Bommels05/Mozilla
Bommels05/Mozilla
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

bug 142175, PK11_ListCerts regressions -- handle PKCS#11 incompatibilites with serial numbers, and fix trust collection.

Browse Source 
git-svn-id: svn://10.0.0.236/trunk@120949 18797224-902f-48f8-a5cc-f745e15eee43
This commit is contained in:
ian.mcgreer%sun.com 2002-05-07 14:58:12 +00:00
parent ae5ccfb945
commit 1e68160965
2 changed files with 35 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
mozilla/security/nss/lib/dev/ckhelper.c
View File

@ -32,7 +32,7 @@
*/
#ifdef DEBUG
static const char CVS_ID[] = "@(#) $RCSfile: ckhelper.c,v $ $Revision: 1.22 $ $Date: 2002-04-25 18:33:45 $ $Name: not supported by cvs2svn $";
static const char CVS_ID[] = "@(#) $RCSfile: ckhelper.c,v $ $Revision: 1.23 $ $Date: 2002-05-07 14:58:09 $ $Name: not supported by cvs2svn $";
#endif /* DEBUG */
#ifndef NSSCKEPV_H
@ -533,13 +533,16 @@ get_nss_trust
{
nssTrustLevel t;
switch (ckt) {
case CKT_NETSCAPE_TRUST_UNKNOWN: t = nssTrustLevel_Unknown; break;
case CKT_NETSCAPE_UNTRUSTED: t = nssTrustLevel_NotTrusted; break;
case CKT_NETSCAPE_TRUSTED_DELEGATOR: t = nssTrustLevel_TrustedDelegator;
break;
case CKT_NETSCAPE_VALID_DELEGATOR: t = nssTrustLevel_ValidDelegator; break;
case CKT_NETSCAPE_TRUSTED: t = nssTrustLevel_Trusted; break;
case CKT_NETSCAPE_VALID: t = nssTrustLevel_Valid; break;
case CKT_NETSCAPE_MUST_VERIFY:
case CKT_NETSCAPE_TRUST_UNKNOWN:
default:
t = nssTrustLevel_Unknown; break;
}
return t;
}

31
mozilla/security/nss/lib/pki/pkibase.c
View File

@ -32,7 +32,7 @@
*/
#ifdef DEBUG
static const char CVS_ID[] = "@(#) $RCSfile: pkibase.c,v $ $Revision: 1.5 $ $Date: 2002-04-26 14:34:04 $ $Name: not supported by cvs2svn $";
static const char CVS_ID[] = "@(#) $RCSfile: pkibase.c,v $ $Revision: 1.6 $ $Date: 2002-05-07 14:58:12 $ $Name: not supported by cvs2svn $";
#endif /* DEBUG */
#ifndef DEV_H
@ -943,11 +943,22 @@ static PRStatus
cert_getUIDFromObject(nssPKIObject *o, NSSItem *uid)
{
NSSCertificate *c = (NSSCertificate *)o;
#ifdef NSS_3_4_CODE
/* The builtins are still returning decoded serial numbers. Until
* this compatibility issue is resolved, use the full DER of the
* cert to uniquely identify it.
*/
NSSDER *derCert;
derCert = nssCertificate_GetEncoding(c);
uid[0] = *derCert;
uid[1].data = NULL; uid[1].size = 0;
#else
NSSDER *issuer, *serial;
issuer = nssCertificate_GetIssuer(c);
serial = nssCertificate_GetSerialNumber(c);
uid[0] = *issuer;
uid[1] = *serial;
#endif /* NSS_3_4_CODE */
return PR_SUCCESS;
}
@ -955,6 +966,23 @@ static PRStatus
cert_getUIDFromInstance(nssCryptokiObject *instance, NSSItem *uid,
NSSArena *arena)
{
#ifdef NSS_3_4_CODE
/* The builtins are still returning decoded serial numbers. Until
* this compatibility issue is resolved, use the full DER of the
* cert to uniquely identify it.
*/
uid[1].data = NULL; uid[1].size = 0;
return nssCryptokiCertificate_GetAttributes(instance,
NULL, /* XXX sessionOpt */
arena, /* arena */
NULL, /* type */
NULL, /* id */
&uid[0], /* encoding */
NULL, /* issuer */
NULL, /* serial */
NULL, /* subject */
NULL); /* email */
#else
return nssCryptokiCertificate_GetAttributes(instance,
NULL, /* XXX sessionOpt */
arena, /* arena */
@ -965,6 +993,7 @@ cert_getUIDFromInstance(nssCryptokiObject *instance, NSSItem *uid,
&uid[1], /* serial */
NULL, /* subject */
NULL); /* email */
#endif /* NSS_3_4_CODE */
}
static nssPKIObject *