File: | s/lib/libpkix/pkix/checker/pkix_ekuchecker.c |
Warning: | line 307, column 9 Access to field 'ekuOID' results in a dereference of a null pointer (loaded from variable 'state') |
Press '?' to see keyboard shortcuts
Keyboard shortcuts:
1 | /* This Source Code Form is subject to the terms of the Mozilla Public | |||
2 | * License, v. 2.0. If a copy of the MPL was not distributed with this | |||
3 | * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | |||
4 | /* | |||
5 | * pkix_ekuchecker.c | |||
6 | * | |||
7 | * User Defined ExtenedKeyUsage Function Definitions | |||
8 | * | |||
9 | */ | |||
10 | ||||
11 | #include "pkix_ekuchecker.h" | |||
12 | ||||
13 | SECOidTag ekuOidStrings[] = { | |||
14 | PKIX_KEY_USAGE_SERVER_AUTH_OIDSEC_OID_EXT_KEY_USAGE_SERVER_AUTH, | |||
15 | PKIX_KEY_USAGE_CLIENT_AUTH_OIDSEC_OID_EXT_KEY_USAGE_CLIENT_AUTH, | |||
16 | PKIX_KEY_USAGE_CODE_SIGN_OIDSEC_OID_EXT_KEY_USAGE_CODE_SIGN, | |||
17 | PKIX_KEY_USAGE_EMAIL_PROTECT_OIDSEC_OID_EXT_KEY_USAGE_EMAIL_PROTECT, | |||
18 | PKIX_KEY_USAGE_TIME_STAMP_OIDSEC_OID_EXT_KEY_USAGE_TIME_STAMP, | |||
19 | PKIX_KEY_USAGE_OCSP_RESPONDER_OIDSEC_OID_OCSP_RESPONDER, | |||
20 | PKIX_UNKNOWN_OIDSEC_OID_UNKNOWN | |||
21 | }; | |||
22 | ||||
23 | typedef struct pkix_EkuCheckerStruct { | |||
24 | PKIX_List *requiredExtKeyUsageOids; | |||
25 | PKIX_PL_OID *ekuOID; | |||
26 | } pkix_EkuChecker; | |||
27 | ||||
28 | ||||
29 | /* | |||
30 | * FUNCTION: pkix_EkuChecker_Destroy | |||
31 | * (see comments for PKIX_DestructorCallback in pkix_pl_system.h) | |||
32 | */ | |||
33 | static PKIX_Error * | |||
34 | pkix_EkuChecker_Destroy( | |||
35 | PKIX_PL_Object *object, | |||
36 | void *plContext) | |||
37 | { | |||
38 | pkix_EkuChecker *ekuCheckerState = NULL((void*)0); | |||
39 | ||||
40 | PKIX_ENTER(EKUCHECKER, "pkix_EkuChecker_Destroy")static const char cMyFuncName[] = {"pkix_EkuChecker_Destroy"} ; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_EKUCHECKER_ERROR; ; do { if (pkixLoggersDebugTrace ) { pkix_Logger_Check(pkixLoggersDebugTrace, stdVars.aMyFuncName , ">>>", stdVars.aPkixType, 5, plContext); } } while (0);; | |||
41 | PKIX_NULLCHECK_ONE(object)do { if ((object) == ((void*)0)){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT ; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean ) 1), plContext);; } } while (0); | |||
42 | ||||
43 | PKIX_CHECK(pkix_CheckType(object, PKIX_EKUCHECKER_TYPE, plContext),do { stdVars.aPkixErrorResult = (pkix_CheckType(object, PKIX_EKUCHECKER_TYPE , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OBJECTNOTANEKUCHECKERSTATE; goto cleanup; } } while ( 0) | |||
44 | PKIX_OBJECTNOTANEKUCHECKERSTATE)do { stdVars.aPkixErrorResult = (pkix_CheckType(object, PKIX_EKUCHECKER_TYPE , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OBJECTNOTANEKUCHECKERSTATE; goto cleanup; } } while ( 0); | |||
45 | ||||
46 | ekuCheckerState = (pkix_EkuChecker *)object; | |||
47 | ||||
48 | PKIX_DECREF(ekuCheckerState->ekuOID)do { if (ekuCheckerState->ekuOID){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(ekuCheckerState-> ekuOID), plContext); if (stdVars.aPkixTempResult) { PKIX_DoAddError (&stdVars, stdVars.aPkixTempResult, plContext); stdVars.aPkixTempResult = ((void*)0); } ekuCheckerState->ekuOID = ((void*)0); } } while (0); | |||
49 | PKIX_DECREF(ekuCheckerState->requiredExtKeyUsageOids)do { if (ekuCheckerState->requiredExtKeyUsageOids){ stdVars .aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)( ekuCheckerState->requiredExtKeyUsageOids), plContext); if ( stdVars.aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars .aPkixTempResult, plContext); stdVars.aPkixTempResult = ((void *)0); } ekuCheckerState->requiredExtKeyUsageOids = ((void* )0); } } while (0); | |||
50 | ||||
51 | cleanup: | |||
52 | ||||
53 | PKIX_RETURN(EKUCHECKER)return PKIX_DoReturn(&stdVars, (PKIX_EKUCHECKER_ERROR), ( (PKIX_Boolean) 1), plContext);; | |||
54 | } | |||
55 | ||||
56 | /* | |||
57 | * FUNCTION: pkix_EkuChecker_RegisterSelf | |||
58 | * | |||
59 | * DESCRIPTION: | |||
60 | * Registers PKIX_PL_HTTPCERTSTORECONTEXT_TYPE and its related | |||
61 | * functions with systemClasses[] | |||
62 | * | |||
63 | * THREAD SAFETY: | |||
64 | * Not Thread Safe - for performance and complexity reasons | |||
65 | * | |||
66 | * Since this function is only called by PKIX_PL_Initialize, which should | |||
67 | * only be called once, it is acceptable that this function is not | |||
68 | * thread-safe. | |||
69 | */ | |||
70 | PKIX_Error * | |||
71 | pkix_EkuChecker_RegisterSelf(void *plContext) | |||
72 | { | |||
73 | extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES]; | |||
74 | pkix_ClassTable_Entry *entry = &systemClasses[PKIX_EKUCHECKER_TYPE]; | |||
75 | ||||
76 | PKIX_ENTER(EKUCHECKER, "pkix_EkuChecker_RegisterSelf")static const char cMyFuncName[] = {"pkix_EkuChecker_RegisterSelf" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_EKUCHECKER_ERROR; ; do { if (pkixLoggersDebugTrace ) { pkix_Logger_Check(pkixLoggersDebugTrace, stdVars.aMyFuncName , ">>>", stdVars.aPkixType, 5, plContext); } } while (0);; | |||
77 | ||||
78 | entry->description = "EkuChecker"; | |||
79 | entry->typeObjectSize = sizeof(pkix_EkuChecker); | |||
80 | entry->destructor = pkix_EkuChecker_Destroy; | |||
81 | ||||
82 | PKIX_RETURN(EKUCHECKER)return PKIX_DoReturn(&stdVars, (PKIX_EKUCHECKER_ERROR), ( (PKIX_Boolean) 1), plContext);; | |||
83 | } | |||
84 | ||||
85 | /* | |||
86 | * FUNCTION: pkix_EkuChecker_Create | |||
87 | * DESCRIPTION: | |||
88 | * | |||
89 | * Creates a new Extend Key Usage CheckerState using "params" to retrieve | |||
90 | * application specified EKU for verification and stores it at "pState". | |||
91 | * | |||
92 | * PARAMETERS: | |||
93 | * "params" | |||
94 | * a PKIX_ProcessingParams links to PKIX_ComCertSelParams where a list of | |||
95 | * Extended Key Usage OIDs specified by application can be retrieved for | |||
96 | * verification. | |||
97 | * "pState" | |||
98 | * Address where state pointer will be stored. Must be non-NULL. | |||
99 | * "plContext" | |||
100 | * Platform-specific context pointer. | |||
101 | * THREAD SAFETY: | |||
102 | * Thread Safe (see Thread Safety Definitions in Programmer's Guide) | |||
103 | * RETURNS: | |||
104 | * Returns NULL if the function succeeds. | |||
105 | * Returns a UserDefinedModules Error if the function fails in a | |||
106 | * non-fatal way. | |||
107 | * Returns a Fatal Error if the function fails in an unrecoverable way. | |||
108 | */ | |||
109 | static PKIX_Error * | |||
110 | pkix_EkuChecker_Create( | |||
111 | PKIX_ProcessingParams *params, | |||
112 | pkix_EkuChecker **pState, | |||
113 | void *plContext) | |||
114 | { | |||
115 | pkix_EkuChecker *state = NULL((void*)0); | |||
116 | PKIX_CertSelector *certSelector = NULL((void*)0); | |||
117 | PKIX_ComCertSelParams *comCertSelParams = NULL((void*)0); | |||
118 | PKIX_List *requiredOids = NULL((void*)0); | |||
119 | ||||
120 | PKIX_ENTER(EKUCHECKER, "pkix_EkuChecker_Create")static const char cMyFuncName[] = {"pkix_EkuChecker_Create"}; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_EKUCHECKER_ERROR; ; do { if (pkixLoggersDebugTrace ) { pkix_Logger_Check(pkixLoggersDebugTrace, stdVars.aMyFuncName , ">>>", stdVars.aPkixType, 5, plContext); } } while (0);; | |||
121 | PKIX_NULLCHECK_TWO(params, pState)do { if (((params) == ((void*)0)) || ((pState) == ((void*)0)) ){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR ), ((PKIX_Boolean) 1), plContext);; } } while (0); | |||
122 | ||||
123 | PKIX_CHECK(PKIX_PL_Object_Allocdo { stdVars.aPkixErrorResult = (PKIX_PL_Object_Alloc (PKIX_EKUCHECKER_TYPE , sizeof (pkix_EkuChecker), (PKIX_PL_Object **)&state, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_COULDNOTCREATEEKUCHECKERSTATEOBJECT; goto cleanup; } } while (0) | |||
124 | (PKIX_EKUCHECKER_TYPE,do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Alloc (PKIX_EKUCHECKER_TYPE , sizeof (pkix_EkuChecker), (PKIX_PL_Object **)&state, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_COULDNOTCREATEEKUCHECKERSTATEOBJECT; goto cleanup; } } while (0) | |||
125 | sizeof (pkix_EkuChecker),do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Alloc (PKIX_EKUCHECKER_TYPE , sizeof (pkix_EkuChecker), (PKIX_PL_Object **)&state, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_COULDNOTCREATEEKUCHECKERSTATEOBJECT; goto cleanup; } } while (0) | |||
126 | (PKIX_PL_Object **)&state,do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Alloc (PKIX_EKUCHECKER_TYPE , sizeof (pkix_EkuChecker), (PKIX_PL_Object **)&state, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_COULDNOTCREATEEKUCHECKERSTATEOBJECT; goto cleanup; } } while (0) | |||
127 | plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Alloc (PKIX_EKUCHECKER_TYPE , sizeof (pkix_EkuChecker), (PKIX_PL_Object **)&state, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_COULDNOTCREATEEKUCHECKERSTATEOBJECT; goto cleanup; } } while (0) | |||
128 | PKIX_COULDNOTCREATEEKUCHECKERSTATEOBJECT)do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Alloc (PKIX_EKUCHECKER_TYPE , sizeof (pkix_EkuChecker), (PKIX_PL_Object **)&state, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_COULDNOTCREATEEKUCHECKERSTATEOBJECT; goto cleanup; } } while (0); | |||
129 | ||||
130 | ||||
131 | PKIX_CHECK(PKIX_ProcessingParams_GetTargetCertConstraintsdo { stdVars.aPkixErrorResult = (PKIX_ProcessingParams_GetTargetCertConstraints (params, &certSelector, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_PROCESSINGPARAMSGETTARGETCERTCONSTRAINTSFAILED ; goto cleanup; } } while (0) | |||
132 | (params, &certSelector, plContext),do { stdVars.aPkixErrorResult = (PKIX_ProcessingParams_GetTargetCertConstraints (params, &certSelector, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_PROCESSINGPARAMSGETTARGETCERTCONSTRAINTSFAILED ; goto cleanup; } } while (0) | |||
133 | PKIX_PROCESSINGPARAMSGETTARGETCERTCONSTRAINTSFAILED)do { stdVars.aPkixErrorResult = (PKIX_ProcessingParams_GetTargetCertConstraints (params, &certSelector, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_PROCESSINGPARAMSGETTARGETCERTCONSTRAINTSFAILED ; goto cleanup; } } while (0); | |||
134 | ||||
135 | if (certSelector != NULL((void*)0)) { | |||
136 | ||||
137 | /* Get initial EKU OIDs from ComCertSelParams, if set */ | |||
138 | PKIX_CHECK(PKIX_CertSelector_GetCommonCertSelectorParamsdo { stdVars.aPkixErrorResult = (PKIX_CertSelector_GetCommonCertSelectorParams (certSelector, &comCertSelParams, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTSELECTORGETCOMMONCERTSELECTORPARAMSFAILED ; goto cleanup; } } while (0) | |||
139 | (certSelector, &comCertSelParams, plContext),do { stdVars.aPkixErrorResult = (PKIX_CertSelector_GetCommonCertSelectorParams (certSelector, &comCertSelParams, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTSELECTORGETCOMMONCERTSELECTORPARAMSFAILED ; goto cleanup; } } while (0) | |||
140 | PKIX_CERTSELECTORGETCOMMONCERTSELECTORPARAMSFAILED)do { stdVars.aPkixErrorResult = (PKIX_CertSelector_GetCommonCertSelectorParams (certSelector, &comCertSelParams, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTSELECTORGETCOMMONCERTSELECTORPARAMSFAILED ; goto cleanup; } } while (0); | |||
141 | ||||
142 | if (comCertSelParams != NULL((void*)0)) { | |||
143 | PKIX_CHECK(PKIX_ComCertSelParams_GetExtendedKeyUsagedo { stdVars.aPkixErrorResult = (PKIX_ComCertSelParams_GetExtendedKeyUsage (comCertSelParams, &requiredOids, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_COMCERTSELPARAMSGETEXTENDEDKEYUSAGEFAILED ; goto cleanup; } } while (0) | |||
144 | (comCertSelParams, &requiredOids, plContext),do { stdVars.aPkixErrorResult = (PKIX_ComCertSelParams_GetExtendedKeyUsage (comCertSelParams, &requiredOids, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_COMCERTSELPARAMSGETEXTENDEDKEYUSAGEFAILED ; goto cleanup; } } while (0) | |||
145 | PKIX_COMCERTSELPARAMSGETEXTENDEDKEYUSAGEFAILED)do { stdVars.aPkixErrorResult = (PKIX_ComCertSelParams_GetExtendedKeyUsage (comCertSelParams, &requiredOids, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_COMCERTSELPARAMSGETEXTENDEDKEYUSAGEFAILED ; goto cleanup; } } while (0); | |||
146 | ||||
147 | } | |||
148 | } | |||
149 | ||||
150 | PKIX_CHECK(PKIX_PL_OID_Createdo { stdVars.aPkixErrorResult = (PKIX_PL_OID_Create (SEC_OID_X509_EXT_KEY_USAGE , &state->ekuOID, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_OIDCREATEFAILED; goto cleanup ; } } while (0) | |||
151 | (PKIX_EXTENDEDKEYUSAGE_OID,do { stdVars.aPkixErrorResult = (PKIX_PL_OID_Create (SEC_OID_X509_EXT_KEY_USAGE , &state->ekuOID, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_OIDCREATEFAILED; goto cleanup ; } } while (0) | |||
152 | &state->ekuOID,do { stdVars.aPkixErrorResult = (PKIX_PL_OID_Create (SEC_OID_X509_EXT_KEY_USAGE , &state->ekuOID, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_OIDCREATEFAILED; goto cleanup ; } } while (0) | |||
153 | plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_OID_Create (SEC_OID_X509_EXT_KEY_USAGE , &state->ekuOID, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_OIDCREATEFAILED; goto cleanup ; } } while (0) | |||
154 | PKIX_OIDCREATEFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_OID_Create (SEC_OID_X509_EXT_KEY_USAGE , &state->ekuOID, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_OIDCREATEFAILED; goto cleanup ; } } while (0); | |||
155 | ||||
156 | state->requiredExtKeyUsageOids = requiredOids; | |||
157 | requiredOids = NULL((void*)0); | |||
158 | *pState = state; | |||
159 | state = NULL((void*)0); | |||
160 | ||||
161 | cleanup: | |||
162 | ||||
163 | PKIX_DECREF(certSelector)do { if (certSelector){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(certSelector), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } certSelector = ((void *)0); } } while (0); | |||
164 | PKIX_DECREF(comCertSelParams)do { if (comCertSelParams){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(comCertSelParams), plContext); if (stdVars .aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); } comCertSelParams = ((void*)0); } } while (0); | |||
165 | PKIX_DECREF(requiredOids)do { if (requiredOids){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(requiredOids), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } requiredOids = ((void *)0); } } while (0); | |||
166 | PKIX_DECREF(state)do { if (state){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(state), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } state = ((void*)0) ; } } while (0); | |||
167 | ||||
168 | PKIX_RETURN(EKUCHECKER)return PKIX_DoReturn(&stdVars, (PKIX_EKUCHECKER_ERROR), ( (PKIX_Boolean) 1), plContext);; | |||
169 | } | |||
170 | ||||
171 | /* | |||
172 | * FUNCTION: pkix_EkuChecker_Check | |||
173 | * DESCRIPTION: | |||
174 | * | |||
175 | * This function determines the Extended Key Usage OIDs specified by the | |||
176 | * application is included in the Extended Key Usage OIDs of this "cert". | |||
177 | * | |||
178 | * PARAMETERS: | |||
179 | * "checker" | |||
180 | * Address of CertChainChecker which has the state data. | |||
181 | * Must be non-NULL. | |||
182 | * "cert" | |||
183 | * Address of Certificate that is to be validated. Must be non-NULL. | |||
184 | * "unresolvedCriticalExtensions" | |||
185 | * A List OIDs. The OID for Extended Key Usage is removed. | |||
186 | * "plContext" | |||
187 | * Platform-specific context pointer. | |||
188 | * THREAD SAFETY: | |||
189 | * Thread Safe (see Thread Safety Definitions in Programmer's Guide) | |||
190 | * RETURNS: | |||
191 | * Returns NULL if the function succeeds. | |||
192 | * Returns a UserDefinedModules Error if the function fails in | |||
193 | * a non-fatal way. | |||
194 | * Returns a Fatal Error if the function fails in an unrecoverable way. | |||
195 | */ | |||
196 | static PKIX_Error * | |||
197 | pkix_EkuChecker_Check( | |||
198 | PKIX_CertChainChecker *checker, | |||
199 | PKIX_PL_Cert *cert, | |||
200 | PKIX_List *unresolvedCriticalExtensions, | |||
201 | void **pNBIOContext, | |||
202 | void *plContext) | |||
203 | { | |||
204 | pkix_EkuChecker *state = NULL((void*)0); | |||
205 | PKIX_List *requiredExtKeyUsageList = NULL((void*)0); | |||
206 | PKIX_List *certExtKeyUsageList = NULL((void*)0); | |||
207 | PKIX_PL_OID *ekuOid = NULL((void*)0); | |||
208 | PKIX_Boolean isContained = PKIX_FALSE((PKIX_Boolean) 0); | |||
209 | PKIX_UInt32 numItems = 0; | |||
210 | PKIX_UInt32 i; | |||
211 | PKIX_Boolean checkResult = PKIX_TRUE((PKIX_Boolean) 1); | |||
212 | ||||
213 | PKIX_ENTER(EKUCHECKER, "pkix_EkuChecker_Check")static const char cMyFuncName[] = {"pkix_EkuChecker_Check"}; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName; stdVars .aPkixType = PKIX_EKUCHECKER_ERROR; ; do { if (pkixLoggersDebugTrace ) { pkix_Logger_Check(pkixLoggersDebugTrace, stdVars.aMyFuncName , ">>>", stdVars.aPkixType, 5, plContext); } } while (0);; | |||
214 | PKIX_NULLCHECK_THREE(checker, cert, pNBIOContext)do { if (((checker) == ((void*)0)) || ((cert) == ((void*)0)) || ((pNBIOContext) == ((void*)0))){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT ; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean ) 1), plContext);; } } while (0); | |||
215 | ||||
216 | *pNBIOContext = NULL((void*)0); /* no non-blocking IO */ | |||
217 | ||||
218 | PKIX_CHECK(do { stdVars.aPkixErrorResult = (PKIX_CertChainChecker_GetCertChainCheckerState (checker, (PKIX_PL_Object **)&state, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTCHAINCHECKERGETCERTCHAINCHECKERSTATEFAILED ; goto cleanup; } } while (0) | |||
219 | PKIX_CertChainChecker_GetCertChainCheckerStatedo { stdVars.aPkixErrorResult = (PKIX_CertChainChecker_GetCertChainCheckerState (checker, (PKIX_PL_Object **)&state, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTCHAINCHECKERGETCERTCHAINCHECKERSTATEFAILED ; goto cleanup; } } while (0) | |||
220 | (checker, (PKIX_PL_Object **)&state, plContext),do { stdVars.aPkixErrorResult = (PKIX_CertChainChecker_GetCertChainCheckerState (checker, (PKIX_PL_Object **)&state, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTCHAINCHECKERGETCERTCHAINCHECKERSTATEFAILED ; goto cleanup; } } while (0) | |||
221 | PKIX_CERTCHAINCHECKERGETCERTCHAINCHECKERSTATEFAILED)do { stdVars.aPkixErrorResult = (PKIX_CertChainChecker_GetCertChainCheckerState (checker, (PKIX_PL_Object **)&state, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTCHAINCHECKERGETCERTCHAINCHECKERSTATEFAILED ; goto cleanup; } } while (0); | |||
222 | ||||
223 | requiredExtKeyUsageList = state->requiredExtKeyUsageOids; | |||
224 | if (requiredExtKeyUsageList == NULL((void*)0)) { | |||
225 | goto cleanup; | |||
226 | } | |||
227 | ||||
228 | PKIX_CHECK(do { stdVars.aPkixErrorResult = (PKIX_List_GetLength(requiredExtKeyUsageList , &numItems, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup ; } } while (0) | |||
229 | PKIX_List_GetLength(requiredExtKeyUsageList, &numItems,do { stdVars.aPkixErrorResult = (PKIX_List_GetLength(requiredExtKeyUsageList , &numItems, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup ; } } while (0) | |||
230 | plContext),do { stdVars.aPkixErrorResult = (PKIX_List_GetLength(requiredExtKeyUsageList , &numItems, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup ; } } while (0) | |||
231 | PKIX_LISTGETLENGTHFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_GetLength(requiredExtKeyUsageList , &numItems, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup ; } } while (0); | |||
232 | if (numItems == 0) { | |||
233 | goto cleanup; | |||
234 | } | |||
235 | ||||
236 | PKIX_CHECK(do { stdVars.aPkixErrorResult = (PKIX_PL_Cert_GetExtendedKeyUsage (cert, &certExtKeyUsageList, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTGETEXTENDEDKEYUSAGEFAILED ; goto cleanup; } } while (0) | |||
237 | PKIX_PL_Cert_GetExtendedKeyUsage(cert, &certExtKeyUsageList,do { stdVars.aPkixErrorResult = (PKIX_PL_Cert_GetExtendedKeyUsage (cert, &certExtKeyUsageList, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTGETEXTENDEDKEYUSAGEFAILED ; goto cleanup; } } while (0) | |||
238 | plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_Cert_GetExtendedKeyUsage (cert, &certExtKeyUsageList, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTGETEXTENDEDKEYUSAGEFAILED ; goto cleanup; } } while (0) | |||
239 | PKIX_CERTGETEXTENDEDKEYUSAGEFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_Cert_GetExtendedKeyUsage (cert, &certExtKeyUsageList, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTGETEXTENDEDKEYUSAGEFAILED ; goto cleanup; } } while (0); | |||
240 | ||||
241 | if (certExtKeyUsageList == NULL((void*)0)) { | |||
242 | goto cleanup; | |||
243 | } | |||
244 | ||||
245 | for (i = 0; i < numItems; i++) { | |||
246 | ||||
247 | PKIX_CHECK(do { stdVars.aPkixErrorResult = (PKIX_List_GetItem(requiredExtKeyUsageList , i, (PKIX_PL_Object **)&ekuOid, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
248 | PKIX_List_GetItem(requiredExtKeyUsageList, i,do { stdVars.aPkixErrorResult = (PKIX_List_GetItem(requiredExtKeyUsageList , i, (PKIX_PL_Object **)&ekuOid, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
249 | (PKIX_PL_Object **)&ekuOid, plContext),do { stdVars.aPkixErrorResult = (PKIX_List_GetItem(requiredExtKeyUsageList , i, (PKIX_PL_Object **)&ekuOid, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
250 | PKIX_LISTGETITEMFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_GetItem(requiredExtKeyUsageList , i, (PKIX_PL_Object **)&ekuOid, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0); | |||
251 | ||||
252 | PKIX_CHECK(do { stdVars.aPkixErrorResult = (pkix_List_Contains(certExtKeyUsageList , (PKIX_PL_Object *)ekuOid, &isContained, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCONTAINSFAILED ; goto cleanup; } } while (0) | |||
253 | pkix_List_Contains(certExtKeyUsageList,do { stdVars.aPkixErrorResult = (pkix_List_Contains(certExtKeyUsageList , (PKIX_PL_Object *)ekuOid, &isContained, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCONTAINSFAILED ; goto cleanup; } } while (0) | |||
254 | (PKIX_PL_Object *)ekuOid,do { stdVars.aPkixErrorResult = (pkix_List_Contains(certExtKeyUsageList , (PKIX_PL_Object *)ekuOid, &isContained, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCONTAINSFAILED ; goto cleanup; } } while (0) | |||
255 | &isContained,do { stdVars.aPkixErrorResult = (pkix_List_Contains(certExtKeyUsageList , (PKIX_PL_Object *)ekuOid, &isContained, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCONTAINSFAILED ; goto cleanup; } } while (0) | |||
256 | plContext),do { stdVars.aPkixErrorResult = (pkix_List_Contains(certExtKeyUsageList , (PKIX_PL_Object *)ekuOid, &isContained, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCONTAINSFAILED ; goto cleanup; } } while (0) | |||
257 | PKIX_LISTCONTAINSFAILED)do { stdVars.aPkixErrorResult = (pkix_List_Contains(certExtKeyUsageList , (PKIX_PL_Object *)ekuOid, &isContained, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCONTAINSFAILED ; goto cleanup; } } while (0); | |||
258 | ||||
259 | PKIX_DECREF(ekuOid)do { if (ekuOid){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(ekuOid), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } ekuOid = ((void*)0 ); } } while (0); | |||
260 | if (isContained != PKIX_TRUE((PKIX_Boolean) 1)) { | |||
261 | checkResult = PKIX_FALSE((PKIX_Boolean) 0); | |||
262 | goto cleanup; | |||
263 | } | |||
264 | } | |||
265 | ||||
266 | cleanup: | |||
267 | if (!pkixErrorResultstdVars.aPkixErrorResult && checkResult == PKIX_FALSE((PKIX_Boolean) 0)) { | |||
268 | pkixErrorReceivedstdVars.aPkixErrorReceived = PKIX_TRUE((PKIX_Boolean) 1); | |||
269 | pkixErrorCodestdVars.aPkixErrorCode = PKIX_EXTENDEDKEYUSAGECHECKINGFAILED; | |||
270 | } | |||
271 | ||||
272 | PKIX_DECREF(ekuOid)do { if (ekuOid){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(ekuOid), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } ekuOid = ((void*)0 ); } } while (0); | |||
273 | PKIX_DECREF(certExtKeyUsageList)do { if (certExtKeyUsageList){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(certExtKeyUsageList), plContext); if (stdVars .aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); } certExtKeyUsageList = ((void*)0); } } while (0); | |||
274 | PKIX_DECREF(state)do { if (state){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(state), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } state = ((void*)0) ; } } while (0); | |||
275 | ||||
276 | PKIX_RETURN(EKUCHECKER)return PKIX_DoReturn(&stdVars, (PKIX_EKUCHECKER_ERROR), ( (PKIX_Boolean) 1), plContext);; | |||
277 | } | |||
278 | ||||
279 | /* | |||
280 | * FUNCTION: pkix_EkuChecker_Initialize | |||
281 | * (see comments in pkix_sample_modules.h) | |||
282 | */ | |||
283 | PKIX_Error * | |||
284 | PKIX_EkuChecker_Create( | |||
285 | PKIX_ProcessingParams *params, | |||
286 | PKIX_CertChainChecker **pEkuChecker, | |||
287 | void *plContext) | |||
288 | { | |||
289 | pkix_EkuChecker *state = NULL((void*)0); | |||
| ||||
290 | PKIX_List *critExtOIDsList = NULL((void*)0); | |||
291 | ||||
292 | PKIX_ENTER(EKUCHECKER, "PKIX_EkuChecker_Initialize")static const char cMyFuncName[] = {"PKIX_EkuChecker_Initialize" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_EKUCHECKER_ERROR; ; do { if (pkixLoggersDebugTrace ) { pkix_Logger_Check(pkixLoggersDebugTrace, stdVars.aMyFuncName , ">>>", stdVars.aPkixType, 5, plContext); } } while (0);; | |||
293 | PKIX_NULLCHECK_ONE(params)do { if ((params) == ((void*)0)){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT ; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean ) 1), plContext);; } } while (0); | |||
294 | ||||
295 | /* | |||
296 | * This function and functions in this file provide an example of how | |||
297 | * an application defined checker can be hooked into libpkix. | |||
298 | */ | |||
299 | ||||
300 | PKIX_CHECK(pkix_EkuChecker_Createdo { stdVars.aPkixErrorResult = (pkix_EkuChecker_Create (params , &state, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_EKUCHECKERSTATECREATEFAILED; goto cleanup ; } } while (0) | |||
301 | (params, &state, plContext),do { stdVars.aPkixErrorResult = (pkix_EkuChecker_Create (params , &state, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_EKUCHECKERSTATECREATEFAILED; goto cleanup ; } } while (0) | |||
302 | PKIX_EKUCHECKERSTATECREATEFAILED)do { stdVars.aPkixErrorResult = (pkix_EkuChecker_Create (params , &state, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_EKUCHECKERSTATECREATEFAILED; goto cleanup ; } } while (0); | |||
303 | ||||
304 | PKIX_CHECK(PKIX_List_Create(&critExtOIDsList, plContext),do { stdVars.aPkixErrorResult = (PKIX_List_Create(&critExtOIDsList , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCREATEFAILED; goto cleanup; } } while (0) | |||
305 | PKIX_LISTCREATEFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_Create(&critExtOIDsList , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCREATEFAILED; goto cleanup; } } while (0); | |||
306 | ||||
307 | PKIX_CHECK(PKIX_List_AppendItemdo { stdVars.aPkixErrorResult = (PKIX_List_AppendItem (critExtOIDsList , (PKIX_PL_Object *)state->ekuOID, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_LISTAPPENDITEMFAILED ; goto cleanup; } } while (0) | |||
| ||||
308 | (critExtOIDsList,do { stdVars.aPkixErrorResult = (PKIX_List_AppendItem (critExtOIDsList , (PKIX_PL_Object *)state->ekuOID, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_LISTAPPENDITEMFAILED ; goto cleanup; } } while (0) | |||
309 | (PKIX_PL_Object *)state->ekuOID,do { stdVars.aPkixErrorResult = (PKIX_List_AppendItem (critExtOIDsList , (PKIX_PL_Object *)state->ekuOID, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_LISTAPPENDITEMFAILED ; goto cleanup; } } while (0) | |||
310 | plContext),do { stdVars.aPkixErrorResult = (PKIX_List_AppendItem (critExtOIDsList , (PKIX_PL_Object *)state->ekuOID, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_LISTAPPENDITEMFAILED ; goto cleanup; } } while (0) | |||
311 | PKIX_LISTAPPENDITEMFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_AppendItem (critExtOIDsList , (PKIX_PL_Object *)state->ekuOID, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_LISTAPPENDITEMFAILED ; goto cleanup; } } while (0); | |||
312 | ||||
313 | PKIX_CHECK(PKIX_CertChainChecker_Createdo { stdVars.aPkixErrorResult = (PKIX_CertChainChecker_Create (pkix_EkuChecker_Check, ((PKIX_Boolean) 1), ((PKIX_Boolean) 0 ), critExtOIDsList, (PKIX_PL_Object *) state, pEkuChecker, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_CERTCHAINCHECKERCREATEFAILED; goto cleanup; } } while (0) | |||
314 | (pkix_EkuChecker_Check,do { stdVars.aPkixErrorResult = (PKIX_CertChainChecker_Create (pkix_EkuChecker_Check, ((PKIX_Boolean) 1), ((PKIX_Boolean) 0 ), critExtOIDsList, (PKIX_PL_Object *) state, pEkuChecker, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_CERTCHAINCHECKERCREATEFAILED; goto cleanup; } } while (0) | |||
315 | PKIX_TRUE, /* forwardCheckingSupported */do { stdVars.aPkixErrorResult = (PKIX_CertChainChecker_Create (pkix_EkuChecker_Check, ((PKIX_Boolean) 1), ((PKIX_Boolean) 0 ), critExtOIDsList, (PKIX_PL_Object *) state, pEkuChecker, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_CERTCHAINCHECKERCREATEFAILED; goto cleanup; } } while (0) | |||
316 | PKIX_FALSE, /* forwardDirectionExpected */do { stdVars.aPkixErrorResult = (PKIX_CertChainChecker_Create (pkix_EkuChecker_Check, ((PKIX_Boolean) 1), ((PKIX_Boolean) 0 ), critExtOIDsList, (PKIX_PL_Object *) state, pEkuChecker, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_CERTCHAINCHECKERCREATEFAILED; goto cleanup; } } while (0) | |||
317 | critExtOIDsList,do { stdVars.aPkixErrorResult = (PKIX_CertChainChecker_Create (pkix_EkuChecker_Check, ((PKIX_Boolean) 1), ((PKIX_Boolean) 0 ), critExtOIDsList, (PKIX_PL_Object *) state, pEkuChecker, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_CERTCHAINCHECKERCREATEFAILED; goto cleanup; } } while (0) | |||
318 | (PKIX_PL_Object *) state,do { stdVars.aPkixErrorResult = (PKIX_CertChainChecker_Create (pkix_EkuChecker_Check, ((PKIX_Boolean) 1), ((PKIX_Boolean) 0 ), critExtOIDsList, (PKIX_PL_Object *) state, pEkuChecker, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_CERTCHAINCHECKERCREATEFAILED; goto cleanup; } } while (0) | |||
319 | pEkuChecker,do { stdVars.aPkixErrorResult = (PKIX_CertChainChecker_Create (pkix_EkuChecker_Check, ((PKIX_Boolean) 1), ((PKIX_Boolean) 0 ), critExtOIDsList, (PKIX_PL_Object *) state, pEkuChecker, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_CERTCHAINCHECKERCREATEFAILED; goto cleanup; } } while (0) | |||
320 | plContext),do { stdVars.aPkixErrorResult = (PKIX_CertChainChecker_Create (pkix_EkuChecker_Check, ((PKIX_Boolean) 1), ((PKIX_Boolean) 0 ), critExtOIDsList, (PKIX_PL_Object *) state, pEkuChecker, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_CERTCHAINCHECKERCREATEFAILED; goto cleanup; } } while (0) | |||
321 | PKIX_CERTCHAINCHECKERCREATEFAILED)do { stdVars.aPkixErrorResult = (PKIX_CertChainChecker_Create (pkix_EkuChecker_Check, ((PKIX_Boolean) 1), ((PKIX_Boolean) 0 ), critExtOIDsList, (PKIX_PL_Object *) state, pEkuChecker, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_CERTCHAINCHECKERCREATEFAILED; goto cleanup; } } while (0); | |||
322 | cleanup: | |||
323 | ||||
324 | PKIX_DECREF(critExtOIDsList)do { if (critExtOIDsList){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(critExtOIDsList), plContext); if (stdVars .aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); } critExtOIDsList = ((void*)0); } } while (0); | |||
325 | PKIX_DECREF(state)do { if (state){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(state), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } state = ((void*)0) ; } } while (0); | |||
326 | ||||
327 | PKIX_RETURN(EKUCHECKER)return PKIX_DoReturn(&stdVars, (PKIX_EKUCHECKER_ERROR), ( (PKIX_Boolean) 1), plContext);; | |||
328 | } |