Source code
Revision control
Copy as Markdown
Other Tools
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
/*
* pkix_pl_nsscontext.c
*
* NSSContext Function Definitions
*
*/
#include "pkix_pl_nsscontext.h"
#define PKIX_DEFAULT_MAX_RESPONSE_LENGTH 64 * 1024
#define PKIX_DEFAULT_COMM_TIMEOUT_SECONDS 60
#define PKIX_DEFAULT_CRL_RELOAD_DELAY_SECONDS 6 * 24 * 60 * 60
#define PKIX_DEFAULT_BAD_CRL_RELOAD_DELAY_SECONDS 60 * 60
/* --Public-NSSContext-Functions--------------------------- */
/*
* FUNCTION: PKIX_PL_NssContext_Create
* (see comments in pkix_samples_modules.h)
*/
PKIX_Error *
PKIX_PL_NssContext_Create(
PKIX_UInt32 certificateUsage,
PKIX_Boolean useNssArena,
void *wincx,
void **pNssContext)
{
PKIX_PL_NssContext *context = NULL;
PLArenaPool *arena = NULL;
void *plContext = NULL;
PKIX_ENTER(CONTEXT, "PKIX_PL_NssContext_Create");
PKIX_NULLCHECK_ONE(pNssContext);
PKIX_CHECK(PKIX_PL_Malloc
(sizeof(PKIX_PL_NssContext), (void **)&context, NULL),
PKIX_MALLOCFAILED);
if (useNssArena == PKIX_TRUE) {
PKIX_CONTEXT_DEBUG("\t\tCalling PORT_NewArena\n");
arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
}
context->arena = arena;
context->certificateUsage = (SECCertificateUsage)certificateUsage;
context->wincx = wincx;
context->timeoutSeconds = PKIX_DEFAULT_COMM_TIMEOUT_SECONDS;
context->maxResponseLength = PKIX_DEFAULT_MAX_RESPONSE_LENGTH;
context->crlReloadDelay = PKIX_DEFAULT_CRL_RELOAD_DELAY_SECONDS;
context->badDerCrlReloadDelay =
PKIX_DEFAULT_BAD_CRL_RELOAD_DELAY_SECONDS;
context->certSignatureCheck = PKIX_TRUE;
context->chainVerifyCallback.isChainValid = NULL;
context->chainVerifyCallback.isChainValidArg = NULL;
*pNssContext = context;
cleanup:
PKIX_RETURN(CONTEXT);
}
/*
* FUNCTION: PKIX_PL_NssContext_Destroy
* (see comments in pkix_samples_modules.h)
*/
PKIX_Error *
PKIX_PL_NssContext_Destroy(
void *nssContext)
{
void *plContext = NULL;
PKIX_PL_NssContext *context = NULL;
PKIX_ENTER(CONTEXT, "PKIX_PL_NssContext_Destroy");
PKIX_NULLCHECK_ONE(nssContext);
context = (PKIX_PL_NssContext*)nssContext;
if (context->arena != NULL) {
PKIX_CONTEXT_DEBUG("\t\tCalling PORT_FreeArena\n");
PORT_FreeArena(context->arena, PKIX_FALSE);
}
PKIX_PL_Free(nssContext, NULL);
PKIX_RETURN(CONTEXT);
}
/*
* FUNCTION: pkix_pl_NssContext_GetCertUsage
* DESCRIPTION:
*
* This function obtains the platform-dependent SECCertificateUsage parameter
* from the context object pointed to by "nssContext", storing the result at
* "pCertUsage".
*
* PARAMETERS:
* "nssContext"
* The address of the context object whose wincx parameter is to be
* obtained. Must be non-NULL.
* "pCertUsage"
* The address where the result is stored. Must be non-NULL.
* THREAD SAFETY:
* Thread Safe (see Thread Safety Definitions in Programmer's Guide)
* RETURNS:
* Returns NULL if the function succeeds.
* Returns a Fatal Error if the function fails in an unrecoverable way.
*/
PKIX_Error *
pkix_pl_NssContext_GetCertUsage(
PKIX_PL_NssContext *nssContext,
SECCertificateUsage *pCertUsage)
{
void *plContext = NULL;
PKIX_ENTER(CONTEXT, "pkix_pl_NssContext_GetCertUsage");
PKIX_NULLCHECK_TWO(nssContext, pCertUsage);
*pCertUsage = nssContext->certificateUsage;
PKIX_RETURN(CONTEXT);
}
/*
* FUNCTION: pkix_pl_NssContext_SetCertUsage
* DESCRIPTION:
*
* This function sets the platform-dependent SECCertificateUsage parameter in
* the context object pointed to by "nssContext" to the value provided in
* "certUsage".
*
* PARAMETERS:
* "certUsage"
* Platform-dependent value to be stored.
* "nssContext"
* The address of the context object whose wincx parameter is to be
* obtained. Must be non-NULL.
* THREAD SAFETY:
* Thread Safe (see Thread Safety Definitions in Programmer's Guide)
* RETURNS:
* Returns NULL if the function succeeds.
* Returns a Fatal Error if the function fails in an unrecoverable way.
*/
PKIX_Error *
pkix_pl_NssContext_SetCertUsage(
SECCertificateUsage certUsage,
PKIX_PL_NssContext *nssContext)
{
void *plContext = NULL;
PKIX_ENTER(CONTEXT, "pkix_pl_NssContext_SetCertUsage");
PKIX_NULLCHECK_ONE(nssContext);
nssContext->certificateUsage = certUsage;
PKIX_RETURN(CONTEXT);
}
/*
* FUNCTION: pkix_pl_NssContext_GetCertSignatureCheck
* DESCRIPTION:
*
* This function obtains the platform-dependent flag to turn on or off
* signature checks.
*
* PARAMETERS:
* "nssContext"
* The address of the context object whose wincx parameter is to be
* obtained. Must be non-NULL.
* "pCheckSig"
* The address where the result is stored. Must be non-NULL.
* THREAD SAFETY:
* Thread Safe (see Thread Safety Definitions in Programmer's Guide)
* RETURNS:
* Returns NULL if the function succeeds.
* Returns a Fatal Error if the function fails in an unrecoverable way.
*/
PKIX_Error *
pkix_pl_NssContext_GetCertSignatureCheck(
PKIX_PL_NssContext *nssContext,
PKIX_Boolean *pCheckSig)
{
void *plContext = NULL;
PKIX_ENTER(CONTEXT, "pkix_pl_NssContext_GetCertUsage");
PKIX_NULLCHECK_TWO(nssContext, pCheckSig);
*pCheckSig = nssContext->certSignatureCheck;
PKIX_RETURN(CONTEXT);
}
/*
* FUNCTION: pkix_pl_NssContext_SetCertSignatureCheck
* DESCRIPTION:
*
* This function sets the check signature flag in
* the context object pointed to by "nssContext" to the value provided in
* "checkSig".
*
* PARAMETERS:
* "checkSig"
* Boolean that tells whether or not to check the signatues on certs.
* "nssContext"
* The address of the context object whose wincx parameter is to be
* obtained. Must be non-NULL.
* THREAD SAFETY:
* Thread Safe (see Thread Safety Definitions in Programmer's Guide)
* RETURNS:
* Returns NULL if the function succeeds.
* Returns a Fatal Error if the function fails in an unrecoverable way.
*/
PKIX_Error *
pkix_pl_NssContext_SetCertSignatureCheck(
PKIX_Boolean checkSig,
PKIX_PL_NssContext *nssContext)
{
void *plContext = NULL;
PKIX_ENTER(CONTEXT, "pkix_pl_NssContext_SetCertUsage");
PKIX_NULLCHECK_ONE(nssContext);
nssContext->certSignatureCheck = checkSig;
PKIX_RETURN(CONTEXT);
}
/*
* FUNCTION: pkix_pl_NssContext_GetWincx
* DESCRIPTION:
*
* This function obtains the platform-dependent wincx parameter from the
* context object pointed to by "nssContext", storing the result at "pWincx".
*
* PARAMETERS:
* "nssContext"
* The address of the context object whose wincx parameter is to be
* obtained. Must be non-NULL.
* "pWincx"
* The address where the result is stored. Must be non-NULL.
* THREAD SAFETY:
* Thread Safe (see Thread Safety Definitions in Programmer's Guide)
* RETURNS:
* Returns NULL if the function succeeds.
* Returns a Fatal Error if the function fails in an unrecoverable way.
*/
PKIX_Error *
pkix_pl_NssContext_GetWincx(
PKIX_PL_NssContext *nssContext,
void **pWincx)
{
void *plContext = NULL;
PKIX_PL_NssContext *context = NULL;
PKIX_ENTER(CONTEXT, "pkix_pl_NssContext_GetWincx");
PKIX_NULLCHECK_TWO(nssContext, pWincx);
context = (PKIX_PL_NssContext *)nssContext;
*pWincx = context->wincx;
PKIX_RETURN(CONTEXT);
}
/*
* FUNCTION: pkix_pl_NssContext_SetWincx
* DESCRIPTION:
*
* This function sets the platform-dependent wincx parameter in the context
* object pointed to by "nssContext" to the value provided in "wincx".
*
* PARAMETERS:
* "wincx"
* Platform-dependent value to be stored.
* "nssContext"
* The address of the context object whose wincx parameter is to be
* obtained. Must be non-NULL.
* THREAD SAFETY:
* Thread Safe (see Thread Safety Definitions in Programmer's Guide)
* RETURNS:
* Returns NULL if the function succeeds.
* Returns a Fatal Error if the function fails in an unrecoverable way.
*/
PKIX_Error *
pkix_pl_NssContext_SetWincx(
void *wincx,
PKIX_PL_NssContext *nssContext)
{
void *plContext = NULL;
PKIX_ENTER(CONTEXT, "pkix_pl_NssContext_SetWincx");
PKIX_NULLCHECK_ONE(nssContext);
nssContext->wincx = wincx;
PKIX_RETURN(CONTEXT);
}
/*
* FUNCTION: PKIX_PL_NssContext_SetTimeout
* DESCRIPTION:
*
* Sets user defined socket timeout for the validation
* session. Default is 60 seconds.
*
*/
PKIX_Error *
PKIX_PL_NssContext_SetTimeout(PKIX_UInt32 timeout,
PKIX_PL_NssContext *nssContext)
{
void *plContext = NULL;
PKIX_ENTER(CONTEXT, "PKIX_PL_NssContext_SetTimeout");
PKIX_NULLCHECK_ONE(nssContext);
nssContext->timeoutSeconds = timeout;
PKIX_RETURN(CONTEXT);
}
/*
* FUNCTION: PKIX_PL_NssContext_SetMaxResponseLen
* DESCRIPTION:
*
* Sets user defined maximum transmission length of a message.
*
*/
PKIX_Error *
PKIX_PL_NssContext_SetMaxResponseLen(PKIX_UInt32 len,
PKIX_PL_NssContext *nssContext)
{
void *plContext = NULL;
PKIX_ENTER(CONTEXT, "PKIX_PL_NssContext_SetMaxResponseLen");
PKIX_NULLCHECK_ONE(nssContext);
nssContext->maxResponseLength = len;
PKIX_RETURN(CONTEXT);
}
/*
* FUNCTION: PKIX_PL_NssContext_SetCrlReloadDelay
* DESCRIPTION:
*
* Sets user defined delay between attempts to load crl using
* CRLDP.
*
*/
PKIX_Error *
PKIX_PL_NssContext_SetCrlReloadDelay(PKIX_UInt32 delay,
PKIX_PL_NssContext *nssContext)
{
void *plContext = NULL;
PKIX_ENTER(CONTEXT, "PKIX_PL_NssContext_SetCrlReloadDelay");
PKIX_NULLCHECK_ONE(nssContext);
nssContext->crlReloadDelay = delay;
PKIX_RETURN(CONTEXT);
}
/*
* FUNCTION: PKIX_PL_NssContext_SetBadDerCrlReloadDelay
* DESCRIPTION:
*
* Sets user defined delay between attempts to load crl that
* failed to decode.
*
*/
PKIX_Error *
PKIX_PL_NssContext_SetBadDerCrlReloadDelay(PKIX_UInt32 delay,
PKIX_PL_NssContext *nssContext)
{
void *plContext = NULL;
PKIX_ENTER(CONTEXT, "PKIX_PL_NssContext_SetBadDerCrlReloadDelay");
PKIX_NULLCHECK_ONE(nssContext);
nssContext->badDerCrlReloadDelay = delay;
PKIX_RETURN(CONTEXT);
}