NSS cert database cleanups

net/third_party/mozilla_security_manager/nsPKCS12Blob.cpp

 /* ***** BEGIN LICENSE BLOCK *****
  * Version: MPL 1.1/GPL 2.0/LGPL 2.1
  *
  * The contents of this file are subject to the Mozilla Public License Version
  * 1.1 (the "License"); you may not use this file except in compliance with
  * the License. You may obtain a copy of the License at
  * http://www.mozilla.org/MPL/
  *
  * Software distributed under the License is distributed on an "AS IS" basis,
  * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
@@ skipping 24 matching lines @@
  *
  * ***** END LICENSE BLOCK ***** */
 
 #include "net/third_party/mozilla_security_manager/nsPKCS12Blob.h"
 
 #include <pk11pub.h>
 #include <pkcs12.h>
 #include <p12plcy.h>
 #include <secerr.h>
 
+#include "base/crypto/scoped_nss_types.h"
 #include "base/logging.h"
 #include "base/nss_util_internal.h"
 #include "base/string_util.h"
 #include "net/base/net_errors.h"
 #include "net/base/x509_certificate.h"
 
 namespace mozilla_security_manager {
 
 namespace {
 
@@ skipping 198 matching lines @@
 }  // namespace
 
 void EnsurePKCS12Init() {
   Singleton<PKCS12InitSingleton>::get();
 }
 
 // Based on nsPKCS12Blob::ImportFromFile.
 int nsPKCS12Blob_Import(const char* pkcs12_data,
                         size_t pkcs12_len,
                         const string16& password) {
-  PK11SlotInfo *slot = base::GetDefaultNSSKeySlot();
-  if (!slot) {
+  base::ScopedPK11Slot slot(base::GetDefaultNSSKeySlot());
+  if (!slot.get()) {
     LOG(ERROR) << "Couldn't get Internal key slot!";
     return net::ERR_PKCS12_IMPORT_FAILED;
   }
 
   int rv = nsPKCS12Blob_ImportHelper(pkcs12_data, pkcs12_len, password, false,
-                                     slot);
+                                     slot.get());
 
   // When the user entered a zero length password:
   //   An empty password should be represented as an empty
   //   string (a SECItem that contains a single terminating
   //   NULL UTF16 character), but some applications use a
   //   zero length SECItem.
   //   We try both variations, zero length item and empty string,
   //   without giving a user prompt when trying the different empty password flavors.
   if (rv == net::ERR_PKCS12_IMPORT_BAD_PASSWORD && password.size() == 0) {
     rv = nsPKCS12Blob_ImportHelper(pkcs12_data, pkcs12_len, password, true,
-                                   slot);
+                                   slot.get());
   }
-
-  PK11_FreeSlot(slot);
   return rv;
 }
 
 // Based on nsPKCS12Blob::ExportToFile
 //
 // Having already loaded the certs, form them into a blob (loading the keys
 // also), encode the blob, and stuff it into the file.
 //
 // TODO: handle slots correctly
 //       mirror "slotToUse" behavior from PSM 1.x
@@ skipping 93 matching lines @@
 finish:
   if (srv)
     LOG(ERROR) << "PKCS#12 export failed with error " << PORT_GetError();
   if (ecx)
     SEC_PKCS12DestroyExportContext(ecx);
   SECITEM_ZfreeItem(&unicodePw, PR_FALSE);
   return return_count;
 }
 
 }  // namespace mozilla_security_manager