andre@0: /* This Source Code Form is subject to the terms of the Mozilla Public andre@0: * License, v. 2.0. If a copy of the MPL was not distributed with this andre@0: * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ andre@0: /* andre@0: * pkix_procparams.c andre@0: * andre@0: * ProcessingParams Object Functions andre@0: * andre@0: */ andre@0: andre@0: #include "pkix_procparams.h" andre@0: andre@0: /* --Private-Functions-------------------------------------------- */ andre@0: andre@0: /* andre@0: * FUNCTION: pkix_ProcessingParams_Destroy andre@0: * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h) andre@0: */ andre@0: static PKIX_Error * andre@0: pkix_ProcessingParams_Destroy( andre@0: PKIX_PL_Object *object, andre@0: void *plContext) andre@0: { andre@0: PKIX_ProcessingParams *params = NULL; andre@0: andre@0: PKIX_ENTER(PROCESSINGPARAMS, "pkix_ProcessingParams_Destroy"); andre@0: PKIX_NULLCHECK_ONE(object); andre@0: andre@0: /* Check that this object is a processing params object */ andre@0: PKIX_CHECK(pkix_CheckType andre@0: (object, PKIX_PROCESSINGPARAMS_TYPE, plContext), andre@0: PKIX_OBJECTNOTPROCESSINGPARAMS); andre@0: andre@0: params = (PKIX_ProcessingParams *)object; andre@0: andre@0: PKIX_DECREF(params->trustAnchors); andre@0: PKIX_DECREF(params->hintCerts); andre@0: PKIX_DECREF(params->constraints); andre@0: PKIX_DECREF(params->date); andre@0: PKIX_DECREF(params->initialPolicies); andre@0: PKIX_DECREF(params->certChainCheckers); andre@0: PKIX_DECREF(params->revChecker); andre@0: PKIX_DECREF(params->certStores); andre@0: PKIX_DECREF(params->resourceLimits); andre@0: andre@0: cleanup: andre@0: andre@0: PKIX_RETURN(PROCESSINGPARAMS); andre@0: } andre@0: andre@0: /* andre@0: * FUNCTION: pkix_ProcessingParams_Equals andre@0: * (see comments for PKIX_PL_EqualsCallback in pkix_pl_system.h) andre@0: */ andre@0: static PKIX_Error * andre@0: pkix_ProcessingParams_Equals( andre@0: PKIX_PL_Object *first, andre@0: PKIX_PL_Object *second, andre@0: PKIX_Boolean *pResult, andre@0: void *plContext) andre@0: { andre@0: PKIX_UInt32 secondType; andre@0: PKIX_Boolean cmpResult; andre@0: PKIX_ProcessingParams *firstProcParams = NULL; andre@0: PKIX_ProcessingParams *secondProcParams = NULL; andre@0: andre@0: PKIX_ENTER(PROCESSINGPARAMS, "pkix_ProcessingParams_Equals"); andre@0: PKIX_NULLCHECK_THREE(first, second, pResult); andre@0: andre@0: PKIX_CHECK(pkix_CheckType(first, PKIX_PROCESSINGPARAMS_TYPE, plContext), andre@0: PKIX_FIRSTOBJECTNOTPROCESSINGPARAMS); andre@0: andre@0: PKIX_CHECK(PKIX_PL_Object_GetType(second, &secondType, plContext), andre@0: PKIX_COULDNOTGETTYPEOFSECONDARGUMENT); andre@0: andre@0: *pResult = PKIX_FALSE; andre@0: andre@0: if (secondType != PKIX_PROCESSINGPARAMS_TYPE) goto cleanup; andre@0: andre@0: firstProcParams = (PKIX_ProcessingParams *)first; andre@0: secondProcParams = (PKIX_ProcessingParams *)second; andre@0: andre@0: /* Do the simplest tests first */ andre@0: if ((firstProcParams->qualifiersRejected) != andre@0: (secondProcParams->qualifiersRejected)) { andre@0: goto cleanup; andre@0: } andre@0: andre@0: if (firstProcParams->isCrlRevocationCheckingEnabled != andre@0: secondProcParams->isCrlRevocationCheckingEnabled) { andre@0: goto cleanup; andre@0: } andre@0: if (firstProcParams->isCrlRevocationCheckingEnabledWithNISTPolicy != andre@0: secondProcParams->isCrlRevocationCheckingEnabledWithNISTPolicy) { andre@0: goto cleanup; andre@0: } andre@0: andre@0: /* trustAnchors can never be NULL */ andre@0: andre@0: PKIX_EQUALS andre@0: (firstProcParams->trustAnchors, andre@0: secondProcParams->trustAnchors, andre@0: &cmpResult, andre@0: plContext, andre@0: PKIX_OBJECTEQUALSFAILED); andre@0: andre@0: if (!cmpResult) goto cleanup; andre@0: andre@0: PKIX_EQUALS andre@0: (firstProcParams->hintCerts, andre@0: secondProcParams->hintCerts, andre@0: &cmpResult, andre@0: plContext, andre@0: PKIX_OBJECTEQUALSFAILED); andre@0: andre@0: if (!cmpResult) goto cleanup; andre@0: andre@0: PKIX_EQUALS andre@0: (firstProcParams->date, andre@0: secondProcParams->date, andre@0: &cmpResult, andre@0: plContext, andre@0: PKIX_OBJECTEQUALSFAILED); andre@0: andre@0: if (!cmpResult) goto cleanup; andre@0: andre@0: PKIX_EQUALS andre@0: (firstProcParams->constraints, andre@0: secondProcParams->constraints, andre@0: &cmpResult, andre@0: plContext, andre@0: PKIX_OBJECTEQUALSFAILED); andre@0: andre@0: if (!cmpResult) goto cleanup; andre@0: andre@0: PKIX_EQUALS andre@0: (firstProcParams->initialPolicies, andre@0: secondProcParams->initialPolicies, andre@0: &cmpResult, andre@0: plContext, andre@0: PKIX_OBJECTEQUALSFAILED); andre@0: andre@0: if (!cmpResult) goto cleanup; andre@0: andre@0: /* There is no Equals function for CertChainCheckers */ andre@0: andre@0: PKIX_EQUALS andre@0: ((PKIX_PL_Object *)firstProcParams->certStores, andre@0: (PKIX_PL_Object *)secondProcParams->certStores, andre@0: &cmpResult, andre@0: plContext, andre@0: PKIX_OBJECTEQUALSFAILED); andre@0: andre@0: if (!cmpResult) goto cleanup; andre@0: andre@0: PKIX_EQUALS andre@0: (firstProcParams->resourceLimits, andre@0: secondProcParams->resourceLimits, andre@0: &cmpResult, andre@0: plContext, andre@0: PKIX_OBJECTEQUALSFAILED); andre@0: andre@0: if (cmpResult == PKIX_FALSE) { andre@0: *pResult = PKIX_FALSE; andre@0: goto cleanup; andre@0: } andre@0: andre@0: *pResult = cmpResult; andre@0: andre@0: cleanup: andre@0: andre@0: PKIX_RETURN(PROCESSINGPARAMS); andre@0: } andre@0: andre@0: /* andre@0: * FUNCTION: pkix_ProcessingParams_Hashcode andre@0: * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h) andre@0: */ andre@0: static PKIX_Error * andre@0: pkix_ProcessingParams_Hashcode( andre@0: PKIX_PL_Object *object, andre@0: PKIX_UInt32 *pHashcode, andre@0: void *plContext) andre@0: { andre@0: PKIX_ProcessingParams *procParams = NULL; andre@0: PKIX_UInt32 hash = 0; andre@0: PKIX_UInt32 anchorsHash = 0; andre@0: PKIX_UInt32 hintCertsHash = 0; andre@0: PKIX_UInt32 dateHash = 0; andre@0: PKIX_UInt32 constraintsHash = 0; andre@0: PKIX_UInt32 initialHash = 0; andre@0: PKIX_UInt32 rejectedHash = 0; andre@0: PKIX_UInt32 certChainCheckersHash = 0; andre@0: PKIX_UInt32 revCheckerHash = 0; andre@0: PKIX_UInt32 certStoresHash = 0; andre@0: PKIX_UInt32 resourceLimitsHash = 0; andre@0: andre@0: PKIX_ENTER(PROCESSINGPARAMS, "pkix_ProcessingParams_Hashcode"); andre@0: PKIX_NULLCHECK_TWO(object, pHashcode); andre@0: andre@0: PKIX_CHECK(pkix_CheckType andre@0: (object, PKIX_PROCESSINGPARAMS_TYPE, plContext), andre@0: PKIX_OBJECTNOTPROCESSINGPARAMS); andre@0: andre@0: procParams = (PKIX_ProcessingParams*)object; andre@0: andre@0: PKIX_HASHCODE(procParams->trustAnchors, &anchorsHash, plContext, andre@0: PKIX_OBJECTHASHCODEFAILED); andre@0: andre@0: PKIX_HASHCODE(procParams->hintCerts, &hintCertsHash, plContext, andre@0: PKIX_OBJECTHASHCODEFAILED); andre@0: andre@0: PKIX_HASHCODE(procParams->date, &dateHash, plContext, andre@0: PKIX_OBJECTHASHCODEFAILED); andre@0: andre@0: PKIX_HASHCODE(procParams->constraints, &constraintsHash, plContext, andre@0: PKIX_OBJECTHASHCODEFAILED); andre@0: andre@0: PKIX_HASHCODE(procParams->initialPolicies, &initialHash, plContext, andre@0: PKIX_OBJECTHASHCODEFAILED); andre@0: andre@0: rejectedHash = procParams->qualifiersRejected; andre@0: andre@0: /* There is no Hash function for CertChainCheckers */ andre@0: andre@0: PKIX_HASHCODE(procParams->certStores, &certStoresHash, plContext, andre@0: PKIX_OBJECTHASHCODEFAILED); andre@0: andre@0: PKIX_HASHCODE(procParams->resourceLimits, andre@0: &resourceLimitsHash, andre@0: plContext, andre@0: PKIX_OBJECTHASHCODEFAILED); andre@0: andre@0: hash = (31 * ((31 * anchorsHash) + hintCertsHash + dateHash)) + andre@0: constraintsHash + initialHash + rejectedHash; andre@0: andre@0: hash += ((((certStoresHash + resourceLimitsHash) << 7) + andre@0: certChainCheckersHash + revCheckerHash + andre@0: procParams->isCrlRevocationCheckingEnabled + andre@0: procParams->isCrlRevocationCheckingEnabledWithNISTPolicy) << 7); andre@0: andre@0: *pHashcode = hash; andre@0: andre@0: cleanup: andre@0: andre@0: PKIX_RETURN(PROCESSINGPARAMS); andre@0: } andre@0: andre@0: /* andre@0: * FUNCTION: pkix_ProcessingParams_ToString andre@0: * (see comments for PKIX_PL_ToStringCallback in pkix_pl_system.h) andre@0: */ andre@0: static PKIX_Error * andre@0: pkix_ProcessingParams_ToString( andre@0: PKIX_PL_Object *object, andre@0: PKIX_PL_String **pString, andre@0: void *plContext) andre@0: { andre@0: PKIX_ProcessingParams *procParams = NULL; andre@0: char *asciiFormat = NULL; andre@0: PKIX_PL_String *formatString = NULL; andre@0: PKIX_PL_String *procParamsString = NULL; andre@0: PKIX_PL_String *anchorsString = NULL; andre@0: PKIX_PL_String *dateString = NULL; andre@0: PKIX_PL_String *constraintsString = NULL; andre@0: PKIX_PL_String *InitialPoliciesString = NULL; andre@0: PKIX_PL_String *qualsRejectedString = NULL; andre@0: PKIX_List *certStores = NULL; andre@0: PKIX_PL_String *certStoresString = NULL; andre@0: PKIX_PL_String *resourceLimitsString = NULL; andre@0: andre@0: PKIX_ENTER(PROCESSINGPARAMS, "pkix_ProcessingParams_ToString"); andre@0: PKIX_NULLCHECK_TWO(object, pString); andre@0: andre@0: PKIX_CHECK(pkix_CheckType andre@0: (object, PKIX_PROCESSINGPARAMS_TYPE, plContext), andre@0: PKIX_OBJECTNOTPROCESSINGPARAMS); andre@0: andre@0: asciiFormat = andre@0: "[\n" andre@0: "\tTrust Anchors: \n" andre@0: "\t********BEGIN LIST OF TRUST ANCHORS********\n" andre@0: "\t\t%s\n" andre@0: "\t********END LIST OF TRUST ANCHORS********\n" andre@0: "\tDate: \t\t%s\n" andre@0: "\tTarget Constraints: %s\n" andre@0: "\tInitial Policies: %s\n" andre@0: "\tQualifiers Rejected: %s\n" andre@0: "\tCert Stores: %s\n" andre@0: "\tResource Limits: %s\n" andre@0: "\tCRL Checking Enabled: %d\n" andre@0: "]\n"; andre@0: andre@0: PKIX_CHECK(PKIX_PL_String_Create andre@0: (PKIX_ESCASCII, andre@0: asciiFormat, andre@0: 0, andre@0: &formatString, andre@0: plContext), andre@0: PKIX_STRINGCREATEFAILED); andre@0: andre@0: procParams = (PKIX_ProcessingParams*)object; andre@0: andre@0: PKIX_TOSTRING(procParams->trustAnchors, &anchorsString, plContext, andre@0: PKIX_OBJECTTOSTRINGFAILED); andre@0: andre@0: PKIX_TOSTRING(procParams->date, &dateString, plContext, andre@0: PKIX_OBJECTTOSTRINGFAILED); andre@0: andre@0: PKIX_TOSTRING(procParams->constraints, &constraintsString, plContext, andre@0: PKIX_OBJECTTOSTRINGFAILED); andre@0: andre@0: PKIX_TOSTRING andre@0: (procParams->initialPolicies, &InitialPoliciesString, plContext, andre@0: PKIX_OBJECTTOSTRINGFAILED); andre@0: andre@0: PKIX_CHECK(PKIX_PL_String_Create andre@0: (PKIX_ESCASCII, andre@0: (procParams->qualifiersRejected)?"TRUE":"FALSE", andre@0: 0, andre@0: &qualsRejectedString, andre@0: plContext), andre@0: PKIX_STRINGCREATEFAILED); andre@0: andre@0: /* There is no ToString function for CertChainCheckers */ andre@0: andre@0: PKIX_CHECK(PKIX_ProcessingParams_GetCertStores andre@0: (procParams, &certStores, plContext), andre@0: PKIX_PROCESSINGPARAMSGETCERTSTORESFAILED); andre@0: andre@0: PKIX_TOSTRING(certStores, &certStoresString, plContext, andre@0: PKIX_LISTTOSTRINGFAILED); andre@0: andre@0: PKIX_TOSTRING(procParams->resourceLimits, andre@0: &resourceLimitsString, andre@0: plContext, andre@0: PKIX_OBJECTTOSTRINGFAILED); andre@0: andre@0: PKIX_CHECK(PKIX_PL_Sprintf andre@0: (&procParamsString, andre@0: plContext, andre@0: formatString, andre@0: anchorsString, andre@0: dateString, andre@0: constraintsString, andre@0: InitialPoliciesString, andre@0: qualsRejectedString, andre@0: certStoresString, andre@0: resourceLimitsString, andre@0: procParams->isCrlRevocationCheckingEnabled, andre@0: procParams->isCrlRevocationCheckingEnabledWithNISTPolicy), andre@0: PKIX_SPRINTFFAILED); andre@0: andre@0: *pString = procParamsString; andre@0: andre@0: cleanup: andre@0: andre@0: PKIX_DECREF(formatString); andre@0: PKIX_DECREF(anchorsString); andre@0: PKIX_DECREF(dateString); andre@0: PKIX_DECREF(constraintsString); andre@0: PKIX_DECREF(InitialPoliciesString); andre@0: PKIX_DECREF(qualsRejectedString); andre@0: PKIX_DECREF(certStores); andre@0: PKIX_DECREF(certStoresString); andre@0: PKIX_DECREF(resourceLimitsString); andre@0: andre@0: PKIX_RETURN(PROCESSINGPARAMS); andre@0: } andre@0: andre@0: /* andre@0: * FUNCTION: pkix_ProcessingParams_Duplicate andre@0: * (see comments for PKIX_PL_DuplicateCallback in pkix_pl_system.h) andre@0: */ andre@0: static PKIX_Error * andre@0: pkix_ProcessingParams_Duplicate( andre@0: PKIX_PL_Object *object, andre@0: PKIX_PL_Object **pNewObject, andre@0: void *plContext) andre@0: { andre@0: PKIX_ProcessingParams *params = NULL; andre@0: PKIX_ProcessingParams *paramsDuplicate = NULL; andre@0: andre@0: PKIX_ENTER(PROCESSINGPARAMS, "pkix_ProcessingParams_Duplicate"); andre@0: PKIX_NULLCHECK_TWO(object, pNewObject); andre@0: andre@0: PKIX_CHECK(pkix_CheckType andre@0: (object, PKIX_PROCESSINGPARAMS_TYPE, plContext), andre@0: PKIX_OBJECTNOTPROCESSINGPARAMS); andre@0: andre@0: params = (PKIX_ProcessingParams *)object; andre@0: andre@0: PKIX_CHECK(PKIX_PL_Object_Alloc andre@0: (PKIX_PROCESSINGPARAMS_TYPE, andre@0: sizeof (PKIX_ProcessingParams), andre@0: (PKIX_PL_Object **)¶msDuplicate, andre@0: plContext), andre@0: PKIX_PROCESSINGPARAMSCREATEFAILED); andre@0: andre@0: /* initialize fields */ andre@0: PKIX_DUPLICATE andre@0: (params->trustAnchors, andre@0: &(paramsDuplicate->trustAnchors), andre@0: plContext, andre@0: PKIX_OBJECTDUPLICATEFAILED); andre@0: andre@0: PKIX_DUPLICATE andre@0: (params->hintCerts, &(paramsDuplicate->hintCerts), plContext, andre@0: PKIX_OBJECTDUPLICATEFAILED); andre@0: andre@0: PKIX_DUPLICATE andre@0: (params->constraints, andre@0: &(paramsDuplicate->constraints), andre@0: plContext, andre@0: PKIX_OBJECTDUPLICATEFAILED); andre@0: andre@0: PKIX_DUPLICATE andre@0: (params->date, &(paramsDuplicate->date), plContext, andre@0: PKIX_OBJECTDUPLICATEFAILED); andre@0: andre@0: PKIX_DUPLICATE andre@0: (params->initialPolicies, andre@0: &(paramsDuplicate->initialPolicies), andre@0: plContext, andre@0: PKIX_OBJECTDUPLICATEFAILED); andre@0: andre@0: paramsDuplicate->initialPolicyMappingInhibit = andre@0: params->initialPolicyMappingInhibit; andre@0: paramsDuplicate->initialAnyPolicyInhibit = andre@0: params->initialAnyPolicyInhibit; andre@0: paramsDuplicate->initialExplicitPolicy = params->initialExplicitPolicy; andre@0: paramsDuplicate->qualifiersRejected = params->qualifiersRejected; andre@0: andre@0: PKIX_DUPLICATE andre@0: (params->certChainCheckers, andre@0: &(paramsDuplicate->certChainCheckers), andre@0: plContext, andre@0: PKIX_OBJECTDUPLICATEFAILED); andre@0: andre@0: PKIX_DUPLICATE andre@0: (params->revChecker, andre@0: &(paramsDuplicate->revChecker), andre@0: plContext, andre@0: PKIX_OBJECTDUPLICATEFAILED); andre@0: andre@0: PKIX_DUPLICATE andre@0: (params->certStores, &(paramsDuplicate->certStores), plContext, andre@0: PKIX_OBJECTDUPLICATEFAILED); andre@0: andre@0: PKIX_DUPLICATE andre@0: (params->resourceLimits, andre@0: &(paramsDuplicate->resourceLimits), andre@0: plContext, andre@0: PKIX_OBJECTDUPLICATEFAILED); andre@0: andre@0: paramsDuplicate->isCrlRevocationCheckingEnabled = andre@0: params->isCrlRevocationCheckingEnabled; andre@0: andre@0: paramsDuplicate->isCrlRevocationCheckingEnabledWithNISTPolicy = andre@0: params->isCrlRevocationCheckingEnabledWithNISTPolicy; andre@0: andre@0: *pNewObject = (PKIX_PL_Object *)paramsDuplicate; andre@0: andre@0: cleanup: andre@0: andre@0: if (PKIX_ERROR_RECEIVED){ andre@0: PKIX_DECREF(paramsDuplicate); andre@0: } andre@0: andre@0: PKIX_RETURN(PROCESSINGPARAMS); andre@0: andre@0: } andre@0: andre@0: /* andre@0: * FUNCTION: pkix_ProcessingParams_RegisterSelf andre@0: * DESCRIPTION: andre@0: * Registers PKIX_PROCESSINGPARAMS_TYPE and its related functions with andre@0: * systemClasses[] andre@0: * THREAD SAFETY: andre@0: * Not Thread Safe - for performance and complexity reasons andre@0: * andre@0: * Since this function is only called by PKIX_PL_Initialize, which should andre@0: * only be called once, it is acceptable that this function is not andre@0: * thread-safe. andre@0: */ andre@0: PKIX_Error * andre@0: pkix_ProcessingParams_RegisterSelf(void *plContext) andre@0: { andre@0: extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES]; andre@0: pkix_ClassTable_Entry entry; andre@0: andre@0: PKIX_ENTER(PROCESSINGPARAMS, "pkix_ProcessingParams_RegisterSelf"); andre@0: andre@0: entry.description = "ProcessingParams"; andre@0: entry.objCounter = 0; andre@0: entry.typeObjectSize = sizeof(PKIX_ProcessingParams); andre@0: entry.destructor = pkix_ProcessingParams_Destroy; andre@0: entry.equalsFunction = pkix_ProcessingParams_Equals; andre@0: entry.hashcodeFunction = pkix_ProcessingParams_Hashcode; andre@0: entry.toStringFunction = pkix_ProcessingParams_ToString; andre@0: entry.comparator = NULL; andre@0: entry.duplicateFunction = pkix_ProcessingParams_Duplicate; andre@0: andre@0: systemClasses[PKIX_PROCESSINGPARAMS_TYPE] = entry; andre@0: andre@0: PKIX_RETURN(PROCESSINGPARAMS); andre@0: } andre@0: andre@0: /* --Public-Functions--------------------------------------------- */ andre@0: andre@0: /* andre@0: * FUNCTION: PKIX_ProcessingParams_Create (see comments in pkix_params.h) andre@0: */ andre@0: PKIX_Error * andre@0: PKIX_ProcessingParams_Create( andre@0: PKIX_ProcessingParams **pParams, andre@0: void *plContext) andre@0: { andre@0: PKIX_ProcessingParams *params = NULL; andre@0: andre@0: PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_Create"); andre@0: PKIX_NULLCHECK_ONE(pParams); andre@0: andre@0: PKIX_CHECK(PKIX_PL_Object_Alloc andre@0: (PKIX_PROCESSINGPARAMS_TYPE, andre@0: sizeof (PKIX_ProcessingParams), andre@0: (PKIX_PL_Object **)¶ms, andre@0: plContext), andre@0: PKIX_COULDNOTCREATEPROCESSINGPARAMSOBJECT); andre@0: andre@0: /* initialize fields */ andre@0: PKIX_CHECK(PKIX_List_Create(¶ms->trustAnchors, plContext), andre@0: PKIX_LISTCREATEFAILED); andre@0: PKIX_CHECK(PKIX_List_SetImmutable(params->trustAnchors, plContext), andre@0: PKIX_LISTSETIMMUTABLEFAILED); andre@0: andre@0: PKIX_CHECK(PKIX_PL_Date_Create_UTCTime andre@0: (NULL, ¶ms->date, plContext), andre@0: PKIX_DATECREATEUTCTIMEFAILED); andre@0: andre@0: params->hintCerts = NULL; andre@0: params->constraints = NULL; andre@0: params->initialPolicies = NULL; andre@0: params->initialPolicyMappingInhibit = PKIX_FALSE; andre@0: params->initialAnyPolicyInhibit = PKIX_FALSE; andre@0: params->initialExplicitPolicy = PKIX_FALSE; andre@0: params->qualifiersRejected = PKIX_FALSE; andre@0: params->certChainCheckers = NULL; andre@0: params->revChecker = NULL; andre@0: params->certStores = NULL; andre@0: params->resourceLimits = NULL; andre@0: andre@0: params->isCrlRevocationCheckingEnabled = PKIX_TRUE; andre@0: andre@0: params->isCrlRevocationCheckingEnabledWithNISTPolicy = PKIX_TRUE; andre@0: andre@0: params->useAIAForCertFetching = PKIX_FALSE; andre@0: params->qualifyTargetCert = PKIX_TRUE; andre@0: params->useOnlyTrustAnchors = PKIX_TRUE; andre@0: andre@0: *pParams = params; andre@0: params = NULL; andre@0: andre@0: cleanup: andre@0: andre@0: PKIX_DECREF(params); andre@0: andre@0: PKIX_RETURN(PROCESSINGPARAMS); andre@0: andre@0: } andre@0: andre@0: /* andre@0: * FUNCTION: PKIX_ProcessingParams_GetUseAIAForCertFetching andre@0: * (see comments in pkix_params.h) andre@0: */ andre@0: PKIX_Error * andre@0: PKIX_ProcessingParams_GetUseAIAForCertFetching( andre@0: PKIX_ProcessingParams *params, andre@0: PKIX_Boolean *pUseAIA, /* list of TrustAnchor */ andre@0: void *plContext) andre@0: { andre@0: PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_GetUseAIAForCertFetching"); andre@0: PKIX_NULLCHECK_TWO(params, pUseAIA); andre@0: andre@0: *pUseAIA = params->useAIAForCertFetching; andre@0: andre@0: PKIX_RETURN(PROCESSINGPARAMS); andre@0: } andre@0: andre@0: /* andre@0: * FUNCTION: PKIX_ProcessingParams_SetUseAIAForCertFetching andre@0: * (see comments in pkix_params.h) andre@0: */ andre@0: PKIX_Error * andre@0: PKIX_ProcessingParams_SetUseAIAForCertFetching( andre@0: PKIX_ProcessingParams *params, andre@0: PKIX_Boolean useAIA, andre@0: void *plContext) andre@0: { andre@0: PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_SetUseAIAForCertFetching"); andre@0: PKIX_NULLCHECK_ONE(params); andre@0: andre@0: params->useAIAForCertFetching = useAIA; andre@0: andre@0: PKIX_RETURN(PROCESSINGPARAMS); andre@0: } andre@0: andre@0: /* andre@0: * FUNCTION: PKIX_ProcessingParams_GetQualifyTargetCert andre@0: * (see comments in pkix_params.h) andre@0: */ andre@0: PKIX_Error * andre@0: PKIX_ProcessingParams_GetValidateTargetCert( andre@0: PKIX_ProcessingParams *params, andre@0: PKIX_Boolean *pQualifyTargetCert, andre@0: void *plContext) andre@0: { andre@0: PKIX_ENTER(PROCESSINGPARAMS, andre@0: "PKIX_ProcessingParams_GetValidateTargetCert"); andre@0: PKIX_NULLCHECK_TWO(params, pQualifyTargetCert); andre@0: andre@0: *pQualifyTargetCert = params->qualifyTargetCert; andre@0: andre@0: PKIX_RETURN(PROCESSINGPARAMS); andre@0: } andre@0: andre@0: /* andre@0: * FUNCTION: PKIX_ProcessingParams_SetQualifyTargetCert andre@0: * (see comments in pkix_params.h) andre@0: */ andre@0: PKIX_Error * andre@0: PKIX_ProcessingParams_SetQualifyTargetCert( andre@0: PKIX_ProcessingParams *params, andre@0: PKIX_Boolean qualifyTargetCert, andre@0: void *plContext) andre@0: { andre@0: PKIX_ENTER(PROCESSINGPARAMS, andre@0: "PKIX_ProcessingParams_SetQualifyTargetCert"); andre@0: PKIX_NULLCHECK_ONE(params); andre@0: andre@0: params->qualifyTargetCert = qualifyTargetCert; andre@0: andre@0: PKIX_RETURN(PROCESSINGPARAMS); andre@0: } andre@0: andre@0: /* andre@0: * FUNCTION: PKIX_ProcessingParams_SetTrustAnchors andre@0: * (see comments in pkix_params.h) andre@0: */ andre@0: PKIX_Error * andre@0: PKIX_ProcessingParams_SetTrustAnchors( andre@0: PKIX_ProcessingParams *params, andre@0: PKIX_List *anchors, /* list of TrustAnchor */ andre@0: void *plContext) andre@0: { andre@0: PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_SetTrustAnchors"); andre@0: PKIX_NULLCHECK_TWO(params, anchors); andre@0: andre@0: PKIX_DECREF(params->trustAnchors); andre@0: andre@0: PKIX_INCREF(anchors); andre@0: params->trustAnchors = anchors; andre@0: PKIX_CHECK(PKIX_List_SetImmutable(params->trustAnchors, plContext), andre@0: PKIX_LISTSETIMMUTABLEFAILED); andre@0: andre@0: cleanup: andre@0: PKIX_RETURN(PROCESSINGPARAMS); andre@0: } andre@0: andre@0: /* andre@0: * FUNCTION: PKIX_ProcessingParams_GetTrustAnchors andre@0: * (see comments in pkix_params.h) andre@0: */ andre@0: PKIX_Error * andre@0: PKIX_ProcessingParams_GetTrustAnchors( andre@0: PKIX_ProcessingParams *params, andre@0: PKIX_List **pAnchors, /* list of TrustAnchor */ andre@0: void *plContext) andre@0: { andre@0: PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_GetTrustAnchors"); andre@0: PKIX_NULLCHECK_TWO(params, pAnchors); andre@0: andre@0: PKIX_INCREF(params->trustAnchors); andre@0: andre@0: *pAnchors = params->trustAnchors; andre@0: andre@0: cleanup: andre@0: PKIX_RETURN(PROCESSINGPARAMS); andre@0: } andre@0: andre@0: /** andre@0: * FUNCTION: PKIX_ProcessingParams_SetUseOnlyTrustAnchors andre@0: * (see comments in pkix_params.h) andre@0: */ andre@0: PKIX_Error * andre@0: PKIX_ProcessingParams_GetUseOnlyTrustAnchors( andre@0: PKIX_ProcessingParams *params, andre@0: PKIX_Boolean *pUseOnlyTrustAnchors, andre@0: void *plContext) andre@0: { andre@0: PKIX_ENTER(PROCESSINGPARAMS, andre@0: "PKIX_ProcessingParams_SetUseTrustAnchorsOnly"); andre@0: PKIX_NULLCHECK_TWO(params, pUseOnlyTrustAnchors); andre@0: andre@0: *pUseOnlyTrustAnchors = params->useOnlyTrustAnchors; andre@0: andre@0: PKIX_RETURN(PROCESSINGPARAMS); andre@0: } andre@0: andre@0: /** andre@0: * FUNCTION: PKIX_ProcessingParams_SetUseOnlyTrustAnchors andre@0: * (see comments in pkix_params.h) andre@0: */ andre@0: PKIX_Error * andre@0: PKIX_ProcessingParams_SetUseOnlyTrustAnchors( andre@0: PKIX_ProcessingParams *params, andre@0: PKIX_Boolean useOnlyTrustAnchors, andre@0: void *plContext) andre@0: { andre@0: PKIX_ENTER(PROCESSINGPARAMS, andre@0: "PKIX_ProcessingParams_SetUseTrustAnchorsOnly"); andre@0: PKIX_NULLCHECK_ONE(params); andre@0: andre@0: params->useOnlyTrustAnchors = useOnlyTrustAnchors; andre@0: andre@0: PKIX_RETURN(PROCESSINGPARAMS); andre@0: } andre@0: andre@0: /* andre@0: * FUNCTION: PKIX_ProcessingParams_GetDate (see comments in pkix_params.h) andre@0: */ andre@0: PKIX_Error * andre@0: PKIX_ProcessingParams_GetDate( andre@0: PKIX_ProcessingParams *params, andre@0: PKIX_PL_Date **pDate, andre@0: void *plContext) andre@0: { andre@0: PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_GetDate"); andre@0: PKIX_NULLCHECK_TWO(params, pDate); andre@0: andre@0: PKIX_INCREF(params->date); andre@0: *pDate = params->date; andre@0: andre@0: cleanup: andre@0: PKIX_RETURN(PROCESSINGPARAMS); andre@0: } andre@0: andre@0: /* andre@0: * FUNCTION: PKIX_ProcessingParams_SetDate (see comments in pkix_params.h) andre@0: */ andre@0: PKIX_Error * andre@0: PKIX_ProcessingParams_SetDate( andre@0: PKIX_ProcessingParams *params, andre@0: PKIX_PL_Date *date, andre@0: void *plContext) andre@0: { andre@0: PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_SetDate"); andre@0: PKIX_NULLCHECK_ONE(params); andre@0: andre@0: PKIX_DECREF(params->date); andre@0: andre@0: PKIX_INCREF(date); andre@0: params->date = date; andre@0: andre@0: PKIX_CHECK(PKIX_PL_Object_InvalidateCache andre@0: ((PKIX_PL_Object *)params, plContext), andre@0: PKIX_OBJECTINVALIDATECACHEFAILED); andre@0: andre@0: cleanup: andre@0: andre@0: if (PKIX_ERROR_RECEIVED && params) { andre@0: PKIX_DECREF(params->date); andre@0: } andre@0: andre@0: PKIX_RETURN(PROCESSINGPARAMS); andre@0: } andre@0: andre@0: /* andre@0: * FUNCTION: PKIX_ProcessingParams_GetTargetCertConstraints andre@0: * (see comments in pkix_params.h) andre@0: */ andre@0: PKIX_Error * andre@0: PKIX_ProcessingParams_GetTargetCertConstraints( andre@0: PKIX_ProcessingParams *params, andre@0: PKIX_CertSelector **pConstraints, andre@0: void *plContext) andre@0: { andre@0: PKIX_ENTER(PROCESSINGPARAMS, andre@0: "PKIX_ProcessingParams_GetTargetCertConstraints"); andre@0: andre@0: PKIX_NULLCHECK_TWO(params, pConstraints); andre@0: andre@0: PKIX_INCREF(params->constraints); andre@0: *pConstraints = params->constraints; andre@0: andre@0: cleanup: andre@0: PKIX_RETURN(PROCESSINGPARAMS); andre@0: } andre@0: andre@0: /* andre@0: * FUNCTION: PKIX_ProcessingParams_SetTargetCertConstraints andre@0: * (see comments in pkix_params.h) andre@0: */ andre@0: PKIX_Error * andre@0: PKIX_ProcessingParams_SetTargetCertConstraints( andre@0: PKIX_ProcessingParams *params, andre@0: PKIX_CertSelector *constraints, andre@0: void *plContext) andre@0: { andre@0: andre@0: PKIX_ENTER(PROCESSINGPARAMS, andre@0: "PKIX_ProcessingParams_SetTargetCertConstraints"); andre@0: andre@0: PKIX_NULLCHECK_ONE(params); andre@0: andre@0: PKIX_DECREF(params->constraints); andre@0: andre@0: PKIX_INCREF(constraints); andre@0: params->constraints = constraints; andre@0: andre@0: PKIX_CHECK(PKIX_PL_Object_InvalidateCache andre@0: ((PKIX_PL_Object *)params, plContext), andre@0: PKIX_OBJECTINVALIDATECACHEFAILED); andre@0: andre@0: cleanup: andre@0: if (PKIX_ERROR_RECEIVED && params) { andre@0: PKIX_DECREF(params->constraints); andre@0: } andre@0: andre@0: PKIX_RETURN(PROCESSINGPARAMS); andre@0: } andre@0: andre@0: /* andre@0: * FUNCTION: PKIX_ProcessingParams_GetInitialPolicies andre@0: * (see comments in pkix_params.h) andre@0: */ andre@0: PKIX_Error * andre@0: PKIX_ProcessingParams_GetInitialPolicies( andre@0: PKIX_ProcessingParams *params, andre@0: PKIX_List **pInitPolicies, /* list of PKIX_PL_OID */ andre@0: void *plContext) andre@0: { andre@0: andre@0: PKIX_ENTER(PROCESSINGPARAMS, andre@0: "PKIX_ProcessingParams_GetInitialPolicies"); andre@0: andre@0: PKIX_NULLCHECK_TWO(params, pInitPolicies); andre@0: andre@0: if (params->initialPolicies == NULL) { andre@0: PKIX_CHECK(PKIX_List_Create andre@0: (¶ms->initialPolicies, plContext), andre@0: PKIX_UNABLETOCREATELIST); andre@0: PKIX_CHECK(PKIX_List_SetImmutable andre@0: (params->initialPolicies, plContext), andre@0: PKIX_UNABLETOMAKELISTIMMUTABLE); andre@0: PKIX_CHECK(PKIX_PL_Object_InvalidateCache andre@0: ((PKIX_PL_Object *)params, plContext), andre@0: PKIX_OBJECTINVALIDATECACHEFAILED); andre@0: } andre@0: andre@0: PKIX_INCREF(params->initialPolicies); andre@0: *pInitPolicies = params->initialPolicies; andre@0: andre@0: cleanup: andre@0: andre@0: PKIX_RETURN(PROCESSINGPARAMS); andre@0: } andre@0: andre@0: /* andre@0: * FUNCTION: PKIX_ProcessingParams_SetInitialPolicies andre@0: * (see comments in pkix_params.h) andre@0: */ andre@0: PKIX_Error * andre@0: PKIX_ProcessingParams_SetInitialPolicies( andre@0: PKIX_ProcessingParams *params, andre@0: PKIX_List *initPolicies, /* list of PKIX_PL_OID */ andre@0: void *plContext) andre@0: { andre@0: PKIX_ENTER(PROCESSINGPARAMS, andre@0: "PKIX_ProcessingParams_SetInitialPolicies"); andre@0: PKIX_NULLCHECK_ONE(params); andre@0: andre@0: PKIX_DECREF(params->initialPolicies); andre@0: andre@0: PKIX_INCREF(initPolicies); andre@0: params->initialPolicies = initPolicies; andre@0: andre@0: PKIX_CHECK(PKIX_PL_Object_InvalidateCache andre@0: ((PKIX_PL_Object *)params, plContext), andre@0: PKIX_OBJECTINVALIDATECACHEFAILED); andre@0: andre@0: cleanup: andre@0: andre@0: if (PKIX_ERROR_RECEIVED && params) { andre@0: PKIX_DECREF(params->initialPolicies); andre@0: } andre@0: PKIX_RETURN(PROCESSINGPARAMS); andre@0: } andre@0: andre@0: /* andre@0: * FUNCTION: PKIX_ProcessingParams_GetPolicyQualifiersRejected andre@0: * (see comments in pkix_params.h) andre@0: */ andre@0: PKIX_Error * andre@0: PKIX_ProcessingParams_GetPolicyQualifiersRejected( andre@0: PKIX_ProcessingParams *params, andre@0: PKIX_Boolean *pRejected, andre@0: void *plContext) andre@0: { andre@0: PKIX_ENTER(PROCESSINGPARAMS, andre@0: "PKIX_ProcessingParams_GetPolicyQualifiersRejected"); andre@0: andre@0: PKIX_NULLCHECK_TWO(params, pRejected); andre@0: andre@0: *pRejected = params->qualifiersRejected; andre@0: andre@0: PKIX_RETURN(PROCESSINGPARAMS); andre@0: } andre@0: andre@0: /* andre@0: * FUNCTION: PKIX_ProcessingParams_SetPolicyQualifiersRejected andre@0: * (see comments in pkix_params.h) andre@0: */ andre@0: PKIX_Error * andre@0: PKIX_ProcessingParams_SetPolicyQualifiersRejected( andre@0: PKIX_ProcessingParams *params, andre@0: PKIX_Boolean rejected, andre@0: void *plContext) andre@0: { andre@0: PKIX_ENTER(PROCESSINGPARAMS, andre@0: "PKIX_ProcessingParams_SetPolicyQualifiersRejected"); andre@0: andre@0: PKIX_NULLCHECK_ONE(params); andre@0: andre@0: params->qualifiersRejected = rejected; andre@0: andre@0: PKIX_CHECK(PKIX_PL_Object_InvalidateCache andre@0: ((PKIX_PL_Object *)params, plContext), andre@0: PKIX_OBJECTINVALIDATECACHEFAILED); andre@0: andre@0: cleanup: andre@0: andre@0: PKIX_RETURN(PROCESSINGPARAMS); andre@0: } andre@0: andre@0: /* andre@0: * FUNCTION: PKIX_ProcessingParams_GetCertChainCheckers andre@0: * (see comments in pkix_params.h) andre@0: */ andre@0: PKIX_Error * andre@0: PKIX_ProcessingParams_GetCertChainCheckers( andre@0: PKIX_ProcessingParams *params, andre@0: PKIX_List **pCheckers, /* list of PKIX_CertChainChecker */ andre@0: void *plContext) andre@0: { andre@0: PKIX_ENTER(PROCESSINGPARAMS, andre@0: "PKIX_ProcessingParams_GetCertChainCheckers"); andre@0: PKIX_NULLCHECK_TWO(params, pCheckers); andre@0: andre@0: PKIX_INCREF(params->certChainCheckers); andre@0: *pCheckers = params->certChainCheckers; andre@0: andre@0: cleanup: andre@0: PKIX_RETURN(PROCESSINGPARAMS); andre@0: } andre@0: andre@0: /* andre@0: * FUNCTION: PKIX_ProcessingParams_SetCertChainCheckers andre@0: * (see comments in pkix_params.h) andre@0: */ andre@0: PKIX_Error * andre@0: PKIX_ProcessingParams_SetCertChainCheckers( andre@0: PKIX_ProcessingParams *params, andre@0: PKIX_List *checkers, /* list of PKIX_CertChainChecker */ andre@0: void *plContext) andre@0: { andre@0: andre@0: PKIX_ENTER(PROCESSINGPARAMS, andre@0: "PKIX_ProcessingParams_SetCertChainCheckers"); andre@0: PKIX_NULLCHECK_ONE(params); andre@0: andre@0: PKIX_DECREF(params->certChainCheckers); andre@0: andre@0: PKIX_INCREF(checkers); andre@0: params->certChainCheckers = checkers; andre@0: andre@0: PKIX_CHECK(PKIX_PL_Object_InvalidateCache andre@0: ((PKIX_PL_Object *)params, plContext), andre@0: PKIX_OBJECTINVALIDATECACHEFAILED); andre@0: andre@0: cleanup: andre@0: andre@0: if (PKIX_ERROR_RECEIVED && params) { andre@0: PKIX_DECREF(params->certChainCheckers); andre@0: } andre@0: andre@0: PKIX_RETURN(PROCESSINGPARAMS); andre@0: } andre@0: andre@0: /* andre@0: * FUNCTION: PKIX_ProcessingParams_AddCertChainCheckers andre@0: * (see comments in pkix_params.h) andre@0: */ andre@0: PKIX_Error * andre@0: PKIX_ProcessingParams_AddCertChainChecker( andre@0: PKIX_ProcessingParams *params, andre@0: PKIX_CertChainChecker *checker, andre@0: void *plContext) andre@0: { andre@0: PKIX_List *list = NULL; andre@0: andre@0: PKIX_ENTER(PROCESSINGPARAMS, andre@0: "PKIX_ProcessingParams_AddCertChainChecker"); andre@0: PKIX_NULLCHECK_TWO(params, checker); andre@0: andre@0: if (params->certChainCheckers == NULL) { andre@0: andre@0: PKIX_CHECK(PKIX_List_Create(&list, plContext), andre@0: PKIX_LISTCREATEFAILED); andre@0: andre@0: params->certChainCheckers = list; andre@0: } andre@0: andre@0: PKIX_CHECK(PKIX_List_AppendItem andre@0: (params->certChainCheckers, (PKIX_PL_Object *)checker, plContext), andre@0: PKIX_LISTAPPENDITEMFAILED); andre@0: andre@0: PKIX_CHECK(PKIX_PL_Object_InvalidateCache andre@0: ((PKIX_PL_Object *)params, plContext), andre@0: PKIX_OBJECTINVALIDATECACHEFAILED); andre@0: andre@0: list = NULL; andre@0: andre@0: cleanup: andre@0: andre@0: if (list && params) { andre@0: PKIX_DECREF(params->certChainCheckers); andre@0: } andre@0: andre@0: PKIX_RETURN(PROCESSINGPARAMS); andre@0: } andre@0: andre@0: /* andre@0: * FUNCTION: PKIX_ProcessingParams_GetRevocationChecker andre@0: * (see comments in pkix_params.h) andre@0: */ andre@0: PKIX_Error * andre@0: PKIX_ProcessingParams_GetRevocationChecker( andre@0: PKIX_ProcessingParams *params, andre@0: PKIX_RevocationChecker **pChecker, andre@0: void *plContext) andre@0: { andre@0: andre@0: PKIX_ENTER andre@0: (PROCESSINGPARAMS, "PKIX_ProcessingParams_GetRevocationCheckers"); andre@0: PKIX_NULLCHECK_TWO(params, pChecker); andre@0: andre@0: PKIX_INCREF(params->revChecker); andre@0: *pChecker = params->revChecker; andre@0: andre@0: cleanup: andre@0: andre@0: PKIX_RETURN(PROCESSINGPARAMS); andre@0: } andre@0: andre@0: /* andre@0: * FUNCTION: PKIX_ProcessingParams_SetRevocationChecker andre@0: * (see comments in pkix_params.h) andre@0: */ andre@0: PKIX_Error * andre@0: PKIX_ProcessingParams_SetRevocationChecker( andre@0: PKIX_ProcessingParams *params, andre@0: PKIX_RevocationChecker *checker, andre@0: void *plContext) andre@0: { andre@0: andre@0: PKIX_ENTER(PROCESSINGPARAMS, andre@0: "PKIX_ProcessingParams_InitRevocationChecker"); andre@0: PKIX_NULLCHECK_ONE(params); andre@0: andre@0: PKIX_DECREF(params->revChecker); andre@0: PKIX_INCREF(checker); andre@0: params->revChecker = checker; andre@0: andre@0: PKIX_CHECK(PKIX_PL_Object_InvalidateCache andre@0: ((PKIX_PL_Object *)params, plContext), andre@0: PKIX_OBJECTINVALIDATECACHEFAILED); andre@0: cleanup: andre@0: andre@0: PKIX_RETURN(PROCESSINGPARAMS); andre@0: } andre@0: andre@0: /* andre@0: * FUNCTION: PKIX_ProcessingParams_GetCertStores andre@0: * (see comments in pkix_params.h) andre@0: */ andre@0: PKIX_Error * andre@0: PKIX_ProcessingParams_GetCertStores( andre@0: PKIX_ProcessingParams *params, andre@0: PKIX_List **pStores, /* list of PKIX_CertStore */ andre@0: void *plContext) andre@0: { andre@0: PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_GetCertStores"); andre@0: andre@0: PKIX_NULLCHECK_TWO(params, pStores); andre@0: andre@0: if (!params->certStores){ andre@0: PKIX_CHECK(PKIX_List_Create(¶ms->certStores, plContext), andre@0: PKIX_UNABLETOCREATELIST); andre@0: } andre@0: andre@0: PKIX_INCREF(params->certStores); andre@0: *pStores = params->certStores; andre@0: andre@0: cleanup: andre@0: andre@0: PKIX_RETURN(PROCESSINGPARAMS); andre@0: } andre@0: andre@0: /* andre@0: * FUNCTION: PKIX_ProcessingParams_SetCertStores andre@0: * (see comments in pkix_params.h) andre@0: */ andre@0: PKIX_Error * andre@0: PKIX_ProcessingParams_SetCertStores( andre@0: PKIX_ProcessingParams *params, andre@0: PKIX_List *stores, /* list of PKIX_CertStore */ andre@0: void *plContext) andre@0: { andre@0: PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_SetCertStores"); andre@0: andre@0: PKIX_NULLCHECK_ONE(params); andre@0: andre@0: PKIX_DECREF(params->certStores); andre@0: andre@0: PKIX_INCREF(stores); andre@0: params->certStores = stores; andre@0: andre@0: PKIX_CHECK(PKIX_PL_Object_InvalidateCache andre@0: ((PKIX_PL_Object *)params, plContext), andre@0: PKIX_OBJECTINVALIDATECACHEFAILED); andre@0: andre@0: cleanup: andre@0: andre@0: if (PKIX_ERROR_RECEIVED && params) { andre@0: PKIX_DECREF(params->certStores); andre@0: } andre@0: andre@0: PKIX_RETURN(PROCESSINGPARAMS); andre@0: } andre@0: andre@0: /* andre@0: * FUNCTION: PKIX_ProcessingParams_AddCertStore andre@0: * (see comments in pkix_params.h) andre@0: */ andre@0: PKIX_Error * andre@0: PKIX_ProcessingParams_AddCertStore( andre@0: PKIX_ProcessingParams *params, andre@0: PKIX_CertStore *store, andre@0: void *plContext) andre@0: { andre@0: PKIX_List *certStores = NULL; andre@0: andre@0: PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_AddCertStore"); andre@0: PKIX_NULLCHECK_TWO(params, store); andre@0: andre@0: PKIX_CHECK(PKIX_ProcessingParams_GetCertStores andre@0: (params, &certStores, plContext), andre@0: PKIX_PROCESSINGPARAMSGETCERTSTORESFAILED); andre@0: andre@0: PKIX_CHECK(PKIX_List_AppendItem andre@0: (certStores, (PKIX_PL_Object *)store, plContext), andre@0: PKIX_LISTAPPENDITEMFAILED); andre@0: andre@0: PKIX_CHECK(PKIX_PL_Object_InvalidateCache andre@0: ((PKIX_PL_Object *)params, plContext), andre@0: PKIX_OBJECTINVALIDATECACHEFAILED); andre@0: andre@0: cleanup: andre@0: andre@0: PKIX_DECREF(certStores); andre@0: PKIX_RETURN(PROCESSINGPARAMS); andre@0: } andre@0: andre@0: /* andre@0: * FUNCTION: PKIX_ProcessingParams_SetResourceLimits andre@0: * (see comments in pkix_params.h) andre@0: */ andre@0: PKIX_Error * andre@0: PKIX_ProcessingParams_SetResourceLimits( andre@0: PKIX_ProcessingParams *params, andre@0: PKIX_ResourceLimits *resourceLimits, andre@0: void *plContext) andre@0: { andre@0: PKIX_ENTER(PROCESSINGPARAMS, andre@0: "PKIX_ProcessingParams_SetResourceLimits"); andre@0: andre@0: PKIX_NULLCHECK_TWO(params, resourceLimits); andre@0: andre@0: PKIX_DECREF(params->resourceLimits); andre@0: PKIX_INCREF(resourceLimits); andre@0: params->resourceLimits = resourceLimits; andre@0: andre@0: cleanup: andre@0: if (PKIX_ERROR_RECEIVED && params) { andre@0: PKIX_DECREF(params->resourceLimits); andre@0: } andre@0: andre@0: PKIX_RETURN(PROCESSINGPARAMS); andre@0: } andre@0: andre@0: /* andre@0: * FUNCTION: PKIX_ProcessingParams_GetResourceLimits andre@0: * (see comments in pkix_params.h) andre@0: */ andre@0: PKIX_Error * andre@0: PKIX_ProcessingParams_GetResourceLimits( andre@0: PKIX_ProcessingParams *params, andre@0: PKIX_ResourceLimits **pResourceLimits, andre@0: void *plContext) andre@0: { andre@0: PKIX_ENTER(PROCESSINGPARAMS, andre@0: "PKIX_ProcessingParams_GetResourceLimits"); andre@0: andre@0: PKIX_NULLCHECK_TWO(params, pResourceLimits); andre@0: andre@0: PKIX_INCREF(params->resourceLimits); andre@0: *pResourceLimits = params->resourceLimits; andre@0: andre@0: cleanup: andre@0: PKIX_RETURN(PROCESSINGPARAMS); andre@0: } andre@0: andre@0: /* andre@0: * FUNCTION: PKIX_ProcessingParams_IsAnyPolicyInhibited andre@0: * (see comments in pkix_params.h) andre@0: */ andre@0: PKIX_Error * andre@0: PKIX_ProcessingParams_IsAnyPolicyInhibited( andre@0: PKIX_ProcessingParams *params, andre@0: PKIX_Boolean *pInhibited, andre@0: void *plContext) andre@0: { andre@0: PKIX_ENTER(PROCESSINGPARAMS, andre@0: "PKIX_ProcessingParams_IsAnyPolicyInhibited"); andre@0: andre@0: PKIX_NULLCHECK_TWO(params, pInhibited); andre@0: andre@0: *pInhibited = params->initialAnyPolicyInhibit; andre@0: andre@0: PKIX_RETURN(PROCESSINGPARAMS); andre@0: } andre@0: andre@0: /* andre@0: * FUNCTION: PKIX_ProcessingParams_SetAnyPolicyInhibited andre@0: * (see comments in pkix_params.h) andre@0: */ andre@0: PKIX_Error * andre@0: PKIX_ProcessingParams_SetAnyPolicyInhibited( andre@0: PKIX_ProcessingParams *params, andre@0: PKIX_Boolean inhibited, andre@0: void *plContext) andre@0: { andre@0: PKIX_ENTER(PROCESSINGPARAMS, andre@0: "PKIX_ProcessingParams_SetAnyPolicyInhibited"); andre@0: andre@0: PKIX_NULLCHECK_ONE(params); andre@0: andre@0: params->initialAnyPolicyInhibit = inhibited; andre@0: andre@0: PKIX_CHECK(PKIX_PL_Object_InvalidateCache andre@0: ((PKIX_PL_Object *)params, plContext), andre@0: PKIX_OBJECTINVALIDATECACHEFAILED); andre@0: andre@0: cleanup: andre@0: andre@0: PKIX_RETURN(PROCESSINGPARAMS); andre@0: } andre@0: andre@0: /* andre@0: * FUNCTION: PKIX_ProcessingParams_IsExplicitPolicyRequired andre@0: * (see comments in pkix_params.h) andre@0: */ andre@0: PKIX_Error * andre@0: PKIX_ProcessingParams_IsExplicitPolicyRequired( andre@0: PKIX_ProcessingParams *params, andre@0: PKIX_Boolean *pRequired, andre@0: void *plContext) andre@0: { andre@0: PKIX_ENTER(PROCESSINGPARAMS, andre@0: "PKIX_ProcessingParams_IsExplicitPolicyRequired"); andre@0: andre@0: PKIX_NULLCHECK_TWO(params, pRequired); andre@0: andre@0: *pRequired = params->initialExplicitPolicy; andre@0: andre@0: PKIX_RETURN(PROCESSINGPARAMS); andre@0: } andre@0: andre@0: /* andre@0: * FUNCTION: PKIX_ProcessingParams_SetExplicitPolicyRequired andre@0: * (see comments in pkix_params.h) andre@0: */ andre@0: PKIX_Error * andre@0: PKIX_ProcessingParams_SetExplicitPolicyRequired( andre@0: PKIX_ProcessingParams *params, andre@0: PKIX_Boolean required, andre@0: void *plContext) andre@0: { andre@0: PKIX_ENTER(PROCESSINGPARAMS, andre@0: "PKIX_ProcessingParams_SetExplicitPolicyRequired"); andre@0: andre@0: PKIX_NULLCHECK_ONE(params); andre@0: andre@0: params->initialExplicitPolicy = required; andre@0: andre@0: PKIX_CHECK(PKIX_PL_Object_InvalidateCache andre@0: ((PKIX_PL_Object *)params, plContext), andre@0: PKIX_OBJECTINVALIDATECACHEFAILED); andre@0: andre@0: cleanup: andre@0: andre@0: PKIX_RETURN(PROCESSINGPARAMS); andre@0: } andre@0: andre@0: /* andre@0: * FUNCTION: PKIX_ProcessingParams_IsPolicyMappingInhibited andre@0: * (see comments in pkix_params.h) andre@0: */ andre@0: PKIX_Error * andre@0: PKIX_ProcessingParams_IsPolicyMappingInhibited( andre@0: PKIX_ProcessingParams *params, andre@0: PKIX_Boolean *pInhibited, andre@0: void *plContext) andre@0: { andre@0: PKIX_ENTER(PROCESSINGPARAMS, andre@0: "PKIX_ProcessingParams_IsPolicyMappingInhibited"); andre@0: andre@0: PKIX_NULLCHECK_TWO(params, pInhibited); andre@0: andre@0: *pInhibited = params->initialPolicyMappingInhibit; andre@0: andre@0: PKIX_RETURN(PROCESSINGPARAMS); andre@0: } andre@0: andre@0: /* andre@0: * FUNCTION: PKIX_ProcessingParams_SetPolicyMappingInhibited andre@0: * (see comments in pkix_params.h) andre@0: */ andre@0: PKIX_Error * andre@0: PKIX_ProcessingParams_SetPolicyMappingInhibited( andre@0: PKIX_ProcessingParams *params, andre@0: PKIX_Boolean inhibited, andre@0: void *plContext) andre@0: { andre@0: PKIX_ENTER(PROCESSINGPARAMS, andre@0: "PKIX_ProcessingParams_SetPolicyMappingInhibited"); andre@0: andre@0: PKIX_NULLCHECK_ONE(params); andre@0: andre@0: params->initialPolicyMappingInhibit = inhibited; andre@0: andre@0: PKIX_CHECK(PKIX_PL_Object_InvalidateCache andre@0: ((PKIX_PL_Object *)params, plContext), andre@0: PKIX_OBJECTINVALIDATECACHEFAILED); andre@0: andre@0: cleanup: andre@0: andre@0: PKIX_RETURN(PROCESSINGPARAMS); andre@0: } andre@0: andre@0: /* andre@0: * FUNCTION: PKIX_ProcessingParams_SetHintCerts andre@0: * (see comments in pkix_params.h) andre@0: */ andre@0: PKIX_Error * andre@0: PKIX_ProcessingParams_SetHintCerts( andre@0: PKIX_ProcessingParams *params, andre@0: PKIX_List *hintCerts, andre@0: void *plContext) andre@0: { andre@0: PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_SetHintCerts"); andre@0: andre@0: PKIX_NULLCHECK_ONE(params); andre@0: andre@0: PKIX_DECREF(params->hintCerts); andre@0: PKIX_INCREF(hintCerts); andre@0: params->hintCerts = hintCerts; andre@0: andre@0: cleanup: andre@0: if (PKIX_ERROR_RECEIVED && params) { andre@0: PKIX_DECREF(params->hintCerts); andre@0: } andre@0: andre@0: PKIX_RETURN(PROCESSINGPARAMS); andre@0: } andre@0: andre@0: /* andre@0: * FUNCTION: PKIX_ProcessingParams_GetHintCerts andre@0: * (see comments in pkix_params.h) andre@0: */ andre@0: PKIX_Error * andre@0: PKIX_ProcessingParams_GetHintCerts( andre@0: PKIX_ProcessingParams *params, andre@0: PKIX_List **pHintCerts, andre@0: void *plContext) andre@0: { andre@0: PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_GetHintCerts"); andre@0: andre@0: PKIX_NULLCHECK_TWO(params, pHintCerts); andre@0: andre@0: PKIX_INCREF(params->hintCerts); andre@0: *pHintCerts = params->hintCerts; andre@0: andre@0: cleanup: andre@0: PKIX_RETURN(PROCESSINGPARAMS); andre@0: }