/*
 * FUNCTION: pkix_TrustAnchor_Hashcode
 * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
 */
static PKIX_Error *
pkix_TrustAnchor_Hashcode(
        PKIX_PL_Object *object,
        PKIX_UInt32 *pHashcode,
        void *plContext)
{
        PKIX_TrustAnchor *anchor = NULL;
        PKIX_PL_Cert *cert = NULL;
        PKIX_UInt32 hash = 0;
        PKIX_UInt32 certHash = 0;
        PKIX_UInt32 nameHash = 0;
        PKIX_UInt32 pubKeyHash = 0;
        PKIX_UInt32 ncHash = 0;

        PKIX_ENTER(TRUSTANCHOR, "pkix_TrustAnchor_Hashcode");
        PKIX_NULLCHECK_TWO(object, pHashcode);

        PKIX_CHECK(pkix_CheckType(object, PKIX_TRUSTANCHOR_TYPE, plContext),
                    PKIX_OBJECTNOTTRUSTANCHOR);

        anchor = (PKIX_TrustAnchor*)object;
        cert = anchor->trustedCert;

        if (cert){
                PKIX_CHECK(PKIX_PL_Object_Hashcode
                            ((PKIX_PL_Object *)cert,
                            &certHash,
                            plContext),
                            PKIX_OBJECTHASHCODEFAILED);

                hash = certHash;

        } else {
                PKIX_CHECK(PKIX_PL_Object_Hashcode
                            ((PKIX_PL_Object *)anchor->caName,
                            &nameHash,
                            plContext),
                            PKIX_OBJECTHASHCODEFAILED);

                PKIX_CHECK(PKIX_PL_Object_Hashcode
                            ((PKIX_PL_Object *)anchor->caPubKey,
                            &pubKeyHash,
                            plContext),
                            PKIX_OBJECTHASHCODEFAILED);

                PKIX_HASHCODE(anchor->nameConstraints, &ncHash, plContext,
                        PKIX_OBJECTHASHCODEFAILED);

                hash = 31 * nameHash + pubKeyHash + ncHash;

        }

        *pHashcode = hash;

cleanup:

        PKIX_RETURN(TRUSTANCHOR);
}
/*
 * FUNCTION: pkix_pl_CollectionCertStoreContext_Hashcode
 * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
 */
static PKIX_Error *
pkix_pl_CollectionCertStoreContext_Hashcode(
        PKIX_PL_Object *object,
        PKIX_UInt32 *pHashcode,
        void *plContext)
{
        PKIX_PL_CollectionCertStoreContext *collectionCSContext = NULL;
        PKIX_UInt32 tempHash = 0;

        PKIX_ENTER(COLLECTIONCERTSTORECONTEXT,
                    "pkix_pl_CollectionCertStoreContext_Hashcode");
        PKIX_NULLCHECK_TWO(object, pHashcode);

        PKIX_CHECK(pkix_CheckType
                    (object,
                    PKIX_COLLECTIONCERTSTORECONTEXT_TYPE,
                    plContext),
                    PKIX_OBJECTNOTCOLLECTIONCERTSTORECONTEXT);

        collectionCSContext = (PKIX_PL_CollectionCertStoreContext *)object;

        PKIX_CHECK(PKIX_PL_Object_Hashcode
                    ((PKIX_PL_Object *) collectionCSContext->storeDir,
                    &tempHash,
                    plContext),
                   PKIX_STRINGHASHCODEFAILED);

        *pHashcode = tempHash << 7;

        /* should not hash on crlList and certList, values are dynamic */

cleanup:
        PKIX_RETURN(COLLECTIONCERTSTORECONTEXT);
}
/*
 * FUNCTION: pkix_SingleVerifyNode_Hashcode
 * DESCRIPTION:
 *
 *  Computes the hashcode of the attributes of the VerifyNode pointed to by
 *  "node", other than its parents and children, and stores the result at
 *  "pHashcode".
 *
 * PARAMETERS:
 *  "node"
 *      Address of VerifyNode to be hashcoded; must be non-NULL
 *  "pHashcode"
 *      Address where UInt32 result will be stored; must be non-NULL
 *  "plContext"
 *      Platform-specific context pointer.
 * THREAD SAFETY:
 *  Conditionally Thread Safe
 *  (see Thread Safety Definitions in Programmer's Guide)
 * RETURNS:
 *  Returns NULL if function succeeds
 *  Returns a VerifyNode Error if the function fails in a non-fatal way.
 *  Returns a Fatal Error if the function fails in a fatal way
 */
static PKIX_Error *
pkix_SingleVerifyNode_Hashcode(
        PKIX_VerifyNode *node,
        PKIX_UInt32 *pHashcode,
        void *plContext)
{
        PKIX_UInt32 errorHash = 0;
        PKIX_UInt32 nodeHash = 0;

        PKIX_ENTER(VERIFYNODE, "pkix_SingleVerifyNode_Hashcode");
        PKIX_NULLCHECK_TWO(node, pHashcode);

        PKIX_HASHCODE
                (node->verifyCert,
                &nodeHash,
                plContext,
                PKIX_FAILUREHASHINGCERT);

        PKIX_CHECK(PKIX_PL_Object_Hashcode
                ((PKIX_PL_Object *)node->error,
                &errorHash,
                plContext),
                PKIX_FAILUREHASHINGERROR);

        nodeHash = 31*nodeHash + errorHash;
        *pHashcode = nodeHash;

cleanup:

        PKIX_RETURN(VERIFYNODE);
}
/*
 * FUNCTION: PKIX_PL_HashTable_Remove (see comments in pkix_pl_system.h)
 */
PKIX_Error *
PKIX_PL_HashTable_Remove(
    PKIX_PL_HashTable *ht,
    PKIX_PL_Object *key,
    void *plContext)
{
    PKIX_PL_Mutex  *lockedMutex = NULL;
    PKIX_PL_Object *origKey = NULL;
    PKIX_PL_Object *value = NULL;
    PKIX_UInt32 hashCode;
    PKIX_PL_EqualsCallback keyComp;

    PKIX_ENTER(HASHTABLE, "PKIX_PL_HashTable_Remove");

#if !defined(PKIX_OBJECT_LEAK_TEST)
    PKIX_NULLCHECK_TWO(ht, key);
#else
    PKIX_NULLCHECK_ONE(key);

    if (ht == NULL) {
        PKIX_RETURN(HASHTABLE);
    }
#endif

    PKIX_CHECK(PKIX_PL_Object_Hashcode(key, &hashCode, plContext),
               PKIX_OBJECTHASHCODEFAILED);

    PKIX_CHECK(pkix_pl_Object_RetrieveEqualsCallback
               (key, &keyComp, plContext),
               PKIX_OBJECTRETRIEVEEQUALSCALLBACKFAILED);

    PKIX_MUTEX_LOCK(ht->tableLock);

    /* Remove from primitive hashtable */
    PKIX_CHECK(pkix_pl_PrimHashTable_Remove
               (ht->primHash,
                (void *)key,
                hashCode,
                keyComp,
                (void **)&origKey,
                (void **)&value,
                plContext),
               PKIX_PRIMHASHTABLEREMOVEFAILED);

    PKIX_MUTEX_UNLOCK(ht->tableLock);

    PKIX_DECREF(origKey);
    PKIX_DECREF(value);

    /*
     * we don't call PKIX_PL_InvalidateCache here b/c we have
     * not implemented toString or hashcode for this Object
     */

cleanup:

    PKIX_MUTEX_UNLOCK(ht->tableLock);

    PKIX_RETURN(HASHTABLE);
}
Beispiel #5
0
/*
 * FUNCTION: pkix_SinglePolicyNode_Hashcode
 * DESCRIPTION:
 *
 *  Computes the hashcode of the attributes of the PolicyNode pointed to by
 *  "node", other than its parents and children, and stores the result at
 *  "pHashcode".
 *
 * PARAMETERS:
 *  "node"
 *      Address of PolicyNode to be hashcoded; must be non-NULL
 *  "pHashcode"
 *      Address where UInt32 result will be stored; must be non-NULL
 *  "plContext"
 *      Platform-specific context pointer.
 * THREAD SAFETY:
 *  Conditionally Thread Safe
 *  (see Thread Safety Definitions in Programmer's Guide)
 * RETURNS:
 *  Returns NULL if function succeeds
 *  Returns a PolicyNode Error if the function fails in a non-fatal way.
 *  Returns a Fatal Error if the function fails in a fatal way
 */
static PKIX_Error *
pkix_SinglePolicyNode_Hashcode(
    PKIX_PolicyNode *node,
    PKIX_UInt32 *pHashcode,
    void *plContext)
{
    PKIX_UInt32 componentHash = 0;
    PKIX_UInt32 nodeHash = 0;

    PKIX_ENTER(CERTPOLICYNODE, "pkix_SinglePolicyNode_Hashcode");
    PKIX_NULLCHECK_TWO(node, pHashcode);
    PKIX_NULLCHECK_TWO(node->validPolicy, node->expectedPolicySet);

    PKIX_HASHCODE
    (node->qualifierSet,
     &nodeHash,
     plContext,
     PKIX_FAILUREHASHINGLISTQUALIFIERSET);

    if (PKIX_TRUE == (node->criticality)) {
        nodeHash = 31*nodeHash + 0xff;
    } else {
        nodeHash = 31*nodeHash + 0x00;
    }

    PKIX_CHECK(PKIX_PL_Object_Hashcode
               ((PKIX_PL_Object *)node->validPolicy,
                &componentHash,
                plContext),
               PKIX_FAILUREHASHINGOIDVALIDPOLICY);

    nodeHash = 31*nodeHash + componentHash;

    PKIX_CHECK(PKIX_PL_Object_Hashcode
               ((PKIX_PL_Object *)node->expectedPolicySet,
                &componentHash,
                plContext),
               PKIX_FAILUREHASHINGLISTEXPECTEDPOLICYSET);

    nodeHash = 31*nodeHash + componentHash;

    *pHashcode = nodeHash;

cleanup:

    PKIX_RETURN(CERTPOLICYNODE);
}
/*
 * FUNCTION: pkix_ValidateResult_Hashcode
 * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
 */
static PKIX_Error *
pkix_ValidateResult_Hashcode(
        PKIX_PL_Object *object,
        PKIX_UInt32 *pHashcode,
        void *plContext)
{
        PKIX_ValidateResult *valResult = NULL;
        PKIX_UInt32 hash = 0;
        PKIX_UInt32 pubKeyHash = 0;
        PKIX_UInt32 anchorHash = 0;
        PKIX_UInt32 policyTreeHash = 0;
        PKIX_PolicyNode *policyTree = NULL;

        PKIX_ENTER(VALIDATERESULT, "pkix_ValidateResult_Hashcode");
        PKIX_NULLCHECK_TWO(object, pHashcode);

        PKIX_CHECK(pkix_CheckType(object, PKIX_VALIDATERESULT_TYPE, plContext),
                PKIX_OBJECTNOTVALIDATERESULT);

        valResult = (PKIX_ValidateResult*)object;

        PKIX_CHECK(PKIX_PL_Object_Hashcode
                ((PKIX_PL_Object *)valResult->pubKey, &pubKeyHash, plContext),
                PKIX_OBJECTHASHCODEFAILED);

        PKIX_CHECK(PKIX_PL_Object_Hashcode
                ((PKIX_PL_Object *)valResult->anchor, &anchorHash, plContext),
                PKIX_OBJECTHASHCODEFAILED);

        policyTree = valResult->policyTree;
        if (policyTree) {
                PKIX_CHECK(PKIX_PL_Object_Hashcode
                        ((PKIX_PL_Object *)valResult->policyTree,
                        &policyTreeHash,
                        plContext),
                        PKIX_OBJECTHASHCODEFAILED);
        }

        hash = 31*(31 * pubKeyHash + anchorHash) + policyTreeHash;

        *pHashcode = hash;

cleanup:

        PKIX_RETURN(VALIDATERESULT);
}
/*
 * FUNCTION: PKIX_PL_HashTable_Lookup (see comments in pkix_pl_system.h)
 */
PKIX_Error *
PKIX_PL_HashTable_Lookup(
    PKIX_PL_HashTable *ht,
    PKIX_PL_Object *key,
    PKIX_PL_Object **pResult,
    void *plContext)
{
    PKIX_PL_Mutex *lockedMutex = NULL;
    PKIX_UInt32 hashCode;
    PKIX_PL_EqualsCallback keyComp;
    PKIX_PL_Object *result = NULL;

    PKIX_ENTER(HASHTABLE, "PKIX_PL_HashTable_Lookup");

#if !defined(PKIX_OBJECT_LEAK_TEST)
    PKIX_NULLCHECK_THREE(ht, key, pResult);
#else
    PKIX_NULLCHECK_TWO(key, pResult);

    if (ht == NULL) {
        PKIX_RETURN(HASHTABLE);
    }
#endif

    PKIX_CHECK(PKIX_PL_Object_Hashcode(key, &hashCode, plContext),
               PKIX_OBJECTHASHCODEFAILED);

    PKIX_CHECK(pkix_pl_Object_RetrieveEqualsCallback
               (key, &keyComp, plContext),
               PKIX_OBJECTRETRIEVEEQUALSCALLBACKFAILED);

    PKIX_MUTEX_LOCK(ht->tableLock);

    /* Lookup in primitive hashtable */
    PKIX_CHECK(pkix_pl_PrimHashTable_Lookup
               (ht->primHash,
                (void *)key,
                hashCode,
                keyComp,
                (void **)&result,
                plContext),
               PKIX_PRIMHASHTABLELOOKUPFAILED);

    PKIX_INCREF(result);
    PKIX_MUTEX_UNLOCK(ht->tableLock);

    *pResult = result;

cleanup:

    PKIX_MUTEX_UNLOCK(ht->tableLock);

    PKIX_RETURN(HASHTABLE);
}
/*
 * FUNCTION: pkix_ValidateParams_Hashcode
 * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
 */
static PKIX_Error *
pkix_ValidateParams_Hashcode(
        PKIX_PL_Object *object,
        PKIX_UInt32 *pHashcode,
        void *plContext)
{
        PKIX_ValidateParams *valParams = NULL;
        PKIX_UInt32 hash = 0;
        PKIX_UInt32 procParamsHash = 0;
        PKIX_UInt32 chainHash = 0;

        PKIX_ENTER(VALIDATEPARAMS, "pkix_ValidateParams_Hashcode");
        PKIX_NULLCHECK_TWO(object, pHashcode);

        PKIX_CHECK(pkix_CheckType(object, PKIX_VALIDATEPARAMS_TYPE, plContext),
                    PKIX_OBJECTNOTVALIDATEPARAMS);

        valParams = (PKIX_ValidateParams*)object;

        PKIX_CHECK(PKIX_PL_Object_Hashcode
                    ((PKIX_PL_Object *)valParams->procParams,
                    &procParamsHash,
                    plContext),
                    PKIX_OBJECTHASHCODEFAILED);

        PKIX_CHECK(PKIX_PL_Object_Hashcode
                    ((PKIX_PL_Object *)valParams->chain,
                    &chainHash,
                    plContext),
                    PKIX_OBJECTHASHCODEFAILED);

        hash = 31 * procParamsHash + chainHash;

        *pHashcode = hash;

cleanup:

        PKIX_RETURN(VALIDATEPARAMS);
}
Beispiel #9
0
/*
 * FUNCTION: pkix_List_Hashcode
 * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
 */
static PKIX_Error *
pkix_List_Hashcode(
        PKIX_PL_Object *object,
        PKIX_UInt32 *pHashcode,
        void *plContext)
{
        PKIX_List *list = NULL;
        PKIX_PL_Object *element = NULL;
        PKIX_UInt32 hash = 0;
        PKIX_UInt32 tempHash = 0;
        PKIX_UInt32 length, i;

        PKIX_ENTER(LIST, "pkix_List_Hashcode");
        PKIX_NULLCHECK_TWO(object, pHashcode);

        PKIX_CHECK(pkix_CheckType(object, PKIX_LIST_TYPE, plContext),
                    PKIX_OBJECTNOTLIST);

        list = (PKIX_List *)object;

        if (!list->isHeader){
                PKIX_ERROR(PKIX_INPUTLISTMUSTBEHEADER);
        }

        length = list->length;

        for (i = 0; i < length; i++){
                PKIX_CHECK(PKIX_List_GetItem(list, i, &element, plContext),
                            PKIX_LISTGETITEMFAILED);

                if (!element){
                        tempHash = 100;
                } else {
                        PKIX_CHECK(PKIX_PL_Object_Hashcode
                                    (element, &tempHash, plContext),
                                    PKIX_LISTHASHCODEFAILED);
                }

                hash = 31 * hash + tempHash;

                PKIX_DECREF(element);
        }

        *pHashcode = hash;

cleanup:

        PKIX_DECREF(element);
        PKIX_RETURN(LIST);
}
Beispiel #10
0
/*
 * FUNCTION: pkix_CertStore_Hashcode
 * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
 */
static PKIX_Error *
pkix_CertStore_Hashcode(
        PKIX_PL_Object *object,
        PKIX_UInt32 *pHashcode,
        void *plContext)
{
        PKIX_CertStore *certStore = NULL;
        PKIX_UInt32 tempHash = 0;

        PKIX_ENTER(CERTSTORE, "pkix_CertStore_Hashcode");
        PKIX_NULLCHECK_TWO(object, pHashcode);

        PKIX_CHECK(pkix_CheckType(object, PKIX_CERTSTORE_TYPE, plContext),
                    PKIX_OBJECTNOTCERTSTORE);

        certStore = (PKIX_CertStore *)object;

        if (certStore->certStoreContext) {
                PKIX_CHECK(PKIX_PL_Object_Hashcode
                    ((PKIX_PL_Object *) certStore->certStoreContext,
                    &tempHash,
                    plContext),
                   PKIX_CERTSTOREHASHCODEFAILED);
        }

        *pHashcode = (PKIX_UInt32) certStore->certCallback +
                     (PKIX_UInt32) certStore->crlCallback +
                     (PKIX_UInt32) certStore->certContinue +
                     (PKIX_UInt32) certStore->crlContinue +
                     (PKIX_UInt32) certStore->trustCallback +
                     (tempHash << 7);

cleanup:

        PKIX_RETURN(CERTSTORE);
}
/*
 * FUNCTION: pkix_pl_GeneralName_Hashcode
 * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
 */
static PKIX_Error *
pkix_pl_GeneralName_Hashcode(
        PKIX_PL_Object *object,
        PKIX_UInt32 *pHashcode,
        void *plContext)
{
        PKIX_PL_GeneralName *name = NULL;
        PKIX_UInt32 firstHash, secondHash, nameHash;

        PKIX_ENTER(GENERALNAME, "pkix_pl_GeneralName_Hashcode");
        PKIX_NULLCHECK_TWO(object, pHashcode);

        PKIX_CHECK(pkix_CheckType(object, PKIX_GENERALNAME_TYPE, plContext),
                    PKIX_OBJECTNOTGENERALNAME);

        name = (PKIX_PL_GeneralName *)object;

        switch (name->type) {
        case certRFC822Name:
        case certDNSName:
        case certX400Address:
        case certEDIPartyName:
        case certURI:
        case certIPAddress:
                PKIX_NULLCHECK_ONE(name->other);
                PKIX_CHECK(pkix_hash
                            ((const unsigned char *)
                            name->other->data,
                            name->other->len,
                            &nameHash,
                            plContext),
                            PKIX_HASHFAILED);
                break;
        case certRegisterID:
                PKIX_CHECK(PKIX_PL_Object_Hashcode
                            ((PKIX_PL_Object *)name->oid,
                            &nameHash,
                            plContext),
                            PKIX_OIDHASHCODEFAILED);
                break;
        case certOtherName:
                PKIX_NULLCHECK_ONE(name->OthName);
                PKIX_CHECK(pkix_hash
                            ((const unsigned char *)
                            name->OthName->oid.data,
                            name->OthName->oid.len,
                            &firstHash,
                            plContext),
                            PKIX_HASHFAILED);

                PKIX_CHECK(pkix_hash
                            ((const unsigned char *)
                            name->OthName->name.data,
                            name->OthName->name.len,
                            &secondHash,
                            plContext),
                            PKIX_HASHFAILED);

                nameHash = firstHash + secondHash;
                break;
        case certDirectoryName:
                PKIX_CHECK(PKIX_PL_Object_Hashcode
                            ((PKIX_PL_Object *)
                            name->directoryName,
                            &nameHash,
                            plContext),
                            PKIX_X500NAMEHASHCODEFAILED);
                break;
        }

        *pHashcode = nameHash;

cleanup:

        PKIX_RETURN(GENERALNAME);

}
/*
 * FUNCTION: PKIX_PL_HashTable_Add (see comments in pkix_pl_system.h)
 */
PKIX_Error *
PKIX_PL_HashTable_Add(
    PKIX_PL_HashTable *ht,
    PKIX_PL_Object *key,
    PKIX_PL_Object *value,
    void *plContext)
{
    PKIX_PL_Mutex  *lockedMutex = NULL;
    PKIX_PL_Object *deletedKey = NULL;
    PKIX_PL_Object *deletedValue = NULL;
    PKIX_UInt32 hashCode;
    PKIX_PL_EqualsCallback keyComp;
    PKIX_UInt32 bucketSize = 0;

    PKIX_ENTER(HASHTABLE, "PKIX_PL_HashTable_Add");

#if !defined(PKIX_OBJECT_LEAK_TEST)
    PKIX_NULLCHECK_THREE(ht, key, value);
#else
    PKIX_NULLCHECK_TWO(key, value);

    if (ht == NULL) {
        PKIX_RETURN(HASHTABLE);
    }
#endif
    /* Insert into primitive hashtable */

    PKIX_CHECK(PKIX_PL_Object_Hashcode(key, &hashCode, plContext),
               PKIX_OBJECTHASHCODEFAILED);

    PKIX_CHECK(pkix_pl_Object_RetrieveEqualsCallback
               (key, &keyComp, plContext),
               PKIX_OBJECTRETRIEVEEQUALSCALLBACKFAILED);

    PKIX_MUTEX_LOCK(ht->tableLock);

    PKIX_CHECK(pkix_pl_PrimHashTable_GetBucketSize
               (ht->primHash,
                hashCode,
                &bucketSize,
                plContext),
               PKIX_PRIMHASHTABLEGETBUCKETSIZEFAILED);

    if (ht->maxEntriesPerBucket != 0 &&
            bucketSize >= ht->maxEntriesPerBucket) {
        /* drop the last one in the bucket */
        PKIX_CHECK(pkix_pl_PrimHashTable_RemoveFIFO
                   (ht->primHash,
                    hashCode,
                    (void **) &deletedKey,
                    (void **) &deletedValue,
                    plContext),
                   PKIX_PRIMHASHTABLEGETBUCKETSIZEFAILED);
        PKIX_DECREF(deletedKey);
        PKIX_DECREF(deletedValue);
    }

    PKIX_CHECK(pkix_pl_PrimHashTable_Add
               (ht->primHash,
                (void *)key,
                (void *)value,
                hashCode,
                keyComp,
                plContext),
               PKIX_PRIMHASHTABLEADDFAILED);

    PKIX_INCREF(key);
    PKIX_INCREF(value);
    PKIX_MUTEX_UNLOCK(ht->tableLock);

    /*
     * we don't call PKIX_PL_InvalidateCache here b/c we have
     * not implemented toString or hashcode for this Object
     */

cleanup:

    PKIX_MUTEX_UNLOCK(ht->tableLock);

    PKIX_RETURN(HASHTABLE);
}