/* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ /* * pkix_certchainchecker.c * * CertChainChecker Object Functions * */ #include "pkix_certchainchecker.h" /* --Private-Functions-------------------------------------------- */ /* * FUNCTION: pkix_CertChainChecker_Destroy * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h) */ static PKIX_Error * pkix_CertChainChecker_Destroy( PKIX_PL_Object *object, void *plContext) { PKIX_CertChainChecker *checker = NULL; PKIX_ENTER(CERTCHAINCHECKER, "pkix_CertChainChecker_Destroy"); PKIX_NULLCHECK_ONE(object); /* Check that this object is a cert chain checker */ PKIX_CHECK(pkix_CheckType (object, PKIX_CERTCHAINCHECKER_TYPE, plContext), PKIX_OBJECTNOTCERTCHAINCHECKER); checker = (PKIX_CertChainChecker *)object; PKIX_DECREF(checker->extensions); PKIX_DECREF(checker->state); cleanup: PKIX_RETURN(CERTCHAINCHECKER); } /* * FUNCTION: pkix_CertChainChecker_Duplicate * (see comments for PKIX_PL_DuplicateCallback in pkix_pl_system.h) */ static PKIX_Error * pkix_CertChainChecker_Duplicate( PKIX_PL_Object *object, PKIX_PL_Object **pNewObject, void *plContext) { PKIX_CertChainChecker *checker = NULL; PKIX_CertChainChecker *checkerDuplicate = NULL; PKIX_List *extensionsDuplicate = NULL; PKIX_PL_Object *stateDuplicate = NULL; PKIX_ENTER(CERTCHAINCHECKER, "pkix_CertChainChecker_Duplicate"); PKIX_NULLCHECK_TWO(object, pNewObject); PKIX_CHECK(pkix_CheckType (object, PKIX_CERTCHAINCHECKER_TYPE, plContext), PKIX_OBJECTNOTCERTCHAINCHECKER); checker = (PKIX_CertChainChecker *)object; if (checker->extensions){ PKIX_CHECK(PKIX_PL_Object_Duplicate ((PKIX_PL_Object *)checker->extensions, (PKIX_PL_Object **)&extensionsDuplicate, plContext), PKIX_OBJECTDUPLICATEFAILED); } if (checker->state){ PKIX_CHECK(PKIX_PL_Object_Duplicate ((PKIX_PL_Object *)checker->state, (PKIX_PL_Object **)&stateDuplicate, plContext), PKIX_OBJECTDUPLICATEFAILED); } PKIX_CHECK(PKIX_CertChainChecker_Create (checker->checkCallback, checker->forwardChecking, checker->isForwardDirectionExpected, extensionsDuplicate, stateDuplicate, &checkerDuplicate, plContext), PKIX_CERTCHAINCHECKERCREATEFAILED); *pNewObject = (PKIX_PL_Object *)checkerDuplicate; cleanup: PKIX_DECREF(extensionsDuplicate); PKIX_DECREF(stateDuplicate); PKIX_RETURN(CERTCHAINCHECKER); } /* * FUNCTION: pkix_CertChainChecker_RegisterSelf * DESCRIPTION: * Registers PKIX_CERTCHAINCHECKER_TYPE and its related functions with * systemClasses[] * THREAD SAFETY: * Not Thread Safe - for performance and complexity reasons * * Since this function is only called by PKIX_PL_Initialize, which should * only be called once, it is acceptable that this function is not * thread-safe. */ PKIX_Error * pkix_CertChainChecker_RegisterSelf(void *plContext) { extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES]; pkix_ClassTable_Entry entry; PKIX_ENTER(CERTCHAINCHECKER, "pkix_CertChainChecker_RegisterSelf"); entry.description = "CertChainChecker"; entry.objCounter = 0; entry.typeObjectSize = sizeof(PKIX_CertChainChecker); entry.destructor = pkix_CertChainChecker_Destroy; entry.equalsFunction = NULL; entry.hashcodeFunction = NULL; entry.toStringFunction = NULL; entry.comparator = NULL; entry.duplicateFunction = pkix_CertChainChecker_Duplicate; systemClasses[PKIX_CERTCHAINCHECKER_TYPE] = entry; PKIX_RETURN(CERTCHAINCHECKER); } /* --Public-Functions--------------------------------------------- */ /* * FUNCTION: PKIX_CertChainChecker_Create (see comments in pkix_checker.h) */ PKIX_Error * PKIX_CertChainChecker_Create( PKIX_CertChainChecker_CheckCallback callback, PKIX_Boolean forwardCheckingSupported, PKIX_Boolean isForwardDirectionExpected, PKIX_List *list, /* list of PKIX_PL_OID */ PKIX_PL_Object *initialState, PKIX_CertChainChecker **pChecker, void *plContext) { PKIX_CertChainChecker *checker = NULL; PKIX_ENTER(CERTCHAINCHECKER, "PKIX_CertChainChecker_Create"); PKIX_NULLCHECK_ONE(pChecker); PKIX_CHECK(PKIX_PL_Object_Alloc (PKIX_CERTCHAINCHECKER_TYPE, sizeof (PKIX_CertChainChecker), (PKIX_PL_Object **)&checker, plContext), PKIX_COULDNOTCREATECERTCHAINCHECKEROBJECT); /* initialize fields */ checker->checkCallback = callback; checker->forwardChecking = forwardCheckingSupported; checker->isForwardDirectionExpected = isForwardDirectionExpected; PKIX_INCREF(list); checker->extensions = list; PKIX_INCREF(initialState); checker->state = initialState; *pChecker = checker; checker = NULL; cleanup: PKIX_DECREF(checker); PKIX_RETURN(CERTCHAINCHECKER); } /* * FUNCTION: PKIX_CertChainChecker_GetCheckCallback * (see comments in pkix_checker.h) */ PKIX_Error * PKIX_CertChainChecker_GetCheckCallback( PKIX_CertChainChecker *checker, PKIX_CertChainChecker_CheckCallback *pCallback, void *plContext) { PKIX_ENTER(CERTCHAINCHECKER, "PKIX_CertChainChecker_GetCheckCallback"); PKIX_NULLCHECK_TWO(checker, pCallback); *pCallback = checker->checkCallback; PKIX_RETURN(CERTCHAINCHECKER); } /* * FUNCTION: PKIX_CertChainChecker_IsForwardCheckingSupported * (see comments in pkix_checker.h) */ PKIX_Error * PKIX_CertChainChecker_IsForwardCheckingSupported( PKIX_CertChainChecker *checker, PKIX_Boolean *pForwardCheckingSupported, void *plContext) { PKIX_ENTER (CERTCHAINCHECKER, "PKIX_CertChainChecker_IsForwardCheckingSupported"); PKIX_NULLCHECK_TWO(checker, pForwardCheckingSupported); *pForwardCheckingSupported = checker->forwardChecking; PKIX_RETURN(CERTCHAINCHECKER); } /* * FUNCTION: PKIX_CertChainChecker_IsForwardDirectionExpected * (see comments in pkix_checker.h) */ PKIX_Error * PKIX_CertChainChecker_IsForwardDirectionExpected( PKIX_CertChainChecker *checker, PKIX_Boolean *pForwardDirectionExpected, void *plContext) { PKIX_ENTER (CERTCHAINCHECKER, "PKIX_CertChainChecker_IsForwardDirectionExpected"); PKIX_NULLCHECK_TWO(checker, pForwardDirectionExpected); *pForwardDirectionExpected = checker->isForwardDirectionExpected; PKIX_RETURN(CERTCHAINCHECKER); } /* * FUNCTION: PKIX_CertChainChecker_GetCertChainCheckerState * (see comments in pkix_checker.h) */ PKIX_Error * PKIX_CertChainChecker_GetCertChainCheckerState( PKIX_CertChainChecker *checker, PKIX_PL_Object **pCertChainCheckerState, void *plContext) { PKIX_ENTER(CERTCHAINCHECKER, "PKIX_CertChainChecker_GetCertChainCheckerState"); PKIX_NULLCHECK_TWO(checker, pCertChainCheckerState); PKIX_INCREF(checker->state); *pCertChainCheckerState = checker->state; cleanup: PKIX_RETURN(CERTCHAINCHECKER); } /* * FUNCTION: PKIX_CertChainChecker_SetCertChainCheckerState * (see comments in pkix_checker.h) */ PKIX_Error * PKIX_CertChainChecker_SetCertChainCheckerState( PKIX_CertChainChecker *checker, PKIX_PL_Object *certChainCheckerState, void *plContext) { PKIX_ENTER(CERTCHAINCHECKER, "PKIX_CertChainChecker_SetCertChainCheckerState"); PKIX_NULLCHECK_ONE(checker); /* DecRef old contents */ PKIX_DECREF(checker->state); PKIX_INCREF(certChainCheckerState); checker->state = certChainCheckerState; PKIX_CHECK(PKIX_PL_Object_InvalidateCache ((PKIX_PL_Object *)checker, plContext), PKIX_OBJECTINVALIDATECACHEFAILED); cleanup: PKIX_RETURN(CERTCHAINCHECKER); } /* * FUNCTION: PKIX_CertChainChecker_GetSupportedExtensions * (see comments in pkix_checker.h) */ PKIX_Error * PKIX_CertChainChecker_GetSupportedExtensions( PKIX_CertChainChecker *checker, PKIX_List **pExtensions, /* list of PKIX_PL_OID */ void *plContext) { PKIX_ENTER(CERTCHAINCHECKER, "PKIX_CertChainChecker_GetSupportedExtensions"); PKIX_NULLCHECK_TWO(checker, pExtensions); PKIX_INCREF(checker->extensions); *pExtensions = checker->extensions; cleanup: PKIX_RETURN(CERTCHAINCHECKER); }