/* * FUNCTION: pkix_pl_CRL_ToString_Helper * DESCRIPTION: * * Helper function that creates a string representation of the CRL pointed * to by "crl" and stores it at "pString". * * PARAMETERS * "crl" * Address of CRL whose string representation is desired. * Must be non-NULL. * "pString" * Address where object pointer will be stored. Must be non-NULL. * "plContext" * Platform-specific context pointer. * THREAD SAFETY: * Thread Safe (see Thread Safety Definitions in Programmer's Guide) * RETURNS: * Returns NULL if the function succeeds. * Returns a CRL Error if the function fails in a non-fatal way. * Returns a Fatal Error if the function fails in an unrecoverable way. */ static PKIX_Error * pkix_pl_CRL_ToString_Helper( PKIX_PL_CRL *crl, PKIX_PL_String **pString, void *plContext) { char *asciiFormat = NULL; PKIX_UInt32 crlVersion; PKIX_PL_X500Name *crlIssuer = NULL; PKIX_PL_OID *nssSignatureAlgId = NULL; PKIX_PL_BigInt *crlNumber = NULL; PKIX_List *crlEntryList = NULL; PKIX_List *critExtOIDs = NULL; PKIX_PL_String *formatString = NULL; PKIX_PL_String *crlIssuerString = NULL; PKIX_PL_String *lastUpdateString = NULL; PKIX_PL_String *nextUpdateString = NULL; PKIX_PL_String *nssSignatureAlgIdString = NULL; PKIX_PL_String *crlNumberString = NULL; PKIX_PL_String *crlEntryListString = NULL; PKIX_PL_String *critExtOIDsString = NULL; PKIX_PL_String *crlString = NULL; PKIX_ENTER(CRL, "pkix_pl_CRL_ToString_Helper"); PKIX_NULLCHECK_THREE(crl, crl->nssSignedCrl, pString); asciiFormat = "[\n" "\tVersion: v%d\n" "\tIssuer: %s\n" "\tUpdate: [Last: %s\n" "\t Next: %s]\n" "\tSignatureAlgId: %s\n" "\tCRL Number : %s\n" "\n" "\tEntry List: %s\n" "\n" "\tCritExtOIDs: %s\n" "]\n"; PKIX_CHECK(PKIX_PL_String_Create (PKIX_ESCASCII, asciiFormat, 0, &formatString, plContext), PKIX_STRINGCREATEFAILED); /* Version */ PKIX_CHECK(pkix_pl_CRL_GetVersion(crl, &crlVersion, plContext), PKIX_CRLGETVERSIONFAILED); /* Issuer */ PKIX_CHECK(PKIX_PL_CRL_GetIssuer(crl, &crlIssuer, plContext), PKIX_CRLGETISSUERFAILED); PKIX_CHECK(PKIX_PL_Object_ToString ((PKIX_PL_Object *)crlIssuer, &crlIssuerString, plContext), PKIX_X500NAMETOSTRINGFAILED); /* This update - No Date object created, use nss data directly */ PKIX_CHECK(pkix_pl_Date_ToString_Helper (&(crl->nssSignedCrl->crl.lastUpdate), &lastUpdateString, plContext), PKIX_DATETOSTRINGHELPERFAILED); /* Next update - No Date object created, use nss data directly */ PKIX_CHECK(pkix_pl_Date_ToString_Helper (&(crl->nssSignedCrl->crl.nextUpdate), &nextUpdateString, plContext), PKIX_DATETOSTRINGHELPERFAILED); /* Signature Algorithm Id */ PKIX_CHECK(pkix_pl_CRL_GetSignatureAlgId (crl, &nssSignatureAlgId, plContext), PKIX_CRLGETSIGNATUREALGIDFAILED); PKIX_CHECK(PKIX_PL_Object_ToString ((PKIX_PL_Object *)nssSignatureAlgId, &nssSignatureAlgIdString, plContext), PKIX_OIDTOSTRINGFAILED); /* CRL Number */ PKIX_CHECK(PKIX_PL_CRL_GetCRLNumber (crl, &crlNumber, plContext), PKIX_CRLGETCRLNUMBERFAILED); PKIX_TOSTRING(crlNumber, &crlNumberString, plContext, PKIX_BIGINTTOSTRINGFAILED); /* CRL Entries */ PKIX_CHECK(pkix_pl_CRL_GetCRLEntries(crl, &crlEntryList, plContext), PKIX_CRLGETCRLENTRIESFAILED); PKIX_TOSTRING(crlEntryList, &crlEntryListString, plContext, PKIX_LISTTOSTRINGFAILED); /* CriticalExtensionOIDs */ PKIX_CHECK(PKIX_PL_CRL_GetCriticalExtensionOIDs (crl, &critExtOIDs, plContext), PKIX_CRLGETCRITICALEXTENSIONOIDSFAILED); PKIX_TOSTRING(critExtOIDs, &critExtOIDsString, plContext, PKIX_LISTTOSTRINGFAILED); PKIX_CHECK(PKIX_PL_Sprintf (&crlString, plContext, formatString, crlVersion + 1, crlIssuerString, lastUpdateString, nextUpdateString, nssSignatureAlgIdString, crlNumberString, crlEntryListString, critExtOIDsString), PKIX_SPRINTFFAILED); *pString = crlString; cleanup: PKIX_DECREF(crlIssuer); PKIX_DECREF(nssSignatureAlgId); PKIX_DECREF(crlNumber); PKIX_DECREF(crlEntryList); PKIX_DECREF(critExtOIDs); PKIX_DECREF(crlIssuerString); PKIX_DECREF(lastUpdateString); PKIX_DECREF(nextUpdateString); PKIX_DECREF(nssSignatureAlgIdString); PKIX_DECREF(crlNumberString); PKIX_DECREF(crlEntryListString); PKIX_DECREF(critExtOIDsString); PKIX_DECREF(formatString); PKIX_RETURN(CRL); }
/* * FUNCTION: PKIX_PL_CRL_GetCRLEntryForSerialNumber * (see comments in pkix_pl_pki.h) */ PKIX_Error * PKIX_PL_CRL_GetCRLEntryForSerialNumber( PKIX_PL_CRL *crl, PKIX_PL_BigInt *serialNumber, PKIX_PL_CRLEntry **pCRLEntry, void *plContext) { PKIX_PL_CRLEntry *crlEntry = NULL; PKIX_List *crlEntryList = NULL; PKIX_UInt32 numEntries = 0; PKIX_UInt32 i = 0; PKIX_Boolean cmpResult = PKIX_FALSE; PKIX_ENTER(CRL, "PKIX_PL_CRL_GetCRLEntryForSerialNumber"); PKIX_NULLCHECK_THREE(crl, serialNumber, pCRLEntry); /* Assume there is no entry for Serial Number at start */ *pCRLEntry = NULL; PKIX_CHECK(pkix_pl_CRL_GetCRLEntries(crl, &crlEntryList, plContext), PKIX_CRLGETCRLENTRIESFAILED); if (crlEntryList == NULL) { goto cleanup; } PKIX_CHECK(PKIX_List_GetLength(crlEntryList, &numEntries, plContext), PKIX_LISTGETLENGTHFAILED); for (i = 0; i < numEntries; i++) { PKIX_CHECK(PKIX_List_GetItem (crlEntryList, i, (PKIX_PL_Object **)&crlEntry, plContext), PKIX_LISTGETITEMFAILED); PKIX_CHECK(PKIX_PL_Object_Equals ((PKIX_PL_Object *)crlEntry->serialNumber, (PKIX_PL_Object *)serialNumber, &cmpResult, plContext), PKIX_OBJECTEQUALSFAILED); /* Found the entry for Serial Number */ if (cmpResult == PKIX_TRUE) { *pCRLEntry = crlEntry; goto cleanup; } PKIX_DECREF(crlEntry); } cleanup: PKIX_DECREF(crlEntryList); if (PKIX_ERROR_RECEIVED) { PKIX_DECREF(crlEntry); } PKIX_RETURN(CRL); }