File: | s/lib/libpkix/pkix/checker/pkix_policychecker.c |
Warning: | line 2761, column 9 Access to field 'certPoliciesExtension' results in a dereference of a null pointer (loaded from variable 'polCheckerState') |
Press '?' to see keyboard shortcuts
Keyboard shortcuts:
1 | /* This Source Code Form is subject to the terms of the Mozilla Public | |||
2 | * License, v. 2.0. If a copy of the MPL was not distributed with this | |||
3 | * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | |||
4 | /* | |||
5 | * pkix_policychecker.c | |||
6 | * | |||
7 | * Functions for Policy Checker | |||
8 | * | |||
9 | */ | |||
10 | #include "pkix_policychecker.h" | |||
11 | ||||
12 | /* --Forward declarations----------------------------------------------- */ | |||
13 | ||||
14 | static PKIX_Error * | |||
15 | pkix_PolicyChecker_MakeSingleton( | |||
16 | PKIX_PL_Object *listItem, | |||
17 | PKIX_Boolean immutability, | |||
18 | PKIX_List **pList, | |||
19 | void *plContext); | |||
20 | ||||
21 | /* --Private-PolicyCheckerState-Functions---------------------------------- */ | |||
22 | ||||
23 | /* | |||
24 | * FUNCTION:pkix_PolicyCheckerState_Destroy | |||
25 | * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h) | |||
26 | */ | |||
27 | static PKIX_Error * | |||
28 | pkix_PolicyCheckerState_Destroy( | |||
29 | PKIX_PL_Object *object, | |||
30 | void *plContext) | |||
31 | { | |||
32 | PKIX_PolicyCheckerState *checkerState = NULL((void*)0); | |||
33 | ||||
34 | PKIX_ENTER(CERTPOLICYCHECKERSTATE, "pkix_PolicyCheckerState_Destroy")static const char cMyFuncName[] = {"pkix_PolicyCheckerState_Destroy" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTPOLICYCHECKERSTATE_ERROR; ; do { if (pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0);; | |||
35 | PKIX_NULLCHECK_ONE(object)do { if ((object) == ((void*)0)){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT ; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean ) 1), plContext);; } } while (0); | |||
36 | ||||
37 | PKIX_CHECK(pkix_CheckTypedo { stdVars.aPkixErrorResult = (pkix_CheckType (object, PKIX_CERTPOLICYCHECKERSTATE_TYPE , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OBJECTNOTPOLICYCHECKERSTATE; goto cleanup; } } while ( 0) | |||
38 | (object, PKIX_CERTPOLICYCHECKERSTATE_TYPE, plContext),do { stdVars.aPkixErrorResult = (pkix_CheckType (object, PKIX_CERTPOLICYCHECKERSTATE_TYPE , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OBJECTNOTPOLICYCHECKERSTATE; goto cleanup; } } while ( 0) | |||
39 | PKIX_OBJECTNOTPOLICYCHECKERSTATE)do { stdVars.aPkixErrorResult = (pkix_CheckType (object, PKIX_CERTPOLICYCHECKERSTATE_TYPE , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OBJECTNOTPOLICYCHECKERSTATE; goto cleanup; } } while ( 0); | |||
40 | ||||
41 | checkerState = (PKIX_PolicyCheckerState *)object; | |||
42 | ||||
43 | PKIX_DECREF(checkerState->certPoliciesExtension)do { if (checkerState->certPoliciesExtension){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(checkerState-> certPoliciesExtension), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } checkerState->certPoliciesExtension = ((void*)0); } } while (0); | |||
44 | PKIX_DECREF(checkerState->policyMappingsExtension)do { if (checkerState->policyMappingsExtension){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(checkerState-> policyMappingsExtension), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } checkerState->policyMappingsExtension = ((void*)0); } } while (0); | |||
45 | PKIX_DECREF(checkerState->policyConstraintsExtension)do { if (checkerState->policyConstraintsExtension){ stdVars .aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)( checkerState->policyConstraintsExtension), plContext); if ( stdVars.aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars .aPkixTempResult, plContext); stdVars.aPkixTempResult = ((void *)0); } checkerState->policyConstraintsExtension = ((void* )0); } } while (0); | |||
46 | PKIX_DECREF(checkerState->inhibitAnyPolicyExtension)do { if (checkerState->inhibitAnyPolicyExtension){ stdVars .aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)( checkerState->inhibitAnyPolicyExtension), plContext); if ( stdVars.aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars .aPkixTempResult, plContext); stdVars.aPkixTempResult = ((void *)0); } checkerState->inhibitAnyPolicyExtension = ((void*) 0); } } while (0); | |||
47 | PKIX_DECREF(checkerState->anyPolicyOID)do { if (checkerState->anyPolicyOID){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(checkerState-> anyPolicyOID), plContext); if (stdVars.aPkixTempResult) { PKIX_DoAddError (&stdVars, stdVars.aPkixTempResult, plContext); stdVars.aPkixTempResult = ((void*)0); } checkerState->anyPolicyOID = ((void*)0); } } while (0); | |||
48 | PKIX_DECREF(checkerState->validPolicyTree)do { if (checkerState->validPolicyTree){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(checkerState-> validPolicyTree), plContext); if (stdVars.aPkixTempResult) { PKIX_DoAddError (&stdVars, stdVars.aPkixTempResult, plContext); stdVars.aPkixTempResult = ((void*)0); } checkerState->validPolicyTree = ((void*)0 ); } } while (0); | |||
49 | PKIX_DECREF(checkerState->userInitialPolicySet)do { if (checkerState->userInitialPolicySet){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(checkerState-> userInitialPolicySet), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } checkerState->userInitialPolicySet = ((void*)0); } } while (0); | |||
50 | PKIX_DECREF(checkerState->mappedUserInitialPolicySet)do { if (checkerState->mappedUserInitialPolicySet){ stdVars .aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)( checkerState->mappedUserInitialPolicySet), plContext); if ( stdVars.aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars .aPkixTempResult, plContext); stdVars.aPkixTempResult = ((void *)0); } checkerState->mappedUserInitialPolicySet = ((void* )0); } } while (0); | |||
51 | ||||
52 | checkerState->policyQualifiersRejected = PKIX_FALSE((PKIX_Boolean) 0); | |||
53 | checkerState->explicitPolicy = 0; | |||
54 | checkerState->inhibitAnyPolicy = 0; | |||
55 | checkerState->policyMapping = 0; | |||
56 | checkerState->numCerts = 0; | |||
57 | checkerState->certsProcessed = 0; | |||
58 | checkerState->certPoliciesCritical = PKIX_FALSE((PKIX_Boolean) 0); | |||
59 | ||||
60 | PKIX_DECREF(checkerState->anyPolicyNodeAtBottom)do { if (checkerState->anyPolicyNodeAtBottom){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(checkerState-> anyPolicyNodeAtBottom), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } checkerState->anyPolicyNodeAtBottom = ((void*)0); } } while (0); | |||
61 | PKIX_DECREF(checkerState->newAnyPolicyNode)do { if (checkerState->newAnyPolicyNode){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(checkerState-> newAnyPolicyNode), plContext); if (stdVars.aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } checkerState->newAnyPolicyNode = ((void*)0); } } while (0); | |||
62 | PKIX_DECREF(checkerState->mappedPolicyOIDs)do { if (checkerState->mappedPolicyOIDs){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(checkerState-> mappedPolicyOIDs), plContext); if (stdVars.aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } checkerState->mappedPolicyOIDs = ((void*)0); } } while (0); | |||
63 | ||||
64 | cleanup: | |||
65 | ||||
66 | PKIX_RETURN(CERTPOLICYCHECKERSTATE)return PKIX_DoReturn(&stdVars, (PKIX_CERTPOLICYCHECKERSTATE_ERROR ), ((PKIX_Boolean) 1), plContext);; | |||
67 | } | |||
68 | ||||
69 | /* | |||
70 | * FUNCTION: pkix_PolicyCheckerState_ToString | |||
71 | * (see comments for PKIX_PL_ToStringCallback in pkix_pl_system.h) | |||
72 | */ | |||
73 | static PKIX_Error * | |||
74 | pkix_PolicyCheckerState_ToString( | |||
75 | PKIX_PL_Object *object, | |||
76 | PKIX_PL_String **pCheckerStateString, | |||
77 | void *plContext) | |||
78 | { | |||
79 | PKIX_PolicyCheckerState *state = NULL((void*)0); | |||
80 | PKIX_PL_String *resultString = NULL((void*)0); | |||
81 | PKIX_PL_String *policiesExtOIDString = NULL((void*)0); | |||
82 | PKIX_PL_String *policyMapOIDString = NULL((void*)0); | |||
83 | PKIX_PL_String *policyConstrOIDString = NULL((void*)0); | |||
84 | PKIX_PL_String *inhAnyPolOIDString = NULL((void*)0); | |||
85 | PKIX_PL_String *anyPolicyOIDString = NULL((void*)0); | |||
86 | PKIX_PL_String *validPolicyTreeString = NULL((void*)0); | |||
87 | PKIX_PL_String *userInitialPolicySetString = NULL((void*)0); | |||
88 | PKIX_PL_String *mappedUserPolicySetString = NULL((void*)0); | |||
89 | PKIX_PL_String *mappedPolicyOIDsString = NULL((void*)0); | |||
90 | PKIX_PL_String *anyAtBottomString = NULL((void*)0); | |||
91 | PKIX_PL_String *newAnyPolicyString = NULL((void*)0); | |||
92 | PKIX_PL_String *formatString = NULL((void*)0); | |||
93 | PKIX_PL_String *trueString = NULL((void*)0); | |||
94 | PKIX_PL_String *falseString = NULL((void*)0); | |||
95 | PKIX_PL_String *nullString = NULL((void*)0); | |||
96 | PKIX_Boolean initialPolicyMappingInhibit = PKIX_FALSE((PKIX_Boolean) 0); | |||
97 | PKIX_Boolean initialExplicitPolicy = PKIX_FALSE((PKIX_Boolean) 0); | |||
98 | PKIX_Boolean initialAnyPolicyInhibit = PKIX_FALSE((PKIX_Boolean) 0); | |||
99 | PKIX_Boolean initialIsAnyPolicy = PKIX_FALSE((PKIX_Boolean) 0); | |||
100 | PKIX_Boolean policyQualifiersRejected = PKIX_FALSE((PKIX_Boolean) 0); | |||
101 | PKIX_Boolean certPoliciesCritical = PKIX_FALSE((PKIX_Boolean) 0); | |||
102 | char *asciiFormat = | |||
103 | "{\n" | |||
104 | "\tcertPoliciesExtension: \t%s\n" | |||
105 | "\tpolicyMappingsExtension: \t%s\n" | |||
106 | "\tpolicyConstraintsExtension:\t%s\n" | |||
107 | "\tinhibitAnyPolicyExtension:\t%s\n" | |||
108 | "\tanyPolicyOID: \t%s\n" | |||
109 | "\tinitialIsAnyPolicy: \t%s\n" | |||
110 | "\tvalidPolicyTree: \t%s\n" | |||
111 | "\tuserInitialPolicySet: \t%s\n" | |||
112 | "\tmappedUserPolicySet: \t%s\n" | |||
113 | "\tpolicyQualifiersRejected: \t%s\n" | |||
114 | "\tinitialPolMappingInhibit: \t%s\n" | |||
115 | "\tinitialExplicitPolicy: \t%s\n" | |||
116 | "\tinitialAnyPolicyInhibit: \t%s\n" | |||
117 | "\texplicitPolicy: \t%d\n" | |||
118 | "\tinhibitAnyPolicy: \t%d\n" | |||
119 | "\tpolicyMapping: \t%d\n" | |||
120 | "\tnumCerts: \t%d\n" | |||
121 | "\tcertsProcessed: \t%d\n" | |||
122 | "\tanyPolicyNodeAtBottom: \t%s\n" | |||
123 | "\tnewAnyPolicyNode: \t%s\n" | |||
124 | "\tcertPoliciesCritical: \t%s\n" | |||
125 | "\tmappedPolicyOIDs: \t%s\n" | |||
126 | "}"; | |||
127 | ||||
128 | PKIX_ENTER(CERTPOLICYCHECKERSTATE, "pkix_PolicyCheckerState_ToString")static const char cMyFuncName[] = {"pkix_PolicyCheckerState_ToString" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTPOLICYCHECKERSTATE_ERROR; ; do { if (pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0);; | |||
129 | ||||
130 | PKIX_NULLCHECK_TWO(object, pCheckerStateString)do { if (((object) == ((void*)0)) || ((pCheckerStateString) == ((void*)0))){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1 ); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT; return PKIX_DoReturn (&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean) 1), plContext );; } } while (0); | |||
131 | ||||
132 | PKIX_CHECK(pkix_CheckTypedo { stdVars.aPkixErrorResult = (pkix_CheckType (object, PKIX_CERTPOLICYCHECKERSTATE_TYPE , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OBJECTNOTPOLICYCHECKERSTATE; goto cleanup; } } while ( 0) | |||
133 | (object, PKIX_CERTPOLICYCHECKERSTATE_TYPE, plContext),do { stdVars.aPkixErrorResult = (pkix_CheckType (object, PKIX_CERTPOLICYCHECKERSTATE_TYPE , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OBJECTNOTPOLICYCHECKERSTATE; goto cleanup; } } while ( 0) | |||
134 | PKIX_OBJECTNOTPOLICYCHECKERSTATE)do { stdVars.aPkixErrorResult = (pkix_CheckType (object, PKIX_CERTPOLICYCHECKERSTATE_TYPE , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OBJECTNOTPOLICYCHECKERSTATE; goto cleanup; } } while ( 0); | |||
135 | ||||
136 | state = (PKIX_PolicyCheckerState *)object; | |||
137 | PKIX_NULLCHECK_THREEdo { if (((state->certPoliciesExtension) == ((void*)0)) || ((state->policyMappingsExtension) == ((void*)0)) || ((state ->policyConstraintsExtension) == ((void*)0))){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT ; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean ) 1), plContext);; } } while (0) | |||
138 | (state->certPoliciesExtension,do { if (((state->certPoliciesExtension) == ((void*)0)) || ((state->policyMappingsExtension) == ((void*)0)) || ((state ->policyConstraintsExtension) == ((void*)0))){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT ; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean ) 1), plContext);; } } while (0) | |||
139 | state->policyMappingsExtension,do { if (((state->certPoliciesExtension) == ((void*)0)) || ((state->policyMappingsExtension) == ((void*)0)) || ((state ->policyConstraintsExtension) == ((void*)0))){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT ; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean ) 1), plContext);; } } while (0) | |||
140 | state->policyConstraintsExtension)do { if (((state->certPoliciesExtension) == ((void*)0)) || ((state->policyMappingsExtension) == ((void*)0)) || ((state ->policyConstraintsExtension) == ((void*)0))){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT ; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean ) 1), plContext);; } } while (0); | |||
141 | PKIX_NULLCHECK_THREEdo { if (((state->inhibitAnyPolicyExtension) == ((void*)0) ) || ((state->anyPolicyOID) == ((void*)0)) || ((state-> userInitialPolicySet) == ((void*)0))){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT ; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean ) 1), plContext);; } } while (0) | |||
142 | (state->inhibitAnyPolicyExtension,do { if (((state->inhibitAnyPolicyExtension) == ((void*)0) ) || ((state->anyPolicyOID) == ((void*)0)) || ((state-> userInitialPolicySet) == ((void*)0))){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT ; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean ) 1), plContext);; } } while (0) | |||
143 | state->anyPolicyOID,do { if (((state->inhibitAnyPolicyExtension) == ((void*)0) ) || ((state->anyPolicyOID) == ((void*)0)) || ((state-> userInitialPolicySet) == ((void*)0))){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT ; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean ) 1), plContext);; } } while (0) | |||
144 | state->userInitialPolicySet)do { if (((state->inhibitAnyPolicyExtension) == ((void*)0) ) || ((state->anyPolicyOID) == ((void*)0)) || ((state-> userInitialPolicySet) == ((void*)0))){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT ; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean ) 1), plContext);; } } while (0); | |||
145 | ||||
146 | PKIX_CHECK(PKIX_PL_String_Createdo { stdVars.aPkixErrorResult = (PKIX_PL_String_Create (0, asciiFormat , 0, &formatString, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_STRINGCREATEFAILED; goto cleanup ; } } while (0) | |||
147 | (PKIX_ESCASCII, asciiFormat, 0, &formatString, plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_String_Create (0, asciiFormat , 0, &formatString, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_STRINGCREATEFAILED; goto cleanup ; } } while (0) | |||
148 | PKIX_STRINGCREATEFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_String_Create (0, asciiFormat , 0, &formatString, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_STRINGCREATEFAILED; goto cleanup ; } } while (0); | |||
149 | /* | |||
150 | * Create TRUE, FALSE, and "NULL" PKIX_PL_Strings. But creating a | |||
151 | * PKIX_PL_String is complicated enough, it's worth checking, for | |||
152 | * each, to make sure the string is needed. | |||
153 | */ | |||
154 | initialPolicyMappingInhibit = state->initialPolicyMappingInhibit; | |||
155 | initialExplicitPolicy = state->initialExplicitPolicy; | |||
156 | initialAnyPolicyInhibit = state->initialAnyPolicyInhibit; | |||
157 | initialIsAnyPolicy = state->initialIsAnyPolicy; | |||
158 | policyQualifiersRejected = state->policyQualifiersRejected; | |||
159 | certPoliciesCritical = state->certPoliciesCritical; | |||
160 | ||||
161 | if (initialPolicyMappingInhibit || initialExplicitPolicy || | |||
162 | initialAnyPolicyInhibit || initialIsAnyPolicy || | |||
163 | policyQualifiersRejected || certPoliciesCritical) { | |||
164 | PKIX_CHECK(PKIX_PL_String_Createdo { stdVars.aPkixErrorResult = (PKIX_PL_String_Create (0, "TRUE" , 0, &trueString, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_STRINGCREATEFAILED; goto cleanup ; } } while (0) | |||
165 | (PKIX_ESCASCII, "TRUE", 0, &trueString, plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_String_Create (0, "TRUE" , 0, &trueString, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_STRINGCREATEFAILED; goto cleanup ; } } while (0) | |||
166 | PKIX_STRINGCREATEFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_String_Create (0, "TRUE" , 0, &trueString, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_STRINGCREATEFAILED; goto cleanup ; } } while (0); | |||
167 | } | |||
168 | if (!initialPolicyMappingInhibit || !initialExplicitPolicy || | |||
169 | !initialAnyPolicyInhibit || !initialIsAnyPolicy || | |||
170 | !policyQualifiersRejected || !certPoliciesCritical) { | |||
171 | PKIX_CHECK(PKIX_PL_String_Createdo { stdVars.aPkixErrorResult = (PKIX_PL_String_Create (0, "FALSE" , 0, &falseString, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_STRINGCREATEFAILED; goto cleanup ; } } while (0) | |||
172 | (PKIX_ESCASCII, "FALSE", 0, &falseString, plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_String_Create (0, "FALSE" , 0, &falseString, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_STRINGCREATEFAILED; goto cleanup ; } } while (0) | |||
173 | PKIX_STRINGCREATEFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_String_Create (0, "FALSE" , 0, &falseString, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_STRINGCREATEFAILED; goto cleanup ; } } while (0); | |||
174 | } | |||
175 | if (!(state->anyPolicyNodeAtBottom) || !(state->newAnyPolicyNode)) { | |||
176 | PKIX_CHECK(PKIX_PL_String_Createdo { stdVars.aPkixErrorResult = (PKIX_PL_String_Create (0, "(null)" , 0, &nullString, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_STRINGCREATEFAILED; goto cleanup ; } } while (0) | |||
177 | (PKIX_ESCASCII, "(null)", 0, &nullString, plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_String_Create (0, "(null)" , 0, &nullString, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_STRINGCREATEFAILED; goto cleanup ; } } while (0) | |||
178 | PKIX_STRINGCREATEFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_String_Create (0, "(null)" , 0, &nullString, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_STRINGCREATEFAILED; goto cleanup ; } } while (0); | |||
179 | } | |||
180 | ||||
181 | PKIX_TOSTRINGdo { int descNum; if ((state->certPoliciesExtension) != (( void*)0)) { stdVars.aPkixErrorResult = PKIX_PL_Object_ToString ((PKIX_PL_Object *)(state->certPoliciesExtension), (&policiesExtOIDString ), (plContext)); descNum = (PKIX_OBJECTTOSTRINGFAILED); } else { stdVars.aPkixErrorResult = PKIX_PL_String_Create(0, "(null)" , 0, (&policiesExtOIDString), (plContext)); descNum = PKIX_STRINGCREATEFAILED ; } do { stdVars.aPkixErrorResult = (stdVars.aPkixErrorResult ); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = descNum ; goto cleanup; } } while (0); } while (0) | |||
182 | (state->certPoliciesExtension, &policiesExtOIDString, plContext,do { int descNum; if ((state->certPoliciesExtension) != (( void*)0)) { stdVars.aPkixErrorResult = PKIX_PL_Object_ToString ((PKIX_PL_Object *)(state->certPoliciesExtension), (&policiesExtOIDString ), (plContext)); descNum = (PKIX_OBJECTTOSTRINGFAILED); } else { stdVars.aPkixErrorResult = PKIX_PL_String_Create(0, "(null)" , 0, (&policiesExtOIDString), (plContext)); descNum = PKIX_STRINGCREATEFAILED ; } do { stdVars.aPkixErrorResult = (stdVars.aPkixErrorResult ); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = descNum ; goto cleanup; } } while (0); } while (0) | |||
183 | PKIX_OBJECTTOSTRINGFAILED)do { int descNum; if ((state->certPoliciesExtension) != (( void*)0)) { stdVars.aPkixErrorResult = PKIX_PL_Object_ToString ((PKIX_PL_Object *)(state->certPoliciesExtension), (&policiesExtOIDString ), (plContext)); descNum = (PKIX_OBJECTTOSTRINGFAILED); } else { stdVars.aPkixErrorResult = PKIX_PL_String_Create(0, "(null)" , 0, (&policiesExtOIDString), (plContext)); descNum = PKIX_STRINGCREATEFAILED ; } do { stdVars.aPkixErrorResult = (stdVars.aPkixErrorResult ); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = descNum ; goto cleanup; } } while (0); } while (0); | |||
184 | ||||
185 | PKIX_TOSTRINGdo { int descNum; if ((state->policyMappingsExtension) != ( (void*)0)) { stdVars.aPkixErrorResult = PKIX_PL_Object_ToString ((PKIX_PL_Object *)(state->policyMappingsExtension), (& policyMapOIDString), (plContext)); descNum = (PKIX_OBJECTTOSTRINGFAILED ); } else { stdVars.aPkixErrorResult = PKIX_PL_String_Create( 0, "(null)", 0, (&policyMapOIDString), (plContext)); descNum = PKIX_STRINGCREATEFAILED; } do { stdVars.aPkixErrorResult = (stdVars.aPkixErrorResult); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = descNum; goto cleanup; } } while (0); } while (0) | |||
186 | (state->policyMappingsExtension,do { int descNum; if ((state->policyMappingsExtension) != ( (void*)0)) { stdVars.aPkixErrorResult = PKIX_PL_Object_ToString ((PKIX_PL_Object *)(state->policyMappingsExtension), (& policyMapOIDString), (plContext)); descNum = (PKIX_OBJECTTOSTRINGFAILED ); } else { stdVars.aPkixErrorResult = PKIX_PL_String_Create( 0, "(null)", 0, (&policyMapOIDString), (plContext)); descNum = PKIX_STRINGCREATEFAILED; } do { stdVars.aPkixErrorResult = (stdVars.aPkixErrorResult); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = descNum; goto cleanup; } } while (0); } while (0) | |||
187 | &policyMapOIDString,do { int descNum; if ((state->policyMappingsExtension) != ( (void*)0)) { stdVars.aPkixErrorResult = PKIX_PL_Object_ToString ((PKIX_PL_Object *)(state->policyMappingsExtension), (& policyMapOIDString), (plContext)); descNum = (PKIX_OBJECTTOSTRINGFAILED ); } else { stdVars.aPkixErrorResult = PKIX_PL_String_Create( 0, "(null)", 0, (&policyMapOIDString), (plContext)); descNum = PKIX_STRINGCREATEFAILED; } do { stdVars.aPkixErrorResult = (stdVars.aPkixErrorResult); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = descNum; goto cleanup; } } while (0); } while (0) | |||
188 | plContext,do { int descNum; if ((state->policyMappingsExtension) != ( (void*)0)) { stdVars.aPkixErrorResult = PKIX_PL_Object_ToString ((PKIX_PL_Object *)(state->policyMappingsExtension), (& policyMapOIDString), (plContext)); descNum = (PKIX_OBJECTTOSTRINGFAILED ); } else { stdVars.aPkixErrorResult = PKIX_PL_String_Create( 0, "(null)", 0, (&policyMapOIDString), (plContext)); descNum = PKIX_STRINGCREATEFAILED; } do { stdVars.aPkixErrorResult = (stdVars.aPkixErrorResult); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = descNum; goto cleanup; } } while (0); } while (0) | |||
189 | PKIX_OBJECTTOSTRINGFAILED)do { int descNum; if ((state->policyMappingsExtension) != ( (void*)0)) { stdVars.aPkixErrorResult = PKIX_PL_Object_ToString ((PKIX_PL_Object *)(state->policyMappingsExtension), (& policyMapOIDString), (plContext)); descNum = (PKIX_OBJECTTOSTRINGFAILED ); } else { stdVars.aPkixErrorResult = PKIX_PL_String_Create( 0, "(null)", 0, (&policyMapOIDString), (plContext)); descNum = PKIX_STRINGCREATEFAILED; } do { stdVars.aPkixErrorResult = (stdVars.aPkixErrorResult); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = descNum; goto cleanup; } } while (0); } while (0); | |||
190 | ||||
191 | PKIX_TOSTRINGdo { int descNum; if ((state->policyConstraintsExtension) != ((void*)0)) { stdVars.aPkixErrorResult = PKIX_PL_Object_ToString ((PKIX_PL_Object *)(state->policyConstraintsExtension), (& policyConstrOIDString), (plContext)); descNum = (PKIX_OBJECTTOSTRINGFAILED ); } else { stdVars.aPkixErrorResult = PKIX_PL_String_Create( 0, "(null)", 0, (&policyConstrOIDString), (plContext)); descNum = PKIX_STRINGCREATEFAILED; } do { stdVars.aPkixErrorResult = (stdVars.aPkixErrorResult); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = descNum; goto cleanup; } } while (0); } while (0) | |||
192 | (state->policyConstraintsExtension,do { int descNum; if ((state->policyConstraintsExtension) != ((void*)0)) { stdVars.aPkixErrorResult = PKIX_PL_Object_ToString ((PKIX_PL_Object *)(state->policyConstraintsExtension), (& policyConstrOIDString), (plContext)); descNum = (PKIX_OBJECTTOSTRINGFAILED ); } else { stdVars.aPkixErrorResult = PKIX_PL_String_Create( 0, "(null)", 0, (&policyConstrOIDString), (plContext)); descNum = PKIX_STRINGCREATEFAILED; } do { stdVars.aPkixErrorResult = (stdVars.aPkixErrorResult); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = descNum; goto cleanup; } } while (0); } while (0) | |||
193 | &policyConstrOIDString,do { int descNum; if ((state->policyConstraintsExtension) != ((void*)0)) { stdVars.aPkixErrorResult = PKIX_PL_Object_ToString ((PKIX_PL_Object *)(state->policyConstraintsExtension), (& policyConstrOIDString), (plContext)); descNum = (PKIX_OBJECTTOSTRINGFAILED ); } else { stdVars.aPkixErrorResult = PKIX_PL_String_Create( 0, "(null)", 0, (&policyConstrOIDString), (plContext)); descNum = PKIX_STRINGCREATEFAILED; } do { stdVars.aPkixErrorResult = (stdVars.aPkixErrorResult); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = descNum; goto cleanup; } } while (0); } while (0) | |||
194 | plContext,do { int descNum; if ((state->policyConstraintsExtension) != ((void*)0)) { stdVars.aPkixErrorResult = PKIX_PL_Object_ToString ((PKIX_PL_Object *)(state->policyConstraintsExtension), (& policyConstrOIDString), (plContext)); descNum = (PKIX_OBJECTTOSTRINGFAILED ); } else { stdVars.aPkixErrorResult = PKIX_PL_String_Create( 0, "(null)", 0, (&policyConstrOIDString), (plContext)); descNum = PKIX_STRINGCREATEFAILED; } do { stdVars.aPkixErrorResult = (stdVars.aPkixErrorResult); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = descNum; goto cleanup; } } while (0); } while (0) | |||
195 | PKIX_OBJECTTOSTRINGFAILED)do { int descNum; if ((state->policyConstraintsExtension) != ((void*)0)) { stdVars.aPkixErrorResult = PKIX_PL_Object_ToString ((PKIX_PL_Object *)(state->policyConstraintsExtension), (& policyConstrOIDString), (plContext)); descNum = (PKIX_OBJECTTOSTRINGFAILED ); } else { stdVars.aPkixErrorResult = PKIX_PL_String_Create( 0, "(null)", 0, (&policyConstrOIDString), (plContext)); descNum = PKIX_STRINGCREATEFAILED; } do { stdVars.aPkixErrorResult = (stdVars.aPkixErrorResult); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = descNum; goto cleanup; } } while (0); } while (0); | |||
196 | ||||
197 | PKIX_TOSTRINGdo { int descNum; if ((state->inhibitAnyPolicyExtension) != ((void*)0)) { stdVars.aPkixErrorResult = PKIX_PL_Object_ToString ((PKIX_PL_Object *)(state->inhibitAnyPolicyExtension), (& inhAnyPolOIDString), (plContext)); descNum = (PKIX_OBJECTTOSTRINGFAILED ); } else { stdVars.aPkixErrorResult = PKIX_PL_String_Create( 0, "(null)", 0, (&inhAnyPolOIDString), (plContext)); descNum = PKIX_STRINGCREATEFAILED; } do { stdVars.aPkixErrorResult = (stdVars.aPkixErrorResult); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = descNum; goto cleanup; } } while (0); } while (0) | |||
198 | (state->inhibitAnyPolicyExtension,do { int descNum; if ((state->inhibitAnyPolicyExtension) != ((void*)0)) { stdVars.aPkixErrorResult = PKIX_PL_Object_ToString ((PKIX_PL_Object *)(state->inhibitAnyPolicyExtension), (& inhAnyPolOIDString), (plContext)); descNum = (PKIX_OBJECTTOSTRINGFAILED ); } else { stdVars.aPkixErrorResult = PKIX_PL_String_Create( 0, "(null)", 0, (&inhAnyPolOIDString), (plContext)); descNum = PKIX_STRINGCREATEFAILED; } do { stdVars.aPkixErrorResult = (stdVars.aPkixErrorResult); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = descNum; goto cleanup; } } while (0); } while (0) | |||
199 | &inhAnyPolOIDString,do { int descNum; if ((state->inhibitAnyPolicyExtension) != ((void*)0)) { stdVars.aPkixErrorResult = PKIX_PL_Object_ToString ((PKIX_PL_Object *)(state->inhibitAnyPolicyExtension), (& inhAnyPolOIDString), (plContext)); descNum = (PKIX_OBJECTTOSTRINGFAILED ); } else { stdVars.aPkixErrorResult = PKIX_PL_String_Create( 0, "(null)", 0, (&inhAnyPolOIDString), (plContext)); descNum = PKIX_STRINGCREATEFAILED; } do { stdVars.aPkixErrorResult = (stdVars.aPkixErrorResult); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = descNum; goto cleanup; } } while (0); } while (0) | |||
200 | plContext,do { int descNum; if ((state->inhibitAnyPolicyExtension) != ((void*)0)) { stdVars.aPkixErrorResult = PKIX_PL_Object_ToString ((PKIX_PL_Object *)(state->inhibitAnyPolicyExtension), (& inhAnyPolOIDString), (plContext)); descNum = (PKIX_OBJECTTOSTRINGFAILED ); } else { stdVars.aPkixErrorResult = PKIX_PL_String_Create( 0, "(null)", 0, (&inhAnyPolOIDString), (plContext)); descNum = PKIX_STRINGCREATEFAILED; } do { stdVars.aPkixErrorResult = (stdVars.aPkixErrorResult); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = descNum; goto cleanup; } } while (0); } while (0) | |||
201 | PKIX_OBJECTTOSTRINGFAILED)do { int descNum; if ((state->inhibitAnyPolicyExtension) != ((void*)0)) { stdVars.aPkixErrorResult = PKIX_PL_Object_ToString ((PKIX_PL_Object *)(state->inhibitAnyPolicyExtension), (& inhAnyPolOIDString), (plContext)); descNum = (PKIX_OBJECTTOSTRINGFAILED ); } else { stdVars.aPkixErrorResult = PKIX_PL_String_Create( 0, "(null)", 0, (&inhAnyPolOIDString), (plContext)); descNum = PKIX_STRINGCREATEFAILED; } do { stdVars.aPkixErrorResult = (stdVars.aPkixErrorResult); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = descNum; goto cleanup; } } while (0); } while (0); | |||
202 | ||||
203 | PKIX_TOSTRING(state->anyPolicyOID, &anyPolicyOIDString, plContext,do { int descNum; if ((state->anyPolicyOID) != ((void*)0)) { stdVars.aPkixErrorResult = PKIX_PL_Object_ToString((PKIX_PL_Object *)(state->anyPolicyOID), (&anyPolicyOIDString), (plContext )); descNum = (PKIX_OBJECTTOSTRINGFAILED); } else { stdVars.aPkixErrorResult = PKIX_PL_String_Create(0, "(null)", 0, (&anyPolicyOIDString ), (plContext)); descNum = PKIX_STRINGCREATEFAILED; } do { stdVars .aPkixErrorResult = (stdVars.aPkixErrorResult); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = descNum; goto cleanup; } } while ( 0); } while (0) | |||
204 | PKIX_OBJECTTOSTRINGFAILED)do { int descNum; if ((state->anyPolicyOID) != ((void*)0)) { stdVars.aPkixErrorResult = PKIX_PL_Object_ToString((PKIX_PL_Object *)(state->anyPolicyOID), (&anyPolicyOIDString), (plContext )); descNum = (PKIX_OBJECTTOSTRINGFAILED); } else { stdVars.aPkixErrorResult = PKIX_PL_String_Create(0, "(null)", 0, (&anyPolicyOIDString ), (plContext)); descNum = PKIX_STRINGCREATEFAILED; } do { stdVars .aPkixErrorResult = (stdVars.aPkixErrorResult); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = descNum; goto cleanup; } } while ( 0); } while (0); | |||
205 | ||||
206 | PKIX_TOSTRING(state->validPolicyTree, &validPolicyTreeString, plContext,do { int descNum; if ((state->validPolicyTree) != ((void*) 0)) { stdVars.aPkixErrorResult = PKIX_PL_Object_ToString((PKIX_PL_Object *)(state->validPolicyTree), (&validPolicyTreeString), (plContext)); descNum = (PKIX_OBJECTTOSTRINGFAILED); } else { stdVars.aPkixErrorResult = PKIX_PL_String_Create(0, "(null)" , 0, (&validPolicyTreeString), (plContext)); descNum = PKIX_STRINGCREATEFAILED ; } do { stdVars.aPkixErrorResult = (stdVars.aPkixErrorResult ); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = descNum ; goto cleanup; } } while (0); } while (0) | |||
207 | PKIX_OBJECTTOSTRINGFAILED)do { int descNum; if ((state->validPolicyTree) != ((void*) 0)) { stdVars.aPkixErrorResult = PKIX_PL_Object_ToString((PKIX_PL_Object *)(state->validPolicyTree), (&validPolicyTreeString), (plContext)); descNum = (PKIX_OBJECTTOSTRINGFAILED); } else { stdVars.aPkixErrorResult = PKIX_PL_String_Create(0, "(null)" , 0, (&validPolicyTreeString), (plContext)); descNum = PKIX_STRINGCREATEFAILED ; } do { stdVars.aPkixErrorResult = (stdVars.aPkixErrorResult ); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = descNum ; goto cleanup; } } while (0); } while (0); | |||
208 | ||||
209 | PKIX_TOSTRINGdo { int descNum; if ((state->userInitialPolicySet) != ((void *)0)) { stdVars.aPkixErrorResult = PKIX_PL_Object_ToString((PKIX_PL_Object *)(state->userInitialPolicySet), (&userInitialPolicySetString ), (plContext)); descNum = (PKIX_OBJECTTOSTRINGFAILED); } else { stdVars.aPkixErrorResult = PKIX_PL_String_Create(0, "(null)" , 0, (&userInitialPolicySetString), (plContext)); descNum = PKIX_STRINGCREATEFAILED; } do { stdVars.aPkixErrorResult = (stdVars.aPkixErrorResult); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = descNum; goto cleanup; } } while (0); } while (0) | |||
210 | (state->userInitialPolicySet,do { int descNum; if ((state->userInitialPolicySet) != ((void *)0)) { stdVars.aPkixErrorResult = PKIX_PL_Object_ToString((PKIX_PL_Object *)(state->userInitialPolicySet), (&userInitialPolicySetString ), (plContext)); descNum = (PKIX_OBJECTTOSTRINGFAILED); } else { stdVars.aPkixErrorResult = PKIX_PL_String_Create(0, "(null)" , 0, (&userInitialPolicySetString), (plContext)); descNum = PKIX_STRINGCREATEFAILED; } do { stdVars.aPkixErrorResult = (stdVars.aPkixErrorResult); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = descNum; goto cleanup; } } while (0); } while (0) | |||
211 | &userInitialPolicySetString,do { int descNum; if ((state->userInitialPolicySet) != ((void *)0)) { stdVars.aPkixErrorResult = PKIX_PL_Object_ToString((PKIX_PL_Object *)(state->userInitialPolicySet), (&userInitialPolicySetString ), (plContext)); descNum = (PKIX_OBJECTTOSTRINGFAILED); } else { stdVars.aPkixErrorResult = PKIX_PL_String_Create(0, "(null)" , 0, (&userInitialPolicySetString), (plContext)); descNum = PKIX_STRINGCREATEFAILED; } do { stdVars.aPkixErrorResult = (stdVars.aPkixErrorResult); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = descNum; goto cleanup; } } while (0); } while (0) | |||
212 | plContext,do { int descNum; if ((state->userInitialPolicySet) != ((void *)0)) { stdVars.aPkixErrorResult = PKIX_PL_Object_ToString((PKIX_PL_Object *)(state->userInitialPolicySet), (&userInitialPolicySetString ), (plContext)); descNum = (PKIX_OBJECTTOSTRINGFAILED); } else { stdVars.aPkixErrorResult = PKIX_PL_String_Create(0, "(null)" , 0, (&userInitialPolicySetString), (plContext)); descNum = PKIX_STRINGCREATEFAILED; } do { stdVars.aPkixErrorResult = (stdVars.aPkixErrorResult); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = descNum; goto cleanup; } } while (0); } while (0) | |||
213 | PKIX_OBJECTTOSTRINGFAILED)do { int descNum; if ((state->userInitialPolicySet) != ((void *)0)) { stdVars.aPkixErrorResult = PKIX_PL_Object_ToString((PKIX_PL_Object *)(state->userInitialPolicySet), (&userInitialPolicySetString ), (plContext)); descNum = (PKIX_OBJECTTOSTRINGFAILED); } else { stdVars.aPkixErrorResult = PKIX_PL_String_Create(0, "(null)" , 0, (&userInitialPolicySetString), (plContext)); descNum = PKIX_STRINGCREATEFAILED; } do { stdVars.aPkixErrorResult = (stdVars.aPkixErrorResult); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = descNum; goto cleanup; } } while (0); } while (0); | |||
214 | ||||
215 | PKIX_TOSTRINGdo { int descNum; if ((state->mappedUserInitialPolicySet) != ((void*)0)) { stdVars.aPkixErrorResult = PKIX_PL_Object_ToString ((PKIX_PL_Object *)(state->mappedUserInitialPolicySet), (& mappedUserPolicySetString), (plContext)); descNum = (PKIX_OBJECTTOSTRINGFAILED ); } else { stdVars.aPkixErrorResult = PKIX_PL_String_Create( 0, "(null)", 0, (&mappedUserPolicySetString), (plContext) ); descNum = PKIX_STRINGCREATEFAILED; } do { stdVars.aPkixErrorResult = (stdVars.aPkixErrorResult); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = descNum; goto cleanup; } } while ( 0); } while (0) | |||
216 | (state->mappedUserInitialPolicySet,do { int descNum; if ((state->mappedUserInitialPolicySet) != ((void*)0)) { stdVars.aPkixErrorResult = PKIX_PL_Object_ToString ((PKIX_PL_Object *)(state->mappedUserInitialPolicySet), (& mappedUserPolicySetString), (plContext)); descNum = (PKIX_OBJECTTOSTRINGFAILED ); } else { stdVars.aPkixErrorResult = PKIX_PL_String_Create( 0, "(null)", 0, (&mappedUserPolicySetString), (plContext) ); descNum = PKIX_STRINGCREATEFAILED; } do { stdVars.aPkixErrorResult = (stdVars.aPkixErrorResult); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = descNum; goto cleanup; } } while ( 0); } while (0) | |||
217 | &mappedUserPolicySetString,do { int descNum; if ((state->mappedUserInitialPolicySet) != ((void*)0)) { stdVars.aPkixErrorResult = PKIX_PL_Object_ToString ((PKIX_PL_Object *)(state->mappedUserInitialPolicySet), (& mappedUserPolicySetString), (plContext)); descNum = (PKIX_OBJECTTOSTRINGFAILED ); } else { stdVars.aPkixErrorResult = PKIX_PL_String_Create( 0, "(null)", 0, (&mappedUserPolicySetString), (plContext) ); descNum = PKIX_STRINGCREATEFAILED; } do { stdVars.aPkixErrorResult = (stdVars.aPkixErrorResult); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = descNum; goto cleanup; } } while ( 0); } while (0) | |||
218 | plContext,do { int descNum; if ((state->mappedUserInitialPolicySet) != ((void*)0)) { stdVars.aPkixErrorResult = PKIX_PL_Object_ToString ((PKIX_PL_Object *)(state->mappedUserInitialPolicySet), (& mappedUserPolicySetString), (plContext)); descNum = (PKIX_OBJECTTOSTRINGFAILED ); } else { stdVars.aPkixErrorResult = PKIX_PL_String_Create( 0, "(null)", 0, (&mappedUserPolicySetString), (plContext) ); descNum = PKIX_STRINGCREATEFAILED; } do { stdVars.aPkixErrorResult = (stdVars.aPkixErrorResult); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = descNum; goto cleanup; } } while ( 0); } while (0) | |||
219 | PKIX_OBJECTTOSTRINGFAILED)do { int descNum; if ((state->mappedUserInitialPolicySet) != ((void*)0)) { stdVars.aPkixErrorResult = PKIX_PL_Object_ToString ((PKIX_PL_Object *)(state->mappedUserInitialPolicySet), (& mappedUserPolicySetString), (plContext)); descNum = (PKIX_OBJECTTOSTRINGFAILED ); } else { stdVars.aPkixErrorResult = PKIX_PL_String_Create( 0, "(null)", 0, (&mappedUserPolicySetString), (plContext) ); descNum = PKIX_STRINGCREATEFAILED; } do { stdVars.aPkixErrorResult = (stdVars.aPkixErrorResult); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = descNum; goto cleanup; } } while ( 0); } while (0); | |||
220 | ||||
221 | if (state->anyPolicyNodeAtBottom) { | |||
222 | PKIX_CHECK(pkix_SinglePolicyNode_ToStringdo { stdVars.aPkixErrorResult = (pkix_SinglePolicyNode_ToString (state->anyPolicyNodeAtBottom, &anyAtBottomString, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_SINGLEPOLICYNODETOSTRINGFAILED; goto cleanup; } } while (0) | |||
223 | (state->anyPolicyNodeAtBottom,do { stdVars.aPkixErrorResult = (pkix_SinglePolicyNode_ToString (state->anyPolicyNodeAtBottom, &anyAtBottomString, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_SINGLEPOLICYNODETOSTRINGFAILED; goto cleanup; } } while (0) | |||
224 | &anyAtBottomString,do { stdVars.aPkixErrorResult = (pkix_SinglePolicyNode_ToString (state->anyPolicyNodeAtBottom, &anyAtBottomString, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_SINGLEPOLICYNODETOSTRINGFAILED; goto cleanup; } } while (0) | |||
225 | plContext),do { stdVars.aPkixErrorResult = (pkix_SinglePolicyNode_ToString (state->anyPolicyNodeAtBottom, &anyAtBottomString, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_SINGLEPOLICYNODETOSTRINGFAILED; goto cleanup; } } while (0) | |||
226 | PKIX_SINGLEPOLICYNODETOSTRINGFAILED)do { stdVars.aPkixErrorResult = (pkix_SinglePolicyNode_ToString (state->anyPolicyNodeAtBottom, &anyAtBottomString, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_SINGLEPOLICYNODETOSTRINGFAILED; goto cleanup; } } while (0); | |||
227 | } else { | |||
228 | PKIX_INCREF(nullString)do { if (nullString){ stdVars.aPkixTempResult = PKIX_PL_Object_IncRef ((PKIX_PL_Object *)(nullString), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); goto cleanup; } } } while (0); | |||
229 | anyAtBottomString = nullString; | |||
230 | } | |||
231 | ||||
232 | if (state->newAnyPolicyNode) { | |||
233 | PKIX_CHECK(pkix_SinglePolicyNode_ToStringdo { stdVars.aPkixErrorResult = (pkix_SinglePolicyNode_ToString (state->newAnyPolicyNode, &newAnyPolicyString, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_SINGLEPOLICYNODETOSTRINGFAILED; goto cleanup; } } while (0) | |||
234 | (state->newAnyPolicyNode,do { stdVars.aPkixErrorResult = (pkix_SinglePolicyNode_ToString (state->newAnyPolicyNode, &newAnyPolicyString, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_SINGLEPOLICYNODETOSTRINGFAILED; goto cleanup; } } while (0) | |||
235 | &newAnyPolicyString,do { stdVars.aPkixErrorResult = (pkix_SinglePolicyNode_ToString (state->newAnyPolicyNode, &newAnyPolicyString, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_SINGLEPOLICYNODETOSTRINGFAILED; goto cleanup; } } while (0) | |||
236 | plContext),do { stdVars.aPkixErrorResult = (pkix_SinglePolicyNode_ToString (state->newAnyPolicyNode, &newAnyPolicyString, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_SINGLEPOLICYNODETOSTRINGFAILED; goto cleanup; } } while (0) | |||
237 | PKIX_SINGLEPOLICYNODETOSTRINGFAILED)do { stdVars.aPkixErrorResult = (pkix_SinglePolicyNode_ToString (state->newAnyPolicyNode, &newAnyPolicyString, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_SINGLEPOLICYNODETOSTRINGFAILED; goto cleanup; } } while (0); | |||
238 | } else { | |||
239 | PKIX_INCREF(nullString)do { if (nullString){ stdVars.aPkixTempResult = PKIX_PL_Object_IncRef ((PKIX_PL_Object *)(nullString), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); goto cleanup; } } } while (0); | |||
240 | newAnyPolicyString = nullString; | |||
241 | } | |||
242 | ||||
243 | PKIX_TOSTRINGdo { int descNum; if ((state->mappedPolicyOIDs) != ((void* )0)) { stdVars.aPkixErrorResult = PKIX_PL_Object_ToString((PKIX_PL_Object *)(state->mappedPolicyOIDs), (&mappedPolicyOIDsString ), (plContext)); descNum = (PKIX_OBJECTTOSTRINGFAILED); } else { stdVars.aPkixErrorResult = PKIX_PL_String_Create(0, "(null)" , 0, (&mappedPolicyOIDsString), (plContext)); descNum = PKIX_STRINGCREATEFAILED ; } do { stdVars.aPkixErrorResult = (stdVars.aPkixErrorResult ); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = descNum ; goto cleanup; } } while (0); } while (0) | |||
244 | (state->mappedPolicyOIDs,do { int descNum; if ((state->mappedPolicyOIDs) != ((void* )0)) { stdVars.aPkixErrorResult = PKIX_PL_Object_ToString((PKIX_PL_Object *)(state->mappedPolicyOIDs), (&mappedPolicyOIDsString ), (plContext)); descNum = (PKIX_OBJECTTOSTRINGFAILED); } else { stdVars.aPkixErrorResult = PKIX_PL_String_Create(0, "(null)" , 0, (&mappedPolicyOIDsString), (plContext)); descNum = PKIX_STRINGCREATEFAILED ; } do { stdVars.aPkixErrorResult = (stdVars.aPkixErrorResult ); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = descNum ; goto cleanup; } } while (0); } while (0) | |||
245 | &mappedPolicyOIDsString,do { int descNum; if ((state->mappedPolicyOIDs) != ((void* )0)) { stdVars.aPkixErrorResult = PKIX_PL_Object_ToString((PKIX_PL_Object *)(state->mappedPolicyOIDs), (&mappedPolicyOIDsString ), (plContext)); descNum = (PKIX_OBJECTTOSTRINGFAILED); } else { stdVars.aPkixErrorResult = PKIX_PL_String_Create(0, "(null)" , 0, (&mappedPolicyOIDsString), (plContext)); descNum = PKIX_STRINGCREATEFAILED ; } do { stdVars.aPkixErrorResult = (stdVars.aPkixErrorResult ); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = descNum ; goto cleanup; } } while (0); } while (0) | |||
246 | plContext,do { int descNum; if ((state->mappedPolicyOIDs) != ((void* )0)) { stdVars.aPkixErrorResult = PKIX_PL_Object_ToString((PKIX_PL_Object *)(state->mappedPolicyOIDs), (&mappedPolicyOIDsString ), (plContext)); descNum = (PKIX_OBJECTTOSTRINGFAILED); } else { stdVars.aPkixErrorResult = PKIX_PL_String_Create(0, "(null)" , 0, (&mappedPolicyOIDsString), (plContext)); descNum = PKIX_STRINGCREATEFAILED ; } do { stdVars.aPkixErrorResult = (stdVars.aPkixErrorResult ); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = descNum ; goto cleanup; } } while (0); } while (0) | |||
247 | PKIX_OBJECTTOSTRINGFAILED)do { int descNum; if ((state->mappedPolicyOIDs) != ((void* )0)) { stdVars.aPkixErrorResult = PKIX_PL_Object_ToString((PKIX_PL_Object *)(state->mappedPolicyOIDs), (&mappedPolicyOIDsString ), (plContext)); descNum = (PKIX_OBJECTTOSTRINGFAILED); } else { stdVars.aPkixErrorResult = PKIX_PL_String_Create(0, "(null)" , 0, (&mappedPolicyOIDsString), (plContext)); descNum = PKIX_STRINGCREATEFAILED ; } do { stdVars.aPkixErrorResult = (stdVars.aPkixErrorResult ); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = descNum ; goto cleanup; } } while (0); } while (0); | |||
248 | ||||
249 | PKIX_CHECK(PKIX_PL_Sprintfdo { stdVars.aPkixErrorResult = (PKIX_PL_Sprintf (&resultString , plContext, formatString, policiesExtOIDString, policyMapOIDString , policyConstrOIDString, inhAnyPolOIDString, anyPolicyOIDString , initialIsAnyPolicy?trueString:falseString, validPolicyTreeString , userInitialPolicySetString, mappedUserPolicySetString, policyQualifiersRejected ?trueString:falseString, initialPolicyMappingInhibit?trueString :falseString, initialExplicitPolicy?trueString:falseString, initialAnyPolicyInhibit ?trueString:falseString, state->explicitPolicy, state-> inhibitAnyPolicy, state->policyMapping, state->numCerts , state->certsProcessed, anyAtBottomString, newAnyPolicyString , certPoliciesCritical?trueString:falseString, mappedPolicyOIDsString )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_SPRINTFFAILED; goto cleanup; } } while (0) | |||
250 | (&resultString,do { stdVars.aPkixErrorResult = (PKIX_PL_Sprintf (&resultString , plContext, formatString, policiesExtOIDString, policyMapOIDString , policyConstrOIDString, inhAnyPolOIDString, anyPolicyOIDString , initialIsAnyPolicy?trueString:falseString, validPolicyTreeString , userInitialPolicySetString, mappedUserPolicySetString, policyQualifiersRejected ?trueString:falseString, initialPolicyMappingInhibit?trueString :falseString, initialExplicitPolicy?trueString:falseString, initialAnyPolicyInhibit ?trueString:falseString, state->explicitPolicy, state-> inhibitAnyPolicy, state->policyMapping, state->numCerts , state->certsProcessed, anyAtBottomString, newAnyPolicyString , certPoliciesCritical?trueString:falseString, mappedPolicyOIDsString )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_SPRINTFFAILED; goto cleanup; } } while (0) | |||
251 | plContext,do { stdVars.aPkixErrorResult = (PKIX_PL_Sprintf (&resultString , plContext, formatString, policiesExtOIDString, policyMapOIDString , policyConstrOIDString, inhAnyPolOIDString, anyPolicyOIDString , initialIsAnyPolicy?trueString:falseString, validPolicyTreeString , userInitialPolicySetString, mappedUserPolicySetString, policyQualifiersRejected ?trueString:falseString, initialPolicyMappingInhibit?trueString :falseString, initialExplicitPolicy?trueString:falseString, initialAnyPolicyInhibit ?trueString:falseString, state->explicitPolicy, state-> inhibitAnyPolicy, state->policyMapping, state->numCerts , state->certsProcessed, anyAtBottomString, newAnyPolicyString , certPoliciesCritical?trueString:falseString, mappedPolicyOIDsString )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_SPRINTFFAILED; goto cleanup; } } while (0) | |||
252 | formatString,do { stdVars.aPkixErrorResult = (PKIX_PL_Sprintf (&resultString , plContext, formatString, policiesExtOIDString, policyMapOIDString , policyConstrOIDString, inhAnyPolOIDString, anyPolicyOIDString , initialIsAnyPolicy?trueString:falseString, validPolicyTreeString , userInitialPolicySetString, mappedUserPolicySetString, policyQualifiersRejected ?trueString:falseString, initialPolicyMappingInhibit?trueString :falseString, initialExplicitPolicy?trueString:falseString, initialAnyPolicyInhibit ?trueString:falseString, state->explicitPolicy, state-> inhibitAnyPolicy, state->policyMapping, state->numCerts , state->certsProcessed, anyAtBottomString, newAnyPolicyString , certPoliciesCritical?trueString:falseString, mappedPolicyOIDsString )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_SPRINTFFAILED; goto cleanup; } } while (0) | |||
253 | policiesExtOIDString,do { stdVars.aPkixErrorResult = (PKIX_PL_Sprintf (&resultString , plContext, formatString, policiesExtOIDString, policyMapOIDString , policyConstrOIDString, inhAnyPolOIDString, anyPolicyOIDString , initialIsAnyPolicy?trueString:falseString, validPolicyTreeString , userInitialPolicySetString, mappedUserPolicySetString, policyQualifiersRejected ?trueString:falseString, initialPolicyMappingInhibit?trueString :falseString, initialExplicitPolicy?trueString:falseString, initialAnyPolicyInhibit ?trueString:falseString, state->explicitPolicy, state-> inhibitAnyPolicy, state->policyMapping, state->numCerts , state->certsProcessed, anyAtBottomString, newAnyPolicyString , certPoliciesCritical?trueString:falseString, mappedPolicyOIDsString )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_SPRINTFFAILED; goto cleanup; } } while (0) | |||
254 | policyMapOIDString,do { stdVars.aPkixErrorResult = (PKIX_PL_Sprintf (&resultString , plContext, formatString, policiesExtOIDString, policyMapOIDString , policyConstrOIDString, inhAnyPolOIDString, anyPolicyOIDString , initialIsAnyPolicy?trueString:falseString, validPolicyTreeString , userInitialPolicySetString, mappedUserPolicySetString, policyQualifiersRejected ?trueString:falseString, initialPolicyMappingInhibit?trueString :falseString, initialExplicitPolicy?trueString:falseString, initialAnyPolicyInhibit ?trueString:falseString, state->explicitPolicy, state-> inhibitAnyPolicy, state->policyMapping, state->numCerts , state->certsProcessed, anyAtBottomString, newAnyPolicyString , certPoliciesCritical?trueString:falseString, mappedPolicyOIDsString )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_SPRINTFFAILED; goto cleanup; } } while (0) | |||
255 | policyConstrOIDString,do { stdVars.aPkixErrorResult = (PKIX_PL_Sprintf (&resultString , plContext, formatString, policiesExtOIDString, policyMapOIDString , policyConstrOIDString, inhAnyPolOIDString, anyPolicyOIDString , initialIsAnyPolicy?trueString:falseString, validPolicyTreeString , userInitialPolicySetString, mappedUserPolicySetString, policyQualifiersRejected ?trueString:falseString, initialPolicyMappingInhibit?trueString :falseString, initialExplicitPolicy?trueString:falseString, initialAnyPolicyInhibit ?trueString:falseString, state->explicitPolicy, state-> inhibitAnyPolicy, state->policyMapping, state->numCerts , state->certsProcessed, anyAtBottomString, newAnyPolicyString , certPoliciesCritical?trueString:falseString, mappedPolicyOIDsString )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_SPRINTFFAILED; goto cleanup; } } while (0) | |||
256 | inhAnyPolOIDString,do { stdVars.aPkixErrorResult = (PKIX_PL_Sprintf (&resultString , plContext, formatString, policiesExtOIDString, policyMapOIDString , policyConstrOIDString, inhAnyPolOIDString, anyPolicyOIDString , initialIsAnyPolicy?trueString:falseString, validPolicyTreeString , userInitialPolicySetString, mappedUserPolicySetString, policyQualifiersRejected ?trueString:falseString, initialPolicyMappingInhibit?trueString :falseString, initialExplicitPolicy?trueString:falseString, initialAnyPolicyInhibit ?trueString:falseString, state->explicitPolicy, state-> inhibitAnyPolicy, state->policyMapping, state->numCerts , state->certsProcessed, anyAtBottomString, newAnyPolicyString , certPoliciesCritical?trueString:falseString, mappedPolicyOIDsString )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_SPRINTFFAILED; goto cleanup; } } while (0) | |||
257 | anyPolicyOIDString,do { stdVars.aPkixErrorResult = (PKIX_PL_Sprintf (&resultString , plContext, formatString, policiesExtOIDString, policyMapOIDString , policyConstrOIDString, inhAnyPolOIDString, anyPolicyOIDString , initialIsAnyPolicy?trueString:falseString, validPolicyTreeString , userInitialPolicySetString, mappedUserPolicySetString, policyQualifiersRejected ?trueString:falseString, initialPolicyMappingInhibit?trueString :falseString, initialExplicitPolicy?trueString:falseString, initialAnyPolicyInhibit ?trueString:falseString, state->explicitPolicy, state-> inhibitAnyPolicy, state->policyMapping, state->numCerts , state->certsProcessed, anyAtBottomString, newAnyPolicyString , certPoliciesCritical?trueString:falseString, mappedPolicyOIDsString )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_SPRINTFFAILED; goto cleanup; } } while (0) | |||
258 | initialIsAnyPolicy?trueString:falseString,do { stdVars.aPkixErrorResult = (PKIX_PL_Sprintf (&resultString , plContext, formatString, policiesExtOIDString, policyMapOIDString , policyConstrOIDString, inhAnyPolOIDString, anyPolicyOIDString , initialIsAnyPolicy?trueString:falseString, validPolicyTreeString , userInitialPolicySetString, mappedUserPolicySetString, policyQualifiersRejected ?trueString:falseString, initialPolicyMappingInhibit?trueString :falseString, initialExplicitPolicy?trueString:falseString, initialAnyPolicyInhibit ?trueString:falseString, state->explicitPolicy, state-> inhibitAnyPolicy, state->policyMapping, state->numCerts , state->certsProcessed, anyAtBottomString, newAnyPolicyString , certPoliciesCritical?trueString:falseString, mappedPolicyOIDsString )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_SPRINTFFAILED; goto cleanup; } } while (0) | |||
259 | validPolicyTreeString,do { stdVars.aPkixErrorResult = (PKIX_PL_Sprintf (&resultString , plContext, formatString, policiesExtOIDString, policyMapOIDString , policyConstrOIDString, inhAnyPolOIDString, anyPolicyOIDString , initialIsAnyPolicy?trueString:falseString, validPolicyTreeString , userInitialPolicySetString, mappedUserPolicySetString, policyQualifiersRejected ?trueString:falseString, initialPolicyMappingInhibit?trueString :falseString, initialExplicitPolicy?trueString:falseString, initialAnyPolicyInhibit ?trueString:falseString, state->explicitPolicy, state-> inhibitAnyPolicy, state->policyMapping, state->numCerts , state->certsProcessed, anyAtBottomString, newAnyPolicyString , certPoliciesCritical?trueString:falseString, mappedPolicyOIDsString )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_SPRINTFFAILED; goto cleanup; } } while (0) | |||
260 | userInitialPolicySetString,do { stdVars.aPkixErrorResult = (PKIX_PL_Sprintf (&resultString , plContext, formatString, policiesExtOIDString, policyMapOIDString , policyConstrOIDString, inhAnyPolOIDString, anyPolicyOIDString , initialIsAnyPolicy?trueString:falseString, validPolicyTreeString , userInitialPolicySetString, mappedUserPolicySetString, policyQualifiersRejected ?trueString:falseString, initialPolicyMappingInhibit?trueString :falseString, initialExplicitPolicy?trueString:falseString, initialAnyPolicyInhibit ?trueString:falseString, state->explicitPolicy, state-> inhibitAnyPolicy, state->policyMapping, state->numCerts , state->certsProcessed, anyAtBottomString, newAnyPolicyString , certPoliciesCritical?trueString:falseString, mappedPolicyOIDsString )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_SPRINTFFAILED; goto cleanup; } } while (0) | |||
261 | mappedUserPolicySetString,do { stdVars.aPkixErrorResult = (PKIX_PL_Sprintf (&resultString , plContext, formatString, policiesExtOIDString, policyMapOIDString , policyConstrOIDString, inhAnyPolOIDString, anyPolicyOIDString , initialIsAnyPolicy?trueString:falseString, validPolicyTreeString , userInitialPolicySetString, mappedUserPolicySetString, policyQualifiersRejected ?trueString:falseString, initialPolicyMappingInhibit?trueString :falseString, initialExplicitPolicy?trueString:falseString, initialAnyPolicyInhibit ?trueString:falseString, state->explicitPolicy, state-> inhibitAnyPolicy, state->policyMapping, state->numCerts , state->certsProcessed, anyAtBottomString, newAnyPolicyString , certPoliciesCritical?trueString:falseString, mappedPolicyOIDsString )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_SPRINTFFAILED; goto cleanup; } } while (0) | |||
262 | policyQualifiersRejected?trueString:falseString,do { stdVars.aPkixErrorResult = (PKIX_PL_Sprintf (&resultString , plContext, formatString, policiesExtOIDString, policyMapOIDString , policyConstrOIDString, inhAnyPolOIDString, anyPolicyOIDString , initialIsAnyPolicy?trueString:falseString, validPolicyTreeString , userInitialPolicySetString, mappedUserPolicySetString, policyQualifiersRejected ?trueString:falseString, initialPolicyMappingInhibit?trueString :falseString, initialExplicitPolicy?trueString:falseString, initialAnyPolicyInhibit ?trueString:falseString, state->explicitPolicy, state-> inhibitAnyPolicy, state->policyMapping, state->numCerts , state->certsProcessed, anyAtBottomString, newAnyPolicyString , certPoliciesCritical?trueString:falseString, mappedPolicyOIDsString )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_SPRINTFFAILED; goto cleanup; } } while (0) | |||
263 | initialPolicyMappingInhibit?trueString:falseString,do { stdVars.aPkixErrorResult = (PKIX_PL_Sprintf (&resultString , plContext, formatString, policiesExtOIDString, policyMapOIDString , policyConstrOIDString, inhAnyPolOIDString, anyPolicyOIDString , initialIsAnyPolicy?trueString:falseString, validPolicyTreeString , userInitialPolicySetString, mappedUserPolicySetString, policyQualifiersRejected ?trueString:falseString, initialPolicyMappingInhibit?trueString :falseString, initialExplicitPolicy?trueString:falseString, initialAnyPolicyInhibit ?trueString:falseString, state->explicitPolicy, state-> inhibitAnyPolicy, state->policyMapping, state->numCerts , state->certsProcessed, anyAtBottomString, newAnyPolicyString , certPoliciesCritical?trueString:falseString, mappedPolicyOIDsString )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_SPRINTFFAILED; goto cleanup; } } while (0) | |||
264 | initialExplicitPolicy?trueString:falseString,do { stdVars.aPkixErrorResult = (PKIX_PL_Sprintf (&resultString , plContext, formatString, policiesExtOIDString, policyMapOIDString , policyConstrOIDString, inhAnyPolOIDString, anyPolicyOIDString , initialIsAnyPolicy?trueString:falseString, validPolicyTreeString , userInitialPolicySetString, mappedUserPolicySetString, policyQualifiersRejected ?trueString:falseString, initialPolicyMappingInhibit?trueString :falseString, initialExplicitPolicy?trueString:falseString, initialAnyPolicyInhibit ?trueString:falseString, state->explicitPolicy, state-> inhibitAnyPolicy, state->policyMapping, state->numCerts , state->certsProcessed, anyAtBottomString, newAnyPolicyString , certPoliciesCritical?trueString:falseString, mappedPolicyOIDsString )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_SPRINTFFAILED; goto cleanup; } } while (0) | |||
265 | initialAnyPolicyInhibit?trueString:falseString,do { stdVars.aPkixErrorResult = (PKIX_PL_Sprintf (&resultString , plContext, formatString, policiesExtOIDString, policyMapOIDString , policyConstrOIDString, inhAnyPolOIDString, anyPolicyOIDString , initialIsAnyPolicy?trueString:falseString, validPolicyTreeString , userInitialPolicySetString, mappedUserPolicySetString, policyQualifiersRejected ?trueString:falseString, initialPolicyMappingInhibit?trueString :falseString, initialExplicitPolicy?trueString:falseString, initialAnyPolicyInhibit ?trueString:falseString, state->explicitPolicy, state-> inhibitAnyPolicy, state->policyMapping, state->numCerts , state->certsProcessed, anyAtBottomString, newAnyPolicyString , certPoliciesCritical?trueString:falseString, mappedPolicyOIDsString )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_SPRINTFFAILED; goto cleanup; } } while (0) | |||
266 | state->explicitPolicy,do { stdVars.aPkixErrorResult = (PKIX_PL_Sprintf (&resultString , plContext, formatString, policiesExtOIDString, policyMapOIDString , policyConstrOIDString, inhAnyPolOIDString, anyPolicyOIDString , initialIsAnyPolicy?trueString:falseString, validPolicyTreeString , userInitialPolicySetString, mappedUserPolicySetString, policyQualifiersRejected ?trueString:falseString, initialPolicyMappingInhibit?trueString :falseString, initialExplicitPolicy?trueString:falseString, initialAnyPolicyInhibit ?trueString:falseString, state->explicitPolicy, state-> inhibitAnyPolicy, state->policyMapping, state->numCerts , state->certsProcessed, anyAtBottomString, newAnyPolicyString , certPoliciesCritical?trueString:falseString, mappedPolicyOIDsString )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_SPRINTFFAILED; goto cleanup; } } while (0) | |||
267 | state->inhibitAnyPolicy,do { stdVars.aPkixErrorResult = (PKIX_PL_Sprintf (&resultString , plContext, formatString, policiesExtOIDString, policyMapOIDString , policyConstrOIDString, inhAnyPolOIDString, anyPolicyOIDString , initialIsAnyPolicy?trueString:falseString, validPolicyTreeString , userInitialPolicySetString, mappedUserPolicySetString, policyQualifiersRejected ?trueString:falseString, initialPolicyMappingInhibit?trueString :falseString, initialExplicitPolicy?trueString:falseString, initialAnyPolicyInhibit ?trueString:falseString, state->explicitPolicy, state-> inhibitAnyPolicy, state->policyMapping, state->numCerts , state->certsProcessed, anyAtBottomString, newAnyPolicyString , certPoliciesCritical?trueString:falseString, mappedPolicyOIDsString )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_SPRINTFFAILED; goto cleanup; } } while (0) | |||
268 | state->policyMapping,do { stdVars.aPkixErrorResult = (PKIX_PL_Sprintf (&resultString , plContext, formatString, policiesExtOIDString, policyMapOIDString , policyConstrOIDString, inhAnyPolOIDString, anyPolicyOIDString , initialIsAnyPolicy?trueString:falseString, validPolicyTreeString , userInitialPolicySetString, mappedUserPolicySetString, policyQualifiersRejected ?trueString:falseString, initialPolicyMappingInhibit?trueString :falseString, initialExplicitPolicy?trueString:falseString, initialAnyPolicyInhibit ?trueString:falseString, state->explicitPolicy, state-> inhibitAnyPolicy, state->policyMapping, state->numCerts , state->certsProcessed, anyAtBottomString, newAnyPolicyString , certPoliciesCritical?trueString:falseString, mappedPolicyOIDsString )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_SPRINTFFAILED; goto cleanup; } } while (0) | |||
269 | state->numCerts,do { stdVars.aPkixErrorResult = (PKIX_PL_Sprintf (&resultString , plContext, formatString, policiesExtOIDString, policyMapOIDString , policyConstrOIDString, inhAnyPolOIDString, anyPolicyOIDString , initialIsAnyPolicy?trueString:falseString, validPolicyTreeString , userInitialPolicySetString, mappedUserPolicySetString, policyQualifiersRejected ?trueString:falseString, initialPolicyMappingInhibit?trueString :falseString, initialExplicitPolicy?trueString:falseString, initialAnyPolicyInhibit ?trueString:falseString, state->explicitPolicy, state-> inhibitAnyPolicy, state->policyMapping, state->numCerts , state->certsProcessed, anyAtBottomString, newAnyPolicyString , certPoliciesCritical?trueString:falseString, mappedPolicyOIDsString )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_SPRINTFFAILED; goto cleanup; } } while (0) | |||
270 | state->certsProcessed,do { stdVars.aPkixErrorResult = (PKIX_PL_Sprintf (&resultString , plContext, formatString, policiesExtOIDString, policyMapOIDString , policyConstrOIDString, inhAnyPolOIDString, anyPolicyOIDString , initialIsAnyPolicy?trueString:falseString, validPolicyTreeString , userInitialPolicySetString, mappedUserPolicySetString, policyQualifiersRejected ?trueString:falseString, initialPolicyMappingInhibit?trueString :falseString, initialExplicitPolicy?trueString:falseString, initialAnyPolicyInhibit ?trueString:falseString, state->explicitPolicy, state-> inhibitAnyPolicy, state->policyMapping, state->numCerts , state->certsProcessed, anyAtBottomString, newAnyPolicyString , certPoliciesCritical?trueString:falseString, mappedPolicyOIDsString )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_SPRINTFFAILED; goto cleanup; } } while (0) | |||
271 | anyAtBottomString,do { stdVars.aPkixErrorResult = (PKIX_PL_Sprintf (&resultString , plContext, formatString, policiesExtOIDString, policyMapOIDString , policyConstrOIDString, inhAnyPolOIDString, anyPolicyOIDString , initialIsAnyPolicy?trueString:falseString, validPolicyTreeString , userInitialPolicySetString, mappedUserPolicySetString, policyQualifiersRejected ?trueString:falseString, initialPolicyMappingInhibit?trueString :falseString, initialExplicitPolicy?trueString:falseString, initialAnyPolicyInhibit ?trueString:falseString, state->explicitPolicy, state-> inhibitAnyPolicy, state->policyMapping, state->numCerts , state->certsProcessed, anyAtBottomString, newAnyPolicyString , certPoliciesCritical?trueString:falseString, mappedPolicyOIDsString )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_SPRINTFFAILED; goto cleanup; } } while (0) | |||
272 | newAnyPolicyString,do { stdVars.aPkixErrorResult = (PKIX_PL_Sprintf (&resultString , plContext, formatString, policiesExtOIDString, policyMapOIDString , policyConstrOIDString, inhAnyPolOIDString, anyPolicyOIDString , initialIsAnyPolicy?trueString:falseString, validPolicyTreeString , userInitialPolicySetString, mappedUserPolicySetString, policyQualifiersRejected ?trueString:falseString, initialPolicyMappingInhibit?trueString :falseString, initialExplicitPolicy?trueString:falseString, initialAnyPolicyInhibit ?trueString:falseString, state->explicitPolicy, state-> inhibitAnyPolicy, state->policyMapping, state->numCerts , state->certsProcessed, anyAtBottomString, newAnyPolicyString , certPoliciesCritical?trueString:falseString, mappedPolicyOIDsString )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_SPRINTFFAILED; goto cleanup; } } while (0) | |||
273 | certPoliciesCritical?trueString:falseString,do { stdVars.aPkixErrorResult = (PKIX_PL_Sprintf (&resultString , plContext, formatString, policiesExtOIDString, policyMapOIDString , policyConstrOIDString, inhAnyPolOIDString, anyPolicyOIDString , initialIsAnyPolicy?trueString:falseString, validPolicyTreeString , userInitialPolicySetString, mappedUserPolicySetString, policyQualifiersRejected ?trueString:falseString, initialPolicyMappingInhibit?trueString :falseString, initialExplicitPolicy?trueString:falseString, initialAnyPolicyInhibit ?trueString:falseString, state->explicitPolicy, state-> inhibitAnyPolicy, state->policyMapping, state->numCerts , state->certsProcessed, anyAtBottomString, newAnyPolicyString , certPoliciesCritical?trueString:falseString, mappedPolicyOIDsString )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_SPRINTFFAILED; goto cleanup; } } while (0) | |||
274 | mappedPolicyOIDsString),do { stdVars.aPkixErrorResult = (PKIX_PL_Sprintf (&resultString , plContext, formatString, policiesExtOIDString, policyMapOIDString , policyConstrOIDString, inhAnyPolOIDString, anyPolicyOIDString , initialIsAnyPolicy?trueString:falseString, validPolicyTreeString , userInitialPolicySetString, mappedUserPolicySetString, policyQualifiersRejected ?trueString:falseString, initialPolicyMappingInhibit?trueString :falseString, initialExplicitPolicy?trueString:falseString, initialAnyPolicyInhibit ?trueString:falseString, state->explicitPolicy, state-> inhibitAnyPolicy, state->policyMapping, state->numCerts , state->certsProcessed, anyAtBottomString, newAnyPolicyString , certPoliciesCritical?trueString:falseString, mappedPolicyOIDsString )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_SPRINTFFAILED; goto cleanup; } } while (0) | |||
275 | PKIX_SPRINTFFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_Sprintf (&resultString , plContext, formatString, policiesExtOIDString, policyMapOIDString , policyConstrOIDString, inhAnyPolOIDString, anyPolicyOIDString , initialIsAnyPolicy?trueString:falseString, validPolicyTreeString , userInitialPolicySetString, mappedUserPolicySetString, policyQualifiersRejected ?trueString:falseString, initialPolicyMappingInhibit?trueString :falseString, initialExplicitPolicy?trueString:falseString, initialAnyPolicyInhibit ?trueString:falseString, state->explicitPolicy, state-> inhibitAnyPolicy, state->policyMapping, state->numCerts , state->certsProcessed, anyAtBottomString, newAnyPolicyString , certPoliciesCritical?trueString:falseString, mappedPolicyOIDsString )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_SPRINTFFAILED; goto cleanup; } } while (0); | |||
276 | ||||
277 | *pCheckerStateString = resultString; | |||
278 | ||||
279 | cleanup: | |||
280 | PKIX_DECREF(policiesExtOIDString)do { if (policiesExtOIDString){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(policiesExtOIDString), plContext); if (stdVars .aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); } policiesExtOIDString = ((void*)0); } } while (0); | |||
281 | PKIX_DECREF(policyMapOIDString)do { if (policyMapOIDString){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(policyMapOIDString), plContext); if (stdVars .aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); } policyMapOIDString = ((void*)0); } } while (0); | |||
282 | PKIX_DECREF(policyConstrOIDString)do { if (policyConstrOIDString){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(policyConstrOIDString), plContext); if ( stdVars.aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars .aPkixTempResult, plContext); stdVars.aPkixTempResult = ((void *)0); } policyConstrOIDString = ((void*)0); } } while (0); | |||
283 | PKIX_DECREF(inhAnyPolOIDString)do { if (inhAnyPolOIDString){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(inhAnyPolOIDString), plContext); if (stdVars .aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); } inhAnyPolOIDString = ((void*)0); } } while (0); | |||
284 | PKIX_DECREF(anyPolicyOIDString)do { if (anyPolicyOIDString){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(anyPolicyOIDString), plContext); if (stdVars .aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); } anyPolicyOIDString = ((void*)0); } } while (0); | |||
285 | PKIX_DECREF(validPolicyTreeString)do { if (validPolicyTreeString){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(validPolicyTreeString), plContext); if ( stdVars.aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars .aPkixTempResult, plContext); stdVars.aPkixTempResult = ((void *)0); } validPolicyTreeString = ((void*)0); } } while (0); | |||
286 | PKIX_DECREF(userInitialPolicySetString)do { if (userInitialPolicySetString){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(userInitialPolicySetString ), plContext); if (stdVars.aPkixTempResult) { PKIX_DoAddError (&stdVars, stdVars.aPkixTempResult, plContext); stdVars.aPkixTempResult = ((void*)0); } userInitialPolicySetString = ((void*)0); } } while (0); | |||
287 | PKIX_DECREF(mappedUserPolicySetString)do { if (mappedUserPolicySetString){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(mappedUserPolicySetString ), plContext); if (stdVars.aPkixTempResult) { PKIX_DoAddError (&stdVars, stdVars.aPkixTempResult, plContext); stdVars.aPkixTempResult = ((void*)0); } mappedUserPolicySetString = ((void*)0); } } while (0); | |||
288 | PKIX_DECREF(anyAtBottomString)do { if (anyAtBottomString){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(anyAtBottomString), plContext); if (stdVars .aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); } anyAtBottomString = ((void*)0); } } while (0); | |||
289 | PKIX_DECREF(newAnyPolicyString)do { if (newAnyPolicyString){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(newAnyPolicyString), plContext); if (stdVars .aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); } newAnyPolicyString = ((void*)0); } } while (0); | |||
290 | PKIX_DECREF(mappedPolicyOIDsString)do { if (mappedPolicyOIDsString){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(mappedPolicyOIDsString), plContext); if ( stdVars.aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars .aPkixTempResult, plContext); stdVars.aPkixTempResult = ((void *)0); } mappedPolicyOIDsString = ((void*)0); } } while (0); | |||
291 | PKIX_DECREF(formatString)do { if (formatString){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(formatString), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } formatString = ((void *)0); } } while (0); | |||
292 | PKIX_DECREF(trueString)do { if (trueString){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(trueString), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } trueString = ((void *)0); } } while (0); | |||
293 | PKIX_DECREF(falseString)do { if (falseString){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(falseString), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } falseString = ((void *)0); } } while (0); | |||
294 | PKIX_DECREF(nullString)do { if (nullString){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(nullString), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } nullString = ((void *)0); } } while (0); | |||
295 | ||||
296 | PKIX_RETURN(CERTPOLICYCHECKERSTATE)return PKIX_DoReturn(&stdVars, (PKIX_CERTPOLICYCHECKERSTATE_ERROR ), ((PKIX_Boolean) 1), plContext);; | |||
297 | } | |||
298 | ||||
299 | /* | |||
300 | * FUNCTION: pkix_PolicyCheckerState_RegisterSelf | |||
301 | * DESCRIPTION: | |||
302 | * | |||
303 | * Registers PKIX_POLICYCHECKERSTATE_TYPE and its related functions | |||
304 | * with systemClasses[] | |||
305 | * | |||
306 | * PARAMETERS: | |||
307 | * "plContext" | |||
308 | * Platform-specific context pointer. | |||
309 | * THREAD SAFETY: | |||
310 | * Not Thread Safe - for performance and complexity reasons | |||
311 | * | |||
312 | * Since this function is only called by PKIX_PL_Initialize, which should | |||
313 | * only be called once, it is acceptable that this function is not | |||
314 | * thread-safe. | |||
315 | */ | |||
316 | PKIX_Error * | |||
317 | pkix_PolicyCheckerState_RegisterSelf(void *plContext) | |||
318 | { | |||
319 | extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES]; | |||
320 | pkix_ClassTable_Entry entry; | |||
321 | ||||
322 | PKIX_ENTERstatic const char cMyFuncName[] = {"pkix_PolicyCheckerState_RegisterSelf" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTPOLICYCHECKERSTATE_ERROR; ; do { if (pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0); | |||
323 | (CERTPOLICYCHECKERSTATE,static const char cMyFuncName[] = {"pkix_PolicyCheckerState_RegisterSelf" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTPOLICYCHECKERSTATE_ERROR; ; do { if (pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0); | |||
324 | "pkix_PolicyCheckerState_RegisterSelf")static const char cMyFuncName[] = {"pkix_PolicyCheckerState_RegisterSelf" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTPOLICYCHECKERSTATE_ERROR; ; do { if (pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0);; | |||
325 | ||||
326 | entry.description = "PolicyCheckerState"; | |||
327 | entry.objCounter = 0; | |||
328 | entry.typeObjectSize = sizeof(PKIX_PolicyCheckerState); | |||
329 | entry.destructor = pkix_PolicyCheckerState_Destroy; | |||
330 | entry.equalsFunction = NULL((void*)0); | |||
331 | entry.hashcodeFunction = NULL((void*)0); | |||
332 | entry.toStringFunction = pkix_PolicyCheckerState_ToString; | |||
333 | entry.comparator = NULL((void*)0); | |||
334 | entry.duplicateFunction = NULL((void*)0); | |||
335 | ||||
336 | systemClasses[PKIX_CERTPOLICYCHECKERSTATE_TYPE] = entry; | |||
337 | ||||
338 | PKIX_RETURN(CERTPOLICYCHECKERSTATE)return PKIX_DoReturn(&stdVars, (PKIX_CERTPOLICYCHECKERSTATE_ERROR ), ((PKIX_Boolean) 1), plContext);; | |||
339 | } | |||
340 | ||||
341 | /* | |||
342 | * FUNCTION:pkix_PolicyCheckerState_Create | |||
343 | * DESCRIPTION: | |||
344 | * | |||
345 | * Creates a PolicyCheckerState Object, using the List pointed to | |||
346 | * by "initialPolicies" for the user-initial-policy-set, the Boolean value | |||
347 | * of "policyQualifiersRejected" for the policyQualifiersRejected parameter, | |||
348 | * the Boolean value of "initialPolicyMappingInhibit" for the | |||
349 | * inhibitPolicyMappings parameter, the Boolean value of | |||
350 | * "initialExplicitPolicy" for the initialExplicitPolicy parameter, the | |||
351 | * Boolean value of "initialAnyPolicyInhibit" for the inhibitAnyPolicy | |||
352 | * parameter, and the UInt32 value of "numCerts" as the number of | |||
353 | * certificates in the chain; and stores the Object at "pCheckerState". | |||
354 | * | |||
355 | * PARAMETERS: | |||
356 | * "initialPolicies" | |||
357 | * Address of List of OIDs comprising the user-initial-policy-set; the List | |||
358 | * may be empty, but must be non-NULL | |||
359 | * "policyQualifiersRejected" | |||
360 | * Boolean value of the policyQualifiersRejected parameter | |||
361 | * "initialPolicyMappingInhibit" | |||
362 | * Boolean value of the inhibitPolicyMappings parameter | |||
363 | * "initialExplicitPolicy" | |||
364 | * Boolean value of the initialExplicitPolicy parameter | |||
365 | * "initialAnyPolicyInhibit" | |||
366 | * Boolean value of the inhibitAnyPolicy parameter | |||
367 | * "numCerts" | |||
368 | * Number of certificates in the chain to be validated | |||
369 | * "pCheckerState" | |||
370 | * Address where PolicyCheckerState will be stored. Must be non-NULL. | |||
371 | * "plContext" | |||
372 | * Platform-specific context pointer. | |||
373 | * THREAD SAFETY: | |||
374 | * Thread Safe (see Thread Safety Definitions in Programmer's Guide) | |||
375 | * RETURNS: | |||
376 | * Returns NULL if the function succeeds | |||
377 | * Returns a CertPolicyCheckerState Error if the functions fails in a | |||
378 | * non-fatal way | |||
379 | * Returns a Fatal Error if the function fails in an unrecoverable way | |||
380 | */ | |||
381 | static PKIX_Error * | |||
382 | pkix_PolicyCheckerState_Create( | |||
383 | PKIX_List *initialPolicies, | |||
384 | PKIX_Boolean policyQualifiersRejected, | |||
385 | PKIX_Boolean initialPolicyMappingInhibit, | |||
386 | PKIX_Boolean initialExplicitPolicy, | |||
387 | PKIX_Boolean initialAnyPolicyInhibit, | |||
388 | PKIX_UInt32 numCerts, | |||
389 | PKIX_PolicyCheckerState **pCheckerState, | |||
390 | void *plContext) | |||
391 | { | |||
392 | PKIX_PolicyCheckerState *checkerState = NULL((void*)0); | |||
393 | PKIX_PolicyNode *policyNode = NULL((void*)0); | |||
394 | PKIX_List *anyPolicyList = NULL((void*)0); | |||
395 | PKIX_Boolean initialPoliciesIsEmpty = PKIX_FALSE((PKIX_Boolean) 0); | |||
396 | ||||
397 | PKIX_ENTER(CERTPOLICYCHECKERSTATE, "pkix_PolicyCheckerState_Create")static const char cMyFuncName[] = {"pkix_PolicyCheckerState_Create" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTPOLICYCHECKERSTATE_ERROR; ; do { if (pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0);; | |||
398 | PKIX_NULLCHECK_TWO(initialPolicies, pCheckerState)do { if (((initialPolicies) == ((void*)0)) || ((pCheckerState ) == ((void*)0))){ stdVars.aPkixErrorReceived = ((PKIX_Boolean ) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT; return PKIX_DoReturn (&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean) 1), plContext );; } } while (0); | |||
399 | ||||
400 | PKIX_CHECK(PKIX_PL_Object_Allocdo { stdVars.aPkixErrorResult = (PKIX_PL_Object_Alloc (PKIX_CERTPOLICYCHECKERSTATE_TYPE , sizeof (PKIX_PolicyCheckerState), (PKIX_PL_Object **)&checkerState , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_COULDNOTCREATEPOLICYCHECKERSTATEOBJECT; goto cleanup; } } while (0) | |||
401 | (PKIX_CERTPOLICYCHECKERSTATE_TYPE,do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Alloc (PKIX_CERTPOLICYCHECKERSTATE_TYPE , sizeof (PKIX_PolicyCheckerState), (PKIX_PL_Object **)&checkerState , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_COULDNOTCREATEPOLICYCHECKERSTATEOBJECT; goto cleanup; } } while (0) | |||
402 | sizeof (PKIX_PolicyCheckerState),do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Alloc (PKIX_CERTPOLICYCHECKERSTATE_TYPE , sizeof (PKIX_PolicyCheckerState), (PKIX_PL_Object **)&checkerState , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_COULDNOTCREATEPOLICYCHECKERSTATEOBJECT; goto cleanup; } } while (0) | |||
403 | (PKIX_PL_Object **)&checkerState,do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Alloc (PKIX_CERTPOLICYCHECKERSTATE_TYPE , sizeof (PKIX_PolicyCheckerState), (PKIX_PL_Object **)&checkerState , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_COULDNOTCREATEPOLICYCHECKERSTATEOBJECT; goto cleanup; } } while (0) | |||
404 | plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Alloc (PKIX_CERTPOLICYCHECKERSTATE_TYPE , sizeof (PKIX_PolicyCheckerState), (PKIX_PL_Object **)&checkerState , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_COULDNOTCREATEPOLICYCHECKERSTATEOBJECT; goto cleanup; } } while (0) | |||
405 | PKIX_COULDNOTCREATEPOLICYCHECKERSTATEOBJECT)do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Alloc (PKIX_CERTPOLICYCHECKERSTATE_TYPE , sizeof (PKIX_PolicyCheckerState), (PKIX_PL_Object **)&checkerState , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_COULDNOTCREATEPOLICYCHECKERSTATEOBJECT; goto cleanup; } } while (0); | |||
406 | ||||
407 | /* Create constant PKIX_PL_OIDs: */ | |||
408 | ||||
409 | PKIX_CHECK(PKIX_PL_OID_Createdo { stdVars.aPkixErrorResult = (PKIX_PL_OID_Create (SEC_OID_X509_CERTIFICATE_POLICIES , &(checkerState->certPoliciesExtension), plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OIDCREATEFAILED ; goto cleanup; } } while (0) | |||
410 | (PKIX_CERTIFICATEPOLICIES_OID,do { stdVars.aPkixErrorResult = (PKIX_PL_OID_Create (SEC_OID_X509_CERTIFICATE_POLICIES , &(checkerState->certPoliciesExtension), plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OIDCREATEFAILED ; goto cleanup; } } while (0) | |||
411 | &(checkerState->certPoliciesExtension),do { stdVars.aPkixErrorResult = (PKIX_PL_OID_Create (SEC_OID_X509_CERTIFICATE_POLICIES , &(checkerState->certPoliciesExtension), plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OIDCREATEFAILED ; goto cleanup; } } while (0) | |||
412 | plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_OID_Create (SEC_OID_X509_CERTIFICATE_POLICIES , &(checkerState->certPoliciesExtension), plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OIDCREATEFAILED ; goto cleanup; } } while (0) | |||
413 | PKIX_OIDCREATEFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_OID_Create (SEC_OID_X509_CERTIFICATE_POLICIES , &(checkerState->certPoliciesExtension), plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OIDCREATEFAILED ; goto cleanup; } } while (0); | |||
414 | ||||
415 | PKIX_CHECK(PKIX_PL_OID_Createdo { stdVars.aPkixErrorResult = (PKIX_PL_OID_Create (SEC_OID_X509_POLICY_MAPPINGS , &(checkerState->policyMappingsExtension), plContext) ); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OIDCREATEFAILED ; goto cleanup; } } while (0) | |||
416 | (PKIX_POLICYMAPPINGS_OID,do { stdVars.aPkixErrorResult = (PKIX_PL_OID_Create (SEC_OID_X509_POLICY_MAPPINGS , &(checkerState->policyMappingsExtension), plContext) ); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OIDCREATEFAILED ; goto cleanup; } } while (0) | |||
417 | &(checkerState->policyMappingsExtension),do { stdVars.aPkixErrorResult = (PKIX_PL_OID_Create (SEC_OID_X509_POLICY_MAPPINGS , &(checkerState->policyMappingsExtension), plContext) ); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OIDCREATEFAILED ; goto cleanup; } } while (0) | |||
418 | plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_OID_Create (SEC_OID_X509_POLICY_MAPPINGS , &(checkerState->policyMappingsExtension), plContext) ); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OIDCREATEFAILED ; goto cleanup; } } while (0) | |||
419 | PKIX_OIDCREATEFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_OID_Create (SEC_OID_X509_POLICY_MAPPINGS , &(checkerState->policyMappingsExtension), plContext) ); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OIDCREATEFAILED ; goto cleanup; } } while (0); | |||
420 | ||||
421 | PKIX_CHECK(PKIX_PL_OID_Createdo { stdVars.aPkixErrorResult = (PKIX_PL_OID_Create (SEC_OID_X509_POLICY_CONSTRAINTS , &(checkerState->policyConstraintsExtension), plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OIDCREATEFAILED; goto cleanup; } } while (0) | |||
422 | (PKIX_POLICYCONSTRAINTS_OID,do { stdVars.aPkixErrorResult = (PKIX_PL_OID_Create (SEC_OID_X509_POLICY_CONSTRAINTS , &(checkerState->policyConstraintsExtension), plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OIDCREATEFAILED; goto cleanup; } } while (0) | |||
423 | &(checkerState->policyConstraintsExtension),do { stdVars.aPkixErrorResult = (PKIX_PL_OID_Create (SEC_OID_X509_POLICY_CONSTRAINTS , &(checkerState->policyConstraintsExtension), plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OIDCREATEFAILED; goto cleanup; } } while (0) | |||
424 | plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_OID_Create (SEC_OID_X509_POLICY_CONSTRAINTS , &(checkerState->policyConstraintsExtension), plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OIDCREATEFAILED; goto cleanup; } } while (0) | |||
425 | PKIX_OIDCREATEFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_OID_Create (SEC_OID_X509_POLICY_CONSTRAINTS , &(checkerState->policyConstraintsExtension), plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OIDCREATEFAILED; goto cleanup; } } while (0); | |||
426 | ||||
427 | PKIX_CHECK(PKIX_PL_OID_Createdo { stdVars.aPkixErrorResult = (PKIX_PL_OID_Create (SEC_OID_X509_INHIBIT_ANY_POLICY , &(checkerState->inhibitAnyPolicyExtension), plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OIDCREATEFAILED; goto cleanup; } } while (0) | |||
428 | (PKIX_INHIBITANYPOLICY_OID,do { stdVars.aPkixErrorResult = (PKIX_PL_OID_Create (SEC_OID_X509_INHIBIT_ANY_POLICY , &(checkerState->inhibitAnyPolicyExtension), plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OIDCREATEFAILED; goto cleanup; } } while (0) | |||
429 | &(checkerState->inhibitAnyPolicyExtension),do { stdVars.aPkixErrorResult = (PKIX_PL_OID_Create (SEC_OID_X509_INHIBIT_ANY_POLICY , &(checkerState->inhibitAnyPolicyExtension), plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OIDCREATEFAILED; goto cleanup; } } while (0) | |||
430 | plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_OID_Create (SEC_OID_X509_INHIBIT_ANY_POLICY , &(checkerState->inhibitAnyPolicyExtension), plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OIDCREATEFAILED; goto cleanup; } } while (0) | |||
431 | PKIX_OIDCREATEFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_OID_Create (SEC_OID_X509_INHIBIT_ANY_POLICY , &(checkerState->inhibitAnyPolicyExtension), plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OIDCREATEFAILED; goto cleanup; } } while (0); | |||
432 | ||||
433 | PKIX_CHECK(PKIX_PL_OID_Createdo { stdVars.aPkixErrorResult = (PKIX_PL_OID_Create (SEC_OID_X509_ANY_POLICY , &(checkerState->anyPolicyOID), plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_OIDCREATEFAILED; goto cleanup; } } while (0) | |||
434 | (PKIX_CERTIFICATEPOLICIES_ANYPOLICY_OID,do { stdVars.aPkixErrorResult = (PKIX_PL_OID_Create (SEC_OID_X509_ANY_POLICY , &(checkerState->anyPolicyOID), plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_OIDCREATEFAILED; goto cleanup; } } while (0) | |||
435 | &(checkerState->anyPolicyOID),do { stdVars.aPkixErrorResult = (PKIX_PL_OID_Create (SEC_OID_X509_ANY_POLICY , &(checkerState->anyPolicyOID), plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_OIDCREATEFAILED; goto cleanup; } } while (0) | |||
436 | plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_OID_Create (SEC_OID_X509_ANY_POLICY , &(checkerState->anyPolicyOID), plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_OIDCREATEFAILED; goto cleanup; } } while (0) | |||
437 | PKIX_OIDCREATEFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_OID_Create (SEC_OID_X509_ANY_POLICY , &(checkerState->anyPolicyOID), plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_OIDCREATEFAILED; goto cleanup; } } while (0); | |||
438 | ||||
439 | /* Create an initial policy set from argument supplied */ | |||
440 | PKIX_INCREF(initialPolicies)do { if (initialPolicies){ stdVars.aPkixTempResult = PKIX_PL_Object_IncRef ((PKIX_PL_Object *)(initialPolicies), plContext); if (stdVars .aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); goto cleanup ; } } } while (0); | |||
441 | checkerState->userInitialPolicySet = initialPolicies; | |||
442 | PKIX_INCREF(initialPolicies)do { if (initialPolicies){ stdVars.aPkixTempResult = PKIX_PL_Object_IncRef ((PKIX_PL_Object *)(initialPolicies), plContext); if (stdVars .aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); goto cleanup ; } } } while (0); | |||
443 | checkerState->mappedUserInitialPolicySet = initialPolicies; | |||
444 | ||||
445 | PKIX_CHECK(PKIX_List_IsEmptydo { stdVars.aPkixErrorResult = (PKIX_List_IsEmpty (initialPolicies , &initialPoliciesIsEmpty, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTISEMPTYFAILED; goto cleanup ; } } while (0) | |||
446 | (initialPolicies,do { stdVars.aPkixErrorResult = (PKIX_List_IsEmpty (initialPolicies , &initialPoliciesIsEmpty, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTISEMPTYFAILED; goto cleanup ; } } while (0) | |||
447 | &initialPoliciesIsEmpty,do { stdVars.aPkixErrorResult = (PKIX_List_IsEmpty (initialPolicies , &initialPoliciesIsEmpty, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTISEMPTYFAILED; goto cleanup ; } } while (0) | |||
448 | plContext),do { stdVars.aPkixErrorResult = (PKIX_List_IsEmpty (initialPolicies , &initialPoliciesIsEmpty, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTISEMPTYFAILED; goto cleanup ; } } while (0) | |||
449 | PKIX_LISTISEMPTYFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_IsEmpty (initialPolicies , &initialPoliciesIsEmpty, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTISEMPTYFAILED; goto cleanup ; } } while (0); | |||
450 | if (initialPoliciesIsEmpty) { | |||
451 | checkerState->initialIsAnyPolicy = PKIX_TRUE((PKIX_Boolean) 1); | |||
452 | } else { | |||
453 | PKIX_CHECK(pkix_List_Containsdo { stdVars.aPkixErrorResult = (pkix_List_Contains (initialPolicies , (PKIX_PL_Object *)(checkerState->anyPolicyOID), &(checkerState ->initialIsAnyPolicy), plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTCONTAINSFAILED; goto cleanup ; } } while (0) | |||
454 | (initialPolicies,do { stdVars.aPkixErrorResult = (pkix_List_Contains (initialPolicies , (PKIX_PL_Object *)(checkerState->anyPolicyOID), &(checkerState ->initialIsAnyPolicy), plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTCONTAINSFAILED; goto cleanup ; } } while (0) | |||
455 | (PKIX_PL_Object *)(checkerState->anyPolicyOID),do { stdVars.aPkixErrorResult = (pkix_List_Contains (initialPolicies , (PKIX_PL_Object *)(checkerState->anyPolicyOID), &(checkerState ->initialIsAnyPolicy), plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTCONTAINSFAILED; goto cleanup ; } } while (0) | |||
456 | &(checkerState->initialIsAnyPolicy),do { stdVars.aPkixErrorResult = (pkix_List_Contains (initialPolicies , (PKIX_PL_Object *)(checkerState->anyPolicyOID), &(checkerState ->initialIsAnyPolicy), plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTCONTAINSFAILED; goto cleanup ; } } while (0) | |||
457 | plContext),do { stdVars.aPkixErrorResult = (pkix_List_Contains (initialPolicies , (PKIX_PL_Object *)(checkerState->anyPolicyOID), &(checkerState ->initialIsAnyPolicy), plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTCONTAINSFAILED; goto cleanup ; } } while (0) | |||
458 | PKIX_LISTCONTAINSFAILED)do { stdVars.aPkixErrorResult = (pkix_List_Contains (initialPolicies , (PKIX_PL_Object *)(checkerState->anyPolicyOID), &(checkerState ->initialIsAnyPolicy), plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTCONTAINSFAILED; goto cleanup ; } } while (0); | |||
459 | } | |||
460 | ||||
461 | checkerState->policyQualifiersRejected = | |||
462 | policyQualifiersRejected; | |||
463 | checkerState->initialExplicitPolicy = initialExplicitPolicy; | |||
464 | checkerState->explicitPolicy = | |||
465 | (initialExplicitPolicy? 0: numCerts + 1); | |||
466 | checkerState->initialAnyPolicyInhibit = initialAnyPolicyInhibit; | |||
467 | checkerState->inhibitAnyPolicy = | |||
468 | (initialAnyPolicyInhibit? 0: numCerts + 1); | |||
469 | checkerState->initialPolicyMappingInhibit = initialPolicyMappingInhibit; | |||
470 | checkerState->policyMapping = | |||
471 | (initialPolicyMappingInhibit? 0: numCerts + 1); | |||
472 | ; | |||
473 | checkerState->numCerts = numCerts; | |||
474 | checkerState->certsProcessed = 0; | |||
475 | checkerState->certPoliciesCritical = PKIX_FALSE((PKIX_Boolean) 0); | |||
476 | ||||
477 | /* Create a valid_policy_tree as in RFC3280 6.1.2(a) */ | |||
478 | PKIX_CHECK(pkix_PolicyChecker_MakeSingletondo { stdVars.aPkixErrorResult = (pkix_PolicyChecker_MakeSingleton ((PKIX_PL_Object *)(checkerState->anyPolicyOID), ((PKIX_Boolean ) 1), &anyPolicyList, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERMAKESINGLETONFAILED ; goto cleanup; } } while (0) | |||
479 | ((PKIX_PL_Object *)(checkerState->anyPolicyOID),do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_MakeSingleton ((PKIX_PL_Object *)(checkerState->anyPolicyOID), ((PKIX_Boolean ) 1), &anyPolicyList, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERMAKESINGLETONFAILED ; goto cleanup; } } while (0) | |||
480 | PKIX_TRUE,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_MakeSingleton ((PKIX_PL_Object *)(checkerState->anyPolicyOID), ((PKIX_Boolean ) 1), &anyPolicyList, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERMAKESINGLETONFAILED ; goto cleanup; } } while (0) | |||
481 | &anyPolicyList,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_MakeSingleton ((PKIX_PL_Object *)(checkerState->anyPolicyOID), ((PKIX_Boolean ) 1), &anyPolicyList, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERMAKESINGLETONFAILED ; goto cleanup; } } while (0) | |||
482 | plContext),do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_MakeSingleton ((PKIX_PL_Object *)(checkerState->anyPolicyOID), ((PKIX_Boolean ) 1), &anyPolicyList, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERMAKESINGLETONFAILED ; goto cleanup; } } while (0) | |||
483 | PKIX_POLICYCHECKERMAKESINGLETONFAILED)do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_MakeSingleton ((PKIX_PL_Object *)(checkerState->anyPolicyOID), ((PKIX_Boolean ) 1), &anyPolicyList, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERMAKESINGLETONFAILED ; goto cleanup; } } while (0); | |||
484 | ||||
485 | PKIX_CHECK(pkix_PolicyNode_Createdo { stdVars.aPkixErrorResult = (pkix_PolicyNode_Create (checkerState ->anyPolicyOID, ((void*)0), ((PKIX_Boolean) 0), anyPolicyList , &policyNode, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYNODECREATEFAILED; goto cleanup ; } } while (0) | |||
486 | (checkerState->anyPolicyOID, /* validPolicy */do { stdVars.aPkixErrorResult = (pkix_PolicyNode_Create (checkerState ->anyPolicyOID, ((void*)0), ((PKIX_Boolean) 0), anyPolicyList , &policyNode, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYNODECREATEFAILED; goto cleanup ; } } while (0) | |||
487 | NULL, /* qualifier set */do { stdVars.aPkixErrorResult = (pkix_PolicyNode_Create (checkerState ->anyPolicyOID, ((void*)0), ((PKIX_Boolean) 0), anyPolicyList , &policyNode, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYNODECREATEFAILED; goto cleanup ; } } while (0) | |||
488 | PKIX_FALSE, /* criticality */do { stdVars.aPkixErrorResult = (pkix_PolicyNode_Create (checkerState ->anyPolicyOID, ((void*)0), ((PKIX_Boolean) 0), anyPolicyList , &policyNode, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYNODECREATEFAILED; goto cleanup ; } } while (0) | |||
489 | anyPolicyList, /* expectedPolicySet */do { stdVars.aPkixErrorResult = (pkix_PolicyNode_Create (checkerState ->anyPolicyOID, ((void*)0), ((PKIX_Boolean) 0), anyPolicyList , &policyNode, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYNODECREATEFAILED; goto cleanup ; } } while (0) | |||
490 | &policyNode,do { stdVars.aPkixErrorResult = (pkix_PolicyNode_Create (checkerState ->anyPolicyOID, ((void*)0), ((PKIX_Boolean) 0), anyPolicyList , &policyNode, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYNODECREATEFAILED; goto cleanup ; } } while (0) | |||
491 | plContext),do { stdVars.aPkixErrorResult = (pkix_PolicyNode_Create (checkerState ->anyPolicyOID, ((void*)0), ((PKIX_Boolean) 0), anyPolicyList , &policyNode, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYNODECREATEFAILED; goto cleanup ; } } while (0) | |||
492 | PKIX_POLICYNODECREATEFAILED)do { stdVars.aPkixErrorResult = (pkix_PolicyNode_Create (checkerState ->anyPolicyOID, ((void*)0), ((PKIX_Boolean) 0), anyPolicyList , &policyNode, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYNODECREATEFAILED; goto cleanup ; } } while (0); | |||
493 | checkerState->validPolicyTree = policyNode; | |||
494 | ||||
495 | /* | |||
496 | * Since the initial validPolicyTree specifies | |||
497 | * ANY_POLICY, begin with a pointer to the root node. | |||
498 | */ | |||
499 | PKIX_INCREF(policyNode)do { if (policyNode){ stdVars.aPkixTempResult = PKIX_PL_Object_IncRef ((PKIX_PL_Object *)(policyNode), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); goto cleanup; } } } while (0); | |||
500 | checkerState->anyPolicyNodeAtBottom = policyNode; | |||
501 | ||||
502 | checkerState->newAnyPolicyNode = NULL((void*)0); | |||
503 | ||||
504 | checkerState->mappedPolicyOIDs = NULL((void*)0); | |||
505 | ||||
506 | *pCheckerState = checkerState; | |||
507 | checkerState = NULL((void*)0); | |||
508 | ||||
509 | cleanup: | |||
510 | ||||
511 | PKIX_DECREF(checkerState)do { if (checkerState){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(checkerState), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } checkerState = ((void *)0); } } while (0); | |||
512 | ||||
513 | PKIX_DECREF(anyPolicyList)do { if (anyPolicyList){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(anyPolicyList), plContext); if (stdVars. aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); } anyPolicyList = ((void*)0); } } while (0); | |||
514 | ||||
515 | PKIX_RETURN(CERTPOLICYCHECKERSTATE)return PKIX_DoReturn(&stdVars, (PKIX_CERTPOLICYCHECKERSTATE_ERROR ), ((PKIX_Boolean) 1), plContext);; | |||
516 | } | |||
517 | ||||
518 | /* --Private-PolicyChecker-Functions--------------------------------------- */ | |||
519 | ||||
520 | /* | |||
521 | * FUNCTION: pkix_PolicyChecker_MapContains | |||
522 | * DESCRIPTION: | |||
523 | * | |||
524 | * Checks the List of CertPolicyMaps pointed to by "certPolicyMaps", to | |||
525 | * determine whether the OID pointed to by "policy" is among the | |||
526 | * issuerDomainPolicies or subjectDomainPolicies of "certPolicyMaps", and | |||
527 | * stores the result in "pFound". | |||
528 | * | |||
529 | * This function is intended to allow an efficient check that the proscription | |||
530 | * against anyPolicy being mapped, described in RFC3280 Section 6.1.4(a), is | |||
531 | * not violated. | |||
532 | * | |||
533 | * PARAMETERS: | |||
534 | * "certPolicyMaps" | |||
535 | * Address of List of CertPolicyMaps to be searched. May be empty, but | |||
536 | * must be non-NULL | |||
537 | * "policy" | |||
538 | * Address of OID to be checked for. Must be non-NULL | |||
539 | * "pFound" | |||
540 | * Address where the result of the search will be stored. Must be non-NULL. | |||
541 | * "plContext" | |||
542 | * platform-specific context pointer | |||
543 | * THREAD SAFETY: | |||
544 | * Thread Safe (see Thread Safety Definitions in Programmer's Guide) | |||
545 | * RETURNS: | |||
546 | * Returns NULL if the function succeeds | |||
547 | * Returns a CertChainChecker Error if the function fails in a non-fatal way. | |||
548 | * Returns a Fatal Error if the function fails in an unrecoverable way | |||
549 | */ | |||
550 | PKIX_Error * | |||
551 | pkix_PolicyChecker_MapContains( | |||
552 | PKIX_List *certPolicyMaps, | |||
553 | PKIX_PL_OID *policy, | |||
554 | PKIX_Boolean *pFound, | |||
555 | void *plContext) | |||
556 | { | |||
557 | PKIX_PL_CertPolicyMap *map = NULL((void*)0); | |||
558 | PKIX_UInt32 numEntries = 0; | |||
559 | PKIX_UInt32 index = 0; | |||
560 | PKIX_Boolean match = PKIX_FALSE((PKIX_Boolean) 0); | |||
561 | PKIX_PL_OID *issuerDomainPolicy = NULL((void*)0); | |||
562 | PKIX_PL_OID *subjectDomainPolicy = NULL((void*)0); | |||
563 | ||||
564 | PKIX_ENTER(CERTCHAINCHECKER, "pkix_PolicyChecker_MapContains")static const char cMyFuncName[] = {"pkix_PolicyChecker_MapContains" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTCHAINCHECKER_ERROR; ; do { if ( pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0);; | |||
565 | PKIX_NULLCHECK_THREE(certPolicyMaps, policy, pFound)do { if (((certPolicyMaps) == ((void*)0)) || ((policy) == ((void *)0)) || ((pFound) == ((void*)0))){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT ; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean ) 1), plContext);; } } while (0); | |||
566 | ||||
567 | PKIX_CHECK(PKIX_List_GetLength(certPolicyMaps, &numEntries, plContext),do { stdVars.aPkixErrorResult = (PKIX_List_GetLength(certPolicyMaps , &numEntries, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup ; } } while (0) | |||
568 | PKIX_LISTGETLENGTHFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_GetLength(certPolicyMaps , &numEntries, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup ; } } while (0); | |||
569 | ||||
570 | for (index = 0; (!match) && (index < numEntries); index++) { | |||
571 | PKIX_CHECK(PKIX_List_GetItemdo { stdVars.aPkixErrorResult = (PKIX_List_GetItem (certPolicyMaps , index, (PKIX_PL_Object **)&map, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
572 | (certPolicyMaps, index, (PKIX_PL_Object **)&map, plContext),do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (certPolicyMaps , index, (PKIX_PL_Object **)&map, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
573 | PKIX_LISTGETITEMFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (certPolicyMaps , index, (PKIX_PL_Object **)&map, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0); | |||
574 | ||||
575 | PKIX_NULLCHECK_ONE(map)do { if ((map) == ((void*)0)){ stdVars.aPkixErrorReceived = ( (PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT ; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean ) 1), plContext);; } } while (0); | |||
576 | ||||
577 | PKIX_CHECK(PKIX_PL_CertPolicyMap_GetIssuerDomainPolicydo { stdVars.aPkixErrorResult = (PKIX_PL_CertPolicyMap_GetIssuerDomainPolicy (map, &issuerDomainPolicy, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTPOLICYMAPGETISSUERDOMAINPOLICYFAILED ; goto cleanup; } } while (0) | |||
578 | (map, &issuerDomainPolicy, plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_CertPolicyMap_GetIssuerDomainPolicy (map, &issuerDomainPolicy, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTPOLICYMAPGETISSUERDOMAINPOLICYFAILED ; goto cleanup; } } while (0) | |||
579 | PKIX_CERTPOLICYMAPGETISSUERDOMAINPOLICYFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_CertPolicyMap_GetIssuerDomainPolicy (map, &issuerDomainPolicy, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTPOLICYMAPGETISSUERDOMAINPOLICYFAILED ; goto cleanup; } } while (0); | |||
580 | ||||
581 | PKIX_EQUALSdo { if ((policy) != ((void*)0) && (issuerDomainPolicy ) != ((void*)0)) { do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Equals ((PKIX_PL_Object *)(policy), (PKIX_PL_Object*)(issuerDomainPolicy ), (&match), (plContext))); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = (PKIX_OBJECTEQUALSFAILED); goto cleanup ; } } while (0); } else if ((policy) == ((void*)0) && (issuerDomainPolicy) == ((void*)0)) { *(&match) = ((PKIX_Boolean ) 1); } else { *(&match) = ((PKIX_Boolean) 0); } } while ( 0) | |||
582 | (policy, issuerDomainPolicy, &match, plContext,do { if ((policy) != ((void*)0) && (issuerDomainPolicy ) != ((void*)0)) { do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Equals ((PKIX_PL_Object *)(policy), (PKIX_PL_Object*)(issuerDomainPolicy ), (&match), (plContext))); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = (PKIX_OBJECTEQUALSFAILED); goto cleanup ; } } while (0); } else if ((policy) == ((void*)0) && (issuerDomainPolicy) == ((void*)0)) { *(&match) = ((PKIX_Boolean ) 1); } else { *(&match) = ((PKIX_Boolean) 0); } } while ( 0) | |||
583 | PKIX_OBJECTEQUALSFAILED)do { if ((policy) != ((void*)0) && (issuerDomainPolicy ) != ((void*)0)) { do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Equals ((PKIX_PL_Object *)(policy), (PKIX_PL_Object*)(issuerDomainPolicy ), (&match), (plContext))); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = (PKIX_OBJECTEQUALSFAILED); goto cleanup ; } } while (0); } else if ((policy) == ((void*)0) && (issuerDomainPolicy) == ((void*)0)) { *(&match) = ((PKIX_Boolean ) 1); } else { *(&match) = ((PKIX_Boolean) 0); } } while ( 0); | |||
584 | ||||
585 | if (!match) { | |||
586 | PKIX_CHECK(PKIX_PL_CertPolicyMap_GetSubjectDomainPolicydo { stdVars.aPkixErrorResult = (PKIX_PL_CertPolicyMap_GetSubjectDomainPolicy (map, &subjectDomainPolicy, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTPOLICYMAPGETSUBJECTDOMAINPOLICYFAILED ; goto cleanup; } } while (0) | |||
587 | (map, &subjectDomainPolicy, plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_CertPolicyMap_GetSubjectDomainPolicy (map, &subjectDomainPolicy, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTPOLICYMAPGETSUBJECTDOMAINPOLICYFAILED ; goto cleanup; } } while (0) | |||
588 | PKIX_CERTPOLICYMAPGETSUBJECTDOMAINPOLICYFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_CertPolicyMap_GetSubjectDomainPolicy (map, &subjectDomainPolicy, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTPOLICYMAPGETSUBJECTDOMAINPOLICYFAILED ; goto cleanup; } } while (0); | |||
589 | ||||
590 | PKIX_EQUALSdo { if ((policy) != ((void*)0) && (subjectDomainPolicy ) != ((void*)0)) { do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Equals ((PKIX_PL_Object *)(policy), (PKIX_PL_Object*)(subjectDomainPolicy ), (&match), (plContext))); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = (PKIX_OBJECTEQUALSFAILED); goto cleanup ; } } while (0); } else if ((policy) == ((void*)0) && (subjectDomainPolicy) == ((void*)0)) { *(&match) = ((PKIX_Boolean ) 1); } else { *(&match) = ((PKIX_Boolean) 0); } } while ( 0) | |||
591 | (policy, subjectDomainPolicy, &match, plContext,do { if ((policy) != ((void*)0) && (subjectDomainPolicy ) != ((void*)0)) { do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Equals ((PKIX_PL_Object *)(policy), (PKIX_PL_Object*)(subjectDomainPolicy ), (&match), (plContext))); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = (PKIX_OBJECTEQUALSFAILED); goto cleanup ; } } while (0); } else if ((policy) == ((void*)0) && (subjectDomainPolicy) == ((void*)0)) { *(&match) = ((PKIX_Boolean ) 1); } else { *(&match) = ((PKIX_Boolean) 0); } } while ( 0) | |||
592 | PKIX_OBJECTEQUALSFAILED)do { if ((policy) != ((void*)0) && (subjectDomainPolicy ) != ((void*)0)) { do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Equals ((PKIX_PL_Object *)(policy), (PKIX_PL_Object*)(subjectDomainPolicy ), (&match), (plContext))); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = (PKIX_OBJECTEQUALSFAILED); goto cleanup ; } } while (0); } else if ((policy) == ((void*)0) && (subjectDomainPolicy) == ((void*)0)) { *(&match) = ((PKIX_Boolean ) 1); } else { *(&match) = ((PKIX_Boolean) 0); } } while ( 0); | |||
593 | } | |||
594 | ||||
595 | PKIX_DECREF(map)do { if (map){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(map), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } map = ((void*)0); } } while (0); | |||
596 | PKIX_DECREF(issuerDomainPolicy)do { if (issuerDomainPolicy){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(issuerDomainPolicy), plContext); if (stdVars .aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); } issuerDomainPolicy = ((void*)0); } } while (0); | |||
597 | PKIX_DECREF(subjectDomainPolicy)do { if (subjectDomainPolicy){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(subjectDomainPolicy), plContext); if (stdVars .aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); } subjectDomainPolicy = ((void*)0); } } while (0); | |||
598 | } | |||
599 | ||||
600 | *pFound = match; | |||
601 | ||||
602 | cleanup: | |||
603 | ||||
604 | PKIX_DECREF(map)do { if (map){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(map), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } map = ((void*)0); } } while (0); | |||
605 | PKIX_DECREF(issuerDomainPolicy)do { if (issuerDomainPolicy){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(issuerDomainPolicy), plContext); if (stdVars .aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); } issuerDomainPolicy = ((void*)0); } } while (0); | |||
606 | PKIX_DECREF(subjectDomainPolicy)do { if (subjectDomainPolicy){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(subjectDomainPolicy), plContext); if (stdVars .aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); } subjectDomainPolicy = ((void*)0); } } while (0); | |||
607 | PKIX_RETURN(CERTCHAINCHECKER)return PKIX_DoReturn(&stdVars, (PKIX_CERTCHAINCHECKER_ERROR ), ((PKIX_Boolean) 1), plContext);; | |||
608 | } | |||
609 | ||||
610 | /* | |||
611 | * FUNCTION: pkix_PolicyChecker_MapGetSubjectDomainPolicies | |||
612 | * DESCRIPTION: | |||
613 | * | |||
614 | * Checks the List of CertPolicyMaps pointed to by "certPolicyMaps", to create | |||
615 | * a list of all SubjectDomainPolicies for which the IssuerDomainPolicy is the | |||
616 | * policy pointed to by "policy", and stores the result in | |||
617 | * "pSubjectDomainPolicies". | |||
618 | * | |||
619 | * If the List of CertPolicyMaps provided in "certPolicyMaps" is NULL, the | |||
620 | * resulting List will be NULL. If there are CertPolicyMaps, but none that | |||
621 | * include "policy" as an IssuerDomainPolicy, the returned List pointer will | |||
622 | * be NULL. Otherwise, the returned List will contain the SubjectDomainPolicies | |||
623 | * of all CertPolicyMaps for which "policy" is the IssuerDomainPolicy. If a | |||
624 | * List is returned it will be immutable. | |||
625 | * | |||
626 | * PARAMETERS: | |||
627 | * "certPolicyMaps" | |||
628 | * Address of List of CertPolicyMaps to be searched. May be empty or NULL. | |||
629 | * "policy" | |||
630 | * Address of OID to be checked for. Must be non-NULL | |||
631 | * "pSubjectDomainPolicies" | |||
632 | * Address where the result of the search will be stored. Must be non-NULL. | |||
633 | * "plContext" | |||
634 | * platform-specific context pointer | |||
635 | * THREAD SAFETY: | |||
636 | * Thread Safe (see Thread Safety Definitions in Programmer's Guide) | |||
637 | * RETURNS: | |||
638 | * Returns NULL if the function succeeds | |||
639 | * Returns a CertChainChecker Error if the function fails in a non-fatal way. | |||
640 | * Returns a Fatal Error if the function fails in an unrecoverable way | |||
641 | */ | |||
642 | PKIX_Error * | |||
643 | pkix_PolicyChecker_MapGetSubjectDomainPolicies( | |||
644 | PKIX_List *certPolicyMaps, | |||
645 | PKIX_PL_OID *policy, | |||
646 | PKIX_List **pSubjectDomainPolicies, | |||
647 | void *plContext) | |||
648 | { | |||
649 | PKIX_PL_CertPolicyMap *map = NULL((void*)0); | |||
650 | PKIX_List *subjectList = NULL((void*)0); | |||
651 | PKIX_UInt32 numEntries = 0; | |||
652 | PKIX_UInt32 index = 0; | |||
653 | PKIX_Boolean match = PKIX_FALSE((PKIX_Boolean) 0); | |||
654 | PKIX_PL_OID *issuerDomainPolicy = NULL((void*)0); | |||
655 | PKIX_PL_OID *subjectDomainPolicy = NULL((void*)0); | |||
656 | ||||
657 | PKIX_ENTERstatic const char cMyFuncName[] = {"pkix_PolicyChecker_MapGetSubjectDomainPolicies" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTCHAINCHECKER_ERROR; ; do { if ( pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0); | |||
658 | (CERTCHAINCHECKER,static const char cMyFuncName[] = {"pkix_PolicyChecker_MapGetSubjectDomainPolicies" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTCHAINCHECKER_ERROR; ; do { if ( pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0); | |||
659 | "pkix_PolicyChecker_MapGetSubjectDomainPolicies")static const char cMyFuncName[] = {"pkix_PolicyChecker_MapGetSubjectDomainPolicies" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTCHAINCHECKER_ERROR; ; do { if ( pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0);; | |||
660 | PKIX_NULLCHECK_TWO(policy, pSubjectDomainPolicies)do { if (((policy) == ((void*)0)) || ((pSubjectDomainPolicies ) == ((void*)0))){ stdVars.aPkixErrorReceived = ((PKIX_Boolean ) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT; return PKIX_DoReturn (&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean) 1), plContext );; } } while (0); | |||
661 | ||||
662 | if (certPolicyMaps) { | |||
663 | PKIX_CHECK(PKIX_List_GetLengthdo { stdVars.aPkixErrorResult = (PKIX_List_GetLength (certPolicyMaps , &numEntries, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup ; } } while (0) | |||
664 | (certPolicyMaps,do { stdVars.aPkixErrorResult = (PKIX_List_GetLength (certPolicyMaps , &numEntries, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup ; } } while (0) | |||
665 | &numEntries,do { stdVars.aPkixErrorResult = (PKIX_List_GetLength (certPolicyMaps , &numEntries, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup ; } } while (0) | |||
666 | plContext),do { stdVars.aPkixErrorResult = (PKIX_List_GetLength (certPolicyMaps , &numEntries, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup ; } } while (0) | |||
667 | PKIX_LISTGETLENGTHFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_GetLength (certPolicyMaps , &numEntries, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup ; } } while (0); | |||
668 | } | |||
669 | ||||
670 | for (index = 0; index < numEntries; index++) { | |||
671 | PKIX_CHECK(PKIX_List_GetItemdo { stdVars.aPkixErrorResult = (PKIX_List_GetItem (certPolicyMaps , index, (PKIX_PL_Object **)&map, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
672 | (certPolicyMaps, index, (PKIX_PL_Object **)&map, plContext),do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (certPolicyMaps , index, (PKIX_PL_Object **)&map, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
673 | PKIX_LISTGETITEMFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (certPolicyMaps , index, (PKIX_PL_Object **)&map, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0); | |||
674 | ||||
675 | PKIX_NULLCHECK_ONE(map)do { if ((map) == ((void*)0)){ stdVars.aPkixErrorReceived = ( (PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT ; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean ) 1), plContext);; } } while (0); | |||
676 | ||||
677 | PKIX_CHECK(PKIX_PL_CertPolicyMap_GetIssuerDomainPolicydo { stdVars.aPkixErrorResult = (PKIX_PL_CertPolicyMap_GetIssuerDomainPolicy (map, &issuerDomainPolicy, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTPOLICYMAPGETISSUERDOMAINPOLICYFAILED ; goto cleanup; } } while (0) | |||
678 | (map, &issuerDomainPolicy, plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_CertPolicyMap_GetIssuerDomainPolicy (map, &issuerDomainPolicy, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTPOLICYMAPGETISSUERDOMAINPOLICYFAILED ; goto cleanup; } } while (0) | |||
679 | PKIX_CERTPOLICYMAPGETISSUERDOMAINPOLICYFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_CertPolicyMap_GetIssuerDomainPolicy (map, &issuerDomainPolicy, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTPOLICYMAPGETISSUERDOMAINPOLICYFAILED ; goto cleanup; } } while (0); | |||
680 | ||||
681 | PKIX_EQUALSdo { if ((policy) != ((void*)0) && (issuerDomainPolicy ) != ((void*)0)) { do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Equals ((PKIX_PL_Object *)(policy), (PKIX_PL_Object*)(issuerDomainPolicy ), (&match), (plContext))); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = (PKIX_OBJECTEQUALSFAILED); goto cleanup ; } } while (0); } else if ((policy) == ((void*)0) && (issuerDomainPolicy) == ((void*)0)) { *(&match) = ((PKIX_Boolean ) 1); } else { *(&match) = ((PKIX_Boolean) 0); } } while ( 0) | |||
682 | (policy, issuerDomainPolicy, &match, plContext,do { if ((policy) != ((void*)0) && (issuerDomainPolicy ) != ((void*)0)) { do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Equals ((PKIX_PL_Object *)(policy), (PKIX_PL_Object*)(issuerDomainPolicy ), (&match), (plContext))); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = (PKIX_OBJECTEQUALSFAILED); goto cleanup ; } } while (0); } else if ((policy) == ((void*)0) && (issuerDomainPolicy) == ((void*)0)) { *(&match) = ((PKIX_Boolean ) 1); } else { *(&match) = ((PKIX_Boolean) 0); } } while ( 0) | |||
683 | PKIX_OBJECTEQUALSFAILED)do { if ((policy) != ((void*)0) && (issuerDomainPolicy ) != ((void*)0)) { do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Equals ((PKIX_PL_Object *)(policy), (PKIX_PL_Object*)(issuerDomainPolicy ), (&match), (plContext))); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = (PKIX_OBJECTEQUALSFAILED); goto cleanup ; } } while (0); } else if ((policy) == ((void*)0) && (issuerDomainPolicy) == ((void*)0)) { *(&match) = ((PKIX_Boolean ) 1); } else { *(&match) = ((PKIX_Boolean) 0); } } while ( 0); | |||
684 | ||||
685 | if (match) { | |||
686 | if (!subjectList) { | |||
687 | PKIX_CHECK(PKIX_List_Create(&subjectList, plContext),do { stdVars.aPkixErrorResult = (PKIX_List_Create(&subjectList , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCREATEFAILED; goto cleanup; } } while (0) | |||
688 | PKIX_LISTCREATEFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_Create(&subjectList , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCREATEFAILED; goto cleanup; } } while (0); | |||
689 | } | |||
690 | ||||
691 | PKIX_CHECK(PKIX_PL_CertPolicyMap_GetSubjectDomainPolicydo { stdVars.aPkixErrorResult = (PKIX_PL_CertPolicyMap_GetSubjectDomainPolicy (map, &subjectDomainPolicy, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTPOLICYMAPGETSUBJECTDOMAINPOLICYFAILED ; goto cleanup; } } while (0) | |||
692 | (map, &subjectDomainPolicy, plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_CertPolicyMap_GetSubjectDomainPolicy (map, &subjectDomainPolicy, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTPOLICYMAPGETSUBJECTDOMAINPOLICYFAILED ; goto cleanup; } } while (0) | |||
693 | PKIX_CERTPOLICYMAPGETSUBJECTDOMAINPOLICYFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_CertPolicyMap_GetSubjectDomainPolicy (map, &subjectDomainPolicy, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTPOLICYMAPGETSUBJECTDOMAINPOLICYFAILED ; goto cleanup; } } while (0); | |||
694 | ||||
695 | PKIX_CHECK(PKIX_List_AppendItemdo { stdVars.aPkixErrorResult = (PKIX_List_AppendItem (subjectList , (PKIX_PL_Object *)subjectDomainPolicy, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_LISTAPPENDITEMFAILED ; goto cleanup; } } while (0) | |||
696 | (subjectList,do { stdVars.aPkixErrorResult = (PKIX_List_AppendItem (subjectList , (PKIX_PL_Object *)subjectDomainPolicy, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_LISTAPPENDITEMFAILED ; goto cleanup; } } while (0) | |||
697 | (PKIX_PL_Object *)subjectDomainPolicy,do { stdVars.aPkixErrorResult = (PKIX_List_AppendItem (subjectList , (PKIX_PL_Object *)subjectDomainPolicy, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_LISTAPPENDITEMFAILED ; goto cleanup; } } while (0) | |||
698 | plContext),do { stdVars.aPkixErrorResult = (PKIX_List_AppendItem (subjectList , (PKIX_PL_Object *)subjectDomainPolicy, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_LISTAPPENDITEMFAILED ; goto cleanup; } } while (0) | |||
699 | PKIX_LISTAPPENDITEMFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_AppendItem (subjectList , (PKIX_PL_Object *)subjectDomainPolicy, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_LISTAPPENDITEMFAILED ; goto cleanup; } } while (0); | |||
700 | } | |||
701 | ||||
702 | PKIX_DECREF(map)do { if (map){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(map), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } map = ((void*)0); } } while (0); | |||
703 | PKIX_DECREF(issuerDomainPolicy)do { if (issuerDomainPolicy){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(issuerDomainPolicy), plContext); if (stdVars .aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); } issuerDomainPolicy = ((void*)0); } } while (0); | |||
704 | PKIX_DECREF(subjectDomainPolicy)do { if (subjectDomainPolicy){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(subjectDomainPolicy), plContext); if (stdVars .aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); } subjectDomainPolicy = ((void*)0); } } while (0); | |||
705 | } | |||
706 | ||||
707 | if (subjectList) { | |||
708 | PKIX_CHECK(PKIX_List_SetImmutable(subjectList, plContext),do { stdVars.aPkixErrorResult = (PKIX_List_SetImmutable(subjectList , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTSETIMMUTABLEFAILED; goto cleanup; } } while (0) | |||
709 | PKIX_LISTSETIMMUTABLEFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_SetImmutable(subjectList , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTSETIMMUTABLEFAILED; goto cleanup; } } while (0); | |||
710 | } | |||
711 | ||||
712 | *pSubjectDomainPolicies = subjectList; | |||
713 | ||||
714 | cleanup: | |||
715 | ||||
716 | if (PKIX_ERROR_RECEIVED(stdVars.aPkixErrorReceived || stdVars.aPkixErrorResult || stdVars .aPkixTempErrorReceived || stdVars.aPkixErrorList)) { | |||
717 | PKIX_DECREF(subjectList)do { if (subjectList){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(subjectList), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } subjectList = ((void *)0); } } while (0); | |||
718 | } | |||
719 | ||||
720 | PKIX_DECREF(map)do { if (map){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(map), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } map = ((void*)0); } } while (0); | |||
721 | PKIX_DECREF(issuerDomainPolicy)do { if (issuerDomainPolicy){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(issuerDomainPolicy), plContext); if (stdVars .aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); } issuerDomainPolicy = ((void*)0); } } while (0); | |||
722 | PKIX_DECREF(subjectDomainPolicy)do { if (subjectDomainPolicy){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(subjectDomainPolicy), plContext); if (stdVars .aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); } subjectDomainPolicy = ((void*)0); } } while (0); | |||
723 | ||||
724 | PKIX_RETURN(CERTCHAINCHECKER)return PKIX_DoReturn(&stdVars, (PKIX_CERTCHAINCHECKER_ERROR ), ((PKIX_Boolean) 1), plContext);; | |||
725 | } | |||
726 | ||||
727 | /* | |||
728 | * FUNCTION: pkix_PolicyChecker_MapGetMappedPolicies | |||
729 | * DESCRIPTION: | |||
730 | * | |||
731 | * Checks the List of CertPolicyMaps pointed to by "certPolicyMaps" to create a | |||
732 | * List of all IssuerDomainPolicies, and stores the result in | |||
733 | * "pMappedPolicies". | |||
734 | * | |||
735 | * The caller may not rely on the IssuerDomainPolicies to be in any particular | |||
736 | * order. IssuerDomainPolicies that appear in more than one CertPolicyMap will | |||
737 | * only appear once in "pMappedPolicies". If "certPolicyMaps" is empty the | |||
738 | * result will be an empty List. The created List is mutable. | |||
739 | * | |||
740 | * PARAMETERS: | |||
741 | * "certPolicyMaps" | |||
742 | * Address of List of CertPolicyMaps to be searched. May be empty, but | |||
743 | * must be non-NULL. | |||
744 | * "pMappedPolicies" | |||
745 | * Address where the result will be stored. Must be non-NULL. | |||
746 | * "plContext" | |||
747 | * platform-specific context pointer | |||
748 | * THREAD SAFETY: | |||
749 | * Thread Safe (see Thread Safety Definitions in Programmer's Guide) | |||
750 | * RETURNS: | |||
751 | * Returns NULL if the function succeeds | |||
752 | * Returns a CertChainChecker Error if the functions fails in a non-fatal way | |||
753 | * Returns a Fatal Error if the function fails in an unrecoverable way | |||
754 | */ | |||
755 | PKIX_Error * | |||
756 | pkix_PolicyChecker_MapGetMappedPolicies( | |||
757 | PKIX_List *certPolicyMaps, | |||
758 | PKIX_List **pMappedPolicies, | |||
759 | void *plContext) | |||
760 | { | |||
761 | PKIX_PL_CertPolicyMap *map = NULL((void*)0); | |||
762 | PKIX_List *mappedList = NULL((void*)0); | |||
763 | PKIX_UInt32 numEntries = 0; | |||
764 | PKIX_UInt32 index = 0; | |||
765 | PKIX_Boolean isContained = PKIX_FALSE((PKIX_Boolean) 0); | |||
766 | PKIX_PL_OID *issuerDomainPolicy = NULL((void*)0); | |||
767 | ||||
768 | PKIX_ENTERstatic const char cMyFuncName[] = {"pkix_PolicyChecker_MapGetMappedPolicies" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTCHAINCHECKER_ERROR; ; do { if ( pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0); | |||
769 | (CERTCHAINCHECKER, "pkix_PolicyChecker_MapGetMappedPolicies")static const char cMyFuncName[] = {"pkix_PolicyChecker_MapGetMappedPolicies" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTCHAINCHECKER_ERROR; ; do { if ( pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0);; | |||
770 | PKIX_NULLCHECK_TWO(certPolicyMaps, pMappedPolicies)do { if (((certPolicyMaps) == ((void*)0)) || ((pMappedPolicies ) == ((void*)0))){ stdVars.aPkixErrorReceived = ((PKIX_Boolean ) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT; return PKIX_DoReturn (&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean) 1), plContext );; } } while (0); | |||
771 | ||||
772 | PKIX_CHECK(PKIX_List_Create(&mappedList, plContext),do { stdVars.aPkixErrorResult = (PKIX_List_Create(&mappedList , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCREATEFAILED; goto cleanup; } } while (0) | |||
773 | PKIX_LISTCREATEFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_Create(&mappedList , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCREATEFAILED; goto cleanup; } } while (0); | |||
774 | ||||
775 | PKIX_CHECK(PKIX_List_GetLength(certPolicyMaps, &numEntries, plContext),do { stdVars.aPkixErrorResult = (PKIX_List_GetLength(certPolicyMaps , &numEntries, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup ; } } while (0) | |||
776 | PKIX_LISTGETLENGTHFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_GetLength(certPolicyMaps , &numEntries, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup ; } } while (0); | |||
777 | ||||
778 | for (index = 0; index < numEntries; index++) { | |||
779 | PKIX_CHECK(PKIX_List_GetItemdo { stdVars.aPkixErrorResult = (PKIX_List_GetItem (certPolicyMaps , index, (PKIX_PL_Object **)&map, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
780 | (certPolicyMaps, index, (PKIX_PL_Object **)&map, plContext),do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (certPolicyMaps , index, (PKIX_PL_Object **)&map, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
781 | PKIX_LISTGETITEMFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (certPolicyMaps , index, (PKIX_PL_Object **)&map, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0); | |||
782 | ||||
783 | PKIX_NULLCHECK_ONE(map)do { if ((map) == ((void*)0)){ stdVars.aPkixErrorReceived = ( (PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT ; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean ) 1), plContext);; } } while (0); | |||
784 | ||||
785 | PKIX_CHECK(PKIX_PL_CertPolicyMap_GetIssuerDomainPolicydo { stdVars.aPkixErrorResult = (PKIX_PL_CertPolicyMap_GetIssuerDomainPolicy (map, &issuerDomainPolicy, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTPOLICYMAPGETISSUERDOMAINPOLICYFAILED ; goto cleanup; } } while (0) | |||
786 | (map, &issuerDomainPolicy, plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_CertPolicyMap_GetIssuerDomainPolicy (map, &issuerDomainPolicy, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTPOLICYMAPGETISSUERDOMAINPOLICYFAILED ; goto cleanup; } } while (0) | |||
787 | PKIX_CERTPOLICYMAPGETISSUERDOMAINPOLICYFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_CertPolicyMap_GetIssuerDomainPolicy (map, &issuerDomainPolicy, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTPOLICYMAPGETISSUERDOMAINPOLICYFAILED ; goto cleanup; } } while (0); | |||
788 | ||||
789 | PKIX_CHECK(pkix_List_Containsdo { stdVars.aPkixErrorResult = (pkix_List_Contains (mappedList , (PKIX_PL_Object *)issuerDomainPolicy, &isContained, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCONTAINSFAILED; goto cleanup; } } while (0) | |||
790 | (mappedList,do { stdVars.aPkixErrorResult = (pkix_List_Contains (mappedList , (PKIX_PL_Object *)issuerDomainPolicy, &isContained, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCONTAINSFAILED; goto cleanup; } } while (0) | |||
791 | (PKIX_PL_Object *)issuerDomainPolicy,do { stdVars.aPkixErrorResult = (pkix_List_Contains (mappedList , (PKIX_PL_Object *)issuerDomainPolicy, &isContained, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCONTAINSFAILED; goto cleanup; } } while (0) | |||
792 | &isContained,do { stdVars.aPkixErrorResult = (pkix_List_Contains (mappedList , (PKIX_PL_Object *)issuerDomainPolicy, &isContained, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCONTAINSFAILED; goto cleanup; } } while (0) | |||
793 | plContext),do { stdVars.aPkixErrorResult = (pkix_List_Contains (mappedList , (PKIX_PL_Object *)issuerDomainPolicy, &isContained, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCONTAINSFAILED; goto cleanup; } } while (0) | |||
794 | PKIX_LISTCONTAINSFAILED)do { stdVars.aPkixErrorResult = (pkix_List_Contains (mappedList , (PKIX_PL_Object *)issuerDomainPolicy, &isContained, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCONTAINSFAILED; goto cleanup; } } while (0); | |||
795 | ||||
796 | if (isContained == PKIX_FALSE((PKIX_Boolean) 0)) { | |||
797 | PKIX_CHECK(PKIX_List_AppendItemdo { stdVars.aPkixErrorResult = (PKIX_List_AppendItem (mappedList , (PKIX_PL_Object *)issuerDomainPolicy, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_LISTAPPENDITEMFAILED ; goto cleanup; } } while (0) | |||
798 | (mappedList,do { stdVars.aPkixErrorResult = (PKIX_List_AppendItem (mappedList , (PKIX_PL_Object *)issuerDomainPolicy, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_LISTAPPENDITEMFAILED ; goto cleanup; } } while (0) | |||
799 | (PKIX_PL_Object *)issuerDomainPolicy,do { stdVars.aPkixErrorResult = (PKIX_List_AppendItem (mappedList , (PKIX_PL_Object *)issuerDomainPolicy, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_LISTAPPENDITEMFAILED ; goto cleanup; } } while (0) | |||
800 | plContext),do { stdVars.aPkixErrorResult = (PKIX_List_AppendItem (mappedList , (PKIX_PL_Object *)issuerDomainPolicy, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_LISTAPPENDITEMFAILED ; goto cleanup; } } while (0) | |||
801 | PKIX_LISTAPPENDITEMFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_AppendItem (mappedList , (PKIX_PL_Object *)issuerDomainPolicy, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_LISTAPPENDITEMFAILED ; goto cleanup; } } while (0); | |||
802 | } | |||
803 | ||||
804 | PKIX_DECREF(map)do { if (map){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(map), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } map = ((void*)0); } } while (0); | |||
805 | PKIX_DECREF(issuerDomainPolicy)do { if (issuerDomainPolicy){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(issuerDomainPolicy), plContext); if (stdVars .aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); } issuerDomainPolicy = ((void*)0); } } while (0); | |||
806 | } | |||
807 | ||||
808 | *pMappedPolicies = mappedList; | |||
809 | ||||
810 | cleanup: | |||
811 | ||||
812 | if (PKIX_ERROR_RECEIVED(stdVars.aPkixErrorReceived || stdVars.aPkixErrorResult || stdVars .aPkixTempErrorReceived || stdVars.aPkixErrorList)) { | |||
813 | PKIX_DECREF(mappedList)do { if (mappedList){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(mappedList), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } mappedList = ((void *)0); } } while (0); | |||
814 | } | |||
815 | ||||
816 | PKIX_DECREF(map)do { if (map){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(map), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } map = ((void*)0); } } while (0); | |||
817 | PKIX_DECREF(issuerDomainPolicy)do { if (issuerDomainPolicy){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(issuerDomainPolicy), plContext); if (stdVars .aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); } issuerDomainPolicy = ((void*)0); } } while (0); | |||
818 | ||||
819 | PKIX_RETURN(CERTCHAINCHECKER)return PKIX_DoReturn(&stdVars, (PKIX_CERTCHAINCHECKER_ERROR ), ((PKIX_Boolean) 1), plContext);; | |||
820 | } | |||
821 | ||||
822 | /* | |||
823 | * FUNCTION: pkix_PolicyChecker_MakeMutableCopy | |||
824 | * DESCRIPTION: | |||
825 | * | |||
826 | * Creates a mutable copy of the List pointed to by "list", which may or may | |||
827 | * not be immutable, and stores the address at "pMutableCopy". | |||
828 | * | |||
829 | * PARAMETERS: | |||
830 | * "list" | |||
831 | * Address of List to be copied. Must be non-NULL. | |||
832 | * "pMutableCopy" | |||
833 | * Address where mutable copy will be stored. Must be non-NULL. | |||
834 | * "plContext" | |||
835 | * Platform-specific context pointer. | |||
836 | * THREAD SAFETY: | |||
837 | * Thread Safe (see Thread Safety Definitions in Programmer's Guide) | |||
838 | * RETURNS: | |||
839 | * Returns NULL if the function succeeds | |||
840 | * Returns a CertChainChecker Error if the functions fails in a non-fatal way | |||
841 | * Returns a Fatal Error if the function fails in an unrecoverable way | |||
842 | */ | |||
843 | static PKIX_Error * | |||
844 | pkix_PolicyChecker_MakeMutableCopy( | |||
845 | PKIX_List *list, | |||
846 | PKIX_List **pMutableCopy, | |||
847 | void *plContext) | |||
848 | { | |||
849 | PKIX_List *newList = NULL((void*)0); | |||
850 | PKIX_UInt32 listLen = 0; | |||
851 | PKIX_UInt32 listIx = 0; | |||
852 | PKIX_PL_Object *object = NULL((void*)0); | |||
853 | ||||
854 | PKIX_ENTER(CERTCHAINCHECKER, "pkix_PolicyChecker_MakeMutableCopy")static const char cMyFuncName[] = {"pkix_PolicyChecker_MakeMutableCopy" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTCHAINCHECKER_ERROR; ; do { if ( pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0);; | |||
855 | PKIX_NULLCHECK_TWO(list, pMutableCopy)do { if (((list) == ((void*)0)) || ((pMutableCopy) == ((void* )0))){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars .aPkixErrorCode = PKIX_NULLARGUMENT; return PKIX_DoReturn(& stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean) 1), plContext);; } } while (0); | |||
856 | ||||
857 | PKIX_CHECK(PKIX_List_Create(&newList, plContext),do { stdVars.aPkixErrorResult = (PKIX_List_Create(&newList , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCREATEFAILED; goto cleanup; } } while (0) | |||
858 | PKIX_LISTCREATEFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_Create(&newList , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCREATEFAILED; goto cleanup; } } while (0); | |||
859 | ||||
860 | PKIX_CHECK(PKIX_List_GetLength(list, &listLen, plContext),do { stdVars.aPkixErrorResult = (PKIX_List_GetLength(list, & listLen, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup; } } while (0) | |||
861 | PKIX_LISTGETLENGTHFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_GetLength(list, & listLen, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup; } } while (0); | |||
862 | ||||
863 | for (listIx = 0; listIx < listLen; listIx++) { | |||
864 | ||||
865 | PKIX_CHECK(PKIX_List_GetItem(list, listIx, &object, plContext),do { stdVars.aPkixErrorResult = (PKIX_List_GetItem(list, listIx , &object, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_LISTGETITEMFAILED; goto cleanup; } } while (0) | |||
866 | PKIX_LISTGETITEMFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_GetItem(list, listIx , &object, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_LISTGETITEMFAILED; goto cleanup; } } while (0); | |||
867 | ||||
868 | PKIX_CHECK(PKIX_List_AppendItem(newList, object, plContext),do { stdVars.aPkixErrorResult = (PKIX_List_AppendItem(newList , object, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_LISTAPPENDITEMFAILED; goto cleanup; } } while (0) | |||
869 | PKIX_LISTAPPENDITEMFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_AppendItem(newList , object, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_LISTAPPENDITEMFAILED; goto cleanup; } } while (0); | |||
870 | ||||
871 | PKIX_DECREF(object)do { if (object){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(object), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } object = ((void*)0 ); } } while (0); | |||
872 | } | |||
873 | ||||
874 | *pMutableCopy = newList; | |||
875 | newList = NULL((void*)0); | |||
876 | ||||
877 | cleanup: | |||
878 | PKIX_DECREF(newList)do { if (newList){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(newList), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } newList = ((void*) 0); } } while (0); | |||
879 | PKIX_DECREF(object)do { if (object){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(object), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } object = ((void*)0 ); } } while (0); | |||
880 | ||||
881 | PKIX_RETURN(CERTCHAINCHECKER)return PKIX_DoReturn(&stdVars, (PKIX_CERTCHAINCHECKER_ERROR ), ((PKIX_Boolean) 1), plContext);; | |||
882 | } | |||
883 | ||||
884 | /* | |||
885 | * FUNCTION: pkix_PolicyChecker_MakeSingleton | |||
886 | * DESCRIPTION: | |||
887 | * | |||
888 | * Creates a new List containing the Object pointed to by "listItem", using | |||
889 | * the Boolean value of "immutability" to determine whether to set the List | |||
890 | * immutable, and stores the address at "pList". | |||
891 | * | |||
892 | * PARAMETERS: | |||
893 | * "listItem" | |||
894 | * Address of Object to be inserted into the new List. Must be non-NULL. | |||
895 | * "immutability" | |||
896 | * Boolean value indicating whether new List is to be immutable | |||
897 | * "pList" | |||
898 | * Address where List will be stored. Must be non-NULL. | |||
899 | * "plContext" | |||
900 | * Platform-specific context pointer. | |||
901 | * THREAD SAFETY: | |||
902 | * Thread Safe (see Thread Safety Definitions in Programmer's Guide) | |||
903 | * RETURNS: | |||
904 | * Returns NULL if the function succeeds | |||
905 | * Returns a CertChainChecker Error if the functions fails in a non-fatal way | |||
906 | * Returns a Fatal Error if the function fails in an unrecoverable way | |||
907 | */ | |||
908 | static PKIX_Error * | |||
909 | pkix_PolicyChecker_MakeSingleton( | |||
910 | PKIX_PL_Object *listItem, | |||
911 | PKIX_Boolean immutability, | |||
912 | PKIX_List **pList, | |||
913 | void *plContext) | |||
914 | { | |||
915 | PKIX_List *newList = NULL((void*)0); | |||
916 | ||||
917 | PKIX_ENTER(CERTCHAINCHECKER, "pkix_PolicyChecker_MakeSingleton")static const char cMyFuncName[] = {"pkix_PolicyChecker_MakeSingleton" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTCHAINCHECKER_ERROR; ; do { if ( pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0);; | |||
918 | PKIX_NULLCHECK_TWO(listItem, pList)do { if (((listItem) == ((void*)0)) || ((pList) == ((void*)0) )){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars. aPkixErrorCode = PKIX_NULLARGUMENT; return PKIX_DoReturn(& stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean) 1), plContext);; } } while (0); | |||
919 | ||||
920 | PKIX_CHECK(PKIX_List_Create(&newList, plContext),do { stdVars.aPkixErrorResult = (PKIX_List_Create(&newList , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCREATEFAILED; goto cleanup; } } while (0) | |||
921 | PKIX_LISTCREATEFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_Create(&newList , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCREATEFAILED; goto cleanup; } } while (0); | |||
922 | ||||
923 | PKIX_CHECK(PKIX_List_AppendItemdo { stdVars.aPkixErrorResult = (PKIX_List_AppendItem (newList , (PKIX_PL_Object *)listItem, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTAPPENDITEMFAILED; goto cleanup ; } } while (0) | |||
924 | (newList, (PKIX_PL_Object *)listItem, plContext),do { stdVars.aPkixErrorResult = (PKIX_List_AppendItem (newList , (PKIX_PL_Object *)listItem, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTAPPENDITEMFAILED; goto cleanup ; } } while (0) | |||
925 | PKIX_LISTAPPENDITEMFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_AppendItem (newList , (PKIX_PL_Object *)listItem, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTAPPENDITEMFAILED; goto cleanup ; } } while (0); | |||
926 | ||||
927 | if (immutability) { | |||
928 | PKIX_CHECK(PKIX_List_SetImmutable(newList, plContext),do { stdVars.aPkixErrorResult = (PKIX_List_SetImmutable(newList , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTSETIMMUTABLEFAILED; goto cleanup; } } while (0) | |||
929 | PKIX_LISTSETIMMUTABLEFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_SetImmutable(newList , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTSETIMMUTABLEFAILED; goto cleanup; } } while (0); | |||
930 | } | |||
931 | ||||
932 | *pList = newList; | |||
933 | ||||
934 | cleanup: | |||
935 | if (PKIX_ERROR_RECEIVED(stdVars.aPkixErrorReceived || stdVars.aPkixErrorResult || stdVars .aPkixTempErrorReceived || stdVars.aPkixErrorList)) { | |||
936 | PKIX_DECREF(newList)do { if (newList){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(newList), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } newList = ((void*) 0); } } while (0); | |||
937 | } | |||
938 | ||||
939 | PKIX_RETURN(CERTCHAINCHECKER)return PKIX_DoReturn(&stdVars, (PKIX_CERTCHAINCHECKER_ERROR ), ((PKIX_Boolean) 1), plContext);; | |||
940 | } | |||
941 | ||||
942 | /* | |||
943 | * FUNCTION: pkix_PolicyChecker_Spawn | |||
944 | * DESCRIPTION: | |||
945 | * | |||
946 | * Creates a new childNode for the parent pointed to by "parent", using | |||
947 | * the OID pointed to by "policyOID", the List of CertPolicyQualifiers | |||
948 | * pointed to by "qualifiers", the List of OIDs pointed to by | |||
949 | * "subjectDomainPolicies", and the PolicyCheckerState pointed to by | |||
950 | * "state". The new node will be added to "parent". | |||
951 | * | |||
952 | * The validPolicy of the new node is set from the OID pointed to by | |||
953 | * "policyOID". The policy qualifiers for the new node is set from the | |||
954 | * List of qualifiers pointed to by "qualifiers", and may be NULL or | |||
955 | * empty if the argument provided was NULL or empty. The criticality is | |||
956 | * set according to the criticality obtained from the PolicyCheckerState. | |||
957 | * If "subjectDomainPolicies" is NULL, the expectedPolicySet of the | |||
958 | * child is set to contain the same policy as the validPolicy. If | |||
959 | * "subjectDomainPolicies" is not NULL, it is used as the value for | |||
960 | * the expectedPolicySet. | |||
961 | * | |||
962 | * The PolicyCheckerState also contains a constant, anyPolicy, which is | |||
963 | * compared to "policyOID". If they match, the address of the childNode | |||
964 | * is saved in the state's newAnyPolicyNode. | |||
965 | * | |||
966 | * PARAMETERS: | |||
967 | * "parent" | |||
968 | * Address of PolicyNode to which the child will be linked. Must be | |||
969 | * non-NULL. | |||
970 | * "policyOID" | |||
971 | * Address of OID of the new child's validPolicy and also, if | |||
972 | * subjectDomainPolicies is NULL, of the new child's expectedPolicySet. | |||
973 | * Must be non-NULL. | |||
974 | * "qualifiers" | |||
975 | * Address of List of CertPolicyQualifiers. May be NULL or empty. | |||
976 | * "subjectDomainPolicies" | |||
977 | * Address of List of OIDs indicating the policies to which "policy" is | |||
978 | * mapped. May be empty or NULL. | |||
979 | * "state" | |||
980 | * Address of the current PKIX_PolicyCheckerState. Must be non-NULL.. | |||
981 | * "plContext" | |||
982 | * Platform-specific context pointer. | |||
983 | * THREAD SAFETY: | |||
984 | * Not Thread Safe (see Thread Safety Definitions in Programmer's Guide) | |||
985 | * RETURNS: | |||
986 | * Returns NULL if the function succeeds | |||
987 | * Returns a CertChainChecker Error if the functions fails in a non-fatal way | |||
988 | * Returns a Fatal Error if the function fails in an unrecoverable way | |||
989 | */ | |||
990 | static PKIX_Error * | |||
991 | pkix_PolicyChecker_Spawn( | |||
992 | PKIX_PolicyNode *parent, | |||
993 | PKIX_PL_OID *policyOID, | |||
994 | PKIX_List *qualifiers, /* CertPolicyQualifiers */ | |||
995 | PKIX_List *subjectDomainPolicies, | |||
996 | PKIX_PolicyCheckerState *state, | |||
997 | void *plContext) | |||
998 | { | |||
999 | PKIX_List *expectedSet = NULL((void*)0); /* OIDs */ | |||
1000 | PKIX_PolicyNode *childNode = NULL((void*)0); | |||
1001 | PKIX_Boolean match = PKIX_FALSE((PKIX_Boolean) 0); | |||
1002 | ||||
1003 | PKIX_ENTER(CERTCHAINCHECKER, "pkix_PolicyChecker_Spawn")static const char cMyFuncName[] = {"pkix_PolicyChecker_Spawn" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTCHAINCHECKER_ERROR; ; do { if ( pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0);; | |||
1004 | PKIX_NULLCHECK_THREE(policyOID, parent, state)do { if (((policyOID) == ((void*)0)) || ((parent) == ((void*) 0)) || ((state) == ((void*)0))){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT ; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean ) 1), plContext);; } } while (0); | |||
1005 | ||||
1006 | if (subjectDomainPolicies) { | |||
1007 | ||||
1008 | PKIX_INCREF(subjectDomainPolicies)do { if (subjectDomainPolicies){ stdVars.aPkixTempResult = PKIX_PL_Object_IncRef ((PKIX_PL_Object *)(subjectDomainPolicies), plContext); if ( stdVars.aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars .aPkixTempResult, plContext); stdVars.aPkixTempResult = ((void *)0); goto cleanup; } } } while (0); | |||
1009 | expectedSet = subjectDomainPolicies; | |||
1010 | ||||
1011 | } else { | |||
1012 | /* Create the child's ExpectedPolicy Set */ | |||
1013 | PKIX_CHECK(pkix_PolicyChecker_MakeSingletondo { stdVars.aPkixErrorResult = (pkix_PolicyChecker_MakeSingleton ((PKIX_PL_Object *)policyOID, ((PKIX_Boolean) 1), &expectedSet , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERMAKESINGLETONFAILED; goto cleanup; } } while (0) | |||
1014 | ((PKIX_PL_Object *)policyOID,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_MakeSingleton ((PKIX_PL_Object *)policyOID, ((PKIX_Boolean) 1), &expectedSet , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERMAKESINGLETONFAILED; goto cleanup; } } while (0) | |||
1015 | PKIX_TRUE, /* make expectedPolicySet immutable */do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_MakeSingleton ((PKIX_PL_Object *)policyOID, ((PKIX_Boolean) 1), &expectedSet , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERMAKESINGLETONFAILED; goto cleanup; } } while (0) | |||
1016 | &expectedSet,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_MakeSingleton ((PKIX_PL_Object *)policyOID, ((PKIX_Boolean) 1), &expectedSet , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERMAKESINGLETONFAILED; goto cleanup; } } while (0) | |||
1017 | plContext),do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_MakeSingleton ((PKIX_PL_Object *)policyOID, ((PKIX_Boolean) 1), &expectedSet , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERMAKESINGLETONFAILED; goto cleanup; } } while (0) | |||
1018 | PKIX_POLICYCHECKERMAKESINGLETONFAILED)do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_MakeSingleton ((PKIX_PL_Object *)policyOID, ((PKIX_Boolean) 1), &expectedSet , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERMAKESINGLETONFAILED; goto cleanup; } } while (0); | |||
1019 | } | |||
1020 | ||||
1021 | PKIX_CHECK(pkix_PolicyNode_Createdo { stdVars.aPkixErrorResult = (pkix_PolicyNode_Create (policyOID , qualifiers, state->certPoliciesCritical, expectedSet, & childNode, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_POLICYNODECREATEFAILED; goto cleanup; } } while (0) | |||
1022 | (policyOID,do { stdVars.aPkixErrorResult = (pkix_PolicyNode_Create (policyOID , qualifiers, state->certPoliciesCritical, expectedSet, & childNode, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_POLICYNODECREATEFAILED; goto cleanup; } } while (0) | |||
1023 | qualifiers,do { stdVars.aPkixErrorResult = (pkix_PolicyNode_Create (policyOID , qualifiers, state->certPoliciesCritical, expectedSet, & childNode, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_POLICYNODECREATEFAILED; goto cleanup; } } while (0) | |||
1024 | state->certPoliciesCritical,do { stdVars.aPkixErrorResult = (pkix_PolicyNode_Create (policyOID , qualifiers, state->certPoliciesCritical, expectedSet, & childNode, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_POLICYNODECREATEFAILED; goto cleanup; } } while (0) | |||
1025 | expectedSet,do { stdVars.aPkixErrorResult = (pkix_PolicyNode_Create (policyOID , qualifiers, state->certPoliciesCritical, expectedSet, & childNode, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_POLICYNODECREATEFAILED; goto cleanup; } } while (0) | |||
1026 | &childNode,do { stdVars.aPkixErrorResult = (pkix_PolicyNode_Create (policyOID , qualifiers, state->certPoliciesCritical, expectedSet, & childNode, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_POLICYNODECREATEFAILED; goto cleanup; } } while (0) | |||
1027 | plContext),do { stdVars.aPkixErrorResult = (pkix_PolicyNode_Create (policyOID , qualifiers, state->certPoliciesCritical, expectedSet, & childNode, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_POLICYNODECREATEFAILED; goto cleanup; } } while (0) | |||
1028 | PKIX_POLICYNODECREATEFAILED)do { stdVars.aPkixErrorResult = (pkix_PolicyNode_Create (policyOID , qualifiers, state->certPoliciesCritical, expectedSet, & childNode, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_POLICYNODECREATEFAILED; goto cleanup; } } while (0); | |||
1029 | ||||
1030 | /* | |||
1031 | * If we had a non-empty mapping, we know the new node could not | |||
1032 | * have been created with a validPolicy of anyPolicy. Otherwise, | |||
1033 | * check whether we just created a new node with anyPolicy, because | |||
1034 | * in that case we want to save the child pointer in newAnyPolicyNode. | |||
1035 | */ | |||
1036 | if (!subjectDomainPolicies) { | |||
1037 | PKIX_EQUALS(policyOID, state->anyPolicyOID, &match, plContext,do { if ((policyOID) != ((void*)0) && (state->anyPolicyOID ) != ((void*)0)) { do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Equals ((PKIX_PL_Object *)(policyOID), (PKIX_PL_Object*)(state-> anyPolicyOID), (&match), (plContext))); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = (PKIX_OBJECTEQUALSFAILED); goto cleanup ; } } while (0); } else if ((policyOID) == ((void*)0) && (state->anyPolicyOID) == ((void*)0)) { *(&match) = (( PKIX_Boolean) 1); } else { *(&match) = ((PKIX_Boolean) 0) ; } } while (0) | |||
1038 | PKIX_OBJECTEQUALSFAILED)do { if ((policyOID) != ((void*)0) && (state->anyPolicyOID ) != ((void*)0)) { do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Equals ((PKIX_PL_Object *)(policyOID), (PKIX_PL_Object*)(state-> anyPolicyOID), (&match), (plContext))); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = (PKIX_OBJECTEQUALSFAILED); goto cleanup ; } } while (0); } else if ((policyOID) == ((void*)0) && (state->anyPolicyOID) == ((void*)0)) { *(&match) = (( PKIX_Boolean) 1); } else { *(&match) = ((PKIX_Boolean) 0) ; } } while (0); | |||
1039 | ||||
1040 | if (match) { | |||
1041 | PKIX_DECREF(state->newAnyPolicyNode)do { if (state->newAnyPolicyNode){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(state->newAnyPolicyNode ), plContext); if (stdVars.aPkixTempResult) { PKIX_DoAddError (&stdVars, stdVars.aPkixTempResult, plContext); stdVars.aPkixTempResult = ((void*)0); } state->newAnyPolicyNode = ((void*)0); } } while (0); | |||
1042 | PKIX_INCREF(childNode)do { if (childNode){ stdVars.aPkixTempResult = PKIX_PL_Object_IncRef ((PKIX_PL_Object *)(childNode), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); goto cleanup; } } } while (0); | |||
1043 | state->newAnyPolicyNode = childNode; | |||
1044 | } | |||
1045 | } | |||
1046 | ||||
1047 | PKIX_CHECK(pkix_PolicyNode_AddToParent(parent, childNode, plContext),do { stdVars.aPkixErrorResult = (pkix_PolicyNode_AddToParent( parent, childNode, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYNODEADDTOPARENTFAILED; goto cleanup; } } while (0) | |||
1048 | PKIX_POLICYNODEADDTOPARENTFAILED)do { stdVars.aPkixErrorResult = (pkix_PolicyNode_AddToParent( parent, childNode, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYNODEADDTOPARENTFAILED; goto cleanup; } } while (0); | |||
1049 | ||||
1050 | PKIX_CHECK(PKIX_PL_Object_InvalidateCachedo { stdVars.aPkixErrorResult = (PKIX_PL_Object_InvalidateCache ((PKIX_PL_Object *)state, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_OBJECTINVALIDATECACHEFAILED; goto cleanup; } } while (0) | |||
1051 | ((PKIX_PL_Object *)state, plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_Object_InvalidateCache ((PKIX_PL_Object *)state, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_OBJECTINVALIDATECACHEFAILED; goto cleanup; } } while (0) | |||
1052 | PKIX_OBJECTINVALIDATECACHEFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_Object_InvalidateCache ((PKIX_PL_Object *)state, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_OBJECTINVALIDATECACHEFAILED; goto cleanup; } } while (0); | |||
1053 | ||||
1054 | cleanup: | |||
1055 | PKIX_DECREF(childNode)do { if (childNode){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(childNode), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } childNode = ((void *)0); } } while (0); | |||
1056 | PKIX_DECREF(expectedSet)do { if (expectedSet){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(expectedSet), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } expectedSet = ((void *)0); } } while (0); | |||
1057 | PKIX_RETURN(CERTCHAINCHECKER)return PKIX_DoReturn(&stdVars, (PKIX_CERTCHAINCHECKER_ERROR ), ((PKIX_Boolean) 1), plContext);; | |||
1058 | } | |||
1059 | ||||
1060 | /* | |||
1061 | * FUNCTION: pkix_PolicyChecker_CheckPolicyRecursive | |||
1062 | * DESCRIPTION: | |||
1063 | * | |||
1064 | * Performs policy processing for the policy whose OID is pointed to by | |||
1065 | * "policyOID" and whose List of CertPolicyQualifiers is pointed to by | |||
1066 | * "policyQualifiers", using the List of policy OIDs pointed to by | |||
1067 | * "subjectDomainPolicies" and the PolicyNode pointed to by "currentNode", | |||
1068 | * in accordance with the current PolicyCheckerState pointed to by "state", | |||
1069 | * and setting "pChildNodeCreated" to TRUE if a new childNode is created. | |||
1070 | * Note: "pChildNodeCreated" is not set to FALSE if no childNode is created. | |||
1071 | * The intent of the design is that the caller can set a variable to FALSE | |||
1072 | * initially, prior to a recursive set of calls. At the end, the variable | |||
1073 | * can be tested to see whether *any* of the calls created a child node. | |||
1074 | * | |||
1075 | * If the currentNode is not at the bottom of the tree, this function | |||
1076 | * calls itself recursively for each child of currentNode. At the bottom of | |||
1077 | * the tree, it creates new child nodes as appropriate. This function will | |||
1078 | * never be called with policy = anyPolicy. | |||
1079 | * | |||
1080 | * This function implements the processing described in RFC3280 | |||
1081 | * Section 6.1.3(d)(1)(i). | |||
1082 | * | |||
1083 | * PARAMETERS: | |||
1084 | * "policyOID" | |||
1085 | * Address of OID of the policy to be checked for. Must be non-NULL. | |||
1086 | * "policyQualifiers" | |||
1087 | * Address of List of CertPolicyQualifiers of the policy to be checked for. | |||
1088 | * May be empty or NULL. | |||
1089 | * "subjectDomainPolicies" | |||
1090 | * Address of List of OIDs indicating the policies to which "policy" is | |||
1091 | * mapped. May be empty or NULL. | |||
1092 | * "currentNode" | |||
1093 | * Address of PolicyNode whose descendants will be checked, if not at the | |||
1094 | * bottom of the tree; or whose expectedPolicySet will be compared to | |||
1095 | * "policy", if at the bottom. Must be non-NULL. | |||
1096 | * "state" | |||
1097 | * Address of PolicyCheckerState of the current PolicyChecker. Must be | |||
1098 | * non-NULL. | |||
1099 | * "pChildNodeCreated" | |||
1100 | * Address of the Boolean that will be set TRUE if this function | |||
1101 | * creates a child node. Must be non-NULL. | |||
1102 | * "plContext" | |||
1103 | * Platform-specific context pointer. | |||
1104 | * THREAD SAFETY: | |||
1105 | * Not Thread Safe (see Thread Safety Definitions in Programmer's Guide) | |||
1106 | * RETURNS: | |||
1107 | * Returns NULL if the function succeeds | |||
1108 | * Returns a CertChainChecker Error if the functions fails in a non-fatal way | |||
1109 | * Returns a Fatal Error if the function fails in an unrecoverable way | |||
1110 | */ | |||
1111 | static PKIX_Error * | |||
1112 | pkix_PolicyChecker_CheckPolicyRecursive( | |||
1113 | PKIX_PL_OID *policyOID, | |||
1114 | PKIX_List *policyQualifiers, | |||
1115 | PKIX_List *subjectDomainPolicies, | |||
1116 | PKIX_PolicyNode *currentNode, | |||
1117 | PKIX_PolicyCheckerState *state, | |||
1118 | PKIX_Boolean *pChildNodeCreated, | |||
1119 | void *plContext) | |||
1120 | { | |||
1121 | PKIX_UInt32 depth = 0; | |||
1122 | PKIX_UInt32 numChildren = 0; | |||
1123 | PKIX_UInt32 childIx = 0; | |||
1124 | PKIX_Boolean isIncluded = PKIX_FALSE((PKIX_Boolean) 0); | |||
1125 | PKIX_List *children = NULL((void*)0); /* PolicyNodes */ | |||
1126 | PKIX_PolicyNode *childNode = NULL((void*)0); | |||
1127 | PKIX_List *expectedPolicies = NULL((void*)0); /* OIDs */ | |||
1128 | ||||
1129 | PKIX_ENTERstatic const char cMyFuncName[] = {"pkix_PolicyChecker_CheckPolicyRecursive" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTCHAINCHECKER_ERROR; ; do { if ( pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0); | |||
1130 | (CERTCHAINCHECKER,static const char cMyFuncName[] = {"pkix_PolicyChecker_CheckPolicyRecursive" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTCHAINCHECKER_ERROR; ; do { if ( pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0); | |||
1131 | "pkix_PolicyChecker_CheckPolicyRecursive")static const char cMyFuncName[] = {"pkix_PolicyChecker_CheckPolicyRecursive" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTCHAINCHECKER_ERROR; ; do { if ( pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0);; | |||
1132 | PKIX_NULLCHECK_FOUR(policyOID, currentNode, state, pChildNodeCreated)do { if (((policyOID) == ((void*)0)) || ((currentNode) == ((void *)0)) || ((state) == ((void*)0)) || ((pChildNodeCreated) == ( (void*)0))){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT; return PKIX_DoReturn (&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean) 1), plContext );; } } while (0); | |||
1133 | ||||
1134 | /* if not at the bottom of the tree */ | |||
1135 | PKIX_CHECK(PKIX_PolicyNode_GetDepthdo { stdVars.aPkixErrorResult = (PKIX_PolicyNode_GetDepth (currentNode , &depth, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_POLICYNODEGETDEPTHFAILED; goto cleanup ; } } while (0) | |||
1136 | (currentNode, &depth, plContext),do { stdVars.aPkixErrorResult = (PKIX_PolicyNode_GetDepth (currentNode , &depth, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_POLICYNODEGETDEPTHFAILED; goto cleanup ; } } while (0) | |||
1137 | PKIX_POLICYNODEGETDEPTHFAILED)do { stdVars.aPkixErrorResult = (PKIX_PolicyNode_GetDepth (currentNode , &depth, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_POLICYNODEGETDEPTHFAILED; goto cleanup ; } } while (0); | |||
1138 | ||||
1139 | if (depth < (state->certsProcessed)) { | |||
1140 | PKIX_CHECK(pkix_PolicyNode_GetChildrenMutabledo { stdVars.aPkixErrorResult = (pkix_PolicyNode_GetChildrenMutable (currentNode, &children, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYNODEGETCHILDRENMUTABLEFAILED ; goto cleanup; } } while (0) | |||
1141 | (currentNode, &children, plContext),do { stdVars.aPkixErrorResult = (pkix_PolicyNode_GetChildrenMutable (currentNode, &children, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYNODEGETCHILDRENMUTABLEFAILED ; goto cleanup; } } while (0) | |||
1142 | PKIX_POLICYNODEGETCHILDRENMUTABLEFAILED)do { stdVars.aPkixErrorResult = (pkix_PolicyNode_GetChildrenMutable (currentNode, &children, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYNODEGETCHILDRENMUTABLEFAILED ; goto cleanup; } } while (0); | |||
1143 | ||||
1144 | if (children) { | |||
1145 | PKIX_CHECK(PKIX_List_GetLengthdo { stdVars.aPkixErrorResult = (PKIX_List_GetLength (children , &numChildren, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup ; } } while (0) | |||
1146 | (children, &numChildren, plContext),do { stdVars.aPkixErrorResult = (PKIX_List_GetLength (children , &numChildren, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup ; } } while (0) | |||
1147 | PKIX_LISTGETLENGTHFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_GetLength (children , &numChildren, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup ; } } while (0); | |||
1148 | } | |||
1149 | ||||
1150 | for (childIx = 0; childIx < numChildren; childIx++) { | |||
1151 | ||||
1152 | PKIX_CHECK(PKIX_List_GetItemdo { stdVars.aPkixErrorResult = (PKIX_List_GetItem (children, childIx, (PKIX_PL_Object **)&childNode, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
1153 | (children,do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (children, childIx, (PKIX_PL_Object **)&childNode, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
1154 | childIx,do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (children, childIx, (PKIX_PL_Object **)&childNode, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
1155 | (PKIX_PL_Object **)&childNode,do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (children, childIx, (PKIX_PL_Object **)&childNode, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
1156 | plContext),do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (children, childIx, (PKIX_PL_Object **)&childNode, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
1157 | PKIX_LISTGETITEMFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (children, childIx, (PKIX_PL_Object **)&childNode, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0); | |||
1158 | ||||
1159 | PKIX_CHECK(pkix_PolicyChecker_CheckPolicyRecursivedo { stdVars.aPkixErrorResult = (pkix_PolicyChecker_CheckPolicyRecursive (policyOID, policyQualifiers, subjectDomainPolicies, childNode , state, pChildNodeCreated, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERCHECKPOLICYRECURSIVEFAILED ; goto cleanup; } } while (0) | |||
1160 | (policyOID,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_CheckPolicyRecursive (policyOID, policyQualifiers, subjectDomainPolicies, childNode , state, pChildNodeCreated, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERCHECKPOLICYRECURSIVEFAILED ; goto cleanup; } } while (0) | |||
1161 | policyQualifiers,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_CheckPolicyRecursive (policyOID, policyQualifiers, subjectDomainPolicies, childNode , state, pChildNodeCreated, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERCHECKPOLICYRECURSIVEFAILED ; goto cleanup; } } while (0) | |||
1162 | subjectDomainPolicies,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_CheckPolicyRecursive (policyOID, policyQualifiers, subjectDomainPolicies, childNode , state, pChildNodeCreated, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERCHECKPOLICYRECURSIVEFAILED ; goto cleanup; } } while (0) | |||
1163 | childNode,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_CheckPolicyRecursive (policyOID, policyQualifiers, subjectDomainPolicies, childNode , state, pChildNodeCreated, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERCHECKPOLICYRECURSIVEFAILED ; goto cleanup; } } while (0) | |||
1164 | state,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_CheckPolicyRecursive (policyOID, policyQualifiers, subjectDomainPolicies, childNode , state, pChildNodeCreated, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERCHECKPOLICYRECURSIVEFAILED ; goto cleanup; } } while (0) | |||
1165 | pChildNodeCreated,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_CheckPolicyRecursive (policyOID, policyQualifiers, subjectDomainPolicies, childNode , state, pChildNodeCreated, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERCHECKPOLICYRECURSIVEFAILED ; goto cleanup; } } while (0) | |||
1166 | plContext),do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_CheckPolicyRecursive (policyOID, policyQualifiers, subjectDomainPolicies, childNode , state, pChildNodeCreated, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERCHECKPOLICYRECURSIVEFAILED ; goto cleanup; } } while (0) | |||
1167 | PKIX_POLICYCHECKERCHECKPOLICYRECURSIVEFAILED)do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_CheckPolicyRecursive (policyOID, policyQualifiers, subjectDomainPolicies, childNode , state, pChildNodeCreated, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERCHECKPOLICYRECURSIVEFAILED ; goto cleanup; } } while (0); | |||
1168 | ||||
1169 | PKIX_DECREF(childNode)do { if (childNode){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(childNode), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } childNode = ((void *)0); } } while (0); | |||
1170 | } | |||
1171 | } else { /* if at the bottom of the tree */ | |||
1172 | ||||
1173 | /* Check whether policy is in this node's expectedPolicySet */ | |||
1174 | PKIX_CHECK(PKIX_PolicyNode_GetExpectedPoliciesdo { stdVars.aPkixErrorResult = (PKIX_PolicyNode_GetExpectedPolicies (currentNode, &expectedPolicies, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_POLICYNODEGETEXPECTEDPOLICIESFAILED ; goto cleanup; } } while (0) | |||
1175 | (currentNode, &expectedPolicies, plContext),do { stdVars.aPkixErrorResult = (PKIX_PolicyNode_GetExpectedPolicies (currentNode, &expectedPolicies, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_POLICYNODEGETEXPECTEDPOLICIESFAILED ; goto cleanup; } } while (0) | |||
1176 | PKIX_POLICYNODEGETEXPECTEDPOLICIESFAILED)do { stdVars.aPkixErrorResult = (PKIX_PolicyNode_GetExpectedPolicies (currentNode, &expectedPolicies, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_POLICYNODEGETEXPECTEDPOLICIESFAILED ; goto cleanup; } } while (0); | |||
1177 | ||||
1178 | PKIX_NULLCHECK_ONE(expectedPolicies)do { if ((expectedPolicies) == ((void*)0)){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT ; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean ) 1), plContext);; } } while (0); | |||
1179 | ||||
1180 | PKIX_CHECK(pkix_List_Containsdo { stdVars.aPkixErrorResult = (pkix_List_Contains (expectedPolicies , (PKIX_PL_Object *)policyOID, &isIncluded, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCONTAINSFAILED ; goto cleanup; } } while (0) | |||
1181 | (expectedPolicies,do { stdVars.aPkixErrorResult = (pkix_List_Contains (expectedPolicies , (PKIX_PL_Object *)policyOID, &isIncluded, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCONTAINSFAILED ; goto cleanup; } } while (0) | |||
1182 | (PKIX_PL_Object *)policyOID,do { stdVars.aPkixErrorResult = (pkix_List_Contains (expectedPolicies , (PKIX_PL_Object *)policyOID, &isIncluded, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCONTAINSFAILED ; goto cleanup; } } while (0) | |||
1183 | &isIncluded,do { stdVars.aPkixErrorResult = (pkix_List_Contains (expectedPolicies , (PKIX_PL_Object *)policyOID, &isIncluded, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCONTAINSFAILED ; goto cleanup; } } while (0) | |||
1184 | plContext),do { stdVars.aPkixErrorResult = (pkix_List_Contains (expectedPolicies , (PKIX_PL_Object *)policyOID, &isIncluded, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCONTAINSFAILED ; goto cleanup; } } while (0) | |||
1185 | PKIX_LISTCONTAINSFAILED)do { stdVars.aPkixErrorResult = (pkix_List_Contains (expectedPolicies , (PKIX_PL_Object *)policyOID, &isIncluded, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCONTAINSFAILED ; goto cleanup; } } while (0); | |||
1186 | ||||
1187 | if (isIncluded) { | |||
1188 | PKIX_CHECK(pkix_PolicyChecker_Spawndo { stdVars.aPkixErrorResult = (pkix_PolicyChecker_Spawn (currentNode , policyOID, policyQualifiers, subjectDomainPolicies, state, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERSPAWNFAILED; goto cleanup; } } while (0) | |||
1189 | (currentNode,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_Spawn (currentNode , policyOID, policyQualifiers, subjectDomainPolicies, state, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERSPAWNFAILED; goto cleanup; } } while (0) | |||
1190 | policyOID,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_Spawn (currentNode , policyOID, policyQualifiers, subjectDomainPolicies, state, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERSPAWNFAILED; goto cleanup; } } while (0) | |||
1191 | policyQualifiers,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_Spawn (currentNode , policyOID, policyQualifiers, subjectDomainPolicies, state, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERSPAWNFAILED; goto cleanup; } } while (0) | |||
1192 | subjectDomainPolicies,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_Spawn (currentNode , policyOID, policyQualifiers, subjectDomainPolicies, state, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERSPAWNFAILED; goto cleanup; } } while (0) | |||
1193 | state,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_Spawn (currentNode , policyOID, policyQualifiers, subjectDomainPolicies, state, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERSPAWNFAILED; goto cleanup; } } while (0) | |||
1194 | plContext),do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_Spawn (currentNode , policyOID, policyQualifiers, subjectDomainPolicies, state, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERSPAWNFAILED; goto cleanup; } } while (0) | |||
1195 | PKIX_POLICYCHECKERSPAWNFAILED)do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_Spawn (currentNode , policyOID, policyQualifiers, subjectDomainPolicies, state, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERSPAWNFAILED; goto cleanup; } } while (0); | |||
1196 | ||||
1197 | *pChildNodeCreated = PKIX_TRUE((PKIX_Boolean) 1); | |||
1198 | } | |||
1199 | } | |||
1200 | ||||
1201 | cleanup: | |||
1202 | ||||
1203 | PKIX_DECREF(children)do { if (children){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(children), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } children = ((void* )0); } } while (0); | |||
1204 | PKIX_DECREF(childNode)do { if (childNode){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(childNode), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } childNode = ((void *)0); } } while (0); | |||
1205 | PKIX_DECREF(expectedPolicies)do { if (expectedPolicies){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(expectedPolicies), plContext); if (stdVars .aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); } expectedPolicies = ((void*)0); } } while (0); | |||
1206 | ||||
1207 | PKIX_RETURN(CERTCHAINCHECKER)return PKIX_DoReturn(&stdVars, (PKIX_CERTCHAINCHECKER_ERROR ), ((PKIX_Boolean) 1), plContext);; | |||
1208 | } | |||
1209 | ||||
1210 | /* | |||
1211 | * FUNCTION: pkix_PolicyChecker_CheckPolicy | |||
1212 | * DESCRIPTION: | |||
1213 | * | |||
1214 | * Performs the non-recursive portion of the policy processing for the policy | |||
1215 | * whose OID is pointed to by "policyOID" and whose List of | |||
1216 | * CertPolicyQualifiers is pointed to by "policyQualifiers", for the | |||
1217 | * Certificate pointed to by "cert" with the List of CertPolicyMaps pointed | |||
1218 | * to by "maps", in accordance with the current PolicyCheckerState pointed | |||
1219 | * to by "state". | |||
1220 | * | |||
1221 | * This function implements the processing described in RFC3280 | |||
1222 | * Section 6.1.3(d)(1)(i). | |||
1223 | * | |||
1224 | * PARAMETERS: | |||
1225 | * "policyOID" | |||
1226 | * Address of OID of the policy to be checked for. Must be non-NULL. | |||
1227 | * "policyQualifiers" | |||
1228 | * Address of List of CertPolicyQualifiers of the policy to be checked for. | |||
1229 | * May be empty or NULL. | |||
1230 | * "cert" | |||
1231 | * Address of the current certificate. Must be non-NULL. | |||
1232 | * "maps" | |||
1233 | * Address of List of CertPolicyMaps for the current certificate | |||
1234 | * "state" | |||
1235 | * Address of PolicyCheckerState of the current PolicyChecker. Must be | |||
1236 | * non-NULL. | |||
1237 | * "plContext" | |||
1238 | * Platform-specific context pointer. | |||
1239 | * THREAD SAFETY: | |||
1240 | * Not Thread Safe (see Thread Safety Definitions in Programmer's Guide) | |||
1241 | * RETURNS: | |||
1242 | * Returns NULL if the function succeeds | |||
1243 | * Returns a CertChainChecker Error if the functions fails in a non-fatal way | |||
1244 | * Returns a Fatal Error if the function fails in an unrecoverable way | |||
1245 | */ | |||
1246 | static PKIX_Error * | |||
1247 | pkix_PolicyChecker_CheckPolicy( | |||
1248 | PKIX_PL_OID *policyOID, | |||
1249 | PKIX_List *policyQualifiers, | |||
1250 | PKIX_PL_Cert *cert, | |||
1251 | PKIX_List *maps, | |||
1252 | PKIX_PolicyCheckerState *state, | |||
1253 | void *plContext) | |||
1254 | { | |||
1255 | PKIX_Boolean childNodeCreated = PKIX_FALSE((PKIX_Boolean) 0); | |||
1256 | PKIX_Boolean okToSpawn = PKIX_FALSE((PKIX_Boolean) 0); | |||
1257 | PKIX_Boolean found = PKIX_FALSE((PKIX_Boolean) 0); | |||
1258 | PKIX_List *subjectDomainPolicies = NULL((void*)0); | |||
1259 | ||||
1260 | PKIX_ENTER(CERTCHAINCHECKER, "pkix_PolicyChecker_CheckPolicy")static const char cMyFuncName[] = {"pkix_PolicyChecker_CheckPolicy" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTCHAINCHECKER_ERROR; ; do { if ( pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0);; | |||
1261 | PKIX_NULLCHECK_THREE(policyOID, cert, state)do { if (((policyOID) == ((void*)0)) || ((cert) == ((void*)0) ) || ((state) == ((void*)0))){ stdVars.aPkixErrorReceived = ( (PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT ; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean ) 1), plContext);; } } while (0); | |||
1262 | ||||
1263 | /* | |||
1264 | * If this is not the last certificate, get the set of | |||
1265 | * subjectDomainPolicies that "policy" maps to, according to the | |||
1266 | * current cert's policy mapping extension. That set will be NULL | |||
1267 | * if the current cert does not have a policy mapping extension, | |||
1268 | * or if the current policy is not mapped. | |||
1269 | */ | |||
1270 | if (state->certsProcessed != (state->numCerts - 1)) { | |||
1271 | PKIX_CHECK(pkix_PolicyChecker_MapGetSubjectDomainPoliciesdo { stdVars.aPkixErrorResult = (pkix_PolicyChecker_MapGetSubjectDomainPolicies (maps, policyOID, &subjectDomainPolicies, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERMAPGETSUBJECTDOMAINPOLICIESFAILED ; goto cleanup; } } while (0) | |||
1272 | (maps, policyOID, &subjectDomainPolicies, plContext),do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_MapGetSubjectDomainPolicies (maps, policyOID, &subjectDomainPolicies, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERMAPGETSUBJECTDOMAINPOLICIESFAILED ; goto cleanup; } } while (0) | |||
1273 | PKIX_POLICYCHECKERMAPGETSUBJECTDOMAINPOLICIESFAILED)do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_MapGetSubjectDomainPolicies (maps, policyOID, &subjectDomainPolicies, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERMAPGETSUBJECTDOMAINPOLICIESFAILED ; goto cleanup; } } while (0); | |||
1274 | } | |||
1275 | ||||
1276 | /* | |||
1277 | * Section 6.1.4(b)(2) tells us that if policyMapping is zero, we | |||
1278 | * will have to delete any nodes created with validPolicies equal to | |||
1279 | * policies that appear as issuerDomainPolicies in a policy mapping | |||
1280 | * extension. Let's avoid creating any such nodes. | |||
1281 | */ | |||
1282 | if ((state->policyMapping) == 0) { | |||
1283 | if (subjectDomainPolicies) { | |||
1284 | goto cleanup; | |||
1285 | } | |||
1286 | } | |||
1287 | ||||
1288 | PKIX_CHECK(pkix_PolicyChecker_CheckPolicyRecursivedo { stdVars.aPkixErrorResult = (pkix_PolicyChecker_CheckPolicyRecursive (policyOID, policyQualifiers, subjectDomainPolicies, state-> validPolicyTree, state, &childNodeCreated, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERCHECKPOLICYRECURSIVEFAILED ; goto cleanup; } } while (0) | |||
1289 | (policyOID,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_CheckPolicyRecursive (policyOID, policyQualifiers, subjectDomainPolicies, state-> validPolicyTree, state, &childNodeCreated, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERCHECKPOLICYRECURSIVEFAILED ; goto cleanup; } } while (0) | |||
1290 | policyQualifiers,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_CheckPolicyRecursive (policyOID, policyQualifiers, subjectDomainPolicies, state-> validPolicyTree, state, &childNodeCreated, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERCHECKPOLICYRECURSIVEFAILED ; goto cleanup; } } while (0) | |||
1291 | subjectDomainPolicies,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_CheckPolicyRecursive (policyOID, policyQualifiers, subjectDomainPolicies, state-> validPolicyTree, state, &childNodeCreated, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERCHECKPOLICYRECURSIVEFAILED ; goto cleanup; } } while (0) | |||
1292 | state->validPolicyTree,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_CheckPolicyRecursive (policyOID, policyQualifiers, subjectDomainPolicies, state-> validPolicyTree, state, &childNodeCreated, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERCHECKPOLICYRECURSIVEFAILED ; goto cleanup; } } while (0) | |||
1293 | state,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_CheckPolicyRecursive (policyOID, policyQualifiers, subjectDomainPolicies, state-> validPolicyTree, state, &childNodeCreated, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERCHECKPOLICYRECURSIVEFAILED ; goto cleanup; } } while (0) | |||
1294 | &childNodeCreated,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_CheckPolicyRecursive (policyOID, policyQualifiers, subjectDomainPolicies, state-> validPolicyTree, state, &childNodeCreated, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERCHECKPOLICYRECURSIVEFAILED ; goto cleanup; } } while (0) | |||
1295 | plContext),do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_CheckPolicyRecursive (policyOID, policyQualifiers, subjectDomainPolicies, state-> validPolicyTree, state, &childNodeCreated, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERCHECKPOLICYRECURSIVEFAILED ; goto cleanup; } } while (0) | |||
1296 | PKIX_POLICYCHECKERCHECKPOLICYRECURSIVEFAILED)do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_CheckPolicyRecursive (policyOID, policyQualifiers, subjectDomainPolicies, state-> validPolicyTree, state, &childNodeCreated, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERCHECKPOLICYRECURSIVEFAILED ; goto cleanup; } } while (0); | |||
1297 | ||||
1298 | if (!childNodeCreated) { | |||
1299 | /* | |||
1300 | * Section 6.1.3(d)(1)(ii) | |||
1301 | * There was no match. If there was a node at | |||
1302 | * depth i-1 with valid policy anyPolicy, | |||
1303 | * generate a node subordinate to that. | |||
1304 | * | |||
1305 | * But that means this created node would be in | |||
1306 | * the valid-policy-node-set, and will be | |||
1307 | * pruned in 6.1.5(g)(iii)(2) unless it is in | |||
1308 | * the user-initial-policy-set or the user- | |||
1309 | * initial-policy-set is {anyPolicy}. So check, | |||
1310 | * and don't create it if it will be pruned. | |||
1311 | */ | |||
1312 | if (state->anyPolicyNodeAtBottom) { | |||
1313 | if (state->initialIsAnyPolicy) { | |||
1314 | okToSpawn = PKIX_TRUE((PKIX_Boolean) 1); | |||
1315 | } else { | |||
1316 | PKIX_CHECK(pkix_List_Containsdo { stdVars.aPkixErrorResult = (pkix_List_Contains (state-> mappedUserInitialPolicySet, (PKIX_PL_Object *)policyOID, & okToSpawn, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_LISTCONTAINSFAILED; goto cleanup; } } while (0) | |||
1317 | (state->mappedUserInitialPolicySet,do { stdVars.aPkixErrorResult = (pkix_List_Contains (state-> mappedUserInitialPolicySet, (PKIX_PL_Object *)policyOID, & okToSpawn, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_LISTCONTAINSFAILED; goto cleanup; } } while (0) | |||
1318 | (PKIX_PL_Object *)policyOID,do { stdVars.aPkixErrorResult = (pkix_List_Contains (state-> mappedUserInitialPolicySet, (PKIX_PL_Object *)policyOID, & okToSpawn, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_LISTCONTAINSFAILED; goto cleanup; } } while (0) | |||
1319 | &okToSpawn,do { stdVars.aPkixErrorResult = (pkix_List_Contains (state-> mappedUserInitialPolicySet, (PKIX_PL_Object *)policyOID, & okToSpawn, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_LISTCONTAINSFAILED; goto cleanup; } } while (0) | |||
1320 | plContext),do { stdVars.aPkixErrorResult = (pkix_List_Contains (state-> mappedUserInitialPolicySet, (PKIX_PL_Object *)policyOID, & okToSpawn, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_LISTCONTAINSFAILED; goto cleanup; } } while (0) | |||
1321 | PKIX_LISTCONTAINSFAILED)do { stdVars.aPkixErrorResult = (pkix_List_Contains (state-> mappedUserInitialPolicySet, (PKIX_PL_Object *)policyOID, & okToSpawn, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_LISTCONTAINSFAILED; goto cleanup; } } while (0); | |||
1322 | } | |||
1323 | if (okToSpawn) { | |||
1324 | PKIX_CHECK(pkix_PolicyChecker_Spawndo { stdVars.aPkixErrorResult = (pkix_PolicyChecker_Spawn (state ->anyPolicyNodeAtBottom, policyOID, policyQualifiers, subjectDomainPolicies , state, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_POLICYCHECKERSPAWNFAILED; goto cleanup ; } } while (0) | |||
1325 | (state->anyPolicyNodeAtBottom,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_Spawn (state ->anyPolicyNodeAtBottom, policyOID, policyQualifiers, subjectDomainPolicies , state, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_POLICYCHECKERSPAWNFAILED; goto cleanup ; } } while (0) | |||
1326 | policyOID,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_Spawn (state ->anyPolicyNodeAtBottom, policyOID, policyQualifiers, subjectDomainPolicies , state, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_POLICYCHECKERSPAWNFAILED; goto cleanup ; } } while (0) | |||
1327 | policyQualifiers,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_Spawn (state ->anyPolicyNodeAtBottom, policyOID, policyQualifiers, subjectDomainPolicies , state, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_POLICYCHECKERSPAWNFAILED; goto cleanup ; } } while (0) | |||
1328 | subjectDomainPolicies,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_Spawn (state ->anyPolicyNodeAtBottom, policyOID, policyQualifiers, subjectDomainPolicies , state, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_POLICYCHECKERSPAWNFAILED; goto cleanup ; } } while (0) | |||
1329 | state,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_Spawn (state ->anyPolicyNodeAtBottom, policyOID, policyQualifiers, subjectDomainPolicies , state, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_POLICYCHECKERSPAWNFAILED; goto cleanup ; } } while (0) | |||
1330 | plContext),do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_Spawn (state ->anyPolicyNodeAtBottom, policyOID, policyQualifiers, subjectDomainPolicies , state, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_POLICYCHECKERSPAWNFAILED; goto cleanup ; } } while (0) | |||
1331 | PKIX_POLICYCHECKERSPAWNFAILED)do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_Spawn (state ->anyPolicyNodeAtBottom, policyOID, policyQualifiers, subjectDomainPolicies , state, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_POLICYCHECKERSPAWNFAILED; goto cleanup ; } } while (0); | |||
1332 | childNodeCreated = PKIX_TRUE((PKIX_Boolean) 1); | |||
1333 | } | |||
1334 | } | |||
1335 | } | |||
1336 | ||||
1337 | if (childNodeCreated) { | |||
1338 | /* | |||
1339 | * If this policy had qualifiers, and the certificate policies | |||
1340 | * extension was marked critical, and the user cannot deal with | |||
1341 | * policy qualifiers, throw an error. | |||
1342 | */ | |||
1343 | if (policyQualifiers && | |||
1344 | state->certPoliciesCritical && | |||
1345 | state->policyQualifiersRejected) { | |||
1346 | PKIX_ERROR{ { if (pkixLoggersErrors) { pkix_Logger_CheckWithCode(pkixLoggersErrors , PKIX_QUALIFIERSINCRITICALCERTIFICATEPOLICYEXTENSION, ((void *)0), stdVars.aPkixType, 2, plContext); } } stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_QUALIFIERSINCRITICALCERTIFICATEPOLICYEXTENSION ; goto cleanup; } | |||
1347 | (PKIX_QUALIFIERSINCRITICALCERTIFICATEPOLICYEXTENSION){ { if (pkixLoggersErrors) { pkix_Logger_CheckWithCode(pkixLoggersErrors , PKIX_QUALIFIERSINCRITICALCERTIFICATEPOLICYEXTENSION, ((void *)0), stdVars.aPkixType, 2, plContext); } } stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_QUALIFIERSINCRITICALCERTIFICATEPOLICYEXTENSION ; goto cleanup; }; | |||
1348 | } | |||
1349 | /* | |||
1350 | * If the policy we just propagated was in the list of mapped | |||
1351 | * policies, remove it from the list. That list is used, at the | |||
1352 | * end, to determine policies that have not been propagated. | |||
1353 | */ | |||
1354 | if (state->mappedPolicyOIDs) { | |||
1355 | PKIX_CHECK(pkix_List_Containsdo { stdVars.aPkixErrorResult = (pkix_List_Contains (state-> mappedPolicyOIDs, (PKIX_PL_Object *)policyOID, &found, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCONTAINSFAILED; goto cleanup; } } while (0) | |||
1356 | (state->mappedPolicyOIDs,do { stdVars.aPkixErrorResult = (pkix_List_Contains (state-> mappedPolicyOIDs, (PKIX_PL_Object *)policyOID, &found, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCONTAINSFAILED; goto cleanup; } } while (0) | |||
1357 | (PKIX_PL_Object *)policyOID,do { stdVars.aPkixErrorResult = (pkix_List_Contains (state-> mappedPolicyOIDs, (PKIX_PL_Object *)policyOID, &found, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCONTAINSFAILED; goto cleanup; } } while (0) | |||
1358 | &found,do { stdVars.aPkixErrorResult = (pkix_List_Contains (state-> mappedPolicyOIDs, (PKIX_PL_Object *)policyOID, &found, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCONTAINSFAILED; goto cleanup; } } while (0) | |||
1359 | plContext),do { stdVars.aPkixErrorResult = (pkix_List_Contains (state-> mappedPolicyOIDs, (PKIX_PL_Object *)policyOID, &found, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCONTAINSFAILED; goto cleanup; } } while (0) | |||
1360 | PKIX_LISTCONTAINSFAILED)do { stdVars.aPkixErrorResult = (pkix_List_Contains (state-> mappedPolicyOIDs, (PKIX_PL_Object *)policyOID, &found, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCONTAINSFAILED; goto cleanup; } } while (0); | |||
1361 | if (found) { | |||
1362 | PKIX_CHECK(pkix_List_Removedo { stdVars.aPkixErrorResult = (pkix_List_Remove (state-> mappedPolicyOIDs, (PKIX_PL_Object *)policyOID, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTREMOVEFAILED ; goto cleanup; } } while (0) | |||
1363 | (state->mappedPolicyOIDs,do { stdVars.aPkixErrorResult = (pkix_List_Remove (state-> mappedPolicyOIDs, (PKIX_PL_Object *)policyOID, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTREMOVEFAILED ; goto cleanup; } } while (0) | |||
1364 | (PKIX_PL_Object *)policyOID,do { stdVars.aPkixErrorResult = (pkix_List_Remove (state-> mappedPolicyOIDs, (PKIX_PL_Object *)policyOID, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTREMOVEFAILED ; goto cleanup; } } while (0) | |||
1365 | plContext),do { stdVars.aPkixErrorResult = (pkix_List_Remove (state-> mappedPolicyOIDs, (PKIX_PL_Object *)policyOID, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTREMOVEFAILED ; goto cleanup; } } while (0) | |||
1366 | PKIX_LISTREMOVEFAILED)do { stdVars.aPkixErrorResult = (pkix_List_Remove (state-> mappedPolicyOIDs, (PKIX_PL_Object *)policyOID, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTREMOVEFAILED ; goto cleanup; } } while (0); | |||
1367 | } | |||
1368 | } | |||
1369 | } | |||
1370 | ||||
1371 | cleanup: | |||
1372 | ||||
1373 | PKIX_DECREF(subjectDomainPolicies)do { if (subjectDomainPolicies){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(subjectDomainPolicies), plContext); if ( stdVars.aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars .aPkixTempResult, plContext); stdVars.aPkixTempResult = ((void *)0); } subjectDomainPolicies = ((void*)0); } } while (0); | |||
1374 | ||||
1375 | PKIX_RETURN(CERTCHAINCHECKER)return PKIX_DoReturn(&stdVars, (PKIX_CERTCHAINCHECKER_ERROR ), ((PKIX_Boolean) 1), plContext);; | |||
1376 | } | |||
1377 | ||||
1378 | /* | |||
1379 | * FUNCTION: pkix_PolicyChecker_CheckAny | |||
1380 | * DESCRIPTION: | |||
1381 | * Performs the creation of PolicyNodes, for the PolicyNode pointed to by | |||
1382 | * "currentNode" and PolicyNodes subordinate to it, using the List of | |||
1383 | * qualifiers pointed to by "qualsOfAny", in accordance with the current | |||
1384 | * certificate's PolicyMaps pointed to by "policyMaps" and the current | |||
1385 | * PolicyCheckerState pointed to by "state". | |||
1386 | * | |||
1387 | * If the currentNode is not just above the bottom of the validPolicyTree, this | |||
1388 | * function calls itself recursively for each child of currentNode. At the | |||
1389 | * level just above the bottom, for each policy in the currentNode's | |||
1390 | * expectedPolicySet not already present in a child node, it creates a new | |||
1391 | * child node. The validPolicy of the child created, and its expectedPolicySet, | |||
1392 | * will be the policy from the currentNode's expectedPolicySet. The policy | |||
1393 | * qualifiers will be the qualifiers from the current certificate's anyPolicy, | |||
1394 | * the "qualsOfAny" parameter. If the currentNode's expectedSet includes | |||
1395 | * anyPolicy, a childNode will be created with a policy of anyPolicy. This is | |||
1396 | * the only way such a node can be created. | |||
1397 | * | |||
1398 | * This function is called only when anyPolicy is one of the current | |||
1399 | * certificate's policies. This function implements the processing described | |||
1400 | * in RFC3280 Section 6.1.3(d)(2). | |||
1401 | * | |||
1402 | * PARAMETERS: | |||
1403 | * "currentNode" | |||
1404 | * Address of PolicyNode whose descendants will be checked, if not at the | |||
1405 | * bottom of the tree; or whose expectedPolicySet will be compared to those | |||
1406 | * in "alreadyPresent", if at the bottom. Must be non-NULL. | |||
1407 | * "qualsOfAny" | |||
1408 | * Address of List of qualifiers of the anyPolicy in the current | |||
1409 | * certificate. May be empty or NULL. | |||
1410 | * "policyMaps" | |||
1411 | * Address of the List of PolicyMaps of the current certificate. May be | |||
1412 | * empty or NULL. | |||
1413 | * "state" | |||
1414 | * Address of the current state of the PKIX_PolicyChecker. | |||
1415 | * Must be non-NULL. | |||
1416 | * "plContext" | |||
1417 | * Platform-specific context pointer. | |||
1418 | * THREAD SAFETY: | |||
1419 | * Not Thread Safe (see Thread Safety Definitions in Programmer's Guide) | |||
1420 | * RETURNS: | |||
1421 | * Returns NULL if the function succeeds | |||
1422 | * Returns a CertChainChecker Error if the functions fails in a non-fatal way | |||
1423 | * Returns a Fatal Error if the function fails in an unrecoverable way | |||
1424 | */ | |||
1425 | static PKIX_Error * | |||
1426 | pkix_PolicyChecker_CheckAny( | |||
1427 | PKIX_PolicyNode *currentNode, | |||
1428 | PKIX_List *qualsOfAny, /* CertPolicyQualifiers */ | |||
1429 | PKIX_List *policyMaps, /* CertPolicyMaps */ | |||
1430 | PKIX_PolicyCheckerState *state, | |||
1431 | void *plContext) | |||
1432 | { | |||
1433 | PKIX_UInt32 depth = 0; | |||
1434 | PKIX_UInt32 numChildren = 0; | |||
1435 | PKIX_UInt32 childIx = 0; | |||
1436 | PKIX_UInt32 numPolicies = 0; | |||
1437 | PKIX_UInt32 polx = 0; | |||
1438 | PKIX_Boolean isIncluded = PKIX_FALSE((PKIX_Boolean) 0); | |||
1439 | PKIX_List *children = NULL((void*)0); /* PolicyNodes */ | |||
1440 | PKIX_PolicyNode *childNode = NULL((void*)0); | |||
1441 | PKIX_List *expectedPolicies = NULL((void*)0); /* OIDs */ | |||
1442 | PKIX_PL_OID *policyOID = NULL((void*)0); | |||
1443 | PKIX_PL_OID *childPolicy = NULL((void*)0); | |||
1444 | PKIX_List *subjectDomainPolicies = NULL((void*)0); /* OIDs */ | |||
1445 | ||||
1446 | PKIX_ENTER(CERTCHAINCHECKER, "pkix_PolicyChecker_CheckAny")static const char cMyFuncName[] = {"pkix_PolicyChecker_CheckAny" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTCHAINCHECKER_ERROR; ; do { if ( pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0);; | |||
1447 | PKIX_NULLCHECK_TWO(currentNode, state)do { if (((currentNode) == ((void*)0)) || ((state) == ((void* )0))){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars .aPkixErrorCode = PKIX_NULLARGUMENT; return PKIX_DoReturn(& stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean) 1), plContext);; } } while (0); | |||
1448 | ||||
1449 | PKIX_CHECK(PKIX_PolicyNode_GetDepthdo { stdVars.aPkixErrorResult = (PKIX_PolicyNode_GetDepth (currentNode , &depth, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_POLICYNODEGETDEPTHFAILED; goto cleanup ; } } while (0) | |||
1450 | (currentNode, &depth, plContext),do { stdVars.aPkixErrorResult = (PKIX_PolicyNode_GetDepth (currentNode , &depth, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_POLICYNODEGETDEPTHFAILED; goto cleanup ; } } while (0) | |||
1451 | PKIX_POLICYNODEGETDEPTHFAILED)do { stdVars.aPkixErrorResult = (PKIX_PolicyNode_GetDepth (currentNode , &depth, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_POLICYNODEGETDEPTHFAILED; goto cleanup ; } } while (0); | |||
1452 | ||||
1453 | PKIX_CHECK(pkix_PolicyNode_GetChildrenMutabledo { stdVars.aPkixErrorResult = (pkix_PolicyNode_GetChildrenMutable (currentNode, &children, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYNODEGETCHILDRENMUTABLEFAILED ; goto cleanup; } } while (0) | |||
1454 | (currentNode, &children, plContext),do { stdVars.aPkixErrorResult = (pkix_PolicyNode_GetChildrenMutable (currentNode, &children, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYNODEGETCHILDRENMUTABLEFAILED ; goto cleanup; } } while (0) | |||
1455 | PKIX_POLICYNODEGETCHILDRENMUTABLEFAILED)do { stdVars.aPkixErrorResult = (pkix_PolicyNode_GetChildrenMutable (currentNode, &children, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYNODEGETCHILDRENMUTABLEFAILED ; goto cleanup; } } while (0); | |||
1456 | ||||
1457 | if (children) { | |||
1458 | PKIX_CHECK(PKIX_List_GetLengthdo { stdVars.aPkixErrorResult = (PKIX_List_GetLength (children , &numChildren, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup ; } } while (0) | |||
1459 | (children, &numChildren, plContext),do { stdVars.aPkixErrorResult = (PKIX_List_GetLength (children , &numChildren, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup ; } } while (0) | |||
1460 | PKIX_LISTGETLENGTHFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_GetLength (children , &numChildren, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup ; } } while (0); | |||
1461 | } | |||
1462 | ||||
1463 | if (depth < (state->certsProcessed)) { | |||
1464 | for (childIx = 0; childIx < numChildren; childIx++) { | |||
1465 | ||||
1466 | PKIX_CHECK(PKIX_List_GetItemdo { stdVars.aPkixErrorResult = (PKIX_List_GetItem (children, childIx, (PKIX_PL_Object **)&childNode, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
1467 | (children,do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (children, childIx, (PKIX_PL_Object **)&childNode, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
1468 | childIx,do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (children, childIx, (PKIX_PL_Object **)&childNode, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
1469 | (PKIX_PL_Object **)&childNode,do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (children, childIx, (PKIX_PL_Object **)&childNode, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
1470 | plContext),do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (children, childIx, (PKIX_PL_Object **)&childNode, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
1471 | PKIX_LISTGETITEMFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (children, childIx, (PKIX_PL_Object **)&childNode, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0); | |||
1472 | ||||
1473 | PKIX_NULLCHECK_ONE(childNode)do { if ((childNode) == ((void*)0)){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT ; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean ) 1), plContext);; } } while (0); | |||
1474 | PKIX_CHECK(pkix_PolicyChecker_CheckAnydo { stdVars.aPkixErrorResult = (pkix_PolicyChecker_CheckAny ( childNode, qualsOfAny, policyMaps, state, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERCHECKANYFAILED ; goto cleanup; } } while (0) | |||
1475 | (childNode,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_CheckAny ( childNode, qualsOfAny, policyMaps, state, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERCHECKANYFAILED ; goto cleanup; } } while (0) | |||
1476 | qualsOfAny,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_CheckAny ( childNode, qualsOfAny, policyMaps, state, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERCHECKANYFAILED ; goto cleanup; } } while (0) | |||
1477 | policyMaps,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_CheckAny ( childNode, qualsOfAny, policyMaps, state, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERCHECKANYFAILED ; goto cleanup; } } while (0) | |||
1478 | state,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_CheckAny ( childNode, qualsOfAny, policyMaps, state, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERCHECKANYFAILED ; goto cleanup; } } while (0) | |||
1479 | plContext),do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_CheckAny ( childNode, qualsOfAny, policyMaps, state, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERCHECKANYFAILED ; goto cleanup; } } while (0) | |||
1480 | PKIX_POLICYCHECKERCHECKANYFAILED)do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_CheckAny ( childNode, qualsOfAny, policyMaps, state, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERCHECKANYFAILED ; goto cleanup; } } while (0); | |||
1481 | ||||
1482 | PKIX_DECREF(childNode)do { if (childNode){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(childNode), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } childNode = ((void *)0); } } while (0); | |||
1483 | } | |||
1484 | } else { /* if at the bottom of the tree */ | |||
1485 | ||||
1486 | PKIX_CHECK(PKIX_PolicyNode_GetExpectedPoliciesdo { stdVars.aPkixErrorResult = (PKIX_PolicyNode_GetExpectedPolicies (currentNode, &expectedPolicies, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_POLICYNODEGETEXPECTEDPOLICIESFAILED ; goto cleanup; } } while (0) | |||
1487 | (currentNode, &expectedPolicies, plContext),do { stdVars.aPkixErrorResult = (PKIX_PolicyNode_GetExpectedPolicies (currentNode, &expectedPolicies, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_POLICYNODEGETEXPECTEDPOLICIESFAILED ; goto cleanup; } } while (0) | |||
1488 | PKIX_POLICYNODEGETEXPECTEDPOLICIESFAILED)do { stdVars.aPkixErrorResult = (PKIX_PolicyNode_GetExpectedPolicies (currentNode, &expectedPolicies, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_POLICYNODEGETEXPECTEDPOLICIESFAILED ; goto cleanup; } } while (0); | |||
1489 | ||||
1490 | /* Expected Policy Set is not allowed to be NULL */ | |||
1491 | PKIX_NULLCHECK_ONE(expectedPolicies)do { if ((expectedPolicies) == ((void*)0)){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT ; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean ) 1), plContext);; } } while (0); | |||
1492 | ||||
1493 | PKIX_CHECK(PKIX_List_GetLengthdo { stdVars.aPkixErrorResult = (PKIX_List_GetLength (expectedPolicies , &numPolicies, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup ; } } while (0) | |||
1494 | (expectedPolicies, &numPolicies, plContext),do { stdVars.aPkixErrorResult = (PKIX_List_GetLength (expectedPolicies , &numPolicies, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup ; } } while (0) | |||
1495 | PKIX_LISTGETLENGTHFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_GetLength (expectedPolicies , &numPolicies, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup ; } } while (0); | |||
1496 | ||||
1497 | for (polx = 0; polx < numPolicies; polx++) { | |||
1498 | PKIX_CHECK(PKIX_List_GetItemdo { stdVars.aPkixErrorResult = (PKIX_List_GetItem (expectedPolicies , polx, (PKIX_PL_Object **)&policyOID, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
1499 | (expectedPolicies,do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (expectedPolicies , polx, (PKIX_PL_Object **)&policyOID, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
1500 | polx,do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (expectedPolicies , polx, (PKIX_PL_Object **)&policyOID, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
1501 | (PKIX_PL_Object **)&policyOID,do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (expectedPolicies , polx, (PKIX_PL_Object **)&policyOID, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
1502 | plContext),do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (expectedPolicies , polx, (PKIX_PL_Object **)&policyOID, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
1503 | PKIX_LISTGETITEMFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (expectedPolicies , polx, (PKIX_PL_Object **)&policyOID, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0); | |||
1504 | ||||
1505 | PKIX_NULLCHECK_ONE(policyOID)do { if ((policyOID) == ((void*)0)){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT ; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean ) 1), plContext);; } } while (0); | |||
1506 | ||||
1507 | isIncluded = PKIX_FALSE((PKIX_Boolean) 0); | |||
1508 | ||||
1509 | for (childIx = 0; | |||
1510 | (!isIncluded && (childIx < numChildren)); | |||
1511 | childIx++) { | |||
1512 | ||||
1513 | PKIX_CHECK(PKIX_List_GetItemdo { stdVars.aPkixErrorResult = (PKIX_List_GetItem (children, childIx, (PKIX_PL_Object **)&childNode, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
1514 | (children,do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (children, childIx, (PKIX_PL_Object **)&childNode, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
1515 | childIx,do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (children, childIx, (PKIX_PL_Object **)&childNode, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
1516 | (PKIX_PL_Object **)&childNode,do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (children, childIx, (PKIX_PL_Object **)&childNode, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
1517 | plContext),do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (children, childIx, (PKIX_PL_Object **)&childNode, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
1518 | PKIX_LISTGETITEMFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (children, childIx, (PKIX_PL_Object **)&childNode, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0); | |||
1519 | ||||
1520 | PKIX_NULLCHECK_ONE(childNode)do { if ((childNode) == ((void*)0)){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT ; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean ) 1), plContext);; } } while (0); | |||
1521 | ||||
1522 | PKIX_CHECK(PKIX_PolicyNode_GetValidPolicydo { stdVars.aPkixErrorResult = (PKIX_PolicyNode_GetValidPolicy (childNode, &childPolicy, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYNODEGETVALIDPOLICYFAILED ; goto cleanup; } } while (0) | |||
1523 | (childNode, &childPolicy, plContext),do { stdVars.aPkixErrorResult = (PKIX_PolicyNode_GetValidPolicy (childNode, &childPolicy, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYNODEGETVALIDPOLICYFAILED ; goto cleanup; } } while (0) | |||
1524 | PKIX_POLICYNODEGETVALIDPOLICYFAILED)do { stdVars.aPkixErrorResult = (PKIX_PolicyNode_GetValidPolicy (childNode, &childPolicy, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYNODEGETVALIDPOLICYFAILED ; goto cleanup; } } while (0); | |||
1525 | ||||
1526 | PKIX_NULLCHECK_ONE(childPolicy)do { if ((childPolicy) == ((void*)0)){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT ; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean ) 1), plContext);; } } while (0); | |||
1527 | ||||
1528 | PKIX_EQUALS(policyOID, childPolicy, &isIncluded, plContext,do { if ((policyOID) != ((void*)0) && (childPolicy) != ((void*)0)) { do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Equals ((PKIX_PL_Object *)(policyOID), (PKIX_PL_Object*)(childPolicy ), (&isIncluded), (plContext))); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = (PKIX_OBJECTEQUALSFAILED); goto cleanup ; } } while (0); } else if ((policyOID) == ((void*)0) && (childPolicy) == ((void*)0)) { *(&isIncluded) = ((PKIX_Boolean ) 1); } else { *(&isIncluded) = ((PKIX_Boolean) 0); } } while (0) | |||
1529 | PKIX_OBJECTEQUALSFAILED)do { if ((policyOID) != ((void*)0) && (childPolicy) != ((void*)0)) { do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Equals ((PKIX_PL_Object *)(policyOID), (PKIX_PL_Object*)(childPolicy ), (&isIncluded), (plContext))); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = (PKIX_OBJECTEQUALSFAILED); goto cleanup ; } } while (0); } else if ((policyOID) == ((void*)0) && (childPolicy) == ((void*)0)) { *(&isIncluded) = ((PKIX_Boolean ) 1); } else { *(&isIncluded) = ((PKIX_Boolean) 0); } } while (0); | |||
1530 | ||||
1531 | PKIX_DECREF(childNode)do { if (childNode){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(childNode), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } childNode = ((void *)0); } } while (0); | |||
1532 | PKIX_DECREF(childPolicy)do { if (childPolicy){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(childPolicy), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } childPolicy = ((void *)0); } } while (0); | |||
1533 | } | |||
1534 | ||||
1535 | if (!isIncluded) { | |||
1536 | if (policyMaps) { | |||
1537 | PKIX_CHECKdo { stdVars.aPkixErrorResult = (pkix_PolicyChecker_MapGetSubjectDomainPolicies (policyMaps, policyOID, &subjectDomainPolicies, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERMAPGETSUBJECTDOMAINPOLICIESFAILED; goto cleanup ; } } while (0) | |||
1538 | (pkix_PolicyChecker_MapGetSubjectDomainPoliciesdo { stdVars.aPkixErrorResult = (pkix_PolicyChecker_MapGetSubjectDomainPolicies (policyMaps, policyOID, &subjectDomainPolicies, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERMAPGETSUBJECTDOMAINPOLICIESFAILED; goto cleanup ; } } while (0) | |||
1539 | (policyMaps,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_MapGetSubjectDomainPolicies (policyMaps, policyOID, &subjectDomainPolicies, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERMAPGETSUBJECTDOMAINPOLICIESFAILED; goto cleanup ; } } while (0) | |||
1540 | policyOID,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_MapGetSubjectDomainPolicies (policyMaps, policyOID, &subjectDomainPolicies, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERMAPGETSUBJECTDOMAINPOLICIESFAILED; goto cleanup ; } } while (0) | |||
1541 | &subjectDomainPolicies,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_MapGetSubjectDomainPolicies (policyMaps, policyOID, &subjectDomainPolicies, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERMAPGETSUBJECTDOMAINPOLICIESFAILED; goto cleanup ; } } while (0) | |||
1542 | plContext),do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_MapGetSubjectDomainPolicies (policyMaps, policyOID, &subjectDomainPolicies, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERMAPGETSUBJECTDOMAINPOLICIESFAILED; goto cleanup ; } } while (0) | |||
1543 | PKIX_POLICYCHECKERMAPGETSUBJECTDOMAINPOLICIESFAILED)do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_MapGetSubjectDomainPolicies (policyMaps, policyOID, &subjectDomainPolicies, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERMAPGETSUBJECTDOMAINPOLICIESFAILED; goto cleanup ; } } while (0); | |||
1544 | } | |||
1545 | PKIX_CHECK(pkix_PolicyChecker_Spawndo { stdVars.aPkixErrorResult = (pkix_PolicyChecker_Spawn (currentNode , policyOID, qualsOfAny, subjectDomainPolicies, state, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERSPAWNFAILED; goto cleanup; } } while (0) | |||
1546 | (currentNode,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_Spawn (currentNode , policyOID, qualsOfAny, subjectDomainPolicies, state, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERSPAWNFAILED; goto cleanup; } } while (0) | |||
1547 | policyOID,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_Spawn (currentNode , policyOID, qualsOfAny, subjectDomainPolicies, state, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERSPAWNFAILED; goto cleanup; } } while (0) | |||
1548 | qualsOfAny,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_Spawn (currentNode , policyOID, qualsOfAny, subjectDomainPolicies, state, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERSPAWNFAILED; goto cleanup; } } while (0) | |||
1549 | subjectDomainPolicies,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_Spawn (currentNode , policyOID, qualsOfAny, subjectDomainPolicies, state, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERSPAWNFAILED; goto cleanup; } } while (0) | |||
1550 | state,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_Spawn (currentNode , policyOID, qualsOfAny, subjectDomainPolicies, state, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERSPAWNFAILED; goto cleanup; } } while (0) | |||
1551 | plContext),do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_Spawn (currentNode , policyOID, qualsOfAny, subjectDomainPolicies, state, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERSPAWNFAILED; goto cleanup; } } while (0) | |||
1552 | PKIX_POLICYCHECKERSPAWNFAILED)do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_Spawn (currentNode , policyOID, qualsOfAny, subjectDomainPolicies, state, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERSPAWNFAILED; goto cleanup; } } while (0); | |||
1553 | PKIX_DECREF(subjectDomainPolicies)do { if (subjectDomainPolicies){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(subjectDomainPolicies), plContext); if ( stdVars.aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars .aPkixTempResult, plContext); stdVars.aPkixTempResult = ((void *)0); } subjectDomainPolicies = ((void*)0); } } while (0); | |||
1554 | } | |||
1555 | ||||
1556 | PKIX_DECREF(policyOID)do { if (policyOID){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(policyOID), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } policyOID = ((void *)0); } } while (0); | |||
1557 | } | |||
1558 | } | |||
1559 | ||||
1560 | cleanup: | |||
1561 | ||||
1562 | PKIX_DECREF(children)do { if (children){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(children), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } children = ((void* )0); } } while (0); | |||
1563 | PKIX_DECREF(childNode)do { if (childNode){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(childNode), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } childNode = ((void *)0); } } while (0); | |||
1564 | PKIX_DECREF(expectedPolicies)do { if (expectedPolicies){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(expectedPolicies), plContext); if (stdVars .aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); } expectedPolicies = ((void*)0); } } while (0); | |||
1565 | PKIX_DECREF(policyOID)do { if (policyOID){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(policyOID), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } policyOID = ((void *)0); } } while (0); | |||
1566 | PKIX_DECREF(childPolicy)do { if (childPolicy){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(childPolicy), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } childPolicy = ((void *)0); } } while (0); | |||
1567 | PKIX_DECREF(subjectDomainPolicies)do { if (subjectDomainPolicies){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(subjectDomainPolicies), plContext); if ( stdVars.aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars .aPkixTempResult, plContext); stdVars.aPkixTempResult = ((void *)0); } subjectDomainPolicies = ((void*)0); } } while (0); | |||
1568 | ||||
1569 | PKIX_RETURN(CERTCHAINCHECKER)return PKIX_DoReturn(&stdVars, (PKIX_CERTCHAINCHECKER_ERROR ), ((PKIX_Boolean) 1), plContext);; | |||
1570 | ||||
1571 | } | |||
1572 | ||||
1573 | /* | |||
1574 | * FUNCTION: pkix_PolicyChecker_CalculateIntersection | |||
1575 | * DESCRIPTION: | |||
1576 | * | |||
1577 | * Processes the PolicyNode pointed to by "currentNode", and its descendants, | |||
1578 | * using the PolicyCheckerState pointed to by "state", using the List at | |||
1579 | * the address pointed to by "nominees" the OIDs of policies that are in the | |||
1580 | * user-initial-policy-set but are not represented among the nodes at the | |||
1581 | * bottom of the tree, and storing at "pShouldBePruned" the value TRUE if | |||
1582 | * currentNode is childless at the end of this processing, FALSE if it has | |||
1583 | * children or is at the bottom of the tree. | |||
1584 | * | |||
1585 | * When this function is called at the top level, "nominees" should be the List | |||
1586 | * of all policies in the user-initial-policy-set. Policies that are | |||
1587 | * represented in the valid-policy-node-set are removed from this List. As a | |||
1588 | * result when nodes are created according to 6.1.5.(g)(iii)(3)(b), a node will | |||
1589 | * be created for each policy remaining in this List. | |||
1590 | * | |||
1591 | * This function implements the calculation of the intersection of the | |||
1592 | * validPolicyTree with the user-initial-policy-set, as described in | |||
1593 | * RFC 3280 6.1.5(g)(iii). | |||
1594 | * | |||
1595 | * PARAMETERS: | |||
1596 | * "currentNode" | |||
1597 | * Address of PolicyNode whose descendants will be processed as described. | |||
1598 | * Must be non-NULL. | |||
1599 | * "state" | |||
1600 | * Address of the current state of the PKIX_PolicyChecker. Must be non-NULL | |||
1601 | * "nominees" | |||
1602 | * Address of List of the OIDs for which nodes should be created to replace | |||
1603 | * anyPolicy nodes. Must be non-NULL but may be empty. | |||
1604 | * "pShouldBePruned" | |||
1605 | * Address where Boolean return value, set to TRUE if this PolicyNode | |||
1606 | * should be deleted, is stored. Must be non-NULL. | |||
1607 | * "plContext" | |||
1608 | * Platform-specific context pointer. | |||
1609 | * THREAD SAFETY: | |||
1610 | * Not Thread Safe (see Thread Safety Definitions in Programmer's Guide) | |||
1611 | * RETURNS: | |||
1612 | * Returns NULL if the function succeeds | |||
1613 | * Returns a CertChainChecker Error if the functions fails in a non-fatal way | |||
1614 | * Returns a Fatal Error if the function fails in an unrecoverable way | |||
1615 | */ | |||
1616 | static PKIX_Error * | |||
1617 | pkix_PolicyChecker_CalculateIntersection( | |||
1618 | PKIX_PolicyNode *currentNode, | |||
1619 | PKIX_PolicyCheckerState *state, | |||
1620 | PKIX_List *nominees, /* OIDs */ | |||
1621 | PKIX_Boolean *pShouldBePruned, | |||
1622 | void *plContext) | |||
1623 | { | |||
1624 | PKIX_Boolean currentPolicyIsAny = PKIX_FALSE((PKIX_Boolean) 0); | |||
1625 | PKIX_Boolean parentPolicyIsAny = PKIX_FALSE((PKIX_Boolean) 0); | |||
1626 | PKIX_Boolean currentPolicyIsValid = PKIX_FALSE((PKIX_Boolean) 0); | |||
1627 | PKIX_Boolean shouldBePruned = PKIX_FALSE((PKIX_Boolean) 0); | |||
1628 | PKIX_Boolean priorCriticality = PKIX_FALSE((PKIX_Boolean) 0); | |||
1629 | PKIX_UInt32 depth = 0; | |||
1630 | PKIX_UInt32 numChildren = 0; | |||
1631 | PKIX_UInt32 childIndex = 0; | |||
1632 | PKIX_UInt32 numNominees = 0; | |||
1633 | PKIX_UInt32 polIx = 0; | |||
1634 | PKIX_PL_OID *currentPolicy = NULL((void*)0); | |||
1635 | PKIX_PL_OID *parentPolicy = NULL((void*)0); | |||
1636 | PKIX_PL_OID *substPolicy = NULL((void*)0); | |||
1637 | PKIX_PolicyNode *parent = NULL((void*)0); | |||
1638 | PKIX_PolicyNode *child = NULL((void*)0); | |||
1639 | PKIX_List *children = NULL((void*)0); /* PolicyNodes */ | |||
1640 | PKIX_List *policyQualifiers = NULL((void*)0); | |||
1641 | ||||
1642 | PKIX_ENTERstatic const char cMyFuncName[] = {"pkix_PolicyChecker_CalculateIntersection" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTCHAINCHECKER_ERROR; ; do { if ( pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0); | |||
1643 | (CERTCHAINCHECKER,static const char cMyFuncName[] = {"pkix_PolicyChecker_CalculateIntersection" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTCHAINCHECKER_ERROR; ; do { if ( pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0); | |||
1644 | "pkix_PolicyChecker_CalculateIntersection")static const char cMyFuncName[] = {"pkix_PolicyChecker_CalculateIntersection" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTCHAINCHECKER_ERROR; ; do { if ( pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0);; | |||
1645 | ||||
1646 | /* | |||
1647 | * We call this function if the valid_policy_tree is not NULL and | |||
1648 | * the user-initial-policy-set is not any-policy. | |||
1649 | */ | |||
1650 | if (!state->validPolicyTree || state->initialIsAnyPolicy) { | |||
1651 | PKIX_ERROR(PKIX_PRECONDITIONFAILED){ { if (pkixLoggersErrors) { pkix_Logger_CheckWithCode(pkixLoggersErrors , PKIX_PRECONDITIONFAILED, ((void*)0), stdVars.aPkixType, 2, plContext ); } } stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars .aPkixErrorCode = PKIX_PRECONDITIONFAILED; goto cleanup; }; | |||
1652 | } | |||
1653 | ||||
1654 | PKIX_NULLCHECK_FOUR(currentNode, state, nominees, pShouldBePruned)do { if (((currentNode) == ((void*)0)) || ((state) == ((void* )0)) || ((nominees) == ((void*)0)) || ((pShouldBePruned) == ( (void*)0))){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT; return PKIX_DoReturn (&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean) 1), plContext );; } } while (0); | |||
1655 | ||||
1656 | PKIX_CHECK(PKIX_PolicyNode_GetValidPolicydo { stdVars.aPkixErrorResult = (PKIX_PolicyNode_GetValidPolicy (currentNode, ¤tPolicy, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYNODEGETVALIDPOLICYFAILED ; goto cleanup; } } while (0) | |||
1657 | (currentNode, ¤tPolicy, plContext),do { stdVars.aPkixErrorResult = (PKIX_PolicyNode_GetValidPolicy (currentNode, ¤tPolicy, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYNODEGETVALIDPOLICYFAILED ; goto cleanup; } } while (0) | |||
1658 | PKIX_POLICYNODEGETVALIDPOLICYFAILED)do { stdVars.aPkixErrorResult = (PKIX_PolicyNode_GetValidPolicy (currentNode, ¤tPolicy, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYNODEGETVALIDPOLICYFAILED ; goto cleanup; } } while (0); | |||
1659 | ||||
1660 | PKIX_NULLCHECK_TWO(state->anyPolicyOID, currentPolicy)do { if (((state->anyPolicyOID) == ((void*)0)) || ((currentPolicy ) == ((void*)0))){ stdVars.aPkixErrorReceived = ((PKIX_Boolean ) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT; return PKIX_DoReturn (&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean) 1), plContext );; } } while (0); | |||
1661 | ||||
1662 | PKIX_EQUALSdo { if ((state->anyPolicyOID) != ((void*)0) && (currentPolicy ) != ((void*)0)) { do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Equals ((PKIX_PL_Object *)(state->anyPolicyOID), (PKIX_PL_Object *)(currentPolicy), (¤tPolicyIsAny), (plContext))); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = (PKIX_OBJECTEQUALSFAILED ); goto cleanup; } } while (0); } else if ((state->anyPolicyOID ) == ((void*)0) && (currentPolicy) == ((void*)0)) { * (¤tPolicyIsAny) = ((PKIX_Boolean) 1); } else { *(& currentPolicyIsAny) = ((PKIX_Boolean) 0); } } while (0) | |||
1663 | (state->anyPolicyOID,do { if ((state->anyPolicyOID) != ((void*)0) && (currentPolicy ) != ((void*)0)) { do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Equals ((PKIX_PL_Object *)(state->anyPolicyOID), (PKIX_PL_Object *)(currentPolicy), (¤tPolicyIsAny), (plContext))); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = (PKIX_OBJECTEQUALSFAILED ); goto cleanup; } } while (0); } else if ((state->anyPolicyOID ) == ((void*)0) && (currentPolicy) == ((void*)0)) { * (¤tPolicyIsAny) = ((PKIX_Boolean) 1); } else { *(& currentPolicyIsAny) = ((PKIX_Boolean) 0); } } while (0) | |||
1664 | currentPolicy,do { if ((state->anyPolicyOID) != ((void*)0) && (currentPolicy ) != ((void*)0)) { do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Equals ((PKIX_PL_Object *)(state->anyPolicyOID), (PKIX_PL_Object *)(currentPolicy), (¤tPolicyIsAny), (plContext))); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = (PKIX_OBJECTEQUALSFAILED ); goto cleanup; } } while (0); } else if ((state->anyPolicyOID ) == ((void*)0) && (currentPolicy) == ((void*)0)) { * (¤tPolicyIsAny) = ((PKIX_Boolean) 1); } else { *(& currentPolicyIsAny) = ((PKIX_Boolean) 0); } } while (0) | |||
1665 | ¤tPolicyIsAny,do { if ((state->anyPolicyOID) != ((void*)0) && (currentPolicy ) != ((void*)0)) { do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Equals ((PKIX_PL_Object *)(state->anyPolicyOID), (PKIX_PL_Object *)(currentPolicy), (¤tPolicyIsAny), (plContext))); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = (PKIX_OBJECTEQUALSFAILED ); goto cleanup; } } while (0); } else if ((state->anyPolicyOID ) == ((void*)0) && (currentPolicy) == ((void*)0)) { * (¤tPolicyIsAny) = ((PKIX_Boolean) 1); } else { *(& currentPolicyIsAny) = ((PKIX_Boolean) 0); } } while (0) | |||
1666 | plContext,do { if ((state->anyPolicyOID) != ((void*)0) && (currentPolicy ) != ((void*)0)) { do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Equals ((PKIX_PL_Object *)(state->anyPolicyOID), (PKIX_PL_Object *)(currentPolicy), (¤tPolicyIsAny), (plContext))); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = (PKIX_OBJECTEQUALSFAILED ); goto cleanup; } } while (0); } else if ((state->anyPolicyOID ) == ((void*)0) && (currentPolicy) == ((void*)0)) { * (¤tPolicyIsAny) = ((PKIX_Boolean) 1); } else { *(& currentPolicyIsAny) = ((PKIX_Boolean) 0); } } while (0) | |||
1667 | PKIX_OBJECTEQUALSFAILED)do { if ((state->anyPolicyOID) != ((void*)0) && (currentPolicy ) != ((void*)0)) { do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Equals ((PKIX_PL_Object *)(state->anyPolicyOID), (PKIX_PL_Object *)(currentPolicy), (¤tPolicyIsAny), (plContext))); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = (PKIX_OBJECTEQUALSFAILED ); goto cleanup; } } while (0); } else if ((state->anyPolicyOID ) == ((void*)0) && (currentPolicy) == ((void*)0)) { * (¤tPolicyIsAny) = ((PKIX_Boolean) 1); } else { *(& currentPolicyIsAny) = ((PKIX_Boolean) 0); } } while (0); | |||
1668 | ||||
1669 | PKIX_CHECK(PKIX_PolicyNode_GetParent(currentNode, &parent, plContext),do { stdVars.aPkixErrorResult = (PKIX_PolicyNode_GetParent(currentNode , &parent, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_POLICYNODEGETPARENTFAILED; goto cleanup ; } } while (0) | |||
1670 | PKIX_POLICYNODEGETPARENTFAILED)do { stdVars.aPkixErrorResult = (PKIX_PolicyNode_GetParent(currentNode , &parent, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_POLICYNODEGETPARENTFAILED; goto cleanup ; } } while (0); | |||
1671 | ||||
1672 | if (currentPolicyIsAny == PKIX_FALSE((PKIX_Boolean) 0)) { | |||
1673 | ||||
1674 | /* | |||
1675 | * If we are at the top of the tree, or if our | |||
1676 | * parent's validPolicy is anyPolicy, we are in | |||
1677 | * the valid policy node set. | |||
1678 | */ | |||
1679 | if (parent) { | |||
1680 | PKIX_CHECK(PKIX_PolicyNode_GetValidPolicydo { stdVars.aPkixErrorResult = (PKIX_PolicyNode_GetValidPolicy (parent, &parentPolicy, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYNODEGETVALIDPOLICYFAILED ; goto cleanup; } } while (0) | |||
1681 | (parent, &parentPolicy, plContext),do { stdVars.aPkixErrorResult = (PKIX_PolicyNode_GetValidPolicy (parent, &parentPolicy, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYNODEGETVALIDPOLICYFAILED ; goto cleanup; } } while (0) | |||
1682 | PKIX_POLICYNODEGETVALIDPOLICYFAILED)do { stdVars.aPkixErrorResult = (PKIX_PolicyNode_GetValidPolicy (parent, &parentPolicy, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYNODEGETVALIDPOLICYFAILED ; goto cleanup; } } while (0); | |||
1683 | ||||
1684 | PKIX_NULLCHECK_ONE(parentPolicy)do { if ((parentPolicy) == ((void*)0)){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT ; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean ) 1), plContext);; } } while (0); | |||
1685 | ||||
1686 | PKIX_EQUALSdo { if ((state->anyPolicyOID) != ((void*)0) && (parentPolicy ) != ((void*)0)) { do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Equals ((PKIX_PL_Object *)(state->anyPolicyOID), (PKIX_PL_Object *)(parentPolicy), (&parentPolicyIsAny), (plContext))); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = (PKIX_OBJECTEQUALSFAILED ); goto cleanup; } } while (0); } else if ((state->anyPolicyOID ) == ((void*)0) && (parentPolicy) == ((void*)0)) { *( &parentPolicyIsAny) = ((PKIX_Boolean) 1); } else { *(& parentPolicyIsAny) = ((PKIX_Boolean) 0); } } while (0) | |||
1687 | (state->anyPolicyOID,do { if ((state->anyPolicyOID) != ((void*)0) && (parentPolicy ) != ((void*)0)) { do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Equals ((PKIX_PL_Object *)(state->anyPolicyOID), (PKIX_PL_Object *)(parentPolicy), (&parentPolicyIsAny), (plContext))); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = (PKIX_OBJECTEQUALSFAILED ); goto cleanup; } } while (0); } else if ((state->anyPolicyOID ) == ((void*)0) && (parentPolicy) == ((void*)0)) { *( &parentPolicyIsAny) = ((PKIX_Boolean) 1); } else { *(& parentPolicyIsAny) = ((PKIX_Boolean) 0); } } while (0) | |||
1688 | parentPolicy,do { if ((state->anyPolicyOID) != ((void*)0) && (parentPolicy ) != ((void*)0)) { do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Equals ((PKIX_PL_Object *)(state->anyPolicyOID), (PKIX_PL_Object *)(parentPolicy), (&parentPolicyIsAny), (plContext))); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = (PKIX_OBJECTEQUALSFAILED ); goto cleanup; } } while (0); } else if ((state->anyPolicyOID ) == ((void*)0) && (parentPolicy) == ((void*)0)) { *( &parentPolicyIsAny) = ((PKIX_Boolean) 1); } else { *(& parentPolicyIsAny) = ((PKIX_Boolean) 0); } } while (0) | |||
1689 | &parentPolicyIsAny,do { if ((state->anyPolicyOID) != ((void*)0) && (parentPolicy ) != ((void*)0)) { do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Equals ((PKIX_PL_Object *)(state->anyPolicyOID), (PKIX_PL_Object *)(parentPolicy), (&parentPolicyIsAny), (plContext))); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = (PKIX_OBJECTEQUALSFAILED ); goto cleanup; } } while (0); } else if ((state->anyPolicyOID ) == ((void*)0) && (parentPolicy) == ((void*)0)) { *( &parentPolicyIsAny) = ((PKIX_Boolean) 1); } else { *(& parentPolicyIsAny) = ((PKIX_Boolean) 0); } } while (0) | |||
1690 | plContext,do { if ((state->anyPolicyOID) != ((void*)0) && (parentPolicy ) != ((void*)0)) { do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Equals ((PKIX_PL_Object *)(state->anyPolicyOID), (PKIX_PL_Object *)(parentPolicy), (&parentPolicyIsAny), (plContext))); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = (PKIX_OBJECTEQUALSFAILED ); goto cleanup; } } while (0); } else if ((state->anyPolicyOID ) == ((void*)0) && (parentPolicy) == ((void*)0)) { *( &parentPolicyIsAny) = ((PKIX_Boolean) 1); } else { *(& parentPolicyIsAny) = ((PKIX_Boolean) 0); } } while (0) | |||
1691 | PKIX_OBJECTEQUALSFAILED)do { if ((state->anyPolicyOID) != ((void*)0) && (parentPolicy ) != ((void*)0)) { do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Equals ((PKIX_PL_Object *)(state->anyPolicyOID), (PKIX_PL_Object *)(parentPolicy), (&parentPolicyIsAny), (plContext))); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = (PKIX_OBJECTEQUALSFAILED ); goto cleanup; } } while (0); } else if ((state->anyPolicyOID ) == ((void*)0) && (parentPolicy) == ((void*)0)) { *( &parentPolicyIsAny) = ((PKIX_Boolean) 1); } else { *(& parentPolicyIsAny) = ((PKIX_Boolean) 0); } } while (0); | |||
1692 | } | |||
1693 | ||||
1694 | /* | |||
1695 | * Section 6.1.5(g)(iii)(2) | |||
1696 | * If this node's policy is not in the user-initial-policy-set, | |||
1697 | * it is not in the intersection. Prune it. | |||
1698 | */ | |||
1699 | if (!parent || parentPolicyIsAny) { | |||
1700 | PKIX_CHECK(pkix_List_Containsdo { stdVars.aPkixErrorResult = (pkix_List_Contains (state-> userInitialPolicySet, (PKIX_PL_Object *)currentPolicy, ¤tPolicyIsValid , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCONTAINSFAILED; goto cleanup; } } while (0) | |||
1701 | (state->userInitialPolicySet,do { stdVars.aPkixErrorResult = (pkix_List_Contains (state-> userInitialPolicySet, (PKIX_PL_Object *)currentPolicy, ¤tPolicyIsValid , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCONTAINSFAILED; goto cleanup; } } while (0) | |||
1702 | (PKIX_PL_Object *)currentPolicy,do { stdVars.aPkixErrorResult = (pkix_List_Contains (state-> userInitialPolicySet, (PKIX_PL_Object *)currentPolicy, ¤tPolicyIsValid , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCONTAINSFAILED; goto cleanup; } } while (0) | |||
1703 | ¤tPolicyIsValid,do { stdVars.aPkixErrorResult = (pkix_List_Contains (state-> userInitialPolicySet, (PKIX_PL_Object *)currentPolicy, ¤tPolicyIsValid , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCONTAINSFAILED; goto cleanup; } } while (0) | |||
1704 | plContext),do { stdVars.aPkixErrorResult = (pkix_List_Contains (state-> userInitialPolicySet, (PKIX_PL_Object *)currentPolicy, ¤tPolicyIsValid , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCONTAINSFAILED; goto cleanup; } } while (0) | |||
1705 | PKIX_LISTCONTAINSFAILED)do { stdVars.aPkixErrorResult = (pkix_List_Contains (state-> userInitialPolicySet, (PKIX_PL_Object *)currentPolicy, ¤tPolicyIsValid , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCONTAINSFAILED; goto cleanup; } } while (0); | |||
1706 | if (!currentPolicyIsValid) { | |||
1707 | *pShouldBePruned = PKIX_TRUE((PKIX_Boolean) 1); | |||
1708 | goto cleanup; | |||
1709 | } | |||
1710 | ||||
1711 | /* | |||
1712 | * If this node's policy is in the user-initial-policy- | |||
1713 | * set, it will propagate that policy into the next | |||
1714 | * level of the tree. Remove the policy from the list | |||
1715 | * of policies that an anyPolicy will spawn. | |||
1716 | */ | |||
1717 | PKIX_CHECK(pkix_List_Removedo { stdVars.aPkixErrorResult = (pkix_List_Remove (nominees, ( PKIX_PL_Object *)currentPolicy, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTREMOVEFAILED; goto cleanup ; } } while (0) | |||
1718 | (nominees,do { stdVars.aPkixErrorResult = (pkix_List_Remove (nominees, ( PKIX_PL_Object *)currentPolicy, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTREMOVEFAILED; goto cleanup ; } } while (0) | |||
1719 | (PKIX_PL_Object *)currentPolicy,do { stdVars.aPkixErrorResult = (pkix_List_Remove (nominees, ( PKIX_PL_Object *)currentPolicy, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTREMOVEFAILED; goto cleanup ; } } while (0) | |||
1720 | plContext),do { stdVars.aPkixErrorResult = (pkix_List_Remove (nominees, ( PKIX_PL_Object *)currentPolicy, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTREMOVEFAILED; goto cleanup ; } } while (0) | |||
1721 | PKIX_LISTREMOVEFAILED)do { stdVars.aPkixErrorResult = (pkix_List_Remove (nominees, ( PKIX_PL_Object *)currentPolicy, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTREMOVEFAILED; goto cleanup ; } } while (0); | |||
1722 | } | |||
1723 | } | |||
1724 | ||||
1725 | ||||
1726 | /* Are we at the bottom of the tree? */ | |||
1727 | ||||
1728 | PKIX_CHECK(PKIX_PolicyNode_GetDepthdo { stdVars.aPkixErrorResult = (PKIX_PolicyNode_GetDepth (currentNode , &depth, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_POLICYNODEGETDEPTHFAILED; goto cleanup ; } } while (0) | |||
1729 | (currentNode, &depth, plContext),do { stdVars.aPkixErrorResult = (PKIX_PolicyNode_GetDepth (currentNode , &depth, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_POLICYNODEGETDEPTHFAILED; goto cleanup ; } } while (0) | |||
1730 | PKIX_POLICYNODEGETDEPTHFAILED)do { stdVars.aPkixErrorResult = (PKIX_PolicyNode_GetDepth (currentNode , &depth, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_POLICYNODEGETDEPTHFAILED; goto cleanup ; } } while (0); | |||
1731 | ||||
1732 | if (depth == (state->numCerts)) { | |||
1733 | /* | |||
1734 | * Section 6.1.5(g)(iii)(3) | |||
1735 | * Replace anyPolicy nodes... | |||
1736 | */ | |||
1737 | if (currentPolicyIsAny == PKIX_TRUE((PKIX_Boolean) 1)) { | |||
1738 | ||||
1739 | /* replace this node */ | |||
1740 | ||||
1741 | PKIX_CHECK(PKIX_List_GetLengthdo { stdVars.aPkixErrorResult = (PKIX_List_GetLength (nominees , &numNominees, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup ; } } while (0) | |||
1742 | (nominees, &numNominees, plContext),do { stdVars.aPkixErrorResult = (PKIX_List_GetLength (nominees , &numNominees, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup ; } } while (0) | |||
1743 | PKIX_LISTGETLENGTHFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_GetLength (nominees , &numNominees, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup ; } } while (0); | |||
1744 | ||||
1745 | if (numNominees) { | |||
1746 | ||||
1747 | PKIX_CHECK(PKIX_PolicyNode_GetPolicyQualifiersdo { stdVars.aPkixErrorResult = (PKIX_PolicyNode_GetPolicyQualifiers (currentNode, &policyQualifiers, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_POLICYNODEGETPOLICYQUALIFIERSFAILED ; goto cleanup; } } while (0) | |||
1748 | (currentNode,do { stdVars.aPkixErrorResult = (PKIX_PolicyNode_GetPolicyQualifiers (currentNode, &policyQualifiers, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_POLICYNODEGETPOLICYQUALIFIERSFAILED ; goto cleanup; } } while (0) | |||
1749 | &policyQualifiers,do { stdVars.aPkixErrorResult = (PKIX_PolicyNode_GetPolicyQualifiers (currentNode, &policyQualifiers, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_POLICYNODEGETPOLICYQUALIFIERSFAILED ; goto cleanup; } } while (0) | |||
1750 | plContext),do { stdVars.aPkixErrorResult = (PKIX_PolicyNode_GetPolicyQualifiers (currentNode, &policyQualifiers, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_POLICYNODEGETPOLICYQUALIFIERSFAILED ; goto cleanup; } } while (0) | |||
1751 | PKIX_POLICYNODEGETPOLICYQUALIFIERSFAILED)do { stdVars.aPkixErrorResult = (PKIX_PolicyNode_GetPolicyQualifiers (currentNode, &policyQualifiers, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_POLICYNODEGETPOLICYQUALIFIERSFAILED ; goto cleanup; } } while (0); | |||
1752 | ||||
1753 | PKIX_CHECK(PKIX_PolicyNode_IsCriticaldo { stdVars.aPkixErrorResult = (PKIX_PolicyNode_IsCritical ( currentNode, &priorCriticality, plContext)); if (stdVars. aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_POLICYNODEISCRITICALFAILED ; goto cleanup; } } while (0) | |||
1754 | (currentNode, &priorCriticality, plContext),do { stdVars.aPkixErrorResult = (PKIX_PolicyNode_IsCritical ( currentNode, &priorCriticality, plContext)); if (stdVars. aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_POLICYNODEISCRITICALFAILED ; goto cleanup; } } while (0) | |||
1755 | PKIX_POLICYNODEISCRITICALFAILED)do { stdVars.aPkixErrorResult = (PKIX_PolicyNode_IsCritical ( currentNode, &priorCriticality, plContext)); if (stdVars. aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_POLICYNODEISCRITICALFAILED ; goto cleanup; } } while (0); | |||
1756 | } | |||
1757 | ||||
1758 | PKIX_NULLCHECK_ONE(parent)do { if ((parent) == ((void*)0)){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT ; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean ) 1), plContext);; } } while (0); | |||
1759 | ||||
1760 | for (polIx = 0; polIx < numNominees; polIx++) { | |||
1761 | ||||
1762 | PKIX_CHECK(PKIX_List_GetItemdo { stdVars.aPkixErrorResult = (PKIX_List_GetItem (nominees, polIx, (PKIX_PL_Object **)&substPolicy, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
1763 | (nominees,do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (nominees, polIx, (PKIX_PL_Object **)&substPolicy, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
1764 | polIx,do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (nominees, polIx, (PKIX_PL_Object **)&substPolicy, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
1765 | (PKIX_PL_Object **)&substPolicy,do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (nominees, polIx, (PKIX_PL_Object **)&substPolicy, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
1766 | plContext),do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (nominees, polIx, (PKIX_PL_Object **)&substPolicy, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
1767 | PKIX_LISTGETITEMFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (nominees, polIx, (PKIX_PL_Object **)&substPolicy, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0); | |||
1768 | ||||
1769 | PKIX_CHECK(pkix_PolicyChecker_Spawndo { stdVars.aPkixErrorResult = (pkix_PolicyChecker_Spawn (parent , substPolicy, policyQualifiers, ((void*)0), state, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERSPAWNFAILED; goto cleanup; } } while (0) | |||
1770 | (parent,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_Spawn (parent , substPolicy, policyQualifiers, ((void*)0), state, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERSPAWNFAILED; goto cleanup; } } while (0) | |||
1771 | substPolicy,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_Spawn (parent , substPolicy, policyQualifiers, ((void*)0), state, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERSPAWNFAILED; goto cleanup; } } while (0) | |||
1772 | policyQualifiers,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_Spawn (parent , substPolicy, policyQualifiers, ((void*)0), state, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERSPAWNFAILED; goto cleanup; } } while (0) | |||
1773 | NULL,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_Spawn (parent , substPolicy, policyQualifiers, ((void*)0), state, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERSPAWNFAILED; goto cleanup; } } while (0) | |||
1774 | state,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_Spawn (parent , substPolicy, policyQualifiers, ((void*)0), state, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERSPAWNFAILED; goto cleanup; } } while (0) | |||
1775 | plContext),do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_Spawn (parent , substPolicy, policyQualifiers, ((void*)0), state, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERSPAWNFAILED; goto cleanup; } } while (0) | |||
1776 | PKIX_POLICYCHECKERSPAWNFAILED)do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_Spawn (parent , substPolicy, policyQualifiers, ((void*)0), state, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERSPAWNFAILED; goto cleanup; } } while (0); | |||
1777 | ||||
1778 | PKIX_DECREF(substPolicy)do { if (substPolicy){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(substPolicy), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } substPolicy = ((void *)0); } } while (0); | |||
1779 | ||||
1780 | } | |||
1781 | /* remove currentNode from parent */ | |||
1782 | *pShouldBePruned = PKIX_TRUE((PKIX_Boolean) 1); | |||
1783 | /* | |||
1784 | * We can get away with augmenting the parent's List | |||
1785 | * of children because we started at the end and went | |||
1786 | * toward the beginning. New nodes are added at the end. | |||
1787 | */ | |||
1788 | } | |||
1789 | } else { | |||
1790 | /* | |||
1791 | * Section 6.1.5(g)(iii)(4) | |||
1792 | * Prune any childless nodes above the bottom level | |||
1793 | */ | |||
1794 | PKIX_CHECK(pkix_PolicyNode_GetChildrenMutabledo { stdVars.aPkixErrorResult = (pkix_PolicyNode_GetChildrenMutable (currentNode, &children, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYNODEGETCHILDRENMUTABLEFAILED ; goto cleanup; } } while (0) | |||
1795 | (currentNode, &children, plContext),do { stdVars.aPkixErrorResult = (pkix_PolicyNode_GetChildrenMutable (currentNode, &children, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYNODEGETCHILDRENMUTABLEFAILED ; goto cleanup; } } while (0) | |||
1796 | PKIX_POLICYNODEGETCHILDRENMUTABLEFAILED)do { stdVars.aPkixErrorResult = (pkix_PolicyNode_GetChildrenMutable (currentNode, &children, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYNODEGETCHILDRENMUTABLEFAILED ; goto cleanup; } } while (0); | |||
1797 | ||||
1798 | /* CurrentNode should have been pruned if childless. */ | |||
1799 | PKIX_NULLCHECK_ONE(children)do { if ((children) == ((void*)0)){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT ; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean ) 1), plContext);; } } while (0); | |||
1800 | ||||
1801 | PKIX_CHECK(PKIX_List_GetLengthdo { stdVars.aPkixErrorResult = (PKIX_List_GetLength (children , &numChildren, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup ; } } while (0) | |||
1802 | (children, &numChildren, plContext),do { stdVars.aPkixErrorResult = (PKIX_List_GetLength (children , &numChildren, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup ; } } while (0) | |||
1803 | PKIX_LISTGETLENGTHFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_GetLength (children , &numChildren, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup ; } } while (0); | |||
1804 | ||||
1805 | for (childIndex = numChildren; childIndex > 0; childIndex--) { | |||
1806 | ||||
1807 | PKIX_CHECK(PKIX_List_GetItemdo { stdVars.aPkixErrorResult = (PKIX_List_GetItem (children, childIndex - 1, (PKIX_PL_Object **)&child, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
1808 | (children,do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (children, childIndex - 1, (PKIX_PL_Object **)&child, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
1809 | childIndex - 1,do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (children, childIndex - 1, (PKIX_PL_Object **)&child, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
1810 | (PKIX_PL_Object **)&child,do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (children, childIndex - 1, (PKIX_PL_Object **)&child, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
1811 | plContext),do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (children, childIndex - 1, (PKIX_PL_Object **)&child, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
1812 | PKIX_LISTGETITEMFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (children, childIndex - 1, (PKIX_PL_Object **)&child, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0); | |||
1813 | ||||
1814 | PKIX_CHECK(pkix_PolicyChecker_CalculateIntersectiondo { stdVars.aPkixErrorResult = (pkix_PolicyChecker_CalculateIntersection (child, state, nominees, &shouldBePruned, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERCALCULATEINTERSECTIONFAILED ; goto cleanup; } } while (0) | |||
1815 | (child, state, nominees, &shouldBePruned, plContext),do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_CalculateIntersection (child, state, nominees, &shouldBePruned, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERCALCULATEINTERSECTIONFAILED ; goto cleanup; } } while (0) | |||
1816 | PKIX_POLICYCHECKERCALCULATEINTERSECTIONFAILED)do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_CalculateIntersection (child, state, nominees, &shouldBePruned, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERCALCULATEINTERSECTIONFAILED ; goto cleanup; } } while (0); | |||
1817 | ||||
1818 | if (PKIX_TRUE((PKIX_Boolean) 1) == shouldBePruned) { | |||
1819 | ||||
1820 | PKIX_CHECK(PKIX_List_DeleteItemdo { stdVars.aPkixErrorResult = (PKIX_List_DeleteItem (children , childIndex - 1, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTDELETEITEMFAILED; goto cleanup ; } } while (0) | |||
1821 | (children, childIndex - 1, plContext),do { stdVars.aPkixErrorResult = (PKIX_List_DeleteItem (children , childIndex - 1, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTDELETEITEMFAILED; goto cleanup ; } } while (0) | |||
1822 | PKIX_LISTDELETEITEMFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_DeleteItem (children , childIndex - 1, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTDELETEITEMFAILED; goto cleanup ; } } while (0); | |||
1823 | PKIX_CHECK(PKIX_PL_Object_InvalidateCachedo { stdVars.aPkixErrorResult = (PKIX_PL_Object_InvalidateCache ((PKIX_PL_Object *)state, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_OBJECTINVALIDATECACHEFAILED; goto cleanup; } } while (0) | |||
1824 | ((PKIX_PL_Object *)state, plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_Object_InvalidateCache ((PKIX_PL_Object *)state, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_OBJECTINVALIDATECACHEFAILED; goto cleanup; } } while (0) | |||
1825 | PKIX_OBJECTINVALIDATECACHEFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_Object_InvalidateCache ((PKIX_PL_Object *)state, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_OBJECTINVALIDATECACHEFAILED; goto cleanup; } } while (0); | |||
1826 | } | |||
1827 | ||||
1828 | PKIX_DECREF(child)do { if (child){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(child), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } child = ((void*)0) ; } } while (0); | |||
1829 | } | |||
1830 | ||||
1831 | PKIX_CHECK(PKIX_List_GetLengthdo { stdVars.aPkixErrorResult = (PKIX_List_GetLength (children , &numChildren, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup ; } } while (0) | |||
1832 | (children, &numChildren, plContext),do { stdVars.aPkixErrorResult = (PKIX_List_GetLength (children , &numChildren, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup ; } } while (0) | |||
1833 | PKIX_LISTGETLENGTHFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_GetLength (children , &numChildren, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup ; } } while (0); | |||
1834 | ||||
1835 | if (numChildren == 0) { | |||
1836 | *pShouldBePruned = PKIX_TRUE((PKIX_Boolean) 1); | |||
1837 | } | |||
1838 | } | |||
1839 | cleanup: | |||
1840 | PKIX_DECREF(currentPolicy)do { if (currentPolicy){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(currentPolicy), plContext); if (stdVars. aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); } currentPolicy = ((void*)0); } } while (0); | |||
1841 | PKIX_DECREF(parentPolicy)do { if (parentPolicy){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(parentPolicy), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } parentPolicy = ((void *)0); } } while (0); | |||
1842 | PKIX_DECREF(substPolicy)do { if (substPolicy){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(substPolicy), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } substPolicy = ((void *)0); } } while (0); | |||
1843 | PKIX_DECREF(parent)do { if (parent){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(parent), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } parent = ((void*)0 ); } } while (0); | |||
1844 | PKIX_DECREF(child)do { if (child){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(child), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } child = ((void*)0) ; } } while (0); | |||
1845 | PKIX_DECREF(children)do { if (children){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(children), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } children = ((void* )0); } } while (0); | |||
1846 | PKIX_DECREF(policyQualifiers)do { if (policyQualifiers){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(policyQualifiers), plContext); if (stdVars .aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); } policyQualifiers = ((void*)0); } } while (0); | |||
1847 | ||||
1848 | PKIX_RETURN(CERTCHAINCHECKER)return PKIX_DoReturn(&stdVars, (PKIX_CERTCHAINCHECKER_ERROR ), ((PKIX_Boolean) 1), plContext);; | |||
1849 | ||||
1850 | } | |||
1851 | ||||
1852 | /* | |||
1853 | * FUNCTION: pkix_PolicyChecker_PolicyMapProcessing | |||
1854 | * DESCRIPTION: | |||
1855 | * | |||
1856 | * Performs the processing of Policies in the List of CertPolicyMaps pointed | |||
1857 | * to by "policyMaps", using and updating the PolicyCheckerState pointed to by | |||
1858 | * "state". | |||
1859 | * | |||
1860 | * This function implements the policyMap processing described in RFC3280 | |||
1861 | * Section 6.1.4(b)(1), after certificate i has been processed, in preparation | |||
1862 | * for certificate i+1. Section references are to that document. | |||
1863 | * | |||
1864 | * PARAMETERS: | |||
1865 | * "policyMaps" | |||
1866 | * Address of the List of CertPolicyMaps presented by certificate i. | |||
1867 | * Must be non-NULL. | |||
1868 | * "certPoliciesIncludeAny" | |||
1869 | * Boolean value which is PKIX_TRUE if the current certificate asserts | |||
1870 | * anyPolicy, PKIX_FALSE otherwise. | |||
1871 | * "qualsOfAny" | |||
1872 | * Address of List of qualifiers of the anyPolicy in the current | |||
1873 | * certificate. May be empty or NULL. | |||
1874 | * "state" | |||
1875 | * Address of the current state of the PKIX_PolicyChecker. | |||
1876 | * Must be non-NULL. | |||
1877 | * "plContext" | |||
1878 | * Platform-specific context pointer. | |||
1879 | * THREAD SAFETY: | |||
1880 | * Not Thread Safe (see Thread Safety Definitions in Programmer's Guide) | |||
1881 | * RETURNS: | |||
1882 | * Returns NULL if the function succeeds | |||
1883 | * Returns a CertChainChecker Error if the functions fails in a non-fatal way | |||
1884 | * Returns a Fatal Error if the function fails in an unrecoverable way | |||
1885 | */ | |||
1886 | static PKIX_Error * | |||
1887 | pkix_PolicyChecker_PolicyMapProcessing( | |||
1888 | PKIX_List *policyMaps, /* CertPolicyMaps */ | |||
1889 | PKIX_Boolean certPoliciesIncludeAny, | |||
1890 | PKIX_List *qualsOfAny, | |||
1891 | PKIX_PolicyCheckerState *state, | |||
1892 | void *plContext) | |||
1893 | { | |||
1894 | PKIX_UInt32 numPolicies = 0; | |||
1895 | PKIX_UInt32 polX = 0; | |||
1896 | PKIX_PL_OID *policyOID = NULL((void*)0); | |||
1897 | PKIX_List *newMappedPolicies = NULL((void*)0); /* OIDs */ | |||
1898 | PKIX_List *subjectDomainPolicies = NULL((void*)0); /* OIDs */ | |||
1899 | ||||
1900 | PKIX_ENTERstatic const char cMyFuncName[] = {"pkix_PolicyChecker_PolicyMapProcessing" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTCHAINCHECKER_ERROR; ; do { if ( pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0); | |||
1901 | (CERTCHAINCHECKER,static const char cMyFuncName[] = {"pkix_PolicyChecker_PolicyMapProcessing" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTCHAINCHECKER_ERROR; ; do { if ( pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0); | |||
1902 | "pkix_PolicyChecker_PolicyMapProcessing")static const char cMyFuncName[] = {"pkix_PolicyChecker_PolicyMapProcessing" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTCHAINCHECKER_ERROR; ; do { if ( pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0);; | |||
1903 | PKIX_NULLCHECK_THREEdo { if (((policyMaps) == ((void*)0)) || ((state) == ((void*) 0)) || ((state->mappedUserInitialPolicySet) == ((void*)0)) ){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR ), ((PKIX_Boolean) 1), plContext);; } } while (0) | |||
1904 | (policyMaps,do { if (((policyMaps) == ((void*)0)) || ((state) == ((void*) 0)) || ((state->mappedUserInitialPolicySet) == ((void*)0)) ){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR ), ((PKIX_Boolean) 1), plContext);; } } while (0) | |||
1905 | state,do { if (((policyMaps) == ((void*)0)) || ((state) == ((void*) 0)) || ((state->mappedUserInitialPolicySet) == ((void*)0)) ){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR ), ((PKIX_Boolean) 1), plContext);; } } while (0) | |||
1906 | state->mappedUserInitialPolicySet)do { if (((policyMaps) == ((void*)0)) || ((state) == ((void*) 0)) || ((state->mappedUserInitialPolicySet) == ((void*)0)) ){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR ), ((PKIX_Boolean) 1), plContext);; } } while (0); | |||
1907 | ||||
1908 | /* | |||
1909 | * For each policy in mappedUserInitialPolicySet, if it is not mapped, | |||
1910 | * append it to new policySet; if it is mapped, append its | |||
1911 | * subjectDomainPolicies to new policySet. When done, this new | |||
1912 | * policySet will replace mappedUserInitialPolicySet. | |||
1913 | */ | |||
1914 | PKIX_CHECK(PKIX_List_Createdo { stdVars.aPkixErrorResult = (PKIX_List_Create (&newMappedPolicies , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCREATEFAILED; goto cleanup; } } while (0) | |||
1915 | (&newMappedPolicies, plContext),do { stdVars.aPkixErrorResult = (PKIX_List_Create (&newMappedPolicies , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCREATEFAILED; goto cleanup; } } while (0) | |||
1916 | PKIX_LISTCREATEFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_Create (&newMappedPolicies , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCREATEFAILED; goto cleanup; } } while (0); | |||
1917 | ||||
1918 | PKIX_CHECK(PKIX_List_GetLengthdo { stdVars.aPkixErrorResult = (PKIX_List_GetLength (state-> mappedUserInitialPolicySet, &numPolicies, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED ; goto cleanup; } } while (0) | |||
1919 | (state->mappedUserInitialPolicySet,do { stdVars.aPkixErrorResult = (PKIX_List_GetLength (state-> mappedUserInitialPolicySet, &numPolicies, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED ; goto cleanup; } } while (0) | |||
1920 | &numPolicies,do { stdVars.aPkixErrorResult = (PKIX_List_GetLength (state-> mappedUserInitialPolicySet, &numPolicies, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED ; goto cleanup; } } while (0) | |||
1921 | plContext),do { stdVars.aPkixErrorResult = (PKIX_List_GetLength (state-> mappedUserInitialPolicySet, &numPolicies, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED ; goto cleanup; } } while (0) | |||
1922 | PKIX_LISTGETLENGTHFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_GetLength (state-> mappedUserInitialPolicySet, &numPolicies, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED ; goto cleanup; } } while (0); | |||
1923 | ||||
1924 | for (polX = 0; polX < numPolicies; polX++) { | |||
1925 | ||||
1926 | PKIX_CHECK(PKIX_List_GetItemdo { stdVars.aPkixErrorResult = (PKIX_List_GetItem (state-> mappedUserInitialPolicySet, polX, (PKIX_PL_Object **)&policyOID , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED; goto cleanup; } } while (0) | |||
1927 | (state->mappedUserInitialPolicySet,do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (state-> mappedUserInitialPolicySet, polX, (PKIX_PL_Object **)&policyOID , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED; goto cleanup; } } while (0) | |||
1928 | polX,do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (state-> mappedUserInitialPolicySet, polX, (PKIX_PL_Object **)&policyOID , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED; goto cleanup; } } while (0) | |||
1929 | (PKIX_PL_Object **)&policyOID,do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (state-> mappedUserInitialPolicySet, polX, (PKIX_PL_Object **)&policyOID , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED; goto cleanup; } } while (0) | |||
1930 | plContext),do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (state-> mappedUserInitialPolicySet, polX, (PKIX_PL_Object **)&policyOID , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED; goto cleanup; } } while (0) | |||
1931 | PKIX_LISTGETITEMFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (state-> mappedUserInitialPolicySet, polX, (PKIX_PL_Object **)&policyOID , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED; goto cleanup; } } while (0); | |||
1932 | ||||
1933 | PKIX_CHECK(pkix_PolicyChecker_MapGetSubjectDomainPoliciesdo { stdVars.aPkixErrorResult = (pkix_PolicyChecker_MapGetSubjectDomainPolicies (policyMaps, policyOID, &subjectDomainPolicies, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERMAPGETSUBJECTDOMAINPOLICIESFAILED; goto cleanup ; } } while (0) | |||
1934 | (policyMaps,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_MapGetSubjectDomainPolicies (policyMaps, policyOID, &subjectDomainPolicies, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERMAPGETSUBJECTDOMAINPOLICIESFAILED; goto cleanup ; } } while (0) | |||
1935 | policyOID,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_MapGetSubjectDomainPolicies (policyMaps, policyOID, &subjectDomainPolicies, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERMAPGETSUBJECTDOMAINPOLICIESFAILED; goto cleanup ; } } while (0) | |||
1936 | &subjectDomainPolicies,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_MapGetSubjectDomainPolicies (policyMaps, policyOID, &subjectDomainPolicies, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERMAPGETSUBJECTDOMAINPOLICIESFAILED; goto cleanup ; } } while (0) | |||
1937 | plContext),do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_MapGetSubjectDomainPolicies (policyMaps, policyOID, &subjectDomainPolicies, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERMAPGETSUBJECTDOMAINPOLICIESFAILED; goto cleanup ; } } while (0) | |||
1938 | PKIX_POLICYCHECKERMAPGETSUBJECTDOMAINPOLICIESFAILED)do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_MapGetSubjectDomainPolicies (policyMaps, policyOID, &subjectDomainPolicies, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERMAPGETSUBJECTDOMAINPOLICIESFAILED; goto cleanup ; } } while (0); | |||
1939 | ||||
1940 | if (subjectDomainPolicies) { | |||
1941 | ||||
1942 | PKIX_CHECK(pkix_List_AppendUniquedo { stdVars.aPkixErrorResult = (pkix_List_AppendUnique (newMappedPolicies , subjectDomainPolicies, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTAPPENDUNIQUEFAILED; goto cleanup ; } } while (0) | |||
1943 | (newMappedPolicies,do { stdVars.aPkixErrorResult = (pkix_List_AppendUnique (newMappedPolicies , subjectDomainPolicies, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTAPPENDUNIQUEFAILED; goto cleanup ; } } while (0) | |||
1944 | subjectDomainPolicies,do { stdVars.aPkixErrorResult = (pkix_List_AppendUnique (newMappedPolicies , subjectDomainPolicies, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTAPPENDUNIQUEFAILED; goto cleanup ; } } while (0) | |||
1945 | plContext),do { stdVars.aPkixErrorResult = (pkix_List_AppendUnique (newMappedPolicies , subjectDomainPolicies, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTAPPENDUNIQUEFAILED; goto cleanup ; } } while (0) | |||
1946 | PKIX_LISTAPPENDUNIQUEFAILED)do { stdVars.aPkixErrorResult = (pkix_List_AppendUnique (newMappedPolicies , subjectDomainPolicies, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTAPPENDUNIQUEFAILED; goto cleanup ; } } while (0); | |||
1947 | ||||
1948 | PKIX_DECREF(subjectDomainPolicies)do { if (subjectDomainPolicies){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(subjectDomainPolicies), plContext); if ( stdVars.aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars .aPkixTempResult, plContext); stdVars.aPkixTempResult = ((void *)0); } subjectDomainPolicies = ((void*)0); } } while (0); | |||
1949 | ||||
1950 | } else { | |||
1951 | PKIX_CHECK(PKIX_List_AppendItemdo { stdVars.aPkixErrorResult = (PKIX_List_AppendItem (newMappedPolicies , (PKIX_PL_Object *)policyOID, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTAPPENDITEMFAILED; goto cleanup ; } } while (0) | |||
1952 | (newMappedPolicies,do { stdVars.aPkixErrorResult = (PKIX_List_AppendItem (newMappedPolicies , (PKIX_PL_Object *)policyOID, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTAPPENDITEMFAILED; goto cleanup ; } } while (0) | |||
1953 | (PKIX_PL_Object *)policyOID,do { stdVars.aPkixErrorResult = (PKIX_List_AppendItem (newMappedPolicies , (PKIX_PL_Object *)policyOID, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTAPPENDITEMFAILED; goto cleanup ; } } while (0) | |||
1954 | plContext),do { stdVars.aPkixErrorResult = (PKIX_List_AppendItem (newMappedPolicies , (PKIX_PL_Object *)policyOID, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTAPPENDITEMFAILED; goto cleanup ; } } while (0) | |||
1955 | PKIX_LISTAPPENDITEMFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_AppendItem (newMappedPolicies , (PKIX_PL_Object *)policyOID, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTAPPENDITEMFAILED; goto cleanup ; } } while (0); | |||
1956 | } | |||
1957 | PKIX_DECREF(policyOID)do { if (policyOID){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(policyOID), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } policyOID = ((void *)0); } } while (0); | |||
1958 | } | |||
1959 | ||||
1960 | /* | |||
1961 | * For each policy ID-P remaining in mappedPolicyOIDs, it has not been | |||
1962 | * propagated to the bottom of the tree (depth i). If policyMapping | |||
1963 | * is greater than zero and this cert contains anyPolicy and the tree | |||
1964 | * contains an anyPolicy node at depth i-1, then we must create a node | |||
1965 | * with validPolicy ID-P, the policy qualifiers of anyPolicy in | |||
1966 | * this certificate, and expectedPolicySet the subjectDomainPolicies | |||
1967 | * that ID-P maps to. We also then add those subjectDomainPolicies to | |||
1968 | * the list of policies that will be accepted in the next certificate, | |||
1969 | * the mappedUserInitialPolicySet. | |||
1970 | */ | |||
1971 | ||||
1972 | if ((state->policyMapping > 0) && (certPoliciesIncludeAny) && | |||
1973 | (state->anyPolicyNodeAtBottom) && (state->mappedPolicyOIDs)) { | |||
1974 | ||||
1975 | PKIX_CHECK(PKIX_List_GetLengthdo { stdVars.aPkixErrorResult = (PKIX_List_GetLength (state-> mappedPolicyOIDs, &numPolicies, plContext)); if (stdVars. aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED ; goto cleanup; } } while (0) | |||
1976 | (state->mappedPolicyOIDs,do { stdVars.aPkixErrorResult = (PKIX_List_GetLength (state-> mappedPolicyOIDs, &numPolicies, plContext)); if (stdVars. aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED ; goto cleanup; } } while (0) | |||
1977 | &numPolicies,do { stdVars.aPkixErrorResult = (PKIX_List_GetLength (state-> mappedPolicyOIDs, &numPolicies, plContext)); if (stdVars. aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED ; goto cleanup; } } while (0) | |||
1978 | plContext),do { stdVars.aPkixErrorResult = (PKIX_List_GetLength (state-> mappedPolicyOIDs, &numPolicies, plContext)); if (stdVars. aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED ; goto cleanup; } } while (0) | |||
1979 | PKIX_LISTGETLENGTHFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_GetLength (state-> mappedPolicyOIDs, &numPolicies, plContext)); if (stdVars. aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED ; goto cleanup; } } while (0); | |||
1980 | ||||
1981 | for (polX = 0; polX < numPolicies; polX++) { | |||
1982 | ||||
1983 | PKIX_CHECK(PKIX_List_GetItemdo { stdVars.aPkixErrorResult = (PKIX_List_GetItem (state-> mappedPolicyOIDs, polX, (PKIX_PL_Object **)&policyOID, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED; goto cleanup; } } while (0) | |||
1984 | (state->mappedPolicyOIDs,do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (state-> mappedPolicyOIDs, polX, (PKIX_PL_Object **)&policyOID, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED; goto cleanup; } } while (0) | |||
1985 | polX,do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (state-> mappedPolicyOIDs, polX, (PKIX_PL_Object **)&policyOID, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED; goto cleanup; } } while (0) | |||
1986 | (PKIX_PL_Object **)&policyOID,do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (state-> mappedPolicyOIDs, polX, (PKIX_PL_Object **)&policyOID, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED; goto cleanup; } } while (0) | |||
1987 | plContext),do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (state-> mappedPolicyOIDs, polX, (PKIX_PL_Object **)&policyOID, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED; goto cleanup; } } while (0) | |||
1988 | PKIX_LISTGETITEMFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (state-> mappedPolicyOIDs, polX, (PKIX_PL_Object **)&policyOID, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED; goto cleanup; } } while (0); | |||
1989 | ||||
1990 | PKIX_CHECK(pkix_PolicyChecker_MapGetSubjectDomainPoliciesdo { stdVars.aPkixErrorResult = (pkix_PolicyChecker_MapGetSubjectDomainPolicies (policyMaps, policyOID, &subjectDomainPolicies, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERMAPGETSUBJECTDOMAINPOLICIESFAILED; goto cleanup ; } } while (0) | |||
1991 | (policyMaps,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_MapGetSubjectDomainPolicies (policyMaps, policyOID, &subjectDomainPolicies, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERMAPGETSUBJECTDOMAINPOLICIESFAILED; goto cleanup ; } } while (0) | |||
1992 | policyOID,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_MapGetSubjectDomainPolicies (policyMaps, policyOID, &subjectDomainPolicies, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERMAPGETSUBJECTDOMAINPOLICIESFAILED; goto cleanup ; } } while (0) | |||
1993 | &subjectDomainPolicies,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_MapGetSubjectDomainPolicies (policyMaps, policyOID, &subjectDomainPolicies, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERMAPGETSUBJECTDOMAINPOLICIESFAILED; goto cleanup ; } } while (0) | |||
1994 | plContext),do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_MapGetSubjectDomainPolicies (policyMaps, policyOID, &subjectDomainPolicies, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERMAPGETSUBJECTDOMAINPOLICIESFAILED; goto cleanup ; } } while (0) | |||
1995 | PKIX_POLICYCHECKERMAPGETSUBJECTDOMAINPOLICIESFAILED)do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_MapGetSubjectDomainPolicies (policyMaps, policyOID, &subjectDomainPolicies, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERMAPGETSUBJECTDOMAINPOLICIESFAILED; goto cleanup ; } } while (0); | |||
1996 | ||||
1997 | PKIX_CHECK(pkix_PolicyChecker_Spawndo { stdVars.aPkixErrorResult = (pkix_PolicyChecker_Spawn (state ->anyPolicyNodeAtBottom, policyOID, qualsOfAny, subjectDomainPolicies , state, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_POLICYCHECKERSPAWNFAILED; goto cleanup ; } } while (0) | |||
1998 | (state->anyPolicyNodeAtBottom,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_Spawn (state ->anyPolicyNodeAtBottom, policyOID, qualsOfAny, subjectDomainPolicies , state, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_POLICYCHECKERSPAWNFAILED; goto cleanup ; } } while (0) | |||
1999 | policyOID,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_Spawn (state ->anyPolicyNodeAtBottom, policyOID, qualsOfAny, subjectDomainPolicies , state, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_POLICYCHECKERSPAWNFAILED; goto cleanup ; } } while (0) | |||
2000 | qualsOfAny,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_Spawn (state ->anyPolicyNodeAtBottom, policyOID, qualsOfAny, subjectDomainPolicies , state, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_POLICYCHECKERSPAWNFAILED; goto cleanup ; } } while (0) | |||
2001 | subjectDomainPolicies,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_Spawn (state ->anyPolicyNodeAtBottom, policyOID, qualsOfAny, subjectDomainPolicies , state, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_POLICYCHECKERSPAWNFAILED; goto cleanup ; } } while (0) | |||
2002 | state,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_Spawn (state ->anyPolicyNodeAtBottom, policyOID, qualsOfAny, subjectDomainPolicies , state, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_POLICYCHECKERSPAWNFAILED; goto cleanup ; } } while (0) | |||
2003 | plContext),do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_Spawn (state ->anyPolicyNodeAtBottom, policyOID, qualsOfAny, subjectDomainPolicies , state, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_POLICYCHECKERSPAWNFAILED; goto cleanup ; } } while (0) | |||
2004 | PKIX_POLICYCHECKERSPAWNFAILED)do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_Spawn (state ->anyPolicyNodeAtBottom, policyOID, qualsOfAny, subjectDomainPolicies , state, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_POLICYCHECKERSPAWNFAILED; goto cleanup ; } } while (0); | |||
2005 | ||||
2006 | PKIX_CHECK(pkix_List_AppendUniquedo { stdVars.aPkixErrorResult = (pkix_List_AppendUnique (newMappedPolicies , subjectDomainPolicies, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTAPPENDUNIQUEFAILED; goto cleanup ; } } while (0) | |||
2007 | (newMappedPolicies,do { stdVars.aPkixErrorResult = (pkix_List_AppendUnique (newMappedPolicies , subjectDomainPolicies, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTAPPENDUNIQUEFAILED; goto cleanup ; } } while (0) | |||
2008 | subjectDomainPolicies,do { stdVars.aPkixErrorResult = (pkix_List_AppendUnique (newMappedPolicies , subjectDomainPolicies, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTAPPENDUNIQUEFAILED; goto cleanup ; } } while (0) | |||
2009 | plContext),do { stdVars.aPkixErrorResult = (pkix_List_AppendUnique (newMappedPolicies , subjectDomainPolicies, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTAPPENDUNIQUEFAILED; goto cleanup ; } } while (0) | |||
2010 | PKIX_LISTAPPENDUNIQUEFAILED)do { stdVars.aPkixErrorResult = (pkix_List_AppendUnique (newMappedPolicies , subjectDomainPolicies, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTAPPENDUNIQUEFAILED; goto cleanup ; } } while (0); | |||
2011 | ||||
2012 | PKIX_DECREF(subjectDomainPolicies)do { if (subjectDomainPolicies){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(subjectDomainPolicies), plContext); if ( stdVars.aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars .aPkixTempResult, plContext); stdVars.aPkixTempResult = ((void *)0); } subjectDomainPolicies = ((void*)0); } } while (0); | |||
2013 | PKIX_DECREF(policyOID)do { if (policyOID){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(policyOID), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } policyOID = ((void *)0); } } while (0); | |||
2014 | } | |||
2015 | } | |||
2016 | ||||
2017 | PKIX_CHECK(PKIX_List_SetImmutable(newMappedPolicies, plContext),do { stdVars.aPkixErrorResult = (PKIX_List_SetImmutable(newMappedPolicies , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTSETIMMUTABLEFAILED; goto cleanup; } } while (0) | |||
2018 | PKIX_LISTSETIMMUTABLEFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_SetImmutable(newMappedPolicies , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTSETIMMUTABLEFAILED; goto cleanup; } } while (0); | |||
2019 | ||||
2020 | PKIX_DECREF(state->mappedUserInitialPolicySet)do { if (state->mappedUserInitialPolicySet){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(state->mappedUserInitialPolicySet ), plContext); if (stdVars.aPkixTempResult) { PKIX_DoAddError (&stdVars, stdVars.aPkixTempResult, plContext); stdVars.aPkixTempResult = ((void*)0); } state->mappedUserInitialPolicySet = ((void *)0); } } while (0); | |||
2021 | PKIX_INCREF(newMappedPolicies)do { if (newMappedPolicies){ stdVars.aPkixTempResult = PKIX_PL_Object_IncRef ((PKIX_PL_Object *)(newMappedPolicies), plContext); if (stdVars .aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); goto cleanup ; } } } while (0); | |||
2022 | ||||
2023 | state->mappedUserInitialPolicySet = newMappedPolicies; | |||
2024 | ||||
2025 | cleanup: | |||
2026 | ||||
2027 | PKIX_DECREF(policyOID)do { if (policyOID){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(policyOID), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } policyOID = ((void *)0); } } while (0); | |||
2028 | PKIX_DECREF(newMappedPolicies)do { if (newMappedPolicies){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(newMappedPolicies), plContext); if (stdVars .aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); } newMappedPolicies = ((void*)0); } } while (0); | |||
2029 | PKIX_DECREF(subjectDomainPolicies)do { if (subjectDomainPolicies){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(subjectDomainPolicies), plContext); if ( stdVars.aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars .aPkixTempResult, plContext); stdVars.aPkixTempResult = ((void *)0); } subjectDomainPolicies = ((void*)0); } } while (0); | |||
2030 | ||||
2031 | PKIX_RETURN(CERTCHAINCHECKER)return PKIX_DoReturn(&stdVars, (PKIX_CERTCHAINCHECKER_ERROR ), ((PKIX_Boolean) 1), plContext);; | |||
2032 | } | |||
2033 | ||||
2034 | /* | |||
2035 | * FUNCTION: pkix_PolicyChecker_WrapUpProcessing | |||
2036 | * DESCRIPTION: | |||
2037 | * | |||
2038 | * Performs the wrap-up processing for the Cert pointed to by "cert", | |||
2039 | * using and updating the PolicyCheckerState pointed to by "state". | |||
2040 | * | |||
2041 | * This function implements the wrap-up processing described in RFC3280 | |||
2042 | * Section 6.1.5, after the final certificate has been processed. Section | |||
2043 | * references in the comments are to that document. | |||
2044 | * | |||
2045 | * PARAMETERS: | |||
2046 | * "cert" | |||
2047 | * Address of the current (presumably the end entity) certificate. | |||
2048 | * Must be non-NULL. | |||
2049 | * "state" | |||
2050 | * Address of the current state of the PKIX_PolicyChecker. | |||
2051 | * Must be non-NULL. | |||
2052 | * "plContext" | |||
2053 | * Platform-specific context pointer. | |||
2054 | * THREAD SAFETY: | |||
2055 | * Not Thread Safe (see Thread Safety Definitions in Programmer's Guide) | |||
2056 | * RETURNS: | |||
2057 | * Returns NULL if the function succeeds | |||
2058 | * Returns a CertChainChecker Error if the functions fails in a non-fatal way | |||
2059 | * Returns a Fatal Error if the function fails in an unrecoverable way | |||
2060 | */ | |||
2061 | static PKIX_Error * | |||
2062 | pkix_PolicyChecker_WrapUpProcessing( | |||
2063 | PKIX_PL_Cert *cert, | |||
2064 | PKIX_PolicyCheckerState *state, | |||
2065 | void *plContext) | |||
2066 | { | |||
2067 | PKIX_Int32 explicitPolicySkipCerts = 0; | |||
2068 | PKIX_Boolean isSelfIssued = PKIX_FALSE((PKIX_Boolean) 0); | |||
2069 | PKIX_Boolean shouldBePruned = PKIX_FALSE((PKIX_Boolean) 0); | |||
2070 | PKIX_List *nominees = NULL((void*)0); /* OIDs */ | |||
2071 | #if PKIX_CERTPOLICYCHECKERSTATEDEBUG | |||
2072 | PKIX_PL_String *stateString = NULL((void*)0); | |||
2073 | char *stateAscii = NULL((void*)0); | |||
2074 | PKIX_UInt32 length; | |||
2075 | #endif | |||
2076 | ||||
2077 | PKIX_ENTERstatic const char cMyFuncName[] = {"pkix_PolicyChecker_WrapUpProcessing" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTCHAINCHECKER_ERROR; ; do { if ( pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0); | |||
2078 | (CERTCHAINCHECKER,static const char cMyFuncName[] = {"pkix_PolicyChecker_WrapUpProcessing" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTCHAINCHECKER_ERROR; ; do { if ( pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0); | |||
2079 | "pkix_PolicyChecker_WrapUpProcessing")static const char cMyFuncName[] = {"pkix_PolicyChecker_WrapUpProcessing" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTCHAINCHECKER_ERROR; ; do { if ( pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0);; | |||
2080 | PKIX_NULLCHECK_THREE(cert, state, state->userInitialPolicySet)do { if (((cert) == ((void*)0)) || ((state) == ((void*)0)) || ((state->userInitialPolicySet) == ((void*)0))){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT ; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean ) 1), plContext);; } } while (0); | |||
2081 | ||||
2082 | #if PKIX_CERTPOLICYCHECKERSTATEDEBUG | |||
2083 | PKIX_CHECK(PKIX_PL_Object_ToStringdo { stdVars.aPkixErrorResult = (PKIX_PL_Object_ToString ((PKIX_PL_Object *)state, &stateString, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_OBJECTTOSTRINGFAILED; goto cleanup ; } } while (0) | |||
2084 | ((PKIX_PL_Object*)state, &stateString, plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_Object_ToString ((PKIX_PL_Object *)state, &stateString, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_OBJECTTOSTRINGFAILED; goto cleanup ; } } while (0) | |||
2085 | PKIX_OBJECTTOSTRINGFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_Object_ToString ((PKIX_PL_Object *)state, &stateString, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_OBJECTTOSTRINGFAILED; goto cleanup ; } } while (0); | |||
2086 | ||||
2087 | PKIX_CHECK(PKIX_PL_String_GetEncodeddo { stdVars.aPkixErrorResult = (PKIX_PL_String_GetEncoded (stateString , 0, (void **)&stateAscii, &length, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_STRINGGETENCODEDFAILED ; goto cleanup; } } while (0) | |||
2088 | (stateString,do { stdVars.aPkixErrorResult = (PKIX_PL_String_GetEncoded (stateString , 0, (void **)&stateAscii, &length, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_STRINGGETENCODEDFAILED ; goto cleanup; } } while (0) | |||
2089 | PKIX_ESCASCII,do { stdVars.aPkixErrorResult = (PKIX_PL_String_GetEncoded (stateString , 0, (void **)&stateAscii, &length, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_STRINGGETENCODEDFAILED ; goto cleanup; } } while (0) | |||
2090 | (void **)&stateAscii,do { stdVars.aPkixErrorResult = (PKIX_PL_String_GetEncoded (stateString , 0, (void **)&stateAscii, &length, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_STRINGGETENCODEDFAILED ; goto cleanup; } } while (0) | |||
2091 | &length,do { stdVars.aPkixErrorResult = (PKIX_PL_String_GetEncoded (stateString , 0, (void **)&stateAscii, &length, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_STRINGGETENCODEDFAILED ; goto cleanup; } } while (0) | |||
2092 | plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_String_GetEncoded (stateString , 0, (void **)&stateAscii, &length, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_STRINGGETENCODEDFAILED ; goto cleanup; } } while (0) | |||
2093 | PKIX_STRINGGETENCODEDFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_String_GetEncoded (stateString , 0, (void **)&stateAscii, &length, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_STRINGGETENCODEDFAILED ; goto cleanup; } } while (0); | |||
2094 | ||||
2095 | PKIX_DEBUG_ARG("%s\n", stateAscii)do { (void) printf("(%s: ", stdVars.aMyFuncName); (void) printf ("%s\n", stateAscii); } while (0); | |||
2096 | ||||
2097 | PKIX_FREE(stateAscii)do { if (stateAscii) { stdVars.aPkixTempResult = PKIX_PL_Free ((stateAscii), plContext); if (stdVars.aPkixTempResult) { PKIX_DoAddError (&stdVars, stdVars.aPkixTempResult, plContext); stdVars.aPkixTempResult = ((void*)0); } stateAscii = ((void*)0); } } while (0); | |||
2098 | PKIX_DECREF(stateString)do { if (stateString){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(stateString), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } stateString = ((void *)0); } } while (0); | |||
2099 | #endif | |||
2100 | ||||
2101 | /* Section 6.1.5(a) ... */ | |||
2102 | PKIX_CHECK(pkix_IsCertSelfIssueddo { stdVars.aPkixErrorResult = (pkix_IsCertSelfIssued (cert, &isSelfIssued, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_ISCERTSELFISSUEDFAILED; goto cleanup ; } } while (0) | |||
2103 | (cert, &isSelfIssued, plContext),do { stdVars.aPkixErrorResult = (pkix_IsCertSelfIssued (cert, &isSelfIssued, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_ISCERTSELFISSUEDFAILED; goto cleanup ; } } while (0) | |||
2104 | PKIX_ISCERTSELFISSUEDFAILED)do { stdVars.aPkixErrorResult = (pkix_IsCertSelfIssued (cert, &isSelfIssued, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_ISCERTSELFISSUEDFAILED; goto cleanup ; } } while (0); | |||
2105 | ||||
2106 | if (!isSelfIssued) { | |||
2107 | if (state->explicitPolicy > 0) { | |||
2108 | ||||
2109 | state->explicitPolicy--; | |||
2110 | ||||
2111 | PKIX_CHECK(PKIX_PL_Object_InvalidateCachedo { stdVars.aPkixErrorResult = (PKIX_PL_Object_InvalidateCache ((PKIX_PL_Object *)state, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_OBJECTINVALIDATECACHEFAILED; goto cleanup; } } while (0) | |||
2112 | ((PKIX_PL_Object *)state, plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_Object_InvalidateCache ((PKIX_PL_Object *)state, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_OBJECTINVALIDATECACHEFAILED; goto cleanup; } } while (0) | |||
2113 | PKIX_OBJECTINVALIDATECACHEFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_Object_InvalidateCache ((PKIX_PL_Object *)state, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_OBJECTINVALIDATECACHEFAILED; goto cleanup; } } while (0); | |||
2114 | } | |||
2115 | } | |||
2116 | ||||
2117 | /* Section 6.1.5(b) ... */ | |||
2118 | PKIX_CHECK(PKIX_PL_Cert_GetRequireExplicitPolicydo { stdVars.aPkixErrorResult = (PKIX_PL_Cert_GetRequireExplicitPolicy (cert, &explicitPolicySkipCerts, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTGETREQUIREEXPLICITPOLICYFAILED ; goto cleanup; } } while (0) | |||
2119 | (cert, &explicitPolicySkipCerts, plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_Cert_GetRequireExplicitPolicy (cert, &explicitPolicySkipCerts, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTGETREQUIREEXPLICITPOLICYFAILED ; goto cleanup; } } while (0) | |||
2120 | PKIX_CERTGETREQUIREEXPLICITPOLICYFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_Cert_GetRequireExplicitPolicy (cert, &explicitPolicySkipCerts, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTGETREQUIREEXPLICITPOLICYFAILED ; goto cleanup; } } while (0); | |||
2121 | ||||
2122 | if (explicitPolicySkipCerts == 0) { | |||
2123 | state->explicitPolicy = 0; | |||
2124 | } | |||
2125 | ||||
2126 | /* Section 6.1.5(g)(i) ... */ | |||
2127 | ||||
2128 | if (!(state->validPolicyTree)) { | |||
2129 | goto cleanup; | |||
2130 | } | |||
2131 | ||||
2132 | /* Section 6.1.5(g)(ii) ... */ | |||
2133 | ||||
2134 | if (state->initialIsAnyPolicy) { | |||
2135 | goto cleanup; | |||
2136 | } | |||
2137 | ||||
2138 | /* | |||
2139 | * Section 6.1.5(g)(iii) ... | |||
2140 | * Create a list of policies which could be substituted for anyPolicy. | |||
2141 | * Start with a (mutable) copy of user-initial-policy-set. | |||
2142 | */ | |||
2143 | PKIX_CHECK(pkix_PolicyChecker_MakeMutableCopydo { stdVars.aPkixErrorResult = (pkix_PolicyChecker_MakeMutableCopy (state->userInitialPolicySet, &nominees, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERMAKEMUTABLECOPYFAILED ; goto cleanup; } } while (0) | |||
2144 | (state->userInitialPolicySet, &nominees, plContext),do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_MakeMutableCopy (state->userInitialPolicySet, &nominees, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERMAKEMUTABLECOPYFAILED ; goto cleanup; } } while (0) | |||
2145 | PKIX_POLICYCHECKERMAKEMUTABLECOPYFAILED)do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_MakeMutableCopy (state->userInitialPolicySet, &nominees, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERMAKEMUTABLECOPYFAILED ; goto cleanup; } } while (0); | |||
2146 | ||||
2147 | PKIX_CHECK(pkix_PolicyChecker_CalculateIntersectiondo { stdVars.aPkixErrorResult = (pkix_PolicyChecker_CalculateIntersection (state->validPolicyTree, state, nominees, &shouldBePruned , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERCALCULATEINTERSECTIONFAILED; goto cleanup ; } } while (0) | |||
2148 | (state->validPolicyTree, /* node at top of tree */do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_CalculateIntersection (state->validPolicyTree, state, nominees, &shouldBePruned , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERCALCULATEINTERSECTIONFAILED; goto cleanup ; } } while (0) | |||
2149 | state,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_CalculateIntersection (state->validPolicyTree, state, nominees, &shouldBePruned , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERCALCULATEINTERSECTIONFAILED; goto cleanup ; } } while (0) | |||
2150 | nominees,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_CalculateIntersection (state->validPolicyTree, state, nominees, &shouldBePruned , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERCALCULATEINTERSECTIONFAILED; goto cleanup ; } } while (0) | |||
2151 | &shouldBePruned,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_CalculateIntersection (state->validPolicyTree, state, nominees, &shouldBePruned , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERCALCULATEINTERSECTIONFAILED; goto cleanup ; } } while (0) | |||
2152 | plContext),do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_CalculateIntersection (state->validPolicyTree, state, nominees, &shouldBePruned , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERCALCULATEINTERSECTIONFAILED; goto cleanup ; } } while (0) | |||
2153 | PKIX_POLICYCHECKERCALCULATEINTERSECTIONFAILED)do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_CalculateIntersection (state->validPolicyTree, state, nominees, &shouldBePruned , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERCALCULATEINTERSECTIONFAILED; goto cleanup ; } } while (0); | |||
2154 | ||||
2155 | if (PKIX_TRUE((PKIX_Boolean) 1) == shouldBePruned) { | |||
2156 | PKIX_DECREF(state->validPolicyTree)do { if (state->validPolicyTree){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(state->validPolicyTree ), plContext); if (stdVars.aPkixTempResult) { PKIX_DoAddError (&stdVars, stdVars.aPkixTempResult, plContext); stdVars.aPkixTempResult = ((void*)0); } state->validPolicyTree = ((void*)0); } } while (0); | |||
2157 | } | |||
2158 | ||||
2159 | if (state->validPolicyTree) { | |||
2160 | PKIX_CHECK(PKIX_PL_Object_InvalidateCachedo { stdVars.aPkixErrorResult = (PKIX_PL_Object_InvalidateCache ((PKIX_PL_Object *)state->validPolicyTree, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OBJECTINVALIDATECACHEFAILED ; goto cleanup; } } while (0) | |||
2161 | ((PKIX_PL_Object *)state->validPolicyTree, plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_Object_InvalidateCache ((PKIX_PL_Object *)state->validPolicyTree, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OBJECTINVALIDATECACHEFAILED ; goto cleanup; } } while (0) | |||
2162 | PKIX_OBJECTINVALIDATECACHEFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_Object_InvalidateCache ((PKIX_PL_Object *)state->validPolicyTree, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OBJECTINVALIDATECACHEFAILED ; goto cleanup; } } while (0); | |||
2163 | } | |||
2164 | ||||
2165 | PKIX_CHECK(PKIX_PL_Object_InvalidateCachedo { stdVars.aPkixErrorResult = (PKIX_PL_Object_InvalidateCache ((PKIX_PL_Object *)state, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_OBJECTINVALIDATECACHEFAILED; goto cleanup; } } while (0) | |||
2166 | ((PKIX_PL_Object *)state, plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_Object_InvalidateCache ((PKIX_PL_Object *)state, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_OBJECTINVALIDATECACHEFAILED; goto cleanup; } } while (0) | |||
2167 | PKIX_OBJECTINVALIDATECACHEFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_Object_InvalidateCache ((PKIX_PL_Object *)state, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_OBJECTINVALIDATECACHEFAILED; goto cleanup; } } while (0); | |||
2168 | ||||
2169 | #if PKIX_CERTPOLICYCHECKERSTATEDEBUG | |||
2170 | if (state->validPolicyTree) { | |||
2171 | PKIX_CHECK(PKIX_PL_Object_ToStringdo { stdVars.aPkixErrorResult = (PKIX_PL_Object_ToString ((PKIX_PL_Object *)state, &stateString, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_OBJECTTOSTRINGFAILED; goto cleanup ; } } while (0) | |||
2172 | ((PKIX_PL_Object*)state, &stateString, plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_Object_ToString ((PKIX_PL_Object *)state, &stateString, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_OBJECTTOSTRINGFAILED; goto cleanup ; } } while (0) | |||
2173 | PKIX_OBJECTTOSTRINGFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_Object_ToString ((PKIX_PL_Object *)state, &stateString, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_OBJECTTOSTRINGFAILED; goto cleanup ; } } while (0); | |||
2174 | ||||
2175 | PKIX_CHECK(PKIX_PL_String_GetEncodeddo { stdVars.aPkixErrorResult = (PKIX_PL_String_GetEncoded (stateString , 0, (void **)&stateAscii, &length, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_STRINGGETENCODEDFAILED ; goto cleanup; } } while (0) | |||
2176 | (stateString,do { stdVars.aPkixErrorResult = (PKIX_PL_String_GetEncoded (stateString , 0, (void **)&stateAscii, &length, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_STRINGGETENCODEDFAILED ; goto cleanup; } } while (0) | |||
2177 | PKIX_ESCASCII,do { stdVars.aPkixErrorResult = (PKIX_PL_String_GetEncoded (stateString , 0, (void **)&stateAscii, &length, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_STRINGGETENCODEDFAILED ; goto cleanup; } } while (0) | |||
2178 | (void **)&stateAscii,do { stdVars.aPkixErrorResult = (PKIX_PL_String_GetEncoded (stateString , 0, (void **)&stateAscii, &length, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_STRINGGETENCODEDFAILED ; goto cleanup; } } while (0) | |||
2179 | &length,do { stdVars.aPkixErrorResult = (PKIX_PL_String_GetEncoded (stateString , 0, (void **)&stateAscii, &length, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_STRINGGETENCODEDFAILED ; goto cleanup; } } while (0) | |||
2180 | plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_String_GetEncoded (stateString , 0, (void **)&stateAscii, &length, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_STRINGGETENCODEDFAILED ; goto cleanup; } } while (0) | |||
2181 | PKIX_STRINGGETENCODEDFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_String_GetEncoded (stateString , 0, (void **)&stateAscii, &length, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_STRINGGETENCODEDFAILED ; goto cleanup; } } while (0); | |||
2182 | ||||
2183 | PKIX_DEBUG_ARGdo { (void) printf("(%s: ", stdVars.aMyFuncName); (void) printf ("After CalculateIntersection:\n%s\n", stateAscii); } while ( 0) | |||
2184 | ("After CalculateIntersection:\n%s\n", stateAscii)do { (void) printf("(%s: ", stdVars.aMyFuncName); (void) printf ("After CalculateIntersection:\n%s\n", stateAscii); } while ( 0); | |||
2185 | ||||
2186 | PKIX_FREE(stateAscii)do { if (stateAscii) { stdVars.aPkixTempResult = PKIX_PL_Free ((stateAscii), plContext); if (stdVars.aPkixTempResult) { PKIX_DoAddError (&stdVars, stdVars.aPkixTempResult, plContext); stdVars.aPkixTempResult = ((void*)0); } stateAscii = ((void*)0); } } while (0); | |||
2187 | PKIX_DECREF(stateString)do { if (stateString){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(stateString), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } stateString = ((void *)0); } } while (0); | |||
2188 | } else { | |||
2189 | PKIX_DEBUG("validPolicyTree is NULL\n")do { do { if (pkixLoggersErrors) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, "validPolicyTree is NULL\n", stdVars.aPkixType , 4, plContext); } } while (0); (void) fprintf(stderr, "(%s: " , stdVars.aMyFuncName); (void) fprintf(stderr, "validPolicyTree is NULL\n" ); } while (0); | |||
2190 | } | |||
2191 | #endif | |||
2192 | ||||
2193 | /* Section 6.1.5(g)(iii)(4) ... */ | |||
2194 | ||||
2195 | if (state->validPolicyTree) { | |||
2196 | ||||
2197 | PKIX_CHECK(pkix_PolicyNode_Prunedo { stdVars.aPkixErrorResult = (pkix_PolicyNode_Prune (state ->validPolicyTree, state->numCerts, &shouldBePruned , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYNODEPRUNEFAILED; goto cleanup; } } while (0) | |||
2198 | (state->validPolicyTree,do { stdVars.aPkixErrorResult = (pkix_PolicyNode_Prune (state ->validPolicyTree, state->numCerts, &shouldBePruned , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYNODEPRUNEFAILED; goto cleanup; } } while (0) | |||
2199 | state->numCerts,do { stdVars.aPkixErrorResult = (pkix_PolicyNode_Prune (state ->validPolicyTree, state->numCerts, &shouldBePruned , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYNODEPRUNEFAILED; goto cleanup; } } while (0) | |||
2200 | &shouldBePruned,do { stdVars.aPkixErrorResult = (pkix_PolicyNode_Prune (state ->validPolicyTree, state->numCerts, &shouldBePruned , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYNODEPRUNEFAILED; goto cleanup; } } while (0) | |||
2201 | plContext),do { stdVars.aPkixErrorResult = (pkix_PolicyNode_Prune (state ->validPolicyTree, state->numCerts, &shouldBePruned , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYNODEPRUNEFAILED; goto cleanup; } } while (0) | |||
2202 | PKIX_POLICYNODEPRUNEFAILED)do { stdVars.aPkixErrorResult = (pkix_PolicyNode_Prune (state ->validPolicyTree, state->numCerts, &shouldBePruned , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYNODEPRUNEFAILED; goto cleanup; } } while (0); | |||
2203 | ||||
2204 | if (shouldBePruned) { | |||
2205 | PKIX_DECREF(state->validPolicyTree)do { if (state->validPolicyTree){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(state->validPolicyTree ), plContext); if (stdVars.aPkixTempResult) { PKIX_DoAddError (&stdVars, stdVars.aPkixTempResult, plContext); stdVars.aPkixTempResult = ((void*)0); } state->validPolicyTree = ((void*)0); } } while (0); | |||
2206 | } | |||
2207 | } | |||
2208 | ||||
2209 | if (state->validPolicyTree) { | |||
2210 | PKIX_CHECK(PKIX_PL_Object_InvalidateCachedo { stdVars.aPkixErrorResult = (PKIX_PL_Object_InvalidateCache ((PKIX_PL_Object *)state->validPolicyTree, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OBJECTINVALIDATECACHEFAILED ; goto cleanup; } } while (0) | |||
2211 | ((PKIX_PL_Object *)state->validPolicyTree, plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_Object_InvalidateCache ((PKIX_PL_Object *)state->validPolicyTree, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OBJECTINVALIDATECACHEFAILED ; goto cleanup; } } while (0) | |||
2212 | PKIX_OBJECTINVALIDATECACHEFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_Object_InvalidateCache ((PKIX_PL_Object *)state->validPolicyTree, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OBJECTINVALIDATECACHEFAILED ; goto cleanup; } } while (0); | |||
2213 | } | |||
2214 | ||||
2215 | PKIX_CHECK(PKIX_PL_Object_InvalidateCachedo { stdVars.aPkixErrorResult = (PKIX_PL_Object_InvalidateCache ((PKIX_PL_Object *)state, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_OBJECTINVALIDATECACHEFAILED; goto cleanup; } } while (0) | |||
2216 | ((PKIX_PL_Object *)state, plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_Object_InvalidateCache ((PKIX_PL_Object *)state, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_OBJECTINVALIDATECACHEFAILED; goto cleanup; } } while (0) | |||
2217 | PKIX_OBJECTINVALIDATECACHEFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_Object_InvalidateCache ((PKIX_PL_Object *)state, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_OBJECTINVALIDATECACHEFAILED; goto cleanup; } } while (0); | |||
2218 | ||||
2219 | #if PKIX_CERTPOLICYCHECKERSTATEDEBUG | |||
2220 | PKIX_CHECK(PKIX_PL_Object_ToStringdo { stdVars.aPkixErrorResult = (PKIX_PL_Object_ToString ((PKIX_PL_Object *)state, &stateString, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_OBJECTTOSTRINGFAILED; goto cleanup ; } } while (0) | |||
2221 | ((PKIX_PL_Object*)state, &stateString, plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_Object_ToString ((PKIX_PL_Object *)state, &stateString, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_OBJECTTOSTRINGFAILED; goto cleanup ; } } while (0) | |||
2222 | PKIX_OBJECTTOSTRINGFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_Object_ToString ((PKIX_PL_Object *)state, &stateString, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_OBJECTTOSTRINGFAILED; goto cleanup ; } } while (0); | |||
2223 | PKIX_CHECK(PKIX_PL_String_GetEncodeddo { stdVars.aPkixErrorResult = (PKIX_PL_String_GetEncoded (stateString , 0, (void **)&stateAscii, &length, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_STRINGGETENCODEDFAILED ; goto cleanup; } } while (0) | |||
2224 | (stateString,do { stdVars.aPkixErrorResult = (PKIX_PL_String_GetEncoded (stateString , 0, (void **)&stateAscii, &length, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_STRINGGETENCODEDFAILED ; goto cleanup; } } while (0) | |||
2225 | PKIX_ESCASCII,do { stdVars.aPkixErrorResult = (PKIX_PL_String_GetEncoded (stateString , 0, (void **)&stateAscii, &length, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_STRINGGETENCODEDFAILED ; goto cleanup; } } while (0) | |||
2226 | (void **)&stateAscii,do { stdVars.aPkixErrorResult = (PKIX_PL_String_GetEncoded (stateString , 0, (void **)&stateAscii, &length, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_STRINGGETENCODEDFAILED ; goto cleanup; } } while (0) | |||
2227 | &length,do { stdVars.aPkixErrorResult = (PKIX_PL_String_GetEncoded (stateString , 0, (void **)&stateAscii, &length, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_STRINGGETENCODEDFAILED ; goto cleanup; } } while (0) | |||
2228 | plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_String_GetEncoded (stateString , 0, (void **)&stateAscii, &length, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_STRINGGETENCODEDFAILED ; goto cleanup; } } while (0) | |||
2229 | PKIX_STRINGGETENCODEDFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_String_GetEncoded (stateString , 0, (void **)&stateAscii, &length, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_STRINGGETENCODEDFAILED ; goto cleanup; } } while (0); | |||
2230 | PKIX_DEBUG_ARG("%s\n", stateAscii)do { (void) printf("(%s: ", stdVars.aMyFuncName); (void) printf ("%s\n", stateAscii); } while (0); | |||
2231 | ||||
2232 | PKIX_FREE(stateAscii)do { if (stateAscii) { stdVars.aPkixTempResult = PKIX_PL_Free ((stateAscii), plContext); if (stdVars.aPkixTempResult) { PKIX_DoAddError (&stdVars, stdVars.aPkixTempResult, plContext); stdVars.aPkixTempResult = ((void*)0); } stateAscii = ((void*)0); } } while (0); | |||
2233 | PKIX_DECREF(stateString)do { if (stateString){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(stateString), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } stateString = ((void *)0); } } while (0); | |||
2234 | #endif | |||
2235 | ||||
2236 | cleanup: | |||
2237 | ||||
2238 | PKIX_DECREF(nominees)do { if (nominees){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(nominees), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } nominees = ((void* )0); } } while (0); | |||
2239 | ||||
2240 | PKIX_RETURN(CERTCHAINCHECKER)return PKIX_DoReturn(&stdVars, (PKIX_CERTCHAINCHECKER_ERROR ), ((PKIX_Boolean) 1), plContext);; | |||
2241 | } | |||
2242 | ||||
2243 | ||||
2244 | /* | |||
2245 | * FUNCTION: pkix_PolicyChecker_Check | |||
2246 | * (see comments in pkix_checker.h for PKIX_CertChainChecker_CheckCallback) | |||
2247 | * | |||
2248 | * Labels referring to sections, such as "Section 6.1.3(d)", refer to | |||
2249 | * sections of RFC3280, Section 6.1.3 Basic Certificate Processing. | |||
2250 | * | |||
2251 | * If a non-fatal error occurs, it is unlikely that policy processing can | |||
2252 | * continue. But it is still possible that chain validation could succeed if | |||
2253 | * policy processing is non-critical. So if this function receives a non-fatal | |||
2254 | * error from a lower level routine, it aborts policy processing by setting | |||
2255 | * the validPolicyTree to NULL and tries to continue. | |||
2256 | * | |||
2257 | */ | |||
2258 | static PKIX_Error * | |||
2259 | pkix_PolicyChecker_Check( | |||
2260 | PKIX_CertChainChecker *checker, | |||
2261 | PKIX_PL_Cert *cert, | |||
2262 | PKIX_List *unresolvedCriticals, /* OIDs */ | |||
2263 | void **pNBIOContext, | |||
2264 | void *plContext) | |||
2265 | { | |||
2266 | PKIX_UInt32 numPolicies = 0; | |||
2267 | PKIX_UInt32 polX = 0; | |||
2268 | PKIX_Boolean result = PKIX_FALSE((PKIX_Boolean) 0); | |||
2269 | PKIX_Int32 inhibitMappingSkipCerts = 0; | |||
2270 | PKIX_Int32 explicitPolicySkipCerts = 0; | |||
2271 | PKIX_Int32 inhibitAnyPolicySkipCerts = 0; | |||
2272 | PKIX_Boolean shouldBePruned = PKIX_FALSE((PKIX_Boolean) 0); | |||
2273 | PKIX_Boolean isSelfIssued = PKIX_FALSE((PKIX_Boolean) 0); | |||
2274 | PKIX_Boolean certPoliciesIncludeAny = PKIX_FALSE((PKIX_Boolean) 0); | |||
2275 | PKIX_Boolean doAnyPolicyProcessing = PKIX_FALSE((PKIX_Boolean) 0); | |||
2276 | ||||
2277 | PKIX_PolicyCheckerState *state = NULL((void*)0); | |||
2278 | PKIX_List *certPolicyInfos = NULL((void*)0); /* CertPolicyInfos */ | |||
2279 | PKIX_PL_CertPolicyInfo *policy = NULL((void*)0); | |||
2280 | PKIX_PL_OID *policyOID = NULL((void*)0); | |||
2281 | PKIX_List *qualsOfAny = NULL((void*)0); /* CertPolicyQualifiers */ | |||
2282 | PKIX_List *policyQualifiers = NULL((void*)0); /* CertPolicyQualifiers */ | |||
2283 | PKIX_List *policyMaps = NULL((void*)0); /* CertPolicyMaps */ | |||
2284 | PKIX_List *mappedPolicies = NULL((void*)0); /* OIDs */ | |||
2285 | PKIX_Error *subroutineErr = NULL((void*)0); | |||
2286 | #if PKIX_CERTPOLICYCHECKERSTATEDEBUG | |||
2287 | PKIX_PL_String *stateString = NULL((void*)0); | |||
2288 | char *stateAscii = NULL((void*)0); | |||
2289 | PKIX_PL_String *certString = NULL((void*)0); | |||
2290 | char *certAscii = NULL((void*)0); | |||
2291 | PKIX_UInt32 length; | |||
2292 | #endif | |||
2293 | ||||
2294 | PKIX_ENTER(CERTCHAINCHECKER, "pkix_PolicyChecker_Check")static const char cMyFuncName[] = {"pkix_PolicyChecker_Check" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTCHAINCHECKER_ERROR; ; do { if ( pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0);; | |||
2295 | PKIX_NULLCHECK_FOUR(checker, cert, unresolvedCriticals, pNBIOContext)do { if (((checker) == ((void*)0)) || ((cert) == ((void*)0)) || ((unresolvedCriticals) == ((void*)0)) || ((pNBIOContext) == ( (void*)0))){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT; return PKIX_DoReturn (&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean) 1), plContext );; } } while (0); | |||
2296 | ||||
2297 | *pNBIOContext = NULL((void*)0); /* we never block on pending I/O */ | |||
2298 | ||||
2299 | PKIX_CHECK(PKIX_CertChainChecker_GetCertChainCheckerStatedo { stdVars.aPkixErrorResult = (PKIX_CertChainChecker_GetCertChainCheckerState (checker, (PKIX_PL_Object **)&state, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTCHAINCHECKERGETCERTCHAINCHECKERSTATEFAILED ; goto cleanup; } } while (0) | |||
2300 | (checker, (PKIX_PL_Object **)&state, plContext),do { stdVars.aPkixErrorResult = (PKIX_CertChainChecker_GetCertChainCheckerState (checker, (PKIX_PL_Object **)&state, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTCHAINCHECKERGETCERTCHAINCHECKERSTATEFAILED ; goto cleanup; } } while (0) | |||
2301 | PKIX_CERTCHAINCHECKERGETCERTCHAINCHECKERSTATEFAILED)do { stdVars.aPkixErrorResult = (PKIX_CertChainChecker_GetCertChainCheckerState (checker, (PKIX_PL_Object **)&state, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTCHAINCHECKERGETCERTCHAINCHECKERSTATEFAILED ; goto cleanup; } } while (0); | |||
2302 | ||||
2303 | PKIX_NULLCHECK_TWO(state, state->certPoliciesExtension)do { if (((state) == ((void*)0)) || ((state->certPoliciesExtension ) == ((void*)0))){ stdVars.aPkixErrorReceived = ((PKIX_Boolean ) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT; return PKIX_DoReturn (&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean) 1), plContext );; } } while (0); | |||
2304 | ||||
2305 | #if PKIX_CERTPOLICYCHECKERSTATEDEBUG | |||
2306 | PKIX_CHECK(PKIX_PL_Object_ToStringdo { stdVars.aPkixErrorResult = (PKIX_PL_Object_ToString ((PKIX_PL_Object *)state, &stateString, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_OBJECTTOSTRINGFAILED; goto cleanup ; } } while (0) | |||
2307 | ((PKIX_PL_Object*)state, &stateString, plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_Object_ToString ((PKIX_PL_Object *)state, &stateString, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_OBJECTTOSTRINGFAILED; goto cleanup ; } } while (0) | |||
2308 | PKIX_OBJECTTOSTRINGFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_Object_ToString ((PKIX_PL_Object *)state, &stateString, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_OBJECTTOSTRINGFAILED; goto cleanup ; } } while (0); | |||
2309 | PKIX_CHECK(PKIX_PL_String_GetEncodeddo { stdVars.aPkixErrorResult = (PKIX_PL_String_GetEncoded (stateString , 0, (void **)&stateAscii, &length, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_STRINGGETENCODEDFAILED ; goto cleanup; } } while (0) | |||
2310 | (stateString,do { stdVars.aPkixErrorResult = (PKIX_PL_String_GetEncoded (stateString , 0, (void **)&stateAscii, &length, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_STRINGGETENCODEDFAILED ; goto cleanup; } } while (0) | |||
2311 | PKIX_ESCASCII,do { stdVars.aPkixErrorResult = (PKIX_PL_String_GetEncoded (stateString , 0, (void **)&stateAscii, &length, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_STRINGGETENCODEDFAILED ; goto cleanup; } } while (0) | |||
2312 | (void **)&stateAscii,do { stdVars.aPkixErrorResult = (PKIX_PL_String_GetEncoded (stateString , 0, (void **)&stateAscii, &length, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_STRINGGETENCODEDFAILED ; goto cleanup; } } while (0) | |||
2313 | &length,do { stdVars.aPkixErrorResult = (PKIX_PL_String_GetEncoded (stateString , 0, (void **)&stateAscii, &length, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_STRINGGETENCODEDFAILED ; goto cleanup; } } while (0) | |||
2314 | plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_String_GetEncoded (stateString , 0, (void **)&stateAscii, &length, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_STRINGGETENCODEDFAILED ; goto cleanup; } } while (0) | |||
2315 | PKIX_STRINGGETENCODEDFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_String_GetEncoded (stateString , 0, (void **)&stateAscii, &length, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_STRINGGETENCODEDFAILED ; goto cleanup; } } while (0); | |||
2316 | PKIX_DEBUG_ARG("On entry %s\n", stateAscii)do { (void) printf("(%s: ", stdVars.aMyFuncName); (void) printf ("On entry %s\n", stateAscii); } while (0); | |||
2317 | PKIX_FREE(stateAscii)do { if (stateAscii) { stdVars.aPkixTempResult = PKIX_PL_Free ((stateAscii), plContext); if (stdVars.aPkixTempResult) { PKIX_DoAddError (&stdVars, stdVars.aPkixTempResult, plContext); stdVars.aPkixTempResult = ((void*)0); } stateAscii = ((void*)0); } } while (0); | |||
2318 | PKIX_DECREF(stateString)do { if (stateString){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(stateString), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } stateString = ((void *)0); } } while (0); | |||
2319 | #endif | |||
2320 | ||||
2321 | /* | |||
2322 | * Section 6.1.4(a) | |||
2323 | * If this is not the last certificate, and if | |||
2324 | * policyMapping extension is present, check that no | |||
2325 | * issuerDomainPolicy or subjectDomainPolicy is equal to the | |||
2326 | * special policy anyPolicy. | |||
2327 | */ | |||
2328 | if (state->certsProcessed != (state->numCerts - 1)) { | |||
2329 | PKIX_CHECK(PKIX_PL_Cert_GetPolicyMappingsdo { stdVars.aPkixErrorResult = (PKIX_PL_Cert_GetPolicyMappings (cert, &policyMaps, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTGETPOLICYMAPPINGSFAILED; goto cleanup; } } while (0) | |||
2330 | (cert, &policyMaps, plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_Cert_GetPolicyMappings (cert, &policyMaps, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTGETPOLICYMAPPINGSFAILED; goto cleanup; } } while (0) | |||
2331 | PKIX_CERTGETPOLICYMAPPINGSFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_Cert_GetPolicyMappings (cert, &policyMaps, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTGETPOLICYMAPPINGSFAILED; goto cleanup; } } while (0); | |||
2332 | } | |||
2333 | ||||
2334 | if (policyMaps) { | |||
2335 | ||||
2336 | PKIX_CHECK(pkix_PolicyChecker_MapContainsdo { stdVars.aPkixErrorResult = (pkix_PolicyChecker_MapContains (policyMaps, state->anyPolicyOID, &result, plContext) ); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERMAPCONTAINSFAILED ; goto cleanup; } } while (0) | |||
2337 | (policyMaps, state->anyPolicyOID, &result, plContext),do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_MapContains (policyMaps, state->anyPolicyOID, &result, plContext) ); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERMAPCONTAINSFAILED ; goto cleanup; } } while (0) | |||
2338 | PKIX_POLICYCHECKERMAPCONTAINSFAILED)do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_MapContains (policyMaps, state->anyPolicyOID, &result, plContext) ); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERMAPCONTAINSFAILED ; goto cleanup; } } while (0); | |||
2339 | ||||
2340 | if (result) { | |||
2341 | PKIX_ERROR(PKIX_INVALIDPOLICYMAPPINGINCLUDESANYPOLICY){ { if (pkixLoggersErrors) { pkix_Logger_CheckWithCode(pkixLoggersErrors , PKIX_INVALIDPOLICYMAPPINGINCLUDESANYPOLICY, ((void*)0), stdVars .aPkixType, 2, plContext); } } stdVars.aPkixErrorReceived = ( (PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_INVALIDPOLICYMAPPINGINCLUDESANYPOLICY ; goto cleanup; }; | |||
2342 | } | |||
2343 | ||||
2344 | PKIX_CHECK(pkix_PolicyChecker_MapGetMappedPoliciesdo { stdVars.aPkixErrorResult = (pkix_PolicyChecker_MapGetMappedPolicies (policyMaps, &mappedPolicies, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERMAPGETMAPPEDPOLICIESFAILED ; goto cleanup; } } while (0) | |||
2345 | (policyMaps, &mappedPolicies, plContext),do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_MapGetMappedPolicies (policyMaps, &mappedPolicies, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERMAPGETMAPPEDPOLICIESFAILED ; goto cleanup; } } while (0) | |||
2346 | PKIX_POLICYCHECKERMAPGETMAPPEDPOLICIESFAILED)do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_MapGetMappedPolicies (policyMaps, &mappedPolicies, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERMAPGETMAPPEDPOLICIESFAILED ; goto cleanup; } } while (0); | |||
2347 | ||||
2348 | PKIX_DECREF(state->mappedPolicyOIDs)do { if (state->mappedPolicyOIDs){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(state->mappedPolicyOIDs ), plContext); if (stdVars.aPkixTempResult) { PKIX_DoAddError (&stdVars, stdVars.aPkixTempResult, plContext); stdVars.aPkixTempResult = ((void*)0); } state->mappedPolicyOIDs = ((void*)0); } } while (0); | |||
2349 | PKIX_INCREF(mappedPolicies)do { if (mappedPolicies){ stdVars.aPkixTempResult = PKIX_PL_Object_IncRef ((PKIX_PL_Object *)(mappedPolicies), plContext); if (stdVars .aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); goto cleanup ; } } } while (0); | |||
2350 | state->mappedPolicyOIDs = mappedPolicies; | |||
2351 | } | |||
2352 | ||||
2353 | /* Section 6.1.3(d) */ | |||
2354 | if (state->validPolicyTree) { | |||
2355 | ||||
2356 | PKIX_CHECK(PKIX_PL_Cert_GetPolicyInformationdo { stdVars.aPkixErrorResult = (PKIX_PL_Cert_GetPolicyInformation (cert, &certPolicyInfos, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTGETPOLICYINFORMATIONFAILED ; goto cleanup; } } while (0) | |||
2357 | (cert, &certPolicyInfos, plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_Cert_GetPolicyInformation (cert, &certPolicyInfos, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTGETPOLICYINFORMATIONFAILED ; goto cleanup; } } while (0) | |||
2358 | PKIX_CERTGETPOLICYINFORMATIONFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_Cert_GetPolicyInformation (cert, &certPolicyInfos, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTGETPOLICYINFORMATIONFAILED ; goto cleanup; } } while (0); | |||
2359 | ||||
2360 | if (certPolicyInfos) { | |||
2361 | PKIX_CHECK(PKIX_List_GetLengthdo { stdVars.aPkixErrorResult = (PKIX_List_GetLength (certPolicyInfos , &numPolicies, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup ; } } while (0) | |||
2362 | (certPolicyInfos, &numPolicies, plContext),do { stdVars.aPkixErrorResult = (PKIX_List_GetLength (certPolicyInfos , &numPolicies, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup ; } } while (0) | |||
2363 | PKIX_LISTGETLENGTHFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_GetLength (certPolicyInfos , &numPolicies, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup ; } } while (0); | |||
2364 | } | |||
2365 | ||||
2366 | if (numPolicies > 0) { | |||
2367 | ||||
2368 | PKIX_CHECK(PKIX_PL_Cert_AreCertPoliciesCriticaldo { stdVars.aPkixErrorResult = (PKIX_PL_Cert_AreCertPoliciesCritical (cert, &(state->certPoliciesCritical), plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_CERTARECERTPOLICIESCRITICALFAILED ; goto cleanup; } } while (0) | |||
2369 | (cert, &(state->certPoliciesCritical), plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_Cert_AreCertPoliciesCritical (cert, &(state->certPoliciesCritical), plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_CERTARECERTPOLICIESCRITICALFAILED ; goto cleanup; } } while (0) | |||
2370 | PKIX_CERTARECERTPOLICIESCRITICALFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_Cert_AreCertPoliciesCritical (cert, &(state->certPoliciesCritical), plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_CERTARECERTPOLICIESCRITICALFAILED ; goto cleanup; } } while (0); | |||
2371 | ||||
2372 | /* Section 6.1.3(d)(1) For each policy not equal to anyPolicy */ | |||
2373 | for (polX = 0; polX < numPolicies; polX++) { | |||
2374 | ||||
2375 | PKIX_CHECK(PKIX_List_GetItemdo { stdVars.aPkixErrorResult = (PKIX_List_GetItem (certPolicyInfos , polX, (PKIX_PL_Object **)&policy, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
2376 | (certPolicyInfos,do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (certPolicyInfos , polX, (PKIX_PL_Object **)&policy, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
2377 | polX,do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (certPolicyInfos , polX, (PKIX_PL_Object **)&policy, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
2378 | (PKIX_PL_Object **)&policy,do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (certPolicyInfos , polX, (PKIX_PL_Object **)&policy, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
2379 | plContext),do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (certPolicyInfos , polX, (PKIX_PL_Object **)&policy, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
2380 | PKIX_LISTGETITEMFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (certPolicyInfos , polX, (PKIX_PL_Object **)&policy, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0); | |||
2381 | ||||
2382 | PKIX_CHECK(PKIX_PL_CertPolicyInfo_GetPolicyIddo { stdVars.aPkixErrorResult = (PKIX_PL_CertPolicyInfo_GetPolicyId (policy, &policyOID, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTPOLICYINFOGETPOLICYIDFAILED ; goto cleanup; } } while (0) | |||
2383 | (policy, &policyOID, plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_CertPolicyInfo_GetPolicyId (policy, &policyOID, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTPOLICYINFOGETPOLICYIDFAILED ; goto cleanup; } } while (0) | |||
2384 | PKIX_CERTPOLICYINFOGETPOLICYIDFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_CertPolicyInfo_GetPolicyId (policy, &policyOID, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTPOLICYINFOGETPOLICYIDFAILED ; goto cleanup; } } while (0); | |||
2385 | ||||
2386 | PKIX_CHECK(PKIX_PL_CertPolicyInfo_GetPolQualifiersdo { stdVars.aPkixErrorResult = (PKIX_PL_CertPolicyInfo_GetPolQualifiers (policy, &policyQualifiers, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTPOLICYINFOGETPOLQUALIFIERSFAILED ; goto cleanup; } } while (0) | |||
2387 | (policy, &policyQualifiers, plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_CertPolicyInfo_GetPolQualifiers (policy, &policyQualifiers, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTPOLICYINFOGETPOLQUALIFIERSFAILED ; goto cleanup; } } while (0) | |||
2388 | PKIX_CERTPOLICYINFOGETPOLQUALIFIERSFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_CertPolicyInfo_GetPolQualifiers (policy, &policyQualifiers, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTPOLICYINFOGETPOLQUALIFIERSFAILED ; goto cleanup; } } while (0); | |||
2389 | ||||
2390 | PKIX_EQUALSdo { if ((state->anyPolicyOID) != ((void*)0) && (policyOID ) != ((void*)0)) { do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Equals ((PKIX_PL_Object *)(state->anyPolicyOID), (PKIX_PL_Object *)(policyOID), (&result), (plContext))); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = (PKIX_OIDEQUALFAILED); goto cleanup ; } } while (0); } else if ((state->anyPolicyOID) == ((void *)0) && (policyOID) == ((void*)0)) { *(&result) = ((PKIX_Boolean) 1); } else { *(&result) = ((PKIX_Boolean ) 0); } } while (0) | |||
2391 | (state->anyPolicyOID,do { if ((state->anyPolicyOID) != ((void*)0) && (policyOID ) != ((void*)0)) { do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Equals ((PKIX_PL_Object *)(state->anyPolicyOID), (PKIX_PL_Object *)(policyOID), (&result), (plContext))); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = (PKIX_OIDEQUALFAILED); goto cleanup ; } } while (0); } else if ((state->anyPolicyOID) == ((void *)0) && (policyOID) == ((void*)0)) { *(&result) = ((PKIX_Boolean) 1); } else { *(&result) = ((PKIX_Boolean ) 0); } } while (0) | |||
2392 | policyOID,do { if ((state->anyPolicyOID) != ((void*)0) && (policyOID ) != ((void*)0)) { do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Equals ((PKIX_PL_Object *)(state->anyPolicyOID), (PKIX_PL_Object *)(policyOID), (&result), (plContext))); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = (PKIX_OIDEQUALFAILED); goto cleanup ; } } while (0); } else if ((state->anyPolicyOID) == ((void *)0) && (policyOID) == ((void*)0)) { *(&result) = ((PKIX_Boolean) 1); } else { *(&result) = ((PKIX_Boolean ) 0); } } while (0) | |||
2393 | &result,do { if ((state->anyPolicyOID) != ((void*)0) && (policyOID ) != ((void*)0)) { do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Equals ((PKIX_PL_Object *)(state->anyPolicyOID), (PKIX_PL_Object *)(policyOID), (&result), (plContext))); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = (PKIX_OIDEQUALFAILED); goto cleanup ; } } while (0); } else if ((state->anyPolicyOID) == ((void *)0) && (policyOID) == ((void*)0)) { *(&result) = ((PKIX_Boolean) 1); } else { *(&result) = ((PKIX_Boolean ) 0); } } while (0) | |||
2394 | plContext,do { if ((state->anyPolicyOID) != ((void*)0) && (policyOID ) != ((void*)0)) { do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Equals ((PKIX_PL_Object *)(state->anyPolicyOID), (PKIX_PL_Object *)(policyOID), (&result), (plContext))); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = (PKIX_OIDEQUALFAILED); goto cleanup ; } } while (0); } else if ((state->anyPolicyOID) == ((void *)0) && (policyOID) == ((void*)0)) { *(&result) = ((PKIX_Boolean) 1); } else { *(&result) = ((PKIX_Boolean ) 0); } } while (0) | |||
2395 | PKIX_OIDEQUALFAILED)do { if ((state->anyPolicyOID) != ((void*)0) && (policyOID ) != ((void*)0)) { do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Equals ((PKIX_PL_Object *)(state->anyPolicyOID), (PKIX_PL_Object *)(policyOID), (&result), (plContext))); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = (PKIX_OIDEQUALFAILED); goto cleanup ; } } while (0); } else if ((state->anyPolicyOID) == ((void *)0) && (policyOID) == ((void*)0)) { *(&result) = ((PKIX_Boolean) 1); } else { *(&result) = ((PKIX_Boolean ) 0); } } while (0); | |||
2396 | ||||
2397 | if (result == PKIX_FALSE((PKIX_Boolean) 0)) { | |||
2398 | ||||
2399 | /* Section 6.1.3(d)(1)(i) */ | |||
2400 | subroutineErr = pkix_PolicyChecker_CheckPolicy | |||
2401 | (policyOID, | |||
2402 | policyQualifiers, | |||
2403 | cert, | |||
2404 | policyMaps, | |||
2405 | state, | |||
2406 | plContext); | |||
2407 | if (subroutineErr) { | |||
2408 | goto subrErrorCleanup; | |||
2409 | } | |||
2410 | ||||
2411 | } else { | |||
2412 | /* | |||
2413 | * No descent (yet) for anyPolicy, but we will need | |||
2414 | * the policyQualifiers for anyPolicy in 6.1.3(d)(2) | |||
2415 | */ | |||
2416 | PKIX_DECREF(qualsOfAny)do { if (qualsOfAny){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(qualsOfAny), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } qualsOfAny = ((void *)0); } } while (0); | |||
2417 | PKIX_INCREF(policyQualifiers)do { if (policyQualifiers){ stdVars.aPkixTempResult = PKIX_PL_Object_IncRef ((PKIX_PL_Object *)(policyQualifiers), plContext); if (stdVars .aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); goto cleanup ; } } } while (0); | |||
2418 | qualsOfAny = policyQualifiers; | |||
2419 | certPoliciesIncludeAny = PKIX_TRUE((PKIX_Boolean) 1); | |||
2420 | } | |||
2421 | PKIX_DECREF(policy)do { if (policy){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(policy), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } policy = ((void*)0 ); } } while (0); | |||
2422 | PKIX_DECREF(policyOID)do { if (policyOID){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(policyOID), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } policyOID = ((void *)0); } } while (0); | |||
2423 | PKIX_DECREF(policyQualifiers)do { if (policyQualifiers){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(policyQualifiers), plContext); if (stdVars .aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); } policyQualifiers = ((void*)0); } } while (0); | |||
2424 | } | |||
2425 | ||||
2426 | /* Section 6.1.3(d)(2) */ | |||
2427 | if (certPoliciesIncludeAny == PKIX_TRUE((PKIX_Boolean) 1)) { | |||
2428 | if (state->inhibitAnyPolicy > 0) { | |||
2429 | doAnyPolicyProcessing = PKIX_TRUE((PKIX_Boolean) 1); | |||
2430 | } else { | |||
2431 | /* We haven't yet counted the current cert */ | |||
2432 | if (((state->certsProcessed) + 1) < | |||
2433 | (state->numCerts)) { | |||
2434 | ||||
2435 | PKIX_CHECK(pkix_IsCertSelfIssueddo { stdVars.aPkixErrorResult = (pkix_IsCertSelfIssued (cert, &doAnyPolicyProcessing, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_ISCERTSELFISSUEDFAILED; goto cleanup ; } } while (0) | |||
2436 | (cert,do { stdVars.aPkixErrorResult = (pkix_IsCertSelfIssued (cert, &doAnyPolicyProcessing, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_ISCERTSELFISSUEDFAILED; goto cleanup ; } } while (0) | |||
2437 | &doAnyPolicyProcessing,do { stdVars.aPkixErrorResult = (pkix_IsCertSelfIssued (cert, &doAnyPolicyProcessing, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_ISCERTSELFISSUEDFAILED; goto cleanup ; } } while (0) | |||
2438 | plContext),do { stdVars.aPkixErrorResult = (pkix_IsCertSelfIssued (cert, &doAnyPolicyProcessing, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_ISCERTSELFISSUEDFAILED; goto cleanup ; } } while (0) | |||
2439 | PKIX_ISCERTSELFISSUEDFAILED)do { stdVars.aPkixErrorResult = (pkix_IsCertSelfIssued (cert, &doAnyPolicyProcessing, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_ISCERTSELFISSUEDFAILED; goto cleanup ; } } while (0); | |||
2440 | } | |||
2441 | } | |||
2442 | if (doAnyPolicyProcessing) { | |||
2443 | subroutineErr = pkix_PolicyChecker_CheckAny | |||
2444 | (state->validPolicyTree, | |||
2445 | qualsOfAny, | |||
2446 | policyMaps, | |||
2447 | state, | |||
2448 | plContext); | |||
2449 | if (subroutineErr) { | |||
2450 | goto subrErrorCleanup; | |||
2451 | } | |||
2452 | } | |||
2453 | } | |||
2454 | ||||
2455 | /* Section 6.1.3(d)(3) */ | |||
2456 | if (state->validPolicyTree) { | |||
2457 | subroutineErr = pkix_PolicyNode_Prune | |||
2458 | (state->validPolicyTree, | |||
2459 | state->certsProcessed + 1, | |||
2460 | &shouldBePruned, | |||
2461 | plContext); | |||
2462 | if (subroutineErr) { | |||
2463 | goto subrErrorCleanup; | |||
2464 | } | |||
2465 | if (shouldBePruned) { | |||
2466 | PKIX_DECREF(state->validPolicyTree)do { if (state->validPolicyTree){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(state->validPolicyTree ), plContext); if (stdVars.aPkixTempResult) { PKIX_DoAddError (&stdVars, stdVars.aPkixTempResult, plContext); stdVars.aPkixTempResult = ((void*)0); } state->validPolicyTree = ((void*)0); } } while (0); | |||
2467 | PKIX_DECREF(state->anyPolicyNodeAtBottom)do { if (state->anyPolicyNodeAtBottom){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(state->anyPolicyNodeAtBottom ), plContext); if (stdVars.aPkixTempResult) { PKIX_DoAddError (&stdVars, stdVars.aPkixTempResult, plContext); stdVars.aPkixTempResult = ((void*)0); } state->anyPolicyNodeAtBottom = ((void*)0) ; } } while (0); | |||
2468 | } | |||
2469 | } | |||
2470 | ||||
2471 | PKIX_CHECK(PKIX_PL_Object_InvalidateCachedo { stdVars.aPkixErrorResult = (PKIX_PL_Object_InvalidateCache ((PKIX_PL_Object *)state, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_OBJECTINVALIDATECACHEFAILED; goto cleanup; } } while (0) | |||
2472 | ((PKIX_PL_Object *)state, plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_Object_InvalidateCache ((PKIX_PL_Object *)state, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_OBJECTINVALIDATECACHEFAILED; goto cleanup; } } while (0) | |||
2473 | PKIX_OBJECTINVALIDATECACHEFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_Object_InvalidateCache ((PKIX_PL_Object *)state, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_OBJECTINVALIDATECACHEFAILED; goto cleanup; } } while (0); | |||
2474 | ||||
2475 | } else { | |||
2476 | /* Section 6.1.3(e) */ | |||
2477 | PKIX_DECREF(state->validPolicyTree)do { if (state->validPolicyTree){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(state->validPolicyTree ), plContext); if (stdVars.aPkixTempResult) { PKIX_DoAddError (&stdVars, stdVars.aPkixTempResult, plContext); stdVars.aPkixTempResult = ((void*)0); } state->validPolicyTree = ((void*)0); } } while (0); | |||
2478 | PKIX_DECREF(state->anyPolicyNodeAtBottom)do { if (state->anyPolicyNodeAtBottom){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(state->anyPolicyNodeAtBottom ), plContext); if (stdVars.aPkixTempResult) { PKIX_DoAddError (&stdVars, stdVars.aPkixTempResult, plContext); stdVars.aPkixTempResult = ((void*)0); } state->anyPolicyNodeAtBottom = ((void*)0) ; } } while (0); | |||
2479 | PKIX_DECREF(state->newAnyPolicyNode)do { if (state->newAnyPolicyNode){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(state->newAnyPolicyNode ), plContext); if (stdVars.aPkixTempResult) { PKIX_DoAddError (&stdVars, stdVars.aPkixTempResult, plContext); stdVars.aPkixTempResult = ((void*)0); } state->newAnyPolicyNode = ((void*)0); } } while (0); | |||
2480 | ||||
2481 | PKIX_CHECK(PKIX_PL_Object_InvalidateCachedo { stdVars.aPkixErrorResult = (PKIX_PL_Object_InvalidateCache ((PKIX_PL_Object *)state, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_OBJECTINVALIDATECACHEFAILED; goto cleanup; } } while (0) | |||
2482 | ((PKIX_PL_Object *)state, plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_Object_InvalidateCache ((PKIX_PL_Object *)state, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_OBJECTINVALIDATECACHEFAILED; goto cleanup; } } while (0) | |||
2483 | PKIX_OBJECTINVALIDATECACHEFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_Object_InvalidateCache ((PKIX_PL_Object *)state, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_OBJECTINVALIDATECACHEFAILED; goto cleanup; } } while (0); | |||
2484 | } | |||
2485 | } | |||
2486 | ||||
2487 | /* Section 6.1.3(f) */ | |||
2488 | if ((0 == state->explicitPolicy) && (!state->validPolicyTree)) { | |||
2489 | PKIX_ERROR(PKIX_CERTCHAINFAILSCERTIFICATEPOLICYVALIDATION){ { if (pkixLoggersErrors) { pkix_Logger_CheckWithCode(pkixLoggersErrors , PKIX_CERTCHAINFAILSCERTIFICATEPOLICYVALIDATION, ((void*)0), stdVars.aPkixType, 2, plContext); } } stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_CERTCHAINFAILSCERTIFICATEPOLICYVALIDATION ; goto cleanup; }; | |||
2490 | } | |||
2491 | ||||
2492 | /* | |||
2493 | * Remove Policy OIDs from list of unresolved critical | |||
2494 | * extensions, if present. | |||
2495 | */ | |||
2496 | PKIX_CHECK(pkix_List_Removedo { stdVars.aPkixErrorResult = (pkix_List_Remove (unresolvedCriticals , (PKIX_PL_Object *)state->certPoliciesExtension, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTREMOVEFAILED; goto cleanup; } } while (0) | |||
2497 | (unresolvedCriticals,do { stdVars.aPkixErrorResult = (pkix_List_Remove (unresolvedCriticals , (PKIX_PL_Object *)state->certPoliciesExtension, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTREMOVEFAILED; goto cleanup; } } while (0) | |||
2498 | (PKIX_PL_Object *)state->certPoliciesExtension,do { stdVars.aPkixErrorResult = (pkix_List_Remove (unresolvedCriticals , (PKIX_PL_Object *)state->certPoliciesExtension, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTREMOVEFAILED; goto cleanup; } } while (0) | |||
2499 | plContext),do { stdVars.aPkixErrorResult = (pkix_List_Remove (unresolvedCriticals , (PKIX_PL_Object *)state->certPoliciesExtension, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTREMOVEFAILED; goto cleanup; } } while (0) | |||
2500 | PKIX_LISTREMOVEFAILED)do { stdVars.aPkixErrorResult = (pkix_List_Remove (unresolvedCriticals , (PKIX_PL_Object *)state->certPoliciesExtension, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTREMOVEFAILED; goto cleanup; } } while (0); | |||
2501 | ||||
2502 | PKIX_CHECK(pkix_List_Removedo { stdVars.aPkixErrorResult = (pkix_List_Remove (unresolvedCriticals , (PKIX_PL_Object *)state->policyMappingsExtension, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTREMOVEFAILED; goto cleanup; } } while (0) | |||
2503 | (unresolvedCriticals,do { stdVars.aPkixErrorResult = (pkix_List_Remove (unresolvedCriticals , (PKIX_PL_Object *)state->policyMappingsExtension, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTREMOVEFAILED; goto cleanup; } } while (0) | |||
2504 | (PKIX_PL_Object *)state->policyMappingsExtension,do { stdVars.aPkixErrorResult = (pkix_List_Remove (unresolvedCriticals , (PKIX_PL_Object *)state->policyMappingsExtension, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTREMOVEFAILED; goto cleanup; } } while (0) | |||
2505 | plContext),do { stdVars.aPkixErrorResult = (pkix_List_Remove (unresolvedCriticals , (PKIX_PL_Object *)state->policyMappingsExtension, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTREMOVEFAILED; goto cleanup; } } while (0) | |||
2506 | PKIX_LISTREMOVEFAILED)do { stdVars.aPkixErrorResult = (pkix_List_Remove (unresolvedCriticals , (PKIX_PL_Object *)state->policyMappingsExtension, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTREMOVEFAILED; goto cleanup; } } while (0); | |||
2507 | ||||
2508 | PKIX_CHECK(pkix_List_Removedo { stdVars.aPkixErrorResult = (pkix_List_Remove (unresolvedCriticals , (PKIX_PL_Object *)state->policyConstraintsExtension, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTREMOVEFAILED; goto cleanup; } } while (0) | |||
2509 | (unresolvedCriticals,do { stdVars.aPkixErrorResult = (pkix_List_Remove (unresolvedCriticals , (PKIX_PL_Object *)state->policyConstraintsExtension, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTREMOVEFAILED; goto cleanup; } } while (0) | |||
2510 | (PKIX_PL_Object *)state->policyConstraintsExtension,do { stdVars.aPkixErrorResult = (pkix_List_Remove (unresolvedCriticals , (PKIX_PL_Object *)state->policyConstraintsExtension, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTREMOVEFAILED; goto cleanup; } } while (0) | |||
2511 | plContext),do { stdVars.aPkixErrorResult = (pkix_List_Remove (unresolvedCriticals , (PKIX_PL_Object *)state->policyConstraintsExtension, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTREMOVEFAILED; goto cleanup; } } while (0) | |||
2512 | PKIX_LISTREMOVEFAILED)do { stdVars.aPkixErrorResult = (pkix_List_Remove (unresolvedCriticals , (PKIX_PL_Object *)state->policyConstraintsExtension, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTREMOVEFAILED; goto cleanup; } } while (0); | |||
2513 | ||||
2514 | PKIX_CHECK(pkix_List_Removedo { stdVars.aPkixErrorResult = (pkix_List_Remove (unresolvedCriticals , (PKIX_PL_Object *)state->inhibitAnyPolicyExtension, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTREMOVEFAILED; goto cleanup; } } while (0) | |||
2515 | (unresolvedCriticals,do { stdVars.aPkixErrorResult = (pkix_List_Remove (unresolvedCriticals , (PKIX_PL_Object *)state->inhibitAnyPolicyExtension, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTREMOVEFAILED; goto cleanup; } } while (0) | |||
2516 | (PKIX_PL_Object *)state->inhibitAnyPolicyExtension,do { stdVars.aPkixErrorResult = (pkix_List_Remove (unresolvedCriticals , (PKIX_PL_Object *)state->inhibitAnyPolicyExtension, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTREMOVEFAILED; goto cleanup; } } while (0) | |||
2517 | plContext),do { stdVars.aPkixErrorResult = (pkix_List_Remove (unresolvedCriticals , (PKIX_PL_Object *)state->inhibitAnyPolicyExtension, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTREMOVEFAILED; goto cleanup; } } while (0) | |||
2518 | PKIX_LISTREMOVEFAILED)do { stdVars.aPkixErrorResult = (pkix_List_Remove (unresolvedCriticals , (PKIX_PL_Object *)state->inhibitAnyPolicyExtension, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTREMOVEFAILED; goto cleanup; } } while (0); | |||
2519 | ||||
2520 | state->certsProcessed++; | |||
2521 | ||||
2522 | /* If this was not the last certificate, do next-cert preparation */ | |||
2523 | if (state->certsProcessed != state->numCerts) { | |||
2524 | ||||
2525 | if (policyMaps) { | |||
2526 | subroutineErr = pkix_PolicyChecker_PolicyMapProcessing | |||
2527 | (policyMaps, | |||
2528 | certPoliciesIncludeAny, | |||
2529 | qualsOfAny, | |||
2530 | state, | |||
2531 | plContext); | |||
2532 | if (subroutineErr) { | |||
2533 | goto subrErrorCleanup; | |||
2534 | } | |||
2535 | } | |||
2536 | ||||
2537 | /* update anyPolicyNodeAtBottom pointer */ | |||
2538 | PKIX_DECREF(state->anyPolicyNodeAtBottom)do { if (state->anyPolicyNodeAtBottom){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(state->anyPolicyNodeAtBottom ), plContext); if (stdVars.aPkixTempResult) { PKIX_DoAddError (&stdVars, stdVars.aPkixTempResult, plContext); stdVars.aPkixTempResult = ((void*)0); } state->anyPolicyNodeAtBottom = ((void*)0) ; } } while (0); | |||
2539 | state->anyPolicyNodeAtBottom = state->newAnyPolicyNode; | |||
2540 | state->newAnyPolicyNode = NULL((void*)0); | |||
2541 | ||||
2542 | /* Section 6.1.4(h) */ | |||
2543 | PKIX_CHECK(pkix_IsCertSelfIssueddo { stdVars.aPkixErrorResult = (pkix_IsCertSelfIssued (cert, &isSelfIssued, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_ISCERTSELFISSUEDFAILED; goto cleanup ; } } while (0) | |||
2544 | (cert, &isSelfIssued, plContext),do { stdVars.aPkixErrorResult = (pkix_IsCertSelfIssued (cert, &isSelfIssued, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_ISCERTSELFISSUEDFAILED; goto cleanup ; } } while (0) | |||
2545 | PKIX_ISCERTSELFISSUEDFAILED)do { stdVars.aPkixErrorResult = (pkix_IsCertSelfIssued (cert, &isSelfIssued, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_ISCERTSELFISSUEDFAILED; goto cleanup ; } } while (0); | |||
2546 | ||||
2547 | if (!isSelfIssued) { | |||
2548 | if (state->explicitPolicy > 0) { | |||
2549 | state->explicitPolicy--; | |||
2550 | } | |||
2551 | if (state->policyMapping > 0) { | |||
2552 | state->policyMapping--; | |||
2553 | } | |||
2554 | if (state->inhibitAnyPolicy > 0) { | |||
2555 | state->inhibitAnyPolicy--; | |||
2556 | } | |||
2557 | } | |||
2558 | ||||
2559 | /* Section 6.1.4(i) */ | |||
2560 | PKIX_CHECK(PKIX_PL_Cert_GetRequireExplicitPolicydo { stdVars.aPkixErrorResult = (PKIX_PL_Cert_GetRequireExplicitPolicy (cert, &explicitPolicySkipCerts, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTGETREQUIREEXPLICITPOLICYFAILED ; goto cleanup; } } while (0) | |||
2561 | (cert, &explicitPolicySkipCerts, plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_Cert_GetRequireExplicitPolicy (cert, &explicitPolicySkipCerts, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTGETREQUIREEXPLICITPOLICYFAILED ; goto cleanup; } } while (0) | |||
2562 | PKIX_CERTGETREQUIREEXPLICITPOLICYFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_Cert_GetRequireExplicitPolicy (cert, &explicitPolicySkipCerts, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTGETREQUIREEXPLICITPOLICYFAILED ; goto cleanup; } } while (0); | |||
2563 | ||||
2564 | if (explicitPolicySkipCerts != -1) { | |||
2565 | if (((PKIX_UInt32)explicitPolicySkipCerts) < | |||
2566 | (state->explicitPolicy)) { | |||
2567 | state->explicitPolicy = | |||
2568 | ((PKIX_UInt32) explicitPolicySkipCerts); | |||
2569 | } | |||
2570 | } | |||
2571 | ||||
2572 | PKIX_CHECK(PKIX_PL_Cert_GetPolicyMappingInhibiteddo { stdVars.aPkixErrorResult = (PKIX_PL_Cert_GetPolicyMappingInhibited (cert, &inhibitMappingSkipCerts, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTGETPOLICYMAPPINGINHIBITEDFAILED ; goto cleanup; } } while (0) | |||
2573 | (cert, &inhibitMappingSkipCerts, plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_Cert_GetPolicyMappingInhibited (cert, &inhibitMappingSkipCerts, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTGETPOLICYMAPPINGINHIBITEDFAILED ; goto cleanup; } } while (0) | |||
2574 | PKIX_CERTGETPOLICYMAPPINGINHIBITEDFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_Cert_GetPolicyMappingInhibited (cert, &inhibitMappingSkipCerts, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTGETPOLICYMAPPINGINHIBITEDFAILED ; goto cleanup; } } while (0); | |||
2575 | ||||
2576 | if (inhibitMappingSkipCerts != -1) { | |||
2577 | if (((PKIX_UInt32)inhibitMappingSkipCerts) < | |||
2578 | (state->policyMapping)) { | |||
2579 | state->policyMapping = | |||
2580 | ((PKIX_UInt32)inhibitMappingSkipCerts); | |||
2581 | } | |||
2582 | } | |||
2583 | ||||
2584 | PKIX_CHECK(PKIX_PL_Cert_GetInhibitAnyPolicydo { stdVars.aPkixErrorResult = (PKIX_PL_Cert_GetInhibitAnyPolicy (cert, &inhibitAnyPolicySkipCerts, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTGETINHIBITANYPOLICYFAILED ; goto cleanup; } } while (0) | |||
2585 | (cert, &inhibitAnyPolicySkipCerts, plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_Cert_GetInhibitAnyPolicy (cert, &inhibitAnyPolicySkipCerts, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTGETINHIBITANYPOLICYFAILED ; goto cleanup; } } while (0) | |||
2586 | PKIX_CERTGETINHIBITANYPOLICYFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_Cert_GetInhibitAnyPolicy (cert, &inhibitAnyPolicySkipCerts, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTGETINHIBITANYPOLICYFAILED ; goto cleanup; } } while (0); | |||
2587 | ||||
2588 | if (inhibitAnyPolicySkipCerts != -1) { | |||
2589 | if (((PKIX_UInt32)inhibitAnyPolicySkipCerts) < | |||
2590 | (state->inhibitAnyPolicy)) { | |||
2591 | state->inhibitAnyPolicy = | |||
2592 | ((PKIX_UInt32)inhibitAnyPolicySkipCerts); | |||
2593 | } | |||
2594 | } | |||
2595 | ||||
2596 | PKIX_CHECK(PKIX_PL_Object_InvalidateCachedo { stdVars.aPkixErrorResult = (PKIX_PL_Object_InvalidateCache ((PKIX_PL_Object *)state, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_OBJECTINVALIDATECACHEFAILED; goto cleanup; } } while (0) | |||
2597 | ((PKIX_PL_Object *)state, plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_Object_InvalidateCache ((PKIX_PL_Object *)state, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_OBJECTINVALIDATECACHEFAILED; goto cleanup; } } while (0) | |||
2598 | PKIX_OBJECTINVALIDATECACHEFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_Object_InvalidateCache ((PKIX_PL_Object *)state, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_OBJECTINVALIDATECACHEFAILED; goto cleanup; } } while (0); | |||
2599 | ||||
2600 | } else { /* If this was the last certificate, do wrap-up processing */ | |||
2601 | ||||
2602 | /* Section 6.1.5 */ | |||
2603 | subroutineErr = pkix_PolicyChecker_WrapUpProcessing | |||
2604 | (cert, state, plContext); | |||
2605 | if (subroutineErr) { | |||
2606 | goto subrErrorCleanup; | |||
2607 | } | |||
2608 | ||||
2609 | if ((0 == state->explicitPolicy) && (!state->validPolicyTree)) { | |||
2610 | PKIX_ERROR(PKIX_CERTCHAINFAILSCERTIFICATEPOLICYVALIDATION){ { if (pkixLoggersErrors) { pkix_Logger_CheckWithCode(pkixLoggersErrors , PKIX_CERTCHAINFAILSCERTIFICATEPOLICYVALIDATION, ((void*)0), stdVars.aPkixType, 2, plContext); } } stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_CERTCHAINFAILSCERTIFICATEPOLICYVALIDATION ; goto cleanup; }; | |||
2611 | } | |||
2612 | ||||
2613 | PKIX_DECREF(state->anyPolicyNodeAtBottom)do { if (state->anyPolicyNodeAtBottom){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(state->anyPolicyNodeAtBottom ), plContext); if (stdVars.aPkixTempResult) { PKIX_DoAddError (&stdVars, stdVars.aPkixTempResult, plContext); stdVars.aPkixTempResult = ((void*)0); } state->anyPolicyNodeAtBottom = ((void*)0) ; } } while (0); | |||
2614 | PKIX_DECREF(state->newAnyPolicyNode)do { if (state->newAnyPolicyNode){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(state->newAnyPolicyNode ), plContext); if (stdVars.aPkixTempResult) { PKIX_DoAddError (&stdVars, stdVars.aPkixTempResult, plContext); stdVars.aPkixTempResult = ((void*)0); } state->newAnyPolicyNode = ((void*)0); } } while (0); | |||
2615 | } | |||
2616 | ||||
2617 | ||||
2618 | if (subroutineErr) { | |||
2619 | ||||
2620 | subrErrorCleanup: | |||
2621 | /* We had an error. Was it a fatal error? */ | |||
2622 | pkixErrorClassstdVars.aPkixErrorClass = subroutineErr->errClass; | |||
2623 | if (pkixErrorClassstdVars.aPkixErrorClass == PKIX_FATAL_ERROR) { | |||
2624 | pkixErrorResultstdVars.aPkixErrorResult = subroutineErr; | |||
2625 | subroutineErr = NULL((void*)0); | |||
2626 | goto cleanup; | |||
2627 | } | |||
2628 | /* | |||
2629 | * Abort policy processing, and then determine whether | |||
2630 | * we can continue without policy processing. | |||
2631 | */ | |||
2632 | PKIX_DECREF(state->validPolicyTree)do { if (state->validPolicyTree){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(state->validPolicyTree ), plContext); if (stdVars.aPkixTempResult) { PKIX_DoAddError (&stdVars, stdVars.aPkixTempResult, plContext); stdVars.aPkixTempResult = ((void*)0); } state->validPolicyTree = ((void*)0); } } while (0); | |||
2633 | PKIX_DECREF(state->anyPolicyNodeAtBottom)do { if (state->anyPolicyNodeAtBottom){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(state->anyPolicyNodeAtBottom ), plContext); if (stdVars.aPkixTempResult) { PKIX_DoAddError (&stdVars, stdVars.aPkixTempResult, plContext); stdVars.aPkixTempResult = ((void*)0); } state->anyPolicyNodeAtBottom = ((void*)0) ; } } while (0); | |||
2634 | PKIX_DECREF(state->newAnyPolicyNode)do { if (state->newAnyPolicyNode){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(state->newAnyPolicyNode ), plContext); if (stdVars.aPkixTempResult) { PKIX_DoAddError (&stdVars, stdVars.aPkixTempResult, plContext); stdVars.aPkixTempResult = ((void*)0); } state->newAnyPolicyNode = ((void*)0); } } while (0); | |||
2635 | if (state->explicitPolicy == 0) { | |||
2636 | PKIX_ERROR{ { if (pkixLoggersErrors) { pkix_Logger_CheckWithCode(pkixLoggersErrors , PKIX_CERTCHAINFAILSCERTIFICATEPOLICYVALIDATION, ((void*)0), stdVars.aPkixType, 2, plContext); } } stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_CERTCHAINFAILSCERTIFICATEPOLICYVALIDATION ; goto cleanup; } | |||
2637 | (PKIX_CERTCHAINFAILSCERTIFICATEPOLICYVALIDATION){ { if (pkixLoggersErrors) { pkix_Logger_CheckWithCode(pkixLoggersErrors , PKIX_CERTCHAINFAILSCERTIFICATEPOLICYVALIDATION, ((void*)0), stdVars.aPkixType, 2, plContext); } } stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_CERTCHAINFAILSCERTIFICATEPOLICYVALIDATION ; goto cleanup; }; | |||
2638 | } | |||
2639 | } | |||
2640 | ||||
2641 | /* Checking is complete. Save state for the next certificate. */ | |||
2642 | PKIX_CHECK(PKIX_CertChainChecker_SetCertChainCheckerStatedo { stdVars.aPkixErrorResult = (PKIX_CertChainChecker_SetCertChainCheckerState (checker, (PKIX_PL_Object *)state, plContext)); if (stdVars. aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTCHAINCHECKERSETCERTCHAINCHECKERSTATEFAILED ; goto cleanup; } } while (0) | |||
2643 | (checker, (PKIX_PL_Object *)state, plContext),do { stdVars.aPkixErrorResult = (PKIX_CertChainChecker_SetCertChainCheckerState (checker, (PKIX_PL_Object *)state, plContext)); if (stdVars. aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTCHAINCHECKERSETCERTCHAINCHECKERSTATEFAILED ; goto cleanup; } } while (0) | |||
2644 | PKIX_CERTCHAINCHECKERSETCERTCHAINCHECKERSTATEFAILED)do { stdVars.aPkixErrorResult = (PKIX_CertChainChecker_SetCertChainCheckerState (checker, (PKIX_PL_Object *)state, plContext)); if (stdVars. aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTCHAINCHECKERSETCERTCHAINCHECKERSTATEFAILED ; goto cleanup; } } while (0); | |||
2645 | ||||
2646 | cleanup: | |||
2647 | ||||
2648 | #if PKIX_CERTPOLICYCHECKERSTATEDEBUG | |||
2649 | if (cert) { | |||
2650 | PKIX_CHECK(PKIX_PL_Object_ToStringdo { stdVars.aPkixErrorResult = (PKIX_PL_Object_ToString ((PKIX_PL_Object *)cert, &certString, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_OBJECTTOSTRINGFAILED; goto cleanup ; } } while (0) | |||
2651 | ((PKIX_PL_Object*)cert, &certString, plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_Object_ToString ((PKIX_PL_Object *)cert, &certString, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_OBJECTTOSTRINGFAILED; goto cleanup ; } } while (0) | |||
2652 | PKIX_OBJECTTOSTRINGFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_Object_ToString ((PKIX_PL_Object *)cert, &certString, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_OBJECTTOSTRINGFAILED; goto cleanup ; } } while (0); | |||
2653 | PKIX_CHECK(PKIX_PL_String_GetEncodeddo { stdVars.aPkixErrorResult = (PKIX_PL_String_GetEncoded (certString , 0, (void **)&certAscii, &length, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_STRINGGETENCODEDFAILED ; goto cleanup; } } while (0) | |||
2654 | (certString,do { stdVars.aPkixErrorResult = (PKIX_PL_String_GetEncoded (certString , 0, (void **)&certAscii, &length, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_STRINGGETENCODEDFAILED ; goto cleanup; } } while (0) | |||
2655 | PKIX_ESCASCII,do { stdVars.aPkixErrorResult = (PKIX_PL_String_GetEncoded (certString , 0, (void **)&certAscii, &length, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_STRINGGETENCODEDFAILED ; goto cleanup; } } while (0) | |||
2656 | (void **)&certAscii,do { stdVars.aPkixErrorResult = (PKIX_PL_String_GetEncoded (certString , 0, (void **)&certAscii, &length, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_STRINGGETENCODEDFAILED ; goto cleanup; } } while (0) | |||
2657 | &length,do { stdVars.aPkixErrorResult = (PKIX_PL_String_GetEncoded (certString , 0, (void **)&certAscii, &length, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_STRINGGETENCODEDFAILED ; goto cleanup; } } while (0) | |||
2658 | plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_String_GetEncoded (certString , 0, (void **)&certAscii, &length, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_STRINGGETENCODEDFAILED ; goto cleanup; } } while (0) | |||
2659 | PKIX_STRINGGETENCODEDFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_String_GetEncoded (certString , 0, (void **)&certAscii, &length, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_STRINGGETENCODEDFAILED ; goto cleanup; } } while (0); | |||
2660 | PKIX_DEBUG_ARG("Cert was %s\n", certAscii)do { (void) printf("(%s: ", stdVars.aMyFuncName); (void) printf ("Cert was %s\n", certAscii); } while (0); | |||
2661 | PKIX_FREE(certAscii)do { if (certAscii) { stdVars.aPkixTempResult = PKIX_PL_Free( (certAscii), plContext); if (stdVars.aPkixTempResult) { PKIX_DoAddError (&stdVars, stdVars.aPkixTempResult, plContext); stdVars.aPkixTempResult = ((void*)0); } certAscii = ((void*)0); } } while (0); | |||
2662 | PKIX_DECREF(certString)do { if (certString){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(certString), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } certString = ((void *)0); } } while (0); | |||
2663 | } | |||
2664 | if (state) { | |||
2665 | PKIX_CHECK(PKIX_PL_Object_ToStringdo { stdVars.aPkixErrorResult = (PKIX_PL_Object_ToString ((PKIX_PL_Object *)state, &stateString, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_OBJECTTOSTRINGFAILED; goto cleanup ; } } while (0) | |||
2666 | ((PKIX_PL_Object*)state, &stateString, plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_Object_ToString ((PKIX_PL_Object *)state, &stateString, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_OBJECTTOSTRINGFAILED; goto cleanup ; } } while (0) | |||
2667 | PKIX_OBJECTTOSTRINGFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_Object_ToString ((PKIX_PL_Object *)state, &stateString, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_OBJECTTOSTRINGFAILED; goto cleanup ; } } while (0); | |||
2668 | PKIX_CHECK(PKIX_PL_String_GetEncodeddo { stdVars.aPkixErrorResult = (PKIX_PL_String_GetEncoded (stateString , 0, (void **)&stateAscii, &length, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_STRINGGETENCODEDFAILED ; goto cleanup; } } while (0) | |||
2669 | (stateString,do { stdVars.aPkixErrorResult = (PKIX_PL_String_GetEncoded (stateString , 0, (void **)&stateAscii, &length, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_STRINGGETENCODEDFAILED ; goto cleanup; } } while (0) | |||
2670 | PKIX_ESCASCII,do { stdVars.aPkixErrorResult = (PKIX_PL_String_GetEncoded (stateString , 0, (void **)&stateAscii, &length, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_STRINGGETENCODEDFAILED ; goto cleanup; } } while (0) | |||
2671 | (void **)&stateAscii,do { stdVars.aPkixErrorResult = (PKIX_PL_String_GetEncoded (stateString , 0, (void **)&stateAscii, &length, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_STRINGGETENCODEDFAILED ; goto cleanup; } } while (0) | |||
2672 | &length,do { stdVars.aPkixErrorResult = (PKIX_PL_String_GetEncoded (stateString , 0, (void **)&stateAscii, &length, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_STRINGGETENCODEDFAILED ; goto cleanup; } } while (0) | |||
2673 | plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_String_GetEncoded (stateString , 0, (void **)&stateAscii, &length, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_STRINGGETENCODEDFAILED ; goto cleanup; } } while (0) | |||
2674 | PKIX_STRINGGETENCODEDFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_String_GetEncoded (stateString , 0, (void **)&stateAscii, &length, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_STRINGGETENCODEDFAILED ; goto cleanup; } } while (0); | |||
2675 | PKIX_DEBUG_ARG("On exit %s\n", stateAscii)do { (void) printf("(%s: ", stdVars.aMyFuncName); (void) printf ("On exit %s\n", stateAscii); } while (0); | |||
2676 | PKIX_FREE(stateAscii)do { if (stateAscii) { stdVars.aPkixTempResult = PKIX_PL_Free ((stateAscii), plContext); if (stdVars.aPkixTempResult) { PKIX_DoAddError (&stdVars, stdVars.aPkixTempResult, plContext); stdVars.aPkixTempResult = ((void*)0); } stateAscii = ((void*)0); } } while (0); | |||
2677 | PKIX_DECREF(stateString)do { if (stateString){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(stateString), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } stateString = ((void *)0); } } while (0); | |||
2678 | } | |||
2679 | #endif | |||
2680 | ||||
2681 | PKIX_DECREF(state)do { if (state){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(state), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } state = ((void*)0) ; } } while (0); | |||
2682 | PKIX_DECREF(certPolicyInfos)do { if (certPolicyInfos){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(certPolicyInfos), plContext); if (stdVars .aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); } certPolicyInfos = ((void*)0); } } while (0); | |||
2683 | PKIX_DECREF(policy)do { if (policy){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(policy), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } policy = ((void*)0 ); } } while (0); | |||
2684 | PKIX_DECREF(qualsOfAny)do { if (qualsOfAny){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(qualsOfAny), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } qualsOfAny = ((void *)0); } } while (0); | |||
2685 | PKIX_DECREF(policyQualifiers)do { if (policyQualifiers){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(policyQualifiers), plContext); if (stdVars .aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); } policyQualifiers = ((void*)0); } } while (0); | |||
2686 | PKIX_DECREF(policyOID)do { if (policyOID){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(policyOID), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } policyOID = ((void *)0); } } while (0); | |||
2687 | PKIX_DECREF(subroutineErr)do { if (subroutineErr){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(subroutineErr), plContext); if (stdVars. aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); } subroutineErr = ((void*)0); } } while (0); | |||
2688 | PKIX_DECREF(policyMaps)do { if (policyMaps){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(policyMaps), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } policyMaps = ((void *)0); } } while (0); | |||
2689 | PKIX_DECREF(mappedPolicies)do { if (mappedPolicies){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(mappedPolicies), plContext); if (stdVars .aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); } mappedPolicies = ((void*)0); } } while (0); | |||
2690 | ||||
2691 | PKIX_RETURN(CERTCHAINCHECKER)return PKIX_DoReturn(&stdVars, (PKIX_CERTCHAINCHECKER_ERROR ), ((PKIX_Boolean) 1), plContext);; | |||
2692 | } | |||
2693 | ||||
2694 | /* | |||
2695 | * FUNCTION: pkix_PolicyChecker_Initialize | |||
2696 | * DESCRIPTION: | |||
2697 | * | |||
2698 | * Creates and initializes a PolicyChecker, using the List pointed to | |||
2699 | * by "initialPolicies" for the user-initial-policy-set, the Boolean value | |||
2700 | * of "policyQualifiersRejected" for the policyQualifiersRejected parameter, | |||
2701 | * the Boolean value of "initialPolicyMappingInhibit" for the | |||
2702 | * inhibitPolicyMappings parameter, the Boolean value of | |||
2703 | * "initialExplicitPolicy" for the initialExplicitPolicy parameter, the | |||
2704 | * Boolean value of "initialAnyPolicyInhibit" for the inhibitAnyPolicy | |||
2705 | * parameter, and the UInt32 value of "numCerts" as the number of | |||
2706 | * certificates in the chain; and stores the Checker at "pChecker". | |||
2707 | * | |||
2708 | * PARAMETERS: | |||
2709 | * "initialPolicies" | |||
2710 | * Address of List of OIDs comprising the user-initial-policy-set; the List | |||
2711 | * may be empty or NULL | |||
2712 | * "policyQualifiersRejected" | |||
2713 | * Boolean value of the policyQualifiersRejected parameter | |||
2714 | * "initialPolicyMappingInhibit" | |||
2715 | * Boolean value of the inhibitPolicyMappings parameter | |||
2716 | * "initialExplicitPolicy" | |||
2717 | * Boolean value of the initialExplicitPolicy parameter | |||
2718 | * "initialAnyPolicyInhibit" | |||
2719 | * Boolean value of the inhibitAnyPolicy parameter | |||
2720 | * "numCerts" | |||
2721 | * Number of certificates in the chain to be validated | |||
2722 | * "pChecker" | |||
2723 | * Address to store the created PolicyChecker. Must be non-NULL. | |||
2724 | * "plContext" | |||
2725 | * Platform-specific context pointer. | |||
2726 | * THREAD SAFETY: | |||
2727 | * Thread Safe (see Thread Safety Definitions in Programmer's Guide) | |||
2728 | * RETURNS: | |||
2729 | * Returns NULL if the function succeeds | |||
2730 | * Returns a CertChainChecker Error if the functions fails in a non-fatal way | |||
2731 | * Returns a Fatal Error if the function fails in an unrecoverable way | |||
2732 | */ | |||
2733 | PKIX_Error * | |||
2734 | pkix_PolicyChecker_Initialize( | |||
2735 | PKIX_List *initialPolicies, | |||
2736 | PKIX_Boolean policyQualifiersRejected, | |||
2737 | PKIX_Boolean initialPolicyMappingInhibit, | |||
2738 | PKIX_Boolean initialExplicitPolicy, | |||
2739 | PKIX_Boolean initialAnyPolicyInhibit, | |||
2740 | PKIX_UInt32 numCerts, | |||
2741 | PKIX_CertChainChecker **pChecker, | |||
2742 | void *plContext) | |||
2743 | { | |||
2744 | PKIX_PolicyCheckerState *polCheckerState = NULL((void*)0); | |||
| ||||
2745 | PKIX_List *policyExtensions = NULL((void*)0); /* OIDs */ | |||
2746 | PKIX_ENTER(CERTCHAINCHECKER, "pkix_PolicyChecker_Initialize")static const char cMyFuncName[] = {"pkix_PolicyChecker_Initialize" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTCHAINCHECKER_ERROR; ; do { if ( pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0);; | |||
2747 | PKIX_NULLCHECK_ONE(pChecker)do { if ((pChecker) == ((void*)0)){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT ; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean ) 1), plContext);; } } while (0); | |||
2748 | ||||
2749 | PKIX_CHECK(pkix_PolicyCheckerState_Createdo { stdVars.aPkixErrorResult = (pkix_PolicyCheckerState_Create (initialPolicies, policyQualifiersRejected, initialPolicyMappingInhibit , initialExplicitPolicy, initialAnyPolicyInhibit, numCerts, & polCheckerState, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERSTATECREATEFAILED ; goto cleanup; } } while (0) | |||
2750 | (initialPolicies,do { stdVars.aPkixErrorResult = (pkix_PolicyCheckerState_Create (initialPolicies, policyQualifiersRejected, initialPolicyMappingInhibit , initialExplicitPolicy, initialAnyPolicyInhibit, numCerts, & polCheckerState, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERSTATECREATEFAILED ; goto cleanup; } } while (0) | |||
2751 | policyQualifiersRejected,do { stdVars.aPkixErrorResult = (pkix_PolicyCheckerState_Create (initialPolicies, policyQualifiersRejected, initialPolicyMappingInhibit , initialExplicitPolicy, initialAnyPolicyInhibit, numCerts, & polCheckerState, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERSTATECREATEFAILED ; goto cleanup; } } while (0) | |||
2752 | initialPolicyMappingInhibit,do { stdVars.aPkixErrorResult = (pkix_PolicyCheckerState_Create (initialPolicies, policyQualifiersRejected, initialPolicyMappingInhibit , initialExplicitPolicy, initialAnyPolicyInhibit, numCerts, & polCheckerState, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERSTATECREATEFAILED ; goto cleanup; } } while (0) | |||
2753 | initialExplicitPolicy,do { stdVars.aPkixErrorResult = (pkix_PolicyCheckerState_Create (initialPolicies, policyQualifiersRejected, initialPolicyMappingInhibit , initialExplicitPolicy, initialAnyPolicyInhibit, numCerts, & polCheckerState, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERSTATECREATEFAILED ; goto cleanup; } } while (0) | |||
2754 | initialAnyPolicyInhibit,do { stdVars.aPkixErrorResult = (pkix_PolicyCheckerState_Create (initialPolicies, policyQualifiersRejected, initialPolicyMappingInhibit , initialExplicitPolicy, initialAnyPolicyInhibit, numCerts, & polCheckerState, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERSTATECREATEFAILED ; goto cleanup; } } while (0) | |||
2755 | numCerts,do { stdVars.aPkixErrorResult = (pkix_PolicyCheckerState_Create (initialPolicies, policyQualifiersRejected, initialPolicyMappingInhibit , initialExplicitPolicy, initialAnyPolicyInhibit, numCerts, & polCheckerState, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERSTATECREATEFAILED ; goto cleanup; } } while (0) | |||
2756 | &polCheckerState,do { stdVars.aPkixErrorResult = (pkix_PolicyCheckerState_Create (initialPolicies, policyQualifiersRejected, initialPolicyMappingInhibit , initialExplicitPolicy, initialAnyPolicyInhibit, numCerts, & polCheckerState, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERSTATECREATEFAILED ; goto cleanup; } } while (0) | |||
2757 | plContext),do { stdVars.aPkixErrorResult = (pkix_PolicyCheckerState_Create (initialPolicies, policyQualifiersRejected, initialPolicyMappingInhibit , initialExplicitPolicy, initialAnyPolicyInhibit, numCerts, & polCheckerState, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERSTATECREATEFAILED ; goto cleanup; } } while (0) | |||
2758 | PKIX_POLICYCHECKERSTATECREATEFAILED)do { stdVars.aPkixErrorResult = (pkix_PolicyCheckerState_Create (initialPolicies, policyQualifiersRejected, initialPolicyMappingInhibit , initialExplicitPolicy, initialAnyPolicyInhibit, numCerts, & polCheckerState, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERSTATECREATEFAILED ; goto cleanup; } } while (0); | |||
2759 | ||||
2760 | /* Create the list of extensions that we handle */ | |||
2761 | PKIX_CHECK(pkix_PolicyChecker_MakeSingletondo { stdVars.aPkixErrorResult = (pkix_PolicyChecker_MakeSingleton ((PKIX_PL_Object *)(polCheckerState->certPoliciesExtension ), ((PKIX_Boolean) 1), &policyExtensions, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERMAKESINGLETONFAILED ; goto cleanup; } } while (0) | |||
| ||||
2762 | ((PKIX_PL_Object *)(polCheckerState->certPoliciesExtension),do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_MakeSingleton ((PKIX_PL_Object *)(polCheckerState->certPoliciesExtension ), ((PKIX_Boolean) 1), &policyExtensions, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERMAKESINGLETONFAILED ; goto cleanup; } } while (0) | |||
2763 | PKIX_TRUE,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_MakeSingleton ((PKIX_PL_Object *)(polCheckerState->certPoliciesExtension ), ((PKIX_Boolean) 1), &policyExtensions, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERMAKESINGLETONFAILED ; goto cleanup; } } while (0) | |||
2764 | &policyExtensions,do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_MakeSingleton ((PKIX_PL_Object *)(polCheckerState->certPoliciesExtension ), ((PKIX_Boolean) 1), &policyExtensions, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERMAKESINGLETONFAILED ; goto cleanup; } } while (0) | |||
2765 | plContext),do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_MakeSingleton ((PKIX_PL_Object *)(polCheckerState->certPoliciesExtension ), ((PKIX_Boolean) 1), &policyExtensions, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERMAKESINGLETONFAILED ; goto cleanup; } } while (0) | |||
2766 | PKIX_POLICYCHECKERMAKESINGLETONFAILED)do { stdVars.aPkixErrorResult = (pkix_PolicyChecker_MakeSingleton ((PKIX_PL_Object *)(polCheckerState->certPoliciesExtension ), ((PKIX_Boolean) 1), &policyExtensions, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_POLICYCHECKERMAKESINGLETONFAILED ; goto cleanup; } } while (0); | |||
2767 | ||||
2768 | PKIX_CHECK(PKIX_CertChainChecker_Createdo { stdVars.aPkixErrorResult = (PKIX_CertChainChecker_Create (pkix_PolicyChecker_Check, ((PKIX_Boolean) 0), ((PKIX_Boolean ) 0), policyExtensions, (PKIX_PL_Object *)polCheckerState, pChecker , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_CERTCHAINCHECKERCREATEFAILED; goto cleanup; } } while (0) | |||
2769 | (pkix_PolicyChecker_Check,do { stdVars.aPkixErrorResult = (PKIX_CertChainChecker_Create (pkix_PolicyChecker_Check, ((PKIX_Boolean) 0), ((PKIX_Boolean ) 0), policyExtensions, (PKIX_PL_Object *)polCheckerState, pChecker , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_CERTCHAINCHECKERCREATEFAILED; goto cleanup; } } while (0) | |||
2770 | PKIX_FALSE, /* forwardCheckingSupported */do { stdVars.aPkixErrorResult = (PKIX_CertChainChecker_Create (pkix_PolicyChecker_Check, ((PKIX_Boolean) 0), ((PKIX_Boolean ) 0), policyExtensions, (PKIX_PL_Object *)polCheckerState, pChecker , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_CERTCHAINCHECKERCREATEFAILED; goto cleanup; } } while (0) | |||
2771 | PKIX_FALSE,do { stdVars.aPkixErrorResult = (PKIX_CertChainChecker_Create (pkix_PolicyChecker_Check, ((PKIX_Boolean) 0), ((PKIX_Boolean ) 0), policyExtensions, (PKIX_PL_Object *)polCheckerState, pChecker , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_CERTCHAINCHECKERCREATEFAILED; goto cleanup; } } while (0) | |||
2772 | policyExtensions,do { stdVars.aPkixErrorResult = (PKIX_CertChainChecker_Create (pkix_PolicyChecker_Check, ((PKIX_Boolean) 0), ((PKIX_Boolean ) 0), policyExtensions, (PKIX_PL_Object *)polCheckerState, pChecker , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_CERTCHAINCHECKERCREATEFAILED; goto cleanup; } } while (0) | |||
2773 | (PKIX_PL_Object *)polCheckerState,do { stdVars.aPkixErrorResult = (PKIX_CertChainChecker_Create (pkix_PolicyChecker_Check, ((PKIX_Boolean) 0), ((PKIX_Boolean ) 0), policyExtensions, (PKIX_PL_Object *)polCheckerState, pChecker , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_CERTCHAINCHECKERCREATEFAILED; goto cleanup; } } while (0) | |||
2774 | pChecker,do { stdVars.aPkixErrorResult = (PKIX_CertChainChecker_Create (pkix_PolicyChecker_Check, ((PKIX_Boolean) 0), ((PKIX_Boolean ) 0), policyExtensions, (PKIX_PL_Object *)polCheckerState, pChecker , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_CERTCHAINCHECKERCREATEFAILED; goto cleanup; } } while (0) | |||
2775 | plContext),do { stdVars.aPkixErrorResult = (PKIX_CertChainChecker_Create (pkix_PolicyChecker_Check, ((PKIX_Boolean) 0), ((PKIX_Boolean ) 0), policyExtensions, (PKIX_PL_Object *)polCheckerState, pChecker , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_CERTCHAINCHECKERCREATEFAILED; goto cleanup; } } while (0) | |||
2776 | PKIX_CERTCHAINCHECKERCREATEFAILED)do { stdVars.aPkixErrorResult = (PKIX_CertChainChecker_Create (pkix_PolicyChecker_Check, ((PKIX_Boolean) 0), ((PKIX_Boolean ) 0), policyExtensions, (PKIX_PL_Object *)polCheckerState, pChecker , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_CERTCHAINCHECKERCREATEFAILED; goto cleanup; } } while (0); | |||
2777 | ||||
2778 | cleanup: | |||
2779 | PKIX_DECREF(polCheckerState)do { if (polCheckerState){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(polCheckerState), plContext); if (stdVars .aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); } polCheckerState = ((void*)0); } } while (0); | |||
2780 | PKIX_DECREF(policyExtensions)do { if (policyExtensions){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(policyExtensions), plContext); if (stdVars .aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); } policyExtensions = ((void*)0); } } while (0); | |||
2781 | PKIX_RETURN(CERTCHAINCHECKER)return PKIX_DoReturn(&stdVars, (PKIX_CERTCHAINCHECKER_ERROR ), ((PKIX_Boolean) 1), plContext);; | |||
2782 | ||||
2783 | } |