/*
* FUNCTION: pkix_pl_CertPolicyMap_ToString
* (see comments for PKIX_PL_ToStringCallback in pkix_pl_system.h)
*/
static PKIX_Error *
pkix_pl_CertPolicyMap_ToString(
PKIX_PL_Object *object,
PKIX_PL_String **pString,
void *plContext)
{
PKIX_PL_CertPolicyMap *certMap = NULL;
PKIX_PL_String *format = NULL;
PKIX_PL_String *outString = NULL;
PKIX_PL_String *issuerString = NULL;
PKIX_PL_String *subjectString = NULL;
PKIX_ENTER(CERTPOLICYMAP, "pkix_pl_CertPolicyMap_ToString");
PKIX_NULLCHECK_TWO(object, pString);
PKIX_CHECK(pkix_CheckType(object, PKIX_CERTPOLICYMAP_TYPE, plContext),
PKIX_OBJECTNOTCERTPOLICYMAP);
certMap = (PKIX_PL_CertPolicyMap *)object;
PKIX_TOSTRING
(certMap->issuerDomainPolicy,
&issuerString,
plContext,
PKIX_OBJECTTOSTRINGFAILED);
PKIX_TOSTRING
(certMap->subjectDomainPolicy,
&subjectString,
plContext,
PKIX_OBJECTTOSTRINGFAILED);
/* Put them together in the form issuerPolicy=>subjectPolicy */
PKIX_CHECK(PKIX_PL_String_Create
(PKIX_ESCASCII, "%s=>%s", 0, &format, plContext),
PKIX_ERRORINSTRINGCREATE);
PKIX_CHECK(PKIX_PL_Sprintf
(&outString, plContext, format, issuerString, subjectString),
PKIX_ERRORINSPRINTF);
*pString = outString;
cleanup:
PKIX_DECREF(format);
PKIX_DECREF(issuerString);
PKIX_DECREF(subjectString);
PKIX_RETURN(CERTPOLICYMAP);
}
/*
* FUNCTION: PKIX_PL_HttpCertStore_Create
* (see comments in pkix_samples_modules.h)
*/
PKIX_Error *
PKIX_PL_HttpCertStore_Create(
PKIX_PL_HttpClient *client,
PKIX_PL_GeneralName *location,
PKIX_CertStore **pCertStore,
void *plContext)
{
PKIX_PL_String *locationString = NULL;
char *locationAscii = NULL;
PKIX_UInt32 len = 0;
PKIX_ENTER(CERTSTORE, "PKIX_PL_HttpCertStore_Create");
PKIX_NULLCHECK_TWO(location, pCertStore);
PKIX_TOSTRING(location, &locationString, plContext,
PKIX_GENERALNAMETOSTRINGFAILED);
PKIX_CHECK(PKIX_PL_String_GetEncoded
(locationString,
PKIX_ESCASCII,
(void **)&locationAscii,
&len,
plContext),
PKIX_STRINGGETENCODEDFAILED);
PKIX_CHECK(pkix_pl_HttpCertStore_CreateWithAsciiName
(client, locationAscii, pCertStore, plContext),
PKIX_HTTPCERTSTORECREATEWITHASCIINAMEFAILED);
cleanup:
PKIX_DECREF(locationString);
PKIX_RETURN(CERTSTORE);
}
/*
* FUNCTION: pkix_pl_CertPolicyQualifier_ToString
* (see comments for PKIX_PL_ToStringCallback in pkix_pl_system.h)
*/
static PKIX_Error *
pkix_pl_CertPolicyQualifier_ToString(
PKIX_PL_Object *object,
PKIX_PL_String **pString,
void *plContext)
{
PKIX_PL_CertPolicyQualifier *certPQ = NULL;
char *asciiFormat = "%s:%s";
PKIX_PL_String *formatString = NULL;
PKIX_PL_String *pqIDString = NULL;
PKIX_PL_String *pqValString = NULL;
PKIX_PL_String *outString = NULL;
PKIX_ENTER(CERTPOLICYQUALIFIER, "pkix_pl_CertPolicyQualifier_ToString");
PKIX_NULLCHECK_TWO(object, pString);
PKIX_CHECK(pkix_CheckType
(object, PKIX_CERTPOLICYQUALIFIER_TYPE, plContext),
PKIX_OBJECTNOTCERTPOLICYQUALIFIER);
certPQ = (PKIX_PL_CertPolicyQualifier *)object;
/*
* The policyQualifierId is required. If there is no qualifier,
* we should have a ByteArray of zero length.
*/
PKIX_NULLCHECK_TWO(certPQ->policyQualifierId, certPQ->qualifier);
PKIX_CHECK(PKIX_PL_String_Create
(PKIX_ESCASCII, asciiFormat, 0, &formatString, plContext),
PKIX_STRINGCREATEFAILED);
PKIX_TOSTRING(certPQ->policyQualifierId, &pqIDString, plContext,
PKIX_OIDTOSTRINGFAILED);
PKIX_CHECK(pkix_pl_ByteArray_ToHexString
(certPQ->qualifier, &pqValString, plContext),
PKIX_BYTEARRAYTOHEXSTRINGFAILED);
PKIX_CHECK(PKIX_PL_Sprintf
(&outString, plContext, formatString, pqIDString, pqValString),
PKIX_SPRINTFFAILED);
*pString = outString;
cleanup:
PKIX_DECREF(formatString);
PKIX_DECREF(pqIDString);
PKIX_DECREF(pqValString);
PKIX_RETURN(CERTPOLICYQUALIFIER);
}
/*
* FUNCTION: pkix_TrustAnchor_ToString
* (see comments for PKIX_PL_ToStringCallback in pkix_pl_system.h)
*/
static PKIX_Error *
pkix_TrustAnchor_ToString(
PKIX_PL_Object *object,
PKIX_PL_String **pString,
void *plContext)
{
PKIX_TrustAnchor *anchor = NULL;
char *asciiFormat = NULL;
PKIX_PL_String *formatString = NULL;
PKIX_PL_String *anchorString = NULL;
PKIX_PL_String *certString = NULL;
PKIX_PL_String *nameString = NULL;
PKIX_PL_String *pubKeyString = NULL;
PKIX_PL_String *nameConstraintsString = NULL;
PKIX_ENTER(TRUSTANCHOR, "pkix_TrustAnchor_ToString");
PKIX_NULLCHECK_TWO(object, pString);
PKIX_CHECK(pkix_CheckType(object, PKIX_TRUSTANCHOR_TYPE, plContext),
PKIX_OBJECTNOTTRUSTANCHOR);
anchor = (PKIX_TrustAnchor*)object;
if (anchor->trustedCert){
asciiFormat =
"[\n"
"\tTrusted Cert: %s\n"
"]\n";
PKIX_CHECK(PKIX_PL_String_Create
(PKIX_ESCASCII,
asciiFormat,
0,
&formatString,
plContext),
PKIX_STRINGCREATEFAILED);
PKIX_CHECK(PKIX_PL_Object_ToString
((PKIX_PL_Object *)anchor->trustedCert,
&certString,
plContext),
PKIX_OBJECTTOSTRINGFAILED);
PKIX_CHECK(PKIX_PL_Sprintf
(&anchorString,
plContext,
formatString,
certString),
PKIX_SPRINTFFAILED);
} else {
asciiFormat =
"[\n"
"\tTrusted CA Name: %s\n"
"\tTrusted CA PublicKey: %s\n"
"\tInitial Name Constraints:%s\n"
"]\n";
PKIX_CHECK(PKIX_PL_String_Create
(PKIX_ESCASCII,
asciiFormat,
0,
&formatString,
plContext),
PKIX_STRINGCREATEFAILED);
PKIX_CHECK(PKIX_PL_Object_ToString
((PKIX_PL_Object *)anchor->caName,
&nameString,
plContext),
PKIX_OBJECTTOSTRINGFAILED);
PKIX_CHECK(PKIX_PL_Object_ToString
((PKIX_PL_Object *)anchor->caPubKey,
&pubKeyString,
plContext),
PKIX_OBJECTTOSTRINGFAILED);
PKIX_TOSTRING
(anchor->nameConstraints,
&nameConstraintsString,
plContext,
PKIX_OBJECTTOSTRINGFAILED);
PKIX_CHECK(PKIX_PL_Sprintf
(&anchorString,
plContext,
formatString,
nameString,
pubKeyString,
nameConstraintsString),
PKIX_SPRINTFFAILED);
}
*pString = anchorString;
cleanup:
PKIX_DECREF(formatString);
PKIX_DECREF(certString);
PKIX_DECREF(nameString);
PKIX_DECREF(pubKeyString);
PKIX_DECREF(nameConstraintsString);
PKIX_RETURN(TRUSTANCHOR);
}
/*
* FUNCTION: pkix_SingleVerifyNode_ToString
* DESCRIPTION:
*
* Creates a String representation of the attributes of the VerifyNode pointed
* to by "node", other than its children, and stores the result at "pString".
*
* PARAMETERS:
* "node"
* Address of VerifyNode to be described by the string. Must be non-NULL.
* "pString"
* Address where object pointer will be stored. Must be non-NULL.
* "plContext"
* Platform-specific context pointer.
* THREAD SAFETY:
* Conditionally Thread Safe
* (see Thread Safety Definitions in Programmer's Guide)
* RETURNS:
* Returns NULL if function succeeds
* Returns a VerifyNode Error if the function fails in a non-fatal way.
* Returns a Fatal Error if the function fails in a fatal way
*/
PKIX_Error *
pkix_SingleVerifyNode_ToString(
PKIX_VerifyNode *node,
PKIX_PL_String **pString,
void *plContext)
{
PKIX_PL_String *fmtString = NULL;
PKIX_PL_String *errorString = NULL;
PKIX_PL_String *outString = NULL;
PKIX_PL_X500Name *issuerName = NULL;
PKIX_PL_X500Name *subjectName = NULL;
PKIX_PL_String *issuerString = NULL;
PKIX_PL_String *subjectString = NULL;
PKIX_ENTER(VERIFYNODE, "pkix_SingleVerifyNode_ToString");
PKIX_NULLCHECK_THREE(node, pString, node->verifyCert);
PKIX_TOSTRING(node->error, &errorString, plContext,
PKIX_ERRORTOSTRINGFAILED);
PKIX_CHECK(PKIX_PL_Cert_GetIssuer
(node->verifyCert, &issuerName, plContext),
PKIX_CERTGETISSUERFAILED);
PKIX_TOSTRING(issuerName, &issuerString, plContext,
PKIX_X500NAMETOSTRINGFAILED);
PKIX_CHECK(PKIX_PL_Cert_GetSubject
(node->verifyCert, &subjectName, plContext),
PKIX_CERTGETSUBJECTFAILED);
PKIX_TOSTRING(subjectName, &subjectString, plContext,
PKIX_X500NAMETOSTRINGFAILED);
PKIX_CHECK(PKIX_PL_String_Create
(PKIX_ESCASCII,
"CERT[Issuer:%s, Subject:%s], depth=%d, error=%s",
0,
&fmtString,
plContext),
PKIX_CANTCREATESTRING);
PKIX_CHECK(PKIX_PL_Sprintf
(&outString,
plContext,
fmtString,
issuerString,
subjectString,
node->depth,
errorString),
PKIX_SPRINTFFAILED);
*pString = outString;
cleanup:
PKIX_DECREF(fmtString);
PKIX_DECREF(errorString);
PKIX_DECREF(issuerName);
PKIX_DECREF(subjectName);
PKIX_DECREF(issuerString);
PKIX_DECREF(subjectString);
PKIX_RETURN(VERIFYNODE);
}
/*
* FUNCTION: pkix_pl_CRL_ToString_Helper
* DESCRIPTION:
*
* Helper function that creates a string representation of the CRL pointed
* to by "crl" and stores it at "pString".
*
* PARAMETERS
* "crl"
* Address of CRL whose string representation is desired.
* Must be non-NULL.
* "pString"
* Address where object pointer will be stored. Must be non-NULL.
* "plContext"
* Platform-specific context pointer.
* THREAD SAFETY:
* Thread Safe (see Thread Safety Definitions in Programmer's Guide)
* RETURNS:
* Returns NULL if the function succeeds.
* Returns a CRL Error if the function fails in a non-fatal way.
* Returns a Fatal Error if the function fails in an unrecoverable way.
*/
static PKIX_Error *
pkix_pl_CRL_ToString_Helper(
PKIX_PL_CRL *crl,
PKIX_PL_String **pString,
void *plContext)
{
char *asciiFormat = NULL;
PKIX_UInt32 crlVersion;
PKIX_PL_X500Name *crlIssuer = NULL;
PKIX_PL_OID *nssSignatureAlgId = NULL;
PKIX_PL_BigInt *crlNumber = NULL;
PKIX_List *crlEntryList = NULL;
PKIX_List *critExtOIDs = NULL;
PKIX_PL_String *formatString = NULL;
PKIX_PL_String *crlIssuerString = NULL;
PKIX_PL_String *lastUpdateString = NULL;
PKIX_PL_String *nextUpdateString = NULL;
PKIX_PL_String *nssSignatureAlgIdString = NULL;
PKIX_PL_String *crlNumberString = NULL;
PKIX_PL_String *crlEntryListString = NULL;
PKIX_PL_String *critExtOIDsString = NULL;
PKIX_PL_String *crlString = NULL;
PKIX_ENTER(CRL, "pkix_pl_CRL_ToString_Helper");
PKIX_NULLCHECK_THREE(crl, crl->nssSignedCrl, pString);
asciiFormat =
"[\n"
"\tVersion: v%d\n"
"\tIssuer: %s\n"
"\tUpdate: [Last: %s\n"
"\t Next: %s]\n"
"\tSignatureAlgId: %s\n"
"\tCRL Number : %s\n"
"\n"
"\tEntry List: %s\n"
"\n"
"\tCritExtOIDs: %s\n"
"]\n";
PKIX_CHECK(PKIX_PL_String_Create
(PKIX_ESCASCII,
asciiFormat,
0,
&formatString,
plContext),
PKIX_STRINGCREATEFAILED);
/* Version */
PKIX_CHECK(pkix_pl_CRL_GetVersion(crl, &crlVersion, plContext),
PKIX_CRLGETVERSIONFAILED);
/* Issuer */
PKIX_CHECK(PKIX_PL_CRL_GetIssuer(crl, &crlIssuer, plContext),
PKIX_CRLGETISSUERFAILED);
PKIX_CHECK(PKIX_PL_Object_ToString
((PKIX_PL_Object *)crlIssuer, &crlIssuerString, plContext),
PKIX_X500NAMETOSTRINGFAILED);
/* This update - No Date object created, use nss data directly */
PKIX_CHECK(pkix_pl_Date_ToString_Helper
(&(crl->nssSignedCrl->crl.lastUpdate),
&lastUpdateString,
plContext),
PKIX_DATETOSTRINGHELPERFAILED);
/* Next update - No Date object created, use nss data directly */
PKIX_CHECK(pkix_pl_Date_ToString_Helper
(&(crl->nssSignedCrl->crl.nextUpdate),
&nextUpdateString,
plContext),
PKIX_DATETOSTRINGHELPERFAILED);
/* Signature Algorithm Id */
PKIX_CHECK(pkix_pl_CRL_GetSignatureAlgId
(crl, &nssSignatureAlgId, plContext),
PKIX_CRLGETSIGNATUREALGIDFAILED);
PKIX_CHECK(PKIX_PL_Object_ToString
((PKIX_PL_Object *)nssSignatureAlgId,
&nssSignatureAlgIdString,
plContext),
PKIX_OIDTOSTRINGFAILED);
/* CRL Number */
PKIX_CHECK(PKIX_PL_CRL_GetCRLNumber
(crl, &crlNumber, plContext),
PKIX_CRLGETCRLNUMBERFAILED);
PKIX_TOSTRING(crlNumber, &crlNumberString, plContext,
PKIX_BIGINTTOSTRINGFAILED);
/* CRL Entries */
PKIX_CHECK(pkix_pl_CRL_GetCRLEntries(crl, &crlEntryList, plContext),
PKIX_CRLGETCRLENTRIESFAILED);
PKIX_TOSTRING(crlEntryList, &crlEntryListString, plContext,
PKIX_LISTTOSTRINGFAILED);
/* CriticalExtensionOIDs */
PKIX_CHECK(PKIX_PL_CRL_GetCriticalExtensionOIDs
(crl, &critExtOIDs, plContext),
PKIX_CRLGETCRITICALEXTENSIONOIDSFAILED);
PKIX_TOSTRING(critExtOIDs, &critExtOIDsString, plContext,
PKIX_LISTTOSTRINGFAILED);
PKIX_CHECK(PKIX_PL_Sprintf
(&crlString,
plContext,
formatString,
crlVersion + 1,
crlIssuerString,
lastUpdateString,
nextUpdateString,
nssSignatureAlgIdString,
crlNumberString,
crlEntryListString,
critExtOIDsString),
PKIX_SPRINTFFAILED);
*pString = crlString;
cleanup:
PKIX_DECREF(crlIssuer);
PKIX_DECREF(nssSignatureAlgId);
PKIX_DECREF(crlNumber);
PKIX_DECREF(crlEntryList);
PKIX_DECREF(critExtOIDs);
PKIX_DECREF(crlIssuerString);
PKIX_DECREF(lastUpdateString);
PKIX_DECREF(nextUpdateString);
PKIX_DECREF(nssSignatureAlgIdString);
PKIX_DECREF(crlNumberString);
PKIX_DECREF(crlEntryListString);
PKIX_DECREF(critExtOIDsString);
PKIX_DECREF(formatString);
PKIX_RETURN(CRL);
}
PKIX_Error *
pkix_pl_AIAMgr_GetHTTPCerts(
PKIX_PL_AIAMgr *aiaMgr,
PKIX_PL_InfoAccess *ia,
void **pNBIOContext,
PKIX_List **pCerts,
void *plContext)
{
PKIX_PL_GeneralName *location = NULL;
PKIX_PL_String *locationString = NULL;
PKIX_UInt32 len = 0;
PRUint16 port = 0;
const SEC_HttpClientFcn *httpClient = NULL;
const SEC_HttpClientFcnV1 *hcv1 = NULL;
SECStatus rv = SECFailure;
SEC_HTTP_SERVER_SESSION serverSession = NULL;
SEC_HTTP_REQUEST_SESSION requestSession = NULL;
char *path = NULL;
char *hostname = NULL;
char *locationAscii = NULL;
void *nbio = NULL;
PRUint16 responseCode = 0;
const char *responseContentType = NULL;
const char *responseData = NULL;
PKIX_ENTER(AIAMGR, "pkix_pl_AIAMgr_GetHTTPCerts");
PKIX_NULLCHECK_FOUR(aiaMgr, ia, pNBIOContext, pCerts);
nbio = *pNBIOContext;
*pNBIOContext = NULL;
*pCerts = NULL;
if (nbio == NULL) { /* a new request */
PKIX_CHECK(PKIX_PL_InfoAccess_GetLocation
(ia, &location, plContext),
PKIX_INFOACCESSGETLOCATIONFAILED);
/* find or create httpClient = default client */
httpClient = SEC_GetRegisteredHttpClient();
aiaMgr->client.hdata.httpClient = httpClient;
if (!httpClient)
PKIX_ERROR(PKIX_OUTOFMEMORY);
if (httpClient->version == 1) {
PKIX_UInt32 timeout =
((PKIX_PL_NssContext*)plContext)->timeoutSeconds;
hcv1 = &(httpClient->fcnTable.ftable1);
/* create server session */
PKIX_TOSTRING(location, &locationString, plContext,
PKIX_GENERALNAMETOSTRINGFAILED);
PKIX_CHECK(PKIX_PL_String_GetEncoded
(locationString,
PKIX_ESCASCII,
(void **)&locationAscii,
&len,
plContext),
PKIX_STRINGGETENCODEDFAILED);
rv = CERT_ParseURL(locationAscii, &hostname, &port,
&path);
if ((rv != SECSuccess) ||
(hostname == NULL) ||
(path == NULL)) {
PKIX_ERROR(PKIX_URLPARSINGFAILED);
}
rv = (*hcv1->createSessionFcn)(hostname, port,
&serverSession);
if (rv != SECSuccess) {
PKIX_ERROR(PKIX_HTTPCLIENTCREATESESSIONFAILED);
}
aiaMgr->client.hdata.serverSession = serverSession;
/* create request session */
rv = (*hcv1->createFcn)(serverSession, "http", path,
"GET", PR_SecondsToInterval(timeout),
&requestSession);
if (rv != SECSuccess) {
PKIX_ERROR(PKIX_HTTPSERVERERROR);
}
aiaMgr->client.hdata.requestSession = requestSession;
} else {
PKIX_ERROR(PKIX_UNSUPPORTEDVERSIONOFHTTPCLIENT);
}
}
httpClient = aiaMgr->client.hdata.httpClient;
if (httpClient->version == 1) {
PRUint32 responseDataLen =
((PKIX_PL_NssContext*)plContext)->maxResponseLength;
hcv1 = &(httpClient->fcnTable.ftable1);
requestSession = aiaMgr->client.hdata.requestSession;
/* trySendAndReceive */
rv = (*hcv1->trySendAndReceiveFcn)(requestSession,
(PRPollDesc **)&nbio,
&responseCode,
(const char **)&responseContentType,
NULL, /* &responseHeaders */
(const char **)&responseData,
&responseDataLen);
if (rv != SECSuccess) {
PKIX_ERROR(PKIX_HTTPSERVERERROR);
}
if (nbio != 0) {
*pNBIOContext = nbio;
goto cleanup;
}
PKIX_CHECK(pkix_pl_HttpCertStore_ProcessCertResponse
(responseCode,
responseContentType,
responseData,
responseDataLen,
pCerts,
plContext),
PKIX_HTTPCERTSTOREPROCESSCERTRESPONSEFAILED);
/* Session and request cleanup in case of success */
if (aiaMgr->client.hdata.requestSession != NULL) {
(*hcv1->freeFcn)(aiaMgr->client.hdata.requestSession);
aiaMgr->client.hdata.requestSession = NULL;
}
if (aiaMgr->client.hdata.serverSession != NULL) {
(*hcv1->freeSessionFcn)(aiaMgr->client.hdata.serverSession);
aiaMgr->client.hdata.serverSession = NULL;
}
aiaMgr->client.hdata.httpClient = 0; /* callback fn */
} else {
PKIX_ERROR(PKIX_UNSUPPORTEDVERSIONOFHTTPCLIENT);
}
cleanup:
/* Session and request cleanup in case of error. Passing through without cleanup
* if interrupted by blocked IO. */
if (PKIX_ERROR_RECEIVED && aiaMgr) {
if (aiaMgr->client.hdata.requestSession != NULL) {
(*hcv1->freeFcn)(aiaMgr->client.hdata.requestSession);
aiaMgr->client.hdata.requestSession = NULL;
}
if (aiaMgr->client.hdata.serverSession != NULL) {
(*hcv1->freeSessionFcn)(aiaMgr->client.hdata.serverSession);
aiaMgr->client.hdata.serverSession = NULL;
}
aiaMgr->client.hdata.httpClient = 0; /* callback fn */
}
PKIX_DECREF(location);
PKIX_DECREF(locationString);
if (locationAscii) {
PORT_Free(locationAscii);
}
if (hostname) {
PORT_Free(hostname);
}
if (path) {
PORT_Free(path);
}
PKIX_RETURN(AIAMGR);
}
/*
* FUNCTION: pkix_ProcessingParams_ToString
* (see comments for PKIX_PL_ToStringCallback in pkix_pl_system.h)
*/
static PKIX_Error *
pkix_ProcessingParams_ToString(
PKIX_PL_Object *object,
PKIX_PL_String **pString,
void *plContext)
{
PKIX_ProcessingParams *procParams = NULL;
char *asciiFormat = NULL;
PKIX_PL_String *formatString = NULL;
PKIX_PL_String *procParamsString = NULL;
PKIX_PL_String *anchorsString = NULL;
PKIX_PL_String *dateString = NULL;
PKIX_PL_String *constraintsString = NULL;
PKIX_PL_String *InitialPoliciesString = NULL;
PKIX_PL_String *qualsRejectedString = NULL;
PKIX_List *certStores = NULL;
PKIX_PL_String *certStoresString = NULL;
PKIX_PL_String *resourceLimitsString = NULL;
PKIX_ENTER(PROCESSINGPARAMS, "pkix_ProcessingParams_ToString");
PKIX_NULLCHECK_TWO(object, pString);
PKIX_CHECK(pkix_CheckType
(object, PKIX_PROCESSINGPARAMS_TYPE, plContext),
PKIX_OBJECTNOTPROCESSINGPARAMS);
asciiFormat =
"[\n"
"\tTrust Anchors: \n"
"\t********BEGIN LIST OF TRUST ANCHORS********\n"
"\t\t%s\n"
"\t********END LIST OF TRUST ANCHORS********\n"
"\tDate: \t\t%s\n"
"\tTarget Constraints: %s\n"
"\tInitial Policies: %s\n"
"\tQualifiers Rejected: %s\n"
"\tCert Stores: %s\n"
"\tResource Limits: %s\n"
"\tCRL Checking Enabled: %d\n"
"]\n";
PKIX_CHECK(PKIX_PL_String_Create
(PKIX_ESCASCII,
asciiFormat,
0,
&formatString,
plContext),
PKIX_STRINGCREATEFAILED);
procParams = (PKIX_ProcessingParams*)object;
PKIX_TOSTRING(procParams->trustAnchors, &anchorsString, plContext,
PKIX_OBJECTTOSTRINGFAILED);
PKIX_TOSTRING(procParams->date, &dateString, plContext,
PKIX_OBJECTTOSTRINGFAILED);
PKIX_TOSTRING(procParams->constraints, &constraintsString, plContext,
PKIX_OBJECTTOSTRINGFAILED);
PKIX_TOSTRING
(procParams->initialPolicies, &InitialPoliciesString, plContext,
PKIX_OBJECTTOSTRINGFAILED);
PKIX_CHECK(PKIX_PL_String_Create
(PKIX_ESCASCII,
(procParams->qualifiersRejected)?"TRUE":"FALSE",
0,
&qualsRejectedString,
plContext),
PKIX_STRINGCREATEFAILED);
/* There is no ToString function for CertChainCheckers */
PKIX_CHECK(PKIX_ProcessingParams_GetCertStores
(procParams, &certStores, plContext),
PKIX_PROCESSINGPARAMSGETCERTSTORESFAILED);
PKIX_TOSTRING(certStores, &certStoresString, plContext,
PKIX_LISTTOSTRINGFAILED);
PKIX_TOSTRING(procParams->resourceLimits,
&resourceLimitsString,
plContext,
PKIX_OBJECTTOSTRINGFAILED);
PKIX_CHECK(PKIX_PL_Sprintf
(&procParamsString,
plContext,
formatString,
anchorsString,
dateString,
constraintsString,
InitialPoliciesString,
qualsRejectedString,
certStoresString,
resourceLimitsString,
procParams->isCrlRevocationCheckingEnabled,
procParams->isCrlRevocationCheckingEnabledWithNISTPolicy),
PKIX_SPRINTFFAILED);
*pString = procParamsString;
cleanup:
PKIX_DECREF(formatString);
PKIX_DECREF(anchorsString);
PKIX_DECREF(dateString);
PKIX_DECREF(constraintsString);
PKIX_DECREF(InitialPoliciesString);
PKIX_DECREF(qualsRejectedString);
PKIX_DECREF(certStores);
PKIX_DECREF(certStoresString);
PKIX_DECREF(resourceLimitsString);
PKIX_RETURN(PROCESSINGPARAMS);
}
/*
* FUNCTION: pkix_Logger_ToString
* (see comments for PKIX_PL_ToStringCallback in pkix_pl_system.h)
*/
static PKIX_Error *
pkix_Logger_ToString(
PKIX_PL_Object *object,
PKIX_PL_String **pString,
void *plContext)
{
PKIX_Logger *logger = NULL;
char *asciiFormat = NULL;
PKIX_PL_String *formatString = NULL;
PKIX_PL_String *contextString = NULL;
PKIX_PL_String *componentString = NULL;
PKIX_PL_String *loggerString = NULL;
PKIX_ENTER(LOGGER, "pkix_Logger_ToString_Helper");
PKIX_NULLCHECK_TWO(object, pString);
/* Check that this object is a logger */
PKIX_CHECK(pkix_CheckType(object, PKIX_LOGGER_TYPE, plContext),
PKIX_OBJECTNOTLOGGER);
logger = (PKIX_Logger *)object;
asciiFormat =
"[\n"
"\tLogger: \n"
"\tContext: %s\n"
"\tMaximum Level: %d\n"
"\tComponent Name: %s\n"
"]\n";
PKIX_CHECK(PKIX_PL_String_Create
(PKIX_ESCASCII,
asciiFormat,
0,
&formatString,
plContext),
PKIX_STRINGCREATEFAILED);
PKIX_TOSTRING(logger->context, &contextString, plContext,
PKIX_OBJECTTOSTRINGFAILED);
PKIX_CHECK(PKIX_PL_String_Create
(PKIX_ESCASCII,
(void *)PKIX_ERRORCLASSNAMES[logger->logComponent],
0,
&componentString,
plContext),
PKIX_STRINGCREATEFAILED);
PKIX_CHECK(PKIX_PL_Sprintf
(&loggerString,
plContext,
formatString,
contextString,
logger->maxLevel,
componentString),
PKIX_SPRINTFFAILED);
*pString = loggerString;
cleanup:
PKIX_DECREF(formatString);
PKIX_DECREF(contextString);
PKIX_RETURN(LOGGER);
}
