зеркало из https://github.com/mozilla/pjs.git
Checkin for bug #75123. Improves the cert manager to make it look more like the mock-up. Implementation of nsIOutlinerView to improve cert listings.
r=javi, sr=blizzard
This commit is contained in:
Родитель
c6ee9c8192
Коммит
31c82812d4
|
@ -35,9 +35,13 @@
|
|||
<box id="CACerts" orient="vertical">
|
||||
<outliner id="ca-outliner" multiple="true"
|
||||
onselect="ca_enableButtons()" flex="1">
|
||||
<outlinercol id="certcol" label="&certmgr.certname;" flex="1"/>
|
||||
<splitter/>
|
||||
<outlinercol id="tokencol" label="&certmgr.tokenname;" flex="1"/>
|
||||
<outlinercol id="certcol" label="&certmgr.certname;" primary="true"
|
||||
class="outlinercol-header outlinercell-inset-header"
|
||||
flex="1"/>
|
||||
<splitter class="tree-splitter"/>
|
||||
<outlinercol id="tokencol" label="&certmgr.tokenname;"
|
||||
class="outlinercol-header outlinercell-inset-header"
|
||||
flex="1"/>
|
||||
<outlinercol id="certdbkeycol" collapsed="true" flex="1"/>
|
||||
<outlinerbody flex="1"/>
|
||||
</outliner>
|
||||
|
|
|
@ -37,9 +37,29 @@
|
|||
<separator class="thin"/>
|
||||
<outliner id="user-outliner" multiple="true"
|
||||
onselect="mine_enableButtons()" flex="1">
|
||||
<outlinercol id="certcol" label="&certmgr.certname;" flex="1"/>
|
||||
<splitter/>
|
||||
<outlinercol id="tokencol" label="&certmgr.tokenname;" flex="1"/>
|
||||
<outlinercol id="certcol" label="&certmgr.certname;" primary="true"
|
||||
class="outlinercol-header outlinercell-inset-header"
|
||||
flex="1"/>
|
||||
<splitter class="tree-splitter"/>
|
||||
<outlinercol id="tokencol" label="&certmgr.tokenname;"
|
||||
class="outlinercol-header outlinercell-inset-header"
|
||||
flex="1"/>
|
||||
<splitter class="tree-splitter"/>
|
||||
<outlinercol id="verifiedcol" label="&certmgr.verified;"
|
||||
class="outlinercol-header outlinercell-inset-header"
|
||||
flex="1"/>
|
||||
<splitter class="tree-splitter"/>
|
||||
<outlinercol id="purposecol" label="&certmgr.purpose;"
|
||||
class="outlinercol-header outlinercell-inset-header"
|
||||
flex="1"/>
|
||||
<splitter class="tree-splitter"/>
|
||||
<outlinercol id="issuedcol" label="&certmgr.issued;"
|
||||
class="outlinercol-header outlinercell-inset-header"
|
||||
flex="1"/>
|
||||
<splitter class="tree-splitter"/>
|
||||
<outlinercol id="expiredcol" label="&certmgr.expires;"
|
||||
class="outlinercol-header outlinercell-inset-header"
|
||||
flex="1"/>
|
||||
<outlinercol id="certdbkeycol" collapsed="true" flex="1"/>
|
||||
<outlinerbody flex="1"/>
|
||||
</outliner>
|
||||
|
|
|
@ -37,9 +37,13 @@
|
|||
<separator class="thin"/>
|
||||
<outliner id="server-outliner" multiple="true"
|
||||
onselect="websites_enableButtons()" flex="1">
|
||||
<outlinercol id="certcol" label="&certmgr.certname;" flex="1"/>
|
||||
<splitter/>
|
||||
<outlinercol id="tokencol" label="&certmgr.tokenname;" flex="1"/>
|
||||
<outlinercol id="certcol" label="&certmgr.certname;" primary="true"
|
||||
class="outlinercol-header outlinercell-inset-header"
|
||||
flex="1"/>
|
||||
<splitter class="tree-splitter"/>
|
||||
<outlinercol id="tokencol" label="&certmgr.tokenname;"
|
||||
class="outlinercol-header outlinercell-inset-header"
|
||||
flex="1"/>
|
||||
<outlinercol id="certdbkeycol" collapsed="true" flex="1"/>
|
||||
<outlinerbody flex="1"/>
|
||||
</outliner>
|
||||
|
|
|
@ -26,137 +26,80 @@ const nsFilePicker = "@mozilla.org/filepicker;1";
|
|||
const nsIX509CertDB = Components.interfaces.nsIX509CertDB;
|
||||
const nsX509CertDB = "@mozilla.org/security/x509certdb;1";
|
||||
const nsIX509Cert = Components.interfaces.nsIX509Cert;
|
||||
const nsICertOutliner = Components.interfaces.nsICertOutliner;
|
||||
const nsCertOutliner = "@mozilla.org/security/nsCertOutliner;1";
|
||||
|
||||
var selected_certs = [];
|
||||
var certdb;
|
||||
|
||||
var caCertNameList;
|
||||
var serverCertNameList;
|
||||
//var emailCertNameList;
|
||||
var userCertNameList;
|
||||
var caOutlinerView;
|
||||
var serverOutlinerView;
|
||||
//var emailOutlinerView;
|
||||
var userOutlinerView;
|
||||
|
||||
var caOutlinerView = {
|
||||
rowCount : 50,
|
||||
setOutliner : function(outliner) {},
|
||||
getCellText : function(row, column) {
|
||||
if (row >= caCertNameList.length) return "";
|
||||
var certstuff = caCertNameList[row];
|
||||
var delim = certstuff[0];
|
||||
var certstr = certstuff.split(delim);
|
||||
if (certstr.length < 4) {
|
||||
tokenname = "PSM Certificate Database";
|
||||
certname = certstr[1];
|
||||
certkey = certstr[2];
|
||||
} else {
|
||||
tokenname = certstr[1];
|
||||
certname = certstr[2];
|
||||
certkey = certstr[3];
|
||||
}
|
||||
if (column=="certcol") return certname;
|
||||
else if (column=="tokencol") return tokenname;
|
||||
else return certkey;
|
||||
},
|
||||
getRowProperties : function(row, prop) {},
|
||||
getColumnProperties : function(column, prop) {},
|
||||
getCellProperties : function(cell, prop) {},
|
||||
isContainer : function(index) { return false; }
|
||||
};
|
||||
function LoadCerts()
|
||||
{
|
||||
certdb = Components.classes[nsX509CertDB].getService(nsIX509CertDB);
|
||||
|
||||
var serverOutlinerView = {
|
||||
rowCount : 10,
|
||||
setOutliner : function(outliner) {},
|
||||
getCellText : function(row, column) {
|
||||
if (row >= serverCertNameList.length) return "";
|
||||
var certstuff = serverCertNameList[row];
|
||||
var delim = certstuff[0];
|
||||
var certstr = certstuff.split(delim);
|
||||
if (certstr.length < 4) {
|
||||
tokenname = "PSM Certificate Database";
|
||||
certname = certstr[1];
|
||||
certkey = certstr[2];
|
||||
} else {
|
||||
tokenname = certstr[1];
|
||||
certname = certstr[2];
|
||||
certkey = certstr[3];
|
||||
}
|
||||
if (column=="certcol") return certname;
|
||||
else if (column=="tokencol") return tokenname;
|
||||
else return certkey;
|
||||
},
|
||||
getRowProperties : function(row, prop) {},
|
||||
getColumnProperties : function(column, prop) {},
|
||||
getCellProperties : function(cell, prop) {},
|
||||
isContainer : function(index) { return false; }
|
||||
};
|
||||
caOutlinerView = Components.classes[nsCertOutliner]
|
||||
.createInstance(nsICertOutliner);
|
||||
caOutlinerView.loadCerts(nsIX509Cert.CA_CERT);
|
||||
document.getElementById('ca-outliner')
|
||||
.outlinerBoxObject.view = caOutlinerView;
|
||||
|
||||
serverOutlinerView = Components.classes[nsCertOutliner]
|
||||
.createInstance(nsICertOutliner);
|
||||
serverOutlinerView.loadCerts(nsIX509Cert.SERVER_CERT);
|
||||
document.getElementById('server-outliner')
|
||||
.outlinerBoxObject.view = serverOutlinerView;
|
||||
|
||||
/*
|
||||
var emailOutlinerView = {
|
||||
rowCount : 10,
|
||||
setOutliner : function(outliner) {},
|
||||
getCellText : function(row, column) {
|
||||
if (row >= emailCertNameList.length) return "";
|
||||
var certname = emailCertertNameList[row];
|
||||
var ti = certname.indexOf(":");
|
||||
var tokenname = "PSM Certificate Database";
|
||||
if (ti > 0) {
|
||||
tokenname = certname.substring(0, ti);
|
||||
certname = certname.substring(ti+1, certname.length);
|
||||
}
|
||||
var ki = certname.indexOf(1);
|
||||
var keystr = certname.substring(ki+1, certname.length);
|
||||
certname = certname.substring(0, ki);
|
||||
if (column=="certcol") return certname;
|
||||
else if (column=="tokencol") return tokenname;
|
||||
else return keystr;
|
||||
},
|
||||
getRowProperties : function(row, prop) {},
|
||||
getColumnProperties : function(column, prop) {},
|
||||
getCellProperties : function(cell, prop) {},
|
||||
isContainer : function(index) { return false; }
|
||||
};
|
||||
emailOutlinerView = Components.classes[nsCertOutliner]
|
||||
.createInstance(nsICertOutliner);
|
||||
emailOutlinerView.loadCerts(nsIX509Cert.EMAIL_CERT);
|
||||
document.getElementById('email-outliner')
|
||||
.outlinerBoxObject.view = emailOutlinerView;
|
||||
*/
|
||||
|
||||
var userOutlinerView = {
|
||||
rowCount : 10,
|
||||
setOutliner : function(outliner) {},
|
||||
getCellText : function(row, column) {
|
||||
if (row >= userCertNameList.length) return "";
|
||||
var certstuff = userCertNameList[row];
|
||||
var delim = certstuff[0];
|
||||
var certstr = certstuff.split(delim);
|
||||
if (certstr.length < 4) {
|
||||
tokenname = "PSM Certificate Database";
|
||||
certname = certstr[1];
|
||||
certkey = certstr[2];
|
||||
} else {
|
||||
tokenname = certstr[1];
|
||||
certname = certstr[2];
|
||||
certkey = certstr[3];
|
||||
}
|
||||
if (column=="certcol") return certname;
|
||||
else if (column=="tokencol") return tokenname;
|
||||
else return certkey;
|
||||
},
|
||||
getRowProperties : function(row, prop) {},
|
||||
getColumnProperties : function(column, prop) {},
|
||||
getCellProperties : function(cell, prop) {},
|
||||
isContainer : function(index) { return false; }
|
||||
};
|
||||
userOutlinerView = Components.classes[nsCertOutliner]
|
||||
.createInstance(nsICertOutliner);
|
||||
userOutlinerView.loadCerts(nsIX509Cert.USER_CERT);
|
||||
document.getElementById('user-outliner')
|
||||
.outlinerBoxObject.view = userOutlinerView;
|
||||
|
||||
}
|
||||
|
||||
function ReloadCerts()
|
||||
{
|
||||
caOutlinerView.loadCerts(nsIX509Cert.CA_CERT);
|
||||
serverOutlinerView.loadCerts(nsIX509Cert.SERVER_CERT);
|
||||
//emailOutlinerView.loadCerts(nsIX509Cert.EMAIL_CERT);
|
||||
userOutlinerView.loadCerts(nsIX509Cert.USER_CERT);
|
||||
}
|
||||
|
||||
function getSelectedCerts()
|
||||
{
|
||||
var ca_tab = document.getElementById("ca_tab");
|
||||
var mine_tab = document.getElementById("mine_tab");
|
||||
//var others_tab = document.getElementById("others_tab");
|
||||
var websites_tab = document.getElementById("websites_tab");
|
||||
var items = caOutlinerView.selection;
|
||||
if (mine_tab.selected) {
|
||||
var items = null;
|
||||
if (ca_tab.selected) {
|
||||
items = caOutlinerView.selection;
|
||||
} else if (mine_tab.selected) {
|
||||
items = userOutlinerView.selection;
|
||||
/*
|
||||
} else if (others_tab.selected) {
|
||||
items = emailOutlinerView.selection;
|
||||
*/
|
||||
} else if (websites_tab.selected) {
|
||||
items = serverOutlinerView.selection;
|
||||
}
|
||||
var nr = items.getRangeCount();
|
||||
selected_certs = [];
|
||||
var cert = null;
|
||||
var nr = 0;
|
||||
if (items != null) nr = items.getRangeCount();
|
||||
if (nr > 0) {
|
||||
selected_certs = [];
|
||||
for (var i=0; i<nr; i++) {
|
||||
var o1 = {};
|
||||
var o2 = {};
|
||||
|
@ -164,55 +107,24 @@ function getSelectedCerts()
|
|||
var min = o1.value;
|
||||
var max = o2.value;
|
||||
for (var j=min; j<=max; j++) {
|
||||
var tokenName = items.outliner.view.getCellText(j, "tokencol");
|
||||
//var certName = items.outliner.view.getCellText(j, "certcol");
|
||||
var certDBKey = items.outliner.view.getCellText(j, "certdbkeycol");
|
||||
selected_certs[selected_certs.length] = [tokenName, certDBKey];
|
||||
if (ca_tab.selected) {
|
||||
cert = caOutlinerView.getCert(j);
|
||||
} else if (mine_tab.selected) {
|
||||
cert = userOutlinerView.getCert(j);
|
||||
/*
|
||||
} else if (others_tab.selected) {
|
||||
cert = emailOutlinerView.getCert(j);
|
||||
*/
|
||||
} else if (websites_tab.selected) {
|
||||
cert = serverOutlinerView.getCert(j);
|
||||
}
|
||||
if (cert)
|
||||
selected_certs[selected_certs.length] = cert;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
function LoadCertNamesByType(type)
|
||||
{
|
||||
var obj1 = {};
|
||||
var obj2 = {};
|
||||
certdb.getCertNicknames(null, type, obj1, obj2);
|
||||
var count = obj1.value;
|
||||
if (type == nsIX509Cert.CA_CERT) {
|
||||
caCertNameList = obj2.value;
|
||||
caCertNameList.sort();
|
||||
} else if (type == nsIX509Cert.SERVER_CERT) {
|
||||
serverCertNameList = obj2.value;
|
||||
serverCertNameList.sort();
|
||||
/*
|
||||
} else if (type == nsIX509Cert.EMAIL_CERT) {
|
||||
emailCertNameList = obj2.value;
|
||||
emailCertNameList.sort();
|
||||
*/
|
||||
} else { /* if (type == nsIX509Cert.USER_CERT) */
|
||||
userCertNameList = obj2.value;
|
||||
userCertNameList.sort();
|
||||
}
|
||||
}
|
||||
|
||||
function LoadCertNames()
|
||||
{
|
||||
certdb = Components.classes[nsX509CertDB].getService(nsIX509CertDB);
|
||||
LoadCertNamesByType(nsIX509Cert.CA_CERT);
|
||||
LoadCertNamesByType(nsIX509Cert.SERVER_CERT);
|
||||
//LoadCertNamesByType(nsIX509Cert.EMAIL_CERT);
|
||||
LoadCertNamesByType(nsIX509Cert.USER_CERT);
|
||||
document.getElementById('ca-outliner')
|
||||
.outlinerBoxObject.view = caOutlinerView;
|
||||
document.getElementById('server-outliner')
|
||||
.outlinerBoxObject.view = serverOutlinerView;
|
||||
/*document.getElementById('email-outliner')
|
||||
.outlinerBoxObject.view = emailOutlinerView; */
|
||||
document.getElementById('user-outliner')
|
||||
.outlinerBoxObject.view = userOutlinerView;
|
||||
}
|
||||
|
||||
function ca_enableButtons()
|
||||
{
|
||||
var items = caOutlinerView.selection;
|
||||
|
@ -221,6 +133,8 @@ function ca_enableButtons()
|
|||
if (nr == 0) {
|
||||
toggle="true";
|
||||
}
|
||||
edit_toggle=toggle;
|
||||
/*
|
||||
var edit_toggle="true";
|
||||
if (nr > 0) {
|
||||
for (var i=0; i<nr; i++) {
|
||||
|
@ -240,6 +154,7 @@ function ca_enableButtons()
|
|||
edit_toggle="false";
|
||||
}
|
||||
}
|
||||
*/
|
||||
var enableViewButton=document.getElementById('ca_viewButton');
|
||||
enableViewButton.setAttribute("disabled",toggle);
|
||||
var enableEditButton=document.getElementById('ca_editButton');
|
||||
|
@ -281,15 +196,7 @@ function websites_enableButtons()
|
|||
function backupCerts()
|
||||
{
|
||||
getSelectedCerts();
|
||||
var numcerts= selected_certs.length;
|
||||
var certs = [];
|
||||
var windowName = "";
|
||||
for (var t=0; t<numcerts; t++) {
|
||||
//var token = tokendb.findTokenByName(selected_certs[t][0]);
|
||||
var token = null;
|
||||
if (selected_certs[t][1].length == 0) break; // workaround
|
||||
certs[t] = certdb.getCertByDBKey(selected_certs[t][1], token);
|
||||
}
|
||||
var numcerts = selected_certs.length;
|
||||
var bundle = srGetStrBundle("chrome://pippki/locale/pippki.properties");
|
||||
var fp = Components.classes[nsFilePicker].createInstance(nsIFilePicker);
|
||||
fp.init(window,
|
||||
|
@ -299,10 +206,9 @@ function backupCerts()
|
|||
fp.appendFilters(nsIFilePicker.filterAll);
|
||||
if (fp.show() == nsIFilePicker.returnOK ||
|
||||
fp.show() == nsIFilePicker.returnReplace) {
|
||||
certdb.exportPKCS12File(null, fp.file, certs.length, certs);
|
||||
certdb.exportPKCS12File(null, fp.file,
|
||||
selected_certs.length, selected_certs);
|
||||
}
|
||||
// don't really know it was successful...
|
||||
alert(bundle.GetStringFromName("SuccessfulP12Backup"));
|
||||
}
|
||||
|
||||
function backupAllCerts()
|
||||
|
@ -315,12 +221,10 @@ function backupAllCerts()
|
|||
function editCerts()
|
||||
{
|
||||
getSelectedCerts();
|
||||
var numcerts= selected_certs.length;
|
||||
var numcerts = selected_certs.length;
|
||||
for (var t=0; t<numcerts; t++) {
|
||||
//var token = tokendb.findTokenByName(selected_certs[t][0]);
|
||||
var token = null;
|
||||
var certkey = selected_certs[t][1];
|
||||
var cert = certdb.getCertByDBKey(certkey, token);
|
||||
var cert = selected_certs[t];
|
||||
var certkey = cert.dbKey;
|
||||
window.open('chrome://pippki/content/editcerts.xul', certkey,
|
||||
'chrome,width=500,height=400,resizable=1');
|
||||
}
|
||||
|
@ -339,47 +243,28 @@ function restoreCerts()
|
|||
var certdb = Components.classes[nsX509CertDB].getService(nsIX509CertDB);
|
||||
certdb.importPKCS12File(null, fp.file);
|
||||
}
|
||||
// don't really know it was successful...
|
||||
alert(bundle.GetStringFromName("SuccessfulP12Restore"));
|
||||
LoadCertNames();
|
||||
userOutlinerView.loadCerts(nsIX509Cert.USER_CERT);
|
||||
}
|
||||
|
||||
function deleteCerts()
|
||||
{
|
||||
getSelectedCerts();
|
||||
var numcerts= selected_certs.length;
|
||||
/*
|
||||
var windowName = "";
|
||||
for (var t=0; t<selected_certs.length; t++) {
|
||||
if (selected_certs[t][0] &&
|
||||
selected_certs[t][0] != "PSM Certificate Database") { // token name
|
||||
windowName = selected_certs[t].join(":");
|
||||
} else {
|
||||
windowName = selected_certs[t][1];
|
||||
}
|
||||
*/
|
||||
var numcerts = selected_certs.length;
|
||||
for (var t=0; t<numcerts; t++) {
|
||||
//var token = tokendb.findTokenByName(selected_certs[t][0]);
|
||||
var token = null;
|
||||
var cert = certdb.getCertByDBKey(selected_certs[t][1], token);
|
||||
alert("You want to delete \"" + cert.windowTitle + "\"");
|
||||
/*
|
||||
window.open('chrome://pippki/content/deleteCert.xul', windowName,
|
||||
'chrome,width=500,height=400,resizable=1');
|
||||
*/
|
||||
var cert = selected_certs[t];
|
||||
var certkey = cert.dbKey;
|
||||
window.openDialog('chrome://pippki/content/deletecert.xul', certkey,
|
||||
'chrome,resizable=1,modal');
|
||||
}
|
||||
LoadCertNames();
|
||||
ReloadCerts();
|
||||
}
|
||||
|
||||
function viewCerts()
|
||||
{
|
||||
getSelectedCerts();
|
||||
var numcerts= selected_certs.length;
|
||||
var numcerts = selected_certs.length;
|
||||
for (var t=0; t<numcerts; t++) {
|
||||
//var token = tokendb.findTokenByName(selected_certs[t][0]);
|
||||
var token = null;
|
||||
var cert = certdb.getCertByDBKey(selected_certs[t][1], token);
|
||||
cert.view();
|
||||
selected_certs[t].view();
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -37,10 +37,10 @@
|
|||
<window id="certmanager"
|
||||
xmlns:html="http://www.w3.org/1999/xhtml"
|
||||
xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"
|
||||
style="width: 30em;"
|
||||
style="width: 40em;"
|
||||
title="&certmgr.title;"
|
||||
debug="0"
|
||||
onload="LoadCertNames()">
|
||||
onload="LoadCerts()">
|
||||
|
||||
<script src="chrome://global/content/strres.js" />
|
||||
<script src="certManager.js"/>
|
||||
|
@ -53,13 +53,17 @@
|
|||
<tabbox flex="0" orient="vertical">
|
||||
<tabs orient="horizontal">
|
||||
<tab id="mine_tab" label="&certmgr.tab.mine;" />
|
||||
<!--
|
||||
<tab id="others_tab" label="&certmgr.tab.others;" />
|
||||
-->
|
||||
<tab id="websites_tab" label="&certmgr.tab.websites;" />
|
||||
<tab id="ca_tab" label="&certmgr.tab.ca;" selected="true"/>
|
||||
</tabs>
|
||||
<tabpanels flex="1">
|
||||
<box id="myCerts" flex="1"/>
|
||||
<!--
|
||||
<box id="othersCerts" flex="1"/>
|
||||
-->
|
||||
<box id="webCerts" flex="1"/>
|
||||
<box id="CACerts" flex="1"/>
|
||||
</tabpanels>
|
||||
|
|
|
@ -0,0 +1,54 @@
|
|||
/*
|
||||
* The contents of this file are subject to the Mozilla Public
|
||||
* License Version 1.1 (the "License"); you may not use this file
|
||||
* except in compliance with the License. You may obtain a copy of
|
||||
* the License at http://www.mozilla.org/MPL/
|
||||
*
|
||||
* Software distributed under the License is distributed on an "AS
|
||||
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
|
||||
* implied. See the License for the specific language governing
|
||||
* rights and limitations under the License.
|
||||
*
|
||||
* The Original Code is mozilla.org code.
|
||||
*
|
||||
* The Initial Developer of the Original Code is Netscape
|
||||
* Communications Corporation. Portions created by Netscape are
|
||||
* Copyright (C) 2001 Netscape Communications Corporation. All
|
||||
* Rights Reserved.
|
||||
*
|
||||
* Contributor(s):
|
||||
* Ian McGreer <mcgreer@netscape.com>
|
||||
*/
|
||||
|
||||
const nsIX509Cert = Components.interfaces.nsIX509Cert;
|
||||
const nsX509CertDB = "@mozilla.org/security/x509certdb;1";
|
||||
const nsIX509CertDB = Components.interfaces.nsIX509CertDB;
|
||||
const nsIPKIParamBlock = Components.interfaces.nsIPKIParamBlock;
|
||||
|
||||
var certdb;
|
||||
var cert;
|
||||
|
||||
function setWindowName()
|
||||
{
|
||||
var dbkey = self.name;
|
||||
|
||||
// Get the cert from the cert database
|
||||
certdb = Components.classes[nsX509CertDB].getService(nsIX509CertDB);
|
||||
//var pkiParams = window.arguments[0].QueryInterface(nsIPKIParamBlock);
|
||||
//var isupport = pkiParams.getISupportAtIndex(1);
|
||||
//cert = isupport.QueryInterface(nsIX509Cert);
|
||||
cert = certdb.getCertByDBKey(dbkey, null);
|
||||
|
||||
var windowReference = document.getElementById('deleteCert');
|
||||
windowReference.setAttribute("title", cert.commonName);
|
||||
|
||||
var certname = document.getElementById("certname");
|
||||
certname.setAttribute("value", cert.commonName);
|
||||
|
||||
}
|
||||
|
||||
function doOK()
|
||||
{
|
||||
certdb.deleteCertificate(cert);
|
||||
window.close();
|
||||
}
|
|
@ -0,0 +1,55 @@
|
|||
<?xml version="1.0"?>
|
||||
<!--
|
||||
- The contents of this file are subject to the Mozilla Public
|
||||
- License Version 1.1 (the "License"); you may not use this file
|
||||
- except in compliance with the License. You may obtain a copy of
|
||||
- the License at http://www.mozilla.org/MPL/
|
||||
-
|
||||
- Software distributed under the License is distributed on an "AS
|
||||
- IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
|
||||
- implied. See the License for the specific language governing
|
||||
- rights and limitations under the License.
|
||||
-
|
||||
- The Original Code is mozilla.org code.
|
||||
-
|
||||
- The Initial Developer of the Original Code is Netscape
|
||||
- Communications Corp. Portions created by Netscape are
|
||||
- Copyright (C) 2001 Netscape Communications Corp. All
|
||||
- Rights Reserved.
|
||||
-
|
||||
- Contributor(s):
|
||||
- Ian McGreer <mcgreer@netscape.com>
|
||||
-->
|
||||
|
||||
<?xml-stylesheet href="chrome://global/skin/" type="text/css"?>
|
||||
|
||||
<!DOCTYPE window SYSTEM "chrome://pippki/locale/certManager.dtd">
|
||||
|
||||
<window
|
||||
id="deleteCert"
|
||||
title="&certmgr.deletecert.title;"
|
||||
xmlns:html="http://www.w3.org/1999/xhtml"
|
||||
xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"
|
||||
onload="setWindowName();"
|
||||
persist="height width screenX screenY"
|
||||
debug="false"
|
||||
>
|
||||
|
||||
<script src="deletecert.js"/>
|
||||
|
||||
<box orient="vertical" flex="1">
|
||||
<html>&certmgr.deletecert.beforename;</html>
|
||||
<text id="certname"/>
|
||||
<html>&certmgr.deletecert.aftername;</html>
|
||||
<separator />
|
||||
<box orient="horizontal" align="center">
|
||||
<button id="ok-button" class="dialog" label="&certmgr.ok.label;"
|
||||
style="width: 8ex" oncommand="doOK();"/>
|
||||
<button id="cancel-button" class="dialog" label="&certmgr.cancel.label;"
|
||||
style="width: 8ex" oncommand="window.close();" />
|
||||
<button id="help-button" class="dialog" label="&certmgr.help.label;"
|
||||
style="width: 8ex" oncommand="alert('Help to add here');" />
|
||||
</box>
|
||||
</box>
|
||||
|
||||
</window>
|
|
@ -24,22 +24,21 @@
|
|||
const nsIX509Cert = Components.interfaces.nsIX509Cert;
|
||||
const nsX509CertDB = "@mozilla.org/security/x509certdb;1";
|
||||
const nsIX509CertDB = Components.interfaces.nsIX509CertDB;
|
||||
const nsIPKIParamBlock = Components.interfaces.nsIPKIParamBlock;
|
||||
|
||||
//var myName;
|
||||
// XXX yes?
|
||||
var certdb;
|
||||
var cert;
|
||||
|
||||
function setWindowName()
|
||||
{
|
||||
//myName = self.name;
|
||||
certkey = self.name;
|
||||
var dbkey = self.name;
|
||||
|
||||
// Get the cert from the cert database
|
||||
certdb = Components.classes[nsX509CertDB].getService(nsIX509CertDB);
|
||||
//var cert = certdb.getCertByNickname(token, myName);
|
||||
//cert = certdb.getCertByNickname(null, myName);
|
||||
cert = certdb.getCertByDBKey(certkey, null);
|
||||
//var pkiParams = window.arguments[0].QueryInterface(nsIPKIParamBlock);
|
||||
//var isupport = pkiParams.getISupportAtIndex(1);
|
||||
//cert = isupport.QueryInterface(nsIX509Cert);
|
||||
cert = certdb.getCertByDBKey(dbkey, null);
|
||||
|
||||
var windowReference = document.getElementById('editCert');
|
||||
windowReference.setAttribute("title", cert.commonName);
|
||||
|
|
|
@ -1,65 +0,0 @@
|
|||
<?xml version="1.0"?>
|
||||
<!--
|
||||
- The contents of this file are subject to the Mozilla Public
|
||||
- License Version 1.1 (the "License"); you may not use this file
|
||||
- except in compliance with the License. You may obtain a copy of
|
||||
- the License at http://www.mozilla.org/MPL/
|
||||
-
|
||||
- Software distributed under the License is distributed on an "AS
|
||||
- IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
|
||||
- implied. See the License for the specific language governing
|
||||
- rights and limitations under the License.
|
||||
-
|
||||
- The Original Code is mozilla.org code.
|
||||
-
|
||||
- The Initial Developer of the Original Code is Netscape
|
||||
- Communications Corp. Portions created by Netscape are
|
||||
- Copyright (C) 2001 Netscape Communications Corp. All
|
||||
- Rights Reserved.
|
||||
-
|
||||
- Contributor(s):
|
||||
- Bob Lord <lord@netscape.com>
|
||||
- Ian McGreer <mcgreer@netscape.com>
|
||||
-->
|
||||
|
||||
<?xml-stylesheet href="chrome://global/skin/" type="text/css"?>
|
||||
|
||||
<!DOCTYPE window SYSTEM "chrome://pippki/locale/certManager.dtd">
|
||||
|
||||
<window
|
||||
id="editCert"
|
||||
title="&certmgr.editcert.title;"
|
||||
xmlns:html="http://www.w3.org/1999/xhtml"
|
||||
xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"
|
||||
onload="setWindowName();"
|
||||
persist="height width screenX screenY"
|
||||
debug="false"
|
||||
>
|
||||
|
||||
<script src="editcerts.js"/>
|
||||
|
||||
<box orient="vertical" flex="1">
|
||||
<html>&certmgr.editcert.beforename;</html>
|
||||
<text id="certname"/>
|
||||
<html>&certmgr.editcert.aftername;</html>
|
||||
<separator />
|
||||
<html>&certmgr.editcert.edittrust;</html>
|
||||
<box orient = "vertical">
|
||||
<checkbox label="&certmgr.editcert.trustssl;" checked="false"
|
||||
id="trustSSL"/>
|
||||
<checkbox label="&certmgr.editcert.trustemail;" checked="false"
|
||||
id="trustEmail"/>
|
||||
<checkbox label="&certmgr.editcert.trustobjsign;" checked="false"
|
||||
id="trustObjSign"/>
|
||||
</box>
|
||||
<box orient="horizontal" align="center">
|
||||
<button id="ok-button" class="dialog" label="&certmgr.ok.label;"
|
||||
style="width: 8ex" oncommand="doOK();"/>
|
||||
<button id="cancel-button" class="dialog" label="&certmgr.cancel.label;"
|
||||
style="width: 8ex" oncommand="window.close();" />
|
||||
<button id="help-button" class="dialog" label="&certmgr.help.label;"
|
||||
style="width: 8ex" oncommand="alert('Help to add here');" />
|
||||
</box>
|
||||
</box>
|
||||
|
||||
</window>
|
|
@ -48,6 +48,11 @@ function onLoad()
|
|||
|
||||
function openCertManager()
|
||||
{
|
||||
window.open('chrome://pippki/content/certManager.xul', "",
|
||||
'chrome,width=500,height=400,resizable=1');
|
||||
// var windowReference = document.getElementById("certmanager");
|
||||
// if (windowReference != null) {
|
||||
// windowReference.focus();
|
||||
// } else {
|
||||
window.open('chrome://pippki/content/certManager.xul', "",
|
||||
'chrome,width=500,height=400,resizable=1');
|
||||
// }
|
||||
}
|
||||
|
|
|
@ -20,6 +20,8 @@ pippki.jar:
|
|||
content/pippki/viewCertDetails.xul (content/viewCertDetails.xul)
|
||||
content/pippki/editcerts.xul (content/editcerts.xul)
|
||||
content/pippki/editcerts.js (content/editcerts.js)
|
||||
content/pippki/deletecert.xul (content/deletecert.xul)
|
||||
content/pippki/deletecert.js (content/deletecert.js)
|
||||
content/pippki/viewCertDetails.js (content/viewCertDetails.js)
|
||||
content/pippki/getp12password.xul (content/getp12password.xul)
|
||||
content/pippki/setp12password.xul (content/setp12password.xul)
|
||||
|
|
|
@ -56,8 +56,20 @@
|
|||
<!ENTITY certmgr.editcert.trustemail "This certificate can identify mail users.">
|
||||
<!ENTITY certmgr.editcert.trustobjsign "This certificate can identify software makers.">
|
||||
|
||||
<!ENTITY certmgr.deletecert.title "Delete Certificate">
|
||||
<!ENTITY certmgr.deletecert.beforename "You have requested to delete this certificate:">
|
||||
<!ENTITY certmgr.deletecert.aftername "Are you sure you want to delete this certificate?">
|
||||
<!ENTITY certmgr.deleteusercert.title "Delete Your Certificate">
|
||||
<!ENTITY certmgr.deleteusercert.beforename "You have requested to delete the certificate:">
|
||||
<!ENTITY certmgr.deleteusercert.aftername "Once you have deleted this certificate, you will not be able to read mail that has been encrypted with it.">
|
||||
|
||||
<!ENTITY certmgr.certname "Certificate Name">
|
||||
<!ENTITY certmgr.tokenname "Token Name">
|
||||
<!ENTITY certmgr.verified "Verified">
|
||||
<!ENTITY certmgr.purpose "Purpose">
|
||||
<!ENTITY certmgr.issued "Issued On">
|
||||
<!ENTITY certmgr.expires "Expires On">
|
||||
|
||||
<!ENTITY certmgr.help.label "Help">
|
||||
<!ENTITY certmgr.ok.label "Ok">
|
||||
<!ENTITY certmgr.close.label "Close">
|
||||
|
|
|
@ -45,6 +45,9 @@
|
|||
<!ENTITY cancel.label "Cancel">
|
||||
<!ENTITY help.label "Help">
|
||||
|
||||
<!ENTITY piperror.title "Error">
|
||||
<!ENTITY pipalert.title "Error - cannot recover">
|
||||
|
||||
<!-- Prefs panel strings -->
|
||||
<!ENTITY pref.security.general.lHeader "Security">
|
||||
<!ENTITY pref.security.general.rHeader "Settings for general security">
|
||||
|
|
|
@ -29,8 +29,6 @@ newCAMessage1=Do you want to trust "%S" for the following purposes?
|
|||
#PKCS#12 file dialogs
|
||||
chooseP12RestoreFileDialog=File Name to Restore
|
||||
chooseP12BackupFileDialog=File Name to Backup
|
||||
SuccessfulP12Backup=Successfully backed up your security certificate(s) and private key(s).
|
||||
SuccessfulP12Restore=Successfully restored your security certificate(s) and private key(s).
|
||||
|
||||
#Mismatch Domain Dialg
|
||||
mismatchDomainMsg1=You have attempted to establish a connection with "%S". However, the security certificate presented belongs to "%S". It is possible, though unlikely, that someone may be trying to intercept your communication with this web site.
|
||||
|
|
|
@ -51,6 +51,7 @@ XPIDLSRCS = \
|
|||
nsIPKCS11Slot.idl \
|
||||
nsIPK11TokenDB.idl \
|
||||
nsINSSDialogs.idl \
|
||||
nsICertOutliner.idl \
|
||||
$(NULL)
|
||||
|
||||
include $(topsrcdir)/config/rules.mk
|
||||
|
|
|
@ -57,6 +57,7 @@ XPIDLSRCS= \
|
|||
.\nsIPKCS11Slot.idl \
|
||||
.\nsIPK11TokenDB.idl \
|
||||
.\nsINSSDialogs.idl \
|
||||
.\nsICertOutliner.idl \
|
||||
$(NULL)
|
||||
|
||||
|
||||
|
|
|
@ -59,6 +59,9 @@ interface nsIX509Cert : nsISupports {
|
|||
readonly attribute wstring rsaPubModulus;
|
||||
readonly attribute wstring sha1Fingerprint;
|
||||
readonly attribute wstring md5Fingerprint;
|
||||
readonly attribute wstring issuedDate;
|
||||
readonly attribute wstring expiresDate;
|
||||
readonly attribute wstring tokenName;
|
||||
|
||||
readonly attribute nsIX509CertValidity validity;
|
||||
readonly attribute string dbKey;
|
||||
|
@ -92,6 +95,8 @@ interface nsIX509Cert : nsISupports {
|
|||
out PRUint32 count,
|
||||
[array, size_is(count)] out wstring usages);
|
||||
|
||||
void getPurposes(out PRUint32 verified, out wstring purposes);
|
||||
|
||||
/*
|
||||
* This method is here to make it easier to view a cert.
|
||||
* It will get the implemention of the nsICertificateDialogs
|
||||
|
|
|
@ -39,10 +39,27 @@
|
|||
#include "nsString.h"
|
||||
%}
|
||||
|
||||
interface nsISupportsArray;
|
||||
interface nsIX509Cert;
|
||||
interface nsIPK11Token;
|
||||
interface nsILocalFile;
|
||||
|
||||
%{C++
|
||||
|
||||
#define NS_X509CERTDB_CID { /* da48b3c0-1284-11d5-ac67-000064657374 */ \
|
||||
0xda48b3c0, \
|
||||
0x1284, \
|
||||
0x11d5, \
|
||||
{0xac, 0x67, 0x00, 0x00, 0x64, 0x65, 0x73, 0x74} \
|
||||
}
|
||||
|
||||
#define NS_X509CERTDB_CONTRACTID "@mozilla.org/security/x509certdb;1"
|
||||
|
||||
typedef int (*nsCertCompareFunc)(nsIX509Cert *a, nsIX509Cert *b);
|
||||
|
||||
%}
|
||||
|
||||
native nsCertCompareFunc(nsCertCompareFunc);
|
||||
native nsAutoString(nsAutoString);
|
||||
[ref] native nsAutoStringRef(nsAutoString);
|
||||
|
||||
|
@ -84,6 +101,16 @@ interface nsIX509CertDB : nsISupports {
|
|||
out unsigned long count,
|
||||
[array, size_is(count)] out wstring certNameList);
|
||||
|
||||
/*
|
||||
* getCertsByType
|
||||
*
|
||||
* Obtain a list of certs from the database.
|
||||
*
|
||||
*/
|
||||
[notxpcom, noscript] boolean getCertsByType(in unsigned long aType,
|
||||
in nsCertCompareFunc aCertCmpFn,
|
||||
out nsISupportsArray certs);
|
||||
|
||||
/*
|
||||
* importCertificate
|
||||
*
|
||||
|
@ -148,19 +175,3 @@ interface nsIX509CertDB : nsISupports {
|
|||
|
||||
};
|
||||
|
||||
%{C++
|
||||
|
||||
#define NS_X509CERTDB_CID { /* da48b3c0-1284-11d5-ac67-000064657374 */ \
|
||||
0xda48b3c0, \
|
||||
0x1284, \
|
||||
0x11d5, \
|
||||
{0xac, 0x67, 0x00, 0x00, 0x64, 0x65, 0x73, 0x74} \
|
||||
}
|
||||
|
||||
#define NS_X509CERTDB_CONTRACTID "@mozilla.org/security/x509certdb;1"
|
||||
|
||||
|
||||
#define NS_CERTIFICATEMGR_DATASOURCE_CONTRACTID \
|
||||
"@mozilla.org/rdf/datasource;1?name=certificatemgr"
|
||||
|
||||
%}
|
||||
|
|
|
@ -30,6 +30,7 @@ SlotDescription=PSM Internal Cryptographic Services Version 4.0
|
|||
PrivateSlotDescription=PSM User Private Key and Certificate Services
|
||||
FipsSlotDescription=PSM Internal FIPS-140-1 Cryptographic Services
|
||||
FipsPrivateSlotDescription=PSM FIPS-140-1 User Private Key Services
|
||||
InternalToken=Software Security Module
|
||||
VerifySSLClient=SSL Client Certificate
|
||||
VerifySSLServer=SSL Server Certificate
|
||||
VerifySSLStepUp=SSL Server with Step-up
|
||||
|
@ -42,3 +43,24 @@ VerifyUserImport=User Import Cert
|
|||
VerifyCAVerifier=CA Verifier
|
||||
VerifyStatusResponder=Status Responder Certificate
|
||||
VerifyAnyCA=Any Certificate Authority
|
||||
VerifySSLClient_p=Client
|
||||
VerifySSLServer_p=Server
|
||||
VerifySSLStepUp_p=Step-up
|
||||
VerifySSLCA_p=SSL CA
|
||||
VerifyEmailSigner_p=Sign
|
||||
VerifyEmailRecip_p=Encrypt
|
||||
VerifyProtectObjSign_p=Protected Object Signer
|
||||
VerifyObjSign_p=Object Signer
|
||||
VerifyUserImport_p=User Import
|
||||
VerifyCAVerifier_p=CA Verifier
|
||||
VerifyStatusResponder_p=Status Responder
|
||||
VerifyAnyCA_p=CA
|
||||
VerifiedTrue=true
|
||||
VerifiedFalse=false
|
||||
PK11BadPassword=The token password entered was incorrect.
|
||||
SuccessfulP12Backup=Successfully backed up your security certificate(s) and private key(s).
|
||||
SuccessfulP12Restore=Successfully restored your security certificate(s) and private key(s).
|
||||
PKCS12PasswordInvalid=Could not decode PKCS#12 file. Perhaps the password you entered was incorrect?
|
||||
PKCS12DecodeErr=Failed to decode the file. Either it is not in PKCS#12 format, has been corrupted, or the password you entered was incorrect.
|
||||
PKCS12UnknownErrRestore=Failed to restore the PKCS#12 file for unknown reasons.
|
||||
PKCS12UnknownErrBackup=Failed to backup the PKCS#12 file for unknown reasons.
|
||||
|
|
|
@ -60,6 +60,7 @@ CPPSRCS = \
|
|||
nsPK11TokenDB.cpp \
|
||||
nsNSSCertificate.cpp \
|
||||
nsPKCS12Blob.cpp \
|
||||
nsCertOutliner.cpp \
|
||||
$(NULL)
|
||||
|
||||
REQUIRES = nspr security xpcom string necko uriloader pref caps dom intl locale profile windowwatcher js docshell widget layout gfx2
|
||||
|
|
|
@ -88,6 +88,7 @@ OBJS = \
|
|||
.\$(OBJDIR)\nsPK11TokenDB.obj \
|
||||
.\$(OBJDIR)\nsNSSCertificate.obj \
|
||||
.\$(OBJDIR)\nsPKCS12Blob.obj \
|
||||
.\$(OBJDIR)\nsCertOutliner.obj \
|
||||
$(NULL)
|
||||
|
||||
include <$(DEPTH)\config\rules.mak>
|
||||
|
|
|
@ -0,0 +1,644 @@
|
|||
/*
|
||||
* The contents of this file are subject to the Mozilla Public
|
||||
* License Version 1.1 (the "License"); you may not use this file
|
||||
* except in compliance with the License. You may obtain a copy of
|
||||
* the License at http://www.mozilla.org/MPL/
|
||||
*
|
||||
* Software distributed under the License is distributed on an "AS
|
||||
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
|
||||
* implied. See the License for the specific language governing
|
||||
* rights and limitations under the License.
|
||||
*
|
||||
* The Original Code is the Netscape security libraries.
|
||||
*
|
||||
* The Initial Developer of the Original Code is Netscape
|
||||
* Communications Corporation. Portions created by Netscape are
|
||||
* Copyright (C) 2000 Netscape Communications Corporation. All
|
||||
* Rights Reserved.
|
||||
*
|
||||
* Contributor(s):
|
||||
* Ian McGreer <mcgreer@netscape.com>
|
||||
*
|
||||
* Alternatively, the contents of this file may be used under the
|
||||
* terms of the GNU General Public License Version 2 or later (the
|
||||
* "GPL"), in which case the provisions of the GPL are applicable
|
||||
* instead of those above. If you wish to allow use of your
|
||||
* version of this file only under the terms of the GPL and not to
|
||||
* allow others to use your version of this file under the MPL,
|
||||
* indicate your decision by deleting the provisions above and
|
||||
* replace them with the notice and other provisions required by
|
||||
* the GPL. If you do not delete the provisions above, a recipient
|
||||
* may use your version of this file under either the MPL or the
|
||||
* GPL.
|
||||
*
|
||||
*/
|
||||
|
||||
#include "nsNSSComponent.h" // for PIPNSS string bundle calls.
|
||||
#include "nsCertOutliner.h"
|
||||
#include "nsIX509Cert.h"
|
||||
#include "nsIX509CertDB.h"
|
||||
#include "nsXPIDLString.h"
|
||||
|
||||
#include "prlog.h"
|
||||
#ifdef PR_LOGGING
|
||||
extern PRLogModuleInfo* gPIPNSSLog;
|
||||
#endif
|
||||
|
||||
static NS_DEFINE_CID(kNSSComponentCID, NS_NSSCOMPONENT_CID);
|
||||
|
||||
// outlinerArrayElStr
|
||||
//
|
||||
// structure used to hold map of outliner. Each thread (an organization
|
||||
// field from a cert) has an element in the array. The numChildren field
|
||||
// stores the number of certs corresponding to that thread.
|
||||
struct outlinerArrayElStr {
|
||||
PRUnichar *orgName; /* heading for thread */
|
||||
PRBool open; /* toggle open state for thread */
|
||||
PRInt32 certIndex; /* index into cert array for 1st cert */
|
||||
PRInt32 numChildren; /* number of chidren (certs) for thread */
|
||||
};
|
||||
|
||||
NS_IMPL_ISUPPORTS2(nsCertOutliner, nsICertOutliner, nsIOutlinerView)
|
||||
|
||||
nsCertOutliner::nsCertOutliner() : mOutlinerArray(NULL)
|
||||
{
|
||||
NS_INIT_ISUPPORTS();
|
||||
}
|
||||
|
||||
nsCertOutliner::~nsCertOutliner()
|
||||
{
|
||||
if (mOutlinerArray)
|
||||
nsMemory::Free(mOutlinerArray);
|
||||
}
|
||||
|
||||
void
|
||||
nsCertOutliner::FreeCertArray()
|
||||
{
|
||||
if (mCertArray) {
|
||||
PRUint32 count;
|
||||
nsresult rv = mCertArray->Count(&count);
|
||||
NS_ASSERTION(NS_SUCCEEDED(rv), "Count failed");
|
||||
PRInt32 i;
|
||||
for (i = count - 1; i >= 0; i--)
|
||||
mCertArray->RemoveElementAt(i);
|
||||
}
|
||||
mCertArray = nsnull;
|
||||
}
|
||||
|
||||
// CmpByToken
|
||||
//
|
||||
// Compare two certificate by their token name. Returns -1, 0, 1 as
|
||||
// in strcmp. No token name (null) is treated as <.
|
||||
PRInt32
|
||||
nsCertOutliner::CmpByToken(nsIX509Cert *a, nsIX509Cert *b)
|
||||
{
|
||||
PRInt32 cmp1;
|
||||
nsXPIDLString aTok, bTok;
|
||||
a->GetTokenName(getter_Copies(aTok));
|
||||
b->GetTokenName(getter_Copies(bTok));
|
||||
if (aTok != nsnull && bTok != nsnull) {
|
||||
nsAutoString aStr(aTok);
|
||||
cmp1 = aStr.CompareWithConversion(bTok);
|
||||
} else {
|
||||
cmp1 = (aTok == nsnull) ? -1 : 1;
|
||||
}
|
||||
return cmp1;
|
||||
}
|
||||
|
||||
// CmpByOrg
|
||||
//
|
||||
// Compare two certificates by their O= field. Returns -1, 0, 1 as
|
||||
// in strcmp. No organization (null) is treated as <.
|
||||
PRInt32
|
||||
nsCertOutliner::CmpByOrg(nsIX509Cert *a, nsIX509Cert *b)
|
||||
{
|
||||
PRInt32 cmp1;
|
||||
nsXPIDLString aOrg, bOrg;
|
||||
a->GetOrganization(getter_Copies(aOrg));
|
||||
b->GetOrganization(getter_Copies(bOrg));
|
||||
if (aOrg != nsnull && bOrg != nsnull) {
|
||||
nsAutoString aStr(aOrg);
|
||||
cmp1 = aStr.CompareWithConversion(bOrg);
|
||||
} else {
|
||||
cmp1 = (aOrg == nsnull) ? -1 : 1;
|
||||
}
|
||||
return cmp1;
|
||||
}
|
||||
|
||||
// CmpByName
|
||||
//
|
||||
// Compare two certificates by their CN= field. Returns -1, 0, 1 as
|
||||
// in strcmp. No common name (null) is treated as <.
|
||||
PRInt32
|
||||
nsCertOutliner::CmpByName(nsIX509Cert *a, nsIX509Cert *b)
|
||||
{
|
||||
PRInt32 cmp1;
|
||||
nsXPIDLString aName, bName;
|
||||
a->GetOrganization(getter_Copies(aName));
|
||||
b->GetOrganization(getter_Copies(bName));
|
||||
if (aName != nsnull && bName != nsnull) {
|
||||
nsAutoString aStr(aName);
|
||||
cmp1 = aStr.CompareWithConversion(bName);
|
||||
} else {
|
||||
cmp1 = (aName == nsnull) ? -1 : 1;
|
||||
}
|
||||
return cmp1;
|
||||
}
|
||||
|
||||
// CmpByTok_Org_Name
|
||||
//
|
||||
// Compare two certificates by token name, organization, and common name,
|
||||
// in that order. Used to sort cert list.
|
||||
PRInt32
|
||||
nsCertOutliner::CmpByTok_Org_Name(nsIX509Cert *a, nsIX509Cert *b)
|
||||
{
|
||||
PRInt32 cmp;
|
||||
cmp = CmpByToken(a, b);
|
||||
if (cmp != 0) return cmp;
|
||||
cmp = CmpByOrg(a, b);
|
||||
if (cmp != 0) return cmp;
|
||||
return CmpByName(a, b);
|
||||
}
|
||||
|
||||
// CountOrganizations
|
||||
//
|
||||
// Count the number of different organizations encountered in the cert
|
||||
// list. Note that the same organization of a different token is counted
|
||||
// seperately.
|
||||
PRInt32
|
||||
nsCertOutliner::CountOrganizations()
|
||||
{
|
||||
PRUint32 i, certCount;
|
||||
nsresult rv = mCertArray->Count(&certCount);
|
||||
if (NS_FAILED(rv)) return -1;
|
||||
if (certCount == 0) return 0;
|
||||
nsCOMPtr<nsISupports> isupport = dont_AddRef(mCertArray->ElementAt(0));
|
||||
nsCOMPtr<nsIX509Cert> orgCert = do_QueryInterface(isupport);
|
||||
nsCOMPtr<nsIX509Cert> nextCert = nsnull;
|
||||
PRInt32 orgCount = 1;
|
||||
for (i=1; i<certCount; i++) {
|
||||
isupport = dont_AddRef(mCertArray->ElementAt(i));
|
||||
nextCert = do_QueryInterface(isupport);
|
||||
if (!(CmpByToken(orgCert, nextCert) == 0 &&
|
||||
CmpByOrg(orgCert, nextCert) == 0)) {
|
||||
orgCert = nextCert;
|
||||
orgCount++;
|
||||
}
|
||||
}
|
||||
return orgCount;
|
||||
}
|
||||
|
||||
// GetThreadDescAtIndex
|
||||
//
|
||||
// If the row at index is an organization thread, return the collection
|
||||
// associated with that thread. Otherwise, return null.
|
||||
outlinerArrayEl *
|
||||
nsCertOutliner::GetThreadDescAtIndex(PRInt32 index)
|
||||
{
|
||||
int i, idx=0;
|
||||
if (index < 0) return nsnull;
|
||||
for (i=0; i<mNumOrgs; i++) {
|
||||
if (index == idx) {
|
||||
return &mOutlinerArray[i];
|
||||
}
|
||||
if (mOutlinerArray[i].open == PR_FALSE) {
|
||||
idx++;
|
||||
} else {
|
||||
idx += mOutlinerArray[i].numChildren + 1;
|
||||
}
|
||||
if (idx > index) break;
|
||||
}
|
||||
return nsnull;
|
||||
}
|
||||
|
||||
// GetCertAtIndex
|
||||
//
|
||||
// If the row at index is a cert, return that cert. Otherwise, return null.
|
||||
nsIX509Cert *
|
||||
nsCertOutliner::GetCertAtIndex(PRInt32 index)
|
||||
{
|
||||
int i, idx = 0, cIndex = 0, nc;
|
||||
nsIX509Cert *rawPtr = nsnull;
|
||||
if (index < 0) return nsnull;
|
||||
// Loop over the threads
|
||||
for (i=0; i<mNumOrgs; i++) {
|
||||
if (index == idx) return nsnull; // index is for thread
|
||||
idx++; // get past the thread
|
||||
nc = (mOutlinerArray[i].open) ? mOutlinerArray[i].numChildren : 0;
|
||||
if (index < idx + nc) { // cert is within range of this thread
|
||||
PRInt32 certIndex = cIndex + index - idx;
|
||||
nsCOMPtr<nsISupports> isupport =
|
||||
dont_AddRef(mCertArray->ElementAt(certIndex));
|
||||
nsCOMPtr<nsIX509Cert> cert = do_QueryInterface(isupport);
|
||||
rawPtr = cert;
|
||||
NS_ADDREF(rawPtr);
|
||||
break;
|
||||
}
|
||||
if (mOutlinerArray[i].open)
|
||||
idx += mOutlinerArray[i].numChildren;
|
||||
cIndex += mOutlinerArray[i].numChildren;
|
||||
if (idx > index) break;
|
||||
}
|
||||
return rawPtr;
|
||||
}
|
||||
|
||||
// LoadCerts
|
||||
//
|
||||
// Load all of the certificates in the DB for this type. Sort them
|
||||
// by token, organization, then common name.
|
||||
NS_IMETHODIMP
|
||||
nsCertOutliner::LoadCerts(const PRUint32 aType)
|
||||
{
|
||||
nsresult rv;
|
||||
PRBool rowsChanged = PR_FALSE;
|
||||
PRInt32 numChanged = 0;
|
||||
if (mOutlinerArray) {
|
||||
FreeCertArray();
|
||||
nsMemory::Free(mOutlinerArray);
|
||||
mOutlinerArray = NULL;
|
||||
rowsChanged = PR_TRUE;
|
||||
numChanged = mNumRows;
|
||||
mNumRows = 0;
|
||||
}
|
||||
nsCOMPtr<nsIX509CertDB> certdb = do_GetService(NS_X509CERTDB_CONTRACTID);
|
||||
if (certdb == nsnull) return NS_ERROR_FAILURE;
|
||||
rv = certdb->GetCertsByType(aType,
|
||||
CmpByTok_Org_Name,
|
||||
getter_AddRefs(mCertArray));
|
||||
if (NS_FAILED(rv)) return rv;
|
||||
PRUint32 count;
|
||||
rv = mCertArray->Count(&count);
|
||||
if (NS_FAILED(rv)) return rv;
|
||||
mNumOrgs = CountOrganizations();
|
||||
mOutlinerArray = (outlinerArrayEl *)nsMemory::Alloc(
|
||||
sizeof(outlinerArrayEl) * mNumOrgs);
|
||||
PRUint32 j = 0;
|
||||
nsCOMPtr<nsISupports> isupport = dont_AddRef(mCertArray->ElementAt(j));
|
||||
nsCOMPtr<nsIX509Cert> orgCert = do_QueryInterface(isupport);
|
||||
for (PRInt32 i=0; i<mNumOrgs; i++) {
|
||||
orgCert->GetOrganization(&mOutlinerArray[i].orgName);
|
||||
mOutlinerArray[i].open = PR_TRUE;
|
||||
mOutlinerArray[i].certIndex = j;
|
||||
mOutlinerArray[i].numChildren = 1;
|
||||
if (++j >= count) break;
|
||||
isupport = dont_AddRef(mCertArray->ElementAt(j));
|
||||
nsCOMPtr<nsIX509Cert> nextCert = do_QueryInterface(isupport);
|
||||
while (CmpByOrg(orgCert, nextCert) == 0) {
|
||||
mOutlinerArray[i].numChildren++;
|
||||
if (++j >= count) break;
|
||||
isupport = dont_AddRef(mCertArray->ElementAt(j));
|
||||
nextCert = do_QueryInterface(isupport);
|
||||
}
|
||||
orgCert = nextCert;
|
||||
}
|
||||
mNumRows = count + mNumOrgs;
|
||||
if (rowsChanged) {
|
||||
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("[%d,%d]", mNumRows, numChanged));
|
||||
numChanged = mNumRows - numChanged;
|
||||
if (mOutliner) mOutliner->RowCountChanged(0, numChanged);
|
||||
}
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
//////////////////////////////////////////////////////////////////////////////
|
||||
//
|
||||
// Begin nsIOutlinerView methods
|
||||
//
|
||||
/////////////////////////////////////////////////////////////////////////////
|
||||
|
||||
/* nsIX509Cert getCert(in unsigned long index); */
|
||||
NS_IMETHODIMP
|
||||
nsCertOutliner::GetCert(const PRUint32 aIndex, nsIX509Cert **_cert)
|
||||
{
|
||||
NS_ENSURE_ARG(_cert);
|
||||
*_cert = GetCertAtIndex(aIndex);
|
||||
//nsCOMPtr<nsIX509Cert> cert = GetCertAtIndex(aIndex);
|
||||
//if (cert) {
|
||||
//*_cert = cert;
|
||||
//NS_ADDREF(*_cert);
|
||||
//}
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/* readonly attribute long rowCount; */
|
||||
NS_IMETHODIMP
|
||||
nsCertOutliner::GetRowCount(PRInt32 *aRowCount)
|
||||
{
|
||||
PRUint32 count = 0;
|
||||
for (PRInt32 i=0; i<mNumOrgs; i++) {
|
||||
if (mOutlinerArray[i].open == PR_TRUE) {
|
||||
count += mOutlinerArray[i].numChildren + 1;
|
||||
} else {
|
||||
count++;
|
||||
}
|
||||
}
|
||||
*aRowCount = count;
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/* attribute nsIOutlinerSelection selection; */
|
||||
NS_IMETHODIMP
|
||||
nsCertOutliner::GetSelection(nsIOutlinerSelection * *aSelection)
|
||||
{
|
||||
*aSelection = mSelection;
|
||||
NS_IF_ADDREF(*aSelection);
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsCertOutliner::SetSelection(nsIOutlinerSelection * aSelection)
|
||||
{
|
||||
mSelection = aSelection;
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/* void getRowProperties (in long index, in nsISupportsArray properties); */
|
||||
NS_IMETHODIMP
|
||||
nsCertOutliner::GetRowProperties(PRInt32 index, nsISupportsArray *properties)
|
||||
{
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/* void getCellProperties (in long row, in wstring colID,
|
||||
* in nsISupportsArray properties);
|
||||
*/
|
||||
NS_IMETHODIMP
|
||||
nsCertOutliner::GetCellProperties(PRInt32 row, const PRUnichar *colID,
|
||||
nsISupportsArray *properties)
|
||||
{
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/* void getColumnProperties (in wstring colID,
|
||||
* in nsIDOMElement colElt,
|
||||
* in nsISupportsArray properties);
|
||||
*/
|
||||
NS_IMETHODIMP
|
||||
nsCertOutliner::GetColumnProperties(const PRUnichar *colID,
|
||||
nsIDOMElement *colElt,
|
||||
nsISupportsArray *properties)
|
||||
{
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/* boolean isContainer (in long index); */
|
||||
NS_IMETHODIMP
|
||||
nsCertOutliner::IsContainer(PRInt32 index, PRBool *_retval)
|
||||
{
|
||||
outlinerArrayEl *el = GetThreadDescAtIndex(index);
|
||||
if (el) {
|
||||
*_retval = PR_TRUE;
|
||||
} else {
|
||||
*_retval = PR_FALSE;
|
||||
}
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/* boolean isContainerOpen (in long index); */
|
||||
NS_IMETHODIMP
|
||||
nsCertOutliner::IsContainerOpen(PRInt32 index, PRBool *_retval)
|
||||
{
|
||||
outlinerArrayEl *el = GetThreadDescAtIndex(index);
|
||||
if (el && el->open == PR_TRUE) {
|
||||
*_retval = PR_TRUE;
|
||||
} else {
|
||||
*_retval = PR_FALSE;
|
||||
}
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/* boolean isContainerEmpty (in long index); */
|
||||
NS_IMETHODIMP
|
||||
nsCertOutliner::IsContainerEmpty(PRInt32 index, PRBool *_retval)
|
||||
{
|
||||
*_retval = PR_FALSE;
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/* long getParentIndex (in long rowIndex); */
|
||||
NS_IMETHODIMP
|
||||
nsCertOutliner::GetParentIndex(PRInt32 rowIndex, PRInt32 *_retval)
|
||||
{
|
||||
int i, idx = 0;
|
||||
for (i=0; i<mNumOrgs; i++) {
|
||||
if (rowIndex == idx) break; // index is for thread
|
||||
if (rowIndex < idx + mOutlinerArray[i].numChildren + 1) {
|
||||
*_retval = idx;
|
||||
return NS_OK;
|
||||
}
|
||||
idx += mOutlinerArray[i].numChildren + 1;
|
||||
if (idx > rowIndex) break;
|
||||
}
|
||||
*_retval = -1;
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/* boolean hasNextSibling (in long rowIndex, in long afterIndex); */
|
||||
NS_IMETHODIMP
|
||||
nsCertOutliner::HasNextSibling(PRInt32 rowIndex, PRInt32 afterIndex,
|
||||
PRBool *_retval)
|
||||
{
|
||||
*_retval = PR_FALSE;
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/* long getLevel (in long index); */
|
||||
NS_IMETHODIMP
|
||||
nsCertOutliner::GetLevel(PRInt32 index, PRInt32 *_retval)
|
||||
{
|
||||
outlinerArrayEl *el = GetThreadDescAtIndex(index);
|
||||
if (el) {
|
||||
*_retval = 0;
|
||||
} else {
|
||||
*_retval = 1;
|
||||
}
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/* wstring getCellText (in long row, in wstring colID); */
|
||||
NS_IMETHODIMP
|
||||
nsCertOutliner::GetCellText(PRInt32 row, const PRUnichar *colID,
|
||||
PRUnichar **_retval)
|
||||
{
|
||||
nsresult rv;
|
||||
char *col = NS_CONST_CAST(char *, NS_ConvertUCS2toUTF8(colID).get());
|
||||
outlinerArrayEl *el = GetThreadDescAtIndex(row);
|
||||
if (el != nsnull) {
|
||||
if (strcmp(col, "certcol") == 0) {
|
||||
nsAutoString oName(el->orgName);
|
||||
*_retval = oName.ToNewUnicode();
|
||||
} else {
|
||||
*_retval = nsnull;
|
||||
}
|
||||
return NS_OK;
|
||||
}
|
||||
nsCOMPtr<nsIX509Cert> cert = GetCertAtIndex(row);
|
||||
if (cert == nsnull) return NS_ERROR_FAILURE;
|
||||
char *str = NULL;
|
||||
PRUnichar *wstr = NULL;
|
||||
if (strcmp(col, "certcol") == 0) {
|
||||
rv = cert->GetCommonName(&wstr);
|
||||
if (NS_FAILED(rv) || !wstr) {
|
||||
// can this be fixed to not do copying?
|
||||
PRUnichar *tmp = nsnull;
|
||||
rv = cert->GetNickname(&tmp);
|
||||
nsAutoString nick(tmp);
|
||||
char *tmps = nick.ToNewCString();
|
||||
char *mark = strchr(tmps, ':');
|
||||
if (mark) {
|
||||
str = PL_strdup(mark + 1);
|
||||
} else {
|
||||
wstr = nick.ToNewUnicode();
|
||||
}
|
||||
nsMemory::Free(tmp);
|
||||
nsMemory::Free(tmps);
|
||||
}
|
||||
} else if (strcmp(col, "tokencol") == 0) {
|
||||
rv = cert->GetTokenName(&wstr);
|
||||
} else if (strcmp(col, "verifiedcol") == 0) {
|
||||
PRUint32 verified;
|
||||
nsCOMPtr<nsINSSComponent> nssComponent(
|
||||
do_GetService(kNSSComponentCID, &rv));
|
||||
if (NS_FAILED(rv)) return rv;
|
||||
rv = cert->GetPurposes(&verified, NULL);
|
||||
if (verified == nsIX509Cert::VERIFIED_OK) {
|
||||
nsAutoString vfy;
|
||||
rv = nssComponent->GetPIPNSSBundleString(
|
||||
NS_LITERAL_STRING("VerifiedTrue").get(), vfy);
|
||||
if (!NS_FAILED(rv))
|
||||
wstr = vfy.ToNewUnicode();
|
||||
} else {
|
||||
nsAutoString vfy;
|
||||
rv = nssComponent->GetPIPNSSBundleString(
|
||||
NS_LITERAL_STRING("VerifiedFalse").get(), vfy);
|
||||
if (!NS_FAILED(rv))
|
||||
wstr = vfy.ToNewUnicode();
|
||||
}
|
||||
} else if (strcmp(col, "purposecol") == 0) {
|
||||
PRUint32 verified;
|
||||
rv = cert->GetPurposes(&verified, &wstr);
|
||||
} else if (strcmp(col, "issuedcol") == 0) {
|
||||
rv = cert->GetIssuedDate(&wstr);
|
||||
} else if (strcmp(col, "expiredcol") == 0) {
|
||||
rv = cert->GetExpiresDate(&wstr);
|
||||
} else if (strcmp(col, "certdbkeycol") == 0) {
|
||||
rv = cert->GetDbKey(&str);
|
||||
} else {
|
||||
return NS_ERROR_FAILURE;
|
||||
}
|
||||
if (str) {
|
||||
nsAutoString astr = NS_ConvertASCIItoUCS2(str);
|
||||
wstr = astr.ToNewUnicode();
|
||||
}
|
||||
*_retval = wstr;
|
||||
return rv;
|
||||
}
|
||||
|
||||
/* void setOutliner (in nsIOutlinerBoxObject outliner); */
|
||||
NS_IMETHODIMP
|
||||
nsCertOutliner::SetOutliner(nsIOutlinerBoxObject *outliner)
|
||||
{
|
||||
mOutliner = outliner;
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/* void toggleOpenState (in long index); */
|
||||
NS_IMETHODIMP
|
||||
nsCertOutliner::ToggleOpenState(PRInt32 index)
|
||||
{
|
||||
outlinerArrayEl *el = GetThreadDescAtIndex(index);
|
||||
if (el) el->open = !el->open;
|
||||
PRInt32 fac = (el->open) ? 1 : -1;
|
||||
if (mOutliner) mOutliner->RowCountChanged(index, fac * el->numChildren);
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/* void cycleHeader (in wstring colID, in nsIDOMElement elt); */
|
||||
NS_IMETHODIMP
|
||||
nsCertOutliner::CycleHeader(const PRUnichar *colID, nsIDOMElement *elt)
|
||||
{
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/* void selectionChanged (); */
|
||||
NS_IMETHODIMP
|
||||
nsCertOutliner::SelectionChanged()
|
||||
{
|
||||
return NS_ERROR_NOT_IMPLEMENTED;
|
||||
}
|
||||
|
||||
/* void cycleCell (in long row, in wstring colID); */
|
||||
NS_IMETHODIMP
|
||||
nsCertOutliner::CycleCell(PRInt32 row, const PRUnichar *colID)
|
||||
{
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/* boolean isEditable (in long row, in wstring colID); */
|
||||
NS_IMETHODIMP
|
||||
nsCertOutliner::IsEditable(PRInt32 row, const PRUnichar *colID, PRBool *_retval)
|
||||
{
|
||||
*_retval = PR_FALSE;
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/* void setCellText (in long row, in wstring colID, in wstring value); */
|
||||
NS_IMETHODIMP
|
||||
nsCertOutliner::SetCellText(PRInt32 row, const PRUnichar *colID,
|
||||
const PRUnichar *value)
|
||||
{
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/* void performAction (in wstring action); */
|
||||
NS_IMETHODIMP
|
||||
nsCertOutliner::PerformAction(const PRUnichar *action)
|
||||
{
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/* void performActionOnRow (in wstring action, in long row); */
|
||||
NS_IMETHODIMP
|
||||
nsCertOutliner::PerformActionOnRow(const PRUnichar *action, PRInt32 row)
|
||||
{
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/* void performActionOnCell (in wstring action, in long row,
|
||||
* in wstring colID);
|
||||
*/
|
||||
NS_IMETHODIMP
|
||||
nsCertOutliner::PerformActionOnCell(const PRUnichar *action, PRInt32 row,
|
||||
const PRUnichar *colID)
|
||||
{
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
#ifdef DEBUG_CERT_OUTLINER
|
||||
void
|
||||
nsCertOutliner::dumpMap()
|
||||
{
|
||||
for (int i=0; i<mNumOrgs; i++) {
|
||||
nsAutoString org(mOutlinerArray[i].orgName);
|
||||
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("ORG[%s]", org.ToNewCString()));
|
||||
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("OPEN[%d]", mOutlinerArray[i].open));
|
||||
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("INDEX[%d]", mOutlinerArray[i].certIndex));
|
||||
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("NCHILD[%d]", mOutlinerArray[i].numChildren));
|
||||
}
|
||||
for (int i=0; i<mNumRows; i++) {
|
||||
outlinerArrayEl *el = GetThreadDescAtIndex(i);
|
||||
if (el != nsnull) {
|
||||
nsAutoString td(el->orgName);
|
||||
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("thread desc[%d]: %s",i,td.ToNewCString()));
|
||||
}
|
||||
nsCOMPtr<nsIX509Cert> ct = GetCertAtIndex(i);
|
||||
if (ct != nsnull) {
|
||||
PRUnichar *goo;
|
||||
ct->GetCommonName(&goo);
|
||||
nsAutoString doo(goo);
|
||||
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("cert [%d]: %s",i,doo.ToNewCString()));
|
||||
}
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
|
@ -0,0 +1,86 @@
|
|||
/*
|
||||
* The contents of this file are subject to the Mozilla Public
|
||||
* License Version 1.1 (the "License"); you may not use this file
|
||||
* except in compliance with the License. You may obtain a copy of
|
||||
* the License at http://www.mozilla.org/MPL/
|
||||
*
|
||||
* Software distributed under the License is distributed on an "AS
|
||||
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
|
||||
* implied. See the License for the specific language governing
|
||||
* rights and limitations under the License.
|
||||
*
|
||||
* The Original Code is the Netscape security libraries.
|
||||
*
|
||||
* The Initial Developer of the Original Code is Netscape
|
||||
* Communications Corporation. Portions created by Netscape are
|
||||
* Copyright (C) 2000 Netscape Communications Corporation. All
|
||||
* Rights Reserved.
|
||||
*
|
||||
* Contributor(s):
|
||||
* Ian McGreer <mcgreer@netscape.com>
|
||||
*
|
||||
* Alternatively, the contents of this file may be used under the
|
||||
* terms of the GNU General Public License Version 2 or later (the
|
||||
* "GPL"), in which case the provisions of the GPL are applicable
|
||||
* instead of those above. If you wish to allow use of your
|
||||
* version of this file only under the terms of the GPL and not to
|
||||
* allow others to use your version of this file under the MPL,
|
||||
* indicate your decision by deleting the provisions above and
|
||||
* replace them with the notice and other provisions required by
|
||||
* the GPL. If you do not delete the provisions above, a recipient
|
||||
* may use your version of this file under either the MPL or the
|
||||
* GPL.
|
||||
*
|
||||
*/
|
||||
|
||||
#ifndef _NS_CERTOUTLINER_H_
|
||||
#define _NS_CERTOUTLINER_H_
|
||||
|
||||
#include "nsCOMPtr.h"
|
||||
#include "nsIServiceManager.h"
|
||||
#include "nsICertOutliner.h"
|
||||
#include "nsIOutlinerView.h"
|
||||
#include "nsIOutlinerBoxObject.h"
|
||||
#include "nsIOutlinerSelection.h"
|
||||
#include "nsISupportsArray.h"
|
||||
|
||||
typedef struct outlinerArrayElStr outlinerArrayEl;
|
||||
|
||||
class nsCertOutliner : public nsICertOutliner
|
||||
{
|
||||
public:
|
||||
NS_DECL_ISUPPORTS
|
||||
NS_DECL_NSICERTOUTLINER
|
||||
NS_DECL_NSIOUTLINERVIEW
|
||||
|
||||
nsCertOutliner();
|
||||
virtual ~nsCertOutliner();
|
||||
|
||||
protected:
|
||||
static PRInt32 CmpByToken(nsIX509Cert *a, nsIX509Cert *b);
|
||||
static PRInt32 CmpByOrg(nsIX509Cert *a, nsIX509Cert *b);
|
||||
static PRInt32 CmpByName(nsIX509Cert *a, nsIX509Cert *b);
|
||||
static PRInt32 CmpByTok_Org_Name(nsIX509Cert *a, nsIX509Cert *b);
|
||||
PRInt32 CountOrganizations();
|
||||
|
||||
private:
|
||||
nsCOMPtr<nsISupportsArray> mCertArray;
|
||||
nsCOMPtr<nsIOutlinerBoxObject> mOutliner;
|
||||
nsCOMPtr<nsIOutlinerSelection> mSelection;
|
||||
outlinerArrayEl *mOutlinerArray;
|
||||
PRInt32 mNumOrgs;
|
||||
PRInt32 mNumRows;
|
||||
|
||||
outlinerArrayEl *GetThreadDescAtIndex(PRInt32 _index);
|
||||
nsIX509Cert *GetCertAtIndex(PRInt32 _index);
|
||||
|
||||
void FreeCertArray();
|
||||
|
||||
#ifdef DEBUG_CERT_OUTLINER
|
||||
/* for debugging purposes */
|
||||
void dumpMap();
|
||||
#endif
|
||||
};
|
||||
|
||||
#endif /* _NS_CERTOUTLINER_H_ */
|
||||
|
|
@ -0,0 +1,644 @@
|
|||
/*
|
||||
* The contents of this file are subject to the Mozilla Public
|
||||
* License Version 1.1 (the "License"); you may not use this file
|
||||
* except in compliance with the License. You may obtain a copy of
|
||||
* the License at http://www.mozilla.org/MPL/
|
||||
*
|
||||
* Software distributed under the License is distributed on an "AS
|
||||
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
|
||||
* implied. See the License for the specific language governing
|
||||
* rights and limitations under the License.
|
||||
*
|
||||
* The Original Code is the Netscape security libraries.
|
||||
*
|
||||
* The Initial Developer of the Original Code is Netscape
|
||||
* Communications Corporation. Portions created by Netscape are
|
||||
* Copyright (C) 2000 Netscape Communications Corporation. All
|
||||
* Rights Reserved.
|
||||
*
|
||||
* Contributor(s):
|
||||
* Ian McGreer <mcgreer@netscape.com>
|
||||
*
|
||||
* Alternatively, the contents of this file may be used under the
|
||||
* terms of the GNU General Public License Version 2 or later (the
|
||||
* "GPL"), in which case the provisions of the GPL are applicable
|
||||
* instead of those above. If you wish to allow use of your
|
||||
* version of this file only under the terms of the GPL and not to
|
||||
* allow others to use your version of this file under the MPL,
|
||||
* indicate your decision by deleting the provisions above and
|
||||
* replace them with the notice and other provisions required by
|
||||
* the GPL. If you do not delete the provisions above, a recipient
|
||||
* may use your version of this file under either the MPL or the
|
||||
* GPL.
|
||||
*
|
||||
*/
|
||||
|
||||
#include "nsNSSComponent.h" // for PIPNSS string bundle calls.
|
||||
#include "nsCertOutliner.h"
|
||||
#include "nsIX509Cert.h"
|
||||
#include "nsIX509CertDB.h"
|
||||
#include "nsXPIDLString.h"
|
||||
|
||||
#include "prlog.h"
|
||||
#ifdef PR_LOGGING
|
||||
extern PRLogModuleInfo* gPIPNSSLog;
|
||||
#endif
|
||||
|
||||
static NS_DEFINE_CID(kNSSComponentCID, NS_NSSCOMPONENT_CID);
|
||||
|
||||
// outlinerArrayElStr
|
||||
//
|
||||
// structure used to hold map of outliner. Each thread (an organization
|
||||
// field from a cert) has an element in the array. The numChildren field
|
||||
// stores the number of certs corresponding to that thread.
|
||||
struct outlinerArrayElStr {
|
||||
PRUnichar *orgName; /* heading for thread */
|
||||
PRBool open; /* toggle open state for thread */
|
||||
PRInt32 certIndex; /* index into cert array for 1st cert */
|
||||
PRInt32 numChildren; /* number of chidren (certs) for thread */
|
||||
};
|
||||
|
||||
NS_IMPL_ISUPPORTS2(nsCertOutliner, nsICertOutliner, nsIOutlinerView)
|
||||
|
||||
nsCertOutliner::nsCertOutliner() : mOutlinerArray(NULL)
|
||||
{
|
||||
NS_INIT_ISUPPORTS();
|
||||
}
|
||||
|
||||
nsCertOutliner::~nsCertOutliner()
|
||||
{
|
||||
if (mOutlinerArray)
|
||||
nsMemory::Free(mOutlinerArray);
|
||||
}
|
||||
|
||||
void
|
||||
nsCertOutliner::FreeCertArray()
|
||||
{
|
||||
if (mCertArray) {
|
||||
PRUint32 count;
|
||||
nsresult rv = mCertArray->Count(&count);
|
||||
NS_ASSERTION(NS_SUCCEEDED(rv), "Count failed");
|
||||
PRInt32 i;
|
||||
for (i = count - 1; i >= 0; i--)
|
||||
mCertArray->RemoveElementAt(i);
|
||||
}
|
||||
mCertArray = nsnull;
|
||||
}
|
||||
|
||||
// CmpByToken
|
||||
//
|
||||
// Compare two certificate by their token name. Returns -1, 0, 1 as
|
||||
// in strcmp. No token name (null) is treated as <.
|
||||
PRInt32
|
||||
nsCertOutliner::CmpByToken(nsIX509Cert *a, nsIX509Cert *b)
|
||||
{
|
||||
PRInt32 cmp1;
|
||||
nsXPIDLString aTok, bTok;
|
||||
a->GetTokenName(getter_Copies(aTok));
|
||||
b->GetTokenName(getter_Copies(bTok));
|
||||
if (aTok != nsnull && bTok != nsnull) {
|
||||
nsAutoString aStr(aTok);
|
||||
cmp1 = aStr.CompareWithConversion(bTok);
|
||||
} else {
|
||||
cmp1 = (aTok == nsnull) ? -1 : 1;
|
||||
}
|
||||
return cmp1;
|
||||
}
|
||||
|
||||
// CmpByOrg
|
||||
//
|
||||
// Compare two certificates by their O= field. Returns -1, 0, 1 as
|
||||
// in strcmp. No organization (null) is treated as <.
|
||||
PRInt32
|
||||
nsCertOutliner::CmpByOrg(nsIX509Cert *a, nsIX509Cert *b)
|
||||
{
|
||||
PRInt32 cmp1;
|
||||
nsXPIDLString aOrg, bOrg;
|
||||
a->GetOrganization(getter_Copies(aOrg));
|
||||
b->GetOrganization(getter_Copies(bOrg));
|
||||
if (aOrg != nsnull && bOrg != nsnull) {
|
||||
nsAutoString aStr(aOrg);
|
||||
cmp1 = aStr.CompareWithConversion(bOrg);
|
||||
} else {
|
||||
cmp1 = (aOrg == nsnull) ? -1 : 1;
|
||||
}
|
||||
return cmp1;
|
||||
}
|
||||
|
||||
// CmpByName
|
||||
//
|
||||
// Compare two certificates by their CN= field. Returns -1, 0, 1 as
|
||||
// in strcmp. No common name (null) is treated as <.
|
||||
PRInt32
|
||||
nsCertOutliner::CmpByName(nsIX509Cert *a, nsIX509Cert *b)
|
||||
{
|
||||
PRInt32 cmp1;
|
||||
nsXPIDLString aName, bName;
|
||||
a->GetOrganization(getter_Copies(aName));
|
||||
b->GetOrganization(getter_Copies(bName));
|
||||
if (aName != nsnull && bName != nsnull) {
|
||||
nsAutoString aStr(aName);
|
||||
cmp1 = aStr.CompareWithConversion(bName);
|
||||
} else {
|
||||
cmp1 = (aName == nsnull) ? -1 : 1;
|
||||
}
|
||||
return cmp1;
|
||||
}
|
||||
|
||||
// CmpByTok_Org_Name
|
||||
//
|
||||
// Compare two certificates by token name, organization, and common name,
|
||||
// in that order. Used to sort cert list.
|
||||
PRInt32
|
||||
nsCertOutliner::CmpByTok_Org_Name(nsIX509Cert *a, nsIX509Cert *b)
|
||||
{
|
||||
PRInt32 cmp;
|
||||
cmp = CmpByToken(a, b);
|
||||
if (cmp != 0) return cmp;
|
||||
cmp = CmpByOrg(a, b);
|
||||
if (cmp != 0) return cmp;
|
||||
return CmpByName(a, b);
|
||||
}
|
||||
|
||||
// CountOrganizations
|
||||
//
|
||||
// Count the number of different organizations encountered in the cert
|
||||
// list. Note that the same organization of a different token is counted
|
||||
// seperately.
|
||||
PRInt32
|
||||
nsCertOutliner::CountOrganizations()
|
||||
{
|
||||
PRUint32 i, certCount;
|
||||
nsresult rv = mCertArray->Count(&certCount);
|
||||
if (NS_FAILED(rv)) return -1;
|
||||
if (certCount == 0) return 0;
|
||||
nsCOMPtr<nsISupports> isupport = dont_AddRef(mCertArray->ElementAt(0));
|
||||
nsCOMPtr<nsIX509Cert> orgCert = do_QueryInterface(isupport);
|
||||
nsCOMPtr<nsIX509Cert> nextCert = nsnull;
|
||||
PRInt32 orgCount = 1;
|
||||
for (i=1; i<certCount; i++) {
|
||||
isupport = dont_AddRef(mCertArray->ElementAt(i));
|
||||
nextCert = do_QueryInterface(isupport);
|
||||
if (!(CmpByToken(orgCert, nextCert) == 0 &&
|
||||
CmpByOrg(orgCert, nextCert) == 0)) {
|
||||
orgCert = nextCert;
|
||||
orgCount++;
|
||||
}
|
||||
}
|
||||
return orgCount;
|
||||
}
|
||||
|
||||
// GetThreadDescAtIndex
|
||||
//
|
||||
// If the row at index is an organization thread, return the collection
|
||||
// associated with that thread. Otherwise, return null.
|
||||
outlinerArrayEl *
|
||||
nsCertOutliner::GetThreadDescAtIndex(PRInt32 index)
|
||||
{
|
||||
int i, idx=0;
|
||||
if (index < 0) return nsnull;
|
||||
for (i=0; i<mNumOrgs; i++) {
|
||||
if (index == idx) {
|
||||
return &mOutlinerArray[i];
|
||||
}
|
||||
if (mOutlinerArray[i].open == PR_FALSE) {
|
||||
idx++;
|
||||
} else {
|
||||
idx += mOutlinerArray[i].numChildren + 1;
|
||||
}
|
||||
if (idx > index) break;
|
||||
}
|
||||
return nsnull;
|
||||
}
|
||||
|
||||
// GetCertAtIndex
|
||||
//
|
||||
// If the row at index is a cert, return that cert. Otherwise, return null.
|
||||
nsIX509Cert *
|
||||
nsCertOutliner::GetCertAtIndex(PRInt32 index)
|
||||
{
|
||||
int i, idx = 0, cIndex = 0, nc;
|
||||
nsIX509Cert *rawPtr = nsnull;
|
||||
if (index < 0) return nsnull;
|
||||
// Loop over the threads
|
||||
for (i=0; i<mNumOrgs; i++) {
|
||||
if (index == idx) return nsnull; // index is for thread
|
||||
idx++; // get past the thread
|
||||
nc = (mOutlinerArray[i].open) ? mOutlinerArray[i].numChildren : 0;
|
||||
if (index < idx + nc) { // cert is within range of this thread
|
||||
PRInt32 certIndex = cIndex + index - idx;
|
||||
nsCOMPtr<nsISupports> isupport =
|
||||
dont_AddRef(mCertArray->ElementAt(certIndex));
|
||||
nsCOMPtr<nsIX509Cert> cert = do_QueryInterface(isupport);
|
||||
rawPtr = cert;
|
||||
NS_ADDREF(rawPtr);
|
||||
break;
|
||||
}
|
||||
if (mOutlinerArray[i].open)
|
||||
idx += mOutlinerArray[i].numChildren;
|
||||
cIndex += mOutlinerArray[i].numChildren;
|
||||
if (idx > index) break;
|
||||
}
|
||||
return rawPtr;
|
||||
}
|
||||
|
||||
// LoadCerts
|
||||
//
|
||||
// Load all of the certificates in the DB for this type. Sort them
|
||||
// by token, organization, then common name.
|
||||
NS_IMETHODIMP
|
||||
nsCertOutliner::LoadCerts(const PRUint32 aType)
|
||||
{
|
||||
nsresult rv;
|
||||
PRBool rowsChanged = PR_FALSE;
|
||||
PRInt32 numChanged = 0;
|
||||
if (mOutlinerArray) {
|
||||
FreeCertArray();
|
||||
nsMemory::Free(mOutlinerArray);
|
||||
mOutlinerArray = NULL;
|
||||
rowsChanged = PR_TRUE;
|
||||
numChanged = mNumRows;
|
||||
mNumRows = 0;
|
||||
}
|
||||
nsCOMPtr<nsIX509CertDB> certdb = do_GetService(NS_X509CERTDB_CONTRACTID);
|
||||
if (certdb == nsnull) return NS_ERROR_FAILURE;
|
||||
rv = certdb->GetCertsByType(aType,
|
||||
CmpByTok_Org_Name,
|
||||
getter_AddRefs(mCertArray));
|
||||
if (NS_FAILED(rv)) return rv;
|
||||
PRUint32 count;
|
||||
rv = mCertArray->Count(&count);
|
||||
if (NS_FAILED(rv)) return rv;
|
||||
mNumOrgs = CountOrganizations();
|
||||
mOutlinerArray = (outlinerArrayEl *)nsMemory::Alloc(
|
||||
sizeof(outlinerArrayEl) * mNumOrgs);
|
||||
PRUint32 j = 0;
|
||||
nsCOMPtr<nsISupports> isupport = dont_AddRef(mCertArray->ElementAt(j));
|
||||
nsCOMPtr<nsIX509Cert> orgCert = do_QueryInterface(isupport);
|
||||
for (PRInt32 i=0; i<mNumOrgs; i++) {
|
||||
orgCert->GetOrganization(&mOutlinerArray[i].orgName);
|
||||
mOutlinerArray[i].open = PR_TRUE;
|
||||
mOutlinerArray[i].certIndex = j;
|
||||
mOutlinerArray[i].numChildren = 1;
|
||||
if (++j >= count) break;
|
||||
isupport = dont_AddRef(mCertArray->ElementAt(j));
|
||||
nsCOMPtr<nsIX509Cert> nextCert = do_QueryInterface(isupport);
|
||||
while (CmpByOrg(orgCert, nextCert) == 0) {
|
||||
mOutlinerArray[i].numChildren++;
|
||||
if (++j >= count) break;
|
||||
isupport = dont_AddRef(mCertArray->ElementAt(j));
|
||||
nextCert = do_QueryInterface(isupport);
|
||||
}
|
||||
orgCert = nextCert;
|
||||
}
|
||||
mNumRows = count + mNumOrgs;
|
||||
if (rowsChanged) {
|
||||
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("[%d,%d]", mNumRows, numChanged));
|
||||
numChanged = mNumRows - numChanged;
|
||||
if (mOutliner) mOutliner->RowCountChanged(0, numChanged);
|
||||
}
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
//////////////////////////////////////////////////////////////////////////////
|
||||
//
|
||||
// Begin nsIOutlinerView methods
|
||||
//
|
||||
/////////////////////////////////////////////////////////////////////////////
|
||||
|
||||
/* nsIX509Cert getCert(in unsigned long index); */
|
||||
NS_IMETHODIMP
|
||||
nsCertOutliner::GetCert(const PRUint32 aIndex, nsIX509Cert **_cert)
|
||||
{
|
||||
NS_ENSURE_ARG(_cert);
|
||||
*_cert = GetCertAtIndex(aIndex);
|
||||
//nsCOMPtr<nsIX509Cert> cert = GetCertAtIndex(aIndex);
|
||||
//if (cert) {
|
||||
//*_cert = cert;
|
||||
//NS_ADDREF(*_cert);
|
||||
//}
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/* readonly attribute long rowCount; */
|
||||
NS_IMETHODIMP
|
||||
nsCertOutliner::GetRowCount(PRInt32 *aRowCount)
|
||||
{
|
||||
PRUint32 count = 0;
|
||||
for (PRInt32 i=0; i<mNumOrgs; i++) {
|
||||
if (mOutlinerArray[i].open == PR_TRUE) {
|
||||
count += mOutlinerArray[i].numChildren + 1;
|
||||
} else {
|
||||
count++;
|
||||
}
|
||||
}
|
||||
*aRowCount = count;
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/* attribute nsIOutlinerSelection selection; */
|
||||
NS_IMETHODIMP
|
||||
nsCertOutliner::GetSelection(nsIOutlinerSelection * *aSelection)
|
||||
{
|
||||
*aSelection = mSelection;
|
||||
NS_IF_ADDREF(*aSelection);
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsCertOutliner::SetSelection(nsIOutlinerSelection * aSelection)
|
||||
{
|
||||
mSelection = aSelection;
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/* void getRowProperties (in long index, in nsISupportsArray properties); */
|
||||
NS_IMETHODIMP
|
||||
nsCertOutliner::GetRowProperties(PRInt32 index, nsISupportsArray *properties)
|
||||
{
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/* void getCellProperties (in long row, in wstring colID,
|
||||
* in nsISupportsArray properties);
|
||||
*/
|
||||
NS_IMETHODIMP
|
||||
nsCertOutliner::GetCellProperties(PRInt32 row, const PRUnichar *colID,
|
||||
nsISupportsArray *properties)
|
||||
{
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/* void getColumnProperties (in wstring colID,
|
||||
* in nsIDOMElement colElt,
|
||||
* in nsISupportsArray properties);
|
||||
*/
|
||||
NS_IMETHODIMP
|
||||
nsCertOutliner::GetColumnProperties(const PRUnichar *colID,
|
||||
nsIDOMElement *colElt,
|
||||
nsISupportsArray *properties)
|
||||
{
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/* boolean isContainer (in long index); */
|
||||
NS_IMETHODIMP
|
||||
nsCertOutliner::IsContainer(PRInt32 index, PRBool *_retval)
|
||||
{
|
||||
outlinerArrayEl *el = GetThreadDescAtIndex(index);
|
||||
if (el) {
|
||||
*_retval = PR_TRUE;
|
||||
} else {
|
||||
*_retval = PR_FALSE;
|
||||
}
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/* boolean isContainerOpen (in long index); */
|
||||
NS_IMETHODIMP
|
||||
nsCertOutliner::IsContainerOpen(PRInt32 index, PRBool *_retval)
|
||||
{
|
||||
outlinerArrayEl *el = GetThreadDescAtIndex(index);
|
||||
if (el && el->open == PR_TRUE) {
|
||||
*_retval = PR_TRUE;
|
||||
} else {
|
||||
*_retval = PR_FALSE;
|
||||
}
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/* boolean isContainerEmpty (in long index); */
|
||||
NS_IMETHODIMP
|
||||
nsCertOutliner::IsContainerEmpty(PRInt32 index, PRBool *_retval)
|
||||
{
|
||||
*_retval = PR_FALSE;
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/* long getParentIndex (in long rowIndex); */
|
||||
NS_IMETHODIMP
|
||||
nsCertOutliner::GetParentIndex(PRInt32 rowIndex, PRInt32 *_retval)
|
||||
{
|
||||
int i, idx = 0;
|
||||
for (i=0; i<mNumOrgs; i++) {
|
||||
if (rowIndex == idx) break; // index is for thread
|
||||
if (rowIndex < idx + mOutlinerArray[i].numChildren + 1) {
|
||||
*_retval = idx;
|
||||
return NS_OK;
|
||||
}
|
||||
idx += mOutlinerArray[i].numChildren + 1;
|
||||
if (idx > rowIndex) break;
|
||||
}
|
||||
*_retval = -1;
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/* boolean hasNextSibling (in long rowIndex, in long afterIndex); */
|
||||
NS_IMETHODIMP
|
||||
nsCertOutliner::HasNextSibling(PRInt32 rowIndex, PRInt32 afterIndex,
|
||||
PRBool *_retval)
|
||||
{
|
||||
*_retval = PR_FALSE;
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/* long getLevel (in long index); */
|
||||
NS_IMETHODIMP
|
||||
nsCertOutliner::GetLevel(PRInt32 index, PRInt32 *_retval)
|
||||
{
|
||||
outlinerArrayEl *el = GetThreadDescAtIndex(index);
|
||||
if (el) {
|
||||
*_retval = 0;
|
||||
} else {
|
||||
*_retval = 1;
|
||||
}
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/* wstring getCellText (in long row, in wstring colID); */
|
||||
NS_IMETHODIMP
|
||||
nsCertOutliner::GetCellText(PRInt32 row, const PRUnichar *colID,
|
||||
PRUnichar **_retval)
|
||||
{
|
||||
nsresult rv;
|
||||
char *col = NS_CONST_CAST(char *, NS_ConvertUCS2toUTF8(colID).get());
|
||||
outlinerArrayEl *el = GetThreadDescAtIndex(row);
|
||||
if (el != nsnull) {
|
||||
if (strcmp(col, "certcol") == 0) {
|
||||
nsAutoString oName(el->orgName);
|
||||
*_retval = oName.ToNewUnicode();
|
||||
} else {
|
||||
*_retval = nsnull;
|
||||
}
|
||||
return NS_OK;
|
||||
}
|
||||
nsCOMPtr<nsIX509Cert> cert = GetCertAtIndex(row);
|
||||
if (cert == nsnull) return NS_ERROR_FAILURE;
|
||||
char *str = NULL;
|
||||
PRUnichar *wstr = NULL;
|
||||
if (strcmp(col, "certcol") == 0) {
|
||||
rv = cert->GetCommonName(&wstr);
|
||||
if (NS_FAILED(rv) || !wstr) {
|
||||
// can this be fixed to not do copying?
|
||||
PRUnichar *tmp = nsnull;
|
||||
rv = cert->GetNickname(&tmp);
|
||||
nsAutoString nick(tmp);
|
||||
char *tmps = nick.ToNewCString();
|
||||
char *mark = strchr(tmps, ':');
|
||||
if (mark) {
|
||||
str = PL_strdup(mark + 1);
|
||||
} else {
|
||||
wstr = nick.ToNewUnicode();
|
||||
}
|
||||
nsMemory::Free(tmp);
|
||||
nsMemory::Free(tmps);
|
||||
}
|
||||
} else if (strcmp(col, "tokencol") == 0) {
|
||||
rv = cert->GetTokenName(&wstr);
|
||||
} else if (strcmp(col, "verifiedcol") == 0) {
|
||||
PRUint32 verified;
|
||||
nsCOMPtr<nsINSSComponent> nssComponent(
|
||||
do_GetService(kNSSComponentCID, &rv));
|
||||
if (NS_FAILED(rv)) return rv;
|
||||
rv = cert->GetPurposes(&verified, NULL);
|
||||
if (verified == nsIX509Cert::VERIFIED_OK) {
|
||||
nsAutoString vfy;
|
||||
rv = nssComponent->GetPIPNSSBundleString(
|
||||
NS_LITERAL_STRING("VerifiedTrue").get(), vfy);
|
||||
if (!NS_FAILED(rv))
|
||||
wstr = vfy.ToNewUnicode();
|
||||
} else {
|
||||
nsAutoString vfy;
|
||||
rv = nssComponent->GetPIPNSSBundleString(
|
||||
NS_LITERAL_STRING("VerifiedFalse").get(), vfy);
|
||||
if (!NS_FAILED(rv))
|
||||
wstr = vfy.ToNewUnicode();
|
||||
}
|
||||
} else if (strcmp(col, "purposecol") == 0) {
|
||||
PRUint32 verified;
|
||||
rv = cert->GetPurposes(&verified, &wstr);
|
||||
} else if (strcmp(col, "issuedcol") == 0) {
|
||||
rv = cert->GetIssuedDate(&wstr);
|
||||
} else if (strcmp(col, "expiredcol") == 0) {
|
||||
rv = cert->GetExpiresDate(&wstr);
|
||||
} else if (strcmp(col, "certdbkeycol") == 0) {
|
||||
rv = cert->GetDbKey(&str);
|
||||
} else {
|
||||
return NS_ERROR_FAILURE;
|
||||
}
|
||||
if (str) {
|
||||
nsAutoString astr = NS_ConvertASCIItoUCS2(str);
|
||||
wstr = astr.ToNewUnicode();
|
||||
}
|
||||
*_retval = wstr;
|
||||
return rv;
|
||||
}
|
||||
|
||||
/* void setOutliner (in nsIOutlinerBoxObject outliner); */
|
||||
NS_IMETHODIMP
|
||||
nsCertOutliner::SetOutliner(nsIOutlinerBoxObject *outliner)
|
||||
{
|
||||
mOutliner = outliner;
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/* void toggleOpenState (in long index); */
|
||||
NS_IMETHODIMP
|
||||
nsCertOutliner::ToggleOpenState(PRInt32 index)
|
||||
{
|
||||
outlinerArrayEl *el = GetThreadDescAtIndex(index);
|
||||
if (el) el->open = !el->open;
|
||||
PRInt32 fac = (el->open) ? 1 : -1;
|
||||
if (mOutliner) mOutliner->RowCountChanged(index, fac * el->numChildren);
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/* void cycleHeader (in wstring colID, in nsIDOMElement elt); */
|
||||
NS_IMETHODIMP
|
||||
nsCertOutliner::CycleHeader(const PRUnichar *colID, nsIDOMElement *elt)
|
||||
{
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/* void selectionChanged (); */
|
||||
NS_IMETHODIMP
|
||||
nsCertOutliner::SelectionChanged()
|
||||
{
|
||||
return NS_ERROR_NOT_IMPLEMENTED;
|
||||
}
|
||||
|
||||
/* void cycleCell (in long row, in wstring colID); */
|
||||
NS_IMETHODIMP
|
||||
nsCertOutliner::CycleCell(PRInt32 row, const PRUnichar *colID)
|
||||
{
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/* boolean isEditable (in long row, in wstring colID); */
|
||||
NS_IMETHODIMP
|
||||
nsCertOutliner::IsEditable(PRInt32 row, const PRUnichar *colID, PRBool *_retval)
|
||||
{
|
||||
*_retval = PR_FALSE;
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/* void setCellText (in long row, in wstring colID, in wstring value); */
|
||||
NS_IMETHODIMP
|
||||
nsCertOutliner::SetCellText(PRInt32 row, const PRUnichar *colID,
|
||||
const PRUnichar *value)
|
||||
{
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/* void performAction (in wstring action); */
|
||||
NS_IMETHODIMP
|
||||
nsCertOutliner::PerformAction(const PRUnichar *action)
|
||||
{
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/* void performActionOnRow (in wstring action, in long row); */
|
||||
NS_IMETHODIMP
|
||||
nsCertOutliner::PerformActionOnRow(const PRUnichar *action, PRInt32 row)
|
||||
{
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/* void performActionOnCell (in wstring action, in long row,
|
||||
* in wstring colID);
|
||||
*/
|
||||
NS_IMETHODIMP
|
||||
nsCertOutliner::PerformActionOnCell(const PRUnichar *action, PRInt32 row,
|
||||
const PRUnichar *colID)
|
||||
{
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
#ifdef DEBUG_CERT_OUTLINER
|
||||
void
|
||||
nsCertOutliner::dumpMap()
|
||||
{
|
||||
for (int i=0; i<mNumOrgs; i++) {
|
||||
nsAutoString org(mOutlinerArray[i].orgName);
|
||||
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("ORG[%s]", org.ToNewCString()));
|
||||
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("OPEN[%d]", mOutlinerArray[i].open));
|
||||
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("INDEX[%d]", mOutlinerArray[i].certIndex));
|
||||
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("NCHILD[%d]", mOutlinerArray[i].numChildren));
|
||||
}
|
||||
for (int i=0; i<mNumRows; i++) {
|
||||
outlinerArrayEl *el = GetThreadDescAtIndex(i);
|
||||
if (el != nsnull) {
|
||||
nsAutoString td(el->orgName);
|
||||
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("thread desc[%d]: %s",i,td.ToNewCString()));
|
||||
}
|
||||
nsCOMPtr<nsIX509Cert> ct = GetCertAtIndex(i);
|
||||
if (ct != nsnull) {
|
||||
PRUnichar *goo;
|
||||
ct->GetCommonName(&goo);
|
||||
nsAutoString doo(goo);
|
||||
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("cert [%d]: %s",i,doo.ToNewCString()));
|
||||
}
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
|
@ -0,0 +1,86 @@
|
|||
/*
|
||||
* The contents of this file are subject to the Mozilla Public
|
||||
* License Version 1.1 (the "License"); you may not use this file
|
||||
* except in compliance with the License. You may obtain a copy of
|
||||
* the License at http://www.mozilla.org/MPL/
|
||||
*
|
||||
* Software distributed under the License is distributed on an "AS
|
||||
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
|
||||
* implied. See the License for the specific language governing
|
||||
* rights and limitations under the License.
|
||||
*
|
||||
* The Original Code is the Netscape security libraries.
|
||||
*
|
||||
* The Initial Developer of the Original Code is Netscape
|
||||
* Communications Corporation. Portions created by Netscape are
|
||||
* Copyright (C) 2000 Netscape Communications Corporation. All
|
||||
* Rights Reserved.
|
||||
*
|
||||
* Contributor(s):
|
||||
* Ian McGreer <mcgreer@netscape.com>
|
||||
*
|
||||
* Alternatively, the contents of this file may be used under the
|
||||
* terms of the GNU General Public License Version 2 or later (the
|
||||
* "GPL"), in which case the provisions of the GPL are applicable
|
||||
* instead of those above. If you wish to allow use of your
|
||||
* version of this file only under the terms of the GPL and not to
|
||||
* allow others to use your version of this file under the MPL,
|
||||
* indicate your decision by deleting the provisions above and
|
||||
* replace them with the notice and other provisions required by
|
||||
* the GPL. If you do not delete the provisions above, a recipient
|
||||
* may use your version of this file under either the MPL or the
|
||||
* GPL.
|
||||
*
|
||||
*/
|
||||
|
||||
#ifndef _NS_CERTOUTLINER_H_
|
||||
#define _NS_CERTOUTLINER_H_
|
||||
|
||||
#include "nsCOMPtr.h"
|
||||
#include "nsIServiceManager.h"
|
||||
#include "nsICertOutliner.h"
|
||||
#include "nsIOutlinerView.h"
|
||||
#include "nsIOutlinerBoxObject.h"
|
||||
#include "nsIOutlinerSelection.h"
|
||||
#include "nsISupportsArray.h"
|
||||
|
||||
typedef struct outlinerArrayElStr outlinerArrayEl;
|
||||
|
||||
class nsCertOutliner : public nsICertOutliner
|
||||
{
|
||||
public:
|
||||
NS_DECL_ISUPPORTS
|
||||
NS_DECL_NSICERTOUTLINER
|
||||
NS_DECL_NSIOUTLINERVIEW
|
||||
|
||||
nsCertOutliner();
|
||||
virtual ~nsCertOutliner();
|
||||
|
||||
protected:
|
||||
static PRInt32 CmpByToken(nsIX509Cert *a, nsIX509Cert *b);
|
||||
static PRInt32 CmpByOrg(nsIX509Cert *a, nsIX509Cert *b);
|
||||
static PRInt32 CmpByName(nsIX509Cert *a, nsIX509Cert *b);
|
||||
static PRInt32 CmpByTok_Org_Name(nsIX509Cert *a, nsIX509Cert *b);
|
||||
PRInt32 CountOrganizations();
|
||||
|
||||
private:
|
||||
nsCOMPtr<nsISupportsArray> mCertArray;
|
||||
nsCOMPtr<nsIOutlinerBoxObject> mOutliner;
|
||||
nsCOMPtr<nsIOutlinerSelection> mSelection;
|
||||
outlinerArrayEl *mOutlinerArray;
|
||||
PRInt32 mNumOrgs;
|
||||
PRInt32 mNumRows;
|
||||
|
||||
outlinerArrayEl *GetThreadDescAtIndex(PRInt32 _index);
|
||||
nsIX509Cert *GetCertAtIndex(PRInt32 _index);
|
||||
|
||||
void FreeCertArray();
|
||||
|
||||
#ifdef DEBUG_CERT_OUTLINER
|
||||
/* for debugging purposes */
|
||||
void dumpMap();
|
||||
#endif
|
||||
};
|
||||
|
||||
#endif /* _NS_CERTOUTLINER_H_ */
|
||||
|
|
@ -32,7 +32,7 @@
|
|||
* may use your version of this file under either the MPL or the
|
||||
* GPL.
|
||||
*
|
||||
* $Id: nsNSSCertificate.cpp,v 1.15 2001-03-30 19:54:57 mcgreer%netscape.com Exp $
|
||||
* $Id: nsNSSCertificate.cpp,v 1.16 2001-05-01 23:23:20 mcgreer%netscape.com Exp $
|
||||
*/
|
||||
|
||||
#include "prmem.h"
|
||||
|
@ -47,6 +47,9 @@
|
|||
#include "nsIX509Cert.h"
|
||||
#include "nsINSSDialogs.h"
|
||||
#include "nsString.h"
|
||||
#include "nsILocaleService.h"
|
||||
#include "nsIDateTimeFormat.h"
|
||||
#include "nsDateTimeFormatCID.h"
|
||||
|
||||
#include "pk11func.h"
|
||||
#include "certdb.h"
|
||||
|
@ -59,6 +62,8 @@ extern PRLogModuleInfo* gPIPNSSLog;
|
|||
#endif
|
||||
|
||||
static NS_DEFINE_CID(kNSSComponentCID, NS_NSSCOMPONENT_CID);
|
||||
static NS_DEFINE_CID(kDateTimeFormatCID, NS_DATETIMEFORMAT_CID);
|
||||
static NS_DEFINE_CID(kLocaleServiceCID, NS_LOCALESERVICE_CID);
|
||||
|
||||
/*
|
||||
* nsNSSCertTrust
|
||||
|
@ -731,6 +736,75 @@ nsNSSCertificate::GetMd5Fingerprint(PRUnichar **_md5Fingerprint)
|
|||
return NS_ERROR_FAILURE;
|
||||
}
|
||||
|
||||
/* readonly attribute wstring issuedDate; */
|
||||
NS_IMETHODIMP
|
||||
nsNSSCertificate::GetIssuedDate(PRUnichar **_issuedDate)
|
||||
{
|
||||
nsresult rv;
|
||||
PRTime beforeTime;
|
||||
nsCOMPtr<nsIX509CertValidity> validity;
|
||||
rv = this->GetValidity(getter_AddRefs(validity));
|
||||
if (NS_FAILED(rv)) return rv;
|
||||
rv = validity->GetNotBefore(&beforeTime);
|
||||
if (NS_FAILED(rv)) return rv;
|
||||
nsCOMPtr<nsIDateTimeFormat> dateFormatter =
|
||||
do_CreateInstance(kDateTimeFormatCID, &rv);
|
||||
if (NS_FAILED(rv)) return rv;
|
||||
nsAutoString date;
|
||||
dateFormatter->FormatPRTime(nsnull, kDateFormatShort, kTimeFormatNone,
|
||||
beforeTime, date);
|
||||
*_issuedDate = date.ToNewUnicode();
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/* readonly attribute wstring expiresDate; */
|
||||
NS_IMETHODIMP
|
||||
nsNSSCertificate::GetExpiresDate(PRUnichar **_expiresDate)
|
||||
{
|
||||
nsresult rv;
|
||||
PRTime afterTime;
|
||||
nsCOMPtr<nsIX509CertValidity> validity;
|
||||
rv = this->GetValidity(getter_AddRefs(validity));
|
||||
if (NS_FAILED(rv)) return rv;
|
||||
rv = validity->GetNotAfter(&afterTime);
|
||||
if (NS_FAILED(rv)) return rv;
|
||||
nsCOMPtr<nsIDateTimeFormat> dateFormatter =
|
||||
do_CreateInstance(kDateTimeFormatCID, &rv);
|
||||
if (NS_FAILED(rv)) return rv;
|
||||
nsAutoString date;
|
||||
dateFormatter->FormatPRTime(nsnull, kDateFormatShort, kTimeFormatNone,
|
||||
afterTime, date);
|
||||
*_expiresDate = date.ToNewUnicode();
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsNSSCertificate::GetTokenName(PRUnichar **aTokenName)
|
||||
{
|
||||
NS_ENSURE_ARG(aTokenName);
|
||||
*aTokenName = nsnull;
|
||||
if (mCert) {
|
||||
if (mCert->slot) {
|
||||
char *token = PK11_GetTokenName(mCert->slot);
|
||||
if (token) {
|
||||
nsAutoString tok = NS_ConvertASCIItoUCS2(token);
|
||||
*aTokenName = tok.ToNewUnicode();
|
||||
}
|
||||
} else {
|
||||
nsresult rv;
|
||||
nsAutoString tok;
|
||||
nsCOMPtr<nsINSSComponent> nssComponent(
|
||||
do_GetService(kNSSComponentCID, &rv));
|
||||
if (NS_FAILED(rv)) return rv;
|
||||
rv = nssComponent->GetPIPNSSBundleString(
|
||||
NS_LITERAL_STRING("InternalToken").get(), tok);
|
||||
if (!NS_FAILED(rv))
|
||||
*aTokenName = tok.ToNewUnicode();
|
||||
}
|
||||
}
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/* [noscript] long getRawDER (out charPtr result) */
|
||||
NS_IMETHODIMP
|
||||
nsNSSCertificate::GetRawDER(char **result, PRUint32 *_retval)
|
||||
|
@ -795,6 +869,139 @@ nsNSSCertificate::verifyFailed(PRUint32 *_verified)
|
|||
return PR_TRUE;
|
||||
}
|
||||
|
||||
nsresult
|
||||
nsNSSCertificate::GetUsageArray(char *suffix,
|
||||
PRUint32 *_verified,
|
||||
PRUint32 *_count,
|
||||
PRUnichar **tmpUsages)
|
||||
{
|
||||
nsresult rv;
|
||||
int tmpCount = 0;
|
||||
CERTCertDBHandle *defaultcertdb = CERT_GetDefaultCertDB();
|
||||
nsCOMPtr<nsINSSComponent> nssComponent(do_GetService(kNSSComponentCID, &rv));
|
||||
if (NS_FAILED(rv)) return rv;
|
||||
if (CERT_VerifyCertNow(defaultcertdb, mCert, PR_TRUE,
|
||||
certUsageSSLClient, NULL) == SECSuccess) {
|
||||
// add client to usage
|
||||
nsAutoString verifyDesc;
|
||||
nsAutoString typestr(NS_LITERAL_STRING("VerifySSLClient").get());
|
||||
typestr.AppendWithConversion(suffix);
|
||||
rv = nssComponent->GetPIPNSSBundleString(typestr.GetUnicode(), verifyDesc);
|
||||
tmpUsages[tmpCount++] = verifyDesc.ToNewUnicode();
|
||||
} else if (verifyFailed(_verified)) goto verify_failed;
|
||||
if (CERT_VerifyCertNow(defaultcertdb, mCert, PR_TRUE,
|
||||
certUsageSSLServer, NULL) == SECSuccess) {
|
||||
// add server to usage
|
||||
nsAutoString verifyDesc;
|
||||
nsAutoString typestr(NS_LITERAL_STRING("VerifySSLServer").get());
|
||||
typestr.AppendWithConversion(suffix);
|
||||
rv = nssComponent->GetPIPNSSBundleString(typestr.GetUnicode(), verifyDesc);
|
||||
tmpUsages[tmpCount++] = verifyDesc.ToNewUnicode();
|
||||
} else if (verifyFailed(_verified)) goto verify_failed;
|
||||
if (CERT_VerifyCertNow(defaultcertdb, mCert, PR_TRUE,
|
||||
certUsageSSLServerWithStepUp, NULL) == SECSuccess) {
|
||||
// add stepup to usage
|
||||
nsAutoString verifyDesc;
|
||||
nsAutoString typestr(NS_LITERAL_STRING("VerifySSLStepUp").get());
|
||||
typestr.AppendWithConversion(suffix);
|
||||
rv = nssComponent->GetPIPNSSBundleString(typestr.GetUnicode(), verifyDesc);
|
||||
tmpUsages[tmpCount++] = verifyDesc.ToNewUnicode();
|
||||
} else if (verifyFailed(_verified)) goto verify_failed;
|
||||
if (CERT_VerifyCertNow(defaultcertdb, mCert, PR_TRUE,
|
||||
certUsageEmailSigner, NULL) == SECSuccess) {
|
||||
// add signer to usage
|
||||
nsAutoString verifyDesc;
|
||||
nsAutoString typestr(NS_LITERAL_STRING("VerifyEmailSigner").get());
|
||||
typestr.AppendWithConversion(suffix);
|
||||
rv = nssComponent->GetPIPNSSBundleString(typestr.GetUnicode(), verifyDesc);
|
||||
tmpUsages[tmpCount++] = verifyDesc.ToNewUnicode();
|
||||
} else if (verifyFailed(_verified)) goto verify_failed;
|
||||
if (CERT_VerifyCertNow(defaultcertdb, mCert, PR_TRUE,
|
||||
certUsageEmailRecipient, NULL) == SECSuccess) {
|
||||
// add recipient to usage
|
||||
nsAutoString verifyDesc;
|
||||
nsAutoString typestr(NS_LITERAL_STRING("VerifyEmailRecip").get());
|
||||
typestr.AppendWithConversion(suffix);
|
||||
rv = nssComponent->GetPIPNSSBundleString(typestr.GetUnicode(), verifyDesc);
|
||||
tmpUsages[tmpCount++] = verifyDesc.ToNewUnicode();
|
||||
} else if (verifyFailed(_verified)) goto verify_failed;
|
||||
if (CERT_VerifyCertNow(defaultcertdb, mCert, PR_TRUE,
|
||||
certUsageObjectSigner, NULL) == SECSuccess) {
|
||||
// add objsigner to usage
|
||||
nsAutoString verifyDesc;
|
||||
nsAutoString typestr(NS_LITERAL_STRING("VerifyObjSign").get());
|
||||
typestr.AppendWithConversion(suffix);
|
||||
rv = nssComponent->GetPIPNSSBundleString(typestr.GetUnicode(), verifyDesc);
|
||||
tmpUsages[tmpCount++] = verifyDesc.ToNewUnicode();
|
||||
} else if (verifyFailed(_verified)) goto verify_failed;
|
||||
#if 0
|
||||
if (CERT_VerifyCertNow(defaultcertdb, mCert, PR_TRUE,
|
||||
certUsageProtectedObjectSigner, NULL) == SECSuccess) {
|
||||
// add protected objsigner to usage
|
||||
nsAutoString verifyDesc;
|
||||
nsAutoString typestr(NS_LITERAL_STRING("VerifyProtectObjSign").get());
|
||||
typestr.AppendWithConversion(suffix);
|
||||
rv = nssComponent->GetPIPNSSBundleString(typestr.GetUnicode(), verifyDesc);
|
||||
tmpUsages[tmpCount++] = verifyDesc.ToNewUnicode();
|
||||
} else if (verifyFailed(_verified)) goto verify_failed;
|
||||
if (CERT_VerifyCertNow(defaultcertdb, mCert, PR_TRUE,
|
||||
certUsageUserCertImport, NULL) == SECSuccess) {
|
||||
// add user import to usage
|
||||
nsAutoString verifyDesc;
|
||||
nsAutoString typestr(NS_LITERAL_STRING("VerifyUserImport").get());
|
||||
typestr.AppendWithConversion(suffix);
|
||||
rv = nssComponent->GetPIPNSSBundleString(typestr.GetUnicode(), verifyDesc);
|
||||
tmpUsages[tmpCount++] = verifyDesc.ToNewUnicode();
|
||||
} else if (verifyFailed(_verified)) goto verify_failed;
|
||||
#endif
|
||||
if (CERT_VerifyCertNow(defaultcertdb, mCert, PR_TRUE,
|
||||
certUsageSSLCA, NULL) == SECSuccess) {
|
||||
// add SSL CA to usage
|
||||
nsAutoString verifyDesc;
|
||||
nsAutoString typestr(NS_LITERAL_STRING("VerifySSLCA").get());
|
||||
typestr.AppendWithConversion(suffix);
|
||||
rv = nssComponent->GetPIPNSSBundleString(typestr.GetUnicode(), verifyDesc);
|
||||
tmpUsages[tmpCount++] = verifyDesc.ToNewUnicode();
|
||||
} else if (verifyFailed(_verified)) goto verify_failed;
|
||||
#if 0
|
||||
if (CERT_VerifyCertNow(defaultcertdb, mCert, PR_TRUE,
|
||||
certUsageVerifyCA, NULL) == SECSuccess) {
|
||||
// add verify CA to usage
|
||||
nsAutoString verifyDesc;
|
||||
nsAutoString typestr(NS_LITERAL_STRING("VerifyCAVerifier").get());
|
||||
typestr.AppendWithConversion(suffix);
|
||||
rv = nssComponent->GetPIPNSSBundleString(typestr.GetUnicode(), verifyDesc);
|
||||
tmpUsages[tmpCount++] = verifyDesc.ToNewUnicode();
|
||||
} else if (verifyFailed(_verified)) goto verify_failed;
|
||||
#endif
|
||||
if (CERT_VerifyCertNow(defaultcertdb, mCert, PR_TRUE,
|
||||
certUsageStatusResponder, NULL) == SECSuccess) {
|
||||
// add status responder to usage
|
||||
nsAutoString verifyDesc;
|
||||
nsAutoString typestr(NS_LITERAL_STRING("VerifyStatusResponder").get());
|
||||
typestr.AppendWithConversion(suffix);
|
||||
rv = nssComponent->GetPIPNSSBundleString(typestr.GetUnicode(), verifyDesc);
|
||||
tmpUsages[tmpCount++] = verifyDesc.ToNewUnicode();
|
||||
} else if (verifyFailed(_verified)) goto verify_failed;
|
||||
#if 0
|
||||
if (CERT_VerifyCertNow(defaultcertdb, mCert, PR_TRUE,
|
||||
certUsageAnyCA, NULL) == SECSuccess) {
|
||||
// add any CA to usage
|
||||
nsAutoString verifyDesc;
|
||||
nsAutoString typestr(NS_LITERAL_STRING("VerifyAnyCA").get());
|
||||
typestr.AppendWithConversion(suffix);
|
||||
rv = nssComponent->GetPIPNSSBundleString(typestr.GetUnicode(), verifyDesc);
|
||||
tmpUsages[tmpCount++] = verifyDesc.ToNewUnicode();
|
||||
} else if (verifyFailed(_verified)) goto verify_failed;
|
||||
#endif
|
||||
*_count = tmpCount;
|
||||
*_verified = nsNSSCertificate::VERIFIED_OK;
|
||||
return NS_OK;
|
||||
verify_failed:
|
||||
*_count = 0;
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/*
|
||||
* void getUsages(out PRUint32 verified,
|
||||
* out PRUint32 count,
|
||||
|
@ -806,140 +1013,45 @@ nsNSSCertificate::GetUsages(PRUint32 *_verified,
|
|||
PRUnichar ***_usages)
|
||||
{
|
||||
nsresult rv;
|
||||
PRUnichar *tmpUsages[6];
|
||||
int tmpCount = 0;
|
||||
CERTCertDBHandle *defaultcertdb = CERT_GetDefaultCertDB();
|
||||
nsCOMPtr<nsINSSComponent> nssComponent(do_GetService(kNSSComponentCID, &rv));
|
||||
if (NS_FAILED(rv)) return rv;
|
||||
if (CERT_VerifyCertNow(defaultcertdb, mCert, PR_TRUE,
|
||||
certUsageSSLClient, NULL) == SECSuccess) {
|
||||
// add client to usage
|
||||
nsAutoString verifyDesc;
|
||||
rv = nssComponent->GetPIPNSSBundleString(
|
||||
NS_LITERAL_STRING("VerifySSLClient").get(),
|
||||
verifyDesc);
|
||||
tmpUsages[tmpCount++] = verifyDesc.ToNewUnicode();
|
||||
} else if (verifyFailed(_verified)) goto verify_failed;
|
||||
if (CERT_VerifyCertNow(defaultcertdb, mCert, PR_TRUE,
|
||||
certUsageSSLServer, NULL) == SECSuccess) {
|
||||
// add server to usage
|
||||
nsAutoString verifyDesc;
|
||||
rv = nssComponent->GetPIPNSSBundleString(
|
||||
NS_LITERAL_STRING("VerifySSLServer").get(),
|
||||
verifyDesc);
|
||||
tmpUsages[tmpCount++] = verifyDesc.ToNewUnicode();
|
||||
} else if (verifyFailed(_verified)) goto verify_failed;
|
||||
if (CERT_VerifyCertNow(defaultcertdb, mCert, PR_TRUE,
|
||||
certUsageSSLServerWithStepUp, NULL) == SECSuccess) {
|
||||
// add stepup to usage
|
||||
nsAutoString verifyDesc;
|
||||
rv = nssComponent->GetPIPNSSBundleString(
|
||||
NS_LITERAL_STRING("VerifySSLStepUp").get(),
|
||||
verifyDesc);
|
||||
tmpUsages[tmpCount++] = verifyDesc.ToNewUnicode();
|
||||
} else if (verifyFailed(_verified)) goto verify_failed;
|
||||
if (CERT_VerifyCertNow(defaultcertdb, mCert, PR_TRUE,
|
||||
certUsageEmailSigner, NULL) == SECSuccess) {
|
||||
// add signer to usage
|
||||
nsAutoString verifyDesc;
|
||||
rv = nssComponent->GetPIPNSSBundleString(
|
||||
NS_LITERAL_STRING("VerifyEmailSigner").get(),
|
||||
verifyDesc);
|
||||
tmpUsages[tmpCount++] = verifyDesc.ToNewUnicode();
|
||||
} else if (verifyFailed(_verified)) goto verify_failed;
|
||||
if (CERT_VerifyCertNow(defaultcertdb, mCert, PR_TRUE,
|
||||
certUsageEmailRecipient, NULL) == SECSuccess) {
|
||||
// add recipient to usage
|
||||
nsAutoString verifyDesc;
|
||||
rv = nssComponent->GetPIPNSSBundleString(
|
||||
NS_LITERAL_STRING("VerifyEmailRecip").get(),
|
||||
verifyDesc);
|
||||
tmpUsages[tmpCount++] = verifyDesc.ToNewUnicode();
|
||||
} else if (verifyFailed(_verified)) goto verify_failed;
|
||||
if (CERT_VerifyCertNow(defaultcertdb, mCert, PR_TRUE,
|
||||
certUsageObjectSigner, NULL) == SECSuccess) {
|
||||
// add objsigner to usage
|
||||
nsAutoString verifyDesc;
|
||||
rv = nssComponent->GetPIPNSSBundleString(
|
||||
NS_LITERAL_STRING("VerifyObjSign").get(),
|
||||
verifyDesc);
|
||||
tmpUsages[tmpCount++] = verifyDesc.ToNewUnicode();
|
||||
} else if (verifyFailed(_verified)) goto verify_failed;
|
||||
#if 0
|
||||
if (CERT_VerifyCertNow(defaultcertdb, mCert, PR_TRUE,
|
||||
certUsageProtectedObjectSigner, NULL) == SECSuccess) {
|
||||
// add protected objsigner to usage
|
||||
nsAutoString verifyDesc;
|
||||
rv = nssComponent->GetPIPNSSBundleString(
|
||||
NS_LITERAL_STRING("VerifyProtectObjSign").get(),
|
||||
verifyDesc);
|
||||
tmpUsages[tmpCount++] = verifyDesc.ToNewUnicode();
|
||||
} else if (verifyFailed(_verified)) goto verify_failed;
|
||||
if (CERT_VerifyCertNow(defaultcertdb, mCert, PR_TRUE,
|
||||
certUsageUserCertImport, NULL) == SECSuccess) {
|
||||
// add user import to usage
|
||||
nsAutoString verifyDesc;
|
||||
rv = nssComponent->GetPIPNSSBundleString(
|
||||
NS_LITERAL_STRING("VerifyUserImport").get(),
|
||||
verifyDesc);
|
||||
tmpUsages[tmpCount++] = verifyDesc.ToNewUnicode();
|
||||
} else if (verifyFailed(_verified)) goto verify_failed;
|
||||
#endif
|
||||
if (CERT_VerifyCertNow(defaultcertdb, mCert, PR_TRUE,
|
||||
certUsageSSLCA, NULL) == SECSuccess) {
|
||||
// add SSL CA to usage
|
||||
nsAutoString verifyDesc;
|
||||
rv = nssComponent->GetPIPNSSBundleString(
|
||||
NS_LITERAL_STRING("VerifySSLCA").get(),
|
||||
verifyDesc);
|
||||
tmpUsages[tmpCount++] = verifyDesc.ToNewUnicode();
|
||||
} else if (verifyFailed(_verified)) goto verify_failed;
|
||||
#if 0
|
||||
if (CERT_VerifyCertNow(defaultcertdb, mCert, PR_TRUE,
|
||||
certUsageVerifyCA, NULL) == SECSuccess) {
|
||||
// add verify CA to usage
|
||||
nsAutoString verifyDesc;
|
||||
rv = nssComponent->GetPIPNSSBundleString(
|
||||
NS_LITERAL_STRING("VerifyCAVerifier").get(),
|
||||
verifyDesc);
|
||||
tmpUsages[tmpCount++] = verifyDesc.ToNewUnicode();
|
||||
} else if (verifyFailed(_verified)) goto verify_failed;
|
||||
#endif
|
||||
if (CERT_VerifyCertNow(defaultcertdb, mCert, PR_TRUE,
|
||||
certUsageStatusResponder, NULL) == SECSuccess) {
|
||||
// add status responder to usage
|
||||
nsAutoString verifyDesc;
|
||||
rv = nssComponent->GetPIPNSSBundleString(
|
||||
NS_LITERAL_STRING("VerifyStatusResponder").get(),
|
||||
verifyDesc);
|
||||
tmpUsages[tmpCount++] = verifyDesc.ToNewUnicode();
|
||||
} else if (verifyFailed(_verified)) goto verify_failed;
|
||||
#if 0
|
||||
if (CERT_VerifyCertNow(defaultcertdb, mCert, PR_TRUE,
|
||||
certUsageAnyCA, NULL) == SECSuccess) {
|
||||
// add any CA to usage
|
||||
nsAutoString verifyDesc;
|
||||
rv = nssComponent->GetPIPNSSBundleString(
|
||||
NS_LITERAL_STRING("VerifyAnyCA").get(),
|
||||
verifyDesc);
|
||||
tmpUsages[tmpCount++] = verifyDesc.ToNewUnicode();
|
||||
} else if (verifyFailed(_verified)) goto verify_failed;
|
||||
#endif
|
||||
PRUnichar *tmpUsages[13];
|
||||
char *suffix = "";
|
||||
PRUint32 tmpCount;
|
||||
rv = GetUsageArray(suffix, _verified, &tmpCount, tmpUsages);
|
||||
if (tmpCount > 0) {
|
||||
*_usages = (PRUnichar **)nsMemory::Alloc(sizeof(PRUnichar *) * tmpCount);
|
||||
for (int i=0; i<tmpCount; i++) {
|
||||
for (PRUint32 i=0; i<tmpCount; i++) {
|
||||
(*_usages)[i] = tmpUsages[i];
|
||||
}
|
||||
*_count = tmpCount;
|
||||
*_verified = nsNSSCertificate::VERIFIED_OK;
|
||||
return NS_OK;
|
||||
}
|
||||
verify_failed:
|
||||
*_usages = (PRUnichar **)nsMemory::Alloc(sizeof(PRUnichar *));
|
||||
*_count = 0;
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/* void getPurposes(out PRUint32 verified, out wstring purposes); */
|
||||
NS_IMETHODIMP
|
||||
nsNSSCertificate::GetPurposes(PRUint32 *_verified,
|
||||
PRUnichar **_purposes)
|
||||
{
|
||||
nsresult rv;
|
||||
PRUnichar *tmpUsages[13];
|
||||
char *suffix = "_p";
|
||||
PRUint32 tmpCount;
|
||||
rv = GetUsageArray(suffix, _verified, &tmpCount, tmpUsages);
|
||||
nsAutoString porpoises;
|
||||
for (PRUint32 i=0; i<tmpCount; i++) {
|
||||
if (i>0) porpoises.AppendWithConversion(",");
|
||||
porpoises.Append(tmpUsages[i]);
|
||||
nsMemory::Free(tmpUsages[i]);
|
||||
}
|
||||
if (_purposes != NULL) { // skip it for verify-only
|
||||
*_purposes = porpoises.ToNewUnicode();
|
||||
}
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/* void view (); */
|
||||
NS_IMETHODIMP
|
||||
nsNSSCertificate::View()
|
||||
|
@ -1070,6 +1182,51 @@ cleanup:
|
|||
return rv;
|
||||
}
|
||||
|
||||
/*
|
||||
* [noscript] unsigned long getCertsByType(in unsigned long aType,
|
||||
* in nsCertCompareFunc aCertCmpFn,
|
||||
* out nsISupportsArray certs);
|
||||
*/
|
||||
PRBool
|
||||
nsNSSCertificateDB::GetCertsByType(PRUint32 aType,
|
||||
nsCertCompareFunc aCertCmpFn,
|
||||
nsISupportsArray **_certs)
|
||||
{
|
||||
CERTCertList *certList = NULL;
|
||||
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("GetCertsByType"));
|
||||
nsCOMPtr<nsISupportsArray> certarray;
|
||||
nsresult rv = NS_NewISupportsArray(getter_AddRefs(certarray));
|
||||
if (NS_FAILED(rv)) return PR_FALSE;
|
||||
certList = PK11_ListCerts(PK11CertListUnique, NULL);
|
||||
CERTCertListNode *node;
|
||||
int i, count = 0;
|
||||
for (node = CERT_LIST_HEAD(certList);
|
||||
!CERT_LIST_END(node, certList);
|
||||
node = CERT_LIST_NEXT(node)) {
|
||||
if (getCertType(node->cert) == aType) {
|
||||
nsCOMPtr<nsIX509Cert> pipCert = new nsNSSCertificate(node->cert);
|
||||
if (pipCert) {
|
||||
for (i=0; i<count; i++) {
|
||||
nsCOMPtr<nsISupports> isupport =
|
||||
getter_AddRefs(certarray->ElementAt(i));
|
||||
nsCOMPtr<nsIX509Cert> cert = do_QueryInterface(isupport);
|
||||
if ((*aCertCmpFn)(pipCert, cert) < 0) {
|
||||
certarray->InsertElementAt(pipCert, i);
|
||||
break;
|
||||
}
|
||||
}
|
||||
if (i == count) certarray->AppendElement(pipCert);
|
||||
count++;
|
||||
}
|
||||
}
|
||||
}
|
||||
*_certs = certarray;
|
||||
NS_ADDREF(*_certs);
|
||||
if (certList)
|
||||
CERT_DestroyCertList(certList);
|
||||
return PR_TRUE;
|
||||
}
|
||||
|
||||
/*
|
||||
* [noscript] void importCertificate (in nsIX509Cert cert,
|
||||
* in unsigned long type,
|
||||
|
@ -1131,16 +1288,22 @@ done:
|
|||
NS_IMETHODIMP
|
||||
nsNSSCertificateDB::DeleteCertificate(nsIX509Cert *aCert)
|
||||
{
|
||||
nsNSSCertificate *nssCert = NS_STATIC_CAST(nsNSSCertificate*, aCert);
|
||||
CERTCertificate *cert = nssCert->GetCert();
|
||||
if (!cert) return NS_ERROR_FAILURE;
|
||||
SECStatus srv;
|
||||
#if 0
|
||||
if (getCertType(aCert->mCert) == nsNSSCertificate::USER_CERT) {
|
||||
return ((PK11_DeleteTokenCertAndKey(aCert->mCert, NULL)) == SECSuccess) ?
|
||||
NS_OK : NS_ERROR_FAILURE;
|
||||
// for later, to use tokens ...
|
||||
if (getCertType(cert) == nsNSSCertificate::USER_CERT) {
|
||||
srv = PK11_DeleteTokenCertAndKey(cert, NULL);
|
||||
} else {
|
||||
return ((SEC_DeletePermCertificate(aCert->mCert)) == SECSuccess) ?
|
||||
NS_OK : NS_ERROR_FAILURE;
|
||||
srv = SEC_DeletePermCertificate(cert);
|
||||
}
|
||||
#endif
|
||||
return NS_ERROR_NOT_IMPLEMENTED;
|
||||
srv = SEC_DeletePermCertificate(cert);
|
||||
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("cert deleted: %d", srv));
|
||||
CERT_DestroyCertificate(cert);
|
||||
return (srv) ? NS_ERROR_FAILURE : NS_OK;
|
||||
}
|
||||
|
||||
/*
|
||||
|
|
|
@ -61,6 +61,11 @@ private:
|
|||
CERTCertificate *mCert;
|
||||
|
||||
PRBool verifyFailed(PRUint32 *_verified);
|
||||
|
||||
nsresult GetUsageArray(char *suffix,
|
||||
PRUint32 *_verified,
|
||||
PRUint32 *_count,
|
||||
PRUnichar **tmpUsages);
|
||||
};
|
||||
|
||||
class nsNSSCertificateDB : public nsIX509CertDB
|
||||
|
|
|
@ -37,6 +37,7 @@
|
|||
|
||||
#include "nsPK11TokenDB.h"
|
||||
#include "nsNSSCertificate.h"
|
||||
#include "nsCertOutliner.h"
|
||||
|
||||
NS_GENERIC_FACTORY_CONSTRUCTOR_INIT(nsNSSComponent, Init)
|
||||
NS_GENERIC_FACTORY_CONSTRUCTOR(nsSecureBrowserUIImpl)
|
||||
|
@ -46,6 +47,7 @@ NS_GENERIC_FACTORY_CONSTRUCTOR(nsSecretDecoderRing)
|
|||
NS_GENERIC_FACTORY_CONSTRUCTOR(nsPK11TokenDB)
|
||||
NS_GENERIC_FACTORY_CONSTRUCTOR_INIT(CertContentListener, init)
|
||||
NS_GENERIC_FACTORY_CONSTRUCTOR(nsNSSCertificateDB)
|
||||
NS_GENERIC_FACTORY_CONSTRUCTOR(nsCertOutliner)
|
||||
|
||||
static nsModuleComponentInfo components[] =
|
||||
{
|
||||
|
@ -145,6 +147,13 @@ static nsModuleComponentInfo components[] =
|
|||
NS_X509CERTDB_CID,
|
||||
NS_X509CERTDB_CONTRACTID,
|
||||
nsNSSCertificateDBConstructor
|
||||
},
|
||||
|
||||
{
|
||||
"Certificate Outliner",
|
||||
NS_CERTOUTLINER_CID,
|
||||
NS_CERTOUTLINER_CONTRACTID,
|
||||
nsCertOutlinerConstructor
|
||||
}
|
||||
|
||||
};
|
||||
|
|
|
@ -93,6 +93,7 @@ NS_IMETHODIMP
|
|||
nsPK11Token::Login(PRBool force)
|
||||
{
|
||||
nsresult rv;
|
||||
SECStatus srv;
|
||||
PRBool test;
|
||||
rv = this->NeedsLogin(&test);
|
||||
if (NS_FAILED(rv)) return rv;
|
||||
|
@ -102,8 +103,8 @@ nsPK11Token::Login(PRBool force)
|
|||
}
|
||||
rv = setPassword(mSlot, mUIContext);
|
||||
if (NS_FAILED(rv)) return rv;
|
||||
PK11_Authenticate(mSlot, PR_TRUE, mUIContext);
|
||||
return NS_OK;
|
||||
srv = PK11_Authenticate(mSlot, PR_TRUE, mUIContext);
|
||||
return (srv == SECSuccess) ? NS_OK : NS_ERROR_FAILURE;
|
||||
}
|
||||
|
||||
/* void logout (); */
|
||||
|
|
|
@ -31,7 +31,7 @@
|
|||
* may use your version of this file under either the MPL or the
|
||||
* GPL.
|
||||
*
|
||||
* $Id: nsPKCS12Blob.cpp,v 1.7 2001-04-04 21:06:22 mcgreer%netscape.com Exp $
|
||||
* $Id: nsPKCS12Blob.cpp,v 1.8 2001-05-01 23:23:22 mcgreer%netscape.com Exp $
|
||||
*/
|
||||
|
||||
#include "prmem.h"
|
||||
|
@ -40,7 +40,11 @@
|
|||
#include "nsIFileSpec.h"
|
||||
#include "nsINSSDialogs.h"
|
||||
#include "nsIDirectoryService.h"
|
||||
#include "nsIWindowWatcher.h"
|
||||
#include "nsIPrompt.h"
|
||||
#include "nsProxiedService.h"
|
||||
|
||||
#include "nsNSSComponent.h"
|
||||
#include "nsNSSHelper.h"
|
||||
#include "nsPKCS12Blob.h"
|
||||
#include "nsString.h"
|
||||
|
@ -57,8 +61,13 @@
|
|||
extern PRLogModuleInfo* gPIPNSSLog;
|
||||
#endif
|
||||
|
||||
#define PIP_PKCS12_TMPFILENAME ".pip_p12tmp"
|
||||
#define PIP_PKCS12_BUFFER_SIZE 2048
|
||||
static NS_DEFINE_CID(kNSSComponentCID, NS_NSSCOMPONENT_CID);
|
||||
|
||||
#define PIP_PKCS12_TMPFILENAME ".pip_p12tmp"
|
||||
#define PIP_PKCS12_BUFFER_SIZE 2048
|
||||
#define PIP_PKCS12_RESTORE_OK 1
|
||||
#define PIP_PKCS12_BACKUP_OK 2
|
||||
#define PIP_PKCS12_USER_CANCELED 3
|
||||
|
||||
// constructor
|
||||
nsPKCS12Blob::nsPKCS12Blob()
|
||||
|
@ -100,7 +109,7 @@ nsresult
|
|||
nsPKCS12Blob::ImportFromFile(nsILocalFile *file)
|
||||
{
|
||||
nsresult rv;
|
||||
SECStatus srv;
|
||||
SECStatus srv = SECSuccess;
|
||||
SEC_PKCS12DecoderContext *dcx = NULL;
|
||||
PK11SlotInfo *slot = PK11_GetInternalKeySlot(); /* XXX fix me! */
|
||||
SECItem unicodePw;
|
||||
|
@ -112,18 +121,23 @@ nsPKCS12Blob::ImportFromFile(nsILocalFile *file)
|
|||
// get file password (unicode)
|
||||
unicodePw.data = NULL;
|
||||
rv = getPKCS12FilePassword(&unicodePw);
|
||||
if (NS_FAILED(rv) || unicodePw.data == NULL) goto finish;
|
||||
rv = NS_ERROR_FAILURE;
|
||||
if (NS_FAILED(rv)) goto finish;
|
||||
if (unicodePw.data == NULL) {
|
||||
handleError(PIP_PKCS12_USER_CANCELED);
|
||||
return NS_OK;
|
||||
}
|
||||
// initialize the decoder
|
||||
dcx = SEC_PKCS12DecoderStart(&unicodePw, slot, NULL,
|
||||
digest_open, digest_close,
|
||||
digest_read, digest_write,
|
||||
this);
|
||||
if (!dcx) goto finish;
|
||||
if (!dcx) {
|
||||
srv = SECFailure;
|
||||
goto finish;
|
||||
}
|
||||
// read input file and feed it to the decoder
|
||||
rv = inputToDecoder(dcx, file);
|
||||
if (NS_FAILED(rv)) goto finish;
|
||||
rv = NS_ERROR_FAILURE;
|
||||
// verify the blob
|
||||
srv = SEC_PKCS12DecoderVerify(dcx);
|
||||
if (srv) goto finish;
|
||||
|
@ -134,15 +148,15 @@ nsPKCS12Blob::ImportFromFile(nsILocalFile *file)
|
|||
srv = SEC_PKCS12DecoderImportBags(dcx);
|
||||
if (srv) goto finish;
|
||||
// Later - check to see if this should become default email cert
|
||||
rv = NS_OK;
|
||||
handleError(PIP_PKCS12_RESTORE_OK);
|
||||
finish:
|
||||
if (NS_FAILED(rv)) {
|
||||
if (NS_FAILED(rv) || srv != SECSuccess) {
|
||||
handleError();
|
||||
}
|
||||
// finish the decoder
|
||||
if (dcx)
|
||||
SEC_PKCS12DecoderFinish(dcx);
|
||||
return rv;
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
#if 0
|
||||
|
@ -201,7 +215,7 @@ nsresult
|
|||
nsPKCS12Blob::ExportToFile(nsILocalFile *file,
|
||||
nsIX509Cert **certs, int numCerts)
|
||||
{
|
||||
nsresult rv, nrv;
|
||||
nsresult rv;
|
||||
SECStatus srv;
|
||||
SEC_PKCS12ExportContext *ecx = NULL;
|
||||
SEC_PKCS12SafeInfo *certSafe = NULL, *keySafe = NULL;
|
||||
|
@ -215,12 +229,18 @@ nsPKCS12Blob::ExportToFile(nsILocalFile *file,
|
|||
// get file password (unicode)
|
||||
unicodePw.data = NULL;
|
||||
rv = newPKCS12FilePassword(&unicodePw);
|
||||
if (NS_FAILED(rv) || unicodePw.data == NULL) goto finish;
|
||||
if (NS_FAILED(rv)) goto finish;
|
||||
if (unicodePw.data == NULL) {
|
||||
handleError(PIP_PKCS12_USER_CANCELED);
|
||||
return NS_OK;
|
||||
}
|
||||
// what about slotToUse in psm 1.x ???
|
||||
rv = NS_ERROR_FAILURE;
|
||||
// create export context
|
||||
ecx = SEC_PKCS12CreateExportContext(NULL, NULL, NULL /*slot*/, NULL);
|
||||
if (!ecx) goto finish;
|
||||
if (!ecx) {
|
||||
srv = SECFailure;
|
||||
goto finish;
|
||||
}
|
||||
// add password integrity
|
||||
srv = SEC_PKCS12AddPasswordIntegrity(ecx, &unicodePw, SEC_OID_SHA1);
|
||||
if (srv) goto finish;
|
||||
|
@ -240,9 +260,11 @@ nsPKCS12Blob::ExportToFile(nsILocalFile *file,
|
|||
nsNSSCertificate *cert = (nsNSSCertificate *)certs[i];
|
||||
// get it as a CERTCertificate XXX
|
||||
CERTCertificate *nssCert = NULL;
|
||||
//nrv = cert->GetCert(&nssCert);
|
||||
nssCert = cert->GetCert();
|
||||
if (NS_FAILED(nrv)) goto finish;
|
||||
if (!nssCert) {
|
||||
rv = NS_ERROR_FAILURE;
|
||||
goto finish;
|
||||
}
|
||||
// XXX this is why, to verify the slot is the same
|
||||
// PK11_FindObjectForCert(nssCert, NULL, slot);
|
||||
// create the cert and key safes
|
||||
|
@ -253,7 +275,10 @@ nsPKCS12Blob::ExportToFile(nsILocalFile *file,
|
|||
certSafe = SEC_PKCS12CreatePasswordPrivSafe(ecx, &unicodePw,
|
||||
SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC);
|
||||
}
|
||||
if (!certSafe || !keySafe) goto finish;
|
||||
if (!certSafe || !keySafe) {
|
||||
rv = NS_ERROR_FAILURE;
|
||||
goto finish;
|
||||
}
|
||||
// add the cert and key to the blob
|
||||
srv = SEC_PKCS12AddCertAndKey(ecx, certSafe, NULL, nssCert,
|
||||
CERT_GetDefaultCertDB(), // XXX
|
||||
|
@ -271,9 +296,9 @@ nsPKCS12Blob::ExportToFile(nsILocalFile *file,
|
|||
// encode and write
|
||||
srv = SEC_PKCS12Encode(ecx, write_export_file, this);
|
||||
if (srv) goto finish;
|
||||
rv = NS_OK;
|
||||
handleError(PIP_PKCS12_BACKUP_OK);
|
||||
finish:
|
||||
if (NS_FAILED(rv)) {
|
||||
if (NS_FAILED(rv) || srv != SECSuccess) {
|
||||
handleError();
|
||||
}
|
||||
if (ecx)
|
||||
|
@ -503,24 +528,104 @@ pip_ucs2_ascii_conversion_fn(PRBool toUnicode,
|
|||
return PR_TRUE;
|
||||
}
|
||||
|
||||
#define kWindowWatcherCID "@mozilla.org/embedcomp/window-watcher;1"
|
||||
|
||||
PRBool
|
||||
nsPKCS12Blob::handleError()
|
||||
nsPKCS12Blob::handleError(int myerr)
|
||||
{
|
||||
nsresult rv;
|
||||
PRBool keepGoing = PR_FALSE;
|
||||
int prerr = PORT_GetError();
|
||||
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("PKCS12: NSS/NSPR error(%d)", prerr));
|
||||
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("PKCS12: I called(%d)", myerr));
|
||||
nsCOMPtr<nsINSSComponent> nssComponent(do_GetService(kNSSComponentCID, &rv));
|
||||
if (NS_FAILED(rv)) return PR_FALSE;
|
||||
nsCOMPtr<nsIProxyObjectManager> proxyman(
|
||||
do_GetService(NS_XPCOMPROXY_CONTRACTID));
|
||||
if (!proxyman) return PR_FALSE;
|
||||
nsCOMPtr<nsIPrompt> errPrompt;
|
||||
nsCOMPtr<nsIWindowWatcher> wwatch(do_GetService(kWindowWatcherCID));
|
||||
if (wwatch) {
|
||||
wwatch->GetNewPrompter(0, getter_AddRefs(errPrompt));
|
||||
if (errPrompt) {
|
||||
nsCOMPtr<nsIPrompt> proxyPrompt;
|
||||
proxyman->GetProxyForObject(NS_UI_THREAD_EVENTQ, NS_GET_IID(nsIPrompt),
|
||||
errPrompt, PROXY_SYNC,
|
||||
getter_AddRefs(proxyPrompt));
|
||||
if (!proxyPrompt) return PR_FALSE;
|
||||
} else {
|
||||
return PR_FALSE;
|
||||
}
|
||||
} else {
|
||||
return PR_FALSE;
|
||||
}
|
||||
nsAutoString errorMsg;
|
||||
switch (myerr) {
|
||||
case PIP_PKCS12_RESTORE_OK:
|
||||
rv = nssComponent->GetPIPNSSBundleString(
|
||||
NS_LITERAL_STRING("SuccessfulP12Restore").get(),
|
||||
errorMsg);
|
||||
if (NS_FAILED(rv)) return rv;
|
||||
errPrompt->Alert(nsnull, errorMsg.GetUnicode());
|
||||
return PR_TRUE;
|
||||
case PIP_PKCS12_BACKUP_OK:
|
||||
rv = nssComponent->GetPIPNSSBundleString(
|
||||
NS_LITERAL_STRING("SuccessfulP12Backup").get(),
|
||||
errorMsg);
|
||||
if (NS_FAILED(rv)) return rv;
|
||||
errPrompt->Alert(nsnull, errorMsg.GetUnicode());
|
||||
return PR_TRUE;
|
||||
case PIP_PKCS12_USER_CANCELED:
|
||||
return PR_TRUE; /* Just ignore it for now */
|
||||
case 0:
|
||||
default:
|
||||
break;
|
||||
}
|
||||
switch (prerr) {
|
||||
// The following errors have the potential to be "handled", by asking
|
||||
// the user (via a dialog) whether s/he wishes to continue
|
||||
case 0: break;
|
||||
case SEC_ERROR_BAD_DER: /* sigh - this is thrown when password is wrong */
|
||||
case SEC_ERROR_PKCS12_CERT_COLLISION:
|
||||
/* pop a dialog saying the cert is already in the database */
|
||||
/* ask to keep going? what happens if one collision but others ok? */
|
||||
// The following errors cannot be "handled", notify the user (via an alert)
|
||||
// that the operation failed.
|
||||
#if 0
|
||||
// XXX a boy can dream...
|
||||
// but the PKCS12 lib never throws this error
|
||||
// but then again, how would it? anyway, convey the info below
|
||||
case SEC_ERROR_PKCS12_PRIVACY_PASSWORD_INCORRECT:
|
||||
rv = nssComponent->GetPIPNSSBundleString(
|
||||
NS_LITERAL_STRING("PKCS12PasswordInvalid").get(),
|
||||
errorMsg);
|
||||
if (NS_FAILED(rv)) return rv;
|
||||
errPrompt->Alert(nsnull, errorMsg.GetUnicode());
|
||||
break;
|
||||
#endif
|
||||
case SEC_ERROR_BAD_PASSWORD:
|
||||
rv = nssComponent->GetPIPNSSBundleString(
|
||||
NS_LITERAL_STRING("PK11BadPassword").get(),
|
||||
errorMsg);
|
||||
if (NS_FAILED(rv)) return rv;
|
||||
errPrompt->Alert(nsnull, errorMsg.GetUnicode());
|
||||
break;
|
||||
case SEC_ERROR_BAD_DER:
|
||||
case SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE:
|
||||
case SEC_ERROR_PKCS12_INVALID_MAC:
|
||||
rv = nssComponent->GetPIPNSSBundleString(
|
||||
NS_LITERAL_STRING("PKCS12DecodeErr").get(),
|
||||
errorMsg);
|
||||
if (NS_FAILED(rv)) return rv;
|
||||
errPrompt->Alert(nsnull, errorMsg.GetUnicode());
|
||||
break;
|
||||
default:
|
||||
/* open the "Unknown failure" alert */
|
||||
/* always exit with failure */
|
||||
return PR_FALSE;
|
||||
rv = nssComponent->GetPIPNSSBundleString(
|
||||
NS_LITERAL_STRING("PKCS12UnknownErrRestore").get(),
|
||||
errorMsg);
|
||||
if (NS_FAILED(rv)) return rv;
|
||||
errPrompt->Alert(nsnull, errorMsg.GetUnicode());
|
||||
}
|
||||
return PR_FALSE;
|
||||
if (NS_FAILED(rv)) return rv;
|
||||
return keepGoing;
|
||||
}
|
||||
|
||||
|
|
|
@ -31,7 +31,7 @@
|
|||
* may use your version of this file under either the MPL or the
|
||||
* GPL.
|
||||
*
|
||||
* $Id: nsPKCS12Blob.h,v 1.3 2001-03-30 19:55:00 mcgreer%netscape.com Exp $
|
||||
* $Id: nsPKCS12Blob.h,v 1.4 2001-05-01 23:23:23 mcgreer%netscape.com Exp $
|
||||
*/
|
||||
|
||||
#ifndef _NS_PKCS12BLOB_H_
|
||||
|
@ -84,7 +84,7 @@ private:
|
|||
nsresult newPKCS12FilePassword(SECItem *);
|
||||
nsresult inputToDecoder(SEC_PKCS12DecoderContext *, nsILocalFile *);
|
||||
void unicodeToItem(PRUnichar *, SECItem *);
|
||||
PRBool handleError();
|
||||
PRBool handleError(int myerr = 0);
|
||||
|
||||
// NSPR file I/O for temporary digest file
|
||||
PRFileDesc *mTmpFile;
|
||||
|
|
Загрузка…
Ссылка в новой задаче