Bug 310446, Add a user feedback message when certs for import are being ignored

also fixes Bug 176507, Certificates added without warning or confirmation r=rrelyea, string-review=beltzner
2006-06-26 17:13:13 +00:00 · 2006-06-26 17:13:13 +00:00 · 78e425ba44
--- a/security/manager/locales/en-US/chrome/pipnss/pipnss.properties
+++ b/security/manager/locales/en-US/chrome/pipnss/pipnss.properties
@ -404,3 +404,8 @@ CertNoNickname=(no nickname)
 CertNoEmailAddress=(no email address)
 NicknameExpired=(expired)
 NicknameNotYetValid=(not yet valid)
+CaCertExists=This certificate is already installed as a certificate authority.
+NotACACert=This is not a certificate authority certificate, so it can't be imported into the certificate authority list.
+NotImportingUnverifiedCert=This certificate can't be verified and will not be imported. The certificate issuer might be unknown or untrusted, the certificate might have expired or been revoked, or the certificate might not have been approved.
+UserCertIgnoredNoPrivateKey=This personal certificate can't be installed because you do not own the corresponding private key which was created when the certificate was requested.
+UserCertImported=Your personal certificate has been installed. You should keep a backup copy of this certificate.
--- a/security/manager/ssl/src/nsNSSCertificateDB.cpp
+++ b/security/manager/ssl/src/nsNSSCertificateDB.cpp
@ -57,6 +57,9 @@
 #include "nsIPrefService.h"
 #include "nsIPrefBranch.h"
 #include "nsComponentManagerUtils.h"
+#include "nsIPrompt.h"
+#include "nsIProxyObjectManager.h"
+#include "nsProxiedService.h"

 #include "nspr.h"
 extern "C" {
@ -365,15 +368,12 @@ nsNSSCertificateDB::handleCACertDownload(nsIArray *x509Certs,
  CERTCertificateCleaner tmpCertCleaner(tmpCert);

  if (!CERT_IsCACert(tmpCert, NULL)) {
-    // Should pop up an error dialog.
+    DisplayCertificateAlert(ctx, "NotACACert", certToShow);
    return NS_ERROR_FAILURE;
  }

  if (tmpCert->isperm) {
-    nsPSMUITracker tracker;
-    if (!tracker.isUIForbidden()) {
-      dialogs->NotifyCACertExists(ctx);
-    }
+    DisplayCertificateAlert(ctx, "CaCertExists", certToShow);
    return NS_ERROR_FAILURE;
  }

@ -572,13 +572,6 @@ nsNSSCertificateDB::ImportEmailCertificate(PRUint8 * data, PRUint32 length,
      CERT_AddCertToListTail(certList, cert);
  }

-  /* filter out the certs we don't want */
-  srv = CERT_FilterCertListByUsage(certList, certusage, PR_FALSE);
-  if (srv != SECSuccess) {
-    nsrv = NS_ERROR_FAILURE;
-    goto loser;
-  }
-
  /* go down the remaining list of certs and verify that they have
   * valid chains, then import them.
   */
@ -586,18 +579,34 @@ nsNSSCertificateDB::ImportEmailCertificate(PRUint8 * data, PRUint32 length,
  for (node = CERT_LIST_HEAD(certList);
       !CERT_LIST_END(node,certList);
       node = CERT_LIST_NEXT(node)) {
+
+    bool alert_and_skip = false;
+
+    if (!node->cert) {
+      continue;
+    }
+
    if (CERT_VerifyCert(certdb, node->cert, 
        PR_TRUE, certusage, now, ctx, NULL) != SECSuccess) {
-      continue;
-    }
-
-    CERTCertificateList *certChain = CERT_CertChainFromCert(node->cert, certusage, PR_FALSE);
-    if (!certChain) {
-      continue;
+      alert_and_skip = true;
    }

+    CERTCertificateList *certChain = nsnull;
    CERTCertificateListCleaner chainCleaner(certChain);

+    if (!alert_and_skip) {
+      CERT_CertChainFromCert(node->cert, certusage, PR_FALSE);
+      if (!certChain) {
+        alert_and_skip = true;
+      }
+    }
+
+    if (alert_and_skip) {    
+      nsCOMPtr<nsIX509Cert> certToShow = new nsNSSCertificate(node->cert);
+      DisplayCertificateAlert(ctx, "NotImportingUnverifiedCert", certToShow);
+      continue;
+    }
+
    /*
     * CertChain returns an array of SECItems, import expects an array of
     * SECItem pointers. Create the SECItem Pointers from the array of
@ -765,18 +774,30 @@ nsNSSCertificateDB::ImportValidCACertsInList(CERTCertList *certList, nsIInterfac
  for (node = CERT_LIST_HEAD(certList);
       !CERT_LIST_END(node,certList);
       node = CERT_LIST_NEXT(node)) {
+
+    bool alert_and_skip = false;
+
    if (CERT_VerifyCert(CERT_GetDefaultCertDB(), node->cert, 
        PR_TRUE, certUsageVerifyCA, now, ctx, NULL) != SECSuccess) {
-      continue;
-    }
-
-    CERTCertificateList *certChain = CERT_CertChainFromCert(node->cert, certUsageAnyCA, PR_FALSE);
-    if (!certChain) {
-      continue;
+      alert_and_skip = true;
    }

+    CERTCertificateList *certChain = nsnull;
    CERTCertificateListCleaner chainCleaner(certChain);

+    if (!alert_and_skip) {    
+      certChain = CERT_CertChainFromCert(node->cert, certUsageAnyCA, PR_FALSE);
+      if (!certChain) {
+        alert_and_skip = true;
+      }
+    }
+
+    if (alert_and_skip) {    
+      nsCOMPtr<nsIX509Cert> certToShow = new nsNSSCertificate(node->cert);
+      DisplayCertificateAlert(ctx, "NotImportingUnverifiedCert", certToShow);
+      continue;
+    }
+
    /*
     * CertChain returns an array of SECItems, import expects an array of
     * SECItem pointers. Create the SECItem Pointers from the array of
@ -798,6 +819,50 @@ nsNSSCertificateDB::ImportValidCACertsInList(CERTCertList *certList, nsIInterfac
  return NS_OK;
 }

+void nsNSSCertificateDB::DisplayCertificateAlert(nsIInterfaceRequestor *ctx, 
+                                                 const char *stringID, 
+                                                 nsIX509Cert *certToShow)
+{
+  nsPSMUITracker tracker;
+  if (!tracker.isUIForbidden()) {
+
+    // This shall be replaced by embedding ovverridable prompts
+    // as discussed in bug 310446, and should make use of certToShow.
+
+    nsresult rv;
+    nsCOMPtr<nsINSSComponent> nssComponent(do_GetService(kNSSComponentCID, &rv));
+    if (NS_SUCCEEDED(rv)) {
+      nsAutoString tmpMessage;
+      nssComponent->GetPIPNSSBundleString(stringID, tmpMessage);
+
+      // The interface requestor object may not be safe, so proxy the call to get
+      // the nsIPrompt.
+
+      nsCOMPtr<nsIInterfaceRequestor> proxiedCallbacks;
+      NS_GetProxyForObject(NS_PROXY_TO_MAIN_THREAD,
+                           NS_GET_IID(nsIInterfaceRequestor),
+                           ctx,
+                           NS_PROXY_SYNC,
+                           getter_AddRefs(proxiedCallbacks));
+    
+      nsCOMPtr<nsIPrompt> prompt (do_GetInterface(proxiedCallbacks));
+      if (!prompt)
+        return;
+    
+      // Finally, get a proxy for the nsIPrompt
+    
+      nsCOMPtr<nsIPrompt> proxyPrompt;
+      NS_GetProxyForObject(NS_PROXY_TO_MAIN_THREAD,
+                           NS_GET_IID(nsIPrompt),
+                           prompt,
+                           NS_PROXY_SYNC,
+                           getter_AddRefs(proxyPrompt));
+    
+      proxyPrompt->Alert(nsnull, tmpMessage.get());
+    }
+  }
+}
+

 NS_IMETHODIMP 
 nsNSSCertificateDB::ImportUserCertificate(PRUint8 *data, PRUint32 length, nsIInterfaceRequestor *ctx)
@ -830,6 +895,8 @@ nsNSSCertificateDB::ImportUserCertificate(PRUint8 *data, PRUint32 length, nsIInt

  slot = PK11_KeyForCertExists(cert, NULL, ctx);
  if ( slot == NULL ) {
+    nsCOMPtr<nsIX509Cert> certToShow = new nsNSSCertificate(cert);
+    DisplayCertificateAlert(ctx, "UserCertIgnoredNoPrivateKey", certToShow);
    goto loser;
  }
  PK11_FreeSlot(slot);
@ -852,6 +919,10 @@ nsNSSCertificateDB::ImportUserCertificate(PRUint8 *data, PRUint32 length, nsIInt
  }
  PK11_FreeSlot(slot);

+  {
+    nsCOMPtr<nsIX509Cert> certToShow = new nsNSSCertificate(cert);
+    DisplayCertificateAlert(ctx, "UserCertImported", certToShow);
+  }
  rv = NS_OK;

  numCACerts = collectArgs->numcerts - 1;
--- a/security/manager/ssl/src/nsNSSCertificateDB.h
+++ b/security/manager/ssl/src/nsNSSCertificateDB.h
@ -68,6 +68,9 @@ private:
  static nsresult
  ImportValidCACertsInList(CERTCertList *certList, nsIInterfaceRequestor *ctx);

+  static void DisplayCertificateAlert(nsIInterfaceRequestor *ctx, 
+                                      const char *stringID, nsIX509Cert *certToShow);
+
  void getCertNames(CERTCertList *certList,
                    PRUint32      type, 
                    PRUint32     *_count,