| Index: nss/mozilla/security/nss/lib/libpkix/pkix/checker/pkix_certchainchecker.c
|
| ===================================================================
|
| --- nss/mozilla/security/nss/lib/libpkix/pkix/checker/pkix_certchainchecker.c (revision 0)
|
| +++ nss/mozilla/security/nss/lib/libpkix/pkix/checker/pkix_certchainchecker.c (revision 0)
|
| @@ -0,0 +1,355 @@
|
| +/* ***** BEGIN LICENSE BLOCK *****
|
| + * Version: MPL 1.1/GPL 2.0/LGPL 2.1
|
| + *
|
| + * The contents of this file are subject to the Mozilla Public License Version
|
| + * 1.1 (the "License"); you may not use this file except in compliance with
|
| + * the License. You may obtain a copy of the License at
|
| + * http://www.mozilla.org/MPL/
|
| + *
|
| + * Software distributed under the License is distributed on an "AS IS" basis,
|
| + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
|
| + * for the specific language governing rights and limitations under the
|
| + * License.
|
| + *
|
| + * The Original Code is the PKIX-C library.
|
| + *
|
| + * The Initial Developer of the Original Code is
|
| + * Sun Microsystems, Inc.
|
| + * Portions created by the Initial Developer are
|
| + * Copyright 2004-2007 Sun Microsystems, Inc. All Rights Reserved.
|
| + *
|
| + * Contributor(s):
|
| + * Sun Microsystems, Inc.
|
| + *
|
| + * Alternatively, the contents of this file may be used under the terms of
|
| + * either the GNU General Public License Version 2 or later (the "GPL"), or
|
| + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
|
| + * in which case the provisions of the GPL or the LGPL are applicable instead
|
| + * of those above. If you wish to allow use of your version of this file only
|
| + * under the terms of either the GPL or the LGPL, and not to allow others to
|
| + * use your version of this file under the terms of the MPL, indicate your
|
| + * decision by deleting the provisions above and replace them with the notice
|
| + * and other provisions required by the GPL or the LGPL. If you do not delete
|
| + * the provisions above, a recipient may use your version of this file under
|
| + * the terms of any one of the MPL, the GPL or the LGPL.
|
| + *
|
| + * ***** END LICENSE BLOCK ***** */
|
| +/*
|
| + * pkix_certchainchecker.c
|
| + *
|
| + * CertChainChecker Object Functions
|
| + *
|
| + */
|
| +
|
| +#include "pkix_certchainchecker.h"
|
| +
|
| +/* --Private-Functions-------------------------------------------- */
|
| +
|
| +/*
|
| + * FUNCTION: pkix_CertChainChecker_Destroy
|
| + * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
|
| + */
|
| +static PKIX_Error *
|
| +pkix_CertChainChecker_Destroy(
|
| + PKIX_PL_Object *object,
|
| + void *plContext)
|
| +{
|
| + PKIX_CertChainChecker *checker = NULL;
|
| +
|
| + PKIX_ENTER(CERTCHAINCHECKER, "pkix_CertChainChecker_Destroy");
|
| + PKIX_NULLCHECK_ONE(object);
|
| +
|
| + /* Check that this object is a cert chain checker */
|
| + PKIX_CHECK(pkix_CheckType
|
| + (object, PKIX_CERTCHAINCHECKER_TYPE, plContext),
|
| + PKIX_OBJECTNOTCERTCHAINCHECKER);
|
| +
|
| + checker = (PKIX_CertChainChecker *)object;
|
| +
|
| + PKIX_DECREF(checker->extensions);
|
| + PKIX_DECREF(checker->state);
|
| +
|
| +cleanup:
|
| +
|
| + PKIX_RETURN(CERTCHAINCHECKER);
|
| +}
|
| +
|
| +/*
|
| + * FUNCTION: pkix_CertChainChecker_Duplicate
|
| + * (see comments for PKIX_PL_DuplicateCallback in pkix_pl_system.h)
|
| + */
|
| +static PKIX_Error *
|
| +pkix_CertChainChecker_Duplicate(
|
| + PKIX_PL_Object *object,
|
| + PKIX_PL_Object **pNewObject,
|
| + void *plContext)
|
| +{
|
| + PKIX_CertChainChecker *checker = NULL;
|
| + PKIX_CertChainChecker *checkerDuplicate = NULL;
|
| + PKIX_List *extensionsDuplicate = NULL;
|
| + PKIX_PL_Object *stateDuplicate = NULL;
|
| +
|
| + PKIX_ENTER(CERTCHAINCHECKER, "pkix_CertChainChecker_Duplicate");
|
| + PKIX_NULLCHECK_TWO(object, pNewObject);
|
| +
|
| + PKIX_CHECK(pkix_CheckType
|
| + (object, PKIX_CERTCHAINCHECKER_TYPE, plContext),
|
| + PKIX_OBJECTNOTCERTCHAINCHECKER);
|
| +
|
| + checker = (PKIX_CertChainChecker *)object;
|
| +
|
| + if (checker->extensions){
|
| + PKIX_CHECK(PKIX_PL_Object_Duplicate
|
| + ((PKIX_PL_Object *)checker->extensions,
|
| + (PKIX_PL_Object **)&extensionsDuplicate,
|
| + plContext),
|
| + PKIX_OBJECTDUPLICATEFAILED);
|
| + }
|
| +
|
| + if (checker->state){
|
| + PKIX_CHECK(PKIX_PL_Object_Duplicate
|
| + ((PKIX_PL_Object *)checker->state,
|
| + (PKIX_PL_Object **)&stateDuplicate,
|
| + plContext),
|
| + PKIX_OBJECTDUPLICATEFAILED);
|
| + }
|
| +
|
| + PKIX_CHECK(PKIX_CertChainChecker_Create
|
| + (checker->checkCallback,
|
| + checker->forwardChecking,
|
| + checker->isForwardDirectionExpected,
|
| + extensionsDuplicate,
|
| + stateDuplicate,
|
| + &checkerDuplicate,
|
| + plContext),
|
| + PKIX_CERTCHAINCHECKERCREATEFAILED);
|
| +
|
| + *pNewObject = (PKIX_PL_Object *)checkerDuplicate;
|
| +
|
| +cleanup:
|
| +
|
| + PKIX_DECREF(extensionsDuplicate);
|
| + PKIX_DECREF(stateDuplicate);
|
| +
|
| + PKIX_RETURN(CERTCHAINCHECKER);
|
| +}
|
| +
|
| +/*
|
| + * FUNCTION: pkix_CertChainChecker_RegisterSelf
|
| + * DESCRIPTION:
|
| + * Registers PKIX_CERTCHAINCHECKER_TYPE and its related functions with
|
| + * systemClasses[]
|
| + * THREAD SAFETY:
|
| + * Not Thread Safe - for performance and complexity reasons
|
| + *
|
| + * Since this function is only called by PKIX_PL_Initialize, which should
|
| + * only be called once, it is acceptable that this function is not
|
| + * thread-safe.
|
| + */
|
| +PKIX_Error *
|
| +pkix_CertChainChecker_RegisterSelf(void *plContext)
|
| +{
|
| + extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
|
| + pkix_ClassTable_Entry entry;
|
| +
|
| + PKIX_ENTER(CERTCHAINCHECKER, "pkix_CertChainChecker_RegisterSelf");
|
| +
|
| + entry.description = "CertChainChecker";
|
| + entry.objCounter = 0;
|
| + entry.typeObjectSize = sizeof(PKIX_CertChainChecker);
|
| + entry.destructor = pkix_CertChainChecker_Destroy;
|
| + entry.equalsFunction = NULL;
|
| + entry.hashcodeFunction = NULL;
|
| + entry.toStringFunction = NULL;
|
| + entry.comparator = NULL;
|
| + entry.duplicateFunction = pkix_CertChainChecker_Duplicate;
|
| +
|
| + systemClasses[PKIX_CERTCHAINCHECKER_TYPE] = entry;
|
| +
|
| + PKIX_RETURN(CERTCHAINCHECKER);
|
| +}
|
| +
|
| +/* --Public-Functions--------------------------------------------- */
|
| +
|
| +
|
| +/*
|
| + * FUNCTION: PKIX_CertChainChecker_Create (see comments in pkix_checker.h)
|
| + */
|
| +PKIX_Error *
|
| +PKIX_CertChainChecker_Create(
|
| + PKIX_CertChainChecker_CheckCallback callback,
|
| + PKIX_Boolean forwardCheckingSupported,
|
| + PKIX_Boolean isForwardDirectionExpected,
|
| + PKIX_List *list, /* list of PKIX_PL_OID */
|
| + PKIX_PL_Object *initialState,
|
| + PKIX_CertChainChecker **pChecker,
|
| + void *plContext)
|
| +{
|
| + PKIX_CertChainChecker *checker = NULL;
|
| +
|
| + PKIX_ENTER(CERTCHAINCHECKER, "PKIX_CertChainChecker_Create");
|
| + PKIX_NULLCHECK_ONE(pChecker);
|
| +
|
| + PKIX_CHECK(PKIX_PL_Object_Alloc
|
| + (PKIX_CERTCHAINCHECKER_TYPE,
|
| + sizeof (PKIX_CertChainChecker),
|
| + (PKIX_PL_Object **)&checker,
|
| + plContext),
|
| + PKIX_COULDNOTCREATECERTCHAINCHECKEROBJECT);
|
| +
|
| + /* initialize fields */
|
| + checker->checkCallback = callback;
|
| + checker->forwardChecking = forwardCheckingSupported;
|
| + checker->isForwardDirectionExpected = isForwardDirectionExpected;
|
| +
|
| + PKIX_INCREF(list);
|
| + checker->extensions = list;
|
| +
|
| + PKIX_INCREF(initialState);
|
| + checker->state = initialState;
|
| +
|
| + *pChecker = checker;
|
| + checker = NULL;
|
| +cleanup:
|
| +
|
| + PKIX_DECREF(checker);
|
| +
|
| + PKIX_RETURN(CERTCHAINCHECKER);
|
| +
|
| +}
|
| +
|
| +/*
|
| + * FUNCTION: PKIX_CertChainChecker_GetCheckCallback
|
| + * (see comments in pkix_checker.h)
|
| + */
|
| +PKIX_Error *
|
| +PKIX_CertChainChecker_GetCheckCallback(
|
| + PKIX_CertChainChecker *checker,
|
| + PKIX_CertChainChecker_CheckCallback *pCallback,
|
| + void *plContext)
|
| +{
|
| + PKIX_ENTER(CERTCHAINCHECKER, "PKIX_CertChainChecker_GetCheckCallback");
|
| + PKIX_NULLCHECK_TWO(checker, pCallback);
|
| +
|
| + *pCallback = checker->checkCallback;
|
| +
|
| + PKIX_RETURN(CERTCHAINCHECKER);
|
| +}
|
| +
|
| +/*
|
| + * FUNCTION: PKIX_CertChainChecker_IsForwardCheckingSupported
|
| + * (see comments in pkix_checker.h)
|
| + */
|
| +PKIX_Error *
|
| +PKIX_CertChainChecker_IsForwardCheckingSupported(
|
| + PKIX_CertChainChecker *checker,
|
| + PKIX_Boolean *pForwardCheckingSupported,
|
| + void *plContext)
|
| +{
|
| + PKIX_ENTER
|
| + (CERTCHAINCHECKER,
|
| + "PKIX_CertChainChecker_IsForwardCheckingSupported");
|
| + PKIX_NULLCHECK_TWO(checker, pForwardCheckingSupported);
|
| +
|
| + *pForwardCheckingSupported = checker->forwardChecking;
|
| +
|
| + PKIX_RETURN(CERTCHAINCHECKER);
|
| +}
|
| +
|
| +/*
|
| + * FUNCTION: PKIX_CertChainChecker_IsForwardDirectionExpected
|
| + * (see comments in pkix_checker.h)
|
| + */
|
| +PKIX_Error *
|
| +PKIX_CertChainChecker_IsForwardDirectionExpected(
|
| + PKIX_CertChainChecker *checker,
|
| + PKIX_Boolean *pForwardDirectionExpected,
|
| + void *plContext)
|
| +{
|
| + PKIX_ENTER
|
| + (CERTCHAINCHECKER,
|
| + "PKIX_CertChainChecker_IsForwardDirectionExpected");
|
| + PKIX_NULLCHECK_TWO(checker, pForwardDirectionExpected);
|
| +
|
| + *pForwardDirectionExpected = checker->isForwardDirectionExpected;
|
| +
|
| + PKIX_RETURN(CERTCHAINCHECKER);
|
| +}
|
| +
|
| +/*
|
| + * FUNCTION: PKIX_CertChainChecker_GetCertChainCheckerState
|
| + * (see comments in pkix_checker.h)
|
| + */
|
| +PKIX_Error *
|
| +PKIX_CertChainChecker_GetCertChainCheckerState(
|
| + PKIX_CertChainChecker *checker,
|
| + PKIX_PL_Object **pCertChainCheckerState,
|
| + void *plContext)
|
| +{
|
| + PKIX_ENTER(CERTCHAINCHECKER,
|
| + "PKIX_CertChainChecker_GetCertChainCheckerState");
|
| +
|
| + PKIX_NULLCHECK_TWO(checker, pCertChainCheckerState);
|
| +
|
| + PKIX_INCREF(checker->state);
|
| +
|
| + *pCertChainCheckerState = checker->state;
|
| +
|
| +cleanup:
|
| + PKIX_RETURN(CERTCHAINCHECKER);
|
| +
|
| +}
|
| +
|
| +/*
|
| + * FUNCTION: PKIX_CertChainChecker_SetCertChainCheckerState
|
| + * (see comments in pkix_checker.h)
|
| + */
|
| +PKIX_Error *
|
| +PKIX_CertChainChecker_SetCertChainCheckerState(
|
| + PKIX_CertChainChecker *checker,
|
| + PKIX_PL_Object *certChainCheckerState,
|
| + void *plContext)
|
| +{
|
| + PKIX_ENTER(CERTCHAINCHECKER,
|
| + "PKIX_CertChainChecker_SetCertChainCheckerState");
|
| +
|
| + PKIX_NULLCHECK_ONE(checker);
|
| +
|
| + /* DecRef old contents */
|
| + PKIX_DECREF(checker->state);
|
| +
|
| + PKIX_INCREF(certChainCheckerState);
|
| + checker->state = certChainCheckerState;
|
| +
|
| + PKIX_CHECK(PKIX_PL_Object_InvalidateCache
|
| + ((PKIX_PL_Object *)checker, plContext),
|
| + PKIX_OBJECTINVALIDATECACHEFAILED);
|
| +
|
| +cleanup:
|
| +
|
| + PKIX_RETURN(CERTCHAINCHECKER);
|
| +}
|
| +
|
| +/*
|
| + * FUNCTION: PKIX_CertChainChecker_GetSupportedExtensions
|
| + * (see comments in pkix_checker.h)
|
| + */
|
| +PKIX_Error *
|
| +PKIX_CertChainChecker_GetSupportedExtensions(
|
| + PKIX_CertChainChecker *checker,
|
| + PKIX_List **pExtensions, /* list of PKIX_PL_OID */
|
| + void *plContext)
|
| +{
|
| + PKIX_ENTER(CERTCHAINCHECKER,
|
| + "PKIX_CertChainChecker_GetSupportedExtensions");
|
| +
|
| + PKIX_NULLCHECK_TWO(checker, pExtensions);
|
| +
|
| + PKIX_INCREF(checker->extensions);
|
| +
|
| + *pExtensions = checker->extensions;
|
| +
|
| +cleanup:
|
| + PKIX_RETURN(CERTCHAINCHECKER);
|
| +
|
| +}
|
|
|
| Property changes on: nss/mozilla/security/nss/lib/libpkix/pkix/checker/pkix_certchainchecker.c
|
| ___________________________________________________________________
|
| Added: svn:executable
|
| + *
|
| Added: svn:eol-style
|
| + LF
|
|
|
|
|
Chromium Code Reviews
Issue 7530005:
Add all NSS files to allow using a complete NSS in the future. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/deps/third_party/