Make viewing a cert easier if you have a reference to a cert object.

A preliminary draft of the cert dump implementation.
2001-03-28 02:05:54 +00:00 · 2001-03-28 02:05:54 +00:00 · 7ed41a9893
--- a/security/manager/pki/resources/content/certDump.xul
+++ b/security/manager/pki/resources/content/certDump.xul
@ -0,0 +1,48 @@
+<?xml version="1.0"?>
+<!-- 
+   - The contents of this file are subject to the Mozilla Public
+   - License Version 1.1 (the "License"); you may not use this file
+   - except in compliance with the License. You may obtain a copy of
+   - the License at http://www.mozilla.org/MPL/
+   - 
+   - Software distributed under the License is distributed on an "AS
+   - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+   - implied. See the License for the specific language governing
+   - rights and limitations under the License.
+   - 
+   - The Original Code is mozilla.org code.
+   - 
+   - The Initial Developer of the Original Code is Netscape
+   - Communications Corp.  Portions created by Netscape are
+   - Copyright (C) 2001 Netscape Communications Corp.  All
+   - Rights Reserved.
+   - 
+   - Contributor(s):
+   -   Bob Lord <lord@netscape.com>
+   -   Ian McGreer <mcgreer@netscape.com>
+   -   Javier Delgadillo <javi@netscape.com>
+  -->
+
+<?xml-stylesheet href="chrome://messenger/skin/messenger.css" type="text/css"?>
+
+<!DOCTYPE window SYSTEM "chrome://pippki/locale/certManager.dtd">
+
+<overlay id="certDumpOverlay" 
+         xmlns:html="http://www.w3.org/1999/xhtml" 
+         xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" 
+         xmlns:cert="http://netscape.com/rdf-cert#" 
+         xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul">
+<box id="certPrettyPrint" orient="vertical">
+ <box orient="vertical" flex="1">
+  <box flex="0" height="100">
+    <tree id="treesetDump" debug="false" width="500" flex="1">
+      <treecolgroup flex="1">
+        <treecol flex="1"/>
+      </treecolgroup>
+      <treechildren id="chainDump" flex="1" />
+    </tree>
+  </box>
+  <box id="prettyPrintTree" orient="vertical" />
+ </box>
+</box>
+</overlay>
--- a/security/manager/pki/resources/content/certViewer.xul
+++ b/security/manager/pki/resources/content/certViewer.xul
@ -26,6 +26,7 @@
 <?xml-stylesheet href="chrome://global/skin/" type="text/css"?>

 <?xul-overlay href="viewCertDetails.xul"?>
+<?xul-overlay href="certDump.xul"?>

 <!DOCTYPE window SYSTEM "chrome://pippki/locale/certManager.dtd">

@ -40,6 +41,7 @@

 <script src="chrome://global/content/strres.js" />
 <script src="viewCertDetails.js" />
+<script src="pippki.js" />
  <grid flex="1">
    <column flex="1"/>
    <rows autostretch="always" >
@ -51,6 +53,7 @@
          </tabbox>
          <tabpanel flex="1">
            <box id="general_info" flex="1"/>
+            <box id="certPrettyPrint" flex ="1" />
          </tabpanel>
        </tabcontrol>
      </row>
--- a/security/manager/pki/resources/content/domainMismatch.js
+++ b/security/manager/pki/resources/content/domainMismatch.js
@ -52,8 +52,7 @@ function onLoad()

 function viewCert()
 {
-  window.openDialog('chrome://pippki/content/certViewer.xul', cert.dbKey,
-                    'chrome');  
+  cert.view();
 }

 function doOK()
--- a/security/manager/pki/resources/content/downloadcert.js
+++ b/security/manager/pki/resources/content/downloadcert.js
@ -25,15 +25,6 @@ const nsIDialogParamBlock = Components.interfaces.nsIDialogParamBlock;

 var params;

-function setText(id, value) {
-  var element = document.getElementById(id);
-  if (!element) return;
-     if (element.hasChildNodes())  
-       element.removeChild(element.firstChild);
-  var textNode = document.createTextNode(value);
-  element.appendChild(textNode);
-}
-
 function onLoad()
 {
  params = window.arguments[0].QueryInterface(nsIDialogParamBlock);
--- a/security/manager/pki/resources/content/downloadcert.xul
+++ b/security/manager/pki/resources/content/downloadcert.xul
@ -37,6 +37,7 @@

 <script src="chrome://global/content/strres.js" />
 <script src="downloadcert.js"/>
+<script src="pippki.js" />

 <box orient="vertical" style="margin: 5px;" flex="1">

--- a/security/manager/pki/resources/content/newserver.js
+++ b/security/manager/pki/resources/content/newserver.js
@ -69,6 +69,5 @@ function doCancel()

 function viewCert()
 {
-  window.open('chrome://pippki/content/certViewer.xul', cert.dbKey,
-              'chrome');
+  cert.view();
 }
--- a/security/manager/pki/resources/content/serverCertExpired.js
+++ b/security/manager/pki/resources/content/serverCertExpired.js
@ -64,7 +64,5 @@ function viewCert()
    var isupport = pkiParams.getISupportAtIndex(1);
    cert = isupport.QueryInterface(nsIX509Cert);
  }
-
-  window.openDialog('chrome://pippki/content/certViewer.xul', cert.dbKey,
-                    'chrome');
+  cert.view();
 }
--- a/security/manager/pki/resources/content/viewCertDetails.js
+++ b/security/manager/pki/resources/content/viewCertDetails.js
@ -26,10 +26,11 @@ const nsX509CertDB = "@mozilla.org/security/x509certdb;1";
 const nsIX509CertDB = Components.interfaces.nsIX509CertDB;
 const nsPK11TokenDB = "@mozilla.org/security/pk11tokendb;1";
 const nsIPK11TokenDB = Components.interfaces.nsIPK11TokenDB;
+const nsIPKIParamBlock = Components.interfaces.nsIPKIParamBlock;

-function AddCertChain(node, chain)
+function AddCertChain(node, chain, idPrefix)
 {
-  var idfier = "chain_";
+  var idfier = idPrefix+"chain_";
  var child = [document.getElementById(node)];
  var item = document.createElement("treeitem");
  item.setAttribute("id", idfier + "0");
@ -76,13 +77,11 @@ function setWindowName()
  //  Get the cert from the cert database
  var certdb = Components.classes[nsX509CertDB].getService(nsIX509CertDB);

-  //  See if the caller tried to open this window with the 
-  //  cert's keyDB.
-  var cert = certdb.getCertByKeyDB(self.name);
  var windowReference=document.getElementById('certDetails');
+  myName = self.name;
+  var cert;

-  if (cert == null) {
-    myName = self.name;
+  if (myName != "_blank") {
    windowReference.setAttribute("title","Certificate Detail: \""+myName+"\"");
    //  Get the token
    //  XXX ignore this for now.  NSS will find the cert on a token
@ -94,6 +93,9 @@ function setWindowName()
    //var cert = certdb.getCertByNickname(token, myName);
    cert = certdb.getCertByNickname(null, myName);
  } else {
+    var pkiParams = window.arguments[0].QueryInterface(nsIPKIParamBlock);
+    var isupport = pkiParams.getISupportAtIndex(1);
+    cert = isupport.QueryInterface(nsIX509Cert);
    windowReference.setAttribute("title", 
                                 "Certificate Detail: \""+cert.windowTitle+'"');
  }
@ -115,8 +117,48 @@ function setWindowName()
    chainEnum.next();
  }
  } catch (e) {}
-  AddCertChain("chain", chain.reverse());
+  AddCertChain("chain", chain.reverse(),"");
+  AddCertChain("chainDump", chain,"dump_");
  DisplayGeneralDataFromCert(cert);
+  BuildPrettyPrint(cert);
+}
+
+function addTreeItemToTreeChild(treeChild, label)
+{
+  var treeElem1 = document.createElement("treeitem");
+  treeElem1.setAttribute("container","true");
+  treeElem1.setAttribute("open","true");
+  treeElem1.setAttribute("class","treecell-indent");
+  var treeRow = document.createElement("treerow");
+  var treeCell = document.createElement("treecell");
+  treeCell.setAttribute("class", "treecell-indent");
+  treeCell.setAttribute("label",label);
+  treeRow.appendChild(treeCell);
+  treeElem1.appendChild(treeRow);
+  treeChild.appendChild(treeElem1);
+  return treeElem1;
+}
+
+function addChildrenToTree(parentTree,label)
+{
+  var treeChild1 = document.createElement("treechildren");
+  var treeElement = addTreeItemToTreeChild(treeChild1, label);
+  parentTree.appendChild(treeChild1);
+  return treeElement;
+}
+
+function BuildPrettyPrint(cert)
+{
+  // For now, I'm just gonna build some dummy stuff
+  // just to get the helper functions I need up and
+  // running.
+  var prettyPrintBox = document.getElementById("prettyPrintTree");
+  var tree = document.createElement("tree");
+  prettyPrintBox.appendChild(tree);
+  var treeChildren = addChildrenToTree(tree,"Top Level"); 
+  var childOfFirstChild = addChildrenToTree(treeChildren, "Second Level:1");
+  var levelone2 = addChildrenToTree(treeChildren,"Second Level:2");
+  var levelthree1 = addChildrenToTree(childOfFirstChild,"Third Level:1");
 }

 function DisplayGeneralDataFromCert(cert)
--- a/security/manager/pki/resources/jar.mn
+++ b/security/manager/pki/resources/jar.mn
@ -29,6 +29,7 @@ pippki.jar:
    content/pippki/serverCertExpired.xul     (content/serverCertExpired.xul)
    content/pippki/serverCertExpired.js      (content/serverCertExpired.js)
    content/pippki/certViewer.xul            (content/certViewer.xul)
+    content/pippki/certDump.xul              (content/certDump.xul)
    locale/en-US/pippki/contents.rdf         (locale/en-US/contents.rdf)
    locale/en-US/pippki/pippki.dtd           (locale/en-US/pippki.dtd)
    locale/en-US/pippki/pref-ssl.dtd         (locale/en-US/pref-ssl.dtd)
--- a/security/manager/pki/src/nsNSSDialogs.cpp
+++ b/security/manager/pki/src/nsNSSDialogs.cpp
@ -749,3 +749,22 @@ nsNSSDialogs::GetPKCS12FilePassword(nsIInterfaceRequestor *ctx,
  return rv;
 }

+/* void viewCert (in nsIX509Cert cert); */
+NS_IMETHODIMP 
+nsNSSDialogs::ViewCert(nsIX509Cert *cert)
+{
+  nsresult rv;
+
+  nsCOMPtr<nsIPKIParamBlock> block = do_CreateInstance(kPKIParamBlockCID);
+  if (!block)
+    return NS_ERROR_FAILURE;
+
+  rv = block->SetISupportAtIndex(1, cert);
+  if (NS_FAILED(rv))
+    return rv;
+
+  rv = nsNSSDialogHelper::openDialog(nsnull,
+                                     "chrome://pippki/content/certViewer.xul",
+                                     block);
+  return rv;
+}
--- a/security/manager/ssl/public/nsINSSDialogs.idl
+++ b/security/manager/ssl/public/nsINSSDialogs.idl
@ -124,6 +124,8 @@ interface nsICertificateDialogs : nsISupports
                             out wstring password,
                             out boolean canceled);

+  void viewCert(in nsIX509Cert cert);
+
 };

 /**
--- a/security/manager/ssl/public/nsIX509Cert.idl
+++ b/security/manager/ssl/public/nsIX509Cert.idl
@ -92,6 +92,14 @@ interface nsIX509Cert : nsISupports {
                 out PRUint32 count, 
                 [array, size_is(count)] out wstring usages);

+  /*
+   * This method is here to make it easier to view a cert.
+   * It will get the implemention of the nsICertificateDialogs
+   * interface and call the viewCert method passing itself
+   * as a parameter.
+   */
+  void view();
+
  [noscript] unsigned long getRawDER(out charPtr result);

 };
--- a/security/manager/ssl/src/nsNSSCertificate.cpp
+++ b/security/manager/ssl/src/nsNSSCertificate.cpp
@ -32,7 +32,7 @@
 * may use your version of this file under either the MPL or the
 * GPL.
 *
- * $Id: nsNSSCertificate.cpp,v 1.13 2001-03-22 16:48:18 mcgreer%netscape.com Exp $
+ * $Id: nsNSSCertificate.cpp,v 1.14 2001-03-28 02:05:54 javi%netscape.com Exp $
 */

 #include "prmem.h"
@ -45,6 +45,7 @@
 #include "nsNSSCertificate.h"
 #include "nsPKCS12Blob.h"
 #include "nsIX509Cert.h"
+#include "nsINSSDialogs.h"
 #include "nsString.h"

 #include "pk11func.h"
@ -939,6 +940,18 @@ verify_failed:
  return NS_OK;
 }

+/* void view (); */
+NS_IMETHODIMP 
+nsNSSCertificate::View()
+{
+  nsresult rv;
+
+  nsCOMPtr<nsICertificateDialogs> certDialogs;
+  rv = ::getNSSDialogs(getter_AddRefs(certDialogs),
+                       NS_GET_IID(nsICertificateDialogs));
+  return certDialogs->ViewCert(this);
+}
+
 /* nsNSSCertificateDB */

 NS_IMPL_ISUPPORTS1(nsNSSCertificateDB, nsIX509CertDB)