security/nss/lib/libpkix/pkix/params/pkix_procparams.c@b8a032363ba2 (annotated)
security/nss/lib/libpkix/pkix/params/pkix_procparams.c
Thu, 22 Jan 2015 13:21:57 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Thu, 22 Jan 2015 13:21:57 +0100
- branch
- TOR_BUG_9701
- changeset 15
- b8a032363ba2
- permissions
- -rwxr-xr-x
Incorporate requested changes from Mozilla in review:
https://bugzilla.mozilla.org/show_bug.cgi?id=1123480#c6
| michael@0 | 1 | /* This Source Code Form is subject to the terms of the Mozilla Public |
| michael@0 | 2 | * License, v. 2.0. If a copy of the MPL was not distributed with this |
| michael@0 | 3 | * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
| michael@0 | 4 | /* |
| michael@0 | 5 | * pkix_procparams.c |
| michael@0 | 6 | * |
| michael@0 | 7 | * ProcessingParams Object Functions |
| michael@0 | 8 | * |
| michael@0 | 9 | */ |
| michael@0 | 10 | |
| michael@0 | 11 | #include "pkix_procparams.h" |
| michael@0 | 12 | |
| michael@0 | 13 | /* --Private-Functions-------------------------------------------- */ |
| michael@0 | 14 | |
| michael@0 | 15 | /* |
| michael@0 | 16 | * FUNCTION: pkix_ProcessingParams_Destroy |
| michael@0 | 17 | * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h) |
| michael@0 | 18 | */ |
| michael@0 | 19 | static PKIX_Error * |
| michael@0 | 20 | pkix_ProcessingParams_Destroy( |
| michael@0 | 21 | PKIX_PL_Object *object, |
| michael@0 | 22 | void *plContext) |
| michael@0 | 23 | { |
| michael@0 | 24 | PKIX_ProcessingParams *params = NULL; |
| michael@0 | 25 | |
| michael@0 | 26 | PKIX_ENTER(PROCESSINGPARAMS, "pkix_ProcessingParams_Destroy"); |
| michael@0 | 27 | PKIX_NULLCHECK_ONE(object); |
| michael@0 | 28 | |
| michael@0 | 29 | /* Check that this object is a processing params object */ |
| michael@0 | 30 | PKIX_CHECK(pkix_CheckType |
| michael@0 | 31 | (object, PKIX_PROCESSINGPARAMS_TYPE, plContext), |
| michael@0 | 32 | PKIX_OBJECTNOTPROCESSINGPARAMS); |
| michael@0 | 33 | |
| michael@0 | 34 | params = (PKIX_ProcessingParams *)object; |
| michael@0 | 35 | |
| michael@0 | 36 | PKIX_DECREF(params->trustAnchors); |
| michael@0 | 37 | PKIX_DECREF(params->hintCerts); |
| michael@0 | 38 | PKIX_DECREF(params->constraints); |
| michael@0 | 39 | PKIX_DECREF(params->date); |
| michael@0 | 40 | PKIX_DECREF(params->initialPolicies); |
| michael@0 | 41 | PKIX_DECREF(params->certChainCheckers); |
| michael@0 | 42 | PKIX_DECREF(params->revChecker); |
| michael@0 | 43 | PKIX_DECREF(params->certStores); |
| michael@0 | 44 | PKIX_DECREF(params->resourceLimits); |
| michael@0 | 45 | |
| michael@0 | 46 | cleanup: |
| michael@0 | 47 | |
| michael@0 | 48 | PKIX_RETURN(PROCESSINGPARAMS); |
| michael@0 | 49 | } |
| michael@0 | 50 | |
| michael@0 | 51 | /* |
| michael@0 | 52 | * FUNCTION: pkix_ProcessingParams_Equals |
| michael@0 | 53 | * (see comments for PKIX_PL_EqualsCallback in pkix_pl_system.h) |
| michael@0 | 54 | */ |
| michael@0 | 55 | static PKIX_Error * |
| michael@0 | 56 | pkix_ProcessingParams_Equals( |
| michael@0 | 57 | PKIX_PL_Object *first, |
| michael@0 | 58 | PKIX_PL_Object *second, |
| michael@0 | 59 | PKIX_Boolean *pResult, |
| michael@0 | 60 | void *plContext) |
| michael@0 | 61 | { |
| michael@0 | 62 | PKIX_UInt32 secondType; |
| michael@0 | 63 | PKIX_Boolean cmpResult; |
| michael@0 | 64 | PKIX_ProcessingParams *firstProcParams = NULL; |
| michael@0 | 65 | PKIX_ProcessingParams *secondProcParams = NULL; |
| michael@0 | 66 | |
| michael@0 | 67 | PKIX_ENTER(PROCESSINGPARAMS, "pkix_ProcessingParams_Equals"); |
| michael@0 | 68 | PKIX_NULLCHECK_THREE(first, second, pResult); |
| michael@0 | 69 | |
| michael@0 | 70 | PKIX_CHECK(pkix_CheckType(first, PKIX_PROCESSINGPARAMS_TYPE, plContext), |
| michael@0 | 71 | PKIX_FIRSTOBJECTNOTPROCESSINGPARAMS); |
| michael@0 | 72 | |
| michael@0 | 73 | PKIX_CHECK(PKIX_PL_Object_GetType(second, &secondType, plContext), |
| michael@0 | 74 | PKIX_COULDNOTGETTYPEOFSECONDARGUMENT); |
| michael@0 | 75 | |
| michael@0 | 76 | *pResult = PKIX_FALSE; |
| michael@0 | 77 | |
| michael@0 | 78 | if (secondType != PKIX_PROCESSINGPARAMS_TYPE) goto cleanup; |
| michael@0 | 79 | |
| michael@0 | 80 | firstProcParams = (PKIX_ProcessingParams *)first; |
| michael@0 | 81 | secondProcParams = (PKIX_ProcessingParams *)second; |
| michael@0 | 82 | |
| michael@0 | 83 | /* Do the simplest tests first */ |
| michael@0 | 84 | if ((firstProcParams->qualifiersRejected) != |
| michael@0 | 85 | (secondProcParams->qualifiersRejected)) { |
| michael@0 | 86 | goto cleanup; |
| michael@0 | 87 | } |
| michael@0 | 88 | |
| michael@0 | 89 | if (firstProcParams->isCrlRevocationCheckingEnabled != |
| michael@0 | 90 | secondProcParams->isCrlRevocationCheckingEnabled) { |
| michael@0 | 91 | goto cleanup; |
| michael@0 | 92 | } |
| michael@0 | 93 | if (firstProcParams->isCrlRevocationCheckingEnabledWithNISTPolicy != |
| michael@0 | 94 | secondProcParams->isCrlRevocationCheckingEnabledWithNISTPolicy) { |
| michael@0 | 95 | goto cleanup; |
| michael@0 | 96 | } |
| michael@0 | 97 | |
| michael@0 | 98 | /* trustAnchors can never be NULL */ |
| michael@0 | 99 | |
| michael@0 | 100 | PKIX_EQUALS |
| michael@0 | 101 | (firstProcParams->trustAnchors, |
| michael@0 | 102 | secondProcParams->trustAnchors, |
| michael@0 | 103 | &cmpResult, |
| michael@0 | 104 | plContext, |
| michael@0 | 105 | PKIX_OBJECTEQUALSFAILED); |
| michael@0 | 106 | |
| michael@0 | 107 | if (!cmpResult) goto cleanup; |
| michael@0 | 108 | |
| michael@0 | 109 | PKIX_EQUALS |
| michael@0 | 110 | (firstProcParams->hintCerts, |
| michael@0 | 111 | secondProcParams->hintCerts, |
| michael@0 | 112 | &cmpResult, |
| michael@0 | 113 | plContext, |
| michael@0 | 114 | PKIX_OBJECTEQUALSFAILED); |
| michael@0 | 115 | |
| michael@0 | 116 | if (!cmpResult) goto cleanup; |
| michael@0 | 117 | |
| michael@0 | 118 | PKIX_EQUALS |
| michael@0 | 119 | (firstProcParams->date, |
| michael@0 | 120 | secondProcParams->date, |
| michael@0 | 121 | &cmpResult, |
| michael@0 | 122 | plContext, |
| michael@0 | 123 | PKIX_OBJECTEQUALSFAILED); |
| michael@0 | 124 | |
| michael@0 | 125 | if (!cmpResult) goto cleanup; |
| michael@0 | 126 | |
| michael@0 | 127 | PKIX_EQUALS |
| michael@0 | 128 | (firstProcParams->constraints, |
| michael@0 | 129 | secondProcParams->constraints, |
| michael@0 | 130 | &cmpResult, |
| michael@0 | 131 | plContext, |
| michael@0 | 132 | PKIX_OBJECTEQUALSFAILED); |
| michael@0 | 133 | |
| michael@0 | 134 | if (!cmpResult) goto cleanup; |
| michael@0 | 135 | |
| michael@0 | 136 | PKIX_EQUALS |
| michael@0 | 137 | (firstProcParams->initialPolicies, |
| michael@0 | 138 | secondProcParams->initialPolicies, |
| michael@0 | 139 | &cmpResult, |
| michael@0 | 140 | plContext, |
| michael@0 | 141 | PKIX_OBJECTEQUALSFAILED); |
| michael@0 | 142 | |
| michael@0 | 143 | if (!cmpResult) goto cleanup; |
| michael@0 | 144 | |
| michael@0 | 145 | /* There is no Equals function for CertChainCheckers */ |
| michael@0 | 146 | |
| michael@0 | 147 | PKIX_EQUALS |
| michael@0 | 148 | ((PKIX_PL_Object *)firstProcParams->certStores, |
| michael@0 | 149 | (PKIX_PL_Object *)secondProcParams->certStores, |
| michael@0 | 150 | &cmpResult, |
| michael@0 | 151 | plContext, |
| michael@0 | 152 | PKIX_OBJECTEQUALSFAILED); |
| michael@0 | 153 | |
| michael@0 | 154 | if (!cmpResult) goto cleanup; |
| michael@0 | 155 | |
| michael@0 | 156 | PKIX_EQUALS |
| michael@0 | 157 | (firstProcParams->resourceLimits, |
| michael@0 | 158 | secondProcParams->resourceLimits, |
| michael@0 | 159 | &cmpResult, |
| michael@0 | 160 | plContext, |
| michael@0 | 161 | PKIX_OBJECTEQUALSFAILED); |
| michael@0 | 162 | |
| michael@0 | 163 | if (cmpResult == PKIX_FALSE) { |
| michael@0 | 164 | *pResult = PKIX_FALSE; |
| michael@0 | 165 | goto cleanup; |
| michael@0 | 166 | } |
| michael@0 | 167 | |
| michael@0 | 168 | *pResult = cmpResult; |
| michael@0 | 169 | |
| michael@0 | 170 | cleanup: |
| michael@0 | 171 | |
| michael@0 | 172 | PKIX_RETURN(PROCESSINGPARAMS); |
| michael@0 | 173 | } |
| michael@0 | 174 | |
| michael@0 | 175 | /* |
| michael@0 | 176 | * FUNCTION: pkix_ProcessingParams_Hashcode |
| michael@0 | 177 | * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h) |
| michael@0 | 178 | */ |
| michael@0 | 179 | static PKIX_Error * |
| michael@0 | 180 | pkix_ProcessingParams_Hashcode( |
| michael@0 | 181 | PKIX_PL_Object *object, |
| michael@0 | 182 | PKIX_UInt32 *pHashcode, |
| michael@0 | 183 | void *plContext) |
| michael@0 | 184 | { |
| michael@0 | 185 | PKIX_ProcessingParams *procParams = NULL; |
| michael@0 | 186 | PKIX_UInt32 hash = 0; |
| michael@0 | 187 | PKIX_UInt32 anchorsHash = 0; |
| michael@0 | 188 | PKIX_UInt32 hintCertsHash = 0; |
| michael@0 | 189 | PKIX_UInt32 dateHash = 0; |
| michael@0 | 190 | PKIX_UInt32 constraintsHash = 0; |
| michael@0 | 191 | PKIX_UInt32 initialHash = 0; |
| michael@0 | 192 | PKIX_UInt32 rejectedHash = 0; |
| michael@0 | 193 | PKIX_UInt32 certChainCheckersHash = 0; |
| michael@0 | 194 | PKIX_UInt32 revCheckerHash = 0; |
| michael@0 | 195 | PKIX_UInt32 certStoresHash = 0; |
| michael@0 | 196 | PKIX_UInt32 resourceLimitsHash = 0; |
| michael@0 | 197 | |
| michael@0 | 198 | PKIX_ENTER(PROCESSINGPARAMS, "pkix_ProcessingParams_Hashcode"); |
| michael@0 | 199 | PKIX_NULLCHECK_TWO(object, pHashcode); |
| michael@0 | 200 | |
| michael@0 | 201 | PKIX_CHECK(pkix_CheckType |
| michael@0 | 202 | (object, PKIX_PROCESSINGPARAMS_TYPE, plContext), |
| michael@0 | 203 | PKIX_OBJECTNOTPROCESSINGPARAMS); |
| michael@0 | 204 | |
| michael@0 | 205 | procParams = (PKIX_ProcessingParams*)object; |
| michael@0 | 206 | |
| michael@0 | 207 | PKIX_HASHCODE(procParams->trustAnchors, &anchorsHash, plContext, |
| michael@0 | 208 | PKIX_OBJECTHASHCODEFAILED); |
| michael@0 | 209 | |
| michael@0 | 210 | PKIX_HASHCODE(procParams->hintCerts, &hintCertsHash, plContext, |
| michael@0 | 211 | PKIX_OBJECTHASHCODEFAILED); |
| michael@0 | 212 | |
| michael@0 | 213 | PKIX_HASHCODE(procParams->date, &dateHash, plContext, |
| michael@0 | 214 | PKIX_OBJECTHASHCODEFAILED); |
| michael@0 | 215 | |
| michael@0 | 216 | PKIX_HASHCODE(procParams->constraints, &constraintsHash, plContext, |
| michael@0 | 217 | PKIX_OBJECTHASHCODEFAILED); |
| michael@0 | 218 | |
| michael@0 | 219 | PKIX_HASHCODE(procParams->initialPolicies, &initialHash, plContext, |
| michael@0 | 220 | PKIX_OBJECTHASHCODEFAILED); |
| michael@0 | 221 | |
| michael@0 | 222 | rejectedHash = procParams->qualifiersRejected; |
| michael@0 | 223 | |
| michael@0 | 224 | /* There is no Hash function for CertChainCheckers */ |
| michael@0 | 225 | |
| michael@0 | 226 | PKIX_HASHCODE(procParams->certStores, &certStoresHash, plContext, |
| michael@0 | 227 | PKIX_OBJECTHASHCODEFAILED); |
| michael@0 | 228 | |
| michael@0 | 229 | PKIX_HASHCODE(procParams->resourceLimits, |
| michael@0 | 230 | &resourceLimitsHash, |
| michael@0 | 231 | plContext, |
| michael@0 | 232 | PKIX_OBJECTHASHCODEFAILED); |
| michael@0 | 233 | |
| michael@0 | 234 | hash = (31 * ((31 * anchorsHash) + hintCertsHash + dateHash)) + |
| michael@0 | 235 | constraintsHash + initialHash + rejectedHash; |
| michael@0 | 236 | |
| michael@0 | 237 | hash += ((((certStoresHash + resourceLimitsHash) << 7) + |
| michael@0 | 238 | certChainCheckersHash + revCheckerHash + |
| michael@0 | 239 | procParams->isCrlRevocationCheckingEnabled + |
| michael@0 | 240 | procParams->isCrlRevocationCheckingEnabledWithNISTPolicy) << 7); |
| michael@0 | 241 | |
| michael@0 | 242 | *pHashcode = hash; |
| michael@0 | 243 | |
| michael@0 | 244 | cleanup: |
| michael@0 | 245 | |
| michael@0 | 246 | PKIX_RETURN(PROCESSINGPARAMS); |
| michael@0 | 247 | } |
| michael@0 | 248 | |
| michael@0 | 249 | /* |
| michael@0 | 250 | * FUNCTION: pkix_ProcessingParams_ToString |
| michael@0 | 251 | * (see comments for PKIX_PL_ToStringCallback in pkix_pl_system.h) |
| michael@0 | 252 | */ |
| michael@0 | 253 | static PKIX_Error * |
| michael@0 | 254 | pkix_ProcessingParams_ToString( |
| michael@0 | 255 | PKIX_PL_Object *object, |
| michael@0 | 256 | PKIX_PL_String **pString, |
| michael@0 | 257 | void *plContext) |
| michael@0 | 258 | { |
| michael@0 | 259 | PKIX_ProcessingParams *procParams = NULL; |
| michael@0 | 260 | char *asciiFormat = NULL; |
| michael@0 | 261 | PKIX_PL_String *formatString = NULL; |
| michael@0 | 262 | PKIX_PL_String *procParamsString = NULL; |
| michael@0 | 263 | PKIX_PL_String *anchorsString = NULL; |
| michael@0 | 264 | PKIX_PL_String *dateString = NULL; |
| michael@0 | 265 | PKIX_PL_String *constraintsString = NULL; |
| michael@0 | 266 | PKIX_PL_String *InitialPoliciesString = NULL; |
| michael@0 | 267 | PKIX_PL_String *qualsRejectedString = NULL; |
| michael@0 | 268 | PKIX_List *certStores = NULL; |
| michael@0 | 269 | PKIX_PL_String *certStoresString = NULL; |
| michael@0 | 270 | PKIX_PL_String *resourceLimitsString = NULL; |
| michael@0 | 271 | |
| michael@0 | 272 | PKIX_ENTER(PROCESSINGPARAMS, "pkix_ProcessingParams_ToString"); |
| michael@0 | 273 | PKIX_NULLCHECK_TWO(object, pString); |
| michael@0 | 274 | |
| michael@0 | 275 | PKIX_CHECK(pkix_CheckType |
| michael@0 | 276 | (object, PKIX_PROCESSINGPARAMS_TYPE, plContext), |
| michael@0 | 277 | PKIX_OBJECTNOTPROCESSINGPARAMS); |
| michael@0 | 278 | |
| michael@0 | 279 | asciiFormat = |
| michael@0 | 280 | "[\n" |
| michael@0 | 281 | "\tTrust Anchors: \n" |
| michael@0 | 282 | "\t********BEGIN LIST OF TRUST ANCHORS********\n" |
| michael@0 | 283 | "\t\t%s\n" |
| michael@0 | 284 | "\t********END LIST OF TRUST ANCHORS********\n" |
| michael@0 | 285 | "\tDate: \t\t%s\n" |
| michael@0 | 286 | "\tTarget Constraints: %s\n" |
| michael@0 | 287 | "\tInitial Policies: %s\n" |
| michael@0 | 288 | "\tQualifiers Rejected: %s\n" |
| michael@0 | 289 | "\tCert Stores: %s\n" |
| michael@0 | 290 | "\tResource Limits: %s\n" |
| michael@0 | 291 | "\tCRL Checking Enabled: %d\n" |
| michael@0 | 292 | "]\n"; |
| michael@0 | 293 | |
| michael@0 | 294 | PKIX_CHECK(PKIX_PL_String_Create |
| michael@0 | 295 | (PKIX_ESCASCII, |
| michael@0 | 296 | asciiFormat, |
| michael@0 | 297 | 0, |
| michael@0 | 298 | &formatString, |
| michael@0 | 299 | plContext), |
| michael@0 | 300 | PKIX_STRINGCREATEFAILED); |
| michael@0 | 301 | |
| michael@0 | 302 | procParams = (PKIX_ProcessingParams*)object; |
| michael@0 | 303 | |
| michael@0 | 304 | PKIX_TOSTRING(procParams->trustAnchors, &anchorsString, plContext, |
| michael@0 | 305 | PKIX_OBJECTTOSTRINGFAILED); |
| michael@0 | 306 | |
| michael@0 | 307 | PKIX_TOSTRING(procParams->date, &dateString, plContext, |
| michael@0 | 308 | PKIX_OBJECTTOSTRINGFAILED); |
| michael@0 | 309 | |
| michael@0 | 310 | PKIX_TOSTRING(procParams->constraints, &constraintsString, plContext, |
| michael@0 | 311 | PKIX_OBJECTTOSTRINGFAILED); |
| michael@0 | 312 | |
| michael@0 | 313 | PKIX_TOSTRING |
| michael@0 | 314 | (procParams->initialPolicies, &InitialPoliciesString, plContext, |
| michael@0 | 315 | PKIX_OBJECTTOSTRINGFAILED); |
| michael@0 | 316 | |
| michael@0 | 317 | PKIX_CHECK(PKIX_PL_String_Create |
| michael@0 | 318 | (PKIX_ESCASCII, |
| michael@0 | 319 | (procParams->qualifiersRejected)?"TRUE":"FALSE", |
| michael@0 | 320 | 0, |
| michael@0 | 321 | &qualsRejectedString, |
| michael@0 | 322 | plContext), |
| michael@0 | 323 | PKIX_STRINGCREATEFAILED); |
| michael@0 | 324 | |
| michael@0 | 325 | /* There is no ToString function for CertChainCheckers */ |
| michael@0 | 326 | |
| michael@0 | 327 | PKIX_CHECK(PKIX_ProcessingParams_GetCertStores |
| michael@0 | 328 | (procParams, &certStores, plContext), |
| michael@0 | 329 | PKIX_PROCESSINGPARAMSGETCERTSTORESFAILED); |
| michael@0 | 330 | |
| michael@0 | 331 | PKIX_TOSTRING(certStores, &certStoresString, plContext, |
| michael@0 | 332 | PKIX_LISTTOSTRINGFAILED); |
| michael@0 | 333 | |
| michael@0 | 334 | PKIX_TOSTRING(procParams->resourceLimits, |
| michael@0 | 335 | &resourceLimitsString, |
| michael@0 | 336 | plContext, |
| michael@0 | 337 | PKIX_OBJECTTOSTRINGFAILED); |
| michael@0 | 338 | |
| michael@0 | 339 | PKIX_CHECK(PKIX_PL_Sprintf |
| michael@0 | 340 | (&procParamsString, |
| michael@0 | 341 | plContext, |
| michael@0 | 342 | formatString, |
| michael@0 | 343 | anchorsString, |
| michael@0 | 344 | dateString, |
| michael@0 | 345 | constraintsString, |
| michael@0 | 346 | InitialPoliciesString, |
| michael@0 | 347 | qualsRejectedString, |
| michael@0 | 348 | certStoresString, |
| michael@0 | 349 | resourceLimitsString, |
| michael@0 | 350 | procParams->isCrlRevocationCheckingEnabled, |
| michael@0 | 351 | procParams->isCrlRevocationCheckingEnabledWithNISTPolicy), |
| michael@0 | 352 | PKIX_SPRINTFFAILED); |
| michael@0 | 353 | |
| michael@0 | 354 | *pString = procParamsString; |
| michael@0 | 355 | |
| michael@0 | 356 | cleanup: |
| michael@0 | 357 | |
| michael@0 | 358 | PKIX_DECREF(formatString); |
| michael@0 | 359 | PKIX_DECREF(anchorsString); |
| michael@0 | 360 | PKIX_DECREF(dateString); |
| michael@0 | 361 | PKIX_DECREF(constraintsString); |
| michael@0 | 362 | PKIX_DECREF(InitialPoliciesString); |
| michael@0 | 363 | PKIX_DECREF(qualsRejectedString); |
| michael@0 | 364 | PKIX_DECREF(certStores); |
| michael@0 | 365 | PKIX_DECREF(certStoresString); |
| michael@0 | 366 | PKIX_DECREF(resourceLimitsString); |
| michael@0 | 367 | |
| michael@0 | 368 | PKIX_RETURN(PROCESSINGPARAMS); |
| michael@0 | 369 | } |
| michael@0 | 370 | |
| michael@0 | 371 | /* |
| michael@0 | 372 | * FUNCTION: pkix_ProcessingParams_Duplicate |
| michael@0 | 373 | * (see comments for PKIX_PL_DuplicateCallback in pkix_pl_system.h) |
| michael@0 | 374 | */ |
| michael@0 | 375 | static PKIX_Error * |
| michael@0 | 376 | pkix_ProcessingParams_Duplicate( |
| michael@0 | 377 | PKIX_PL_Object *object, |
| michael@0 | 378 | PKIX_PL_Object **pNewObject, |
| michael@0 | 379 | void *plContext) |
| michael@0 | 380 | { |
| michael@0 | 381 | PKIX_ProcessingParams *params = NULL; |
| michael@0 | 382 | PKIX_ProcessingParams *paramsDuplicate = NULL; |
| michael@0 | 383 | |
| michael@0 | 384 | PKIX_ENTER(PROCESSINGPARAMS, "pkix_ProcessingParams_Duplicate"); |
| michael@0 | 385 | PKIX_NULLCHECK_TWO(object, pNewObject); |
| michael@0 | 386 | |
| michael@0 | 387 | PKIX_CHECK(pkix_CheckType |
| michael@0 | 388 | (object, PKIX_PROCESSINGPARAMS_TYPE, plContext), |
| michael@0 | 389 | PKIX_OBJECTNOTPROCESSINGPARAMS); |
| michael@0 | 390 | |
| michael@0 | 391 | params = (PKIX_ProcessingParams *)object; |
| michael@0 | 392 | |
| michael@0 | 393 | PKIX_CHECK(PKIX_PL_Object_Alloc |
| michael@0 | 394 | (PKIX_PROCESSINGPARAMS_TYPE, |
| michael@0 | 395 | sizeof (PKIX_ProcessingParams), |
| michael@0 | 396 | (PKIX_PL_Object **)¶msDuplicate, |
| michael@0 | 397 | plContext), |
| michael@0 | 398 | PKIX_PROCESSINGPARAMSCREATEFAILED); |
| michael@0 | 399 | |
| michael@0 | 400 | /* initialize fields */ |
| michael@0 | 401 | PKIX_DUPLICATE |
| michael@0 | 402 | (params->trustAnchors, |
| michael@0 | 403 | &(paramsDuplicate->trustAnchors), |
| michael@0 | 404 | plContext, |
| michael@0 | 405 | PKIX_OBJECTDUPLICATEFAILED); |
| michael@0 | 406 | |
| michael@0 | 407 | PKIX_DUPLICATE |
| michael@0 | 408 | (params->hintCerts, &(paramsDuplicate->hintCerts), plContext, |
| michael@0 | 409 | PKIX_OBJECTDUPLICATEFAILED); |
| michael@0 | 410 | |
| michael@0 | 411 | PKIX_DUPLICATE |
| michael@0 | 412 | (params->constraints, |
| michael@0 | 413 | &(paramsDuplicate->constraints), |
| michael@0 | 414 | plContext, |
| michael@0 | 415 | PKIX_OBJECTDUPLICATEFAILED); |
| michael@0 | 416 | |
| michael@0 | 417 | PKIX_DUPLICATE |
| michael@0 | 418 | (params->date, &(paramsDuplicate->date), plContext, |
| michael@0 | 419 | PKIX_OBJECTDUPLICATEFAILED); |
| michael@0 | 420 | |
| michael@0 | 421 | PKIX_DUPLICATE |
| michael@0 | 422 | (params->initialPolicies, |
| michael@0 | 423 | &(paramsDuplicate->initialPolicies), |
| michael@0 | 424 | plContext, |
| michael@0 | 425 | PKIX_OBJECTDUPLICATEFAILED); |
| michael@0 | 426 | |
| michael@0 | 427 | paramsDuplicate->initialPolicyMappingInhibit = |
| michael@0 | 428 | params->initialPolicyMappingInhibit; |
| michael@0 | 429 | paramsDuplicate->initialAnyPolicyInhibit = |
| michael@0 | 430 | params->initialAnyPolicyInhibit; |
| michael@0 | 431 | paramsDuplicate->initialExplicitPolicy = params->initialExplicitPolicy; |
| michael@0 | 432 | paramsDuplicate->qualifiersRejected = params->qualifiersRejected; |
| michael@0 | 433 | |
| michael@0 | 434 | PKIX_DUPLICATE |
| michael@0 | 435 | (params->certChainCheckers, |
| michael@0 | 436 | &(paramsDuplicate->certChainCheckers), |
| michael@0 | 437 | plContext, |
| michael@0 | 438 | PKIX_OBJECTDUPLICATEFAILED); |
| michael@0 | 439 | |
| michael@0 | 440 | PKIX_DUPLICATE |
| michael@0 | 441 | (params->revChecker, |
| michael@0 | 442 | &(paramsDuplicate->revChecker), |
| michael@0 | 443 | plContext, |
| michael@0 | 444 | PKIX_OBJECTDUPLICATEFAILED); |
| michael@0 | 445 | |
| michael@0 | 446 | PKIX_DUPLICATE |
| michael@0 | 447 | (params->certStores, &(paramsDuplicate->certStores), plContext, |
| michael@0 | 448 | PKIX_OBJECTDUPLICATEFAILED); |
| michael@0 | 449 | |
| michael@0 | 450 | PKIX_DUPLICATE |
| michael@0 | 451 | (params->resourceLimits, |
| michael@0 | 452 | &(paramsDuplicate->resourceLimits), |
| michael@0 | 453 | plContext, |
| michael@0 | 454 | PKIX_OBJECTDUPLICATEFAILED); |
| michael@0 | 455 | |
| michael@0 | 456 | paramsDuplicate->isCrlRevocationCheckingEnabled = |
| michael@0 | 457 | params->isCrlRevocationCheckingEnabled; |
| michael@0 | 458 | |
| michael@0 | 459 | paramsDuplicate->isCrlRevocationCheckingEnabledWithNISTPolicy = |
| michael@0 | 460 | params->isCrlRevocationCheckingEnabledWithNISTPolicy; |
| michael@0 | 461 | |
| michael@0 | 462 | *pNewObject = (PKIX_PL_Object *)paramsDuplicate; |
| michael@0 | 463 | |
| michael@0 | 464 | cleanup: |
| michael@0 | 465 | |
| michael@0 | 466 | if (PKIX_ERROR_RECEIVED){ |
| michael@0 | 467 | PKIX_DECREF(paramsDuplicate); |
| michael@0 | 468 | } |
| michael@0 | 469 | |
| michael@0 | 470 | PKIX_RETURN(PROCESSINGPARAMS); |
| michael@0 | 471 | |
| michael@0 | 472 | } |
| michael@0 | 473 | |
| michael@0 | 474 | /* |
| michael@0 | 475 | * FUNCTION: pkix_ProcessingParams_RegisterSelf |
| michael@0 | 476 | * DESCRIPTION: |
| michael@0 | 477 | * Registers PKIX_PROCESSINGPARAMS_TYPE and its related functions with |
| michael@0 | 478 | * systemClasses[] |
| michael@0 | 479 | * THREAD SAFETY: |
| michael@0 | 480 | * Not Thread Safe - for performance and complexity reasons |
| michael@0 | 481 | * |
| michael@0 | 482 | * Since this function is only called by PKIX_PL_Initialize, which should |
| michael@0 | 483 | * only be called once, it is acceptable that this function is not |
| michael@0 | 484 | * thread-safe. |
| michael@0 | 485 | */ |
| michael@0 | 486 | PKIX_Error * |
| michael@0 | 487 | pkix_ProcessingParams_RegisterSelf(void *plContext) |
| michael@0 | 488 | { |
| michael@0 | 489 | extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES]; |
| michael@0 | 490 | pkix_ClassTable_Entry entry; |
| michael@0 | 491 | |
| michael@0 | 492 | PKIX_ENTER(PROCESSINGPARAMS, "pkix_ProcessingParams_RegisterSelf"); |
| michael@0 | 493 | |
| michael@0 | 494 | entry.description = "ProcessingParams"; |
| michael@0 | 495 | entry.objCounter = 0; |
| michael@0 | 496 | entry.typeObjectSize = sizeof(PKIX_ProcessingParams); |
| michael@0 | 497 | entry.destructor = pkix_ProcessingParams_Destroy; |
| michael@0 | 498 | entry.equalsFunction = pkix_ProcessingParams_Equals; |
| michael@0 | 499 | entry.hashcodeFunction = pkix_ProcessingParams_Hashcode; |
| michael@0 | 500 | entry.toStringFunction = pkix_ProcessingParams_ToString; |
| michael@0 | 501 | entry.comparator = NULL; |
| michael@0 | 502 | entry.duplicateFunction = pkix_ProcessingParams_Duplicate; |
| michael@0 | 503 | |
| michael@0 | 504 | systemClasses[PKIX_PROCESSINGPARAMS_TYPE] = entry; |
| michael@0 | 505 | |
| michael@0 | 506 | PKIX_RETURN(PROCESSINGPARAMS); |
| michael@0 | 507 | } |
| michael@0 | 508 | |
| michael@0 | 509 | /* --Public-Functions--------------------------------------------- */ |
| michael@0 | 510 | |
| michael@0 | 511 | /* |
| michael@0 | 512 | * FUNCTION: PKIX_ProcessingParams_Create (see comments in pkix_params.h) |
| michael@0 | 513 | */ |
| michael@0 | 514 | PKIX_Error * |
| michael@0 | 515 | PKIX_ProcessingParams_Create( |
| michael@0 | 516 | PKIX_ProcessingParams **pParams, |
| michael@0 | 517 | void *plContext) |
| michael@0 | 518 | { |
| michael@0 | 519 | PKIX_ProcessingParams *params = NULL; |
| michael@0 | 520 | |
| michael@0 | 521 | PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_Create"); |
| michael@0 | 522 | PKIX_NULLCHECK_ONE(pParams); |
| michael@0 | 523 | |
| michael@0 | 524 | PKIX_CHECK(PKIX_PL_Object_Alloc |
| michael@0 | 525 | (PKIX_PROCESSINGPARAMS_TYPE, |
| michael@0 | 526 | sizeof (PKIX_ProcessingParams), |
| michael@0 | 527 | (PKIX_PL_Object **)¶ms, |
| michael@0 | 528 | plContext), |
| michael@0 | 529 | PKIX_COULDNOTCREATEPROCESSINGPARAMSOBJECT); |
| michael@0 | 530 | |
| michael@0 | 531 | /* initialize fields */ |
| michael@0 | 532 | PKIX_CHECK(PKIX_List_Create(¶ms->trustAnchors, plContext), |
| michael@0 | 533 | PKIX_LISTCREATEFAILED); |
| michael@0 | 534 | PKIX_CHECK(PKIX_List_SetImmutable(params->trustAnchors, plContext), |
| michael@0 | 535 | PKIX_LISTSETIMMUTABLEFAILED); |
| michael@0 | 536 | |
| michael@0 | 537 | PKIX_CHECK(PKIX_PL_Date_Create_UTCTime |
| michael@0 | 538 | (NULL, ¶ms->date, plContext), |
| michael@0 | 539 | PKIX_DATECREATEUTCTIMEFAILED); |
| michael@0 | 540 | |
| michael@0 | 541 | params->hintCerts = NULL; |
| michael@0 | 542 | params->constraints = NULL; |
| michael@0 | 543 | params->initialPolicies = NULL; |
| michael@0 | 544 | params->initialPolicyMappingInhibit = PKIX_FALSE; |
| michael@0 | 545 | params->initialAnyPolicyInhibit = PKIX_FALSE; |
| michael@0 | 546 | params->initialExplicitPolicy = PKIX_FALSE; |
| michael@0 | 547 | params->qualifiersRejected = PKIX_FALSE; |
| michael@0 | 548 | params->certChainCheckers = NULL; |
| michael@0 | 549 | params->revChecker = NULL; |
| michael@0 | 550 | params->certStores = NULL; |
| michael@0 | 551 | params->resourceLimits = NULL; |
| michael@0 | 552 | |
| michael@0 | 553 | params->isCrlRevocationCheckingEnabled = PKIX_TRUE; |
| michael@0 | 554 | |
| michael@0 | 555 | params->isCrlRevocationCheckingEnabledWithNISTPolicy = PKIX_TRUE; |
| michael@0 | 556 | |
| michael@0 | 557 | params->useAIAForCertFetching = PKIX_FALSE; |
| michael@0 | 558 | params->qualifyTargetCert = PKIX_TRUE; |
| michael@0 | 559 | params->useOnlyTrustAnchors = PKIX_TRUE; |
| michael@0 | 560 | |
| michael@0 | 561 | *pParams = params; |
| michael@0 | 562 | params = NULL; |
| michael@0 | 563 | |
| michael@0 | 564 | cleanup: |
| michael@0 | 565 | |
| michael@0 | 566 | PKIX_DECREF(params); |
| michael@0 | 567 | |
| michael@0 | 568 | PKIX_RETURN(PROCESSINGPARAMS); |
| michael@0 | 569 | |
| michael@0 | 570 | } |
| michael@0 | 571 | |
| michael@0 | 572 | /* |
| michael@0 | 573 | * FUNCTION: PKIX_ProcessingParams_GetUseAIAForCertFetching |
| michael@0 | 574 | * (see comments in pkix_params.h) |
| michael@0 | 575 | */ |
| michael@0 | 576 | PKIX_Error * |
| michael@0 | 577 | PKIX_ProcessingParams_GetUseAIAForCertFetching( |
| michael@0 | 578 | PKIX_ProcessingParams *params, |
| michael@0 | 579 | PKIX_Boolean *pUseAIA, /* list of TrustAnchor */ |
| michael@0 | 580 | void *plContext) |
| michael@0 | 581 | { |
| michael@0 | 582 | PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_GetUseAIAForCertFetching"); |
| michael@0 | 583 | PKIX_NULLCHECK_TWO(params, pUseAIA); |
| michael@0 | 584 | |
| michael@0 | 585 | *pUseAIA = params->useAIAForCertFetching; |
| michael@0 | 586 | |
| michael@0 | 587 | PKIX_RETURN(PROCESSINGPARAMS); |
| michael@0 | 588 | } |
| michael@0 | 589 | |
| michael@0 | 590 | /* |
| michael@0 | 591 | * FUNCTION: PKIX_ProcessingParams_SetUseAIAForCertFetching |
| michael@0 | 592 | * (see comments in pkix_params.h) |
| michael@0 | 593 | */ |
| michael@0 | 594 | PKIX_Error * |
| michael@0 | 595 | PKIX_ProcessingParams_SetUseAIAForCertFetching( |
| michael@0 | 596 | PKIX_ProcessingParams *params, |
| michael@0 | 597 | PKIX_Boolean useAIA, |
| michael@0 | 598 | void *plContext) |
| michael@0 | 599 | { |
| michael@0 | 600 | PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_SetUseAIAForCertFetching"); |
| michael@0 | 601 | PKIX_NULLCHECK_ONE(params); |
| michael@0 | 602 | |
| michael@0 | 603 | params->useAIAForCertFetching = useAIA; |
| michael@0 | 604 | |
| michael@0 | 605 | PKIX_RETURN(PROCESSINGPARAMS); |
| michael@0 | 606 | } |
| michael@0 | 607 | |
| michael@0 | 608 | /* |
| michael@0 | 609 | * FUNCTION: PKIX_ProcessingParams_GetQualifyTargetCert |
| michael@0 | 610 | * (see comments in pkix_params.h) |
| michael@0 | 611 | */ |
| michael@0 | 612 | PKIX_Error * |
| michael@0 | 613 | PKIX_ProcessingParams_GetValidateTargetCert( |
| michael@0 | 614 | PKIX_ProcessingParams *params, |
| michael@0 | 615 | PKIX_Boolean *pQualifyTargetCert, |
| michael@0 | 616 | void *plContext) |
| michael@0 | 617 | { |
| michael@0 | 618 | PKIX_ENTER(PROCESSINGPARAMS, |
| michael@0 | 619 | "PKIX_ProcessingParams_GetValidateTargetCert"); |
| michael@0 | 620 | PKIX_NULLCHECK_TWO(params, pQualifyTargetCert); |
| michael@0 | 621 | |
| michael@0 | 622 | *pQualifyTargetCert = params->qualifyTargetCert; |
| michael@0 | 623 | |
| michael@0 | 624 | PKIX_RETURN(PROCESSINGPARAMS); |
| michael@0 | 625 | } |
| michael@0 | 626 | |
| michael@0 | 627 | /* |
| michael@0 | 628 | * FUNCTION: PKIX_ProcessingParams_SetQualifyTargetCert |
| michael@0 | 629 | * (see comments in pkix_params.h) |
| michael@0 | 630 | */ |
| michael@0 | 631 | PKIX_Error * |
| michael@0 | 632 | PKIX_ProcessingParams_SetQualifyTargetCert( |
| michael@0 | 633 | PKIX_ProcessingParams *params, |
| michael@0 | 634 | PKIX_Boolean qualifyTargetCert, |
| michael@0 | 635 | void *plContext) |
| michael@0 | 636 | { |
| michael@0 | 637 | PKIX_ENTER(PROCESSINGPARAMS, |
| michael@0 | 638 | "PKIX_ProcessingParams_SetQualifyTargetCert"); |
| michael@0 | 639 | PKIX_NULLCHECK_ONE(params); |
| michael@0 | 640 | |
| michael@0 | 641 | params->qualifyTargetCert = qualifyTargetCert; |
| michael@0 | 642 | |
| michael@0 | 643 | PKIX_RETURN(PROCESSINGPARAMS); |
| michael@0 | 644 | } |
| michael@0 | 645 | |
| michael@0 | 646 | /* |
| michael@0 | 647 | * FUNCTION: PKIX_ProcessingParams_SetTrustAnchors |
| michael@0 | 648 | * (see comments in pkix_params.h) |
| michael@0 | 649 | */ |
| michael@0 | 650 | PKIX_Error * |
| michael@0 | 651 | PKIX_ProcessingParams_SetTrustAnchors( |
| michael@0 | 652 | PKIX_ProcessingParams *params, |
| michael@0 | 653 | PKIX_List *anchors, /* list of TrustAnchor */ |
| michael@0 | 654 | void *plContext) |
| michael@0 | 655 | { |
| michael@0 | 656 | PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_SetTrustAnchors"); |
| michael@0 | 657 | PKIX_NULLCHECK_TWO(params, anchors); |
| michael@0 | 658 | |
| michael@0 | 659 | PKIX_DECREF(params->trustAnchors); |
| michael@0 | 660 | |
| michael@0 | 661 | PKIX_INCREF(anchors); |
| michael@0 | 662 | params->trustAnchors = anchors; |
| michael@0 | 663 | PKIX_CHECK(PKIX_List_SetImmutable(params->trustAnchors, plContext), |
| michael@0 | 664 | PKIX_LISTSETIMMUTABLEFAILED); |
| michael@0 | 665 | |
| michael@0 | 666 | cleanup: |
| michael@0 | 667 | PKIX_RETURN(PROCESSINGPARAMS); |
| michael@0 | 668 | } |
| michael@0 | 669 | |
| michael@0 | 670 | /* |
| michael@0 | 671 | * FUNCTION: PKIX_ProcessingParams_GetTrustAnchors |
| michael@0 | 672 | * (see comments in pkix_params.h) |
| michael@0 | 673 | */ |
| michael@0 | 674 | PKIX_Error * |
| michael@0 | 675 | PKIX_ProcessingParams_GetTrustAnchors( |
| michael@0 | 676 | PKIX_ProcessingParams *params, |
| michael@0 | 677 | PKIX_List **pAnchors, /* list of TrustAnchor */ |
| michael@0 | 678 | void *plContext) |
| michael@0 | 679 | { |
| michael@0 | 680 | PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_GetTrustAnchors"); |
| michael@0 | 681 | PKIX_NULLCHECK_TWO(params, pAnchors); |
| michael@0 | 682 | |
| michael@0 | 683 | PKIX_INCREF(params->trustAnchors); |
| michael@0 | 684 | |
| michael@0 | 685 | *pAnchors = params->trustAnchors; |
| michael@0 | 686 | |
| michael@0 | 687 | cleanup: |
| michael@0 | 688 | PKIX_RETURN(PROCESSINGPARAMS); |
| michael@0 | 689 | } |
| michael@0 | 690 | |
| michael@0 | 691 | /** |
| michael@0 | 692 | * FUNCTION: PKIX_ProcessingParams_SetUseOnlyTrustAnchors |
| michael@0 | 693 | * (see comments in pkix_params.h) |
| michael@0 | 694 | */ |
| michael@0 | 695 | PKIX_Error * |
| michael@0 | 696 | PKIX_ProcessingParams_GetUseOnlyTrustAnchors( |
| michael@0 | 697 | PKIX_ProcessingParams *params, |
| michael@0 | 698 | PKIX_Boolean *pUseOnlyTrustAnchors, |
| michael@0 | 699 | void *plContext) |
| michael@0 | 700 | { |
| michael@0 | 701 | PKIX_ENTER(PROCESSINGPARAMS, |
| michael@0 | 702 | "PKIX_ProcessingParams_SetUseTrustAnchorsOnly"); |
| michael@0 | 703 | PKIX_NULLCHECK_TWO(params, pUseOnlyTrustAnchors); |
| michael@0 | 704 | |
| michael@0 | 705 | *pUseOnlyTrustAnchors = params->useOnlyTrustAnchors; |
| michael@0 | 706 | |
| michael@0 | 707 | PKIX_RETURN(PROCESSINGPARAMS); |
| michael@0 | 708 | } |
| michael@0 | 709 | |
| michael@0 | 710 | /** |
| michael@0 | 711 | * FUNCTION: PKIX_ProcessingParams_SetUseOnlyTrustAnchors |
| michael@0 | 712 | * (see comments in pkix_params.h) |
| michael@0 | 713 | */ |
| michael@0 | 714 | PKIX_Error * |
| michael@0 | 715 | PKIX_ProcessingParams_SetUseOnlyTrustAnchors( |
| michael@0 | 716 | PKIX_ProcessingParams *params, |
| michael@0 | 717 | PKIX_Boolean useOnlyTrustAnchors, |
| michael@0 | 718 | void *plContext) |
| michael@0 | 719 | { |
| michael@0 | 720 | PKIX_ENTER(PROCESSINGPARAMS, |
| michael@0 | 721 | "PKIX_ProcessingParams_SetUseTrustAnchorsOnly"); |
| michael@0 | 722 | PKIX_NULLCHECK_ONE(params); |
| michael@0 | 723 | |
| michael@0 | 724 | params->useOnlyTrustAnchors = useOnlyTrustAnchors; |
| michael@0 | 725 | |
| michael@0 | 726 | PKIX_RETURN(PROCESSINGPARAMS); |
| michael@0 | 727 | } |
| michael@0 | 728 | |
| michael@0 | 729 | /* |
| michael@0 | 730 | * FUNCTION: PKIX_ProcessingParams_GetDate (see comments in pkix_params.h) |
| michael@0 | 731 | */ |
| michael@0 | 732 | PKIX_Error * |
| michael@0 | 733 | PKIX_ProcessingParams_GetDate( |
| michael@0 | 734 | PKIX_ProcessingParams *params, |
| michael@0 | 735 | PKIX_PL_Date **pDate, |
| michael@0 | 736 | void *plContext) |
| michael@0 | 737 | { |
| michael@0 | 738 | PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_GetDate"); |
| michael@0 | 739 | PKIX_NULLCHECK_TWO(params, pDate); |
| michael@0 | 740 | |
| michael@0 | 741 | PKIX_INCREF(params->date); |
| michael@0 | 742 | *pDate = params->date; |
| michael@0 | 743 | |
| michael@0 | 744 | cleanup: |
| michael@0 | 745 | PKIX_RETURN(PROCESSINGPARAMS); |
| michael@0 | 746 | } |
| michael@0 | 747 | |
| michael@0 | 748 | /* |
| michael@0 | 749 | * FUNCTION: PKIX_ProcessingParams_SetDate (see comments in pkix_params.h) |
| michael@0 | 750 | */ |
| michael@0 | 751 | PKIX_Error * |
| michael@0 | 752 | PKIX_ProcessingParams_SetDate( |
| michael@0 | 753 | PKIX_ProcessingParams *params, |
| michael@0 | 754 | PKIX_PL_Date *date, |
| michael@0 | 755 | void *plContext) |
| michael@0 | 756 | { |
| michael@0 | 757 | PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_SetDate"); |
| michael@0 | 758 | PKIX_NULLCHECK_ONE(params); |
| michael@0 | 759 | |
| michael@0 | 760 | PKIX_DECREF(params->date); |
| michael@0 | 761 | |
| michael@0 | 762 | PKIX_INCREF(date); |
| michael@0 | 763 | params->date = date; |
| michael@0 | 764 | |
| michael@0 | 765 | PKIX_CHECK(PKIX_PL_Object_InvalidateCache |
| michael@0 | 766 | ((PKIX_PL_Object *)params, plContext), |
| michael@0 | 767 | PKIX_OBJECTINVALIDATECACHEFAILED); |
| michael@0 | 768 | |
| michael@0 | 769 | cleanup: |
| michael@0 | 770 | |
| michael@0 | 771 | if (PKIX_ERROR_RECEIVED && params) { |
| michael@0 | 772 | PKIX_DECREF(params->date); |
| michael@0 | 773 | } |
| michael@0 | 774 | |
| michael@0 | 775 | PKIX_RETURN(PROCESSINGPARAMS); |
| michael@0 | 776 | } |
| michael@0 | 777 | |
| michael@0 | 778 | /* |
| michael@0 | 779 | * FUNCTION: PKIX_ProcessingParams_GetTargetCertConstraints |
| michael@0 | 780 | * (see comments in pkix_params.h) |
| michael@0 | 781 | */ |
| michael@0 | 782 | PKIX_Error * |
| michael@0 | 783 | PKIX_ProcessingParams_GetTargetCertConstraints( |
| michael@0 | 784 | PKIX_ProcessingParams *params, |
| michael@0 | 785 | PKIX_CertSelector **pConstraints, |
| michael@0 | 786 | void *plContext) |
| michael@0 | 787 | { |
| michael@0 | 788 | PKIX_ENTER(PROCESSINGPARAMS, |
| michael@0 | 789 | "PKIX_ProcessingParams_GetTargetCertConstraints"); |
| michael@0 | 790 | |
| michael@0 | 791 | PKIX_NULLCHECK_TWO(params, pConstraints); |
| michael@0 | 792 | |
| michael@0 | 793 | PKIX_INCREF(params->constraints); |
| michael@0 | 794 | *pConstraints = params->constraints; |
| michael@0 | 795 | |
| michael@0 | 796 | cleanup: |
| michael@0 | 797 | PKIX_RETURN(PROCESSINGPARAMS); |
| michael@0 | 798 | } |
| michael@0 | 799 | |
| michael@0 | 800 | /* |
| michael@0 | 801 | * FUNCTION: PKIX_ProcessingParams_SetTargetCertConstraints |
| michael@0 | 802 | * (see comments in pkix_params.h) |
| michael@0 | 803 | */ |
| michael@0 | 804 | PKIX_Error * |
| michael@0 | 805 | PKIX_ProcessingParams_SetTargetCertConstraints( |
| michael@0 | 806 | PKIX_ProcessingParams *params, |
| michael@0 | 807 | PKIX_CertSelector *constraints, |
| michael@0 | 808 | void *plContext) |
| michael@0 | 809 | { |
| michael@0 | 810 | |
| michael@0 | 811 | PKIX_ENTER(PROCESSINGPARAMS, |
| michael@0 | 812 | "PKIX_ProcessingParams_SetTargetCertConstraints"); |
| michael@0 | 813 | |
| michael@0 | 814 | PKIX_NULLCHECK_ONE(params); |
| michael@0 | 815 | |
| michael@0 | 816 | PKIX_DECREF(params->constraints); |
| michael@0 | 817 | |
| michael@0 | 818 | PKIX_INCREF(constraints); |
| michael@0 | 819 | params->constraints = constraints; |
| michael@0 | 820 | |
| michael@0 | 821 | PKIX_CHECK(PKIX_PL_Object_InvalidateCache |
| michael@0 | 822 | ((PKIX_PL_Object *)params, plContext), |
| michael@0 | 823 | PKIX_OBJECTINVALIDATECACHEFAILED); |
| michael@0 | 824 | |
| michael@0 | 825 | cleanup: |
| michael@0 | 826 | if (PKIX_ERROR_RECEIVED && params) { |
| michael@0 | 827 | PKIX_DECREF(params->constraints); |
| michael@0 | 828 | } |
| michael@0 | 829 | |
| michael@0 | 830 | PKIX_RETURN(PROCESSINGPARAMS); |
| michael@0 | 831 | } |
| michael@0 | 832 | |
| michael@0 | 833 | /* |
| michael@0 | 834 | * FUNCTION: PKIX_ProcessingParams_GetInitialPolicies |
| michael@0 | 835 | * (see comments in pkix_params.h) |
| michael@0 | 836 | */ |
| michael@0 | 837 | PKIX_Error * |
| michael@0 | 838 | PKIX_ProcessingParams_GetInitialPolicies( |
| michael@0 | 839 | PKIX_ProcessingParams *params, |
| michael@0 | 840 | PKIX_List **pInitPolicies, /* list of PKIX_PL_OID */ |
| michael@0 | 841 | void *plContext) |
| michael@0 | 842 | { |
| michael@0 | 843 | |
| michael@0 | 844 | PKIX_ENTER(PROCESSINGPARAMS, |
| michael@0 | 845 | "PKIX_ProcessingParams_GetInitialPolicies"); |
| michael@0 | 846 | |
| michael@0 | 847 | PKIX_NULLCHECK_TWO(params, pInitPolicies); |
| michael@0 | 848 | |
| michael@0 | 849 | if (params->initialPolicies == NULL) { |
| michael@0 | 850 | PKIX_CHECK(PKIX_List_Create |
| michael@0 | 851 | (¶ms->initialPolicies, plContext), |
| michael@0 | 852 | PKIX_UNABLETOCREATELIST); |
| michael@0 | 853 | PKIX_CHECK(PKIX_List_SetImmutable |
| michael@0 | 854 | (params->initialPolicies, plContext), |
| michael@0 | 855 | PKIX_UNABLETOMAKELISTIMMUTABLE); |
| michael@0 | 856 | PKIX_CHECK(PKIX_PL_Object_InvalidateCache |
| michael@0 | 857 | ((PKIX_PL_Object *)params, plContext), |
| michael@0 | 858 | PKIX_OBJECTINVALIDATECACHEFAILED); |
| michael@0 | 859 | } |
| michael@0 | 860 | |
| michael@0 | 861 | PKIX_INCREF(params->initialPolicies); |
| michael@0 | 862 | *pInitPolicies = params->initialPolicies; |
| michael@0 | 863 | |
| michael@0 | 864 | cleanup: |
| michael@0 | 865 | |
| michael@0 | 866 | PKIX_RETURN(PROCESSINGPARAMS); |
| michael@0 | 867 | } |
| michael@0 | 868 | |
| michael@0 | 869 | /* |
| michael@0 | 870 | * FUNCTION: PKIX_ProcessingParams_SetInitialPolicies |
| michael@0 | 871 | * (see comments in pkix_params.h) |
| michael@0 | 872 | */ |
| michael@0 | 873 | PKIX_Error * |
| michael@0 | 874 | PKIX_ProcessingParams_SetInitialPolicies( |
| michael@0 | 875 | PKIX_ProcessingParams *params, |
| michael@0 | 876 | PKIX_List *initPolicies, /* list of PKIX_PL_OID */ |
| michael@0 | 877 | void *plContext) |
| michael@0 | 878 | { |
| michael@0 | 879 | PKIX_ENTER(PROCESSINGPARAMS, |
| michael@0 | 880 | "PKIX_ProcessingParams_SetInitialPolicies"); |
| michael@0 | 881 | PKIX_NULLCHECK_ONE(params); |
| michael@0 | 882 | |
| michael@0 | 883 | PKIX_DECREF(params->initialPolicies); |
| michael@0 | 884 | |
| michael@0 | 885 | PKIX_INCREF(initPolicies); |
| michael@0 | 886 | params->initialPolicies = initPolicies; |
| michael@0 | 887 | |
| michael@0 | 888 | PKIX_CHECK(PKIX_PL_Object_InvalidateCache |
| michael@0 | 889 | ((PKIX_PL_Object *)params, plContext), |
| michael@0 | 890 | PKIX_OBJECTINVALIDATECACHEFAILED); |
| michael@0 | 891 | |
| michael@0 | 892 | cleanup: |
| michael@0 | 893 | |
| michael@0 | 894 | if (PKIX_ERROR_RECEIVED && params) { |
| michael@0 | 895 | PKIX_DECREF(params->initialPolicies); |
| michael@0 | 896 | } |
| michael@0 | 897 | PKIX_RETURN(PROCESSINGPARAMS); |
| michael@0 | 898 | } |
| michael@0 | 899 | |
| michael@0 | 900 | /* |
| michael@0 | 901 | * FUNCTION: PKIX_ProcessingParams_GetPolicyQualifiersRejected |
| michael@0 | 902 | * (see comments in pkix_params.h) |
| michael@0 | 903 | */ |
| michael@0 | 904 | PKIX_Error * |
| michael@0 | 905 | PKIX_ProcessingParams_GetPolicyQualifiersRejected( |
| michael@0 | 906 | PKIX_ProcessingParams *params, |
| michael@0 | 907 | PKIX_Boolean *pRejected, |
| michael@0 | 908 | void *plContext) |
| michael@0 | 909 | { |
| michael@0 | 910 | PKIX_ENTER(PROCESSINGPARAMS, |
| michael@0 | 911 | "PKIX_ProcessingParams_GetPolicyQualifiersRejected"); |
| michael@0 | 912 | |
| michael@0 | 913 | PKIX_NULLCHECK_TWO(params, pRejected); |
| michael@0 | 914 | |
| michael@0 | 915 | *pRejected = params->qualifiersRejected; |
| michael@0 | 916 | |
| michael@0 | 917 | PKIX_RETURN(PROCESSINGPARAMS); |
| michael@0 | 918 | } |
| michael@0 | 919 | |
| michael@0 | 920 | /* |
| michael@0 | 921 | * FUNCTION: PKIX_ProcessingParams_SetPolicyQualifiersRejected |
| michael@0 | 922 | * (see comments in pkix_params.h) |
| michael@0 | 923 | */ |
| michael@0 | 924 | PKIX_Error * |
| michael@0 | 925 | PKIX_ProcessingParams_SetPolicyQualifiersRejected( |
| michael@0 | 926 | PKIX_ProcessingParams *params, |
| michael@0 | 927 | PKIX_Boolean rejected, |
| michael@0 | 928 | void *plContext) |
| michael@0 | 929 | { |
| michael@0 | 930 | PKIX_ENTER(PROCESSINGPARAMS, |
| michael@0 | 931 | "PKIX_ProcessingParams_SetPolicyQualifiersRejected"); |
| michael@0 | 932 | |
| michael@0 | 933 | PKIX_NULLCHECK_ONE(params); |
| michael@0 | 934 | |
| michael@0 | 935 | params->qualifiersRejected = rejected; |
| michael@0 | 936 | |
| michael@0 | 937 | PKIX_CHECK(PKIX_PL_Object_InvalidateCache |
| michael@0 | 938 | ((PKIX_PL_Object *)params, plContext), |
| michael@0 | 939 | PKIX_OBJECTINVALIDATECACHEFAILED); |
| michael@0 | 940 | |
| michael@0 | 941 | cleanup: |
| michael@0 | 942 | |
| michael@0 | 943 | PKIX_RETURN(PROCESSINGPARAMS); |
| michael@0 | 944 | } |
| michael@0 | 945 | |
| michael@0 | 946 | /* |
| michael@0 | 947 | * FUNCTION: PKIX_ProcessingParams_GetCertChainCheckers |
| michael@0 | 948 | * (see comments in pkix_params.h) |
| michael@0 | 949 | */ |
| michael@0 | 950 | PKIX_Error * |
| michael@0 | 951 | PKIX_ProcessingParams_GetCertChainCheckers( |
| michael@0 | 952 | PKIX_ProcessingParams *params, |
| michael@0 | 953 | PKIX_List **pCheckers, /* list of PKIX_CertChainChecker */ |
| michael@0 | 954 | void *plContext) |
| michael@0 | 955 | { |
| michael@0 | 956 | PKIX_ENTER(PROCESSINGPARAMS, |
| michael@0 | 957 | "PKIX_ProcessingParams_GetCertChainCheckers"); |
| michael@0 | 958 | PKIX_NULLCHECK_TWO(params, pCheckers); |
| michael@0 | 959 | |
| michael@0 | 960 | PKIX_INCREF(params->certChainCheckers); |
| michael@0 | 961 | *pCheckers = params->certChainCheckers; |
| michael@0 | 962 | |
| michael@0 | 963 | cleanup: |
| michael@0 | 964 | PKIX_RETURN(PROCESSINGPARAMS); |
| michael@0 | 965 | } |
| michael@0 | 966 | |
| michael@0 | 967 | /* |
| michael@0 | 968 | * FUNCTION: PKIX_ProcessingParams_SetCertChainCheckers |
| michael@0 | 969 | * (see comments in pkix_params.h) |
| michael@0 | 970 | */ |
| michael@0 | 971 | PKIX_Error * |
| michael@0 | 972 | PKIX_ProcessingParams_SetCertChainCheckers( |
| michael@0 | 973 | PKIX_ProcessingParams *params, |
| michael@0 | 974 | PKIX_List *checkers, /* list of PKIX_CertChainChecker */ |
| michael@0 | 975 | void *plContext) |
| michael@0 | 976 | { |
| michael@0 | 977 | |
| michael@0 | 978 | PKIX_ENTER(PROCESSINGPARAMS, |
| michael@0 | 979 | "PKIX_ProcessingParams_SetCertChainCheckers"); |
| michael@0 | 980 | PKIX_NULLCHECK_ONE(params); |
| michael@0 | 981 | |
| michael@0 | 982 | PKIX_DECREF(params->certChainCheckers); |
| michael@0 | 983 | |
| michael@0 | 984 | PKIX_INCREF(checkers); |
| michael@0 | 985 | params->certChainCheckers = checkers; |
| michael@0 | 986 | |
| michael@0 | 987 | PKIX_CHECK(PKIX_PL_Object_InvalidateCache |
| michael@0 | 988 | ((PKIX_PL_Object *)params, plContext), |
| michael@0 | 989 | PKIX_OBJECTINVALIDATECACHEFAILED); |
| michael@0 | 990 | |
| michael@0 | 991 | cleanup: |
| michael@0 | 992 | |
| michael@0 | 993 | if (PKIX_ERROR_RECEIVED && params) { |
| michael@0 | 994 | PKIX_DECREF(params->certChainCheckers); |
| michael@0 | 995 | } |
| michael@0 | 996 | |
| michael@0 | 997 | PKIX_RETURN(PROCESSINGPARAMS); |
| michael@0 | 998 | } |
| michael@0 | 999 | |
| michael@0 | 1000 | /* |
| michael@0 | 1001 | * FUNCTION: PKIX_ProcessingParams_AddCertChainCheckers |
| michael@0 | 1002 | * (see comments in pkix_params.h) |
| michael@0 | 1003 | */ |
| michael@0 | 1004 | PKIX_Error * |
| michael@0 | 1005 | PKIX_ProcessingParams_AddCertChainChecker( |
| michael@0 | 1006 | PKIX_ProcessingParams *params, |
| michael@0 | 1007 | PKIX_CertChainChecker *checker, |
| michael@0 | 1008 | void *plContext) |
| michael@0 | 1009 | { |
| michael@0 | 1010 | PKIX_List *list = NULL; |
| michael@0 | 1011 | |
| michael@0 | 1012 | PKIX_ENTER(PROCESSINGPARAMS, |
| michael@0 | 1013 | "PKIX_ProcessingParams_AddCertChainChecker"); |
| michael@0 | 1014 | PKIX_NULLCHECK_TWO(params, checker); |
| michael@0 | 1015 | |
| michael@0 | 1016 | if (params->certChainCheckers == NULL) { |
| michael@0 | 1017 | |
| michael@0 | 1018 | PKIX_CHECK(PKIX_List_Create(&list, plContext), |
| michael@0 | 1019 | PKIX_LISTCREATEFAILED); |
| michael@0 | 1020 | |
| michael@0 | 1021 | params->certChainCheckers = list; |
| michael@0 | 1022 | } |
| michael@0 | 1023 | |
| michael@0 | 1024 | PKIX_CHECK(PKIX_List_AppendItem |
| michael@0 | 1025 | (params->certChainCheckers, (PKIX_PL_Object *)checker, plContext), |
| michael@0 | 1026 | PKIX_LISTAPPENDITEMFAILED); |
| michael@0 | 1027 | |
| michael@0 | 1028 | PKIX_CHECK(PKIX_PL_Object_InvalidateCache |
| michael@0 | 1029 | ((PKIX_PL_Object *)params, plContext), |
| michael@0 | 1030 | PKIX_OBJECTINVALIDATECACHEFAILED); |
| michael@0 | 1031 | |
| michael@0 | 1032 | list = NULL; |
| michael@0 | 1033 | |
| michael@0 | 1034 | cleanup: |
| michael@0 | 1035 | |
| michael@0 | 1036 | if (list && params) { |
| michael@0 | 1037 | PKIX_DECREF(params->certChainCheckers); |
| michael@0 | 1038 | } |
| michael@0 | 1039 | |
| michael@0 | 1040 | PKIX_RETURN(PROCESSINGPARAMS); |
| michael@0 | 1041 | } |
| michael@0 | 1042 | |
| michael@0 | 1043 | /* |
| michael@0 | 1044 | * FUNCTION: PKIX_ProcessingParams_GetRevocationChecker |
| michael@0 | 1045 | * (see comments in pkix_params.h) |
| michael@0 | 1046 | */ |
| michael@0 | 1047 | PKIX_Error * |
| michael@0 | 1048 | PKIX_ProcessingParams_GetRevocationChecker( |
| michael@0 | 1049 | PKIX_ProcessingParams *params, |
| michael@0 | 1050 | PKIX_RevocationChecker **pChecker, |
| michael@0 | 1051 | void *plContext) |
| michael@0 | 1052 | { |
| michael@0 | 1053 | |
| michael@0 | 1054 | PKIX_ENTER |
| michael@0 | 1055 | (PROCESSINGPARAMS, "PKIX_ProcessingParams_GetRevocationCheckers"); |
| michael@0 | 1056 | PKIX_NULLCHECK_TWO(params, pChecker); |
| michael@0 | 1057 | |
| michael@0 | 1058 | PKIX_INCREF(params->revChecker); |
| michael@0 | 1059 | *pChecker = params->revChecker; |
| michael@0 | 1060 | |
| michael@0 | 1061 | cleanup: |
| michael@0 | 1062 | |
| michael@0 | 1063 | PKIX_RETURN(PROCESSINGPARAMS); |
| michael@0 | 1064 | } |
| michael@0 | 1065 | |
| michael@0 | 1066 | /* |
| michael@0 | 1067 | * FUNCTION: PKIX_ProcessingParams_SetRevocationChecker |
| michael@0 | 1068 | * (see comments in pkix_params.h) |
| michael@0 | 1069 | */ |
| michael@0 | 1070 | PKIX_Error * |
| michael@0 | 1071 | PKIX_ProcessingParams_SetRevocationChecker( |
| michael@0 | 1072 | PKIX_ProcessingParams *params, |
| michael@0 | 1073 | PKIX_RevocationChecker *checker, |
| michael@0 | 1074 | void *plContext) |
| michael@0 | 1075 | { |
| michael@0 | 1076 | |
| michael@0 | 1077 | PKIX_ENTER(PROCESSINGPARAMS, |
| michael@0 | 1078 | "PKIX_ProcessingParams_InitRevocationChecker"); |
| michael@0 | 1079 | PKIX_NULLCHECK_ONE(params); |
| michael@0 | 1080 | |
| michael@0 | 1081 | PKIX_DECREF(params->revChecker); |
| michael@0 | 1082 | PKIX_INCREF(checker); |
| michael@0 | 1083 | params->revChecker = checker; |
| michael@0 | 1084 | |
| michael@0 | 1085 | PKIX_CHECK(PKIX_PL_Object_InvalidateCache |
| michael@0 | 1086 | ((PKIX_PL_Object *)params, plContext), |
| michael@0 | 1087 | PKIX_OBJECTINVALIDATECACHEFAILED); |
| michael@0 | 1088 | cleanup: |
| michael@0 | 1089 | |
| michael@0 | 1090 | PKIX_RETURN(PROCESSINGPARAMS); |
| michael@0 | 1091 | } |
| michael@0 | 1092 | |
| michael@0 | 1093 | /* |
| michael@0 | 1094 | * FUNCTION: PKIX_ProcessingParams_GetCertStores |
| michael@0 | 1095 | * (see comments in pkix_params.h) |
| michael@0 | 1096 | */ |
| michael@0 | 1097 | PKIX_Error * |
| michael@0 | 1098 | PKIX_ProcessingParams_GetCertStores( |
| michael@0 | 1099 | PKIX_ProcessingParams *params, |
| michael@0 | 1100 | PKIX_List **pStores, /* list of PKIX_CertStore */ |
| michael@0 | 1101 | void *plContext) |
| michael@0 | 1102 | { |
| michael@0 | 1103 | PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_GetCertStores"); |
| michael@0 | 1104 | |
| michael@0 | 1105 | PKIX_NULLCHECK_TWO(params, pStores); |
| michael@0 | 1106 | |
| michael@0 | 1107 | if (!params->certStores){ |
| michael@0 | 1108 | PKIX_CHECK(PKIX_List_Create(¶ms->certStores, plContext), |
| michael@0 | 1109 | PKIX_UNABLETOCREATELIST); |
| michael@0 | 1110 | } |
| michael@0 | 1111 | |
| michael@0 | 1112 | PKIX_INCREF(params->certStores); |
| michael@0 | 1113 | *pStores = params->certStores; |
| michael@0 | 1114 | |
| michael@0 | 1115 | cleanup: |
| michael@0 | 1116 | |
| michael@0 | 1117 | PKIX_RETURN(PROCESSINGPARAMS); |
| michael@0 | 1118 | } |
| michael@0 | 1119 | |
| michael@0 | 1120 | /* |
| michael@0 | 1121 | * FUNCTION: PKIX_ProcessingParams_SetCertStores |
| michael@0 | 1122 | * (see comments in pkix_params.h) |
| michael@0 | 1123 | */ |
| michael@0 | 1124 | PKIX_Error * |
| michael@0 | 1125 | PKIX_ProcessingParams_SetCertStores( |
| michael@0 | 1126 | PKIX_ProcessingParams *params, |
| michael@0 | 1127 | PKIX_List *stores, /* list of PKIX_CertStore */ |
| michael@0 | 1128 | void *plContext) |
| michael@0 | 1129 | { |
| michael@0 | 1130 | PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_SetCertStores"); |
| michael@0 | 1131 | |
| michael@0 | 1132 | PKIX_NULLCHECK_ONE(params); |
| michael@0 | 1133 | |
| michael@0 | 1134 | PKIX_DECREF(params->certStores); |
| michael@0 | 1135 | |
| michael@0 | 1136 | PKIX_INCREF(stores); |
| michael@0 | 1137 | params->certStores = stores; |
| michael@0 | 1138 | |
| michael@0 | 1139 | PKIX_CHECK(PKIX_PL_Object_InvalidateCache |
| michael@0 | 1140 | ((PKIX_PL_Object *)params, plContext), |
| michael@0 | 1141 | PKIX_OBJECTINVALIDATECACHEFAILED); |
| michael@0 | 1142 | |
| michael@0 | 1143 | cleanup: |
| michael@0 | 1144 | |
| michael@0 | 1145 | if (PKIX_ERROR_RECEIVED && params) { |
| michael@0 | 1146 | PKIX_DECREF(params->certStores); |
| michael@0 | 1147 | } |
| michael@0 | 1148 | |
| michael@0 | 1149 | PKIX_RETURN(PROCESSINGPARAMS); |
| michael@0 | 1150 | } |
| michael@0 | 1151 | |
| michael@0 | 1152 | /* |
| michael@0 | 1153 | * FUNCTION: PKIX_ProcessingParams_AddCertStore |
| michael@0 | 1154 | * (see comments in pkix_params.h) |
| michael@0 | 1155 | */ |
| michael@0 | 1156 | PKIX_Error * |
| michael@0 | 1157 | PKIX_ProcessingParams_AddCertStore( |
| michael@0 | 1158 | PKIX_ProcessingParams *params, |
| michael@0 | 1159 | PKIX_CertStore *store, |
| michael@0 | 1160 | void *plContext) |
| michael@0 | 1161 | { |
| michael@0 | 1162 | PKIX_List *certStores = NULL; |
| michael@0 | 1163 | |
| michael@0 | 1164 | PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_AddCertStore"); |
| michael@0 | 1165 | PKIX_NULLCHECK_TWO(params, store); |
| michael@0 | 1166 | |
| michael@0 | 1167 | PKIX_CHECK(PKIX_ProcessingParams_GetCertStores |
| michael@0 | 1168 | (params, &certStores, plContext), |
| michael@0 | 1169 | PKIX_PROCESSINGPARAMSGETCERTSTORESFAILED); |
| michael@0 | 1170 | |
| michael@0 | 1171 | PKIX_CHECK(PKIX_List_AppendItem |
| michael@0 | 1172 | (certStores, (PKIX_PL_Object *)store, plContext), |
| michael@0 | 1173 | PKIX_LISTAPPENDITEMFAILED); |
| michael@0 | 1174 | |
| michael@0 | 1175 | PKIX_CHECK(PKIX_PL_Object_InvalidateCache |
| michael@0 | 1176 | ((PKIX_PL_Object *)params, plContext), |
| michael@0 | 1177 | PKIX_OBJECTINVALIDATECACHEFAILED); |
| michael@0 | 1178 | |
| michael@0 | 1179 | cleanup: |
| michael@0 | 1180 | |
| michael@0 | 1181 | PKIX_DECREF(certStores); |
| michael@0 | 1182 | PKIX_RETURN(PROCESSINGPARAMS); |
| michael@0 | 1183 | } |
| michael@0 | 1184 | |
| michael@0 | 1185 | /* |
| michael@0 | 1186 | * FUNCTION: PKIX_ProcessingParams_SetResourceLimits |
| michael@0 | 1187 | * (see comments in pkix_params.h) |
| michael@0 | 1188 | */ |
| michael@0 | 1189 | PKIX_Error * |
| michael@0 | 1190 | PKIX_ProcessingParams_SetResourceLimits( |
| michael@0 | 1191 | PKIX_ProcessingParams *params, |
| michael@0 | 1192 | PKIX_ResourceLimits *resourceLimits, |
| michael@0 | 1193 | void *plContext) |
| michael@0 | 1194 | { |
| michael@0 | 1195 | PKIX_ENTER(PROCESSINGPARAMS, |
| michael@0 | 1196 | "PKIX_ProcessingParams_SetResourceLimits"); |
| michael@0 | 1197 | |
| michael@0 | 1198 | PKIX_NULLCHECK_TWO(params, resourceLimits); |
| michael@0 | 1199 | |
| michael@0 | 1200 | PKIX_DECREF(params->resourceLimits); |
| michael@0 | 1201 | PKIX_INCREF(resourceLimits); |
| michael@0 | 1202 | params->resourceLimits = resourceLimits; |
| michael@0 | 1203 | |
| michael@0 | 1204 | cleanup: |
| michael@0 | 1205 | if (PKIX_ERROR_RECEIVED && params) { |
| michael@0 | 1206 | PKIX_DECREF(params->resourceLimits); |
| michael@0 | 1207 | } |
| michael@0 | 1208 | |
| michael@0 | 1209 | PKIX_RETURN(PROCESSINGPARAMS); |
| michael@0 | 1210 | } |
| michael@0 | 1211 | |
| michael@0 | 1212 | /* |
| michael@0 | 1213 | * FUNCTION: PKIX_ProcessingParams_GetResourceLimits |
| michael@0 | 1214 | * (see comments in pkix_params.h) |
| michael@0 | 1215 | */ |
| michael@0 | 1216 | PKIX_Error * |
| michael@0 | 1217 | PKIX_ProcessingParams_GetResourceLimits( |
| michael@0 | 1218 | PKIX_ProcessingParams *params, |
| michael@0 | 1219 | PKIX_ResourceLimits **pResourceLimits, |
| michael@0 | 1220 | void *plContext) |
| michael@0 | 1221 | { |
| michael@0 | 1222 | PKIX_ENTER(PROCESSINGPARAMS, |
| michael@0 | 1223 | "PKIX_ProcessingParams_GetResourceLimits"); |
| michael@0 | 1224 | |
| michael@0 | 1225 | PKIX_NULLCHECK_TWO(params, pResourceLimits); |
| michael@0 | 1226 | |
| michael@0 | 1227 | PKIX_INCREF(params->resourceLimits); |
| michael@0 | 1228 | *pResourceLimits = params->resourceLimits; |
| michael@0 | 1229 | |
| michael@0 | 1230 | cleanup: |
| michael@0 | 1231 | PKIX_RETURN(PROCESSINGPARAMS); |
| michael@0 | 1232 | } |
| michael@0 | 1233 | |
| michael@0 | 1234 | /* |
| michael@0 | 1235 | * FUNCTION: PKIX_ProcessingParams_IsAnyPolicyInhibited |
| michael@0 | 1236 | * (see comments in pkix_params.h) |
| michael@0 | 1237 | */ |
| michael@0 | 1238 | PKIX_Error * |
| michael@0 | 1239 | PKIX_ProcessingParams_IsAnyPolicyInhibited( |
| michael@0 | 1240 | PKIX_ProcessingParams *params, |
| michael@0 | 1241 | PKIX_Boolean *pInhibited, |
| michael@0 | 1242 | void *plContext) |
| michael@0 | 1243 | { |
| michael@0 | 1244 | PKIX_ENTER(PROCESSINGPARAMS, |
| michael@0 | 1245 | "PKIX_ProcessingParams_IsAnyPolicyInhibited"); |
| michael@0 | 1246 | |
| michael@0 | 1247 | PKIX_NULLCHECK_TWO(params, pInhibited); |
| michael@0 | 1248 | |
| michael@0 | 1249 | *pInhibited = params->initialAnyPolicyInhibit; |
| michael@0 | 1250 | |
| michael@0 | 1251 | PKIX_RETURN(PROCESSINGPARAMS); |
| michael@0 | 1252 | } |
| michael@0 | 1253 | |
| michael@0 | 1254 | /* |
| michael@0 | 1255 | * FUNCTION: PKIX_ProcessingParams_SetAnyPolicyInhibited |
| michael@0 | 1256 | * (see comments in pkix_params.h) |
| michael@0 | 1257 | */ |
| michael@0 | 1258 | PKIX_Error * |
| michael@0 | 1259 | PKIX_ProcessingParams_SetAnyPolicyInhibited( |
| michael@0 | 1260 | PKIX_ProcessingParams *params, |
| michael@0 | 1261 | PKIX_Boolean inhibited, |
| michael@0 | 1262 | void *plContext) |
| michael@0 | 1263 | { |
| michael@0 | 1264 | PKIX_ENTER(PROCESSINGPARAMS, |
| michael@0 | 1265 | "PKIX_ProcessingParams_SetAnyPolicyInhibited"); |
| michael@0 | 1266 | |
| michael@0 | 1267 | PKIX_NULLCHECK_ONE(params); |
| michael@0 | 1268 | |
| michael@0 | 1269 | params->initialAnyPolicyInhibit = inhibited; |
| michael@0 | 1270 | |
| michael@0 | 1271 | PKIX_CHECK(PKIX_PL_Object_InvalidateCache |
| michael@0 | 1272 | ((PKIX_PL_Object *)params, plContext), |
| michael@0 | 1273 | PKIX_OBJECTINVALIDATECACHEFAILED); |
| michael@0 | 1274 | |
| michael@0 | 1275 | cleanup: |
| michael@0 | 1276 | |
| michael@0 | 1277 | PKIX_RETURN(PROCESSINGPARAMS); |
| michael@0 | 1278 | } |
| michael@0 | 1279 | |
| michael@0 | 1280 | /* |
| michael@0 | 1281 | * FUNCTION: PKIX_ProcessingParams_IsExplicitPolicyRequired |
| michael@0 | 1282 | * (see comments in pkix_params.h) |
| michael@0 | 1283 | */ |
| michael@0 | 1284 | PKIX_Error * |
| michael@0 | 1285 | PKIX_ProcessingParams_IsExplicitPolicyRequired( |
| michael@0 | 1286 | PKIX_ProcessingParams *params, |
| michael@0 | 1287 | PKIX_Boolean *pRequired, |
| michael@0 | 1288 | void *plContext) |
| michael@0 | 1289 | { |
| michael@0 | 1290 | PKIX_ENTER(PROCESSINGPARAMS, |
| michael@0 | 1291 | "PKIX_ProcessingParams_IsExplicitPolicyRequired"); |
| michael@0 | 1292 | |
| michael@0 | 1293 | PKIX_NULLCHECK_TWO(params, pRequired); |
| michael@0 | 1294 | |
| michael@0 | 1295 | *pRequired = params->initialExplicitPolicy; |
| michael@0 | 1296 | |
| michael@0 | 1297 | PKIX_RETURN(PROCESSINGPARAMS); |
| michael@0 | 1298 | } |
| michael@0 | 1299 | |
| michael@0 | 1300 | /* |
| michael@0 | 1301 | * FUNCTION: PKIX_ProcessingParams_SetExplicitPolicyRequired |
| michael@0 | 1302 | * (see comments in pkix_params.h) |
| michael@0 | 1303 | */ |
| michael@0 | 1304 | PKIX_Error * |
| michael@0 | 1305 | PKIX_ProcessingParams_SetExplicitPolicyRequired( |
| michael@0 | 1306 | PKIX_ProcessingParams *params, |
| michael@0 | 1307 | PKIX_Boolean required, |
| michael@0 | 1308 | void *plContext) |
| michael@0 | 1309 | { |
| michael@0 | 1310 | PKIX_ENTER(PROCESSINGPARAMS, |
| michael@0 | 1311 | "PKIX_ProcessingParams_SetExplicitPolicyRequired"); |
| michael@0 | 1312 | |
| michael@0 | 1313 | PKIX_NULLCHECK_ONE(params); |
| michael@0 | 1314 | |
| michael@0 | 1315 | params->initialExplicitPolicy = required; |
| michael@0 | 1316 | |
| michael@0 | 1317 | PKIX_CHECK(PKIX_PL_Object_InvalidateCache |
| michael@0 | 1318 | ((PKIX_PL_Object *)params, plContext), |
| michael@0 | 1319 | PKIX_OBJECTINVALIDATECACHEFAILED); |
| michael@0 | 1320 | |
| michael@0 | 1321 | cleanup: |
| michael@0 | 1322 | |
| michael@0 | 1323 | PKIX_RETURN(PROCESSINGPARAMS); |
| michael@0 | 1324 | } |
| michael@0 | 1325 | |
| michael@0 | 1326 | /* |
| michael@0 | 1327 | * FUNCTION: PKIX_ProcessingParams_IsPolicyMappingInhibited |
| michael@0 | 1328 | * (see comments in pkix_params.h) |
| michael@0 | 1329 | */ |
| michael@0 | 1330 | PKIX_Error * |
| michael@0 | 1331 | PKIX_ProcessingParams_IsPolicyMappingInhibited( |
| michael@0 | 1332 | PKIX_ProcessingParams *params, |
| michael@0 | 1333 | PKIX_Boolean *pInhibited, |
| michael@0 | 1334 | void *plContext) |
| michael@0 | 1335 | { |
| michael@0 | 1336 | PKIX_ENTER(PROCESSINGPARAMS, |
| michael@0 | 1337 | "PKIX_ProcessingParams_IsPolicyMappingInhibited"); |
| michael@0 | 1338 | |
| michael@0 | 1339 | PKIX_NULLCHECK_TWO(params, pInhibited); |
| michael@0 | 1340 | |
| michael@0 | 1341 | *pInhibited = params->initialPolicyMappingInhibit; |
| michael@0 | 1342 | |
| michael@0 | 1343 | PKIX_RETURN(PROCESSINGPARAMS); |
| michael@0 | 1344 | } |
| michael@0 | 1345 | |
| michael@0 | 1346 | /* |
| michael@0 | 1347 | * FUNCTION: PKIX_ProcessingParams_SetPolicyMappingInhibited |
| michael@0 | 1348 | * (see comments in pkix_params.h) |
| michael@0 | 1349 | */ |
| michael@0 | 1350 | PKIX_Error * |
| michael@0 | 1351 | PKIX_ProcessingParams_SetPolicyMappingInhibited( |
| michael@0 | 1352 | PKIX_ProcessingParams *params, |
| michael@0 | 1353 | PKIX_Boolean inhibited, |
| michael@0 | 1354 | void *plContext) |
| michael@0 | 1355 | { |
| michael@0 | 1356 | PKIX_ENTER(PROCESSINGPARAMS, |
| michael@0 | 1357 | "PKIX_ProcessingParams_SetPolicyMappingInhibited"); |
| michael@0 | 1358 | |
| michael@0 | 1359 | PKIX_NULLCHECK_ONE(params); |
| michael@0 | 1360 | |
| michael@0 | 1361 | params->initialPolicyMappingInhibit = inhibited; |
| michael@0 | 1362 | |
| michael@0 | 1363 | PKIX_CHECK(PKIX_PL_Object_InvalidateCache |
| michael@0 | 1364 | ((PKIX_PL_Object *)params, plContext), |
| michael@0 | 1365 | PKIX_OBJECTINVALIDATECACHEFAILED); |
| michael@0 | 1366 | |
| michael@0 | 1367 | cleanup: |
| michael@0 | 1368 | |
| michael@0 | 1369 | PKIX_RETURN(PROCESSINGPARAMS); |
| michael@0 | 1370 | } |
| michael@0 | 1371 | |
| michael@0 | 1372 | /* |
| michael@0 | 1373 | * FUNCTION: PKIX_ProcessingParams_SetHintCerts |
| michael@0 | 1374 | * (see comments in pkix_params.h) |
| michael@0 | 1375 | */ |
| michael@0 | 1376 | PKIX_Error * |
| michael@0 | 1377 | PKIX_ProcessingParams_SetHintCerts( |
| michael@0 | 1378 | PKIX_ProcessingParams *params, |
| michael@0 | 1379 | PKIX_List *hintCerts, |
| michael@0 | 1380 | void *plContext) |
| michael@0 | 1381 | { |
| michael@0 | 1382 | PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_SetHintCerts"); |
| michael@0 | 1383 | |
| michael@0 | 1384 | PKIX_NULLCHECK_ONE(params); |
| michael@0 | 1385 | |
| michael@0 | 1386 | PKIX_DECREF(params->hintCerts); |
| michael@0 | 1387 | PKIX_INCREF(hintCerts); |
| michael@0 | 1388 | params->hintCerts = hintCerts; |
| michael@0 | 1389 | |
| michael@0 | 1390 | cleanup: |
| michael@0 | 1391 | if (PKIX_ERROR_RECEIVED && params) { |
| michael@0 | 1392 | PKIX_DECREF(params->hintCerts); |
| michael@0 | 1393 | } |
| michael@0 | 1394 | |
| michael@0 | 1395 | PKIX_RETURN(PROCESSINGPARAMS); |
| michael@0 | 1396 | } |
| michael@0 | 1397 | |
| michael@0 | 1398 | /* |
| michael@0 | 1399 | * FUNCTION: PKIX_ProcessingParams_GetHintCerts |
| michael@0 | 1400 | * (see comments in pkix_params.h) |
| michael@0 | 1401 | */ |
| michael@0 | 1402 | PKIX_Error * |
| michael@0 | 1403 | PKIX_ProcessingParams_GetHintCerts( |
| michael@0 | 1404 | PKIX_ProcessingParams *params, |
| michael@0 | 1405 | PKIX_List **pHintCerts, |
| michael@0 | 1406 | void *plContext) |
| michael@0 | 1407 | { |
| michael@0 | 1408 | PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_GetHintCerts"); |
| michael@0 | 1409 | |
| michael@0 | 1410 | PKIX_NULLCHECK_TWO(params, pHintCerts); |
| michael@0 | 1411 | |
| michael@0 | 1412 | PKIX_INCREF(params->hintCerts); |
| michael@0 | 1413 | *pHintCerts = params->hintCerts; |
| michael@0 | 1414 | |
| michael@0 | 1415 | cleanup: |
| michael@0 | 1416 | PKIX_RETURN(PROCESSINGPARAMS); |
| michael@0 | 1417 | } |
