security/manager/ssl/src/nsPKCS12Blob.h@6474c204b198
security/manager/ssl/src/nsPKCS12Blob.h
Wed, 31 Dec 2014 06:09:35 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Wed, 31 Dec 2014 06:09:35 +0100
- changeset 0
- 6474c204b198
- permissions
- -rw-r--r--
Cloned upstream origin tor-browser at tor-browser-31.3.0esr-4.5-1-build1
revision ID fc1c9ff7c1b2defdbc039f12214767608f46423f for hacking purpose.
1 /* This Source Code Form is subject to the terms of the Mozilla Public
2 * License, v. 2.0. If a copy of the MPL was not distributed with this
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4 /* $Id: nsPKCS12Blob.h,v 1.16 2006/04/12 15:43:32 benjamin%smedbergs.us Exp $ */
6 #ifndef _NS_PKCS12BLOB_H_
7 #define _NS_PKCS12BLOB_H_
9 #include "nsCOMPtr.h"
10 #include "nsString.h"
11 #include "nsIFile.h"
12 #include "nsIPK11TokenDB.h"
13 #include "nsNSSHelper.h"
14 #include "nsIPK11Token.h"
15 #include "nsIMutableArray.h"
17 #include "nss.h"
19 #include "pkcs12.h"
20 #include "p12plcy.h"
22 class nsIX509Cert;
24 //
25 // nsPKCS12Blob
26 //
27 // Class for importing/exporting PKCS#12 blobs
28 //
29 class nsPKCS12Blob
30 {
31 public:
32 nsPKCS12Blob();
33 virtual ~nsPKCS12Blob();
35 // Set the token to use (default is internal)
36 nsresult SetToken(nsIPK11Token *token);
38 // PKCS#12 Import
39 nsresult ImportFromFile(nsIFile *file);
41 // PKCS#12 Export
42 nsresult ExportToFile(nsIFile *file, nsIX509Cert **certs, int numCerts);
44 private:
46 nsCOMPtr<nsIPK11Token> mToken;
47 nsCOMPtr<nsIMutableArray> mCertArray;
48 nsCOMPtr<nsIInterfaceRequestor> mUIContext;
50 // local helper functions
51 nsresult getPKCS12FilePassword(SECItem *);
52 nsresult newPKCS12FilePassword(SECItem *);
53 nsresult inputToDecoder(SEC_PKCS12DecoderContext *, nsIFile *);
54 void unicodeToItem(const char16_t *, SECItem *);
55 void handleError(int myerr = 0);
57 // RetryReason and ImportMode are used when importing a PKCS12 file.
58 // There are two reasons that cause us to retry:
59 // - When the password entered by the user is incorrect.
60 // The user will be prompted to try again.
61 // - When the user entered a zero length password.
62 // An empty password should be represented as an empty
63 // string (a SECItem that contains a single terminating
64 // null UTF16 character), but some applications use a
65 // zero length SECItem.
66 // We try both variations, zero length item and empty string,
67 // without giving a user prompt when trying the different empty password flavors.
69 enum RetryReason { rr_do_not_retry, rr_bad_password, rr_auto_retry_empty_password_flavors };
70 enum ImportMode { im_standard_prompt, im_try_zero_length_secitem };
72 nsresult ImportFromFileHelper(nsIFile *file, ImportMode aImportMode, RetryReason &aWantRetry);
74 // NSPR file I/O for export file
75 PRFileDesc *mTmpFile;
77 // simulated file I/O for "in memory" temporary digest data
78 nsCString *mDigest;
79 nsCString::const_iterator *mDigestIterator;
81 bool mTokenSet;
83 // C-style callback functions for the NSS PKCS#12 library
84 static SECStatus digest_open(void *, PRBool);
85 static SECStatus digest_close(void *, PRBool);
86 static int digest_read(void *, unsigned char *, unsigned long);
87 static int digest_write(void *, unsigned char *, unsigned long);
88 static SECItem * nickname_collision(SECItem *, PRBool *, void *);
89 static void write_export_file(void *arg, const char *buf, unsigned long len);
91 };
93 #endif /* _NS_PKCS12BLOB_H_ */
