mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-27 20:25:44 +00:00
fix for bug #80356, certs should be grouped by issuer org
r=javi, sr=blizzard
This commit is contained in:
parent
482e3ebc68
commit
be51034d5a
@ -124,6 +124,7 @@ interface nsIX509Cert : nsISupports {
|
||||
readonly attribute wstring issuedDate;
|
||||
readonly attribute wstring expiresDate;
|
||||
readonly attribute wstring tokenName;
|
||||
readonly attribute wstring issuerOrganization;
|
||||
|
||||
readonly attribute nsIX509CertValidity validity;
|
||||
readonly attribute string dbKey;
|
||||
|
@ -127,3 +127,5 @@ PKCS12PasswordInvalid=Could not decode PKCS#12 file. Perhaps the password you e
|
||||
PKCS12DecodeErr=Failed to decode the file. Either it is not in PKCS#12 format, has been corrupted, or the password you entered was incorrect.
|
||||
PKCS12UnknownErrRestore=Failed to restore the PKCS#12 file for unknown reasons.
|
||||
PKCS12UnknownErrBackup=Failed to backup the PKCS#12 file for unknown reasons.
|
||||
UnknownCertIssuer=(Unknown Issuer)
|
||||
UnknownCertOrg=(Unknown Organization)
|
||||
|
@ -105,17 +105,17 @@ nsCertOutliner::CmpByToken(nsIX509Cert *a, nsIX509Cert *b)
|
||||
return cmp1;
|
||||
}
|
||||
|
||||
// CmpByOrg
|
||||
// CmpByIssuerOrg
|
||||
//
|
||||
// Compare two certificates by their O= field. Returns -1, 0, 1 as
|
||||
// in strcmp. No organization (null) is treated as <.
|
||||
PRInt32
|
||||
nsCertOutliner::CmpByOrg(nsIX509Cert *a, nsIX509Cert *b)
|
||||
nsCertOutliner::CmpByIssuerOrg(nsIX509Cert *a, nsIX509Cert *b)
|
||||
{
|
||||
PRInt32 cmp1;
|
||||
nsXPIDLString aOrg, bOrg;
|
||||
a->GetOrganization(getter_Copies(aOrg));
|
||||
b->GetOrganization(getter_Copies(bOrg));
|
||||
a->GetIssuerOrganization(getter_Copies(aOrg));
|
||||
b->GetIssuerOrganization(getter_Copies(bOrg));
|
||||
if (aOrg != nsnull && bOrg != nsnull) {
|
||||
nsAutoString aStr(aOrg);
|
||||
cmp1 = aStr.CompareWithConversion(bOrg);
|
||||
@ -145,17 +145,17 @@ nsCertOutliner::CmpByName(nsIX509Cert *a, nsIX509Cert *b)
|
||||
return cmp1;
|
||||
}
|
||||
|
||||
// CmpByTok_Org_Name
|
||||
// CmpByTok_IssuerOrg_Name
|
||||
//
|
||||
// Compare two certificates by token name, organization, and common name,
|
||||
// in that order. Used to sort cert list.
|
||||
// Compare two certificates by token name, issuer organization,
|
||||
// and common name, in that order. Used to sort cert list.
|
||||
PRInt32
|
||||
nsCertOutliner::CmpByTok_Org_Name(nsIX509Cert *a, nsIX509Cert *b)
|
||||
nsCertOutliner::CmpByTok_IssuerOrg_Name(nsIX509Cert *a, nsIX509Cert *b)
|
||||
{
|
||||
PRInt32 cmp;
|
||||
cmp = CmpByToken(a, b);
|
||||
if (cmp != 0) return cmp;
|
||||
cmp = CmpByOrg(a, b);
|
||||
cmp = CmpByIssuerOrg(a, b);
|
||||
if (cmp != 0) return cmp;
|
||||
return CmpByName(a, b);
|
||||
}
|
||||
@ -180,7 +180,7 @@ nsCertOutliner::CountOrganizations()
|
||||
isupport = dont_AddRef(mCertArray->ElementAt(i));
|
||||
nextCert = do_QueryInterface(isupport);
|
||||
if (!(CmpByToken(orgCert, nextCert) == 0 &&
|
||||
CmpByOrg(orgCert, nextCert) == 0)) {
|
||||
CmpByIssuerOrg(orgCert, nextCert) == 0)) {
|
||||
orgCert = nextCert;
|
||||
orgCount++;
|
||||
}
|
||||
@ -263,7 +263,7 @@ nsCertOutliner::LoadCerts(const PRUint32 aType)
|
||||
nsCOMPtr<nsIX509CertDB> certdb = do_GetService(NS_X509CERTDB_CONTRACTID);
|
||||
if (certdb == nsnull) return NS_ERROR_FAILURE;
|
||||
rv = certdb->GetCertsByType(aType,
|
||||
CmpByTok_Org_Name,
|
||||
CmpByTok_IssuerOrg_Name,
|
||||
getter_AddRefs(mCertArray));
|
||||
if (NS_FAILED(rv)) return rv;
|
||||
PRUint32 count;
|
||||
@ -276,14 +276,14 @@ nsCertOutliner::LoadCerts(const PRUint32 aType)
|
||||
nsCOMPtr<nsISupports> isupport = dont_AddRef(mCertArray->ElementAt(j));
|
||||
nsCOMPtr<nsIX509Cert> orgCert = do_QueryInterface(isupport);
|
||||
for (PRInt32 i=0; i<mNumOrgs; i++) {
|
||||
orgCert->GetOrganization(&mOutlinerArray[i].orgName);
|
||||
orgCert->GetIssuerOrganization(&mOutlinerArray[i].orgName);
|
||||
mOutlinerArray[i].open = PR_TRUE;
|
||||
mOutlinerArray[i].certIndex = j;
|
||||
mOutlinerArray[i].numChildren = 1;
|
||||
if (++j >= count) break;
|
||||
isupport = dont_AddRef(mCertArray->ElementAt(j));
|
||||
nsCOMPtr<nsIX509Cert> nextCert = do_QueryInterface(isupport);
|
||||
while (CmpByOrg(orgCert, nextCert) == 0) {
|
||||
while (CmpByIssuerOrg(orgCert, nextCert) == 0) {
|
||||
mOutlinerArray[i].numChildren++;
|
||||
if (++j >= count) break;
|
||||
isupport = dont_AddRef(mCertArray->ElementAt(j));
|
||||
|
@ -58,9 +58,9 @@ public:
|
||||
|
||||
protected:
|
||||
static PRInt32 CmpByToken(nsIX509Cert *a, nsIX509Cert *b);
|
||||
static PRInt32 CmpByOrg(nsIX509Cert *a, nsIX509Cert *b);
|
||||
static PRInt32 CmpByIssuerOrg(nsIX509Cert *a, nsIX509Cert *b);
|
||||
static PRInt32 CmpByName(nsIX509Cert *a, nsIX509Cert *b);
|
||||
static PRInt32 CmpByTok_Org_Name(nsIX509Cert *a, nsIX509Cert *b);
|
||||
static PRInt32 CmpByTok_IssuerOrg_Name(nsIX509Cert *a, nsIX509Cert *b);
|
||||
PRInt32 CountOrganizations();
|
||||
|
||||
private:
|
||||
|
@ -105,17 +105,17 @@ nsCertOutliner::CmpByToken(nsIX509Cert *a, nsIX509Cert *b)
|
||||
return cmp1;
|
||||
}
|
||||
|
||||
// CmpByOrg
|
||||
// CmpByIssuerOrg
|
||||
//
|
||||
// Compare two certificates by their O= field. Returns -1, 0, 1 as
|
||||
// in strcmp. No organization (null) is treated as <.
|
||||
PRInt32
|
||||
nsCertOutliner::CmpByOrg(nsIX509Cert *a, nsIX509Cert *b)
|
||||
nsCertOutliner::CmpByIssuerOrg(nsIX509Cert *a, nsIX509Cert *b)
|
||||
{
|
||||
PRInt32 cmp1;
|
||||
nsXPIDLString aOrg, bOrg;
|
||||
a->GetOrganization(getter_Copies(aOrg));
|
||||
b->GetOrganization(getter_Copies(bOrg));
|
||||
a->GetIssuerOrganization(getter_Copies(aOrg));
|
||||
b->GetIssuerOrganization(getter_Copies(bOrg));
|
||||
if (aOrg != nsnull && bOrg != nsnull) {
|
||||
nsAutoString aStr(aOrg);
|
||||
cmp1 = aStr.CompareWithConversion(bOrg);
|
||||
@ -145,17 +145,17 @@ nsCertOutliner::CmpByName(nsIX509Cert *a, nsIX509Cert *b)
|
||||
return cmp1;
|
||||
}
|
||||
|
||||
// CmpByTok_Org_Name
|
||||
// CmpByTok_IssuerOrg_Name
|
||||
//
|
||||
// Compare two certificates by token name, organization, and common name,
|
||||
// in that order. Used to sort cert list.
|
||||
// Compare two certificates by token name, issuer organization,
|
||||
// and common name, in that order. Used to sort cert list.
|
||||
PRInt32
|
||||
nsCertOutliner::CmpByTok_Org_Name(nsIX509Cert *a, nsIX509Cert *b)
|
||||
nsCertOutliner::CmpByTok_IssuerOrg_Name(nsIX509Cert *a, nsIX509Cert *b)
|
||||
{
|
||||
PRInt32 cmp;
|
||||
cmp = CmpByToken(a, b);
|
||||
if (cmp != 0) return cmp;
|
||||
cmp = CmpByOrg(a, b);
|
||||
cmp = CmpByIssuerOrg(a, b);
|
||||
if (cmp != 0) return cmp;
|
||||
return CmpByName(a, b);
|
||||
}
|
||||
@ -180,7 +180,7 @@ nsCertOutliner::CountOrganizations()
|
||||
isupport = dont_AddRef(mCertArray->ElementAt(i));
|
||||
nextCert = do_QueryInterface(isupport);
|
||||
if (!(CmpByToken(orgCert, nextCert) == 0 &&
|
||||
CmpByOrg(orgCert, nextCert) == 0)) {
|
||||
CmpByIssuerOrg(orgCert, nextCert) == 0)) {
|
||||
orgCert = nextCert;
|
||||
orgCount++;
|
||||
}
|
||||
@ -263,7 +263,7 @@ nsCertOutliner::LoadCerts(const PRUint32 aType)
|
||||
nsCOMPtr<nsIX509CertDB> certdb = do_GetService(NS_X509CERTDB_CONTRACTID);
|
||||
if (certdb == nsnull) return NS_ERROR_FAILURE;
|
||||
rv = certdb->GetCertsByType(aType,
|
||||
CmpByTok_Org_Name,
|
||||
CmpByTok_IssuerOrg_Name,
|
||||
getter_AddRefs(mCertArray));
|
||||
if (NS_FAILED(rv)) return rv;
|
||||
PRUint32 count;
|
||||
@ -276,14 +276,14 @@ nsCertOutliner::LoadCerts(const PRUint32 aType)
|
||||
nsCOMPtr<nsISupports> isupport = dont_AddRef(mCertArray->ElementAt(j));
|
||||
nsCOMPtr<nsIX509Cert> orgCert = do_QueryInterface(isupport);
|
||||
for (PRInt32 i=0; i<mNumOrgs; i++) {
|
||||
orgCert->GetOrganization(&mOutlinerArray[i].orgName);
|
||||
orgCert->GetIssuerOrganization(&mOutlinerArray[i].orgName);
|
||||
mOutlinerArray[i].open = PR_TRUE;
|
||||
mOutlinerArray[i].certIndex = j;
|
||||
mOutlinerArray[i].numChildren = 1;
|
||||
if (++j >= count) break;
|
||||
isupport = dont_AddRef(mCertArray->ElementAt(j));
|
||||
nsCOMPtr<nsIX509Cert> nextCert = do_QueryInterface(isupport);
|
||||
while (CmpByOrg(orgCert, nextCert) == 0) {
|
||||
while (CmpByIssuerOrg(orgCert, nextCert) == 0) {
|
||||
mOutlinerArray[i].numChildren++;
|
||||
if (++j >= count) break;
|
||||
isupport = dont_AddRef(mCertArray->ElementAt(j));
|
||||
|
@ -58,9 +58,9 @@ public:
|
||||
|
||||
protected:
|
||||
static PRInt32 CmpByToken(nsIX509Cert *a, nsIX509Cert *b);
|
||||
static PRInt32 CmpByOrg(nsIX509Cert *a, nsIX509Cert *b);
|
||||
static PRInt32 CmpByIssuerOrg(nsIX509Cert *a, nsIX509Cert *b);
|
||||
static PRInt32 CmpByName(nsIX509Cert *a, nsIX509Cert *b);
|
||||
static PRInt32 CmpByTok_Org_Name(nsIX509Cert *a, nsIX509Cert *b);
|
||||
static PRInt32 CmpByTok_IssuerOrg_Name(nsIX509Cert *a, nsIX509Cert *b);
|
||||
PRInt32 CountOrganizations();
|
||||
|
||||
private:
|
||||
|
@ -32,7 +32,7 @@
|
||||
* may use your version of this file under either the MPL or the
|
||||
* GPL.
|
||||
*
|
||||
* $Id: nsNSSCertificate.cpp,v 1.23 2001/05/15 17:35:33 ddrinan%netscape.com Exp $
|
||||
* $Id: nsNSSCertificate.cpp,v 1.24 2001/05/15 19:12:44 mcgreer%netscape.com Exp $
|
||||
*/
|
||||
|
||||
#include "prmem.h"
|
||||
@ -597,6 +597,40 @@ nsNSSCertificate::GetOrganization(PRUnichar **aOrganization)
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsNSSCertificate::GetIssuerOrganization(PRUnichar **aOrganization)
|
||||
{
|
||||
NS_ENSURE_ARG(aOrganization);
|
||||
if (mIssuerOrg.Length() == 0) {
|
||||
PRBool failed = PR_TRUE;
|
||||
CERTCertificate *issuer;
|
||||
issuer = CERT_FindCertIssuer(mCert, PR_Now(), certUsageSSLClient);
|
||||
if (issuer) {
|
||||
char *org = CERT_GetOrgName(&issuer->subject);
|
||||
if (org) {
|
||||
mIssuerOrg = NS_ConvertASCIItoUCS2(org);
|
||||
failed = PR_FALSE;
|
||||
}
|
||||
}
|
||||
if (failed) {
|
||||
nsresult rv;
|
||||
nsCOMPtr<nsINSSComponent> nssComponent(
|
||||
do_GetService(kNSSComponentCID, &rv));
|
||||
if (NS_FAILED(rv)) return rv;
|
||||
if (!issuer) {
|
||||
rv = nssComponent->GetPIPNSSBundleString(
|
||||
NS_LITERAL_STRING("UnknownCertIssuer").get(), mIssuerOrg);
|
||||
} else { /* !org */
|
||||
rv = nssComponent->GetPIPNSSBundleString(
|
||||
NS_LITERAL_STRING("UnknownCertOrg").get(), mIssuerOrg);
|
||||
}
|
||||
if (NS_FAILED(rv)) return rv;
|
||||
}
|
||||
}
|
||||
*aOrganization = mIssuerOrg.ToNewUnicode();
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsNSSCertificate::GetOrganizationalUnit(PRUnichar **aOrganizationalUnit)
|
||||
{
|
||||
|
@ -61,6 +61,7 @@ public:
|
||||
|
||||
private:
|
||||
CERTCertificate *mCert;
|
||||
nsString mIssuerOrg;
|
||||
nsCOMPtr<nsIASN1Object> mASN1Structure;
|
||||
nsresult CreateASN1Struct();
|
||||
nsresult CreateTBSCertificateASN1Struct(nsIASN1Sequence **retSequence,
|
||||
|
Loading…
Reference in New Issue
Block a user