/*
* FUNCTION: PKIX_PL_LdapCertStore_Create
* (see comments in pkix_samples_modules.h)
*/
PKIX_Error *
PKIX_PL_LdapCertStore_Create(
PKIX_PL_LdapClient *client,
PKIX_CertStore **pCertStore,
void *plContext)
{
PKIX_CertStore *certStore = NULL;
PKIX_ENTER(CERTSTORE, "PKIX_PL_LdapCertStore_Create");
PKIX_NULLCHECK_TWO(client, pCertStore);
PKIX_CHECK(PKIX_CertStore_Create
(pkix_pl_LdapCertStore_GetCert,
pkix_pl_LdapCertStore_GetCRL,
pkix_pl_LdapCertStore_GetCertContinue,
pkix_pl_LdapCertStore_GetCRLContinue,
NULL, /* don't support trust */
NULL, /* can not store crls */
NULL, /* can not do revocation check */
(PKIX_PL_Object *)client,
PKIX_TRUE, /* cache flag */
PKIX_FALSE, /* not local */
&certStore,
plContext),
PKIX_CERTSTORECREATEFAILED);
*pCertStore = certStore;
cleanup:
PKIX_RETURN(CERTSTORE);
}
/*
* FUNCTION: PKIX_PL_CollectionCertStore_Create
* (see comments in pkix_samples_modules.h)
*/
PKIX_Error *
PKIX_PL_CollectionCertStore_Create(
PKIX_PL_String *storeDir,
PKIX_CertStore **pCertStore,
void *plContext)
{
PKIX_PL_CollectionCertStoreContext *colCertStoreContext = NULL;
PKIX_CertStore *certStore = NULL;
PKIX_ENTER(CERTSTORE, "PKIX_PL_CollectionCertStore_Create");
PKIX_NULLCHECK_TWO(storeDir, pCertStore);
PKIX_CHECK(pkix_pl_CollectionCertStoreContext_Create
(storeDir, &colCertStoreContext, plContext),
PKIX_COULDNOTCREATECOLLECTIONCERTSTORECONTEXTOBJECT);
PKIX_CHECK(PKIX_CertStore_Create
(pkix_pl_CollectionCertStore_GetCert,
pkix_pl_CollectionCertStore_GetCRL,
NULL, /* GetCertContinue */
NULL, /* GetCRLContinue */
pkix_pl_CollectionCertStore_CheckTrust,
NULL, /* can not store crls */
NULL, /* can not do revocation check */
(PKIX_PL_Object *)colCertStoreContext,
PKIX_TRUE, /* cache flag */
PKIX_TRUE, /* local - no network I/O */
&certStore,
plContext),
PKIX_CERTSTORECREATEFAILED);
PKIX_DECREF(colCertStoreContext);
*pCertStore = certStore;
cleanup:
PKIX_RETURN(CERTSTORE);
}
/*
* FUNCTION: pkix_pl_HttpCertStore_CreateWithAsciiName
* DESCRIPTION:
*
* This function uses the HttpClient pointed to by "client" and the string
* (hostname:portnum/path, with portnum optional) pointed to by "locationAscii"
* to create an HttpCertStore connected to the desired location, storing the
* created CertStore at "pCertStore".
*
* PARAMETERS:
* "client"
* The address of the HttpClient. Must be non-NULL.
* "locationAscii"
* The address of the character string indicating the hostname, port, and
* path to be queried for Certs or Crls. Must be non-NULL.
* "pCertStore"
* The address in which the object is stored. Must be non-NULL.
* "plContext"
* Platform-specific context pointer.
* THREAD SAFETY:
* Thread Safe (see Thread Safety Definitions in Programmer's Guide)
* RETURNS:
* Returns NULL if the function succeeds.
* Returns a HttpCertStore Error if the function fails in a non-fatal way.
* Returns a Fatal Error if the function fails in an unrecoverable way.
*/
PKIX_Error *
pkix_pl_HttpCertStore_CreateWithAsciiName(
PKIX_PL_HttpClient *client,
char *locationAscii,
PKIX_CertStore **pCertStore,
void *plContext)
{
const SEC_HttpClientFcn *clientFcn = NULL;
const SEC_HttpClientFcnV1 *hcv1 = NULL;
PKIX_PL_HttpCertStoreContext *httpCertStore = NULL;
PKIX_CertStore *certStore = NULL;
char *hostname = NULL;
char *path = NULL;
PRUint16 port = 0;
SECStatus rv = SECFailure;
PKIX_ENTER(CERTSTORE, "pkix_pl_HttpCertStore_CreateWithAsciiName");
PKIX_NULLCHECK_TWO(locationAscii, pCertStore);
if (client == NULL) {
clientFcn = SEC_GetRegisteredHttpClient();
if (clientFcn == NULL) {
PKIX_ERROR(PKIX_NOREGISTEREDHTTPCLIENT);
}
} else {
clientFcn = (const SEC_HttpClientFcn *)client;
}
if (clientFcn->version != 1) {
PKIX_ERROR(PKIX_UNSUPPORTEDVERSIONOFHTTPCLIENT);
}
/* create a PKIX_PL_HttpCertStore object */
PKIX_CHECK(PKIX_PL_Object_Alloc
(PKIX_HTTPCERTSTORECONTEXT_TYPE,
sizeof (PKIX_PL_HttpCertStoreContext),
(PKIX_PL_Object **)&httpCertStore,
plContext),
PKIX_COULDNOTCREATEOBJECT);
/* Initialize fields */
httpCertStore->client = clientFcn; /* not a PKIX object! */
/* parse location -> hostname, port, path */
rv = CERT_ParseURL(locationAscii, &hostname, &port, &path);
if (rv == SECFailure || hostname == NULL || path == NULL) {
PKIX_ERROR(PKIX_URLPARSINGFAILED);
}
httpCertStore->path = path;
path = NULL;
hcv1 = &(clientFcn->fcnTable.ftable1);
rv = (*hcv1->createSessionFcn)(hostname, port,
&(httpCertStore->serverSession));
if (rv != SECSuccess) {
PKIX_ERROR(PKIX_HTTPCLIENTCREATESESSIONFAILED);
}
httpCertStore->requestSession = NULL;
PKIX_CHECK(PKIX_CertStore_Create
(pkix_pl_HttpCertStore_GetCert,
pkix_pl_HttpCertStore_GetCRL,
pkix_pl_HttpCertStore_GetCertContinue,
pkix_pl_HttpCertStore_GetCRLContinue,
NULL, /* don't support trust */
NULL, /* can not store crls */
NULL, /* can not do revocation check */
(PKIX_PL_Object *)httpCertStore,
PKIX_TRUE, /* cache flag */
PKIX_FALSE, /* not local */
&certStore,
plContext),
PKIX_CERTSTORECREATEFAILED);
*pCertStore = certStore;
certStore = NULL;
cleanup:
PKIX_DECREF(httpCertStore);
if (hostname) {
PORT_Free(hostname);
}
if (path) {
PORT_Free(path);
}
PKIX_RETURN(CERTSTORE);
}
