Call a proper NSS function to get the unique ID.

Mozilla bugs 77664 and 77665.

security/jss/org/mozilla/jss/pkcs11/PK11Cert.c

@@ -376,7 +376,7 @@ Java_org_mozilla_jss_pkcs11_PK11Cert_getUniqueID
     (JNIEnv *env, jobject this)
 {
     CERTCertificate *cert;
-    SECItem id = {0,0,0};
+    SECItem *id = NULL;
     jbyteArray byteArray=NULL;
 
     PR_ASSERT(env!=NULL && this!=NULL);
@@ -387,37 +387,34 @@ Java_org_mozilla_jss_pkcs11_PK11Cert_getUniqueID
     if( JSS_PK11_getCertPtr(env, this, &cert) != PR_SUCCESS) {
         goto finish;
     }
-    PR_ASSERT( cert->slot != NULL );
 
     /***************************************************
-     * Get the id attribute
+     * Get the id
      ***************************************************/
-    if( PK11_ReadAttribute( cert->slot,
+    id = PK11_GetLowLevelKeyIDForCert(NULL /*slot*/, cert, NULL/*pinarg*/);
-                            cert->pkcs11ID,
+    if( id == NULL ) {
-                            CKA_ID,
+        JSS_throwMsg(env, TOKEN_EXCEPTION, "Unable to read ID");
-                            NULL /*arena*/,
-                            &id) != SECSuccess)
-    {
-        JSS_throwMsg(env, TOKEN_EXCEPTION, "Unable to read ID attribute");
         goto finish;
     }
 
     /***************************************************
      * Write the id to a new byte array
      ***************************************************/
-    byteArray = (*env)->NewByteArray(env, id.len);
+    byteArray = (*env)->NewByteArray(env, id->len);
     if(byteArray == NULL) {
         ASSERT_OUTOFMEM(env);
         goto finish;
     }
-    (*env)->SetByteArrayRegion(env, byteArray, 0, id.len, (jbyte*)id.data);
+    (*env)->SetByteArrayRegion(env, byteArray, 0, id->len, (jbyte*)id->data);
     if( (*env)->ExceptionOccurred(env) != NULL) {
         PR_ASSERT(PR_FALSE);
         goto finish;
     }
 
 finish:
-    SECITEM_FreeItem(&id, PR_FALSE /*freeit*/);
+    if( id != NULL ) {
+        SECITEM_FreeItem(id, PR_TRUE /*freeit*/);
+    }
 
     return byteArray;
 }

security/jss/org/mozilla/jss/pkcs11/PK11PrivKey.c

@@ -319,56 +319,48 @@ Java_org_mozilla_jss_pkcs11_PK11PrivKey_getUniqueID
 {
     SECKEYPrivateKey *key = NULL;
     PK11SlotInfo *slot = NULL;
-    SECItem keyItem = {0, 0, 0};
+    SECItem *idItem = NULL;
     jbyteArray byteArray = NULL;
 
     PR_ASSERT(env!=NULL && this!=NULL);
 
     /***************************************************
-     * Get the private key and slot C structures
+     * Get the private key structure
      ***************************************************/
     if( JSS_PK11_getPrivKeyPtr(env, this, &key) != PR_SUCCESS) {
         PR_ASSERT( (*env)->ExceptionOccurred(env) != NULL);
         goto finish;
     }
-    slot = PK11_GetSlotFromPrivateKey(key);
-    PR_ASSERT(slot!=NULL);
 
     /***************************************************
-     * Try to login to the token if necessary
+     * Get the key id
      ***************************************************/
-    PK11_Authenticate(slot, PR_TRUE /*readCerts*/, NULL /*wincx*/);
+    idItem = PK11_GetLowLevelKeyIDForPrivateKey(key);
-
+    if(idItem == NULL ) {
-    /***************************************************
+        JSS_throwMsg(env, TOKEN_EXCEPTION, "Unable to get key id");
-     * Get the key id attribute
-     ***************************************************/
-    if( PK11_ReadAttribute( slot,
-                            key->pkcs11ID,
-                            CKA_ID,
-                            NULL/*arena*/,
-                            &keyItem) != SECSuccess)
-    {
-        JSS_throwMsg(env, TOKEN_EXCEPTION, "Unable to read ID attribute");
         goto finish;
     }
 
     /***************************************************
      * Write the key id to a new byte array
      ***************************************************/
-    byteArray = (*env)->NewByteArray(env, keyItem.len);
+    PR_ASSERT(idItem->len > 0);
+    byteArray = (*env)->NewByteArray(env, idItem->len);
     if(byteArray == NULL) {
         ASSERT_OUTOFMEM(env);
         goto finish;
     }
-    (*env)->SetByteArrayRegion(env, byteArray, 0, keyItem.len,
+    (*env)->SetByteArrayRegion(env, byteArray, 0, idItem->len,
-                (jbyte*)keyItem.data);
+                (jbyte*)idItem->data);
     if( (*env)->ExceptionOccurred(env) != NULL) {
         PR_ASSERT(PR_FALSE);
         goto finish;
     }
 
 finish:
-    SECITEM_FreeItem(&keyItem, PR_FALSE /*freeit*/);
+    if(idItem != NULL) {
+        SECITEM_FreeItem(idItem, PR_TRUE /*freeit*/);
+    }
     
     return byteArray;
 }