/* Data duplication data. Not create an object. Only initializes fields
* in the new object by data from "object". */
PKIX_Error *
pkix_RevocationMethod_Duplicate(
PKIX_PL_Object *object,
PKIX_PL_Object *newObject,
void *plContext)
{
pkix_RevocationMethod *method = NULL;
PKIX_ENTER(REVOCATIONMETHOD, "pkix_RevocationMethod_Duplicate");
PKIX_NULLCHECK_TWO(object, newObject);
method = (pkix_RevocationMethod *)object;
PKIX_CHECK(
pkix_RevocationMethod_Init((pkix_RevocationMethod*)newObject,
method->methodType,
method->flags,
method->priority,
method->localRevChecker,
method->externalRevChecker,
plContext),
PKIX_COULDNOTCREATEREVOCATIONMETHODOBJECT);
cleanup:
PKIX_RETURN(REVOCATIONMETHOD);
}
/*
* FUNCTION: pkix_CrlChecker_Create
*
* DESCRIPTION:
* Allocate and initialize CRLChecker state data.
*
* PARAMETERS
* "certStores"
* Address of CertStore List to be stored in state. Must be non-NULL.
* "testDate"
* Address of PKIX_PL_Date to be checked. May be NULL.
* "trustedPubKey"
* Trusted Anchor Public Key for verifying first Cert in the chain.
* Must be non-NULL.
* "certsRemaining"
* Number of certificates remaining in the chain.
* "nistCRLPolicyEnabled"
* If enabled, enforce nist crl policy.
* "pChecker"
* Address of CRLChecker that is returned. Must be non-NULL.
* "plContext"
* Platform-specific context pointer.
*
* THREAD SAFETY:
* Thread Safe (see Thread Safety Definitions in Programmer's Guide)
*
* RETURNS:
* Returns NULL if the function succeeds.
* Returns a DefaultCrlChecker Error if the function fails in a
* non-fatal way.
* Returns a Fatal Error
*/
PKIX_Error *
pkix_CrlChecker_Create(PKIX_RevocationMethodType methodType,
PKIX_UInt32 flags,
PKIX_UInt32 priority,
pkix_LocalRevocationCheckFn localRevChecker,
pkix_ExternalRevocationCheckFn externalRevChecker,
PKIX_List *certStores,
PKIX_PL_VerifyCallback crlVerifyFn,
pkix_RevocationMethod **pChecker,
void *plContext)
{
pkix_CrlChecker *crlChecker = NULL;
PKIX_ENTER(CRLCHECKER, "pkix_CrlChecker_Create");
PKIX_NULLCHECK_TWO(certStores, pChecker);
PKIX_CHECK(PKIX_PL_Object_Alloc
(PKIX_CRLCHECKER_TYPE,
sizeof (pkix_CrlChecker),
(PKIX_PL_Object **)&crlChecker,
plContext),
PKIX_COULDNOTCREATECRLCHECKEROBJECT);
pkixErrorResult = pkix_RevocationMethod_Init(
(pkix_RevocationMethod*)crlChecker, methodType, flags, priority,
localRevChecker, externalRevChecker, plContext);
if (pkixErrorResult) {
goto cleanup;
}
/* Initialize fields */
PKIX_INCREF(certStores);
crlChecker->certStores = certStores;
crlChecker->crlVerifyFn = crlVerifyFn;
*pChecker = (pkix_RevocationMethod*)crlChecker;
crlChecker = NULL;
cleanup:
PKIX_DECREF(crlChecker);
PKIX_RETURN(CRLCHECKER);
}
/*
* FUNCTION: pkix_OcspChecker_Create
*/
PKIX_Error *
pkix_OcspChecker_Create(PKIX_RevocationMethodType methodType,
PKIX_UInt32 flags,
PKIX_UInt32 priority,
pkix_LocalRevocationCheckFn localRevChecker,
pkix_ExternalRevocationCheckFn externalRevChecker,
PKIX_PL_VerifyCallback verifyFn,
pkix_RevocationMethod **pChecker,
void *plContext)
{
pkix_OcspChecker *method = NULL;
PKIX_ENTER(OCSPCHECKER, "pkix_OcspChecker_Create");
PKIX_NULLCHECK_ONE(pChecker);
PKIX_CHECK(PKIX_PL_Object_Alloc
(PKIX_OCSPCHECKER_TYPE,
sizeof (pkix_OcspChecker),
(PKIX_PL_Object **)&method,
plContext),
PKIX_COULDNOTCREATECERTCHAINCHECKEROBJECT);
pkixErrorResult = pkix_RevocationMethod_Init(
(pkix_RevocationMethod*)method, methodType, flags, priority,
localRevChecker, externalRevChecker, plContext);
if (pkixErrorResult) {
goto cleanup;
}
method->certVerifyFcn = (PKIX_PL_VerifyCallback)verifyFn;
*pChecker = (pkix_RevocationMethod*)method;
method = NULL;
cleanup:
PKIX_DECREF(method);
PKIX_RETURN(OCSPCHECKER);
}
