mozilla
/
pjs
зеркало из https://github.com/mozilla/pjs.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

more cert manager functionality 

* list mine and websites certs
* show cert chain in view cert
* show O and OU in view cert
This commit is contained in:
mcgreer%netscape.com 2001-03-13 16:20:54 +00:00
Родитель ac08731b0b
Коммит 2d117860b4
14 изменённых файлов: 437 добавлений и 218 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

13
security/manager/pki/resources/content/CAOverlay.xul
Просмотреть файл

@ -32,11 +32,12 @@
xmlns:cert="http://netscape.com/rdf-cert#"
xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul">
<box id="CACerts" orient="vertical" flex="0" height="100">
<tree id="treeset" debug="false" flex="0"
<box id="CACerts" orient="vertical">
<tree id="ca_treeset" debug="false" flex="0" multiple="true"
height="100" onselect="enableButtons()">
<treecolgroup>
<treecol flex="1"/>
<treecol collapsed="true" flex="1"/>
</treecolgroup>
<treechildren>
<treeitem container="true" open="true" flex="1">
@ -44,7 +45,8 @@
<treehead>
-->
<treerow>
<treecell value="&certmgr.builtinstab;" flex="1"/>
<treecell value="&certmgr.ca.builtins;" flex="1"/>
<treecell collapsed="true" flex="1"/>
</treerow>
<!--
</treehead>
@ -56,7 +58,8 @@
<treehead>
-->
<treerow>
<treecell value="&certmgr.mycastab;" flex="1"/>
<treecell value="&certmgr.ca.mycas;" flex="1"/>
<treecell collapsed="true" flex="1"/>
</treerow>
<!--
</treehead>
@ -65,6 +68,7 @@
</treeitem>
</treechildren>
</tree>
<!--
<box orient="horizontal">
<button id="viewButton" class="normal"
value="&certmgr.view.label;" orient="horizontal"
@ -79,5 +83,6 @@
value="&certmgr.add.label;" orient="horizontal"
disabled="true" onclick="deleteCerts();"/>
</box>
-->
</box>
</overlay>

47
security/manager/pki/resources/content/MineOverlay.xul Normal file
Просмотреть файл

@ -0,0 +1,47 @@
<?xml version="1.0"?>
<!--
- The contents of this file are subject to the Mozilla Public
- License Version 1.1 (the "License"); you may not use this file
- except in compliance with the License. You may obtain a copy of
- the License at http://www.mozilla.org/MPL/
-
- Software distributed under the License is distributed on an "AS
- IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- implied. See the License for the specific language governing
- rights and limitations under the License.
-
- The Original Code is mozilla.org code.
-
- The Initial Developer of the Original Code is Netscape
- Communications Corp. Portions created by Netscape are
- Copyright (C) 2001 Netscape Communications Corp. All
- Rights Reserved.
-
- Contributor(s):
- Bob Lord <lord@netscape.com>
- Ian McGreer <mcgreer@netscape.com>
-->
<?xml-stylesheet href="chrome://global/skin/" type="text/css"?>
<!DOCTYPE window SYSTEM "chrome://pippki/locale/certManager.dtd">
<overlay id="MineOverlay"
xmlns:html="http://www.w3.org/1999/xhtml"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
xmlns:cert="http://netscape.com/rdf-cert#"
xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul">
<box id="myCerts" orient="vertical">
<box><html>&certmgr.mine;</html></box>
<separator class="thin"/>
<tree id="mine_treeset" debug="false" flex="0" multiple="true"
height="100" onselect="enableButtons()">
<treecolgroup>
<treecol flex="1"/>
<treecol collapsed="true" flex="1"/>
</treecolgroup>
<treechildren id="mine" flex="1" />
</tree>
</box>
</overlay>

47
security/manager/pki/resources/content/WebSitesOverlay.xul Normal file
Просмотреть файл

@ -0,0 +1,47 @@
<?xml version="1.0"?>
<!--
- The contents of this file are subject to the Mozilla Public
- License Version 1.1 (the "License"); you may not use this file
- except in compliance with the License. You may obtain a copy of
- the License at http://www.mozilla.org/MPL/
-
- Software distributed under the License is distributed on an "AS
- IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- implied. See the License for the specific language governing
- rights and limitations under the License.
-
- The Original Code is mozilla.org code.
-
- The Initial Developer of the Original Code is Netscape
- Communications Corp. Portions created by Netscape are
- Copyright (C) 2001 Netscape Communications Corp. All
- Rights Reserved.
-
- Contributor(s):
- Bob Lord <lord@netscape.com>
- Ian McGreer <mcgreer@netscape.com>
-->
<?xml-stylesheet href="chrome://global/skin/" type="text/css"?>
<!DOCTYPE window SYSTEM "chrome://pippki/locale/certManager.dtd">
<overlay id="WebSitesOverlay"
xmlns:html="http://www.w3.org/1999/xhtml"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
xmlns:cert="http://netscape.com/rdf-cert#"
xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul">
<box id="webCerts" orient="vertical">
<box><html>&certmgr.websites;</html></box>
<separator class="thin"/>
<tree id="websites_treeset" debug="false" flex="0" multiple="true"
height="100" onselect="enableButtons()">
<treecolgroup>
<treecol flex="1"/>
<treecol collapsed="true" flex="1"/>
</treecolgroup>
<treechildren id="servers" flex="1" />
</tree>
</box>
</overlay>

135
security/manager/pki/resources/content/certManager.js
Просмотреть файл

@ -21,6 +21,31 @@
* Ian McGreer <mcgreer@netscape.com>
*/
var selected_certs = [];
var certmgr;
function getSelectedCerts()
{
var mine_tab = document.getElementById("mine_tab");
//var others_tab = document.getElementById("others_tab");
var websites_tab = document.getElementById("websites_tab");
var tree = document.getElementById('ca_treeset');
if (mine_tab.selected) {
tree = document.getElementById('mine_treeset');
} else if (websites_tab.selected) {
tree = document.getElementById('websites_treeset');
}
var items = tree.selectedItems;
if (items.length > 0) {
selected_certs = [];
for (var t=0; t<items.length; t++) {
var tokenName = items[t].firstChild.lastChild.getAttribute('value');
var certName = items[t].firstChild.firstChild.getAttribute('value');
selected_certs[selected_certs.length] = [tokenName, certName];
}
}
}
function AddItem(children, cells, prefix, idfier)
{
var kids = document.getElementById(children);
@ -37,6 +62,45 @@ function AddItem(children, cells, prefix, idfier)
kids.appendChild(item);
}
function AddNameWithToken(children, cells, prefix, idfier)
{
var kids = document.getElementById(children);
var item = document.createElement("treeitem");
var row = document.createElement("treerow");
for (var i=0; i<2; i++) {
var cell = document.createElement("treecell");
cell.setAttribute("class", "propertylist");
cell.setAttribute("value", cells[i]);
if (i==1) {
cell.setAttribute("collapsed", "true");
}
row.appendChild(cell);
}
item.appendChild(row);
item.setAttribute("id", prefix + idfier);
kids.appendChild(item);
}
function GetNameList(type, node)
{
certNameList = certmgr.getCertNicknames(type);
if (certNameList.length > 0) {
var delim = certNameList[0];
certNameList = certNameList.split(delim);
certNameList.sort();
}
for (var i=1; i<certNameList.length; i++) {
var certname = certNameList[i];
var ti = certname.indexOf(":");
var token = "";
if (ti > 0) {
token = certname.substring(0, ti);
certname = certname.substring(ti+1, certname.length);
}
AddNameWithToken(node, [certname, token], node + "_", i);
}
}
function LoadCertNames()
{
certmgr = Components
@ -54,7 +118,6 @@ function LoadCertNames()
var nb = 0;
var nm = 0;
for (var i=1; i<certNameList.length; i++) {
var certname = certNameList[i];
var certname = certNameList[i];
var ti = certname.indexOf(":");
var token = "";
@ -63,27 +126,35 @@ function LoadCertNames()
certname = certname.substring(ti+1, certname.length);
}
if (token == "Builtin Object Token") {
AddItem("builtins", [certname], "builtin_", nb);
AddNameWithToken("builtins", [certname, token], "builtin_", nb);
nb++;
} else {
AddItem("mycas", [certname], "myca_", nm);
AddNameWithToken("mycas", [certname, token], "myca_", nm);
nm++;
}
}
GetNameList(8, "servers");
GetNameList(2, "mine");
}
function enableButtons()
{
var tree = document.getElementById('treeset');
var mine_tab = document.getElementById("mine_tab");
//var others_tab = document.getElementById("others_tab");
var websites_tab = document.getElementById("websites_tab");
var tree = document.getElementById('ca_treeset');
if (mine_tab.selected) {
tree = document.getElementById('mine_treeset');
} else if (websites_tab.selected) {
tree = document.getElementById('websites_treeset');
}
var items = tree.selectedItems;
var toggle="true";
var toggle="false";
if (items.length == 0) {
toggle="true";
} else {
toggle="false";
}
/*
var enablebackupbutton=document.getElementById('backupButton');
va enablebackupbutton=document.getElementById('backupButton');
enablebackupbutton.setAttribute("disabled",toggle);
*/
var enableViewButton=document.getElementById('viewButton');
@ -116,40 +187,36 @@ function doBackupAll()
doBackup();
}
function changePassword()
{
// window.open("changepassword.xul","pwchange", "chrome,width=300,height=350,resizable=0,modal=1,dialog=1");
}
function deleteCerts()
{
var tree = document.getElementById('treeset');
var items = tree.selectedItems;
if (items.length == 0) alert("No items are selected.");
else {
txt = "You want to delete these certificates:\n\n";
for (t=0; t<items.length; t++){
txt+=items[t].firstChild.firstChild.getAttribute('value')+'\n';
getSelectedCerts();
var windowName = "";
for (var t=0; t<selected_certs.length; t++) {
if (selected_certs[t][0]) { // token name
windowName = selected_certs[t].join(":");
} else {
windowName = selected_certs[t][1];
}
alert(txt);
window.open('chrome://pippki/content/deleteCert.xul', windowName,
'chrome,width=500,height=400,resizable=1');
}
}
function viewCerts()
{
var tree = document.getElementById('treeset');
var items = tree.selectedItems;
if (items.length == 0) {
alert("No items are selected.");
return;
} else {
for (t=0; t<items.length; t++){
windowName=items[t].firstChild.firstChild.getAttribute('value');
window.open('chrome://pippki/content/viewCertDetails.xul',
windowName,
'chrome,width=500,height=400,resizable=1');
getSelectedCerts();
var windowName = "";
for (var t=0; t<selected_certs.length; t++) {
if (selected_certs[t][0]) { // token name
windowName = selected_certs[t].join(":");
} else {
windowName = selected_certs[t][1];
}
window.open('chrome://pippki/content/viewCertDetails.xul', windowName,
'chrome,width=500,height=400,resizable=1');
}
}
function addCerts()
{
}

36
security/manager/pki/resources/content/certManager.xul
Просмотреть файл

@ -25,11 +25,11 @@
<?xml-stylesheet href="chrome://global/skin/" type="text/css"?>
<?xul-overlay href="chrome://global/content/dialogOverlay.xul"?>
<?xul-overlay href="MineOverlay.xul"?>
<!-- XXX
<?xul-overlay href="mycertsOverlay.xul"?>
<?xul-overlay href="othercertsOverlay.xul"?>
<?xul-overlay href="webcertsOverlay.xul"?>
-->
<?xul-overlay href="chrome://pippki/content/WebSitesOverlay.xul"?>
<?xul-overlay href="chrome://pippki/content/CAOverlay.xul"?>
<!DOCTYPE window SYSTEM "chrome://pippki/locale/certManager.dtd">
@ -44,25 +44,22 @@
<script src="certManager.js"/>
<box orient="horizontal">
<grid flex="1">
<column flex="1"/>
<rows>
<row flex="1">
<tabcontrol flex="0" orient="vertical">
<tabbox orient="horizontal">
<!--
<tab value="My Certificates"/>
<tab value="Other People's Certificates"/>
<tab value="Web Site Certificates"/>
-->
<tab value="&certmgr.catab;" selected="true"/>
<tab id="mine_tab" value="&certmgr.tab.mine;" />
<tab id="others_tab" value="&certmgr.tab.others;" />
<tab id="websites_tab" value="&certmgr.tab.websites;" />
<tab id="ca_tab" value="&certmgr.tab.ca;" selected="true"/>
</tabbox>
<tabpanel flex="1">
<!--
<box id="myCerts" flex="1"/>
<box id="othersCerts" flex="1"/>
<box id="webCerts"/>
-->
<box id="webCerts" flex="1"/>
<box id="CACerts" flex="1"/>
</tabpanel>
</tabcontrol>
@ -81,5 +78,22 @@
</row>
</rows>
</grid>
<box orient="vertical">
<button id="viewButton" class="normal"
value="&certmgr.view.label;" orient="horizontal"
disabled="true" onclick="viewCerts();"/>
<!--
<button id="editButton" class="normal"
value="&certmgr.edit.label;" orient="horizontal"
disabled="true" onclick="viewCerts();"/>
-->
<button id="deleteButton" class="normal"
value="&certmgr.delete.label;" orient="horizontal"
disabled="true" onclick="deleteCerts();"/>
<button id="addButton" class="normal"
value="&certmgr.add.label;" orient="horizontal"
onclick="addCerts();"/>
</box>
</box>
</window>

93
security/manager/pki/resources/content/viewCertDetails.js
Просмотреть файл

@ -21,28 +21,91 @@
* Ian McGreer <mcgreer@netscape.com>
*/
const nsIX509Cert = Components.interfaces.nsIX509Cert;
const nsX509CertDB = "@mozilla.org/security/x509certdb;1";
const nsIX509CertDB = Components.interfaces.nsIX509CertDB;
const nsPK11TokenDB = "thayes@netscape.com/pk11tokendb;1";
const nsIPK11TokenDB = Components.interfaces.nsIPK11TokenDB;
function AddCertChain(node, chain)
{
var idfier = "chain_";
var child = [document.getElementById(node)];
var item = document.createElement("treeitem");
item.setAttribute("id", idfier + "0");
item.setAttribute("container", "true");
item.setAttribute("open", "true");
var items = [item];
var rows = [document.createElement("treerow")];
var cell = document.createElement("treecell");
cell.setAttribute("class", "treecell-indent");
cell.setAttribute("value", chain[0]);
var cells = [cell];
for (var i=1; i<chain.length; i++) {
child[i] = items[i-1];
item = document.createElement("treeitem");
item.setAttribute("id", idfier + i);
item.setAttribute("container", "true");
items[i] = item;
rows[i] = document.createElement("treerow");
cell = document.createElement("treecell");
cell.setAttribute("class", "treecell-indent");
cell.setAttribute("value", chain[i]);
cells[i] = cell;
}
for (i=chain.length-1; i>=0; i--) {
rows[i].appendChild(cells[i]);
items[i].appendChild(rows[i]);
child[i].appendChild(items[i]);
}
}
function setWindowName()
{
myName = self.name;
// alert(myName);
var windowReference=document.getElementById('certDetails');
windowReference.setAttribute("title","Certificate Detail: "+myName);
windowReference.setAttribute("title","Certificate Detail: \""+myName+"\"");
certmgr = Components
.classes["@mozilla.org/security/certmanager;1"]
.createInstance();
certmgr = certmgr.QueryInterface(Components
.interfaces
.nsICertificateManager);
// Get the token
// XXX ignore this for now. NSS will find the cert on a token
// by "tokenname:certname", which is what we have.
//var tokenName = "";
//var pk11db = Components.classes[nsPK11TokenDB].getService(nsIPK11TokenDB);
//var token = pk11db.findTokenByName(tokenName);
cnstr = certmgr.getCertCN(myName);
// Get the cert from the cert database
var certdb = Components.classes[nsX509CertDB].getService(nsIX509CertDB);
//var cert = certdb.getCertByNickname(token, myName);
var cert = certdb.getCertByNickname(null, myName);
//
// Set the cert attributes for viewing
//
// The chain of trust
var chainEnum = cert.getChain();
chainEnum.first();
var c = 0;
var chain = [];
try {
while (true) {
var node = chainEnum.currentItem();
node = node.QueryInterface(nsIX509Cert);
chain[c++] = node.commonName;
chainEnum.next();
}
} catch (e) {}
AddCertChain("chain", chain.reverse());
// Common Name
var cn=document.getElementById('commonname');
cn.setAttribute("value", cnstr);
// for now
orgstr = certmgr.getCertCN(myName);
cn.setAttribute("value", cert.commonName);
// Organization
var org=document.getElementById('organization');
org.setAttribute("value", orgstr);
oustr = certmgr.getCertCN(myName);
org.setAttribute("value", cert.organization);
// Organizational Unit
var ou=document.getElementById('orgunit');
ou.setAttribute("value", oustr);
ou.setAttribute("value", cert.organizationalUnit);
}

9
security/manager/pki/resources/content/viewCertDetails.xul
Просмотреть файл

@ -40,10 +40,12 @@
<box orient="vertical" flex="1">
<box flex="0" height="100">
<tree id="CADetailTreeSet" debug="false" width="500" flex="1">
<treecols flex="1">
<tree id="treeset" debug="false" width="500" flex="1">
<treecolgroup flex="1">
<treecol flex="1"/>
</treecols>
</treecolgroup>
<treechildren id="chain" flex="1" />
<!--
<treechildren flex="1">
<treeitem container="true" open="true">
<treerow style="border-top: 1px solid black">
@ -66,6 +68,7 @@
</treechildren>
</treeitem>
</treechildren>
-->
</tree>
</box>
<box>

2
security/manager/pki/resources/jar.mn
Просмотреть файл

@ -14,6 +14,8 @@ pippki.jar:
content/pippki/certManager.js (content/certManager.js)
content/pippki/certManager.xul (content/certManager.xul)
content/pippki/CAOverlay.xul (content/CAOverlay.xul)
content/pippki/WebSitesOverlay.xul (content/WebSitesOverlay.xul)
content/pippki/MineOverlay.xul (content/MineOverlay.xul)
content/pippki/viewCertDetails.xul (content/viewCertDetails.xul)
content/pippki/viewCertDetails.js (content/viewCertDetails.js)
content/pippki/pippki.js (content/pippki.js)

14
security/manager/pki/resources/locale/en-US/certManager.dtd
Просмотреть файл

@ -22,9 +22,17 @@
<!ENTITY certmgr.title "Certificate Manager">
<!ENTITY certmgr.catab "CA Certificates">
<!ENTITY certmgr.builtinstab "Built-in CAs">
<!ENTITY certmgr.mycastab "CAs Managed By You">
<!ENTITY certmgr.tab.mine "My Certificates">
<!ENTITY certmgr.tab.others "Other People's Certificates">
<!ENTITY certmgr.tab.websites "Web Site Certificates">
<!ENTITY certmgr.tab.ca "CA Certificates">
<!ENTITY certmgr.ca.builtins "Built-in CAs">
<!ENTITY certmgr.ca.mycas "CAs Managed By You">
<!ENTITY certmgr.websites "You have certificates on file for these web sites:">
<!ENTITY certmgr.mine "These are your certificates:">
<!ENTITY certmgr.certdetail.title "Certificate Detail">
<!ENTITY certmgr.certdetail.cn "Common Name (CN)">

85
security/manager/pki/src/nsCertificateManager.cpp
Просмотреть файл

@ -1,85 +0,0 @@
/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is mozilla.org code.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 2001 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
* Ian McGreer <mcgreer@netscape.com>
*/
#include "nsIServiceManager.h"
#include "nsIX509CertDB.h"
#include "nsCertificateManager.h"
#include "prlog.h"
#ifdef PR_LOGGING
PRLogModuleInfo* gPIPPKILog = nsnull;
#endif
static NS_DEFINE_IID(kCertDBCID, NS_X509CERTDB_CID);
nsCertificateManager::nsCertificateManager()
{
NS_INIT_REFCNT();
#ifdef PR_LOGGING
if (!gPIPPKILog)
gPIPPKILog = PR_NewLogModule("pippki");
#endif
}
nsCertificateManager::~nsCertificateManager()
{
}
NS_IMPL_ISUPPORTS(nsCertificateManager, NS_GET_IID(nsICertificateManager));
NS_IMETHODIMP
nsCertificateManager::GetCertNicknames(PRUint32 type,
PRUnichar **_rNameList)
{
nsresult rv;
nsAutoString nameList;
PR_LOG(gPIPPKILog, PR_LOG_ERROR, ("getting certdb service\n"));
NS_WITH_SERVICE(nsIX509CertDB, certdb, kCertDBCID, &rv);
if (NS_FAILED(rv)) return rv;
PR_LOG(gPIPPKILog, PR_LOG_ERROR, ("getting cert names\n"));
rv = certdb->GetCertificateNames(nsnull, nsIX509Cert::CA_CERT, nameList);
if (NS_SUCCEEDED(rv)) {
PR_LOG(gPIPPKILog, PR_LOG_ERROR, ("converting unicode\n"));
*_rNameList = nameList.ToNewUnicode();
}
return rv;
}
// wstring getCertCN(in string nickname);
NS_IMETHODIMP
nsCertificateManager::GetCertCN(const char *nickname,
PRUnichar **_rvCN)
{
nsresult rv;
nsIX509Cert *cert;
PR_LOG(gPIPPKILog, PR_LOG_ERROR, ("getting certdb service\n"));
NS_WITH_SERVICE(nsIX509CertDB, certdb, kCertDBCID, &rv);
if (NS_FAILED(rv)) return rv;
PR_LOG(gPIPPKILog, PR_LOG_ERROR, ("getting cert %s\n", nickname));
rv = certdb->GetCertByName(nsnull, nickname, &cert);
if (NS_SUCCEEDED(rv)) {
PR_LOG(gPIPPKILog, PR_LOG_ERROR, ("converting unicode\n"));
rv = cert->GetCommonName(_rvCN);
}
return rv;
}

46
security/manager/ssl/public/nsICertificateManager.idl
Просмотреть файл

@ -1,46 +0,0 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is mozilla.org code.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 2001 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
* Ian McGreer <mcgreer@netscape.com>
*/
#include "nsISupports.idl"
#include "nsIX509Cert.idl"
/**
* nsICertificateManager
* This is the interface for the certificate manager
*/
[scriptable, uuid(246ec570-11aa-11d5-ac66-000064657374)]
interface nsICertificateManager : nsISupports
{
wstring getCertNicknames(in unsigned long type);
wstring getCertCN(in string nickname);
};
%{C++
// 246ec570-11aa-11d5-ac66-000064657374
#define NS_CERTIFICATEMANAGER_CID \
{ 0x246ec570, 0x11aa, 0x11d5, {0xac, 0x66, 0x00, 0x00, 0x64, 0x65, 0x73, 0x74} }
#define NS_CERTIFICATEMANAGER_CONTRACTID "@mozilla.org/security/certmanager;1"
%}

9
security/manager/ssl/public/nsIX509Cert.idl
Просмотреть файл

@ -34,6 +34,7 @@
*/
#include "nsISupports.idl"
#include "nsIEnumerator.idl"
[scriptable, uuid(e701dfd8-1dd1-11b2-a172-ffa6cc6156ad)]
interface nsIX509CertValidity : nsISupports {
@ -48,6 +49,8 @@ interface nsIX509Cert : nsISupports {
* attributes for certs
*/
readonly attribute wstring commonName;
readonly attribute wstring organization;
readonly attribute wstring organizationalUnit;
readonly attribute nsIX509CertValidity validity;
@ -68,6 +71,12 @@ interface nsIX509Cert : nsISupports {
/*
* accessors for certs
*/
nsIEnumerator getChain();
/*
void getChain(out PRUint32 count,
[retval, array, size_is(count)] out nsIX509Cert chain);
*/
[noscript] unsigned long getRawDER(out charPtr result);
};

4
security/manager/ssl/public/nsIX509CertDB.idl
Просмотреть файл

@ -49,8 +49,8 @@ native nsAutoString(nsAutoString);
interface nsIX509CertDB : nsISupports {
[noscript] nsIX509Cert getCertByName(in nsIPK11Token aToken,
in string aNickname);
nsIX509Cert getCertByNickname(in nsIPK11Token aToken,
in wstring aNickname);
/*
* getCertificateList

115
security/manager/ssl/src/nsNSSCertificate.cpp
Просмотреть файл

@ -32,12 +32,13 @@
* may use your version of this file under either the MPL or the
* GPL.
*
* $Id: nsNSSCertificate.cpp,v 1.6 2001-03-13 00:22:13 javi%netscape.com Exp $
* $Id: nsNSSCertificate.cpp,v 1.7 2001-03-13 16:20:54 mcgreer%netscape.com Exp $
*/
#include "prmem.h"
#include "nsCOMPtr.h"
#include "nsISupportsArray.h"
#include "nsNSSCertificate.h"
#include "nsIX509Cert.h"
#include "nsString.h"
@ -479,6 +480,71 @@ nsNSSCertificate::GetCommonName(PRUnichar **aCommonName)
return NS_OK;
}
NS_IMETHODIMP
nsNSSCertificate::GetOrganization(PRUnichar **aOrganization)
{
NS_ENSURE_ARG(aOrganization);
*aOrganization = nsnull;
if (mCert) {
char *organization = CERT_GetOrgName(&mCert->subject);
if (organization) {
nsAutoString org = NS_ConvertASCIItoUCS2(organization);
*aOrganization = org.ToNewUnicode();
}
}
return NS_OK;
}
NS_IMETHODIMP
nsNSSCertificate::GetOrganizationalUnit(PRUnichar **aOrganizationalUnit)
{
NS_ENSURE_ARG(aOrganizationalUnit);
*aOrganizationalUnit = nsnull;
if (mCert) {
char *orgunit = CERT_GetOrgUnitName(&mCert->subject);
if (orgunit) {
nsAutoString ou = NS_ConvertASCIItoUCS2(orgunit);
*aOrganizationalUnit = ou.ToNewUnicode();
}
}
return NS_OK;
}
/*
* nsIEnumerator getChain();
*/
NS_IMETHODIMP
nsNSSCertificate::GetChain(nsIEnumerator **_rvChain)
{
nsresult rv;
CERTCertListNode *node;
nsIX509Cert **chain;
/* Get the cert chain from NSS */
CERTCertList *nssChain;
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("Getting chain for \"%s\"\n", mCert->nickname));
nssChain = CERT_GetCertChainFromCert(mCert, PR_Now(), certUsageSSLClient);
if (!nssChain)
return NS_ERROR_FAILURE;
/* enumerate the chain for scripting purposes */
nsCOMPtr<nsISupportsArray> array;
rv = NS_NewISupportsArray(getter_AddRefs(array));
if (NS_FAILED(rv)) {
goto done;
}
for (node = CERT_LIST_HEAD(nssChain);
!CERT_LIST_END(node, nssChain);
node = CERT_LIST_NEXT(node)) {
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("adding %s to chain\n", node->cert->nickname));
nsCOMPtr<nsIX509Cert> cert = new nsNSSCertificate(node->cert);
array->AppendElement(cert);
}
rv = array->Enumerate(_rvChain);
done:
if (nssChain)
CERT_DestroyCertList(nssChain);
return rv;
}
/* [noscript] long getRawDER (out charPtr result) */
NS_IMETHODIMP
nsNSSCertificate::GetRawDER(char **result, PRUint32 *_retval)
@ -524,26 +590,39 @@ nsNSSCertificateDB::~nsNSSCertificateDB()
{
}
/* [noscript] nsIX509Cert getCertByName(in nsIPK11Token aToken,
* in string aNickname);
/* nsIX509Cert getCertByNickname(in nsIPK11Token aToken,
* in wstring aNickname);
*/
NS_IMETHODIMP
nsNSSCertificateDB::GetCertByName(nsIPK11Token *aToken,
const char *nickname,
nsIX509Cert **_rvCert)
nsNSSCertificateDB::GetCertByNickname(nsIPK11Token *aToken,
const PRUnichar *nickname,
nsIX509Cert **_rvCert)
{
CERTCertificate *cert = NULL;
nsCOMPtr<nsIX509Cert> pCert = nsnull;
char *foo = PL_strdup(nickname);
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("Getting \"%s\"\n", foo));
cert = CERT_FindCertByNickname(CERT_GetDefaultCertDB(), foo);
char *asciiname = NULL;
asciiname = NS_ConvertUCS2toUTF8(nickname);
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("Getting \"%s\"\n", asciiname));
#if 0
// what it should be, but for now...
if (aToken) {
cert = PK11_FindCertFromNickname(asciiname, NULL);
} else {
cert = CERT_FindCertByNickname(CERT_GetDefaultCertDB(), asciiname);
}
#endif
cert = PK11_FindCertFromNickname(asciiname, NULL);
if (!cert) {
cert = CERT_FindCertByNickname(CERT_GetDefaultCertDB(), asciiname);
}
if (cert) {
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("got it\n"));
pCert = new nsNSSCertificate(cert);
nsCOMPtr<nsIX509Cert> pCert = new nsNSSCertificate(cert);
*_rvCert = pCert;
NS_ADDREF(*_rvCert);
return NS_OK;
}
*_rvCert = pCert;
NS_ADDREF(*_rvCert);
return NS_OK;
*_rvCert = nsnull;
return NS_ERROR_FAILURE;
}
/* [noscript] void getCertificateNames(in nsIPK11Token aToken,
@ -561,9 +640,13 @@ nsNSSCertificateDB::GetCertificateNames(nsIPK11Token *aToken,
*/
CERTCertList *certList = NULL;
PK11CertListType pk11type;
#if 0
// this would seem right, but it didn't work...
// oh, I know why - bonks out on internal slot certs
if (aType == nsIX509Cert::USER_CERT)
pk11type = PK11CertListUser;
else
#endif
pk11type = PK11CertListUnique;
certList = PK11_ListCerts(pk11type, NULL);
if (!certList)
@ -656,7 +739,7 @@ nsNSSCertificateDB::getCertNames(CERTCertList *certList,
{
CERTCertListNode *node;
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("List of certs:\n"));
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("List of certs %d:\n", type));
for (node = CERT_LIST_HEAD(certList);
!CERT_LIST_END(node, certList);
node = CERT_LIST_NEXT(node)) {
@ -669,6 +752,8 @@ nsNSSCertificateDB::getCertNames(CERTCertList *certList,
}
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("%s\n", node->cert->nickname));
}
if (type == nsIX509Cert::USER_CERT)
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("%s\n", node->cert->nickname));
}
}