OLD | NEW |
1 /* This Source Code Form is subject to the terms of the Mozilla Public | 1 /* This Source Code Form is subject to the terms of the Mozilla Public |
2 * License, v. 2.0. If a copy of the MPL was not distributed with this | 2 * License, v. 2.0. If a copy of the MPL was not distributed with this |
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
4 /* | 4 /* |
5 * This file manages PKCS #11 instances of certificates. | 5 * This file manages PKCS #11 instances of certificates. |
6 */ | 6 */ |
7 | 7 |
8 #include "secport.h" | 8 #include "secport.h" |
9 #include "seccomon.h" | 9 #include "seccomon.h" |
10 #include "secmod.h" | 10 #include "secmod.h" |
(...skipping 1754 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1765 if (rvCert && slotPtr) *slotPtr = PK11_ReferenceSlot(rvCert->slot); | 1765 if (rvCert && slotPtr) *slotPtr = PK11_ReferenceSlot(rvCert->slot); |
1766 | 1766 |
1767 SECITEM_FreeItem(derSerial, PR_TRUE); | 1767 SECITEM_FreeItem(derSerial, PR_TRUE); |
1768 return rvCert; | 1768 return rvCert; |
1769 } | 1769 } |
1770 | 1770 |
1771 CK_OBJECT_HANDLE | 1771 CK_OBJECT_HANDLE |
1772 PK11_FindObjectForCert(CERTCertificate *cert, void *wincx, PK11SlotInfo **pSlot) | 1772 PK11_FindObjectForCert(CERTCertificate *cert, void *wincx, PK11SlotInfo **pSlot) |
1773 { | 1773 { |
1774 CK_OBJECT_HANDLE certHandle; | 1774 CK_OBJECT_HANDLE certHandle; |
1775 CK_ATTRIBUTE searchTemplate»= { CKA_VALUE, NULL, 0 }; | 1775 CK_OBJECT_CLASS certClass = CKO_CERTIFICATE; |
1776 | 1776 CK_ATTRIBUTE *attr; |
1777 PK11_SETATTRS(&searchTemplate, CKA_VALUE, cert->derCert.data, | 1777 CK_ATTRIBUTE searchTemplate[]= { |
1778 » » cert->derCert.len); | 1778 » { CKA_CLASS, NULL, 0 }, |
| 1779 » { CKA_VALUE, NULL, 0 }, |
| 1780 }; |
| 1781 int templateSize = sizeof(searchTemplate)/sizeof(searchTemplate[0]); |
| 1782 |
| 1783 attr = searchTemplate; |
| 1784 PK11_SETATTRS(attr, CKA_CLASS, &certClass, sizeof(certClass)); attr++; |
| 1785 PK11_SETATTRS(attr, CKA_VALUE, cert->derCert.data, cert->derCert.len); |
1779 | 1786 |
1780 if (cert->slot) { | 1787 if (cert->slot) { |
1781 » certHandle = pk11_getcerthandle(cert->slot,cert,&searchTemplate,1); | 1788 » certHandle = pk11_getcerthandle(cert->slot, cert, searchTemplate, |
| 1789 » templateSize); |
1782 if (certHandle != CK_INVALID_HANDLE) { | 1790 if (certHandle != CK_INVALID_HANDLE) { |
1783 *pSlot = PK11_ReferenceSlot(cert->slot); | 1791 *pSlot = PK11_ReferenceSlot(cert->slot); |
1784 return certHandle; | 1792 return certHandle; |
1785 } | 1793 } |
1786 } | 1794 } |
1787 | 1795 |
1788 certHandle = pk11_FindCertObjectByTemplate(pSlot,&searchTemplate,1,wincx); | 1796 certHandle = pk11_FindCertObjectByTemplate(pSlot, searchTemplate, |
| 1797 templateSize, wincx); |
1789 if (certHandle != CK_INVALID_HANDLE) { | 1798 if (certHandle != CK_INVALID_HANDLE) { |
1790 if (cert->slot == NULL) { | 1799 if (cert->slot == NULL) { |
1791 cert->slot = PK11_ReferenceSlot(*pSlot); | 1800 cert->slot = PK11_ReferenceSlot(*pSlot); |
1792 cert->pkcs11ID = certHandle; | 1801 cert->pkcs11ID = certHandle; |
1793 cert->ownSlot = PR_TRUE; | 1802 cert->ownSlot = PR_TRUE; |
1794 cert->series = cert->slot->series; | 1803 cert->series = cert->slot->series; |
1795 } | 1804 } |
1796 } | 1805 } |
1797 | 1806 |
1798 return(certHandle); | 1807 return(certHandle); |
(...skipping 700 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2499 (void) pk11_TraverseAllSlots( NULL, NULL, PR_TRUE, pwarg); | 2508 (void) pk11_TraverseAllSlots( NULL, NULL, PR_TRUE, pwarg); |
2500 NSSTrustDomain_TraverseCertificates(defaultTD, pk11ListCertCallback, | 2509 NSSTrustDomain_TraverseCertificates(defaultTD, pk11ListCertCallback, |
2501 &listCerts); | 2510 &listCerts); |
2502 return certList; | 2511 return certList; |
2503 } | 2512 } |
2504 | 2513 |
2505 SECItem * | 2514 SECItem * |
2506 PK11_GetLowLevelKeyIDForCert(PK11SlotInfo *slot, | 2515 PK11_GetLowLevelKeyIDForCert(PK11SlotInfo *slot, |
2507 CERTCertificate *cert, void *wincx) | 2516 CERTCertificate *cert, void *wincx) |
2508 { | 2517 { |
| 2518 CK_OBJECT_CLASS certClass = CKO_CERTIFICATE; |
2509 CK_ATTRIBUTE theTemplate[] = { | 2519 CK_ATTRIBUTE theTemplate[] = { |
2510 { CKA_VALUE, NULL, 0 }, | 2520 { CKA_VALUE, NULL, 0 }, |
2511 { CKA_CLASS, NULL, 0 } | 2521 { CKA_CLASS, NULL, 0 } |
2512 }; | 2522 }; |
2513 /* if you change the array, change the variable below as well */ | 2523 /* if you change the array, change the variable below as well */ |
2514 int tsize = sizeof(theTemplate)/sizeof(theTemplate[0]); | 2524 int tsize = sizeof(theTemplate)/sizeof(theTemplate[0]); |
2515 CK_OBJECT_HANDLE certHandle; | 2525 CK_OBJECT_HANDLE certHandle; |
2516 CK_ATTRIBUTE *attrs = theTemplate; | 2526 CK_ATTRIBUTE *attrs = theTemplate; |
2517 PK11SlotInfo *slotRef = NULL; | 2527 PK11SlotInfo *slotRef = NULL; |
2518 SECItem *item; | 2528 SECItem *item; |
2519 SECStatus rv; | 2529 SECStatus rv; |
2520 | 2530 |
2521 if (slot) { | 2531 if (slot) { |
2522 PK11_SETATTRS(attrs, CKA_VALUE, cert->derCert.data, | 2532 PK11_SETATTRS(attrs, CKA_VALUE, cert->derCert.data, |
2523 cert->derCert.len); attrs++; | 2533 cert->derCert.len); attrs++; |
| 2534 PK11_SETATTRS(attrs, CKA_CLASS, &certClass, sizeof(certClass)); |
2524 | 2535 |
2525 rv = pk11_AuthenticateUnfriendly(slot, PR_TRUE, wincx); | 2536 rv = pk11_AuthenticateUnfriendly(slot, PR_TRUE, wincx); |
2526 if (rv != SECSuccess) { | 2537 if (rv != SECSuccess) { |
2527 return NULL; | 2538 return NULL; |
2528 } | 2539 } |
2529 certHandle = pk11_getcerthandle(slot,cert,theTemplate,tsize); | 2540 certHandle = pk11_getcerthandle(slot,cert,theTemplate,tsize); |
2530 } else { | 2541 } else { |
2531 certHandle = PK11_FindObjectForCert(cert, wincx, &slotRef); | 2542 certHandle = PK11_FindObjectForCert(cert, wincx, &slotRef); |
2532 if (certHandle == CK_INVALID_HANDLE) { | 2543 if (certHandle == CK_INVALID_HANDLE) { |
2533 return pk11_mkcertKeyID(cert); | 2544 return pk11_mkcertKeyID(cert); |
(...skipping 124 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2658 } | 2669 } |
2659 if (!found) { | 2670 if (!found) { |
2660 PK11_FreeSlotList(slotList); | 2671 PK11_FreeSlotList(slotList); |
2661 PORT_SetError(SEC_ERROR_NO_TOKEN); | 2672 PORT_SetError(SEC_ERROR_NO_TOKEN); |
2662 slotList = NULL; | 2673 slotList = NULL; |
2663 } | 2674 } |
2664 | 2675 |
2665 nssCryptokiObjectArray_Destroy(instances); | 2676 nssCryptokiObjectArray_Destroy(instances); |
2666 return slotList; | 2677 return slotList; |
2667 } | 2678 } |
OLD | NEW |