Jrg Brunsmann <joerg_brunsmann@yahoo.de>. Use the local variable that
has the same value.
git-svn-id: svn://10.0.0.236/trunk@127865 18797224-902f-48f8-a5cc-f745e15eee43
nsstoken_FindCertByIssuerAndSN() function to gain the benefit of the fixed
Searching code.
git-svn-id: svn://10.0.0.236/trunk@127272 18797224-902f-48f8-a5cc-f745e15eee43
to read.
2) only extract keys if we are using fortezzav1 cert (should speed up cert verify
a bit).
3) Add function to verify a specific CA cert to verify a userCert Usage.
git-svn-id: svn://10.0.0.236/trunk@126239 18797224-902f-48f8-a5cc-f745e15eee43
- ability to import to any slot
- ability to specify decode options, such as "don't copy DER"
- ability to specify import options, such as "don't do CRL checks"
This patch also maps the existing functions SEC_NewCrl and CERT_ImportCRL
to this new function, eliminating the code duplication that existed
git-svn-id: svn://10.0.0.236/trunk@125481 18797224-902f-48f8-a5cc-f745e15eee43
1) reduce more short term memory allocate/frees.
2) remove sha1 hash calculations from critical paths.
3) when listing user certs, skip decoding of non-user certs.
git-svn-id: svn://10.0.0.236/trunk@124499 18797224-902f-48f8-a5cc-f745e15eee43
1) use NewTempCert rather than DERDecode cert in all import cert cases.
When DERDecode cert is used, we may wind up with a cert that gets cleared
when we try to import it because it already in the cache. NewTempCert will
return the version that is in the cache.
2) If we are returning the CAList, only return certs that are CA's
(not usercerts).
3) Authenticate to all the tokens if necessary before we try to list
certs. (Stan code should eventually get automatic authentication calls in
the code itself).
4) When looking up user certs, don't return those certs with the same
subject, but do not have any key material associated with them (that is
don't crash if we have old certs in our database without nicknames, but
match user certs on our smart cards).
5) Save the nickname associated with our subject list in the temp
cache so we can correctly remove the entry even if the cert's nickname
changes (because of smart card insertions and removals, or because of
creation and deletions of our user cert).
git-svn-id: svn://10.0.0.236/trunk@119557 18797224-902f-48f8-a5cc-f745e15eee43
Debug builds can verify correct operation by setting NSS_STRICT_SHUTDOWN, which
will cause an assert if shutdown is called but not all the modules are freed (which
means a slot, key, or cert reference has been leaked).
git-svn-id: svn://10.0.0.236/trunk@118866 18797224-902f-48f8-a5cc-f745e15eee43
of the CERTSignedCrl structure it returns. The patch is contributed by
Rangan Sen <rangansen@netscape.com>. r=relyea.
git-svn-id: svn://10.0.0.236/trunk@116655 18797224-902f-48f8-a5cc-f745e15eee43
1) Preseve the position of NSS 3.3 elements in the data structures. Some
new fields replace some old deprecated fields where possible to preserve
the total size of the structure.
2) Stan headers are removed from public exports.
3) Some exported functions didn't have prototypes in the public headers.
4) One bug fix: dev3hack.c did not pass the second argument to
nssToken_DestroyCertList.
5) Include the necessary headers to fix undeclared function warnings.
git-svn-id: svn://10.0.0.236/trunk@116522 18797224-902f-48f8-a5cc-f745e15eee43
