Bommels05/Mozilla
Bommels05/Mozilla
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

bug 337433, Need CERT_FindCertByNicknameOrEmailAddrByUsage

Browse Source 
r=rrelyea


git-svn-id: svn://10.0.0.236/trunk@261270 18797224-902f-48f8-a5cc-f745e15eee43
This commit is contained in:
kaie%kuix.de 2010-09-24 13:31:58 +00:00
parent e4a0ee0f03
commit 856edfa42a
3 changed files with 76 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
mozilla/security/nss/lib/certdb/cert.h
View File

@ -37,7 +37,7 @@
/* /*
* cert.h - public data structures and prototypes for the certificate library * cert.h - public data structures and prototypes for the certificate library
* *
* $Id: cert.h,v 1.81 2010-08-13 01:18:18 wtc%google.com Exp $ * $Id: cert.h,v 1.82 2010-09-24 13:27:28 kaie%kuix.de Exp $
*/ */
#ifndef _CERT_H_ #ifndef _CERT_H_
@ -606,6 +606,16 @@ CERT_FindCertByEmailAddr(CERTCertDBHandle *handle, char *emailAddr);
CERTCertificate * CERTCertificate *
CERT_FindCertByNicknameOrEmailAddr(CERTCertDBHandle *handle, const char *name); CERT_FindCertByNicknameOrEmailAddr(CERTCertDBHandle *handle, const char *name);
/*
** Find a certificate in the database by a email address or nickname
** and require it to have the given usage.
** "name" is the email address or nickname to look up
*/
CERTCertificate *
CERT_FindCertByNicknameOrEmailAddrForUsage(CERTCertDBHandle *handle,
const char *name,
SECCertUsage lookingForUsage);
/* /*
** Find a certificate in the database by a digest of a subject public key ** Find a certificate in the database by a digest of a subject public key
** "spkDigest" is the digest to look up ** "spkDigest" is the digest to look up

61
mozilla/security/nss/lib/certdb/stanpcertdb.c
View File

@ -614,19 +614,30 @@ CERT_FindCertByDERCert(CERTCertDBHandle *handle, SECItem *derCert)
return STAN_GetCERTCertificateOrRelease(c); return STAN_GetCERTCertificateOrRelease(c);
} }
CERTCertificate * static CERTCertificate *
CERT_FindCertByNicknameOrEmailAddr(CERTCertDBHandle *handle, const char *name) common_FindCertByNicknameOrEmailAddrForUsage(CERTCertDBHandle *handle,
char *name,
PRBool anyUsage,
SECCertUsage lookingForUsage)
{ {
NSSCryptoContext *cc; NSSCryptoContext *cc;
NSSCertificate *c, *ct; NSSCertificate *c, *ct;
CERTCertificate *cert; CERTCertificate *cert;
NSSUsage usage; NSSUsage usage;
CERTCertList *certlist;
if (NULL == name) { if (NULL == name) {
PORT_SetError(SEC_ERROR_INVALID_ARGS); PORT_SetError(SEC_ERROR_INVALID_ARGS);
return NULL; return NULL;
} }
usage.anyUsage = PR_TRUE;
usage.anyUsage = anyUsage;
if (!anyUsage) {
usage.nss3lookingForCA = PR_FALSE;
usage.nss3usage = lookingForUsage;
}
cc = STAN_GetDefaultCryptoContext(); cc = STAN_GetDefaultCryptoContext();
ct = NSSCryptoContext_FindBestCertificateByNickname(cc, name, ct = NSSCryptoContext_FindBestCertificateByNickname(cc, name,
NULL, &usage, NULL); NULL, &usage, NULL);
@ -638,7 +649,34 @@ CERT_FindCertByNicknameOrEmailAddr(CERTCertDBHandle *handle, const char *name)
PORT_Free(lowercaseName); PORT_Free(lowercaseName);
} }
} }
if (anyUsage) {
cert = PK11_FindCertFromNickname(name, NULL); cert = PK11_FindCertFromNickname(name, NULL);
}
else {
if (ct) {
/* Does ct really have the required usage? */
nssDecodedCert *dc;
dc = nssCertificate_GetDecoding(ct);
if (!dc->matchUsage(dc, &usage)) {
CERT_DestroyCertificate(STAN_GetCERTCertificateOrRelease(ct));
ct = NULL;
}
}
certlist = PK11_FindCertsFromNickname(name, NULL);
if (certlist) {
SECStatus rv = CERT_FilterCertListByUsage(certlist,
lookingForUsage,
PR_FALSE);
if (SECSuccess == rv &&
!CERT_LIST_END(CERT_LIST_HEAD(certlist), certlist)) {
cert = CERT_DupCertificate(CERT_LIST_HEAD(certlist)->cert);
}
CERT_DestroyCertList(certlist);
}
}
if (cert) { if (cert) {
c = get_best_temp_or_perm(ct, STAN_GetNSSCertificate(cert)); c = get_best_temp_or_perm(ct, STAN_GetNSSCertificate(cert));
CERT_DestroyCertificate(cert); CERT_DestroyCertificate(cert);
@ -651,6 +689,23 @@ CERT_FindCertByNicknameOrEmailAddr(CERTCertDBHandle *handle, const char *name)
return c ? STAN_GetCERTCertificateOrRelease(c) : NULL; return c ? STAN_GetCERTCertificateOrRelease(c) : NULL;
} }
CERTCertificate *
CERT_FindCertByNicknameOrEmailAddr(CERTCertDBHandle *handle, const char *name)
{
return common_FindCertByNicknameOrEmailAddrForUsage(handle, name,
PR_TRUE, 0);
}
CERTCertificate *
CERT_FindCertByNicknameOrEmailAddrForUsage(CERTCertDBHandle *handle,
const char *name,
SECCertUsage lookingForUsage)
{
return common_FindCertByNicknameOrEmailAddrForUsage(handle, name,
PR_FALSE,
lookingForUsage);
}
static void static void
add_to_subject_list(CERTCertList *certList, CERTCertificate *cert, add_to_subject_list(CERTCertList *certList, CERTCertificate *cert,
PRBool validOnly, int64 sorttime) PRBool validOnly, int64 sorttime)

6
mozilla/security/nss/lib/nss/nss.def
View File

@ -1003,6 +1003,12 @@ CERT_GetConstrainedCertificateNames;
;+ local: ;+ local:
;+ *; ;+ *;
;+}; ;+};
;+NSS_3.12.9 { # NSS 3.12.9 release
;+ global:
CERT_FindCertByNicknameOrEmailAddrForUsage;
;+ local:
;+ *;
;+};
;+NSS_3.13 { # NSS 3.13 release ;+NSS_3.13 { # NSS 3.13 release
;+ global: ;+ global:
;;SECKEY_RSAPSSParamsTemplate DATA ; ;;SECKEY_RSAPSSParamsTemplate DATA ;