The Tor Browser / annotate

security/nss/lib/libpkix/pkix/checker/pkix_certchainchecker.c@6474c204b198 (annotated)

security/nss/lib/libpkix/pkix/checker/pkix_certchainchecker.c

Wed, 31 Dec 2014 06:09:35 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Wed, 31 Dec 2014 06:09:35 +0100
changeset 0
6474c204b198
permissions
-rwxr-xr-x

Cloned upstream origin tor-browser at tor-browser-31.3.0esr-4.5-1-build1
revision ID fc1c9ff7c1b2defdbc039f12214767608f46423f for hacking purpose.

michael@0 1 /* This Source Code Form is subject to the terms of the Mozilla Public
michael@0 2 * License, v. 2.0. If a copy of the MPL was not distributed with this
michael@0 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
michael@0 4 /*
michael@0 5 * pkix_certchainchecker.c
michael@0 6 *
michael@0 7 * CertChainChecker Object Functions
michael@0 8 *
michael@0 9 */
michael@0 10
michael@0 11 #include "pkix_certchainchecker.h"
michael@0 12
michael@0 13 /* --Private-Functions-------------------------------------------- */
michael@0 14
michael@0 15 /*
michael@0 16 * FUNCTION: pkix_CertChainChecker_Destroy
michael@0 17 * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
michael@0 18 */
michael@0 19 static PKIX_Error *
michael@0 20 pkix_CertChainChecker_Destroy(
michael@0 21 PKIX_PL_Object *object,
michael@0 22 void *plContext)
michael@0 23 {
michael@0 24 PKIX_CertChainChecker *checker = NULL;
michael@0 25
michael@0 26 PKIX_ENTER(CERTCHAINCHECKER, "pkix_CertChainChecker_Destroy");
michael@0 27 PKIX_NULLCHECK_ONE(object);
michael@0 28
michael@0 29 /* Check that this object is a cert chain checker */
michael@0 30 PKIX_CHECK(pkix_CheckType
michael@0 31 (object, PKIX_CERTCHAINCHECKER_TYPE, plContext),
michael@0 32 PKIX_OBJECTNOTCERTCHAINCHECKER);
michael@0 33
michael@0 34 checker = (PKIX_CertChainChecker *)object;
michael@0 35
michael@0 36 PKIX_DECREF(checker->extensions);
michael@0 37 PKIX_DECREF(checker->state);
michael@0 38
michael@0 39 cleanup:
michael@0 40
michael@0 41 PKIX_RETURN(CERTCHAINCHECKER);
michael@0 42 }
michael@0 43
michael@0 44 /*
michael@0 45 * FUNCTION: pkix_CertChainChecker_Duplicate
michael@0 46 * (see comments for PKIX_PL_DuplicateCallback in pkix_pl_system.h)
michael@0 47 */
michael@0 48 static PKIX_Error *
michael@0 49 pkix_CertChainChecker_Duplicate(
michael@0 50 PKIX_PL_Object *object,
michael@0 51 PKIX_PL_Object **pNewObject,
michael@0 52 void *plContext)
michael@0 53 {
michael@0 54 PKIX_CertChainChecker *checker = NULL;
michael@0 55 PKIX_CertChainChecker *checkerDuplicate = NULL;
michael@0 56 PKIX_List *extensionsDuplicate = NULL;
michael@0 57 PKIX_PL_Object *stateDuplicate = NULL;
michael@0 58
michael@0 59 PKIX_ENTER(CERTCHAINCHECKER, "pkix_CertChainChecker_Duplicate");
michael@0 60 PKIX_NULLCHECK_TWO(object, pNewObject);
michael@0 61
michael@0 62 PKIX_CHECK(pkix_CheckType
michael@0 63 (object, PKIX_CERTCHAINCHECKER_TYPE, plContext),
michael@0 64 PKIX_OBJECTNOTCERTCHAINCHECKER);
michael@0 65
michael@0 66 checker = (PKIX_CertChainChecker *)object;
michael@0 67
michael@0 68 if (checker->extensions){
michael@0 69 PKIX_CHECK(PKIX_PL_Object_Duplicate
michael@0 70 ((PKIX_PL_Object *)checker->extensions,
michael@0 71 (PKIX_PL_Object **)&extensionsDuplicate,
michael@0 72 plContext),
michael@0 73 PKIX_OBJECTDUPLICATEFAILED);
michael@0 74 }
michael@0 75
michael@0 76 if (checker->state){
michael@0 77 PKIX_CHECK(PKIX_PL_Object_Duplicate
michael@0 78 ((PKIX_PL_Object *)checker->state,
michael@0 79 (PKIX_PL_Object **)&stateDuplicate,
michael@0 80 plContext),
michael@0 81 PKIX_OBJECTDUPLICATEFAILED);
michael@0 82 }
michael@0 83
michael@0 84 PKIX_CHECK(PKIX_CertChainChecker_Create
michael@0 85 (checker->checkCallback,
michael@0 86 checker->forwardChecking,
michael@0 87 checker->isForwardDirectionExpected,
michael@0 88 extensionsDuplicate,
michael@0 89 stateDuplicate,
michael@0 90 &checkerDuplicate,
michael@0 91 plContext),
michael@0 92 PKIX_CERTCHAINCHECKERCREATEFAILED);
michael@0 93
michael@0 94 *pNewObject = (PKIX_PL_Object *)checkerDuplicate;
michael@0 95
michael@0 96 cleanup:
michael@0 97
michael@0 98 PKIX_DECREF(extensionsDuplicate);
michael@0 99 PKIX_DECREF(stateDuplicate);
michael@0 100
michael@0 101 PKIX_RETURN(CERTCHAINCHECKER);
michael@0 102 }
michael@0 103
michael@0 104 /*
michael@0 105 * FUNCTION: pkix_CertChainChecker_RegisterSelf
michael@0 106 * DESCRIPTION:
michael@0 107 * Registers PKIX_CERTCHAINCHECKER_TYPE and its related functions with
michael@0 108 * systemClasses[]
michael@0 109 * THREAD SAFETY:
michael@0 110 * Not Thread Safe - for performance and complexity reasons
michael@0 111 *
michael@0 112 * Since this function is only called by PKIX_PL_Initialize, which should
michael@0 113 * only be called once, it is acceptable that this function is not
michael@0 114 * thread-safe.
michael@0 115 */
michael@0 116 PKIX_Error *
michael@0 117 pkix_CertChainChecker_RegisterSelf(void *plContext)
michael@0 118 {
michael@0 119 extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
michael@0 120 pkix_ClassTable_Entry entry;
michael@0 121
michael@0 122 PKIX_ENTER(CERTCHAINCHECKER, "pkix_CertChainChecker_RegisterSelf");
michael@0 123
michael@0 124 entry.description = "CertChainChecker";
michael@0 125 entry.objCounter = 0;
michael@0 126 entry.typeObjectSize = sizeof(PKIX_CertChainChecker);
michael@0 127 entry.destructor = pkix_CertChainChecker_Destroy;
michael@0 128 entry.equalsFunction = NULL;
michael@0 129 entry.hashcodeFunction = NULL;
michael@0 130 entry.toStringFunction = NULL;
michael@0 131 entry.comparator = NULL;
michael@0 132 entry.duplicateFunction = pkix_CertChainChecker_Duplicate;
michael@0 133
michael@0 134 systemClasses[PKIX_CERTCHAINCHECKER_TYPE] = entry;
michael@0 135
michael@0 136 PKIX_RETURN(CERTCHAINCHECKER);
michael@0 137 }
michael@0 138
michael@0 139 /* --Public-Functions--------------------------------------------- */
michael@0 140
michael@0 141
michael@0 142 /*
michael@0 143 * FUNCTION: PKIX_CertChainChecker_Create (see comments in pkix_checker.h)
michael@0 144 */
michael@0 145 PKIX_Error *
michael@0 146 PKIX_CertChainChecker_Create(
michael@0 147 PKIX_CertChainChecker_CheckCallback callback,
michael@0 148 PKIX_Boolean forwardCheckingSupported,
michael@0 149 PKIX_Boolean isForwardDirectionExpected,
michael@0 150 PKIX_List *list, /* list of PKIX_PL_OID */
michael@0 151 PKIX_PL_Object *initialState,
michael@0 152 PKIX_CertChainChecker **pChecker,
michael@0 153 void *plContext)
michael@0 154 {
michael@0 155 PKIX_CertChainChecker *checker = NULL;
michael@0 156
michael@0 157 PKIX_ENTER(CERTCHAINCHECKER, "PKIX_CertChainChecker_Create");
michael@0 158 PKIX_NULLCHECK_ONE(pChecker);
michael@0 159
michael@0 160 PKIX_CHECK(PKIX_PL_Object_Alloc
michael@0 161 (PKIX_CERTCHAINCHECKER_TYPE,
michael@0 162 sizeof (PKIX_CertChainChecker),
michael@0 163 (PKIX_PL_Object **)&checker,
michael@0 164 plContext),
michael@0 165 PKIX_COULDNOTCREATECERTCHAINCHECKEROBJECT);
michael@0 166
michael@0 167 /* initialize fields */
michael@0 168 checker->checkCallback = callback;
michael@0 169 checker->forwardChecking = forwardCheckingSupported;
michael@0 170 checker->isForwardDirectionExpected = isForwardDirectionExpected;
michael@0 171
michael@0 172 PKIX_INCREF(list);
michael@0 173 checker->extensions = list;
michael@0 174
michael@0 175 PKIX_INCREF(initialState);
michael@0 176 checker->state = initialState;
michael@0 177
michael@0 178 *pChecker = checker;
michael@0 179 checker = NULL;
michael@0 180 cleanup:
michael@0 181
michael@0 182 PKIX_DECREF(checker);
michael@0 183
michael@0 184 PKIX_RETURN(CERTCHAINCHECKER);
michael@0 185
michael@0 186 }
michael@0 187
michael@0 188 /*
michael@0 189 * FUNCTION: PKIX_CertChainChecker_GetCheckCallback
michael@0 190 * (see comments in pkix_checker.h)
michael@0 191 */
michael@0 192 PKIX_Error *
michael@0 193 PKIX_CertChainChecker_GetCheckCallback(
michael@0 194 PKIX_CertChainChecker *checker,
michael@0 195 PKIX_CertChainChecker_CheckCallback *pCallback,
michael@0 196 void *plContext)
michael@0 197 {
michael@0 198 PKIX_ENTER(CERTCHAINCHECKER, "PKIX_CertChainChecker_GetCheckCallback");
michael@0 199 PKIX_NULLCHECK_TWO(checker, pCallback);
michael@0 200
michael@0 201 *pCallback = checker->checkCallback;
michael@0 202
michael@0 203 PKIX_RETURN(CERTCHAINCHECKER);
michael@0 204 }
michael@0 205
michael@0 206 /*
michael@0 207 * FUNCTION: PKIX_CertChainChecker_IsForwardCheckingSupported
michael@0 208 * (see comments in pkix_checker.h)
michael@0 209 */
michael@0 210 PKIX_Error *
michael@0 211 PKIX_CertChainChecker_IsForwardCheckingSupported(
michael@0 212 PKIX_CertChainChecker *checker,
michael@0 213 PKIX_Boolean *pForwardCheckingSupported,
michael@0 214 void *plContext)
michael@0 215 {
michael@0 216 PKIX_ENTER
michael@0 217 (CERTCHAINCHECKER,
michael@0 218 "PKIX_CertChainChecker_IsForwardCheckingSupported");
michael@0 219 PKIX_NULLCHECK_TWO(checker, pForwardCheckingSupported);
michael@0 220
michael@0 221 *pForwardCheckingSupported = checker->forwardChecking;
michael@0 222
michael@0 223 PKIX_RETURN(CERTCHAINCHECKER);
michael@0 224 }
michael@0 225
michael@0 226 /*
michael@0 227 * FUNCTION: PKIX_CertChainChecker_IsForwardDirectionExpected
michael@0 228 * (see comments in pkix_checker.h)
michael@0 229 */
michael@0 230 PKIX_Error *
michael@0 231 PKIX_CertChainChecker_IsForwardDirectionExpected(
michael@0 232 PKIX_CertChainChecker *checker,
michael@0 233 PKIX_Boolean *pForwardDirectionExpected,
michael@0 234 void *plContext)
michael@0 235 {
michael@0 236 PKIX_ENTER
michael@0 237 (CERTCHAINCHECKER,
michael@0 238 "PKIX_CertChainChecker_IsForwardDirectionExpected");
michael@0 239 PKIX_NULLCHECK_TWO(checker, pForwardDirectionExpected);
michael@0 240
michael@0 241 *pForwardDirectionExpected = checker->isForwardDirectionExpected;
michael@0 242
michael@0 243 PKIX_RETURN(CERTCHAINCHECKER);
michael@0 244 }
michael@0 245
michael@0 246 /*
michael@0 247 * FUNCTION: PKIX_CertChainChecker_GetCertChainCheckerState
michael@0 248 * (see comments in pkix_checker.h)
michael@0 249 */
michael@0 250 PKIX_Error *
michael@0 251 PKIX_CertChainChecker_GetCertChainCheckerState(
michael@0 252 PKIX_CertChainChecker *checker,
michael@0 253 PKIX_PL_Object **pCertChainCheckerState,
michael@0 254 void *plContext)
michael@0 255 {
michael@0 256 PKIX_ENTER(CERTCHAINCHECKER,
michael@0 257 "PKIX_CertChainChecker_GetCertChainCheckerState");
michael@0 258
michael@0 259 PKIX_NULLCHECK_TWO(checker, pCertChainCheckerState);
michael@0 260
michael@0 261 PKIX_INCREF(checker->state);
michael@0 262
michael@0 263 *pCertChainCheckerState = checker->state;
michael@0 264
michael@0 265 cleanup:
michael@0 266 PKIX_RETURN(CERTCHAINCHECKER);
michael@0 267
michael@0 268 }
michael@0 269
michael@0 270 /*
michael@0 271 * FUNCTION: PKIX_CertChainChecker_SetCertChainCheckerState
michael@0 272 * (see comments in pkix_checker.h)
michael@0 273 */
michael@0 274 PKIX_Error *
michael@0 275 PKIX_CertChainChecker_SetCertChainCheckerState(
michael@0 276 PKIX_CertChainChecker *checker,
michael@0 277 PKIX_PL_Object *certChainCheckerState,
michael@0 278 void *plContext)
michael@0 279 {
michael@0 280 PKIX_ENTER(CERTCHAINCHECKER,
michael@0 281 "PKIX_CertChainChecker_SetCertChainCheckerState");
michael@0 282
michael@0 283 PKIX_NULLCHECK_ONE(checker);
michael@0 284
michael@0 285 /* DecRef old contents */
michael@0 286 PKIX_DECREF(checker->state);
michael@0 287
michael@0 288 PKIX_INCREF(certChainCheckerState);
michael@0 289 checker->state = certChainCheckerState;
michael@0 290
michael@0 291 PKIX_CHECK(PKIX_PL_Object_InvalidateCache
michael@0 292 ((PKIX_PL_Object *)checker, plContext),
michael@0 293 PKIX_OBJECTINVALIDATECACHEFAILED);
michael@0 294
michael@0 295 cleanup:
michael@0 296
michael@0 297 PKIX_RETURN(CERTCHAINCHECKER);
michael@0 298 }
michael@0 299
michael@0 300 /*
michael@0 301 * FUNCTION: PKIX_CertChainChecker_GetSupportedExtensions
michael@0 302 * (see comments in pkix_checker.h)
michael@0 303 */
michael@0 304 PKIX_Error *
michael@0 305 PKIX_CertChainChecker_GetSupportedExtensions(
michael@0 306 PKIX_CertChainChecker *checker,
michael@0 307 PKIX_List **pExtensions, /* list of PKIX_PL_OID */
michael@0 308 void *plContext)
michael@0 309 {
michael@0 310 PKIX_ENTER(CERTCHAINCHECKER,
michael@0 311 "PKIX_CertChainChecker_GetSupportedExtensions");
michael@0 312
michael@0 313 PKIX_NULLCHECK_TWO(checker, pExtensions);
michael@0 314
michael@0 315 PKIX_INCREF(checker->extensions);
michael@0 316
michael@0 317 *pExtensions = checker->extensions;
michael@0 318
michael@0 319 cleanup:
michael@0 320 PKIX_RETURN(CERTCHAINCHECKER);
michael@0 321
michael@0 322 }

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial