/* * FUNCTION: PKIX_PL_LdapCertStore_Create * (see comments in pkix_samples_modules.h) */ PKIX_Error * PKIX_PL_LdapCertStore_Create( PKIX_PL_LdapClient *client, PKIX_CertStore **pCertStore, void *plContext) { PKIX_CertStore *certStore = NULL; PKIX_ENTER(CERTSTORE, "PKIX_PL_LdapCertStore_Create"); PKIX_NULLCHECK_TWO(client, pCertStore); PKIX_CHECK(PKIX_CertStore_Create (pkix_pl_LdapCertStore_GetCert, pkix_pl_LdapCertStore_GetCRL, pkix_pl_LdapCertStore_GetCertContinue, pkix_pl_LdapCertStore_GetCRLContinue, NULL, /* don't support trust */ NULL, /* can not store crls */ NULL, /* can not do revocation check */ (PKIX_PL_Object *)client, PKIX_TRUE, /* cache flag */ PKIX_FALSE, /* not local */ &certStore, plContext), PKIX_CERTSTORECREATEFAILED); *pCertStore = certStore; cleanup: PKIX_RETURN(CERTSTORE); }
/* * FUNCTION: PKIX_PL_CollectionCertStore_Create * (see comments in pkix_samples_modules.h) */ PKIX_Error * PKIX_PL_CollectionCertStore_Create( PKIX_PL_String *storeDir, PKIX_CertStore **pCertStore, void *plContext) { PKIX_PL_CollectionCertStoreContext *colCertStoreContext = NULL; PKIX_CertStore *certStore = NULL; PKIX_ENTER(CERTSTORE, "PKIX_PL_CollectionCertStore_Create"); PKIX_NULLCHECK_TWO(storeDir, pCertStore); PKIX_CHECK(pkix_pl_CollectionCertStoreContext_Create (storeDir, &colCertStoreContext, plContext), PKIX_COULDNOTCREATECOLLECTIONCERTSTORECONTEXTOBJECT); PKIX_CHECK(PKIX_CertStore_Create (pkix_pl_CollectionCertStore_GetCert, pkix_pl_CollectionCertStore_GetCRL, NULL, /* GetCertContinue */ NULL, /* GetCRLContinue */ pkix_pl_CollectionCertStore_CheckTrust, NULL, /* can not store crls */ NULL, /* can not do revocation check */ (PKIX_PL_Object *)colCertStoreContext, PKIX_TRUE, /* cache flag */ PKIX_TRUE, /* local - no network I/O */ &certStore, plContext), PKIX_CERTSTORECREATEFAILED); PKIX_DECREF(colCertStoreContext); *pCertStore = certStore; cleanup: PKIX_RETURN(CERTSTORE); }
/* * FUNCTION: pkix_pl_HttpCertStore_CreateWithAsciiName * DESCRIPTION: * * This function uses the HttpClient pointed to by "client" and the string * (hostname:portnum/path, with portnum optional) pointed to by "locationAscii" * to create an HttpCertStore connected to the desired location, storing the * created CertStore at "pCertStore". * * PARAMETERS: * "client" * The address of the HttpClient. Must be non-NULL. * "locationAscii" * The address of the character string indicating the hostname, port, and * path to be queried for Certs or Crls. Must be non-NULL. * "pCertStore" * The address in which the object is stored. Must be non-NULL. * "plContext" * Platform-specific context pointer. * THREAD SAFETY: * Thread Safe (see Thread Safety Definitions in Programmer's Guide) * RETURNS: * Returns NULL if the function succeeds. * Returns a HttpCertStore Error if the function fails in a non-fatal way. * Returns a Fatal Error if the function fails in an unrecoverable way. */ PKIX_Error * pkix_pl_HttpCertStore_CreateWithAsciiName( PKIX_PL_HttpClient *client, char *locationAscii, PKIX_CertStore **pCertStore, void *plContext) { const SEC_HttpClientFcn *clientFcn = NULL; const SEC_HttpClientFcnV1 *hcv1 = NULL; PKIX_PL_HttpCertStoreContext *httpCertStore = NULL; PKIX_CertStore *certStore = NULL; char *hostname = NULL; char *path = NULL; PRUint16 port = 0; SECStatus rv = SECFailure; PKIX_ENTER(CERTSTORE, "pkix_pl_HttpCertStore_CreateWithAsciiName"); PKIX_NULLCHECK_TWO(locationAscii, pCertStore); if (client == NULL) { clientFcn = SEC_GetRegisteredHttpClient(); if (clientFcn == NULL) { PKIX_ERROR(PKIX_NOREGISTEREDHTTPCLIENT); } } else { clientFcn = (const SEC_HttpClientFcn *)client; } if (clientFcn->version != 1) { PKIX_ERROR(PKIX_UNSUPPORTEDVERSIONOFHTTPCLIENT); } /* create a PKIX_PL_HttpCertStore object */ PKIX_CHECK(PKIX_PL_Object_Alloc (PKIX_HTTPCERTSTORECONTEXT_TYPE, sizeof (PKIX_PL_HttpCertStoreContext), (PKIX_PL_Object **)&httpCertStore, plContext), PKIX_COULDNOTCREATEOBJECT); /* Initialize fields */ httpCertStore->client = clientFcn; /* not a PKIX object! */ /* parse location -> hostname, port, path */ rv = CERT_ParseURL(locationAscii, &hostname, &port, &path); if (rv == SECFailure || hostname == NULL || path == NULL) { PKIX_ERROR(PKIX_URLPARSINGFAILED); } httpCertStore->path = path; path = NULL; hcv1 = &(clientFcn->fcnTable.ftable1); rv = (*hcv1->createSessionFcn)(hostname, port, &(httpCertStore->serverSession)); if (rv != SECSuccess) { PKIX_ERROR(PKIX_HTTPCLIENTCREATESESSIONFAILED); } httpCertStore->requestSession = NULL; PKIX_CHECK(PKIX_CertStore_Create (pkix_pl_HttpCertStore_GetCert, pkix_pl_HttpCertStore_GetCRL, pkix_pl_HttpCertStore_GetCertContinue, pkix_pl_HttpCertStore_GetCRLContinue, NULL, /* don't support trust */ NULL, /* can not store crls */ NULL, /* can not do revocation check */ (PKIX_PL_Object *)httpCertStore, PKIX_TRUE, /* cache flag */ PKIX_FALSE, /* not local */ &certStore, plContext), PKIX_CERTSTORECREATEFAILED); *pCertStore = certStore; certStore = NULL; cleanup: PKIX_DECREF(httpCertStore); if (hostname) { PORT_Free(hostname); } if (path) { PORT_Free(path); } PKIX_RETURN(CERTSTORE); }