[ tor-browser ].git.dasho

pkix_certchainchecker.c (9474B)
      1 /* This Source Code Form is subject to the terms of the Mozilla Public
      2 * License, v. 2.0. If a copy of the MPL was not distributed with this
      3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
      4 /*
      5 * pkix_certchainchecker.c
      6 *
      7 * CertChainChecker Object Functions
      8 *
      9 */
     10 
     11 #include "pkix_certchainchecker.h"
     12 
     13 /* --Private-Functions-------------------------------------------- */
     14 
     15 /*
     16 * FUNCTION: pkix_CertChainChecker_Destroy
     17 *      (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
     18 */
     19 static PKIX_Error *
     20 pkix_CertChainChecker_Destroy(
     21        PKIX_PL_Object *object,
     22        void *plContext)
     23 {
     24        PKIX_CertChainChecker *checker = NULL;
     25 
     26        PKIX_ENTER(CERTCHAINCHECKER, "pkix_CertChainChecker_Destroy");
     27        PKIX_NULLCHECK_ONE(object);
     28 
     29        /* Check that this object is a cert chain checker */
     30        PKIX_CHECK(pkix_CheckType
     31                    (object, PKIX_CERTCHAINCHECKER_TYPE, plContext),
     32                    PKIX_OBJECTNOTCERTCHAINCHECKER);
     33 
     34        checker = (PKIX_CertChainChecker *)object;
     35 
     36        PKIX_DECREF(checker->extensions);
     37        PKIX_DECREF(checker->state);
     38 
     39 cleanup:
     40 
     41        PKIX_RETURN(CERTCHAINCHECKER);
     42 }
     43 
     44 /*
     45 * FUNCTION: pkix_CertChainChecker_Duplicate
     46 * (see comments for PKIX_PL_DuplicateCallback in pkix_pl_system.h)
     47 */
     48 static PKIX_Error *
     49 pkix_CertChainChecker_Duplicate(
     50        PKIX_PL_Object *object,
     51        PKIX_PL_Object **pNewObject,
     52        void *plContext)
     53 {
     54        PKIX_CertChainChecker *checker = NULL;
     55        PKIX_CertChainChecker *checkerDuplicate = NULL;
     56        PKIX_List *extensionsDuplicate = NULL;
     57        PKIX_PL_Object *stateDuplicate = NULL;
     58 
     59        PKIX_ENTER(CERTCHAINCHECKER, "pkix_CertChainChecker_Duplicate");
     60        PKIX_NULLCHECK_TWO(object, pNewObject);
     61 
     62        PKIX_CHECK(pkix_CheckType
     63                    (object, PKIX_CERTCHAINCHECKER_TYPE, plContext),
     64                    PKIX_OBJECTNOTCERTCHAINCHECKER);
     65 
     66        checker = (PKIX_CertChainChecker *)object;
     67 
     68        if (checker->extensions){
     69                PKIX_CHECK(PKIX_PL_Object_Duplicate
     70                            ((PKIX_PL_Object *)checker->extensions,
     71                            (PKIX_PL_Object **)&extensionsDuplicate,
     72                            plContext),
     73                            PKIX_OBJECTDUPLICATEFAILED);
     74        }
     75 
     76        if (checker->state){
     77                PKIX_CHECK(PKIX_PL_Object_Duplicate
     78                            ((PKIX_PL_Object *)checker->state,
     79                            (PKIX_PL_Object **)&stateDuplicate,
     80                            plContext),
     81                            PKIX_OBJECTDUPLICATEFAILED);
     82        }
     83 
     84        PKIX_CHECK(PKIX_CertChainChecker_Create
     85                    (checker->checkCallback,
     86                    checker->forwardChecking,
     87                    checker->isForwardDirectionExpected,
     88                    extensionsDuplicate,
     89                    stateDuplicate,
     90                    &checkerDuplicate,
     91                    plContext),
     92                    PKIX_CERTCHAINCHECKERCREATEFAILED);
     93 
     94        *pNewObject = (PKIX_PL_Object *)checkerDuplicate;
     95 
     96 cleanup:
     97 
     98        PKIX_DECREF(extensionsDuplicate);
     99        PKIX_DECREF(stateDuplicate);
    100 
    101        PKIX_RETURN(CERTCHAINCHECKER);
    102 }
    103 
    104 /*
    105 * FUNCTION: pkix_CertChainChecker_RegisterSelf
    106 * DESCRIPTION:
    107 *  Registers PKIX_CERTCHAINCHECKER_TYPE and its related functions with
    108 *  systemClasses[]
    109 * THREAD SAFETY:
    110 *  Not Thread Safe - for performance and complexity reasons
    111 *
    112 *  Since this function is only called by PKIX_PL_Initialize, which should
    113 *  only be called once, it is acceptable that this function is not
    114 *  thread-safe.
    115 */
    116 PKIX_Error *
    117 pkix_CertChainChecker_RegisterSelf(void *plContext)
    118 {
    119        extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
    120        pkix_ClassTable_Entry entry;
    121 
    122        PKIX_ENTER(CERTCHAINCHECKER, "pkix_CertChainChecker_RegisterSelf");
    123 
    124        entry.description = "CertChainChecker";
    125        entry.objCounter = 0;
    126        entry.typeObjectSize = sizeof(PKIX_CertChainChecker);
    127        entry.destructor = pkix_CertChainChecker_Destroy;
    128        entry.equalsFunction = NULL;
    129        entry.hashcodeFunction = NULL;
    130        entry.toStringFunction = NULL;
    131        entry.comparator = NULL;
    132        entry.duplicateFunction = pkix_CertChainChecker_Duplicate;
    133 
    134        systemClasses[PKIX_CERTCHAINCHECKER_TYPE] = entry;
    135 
    136        PKIX_RETURN(CERTCHAINCHECKER);
    137 }
    138 
    139 /* --Public-Functions--------------------------------------------- */
    140 
    141 
    142 /*
    143 * FUNCTION: PKIX_CertChainChecker_Create (see comments in pkix_checker.h)
    144 */
    145 PKIX_Error *
    146 PKIX_CertChainChecker_Create(
    147    PKIX_CertChainChecker_CheckCallback callback,
    148    PKIX_Boolean forwardCheckingSupported,
    149    PKIX_Boolean isForwardDirectionExpected,
    150    PKIX_List *list,  /* list of PKIX_PL_OID */
    151    PKIX_PL_Object *initialState,
    152    PKIX_CertChainChecker **pChecker,
    153    void *plContext)
    154 {
    155        PKIX_CertChainChecker *checker = NULL;
    156 
    157        PKIX_ENTER(CERTCHAINCHECKER, "PKIX_CertChainChecker_Create");
    158        PKIX_NULLCHECK_ONE(pChecker);
    159 
    160        PKIX_CHECK(PKIX_PL_Object_Alloc
    161                    (PKIX_CERTCHAINCHECKER_TYPE,
    162                    sizeof (PKIX_CertChainChecker),
    163                    (PKIX_PL_Object **)&checker,
    164                    plContext),
    165                    PKIX_COULDNOTCREATECERTCHAINCHECKEROBJECT);
    166 
    167        /* initialize fields */
    168        checker->checkCallback = callback;
    169        checker->forwardChecking = forwardCheckingSupported;
    170        checker->isForwardDirectionExpected = isForwardDirectionExpected;
    171 
    172        PKIX_INCREF(list);
    173        checker->extensions = list;
    174 
    175        PKIX_INCREF(initialState);
    176        checker->state = initialState;
    177 
    178        *pChecker = checker;
    179        checker = NULL;
    180 cleanup:
    181        
    182        PKIX_DECREF(checker);
    183 
    184        PKIX_RETURN(CERTCHAINCHECKER);
    185 
    186 }
    187 
    188 /*
    189 * FUNCTION: PKIX_CertChainChecker_GetCheckCallback
    190 *      (see comments in pkix_checker.h)
    191 */
    192 PKIX_Error *
    193 PKIX_CertChainChecker_GetCheckCallback(
    194        PKIX_CertChainChecker *checker,
    195        PKIX_CertChainChecker_CheckCallback *pCallback,
    196        void *plContext)
    197 {
    198        PKIX_ENTER(CERTCHAINCHECKER, "PKIX_CertChainChecker_GetCheckCallback");
    199        PKIX_NULLCHECK_TWO(checker, pCallback);
    200 
    201        *pCallback = checker->checkCallback;
    202 
    203        PKIX_RETURN(CERTCHAINCHECKER);
    204 }
    205 
    206 /*
    207 * FUNCTION: PKIX_CertChainChecker_IsForwardCheckingSupported
    208 *      (see comments in pkix_checker.h)
    209 */
    210 PKIX_Error *
    211 PKIX_CertChainChecker_IsForwardCheckingSupported(
    212        PKIX_CertChainChecker *checker,
    213        PKIX_Boolean *pForwardCheckingSupported,
    214        void *plContext)
    215 {
    216        PKIX_ENTER
    217                (CERTCHAINCHECKER,
    218                "PKIX_CertChainChecker_IsForwardCheckingSupported");
    219        PKIX_NULLCHECK_TWO(checker, pForwardCheckingSupported);
    220 
    221        *pForwardCheckingSupported = checker->forwardChecking;
    222 
    223        PKIX_RETURN(CERTCHAINCHECKER);
    224 }
    225 
    226 /*
    227 * FUNCTION: PKIX_CertChainChecker_IsForwardDirectionExpected
    228 *      (see comments in pkix_checker.h)
    229 */
    230 PKIX_Error *
    231 PKIX_CertChainChecker_IsForwardDirectionExpected(
    232        PKIX_CertChainChecker *checker,
    233        PKIX_Boolean *pForwardDirectionExpected,
    234        void *plContext)
    235 {
    236        PKIX_ENTER
    237                (CERTCHAINCHECKER,
    238                "PKIX_CertChainChecker_IsForwardDirectionExpected");
    239        PKIX_NULLCHECK_TWO(checker, pForwardDirectionExpected);
    240 
    241        *pForwardDirectionExpected = checker->isForwardDirectionExpected;
    242 
    243        PKIX_RETURN(CERTCHAINCHECKER);
    244 }
    245 
    246 /*
    247 * FUNCTION: PKIX_CertChainChecker_GetCertChainCheckerState
    248 *      (see comments in pkix_checker.h)
    249 */
    250 PKIX_Error *
    251 PKIX_CertChainChecker_GetCertChainCheckerState(
    252        PKIX_CertChainChecker *checker,
    253        PKIX_PL_Object **pCertChainCheckerState,
    254        void *plContext)
    255 {
    256        PKIX_ENTER(CERTCHAINCHECKER,
    257                    "PKIX_CertChainChecker_GetCertChainCheckerState");
    258 
    259        PKIX_NULLCHECK_TWO(checker, pCertChainCheckerState);
    260 
    261        PKIX_INCREF(checker->state);
    262 
    263        *pCertChainCheckerState = checker->state;
    264 
    265 cleanup:
    266        PKIX_RETURN(CERTCHAINCHECKER);
    267 
    268 }
    269 
    270 /*
    271 * FUNCTION: PKIX_CertChainChecker_SetCertChainCheckerState
    272 *      (see comments in pkix_checker.h)
    273 */
    274 PKIX_Error *
    275 PKIX_CertChainChecker_SetCertChainCheckerState(
    276        PKIX_CertChainChecker *checker,
    277        PKIX_PL_Object *certChainCheckerState,
    278        void *plContext)
    279 {
    280        PKIX_ENTER(CERTCHAINCHECKER,
    281                    "PKIX_CertChainChecker_SetCertChainCheckerState");
    282 
    283        PKIX_NULLCHECK_ONE(checker);
    284 
    285        /* DecRef old contents */
    286        PKIX_DECREF(checker->state);
    287 
    288        PKIX_INCREF(certChainCheckerState);
    289        checker->state = certChainCheckerState;
    290 
    291        PKIX_CHECK(PKIX_PL_Object_InvalidateCache
    292                    ((PKIX_PL_Object *)checker, plContext),
    293                    PKIX_OBJECTINVALIDATECACHEFAILED);
    294 
    295 cleanup:
    296 
    297        PKIX_RETURN(CERTCHAINCHECKER);
    298 }
    299 
    300 /*
    301 * FUNCTION: PKIX_CertChainChecker_GetSupportedExtensions
    302 *      (see comments in pkix_checker.h)
    303 */
    304 PKIX_Error *
    305 PKIX_CertChainChecker_GetSupportedExtensions(
    306        PKIX_CertChainChecker *checker,
    307        PKIX_List **pExtensions, /* list of PKIX_PL_OID */
    308        void *plContext)
    309 {
    310        PKIX_ENTER(CERTCHAINCHECKER,
    311                    "PKIX_CertChainChecker_GetSupportedExtensions");
    312 
    313        PKIX_NULLCHECK_TWO(checker, pExtensions);
    314 
    315        PKIX_INCREF(checker->extensions);
    316 
    317        *pExtensions = checker->extensions;
    318 
    319 cleanup:
    320        PKIX_RETURN(CERTCHAINCHECKER);
    321 
    322 }
	tor-browser The Tor Browser
	git clone https://git.dasho.dev/tor-browser.git
	Log \| Files \| Refs \| README \| LICENSE