mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-11-30 00:01:50 +00:00
clean up cert manager code
* move trust to nsIX509CertDB * remove unneccessary interface nsICertificateManager (everything should be handled by nsIX509CertDB)
This commit is contained in:
parent
8dbd4156be
commit
f591c170a2
@ -27,7 +27,7 @@ const nsIX509CertDB = Components.interfaces.nsIX509CertDB;
|
||||
const nsX509CertDB = "@mozilla.org/security/x509certdb;1";
|
||||
|
||||
var selected_certs = [];
|
||||
var certmgr;
|
||||
var certdb;
|
||||
|
||||
function getSelectedCerts()
|
||||
{
|
||||
@ -88,58 +88,59 @@ function AddNameWithToken(children, cells, prefix, idfier)
|
||||
|
||||
function GetNameList(type, node)
|
||||
{
|
||||
certNameList = certmgr.getCertNicknames(type);
|
||||
var obj1 = {};
|
||||
var obj2 = {};
|
||||
certdb.getCertNicknames(null, type, obj1, obj2);
|
||||
var count = obj1.value;
|
||||
var certNameList = obj2.value;
|
||||
if (certNameList.length > 0) {
|
||||
var delim = certNameList[0];
|
||||
certNameList = certNameList.split(delim);
|
||||
certNameList.sort();
|
||||
}
|
||||
for (var i=1; i<certNameList.length; i++) {
|
||||
var certname = certNameList[i];
|
||||
var ti = certname.indexOf(":");
|
||||
var token = "";
|
||||
if (ti > 0) {
|
||||
token = certname.substring(0, ti);
|
||||
certname = certname.substring(ti+1, certname.length);
|
||||
for (var i=0; i<certNameList.length; i++) {
|
||||
var certname = certNameList[i];
|
||||
var ti = certname.indexOf(":");
|
||||
var token = "";
|
||||
if (ti > 0) {
|
||||
token = certname.substring(0, ti);
|
||||
certname = certname.substring(ti+1, certname.length);
|
||||
}
|
||||
AddNameWithToken(node, [certname, token], node + "_", i);
|
||||
}
|
||||
AddNameWithToken(node, [certname, token], node + "_", i);
|
||||
}
|
||||
}
|
||||
|
||||
function LoadCertNames()
|
||||
{
|
||||
certmgr = Components
|
||||
.classes["@mozilla.org/security/certmanager;1"]
|
||||
.createInstance();
|
||||
certmgr = certmgr.QueryInterface(Components
|
||||
.interfaces
|
||||
.nsICertificateManager);
|
||||
certNameList = certmgr.getCertNicknames(1);
|
||||
certdb = Components.classes[nsX509CertDB].getService(nsIX509CertDB);
|
||||
var obj1 = {};
|
||||
var obj2 = {};
|
||||
certdb.getCertNicknames(null,
|
||||
Components.interfaces.nsIX509Cert.CA_CERT,
|
||||
obj1, obj2);
|
||||
var count = obj1.value;
|
||||
var certNameList = obj2.value;
|
||||
if (certNameList.length > 0) {
|
||||
var delim = certNameList[0];
|
||||
certNameList = certNameList.split(delim);
|
||||
certNameList.sort();
|
||||
}
|
||||
var nb = 0;
|
||||
var nm = 0;
|
||||
for (var i=1; i<certNameList.length; i++) {
|
||||
var certname = certNameList[i];
|
||||
var ti = certname.indexOf(":");
|
||||
var token = "";
|
||||
if (ti > 0) {
|
||||
token = certname.substring(0, ti);
|
||||
certname = certname.substring(ti+1, certname.length);
|
||||
}
|
||||
if (token == "Builtin Object Token") {
|
||||
AddNameWithToken("builtins", [certname, token], "builtin_", nb);
|
||||
nb++;
|
||||
} else {
|
||||
AddNameWithToken("mycas", [certname, token], "myca_", nm);
|
||||
nm++;
|
||||
var nb = 0;
|
||||
var nm = 0;
|
||||
for (var i=0; i<certNameList.length; i++) {
|
||||
var certname = certNameList[i];
|
||||
var ti = certname.indexOf(":");
|
||||
var token = "";
|
||||
if (ti > 0) {
|
||||
token = certname.substring(0, ti);
|
||||
certname = certname.substring(ti+1, certname.length);
|
||||
}
|
||||
if (token == "Builtin Object Token") {
|
||||
AddNameWithToken("builtins", [certname, token], "builtin_", nb);
|
||||
nb++;
|
||||
} else {
|
||||
AddNameWithToken("mycas", [certname, token], "myca_", nm);
|
||||
nm++;
|
||||
}
|
||||
}
|
||||
}
|
||||
GetNameList(8, "servers");
|
||||
GetNameList(2, "mine");
|
||||
GetNameList(Components.interfaces.nsIX509Cert.USER_CERT, "mine");
|
||||
GetNameList(Components.interfaces.nsIX509Cert.SERVER_CERT, "servers");
|
||||
}
|
||||
|
||||
function ca_enableButtons()
|
||||
@ -213,7 +214,6 @@ function backupCerts()
|
||||
fp.appendFilters(nsIFilePicker.filterAll);
|
||||
if (fp.show() == nsIFilePicker.returnOK ||
|
||||
fp.show() == nsIFilePicker.returnReplace) {
|
||||
var certdb = Components.classes[nsX509CertDB].getService(nsIX509CertDB);
|
||||
certdb.exportPKCS12File(null, fp.file, numcerts, certs);
|
||||
}
|
||||
// don't really know it was successful...
|
||||
|
@ -51,7 +51,6 @@ EXPORTS = \
|
||||
CPPSRCS = \
|
||||
nsNSSDialogs.cpp \
|
||||
nsPKIModule.cpp \
|
||||
nsCertificateManager.cpp \
|
||||
nsPKIParamBlock.cpp \
|
||||
$(NULL)
|
||||
|
||||
|
@ -62,7 +62,6 @@ EXPORTS = \
|
||||
OBJS = \
|
||||
.\$(OBJDIR)\nsNSSDialogs.obj \
|
||||
.\$(OBJDIR)\nsPKIModule.obj \
|
||||
.\$(OBJDIR)\nsCertificateManager.obj \
|
||||
.\$(OBJDIR)\nsPKIParamBlock.obj \
|
||||
$(NULL)
|
||||
|
||||
|
@ -1,67 +0,0 @@
|
||||
/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
|
||||
*
|
||||
* The contents of this file are subject to the Mozilla Public
|
||||
* License Version 1.1 (the "License"); you may not use this file
|
||||
* except in compliance with the License. You may obtain a copy of
|
||||
* the License at http://www.mozilla.org/MPL/
|
||||
*
|
||||
* Software distributed under the License is distributed on an "AS
|
||||
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
|
||||
* implied. See the License for the specific language governing
|
||||
* rights and limitations under the License.
|
||||
*
|
||||
* The Original Code is mozilla.org code.
|
||||
*
|
||||
* The Initial Developer of the Original Code is Netscape
|
||||
* Communications Corporation. Portions created by Netscape are
|
||||
* Copyright (C) 2001 Netscape Communications Corporation. All
|
||||
* Rights Reserved.
|
||||
*
|
||||
* Contributor(s):
|
||||
* Ian McGreer <mcgreer@netscape.com>
|
||||
*/
|
||||
|
||||
#include "nsIServiceManager.h"
|
||||
#include "nsIX509CertDB.h"
|
||||
#include "nsCertificateManager.h"
|
||||
|
||||
#include "prlog.h"
|
||||
#ifdef PR_LOGGING
|
||||
PRLogModuleInfo* gPIPPKILog = nsnull;
|
||||
#endif
|
||||
|
||||
static NS_DEFINE_IID(kCertDBCID, NS_X509CERTDB_CID);
|
||||
|
||||
nsCertificateManager::nsCertificateManager()
|
||||
{
|
||||
NS_INIT_REFCNT();
|
||||
#ifdef PR_LOGGING
|
||||
if (!gPIPPKILog)
|
||||
gPIPPKILog = PR_NewLogModule("pippki");
|
||||
#endif
|
||||
}
|
||||
|
||||
nsCertificateManager::~nsCertificateManager()
|
||||
{
|
||||
}
|
||||
|
||||
NS_IMPL_ISUPPORTS(nsCertificateManager, NS_GET_IID(nsICertificateManager));
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsCertificateManager::GetCertNicknames(PRUint32 type,
|
||||
PRUnichar **_rNameList)
|
||||
{
|
||||
nsresult rv;
|
||||
nsAutoString nameList;
|
||||
PR_LOG(gPIPPKILog, PR_LOG_ERROR, ("getting certdb service\n"));
|
||||
NS_WITH_SERVICE(nsIX509CertDB, certdb, kCertDBCID, &rv);
|
||||
if (NS_FAILED(rv)) return rv;
|
||||
PR_LOG(gPIPPKILog, PR_LOG_ERROR, ("getting cert names\n"));
|
||||
rv = certdb->GetCertificateNames(nsnull, type, nameList);
|
||||
if (NS_SUCCEEDED(rv)) {
|
||||
PR_LOG(gPIPPKILog, PR_LOG_ERROR, ("converting unicode\n"));
|
||||
*_rNameList = nameList.ToNewUnicode();
|
||||
}
|
||||
return rv;
|
||||
}
|
||||
|
@ -1,37 +0,0 @@
|
||||
/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
|
||||
*
|
||||
* The contents of this file are subject to the Mozilla Public
|
||||
* License Version 1.1 (the "License"); you may not use this file
|
||||
* except in compliance with the License. You may obtain a copy of
|
||||
* the License at http://www.mozilla.org/MPL/
|
||||
*
|
||||
* Software distributed under the License is distributed on an "AS
|
||||
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
|
||||
* implied. See the License for the specific language governing
|
||||
* rights and limitations under the License.
|
||||
*
|
||||
* The Original Code is mozilla.org code.
|
||||
*
|
||||
* The Initial Developer of the Original Code is Netscape
|
||||
* Communications Corporation. Portions created by Netscape are
|
||||
* Copyright (C) 2001 Netscape Communications Corporation. All
|
||||
* Rights Reserved.
|
||||
*
|
||||
* Contributor(s):
|
||||
* Ian McGreer <mcgreer@netscape.com>
|
||||
*/
|
||||
|
||||
#include "nsISupports.h"
|
||||
#include "nsICertificateManager.h"
|
||||
|
||||
class nsCertificateManager : public nsICertificateManager
|
||||
{
|
||||
public:
|
||||
nsCertificateManager();
|
||||
virtual ~nsCertificateManager();
|
||||
|
||||
NS_DECL_ISUPPORTS
|
||||
NS_DECL_NSICERTIFICATEMANAGER
|
||||
|
||||
};
|
||||
|
@ -43,6 +43,7 @@
|
||||
#include "nsIPref.h"
|
||||
#include "nsIInterfaceRequestor.h"
|
||||
#include "nsIX509Cert.h"
|
||||
#include "nsIX509CertDB.h"
|
||||
#include "nsILocaleService.h"
|
||||
#include "nsIDateTimeFormat.h"
|
||||
#include "nsDateTimeFormatCID.h"
|
||||
@ -672,10 +673,10 @@ nsNSSDialogs::DownloadCACert(nsIInterfaceRequestor *ctx,
|
||||
rv = block->GetInt(4, &objsign);
|
||||
if (NS_FAILED(rv)) return rv;
|
||||
|
||||
*_trust = nsIX509Cert::UNTRUSTED;
|
||||
*_trust |= (ssl) ? nsIX509Cert::TRUSTED_SSL : 0;
|
||||
*_trust |= (email) ? nsIX509Cert::TRUSTED_EMAIL : 0;
|
||||
*_trust |= (objsign) ? nsIX509Cert::TRUSTED_OBJSIGN : 0;
|
||||
*_trust = nsIX509CertDB::UNTRUSTED;
|
||||
*_trust |= (ssl) ? nsIX509CertDB::TRUSTED_SSL : 0;
|
||||
*_trust |= (email) ? nsIX509CertDB::TRUSTED_EMAIL : 0;
|
||||
*_trust |= (objsign) ? nsIX509CertDB::TRUSTED_OBJSIGN : 0;
|
||||
|
||||
*_canceled = (status == 0)?PR_TRUE:PR_FALSE;
|
||||
|
||||
|
@ -51,7 +51,6 @@ XPIDLSRCS = \
|
||||
nsIPKCS11Slot.idl \
|
||||
nsIPK11TokenDB.idl \
|
||||
nsINSSDialogs.idl \
|
||||
nsICertificateManager.idl \
|
||||
$(NULL)
|
||||
|
||||
include $(topsrcdir)/config/rules.mk
|
||||
|
@ -57,7 +57,6 @@ XPIDLSRCS= \
|
||||
.\nsIPKCS11Slot.idl \
|
||||
.\nsIPK11TokenDB.idl \
|
||||
.\nsINSSDialogs.idl \
|
||||
.\nsICertificateManager.idl \
|
||||
$(NULL)
|
||||
|
||||
|
||||
|
@ -1,45 +0,0 @@
|
||||
/*
|
||||
* The contents of this file are subject to the Mozilla Public
|
||||
* License Version 1.1 (the "License"); you may not use this file
|
||||
* except in compliance with the License. You may obtain a copy of
|
||||
* the License at http://www.mozilla.org/MPL/
|
||||
*
|
||||
* Software distributed under the License is distributed on an "AS
|
||||
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
|
||||
* implied. See the License for the specific language governing
|
||||
* rights and limitations under the License.
|
||||
*
|
||||
* The Original Code is mozilla.org code.
|
||||
*
|
||||
* The Initial Developer of the Original Code is Netscape
|
||||
* Communications Corporation. Portions created by Netscape are
|
||||
* Copyright (C) 2001 Netscape Communications Corporation. All
|
||||
* Rights Reserved.
|
||||
*
|
||||
* Contributor(s):
|
||||
* Ian McGreer <mcgreer@netscape.com>
|
||||
*/
|
||||
|
||||
#include "nsISupports.idl"
|
||||
#include "nsIX509Cert.idl"
|
||||
|
||||
/**
|
||||
* nsICertificateManager
|
||||
* This is the interface for the certificate manager
|
||||
*/
|
||||
[scriptable, uuid(246ec570-11aa-11d5-ac66-000064657374)]
|
||||
interface nsICertificateManager : nsISupports
|
||||
{
|
||||
wstring getCertNicknames(in unsigned long type);
|
||||
|
||||
};
|
||||
|
||||
%{C++
|
||||
|
||||
// 246ec570-11aa-11d5-ac66-000064657374
|
||||
#define NS_CERTIFICATEMANAGER_CID \
|
||||
{ 0x246ec570, 0x11aa, 0x11d5, {0xac, 0x66, 0x00, 0x00, 0x64, 0x65, 0x73, 0x74} }
|
||||
|
||||
#define NS_CERTIFICATEMANAGER_CONTRACTID "@mozilla.org/security/certmanager;1"
|
||||
|
||||
%}
|
@ -82,12 +82,6 @@ interface nsIX509Cert : nsISupports {
|
||||
const unsigned long ISSUER_NOT_TRUSTED = 1 << 4;
|
||||
const unsigned long ISSUER_UNKNOWN = 1 << 5;
|
||||
const unsigned long INVALID_CA = 1 << 6;
|
||||
|
||||
/* XXX I think these should be moved to nsIX509CertDB */
|
||||
const unsigned long UNTRUSTED = 0;
|
||||
const unsigned long TRUSTED_SSL = 1 << 0;
|
||||
const unsigned long TRUSTED_EMAIL = 1 << 1;
|
||||
const unsigned long TRUSTED_OBJSIGN = 1 << 2;
|
||||
|
||||
/*
|
||||
* accessors for certs
|
||||
|
@ -49,6 +49,11 @@ native nsAutoString(nsAutoString);
|
||||
[scriptable, uuid(da48b3c0-1284-11d5-ac67-000064657374)]
|
||||
interface nsIX509CertDB : nsISupports {
|
||||
|
||||
/* the database is responsible for managing cert trust */
|
||||
const unsigned long UNTRUSTED = 0;
|
||||
const unsigned long TRUSTED_SSL = 1 << 0;
|
||||
const unsigned long TRUSTED_EMAIL = 1 << 1;
|
||||
const unsigned long TRUSTED_OBJSIGN = 1 << 2;
|
||||
|
||||
nsIX509Cert getCertByNickname(in nsIPK11Token aToken,
|
||||
in wstring aNickname);
|
||||
@ -80,20 +85,21 @@ interface nsIX509CertDB : nsISupports {
|
||||
*/
|
||||
|
||||
/*
|
||||
* getCertificateNames
|
||||
* getCertNicknames
|
||||
*
|
||||
* Obtain a list of certificate names from the database.
|
||||
* Obtain a list of certificate nicknames from the database.
|
||||
* What the name is depends on type:
|
||||
* user, ca, or server cert - the nickname
|
||||
* email cert - the email address
|
||||
*
|
||||
* aToken - PKCS#11 token to get certs from (null for all tokens)
|
||||
* aType - type of certificate to obtain (see nsIX509Cert)
|
||||
* rCertNameList - a string of certificate names seperated by a delimiter
|
||||
* count, certNameList - the returned array of names
|
||||
*/
|
||||
[noscript] void getCertificateNames(in nsIPK11Token aToken,
|
||||
in unsigned long aType,
|
||||
in nsAutoStringRef rCertNameList);
|
||||
void getCertNicknames(in nsIPK11Token aToken,
|
||||
in unsigned long aType,
|
||||
out unsigned long count,
|
||||
[array, size_is(count)] out wstring certNameList);
|
||||
|
||||
/*
|
||||
* importCertificate
|
||||
|
@ -32,7 +32,7 @@
|
||||
* may use your version of this file under either the MPL or the
|
||||
* GPL.
|
||||
*
|
||||
* $Id: nsNSSCertificate.cpp,v 1.12 2001/03/21 22:00:14 mcgreer%netscape.com Exp $
|
||||
* $Id: nsNSSCertificate.cpp,v 1.13 2001/03/22 16:48:18 mcgreer%netscape.com Exp $
|
||||
*/
|
||||
|
||||
#include "prmem.h"
|
||||
@ -1011,14 +1011,17 @@ nsNSSCertificateDB::GetCertByKeyDB(const char *dbkey, nsIX509Cert **_retval)
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/* [noscript] void getCertificateNames(in nsIPK11Token aToken,
|
||||
* in unsigned long aType,
|
||||
* in nsAutoStringRef rCertNameList);
|
||||
/*
|
||||
* void getCertNicknames(in nsIPK11Token aToken,
|
||||
* in unsigned long aType,
|
||||
* out unsigned long count,
|
||||
* [array, size_is(count)] out wstring certNameList);
|
||||
*/
|
||||
NS_IMETHODIMP
|
||||
nsNSSCertificateDB::GetCertificateNames(nsIPK11Token *aToken,
|
||||
PRUint32 aType,
|
||||
nsAutoString& rCertNameList)
|
||||
nsNSSCertificateDB::GetCertNicknames(nsIPK11Token *aToken,
|
||||
PRUint32 aType,
|
||||
PRUint32 *_count,
|
||||
PRUnichar ***_certNames)
|
||||
{
|
||||
nsresult rv = NS_ERROR_FAILURE;
|
||||
/*
|
||||
@ -1041,7 +1044,7 @@ nsNSSCertificateDB::GetCertificateNames(nsIPK11Token *aToken,
|
||||
* get list of cert names from list of certs
|
||||
* XXX also cull the list (NSS only distinguishes based on user/non-user
|
||||
*/
|
||||
getCertNames(certList, aType, rCertNameList);
|
||||
getCertNames(certList, aType, _count, _certNames);
|
||||
rv = NS_OK;
|
||||
/*
|
||||
* finish up
|
||||
@ -1073,9 +1076,9 @@ nsNSSCertificateDB::ImportCertificate(nsIX509Cert *cert,
|
||||
switch (type) {
|
||||
case nsIX509Cert::CA_CERT:
|
||||
trust.SetValidCA();
|
||||
trust.AddCATrust(trusted & nsIX509Cert::TRUSTED_SSL,
|
||||
trusted & nsIX509Cert::TRUSTED_EMAIL,
|
||||
trusted & nsIX509Cert::TRUSTED_OBJSIGN);
|
||||
trust.AddCATrust(trusted & nsIX509CertDB::TRUSTED_SSL,
|
||||
trusted & nsIX509CertDB::TRUSTED_EMAIL,
|
||||
trusted & nsIX509CertDB::TRUSTED_OBJSIGN);
|
||||
break;
|
||||
default:
|
||||
return NS_ERROR_NOT_IMPLEMENTED;
|
||||
@ -1134,9 +1137,9 @@ nsNSSCertificateDB::SetCertTrust(nsIX509Cert *cert,
|
||||
////// end of kluge
|
||||
// always start with untrusted and move up
|
||||
trust.SetValidCA();
|
||||
trust.AddCATrust(trusted & nsIX509Cert::TRUSTED_SSL,
|
||||
trusted & nsIX509Cert::TRUSTED_EMAIL,
|
||||
trusted & nsIX509Cert::TRUSTED_OBJSIGN);
|
||||
trust.AddCATrust(trusted & nsIX509CertDB::TRUSTED_SSL,
|
||||
trusted & nsIX509CertDB::TRUSTED_EMAIL,
|
||||
trusted & nsIX509CertDB::TRUSTED_OBJSIGN);
|
||||
srv = CERT_ChangeCertTrust(CERT_GetDefaultCertDB(),
|
||||
nsscert,
|
||||
trust.GetTrust());
|
||||
@ -1166,11 +1169,11 @@ nsNSSCertificateDB::GetCertTrust(nsIX509Cert *cert,
|
||||
CERTCertTrust nsstrust;
|
||||
srv = CERT_GetCertTrust(nsscert, &nsstrust);
|
||||
nsNSSCertTrust trust(&nsstrust);
|
||||
if (trustType & nsIX509Cert::TRUSTED_SSL) {
|
||||
if (trustType & nsIX509CertDB::TRUSTED_SSL) {
|
||||
*_isTrusted = trust.HasTrustedCA(PR_TRUE, PR_FALSE, PR_FALSE);
|
||||
} else if (trustType & nsIX509Cert::TRUSTED_EMAIL) {
|
||||
} else if (trustType & nsIX509CertDB::TRUSTED_EMAIL) {
|
||||
*_isTrusted = trust.HasTrustedCA(PR_FALSE, PR_TRUE, PR_FALSE);
|
||||
} else if (trustType & nsIX509Cert::TRUSTED_OBJSIGN) {
|
||||
} else if (trustType & nsIX509CertDB::TRUSTED_OBJSIGN) {
|
||||
*_isTrusted = trust.HasTrustedCA(PR_FALSE, PR_FALSE, PR_TRUE);
|
||||
} else {
|
||||
return NS_ERROR_FAILURE;
|
||||
@ -1226,26 +1229,41 @@ nsNSSCertificateDB::ExportPKCS12File(nsIPK11Token *aToken,
|
||||
void
|
||||
nsNSSCertificateDB::getCertNames(CERTCertList *certList,
|
||||
PRUint32 type,
|
||||
nsString& nameList)
|
||||
PRUint32 *_count,
|
||||
PRUnichar ***_certNames)
|
||||
{
|
||||
CERTCertListNode *node;
|
||||
|
||||
PRUint32 numcerts = 0, i=0;
|
||||
PRUnichar **tmpArray = NULL;
|
||||
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("List of certs %d:\n", type));
|
||||
for (node = CERT_LIST_HEAD(certList);
|
||||
!CERT_LIST_END(node, certList);
|
||||
node = CERT_LIST_NEXT(node)) {
|
||||
if (getCertType(node->cert) == type) {
|
||||
nameList.AppendWithConversion(DELIM);
|
||||
if (type == nsIX509Cert::EMAIL_CERT) {
|
||||
nameList.AppendWithConversion(node->cert->emailAddr);
|
||||
} else {
|
||||
nameList.AppendWithConversion(node->cert->nickname);
|
||||
}
|
||||
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("%s\n", node->cert->nickname));
|
||||
numcerts++;
|
||||
}
|
||||
if (type == nsIX509Cert::USER_CERT)
|
||||
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("%s\n", node->cert->nickname));
|
||||
}
|
||||
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("num certs: %d\n", numcerts));
|
||||
int nc = (numcerts == 0) ? 1 : numcerts;
|
||||
tmpArray = (PRUnichar **)nsMemory::Alloc(sizeof(PRUnichar *) * nc);
|
||||
if (numcerts == 0) goto finish;
|
||||
for (node = CERT_LIST_HEAD(certList);
|
||||
!CERT_LIST_END(node, certList);
|
||||
node = CERT_LIST_NEXT(node)) {
|
||||
if (getCertType(node->cert) == type) {
|
||||
if (type == nsIX509Cert::EMAIL_CERT) {
|
||||
nsAutoString certname = NS_ConvertASCIItoUCS2(node->cert->emailAddr);
|
||||
tmpArray[i++] = certname.ToNewUnicode();
|
||||
} else {
|
||||
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("cert [%d]<%s>\n", i,node->cert->nickname));
|
||||
nsAutoString certname = NS_ConvertASCIItoUCS2(node->cert->nickname);
|
||||
tmpArray[i++] = certname.ToNewUnicode();
|
||||
}
|
||||
}
|
||||
}
|
||||
finish:
|
||||
*_count = numcerts;
|
||||
*_certNames = tmpArray;
|
||||
}
|
||||
|
||||
/* somewhat follows logic of cert_list_include_cert from PSM 1.x */
|
||||
|
@ -76,7 +76,8 @@ private:
|
||||
|
||||
void getCertNames(CERTCertList *certList,
|
||||
PRUint32 type,
|
||||
nsString& nameList);
|
||||
PRUint32 *_count,
|
||||
PRUnichar ***_certNameList);
|
||||
|
||||
PRUint32 getCertType(CERTCertificate *cert);
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user