The Tor Browser: security/nss/lib/libpkix/include/pkix_certstore.h@b8a032363ba2 (annotated)

security/nss/lib/libpkix/include/pkix_certstore.h@b8a032363ba2 (annotated)

security/nss/lib/libpkix/include/pkix_certstore.h

Thu, 22 Jan 2015 13:21:57 +0100

author: Michael Schloh von Bennewitz <michael@schloh.com>
date: Thu, 22 Jan 2015 13:21:57 +0100
branch: TOR_BUG_9701
changeset 15: b8a032363ba2
permissions: -rwxr-xr-x

Incorporate requested changes from Mozilla in review:
https://bugzilla.mozilla.org/show_bug.cgi?id=1123480#c6

 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 /*
  * This file defines functions associated with the PKIX_CertStore type.
  *
  */
 #ifndef _PKIX_CERTSTORE_H
 #define _PKIX_CERTSTORE_H
 #include "pkixt.h"
 #ifdef __cplusplus
 extern "C" {
 #endif
 /* General
  *
  * Please refer to the libpkix Programmer's Guide for detailed information
  * about how to use the libpkix library. Certain key warnings and notices from
  * that document are repeated here for emphasis.
  *
  * All identifiers in this file (and all public identifiers defined in
  * libpkix) begin with "PKIX_". Private identifiers only intended for use
  * within the library begin with "pkix_".
  *
  * A function returns NULL upon success, and a PKIX_Error pointer upon failure.
  *
  * Unless otherwise noted, for all accessor (gettor) functions that return a
  * PKIX_PL_Object pointer, callers should assume that this pointer refers to a
  * shared object. Therefore, the caller should treat this shared object as
  * read-only and should not modify this shared object. When done using the
  * shared object, the caller should release the reference to the object by
  * using the PKIX_PL_Object_DecRef function.
  *
  * While a function is executing, if its arguments (or anything referred to by
  * its arguments) are modified, free'd, or destroyed, the function's behavior
  * is undefined.
  *
  */
 /* PKIX_CertStore
  *
  * A PKIX_CertStore provides a standard way for the caller to retrieve
  * certificates and CRLs from a particular repository (or "store") of
  * certificates and CRLs, including LDAP directories, flat files, local
  * databases, etc. The CertCallback allows custom certificate retrieval logic
  * to be used while the CRLCallback allows custom CRL retrieval logic to be
  * used. Additionally, a CertStore can be initialized with a certStoreContext,
  * which is where the caller can specify configuration data such as the host
  * name of an LDAP server. Note that this certStoreContext must be an
  * Object (although any object type), allowing it to be reference-counted and
  * allowing it to provide the standard Object functions (Equals, Hashcode,
  * ToString, Compare, Duplicate). Please note that each certStoreContext must
  * provide Equals and Hashcode functions in order for the caching (on Cert and
  * CertChain) to work correctly. When providing those two functions, it is not
  * required that all the components of the object be hashed or checked for
  * equality, but merely that the functions distinguish between unique
  * instances of the certStoreContext.
  *
  * Once the caller has created the CertStore object, the caller then specifies
  * these CertStore objects in a ProcessingParams object and passes that object
  * to PKIX_ValidateChain or PKIX_BuildChain, which uses the objects to call the
  * user's callback functions as needed during the validation or building
  * process.
  *
  * The order of CertStores stored (as a list) at ProcessingParams determines
  * the order in which certificates are retrieved. Trusted CertStores should
  * precede non-trusted ones on the list of CertStores so their certificates
  * are evaluated ahead of other certificates selected on the basis of the same
  * selector criteria.
  *
  * The CheckTrustCallback function is used when the CertStore object
  * supports trust status, which means a Cert's trust status can be altered
  * dynamically. When a CertStore object is created, if the
  * CheckTrustCallback is initialized to be non-NULL, this CertStore is
  * defaulted as supporting trust. Then whenever a Cert needs to (re)check its
  * trust status, this callback can be invoked. When a Cert is retrieved by
  * a CertStore supports trust, at its GetCertCallback, the CertStore
  * information should be updated in Cert's data structure so the link between
  * the Cert and CertStore exists.
  *
  */
 /*
  * FUNCTION: PKIX_CertStore_CertCallback
  * DESCRIPTION:
  *
  *  This callback function retrieves from the CertStore pointed to by "store"
  *  all the certificates that match the CertSelector pointed to by "selector".
  *  It places these certificates in a List and stores a pointer to the List at
  *  "pCerts". If no certificates are found which match the CertSelector's
  *  criteria, this function stores an empty List at "pCerts". In either case, if
  *  the operation is completed, NULL is stored at "pNBIOContext".
  *
  *  A CertStore which uses non-blocking I/O may store platform-dependent
  *  information at "pNBIOContext" and NULL at "pCerts" to indicate that I/O is
  *  pending. A subsequent call to PKIX_CertStore_CertContinue is required to
  *  finish the operation and to obtain the List of Certs.
  *
  *  Note that the List returned by this function is immutable.
  *
  * PARAMETERS:
  *  "store"
  *      Address of CertStore from which Certs are to be retrieved.
  *      Must be non-NULL.
  *  "selector"
  *      Address of CertSelector whose criteria must be satisfied.
  *      Must be non-NULL.
  *  "verifyNode"
  *      Parent log node for tracking of filtered out certs.
  *  "pNBIOContext"
  *      Address at which platform-dependent information is stored if the
  *      operation is suspended for non-blocking I/O. Must be non-NULL.
  *  "pCerts"
  *      Address where object pointer will be stored. Must be non-NULL.
  *  "plContext"
  *      Platform-specific context pointer.
  * THREAD SAFETY:
  *  Thread Safe
  *
  *  Multiple threads must be able to safely call this function without
  *  worrying about conflicts, even if they're operating on the same object.
  * RETURNS:
  *  Returns NULL if the function succeeds.
  *  Returns a CertStore Error if the function fails in a non-fatal way.
  *  Returns a Fatal Error if the function fails in an unrecoverable way.
  */
 typedef PKIX_Error *
 (*PKIX_CertStore_CertCallback)(
         PKIX_CertStore *store,
         PKIX_CertSelector *selector,
         PKIX_VerifyNode *verifyNode,
         void **pNBIOContext,
         PKIX_List **pCerts,  /* list of PKIX_PL_Cert */
         void *plContext);
 /*
  * FUNCTION: PKIX_CertStore_CertContinue
  * DESCRIPTION:
  *
  *  This function continues the non-blocking operation initiated by an earlier
  *  call to the CertCallback function, for the CertStore pointed to by "store".
  *  If an earlier call did not terminate with the WOULDBLOCK indication (non-NULL
  *  value returned in "pNBIOContext") calling this function will return a fatal
  *  error. If the operation is completed the certificates found are placed in a
  *  List, a pointer to which is stored at "pCerts". If no certificates are found
  *  which match the CertSelector's criteria, this function stores an empty List
  *  at "pCerts". In either case, if the operation is completed, NULL is stored
  *  at "pNBIOContext".
  *
  *  If non-blocking I/O is still pending this function stores platform-dependent
  *  information at "pNBIOContext" and NULL at "pCerts". A subsequent call to
  *  PKIX_CertStore_CertContinue is required to finish the operation and to
  *  obtain the List of Certs.
  *
  *  Note that the List returned by this function is immutable.
  *
  * PARAMETERS:
  *  "store"
  *      Address of CertStore from which Certs are to be retrieved.
  *      Must be non-NULL.
  *  "selector"
  *      Address of CertSelector whose criteria must be satisfied.
  *      Must be non-NULL.
  *  "verifyNode"
  *      Parent log node for tracking of filtered out certs.
  *  "pNBIOContext"
  *      Address at which platform-dependent information is stored if the
  *      operation is suspended for non-blocking I/O. Must be non-NULL.
  *  "pCerts"
  *      Address where object pointer will be stored. Must be non-NULL.
  *  "plContext"
  *      Platform-specific context pointer.
  * THREAD SAFETY:
  *  Thread Safe
  *
  *  Multiple threads must be able to safely call this function without
  *  worrying about conflicts, even if they're operating on the same object.
  * RETURNS:
  *  Returns NULL if the function succeeds.
  *  Returns a CertStore Error if the function fails in a non-fatal way.
  *  Returns a Fatal Error if the function fails in an unrecoverable way.
  */
 PKIX_Error *
 PKIX_CertStore_CertContinue(
         PKIX_CertStore *store,
         PKIX_CertSelector *selector,
         PKIX_VerifyNode *verifyNode,
         void **pNBIOContext,
         PKIX_List **pCerts,  /* list of PKIX_PL_Cert */
         void *plContext);
 typedef PKIX_Error *
 (*PKIX_CertStore_CertContinueFunction)(
         PKIX_CertStore *store,
         PKIX_CertSelector *selector,
         PKIX_VerifyNode *verifyNode,
         void **pNBIOContext,
         PKIX_List **pCerts,  /* list of PKIX_PL_Cert */
         void *plContext);
 /*
  * FUNCTION: PKIX_CertStore_CRLCallback
  * DESCRIPTION:
  *
  *  This callback function retrieves from the CertStore pointed to by "store"
  *  all the CRLs that match the CRLSelector pointed to by "selector". It
  *  places these CRLs in a List and stores a pointer to the List at "pCRLs".
  *  If no CRLs are found which match the CRLSelector's criteria, this function
  *  stores an empty List at "pCRLs". In either case, if the operation is
  *  completed, NULL is stored at "pNBIOContext".
  *
  *  A CertStore which uses non-blocking I/O may store platform-dependent
  *  information at "pNBIOContext" and NULL at "pCrls" to indicate that I/O is
  *  pending. A subsequent call to PKIX_CertStore_CRLContinue is required to
  *  finish the operation and to obtain the List of Crls.
  *
  *  Note that the List returned by this function is immutable.
  *
  * PARAMETERS:
  *  "store"
  *      Address of CertStore from which CRLs are to be retrieved.
  *      Must be non-NULL.
  *  "selector"
  *      Address of CRLSelector whose criteria must be satisfied.
  *      Must be non-NULL.
  *  "pCrls"
  *      Address where object pointer will be stored. Must be non-NULL.
  *  "plContext"
  *      Platform-specific context pointer.
  * THREAD SAFETY:
  *  Thread Safe
  *
  *  Multiple threads must be able to safely call this function without
  *  worrying about conflicts, even if they're operating on the same object.
  * RETURNS:
  *  Returns NULL if the function succeeds.
  *  Returns a CertStore Error if the function fails in a non-fatal way.
  *  Returns a Fatal Error if the function fails in an unrecoverable way.
  */
 typedef PKIX_Error *
 (*PKIX_CertStore_CRLCallback)(
         PKIX_CertStore *store,
         PKIX_CRLSelector *selector,
         void **pNBIOContext,
         PKIX_List **pCrls,  /* list of PKIX_PL_CRL */
         void *plContext);
 /*
  * FUNCTION: PKIX_CertStore_ImportCrlCallback
  * DESCRIPTION:
  *
  * The function imports crl list into a cert store. Stores that
  * have local cache may only have that function defined.
  *
  * PARAMETERS:
  *  "store"
  *      Address of CertStore from which CRLs are to be retrieved.
  *      Must be non-NULL.
  *  "issuerName"
  *      Name of the issuer that will be used to track bad der crls.
  *  "crlList"
  *      Address on the importing crl list.
  *  "plContext"
  *      Platform-specific context pointer.
  * THREAD SAFETY:
  *  Thread Safe
  *
  *  Multiple threads must be able to safely call this function without
  *  worrying about conflicts, even if they're operating on the same object.
  * RETURNS:
  *  Returns NULL if the function succeeds.
  *  Returns a CertStore Error if the function fails in a non-fatal way.
  *  Returns a Fatal Error if the function fails in an unrecoverable way.
  */
 typedef PKIX_Error *
 (*PKIX_CertStore_ImportCrlCallback)(
         PKIX_CertStore *store,
         PKIX_PL_X500Name *issuerName,
         PKIX_List *crlList,
         void *plContext);
 /*
  * FUNCTION: PKIX_CertStore_CheckRevokationByCrlCallback
  * DESCRIPTION:
  *
  * The function checks revocation status of a cert with specified
  * issuer, date. It returns revocation status of a cert and
  * a reason code(if any) if a cert was revoked.
  *
  * PARAMETERS:
  *  "store"
  *      Address of CertStore from which CRLs are to be retrieved.
  *      Must be non-NULL.
  *  "cert"
  *      Certificate which revocation status will be checked.
  *  "issuer"
  *      Issuer certificate of the "crl".
  *  "date"
  *      Date of the revocation check.
  *  "crlDownloadDone"
  *      Indicates, that all needed crl downloads are done by the time of
  *      the revocation check.
  *  "reasonCode"
  *      If cert is revoked, returned reason code for  which a cert was revoked.
  *  "revStatus"
  *      Returned revocation status of the cert. See PKIX_RevocationStatus
  *      for more details
  *  "plContext"
  *      Platform-specific context pointer.
  * THREAD SAFETY:
  *  Thread Safe
  *
  *  Multiple threads must be able to safely call this function without
  *  worrying about conflicts, even if they're operating on the same object.
  * RETURNS:
  *  Returns NULL if the function succeeds.
  *  Returns a CertStore Error if the function fails in a non-fatal way.
  *  Returns a Fatal Error if the function fails in an unrecoverable way.
  */
 typedef PKIX_Error *
 (*PKIX_CertStore_CheckRevokationByCrlCallback)(
         PKIX_CertStore *store,
         PKIX_PL_Cert *cert,
         PKIX_PL_Cert *issuer,
         PKIX_PL_Date *date,
         PKIX_Boolean  crlDownloadDone,
         PKIX_UInt32 *reasonCode,
         PKIX_RevocationStatus *revStatus,
         void *plContext);
 /*
  * FUNCTION: PKIX_CertStore_CrlContinue
  * DESCRIPTION:
  *
  *  This function continues the non-blocking operation initiated by an earlier
  *  call to the CRLCallback function, for the CertStore pointed to by "store".
  *  If an earlier call did not terminate with the WOULDBLOCK indication (non-NULL
  *  value returned in "pNBIOContext") calling this function will return a fatal
  *  error. If the operation is completed the crls found are placed in a List, a
  *  pointer to which is stored at "pCrls". If no crls are found which match the
  *  CRLSelector's criteria, this function stores an empty List at "pCrls". In
  *  either case, if the operation is completed, NULL is stored at "pNBIOContext".
  *
  *  If non-blocking I/O is still pending this function stores platform-dependent
  *  information at "pNBIOContext" and NULL at "pCrls". A subsequent call to
  *  PKIX_CertStore_CrlContinue is required to finish the operation and to
  *  obtain the List of Crls.
  *
  *  Note that the List returned by this function is immutable.
  *
  * PARAMETERS:
  *  "store"
  *      Address of CertStore from which Crls are to be retrieved.
  *      Must be non-NULL.
  *  "selector"
  *      Address of CRLSelector whose criteria must be satisfied.
  *      Must be non-NULL.
  *  "pNBIOContext"
  *      Address at which platform-dependent information is stored if the
  *      operation is suspended for non-blocking I/O. Must be non-NULL.
  *  "pCrls"
  *      Address where object pointer will be stored. Must be non-NULL.
  *  "plContext"
  *      Platform-specific context pointer.
  * THREAD SAFETY:
  *  Thread Safe
  *
  *  Multiple threads must be able to safely call this function without
  *  worrying about conflicts, even if they're operating on the same object.
  * RETURNS:
  *  Returns NULL if the function succeeds.
  *  Returns a CertStore Error if the function fails in a non-fatal way.
  *  Returns a Fatal Error if the function fails in an unrecoverable way.
  */
 PKIX_Error *
 PKIX_CertStore_CrlContinue(
         PKIX_CertStore *store,
         PKIX_CRLSelector *selector,
         void **pNBIOContext,
         PKIX_List **pCrls,  /* list of PKIX_PL_CRL */
         void *plContext);
 typedef PKIX_Error *
 (*PKIX_CertStore_CrlContinueFunction)(
         PKIX_CertStore *store,
         PKIX_CRLSelector *selector,
         void **pNBIOContext,
         PKIX_List **pCrls,  /* list of PKIX_PL_CRL */
         void *plContext);
 /*
  * FUNCTION: PKIX_CertStore_CheckTrustCallback
  * DESCRIPTION:
  *
  *  This callback function rechecks "cert's" trust status from the CertStore
  *  pointed to by "store".
  *
  * PARAMETERS:
  *  "store"
  *      Address of CertStore from which Certs are to be checked.
  *      Must be non-NULL.
  *  "cert"
  *      Address of Cert whose trust status needs to be rechecked.
  *      Must be non-NULL.
  *  "pTrusted"
  *      Address of PKIX_Boolean where the trust status is returned.
  *      Must be non-NULL.
  *  "plContext"
  *      Platform-specific context pointer.
  * THREAD SAFETY:
  *  Thread Safe
  *
  *  Multiple threads must be able to safely call this function without
  *  worrying about conflicts, even if they're operating on the same object.
  * RETURNS:
  *  Returns NULL if the function succeeds.
  *  Returns a CertStore Error if the function fails in a non-fatal way.
  *  Returns a Fatal Error if the function fails in an unrecoverable way.
  */
 typedef PKIX_Error *
 (*PKIX_CertStore_CheckTrustCallback)(
         PKIX_CertStore *store,
         PKIX_PL_Cert *cert,
         PKIX_Boolean *pTrusted,
         void *plContext);
 /*
  * FUNCTION: PKIX_CertStore_Create
  * DESCRIPTION:
  *
  *  Creates a new CertStore and stores it at "pStore". The new CertStore uses
  *  the CertCallback pointed to by "certCallback" and the CRLCallback pointed
  *  to by "crlCallback" as its callback functions and uses the Object pointed
  *  to by "certStoreContext" as its context . Note that this certStoreContext
  *  must be an Object (although any object type), allowing it to be
  *  reference-counted and allowing it to provide the standard Object functions
  *  (Equals, Hashcode, ToString, Compare, Duplicate). Once created, a
  *  CertStore object is immutable, although the underlying repository can
  *  change. For example, a CertStore will often be a front-end for a database
  *  or directory. The contents of that directory can change after the
  *  CertStore object is created, but the CertStore object remains immutable.
  *
  * PARAMETERS:
  *  "certCallback"
  *      The CertCallback function to be used. Must be non-NULL.
  *  "crlCallback"
  *      The CRLCallback function to be used. Must be non-NULL.
  *  "certContinue"
  *      The function to be used to resume a certCallback that returned with a
  *      WOULDBLOCK condition. Must be non-NULL if certStore supports non-blocking
  *      I/O.
  *  "crlContinue"
  *      The function to be used to resume a crlCallback that returned with a
  *      WOULDBLOCK condition. Must be non-NULL if certStore supports non-blocking
  *      I/O.
  *  "trustCallback"
  *      Address of PKIX_CertStore_CheckTrustCallback which is called to
  *      verify the trust status of Certs in this CertStore.
  *  "certStoreContext"
  *      Address of Object representing the CertStore's context (if any).
  *  "cachedFlag"
  *      If TRUE indicates data retrieved from CertStore should be cached.
  *  "localFlag"
  *      Boolean value indicating whether this CertStore is local.
  *  "pStore"
  *      Address where object pointer will be stored. Must be non-NULL.
  *  "plContext"
  *      Platform-specific context pointer.
  * THREAD SAFETY:
  *  Thread Safe (see Thread Safety Definitions in Programmer's Guide)
  * RETURNS:
  *  Returns NULL if the function succeeds.
  *  Returns a CertStore Error if the function fails in a non-fatal way.
  *  Returns a Fatal Error if the function fails in an unrecoverable way.
  */
 PKIX_Error *
 PKIX_CertStore_Create(
         PKIX_CertStore_CertCallback certCallback,
         PKIX_CertStore_CRLCallback crlCallback,
         PKIX_CertStore_CertContinueFunction certContinue,
         PKIX_CertStore_CrlContinueFunction crlContinue,
         PKIX_CertStore_CheckTrustCallback trustCallback,
         PKIX_CertStore_ImportCrlCallback importCrlCallback,
         PKIX_CertStore_CheckRevokationByCrlCallback checkRevByCrlCallback,
         PKIX_PL_Object *certStoreContext,
         PKIX_Boolean cachedFlag,
         PKIX_Boolean localFlag,
         PKIX_CertStore **pStore,
         void *plContext);
 /*
  * FUNCTION: PKIX_CertStore_GetCertCallback
  * DESCRIPTION:
  *
  *  Retrieves a pointer to "store's" Cert callback function and put it in
  *  "pCallback".
  *
  * PARAMETERS:
  *  "store"
  *      The CertStore whose Cert callback is desired. Must be non-NULL.
  *  "pCallback"
  *      Address where Cert callback function pointer will be stored.
  *      Must be non-NULL.
  *  "plContext"
  *      Platform-specific context pointer.
  * THREAD SAFETY:
  *  Thread Safe (see Thread Safety Definitions in Programmer's Guide)
  * RETURNS:
  *  Returns NULL if the function succeeds.
  *  Returns a Fatal Error if the function fails in an unrecoverable way.
  */
 PKIX_Error *
 PKIX_CertStore_GetCertCallback(
         PKIX_CertStore *store,
         PKIX_CertStore_CertCallback *pCallback,
         void *plContext);
 /*
  * FUNCTION: PKIX_CertStore_GetCRLCallback
  * DESCRIPTION:
  *
  *  Retrieves a pointer to "store's" CRL callback function and put it in
  *  "pCallback".
  *
  * PARAMETERS:
  *  "store"
  *      The CertStore whose CRL callback is desired. Must be non-NULL.
  *  "pCallback"
  *      Address where CRL callback function pointer will be stored.
  *      Must be non-NULL.
  *  "plContext"
  *      Platform-specific context pointer.
  * THREAD SAFETY:
  *  Thread Safe (see Thread Safety Definitions in Programmer's Guide)
  * RETURNS:
  *  Returns NULL if the function succeeds.
  *  Returns a Fatal Error if the function fails in an unrecoverable way.
  */
 PKIX_Error *
 PKIX_CertStore_GetCRLCallback(
         PKIX_CertStore *store,
         PKIX_CertStore_CRLCallback *pCallback,
         void *plContext);
 /*
  * FUNCTION: PKIX_CertStore_GetImportCrlCallback
  * DESCRIPTION:
  *
  *  Retrieves a pointer to "store's" Import CRL callback function and put it in
  *  "pCallback".
  *
  * PARAMETERS:
  *  "store"
  *      The CertStore whose CRL callback is desired. Must be non-NULL.
  *  "pCallback"
  *      Address where CRL callback function pointer will be stored.
  *      Must be non-NULL.
  *  "plContext"
  *      Platform-specific context pointer.
  * THREAD SAFETY:
  *  Thread Safe (see Thread Safety Definitions in Programmer's Guide)
  * RETURNS:
  *  Returns NULL if the function succeeds.
  *  Returns a Fatal Error if the function fails in an unrecoverable way.
  */
 PKIX_Error *
 PKIX_CertStore_GetImportCrlCallback(
         PKIX_CertStore *store,
         PKIX_CertStore_ImportCrlCallback *pCallback,
         void *plContext);
 /*
  * FUNCTION: PKIX_CertStore_GetCheckRevByCrl
  * DESCRIPTION:
  *
  *  Retrieves a pointer to "store's" CRL revocation checker callback function
  *  and put it in "pCallback".
  *
  * PARAMETERS:
  *  "store"
  *      The CertStore whose CRL callback is desired. Must be non-NULL.
  *  "pCallback"
  *      Address where CRL callback function pointer will be stored.
  *      Must be non-NULL.
  *  "plContext"
  *      Platform-specific context pointer.
  * THREAD SAFETY:
  *  Thread Safe (see Thread Safety Definitions in Programmer's Guide)
  * RETURNS:
  *  Returns NULL if the function succeeds.
  *  Returns a Fatal Error if the function fails in an unrecoverable way.
  */
 PKIX_Error *
 PKIX_CertStore_GetCrlCheckerFn(
         PKIX_CertStore *store,
         PKIX_CertStore_CheckRevokationByCrlCallback *pCallback,
         void *plContext);
 /*
  * FUNCTION: PKIX_CertStore_GetTrustCallback
  * DESCRIPTION:
  *
  *  Retrieves the function pointer to the CheckTrust callback function of the
  *  CertStore pointed to by "store" and stores it at "pCallback".
  *
  * PARAMETERS:
  *  "store"
  *      The CertStore whose CheckTrust callback is desired. Must be non-NULL.
  *  "pCallback"
  *      Address where CheckTrust callback function pointer will be stored.
  *      Must be non-NULL.
  *  "plContext"
  *      Platform-specific context pointer.
  * THREAD SAFETY:
  *  Thread Safe (see Thread Safety Definitions in Programmer's Guide)
  * RETURNS:
  *  Returns NULL if the function succeeds.
  *  Returns a Fatal Error if the function fails in an unrecoverable way.
  */
 PKIX_Error *
 PKIX_CertStore_GetTrustCallback(
         PKIX_CertStore *store,
         PKIX_CertStore_CheckTrustCallback *pCallback,
         void *plContext);
 /*
  * FUNCTION: PKIX_CertStore_GetCertStoreContext
  * DESCRIPTION:
  *
  *  Retrieves a pointer to the Object representing the context (if any)
  *  of the CertStore pointed to by "store" and stores it at
  *  "pCertStoreContext".
  *
  * PARAMETERS:
  *  "store"
  *      Address of CertStore whose context is to be stored. Must be non-NULL.
  *  "pCertStoreContext"
  *      Address where object pointer will be stored. Must be non-NULL.
  *  "plContext"
  *      Platform-specific context pointer.
  * THREAD SAFETY:
  *  Thread Safe (see Thread Safety Definitions in Programmer's Guide)
  * RETURNS:
  *  Returns NULL if the function succeeds.
  *  Returns a Fatal Error if the function fails in an unrecoverable way.
  */
 PKIX_Error *
 PKIX_CertStore_GetCertStoreContext(
         PKIX_CertStore *store,
         PKIX_PL_Object **pCertStoreContext,
         void *plContext);
 /*
  * FUNCTION: PKIX_CertStore_GetCertStoreCacheFlag
  * DESCRIPTION:
  *
  *  Retrieves the Boolean cache flag of the CertStore pointed to by "store" and
  *  stores it at "pCachedFlag".
  *
  * PARAMETERS:
  *  "store"
  *      Address of CertStore whose cache flag is to be stored. Must be non-NULL.
  *  "pCacheFlag"
  *      Address where the result will be stored. Must be non-NULL.
  *  "plContext"
  *      Platform-specific context pointer.
  * THREAD SAFETY:
  *  Thread Safe (see Thread Safety Definitions in Programmer's Guide)
  * RETURNS:
  *  Returns NULL if the function succeeds.
  *  Returns a Fatal Error if the function fails in an unrecoverable way.
  */
 PKIX_Error *
 PKIX_CertStore_GetCertStoreCacheFlag(
         PKIX_CertStore *store,
         PKIX_Boolean *pCacheFlag,
         void *plContext);
 /*
  * FUNCTION: PKIX_CertStore_GetLocalFlag
  * DESCRIPTION:
  *
  *  Retrieves the Boolean localFlag for the CertStore pointed to by "store" and
  *  stores it at "pLocalFlag". The localFlag is TRUE if the CertStore can
  *  fulfill a request without performing network I/O.
  *
  * PARAMETERS:
  *  "store"
  *      The CertStore whose Local flag is desired. Must be non-NULL.
  *  "pCallback"
  *      Address where the Boolean LocalFlag will be stored. Must be non-NULL.
  *  "plContext"
  *      Platform-specific context pointer.
  * THREAD SAFETY:
  *  Thread Safe (see Thread Safety Definitions in Programmer's Guide)
  * RETURNS:
  *  Returns NULL if the function succeeds.
  *  Returns a Fatal Error if the function fails in an unrecoverable way.
  */
 PKIX_Error *
 PKIX_CertStore_GetLocalFlag(
         PKIX_CertStore *store,
         PKIX_Boolean *pLocalFlag,
         void *plContext);
 #ifdef __cplusplus
 }
 #endif
 #endif /* _PKIX_CERTSTORE_H */

The Tor Browser / annotate

security/nss/lib/libpkix/include/pkix_certstore.h@b8a032363ba2 (annotated)

security/nss/lib/libpkix/include/pkix_certstore.h