1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/security/nss/lib/libpkix/pkix/params/pkix_procparams.c Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,1417 @@
1.4 +/* This Source Code Form is subject to the terms of the Mozilla Public
1.5 + * License, v. 2.0. If a copy of the MPL was not distributed with this
1.6 + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
1.7 +/*
1.8 + * pkix_procparams.c
1.9 + *
1.10 + * ProcessingParams Object Functions
1.11 + *
1.12 + */
1.13 +
1.14 +#include "pkix_procparams.h"
1.15 +
1.16 +/* --Private-Functions-------------------------------------------- */
1.17 +
1.18 +/*
1.19 + * FUNCTION: pkix_ProcessingParams_Destroy
1.20 + * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
1.21 + */
1.22 +static PKIX_Error *
1.23 +pkix_ProcessingParams_Destroy(
1.24 + PKIX_PL_Object *object,
1.25 + void *plContext)
1.26 +{
1.27 + PKIX_ProcessingParams *params = NULL;
1.28 +
1.29 + PKIX_ENTER(PROCESSINGPARAMS, "pkix_ProcessingParams_Destroy");
1.30 + PKIX_NULLCHECK_ONE(object);
1.31 +
1.32 + /* Check that this object is a processing params object */
1.33 + PKIX_CHECK(pkix_CheckType
1.34 + (object, PKIX_PROCESSINGPARAMS_TYPE, plContext),
1.35 + PKIX_OBJECTNOTPROCESSINGPARAMS);
1.36 +
1.37 + params = (PKIX_ProcessingParams *)object;
1.38 +
1.39 + PKIX_DECREF(params->trustAnchors);
1.40 + PKIX_DECREF(params->hintCerts);
1.41 + PKIX_DECREF(params->constraints);
1.42 + PKIX_DECREF(params->date);
1.43 + PKIX_DECREF(params->initialPolicies);
1.44 + PKIX_DECREF(params->certChainCheckers);
1.45 + PKIX_DECREF(params->revChecker);
1.46 + PKIX_DECREF(params->certStores);
1.47 + PKIX_DECREF(params->resourceLimits);
1.48 +
1.49 +cleanup:
1.50 +
1.51 + PKIX_RETURN(PROCESSINGPARAMS);
1.52 +}
1.53 +
1.54 +/*
1.55 + * FUNCTION: pkix_ProcessingParams_Equals
1.56 + * (see comments for PKIX_PL_EqualsCallback in pkix_pl_system.h)
1.57 + */
1.58 +static PKIX_Error *
1.59 +pkix_ProcessingParams_Equals(
1.60 + PKIX_PL_Object *first,
1.61 + PKIX_PL_Object *second,
1.62 + PKIX_Boolean *pResult,
1.63 + void *plContext)
1.64 +{
1.65 + PKIX_UInt32 secondType;
1.66 + PKIX_Boolean cmpResult;
1.67 + PKIX_ProcessingParams *firstProcParams = NULL;
1.68 + PKIX_ProcessingParams *secondProcParams = NULL;
1.69 +
1.70 + PKIX_ENTER(PROCESSINGPARAMS, "pkix_ProcessingParams_Equals");
1.71 + PKIX_NULLCHECK_THREE(first, second, pResult);
1.72 +
1.73 + PKIX_CHECK(pkix_CheckType(first, PKIX_PROCESSINGPARAMS_TYPE, plContext),
1.74 + PKIX_FIRSTOBJECTNOTPROCESSINGPARAMS);
1.75 +
1.76 + PKIX_CHECK(PKIX_PL_Object_GetType(second, &secondType, plContext),
1.77 + PKIX_COULDNOTGETTYPEOFSECONDARGUMENT);
1.78 +
1.79 + *pResult = PKIX_FALSE;
1.80 +
1.81 + if (secondType != PKIX_PROCESSINGPARAMS_TYPE) goto cleanup;
1.82 +
1.83 + firstProcParams = (PKIX_ProcessingParams *)first;
1.84 + secondProcParams = (PKIX_ProcessingParams *)second;
1.85 +
1.86 + /* Do the simplest tests first */
1.87 + if ((firstProcParams->qualifiersRejected) !=
1.88 + (secondProcParams->qualifiersRejected)) {
1.89 + goto cleanup;
1.90 + }
1.91 +
1.92 + if (firstProcParams->isCrlRevocationCheckingEnabled !=
1.93 + secondProcParams->isCrlRevocationCheckingEnabled) {
1.94 + goto cleanup;
1.95 + }
1.96 + if (firstProcParams->isCrlRevocationCheckingEnabledWithNISTPolicy !=
1.97 + secondProcParams->isCrlRevocationCheckingEnabledWithNISTPolicy) {
1.98 + goto cleanup;
1.99 + }
1.100 +
1.101 + /* trustAnchors can never be NULL */
1.102 +
1.103 + PKIX_EQUALS
1.104 + (firstProcParams->trustAnchors,
1.105 + secondProcParams->trustAnchors,
1.106 + &cmpResult,
1.107 + plContext,
1.108 + PKIX_OBJECTEQUALSFAILED);
1.109 +
1.110 + if (!cmpResult) goto cleanup;
1.111 +
1.112 + PKIX_EQUALS
1.113 + (firstProcParams->hintCerts,
1.114 + secondProcParams->hintCerts,
1.115 + &cmpResult,
1.116 + plContext,
1.117 + PKIX_OBJECTEQUALSFAILED);
1.118 +
1.119 + if (!cmpResult) goto cleanup;
1.120 +
1.121 + PKIX_EQUALS
1.122 + (firstProcParams->date,
1.123 + secondProcParams->date,
1.124 + &cmpResult,
1.125 + plContext,
1.126 + PKIX_OBJECTEQUALSFAILED);
1.127 +
1.128 + if (!cmpResult) goto cleanup;
1.129 +
1.130 + PKIX_EQUALS
1.131 + (firstProcParams->constraints,
1.132 + secondProcParams->constraints,
1.133 + &cmpResult,
1.134 + plContext,
1.135 + PKIX_OBJECTEQUALSFAILED);
1.136 +
1.137 + if (!cmpResult) goto cleanup;
1.138 +
1.139 + PKIX_EQUALS
1.140 + (firstProcParams->initialPolicies,
1.141 + secondProcParams->initialPolicies,
1.142 + &cmpResult,
1.143 + plContext,
1.144 + PKIX_OBJECTEQUALSFAILED);
1.145 +
1.146 + if (!cmpResult) goto cleanup;
1.147 +
1.148 + /* There is no Equals function for CertChainCheckers */
1.149 +
1.150 + PKIX_EQUALS
1.151 + ((PKIX_PL_Object *)firstProcParams->certStores,
1.152 + (PKIX_PL_Object *)secondProcParams->certStores,
1.153 + &cmpResult,
1.154 + plContext,
1.155 + PKIX_OBJECTEQUALSFAILED);
1.156 +
1.157 + if (!cmpResult) goto cleanup;
1.158 +
1.159 + PKIX_EQUALS
1.160 + (firstProcParams->resourceLimits,
1.161 + secondProcParams->resourceLimits,
1.162 + &cmpResult,
1.163 + plContext,
1.164 + PKIX_OBJECTEQUALSFAILED);
1.165 +
1.166 + if (cmpResult == PKIX_FALSE) {
1.167 + *pResult = PKIX_FALSE;
1.168 + goto cleanup;
1.169 + }
1.170 +
1.171 + *pResult = cmpResult;
1.172 +
1.173 +cleanup:
1.174 +
1.175 + PKIX_RETURN(PROCESSINGPARAMS);
1.176 +}
1.177 +
1.178 +/*
1.179 + * FUNCTION: pkix_ProcessingParams_Hashcode
1.180 + * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
1.181 + */
1.182 +static PKIX_Error *
1.183 +pkix_ProcessingParams_Hashcode(
1.184 + PKIX_PL_Object *object,
1.185 + PKIX_UInt32 *pHashcode,
1.186 + void *plContext)
1.187 +{
1.188 + PKIX_ProcessingParams *procParams = NULL;
1.189 + PKIX_UInt32 hash = 0;
1.190 + PKIX_UInt32 anchorsHash = 0;
1.191 + PKIX_UInt32 hintCertsHash = 0;
1.192 + PKIX_UInt32 dateHash = 0;
1.193 + PKIX_UInt32 constraintsHash = 0;
1.194 + PKIX_UInt32 initialHash = 0;
1.195 + PKIX_UInt32 rejectedHash = 0;
1.196 + PKIX_UInt32 certChainCheckersHash = 0;
1.197 + PKIX_UInt32 revCheckerHash = 0;
1.198 + PKIX_UInt32 certStoresHash = 0;
1.199 + PKIX_UInt32 resourceLimitsHash = 0;
1.200 +
1.201 + PKIX_ENTER(PROCESSINGPARAMS, "pkix_ProcessingParams_Hashcode");
1.202 + PKIX_NULLCHECK_TWO(object, pHashcode);
1.203 +
1.204 + PKIX_CHECK(pkix_CheckType
1.205 + (object, PKIX_PROCESSINGPARAMS_TYPE, plContext),
1.206 + PKIX_OBJECTNOTPROCESSINGPARAMS);
1.207 +
1.208 + procParams = (PKIX_ProcessingParams*)object;
1.209 +
1.210 + PKIX_HASHCODE(procParams->trustAnchors, &anchorsHash, plContext,
1.211 + PKIX_OBJECTHASHCODEFAILED);
1.212 +
1.213 + PKIX_HASHCODE(procParams->hintCerts, &hintCertsHash, plContext,
1.214 + PKIX_OBJECTHASHCODEFAILED);
1.215 +
1.216 + PKIX_HASHCODE(procParams->date, &dateHash, plContext,
1.217 + PKIX_OBJECTHASHCODEFAILED);
1.218 +
1.219 + PKIX_HASHCODE(procParams->constraints, &constraintsHash, plContext,
1.220 + PKIX_OBJECTHASHCODEFAILED);
1.221 +
1.222 + PKIX_HASHCODE(procParams->initialPolicies, &initialHash, plContext,
1.223 + PKIX_OBJECTHASHCODEFAILED);
1.224 +
1.225 + rejectedHash = procParams->qualifiersRejected;
1.226 +
1.227 + /* There is no Hash function for CertChainCheckers */
1.228 +
1.229 + PKIX_HASHCODE(procParams->certStores, &certStoresHash, plContext,
1.230 + PKIX_OBJECTHASHCODEFAILED);
1.231 +
1.232 + PKIX_HASHCODE(procParams->resourceLimits,
1.233 + &resourceLimitsHash,
1.234 + plContext,
1.235 + PKIX_OBJECTHASHCODEFAILED);
1.236 +
1.237 + hash = (31 * ((31 * anchorsHash) + hintCertsHash + dateHash)) +
1.238 + constraintsHash + initialHash + rejectedHash;
1.239 +
1.240 + hash += ((((certStoresHash + resourceLimitsHash) << 7) +
1.241 + certChainCheckersHash + revCheckerHash +
1.242 + procParams->isCrlRevocationCheckingEnabled +
1.243 + procParams->isCrlRevocationCheckingEnabledWithNISTPolicy) << 7);
1.244 +
1.245 + *pHashcode = hash;
1.246 +
1.247 +cleanup:
1.248 +
1.249 + PKIX_RETURN(PROCESSINGPARAMS);
1.250 +}
1.251 +
1.252 +/*
1.253 + * FUNCTION: pkix_ProcessingParams_ToString
1.254 + * (see comments for PKIX_PL_ToStringCallback in pkix_pl_system.h)
1.255 + */
1.256 +static PKIX_Error *
1.257 +pkix_ProcessingParams_ToString(
1.258 + PKIX_PL_Object *object,
1.259 + PKIX_PL_String **pString,
1.260 + void *plContext)
1.261 +{
1.262 + PKIX_ProcessingParams *procParams = NULL;
1.263 + char *asciiFormat = NULL;
1.264 + PKIX_PL_String *formatString = NULL;
1.265 + PKIX_PL_String *procParamsString = NULL;
1.266 + PKIX_PL_String *anchorsString = NULL;
1.267 + PKIX_PL_String *dateString = NULL;
1.268 + PKIX_PL_String *constraintsString = NULL;
1.269 + PKIX_PL_String *InitialPoliciesString = NULL;
1.270 + PKIX_PL_String *qualsRejectedString = NULL;
1.271 + PKIX_List *certStores = NULL;
1.272 + PKIX_PL_String *certStoresString = NULL;
1.273 + PKIX_PL_String *resourceLimitsString = NULL;
1.274 +
1.275 + PKIX_ENTER(PROCESSINGPARAMS, "pkix_ProcessingParams_ToString");
1.276 + PKIX_NULLCHECK_TWO(object, pString);
1.277 +
1.278 + PKIX_CHECK(pkix_CheckType
1.279 + (object, PKIX_PROCESSINGPARAMS_TYPE, plContext),
1.280 + PKIX_OBJECTNOTPROCESSINGPARAMS);
1.281 +
1.282 + asciiFormat =
1.283 + "[\n"
1.284 + "\tTrust Anchors: \n"
1.285 + "\t********BEGIN LIST OF TRUST ANCHORS********\n"
1.286 + "\t\t%s\n"
1.287 + "\t********END LIST OF TRUST ANCHORS********\n"
1.288 + "\tDate: \t\t%s\n"
1.289 + "\tTarget Constraints: %s\n"
1.290 + "\tInitial Policies: %s\n"
1.291 + "\tQualifiers Rejected: %s\n"
1.292 + "\tCert Stores: %s\n"
1.293 + "\tResource Limits: %s\n"
1.294 + "\tCRL Checking Enabled: %d\n"
1.295 + "]\n";
1.296 +
1.297 + PKIX_CHECK(PKIX_PL_String_Create
1.298 + (PKIX_ESCASCII,
1.299 + asciiFormat,
1.300 + 0,
1.301 + &formatString,
1.302 + plContext),
1.303 + PKIX_STRINGCREATEFAILED);
1.304 +
1.305 + procParams = (PKIX_ProcessingParams*)object;
1.306 +
1.307 + PKIX_TOSTRING(procParams->trustAnchors, &anchorsString, plContext,
1.308 + PKIX_OBJECTTOSTRINGFAILED);
1.309 +
1.310 + PKIX_TOSTRING(procParams->date, &dateString, plContext,
1.311 + PKIX_OBJECTTOSTRINGFAILED);
1.312 +
1.313 + PKIX_TOSTRING(procParams->constraints, &constraintsString, plContext,
1.314 + PKIX_OBJECTTOSTRINGFAILED);
1.315 +
1.316 + PKIX_TOSTRING
1.317 + (procParams->initialPolicies, &InitialPoliciesString, plContext,
1.318 + PKIX_OBJECTTOSTRINGFAILED);
1.319 +
1.320 + PKIX_CHECK(PKIX_PL_String_Create
1.321 + (PKIX_ESCASCII,
1.322 + (procParams->qualifiersRejected)?"TRUE":"FALSE",
1.323 + 0,
1.324 + &qualsRejectedString,
1.325 + plContext),
1.326 + PKIX_STRINGCREATEFAILED);
1.327 +
1.328 + /* There is no ToString function for CertChainCheckers */
1.329 +
1.330 + PKIX_CHECK(PKIX_ProcessingParams_GetCertStores
1.331 + (procParams, &certStores, plContext),
1.332 + PKIX_PROCESSINGPARAMSGETCERTSTORESFAILED);
1.333 +
1.334 + PKIX_TOSTRING(certStores, &certStoresString, plContext,
1.335 + PKIX_LISTTOSTRINGFAILED);
1.336 +
1.337 + PKIX_TOSTRING(procParams->resourceLimits,
1.338 + &resourceLimitsString,
1.339 + plContext,
1.340 + PKIX_OBJECTTOSTRINGFAILED);
1.341 +
1.342 + PKIX_CHECK(PKIX_PL_Sprintf
1.343 + (&procParamsString,
1.344 + plContext,
1.345 + formatString,
1.346 + anchorsString,
1.347 + dateString,
1.348 + constraintsString,
1.349 + InitialPoliciesString,
1.350 + qualsRejectedString,
1.351 + certStoresString,
1.352 + resourceLimitsString,
1.353 + procParams->isCrlRevocationCheckingEnabled,
1.354 + procParams->isCrlRevocationCheckingEnabledWithNISTPolicy),
1.355 + PKIX_SPRINTFFAILED);
1.356 +
1.357 + *pString = procParamsString;
1.358 +
1.359 +cleanup:
1.360 +
1.361 + PKIX_DECREF(formatString);
1.362 + PKIX_DECREF(anchorsString);
1.363 + PKIX_DECREF(dateString);
1.364 + PKIX_DECREF(constraintsString);
1.365 + PKIX_DECREF(InitialPoliciesString);
1.366 + PKIX_DECREF(qualsRejectedString);
1.367 + PKIX_DECREF(certStores);
1.368 + PKIX_DECREF(certStoresString);
1.369 + PKIX_DECREF(resourceLimitsString);
1.370 +
1.371 + PKIX_RETURN(PROCESSINGPARAMS);
1.372 +}
1.373 +
1.374 +/*
1.375 + * FUNCTION: pkix_ProcessingParams_Duplicate
1.376 + * (see comments for PKIX_PL_DuplicateCallback in pkix_pl_system.h)
1.377 + */
1.378 +static PKIX_Error *
1.379 +pkix_ProcessingParams_Duplicate(
1.380 + PKIX_PL_Object *object,
1.381 + PKIX_PL_Object **pNewObject,
1.382 + void *plContext)
1.383 +{
1.384 + PKIX_ProcessingParams *params = NULL;
1.385 + PKIX_ProcessingParams *paramsDuplicate = NULL;
1.386 +
1.387 + PKIX_ENTER(PROCESSINGPARAMS, "pkix_ProcessingParams_Duplicate");
1.388 + PKIX_NULLCHECK_TWO(object, pNewObject);
1.389 +
1.390 + PKIX_CHECK(pkix_CheckType
1.391 + (object, PKIX_PROCESSINGPARAMS_TYPE, plContext),
1.392 + PKIX_OBJECTNOTPROCESSINGPARAMS);
1.393 +
1.394 + params = (PKIX_ProcessingParams *)object;
1.395 +
1.396 + PKIX_CHECK(PKIX_PL_Object_Alloc
1.397 + (PKIX_PROCESSINGPARAMS_TYPE,
1.398 + sizeof (PKIX_ProcessingParams),
1.399 + (PKIX_PL_Object **)¶msDuplicate,
1.400 + plContext),
1.401 + PKIX_PROCESSINGPARAMSCREATEFAILED);
1.402 +
1.403 + /* initialize fields */
1.404 + PKIX_DUPLICATE
1.405 + (params->trustAnchors,
1.406 + &(paramsDuplicate->trustAnchors),
1.407 + plContext,
1.408 + PKIX_OBJECTDUPLICATEFAILED);
1.409 +
1.410 + PKIX_DUPLICATE
1.411 + (params->hintCerts, &(paramsDuplicate->hintCerts), plContext,
1.412 + PKIX_OBJECTDUPLICATEFAILED);
1.413 +
1.414 + PKIX_DUPLICATE
1.415 + (params->constraints,
1.416 + &(paramsDuplicate->constraints),
1.417 + plContext,
1.418 + PKIX_OBJECTDUPLICATEFAILED);
1.419 +
1.420 + PKIX_DUPLICATE
1.421 + (params->date, &(paramsDuplicate->date), plContext,
1.422 + PKIX_OBJECTDUPLICATEFAILED);
1.423 +
1.424 + PKIX_DUPLICATE
1.425 + (params->initialPolicies,
1.426 + &(paramsDuplicate->initialPolicies),
1.427 + plContext,
1.428 + PKIX_OBJECTDUPLICATEFAILED);
1.429 +
1.430 + paramsDuplicate->initialPolicyMappingInhibit =
1.431 + params->initialPolicyMappingInhibit;
1.432 + paramsDuplicate->initialAnyPolicyInhibit =
1.433 + params->initialAnyPolicyInhibit;
1.434 + paramsDuplicate->initialExplicitPolicy = params->initialExplicitPolicy;
1.435 + paramsDuplicate->qualifiersRejected = params->qualifiersRejected;
1.436 +
1.437 + PKIX_DUPLICATE
1.438 + (params->certChainCheckers,
1.439 + &(paramsDuplicate->certChainCheckers),
1.440 + plContext,
1.441 + PKIX_OBJECTDUPLICATEFAILED);
1.442 +
1.443 + PKIX_DUPLICATE
1.444 + (params->revChecker,
1.445 + &(paramsDuplicate->revChecker),
1.446 + plContext,
1.447 + PKIX_OBJECTDUPLICATEFAILED);
1.448 +
1.449 + PKIX_DUPLICATE
1.450 + (params->certStores, &(paramsDuplicate->certStores), plContext,
1.451 + PKIX_OBJECTDUPLICATEFAILED);
1.452 +
1.453 + PKIX_DUPLICATE
1.454 + (params->resourceLimits,
1.455 + &(paramsDuplicate->resourceLimits),
1.456 + plContext,
1.457 + PKIX_OBJECTDUPLICATEFAILED);
1.458 +
1.459 + paramsDuplicate->isCrlRevocationCheckingEnabled =
1.460 + params->isCrlRevocationCheckingEnabled;
1.461 +
1.462 + paramsDuplicate->isCrlRevocationCheckingEnabledWithNISTPolicy =
1.463 + params->isCrlRevocationCheckingEnabledWithNISTPolicy;
1.464 +
1.465 + *pNewObject = (PKIX_PL_Object *)paramsDuplicate;
1.466 +
1.467 +cleanup:
1.468 +
1.469 + if (PKIX_ERROR_RECEIVED){
1.470 + PKIX_DECREF(paramsDuplicate);
1.471 + }
1.472 +
1.473 + PKIX_RETURN(PROCESSINGPARAMS);
1.474 +
1.475 +}
1.476 +
1.477 +/*
1.478 + * FUNCTION: pkix_ProcessingParams_RegisterSelf
1.479 + * DESCRIPTION:
1.480 + * Registers PKIX_PROCESSINGPARAMS_TYPE and its related functions with
1.481 + * systemClasses[]
1.482 + * THREAD SAFETY:
1.483 + * Not Thread Safe - for performance and complexity reasons
1.484 + *
1.485 + * Since this function is only called by PKIX_PL_Initialize, which should
1.486 + * only be called once, it is acceptable that this function is not
1.487 + * thread-safe.
1.488 + */
1.489 +PKIX_Error *
1.490 +pkix_ProcessingParams_RegisterSelf(void *plContext)
1.491 +{
1.492 + extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
1.493 + pkix_ClassTable_Entry entry;
1.494 +
1.495 + PKIX_ENTER(PROCESSINGPARAMS, "pkix_ProcessingParams_RegisterSelf");
1.496 +
1.497 + entry.description = "ProcessingParams";
1.498 + entry.objCounter = 0;
1.499 + entry.typeObjectSize = sizeof(PKIX_ProcessingParams);
1.500 + entry.destructor = pkix_ProcessingParams_Destroy;
1.501 + entry.equalsFunction = pkix_ProcessingParams_Equals;
1.502 + entry.hashcodeFunction = pkix_ProcessingParams_Hashcode;
1.503 + entry.toStringFunction = pkix_ProcessingParams_ToString;
1.504 + entry.comparator = NULL;
1.505 + entry.duplicateFunction = pkix_ProcessingParams_Duplicate;
1.506 +
1.507 + systemClasses[PKIX_PROCESSINGPARAMS_TYPE] = entry;
1.508 +
1.509 + PKIX_RETURN(PROCESSINGPARAMS);
1.510 +}
1.511 +
1.512 +/* --Public-Functions--------------------------------------------- */
1.513 +
1.514 +/*
1.515 + * FUNCTION: PKIX_ProcessingParams_Create (see comments in pkix_params.h)
1.516 + */
1.517 +PKIX_Error *
1.518 +PKIX_ProcessingParams_Create(
1.519 + PKIX_ProcessingParams **pParams,
1.520 + void *plContext)
1.521 +{
1.522 + PKIX_ProcessingParams *params = NULL;
1.523 +
1.524 + PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_Create");
1.525 + PKIX_NULLCHECK_ONE(pParams);
1.526 +
1.527 + PKIX_CHECK(PKIX_PL_Object_Alloc
1.528 + (PKIX_PROCESSINGPARAMS_TYPE,
1.529 + sizeof (PKIX_ProcessingParams),
1.530 + (PKIX_PL_Object **)¶ms,
1.531 + plContext),
1.532 + PKIX_COULDNOTCREATEPROCESSINGPARAMSOBJECT);
1.533 +
1.534 + /* initialize fields */
1.535 + PKIX_CHECK(PKIX_List_Create(¶ms->trustAnchors, plContext),
1.536 + PKIX_LISTCREATEFAILED);
1.537 + PKIX_CHECK(PKIX_List_SetImmutable(params->trustAnchors, plContext),
1.538 + PKIX_LISTSETIMMUTABLEFAILED);
1.539 +
1.540 + PKIX_CHECK(PKIX_PL_Date_Create_UTCTime
1.541 + (NULL, ¶ms->date, plContext),
1.542 + PKIX_DATECREATEUTCTIMEFAILED);
1.543 +
1.544 + params->hintCerts = NULL;
1.545 + params->constraints = NULL;
1.546 + params->initialPolicies = NULL;
1.547 + params->initialPolicyMappingInhibit = PKIX_FALSE;
1.548 + params->initialAnyPolicyInhibit = PKIX_FALSE;
1.549 + params->initialExplicitPolicy = PKIX_FALSE;
1.550 + params->qualifiersRejected = PKIX_FALSE;
1.551 + params->certChainCheckers = NULL;
1.552 + params->revChecker = NULL;
1.553 + params->certStores = NULL;
1.554 + params->resourceLimits = NULL;
1.555 +
1.556 + params->isCrlRevocationCheckingEnabled = PKIX_TRUE;
1.557 +
1.558 + params->isCrlRevocationCheckingEnabledWithNISTPolicy = PKIX_TRUE;
1.559 +
1.560 + params->useAIAForCertFetching = PKIX_FALSE;
1.561 + params->qualifyTargetCert = PKIX_TRUE;
1.562 + params->useOnlyTrustAnchors = PKIX_TRUE;
1.563 +
1.564 + *pParams = params;
1.565 + params = NULL;
1.566 +
1.567 +cleanup:
1.568 +
1.569 + PKIX_DECREF(params);
1.570 +
1.571 + PKIX_RETURN(PROCESSINGPARAMS);
1.572 +
1.573 +}
1.574 +
1.575 +/*
1.576 + * FUNCTION: PKIX_ProcessingParams_GetUseAIAForCertFetching
1.577 + * (see comments in pkix_params.h)
1.578 + */
1.579 +PKIX_Error *
1.580 +PKIX_ProcessingParams_GetUseAIAForCertFetching(
1.581 + PKIX_ProcessingParams *params,
1.582 + PKIX_Boolean *pUseAIA, /* list of TrustAnchor */
1.583 + void *plContext)
1.584 +{
1.585 + PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_GetUseAIAForCertFetching");
1.586 + PKIX_NULLCHECK_TWO(params, pUseAIA);
1.587 +
1.588 + *pUseAIA = params->useAIAForCertFetching;
1.589 +
1.590 + PKIX_RETURN(PROCESSINGPARAMS);
1.591 +}
1.592 +
1.593 +/*
1.594 + * FUNCTION: PKIX_ProcessingParams_SetUseAIAForCertFetching
1.595 + * (see comments in pkix_params.h)
1.596 + */
1.597 +PKIX_Error *
1.598 +PKIX_ProcessingParams_SetUseAIAForCertFetching(
1.599 + PKIX_ProcessingParams *params,
1.600 + PKIX_Boolean useAIA,
1.601 + void *plContext)
1.602 +{
1.603 + PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_SetUseAIAForCertFetching");
1.604 + PKIX_NULLCHECK_ONE(params);
1.605 +
1.606 + params->useAIAForCertFetching = useAIA;
1.607 +
1.608 + PKIX_RETURN(PROCESSINGPARAMS);
1.609 +}
1.610 +
1.611 +/*
1.612 + * FUNCTION: PKIX_ProcessingParams_GetQualifyTargetCert
1.613 + * (see comments in pkix_params.h)
1.614 + */
1.615 +PKIX_Error *
1.616 +PKIX_ProcessingParams_GetValidateTargetCert(
1.617 + PKIX_ProcessingParams *params,
1.618 + PKIX_Boolean *pQualifyTargetCert,
1.619 + void *plContext)
1.620 +{
1.621 + PKIX_ENTER(PROCESSINGPARAMS,
1.622 + "PKIX_ProcessingParams_GetValidateTargetCert");
1.623 + PKIX_NULLCHECK_TWO(params, pQualifyTargetCert);
1.624 +
1.625 + *pQualifyTargetCert = params->qualifyTargetCert;
1.626 +
1.627 + PKIX_RETURN(PROCESSINGPARAMS);
1.628 +}
1.629 +
1.630 +/*
1.631 + * FUNCTION: PKIX_ProcessingParams_SetQualifyTargetCert
1.632 + * (see comments in pkix_params.h)
1.633 + */
1.634 +PKIX_Error *
1.635 +PKIX_ProcessingParams_SetQualifyTargetCert(
1.636 + PKIX_ProcessingParams *params,
1.637 + PKIX_Boolean qualifyTargetCert,
1.638 + void *plContext)
1.639 +{
1.640 + PKIX_ENTER(PROCESSINGPARAMS,
1.641 + "PKIX_ProcessingParams_SetQualifyTargetCert");
1.642 + PKIX_NULLCHECK_ONE(params);
1.643 +
1.644 + params->qualifyTargetCert = qualifyTargetCert;
1.645 +
1.646 + PKIX_RETURN(PROCESSINGPARAMS);
1.647 +}
1.648 +
1.649 +/*
1.650 + * FUNCTION: PKIX_ProcessingParams_SetTrustAnchors
1.651 + * (see comments in pkix_params.h)
1.652 + */
1.653 +PKIX_Error *
1.654 +PKIX_ProcessingParams_SetTrustAnchors(
1.655 + PKIX_ProcessingParams *params,
1.656 + PKIX_List *anchors, /* list of TrustAnchor */
1.657 + void *plContext)
1.658 +{
1.659 + PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_SetTrustAnchors");
1.660 + PKIX_NULLCHECK_TWO(params, anchors);
1.661 +
1.662 + PKIX_DECREF(params->trustAnchors);
1.663 +
1.664 + PKIX_INCREF(anchors);
1.665 + params->trustAnchors = anchors;
1.666 + PKIX_CHECK(PKIX_List_SetImmutable(params->trustAnchors, plContext),
1.667 + PKIX_LISTSETIMMUTABLEFAILED);
1.668 +
1.669 +cleanup:
1.670 + PKIX_RETURN(PROCESSINGPARAMS);
1.671 +}
1.672 +
1.673 +/*
1.674 + * FUNCTION: PKIX_ProcessingParams_GetTrustAnchors
1.675 + * (see comments in pkix_params.h)
1.676 + */
1.677 +PKIX_Error *
1.678 +PKIX_ProcessingParams_GetTrustAnchors(
1.679 + PKIX_ProcessingParams *params,
1.680 + PKIX_List **pAnchors, /* list of TrustAnchor */
1.681 + void *plContext)
1.682 +{
1.683 + PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_GetTrustAnchors");
1.684 + PKIX_NULLCHECK_TWO(params, pAnchors);
1.685 +
1.686 + PKIX_INCREF(params->trustAnchors);
1.687 +
1.688 + *pAnchors = params->trustAnchors;
1.689 +
1.690 +cleanup:
1.691 + PKIX_RETURN(PROCESSINGPARAMS);
1.692 +}
1.693 +
1.694 +/**
1.695 + * FUNCTION: PKIX_ProcessingParams_SetUseOnlyTrustAnchors
1.696 + * (see comments in pkix_params.h)
1.697 + */
1.698 +PKIX_Error *
1.699 +PKIX_ProcessingParams_GetUseOnlyTrustAnchors(
1.700 + PKIX_ProcessingParams *params,
1.701 + PKIX_Boolean *pUseOnlyTrustAnchors,
1.702 + void *plContext)
1.703 +{
1.704 + PKIX_ENTER(PROCESSINGPARAMS,
1.705 + "PKIX_ProcessingParams_SetUseTrustAnchorsOnly");
1.706 + PKIX_NULLCHECK_TWO(params, pUseOnlyTrustAnchors);
1.707 +
1.708 + *pUseOnlyTrustAnchors = params->useOnlyTrustAnchors;
1.709 +
1.710 + PKIX_RETURN(PROCESSINGPARAMS);
1.711 +}
1.712 +
1.713 +/**
1.714 + * FUNCTION: PKIX_ProcessingParams_SetUseOnlyTrustAnchors
1.715 + * (see comments in pkix_params.h)
1.716 + */
1.717 +PKIX_Error *
1.718 +PKIX_ProcessingParams_SetUseOnlyTrustAnchors(
1.719 + PKIX_ProcessingParams *params,
1.720 + PKIX_Boolean useOnlyTrustAnchors,
1.721 + void *plContext)
1.722 +{
1.723 + PKIX_ENTER(PROCESSINGPARAMS,
1.724 + "PKIX_ProcessingParams_SetUseTrustAnchorsOnly");
1.725 + PKIX_NULLCHECK_ONE(params);
1.726 +
1.727 + params->useOnlyTrustAnchors = useOnlyTrustAnchors;
1.728 +
1.729 + PKIX_RETURN(PROCESSINGPARAMS);
1.730 +}
1.731 +
1.732 +/*
1.733 + * FUNCTION: PKIX_ProcessingParams_GetDate (see comments in pkix_params.h)
1.734 + */
1.735 +PKIX_Error *
1.736 +PKIX_ProcessingParams_GetDate(
1.737 + PKIX_ProcessingParams *params,
1.738 + PKIX_PL_Date **pDate,
1.739 + void *plContext)
1.740 +{
1.741 + PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_GetDate");
1.742 + PKIX_NULLCHECK_TWO(params, pDate);
1.743 +
1.744 + PKIX_INCREF(params->date);
1.745 + *pDate = params->date;
1.746 +
1.747 +cleanup:
1.748 + PKIX_RETURN(PROCESSINGPARAMS);
1.749 +}
1.750 +
1.751 +/*
1.752 + * FUNCTION: PKIX_ProcessingParams_SetDate (see comments in pkix_params.h)
1.753 + */
1.754 +PKIX_Error *
1.755 +PKIX_ProcessingParams_SetDate(
1.756 + PKIX_ProcessingParams *params,
1.757 + PKIX_PL_Date *date,
1.758 + void *plContext)
1.759 +{
1.760 + PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_SetDate");
1.761 + PKIX_NULLCHECK_ONE(params);
1.762 +
1.763 + PKIX_DECREF(params->date);
1.764 +
1.765 + PKIX_INCREF(date);
1.766 + params->date = date;
1.767 +
1.768 + PKIX_CHECK(PKIX_PL_Object_InvalidateCache
1.769 + ((PKIX_PL_Object *)params, plContext),
1.770 + PKIX_OBJECTINVALIDATECACHEFAILED);
1.771 +
1.772 +cleanup:
1.773 +
1.774 + if (PKIX_ERROR_RECEIVED && params) {
1.775 + PKIX_DECREF(params->date);
1.776 + }
1.777 +
1.778 + PKIX_RETURN(PROCESSINGPARAMS);
1.779 +}
1.780 +
1.781 +/*
1.782 + * FUNCTION: PKIX_ProcessingParams_GetTargetCertConstraints
1.783 + * (see comments in pkix_params.h)
1.784 + */
1.785 +PKIX_Error *
1.786 +PKIX_ProcessingParams_GetTargetCertConstraints(
1.787 + PKIX_ProcessingParams *params,
1.788 + PKIX_CertSelector **pConstraints,
1.789 + void *plContext)
1.790 +{
1.791 + PKIX_ENTER(PROCESSINGPARAMS,
1.792 + "PKIX_ProcessingParams_GetTargetCertConstraints");
1.793 +
1.794 + PKIX_NULLCHECK_TWO(params, pConstraints);
1.795 +
1.796 + PKIX_INCREF(params->constraints);
1.797 + *pConstraints = params->constraints;
1.798 +
1.799 +cleanup:
1.800 + PKIX_RETURN(PROCESSINGPARAMS);
1.801 +}
1.802 +
1.803 +/*
1.804 + * FUNCTION: PKIX_ProcessingParams_SetTargetCertConstraints
1.805 + * (see comments in pkix_params.h)
1.806 + */
1.807 +PKIX_Error *
1.808 +PKIX_ProcessingParams_SetTargetCertConstraints(
1.809 + PKIX_ProcessingParams *params,
1.810 + PKIX_CertSelector *constraints,
1.811 + void *plContext)
1.812 +{
1.813 +
1.814 + PKIX_ENTER(PROCESSINGPARAMS,
1.815 + "PKIX_ProcessingParams_SetTargetCertConstraints");
1.816 +
1.817 + PKIX_NULLCHECK_ONE(params);
1.818 +
1.819 + PKIX_DECREF(params->constraints);
1.820 +
1.821 + PKIX_INCREF(constraints);
1.822 + params->constraints = constraints;
1.823 +
1.824 + PKIX_CHECK(PKIX_PL_Object_InvalidateCache
1.825 + ((PKIX_PL_Object *)params, plContext),
1.826 + PKIX_OBJECTINVALIDATECACHEFAILED);
1.827 +
1.828 +cleanup:
1.829 + if (PKIX_ERROR_RECEIVED && params) {
1.830 + PKIX_DECREF(params->constraints);
1.831 + }
1.832 +
1.833 + PKIX_RETURN(PROCESSINGPARAMS);
1.834 +}
1.835 +
1.836 +/*
1.837 + * FUNCTION: PKIX_ProcessingParams_GetInitialPolicies
1.838 + * (see comments in pkix_params.h)
1.839 + */
1.840 +PKIX_Error *
1.841 +PKIX_ProcessingParams_GetInitialPolicies(
1.842 + PKIX_ProcessingParams *params,
1.843 + PKIX_List **pInitPolicies, /* list of PKIX_PL_OID */
1.844 + void *plContext)
1.845 +{
1.846 +
1.847 + PKIX_ENTER(PROCESSINGPARAMS,
1.848 + "PKIX_ProcessingParams_GetInitialPolicies");
1.849 +
1.850 + PKIX_NULLCHECK_TWO(params, pInitPolicies);
1.851 +
1.852 + if (params->initialPolicies == NULL) {
1.853 + PKIX_CHECK(PKIX_List_Create
1.854 + (¶ms->initialPolicies, plContext),
1.855 + PKIX_UNABLETOCREATELIST);
1.856 + PKIX_CHECK(PKIX_List_SetImmutable
1.857 + (params->initialPolicies, plContext),
1.858 + PKIX_UNABLETOMAKELISTIMMUTABLE);
1.859 + PKIX_CHECK(PKIX_PL_Object_InvalidateCache
1.860 + ((PKIX_PL_Object *)params, plContext),
1.861 + PKIX_OBJECTINVALIDATECACHEFAILED);
1.862 + }
1.863 +
1.864 + PKIX_INCREF(params->initialPolicies);
1.865 + *pInitPolicies = params->initialPolicies;
1.866 +
1.867 +cleanup:
1.868 +
1.869 + PKIX_RETURN(PROCESSINGPARAMS);
1.870 +}
1.871 +
1.872 +/*
1.873 + * FUNCTION: PKIX_ProcessingParams_SetInitialPolicies
1.874 + * (see comments in pkix_params.h)
1.875 + */
1.876 +PKIX_Error *
1.877 +PKIX_ProcessingParams_SetInitialPolicies(
1.878 + PKIX_ProcessingParams *params,
1.879 + PKIX_List *initPolicies, /* list of PKIX_PL_OID */
1.880 + void *plContext)
1.881 +{
1.882 + PKIX_ENTER(PROCESSINGPARAMS,
1.883 + "PKIX_ProcessingParams_SetInitialPolicies");
1.884 + PKIX_NULLCHECK_ONE(params);
1.885 +
1.886 + PKIX_DECREF(params->initialPolicies);
1.887 +
1.888 + PKIX_INCREF(initPolicies);
1.889 + params->initialPolicies = initPolicies;
1.890 +
1.891 + PKIX_CHECK(PKIX_PL_Object_InvalidateCache
1.892 + ((PKIX_PL_Object *)params, plContext),
1.893 + PKIX_OBJECTINVALIDATECACHEFAILED);
1.894 +
1.895 +cleanup:
1.896 +
1.897 + if (PKIX_ERROR_RECEIVED && params) {
1.898 + PKIX_DECREF(params->initialPolicies);
1.899 + }
1.900 + PKIX_RETURN(PROCESSINGPARAMS);
1.901 +}
1.902 +
1.903 +/*
1.904 + * FUNCTION: PKIX_ProcessingParams_GetPolicyQualifiersRejected
1.905 + * (see comments in pkix_params.h)
1.906 + */
1.907 +PKIX_Error *
1.908 +PKIX_ProcessingParams_GetPolicyQualifiersRejected(
1.909 + PKIX_ProcessingParams *params,
1.910 + PKIX_Boolean *pRejected,
1.911 + void *plContext)
1.912 +{
1.913 + PKIX_ENTER(PROCESSINGPARAMS,
1.914 + "PKIX_ProcessingParams_GetPolicyQualifiersRejected");
1.915 +
1.916 + PKIX_NULLCHECK_TWO(params, pRejected);
1.917 +
1.918 + *pRejected = params->qualifiersRejected;
1.919 +
1.920 + PKIX_RETURN(PROCESSINGPARAMS);
1.921 +}
1.922 +
1.923 +/*
1.924 + * FUNCTION: PKIX_ProcessingParams_SetPolicyQualifiersRejected
1.925 + * (see comments in pkix_params.h)
1.926 + */
1.927 +PKIX_Error *
1.928 +PKIX_ProcessingParams_SetPolicyQualifiersRejected(
1.929 + PKIX_ProcessingParams *params,
1.930 + PKIX_Boolean rejected,
1.931 + void *plContext)
1.932 +{
1.933 + PKIX_ENTER(PROCESSINGPARAMS,
1.934 + "PKIX_ProcessingParams_SetPolicyQualifiersRejected");
1.935 +
1.936 + PKIX_NULLCHECK_ONE(params);
1.937 +
1.938 + params->qualifiersRejected = rejected;
1.939 +
1.940 + PKIX_CHECK(PKIX_PL_Object_InvalidateCache
1.941 + ((PKIX_PL_Object *)params, plContext),
1.942 + PKIX_OBJECTINVALIDATECACHEFAILED);
1.943 +
1.944 +cleanup:
1.945 +
1.946 + PKIX_RETURN(PROCESSINGPARAMS);
1.947 +}
1.948 +
1.949 +/*
1.950 + * FUNCTION: PKIX_ProcessingParams_GetCertChainCheckers
1.951 + * (see comments in pkix_params.h)
1.952 + */
1.953 +PKIX_Error *
1.954 +PKIX_ProcessingParams_GetCertChainCheckers(
1.955 + PKIX_ProcessingParams *params,
1.956 + PKIX_List **pCheckers, /* list of PKIX_CertChainChecker */
1.957 + void *plContext)
1.958 +{
1.959 + PKIX_ENTER(PROCESSINGPARAMS,
1.960 + "PKIX_ProcessingParams_GetCertChainCheckers");
1.961 + PKIX_NULLCHECK_TWO(params, pCheckers);
1.962 +
1.963 + PKIX_INCREF(params->certChainCheckers);
1.964 + *pCheckers = params->certChainCheckers;
1.965 +
1.966 +cleanup:
1.967 + PKIX_RETURN(PROCESSINGPARAMS);
1.968 +}
1.969 +
1.970 +/*
1.971 + * FUNCTION: PKIX_ProcessingParams_SetCertChainCheckers
1.972 + * (see comments in pkix_params.h)
1.973 + */
1.974 +PKIX_Error *
1.975 +PKIX_ProcessingParams_SetCertChainCheckers(
1.976 + PKIX_ProcessingParams *params,
1.977 + PKIX_List *checkers, /* list of PKIX_CertChainChecker */
1.978 + void *plContext)
1.979 +{
1.980 +
1.981 + PKIX_ENTER(PROCESSINGPARAMS,
1.982 + "PKIX_ProcessingParams_SetCertChainCheckers");
1.983 + PKIX_NULLCHECK_ONE(params);
1.984 +
1.985 + PKIX_DECREF(params->certChainCheckers);
1.986 +
1.987 + PKIX_INCREF(checkers);
1.988 + params->certChainCheckers = checkers;
1.989 +
1.990 + PKIX_CHECK(PKIX_PL_Object_InvalidateCache
1.991 + ((PKIX_PL_Object *)params, plContext),
1.992 + PKIX_OBJECTINVALIDATECACHEFAILED);
1.993 +
1.994 +cleanup:
1.995 +
1.996 + if (PKIX_ERROR_RECEIVED && params) {
1.997 + PKIX_DECREF(params->certChainCheckers);
1.998 + }
1.999 +
1.1000 + PKIX_RETURN(PROCESSINGPARAMS);
1.1001 +}
1.1002 +
1.1003 +/*
1.1004 + * FUNCTION: PKIX_ProcessingParams_AddCertChainCheckers
1.1005 + * (see comments in pkix_params.h)
1.1006 + */
1.1007 +PKIX_Error *
1.1008 +PKIX_ProcessingParams_AddCertChainChecker(
1.1009 + PKIX_ProcessingParams *params,
1.1010 + PKIX_CertChainChecker *checker,
1.1011 + void *plContext)
1.1012 +{
1.1013 + PKIX_List *list = NULL;
1.1014 +
1.1015 + PKIX_ENTER(PROCESSINGPARAMS,
1.1016 + "PKIX_ProcessingParams_AddCertChainChecker");
1.1017 + PKIX_NULLCHECK_TWO(params, checker);
1.1018 +
1.1019 + if (params->certChainCheckers == NULL) {
1.1020 +
1.1021 + PKIX_CHECK(PKIX_List_Create(&list, plContext),
1.1022 + PKIX_LISTCREATEFAILED);
1.1023 +
1.1024 + params->certChainCheckers = list;
1.1025 + }
1.1026 +
1.1027 + PKIX_CHECK(PKIX_List_AppendItem
1.1028 + (params->certChainCheckers, (PKIX_PL_Object *)checker, plContext),
1.1029 + PKIX_LISTAPPENDITEMFAILED);
1.1030 +
1.1031 + PKIX_CHECK(PKIX_PL_Object_InvalidateCache
1.1032 + ((PKIX_PL_Object *)params, plContext),
1.1033 + PKIX_OBJECTINVALIDATECACHEFAILED);
1.1034 +
1.1035 + list = NULL;
1.1036 +
1.1037 +cleanup:
1.1038 +
1.1039 + if (list && params) {
1.1040 + PKIX_DECREF(params->certChainCheckers);
1.1041 + }
1.1042 +
1.1043 + PKIX_RETURN(PROCESSINGPARAMS);
1.1044 +}
1.1045 +
1.1046 +/*
1.1047 + * FUNCTION: PKIX_ProcessingParams_GetRevocationChecker
1.1048 + * (see comments in pkix_params.h)
1.1049 + */
1.1050 +PKIX_Error *
1.1051 +PKIX_ProcessingParams_GetRevocationChecker(
1.1052 + PKIX_ProcessingParams *params,
1.1053 + PKIX_RevocationChecker **pChecker,
1.1054 + void *plContext)
1.1055 +{
1.1056 +
1.1057 + PKIX_ENTER
1.1058 + (PROCESSINGPARAMS, "PKIX_ProcessingParams_GetRevocationCheckers");
1.1059 + PKIX_NULLCHECK_TWO(params, pChecker);
1.1060 +
1.1061 + PKIX_INCREF(params->revChecker);
1.1062 + *pChecker = params->revChecker;
1.1063 +
1.1064 +cleanup:
1.1065 +
1.1066 + PKIX_RETURN(PROCESSINGPARAMS);
1.1067 +}
1.1068 +
1.1069 +/*
1.1070 + * FUNCTION: PKIX_ProcessingParams_SetRevocationChecker
1.1071 + * (see comments in pkix_params.h)
1.1072 + */
1.1073 +PKIX_Error *
1.1074 +PKIX_ProcessingParams_SetRevocationChecker(
1.1075 + PKIX_ProcessingParams *params,
1.1076 + PKIX_RevocationChecker *checker,
1.1077 + void *plContext)
1.1078 +{
1.1079 +
1.1080 + PKIX_ENTER(PROCESSINGPARAMS,
1.1081 + "PKIX_ProcessingParams_InitRevocationChecker");
1.1082 + PKIX_NULLCHECK_ONE(params);
1.1083 +
1.1084 + PKIX_DECREF(params->revChecker);
1.1085 + PKIX_INCREF(checker);
1.1086 + params->revChecker = checker;
1.1087 +
1.1088 + PKIX_CHECK(PKIX_PL_Object_InvalidateCache
1.1089 + ((PKIX_PL_Object *)params, plContext),
1.1090 + PKIX_OBJECTINVALIDATECACHEFAILED);
1.1091 +cleanup:
1.1092 +
1.1093 + PKIX_RETURN(PROCESSINGPARAMS);
1.1094 +}
1.1095 +
1.1096 +/*
1.1097 + * FUNCTION: PKIX_ProcessingParams_GetCertStores
1.1098 + * (see comments in pkix_params.h)
1.1099 + */
1.1100 +PKIX_Error *
1.1101 +PKIX_ProcessingParams_GetCertStores(
1.1102 + PKIX_ProcessingParams *params,
1.1103 + PKIX_List **pStores, /* list of PKIX_CertStore */
1.1104 + void *plContext)
1.1105 +{
1.1106 + PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_GetCertStores");
1.1107 +
1.1108 + PKIX_NULLCHECK_TWO(params, pStores);
1.1109 +
1.1110 + if (!params->certStores){
1.1111 + PKIX_CHECK(PKIX_List_Create(¶ms->certStores, plContext),
1.1112 + PKIX_UNABLETOCREATELIST);
1.1113 + }
1.1114 +
1.1115 + PKIX_INCREF(params->certStores);
1.1116 + *pStores = params->certStores;
1.1117 +
1.1118 +cleanup:
1.1119 +
1.1120 + PKIX_RETURN(PROCESSINGPARAMS);
1.1121 +}
1.1122 +
1.1123 +/*
1.1124 + * FUNCTION: PKIX_ProcessingParams_SetCertStores
1.1125 + * (see comments in pkix_params.h)
1.1126 + */
1.1127 +PKIX_Error *
1.1128 +PKIX_ProcessingParams_SetCertStores(
1.1129 + PKIX_ProcessingParams *params,
1.1130 + PKIX_List *stores, /* list of PKIX_CertStore */
1.1131 + void *plContext)
1.1132 +{
1.1133 + PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_SetCertStores");
1.1134 +
1.1135 + PKIX_NULLCHECK_ONE(params);
1.1136 +
1.1137 + PKIX_DECREF(params->certStores);
1.1138 +
1.1139 + PKIX_INCREF(stores);
1.1140 + params->certStores = stores;
1.1141 +
1.1142 + PKIX_CHECK(PKIX_PL_Object_InvalidateCache
1.1143 + ((PKIX_PL_Object *)params, plContext),
1.1144 + PKIX_OBJECTINVALIDATECACHEFAILED);
1.1145 +
1.1146 +cleanup:
1.1147 +
1.1148 + if (PKIX_ERROR_RECEIVED && params) {
1.1149 + PKIX_DECREF(params->certStores);
1.1150 + }
1.1151 +
1.1152 + PKIX_RETURN(PROCESSINGPARAMS);
1.1153 +}
1.1154 +
1.1155 +/*
1.1156 + * FUNCTION: PKIX_ProcessingParams_AddCertStore
1.1157 + * (see comments in pkix_params.h)
1.1158 + */
1.1159 +PKIX_Error *
1.1160 +PKIX_ProcessingParams_AddCertStore(
1.1161 + PKIX_ProcessingParams *params,
1.1162 + PKIX_CertStore *store,
1.1163 + void *plContext)
1.1164 +{
1.1165 + PKIX_List *certStores = NULL;
1.1166 +
1.1167 + PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_AddCertStore");
1.1168 + PKIX_NULLCHECK_TWO(params, store);
1.1169 +
1.1170 + PKIX_CHECK(PKIX_ProcessingParams_GetCertStores
1.1171 + (params, &certStores, plContext),
1.1172 + PKIX_PROCESSINGPARAMSGETCERTSTORESFAILED);
1.1173 +
1.1174 + PKIX_CHECK(PKIX_List_AppendItem
1.1175 + (certStores, (PKIX_PL_Object *)store, plContext),
1.1176 + PKIX_LISTAPPENDITEMFAILED);
1.1177 +
1.1178 + PKIX_CHECK(PKIX_PL_Object_InvalidateCache
1.1179 + ((PKIX_PL_Object *)params, plContext),
1.1180 + PKIX_OBJECTINVALIDATECACHEFAILED);
1.1181 +
1.1182 +cleanup:
1.1183 +
1.1184 + PKIX_DECREF(certStores);
1.1185 + PKIX_RETURN(PROCESSINGPARAMS);
1.1186 +}
1.1187 +
1.1188 +/*
1.1189 + * FUNCTION: PKIX_ProcessingParams_SetResourceLimits
1.1190 + * (see comments in pkix_params.h)
1.1191 + */
1.1192 +PKIX_Error *
1.1193 +PKIX_ProcessingParams_SetResourceLimits(
1.1194 + PKIX_ProcessingParams *params,
1.1195 + PKIX_ResourceLimits *resourceLimits,
1.1196 + void *plContext)
1.1197 +{
1.1198 + PKIX_ENTER(PROCESSINGPARAMS,
1.1199 + "PKIX_ProcessingParams_SetResourceLimits");
1.1200 +
1.1201 + PKIX_NULLCHECK_TWO(params, resourceLimits);
1.1202 +
1.1203 + PKIX_DECREF(params->resourceLimits);
1.1204 + PKIX_INCREF(resourceLimits);
1.1205 + params->resourceLimits = resourceLimits;
1.1206 +
1.1207 +cleanup:
1.1208 + if (PKIX_ERROR_RECEIVED && params) {
1.1209 + PKIX_DECREF(params->resourceLimits);
1.1210 + }
1.1211 +
1.1212 + PKIX_RETURN(PROCESSINGPARAMS);
1.1213 +}
1.1214 +
1.1215 +/*
1.1216 + * FUNCTION: PKIX_ProcessingParams_GetResourceLimits
1.1217 + * (see comments in pkix_params.h)
1.1218 + */
1.1219 +PKIX_Error *
1.1220 +PKIX_ProcessingParams_GetResourceLimits(
1.1221 + PKIX_ProcessingParams *params,
1.1222 + PKIX_ResourceLimits **pResourceLimits,
1.1223 + void *plContext)
1.1224 +{
1.1225 + PKIX_ENTER(PROCESSINGPARAMS,
1.1226 + "PKIX_ProcessingParams_GetResourceLimits");
1.1227 +
1.1228 + PKIX_NULLCHECK_TWO(params, pResourceLimits);
1.1229 +
1.1230 + PKIX_INCREF(params->resourceLimits);
1.1231 + *pResourceLimits = params->resourceLimits;
1.1232 +
1.1233 +cleanup:
1.1234 + PKIX_RETURN(PROCESSINGPARAMS);
1.1235 +}
1.1236 +
1.1237 +/*
1.1238 + * FUNCTION: PKIX_ProcessingParams_IsAnyPolicyInhibited
1.1239 + * (see comments in pkix_params.h)
1.1240 + */
1.1241 +PKIX_Error *
1.1242 +PKIX_ProcessingParams_IsAnyPolicyInhibited(
1.1243 + PKIX_ProcessingParams *params,
1.1244 + PKIX_Boolean *pInhibited,
1.1245 + void *plContext)
1.1246 +{
1.1247 + PKIX_ENTER(PROCESSINGPARAMS,
1.1248 + "PKIX_ProcessingParams_IsAnyPolicyInhibited");
1.1249 +
1.1250 + PKIX_NULLCHECK_TWO(params, pInhibited);
1.1251 +
1.1252 + *pInhibited = params->initialAnyPolicyInhibit;
1.1253 +
1.1254 + PKIX_RETURN(PROCESSINGPARAMS);
1.1255 +}
1.1256 +
1.1257 +/*
1.1258 + * FUNCTION: PKIX_ProcessingParams_SetAnyPolicyInhibited
1.1259 + * (see comments in pkix_params.h)
1.1260 + */
1.1261 +PKIX_Error *
1.1262 +PKIX_ProcessingParams_SetAnyPolicyInhibited(
1.1263 + PKIX_ProcessingParams *params,
1.1264 + PKIX_Boolean inhibited,
1.1265 + void *plContext)
1.1266 +{
1.1267 + PKIX_ENTER(PROCESSINGPARAMS,
1.1268 + "PKIX_ProcessingParams_SetAnyPolicyInhibited");
1.1269 +
1.1270 + PKIX_NULLCHECK_ONE(params);
1.1271 +
1.1272 + params->initialAnyPolicyInhibit = inhibited;
1.1273 +
1.1274 + PKIX_CHECK(PKIX_PL_Object_InvalidateCache
1.1275 + ((PKIX_PL_Object *)params, plContext),
1.1276 + PKIX_OBJECTINVALIDATECACHEFAILED);
1.1277 +
1.1278 +cleanup:
1.1279 +
1.1280 + PKIX_RETURN(PROCESSINGPARAMS);
1.1281 +}
1.1282 +
1.1283 +/*
1.1284 + * FUNCTION: PKIX_ProcessingParams_IsExplicitPolicyRequired
1.1285 + * (see comments in pkix_params.h)
1.1286 + */
1.1287 +PKIX_Error *
1.1288 +PKIX_ProcessingParams_IsExplicitPolicyRequired(
1.1289 + PKIX_ProcessingParams *params,
1.1290 + PKIX_Boolean *pRequired,
1.1291 + void *plContext)
1.1292 +{
1.1293 + PKIX_ENTER(PROCESSINGPARAMS,
1.1294 + "PKIX_ProcessingParams_IsExplicitPolicyRequired");
1.1295 +
1.1296 + PKIX_NULLCHECK_TWO(params, pRequired);
1.1297 +
1.1298 + *pRequired = params->initialExplicitPolicy;
1.1299 +
1.1300 + PKIX_RETURN(PROCESSINGPARAMS);
1.1301 +}
1.1302 +
1.1303 +/*
1.1304 + * FUNCTION: PKIX_ProcessingParams_SetExplicitPolicyRequired
1.1305 + * (see comments in pkix_params.h)
1.1306 + */
1.1307 +PKIX_Error *
1.1308 +PKIX_ProcessingParams_SetExplicitPolicyRequired(
1.1309 + PKIX_ProcessingParams *params,
1.1310 + PKIX_Boolean required,
1.1311 + void *plContext)
1.1312 +{
1.1313 + PKIX_ENTER(PROCESSINGPARAMS,
1.1314 + "PKIX_ProcessingParams_SetExplicitPolicyRequired");
1.1315 +
1.1316 + PKIX_NULLCHECK_ONE(params);
1.1317 +
1.1318 + params->initialExplicitPolicy = required;
1.1319 +
1.1320 + PKIX_CHECK(PKIX_PL_Object_InvalidateCache
1.1321 + ((PKIX_PL_Object *)params, plContext),
1.1322 + PKIX_OBJECTINVALIDATECACHEFAILED);
1.1323 +
1.1324 +cleanup:
1.1325 +
1.1326 + PKIX_RETURN(PROCESSINGPARAMS);
1.1327 +}
1.1328 +
1.1329 +/*
1.1330 + * FUNCTION: PKIX_ProcessingParams_IsPolicyMappingInhibited
1.1331 + * (see comments in pkix_params.h)
1.1332 + */
1.1333 +PKIX_Error *
1.1334 +PKIX_ProcessingParams_IsPolicyMappingInhibited(
1.1335 + PKIX_ProcessingParams *params,
1.1336 + PKIX_Boolean *pInhibited,
1.1337 + void *plContext)
1.1338 +{
1.1339 + PKIX_ENTER(PROCESSINGPARAMS,
1.1340 + "PKIX_ProcessingParams_IsPolicyMappingInhibited");
1.1341 +
1.1342 + PKIX_NULLCHECK_TWO(params, pInhibited);
1.1343 +
1.1344 + *pInhibited = params->initialPolicyMappingInhibit;
1.1345 +
1.1346 + PKIX_RETURN(PROCESSINGPARAMS);
1.1347 +}
1.1348 +
1.1349 +/*
1.1350 + * FUNCTION: PKIX_ProcessingParams_SetPolicyMappingInhibited
1.1351 + * (see comments in pkix_params.h)
1.1352 + */
1.1353 +PKIX_Error *
1.1354 +PKIX_ProcessingParams_SetPolicyMappingInhibited(
1.1355 + PKIX_ProcessingParams *params,
1.1356 + PKIX_Boolean inhibited,
1.1357 + void *plContext)
1.1358 +{
1.1359 + PKIX_ENTER(PROCESSINGPARAMS,
1.1360 + "PKIX_ProcessingParams_SetPolicyMappingInhibited");
1.1361 +
1.1362 + PKIX_NULLCHECK_ONE(params);
1.1363 +
1.1364 + params->initialPolicyMappingInhibit = inhibited;
1.1365 +
1.1366 + PKIX_CHECK(PKIX_PL_Object_InvalidateCache
1.1367 + ((PKIX_PL_Object *)params, plContext),
1.1368 + PKIX_OBJECTINVALIDATECACHEFAILED);
1.1369 +
1.1370 +cleanup:
1.1371 +
1.1372 + PKIX_RETURN(PROCESSINGPARAMS);
1.1373 +}
1.1374 +
1.1375 +/*
1.1376 + * FUNCTION: PKIX_ProcessingParams_SetHintCerts
1.1377 + * (see comments in pkix_params.h)
1.1378 + */
1.1379 +PKIX_Error *
1.1380 +PKIX_ProcessingParams_SetHintCerts(
1.1381 + PKIX_ProcessingParams *params,
1.1382 + PKIX_List *hintCerts,
1.1383 + void *plContext)
1.1384 +{
1.1385 + PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_SetHintCerts");
1.1386 +
1.1387 + PKIX_NULLCHECK_ONE(params);
1.1388 +
1.1389 + PKIX_DECREF(params->hintCerts);
1.1390 + PKIX_INCREF(hintCerts);
1.1391 + params->hintCerts = hintCerts;
1.1392 +
1.1393 +cleanup:
1.1394 + if (PKIX_ERROR_RECEIVED && params) {
1.1395 + PKIX_DECREF(params->hintCerts);
1.1396 + }
1.1397 +
1.1398 + PKIX_RETURN(PROCESSINGPARAMS);
1.1399 +}
1.1400 +
1.1401 +/*
1.1402 + * FUNCTION: PKIX_ProcessingParams_GetHintCerts
1.1403 + * (see comments in pkix_params.h)
1.1404 + */
1.1405 +PKIX_Error *
1.1406 +PKIX_ProcessingParams_GetHintCerts(
1.1407 + PKIX_ProcessingParams *params,
1.1408 + PKIX_List **pHintCerts,
1.1409 + void *plContext)
1.1410 +{
1.1411 + PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_GetHintCerts");
1.1412 +
1.1413 + PKIX_NULLCHECK_TWO(params, pHintCerts);
1.1414 +
1.1415 + PKIX_INCREF(params->hintCerts);
1.1416 + *pHintCerts = params->hintCerts;
1.1417 +
1.1418 +cleanup:
1.1419 + PKIX_RETURN(PROCESSINGPARAMS);
1.1420 +}
