1 : /* ***** BEGIN LICENSE BLOCK *****
2 : * Version: MPL 1.1/GPL 2.0/LGPL 2.1
3 : *
4 : * The contents of this file are subject to the Mozilla Public License Version
5 : * 1.1 (the "License"); you may not use this file except in compliance with
6 : * the License. You may obtain a copy of the License at
7 : * http://www.mozilla.org/MPL/
8 : *
9 : * Software distributed under the License is distributed on an "AS IS" basis,
10 : * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
11 : * for the specific language governing rights and limitations under the
12 : * License.
13 : *
14 : * The Original Code is the Netscape security libraries.
15 : *
16 : * The Initial Developer of the Original Code is
17 : * Netscape Communications Corporation.
18 : * Portions created by the Initial Developer are Copyright (C) 2000
19 : * the Initial Developer. All Rights Reserved.
20 : *
21 : * Contributor(s):
22 : * Ian McGreer <mcgreer@netscape.com>
23 : * Javier Delgadillo <javi@netscape.com>
24 : *
25 : * Alternatively, the contents of this file may be used under the terms of
26 : * either the GNU General Public License Version 2 or later (the "GPL"), or
27 : * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
28 : * in which case the provisions of the GPL or the LGPL are applicable instead
29 : * of those above. If you wish to allow use of your version of this file only
30 : * under the terms of either the GPL or the LGPL, and not to allow others to
31 : * use your version of this file under the terms of the MPL, indicate your
32 : * decision by deleting the provisions above and replace them with the notice
33 : * and other provisions required by the GPL or the LGPL. If you do not delete
34 : * the provisions above, a recipient may use your version of this file under
35 : * the terms of any one of the MPL, the GPL or the LGPL.
36 : *
37 : * ***** END LICENSE BLOCK ***** */
38 :
39 : #include "nsOCSPResponder.h"
40 :
41 : #include "nsCOMPtr.h"
42 : #include "nsIDateTimeFormat.h"
43 : #include "nsDateTimeFormatCID.h"
44 : #include "nsComponentManagerUtils.h"
45 : #include "nsReadableUtils.h"
46 :
47 : #include "certdb.h"
48 :
49 : /* Implementation file */
50 0 : NS_IMPL_ISUPPORTS1(nsOCSPResponder, nsIOCSPResponder)
51 :
52 0 : nsOCSPResponder::nsOCSPResponder()
53 : {
54 : /* member initializers and constructor code */
55 0 : }
56 :
57 0 : nsOCSPResponder::nsOCSPResponder(const PRUnichar * aCA, const PRUnichar * aURL)
58 : {
59 0 : mCA.Assign(aCA);
60 0 : mURL.Assign(aURL);
61 0 : }
62 :
63 0 : nsOCSPResponder::~nsOCSPResponder()
64 : {
65 : /* destructor code */
66 0 : }
67 :
68 : /* readonly attribute */
69 0 : NS_IMETHODIMP nsOCSPResponder::GetResponseSigner(PRUnichar** aCA)
70 : {
71 0 : NS_ENSURE_ARG(aCA);
72 0 : *aCA = ToNewUnicode(mCA);
73 0 : return NS_OK;
74 : }
75 :
76 : /* readonly attribute */
77 0 : NS_IMETHODIMP nsOCSPResponder::GetServiceURL(PRUnichar** aURL)
78 : {
79 0 : NS_ENSURE_ARG(aURL);
80 0 : *aURL = ToNewUnicode(mURL);
81 0 : return NS_OK;
82 : }
83 :
84 0 : bool nsOCSPResponder::IncludeCert(CERTCertificate *aCert)
85 : {
86 : CERTCertTrust *trust;
87 : char *nickname;
88 :
89 0 : trust = aCert->trust;
90 0 : nickname = aCert->nickname;
91 :
92 0 : PR_ASSERT(trust != nsnull);
93 :
94 : // Check that trust is non-null //
95 0 : if (trust == nsnull) {
96 0 : return false;
97 : }
98 :
99 0 : if ( ( ( trust->sslFlags & CERTDB_INVISIBLE_CA ) ||
100 : (trust->emailFlags & CERTDB_INVISIBLE_CA ) ||
101 : (trust->objectSigningFlags & CERTDB_INVISIBLE_CA ) ) ||
102 : nickname == NULL) {
103 0 : return false;
104 : }
105 0 : if ((trust->sslFlags & CERTDB_VALID_CA) ||
106 : (trust->emailFlags & CERTDB_VALID_CA) ||
107 : (trust->objectSigningFlags & CERTDB_VALID_CA)) {
108 0 : return true;
109 : }
110 0 : return false;
111 : }
112 :
113 : // CmpByCAName
114 : //
115 : // Compare two responders their token name. Returns -1, 0, 1 as
116 : // in strcmp. No token name (null) is treated as >.
117 0 : PRInt32 nsOCSPResponder::CmpCAName(nsIOCSPResponder *a, nsIOCSPResponder *b)
118 : {
119 : PRInt32 cmp1;
120 0 : nsXPIDLString aTok, bTok;
121 0 : a->GetResponseSigner(getter_Copies(aTok));
122 0 : b->GetResponseSigner(getter_Copies(bTok));
123 0 : if (aTok != nsnull && bTok != nsnull) {
124 0 : cmp1 = Compare(aTok, bTok);
125 : } else {
126 0 : cmp1 = (aTok == nsnull) ? 1 : -1;
127 : }
128 0 : return cmp1;
129 : }
130 :
131 : // ocsp_compare_entries
132 : //
133 : // Compare two responders. Returns -1, 0, 1 as
134 : // in strcmp. Entries with urls come before those without urls.
135 0 : PRInt32 nsOCSPResponder::CompareEntries(nsIOCSPResponder *a, nsIOCSPResponder *b)
136 : {
137 0 : nsXPIDLString aURL, bURL;
138 0 : nsAutoString aURLAuto, bURLAuto;
139 :
140 0 : a->GetServiceURL(getter_Copies(aURL));
141 0 : aURLAuto.Assign(aURL);
142 0 : b->GetServiceURL(getter_Copies(bURL));
143 0 : bURLAuto.Assign(bURL);
144 :
145 0 : if (!aURLAuto.IsEmpty()) {
146 0 : if (!bURLAuto.IsEmpty()) {
147 0 : return nsOCSPResponder::CmpCAName(a, b);
148 : } else {
149 0 : return -1;
150 : }
151 : } else {
152 0 : if (!bURLAuto.IsEmpty()) {
153 0 : return 1;
154 : } else {
155 0 : return nsOCSPResponder::CmpCAName(a, b);
156 : }
157 : }
158 : }
159 :
|