andre@0: /* This Source Code Form is subject to the terms of the Mozilla Public andre@0: * License, v. 2.0. If a copy of the MPL was not distributed with this andre@0: * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ andre@0: /* andre@0: * pkix_certchainchecker.c andre@0: * andre@0: * CertChainChecker Object Functions andre@0: * andre@0: */ andre@0: andre@0: #include "pkix_certchainchecker.h" andre@0: andre@0: /* --Private-Functions-------------------------------------------- */ andre@0: andre@0: /* andre@0: * FUNCTION: pkix_CertChainChecker_Destroy andre@0: * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h) andre@0: */ andre@0: static PKIX_Error * andre@0: pkix_CertChainChecker_Destroy( andre@0: PKIX_PL_Object *object, andre@0: void *plContext) andre@0: { andre@0: PKIX_CertChainChecker *checker = NULL; andre@0: andre@0: PKIX_ENTER(CERTCHAINCHECKER, "pkix_CertChainChecker_Destroy"); andre@0: PKIX_NULLCHECK_ONE(object); andre@0: andre@0: /* Check that this object is a cert chain checker */ andre@0: PKIX_CHECK(pkix_CheckType andre@0: (object, PKIX_CERTCHAINCHECKER_TYPE, plContext), andre@0: PKIX_OBJECTNOTCERTCHAINCHECKER); andre@0: andre@0: checker = (PKIX_CertChainChecker *)object; andre@0: andre@0: PKIX_DECREF(checker->extensions); andre@0: PKIX_DECREF(checker->state); andre@0: andre@0: cleanup: andre@0: andre@0: PKIX_RETURN(CERTCHAINCHECKER); andre@0: } andre@0: andre@0: /* andre@0: * FUNCTION: pkix_CertChainChecker_Duplicate andre@0: * (see comments for PKIX_PL_DuplicateCallback in pkix_pl_system.h) andre@0: */ andre@0: static PKIX_Error * andre@0: pkix_CertChainChecker_Duplicate( andre@0: PKIX_PL_Object *object, andre@0: PKIX_PL_Object **pNewObject, andre@0: void *plContext) andre@0: { andre@0: PKIX_CertChainChecker *checker = NULL; andre@0: PKIX_CertChainChecker *checkerDuplicate = NULL; andre@0: PKIX_List *extensionsDuplicate = NULL; andre@0: PKIX_PL_Object *stateDuplicate = NULL; andre@0: andre@0: PKIX_ENTER(CERTCHAINCHECKER, "pkix_CertChainChecker_Duplicate"); andre@0: PKIX_NULLCHECK_TWO(object, pNewObject); andre@0: andre@0: PKIX_CHECK(pkix_CheckType andre@0: (object, PKIX_CERTCHAINCHECKER_TYPE, plContext), andre@0: PKIX_OBJECTNOTCERTCHAINCHECKER); andre@0: andre@0: checker = (PKIX_CertChainChecker *)object; andre@0: andre@0: if (checker->extensions){ andre@0: PKIX_CHECK(PKIX_PL_Object_Duplicate andre@0: ((PKIX_PL_Object *)checker->extensions, andre@0: (PKIX_PL_Object **)&extensionsDuplicate, andre@0: plContext), andre@0: PKIX_OBJECTDUPLICATEFAILED); andre@0: } andre@0: andre@0: if (checker->state){ andre@0: PKIX_CHECK(PKIX_PL_Object_Duplicate andre@0: ((PKIX_PL_Object *)checker->state, andre@0: (PKIX_PL_Object **)&stateDuplicate, andre@0: plContext), andre@0: PKIX_OBJECTDUPLICATEFAILED); andre@0: } andre@0: andre@0: PKIX_CHECK(PKIX_CertChainChecker_Create andre@0: (checker->checkCallback, andre@0: checker->forwardChecking, andre@0: checker->isForwardDirectionExpected, andre@0: extensionsDuplicate, andre@0: stateDuplicate, andre@0: &checkerDuplicate, andre@0: plContext), andre@0: PKIX_CERTCHAINCHECKERCREATEFAILED); andre@0: andre@0: *pNewObject = (PKIX_PL_Object *)checkerDuplicate; andre@0: andre@0: cleanup: andre@0: andre@0: PKIX_DECREF(extensionsDuplicate); andre@0: PKIX_DECREF(stateDuplicate); andre@0: andre@0: PKIX_RETURN(CERTCHAINCHECKER); andre@0: } andre@0: andre@0: /* andre@0: * FUNCTION: pkix_CertChainChecker_RegisterSelf andre@0: * DESCRIPTION: andre@0: * Registers PKIX_CERTCHAINCHECKER_TYPE and its related functions with andre@0: * systemClasses[] andre@0: * THREAD SAFETY: andre@0: * Not Thread Safe - for performance and complexity reasons andre@0: * andre@0: * Since this function is only called by PKIX_PL_Initialize, which should andre@0: * only be called once, it is acceptable that this function is not andre@0: * thread-safe. andre@0: */ andre@0: PKIX_Error * andre@0: pkix_CertChainChecker_RegisterSelf(void *plContext) andre@0: { andre@0: extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES]; andre@0: pkix_ClassTable_Entry entry; andre@0: andre@0: PKIX_ENTER(CERTCHAINCHECKER, "pkix_CertChainChecker_RegisterSelf"); andre@0: andre@0: entry.description = "CertChainChecker"; andre@0: entry.objCounter = 0; andre@0: entry.typeObjectSize = sizeof(PKIX_CertChainChecker); andre@0: entry.destructor = pkix_CertChainChecker_Destroy; andre@0: entry.equalsFunction = NULL; andre@0: entry.hashcodeFunction = NULL; andre@0: entry.toStringFunction = NULL; andre@0: entry.comparator = NULL; andre@0: entry.duplicateFunction = pkix_CertChainChecker_Duplicate; andre@0: andre@0: systemClasses[PKIX_CERTCHAINCHECKER_TYPE] = entry; andre@0: andre@0: PKIX_RETURN(CERTCHAINCHECKER); andre@0: } andre@0: andre@0: /* --Public-Functions--------------------------------------------- */ andre@0: andre@0: andre@0: /* andre@0: * FUNCTION: PKIX_CertChainChecker_Create (see comments in pkix_checker.h) andre@0: */ andre@0: PKIX_Error * andre@0: PKIX_CertChainChecker_Create( andre@0: PKIX_CertChainChecker_CheckCallback callback, andre@0: PKIX_Boolean forwardCheckingSupported, andre@0: PKIX_Boolean isForwardDirectionExpected, andre@0: PKIX_List *list, /* list of PKIX_PL_OID */ andre@0: PKIX_PL_Object *initialState, andre@0: PKIX_CertChainChecker **pChecker, andre@0: void *plContext) andre@0: { andre@0: PKIX_CertChainChecker *checker = NULL; andre@0: andre@0: PKIX_ENTER(CERTCHAINCHECKER, "PKIX_CertChainChecker_Create"); andre@0: PKIX_NULLCHECK_ONE(pChecker); andre@0: andre@0: PKIX_CHECK(PKIX_PL_Object_Alloc andre@0: (PKIX_CERTCHAINCHECKER_TYPE, andre@0: sizeof (PKIX_CertChainChecker), andre@0: (PKIX_PL_Object **)&checker, andre@0: plContext), andre@0: PKIX_COULDNOTCREATECERTCHAINCHECKEROBJECT); andre@0: andre@0: /* initialize fields */ andre@0: checker->checkCallback = callback; andre@0: checker->forwardChecking = forwardCheckingSupported; andre@0: checker->isForwardDirectionExpected = isForwardDirectionExpected; andre@0: andre@0: PKIX_INCREF(list); andre@0: checker->extensions = list; andre@0: andre@0: PKIX_INCREF(initialState); andre@0: checker->state = initialState; andre@0: andre@0: *pChecker = checker; andre@0: checker = NULL; andre@0: cleanup: andre@0: andre@0: PKIX_DECREF(checker); andre@0: andre@0: PKIX_RETURN(CERTCHAINCHECKER); andre@0: andre@0: } andre@0: andre@0: /* andre@0: * FUNCTION: PKIX_CertChainChecker_GetCheckCallback andre@0: * (see comments in pkix_checker.h) andre@0: */ andre@0: PKIX_Error * andre@0: PKIX_CertChainChecker_GetCheckCallback( andre@0: PKIX_CertChainChecker *checker, andre@0: PKIX_CertChainChecker_CheckCallback *pCallback, andre@0: void *plContext) andre@0: { andre@0: PKIX_ENTER(CERTCHAINCHECKER, "PKIX_CertChainChecker_GetCheckCallback"); andre@0: PKIX_NULLCHECK_TWO(checker, pCallback); andre@0: andre@0: *pCallback = checker->checkCallback; andre@0: andre@0: PKIX_RETURN(CERTCHAINCHECKER); andre@0: } andre@0: andre@0: /* andre@0: * FUNCTION: PKIX_CertChainChecker_IsForwardCheckingSupported andre@0: * (see comments in pkix_checker.h) andre@0: */ andre@0: PKIX_Error * andre@0: PKIX_CertChainChecker_IsForwardCheckingSupported( andre@0: PKIX_CertChainChecker *checker, andre@0: PKIX_Boolean *pForwardCheckingSupported, andre@0: void *plContext) andre@0: { andre@0: PKIX_ENTER andre@0: (CERTCHAINCHECKER, andre@0: "PKIX_CertChainChecker_IsForwardCheckingSupported"); andre@0: PKIX_NULLCHECK_TWO(checker, pForwardCheckingSupported); andre@0: andre@0: *pForwardCheckingSupported = checker->forwardChecking; andre@0: andre@0: PKIX_RETURN(CERTCHAINCHECKER); andre@0: } andre@0: andre@0: /* andre@0: * FUNCTION: PKIX_CertChainChecker_IsForwardDirectionExpected andre@0: * (see comments in pkix_checker.h) andre@0: */ andre@0: PKIX_Error * andre@0: PKIX_CertChainChecker_IsForwardDirectionExpected( andre@0: PKIX_CertChainChecker *checker, andre@0: PKIX_Boolean *pForwardDirectionExpected, andre@0: void *plContext) andre@0: { andre@0: PKIX_ENTER andre@0: (CERTCHAINCHECKER, andre@0: "PKIX_CertChainChecker_IsForwardDirectionExpected"); andre@0: PKIX_NULLCHECK_TWO(checker, pForwardDirectionExpected); andre@0: andre@0: *pForwardDirectionExpected = checker->isForwardDirectionExpected; andre@0: andre@0: PKIX_RETURN(CERTCHAINCHECKER); andre@0: } andre@0: andre@0: /* andre@0: * FUNCTION: PKIX_CertChainChecker_GetCertChainCheckerState andre@0: * (see comments in pkix_checker.h) andre@0: */ andre@0: PKIX_Error * andre@0: PKIX_CertChainChecker_GetCertChainCheckerState( andre@0: PKIX_CertChainChecker *checker, andre@0: PKIX_PL_Object **pCertChainCheckerState, andre@0: void *plContext) andre@0: { andre@0: PKIX_ENTER(CERTCHAINCHECKER, andre@0: "PKIX_CertChainChecker_GetCertChainCheckerState"); andre@0: andre@0: PKIX_NULLCHECK_TWO(checker, pCertChainCheckerState); andre@0: andre@0: PKIX_INCREF(checker->state); andre@0: andre@0: *pCertChainCheckerState = checker->state; andre@0: andre@0: cleanup: andre@0: PKIX_RETURN(CERTCHAINCHECKER); andre@0: andre@0: } andre@0: andre@0: /* andre@0: * FUNCTION: PKIX_CertChainChecker_SetCertChainCheckerState andre@0: * (see comments in pkix_checker.h) andre@0: */ andre@0: PKIX_Error * andre@0: PKIX_CertChainChecker_SetCertChainCheckerState( andre@0: PKIX_CertChainChecker *checker, andre@0: PKIX_PL_Object *certChainCheckerState, andre@0: void *plContext) andre@0: { andre@0: PKIX_ENTER(CERTCHAINCHECKER, andre@0: "PKIX_CertChainChecker_SetCertChainCheckerState"); andre@0: andre@0: PKIX_NULLCHECK_ONE(checker); andre@0: andre@0: /* DecRef old contents */ andre@0: PKIX_DECREF(checker->state); andre@0: andre@0: PKIX_INCREF(certChainCheckerState); andre@0: checker->state = certChainCheckerState; andre@0: andre@0: PKIX_CHECK(PKIX_PL_Object_InvalidateCache andre@0: ((PKIX_PL_Object *)checker, plContext), andre@0: PKIX_OBJECTINVALIDATECACHEFAILED); andre@0: andre@0: cleanup: andre@0: andre@0: PKIX_RETURN(CERTCHAINCHECKER); andre@0: } andre@0: andre@0: /* andre@0: * FUNCTION: PKIX_CertChainChecker_GetSupportedExtensions andre@0: * (see comments in pkix_checker.h) andre@0: */ andre@0: PKIX_Error * andre@0: PKIX_CertChainChecker_GetSupportedExtensions( andre@0: PKIX_CertChainChecker *checker, andre@0: PKIX_List **pExtensions, /* list of PKIX_PL_OID */ andre@0: void *plContext) andre@0: { andre@0: PKIX_ENTER(CERTCHAINCHECKER, andre@0: "PKIX_CertChainChecker_GetSupportedExtensions"); andre@0: andre@0: PKIX_NULLCHECK_TWO(checker, pExtensions); andre@0: andre@0: PKIX_INCREF(checker->extensions); andre@0: andre@0: *pExtensions = checker->extensions; andre@0: andre@0: cleanup: andre@0: PKIX_RETURN(CERTCHAINCHECKER); andre@0: andre@0: }