static
void testGetSetConstraints(PKIX_ProcessingParams *goodObject){
PKIX_CertSelector *setConstraints = NULL;
PKIX_CertSelector *getConstraints = NULL;
PKIX_TEST_STD_VARS();
subTest("PKIX_ProcessingParams_Get/SetTargetCertConstraints");
/*
* After createConstraints is implemented
* setConstraints = createConstraints();
*/
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_ProcessingParams_SetTargetCertConstraints
(goodObject, setConstraints, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_ProcessingParams_GetTargetCertConstraints
(goodObject, &getConstraints, plContext));
testEqualsHelper((PKIX_PL_Object *)setConstraints,
(PKIX_PL_Object *)getConstraints,
PKIX_TRUE,
plContext);
cleanup:
PKIX_TEST_DECREF_AC(setConstraints);
PKIX_TEST_DECREF_AC(getConstraints);
PKIX_TEST_RETURN();
}
/*
* FUNCTION: pkix_EkuChecker_Create
* DESCRIPTION:
*
* Creates a new Extend Key Usage CheckerState using "params" to retrieve
* application specified EKU for verification and stores it at "pState".
*
* PARAMETERS:
* "params"
* a PKIX_ProcessingParams links to PKIX_ComCertSelParams where a list of
* Extended Key Usage OIDs specified by application can be retrieved for
* verification.
* "pState"
* Address where state pointer will be stored. Must be non-NULL.
* "plContext"
* Platform-specific context pointer.
* THREAD SAFETY:
* Thread Safe (see Thread Safety Definitions in Programmer's Guide)
* RETURNS:
* Returns NULL if the function succeeds.
* Returns a UserDefinedModules Error if the function fails in a
* non-fatal way.
* Returns a Fatal Error if the function fails in an unrecoverable way.
*/
static PKIX_Error *
pkix_EkuChecker_Create(
PKIX_ProcessingParams *params,
pkix_EkuChecker **pState,
void *plContext)
{
pkix_EkuChecker *state = NULL;
PKIX_CertSelector *certSelector = NULL;
PKIX_ComCertSelParams *comCertSelParams = NULL;
PKIX_List *requiredOids = NULL;
PKIX_ENTER(EKUCHECKER, "pkix_EkuChecker_Create");
PKIX_NULLCHECK_TWO(params, pState);
PKIX_CHECK(PKIX_PL_Object_Alloc
(PKIX_EKUCHECKER_TYPE,
sizeof (pkix_EkuChecker),
(PKIX_PL_Object **)&state,
plContext),
PKIX_COULDNOTCREATEEKUCHECKERSTATEOBJECT);
PKIX_CHECK(PKIX_ProcessingParams_GetTargetCertConstraints
(params, &certSelector, plContext),
PKIX_PROCESSINGPARAMSGETTARGETCERTCONSTRAINTSFAILED);
if (certSelector != NULL) {
/* Get initial EKU OIDs from ComCertSelParams, if set */
PKIX_CHECK(PKIX_CertSelector_GetCommonCertSelectorParams
(certSelector, &comCertSelParams, plContext),
PKIX_CERTSELECTORGETCOMMONCERTSELECTORPARAMSFAILED);
if (comCertSelParams != NULL) {
PKIX_CHECK(PKIX_ComCertSelParams_GetExtendedKeyUsage
(comCertSelParams, &requiredOids, plContext),
PKIX_COMCERTSELPARAMSGETEXTENDEDKEYUSAGEFAILED);
}
}
PKIX_CHECK(PKIX_PL_OID_Create
(PKIX_EXTENDEDKEYUSAGE_OID,
&state->ekuOID,
plContext),
PKIX_OIDCREATEFAILED);
state->requiredExtKeyUsageOids = requiredOids;
requiredOids = NULL;
*pState = state;
state = NULL;
cleanup:
PKIX_DECREF(certSelector);
PKIX_DECREF(comCertSelParams);
PKIX_DECREF(requiredOids);
PKIX_DECREF(state);
PKIX_RETURN(EKUCHECKER);
}
