1 : /* ***** BEGIN LICENSE BLOCK *****
2 : * Version: MPL 1.1/GPL 2.0/LGPL 2.1
3 : *
4 : * The contents of this file are subject to the Mozilla Public License Version
5 : * 1.1 (the "License"); you may not use this file except in compliance with
6 : * the License. You may obtain a copy of the License at
7 : * http://www.mozilla.org/MPL/
8 : *
9 : * Software distributed under the License is distributed on an "AS IS" basis,
10 : * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
11 : * for the specific language governing rights and limitations under the
12 : * License.
13 : *
14 : * The Original Code is Personal Security Manager.
15 : *
16 : * The Initial Developer of the Original Code is
17 : * the Mozilla Foundation.
18 : * Portions created by the Initial Developer are Copyright (C) 2010
19 : * the Initial Developer. All Rights Reserved.
20 : *
21 : * Contributor(s):
22 : * Hubbie Shaw
23 : * Doug Turner <dougt@netscape.com>
24 : * Mitch Stoltz <mstoltz@netscape.com>
25 : * Brian Ryner <bryner@brianryner.com>
26 : * Kai Engert <kaie@netscape.com>
27 : * Vipul Gupta <vipul.gupta@sun.com>
28 : * Douglas Stebila <douglas@stebila.ca>
29 : * Kai Engert <kengert@redhat.com>
30 : * honzab.moz@firemni.cz
31 : *
32 : * Alternatively, the contents of this file may be used under the terms of
33 : * either the GNU General Public License Version 2 or later (the "GPL"), or
34 : * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
35 : * in which case the provisions of the GPL or the LGPL are applicable instead
36 : * of those above. If you wish to allow use of your version of this file only
37 : * under the terms of either the GPL or the LGPL, and not to allow others to
38 : * use your version of this file under the terms of the MPL, indicate your
39 : * decision by deleting the provisions above and replace them with the notice
40 : * and other provisions required by the GPL or the LGPL. If you do not delete
41 : * the provisions above, a recipient may use your version of this file under
42 : * the terms of any one of the MPL, the GPL or the LGPL.
43 : *
44 : * ***** END LICENSE BLOCK ***** */
45 :
46 : #include "NSSErrorsService.h"
47 :
48 : #include "nsNSSComponent.h"
49 : #include "nsServiceManagerUtils.h"
50 : #include "secerr.h"
51 : #include "sslerr.h"
52 :
53 : #define PIPNSS_STRBUNDLE_URL "chrome://pipnss/locale/pipnss.properties"
54 : #define NSSERR_STRBUNDLE_URL "chrome://pipnss/locale/nsserrors.properties"
55 :
56 : namespace mozilla {
57 : namespace psm {
58 :
59 0 : NS_IMPL_ISUPPORTS1(NSSErrorsService, nsINSSErrorsService)
60 :
61 : nsresult
62 0 : NSSErrorsService::Init()
63 : {
64 : nsresult rv;
65 0 : nsCOMPtr<nsIStringBundleService> bundleService(do_GetService(NS_STRINGBUNDLE_CONTRACTID, &rv));
66 0 : if (NS_FAILED(rv) || !bundleService)
67 0 : return NS_ERROR_FAILURE;
68 :
69 0 : bundleService->CreateBundle(PIPNSS_STRBUNDLE_URL,
70 0 : getter_AddRefs(mPIPNSSBundle));
71 0 : if (!mPIPNSSBundle)
72 0 : rv = NS_ERROR_FAILURE;
73 :
74 0 : bundleService->CreateBundle(NSSERR_STRBUNDLE_URL,
75 0 : getter_AddRefs(mNSSErrorsBundle));
76 0 : if (!mNSSErrorsBundle)
77 0 : rv = NS_ERROR_FAILURE;
78 :
79 0 : return rv;
80 : }
81 :
82 : #define EXPECTED_SEC_ERROR_BASE (-0x2000)
83 : #define EXPECTED_SSL_ERROR_BASE (-0x3000)
84 :
85 : #if SEC_ERROR_BASE != EXPECTED_SEC_ERROR_BASE || SSL_ERROR_BASE != EXPECTED_SSL_ERROR_BASE
86 : #error "Unexpected change of error code numbers in lib NSS, please adjust the mapping code"
87 : /*
88 : * Please ensure the NSS error codes are mapped into the positive range 0x1000 to 0xf000
89 : * Search for NS_ERROR_MODULE_SECURITY to ensure there are no conflicts.
90 : * The current code also assumes that NSS library error codes are negative.
91 : */
92 : #endif
93 :
94 : NS_IMETHODIMP
95 0 : NSSErrorsService::IsNSSErrorCode(PRInt32 aNSPRCode, bool *_retval)
96 : {
97 0 : if (!_retval)
98 0 : return NS_ERROR_FAILURE;
99 :
100 0 : *_retval = IS_SEC_ERROR(aNSPRCode) || IS_SSL_ERROR(aNSPRCode);
101 0 : return NS_OK;
102 : }
103 :
104 : NS_IMETHODIMP
105 0 : NSSErrorsService::GetXPCOMFromNSSError(PRInt32 aNSPRCode, nsresult *aXPCOMErrorCode)
106 : {
107 0 : if (!IS_SEC_ERROR(aNSPRCode) && !IS_SSL_ERROR(aNSPRCode))
108 0 : return NS_ERROR_FAILURE;
109 :
110 0 : if (!aXPCOMErrorCode)
111 0 : return NS_ERROR_INVALID_ARG;
112 :
113 : // The error codes within each module may be a 16 bit value.
114 : // For simplicity let's use the positive value of the NSS code.
115 :
116 : *aXPCOMErrorCode =
117 : NS_ERROR_GENERATE_FAILURE(NS_ERROR_MODULE_SECURITY,
118 0 : -1 * aNSPRCode);
119 0 : return NS_OK;
120 : }
121 :
122 : NS_IMETHODIMP
123 0 : NSSErrorsService::GetErrorClass(nsresult aXPCOMErrorCode, PRUint32 *aErrorClass)
124 : {
125 0 : NS_ENSURE_ARG(aErrorClass);
126 :
127 0 : if (NS_ERROR_GET_MODULE(aXPCOMErrorCode) != NS_ERROR_MODULE_SECURITY
128 : || NS_ERROR_GET_SEVERITY(aXPCOMErrorCode) != NS_ERROR_SEVERITY_ERROR)
129 0 : return NS_ERROR_FAILURE;
130 :
131 0 : PRInt32 aNSPRCode = -1 * NS_ERROR_GET_CODE(aXPCOMErrorCode);
132 :
133 0 : if (!IS_SEC_ERROR(aNSPRCode) && !IS_SSL_ERROR(aNSPRCode))
134 0 : return NS_ERROR_FAILURE;
135 :
136 0 : switch (aNSPRCode)
137 : {
138 : case SEC_ERROR_UNKNOWN_ISSUER:
139 : case SEC_ERROR_CA_CERT_INVALID:
140 : case SEC_ERROR_UNTRUSTED_ISSUER:
141 : case SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE:
142 : case SEC_ERROR_UNTRUSTED_CERT:
143 : case SEC_ERROR_INADEQUATE_KEY_USAGE:
144 : case SSL_ERROR_BAD_CERT_DOMAIN:
145 : case SEC_ERROR_EXPIRED_CERTIFICATE:
146 0 : *aErrorClass = ERROR_CLASS_BAD_CERT;
147 0 : break;
148 : default:
149 0 : *aErrorClass = ERROR_CLASS_SSL_PROTOCOL;
150 0 : break;
151 : }
152 0 : return NS_OK;
153 : }
154 :
155 : NS_IMETHODIMP
156 0 : NSSErrorsService::GetErrorMessage(nsresult aXPCOMErrorCode, nsAString &aErrorMessage)
157 : {
158 0 : if (NS_ERROR_GET_MODULE(aXPCOMErrorCode) != NS_ERROR_MODULE_SECURITY
159 : || NS_ERROR_GET_SEVERITY(aXPCOMErrorCode) != NS_ERROR_SEVERITY_ERROR)
160 0 : return NS_ERROR_FAILURE;
161 :
162 0 : PRInt32 aNSPRCode = -1 * NS_ERROR_GET_CODE(aXPCOMErrorCode);
163 :
164 0 : if (!IS_SEC_ERROR(aNSPRCode) && !IS_SSL_ERROR(aNSPRCode))
165 0 : return NS_ERROR_FAILURE;
166 :
167 0 : nsCOMPtr<nsIStringBundle> theBundle = mPIPNSSBundle;
168 0 : const char *id_str = nsNSSErrors::getOverrideErrorStringName(aNSPRCode);
169 :
170 0 : if (!id_str) {
171 0 : id_str = nsNSSErrors::getDefaultErrorStringName(aNSPRCode);
172 0 : theBundle = mNSSErrorsBundle;
173 : }
174 :
175 0 : if (!id_str || !theBundle)
176 0 : return NS_ERROR_FAILURE;
177 :
178 0 : nsAutoString msg;
179 : nsresult rv =
180 0 : theBundle->GetStringFromName(NS_ConvertASCIItoUTF16(id_str).get(),
181 0 : getter_Copies(msg));
182 0 : if (NS_SUCCEEDED(rv)) {
183 0 : aErrorMessage = msg;
184 : }
185 0 : return rv;
186 : }
187 :
188 : } // psm
189 : } // mozilla
|