move cert details code: bug 230655 r=ddrinan sr=jag
git-svn-id: svn://10.0.0.236/trunk@155090 18797224-902f-48f8-a5cc-f745e15eee43
This commit is contained in:
jgmyers%speakeasy.net
parent
dbf28bb0ee
commit
9541d3b202
@ -40,12 +40,18 @@
|
||||
#include "prprf.h"
|
||||
|
||||
#include "nsNSSCertHelper.h"
|
||||
#include "cert.h"
|
||||
#include "nsCOMPtr.h"
|
||||
#include "nsNSSCertificate.h"
|
||||
#include "cert.h"
|
||||
#include "nsNSSCertValidity.h"
|
||||
#include "nsNSSASN1Object.h"
|
||||
#include "nsNSSComponent.h"
|
||||
#include "nsNSSCertTrust.h"
|
||||
|
||||
#include "nsIDateTimeFormat.h"
|
||||
#include "nsDateTimeFormatCID.h"
|
||||
|
||||
static NS_DEFINE_CID(kDateTimeFormatCID, NS_DATETIMEFORMAT_CID);
|
||||
static NS_DEFINE_CID(kNSSComponentCID, NS_NSSCOMPONENT_CID);
|
||||
|
||||
static nsresult
|
||||
GetIntValue(SECItem *versionItem,
|
||||
@ -61,7 +67,7 @@ GetIntValue(SECItem *versionItem,
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
nsresult
|
||||
static nsresult
|
||||
ProcessVersion(SECItem *versionItem,
|
||||
nsINSSComponent *nssComponent,
|
||||
nsIASN1PrintableItem **retItem)
|
||||
@ -117,7 +123,7 @@ ProcessVersion(SECItem *versionItem,
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
nsresult
|
||||
static nsresult
|
||||
ProcessSerialNumberDER(SECItem *serialItem,
|
||||
nsINSSComponent *nssComponent,
|
||||
nsIASN1PrintableItem **retItem)
|
||||
@ -191,7 +197,7 @@ GetDefaultOIDFormat(SECItem *oid,
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
nsresult
|
||||
static nsresult
|
||||
GetOIDText(SECItem *oid, nsINSSComponent *nssComponent, nsAString &text)
|
||||
{
|
||||
nsresult rv;
|
||||
@ -354,7 +360,7 @@ GetOIDText(SECItem *oid, nsINSSComponent *nssComponent, nsAString &text)
|
||||
|
||||
#define SEPARATOR "\n"
|
||||
|
||||
nsresult
|
||||
static nsresult
|
||||
ProcessRawBytes(SECItem *data, nsAString &text)
|
||||
{
|
||||
// This function is used to display some DER bytes
|
||||
@ -485,6 +491,72 @@ ProcessKeyUsageExtension(SECItem *extData, nsAString &text,
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
static nsresult
|
||||
ProcessName(CERTName *name, nsINSSComponent *nssComponent, PRUnichar **value)
|
||||
{
|
||||
CERTRDN** rdns;
|
||||
CERTRDN** rdn;
|
||||
CERTAVA** avas;
|
||||
CERTAVA* ava;
|
||||
SECItem *decodeItem = nsnull;
|
||||
nsString finalString;
|
||||
|
||||
rdns = name->rdns;
|
||||
|
||||
nsString type;
|
||||
nsresult rv;
|
||||
const PRUnichar *params[2];
|
||||
nsString avavalue;
|
||||
nsAutoString temp;
|
||||
CERTRDN **lastRdn;
|
||||
lastRdn = rdns;
|
||||
|
||||
|
||||
/* find last RDN */
|
||||
lastRdn = rdns;
|
||||
while (*lastRdn) lastRdn++;
|
||||
// The above whille loop will put us at the last member
|
||||
// of the array which is a NULL pointer. So let's back
|
||||
// up one spot so that we have the last non-NULL entry in
|
||||
// the array in preparation for traversing the
|
||||
// RDN's (Relative Distinguished Name) in reverse oder.
|
||||
lastRdn--;
|
||||
|
||||
/*
|
||||
* Loop over name contents in _reverse_ RDN order appending to string
|
||||
* When building the Ascii string, NSS loops over these entries in
|
||||
* reverse order, so I will as well. The difference is that NSS
|
||||
* will always place them in a one line string separated by commas,
|
||||
* where I want each entry on a single line. I can't just use a comma
|
||||
* as my delimitter because it is a valid character to have in the
|
||||
* value portion of the AVA and could cause trouble when parsing.
|
||||
*/
|
||||
for (rdn = lastRdn; rdn >= rdns; rdn--) {
|
||||
avas = (*rdn)->avas;
|
||||
while ((ava = *avas++) != 0) {
|
||||
rv = GetOIDText(&ava->type, nssComponent, type);
|
||||
if (NS_FAILED(rv))
|
||||
return rv;
|
||||
|
||||
//This function returns a string in UTF8 format.
|
||||
decodeItem = CERT_DecodeAVAValue(&ava->value);
|
||||
if(!decodeItem) {
|
||||
return NS_ERROR_FAILURE;
|
||||
}
|
||||
avavalue = NS_ConvertUTF8toUTF16((char*)decodeItem->data, decodeItem->len);
|
||||
|
||||
SECITEM_FreeItem(decodeItem, PR_TRUE);
|
||||
params[0] = type.get();
|
||||
params[1] = avavalue.get();
|
||||
nssComponent->PIPBundleFormatStringFromName("AVATemplate",
|
||||
params, 2, temp);
|
||||
finalString += temp + NS_LITERAL_STRING("\n");
|
||||
}
|
||||
}
|
||||
*value = ToNewUnicode(finalString);
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
static nsresult
|
||||
ProcessExtensionData(SECOidTag oidTag, SECItem *extData,
|
||||
nsAString &text, nsINSSComponent *nssComponent)
|
||||
@ -504,7 +576,7 @@ ProcessExtensionData(SECOidTag oidTag, SECItem *extData,
|
||||
return rv;
|
||||
}
|
||||
|
||||
nsresult
|
||||
static nsresult
|
||||
ProcessSingleExtension(CERTCertExtension *extension,
|
||||
nsINSSComponent *nssComponent,
|
||||
nsIASN1PrintableItem **retExtension)
|
||||
@ -539,6 +611,384 @@ ProcessSingleExtension(CERTCertExtension *extension,
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
static nsresult
|
||||
ProcessSECAlgorithmID(SECAlgorithmID *algID,
|
||||
nsINSSComponent *nssComponent,
|
||||
nsIASN1Sequence **retSequence)
|
||||
{
|
||||
nsCOMPtr<nsIASN1Sequence> sequence = new nsNSSASN1Sequence();
|
||||
if (sequence == nsnull)
|
||||
return NS_ERROR_OUT_OF_MEMORY;
|
||||
|
||||
*retSequence = nsnull;
|
||||
nsString text;
|
||||
GetOIDText(&algID->algorithm, nssComponent, text);
|
||||
if (!algID->parameters.len || algID->parameters.data[0] == nsIASN1Object::ASN1_NULL) {
|
||||
sequence->SetDisplayValue(text);
|
||||
sequence->SetIsValidContainer(PR_FALSE);
|
||||
} else {
|
||||
nsCOMPtr<nsIASN1PrintableItem> printableItem = new nsNSSASN1PrintableItem();
|
||||
printableItem->SetDisplayValue(text);
|
||||
nsCOMPtr<nsIMutableArray> asn1Objects;
|
||||
sequence->GetASN1Objects(getter_AddRefs(asn1Objects));
|
||||
asn1Objects->AppendElement(printableItem, PR_FALSE);
|
||||
nssComponent->GetPIPNSSBundleString("CertDumpAlgID", text);
|
||||
printableItem->SetDisplayName(text);
|
||||
printableItem = new nsNSSASN1PrintableItem();
|
||||
asn1Objects->AppendElement(printableItem, PR_FALSE);
|
||||
nssComponent->GetPIPNSSBundleString("CertDumpParams", text);
|
||||
printableItem->SetDisplayName(text);
|
||||
ProcessRawBytes(&algID->parameters,text);
|
||||
printableItem->SetDisplayValue(text);
|
||||
}
|
||||
*retSequence = sequence;
|
||||
NS_ADDREF(*retSequence);
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
static nsresult
|
||||
ProcessTime(PRTime dispTime, const PRUnichar *displayName,
|
||||
nsIASN1Sequence *parentSequence)
|
||||
{
|
||||
nsresult rv;
|
||||
nsCOMPtr<nsIDateTimeFormat> dateFormatter =
|
||||
do_CreateInstance(kDateTimeFormatCID, &rv);
|
||||
if (NS_FAILED(rv))
|
||||
return rv;
|
||||
|
||||
nsString text;
|
||||
nsString tempString;
|
||||
|
||||
PRExplodedTime explodedTime;
|
||||
PR_ExplodeTime(dispTime, PR_LocalTimeParameters, &explodedTime);
|
||||
|
||||
dateFormatter->FormatPRExplodedTime(nsnull, kDateFormatShort, kTimeFormatSecondsForce24Hour,
|
||||
&explodedTime, tempString);
|
||||
|
||||
text.Append(tempString);
|
||||
text.Append(NS_LITERAL_STRING("\n("));
|
||||
|
||||
PRExplodedTime explodedTimeGMT;
|
||||
PR_ExplodeTime(dispTime, PR_GMTParameters, &explodedTimeGMT);
|
||||
|
||||
dateFormatter->FormatPRExplodedTime(nsnull, kDateFormatShort, kTimeFormatSecondsForce24Hour,
|
||||
&explodedTimeGMT, tempString);
|
||||
|
||||
text.Append(tempString);
|
||||
text.Append(NS_LITERAL_STRING(" GMT)"));
|
||||
|
||||
nsCOMPtr<nsIASN1PrintableItem> printableItem = new nsNSSASN1PrintableItem();
|
||||
if (printableItem == nsnull)
|
||||
return NS_ERROR_OUT_OF_MEMORY;
|
||||
|
||||
printableItem->SetDisplayValue(text);
|
||||
printableItem->SetDisplayName(nsDependentString(displayName));
|
||||
nsCOMPtr<nsIMutableArray> asn1Objects;
|
||||
parentSequence->GetASN1Objects(getter_AddRefs(asn1Objects));
|
||||
asn1Objects->AppendElement(printableItem, PR_FALSE);
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
static nsresult
|
||||
ProcessSubjectPublicKeyInfo(CERTSubjectPublicKeyInfo *spki,
|
||||
nsIASN1Sequence *parentSequence,
|
||||
nsINSSComponent *nssComponent)
|
||||
{
|
||||
nsCOMPtr<nsIASN1Sequence> spkiSequence = new nsNSSASN1Sequence();
|
||||
|
||||
if (spkiSequence == nsnull)
|
||||
return NS_ERROR_OUT_OF_MEMORY;
|
||||
|
||||
nsString text;
|
||||
nssComponent->GetPIPNSSBundleString("CertDumpSPKI", text);
|
||||
spkiSequence->SetDisplayName(text);
|
||||
|
||||
nssComponent->GetPIPNSSBundleString("CertDumpSPKIAlg", text);
|
||||
nsCOMPtr<nsIASN1Sequence> sequenceItem;
|
||||
nsresult rv = ProcessSECAlgorithmID(&spki->algorithm, nssComponent,
|
||||
getter_AddRefs(sequenceItem));
|
||||
if (NS_FAILED(rv))
|
||||
return rv;
|
||||
sequenceItem->SetDisplayName(text);
|
||||
nsCOMPtr<nsIMutableArray> asn1Objects;
|
||||
spkiSequence->GetASN1Objects(getter_AddRefs(asn1Objects));
|
||||
asn1Objects->AppendElement(sequenceItem, PR_FALSE);
|
||||
|
||||
// The subjectPublicKey field is encoded as a bit string.
|
||||
// ProcessRawBytes expects the lenght to be in bytes, so
|
||||
// let's convert the lenght into a temporary SECItem.
|
||||
SECItem data;
|
||||
data.data = spki->subjectPublicKey.data;
|
||||
data.len = spki->subjectPublicKey.len / 8;
|
||||
text.Truncate();
|
||||
ProcessRawBytes(&data, text);
|
||||
nsCOMPtr<nsIASN1PrintableItem> printableItem = new nsNSSASN1PrintableItem();
|
||||
if (printableItem == nsnull)
|
||||
return NS_ERROR_OUT_OF_MEMORY;
|
||||
|
||||
printableItem->SetDisplayValue(text);
|
||||
nssComponent->GetPIPNSSBundleString("CertDumpSubjPubKey", text);
|
||||
printableItem->SetDisplayName(text);
|
||||
asn1Objects->AppendElement(printableItem, PR_FALSE);
|
||||
|
||||
parentSequence->GetASN1Objects(getter_AddRefs(asn1Objects));
|
||||
asn1Objects->AppendElement(spkiSequence, PR_FALSE);
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
static nsresult
|
||||
ProcessExtensions(CERTCertExtension **extensions,
|
||||
nsIASN1Sequence *parentSequence,
|
||||
nsINSSComponent *nssComponent)
|
||||
{
|
||||
nsCOMPtr<nsIASN1Sequence> extensionSequence = new nsNSSASN1Sequence;
|
||||
if (extensionSequence == nsnull)
|
||||
return NS_ERROR_OUT_OF_MEMORY;
|
||||
|
||||
nsString text;
|
||||
nssComponent->GetPIPNSSBundleString("CertDumpExtensions", text);
|
||||
extensionSequence->SetDisplayName(text);
|
||||
PRInt32 i;
|
||||
nsresult rv;
|
||||
nsCOMPtr<nsIASN1PrintableItem> newExtension;
|
||||
nsCOMPtr<nsIMutableArray> asn1Objects;
|
||||
extensionSequence->GetASN1Objects(getter_AddRefs(asn1Objects));
|
||||
for (i=0; extensions[i] != nsnull; i++) {
|
||||
rv = ProcessSingleExtension(extensions[i], nssComponent,
|
||||
getter_AddRefs(newExtension));
|
||||
if (NS_FAILED(rv))
|
||||
return rv;
|
||||
|
||||
asn1Objects->AppendElement(newExtension, PR_FALSE);
|
||||
}
|
||||
parentSequence->GetASN1Objects(getter_AddRefs(asn1Objects));
|
||||
asn1Objects->AppendElement(extensionSequence, PR_FALSE);
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
nsresult
|
||||
nsNSSCertificate::CreateTBSCertificateASN1Struct(nsIASN1Sequence **retSequence,
|
||||
nsINSSComponent *nssComponent)
|
||||
{
|
||||
nsNSSShutDownPreventionLock locker;
|
||||
if (isAlreadyShutDown())
|
||||
return NS_ERROR_NOT_AVAILABLE;
|
||||
|
||||
//
|
||||
// TBSCertificate ::= SEQUENCE {
|
||||
// version [0] EXPLICIT Version DEFAULT v1,
|
||||
// serialNumber CertificateSerialNumber,
|
||||
// signature AlgorithmIdentifier,
|
||||
// issuer Name,
|
||||
// validity Validity,
|
||||
// subject Name,
|
||||
// subjectPublicKeyInfo SubjectPublicKeyInfo,
|
||||
// issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL,
|
||||
// -- If present, version shall be v2 or v3
|
||||
// subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL,
|
||||
// -- If present, version shall be v2 or v3
|
||||
// extensions [3] EXPLICIT Extensions OPTIONAL
|
||||
// -- If present, version shall be v3
|
||||
// }
|
||||
//
|
||||
// This is the ASN1 structure we should be dealing with at this point.
|
||||
// The code in this method will assert this is the structure we're dealing
|
||||
// and then add more user friendly text for that field.
|
||||
nsCOMPtr<nsIASN1Sequence> sequence = new nsNSSASN1Sequence();
|
||||
if (sequence == nsnull)
|
||||
return NS_ERROR_OUT_OF_MEMORY;
|
||||
|
||||
nsString text;
|
||||
nssComponent->GetPIPNSSBundleString("CertDumpCertificate", text);
|
||||
sequence->SetDisplayName(text);
|
||||
nsCOMPtr<nsIASN1PrintableItem> printableItem;
|
||||
|
||||
nsCOMPtr<nsIMutableArray> asn1Objects;
|
||||
sequence->GetASN1Objects(getter_AddRefs(asn1Objects));
|
||||
|
||||
nsresult rv = ProcessVersion(&mCert->version, nssComponent,
|
||||
getter_AddRefs(printableItem));
|
||||
if (NS_FAILED(rv))
|
||||
return rv;
|
||||
|
||||
asn1Objects->AppendElement(printableItem, PR_FALSE);
|
||||
|
||||
rv = ProcessSerialNumberDER(&mCert->serialNumber, nssComponent,
|
||||
getter_AddRefs(printableItem));
|
||||
|
||||
if (NS_FAILED(rv))
|
||||
return rv;
|
||||
asn1Objects->AppendElement(printableItem, PR_FALSE);
|
||||
|
||||
nsCOMPtr<nsIASN1Sequence> algID;
|
||||
rv = ProcessSECAlgorithmID(&mCert->signature,
|
||||
nssComponent, getter_AddRefs(algID));
|
||||
if (NS_FAILED(rv))
|
||||
return rv;
|
||||
|
||||
nssComponent->GetPIPNSSBundleString("CertDumpSigAlg", text);
|
||||
algID->SetDisplayName(text);
|
||||
asn1Objects->AppendElement(algID, PR_FALSE);
|
||||
|
||||
nsXPIDLString value;
|
||||
ProcessName(&mCert->issuer, nssComponent, getter_Copies(value));
|
||||
|
||||
printableItem = new nsNSSASN1PrintableItem();
|
||||
if (printableItem == nsnull)
|
||||
return NS_ERROR_OUT_OF_MEMORY;
|
||||
|
||||
printableItem->SetDisplayValue(value);
|
||||
nssComponent->GetPIPNSSBundleString("CertDumpIssuer", text);
|
||||
printableItem->SetDisplayName(text);
|
||||
asn1Objects->AppendElement(printableItem, PR_FALSE);
|
||||
|
||||
nsCOMPtr<nsIASN1Sequence> validitySequence = new nsNSSASN1Sequence();
|
||||
nssComponent->GetPIPNSSBundleString("CertDumpValidity", text);
|
||||
validitySequence->SetDisplayName(text);
|
||||
asn1Objects->AppendElement(validitySequence, PR_FALSE);
|
||||
nssComponent->GetPIPNSSBundleString("CertDumpNotBefore", text);
|
||||
nsCOMPtr<nsIX509CertValidity> validityData;
|
||||
GetValidity(getter_AddRefs(validityData));
|
||||
PRTime notBefore, notAfter;
|
||||
|
||||
validityData->GetNotBefore(¬Before);
|
||||
validityData->GetNotAfter(¬After);
|
||||
validityData = 0;
|
||||
rv = ProcessTime(notBefore, text.get(), validitySequence);
|
||||
if (NS_FAILED(rv))
|
||||
return rv;
|
||||
|
||||
nssComponent->GetPIPNSSBundleString("CertDumpNotAfter", text);
|
||||
rv = ProcessTime(notAfter, text.get(), validitySequence);
|
||||
if (NS_FAILED(rv))
|
||||
return rv;
|
||||
|
||||
nssComponent->GetPIPNSSBundleString("CertDumpSubject", text);
|
||||
|
||||
printableItem = new nsNSSASN1PrintableItem();
|
||||
if (printableItem == nsnull)
|
||||
return NS_ERROR_OUT_OF_MEMORY;
|
||||
|
||||
printableItem->SetDisplayName(text);
|
||||
ProcessName(&mCert->subject, nssComponent,getter_Copies(value));
|
||||
printableItem->SetDisplayValue(value);
|
||||
asn1Objects->AppendElement(printableItem, PR_FALSE);
|
||||
|
||||
rv = ProcessSubjectPublicKeyInfo(&mCert->subjectPublicKeyInfo, sequence,
|
||||
nssComponent);
|
||||
if (NS_FAILED(rv))
|
||||
return rv;
|
||||
|
||||
SECItem data;
|
||||
// Is there an issuerUniqueID?
|
||||
if (mCert->issuerID.data != nsnull) {
|
||||
// The issuerID is encoded as a bit string.
|
||||
// The function ProcessRawBytes expects the
|
||||
// length to be in bytes, so let's convert the
|
||||
// length in a temporary SECItem
|
||||
data.data = mCert->issuerID.data;
|
||||
data.len = mCert->issuerID.len / 8;
|
||||
|
||||
ProcessRawBytes(&data, text);
|
||||
printableItem = new nsNSSASN1PrintableItem();
|
||||
if (printableItem == nsnull)
|
||||
return NS_ERROR_OUT_OF_MEMORY;
|
||||
|
||||
printableItem->SetDisplayValue(text);
|
||||
nssComponent->GetPIPNSSBundleString("CertDumpIssuerUniqueID", text);
|
||||
printableItem->SetDisplayName(text);
|
||||
asn1Objects->AppendElement(printableItem, PR_FALSE);
|
||||
}
|
||||
|
||||
if (mCert->subjectID.data) {
|
||||
// The subjectID is encoded as a bit string.
|
||||
// The function ProcessRawBytes expects the
|
||||
// length to be in bytes, so let's convert the
|
||||
// length in a temporary SECItem
|
||||
data.data = mCert->issuerID.data;
|
||||
data.len = mCert->issuerID.len / 8;
|
||||
|
||||
ProcessRawBytes(&data, text);
|
||||
printableItem = new nsNSSASN1PrintableItem();
|
||||
if (printableItem == nsnull)
|
||||
return NS_ERROR_OUT_OF_MEMORY;
|
||||
|
||||
printableItem->SetDisplayValue(text);
|
||||
nssComponent->GetPIPNSSBundleString("CertDumpSubjectUniqueID", text);
|
||||
printableItem->SetDisplayName(text);
|
||||
asn1Objects->AppendElement(printableItem, PR_FALSE);
|
||||
|
||||
}
|
||||
if (mCert->extensions) {
|
||||
rv = ProcessExtensions(mCert->extensions, sequence, nssComponent);
|
||||
if (NS_FAILED(rv))
|
||||
return rv;
|
||||
}
|
||||
*retSequence = sequence;
|
||||
NS_ADDREF(*retSequence);
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
nsresult
|
||||
nsNSSCertificate::CreateASN1Struct()
|
||||
{
|
||||
nsNSSShutDownPreventionLock locker;
|
||||
if (isAlreadyShutDown())
|
||||
return NS_ERROR_NOT_AVAILABLE;
|
||||
|
||||
nsCOMPtr<nsIASN1Sequence> sequence = new nsNSSASN1Sequence();
|
||||
|
||||
mASN1Structure = sequence;
|
||||
if (mASN1Structure == nsnull) {
|
||||
return NS_ERROR_OUT_OF_MEMORY;
|
||||
}
|
||||
|
||||
nsCOMPtr<nsIMutableArray> asn1Objects;
|
||||
sequence->GetASN1Objects(getter_AddRefs(asn1Objects));
|
||||
nsXPIDLCString title;
|
||||
GetWindowTitle(getter_Copies(title));
|
||||
|
||||
mASN1Structure->SetDisplayName(NS_ConvertUTF8toUCS2(title));
|
||||
// This sequence will be contain the tbsCertificate, signatureAlgorithm,
|
||||
// and signatureValue.
|
||||
nsresult rv;
|
||||
nsCOMPtr<nsINSSComponent> nssComponent(do_GetService(kNSSComponentCID, &rv));
|
||||
if (NS_FAILED(rv))
|
||||
return rv;
|
||||
|
||||
rv = CreateTBSCertificateASN1Struct(getter_AddRefs(sequence),
|
||||
nssComponent);
|
||||
if (NS_FAILED(rv))
|
||||
return rv;
|
||||
|
||||
asn1Objects->AppendElement(sequence, PR_FALSE);
|
||||
nsCOMPtr<nsIASN1Sequence> algID;
|
||||
|
||||
rv = ProcessSECAlgorithmID(&mCert->signatureWrap.signatureAlgorithm,
|
||||
nssComponent, getter_AddRefs(algID));
|
||||
if (NS_FAILED(rv))
|
||||
return rv;
|
||||
nsString text;
|
||||
nssComponent->GetPIPNSSBundleString("CertDumpSigAlg", text);
|
||||
algID->SetDisplayName(text);
|
||||
asn1Objects->AppendElement(algID, PR_FALSE);
|
||||
nsCOMPtr<nsIASN1PrintableItem>printableItem = new nsNSSASN1PrintableItem();
|
||||
nssComponent->GetPIPNSSBundleString("CertDumpCertSig", text);
|
||||
printableItem->SetDisplayName(text);
|
||||
// The signatureWrap is encoded as a bit string.
|
||||
// The function ProcessRawBytes expects the
|
||||
// length to be in bytes, so let's convert the
|
||||
// length in a temporary SECItem
|
||||
SECItem temp;
|
||||
temp.data = mCert->signatureWrap.signature.data;
|
||||
temp.len = mCert->signatureWrap.signature.len / 8;
|
||||
text.Truncate();
|
||||
ProcessRawBytes(&temp,text);
|
||||
printableItem->SetDisplayValue(text);
|
||||
asn1Objects->AppendElement(printableItem, PR_FALSE);
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
PRUint32
|
||||
getCertType(CERTCertificate *cert)
|
||||
{
|
||||
|
||||
@ -39,30 +39,6 @@
|
||||
|
||||
#include "nsNSSCertHeader.h"
|
||||
|
||||
class nsINSSComponent;
|
||||
class nsIASN1PrintableItem;
|
||||
|
||||
nsresult
|
||||
ProcessVersion(SECItem *versionItem,
|
||||
nsINSSComponent *nssComponent,
|
||||
nsIASN1PrintableItem **retItem);
|
||||
|
||||
nsresult
|
||||
ProcessSerialNumberDER(SECItem *serialItem,
|
||||
nsINSSComponent *nssComponent,
|
||||
nsIASN1PrintableItem **retItem);
|
||||
|
||||
nsresult
|
||||
GetOIDText(SECItem *oid, nsINSSComponent *nssComponent, nsAString &text);
|
||||
|
||||
nsresult
|
||||
ProcessRawBytes(SECItem *data, nsAString &text);
|
||||
|
||||
nsresult
|
||||
ProcessSingleExtension(CERTCertExtension *extension,
|
||||
nsINSSComponent *nssComponent,
|
||||
nsIASN1PrintableItem **retExtension);
|
||||
|
||||
PRUint32
|
||||
getCertType(CERTCertificate *cert);
|
||||
|
||||
|
||||
@ -51,8 +51,6 @@
|
||||
#include "nsString.h"
|
||||
#include "nsXPIDLString.h"
|
||||
#include "nsReadableUtils.h"
|
||||
#include "nsIDateTimeFormat.h"
|
||||
#include "nsDateTimeFormatCID.h"
|
||||
#include "nsILocaleService.h"
|
||||
#include "nsIURI.h"
|
||||
#include "nsTime.h"
|
||||
@ -84,7 +82,6 @@ extern PRLogModuleInfo* gPIPNSSLog;
|
||||
#endif
|
||||
|
||||
static NS_DEFINE_CID(kNSSComponentCID, NS_NSSCOMPONENT_CID);
|
||||
static NS_DEFINE_CID(kDateTimeFormatCID, NS_DATETIMEFORMAT_CID);
|
||||
|
||||
|
||||
/* nsNSSCertificate */
|
||||
@ -1069,390 +1066,6 @@ nsNSSCertificate::GetUsagesString(PRBool ignoreOcsp,
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
static nsresult
|
||||
ProcessSECAlgorithmID(SECAlgorithmID *algID,
|
||||
nsINSSComponent *nssComponent,
|
||||
nsIASN1Sequence **retSequence)
|
||||
{
|
||||
nsCOMPtr<nsIASN1Sequence> sequence = new nsNSSASN1Sequence();
|
||||
if (sequence == nsnull)
|
||||
return NS_ERROR_OUT_OF_MEMORY;
|
||||
|
||||
*retSequence = nsnull;
|
||||
nsString text;
|
||||
GetOIDText(&algID->algorithm, nssComponent, text);
|
||||
if (!algID->parameters.len || algID->parameters.data[0] == nsIASN1Object::ASN1_NULL) {
|
||||
sequence->SetDisplayValue(text);
|
||||
sequence->SetIsValidContainer(PR_FALSE);
|
||||
} else {
|
||||
nsCOMPtr<nsIASN1PrintableItem> printableItem = new nsNSSASN1PrintableItem();
|
||||
printableItem->SetDisplayValue(text);
|
||||
nsCOMPtr<nsIMutableArray> asn1Objects;
|
||||
sequence->GetASN1Objects(getter_AddRefs(asn1Objects));
|
||||
asn1Objects->AppendElement(printableItem, PR_FALSE);
|
||||
nssComponent->GetPIPNSSBundleString("CertDumpAlgID", text);
|
||||
printableItem->SetDisplayName(text);
|
||||
printableItem = new nsNSSASN1PrintableItem();
|
||||
asn1Objects->AppendElement(printableItem, PR_FALSE);
|
||||
nssComponent->GetPIPNSSBundleString("CertDumpParams", text);
|
||||
printableItem->SetDisplayName(text);
|
||||
ProcessRawBytes(&algID->parameters,text);
|
||||
printableItem->SetDisplayValue(text);
|
||||
}
|
||||
*retSequence = sequence;
|
||||
NS_ADDREF(*retSequence);
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
static nsresult
|
||||
ProcessTime(PRTime dispTime, const PRUnichar *displayName,
|
||||
nsIASN1Sequence *parentSequence)
|
||||
{
|
||||
nsresult rv;
|
||||
nsCOMPtr<nsIDateTimeFormat> dateFormatter =
|
||||
do_CreateInstance(kDateTimeFormatCID, &rv);
|
||||
if (NS_FAILED(rv))
|
||||
return rv;
|
||||
|
||||
nsString text;
|
||||
nsString tempString;
|
||||
|
||||
PRExplodedTime explodedTime;
|
||||
PR_ExplodeTime(dispTime, PR_LocalTimeParameters, &explodedTime);
|
||||
|
||||
dateFormatter->FormatPRExplodedTime(nsnull, kDateFormatShort, kTimeFormatSecondsForce24Hour,
|
||||
&explodedTime, tempString);
|
||||
|
||||
text.Append(tempString);
|
||||
text.Append(NS_LITERAL_STRING("\n("));
|
||||
|
||||
PRExplodedTime explodedTimeGMT;
|
||||
PR_ExplodeTime(dispTime, PR_GMTParameters, &explodedTimeGMT);
|
||||
|
||||
dateFormatter->FormatPRExplodedTime(nsnull, kDateFormatShort, kTimeFormatSecondsForce24Hour,
|
||||
&explodedTimeGMT, tempString);
|
||||
|
||||
text.Append(tempString);
|
||||
text.Append(NS_LITERAL_STRING(" GMT)"));
|
||||
|
||||
nsCOMPtr<nsIASN1PrintableItem> printableItem = new nsNSSASN1PrintableItem();
|
||||
if (printableItem == nsnull)
|
||||
return NS_ERROR_OUT_OF_MEMORY;
|
||||
|
||||
printableItem->SetDisplayValue(text);
|
||||
printableItem->SetDisplayName(nsDependentString(displayName));
|
||||
nsCOMPtr<nsIMutableArray> asn1Objects;
|
||||
parentSequence->GetASN1Objects(getter_AddRefs(asn1Objects));
|
||||
asn1Objects->AppendElement(printableItem, PR_FALSE);
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
static nsresult
|
||||
ProcessSubjectPublicKeyInfo(CERTSubjectPublicKeyInfo *spki,
|
||||
nsIASN1Sequence *parentSequence,
|
||||
nsINSSComponent *nssComponent)
|
||||
{
|
||||
nsCOMPtr<nsIASN1Sequence> spkiSequence = new nsNSSASN1Sequence();
|
||||
|
||||
if (spkiSequence == nsnull)
|
||||
return NS_ERROR_OUT_OF_MEMORY;
|
||||
|
||||
nsString text;
|
||||
nssComponent->GetPIPNSSBundleString("CertDumpSPKI", text);
|
||||
spkiSequence->SetDisplayName(text);
|
||||
|
||||
nssComponent->GetPIPNSSBundleString("CertDumpSPKIAlg", text);
|
||||
nsCOMPtr<nsIASN1Sequence> sequenceItem;
|
||||
nsresult rv = ProcessSECAlgorithmID(&spki->algorithm, nssComponent,
|
||||
getter_AddRefs(sequenceItem));
|
||||
if (NS_FAILED(rv))
|
||||
return rv;
|
||||
sequenceItem->SetDisplayName(text);
|
||||
nsCOMPtr<nsIMutableArray> asn1Objects;
|
||||
spkiSequence->GetASN1Objects(getter_AddRefs(asn1Objects));
|
||||
asn1Objects->AppendElement(sequenceItem, PR_FALSE);
|
||||
|
||||
// The subjectPublicKey field is encoded as a bit string.
|
||||
// ProcessRawBytes expects the lenght to be in bytes, so
|
||||
// let's convert the lenght into a temporary SECItem.
|
||||
SECItem data;
|
||||
data.data = spki->subjectPublicKey.data;
|
||||
data.len = spki->subjectPublicKey.len / 8;
|
||||
text.Truncate();
|
||||
ProcessRawBytes(&data, text);
|
||||
nsCOMPtr<nsIASN1PrintableItem> printableItem = new nsNSSASN1PrintableItem();
|
||||
if (printableItem == nsnull)
|
||||
return NS_ERROR_OUT_OF_MEMORY;
|
||||
|
||||
printableItem->SetDisplayValue(text);
|
||||
nssComponent->GetPIPNSSBundleString("CertDumpSubjPubKey", text);
|
||||
printableItem->SetDisplayName(text);
|
||||
asn1Objects->AppendElement(printableItem, PR_FALSE);
|
||||
|
||||
parentSequence->GetASN1Objects(getter_AddRefs(asn1Objects));
|
||||
asn1Objects->AppendElement(spkiSequence, PR_FALSE);
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
static nsresult
|
||||
ProcessExtensions(CERTCertExtension **extensions,
|
||||
nsIASN1Sequence *parentSequence,
|
||||
nsINSSComponent *nssComponent)
|
||||
{
|
||||
nsCOMPtr<nsIASN1Sequence> extensionSequence = new nsNSSASN1Sequence;
|
||||
if (extensionSequence == nsnull)
|
||||
return NS_ERROR_OUT_OF_MEMORY;
|
||||
|
||||
nsString text;
|
||||
nssComponent->GetPIPNSSBundleString("CertDumpExtensions", text);
|
||||
extensionSequence->SetDisplayName(text);
|
||||
PRInt32 i;
|
||||
nsresult rv;
|
||||
nsCOMPtr<nsIASN1PrintableItem> newExtension;
|
||||
nsCOMPtr<nsIMutableArray> asn1Objects;
|
||||
extensionSequence->GetASN1Objects(getter_AddRefs(asn1Objects));
|
||||
for (i=0; extensions[i] != nsnull; i++) {
|
||||
rv = ProcessSingleExtension(extensions[i], nssComponent,
|
||||
getter_AddRefs(newExtension));
|
||||
if (NS_FAILED(rv))
|
||||
return rv;
|
||||
|
||||
asn1Objects->AppendElement(newExtension, PR_FALSE);
|
||||
}
|
||||
parentSequence->GetASN1Objects(getter_AddRefs(asn1Objects));
|
||||
asn1Objects->AppendElement(extensionSequence, PR_FALSE);
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
static nsresult
|
||||
ProcessName(CERTName *name, nsINSSComponent *nssComponent, PRUnichar **value)
|
||||
{
|
||||
CERTRDN** rdns;
|
||||
CERTRDN** rdn;
|
||||
CERTAVA** avas;
|
||||
CERTAVA* ava;
|
||||
SECItem *decodeItem = nsnull;
|
||||
nsString finalString;
|
||||
|
||||
rdns = name->rdns;
|
||||
|
||||
nsString type;
|
||||
nsresult rv;
|
||||
const PRUnichar *params[2];
|
||||
nsString avavalue;
|
||||
nsAutoString temp;
|
||||
CERTRDN **lastRdn;
|
||||
lastRdn = rdns;
|
||||
|
||||
|
||||
/* find last RDN */
|
||||
lastRdn = rdns;
|
||||
while (*lastRdn) lastRdn++;
|
||||
// The above whille loop will put us at the last member
|
||||
// of the array which is a NULL pointer. So let's back
|
||||
// up one spot so that we have the last non-NULL entry in
|
||||
// the array in preparation for traversing the
|
||||
// RDN's (Relative Distinguished Name) in reverse oder.
|
||||
lastRdn--;
|
||||
|
||||
/*
|
||||
* Loop over name contents in _reverse_ RDN order appending to string
|
||||
* When building the Ascii string, NSS loops over these entries in
|
||||
* reverse order, so I will as well. The difference is that NSS
|
||||
* will always place them in a one line string separated by commas,
|
||||
* where I want each entry on a single line. I can't just use a comma
|
||||
* as my delimitter because it is a valid character to have in the
|
||||
* value portion of the AVA and could cause trouble when parsing.
|
||||
*/
|
||||
for (rdn = lastRdn; rdn >= rdns; rdn--) {
|
||||
avas = (*rdn)->avas;
|
||||
while ((ava = *avas++) != 0) {
|
||||
rv = GetOIDText(&ava->type, nssComponent, type);
|
||||
if (NS_FAILED(rv))
|
||||
return rv;
|
||||
|
||||
//This function returns a string in UTF8 format.
|
||||
decodeItem = CERT_DecodeAVAValue(&ava->value);
|
||||
if(!decodeItem) {
|
||||
return NS_ERROR_FAILURE;
|
||||
}
|
||||
avavalue = NS_ConvertUTF8toUTF16((char*)decodeItem->data, decodeItem->len);
|
||||
|
||||
SECITEM_FreeItem(decodeItem, PR_TRUE);
|
||||
params[0] = type.get();
|
||||
params[1] = avavalue.get();
|
||||
nssComponent->PIPBundleFormatStringFromName("AVATemplate",
|
||||
params, 2, temp);
|
||||
finalString += temp + NS_LITERAL_STRING("\n");
|
||||
}
|
||||
}
|
||||
*value = ToNewUnicode(finalString);
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
nsresult
|
||||
nsNSSCertificate::CreateTBSCertificateASN1Struct(nsIASN1Sequence **retSequence,
|
||||
nsINSSComponent *nssComponent)
|
||||
{
|
||||
nsNSSShutDownPreventionLock locker;
|
||||
if (isAlreadyShutDown())
|
||||
return NS_ERROR_NOT_AVAILABLE;
|
||||
|
||||
//
|
||||
// TBSCertificate ::= SEQUENCE {
|
||||
// version [0] EXPLICIT Version DEFAULT v1,
|
||||
// serialNumber CertificateSerialNumber,
|
||||
// signature AlgorithmIdentifier,
|
||||
// issuer Name,
|
||||
// validity Validity,
|
||||
// subject Name,
|
||||
// subjectPublicKeyInfo SubjectPublicKeyInfo,
|
||||
// issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL,
|
||||
// -- If present, version shall be v2 or v3
|
||||
// subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL,
|
||||
// -- If present, version shall be v2 or v3
|
||||
// extensions [3] EXPLICIT Extensions OPTIONAL
|
||||
// -- If present, version shall be v3
|
||||
// }
|
||||
//
|
||||
// This is the ASN1 structure we should be dealing with at this point.
|
||||
// The code in this method will assert this is the structure we're dealing
|
||||
// and then add more user friendly text for that field.
|
||||
nsCOMPtr<nsIASN1Sequence> sequence = new nsNSSASN1Sequence();
|
||||
if (sequence == nsnull)
|
||||
return NS_ERROR_OUT_OF_MEMORY;
|
||||
|
||||
nsString text;
|
||||
nssComponent->GetPIPNSSBundleString("CertDumpCertificate", text);
|
||||
sequence->SetDisplayName(text);
|
||||
nsCOMPtr<nsIASN1PrintableItem> printableItem;
|
||||
|
||||
nsCOMPtr<nsIMutableArray> asn1Objects;
|
||||
sequence->GetASN1Objects(getter_AddRefs(asn1Objects));
|
||||
|
||||
nsresult rv = ProcessVersion(&mCert->version, nssComponent,
|
||||
getter_AddRefs(printableItem));
|
||||
if (NS_FAILED(rv))
|
||||
return rv;
|
||||
|
||||
asn1Objects->AppendElement(printableItem, PR_FALSE);
|
||||
|
||||
rv = ProcessSerialNumberDER(&mCert->serialNumber, nssComponent,
|
||||
getter_AddRefs(printableItem));
|
||||
|
||||
if (NS_FAILED(rv))
|
||||
return rv;
|
||||
asn1Objects->AppendElement(printableItem, PR_FALSE);
|
||||
|
||||
nsCOMPtr<nsIASN1Sequence> algID;
|
||||
rv = ProcessSECAlgorithmID(&mCert->signature,
|
||||
nssComponent, getter_AddRefs(algID));
|
||||
if (NS_FAILED(rv))
|
||||
return rv;
|
||||
|
||||
nssComponent->GetPIPNSSBundleString("CertDumpSigAlg", text);
|
||||
algID->SetDisplayName(text);
|
||||
asn1Objects->AppendElement(algID, PR_FALSE);
|
||||
|
||||
nsXPIDLString value;
|
||||
ProcessName(&mCert->issuer, nssComponent, getter_Copies(value));
|
||||
|
||||
printableItem = new nsNSSASN1PrintableItem();
|
||||
if (printableItem == nsnull)
|
||||
return NS_ERROR_OUT_OF_MEMORY;
|
||||
|
||||
printableItem->SetDisplayValue(value);
|
||||
nssComponent->GetPIPNSSBundleString("CertDumpIssuer", text);
|
||||
printableItem->SetDisplayName(text);
|
||||
asn1Objects->AppendElement(printableItem, PR_FALSE);
|
||||
|
||||
nsCOMPtr<nsIASN1Sequence> validitySequence = new nsNSSASN1Sequence();
|
||||
nssComponent->GetPIPNSSBundleString("CertDumpValidity", text);
|
||||
validitySequence->SetDisplayName(text);
|
||||
asn1Objects->AppendElement(validitySequence, PR_FALSE);
|
||||
nssComponent->GetPIPNSSBundleString("CertDumpNotBefore", text);
|
||||
nsCOMPtr<nsIX509CertValidity> validityData;
|
||||
GetValidity(getter_AddRefs(validityData));
|
||||
PRTime notBefore, notAfter;
|
||||
|
||||
validityData->GetNotBefore(¬Before);
|
||||
validityData->GetNotAfter(¬After);
|
||||
validityData = 0;
|
||||
rv = ProcessTime(notBefore, text.get(), validitySequence);
|
||||
if (NS_FAILED(rv))
|
||||
return rv;
|
||||
|
||||
nssComponent->GetPIPNSSBundleString("CertDumpNotAfter", text);
|
||||
rv = ProcessTime(notAfter, text.get(), validitySequence);
|
||||
if (NS_FAILED(rv))
|
||||
return rv;
|
||||
|
||||
nssComponent->GetPIPNSSBundleString("CertDumpSubject", text);
|
||||
|
||||
printableItem = new nsNSSASN1PrintableItem();
|
||||
if (printableItem == nsnull)
|
||||
return NS_ERROR_OUT_OF_MEMORY;
|
||||
|
||||
printableItem->SetDisplayName(text);
|
||||
ProcessName(&mCert->subject, nssComponent,getter_Copies(value));
|
||||
printableItem->SetDisplayValue(value);
|
||||
asn1Objects->AppendElement(printableItem, PR_FALSE);
|
||||
|
||||
rv = ProcessSubjectPublicKeyInfo(&mCert->subjectPublicKeyInfo, sequence,
|
||||
nssComponent);
|
||||
if (NS_FAILED(rv))
|
||||
return rv;
|
||||
|
||||
SECItem data;
|
||||
// Is there an issuerUniqueID?
|
||||
if (mCert->issuerID.data != nsnull) {
|
||||
// The issuerID is encoded as a bit string.
|
||||
// The function ProcessRawBytes expects the
|
||||
// length to be in bytes, so let's convert the
|
||||
// length in a temporary SECItem
|
||||
data.data = mCert->issuerID.data;
|
||||
data.len = mCert->issuerID.len / 8;
|
||||
|
||||
ProcessRawBytes(&data, text);
|
||||
printableItem = new nsNSSASN1PrintableItem();
|
||||
if (printableItem == nsnull)
|
||||
return NS_ERROR_OUT_OF_MEMORY;
|
||||
|
||||
printableItem->SetDisplayValue(text);
|
||||
nssComponent->GetPIPNSSBundleString("CertDumpIssuerUniqueID", text);
|
||||
printableItem->SetDisplayName(text);
|
||||
asn1Objects->AppendElement(printableItem, PR_FALSE);
|
||||
}
|
||||
|
||||
if (mCert->subjectID.data) {
|
||||
// The subjectID is encoded as a bit string.
|
||||
// The function ProcessRawBytes expects the
|
||||
// length to be in bytes, so let's convert the
|
||||
// length in a temporary SECItem
|
||||
data.data = mCert->issuerID.data;
|
||||
data.len = mCert->issuerID.len / 8;
|
||||
|
||||
ProcessRawBytes(&data, text);
|
||||
printableItem = new nsNSSASN1PrintableItem();
|
||||
if (printableItem == nsnull)
|
||||
return NS_ERROR_OUT_OF_MEMORY;
|
||||
|
||||
printableItem->SetDisplayValue(text);
|
||||
nssComponent->GetPIPNSSBundleString("CertDumpSubjectUniqueID", text);
|
||||
printableItem->SetDisplayName(text);
|
||||
asn1Objects->AppendElement(printableItem, PR_FALSE);
|
||||
|
||||
}
|
||||
if (mCert->extensions) {
|
||||
rv = ProcessExtensions(mCert->extensions, sequence, nssComponent);
|
||||
if (NS_FAILED(rv))
|
||||
return rv;
|
||||
}
|
||||
*retSequence = sequence;
|
||||
NS_ADDREF(*retSequence);
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
#if defined(DEBUG_javi) || defined(DEBUG_jgmyers)
|
||||
void
|
||||
DumpASN1Object(nsIASN1Object *object, unsigned int level)
|
||||
@ -1493,66 +1106,6 @@ DumpASN1Object(nsIASN1Object *object, unsigned int level)
|
||||
}
|
||||
#endif
|
||||
|
||||
nsresult
|
||||
nsNSSCertificate::CreateASN1Struct()
|
||||
{
|
||||
nsNSSShutDownPreventionLock locker;
|
||||
if (isAlreadyShutDown())
|
||||
return NS_ERROR_NOT_AVAILABLE;
|
||||
|
||||
nsCOMPtr<nsIASN1Sequence> sequence = new nsNSSASN1Sequence();
|
||||
|
||||
mASN1Structure = sequence;
|
||||
if (mASN1Structure == nsnull) {
|
||||
return NS_ERROR_OUT_OF_MEMORY;
|
||||
}
|
||||
|
||||
nsCOMPtr<nsIMutableArray> asn1Objects;
|
||||
sequence->GetASN1Objects(getter_AddRefs(asn1Objects));
|
||||
nsXPIDLCString title;
|
||||
GetWindowTitle(getter_Copies(title));
|
||||
|
||||
mASN1Structure->SetDisplayName(NS_ConvertUTF8toUCS2(title));
|
||||
// This sequence will be contain the tbsCertificate, signatureAlgorithm,
|
||||
// and signatureValue.
|
||||
nsresult rv;
|
||||
nsCOMPtr<nsINSSComponent> nssComponent(do_GetService(kNSSComponentCID, &rv));
|
||||
if (NS_FAILED(rv))
|
||||
return rv;
|
||||
|
||||
rv = CreateTBSCertificateASN1Struct(getter_AddRefs(sequence),
|
||||
nssComponent);
|
||||
if (NS_FAILED(rv))
|
||||
return rv;
|
||||
|
||||
asn1Objects->AppendElement(sequence, PR_FALSE);
|
||||
nsCOMPtr<nsIASN1Sequence> algID;
|
||||
|
||||
rv = ProcessSECAlgorithmID(&mCert->signatureWrap.signatureAlgorithm,
|
||||
nssComponent, getter_AddRefs(algID));
|
||||
if (NS_FAILED(rv))
|
||||
return rv;
|
||||
nsString text;
|
||||
nssComponent->GetPIPNSSBundleString("CertDumpSigAlg", text);
|
||||
algID->SetDisplayName(text);
|
||||
asn1Objects->AppendElement(algID, PR_FALSE);
|
||||
nsCOMPtr<nsIASN1PrintableItem>printableItem = new nsNSSASN1PrintableItem();
|
||||
nssComponent->GetPIPNSSBundleString("CertDumpCertSig", text);
|
||||
printableItem->SetDisplayName(text);
|
||||
// The signatureWrap is encoded as a bit string.
|
||||
// The function ProcessRawBytes expects the
|
||||
// length to be in bytes, so let's convert the
|
||||
// length in a temporary SECItem
|
||||
SECItem temp;
|
||||
temp.data = mCert->signatureWrap.signature.data;
|
||||
temp.len = mCert->signatureWrap.signature.len / 8;
|
||||
text.Truncate();
|
||||
ProcessRawBytes(&temp,text);
|
||||
printableItem->SetDisplayValue(text);
|
||||
asn1Objects->AppendElement(printableItem, PR_FALSE);
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/* readonly attribute nsIASN1Object ASN1Structure; */
|
||||
NS_IMETHODIMP
|
||||
nsNSSCertificate::GetASN1Structure(nsIASN1Object * *aASN1Structure)
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user