1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/security/manager/ssl/src/nsPKCS12Blob.h Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,93 @@
1.4 +/* This Source Code Form is subject to the terms of the Mozilla Public
1.5 + * License, v. 2.0. If a copy of the MPL was not distributed with this
1.6 + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
1.7 +/* $Id: nsPKCS12Blob.h,v 1.16 2006/04/12 15:43:32 benjamin%smedbergs.us Exp $ */
1.8 +
1.9 +#ifndef _NS_PKCS12BLOB_H_
1.10 +#define _NS_PKCS12BLOB_H_
1.11 +
1.12 +#include "nsCOMPtr.h"
1.13 +#include "nsString.h"
1.14 +#include "nsIFile.h"
1.15 +#include "nsIPK11TokenDB.h"
1.16 +#include "nsNSSHelper.h"
1.17 +#include "nsIPK11Token.h"
1.18 +#include "nsIMutableArray.h"
1.19 +
1.20 +#include "nss.h"
1.21 +
1.22 +#include "pkcs12.h"
1.23 +#include "p12plcy.h"
1.24 +
1.25 +class nsIX509Cert;
1.26 +
1.27 +//
1.28 +// nsPKCS12Blob
1.29 +//
1.30 +// Class for importing/exporting PKCS#12 blobs
1.31 +//
1.32 +class nsPKCS12Blob
1.33 +{
1.34 +public:
1.35 + nsPKCS12Blob();
1.36 + virtual ~nsPKCS12Blob();
1.37 +
1.38 + // Set the token to use (default is internal)
1.39 + nsresult SetToken(nsIPK11Token *token);
1.40 +
1.41 + // PKCS#12 Import
1.42 + nsresult ImportFromFile(nsIFile *file);
1.43 +
1.44 + // PKCS#12 Export
1.45 + nsresult ExportToFile(nsIFile *file, nsIX509Cert **certs, int numCerts);
1.46 +
1.47 +private:
1.48 +
1.49 + nsCOMPtr<nsIPK11Token> mToken;
1.50 + nsCOMPtr<nsIMutableArray> mCertArray;
1.51 + nsCOMPtr<nsIInterfaceRequestor> mUIContext;
1.52 +
1.53 + // local helper functions
1.54 + nsresult getPKCS12FilePassword(SECItem *);
1.55 + nsresult newPKCS12FilePassword(SECItem *);
1.56 + nsresult inputToDecoder(SEC_PKCS12DecoderContext *, nsIFile *);
1.57 + void unicodeToItem(const char16_t *, SECItem *);
1.58 + void handleError(int myerr = 0);
1.59 +
1.60 + // RetryReason and ImportMode are used when importing a PKCS12 file.
1.61 + // There are two reasons that cause us to retry:
1.62 + // - When the password entered by the user is incorrect.
1.63 + // The user will be prompted to try again.
1.64 + // - When the user entered a zero length password.
1.65 + // An empty password should be represented as an empty
1.66 + // string (a SECItem that contains a single terminating
1.67 + // null UTF16 character), but some applications use a
1.68 + // zero length SECItem.
1.69 + // We try both variations, zero length item and empty string,
1.70 + // without giving a user prompt when trying the different empty password flavors.
1.71 +
1.72 + enum RetryReason { rr_do_not_retry, rr_bad_password, rr_auto_retry_empty_password_flavors };
1.73 + enum ImportMode { im_standard_prompt, im_try_zero_length_secitem };
1.74 +
1.75 + nsresult ImportFromFileHelper(nsIFile *file, ImportMode aImportMode, RetryReason &aWantRetry);
1.76 +
1.77 + // NSPR file I/O for export file
1.78 + PRFileDesc *mTmpFile;
1.79 +
1.80 + // simulated file I/O for "in memory" temporary digest data
1.81 + nsCString *mDigest;
1.82 + nsCString::const_iterator *mDigestIterator;
1.83 +
1.84 + bool mTokenSet;
1.85 +
1.86 + // C-style callback functions for the NSS PKCS#12 library
1.87 + static SECStatus digest_open(void *, PRBool);
1.88 + static SECStatus digest_close(void *, PRBool);
1.89 + static int digest_read(void *, unsigned char *, unsigned long);
1.90 + static int digest_write(void *, unsigned char *, unsigned long);
1.91 + static SECItem * nickname_collision(SECItem *, PRBool *, void *);
1.92 + static void write_export_file(void *arg, const char *buf, unsigned long len);
1.93 +
1.94 +};
1.95 +
1.96 +#endif /* _NS_PKCS12BLOB_H_ */
