File: | s/lib/libpkix/pkix/checker/pkix_revocationchecker.c |
Warning: | line 91, column 42 Access to field 'leafMethodList' results in a dereference of a null pointer (loaded from variable 'checkerDuplicate') |
Press '?' to see keyboard shortcuts
Keyboard shortcuts:
1 | /* This Source Code Form is subject to the terms of the Mozilla Public | |||
2 | * License, v. 2.0. If a copy of the MPL was not distributed with this | |||
3 | * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | |||
4 | /* | |||
5 | * pkix_revocationchecker.c | |||
6 | * | |||
7 | * RevocationChecker Object Functions | |||
8 | * | |||
9 | */ | |||
10 | ||||
11 | #include "pkix_revocationchecker.h" | |||
12 | #include "pkix_tools.h" | |||
13 | ||||
14 | /* --Private-Functions-------------------------------------------- */ | |||
15 | ||||
16 | /* | |||
17 | * FUNCTION: pkix_RevocationChecker_Destroy | |||
18 | * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h) | |||
19 | */ | |||
20 | static PKIX_Error * | |||
21 | pkix_RevocationChecker_Destroy( | |||
22 | PKIX_PL_Object *object, | |||
23 | void *plContext) | |||
24 | { | |||
25 | PKIX_RevocationChecker *checker = NULL((void*)0); | |||
26 | ||||
27 | PKIX_ENTER(REVOCATIONCHECKER, "pkix_RevocationChecker_Destroy")static const char cMyFuncName[] = {"pkix_RevocationChecker_Destroy" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_REVOCATIONCHECKER_ERROR; ; do { if (pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0);; | |||
28 | PKIX_NULLCHECK_ONE(object)do { if ((object) == ((void*)0)){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT ; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean ) 1), plContext);; } } while (0); | |||
29 | ||||
30 | /* Check that this object is a revocation checker */ | |||
31 | PKIX_CHECK(pkix_CheckTypedo { stdVars.aPkixErrorResult = (pkix_CheckType (object, PKIX_REVOCATIONCHECKER_TYPE , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OBJECTNOTREVOCATIONCHECKER; goto cleanup; } } while ( 0) | |||
32 | (object, PKIX_REVOCATIONCHECKER_TYPE, plContext),do { stdVars.aPkixErrorResult = (pkix_CheckType (object, PKIX_REVOCATIONCHECKER_TYPE , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OBJECTNOTREVOCATIONCHECKER; goto cleanup; } } while ( 0) | |||
33 | PKIX_OBJECTNOTREVOCATIONCHECKER)do { stdVars.aPkixErrorResult = (pkix_CheckType (object, PKIX_REVOCATIONCHECKER_TYPE , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OBJECTNOTREVOCATIONCHECKER; goto cleanup; } } while ( 0); | |||
34 | ||||
35 | checker = (PKIX_RevocationChecker *)object; | |||
36 | ||||
37 | PKIX_DECREF(checker->leafMethodList)do { if (checker->leafMethodList){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(checker->leafMethodList ), plContext); if (stdVars.aPkixTempResult) { PKIX_DoAddError (&stdVars, stdVars.aPkixTempResult, plContext); stdVars.aPkixTempResult = ((void*)0); } checker->leafMethodList = ((void*)0); } } while (0); | |||
38 | PKIX_DECREF(checker->chainMethodList)do { if (checker->chainMethodList){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(checker->chainMethodList ), plContext); if (stdVars.aPkixTempResult) { PKIX_DoAddError (&stdVars, stdVars.aPkixTempResult, plContext); stdVars.aPkixTempResult = ((void*)0); } checker->chainMethodList = ((void*)0); } } while (0); | |||
39 | ||||
40 | cleanup: | |||
41 | ||||
42 | PKIX_RETURN(REVOCATIONCHECKER)return PKIX_DoReturn(&stdVars, (PKIX_REVOCATIONCHECKER_ERROR ), ((PKIX_Boolean) 1), plContext);; | |||
43 | } | |||
44 | ||||
45 | /* | |||
46 | * FUNCTION: pkix_RevocationChecker_Duplicate | |||
47 | * (see comments for PKIX_PL_DuplicateCallback in pkix_pl_system.h) | |||
48 | */ | |||
49 | static PKIX_Error * | |||
50 | pkix_RevocationChecker_Duplicate( | |||
51 | PKIX_PL_Object *object, | |||
52 | PKIX_PL_Object **pNewObject, | |||
53 | void *plContext) | |||
54 | { | |||
55 | PKIX_RevocationChecker *checker = NULL((void*)0); | |||
56 | PKIX_RevocationChecker *checkerDuplicate = NULL((void*)0); | |||
| ||||
57 | PKIX_List *dupLeafList = NULL((void*)0); | |||
58 | PKIX_List *dupChainList = NULL((void*)0); | |||
59 | ||||
60 | PKIX_ENTER(REVOCATIONCHECKER, "pkix_RevocationChecker_Duplicate")static const char cMyFuncName[] = {"pkix_RevocationChecker_Duplicate" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_REVOCATIONCHECKER_ERROR; ; do { if (pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0);; | |||
61 | PKIX_NULLCHECK_TWO(object, pNewObject)do { if (((object) == ((void*)0)) || ((pNewObject) == ((void* )0))){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars .aPkixErrorCode = PKIX_NULLARGUMENT; return PKIX_DoReturn(& stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean) 1), plContext);; } } while (0); | |||
62 | ||||
63 | PKIX_CHECK(pkix_CheckTypedo { stdVars.aPkixErrorResult = (pkix_CheckType (object, PKIX_REVOCATIONCHECKER_TYPE , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OBJECTNOTCERTCHAINCHECKER; goto cleanup; } } while (0 ) | |||
64 | (object, PKIX_REVOCATIONCHECKER_TYPE, plContext),do { stdVars.aPkixErrorResult = (pkix_CheckType (object, PKIX_REVOCATIONCHECKER_TYPE , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OBJECTNOTCERTCHAINCHECKER; goto cleanup; } } while (0 ) | |||
65 | PKIX_OBJECTNOTCERTCHAINCHECKER)do { stdVars.aPkixErrorResult = (pkix_CheckType (object, PKIX_REVOCATIONCHECKER_TYPE , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OBJECTNOTCERTCHAINCHECKER; goto cleanup; } } while (0 ); | |||
66 | ||||
67 | checker = (PKIX_RevocationChecker *)object; | |||
68 | ||||
69 | if (checker->leafMethodList){ | |||
70 | PKIX_CHECK(PKIX_PL_Object_Duplicatedo { stdVars.aPkixErrorResult = (PKIX_PL_Object_Duplicate ((PKIX_PL_Object *)checker->leafMethodList, (PKIX_PL_Object **)&dupLeafList , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OBJECTDUPLICATEFAILED; goto cleanup; } } while (0) | |||
71 | ((PKIX_PL_Object *)checker->leafMethodList,do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Duplicate ((PKIX_PL_Object *)checker->leafMethodList, (PKIX_PL_Object **)&dupLeafList , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OBJECTDUPLICATEFAILED; goto cleanup; } } while (0) | |||
72 | (PKIX_PL_Object **)&dupLeafList,do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Duplicate ((PKIX_PL_Object *)checker->leafMethodList, (PKIX_PL_Object **)&dupLeafList , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OBJECTDUPLICATEFAILED; goto cleanup; } } while (0) | |||
73 | plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Duplicate ((PKIX_PL_Object *)checker->leafMethodList, (PKIX_PL_Object **)&dupLeafList , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OBJECTDUPLICATEFAILED; goto cleanup; } } while (0) | |||
74 | PKIX_OBJECTDUPLICATEFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Duplicate ((PKIX_PL_Object *)checker->leafMethodList, (PKIX_PL_Object **)&dupLeafList , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OBJECTDUPLICATEFAILED; goto cleanup; } } while (0); | |||
75 | } | |||
76 | if (checker->chainMethodList){ | |||
77 | PKIX_CHECK(PKIX_PL_Object_Duplicatedo { stdVars.aPkixErrorResult = (PKIX_PL_Object_Duplicate ((PKIX_PL_Object *)checker->chainMethodList, (PKIX_PL_Object **)&dupChainList , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OBJECTDUPLICATEFAILED; goto cleanup; } } while (0) | |||
78 | ((PKIX_PL_Object *)checker->chainMethodList,do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Duplicate ((PKIX_PL_Object *)checker->chainMethodList, (PKIX_PL_Object **)&dupChainList , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OBJECTDUPLICATEFAILED; goto cleanup; } } while (0) | |||
79 | (PKIX_PL_Object **)&dupChainList,do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Duplicate ((PKIX_PL_Object *)checker->chainMethodList, (PKIX_PL_Object **)&dupChainList , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OBJECTDUPLICATEFAILED; goto cleanup; } } while (0) | |||
80 | plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Duplicate ((PKIX_PL_Object *)checker->chainMethodList, (PKIX_PL_Object **)&dupChainList , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OBJECTDUPLICATEFAILED; goto cleanup; } } while (0) | |||
81 | PKIX_OBJECTDUPLICATEFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Duplicate ((PKIX_PL_Object *)checker->chainMethodList, (PKIX_PL_Object **)&dupChainList , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_OBJECTDUPLICATEFAILED; goto cleanup; } } while (0); | |||
82 | } | |||
83 | ||||
84 | PKIX_CHECK(do { stdVars.aPkixErrorResult = (PKIX_RevocationChecker_Create (checker->leafMethodListFlags, checker->chainMethodListFlags , &checkerDuplicate, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_REVOCATIONCHECKERCREATEFAILED ; goto cleanup; } } while (0) | |||
85 | PKIX_RevocationChecker_Create(checker->leafMethodListFlags,do { stdVars.aPkixErrorResult = (PKIX_RevocationChecker_Create (checker->leafMethodListFlags, checker->chainMethodListFlags , &checkerDuplicate, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_REVOCATIONCHECKERCREATEFAILED ; goto cleanup; } } while (0) | |||
86 | checker->chainMethodListFlags,do { stdVars.aPkixErrorResult = (PKIX_RevocationChecker_Create (checker->leafMethodListFlags, checker->chainMethodListFlags , &checkerDuplicate, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_REVOCATIONCHECKERCREATEFAILED ; goto cleanup; } } while (0) | |||
87 | &checkerDuplicate,do { stdVars.aPkixErrorResult = (PKIX_RevocationChecker_Create (checker->leafMethodListFlags, checker->chainMethodListFlags , &checkerDuplicate, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_REVOCATIONCHECKERCREATEFAILED ; goto cleanup; } } while (0) | |||
88 | plContext),do { stdVars.aPkixErrorResult = (PKIX_RevocationChecker_Create (checker->leafMethodListFlags, checker->chainMethodListFlags , &checkerDuplicate, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_REVOCATIONCHECKERCREATEFAILED ; goto cleanup; } } while (0) | |||
89 | PKIX_REVOCATIONCHECKERCREATEFAILED)do { stdVars.aPkixErrorResult = (PKIX_RevocationChecker_Create (checker->leafMethodListFlags, checker->chainMethodListFlags , &checkerDuplicate, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_REVOCATIONCHECKERCREATEFAILED ; goto cleanup; } } while (0); | |||
90 | ||||
91 | checkerDuplicate->leafMethodList = dupLeafList; | |||
| ||||
92 | checkerDuplicate->chainMethodList = dupChainList; | |||
93 | dupLeafList = NULL((void*)0); | |||
94 | dupChainList = NULL((void*)0); | |||
95 | ||||
96 | *pNewObject = (PKIX_PL_Object *)checkerDuplicate; | |||
97 | ||||
98 | cleanup: | |||
99 | PKIX_DECREF(dupLeafList)do { if (dupLeafList){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(dupLeafList), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } dupLeafList = ((void *)0); } } while (0); | |||
100 | PKIX_DECREF(dupChainList)do { if (dupChainList){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(dupChainList), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } dupChainList = ((void *)0); } } while (0); | |||
101 | ||||
102 | PKIX_RETURN(REVOCATIONCHECKER)return PKIX_DoReturn(&stdVars, (PKIX_REVOCATIONCHECKER_ERROR ), ((PKIX_Boolean) 1), plContext);; | |||
103 | } | |||
104 | ||||
105 | /* | |||
106 | * FUNCTION: pkix_RevocationChecker_RegisterSelf | |||
107 | * DESCRIPTION: | |||
108 | * Registers PKIX_REVOCATIONCHECKER_TYPE and its related functions with | |||
109 | * systemClasses[] | |||
110 | * THREAD SAFETY: | |||
111 | * Not Thread Safe - for performance and complexity reasons | |||
112 | * | |||
113 | * Since this function is only called by PKIX_PL_Initialize, which should | |||
114 | * only be called once, it is acceptable that this function is not | |||
115 | * thread-safe. | |||
116 | */ | |||
117 | PKIX_Error * | |||
118 | pkix_RevocationChecker_RegisterSelf(void *plContext) | |||
119 | { | |||
120 | extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES]; | |||
121 | pkix_ClassTable_Entry entry; | |||
122 | ||||
123 | PKIX_ENTER(REVOCATIONCHECKER, "pkix_RevocationChecker_RegisterSelf")static const char cMyFuncName[] = {"pkix_RevocationChecker_RegisterSelf" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_REVOCATIONCHECKER_ERROR; ; do { if (pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0);; | |||
124 | ||||
125 | entry.description = "RevocationChecker"; | |||
126 | entry.objCounter = 0; | |||
127 | entry.typeObjectSize = sizeof(PKIX_RevocationChecker); | |||
128 | entry.destructor = pkix_RevocationChecker_Destroy; | |||
129 | entry.equalsFunction = NULL((void*)0); | |||
130 | entry.hashcodeFunction = NULL((void*)0); | |||
131 | entry.toStringFunction = NULL((void*)0); | |||
132 | entry.comparator = NULL((void*)0); | |||
133 | entry.duplicateFunction = pkix_RevocationChecker_Duplicate; | |||
134 | ||||
135 | systemClasses[PKIX_REVOCATIONCHECKER_TYPE] = entry; | |||
136 | ||||
137 | PKIX_RETURN(REVOCATIONCHECKER)return PKIX_DoReturn(&stdVars, (PKIX_REVOCATIONCHECKER_ERROR ), ((PKIX_Boolean) 1), plContext);; | |||
138 | } | |||
139 | ||||
140 | /* Sort methods by their priorities (lower priority = higher preference) */ | |||
141 | static PKIX_Error * | |||
142 | pkix_RevocationChecker_SortComparator( | |||
143 | PKIX_PL_Object *obj1, | |||
144 | PKIX_PL_Object *obj2, | |||
145 | PKIX_Int32 *pResult, | |||
146 | void *plContext) | |||
147 | { | |||
148 | pkix_RevocationMethod *method1 = NULL((void*)0), *method2 = NULL((void*)0); | |||
149 | ||||
150 | PKIX_ENTER(BUILD, "pkix_RevocationChecker_SortComparator")static const char cMyFuncName[] = {"pkix_RevocationChecker_SortComparator" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_BUILD_ERROR; ; do { if (pkixLoggersDebugTrace ) { pkix_Logger_Check(pkixLoggersDebugTrace, stdVars.aMyFuncName , ">>>", stdVars.aPkixType, 5, plContext); } } while (0);; | |||
151 | ||||
152 | method1 = (pkix_RevocationMethod *)obj1; | |||
153 | method2 = (pkix_RevocationMethod *)obj2; | |||
154 | ||||
155 | if (method1->priority < method2->priority) { | |||
156 | *pResult = -1; | |||
157 | } else if (method1->priority > method2->priority) { | |||
158 | *pResult = 1; | |||
159 | } else { | |||
160 | *pResult = 0; | |||
161 | } | |||
162 | ||||
163 | PKIX_RETURN(BUILD)return PKIX_DoReturn(&stdVars, (PKIX_BUILD_ERROR), ((PKIX_Boolean ) 1), plContext);; | |||
164 | } | |||
165 | ||||
166 | ||||
167 | /* --Public-Functions--------------------------------------------- */ | |||
168 | ||||
169 | ||||
170 | /* | |||
171 | * FUNCTION: PKIX_RevocationChecker_Create (see comments in pkix_revchecker.h) | |||
172 | */ | |||
173 | PKIX_Error * | |||
174 | PKIX_RevocationChecker_Create( | |||
175 | PKIX_UInt32 leafMethodListFlags, | |||
176 | PKIX_UInt32 chainMethodListFlags, | |||
177 | PKIX_RevocationChecker **pChecker, | |||
178 | void *plContext) | |||
179 | { | |||
180 | PKIX_RevocationChecker *checker = NULL((void*)0); | |||
181 | ||||
182 | PKIX_ENTER(REVOCATIONCHECKER, "PKIX_RevocationChecker_Create")static const char cMyFuncName[] = {"PKIX_RevocationChecker_Create" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_REVOCATIONCHECKER_ERROR; ; do { if (pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0);; | |||
183 | PKIX_NULLCHECK_ONE(pChecker)do { if ((pChecker) == ((void*)0)){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT ; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean ) 1), plContext);; } } while (0); | |||
184 | ||||
185 | PKIX_CHECK(do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Alloc(PKIX_REVOCATIONCHECKER_TYPE , sizeof (PKIX_RevocationChecker), (PKIX_PL_Object **)&checker , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_COULDNOTCREATECERTCHAINCHECKEROBJECT; goto cleanup; } } while (0) | |||
186 | PKIX_PL_Object_Alloc(PKIX_REVOCATIONCHECKER_TYPE,do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Alloc(PKIX_REVOCATIONCHECKER_TYPE , sizeof (PKIX_RevocationChecker), (PKIX_PL_Object **)&checker , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_COULDNOTCREATECERTCHAINCHECKEROBJECT; goto cleanup; } } while (0) | |||
187 | sizeof (PKIX_RevocationChecker),do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Alloc(PKIX_REVOCATIONCHECKER_TYPE , sizeof (PKIX_RevocationChecker), (PKIX_PL_Object **)&checker , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_COULDNOTCREATECERTCHAINCHECKEROBJECT; goto cleanup; } } while (0) | |||
188 | (PKIX_PL_Object **)&checker,do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Alloc(PKIX_REVOCATIONCHECKER_TYPE , sizeof (PKIX_RevocationChecker), (PKIX_PL_Object **)&checker , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_COULDNOTCREATECERTCHAINCHECKEROBJECT; goto cleanup; } } while (0) | |||
189 | plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Alloc(PKIX_REVOCATIONCHECKER_TYPE , sizeof (PKIX_RevocationChecker), (PKIX_PL_Object **)&checker , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_COULDNOTCREATECERTCHAINCHECKEROBJECT; goto cleanup; } } while (0) | |||
190 | PKIX_COULDNOTCREATECERTCHAINCHECKEROBJECT)do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Alloc(PKIX_REVOCATIONCHECKER_TYPE , sizeof (PKIX_RevocationChecker), (PKIX_PL_Object **)&checker , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_COULDNOTCREATECERTCHAINCHECKEROBJECT; goto cleanup; } } while (0); | |||
191 | ||||
192 | checker->leafMethodListFlags = leafMethodListFlags; | |||
193 | checker->chainMethodListFlags = chainMethodListFlags; | |||
194 | checker->leafMethodList = NULL((void*)0); | |||
195 | checker->chainMethodList = NULL((void*)0); | |||
196 | ||||
197 | *pChecker = checker; | |||
198 | checker = NULL((void*)0); | |||
199 | ||||
200 | cleanup: | |||
201 | PKIX_DECREF(checker)do { if (checker){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(checker), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } checker = ((void*) 0); } } while (0); | |||
202 | ||||
203 | PKIX_RETURN(REVOCATIONCHECKER)return PKIX_DoReturn(&stdVars, (PKIX_REVOCATIONCHECKER_ERROR ), ((PKIX_Boolean) 1), plContext);; | |||
204 | } | |||
205 | ||||
206 | /* | |||
207 | * FUNCTION: PKIX_RevocationChecker_CreateAndAddMethod | |||
208 | */ | |||
209 | PKIX_Error * | |||
210 | PKIX_RevocationChecker_CreateAndAddMethod( | |||
211 | PKIX_RevocationChecker *revChecker, | |||
212 | PKIX_ProcessingParams *params, | |||
213 | PKIX_RevocationMethodType methodType, | |||
214 | PKIX_UInt32 flags, | |||
215 | PKIX_UInt32 priority, | |||
216 | PKIX_PL_VerifyCallback verificationFn, | |||
217 | PKIX_Boolean isLeafMethod, | |||
218 | void *plContext) | |||
219 | { | |||
220 | PKIX_List **methodList = NULL((void*)0); | |||
221 | PKIX_List *unsortedList = NULL((void*)0); | |||
222 | PKIX_List *certStores = NULL((void*)0); | |||
223 | pkix_RevocationMethod *method = NULL((void*)0); | |||
224 | pkix_LocalRevocationCheckFn *localRevChecker = NULL((void*)0); | |||
225 | pkix_ExternalRevocationCheckFn *externRevChecker = NULL((void*)0); | |||
226 | PKIX_UInt32 miFlags; | |||
227 | ||||
228 | PKIX_ENTER(REVOCATIONCHECKER, "PKIX_RevocationChecker_CreateAndAddMethod")static const char cMyFuncName[] = {"PKIX_RevocationChecker_CreateAndAddMethod" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_REVOCATIONCHECKER_ERROR; ; do { if (pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0);; | |||
229 | PKIX_NULLCHECK_ONE(revChecker)do { if ((revChecker) == ((void*)0)){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT ; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean ) 1), plContext);; } } while (0); | |||
230 | ||||
231 | /* If the caller has said "Either one is sufficient, then don't let the | |||
232 | * absence of any one method's info lead to an overall failure. | |||
233 | */ | |||
234 | miFlags = isLeafMethod ? revChecker->leafMethodListFlags | |||
235 | : revChecker->chainMethodListFlags; | |||
236 | if (miFlags & PKIX_REV_MI_REQUIRE_SOME_FRESH_INFO_AVAILABLE0x02L) | |||
237 | flags &= ~PKIX_REV_M_FAIL_ON_MISSING_FRESH_INFO0x10L; | |||
238 | ||||
239 | switch (methodType) { | |||
240 | case PKIX_RevocationMethod_CRL: | |||
241 | localRevChecker = pkix_CrlChecker_CheckLocal; | |||
242 | externRevChecker = pkix_CrlChecker_CheckExternal; | |||
243 | PKIX_CHECK(do { stdVars.aPkixErrorResult = (PKIX_ProcessingParams_GetCertStores (params, &certStores, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_PROCESSINGPARAMSGETCERTSTORESFAILED ; goto cleanup; } } while (0) | |||
244 | PKIX_ProcessingParams_GetCertStores(params, &certStores,do { stdVars.aPkixErrorResult = (PKIX_ProcessingParams_GetCertStores (params, &certStores, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_PROCESSINGPARAMSGETCERTSTORESFAILED ; goto cleanup; } } while (0) | |||
245 | plContext),do { stdVars.aPkixErrorResult = (PKIX_ProcessingParams_GetCertStores (params, &certStores, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_PROCESSINGPARAMSGETCERTSTORESFAILED ; goto cleanup; } } while (0) | |||
246 | PKIX_PROCESSINGPARAMSGETCERTSTORESFAILED)do { stdVars.aPkixErrorResult = (PKIX_ProcessingParams_GetCertStores (params, &certStores, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_PROCESSINGPARAMSGETCERTSTORESFAILED ; goto cleanup; } } while (0); | |||
247 | PKIX_CHECK(do { stdVars.aPkixErrorResult = (pkix_CrlChecker_Create(methodType , flags, priority, localRevChecker, externRevChecker, certStores , verificationFn, &method, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_COULDNOTCREATECRLCHECKEROBJECT ; goto cleanup; } } while (0) | |||
248 | pkix_CrlChecker_Create(methodType, flags, priority,do { stdVars.aPkixErrorResult = (pkix_CrlChecker_Create(methodType , flags, priority, localRevChecker, externRevChecker, certStores , verificationFn, &method, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_COULDNOTCREATECRLCHECKEROBJECT ; goto cleanup; } } while (0) | |||
249 | localRevChecker, externRevChecker,do { stdVars.aPkixErrorResult = (pkix_CrlChecker_Create(methodType , flags, priority, localRevChecker, externRevChecker, certStores , verificationFn, &method, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_COULDNOTCREATECRLCHECKEROBJECT ; goto cleanup; } } while (0) | |||
250 | certStores, verificationFn,do { stdVars.aPkixErrorResult = (pkix_CrlChecker_Create(methodType , flags, priority, localRevChecker, externRevChecker, certStores , verificationFn, &method, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_COULDNOTCREATECRLCHECKEROBJECT ; goto cleanup; } } while (0) | |||
251 | &method,do { stdVars.aPkixErrorResult = (pkix_CrlChecker_Create(methodType , flags, priority, localRevChecker, externRevChecker, certStores , verificationFn, &method, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_COULDNOTCREATECRLCHECKEROBJECT ; goto cleanup; } } while (0) | |||
252 | plContext),do { stdVars.aPkixErrorResult = (pkix_CrlChecker_Create(methodType , flags, priority, localRevChecker, externRevChecker, certStores , verificationFn, &method, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_COULDNOTCREATECRLCHECKEROBJECT ; goto cleanup; } } while (0) | |||
253 | PKIX_COULDNOTCREATECRLCHECKEROBJECT)do { stdVars.aPkixErrorResult = (pkix_CrlChecker_Create(methodType , flags, priority, localRevChecker, externRevChecker, certStores , verificationFn, &method, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_COULDNOTCREATECRLCHECKEROBJECT ; goto cleanup; } } while (0); | |||
254 | break; | |||
255 | case PKIX_RevocationMethod_OCSP: | |||
256 | localRevChecker = pkix_OcspChecker_CheckLocal; | |||
257 | externRevChecker = pkix_OcspChecker_CheckExternal; | |||
258 | PKIX_CHECK(do { stdVars.aPkixErrorResult = (pkix_OcspChecker_Create(methodType , flags, priority, localRevChecker, externRevChecker, verificationFn , &method, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_COULDNOTCREATEOCSPCHECKEROBJECT; goto cleanup ; } } while (0) | |||
259 | pkix_OcspChecker_Create(methodType, flags, priority,do { stdVars.aPkixErrorResult = (pkix_OcspChecker_Create(methodType , flags, priority, localRevChecker, externRevChecker, verificationFn , &method, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_COULDNOTCREATEOCSPCHECKEROBJECT; goto cleanup ; } } while (0) | |||
260 | localRevChecker, externRevChecker,do { stdVars.aPkixErrorResult = (pkix_OcspChecker_Create(methodType , flags, priority, localRevChecker, externRevChecker, verificationFn , &method, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_COULDNOTCREATEOCSPCHECKEROBJECT; goto cleanup ; } } while (0) | |||
261 | verificationFn,do { stdVars.aPkixErrorResult = (pkix_OcspChecker_Create(methodType , flags, priority, localRevChecker, externRevChecker, verificationFn , &method, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_COULDNOTCREATEOCSPCHECKEROBJECT; goto cleanup ; } } while (0) | |||
262 | &method,do { stdVars.aPkixErrorResult = (pkix_OcspChecker_Create(methodType , flags, priority, localRevChecker, externRevChecker, verificationFn , &method, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_COULDNOTCREATEOCSPCHECKEROBJECT; goto cleanup ; } } while (0) | |||
263 | plContext),do { stdVars.aPkixErrorResult = (pkix_OcspChecker_Create(methodType , flags, priority, localRevChecker, externRevChecker, verificationFn , &method, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_COULDNOTCREATEOCSPCHECKEROBJECT; goto cleanup ; } } while (0) | |||
264 | PKIX_COULDNOTCREATEOCSPCHECKEROBJECT)do { stdVars.aPkixErrorResult = (pkix_OcspChecker_Create(methodType , flags, priority, localRevChecker, externRevChecker, verificationFn , &method, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_COULDNOTCREATEOCSPCHECKEROBJECT; goto cleanup ; } } while (0); | |||
265 | break; | |||
266 | default: | |||
267 | PKIX_ERROR(PKIX_INVALIDREVOCATIONMETHOD){ { if (pkixLoggersErrors) { pkix_Logger_CheckWithCode(pkixLoggersErrors , PKIX_INVALIDREVOCATIONMETHOD, ((void*)0), stdVars.aPkixType , 2, plContext); } } stdVars.aPkixErrorReceived = ((PKIX_Boolean ) 1); stdVars.aPkixErrorCode = PKIX_INVALIDREVOCATIONMETHOD; goto cleanup; }; | |||
268 | } | |||
269 | ||||
270 | if (isLeafMethod) { | |||
271 | methodList = &revChecker->leafMethodList; | |||
272 | } else { | |||
273 | methodList = &revChecker->chainMethodList; | |||
274 | } | |||
275 | ||||
276 | if (*methodList == NULL((void*)0)) { | |||
277 | PKIX_CHECK(do { stdVars.aPkixErrorResult = (PKIX_List_Create(methodList, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCREATEFAILED; goto cleanup; } } while (0) | |||
278 | PKIX_List_Create(methodList, plContext),do { stdVars.aPkixErrorResult = (PKIX_List_Create(methodList, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCREATEFAILED; goto cleanup; } } while (0) | |||
279 | PKIX_LISTCREATEFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_Create(methodList, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCREATEFAILED; goto cleanup; } } while (0); | |||
280 | } | |||
281 | unsortedList = *methodList; | |||
282 | PKIX_CHECK(do { stdVars.aPkixErrorResult = (PKIX_List_AppendItem(unsortedList , (PKIX_PL_Object*)method, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTAPPENDITEMFAILED; goto cleanup ; } } while (0) | |||
283 | PKIX_List_AppendItem(unsortedList, (PKIX_PL_Object*)method, plContext),do { stdVars.aPkixErrorResult = (PKIX_List_AppendItem(unsortedList , (PKIX_PL_Object*)method, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTAPPENDITEMFAILED; goto cleanup ; } } while (0) | |||
284 | PKIX_LISTAPPENDITEMFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_AppendItem(unsortedList , (PKIX_PL_Object*)method, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTAPPENDITEMFAILED; goto cleanup ; } } while (0); | |||
285 | PKIX_CHECK(do { stdVars.aPkixErrorResult = (pkix_List_BubbleSort(unsortedList , pkix_RevocationChecker_SortComparator, methodList, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTBUBBLESORTFAILED; goto cleanup; } } while (0) | |||
286 | pkix_List_BubbleSort(unsortedList,do { stdVars.aPkixErrorResult = (pkix_List_BubbleSort(unsortedList , pkix_RevocationChecker_SortComparator, methodList, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTBUBBLESORTFAILED; goto cleanup; } } while (0) | |||
287 | pkix_RevocationChecker_SortComparator,do { stdVars.aPkixErrorResult = (pkix_List_BubbleSort(unsortedList , pkix_RevocationChecker_SortComparator, methodList, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTBUBBLESORTFAILED; goto cleanup; } } while (0) | |||
288 | methodList, plContext),do { stdVars.aPkixErrorResult = (pkix_List_BubbleSort(unsortedList , pkix_RevocationChecker_SortComparator, methodList, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTBUBBLESORTFAILED; goto cleanup; } } while (0) | |||
289 | PKIX_LISTBUBBLESORTFAILED)do { stdVars.aPkixErrorResult = (pkix_List_BubbleSort(unsortedList , pkix_RevocationChecker_SortComparator, methodList, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTBUBBLESORTFAILED; goto cleanup; } } while (0); | |||
290 | ||||
291 | cleanup: | |||
292 | PKIX_DECREF(method)do { if (method){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(method), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } method = ((void*)0 ); } } while (0); | |||
293 | PKIX_DECREF(unsortedList)do { if (unsortedList){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(unsortedList), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } unsortedList = ((void *)0); } } while (0); | |||
294 | PKIX_DECREF(certStores)do { if (certStores){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(certStores), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } certStores = ((void *)0); } } while (0); | |||
295 | ||||
296 | PKIX_RETURN(REVOCATIONCHECKER)return PKIX_DoReturn(&stdVars, (PKIX_REVOCATIONCHECKER_ERROR ), ((PKIX_Boolean) 1), plContext);; | |||
297 | } | |||
298 | ||||
299 | /* | |||
300 | * FUNCTION: PKIX_RevocationChecker_Check | |||
301 | */ | |||
302 | PKIX_Error * | |||
303 | PKIX_RevocationChecker_Check( | |||
304 | PKIX_PL_Cert *cert, | |||
305 | PKIX_PL_Cert *issuer, | |||
306 | PKIX_RevocationChecker *revChecker, | |||
307 | PKIX_ProcessingParams *procParams, | |||
308 | PKIX_Boolean chainVerificationState, | |||
309 | PKIX_Boolean testingLeafCert, | |||
310 | PKIX_RevocationStatus *pRevStatus, | |||
311 | PKIX_UInt32 *pReasonCode, | |||
312 | void **pNbioContext, | |||
313 | void *plContext) | |||
314 | { | |||
315 | PKIX_RevocationStatus overallStatus = PKIX_RevStatus_NoInfo; | |||
316 | PKIX_RevocationStatus methodStatus[PKIX_RevocationMethod_MAX]; | |||
317 | PKIX_Boolean onlyUseRemoteMethods = PKIX_FALSE((PKIX_Boolean) 0); | |||
318 | PKIX_UInt32 revFlags = 0; | |||
319 | PKIX_List *revList = NULL((void*)0); | |||
320 | PKIX_PL_Date *date = NULL((void*)0); | |||
321 | pkix_RevocationMethod *method = NULL((void*)0); | |||
322 | void *nbioContext; | |||
323 | int tries; | |||
324 | ||||
325 | PKIX_ENTER(REVOCATIONCHECKER, "PKIX_RevocationChecker_Check")static const char cMyFuncName[] = {"PKIX_RevocationChecker_Check" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_REVOCATIONCHECKER_ERROR; ; do { if (pkixLoggersDebugTrace) { pkix_Logger_Check(pkixLoggersDebugTrace , stdVars.aMyFuncName, ">>>", stdVars.aPkixType, 5, plContext ); } } while (0);; | |||
326 | PKIX_NULLCHECK_TWO(revChecker, procParams)do { if (((revChecker) == ((void*)0)) || ((procParams) == ((void *)0))){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars .aPkixErrorCode = PKIX_NULLARGUMENT; return PKIX_DoReturn(& stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean) 1), plContext);; } } while (0); | |||
327 | ||||
328 | nbioContext = *pNbioContext; | |||
329 | *pNbioContext = NULL((void*)0); | |||
330 | ||||
331 | if (testingLeafCert) { | |||
332 | revList = revChecker->leafMethodList; | |||
333 | revFlags = revChecker->leafMethodListFlags; | |||
334 | } else { | |||
335 | revList = revChecker->chainMethodList; | |||
336 | revFlags = revChecker->chainMethodListFlags; | |||
337 | } | |||
338 | if (!revList) { | |||
339 | /* Return NoInfo status */ | |||
340 | goto cleanup; | |||
341 | } | |||
342 | ||||
343 | PORT_Memsetmemset(methodStatus, PKIX_RevStatus_NoInfo, | |||
344 | sizeof(PKIX_RevocationStatus) * PKIX_RevocationMethod_MAX); | |||
345 | ||||
346 | date = procParams->date; | |||
347 | ||||
348 | /* Need to have two loops if we testing all local info first: | |||
349 | * first we are going to test all local(cached) info | |||
350 | * second, all remote info(fetching) */ | |||
351 | for (tries = 0;tries < 2;tries++) { | |||
352 | unsigned int methodNum = 0; | |||
353 | for (;methodNum < revList->length;methodNum++) { | |||
354 | PKIX_UInt32 methodFlags = 0; | |||
355 | ||||
356 | PKIX_DECREF(method)do { if (method){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(method), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } method = ((void*)0 ); } } while (0); | |||
357 | PKIX_CHECK(do { stdVars.aPkixErrorResult = (PKIX_List_GetItem(revList, methodNum , (PKIX_PL_Object**)&method, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED; goto cleanup ; } } while (0) | |||
358 | PKIX_List_GetItem(revList, methodNum,do { stdVars.aPkixErrorResult = (PKIX_List_GetItem(revList, methodNum , (PKIX_PL_Object**)&method, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED; goto cleanup ; } } while (0) | |||
359 | (PKIX_PL_Object**)&method, plContext),do { stdVars.aPkixErrorResult = (PKIX_List_GetItem(revList, methodNum , (PKIX_PL_Object**)&method, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED; goto cleanup ; } } while (0) | |||
360 | PKIX_LISTGETITEMFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_GetItem(revList, methodNum , (PKIX_PL_Object**)&method, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED; goto cleanup ; } } while (0); | |||
361 | methodFlags = method->flags; | |||
362 | if (!(methodFlags & PKIX_REV_M_TEST_USING_THIS_METHOD0x01L)) { | |||
363 | /* Will not check with this method. Skipping... */ | |||
364 | continue; | |||
365 | } | |||
366 | if (!onlyUseRemoteMethods && | |||
367 | methodStatus[methodNum] == PKIX_RevStatus_NoInfo) { | |||
368 | PKIX_RevocationStatus revStatus = PKIX_RevStatus_NoInfo; | |||
369 | PKIX_CHECK_NO_GOTO(do { stdVars.aPkixErrorResult = ((*method->localRevChecker )(cert, issuer, date, method, procParams, methodFlags, chainVerificationState , &revStatus, (CERTCRLEntryReasonCode *)pReasonCode, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_REVCHECKERCHECKFAILED; } } while (0) | |||
370 | (*method->localRevChecker)(cert, issuer, date,do { stdVars.aPkixErrorResult = ((*method->localRevChecker )(cert, issuer, date, method, procParams, methodFlags, chainVerificationState , &revStatus, (CERTCRLEntryReasonCode *)pReasonCode, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_REVCHECKERCHECKFAILED; } } while (0) | |||
371 | method, procParams,do { stdVars.aPkixErrorResult = ((*method->localRevChecker )(cert, issuer, date, method, procParams, methodFlags, chainVerificationState , &revStatus, (CERTCRLEntryReasonCode *)pReasonCode, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_REVCHECKERCHECKFAILED; } } while (0) | |||
372 | methodFlags,do { stdVars.aPkixErrorResult = ((*method->localRevChecker )(cert, issuer, date, method, procParams, methodFlags, chainVerificationState , &revStatus, (CERTCRLEntryReasonCode *)pReasonCode, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_REVCHECKERCHECKFAILED; } } while (0) | |||
373 | chainVerificationState,do { stdVars.aPkixErrorResult = ((*method->localRevChecker )(cert, issuer, date, method, procParams, methodFlags, chainVerificationState , &revStatus, (CERTCRLEntryReasonCode *)pReasonCode, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_REVCHECKERCHECKFAILED; } } while (0) | |||
374 | &revStatus,do { stdVars.aPkixErrorResult = ((*method->localRevChecker )(cert, issuer, date, method, procParams, methodFlags, chainVerificationState , &revStatus, (CERTCRLEntryReasonCode *)pReasonCode, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_REVCHECKERCHECKFAILED; } } while (0) | |||
375 | (CERTCRLEntryReasonCode *)pReasonCode,do { stdVars.aPkixErrorResult = ((*method->localRevChecker )(cert, issuer, date, method, procParams, methodFlags, chainVerificationState , &revStatus, (CERTCRLEntryReasonCode *)pReasonCode, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_REVCHECKERCHECKFAILED; } } while (0) | |||
376 | plContext),do { stdVars.aPkixErrorResult = ((*method->localRevChecker )(cert, issuer, date, method, procParams, methodFlags, chainVerificationState , &revStatus, (CERTCRLEntryReasonCode *)pReasonCode, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_REVCHECKERCHECKFAILED; } } while (0) | |||
377 | PKIX_REVCHECKERCHECKFAILED)do { stdVars.aPkixErrorResult = ((*method->localRevChecker )(cert, issuer, date, method, procParams, methodFlags, chainVerificationState , &revStatus, (CERTCRLEntryReasonCode *)pReasonCode, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_REVCHECKERCHECKFAILED; } } while (0); | |||
378 | methodStatus[methodNum] = revStatus; | |||
379 | if (revStatus == PKIX_RevStatus_Revoked) { | |||
380 | /* if error was generated use it as final error. */ | |||
381 | overallStatus = PKIX_RevStatus_Revoked; | |||
382 | goto cleanup; | |||
383 | } | |||
384 | if (pkixErrorResultstdVars.aPkixErrorResult) { | |||
385 | /* Disregard errors. Only returned revStatus matters. */ | |||
386 | PKIX_PL_Object_DecRef((PKIX_PL_Object*)pkixErrorResultstdVars.aPkixErrorResult, | |||
387 | plContext); | |||
388 | pkixErrorResultstdVars.aPkixErrorResult = NULL((void*)0); | |||
389 | } | |||
390 | } | |||
391 | if ((!(revFlags & PKIX_REV_MI_TEST_ALL_LOCAL_INFORMATION_FIRST0x01L) || | |||
392 | onlyUseRemoteMethods) && | |||
393 | chainVerificationState && | |||
394 | methodStatus[methodNum] == PKIX_RevStatus_NoInfo) { | |||
395 | if (!(methodFlags & PKIX_REV_M_FORBID_NETWORK_FETCHING0x02L)) { | |||
396 | PKIX_RevocationStatus revStatus = PKIX_RevStatus_NoInfo; | |||
397 | PKIX_CHECK_NO_GOTO(do { stdVars.aPkixErrorResult = ((*method->externalRevChecker )(cert, issuer, date, method, procParams, methodFlags, &revStatus , (CERTCRLEntryReasonCode *)pReasonCode, &nbioContext, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_REVCHECKERCHECKFAILED; } } while (0) | |||
398 | (*method->externalRevChecker)(cert, issuer, date,do { stdVars.aPkixErrorResult = ((*method->externalRevChecker )(cert, issuer, date, method, procParams, methodFlags, &revStatus , (CERTCRLEntryReasonCode *)pReasonCode, &nbioContext, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_REVCHECKERCHECKFAILED; } } while (0) | |||
399 | method,do { stdVars.aPkixErrorResult = ((*method->externalRevChecker )(cert, issuer, date, method, procParams, methodFlags, &revStatus , (CERTCRLEntryReasonCode *)pReasonCode, &nbioContext, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_REVCHECKERCHECKFAILED; } } while (0) | |||
400 | procParams, methodFlags,do { stdVars.aPkixErrorResult = ((*method->externalRevChecker )(cert, issuer, date, method, procParams, methodFlags, &revStatus , (CERTCRLEntryReasonCode *)pReasonCode, &nbioContext, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_REVCHECKERCHECKFAILED; } } while (0) | |||
401 | &revStatus,do { stdVars.aPkixErrorResult = ((*method->externalRevChecker )(cert, issuer, date, method, procParams, methodFlags, &revStatus , (CERTCRLEntryReasonCode *)pReasonCode, &nbioContext, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_REVCHECKERCHECKFAILED; } } while (0) | |||
402 | (CERTCRLEntryReasonCode *)pReasonCode,do { stdVars.aPkixErrorResult = ((*method->externalRevChecker )(cert, issuer, date, method, procParams, methodFlags, &revStatus , (CERTCRLEntryReasonCode *)pReasonCode, &nbioContext, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_REVCHECKERCHECKFAILED; } } while (0) | |||
403 | &nbioContext, plContext),do { stdVars.aPkixErrorResult = ((*method->externalRevChecker )(cert, issuer, date, method, procParams, methodFlags, &revStatus , (CERTCRLEntryReasonCode *)pReasonCode, &nbioContext, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_REVCHECKERCHECKFAILED; } } while (0) | |||
404 | PKIX_REVCHECKERCHECKFAILED)do { stdVars.aPkixErrorResult = ((*method->externalRevChecker )(cert, issuer, date, method, procParams, methodFlags, &revStatus , (CERTCRLEntryReasonCode *)pReasonCode, &nbioContext, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_REVCHECKERCHECKFAILED; } } while (0); | |||
405 | methodStatus[methodNum] = revStatus; | |||
406 | if (revStatus == PKIX_RevStatus_Revoked) { | |||
407 | /* if error was generated use it as final error. */ | |||
408 | overallStatus = PKIX_RevStatus_Revoked; | |||
409 | goto cleanup; | |||
410 | } | |||
411 | if (pkixErrorResultstdVars.aPkixErrorResult) { | |||
412 | /* Disregard errors. Only returned revStatus matters. */ | |||
413 | PKIX_PL_Object_DecRef((PKIX_PL_Object*)pkixErrorResultstdVars.aPkixErrorResult, | |||
414 | plContext); | |||
415 | pkixErrorResultstdVars.aPkixErrorResult = NULL((void*)0); | |||
416 | } | |||
417 | } else if (methodFlags & | |||
418 | PKIX_REV_M_FAIL_ON_MISSING_FRESH_INFO0x10L) { | |||
419 | /* Info is not in the local cache. Network fetching is not | |||
420 | * allowed. If need to fail on missing fresh info for the | |||
421 | * the method, then we should fail right here.*/ | |||
422 | overallStatus = PKIX_RevStatus_Revoked; | |||
423 | goto cleanup; | |||
424 | } | |||
425 | } | |||
426 | /* If success and we should not check the next method, then | |||
427 | * return a success. */ | |||
428 | if (methodStatus[methodNum] == PKIX_RevStatus_Success && | |||
429 | !(methodFlags & PKIX_REV_M_CONTINUE_TESTING_ON_FRESH_INFO0x20L)) { | |||
430 | overallStatus = PKIX_RevStatus_Success; | |||
431 | goto cleanup; | |||
432 | } | |||
433 | } /* inner loop */ | |||
434 | if (!onlyUseRemoteMethods && | |||
435 | revFlags & PKIX_REV_MI_TEST_ALL_LOCAL_INFORMATION_FIRST0x01L && | |||
436 | chainVerificationState) { | |||
437 | onlyUseRemoteMethods = PKIX_TRUE((PKIX_Boolean) 1); | |||
438 | continue; | |||
439 | } | |||
440 | break; | |||
441 | } /* outer loop */ | |||
442 | ||||
443 | if (overallStatus == PKIX_RevStatus_NoInfo && | |||
444 | chainVerificationState) { | |||
445 | /* The following check makes sence only for chain | |||
446 | * validation step, sinse we do not fetch info while | |||
447 | * in the process of finding trusted anchor. | |||
448 | * For chain building step it is enough to know, that | |||
449 | * the cert was not directly revoked by any of the | |||
450 | * methods. */ | |||
451 | ||||
452 | /* Still have no info. But one of the method could | |||
453 | * have returned success status(possible if CONTINUE | |||
454 | * TESTING ON FRESH INFO flag was used). | |||
455 | * If any of the methods have returned Success status, | |||
456 | * the overallStatus should be success. */ | |||
457 | int methodNum = 0; | |||
458 | for (;methodNum < PKIX_RevocationMethod_MAX;methodNum++) { | |||
459 | if (methodStatus[methodNum] == PKIX_RevStatus_Success) { | |||
460 | overallStatus = PKIX_RevStatus_Success; | |||
461 | goto cleanup; | |||
462 | } | |||
463 | } | |||
464 | if (revFlags & PKIX_REV_MI_REQUIRE_SOME_FRESH_INFO_AVAILABLE0x02L) { | |||
465 | overallStatus = PKIX_RevStatus_Revoked; | |||
466 | } | |||
467 | } | |||
468 | ||||
469 | cleanup: | |||
470 | *pRevStatus = overallStatus; | |||
471 | PKIX_DECREF(method)do { if (method){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(method), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } method = ((void*)0 ); } } while (0); | |||
472 | ||||
473 | PKIX_RETURN(REVOCATIONCHECKER)return PKIX_DoReturn(&stdVars, (PKIX_REVOCATIONCHECKER_ERROR ), ((PKIX_Boolean) 1), plContext);; | |||
474 | } | |||
475 |