PKIX_ENUM_CLASS_REALLY_IS_ENUM_CLASS static const Result Success = Result::Success; -#endif inline bool IsFatalError(Result rv) diff --git a/lib/mozpkix/include/pkix/enumclass.h b/lib/mozpkix/include/pkix/enumclass.h deleted file mode 100644 index d48488d5c..000000000 --- a/lib/mozpkix/include/pkix/enumclass.h +++ /dev/null @@ -1,38 +0,0 @@ -/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ -/* vim: set ts=8 sts=2 et sw=2 tw=80: */ -/* This code is made available to you under your choice of the following sets - * of licensing terms: - */ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. - */ -/* Copyright 2013 Mozilla Contributors - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef mozilla_pkix__enumclass_h -#define mozilla_pkix__enumclass_h - -#if defined(__GNUC__) && (__GNUC__ * 100 + __GNUC_MINOR__ < 407) -// GCC before version 4.7 may crash when compiling code that static_casts a -// value of scoped typed enum type. See -// https://gcc.gnu.org/bugzilla/show_bug.cgi?id=48106. -#define MOZILLA_PKIX_ENUM_CLASS enum -#else -#define MOZILLA_PKIX_ENUM_CLASS enum class -#define MOZILLA_PKIX_ENUM_CLASS_REALLY_IS_ENUM_CLASS -#endif - -#endif // mozilla_pkix__enumclass_h diff --git a/lib/mozpkix/include/pkix/pkixtypes.h b/lib/mozpkix/include/pkix/pkixtypes.h index d417f4089..98fe338f9 100644 --- a/lib/mozpkix/include/pkix/pkixtypes.h +++ b/lib/mozpkix/include/pkix/pkixtypes.h @@ -31,7 +31,7 @@ namespace mozilla { namespace pkix { -MOZILLA_PKIX_ENUM_CLASS DigestAlgorithm +enum class DigestAlgorithm { sha512 = 1, sha384 = 2, @@ -43,7 +43,7 @@ MOZILLA_PKIX_ENUM_CLASS DigestAlgorithm // * secp521r1 (OID 1.3.132.0.35, RFC 5480) // * secp384r1 (OID 1.3.132.0.34, RFC 5480) // * secp256r1 (OID 1.2.840.10045.3.17, RFC 5480) -MOZILLA_PKIX_ENUM_CLASS SignatureAlgorithm +enum class SignatureAlgorithm { // ecdsa-with-SHA512 (OID 1.2.840.10045.4.3.4, RFC 5758 Section 3.2) ecdsa_with_sha512 = 1, @@ -84,9 +84,9 @@ private: void operator=(const SignedDataWithSignature&) /*= delete*/; }; -MOZILLA_PKIX_ENUM_CLASS EndEntityOrCA { MustBeEndEntity = 0, MustBeCA = 1 }; +enum class EndEntityOrCA { MustBeEndEntity = 0, MustBeCA = 1 }; -MOZILLA_PKIX_ENUM_CLASS KeyUsage : uint8_t { +enum class KeyUsage : uint8_t { digitalSignature = 0, nonRepudiation = 1, keyEncipherment = 2, @@ -99,7 +99,7 @@ MOZILLA_PKIX_ENUM_CLASS KeyUsage : uint8_t { noParticularKeyUsageRequired = 0xff, }; -MOZILLA_PKIX_ENUM_CLASS KeyPurposeId { +enum class KeyPurposeId { anyExtendedKeyUsage = 0, id_kp_serverAuth = 1, // id-kp-serverAuth id_kp_clientAuth = 2, // id-kp-clientAuth @@ -118,7 +118,7 @@ struct CertPolicyId { static const CertPolicyId anyPolicy; }; -MOZILLA_PKIX_ENUM_CLASS TrustLevel { +enum class TrustLevel { TrustAnchor = 1, // certificate is a trusted root CA certificate or // equivalent *for the given policy*. ActivelyDistrusted = 2, // certificate is known to be bad diff --git a/lib/mozpkix/lib/pkixder.h b/lib/mozpkix/lib/pkixder.h index 9f69d6c8c..30f7ab0df 100644 --- a/lib/mozpkix/lib/pkixder.h +++ b/lib/mozpkix/lib/pkixder.h @@ -74,7 +74,7 @@ enum Tag GENERALIZED_TIME = UNIVERSAL | 0x18, }; -MOZILLA_PKIX_ENUM_CLASS EmptyAllowed { No = 0, Yes = 1 }; +enum class EmptyAllowed { No = 0, Yes = 1 }; Result ReadTagAndGetValue(Reader& input, /*out*/ uint8_t& tag, /*out*/ Input& value); @@ -474,7 +474,7 @@ CertificateSerialNumber(Reader& input, /*out*/ Input& value) // x.509 and OCSP both use this same version numbering scheme, though OCSP // only supports v1. -MOZILLA_PKIX_ENUM_CLASS Version { v1 = 0, v2 = 1, v3 = 2, v4 = 3 }; +enum class Version { v1 = 0, v2 = 1, v3 = 2, v4 = 3 }; // X.509 Certificate and OCSP ResponseData both use this // "[0] EXPLICIT Version DEFAULT <defaultVersion>" construct, but with diff --git a/lib/mozpkix/lib/pkixnames.cpp b/lib/mozpkix/lib/pkixnames.cpp index e3b7f4706..7a70d8fb5 100644 --- a/lib/mozpkix/lib/pkixnames.cpp +++ b/lib/mozpkix/lib/pkixnames.cpp @@ -52,7 +52,7 @@ namespace { // uniformResourceIdentifier [6] IA5String, // iPAddress [7] OCTET STRING, // registeredID [8] OBJECT IDENTIFIER } -MOZILLA_PKIX_ENUM_CLASS GeneralNameType : uint8_t +enum class GeneralNameType : uint8_t { // Note that these values are NOT contiguous. Some values have the // der::CONSTRUCTED bit set while others do not. @@ -115,9 +115,9 @@ ReadGeneralName(Reader& reader, return Success; } -MOZILLA_PKIX_ENUM_CLASS FallBackToSearchWithinSubject { No = 0, Yes = 1 }; +enum class FallBackToSearchWithinSubject { No = 0, Yes = 1 }; -MOZILLA_PKIX_ENUM_CLASS MatchResult +enum class MatchResult { NoNamesOfGivenType = 0, Mismatch = 1, @@ -159,36 +159,29 @@ Result CheckPresentedIDConformsToConstraints(GeneralNameType referenceIDType, uint8_t LocaleInsensitveToLower(uint8_t a); bool StartsWithIDNALabel(Input id); -MOZILLA_PKIX_ENUM_CLASS IDRole +enum class IDRole { ReferenceID = 0, PresentedID = 1, NameConstraint = 2, }; -MOZILLA_PKIX_ENUM_CLASS Wildcards -{ - AllowWildcards = 0, - DisallowWildcards = 1 -}; +enum class AllowWildcards { No = 0, Yes = 1 }; // DNSName constraints implicitly allow subdomain matching when there is no // leading dot ("foo.example.com" matches a constraint of "example.com"), but // RFC822Name constraints only allow subdomain matching when there is a leading // dot ("foo.example.com" does not match "example.com" but does match // ".example.com"). -MOZILLA_PKIX_ENUM_CLASS DotlessSubdomainMatches -{ - DisallowDotlessSubdomainMatches = 0, - AllowDotlessSubdomainMatches = 1 -}; +enum class AllowDotlessSubdomainMatches { No = 0, Yes = 1 }; -bool IsValidDNSID(Input hostname, IDRole idRole, Wildcards allowWildcards); +bool IsValidDNSID(Input hostname, IDRole idRole, + AllowWildcards allowWildcards); Result MatchPresentedDNSIDWithReferenceDNSID( Input presentedDNSID, - Wildcards allowWildcards, - DotlessSubdomainMatches allowDotlessSubdomainMatches, + AllowWildcards allowWildcards, + AllowDotlessSubdomainMatches allowDotlessSubdomainMatches, IDRole referenceDNSIDRole, Input referenceDNSID, /*out*/ bool& matches); @@ -211,9 +204,8 @@ MatchPresentedDNSIDWithReferenceDNSID(Input presentedDNSID, /*out*/ bool& matches) { return MatchPresentedDNSIDWithReferenceDNSID( - presentedDNSID, Wildcards::AllowWildcards, - DotlessSubdomainMatches::AllowDotlessSubdomainMatches, - IDRole::ReferenceID, + presentedDNSID, AllowWildcards::Yes, + AllowDotlessSubdomainMatches::Yes, IDRole::ReferenceID, referenceDNSID, matches); } @@ -701,9 +693,9 @@ MatchPresentedIDWithReferenceID(GeneralNameType presentedIDType, switch (referenceIDType) { case GeneralNameType::dNSName: rv = MatchPresentedDNSIDWithReferenceDNSID( - presentedID, Wildcards::AllowWildcards, - DotlessSubdomainMatches::AllowDotlessSubdomainMatches, - IDRole::ReferenceID, referenceID, foundMatch); + presentedID, AllowWildcards::Yes, + AllowDotlessSubdomainMatches::Yes, IDRole::ReferenceID, + referenceID, foundMatch); break; case GeneralNameType::iPAddress: @@ -741,7 +733,7 @@ MatchPresentedIDWithReferenceID(GeneralNameType presentedIDType, return Success; } -MOZILLA_PKIX_ENUM_CLASS NameConstraintsSubtrees : uint8_t +enum class NameConstraintsSubtrees : uint8_t { permittedSubtrees = der::CONSTRUCTED | der::CONTEXT_SPECIFIC | 0, excludedSubtrees = der::CONSTRUCTED | der::CONTEXT_SPECIFIC | 1 @@ -858,9 +850,9 @@ CheckPresentedIDConformsToNameConstraintsSubtrees( switch (presentedIDType) { case GeneralNameType::dNSName: rv = MatchPresentedDNSIDWithReferenceDNSID( - presentedID, Wildcards::AllowWildcards, - DotlessSubdomainMatches::AllowDotlessSubdomainMatches, - IDRole::NameConstraint, base, matches); + presentedID, AllowWildcards::Yes, + AllowDotlessSubdomainMatches::Yes, IDRole::NameConstraint, + base, matches); if (rv != Success) { return rv; } @@ -1067,8 +1059,8 @@ CheckPresentedIDConformsToNameConstraintsSubtrees( Result MatchPresentedDNSIDWithReferenceDNSID( Input presentedDNSID, - Wildcards allowWildcards, - DotlessSubdomainMatches allowDotlessSubdomainMatches, + AllowWildcards allowWildcards, + AllowDotlessSubdomainMatches allowDotlessSubdomainMatches, IDRole referenceDNSIDRole, Input referenceDNSID, /*out*/ bool& matches) @@ -1077,8 +1069,7 @@ MatchPresentedDNSIDWithReferenceDNSID( return Result::ERROR_BAD_DER; } - if (!IsValidDNSID(referenceDNSID, referenceDNSIDRole, - Wildcards::DisallowWildcards)) { + if (!IsValidDNSID(referenceDNSID, referenceDNSIDRole, AllowWildcards::No)) { return Result::ERROR_BAD_DER; } @@ -1129,7 +1120,7 @@ MatchPresentedDNSIDWithReferenceDNSID( Result::FATAL_ERROR_LIBRARY_FAILURE); } } else if (allowDotlessSubdomainMatches == - DotlessSubdomainMatches::AllowDotlessSubdomainMatches) { + AllowDotlessSubdomainMatches::Yes) { if (presented.Skip(static_cast<Input::size_type>( presentedDNSID.GetLength() - referenceDNSID.GetLength() - 1)) != Success) { @@ -1453,8 +1444,7 @@ IsValidRFC822Name(Input input) } Input domain; reader.SkipToEnd(domain); - return IsValidDNSID(domain, IDRole::PresentedID, - Wildcards::DisallowWildcards); + return IsValidDNSID(domain, IDRole::PresentedID, AllowWildcards::No); } default: @@ -1506,9 +1496,9 @@ MatchPresentedRFC822NameWithReferenceRFC822Name(Input presentedRFC822Name, presented.SkipToEnd(presentedDNSID); return MatchPresentedDNSIDWithReferenceDNSID( - presentedDNSID, Wildcards::DisallowWildcards, - DotlessSubdomainMatches::DisallowDotlessSubdomainMatches, - IDRole::NameConstraint, referenceRFC822Name, matches); + presentedDNSID, AllowWildcards::No, + AllowDotlessSubdomainMatches::No, IDRole::NameConstraint, + referenceRFC822Name, matches); } default: @@ -1817,21 +1807,19 @@ ParseIPv6Address(Input hostname, /*out*/ uint8_t (&out)[16]) bool IsValidReferenceDNSID(Input hostname) { - return IsValidDNSID(hostname, IDRole::ReferenceID, - Wildcards::DisallowWildcards); + return IsValidDNSID(hostname, IDRole::ReferenceID, AllowWildcards::No); } bool IsValidPresentedDNSID(Input hostname) { - return IsValidDNSID(hostname, IDRole::PresentedID, - Wildcards::AllowWildcards); + return IsValidDNSID(hostname, IDRole::PresentedID, AllowWildcards::Yes); } namespace { bool -IsValidDNSID(Input hostname, IDRole idRole, Wildcards allowWildcards) +IsValidDNSID(Input hostname, IDRole idRole, AllowWildcards allowWildcards) { if (hostname.GetLength() > 253) { return false; @@ -1851,8 +1839,7 @@ IsValidDNSID(Input hostname, IDRole idRole, Wildcards allowWildcards) // Only presented IDs are allowed to have wildcard labels. And, like // Chromium, be stricter than RFC 6125 requires by insisting that a // wildcard label consist only of '*'. - bool isWildcard = allowWildcards == Wildcards::AllowWildcards && - input.Peek('*'); + bool isWildcard = allowWildcards == AllowWildcards::Yes && input.Peek('*'); bool isFirstByte = !isWildcard; if (isWildcard) { Result rv = input.Skip(1); diff --git a/lib/mozpkix/lib/pkixocsp.cpp b/lib/mozpkix/lib/pkixocsp.cpp index 9f29f2eaa..4732de155 100644 --- a/lib/mozpkix/lib/pkixocsp.cpp +++ b/lib/mozpkix/lib/pkixocsp.cpp @@ -33,7 +33,7 @@ namespace mozilla { namespace pkix { // These values correspond to the tag values in the ASN.1 CertStatus -MOZILLA_PKIX_ENUM_CLASS CertStatus : uint8_t { +enum class CertStatus : uint8_t { Good = der::CONTEXT_SPECIFIC | 0, Revoked = der::CONTEXT_SPECIFIC | der::CONSTRUCTED | 1, Unknown = der::CONTEXT_SPECIFIC | 2 @@ -140,7 +140,7 @@ CheckOCSPResponseSignerCert(TrustDomain& trustDomain, return rv; } -MOZILLA_PKIX_ENUM_CLASS ResponderIDType : uint8_t +enum class ResponderIDType : uint8_t { byName = der::CONTEXT_SPECIFIC | der::CONSTRUCTED | 1, byKey = der::CONTEXT_SPECIFIC | der::CONSTRUCTED | 2 diff --git a/lib/mozpkix/test/gtest/pkixbuild_tests.cpp b/lib/mozpkix/test/gtest/pkixbuild_tests.cpp index a5f96b33d..6c584be22 100644 --- a/lib/mozpkix/test/gtest/pkixbuild_tests.cpp +++ b/lib/mozpkix/test/gtest/pkixbuild_tests.cpp @@ -49,8 +49,7 @@ CreateCert(const char* issuerCN, // null means "empty name" ByteString extensions[2]; if (endEntityOrCA == EndEntityOrCA::MustBeCA) { extensions[0] = - CreateEncodedBasicConstraints(true, nullptr, - ExtensionCriticality::Critical); + CreateEncodedBasicConstraints(true, nullptr, Critical::Yes); EXPECT_FALSE(ENCODING_FAILED(extensions[0])); } diff --git a/lib/mozpkix/test/gtest/pkixcert_signature_algorithm_tests.cpp b/lib/mozpkix/test/gtest/pkixcert_signature_algorithm_tests.cpp index 7365a77fb..c13d1c7d7 100644 --- a/lib/mozpkix/test/gtest/pkixcert_signature_algorithm_tests.cpp +++ b/lib/mozpkix/test/gtest/pkixcert_signature_algorithm_tests.cpp @@ -30,8 +30,7 @@ CreateCert(const char* issuerCN, ByteString extensions[2]; if (endEntityOrCA == EndEntityOrCA::MustBeCA) { extensions[0] = - CreateEncodedBasicConstraints(true, nullptr, - ExtensionCriticality::Critical); + CreateEncodedBasicConstraints(true, nullptr, Critical::Yes); EXPECT_FALSE(ENCODING_FAILED(extensions[0])); } diff --git a/lib/mozpkix/test/gtest/pkixocsp_VerifyEncodedOCSPResponse.cpp b/lib/mozpkix/test/gtest/pkixocsp_VerifyEncodedOCSPResponse.cpp index 6d2a2e66d..d600b2b7c 100644 --- a/lib/mozpkix/test/gtest/pkixocsp_VerifyEncodedOCSPResponse.cpp +++ b/lib/mozpkix/test/gtest/pkixocsp_VerifyEncodedOCSPResponse.cpp @@ -477,8 +477,7 @@ protected: const ByteString extensions[] = { signerEKUDER - ? CreateEncodedEKUExtension(*signerEKUDER, - ExtensionCriticality::NotCritical) + ? CreateEncodedEKUExtension(*signerEKUDER, Critical::No) : ByteString(), ByteString() }; @@ -628,8 +627,7 @@ TEST_F(pkixocsp_VerifyEncodedResponse_DelegatedResponder, good_expired) static const char* signerName = "good_indirect_expired"; const ByteString extensions[] = { - CreateEncodedEKUExtension(OCSPSigningEKUDER, - ExtensionCriticality::NotCritical), + CreateEncodedEKUExtension(OCSPSigningEKUDER, Critical::No), ByteString() }; @@ -664,8 +662,7 @@ TEST_F(pkixocsp_VerifyEncodedResponse_DelegatedResponder, good_future) static const char* signerName = "good_indirect_future"; const ByteString extensions[] = { - CreateEncodedEKUExtension(OCSPSigningEKUDER, - ExtensionCriticality::NotCritical), + CreateEncodedEKUExtension(OCSPSigningEKUDER, Critical::No), ByteString() }; @@ -772,8 +769,7 @@ TEST_F(pkixocsp_VerifyEncodedResponse_DelegatedResponder, good_unknown_issuer) // Delegated responder cert signed by unknown issuer const ByteString extensions[] = { - CreateEncodedEKUExtension(OCSPSigningEKUDER, - ExtensionCriticality::NotCritical), + CreateEncodedEKUExtension(OCSPSigningEKUDER, Critical::No), ByteString() }; ScopedTestKeyPair signerKeyPair(GenerateKeyPair()); @@ -813,7 +809,7 @@ TEST_F(pkixocsp_VerifyEncodedResponse_DelegatedResponder, // sub-CA of root (root is the direct issuer of endEntity) const ByteString subCAExtensions[] = { - CreateEncodedBasicConstraints(true, 0, ExtensionCriticality::NotCritical), + CreateEncodedBasicConstraints(true, 0, Critical::No), ByteString() }; ScopedTestKeyPair subCAKeyPair(GenerateKeyPair()); @@ -825,8 +821,7 @@ TEST_F(pkixocsp_VerifyEncodedResponse_DelegatedResponder, // Delegated responder cert signed by that sub-CA const ByteString extensions[] = { - CreateEncodedEKUExtension(OCSPSigningEKUDER, - ExtensionCriticality::NotCritical), + CreateEncodedEKUExtension(OCSPSigningEKUDER, Critical::No), ByteString(), }; ScopedTestKeyPair signerKeyPair(GenerateKeyPair()); @@ -867,7 +862,7 @@ TEST_F(pkixocsp_VerifyEncodedResponse_DelegatedResponder, // sub-CA of root (root is the direct issuer of endEntity) const ByteString subCAExtensions[] = { - CreateEncodedBasicConstraints(true, 0, ExtensionCriticality::NotCritical), + CreateEncodedBasicConstraints(true, 0, Critical::No), ByteString() }; ScopedTestKeyPair subCAKeyPair(GenerateKeyPair()); @@ -881,8 +876,7 @@ TEST_F(pkixocsp_VerifyEncodedResponse_DelegatedResponder, // Delegated responder cert signed by that sub-CA const ByteString extensions[] = { - CreateEncodedEKUExtension(OCSPSigningEKUDER, - ExtensionCriticality::NotCritical), + CreateEncodedEKUExtension(OCSPSigningEKUDER, Critical::No), ByteString() }; ScopedTestKeyPair signerKeyPair(GenerateKeyPair()); diff --git a/lib/mozpkix/test/lib/pkixtestutil.cpp b/lib/mozpkix/test/lib/pkixtestutil.cpp index 0994ebfea..08a2bb26e 100644 --- a/lib/mozpkix/test/lib/pkixtestutil.cpp +++ b/lib/mozpkix/test/lib/pkixtestutil.cpp @@ -409,16 +409,14 @@ SignedData(const ByteString& tbsData, // -- by extnID // } static ByteString -Extension(Input extnID, ExtensionCriticality criticality, - const ByteString& extnValueBytes) +Extension(Input extnID, Critical critical, const ByteString& extnValueBytes) { ByteString encoded; encoded.append(ByteString(extnID.UnsafeGetData(), extnID.GetLength())); - if (criticality == ExtensionCriticality::Critical) { - ByteString critical(Boolean(true)); - encoded.append(critical); + if (critical == Critical::Yes) { + encoded.append(Boolean(true)); } ByteString extnValueSequence(TLV(der::SEQUENCE, extnValueBytes)); @@ -428,13 +426,12 @@ Extension(Input extnID, ExtensionCriticality criticality, } static ByteString -EmptyExtension(Input extnID, ExtensionCriticality criticality) +EmptyExtension(Input extnID, Critical critical) { ByteString encoded(extnID.UnsafeGetData(), extnID.GetLength()); - if (criticality == ExtensionCriticality::Critical) { - ByteString critical(Boolean(true)); - encoded.append(critical); + if (critical == Critical::Yes) { + encoded.append(Boolean(true)); } ByteString extnValue(TLV(der::OCTET_STRING, ByteString())); @@ -682,7 +679,7 @@ CreateEncodedSerialNumber(long serialNumberValue) ByteString CreateEncodedBasicConstraints(bool isCA, /*optional*/ long* pathLenConstraintValue, - ExtensionCriticality criticality) + Critical critical) { ByteString value; @@ -700,13 +697,13 @@ CreateEncodedBasicConstraints(bool isCA, static const uint8_t tlv_id_ce_basicConstraints[] = { 0x06, 0x03, 0x55, 0x1d, 0x13 }; - return Extension(Input(tlv_id_ce_basicConstraints), criticality, value); + return Extension(Input(tlv_id_ce_basicConstraints), critical, value); } // ExtKeyUsageSyntax ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId // KeyPurposeId ::= OBJECT IDENTIFIER ByteString -CreateEncodedEKUExtension(Input ekuOID, ExtensionCriticality criticality) +CreateEncodedEKUExtension(Input ekuOID, Critical critical) { ByteString value(ekuOID.UnsafeGetData(), ekuOID.GetLength()); @@ -715,7 +712,7 @@ CreateEncodedEKUExtension(Input ekuOID, ExtensionCriticality criticality) 0x06, 0x03, 0x55, 0x1d, 0x25 }; - return Extension(Input(tlv_id_ce_extKeyUsage), criticality, value); + return Extension(Input(tlv_id_ce_extKeyUsage), critical, value); } // python DottedOIDToCode.py --tlv id-ce-subjectAltName 2.5.29.17 @@ -726,15 +723,13 @@ static const uint8_t tlv_id_ce_subjectAltName[] = { ByteString CreateEncodedSubjectAltName(const ByteString& names) { - return Extension(Input(tlv_id_ce_subjectAltName), - ExtensionCriticality::NotCritical, names); + return Extension(Input(tlv_id_ce_subjectAltName), Critical::No, names); } ByteString CreateEncodedEmptySubjectAltName() { - return EmptyExtension(Input(tlv_id_ce_subjectAltName), - ExtensionCriticality::NotCritical); + return EmptyExtension(Input(tlv_id_ce_subjectAltName), Critical::No); } /////////////////////////////////////////////////////////////////////////////// @@ -839,8 +834,7 @@ OCSPExtension(OCSPResponseContext& context, OCSPResponseExtension& extension) ByteString encoded; encoded.append(extension.id); if (extension.critical) { - ByteString critical(Boolean(true)); - encoded.append(critical); + encoded.append(Boolean(true)); } ByteString value(TLV(der::OCTET_STRING, extension.value)); encoded.append(value); diff --git a/lib/mozpkix/test/lib/pkixtestutil.h b/lib/mozpkix/test/lib/pkixtestutil.h index 21c1cf9a3..5caad8bb2 100644 --- a/lib/mozpkix/test/lib/pkixtestutil.h +++ b/lib/mozpkix/test/lib/pkixtestutil.h @@ -29,7 +29,6 @@ #include <stdint.h> // Some Mozilla-supported compilers lack <cstdint> #include <string> -#include "pkix/enumclass.h" #include "pkix/pkixtypes.h" #include "pkix/ScopedPtr.h" @@ -303,15 +302,14 @@ ByteString CreateEncodedCertificate(long version, const ByteString& signature, ByteString CreateEncodedSerialNumber(long value); -MOZILLA_PKIX_ENUM_CLASS ExtensionCriticality { NotCritical = 0, Critical = 1 }; +enum class Critical { No = 0, Yes = 1 }; ByteString CreateEncodedBasicConstraints(bool isCA, /*optional*/ long* pathLenConstraint, - ExtensionCriticality criticality); + Critical critical); // Creates a DER-encoded extKeyUsage extension with one EKU OID. -ByteString CreateEncodedEKUExtension(Input eku, - ExtensionCriticality criticality); +ByteString CreateEncodedEKUExtension(Input eku, Critical critical); /////////////////////////////////////////////////////////////////////////////// // Encode OCSP responses |