Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-17 07:15:46 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
0449e02200
gecko-dev/security/manager/ssl/nsNSSCertificateDB.h
Cykesiopka 54a22335cb Bug 1281569 - Remove unnecessary step of converting nsIX509Certs to Raw DER just to create a CERTCertificate in nsNSSCertificateDB. r=keeler 
There are a few places in nsNSSCertificateDB.cpp where the following is done:
1. GetRawDER() is called on a nsIX509Cert to obtain the DER representation of
   the cert.
2. The DER is used to construct a CERTCertificate for use with NSS functions.

This step of converting to the DER is unnecessary, since GetCert() will provide
an already constructed CERTCertificate.

MozReview-Commit-ID: 35KMYI7dCXc

--HG--
extra : transplant_source : %CA%ED%AC/%E3%29D%BB%8D%0F%A9Y%19%B2%E7a%1B%BE%ADv
2016-07-05 02:59:18 -07:00

78 lines
2.9 KiB
C++
Raw Blame History

/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#ifndef nsNSSCertificateDB_h
#define nsNSSCertificateDB_h
#include "ScopedNSSTypes.h"
#include "certt.h"
#include "mozilla/Mutex.h"
#include "mozilla/NotNull.h"
#include "mozilla/RefPtr.h"
#include "mozilla/UniquePtr.h"
#include "nsIX509CertDB.h"
#include "nsNSSShutDown.h"
#include "nsString.h"
class nsCString;
class nsIArray;
class nsNSSCertificateDB final : public nsIX509CertDB
, public nsNSSShutDownObject
{
public:
NS_DECL_THREADSAFE_ISUPPORTS
NS_DECL_NSIX509CERTDB
// Use this function to generate a default nickname for a user
// certificate that is to be imported onto a token.
static void
get_default_nickname(CERTCertificate *cert, nsIInterfaceRequestor* ctx,
nsCString &nickname,
const nsNSSShutDownPreventionLock &proofOfLock);
static nsresult
ImportValidCACerts(int numCACerts, SECItem *CACerts, nsIInterfaceRequestor *ctx,
const nsNSSShutDownPreventionLock &proofOfLock);
// This is a separate static method so nsNSSComponent can use it during NSS
// initialization. Other code should probably not use it.
static nsresult
FindCertByDBKey(const char* aDBKey, mozilla::UniqueCERTCertificate& cert);
protected:
virtual ~nsNSSCertificateDB();
private:
static nsresult
ImportValidCACertsInList(const mozilla::UniqueCERTCertList& filteredCerts,
nsIInterfaceRequestor* ctx,
const nsNSSShutDownPreventionLock& proofOfLock);
static void DisplayCertificateAlert(nsIInterfaceRequestor *ctx,
const char *stringID, nsIX509Cert *certToShow,
const nsNSSShutDownPreventionLock &proofOfLock);
CERTDERCerts* getCertsFromPackage(const mozilla::UniquePLArenaPool& arena,
uint8_t* data, uint32_t length,
const nsNSSShutDownPreventionLock& proofOfLock);
nsresult handleCACertDownload(mozilla::NotNull<nsIArray*> x509Certs,
nsIInterfaceRequestor *ctx,
const nsNSSShutDownPreventionLock &proofOfLock);
// We don't own any NSS objects here, so no need to clean up
virtual void virtualDestroyNSSReference() override { };
};
#define NS_X509CERTDB_CID { /* fb0bbc5c-452e-4783-b32c-80124693d871 */ \
0xfb0bbc5c, \
0x452e, \
0x4783, \
{0xb3, 0x2c, 0x80, 0x12, 0x46, 0x93, 0xd8, 0x71} \
}
#endif // nsNSSCertificateDB_h
Reference in New Issue View Git Blame Copy Permalink