Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(686)

Side by Side Diff: mozilla/security/nss/lib/pk11wrap/pk11cert.c

Issue 10961060: Update NSS to NSS 3.14 Beta 1. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/deps/third_party/nss/
Patch Set: Merge nss-static2.patch into nss-static.patch Created 8 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
OLDNEW
1 /* This Source Code Form is subject to the terms of the Mozilla Public 1 /* This Source Code Form is subject to the terms of the Mozilla Public
2 * License, v. 2.0. If a copy of the MPL was not distributed with this 2 * License, v. 2.0. If a copy of the MPL was not distributed with this
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4 /* 4 /*
5 * This file manages PKCS #11 instances of certificates. 5 * This file manages PKCS #11 instances of certificates.
6 */ 6 */
7 7
8 #include "secport.h" 8 #include "secport.h"
9 #include "seccomon.h" 9 #include "seccomon.h"
10 #include "secmod.h" 10 #include "secmod.h"
(...skipping 1754 matching lines...) Expand 10 before | Expand all | Expand 10 after
1765 if (rvCert && slotPtr) *slotPtr = PK11_ReferenceSlot(rvCert->slot); 1765 if (rvCert && slotPtr) *slotPtr = PK11_ReferenceSlot(rvCert->slot);
1766 1766
1767 SECITEM_FreeItem(derSerial, PR_TRUE); 1767 SECITEM_FreeItem(derSerial, PR_TRUE);
1768 return rvCert; 1768 return rvCert;
1769 } 1769 }
1770 1770
1771 CK_OBJECT_HANDLE 1771 CK_OBJECT_HANDLE
1772 PK11_FindObjectForCert(CERTCertificate *cert, void *wincx, PK11SlotInfo **pSlot) 1772 PK11_FindObjectForCert(CERTCertificate *cert, void *wincx, PK11SlotInfo **pSlot)
1773 { 1773 {
1774 CK_OBJECT_HANDLE certHandle; 1774 CK_OBJECT_HANDLE certHandle;
1775 CK_ATTRIBUTE searchTemplate»= { CKA_VALUE, NULL, 0 }; 1775 CK_OBJECT_CLASS certClass = CKO_CERTIFICATE;
1776 1776 CK_ATTRIBUTE *attr;
1777 PK11_SETATTRS(&searchTemplate, CKA_VALUE, cert->derCert.data, 1777 CK_ATTRIBUTE searchTemplate[]= {
1778 » » cert->derCert.len); 1778 » { CKA_CLASS, NULL, 0 },
1779 » { CKA_VALUE, NULL, 0 },
1780 };
1781 int templateSize = sizeof(searchTemplate)/sizeof(searchTemplate[0]);
1782
1783 attr = searchTemplate;
1784 PK11_SETATTRS(attr, CKA_CLASS, &certClass, sizeof(certClass)); attr++;
1785 PK11_SETATTRS(attr, CKA_VALUE, cert->derCert.data, cert->derCert.len);
1779 1786
1780 if (cert->slot) { 1787 if (cert->slot) {
1781 » certHandle = pk11_getcerthandle(cert->slot,cert,&searchTemplate,1); 1788 » certHandle = pk11_getcerthandle(cert->slot, cert, searchTemplate,
1789 » templateSize);
1782 if (certHandle != CK_INVALID_HANDLE) { 1790 if (certHandle != CK_INVALID_HANDLE) {
1783 *pSlot = PK11_ReferenceSlot(cert->slot); 1791 *pSlot = PK11_ReferenceSlot(cert->slot);
1784 return certHandle; 1792 return certHandle;
1785 } 1793 }
1786 } 1794 }
1787 1795
1788 certHandle = pk11_FindCertObjectByTemplate(pSlot,&searchTemplate,1,wincx); 1796 certHandle = pk11_FindCertObjectByTemplate(pSlot, searchTemplate,
1797 templateSize, wincx);
1789 if (certHandle != CK_INVALID_HANDLE) { 1798 if (certHandle != CK_INVALID_HANDLE) {
1790 if (cert->slot == NULL) { 1799 if (cert->slot == NULL) {
1791 cert->slot = PK11_ReferenceSlot(*pSlot); 1800 cert->slot = PK11_ReferenceSlot(*pSlot);
1792 cert->pkcs11ID = certHandle; 1801 cert->pkcs11ID = certHandle;
1793 cert->ownSlot = PR_TRUE; 1802 cert->ownSlot = PR_TRUE;
1794 cert->series = cert->slot->series; 1803 cert->series = cert->slot->series;
1795 } 1804 }
1796 } 1805 }
1797 1806
1798 return(certHandle); 1807 return(certHandle);
(...skipping 700 matching lines...) Expand 10 before | Expand all | Expand 10 after
2499 (void) pk11_TraverseAllSlots( NULL, NULL, PR_TRUE, pwarg); 2508 (void) pk11_TraverseAllSlots( NULL, NULL, PR_TRUE, pwarg);
2500 NSSTrustDomain_TraverseCertificates(defaultTD, pk11ListCertCallback, 2509 NSSTrustDomain_TraverseCertificates(defaultTD, pk11ListCertCallback,
2501 &listCerts); 2510 &listCerts);
2502 return certList; 2511 return certList;
2503 } 2512 }
2504 2513
2505 SECItem * 2514 SECItem *
2506 PK11_GetLowLevelKeyIDForCert(PK11SlotInfo *slot, 2515 PK11_GetLowLevelKeyIDForCert(PK11SlotInfo *slot,
2507 CERTCertificate *cert, void *wincx) 2516 CERTCertificate *cert, void *wincx)
2508 { 2517 {
2518 CK_OBJECT_CLASS certClass = CKO_CERTIFICATE;
2509 CK_ATTRIBUTE theTemplate[] = { 2519 CK_ATTRIBUTE theTemplate[] = {
2510 { CKA_VALUE, NULL, 0 }, 2520 { CKA_VALUE, NULL, 0 },
2511 { CKA_CLASS, NULL, 0 } 2521 { CKA_CLASS, NULL, 0 }
2512 }; 2522 };
2513 /* if you change the array, change the variable below as well */ 2523 /* if you change the array, change the variable below as well */
2514 int tsize = sizeof(theTemplate)/sizeof(theTemplate[0]); 2524 int tsize = sizeof(theTemplate)/sizeof(theTemplate[0]);
2515 CK_OBJECT_HANDLE certHandle; 2525 CK_OBJECT_HANDLE certHandle;
2516 CK_ATTRIBUTE *attrs = theTemplate; 2526 CK_ATTRIBUTE *attrs = theTemplate;
2517 PK11SlotInfo *slotRef = NULL; 2527 PK11SlotInfo *slotRef = NULL;
2518 SECItem *item; 2528 SECItem *item;
2519 SECStatus rv; 2529 SECStatus rv;
2520 2530
2521 if (slot) { 2531 if (slot) {
2522 PK11_SETATTRS(attrs, CKA_VALUE, cert->derCert.data, 2532 PK11_SETATTRS(attrs, CKA_VALUE, cert->derCert.data,
2523 cert->derCert.len); attrs++; 2533 cert->derCert.len); attrs++;
2534 PK11_SETATTRS(attrs, CKA_CLASS, &certClass, sizeof(certClass));
2524 2535
2525 rv = pk11_AuthenticateUnfriendly(slot, PR_TRUE, wincx); 2536 rv = pk11_AuthenticateUnfriendly(slot, PR_TRUE, wincx);
2526 if (rv != SECSuccess) { 2537 if (rv != SECSuccess) {
2527 return NULL; 2538 return NULL;
2528 } 2539 }
2529 certHandle = pk11_getcerthandle(slot,cert,theTemplate,tsize); 2540 certHandle = pk11_getcerthandle(slot,cert,theTemplate,tsize);
2530 } else { 2541 } else {
2531 certHandle = PK11_FindObjectForCert(cert, wincx, &slotRef); 2542 certHandle = PK11_FindObjectForCert(cert, wincx, &slotRef);
2532 if (certHandle == CK_INVALID_HANDLE) { 2543 if (certHandle == CK_INVALID_HANDLE) {
2533 return pk11_mkcertKeyID(cert); 2544 return pk11_mkcertKeyID(cert);
(...skipping 124 matching lines...) Expand 10 before | Expand all | Expand 10 after
2658 } 2669 }
2659 if (!found) { 2670 if (!found) {
2660 PK11_FreeSlotList(slotList); 2671 PK11_FreeSlotList(slotList);
2661 PORT_SetError(SEC_ERROR_NO_TOKEN); 2672 PORT_SetError(SEC_ERROR_NO_TOKEN);
2662 slotList = NULL; 2673 slotList = NULL;
2663 } 2674 }
2664 2675
2665 nssCryptokiObjectArray_Destroy(instances); 2676 nssCryptokiObjectArray_Destroy(instances);
2666 return slotList; 2677 return slotList;
2667 } 2678 }
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698