зеркало из https://github.com/mozilla/gecko-dev.git
Tweaks for JSS 3.1, and get it to build.
This commit is contained in:
Родитель
d49a818ed0
Коммит
6ccb52de5e
|
@ -66,11 +66,8 @@ Java_org_mozilla_jss_CryptoManager_importCRLNative;
|
|||
Java_org_mozilla_jss_CryptoManager_importCertPackageNative;
|
||||
Java_org_mozilla_jss_CryptoManager_importCertToPermNative;
|
||||
Java_org_mozilla_jss_CryptoManager_initializeAllNative;
|
||||
Java_org_mozilla_jss_CryptoManager_initializeNative;
|
||||
Java_org_mozilla_jss_CryptoManager_putModulesInVector;
|
||||
Java_org_mozilla_jss_CryptoManager_setNativePasswordCallback;
|
||||
Java_org_mozilla_jss_NSSInit_initializeNative;
|
||||
Java_org_mozilla_jss_NSSInit_setPasswordCallback;
|
||||
Java_org_mozilla_jss_pkcs11_CertProxy_releaseNativeResources;
|
||||
Java_org_mozilla_jss_pkcs11_CipherContextProxy_releaseNativeResources;
|
||||
Java_org_mozilla_jss_pkcs11_PK11Module_getLibraryName;
|
||||
|
|
|
@ -35,8 +35,7 @@ CORE_DEPTH = ..
|
|||
|
||||
MODULE = jss
|
||||
|
||||
IMPORTS = svrcore/SVRCORE_2_5_1 \
|
||||
security/NSS_2_8_4_RTM \
|
||||
IMPORTS = security/NSS_3_2_RTM\
|
||||
dbm/DBM_1_54 \
|
||||
nspr20/v3.5.1 \
|
||||
$(NULL)
|
||||
|
|
|
@ -44,12 +44,13 @@
|
|||
#include <nspr.h>
|
||||
#include <plstr.h>
|
||||
#include <pkcs11.h>
|
||||
#include <nss.h>
|
||||
#include <ssl.h>
|
||||
|
||||
#include <jssutil.h>
|
||||
#include <java_ids.h>
|
||||
#include <jss_exceptions.h>
|
||||
|
||||
#include "jssinit.h"
|
||||
#include "pk11util.h"
|
||||
|
||||
#if defined(AIX) || defined(HPUX) || defined(LINUX)
|
||||
|
@ -126,9 +127,8 @@ handleSigChild(JNIEnv *env) {
|
|||
#endif
|
||||
|
||||
|
||||
int ConfigureOSCP(
|
||||
int ConfigureOCSP(
|
||||
JNIEnv *env,
|
||||
CERTCertDBHandle *db,
|
||||
jboolean ocspCheckingEnabled,
|
||||
jstring ocspResponderURL,
|
||||
jstring ocspResponderCertNickname )
|
||||
|
@ -137,6 +137,7 @@ int ConfigureOSCP(
|
|||
char *ocspResponderCertNickname_string=NULL;
|
||||
SECStatus status;
|
||||
int result = SECSuccess;
|
||||
CERTCertDBHandle *certdb = CERT_GetDefaultCertDB();
|
||||
|
||||
|
||||
/* if caller specified default responder, get the
|
||||
|
@ -167,14 +168,14 @@ int ConfigureOSCP(
|
|||
|
||||
/* first disable OCSP - we'll enable it later */
|
||||
|
||||
CERT_DisableOCSPChecking(db);
|
||||
CERT_DisableOCSPChecking(certdb);
|
||||
|
||||
/* if they set the default responder, then set it up
|
||||
* and enable it
|
||||
*/
|
||||
if (ocspResponderURL) {
|
||||
status =
|
||||
CERT_SetOCSPDefaultResponder( db,
|
||||
CERT_SetOCSPDefaultResponder( certdb,
|
||||
ocspResponderURL_string,
|
||||
ocspResponderCertNickname_string
|
||||
);
|
||||
|
@ -185,18 +186,18 @@ int ConfigureOSCP(
|
|||
result = SECFailure;
|
||||
goto loser;
|
||||
}
|
||||
CERT_EnableOCSPDefaultResponder(db);
|
||||
CERT_EnableOCSPDefaultResponder(certdb);
|
||||
}
|
||||
else {
|
||||
/* if no defaultresponder is set, disable it */
|
||||
CERT_DisableOCSPDefaultResponder(db);
|
||||
CERT_DisableOCSPDefaultResponder(certdb);
|
||||
}
|
||||
|
||||
|
||||
/* enable OCSP checking if requested */
|
||||
|
||||
if (ocspCheckingEnabled) {
|
||||
CERT_EnableOCSPChecking(db);
|
||||
CERT_EnableOCSPChecking(certdb);
|
||||
}
|
||||
|
||||
loser:
|
||||
|
@ -215,6 +216,7 @@ loser:
|
|||
|
||||
}
|
||||
|
||||
#if 0
|
||||
/***********************************************************************
|
||||
* simpleInitialize
|
||||
*
|
||||
|
@ -306,7 +308,9 @@ Java_org_mozilla_jss_CryptoManager_initializeNative
|
|||
return;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
#if 0
|
||||
/*
|
||||
* Callback for key database name. Name is passed in through void* argument.
|
||||
*/
|
||||
|
@ -331,6 +335,7 @@ certDBNameCallback(void *arg, int dbVersion)
|
|||
return PL_strdup("");
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
/**********************************************************************
|
||||
* This is the PasswordCallback object that will be used to login
|
||||
|
@ -344,58 +349,9 @@ static jobject globalPasswordCallback = NULL;
|
|||
*/
|
||||
JavaVM * JSS_javaVM;
|
||||
|
||||
/***********************************************************************
|
||||
* CryptoManager.initialize
|
||||
*
|
||||
* Initialize the security library and open all the databases.
|
||||
*
|
||||
*/
|
||||
JNIEXPORT void JNICALL
|
||||
Java_org_mozilla_jss_CryptoManager_initializeAllNative
|
||||
(JNIEnv *env, jclass clazz,
|
||||
jstring modDBName,
|
||||
jstring keyDBName,
|
||||
jstring certDBName,
|
||||
jboolean readOnly,
|
||||
jstring manuString,
|
||||
jstring libraryString,
|
||||
jstring tokString,
|
||||
jstring keyTokString,
|
||||
jstring slotString,
|
||||
jstring keySlotString,
|
||||
jstring fipsString,
|
||||
jstring fipsKeyString,
|
||||
jboolean ocspCheckingEnabled,
|
||||
jstring ocspResponderURL,
|
||||
jstring ocspResponderCertNickname )
|
||||
{
|
||||
JSS_completeInitialize(env,
|
||||
modDBName,
|
||||
keyDBName,
|
||||
certDBName,
|
||||
readOnly,
|
||||
manuString,
|
||||
libraryString,
|
||||
tokString,
|
||||
keyTokString,
|
||||
slotString,
|
||||
keySlotString,
|
||||
fipsString,
|
||||
fipsKeyString,
|
||||
ocspCheckingEnabled,
|
||||
ocspResponderURL,
|
||||
ocspResponderCertNickname
|
||||
);
|
||||
}
|
||||
|
||||
/***********************************************************************
|
||||
* JSS_completeInitialize
|
||||
*
|
||||
* Initialize the security library and open all the databases.
|
||||
*
|
||||
*/
|
||||
void
|
||||
JSS_completeInitialize(JNIEnv *env,
|
||||
jstring configDir,
|
||||
jstring certPrefix,
|
||||
jstring keyPrefix,
|
||||
|
@ -433,10 +389,24 @@ JSS_completeInitialize(JNIEnv *env,
|
|||
/* This is thread-safe because initialize is synchronized */
|
||||
static PRBool initialized=PR_FALSE;
|
||||
|
||||
if( configDir == NULL ||
|
||||
manuString == NULL ||
|
||||
libraryString == NULL ||
|
||||
tokString == NULL ||
|
||||
keyTokString == NULL ||
|
||||
slotString == NULL ||
|
||||
keySlotString == NULL ||
|
||||
fipsString == NULL ||
|
||||
fipsKeyString == NULL )
|
||||
{
|
||||
JSS_throw(env, NULL_POINTER_EXCEPTION);
|
||||
goto finish;
|
||||
}
|
||||
|
||||
/* Make sure initialize() completes only once */
|
||||
if(initialized) {
|
||||
JSS_throw(env, ALREADY_INITIALIZED_EXCEPTION);
|
||||
return;
|
||||
goto finish;
|
||||
}
|
||||
|
||||
/*
|
||||
|
@ -475,23 +445,32 @@ JSS_completeInitialize(JNIEnv *env,
|
|||
);
|
||||
|
||||
|
||||
/*
|
||||
* Set up arguments to NSS_Initialize
|
||||
*/
|
||||
szConfigDir = (char*) (*env)->GetStringUTFChars(env, configDir, NULL);
|
||||
szCertPrefix = (char*) (*env)->GetStringUTFChars(env, certPrefix, NULL);
|
||||
szKeyPrefix = (char*) (*env)->GetStringUTFChars(env, keyPrefix, NULL);
|
||||
szSecmodName = (char*) (*env)->GetStringUTFChars(env, secmodName, NULL);
|
||||
initFlags = 0;
|
||||
if( readOnly ) {
|
||||
initFlags |= NSS_INIT_READONLY;
|
||||
if( certPrefix != NULL && keyPrefix != NULL && secmodName != NULL ) {
|
||||
/*
|
||||
* Set up arguments to NSS_Initialize
|
||||
*/
|
||||
szCertPrefix = (char*) (*env)->GetStringUTFChars(env, certPrefix, NULL);
|
||||
szKeyPrefix = (char*) (*env)->GetStringUTFChars(env, keyPrefix, NULL);
|
||||
szSecmodName = (char*) (*env)->GetStringUTFChars(env, secmodName, NULL);
|
||||
initFlags = 0;
|
||||
if( readOnly ) {
|
||||
initFlags |= NSS_INIT_READONLY;
|
||||
}
|
||||
|
||||
/*
|
||||
* Initialize NSS.
|
||||
*/
|
||||
rv = NSS_Initialize(szConfigDir, szCertPrefix, szKeyPrefix,
|
||||
szSecmodName, initFlags);
|
||||
} else {
|
||||
if( readOnly ) {
|
||||
rv = NSS_Init(szConfigDir);
|
||||
} else {
|
||||
rv = NSS_InitReadWrite(szConfigDir);
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
* Initialize NSS.
|
||||
*/
|
||||
rv = NSS_Initialize(szConfigDir, szCertPrefix, szKeyPrefix, szSecmodName,
|
||||
initFlags);
|
||||
if( rv != SECSuccess ) {
|
||||
JSS_throwMsg(env, SECURITY_EXCEPTION,
|
||||
"Unable to initialize security library");
|
||||
|
@ -508,9 +487,8 @@ JSS_completeInitialize(JNIEnv *env,
|
|||
/*
|
||||
* Setup NSS to call the specified OCSP responder
|
||||
*/
|
||||
rv = ConfigureOSCP(
|
||||
rv = ConfigureOCSP(
|
||||
env,
|
||||
cdb_handle,
|
||||
ocspCheckingEnabled,
|
||||
ocspResponderURL,
|
||||
ocspResponderCertNickname );
|
||||
|
@ -519,11 +497,6 @@ JSS_completeInitialize(JNIEnv *env,
|
|||
goto finish;
|
||||
}
|
||||
|
||||
if( NSS_SetDomesticPolicy() != SECSuccess ) {
|
||||
JSS_throwMsg(env, SECURITY_EXCEPTION, "Unable to set security policy");
|
||||
goto finish;
|
||||
}
|
||||
|
||||
/*
|
||||
* Save the JavaVM pointer so we can retrieve the JNI environment
|
||||
* later. This only works if there is only one Java VM.
|
||||
|
@ -543,6 +516,13 @@ JSS_completeInitialize(JNIEnv *env,
|
|||
}
|
||||
JSS_javaVM = VMs[0];
|
||||
|
||||
#if 0
|
||||
if( NSS_SetDomesticPolicy() != SECSuccess ) {
|
||||
JSS_throwMsg(env, SECURITY_EXCEPTION, "Unable to set domestic policy");
|
||||
goto finish;
|
||||
}
|
||||
#endif
|
||||
|
||||
initialized = PR_TRUE;
|
||||
|
||||
finish:
|
||||
|
@ -575,25 +555,6 @@ finish:
|
|||
return;
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
/**********************************************************************
|
||||
*
|
||||
* CryptoManager.setNativePasswordCallback
|
||||
*
|
||||
* Sets the global PasswordCallback object, which will be used to
|
||||
* login to tokens implicitly if necessary.
|
||||
*
|
||||
*/
|
||||
JNIEXPORT void JNICALL
|
||||
Java_org_mozilla_jss_CryptoManager_setNativePasswordCallback
|
||||
(JNIEnv *env, jclass clazz, jobject callback)
|
||||
{
|
||||
JSS_setPasswordCallback(env, callback);
|
||||
}
|
||||
|
||||
/**********************************************************************
|
||||
*
|
||||
* JSS_setPasswordCallback
|
||||
|
@ -620,6 +581,21 @@ JSS_setPasswordCallback(JNIEnv *env, jobject callback)
|
|||
}
|
||||
}
|
||||
|
||||
/**********************************************************************
|
||||
*
|
||||
* CryptoManager.setNativePasswordCallback
|
||||
*
|
||||
* Sets the global PasswordCallback object, which will be used to
|
||||
* login to tokens implicitly if necessary.
|
||||
*
|
||||
*/
|
||||
JNIEXPORT void JNICALL
|
||||
Java_org_mozilla_jss_CryptoManager_setNativePasswordCallback
|
||||
(JNIEnv *env, jclass clazz, jobject callback)
|
||||
{
|
||||
JSS_setPasswordCallback(env, callback);
|
||||
}
|
||||
|
||||
/********************************************************************
|
||||
*
|
||||
* g e t P W F r o m C a l l b a c k
|
||||
|
@ -1003,11 +979,5 @@ JNIEXPORT void JNICALL
|
|||
Java_org_mozilla_jss_DatabaseCloser_closeDatabases
|
||||
(JNIEnv *env, jobject this)
|
||||
{
|
||||
PR_ASSERT( CERT_GetDefaultCertDB() != NULL );
|
||||
CERT_ClosePermCertDB( CERT_GetDefaultCertDB() );
|
||||
CERT_SetDefaultCertDB( NULL );
|
||||
|
||||
PR_ASSERT( SECKEY_GetDefaultKeyDB() != NULL );
|
||||
SECKEY_CloseKeyDB( SECKEY_GetDefaultKeyDB() );
|
||||
SECKEY_SetDefaultKeyDB( NULL );
|
||||
NSS_Shutdown();
|
||||
}
|
||||
|
|
|
@ -51,7 +51,7 @@ import org.mozilla.jss.CRLImportException;
|
|||
* Initialization is done with static methods, and must be done before
|
||||
* an instance can be created. All other operations are done with instance
|
||||
* methods.
|
||||
* @version $Revision: 1.5 $ $Date: 2001/04/03 04:08:19 $
|
||||
* @version $Revision: 1.6 $ $Date: 2001/04/10 17:32:20 $
|
||||
*/
|
||||
public final class CryptoManager implements TokenSupplier
|
||||
{
|
||||
|
@ -114,6 +114,14 @@ public final class CryptoManager implements TokenSupplier
|
|||
this.configDir = configDir;
|
||||
}
|
||||
|
||||
/**
|
||||
* deprecated
|
||||
*/
|
||||
public InitializationValues(String secmodName, String keydbName,
|
||||
String certdbName)
|
||||
{
|
||||
}
|
||||
|
||||
public InitializationValues(String configDir, String certPrefix,
|
||||
String keyPrefix, String secmodName)
|
||||
{
|
||||
|
@ -706,21 +714,6 @@ public final class CryptoManager implements TokenSupplier
|
|||
// Initialization
|
||||
////////////////////////////////////////////////////
|
||||
|
||||
/**
|
||||
* Initialize the security subsystem. Initializes NSPR and the
|
||||
* Random Number Generator, but does not open any databases or initialize
|
||||
* PKCS #11. The only cryptographic operation that can be performed
|
||||
* after this call is PQG parameter generation. This method can
|
||||
* be called repeatedly, before or after the call to
|
||||
* <code>initialize(InitializationValues)</code>.
|
||||
*/
|
||||
public static synchronized void initialize()
|
||||
{
|
||||
NSSInit.loadNativeLibraries();
|
||||
initializeNative();
|
||||
}
|
||||
private static native void initializeNative();
|
||||
|
||||
/**
|
||||
* Initialize the security subsystem. Opens the databases, loads all
|
||||
* PKCS #11 modules, initializes the internal random number generator.
|
||||
|
@ -744,6 +737,19 @@ public final class CryptoManager implements TokenSupplier
|
|||
initialize( new InitializationValues(configDir) );
|
||||
}
|
||||
|
||||
/**
|
||||
* deprecated
|
||||
*/
|
||||
public static synchronized void initialize( String secmodName,
|
||||
String keydbName, String certdbName)
|
||||
throws KeyDatabaseException,
|
||||
CertDatabaseException,
|
||||
AlreadyInitializedException,
|
||||
GeneralSecurityException
|
||||
{
|
||||
initialize( new InitializationValues() );
|
||||
}
|
||||
|
||||
/**
|
||||
* Initialize the security subsystem. Opens the databases, loads all
|
||||
* PKCS #11 modules, initializes the internal random number generator.
|
||||
|
@ -768,7 +774,7 @@ public final class CryptoManager implements TokenSupplier
|
|||
if(instance != null) {
|
||||
throw new AlreadyInitializedException();
|
||||
}
|
||||
NSSInit.loadNativeLibraries();
|
||||
loadNativeLibraries();
|
||||
if (values.ocspResponderURL != null) {
|
||||
if (values.ocspResponderCertNickname == null) {
|
||||
throw new GeneralSecurityException(
|
||||
|
|
|
@ -1,109 +0,0 @@
|
|||
/*
|
||||
* The contents of this file are subject to the Mozilla Public
|
||||
* License Version 1.1 (the "License"); you may not use this file
|
||||
* except in compliance with the License. You may obtain a copy of
|
||||
* the License at http://www.mozilla.org/MPL/
|
||||
*
|
||||
* Software distributed under the License is distributed on an "AS
|
||||
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
|
||||
* implied. See the License for the specific language governing
|
||||
* rights and limitations under the License.
|
||||
*
|
||||
* The Original Code is the Netscape Security Services for Java.
|
||||
*
|
||||
* The Initial Developer of the Original Code is Netscape
|
||||
* Communications Corporation. Portions created by Netscape are
|
||||
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
|
||||
* Rights Reserved.
|
||||
*
|
||||
* Contributor(s):
|
||||
*
|
||||
* Alternatively, the contents of this file may be used under the
|
||||
* terms of the GNU General Public License Version 2 or later (the
|
||||
* "GPL"), in which case the provisions of the GPL are applicable
|
||||
* instead of those above. If you wish to allow use of your
|
||||
* version of this file only under the terms of the GPL and not to
|
||||
* allow others to use your version of this file under the MPL,
|
||||
* indicate your decision by deleting the provisions above and
|
||||
* replace them with the notice and other provisions required by
|
||||
* the GPL. If you do not delete the provisions above, a recipient
|
||||
* may use your version of this file under either the MPL or the
|
||||
* GPL.
|
||||
*/
|
||||
|
||||
#include "_jni/org_mozilla_jss_NSSInit.h"
|
||||
#include <nspr.h>
|
||||
#include "jssinit.h"
|
||||
|
||||
/********************************************************************/
|
||||
/* The following VERSION Strings should be updated in the following */
|
||||
/* files everytime a new release of JSS is generated: */
|
||||
/* */
|
||||
/* jssjava: ns/ninja/cmd/jssjava/jssjava.c */
|
||||
/* jss.jar: ns/ninja/org/mozilla/jss/manage/NSSInit.java */
|
||||
/* jss.dll: ns/ninja/org/mozilla/jss/manage/NSSInit.c */
|
||||
/* */
|
||||
/********************************************************************/
|
||||
|
||||
static const char* DLL_JSS_VERSION = "JSS_VERSION = JSS_3_0";
|
||||
static const char* DLL_JDK_VERSION = "JDK_VERSION = JDK 1.2.2";
|
||||
static const char* DLL_NSS_VERSION = "NSS_VERSION = NSS_3_2_RTM";
|
||||
static const char* DLL_DBM_VERSION = "DBM_VERSION = NSS_3_1_1_RTM";
|
||||
static const char* DLL_NSPR_VERSION = "NSPR_VERSION = NSPRPUB_RELEASE_4_1";
|
||||
|
||||
/***********************************************************************
|
||||
* NSSInit.initializeNative
|
||||
*
|
||||
* This just passes its arguments to CryptoManager.initializeAllNative.
|
||||
*/
|
||||
JNIEXPORT void JNICALL
|
||||
Java_org_mozilla_jss_NSSInit_initializeNative
|
||||
(JNIEnv *env, jclass clazz,
|
||||
jstring modDBName,
|
||||
jstring keyDBName,
|
||||
jstring certDBName,
|
||||
jboolean readOnly,
|
||||
jstring manuString,
|
||||
jstring libraryString,
|
||||
jstring tokString,
|
||||
jstring keyTokString,
|
||||
jstring slotString,
|
||||
jstring keySlotString,
|
||||
jstring fipsString,
|
||||
jstring fipsKeyString )
|
||||
{
|
||||
jboolean ocsp = JNI_FALSE;
|
||||
jstring ocsp_url = NULL;
|
||||
jstring ocsp_nickname = NULL;
|
||||
|
||||
JSS_completeInitialize(
|
||||
env,
|
||||
modDBName,
|
||||
keyDBName,
|
||||
certDBName,
|
||||
readOnly,
|
||||
manuString,
|
||||
libraryString,
|
||||
tokString,
|
||||
keyTokString,
|
||||
slotString,
|
||||
keySlotString,
|
||||
fipsString,
|
||||
fipsKeyString,
|
||||
ocsp,
|
||||
ocsp_url,
|
||||
ocsp_nickname);
|
||||
}
|
||||
|
||||
|
||||
/***********************************************************************
|
||||
* NSSInit.setPasswordCallback
|
||||
*
|
||||
* This just passes its arguments to CryptoManager.setNativePasswordCallback
|
||||
*/
|
||||
JNIEXPORT void JNICALL
|
||||
Java_org_mozilla_jss_NSSInit_setPasswordCallback
|
||||
(JNIEnv *env, jclass clazz, jobject pwcb)
|
||||
{
|
||||
JSS_setPasswordCallback(env, pwcb);
|
||||
}
|
|
@ -58,35 +58,35 @@ JNIEXPORT jobject JNICALL
|
|||
Java_org_mozilla_jss_CryptoManager_findCertByNicknameNative
|
||||
(JNIEnv *env, jobject this, jstring nickname)
|
||||
{
|
||||
char *nick=NULL;
|
||||
jobject certObject=NULL;
|
||||
CERTCertificate *cert=NULL;
|
||||
char *nick=NULL;
|
||||
jobject certObject=NULL;
|
||||
CERTCertificate *cert=NULL;
|
||||
|
||||
PR_ASSERT(env!=NULL && this!=NULL && nickname!=NULL);
|
||||
PR_ASSERT(env!=NULL && this!=NULL && nickname!=NULL);
|
||||
|
||||
nick = (char*) (*env)->GetStringUTFChars(env, nickname, NULL);
|
||||
PR_ASSERT(nick!=NULL);
|
||||
nick = (char*) (*env)->GetStringUTFChars(env, nickname, NULL);
|
||||
PR_ASSERT(nick!=NULL);
|
||||
|
||||
cert = PK11_FindCertFromNickname(nick, NULL);
|
||||
cert = PK11_FindCertFromNickname(nick, NULL);
|
||||
|
||||
if(cert == NULL) {
|
||||
if(cert == NULL) {
|
||||
cert = CERT_FindCertByNickname( CERT_GetDefaultCertDB(), nick );
|
||||
if( cert == NULL ) {
|
||||
JSS_nativeThrow(env, OBJECT_NOT_FOUND_EXCEPTION);
|
||||
goto finish;
|
||||
JSS_nativeThrow(env, OBJECT_NOT_FOUND_EXCEPTION);
|
||||
goto finish;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
certObject = JSS_PK11_wrapCert(env, &cert);
|
||||
certObject = JSS_PK11_wrapCert(env, &cert);
|
||||
|
||||
finish:
|
||||
if(nick != NULL) {
|
||||
(*env)->ReleaseStringUTFChars(env, nickname, nick);
|
||||
}
|
||||
if(cert != NULL) {
|
||||
CERT_DestroyCertificate(cert);
|
||||
}
|
||||
return certObject;
|
||||
if(nick != NULL) {
|
||||
(*env)->ReleaseStringUTFChars(env, nickname, nick);
|
||||
}
|
||||
if(cert != NULL) {
|
||||
CERT_DestroyCertificate(cert);
|
||||
}
|
||||
return certObject;
|
||||
}
|
||||
|
||||
/*
|
||||
|
@ -216,13 +216,13 @@ JNIEXPORT jobject JNICALL
|
|||
Java_org_mozilla_jss_CryptoManager_findCertByIssuerAndSerialNumberNative
|
||||
(JNIEnv *env, jobject this, jbyteArray issuerBA, jbyteArray serialNumBA)
|
||||
{
|
||||
jobject certObject=NULL;
|
||||
CERTCertificate *cert=NULL;
|
||||
jobject certObject=NULL;
|
||||
CERTCertificate *cert=NULL;
|
||||
SECItem *issuer=NULL, *serialNum=NULL;
|
||||
CERTIssuerAndSN issuerAndSN;
|
||||
PK11SlotInfo *slot=NULL;
|
||||
|
||||
PR_ASSERT(env!=NULL && this!=NULL);
|
||||
PR_ASSERT(env!=NULL && this!=NULL);
|
||||
|
||||
/* validate args */
|
||||
if( issuerBA == NULL || serialNumBA == NULL ) {
|
||||
|
@ -249,27 +249,27 @@ Java_org_mozilla_jss_CryptoManager_findCertByIssuerAndSerialNumberNative
|
|||
CERT_GetDefaultCertDB(),
|
||||
&issuerAndSN);
|
||||
if( cert == NULL ) {
|
||||
JSS_nativeThrow(env, OBJECT_NOT_FOUND_EXCEPTION);
|
||||
goto finish;
|
||||
JSS_nativeThrow(env, OBJECT_NOT_FOUND_EXCEPTION);
|
||||
goto finish;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
certObject = JSS_PK11_wrapCert(env, &cert);
|
||||
certObject = JSS_PK11_wrapCert(env, &cert);
|
||||
|
||||
finish:
|
||||
if(slot) {
|
||||
PK11_FreeSlot(slot);
|
||||
}
|
||||
if(cert != NULL) {
|
||||
CERT_DestroyCertificate(cert);
|
||||
}
|
||||
if(cert != NULL) {
|
||||
CERT_DestroyCertificate(cert);
|
||||
}
|
||||
if(issuer) {
|
||||
SECITEM_FreeItem(issuer, PR_TRUE /*freeit*/);
|
||||
}
|
||||
if(serialNum) {
|
||||
SECITEM_FreeItem(serialNum, PR_TRUE /*freeit*/);
|
||||
}
|
||||
return certObject;
|
||||
return certObject;
|
||||
}
|
||||
|
||||
/*****************************************************************
|
||||
|
@ -281,39 +281,39 @@ JNIEXPORT jobject JNICALL
|
|||
Java_org_mozilla_jss_CryptoManager_findPrivKeyByCertNative
|
||||
(JNIEnv *env, jobject this, jobject Cert)
|
||||
{
|
||||
PRThread *pThread;
|
||||
CERTCertificate *cert;
|
||||
SECKEYPrivateKey *privKey=NULL;
|
||||
jobject Key;
|
||||
PRThread *pThread;
|
||||
CERTCertificate *cert;
|
||||
SECKEYPrivateKey *privKey=NULL;
|
||||
jobject Key;
|
||||
|
||||
pThread = PR_AttachThread(PR_SYSTEM_THREAD, 0, NULL);
|
||||
PR_ASSERT( pThread != NULL);
|
||||
PR_ASSERT( env!=NULL && this!=NULL && Cert!=NULL);
|
||||
pThread = PR_AttachThread(PR_SYSTEM_THREAD, 0, NULL);
|
||||
PR_ASSERT( pThread != NULL);
|
||||
PR_ASSERT( env!=NULL && this!=NULL && Cert!=NULL);
|
||||
|
||||
if( JSS_PK11_getCertPtr(env, Cert, &cert) != PR_SUCCESS) {
|
||||
PR_ASSERT( (*env)->ExceptionOccurred(env) != NULL);
|
||||
goto finish;
|
||||
}
|
||||
if(cert==NULL) {
|
||||
PR_ASSERT(PR_FALSE);
|
||||
JSS_throw(env, OBJECT_NOT_FOUND_EXCEPTION);
|
||||
goto finish;
|
||||
}
|
||||
if( JSS_PK11_getCertPtr(env, Cert, &cert) != PR_SUCCESS) {
|
||||
PR_ASSERT( (*env)->ExceptionOccurred(env) != NULL);
|
||||
goto finish;
|
||||
}
|
||||
if(cert==NULL) {
|
||||
PR_ASSERT(PR_FALSE);
|
||||
JSS_throw(env, OBJECT_NOT_FOUND_EXCEPTION);
|
||||
goto finish;
|
||||
}
|
||||
|
||||
privKey = PK11_FindKeyByAnyCert(cert, NULL);
|
||||
if(privKey == NULL) {
|
||||
JSS_throw(env, OBJECT_NOT_FOUND_EXCEPTION);
|
||||
goto finish;
|
||||
}
|
||||
privKey = PK11_FindKeyByAnyCert(cert, NULL);
|
||||
if(privKey == NULL) {
|
||||
JSS_throw(env, OBJECT_NOT_FOUND_EXCEPTION);
|
||||
goto finish;
|
||||
}
|
||||
|
||||
Key = JSS_PK11_wrapPrivKey(env, &privKey);
|
||||
Key = JSS_PK11_wrapPrivKey(env, &privKey);
|
||||
|
||||
finish:
|
||||
if(privKey != NULL) {
|
||||
SECKEY_DestroyPrivateKey(privKey);
|
||||
}
|
||||
PR_DetachThread();
|
||||
return Key;
|
||||
if(privKey != NULL) {
|
||||
SECKEY_DestroyPrivateKey(privKey);
|
||||
}
|
||||
PR_DetachThread();
|
||||
return Key;
|
||||
}
|
||||
|
||||
|
||||
|
@ -715,52 +715,52 @@ JNIEXPORT jobject JNICALL
|
|||
Java_org_mozilla_jss_CryptoManager_importCertToPermNative
|
||||
(JNIEnv *env, jobject this, jobject cert, jstring nickString)
|
||||
{
|
||||
SECStatus rv;
|
||||
CERTCertificate *newCert;
|
||||
CERTCertTrust trustflags;
|
||||
jobject result=NULL;
|
||||
char *nickname=NULL;
|
||||
SECStatus rv;
|
||||
CERTCertificate *newCert;
|
||||
CERTCertTrust trustflags;
|
||||
jobject result=NULL;
|
||||
char *nickname=NULL;
|
||||
|
||||
/* first, get the NSS cert pointer from the 'cert' object */
|
||||
/* first, get the NSS cert pointer from the 'cert' object */
|
||||
|
||||
if ( JSS_PK11_getCertPtr(env, cert, &newCert) != PR_SUCCESS) {
|
||||
PR_ASSERT( (*env)->ExceptionOccurred(env) != NULL);
|
||||
goto finish;
|
||||
}
|
||||
PR_ASSERT(newCert != NULL);
|
||||
if ( JSS_PK11_getCertPtr(env, cert, &newCert) != PR_SUCCESS) {
|
||||
PR_ASSERT( (*env)->ExceptionOccurred(env) != NULL);
|
||||
goto finish;
|
||||
}
|
||||
PR_ASSERT(newCert != NULL);
|
||||
|
||||
if (nickString != NULL) {
|
||||
nickname = (char*) (*env)->GetStringUTFChars(env, nickString, NULL);
|
||||
}
|
||||
if (nickString != NULL) {
|
||||
nickname = (char*) (*env)->GetStringUTFChars(env, nickString, NULL);
|
||||
}
|
||||
|
||||
trustflags.sslFlags = 0;
|
||||
trustflags.emailFlags = 0;
|
||||
trustflags.objectSigningFlags = 0;
|
||||
trustflags.sslFlags = 0;
|
||||
trustflags.emailFlags = 0;
|
||||
trustflags.objectSigningFlags = 0;
|
||||
|
||||
/* Then, add to permanent database */
|
||||
/* Then, add to permanent database */
|
||||
|
||||
rv = CERT_AddTempCertToPerm(newCert, nickname,
|
||||
rv = CERT_AddTempCertToPerm(newCert, nickname,
|
||||
&trustflags);
|
||||
|
||||
if (rv == SECSuccess) {
|
||||
/* build return object */
|
||||
result = JSS_PK11_wrapCert(env, &newCert);
|
||||
}
|
||||
else {
|
||||
/* CERT_AddTempCertToPerm does not properly set NSPR
|
||||
Error value, so no detail can be retrieved
|
||||
*/
|
||||
JSS_throwMsg(env, TOKEN_EXCEPTION,
|
||||
"Unable to insert certificate into permanent database");
|
||||
if (rv == SECSuccess) {
|
||||
/* build return object */
|
||||
result = JSS_PK11_wrapCert(env, &newCert);
|
||||
}
|
||||
else {
|
||||
/* CERT_AddTempCertToPerm does not properly set NSPR
|
||||
Error value, so no detail can be retrieved
|
||||
*/
|
||||
JSS_throwMsg(env, TOKEN_EXCEPTION,
|
||||
"Unable to insert certificate into permanent database");
|
||||
|
||||
|
||||
}
|
||||
if (nickname != NULL) {
|
||||
(*env)->ReleaseStringUTFChars(env, nickString, nickname);
|
||||
}
|
||||
}
|
||||
if (nickname != NULL) {
|
||||
(*env)->ReleaseStringUTFChars(env, nickString, nickname);
|
||||
}
|
||||
|
||||
finish:
|
||||
return result;
|
||||
return result;
|
||||
|
||||
}
|
||||
|
||||
|
@ -785,7 +785,7 @@ static int find_leaf_cert(
|
|||
int i;
|
||||
int status = 0;
|
||||
|
||||
theCert= CERT_NewTempCertificate(certdb, &derCerts[cur_link],
|
||||
theCert= CERT_NewTempCertificate(certdb, &derCerts[cur_link],
|
||||
NULL, PR_FALSE /* isperm */, PR_TRUE /*copyDER*/);
|
||||
if (theCert == NULL) {
|
||||
status = -1;
|
||||
|
@ -796,12 +796,12 @@ static int find_leaf_cert(
|
|||
/* help speeding up the searching */
|
||||
continue;
|
||||
}
|
||||
curCert = CERT_NewTempCertificate(certdb, &derCerts[i], NULL,
|
||||
PR_FALSE /* isperm */, PR_TRUE /*copyDER*/);
|
||||
if(curCert == NULL) {
|
||||
curCert = CERT_NewTempCertificate(certdb, &derCerts[i], NULL,
|
||||
PR_FALSE /* isperm */, PR_TRUE /*copyDER*/);
|
||||
if(curCert == NULL) {
|
||||
status = -1;
|
||||
goto finish;
|
||||
}
|
||||
}
|
||||
if (SECITEM_CompareItem(&theCert->derSubject,
|
||||
&curCert->derIssuer) == SECEqual) {
|
||||
linked[i] = 1;
|
||||
|
@ -809,16 +809,16 @@ static int find_leaf_cert(
|
|||
status = 1; /* got it */
|
||||
goto finish;
|
||||
}
|
||||
CERT_DeleteTempCertificate(curCert);
|
||||
CERT_DeleteTempCertificate(curCert);
|
||||
curCert = NULL;
|
||||
} /* for */
|
||||
|
||||
finish:
|
||||
if (theCert != NULL) {
|
||||
CERT_DeleteTempCertificate(theCert);
|
||||
CERT_DeleteTempCertificate(theCert);
|
||||
}
|
||||
if (curCert != NULL) {
|
||||
CERT_DeleteTempCertificate(curCert);
|
||||
CERT_DeleteTempCertificate(curCert);
|
||||
}
|
||||
return status;
|
||||
}
|
||||
|
@ -960,44 +960,46 @@ Java_org_mozilla_jss_CryptoManager_importCertPackageNative
|
|||
* if present, shouldn't be assumed either.
|
||||
***************************************************/
|
||||
if (numCerts > 1) {
|
||||
for (certi=0; certi<numCerts; certi++) {
|
||||
leafCert= CERT_NewTempCertificate(certdb, &derCerts[certi], NULL,
|
||||
PR_FALSE /* isperm */, PR_TRUE /*copyDER*/);
|
||||
if(leafCert == NULL) {
|
||||
JSS_throwMsg(env, CERTIFICATE_ENCODING_EXCEPTION,
|
||||
"Failed to create new temporary certificate");
|
||||
goto finish;
|
||||
}
|
||||
for (certi=0; certi<numCerts; certi++) {
|
||||
leafCert = CERT_NewTempCertificate(certdb, &derCerts[certi], NULL,
|
||||
PR_FALSE /* isperm */, PR_TRUE /*copyDER*/);
|
||||
if(leafCert == NULL) {
|
||||
JSS_throwMsg(env, CERTIFICATE_ENCODING_EXCEPTION,
|
||||
"Failed to create new temporary certificate");
|
||||
goto finish;
|
||||
}
|
||||
|
||||
slot = PK11_KeyForCertExists(leafCert, &keyID, NULL);
|
||||
if (slot !=NULL) { /* found the use cert */
|
||||
theDerCert = derCerts[certi];
|
||||
/* delete it so it wouldn't cause conflict */
|
||||
CERT_DeleteTempCertificate(leafCert);
|
||||
break; /*certi now indicates the location of our user cert in chain*/
|
||||
}
|
||||
slot = PK11_KeyForCertExists(leafCert, &keyID, NULL);
|
||||
if (slot !=NULL) { /* found the use cert */
|
||||
theDerCert = derCerts[certi];
|
||||
/* delete it so it wouldn't cause conflict */
|
||||
CERT_DeleteTempCertificate(leafCert);
|
||||
break; /*certi now indicates the location of our user cert in chain*/
|
||||
}
|
||||
|
||||
/* delete it so it wouldn't cause conflict */
|
||||
CERT_DeleteTempCertificate(leafCert);
|
||||
/* delete it so it wouldn't cause conflict */
|
||||
CERT_DeleteTempCertificate(leafCert);
|
||||
|
||||
} /* end for */
|
||||
} /* end for */
|
||||
|
||||
/* (NO_USER_CERT_HANDLING)
|
||||
/* (NO_USER_CERT_HANDLING)
|
||||
Handles the case when the user certificate is not in
|
||||
the certificate chain.
|
||||
*/
|
||||
if ((slot == NULL)) { /* same as "noUser = 1" */
|
||||
/* #397713 */
|
||||
if (!find_leaf_cert_in_chain(certdb, derCerts, numCerts, &theDerCert)) {
|
||||
JSS_throwMsg(env, CERTIFICATE_ENCODING_EXCEPTION,
|
||||
"Failed to locate leaf certificate in chain");
|
||||
goto finish;
|
||||
*/
|
||||
if ((slot == NULL)) { /* same as "noUser = 1" */
|
||||
/* #397713 */
|
||||
if (!find_leaf_cert_in_chain(certdb, derCerts,
|
||||
numCerts, &theDerCert))
|
||||
{
|
||||
JSS_throwMsg(env, CERTIFICATE_ENCODING_EXCEPTION,
|
||||
"Failed to locate leaf certificate in chain");
|
||||
goto finish;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
} else {/* numCerts <= 1 */
|
||||
theDerCert = derCerts[0];
|
||||
certi = 0;
|
||||
theDerCert = derCerts[0];
|
||||
certi = 0;
|
||||
}
|
||||
|
||||
/***************************************************
|
||||
|
@ -1075,12 +1077,12 @@ Java_org_mozilla_jss_CryptoManager_importCertPackageNative
|
|||
slot = PK11_ImportCertForKey(leafCert, nickChars, NULL);
|
||||
if( slot == NULL ) {
|
||||
/* We already checked for this, shouldn't fail here */
|
||||
if(PR_GetError() == SEC_ERROR_ADDING_CERT) {
|
||||
PR_ASSERT(PR_FALSE);
|
||||
JSS_throw(env, NO_SUCH_ITEM_ON_TOKEN_EXCEPTION);
|
||||
} else {
|
||||
JSS_throw(env, TOKEN_EXCEPTION);
|
||||
}
|
||||
if(PR_GetError() == SEC_ERROR_ADDING_CERT) {
|
||||
PR_ASSERT(PR_FALSE);
|
||||
JSS_throw(env, NO_SUCH_ITEM_ON_TOKEN_EXCEPTION);
|
||||
} else {
|
||||
JSS_throw(env, TOKEN_EXCEPTION);
|
||||
}
|
||||
goto finish;
|
||||
}
|
||||
|
||||
|
@ -1131,9 +1133,9 @@ Java_org_mozilla_jss_CryptoManager_importCertPackageNative
|
|||
goto finish;
|
||||
}
|
||||
} else {
|
||||
status = ImportCAChain(derCerts,
|
||||
certi,
|
||||
certUsageUserCertImport);
|
||||
status = ImportCAChain(derCerts,
|
||||
certi,
|
||||
certUsageUserCertImport);
|
||||
if(status != SECSuccess) {
|
||||
JSS_trace(env, JSS_TRACE_ERROR,
|
||||
"CERT_ImportCAChain returned an error in "
|
||||
|
@ -1143,9 +1145,9 @@ Java_org_mozilla_jss_CryptoManager_importCertPackageNative
|
|||
goto finish;
|
||||
}
|
||||
|
||||
status = ImportCAChain(derCerts+certi+1,
|
||||
numCerts-certi-1,
|
||||
certUsageUserCertImport);
|
||||
status = ImportCAChain(derCerts+certi+1,
|
||||
numCerts-certi-1,
|
||||
certUsageUserCertImport);
|
||||
if(status != SECSuccess) {
|
||||
JSS_trace(env, JSS_TRACE_ERROR,
|
||||
"CERT_ImportCAChain returned an error in "
|
||||
|
@ -1777,15 +1779,15 @@ finish:
|
|||
JNIEXPORT void JNICALL
|
||||
Java_org_mozilla_jss_CryptoManager_importCRLNative
|
||||
(JNIEnv *env, jobject this,
|
||||
jbyteArray der_crl, jstring url_jstr, jint rl_type)
|
||||
jbyteArray der_crl, jstring url_jstr, jint rl_type)
|
||||
|
||||
{
|
||||
CERTCertDBHandle *certdb = CERT_GetDefaultCertDB();
|
||||
CERTSignedCrl *crl = NULL;
|
||||
SECItem *packageItem = NULL;
|
||||
int status = SECFailure;
|
||||
char *url;
|
||||
char *errmsg = NULL;
|
||||
CERTSignedCrl *crl = NULL;
|
||||
SECItem *packageItem = NULL;
|
||||
int status = SECFailure;
|
||||
char *url;
|
||||
char *errmsg = NULL;
|
||||
|
||||
/***************************************************
|
||||
* Validate arguments
|
||||
|
@ -1793,83 +1795,83 @@ Java_org_mozilla_jss_CryptoManager_importCRLNative
|
|||
PR_ASSERT( env!=NULL && this!=NULL );
|
||||
if(der_crl == NULL) {
|
||||
PR_ASSERT(PR_FALSE);
|
||||
/* XXX need new exception here */
|
||||
/* XXX need new exception here */
|
||||
JSS_throwMsg(env, CERTIFICATE_ENCODING_EXCEPTION,
|
||||
"CRL package is NULL");
|
||||
goto finish;
|
||||
}
|
||||
PR_ASSERT(certdb != NULL);
|
||||
|
||||
/* convert CRL byte[] into secitem */
|
||||
/* convert CRL byte[] into secitem */
|
||||
|
||||
packageItem = JSS_ByteArrayToSECItem(env, der_crl);
|
||||
if ( packageItem == NULL ) {
|
||||
goto finish;
|
||||
}
|
||||
/* XXX need to deal with if error */
|
||||
}
|
||||
/* XXX need to deal with if error */
|
||||
|
||||
if (url_jstr != NULL) {
|
||||
url = (char*) (*env)->GetStringUTFChars(env, url_jstr, NULL);
|
||||
PR_ASSERT(url!=NULL);
|
||||
}
|
||||
else {
|
||||
url = NULL;
|
||||
}
|
||||
if (url_jstr != NULL) {
|
||||
url = (char*) (*env)->GetStringUTFChars(env, url_jstr, NULL);
|
||||
PR_ASSERT(url!=NULL);
|
||||
}
|
||||
else {
|
||||
url = NULL;
|
||||
}
|
||||
|
||||
crl = CERT_ImportCRL( certdb, packageItem, url, rl_type, NULL);
|
||||
crl = CERT_ImportCRL( certdb, packageItem, url, rl_type, NULL);
|
||||
|
||||
if( crl == NULL ) {
|
||||
status = PR_GetError();
|
||||
errmsg = NULL;
|
||||
switch (status) {
|
||||
case SEC_ERROR_OLD_CRL:
|
||||
case SEC_ERROR_OLD_KRL:
|
||||
/* not an error - leave as NULL */
|
||||
errmsg = NULL;
|
||||
goto finish;
|
||||
case SEC_ERROR_CRL_EXPIRED:
|
||||
errmsg = "CRL Expired";
|
||||
break;
|
||||
case SEC_ERROR_KRL_EXPIRED:
|
||||
errmsg = "KRL Expired";
|
||||
break;
|
||||
case SEC_ERROR_CRL_NOT_YET_VALID:
|
||||
errmsg = "CRL Not yet valid";
|
||||
break;
|
||||
case SEC_ERROR_KRL_NOT_YET_VALID:
|
||||
errmsg = "KRL Not yet valid";
|
||||
break;
|
||||
case SEC_ERROR_CRL_INVALID:
|
||||
errmsg = "Invalid encoding of CRL";
|
||||
break;
|
||||
case SEC_ERROR_KRL_INVALID:
|
||||
errmsg = "Invalid encoding of KRL";
|
||||
break;
|
||||
case SEC_ERROR_BAD_DATABASE:
|
||||
errmsg = "Database error";
|
||||
break;
|
||||
default:
|
||||
/* printf("NSS ERROR = %d\n",status); */
|
||||
errmsg = "Failed to import Revocation List";
|
||||
}
|
||||
if (errmsg) {
|
||||
JSS_throwMsg(env, CRL_IMPORT_EXCEPTION, errmsg);
|
||||
}
|
||||
status = PR_GetError();
|
||||
errmsg = NULL;
|
||||
switch (status) {
|
||||
case SEC_ERROR_OLD_CRL:
|
||||
case SEC_ERROR_OLD_KRL:
|
||||
/* not an error - leave as NULL */
|
||||
errmsg = NULL;
|
||||
goto finish;
|
||||
case SEC_ERROR_CRL_EXPIRED:
|
||||
errmsg = "CRL Expired";
|
||||
break;
|
||||
case SEC_ERROR_KRL_EXPIRED:
|
||||
errmsg = "KRL Expired";
|
||||
break;
|
||||
case SEC_ERROR_CRL_NOT_YET_VALID:
|
||||
errmsg = "CRL Not yet valid";
|
||||
break;
|
||||
case SEC_ERROR_KRL_NOT_YET_VALID:
|
||||
errmsg = "KRL Not yet valid";
|
||||
break;
|
||||
case SEC_ERROR_CRL_INVALID:
|
||||
errmsg = "Invalid encoding of CRL";
|
||||
break;
|
||||
case SEC_ERROR_KRL_INVALID:
|
||||
errmsg = "Invalid encoding of KRL";
|
||||
break;
|
||||
case SEC_ERROR_BAD_DATABASE:
|
||||
errmsg = "Database error";
|
||||
break;
|
||||
default:
|
||||
/* printf("NSS ERROR = %d\n",status); */
|
||||
errmsg = "Failed to import Revocation List";
|
||||
}
|
||||
if (errmsg) {
|
||||
JSS_throwMsg(env, CRL_IMPORT_EXCEPTION, errmsg);
|
||||
}
|
||||
}
|
||||
|
||||
finish:
|
||||
|
||||
if (packageItem) {
|
||||
if (packageItem) {
|
||||
SECITEM_FreeItem(packageItem, PR_TRUE /*freeit*/);
|
||||
}
|
||||
}
|
||||
|
||||
if(url != NULL) {
|
||||
(*env)->ReleaseStringUTFChars(env, url_jstr, url);
|
||||
}
|
||||
if(url != NULL) {
|
||||
(*env)->ReleaseStringUTFChars(env, url_jstr, url);
|
||||
}
|
||||
|
||||
if (crl) {
|
||||
SEC_DestroyCrl(crl);
|
||||
}
|
||||
if (crl) {
|
||||
SEC_DestroyCrl(crl);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
|
|
@ -1,77 +0,0 @@
|
|||
/*
|
||||
* The contents of this file are subject to the Mozilla Public
|
||||
* License Version 1.1 (the "License"); you may not use this file
|
||||
* except in compliance with the License. You may obtain a copy of
|
||||
* the License at http://www.mozilla.org/MPL/
|
||||
*
|
||||
* Software distributed under the License is distributed on an "AS
|
||||
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
|
||||
* implied. See the License for the specific language governing
|
||||
* rights and limitations under the License.
|
||||
*
|
||||
* The Original Code is the Netscape Security Services for Java.
|
||||
*
|
||||
* The Initial Developer of the Original Code is Netscape
|
||||
* Communications Corporation. Portions created by Netscape are
|
||||
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
|
||||
* Rights Reserved.
|
||||
*
|
||||
* Contributor(s):
|
||||
*
|
||||
* Alternatively, the contents of this file may be used under the
|
||||
* terms of the GNU General Public License Version 2 or later (the
|
||||
* "GPL"), in which case the provisions of the GPL are applicable
|
||||
* instead of those above. If you wish to allow use of your
|
||||
* version of this file only under the terms of the GPL and not to
|
||||
* allow others to use your version of this file under the MPL,
|
||||
* indicate your decision by deleting the provisions above and
|
||||
* replace them with the notice and other provisions required by
|
||||
* the GPL. If you do not delete the provisions above, a recipient
|
||||
* may use your version of this file under either the MPL or the
|
||||
* GPL.
|
||||
*/
|
||||
/* This header depends on:
|
||||
#include <jni.h>
|
||||
#include <nspr.h>
|
||||
*/
|
||||
|
||||
#ifndef JSS_INIT_H
|
||||
#define JSS_INIT_H
|
||||
|
||||
/***********************************************************************
|
||||
* JSS_completeInitialize
|
||||
*
|
||||
* Initialize the security library and open all the databases.
|
||||
*
|
||||
*/
|
||||
void
|
||||
JSS_completeInitialize(JNIEnv *env,
|
||||
jstring modDBName,
|
||||
jstring keyDBName,
|
||||
jstring certDBName,
|
||||
jboolean readOnly,
|
||||
jstring manuString,
|
||||
jstring libraryString,
|
||||
jstring tokString,
|
||||
jstring keyTokString,
|
||||
jstring slotString,
|
||||
jstring keySlotString,
|
||||
jstring fipsString,
|
||||
jstring fipsKeyString,
|
||||
jboolean ocspCheckingEnabled,
|
||||
jstring ocspResponderURL,
|
||||
jstring ocspResponderCertNickname );
|
||||
|
||||
|
||||
/**********************************************************************
|
||||
*
|
||||
* JSS_setPasswordCallback
|
||||
*
|
||||
* Sets the global PasswordCallback object, which will be used to
|
||||
* login to tokens implicitly if necessary.
|
||||
*
|
||||
*/
|
||||
void
|
||||
JSS_setPasswordCallback(JNIEnv *env, jobject callback);
|
||||
|
||||
#endif
|
|
@ -330,7 +330,7 @@ public class SSLServer
|
|||
System.out.println("SSLServer started\n");
|
||||
|
||||
try {
|
||||
NSSInit.initialize("secmod.db", "key3.db", "cert7.db");
|
||||
CryptoManager.initialize("secmod.db", "key3.db", "cert7.db");
|
||||
}
|
||||
catch (KeyDatabaseException kdbe) {
|
||||
System.out.println("Couldn't open the key database\n");
|
||||
|
@ -344,6 +344,10 @@ public class SSLServer
|
|||
System.out.println("CryptoManager already initialized???");
|
||||
return;
|
||||
}
|
||||
catch (java.security.GeneralSecurityException e) {
|
||||
System.out.println("General security exception while initializing");
|
||||
return;
|
||||
}
|
||||
|
||||
SSLServerSocket.configServerSessionIDCache(10, 0, 0, null);
|
||||
|
||||
|
|
|
@ -78,10 +78,8 @@ public class SigTest {
|
|||
|
||||
try {
|
||||
CryptoManager.InitializationValues vals = new
|
||||
CryptoManager.InitializationValues
|
||||
( args[0]+"/secmod.db",
|
||||
args[0]+"/key3.db",
|
||||
args[0]+"/cert7.db" );
|
||||
CryptoManager.InitializationValues(args[0], "foobar-", "foobar-",
|
||||
"../secmodule.db");
|
||||
CryptoManager.initialize(vals);
|
||||
manager = CryptoManager.getInstance();
|
||||
|
||||
|
|
Загрузка…
Ссылка в новой задаче