Bug 1362735 - Clean up nsIPKCS11 implementation. r=keeler

The changes here: 1. Make it easier to discover where nsIPKCS11 is implemented / make it easier to discover what the file implements. 2. Reduce global scope pollution. 3. Make nsCrypto.h no longer unnecessarily exported. 4. Remove NS_CRYPTO_CONTRACTID from nsDOMCID.h, since the define isn't used anywhere. 5. Move the definition of NS_PKCS11_CONTRACTID from nsDOMCID.h into PSM code, since this contract ID is firmly in PSM territory now. MozReview-Commit-ID: 2PdFM0mlL4R --HG-- rename : security/manager/ssl/nsCrypto.cpp => security/manager/ssl/PKCS11.cpp rename : security/manager/ssl/nsCrypto.h => security/manager/ssl/PKCS11.h extra : rebase_source : 46667edef5a1d8c910d96dec1125c05bc3477bee
2024-10-09 11:25:00 +00:00 · 2017-05-19 00:57:46 +08:00 · 2017-05-19 00:57:46 +08:00 · 73916bae28
commit 73916bae28
parent 5e8f5fe538
6 changed files with 36 additions and 34 deletions
--- a/dom/base/nsDOMCID.h
+++ b/dom/base/nsDOMCID.h
@ -21,13 +21,6 @@
  0x45f27d10, 0x987b, 0x11d2,                        \
 {0xbd, 0x40, 0x00, 0x10, 0x5a, 0xa4, 0x5e, 0x89} }

-//The dom cannot provide the crypto or pkcs11 classes that
-//were used in older days, so if someone wants to provide
-//the service they must implement an object and give it
-//this class ID
-#define NS_CRYPTO_CONTRACTID "@mozilla.org/security/crypto;1"
-#define NS_PKCS11_CONTRACTID "@mozilla.org/security/pkcs11;1"
-
 #define NS_XPATH_EVALUATOR_CONTRACTID "@mozilla.org/dom/xpath-evaluator;1"

 #endif /* nsDOMCID_h__ */
--- a/security/manager/ssl/nsCrypto.cpp
+++ b/security/manager/ssl/nsCrypto.cpp
@ -4,27 +4,28 @@
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

-#include "nsCrypto.h"
+#include "PKCS11.h"

+#include "ScopedNSSTypes.h"
 #include "nsNSSComponent.h"
 #include "nsNativeCharsetUtils.h"
 #include "nsServiceManagerUtils.h"
-#include "ScopedNSSTypes.h"

-// QueryInterface implementation for nsPkcs11
-NS_INTERFACE_MAP_BEGIN(nsPkcs11)
+namespace mozilla { namespace psm {
+
+NS_INTERFACE_MAP_BEGIN(PKCS11)
  NS_INTERFACE_MAP_ENTRY(nsIPKCS11)
  NS_INTERFACE_MAP_ENTRY(nsISupports)
 NS_INTERFACE_MAP_END

-NS_IMPL_ADDREF(nsPkcs11)
-NS_IMPL_RELEASE(nsPkcs11)
+NS_IMPL_ADDREF(PKCS11)
+NS_IMPL_RELEASE(PKCS11)

-nsPkcs11::nsPkcs11()
+PKCS11::PKCS11()
 {
 }

-nsPkcs11::~nsPkcs11()
+PKCS11::~PKCS11()
 {
  nsNSSShutDownPreventionLock locker;
  if (isAlreadyShutDown()) {
@ -35,7 +36,7 @@ nsPkcs11::~nsPkcs11()

 // Delete a PKCS11 module from the user's profile.
 NS_IMETHODIMP
-nsPkcs11::DeleteModule(const nsAString& aModuleName)
+PKCS11::DeleteModule(const nsAString& aModuleName)
 {
  nsNSSShutDownPreventionLock locker;
  if (isAlreadyShutDown()) {
@ -51,7 +52,7 @@ nsPkcs11::DeleteModule(const nsAString& aModuleName)
  // before we call SECMOD_DeleteModule, below.
 #ifndef MOZ_NO_SMART_CARDS
  {
-    mozilla::UniqueSECMODModule module(SECMOD_FindModule(moduleName.get()));
+    UniqueSECMODModule module(SECMOD_FindModule(moduleName.get()));
    if (!module) {
      return NS_ERROR_FAILURE;
    }
@ -73,10 +74,10 @@ nsPkcs11::DeleteModule(const nsAString& aModuleName)

 // Add a new PKCS11 module to the user's profile.
 NS_IMETHODIMP
-nsPkcs11::AddModule(const nsAString& aModuleName,
-                    const nsAString& aLibraryFullPath,
-                    int32_t aCryptoMechanismFlags,
-                    int32_t aCipherFlags)
+PKCS11::AddModule(const nsAString& aModuleName,
+                  const nsAString& aLibraryFullPath,
+                  int32_t aCryptoMechanismFlags,
+                  int32_t aCipherFlags)
 {
  nsNSSShutDownPreventionLock locker;
  if (isAlreadyShutDown()) {
@ -100,7 +101,7 @@ nsPkcs11::AddModule(const nsAString& aModuleName,
  }

 #ifndef MOZ_NO_SMART_CARDS
-  mozilla::UniqueSECMODModule module(SECMOD_FindModule(moduleName.get()));
+  UniqueSECMODModule module(SECMOD_FindModule(moduleName.get()));
  if (!module) {
    return NS_ERROR_FAILURE;
  }
@ -111,3 +112,5 @@ nsPkcs11::AddModule(const nsAString& aModuleName,

  return NS_OK;
 }
+
+} } // namespace mozilla::psm
--- a/security/manager/ssl/nsCrypto.h
+++ b/security/manager/ssl/nsCrypto.h
@ -3,30 +3,34 @@
 * This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-#ifndef _nsCrypto_h_
-#define _nsCrypto_h_
+#ifndef PKCS11_h
+#define PKCS11_h

 #include "nsIPKCS11.h"

 #include "nsNSSShutDown.h"

+namespace mozilla { namespace psm {
+
 #define NS_PKCS11_CID \
  {0x74b7a390, 0x3b41, 0x11d4, { 0x8a, 0x80, 0x00, 0x60, 0x08, 0xc8, 0x44, 0xc3} }

-class nsPkcs11 : public nsIPKCS11
-               , public nsNSSShutDownObject
+class PKCS11 : public nsIPKCS11
+             , public nsNSSShutDownObject
 {
 public:
-  nsPkcs11();
+  PKCS11();

  NS_DECL_ISUPPORTS
  NS_DECL_NSIPKCS11

 protected:
-  virtual ~nsPkcs11();
+  virtual ~PKCS11();

 private:
  virtual void virtualDestroyNSSReference() override {}
 };

-#endif //_nsCrypto_h_
+} } // namespace mozilla::psm
+
+#endif // PKCS11_h
--- a/security/manager/ssl/moz.build
+++ b/security/manager/ssl/moz.build
@ -65,7 +65,6 @@ TESTING_JS_MODULES.psm += [
 EXPORTS += [
    'CryptoTask.h',
    'nsClientAuthRemember.h',
-    'nsCrypto.h',
    'nsNSSCallbacks.h',
    'nsNSSCertificate.h',
    'nsNSSComponent.h',
@ -102,7 +101,6 @@ UNIFIED_SOURCES += [
    'LocalCertService.cpp',
    'nsCertOverrideService.cpp',
    'nsClientAuthRemember.cpp',
-    'nsCrypto.cpp',
    'nsCryptoHash.cpp',
    'nsDataSignatureVerifier.cpp',
    'nsKeygenHandler.cpp',
@ -136,6 +134,7 @@ UNIFIED_SOURCES += [
    'nsSSLSocketProvider.cpp',
    'nsSSLStatus.cpp',
    'nsTLSSocketProvider.cpp',
+    'PKCS11.cpp',
    'PSMContentListener.cpp',
    'PSMRunnable.cpp',
    'PublicKeyPinningService.cpp',
--- a/security/manager/ssl/nsIPKCS11.idl
+++ b/security/manager/ssl/nsIPKCS11.idl
@ -5,6 +5,10 @@

 #include "nsISupports.idl"

+%{C++
+#define NS_PKCS11_CONTRACTID "@mozilla.org/security/pkcs11;1"
+%}
+
 [scriptable, uuid(5743f870-958e-4f02-aef2-c0afeef67f05)]
 interface nsIPKCS11 : nsISupports
 {
--- a/security/manager/ssl/nsNSSModule.cpp
+++ b/security/manager/ssl/nsNSSModule.cpp
@ -7,15 +7,14 @@
 #include "CertBlocklist.h"
 #include "ContentSignatureVerifier.h"
 #include "NSSErrorsService.h"
+#include "PKCS11.h"
 #include "PSMContentListener.h"
 #include "SecretDecoderRing.h"
 #include "TransportSecurityInfo.h"
 #include "mozilla/ModuleUtils.h"
 #include "nsCURILoader.h"
 #include "nsCertOverrideService.h"
-#include "nsCrypto.h"
 #include "nsCryptoHash.h"
-#include "nsDOMCID.h" // For the NS_CRYPTO_CONTRACTID define
 #include "nsDataSignatureVerifier.h"
 #include "nsICategoryManager.h"
 #include "nsKeyModule.h"
@ -186,7 +185,7 @@ static const mozilla::Module::CIDEntry kNSSCIDs[] = {
 #ifdef MOZ_XUL
  { &kNS_CERTTREE_CID, false, nullptr, Constructor<nsCertTree> },
 #endif
-  { &kNS_PKCS11_CID, false, nullptr, Constructor<nsPkcs11> },
+  { &kNS_PKCS11_CID, false, nullptr, Constructor<PKCS11> },
  { &kNS_CRYPTO_HASH_CID, false, nullptr,
    Constructor<nsCryptoHash, nullptr, ProcessRestriction::AnyProcess> },
  { &kNS_CRYPTO_HMAC_CID, false, nullptr,