Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code | Sign in
(55)

Unified Diff: lib/libpkix/pkix/crlsel/pkix_crlselector.c

Issue 201830043: Bug 1118245 - Apply uniform style across NSS
Patch Set: Created 9 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Please Sign in to add in-line comments.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « lib/libpkix/pkix/crlsel/pkix_crlselector.h ('k') | lib/libpkix/pkix/params/pkix_procparams.h » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: lib/libpkix/pkix/crlsel/pkix_crlselector.c
===================================================================
old mode 100755
new mode 100644
--- a/lib/libpkix/pkix/crlsel/pkix_crlselector.c
+++ b/lib/libpkix/pkix/crlsel/pkix_crlselector.c
@@ -11,39 +11,36 @@
#include "pkix_crlselector.h"
/* --CRLSelector Private-Functions-------------------------------------- */
/*
* FUNCTION: pkix_CRLSelector_Destroy
* (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
*/
-static PKIX_Error *
-pkix_CRLSelector_Destroy(
- PKIX_PL_Object *object,
- void *plContext)
-{
- PKIX_CRLSelector *selector = NULL;
+static PKIX_Error *pkix_CRLSelector_Destroy(PKIX_PL_Object *object,
+ void *plContext) {
+ PKIX_CRLSelector *selector = NULL;
- PKIX_ENTER(CRLSELECTOR, "pkix_CRLSelector_Destroy");
- PKIX_NULLCHECK_ONE(object);
+ PKIX_ENTER(CRLSELECTOR, "pkix_CRLSelector_Destroy");
+ PKIX_NULLCHECK_ONE(object);
- PKIX_CHECK(pkix_CheckType(object, PKIX_CRLSELECTOR_TYPE, plContext),
- PKIX_OBJECTNOTCRLSELECTOR);
+ PKIX_CHECK(pkix_CheckType(object, PKIX_CRLSELECTOR_TYPE, plContext),
+ PKIX_OBJECTNOTCRLSELECTOR);
- selector = (PKIX_CRLSelector *)object;
+ selector = (PKIX_CRLSelector *)object;
- selector->matchCallback = NULL;
+ selector->matchCallback = NULL;
- PKIX_DECREF(selector->params);
- PKIX_DECREF(selector->context);
+ PKIX_DECREF(selector->params);
+ PKIX_DECREF(selector->context);
cleanup:
- PKIX_RETURN(CRLSELECTOR);
+ PKIX_RETURN(CRLSELECTOR);
}
/*
* FUNCTION: pkix_CRLSelector_ToString_Helper
*
* DESCRIPTION:
* Helper function that creates a string representation of CRLSelector
* pointed to by "crlParams" and stores its address in the object pointed to
@@ -61,283 +58,241 @@ cleanup:
* Conditionally Thread Safe
* (see Thread Safety Definitions in Programmer's Guide)
*
* RETURNS:
* Returns NULL if the function succeeds.
* Returns a CRLSelector Error if the function fails in a non-fatal way.
* Returns a Fatal Error if the function fails in an unrecoverable way.
*/
-static PKIX_Error *
-pkix_CRLSelector_ToString_Helper(
- PKIX_CRLSelector *crlSelector,
- PKIX_PL_String **pString,
- void *plContext)
-{
- PKIX_PL_String *crlSelectorString = NULL;
- PKIX_PL_String *formatString = NULL;
- PKIX_PL_String *crlParamsString = NULL;
- PKIX_PL_String *crlContextString = NULL;
- char *asciiFormat = NULL;
+static PKIX_Error *pkix_CRLSelector_ToString_Helper(
+ PKIX_CRLSelector *crlSelector, PKIX_PL_String **pString, void *plContext) {
+ PKIX_PL_String *crlSelectorString = NULL;
+ PKIX_PL_String *formatString = NULL;
+ PKIX_PL_String *crlParamsString = NULL;
+ PKIX_PL_String *crlContextString = NULL;
+ char *asciiFormat = NULL;
- PKIX_ENTER(CRLSELECTOR, "pkix_CRLSelector_ToString_Helper");
- PKIX_NULLCHECK_TWO(crlSelector, pString);
- PKIX_NULLCHECK_ONE(crlSelector->params);
+ PKIX_ENTER(CRLSELECTOR, "pkix_CRLSelector_ToString_Helper");
+ PKIX_NULLCHECK_TWO(crlSelector, pString);
+ PKIX_NULLCHECK_ONE(crlSelector->params);
- asciiFormat =
- "\n\t[\n"
- "\tMatchCallback: 0x%x\n"
- "\tParams: %s\n"
- "\tContext: %s\n"
- "\t]\n";
+ asciiFormat =
+ "\n\t[\n"
+ "\tMatchCallback: 0x%x\n"
+ "\tParams: %s\n"
+ "\tContext: %s\n"
+ "\t]\n";
- PKIX_CHECK(PKIX_PL_String_Create
- (PKIX_ESCASCII,
- asciiFormat,
- 0,
- &formatString,
- plContext),
- PKIX_STRINGCREATEFAILED);
+ PKIX_CHECK(PKIX_PL_String_Create(PKIX_ESCASCII, asciiFormat, 0, &formatString,
+ plContext),
+ PKIX_STRINGCREATEFAILED);
- /* Params */
- PKIX_TOSTRING
- ((PKIX_PL_Object *)crlSelector->params,
- &crlParamsString,
- plContext,
- PKIX_COMCRLSELPARAMSTOSTRINGFAILED);
+ /* Params */
+ PKIX_TOSTRING((PKIX_PL_Object *)crlSelector->params, &crlParamsString,
+ plContext, PKIX_COMCRLSELPARAMSTOSTRINGFAILED);
- /* Context */
- PKIX_TOSTRING(crlSelector->context, &crlContextString, plContext,
- PKIX_LISTTOSTRINGFAILED);
+ /* Context */
+ PKIX_TOSTRING(crlSelector->context, &crlContextString, plContext,
+ PKIX_LISTTOSTRINGFAILED);
- PKIX_CHECK(PKIX_PL_Sprintf
- (&crlSelectorString,
- plContext,
- formatString,
- crlSelector->matchCallback,
- crlParamsString,
- crlContextString),
- PKIX_SPRINTFFAILED);
+ PKIX_CHECK(PKIX_PL_Sprintf(&crlSelectorString, plContext, formatString,
+ crlSelector->matchCallback, crlParamsString,
+ crlContextString),
+ PKIX_SPRINTFFAILED);
- *pString = crlSelectorString;
+ *pString = crlSelectorString;
cleanup:
- PKIX_DECREF(crlParamsString);
- PKIX_DECREF(crlContextString);
- PKIX_DECREF(formatString);
+ PKIX_DECREF(crlParamsString);
+ PKIX_DECREF(crlContextString);
+ PKIX_DECREF(formatString);
- PKIX_RETURN(CRLSELECTOR);
+ PKIX_RETURN(CRLSELECTOR);
}
/*
* FUNCTION: pkix_CRLSelector_ToString
* (see comments for PKIX_PL_ToStringCallback in pkix_pl_system.h)
*/
-static PKIX_Error *
-pkix_CRLSelector_ToString(
- PKIX_PL_Object *object,
- PKIX_PL_String **pString,
- void *plContext)
-{
- PKIX_PL_String *crlSelectorString = NULL;
- PKIX_CRLSelector *crlSelector = NULL;
+static PKIX_Error *pkix_CRLSelector_ToString(PKIX_PL_Object *object,
+ PKIX_PL_String **pString,
+ void *plContext) {
+ PKIX_PL_String *crlSelectorString = NULL;
+ PKIX_CRLSelector *crlSelector = NULL;
- PKIX_ENTER(CRLSELECTOR, "pkix_CRLSelector_ToString");
- PKIX_NULLCHECK_TWO(object, pString);
+ PKIX_ENTER(CRLSELECTOR, "pkix_CRLSelector_ToString");
+ PKIX_NULLCHECK_TWO(object, pString);
- PKIX_CHECK(pkix_CheckType(object, PKIX_CRLSELECTOR_TYPE, plContext),
- PKIX_OBJECTNOTCRLSELECTOR);
+ PKIX_CHECK(pkix_CheckType(object, PKIX_CRLSELECTOR_TYPE, plContext),
+ PKIX_OBJECTNOTCRLSELECTOR);
- crlSelector = (PKIX_CRLSelector *) object;
+ crlSelector = (PKIX_CRLSelector *)object;
- PKIX_CHECK(pkix_CRLSelector_ToString_Helper
- (crlSelector, &crlSelectorString, plContext),
- PKIX_CRLSELECTORTOSTRINGHELPERFAILED);
+ PKIX_CHECK(pkix_CRLSelector_ToString_Helper(crlSelector, &crlSelectorString,
+ plContext),
+ PKIX_CRLSELECTORTOSTRINGHELPERFAILED);
- *pString = crlSelectorString;
+ *pString = crlSelectorString;
cleanup:
- PKIX_RETURN(CRLSELECTOR);
+ PKIX_RETURN(CRLSELECTOR);
}
/*
* FUNCTION: pkix_CRLSelector_Hashcode
* (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
*/
-static PKIX_Error *
-pkix_CRLSelector_Hashcode(
- PKIX_PL_Object *object,
- PKIX_UInt32 *pHashcode,
- void *plContext)
-{
- PKIX_UInt32 paramsHash = 0;
- PKIX_UInt32 contextHash = 0;
- PKIX_UInt32 hash = 0;
+static PKIX_Error *pkix_CRLSelector_Hashcode(PKIX_PL_Object *object,
+ PKIX_UInt32 *pHashcode,
+ void *plContext) {
+ PKIX_UInt32 paramsHash = 0;
+ PKIX_UInt32 contextHash = 0;
+ PKIX_UInt32 hash = 0;
- PKIX_CRLSelector *crlSelector = NULL;
+ PKIX_CRLSelector *crlSelector = NULL;
- PKIX_ENTER(CRLSELECTOR, "pkix_CRLSelector_Hashcode");
- PKIX_NULLCHECK_TWO(object, pHashcode);
+ PKIX_ENTER(CRLSELECTOR, "pkix_CRLSelector_Hashcode");
+ PKIX_NULLCHECK_TWO(object, pHashcode);
- PKIX_CHECK(pkix_CheckType(object, PKIX_CRLSELECTOR_TYPE, plContext),
- PKIX_OBJECTNOTCRLSELECTOR);
+ PKIX_CHECK(pkix_CheckType(object, PKIX_CRLSELECTOR_TYPE, plContext),
+ PKIX_OBJECTNOTCRLSELECTOR);
- crlSelector = (PKIX_CRLSelector *)object;
+ crlSelector = (PKIX_CRLSelector *)object;
- PKIX_HASHCODE(crlSelector->params, &paramsHash, plContext,
+ PKIX_HASHCODE(crlSelector->params, &paramsHash, plContext,
PKIX_OBJECTHASHCODEFAILED);
- PKIX_HASHCODE(crlSelector->context, &contextHash, plContext,
+ PKIX_HASHCODE(crlSelector->context, &contextHash, plContext,
PKIX_OBJECTHASHCODEFAILED);
- hash = 31 * ((PKIX_UInt32)crlSelector->matchCallback +
- (contextHash << 3)) + paramsHash;
+ hash = 31 * ((PKIX_UInt32)crlSelector->matchCallback + (contextHash << 3)) +
+ paramsHash;
- *pHashcode = hash;
+ *pHashcode = hash;
cleanup:
- PKIX_RETURN(CRLSELECTOR);
+ PKIX_RETURN(CRLSELECTOR);
}
/*
* FUNCTION: pkix_CRLSelector_Equals
* (see comments for PKIX_PL_Equals_Callback in pkix_pl_system.h)
*/
-static PKIX_Error *
-pkix_CRLSelector_Equals(
- PKIX_PL_Object *firstObject,
- PKIX_PL_Object *secondObject,
- PKIX_Boolean *pResult,
- void *plContext)
-{
- PKIX_CRLSelector *firstCrlSelector = NULL;
- PKIX_CRLSelector *secondCrlSelector = NULL;
- PKIX_UInt32 secondType;
- PKIX_Boolean cmpResult = PKIX_FALSE;
+static PKIX_Error *pkix_CRLSelector_Equals(PKIX_PL_Object *firstObject,
+ PKIX_PL_Object *secondObject,
+ PKIX_Boolean *pResult,
+ void *plContext) {
+ PKIX_CRLSelector *firstCrlSelector = NULL;
+ PKIX_CRLSelector *secondCrlSelector = NULL;
+ PKIX_UInt32 secondType;
+ PKIX_Boolean cmpResult = PKIX_FALSE;
- PKIX_ENTER(CRLSELECTOR, "pkix_CRLSelector_Equals");
- PKIX_NULLCHECK_THREE(firstObject, secondObject, pResult);
+ PKIX_ENTER(CRLSELECTOR, "pkix_CRLSelector_Equals");
+ PKIX_NULLCHECK_THREE(firstObject, secondObject, pResult);
- /* test that firstObject is a CRLSelector */
- PKIX_CHECK(pkix_CheckType
- (firstObject, PKIX_CRLSELECTOR_TYPE, plContext),
- PKIX_FIRSTOBJECTNOTCRLSELECTOR);
+ /* test that firstObject is a CRLSelector */
+ PKIX_CHECK(pkix_CheckType(firstObject, PKIX_CRLSELECTOR_TYPE, plContext),
+ PKIX_FIRSTOBJECTNOTCRLSELECTOR);
- firstCrlSelector = (PKIX_CRLSelector *)firstObject;
- secondCrlSelector = (PKIX_CRLSelector *)secondObject;
+ firstCrlSelector = (PKIX_CRLSelector *)firstObject;
+ secondCrlSelector = (PKIX_CRLSelector *)secondObject;
- /*
- * Since we know firstObject is a CRLSelector, if both references are
- * identical, they must be equal
- */
- if (firstCrlSelector == secondCrlSelector){
- *pResult = PKIX_TRUE;
- goto cleanup;
- }
+ /*
+ * Since we know firstObject is a CRLSelector, if both references are
+ * identical, they must be equal
+ */
+ if (firstCrlSelector == secondCrlSelector) {
+ *pResult = PKIX_TRUE;
+ goto cleanup;
+ }
- /*
- * If secondCRLSelector isn't a CRLSelector, we don't throw an error.
- * We simply return a Boolean result of FALSE
- */
- *pResult = PKIX_FALSE;
- PKIX_CHECK(PKIX_PL_Object_GetType
- ((PKIX_PL_Object *)secondCrlSelector,
- &secondType,
- plContext),
- PKIX_COULDNOTGETTYPEOFSECONDARGUMENT);
+ /*
+ * If secondCRLSelector isn't a CRLSelector, we don't throw an error.
+ * We simply return a Boolean result of FALSE
+ */
+ *pResult = PKIX_FALSE;
+ PKIX_CHECK(PKIX_PL_Object_GetType((PKIX_PL_Object *)secondCrlSelector,
+ &secondType, plContext),
+ PKIX_COULDNOTGETTYPEOFSECONDARGUMENT);
- if (secondType != PKIX_CRLSELECTOR_TYPE) {
- goto cleanup;
- }
+ if (secondType != PKIX_CRLSELECTOR_TYPE) {
+ goto cleanup;
+ }
- /* Compare MatchCallback address */
- cmpResult = (firstCrlSelector->matchCallback ==
- secondCrlSelector->matchCallback);
+ /* Compare MatchCallback address */
+ cmpResult =
+ (firstCrlSelector->matchCallback == secondCrlSelector->matchCallback);
- if (cmpResult == PKIX_FALSE) {
- goto cleanup;
- }
+ if (cmpResult == PKIX_FALSE) {
+ goto cleanup;
+ }
- /* Compare Common CRL Selector Params */
- PKIX_EQUALS
- (firstCrlSelector->params,
- secondCrlSelector->params,
- &cmpResult,
- plContext,
- PKIX_COMCRLSELPARAMSEQUALSFAILED);
+ /* Compare Common CRL Selector Params */
+ PKIX_EQUALS(firstCrlSelector->params, secondCrlSelector->params, &cmpResult,
+ plContext, PKIX_COMCRLSELPARAMSEQUALSFAILED);
+ if (cmpResult == PKIX_FALSE) {
+ goto cleanup;
+ }
- if (cmpResult == PKIX_FALSE) {
- goto cleanup;
- }
+ /* Compare Context */
+ PKIX_EQUALS(firstCrlSelector->context, secondCrlSelector->context, &cmpResult,
+ plContext, PKIX_COMCRLSELPARAMSEQUALSFAILED);
- /* Compare Context */
- PKIX_EQUALS
- (firstCrlSelector->context,
- secondCrlSelector->context,
- &cmpResult,
- plContext,
- PKIX_COMCRLSELPARAMSEQUALSFAILED);
-
- *pResult = cmpResult;
+ *pResult = cmpResult;
cleanup:
- PKIX_RETURN(CRLSELECTOR);
+ PKIX_RETURN(CRLSELECTOR);
}
/*
* FUNCTION: pkix_CRLSelector_Duplicate
* (see comments for PKIX_PL_Duplicate_Callback in pkix_pl_system.h)
*/
-static PKIX_Error *
-pkix_CRLSelector_Duplicate(
- PKIX_PL_Object *object,
- PKIX_PL_Object **pNewObject,
- void *plContext)
-{
- PKIX_CRLSelector *old;
- PKIX_CRLSelector *new = NULL;
+static PKIX_Error *pkix_CRLSelector_Duplicate(PKIX_PL_Object *object,
+ PKIX_PL_Object **pNewObject,
+ void *plContext) {
+ PKIX_CRLSelector *old;
+ PKIX_CRLSelector *new = NULL;
- PKIX_ENTER(CRLSELECTOR, "pkix_CRLSelector_Duplicate");
- PKIX_NULLCHECK_TWO(object, pNewObject);
+ PKIX_ENTER(CRLSELECTOR, "pkix_CRLSelector_Duplicate");
+ PKIX_NULLCHECK_TWO(object, pNewObject);
- PKIX_CHECK(pkix_CheckType
- (object, PKIX_CRLSELECTOR_TYPE, plContext),
- PKIX_OBJECTNOTCRLSELECTOR);
+ PKIX_CHECK(pkix_CheckType(object, PKIX_CRLSELECTOR_TYPE, plContext),
+ PKIX_OBJECTNOTCRLSELECTOR);
- old = (PKIX_CRLSelector *)object;
+ old = (PKIX_CRLSelector *)object;
- PKIX_CHECK(PKIX_PL_Object_Alloc
- (PKIX_CRLSELECTOR_TYPE,
- (PKIX_UInt32)(sizeof (PKIX_CRLSelector)),
- (PKIX_PL_Object **)&new,
- plContext),
- PKIX_CREATECRLSELECTORDUPLICATEOBJECTFAILED);
+ PKIX_CHECK(PKIX_PL_Object_Alloc(PKIX_CRLSELECTOR_TYPE,
+ (PKIX_UInt32)(sizeof(PKIX_CRLSelector)),
+ (PKIX_PL_Object **)&new, plContext),
+ PKIX_CREATECRLSELECTORDUPLICATEOBJECTFAILED);
- new->matchCallback = old->matchCallback;
+ new->matchCallback = old->matchCallback;
- PKIX_DUPLICATE(old->params, &new->params, plContext,
- PKIX_OBJECTDUPLICATEPARAMSFAILED);
+ PKIX_DUPLICATE(old->params, &new->params, plContext,
+ PKIX_OBJECTDUPLICATEPARAMSFAILED);
- PKIX_DUPLICATE(old->context, &new->context, plContext,
- PKIX_OBJECTDUPLICATECONTEXTFAILED);
+ PKIX_DUPLICATE(old->context, &new->context, plContext,
+ PKIX_OBJECTDUPLICATECONTEXTFAILED);
- *pNewObject = (PKIX_PL_Object *)new;
+ *pNewObject = (PKIX_PL_Object *)new;
cleanup:
- if (PKIX_ERROR_RECEIVED){
- PKIX_DECREF(new);
- }
+ if (PKIX_ERROR_RECEIVED) {
+ PKIX_DECREF(new);
+ }
- PKIX_RETURN(CRLSELECTOR);
+ PKIX_RETURN(CRLSELECTOR);
}
/*
* FUNCTION: pkix_CRLSelector_DefaultMatch
*
* DESCRIPTION:
* This function compares the parameter values (Issuer, date, and CRL number)
* set in the ComCRLSelParams of the CRLSelector pointed to by "selector" with
@@ -361,426 +316,371 @@ cleanup:
* Conditionally Thread Safe
* (see Thread Safety Definitions in Programmer's Guide)
*
* RETURNS:
* Returns NULL if the function succeeds.
* Returns a CRLSelector Error if the function fails in a non-fatal way.
* Returns a Fatal Error if the function fails in an unrecoverable way.
*/
-static PKIX_Error *
-pkix_CRLSelector_DefaultMatch(
- PKIX_CRLSelector *selector,
- PKIX_PL_CRL *crl,
- PKIX_Boolean *pMatch,
- void *plContext)
-{
- PKIX_ComCRLSelParams *params = NULL;
- PKIX_PL_X500Name *crlIssuerName = NULL;
- PKIX_PL_X500Name *issuerName = NULL;
- PKIX_List *selIssuerNames = NULL;
- PKIX_PL_Date *selDate = NULL;
- PKIX_Boolean result = PKIX_TRUE;
- PKIX_UInt32 numIssuers = 0;
- PKIX_UInt32 i;
- PKIX_PL_BigInt *minCRLNumber = NULL;
- PKIX_PL_BigInt *maxCRLNumber = NULL;
- PKIX_PL_BigInt *crlNumber = NULL;
- PKIX_Boolean nistPolicyEnabled = PKIX_FALSE;
+static PKIX_Error *pkix_CRLSelector_DefaultMatch(PKIX_CRLSelector *selector,
+ PKIX_PL_CRL *crl,
+ PKIX_Boolean *pMatch,
+ void *plContext) {
+ PKIX_ComCRLSelParams *params = NULL;
+ PKIX_PL_X500Name *crlIssuerName = NULL;
+ PKIX_PL_X500Name *issuerName = NULL;
+ PKIX_List *selIssuerNames = NULL;
+ PKIX_PL_Date *selDate = NULL;
+ PKIX_Boolean result = PKIX_TRUE;
+ PKIX_UInt32 numIssuers = 0;
+ PKIX_UInt32 i;
+ PKIX_PL_BigInt *minCRLNumber = NULL;
+ PKIX_PL_BigInt *maxCRLNumber = NULL;
+ PKIX_PL_BigInt *crlNumber = NULL;
+ PKIX_Boolean nistPolicyEnabled = PKIX_FALSE;
- PKIX_ENTER(CRLSELECTOR, "pkix_CRLSelector_DefaultMatch");
- PKIX_NULLCHECK_TWO(selector, crl);
+ PKIX_ENTER(CRLSELECTOR, "pkix_CRLSelector_DefaultMatch");
+ PKIX_NULLCHECK_TWO(selector, crl);
- *pMatch = PKIX_TRUE;
- params = selector->params;
+ *pMatch = PKIX_TRUE;
+ params = selector->params;
- /* No matching parameter provided, just a match */
- if (params == NULL) {
- goto cleanup;
- }
+ /* No matching parameter provided, just a match */
+ if (params == NULL) {
+ goto cleanup;
+ }
- PKIX_CHECK(PKIX_ComCRLSelParams_GetIssuerNames
- (params, &selIssuerNames, plContext),
- PKIX_COMCRLSELPARAMSGETISSUERNAMESFAILED);
+ PKIX_CHECK(
+ PKIX_ComCRLSelParams_GetIssuerNames(params, &selIssuerNames, plContext),
+ PKIX_COMCRLSELPARAMSGETISSUERNAMESFAILED);
- /* Check for Issuers */
- if (selIssuerNames != NULL){
+ /* Check for Issuers */
+ if (selIssuerNames != NULL) {
- result = PKIX_FALSE;
+ result = PKIX_FALSE;
- PKIX_CHECK(PKIX_PL_CRL_GetIssuer
- (crl, &crlIssuerName, plContext),
- PKIX_CRLGETISSUERFAILED);
+ PKIX_CHECK(PKIX_PL_CRL_GetIssuer(crl, &crlIssuerName, plContext),
+ PKIX_CRLGETISSUERFAILED);
- PKIX_CHECK(PKIX_List_GetLength
- (selIssuerNames, &numIssuers, plContext),
- PKIX_LISTGETLENGTHFAILED);
+ PKIX_CHECK(PKIX_List_GetLength(selIssuerNames, &numIssuers, plContext),
+ PKIX_LISTGETLENGTHFAILED);
- for (i = 0; i < numIssuers; i++){
+ for (i = 0; i < numIssuers; i++) {
- PKIX_CHECK(PKIX_List_GetItem
- (selIssuerNames,
- i,
- (PKIX_PL_Object **)&issuerName,
- plContext),
- PKIX_LISTGETITEMFAILED);
+ PKIX_CHECK(PKIX_List_GetItem(selIssuerNames, i,
+ (PKIX_PL_Object **)&issuerName, plContext),
+ PKIX_LISTGETITEMFAILED);
- PKIX_CHECK(PKIX_PL_X500Name_Match
- (crlIssuerName,
- issuerName,
- &result,
- plContext),
- PKIX_X500NAMEMATCHFAILED);
+ PKIX_CHECK(
+ PKIX_PL_X500Name_Match(crlIssuerName, issuerName, &result, plContext),
+ PKIX_X500NAMEMATCHFAILED);
- PKIX_DECREF(issuerName);
+ PKIX_DECREF(issuerName);
- if (result == PKIX_TRUE) {
- break;
- }
- }
+ if (result == PKIX_TRUE) {
+ break;
+ }
+ }
- if (result == PKIX_FALSE) {
- PKIX_CRLSELECTOR_DEBUG("Issuer Match Failed\N");
- *pMatch = PKIX_FALSE;
- goto cleanup;
- }
+ if (result == PKIX_FALSE) {
+ PKIX_CRLSELECTOR_DEBUG("Issuer Match Failed\N");
+ *pMatch = PKIX_FALSE;
+ goto cleanup;
+ }
+ }
- }
+ PKIX_CHECK(PKIX_ComCRLSelParams_GetDateAndTime(params, &selDate, plContext),
+ PKIX_COMCRLSELPARAMSGETDATEANDTIMEFAILED);
- PKIX_CHECK(PKIX_ComCRLSelParams_GetDateAndTime
- (params, &selDate, plContext),
- PKIX_COMCRLSELPARAMSGETDATEANDTIMEFAILED);
+ /* Check for Date */
+ if (selDate != NULL) {
- /* Check for Date */
- if (selDate != NULL){
+ PKIX_CHECK(PKIX_ComCRLSelParams_GetNISTPolicyEnabled(
+ params, &nistPolicyEnabled, plContext),
+ PKIX_COMCRLSELPARAMSGETNISTPOLICYENABLEDFAILED);
- PKIX_CHECK(PKIX_ComCRLSelParams_GetNISTPolicyEnabled
- (params, &nistPolicyEnabled, plContext),
- PKIX_COMCRLSELPARAMSGETNISTPOLICYENABLEDFAILED);
+ /* check crl dates only for if NIST policies enforced */
+ if (nistPolicyEnabled) {
+ result = PKIX_FALSE;
- /* check crl dates only for if NIST policies enforced */
- if (nistPolicyEnabled) {
- result = PKIX_FALSE;
-
- PKIX_CHECK(PKIX_PL_CRL_VerifyUpdateTime
- (crl, selDate, &result, plContext),
- PKIX_CRLVERIFYUPDATETIMEFAILED);
-
- if (result == PKIX_FALSE) {
- *pMatch = PKIX_FALSE;
- goto cleanup;
- }
- }
+ PKIX_CHECK(PKIX_PL_CRL_VerifyUpdateTime(crl, selDate, &result, plContext),
+ PKIX_CRLVERIFYUPDATETIMEFAILED);
- }
+ if (result == PKIX_FALSE) {
+ *pMatch = PKIX_FALSE;
+ goto cleanup;
+ }
+ }
+ }
- /* Check for CRL number in range */
- PKIX_CHECK(PKIX_PL_CRL_GetCRLNumber(crl, &crlNumber, plContext),
- PKIX_CRLGETCRLNUMBERFAILED);
+ /* Check for CRL number in range */
+ PKIX_CHECK(PKIX_PL_CRL_GetCRLNumber(crl, &crlNumber, plContext),
+ PKIX_CRLGETCRLNUMBERFAILED);
- if (crlNumber != NULL) {
- result = PKIX_FALSE;
+ if (crlNumber != NULL) {
+ result = PKIX_FALSE;
- PKIX_CHECK(PKIX_ComCRLSelParams_GetMinCRLNumber
- (params, &minCRLNumber, plContext),
- PKIX_COMCRLSELPARAMSGETMINCRLNUMBERFAILED);
+ PKIX_CHECK(
+ PKIX_ComCRLSelParams_GetMinCRLNumber(params, &minCRLNumber, plContext),
+ PKIX_COMCRLSELPARAMSGETMINCRLNUMBERFAILED);
- if (minCRLNumber != NULL) {
+ if (minCRLNumber != NULL) {
- PKIX_CHECK(PKIX_PL_Object_Compare
- ((PKIX_PL_Object *)minCRLNumber,
- (PKIX_PL_Object *)crlNumber,
- &result,
- plContext),
- PKIX_OBJECTCOMPARATORFAILED);
+ PKIX_CHECK(PKIX_PL_Object_Compare((PKIX_PL_Object *)minCRLNumber,
+ (PKIX_PL_Object *)crlNumber, &result,
+ plContext),
+ PKIX_OBJECTCOMPARATORFAILED);
- if (result == 1) {
- PKIX_CRLSELECTOR_DEBUG
- ("CRL MinNumber Range Match Failed\n");
- *pMatch = PKIX_FALSE;
- goto cleanup;
- }
- }
+ if (result == 1) {
+ PKIX_CRLSELECTOR_DEBUG("CRL MinNumber Range Match Failed\n");
+ *pMatch = PKIX_FALSE;
+ goto cleanup;
+ }
+ }
- PKIX_CHECK(PKIX_ComCRLSelParams_GetMaxCRLNumber
- (params, &maxCRLNumber, plContext),
- PKIX_COMCRLSELPARAMSGETMAXCRLNUMBERFAILED);
+ PKIX_CHECK(
+ PKIX_ComCRLSelParams_GetMaxCRLNumber(params, &maxCRLNumber, plContext),
+ PKIX_COMCRLSELPARAMSGETMAXCRLNUMBERFAILED);
- if (maxCRLNumber != NULL) {
+ if (maxCRLNumber != NULL) {
- PKIX_CHECK(PKIX_PL_Object_Compare
- ((PKIX_PL_Object *)crlNumber,
- (PKIX_PL_Object *)maxCRLNumber,
- &result,
- plContext),
- PKIX_OBJECTCOMPARATORFAILED);
+ PKIX_CHECK(PKIX_PL_Object_Compare((PKIX_PL_Object *)crlNumber,
+ (PKIX_PL_Object *)maxCRLNumber, &result,
+ plContext),
+ PKIX_OBJECTCOMPARATORFAILED);
- if (result == 1) {
- PKIX_CRLSELECTOR_DEBUG
- (PKIX_CRLMAXNUMBERRANGEMATCHFAILED);
- *pMatch = PKIX_FALSE;
- goto cleanup;
- }
- }
- }
+ if (result == 1) {
+ PKIX_CRLSELECTOR_DEBUG(PKIX_CRLMAXNUMBERRANGEMATCHFAILED);
+ *pMatch = PKIX_FALSE;
+ goto cleanup;
+ }
+ }
+ }
cleanup:
- PKIX_DECREF(selIssuerNames);
- PKIX_DECREF(selDate);
- PKIX_DECREF(crlIssuerName);
- PKIX_DECREF(issuerName);
- PKIX_DECREF(crlNumber);
- PKIX_DECREF(minCRLNumber);
- PKIX_DECREF(maxCRLNumber);
+ PKIX_DECREF(selIssuerNames);
+ PKIX_DECREF(selDate);
+ PKIX_DECREF(crlIssuerName);
+ PKIX_DECREF(issuerName);
+ PKIX_DECREF(crlNumber);
+ PKIX_DECREF(minCRLNumber);
+ PKIX_DECREF(maxCRLNumber);
- PKIX_RETURN(CRLSELECTOR);
+ PKIX_RETURN(CRLSELECTOR);
}
/*
* FUNCTION: pkix_CRLSelector_RegisterSelf
* DESCRIPTION:
* Registers PKIX_CRLSELECTOR_TYPE and its related functions with
* systemClasses[]
* THREAD SAFETY:
* Not Thread Safe - for performance and complexity reasons
*
* Since this function is only called by PKIX_PL_Initialize, which should
* only be called once, it is acceptable that this function is not
* thread-safe.
*/
-PKIX_Error *
-pkix_CRLSelector_RegisterSelf(void *plContext)
-{
- extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
- pkix_ClassTable_Entry entry;
+PKIX_Error *pkix_CRLSelector_RegisterSelf(void *plContext) {
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry entry;
- PKIX_ENTER(CRLSELECTOR, "pkix_CRLSelector_RegisterSelf");
+ PKIX_ENTER(CRLSELECTOR, "pkix_CRLSelector_RegisterSelf");
- entry.description = "CRLSelector";
- entry.objCounter = 0;
- entry.typeObjectSize = sizeof(PKIX_CRLSelector);
- entry.destructor = pkix_CRLSelector_Destroy;
- entry.equalsFunction = pkix_CRLSelector_Equals;
- entry.hashcodeFunction = pkix_CRLSelector_Hashcode;
- entry.toStringFunction = pkix_CRLSelector_ToString;
- entry.comparator = NULL;
- entry.duplicateFunction = pkix_CRLSelector_Duplicate;
+ entry.description = "CRLSelector";
+ entry.objCounter = 0;
+ entry.typeObjectSize = sizeof(PKIX_CRLSelector);
+ entry.destructor = pkix_CRLSelector_Destroy;
+ entry.equalsFunction = pkix_CRLSelector_Equals;
+ entry.hashcodeFunction = pkix_CRLSelector_Hashcode;
+ entry.toStringFunction = pkix_CRLSelector_ToString;
+ entry.comparator = NULL;
+ entry.duplicateFunction = pkix_CRLSelector_Duplicate;
- systemClasses[PKIX_CRLSELECTOR_TYPE] = entry;
+ systemClasses[PKIX_CRLSELECTOR_TYPE] = entry;
- PKIX_RETURN(CRLSELECTOR);
+ PKIX_RETURN(CRLSELECTOR);
}
/* --CRLSelector-Public-Functions---------------------------------------- */
-PKIX_Error *
-pkix_CRLSelector_Create(
- PKIX_CRLSelector_MatchCallback callback,
- PKIX_PL_Object *crlSelectorContext,
- PKIX_CRLSelector **pSelector,
- void *plContext)
-{
- PKIX_CRLSelector *selector = NULL;
+PKIX_Error *pkix_CRLSelector_Create(PKIX_CRLSelector_MatchCallback callback,
+ PKIX_PL_Object *crlSelectorContext,
+ PKIX_CRLSelector **pSelector,
+ void *plContext) {
+ PKIX_CRLSelector *selector = NULL;
- PKIX_ENTER(CRLSELECTOR, "PKIX_CRLSelector_Create");
- PKIX_NULLCHECK_ONE(pSelector);
+ PKIX_ENTER(CRLSELECTOR, "PKIX_CRLSelector_Create");
+ PKIX_NULLCHECK_ONE(pSelector);
- PKIX_CHECK(PKIX_PL_Object_Alloc
- (PKIX_CRLSELECTOR_TYPE,
- sizeof (PKIX_CRLSelector),
- (PKIX_PL_Object **)&selector,
- plContext),
- PKIX_COULDNOTCREATECRLSELECTOROBJECT);
+ PKIX_CHECK(
+ PKIX_PL_Object_Alloc(PKIX_CRLSELECTOR_TYPE, sizeof(PKIX_CRLSelector),
+ (PKIX_PL_Object **)&selector, plContext),
+ PKIX_COULDNOTCREATECRLSELECTOROBJECT);
- /*
- * if user specified a particular match callback, we use that one.
- * otherwise, we use the default match provided.
- */
+ /*
+ * if user specified a particular match callback, we use that one.
+ * otherwise, we use the default match provided.
+ */
- if (callback != NULL){
- selector->matchCallback = callback;
- } else {
- selector->matchCallback = pkix_CRLSelector_DefaultMatch;
- }
+ if (callback != NULL) {
+ selector->matchCallback = callback;
+ } else {
+ selector->matchCallback = pkix_CRLSelector_DefaultMatch;
+ }
- /* initialize other fields */
- selector->params = NULL;
+ /* initialize other fields */
+ selector->params = NULL;
- PKIX_INCREF(crlSelectorContext);
- selector->context = crlSelectorContext;
+ PKIX_INCREF(crlSelectorContext);
+ selector->context = crlSelectorContext;
- *pSelector = selector;
- selector = NULL;
+ *pSelector = selector;
+ selector = NULL;
cleanup:
- PKIX_DECREF(selector);
+ PKIX_DECREF(selector);
- PKIX_RETURN(CRLSELECTOR);
+ PKIX_RETURN(CRLSELECTOR);
}
/*
* FUNCTION: PKIX_CRLSelector_Create (see comments in pkix_crlsel.h)
*/
-PKIX_Error *
-PKIX_CRLSelector_Create(
- PKIX_PL_Cert *issuer,
- PKIX_List *crldpList,
- PKIX_PL_Date *date,
- PKIX_CRLSelector **pCrlSelector,
- void *plContext)
-{
- PKIX_PL_X500Name *issuerName = NULL;
- PKIX_PL_Date *nowDate = NULL;
- PKIX_ComCRLSelParams *comCrlSelParams = NULL;
- PKIX_CRLSelector *crlSelector = NULL;
+PKIX_Error *PKIX_CRLSelector_Create(PKIX_PL_Cert *issuer, PKIX_List *crldpList,
+ PKIX_PL_Date *date,
+ PKIX_CRLSelector **pCrlSelector,
+ void *plContext) {
+ PKIX_PL_X500Name *issuerName = NULL;
+ PKIX_PL_Date *nowDate = NULL;
+ PKIX_ComCRLSelParams *comCrlSelParams = NULL;
+ PKIX_CRLSelector *crlSelector = NULL;
- PKIX_ENTER(CERTCHAINCHECKER, "PKIX_CrlSelector_Create");
- PKIX_NULLCHECK_ONE(issuer);
+ PKIX_ENTER(CERTCHAINCHECKER, "PKIX_CrlSelector_Create");
+ PKIX_NULLCHECK_ONE(issuer);
- PKIX_CHECK(
- PKIX_PL_Cert_GetSubject(issuer, &issuerName, plContext),
- PKIX_CERTGETISSUERFAILED);
+ PKIX_CHECK(PKIX_PL_Cert_GetSubject(issuer, &issuerName, plContext),
+ PKIX_CERTGETISSUERFAILED);
- if (date != NULL) {
- PKIX_INCREF(date);
- nowDate = date;
- } else {
- PKIX_CHECK(
- PKIX_PL_Date_Create_UTCTime(NULL, &nowDate, plContext),
- PKIX_DATECREATEUTCTIMEFAILED);
- }
+ if (date != NULL) {
+ PKIX_INCREF(date);
+ nowDate = date;
+ } else {
+ PKIX_CHECK(PKIX_PL_Date_Create_UTCTime(NULL, &nowDate, plContext),
+ PKIX_DATECREATEUTCTIMEFAILED);
+ }
- PKIX_CHECK(
- PKIX_ComCRLSelParams_Create(&comCrlSelParams, plContext),
- PKIX_COMCRLSELPARAMSCREATEFAILED);
+ PKIX_CHECK(PKIX_ComCRLSelParams_Create(&comCrlSelParams, plContext),
+ PKIX_COMCRLSELPARAMSCREATEFAILED);
- PKIX_CHECK(
- PKIX_ComCRLSelParams_AddIssuerName(comCrlSelParams, issuerName,
- plContext),
- PKIX_COMCRLSELPARAMSADDISSUERNAMEFAILED);
+ PKIX_CHECK(PKIX_ComCRLSelParams_AddIssuerName(comCrlSelParams, issuerName,
+ plContext),
+ PKIX_COMCRLSELPARAMSADDISSUERNAMEFAILED);
- PKIX_CHECK(
- PKIX_ComCRLSelParams_SetCrlDp(comCrlSelParams, crldpList,
- plContext),
- PKIX_COMCRLSELPARAMSSETCERTFAILED);
+ PKIX_CHECK(
+ PKIX_ComCRLSelParams_SetCrlDp(comCrlSelParams, crldpList, plContext),
+ PKIX_COMCRLSELPARAMSSETCERTFAILED);
- PKIX_CHECK(
- PKIX_ComCRLSelParams_SetDateAndTime(comCrlSelParams, nowDate,
- plContext),
- PKIX_COMCRLSELPARAMSSETDATEANDTIMEFAILED);
+ PKIX_CHECK(
+ PKIX_ComCRLSelParams_SetDateAndTime(comCrlSelParams, nowDate, plContext),
+ PKIX_COMCRLSELPARAMSSETDATEANDTIMEFAILED);
- PKIX_CHECK(
- pkix_CRLSelector_Create(NULL, NULL, &crlSelector, plContext),
- PKIX_CRLSELECTORCREATEFAILED);
+ PKIX_CHECK(pkix_CRLSelector_Create(NULL, NULL, &crlSelector, plContext),
+ PKIX_CRLSELECTORCREATEFAILED);
- PKIX_CHECK(
- PKIX_CRLSelector_SetCommonCRLSelectorParams(crlSelector,
- comCrlSelParams,
- plContext),
- PKIX_CRLSELECTORSETCOMMONCRLSELECTORPARAMSFAILED);
+ PKIX_CHECK(PKIX_CRLSelector_SetCommonCRLSelectorParams(
+ crlSelector, comCrlSelParams, plContext),
+ PKIX_CRLSELECTORSETCOMMONCRLSELECTORPARAMSFAILED);
- *pCrlSelector = crlSelector;
- crlSelector = NULL;
+ *pCrlSelector = crlSelector;
+ crlSelector = NULL;
cleanup:
- PKIX_DECREF(issuerName);
- PKIX_DECREF(nowDate);
- PKIX_DECREF(comCrlSelParams);
- PKIX_DECREF(crlSelector);
+ PKIX_DECREF(issuerName);
+ PKIX_DECREF(nowDate);
+ PKIX_DECREF(comCrlSelParams);
+ PKIX_DECREF(crlSelector);
- PKIX_RETURN(CERTCHAINCHECKER);
+ PKIX_RETURN(CERTCHAINCHECKER);
}
/*
* FUNCTION: PKIX_CRLSelector_GetMatchCallback (see comments in pkix_crlsel.h)
*/
-PKIX_Error *
-PKIX_CRLSelector_GetMatchCallback(
- PKIX_CRLSelector *selector,
- PKIX_CRLSelector_MatchCallback *pCallback,
- void *plContext)
-{
- PKIX_ENTER(CRLSELECTOR, "PKIX_CRLSelector_GetMatchCallback");
- PKIX_NULLCHECK_TWO(selector, pCallback);
+PKIX_Error *PKIX_CRLSelector_GetMatchCallback(
+ PKIX_CRLSelector *selector, PKIX_CRLSelector_MatchCallback *pCallback,
+ void *plContext) {
+ PKIX_ENTER(CRLSELECTOR, "PKIX_CRLSelector_GetMatchCallback");
+ PKIX_NULLCHECK_TWO(selector, pCallback);
- *pCallback = selector->matchCallback;
+ *pCallback = selector->matchCallback;
- PKIX_RETURN(CRLSELECTOR);
+ PKIX_RETURN(CRLSELECTOR);
}
-
/*
* FUNCTION: PKIX_CRLSelector_GetCRLSelectorContext
* (see comments in pkix_crlsel.h)
*/
-PKIX_Error *
-PKIX_CRLSelector_GetCRLSelectorContext(
- PKIX_CRLSelector *selector,
- void **pCrlSelectorContext,
- void *plContext)
-{
- PKIX_ENTER(CRLSELECTOR, "PKIX_CRLSelector_GetCRLSelectorContext");
- PKIX_NULLCHECK_TWO(selector, pCrlSelectorContext);
+PKIX_Error *PKIX_CRLSelector_GetCRLSelectorContext(PKIX_CRLSelector *selector,
+ void **pCrlSelectorContext,
+ void *plContext) {
+ PKIX_ENTER(CRLSELECTOR, "PKIX_CRLSelector_GetCRLSelectorContext");
+ PKIX_NULLCHECK_TWO(selector, pCrlSelectorContext);
- PKIX_INCREF(selector->context);
+ PKIX_INCREF(selector->context);
- *pCrlSelectorContext = selector->context;
+ *pCrlSelectorContext = selector->context;
cleanup:
- PKIX_RETURN(CRLSELECTOR);
+ PKIX_RETURN(CRLSELECTOR);
}
/*
* FUNCTION: PKIX_CRLSelector_GetCommonCRLSelectorParams
* (see comments in pkix_crlsel.h)
*/
-PKIX_Error *
-PKIX_CRLSelector_GetCommonCRLSelectorParams(
- PKIX_CRLSelector *selector,
- PKIX_ComCRLSelParams **pParams,
- void *plContext)
-{
- PKIX_ENTER(CRLSELECTOR, "PKIX_CRLSelector_GetCommonCRLSelectorParams");
- PKIX_NULLCHECK_TWO(selector, pParams);
+PKIX_Error *PKIX_CRLSelector_GetCommonCRLSelectorParams(
+ PKIX_CRLSelector *selector, PKIX_ComCRLSelParams **pParams,
+ void *plContext) {
+ PKIX_ENTER(CRLSELECTOR, "PKIX_CRLSelector_GetCommonCRLSelectorParams");
+ PKIX_NULLCHECK_TWO(selector, pParams);
- PKIX_INCREF(selector->params);
+ PKIX_INCREF(selector->params);
- *pParams = selector->params;
+ *pParams = selector->params;
cleanup:
- PKIX_RETURN(CRLSELECTOR);
+ PKIX_RETURN(CRLSELECTOR);
}
/*
* FUNCTION: PKIX_CRLSelector_SetCommonCRLSelectorParams
* (see comments in pkix_crlsel.h)
*/
-PKIX_Error *
-PKIX_CRLSelector_SetCommonCRLSelectorParams(
- PKIX_CRLSelector *selector,
- PKIX_ComCRLSelParams *params,
- void *plContext)
-{
- PKIX_ENTER(CRLSELECTOR, "PKIX_CRLSelector_SetCommonCRLSelectorParams");
- PKIX_NULLCHECK_TWO(selector, params);
+PKIX_Error *PKIX_CRLSelector_SetCommonCRLSelectorParams(
+ PKIX_CRLSelector *selector, PKIX_ComCRLSelParams *params, void *plContext) {
+ PKIX_ENTER(CRLSELECTOR, "PKIX_CRLSelector_SetCommonCRLSelectorParams");
+ PKIX_NULLCHECK_TWO(selector, params);
- PKIX_DECREF(selector->params);
+ PKIX_DECREF(selector->params);
- PKIX_INCREF(params);
- selector->params = params;
+ PKIX_INCREF(params);
+ selector->params = params;
- PKIX_CHECK(PKIX_PL_Object_InvalidateCache
- ((PKIX_PL_Object *)selector, plContext),
- PKIX_OBJECTINVALIDATECACHEFAILED);
+ PKIX_CHECK(
+ PKIX_PL_Object_InvalidateCache((PKIX_PL_Object *)selector, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
cleanup:
- PKIX_RETURN(CRLSELECTOR);
+ PKIX_RETURN(CRLSELECTOR);
}
/*
* FUNCTION: pkix_CRLSelector_Select
* DESCRIPTION:
*
* This function applies the selector pointed to by "selector" to each CRL,
* in turn, in the List pointed to by "before", and creates a List containing
@@ -801,70 +701,63 @@ cleanup:
* Platform-specific context pointer.
* THREAD SAFETY:
* Thread Safe (see Thread Safety Definitions in Programmer's Guide)
* RETURNS:
* Returns NULL if the function succeeds.
* Returns a CRLSelector Error if the function fails in a non-fatal way.
* Returns a Fatal Error if the function fails in an unrecoverable way.
*/
-PKIX_Error *
-pkix_CRLSelector_Select(
- PKIX_CRLSelector *selector,
- PKIX_List *before,
- PKIX_List **pAfter,
- void *plContext)
-{
- PKIX_Boolean match = PKIX_FALSE;
- PKIX_UInt32 numBefore = 0;
- PKIX_UInt32 i = 0;
- PKIX_List *filtered = NULL;
- PKIX_PL_CRL *candidate = NULL;
+PKIX_Error *pkix_CRLSelector_Select(PKIX_CRLSelector *selector,
+ PKIX_List *before, PKIX_List **pAfter,
+ void *plContext) {
+ PKIX_Boolean match = PKIX_FALSE;
+ PKIX_UInt32 numBefore = 0;
+ PKIX_UInt32 i = 0;
+ PKIX_List *filtered = NULL;
+ PKIX_PL_CRL *candidate = NULL;
- PKIX_ENTER(CRLSELECTOR, "PKIX_CRLSelector_Select");
- PKIX_NULLCHECK_THREE(selector, before, pAfter);
+ PKIX_ENTER(CRLSELECTOR, "PKIX_CRLSelector_Select");
+ PKIX_NULLCHECK_THREE(selector, before, pAfter);
- PKIX_CHECK(PKIX_List_Create(&filtered, plContext),
- PKIX_LISTCREATEFAILED);
+ PKIX_CHECK(PKIX_List_Create(&filtered, plContext), PKIX_LISTCREATEFAILED);
- PKIX_CHECK(PKIX_List_GetLength(before, &numBefore, plContext),
- PKIX_LISTGETLENGTHFAILED);
+ PKIX_CHECK(PKIX_List_GetLength(before, &numBefore, plContext),
+ PKIX_LISTGETLENGTHFAILED);
- for (i = 0; i < numBefore; i++) {
+ for (i = 0; i < numBefore; i++) {
- PKIX_CHECK(PKIX_List_GetItem
- (before, i, (PKIX_PL_Object **)&candidate, plContext),
- PKIX_LISTGETITEMFAILED);
+ PKIX_CHECK(
+ PKIX_List_GetItem(before, i, (PKIX_PL_Object **)&candidate, plContext),
+ PKIX_LISTGETITEMFAILED);
- PKIX_CHECK_ONLY_FATAL(selector->matchCallback
- (selector, candidate, &match, plContext),
- PKIX_CRLSELECTORMATCHCALLBACKFAILED);
+ PKIX_CHECK_ONLY_FATAL(
+ selector->matchCallback(selector, candidate, &match, plContext),
+ PKIX_CRLSELECTORMATCHCALLBACKFAILED);
- if (!(PKIX_ERROR_RECEIVED) && match == PKIX_TRUE) {
+ if (!(PKIX_ERROR_RECEIVED) && match == PKIX_TRUE) {
- PKIX_CHECK_ONLY_FATAL(PKIX_List_AppendItem
- (filtered,
- (PKIX_PL_Object *)candidate,
- plContext),
- PKIX_LISTAPPENDITEMFAILED);
- }
+ PKIX_CHECK_ONLY_FATAL(
+ PKIX_List_AppendItem(filtered, (PKIX_PL_Object *)candidate,
+ plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+ }
- pkixTempErrorReceived = PKIX_FALSE;
- PKIX_DECREF(candidate);
- }
+ pkixTempErrorReceived = PKIX_FALSE;
+ PKIX_DECREF(candidate);
+ }
- PKIX_CHECK(PKIX_List_SetImmutable(filtered, plContext),
- PKIX_LISTSETIMMUTABLEFAILED);
+ PKIX_CHECK(PKIX_List_SetImmutable(filtered, plContext),
+ PKIX_LISTSETIMMUTABLEFAILED);
- /* Don't throw away the list if one CRL was bad! */
- pkixTempErrorReceived = PKIX_FALSE;
+ /* Don't throw away the list if one CRL was bad! */
+ pkixTempErrorReceived = PKIX_FALSE;
- *pAfter = filtered;
- filtered = NULL;
+ *pAfter = filtered;
+ filtered = NULL;
cleanup:
- PKIX_DECREF(filtered);
- PKIX_DECREF(candidate);
+ PKIX_DECREF(filtered);
+ PKIX_DECREF(candidate);
- PKIX_RETURN(CRLSELECTOR);
-
+ PKIX_RETURN(CRLSELECTOR);
}
« no previous file with comments | « lib/libpkix/pkix/crlsel/pkix_crlselector.h ('k') | lib/libpkix/pkix/params/pkix_procparams.h » ('j') | no next file with comments »

Powered by Google App Engine
RSS Feeds Recent Issues | This issue
This is Rietveld f62528b