File: | s/lib/libpkix/pkix_pl_nss/pki/pkix_pl_nameconstraints.c |
Warning: | line 1121, column 9 Access to field 'nssNameConstraintsList' results in a dereference of a null pointer (loaded from variable 'nameConstraints') |
Press '?' to see keyboard shortcuts
Keyboard shortcuts:
1 | /* This Source Code Form is subject to the terms of the Mozilla Public | |||
2 | * License, v. 2.0. If a copy of the MPL was not distributed with this | |||
3 | * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | |||
4 | /* | |||
5 | * pkix_pl_nameconstraints.c | |||
6 | * | |||
7 | * Name Constraints Object Functions Definitions | |||
8 | * | |||
9 | */ | |||
10 | ||||
11 | #include "pkix_pl_nameconstraints.h" | |||
12 | ||||
13 | ||||
14 | /* --Private-NameConstraints-Functions----------------------------- */ | |||
15 | ||||
16 | /* | |||
17 | * FUNCTION: pkix_pl_CertNameConstraints_GetPermitted | |||
18 | * DESCRIPTION: | |||
19 | * | |||
20 | * This function retrieve name constraints permitted list from NSS | |||
21 | * data in "nameConstraints" and returns a PKIX_PL_GeneralName list | |||
22 | * in "pPermittedList". | |||
23 | * | |||
24 | * PARAMETERS | |||
25 | * "nameConstraints" | |||
26 | * Address of CertNameConstraints which has a pointer to | |||
27 | * CERTNameConstraints data. Must be non-NULL. | |||
28 | * "pPermittedList" | |||
29 | * Address where returned permitted name list is stored. Must be non-NULL. | |||
30 | * "plContext" - Platform-specific context pointer. | |||
31 | * THREAD SAFETY: | |||
32 | * Conditionally Thread Safe | |||
33 | * (see Thread Safety Definitions in Programmer's Guide) | |||
34 | * RETURNS: | |||
35 | * Returns NULL if the function succeeds. | |||
36 | * Returns a NameConstraints Error if the function fails in a | |||
37 | * non-fatal way. | |||
38 | * Returns a Fatal Error if the function fails in an unrecoverable way. | |||
39 | */ | |||
40 | static PKIX_Error * | |||
41 | pkix_pl_CertNameConstraints_GetPermitted( | |||
42 | PKIX_PL_CertNameConstraints *nameConstraints, | |||
43 | PKIX_List **pPermittedList, | |||
44 | void *plContext) | |||
45 | { | |||
46 | CERTNameConstraints *nssNameConstraints = NULL((void*)0); | |||
47 | CERTNameConstraints **nssNameConstraintsList = NULL((void*)0); | |||
48 | CERTNameConstraint *nssPermitted = NULL((void*)0); | |||
49 | CERTNameConstraint *firstPermitted = NULL((void*)0); | |||
50 | PKIX_List *permittedList = NULL((void*)0); | |||
51 | PKIX_PL_GeneralName *name = NULL((void*)0); | |||
52 | PKIX_UInt32 numItems = 0; | |||
53 | PKIX_UInt32 i; | |||
54 | ||||
55 | PKIX_ENTER(CERTNAMECONSTRAINTS,static const char cMyFuncName[] = {"pkix_pl_CertNameConstraints_GetPermitted" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTNAMECONSTRAINTS_ERROR; ; do { if (pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0); | |||
56 | "pkix_pl_CertNameConstraints_GetPermitted")static const char cMyFuncName[] = {"pkix_pl_CertNameConstraints_GetPermitted" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTNAMECONSTRAINTS_ERROR; ; do { if (pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0);; | |||
57 | PKIX_NULLCHECK_TWO(nameConstraints, pPermittedList)do { if (((nameConstraints) == ((void*)0)) || ((pPermittedList ) == ((void*)0))){ stdVars.aPkixErrorReceived = ((PKIX_Boolean ) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT; return PKIX_DoReturn (&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean) 1), plContext );; } } while (0); | |||
58 | ||||
59 | /* | |||
60 | * nssNameConstraints is an array of CERTNameConstraints | |||
61 | * pointers where CERTNameConstraints keep its permitted and excluded | |||
62 | * lists as pointer array of CERTNameConstraint. | |||
63 | */ | |||
64 | ||||
65 | if (nameConstraints->permittedList == NULL((void*)0)) { | |||
66 | ||||
67 | PKIX_OBJECT_LOCK(nameConstraints)do { if (nameConstraints) { stdVars.aPkixTempResult = PKIX_PL_Object_Lock ((PKIX_PL_Object*)(nameConstraints), plContext); if (stdVars. aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); stdVars.aPkixErrorCode = PKIX_OBJECTLOCKFAILED; goto cleanup; } stdVars.aLockedObject = (PKIX_PL_Object *)(nameConstraints); } } while (0); | |||
68 | ||||
69 | if (nameConstraints->permittedList == NULL((void*)0)) { | |||
70 | ||||
71 | PKIX_CHECK(PKIX_List_Create(&permittedList, plContext),do { stdVars.aPkixErrorResult = (PKIX_List_Create(&permittedList , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCREATEFAILED; goto cleanup; } } while (0) | |||
72 | PKIX_LISTCREATEFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_Create(&permittedList , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCREATEFAILED; goto cleanup; } } while (0); | |||
73 | ||||
74 | numItems = nameConstraints->numNssNameConstraints; | |||
75 | nssNameConstraintsList = | |||
76 | nameConstraints->nssNameConstraintsList; | |||
77 | ||||
78 | for (i = 0; i < numItems; i++) { | |||
79 | ||||
80 | PKIX_NULLCHECK_ONE(nssNameConstraintsList)do { if ((nssNameConstraintsList) == ((void*)0)){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT ; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean ) 1), plContext);; } } while (0); | |||
81 | nssNameConstraints = *(nssNameConstraintsList + i); | |||
82 | PKIX_NULLCHECK_ONE(nssNameConstraints)do { if ((nssNameConstraints) == ((void*)0)){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT ; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean ) 1), plContext);; } } while (0); | |||
83 | ||||
84 | if (nssNameConstraints->permited != NULL((void*)0)) { | |||
85 | ||||
86 | nssPermitted = nssNameConstraints->permited; | |||
87 | firstPermitted = nssPermitted; | |||
88 | ||||
89 | do { | |||
90 | ||||
91 | PKIX_CHECK(pkix_pl_GeneralName_Createdo { stdVars.aPkixErrorResult = (pkix_pl_GeneralName_Create ( &nssPermitted->name, &name, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_GENERALNAMECREATEFAILED ; goto cleanup; } } while (0) | |||
92 | (&nssPermitted->name, &name, plContext),do { stdVars.aPkixErrorResult = (pkix_pl_GeneralName_Create ( &nssPermitted->name, &name, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_GENERALNAMECREATEFAILED ; goto cleanup; } } while (0) | |||
93 | PKIX_GENERALNAMECREATEFAILED)do { stdVars.aPkixErrorResult = (pkix_pl_GeneralName_Create ( &nssPermitted->name, &name, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_GENERALNAMECREATEFAILED ; goto cleanup; } } while (0); | |||
94 | ||||
95 | PKIX_CHECK(PKIX_List_AppendItemdo { stdVars.aPkixErrorResult = (PKIX_List_AppendItem (permittedList , (PKIX_PL_Object *)name, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTAPPENDITEMFAILED; goto cleanup ; } } while (0) | |||
96 | (permittedList,do { stdVars.aPkixErrorResult = (PKIX_List_AppendItem (permittedList , (PKIX_PL_Object *)name, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTAPPENDITEMFAILED; goto cleanup ; } } while (0) | |||
97 | (PKIX_PL_Object *)name,do { stdVars.aPkixErrorResult = (PKIX_List_AppendItem (permittedList , (PKIX_PL_Object *)name, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTAPPENDITEMFAILED; goto cleanup ; } } while (0) | |||
98 | plContext),do { stdVars.aPkixErrorResult = (PKIX_List_AppendItem (permittedList , (PKIX_PL_Object *)name, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTAPPENDITEMFAILED; goto cleanup ; } } while (0) | |||
99 | PKIX_LISTAPPENDITEMFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_AppendItem (permittedList , (PKIX_PL_Object *)name, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTAPPENDITEMFAILED; goto cleanup ; } } while (0); | |||
100 | ||||
101 | PKIX_DECREF(name)do { if (name){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(name), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } name = ((void*)0); } } while (0); | |||
102 | ||||
103 | PKIX_CERTNAMECONSTRAINTS_DEBUG | |||
104 | ("\t\tCalling CERT_GetNextNameConstraint\n"); | |||
105 | nssPermitted = CERT_GetNextNameConstraint | |||
106 | (nssPermitted); | |||
107 | ||||
108 | } while (nssPermitted != firstPermitted); | |||
109 | ||||
110 | } | |||
111 | } | |||
112 | ||||
113 | PKIX_CHECK(PKIX_List_SetImmutable(permittedList, plContext),do { stdVars.aPkixErrorResult = (PKIX_List_SetImmutable(permittedList , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTSETIMMUTABLEFAILED; goto cleanup; } } while (0) | |||
114 | PKIX_LISTSETIMMUTABLEFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_SetImmutable(permittedList , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTSETIMMUTABLEFAILED; goto cleanup; } } while (0); | |||
115 | ||||
116 | nameConstraints->permittedList = permittedList; | |||
117 | ||||
118 | } | |||
119 | ||||
120 | PKIX_OBJECT_UNLOCK(nameConstraints)do { if (nameConstraints && stdVars.aLockedObject == ( PKIX_PL_Object *)(nameConstraints)){ stdVars.aPkixTempResult = PKIX_PL_Object_Unlock ((PKIX_PL_Object *)(nameConstraints), plContext ); if (stdVars.aPkixTempResult) { PKIX_DoAddError(&stdVars , stdVars.aPkixTempResult, plContext); stdVars.aPkixTempResult = ((void*)0); } stdVars.aLockedObject = ((void*)0); } else { ((stdVars.aLockedObject == ((void*)0))?((void)0):PR_Assert("lockedObject == NULL" ,"pkix_pl_nameconstraints.c",120)); } } while (0); | |||
121 | ||||
122 | } | |||
123 | ||||
124 | PKIX_INCREF(nameConstraints->permittedList)do { if (nameConstraints->permittedList){ stdVars.aPkixTempResult = PKIX_PL_Object_IncRef ((PKIX_PL_Object *)(nameConstraints-> permittedList), plContext); if (stdVars.aPkixTempResult) { PKIX_DoAddError (&stdVars, stdVars.aPkixTempResult, plContext); stdVars.aPkixTempResult = ((void*)0); goto cleanup; } } } while (0); | |||
125 | ||||
126 | *pPermittedList = nameConstraints->permittedList; | |||
127 | ||||
128 | cleanup: | |||
129 | ||||
130 | PKIX_RETURN(CERTNAMECONSTRAINTS)return PKIX_DoReturn(&stdVars, (PKIX_CERTNAMECONSTRAINTS_ERROR ), ((PKIX_Boolean) 1), plContext);; | |||
131 | } | |||
132 | ||||
133 | /* | |||
134 | * FUNCTION: pkix_pl_CertNameConstraints_GetExcluded | |||
135 | * DESCRIPTION: | |||
136 | * | |||
137 | * This function retrieve name constraints excluded list from NSS | |||
138 | * data in "nameConstraints" and returns a PKIX_PL_GeneralName list | |||
139 | * in "pExcludedList". | |||
140 | * | |||
141 | * PARAMETERS | |||
142 | * "nameConstraints" | |||
143 | * Address of CertNameConstraints which has a pointer to NSS data. | |||
144 | * Must be non-NULL. | |||
145 | * "pPermittedList" | |||
146 | * Address where returned excluded name list is stored. Must be non-NULL. | |||
147 | * "plContext" - Platform-specific context pointer. | |||
148 | * THREAD SAFETY: | |||
149 | * Conditionally Thread Safe | |||
150 | * (see Thread Safety Definitions in Programmer's Guide) | |||
151 | * RETURNS: | |||
152 | * Returns NULL if the function succeeds. | |||
153 | * Returns a NameConstraints Error if the function fails in a | |||
154 | * non-fatal way. | |||
155 | * Returns a Fatal Error if the function fails in an unrecoverable way. | |||
156 | */ | |||
157 | static PKIX_Error * | |||
158 | pkix_pl_CertNameConstraints_GetExcluded( | |||
159 | PKIX_PL_CertNameConstraints *nameConstraints, | |||
160 | PKIX_List **pExcludedList, | |||
161 | void *plContext) | |||
162 | { | |||
163 | CERTNameConstraints *nssNameConstraints = NULL((void*)0); | |||
164 | CERTNameConstraints **nssNameConstraintsList = NULL((void*)0); | |||
165 | CERTNameConstraint *nssExcluded = NULL((void*)0); | |||
166 | CERTNameConstraint *firstExcluded = NULL((void*)0); | |||
167 | PKIX_List *excludedList = NULL((void*)0); | |||
168 | PKIX_PL_GeneralName *name = NULL((void*)0); | |||
169 | PKIX_UInt32 numItems = 0; | |||
170 | PKIX_UInt32 i; | |||
171 | ||||
172 | PKIX_ENTER(CERTNAMECONSTRAINTS,static const char cMyFuncName[] = {"pkix_pl_CertNameConstraints_GetExcluded" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTNAMECONSTRAINTS_ERROR; ; do { if (pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0); | |||
173 | "pkix_pl_CertNameConstraints_GetExcluded")static const char cMyFuncName[] = {"pkix_pl_CertNameConstraints_GetExcluded" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTNAMECONSTRAINTS_ERROR; ; do { if (pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0);; | |||
174 | PKIX_NULLCHECK_TWO(nameConstraints, pExcludedList)do { if (((nameConstraints) == ((void*)0)) || ((pExcludedList ) == ((void*)0))){ stdVars.aPkixErrorReceived = ((PKIX_Boolean ) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT; return PKIX_DoReturn (&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean) 1), plContext );; } } while (0); | |||
175 | ||||
176 | if (nameConstraints->excludedList == NULL((void*)0)) { | |||
177 | ||||
178 | PKIX_OBJECT_LOCK(nameConstraints)do { if (nameConstraints) { stdVars.aPkixTempResult = PKIX_PL_Object_Lock ((PKIX_PL_Object*)(nameConstraints), plContext); if (stdVars. aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); stdVars.aPkixErrorCode = PKIX_OBJECTLOCKFAILED; goto cleanup; } stdVars.aLockedObject = (PKIX_PL_Object *)(nameConstraints); } } while (0); | |||
179 | ||||
180 | if (nameConstraints->excludedList == NULL((void*)0)) { | |||
181 | ||||
182 | PKIX_CHECK(PKIX_List_Create(&excludedList, plContext),do { stdVars.aPkixErrorResult = (PKIX_List_Create(&excludedList , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCREATEFAILED; goto cleanup; } } while (0) | |||
183 | PKIX_LISTCREATEFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_Create(&excludedList , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCREATEFAILED; goto cleanup; } } while (0); | |||
184 | ||||
185 | numItems = nameConstraints->numNssNameConstraints; | |||
186 | nssNameConstraintsList = | |||
187 | nameConstraints->nssNameConstraintsList; | |||
188 | ||||
189 | for (i = 0; i < numItems; i++) { | |||
190 | ||||
191 | PKIX_NULLCHECK_ONE(nssNameConstraintsList)do { if ((nssNameConstraintsList) == ((void*)0)){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT ; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean ) 1), plContext);; } } while (0); | |||
192 | nssNameConstraints = *(nssNameConstraintsList + i); | |||
193 | PKIX_NULLCHECK_ONE(nssNameConstraints)do { if ((nssNameConstraints) == ((void*)0)){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT ; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean ) 1), plContext);; } } while (0); | |||
194 | ||||
195 | if (nssNameConstraints->excluded != NULL((void*)0)) { | |||
196 | ||||
197 | nssExcluded = nssNameConstraints->excluded; | |||
198 | firstExcluded = nssExcluded; | |||
199 | ||||
200 | do { | |||
201 | ||||
202 | PKIX_CHECK(pkix_pl_GeneralName_Createdo { stdVars.aPkixErrorResult = (pkix_pl_GeneralName_Create ( &nssExcluded->name, &name, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_GENERALNAMECREATEFAILED ; goto cleanup; } } while (0) | |||
203 | (&nssExcluded->name, &name, plContext),do { stdVars.aPkixErrorResult = (pkix_pl_GeneralName_Create ( &nssExcluded->name, &name, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_GENERALNAMECREATEFAILED ; goto cleanup; } } while (0) | |||
204 | PKIX_GENERALNAMECREATEFAILED)do { stdVars.aPkixErrorResult = (pkix_pl_GeneralName_Create ( &nssExcluded->name, &name, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_GENERALNAMECREATEFAILED ; goto cleanup; } } while (0); | |||
205 | ||||
206 | PKIX_CHECK(PKIX_List_AppendItemdo { stdVars.aPkixErrorResult = (PKIX_List_AppendItem (excludedList , (PKIX_PL_Object *)name, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTAPPENDITEMFAILED; goto cleanup ; } } while (0) | |||
207 | (excludedList,do { stdVars.aPkixErrorResult = (PKIX_List_AppendItem (excludedList , (PKIX_PL_Object *)name, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTAPPENDITEMFAILED; goto cleanup ; } } while (0) | |||
208 | (PKIX_PL_Object *)name,do { stdVars.aPkixErrorResult = (PKIX_List_AppendItem (excludedList , (PKIX_PL_Object *)name, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTAPPENDITEMFAILED; goto cleanup ; } } while (0) | |||
209 | plContext),do { stdVars.aPkixErrorResult = (PKIX_List_AppendItem (excludedList , (PKIX_PL_Object *)name, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTAPPENDITEMFAILED; goto cleanup ; } } while (0) | |||
210 | PKIX_LISTAPPENDITEMFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_AppendItem (excludedList , (PKIX_PL_Object *)name, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTAPPENDITEMFAILED; goto cleanup ; } } while (0); | |||
211 | ||||
212 | PKIX_DECREF(name)do { if (name){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(name), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } name = ((void*)0); } } while (0); | |||
213 | ||||
214 | PKIX_CERTNAMECONSTRAINTS_DEBUG | |||
215 | ("\t\tCalling CERT_GetNextNameConstraint\n"); | |||
216 | nssExcluded = CERT_GetNextNameConstraint | |||
217 | (nssExcluded); | |||
218 | ||||
219 | } while (nssExcluded != firstExcluded); | |||
220 | ||||
221 | } | |||
222 | ||||
223 | } | |||
224 | PKIX_CHECK(PKIX_List_SetImmutable(excludedList, plContext),do { stdVars.aPkixErrorResult = (PKIX_List_SetImmutable(excludedList , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTSETIMMUTABLEFAILED; goto cleanup; } } while (0) | |||
225 | PKIX_LISTSETIMMUTABLEFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_SetImmutable(excludedList , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTSETIMMUTABLEFAILED; goto cleanup; } } while (0); | |||
226 | ||||
227 | nameConstraints->excludedList = excludedList; | |||
228 | ||||
229 | } | |||
230 | ||||
231 | PKIX_OBJECT_UNLOCK(nameConstraints)do { if (nameConstraints && stdVars.aLockedObject == ( PKIX_PL_Object *)(nameConstraints)){ stdVars.aPkixTempResult = PKIX_PL_Object_Unlock ((PKIX_PL_Object *)(nameConstraints), plContext ); if (stdVars.aPkixTempResult) { PKIX_DoAddError(&stdVars , stdVars.aPkixTempResult, plContext); stdVars.aPkixTempResult = ((void*)0); } stdVars.aLockedObject = ((void*)0); } else { ((stdVars.aLockedObject == ((void*)0))?((void)0):PR_Assert("lockedObject == NULL" ,"pkix_pl_nameconstraints.c",231)); } } while (0); | |||
232 | } | |||
233 | ||||
234 | PKIX_INCREF(nameConstraints->excludedList)do { if (nameConstraints->excludedList){ stdVars.aPkixTempResult = PKIX_PL_Object_IncRef ((PKIX_PL_Object *)(nameConstraints-> excludedList), plContext); if (stdVars.aPkixTempResult) { PKIX_DoAddError (&stdVars, stdVars.aPkixTempResult, plContext); stdVars.aPkixTempResult = ((void*)0); goto cleanup; } } } while (0); | |||
235 | ||||
236 | *pExcludedList = nameConstraints->excludedList; | |||
237 | ||||
238 | cleanup: | |||
239 | ||||
240 | PKIX_RETURN(CERTNAMECONSTRAINTS)return PKIX_DoReturn(&stdVars, (PKIX_CERTNAMECONSTRAINTS_ERROR ), ((PKIX_Boolean) 1), plContext);; | |||
241 | } | |||
242 | ||||
243 | /* | |||
244 | * FUNCTION: pkix_pl_CertNameConstraints_CheckNameSpaceNssNames | |||
245 | * DESCRIPTION: | |||
246 | * | |||
247 | * This function checks if CERTGeneralNames in "nssSubjectNames" comply | |||
248 | * with the permitted and excluded names in "nameConstraints". It returns | |||
249 | * PKIX_TRUE in "pCheckPass", if the Names satify the name space of the | |||
250 | * permitted list and if the Names are not in the excluded list. Otherwise, | |||
251 | * it returns PKIX_FALSE. | |||
252 | * | |||
253 | * PARAMETERS | |||
254 | * "nssSubjectNames" | |||
255 | * List of CERTGeneralName that nameConstraints verification is based on. | |||
256 | * "nameConstraints" | |||
257 | * Address of CertNameConstraints that provides lists of permitted | |||
258 | * and excluded names. Must be non-NULL. | |||
259 | * "pCheckPass" | |||
260 | * Address where PKIX_TRUE is returned if the all names in "nameList" are | |||
261 | * valid. | |||
262 | * "plContext" - Platform-specific context pointer. | |||
263 | * THREAD SAFETY: | |||
264 | * Thread Safe (see Thread Safety Definitions in Programmer's Guide) | |||
265 | * RETURNS: | |||
266 | * Returns NULL if the function succeeds. | |||
267 | * Returns a NameConstraints Error if the function fails in a | |||
268 | * non-fatal way. | |||
269 | * Returns a Fatal Error if the function fails in an unrecoverable way. | |||
270 | */ | |||
271 | PKIX_Error * | |||
272 | pkix_pl_CertNameConstraints_CheckNameSpaceNssNames( | |||
273 | CERTGeneralName *nssSubjectNames, | |||
274 | PKIX_PL_CertNameConstraints *nameConstraints, | |||
275 | PKIX_Boolean *pCheckPass, | |||
276 | void *plContext) | |||
277 | { | |||
278 | CERTNameConstraints **nssNameConstraintsList = NULL((void*)0); | |||
279 | CERTNameConstraints *nssNameConstraints = NULL((void*)0); | |||
280 | CERTGeneralName *nssMatchName = NULL((void*)0); | |||
281 | PLArenaPool *arena = NULL((void*)0); | |||
282 | PKIX_UInt32 numItems = 0; | |||
283 | PKIX_UInt32 i; | |||
284 | SECStatus status = SECSuccess; | |||
285 | ||||
286 | PKIX_ENTER(CERTNAMECONSTRAINTS,static const char cMyFuncName[] = {"pkix_pl_CertNameConstraints_CheckNameSpaceNssNames" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTNAMECONSTRAINTS_ERROR; ; do { if (pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0); | |||
287 | "pkix_pl_CertNameConstraints_CheckNameSpaceNssNames")static const char cMyFuncName[] = {"pkix_pl_CertNameConstraints_CheckNameSpaceNssNames" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTNAMECONSTRAINTS_ERROR; ; do { if (pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0);; | |||
288 | PKIX_NULLCHECK_THREE(nssSubjectNames, nameConstraints, pCheckPass)do { if (((nssSubjectNames) == ((void*)0)) || ((nameConstraints ) == ((void*)0)) || ((pCheckPass) == ((void*)0))){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT ; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean ) 1), plContext);; } } while (0); | |||
289 | ||||
290 | *pCheckPass = PKIX_TRUE((PKIX_Boolean) 1); | |||
291 | ||||
292 | PKIX_CERTNAMECONSTRAINTS_DEBUG("\t\tCalling PORT_NewArena\n"); | |||
293 | arena = PORT_NewArenaPORT_NewArena_Util(DER_DEFAULT_CHUNKSIZE(2048)); | |||
294 | if (arena == NULL((void*)0)) { | |||
295 | PKIX_ERROR(PKIX_OUTOFMEMORY){ { if (pkixLoggersErrors) { pkix_Logger_CheckWithCode(pkixLoggersErrors , PKIX_OUTOFMEMORY, ((void*)0), stdVars.aPkixType, 2, plContext ); } } stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars .aPkixErrorCode = PKIX_OUTOFMEMORY; goto cleanup; }; | |||
296 | } | |||
297 | ||||
298 | nssMatchName = nssSubjectNames; | |||
299 | nssNameConstraintsList = nameConstraints->nssNameConstraintsList; | |||
300 | ||||
301 | /* | |||
302 | * CERTNameConstraint items in each permitted or excluded list | |||
303 | * is verified as OR condition. That means, if one item matched, | |||
304 | * then the checking on the remaining items on the list is skipped. | |||
305 | * (see NSS cert_CompareNameWithConstraints(...)). | |||
306 | * Items on PKIX_PL_NameConstraint's nssNameConstraints are verified | |||
307 | * as AND condition. PKIX_PL_NameConstraint keeps an array of pointers | |||
308 | * of CERTNameConstraints resulting from merging multiple | |||
309 | * PKIX_PL_NameConstraints. Since each CERTNameConstraint are created | |||
310 | * for different entity, a union condition of these entities then is | |||
311 | * performed. | |||
312 | */ | |||
313 | ||||
314 | do { | |||
315 | ||||
316 | numItems = nameConstraints->numNssNameConstraints; | |||
317 | ||||
318 | for (i = 0; i < numItems; i++) { | |||
319 | ||||
320 | PKIX_NULLCHECK_ONE(nssNameConstraintsList)do { if ((nssNameConstraintsList) == ((void*)0)){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT ; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean ) 1), plContext);; } } while (0); | |||
321 | nssNameConstraints = *(nssNameConstraintsList + i); | |||
322 | PKIX_NULLCHECK_ONE(nssNameConstraints)do { if ((nssNameConstraints) == ((void*)0)){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT ; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean ) 1), plContext);; } } while (0); | |||
323 | ||||
324 | PKIX_CERTNAMECONSTRAINTS_DEBUG | |||
325 | ("\t\tCalling CERT_CheckNameSpace\n"); | |||
326 | status = CERT_CheckNameSpace | |||
327 | (arena, nssNameConstraints, nssMatchName); | |||
328 | if (status != SECSuccess) { | |||
329 | break; | |||
330 | } | |||
331 | ||||
332 | } | |||
333 | ||||
334 | if (status != SECSuccess) { | |||
335 | break; | |||
336 | } | |||
337 | ||||
338 | PKIX_CERTNAMECONSTRAINTS_DEBUG | |||
339 | ("\t\tCalling CERT_GetNextGeneralName\n"); | |||
340 | nssMatchName = CERT_GetNextGeneralName(nssMatchName); | |||
341 | ||||
342 | } while (nssMatchName != nssSubjectNames); | |||
343 | ||||
344 | if (status == SECFailure) { | |||
345 | ||||
346 | *pCheckPass = PKIX_FALSE((PKIX_Boolean) 0); | |||
347 | } | |||
348 | ||||
349 | cleanup: | |||
350 | ||||
351 | if (arena){ | |||
352 | PKIX_CERTNAMECONSTRAINTS_DEBUG | |||
353 | ("\t\tCalling PORT_FreeArena).\n"); | |||
354 | PORT_FreeArenaPORT_FreeArena_Util(arena, PR_FALSE0); | |||
355 | } | |||
356 | ||||
357 | PKIX_RETURN(CERTNAMECONSTRAINTS)return PKIX_DoReturn(&stdVars, (PKIX_CERTNAMECONSTRAINTS_ERROR ), ((PKIX_Boolean) 1), plContext);; | |||
358 | } | |||
359 | ||||
360 | /* | |||
361 | * FUNCTION: pkix_pl_NameConstraints_Destroy | |||
362 | * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h) | |||
363 | */ | |||
364 | static PKIX_Error * | |||
365 | pkix_pl_CertNameConstraints_Destroy( | |||
366 | PKIX_PL_Object *object, | |||
367 | void *plContext) | |||
368 | { | |||
369 | PKIX_PL_CertNameConstraints *nameConstraints = NULL((void*)0); | |||
370 | ||||
371 | PKIX_ENTER(CERTNAMECONSTRAINTS, "pkix_pl_CertNameConstraints_Destroy")static const char cMyFuncName[] = {"pkix_pl_CertNameConstraints_Destroy" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTNAMECONSTRAINTS_ERROR; ; do { if (pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0);; | |||
372 | PKIX_NULLCHECK_ONE(object)do { if ((object) == ((void*)0)){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT ; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean ) 1), plContext);; } } while (0); | |||
373 | ||||
374 | PKIX_CHECK(pkix_CheckTypedo { stdVars.aPkixErrorResult = (pkix_CheckType (object, PKIX_CERTNAMECONSTRAINTS_TYPE , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OBJECTNOTCERTNAMECONSTRAINTS; goto cleanup; } } while (0) | |||
375 | (object, PKIX_CERTNAMECONSTRAINTS_TYPE, plContext),do { stdVars.aPkixErrorResult = (pkix_CheckType (object, PKIX_CERTNAMECONSTRAINTS_TYPE , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OBJECTNOTCERTNAMECONSTRAINTS; goto cleanup; } } while (0) | |||
376 | PKIX_OBJECTNOTCERTNAMECONSTRAINTS)do { stdVars.aPkixErrorResult = (pkix_CheckType (object, PKIX_CERTNAMECONSTRAINTS_TYPE , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OBJECTNOTCERTNAMECONSTRAINTS; goto cleanup; } } while (0); | |||
377 | ||||
378 | nameConstraints = (PKIX_PL_CertNameConstraints *)object; | |||
379 | ||||
380 | PKIX_CHECK(PKIX_PL_Freedo { stdVars.aPkixErrorResult = (PKIX_PL_Free (nameConstraints ->nssNameConstraintsList, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_FREEFAILED; goto cleanup; } } while (0) | |||
381 | (nameConstraints->nssNameConstraintsList, plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_Free (nameConstraints ->nssNameConstraintsList, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_FREEFAILED; goto cleanup; } } while (0) | |||
382 | PKIX_FREEFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_Free (nameConstraints ->nssNameConstraintsList, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_FREEFAILED; goto cleanup; } } while (0); | |||
383 | ||||
384 | if (nameConstraints->arena){ | |||
385 | PKIX_CERTNAMECONSTRAINTS_DEBUG | |||
386 | ("\t\tCalling PORT_FreeArena).\n"); | |||
387 | PORT_FreeArenaPORT_FreeArena_Util(nameConstraints->arena, PR_FALSE0); | |||
388 | nameConstraints->arena = NULL((void*)0); | |||
389 | } | |||
390 | ||||
391 | PKIX_DECREF(nameConstraints->permittedList)do { if (nameConstraints->permittedList){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(nameConstraints-> permittedList), plContext); if (stdVars.aPkixTempResult) { PKIX_DoAddError (&stdVars, stdVars.aPkixTempResult, plContext); stdVars.aPkixTempResult = ((void*)0); } nameConstraints->permittedList = ((void*) 0); } } while (0); | |||
392 | PKIX_DECREF(nameConstraints->excludedList)do { if (nameConstraints->excludedList){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(nameConstraints-> excludedList), plContext); if (stdVars.aPkixTempResult) { PKIX_DoAddError (&stdVars, stdVars.aPkixTempResult, plContext); stdVars.aPkixTempResult = ((void*)0); } nameConstraints->excludedList = ((void*)0 ); } } while (0); | |||
393 | ||||
394 | cleanup: | |||
395 | ||||
396 | PKIX_RETURN(CERTNAMECONSTRAINTS)return PKIX_DoReturn(&stdVars, (PKIX_CERTNAMECONSTRAINTS_ERROR ), ((PKIX_Boolean) 1), plContext);; | |||
397 | } | |||
398 | ||||
399 | /* | |||
400 | * FUNCTION: pkix_pl_CertNameConstraints_ToString_Helper | |||
401 | * DESCRIPTION: | |||
402 | * | |||
403 | * Helper function that creates a string representation of the object | |||
404 | * NameConstraints and stores it at "pString". | |||
405 | * | |||
406 | * PARAMETERS | |||
407 | * "nameConstraints" | |||
408 | * Address of CertNameConstraints whose string representation is | |||
409 | * desired. Must be non-NULL. | |||
410 | * "pString" | |||
411 | * Address where string object pointer will be stored. Must be non-NULL. | |||
412 | * "plContext" - Platform-specific context pointer. | |||
413 | * THREAD SAFETY: | |||
414 | * Thread Safe (see Thread Safety Definitions in Programmer's Guide) | |||
415 | * RETURNS: | |||
416 | * Returns NULL if the function succeeds. | |||
417 | * Returns a NameConstraints Error if the function fails in a | |||
418 | * non-fatal way. | |||
419 | * Returns a Fatal Error if the function fails in an unrecoverable way. | |||
420 | */ | |||
421 | static PKIX_Error * | |||
422 | pkix_pl_CertNameConstraints_ToString_Helper( | |||
423 | PKIX_PL_CertNameConstraints *nameConstraints, | |||
424 | PKIX_PL_String **pString, | |||
425 | void *plContext) | |||
426 | { | |||
427 | char *asciiFormat = NULL((void*)0); | |||
428 | PKIX_PL_String *formatString = NULL((void*)0); | |||
429 | PKIX_List *permittedList = NULL((void*)0); | |||
430 | PKIX_List *excludedList = NULL((void*)0); | |||
431 | PKIX_PL_String *permittedListString = NULL((void*)0); | |||
432 | PKIX_PL_String *excludedListString = NULL((void*)0); | |||
433 | PKIX_PL_String *nameConstraintsString = NULL((void*)0); | |||
434 | ||||
435 | PKIX_ENTER(CERTNAMECONSTRAINTS,static const char cMyFuncName[] = {"pkix_pl_CertNameConstraints_ToString_Helper" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTNAMECONSTRAINTS_ERROR; ; do { if (pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0); | |||
436 | "pkix_pl_CertNameConstraints_ToString_Helper")static const char cMyFuncName[] = {"pkix_pl_CertNameConstraints_ToString_Helper" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTNAMECONSTRAINTS_ERROR; ; do { if (pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0);; | |||
437 | PKIX_NULLCHECK_TWO(nameConstraints, pString)do { if (((nameConstraints) == ((void*)0)) || ((pString) == ( (void*)0))){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT; return PKIX_DoReturn (&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean) 1), plContext );; } } while (0); | |||
438 | ||||
439 | asciiFormat = | |||
440 | "[\n" | |||
441 | "\t\tPermitted Name: %s\n" | |||
442 | "\t\tExcluded Name: %s\n" | |||
443 | "\t]\n"; | |||
444 | ||||
445 | PKIX_CHECK(PKIX_PL_String_Createdo { stdVars.aPkixErrorResult = (PKIX_PL_String_Create (0, asciiFormat , 0, &formatString, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_STRINGCREATEFAILED; goto cleanup ; } } while (0) | |||
446 | (PKIX_ESCASCII,do { stdVars.aPkixErrorResult = (PKIX_PL_String_Create (0, asciiFormat , 0, &formatString, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_STRINGCREATEFAILED; goto cleanup ; } } while (0) | |||
447 | asciiFormat,do { stdVars.aPkixErrorResult = (PKIX_PL_String_Create (0, asciiFormat , 0, &formatString, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_STRINGCREATEFAILED; goto cleanup ; } } while (0) | |||
448 | 0,do { stdVars.aPkixErrorResult = (PKIX_PL_String_Create (0, asciiFormat , 0, &formatString, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_STRINGCREATEFAILED; goto cleanup ; } } while (0) | |||
449 | &formatString,do { stdVars.aPkixErrorResult = (PKIX_PL_String_Create (0, asciiFormat , 0, &formatString, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_STRINGCREATEFAILED; goto cleanup ; } } while (0) | |||
450 | plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_String_Create (0, asciiFormat , 0, &formatString, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_STRINGCREATEFAILED; goto cleanup ; } } while (0) | |||
451 | PKIX_STRINGCREATEFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_String_Create (0, asciiFormat , 0, &formatString, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_STRINGCREATEFAILED; goto cleanup ; } } while (0); | |||
452 | ||||
453 | PKIX_CHECK(pkix_pl_CertNameConstraints_GetPermitteddo { stdVars.aPkixErrorResult = (pkix_pl_CertNameConstraints_GetPermitted (nameConstraints, &permittedList, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTNAMECONSTRAINTSGETPERMITTEDFAILED ; goto cleanup; } } while (0) | |||
454 | (nameConstraints, &permittedList, plContext),do { stdVars.aPkixErrorResult = (pkix_pl_CertNameConstraints_GetPermitted (nameConstraints, &permittedList, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTNAMECONSTRAINTSGETPERMITTEDFAILED ; goto cleanup; } } while (0) | |||
455 | PKIX_CERTNAMECONSTRAINTSGETPERMITTEDFAILED)do { stdVars.aPkixErrorResult = (pkix_pl_CertNameConstraints_GetPermitted (nameConstraints, &permittedList, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTNAMECONSTRAINTSGETPERMITTEDFAILED ; goto cleanup; } } while (0); | |||
456 | ||||
457 | PKIX_TOSTRING(permittedList, &permittedListString, plContext,do { int descNum; if ((permittedList) != ((void*)0)) { stdVars .aPkixErrorResult = PKIX_PL_Object_ToString((PKIX_PL_Object * )(permittedList), (&permittedListString), (plContext)); descNum = (PKIX_LISTTOSTRINGFAILED); } else { stdVars.aPkixErrorResult = PKIX_PL_String_Create(0, "(null)", 0, (&permittedListString ), (plContext)); descNum = PKIX_STRINGCREATEFAILED; } do { stdVars .aPkixErrorResult = (stdVars.aPkixErrorResult); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = descNum; goto cleanup; } } while ( 0); } while (0) | |||
458 | PKIX_LISTTOSTRINGFAILED)do { int descNum; if ((permittedList) != ((void*)0)) { stdVars .aPkixErrorResult = PKIX_PL_Object_ToString((PKIX_PL_Object * )(permittedList), (&permittedListString), (plContext)); descNum = (PKIX_LISTTOSTRINGFAILED); } else { stdVars.aPkixErrorResult = PKIX_PL_String_Create(0, "(null)", 0, (&permittedListString ), (plContext)); descNum = PKIX_STRINGCREATEFAILED; } do { stdVars .aPkixErrorResult = (stdVars.aPkixErrorResult); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = descNum; goto cleanup; } } while ( 0); } while (0); | |||
459 | ||||
460 | PKIX_CHECK(pkix_pl_CertNameConstraints_GetExcludeddo { stdVars.aPkixErrorResult = (pkix_pl_CertNameConstraints_GetExcluded (nameConstraints, &excludedList, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTNAMECONSTRAINTSGETEXCLUDEDFAILED ; goto cleanup; } } while (0) | |||
461 | (nameConstraints, &excludedList, plContext),do { stdVars.aPkixErrorResult = (pkix_pl_CertNameConstraints_GetExcluded (nameConstraints, &excludedList, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTNAMECONSTRAINTSGETEXCLUDEDFAILED ; goto cleanup; } } while (0) | |||
462 | PKIX_CERTNAMECONSTRAINTSGETEXCLUDEDFAILED)do { stdVars.aPkixErrorResult = (pkix_pl_CertNameConstraints_GetExcluded (nameConstraints, &excludedList, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTNAMECONSTRAINTSGETEXCLUDEDFAILED ; goto cleanup; } } while (0); | |||
463 | ||||
464 | PKIX_TOSTRING(excludedList, &excludedListString, plContext,do { int descNum; if ((excludedList) != ((void*)0)) { stdVars .aPkixErrorResult = PKIX_PL_Object_ToString((PKIX_PL_Object * )(excludedList), (&excludedListString), (plContext)); descNum = (PKIX_LISTTOSTRINGFAILED); } else { stdVars.aPkixErrorResult = PKIX_PL_String_Create(0, "(null)", 0, (&excludedListString ), (plContext)); descNum = PKIX_STRINGCREATEFAILED; } do { stdVars .aPkixErrorResult = (stdVars.aPkixErrorResult); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = descNum; goto cleanup; } } while ( 0); } while (0) | |||
465 | PKIX_LISTTOSTRINGFAILED)do { int descNum; if ((excludedList) != ((void*)0)) { stdVars .aPkixErrorResult = PKIX_PL_Object_ToString((PKIX_PL_Object * )(excludedList), (&excludedListString), (plContext)); descNum = (PKIX_LISTTOSTRINGFAILED); } else { stdVars.aPkixErrorResult = PKIX_PL_String_Create(0, "(null)", 0, (&excludedListString ), (plContext)); descNum = PKIX_STRINGCREATEFAILED; } do { stdVars .aPkixErrorResult = (stdVars.aPkixErrorResult); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = descNum; goto cleanup; } } while ( 0); } while (0); | |||
466 | ||||
467 | PKIX_CHECK(PKIX_PL_Sprintfdo { stdVars.aPkixErrorResult = (PKIX_PL_Sprintf (&nameConstraintsString , plContext, formatString, permittedListString, excludedListString )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_SPRINTFFAILED; goto cleanup; } } while (0) | |||
468 | (&nameConstraintsString,do { stdVars.aPkixErrorResult = (PKIX_PL_Sprintf (&nameConstraintsString , plContext, formatString, permittedListString, excludedListString )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_SPRINTFFAILED; goto cleanup; } } while (0) | |||
469 | plContext,do { stdVars.aPkixErrorResult = (PKIX_PL_Sprintf (&nameConstraintsString , plContext, formatString, permittedListString, excludedListString )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_SPRINTFFAILED; goto cleanup; } } while (0) | |||
470 | formatString,do { stdVars.aPkixErrorResult = (PKIX_PL_Sprintf (&nameConstraintsString , plContext, formatString, permittedListString, excludedListString )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_SPRINTFFAILED; goto cleanup; } } while (0) | |||
471 | permittedListString,do { stdVars.aPkixErrorResult = (PKIX_PL_Sprintf (&nameConstraintsString , plContext, formatString, permittedListString, excludedListString )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_SPRINTFFAILED; goto cleanup; } } while (0) | |||
472 | excludedListString),do { stdVars.aPkixErrorResult = (PKIX_PL_Sprintf (&nameConstraintsString , plContext, formatString, permittedListString, excludedListString )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_SPRINTFFAILED; goto cleanup; } } while (0) | |||
473 | PKIX_SPRINTFFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_Sprintf (&nameConstraintsString , plContext, formatString, permittedListString, excludedListString )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_SPRINTFFAILED; goto cleanup; } } while (0); | |||
474 | ||||
475 | *pString = nameConstraintsString; | |||
476 | ||||
477 | cleanup: | |||
478 | ||||
479 | PKIX_DECREF(formatString)do { if (formatString){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(formatString), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } formatString = ((void *)0); } } while (0); | |||
480 | PKIX_DECREF(permittedList)do { if (permittedList){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(permittedList), plContext); if (stdVars. aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); } permittedList = ((void*)0); } } while (0); | |||
481 | PKIX_DECREF(excludedList)do { if (excludedList){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(excludedList), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } excludedList = ((void *)0); } } while (0); | |||
482 | PKIX_DECREF(permittedListString)do { if (permittedListString){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(permittedListString), plContext); if (stdVars .aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); } permittedListString = ((void*)0); } } while (0); | |||
483 | PKIX_DECREF(excludedListString)do { if (excludedListString){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(excludedListString), plContext); if (stdVars .aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); } excludedListString = ((void*)0); } } while (0); | |||
484 | ||||
485 | PKIX_RETURN(CERTNAMECONSTRAINTS)return PKIX_DoReturn(&stdVars, (PKIX_CERTNAMECONSTRAINTS_ERROR ), ((PKIX_Boolean) 1), plContext);; | |||
486 | } | |||
487 | ||||
488 | /* | |||
489 | * FUNCTION: pkix_pl_CertNameConstraints_ToString | |||
490 | * (see comments for PKIX_PL_ToStringCallback in pkix_pl_system.h) | |||
491 | */ | |||
492 | static PKIX_Error * | |||
493 | pkix_pl_CertNameConstraints_ToString( | |||
494 | PKIX_PL_Object *object, | |||
495 | PKIX_PL_String **pString, | |||
496 | void *plContext) | |||
497 | { | |||
498 | PKIX_PL_String *nameConstraintsString = NULL((void*)0); | |||
499 | PKIX_PL_CertNameConstraints *nameConstraints = NULL((void*)0); | |||
500 | ||||
501 | PKIX_ENTER(CERTNAMECONSTRAINTS, "pkix_pl_CertNameConstraints_ToString")static const char cMyFuncName[] = {"pkix_pl_CertNameConstraints_ToString" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTNAMECONSTRAINTS_ERROR; ; do { if (pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0);; | |||
502 | PKIX_NULLCHECK_TWO(object, pString)do { if (((object) == ((void*)0)) || ((pString) == ((void*)0) )){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars. aPkixErrorCode = PKIX_NULLARGUMENT; return PKIX_DoReturn(& stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean) 1), plContext);; } } while (0); | |||
503 | ||||
504 | PKIX_CHECK(pkix_CheckType(do { stdVars.aPkixErrorResult = (pkix_CheckType( object, PKIX_CERTNAMECONSTRAINTS_TYPE , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OBJECTNOTCERTNAMECONSTRAINTS; goto cleanup; } } while (0) | |||
505 | object, PKIX_CERTNAMECONSTRAINTS_TYPE, plContext),do { stdVars.aPkixErrorResult = (pkix_CheckType( object, PKIX_CERTNAMECONSTRAINTS_TYPE , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OBJECTNOTCERTNAMECONSTRAINTS; goto cleanup; } } while (0) | |||
506 | PKIX_OBJECTNOTCERTNAMECONSTRAINTS)do { stdVars.aPkixErrorResult = (pkix_CheckType( object, PKIX_CERTNAMECONSTRAINTS_TYPE , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OBJECTNOTCERTNAMECONSTRAINTS; goto cleanup; } } while (0); | |||
507 | ||||
508 | nameConstraints = (PKIX_PL_CertNameConstraints *)object; | |||
509 | ||||
510 | PKIX_CHECK(pkix_pl_CertNameConstraints_ToString_Helperdo { stdVars.aPkixErrorResult = (pkix_pl_CertNameConstraints_ToString_Helper (nameConstraints, &nameConstraintsString, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_CERTNAMECONSTRAINTSTOSTRINGHELPERFAILED ; goto cleanup; } } while (0) | |||
511 | (nameConstraints, &nameConstraintsString, plContext),do { stdVars.aPkixErrorResult = (pkix_pl_CertNameConstraints_ToString_Helper (nameConstraints, &nameConstraintsString, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_CERTNAMECONSTRAINTSTOSTRINGHELPERFAILED ; goto cleanup; } } while (0) | |||
512 | PKIX_CERTNAMECONSTRAINTSTOSTRINGHELPERFAILED)do { stdVars.aPkixErrorResult = (pkix_pl_CertNameConstraints_ToString_Helper (nameConstraints, &nameConstraintsString, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_CERTNAMECONSTRAINTSTOSTRINGHELPERFAILED ; goto cleanup; } } while (0); | |||
513 | ||||
514 | *pString = nameConstraintsString; | |||
515 | ||||
516 | cleanup: | |||
517 | ||||
518 | PKIX_RETURN(CERTNAMECONSTRAINTS)return PKIX_DoReturn(&stdVars, (PKIX_CERTNAMECONSTRAINTS_ERROR ), ((PKIX_Boolean) 1), plContext);; | |||
519 | } | |||
520 | ||||
521 | /* | |||
522 | * FUNCTION: pkix_pl_CertNameConstraints_Hashcode | |||
523 | * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h) | |||
524 | */ | |||
525 | static PKIX_Error * | |||
526 | pkix_pl_CertNameConstraints_Hashcode( | |||
527 | PKIX_PL_Object *object, | |||
528 | PKIX_UInt32 *pHashcode, | |||
529 | void *plContext) | |||
530 | { | |||
531 | PKIX_PL_CertNameConstraints *nameConstraints = NULL((void*)0); | |||
532 | PKIX_List *permittedList = NULL((void*)0); | |||
533 | PKIX_List *excludedList = NULL((void*)0); | |||
534 | PKIX_UInt32 permitHash = 0; | |||
535 | PKIX_UInt32 excludeHash = 0; | |||
536 | ||||
537 | PKIX_ENTER(CERTNAMECONSTRAINTS, "pkix_pl_CertNameConstraints_Hashcode")static const char cMyFuncName[] = {"pkix_pl_CertNameConstraints_Hashcode" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTNAMECONSTRAINTS_ERROR; ; do { if (pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0);; | |||
538 | PKIX_NULLCHECK_TWO(object, pHashcode)do { if (((object) == ((void*)0)) || ((pHashcode) == ((void*) 0))){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars .aPkixErrorCode = PKIX_NULLARGUMENT; return PKIX_DoReturn(& stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean) 1), plContext);; } } while (0); | |||
539 | ||||
540 | PKIX_CHECK(pkix_CheckTypedo { stdVars.aPkixErrorResult = (pkix_CheckType (object, PKIX_CERTNAMECONSTRAINTS_TYPE , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OBJECTNOTCERTNAMECONSTRAINTS; goto cleanup; } } while (0) | |||
541 | (object, PKIX_CERTNAMECONSTRAINTS_TYPE, plContext),do { stdVars.aPkixErrorResult = (pkix_CheckType (object, PKIX_CERTNAMECONSTRAINTS_TYPE , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OBJECTNOTCERTNAMECONSTRAINTS; goto cleanup; } } while (0) | |||
542 | PKIX_OBJECTNOTCERTNAMECONSTRAINTS)do { stdVars.aPkixErrorResult = (pkix_CheckType (object, PKIX_CERTNAMECONSTRAINTS_TYPE , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OBJECTNOTCERTNAMECONSTRAINTS; goto cleanup; } } while (0); | |||
543 | ||||
544 | nameConstraints = (PKIX_PL_CertNameConstraints *)object; | |||
545 | ||||
546 | PKIX_CHECK(pkix_pl_CertNameConstraints_GetPermitteddo { stdVars.aPkixErrorResult = (pkix_pl_CertNameConstraints_GetPermitted (nameConstraints, &permittedList, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTNAMECONSTRAINTSGETPERMITTEDFAILED ; goto cleanup; } } while (0) | |||
547 | (nameConstraints, &permittedList, plContext),do { stdVars.aPkixErrorResult = (pkix_pl_CertNameConstraints_GetPermitted (nameConstraints, &permittedList, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTNAMECONSTRAINTSGETPERMITTEDFAILED ; goto cleanup; } } while (0) | |||
548 | PKIX_CERTNAMECONSTRAINTSGETPERMITTEDFAILED)do { stdVars.aPkixErrorResult = (pkix_pl_CertNameConstraints_GetPermitted (nameConstraints, &permittedList, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTNAMECONSTRAINTSGETPERMITTEDFAILED ; goto cleanup; } } while (0); | |||
549 | ||||
550 | PKIX_HASHCODE(permittedList, &permitHash, plContext,do { if ((permittedList) != ((void*)0)) { do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Hashcode ((PKIX_PL_Object *)(permittedList ), (&permitHash), (plContext))); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = (PKIX_OBJECTHASHCODEFAILED); goto cleanup ; } } while (0); } else { *(&permitHash) = 0; } } while ( 0) | |||
551 | PKIX_OBJECTHASHCODEFAILED)do { if ((permittedList) != ((void*)0)) { do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Hashcode ((PKIX_PL_Object *)(permittedList ), (&permitHash), (plContext))); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = (PKIX_OBJECTHASHCODEFAILED); goto cleanup ; } } while (0); } else { *(&permitHash) = 0; } } while ( 0); | |||
552 | ||||
553 | PKIX_CHECK(pkix_pl_CertNameConstraints_GetExcludeddo { stdVars.aPkixErrorResult = (pkix_pl_CertNameConstraints_GetExcluded (nameConstraints, &excludedList, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTNAMECONSTRAINTSGETEXCLUDEDFAILED ; goto cleanup; } } while (0) | |||
554 | (nameConstraints, &excludedList, plContext),do { stdVars.aPkixErrorResult = (pkix_pl_CertNameConstraints_GetExcluded (nameConstraints, &excludedList, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTNAMECONSTRAINTSGETEXCLUDEDFAILED ; goto cleanup; } } while (0) | |||
555 | PKIX_CERTNAMECONSTRAINTSGETEXCLUDEDFAILED)do { stdVars.aPkixErrorResult = (pkix_pl_CertNameConstraints_GetExcluded (nameConstraints, &excludedList, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTNAMECONSTRAINTSGETEXCLUDEDFAILED ; goto cleanup; } } while (0); | |||
556 | ||||
557 | PKIX_HASHCODE(excludedList, &excludeHash, plContext,do { if ((excludedList) != ((void*)0)) { do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Hashcode ((PKIX_PL_Object *)(excludedList) , (&excludeHash), (plContext))); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = (PKIX_OBJECTHASHCODEFAILED); goto cleanup ; } } while (0); } else { *(&excludeHash) = 0; } } while ( 0) | |||
558 | PKIX_OBJECTHASHCODEFAILED)do { if ((excludedList) != ((void*)0)) { do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Hashcode ((PKIX_PL_Object *)(excludedList) , (&excludeHash), (plContext))); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = (PKIX_OBJECTHASHCODEFAILED); goto cleanup ; } } while (0); } else { *(&excludeHash) = 0; } } while ( 0); | |||
559 | ||||
560 | *pHashcode = (((permitHash << 7) + excludeHash) << 7) + | |||
561 | nameConstraints->numNssNameConstraints; | |||
562 | ||||
563 | cleanup: | |||
564 | ||||
565 | PKIX_DECREF(permittedList)do { if (permittedList){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(permittedList), plContext); if (stdVars. aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); } permittedList = ((void*)0); } } while (0); | |||
566 | PKIX_DECREF(excludedList)do { if (excludedList){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(excludedList), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } excludedList = ((void *)0); } } while (0); | |||
567 | PKIX_RETURN(CERTNAMECONSTRAINTS)return PKIX_DoReturn(&stdVars, (PKIX_CERTNAMECONSTRAINTS_ERROR ), ((PKIX_Boolean) 1), plContext);; | |||
568 | } | |||
569 | ||||
570 | /* | |||
571 | * FUNCTION: pkix_pl_CertNameConstraints_Equals | |||
572 | * (see comments for PKIX_PL_Equals_Callback in pkix_pl_system.h) | |||
573 | */ | |||
574 | static PKIX_Error * | |||
575 | pkix_pl_CertNameConstraints_Equals( | |||
576 | PKIX_PL_Object *firstObject, | |||
577 | PKIX_PL_Object *secondObject, | |||
578 | PKIX_Boolean *pResult, | |||
579 | void *plContext) | |||
580 | { | |||
581 | PKIX_PL_CertNameConstraints *firstNC = NULL((void*)0); | |||
582 | PKIX_PL_CertNameConstraints *secondNC = NULL((void*)0); | |||
583 | PKIX_List *firstPermittedList = NULL((void*)0); | |||
584 | PKIX_List *secondPermittedList = NULL((void*)0); | |||
585 | PKIX_List *firstExcludedList = NULL((void*)0); | |||
586 | PKIX_List *secondExcludedList = NULL((void*)0); | |||
587 | PKIX_UInt32 secondType; | |||
588 | PKIX_Boolean cmpResult = PKIX_FALSE((PKIX_Boolean) 0); | |||
589 | ||||
590 | PKIX_ENTER(CERTNAMECONSTRAINTS, "pkix_pl_CertNameConstraints_Equals")static const char cMyFuncName[] = {"pkix_pl_CertNameConstraints_Equals" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTNAMECONSTRAINTS_ERROR; ; do { if (pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0);; | |||
591 | PKIX_NULLCHECK_THREE(firstObject, secondObject, pResult)do { if (((firstObject) == ((void*)0)) || ((secondObject) == ( (void*)0)) || ((pResult) == ((void*)0))){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT ; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean ) 1), plContext);; } } while (0); | |||
592 | ||||
593 | /* test that firstObject is a CertNameConstraints */ | |||
594 | PKIX_CHECK(pkix_CheckTypedo { stdVars.aPkixErrorResult = (pkix_CheckType (firstObject, PKIX_CERTNAMECONSTRAINTS_TYPE, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_FIRSTOBJECTNOTCERTNAMECONSTRAINTS ; goto cleanup; } } while (0) | |||
595 | (firstObject, PKIX_CERTNAMECONSTRAINTS_TYPE, plContext),do { stdVars.aPkixErrorResult = (pkix_CheckType (firstObject, PKIX_CERTNAMECONSTRAINTS_TYPE, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_FIRSTOBJECTNOTCERTNAMECONSTRAINTS ; goto cleanup; } } while (0) | |||
596 | PKIX_FIRSTOBJECTNOTCERTNAMECONSTRAINTS)do { stdVars.aPkixErrorResult = (pkix_CheckType (firstObject, PKIX_CERTNAMECONSTRAINTS_TYPE, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_FIRSTOBJECTNOTCERTNAMECONSTRAINTS ; goto cleanup; } } while (0); | |||
597 | ||||
598 | firstNC = (PKIX_PL_CertNameConstraints *)firstObject; | |||
599 | secondNC = (PKIX_PL_CertNameConstraints *)secondObject; | |||
600 | ||||
601 | /* | |||
602 | * Since we know firstObject is a CertNameConstraints, if both | |||
603 | * references are identical, they must be equal | |||
604 | */ | |||
605 | if (firstNC == secondNC){ | |||
606 | *pResult = PKIX_TRUE((PKIX_Boolean) 1); | |||
607 | goto cleanup; | |||
608 | } | |||
609 | ||||
610 | /* | |||
611 | * If secondNC isn't a CertNameConstraints, we don't throw an error. | |||
612 | * We simply return a Boolean result of FALSE | |||
613 | */ | |||
614 | *pResult = PKIX_FALSE((PKIX_Boolean) 0); | |||
615 | ||||
616 | PKIX_CHECK(PKIX_PL_Object_GetTypedo { stdVars.aPkixErrorResult = (PKIX_PL_Object_GetType ((PKIX_PL_Object *)secondNC, &secondType, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_COULDNOTGETTYPEOFSECONDARGUMENT ; goto cleanup; } } while (0) | |||
617 | ((PKIX_PL_Object *)secondNC, &secondType, plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_Object_GetType ((PKIX_PL_Object *)secondNC, &secondType, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_COULDNOTGETTYPEOFSECONDARGUMENT ; goto cleanup; } } while (0) | |||
618 | PKIX_COULDNOTGETTYPEOFSECONDARGUMENT)do { stdVars.aPkixErrorResult = (PKIX_PL_Object_GetType ((PKIX_PL_Object *)secondNC, &secondType, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_COULDNOTGETTYPEOFSECONDARGUMENT ; goto cleanup; } } while (0); | |||
619 | ||||
620 | if (secondType != PKIX_CERTNAMECONSTRAINTS_TYPE) { | |||
621 | goto cleanup; | |||
622 | } | |||
623 | ||||
624 | PKIX_CHECK(pkix_pl_CertNameConstraints_GetPermitteddo { stdVars.aPkixErrorResult = (pkix_pl_CertNameConstraints_GetPermitted (firstNC, &firstPermittedList, plContext)); if (stdVars. aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTNAMECONSTRAINTSGETPERMITTEDFAILED ; goto cleanup; } } while (0) | |||
625 | (firstNC, &firstPermittedList, plContext),do { stdVars.aPkixErrorResult = (pkix_pl_CertNameConstraints_GetPermitted (firstNC, &firstPermittedList, plContext)); if (stdVars. aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTNAMECONSTRAINTSGETPERMITTEDFAILED ; goto cleanup; } } while (0) | |||
626 | PKIX_CERTNAMECONSTRAINTSGETPERMITTEDFAILED)do { stdVars.aPkixErrorResult = (pkix_pl_CertNameConstraints_GetPermitted (firstNC, &firstPermittedList, plContext)); if (stdVars. aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTNAMECONSTRAINTSGETPERMITTEDFAILED ; goto cleanup; } } while (0); | |||
627 | ||||
628 | PKIX_CHECK(pkix_pl_CertNameConstraints_GetPermitteddo { stdVars.aPkixErrorResult = (pkix_pl_CertNameConstraints_GetPermitted (secondNC, &secondPermittedList, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTNAMECONSTRAINTSGETPERMITTEDFAILED ; goto cleanup; } } while (0) | |||
629 | (secondNC, &secondPermittedList, plContext),do { stdVars.aPkixErrorResult = (pkix_pl_CertNameConstraints_GetPermitted (secondNC, &secondPermittedList, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTNAMECONSTRAINTSGETPERMITTEDFAILED ; goto cleanup; } } while (0) | |||
630 | PKIX_CERTNAMECONSTRAINTSGETPERMITTEDFAILED)do { stdVars.aPkixErrorResult = (pkix_pl_CertNameConstraints_GetPermitted (secondNC, &secondPermittedList, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTNAMECONSTRAINTSGETPERMITTEDFAILED ; goto cleanup; } } while (0); | |||
631 | ||||
632 | PKIX_EQUALSdo { if ((firstPermittedList) != ((void*)0) && (secondPermittedList ) != ((void*)0)) { do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Equals ((PKIX_PL_Object *)(firstPermittedList), (PKIX_PL_Object*)(secondPermittedList ), (&cmpResult), (plContext))); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = (PKIX_OBJECTEQUALSFAILED); goto cleanup ; } } while (0); } else if ((firstPermittedList) == ((void*)0 ) && (secondPermittedList) == ((void*)0)) { *(&cmpResult ) = ((PKIX_Boolean) 1); } else { *(&cmpResult) = ((PKIX_Boolean ) 0); } } while (0) | |||
633 | (firstPermittedList, secondPermittedList, &cmpResult, plContext,do { if ((firstPermittedList) != ((void*)0) && (secondPermittedList ) != ((void*)0)) { do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Equals ((PKIX_PL_Object *)(firstPermittedList), (PKIX_PL_Object*)(secondPermittedList ), (&cmpResult), (plContext))); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = (PKIX_OBJECTEQUALSFAILED); goto cleanup ; } } while (0); } else if ((firstPermittedList) == ((void*)0 ) && (secondPermittedList) == ((void*)0)) { *(&cmpResult ) = ((PKIX_Boolean) 1); } else { *(&cmpResult) = ((PKIX_Boolean ) 0); } } while (0) | |||
634 | PKIX_OBJECTEQUALSFAILED)do { if ((firstPermittedList) != ((void*)0) && (secondPermittedList ) != ((void*)0)) { do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Equals ((PKIX_PL_Object *)(firstPermittedList), (PKIX_PL_Object*)(secondPermittedList ), (&cmpResult), (plContext))); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = (PKIX_OBJECTEQUALSFAILED); goto cleanup ; } } while (0); } else if ((firstPermittedList) == ((void*)0 ) && (secondPermittedList) == ((void*)0)) { *(&cmpResult ) = ((PKIX_Boolean) 1); } else { *(&cmpResult) = ((PKIX_Boolean ) 0); } } while (0); | |||
635 | ||||
636 | if (cmpResult != PKIX_TRUE((PKIX_Boolean) 1)) { | |||
637 | goto cleanup; | |||
638 | } | |||
639 | ||||
640 | PKIX_CHECK(pkix_pl_CertNameConstraints_GetExcludeddo { stdVars.aPkixErrorResult = (pkix_pl_CertNameConstraints_GetExcluded (firstNC, &firstExcludedList, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTNAMECONSTRAINTSGETEXCLUDEDFAILED ; goto cleanup; } } while (0) | |||
641 | (firstNC, &firstExcludedList, plContext),do { stdVars.aPkixErrorResult = (pkix_pl_CertNameConstraints_GetExcluded (firstNC, &firstExcludedList, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTNAMECONSTRAINTSGETEXCLUDEDFAILED ; goto cleanup; } } while (0) | |||
642 | PKIX_CERTNAMECONSTRAINTSGETEXCLUDEDFAILED)do { stdVars.aPkixErrorResult = (pkix_pl_CertNameConstraints_GetExcluded (firstNC, &firstExcludedList, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTNAMECONSTRAINTSGETEXCLUDEDFAILED ; goto cleanup; } } while (0); | |||
643 | ||||
644 | PKIX_CHECK(pkix_pl_CertNameConstraints_GetExcludeddo { stdVars.aPkixErrorResult = (pkix_pl_CertNameConstraints_GetExcluded (secondNC, &secondExcludedList, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTNAMECONSTRAINTSGETEXCLUDEDFAILED ; goto cleanup; } } while (0) | |||
645 | (secondNC, &secondExcludedList, plContext),do { stdVars.aPkixErrorResult = (pkix_pl_CertNameConstraints_GetExcluded (secondNC, &secondExcludedList, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTNAMECONSTRAINTSGETEXCLUDEDFAILED ; goto cleanup; } } while (0) | |||
646 | PKIX_CERTNAMECONSTRAINTSGETEXCLUDEDFAILED)do { stdVars.aPkixErrorResult = (pkix_pl_CertNameConstraints_GetExcluded (secondNC, &secondExcludedList, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTNAMECONSTRAINTSGETEXCLUDEDFAILED ; goto cleanup; } } while (0); | |||
647 | ||||
648 | PKIX_EQUALSdo { if ((firstExcludedList) != ((void*)0) && (secondExcludedList ) != ((void*)0)) { do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Equals ((PKIX_PL_Object *)(firstExcludedList), (PKIX_PL_Object*)(secondExcludedList ), (&cmpResult), (plContext))); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = (PKIX_OBJECTEQUALSFAILED); goto cleanup ; } } while (0); } else if ((firstExcludedList) == ((void*)0) && (secondExcludedList) == ((void*)0)) { *(&cmpResult ) = ((PKIX_Boolean) 1); } else { *(&cmpResult) = ((PKIX_Boolean ) 0); } } while (0) | |||
649 | (firstExcludedList, secondExcludedList, &cmpResult, plContext,do { if ((firstExcludedList) != ((void*)0) && (secondExcludedList ) != ((void*)0)) { do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Equals ((PKIX_PL_Object *)(firstExcludedList), (PKIX_PL_Object*)(secondExcludedList ), (&cmpResult), (plContext))); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = (PKIX_OBJECTEQUALSFAILED); goto cleanup ; } } while (0); } else if ((firstExcludedList) == ((void*)0) && (secondExcludedList) == ((void*)0)) { *(&cmpResult ) = ((PKIX_Boolean) 1); } else { *(&cmpResult) = ((PKIX_Boolean ) 0); } } while (0) | |||
650 | PKIX_OBJECTEQUALSFAILED)do { if ((firstExcludedList) != ((void*)0) && (secondExcludedList ) != ((void*)0)) { do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Equals ((PKIX_PL_Object *)(firstExcludedList), (PKIX_PL_Object*)(secondExcludedList ), (&cmpResult), (plContext))); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = (PKIX_OBJECTEQUALSFAILED); goto cleanup ; } } while (0); } else if ((firstExcludedList) == ((void*)0) && (secondExcludedList) == ((void*)0)) { *(&cmpResult ) = ((PKIX_Boolean) 1); } else { *(&cmpResult) = ((PKIX_Boolean ) 0); } } while (0); | |||
651 | ||||
652 | if (cmpResult != PKIX_TRUE((PKIX_Boolean) 1)) { | |||
653 | goto cleanup; | |||
654 | } | |||
655 | ||||
656 | /* | |||
657 | * numNssNameConstraints is not checked because it is basically a | |||
658 | * merge count, it cannot determine the data equality. | |||
659 | */ | |||
660 | ||||
661 | *pResult = PKIX_TRUE((PKIX_Boolean) 1); | |||
662 | ||||
663 | cleanup: | |||
664 | ||||
665 | PKIX_DECREF(firstPermittedList)do { if (firstPermittedList){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(firstPermittedList), plContext); if (stdVars .aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); } firstPermittedList = ((void*)0); } } while (0); | |||
666 | PKIX_DECREF(secondPermittedList)do { if (secondPermittedList){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(secondPermittedList), plContext); if (stdVars .aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); } secondPermittedList = ((void*)0); } } while (0); | |||
667 | PKIX_DECREF(firstExcludedList)do { if (firstExcludedList){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(firstExcludedList), plContext); if (stdVars .aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); } firstExcludedList = ((void*)0); } } while (0); | |||
668 | PKIX_DECREF(secondExcludedList)do { if (secondExcludedList){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(secondExcludedList), plContext); if (stdVars .aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); } secondExcludedList = ((void*)0); } } while (0); | |||
669 | ||||
670 | PKIX_RETURN(CERTNAMECONSTRAINTS)return PKIX_DoReturn(&stdVars, (PKIX_CERTNAMECONSTRAINTS_ERROR ), ((PKIX_Boolean) 1), plContext);; | |||
671 | } | |||
672 | ||||
673 | /* | |||
674 | * FUNCTION: pkix_pl_CertNameConstraints_RegisterSelf | |||
675 | * DESCRIPTION: | |||
676 | * Registers PKIX_CERTNAMECONSTRAINTS_TYPE and its related functions with | |||
677 | * systemClasses[] | |||
678 | * THREAD SAFETY: | |||
679 | * Not Thread Safe - for performance and complexity reasons | |||
680 | * | |||
681 | * Since this function is only called by PKIX_PL_Initialize, which should | |||
682 | * only be called once, it is acceptable that this function is not | |||
683 | * thread-safe. | |||
684 | */ | |||
685 | PKIX_Error * | |||
686 | pkix_pl_CertNameConstraints_RegisterSelf(void *plContext) | |||
687 | { | |||
688 | extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES]; | |||
689 | pkix_ClassTable_Entry entry; | |||
690 | ||||
691 | PKIX_ENTER(CERTNAMECONSTRAINTS,static const char cMyFuncName[] = {"pkix_pl_CertNameConstraints_RegisterSelf" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTNAMECONSTRAINTS_ERROR; ; do { if (pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0); | |||
692 | "pkix_pl_CertNameConstraints_RegisterSelf")static const char cMyFuncName[] = {"pkix_pl_CertNameConstraints_RegisterSelf" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTNAMECONSTRAINTS_ERROR; ; do { if (pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0);; | |||
693 | ||||
694 | entry.description = "CertNameConstraints"; | |||
695 | entry.objCounter = 0; | |||
696 | entry.typeObjectSize = sizeof(PKIX_PL_CertNameConstraints); | |||
697 | entry.destructor = pkix_pl_CertNameConstraints_Destroy; | |||
698 | entry.equalsFunction = pkix_pl_CertNameConstraints_Equals; | |||
699 | entry.hashcodeFunction = pkix_pl_CertNameConstraints_Hashcode; | |||
700 | entry.toStringFunction = pkix_pl_CertNameConstraints_ToString; | |||
701 | entry.comparator = NULL((void*)0); | |||
702 | entry.duplicateFunction = pkix_duplicateImmutable; | |||
703 | ||||
704 | systemClasses[PKIX_CERTNAMECONSTRAINTS_TYPE] = entry; | |||
705 | ||||
706 | PKIX_RETURN(CERTNAMECONSTRAINTS)return PKIX_DoReturn(&stdVars, (PKIX_CERTNAMECONSTRAINTS_ERROR ), ((PKIX_Boolean) 1), plContext);; | |||
707 | } | |||
708 | ||||
709 | /* | |||
710 | * FUNCTION: pkix_pl_CertNameConstraints_Create_Helper | |||
711 | * | |||
712 | * DESCRIPTION: | |||
713 | * This function retrieves name constraints in "nssNameConstraints", | |||
714 | * converts and stores the result in a PKIX_PL_CertNameConstraints object. | |||
715 | * | |||
716 | * PARAMETERS | |||
717 | * "nssNameConstraints" | |||
718 | * Address of CERTNameConstraints that contains this object's data. | |||
719 | * Must be non-NULL. | |||
720 | * "pNameConstraints" | |||
721 | * Address where object pointer will be stored. Must be non-NULL. | |||
722 | * A NULL value will be returned if there is no Name Constraints extension. | |||
723 | * "plContext" - Platform-specific context pointer. | |||
724 | * | |||
725 | * THREAD SAFETY: | |||
726 | * Thread Safe (see Thread Safety Definitions in Programmer's Guide) | |||
727 | * | |||
728 | * RETURNS: | |||
729 | * Returns NULL if the function succeeds. | |||
730 | * Returns a NameConstraints Error if the function fails in a non-fatal way. | |||
731 | * Returns a Fatal Error if the function fails in an unrecoverable way. | |||
732 | */ | |||
733 | static PKIX_Error * | |||
734 | pkix_pl_CertNameConstraints_Create_Helper( | |||
735 | CERTNameConstraints *nssNameConstraints, | |||
736 | PKIX_PL_CertNameConstraints **pNameConstraints, | |||
737 | void *plContext) | |||
738 | { | |||
739 | PKIX_PL_CertNameConstraints *nameConstraints = NULL((void*)0); | |||
740 | CERTNameConstraints **nssNameConstraintPtr = NULL((void*)0); | |||
741 | ||||
742 | PKIX_ENTER(CERTNAMECONSTRAINTS,static const char cMyFuncName[] = {"pkix_pl_CertNameConstraints_Create_Helper" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTNAMECONSTRAINTS_ERROR; ; do { if (pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0); | |||
743 | "pkix_pl_CertNameConstraints_Create_Helper")static const char cMyFuncName[] = {"pkix_pl_CertNameConstraints_Create_Helper" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTNAMECONSTRAINTS_ERROR; ; do { if (pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0);; | |||
744 | PKIX_NULLCHECK_TWO(nssNameConstraints, pNameConstraints)do { if (((nssNameConstraints) == ((void*)0)) || ((pNameConstraints ) == ((void*)0))){ stdVars.aPkixErrorReceived = ((PKIX_Boolean ) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT; return PKIX_DoReturn (&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean) 1), plContext );; } } while (0); | |||
745 | ||||
746 | PKIX_CHECK(PKIX_PL_Object_Allocdo { stdVars.aPkixErrorResult = (PKIX_PL_Object_Alloc (PKIX_CERTNAMECONSTRAINTS_TYPE , sizeof (PKIX_PL_CertNameConstraints), (PKIX_PL_Object **)& nameConstraints, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_COULDNOTCREATECERTNAMECONSTRAINTSOBJECT ; goto cleanup; } } while (0) | |||
747 | (PKIX_CERTNAMECONSTRAINTS_TYPE,do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Alloc (PKIX_CERTNAMECONSTRAINTS_TYPE , sizeof (PKIX_PL_CertNameConstraints), (PKIX_PL_Object **)& nameConstraints, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_COULDNOTCREATECERTNAMECONSTRAINTSOBJECT ; goto cleanup; } } while (0) | |||
748 | sizeof (PKIX_PL_CertNameConstraints),do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Alloc (PKIX_CERTNAMECONSTRAINTS_TYPE , sizeof (PKIX_PL_CertNameConstraints), (PKIX_PL_Object **)& nameConstraints, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_COULDNOTCREATECERTNAMECONSTRAINTSOBJECT ; goto cleanup; } } while (0) | |||
749 | (PKIX_PL_Object **)&nameConstraints,do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Alloc (PKIX_CERTNAMECONSTRAINTS_TYPE , sizeof (PKIX_PL_CertNameConstraints), (PKIX_PL_Object **)& nameConstraints, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_COULDNOTCREATECERTNAMECONSTRAINTSOBJECT ; goto cleanup; } } while (0) | |||
750 | plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Alloc (PKIX_CERTNAMECONSTRAINTS_TYPE , sizeof (PKIX_PL_CertNameConstraints), (PKIX_PL_Object **)& nameConstraints, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_COULDNOTCREATECERTNAMECONSTRAINTSOBJECT ; goto cleanup; } } while (0) | |||
751 | PKIX_COULDNOTCREATECERTNAMECONSTRAINTSOBJECT)do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Alloc (PKIX_CERTNAMECONSTRAINTS_TYPE , sizeof (PKIX_PL_CertNameConstraints), (PKIX_PL_Object **)& nameConstraints, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_COULDNOTCREATECERTNAMECONSTRAINTSOBJECT ; goto cleanup; } } while (0); | |||
752 | ||||
753 | PKIX_CHECK(PKIX_PL_Mallocdo { stdVars.aPkixErrorResult = (PKIX_PL_Malloc (sizeof (CERTNameConstraint *), (void *)&nssNameConstraintPtr, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_MALLOCFAILED; goto cleanup; } } while (0) | |||
754 | (sizeof (CERTNameConstraint *),do { stdVars.aPkixErrorResult = (PKIX_PL_Malloc (sizeof (CERTNameConstraint *), (void *)&nssNameConstraintPtr, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_MALLOCFAILED; goto cleanup; } } while (0) | |||
755 | (void *)&nssNameConstraintPtr,do { stdVars.aPkixErrorResult = (PKIX_PL_Malloc (sizeof (CERTNameConstraint *), (void *)&nssNameConstraintPtr, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_MALLOCFAILED; goto cleanup; } } while (0) | |||
756 | plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_Malloc (sizeof (CERTNameConstraint *), (void *)&nssNameConstraintPtr, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_MALLOCFAILED; goto cleanup; } } while (0) | |||
757 | PKIX_MALLOCFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_Malloc (sizeof (CERTNameConstraint *), (void *)&nssNameConstraintPtr, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_MALLOCFAILED; goto cleanup; } } while (0); | |||
758 | ||||
759 | nameConstraints->numNssNameConstraints = 1; | |||
760 | nameConstraints->nssNameConstraintsList = nssNameConstraintPtr; | |||
761 | *nssNameConstraintPtr = nssNameConstraints; | |||
762 | ||||
763 | nameConstraints->permittedList = NULL((void*)0); | |||
764 | nameConstraints->excludedList = NULL((void*)0); | |||
765 | nameConstraints->arena = NULL((void*)0); | |||
766 | ||||
767 | *pNameConstraints = nameConstraints; | |||
768 | ||||
769 | cleanup: | |||
770 | ||||
771 | if (PKIX_ERROR_RECEIVED(stdVars.aPkixErrorReceived || stdVars.aPkixErrorResult || stdVars .aPkixTempErrorReceived || stdVars.aPkixErrorList)){ | |||
772 | PKIX_DECREF(nameConstraints)do { if (nameConstraints){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(nameConstraints), plContext); if (stdVars .aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); } nameConstraints = ((void*)0); } } while (0); | |||
773 | } | |||
774 | ||||
775 | PKIX_RETURN(CERTNAMECONSTRAINTS)return PKIX_DoReturn(&stdVars, (PKIX_CERTNAMECONSTRAINTS_ERROR ), ((PKIX_Boolean) 1), plContext);; | |||
776 | } | |||
777 | ||||
778 | /* | |||
779 | * FUNCTION: pkix_pl_CertNameConstraints_Create | |||
780 | * | |||
781 | * DESCRIPTION: | |||
782 | * function that allocates and initialize the object CertNameConstraints. | |||
783 | * | |||
784 | * PARAMETERS | |||
785 | * "nssCert" | |||
786 | * Address of CERT that contains this object's data. | |||
787 | * Must be non-NULL. | |||
788 | * "pNameConstraints" | |||
789 | * Address where object pointer will be stored. Must be non-NULL. | |||
790 | * A NULL value will be returned if there is no Name Constraints extension. | |||
791 | * "plContext" - Platform-specific context pointer. | |||
792 | * | |||
793 | * THREAD SAFETY: | |||
794 | * Thread Safe (see Thread Safety Definitions in Programmer's Guide) | |||
795 | * | |||
796 | * RETURNS: | |||
797 | * Returns NULL if the function succeeds. | |||
798 | * Returns a NameConstraints Error if the function fails in a non-fatal way. | |||
799 | * Returns a Fatal Error if the function fails in an unrecoverable way. | |||
800 | */ | |||
801 | PKIX_Error * | |||
802 | pkix_pl_CertNameConstraints_Create( | |||
803 | CERTCertificate *nssCert, | |||
804 | PKIX_PL_CertNameConstraints **pNameConstraints, | |||
805 | void *plContext) | |||
806 | { | |||
807 | PKIX_PL_CertNameConstraints *nameConstraints = NULL((void*)0); | |||
808 | CERTNameConstraints *nssNameConstraints = NULL((void*)0); | |||
809 | PLArenaPool *arena = NULL((void*)0); | |||
810 | SECStatus status; | |||
811 | ||||
812 | PKIX_ENTER(CERTNAMECONSTRAINTS, "pkix_pl_CertNameConstraints_Create")static const char cMyFuncName[] = {"pkix_pl_CertNameConstraints_Create" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTNAMECONSTRAINTS_ERROR; ; do { if (pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0);; | |||
813 | PKIX_NULLCHECK_THREE(nssCert, pNameConstraints, nssCert->arena)do { if (((nssCert) == ((void*)0)) || ((pNameConstraints) == ( (void*)0)) || ((nssCert->arena) == ((void*)0))){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT ; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean ) 1), plContext);; } } while (0); | |||
814 | ||||
815 | PKIX_CERTNAMECONSTRAINTS_DEBUG("\t\tCalling PORT_NewArena).\n"); | |||
816 | arena = PORT_NewArenaPORT_NewArena_Util(DER_DEFAULT_CHUNKSIZE(2048)); | |||
817 | if (arena == NULL((void*)0)) { | |||
818 | PKIX_ERROR(PKIX_OUTOFMEMORY){ { if (pkixLoggersErrors) { pkix_Logger_CheckWithCode(pkixLoggersErrors , PKIX_OUTOFMEMORY, ((void*)0), stdVars.aPkixType, 2, plContext ); } } stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars .aPkixErrorCode = PKIX_OUTOFMEMORY; goto cleanup; }; | |||
819 | } | |||
820 | ||||
821 | PKIX_CERTNAMECONSTRAINTS_DEBUG | |||
822 | ("\t\tCalling CERT_FindNameConstraintsExten\n"); | |||
823 | status = CERT_FindNameConstraintsExten | |||
824 | (arena, nssCert, &nssNameConstraints); | |||
825 | ||||
826 | if (status != SECSuccess) { | |||
827 | PKIX_ERROR(PKIX_DECODINGCERTNAMECONSTRAINTSFAILED){ { if (pkixLoggersErrors) { pkix_Logger_CheckWithCode(pkixLoggersErrors , PKIX_DECODINGCERTNAMECONSTRAINTSFAILED, ((void*)0), stdVars .aPkixType, 2, plContext); } } stdVars.aPkixErrorReceived = ( (PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_DECODINGCERTNAMECONSTRAINTSFAILED ; goto cleanup; }; | |||
828 | } | |||
829 | ||||
830 | if (nssNameConstraints == NULL((void*)0)) { | |||
831 | *pNameConstraints = NULL((void*)0); | |||
832 | /* we free the arnea here because PKIX_ERROR_RECEIVED | |||
833 | * may not be set. Setting arena to NULL makes sure | |||
834 | * we don't try to free it again (and makes scanners | |||
835 | * happy). */ | |||
836 | if (arena){ | |||
837 | PKIX_CERTNAMECONSTRAINTS_DEBUG | |||
838 | ("\t\tCalling PORT_FreeArena).\n"); | |||
839 | PORT_FreeArenaPORT_FreeArena_Util(arena, PR_FALSE0); | |||
840 | arena = NULL((void*)0); | |||
841 | } | |||
842 | goto cleanup; | |||
843 | } | |||
844 | ||||
845 | PKIX_CHECK(pkix_pl_CertNameConstraints_Create_Helperdo { stdVars.aPkixErrorResult = (pkix_pl_CertNameConstraints_Create_Helper (nssNameConstraints, &nameConstraints, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_CERTNAMECONSTRAINTSCREATEHELPERFAILED ; goto cleanup; } } while (0) | |||
846 | (nssNameConstraints, &nameConstraints, plContext),do { stdVars.aPkixErrorResult = (pkix_pl_CertNameConstraints_Create_Helper (nssNameConstraints, &nameConstraints, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_CERTNAMECONSTRAINTSCREATEHELPERFAILED ; goto cleanup; } } while (0) | |||
847 | PKIX_CERTNAMECONSTRAINTSCREATEHELPERFAILED)do { stdVars.aPkixErrorResult = (pkix_pl_CertNameConstraints_Create_Helper (nssNameConstraints, &nameConstraints, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_CERTNAMECONSTRAINTSCREATEHELPERFAILED ; goto cleanup; } } while (0); | |||
848 | ||||
849 | nameConstraints->arena = arena; | |||
850 | ||||
851 | *pNameConstraints = nameConstraints; | |||
852 | ||||
853 | cleanup: | |||
854 | ||||
855 | if (PKIX_ERROR_RECEIVED(stdVars.aPkixErrorReceived || stdVars.aPkixErrorResult || stdVars .aPkixTempErrorReceived || stdVars.aPkixErrorList)){ | |||
856 | if (arena){ | |||
857 | PKIX_CERTNAMECONSTRAINTS_DEBUG | |||
858 | ("\t\tCalling PORT_FreeArena).\n"); | |||
859 | PORT_FreeArenaPORT_FreeArena_Util(arena, PR_FALSE0); | |||
860 | } | |||
861 | } | |||
862 | ||||
863 | PKIX_RETURN(CERTNAMECONSTRAINTS)return PKIX_DoReturn(&stdVars, (PKIX_CERTNAMECONSTRAINTS_ERROR ), ((PKIX_Boolean) 1), plContext);; | |||
864 | } | |||
865 | ||||
866 | /* | |||
867 | * FUNCTION: pkix_pl_CertNameConstraints_CreateByMerge | |||
868 | * | |||
869 | * DESCRIPTION: | |||
870 | * | |||
871 | * This function allocates and creates a PKIX_PL_NameConstraint object | |||
872 | * for merging. It also allocates CERTNameConstraints data space for the | |||
873 | * merged NSS NameConstraints data. | |||
874 | * | |||
875 | * PARAMETERS | |||
876 | * "pNameConstraints" | |||
877 | * Address where object pointer will be stored and returned. | |||
878 | * Must be non-NULL. | |||
879 | * "plContext" - Platform-specific context pointer. | |||
880 | * | |||
881 | * THREAD SAFETY: | |||
882 | * Thread Safe (see Thread Safety Definitions in Programmer's Guide) | |||
883 | * | |||
884 | * RETURNS: | |||
885 | * Returns NULL if the function succeeds. | |||
886 | * Returns a NameConstraints Error if the function fails in a non-fatal way. | |||
887 | * Returns a Fatal Error if the function fails in an unrecoverable way. | |||
888 | */ | |||
889 | static PKIX_Error * | |||
890 | pkix_pl_CertNameConstraints_CreateByMerge( | |||
891 | PKIX_PL_CertNameConstraints **pNameConstraints, | |||
892 | void *plContext) | |||
893 | { | |||
894 | PKIX_PL_CertNameConstraints *nameConstraints = NULL((void*)0); | |||
895 | CERTNameConstraints *nssNameConstraints = NULL((void*)0); | |||
896 | PLArenaPool *arena = NULL((void*)0); | |||
897 | ||||
898 | PKIX_ENTER(CERTNAMECONSTRAINTS,static const char cMyFuncName[] = {"pkix_pl_CertNameConstraints_CreateByMerge" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTNAMECONSTRAINTS_ERROR; ; do { if (pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0); | |||
899 | "pkix_pl_CertNameConstraints_CreateByMerge")static const char cMyFuncName[] = {"pkix_pl_CertNameConstraints_CreateByMerge" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTNAMECONSTRAINTS_ERROR; ; do { if (pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0);; | |||
900 | PKIX_NULLCHECK_ONE(pNameConstraints)do { if ((pNameConstraints) == ((void*)0)){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT ; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean ) 1), plContext);; } } while (0); | |||
901 | ||||
902 | PKIX_CERTNAMECONSTRAINTS_DEBUG("\t\tCalling PORT_NewArena).\n"); | |||
903 | arena = PORT_NewArenaPORT_NewArena_Util(DER_DEFAULT_CHUNKSIZE(2048)); | |||
904 | if (arena == NULL((void*)0)) { | |||
905 | PKIX_ERROR(PKIX_OUTOFMEMORY){ { if (pkixLoggersErrors) { pkix_Logger_CheckWithCode(pkixLoggersErrors , PKIX_OUTOFMEMORY, ((void*)0), stdVars.aPkixType, 2, plContext ); } } stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars .aPkixErrorCode = PKIX_OUTOFMEMORY; goto cleanup; }; | |||
906 | } | |||
907 | ||||
908 | PKIX_CERTNAMECONSTRAINTS_DEBUG("\t\tCalling PORT_ArenaZNew).\n"); | |||
909 | nssNameConstraints = PORT_ArenaZNew(arena, CERTNameConstraints)(CERTNameConstraints *)PORT_ArenaZAlloc_Util(arena, sizeof(CERTNameConstraints )); | |||
910 | if (nssNameConstraints == NULL((void*)0)) { | |||
911 | PKIX_ERROR(PKIX_PORTARENAALLOCFAILED){ { if (pkixLoggersErrors) { pkix_Logger_CheckWithCode(pkixLoggersErrors , PKIX_PORTARENAALLOCFAILED, ((void*)0), stdVars.aPkixType, 2 , plContext); } } stdVars.aPkixErrorReceived = ((PKIX_Boolean ) 1); stdVars.aPkixErrorCode = PKIX_PORTARENAALLOCFAILED; goto cleanup; }; | |||
912 | } | |||
913 | ||||
914 | nssNameConstraints->permited = NULL((void*)0); | |||
915 | nssNameConstraints->excluded = NULL((void*)0); | |||
916 | nssNameConstraints->DERPermited = NULL((void*)0); | |||
917 | nssNameConstraints->DERExcluded = NULL((void*)0); | |||
918 | ||||
919 | PKIX_CHECK(pkix_pl_CertNameConstraints_Create_Helperdo { stdVars.aPkixErrorResult = (pkix_pl_CertNameConstraints_Create_Helper (nssNameConstraints, &nameConstraints, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_CERTNAMECONSTRAINTSCREATEHELPERFAILED ; goto cleanup; } } while (0) | |||
920 | (nssNameConstraints, &nameConstraints, plContext),do { stdVars.aPkixErrorResult = (pkix_pl_CertNameConstraints_Create_Helper (nssNameConstraints, &nameConstraints, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_CERTNAMECONSTRAINTSCREATEHELPERFAILED ; goto cleanup; } } while (0) | |||
921 | PKIX_CERTNAMECONSTRAINTSCREATEHELPERFAILED)do { stdVars.aPkixErrorResult = (pkix_pl_CertNameConstraints_Create_Helper (nssNameConstraints, &nameConstraints, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_CERTNAMECONSTRAINTSCREATEHELPERFAILED ; goto cleanup; } } while (0); | |||
922 | ||||
923 | nameConstraints->arena = arena; | |||
924 | ||||
925 | *pNameConstraints = nameConstraints; | |||
926 | ||||
927 | cleanup: | |||
928 | ||||
929 | if (PKIX_ERROR_RECEIVED(stdVars.aPkixErrorReceived || stdVars.aPkixErrorResult || stdVars .aPkixTempErrorReceived || stdVars.aPkixErrorList)){ | |||
930 | if (arena
| |||
931 | PKIX_CERTNAMECONSTRAINTS_DEBUG | |||
932 | ("\t\tCalling PORT_FreeArena).\n"); | |||
933 | PORT_FreeArenaPORT_FreeArena_Util(arena, PR_FALSE0); | |||
934 | } | |||
935 | } | |||
936 | ||||
937 | PKIX_RETURN(CERTNAMECONSTRAINTS)return PKIX_DoReturn(&stdVars, (PKIX_CERTNAMECONSTRAINTS_ERROR ), ((PKIX_Boolean) 1), plContext);; | |||
938 | } | |||
939 | ||||
940 | /* | |||
941 | * FUNCTION: pkix_pl_CertNameConstraints_CopyNssNameConstraints | |||
942 | * | |||
943 | * DESCRIPTION: | |||
944 | * | |||
945 | * This function allocates and copies data to a NSS CERTNameConstraints from | |||
946 | * the NameConstraints given by "srcNC" and stores the result at "pDestNC". It | |||
947 | * copies items on both the permitted and excluded lists, but not the | |||
948 | * DERPermited and DERExcluded. | |||
949 | * | |||
950 | * PARAMETERS | |||
951 | * "arena" | |||
952 | * Memory pool where object data is allocated from. Must be non-NULL. | |||
953 | * "srcNC" | |||
954 | * Address of the NameConstraints to copy from. Must be non-NULL. | |||
955 | * "pDestNC" | |||
956 | * Address where new copied object is stored and returned. | |||
957 | * Must be non-NULL. | |||
958 | * "plContext" - Platform-specific context pointer. | |||
959 | * | |||
960 | * THREAD SAFETY: | |||
961 | * Thread Safe (see Thread Safety Definitions in Programmer's Guide) | |||
962 | * | |||
963 | * RETURNS: | |||
964 | * Returns NULL if the function succeeds. | |||
965 | * Returns a NameConstraints Error if the function fails in a non-fatal way. | |||
966 | * Returns a Fatal Error if the function fails in an unrecoverable way. | |||
967 | */ | |||
968 | static PKIX_Error * | |||
969 | pkix_pl_CertNameConstraints_CopyNssNameConstraints( | |||
970 | PLArenaPool *arena, | |||
971 | CERTNameConstraints *srcNC, | |||
972 | CERTNameConstraints **pDestNC, | |||
973 | void *plContext) | |||
974 | { | |||
975 | CERTNameConstraints *nssNameConstraints = NULL((void*)0); | |||
976 | CERTNameConstraint *nssNameConstraintHead = NULL((void*)0); | |||
977 | CERTNameConstraint *nssCurrent = NULL((void*)0); | |||
978 | CERTNameConstraint *nssCopyTo = NULL((void*)0); | |||
979 | CERTNameConstraint *nssCopyFrom = NULL((void*)0); | |||
980 | ||||
981 | PKIX_ENTER(CERTNAMECONSTRAINTS,static const char cMyFuncName[] = {"pkix_pl_CertNameConstraints_CopyNssNameConstraints" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTNAMECONSTRAINTS_ERROR; ; do { if (pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0); | |||
982 | "pkix_pl_CertNameConstraints_CopyNssNameConstraints")static const char cMyFuncName[] = {"pkix_pl_CertNameConstraints_CopyNssNameConstraints" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTNAMECONSTRAINTS_ERROR; ; do { if (pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0);; | |||
983 | PKIX_NULLCHECK_THREE(arena, srcNC, pDestNC)do { if (((arena) == ((void*)0)) || ((srcNC) == ((void*)0)) || ((pDestNC) == ((void*)0))){ stdVars.aPkixErrorReceived = ((PKIX_Boolean ) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT; return PKIX_DoReturn (&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean) 1), plContext );; } } while (0); | |||
984 | ||||
985 | PKIX_CERTNAMECONSTRAINTS_DEBUG("\t\tCalling PORT_ArenaZNew).\n"); | |||
986 | nssNameConstraints = PORT_ArenaZNew(arena, CERTNameConstraints)(CERTNameConstraints *)PORT_ArenaZAlloc_Util(arena, sizeof(CERTNameConstraints )); | |||
987 | if (nssNameConstraints == NULL((void*)0)) { | |||
988 | PKIX_ERROR(PKIX_PORTARENAALLOCFAILED){ { if (pkixLoggersErrors) { pkix_Logger_CheckWithCode(pkixLoggersErrors , PKIX_PORTARENAALLOCFAILED, ((void*)0), stdVars.aPkixType, 2 , plContext); } } stdVars.aPkixErrorReceived = ((PKIX_Boolean ) 1); stdVars.aPkixErrorCode = PKIX_PORTARENAALLOCFAILED; goto cleanup; }; | |||
989 | } | |||
990 | ||||
991 | if (srcNC->permited) { | |||
992 | ||||
993 | nssCopyFrom = srcNC->permited; | |||
994 | ||||
995 | do { | |||
996 | ||||
997 | nssCopyTo = NULL((void*)0); | |||
998 | PKIX_CERTNAMECONSTRAINTS_DEBUG | |||
999 | ("\t\tCalling CERT_CopyNameConstraint).\n"); | |||
1000 | nssCopyTo = CERT_CopyNameConstraint | |||
1001 | (arena, nssCopyTo, nssCopyFrom); | |||
1002 | if (nssCopyTo == NULL((void*)0)) { | |||
1003 | PKIX_ERROR(PKIX_CERTCOPYNAMECONSTRAINTFAILED){ { if (pkixLoggersErrors) { pkix_Logger_CheckWithCode(pkixLoggersErrors , PKIX_CERTCOPYNAMECONSTRAINTFAILED, ((void*)0), stdVars.aPkixType , 2, plContext); } } stdVars.aPkixErrorReceived = ((PKIX_Boolean ) 1); stdVars.aPkixErrorCode = PKIX_CERTCOPYNAMECONSTRAINTFAILED ; goto cleanup; }; | |||
1004 | } | |||
1005 | if (nssCurrent == NULL((void*)0)) { | |||
1006 | nssCurrent = nssNameConstraintHead = nssCopyTo; | |||
1007 | } else { | |||
1008 | PKIX_CERTNAMECONSTRAINTS_DEBUG | |||
1009 | ("\t\tCalling CERT_AddNameConstraint).\n"); | |||
1010 | nssCurrent = CERT_AddNameConstraint | |||
1011 | (nssCurrent, nssCopyTo); | |||
1012 | } | |||
1013 | ||||
1014 | PKIX_CERTNAMECONSTRAINTS_DEBUG | |||
1015 | ("\t\tCalling CERT_GetNextNameConstrain).\n"); | |||
1016 | nssCopyFrom = CERT_GetNextNameConstraint(nssCopyFrom); | |||
1017 | ||||
1018 | } while (nssCopyFrom != srcNC->permited); | |||
1019 | ||||
1020 | nssNameConstraints->permited = nssNameConstraintHead; | |||
1021 | } | |||
1022 | ||||
1023 | if (srcNC->excluded) { | |||
1024 | ||||
1025 | nssCurrent = NULL((void*)0); | |||
1026 | nssCopyFrom = srcNC->excluded; | |||
1027 | ||||
1028 | do { | |||
1029 | ||||
1030 | /* | |||
1031 | * Cannot use CERT_DupGeneralNameList, which just increments | |||
1032 | * refcount. We need our own copy since arena is for each | |||
1033 | * PKIX_PL_NameConstraints. Perhaps contribute this code | |||
1034 | * as CERT_CopyGeneralNameList (in the future). | |||
1035 | */ | |||
1036 | nssCopyTo = NULL((void*)0); | |||
1037 | PKIX_CERTNAMECONSTRAINTS_DEBUG | |||
1038 | ("\t\tCalling CERT_CopyNameConstraint).\n"); | |||
1039 | nssCopyTo = CERT_CopyNameConstraint | |||
1040 | (arena, nssCopyTo, nssCopyFrom); | |||
1041 | if (nssCopyTo == NULL((void*)0)) { | |||
1042 | PKIX_ERROR(PKIX_CERTCOPYNAMECONSTRAINTFAILED){ { if (pkixLoggersErrors) { pkix_Logger_CheckWithCode(pkixLoggersErrors , PKIX_CERTCOPYNAMECONSTRAINTFAILED, ((void*)0), stdVars.aPkixType , 2, plContext); } } stdVars.aPkixErrorReceived = ((PKIX_Boolean ) 1); stdVars.aPkixErrorCode = PKIX_CERTCOPYNAMECONSTRAINTFAILED ; goto cleanup; }; | |||
1043 | } | |||
1044 | if (nssCurrent == NULL((void*)0)) { | |||
1045 | nssCurrent = nssNameConstraintHead = nssCopyTo; | |||
1046 | } else { | |||
1047 | PKIX_CERTNAMECONSTRAINTS_DEBUG | |||
1048 | ("\t\tCalling CERT_AddNameConstraint).\n"); | |||
1049 | nssCurrent = CERT_AddNameConstraint | |||
1050 | (nssCurrent, nssCopyTo); | |||
1051 | } | |||
1052 | ||||
1053 | PKIX_CERTNAMECONSTRAINTS_DEBUG | |||
1054 | ("\t\tCalling CERT_GetNextNameConstrain).\n"); | |||
1055 | nssCopyFrom = CERT_GetNextNameConstraint(nssCopyFrom); | |||
1056 | ||||
1057 | } while (nssCopyFrom != srcNC->excluded); | |||
1058 | ||||
1059 | nssNameConstraints->excluded = nssNameConstraintHead; | |||
1060 | } | |||
1061 | ||||
1062 | *pDestNC = nssNameConstraints; | |||
1063 | ||||
1064 | cleanup: | |||
1065 | ||||
1066 | PKIX_RETURN(CERTNAMECONSTRAINTS)return PKIX_DoReturn(&stdVars, (PKIX_CERTNAMECONSTRAINTS_ERROR ), ((PKIX_Boolean) 1), plContext);; | |||
1067 | } | |||
1068 | ||||
1069 | /* | |||
1070 | * FUNCTION: pkix_pl_CertNameConstraints_Merge | |||
1071 | * | |||
1072 | * DESCRIPTION: | |||
1073 | * | |||
1074 | * This function merges two NameConstraints pointed to by "firstNC" and | |||
1075 | * "secondNC" and stores the result in "pMergedNC". | |||
1076 | * | |||
1077 | * PARAMETERS | |||
1078 | * "firstNC" | |||
1079 | * Address of the first NameConstraints to be merged. Must be non-NULL. | |||
1080 | * "secondNC" | |||
1081 | * Address of the second NameConstraints to be merged. Must be non-NULL. | |||
1082 | * "pMergedNC" | |||
1083 | * Address where the merge result is stored and returned. Must be non-NULL. | |||
1084 | * "plContext" - Platform-specific context pointer. | |||
1085 | * | |||
1086 | * THREAD SAFETY: | |||
1087 | * Thread Safe (see Thread Safety Definitions in Programmer's Guide) | |||
1088 | * | |||
1089 | * RETURNS: | |||
1090 | * Returns NULL if the function succeeds. | |||
1091 | * Returns a NameConstraints Error if the function fails in a non-fatal way. | |||
1092 | * Returns a Fatal Error if the function fails in an unrecoverable way. | |||
1093 | */ | |||
1094 | PKIX_Error * | |||
1095 | pkix_pl_CertNameConstraints_Merge( | |||
1096 | PKIX_PL_CertNameConstraints *firstNC, | |||
1097 | PKIX_PL_CertNameConstraints *secondNC, | |||
1098 | PKIX_PL_CertNameConstraints **pMergedNC, | |||
1099 | void *plContext) | |||
1100 | { | |||
1101 | PKIX_PL_CertNameConstraints *nameConstraints = NULL((void*)0); | |||
| ||||
1102 | CERTNameConstraints **nssNCto = NULL((void*)0); | |||
1103 | CERTNameConstraints **nssNCfrom = NULL((void*)0); | |||
1104 | CERTNameConstraints *nssNameConstraints = NULL((void*)0); | |||
1105 | PKIX_UInt32 numNssItems = 0; | |||
1106 | PKIX_UInt32 i; | |||
1107 | ||||
1108 | PKIX_ENTER(CERTNAMECONSTRAINTS, "pkix_pl_CertNameConstraints_Merge")static const char cMyFuncName[] = {"pkix_pl_CertNameConstraints_Merge" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTNAMECONSTRAINTS_ERROR; ; do { if (pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0);; | |||
1109 | PKIX_NULLCHECK_THREE(firstNC, secondNC, pMergedNC)do { if (((firstNC) == ((void*)0)) || ((secondNC) == ((void*) 0)) || ((pMergedNC) == ((void*)0))){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT ; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean ) 1), plContext);; } } while (0); | |||
1110 | ||||
1111 | PKIX_CHECK(pkix_pl_CertNameConstraints_CreateByMergedo { stdVars.aPkixErrorResult = (pkix_pl_CertNameConstraints_CreateByMerge (&nameConstraints, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTNAMECONSTRAINTSCREATEBYMERGEFAILED ; goto cleanup; } } while (0) | |||
1112 | (&nameConstraints, plContext),do { stdVars.aPkixErrorResult = (pkix_pl_CertNameConstraints_CreateByMerge (&nameConstraints, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTNAMECONSTRAINTSCREATEBYMERGEFAILED ; goto cleanup; } } while (0) | |||
1113 | PKIX_CERTNAMECONSTRAINTSCREATEBYMERGEFAILED)do { stdVars.aPkixErrorResult = (pkix_pl_CertNameConstraints_CreateByMerge (&nameConstraints, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTNAMECONSTRAINTSCREATEBYMERGEFAILED ; goto cleanup; } } while (0); | |||
1114 | ||||
1115 | /* Merge NSSCertConstraint lists */ | |||
1116 | ||||
1117 | numNssItems = firstNC->numNssNameConstraints + | |||
1118 | secondNC->numNssNameConstraints; | |||
1119 | ||||
1120 | /* Free the default space (only one entry) allocated by create */ | |||
1121 | PKIX_CHECK(PKIX_PL_Freedo { stdVars.aPkixErrorResult = (PKIX_PL_Free (nameConstraints ->nssNameConstraintsList, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_FREEFAILED; goto cleanup; } } while (0) | |||
| ||||
1122 | (nameConstraints->nssNameConstraintsList, plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_Free (nameConstraints ->nssNameConstraintsList, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_FREEFAILED; goto cleanup; } } while (0) | |||
1123 | PKIX_FREEFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_Free (nameConstraints ->nssNameConstraintsList, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_FREEFAILED; goto cleanup; } } while (0); | |||
1124 | ||||
1125 | /* Reallocate the size we need */ | |||
1126 | PKIX_CHECK(PKIX_PL_Mallocdo { stdVars.aPkixErrorResult = (PKIX_PL_Malloc (numNssItems * sizeof (CERTNameConstraint *), (void *)&nssNCto, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_MALLOCFAILED; goto cleanup; } } while (0) | |||
1127 | (numNssItems * sizeof (CERTNameConstraint *),do { stdVars.aPkixErrorResult = (PKIX_PL_Malloc (numNssItems * sizeof (CERTNameConstraint *), (void *)&nssNCto, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_MALLOCFAILED; goto cleanup; } } while (0) | |||
1128 | (void *)&nssNCto,do { stdVars.aPkixErrorResult = (PKIX_PL_Malloc (numNssItems * sizeof (CERTNameConstraint *), (void *)&nssNCto, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_MALLOCFAILED; goto cleanup; } } while (0) | |||
1129 | plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_Malloc (numNssItems * sizeof (CERTNameConstraint *), (void *)&nssNCto, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_MALLOCFAILED; goto cleanup; } } while (0) | |||
1130 | PKIX_MALLOCFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_Malloc (numNssItems * sizeof (CERTNameConstraint *), (void *)&nssNCto, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_MALLOCFAILED; goto cleanup; } } while (0); | |||
1131 | ||||
1132 | nameConstraints->nssNameConstraintsList = nssNCto; | |||
1133 | ||||
1134 | nssNCfrom = firstNC->nssNameConstraintsList; | |||
1135 | ||||
1136 | for (i = 0; i < firstNC->numNssNameConstraints; i++) { | |||
1137 | ||||
1138 | PKIX_CHECK(pkix_pl_CertNameConstraints_CopyNssNameConstraintsdo { stdVars.aPkixErrorResult = (pkix_pl_CertNameConstraints_CopyNssNameConstraints (nameConstraints->arena, *nssNCfrom, &nssNameConstraints , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_CERTNAMECONSTRAINTSCOPYNSSNAMECONSTRAINTSFAILED; goto cleanup; } } while (0) | |||
1139 | (nameConstraints->arena,do { stdVars.aPkixErrorResult = (pkix_pl_CertNameConstraints_CopyNssNameConstraints (nameConstraints->arena, *nssNCfrom, &nssNameConstraints , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_CERTNAMECONSTRAINTSCOPYNSSNAMECONSTRAINTSFAILED; goto cleanup; } } while (0) | |||
1140 | *nssNCfrom,do { stdVars.aPkixErrorResult = (pkix_pl_CertNameConstraints_CopyNssNameConstraints (nameConstraints->arena, *nssNCfrom, &nssNameConstraints , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_CERTNAMECONSTRAINTSCOPYNSSNAMECONSTRAINTSFAILED; goto cleanup; } } while (0) | |||
1141 | &nssNameConstraints,do { stdVars.aPkixErrorResult = (pkix_pl_CertNameConstraints_CopyNssNameConstraints (nameConstraints->arena, *nssNCfrom, &nssNameConstraints , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_CERTNAMECONSTRAINTSCOPYNSSNAMECONSTRAINTSFAILED; goto cleanup; } } while (0) | |||
1142 | plContext),do { stdVars.aPkixErrorResult = (pkix_pl_CertNameConstraints_CopyNssNameConstraints (nameConstraints->arena, *nssNCfrom, &nssNameConstraints , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_CERTNAMECONSTRAINTSCOPYNSSNAMECONSTRAINTSFAILED; goto cleanup; } } while (0) | |||
1143 | PKIX_CERTNAMECONSTRAINTSCOPYNSSNAMECONSTRAINTSFAILED)do { stdVars.aPkixErrorResult = (pkix_pl_CertNameConstraints_CopyNssNameConstraints (nameConstraints->arena, *nssNCfrom, &nssNameConstraints , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_CERTNAMECONSTRAINTSCOPYNSSNAMECONSTRAINTSFAILED; goto cleanup; } } while (0); | |||
1144 | ||||
1145 | *nssNCto = nssNameConstraints; | |||
1146 | ||||
1147 | nssNCto++; | |||
1148 | nssNCfrom++; | |||
1149 | } | |||
1150 | ||||
1151 | nssNCfrom = secondNC->nssNameConstraintsList; | |||
1152 | ||||
1153 | for (i = 0; i < secondNC->numNssNameConstraints; i++) { | |||
1154 | ||||
1155 | PKIX_CHECK(pkix_pl_CertNameConstraints_CopyNssNameConstraintsdo { stdVars.aPkixErrorResult = (pkix_pl_CertNameConstraints_CopyNssNameConstraints (nameConstraints->arena, *nssNCfrom, &nssNameConstraints , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_CERTNAMECONSTRAINTSCOPYNSSNAMECONSTRAINTSFAILED; goto cleanup; } } while (0) | |||
1156 | (nameConstraints->arena,do { stdVars.aPkixErrorResult = (pkix_pl_CertNameConstraints_CopyNssNameConstraints (nameConstraints->arena, *nssNCfrom, &nssNameConstraints , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_CERTNAMECONSTRAINTSCOPYNSSNAMECONSTRAINTSFAILED; goto cleanup; } } while (0) | |||
1157 | *nssNCfrom,do { stdVars.aPkixErrorResult = (pkix_pl_CertNameConstraints_CopyNssNameConstraints (nameConstraints->arena, *nssNCfrom, &nssNameConstraints , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_CERTNAMECONSTRAINTSCOPYNSSNAMECONSTRAINTSFAILED; goto cleanup; } } while (0) | |||
1158 | &nssNameConstraints,do { stdVars.aPkixErrorResult = (pkix_pl_CertNameConstraints_CopyNssNameConstraints (nameConstraints->arena, *nssNCfrom, &nssNameConstraints , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_CERTNAMECONSTRAINTSCOPYNSSNAMECONSTRAINTSFAILED; goto cleanup; } } while (0) | |||
1159 | plContext),do { stdVars.aPkixErrorResult = (pkix_pl_CertNameConstraints_CopyNssNameConstraints (nameConstraints->arena, *nssNCfrom, &nssNameConstraints , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_CERTNAMECONSTRAINTSCOPYNSSNAMECONSTRAINTSFAILED; goto cleanup; } } while (0) | |||
1160 | PKIX_CERTNAMECONSTRAINTSCOPYNSSNAMECONSTRAINTSFAILED)do { stdVars.aPkixErrorResult = (pkix_pl_CertNameConstraints_CopyNssNameConstraints (nameConstraints->arena, *nssNCfrom, &nssNameConstraints , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_CERTNAMECONSTRAINTSCOPYNSSNAMECONSTRAINTSFAILED; goto cleanup; } } while (0); | |||
1161 | ||||
1162 | *nssNCto = nssNameConstraints; | |||
1163 | ||||
1164 | nssNCto++; | |||
1165 | nssNCfrom++; | |||
1166 | } | |||
1167 | ||||
1168 | nameConstraints->numNssNameConstraints = numNssItems; | |||
1169 | nameConstraints->permittedList = NULL((void*)0); | |||
1170 | nameConstraints->excludedList = NULL((void*)0); | |||
1171 | ||||
1172 | *pMergedNC = nameConstraints; | |||
1173 | ||||
1174 | cleanup: | |||
1175 | ||||
1176 | if (PKIX_ERROR_RECEIVED(stdVars.aPkixErrorReceived || stdVars.aPkixErrorResult || stdVars .aPkixTempErrorReceived || stdVars.aPkixErrorList)){ | |||
1177 | PKIX_DECREF(nameConstraints)do { if (nameConstraints){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(nameConstraints), plContext); if (stdVars .aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); } nameConstraints = ((void*)0); } } while (0); | |||
1178 | } | |||
1179 | ||||
1180 | PKIX_RETURN(CERTNAMECONSTRAINTS)return PKIX_DoReturn(&stdVars, (PKIX_CERTNAMECONSTRAINTS_ERROR ), ((PKIX_Boolean) 1), plContext);; | |||
1181 | } | |||
1182 | ||||
1183 | /* --Public-NameConstraints-Functions-------------------------------- */ | |||
1184 | ||||
1185 | /* | |||
1186 | * FUNCTION: PKIX_PL_CertNameConstraints_CheckNamesInNameSpace | |||
1187 | * (see comments in pkix_pl_system.h) | |||
1188 | */ | |||
1189 | PKIX_Error * | |||
1190 | PKIX_PL_CertNameConstraints_CheckNamesInNameSpace( | |||
1191 | PKIX_List *nameList, /* List of PKIX_PL_GeneralName */ | |||
1192 | PKIX_PL_CertNameConstraints *nameConstraints, | |||
1193 | PKIX_Boolean *pCheckPass, | |||
1194 | void *plContext) | |||
1195 | { | |||
1196 | CERTNameConstraints **nssNameConstraintsList = NULL((void*)0); | |||
1197 | CERTNameConstraints *nssNameConstraints = NULL((void*)0); | |||
1198 | CERTGeneralName *nssMatchName = NULL((void*)0); | |||
1199 | PLArenaPool *arena = NULL((void*)0); | |||
1200 | PKIX_PL_GeneralName *name = NULL((void*)0); | |||
1201 | PKIX_UInt32 numNameItems = 0; | |||
1202 | PKIX_UInt32 numNCItems = 0; | |||
1203 | PKIX_UInt32 i, j; | |||
1204 | SECStatus status = SECSuccess; | |||
1205 | ||||
1206 | PKIX_ENTER(CERTNAMECONSTRAINTS,static const char cMyFuncName[] = {"PKIX_PL_CertNameConstraints_CheckNamesInNameSpace" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTNAMECONSTRAINTS_ERROR; ; do { if (pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0); | |||
1207 | "PKIX_PL_CertNameConstraints_CheckNamesInNameSpace")static const char cMyFuncName[] = {"PKIX_PL_CertNameConstraints_CheckNamesInNameSpace" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTNAMECONSTRAINTS_ERROR; ; do { if (pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0);; | |||
1208 | PKIX_NULLCHECK_TWO(nameConstraints, pCheckPass)do { if (((nameConstraints) == ((void*)0)) || ((pCheckPass) == ((void*)0))){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1 ); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT; return PKIX_DoReturn (&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean) 1), plContext );; } } while (0); | |||
1209 | ||||
1210 | *pCheckPass = PKIX_TRUE((PKIX_Boolean) 1); | |||
1211 | ||||
1212 | if (nameList != NULL((void*)0)) { | |||
1213 | ||||
1214 | PKIX_CERTNAMECONSTRAINTS_DEBUG("\t\tCalling PORT_NewArena\n"); | |||
1215 | arena = PORT_NewArenaPORT_NewArena_Util(DER_DEFAULT_CHUNKSIZE(2048)); | |||
1216 | if (arena == NULL((void*)0)) { | |||
1217 | PKIX_ERROR(PKIX_OUTOFMEMORY){ { if (pkixLoggersErrors) { pkix_Logger_CheckWithCode(pkixLoggersErrors , PKIX_OUTOFMEMORY, ((void*)0), stdVars.aPkixType, 2, plContext ); } } stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars .aPkixErrorCode = PKIX_OUTOFMEMORY; goto cleanup; }; | |||
1218 | } | |||
1219 | ||||
1220 | nssNameConstraintsList = | |||
1221 | nameConstraints->nssNameConstraintsList; | |||
1222 | PKIX_NULLCHECK_ONE(nssNameConstraintsList)do { if ((nssNameConstraintsList) == ((void*)0)){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT ; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean ) 1), plContext);; } } while (0); | |||
1223 | numNCItems = nameConstraints->numNssNameConstraints; | |||
1224 | ||||
1225 | PKIX_CHECK(PKIX_List_GetLengthdo { stdVars.aPkixErrorResult = (PKIX_List_GetLength (nameList , &numNameItems, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup ; } } while (0) | |||
1226 | (nameList, &numNameItems, plContext),do { stdVars.aPkixErrorResult = (PKIX_List_GetLength (nameList , &numNameItems, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup ; } } while (0) | |||
1227 | PKIX_LISTGETLENGTHFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_GetLength (nameList , &numNameItems, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup ; } } while (0); | |||
1228 | ||||
1229 | for (i = 0; i < numNameItems; i++) { | |||
1230 | ||||
1231 | PKIX_CHECK(PKIX_List_GetItemdo { stdVars.aPkixErrorResult = (PKIX_List_GetItem (nameList, i, (PKIX_PL_Object **) &name, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED; goto cleanup ; } } while (0) | |||
1232 | (nameList,do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (nameList, i, (PKIX_PL_Object **) &name, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED; goto cleanup ; } } while (0) | |||
1233 | i,do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (nameList, i, (PKIX_PL_Object **) &name, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED; goto cleanup ; } } while (0) | |||
1234 | (PKIX_PL_Object **) &name,do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (nameList, i, (PKIX_PL_Object **) &name, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED; goto cleanup ; } } while (0) | |||
1235 | plContext),do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (nameList, i, (PKIX_PL_Object **) &name, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED; goto cleanup ; } } while (0) | |||
1236 | PKIX_LISTGETITEMFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (nameList, i, (PKIX_PL_Object **) &name, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED; goto cleanup ; } } while (0); | |||
1237 | ||||
1238 | PKIX_CHECK(pkix_pl_GeneralName_GetNssGeneralNamedo { stdVars.aPkixErrorResult = (pkix_pl_GeneralName_GetNssGeneralName (name, &nssMatchName, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_GENERALNAMEGETNSSGENERALNAMEFAILED ; goto cleanup; } } while (0) | |||
1239 | (name, &nssMatchName, plContext),do { stdVars.aPkixErrorResult = (pkix_pl_GeneralName_GetNssGeneralName (name, &nssMatchName, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_GENERALNAMEGETNSSGENERALNAMEFAILED ; goto cleanup; } } while (0) | |||
1240 | PKIX_GENERALNAMEGETNSSGENERALNAMEFAILED)do { stdVars.aPkixErrorResult = (pkix_pl_GeneralName_GetNssGeneralName (name, &nssMatchName, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_GENERALNAMEGETNSSGENERALNAMEFAILED ; goto cleanup; } } while (0); | |||
1241 | ||||
1242 | PKIX_DECREF(name)do { if (name){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(name), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } name = ((void*)0); } } while (0); | |||
1243 | ||||
1244 | for (j = 0; j < numNCItems; j++) { | |||
1245 | ||||
1246 | nssNameConstraints = *(nssNameConstraintsList + j); | |||
1247 | PKIX_NULLCHECK_ONE(nssNameConstraints)do { if ((nssNameConstraints) == ((void*)0)){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT ; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean ) 1), plContext);; } } while (0); | |||
1248 | ||||
1249 | PKIX_CERTNAMECONSTRAINTS_DEBUG | |||
1250 | ("\t\tCalling CERT_CheckNameSpace\n"); | |||
1251 | status = CERT_CheckNameSpace | |||
1252 | (arena, nssNameConstraints, nssMatchName); | |||
1253 | if (status != SECSuccess) { | |||
1254 | break; | |||
1255 | } | |||
1256 | ||||
1257 | } | |||
1258 | ||||
1259 | if (status != SECSuccess) { | |||
1260 | break; | |||
1261 | } | |||
1262 | ||||
1263 | } | |||
1264 | } | |||
1265 | ||||
1266 | if (status == SECFailure) { | |||
1267 | *pCheckPass = PKIX_FALSE((PKIX_Boolean) 0); | |||
1268 | } | |||
1269 | ||||
1270 | cleanup: | |||
1271 | ||||
1272 | if (arena){ | |||
1273 | PKIX_CERTNAMECONSTRAINTS_DEBUG | |||
1274 | ("\t\tCalling PORT_FreeArena).\n"); | |||
1275 | PORT_FreeArenaPORT_FreeArena_Util(arena, PR_FALSE0); | |||
1276 | } | |||
1277 | ||||
1278 | PKIX_RETURN(CERTNAMECONSTRAINTS)return PKIX_DoReturn(&stdVars, (PKIX_CERTNAMECONSTRAINTS_ERROR ), ((PKIX_Boolean) 1), plContext);; | |||
1279 | } |