mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

fix for bug #80356, certs should be grouped by issuer org 

r=javi, sr=blizzard
This commit is contained in:
mcgreer%netscape.com 2001-05-15 19:12:44 +00:00
Родитель 482e3ebc68
Коммит be51034d5a
8 изменённых файлов: 69 добавлений и 31 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

1
security/manager/ssl/public/nsIX509Cert.idl
Просмотреть файл

@ -124,6 +124,7 @@ interface nsIX509Cert : nsISupports {
readonly attribute wstring issuedDate;
readonly attribute wstring expiresDate;
readonly attribute wstring tokenName;
readonly attribute wstring issuerOrganization;
readonly attribute nsIX509CertValidity validity;
readonly attribute string dbKey;

2
security/manager/ssl/resources/locale/en-US/pipnss.properties
Просмотреть файл

@ -127,3 +127,5 @@ PKCS12PasswordInvalid=Could not decode PKCS#12 file. Perhaps the password you e
PKCS12DecodeErr=Failed to decode the file. Either it is not in PKCS#12 format, has been corrupted, or the password you entered was incorrect.
PKCS12UnknownErrRestore=Failed to restore the PKCS#12 file for unknown reasons.
PKCS12UnknownErrBackup=Failed to backup the PKCS#12 file for unknown reasons.
UnknownCertIssuer=(Unknown Issuer)
UnknownCertOrg=(Unknown Organization)

26
security/manager/ssl/src/nsCertOutliner.cpp
Просмотреть файл

@ -105,17 +105,17 @@ nsCertOutliner::CmpByToken(nsIX509Cert *a, nsIX509Cert *b)
return cmp1;
}
// CmpByOrg
// CmpByIssuerOrg
//
// Compare two certificates by their O= field. Returns -1, 0, 1 as
// in strcmp. No organization (null) is treated as <.
PRInt32
nsCertOutliner::CmpByOrg(nsIX509Cert *a, nsIX509Cert *b)
nsCertOutliner::CmpByIssuerOrg(nsIX509Cert *a, nsIX509Cert *b)
{
PRInt32 cmp1;
nsXPIDLString aOrg, bOrg;
a->GetOrganization(getter_Copies(aOrg));
b->GetOrganization(getter_Copies(bOrg));
a->GetIssuerOrganization(getter_Copies(aOrg));
b->GetIssuerOrganization(getter_Copies(bOrg));
if (aOrg != nsnull && bOrg != nsnull) {
nsAutoString aStr(aOrg);
cmp1 = aStr.CompareWithConversion(bOrg);
@ -145,17 +145,17 @@ nsCertOutliner::CmpByName(nsIX509Cert *a, nsIX509Cert *b)
return cmp1;
}
// CmpByTok_Org_Name
// CmpByTok_IssuerOrg_Name
//
// Compare two certificates by token name, organization, and common name,
// in that order. Used to sort cert list.
// Compare two certificates by token name, issuer organization,
// and common name, in that order. Used to sort cert list.
PRInt32
nsCertOutliner::CmpByTok_Org_Name(nsIX509Cert *a, nsIX509Cert *b)
nsCertOutliner::CmpByTok_IssuerOrg_Name(nsIX509Cert *a, nsIX509Cert *b)
{
PRInt32 cmp;
cmp = CmpByToken(a, b);
if (cmp != 0) return cmp;
cmp = CmpByOrg(a, b);
cmp = CmpByIssuerOrg(a, b);
if (cmp != 0) return cmp;
return CmpByName(a, b);
}
@ -180,7 +180,7 @@ nsCertOutliner::CountOrganizations()
isupport = dont_AddRef(mCertArray->ElementAt(i));
nextCert = do_QueryInterface(isupport);
if (!(CmpByToken(orgCert, nextCert) == 0 &&
CmpByOrg(orgCert, nextCert) == 0)) {
CmpByIssuerOrg(orgCert, nextCert) == 0)) {
orgCert = nextCert;
orgCount++;
}
@ -263,7 +263,7 @@ nsCertOutliner::LoadCerts(const PRUint32 aType)
nsCOMPtr<nsIX509CertDB> certdb = do_GetService(NS_X509CERTDB_CONTRACTID);
if (certdb == nsnull) return NS_ERROR_FAILURE;
rv = certdb->GetCertsByType(aType,
CmpByTok_Org_Name,
CmpByTok_IssuerOrg_Name,
getter_AddRefs(mCertArray));
if (NS_FAILED(rv)) return rv;
PRUint32 count;
@ -276,14 +276,14 @@ nsCertOutliner::LoadCerts(const PRUint32 aType)
nsCOMPtr<nsISupports> isupport = dont_AddRef(mCertArray->ElementAt(j));
nsCOMPtr<nsIX509Cert> orgCert = do_QueryInterface(isupport);
for (PRInt32 i=0; i<mNumOrgs; i++) {
orgCert->GetOrganization(&mOutlinerArray[i].orgName);
orgCert->GetIssuerOrganization(&mOutlinerArray[i].orgName);
mOutlinerArray[i].open = PR_TRUE;
mOutlinerArray[i].certIndex = j;
mOutlinerArray[i].numChildren = 1;
if (++j >= count) break;
isupport = dont_AddRef(mCertArray->ElementAt(j));
nsCOMPtr<nsIX509Cert> nextCert = do_QueryInterface(isupport);
while (CmpByOrg(orgCert, nextCert) == 0) {
while (CmpByIssuerOrg(orgCert, nextCert) == 0) {
mOutlinerArray[i].numChildren++;
if (++j >= count) break;
isupport = dont_AddRef(mCertArray->ElementAt(j));

4
security/manager/ssl/src/nsCertOutliner.h
Просмотреть файл

@ -58,9 +58,9 @@ public:
protected:
static PRInt32 CmpByToken(nsIX509Cert *a, nsIX509Cert *b);
static PRInt32 CmpByOrg(nsIX509Cert *a, nsIX509Cert *b);
static PRInt32 CmpByIssuerOrg(nsIX509Cert *a, nsIX509Cert *b);
static PRInt32 CmpByName(nsIX509Cert *a, nsIX509Cert *b);
static PRInt32 CmpByTok_Org_Name(nsIX509Cert *a, nsIX509Cert *b);
static PRInt32 CmpByTok_IssuerOrg_Name(nsIX509Cert *a, nsIX509Cert *b);
PRInt32 CountOrganizations();
private:

26
security/manager/ssl/src/nsCertTree.cpp
Просмотреть файл

@ -105,17 +105,17 @@ nsCertOutliner::CmpByToken(nsIX509Cert *a, nsIX509Cert *b)
return cmp1;
}
// CmpByOrg
// CmpByIssuerOrg
//
// Compare two certificates by their O= field. Returns -1, 0, 1 as
// in strcmp. No organization (null) is treated as <.
PRInt32
nsCertOutliner::CmpByOrg(nsIX509Cert *a, nsIX509Cert *b)
nsCertOutliner::CmpByIssuerOrg(nsIX509Cert *a, nsIX509Cert *b)
{
PRInt32 cmp1;
nsXPIDLString aOrg, bOrg;
a->GetOrganization(getter_Copies(aOrg));
b->GetOrganization(getter_Copies(bOrg));
a->GetIssuerOrganization(getter_Copies(aOrg));
b->GetIssuerOrganization(getter_Copies(bOrg));
if (aOrg != nsnull && bOrg != nsnull) {
nsAutoString aStr(aOrg);
cmp1 = aStr.CompareWithConversion(bOrg);
@ -145,17 +145,17 @@ nsCertOutliner::CmpByName(nsIX509Cert *a, nsIX509Cert *b)
return cmp1;
}
// CmpByTok_Org_Name
// CmpByTok_IssuerOrg_Name
//
// Compare two certificates by token name, organization, and common name,
// in that order. Used to sort cert list.
// Compare two certificates by token name, issuer organization,
// and common name, in that order. Used to sort cert list.
PRInt32
nsCertOutliner::CmpByTok_Org_Name(nsIX509Cert *a, nsIX509Cert *b)
nsCertOutliner::CmpByTok_IssuerOrg_Name(nsIX509Cert *a, nsIX509Cert *b)
{
PRInt32 cmp;
cmp = CmpByToken(a, b);
if (cmp != 0) return cmp;
cmp = CmpByOrg(a, b);
cmp = CmpByIssuerOrg(a, b);
if (cmp != 0) return cmp;
return CmpByName(a, b);
}
@ -180,7 +180,7 @@ nsCertOutliner::CountOrganizations()
isupport = dont_AddRef(mCertArray->ElementAt(i));
nextCert = do_QueryInterface(isupport);
if (!(CmpByToken(orgCert, nextCert) == 0 &&
CmpByOrg(orgCert, nextCert) == 0)) {
CmpByIssuerOrg(orgCert, nextCert) == 0)) {
orgCert = nextCert;
orgCount++;
}
@ -263,7 +263,7 @@ nsCertOutliner::LoadCerts(const PRUint32 aType)
nsCOMPtr<nsIX509CertDB> certdb = do_GetService(NS_X509CERTDB_CONTRACTID);
if (certdb == nsnull) return NS_ERROR_FAILURE;
rv = certdb->GetCertsByType(aType,
CmpByTok_Org_Name,
CmpByTok_IssuerOrg_Name,
getter_AddRefs(mCertArray));
if (NS_FAILED(rv)) return rv;
PRUint32 count;
@ -276,14 +276,14 @@ nsCertOutliner::LoadCerts(const PRUint32 aType)
nsCOMPtr<nsISupports> isupport = dont_AddRef(mCertArray->ElementAt(j));
nsCOMPtr<nsIX509Cert> orgCert = do_QueryInterface(isupport);
for (PRInt32 i=0; i<mNumOrgs; i++) {
orgCert->GetOrganization(&mOutlinerArray[i].orgName);
orgCert->GetIssuerOrganization(&mOutlinerArray[i].orgName);
mOutlinerArray[i].open = PR_TRUE;
mOutlinerArray[i].certIndex = j;
mOutlinerArray[i].numChildren = 1;
if (++j >= count) break;
isupport = dont_AddRef(mCertArray->ElementAt(j));
nsCOMPtr<nsIX509Cert> nextCert = do_QueryInterface(isupport);
while (CmpByOrg(orgCert, nextCert) == 0) {
while (CmpByIssuerOrg(orgCert, nextCert) == 0) {
mOutlinerArray[i].numChildren++;
if (++j >= count) break;
isupport = dont_AddRef(mCertArray->ElementAt(j));

4
security/manager/ssl/src/nsCertTree.h
Просмотреть файл

@ -58,9 +58,9 @@ public:
protected:
static PRInt32 CmpByToken(nsIX509Cert *a, nsIX509Cert *b);
static PRInt32 CmpByOrg(nsIX509Cert *a, nsIX509Cert *b);
static PRInt32 CmpByIssuerOrg(nsIX509Cert *a, nsIX509Cert *b);
static PRInt32 CmpByName(nsIX509Cert *a, nsIX509Cert *b);
static PRInt32 CmpByTok_Org_Name(nsIX509Cert *a, nsIX509Cert *b);
static PRInt32 CmpByTok_IssuerOrg_Name(nsIX509Cert *a, nsIX509Cert *b);
PRInt32 CountOrganizations();
private:

36
security/manager/ssl/src/nsNSSCertificate.cpp
Просмотреть файл

@ -32,7 +32,7 @@
* may use your version of this file under either the MPL or the
* GPL.
*
* $Id: nsNSSCertificate.cpp,v 1.23 2001/05/15 17:35:33 ddrinan%netscape.com Exp $
* $Id: nsNSSCertificate.cpp,v 1.24 2001/05/15 19:12:44 mcgreer%netscape.com Exp $
*/
#include "prmem.h"
@ -597,6 +597,40 @@ nsNSSCertificate::GetOrganization(PRUnichar **aOrganization)
return NS_OK;
}
NS_IMETHODIMP
nsNSSCertificate::GetIssuerOrganization(PRUnichar **aOrganization)
{
NS_ENSURE_ARG(aOrganization);
if (mIssuerOrg.Length() == 0) {
PRBool failed = PR_TRUE;
CERTCertificate *issuer;
issuer = CERT_FindCertIssuer(mCert, PR_Now(), certUsageSSLClient);
if (issuer) {
char *org = CERT_GetOrgName(&issuer->subject);
if (org) {
mIssuerOrg = NS_ConvertASCIItoUCS2(org);
failed = PR_FALSE;
}
}
if (failed) {
nsresult rv;
nsCOMPtr<nsINSSComponent> nssComponent(
do_GetService(kNSSComponentCID, &rv));
if (NS_FAILED(rv)) return rv;
if (!issuer) {
rv = nssComponent->GetPIPNSSBundleString(
NS_LITERAL_STRING("UnknownCertIssuer").get(), mIssuerOrg);
} else { /* !org */
rv = nssComponent->GetPIPNSSBundleString(
NS_LITERAL_STRING("UnknownCertOrg").get(), mIssuerOrg);
}
if (NS_FAILED(rv)) return rv;
}
}
*aOrganization = mIssuerOrg.ToNewUnicode();
return NS_OK;
}
NS_IMETHODIMP
nsNSSCertificate::GetOrganizationalUnit(PRUnichar **aOrganizationalUnit)
{

1
security/manager/ssl/src/nsNSSCertificate.h
Просмотреть файл

@ -61,6 +61,7 @@ public:
private:
CERTCertificate *mCert;
nsString mIssuerOrg;
nsCOMPtr<nsIASN1Object> mASN1Structure;
nsresult CreateASN1Struct();
nsresult CreateTBSCertificateASN1Struct(nsIASN1Sequence **retSequence,