michael@0: /* This Source Code Form is subject to the terms of the Mozilla Public michael@0: * License, v. 2.0. If a copy of the MPL was not distributed with this michael@0: * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ michael@0: /* michael@0: * pkix_procparams.c michael@0: * michael@0: * ProcessingParams Object Functions michael@0: * michael@0: */ michael@0: michael@0: #include "pkix_procparams.h" michael@0: michael@0: /* --Private-Functions-------------------------------------------- */ michael@0: michael@0: /* michael@0: * FUNCTION: pkix_ProcessingParams_Destroy michael@0: * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h) michael@0: */ michael@0: static PKIX_Error * michael@0: pkix_ProcessingParams_Destroy( michael@0: PKIX_PL_Object *object, michael@0: void *plContext) michael@0: { michael@0: PKIX_ProcessingParams *params = NULL; michael@0: michael@0: PKIX_ENTER(PROCESSINGPARAMS, "pkix_ProcessingParams_Destroy"); michael@0: PKIX_NULLCHECK_ONE(object); michael@0: michael@0: /* Check that this object is a processing params object */ michael@0: PKIX_CHECK(pkix_CheckType michael@0: (object, PKIX_PROCESSINGPARAMS_TYPE, plContext), michael@0: PKIX_OBJECTNOTPROCESSINGPARAMS); michael@0: michael@0: params = (PKIX_ProcessingParams *)object; michael@0: michael@0: PKIX_DECREF(params->trustAnchors); michael@0: PKIX_DECREF(params->hintCerts); michael@0: PKIX_DECREF(params->constraints); michael@0: PKIX_DECREF(params->date); michael@0: PKIX_DECREF(params->initialPolicies); michael@0: PKIX_DECREF(params->certChainCheckers); michael@0: PKIX_DECREF(params->revChecker); michael@0: PKIX_DECREF(params->certStores); michael@0: PKIX_DECREF(params->resourceLimits); michael@0: michael@0: cleanup: michael@0: michael@0: PKIX_RETURN(PROCESSINGPARAMS); michael@0: } michael@0: michael@0: /* michael@0: * FUNCTION: pkix_ProcessingParams_Equals michael@0: * (see comments for PKIX_PL_EqualsCallback in pkix_pl_system.h) michael@0: */ michael@0: static PKIX_Error * michael@0: pkix_ProcessingParams_Equals( michael@0: PKIX_PL_Object *first, michael@0: PKIX_PL_Object *second, michael@0: PKIX_Boolean *pResult, michael@0: void *plContext) michael@0: { michael@0: PKIX_UInt32 secondType; michael@0: PKIX_Boolean cmpResult; michael@0: PKIX_ProcessingParams *firstProcParams = NULL; michael@0: PKIX_ProcessingParams *secondProcParams = NULL; michael@0: michael@0: PKIX_ENTER(PROCESSINGPARAMS, "pkix_ProcessingParams_Equals"); michael@0: PKIX_NULLCHECK_THREE(first, second, pResult); michael@0: michael@0: PKIX_CHECK(pkix_CheckType(first, PKIX_PROCESSINGPARAMS_TYPE, plContext), michael@0: PKIX_FIRSTOBJECTNOTPROCESSINGPARAMS); michael@0: michael@0: PKIX_CHECK(PKIX_PL_Object_GetType(second, &secondType, plContext), michael@0: PKIX_COULDNOTGETTYPEOFSECONDARGUMENT); michael@0: michael@0: *pResult = PKIX_FALSE; michael@0: michael@0: if (secondType != PKIX_PROCESSINGPARAMS_TYPE) goto cleanup; michael@0: michael@0: firstProcParams = (PKIX_ProcessingParams *)first; michael@0: secondProcParams = (PKIX_ProcessingParams *)second; michael@0: michael@0: /* Do the simplest tests first */ michael@0: if ((firstProcParams->qualifiersRejected) != michael@0: (secondProcParams->qualifiersRejected)) { michael@0: goto cleanup; michael@0: } michael@0: michael@0: if (firstProcParams->isCrlRevocationCheckingEnabled != michael@0: secondProcParams->isCrlRevocationCheckingEnabled) { michael@0: goto cleanup; michael@0: } michael@0: if (firstProcParams->isCrlRevocationCheckingEnabledWithNISTPolicy != michael@0: secondProcParams->isCrlRevocationCheckingEnabledWithNISTPolicy) { michael@0: goto cleanup; michael@0: } michael@0: michael@0: /* trustAnchors can never be NULL */ michael@0: michael@0: PKIX_EQUALS michael@0: (firstProcParams->trustAnchors, michael@0: secondProcParams->trustAnchors, michael@0: &cmpResult, michael@0: plContext, michael@0: PKIX_OBJECTEQUALSFAILED); michael@0: michael@0: if (!cmpResult) goto cleanup; michael@0: michael@0: PKIX_EQUALS michael@0: (firstProcParams->hintCerts, michael@0: secondProcParams->hintCerts, michael@0: &cmpResult, michael@0: plContext, michael@0: PKIX_OBJECTEQUALSFAILED); michael@0: michael@0: if (!cmpResult) goto cleanup; michael@0: michael@0: PKIX_EQUALS michael@0: (firstProcParams->date, michael@0: secondProcParams->date, michael@0: &cmpResult, michael@0: plContext, michael@0: PKIX_OBJECTEQUALSFAILED); michael@0: michael@0: if (!cmpResult) goto cleanup; michael@0: michael@0: PKIX_EQUALS michael@0: (firstProcParams->constraints, michael@0: secondProcParams->constraints, michael@0: &cmpResult, michael@0: plContext, michael@0: PKIX_OBJECTEQUALSFAILED); michael@0: michael@0: if (!cmpResult) goto cleanup; michael@0: michael@0: PKIX_EQUALS michael@0: (firstProcParams->initialPolicies, michael@0: secondProcParams->initialPolicies, michael@0: &cmpResult, michael@0: plContext, michael@0: PKIX_OBJECTEQUALSFAILED); michael@0: michael@0: if (!cmpResult) goto cleanup; michael@0: michael@0: /* There is no Equals function for CertChainCheckers */ michael@0: michael@0: PKIX_EQUALS michael@0: ((PKIX_PL_Object *)firstProcParams->certStores, michael@0: (PKIX_PL_Object *)secondProcParams->certStores, michael@0: &cmpResult, michael@0: plContext, michael@0: PKIX_OBJECTEQUALSFAILED); michael@0: michael@0: if (!cmpResult) goto cleanup; michael@0: michael@0: PKIX_EQUALS michael@0: (firstProcParams->resourceLimits, michael@0: secondProcParams->resourceLimits, michael@0: &cmpResult, michael@0: plContext, michael@0: PKIX_OBJECTEQUALSFAILED); michael@0: michael@0: if (cmpResult == PKIX_FALSE) { michael@0: *pResult = PKIX_FALSE; michael@0: goto cleanup; michael@0: } michael@0: michael@0: *pResult = cmpResult; michael@0: michael@0: cleanup: michael@0: michael@0: PKIX_RETURN(PROCESSINGPARAMS); michael@0: } michael@0: michael@0: /* michael@0: * FUNCTION: pkix_ProcessingParams_Hashcode michael@0: * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h) michael@0: */ michael@0: static PKIX_Error * michael@0: pkix_ProcessingParams_Hashcode( michael@0: PKIX_PL_Object *object, michael@0: PKIX_UInt32 *pHashcode, michael@0: void *plContext) michael@0: { michael@0: PKIX_ProcessingParams *procParams = NULL; michael@0: PKIX_UInt32 hash = 0; michael@0: PKIX_UInt32 anchorsHash = 0; michael@0: PKIX_UInt32 hintCertsHash = 0; michael@0: PKIX_UInt32 dateHash = 0; michael@0: PKIX_UInt32 constraintsHash = 0; michael@0: PKIX_UInt32 initialHash = 0; michael@0: PKIX_UInt32 rejectedHash = 0; michael@0: PKIX_UInt32 certChainCheckersHash = 0; michael@0: PKIX_UInt32 revCheckerHash = 0; michael@0: PKIX_UInt32 certStoresHash = 0; michael@0: PKIX_UInt32 resourceLimitsHash = 0; michael@0: michael@0: PKIX_ENTER(PROCESSINGPARAMS, "pkix_ProcessingParams_Hashcode"); michael@0: PKIX_NULLCHECK_TWO(object, pHashcode); michael@0: michael@0: PKIX_CHECK(pkix_CheckType michael@0: (object, PKIX_PROCESSINGPARAMS_TYPE, plContext), michael@0: PKIX_OBJECTNOTPROCESSINGPARAMS); michael@0: michael@0: procParams = (PKIX_ProcessingParams*)object; michael@0: michael@0: PKIX_HASHCODE(procParams->trustAnchors, &anchorsHash, plContext, michael@0: PKIX_OBJECTHASHCODEFAILED); michael@0: michael@0: PKIX_HASHCODE(procParams->hintCerts, &hintCertsHash, plContext, michael@0: PKIX_OBJECTHASHCODEFAILED); michael@0: michael@0: PKIX_HASHCODE(procParams->date, &dateHash, plContext, michael@0: PKIX_OBJECTHASHCODEFAILED); michael@0: michael@0: PKIX_HASHCODE(procParams->constraints, &constraintsHash, plContext, michael@0: PKIX_OBJECTHASHCODEFAILED); michael@0: michael@0: PKIX_HASHCODE(procParams->initialPolicies, &initialHash, plContext, michael@0: PKIX_OBJECTHASHCODEFAILED); michael@0: michael@0: rejectedHash = procParams->qualifiersRejected; michael@0: michael@0: /* There is no Hash function for CertChainCheckers */ michael@0: michael@0: PKIX_HASHCODE(procParams->certStores, &certStoresHash, plContext, michael@0: PKIX_OBJECTHASHCODEFAILED); michael@0: michael@0: PKIX_HASHCODE(procParams->resourceLimits, michael@0: &resourceLimitsHash, michael@0: plContext, michael@0: PKIX_OBJECTHASHCODEFAILED); michael@0: michael@0: hash = (31 * ((31 * anchorsHash) + hintCertsHash + dateHash)) + michael@0: constraintsHash + initialHash + rejectedHash; michael@0: michael@0: hash += ((((certStoresHash + resourceLimitsHash) << 7) + michael@0: certChainCheckersHash + revCheckerHash + michael@0: procParams->isCrlRevocationCheckingEnabled + michael@0: procParams->isCrlRevocationCheckingEnabledWithNISTPolicy) << 7); michael@0: michael@0: *pHashcode = hash; michael@0: michael@0: cleanup: michael@0: michael@0: PKIX_RETURN(PROCESSINGPARAMS); michael@0: } michael@0: michael@0: /* michael@0: * FUNCTION: pkix_ProcessingParams_ToString michael@0: * (see comments for PKIX_PL_ToStringCallback in pkix_pl_system.h) michael@0: */ michael@0: static PKIX_Error * michael@0: pkix_ProcessingParams_ToString( michael@0: PKIX_PL_Object *object, michael@0: PKIX_PL_String **pString, michael@0: void *plContext) michael@0: { michael@0: PKIX_ProcessingParams *procParams = NULL; michael@0: char *asciiFormat = NULL; michael@0: PKIX_PL_String *formatString = NULL; michael@0: PKIX_PL_String *procParamsString = NULL; michael@0: PKIX_PL_String *anchorsString = NULL; michael@0: PKIX_PL_String *dateString = NULL; michael@0: PKIX_PL_String *constraintsString = NULL; michael@0: PKIX_PL_String *InitialPoliciesString = NULL; michael@0: PKIX_PL_String *qualsRejectedString = NULL; michael@0: PKIX_List *certStores = NULL; michael@0: PKIX_PL_String *certStoresString = NULL; michael@0: PKIX_PL_String *resourceLimitsString = NULL; michael@0: michael@0: PKIX_ENTER(PROCESSINGPARAMS, "pkix_ProcessingParams_ToString"); michael@0: PKIX_NULLCHECK_TWO(object, pString); michael@0: michael@0: PKIX_CHECK(pkix_CheckType michael@0: (object, PKIX_PROCESSINGPARAMS_TYPE, plContext), michael@0: PKIX_OBJECTNOTPROCESSINGPARAMS); michael@0: michael@0: asciiFormat = michael@0: "[\n" michael@0: "\tTrust Anchors: \n" michael@0: "\t********BEGIN LIST OF TRUST ANCHORS********\n" michael@0: "\t\t%s\n" michael@0: "\t********END LIST OF TRUST ANCHORS********\n" michael@0: "\tDate: \t\t%s\n" michael@0: "\tTarget Constraints: %s\n" michael@0: "\tInitial Policies: %s\n" michael@0: "\tQualifiers Rejected: %s\n" michael@0: "\tCert Stores: %s\n" michael@0: "\tResource Limits: %s\n" michael@0: "\tCRL Checking Enabled: %d\n" michael@0: "]\n"; michael@0: michael@0: PKIX_CHECK(PKIX_PL_String_Create michael@0: (PKIX_ESCASCII, michael@0: asciiFormat, michael@0: 0, michael@0: &formatString, michael@0: plContext), michael@0: PKIX_STRINGCREATEFAILED); michael@0: michael@0: procParams = (PKIX_ProcessingParams*)object; michael@0: michael@0: PKIX_TOSTRING(procParams->trustAnchors, &anchorsString, plContext, michael@0: PKIX_OBJECTTOSTRINGFAILED); michael@0: michael@0: PKIX_TOSTRING(procParams->date, &dateString, plContext, michael@0: PKIX_OBJECTTOSTRINGFAILED); michael@0: michael@0: PKIX_TOSTRING(procParams->constraints, &constraintsString, plContext, michael@0: PKIX_OBJECTTOSTRINGFAILED); michael@0: michael@0: PKIX_TOSTRING michael@0: (procParams->initialPolicies, &InitialPoliciesString, plContext, michael@0: PKIX_OBJECTTOSTRINGFAILED); michael@0: michael@0: PKIX_CHECK(PKIX_PL_String_Create michael@0: (PKIX_ESCASCII, michael@0: (procParams->qualifiersRejected)?"TRUE":"FALSE", michael@0: 0, michael@0: &qualsRejectedString, michael@0: plContext), michael@0: PKIX_STRINGCREATEFAILED); michael@0: michael@0: /* There is no ToString function for CertChainCheckers */ michael@0: michael@0: PKIX_CHECK(PKIX_ProcessingParams_GetCertStores michael@0: (procParams, &certStores, plContext), michael@0: PKIX_PROCESSINGPARAMSGETCERTSTORESFAILED); michael@0: michael@0: PKIX_TOSTRING(certStores, &certStoresString, plContext, michael@0: PKIX_LISTTOSTRINGFAILED); michael@0: michael@0: PKIX_TOSTRING(procParams->resourceLimits, michael@0: &resourceLimitsString, michael@0: plContext, michael@0: PKIX_OBJECTTOSTRINGFAILED); michael@0: michael@0: PKIX_CHECK(PKIX_PL_Sprintf michael@0: (&procParamsString, michael@0: plContext, michael@0: formatString, michael@0: anchorsString, michael@0: dateString, michael@0: constraintsString, michael@0: InitialPoliciesString, michael@0: qualsRejectedString, michael@0: certStoresString, michael@0: resourceLimitsString, michael@0: procParams->isCrlRevocationCheckingEnabled, michael@0: procParams->isCrlRevocationCheckingEnabledWithNISTPolicy), michael@0: PKIX_SPRINTFFAILED); michael@0: michael@0: *pString = procParamsString; michael@0: michael@0: cleanup: michael@0: michael@0: PKIX_DECREF(formatString); michael@0: PKIX_DECREF(anchorsString); michael@0: PKIX_DECREF(dateString); michael@0: PKIX_DECREF(constraintsString); michael@0: PKIX_DECREF(InitialPoliciesString); michael@0: PKIX_DECREF(qualsRejectedString); michael@0: PKIX_DECREF(certStores); michael@0: PKIX_DECREF(certStoresString); michael@0: PKIX_DECREF(resourceLimitsString); michael@0: michael@0: PKIX_RETURN(PROCESSINGPARAMS); michael@0: } michael@0: michael@0: /* michael@0: * FUNCTION: pkix_ProcessingParams_Duplicate michael@0: * (see comments for PKIX_PL_DuplicateCallback in pkix_pl_system.h) michael@0: */ michael@0: static PKIX_Error * michael@0: pkix_ProcessingParams_Duplicate( michael@0: PKIX_PL_Object *object, michael@0: PKIX_PL_Object **pNewObject, michael@0: void *plContext) michael@0: { michael@0: PKIX_ProcessingParams *params = NULL; michael@0: PKIX_ProcessingParams *paramsDuplicate = NULL; michael@0: michael@0: PKIX_ENTER(PROCESSINGPARAMS, "pkix_ProcessingParams_Duplicate"); michael@0: PKIX_NULLCHECK_TWO(object, pNewObject); michael@0: michael@0: PKIX_CHECK(pkix_CheckType michael@0: (object, PKIX_PROCESSINGPARAMS_TYPE, plContext), michael@0: PKIX_OBJECTNOTPROCESSINGPARAMS); michael@0: michael@0: params = (PKIX_ProcessingParams *)object; michael@0: michael@0: PKIX_CHECK(PKIX_PL_Object_Alloc michael@0: (PKIX_PROCESSINGPARAMS_TYPE, michael@0: sizeof (PKIX_ProcessingParams), michael@0: (PKIX_PL_Object **)¶msDuplicate, michael@0: plContext), michael@0: PKIX_PROCESSINGPARAMSCREATEFAILED); michael@0: michael@0: /* initialize fields */ michael@0: PKIX_DUPLICATE michael@0: (params->trustAnchors, michael@0: &(paramsDuplicate->trustAnchors), michael@0: plContext, michael@0: PKIX_OBJECTDUPLICATEFAILED); michael@0: michael@0: PKIX_DUPLICATE michael@0: (params->hintCerts, &(paramsDuplicate->hintCerts), plContext, michael@0: PKIX_OBJECTDUPLICATEFAILED); michael@0: michael@0: PKIX_DUPLICATE michael@0: (params->constraints, michael@0: &(paramsDuplicate->constraints), michael@0: plContext, michael@0: PKIX_OBJECTDUPLICATEFAILED); michael@0: michael@0: PKIX_DUPLICATE michael@0: (params->date, &(paramsDuplicate->date), plContext, michael@0: PKIX_OBJECTDUPLICATEFAILED); michael@0: michael@0: PKIX_DUPLICATE michael@0: (params->initialPolicies, michael@0: &(paramsDuplicate->initialPolicies), michael@0: plContext, michael@0: PKIX_OBJECTDUPLICATEFAILED); michael@0: michael@0: paramsDuplicate->initialPolicyMappingInhibit = michael@0: params->initialPolicyMappingInhibit; michael@0: paramsDuplicate->initialAnyPolicyInhibit = michael@0: params->initialAnyPolicyInhibit; michael@0: paramsDuplicate->initialExplicitPolicy = params->initialExplicitPolicy; michael@0: paramsDuplicate->qualifiersRejected = params->qualifiersRejected; michael@0: michael@0: PKIX_DUPLICATE michael@0: (params->certChainCheckers, michael@0: &(paramsDuplicate->certChainCheckers), michael@0: plContext, michael@0: PKIX_OBJECTDUPLICATEFAILED); michael@0: michael@0: PKIX_DUPLICATE michael@0: (params->revChecker, michael@0: &(paramsDuplicate->revChecker), michael@0: plContext, michael@0: PKIX_OBJECTDUPLICATEFAILED); michael@0: michael@0: PKIX_DUPLICATE michael@0: (params->certStores, &(paramsDuplicate->certStores), plContext, michael@0: PKIX_OBJECTDUPLICATEFAILED); michael@0: michael@0: PKIX_DUPLICATE michael@0: (params->resourceLimits, michael@0: &(paramsDuplicate->resourceLimits), michael@0: plContext, michael@0: PKIX_OBJECTDUPLICATEFAILED); michael@0: michael@0: paramsDuplicate->isCrlRevocationCheckingEnabled = michael@0: params->isCrlRevocationCheckingEnabled; michael@0: michael@0: paramsDuplicate->isCrlRevocationCheckingEnabledWithNISTPolicy = michael@0: params->isCrlRevocationCheckingEnabledWithNISTPolicy; michael@0: michael@0: *pNewObject = (PKIX_PL_Object *)paramsDuplicate; michael@0: michael@0: cleanup: michael@0: michael@0: if (PKIX_ERROR_RECEIVED){ michael@0: PKIX_DECREF(paramsDuplicate); michael@0: } michael@0: michael@0: PKIX_RETURN(PROCESSINGPARAMS); michael@0: michael@0: } michael@0: michael@0: /* michael@0: * FUNCTION: pkix_ProcessingParams_RegisterSelf michael@0: * DESCRIPTION: michael@0: * Registers PKIX_PROCESSINGPARAMS_TYPE and its related functions with michael@0: * systemClasses[] michael@0: * THREAD SAFETY: michael@0: * Not Thread Safe - for performance and complexity reasons michael@0: * michael@0: * Since this function is only called by PKIX_PL_Initialize, which should michael@0: * only be called once, it is acceptable that this function is not michael@0: * thread-safe. michael@0: */ michael@0: PKIX_Error * michael@0: pkix_ProcessingParams_RegisterSelf(void *plContext) michael@0: { michael@0: extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES]; michael@0: pkix_ClassTable_Entry entry; michael@0: michael@0: PKIX_ENTER(PROCESSINGPARAMS, "pkix_ProcessingParams_RegisterSelf"); michael@0: michael@0: entry.description = "ProcessingParams"; michael@0: entry.objCounter = 0; michael@0: entry.typeObjectSize = sizeof(PKIX_ProcessingParams); michael@0: entry.destructor = pkix_ProcessingParams_Destroy; michael@0: entry.equalsFunction = pkix_ProcessingParams_Equals; michael@0: entry.hashcodeFunction = pkix_ProcessingParams_Hashcode; michael@0: entry.toStringFunction = pkix_ProcessingParams_ToString; michael@0: entry.comparator = NULL; michael@0: entry.duplicateFunction = pkix_ProcessingParams_Duplicate; michael@0: michael@0: systemClasses[PKIX_PROCESSINGPARAMS_TYPE] = entry; michael@0: michael@0: PKIX_RETURN(PROCESSINGPARAMS); michael@0: } michael@0: michael@0: /* --Public-Functions--------------------------------------------- */ michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_ProcessingParams_Create (see comments in pkix_params.h) michael@0: */ michael@0: PKIX_Error * michael@0: PKIX_ProcessingParams_Create( michael@0: PKIX_ProcessingParams **pParams, michael@0: void *plContext) michael@0: { michael@0: PKIX_ProcessingParams *params = NULL; michael@0: michael@0: PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_Create"); michael@0: PKIX_NULLCHECK_ONE(pParams); michael@0: michael@0: PKIX_CHECK(PKIX_PL_Object_Alloc michael@0: (PKIX_PROCESSINGPARAMS_TYPE, michael@0: sizeof (PKIX_ProcessingParams), michael@0: (PKIX_PL_Object **)¶ms, michael@0: plContext), michael@0: PKIX_COULDNOTCREATEPROCESSINGPARAMSOBJECT); michael@0: michael@0: /* initialize fields */ michael@0: PKIX_CHECK(PKIX_List_Create(¶ms->trustAnchors, plContext), michael@0: PKIX_LISTCREATEFAILED); michael@0: PKIX_CHECK(PKIX_List_SetImmutable(params->trustAnchors, plContext), michael@0: PKIX_LISTSETIMMUTABLEFAILED); michael@0: michael@0: PKIX_CHECK(PKIX_PL_Date_Create_UTCTime michael@0: (NULL, ¶ms->date, plContext), michael@0: PKIX_DATECREATEUTCTIMEFAILED); michael@0: michael@0: params->hintCerts = NULL; michael@0: params->constraints = NULL; michael@0: params->initialPolicies = NULL; michael@0: params->initialPolicyMappingInhibit = PKIX_FALSE; michael@0: params->initialAnyPolicyInhibit = PKIX_FALSE; michael@0: params->initialExplicitPolicy = PKIX_FALSE; michael@0: params->qualifiersRejected = PKIX_FALSE; michael@0: params->certChainCheckers = NULL; michael@0: params->revChecker = NULL; michael@0: params->certStores = NULL; michael@0: params->resourceLimits = NULL; michael@0: michael@0: params->isCrlRevocationCheckingEnabled = PKIX_TRUE; michael@0: michael@0: params->isCrlRevocationCheckingEnabledWithNISTPolicy = PKIX_TRUE; michael@0: michael@0: params->useAIAForCertFetching = PKIX_FALSE; michael@0: params->qualifyTargetCert = PKIX_TRUE; michael@0: params->useOnlyTrustAnchors = PKIX_TRUE; michael@0: michael@0: *pParams = params; michael@0: params = NULL; michael@0: michael@0: cleanup: michael@0: michael@0: PKIX_DECREF(params); michael@0: michael@0: PKIX_RETURN(PROCESSINGPARAMS); michael@0: michael@0: } michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_ProcessingParams_GetUseAIAForCertFetching michael@0: * (see comments in pkix_params.h) michael@0: */ michael@0: PKIX_Error * michael@0: PKIX_ProcessingParams_GetUseAIAForCertFetching( michael@0: PKIX_ProcessingParams *params, michael@0: PKIX_Boolean *pUseAIA, /* list of TrustAnchor */ michael@0: void *plContext) michael@0: { michael@0: PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_GetUseAIAForCertFetching"); michael@0: PKIX_NULLCHECK_TWO(params, pUseAIA); michael@0: michael@0: *pUseAIA = params->useAIAForCertFetching; michael@0: michael@0: PKIX_RETURN(PROCESSINGPARAMS); michael@0: } michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_ProcessingParams_SetUseAIAForCertFetching michael@0: * (see comments in pkix_params.h) michael@0: */ michael@0: PKIX_Error * michael@0: PKIX_ProcessingParams_SetUseAIAForCertFetching( michael@0: PKIX_ProcessingParams *params, michael@0: PKIX_Boolean useAIA, michael@0: void *plContext) michael@0: { michael@0: PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_SetUseAIAForCertFetching"); michael@0: PKIX_NULLCHECK_ONE(params); michael@0: michael@0: params->useAIAForCertFetching = useAIA; michael@0: michael@0: PKIX_RETURN(PROCESSINGPARAMS); michael@0: } michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_ProcessingParams_GetQualifyTargetCert michael@0: * (see comments in pkix_params.h) michael@0: */ michael@0: PKIX_Error * michael@0: PKIX_ProcessingParams_GetValidateTargetCert( michael@0: PKIX_ProcessingParams *params, michael@0: PKIX_Boolean *pQualifyTargetCert, michael@0: void *plContext) michael@0: { michael@0: PKIX_ENTER(PROCESSINGPARAMS, michael@0: "PKIX_ProcessingParams_GetValidateTargetCert"); michael@0: PKIX_NULLCHECK_TWO(params, pQualifyTargetCert); michael@0: michael@0: *pQualifyTargetCert = params->qualifyTargetCert; michael@0: michael@0: PKIX_RETURN(PROCESSINGPARAMS); michael@0: } michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_ProcessingParams_SetQualifyTargetCert michael@0: * (see comments in pkix_params.h) michael@0: */ michael@0: PKIX_Error * michael@0: PKIX_ProcessingParams_SetQualifyTargetCert( michael@0: PKIX_ProcessingParams *params, michael@0: PKIX_Boolean qualifyTargetCert, michael@0: void *plContext) michael@0: { michael@0: PKIX_ENTER(PROCESSINGPARAMS, michael@0: "PKIX_ProcessingParams_SetQualifyTargetCert"); michael@0: PKIX_NULLCHECK_ONE(params); michael@0: michael@0: params->qualifyTargetCert = qualifyTargetCert; michael@0: michael@0: PKIX_RETURN(PROCESSINGPARAMS); michael@0: } michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_ProcessingParams_SetTrustAnchors michael@0: * (see comments in pkix_params.h) michael@0: */ michael@0: PKIX_Error * michael@0: PKIX_ProcessingParams_SetTrustAnchors( michael@0: PKIX_ProcessingParams *params, michael@0: PKIX_List *anchors, /* list of TrustAnchor */ michael@0: void *plContext) michael@0: { michael@0: PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_SetTrustAnchors"); michael@0: PKIX_NULLCHECK_TWO(params, anchors); michael@0: michael@0: PKIX_DECREF(params->trustAnchors); michael@0: michael@0: PKIX_INCREF(anchors); michael@0: params->trustAnchors = anchors; michael@0: PKIX_CHECK(PKIX_List_SetImmutable(params->trustAnchors, plContext), michael@0: PKIX_LISTSETIMMUTABLEFAILED); michael@0: michael@0: cleanup: michael@0: PKIX_RETURN(PROCESSINGPARAMS); michael@0: } michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_ProcessingParams_GetTrustAnchors michael@0: * (see comments in pkix_params.h) michael@0: */ michael@0: PKIX_Error * michael@0: PKIX_ProcessingParams_GetTrustAnchors( michael@0: PKIX_ProcessingParams *params, michael@0: PKIX_List **pAnchors, /* list of TrustAnchor */ michael@0: void *plContext) michael@0: { michael@0: PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_GetTrustAnchors"); michael@0: PKIX_NULLCHECK_TWO(params, pAnchors); michael@0: michael@0: PKIX_INCREF(params->trustAnchors); michael@0: michael@0: *pAnchors = params->trustAnchors; michael@0: michael@0: cleanup: michael@0: PKIX_RETURN(PROCESSINGPARAMS); michael@0: } michael@0: michael@0: /** michael@0: * FUNCTION: PKIX_ProcessingParams_SetUseOnlyTrustAnchors michael@0: * (see comments in pkix_params.h) michael@0: */ michael@0: PKIX_Error * michael@0: PKIX_ProcessingParams_GetUseOnlyTrustAnchors( michael@0: PKIX_ProcessingParams *params, michael@0: PKIX_Boolean *pUseOnlyTrustAnchors, michael@0: void *plContext) michael@0: { michael@0: PKIX_ENTER(PROCESSINGPARAMS, michael@0: "PKIX_ProcessingParams_SetUseTrustAnchorsOnly"); michael@0: PKIX_NULLCHECK_TWO(params, pUseOnlyTrustAnchors); michael@0: michael@0: *pUseOnlyTrustAnchors = params->useOnlyTrustAnchors; michael@0: michael@0: PKIX_RETURN(PROCESSINGPARAMS); michael@0: } michael@0: michael@0: /** michael@0: * FUNCTION: PKIX_ProcessingParams_SetUseOnlyTrustAnchors michael@0: * (see comments in pkix_params.h) michael@0: */ michael@0: PKIX_Error * michael@0: PKIX_ProcessingParams_SetUseOnlyTrustAnchors( michael@0: PKIX_ProcessingParams *params, michael@0: PKIX_Boolean useOnlyTrustAnchors, michael@0: void *plContext) michael@0: { michael@0: PKIX_ENTER(PROCESSINGPARAMS, michael@0: "PKIX_ProcessingParams_SetUseTrustAnchorsOnly"); michael@0: PKIX_NULLCHECK_ONE(params); michael@0: michael@0: params->useOnlyTrustAnchors = useOnlyTrustAnchors; michael@0: michael@0: PKIX_RETURN(PROCESSINGPARAMS); michael@0: } michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_ProcessingParams_GetDate (see comments in pkix_params.h) michael@0: */ michael@0: PKIX_Error * michael@0: PKIX_ProcessingParams_GetDate( michael@0: PKIX_ProcessingParams *params, michael@0: PKIX_PL_Date **pDate, michael@0: void *plContext) michael@0: { michael@0: PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_GetDate"); michael@0: PKIX_NULLCHECK_TWO(params, pDate); michael@0: michael@0: PKIX_INCREF(params->date); michael@0: *pDate = params->date; michael@0: michael@0: cleanup: michael@0: PKIX_RETURN(PROCESSINGPARAMS); michael@0: } michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_ProcessingParams_SetDate (see comments in pkix_params.h) michael@0: */ michael@0: PKIX_Error * michael@0: PKIX_ProcessingParams_SetDate( michael@0: PKIX_ProcessingParams *params, michael@0: PKIX_PL_Date *date, michael@0: void *plContext) michael@0: { michael@0: PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_SetDate"); michael@0: PKIX_NULLCHECK_ONE(params); michael@0: michael@0: PKIX_DECREF(params->date); michael@0: michael@0: PKIX_INCREF(date); michael@0: params->date = date; michael@0: michael@0: PKIX_CHECK(PKIX_PL_Object_InvalidateCache michael@0: ((PKIX_PL_Object *)params, plContext), michael@0: PKIX_OBJECTINVALIDATECACHEFAILED); michael@0: michael@0: cleanup: michael@0: michael@0: if (PKIX_ERROR_RECEIVED && params) { michael@0: PKIX_DECREF(params->date); michael@0: } michael@0: michael@0: PKIX_RETURN(PROCESSINGPARAMS); michael@0: } michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_ProcessingParams_GetTargetCertConstraints michael@0: * (see comments in pkix_params.h) michael@0: */ michael@0: PKIX_Error * michael@0: PKIX_ProcessingParams_GetTargetCertConstraints( michael@0: PKIX_ProcessingParams *params, michael@0: PKIX_CertSelector **pConstraints, michael@0: void *plContext) michael@0: { michael@0: PKIX_ENTER(PROCESSINGPARAMS, michael@0: "PKIX_ProcessingParams_GetTargetCertConstraints"); michael@0: michael@0: PKIX_NULLCHECK_TWO(params, pConstraints); michael@0: michael@0: PKIX_INCREF(params->constraints); michael@0: *pConstraints = params->constraints; michael@0: michael@0: cleanup: michael@0: PKIX_RETURN(PROCESSINGPARAMS); michael@0: } michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_ProcessingParams_SetTargetCertConstraints michael@0: * (see comments in pkix_params.h) michael@0: */ michael@0: PKIX_Error * michael@0: PKIX_ProcessingParams_SetTargetCertConstraints( michael@0: PKIX_ProcessingParams *params, michael@0: PKIX_CertSelector *constraints, michael@0: void *plContext) michael@0: { michael@0: michael@0: PKIX_ENTER(PROCESSINGPARAMS, michael@0: "PKIX_ProcessingParams_SetTargetCertConstraints"); michael@0: michael@0: PKIX_NULLCHECK_ONE(params); michael@0: michael@0: PKIX_DECREF(params->constraints); michael@0: michael@0: PKIX_INCREF(constraints); michael@0: params->constraints = constraints; michael@0: michael@0: PKIX_CHECK(PKIX_PL_Object_InvalidateCache michael@0: ((PKIX_PL_Object *)params, plContext), michael@0: PKIX_OBJECTINVALIDATECACHEFAILED); michael@0: michael@0: cleanup: michael@0: if (PKIX_ERROR_RECEIVED && params) { michael@0: PKIX_DECREF(params->constraints); michael@0: } michael@0: michael@0: PKIX_RETURN(PROCESSINGPARAMS); michael@0: } michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_ProcessingParams_GetInitialPolicies michael@0: * (see comments in pkix_params.h) michael@0: */ michael@0: PKIX_Error * michael@0: PKIX_ProcessingParams_GetInitialPolicies( michael@0: PKIX_ProcessingParams *params, michael@0: PKIX_List **pInitPolicies, /* list of PKIX_PL_OID */ michael@0: void *plContext) michael@0: { michael@0: michael@0: PKIX_ENTER(PROCESSINGPARAMS, michael@0: "PKIX_ProcessingParams_GetInitialPolicies"); michael@0: michael@0: PKIX_NULLCHECK_TWO(params, pInitPolicies); michael@0: michael@0: if (params->initialPolicies == NULL) { michael@0: PKIX_CHECK(PKIX_List_Create michael@0: (¶ms->initialPolicies, plContext), michael@0: PKIX_UNABLETOCREATELIST); michael@0: PKIX_CHECK(PKIX_List_SetImmutable michael@0: (params->initialPolicies, plContext), michael@0: PKIX_UNABLETOMAKELISTIMMUTABLE); michael@0: PKIX_CHECK(PKIX_PL_Object_InvalidateCache michael@0: ((PKIX_PL_Object *)params, plContext), michael@0: PKIX_OBJECTINVALIDATECACHEFAILED); michael@0: } michael@0: michael@0: PKIX_INCREF(params->initialPolicies); michael@0: *pInitPolicies = params->initialPolicies; michael@0: michael@0: cleanup: michael@0: michael@0: PKIX_RETURN(PROCESSINGPARAMS); michael@0: } michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_ProcessingParams_SetInitialPolicies michael@0: * (see comments in pkix_params.h) michael@0: */ michael@0: PKIX_Error * michael@0: PKIX_ProcessingParams_SetInitialPolicies( michael@0: PKIX_ProcessingParams *params, michael@0: PKIX_List *initPolicies, /* list of PKIX_PL_OID */ michael@0: void *plContext) michael@0: { michael@0: PKIX_ENTER(PROCESSINGPARAMS, michael@0: "PKIX_ProcessingParams_SetInitialPolicies"); michael@0: PKIX_NULLCHECK_ONE(params); michael@0: michael@0: PKIX_DECREF(params->initialPolicies); michael@0: michael@0: PKIX_INCREF(initPolicies); michael@0: params->initialPolicies = initPolicies; michael@0: michael@0: PKIX_CHECK(PKIX_PL_Object_InvalidateCache michael@0: ((PKIX_PL_Object *)params, plContext), michael@0: PKIX_OBJECTINVALIDATECACHEFAILED); michael@0: michael@0: cleanup: michael@0: michael@0: if (PKIX_ERROR_RECEIVED && params) { michael@0: PKIX_DECREF(params->initialPolicies); michael@0: } michael@0: PKIX_RETURN(PROCESSINGPARAMS); michael@0: } michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_ProcessingParams_GetPolicyQualifiersRejected michael@0: * (see comments in pkix_params.h) michael@0: */ michael@0: PKIX_Error * michael@0: PKIX_ProcessingParams_GetPolicyQualifiersRejected( michael@0: PKIX_ProcessingParams *params, michael@0: PKIX_Boolean *pRejected, michael@0: void *plContext) michael@0: { michael@0: PKIX_ENTER(PROCESSINGPARAMS, michael@0: "PKIX_ProcessingParams_GetPolicyQualifiersRejected"); michael@0: michael@0: PKIX_NULLCHECK_TWO(params, pRejected); michael@0: michael@0: *pRejected = params->qualifiersRejected; michael@0: michael@0: PKIX_RETURN(PROCESSINGPARAMS); michael@0: } michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_ProcessingParams_SetPolicyQualifiersRejected michael@0: * (see comments in pkix_params.h) michael@0: */ michael@0: PKIX_Error * michael@0: PKIX_ProcessingParams_SetPolicyQualifiersRejected( michael@0: PKIX_ProcessingParams *params, michael@0: PKIX_Boolean rejected, michael@0: void *plContext) michael@0: { michael@0: PKIX_ENTER(PROCESSINGPARAMS, michael@0: "PKIX_ProcessingParams_SetPolicyQualifiersRejected"); michael@0: michael@0: PKIX_NULLCHECK_ONE(params); michael@0: michael@0: params->qualifiersRejected = rejected; michael@0: michael@0: PKIX_CHECK(PKIX_PL_Object_InvalidateCache michael@0: ((PKIX_PL_Object *)params, plContext), michael@0: PKIX_OBJECTINVALIDATECACHEFAILED); michael@0: michael@0: cleanup: michael@0: michael@0: PKIX_RETURN(PROCESSINGPARAMS); michael@0: } michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_ProcessingParams_GetCertChainCheckers michael@0: * (see comments in pkix_params.h) michael@0: */ michael@0: PKIX_Error * michael@0: PKIX_ProcessingParams_GetCertChainCheckers( michael@0: PKIX_ProcessingParams *params, michael@0: PKIX_List **pCheckers, /* list of PKIX_CertChainChecker */ michael@0: void *plContext) michael@0: { michael@0: PKIX_ENTER(PROCESSINGPARAMS, michael@0: "PKIX_ProcessingParams_GetCertChainCheckers"); michael@0: PKIX_NULLCHECK_TWO(params, pCheckers); michael@0: michael@0: PKIX_INCREF(params->certChainCheckers); michael@0: *pCheckers = params->certChainCheckers; michael@0: michael@0: cleanup: michael@0: PKIX_RETURN(PROCESSINGPARAMS); michael@0: } michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_ProcessingParams_SetCertChainCheckers michael@0: * (see comments in pkix_params.h) michael@0: */ michael@0: PKIX_Error * michael@0: PKIX_ProcessingParams_SetCertChainCheckers( michael@0: PKIX_ProcessingParams *params, michael@0: PKIX_List *checkers, /* list of PKIX_CertChainChecker */ michael@0: void *plContext) michael@0: { michael@0: michael@0: PKIX_ENTER(PROCESSINGPARAMS, michael@0: "PKIX_ProcessingParams_SetCertChainCheckers"); michael@0: PKIX_NULLCHECK_ONE(params); michael@0: michael@0: PKIX_DECREF(params->certChainCheckers); michael@0: michael@0: PKIX_INCREF(checkers); michael@0: params->certChainCheckers = checkers; michael@0: michael@0: PKIX_CHECK(PKIX_PL_Object_InvalidateCache michael@0: ((PKIX_PL_Object *)params, plContext), michael@0: PKIX_OBJECTINVALIDATECACHEFAILED); michael@0: michael@0: cleanup: michael@0: michael@0: if (PKIX_ERROR_RECEIVED && params) { michael@0: PKIX_DECREF(params->certChainCheckers); michael@0: } michael@0: michael@0: PKIX_RETURN(PROCESSINGPARAMS); michael@0: } michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_ProcessingParams_AddCertChainCheckers michael@0: * (see comments in pkix_params.h) michael@0: */ michael@0: PKIX_Error * michael@0: PKIX_ProcessingParams_AddCertChainChecker( michael@0: PKIX_ProcessingParams *params, michael@0: PKIX_CertChainChecker *checker, michael@0: void *plContext) michael@0: { michael@0: PKIX_List *list = NULL; michael@0: michael@0: PKIX_ENTER(PROCESSINGPARAMS, michael@0: "PKIX_ProcessingParams_AddCertChainChecker"); michael@0: PKIX_NULLCHECK_TWO(params, checker); michael@0: michael@0: if (params->certChainCheckers == NULL) { michael@0: michael@0: PKIX_CHECK(PKIX_List_Create(&list, plContext), michael@0: PKIX_LISTCREATEFAILED); michael@0: michael@0: params->certChainCheckers = list; michael@0: } michael@0: michael@0: PKIX_CHECK(PKIX_List_AppendItem michael@0: (params->certChainCheckers, (PKIX_PL_Object *)checker, plContext), michael@0: PKIX_LISTAPPENDITEMFAILED); michael@0: michael@0: PKIX_CHECK(PKIX_PL_Object_InvalidateCache michael@0: ((PKIX_PL_Object *)params, plContext), michael@0: PKIX_OBJECTINVALIDATECACHEFAILED); michael@0: michael@0: list = NULL; michael@0: michael@0: cleanup: michael@0: michael@0: if (list && params) { michael@0: PKIX_DECREF(params->certChainCheckers); michael@0: } michael@0: michael@0: PKIX_RETURN(PROCESSINGPARAMS); michael@0: } michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_ProcessingParams_GetRevocationChecker michael@0: * (see comments in pkix_params.h) michael@0: */ michael@0: PKIX_Error * michael@0: PKIX_ProcessingParams_GetRevocationChecker( michael@0: PKIX_ProcessingParams *params, michael@0: PKIX_RevocationChecker **pChecker, michael@0: void *plContext) michael@0: { michael@0: michael@0: PKIX_ENTER michael@0: (PROCESSINGPARAMS, "PKIX_ProcessingParams_GetRevocationCheckers"); michael@0: PKIX_NULLCHECK_TWO(params, pChecker); michael@0: michael@0: PKIX_INCREF(params->revChecker); michael@0: *pChecker = params->revChecker; michael@0: michael@0: cleanup: michael@0: michael@0: PKIX_RETURN(PROCESSINGPARAMS); michael@0: } michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_ProcessingParams_SetRevocationChecker michael@0: * (see comments in pkix_params.h) michael@0: */ michael@0: PKIX_Error * michael@0: PKIX_ProcessingParams_SetRevocationChecker( michael@0: PKIX_ProcessingParams *params, michael@0: PKIX_RevocationChecker *checker, michael@0: void *plContext) michael@0: { michael@0: michael@0: PKIX_ENTER(PROCESSINGPARAMS, michael@0: "PKIX_ProcessingParams_InitRevocationChecker"); michael@0: PKIX_NULLCHECK_ONE(params); michael@0: michael@0: PKIX_DECREF(params->revChecker); michael@0: PKIX_INCREF(checker); michael@0: params->revChecker = checker; michael@0: michael@0: PKIX_CHECK(PKIX_PL_Object_InvalidateCache michael@0: ((PKIX_PL_Object *)params, plContext), michael@0: PKIX_OBJECTINVALIDATECACHEFAILED); michael@0: cleanup: michael@0: michael@0: PKIX_RETURN(PROCESSINGPARAMS); michael@0: } michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_ProcessingParams_GetCertStores michael@0: * (see comments in pkix_params.h) michael@0: */ michael@0: PKIX_Error * michael@0: PKIX_ProcessingParams_GetCertStores( michael@0: PKIX_ProcessingParams *params, michael@0: PKIX_List **pStores, /* list of PKIX_CertStore */ michael@0: void *plContext) michael@0: { michael@0: PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_GetCertStores"); michael@0: michael@0: PKIX_NULLCHECK_TWO(params, pStores); michael@0: michael@0: if (!params->certStores){ michael@0: PKIX_CHECK(PKIX_List_Create(¶ms->certStores, plContext), michael@0: PKIX_UNABLETOCREATELIST); michael@0: } michael@0: michael@0: PKIX_INCREF(params->certStores); michael@0: *pStores = params->certStores; michael@0: michael@0: cleanup: michael@0: michael@0: PKIX_RETURN(PROCESSINGPARAMS); michael@0: } michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_ProcessingParams_SetCertStores michael@0: * (see comments in pkix_params.h) michael@0: */ michael@0: PKIX_Error * michael@0: PKIX_ProcessingParams_SetCertStores( michael@0: PKIX_ProcessingParams *params, michael@0: PKIX_List *stores, /* list of PKIX_CertStore */ michael@0: void *plContext) michael@0: { michael@0: PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_SetCertStores"); michael@0: michael@0: PKIX_NULLCHECK_ONE(params); michael@0: michael@0: PKIX_DECREF(params->certStores); michael@0: michael@0: PKIX_INCREF(stores); michael@0: params->certStores = stores; michael@0: michael@0: PKIX_CHECK(PKIX_PL_Object_InvalidateCache michael@0: ((PKIX_PL_Object *)params, plContext), michael@0: PKIX_OBJECTINVALIDATECACHEFAILED); michael@0: michael@0: cleanup: michael@0: michael@0: if (PKIX_ERROR_RECEIVED && params) { michael@0: PKIX_DECREF(params->certStores); michael@0: } michael@0: michael@0: PKIX_RETURN(PROCESSINGPARAMS); michael@0: } michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_ProcessingParams_AddCertStore michael@0: * (see comments in pkix_params.h) michael@0: */ michael@0: PKIX_Error * michael@0: PKIX_ProcessingParams_AddCertStore( michael@0: PKIX_ProcessingParams *params, michael@0: PKIX_CertStore *store, michael@0: void *plContext) michael@0: { michael@0: PKIX_List *certStores = NULL; michael@0: michael@0: PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_AddCertStore"); michael@0: PKIX_NULLCHECK_TWO(params, store); michael@0: michael@0: PKIX_CHECK(PKIX_ProcessingParams_GetCertStores michael@0: (params, &certStores, plContext), michael@0: PKIX_PROCESSINGPARAMSGETCERTSTORESFAILED); michael@0: michael@0: PKIX_CHECK(PKIX_List_AppendItem michael@0: (certStores, (PKIX_PL_Object *)store, plContext), michael@0: PKIX_LISTAPPENDITEMFAILED); michael@0: michael@0: PKIX_CHECK(PKIX_PL_Object_InvalidateCache michael@0: ((PKIX_PL_Object *)params, plContext), michael@0: PKIX_OBJECTINVALIDATECACHEFAILED); michael@0: michael@0: cleanup: michael@0: michael@0: PKIX_DECREF(certStores); michael@0: PKIX_RETURN(PROCESSINGPARAMS); michael@0: } michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_ProcessingParams_SetResourceLimits michael@0: * (see comments in pkix_params.h) michael@0: */ michael@0: PKIX_Error * michael@0: PKIX_ProcessingParams_SetResourceLimits( michael@0: PKIX_ProcessingParams *params, michael@0: PKIX_ResourceLimits *resourceLimits, michael@0: void *plContext) michael@0: { michael@0: PKIX_ENTER(PROCESSINGPARAMS, michael@0: "PKIX_ProcessingParams_SetResourceLimits"); michael@0: michael@0: PKIX_NULLCHECK_TWO(params, resourceLimits); michael@0: michael@0: PKIX_DECREF(params->resourceLimits); michael@0: PKIX_INCREF(resourceLimits); michael@0: params->resourceLimits = resourceLimits; michael@0: michael@0: cleanup: michael@0: if (PKIX_ERROR_RECEIVED && params) { michael@0: PKIX_DECREF(params->resourceLimits); michael@0: } michael@0: michael@0: PKIX_RETURN(PROCESSINGPARAMS); michael@0: } michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_ProcessingParams_GetResourceLimits michael@0: * (see comments in pkix_params.h) michael@0: */ michael@0: PKIX_Error * michael@0: PKIX_ProcessingParams_GetResourceLimits( michael@0: PKIX_ProcessingParams *params, michael@0: PKIX_ResourceLimits **pResourceLimits, michael@0: void *plContext) michael@0: { michael@0: PKIX_ENTER(PROCESSINGPARAMS, michael@0: "PKIX_ProcessingParams_GetResourceLimits"); michael@0: michael@0: PKIX_NULLCHECK_TWO(params, pResourceLimits); michael@0: michael@0: PKIX_INCREF(params->resourceLimits); michael@0: *pResourceLimits = params->resourceLimits; michael@0: michael@0: cleanup: michael@0: PKIX_RETURN(PROCESSINGPARAMS); michael@0: } michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_ProcessingParams_IsAnyPolicyInhibited michael@0: * (see comments in pkix_params.h) michael@0: */ michael@0: PKIX_Error * michael@0: PKIX_ProcessingParams_IsAnyPolicyInhibited( michael@0: PKIX_ProcessingParams *params, michael@0: PKIX_Boolean *pInhibited, michael@0: void *plContext) michael@0: { michael@0: PKIX_ENTER(PROCESSINGPARAMS, michael@0: "PKIX_ProcessingParams_IsAnyPolicyInhibited"); michael@0: michael@0: PKIX_NULLCHECK_TWO(params, pInhibited); michael@0: michael@0: *pInhibited = params->initialAnyPolicyInhibit; michael@0: michael@0: PKIX_RETURN(PROCESSINGPARAMS); michael@0: } michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_ProcessingParams_SetAnyPolicyInhibited michael@0: * (see comments in pkix_params.h) michael@0: */ michael@0: PKIX_Error * michael@0: PKIX_ProcessingParams_SetAnyPolicyInhibited( michael@0: PKIX_ProcessingParams *params, michael@0: PKIX_Boolean inhibited, michael@0: void *plContext) michael@0: { michael@0: PKIX_ENTER(PROCESSINGPARAMS, michael@0: "PKIX_ProcessingParams_SetAnyPolicyInhibited"); michael@0: michael@0: PKIX_NULLCHECK_ONE(params); michael@0: michael@0: params->initialAnyPolicyInhibit = inhibited; michael@0: michael@0: PKIX_CHECK(PKIX_PL_Object_InvalidateCache michael@0: ((PKIX_PL_Object *)params, plContext), michael@0: PKIX_OBJECTINVALIDATECACHEFAILED); michael@0: michael@0: cleanup: michael@0: michael@0: PKIX_RETURN(PROCESSINGPARAMS); michael@0: } michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_ProcessingParams_IsExplicitPolicyRequired michael@0: * (see comments in pkix_params.h) michael@0: */ michael@0: PKIX_Error * michael@0: PKIX_ProcessingParams_IsExplicitPolicyRequired( michael@0: PKIX_ProcessingParams *params, michael@0: PKIX_Boolean *pRequired, michael@0: void *plContext) michael@0: { michael@0: PKIX_ENTER(PROCESSINGPARAMS, michael@0: "PKIX_ProcessingParams_IsExplicitPolicyRequired"); michael@0: michael@0: PKIX_NULLCHECK_TWO(params, pRequired); michael@0: michael@0: *pRequired = params->initialExplicitPolicy; michael@0: michael@0: PKIX_RETURN(PROCESSINGPARAMS); michael@0: } michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_ProcessingParams_SetExplicitPolicyRequired michael@0: * (see comments in pkix_params.h) michael@0: */ michael@0: PKIX_Error * michael@0: PKIX_ProcessingParams_SetExplicitPolicyRequired( michael@0: PKIX_ProcessingParams *params, michael@0: PKIX_Boolean required, michael@0: void *plContext) michael@0: { michael@0: PKIX_ENTER(PROCESSINGPARAMS, michael@0: "PKIX_ProcessingParams_SetExplicitPolicyRequired"); michael@0: michael@0: PKIX_NULLCHECK_ONE(params); michael@0: michael@0: params->initialExplicitPolicy = required; michael@0: michael@0: PKIX_CHECK(PKIX_PL_Object_InvalidateCache michael@0: ((PKIX_PL_Object *)params, plContext), michael@0: PKIX_OBJECTINVALIDATECACHEFAILED); michael@0: michael@0: cleanup: michael@0: michael@0: PKIX_RETURN(PROCESSINGPARAMS); michael@0: } michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_ProcessingParams_IsPolicyMappingInhibited michael@0: * (see comments in pkix_params.h) michael@0: */ michael@0: PKIX_Error * michael@0: PKIX_ProcessingParams_IsPolicyMappingInhibited( michael@0: PKIX_ProcessingParams *params, michael@0: PKIX_Boolean *pInhibited, michael@0: void *plContext) michael@0: { michael@0: PKIX_ENTER(PROCESSINGPARAMS, michael@0: "PKIX_ProcessingParams_IsPolicyMappingInhibited"); michael@0: michael@0: PKIX_NULLCHECK_TWO(params, pInhibited); michael@0: michael@0: *pInhibited = params->initialPolicyMappingInhibit; michael@0: michael@0: PKIX_RETURN(PROCESSINGPARAMS); michael@0: } michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_ProcessingParams_SetPolicyMappingInhibited michael@0: * (see comments in pkix_params.h) michael@0: */ michael@0: PKIX_Error * michael@0: PKIX_ProcessingParams_SetPolicyMappingInhibited( michael@0: PKIX_ProcessingParams *params, michael@0: PKIX_Boolean inhibited, michael@0: void *plContext) michael@0: { michael@0: PKIX_ENTER(PROCESSINGPARAMS, michael@0: "PKIX_ProcessingParams_SetPolicyMappingInhibited"); michael@0: michael@0: PKIX_NULLCHECK_ONE(params); michael@0: michael@0: params->initialPolicyMappingInhibit = inhibited; michael@0: michael@0: PKIX_CHECK(PKIX_PL_Object_InvalidateCache michael@0: ((PKIX_PL_Object *)params, plContext), michael@0: PKIX_OBJECTINVALIDATECACHEFAILED); michael@0: michael@0: cleanup: michael@0: michael@0: PKIX_RETURN(PROCESSINGPARAMS); michael@0: } michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_ProcessingParams_SetHintCerts michael@0: * (see comments in pkix_params.h) michael@0: */ michael@0: PKIX_Error * michael@0: PKIX_ProcessingParams_SetHintCerts( michael@0: PKIX_ProcessingParams *params, michael@0: PKIX_List *hintCerts, michael@0: void *plContext) michael@0: { michael@0: PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_SetHintCerts"); michael@0: michael@0: PKIX_NULLCHECK_ONE(params); michael@0: michael@0: PKIX_DECREF(params->hintCerts); michael@0: PKIX_INCREF(hintCerts); michael@0: params->hintCerts = hintCerts; michael@0: michael@0: cleanup: michael@0: if (PKIX_ERROR_RECEIVED && params) { michael@0: PKIX_DECREF(params->hintCerts); michael@0: } michael@0: michael@0: PKIX_RETURN(PROCESSINGPARAMS); michael@0: } michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_ProcessingParams_GetHintCerts michael@0: * (see comments in pkix_params.h) michael@0: */ michael@0: PKIX_Error * michael@0: PKIX_ProcessingParams_GetHintCerts( michael@0: PKIX_ProcessingParams *params, michael@0: PKIX_List **pHintCerts, michael@0: void *plContext) michael@0: { michael@0: PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_GetHintCerts"); michael@0: michael@0: PKIX_NULLCHECK_TWO(params, pHintCerts); michael@0: michael@0: PKIX_INCREF(params->hintCerts); michael@0: *pHintCerts = params->hintCerts; michael@0: michael@0: cleanup: michael@0: PKIX_RETURN(PROCESSINGPARAMS); michael@0: }