mirror of
https://github.com/classilla/tenfourfox.git
synced 2024-08-11 05:29:00 +00:00
152 lines
4.4 KiB
C
152 lines
4.4 KiB
C
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
/*
|
|
* pkix_pl_crldp.c
|
|
*
|
|
* Crl DP Object Functions
|
|
*
|
|
*/
|
|
|
|
#include "pkix_pl_crldp.h"
|
|
|
|
static PKIX_Error *
|
|
pkix_pl_CrlDp_Destroy(
|
|
PKIX_PL_Object *object,
|
|
void *plContext)
|
|
{
|
|
pkix_pl_CrlDp *crldp = NULL;
|
|
|
|
PKIX_ENTER(CRLCHECKER, "pkix_CrlDp_Destroy");
|
|
PKIX_NULLCHECK_ONE(object);
|
|
|
|
/* Check that this object is a default CRL checker state */
|
|
PKIX_CHECK(
|
|
pkix_CheckType(object, PKIX_CRLDP_TYPE, plContext),
|
|
PKIX_OBJECTNOTCRLCHECKER);
|
|
|
|
crldp = (pkix_pl_CrlDp *)object;
|
|
if (crldp->distPointType == relativeDistinguishedName) {
|
|
CERT_DestroyName(crldp->name.issuerName);
|
|
crldp->name.issuerName = NULL;
|
|
}
|
|
crldp->nssdp = NULL;
|
|
cleanup:
|
|
PKIX_RETURN(CRLCHECKER);
|
|
}
|
|
|
|
/*
|
|
* FUNCTION: pkix_pl_CrlDp_RegisterSelf
|
|
*
|
|
* DESCRIPTION:
|
|
* Registers PKIX_CRLDP_TYPE and its related functions
|
|
* with systemClasses[]
|
|
*
|
|
* THREAD SAFETY:
|
|
* Not Thread Safe (see Thread Safety Definitions in Programmer's Guide)
|
|
*
|
|
* Since this function is only called by PKIX_PL_Initialize, which should
|
|
* only be called once, it is acceptable that this function is not
|
|
* thread-safe.
|
|
*/
|
|
PKIX_Error *
|
|
pkix_pl_CrlDp_RegisterSelf(void *plContext)
|
|
{
|
|
extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
|
|
pkix_ClassTable_Entry* entry = &systemClasses[PKIX_CRLDP_TYPE];
|
|
|
|
PKIX_ENTER(CRLCHECKER, "pkix_CrlDp_RegisterSelf");
|
|
|
|
entry->description = "CrlDistPoint";
|
|
entry->typeObjectSize = sizeof(pkix_pl_CrlDp);
|
|
entry->destructor = pkix_pl_CrlDp_Destroy;
|
|
entry->duplicateFunction = pkix_duplicateImmutable;
|
|
|
|
PKIX_RETURN(CRLCHECKER);
|
|
}
|
|
|
|
|
|
|
|
PKIX_Error *
|
|
pkix_pl_CrlDp_Create(
|
|
const CRLDistributionPoint *dp,
|
|
const CERTName *certIssuerName,
|
|
pkix_pl_CrlDp **pPkixDP,
|
|
void *plContext)
|
|
{
|
|
PLArenaPool *rdnArena = NULL;
|
|
CERTName *issuerNameCopy = NULL;
|
|
pkix_pl_CrlDp *dpl = NULL;
|
|
|
|
/* Need to save the following info to update crl cache:
|
|
* - reasons if partitioned(but can not return revocation check
|
|
* success if not all crl are downloaded)
|
|
* - issuer name if different from issuer of the cert
|
|
* - url to upload a crl if needed.
|
|
* */
|
|
PKIX_ENTER(CRLDP, "pkix_pl_CrlDp_Create");
|
|
PKIX_NULLCHECK_ONE(dp);
|
|
|
|
PKIX_CHECK(
|
|
PKIX_PL_Object_Alloc(PKIX_CRLDP_TYPE,
|
|
sizeof (pkix_pl_CrlDp),
|
|
(PKIX_PL_Object **)&dpl,
|
|
plContext),
|
|
PKIX_COULDNOTCREATEOBJECT);
|
|
|
|
dpl->nssdp = dp;
|
|
dpl->isPartitionedByReasonCode = PKIX_FALSE;
|
|
if (dp->reasons.data) {
|
|
dpl->isPartitionedByReasonCode = PKIX_TRUE;
|
|
}
|
|
if (dp->distPointType == generalName) {
|
|
dpl->distPointType = generalName;
|
|
dpl->name.fullName = dp->distPoint.fullName;
|
|
} else {
|
|
SECStatus rv;
|
|
const CERTName *issuerName = NULL;
|
|
const CERTRDN *relName = &dp->distPoint.relativeName;
|
|
|
|
if (dp->crlIssuer) {
|
|
if (dp->crlIssuer->l.next) {
|
|
/* Violate RFC 5280: in this case crlIssuer
|
|
* should have only one name and should be
|
|
* a distinguish name. */
|
|
PKIX_ERROR(PKIX_NOTCONFORMINGCRLDP);
|
|
}
|
|
issuerName = &dp->crlIssuer->name.directoryName;
|
|
} else {
|
|
issuerName = certIssuerName;
|
|
}
|
|
rdnArena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
|
|
if (!rdnArena) {
|
|
PKIX_ERROR(PKIX_PORTARENAALLOCFAILED);
|
|
}
|
|
issuerNameCopy = (CERTName *)PORT_ArenaZNew(rdnArena, CERTName);
|
|
if (!issuerNameCopy) {
|
|
PKIX_ERROR(PKIX_ALLOCERROR);
|
|
}
|
|
rv = CERT_CopyName(rdnArena, issuerNameCopy, (CERTName*)issuerName);
|
|
if (rv == SECFailure) {
|
|
PKIX_ERROR(PKIX_ALLOCERROR);
|
|
}
|
|
rv = CERT_AddRDN(issuerNameCopy, (CERTRDN*)relName);
|
|
if (rv == SECFailure) {
|
|
PKIX_ERROR(PKIX_ALLOCERROR);
|
|
}
|
|
dpl->distPointType = relativeDistinguishedName;
|
|
dpl->name.issuerName = issuerNameCopy;
|
|
rdnArena = NULL;
|
|
}
|
|
*pPkixDP = dpl;
|
|
dpl = NULL;
|
|
|
|
cleanup:
|
|
if (rdnArena) {
|
|
PORT_FreeArena(rdnArena, PR_FALSE);
|
|
}
|
|
PKIX_DECREF(dpl);
|
|
|
|
PKIX_RETURN(CRLDP);
|
|
}
|