mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-11-30 00:01:50 +00:00
Bug 966557: Add nsIX509CertDB.ConstructX509FromRawDER (r=bsmith)
This commit is contained in:
parent
3f31a31974
commit
22825ad2de
@ -19,7 +19,7 @@ interface nsIX509CertList;
|
||||
#define NS_X509CERTDB_CONTRACTID "@mozilla.org/security/x509certdb;1"
|
||||
%}
|
||||
|
||||
[scriptable, function, uuid(48411e2d-85a9-4b16-bec8-e30cde801f9e)]
|
||||
[scriptable, function, uuid(25a048e8-bb1c-4c33-ad3a-eacf2ad9e9ee)]
|
||||
interface nsIOpenSignedJARFileCallback : nsISupports
|
||||
{
|
||||
void openSignedJARFileFinished(in nsresult rv,
|
||||
@ -261,6 +261,16 @@ interface nsIX509CertDB : nsISupports {
|
||||
*/
|
||||
nsIX509Cert constructX509FromBase64(in string base64);
|
||||
|
||||
/*
|
||||
* Decode a raw data presentation and instantiate an object in memory.
|
||||
*
|
||||
* @param certDER The raw representation of a certificate,
|
||||
* encoded as raw DER.
|
||||
* @param length The length of the DER string.
|
||||
* @return The new certificate object.
|
||||
*/
|
||||
nsIX509Cert constructX509(in string certDER, in unsigned long length);
|
||||
|
||||
/*
|
||||
* Obtain a reference to the appropriate service for recent
|
||||
* bad certificates. May only be called on the main thread.
|
||||
|
@ -1398,7 +1398,9 @@ nsNSSCertificateDB::ConstructX509FromBase64(const char *base64,
|
||||
if (isAlreadyShutDown()) {
|
||||
return NS_ERROR_NOT_AVAILABLE;
|
||||
}
|
||||
NS_ENSURE_ARG_POINTER(_retval);
|
||||
if (NS_WARN_IF(!_retval)) {
|
||||
return NS_ERROR_INVALID_POINTER;
|
||||
}
|
||||
|
||||
// sure would be nice to have a smart pointer class for PL_ allocations
|
||||
// unfortunately, we cannot distinguish out-of-memory from bad-input here
|
||||
@ -1421,6 +1423,24 @@ nsNSSCertificateDB::ConstructX509FromBase64(const char *base64,
|
||||
lengthDER--;
|
||||
}
|
||||
|
||||
nsresult rv = ConstructX509(certDER, lengthDER, _retval);
|
||||
PL_strfree(certDER);
|
||||
return rv;
|
||||
}
|
||||
|
||||
/* nsIX509Cert constructX509 (in string certDER, unsigned long len); */
|
||||
NS_IMETHODIMP
|
||||
nsNSSCertificateDB::ConstructX509(const char* certDER,
|
||||
uint32_t lengthDER,
|
||||
nsIX509Cert** _retval)
|
||||
{
|
||||
nsNSSShutDownPreventionLock locker;
|
||||
if (isAlreadyShutDown()) {
|
||||
return NS_ERROR_NOT_AVAILABLE;
|
||||
}
|
||||
if (NS_WARN_IF(!_retval)) {
|
||||
return NS_ERROR_INVALID_POINTER;
|
||||
}
|
||||
|
||||
SECItem secitem_cert;
|
||||
secitem_cert.type = siDERCertBuffer;
|
||||
@ -1431,8 +1451,6 @@ nsNSSCertificateDB::ConstructX509FromBase64(const char *base64,
|
||||
cert =
|
||||
CERT_NewTempCertificate(CERT_GetDefaultCertDB(), &secitem_cert,
|
||||
nullptr, false, true);
|
||||
PL_strfree(certDER);
|
||||
|
||||
if (!cert)
|
||||
return (PORT_GetError() == SEC_ERROR_NO_MEMORY)
|
||||
? NS_ERROR_OUT_OF_MEMORY : NS_ERROR_FAILURE;
|
||||
|
Loading…
Reference in New Issue
Block a user