/*
* FUNCTION: pkix_pl_OcspResponse_Hashcode
* (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
*/
static PKIX_Error *
pkix_pl_OcspResponse_Hashcode(
PKIX_PL_Object *object,
PKIX_UInt32 *pHashcode,
void *plContext)
{
PKIX_PL_OcspResponse *ocspRsp = NULL;
PKIX_ENTER(OCSPRESPONSE, "pkix_pl_OcspResponse_Hashcode");
PKIX_NULLCHECK_TWO(object, pHashcode);
PKIX_CHECK(pkix_CheckType(object, PKIX_OCSPRESPONSE_TYPE, plContext),
PKIX_OBJECTNOTANOCSPRESPONSE);
ocspRsp = (PKIX_PL_OcspResponse *)object;
if (ocspRsp->encodedResponse->data == NULL) {
*pHashcode = 0;
} else {
PKIX_CHECK(pkix_hash
(ocspRsp->encodedResponse->data,
ocspRsp->encodedResponse->len,
pHashcode,
plContext),
PKIX_HASHFAILED);
}
cleanup:
PKIX_RETURN(OCSPRESPONSE);
}
/*
* FUNCTION: pkix_pl_OID_Hashcode
* (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
*/
static PKIX_Error *
pkix_pl_OID_Hashcode(
PKIX_PL_Object *object,
PKIX_UInt32 *pHashcode,
void *plContext)
{
PKIX_PL_OID *oid = NULL;
PKIX_ENTER(OID, "pkix_pl_OID_HashCode");
PKIX_NULLCHECK_TWO(object, pHashcode);
PKIX_CHECK(pkix_CheckType(object, PKIX_OID_TYPE, plContext),
PKIX_OBJECTNOTANOID);
oid = (PKIX_PL_OID *)object;
PKIX_CHECK(pkix_hash
((unsigned char *)oid->derOid.data,
oid->derOid.len * sizeof (char),
pHashcode,
plContext),
PKIX_HASHFAILED);
cleanup:
PKIX_RETURN(OID);
}
/*
* FUNCTION: pkix_pl_Date_Hashcode
* (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
*/
static PKIX_Error *
pkix_pl_Date_Hashcode(
PKIX_PL_Object *object,
PKIX_UInt32 *pHashcode,
void *plContext)
{
PKIX_PL_Date *date = NULL;
PKIX_UInt32 dateHash;
PKIX_ENTER(DATE, "pkix_pl_Date_Hashcode");
PKIX_NULLCHECK_TWO(object, pHashcode);
PKIX_CHECK(pkix_CheckType(object, PKIX_DATE_TYPE, plContext),
PKIX_OBJECTNOTDATE);
date = (PKIX_PL_Date *)object;
PKIX_CHECK(pkix_hash
((const unsigned char *)&date->nssTime,
sizeof(date->nssTime),
&dateHash,
plContext),
PKIX_HASHFAILED);
*pHashcode = dateHash;
cleanup:
PKIX_RETURN(DATE);
}
/*
* FUNCTION: pkix_pl_ByteArray_Hashcode
* (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
*/
static PKIX_Error *
pkix_pl_ByteArray_Hashcode(
PKIX_PL_Object *object,
PKIX_UInt32 *pHashcode,
void *plContext)
{
PKIX_PL_ByteArray *array = NULL;
PKIX_ENTER(BYTEARRAY, "pkix_pl_ByteArray_Hashcode");
PKIX_NULLCHECK_TWO(object, pHashcode);
PKIX_CHECK(pkix_CheckType(object, PKIX_BYTEARRAY_TYPE, plContext),
PKIX_OBJECTNOTBYTEARRAY);
array = (PKIX_PL_ByteArray*)object;
PKIX_CHECK(pkix_hash
((const unsigned char *)array->array,
array->length,
pHashcode,
plContext),
PKIX_HASHFAILED);
cleanup:
PKIX_RETURN(BYTEARRAY);
}
/*
* FUNCTION: pkix_pl_CRL_Hashcode
* (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
*/
static PKIX_Error *
pkix_pl_CRL_Hashcode(
PKIX_PL_Object *object,
PKIX_UInt32 *pHashcode,
void *plContext)
{
PKIX_PL_CRL *crl = NULL;
unsigned char *derBytes = NULL;
PKIX_UInt32 derLength;
PKIX_UInt32 certHash;
PKIX_ENTER(CRL, "pkix_pl_CRL_Hashcode");
PKIX_NULLCHECK_TWO(object, pHashcode);
PKIX_CHECK(pkix_CheckType(object, PKIX_CRL_TYPE, plContext),
PKIX_OBJECTNOTCRL);
crl = (PKIX_PL_CRL *)object;
PKIX_NULLCHECK_TWO(crl->nssSignedCrl, crl->nssSignedCrl->derCrl);
derBytes = (crl->nssSignedCrl->derCrl)->data;
derLength = (crl->nssSignedCrl->derCrl)->len;
PKIX_NULLCHECK_ONE(derBytes);
PKIX_CHECK(pkix_hash(derBytes, derLength, &certHash, plContext),
PKIX_ERRORINHASH);
*pHashcode = certHash;
cleanup:
PKIX_RETURN(CRL);
}
/*
* FUNCTION: pkix_pl_CertBasicConstraints_Hashcode
* (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
*/
static PKIX_Error *
pkix_pl_CertBasicConstraints_Hashcode(
PKIX_PL_Object *object,
PKIX_UInt32 *pHashcode,
void *plContext)
{
PKIX_PL_CertBasicConstraints *certB = NULL;
PKIX_Boolean isCA = PKIX_FALSE;
PKIX_Int32 pathLen = 0;
PKIX_Int32 hashInput = 0;
PKIX_UInt32 cbcHash = 0;
PKIX_ENTER(CERTBASICCONSTRAINTS,
"pkix_pl_CertBasicConstraints_Hashcode");
PKIX_NULLCHECK_TWO(object, pHashcode);
PKIX_CHECK(pkix_CheckType
(object, PKIX_CERTBASICCONSTRAINTS_TYPE, plContext),
PKIX_OBJECTNOTCERTBASICCONSTRAINTS);
certB = (PKIX_PL_CertBasicConstraints *)object;
/*
* if CA == TRUE
* hash(pathLen + 1 - PKIX_UNLIMITED_PATH_CONSTRAINT)
* if CA == FALSE, hash(0)
*/
isCA = certB->isCA;
if (isCA) {
pathLen = certB->pathLen;
hashInput = pathLen + 1 - PKIX_UNLIMITED_PATH_CONSTRAINT;
}
PKIX_CHECK(pkix_hash
((const unsigned char *)&hashInput,
sizeof (hashInput),
&cbcHash,
plContext),
PKIX_HASHFAILED);
*pHashcode = cbcHash;
cleanup:
PKIX_RETURN(CERTBASICCONSTRAINTS);
}
/*
* FUNCTION: pkix_pl_CRL_Hashcode
* (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
*/
static PKIX_Error *
pkix_pl_CRL_Hashcode(
PKIX_PL_Object *object,
PKIX_UInt32 *pHashcode,
void *plContext)
{
PKIX_PL_CRL *crl = NULL;
PKIX_UInt32 certHash;
SECItem *crlDer = NULL;
PKIX_ENTER(CRL, "pkix_pl_CRL_Hashcode");
PKIX_NULLCHECK_TWO(object, pHashcode);
PKIX_CHECK(pkix_CheckType(object, PKIX_CRL_TYPE, plContext),
PKIX_OBJECTNOTCRL);
crl = (PKIX_PL_CRL *)object;
if (crl->adoptedDerCrl) {
crlDer = crl->adoptedDerCrl;
} else if (crl->nssSignedCrl && crl->nssSignedCrl->derCrl) {
crlDer = crl->nssSignedCrl->derCrl;
}
if (!crlDer || !crlDer->data) {
PKIX_ERROR(PKIX_CANNOTAQUIRECRLDER);
}
PKIX_CHECK(pkix_hash(crlDer->data, crlDer->len,
&certHash, plContext),
PKIX_ERRORINHASH);
*pHashcode = certHash;
cleanup:
PKIX_RETURN(CRL);
}
/*
* FUNCTION: pkix_pl_GeneralName_Hashcode
* (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
*/
static PKIX_Error *
pkix_pl_GeneralName_Hashcode(
PKIX_PL_Object *object,
PKIX_UInt32 *pHashcode,
void *plContext)
{
PKIX_PL_GeneralName *name = NULL;
PKIX_UInt32 firstHash, secondHash, nameHash;
PKIX_ENTER(GENERALNAME, "pkix_pl_GeneralName_Hashcode");
PKIX_NULLCHECK_TWO(object, pHashcode);
PKIX_CHECK(pkix_CheckType(object, PKIX_GENERALNAME_TYPE, plContext),
PKIX_OBJECTNOTGENERALNAME);
name = (PKIX_PL_GeneralName *)object;
switch (name->type) {
case certRFC822Name:
case certDNSName:
case certX400Address:
case certEDIPartyName:
case certURI:
case certIPAddress:
PKIX_NULLCHECK_ONE(name->other);
PKIX_CHECK(pkix_hash
((const unsigned char *)
name->other->data,
name->other->len,
&nameHash,
plContext),
PKIX_HASHFAILED);
break;
case certRegisterID:
PKIX_CHECK(PKIX_PL_Object_Hashcode
((PKIX_PL_Object *)name->oid,
&nameHash,
plContext),
PKIX_OIDHASHCODEFAILED);
break;
case certOtherName:
PKIX_NULLCHECK_ONE(name->OthName);
PKIX_CHECK(pkix_hash
((const unsigned char *)
name->OthName->oid.data,
name->OthName->oid.len,
&firstHash,
plContext),
PKIX_HASHFAILED);
PKIX_CHECK(pkix_hash
((const unsigned char *)
name->OthName->name.data,
name->OthName->name.len,
&secondHash,
plContext),
PKIX_HASHFAILED);
nameHash = firstHash + secondHash;
break;
case certDirectoryName:
PKIX_CHECK(PKIX_PL_Object_Hashcode
((PKIX_PL_Object *)
name->directoryName,
&nameHash,
plContext),
PKIX_X500NAMEHASHCODEFAILED);
break;
}
*pHashcode = nameHash;
cleanup:
PKIX_RETURN(GENERALNAME);
}