Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-10 03:45:46 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Clean up string stuff: bug 232812 r=ssaux sr=jag

Browse Source
This commit is contained in:
jgmyers%speakeasy.net 2004-02-26 04:07:23 +00:00
parent 630d209a2d
commit 2c3a905fd4
17 changed files with 285 additions and 467 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
security/manager/ssl/src/nsCRLManager.cpp
View File

@ -150,27 +150,27 @@ loser:
errorCode = PR_GetError();
switch (errorCode) {
case SEC_ERROR_CRL_EXPIRED:
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CrlImportFailureExpired").get(), errorMessage);
nssComponent->GetPIPNSSBundleString("CrlImportFailureExpired", errorMessage);
break;
case SEC_ERROR_CRL_BAD_SIGNATURE:
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CrlImportFailureBadSignature").get(), errorMessage);
nssComponent->GetPIPNSSBundleString("CrlImportFailureBadSignature", errorMessage);
break;
case SEC_ERROR_CRL_INVALID:
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CrlImportFailureInvalid").get(), errorMessage);
nssComponent->GetPIPNSSBundleString("CrlImportFailureInvalid", errorMessage);
break;
case SEC_ERROR_OLD_CRL:
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CrlImportFailureOld").get(), errorMessage);
nssComponent->GetPIPNSSBundleString("CrlImportFailureOld", errorMessage);
break;
case SEC_ERROR_CRL_NOT_YET_VALID:
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CrlImportFailureNotYetValid").get(), errorMessage);
nssComponent->GetPIPNSSBundleString("CrlImportFailureNotYetValid", errorMessage);
break;
default:
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CrlImportFailureReasonUnknown").get(), errorMessage);
nssComponent->GetPIPNSSBundleString("CrlImportFailureReasonUnknown", errorMessage);
errorMessage.AppendInt(errorCode,16);
break;
}
@ -185,10 +185,10 @@ done:
nsCOMPtr<nsIPrompt> prompter;
if (wwatch){
wwatch->GetNewPrompter(0, getter_AddRefs(prompter));
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CrlImportFailure1").get(), message);
nssComponent->GetPIPNSSBundleString("CrlImportFailure1", message);
message.Append(NS_LITERAL_STRING("\n").get());
message.Append(errorMessage);
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CrlImportFailure2").get(), temp);
nssComponent->GetPIPNSSBundleString("CrlImportFailure2", temp);
message.Append(NS_LITERAL_STRING("\n").get());
message.Append(temp);

21
security/manager/ssl/src/nsCertTree.cpp
View File

@ -737,34 +737,27 @@ nsCertTree::GetCellText(PRInt32 row, const PRUnichar *colID,
break;
case nsIX509Cert::CERT_REVOKED:
rv = mNSSComponent->GetPIPNSSBundleString(
NS_LITERAL_STRING("VerifyRevoked").get(), _retval);
rv = mNSSComponent->GetPIPNSSBundleString("VerifyRevoked", _retval);
break;
case nsIX509Cert::CERT_EXPIRED:
rv = mNSSComponent->GetPIPNSSBundleString(
NS_LITERAL_STRING("VerifyExpired").get(), _retval);
rv = mNSSComponent->GetPIPNSSBundleString("VerifyExpired", _retval);
break;
case nsIX509Cert::CERT_NOT_TRUSTED:
rv = mNSSComponent->GetPIPNSSBundleString(
NS_LITERAL_STRING("VerifyNotTrusted").get(), _retval);
rv = mNSSComponent->GetPIPNSSBundleString("VerifyNotTrusted", _retval);
break;
case nsIX509Cert::ISSUER_NOT_TRUSTED:
rv = mNSSComponent->GetPIPNSSBundleString(
NS_LITERAL_STRING("VerifyIssuerNotTrusted").get(), _retval);
rv = mNSSComponent->GetPIPNSSBundleString("VerifyIssuerNotTrusted", _retval);
break;
case nsIX509Cert::ISSUER_UNKNOWN:
rv = mNSSComponent->GetPIPNSSBundleString(
NS_LITERAL_STRING("VerifyIssuerUnknown").get(), _retval);
rv = mNSSComponent->GetPIPNSSBundleString("VerifyIssuerUnknown", _retval);
break;
case nsIX509Cert::INVALID_CA:
rv = mNSSComponent->GetPIPNSSBundleString(
NS_LITERAL_STRING("VerifyInvalidCA").get(), _retval);
rv = mNSSComponent->GetPIPNSSBundleString("VerifyInvalidCA", _retval);
break;
case nsIX509Cert::NOT_VERIFIED_UNKNOWN:
case nsIX509Cert::USAGE_NOT_ALLOWED:
default:
rv = mNSSComponent->GetPIPNSSBundleString(
NS_LITERAL_STRING("VerifyUnknown").get(), _retval);
rv = mNSSComponent->GetPIPNSSBundleString("VerifyUnknown", _retval);
break;
}
} else if (strcmp(col, "issuedcol") == 0) {

57
security/manager/ssl/src/nsCrypto.cpp
View File

@ -1708,16 +1708,13 @@ nsP12Runnable::Run()
//Build up the message that let's the user know we're trying to
//make PKCS12 backups of the new certs.
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("ForcedBackup1").get(),
final);
nssComponent->GetPIPNSSBundleString("ForcedBackup1", final);
final.Append(NS_LITERAL_STRING("\n\n").get());
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("ForcedBackup2").get(),
temp);
nssComponent->GetPIPNSSBundleString("ForcedBackup2", temp);
final.Append(temp.get());
final.Append(NS_LITERAL_STRING("\n\n").get());
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("ForcedBackup3").get(),
temp);
nssComponent->GetPIPNSSBundleString("ForcedBackup3", temp);
final.Append(temp.get());
alertUser(final.get());
@ -1730,7 +1727,7 @@ nsP12Runnable::Run()
}
nsString filePickMessage;
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("chooseP12BackupFileDialog").get(),
nssComponent->GetPIPNSSBundleString("chooseP12BackupFileDialog",
filePickMessage);
filePicker->Init(nsnull, filePickMessage.get(), nsIFilePicker::modeSave);
filePicker->AppendFilter(NS_LITERAL_STRING("PKCS12").get(),
@ -2177,22 +2174,19 @@ nsPkcs11::Deletemodule(const nsAString& aModuleName, PRInt32* aReturn)
nsCOMPtr<nsINSSComponent> nssComponent(do_GetService(kNSSComponentCID, &rv));
if (aModuleName.IsEmpty()) {
*aReturn = JS_ERR_BAD_MODULE_NAME;
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("DelModuleBadName").get(),
errorMessage);
nssComponent->GetPIPNSSBundleString("DelModuleBadName", errorMessage);
alertUser(errorMessage.get());
return NS_OK;
}
nsString final;
nsXPIDLString temp;
nsAutoString temp;
//Make sure the user knows we're trying to do this.
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("DelModuleWarning").get(),
final);
nssComponent->GetPIPNSSBundleString("DelModuleWarning", final);
final.Append(NS_LITERAL_STRING("\n").get());
PRUnichar *tempUni = ToNewUnicode(aModuleName);
const PRUnichar *formatStrings[1] = { tempUni };
rv = nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("AddModuleName").get(),
formatStrings, 1,
getter_Copies(temp));
rv = nssComponent->PIPBundleFormatStringFromName("AddModuleName",
formatStrings, 1, temp);
nsMemory::Free(tempUni);
final.Append(temp);
if (!confirm_user(final.get())) {
@ -2205,18 +2199,15 @@ nsPkcs11::Deletemodule(const nsAString& aModuleName, PRInt32* aReturn)
SECStatus srv = SECMOD_DeleteModule(modName, &modType);
if (srv == SECSuccess) {
if (modType == SECMOD_EXTERNAL) {
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("DelModuleExtSuccess").get(),
errorMessage);
nssComponent->GetPIPNSSBundleString("DelModuleExtSuccess", errorMessage);
*aReturn = JS_OK_DEL_EXTERNAL_MOD;
} else {
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("DelModuleIntSuccess").get(),
errorMessage);
nssComponent->GetPIPNSSBundleString("DelModuleIntSuccess", errorMessage);
*aReturn = JS_OK_DEL_INTERNAL_MOD;
}
} else {
*aReturn = JS_ERR_DEL_MOD;
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("DelModuleError").get(),
errorMessage);
nssComponent->GetPIPNSSBundleString("DelModuleError", errorMessage);
}
alertUser(errorMessage.get());
return NS_OK;
@ -2233,10 +2224,9 @@ nsPkcs11::Addmodule(const nsAString& aModuleName,
nsresult rv;
nsCOMPtr<nsINSSComponent> nssComponent(do_GetService(kNSSComponentCID, &rv));
nsString final;
nsXPIDLString temp;
nsAutoString temp;
rv = nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("AddModulePrompt").get(),
final);
rv = nssComponent->GetPIPNSSBundleString("AddModulePrompt", final);
if (NS_FAILED(rv))
return rv;
@ -2244,9 +2234,8 @@ nsPkcs11::Addmodule(const nsAString& aModuleName,
PRUnichar *tempUni = ToNewUnicode(aModuleName);
const PRUnichar *formatStrings[1] = { tempUni };
rv = nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("AddModuleName").get(),
formatStrings, 1,
getter_Copies(temp));
rv = nssComponent->PIPBundleFormatStringFromName("AddModuleName",
formatStrings, 1, temp);
nsMemory::Free(tempUni);
if (NS_FAILED(rv))
@ -2257,9 +2246,8 @@ nsPkcs11::Addmodule(const nsAString& aModuleName,
tempUni = ToNewUnicode(aLibraryFullPath);
formatStrings[0] = tempUni;
rv = nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("AddModulePath").get(),
formatStrings, 1,
getter_Copies(temp));
rv = nssComponent->PIPBundleFormatStringFromName("AddModulePath",
formatStrings, 1, temp);
nsMemory::Free(tempUni);
if (NS_FAILED(rv))
return rv;
@ -2286,18 +2274,15 @@ nsPkcs11::Addmodule(const nsAString& aModuleName,
// what the return value for SEDMOD_AddNewModule is
switch (srv) {
case SECSuccess:
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("AddModuleSuccess").get(),
final);
nssComponent->GetPIPNSSBundleString("AddModuleSuccess", final);
*aReturn = JS_OK_ADD_MOD;
break;
case SECFailure:
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("AddModuleFailure").get(),
final);
nssComponent->GetPIPNSSBundleString("AddModuleFailure", final);
*aReturn = JS_ERR_ADD_MOD;
break;
case -2:
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("AddModuleDup").get(),
final);
nssComponent->GetPIPNSSBundleString("AddModuleDup", final);
*aReturn = JS_ERR_ADD_DUPLICATE_MOD;
break;
default:

24
security/manager/ssl/src/nsKeygenHandler.cpp
View File

@ -207,19 +207,13 @@ nsKeygenFormProcessor::Init()
if (NS_FAILED(rv))
return rv;
nssComponent->GetPIPNSSBundleString(
NS_LITERAL_STRING("HighGrade").get(),
str);
nssComponent->GetPIPNSSBundleString("HighGrade", str);
SECKeySizeChoiceList[0].name = ToNewUnicode(str);
nssComponent->GetPIPNSSBundleString(
NS_LITERAL_STRING("MediumGrade").get(),
str);
nssComponent->GetPIPNSSBundleString("MediumGrade", str);
SECKeySizeChoiceList[1].name = ToNewUnicode(str);
nssComponent->GetPIPNSSBundleString(
NS_LITERAL_STRING("LowGrade").get(),
str);
nssComponent->GetPIPNSSBundleString("LowGrade", str);
SECKeySizeChoiceList[2].name = ToNewUnicode(str);
return NS_OK;
@ -362,9 +356,9 @@ loser:
}
nsresult
nsKeygenFormProcessor::GetPublicKey(nsString& aValue, nsString& aChallenge,
nsString& aKeyType,
nsString& aOutPublicKey, nsString& aPqg)
nsKeygenFormProcessor::GetPublicKey(nsAString& aValue, nsAString& aChallenge,
nsAString& aKeyType,
nsAString& aOutPublicKey, nsAString& aPqg)
{
nsNSSShutDownPreventionLock locker;
nsresult rv = NS_ERROR_FAILURE;
@ -560,7 +554,7 @@ found_match:
*/
keystring = BTOA_DataToAscii(signedItem.data, signedItem.len);
aOutPublicKey.AssignWithConversion(keystring);
CopyASCIItoUTF16(keystring, aOutPublicKey);
nsCRT::free(keystring);
rv = NS_OK;
@ -608,7 +602,6 @@ nsKeygenFormProcessor::ProcessValue(nsIDOMHTMLElement *aElement,
nsAutoString challengeValue;
nsAutoString keyTypeValue;
nsAutoString pqgValue;
nsString publicKey;
res = selectElement->GetAttribute(NS_LITERAL_STRING("_moz-type"), keygenvalue);
if (NS_CONTENT_ATTR_HAS_VALUE == res && keygenvalue.Equals(NS_LITERAL_STRING("-mozilla-keygen"))) {
@ -621,8 +614,7 @@ nsKeygenFormProcessor::ProcessValue(nsIDOMHTMLElement *aElement,
}
res = selectElement->GetAttribute(NS_LITERAL_STRING("challenge"), challengeValue);
rv = GetPublicKey(aValue, challengeValue, keyTypeValue,
publicKey, pqgValue);
aValue = publicKey;
aValue, pqgValue);
}
}

6
security/manager/ssl/src/nsKeygenHandler.h
View File

@ -58,9 +58,9 @@ public:
static NS_METHOD Create(nsISupports* aOuter, const nsIID& aIID, void* *aResult);
protected:
nsresult GetPublicKey(nsString& aValue, nsString& aChallenge,
nsString& akeyType, nsString& aOutPublicKey,
nsString& aPqg);
nsresult GetPublicKey(nsAString& aValue, nsAString& aChallenge,
nsAString& akeyType, nsAString& aOutPublicKey,
nsAString& aPqg);
nsresult GetSlot(PRUint32 aMechanism, PK11SlotInfo** aSlot);
private:
nsCOMPtr<nsIInterfaceRequestor> m_ctx;

14
security/manager/ssl/src/nsNSSCallbacks.cpp
View File

@ -163,16 +163,16 @@ PK11PasswordPrompt(PK11SlotInfo* slot, PRBool retry, void* arg) {
getter_AddRefs(proxyPrompt));
nsXPIDLString promptString;
nsAutoString promptString;
nsCOMPtr<nsINSSComponent> nssComponent(do_GetService(kNSSComponentCID, &rv));
if (NS_FAILED(rv))
return nsnull;
const PRUnichar* formatStrings[1] = { ToNewUnicode(NS_ConvertUTF8toUCS2(PK11_GetTokenName(slot))) };
rv = nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("CertPassPrompt").get(),
rv = nssComponent->PIPBundleFormatStringFromName("CertPassPrompt",
formatStrings, 1,
getter_Copies(promptString));
promptString);
nsMemory::Free(NS_CONST_CAST(PRUnichar*, formatStrings[0]));
if (NS_FAILED(rv))
@ -241,19 +241,19 @@ void PR_CALLBACK HandshakeCallback(PRFileDesc* fd, void* client_data) {
caName = PL_strdup("Verisign, Inc.");
}
nsXPIDLString shortDesc;
nsAutoString shortDesc;
const PRUnichar* formatStrings[1] = { ToNewUnicode(NS_ConvertUTF8toUCS2(caName)) };
nsCOMPtr<nsINSSComponent> nssComponent(do_GetService(kNSSComponentCID, &rv));
if (NS_SUCCEEDED(rv)) {
rv = nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("SignedBy").get(),
rv = nssComponent->PIPBundleFormatStringFromName("SignedBy",
formatStrings, 1,
getter_Copies(shortDesc));
shortDesc);
nsMemory::Free(NS_CONST_CAST(PRUnichar*, formatStrings[0]));
nsNSSSocketInfo* infoObject = (nsNSSSocketInfo*) fd->higher->secret;
infoObject->SetSecurityState(secStatus);
infoObject->SetShortSecurityDescription((const PRUnichar*)shortDesc);
infoObject->SetShortSecurityDescription(shortDesc.get());
/* Set the SSL Status information */
nsCOMPtr<nsSSLStatus> status = new nsSSLStatus();

115
security/manager/ssl/src/nsNSSCertHelper.cpp
View File

@ -47,7 +47,7 @@
#include "nsNSSCertTrust.h"
nsresult
static nsresult
GetIntValue(SECItem *versionItem,
unsigned long *version)
{
@ -67,13 +67,12 @@ ProcessVersion(SECItem *versionItem,
nsIASN1PrintableItem **retItem)
{
nsresult rv;
nsString text;
nsAutoString text;
nsCOMPtr<nsIASN1PrintableItem> printableItem = new nsNSSASN1PrintableItem();
if (printableItem == nsnull)
return NS_ERROR_OUT_OF_MEMORY;
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CertDumpVersion").get(),
text);
nssComponent->GetPIPNSSBundleString("CertDumpVersion", text);
rv = printableItem->SetDisplayName(text);
if (NS_FAILED(rv))
return rv;
@ -93,16 +92,13 @@ ProcessVersion(SECItem *versionItem,
switch (version){
case 0:
rv = nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CertDumpVersion1").get(),
text);
rv = nssComponent->GetPIPNSSBundleString("CertDumpVersion1", text);
break;
case 1:
rv = nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CertDumpVersion2").get(),
text);
rv = nssComponent->GetPIPNSSBundleString("CertDumpVersion2", text);
break;
case 2:
rv = nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CertDumpVersion3").get(),
text);
rv = nssComponent->GetPIPNSSBundleString("CertDumpVersion3", text);
break;
default:
NS_ASSERTION(0,"Bad value for cert version");
@ -127,14 +123,13 @@ ProcessSerialNumberDER(SECItem *serialItem,
nsIASN1PrintableItem **retItem)
{
nsresult rv;
nsString text;
nsAutoString text;
nsCOMPtr<nsIASN1PrintableItem> printableItem = new nsNSSASN1PrintableItem();
if (printableItem == nsnull)
return NS_ERROR_OUT_OF_MEMORY;
rv = nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CertDumpSerialNo").get(),
text);
rv = nssComponent->GetPIPNSSBundleString("CertDumpSerialNo", text);
if (NS_FAILED(rv))
return rv;
@ -153,9 +148,9 @@ ProcessSerialNumberDER(SECItem *serialItem,
return rv;
}
nsresult
static nsresult
GetDefaultOIDFormat(SECItem *oid,
nsString &outString)
nsAString &outString)
{
char buf[300];
unsigned int len;
@ -197,7 +192,7 @@ GetDefaultOIDFormat(SECItem *oid,
}
nsresult
GetOIDText(SECItem *oid, nsINSSComponent *nssComponent, nsString &text)
GetOIDText(SECItem *oid, nsINSSComponent *nssComponent, nsAString &text)
{
nsresult rv;
SECOidTag oidTag = SECOID_FindOIDTag(oid);
@ -343,19 +338,16 @@ GetOIDText(SECItem *oid, nsINSSComponent *nssComponent, nsString &text)
}
if (bundlekey) {
rv = nssComponent->GetPIPNSSBundleString(NS_ConvertASCIItoUTF16(bundlekey).get(),
text);
rv = nssComponent->GetPIPNSSBundleString(bundlekey, text);
} else {
rv = GetDefaultOIDFormat(oid, text);
nsAutoString text2;
rv = GetDefaultOIDFormat(oid, text2);
if (NS_FAILED(rv))
return rv;
const PRUnichar *params[1] = {text.get()};
nsXPIDLString text2;
rv = nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("CertDumpDefOID").get(),
params, 1,
getter_Copies(text2));
text = text2;
const PRUnichar *params[1] = {text2.get()};
rv = nssComponent->PIPBundleFormatStringFromName("CertDumpDefOID",
params, 1, text);
}
return rv;
}
@ -363,7 +355,7 @@ GetOIDText(SECItem *oid, nsINSSComponent *nssComponent, nsString &text)
#define SEPARATOR "\n"
nsresult
ProcessRawBytes(SECItem *data, nsString &text)
ProcessRawBytes(SECItem *data, nsAString &text)
{
// This function is used to display some DER bytes
// that we have not added support for decoding.
@ -383,9 +375,9 @@ ProcessRawBytes(SECItem *data, nsString &text)
return NS_OK;
}
nsresult
static nsresult
ProcessNSCertTypeExtensions(SECItem *extData,
nsString &text,
nsAString &text,
nsINSSComponent *nssComponent)
{
nsAutoString local;
@ -394,60 +386,52 @@ ProcessNSCertTypeExtensions(SECItem *extData,
decoded.len = 0;
if (SECSuccess != SEC_ASN1DecodeItem(nsnull, &decoded,
SEC_ASN1_GET(SEC_BitStringTemplate), extData)) {
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CertDumpExtensionFailure").get(),
local);
nssComponent->GetPIPNSSBundleString("CertDumpExtensionFailure", local);
text.Append(local.get());
return NS_OK;
}
unsigned char nsCertType = decoded.data[0];
nsMemory::Free(decoded.data);
if (nsCertType & NS_CERT_TYPE_SSL_CLIENT) {
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("VerifySSLClient").get(),
local);
nssComponent->GetPIPNSSBundleString("VerifySSLClient", local);
text.Append(local.get());
text.Append(NS_LITERAL_STRING(SEPARATOR).get());
}
if (nsCertType & NS_CERT_TYPE_SSL_SERVER) {
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("VerifySSLServer").get(),
local);
nssComponent->GetPIPNSSBundleString("VerifySSLServer", local);
text.Append(local.get());
text.Append(NS_LITERAL_STRING(SEPARATOR).get());
}
if (nsCertType & NS_CERT_TYPE_EMAIL) {
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CertDumpCertTypeEmail").get(),
local);
nssComponent->GetPIPNSSBundleString("CertDumpCertTypeEmail", local);
text.Append(local.get());
text.Append(NS_LITERAL_STRING(SEPARATOR).get());
}
if (nsCertType & NS_CERT_TYPE_OBJECT_SIGNING) {
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("VerifyObjSign").get(),
local);
nssComponent->GetPIPNSSBundleString("VerifyObjSign", local);
text.Append(local.get());
text.Append(NS_LITERAL_STRING(SEPARATOR).get());
}
if (nsCertType & NS_CERT_TYPE_SSL_CA) {
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("VerifySSLCA").get(),
local);
nssComponent->GetPIPNSSBundleString("VerifySSLCA", local);
text.Append(local.get());
text.Append(NS_LITERAL_STRING(SEPARATOR).get());
}
if (nsCertType & NS_CERT_TYPE_EMAIL_CA) {
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CertDumpEmailCA").get(),
local);
nssComponent->GetPIPNSSBundleString("CertDumpEmailCA", local);
text.Append(local.get());
text.Append(NS_LITERAL_STRING(SEPARATOR).get());
}
if (nsCertType & NS_CERT_TYPE_OBJECT_SIGNING_CA) {
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("VerifyObjSign").get(),
local);
nssComponent->GetPIPNSSBundleString("VerifyObjSign", local);
text.Append(local.get());
text.Append(NS_LITERAL_STRING(SEPARATOR).get());
}
return NS_OK;
}
nsresult
ProcessKeyUsageExtension(SECItem *extData, nsString &text,
static nsresult
ProcessKeyUsageExtension(SECItem *extData, nsAString &text,
nsINSSComponent *nssComponent)
{
nsAutoString local;
@ -456,52 +440,44 @@ ProcessKeyUsageExtension(SECItem *extData, nsString &text,
decoded.len = 0;
if (SECSuccess != SEC_ASN1DecodeItem(nsnull, &decoded,
SEC_ASN1_GET(SEC_BitStringTemplate), extData)) {
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CertDumpExtensionFailure").get(),
local);
nssComponent->GetPIPNSSBundleString("CertDumpExtensionFailure", local);
text.Append(local.get());
return NS_OK;
}
unsigned char keyUsage = decoded.data[0];
nsMemory::Free(decoded.data);
if (keyUsage & KU_DIGITAL_SIGNATURE) {
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CertDumpKUSign").get(),
local);
nssComponent->GetPIPNSSBundleString("CertDumpKUSign", local);
text.Append(local.get());
text.Append(NS_LITERAL_STRING(SEPARATOR).get());
}
if (keyUsage & KU_NON_REPUDIATION) {
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CertDumpKUNonRep").get(),
local);
nssComponent->GetPIPNSSBundleString("CertDumpKUNonRep", local);
text.Append(local.get());
text.Append(NS_LITERAL_STRING(SEPARATOR).get());
}
if (keyUsage & KU_KEY_ENCIPHERMENT) {
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CertDumpKUEnc").get(),
local);
nssComponent->GetPIPNSSBundleString("CertDumpKUEnc", local);
text.Append(local.get());
text.Append(NS_LITERAL_STRING(SEPARATOR).get());
}
if (keyUsage & KU_DATA_ENCIPHERMENT) {
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CertDumpKUDEnc").get(),
local);
nssComponent->GetPIPNSSBundleString("CertDumpKUDEnc", local);
text.Append(local.get());
text.Append(NS_LITERAL_STRING(SEPARATOR).get());
}
if (keyUsage & KU_KEY_AGREEMENT) {
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CertDumpKUKA").get(),
local);
nssComponent->GetPIPNSSBundleString("CertDumpKUKA", local);
text.Append(local.get());
text.Append(NS_LITERAL_STRING(SEPARATOR).get());
}
if (keyUsage & KU_KEY_CERT_SIGN) {
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CertDumpKUCertSign").get(),
local);
nssComponent->GetPIPNSSBundleString("CertDumpKUCertSign", local);
text.Append(local.get());
text.Append(NS_LITERAL_STRING(SEPARATOR).get());
}
if (keyUsage & KU_CRL_SIGN) {
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CertDumpKUCRLSign").get(),
local);
nssComponent->GetPIPNSSBundleString("CertDumpKUCRLSign", local);
text.Append(local.get());
text.Append(NS_LITERAL_STRING(SEPARATOR).get());
}
@ -509,9 +485,9 @@ ProcessKeyUsageExtension(SECItem *extData, nsString &text,
return NS_OK;
}
nsresult
static nsresult
ProcessExtensionData(SECOidTag oidTag, SECItem *extData,
nsString &text, nsINSSComponent *nssComponent)
nsAString &text, nsINSSComponent *nssComponent)
{
nsresult rv;
switch (oidTag) {
@ -533,7 +509,7 @@ ProcessSingleExtension(CERTCertExtension *extension,
nsINSSComponent *nssComponent,
nsIASN1PrintableItem **retExtension)
{
nsString text;
nsAutoString text;
GetOIDText(&extension->id, nssComponent, text);
nsCOMPtr<nsIASN1PrintableItem>extensionItem = new nsNSSASN1PrintableItem();
if (extensionItem == nsnull)
@ -544,15 +520,12 @@ ProcessSingleExtension(CERTCertExtension *extension,
text.Truncate();
if (extension->critical.data != nsnull) {
if (extension->critical.data[0]) {
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CertDumpCritical").get(),
text);
nssComponent->GetPIPNSSBundleString("CertDumpCritical", text);
} else {
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CertDumpNonCritical").get(),
text);
nssComponent->GetPIPNSSBundleString("CertDumpNonCritical", text);
}
} else {
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CertDumpNonCritical").get(),
text);
nssComponent->GetPIPNSSBundleString("CertDumpNonCritical", text);
}
text.Append(NS_LITERAL_STRING(SEPARATOR).get());
nsresult rv = ProcessExtensionData(oidTag, &extension->value, text,

25
security/manager/ssl/src/nsNSSCertHelper.h
View File

@ -42,10 +42,6 @@
class nsINSSComponent;
class nsIASN1PrintableItem;
nsresult
GetIntValue(SECItem *versionItem,
unsigned long *version);
nsresult
ProcessVersion(SECItem *versionItem,
nsINSSComponent *nssComponent,
@ -57,27 +53,10 @@ ProcessSerialNumberDER(SECItem *serialItem,
nsIASN1PrintableItem **retItem);
nsresult
GetDefaultOIDFormat(SECItem *oid,
nsString &outString);
GetOIDText(SECItem *oid, nsINSSComponent *nssComponent, nsAString &text);
nsresult
GetOIDText(SECItem *oid, nsINSSComponent *nssComponent, nsString &text);
nsresult
ProcessRawBytes(SECItem *data, nsString &text);
nsresult
ProcessNSCertTypeExtensions(SECItem *extData,
nsString &text,
nsINSSComponent *nssComponent);
nsresult
ProcessKeyUsageExtension(SECItem *extData, nsString &text,
nsINSSComponent *nssComponent);
nsresult
ProcessExtensionData(SECOidTag oidTag, SECItem *extData,
nsString &text, nsINSSComponent *nssComponent);
ProcessRawBytes(SECItem *data, nsAString &text);
nsresult
ProcessSingleExtension(CERTCertExtension *extension,

83
security/manager/ssl/src/nsNSSCertificate.cpp
View File

@ -240,14 +240,14 @@ nsNSSCertificate::FormatUIStrings(const nsAutoString &nickname, nsAutoString &ni
nickWithSerial.Append(nickname);
if (NS_SUCCEEDED(nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CertInfoIssuedFor").get(), info))) {
if (NS_SUCCEEDED(nssComponent->GetPIPNSSBundleString("CertInfoIssuedFor", info))) {
details.Append(info);
details.Append(NS_LITERAL_STRING("\n"));
}
if (NS_SUCCEEDED(x509Proxy->GetSubjectName(temp1)) && !temp1.IsEmpty()) {
details.Append(NS_LITERAL_STRING(" "));
if (NS_SUCCEEDED(nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CertDumpSubject").get(), info))) {
if (NS_SUCCEEDED(nssComponent->GetPIPNSSBundleString("CertDumpSubject", info))) {
details.Append(info);
details.Append(NS_LITERAL_STRING(": "));
}
@ -257,7 +257,7 @@ nsNSSCertificate::FormatUIStrings(const nsAutoString &nickname, nsAutoString &ni
if (NS_SUCCEEDED(x509Proxy->GetSerialNumber(temp1)) && !temp1.IsEmpty()) {
details.Append(NS_LITERAL_STRING(" "));
if (NS_SUCCEEDED(nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CertDumpSerialNo").get(), info))) {
if (NS_SUCCEEDED(nssComponent->GetPIPNSSBundleString("CertDumpSerialNo", info))) {
details.Append(info);
details.Append(NS_LITERAL_STRING(": "));
}
@ -285,13 +285,13 @@ nsNSSCertificate::FormatUIStrings(const nsAutoString &nickname, nsAutoString &ni
if (validity) {
details.Append(NS_LITERAL_STRING(" "));
if (NS_SUCCEEDED(nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CertInfoValid").get(), info))) {
if (NS_SUCCEEDED(nssComponent->GetPIPNSSBundleString("CertInfoValid", info))) {
details.Append(info);
}
if (NS_SUCCEEDED(validity->GetNotBeforeLocalTime(temp1)) && !temp1.IsEmpty()) {
details.Append(NS_LITERAL_STRING(" "));
if (NS_SUCCEEDED(nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CertInfoFrom").get(), info))) {
if (NS_SUCCEEDED(nssComponent->GetPIPNSSBundleString("CertInfoFrom", info))) {
details.Append(info);
}
details.Append(NS_LITERAL_STRING(" "));
@ -300,7 +300,7 @@ nsNSSCertificate::FormatUIStrings(const nsAutoString &nickname, nsAutoString &ni
if (NS_SUCCEEDED(validity->GetNotAfterLocalTime(temp1)) && !temp1.IsEmpty()) {
details.Append(NS_LITERAL_STRING(" "));
if (NS_SUCCEEDED(nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CertInfoTo").get(), info))) {
if (NS_SUCCEEDED(nssComponent->GetPIPNSSBundleString("CertInfoTo", info))) {
details.Append(info);
}
details.Append(NS_LITERAL_STRING(" "));
@ -314,7 +314,7 @@ nsNSSCertificate::FormatUIStrings(const nsAutoString &nickname, nsAutoString &ni
PRUint32 tempInt = 0;
if (NS_SUCCEEDED(x509Proxy->GetUsagesString(PR_FALSE, &tempInt, temp1)) && !temp1.IsEmpty()) {
details.Append(NS_LITERAL_STRING(" "));
if (NS_SUCCEEDED(nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CertInfoPurposes").get(), info))) {
if (NS_SUCCEEDED(nssComponent->GetPIPNSSBundleString("CertInfoPurposes", info))) {
details.Append(info);
}
details.Append(NS_LITERAL_STRING(": "));
@ -322,14 +322,14 @@ nsNSSCertificate::FormatUIStrings(const nsAutoString &nickname, nsAutoString &ni
details.Append(NS_LITERAL_STRING("\n"));
}
if (NS_SUCCEEDED(nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CertInfoIssuedBy").get(), info))) {
if (NS_SUCCEEDED(nssComponent->GetPIPNSSBundleString("CertInfoIssuedBy", info))) {
details.Append(info);
details.Append(NS_LITERAL_STRING("\n"));
}
if (NS_SUCCEEDED(x509Proxy->GetIssuerName(temp1)) && !temp1.IsEmpty()) {
details.Append(NS_LITERAL_STRING(" "));
if (NS_SUCCEEDED(nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CertDumpSubject").get(), info))) {
if (NS_SUCCEEDED(nssComponent->GetPIPNSSBundleString("CertDumpSubject", info))) {
details.Append(info);
details.Append(NS_LITERAL_STRING(": "));
}
@ -833,8 +833,7 @@ nsNSSCertificate::GetTokenName(nsAString &aTokenName)
nsAutoString tok;
nsCOMPtr<nsINSSComponent> nssComponent(do_GetService(kNSSComponentCID, &rv));
if (NS_FAILED(rv)) return rv;
rv = nssComponent->GetPIPNSSBundleString(
NS_LITERAL_STRING("InternalToken").get(), tok);
rv = nssComponent->GetPIPNSSBundleString("InternalToken", tok);
if (NS_SUCCEEDED(rv))
aTokenName = tok;
}
@ -1018,7 +1017,7 @@ nsNSSCertificate::GetUsagesArray(PRBool ignoreOcsp,
nsresult rv;
const int max_usages = 13;
PRUnichar *tmpUsages[max_usages];
char *suffix = "";
const char *suffix = "";
PRUint32 tmpCount;
nsUsageArrayHelper uah(mCert);
rv = uah.GetUsagesArray(suffix, ignoreOcsp, max_usages, _verified, &tmpCount, tmpUsages);
@ -1047,7 +1046,7 @@ nsNSSCertificate::GetUsagesString(PRBool ignoreOcsp,
nsresult rv;
const int max_usages = 13;
PRUnichar *tmpUsages[max_usages];
char *suffix = "_p";
const char *suffix = "_p";
PRUint32 tmpCount;
nsUsageArrayHelper uah(mCert);
rv = uah.GetUsagesArray(suffix, ignoreOcsp, max_usages, _verified, &tmpCount, tmpUsages);
@ -1081,13 +1080,11 @@ ProcessSECAlgorithmID(SECAlgorithmID *algID,
nsCOMPtr<nsIMutableArray> asn1Objects;
sequence->GetASN1Objects(getter_AddRefs(asn1Objects));
asn1Objects->AppendElement(printableItem, PR_FALSE);
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CertDumpAlgID").get(),
text);
nssComponent->GetPIPNSSBundleString("CertDumpAlgID", text);
printableItem->SetDisplayName(text);
printableItem = new nsNSSASN1PrintableItem();
asn1Objects->AppendElement(printableItem, PR_FALSE);
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CertDumpParams").get(),
text);
nssComponent->GetPIPNSSBundleString("CertDumpParams", text);
printableItem->SetDisplayName(text);
ProcessRawBytes(&algID->parameters,text);
printableItem->SetDisplayValue(text);
@ -1151,12 +1148,10 @@ ProcessSubjectPublicKeyInfo(CERTSubjectPublicKeyInfo *spki,
return NS_ERROR_OUT_OF_MEMORY;
nsString text;
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CertDumpSPKI").get(),
text);
nssComponent->GetPIPNSSBundleString("CertDumpSPKI", text);
spkiSequence->SetDisplayName(text);
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CertDumpSPKIAlg").get(),
text);
nssComponent->GetPIPNSSBundleString("CertDumpSPKIAlg", text);
nsCOMPtr<nsIASN1Sequence> sequenceItem;
nsresult rv = ProcessSECAlgorithmID(&spki->algorithm, nssComponent,
getter_AddRefs(sequenceItem));
@ -1180,8 +1175,7 @@ ProcessSubjectPublicKeyInfo(CERTSubjectPublicKeyInfo *spki,
return NS_ERROR_OUT_OF_MEMORY;
printableItem->SetDisplayValue(text);
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CertDumpSubjPubKey").get(),
text);
nssComponent->GetPIPNSSBundleString("CertDumpSubjPubKey", text);
printableItem->SetDisplayName(text);
asn1Objects->AppendElement(printableItem, PR_FALSE);
@ -1200,8 +1194,7 @@ ProcessExtensions(CERTCertExtension **extensions,
return NS_ERROR_OUT_OF_MEMORY;
nsString text;
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CertDumpExtensions").get(),
text);
nssComponent->GetPIPNSSBundleString("CertDumpExtensions", text);
extensionSequence->SetDisplayName(text);
PRInt32 i;
nsresult rv;
@ -1237,7 +1230,7 @@ ProcessName(CERTName *name, nsINSSComponent *nssComponent, PRUnichar **value)
nsresult rv;
const PRUnichar *params[2];
nsString avavalue;
nsXPIDLString temp;
nsAutoString temp;
CERTRDN **lastRdn;
lastRdn = rdns;
@ -1278,9 +1271,8 @@ ProcessName(CERTName *name, nsINSSComponent *nssComponent, PRUnichar **value)
SECITEM_FreeItem(decodeItem, PR_TRUE);
params[0] = type.get();
params[1] = avavalue.get();
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("AVATemplate").get(),
params, 2,
getter_Copies(temp));
nssComponent->PIPBundleFormatStringFromName("AVATemplate",
params, 2, temp);
finalString += temp + NS_LITERAL_STRING("\n");
}
}
@ -1321,8 +1313,7 @@ nsNSSCertificate::CreateTBSCertificateASN1Struct(nsIASN1Sequence **retSequence,
return NS_ERROR_OUT_OF_MEMORY;
nsString text;
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CertDumpCertificate").get(),
text);
nssComponent->GetPIPNSSBundleString("CertDumpCertificate", text);
sequence->SetDisplayName(text);
nsCOMPtr<nsIASN1PrintableItem> printableItem;
@ -1349,8 +1340,7 @@ nsNSSCertificate::CreateTBSCertificateASN1Struct(nsIASN1Sequence **retSequence,
if (NS_FAILED(rv))
return rv;
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CertDumpSigAlg").get(),
text);
nssComponent->GetPIPNSSBundleString("CertDumpSigAlg", text);
algID->SetDisplayName(text);
asn1Objects->AppendElement(algID, PR_FALSE);
@ -1362,18 +1352,15 @@ nsNSSCertificate::CreateTBSCertificateASN1Struct(nsIASN1Sequence **retSequence,
return NS_ERROR_OUT_OF_MEMORY;
printableItem->SetDisplayValue(value);
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CertDumpIssuer").get(),
text);
nssComponent->GetPIPNSSBundleString("CertDumpIssuer", text);
printableItem->SetDisplayName(text);
asn1Objects->AppendElement(printableItem, PR_FALSE);
nsCOMPtr<nsIASN1Sequence> validitySequence = new nsNSSASN1Sequence();
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CertDumpValidity").get(),
text);
nssComponent->GetPIPNSSBundleString("CertDumpValidity", text);
validitySequence->SetDisplayName(text);
asn1Objects->AppendElement(validitySequence, PR_FALSE);
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CertDumpNotBefore").get(),
text);
nssComponent->GetPIPNSSBundleString("CertDumpNotBefore", text);
nsCOMPtr<nsIX509CertValidity> validityData;
GetValidity(getter_AddRefs(validityData));
PRTime notBefore, notAfter;
@ -1385,14 +1372,12 @@ nsNSSCertificate::CreateTBSCertificateASN1Struct(nsIASN1Sequence **retSequence,
if (NS_FAILED(rv))
return rv;
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CertDumpNotAfter").get(),
text);
nssComponent->GetPIPNSSBundleString("CertDumpNotAfter", text);
rv = ProcessTime(notAfter, text.get(), validitySequence);
if (NS_FAILED(rv))
return rv;
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CertDumpSubject").get(),
text);
nssComponent->GetPIPNSSBundleString("CertDumpSubject", text);
printableItem = new nsNSSASN1PrintableItem();
if (printableItem == nsnull)
@ -1424,8 +1409,7 @@ nsNSSCertificate::CreateTBSCertificateASN1Struct(nsIASN1Sequence **retSequence,
return NS_ERROR_OUT_OF_MEMORY;
printableItem->SetDisplayValue(text);
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CertDumpIssuerUniqueID").get(),
text);
nssComponent->GetPIPNSSBundleString("CertDumpIssuerUniqueID", text);
printableItem->SetDisplayName(text);
asn1Objects->AppendElement(printableItem, PR_FALSE);
}
@ -1444,8 +1428,7 @@ nsNSSCertificate::CreateTBSCertificateASN1Struct(nsIASN1Sequence **retSequence,
return NS_ERROR_OUT_OF_MEMORY;
printableItem->SetDisplayValue(text);
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CertDumpSubjectUniqueID").get(),
text);
nssComponent->GetPIPNSSBundleString("CertDumpSubjectUniqueID", text);
printableItem->SetDisplayName(text);
asn1Objects->AppendElement(printableItem, PR_FALSE);
@ -1540,13 +1523,11 @@ nsNSSCertificate::CreateASN1Struct()
if (NS_FAILED(rv))
return rv;
nsString text;
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CertDumpSigAlg").get(),
text);
nssComponent->GetPIPNSSBundleString("CertDumpSigAlg", text);
algID->SetDisplayName(text);
asn1Objects->AppendElement(algID, PR_FALSE);
nsCOMPtr<nsIASN1PrintableItem>printableItem = new nsNSSASN1PrintableItem();
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CertDumpCertSig").get(),
text);
nssComponent->GetPIPNSSBundleString("CertDumpCertSig", text);
printableItem->SetDisplayName(text);
// The signatureWrap is encoded as a bit string.
// The function ProcessRawBytes expects the

8
security/manager/ssl/src/nsNSSCertificateDB.cpp
View File

@ -1279,14 +1279,10 @@ nsNSSCertificateDB::default_nickname(CERTCertificate *cert, nsIInterfaceRequesto
goto loser;
count = 1;
nssComponent->GetPIPNSSBundleString(
NS_LITERAL_STRING("nick_template").get(),
tmpNickFmt);
nssComponent->GetPIPNSSBundleString("nick_template", tmpNickFmt);
nickFmt = ToNewUTF8String(tmpNickFmt);
nssComponent->GetPIPNSSBundleString(
NS_LITERAL_STRING("nick_template_with_num").get(),
tmpNickFmtWithNum);
nssComponent->GetPIPNSSBundleString("nick_template_with_num", tmpNickFmtWithNum);
nickFmtWithNum = ToNewUTF8String(tmpNickFmtWithNum);

86
security/manager/ssl/src/nsNSSComponent.cpp
View File

@ -275,22 +275,27 @@ nsNSSComponent::~nsNSSComponent()
static void setOCSPOptions(nsIPref * pref);
NS_IMETHODIMP
nsNSSComponent::PIPBundleFormatStringFromName(const PRUnichar *name,
nsNSSComponent::PIPBundleFormatStringFromName(const char *name,
const PRUnichar **params,
PRUint32 numParams,
PRUnichar **outString)
nsAString &outString)
{
nsresult rv = NS_ERROR_FAILURE;
if (mPIPNSSBundle && name) {
rv = mPIPNSSBundle->FormatStringFromName(name, params,
numParams, outString);
nsXPIDLString result;
rv = mPIPNSSBundle->FormatStringFromName(NS_ConvertASCIItoUTF16(name).get(),
params, numParams,
getter_Copies(result));
if (NS_SUCCEEDED(rv)) {
outString = result;
}
}
return rv;
}
NS_IMETHODIMP
nsNSSComponent::GetPIPNSSBundleString(const PRUnichar *name,
nsNSSComponent::GetPIPNSSBundleString(const char *name,
nsAString &outString)
{
nsresult rv = NS_ERROR_FAILURE;
@ -298,7 +303,8 @@ nsNSSComponent::GetPIPNSSBundleString(const PRUnichar *name,
outString.SetLength(0);
if (mPIPNSSBundle && name) {
nsXPIDLString result;
rv = mPIPNSSBundle->GetStringFromName(name, getter_Copies(result));
rv = mPIPNSSBundle->GetStringFromName(NS_ConvertASCIItoUTF16(name).get(),
getter_Copies(result));
if (NS_SUCCEEDED(rv)) {
outString = result;
rv = NS_OK;
@ -308,17 +314,6 @@ nsNSSComponent::GetPIPNSSBundleString(const PRUnichar *name,
return rv;
}
NS_IMETHODIMP
nsNSSComponent::GetPIPNSSBundleString(const PRUnichar *name,
PRUnichar **outString)
{
if (!mPIPNSSBundle || !name) {
*outString = nsnull;
return NS_ERROR_FAILURE;
}
return mPIPNSSBundle->GetStringFromName(name, outString);
}
NS_IMETHODIMP
nsNSSComponent::SkipOcsp()
@ -401,8 +396,7 @@ nsNSSComponent::InstallLoadableRoots()
nsresult rv;
nsAutoString modName;
rv = GetPIPNSSBundleString(NS_LITERAL_STRING("RootCertModuleName").get(),
modName);
rv = GetPIPNSSBundleString("RootCertModuleName", modName);
if (NS_FAILED(rv)) return;
nsCOMPtr<nsIProperties> directoryService(do_GetService(NS_DIRECTORY_SERVICE_CONTRACTID));
@ -457,46 +451,38 @@ nsresult
nsNSSComponent::ConfigureInternalPKCS11Token()
{
nsNSSShutDownPreventionLock locker;
nsXPIDLString manufacturerID;
nsXPIDLString libraryDescription;
nsXPIDLString tokenDescription;
nsXPIDLString privateTokenDescription;
nsXPIDLString slotDescription;
nsXPIDLString privateSlotDescription;
nsXPIDLString fipsSlotDescription;
nsXPIDLString fipsPrivateSlotDescription;
nsAutoString manufacturerID;
nsAutoString libraryDescription;
nsAutoString tokenDescription;
nsAutoString privateTokenDescription;
nsAutoString slotDescription;
nsAutoString privateSlotDescription;
nsAutoString fipsSlotDescription;
nsAutoString fipsPrivateSlotDescription;
nsresult rv;
rv = GetPIPNSSBundleString(NS_LITERAL_STRING("ManufacturerID").get(),
getter_Copies(manufacturerID));
rv = GetPIPNSSBundleString("ManufacturerID", manufacturerID);
if (NS_FAILED(rv)) return rv;
rv = GetPIPNSSBundleString(NS_LITERAL_STRING("LibraryDescription").get(),
getter_Copies(libraryDescription));
rv = GetPIPNSSBundleString("LibraryDescription", libraryDescription);
if (NS_FAILED(rv)) return rv;
rv = GetPIPNSSBundleString(NS_LITERAL_STRING("TokenDescription").get(),
getter_Copies(tokenDescription));
rv = GetPIPNSSBundleString("TokenDescription", tokenDescription);
if (NS_FAILED(rv)) return rv;
rv = GetPIPNSSBundleString(NS_LITERAL_STRING("PrivateTokenDescription").get(),
getter_Copies(privateTokenDescription));
rv = GetPIPNSSBundleString("PrivateTokenDescription", privateTokenDescription);
if (NS_FAILED(rv)) return rv;
rv = GetPIPNSSBundleString(NS_LITERAL_STRING("SlotDescription").get(),
getter_Copies(slotDescription));
rv = GetPIPNSSBundleString("SlotDescription", slotDescription);
if (NS_FAILED(rv)) return rv;
rv = GetPIPNSSBundleString(NS_LITERAL_STRING("PrivateSlotDescription").get(),
getter_Copies(privateSlotDescription));
rv = GetPIPNSSBundleString("PrivateSlotDescription", privateSlotDescription);
if (NS_FAILED(rv)) return rv;
rv = GetPIPNSSBundleString(NS_LITERAL_STRING("FipsSlotDescription").get(),
getter_Copies(fipsSlotDescription));
rv = GetPIPNSSBundleString("FipsSlotDescription", fipsSlotDescription);
if (NS_FAILED(rv)) return rv;
rv = GetPIPNSSBundleString(NS_LITERAL_STRING("FipsPrivateSlotDescription").get(),
getter_Copies(fipsPrivateSlotDescription));
rv = GetPIPNSSBundleString("FipsPrivateSlotDescription", fipsPrivateSlotDescription);
if (NS_FAILED(rv)) return rv;
PK11_ConfigurePKCS11(NS_ConvertUCS2toUTF8(manufacturerID).get(),
@ -1709,16 +1695,16 @@ void nsNSSComponent::ShowAlert(AlertIdentifier ai)
switch (ai) {
case ai_nss_init_problem:
rv = GetPIPNSSBundleString(NS_LITERAL_STRING("NSSInitProblem").get(), message);
rv = GetPIPNSSBundleString("NSSInitProblem", message);
break;
case ai_sockets_still_active:
rv = GetPIPNSSBundleString(NS_LITERAL_STRING("ProfileSwitchSocketsStillActive").get(), message);
rv = GetPIPNSSBundleString("ProfileSwitchSocketsStillActive", message);
break;
case ai_crypto_ui_active:
rv = GetPIPNSSBundleString(NS_LITERAL_STRING("ProfileSwitchCryptoUIActive").get(), message);
rv = GetPIPNSSBundleString("ProfileSwitchCryptoUIActive", message);
break;
case ai_incomplete_logout:
rv = GetPIPNSSBundleString(NS_LITERAL_STRING("LogoutIncompleteUIActive").get(), message);
rv = GetPIPNSSBundleString("LogoutIncompleteUIActive", message);
break;
default:
return;
@ -2090,7 +2076,7 @@ PSMContentDownloader::handleContentDownloadError(nsresult errCode)
//TO DO: Handle network errors in details
//XXXXXXXXXXXXXXXXXX
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CrlImportFailureNetworkProblem").get(), tmpMessage);
nssComponent->GetPIPNSSBundleString("CrlImportFailureNetworkProblem", tmpMessage);
if(mDoSilentDownload == PR_TRUE){
//This is the case for automatic download. Update failure history
@ -2124,10 +2110,10 @@ PSMContentDownloader::handleContentDownloadError(nsresult errCode)
nsCOMPtr<nsIPrompt> prompter;
if (wwatch){
wwatch->GetNewPrompter(0, getter_AddRefs(prompter));
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CrlImportFailure1").get(), message);
nssComponent->GetPIPNSSBundleString("CrlImportFailure1", message);
message.Append(NS_LITERAL_STRING("\n").get());
message.Append(tmpMessage);
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("CrlImportFailure2").get(), tmpMessage);
nssComponent->GetPIPNSSBundleString("CrlImportFailure2", tmpMessage);
message.Append(NS_LITERAL_STRING("\n").get());
message.Append(tmpMessage);

16
security/manager/ssl/src/nsNSSComponent.h
View File

@ -101,14 +101,12 @@ class NS_NO_VTABLE nsINSSComponent : public nsISupports {
public:
NS_DEFINE_STATIC_IID_ACCESSOR(NS_INSSCOMPONENT_IID)
NS_IMETHOD GetPIPNSSBundleString(const PRUnichar *name,
NS_IMETHOD GetPIPNSSBundleString(const char *name,
nsAString &outString) = 0;
NS_IMETHOD GetPIPNSSBundleString(const PRUnichar *name,
PRUnichar **outString) = 0;
NS_IMETHOD PIPBundleFormatStringFromName(const PRUnichar *name,
NS_IMETHOD PIPBundleFormatStringFromName(const char *name,
const PRUnichar **params,
PRUint32 numParams,
PRUnichar **outString) = 0;
nsAString &outString) = 0;
// This method will just disable OCSP in NSS, it will not
// alter the respective pref values.
@ -155,14 +153,12 @@ public:
NS_METHOD Init();
NS_IMETHOD GetPIPNSSBundleString(const PRUnichar *name,
NS_IMETHOD GetPIPNSSBundleString(const char *name,
nsAString &outString);
NS_IMETHOD GetPIPNSSBundleString(const PRUnichar *name,
PRUnichar **outString);
NS_IMETHOD PIPBundleFormatStringFromName(const PRUnichar *name,
NS_IMETHOD PIPBundleFormatStringFromName(const char *name,
const PRUnichar **params,
PRUint32 numParams,
PRUnichar **outString);
nsAString &outString);
NS_IMETHOD SkipOcsp();
NS_IMETHOD SkipOcspOff();
nsresult InitializeCRLUpdateTimer();

190
security/manager/ssl/src/nsNSSIOLayer.cpp
View File

@ -424,8 +424,8 @@ nsSSLIOLayerFreeTLSIntolerantSites()
return NS_OK;
}
nsresult
displayAlert(nsXPIDLString formattedString, nsNSSSocketInfo *infoObject)
static nsresult
displayAlert(nsAFlatString &formattedString, nsNSSSocketInfo *infoObject)
{
// The interface requestor object may not be safe, so
@ -494,20 +494,18 @@ nsHandleSSLError(nsNSSSocketInfo *socketInfo, PRInt32 err)
getter_Copies(brandShortName));
const PRUnichar *params[2];
nsXPIDLString formattedString;
nsAutoString formattedString;
switch (err) {
case SSL_ERROR_SSL_DISABLED:
params[0] = hostNameU.get();
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("SSLDisabled").get(),
params, 1,
getter_Copies(formattedString));
nssComponent->PIPBundleFormatStringFromName("SSLDisabled",
params, 1, formattedString);
break;
case SSL_ERROR_SSL2_DISABLED:
params[0] = hostNameU.get();
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("SSL2Disabled").get(),
params, 1,
getter_Copies(formattedString));
nssComponent->PIPBundleFormatStringFromName("SSL2Disabled",
params, 1, formattedString);
break;
case SSL_ERROR_EXPORT_ONLY_SERVER:
case SSL_ERROR_US_ONLY_SERVER:
@ -518,25 +516,22 @@ nsHandleSSLError(nsNSSSocketInfo *socketInfo, PRInt32 err)
case SSL_ERROR_FORTEZZA_PQG:
params[0] = brandShortName.get();
params[1] = hostNameU.get();
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("SSLNoMatchingCiphers").get(),
params, 2,
getter_Copies(formattedString));
nssComponent->PIPBundleFormatStringFromName("SSLNoMatchingCiphers",
params, 2, formattedString);
break;
//Clients Cert Rejected
case SSL_ERROR_REVOKED_CERT_ALERT :
params[0] = hostNameU.get();
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("UsersCertRevoked").get(),
params, 1,
getter_Copies(formattedString));
nssComponent->PIPBundleFormatStringFromName("UsersCertRevoked",
params, 1, formattedString);
break;
case SSL_ERROR_EXPIRED_CERT_ALERT:
params[0] = hostNameU.get();
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("UsersCertExpired").get(),
params, 1,
getter_Copies(formattedString));
nssComponent->PIPBundleFormatStringFromName("UsersCertExpired",
params, 1, formattedString);
break;
case SSL_ERROR_BAD_CERT_ALERT:
@ -544,87 +539,75 @@ nsHandleSSLError(nsNSSSocketInfo *socketInfo, PRInt32 err)
case SSL_ERROR_CERTIFICATE_UNKNOWN_ALERT:
params[0] = hostNameU.get();
params[1] = errorCode.get();
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("UsersCertRejected").get(),
params, 2,
getter_Copies(formattedString));
nssComponent->PIPBundleFormatStringFromName("UsersCertRejected",
params, 2, formattedString);
break;
//Errors related to Peers Certificate
case SEC_ERROR_CRL_EXPIRED:
params[0] = hostNameU.get();
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("CRLExpired").get(),
params, 1,
getter_Copies(formattedString));
nssComponent->PIPBundleFormatStringFromName("CRLExpired",
params, 1, formattedString);
break;
case SEC_ERROR_CRL_NOT_YET_VALID:
params[0] = hostNameU.get();
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("CRLNotYetValid").get(),
params, 1,
getter_Copies(formattedString));
nssComponent->PIPBundleFormatStringFromName("CRLNotYetValid",
params, 1, formattedString);
break;
case SEC_ERROR_CRL_INVALID:
params[0] = hostNameU.get();
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("CRLSNotValid").get(),
params, 1,
getter_Copies(formattedString));
nssComponent->PIPBundleFormatStringFromName("CRLSNotValid",
params, 1, formattedString);
break;
case SEC_ERROR_CRL_BAD_SIGNATURE:
params[0] = hostNameU.get();
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("CRLSigNotValid").get(),
params, 1,
getter_Copies(formattedString));
nssComponent->PIPBundleFormatStringFromName("CRLSigNotValid",
params, 1, formattedString);
break;
case SEC_ERROR_OCSP_MALFORMED_REQUEST:
params[0] = hostNameU.get();
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("OCSPMalformedRequest").get(),
params, 1,
getter_Copies(formattedString));
nssComponent->PIPBundleFormatStringFromName("OCSPMalformedRequest",
params, 1, formattedString);
break;
case SEC_ERROR_OCSP_REQUEST_NEEDS_SIG:
params[0] = hostNameU.get();
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("OCSPRequestNeedsSig").get(),
params, 1,
getter_Copies(formattedString));
nssComponent->PIPBundleFormatStringFromName("OCSPRequestNeedsSig",
params, 1, formattedString);
break;
case SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST:
params[0] = hostNameU.get();
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("OCSPUnauthorizedReq").get(),
params, 1,
getter_Copies(formattedString));
nssComponent->PIPBundleFormatStringFromName("OCSPUnauthorizedReq",
params, 1, formattedString);
break;
case SEC_ERROR_OCSP_SERVER_ERROR:
params[0] = hostNameU.get();
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("OCSPServerError").get(),
params, 1,
getter_Copies(formattedString));
nssComponent->PIPBundleFormatStringFromName("OCSPServerError",
params, 1, formattedString);
break;
case SEC_ERROR_OCSP_TRY_SERVER_LATER:
params[0] = hostNameU.get();
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("OCSPTryServerLater").get(),
params, 1,
getter_Copies(formattedString));
nssComponent->PIPBundleFormatStringFromName("OCSPTryServerLater",
params, 1, formattedString);
break;
case SEC_ERROR_OCSP_FUTURE_RESPONSE:
params[0] = hostNameU.get();
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("OCSPFutureResponse").get(),
params, 1,
getter_Copies(formattedString));
nssComponent->PIPBundleFormatStringFromName("OCSPFutureResponse",
params, 1, formattedString);
break;
case SEC_ERROR_OCSP_OLD_RESPONSE:
params[0] = hostNameU.get();
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("OCSPOldResponse").get(),
params, 1,
getter_Copies(formattedString));
nssComponent->PIPBundleFormatStringFromName("OCSPOldResponse",
params, 1, formattedString);
break;
case SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE:
@ -633,73 +616,63 @@ nsHandleSSLError(nsNSSSocketInfo *socketInfo, PRInt32 err)
case SEC_ERROR_OCSP_MALFORMED_RESPONSE:
params[0] = hostNameU.get();
params[1] = errorCode.get();
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("OCSPCorruptedResponse").get(),
params, 2,
getter_Copies(formattedString));
nssComponent->PIPBundleFormatStringFromName("OCSPCorruptedResponse",
params, 2, formattedString);
break;
case SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE:
params[0] = hostNameU.get();
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("OCSPUnauthorizedResponse").get(),
params, 1,
getter_Copies(formattedString));
nssComponent->PIPBundleFormatStringFromName("OCSPUnauthorizedResponse",
params, 1, formattedString);
break;
case SEC_ERROR_OCSP_UNKNOWN_CERT:
params[0] = hostNameU.get();
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("OCSPUnknownCert").get(),
params, 1,
getter_Copies(formattedString));
nssComponent->PIPBundleFormatStringFromName("OCSPUnknownCert",
params, 1, formattedString);
break;
case SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER:
params[0] = hostNameU.get();
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("OCSPNoDefaultResponder").get(),
params, 1,
getter_Copies(formattedString));
nssComponent->PIPBundleFormatStringFromName("OCSPNoDefaultResponder",
params, 1, formattedString);
break;
case PR_DIRECTORY_LOOKUP_ERROR:
params[0] = hostNameU.get();
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("OCSPDirLookup").get(),
params, 1,
getter_Copies(formattedString));
nssComponent->PIPBundleFormatStringFromName("OCSPDirLookup",
params, 1, formattedString);
break;
case SEC_ERROR_REVOKED_CERTIFICATE:
params[0] = hostNameU.get();
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("PeersCertRevoked").get(),
params, 1,
getter_Copies(formattedString));
nssComponent->PIPBundleFormatStringFromName("PeersCertRevoked",
params, 1, formattedString);
break;
case SEC_ERROR_UNTRUSTED_CERT:
params[0] = hostNameU.get();
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("PeersCertUntrusted").get(),
params, 1,
getter_Copies(formattedString));
nssComponent->PIPBundleFormatStringFromName("PeersCertUntrusted",
params, 1, formattedString);
break;
case SSL_ERROR_BAD_CERT_DOMAIN:
params[0] = hostNameU.get();
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("PeersCertWrongDomain").get(),
params, 1,
getter_Copies(formattedString));
nssComponent->PIPBundleFormatStringFromName("PeersCertWrongDomain",
params, 1, formattedString);
break;
case SEC_ERROR_EXPIRED_CERTIFICATE:
params[0] = hostNameU.get();
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("PeersCertExpired").get(),
params, 1,
getter_Copies(formattedString));
nssComponent->PIPBundleFormatStringFromName("PeersCertExpired",
params, 1, formattedString);
break;
case SEC_ERROR_BAD_SIGNATURE:
params[0] = hostNameU.get();
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("PeersCertBadSignature").get(),
params, 1,
getter_Copies(formattedString));
nssComponent->PIPBundleFormatStringFromName("PeersCertBadSignature",
params, 1, formattedString);
//A generic error handler for peer cert
case SEC_ERROR_UNKNOWN_CERT:
@ -719,23 +692,20 @@ nsHandleSSLError(nsNSSSocketInfo *socketInfo, PRInt32 err)
case SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION:
params[0] = hostNameU.get();
params[1] = errorCode.get();
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("PeersCertNoGood").get(),
params, 2 ,
getter_Copies(formattedString));
nssComponent->PIPBundleFormatStringFromName("PeersCertNoGood",
params, 2, formattedString);
break;
case SSL_ERROR_BAD_MAC_READ:
params[0] = brandShortName.get();
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("BadMac").get(),
params, 1,
getter_Copies(formattedString));
nssComponent->PIPBundleFormatStringFromName("BadMac",
params, 1, formattedString);
break;
case SSL_ERROR_BAD_MAC_ALERT:
params[0] = hostNameU.get();
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("BadMac").get(),
params, 1,
getter_Copies(formattedString));
nssComponent->PIPBundleFormatStringFromName("BadMac",
params, 1, formattedString);
break;
//Connection Reset by peer
@ -743,23 +713,20 @@ nsHandleSSLError(nsNSSSocketInfo *socketInfo, PRInt32 err)
case SSL_ERROR_SOCKET_WRITE_FAILURE:
params[0] = hostNameU.get();
params[1] = errorCode.get();
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("PeerResetConnection").get(),
params, 2,
getter_Copies(formattedString));
nssComponent->PIPBundleFormatStringFromName("PeerResetConnection",
params, 2, formattedString);
break;
//Connection reset by host
case SEC_ERROR_USER_CANCELLED:
case SEC_ERROR_MESSAGE_SEND_ABORTED:
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("HostResetConnection").get(),
getter_Copies(formattedString));
nssComponent->GetPIPNSSBundleString("HostResetConnection", formattedString);
break;
//Bad password
case SEC_ERROR_BAD_PASSWORD:
case SEC_ERROR_RETRY_PASSWORD:
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("BadPassword").get(),
getter_Copies(formattedString));
nssComponent->GetPIPNSSBundleString("BadPassword", formattedString);
break;
//Bad Database
@ -767,9 +734,8 @@ nsHandleSSLError(nsNSSSocketInfo *socketInfo, PRInt32 err)
case SEC_ERROR_NO_KEY:
case SEC_ERROR_CERT_NO_RESPONSE:
params[0] = errorCode.get();
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("BadDatabase").get(),
params, 1,
getter_Copies(formattedString));
nssComponent->PIPBundleFormatStringFromName("BadDatabase",
params, 1, formattedString);
break;
//Malformed or unxepected data or message was received from server
@ -804,9 +770,8 @@ nsHandleSSLError(nsNSSSocketInfo *socketInfo, PRInt32 err)
case SSL_ERROR_RX_UNKNOWN_ALERT:
params[0] = hostNameU.get();
params[1] = errorCode.get();
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("BadServer").get(),
params, 2,
getter_Copies(formattedString));
nssComponent->PIPBundleFormatStringFromName("BadServer",
params, 2, formattedString);
break;
//Alert for Malformed or unexpected data or message recieved by server
@ -816,22 +781,19 @@ nsHandleSSLError(nsNSSSocketInfo *socketInfo, PRInt32 err)
case SSL_ERROR_ILLEGAL_PARAMETER_ALERT:
params[0] = hostNameU.get();
params[1] = errorCode.get();
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("BadClient").get(),
params, 2,
getter_Copies(formattedString));
nssComponent->PIPBundleFormatStringFromName("BadClient",
params, 2, formattedString);
break;
case SEC_ERROR_REUSED_ISSUER_AND_SERIAL:
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("HostReusedIssuerSerial").get(),
getter_Copies(formattedString));
nssComponent->GetPIPNSSBundleString("HostReusedIssuerSerial", formattedString);
break;
default:
params[0] = hostNameU.get();
params[1] = errorCode.get();
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("SSLGenericError").get(),
params, 2,
getter_Copies(formattedString));
nssComponent->PIPBundleFormatStringFromName("SSLGenericError",
params, 2, formattedString);
}

1
security/manager/ssl/src/nsNSSIOLayer.h
View File

@ -130,7 +130,6 @@ nsresult nsSSLIOLayerAddToSocket(PRInt32 family,
PRBool forSTARTTLS);
nsresult nsSSLIOLayerFreeTLSIntolerantSites();
nsresult displayAlert(nsXPIDLString formattedString, nsNSSSocketInfo *infoObject);
nsresult displayUnknownCertErrorAlert(nsNSSSocketInfo *infoObject, int error);
#endif /* _NSNSSIOLAYER_H */

54
security/manager/ssl/src/nsPKCS12Blob.cpp
View File

@ -31,7 +31,7 @@
* may use your version of this file under either the MPL or the
* GPL.
*
* $Id: nsPKCS12Blob.cpp,v 1.37 2003/03/25 02:17:02 darin%netscape.com Exp $
* $Id: nsPKCS12Blob.cpp,v 1.38 2004/02/26 04:07:23 jgmyers%speakeasy.net Exp $
*/
#include "prmem.h"
@ -446,10 +446,10 @@ void
nsPKCS12Blob::unicodeToItem(const PRUnichar *uni, SECItem *item)
{
int len = 0;
int i = 0;
while (uni[len++] != 0);
SECITEM_AllocItem(NULL, item, sizeof(PRUnichar) * len);
#ifdef IS_LITTLE_ENDIAN
int i = 0;
for (i=0; i<len; i++) {
item->data[2*i ] = (unsigned char )(uni[i] << 8);
item->data[2*i+1] = (unsigned char )(uni[i]);
@ -668,10 +668,8 @@ nsPKCS12Blob::nickname_collision(SECItem *oldNick, PRBool *cancel, void *wincx)
if (NS_FAILED(rv)) return nsnull;
int count = 1;
nsCString nickname;
nsString nickFromProp;
nssComponent->GetPIPNSSBundleString(
NS_LITERAL_STRING("P12DefaultNickname").get(),
nickFromProp);
nsAutoString nickFromProp;
nssComponent->GetPIPNSSBundleString("P12DefaultNickname", nickFromProp);
nsXPIDLCString nickFromPropC;
nickFromPropC.Adopt(ToNewUTF8String(nickFromProp));
// The user is trying to import a PKCS#12 file that doesn't have the
@ -785,39 +783,29 @@ nsPKCS12Blob::handleError(int myerr)
nsAutoString errorMsg;
switch (myerr) {
case PIP_PKCS12_RESTORE_OK:
rv = nssComponent->GetPIPNSSBundleString(
NS_LITERAL_STRING("SuccessfulP12Restore").get(),
errorMsg);
rv = nssComponent->GetPIPNSSBundleString("SuccessfulP12Restore", errorMsg);
if (NS_FAILED(rv)) return rv;
errPrompt->Alert(nsnull, errorMsg.get());
return PR_TRUE;
case PIP_PKCS12_BACKUP_OK:
rv = nssComponent->GetPIPNSSBundleString(
NS_LITERAL_STRING("SuccessfulP12Backup").get(),
errorMsg);
rv = nssComponent->GetPIPNSSBundleString("SuccessfulP12Backup", errorMsg);
if (NS_FAILED(rv)) return rv;
errPrompt->Alert(nsnull, errorMsg.get());
return PR_TRUE;
case PIP_PKCS12_USER_CANCELED:
return PR_TRUE; /* Just ignore it for now */
case PIP_PKCS12_NOSMARTCARD_EXPORT:
rv = nssComponent->GetPIPNSSBundleString(
NS_LITERAL_STRING("PKCS12InfoNoSmartcardBackup").get(),
errorMsg);
rv = nssComponent->GetPIPNSSBundleString("PKCS12InfoNoSmartcardBackup", errorMsg);
if (NS_FAILED(rv)) return rv;
errPrompt->Alert(nsnull, errorMsg.get());
return PR_TRUE;
case PIP_PKCS12_RESTORE_FAILED:
rv = nssComponent->GetPIPNSSBundleString(
NS_LITERAL_STRING("PKCS12UnknownErrRestore").get(),
errorMsg);
rv = nssComponent->GetPIPNSSBundleString("PKCS12UnknownErrRestore", errorMsg);
if (NS_FAILED(rv)) return rv;
errPrompt->Alert(nsnull, errorMsg.get());
return PR_TRUE;
case PIP_PKCS12_BACKUP_FAILED:
rv = nssComponent->GetPIPNSSBundleString(
NS_LITERAL_STRING("PKCS12UnknownErrBackup").get(),
errorMsg);
rv = nssComponent->GetPIPNSSBundleString("PKCS12UnknownErrBackup", errorMsg);
if (NS_FAILED(rv)) return rv;
errPrompt->Alert(nsnull, errorMsg.get());
return PR_TRUE;
@ -836,49 +824,37 @@ nsPKCS12Blob::handleError(int myerr)
// but the PKCS12 lib never throws this error
// but then again, how would it? anyway, convey the info below
case SEC_ERROR_PKCS12_PRIVACY_PASSWORD_INCORRECT:
rv = nssComponent->GetPIPNSSBundleString(
NS_LITERAL_STRING("PKCS12PasswordInvalid").get(),
errorMsg);
rv = nssComponent->GetPIPNSSBundleString("PKCS12PasswordInvalid", errorMsg);
if (NS_FAILED(rv)) return rv;
errPrompt->Alert(nsnull, errorMsg.get());
break;
#endif
case SEC_ERROR_BAD_PASSWORD:
rv = nssComponent->GetPIPNSSBundleString(
NS_LITERAL_STRING("PK11BadPassword").get(),
errorMsg);
rv = nssComponent->GetPIPNSSBundleString("PK11BadPassword", errorMsg);
if (NS_FAILED(rv)) return rv;
errPrompt->Alert(nsnull, errorMsg.get());
break;
case SEC_ERROR_BAD_DER:
case SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE:
case SEC_ERROR_PKCS12_INVALID_MAC:
rv = nssComponent->GetPIPNSSBundleString(
NS_LITERAL_STRING("PKCS12DecodeErr").get(),
errorMsg);
rv = nssComponent->GetPIPNSSBundleString("PKCS12DecodeErr", errorMsg);
if (NS_FAILED(rv)) return rv;
errPrompt->Alert(nsnull, errorMsg.get());
break;
case SEC_ERROR_PKCS12_DUPLICATE_DATA:
rv = nssComponent->GetPIPNSSBundleString(
NS_LITERAL_STRING("PKCS12DupData").get(),
errorMsg);
rv = nssComponent->GetPIPNSSBundleString("PKCS12DupData", errorMsg);
if (NS_FAILED(rv)) return rv;
errPrompt->Alert(nsnull, errorMsg.get());
break;
default:
rv = nssComponent->GetPIPNSSBundleString(
NS_LITERAL_STRING("PKCS12UnknownErr").get(),
errorMsg);
rv = nssComponent->GetPIPNSSBundleString("PKCS12UnknownErr", errorMsg);
if (NS_FAILED(rv)) return rv;
errPrompt->Alert(nsnull, errorMsg.get());
}
break;
case 0:
default:
rv = nssComponent->GetPIPNSSBundleString(
NS_LITERAL_STRING("PKCS12UnknownErr").get(),
errorMsg);
rv = nssComponent->GetPIPNSSBundleString("PKCS12UnknownErr", errorMsg);
if (NS_FAILED(rv)) return rv;
errPrompt->Alert(nsnull, errorMsg.get());
break;

32
security/manager/ssl/src/nsUsageArrayHelper.cpp
View File

@ -60,7 +60,7 @@ nsUsageArrayHelper::nsUsageArrayHelper(CERTCertificate *aCert)
}
void
nsUsageArrayHelper::check(char *suffix,
nsUsageArrayHelper::check(const char *suffix,
SECCertUsage aCertUsage,
PRUint32 &aCounter,
PRUnichar **outUsages)
@ -68,49 +68,49 @@ nsUsageArrayHelper::check(char *suffix,
nsNSSShutDownPreventionLock locker;
if (CERT_VerifyCertNow(defaultcertdb, mCert, PR_TRUE,
aCertUsage, NULL) == SECSuccess) {
nsAutoString typestr;
nsCAutoString typestr;
switch (aCertUsage) {
case certUsageSSLClient:
typestr = NS_LITERAL_STRING("VerifySSLClient");
typestr = "VerifySSLClient";
break;
case certUsageSSLServer:
typestr = NS_LITERAL_STRING("VerifySSLServer");
typestr = "VerifySSLServer";
break;
case certUsageSSLServerWithStepUp:
typestr = NS_LITERAL_STRING("VerifySSLStepUp");
typestr = "VerifySSLStepUp";
break;
case certUsageEmailSigner:
typestr = NS_LITERAL_STRING("VerifyEmailSigner");
typestr = "VerifyEmailSigner";
break;
case certUsageEmailRecipient:
typestr = NS_LITERAL_STRING("VerifyEmailRecip");
typestr = "VerifyEmailRecip";
break;
case certUsageObjectSigner:
typestr = NS_LITERAL_STRING("VerifyObjSign");
typestr = "VerifyObjSign";
break;
case certUsageProtectedObjectSigner:
typestr = NS_LITERAL_STRING("VerifyProtectObjSign");
typestr = "VerifyProtectObjSign";
break;
case certUsageUserCertImport:
typestr = NS_LITERAL_STRING("VerifyUserImport");
typestr = "VerifyUserImport";
break;
case certUsageSSLCA:
typestr = NS_LITERAL_STRING("VerifySSLCA");
typestr = "VerifySSLCA";
break;
case certUsageVerifyCA:
typestr = NS_LITERAL_STRING("VerifyCAVerifier");
typestr = "VerifyCAVerifier";
break;
case certUsageStatusResponder:
typestr = NS_LITERAL_STRING("VerifyStatusResponder");
typestr = "VerifyStatusResponder";
break;
case certUsageAnyCA:
typestr = NS_LITERAL_STRING("VerifyAnyCA");
typestr = "VerifyAnyCA";
break;
default:
break;
}
if (!typestr.IsEmpty()) {
typestr.AppendWithConversion(suffix);
typestr.Append(suffix);
nsAutoString verifyDesc;
m_rv = nssComponent->GetPIPNSSBundleString(typestr.get(), verifyDesc);
if (NS_SUCCEEDED(m_rv)) {
@ -172,7 +172,7 @@ nsUsageArrayHelper::verifyFailed(PRUint32 *_verified)
}
nsresult
nsUsageArrayHelper::GetUsagesArray(char *suffix,
nsUsageArrayHelper::GetUsagesArray(const char *suffix,
PRBool ignoreOcsp,
PRUint32 outArraySize,
PRUint32 *_verified,

4
security/manager/ssl/src/nsUsageArrayHelper.h
View File

@ -44,7 +44,7 @@ class nsUsageArrayHelper
public:
nsUsageArrayHelper(CERTCertificate *aCert);
nsresult GetUsagesArray(char *suffix,
nsresult GetUsagesArray(const char *suffix,
PRBool ignoreOcsp,
PRUint32 outArraySize,
PRUint32 *_verified,
@ -60,7 +60,7 @@ private:
nsCOMPtr<nsINSSComponent> nssComponent;
int mCached_NonInadequateReason;
void check(char *suffix,
void check(const char *suffix,
SECCertUsage aCertUsage,
PRUint32 &aCounter,
PRUnichar **outUsages);