Bug 1063013, Part 4: Move MapResultToName and MAP_LIST out of pkixnss.h/pkixnss.cpp, r=keeler

--HG-- rename : security/pkix/lib/pkixnss.cpp => security/pkix/lib/pkixresult.cpp extra : rebase_source : 2fec0a279f7ef6acdd7ac8bf749190eef33df70d
2024-09-13 09:24:08 -07:00 · 2014-08-31 19:42:36 -07:00 · 2014-08-31 19:42:36 -07:00 · f99ad3cc23
commit f99ad3cc23
parent 48465f1ae0
7 changed files with 162 additions and 79 deletions
--- a/security/pkix/include/pkix/Result.h
+++ b/security/pkix/include/pkix/Result.h
@ -80,16 +80,118 @@ MOZILLA_PKIX_ENUM_CLASS Result
  ERROR_CA_CERT_USED_AS_END_ENTITY = 39,
  ERROR_INADEQUATE_KEY_SIZE = 40,

-  // Keep this in sync with MAP_LIST in pkixnss.cpp
+  // Keep this in sync with MAP_LIST below

  FATAL_ERROR_INVALID_ARGS = FATAL_ERROR_FLAG | 1,
  FATAL_ERROR_INVALID_STATE = FATAL_ERROR_FLAG | 2,
  FATAL_ERROR_LIBRARY_FAILURE = FATAL_ERROR_FLAG | 3,
  FATAL_ERROR_NO_MEMORY = FATAL_ERROR_FLAG | 4,

-  // Keep this in sync with MAP_LIST in pkixnss.cpp
+  // Keep this in sync with MAP_LIST below
 };

+// The first argument to MOZILLA_PKIX_MAP() is used for building the mapping
+// from error code to error name in MapResultToName.
+//
+// The second argument to MOZILLA_PKIX_MAP() is used, along with the first
+// argument, for maintaining the mapping of mozilla::pkix error codes to
+// NSS/NSPR error codes in pkixnss.cpp.
+#define MOZILLA_PKIX_MAP_LIST \
+    MOZILLA_PKIX_MAP(Result::Success, 0) \
+    MOZILLA_PKIX_MAP(Result::ERROR_BAD_DER, \
+                         SEC_ERROR_BAD_DER) \
+    MOZILLA_PKIX_MAP(Result::ERROR_CA_CERT_INVALID, \
+                         SEC_ERROR_CA_CERT_INVALID) \
+    MOZILLA_PKIX_MAP(Result::ERROR_BAD_SIGNATURE, \
+                         SEC_ERROR_BAD_SIGNATURE) \
+    MOZILLA_PKIX_MAP(Result::ERROR_CERT_BAD_ACCESS_LOCATION, \
+                         SEC_ERROR_CERT_BAD_ACCESS_LOCATION) \
+    MOZILLA_PKIX_MAP(Result::ERROR_CERT_NOT_IN_NAME_SPACE, \
+                         SEC_ERROR_CERT_NOT_IN_NAME_SPACE) \
+    MOZILLA_PKIX_MAP(Result::ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED, \
+                         SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED) \
+    MOZILLA_PKIX_MAP(Result::ERROR_CONNECT_REFUSED, \
+                                PR_CONNECT_REFUSED_ERROR) \
+    MOZILLA_PKIX_MAP(Result::ERROR_EXPIRED_CERTIFICATE, \
+                         SEC_ERROR_EXPIRED_CERTIFICATE) \
+    MOZILLA_PKIX_MAP(Result::ERROR_EXTENSION_VALUE_INVALID, \
+                         SEC_ERROR_EXTENSION_VALUE_INVALID) \
+    MOZILLA_PKIX_MAP(Result::ERROR_INADEQUATE_CERT_TYPE, \
+                         SEC_ERROR_INADEQUATE_CERT_TYPE) \
+    MOZILLA_PKIX_MAP(Result::ERROR_INADEQUATE_KEY_USAGE, \
+                         SEC_ERROR_INADEQUATE_KEY_USAGE) \
+    MOZILLA_PKIX_MAP(Result::ERROR_INVALID_ALGORITHM, \
+                         SEC_ERROR_INVALID_ALGORITHM) \
+    MOZILLA_PKIX_MAP(Result::ERROR_INVALID_TIME, \
+                         SEC_ERROR_INVALID_TIME) \
+    MOZILLA_PKIX_MAP(Result::ERROR_KEY_PINNING_FAILURE, \
+                MOZILLA_PKIX_ERROR_KEY_PINNING_FAILURE) \
+    MOZILLA_PKIX_MAP(Result::ERROR_PATH_LEN_CONSTRAINT_INVALID, \
+                         SEC_ERROR_PATH_LEN_CONSTRAINT_INVALID) \
+    MOZILLA_PKIX_MAP(Result::ERROR_POLICY_VALIDATION_FAILED, \
+                         SEC_ERROR_POLICY_VALIDATION_FAILED) \
+    MOZILLA_PKIX_MAP(Result::ERROR_REVOKED_CERTIFICATE, \
+                         SEC_ERROR_REVOKED_CERTIFICATE) \
+    MOZILLA_PKIX_MAP(Result::ERROR_UNKNOWN_CRITICAL_EXTENSION, \
+                         SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION) \
+    MOZILLA_PKIX_MAP(Result::ERROR_UNKNOWN_ERROR, \
+                                PR_UNKNOWN_ERROR) \
+    MOZILLA_PKIX_MAP(Result::ERROR_UNKNOWN_ISSUER, \
+                         SEC_ERROR_UNKNOWN_ISSUER) \
+    MOZILLA_PKIX_MAP(Result::ERROR_UNTRUSTED_CERT, \
+                         SEC_ERROR_UNTRUSTED_CERT) \
+    MOZILLA_PKIX_MAP(Result::ERROR_UNTRUSTED_ISSUER, \
+                         SEC_ERROR_UNTRUSTED_ISSUER) \
+    MOZILLA_PKIX_MAP(Result::ERROR_OCSP_BAD_SIGNATURE, \
+                         SEC_ERROR_OCSP_BAD_SIGNATURE) \
+    MOZILLA_PKIX_MAP(Result::ERROR_OCSP_INVALID_SIGNING_CERT, \
+                         SEC_ERROR_OCSP_INVALID_SIGNING_CERT) \
+    MOZILLA_PKIX_MAP(Result::ERROR_OCSP_MALFORMED_REQUEST, \
+                         SEC_ERROR_OCSP_MALFORMED_REQUEST) \
+    MOZILLA_PKIX_MAP(Result::ERROR_OCSP_MALFORMED_RESPONSE, \
+                         SEC_ERROR_OCSP_MALFORMED_RESPONSE) \
+    MOZILLA_PKIX_MAP(Result::ERROR_OCSP_OLD_RESPONSE, \
+                         SEC_ERROR_OCSP_OLD_RESPONSE) \
+    MOZILLA_PKIX_MAP(Result::ERROR_OCSP_REQUEST_NEEDS_SIG, \
+                         SEC_ERROR_OCSP_REQUEST_NEEDS_SIG) \
+    MOZILLA_PKIX_MAP(Result::ERROR_OCSP_RESPONDER_CERT_INVALID, \
+                         SEC_ERROR_OCSP_RESPONDER_CERT_INVALID) \
+    MOZILLA_PKIX_MAP(Result::ERROR_OCSP_SERVER_ERROR, \
+                         SEC_ERROR_OCSP_SERVER_ERROR) \
+    MOZILLA_PKIX_MAP(Result::ERROR_OCSP_TRY_SERVER_LATER, \
+                         SEC_ERROR_OCSP_TRY_SERVER_LATER) \
+    MOZILLA_PKIX_MAP(Result::ERROR_OCSP_UNAUTHORIZED_REQUEST, \
+                         SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST) \
+    MOZILLA_PKIX_MAP(Result::ERROR_OCSP_UNKNOWN_RESPONSE_STATUS, \
+                         SEC_ERROR_OCSP_UNKNOWN_RESPONSE_STATUS) \
+    MOZILLA_PKIX_MAP(Result::ERROR_OCSP_UNKNOWN_CERT, \
+                         SEC_ERROR_OCSP_UNKNOWN_CERT) \
+    MOZILLA_PKIX_MAP(Result::ERROR_OCSP_FUTURE_RESPONSE, \
+                         SEC_ERROR_OCSP_FUTURE_RESPONSE) \
+    MOZILLA_PKIX_MAP(Result::ERROR_INVALID_KEY, \
+                         SEC_ERROR_INVALID_KEY) \
+    MOZILLA_PKIX_MAP(Result::ERROR_UNSUPPORTED_KEYALG, \
+                         SEC_ERROR_UNSUPPORTED_KEYALG) \
+    MOZILLA_PKIX_MAP(Result::ERROR_EXPIRED_ISSUER_CERTIFICATE, \
+                         SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE) \
+    MOZILLA_PKIX_MAP(Result::ERROR_CA_CERT_USED_AS_END_ENTITY, \
+                MOZILLA_PKIX_ERROR_CA_CERT_USED_AS_END_ENTITY) \
+    MOZILLA_PKIX_MAP(Result::ERROR_INADEQUATE_KEY_SIZE, \
+                MOZILLA_PKIX_ERROR_INADEQUATE_KEY_SIZE) \
+    MOZILLA_PKIX_MAP(Result::FATAL_ERROR_INVALID_ARGS, \
+                               SEC_ERROR_INVALID_ARGS) \
+    MOZILLA_PKIX_MAP(Result::FATAL_ERROR_INVALID_STATE, \
+                                      PR_INVALID_STATE_ERROR) \
+    MOZILLA_PKIX_MAP(Result::FATAL_ERROR_LIBRARY_FAILURE, \
+                               SEC_ERROR_LIBRARY_FAILURE) \
+    MOZILLA_PKIX_MAP(Result::FATAL_ERROR_NO_MEMORY, \
+                               SEC_ERROR_NO_MEMORY) \
+    /* nothing here */
+
+// Returns the stringified name of the given result, e.g. "Result::Success",
+// or nullptr if result is unknown (invalid).
+const char* MapResultToName(Result result);
+
 // We write many comparisons as (x != Success), and this shortened name makes
 // those comparisons clearer, especially because the shortened name often
 // results in less line wrapping.
--- a/security/pkix/include/pkix/pkixnss.h
+++ b/security/pkix/include/pkix/pkixnss.h
@ -56,10 +56,6 @@ Result CheckPublicKey(Input subjectPublicKeyInfo);
 Result MapPRErrorCodeToResult(PRErrorCode errorCode);
 PRErrorCode MapResultToPRErrorCode(Result result);

-// Returns the stringified name of the given result, e.g. "Result::Success",
-// or nullptr if result is unknown (invalid).
-const char* MapResultToName(Result result);
-
 // The error codes within each module must fit in 16 bits. We want these
 // errors to fit in the same module as the NSS errors but not overlap with
 // any of them. Converting an NSS SEC, NSS SSL, or PSM error to an NS error
--- a/security/pkix/lib/pkixnss.cpp
+++ b/security/pkix/lib/pkixnss.cpp
@ -190,65 +190,17 @@ DigestBuf(Input item, /*out*/ uint8_t* digestBuf, size_t digestBufLen)
  return Success;
 }

-#define MAP_LIST \
-    MAP(Result::Success, 0) \
-    MAP(Result::ERROR_BAD_DER, SEC_ERROR_BAD_DER) \
-    MAP(Result::ERROR_CA_CERT_INVALID, SEC_ERROR_CA_CERT_INVALID) \
-    MAP(Result::ERROR_BAD_SIGNATURE, SEC_ERROR_BAD_SIGNATURE) \
-    MAP(Result::ERROR_CERT_BAD_ACCESS_LOCATION, SEC_ERROR_CERT_BAD_ACCESS_LOCATION) \
-    MAP(Result::ERROR_CERT_NOT_IN_NAME_SPACE, SEC_ERROR_CERT_NOT_IN_NAME_SPACE) \
-    MAP(Result::ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED, SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED) \
-    MAP(Result::ERROR_CONNECT_REFUSED, PR_CONNECT_REFUSED_ERROR) \
-    MAP(Result::ERROR_EXPIRED_CERTIFICATE, SEC_ERROR_EXPIRED_CERTIFICATE) \
-    MAP(Result::ERROR_EXTENSION_VALUE_INVALID, SEC_ERROR_EXTENSION_VALUE_INVALID) \
-    MAP(Result::ERROR_INADEQUATE_CERT_TYPE, SEC_ERROR_INADEQUATE_CERT_TYPE) \
-    MAP(Result::ERROR_INADEQUATE_KEY_USAGE, SEC_ERROR_INADEQUATE_KEY_USAGE) \
-    MAP(Result::ERROR_INVALID_ALGORITHM, SEC_ERROR_INVALID_ALGORITHM) \
-    MAP(Result::ERROR_INVALID_TIME, SEC_ERROR_INVALID_TIME) \
-    MAP(Result::ERROR_KEY_PINNING_FAILURE, MOZILLA_PKIX_ERROR_KEY_PINNING_FAILURE) \
-    MAP(Result::ERROR_PATH_LEN_CONSTRAINT_INVALID, SEC_ERROR_PATH_LEN_CONSTRAINT_INVALID) \
-    MAP(Result::ERROR_POLICY_VALIDATION_FAILED, SEC_ERROR_POLICY_VALIDATION_FAILED) \
-    MAP(Result::ERROR_REVOKED_CERTIFICATE, SEC_ERROR_REVOKED_CERTIFICATE) \
-    MAP(Result::ERROR_UNKNOWN_CRITICAL_EXTENSION, SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION) \
-    MAP(Result::ERROR_UNKNOWN_ERROR, PR_UNKNOWN_ERROR) \
-    MAP(Result::ERROR_UNKNOWN_ISSUER, SEC_ERROR_UNKNOWN_ISSUER) \
-    MAP(Result::ERROR_UNTRUSTED_CERT, SEC_ERROR_UNTRUSTED_CERT) \
-    MAP(Result::ERROR_UNTRUSTED_ISSUER, SEC_ERROR_UNTRUSTED_ISSUER) \
-    MAP(Result::ERROR_OCSP_BAD_SIGNATURE, SEC_ERROR_OCSP_BAD_SIGNATURE) \
-    MAP(Result::ERROR_OCSP_INVALID_SIGNING_CERT, SEC_ERROR_OCSP_INVALID_SIGNING_CERT) \
-    MAP(Result::ERROR_OCSP_MALFORMED_REQUEST, SEC_ERROR_OCSP_MALFORMED_REQUEST) \
-    MAP(Result::ERROR_OCSP_MALFORMED_RESPONSE, SEC_ERROR_OCSP_MALFORMED_RESPONSE) \
-    MAP(Result::ERROR_OCSP_OLD_RESPONSE, SEC_ERROR_OCSP_OLD_RESPONSE) \
-    MAP(Result::ERROR_OCSP_REQUEST_NEEDS_SIG, SEC_ERROR_OCSP_REQUEST_NEEDS_SIG) \
-    MAP(Result::ERROR_OCSP_RESPONDER_CERT_INVALID, SEC_ERROR_OCSP_RESPONDER_CERT_INVALID) \
-    MAP(Result::ERROR_OCSP_SERVER_ERROR, SEC_ERROR_OCSP_SERVER_ERROR) \
-    MAP(Result::ERROR_OCSP_TRY_SERVER_LATER, SEC_ERROR_OCSP_TRY_SERVER_LATER) \
-    MAP(Result::ERROR_OCSP_UNAUTHORIZED_REQUEST, SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST) \
-    MAP(Result::ERROR_OCSP_UNKNOWN_RESPONSE_STATUS, SEC_ERROR_OCSP_UNKNOWN_RESPONSE_STATUS) \
-    MAP(Result::ERROR_OCSP_UNKNOWN_CERT, SEC_ERROR_OCSP_UNKNOWN_CERT) \
-    MAP(Result::ERROR_OCSP_FUTURE_RESPONSE, SEC_ERROR_OCSP_FUTURE_RESPONSE) \
-    MAP(Result::ERROR_INVALID_KEY, SEC_ERROR_INVALID_KEY) \
-    MAP(Result::ERROR_UNSUPPORTED_KEYALG, SEC_ERROR_UNSUPPORTED_KEYALG) \
-    MAP(Result::ERROR_EXPIRED_ISSUER_CERTIFICATE, SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE) \
-    MAP(Result::ERROR_CA_CERT_USED_AS_END_ENTITY, MOZILLA_PKIX_ERROR_CA_CERT_USED_AS_END_ENTITY) \
-    MAP(Result::ERROR_INADEQUATE_KEY_SIZE, MOZILLA_PKIX_ERROR_INADEQUATE_KEY_SIZE) \
-    MAP(Result::FATAL_ERROR_INVALID_ARGS, SEC_ERROR_INVALID_ARGS) \
-    MAP(Result::FATAL_ERROR_INVALID_STATE, PR_INVALID_STATE_ERROR) \
-    MAP(Result::FATAL_ERROR_LIBRARY_FAILURE, SEC_ERROR_LIBRARY_FAILURE) \
-    MAP(Result::FATAL_ERROR_NO_MEMORY, SEC_ERROR_NO_MEMORY) \
-    /* nothing here */
-
 Result
 MapPRErrorCodeToResult(PRErrorCode error)
 {
  switch (error)
  {
-#define MAP(mozilla_pkix_result, nss_result) \
+#define MOZILLA_PKIX_MAP(mozilla_pkix_result, nss_result) \
    case nss_result: return mozilla_pkix_result;

-    MAP_LIST
+    MOZILLA_PKIX_MAP_LIST

-#undef MAP
+#undef MOZILLA_PKIX_MAP

    default:
      return Result::ERROR_UNKNOWN_ERROR;
@ -260,12 +212,12 @@ MapResultToPRErrorCode(Result result)
 {
  switch (result)
  {
-#define MAP(mozilla_pkix_result, nss_result) \
+#define MOZILLA_PKIX_MAP(mozilla_pkix_result, nss_result) \
    case mozilla_pkix_result: return nss_result;

-    MAP_LIST
+    MOZILLA_PKIX_MAP_LIST

-#undef MAP
+#undef MOZILLA_PKIX_MAP

    default:
      PR_NOT_REACHED("Unknown error code in MapResultToPRErrorCode");
@ -273,24 +225,6 @@ MapResultToPRErrorCode(Result result)
  }
 }

-const char*
-MapResultToName(Result result)
-{
-  switch (result)
-  {
-#define MAP(mozilla_pkix_result, nss_result) \
-    case mozilla_pkix_result: return #mozilla_pkix_result;
-
-    MAP_LIST
-
-#undef MAP
-
-    default:
-      PR_NOT_REACHED("Unknown error code in MapResultToName");
-      return nullptr;
-  }
-}
-
 void
 RegisterErrorTable()
 {
--- a/security/pkix/lib/pkixresult.cpp
+++ b/security/pkix/lib/pkixresult.cpp
@ -0,0 +1,49 @@
+/*- *- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This code is made available to you under your choice of the following sets
+ * of licensing terms:
+ */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+/* Copyright 2013 Mozilla Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "pkix/Result.h"
+
+#include "pkix/nullptr.h"
+
+namespace mozilla { namespace pkix {
+
+const char*
+MapResultToName(Result result)
+{
+  switch (result)
+  {
+#define MOZILLA_PKIX_MAP(mozilla_pkix_result, nss_result) \
+    case mozilla_pkix_result: return #mozilla_pkix_result;
+
+    MOZILLA_PKIX_MAP_LIST
+
+#undef MOZILLA_PKIX_MAP
+
+    default:
+      assert(false);
+      return nullptr;
+  }
+}
+
+} } // namespace mozilla::pkix
--- a/security/pkix/moz.build
+++ b/security/pkix/moz.build
@ -12,6 +12,7 @@ SOURCES += [
    'lib/pkixder.cpp',
    'lib/pkixnss.cpp',
    'lib/pkixocsp.cpp',
+    'lib/pkixresult.cpp',
    'lib/pkixtime.cpp',
 ]

--- a/security/pkix/test/gtest/pkixbuild_tests.cpp
+++ b/security/pkix/test/gtest/pkixbuild_tests.cpp
@ -25,6 +25,7 @@
 #include "cert.h"
 #include "nssgtest.h"
 #include "pkix/pkix.h"
+#include "pkix/pkixnss.h"
 #include "pkixgtest.h"
 #include "pkixtestutil.h"

--- a/security/pkix/test/gtest/pkixgtest.h
+++ b/security/pkix/test/gtest/pkixgtest.h
@ -27,7 +27,7 @@
 #include <ostream>

 #include "gtest/gtest.h"
-#include "pkix/pkixnss.h"
+#include "pkix/Result.h"

 // PrintTo must be in the same namespace as the type we're overloading it for.
 namespace mozilla { namespace pkix {