security/manager/ssl/src/nsPKCS12Blob.h@141e0f1194b1 (annotated)
security/manager/ssl/src/nsPKCS12Blob.h
Wed, 31 Dec 2014 07:16:47 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Wed, 31 Dec 2014 07:16:47 +0100
- branch
- TOR_BUG_9701
- changeset 3
- 141e0f1194b1
- permissions
- -rw-r--r--
Revert simplistic fix pending revisit of Mozilla integration attempt.
| michael@0 | 1 | /* This Source Code Form is subject to the terms of the Mozilla Public |
| michael@0 | 2 | * License, v. 2.0. If a copy of the MPL was not distributed with this |
| michael@0 | 3 | * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
| michael@0 | 4 | /* $Id: nsPKCS12Blob.h,v 1.16 2006/04/12 15:43:32 benjamin%smedbergs.us Exp $ */ |
| michael@0 | 5 | |
| michael@0 | 6 | #ifndef _NS_PKCS12BLOB_H_ |
| michael@0 | 7 | #define _NS_PKCS12BLOB_H_ |
| michael@0 | 8 | |
| michael@0 | 9 | #include "nsCOMPtr.h" |
| michael@0 | 10 | #include "nsString.h" |
| michael@0 | 11 | #include "nsIFile.h" |
| michael@0 | 12 | #include "nsIPK11TokenDB.h" |
| michael@0 | 13 | #include "nsNSSHelper.h" |
| michael@0 | 14 | #include "nsIPK11Token.h" |
| michael@0 | 15 | #include "nsIMutableArray.h" |
| michael@0 | 16 | |
| michael@0 | 17 | #include "nss.h" |
| michael@0 | 18 | |
| michael@0 | 19 | #include "pkcs12.h" |
| michael@0 | 20 | #include "p12plcy.h" |
| michael@0 | 21 | |
| michael@0 | 22 | class nsIX509Cert; |
| michael@0 | 23 | |
| michael@0 | 24 | // |
| michael@0 | 25 | // nsPKCS12Blob |
| michael@0 | 26 | // |
| michael@0 | 27 | // Class for importing/exporting PKCS#12 blobs |
| michael@0 | 28 | // |
| michael@0 | 29 | class nsPKCS12Blob |
| michael@0 | 30 | { |
| michael@0 | 31 | public: |
| michael@0 | 32 | nsPKCS12Blob(); |
| michael@0 | 33 | virtual ~nsPKCS12Blob(); |
| michael@0 | 34 | |
| michael@0 | 35 | // Set the token to use (default is internal) |
| michael@0 | 36 | nsresult SetToken(nsIPK11Token *token); |
| michael@0 | 37 | |
| michael@0 | 38 | // PKCS#12 Import |
| michael@0 | 39 | nsresult ImportFromFile(nsIFile *file); |
| michael@0 | 40 | |
| michael@0 | 41 | // PKCS#12 Export |
| michael@0 | 42 | nsresult ExportToFile(nsIFile *file, nsIX509Cert **certs, int numCerts); |
| michael@0 | 43 | |
| michael@0 | 44 | private: |
| michael@0 | 45 | |
| michael@0 | 46 | nsCOMPtr<nsIPK11Token> mToken; |
| michael@0 | 47 | nsCOMPtr<nsIMutableArray> mCertArray; |
| michael@0 | 48 | nsCOMPtr<nsIInterfaceRequestor> mUIContext; |
| michael@0 | 49 | |
| michael@0 | 50 | // local helper functions |
| michael@0 | 51 | nsresult getPKCS12FilePassword(SECItem *); |
| michael@0 | 52 | nsresult newPKCS12FilePassword(SECItem *); |
| michael@0 | 53 | nsresult inputToDecoder(SEC_PKCS12DecoderContext *, nsIFile *); |
| michael@0 | 54 | void unicodeToItem(const char16_t *, SECItem *); |
| michael@0 | 55 | void handleError(int myerr = 0); |
| michael@0 | 56 | |
| michael@0 | 57 | // RetryReason and ImportMode are used when importing a PKCS12 file. |
| michael@0 | 58 | // There are two reasons that cause us to retry: |
| michael@0 | 59 | // - When the password entered by the user is incorrect. |
| michael@0 | 60 | // The user will be prompted to try again. |
| michael@0 | 61 | // - When the user entered a zero length password. |
| michael@0 | 62 | // An empty password should be represented as an empty |
| michael@0 | 63 | // string (a SECItem that contains a single terminating |
| michael@0 | 64 | // null UTF16 character), but some applications use a |
| michael@0 | 65 | // zero length SECItem. |
| michael@0 | 66 | // We try both variations, zero length item and empty string, |
| michael@0 | 67 | // without giving a user prompt when trying the different empty password flavors. |
| michael@0 | 68 | |
| michael@0 | 69 | enum RetryReason { rr_do_not_retry, rr_bad_password, rr_auto_retry_empty_password_flavors }; |
| michael@0 | 70 | enum ImportMode { im_standard_prompt, im_try_zero_length_secitem }; |
| michael@0 | 71 | |
| michael@0 | 72 | nsresult ImportFromFileHelper(nsIFile *file, ImportMode aImportMode, RetryReason &aWantRetry); |
| michael@0 | 73 | |
| michael@0 | 74 | // NSPR file I/O for export file |
| michael@0 | 75 | PRFileDesc *mTmpFile; |
| michael@0 | 76 | |
| michael@0 | 77 | // simulated file I/O for "in memory" temporary digest data |
| michael@0 | 78 | nsCString *mDigest; |
| michael@0 | 79 | nsCString::const_iterator *mDigestIterator; |
| michael@0 | 80 | |
| michael@0 | 81 | bool mTokenSet; |
| michael@0 | 82 | |
| michael@0 | 83 | // C-style callback functions for the NSS PKCS#12 library |
| michael@0 | 84 | static SECStatus digest_open(void *, PRBool); |
| michael@0 | 85 | static SECStatus digest_close(void *, PRBool); |
| michael@0 | 86 | static int digest_read(void *, unsigned char *, unsigned long); |
| michael@0 | 87 | static int digest_write(void *, unsigned char *, unsigned long); |
| michael@0 | 88 | static SECItem * nickname_collision(SECItem *, PRBool *, void *); |
| michael@0 | 89 | static void write_export_file(void *arg, const char *buf, unsigned long len); |
| michael@0 | 90 | |
| michael@0 | 91 | }; |
| michael@0 | 92 | |
| michael@0 | 93 | #endif /* _NS_PKCS12BLOB_H_ */ |
