| blob | 31752c6fbf7dcf2141dc33e4242e1140e4209456 |
1 /* ***** BEGIN LICENSE BLOCK *****
2 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
3 *
4 * The contents of this file are subject to the Mozilla Public License Version
5 * 1.1 (the "License"); you may not use this file except in compliance with
6 * the License. You may obtain a copy of the License at
7 * http://www.mozilla.org/MPL/
8 *
9 * Software distributed under the License is distributed on an "AS IS" basis,
10 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
11 * for the specific language governing rights and limitations under the
12 * License.
13 *
14 * The Original Code is the PKIX-C library.
15 *
16 * The Initial Developer of the Original Code is
17 * Sun Microsystems, Inc.
18 * Portions created by the Initial Developer are
19 * Copyright 2004-2007 Sun Microsystems, Inc. All Rights Reserved.
20 *
21 * Contributor(s):
22 * Sun Microsystems, Inc.
23 *
24 * Alternatively, the contents of this file may be used under the terms of
25 * either the GNU General Public License Version 2 or later (the "GPL"), or
26 * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
27 * in which case the provisions of the GPL or the LGPL are applicable instead
28 * of those above. If you wish to allow use of your version of this file only
29 * under the terms of either the GPL or the LGPL, and not to allow others to
30 * use your version of this file under the terms of the MPL, indicate your
31 * decision by deleting the provisions above and replace them with the notice
32 * and other provisions required by the GPL or the LGPL. If you do not delete
33 * the provisions above, a recipient may use your version of this file under
34 * the terms of any one of the MPL, the GPL or the LGPL.
35 *
36 * ***** END LICENSE BLOCK ***** */
37 /*
38 * pkix_pl_ocsprequest.c
39 *
40 */
44 /* --Private-OcspRequest-Functions------------------------------------- */
46 /*
47 * FUNCTION: pkix_pl_OcspRequest_Destroy
48 * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
49 */
54 {
62 PKIX_OBJECTNOTOCSPREQUEST);
69 }
74 }
77 /*
78 * The CertList thinks it owns the nssCert. If it destroys it,
79 * PKIX_PL_Cert_Destroy(ocspReq->cert) will crash. Let's
80 * remove the nssCert first, and then destroy the CertList.
81 */
86 }
90 }
96 cleanup:
99 }
101 /*
102 * FUNCTION: pkix_pl_OcspRequest_Hashcode
103 * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
104 */
110 {
121 PKIX_OBJECTNOTOCSPREQUEST);
128 PKIX_CERTHASHCODEFAILED);
131 PKIX_DATEHASHCODEFAILED);
135 }
138 PKIX_CERTHASHCODEFAILED);
143 cleanup:
147 }
149 /*
150 * FUNCTION: pkix_pl_OcspRequest_Equals
151 * (see comments for PKIX_PL_Equals_Callback in pkix_pl_system.h)
152 */
159 {
168 /* test that firstObj is a OcspRequest */
170 PKIX_FIRSTOBJARGUMENTNOTOCSPREQUEST);
172 /*
173 * Since we know firstObj is a OcspRequest, if both references are
174 * identical, they must be equal
175 */
179 }
181 /*
182 * If secondObj isn't a OcspRequest, we don't throw an error.
183 * We simply return a Boolean result of FALSE
184 */
187 PKIX_COULDNOTGETTYPEOFSECONDARGUMENT);
190 }
197 }
200 PKIX_CERTEQUALSFAILED);
204 }
207 PKIX_DATEEQUALSFAILED);
211 }
213 PKIX_EQUALS
215 PKIX_CERTEQUALSFAILED);
217 cleanup:
222 }
224 /*
225 * FUNCTION: pkix_pl_OcspRequest_RegisterSelf
226 * DESCRIPTION:
227 * Registers PKIX_OCSPREQUEST_TYPE and its related functions with
228 * systemClasses[]
229 * PARAMETERS:
230 * "plContext"
231 * Platform-specific context pointer.
232 * THREAD SAFETY:
233 * Not Thread Safe - for performance and complexity reasons
234 *
235 * Since this function is only called by PKIX_PL_Initialize, which should
236 * only be called once, it is acceptable that this function is not
237 * thread-safe.
238 */
239 PKIX_Error *
241 {
243 pkix_ClassTable_Entry entry;
258 }
260 /* --Public-Functions------------------------------------------------------- */
262 /*
263 * FUNCTION: pkix_pl_OcspRequest_Create
264 * DESCRIPTION:
265 *
266 * This function creates an OcspRequest to be used in validating the Cert
267 * pointed to by "cert" and storing the result at "pRequest". If a URI
268 * is found for an OCSP responder, PKIX_TRUE is stored at "pURIFound". If no
269 * URI is found, PKIX_FALSE is stored.
270 *
271 * If a Date is provided in "validity" it may be used in the search for the
272 * issuer of "cert" but has no effect on the request itself. If
273 * "addServiceLocator" is TRUE, the AddServiceLocator extension will be
274 * included in the Request. If "signerCert" is provided it will be used to sign
275 * the Request. (Note: this signed request feature is not currently supported.)
276 *
277 * PARAMETERS:
278 * "cert"
279 * Address of the Cert for which an OcspRequest is to be created. Must be
280 * non-NULL.
281 * "validity"
282 * Address of the Date for which the Cert's validity is to be determined.
283 * May be NULL.
284 * "addServiceLocator"
285 * Boolean value indicating whether the request should include the
286 * AddServiceLocator extension
287 * "signerCert"
288 * Address of the Cert to be used, if present, in signing the request.
289 * May be NULL.
290 * "pRequest"
291 * Address at which the result is stored. Must be non-NULL.
292 * "plContext"
293 * Platform-specific context pointer.
294 * THREAD SAFETY:
295 * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
296 * RETURNS:
297 * Returns NULL if the function succeeds.
298 * Returns an OcspRequest Error if the function fails in a non-fatal way.
299 * Returns a Fatal Error if the function fails in an unrecoverable way.
300 */
301 PKIX_Error *
305 PKIX_Boolean addServiceLocator,
310 {
327 /* create a PKIX_PL_OcspRequest object */
332 plContext),
333 PKIX_COULDNOTCREATEOBJECT);
351 /*
352 * Does this Cert have an Authority Information Access extension with
353 * the URI of an OCSP responder?
354 */
355 PKIX_PL_NSSCALLRV
366 }
370 }
374 }
376 /*
377 * Build a CertList with this one Cert. But be careful: apparently it
378 * is customary for CertLists to "own" the Certs, and to destroy
379 * them as part of CERT_DestroyCertList. We must remember to remove
380 * this Cert from the List before destroying the List. Otherwise it
381 * will be destroyed when the CertList is destroyed and again when
382 * the PKIX_PL_Cert that owns it is destroyed.
383 */
387 }
396 }
400 PKIX_DATEGETPRTIMEFAILED);
403 }
405 addServiceLocatorExtension =
413 }
415 PKIX_PL_NSSCALLRV
421 }
432 cleanup:
435 }
437 /*
438 * FUNCTION: pkix_pl_OcspRequest_GetEncoded
439 * DESCRIPTION:
440 *
441 * This function obtains the encoded message from the OcspRequest pointed to
442 * by "request", storing the result at "pRequest".
443 *
444 * PARAMETERS
445 * "request"
446 * The address of the OcspRequest whose encoded message is to be
447 * retrieved. Must be non-NULL.
448 * "pRequest"
449 * The address at which is stored the address of the encoded message. Must
450 * be non-NULL.
451 * "plContext"
452 * Platform-specific context pointer.
453 * THREAD SAFETY:
454 * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
455 * RETURNS:
456 * Returns NULL if the function succeeds.
457 * Returns a Fatal Error if the function fails in an unrecoverable way.
458 */
459 PKIX_Error *
464 {
471 }
473 /*
474 * FUNCTION: pkix_pl_OcspRequest_GetLocation
475 * DESCRIPTION:
476 *
477 * This function obtains the location from the OcspRequest pointed to
478 * by "request", storing the result at "pLocation".
479 *
480 * PARAMETERS
481 * "request"
482 * The address of the OcspRequest whose encoded message is to be
483 * retrieved. Must be non-NULL.
484 * "pLocation"
485 * The address at which is stored the address of the location. Must
486 * be non-NULL.
487 * "plContext"
488 * Platform-specific context pointer.
489 * THREAD SAFETY:
490 * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
491 * RETURNS:
492 * Returns NULL if the function succeeds.
493 * Returns a Fatal Error if the function fails in an unrecoverable way.
494 */
495 PKIX_Error *
500 {
507 }
509 /*
510 * FUNCTION: pkix_pl_OcspRequest_GetCertID
511 * DESCRIPTION:
512 *
513 * This function obtains the certID from the OcspRequest pointed to
514 * by "request", storing the result at "pCertID".
515 *
516 * PARAMETERS
517 * "request"
518 * The address of the OcspRequest whose certID is to be retrieved. Must
519 * be non-NULL.
520 * "pCertID"
521 * The address at which is stored the certID of the request. Must be
522 * non-NULL.
523 * "plContext"
524 * Platform-specific context pointer.
525 * THREAD SAFETY:
526 * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
527 * RETURNS:
528 * Returns NULL if the function succeeds.
529 * Returns a Fatal Error if the function fails in an unrecoverable way.
530 */
531 PKIX_Error *
536 {
548 }