Activating choice of smart card when new cert is requested

bug# 89972, r=javi, sr=blizzard
2001-08-21 01:12:38 +00:00 · 2001-08-21 01:12:38 +00:00 · 2b6b352f5b
--- a/security/manager/ssl/src/nsKeygenHandler.cpp
+++ b/security/manager/ssl/src/nsKeygenHandler.cpp
@ -207,6 +207,41 @@ nsKeygenFormProcessor::GetSlot(PRUint32 aMechanism, PK11SlotInfo** aSlot)
  return GetSlotWithMechanism(aMechanism,m_ctx,aSlot);
 }

+
+PRUint32 MapGenMechToAlgoMech(PRUint32 mechanism)
+{
+    PRUint32 searchMech;
+
+    /* We are interested in slots based on the ability to perform
+       a given algorithm, not on their ability to generate keys usable
+       by that algorithm. Therefore, map keygen-specific mechanism tags
+       to tags for the corresponding crypto algorthm. */
+    switch(mechanism)
+    {
+    case CKM_RSA_PKCS_KEY_PAIR_GEN:
+        searchMech = CKM_RSA_PKCS;
+        break;
+    case CKM_DSA_KEY_PAIR_GEN:
+        searchMech = CKM_DSA;
+        break;
+    case CKM_RC4_KEY_GEN:
+        searchMech = CKM_RC4;
+        break;
+    case CKM_DH_PKCS_KEY_PAIR_GEN:
+        searchMech = CKM_DH_PKCS_DERIVE; /* ### mwelch  is this right? */
+        break;
+    case CKM_DES_KEY_GEN:
+        /* What do we do about DES keygen? Right now, we're just using
+           DES_KEY_GEN to look for tokens, because otherwise we'll have
+           to search the token list three times. */
+    default:
+        searchMech = mechanism;
+        break;
+    }
+    return searchMech;
+}
+
+
 nsresult
 GetSlotWithMechanism(PRUint32 aMechanism, 
                     nsIInterfaceRequestor *m_ctx,
@ -224,7 +259,7 @@ GetSlotWithMechanism(PRUint32 aMechanism,
    *aSlot = nsnull;

    // Get the slot
-    slotList = PK11_GetAllTokens(aMechanism, 
+    slotList = PK11_GetAllTokens(MapGenMechToAlgoMech(aMechanism), 
                                PR_TRUE, PR_TRUE, m_ctx);
    if (!slotList || !slotList->head) {
        rv = NS_ERROR_FAILURE;
--- a/security/manager/ssl/src/nsNSSCertificate.cpp
+++ b/security/manager/ssl/src/nsNSSCertificate.cpp
@ -32,7 +32,7 @@
 * may use your version of this file under either the MPL or the
 * GPL.
 *
- * $Id: nsNSSCertificate.cpp,v 1.45 2001/08/14 00:01:11 kaie%netscape.com Exp $
+ * $Id: nsNSSCertificate.cpp,v 1.46 2001/08/21 01:12:38 rangansen%netscape.com Exp $
 */

 #include "prmem.h"
@ -630,8 +630,12 @@ nsNSSCertificate::nsNSSCertificate(char *certDER, int derLen) :
              
 {
  NS_INIT_ISUPPORTS();
-
  mCert = CERT_DecodeCertFromPackage(certDER, derLen);
+  if(mCert->dbhandle == nsnull)
+  {
+      mCert->dbhandle = CERT_GetDefaultCertDB();
+  }
+  
 }

 nsNSSCertificate::nsNSSCertificate(CERTCertificate *cert) : 
@ -2700,6 +2704,7 @@ done:
 	        nickname++;
 	        nickname = PL_strdup(nickname);
 	        PR_Free(tmp);
+             tmp = nsnull;
 	      } else {
 	        nickname = tmp;
 	        tmp = NULL;