michael@0: /* This Source Code Form is subject to the terms of the Mozilla Public michael@0: * License, v. 2.0. If a copy of the MPL was not distributed with this michael@0: * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ michael@0: /* michael@0: * pkix_certchainchecker.c michael@0: * michael@0: * CertChainChecker Object Functions michael@0: * michael@0: */ michael@0: michael@0: #include "pkix_certchainchecker.h" michael@0: michael@0: /* --Private-Functions-------------------------------------------- */ michael@0: michael@0: /* michael@0: * FUNCTION: pkix_CertChainChecker_Destroy michael@0: * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h) michael@0: */ michael@0: static PKIX_Error * michael@0: pkix_CertChainChecker_Destroy( michael@0: PKIX_PL_Object *object, michael@0: void *plContext) michael@0: { michael@0: PKIX_CertChainChecker *checker = NULL; michael@0: michael@0: PKIX_ENTER(CERTCHAINCHECKER, "pkix_CertChainChecker_Destroy"); michael@0: PKIX_NULLCHECK_ONE(object); michael@0: michael@0: /* Check that this object is a cert chain checker */ michael@0: PKIX_CHECK(pkix_CheckType michael@0: (object, PKIX_CERTCHAINCHECKER_TYPE, plContext), michael@0: PKIX_OBJECTNOTCERTCHAINCHECKER); michael@0: michael@0: checker = (PKIX_CertChainChecker *)object; michael@0: michael@0: PKIX_DECREF(checker->extensions); michael@0: PKIX_DECREF(checker->state); michael@0: michael@0: cleanup: michael@0: michael@0: PKIX_RETURN(CERTCHAINCHECKER); michael@0: } michael@0: michael@0: /* michael@0: * FUNCTION: pkix_CertChainChecker_Duplicate michael@0: * (see comments for PKIX_PL_DuplicateCallback in pkix_pl_system.h) michael@0: */ michael@0: static PKIX_Error * michael@0: pkix_CertChainChecker_Duplicate( michael@0: PKIX_PL_Object *object, michael@0: PKIX_PL_Object **pNewObject, michael@0: void *plContext) michael@0: { michael@0: PKIX_CertChainChecker *checker = NULL; michael@0: PKIX_CertChainChecker *checkerDuplicate = NULL; michael@0: PKIX_List *extensionsDuplicate = NULL; michael@0: PKIX_PL_Object *stateDuplicate = NULL; michael@0: michael@0: PKIX_ENTER(CERTCHAINCHECKER, "pkix_CertChainChecker_Duplicate"); michael@0: PKIX_NULLCHECK_TWO(object, pNewObject); michael@0: michael@0: PKIX_CHECK(pkix_CheckType michael@0: (object, PKIX_CERTCHAINCHECKER_TYPE, plContext), michael@0: PKIX_OBJECTNOTCERTCHAINCHECKER); michael@0: michael@0: checker = (PKIX_CertChainChecker *)object; michael@0: michael@0: if (checker->extensions){ michael@0: PKIX_CHECK(PKIX_PL_Object_Duplicate michael@0: ((PKIX_PL_Object *)checker->extensions, michael@0: (PKIX_PL_Object **)&extensionsDuplicate, michael@0: plContext), michael@0: PKIX_OBJECTDUPLICATEFAILED); michael@0: } michael@0: michael@0: if (checker->state){ michael@0: PKIX_CHECK(PKIX_PL_Object_Duplicate michael@0: ((PKIX_PL_Object *)checker->state, michael@0: (PKIX_PL_Object **)&stateDuplicate, michael@0: plContext), michael@0: PKIX_OBJECTDUPLICATEFAILED); michael@0: } michael@0: michael@0: PKIX_CHECK(PKIX_CertChainChecker_Create michael@0: (checker->checkCallback, michael@0: checker->forwardChecking, michael@0: checker->isForwardDirectionExpected, michael@0: extensionsDuplicate, michael@0: stateDuplicate, michael@0: &checkerDuplicate, michael@0: plContext), michael@0: PKIX_CERTCHAINCHECKERCREATEFAILED); michael@0: michael@0: *pNewObject = (PKIX_PL_Object *)checkerDuplicate; michael@0: michael@0: cleanup: michael@0: michael@0: PKIX_DECREF(extensionsDuplicate); michael@0: PKIX_DECREF(stateDuplicate); michael@0: michael@0: PKIX_RETURN(CERTCHAINCHECKER); michael@0: } michael@0: michael@0: /* michael@0: * FUNCTION: pkix_CertChainChecker_RegisterSelf michael@0: * DESCRIPTION: michael@0: * Registers PKIX_CERTCHAINCHECKER_TYPE and its related functions with michael@0: * systemClasses[] michael@0: * THREAD SAFETY: michael@0: * Not Thread Safe - for performance and complexity reasons michael@0: * michael@0: * Since this function is only called by PKIX_PL_Initialize, which should michael@0: * only be called once, it is acceptable that this function is not michael@0: * thread-safe. michael@0: */ michael@0: PKIX_Error * michael@0: pkix_CertChainChecker_RegisterSelf(void *plContext) michael@0: { michael@0: extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES]; michael@0: pkix_ClassTable_Entry entry; michael@0: michael@0: PKIX_ENTER(CERTCHAINCHECKER, "pkix_CertChainChecker_RegisterSelf"); michael@0: michael@0: entry.description = "CertChainChecker"; michael@0: entry.objCounter = 0; michael@0: entry.typeObjectSize = sizeof(PKIX_CertChainChecker); michael@0: entry.destructor = pkix_CertChainChecker_Destroy; michael@0: entry.equalsFunction = NULL; michael@0: entry.hashcodeFunction = NULL; michael@0: entry.toStringFunction = NULL; michael@0: entry.comparator = NULL; michael@0: entry.duplicateFunction = pkix_CertChainChecker_Duplicate; michael@0: michael@0: systemClasses[PKIX_CERTCHAINCHECKER_TYPE] = entry; michael@0: michael@0: PKIX_RETURN(CERTCHAINCHECKER); michael@0: } michael@0: michael@0: /* --Public-Functions--------------------------------------------- */ michael@0: michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_CertChainChecker_Create (see comments in pkix_checker.h) michael@0: */ michael@0: PKIX_Error * michael@0: PKIX_CertChainChecker_Create( michael@0: PKIX_CertChainChecker_CheckCallback callback, michael@0: PKIX_Boolean forwardCheckingSupported, michael@0: PKIX_Boolean isForwardDirectionExpected, michael@0: PKIX_List *list, /* list of PKIX_PL_OID */ michael@0: PKIX_PL_Object *initialState, michael@0: PKIX_CertChainChecker **pChecker, michael@0: void *plContext) michael@0: { michael@0: PKIX_CertChainChecker *checker = NULL; michael@0: michael@0: PKIX_ENTER(CERTCHAINCHECKER, "PKIX_CertChainChecker_Create"); michael@0: PKIX_NULLCHECK_ONE(pChecker); michael@0: michael@0: PKIX_CHECK(PKIX_PL_Object_Alloc michael@0: (PKIX_CERTCHAINCHECKER_TYPE, michael@0: sizeof (PKIX_CertChainChecker), michael@0: (PKIX_PL_Object **)&checker, michael@0: plContext), michael@0: PKIX_COULDNOTCREATECERTCHAINCHECKEROBJECT); michael@0: michael@0: /* initialize fields */ michael@0: checker->checkCallback = callback; michael@0: checker->forwardChecking = forwardCheckingSupported; michael@0: checker->isForwardDirectionExpected = isForwardDirectionExpected; michael@0: michael@0: PKIX_INCREF(list); michael@0: checker->extensions = list; michael@0: michael@0: PKIX_INCREF(initialState); michael@0: checker->state = initialState; michael@0: michael@0: *pChecker = checker; michael@0: checker = NULL; michael@0: cleanup: michael@0: michael@0: PKIX_DECREF(checker); michael@0: michael@0: PKIX_RETURN(CERTCHAINCHECKER); michael@0: michael@0: } michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_CertChainChecker_GetCheckCallback michael@0: * (see comments in pkix_checker.h) michael@0: */ michael@0: PKIX_Error * michael@0: PKIX_CertChainChecker_GetCheckCallback( michael@0: PKIX_CertChainChecker *checker, michael@0: PKIX_CertChainChecker_CheckCallback *pCallback, michael@0: void *plContext) michael@0: { michael@0: PKIX_ENTER(CERTCHAINCHECKER, "PKIX_CertChainChecker_GetCheckCallback"); michael@0: PKIX_NULLCHECK_TWO(checker, pCallback); michael@0: michael@0: *pCallback = checker->checkCallback; michael@0: michael@0: PKIX_RETURN(CERTCHAINCHECKER); michael@0: } michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_CertChainChecker_IsForwardCheckingSupported michael@0: * (see comments in pkix_checker.h) michael@0: */ michael@0: PKIX_Error * michael@0: PKIX_CertChainChecker_IsForwardCheckingSupported( michael@0: PKIX_CertChainChecker *checker, michael@0: PKIX_Boolean *pForwardCheckingSupported, michael@0: void *plContext) michael@0: { michael@0: PKIX_ENTER michael@0: (CERTCHAINCHECKER, michael@0: "PKIX_CertChainChecker_IsForwardCheckingSupported"); michael@0: PKIX_NULLCHECK_TWO(checker, pForwardCheckingSupported); michael@0: michael@0: *pForwardCheckingSupported = checker->forwardChecking; michael@0: michael@0: PKIX_RETURN(CERTCHAINCHECKER); michael@0: } michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_CertChainChecker_IsForwardDirectionExpected michael@0: * (see comments in pkix_checker.h) michael@0: */ michael@0: PKIX_Error * michael@0: PKIX_CertChainChecker_IsForwardDirectionExpected( michael@0: PKIX_CertChainChecker *checker, michael@0: PKIX_Boolean *pForwardDirectionExpected, michael@0: void *plContext) michael@0: { michael@0: PKIX_ENTER michael@0: (CERTCHAINCHECKER, michael@0: "PKIX_CertChainChecker_IsForwardDirectionExpected"); michael@0: PKIX_NULLCHECK_TWO(checker, pForwardDirectionExpected); michael@0: michael@0: *pForwardDirectionExpected = checker->isForwardDirectionExpected; michael@0: michael@0: PKIX_RETURN(CERTCHAINCHECKER); michael@0: } michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_CertChainChecker_GetCertChainCheckerState michael@0: * (see comments in pkix_checker.h) michael@0: */ michael@0: PKIX_Error * michael@0: PKIX_CertChainChecker_GetCertChainCheckerState( michael@0: PKIX_CertChainChecker *checker, michael@0: PKIX_PL_Object **pCertChainCheckerState, michael@0: void *plContext) michael@0: { michael@0: PKIX_ENTER(CERTCHAINCHECKER, michael@0: "PKIX_CertChainChecker_GetCertChainCheckerState"); michael@0: michael@0: PKIX_NULLCHECK_TWO(checker, pCertChainCheckerState); michael@0: michael@0: PKIX_INCREF(checker->state); michael@0: michael@0: *pCertChainCheckerState = checker->state; michael@0: michael@0: cleanup: michael@0: PKIX_RETURN(CERTCHAINCHECKER); michael@0: michael@0: } michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_CertChainChecker_SetCertChainCheckerState michael@0: * (see comments in pkix_checker.h) michael@0: */ michael@0: PKIX_Error * michael@0: PKIX_CertChainChecker_SetCertChainCheckerState( michael@0: PKIX_CertChainChecker *checker, michael@0: PKIX_PL_Object *certChainCheckerState, michael@0: void *plContext) michael@0: { michael@0: PKIX_ENTER(CERTCHAINCHECKER, michael@0: "PKIX_CertChainChecker_SetCertChainCheckerState"); michael@0: michael@0: PKIX_NULLCHECK_ONE(checker); michael@0: michael@0: /* DecRef old contents */ michael@0: PKIX_DECREF(checker->state); michael@0: michael@0: PKIX_INCREF(certChainCheckerState); michael@0: checker->state = certChainCheckerState; michael@0: michael@0: PKIX_CHECK(PKIX_PL_Object_InvalidateCache michael@0: ((PKIX_PL_Object *)checker, plContext), michael@0: PKIX_OBJECTINVALIDATECACHEFAILED); michael@0: michael@0: cleanup: michael@0: michael@0: PKIX_RETURN(CERTCHAINCHECKER); michael@0: } michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_CertChainChecker_GetSupportedExtensions michael@0: * (see comments in pkix_checker.h) michael@0: */ michael@0: PKIX_Error * michael@0: PKIX_CertChainChecker_GetSupportedExtensions( michael@0: PKIX_CertChainChecker *checker, michael@0: PKIX_List **pExtensions, /* list of PKIX_PL_OID */ michael@0: void *plContext) michael@0: { michael@0: PKIX_ENTER(CERTCHAINCHECKER, michael@0: "PKIX_CertChainChecker_GetSupportedExtensions"); michael@0: michael@0: PKIX_NULLCHECK_TWO(checker, pExtensions); michael@0: michael@0: PKIX_INCREF(checker->extensions); michael@0: michael@0: *pExtensions = checker->extensions; michael@0: michael@0: cleanup: michael@0: PKIX_RETURN(CERTCHAINCHECKER); michael@0: michael@0: }