LCOV - code coverage report
Current view: directory - security/manager/ssl/src - nsCertPicker.cpp (source / functions) Found Hit Coverage
Test: app.info Lines: 87 0 0.0 %
Date: 2012-06-02 Functions: 11 0 0.0 %

       1                 : /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
       2                 : /* ***** BEGIN LICENSE BLOCK *****
       3                 :  * Version: MPL 1.1/GPL 2.0/LGPL 2.1
       4                 :  *
       5                 :  * The contents of this file are subject to the Mozilla Public License Version
       6                 :  * 1.1 (the "License"); you may not use this file except in compliance with
       7                 :  * the License. You may obtain a copy of the License at
       8                 :  * http://www.mozilla.org/MPL/
       9                 :  *
      10                 :  * Software distributed under the License is distributed on an "AS IS" basis,
      11                 :  * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
      12                 :  * for the specific language governing rights and limitations under the
      13                 :  * License.
      14                 :  *
      15                 :  * The Original Code is Mozilla Communicator.
      16                 :  *
      17                 :  * The Initial Developer of the Original Code is
      18                 :  * Netscape Communications Corp..
      19                 :  * Portions created by the Initial Developer are Copyright (C) 2001
      20                 :  * the Initial Developer. All Rights Reserved.
      21                 :  *
      22                 :  * Contributor(s): Kai Engert <kaie@netscape.com>
      23                 :  *
      24                 :  * Alternatively, the contents of this file may be used under the terms of
      25                 :  * either the GNU General Public License Version 2 or later (the "GPL"), or
      26                 :  * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
      27                 :  * in which case the provisions of the GPL or the LGPL are applicable instead
      28                 :  * of those above. If you wish to allow use of your version of this file only
      29                 :  * under the terms of either the GPL or the LGPL, and not to allow others to
      30                 :  * use your version of this file under the terms of the MPL, indicate your
      31                 :  * decision by deleting the provisions above and replace them with the notice
      32                 :  * and other provisions required by the GPL or the LGPL. If you do not delete
      33                 :  * the provisions above, a recipient may use your version of this file under
      34                 :  * the terms of any one of the MPL, the GPL or the LGPL.
      35                 :  *
      36                 :  * ***** END LICENSE BLOCK ***** */
      37                 : 
      38                 : #include "nsCertPicker.h"
      39                 : #include "nsMemory.h"
      40                 : #include "nsCOMPtr.h"
      41                 : #include "nsXPIDLString.h"
      42                 : #include "nsIServiceManager.h"
      43                 : #include "nsNSSComponent.h"
      44                 : #include "nsNSSCertificate.h"
      45                 : #include "nsReadableUtils.h"
      46                 : #include "nsNSSCleaner.h"
      47                 : #include "nsICertPickDialogs.h"
      48                 : #include "nsNSSShutDown.h"
      49                 : #include "nsNSSCertHelper.h"
      50                 : 
      51               0 : NSSCleanupAutoPtrClass(CERTCertNicknames, CERT_FreeNicknames)
      52               0 : NSSCleanupAutoPtrClass(CERTCertList, CERT_DestroyCertList)
      53                 : 
      54                 : #include "cert.h"
      55                 : 
      56               0 : NS_IMPL_ISUPPORTS1(nsCertPicker, nsIUserCertPicker)
      57                 : 
      58               0 : nsCertPicker::nsCertPicker()
      59                 : {
      60               0 : }
      61                 : 
      62               0 : nsCertPicker::~nsCertPicker()
      63                 : {
      64               0 : }
      65                 : 
      66               0 : NS_IMETHODIMP nsCertPicker::PickByUsage(nsIInterfaceRequestor *ctx, 
      67                 :                                         const PRUnichar *selectedNickname, 
      68                 :                                         PRInt32 certUsage, 
      69                 :                                         bool allowInvalid, 
      70                 :                                         bool allowDuplicateNicknames, 
      71                 :                                         bool *canceled, 
      72                 :                                         nsIX509Cert **_retval)
      73                 : {
      74               0 :   nsNSSShutDownPreventionLock locker;
      75               0 :   PRInt32 selectedIndex = -1;
      76               0 :   bool selectionFound = false;
      77               0 :   PRUnichar **certNicknameList = nsnull;
      78               0 :   PRUnichar **certDetailsList = nsnull;
      79               0 :   CERTCertListNode* node = nsnull;
      80               0 :   nsresult rv = NS_OK;
      81                 : 
      82                 :   {
      83                 :     // Iterate over all certs. This assures that user is logged in to all hardware tokens.
      84               0 :     CERTCertList *allcerts = nsnull;
      85               0 :     nsCOMPtr<nsIInterfaceRequestor> ctx = new PipUIContext();
      86               0 :     allcerts = PK11_ListCerts(PK11CertListUnique, ctx);
      87               0 :     CERT_DestroyCertList(allcerts);
      88                 :   }
      89                 : 
      90                 :   /* find all user certs that are valid and for SSL */
      91                 :   /* note that we are allowing expired certs in this list */
      92                 : 
      93                 :   CERTCertList *certList = 
      94                 :     CERT_FindUserCertsByUsage(CERT_GetDefaultCertDB(), 
      95                 :                               (SECCertUsage)certUsage,
      96               0 :                               !allowDuplicateNicknames,
      97               0 :                               !allowInvalid,
      98               0 :                               ctx);
      99               0 :   CERTCertListCleaner clc(certList);
     100                 : 
     101               0 :   if (!certList) {
     102               0 :     return NS_ERROR_NOT_AVAILABLE;
     103                 :   }
     104                 : 
     105               0 :   CERTCertNicknames *nicknames = getNSSCertNicknamesFromCertList(certList);
     106                 : 
     107               0 :   CERTCertNicknamesCleaner cnc(nicknames);
     108                 : 
     109               0 :   if (!nicknames) {
     110               0 :     return NS_ERROR_NOT_AVAILABLE;
     111                 :   }
     112                 : 
     113               0 :   certNicknameList = (PRUnichar **)nsMemory::Alloc(sizeof(PRUnichar *) * nicknames->numnicknames);
     114               0 :   certDetailsList = (PRUnichar **)nsMemory::Alloc(sizeof(PRUnichar *) * nicknames->numnicknames);
     115                 : 
     116               0 :   if (!certNicknameList || !certDetailsList) {
     117               0 :     nsMemory::Free(certNicknameList);
     118               0 :     nsMemory::Free(certDetailsList);
     119               0 :     return NS_ERROR_OUT_OF_MEMORY;
     120                 :   }
     121                 : 
     122                 :   PRInt32 CertsToUse;
     123                 : 
     124               0 :   for (CertsToUse = 0, node = CERT_LIST_HEAD(certList);
     125               0 :        !CERT_LIST_END(node, certList) && CertsToUse < nicknames->numnicknames;
     126                 :        node = CERT_LIST_NEXT(node)
     127                 :       )
     128                 :   {
     129               0 :     nsNSSCertificate *tempCert = nsNSSCertificate::Create(node->cert);
     130                 : 
     131               0 :     if (tempCert) {
     132                 : 
     133                 :       // XXX we really should be using an nsCOMPtr instead of manually add-refing,
     134                 :       // but nsNSSCertificate does not have a default constructor.
     135                 : 
     136               0 :       NS_ADDREF(tempCert);
     137                 : 
     138               0 :       nsAutoString i_nickname(NS_ConvertUTF8toUTF16(nicknames->nicknames[CertsToUse]));
     139               0 :       nsAutoString nickWithSerial;
     140               0 :       nsAutoString details;
     141                 : 
     142               0 :       if (!selectionFound) {
     143               0 :         if (i_nickname == nsDependentString(selectedNickname)) {
     144               0 :           selectedIndex = CertsToUse;
     145               0 :           selectionFound = true;
     146                 :         }
     147                 :       }
     148                 : 
     149               0 :       if (NS_SUCCEEDED(tempCert->FormatUIStrings(i_nickname, nickWithSerial, details))) {
     150               0 :         certNicknameList[CertsToUse] = ToNewUnicode(nickWithSerial);
     151               0 :         certDetailsList[CertsToUse] = ToNewUnicode(details);
     152                 :       }
     153                 :       else {
     154               0 :         certNicknameList[CertsToUse] = nsnull;
     155               0 :         certDetailsList[CertsToUse] = nsnull;
     156                 :       }
     157                 : 
     158               0 :       NS_RELEASE(tempCert);
     159                 : 
     160               0 :       ++CertsToUse;
     161                 :     }
     162                 :   }
     163                 : 
     164               0 :   if (CertsToUse) {
     165               0 :     nsICertPickDialogs *dialogs = nsnull;
     166                 :     rv = getNSSDialogs((void**)&dialogs, 
     167                 :       NS_GET_IID(nsICertPickDialogs), 
     168               0 :       NS_CERTPICKDIALOGS_CONTRACTID);
     169                 : 
     170               0 :     if (NS_SUCCEEDED(rv)) {
     171               0 :       nsPSMUITracker tracker;
     172               0 :       if (tracker.isUIForbidden()) {
     173               0 :         rv = NS_ERROR_NOT_AVAILABLE;
     174                 :       }
     175                 :       else {
     176                 :         /* Throw up the cert picker dialog and get back the index of the selected cert */
     177                 :         rv = dialogs->PickCertificate(ctx,
     178                 :           (const PRUnichar**)certNicknameList, (const PRUnichar**)certDetailsList,
     179               0 :           CertsToUse, &selectedIndex, canceled);
     180                 :       }
     181                 : 
     182               0 :       NS_RELEASE(dialogs);
     183                 :     }
     184                 :   }
     185                 : 
     186                 :   PRInt32 i;
     187               0 :   for (i = 0; i < CertsToUse; ++i) {
     188               0 :     nsMemory::Free(certNicknameList[i]);
     189               0 :     nsMemory::Free(certDetailsList[i]);
     190                 :   }
     191               0 :   nsMemory::Free(certNicknameList);
     192               0 :   nsMemory::Free(certDetailsList);
     193                 :   
     194               0 :   if (!CertsToUse) {
     195               0 :     return NS_ERROR_NOT_AVAILABLE;
     196                 :   }
     197                 : 
     198               0 :   if (NS_SUCCEEDED(rv) && !*canceled) {
     199               0 :     for (i = 0, node = CERT_LIST_HEAD(certList);
     200               0 :          !CERT_LIST_END(node, certList);
     201                 :          ++i, node = CERT_LIST_NEXT(node)) {
     202                 : 
     203               0 :       if (i == selectedIndex) {
     204               0 :         nsNSSCertificate *cert = nsNSSCertificate::Create(node->cert);
     205               0 :         if (!cert) {
     206               0 :           rv = NS_ERROR_OUT_OF_MEMORY;
     207               0 :           break;
     208                 :         }
     209                 : 
     210               0 :         nsIX509Cert *x509 = 0;
     211               0 :         nsresult rv = cert->QueryInterface(NS_GET_IID(nsIX509Cert), (void**)&x509);
     212               0 :         if (NS_FAILED(rv)) {
     213               0 :           break;
     214                 :         }
     215                 : 
     216               0 :         NS_ADDREF(x509);
     217               0 :         *_retval = x509;
     218               0 :         NS_RELEASE(cert);
     219               0 :         break;
     220                 :       }
     221                 :     }
     222                 :   }
     223                 : 
     224               0 :   return rv;
     225                 : }

Generated by: LCOV version 1.7