зеркало из https://github.com/mozilla/pjs.git
Checkin for bug #75123. Improves the cert manager to make it look more like the mock-up. Implementation of nsIOutlinerView to improve cert listings.
r=javi, sr=blizzard
This commit is contained in:
Родитель
c6ee9c8192
Коммит
31c82812d4
|
@ -35,9 +35,13 @@
|
||||||
<box id="CACerts" orient="vertical">
|
<box id="CACerts" orient="vertical">
|
||||||
<outliner id="ca-outliner" multiple="true"
|
<outliner id="ca-outliner" multiple="true"
|
||||||
onselect="ca_enableButtons()" flex="1">
|
onselect="ca_enableButtons()" flex="1">
|
||||||
<outlinercol id="certcol" label="&certmgr.certname;" flex="1"/>
|
<outlinercol id="certcol" label="&certmgr.certname;" primary="true"
|
||||||
<splitter/>
|
class="outlinercol-header outlinercell-inset-header"
|
||||||
<outlinercol id="tokencol" label="&certmgr.tokenname;" flex="1"/>
|
flex="1"/>
|
||||||
|
<splitter class="tree-splitter"/>
|
||||||
|
<outlinercol id="tokencol" label="&certmgr.tokenname;"
|
||||||
|
class="outlinercol-header outlinercell-inset-header"
|
||||||
|
flex="1"/>
|
||||||
<outlinercol id="certdbkeycol" collapsed="true" flex="1"/>
|
<outlinercol id="certdbkeycol" collapsed="true" flex="1"/>
|
||||||
<outlinerbody flex="1"/>
|
<outlinerbody flex="1"/>
|
||||||
</outliner>
|
</outliner>
|
||||||
|
|
|
@ -37,9 +37,29 @@
|
||||||
<separator class="thin"/>
|
<separator class="thin"/>
|
||||||
<outliner id="user-outliner" multiple="true"
|
<outliner id="user-outliner" multiple="true"
|
||||||
onselect="mine_enableButtons()" flex="1">
|
onselect="mine_enableButtons()" flex="1">
|
||||||
<outlinercol id="certcol" label="&certmgr.certname;" flex="1"/>
|
<outlinercol id="certcol" label="&certmgr.certname;" primary="true"
|
||||||
<splitter/>
|
class="outlinercol-header outlinercell-inset-header"
|
||||||
<outlinercol id="tokencol" label="&certmgr.tokenname;" flex="1"/>
|
flex="1"/>
|
||||||
|
<splitter class="tree-splitter"/>
|
||||||
|
<outlinercol id="tokencol" label="&certmgr.tokenname;"
|
||||||
|
class="outlinercol-header outlinercell-inset-header"
|
||||||
|
flex="1"/>
|
||||||
|
<splitter class="tree-splitter"/>
|
||||||
|
<outlinercol id="verifiedcol" label="&certmgr.verified;"
|
||||||
|
class="outlinercol-header outlinercell-inset-header"
|
||||||
|
flex="1"/>
|
||||||
|
<splitter class="tree-splitter"/>
|
||||||
|
<outlinercol id="purposecol" label="&certmgr.purpose;"
|
||||||
|
class="outlinercol-header outlinercell-inset-header"
|
||||||
|
flex="1"/>
|
||||||
|
<splitter class="tree-splitter"/>
|
||||||
|
<outlinercol id="issuedcol" label="&certmgr.issued;"
|
||||||
|
class="outlinercol-header outlinercell-inset-header"
|
||||||
|
flex="1"/>
|
||||||
|
<splitter class="tree-splitter"/>
|
||||||
|
<outlinercol id="expiredcol" label="&certmgr.expires;"
|
||||||
|
class="outlinercol-header outlinercell-inset-header"
|
||||||
|
flex="1"/>
|
||||||
<outlinercol id="certdbkeycol" collapsed="true" flex="1"/>
|
<outlinercol id="certdbkeycol" collapsed="true" flex="1"/>
|
||||||
<outlinerbody flex="1"/>
|
<outlinerbody flex="1"/>
|
||||||
</outliner>
|
</outliner>
|
||||||
|
|
|
@ -37,9 +37,13 @@
|
||||||
<separator class="thin"/>
|
<separator class="thin"/>
|
||||||
<outliner id="server-outliner" multiple="true"
|
<outliner id="server-outliner" multiple="true"
|
||||||
onselect="websites_enableButtons()" flex="1">
|
onselect="websites_enableButtons()" flex="1">
|
||||||
<outlinercol id="certcol" label="&certmgr.certname;" flex="1"/>
|
<outlinercol id="certcol" label="&certmgr.certname;" primary="true"
|
||||||
<splitter/>
|
class="outlinercol-header outlinercell-inset-header"
|
||||||
<outlinercol id="tokencol" label="&certmgr.tokenname;" flex="1"/>
|
flex="1"/>
|
||||||
|
<splitter class="tree-splitter"/>
|
||||||
|
<outlinercol id="tokencol" label="&certmgr.tokenname;"
|
||||||
|
class="outlinercol-header outlinercell-inset-header"
|
||||||
|
flex="1"/>
|
||||||
<outlinercol id="certdbkeycol" collapsed="true" flex="1"/>
|
<outlinercol id="certdbkeycol" collapsed="true" flex="1"/>
|
||||||
<outlinerbody flex="1"/>
|
<outlinerbody flex="1"/>
|
||||||
</outliner>
|
</outliner>
|
||||||
|
|
|
@ -26,137 +26,80 @@ const nsFilePicker = "@mozilla.org/filepicker;1";
|
||||||
const nsIX509CertDB = Components.interfaces.nsIX509CertDB;
|
const nsIX509CertDB = Components.interfaces.nsIX509CertDB;
|
||||||
const nsX509CertDB = "@mozilla.org/security/x509certdb;1";
|
const nsX509CertDB = "@mozilla.org/security/x509certdb;1";
|
||||||
const nsIX509Cert = Components.interfaces.nsIX509Cert;
|
const nsIX509Cert = Components.interfaces.nsIX509Cert;
|
||||||
|
const nsICertOutliner = Components.interfaces.nsICertOutliner;
|
||||||
|
const nsCertOutliner = "@mozilla.org/security/nsCertOutliner;1";
|
||||||
|
|
||||||
var selected_certs = [];
|
var selected_certs = [];
|
||||||
var certdb;
|
var certdb;
|
||||||
|
|
||||||
var caCertNameList;
|
var caOutlinerView;
|
||||||
var serverCertNameList;
|
var serverOutlinerView;
|
||||||
//var emailCertNameList;
|
//var emailOutlinerView;
|
||||||
var userCertNameList;
|
var userOutlinerView;
|
||||||
|
|
||||||
var caOutlinerView = {
|
function LoadCerts()
|
||||||
rowCount : 50,
|
{
|
||||||
setOutliner : function(outliner) {},
|
certdb = Components.classes[nsX509CertDB].getService(nsIX509CertDB);
|
||||||
getCellText : function(row, column) {
|
|
||||||
if (row >= caCertNameList.length) return "";
|
|
||||||
var certstuff = caCertNameList[row];
|
|
||||||
var delim = certstuff[0];
|
|
||||||
var certstr = certstuff.split(delim);
|
|
||||||
if (certstr.length < 4) {
|
|
||||||
tokenname = "PSM Certificate Database";
|
|
||||||
certname = certstr[1];
|
|
||||||
certkey = certstr[2];
|
|
||||||
} else {
|
|
||||||
tokenname = certstr[1];
|
|
||||||
certname = certstr[2];
|
|
||||||
certkey = certstr[3];
|
|
||||||
}
|
|
||||||
if (column=="certcol") return certname;
|
|
||||||
else if (column=="tokencol") return tokenname;
|
|
||||||
else return certkey;
|
|
||||||
},
|
|
||||||
getRowProperties : function(row, prop) {},
|
|
||||||
getColumnProperties : function(column, prop) {},
|
|
||||||
getCellProperties : function(cell, prop) {},
|
|
||||||
isContainer : function(index) { return false; }
|
|
||||||
};
|
|
||||||
|
|
||||||
var serverOutlinerView = {
|
caOutlinerView = Components.classes[nsCertOutliner]
|
||||||
rowCount : 10,
|
.createInstance(nsICertOutliner);
|
||||||
setOutliner : function(outliner) {},
|
caOutlinerView.loadCerts(nsIX509Cert.CA_CERT);
|
||||||
getCellText : function(row, column) {
|
document.getElementById('ca-outliner')
|
||||||
if (row >= serverCertNameList.length) return "";
|
.outlinerBoxObject.view = caOutlinerView;
|
||||||
var certstuff = serverCertNameList[row];
|
|
||||||
var delim = certstuff[0];
|
serverOutlinerView = Components.classes[nsCertOutliner]
|
||||||
var certstr = certstuff.split(delim);
|
.createInstance(nsICertOutliner);
|
||||||
if (certstr.length < 4) {
|
serverOutlinerView.loadCerts(nsIX509Cert.SERVER_CERT);
|
||||||
tokenname = "PSM Certificate Database";
|
document.getElementById('server-outliner')
|
||||||
certname = certstr[1];
|
.outlinerBoxObject.view = serverOutlinerView;
|
||||||
certkey = certstr[2];
|
|
||||||
} else {
|
|
||||||
tokenname = certstr[1];
|
|
||||||
certname = certstr[2];
|
|
||||||
certkey = certstr[3];
|
|
||||||
}
|
|
||||||
if (column=="certcol") return certname;
|
|
||||||
else if (column=="tokencol") return tokenname;
|
|
||||||
else return certkey;
|
|
||||||
},
|
|
||||||
getRowProperties : function(row, prop) {},
|
|
||||||
getColumnProperties : function(column, prop) {},
|
|
||||||
getCellProperties : function(cell, prop) {},
|
|
||||||
isContainer : function(index) { return false; }
|
|
||||||
};
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
var emailOutlinerView = {
|
emailOutlinerView = Components.classes[nsCertOutliner]
|
||||||
rowCount : 10,
|
.createInstance(nsICertOutliner);
|
||||||
setOutliner : function(outliner) {},
|
emailOutlinerView.loadCerts(nsIX509Cert.EMAIL_CERT);
|
||||||
getCellText : function(row, column) {
|
document.getElementById('email-outliner')
|
||||||
if (row >= emailCertNameList.length) return "";
|
.outlinerBoxObject.view = emailOutlinerView;
|
||||||
var certname = emailCertertNameList[row];
|
|
||||||
var ti = certname.indexOf(":");
|
|
||||||
var tokenname = "PSM Certificate Database";
|
|
||||||
if (ti > 0) {
|
|
||||||
tokenname = certname.substring(0, ti);
|
|
||||||
certname = certname.substring(ti+1, certname.length);
|
|
||||||
}
|
|
||||||
var ki = certname.indexOf(1);
|
|
||||||
var keystr = certname.substring(ki+1, certname.length);
|
|
||||||
certname = certname.substring(0, ki);
|
|
||||||
if (column=="certcol") return certname;
|
|
||||||
else if (column=="tokencol") return tokenname;
|
|
||||||
else return keystr;
|
|
||||||
},
|
|
||||||
getRowProperties : function(row, prop) {},
|
|
||||||
getColumnProperties : function(column, prop) {},
|
|
||||||
getCellProperties : function(cell, prop) {},
|
|
||||||
isContainer : function(index) { return false; }
|
|
||||||
};
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
var userOutlinerView = {
|
userOutlinerView = Components.classes[nsCertOutliner]
|
||||||
rowCount : 10,
|
.createInstance(nsICertOutliner);
|
||||||
setOutliner : function(outliner) {},
|
userOutlinerView.loadCerts(nsIX509Cert.USER_CERT);
|
||||||
getCellText : function(row, column) {
|
document.getElementById('user-outliner')
|
||||||
if (row >= userCertNameList.length) return "";
|
.outlinerBoxObject.view = userOutlinerView;
|
||||||
var certstuff = userCertNameList[row];
|
|
||||||
var delim = certstuff[0];
|
}
|
||||||
var certstr = certstuff.split(delim);
|
|
||||||
if (certstr.length < 4) {
|
function ReloadCerts()
|
||||||
tokenname = "PSM Certificate Database";
|
{
|
||||||
certname = certstr[1];
|
caOutlinerView.loadCerts(nsIX509Cert.CA_CERT);
|
||||||
certkey = certstr[2];
|
serverOutlinerView.loadCerts(nsIX509Cert.SERVER_CERT);
|
||||||
} else {
|
//emailOutlinerView.loadCerts(nsIX509Cert.EMAIL_CERT);
|
||||||
tokenname = certstr[1];
|
userOutlinerView.loadCerts(nsIX509Cert.USER_CERT);
|
||||||
certname = certstr[2];
|
}
|
||||||
certkey = certstr[3];
|
|
||||||
}
|
|
||||||
if (column=="certcol") return certname;
|
|
||||||
else if (column=="tokencol") return tokenname;
|
|
||||||
else return certkey;
|
|
||||||
},
|
|
||||||
getRowProperties : function(row, prop) {},
|
|
||||||
getColumnProperties : function(column, prop) {},
|
|
||||||
getCellProperties : function(cell, prop) {},
|
|
||||||
isContainer : function(index) { return false; }
|
|
||||||
};
|
|
||||||
|
|
||||||
function getSelectedCerts()
|
function getSelectedCerts()
|
||||||
{
|
{
|
||||||
|
var ca_tab = document.getElementById("ca_tab");
|
||||||
var mine_tab = document.getElementById("mine_tab");
|
var mine_tab = document.getElementById("mine_tab");
|
||||||
//var others_tab = document.getElementById("others_tab");
|
//var others_tab = document.getElementById("others_tab");
|
||||||
var websites_tab = document.getElementById("websites_tab");
|
var websites_tab = document.getElementById("websites_tab");
|
||||||
var items = caOutlinerView.selection;
|
var items = null;
|
||||||
if (mine_tab.selected) {
|
if (ca_tab.selected) {
|
||||||
|
items = caOutlinerView.selection;
|
||||||
|
} else if (mine_tab.selected) {
|
||||||
items = userOutlinerView.selection;
|
items = userOutlinerView.selection;
|
||||||
|
/*
|
||||||
|
} else if (others_tab.selected) {
|
||||||
|
items = emailOutlinerView.selection;
|
||||||
|
*/
|
||||||
} else if (websites_tab.selected) {
|
} else if (websites_tab.selected) {
|
||||||
items = serverOutlinerView.selection;
|
items = serverOutlinerView.selection;
|
||||||
}
|
}
|
||||||
var nr = items.getRangeCount();
|
selected_certs = [];
|
||||||
|
var cert = null;
|
||||||
|
var nr = 0;
|
||||||
|
if (items != null) nr = items.getRangeCount();
|
||||||
if (nr > 0) {
|
if (nr > 0) {
|
||||||
selected_certs = [];
|
|
||||||
for (var i=0; i<nr; i++) {
|
for (var i=0; i<nr; i++) {
|
||||||
var o1 = {};
|
var o1 = {};
|
||||||
var o2 = {};
|
var o2 = {};
|
||||||
|
@ -164,55 +107,24 @@ function getSelectedCerts()
|
||||||
var min = o1.value;
|
var min = o1.value;
|
||||||
var max = o2.value;
|
var max = o2.value;
|
||||||
for (var j=min; j<=max; j++) {
|
for (var j=min; j<=max; j++) {
|
||||||
var tokenName = items.outliner.view.getCellText(j, "tokencol");
|
if (ca_tab.selected) {
|
||||||
//var certName = items.outliner.view.getCellText(j, "certcol");
|
cert = caOutlinerView.getCert(j);
|
||||||
var certDBKey = items.outliner.view.getCellText(j, "certdbkeycol");
|
} else if (mine_tab.selected) {
|
||||||
selected_certs[selected_certs.length] = [tokenName, certDBKey];
|
cert = userOutlinerView.getCert(j);
|
||||||
|
/*
|
||||||
|
} else if (others_tab.selected) {
|
||||||
|
cert = emailOutlinerView.getCert(j);
|
||||||
|
*/
|
||||||
|
} else if (websites_tab.selected) {
|
||||||
|
cert = serverOutlinerView.getCert(j);
|
||||||
|
}
|
||||||
|
if (cert)
|
||||||
|
selected_certs[selected_certs.length] = cert;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
function LoadCertNamesByType(type)
|
|
||||||
{
|
|
||||||
var obj1 = {};
|
|
||||||
var obj2 = {};
|
|
||||||
certdb.getCertNicknames(null, type, obj1, obj2);
|
|
||||||
var count = obj1.value;
|
|
||||||
if (type == nsIX509Cert.CA_CERT) {
|
|
||||||
caCertNameList = obj2.value;
|
|
||||||
caCertNameList.sort();
|
|
||||||
} else if (type == nsIX509Cert.SERVER_CERT) {
|
|
||||||
serverCertNameList = obj2.value;
|
|
||||||
serverCertNameList.sort();
|
|
||||||
/*
|
|
||||||
} else if (type == nsIX509Cert.EMAIL_CERT) {
|
|
||||||
emailCertNameList = obj2.value;
|
|
||||||
emailCertNameList.sort();
|
|
||||||
*/
|
|
||||||
} else { /* if (type == nsIX509Cert.USER_CERT) */
|
|
||||||
userCertNameList = obj2.value;
|
|
||||||
userCertNameList.sort();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
function LoadCertNames()
|
|
||||||
{
|
|
||||||
certdb = Components.classes[nsX509CertDB].getService(nsIX509CertDB);
|
|
||||||
LoadCertNamesByType(nsIX509Cert.CA_CERT);
|
|
||||||
LoadCertNamesByType(nsIX509Cert.SERVER_CERT);
|
|
||||||
//LoadCertNamesByType(nsIX509Cert.EMAIL_CERT);
|
|
||||||
LoadCertNamesByType(nsIX509Cert.USER_CERT);
|
|
||||||
document.getElementById('ca-outliner')
|
|
||||||
.outlinerBoxObject.view = caOutlinerView;
|
|
||||||
document.getElementById('server-outliner')
|
|
||||||
.outlinerBoxObject.view = serverOutlinerView;
|
|
||||||
/*document.getElementById('email-outliner')
|
|
||||||
.outlinerBoxObject.view = emailOutlinerView; */
|
|
||||||
document.getElementById('user-outliner')
|
|
||||||
.outlinerBoxObject.view = userOutlinerView;
|
|
||||||
}
|
|
||||||
|
|
||||||
function ca_enableButtons()
|
function ca_enableButtons()
|
||||||
{
|
{
|
||||||
var items = caOutlinerView.selection;
|
var items = caOutlinerView.selection;
|
||||||
|
@ -221,6 +133,8 @@ function ca_enableButtons()
|
||||||
if (nr == 0) {
|
if (nr == 0) {
|
||||||
toggle="true";
|
toggle="true";
|
||||||
}
|
}
|
||||||
|
edit_toggle=toggle;
|
||||||
|
/*
|
||||||
var edit_toggle="true";
|
var edit_toggle="true";
|
||||||
if (nr > 0) {
|
if (nr > 0) {
|
||||||
for (var i=0; i<nr; i++) {
|
for (var i=0; i<nr; i++) {
|
||||||
|
@ -240,6 +154,7 @@ function ca_enableButtons()
|
||||||
edit_toggle="false";
|
edit_toggle="false";
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
*/
|
||||||
var enableViewButton=document.getElementById('ca_viewButton');
|
var enableViewButton=document.getElementById('ca_viewButton');
|
||||||
enableViewButton.setAttribute("disabled",toggle);
|
enableViewButton.setAttribute("disabled",toggle);
|
||||||
var enableEditButton=document.getElementById('ca_editButton');
|
var enableEditButton=document.getElementById('ca_editButton');
|
||||||
|
@ -281,15 +196,7 @@ function websites_enableButtons()
|
||||||
function backupCerts()
|
function backupCerts()
|
||||||
{
|
{
|
||||||
getSelectedCerts();
|
getSelectedCerts();
|
||||||
var numcerts= selected_certs.length;
|
var numcerts = selected_certs.length;
|
||||||
var certs = [];
|
|
||||||
var windowName = "";
|
|
||||||
for (var t=0; t<numcerts; t++) {
|
|
||||||
//var token = tokendb.findTokenByName(selected_certs[t][0]);
|
|
||||||
var token = null;
|
|
||||||
if (selected_certs[t][1].length == 0) break; // workaround
|
|
||||||
certs[t] = certdb.getCertByDBKey(selected_certs[t][1], token);
|
|
||||||
}
|
|
||||||
var bundle = srGetStrBundle("chrome://pippki/locale/pippki.properties");
|
var bundle = srGetStrBundle("chrome://pippki/locale/pippki.properties");
|
||||||
var fp = Components.classes[nsFilePicker].createInstance(nsIFilePicker);
|
var fp = Components.classes[nsFilePicker].createInstance(nsIFilePicker);
|
||||||
fp.init(window,
|
fp.init(window,
|
||||||
|
@ -299,10 +206,9 @@ function backupCerts()
|
||||||
fp.appendFilters(nsIFilePicker.filterAll);
|
fp.appendFilters(nsIFilePicker.filterAll);
|
||||||
if (fp.show() == nsIFilePicker.returnOK ||
|
if (fp.show() == nsIFilePicker.returnOK ||
|
||||||
fp.show() == nsIFilePicker.returnReplace) {
|
fp.show() == nsIFilePicker.returnReplace) {
|
||||||
certdb.exportPKCS12File(null, fp.file, certs.length, certs);
|
certdb.exportPKCS12File(null, fp.file,
|
||||||
|
selected_certs.length, selected_certs);
|
||||||
}
|
}
|
||||||
// don't really know it was successful...
|
|
||||||
alert(bundle.GetStringFromName("SuccessfulP12Backup"));
|
|
||||||
}
|
}
|
||||||
|
|
||||||
function backupAllCerts()
|
function backupAllCerts()
|
||||||
|
@ -315,12 +221,10 @@ function backupAllCerts()
|
||||||
function editCerts()
|
function editCerts()
|
||||||
{
|
{
|
||||||
getSelectedCerts();
|
getSelectedCerts();
|
||||||
var numcerts= selected_certs.length;
|
var numcerts = selected_certs.length;
|
||||||
for (var t=0; t<numcerts; t++) {
|
for (var t=0; t<numcerts; t++) {
|
||||||
//var token = tokendb.findTokenByName(selected_certs[t][0]);
|
var cert = selected_certs[t];
|
||||||
var token = null;
|
var certkey = cert.dbKey;
|
||||||
var certkey = selected_certs[t][1];
|
|
||||||
var cert = certdb.getCertByDBKey(certkey, token);
|
|
||||||
window.open('chrome://pippki/content/editcerts.xul', certkey,
|
window.open('chrome://pippki/content/editcerts.xul', certkey,
|
||||||
'chrome,width=500,height=400,resizable=1');
|
'chrome,width=500,height=400,resizable=1');
|
||||||
}
|
}
|
||||||
|
@ -339,47 +243,28 @@ function restoreCerts()
|
||||||
var certdb = Components.classes[nsX509CertDB].getService(nsIX509CertDB);
|
var certdb = Components.classes[nsX509CertDB].getService(nsIX509CertDB);
|
||||||
certdb.importPKCS12File(null, fp.file);
|
certdb.importPKCS12File(null, fp.file);
|
||||||
}
|
}
|
||||||
// don't really know it was successful...
|
userOutlinerView.loadCerts(nsIX509Cert.USER_CERT);
|
||||||
alert(bundle.GetStringFromName("SuccessfulP12Restore"));
|
|
||||||
LoadCertNames();
|
|
||||||
}
|
}
|
||||||
|
|
||||||
function deleteCerts()
|
function deleteCerts()
|
||||||
{
|
{
|
||||||
getSelectedCerts();
|
getSelectedCerts();
|
||||||
var numcerts= selected_certs.length;
|
var numcerts = selected_certs.length;
|
||||||
/*
|
|
||||||
var windowName = "";
|
|
||||||
for (var t=0; t<selected_certs.length; t++) {
|
|
||||||
if (selected_certs[t][0] &&
|
|
||||||
selected_certs[t][0] != "PSM Certificate Database") { // token name
|
|
||||||
windowName = selected_certs[t].join(":");
|
|
||||||
} else {
|
|
||||||
windowName = selected_certs[t][1];
|
|
||||||
}
|
|
||||||
*/
|
|
||||||
for (var t=0; t<numcerts; t++) {
|
for (var t=0; t<numcerts; t++) {
|
||||||
//var token = tokendb.findTokenByName(selected_certs[t][0]);
|
var cert = selected_certs[t];
|
||||||
var token = null;
|
var certkey = cert.dbKey;
|
||||||
var cert = certdb.getCertByDBKey(selected_certs[t][1], token);
|
window.openDialog('chrome://pippki/content/deletecert.xul', certkey,
|
||||||
alert("You want to delete \"" + cert.windowTitle + "\"");
|
'chrome,resizable=1,modal');
|
||||||
/*
|
|
||||||
window.open('chrome://pippki/content/deleteCert.xul', windowName,
|
|
||||||
'chrome,width=500,height=400,resizable=1');
|
|
||||||
*/
|
|
||||||
}
|
}
|
||||||
LoadCertNames();
|
ReloadCerts();
|
||||||
}
|
}
|
||||||
|
|
||||||
function viewCerts()
|
function viewCerts()
|
||||||
{
|
{
|
||||||
getSelectedCerts();
|
getSelectedCerts();
|
||||||
var numcerts= selected_certs.length;
|
var numcerts = selected_certs.length;
|
||||||
for (var t=0; t<numcerts; t++) {
|
for (var t=0; t<numcerts; t++) {
|
||||||
//var token = tokendb.findTokenByName(selected_certs[t][0]);
|
selected_certs[t].view();
|
||||||
var token = null;
|
|
||||||
var cert = certdb.getCertByDBKey(selected_certs[t][1], token);
|
|
||||||
cert.view();
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -37,10 +37,10 @@
|
||||||
<window id="certmanager"
|
<window id="certmanager"
|
||||||
xmlns:html="http://www.w3.org/1999/xhtml"
|
xmlns:html="http://www.w3.org/1999/xhtml"
|
||||||
xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"
|
xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"
|
||||||
style="width: 30em;"
|
style="width: 40em;"
|
||||||
title="&certmgr.title;"
|
title="&certmgr.title;"
|
||||||
debug="0"
|
debug="0"
|
||||||
onload="LoadCertNames()">
|
onload="LoadCerts()">
|
||||||
|
|
||||||
<script src="chrome://global/content/strres.js" />
|
<script src="chrome://global/content/strres.js" />
|
||||||
<script src="certManager.js"/>
|
<script src="certManager.js"/>
|
||||||
|
@ -53,13 +53,17 @@
|
||||||
<tabbox flex="0" orient="vertical">
|
<tabbox flex="0" orient="vertical">
|
||||||
<tabs orient="horizontal">
|
<tabs orient="horizontal">
|
||||||
<tab id="mine_tab" label="&certmgr.tab.mine;" />
|
<tab id="mine_tab" label="&certmgr.tab.mine;" />
|
||||||
|
<!--
|
||||||
<tab id="others_tab" label="&certmgr.tab.others;" />
|
<tab id="others_tab" label="&certmgr.tab.others;" />
|
||||||
|
-->
|
||||||
<tab id="websites_tab" label="&certmgr.tab.websites;" />
|
<tab id="websites_tab" label="&certmgr.tab.websites;" />
|
||||||
<tab id="ca_tab" label="&certmgr.tab.ca;" selected="true"/>
|
<tab id="ca_tab" label="&certmgr.tab.ca;" selected="true"/>
|
||||||
</tabs>
|
</tabs>
|
||||||
<tabpanels flex="1">
|
<tabpanels flex="1">
|
||||||
<box id="myCerts" flex="1"/>
|
<box id="myCerts" flex="1"/>
|
||||||
|
<!--
|
||||||
<box id="othersCerts" flex="1"/>
|
<box id="othersCerts" flex="1"/>
|
||||||
|
-->
|
||||||
<box id="webCerts" flex="1"/>
|
<box id="webCerts" flex="1"/>
|
||||||
<box id="CACerts" flex="1"/>
|
<box id="CACerts" flex="1"/>
|
||||||
</tabpanels>
|
</tabpanels>
|
||||||
|
|
|
@ -0,0 +1,54 @@
|
||||||
|
/*
|
||||||
|
* The contents of this file are subject to the Mozilla Public
|
||||||
|
* License Version 1.1 (the "License"); you may not use this file
|
||||||
|
* except in compliance with the License. You may obtain a copy of
|
||||||
|
* the License at http://www.mozilla.org/MPL/
|
||||||
|
*
|
||||||
|
* Software distributed under the License is distributed on an "AS
|
||||||
|
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
|
||||||
|
* implied. See the License for the specific language governing
|
||||||
|
* rights and limitations under the License.
|
||||||
|
*
|
||||||
|
* The Original Code is mozilla.org code.
|
||||||
|
*
|
||||||
|
* The Initial Developer of the Original Code is Netscape
|
||||||
|
* Communications Corporation. Portions created by Netscape are
|
||||||
|
* Copyright (C) 2001 Netscape Communications Corporation. All
|
||||||
|
* Rights Reserved.
|
||||||
|
*
|
||||||
|
* Contributor(s):
|
||||||
|
* Ian McGreer <mcgreer@netscape.com>
|
||||||
|
*/
|
||||||
|
|
||||||
|
const nsIX509Cert = Components.interfaces.nsIX509Cert;
|
||||||
|
const nsX509CertDB = "@mozilla.org/security/x509certdb;1";
|
||||||
|
const nsIX509CertDB = Components.interfaces.nsIX509CertDB;
|
||||||
|
const nsIPKIParamBlock = Components.interfaces.nsIPKIParamBlock;
|
||||||
|
|
||||||
|
var certdb;
|
||||||
|
var cert;
|
||||||
|
|
||||||
|
function setWindowName()
|
||||||
|
{
|
||||||
|
var dbkey = self.name;
|
||||||
|
|
||||||
|
// Get the cert from the cert database
|
||||||
|
certdb = Components.classes[nsX509CertDB].getService(nsIX509CertDB);
|
||||||
|
//var pkiParams = window.arguments[0].QueryInterface(nsIPKIParamBlock);
|
||||||
|
//var isupport = pkiParams.getISupportAtIndex(1);
|
||||||
|
//cert = isupport.QueryInterface(nsIX509Cert);
|
||||||
|
cert = certdb.getCertByDBKey(dbkey, null);
|
||||||
|
|
||||||
|
var windowReference = document.getElementById('deleteCert');
|
||||||
|
windowReference.setAttribute("title", cert.commonName);
|
||||||
|
|
||||||
|
var certname = document.getElementById("certname");
|
||||||
|
certname.setAttribute("value", cert.commonName);
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
function doOK()
|
||||||
|
{
|
||||||
|
certdb.deleteCertificate(cert);
|
||||||
|
window.close();
|
||||||
|
}
|
|
@ -0,0 +1,55 @@
|
||||||
|
<?xml version="1.0"?>
|
||||||
|
<!--
|
||||||
|
- The contents of this file are subject to the Mozilla Public
|
||||||
|
- License Version 1.1 (the "License"); you may not use this file
|
||||||
|
- except in compliance with the License. You may obtain a copy of
|
||||||
|
- the License at http://www.mozilla.org/MPL/
|
||||||
|
-
|
||||||
|
- Software distributed under the License is distributed on an "AS
|
||||||
|
- IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
|
||||||
|
- implied. See the License for the specific language governing
|
||||||
|
- rights and limitations under the License.
|
||||||
|
-
|
||||||
|
- The Original Code is mozilla.org code.
|
||||||
|
-
|
||||||
|
- The Initial Developer of the Original Code is Netscape
|
||||||
|
- Communications Corp. Portions created by Netscape are
|
||||||
|
- Copyright (C) 2001 Netscape Communications Corp. All
|
||||||
|
- Rights Reserved.
|
||||||
|
-
|
||||||
|
- Contributor(s):
|
||||||
|
- Ian McGreer <mcgreer@netscape.com>
|
||||||
|
-->
|
||||||
|
|
||||||
|
<?xml-stylesheet href="chrome://global/skin/" type="text/css"?>
|
||||||
|
|
||||||
|
<!DOCTYPE window SYSTEM "chrome://pippki/locale/certManager.dtd">
|
||||||
|
|
||||||
|
<window
|
||||||
|
id="deleteCert"
|
||||||
|
title="&certmgr.deletecert.title;"
|
||||||
|
xmlns:html="http://www.w3.org/1999/xhtml"
|
||||||
|
xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"
|
||||||
|
onload="setWindowName();"
|
||||||
|
persist="height width screenX screenY"
|
||||||
|
debug="false"
|
||||||
|
>
|
||||||
|
|
||||||
|
<script src="deletecert.js"/>
|
||||||
|
|
||||||
|
<box orient="vertical" flex="1">
|
||||||
|
<html>&certmgr.deletecert.beforename;</html>
|
||||||
|
<text id="certname"/>
|
||||||
|
<html>&certmgr.deletecert.aftername;</html>
|
||||||
|
<separator />
|
||||||
|
<box orient="horizontal" align="center">
|
||||||
|
<button id="ok-button" class="dialog" label="&certmgr.ok.label;"
|
||||||
|
style="width: 8ex" oncommand="doOK();"/>
|
||||||
|
<button id="cancel-button" class="dialog" label="&certmgr.cancel.label;"
|
||||||
|
style="width: 8ex" oncommand="window.close();" />
|
||||||
|
<button id="help-button" class="dialog" label="&certmgr.help.label;"
|
||||||
|
style="width: 8ex" oncommand="alert('Help to add here');" />
|
||||||
|
</box>
|
||||||
|
</box>
|
||||||
|
|
||||||
|
</window>
|
|
@ -24,22 +24,21 @@
|
||||||
const nsIX509Cert = Components.interfaces.nsIX509Cert;
|
const nsIX509Cert = Components.interfaces.nsIX509Cert;
|
||||||
const nsX509CertDB = "@mozilla.org/security/x509certdb;1";
|
const nsX509CertDB = "@mozilla.org/security/x509certdb;1";
|
||||||
const nsIX509CertDB = Components.interfaces.nsIX509CertDB;
|
const nsIX509CertDB = Components.interfaces.nsIX509CertDB;
|
||||||
|
const nsIPKIParamBlock = Components.interfaces.nsIPKIParamBlock;
|
||||||
|
|
||||||
//var myName;
|
|
||||||
// XXX yes?
|
|
||||||
var certdb;
|
var certdb;
|
||||||
var cert;
|
var cert;
|
||||||
|
|
||||||
function setWindowName()
|
function setWindowName()
|
||||||
{
|
{
|
||||||
//myName = self.name;
|
var dbkey = self.name;
|
||||||
certkey = self.name;
|
|
||||||
|
|
||||||
// Get the cert from the cert database
|
// Get the cert from the cert database
|
||||||
certdb = Components.classes[nsX509CertDB].getService(nsIX509CertDB);
|
certdb = Components.classes[nsX509CertDB].getService(nsIX509CertDB);
|
||||||
//var cert = certdb.getCertByNickname(token, myName);
|
//var pkiParams = window.arguments[0].QueryInterface(nsIPKIParamBlock);
|
||||||
//cert = certdb.getCertByNickname(null, myName);
|
//var isupport = pkiParams.getISupportAtIndex(1);
|
||||||
cert = certdb.getCertByDBKey(certkey, null);
|
//cert = isupport.QueryInterface(nsIX509Cert);
|
||||||
|
cert = certdb.getCertByDBKey(dbkey, null);
|
||||||
|
|
||||||
var windowReference = document.getElementById('editCert');
|
var windowReference = document.getElementById('editCert');
|
||||||
windowReference.setAttribute("title", cert.commonName);
|
windowReference.setAttribute("title", cert.commonName);
|
||||||
|
|
|
@ -1,65 +0,0 @@
|
||||||
<?xml version="1.0"?>
|
|
||||||
<!--
|
|
||||||
- The contents of this file are subject to the Mozilla Public
|
|
||||||
- License Version 1.1 (the "License"); you may not use this file
|
|
||||||
- except in compliance with the License. You may obtain a copy of
|
|
||||||
- the License at http://www.mozilla.org/MPL/
|
|
||||||
-
|
|
||||||
- Software distributed under the License is distributed on an "AS
|
|
||||||
- IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
|
|
||||||
- implied. See the License for the specific language governing
|
|
||||||
- rights and limitations under the License.
|
|
||||||
-
|
|
||||||
- The Original Code is mozilla.org code.
|
|
||||||
-
|
|
||||||
- The Initial Developer of the Original Code is Netscape
|
|
||||||
- Communications Corp. Portions created by Netscape are
|
|
||||||
- Copyright (C) 2001 Netscape Communications Corp. All
|
|
||||||
- Rights Reserved.
|
|
||||||
-
|
|
||||||
- Contributor(s):
|
|
||||||
- Bob Lord <lord@netscape.com>
|
|
||||||
- Ian McGreer <mcgreer@netscape.com>
|
|
||||||
-->
|
|
||||||
|
|
||||||
<?xml-stylesheet href="chrome://global/skin/" type="text/css"?>
|
|
||||||
|
|
||||||
<!DOCTYPE window SYSTEM "chrome://pippki/locale/certManager.dtd">
|
|
||||||
|
|
||||||
<window
|
|
||||||
id="editCert"
|
|
||||||
title="&certmgr.editcert.title;"
|
|
||||||
xmlns:html="http://www.w3.org/1999/xhtml"
|
|
||||||
xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"
|
|
||||||
onload="setWindowName();"
|
|
||||||
persist="height width screenX screenY"
|
|
||||||
debug="false"
|
|
||||||
>
|
|
||||||
|
|
||||||
<script src="editcerts.js"/>
|
|
||||||
|
|
||||||
<box orient="vertical" flex="1">
|
|
||||||
<html>&certmgr.editcert.beforename;</html>
|
|
||||||
<text id="certname"/>
|
|
||||||
<html>&certmgr.editcert.aftername;</html>
|
|
||||||
<separator />
|
|
||||||
<html>&certmgr.editcert.edittrust;</html>
|
|
||||||
<box orient = "vertical">
|
|
||||||
<checkbox label="&certmgr.editcert.trustssl;" checked="false"
|
|
||||||
id="trustSSL"/>
|
|
||||||
<checkbox label="&certmgr.editcert.trustemail;" checked="false"
|
|
||||||
id="trustEmail"/>
|
|
||||||
<checkbox label="&certmgr.editcert.trustobjsign;" checked="false"
|
|
||||||
id="trustObjSign"/>
|
|
||||||
</box>
|
|
||||||
<box orient="horizontal" align="center">
|
|
||||||
<button id="ok-button" class="dialog" label="&certmgr.ok.label;"
|
|
||||||
style="width: 8ex" oncommand="doOK();"/>
|
|
||||||
<button id="cancel-button" class="dialog" label="&certmgr.cancel.label;"
|
|
||||||
style="width: 8ex" oncommand="window.close();" />
|
|
||||||
<button id="help-button" class="dialog" label="&certmgr.help.label;"
|
|
||||||
style="width: 8ex" oncommand="alert('Help to add here');" />
|
|
||||||
</box>
|
|
||||||
</box>
|
|
||||||
|
|
||||||
</window>
|
|
|
@ -48,6 +48,11 @@ function onLoad()
|
||||||
|
|
||||||
function openCertManager()
|
function openCertManager()
|
||||||
{
|
{
|
||||||
window.open('chrome://pippki/content/certManager.xul', "",
|
// var windowReference = document.getElementById("certmanager");
|
||||||
'chrome,width=500,height=400,resizable=1');
|
// if (windowReference != null) {
|
||||||
|
// windowReference.focus();
|
||||||
|
// } else {
|
||||||
|
window.open('chrome://pippki/content/certManager.xul', "",
|
||||||
|
'chrome,width=500,height=400,resizable=1');
|
||||||
|
// }
|
||||||
}
|
}
|
||||||
|
|
|
@ -20,6 +20,8 @@ pippki.jar:
|
||||||
content/pippki/viewCertDetails.xul (content/viewCertDetails.xul)
|
content/pippki/viewCertDetails.xul (content/viewCertDetails.xul)
|
||||||
content/pippki/editcerts.xul (content/editcerts.xul)
|
content/pippki/editcerts.xul (content/editcerts.xul)
|
||||||
content/pippki/editcerts.js (content/editcerts.js)
|
content/pippki/editcerts.js (content/editcerts.js)
|
||||||
|
content/pippki/deletecert.xul (content/deletecert.xul)
|
||||||
|
content/pippki/deletecert.js (content/deletecert.js)
|
||||||
content/pippki/viewCertDetails.js (content/viewCertDetails.js)
|
content/pippki/viewCertDetails.js (content/viewCertDetails.js)
|
||||||
content/pippki/getp12password.xul (content/getp12password.xul)
|
content/pippki/getp12password.xul (content/getp12password.xul)
|
||||||
content/pippki/setp12password.xul (content/setp12password.xul)
|
content/pippki/setp12password.xul (content/setp12password.xul)
|
||||||
|
|
|
@ -56,8 +56,20 @@
|
||||||
<!ENTITY certmgr.editcert.trustemail "This certificate can identify mail users.">
|
<!ENTITY certmgr.editcert.trustemail "This certificate can identify mail users.">
|
||||||
<!ENTITY certmgr.editcert.trustobjsign "This certificate can identify software makers.">
|
<!ENTITY certmgr.editcert.trustobjsign "This certificate can identify software makers.">
|
||||||
|
|
||||||
|
<!ENTITY certmgr.deletecert.title "Delete Certificate">
|
||||||
|
<!ENTITY certmgr.deletecert.beforename "You have requested to delete this certificate:">
|
||||||
|
<!ENTITY certmgr.deletecert.aftername "Are you sure you want to delete this certificate?">
|
||||||
|
<!ENTITY certmgr.deleteusercert.title "Delete Your Certificate">
|
||||||
|
<!ENTITY certmgr.deleteusercert.beforename "You have requested to delete the certificate:">
|
||||||
|
<!ENTITY certmgr.deleteusercert.aftername "Once you have deleted this certificate, you will not be able to read mail that has been encrypted with it.">
|
||||||
|
|
||||||
<!ENTITY certmgr.certname "Certificate Name">
|
<!ENTITY certmgr.certname "Certificate Name">
|
||||||
<!ENTITY certmgr.tokenname "Token Name">
|
<!ENTITY certmgr.tokenname "Token Name">
|
||||||
|
<!ENTITY certmgr.verified "Verified">
|
||||||
|
<!ENTITY certmgr.purpose "Purpose">
|
||||||
|
<!ENTITY certmgr.issued "Issued On">
|
||||||
|
<!ENTITY certmgr.expires "Expires On">
|
||||||
|
|
||||||
<!ENTITY certmgr.help.label "Help">
|
<!ENTITY certmgr.help.label "Help">
|
||||||
<!ENTITY certmgr.ok.label "Ok">
|
<!ENTITY certmgr.ok.label "Ok">
|
||||||
<!ENTITY certmgr.close.label "Close">
|
<!ENTITY certmgr.close.label "Close">
|
||||||
|
|
|
@ -45,6 +45,9 @@
|
||||||
<!ENTITY cancel.label "Cancel">
|
<!ENTITY cancel.label "Cancel">
|
||||||
<!ENTITY help.label "Help">
|
<!ENTITY help.label "Help">
|
||||||
|
|
||||||
|
<!ENTITY piperror.title "Error">
|
||||||
|
<!ENTITY pipalert.title "Error - cannot recover">
|
||||||
|
|
||||||
<!-- Prefs panel strings -->
|
<!-- Prefs panel strings -->
|
||||||
<!ENTITY pref.security.general.lHeader "Security">
|
<!ENTITY pref.security.general.lHeader "Security">
|
||||||
<!ENTITY pref.security.general.rHeader "Settings for general security">
|
<!ENTITY pref.security.general.rHeader "Settings for general security">
|
||||||
|
|
|
@ -29,8 +29,6 @@ newCAMessage1=Do you want to trust "%S" for the following purposes?
|
||||||
#PKCS#12 file dialogs
|
#PKCS#12 file dialogs
|
||||||
chooseP12RestoreFileDialog=File Name to Restore
|
chooseP12RestoreFileDialog=File Name to Restore
|
||||||
chooseP12BackupFileDialog=File Name to Backup
|
chooseP12BackupFileDialog=File Name to Backup
|
||||||
SuccessfulP12Backup=Successfully backed up your security certificate(s) and private key(s).
|
|
||||||
SuccessfulP12Restore=Successfully restored your security certificate(s) and private key(s).
|
|
||||||
|
|
||||||
#Mismatch Domain Dialg
|
#Mismatch Domain Dialg
|
||||||
mismatchDomainMsg1=You have attempted to establish a connection with "%S". However, the security certificate presented belongs to "%S". It is possible, though unlikely, that someone may be trying to intercept your communication with this web site.
|
mismatchDomainMsg1=You have attempted to establish a connection with "%S". However, the security certificate presented belongs to "%S". It is possible, though unlikely, that someone may be trying to intercept your communication with this web site.
|
||||||
|
|
|
@ -51,6 +51,7 @@ XPIDLSRCS = \
|
||||||
nsIPKCS11Slot.idl \
|
nsIPKCS11Slot.idl \
|
||||||
nsIPK11TokenDB.idl \
|
nsIPK11TokenDB.idl \
|
||||||
nsINSSDialogs.idl \
|
nsINSSDialogs.idl \
|
||||||
|
nsICertOutliner.idl \
|
||||||
$(NULL)
|
$(NULL)
|
||||||
|
|
||||||
include $(topsrcdir)/config/rules.mk
|
include $(topsrcdir)/config/rules.mk
|
||||||
|
|
|
@ -57,6 +57,7 @@ XPIDLSRCS= \
|
||||||
.\nsIPKCS11Slot.idl \
|
.\nsIPKCS11Slot.idl \
|
||||||
.\nsIPK11TokenDB.idl \
|
.\nsIPK11TokenDB.idl \
|
||||||
.\nsINSSDialogs.idl \
|
.\nsINSSDialogs.idl \
|
||||||
|
.\nsICertOutliner.idl \
|
||||||
$(NULL)
|
$(NULL)
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -59,6 +59,9 @@ interface nsIX509Cert : nsISupports {
|
||||||
readonly attribute wstring rsaPubModulus;
|
readonly attribute wstring rsaPubModulus;
|
||||||
readonly attribute wstring sha1Fingerprint;
|
readonly attribute wstring sha1Fingerprint;
|
||||||
readonly attribute wstring md5Fingerprint;
|
readonly attribute wstring md5Fingerprint;
|
||||||
|
readonly attribute wstring issuedDate;
|
||||||
|
readonly attribute wstring expiresDate;
|
||||||
|
readonly attribute wstring tokenName;
|
||||||
|
|
||||||
readonly attribute nsIX509CertValidity validity;
|
readonly attribute nsIX509CertValidity validity;
|
||||||
readonly attribute string dbKey;
|
readonly attribute string dbKey;
|
||||||
|
@ -92,6 +95,8 @@ interface nsIX509Cert : nsISupports {
|
||||||
out PRUint32 count,
|
out PRUint32 count,
|
||||||
[array, size_is(count)] out wstring usages);
|
[array, size_is(count)] out wstring usages);
|
||||||
|
|
||||||
|
void getPurposes(out PRUint32 verified, out wstring purposes);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* This method is here to make it easier to view a cert.
|
* This method is here to make it easier to view a cert.
|
||||||
* It will get the implemention of the nsICertificateDialogs
|
* It will get the implemention of the nsICertificateDialogs
|
||||||
|
|
|
@ -39,10 +39,27 @@
|
||||||
#include "nsString.h"
|
#include "nsString.h"
|
||||||
%}
|
%}
|
||||||
|
|
||||||
|
interface nsISupportsArray;
|
||||||
interface nsIX509Cert;
|
interface nsIX509Cert;
|
||||||
interface nsIPK11Token;
|
interface nsIPK11Token;
|
||||||
interface nsILocalFile;
|
interface nsILocalFile;
|
||||||
|
|
||||||
|
%{C++
|
||||||
|
|
||||||
|
#define NS_X509CERTDB_CID { /* da48b3c0-1284-11d5-ac67-000064657374 */ \
|
||||||
|
0xda48b3c0, \
|
||||||
|
0x1284, \
|
||||||
|
0x11d5, \
|
||||||
|
{0xac, 0x67, 0x00, 0x00, 0x64, 0x65, 0x73, 0x74} \
|
||||||
|
}
|
||||||
|
|
||||||
|
#define NS_X509CERTDB_CONTRACTID "@mozilla.org/security/x509certdb;1"
|
||||||
|
|
||||||
|
typedef int (*nsCertCompareFunc)(nsIX509Cert *a, nsIX509Cert *b);
|
||||||
|
|
||||||
|
%}
|
||||||
|
|
||||||
|
native nsCertCompareFunc(nsCertCompareFunc);
|
||||||
native nsAutoString(nsAutoString);
|
native nsAutoString(nsAutoString);
|
||||||
[ref] native nsAutoStringRef(nsAutoString);
|
[ref] native nsAutoStringRef(nsAutoString);
|
||||||
|
|
||||||
|
@ -84,6 +101,16 @@ interface nsIX509CertDB : nsISupports {
|
||||||
out unsigned long count,
|
out unsigned long count,
|
||||||
[array, size_is(count)] out wstring certNameList);
|
[array, size_is(count)] out wstring certNameList);
|
||||||
|
|
||||||
|
/*
|
||||||
|
* getCertsByType
|
||||||
|
*
|
||||||
|
* Obtain a list of certs from the database.
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
[notxpcom, noscript] boolean getCertsByType(in unsigned long aType,
|
||||||
|
in nsCertCompareFunc aCertCmpFn,
|
||||||
|
out nsISupportsArray certs);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* importCertificate
|
* importCertificate
|
||||||
*
|
*
|
||||||
|
@ -148,19 +175,3 @@ interface nsIX509CertDB : nsISupports {
|
||||||
|
|
||||||
};
|
};
|
||||||
|
|
||||||
%{C++
|
|
||||||
|
|
||||||
#define NS_X509CERTDB_CID { /* da48b3c0-1284-11d5-ac67-000064657374 */ \
|
|
||||||
0xda48b3c0, \
|
|
||||||
0x1284, \
|
|
||||||
0x11d5, \
|
|
||||||
{0xac, 0x67, 0x00, 0x00, 0x64, 0x65, 0x73, 0x74} \
|
|
||||||
}
|
|
||||||
|
|
||||||
#define NS_X509CERTDB_CONTRACTID "@mozilla.org/security/x509certdb;1"
|
|
||||||
|
|
||||||
|
|
||||||
#define NS_CERTIFICATEMGR_DATASOURCE_CONTRACTID \
|
|
||||||
"@mozilla.org/rdf/datasource;1?name=certificatemgr"
|
|
||||||
|
|
||||||
%}
|
|
||||||
|
|
|
@ -30,6 +30,7 @@ SlotDescription=PSM Internal Cryptographic Services Version 4.0
|
||||||
PrivateSlotDescription=PSM User Private Key and Certificate Services
|
PrivateSlotDescription=PSM User Private Key and Certificate Services
|
||||||
FipsSlotDescription=PSM Internal FIPS-140-1 Cryptographic Services
|
FipsSlotDescription=PSM Internal FIPS-140-1 Cryptographic Services
|
||||||
FipsPrivateSlotDescription=PSM FIPS-140-1 User Private Key Services
|
FipsPrivateSlotDescription=PSM FIPS-140-1 User Private Key Services
|
||||||
|
InternalToken=Software Security Module
|
||||||
VerifySSLClient=SSL Client Certificate
|
VerifySSLClient=SSL Client Certificate
|
||||||
VerifySSLServer=SSL Server Certificate
|
VerifySSLServer=SSL Server Certificate
|
||||||
VerifySSLStepUp=SSL Server with Step-up
|
VerifySSLStepUp=SSL Server with Step-up
|
||||||
|
@ -42,3 +43,24 @@ VerifyUserImport=User Import Cert
|
||||||
VerifyCAVerifier=CA Verifier
|
VerifyCAVerifier=CA Verifier
|
||||||
VerifyStatusResponder=Status Responder Certificate
|
VerifyStatusResponder=Status Responder Certificate
|
||||||
VerifyAnyCA=Any Certificate Authority
|
VerifyAnyCA=Any Certificate Authority
|
||||||
|
VerifySSLClient_p=Client
|
||||||
|
VerifySSLServer_p=Server
|
||||||
|
VerifySSLStepUp_p=Step-up
|
||||||
|
VerifySSLCA_p=SSL CA
|
||||||
|
VerifyEmailSigner_p=Sign
|
||||||
|
VerifyEmailRecip_p=Encrypt
|
||||||
|
VerifyProtectObjSign_p=Protected Object Signer
|
||||||
|
VerifyObjSign_p=Object Signer
|
||||||
|
VerifyUserImport_p=User Import
|
||||||
|
VerifyCAVerifier_p=CA Verifier
|
||||||
|
VerifyStatusResponder_p=Status Responder
|
||||||
|
VerifyAnyCA_p=CA
|
||||||
|
VerifiedTrue=true
|
||||||
|
VerifiedFalse=false
|
||||||
|
PK11BadPassword=The token password entered was incorrect.
|
||||||
|
SuccessfulP12Backup=Successfully backed up your security certificate(s) and private key(s).
|
||||||
|
SuccessfulP12Restore=Successfully restored your security certificate(s) and private key(s).
|
||||||
|
PKCS12PasswordInvalid=Could not decode PKCS#12 file. Perhaps the password you entered was incorrect?
|
||||||
|
PKCS12DecodeErr=Failed to decode the file. Either it is not in PKCS#12 format, has been corrupted, or the password you entered was incorrect.
|
||||||
|
PKCS12UnknownErrRestore=Failed to restore the PKCS#12 file for unknown reasons.
|
||||||
|
PKCS12UnknownErrBackup=Failed to backup the PKCS#12 file for unknown reasons.
|
||||||
|
|
|
@ -60,6 +60,7 @@ CPPSRCS = \
|
||||||
nsPK11TokenDB.cpp \
|
nsPK11TokenDB.cpp \
|
||||||
nsNSSCertificate.cpp \
|
nsNSSCertificate.cpp \
|
||||||
nsPKCS12Blob.cpp \
|
nsPKCS12Blob.cpp \
|
||||||
|
nsCertOutliner.cpp \
|
||||||
$(NULL)
|
$(NULL)
|
||||||
|
|
||||||
REQUIRES = nspr security xpcom string necko uriloader pref caps dom intl locale profile windowwatcher js docshell widget layout gfx2
|
REQUIRES = nspr security xpcom string necko uriloader pref caps dom intl locale profile windowwatcher js docshell widget layout gfx2
|
||||||
|
|
|
@ -88,6 +88,7 @@ OBJS = \
|
||||||
.\$(OBJDIR)\nsPK11TokenDB.obj \
|
.\$(OBJDIR)\nsPK11TokenDB.obj \
|
||||||
.\$(OBJDIR)\nsNSSCertificate.obj \
|
.\$(OBJDIR)\nsNSSCertificate.obj \
|
||||||
.\$(OBJDIR)\nsPKCS12Blob.obj \
|
.\$(OBJDIR)\nsPKCS12Blob.obj \
|
||||||
|
.\$(OBJDIR)\nsCertOutliner.obj \
|
||||||
$(NULL)
|
$(NULL)
|
||||||
|
|
||||||
include <$(DEPTH)\config\rules.mak>
|
include <$(DEPTH)\config\rules.mak>
|
||||||
|
|
|
@ -0,0 +1,644 @@
|
||||||
|
/*
|
||||||
|
* The contents of this file are subject to the Mozilla Public
|
||||||
|
* License Version 1.1 (the "License"); you may not use this file
|
||||||
|
* except in compliance with the License. You may obtain a copy of
|
||||||
|
* the License at http://www.mozilla.org/MPL/
|
||||||
|
*
|
||||||
|
* Software distributed under the License is distributed on an "AS
|
||||||
|
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
|
||||||
|
* implied. See the License for the specific language governing
|
||||||
|
* rights and limitations under the License.
|
||||||
|
*
|
||||||
|
* The Original Code is the Netscape security libraries.
|
||||||
|
*
|
||||||
|
* The Initial Developer of the Original Code is Netscape
|
||||||
|
* Communications Corporation. Portions created by Netscape are
|
||||||
|
* Copyright (C) 2000 Netscape Communications Corporation. All
|
||||||
|
* Rights Reserved.
|
||||||
|
*
|
||||||
|
* Contributor(s):
|
||||||
|
* Ian McGreer <mcgreer@netscape.com>
|
||||||
|
*
|
||||||
|
* Alternatively, the contents of this file may be used under the
|
||||||
|
* terms of the GNU General Public License Version 2 or later (the
|
||||||
|
* "GPL"), in which case the provisions of the GPL are applicable
|
||||||
|
* instead of those above. If you wish to allow use of your
|
||||||
|
* version of this file only under the terms of the GPL and not to
|
||||||
|
* allow others to use your version of this file under the MPL,
|
||||||
|
* indicate your decision by deleting the provisions above and
|
||||||
|
* replace them with the notice and other provisions required by
|
||||||
|
* the GPL. If you do not delete the provisions above, a recipient
|
||||||
|
* may use your version of this file under either the MPL or the
|
||||||
|
* GPL.
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include "nsNSSComponent.h" // for PIPNSS string bundle calls.
|
||||||
|
#include "nsCertOutliner.h"
|
||||||
|
#include "nsIX509Cert.h"
|
||||||
|
#include "nsIX509CertDB.h"
|
||||||
|
#include "nsXPIDLString.h"
|
||||||
|
|
||||||
|
#include "prlog.h"
|
||||||
|
#ifdef PR_LOGGING
|
||||||
|
extern PRLogModuleInfo* gPIPNSSLog;
|
||||||
|
#endif
|
||||||
|
|
||||||
|
static NS_DEFINE_CID(kNSSComponentCID, NS_NSSCOMPONENT_CID);
|
||||||
|
|
||||||
|
// outlinerArrayElStr
|
||||||
|
//
|
||||||
|
// structure used to hold map of outliner. Each thread (an organization
|
||||||
|
// field from a cert) has an element in the array. The numChildren field
|
||||||
|
// stores the number of certs corresponding to that thread.
|
||||||
|
struct outlinerArrayElStr {
|
||||||
|
PRUnichar *orgName; /* heading for thread */
|
||||||
|
PRBool open; /* toggle open state for thread */
|
||||||
|
PRInt32 certIndex; /* index into cert array for 1st cert */
|
||||||
|
PRInt32 numChildren; /* number of chidren (certs) for thread */
|
||||||
|
};
|
||||||
|
|
||||||
|
NS_IMPL_ISUPPORTS2(nsCertOutliner, nsICertOutliner, nsIOutlinerView)
|
||||||
|
|
||||||
|
nsCertOutliner::nsCertOutliner() : mOutlinerArray(NULL)
|
||||||
|
{
|
||||||
|
NS_INIT_ISUPPORTS();
|
||||||
|
}
|
||||||
|
|
||||||
|
nsCertOutliner::~nsCertOutliner()
|
||||||
|
{
|
||||||
|
if (mOutlinerArray)
|
||||||
|
nsMemory::Free(mOutlinerArray);
|
||||||
|
}
|
||||||
|
|
||||||
|
void
|
||||||
|
nsCertOutliner::FreeCertArray()
|
||||||
|
{
|
||||||
|
if (mCertArray) {
|
||||||
|
PRUint32 count;
|
||||||
|
nsresult rv = mCertArray->Count(&count);
|
||||||
|
NS_ASSERTION(NS_SUCCEEDED(rv), "Count failed");
|
||||||
|
PRInt32 i;
|
||||||
|
for (i = count - 1; i >= 0; i--)
|
||||||
|
mCertArray->RemoveElementAt(i);
|
||||||
|
}
|
||||||
|
mCertArray = nsnull;
|
||||||
|
}
|
||||||
|
|
||||||
|
// CmpByToken
|
||||||
|
//
|
||||||
|
// Compare two certificate by their token name. Returns -1, 0, 1 as
|
||||||
|
// in strcmp. No token name (null) is treated as <.
|
||||||
|
PRInt32
|
||||||
|
nsCertOutliner::CmpByToken(nsIX509Cert *a, nsIX509Cert *b)
|
||||||
|
{
|
||||||
|
PRInt32 cmp1;
|
||||||
|
nsXPIDLString aTok, bTok;
|
||||||
|
a->GetTokenName(getter_Copies(aTok));
|
||||||
|
b->GetTokenName(getter_Copies(bTok));
|
||||||
|
if (aTok != nsnull && bTok != nsnull) {
|
||||||
|
nsAutoString aStr(aTok);
|
||||||
|
cmp1 = aStr.CompareWithConversion(bTok);
|
||||||
|
} else {
|
||||||
|
cmp1 = (aTok == nsnull) ? -1 : 1;
|
||||||
|
}
|
||||||
|
return cmp1;
|
||||||
|
}
|
||||||
|
|
||||||
|
// CmpByOrg
|
||||||
|
//
|
||||||
|
// Compare two certificates by their O= field. Returns -1, 0, 1 as
|
||||||
|
// in strcmp. No organization (null) is treated as <.
|
||||||
|
PRInt32
|
||||||
|
nsCertOutliner::CmpByOrg(nsIX509Cert *a, nsIX509Cert *b)
|
||||||
|
{
|
||||||
|
PRInt32 cmp1;
|
||||||
|
nsXPIDLString aOrg, bOrg;
|
||||||
|
a->GetOrganization(getter_Copies(aOrg));
|
||||||
|
b->GetOrganization(getter_Copies(bOrg));
|
||||||
|
if (aOrg != nsnull && bOrg != nsnull) {
|
||||||
|
nsAutoString aStr(aOrg);
|
||||||
|
cmp1 = aStr.CompareWithConversion(bOrg);
|
||||||
|
} else {
|
||||||
|
cmp1 = (aOrg == nsnull) ? -1 : 1;
|
||||||
|
}
|
||||||
|
return cmp1;
|
||||||
|
}
|
||||||
|
|
||||||
|
// CmpByName
|
||||||
|
//
|
||||||
|
// Compare two certificates by their CN= field. Returns -1, 0, 1 as
|
||||||
|
// in strcmp. No common name (null) is treated as <.
|
||||||
|
PRInt32
|
||||||
|
nsCertOutliner::CmpByName(nsIX509Cert *a, nsIX509Cert *b)
|
||||||
|
{
|
||||||
|
PRInt32 cmp1;
|
||||||
|
nsXPIDLString aName, bName;
|
||||||
|
a->GetOrganization(getter_Copies(aName));
|
||||||
|
b->GetOrganization(getter_Copies(bName));
|
||||||
|
if (aName != nsnull && bName != nsnull) {
|
||||||
|
nsAutoString aStr(aName);
|
||||||
|
cmp1 = aStr.CompareWithConversion(bName);
|
||||||
|
} else {
|
||||||
|
cmp1 = (aName == nsnull) ? -1 : 1;
|
||||||
|
}
|
||||||
|
return cmp1;
|
||||||
|
}
|
||||||
|
|
||||||
|
// CmpByTok_Org_Name
|
||||||
|
//
|
||||||
|
// Compare two certificates by token name, organization, and common name,
|
||||||
|
// in that order. Used to sort cert list.
|
||||||
|
PRInt32
|
||||||
|
nsCertOutliner::CmpByTok_Org_Name(nsIX509Cert *a, nsIX509Cert *b)
|
||||||
|
{
|
||||||
|
PRInt32 cmp;
|
||||||
|
cmp = CmpByToken(a, b);
|
||||||
|
if (cmp != 0) return cmp;
|
||||||
|
cmp = CmpByOrg(a, b);
|
||||||
|
if (cmp != 0) return cmp;
|
||||||
|
return CmpByName(a, b);
|
||||||
|
}
|
||||||
|
|
||||||
|
// CountOrganizations
|
||||||
|
//
|
||||||
|
// Count the number of different organizations encountered in the cert
|
||||||
|
// list. Note that the same organization of a different token is counted
|
||||||
|
// seperately.
|
||||||
|
PRInt32
|
||||||
|
nsCertOutliner::CountOrganizations()
|
||||||
|
{
|
||||||
|
PRUint32 i, certCount;
|
||||||
|
nsresult rv = mCertArray->Count(&certCount);
|
||||||
|
if (NS_FAILED(rv)) return -1;
|
||||||
|
if (certCount == 0) return 0;
|
||||||
|
nsCOMPtr<nsISupports> isupport = dont_AddRef(mCertArray->ElementAt(0));
|
||||||
|
nsCOMPtr<nsIX509Cert> orgCert = do_QueryInterface(isupport);
|
||||||
|
nsCOMPtr<nsIX509Cert> nextCert = nsnull;
|
||||||
|
PRInt32 orgCount = 1;
|
||||||
|
for (i=1; i<certCount; i++) {
|
||||||
|
isupport = dont_AddRef(mCertArray->ElementAt(i));
|
||||||
|
nextCert = do_QueryInterface(isupport);
|
||||||
|
if (!(CmpByToken(orgCert, nextCert) == 0 &&
|
||||||
|
CmpByOrg(orgCert, nextCert) == 0)) {
|
||||||
|
orgCert = nextCert;
|
||||||
|
orgCount++;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return orgCount;
|
||||||
|
}
|
||||||
|
|
||||||
|
// GetThreadDescAtIndex
|
||||||
|
//
|
||||||
|
// If the row at index is an organization thread, return the collection
|
||||||
|
// associated with that thread. Otherwise, return null.
|
||||||
|
outlinerArrayEl *
|
||||||
|
nsCertOutliner::GetThreadDescAtIndex(PRInt32 index)
|
||||||
|
{
|
||||||
|
int i, idx=0;
|
||||||
|
if (index < 0) return nsnull;
|
||||||
|
for (i=0; i<mNumOrgs; i++) {
|
||||||
|
if (index == idx) {
|
||||||
|
return &mOutlinerArray[i];
|
||||||
|
}
|
||||||
|
if (mOutlinerArray[i].open == PR_FALSE) {
|
||||||
|
idx++;
|
||||||
|
} else {
|
||||||
|
idx += mOutlinerArray[i].numChildren + 1;
|
||||||
|
}
|
||||||
|
if (idx > index) break;
|
||||||
|
}
|
||||||
|
return nsnull;
|
||||||
|
}
|
||||||
|
|
||||||
|
// GetCertAtIndex
|
||||||
|
//
|
||||||
|
// If the row at index is a cert, return that cert. Otherwise, return null.
|
||||||
|
nsIX509Cert *
|
||||||
|
nsCertOutliner::GetCertAtIndex(PRInt32 index)
|
||||||
|
{
|
||||||
|
int i, idx = 0, cIndex = 0, nc;
|
||||||
|
nsIX509Cert *rawPtr = nsnull;
|
||||||
|
if (index < 0) return nsnull;
|
||||||
|
// Loop over the threads
|
||||||
|
for (i=0; i<mNumOrgs; i++) {
|
||||||
|
if (index == idx) return nsnull; // index is for thread
|
||||||
|
idx++; // get past the thread
|
||||||
|
nc = (mOutlinerArray[i].open) ? mOutlinerArray[i].numChildren : 0;
|
||||||
|
if (index < idx + nc) { // cert is within range of this thread
|
||||||
|
PRInt32 certIndex = cIndex + index - idx;
|
||||||
|
nsCOMPtr<nsISupports> isupport =
|
||||||
|
dont_AddRef(mCertArray->ElementAt(certIndex));
|
||||||
|
nsCOMPtr<nsIX509Cert> cert = do_QueryInterface(isupport);
|
||||||
|
rawPtr = cert;
|
||||||
|
NS_ADDREF(rawPtr);
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
if (mOutlinerArray[i].open)
|
||||||
|
idx += mOutlinerArray[i].numChildren;
|
||||||
|
cIndex += mOutlinerArray[i].numChildren;
|
||||||
|
if (idx > index) break;
|
||||||
|
}
|
||||||
|
return rawPtr;
|
||||||
|
}
|
||||||
|
|
||||||
|
// LoadCerts
|
||||||
|
//
|
||||||
|
// Load all of the certificates in the DB for this type. Sort them
|
||||||
|
// by token, organization, then common name.
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsCertOutliner::LoadCerts(const PRUint32 aType)
|
||||||
|
{
|
||||||
|
nsresult rv;
|
||||||
|
PRBool rowsChanged = PR_FALSE;
|
||||||
|
PRInt32 numChanged = 0;
|
||||||
|
if (mOutlinerArray) {
|
||||||
|
FreeCertArray();
|
||||||
|
nsMemory::Free(mOutlinerArray);
|
||||||
|
mOutlinerArray = NULL;
|
||||||
|
rowsChanged = PR_TRUE;
|
||||||
|
numChanged = mNumRows;
|
||||||
|
mNumRows = 0;
|
||||||
|
}
|
||||||
|
nsCOMPtr<nsIX509CertDB> certdb = do_GetService(NS_X509CERTDB_CONTRACTID);
|
||||||
|
if (certdb == nsnull) return NS_ERROR_FAILURE;
|
||||||
|
rv = certdb->GetCertsByType(aType,
|
||||||
|
CmpByTok_Org_Name,
|
||||||
|
getter_AddRefs(mCertArray));
|
||||||
|
if (NS_FAILED(rv)) return rv;
|
||||||
|
PRUint32 count;
|
||||||
|
rv = mCertArray->Count(&count);
|
||||||
|
if (NS_FAILED(rv)) return rv;
|
||||||
|
mNumOrgs = CountOrganizations();
|
||||||
|
mOutlinerArray = (outlinerArrayEl *)nsMemory::Alloc(
|
||||||
|
sizeof(outlinerArrayEl) * mNumOrgs);
|
||||||
|
PRUint32 j = 0;
|
||||||
|
nsCOMPtr<nsISupports> isupport = dont_AddRef(mCertArray->ElementAt(j));
|
||||||
|
nsCOMPtr<nsIX509Cert> orgCert = do_QueryInterface(isupport);
|
||||||
|
for (PRInt32 i=0; i<mNumOrgs; i++) {
|
||||||
|
orgCert->GetOrganization(&mOutlinerArray[i].orgName);
|
||||||
|
mOutlinerArray[i].open = PR_TRUE;
|
||||||
|
mOutlinerArray[i].certIndex = j;
|
||||||
|
mOutlinerArray[i].numChildren = 1;
|
||||||
|
if (++j >= count) break;
|
||||||
|
isupport = dont_AddRef(mCertArray->ElementAt(j));
|
||||||
|
nsCOMPtr<nsIX509Cert> nextCert = do_QueryInterface(isupport);
|
||||||
|
while (CmpByOrg(orgCert, nextCert) == 0) {
|
||||||
|
mOutlinerArray[i].numChildren++;
|
||||||
|
if (++j >= count) break;
|
||||||
|
isupport = dont_AddRef(mCertArray->ElementAt(j));
|
||||||
|
nextCert = do_QueryInterface(isupport);
|
||||||
|
}
|
||||||
|
orgCert = nextCert;
|
||||||
|
}
|
||||||
|
mNumRows = count + mNumOrgs;
|
||||||
|
if (rowsChanged) {
|
||||||
|
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("[%d,%d]", mNumRows, numChanged));
|
||||||
|
numChanged = mNumRows - numChanged;
|
||||||
|
if (mOutliner) mOutliner->RowCountChanged(0, numChanged);
|
||||||
|
}
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
//////////////////////////////////////////////////////////////////////////////
|
||||||
|
//
|
||||||
|
// Begin nsIOutlinerView methods
|
||||||
|
//
|
||||||
|
/////////////////////////////////////////////////////////////////////////////
|
||||||
|
|
||||||
|
/* nsIX509Cert getCert(in unsigned long index); */
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsCertOutliner::GetCert(const PRUint32 aIndex, nsIX509Cert **_cert)
|
||||||
|
{
|
||||||
|
NS_ENSURE_ARG(_cert);
|
||||||
|
*_cert = GetCertAtIndex(aIndex);
|
||||||
|
//nsCOMPtr<nsIX509Cert> cert = GetCertAtIndex(aIndex);
|
||||||
|
//if (cert) {
|
||||||
|
//*_cert = cert;
|
||||||
|
//NS_ADDREF(*_cert);
|
||||||
|
//}
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* readonly attribute long rowCount; */
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsCertOutliner::GetRowCount(PRInt32 *aRowCount)
|
||||||
|
{
|
||||||
|
PRUint32 count = 0;
|
||||||
|
for (PRInt32 i=0; i<mNumOrgs; i++) {
|
||||||
|
if (mOutlinerArray[i].open == PR_TRUE) {
|
||||||
|
count += mOutlinerArray[i].numChildren + 1;
|
||||||
|
} else {
|
||||||
|
count++;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
*aRowCount = count;
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* attribute nsIOutlinerSelection selection; */
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsCertOutliner::GetSelection(nsIOutlinerSelection * *aSelection)
|
||||||
|
{
|
||||||
|
*aSelection = mSelection;
|
||||||
|
NS_IF_ADDREF(*aSelection);
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsCertOutliner::SetSelection(nsIOutlinerSelection * aSelection)
|
||||||
|
{
|
||||||
|
mSelection = aSelection;
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* void getRowProperties (in long index, in nsISupportsArray properties); */
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsCertOutliner::GetRowProperties(PRInt32 index, nsISupportsArray *properties)
|
||||||
|
{
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* void getCellProperties (in long row, in wstring colID,
|
||||||
|
* in nsISupportsArray properties);
|
||||||
|
*/
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsCertOutliner::GetCellProperties(PRInt32 row, const PRUnichar *colID,
|
||||||
|
nsISupportsArray *properties)
|
||||||
|
{
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* void getColumnProperties (in wstring colID,
|
||||||
|
* in nsIDOMElement colElt,
|
||||||
|
* in nsISupportsArray properties);
|
||||||
|
*/
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsCertOutliner::GetColumnProperties(const PRUnichar *colID,
|
||||||
|
nsIDOMElement *colElt,
|
||||||
|
nsISupportsArray *properties)
|
||||||
|
{
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* boolean isContainer (in long index); */
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsCertOutliner::IsContainer(PRInt32 index, PRBool *_retval)
|
||||||
|
{
|
||||||
|
outlinerArrayEl *el = GetThreadDescAtIndex(index);
|
||||||
|
if (el) {
|
||||||
|
*_retval = PR_TRUE;
|
||||||
|
} else {
|
||||||
|
*_retval = PR_FALSE;
|
||||||
|
}
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* boolean isContainerOpen (in long index); */
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsCertOutliner::IsContainerOpen(PRInt32 index, PRBool *_retval)
|
||||||
|
{
|
||||||
|
outlinerArrayEl *el = GetThreadDescAtIndex(index);
|
||||||
|
if (el && el->open == PR_TRUE) {
|
||||||
|
*_retval = PR_TRUE;
|
||||||
|
} else {
|
||||||
|
*_retval = PR_FALSE;
|
||||||
|
}
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* boolean isContainerEmpty (in long index); */
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsCertOutliner::IsContainerEmpty(PRInt32 index, PRBool *_retval)
|
||||||
|
{
|
||||||
|
*_retval = PR_FALSE;
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* long getParentIndex (in long rowIndex); */
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsCertOutliner::GetParentIndex(PRInt32 rowIndex, PRInt32 *_retval)
|
||||||
|
{
|
||||||
|
int i, idx = 0;
|
||||||
|
for (i=0; i<mNumOrgs; i++) {
|
||||||
|
if (rowIndex == idx) break; // index is for thread
|
||||||
|
if (rowIndex < idx + mOutlinerArray[i].numChildren + 1) {
|
||||||
|
*_retval = idx;
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
idx += mOutlinerArray[i].numChildren + 1;
|
||||||
|
if (idx > rowIndex) break;
|
||||||
|
}
|
||||||
|
*_retval = -1;
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* boolean hasNextSibling (in long rowIndex, in long afterIndex); */
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsCertOutliner::HasNextSibling(PRInt32 rowIndex, PRInt32 afterIndex,
|
||||||
|
PRBool *_retval)
|
||||||
|
{
|
||||||
|
*_retval = PR_FALSE;
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* long getLevel (in long index); */
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsCertOutliner::GetLevel(PRInt32 index, PRInt32 *_retval)
|
||||||
|
{
|
||||||
|
outlinerArrayEl *el = GetThreadDescAtIndex(index);
|
||||||
|
if (el) {
|
||||||
|
*_retval = 0;
|
||||||
|
} else {
|
||||||
|
*_retval = 1;
|
||||||
|
}
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* wstring getCellText (in long row, in wstring colID); */
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsCertOutliner::GetCellText(PRInt32 row, const PRUnichar *colID,
|
||||||
|
PRUnichar **_retval)
|
||||||
|
{
|
||||||
|
nsresult rv;
|
||||||
|
char *col = NS_CONST_CAST(char *, NS_ConvertUCS2toUTF8(colID).get());
|
||||||
|
outlinerArrayEl *el = GetThreadDescAtIndex(row);
|
||||||
|
if (el != nsnull) {
|
||||||
|
if (strcmp(col, "certcol") == 0) {
|
||||||
|
nsAutoString oName(el->orgName);
|
||||||
|
*_retval = oName.ToNewUnicode();
|
||||||
|
} else {
|
||||||
|
*_retval = nsnull;
|
||||||
|
}
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
nsCOMPtr<nsIX509Cert> cert = GetCertAtIndex(row);
|
||||||
|
if (cert == nsnull) return NS_ERROR_FAILURE;
|
||||||
|
char *str = NULL;
|
||||||
|
PRUnichar *wstr = NULL;
|
||||||
|
if (strcmp(col, "certcol") == 0) {
|
||||||
|
rv = cert->GetCommonName(&wstr);
|
||||||
|
if (NS_FAILED(rv) || !wstr) {
|
||||||
|
// can this be fixed to not do copying?
|
||||||
|
PRUnichar *tmp = nsnull;
|
||||||
|
rv = cert->GetNickname(&tmp);
|
||||||
|
nsAutoString nick(tmp);
|
||||||
|
char *tmps = nick.ToNewCString();
|
||||||
|
char *mark = strchr(tmps, ':');
|
||||||
|
if (mark) {
|
||||||
|
str = PL_strdup(mark + 1);
|
||||||
|
} else {
|
||||||
|
wstr = nick.ToNewUnicode();
|
||||||
|
}
|
||||||
|
nsMemory::Free(tmp);
|
||||||
|
nsMemory::Free(tmps);
|
||||||
|
}
|
||||||
|
} else if (strcmp(col, "tokencol") == 0) {
|
||||||
|
rv = cert->GetTokenName(&wstr);
|
||||||
|
} else if (strcmp(col, "verifiedcol") == 0) {
|
||||||
|
PRUint32 verified;
|
||||||
|
nsCOMPtr<nsINSSComponent> nssComponent(
|
||||||
|
do_GetService(kNSSComponentCID, &rv));
|
||||||
|
if (NS_FAILED(rv)) return rv;
|
||||||
|
rv = cert->GetPurposes(&verified, NULL);
|
||||||
|
if (verified == nsIX509Cert::VERIFIED_OK) {
|
||||||
|
nsAutoString vfy;
|
||||||
|
rv = nssComponent->GetPIPNSSBundleString(
|
||||||
|
NS_LITERAL_STRING("VerifiedTrue").get(), vfy);
|
||||||
|
if (!NS_FAILED(rv))
|
||||||
|
wstr = vfy.ToNewUnicode();
|
||||||
|
} else {
|
||||||
|
nsAutoString vfy;
|
||||||
|
rv = nssComponent->GetPIPNSSBundleString(
|
||||||
|
NS_LITERAL_STRING("VerifiedFalse").get(), vfy);
|
||||||
|
if (!NS_FAILED(rv))
|
||||||
|
wstr = vfy.ToNewUnicode();
|
||||||
|
}
|
||||||
|
} else if (strcmp(col, "purposecol") == 0) {
|
||||||
|
PRUint32 verified;
|
||||||
|
rv = cert->GetPurposes(&verified, &wstr);
|
||||||
|
} else if (strcmp(col, "issuedcol") == 0) {
|
||||||
|
rv = cert->GetIssuedDate(&wstr);
|
||||||
|
} else if (strcmp(col, "expiredcol") == 0) {
|
||||||
|
rv = cert->GetExpiresDate(&wstr);
|
||||||
|
} else if (strcmp(col, "certdbkeycol") == 0) {
|
||||||
|
rv = cert->GetDbKey(&str);
|
||||||
|
} else {
|
||||||
|
return NS_ERROR_FAILURE;
|
||||||
|
}
|
||||||
|
if (str) {
|
||||||
|
nsAutoString astr = NS_ConvertASCIItoUCS2(str);
|
||||||
|
wstr = astr.ToNewUnicode();
|
||||||
|
}
|
||||||
|
*_retval = wstr;
|
||||||
|
return rv;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* void setOutliner (in nsIOutlinerBoxObject outliner); */
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsCertOutliner::SetOutliner(nsIOutlinerBoxObject *outliner)
|
||||||
|
{
|
||||||
|
mOutliner = outliner;
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* void toggleOpenState (in long index); */
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsCertOutliner::ToggleOpenState(PRInt32 index)
|
||||||
|
{
|
||||||
|
outlinerArrayEl *el = GetThreadDescAtIndex(index);
|
||||||
|
if (el) el->open = !el->open;
|
||||||
|
PRInt32 fac = (el->open) ? 1 : -1;
|
||||||
|
if (mOutliner) mOutliner->RowCountChanged(index, fac * el->numChildren);
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* void cycleHeader (in wstring colID, in nsIDOMElement elt); */
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsCertOutliner::CycleHeader(const PRUnichar *colID, nsIDOMElement *elt)
|
||||||
|
{
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* void selectionChanged (); */
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsCertOutliner::SelectionChanged()
|
||||||
|
{
|
||||||
|
return NS_ERROR_NOT_IMPLEMENTED;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* void cycleCell (in long row, in wstring colID); */
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsCertOutliner::CycleCell(PRInt32 row, const PRUnichar *colID)
|
||||||
|
{
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* boolean isEditable (in long row, in wstring colID); */
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsCertOutliner::IsEditable(PRInt32 row, const PRUnichar *colID, PRBool *_retval)
|
||||||
|
{
|
||||||
|
*_retval = PR_FALSE;
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* void setCellText (in long row, in wstring colID, in wstring value); */
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsCertOutliner::SetCellText(PRInt32 row, const PRUnichar *colID,
|
||||||
|
const PRUnichar *value)
|
||||||
|
{
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* void performAction (in wstring action); */
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsCertOutliner::PerformAction(const PRUnichar *action)
|
||||||
|
{
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* void performActionOnRow (in wstring action, in long row); */
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsCertOutliner::PerformActionOnRow(const PRUnichar *action, PRInt32 row)
|
||||||
|
{
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* void performActionOnCell (in wstring action, in long row,
|
||||||
|
* in wstring colID);
|
||||||
|
*/
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsCertOutliner::PerformActionOnCell(const PRUnichar *action, PRInt32 row,
|
||||||
|
const PRUnichar *colID)
|
||||||
|
{
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
#ifdef DEBUG_CERT_OUTLINER
|
||||||
|
void
|
||||||
|
nsCertOutliner::dumpMap()
|
||||||
|
{
|
||||||
|
for (int i=0; i<mNumOrgs; i++) {
|
||||||
|
nsAutoString org(mOutlinerArray[i].orgName);
|
||||||
|
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("ORG[%s]", org.ToNewCString()));
|
||||||
|
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("OPEN[%d]", mOutlinerArray[i].open));
|
||||||
|
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("INDEX[%d]", mOutlinerArray[i].certIndex));
|
||||||
|
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("NCHILD[%d]", mOutlinerArray[i].numChildren));
|
||||||
|
}
|
||||||
|
for (int i=0; i<mNumRows; i++) {
|
||||||
|
outlinerArrayEl *el = GetThreadDescAtIndex(i);
|
||||||
|
if (el != nsnull) {
|
||||||
|
nsAutoString td(el->orgName);
|
||||||
|
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("thread desc[%d]: %s",i,td.ToNewCString()));
|
||||||
|
}
|
||||||
|
nsCOMPtr<nsIX509Cert> ct = GetCertAtIndex(i);
|
||||||
|
if (ct != nsnull) {
|
||||||
|
PRUnichar *goo;
|
||||||
|
ct->GetCommonName(&goo);
|
||||||
|
nsAutoString doo(goo);
|
||||||
|
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("cert [%d]: %s",i,doo.ToNewCString()));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
|
@ -0,0 +1,86 @@
|
||||||
|
/*
|
||||||
|
* The contents of this file are subject to the Mozilla Public
|
||||||
|
* License Version 1.1 (the "License"); you may not use this file
|
||||||
|
* except in compliance with the License. You may obtain a copy of
|
||||||
|
* the License at http://www.mozilla.org/MPL/
|
||||||
|
*
|
||||||
|
* Software distributed under the License is distributed on an "AS
|
||||||
|
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
|
||||||
|
* implied. See the License for the specific language governing
|
||||||
|
* rights and limitations under the License.
|
||||||
|
*
|
||||||
|
* The Original Code is the Netscape security libraries.
|
||||||
|
*
|
||||||
|
* The Initial Developer of the Original Code is Netscape
|
||||||
|
* Communications Corporation. Portions created by Netscape are
|
||||||
|
* Copyright (C) 2000 Netscape Communications Corporation. All
|
||||||
|
* Rights Reserved.
|
||||||
|
*
|
||||||
|
* Contributor(s):
|
||||||
|
* Ian McGreer <mcgreer@netscape.com>
|
||||||
|
*
|
||||||
|
* Alternatively, the contents of this file may be used under the
|
||||||
|
* terms of the GNU General Public License Version 2 or later (the
|
||||||
|
* "GPL"), in which case the provisions of the GPL are applicable
|
||||||
|
* instead of those above. If you wish to allow use of your
|
||||||
|
* version of this file only under the terms of the GPL and not to
|
||||||
|
* allow others to use your version of this file under the MPL,
|
||||||
|
* indicate your decision by deleting the provisions above and
|
||||||
|
* replace them with the notice and other provisions required by
|
||||||
|
* the GPL. If you do not delete the provisions above, a recipient
|
||||||
|
* may use your version of this file under either the MPL or the
|
||||||
|
* GPL.
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef _NS_CERTOUTLINER_H_
|
||||||
|
#define _NS_CERTOUTLINER_H_
|
||||||
|
|
||||||
|
#include "nsCOMPtr.h"
|
||||||
|
#include "nsIServiceManager.h"
|
||||||
|
#include "nsICertOutliner.h"
|
||||||
|
#include "nsIOutlinerView.h"
|
||||||
|
#include "nsIOutlinerBoxObject.h"
|
||||||
|
#include "nsIOutlinerSelection.h"
|
||||||
|
#include "nsISupportsArray.h"
|
||||||
|
|
||||||
|
typedef struct outlinerArrayElStr outlinerArrayEl;
|
||||||
|
|
||||||
|
class nsCertOutliner : public nsICertOutliner
|
||||||
|
{
|
||||||
|
public:
|
||||||
|
NS_DECL_ISUPPORTS
|
||||||
|
NS_DECL_NSICERTOUTLINER
|
||||||
|
NS_DECL_NSIOUTLINERVIEW
|
||||||
|
|
||||||
|
nsCertOutliner();
|
||||||
|
virtual ~nsCertOutliner();
|
||||||
|
|
||||||
|
protected:
|
||||||
|
static PRInt32 CmpByToken(nsIX509Cert *a, nsIX509Cert *b);
|
||||||
|
static PRInt32 CmpByOrg(nsIX509Cert *a, nsIX509Cert *b);
|
||||||
|
static PRInt32 CmpByName(nsIX509Cert *a, nsIX509Cert *b);
|
||||||
|
static PRInt32 CmpByTok_Org_Name(nsIX509Cert *a, nsIX509Cert *b);
|
||||||
|
PRInt32 CountOrganizations();
|
||||||
|
|
||||||
|
private:
|
||||||
|
nsCOMPtr<nsISupportsArray> mCertArray;
|
||||||
|
nsCOMPtr<nsIOutlinerBoxObject> mOutliner;
|
||||||
|
nsCOMPtr<nsIOutlinerSelection> mSelection;
|
||||||
|
outlinerArrayEl *mOutlinerArray;
|
||||||
|
PRInt32 mNumOrgs;
|
||||||
|
PRInt32 mNumRows;
|
||||||
|
|
||||||
|
outlinerArrayEl *GetThreadDescAtIndex(PRInt32 _index);
|
||||||
|
nsIX509Cert *GetCertAtIndex(PRInt32 _index);
|
||||||
|
|
||||||
|
void FreeCertArray();
|
||||||
|
|
||||||
|
#ifdef DEBUG_CERT_OUTLINER
|
||||||
|
/* for debugging purposes */
|
||||||
|
void dumpMap();
|
||||||
|
#endif
|
||||||
|
};
|
||||||
|
|
||||||
|
#endif /* _NS_CERTOUTLINER_H_ */
|
||||||
|
|
|
@ -0,0 +1,644 @@
|
||||||
|
/*
|
||||||
|
* The contents of this file are subject to the Mozilla Public
|
||||||
|
* License Version 1.1 (the "License"); you may not use this file
|
||||||
|
* except in compliance with the License. You may obtain a copy of
|
||||||
|
* the License at http://www.mozilla.org/MPL/
|
||||||
|
*
|
||||||
|
* Software distributed under the License is distributed on an "AS
|
||||||
|
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
|
||||||
|
* implied. See the License for the specific language governing
|
||||||
|
* rights and limitations under the License.
|
||||||
|
*
|
||||||
|
* The Original Code is the Netscape security libraries.
|
||||||
|
*
|
||||||
|
* The Initial Developer of the Original Code is Netscape
|
||||||
|
* Communications Corporation. Portions created by Netscape are
|
||||||
|
* Copyright (C) 2000 Netscape Communications Corporation. All
|
||||||
|
* Rights Reserved.
|
||||||
|
*
|
||||||
|
* Contributor(s):
|
||||||
|
* Ian McGreer <mcgreer@netscape.com>
|
||||||
|
*
|
||||||
|
* Alternatively, the contents of this file may be used under the
|
||||||
|
* terms of the GNU General Public License Version 2 or later (the
|
||||||
|
* "GPL"), in which case the provisions of the GPL are applicable
|
||||||
|
* instead of those above. If you wish to allow use of your
|
||||||
|
* version of this file only under the terms of the GPL and not to
|
||||||
|
* allow others to use your version of this file under the MPL,
|
||||||
|
* indicate your decision by deleting the provisions above and
|
||||||
|
* replace them with the notice and other provisions required by
|
||||||
|
* the GPL. If you do not delete the provisions above, a recipient
|
||||||
|
* may use your version of this file under either the MPL or the
|
||||||
|
* GPL.
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include "nsNSSComponent.h" // for PIPNSS string bundle calls.
|
||||||
|
#include "nsCertOutliner.h"
|
||||||
|
#include "nsIX509Cert.h"
|
||||||
|
#include "nsIX509CertDB.h"
|
||||||
|
#include "nsXPIDLString.h"
|
||||||
|
|
||||||
|
#include "prlog.h"
|
||||||
|
#ifdef PR_LOGGING
|
||||||
|
extern PRLogModuleInfo* gPIPNSSLog;
|
||||||
|
#endif
|
||||||
|
|
||||||
|
static NS_DEFINE_CID(kNSSComponentCID, NS_NSSCOMPONENT_CID);
|
||||||
|
|
||||||
|
// outlinerArrayElStr
|
||||||
|
//
|
||||||
|
// structure used to hold map of outliner. Each thread (an organization
|
||||||
|
// field from a cert) has an element in the array. The numChildren field
|
||||||
|
// stores the number of certs corresponding to that thread.
|
||||||
|
struct outlinerArrayElStr {
|
||||||
|
PRUnichar *orgName; /* heading for thread */
|
||||||
|
PRBool open; /* toggle open state for thread */
|
||||||
|
PRInt32 certIndex; /* index into cert array for 1st cert */
|
||||||
|
PRInt32 numChildren; /* number of chidren (certs) for thread */
|
||||||
|
};
|
||||||
|
|
||||||
|
NS_IMPL_ISUPPORTS2(nsCertOutliner, nsICertOutliner, nsIOutlinerView)
|
||||||
|
|
||||||
|
nsCertOutliner::nsCertOutliner() : mOutlinerArray(NULL)
|
||||||
|
{
|
||||||
|
NS_INIT_ISUPPORTS();
|
||||||
|
}
|
||||||
|
|
||||||
|
nsCertOutliner::~nsCertOutliner()
|
||||||
|
{
|
||||||
|
if (mOutlinerArray)
|
||||||
|
nsMemory::Free(mOutlinerArray);
|
||||||
|
}
|
||||||
|
|
||||||
|
void
|
||||||
|
nsCertOutliner::FreeCertArray()
|
||||||
|
{
|
||||||
|
if (mCertArray) {
|
||||||
|
PRUint32 count;
|
||||||
|
nsresult rv = mCertArray->Count(&count);
|
||||||
|
NS_ASSERTION(NS_SUCCEEDED(rv), "Count failed");
|
||||||
|
PRInt32 i;
|
||||||
|
for (i = count - 1; i >= 0; i--)
|
||||||
|
mCertArray->RemoveElementAt(i);
|
||||||
|
}
|
||||||
|
mCertArray = nsnull;
|
||||||
|
}
|
||||||
|
|
||||||
|
// CmpByToken
|
||||||
|
//
|
||||||
|
// Compare two certificate by their token name. Returns -1, 0, 1 as
|
||||||
|
// in strcmp. No token name (null) is treated as <.
|
||||||
|
PRInt32
|
||||||
|
nsCertOutliner::CmpByToken(nsIX509Cert *a, nsIX509Cert *b)
|
||||||
|
{
|
||||||
|
PRInt32 cmp1;
|
||||||
|
nsXPIDLString aTok, bTok;
|
||||||
|
a->GetTokenName(getter_Copies(aTok));
|
||||||
|
b->GetTokenName(getter_Copies(bTok));
|
||||||
|
if (aTok != nsnull && bTok != nsnull) {
|
||||||
|
nsAutoString aStr(aTok);
|
||||||
|
cmp1 = aStr.CompareWithConversion(bTok);
|
||||||
|
} else {
|
||||||
|
cmp1 = (aTok == nsnull) ? -1 : 1;
|
||||||
|
}
|
||||||
|
return cmp1;
|
||||||
|
}
|
||||||
|
|
||||||
|
// CmpByOrg
|
||||||
|
//
|
||||||
|
// Compare two certificates by their O= field. Returns -1, 0, 1 as
|
||||||
|
// in strcmp. No organization (null) is treated as <.
|
||||||
|
PRInt32
|
||||||
|
nsCertOutliner::CmpByOrg(nsIX509Cert *a, nsIX509Cert *b)
|
||||||
|
{
|
||||||
|
PRInt32 cmp1;
|
||||||
|
nsXPIDLString aOrg, bOrg;
|
||||||
|
a->GetOrganization(getter_Copies(aOrg));
|
||||||
|
b->GetOrganization(getter_Copies(bOrg));
|
||||||
|
if (aOrg != nsnull && bOrg != nsnull) {
|
||||||
|
nsAutoString aStr(aOrg);
|
||||||
|
cmp1 = aStr.CompareWithConversion(bOrg);
|
||||||
|
} else {
|
||||||
|
cmp1 = (aOrg == nsnull) ? -1 : 1;
|
||||||
|
}
|
||||||
|
return cmp1;
|
||||||
|
}
|
||||||
|
|
||||||
|
// CmpByName
|
||||||
|
//
|
||||||
|
// Compare two certificates by their CN= field. Returns -1, 0, 1 as
|
||||||
|
// in strcmp. No common name (null) is treated as <.
|
||||||
|
PRInt32
|
||||||
|
nsCertOutliner::CmpByName(nsIX509Cert *a, nsIX509Cert *b)
|
||||||
|
{
|
||||||
|
PRInt32 cmp1;
|
||||||
|
nsXPIDLString aName, bName;
|
||||||
|
a->GetOrganization(getter_Copies(aName));
|
||||||
|
b->GetOrganization(getter_Copies(bName));
|
||||||
|
if (aName != nsnull && bName != nsnull) {
|
||||||
|
nsAutoString aStr(aName);
|
||||||
|
cmp1 = aStr.CompareWithConversion(bName);
|
||||||
|
} else {
|
||||||
|
cmp1 = (aName == nsnull) ? -1 : 1;
|
||||||
|
}
|
||||||
|
return cmp1;
|
||||||
|
}
|
||||||
|
|
||||||
|
// CmpByTok_Org_Name
|
||||||
|
//
|
||||||
|
// Compare two certificates by token name, organization, and common name,
|
||||||
|
// in that order. Used to sort cert list.
|
||||||
|
PRInt32
|
||||||
|
nsCertOutliner::CmpByTok_Org_Name(nsIX509Cert *a, nsIX509Cert *b)
|
||||||
|
{
|
||||||
|
PRInt32 cmp;
|
||||||
|
cmp = CmpByToken(a, b);
|
||||||
|
if (cmp != 0) return cmp;
|
||||||
|
cmp = CmpByOrg(a, b);
|
||||||
|
if (cmp != 0) return cmp;
|
||||||
|
return CmpByName(a, b);
|
||||||
|
}
|
||||||
|
|
||||||
|
// CountOrganizations
|
||||||
|
//
|
||||||
|
// Count the number of different organizations encountered in the cert
|
||||||
|
// list. Note that the same organization of a different token is counted
|
||||||
|
// seperately.
|
||||||
|
PRInt32
|
||||||
|
nsCertOutliner::CountOrganizations()
|
||||||
|
{
|
||||||
|
PRUint32 i, certCount;
|
||||||
|
nsresult rv = mCertArray->Count(&certCount);
|
||||||
|
if (NS_FAILED(rv)) return -1;
|
||||||
|
if (certCount == 0) return 0;
|
||||||
|
nsCOMPtr<nsISupports> isupport = dont_AddRef(mCertArray->ElementAt(0));
|
||||||
|
nsCOMPtr<nsIX509Cert> orgCert = do_QueryInterface(isupport);
|
||||||
|
nsCOMPtr<nsIX509Cert> nextCert = nsnull;
|
||||||
|
PRInt32 orgCount = 1;
|
||||||
|
for (i=1; i<certCount; i++) {
|
||||||
|
isupport = dont_AddRef(mCertArray->ElementAt(i));
|
||||||
|
nextCert = do_QueryInterface(isupport);
|
||||||
|
if (!(CmpByToken(orgCert, nextCert) == 0 &&
|
||||||
|
CmpByOrg(orgCert, nextCert) == 0)) {
|
||||||
|
orgCert = nextCert;
|
||||||
|
orgCount++;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return orgCount;
|
||||||
|
}
|
||||||
|
|
||||||
|
// GetThreadDescAtIndex
|
||||||
|
//
|
||||||
|
// If the row at index is an organization thread, return the collection
|
||||||
|
// associated with that thread. Otherwise, return null.
|
||||||
|
outlinerArrayEl *
|
||||||
|
nsCertOutliner::GetThreadDescAtIndex(PRInt32 index)
|
||||||
|
{
|
||||||
|
int i, idx=0;
|
||||||
|
if (index < 0) return nsnull;
|
||||||
|
for (i=0; i<mNumOrgs; i++) {
|
||||||
|
if (index == idx) {
|
||||||
|
return &mOutlinerArray[i];
|
||||||
|
}
|
||||||
|
if (mOutlinerArray[i].open == PR_FALSE) {
|
||||||
|
idx++;
|
||||||
|
} else {
|
||||||
|
idx += mOutlinerArray[i].numChildren + 1;
|
||||||
|
}
|
||||||
|
if (idx > index) break;
|
||||||
|
}
|
||||||
|
return nsnull;
|
||||||
|
}
|
||||||
|
|
||||||
|
// GetCertAtIndex
|
||||||
|
//
|
||||||
|
// If the row at index is a cert, return that cert. Otherwise, return null.
|
||||||
|
nsIX509Cert *
|
||||||
|
nsCertOutliner::GetCertAtIndex(PRInt32 index)
|
||||||
|
{
|
||||||
|
int i, idx = 0, cIndex = 0, nc;
|
||||||
|
nsIX509Cert *rawPtr = nsnull;
|
||||||
|
if (index < 0) return nsnull;
|
||||||
|
// Loop over the threads
|
||||||
|
for (i=0; i<mNumOrgs; i++) {
|
||||||
|
if (index == idx) return nsnull; // index is for thread
|
||||||
|
idx++; // get past the thread
|
||||||
|
nc = (mOutlinerArray[i].open) ? mOutlinerArray[i].numChildren : 0;
|
||||||
|
if (index < idx + nc) { // cert is within range of this thread
|
||||||
|
PRInt32 certIndex = cIndex + index - idx;
|
||||||
|
nsCOMPtr<nsISupports> isupport =
|
||||||
|
dont_AddRef(mCertArray->ElementAt(certIndex));
|
||||||
|
nsCOMPtr<nsIX509Cert> cert = do_QueryInterface(isupport);
|
||||||
|
rawPtr = cert;
|
||||||
|
NS_ADDREF(rawPtr);
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
if (mOutlinerArray[i].open)
|
||||||
|
idx += mOutlinerArray[i].numChildren;
|
||||||
|
cIndex += mOutlinerArray[i].numChildren;
|
||||||
|
if (idx > index) break;
|
||||||
|
}
|
||||||
|
return rawPtr;
|
||||||
|
}
|
||||||
|
|
||||||
|
// LoadCerts
|
||||||
|
//
|
||||||
|
// Load all of the certificates in the DB for this type. Sort them
|
||||||
|
// by token, organization, then common name.
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsCertOutliner::LoadCerts(const PRUint32 aType)
|
||||||
|
{
|
||||||
|
nsresult rv;
|
||||||
|
PRBool rowsChanged = PR_FALSE;
|
||||||
|
PRInt32 numChanged = 0;
|
||||||
|
if (mOutlinerArray) {
|
||||||
|
FreeCertArray();
|
||||||
|
nsMemory::Free(mOutlinerArray);
|
||||||
|
mOutlinerArray = NULL;
|
||||||
|
rowsChanged = PR_TRUE;
|
||||||
|
numChanged = mNumRows;
|
||||||
|
mNumRows = 0;
|
||||||
|
}
|
||||||
|
nsCOMPtr<nsIX509CertDB> certdb = do_GetService(NS_X509CERTDB_CONTRACTID);
|
||||||
|
if (certdb == nsnull) return NS_ERROR_FAILURE;
|
||||||
|
rv = certdb->GetCertsByType(aType,
|
||||||
|
CmpByTok_Org_Name,
|
||||||
|
getter_AddRefs(mCertArray));
|
||||||
|
if (NS_FAILED(rv)) return rv;
|
||||||
|
PRUint32 count;
|
||||||
|
rv = mCertArray->Count(&count);
|
||||||
|
if (NS_FAILED(rv)) return rv;
|
||||||
|
mNumOrgs = CountOrganizations();
|
||||||
|
mOutlinerArray = (outlinerArrayEl *)nsMemory::Alloc(
|
||||||
|
sizeof(outlinerArrayEl) * mNumOrgs);
|
||||||
|
PRUint32 j = 0;
|
||||||
|
nsCOMPtr<nsISupports> isupport = dont_AddRef(mCertArray->ElementAt(j));
|
||||||
|
nsCOMPtr<nsIX509Cert> orgCert = do_QueryInterface(isupport);
|
||||||
|
for (PRInt32 i=0; i<mNumOrgs; i++) {
|
||||||
|
orgCert->GetOrganization(&mOutlinerArray[i].orgName);
|
||||||
|
mOutlinerArray[i].open = PR_TRUE;
|
||||||
|
mOutlinerArray[i].certIndex = j;
|
||||||
|
mOutlinerArray[i].numChildren = 1;
|
||||||
|
if (++j >= count) break;
|
||||||
|
isupport = dont_AddRef(mCertArray->ElementAt(j));
|
||||||
|
nsCOMPtr<nsIX509Cert> nextCert = do_QueryInterface(isupport);
|
||||||
|
while (CmpByOrg(orgCert, nextCert) == 0) {
|
||||||
|
mOutlinerArray[i].numChildren++;
|
||||||
|
if (++j >= count) break;
|
||||||
|
isupport = dont_AddRef(mCertArray->ElementAt(j));
|
||||||
|
nextCert = do_QueryInterface(isupport);
|
||||||
|
}
|
||||||
|
orgCert = nextCert;
|
||||||
|
}
|
||||||
|
mNumRows = count + mNumOrgs;
|
||||||
|
if (rowsChanged) {
|
||||||
|
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("[%d,%d]", mNumRows, numChanged));
|
||||||
|
numChanged = mNumRows - numChanged;
|
||||||
|
if (mOutliner) mOutliner->RowCountChanged(0, numChanged);
|
||||||
|
}
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
//////////////////////////////////////////////////////////////////////////////
|
||||||
|
//
|
||||||
|
// Begin nsIOutlinerView methods
|
||||||
|
//
|
||||||
|
/////////////////////////////////////////////////////////////////////////////
|
||||||
|
|
||||||
|
/* nsIX509Cert getCert(in unsigned long index); */
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsCertOutliner::GetCert(const PRUint32 aIndex, nsIX509Cert **_cert)
|
||||||
|
{
|
||||||
|
NS_ENSURE_ARG(_cert);
|
||||||
|
*_cert = GetCertAtIndex(aIndex);
|
||||||
|
//nsCOMPtr<nsIX509Cert> cert = GetCertAtIndex(aIndex);
|
||||||
|
//if (cert) {
|
||||||
|
//*_cert = cert;
|
||||||
|
//NS_ADDREF(*_cert);
|
||||||
|
//}
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* readonly attribute long rowCount; */
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsCertOutliner::GetRowCount(PRInt32 *aRowCount)
|
||||||
|
{
|
||||||
|
PRUint32 count = 0;
|
||||||
|
for (PRInt32 i=0; i<mNumOrgs; i++) {
|
||||||
|
if (mOutlinerArray[i].open == PR_TRUE) {
|
||||||
|
count += mOutlinerArray[i].numChildren + 1;
|
||||||
|
} else {
|
||||||
|
count++;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
*aRowCount = count;
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* attribute nsIOutlinerSelection selection; */
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsCertOutliner::GetSelection(nsIOutlinerSelection * *aSelection)
|
||||||
|
{
|
||||||
|
*aSelection = mSelection;
|
||||||
|
NS_IF_ADDREF(*aSelection);
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsCertOutliner::SetSelection(nsIOutlinerSelection * aSelection)
|
||||||
|
{
|
||||||
|
mSelection = aSelection;
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* void getRowProperties (in long index, in nsISupportsArray properties); */
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsCertOutliner::GetRowProperties(PRInt32 index, nsISupportsArray *properties)
|
||||||
|
{
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* void getCellProperties (in long row, in wstring colID,
|
||||||
|
* in nsISupportsArray properties);
|
||||||
|
*/
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsCertOutliner::GetCellProperties(PRInt32 row, const PRUnichar *colID,
|
||||||
|
nsISupportsArray *properties)
|
||||||
|
{
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* void getColumnProperties (in wstring colID,
|
||||||
|
* in nsIDOMElement colElt,
|
||||||
|
* in nsISupportsArray properties);
|
||||||
|
*/
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsCertOutliner::GetColumnProperties(const PRUnichar *colID,
|
||||||
|
nsIDOMElement *colElt,
|
||||||
|
nsISupportsArray *properties)
|
||||||
|
{
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* boolean isContainer (in long index); */
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsCertOutliner::IsContainer(PRInt32 index, PRBool *_retval)
|
||||||
|
{
|
||||||
|
outlinerArrayEl *el = GetThreadDescAtIndex(index);
|
||||||
|
if (el) {
|
||||||
|
*_retval = PR_TRUE;
|
||||||
|
} else {
|
||||||
|
*_retval = PR_FALSE;
|
||||||
|
}
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* boolean isContainerOpen (in long index); */
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsCertOutliner::IsContainerOpen(PRInt32 index, PRBool *_retval)
|
||||||
|
{
|
||||||
|
outlinerArrayEl *el = GetThreadDescAtIndex(index);
|
||||||
|
if (el && el->open == PR_TRUE) {
|
||||||
|
*_retval = PR_TRUE;
|
||||||
|
} else {
|
||||||
|
*_retval = PR_FALSE;
|
||||||
|
}
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* boolean isContainerEmpty (in long index); */
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsCertOutliner::IsContainerEmpty(PRInt32 index, PRBool *_retval)
|
||||||
|
{
|
||||||
|
*_retval = PR_FALSE;
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* long getParentIndex (in long rowIndex); */
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsCertOutliner::GetParentIndex(PRInt32 rowIndex, PRInt32 *_retval)
|
||||||
|
{
|
||||||
|
int i, idx = 0;
|
||||||
|
for (i=0; i<mNumOrgs; i++) {
|
||||||
|
if (rowIndex == idx) break; // index is for thread
|
||||||
|
if (rowIndex < idx + mOutlinerArray[i].numChildren + 1) {
|
||||||
|
*_retval = idx;
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
idx += mOutlinerArray[i].numChildren + 1;
|
||||||
|
if (idx > rowIndex) break;
|
||||||
|
}
|
||||||
|
*_retval = -1;
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* boolean hasNextSibling (in long rowIndex, in long afterIndex); */
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsCertOutliner::HasNextSibling(PRInt32 rowIndex, PRInt32 afterIndex,
|
||||||
|
PRBool *_retval)
|
||||||
|
{
|
||||||
|
*_retval = PR_FALSE;
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* long getLevel (in long index); */
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsCertOutliner::GetLevel(PRInt32 index, PRInt32 *_retval)
|
||||||
|
{
|
||||||
|
outlinerArrayEl *el = GetThreadDescAtIndex(index);
|
||||||
|
if (el) {
|
||||||
|
*_retval = 0;
|
||||||
|
} else {
|
||||||
|
*_retval = 1;
|
||||||
|
}
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* wstring getCellText (in long row, in wstring colID); */
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsCertOutliner::GetCellText(PRInt32 row, const PRUnichar *colID,
|
||||||
|
PRUnichar **_retval)
|
||||||
|
{
|
||||||
|
nsresult rv;
|
||||||
|
char *col = NS_CONST_CAST(char *, NS_ConvertUCS2toUTF8(colID).get());
|
||||||
|
outlinerArrayEl *el = GetThreadDescAtIndex(row);
|
||||||
|
if (el != nsnull) {
|
||||||
|
if (strcmp(col, "certcol") == 0) {
|
||||||
|
nsAutoString oName(el->orgName);
|
||||||
|
*_retval = oName.ToNewUnicode();
|
||||||
|
} else {
|
||||||
|
*_retval = nsnull;
|
||||||
|
}
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
nsCOMPtr<nsIX509Cert> cert = GetCertAtIndex(row);
|
||||||
|
if (cert == nsnull) return NS_ERROR_FAILURE;
|
||||||
|
char *str = NULL;
|
||||||
|
PRUnichar *wstr = NULL;
|
||||||
|
if (strcmp(col, "certcol") == 0) {
|
||||||
|
rv = cert->GetCommonName(&wstr);
|
||||||
|
if (NS_FAILED(rv) || !wstr) {
|
||||||
|
// can this be fixed to not do copying?
|
||||||
|
PRUnichar *tmp = nsnull;
|
||||||
|
rv = cert->GetNickname(&tmp);
|
||||||
|
nsAutoString nick(tmp);
|
||||||
|
char *tmps = nick.ToNewCString();
|
||||||
|
char *mark = strchr(tmps, ':');
|
||||||
|
if (mark) {
|
||||||
|
str = PL_strdup(mark + 1);
|
||||||
|
} else {
|
||||||
|
wstr = nick.ToNewUnicode();
|
||||||
|
}
|
||||||
|
nsMemory::Free(tmp);
|
||||||
|
nsMemory::Free(tmps);
|
||||||
|
}
|
||||||
|
} else if (strcmp(col, "tokencol") == 0) {
|
||||||
|
rv = cert->GetTokenName(&wstr);
|
||||||
|
} else if (strcmp(col, "verifiedcol") == 0) {
|
||||||
|
PRUint32 verified;
|
||||||
|
nsCOMPtr<nsINSSComponent> nssComponent(
|
||||||
|
do_GetService(kNSSComponentCID, &rv));
|
||||||
|
if (NS_FAILED(rv)) return rv;
|
||||||
|
rv = cert->GetPurposes(&verified, NULL);
|
||||||
|
if (verified == nsIX509Cert::VERIFIED_OK) {
|
||||||
|
nsAutoString vfy;
|
||||||
|
rv = nssComponent->GetPIPNSSBundleString(
|
||||||
|
NS_LITERAL_STRING("VerifiedTrue").get(), vfy);
|
||||||
|
if (!NS_FAILED(rv))
|
||||||
|
wstr = vfy.ToNewUnicode();
|
||||||
|
} else {
|
||||||
|
nsAutoString vfy;
|
||||||
|
rv = nssComponent->GetPIPNSSBundleString(
|
||||||
|
NS_LITERAL_STRING("VerifiedFalse").get(), vfy);
|
||||||
|
if (!NS_FAILED(rv))
|
||||||
|
wstr = vfy.ToNewUnicode();
|
||||||
|
}
|
||||||
|
} else if (strcmp(col, "purposecol") == 0) {
|
||||||
|
PRUint32 verified;
|
||||||
|
rv = cert->GetPurposes(&verified, &wstr);
|
||||||
|
} else if (strcmp(col, "issuedcol") == 0) {
|
||||||
|
rv = cert->GetIssuedDate(&wstr);
|
||||||
|
} else if (strcmp(col, "expiredcol") == 0) {
|
||||||
|
rv = cert->GetExpiresDate(&wstr);
|
||||||
|
} else if (strcmp(col, "certdbkeycol") == 0) {
|
||||||
|
rv = cert->GetDbKey(&str);
|
||||||
|
} else {
|
||||||
|
return NS_ERROR_FAILURE;
|
||||||
|
}
|
||||||
|
if (str) {
|
||||||
|
nsAutoString astr = NS_ConvertASCIItoUCS2(str);
|
||||||
|
wstr = astr.ToNewUnicode();
|
||||||
|
}
|
||||||
|
*_retval = wstr;
|
||||||
|
return rv;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* void setOutliner (in nsIOutlinerBoxObject outliner); */
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsCertOutliner::SetOutliner(nsIOutlinerBoxObject *outliner)
|
||||||
|
{
|
||||||
|
mOutliner = outliner;
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* void toggleOpenState (in long index); */
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsCertOutliner::ToggleOpenState(PRInt32 index)
|
||||||
|
{
|
||||||
|
outlinerArrayEl *el = GetThreadDescAtIndex(index);
|
||||||
|
if (el) el->open = !el->open;
|
||||||
|
PRInt32 fac = (el->open) ? 1 : -1;
|
||||||
|
if (mOutliner) mOutliner->RowCountChanged(index, fac * el->numChildren);
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* void cycleHeader (in wstring colID, in nsIDOMElement elt); */
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsCertOutliner::CycleHeader(const PRUnichar *colID, nsIDOMElement *elt)
|
||||||
|
{
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* void selectionChanged (); */
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsCertOutliner::SelectionChanged()
|
||||||
|
{
|
||||||
|
return NS_ERROR_NOT_IMPLEMENTED;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* void cycleCell (in long row, in wstring colID); */
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsCertOutliner::CycleCell(PRInt32 row, const PRUnichar *colID)
|
||||||
|
{
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* boolean isEditable (in long row, in wstring colID); */
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsCertOutliner::IsEditable(PRInt32 row, const PRUnichar *colID, PRBool *_retval)
|
||||||
|
{
|
||||||
|
*_retval = PR_FALSE;
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* void setCellText (in long row, in wstring colID, in wstring value); */
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsCertOutliner::SetCellText(PRInt32 row, const PRUnichar *colID,
|
||||||
|
const PRUnichar *value)
|
||||||
|
{
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* void performAction (in wstring action); */
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsCertOutliner::PerformAction(const PRUnichar *action)
|
||||||
|
{
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* void performActionOnRow (in wstring action, in long row); */
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsCertOutliner::PerformActionOnRow(const PRUnichar *action, PRInt32 row)
|
||||||
|
{
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* void performActionOnCell (in wstring action, in long row,
|
||||||
|
* in wstring colID);
|
||||||
|
*/
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsCertOutliner::PerformActionOnCell(const PRUnichar *action, PRInt32 row,
|
||||||
|
const PRUnichar *colID)
|
||||||
|
{
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
#ifdef DEBUG_CERT_OUTLINER
|
||||||
|
void
|
||||||
|
nsCertOutliner::dumpMap()
|
||||||
|
{
|
||||||
|
for (int i=0; i<mNumOrgs; i++) {
|
||||||
|
nsAutoString org(mOutlinerArray[i].orgName);
|
||||||
|
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("ORG[%s]", org.ToNewCString()));
|
||||||
|
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("OPEN[%d]", mOutlinerArray[i].open));
|
||||||
|
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("INDEX[%d]", mOutlinerArray[i].certIndex));
|
||||||
|
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("NCHILD[%d]", mOutlinerArray[i].numChildren));
|
||||||
|
}
|
||||||
|
for (int i=0; i<mNumRows; i++) {
|
||||||
|
outlinerArrayEl *el = GetThreadDescAtIndex(i);
|
||||||
|
if (el != nsnull) {
|
||||||
|
nsAutoString td(el->orgName);
|
||||||
|
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("thread desc[%d]: %s",i,td.ToNewCString()));
|
||||||
|
}
|
||||||
|
nsCOMPtr<nsIX509Cert> ct = GetCertAtIndex(i);
|
||||||
|
if (ct != nsnull) {
|
||||||
|
PRUnichar *goo;
|
||||||
|
ct->GetCommonName(&goo);
|
||||||
|
nsAutoString doo(goo);
|
||||||
|
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("cert [%d]: %s",i,doo.ToNewCString()));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
|
@ -0,0 +1,86 @@
|
||||||
|
/*
|
||||||
|
* The contents of this file are subject to the Mozilla Public
|
||||||
|
* License Version 1.1 (the "License"); you may not use this file
|
||||||
|
* except in compliance with the License. You may obtain a copy of
|
||||||
|
* the License at http://www.mozilla.org/MPL/
|
||||||
|
*
|
||||||
|
* Software distributed under the License is distributed on an "AS
|
||||||
|
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
|
||||||
|
* implied. See the License for the specific language governing
|
||||||
|
* rights and limitations under the License.
|
||||||
|
*
|
||||||
|
* The Original Code is the Netscape security libraries.
|
||||||
|
*
|
||||||
|
* The Initial Developer of the Original Code is Netscape
|
||||||
|
* Communications Corporation. Portions created by Netscape are
|
||||||
|
* Copyright (C) 2000 Netscape Communications Corporation. All
|
||||||
|
* Rights Reserved.
|
||||||
|
*
|
||||||
|
* Contributor(s):
|
||||||
|
* Ian McGreer <mcgreer@netscape.com>
|
||||||
|
*
|
||||||
|
* Alternatively, the contents of this file may be used under the
|
||||||
|
* terms of the GNU General Public License Version 2 or later (the
|
||||||
|
* "GPL"), in which case the provisions of the GPL are applicable
|
||||||
|
* instead of those above. If you wish to allow use of your
|
||||||
|
* version of this file only under the terms of the GPL and not to
|
||||||
|
* allow others to use your version of this file under the MPL,
|
||||||
|
* indicate your decision by deleting the provisions above and
|
||||||
|
* replace them with the notice and other provisions required by
|
||||||
|
* the GPL. If you do not delete the provisions above, a recipient
|
||||||
|
* may use your version of this file under either the MPL or the
|
||||||
|
* GPL.
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef _NS_CERTOUTLINER_H_
|
||||||
|
#define _NS_CERTOUTLINER_H_
|
||||||
|
|
||||||
|
#include "nsCOMPtr.h"
|
||||||
|
#include "nsIServiceManager.h"
|
||||||
|
#include "nsICertOutliner.h"
|
||||||
|
#include "nsIOutlinerView.h"
|
||||||
|
#include "nsIOutlinerBoxObject.h"
|
||||||
|
#include "nsIOutlinerSelection.h"
|
||||||
|
#include "nsISupportsArray.h"
|
||||||
|
|
||||||
|
typedef struct outlinerArrayElStr outlinerArrayEl;
|
||||||
|
|
||||||
|
class nsCertOutliner : public nsICertOutliner
|
||||||
|
{
|
||||||
|
public:
|
||||||
|
NS_DECL_ISUPPORTS
|
||||||
|
NS_DECL_NSICERTOUTLINER
|
||||||
|
NS_DECL_NSIOUTLINERVIEW
|
||||||
|
|
||||||
|
nsCertOutliner();
|
||||||
|
virtual ~nsCertOutliner();
|
||||||
|
|
||||||
|
protected:
|
||||||
|
static PRInt32 CmpByToken(nsIX509Cert *a, nsIX509Cert *b);
|
||||||
|
static PRInt32 CmpByOrg(nsIX509Cert *a, nsIX509Cert *b);
|
||||||
|
static PRInt32 CmpByName(nsIX509Cert *a, nsIX509Cert *b);
|
||||||
|
static PRInt32 CmpByTok_Org_Name(nsIX509Cert *a, nsIX509Cert *b);
|
||||||
|
PRInt32 CountOrganizations();
|
||||||
|
|
||||||
|
private:
|
||||||
|
nsCOMPtr<nsISupportsArray> mCertArray;
|
||||||
|
nsCOMPtr<nsIOutlinerBoxObject> mOutliner;
|
||||||
|
nsCOMPtr<nsIOutlinerSelection> mSelection;
|
||||||
|
outlinerArrayEl *mOutlinerArray;
|
||||||
|
PRInt32 mNumOrgs;
|
||||||
|
PRInt32 mNumRows;
|
||||||
|
|
||||||
|
outlinerArrayEl *GetThreadDescAtIndex(PRInt32 _index);
|
||||||
|
nsIX509Cert *GetCertAtIndex(PRInt32 _index);
|
||||||
|
|
||||||
|
void FreeCertArray();
|
||||||
|
|
||||||
|
#ifdef DEBUG_CERT_OUTLINER
|
||||||
|
/* for debugging purposes */
|
||||||
|
void dumpMap();
|
||||||
|
#endif
|
||||||
|
};
|
||||||
|
|
||||||
|
#endif /* _NS_CERTOUTLINER_H_ */
|
||||||
|
|
|
@ -32,7 +32,7 @@
|
||||||
* may use your version of this file under either the MPL or the
|
* may use your version of this file under either the MPL or the
|
||||||
* GPL.
|
* GPL.
|
||||||
*
|
*
|
||||||
* $Id: nsNSSCertificate.cpp,v 1.15 2001-03-30 19:54:57 mcgreer%netscape.com Exp $
|
* $Id: nsNSSCertificate.cpp,v 1.16 2001-05-01 23:23:20 mcgreer%netscape.com Exp $
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "prmem.h"
|
#include "prmem.h"
|
||||||
|
@ -47,6 +47,9 @@
|
||||||
#include "nsIX509Cert.h"
|
#include "nsIX509Cert.h"
|
||||||
#include "nsINSSDialogs.h"
|
#include "nsINSSDialogs.h"
|
||||||
#include "nsString.h"
|
#include "nsString.h"
|
||||||
|
#include "nsILocaleService.h"
|
||||||
|
#include "nsIDateTimeFormat.h"
|
||||||
|
#include "nsDateTimeFormatCID.h"
|
||||||
|
|
||||||
#include "pk11func.h"
|
#include "pk11func.h"
|
||||||
#include "certdb.h"
|
#include "certdb.h"
|
||||||
|
@ -59,6 +62,8 @@ extern PRLogModuleInfo* gPIPNSSLog;
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
static NS_DEFINE_CID(kNSSComponentCID, NS_NSSCOMPONENT_CID);
|
static NS_DEFINE_CID(kNSSComponentCID, NS_NSSCOMPONENT_CID);
|
||||||
|
static NS_DEFINE_CID(kDateTimeFormatCID, NS_DATETIMEFORMAT_CID);
|
||||||
|
static NS_DEFINE_CID(kLocaleServiceCID, NS_LOCALESERVICE_CID);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* nsNSSCertTrust
|
* nsNSSCertTrust
|
||||||
|
@ -731,6 +736,75 @@ nsNSSCertificate::GetMd5Fingerprint(PRUnichar **_md5Fingerprint)
|
||||||
return NS_ERROR_FAILURE;
|
return NS_ERROR_FAILURE;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* readonly attribute wstring issuedDate; */
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsNSSCertificate::GetIssuedDate(PRUnichar **_issuedDate)
|
||||||
|
{
|
||||||
|
nsresult rv;
|
||||||
|
PRTime beforeTime;
|
||||||
|
nsCOMPtr<nsIX509CertValidity> validity;
|
||||||
|
rv = this->GetValidity(getter_AddRefs(validity));
|
||||||
|
if (NS_FAILED(rv)) return rv;
|
||||||
|
rv = validity->GetNotBefore(&beforeTime);
|
||||||
|
if (NS_FAILED(rv)) return rv;
|
||||||
|
nsCOMPtr<nsIDateTimeFormat> dateFormatter =
|
||||||
|
do_CreateInstance(kDateTimeFormatCID, &rv);
|
||||||
|
if (NS_FAILED(rv)) return rv;
|
||||||
|
nsAutoString date;
|
||||||
|
dateFormatter->FormatPRTime(nsnull, kDateFormatShort, kTimeFormatNone,
|
||||||
|
beforeTime, date);
|
||||||
|
*_issuedDate = date.ToNewUnicode();
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* readonly attribute wstring expiresDate; */
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsNSSCertificate::GetExpiresDate(PRUnichar **_expiresDate)
|
||||||
|
{
|
||||||
|
nsresult rv;
|
||||||
|
PRTime afterTime;
|
||||||
|
nsCOMPtr<nsIX509CertValidity> validity;
|
||||||
|
rv = this->GetValidity(getter_AddRefs(validity));
|
||||||
|
if (NS_FAILED(rv)) return rv;
|
||||||
|
rv = validity->GetNotAfter(&afterTime);
|
||||||
|
if (NS_FAILED(rv)) return rv;
|
||||||
|
nsCOMPtr<nsIDateTimeFormat> dateFormatter =
|
||||||
|
do_CreateInstance(kDateTimeFormatCID, &rv);
|
||||||
|
if (NS_FAILED(rv)) return rv;
|
||||||
|
nsAutoString date;
|
||||||
|
dateFormatter->FormatPRTime(nsnull, kDateFormatShort, kTimeFormatNone,
|
||||||
|
afterTime, date);
|
||||||
|
*_expiresDate = date.ToNewUnicode();
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsNSSCertificate::GetTokenName(PRUnichar **aTokenName)
|
||||||
|
{
|
||||||
|
NS_ENSURE_ARG(aTokenName);
|
||||||
|
*aTokenName = nsnull;
|
||||||
|
if (mCert) {
|
||||||
|
if (mCert->slot) {
|
||||||
|
char *token = PK11_GetTokenName(mCert->slot);
|
||||||
|
if (token) {
|
||||||
|
nsAutoString tok = NS_ConvertASCIItoUCS2(token);
|
||||||
|
*aTokenName = tok.ToNewUnicode();
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
nsresult rv;
|
||||||
|
nsAutoString tok;
|
||||||
|
nsCOMPtr<nsINSSComponent> nssComponent(
|
||||||
|
do_GetService(kNSSComponentCID, &rv));
|
||||||
|
if (NS_FAILED(rv)) return rv;
|
||||||
|
rv = nssComponent->GetPIPNSSBundleString(
|
||||||
|
NS_LITERAL_STRING("InternalToken").get(), tok);
|
||||||
|
if (!NS_FAILED(rv))
|
||||||
|
*aTokenName = tok.ToNewUnicode();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
/* [noscript] long getRawDER (out charPtr result) */
|
/* [noscript] long getRawDER (out charPtr result) */
|
||||||
NS_IMETHODIMP
|
NS_IMETHODIMP
|
||||||
nsNSSCertificate::GetRawDER(char **result, PRUint32 *_retval)
|
nsNSSCertificate::GetRawDER(char **result, PRUint32 *_retval)
|
||||||
|
@ -795,6 +869,139 @@ nsNSSCertificate::verifyFailed(PRUint32 *_verified)
|
||||||
return PR_TRUE;
|
return PR_TRUE;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
nsresult
|
||||||
|
nsNSSCertificate::GetUsageArray(char *suffix,
|
||||||
|
PRUint32 *_verified,
|
||||||
|
PRUint32 *_count,
|
||||||
|
PRUnichar **tmpUsages)
|
||||||
|
{
|
||||||
|
nsresult rv;
|
||||||
|
int tmpCount = 0;
|
||||||
|
CERTCertDBHandle *defaultcertdb = CERT_GetDefaultCertDB();
|
||||||
|
nsCOMPtr<nsINSSComponent> nssComponent(do_GetService(kNSSComponentCID, &rv));
|
||||||
|
if (NS_FAILED(rv)) return rv;
|
||||||
|
if (CERT_VerifyCertNow(defaultcertdb, mCert, PR_TRUE,
|
||||||
|
certUsageSSLClient, NULL) == SECSuccess) {
|
||||||
|
// add client to usage
|
||||||
|
nsAutoString verifyDesc;
|
||||||
|
nsAutoString typestr(NS_LITERAL_STRING("VerifySSLClient").get());
|
||||||
|
typestr.AppendWithConversion(suffix);
|
||||||
|
rv = nssComponent->GetPIPNSSBundleString(typestr.GetUnicode(), verifyDesc);
|
||||||
|
tmpUsages[tmpCount++] = verifyDesc.ToNewUnicode();
|
||||||
|
} else if (verifyFailed(_verified)) goto verify_failed;
|
||||||
|
if (CERT_VerifyCertNow(defaultcertdb, mCert, PR_TRUE,
|
||||||
|
certUsageSSLServer, NULL) == SECSuccess) {
|
||||||
|
// add server to usage
|
||||||
|
nsAutoString verifyDesc;
|
||||||
|
nsAutoString typestr(NS_LITERAL_STRING("VerifySSLServer").get());
|
||||||
|
typestr.AppendWithConversion(suffix);
|
||||||
|
rv = nssComponent->GetPIPNSSBundleString(typestr.GetUnicode(), verifyDesc);
|
||||||
|
tmpUsages[tmpCount++] = verifyDesc.ToNewUnicode();
|
||||||
|
} else if (verifyFailed(_verified)) goto verify_failed;
|
||||||
|
if (CERT_VerifyCertNow(defaultcertdb, mCert, PR_TRUE,
|
||||||
|
certUsageSSLServerWithStepUp, NULL) == SECSuccess) {
|
||||||
|
// add stepup to usage
|
||||||
|
nsAutoString verifyDesc;
|
||||||
|
nsAutoString typestr(NS_LITERAL_STRING("VerifySSLStepUp").get());
|
||||||
|
typestr.AppendWithConversion(suffix);
|
||||||
|
rv = nssComponent->GetPIPNSSBundleString(typestr.GetUnicode(), verifyDesc);
|
||||||
|
tmpUsages[tmpCount++] = verifyDesc.ToNewUnicode();
|
||||||
|
} else if (verifyFailed(_verified)) goto verify_failed;
|
||||||
|
if (CERT_VerifyCertNow(defaultcertdb, mCert, PR_TRUE,
|
||||||
|
certUsageEmailSigner, NULL) == SECSuccess) {
|
||||||
|
// add signer to usage
|
||||||
|
nsAutoString verifyDesc;
|
||||||
|
nsAutoString typestr(NS_LITERAL_STRING("VerifyEmailSigner").get());
|
||||||
|
typestr.AppendWithConversion(suffix);
|
||||||
|
rv = nssComponent->GetPIPNSSBundleString(typestr.GetUnicode(), verifyDesc);
|
||||||
|
tmpUsages[tmpCount++] = verifyDesc.ToNewUnicode();
|
||||||
|
} else if (verifyFailed(_verified)) goto verify_failed;
|
||||||
|
if (CERT_VerifyCertNow(defaultcertdb, mCert, PR_TRUE,
|
||||||
|
certUsageEmailRecipient, NULL) == SECSuccess) {
|
||||||
|
// add recipient to usage
|
||||||
|
nsAutoString verifyDesc;
|
||||||
|
nsAutoString typestr(NS_LITERAL_STRING("VerifyEmailRecip").get());
|
||||||
|
typestr.AppendWithConversion(suffix);
|
||||||
|
rv = nssComponent->GetPIPNSSBundleString(typestr.GetUnicode(), verifyDesc);
|
||||||
|
tmpUsages[tmpCount++] = verifyDesc.ToNewUnicode();
|
||||||
|
} else if (verifyFailed(_verified)) goto verify_failed;
|
||||||
|
if (CERT_VerifyCertNow(defaultcertdb, mCert, PR_TRUE,
|
||||||
|
certUsageObjectSigner, NULL) == SECSuccess) {
|
||||||
|
// add objsigner to usage
|
||||||
|
nsAutoString verifyDesc;
|
||||||
|
nsAutoString typestr(NS_LITERAL_STRING("VerifyObjSign").get());
|
||||||
|
typestr.AppendWithConversion(suffix);
|
||||||
|
rv = nssComponent->GetPIPNSSBundleString(typestr.GetUnicode(), verifyDesc);
|
||||||
|
tmpUsages[tmpCount++] = verifyDesc.ToNewUnicode();
|
||||||
|
} else if (verifyFailed(_verified)) goto verify_failed;
|
||||||
|
#if 0
|
||||||
|
if (CERT_VerifyCertNow(defaultcertdb, mCert, PR_TRUE,
|
||||||
|
certUsageProtectedObjectSigner, NULL) == SECSuccess) {
|
||||||
|
// add protected objsigner to usage
|
||||||
|
nsAutoString verifyDesc;
|
||||||
|
nsAutoString typestr(NS_LITERAL_STRING("VerifyProtectObjSign").get());
|
||||||
|
typestr.AppendWithConversion(suffix);
|
||||||
|
rv = nssComponent->GetPIPNSSBundleString(typestr.GetUnicode(), verifyDesc);
|
||||||
|
tmpUsages[tmpCount++] = verifyDesc.ToNewUnicode();
|
||||||
|
} else if (verifyFailed(_verified)) goto verify_failed;
|
||||||
|
if (CERT_VerifyCertNow(defaultcertdb, mCert, PR_TRUE,
|
||||||
|
certUsageUserCertImport, NULL) == SECSuccess) {
|
||||||
|
// add user import to usage
|
||||||
|
nsAutoString verifyDesc;
|
||||||
|
nsAutoString typestr(NS_LITERAL_STRING("VerifyUserImport").get());
|
||||||
|
typestr.AppendWithConversion(suffix);
|
||||||
|
rv = nssComponent->GetPIPNSSBundleString(typestr.GetUnicode(), verifyDesc);
|
||||||
|
tmpUsages[tmpCount++] = verifyDesc.ToNewUnicode();
|
||||||
|
} else if (verifyFailed(_verified)) goto verify_failed;
|
||||||
|
#endif
|
||||||
|
if (CERT_VerifyCertNow(defaultcertdb, mCert, PR_TRUE,
|
||||||
|
certUsageSSLCA, NULL) == SECSuccess) {
|
||||||
|
// add SSL CA to usage
|
||||||
|
nsAutoString verifyDesc;
|
||||||
|
nsAutoString typestr(NS_LITERAL_STRING("VerifySSLCA").get());
|
||||||
|
typestr.AppendWithConversion(suffix);
|
||||||
|
rv = nssComponent->GetPIPNSSBundleString(typestr.GetUnicode(), verifyDesc);
|
||||||
|
tmpUsages[tmpCount++] = verifyDesc.ToNewUnicode();
|
||||||
|
} else if (verifyFailed(_verified)) goto verify_failed;
|
||||||
|
#if 0
|
||||||
|
if (CERT_VerifyCertNow(defaultcertdb, mCert, PR_TRUE,
|
||||||
|
certUsageVerifyCA, NULL) == SECSuccess) {
|
||||||
|
// add verify CA to usage
|
||||||
|
nsAutoString verifyDesc;
|
||||||
|
nsAutoString typestr(NS_LITERAL_STRING("VerifyCAVerifier").get());
|
||||||
|
typestr.AppendWithConversion(suffix);
|
||||||
|
rv = nssComponent->GetPIPNSSBundleString(typestr.GetUnicode(), verifyDesc);
|
||||||
|
tmpUsages[tmpCount++] = verifyDesc.ToNewUnicode();
|
||||||
|
} else if (verifyFailed(_verified)) goto verify_failed;
|
||||||
|
#endif
|
||||||
|
if (CERT_VerifyCertNow(defaultcertdb, mCert, PR_TRUE,
|
||||||
|
certUsageStatusResponder, NULL) == SECSuccess) {
|
||||||
|
// add status responder to usage
|
||||||
|
nsAutoString verifyDesc;
|
||||||
|
nsAutoString typestr(NS_LITERAL_STRING("VerifyStatusResponder").get());
|
||||||
|
typestr.AppendWithConversion(suffix);
|
||||||
|
rv = nssComponent->GetPIPNSSBundleString(typestr.GetUnicode(), verifyDesc);
|
||||||
|
tmpUsages[tmpCount++] = verifyDesc.ToNewUnicode();
|
||||||
|
} else if (verifyFailed(_verified)) goto verify_failed;
|
||||||
|
#if 0
|
||||||
|
if (CERT_VerifyCertNow(defaultcertdb, mCert, PR_TRUE,
|
||||||
|
certUsageAnyCA, NULL) == SECSuccess) {
|
||||||
|
// add any CA to usage
|
||||||
|
nsAutoString verifyDesc;
|
||||||
|
nsAutoString typestr(NS_LITERAL_STRING("VerifyAnyCA").get());
|
||||||
|
typestr.AppendWithConversion(suffix);
|
||||||
|
rv = nssComponent->GetPIPNSSBundleString(typestr.GetUnicode(), verifyDesc);
|
||||||
|
tmpUsages[tmpCount++] = verifyDesc.ToNewUnicode();
|
||||||
|
} else if (verifyFailed(_verified)) goto verify_failed;
|
||||||
|
#endif
|
||||||
|
*_count = tmpCount;
|
||||||
|
*_verified = nsNSSCertificate::VERIFIED_OK;
|
||||||
|
return NS_OK;
|
||||||
|
verify_failed:
|
||||||
|
*_count = 0;
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* void getUsages(out PRUint32 verified,
|
* void getUsages(out PRUint32 verified,
|
||||||
* out PRUint32 count,
|
* out PRUint32 count,
|
||||||
|
@ -806,140 +1013,45 @@ nsNSSCertificate::GetUsages(PRUint32 *_verified,
|
||||||
PRUnichar ***_usages)
|
PRUnichar ***_usages)
|
||||||
{
|
{
|
||||||
nsresult rv;
|
nsresult rv;
|
||||||
PRUnichar *tmpUsages[6];
|
PRUnichar *tmpUsages[13];
|
||||||
int tmpCount = 0;
|
char *suffix = "";
|
||||||
CERTCertDBHandle *defaultcertdb = CERT_GetDefaultCertDB();
|
PRUint32 tmpCount;
|
||||||
nsCOMPtr<nsINSSComponent> nssComponent(do_GetService(kNSSComponentCID, &rv));
|
rv = GetUsageArray(suffix, _verified, &tmpCount, tmpUsages);
|
||||||
if (NS_FAILED(rv)) return rv;
|
|
||||||
if (CERT_VerifyCertNow(defaultcertdb, mCert, PR_TRUE,
|
|
||||||
certUsageSSLClient, NULL) == SECSuccess) {
|
|
||||||
// add client to usage
|
|
||||||
nsAutoString verifyDesc;
|
|
||||||
rv = nssComponent->GetPIPNSSBundleString(
|
|
||||||
NS_LITERAL_STRING("VerifySSLClient").get(),
|
|
||||||
verifyDesc);
|
|
||||||
tmpUsages[tmpCount++] = verifyDesc.ToNewUnicode();
|
|
||||||
} else if (verifyFailed(_verified)) goto verify_failed;
|
|
||||||
if (CERT_VerifyCertNow(defaultcertdb, mCert, PR_TRUE,
|
|
||||||
certUsageSSLServer, NULL) == SECSuccess) {
|
|
||||||
// add server to usage
|
|
||||||
nsAutoString verifyDesc;
|
|
||||||
rv = nssComponent->GetPIPNSSBundleString(
|
|
||||||
NS_LITERAL_STRING("VerifySSLServer").get(),
|
|
||||||
verifyDesc);
|
|
||||||
tmpUsages[tmpCount++] = verifyDesc.ToNewUnicode();
|
|
||||||
} else if (verifyFailed(_verified)) goto verify_failed;
|
|
||||||
if (CERT_VerifyCertNow(defaultcertdb, mCert, PR_TRUE,
|
|
||||||
certUsageSSLServerWithStepUp, NULL) == SECSuccess) {
|
|
||||||
// add stepup to usage
|
|
||||||
nsAutoString verifyDesc;
|
|
||||||
rv = nssComponent->GetPIPNSSBundleString(
|
|
||||||
NS_LITERAL_STRING("VerifySSLStepUp").get(),
|
|
||||||
verifyDesc);
|
|
||||||
tmpUsages[tmpCount++] = verifyDesc.ToNewUnicode();
|
|
||||||
} else if (verifyFailed(_verified)) goto verify_failed;
|
|
||||||
if (CERT_VerifyCertNow(defaultcertdb, mCert, PR_TRUE,
|
|
||||||
certUsageEmailSigner, NULL) == SECSuccess) {
|
|
||||||
// add signer to usage
|
|
||||||
nsAutoString verifyDesc;
|
|
||||||
rv = nssComponent->GetPIPNSSBundleString(
|
|
||||||
NS_LITERAL_STRING("VerifyEmailSigner").get(),
|
|
||||||
verifyDesc);
|
|
||||||
tmpUsages[tmpCount++] = verifyDesc.ToNewUnicode();
|
|
||||||
} else if (verifyFailed(_verified)) goto verify_failed;
|
|
||||||
if (CERT_VerifyCertNow(defaultcertdb, mCert, PR_TRUE,
|
|
||||||
certUsageEmailRecipient, NULL) == SECSuccess) {
|
|
||||||
// add recipient to usage
|
|
||||||
nsAutoString verifyDesc;
|
|
||||||
rv = nssComponent->GetPIPNSSBundleString(
|
|
||||||
NS_LITERAL_STRING("VerifyEmailRecip").get(),
|
|
||||||
verifyDesc);
|
|
||||||
tmpUsages[tmpCount++] = verifyDesc.ToNewUnicode();
|
|
||||||
} else if (verifyFailed(_verified)) goto verify_failed;
|
|
||||||
if (CERT_VerifyCertNow(defaultcertdb, mCert, PR_TRUE,
|
|
||||||
certUsageObjectSigner, NULL) == SECSuccess) {
|
|
||||||
// add objsigner to usage
|
|
||||||
nsAutoString verifyDesc;
|
|
||||||
rv = nssComponent->GetPIPNSSBundleString(
|
|
||||||
NS_LITERAL_STRING("VerifyObjSign").get(),
|
|
||||||
verifyDesc);
|
|
||||||
tmpUsages[tmpCount++] = verifyDesc.ToNewUnicode();
|
|
||||||
} else if (verifyFailed(_verified)) goto verify_failed;
|
|
||||||
#if 0
|
|
||||||
if (CERT_VerifyCertNow(defaultcertdb, mCert, PR_TRUE,
|
|
||||||
certUsageProtectedObjectSigner, NULL) == SECSuccess) {
|
|
||||||
// add protected objsigner to usage
|
|
||||||
nsAutoString verifyDesc;
|
|
||||||
rv = nssComponent->GetPIPNSSBundleString(
|
|
||||||
NS_LITERAL_STRING("VerifyProtectObjSign").get(),
|
|
||||||
verifyDesc);
|
|
||||||
tmpUsages[tmpCount++] = verifyDesc.ToNewUnicode();
|
|
||||||
} else if (verifyFailed(_verified)) goto verify_failed;
|
|
||||||
if (CERT_VerifyCertNow(defaultcertdb, mCert, PR_TRUE,
|
|
||||||
certUsageUserCertImport, NULL) == SECSuccess) {
|
|
||||||
// add user import to usage
|
|
||||||
nsAutoString verifyDesc;
|
|
||||||
rv = nssComponent->GetPIPNSSBundleString(
|
|
||||||
NS_LITERAL_STRING("VerifyUserImport").get(),
|
|
||||||
verifyDesc);
|
|
||||||
tmpUsages[tmpCount++] = verifyDesc.ToNewUnicode();
|
|
||||||
} else if (verifyFailed(_verified)) goto verify_failed;
|
|
||||||
#endif
|
|
||||||
if (CERT_VerifyCertNow(defaultcertdb, mCert, PR_TRUE,
|
|
||||||
certUsageSSLCA, NULL) == SECSuccess) {
|
|
||||||
// add SSL CA to usage
|
|
||||||
nsAutoString verifyDesc;
|
|
||||||
rv = nssComponent->GetPIPNSSBundleString(
|
|
||||||
NS_LITERAL_STRING("VerifySSLCA").get(),
|
|
||||||
verifyDesc);
|
|
||||||
tmpUsages[tmpCount++] = verifyDesc.ToNewUnicode();
|
|
||||||
} else if (verifyFailed(_verified)) goto verify_failed;
|
|
||||||
#if 0
|
|
||||||
if (CERT_VerifyCertNow(defaultcertdb, mCert, PR_TRUE,
|
|
||||||
certUsageVerifyCA, NULL) == SECSuccess) {
|
|
||||||
// add verify CA to usage
|
|
||||||
nsAutoString verifyDesc;
|
|
||||||
rv = nssComponent->GetPIPNSSBundleString(
|
|
||||||
NS_LITERAL_STRING("VerifyCAVerifier").get(),
|
|
||||||
verifyDesc);
|
|
||||||
tmpUsages[tmpCount++] = verifyDesc.ToNewUnicode();
|
|
||||||
} else if (verifyFailed(_verified)) goto verify_failed;
|
|
||||||
#endif
|
|
||||||
if (CERT_VerifyCertNow(defaultcertdb, mCert, PR_TRUE,
|
|
||||||
certUsageStatusResponder, NULL) == SECSuccess) {
|
|
||||||
// add status responder to usage
|
|
||||||
nsAutoString verifyDesc;
|
|
||||||
rv = nssComponent->GetPIPNSSBundleString(
|
|
||||||
NS_LITERAL_STRING("VerifyStatusResponder").get(),
|
|
||||||
verifyDesc);
|
|
||||||
tmpUsages[tmpCount++] = verifyDesc.ToNewUnicode();
|
|
||||||
} else if (verifyFailed(_verified)) goto verify_failed;
|
|
||||||
#if 0
|
|
||||||
if (CERT_VerifyCertNow(defaultcertdb, mCert, PR_TRUE,
|
|
||||||
certUsageAnyCA, NULL) == SECSuccess) {
|
|
||||||
// add any CA to usage
|
|
||||||
nsAutoString verifyDesc;
|
|
||||||
rv = nssComponent->GetPIPNSSBundleString(
|
|
||||||
NS_LITERAL_STRING("VerifyAnyCA").get(),
|
|
||||||
verifyDesc);
|
|
||||||
tmpUsages[tmpCount++] = verifyDesc.ToNewUnicode();
|
|
||||||
} else if (verifyFailed(_verified)) goto verify_failed;
|
|
||||||
#endif
|
|
||||||
if (tmpCount > 0) {
|
if (tmpCount > 0) {
|
||||||
*_usages = (PRUnichar **)nsMemory::Alloc(sizeof(PRUnichar *) * tmpCount);
|
*_usages = (PRUnichar **)nsMemory::Alloc(sizeof(PRUnichar *) * tmpCount);
|
||||||
for (int i=0; i<tmpCount; i++) {
|
for (PRUint32 i=0; i<tmpCount; i++) {
|
||||||
(*_usages)[i] = tmpUsages[i];
|
(*_usages)[i] = tmpUsages[i];
|
||||||
}
|
}
|
||||||
*_count = tmpCount;
|
*_count = tmpCount;
|
||||||
*_verified = nsNSSCertificate::VERIFIED_OK;
|
|
||||||
return NS_OK;
|
return NS_OK;
|
||||||
}
|
}
|
||||||
verify_failed:
|
|
||||||
*_usages = (PRUnichar **)nsMemory::Alloc(sizeof(PRUnichar *));
|
*_usages = (PRUnichar **)nsMemory::Alloc(sizeof(PRUnichar *));
|
||||||
*_count = 0;
|
*_count = 0;
|
||||||
return NS_OK;
|
return NS_OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* void getPurposes(out PRUint32 verified, out wstring purposes); */
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsNSSCertificate::GetPurposes(PRUint32 *_verified,
|
||||||
|
PRUnichar **_purposes)
|
||||||
|
{
|
||||||
|
nsresult rv;
|
||||||
|
PRUnichar *tmpUsages[13];
|
||||||
|
char *suffix = "_p";
|
||||||
|
PRUint32 tmpCount;
|
||||||
|
rv = GetUsageArray(suffix, _verified, &tmpCount, tmpUsages);
|
||||||
|
nsAutoString porpoises;
|
||||||
|
for (PRUint32 i=0; i<tmpCount; i++) {
|
||||||
|
if (i>0) porpoises.AppendWithConversion(",");
|
||||||
|
porpoises.Append(tmpUsages[i]);
|
||||||
|
nsMemory::Free(tmpUsages[i]);
|
||||||
|
}
|
||||||
|
if (_purposes != NULL) { // skip it for verify-only
|
||||||
|
*_purposes = porpoises.ToNewUnicode();
|
||||||
|
}
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
/* void view (); */
|
/* void view (); */
|
||||||
NS_IMETHODIMP
|
NS_IMETHODIMP
|
||||||
nsNSSCertificate::View()
|
nsNSSCertificate::View()
|
||||||
|
@ -1070,6 +1182,51 @@ cleanup:
|
||||||
return rv;
|
return rv;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* [noscript] unsigned long getCertsByType(in unsigned long aType,
|
||||||
|
* in nsCertCompareFunc aCertCmpFn,
|
||||||
|
* out nsISupportsArray certs);
|
||||||
|
*/
|
||||||
|
PRBool
|
||||||
|
nsNSSCertificateDB::GetCertsByType(PRUint32 aType,
|
||||||
|
nsCertCompareFunc aCertCmpFn,
|
||||||
|
nsISupportsArray **_certs)
|
||||||
|
{
|
||||||
|
CERTCertList *certList = NULL;
|
||||||
|
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("GetCertsByType"));
|
||||||
|
nsCOMPtr<nsISupportsArray> certarray;
|
||||||
|
nsresult rv = NS_NewISupportsArray(getter_AddRefs(certarray));
|
||||||
|
if (NS_FAILED(rv)) return PR_FALSE;
|
||||||
|
certList = PK11_ListCerts(PK11CertListUnique, NULL);
|
||||||
|
CERTCertListNode *node;
|
||||||
|
int i, count = 0;
|
||||||
|
for (node = CERT_LIST_HEAD(certList);
|
||||||
|
!CERT_LIST_END(node, certList);
|
||||||
|
node = CERT_LIST_NEXT(node)) {
|
||||||
|
if (getCertType(node->cert) == aType) {
|
||||||
|
nsCOMPtr<nsIX509Cert> pipCert = new nsNSSCertificate(node->cert);
|
||||||
|
if (pipCert) {
|
||||||
|
for (i=0; i<count; i++) {
|
||||||
|
nsCOMPtr<nsISupports> isupport =
|
||||||
|
getter_AddRefs(certarray->ElementAt(i));
|
||||||
|
nsCOMPtr<nsIX509Cert> cert = do_QueryInterface(isupport);
|
||||||
|
if ((*aCertCmpFn)(pipCert, cert) < 0) {
|
||||||
|
certarray->InsertElementAt(pipCert, i);
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if (i == count) certarray->AppendElement(pipCert);
|
||||||
|
count++;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
*_certs = certarray;
|
||||||
|
NS_ADDREF(*_certs);
|
||||||
|
if (certList)
|
||||||
|
CERT_DestroyCertList(certList);
|
||||||
|
return PR_TRUE;
|
||||||
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* [noscript] void importCertificate (in nsIX509Cert cert,
|
* [noscript] void importCertificate (in nsIX509Cert cert,
|
||||||
* in unsigned long type,
|
* in unsigned long type,
|
||||||
|
@ -1131,16 +1288,22 @@ done:
|
||||||
NS_IMETHODIMP
|
NS_IMETHODIMP
|
||||||
nsNSSCertificateDB::DeleteCertificate(nsIX509Cert *aCert)
|
nsNSSCertificateDB::DeleteCertificate(nsIX509Cert *aCert)
|
||||||
{
|
{
|
||||||
|
nsNSSCertificate *nssCert = NS_STATIC_CAST(nsNSSCertificate*, aCert);
|
||||||
|
CERTCertificate *cert = nssCert->GetCert();
|
||||||
|
if (!cert) return NS_ERROR_FAILURE;
|
||||||
|
SECStatus srv;
|
||||||
#if 0
|
#if 0
|
||||||
if (getCertType(aCert->mCert) == nsNSSCertificate::USER_CERT) {
|
// for later, to use tokens ...
|
||||||
return ((PK11_DeleteTokenCertAndKey(aCert->mCert, NULL)) == SECSuccess) ?
|
if (getCertType(cert) == nsNSSCertificate::USER_CERT) {
|
||||||
NS_OK : NS_ERROR_FAILURE;
|
srv = PK11_DeleteTokenCertAndKey(cert, NULL);
|
||||||
} else {
|
} else {
|
||||||
return ((SEC_DeletePermCertificate(aCert->mCert)) == SECSuccess) ?
|
srv = SEC_DeletePermCertificate(cert);
|
||||||
NS_OK : NS_ERROR_FAILURE;
|
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
return NS_ERROR_NOT_IMPLEMENTED;
|
srv = SEC_DeletePermCertificate(cert);
|
||||||
|
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("cert deleted: %d", srv));
|
||||||
|
CERT_DestroyCertificate(cert);
|
||||||
|
return (srv) ? NS_ERROR_FAILURE : NS_OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
|
|
@ -61,6 +61,11 @@ private:
|
||||||
CERTCertificate *mCert;
|
CERTCertificate *mCert;
|
||||||
|
|
||||||
PRBool verifyFailed(PRUint32 *_verified);
|
PRBool verifyFailed(PRUint32 *_verified);
|
||||||
|
|
||||||
|
nsresult GetUsageArray(char *suffix,
|
||||||
|
PRUint32 *_verified,
|
||||||
|
PRUint32 *_count,
|
||||||
|
PRUnichar **tmpUsages);
|
||||||
};
|
};
|
||||||
|
|
||||||
class nsNSSCertificateDB : public nsIX509CertDB
|
class nsNSSCertificateDB : public nsIX509CertDB
|
||||||
|
|
|
@ -37,6 +37,7 @@
|
||||||
|
|
||||||
#include "nsPK11TokenDB.h"
|
#include "nsPK11TokenDB.h"
|
||||||
#include "nsNSSCertificate.h"
|
#include "nsNSSCertificate.h"
|
||||||
|
#include "nsCertOutliner.h"
|
||||||
|
|
||||||
NS_GENERIC_FACTORY_CONSTRUCTOR_INIT(nsNSSComponent, Init)
|
NS_GENERIC_FACTORY_CONSTRUCTOR_INIT(nsNSSComponent, Init)
|
||||||
NS_GENERIC_FACTORY_CONSTRUCTOR(nsSecureBrowserUIImpl)
|
NS_GENERIC_FACTORY_CONSTRUCTOR(nsSecureBrowserUIImpl)
|
||||||
|
@ -46,6 +47,7 @@ NS_GENERIC_FACTORY_CONSTRUCTOR(nsSecretDecoderRing)
|
||||||
NS_GENERIC_FACTORY_CONSTRUCTOR(nsPK11TokenDB)
|
NS_GENERIC_FACTORY_CONSTRUCTOR(nsPK11TokenDB)
|
||||||
NS_GENERIC_FACTORY_CONSTRUCTOR_INIT(CertContentListener, init)
|
NS_GENERIC_FACTORY_CONSTRUCTOR_INIT(CertContentListener, init)
|
||||||
NS_GENERIC_FACTORY_CONSTRUCTOR(nsNSSCertificateDB)
|
NS_GENERIC_FACTORY_CONSTRUCTOR(nsNSSCertificateDB)
|
||||||
|
NS_GENERIC_FACTORY_CONSTRUCTOR(nsCertOutliner)
|
||||||
|
|
||||||
static nsModuleComponentInfo components[] =
|
static nsModuleComponentInfo components[] =
|
||||||
{
|
{
|
||||||
|
@ -145,6 +147,13 @@ static nsModuleComponentInfo components[] =
|
||||||
NS_X509CERTDB_CID,
|
NS_X509CERTDB_CID,
|
||||||
NS_X509CERTDB_CONTRACTID,
|
NS_X509CERTDB_CONTRACTID,
|
||||||
nsNSSCertificateDBConstructor
|
nsNSSCertificateDBConstructor
|
||||||
|
},
|
||||||
|
|
||||||
|
{
|
||||||
|
"Certificate Outliner",
|
||||||
|
NS_CERTOUTLINER_CID,
|
||||||
|
NS_CERTOUTLINER_CONTRACTID,
|
||||||
|
nsCertOutlinerConstructor
|
||||||
}
|
}
|
||||||
|
|
||||||
};
|
};
|
||||||
|
|
|
@ -93,6 +93,7 @@ NS_IMETHODIMP
|
||||||
nsPK11Token::Login(PRBool force)
|
nsPK11Token::Login(PRBool force)
|
||||||
{
|
{
|
||||||
nsresult rv;
|
nsresult rv;
|
||||||
|
SECStatus srv;
|
||||||
PRBool test;
|
PRBool test;
|
||||||
rv = this->NeedsLogin(&test);
|
rv = this->NeedsLogin(&test);
|
||||||
if (NS_FAILED(rv)) return rv;
|
if (NS_FAILED(rv)) return rv;
|
||||||
|
@ -102,8 +103,8 @@ nsPK11Token::Login(PRBool force)
|
||||||
}
|
}
|
||||||
rv = setPassword(mSlot, mUIContext);
|
rv = setPassword(mSlot, mUIContext);
|
||||||
if (NS_FAILED(rv)) return rv;
|
if (NS_FAILED(rv)) return rv;
|
||||||
PK11_Authenticate(mSlot, PR_TRUE, mUIContext);
|
srv = PK11_Authenticate(mSlot, PR_TRUE, mUIContext);
|
||||||
return NS_OK;
|
return (srv == SECSuccess) ? NS_OK : NS_ERROR_FAILURE;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* void logout (); */
|
/* void logout (); */
|
||||||
|
|
|
@ -31,7 +31,7 @@
|
||||||
* may use your version of this file under either the MPL or the
|
* may use your version of this file under either the MPL or the
|
||||||
* GPL.
|
* GPL.
|
||||||
*
|
*
|
||||||
* $Id: nsPKCS12Blob.cpp,v 1.7 2001-04-04 21:06:22 mcgreer%netscape.com Exp $
|
* $Id: nsPKCS12Blob.cpp,v 1.8 2001-05-01 23:23:22 mcgreer%netscape.com Exp $
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "prmem.h"
|
#include "prmem.h"
|
||||||
|
@ -40,7 +40,11 @@
|
||||||
#include "nsIFileSpec.h"
|
#include "nsIFileSpec.h"
|
||||||
#include "nsINSSDialogs.h"
|
#include "nsINSSDialogs.h"
|
||||||
#include "nsIDirectoryService.h"
|
#include "nsIDirectoryService.h"
|
||||||
|
#include "nsIWindowWatcher.h"
|
||||||
|
#include "nsIPrompt.h"
|
||||||
|
#include "nsProxiedService.h"
|
||||||
|
|
||||||
|
#include "nsNSSComponent.h"
|
||||||
#include "nsNSSHelper.h"
|
#include "nsNSSHelper.h"
|
||||||
#include "nsPKCS12Blob.h"
|
#include "nsPKCS12Blob.h"
|
||||||
#include "nsString.h"
|
#include "nsString.h"
|
||||||
|
@ -57,8 +61,13 @@
|
||||||
extern PRLogModuleInfo* gPIPNSSLog;
|
extern PRLogModuleInfo* gPIPNSSLog;
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#define PIP_PKCS12_TMPFILENAME ".pip_p12tmp"
|
static NS_DEFINE_CID(kNSSComponentCID, NS_NSSCOMPONENT_CID);
|
||||||
#define PIP_PKCS12_BUFFER_SIZE 2048
|
|
||||||
|
#define PIP_PKCS12_TMPFILENAME ".pip_p12tmp"
|
||||||
|
#define PIP_PKCS12_BUFFER_SIZE 2048
|
||||||
|
#define PIP_PKCS12_RESTORE_OK 1
|
||||||
|
#define PIP_PKCS12_BACKUP_OK 2
|
||||||
|
#define PIP_PKCS12_USER_CANCELED 3
|
||||||
|
|
||||||
// constructor
|
// constructor
|
||||||
nsPKCS12Blob::nsPKCS12Blob()
|
nsPKCS12Blob::nsPKCS12Blob()
|
||||||
|
@ -100,7 +109,7 @@ nsresult
|
||||||
nsPKCS12Blob::ImportFromFile(nsILocalFile *file)
|
nsPKCS12Blob::ImportFromFile(nsILocalFile *file)
|
||||||
{
|
{
|
||||||
nsresult rv;
|
nsresult rv;
|
||||||
SECStatus srv;
|
SECStatus srv = SECSuccess;
|
||||||
SEC_PKCS12DecoderContext *dcx = NULL;
|
SEC_PKCS12DecoderContext *dcx = NULL;
|
||||||
PK11SlotInfo *slot = PK11_GetInternalKeySlot(); /* XXX fix me! */
|
PK11SlotInfo *slot = PK11_GetInternalKeySlot(); /* XXX fix me! */
|
||||||
SECItem unicodePw;
|
SECItem unicodePw;
|
||||||
|
@ -112,18 +121,23 @@ nsPKCS12Blob::ImportFromFile(nsILocalFile *file)
|
||||||
// get file password (unicode)
|
// get file password (unicode)
|
||||||
unicodePw.data = NULL;
|
unicodePw.data = NULL;
|
||||||
rv = getPKCS12FilePassword(&unicodePw);
|
rv = getPKCS12FilePassword(&unicodePw);
|
||||||
if (NS_FAILED(rv) || unicodePw.data == NULL) goto finish;
|
if (NS_FAILED(rv)) goto finish;
|
||||||
rv = NS_ERROR_FAILURE;
|
if (unicodePw.data == NULL) {
|
||||||
|
handleError(PIP_PKCS12_USER_CANCELED);
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
// initialize the decoder
|
// initialize the decoder
|
||||||
dcx = SEC_PKCS12DecoderStart(&unicodePw, slot, NULL,
|
dcx = SEC_PKCS12DecoderStart(&unicodePw, slot, NULL,
|
||||||
digest_open, digest_close,
|
digest_open, digest_close,
|
||||||
digest_read, digest_write,
|
digest_read, digest_write,
|
||||||
this);
|
this);
|
||||||
if (!dcx) goto finish;
|
if (!dcx) {
|
||||||
|
srv = SECFailure;
|
||||||
|
goto finish;
|
||||||
|
}
|
||||||
// read input file and feed it to the decoder
|
// read input file and feed it to the decoder
|
||||||
rv = inputToDecoder(dcx, file);
|
rv = inputToDecoder(dcx, file);
|
||||||
if (NS_FAILED(rv)) goto finish;
|
if (NS_FAILED(rv)) goto finish;
|
||||||
rv = NS_ERROR_FAILURE;
|
|
||||||
// verify the blob
|
// verify the blob
|
||||||
srv = SEC_PKCS12DecoderVerify(dcx);
|
srv = SEC_PKCS12DecoderVerify(dcx);
|
||||||
if (srv) goto finish;
|
if (srv) goto finish;
|
||||||
|
@ -134,15 +148,15 @@ nsPKCS12Blob::ImportFromFile(nsILocalFile *file)
|
||||||
srv = SEC_PKCS12DecoderImportBags(dcx);
|
srv = SEC_PKCS12DecoderImportBags(dcx);
|
||||||
if (srv) goto finish;
|
if (srv) goto finish;
|
||||||
// Later - check to see if this should become default email cert
|
// Later - check to see if this should become default email cert
|
||||||
rv = NS_OK;
|
handleError(PIP_PKCS12_RESTORE_OK);
|
||||||
finish:
|
finish:
|
||||||
if (NS_FAILED(rv)) {
|
if (NS_FAILED(rv) || srv != SECSuccess) {
|
||||||
handleError();
|
handleError();
|
||||||
}
|
}
|
||||||
// finish the decoder
|
// finish the decoder
|
||||||
if (dcx)
|
if (dcx)
|
||||||
SEC_PKCS12DecoderFinish(dcx);
|
SEC_PKCS12DecoderFinish(dcx);
|
||||||
return rv;
|
return NS_OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
#if 0
|
#if 0
|
||||||
|
@ -201,7 +215,7 @@ nsresult
|
||||||
nsPKCS12Blob::ExportToFile(nsILocalFile *file,
|
nsPKCS12Blob::ExportToFile(nsILocalFile *file,
|
||||||
nsIX509Cert **certs, int numCerts)
|
nsIX509Cert **certs, int numCerts)
|
||||||
{
|
{
|
||||||
nsresult rv, nrv;
|
nsresult rv;
|
||||||
SECStatus srv;
|
SECStatus srv;
|
||||||
SEC_PKCS12ExportContext *ecx = NULL;
|
SEC_PKCS12ExportContext *ecx = NULL;
|
||||||
SEC_PKCS12SafeInfo *certSafe = NULL, *keySafe = NULL;
|
SEC_PKCS12SafeInfo *certSafe = NULL, *keySafe = NULL;
|
||||||
|
@ -215,12 +229,18 @@ nsPKCS12Blob::ExportToFile(nsILocalFile *file,
|
||||||
// get file password (unicode)
|
// get file password (unicode)
|
||||||
unicodePw.data = NULL;
|
unicodePw.data = NULL;
|
||||||
rv = newPKCS12FilePassword(&unicodePw);
|
rv = newPKCS12FilePassword(&unicodePw);
|
||||||
if (NS_FAILED(rv) || unicodePw.data == NULL) goto finish;
|
if (NS_FAILED(rv)) goto finish;
|
||||||
|
if (unicodePw.data == NULL) {
|
||||||
|
handleError(PIP_PKCS12_USER_CANCELED);
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
// what about slotToUse in psm 1.x ???
|
// what about slotToUse in psm 1.x ???
|
||||||
rv = NS_ERROR_FAILURE;
|
|
||||||
// create export context
|
// create export context
|
||||||
ecx = SEC_PKCS12CreateExportContext(NULL, NULL, NULL /*slot*/, NULL);
|
ecx = SEC_PKCS12CreateExportContext(NULL, NULL, NULL /*slot*/, NULL);
|
||||||
if (!ecx) goto finish;
|
if (!ecx) {
|
||||||
|
srv = SECFailure;
|
||||||
|
goto finish;
|
||||||
|
}
|
||||||
// add password integrity
|
// add password integrity
|
||||||
srv = SEC_PKCS12AddPasswordIntegrity(ecx, &unicodePw, SEC_OID_SHA1);
|
srv = SEC_PKCS12AddPasswordIntegrity(ecx, &unicodePw, SEC_OID_SHA1);
|
||||||
if (srv) goto finish;
|
if (srv) goto finish;
|
||||||
|
@ -240,9 +260,11 @@ nsPKCS12Blob::ExportToFile(nsILocalFile *file,
|
||||||
nsNSSCertificate *cert = (nsNSSCertificate *)certs[i];
|
nsNSSCertificate *cert = (nsNSSCertificate *)certs[i];
|
||||||
// get it as a CERTCertificate XXX
|
// get it as a CERTCertificate XXX
|
||||||
CERTCertificate *nssCert = NULL;
|
CERTCertificate *nssCert = NULL;
|
||||||
//nrv = cert->GetCert(&nssCert);
|
|
||||||
nssCert = cert->GetCert();
|
nssCert = cert->GetCert();
|
||||||
if (NS_FAILED(nrv)) goto finish;
|
if (!nssCert) {
|
||||||
|
rv = NS_ERROR_FAILURE;
|
||||||
|
goto finish;
|
||||||
|
}
|
||||||
// XXX this is why, to verify the slot is the same
|
// XXX this is why, to verify the slot is the same
|
||||||
// PK11_FindObjectForCert(nssCert, NULL, slot);
|
// PK11_FindObjectForCert(nssCert, NULL, slot);
|
||||||
// create the cert and key safes
|
// create the cert and key safes
|
||||||
|
@ -253,7 +275,10 @@ nsPKCS12Blob::ExportToFile(nsILocalFile *file,
|
||||||
certSafe = SEC_PKCS12CreatePasswordPrivSafe(ecx, &unicodePw,
|
certSafe = SEC_PKCS12CreatePasswordPrivSafe(ecx, &unicodePw,
|
||||||
SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC);
|
SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC);
|
||||||
}
|
}
|
||||||
if (!certSafe || !keySafe) goto finish;
|
if (!certSafe || !keySafe) {
|
||||||
|
rv = NS_ERROR_FAILURE;
|
||||||
|
goto finish;
|
||||||
|
}
|
||||||
// add the cert and key to the blob
|
// add the cert and key to the blob
|
||||||
srv = SEC_PKCS12AddCertAndKey(ecx, certSafe, NULL, nssCert,
|
srv = SEC_PKCS12AddCertAndKey(ecx, certSafe, NULL, nssCert,
|
||||||
CERT_GetDefaultCertDB(), // XXX
|
CERT_GetDefaultCertDB(), // XXX
|
||||||
|
@ -271,9 +296,9 @@ nsPKCS12Blob::ExportToFile(nsILocalFile *file,
|
||||||
// encode and write
|
// encode and write
|
||||||
srv = SEC_PKCS12Encode(ecx, write_export_file, this);
|
srv = SEC_PKCS12Encode(ecx, write_export_file, this);
|
||||||
if (srv) goto finish;
|
if (srv) goto finish;
|
||||||
rv = NS_OK;
|
handleError(PIP_PKCS12_BACKUP_OK);
|
||||||
finish:
|
finish:
|
||||||
if (NS_FAILED(rv)) {
|
if (NS_FAILED(rv) || srv != SECSuccess) {
|
||||||
handleError();
|
handleError();
|
||||||
}
|
}
|
||||||
if (ecx)
|
if (ecx)
|
||||||
|
@ -503,24 +528,104 @@ pip_ucs2_ascii_conversion_fn(PRBool toUnicode,
|
||||||
return PR_TRUE;
|
return PR_TRUE;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#define kWindowWatcherCID "@mozilla.org/embedcomp/window-watcher;1"
|
||||||
|
|
||||||
PRBool
|
PRBool
|
||||||
nsPKCS12Blob::handleError()
|
nsPKCS12Blob::handleError(int myerr)
|
||||||
{
|
{
|
||||||
|
nsresult rv;
|
||||||
|
PRBool keepGoing = PR_FALSE;
|
||||||
int prerr = PORT_GetError();
|
int prerr = PORT_GetError();
|
||||||
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("PKCS12: NSS/NSPR error(%d)", prerr));
|
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("PKCS12: NSS/NSPR error(%d)", prerr));
|
||||||
|
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("PKCS12: I called(%d)", myerr));
|
||||||
|
nsCOMPtr<nsINSSComponent> nssComponent(do_GetService(kNSSComponentCID, &rv));
|
||||||
|
if (NS_FAILED(rv)) return PR_FALSE;
|
||||||
|
nsCOMPtr<nsIProxyObjectManager> proxyman(
|
||||||
|
do_GetService(NS_XPCOMPROXY_CONTRACTID));
|
||||||
|
if (!proxyman) return PR_FALSE;
|
||||||
|
nsCOMPtr<nsIPrompt> errPrompt;
|
||||||
|
nsCOMPtr<nsIWindowWatcher> wwatch(do_GetService(kWindowWatcherCID));
|
||||||
|
if (wwatch) {
|
||||||
|
wwatch->GetNewPrompter(0, getter_AddRefs(errPrompt));
|
||||||
|
if (errPrompt) {
|
||||||
|
nsCOMPtr<nsIPrompt> proxyPrompt;
|
||||||
|
proxyman->GetProxyForObject(NS_UI_THREAD_EVENTQ, NS_GET_IID(nsIPrompt),
|
||||||
|
errPrompt, PROXY_SYNC,
|
||||||
|
getter_AddRefs(proxyPrompt));
|
||||||
|
if (!proxyPrompt) return PR_FALSE;
|
||||||
|
} else {
|
||||||
|
return PR_FALSE;
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
return PR_FALSE;
|
||||||
|
}
|
||||||
|
nsAutoString errorMsg;
|
||||||
|
switch (myerr) {
|
||||||
|
case PIP_PKCS12_RESTORE_OK:
|
||||||
|
rv = nssComponent->GetPIPNSSBundleString(
|
||||||
|
NS_LITERAL_STRING("SuccessfulP12Restore").get(),
|
||||||
|
errorMsg);
|
||||||
|
if (NS_FAILED(rv)) return rv;
|
||||||
|
errPrompt->Alert(nsnull, errorMsg.GetUnicode());
|
||||||
|
return PR_TRUE;
|
||||||
|
case PIP_PKCS12_BACKUP_OK:
|
||||||
|
rv = nssComponent->GetPIPNSSBundleString(
|
||||||
|
NS_LITERAL_STRING("SuccessfulP12Backup").get(),
|
||||||
|
errorMsg);
|
||||||
|
if (NS_FAILED(rv)) return rv;
|
||||||
|
errPrompt->Alert(nsnull, errorMsg.GetUnicode());
|
||||||
|
return PR_TRUE;
|
||||||
|
case PIP_PKCS12_USER_CANCELED:
|
||||||
|
return PR_TRUE; /* Just ignore it for now */
|
||||||
|
case 0:
|
||||||
|
default:
|
||||||
|
break;
|
||||||
|
}
|
||||||
switch (prerr) {
|
switch (prerr) {
|
||||||
|
// The following errors have the potential to be "handled", by asking
|
||||||
|
// the user (via a dialog) whether s/he wishes to continue
|
||||||
case 0: break;
|
case 0: break;
|
||||||
case SEC_ERROR_BAD_DER: /* sigh - this is thrown when password is wrong */
|
|
||||||
case SEC_ERROR_PKCS12_CERT_COLLISION:
|
case SEC_ERROR_PKCS12_CERT_COLLISION:
|
||||||
/* pop a dialog saying the cert is already in the database */
|
/* pop a dialog saying the cert is already in the database */
|
||||||
/* ask to keep going? what happens if one collision but others ok? */
|
/* ask to keep going? what happens if one collision but others ok? */
|
||||||
|
// The following errors cannot be "handled", notify the user (via an alert)
|
||||||
|
// that the operation failed.
|
||||||
|
#if 0
|
||||||
|
// XXX a boy can dream...
|
||||||
|
// but the PKCS12 lib never throws this error
|
||||||
|
// but then again, how would it? anyway, convey the info below
|
||||||
|
case SEC_ERROR_PKCS12_PRIVACY_PASSWORD_INCORRECT:
|
||||||
|
rv = nssComponent->GetPIPNSSBundleString(
|
||||||
|
NS_LITERAL_STRING("PKCS12PasswordInvalid").get(),
|
||||||
|
errorMsg);
|
||||||
|
if (NS_FAILED(rv)) return rv;
|
||||||
|
errPrompt->Alert(nsnull, errorMsg.GetUnicode());
|
||||||
|
break;
|
||||||
|
#endif
|
||||||
|
case SEC_ERROR_BAD_PASSWORD:
|
||||||
|
rv = nssComponent->GetPIPNSSBundleString(
|
||||||
|
NS_LITERAL_STRING("PK11BadPassword").get(),
|
||||||
|
errorMsg);
|
||||||
|
if (NS_FAILED(rv)) return rv;
|
||||||
|
errPrompt->Alert(nsnull, errorMsg.GetUnicode());
|
||||||
|
break;
|
||||||
|
case SEC_ERROR_BAD_DER:
|
||||||
case SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE:
|
case SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE:
|
||||||
case SEC_ERROR_PKCS12_INVALID_MAC:
|
case SEC_ERROR_PKCS12_INVALID_MAC:
|
||||||
|
rv = nssComponent->GetPIPNSSBundleString(
|
||||||
|
NS_LITERAL_STRING("PKCS12DecodeErr").get(),
|
||||||
|
errorMsg);
|
||||||
|
if (NS_FAILED(rv)) return rv;
|
||||||
|
errPrompt->Alert(nsnull, errorMsg.GetUnicode());
|
||||||
|
break;
|
||||||
default:
|
default:
|
||||||
/* open the "Unknown failure" alert */
|
rv = nssComponent->GetPIPNSSBundleString(
|
||||||
/* always exit with failure */
|
NS_LITERAL_STRING("PKCS12UnknownErrRestore").get(),
|
||||||
return PR_FALSE;
|
errorMsg);
|
||||||
|
if (NS_FAILED(rv)) return rv;
|
||||||
|
errPrompt->Alert(nsnull, errorMsg.GetUnicode());
|
||||||
}
|
}
|
||||||
return PR_FALSE;
|
if (NS_FAILED(rv)) return rv;
|
||||||
|
return keepGoing;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -31,7 +31,7 @@
|
||||||
* may use your version of this file under either the MPL or the
|
* may use your version of this file under either the MPL or the
|
||||||
* GPL.
|
* GPL.
|
||||||
*
|
*
|
||||||
* $Id: nsPKCS12Blob.h,v 1.3 2001-03-30 19:55:00 mcgreer%netscape.com Exp $
|
* $Id: nsPKCS12Blob.h,v 1.4 2001-05-01 23:23:23 mcgreer%netscape.com Exp $
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#ifndef _NS_PKCS12BLOB_H_
|
#ifndef _NS_PKCS12BLOB_H_
|
||||||
|
@ -84,7 +84,7 @@ private:
|
||||||
nsresult newPKCS12FilePassword(SECItem *);
|
nsresult newPKCS12FilePassword(SECItem *);
|
||||||
nsresult inputToDecoder(SEC_PKCS12DecoderContext *, nsILocalFile *);
|
nsresult inputToDecoder(SEC_PKCS12DecoderContext *, nsILocalFile *);
|
||||||
void unicodeToItem(PRUnichar *, SECItem *);
|
void unicodeToItem(PRUnichar *, SECItem *);
|
||||||
PRBool handleError();
|
PRBool handleError(int myerr = 0);
|
||||||
|
|
||||||
// NSPR file I/O for temporary digest file
|
// NSPR file I/O for temporary digest file
|
||||||
PRFileDesc *mTmpFile;
|
PRFileDesc *mTmpFile;
|
||||||
|
|
Загрузка…
Ссылка в новой задаче