Back to index

lightning-sunbird  0.9+nobinonly
Functions
pki.h File Reference
#include "nssdevt.h"
#include "nsspki.h"
#include "pkit.h"
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Functions

PR_BEGIN_EXTERN_C NSS_EXTERN
NSSCallback * 
nssTrustDomain_GetDefaultCallback (NSSTrustDomain *td, PRStatus *statusOpt)
NSS_EXTERN NSSCertificate ** nssTrustDomain_FindCertificatesBySubject (NSSTrustDomain *td, NSSDER *subject, NSSCertificate *rvOpt[], PRUint32 maximumOpt, NSSArena *arenaOpt)
NSS_EXTERN NSSTrust * nssTrustDomain_FindTrustForCertificate (NSSTrustDomain *td, NSSCertificate *c)
NSS_EXTERN NSSCertificate * nssCertificate_AddRef (NSSCertificate *c)
NSS_EXTERN PRStatus nssCertificate_Destroy (NSSCertificate *c)
NSS_EXTERN NSSDERnssCertificate_GetEncoding (NSSCertificate *c)
NSS_EXTERN NSSDERnssCertificate_GetIssuer (NSSCertificate *c)
NSS_EXTERN NSSDERnssCertificate_GetSerialNumber (NSSCertificate *c)
NSS_EXTERN NSSDERnssCertificate_GetSubject (NSSCertificate *c)
NSS_EXTERN NSSUTF8nssCertificate_GetNickname (NSSCertificate *c, NSSToken *tokenOpt)
NSS_EXTERN NSSASCII7nssCertificate_GetEmailAddress (NSSCertificate *c)
NSS_EXTERN PRBool nssCertificate_IssuerAndSerialEqual (NSSCertificate *c1, NSSCertificate *c2)
NSS_EXTERN NSSPrivateKey * nssPrivateKey_AddRef (NSSPrivateKey *vk)
NSS_EXTERN PRStatus nssPrivateKey_Destroy (NSSPrivateKey *vk)
NSS_EXTERN NSSItem * nssPrivateKey_GetID (NSSPrivateKey *vk)
NSS_EXTERN NSSUTF8nssPrivateKey_GetNickname (NSSPrivateKey *vk, NSSToken *tokenOpt)
NSS_EXTERN PRStatus nssPublicKey_Destroy (NSSPublicKey *bk)
NSS_EXTERN NSSItem * nssPublicKey_GetID (NSSPublicKey *vk)
NSS_EXTERN NSSCertificate ** nssCryptoContext_FindCertificatesBySubject (NSSCryptoContext *cc, NSSDER *subject, NSSCertificate *rvOpt[], PRUint32 maximumOpt, NSSArena *arenaOpt)
NSS_EXTERN PRStatus nssCryptoContext_ImportTrust (NSSCryptoContext *cc, NSSTrust *trust)
NSS_EXTERN NSSTrust * nssCryptoContext_FindTrustForCertificate (NSSCryptoContext *cc, NSSCertificate *cert)
NSS_EXTERN PRStatus nssCryptoContext_ImportSMIMEProfile (NSSCryptoContext *cc, nssSMIMEProfile *profile)
NSS_EXTERN nssSMIMEProfile * nssCryptoContext_FindSMIMEProfileForCertificate (NSSCryptoContext *cc, NSSCertificate *cert)
NSS_EXTERN NSSTrust * nssTrust_AddRef (NSSTrust *trust)
NSS_EXTERN PRStatus nssTrust_Destroy (NSSTrust *trust)
NSS_EXTERN nssSMIMEProfile * nssSMIMEProfile_AddRef (nssSMIMEProfile *profile)
NSS_EXTERN PRStatus nssSMIMEProfile_Destroy (nssSMIMEProfile *profile)
NSS_EXTERN nssSMIMEProfile * nssSMIMEProfile_Create (NSSCertificate *cert, NSSItem *profileTime, NSSItem *profileData)

Function Documentation

NSS_EXTERN NSSCertificate* nssCertificate_AddRef ( NSSCertificate *  c)

Definition at line 107 of file certificate.c.

{
    if (c) {
       nssPKIObject_AddRef(&c->object);
    }
    return c;
}
NSS_EXTERN PRStatus nssCertificate_Destroy ( NSSCertificate *  c)

Definition at line 118 of file certificate.c.

{
    nssCertificateStoreTrace lockTrace = {NULL, NULL, PR_FALSE, PR_FALSE};
    nssCertificateStoreTrace unlockTrace = {NULL, NULL, PR_FALSE, PR_FALSE};
    PRBool locked = PR_FALSE;

    if (c) {
       PRUint32 i;
       nssDecodedCert *dc = c->decoding;
       NSSTrustDomain *td = STAN_GetDefaultTrustDomain();
       NSSCryptoContext *cc = c->object.cryptoContext;

       PR_ASSERT(c->object.refCount > 0);

       /* --- LOCK storage --- */
       if (cc) {
           nssCertificateStore_Lock(cc->certStore, &lockTrace);
            locked = PR_TRUE;
       } else {
           nssTrustDomain_LockCertCache(td);
       }
       if (PR_AtomicDecrement(&c->object.refCount) == 0) {
           /* --- remove cert and UNLOCK storage --- */
           if (cc) {
              nssCertificateStore_RemoveCertLOCKED(cc->certStore, c);
              nssCertificateStore_Unlock(cc->certStore, &lockTrace,
                                           &unlockTrace);
                nssCertificateStore_Check(&lockTrace, &unlockTrace);

           } else {
              nssTrustDomain_RemoveCertFromCacheLOCKED(td, c);
              nssTrustDomain_UnlockCertCache(td);
           }
           /* free cert data */
           for (i=0; i<c->object.numInstances; i++) {
              nssCryptokiObject_Destroy(c->object.instances[i]);
           }
           nssPKIObject_DestroyLock(&c->object);
           nssArena_Destroy(c->object.arena);
           nssDecodedCert_Destroy(dc);
       } else {
           /* --- UNLOCK storage --- */
           if (cc) {
              nssCertificateStore_Unlock(cc->certStore,
                                      &lockTrace,
                                      &unlockTrace);
              nssCertificateStore_Check(&lockTrace, &unlockTrace);
           } else {
              nssTrustDomain_UnlockCertCache(td);
           }
       }
    }
    if (locked) {
        nssCertificateStore_Check(&lockTrace, &unlockTrace);
    }
    return PR_SUCCESS;
}

Definition at line 244 of file certificate.c.

{
    return c->email;
}
NSS_EXTERN NSSDER* nssCertificate_GetEncoding ( NSSCertificate *  c)

Definition at line 187 of file certificate.c.

{
    if (c->encoding.size > 0 && c->encoding.data) {
       return &c->encoding;
    } else {
       return (NSSDER *)NULL;
    }
}
NSS_EXTERN NSSDER* nssCertificate_GetIssuer ( NSSCertificate *  c)

Definition at line 199 of file certificate.c.

{
    if (c->issuer.size > 0 && c->issuer.data) {
       return &c->issuer;
    } else {
       return (NSSDER *)NULL;
    }
}
NSS_EXTERN NSSUTF8* nssCertificate_GetNickname ( NSSCertificate *  c,
NSSToken *  tokenOpt 
)

Definition at line 235 of file certificate.c.

{
    return nssPKIObject_GetNicknameForToken(&c->object, tokenOpt);
}

Definition at line 211 of file certificate.c.

{
    if (c->serial.size > 0 && c->serial.data) {
       return &c->serial;
    } else {
       return (NSSDER *)NULL;
    }
}
NSS_EXTERN NSSDER* nssCertificate_GetSubject ( NSSCertificate *  c)

Definition at line 223 of file certificate.c.

{
    if (c->subject.size > 0 && c->subject.data) {
       return &c->subject;
    } else {
       return (NSSDER *)NULL;
    }
}
NSS_EXTERN PRBool nssCertificate_IssuerAndSerialEqual ( NSSCertificate *  c1,
NSSCertificate *  c2 
)
NSS_EXTERN NSSCertificate** nssCryptoContext_FindCertificatesBySubject ( NSSCryptoContext *  cc,
NSSDER subject,
NSSCertificate *  rvOpt[],
PRUint32  maximumOpt,
NSSArena *  arenaOpt 
)

Definition at line 329 of file cryptocontext.c.

{
    NSSCertificate **rvCerts;
    PORT_Assert(cc->certStore);
    if (!cc->certStore) {
       return NULL;
    }
    rvCerts = nssCertificateStore_FindCertificatesBySubject(cc->certStore,
                                                            subject,
                                                            rvOpt,
                                                            maximumOpt,
                                                            arenaOpt);
    return rvCerts;
}
NSS_EXTERN nssSMIMEProfile* nssCryptoContext_FindSMIMEProfileForCertificate ( NSSCryptoContext *  cc,
NSSCertificate *  cert 
)

Definition at line 569 of file cryptocontext.c.

{
    PORT_Assert(cc->certStore);
    if (!cc->certStore) {
       return NULL;
    }
    return nssCertificateStore_FindSMIMEProfileForCertificate(cc->certStore, 
                                                              cert);
}
NSS_EXTERN NSSTrust* nssCryptoContext_FindTrustForCertificate ( NSSCryptoContext *  cc,
NSSCertificate *  cert 
)

Definition at line 556 of file cryptocontext.c.

{
    PORT_Assert(cc->certStore);
    if (!cc->certStore) {
       return NULL;
    }
    return nssCertificateStore_FindTrustForCertificate(cc->certStore, cert);
}
NSS_EXTERN PRStatus nssCryptoContext_ImportSMIMEProfile ( NSSCryptoContext *  cc,
nssSMIMEProfile *  profile 
)

Definition at line 214 of file cryptocontext.c.

{
    PRStatus nssrv;
    PORT_Assert(cc->certStore);
    if (!cc->certStore) {
       return PR_FAILURE;
    }
    nssrv = nssCertificateStore_AddSMIMEProfile(cc->certStore, profile);
#if 0
    if (nssrv == PR_SUCCESS) {
       profile->object.cryptoContext = cc;
    }
#endif
    return nssrv;
}
NSS_EXTERN PRStatus nssCryptoContext_ImportTrust ( NSSCryptoContext *  cc,
NSSTrust *  trust 
)

Definition at line 194 of file cryptocontext.c.

{
    PRStatus nssrv;
    PORT_Assert(cc->certStore);
    if (!cc->certStore) {
       return PR_FAILURE;
    }
    nssrv = nssCertificateStore_AddTrust(cc->certStore, trust);
#if 0
    if (nssrv == PR_SUCCESS) {
       trust->object.cryptoContext = cc;
    }
#endif
    return nssrv;
}
NSS_EXTERN NSSPrivateKey* nssPrivateKey_AddRef ( NSSPrivateKey *  vk)
NSS_EXTERN PRStatus nssPrivateKey_Destroy ( NSSPrivateKey *  vk)
NSS_EXTERN NSSItem* nssPrivateKey_GetID ( NSSPrivateKey *  vk)
NSS_EXTERN NSSUTF8* nssPrivateKey_GetNickname ( NSSPrivateKey *  vk,
NSSToken *  tokenOpt 
)
NSS_EXTERN PRStatus nssPublicKey_Destroy ( NSSPublicKey *  bk)
NSS_EXTERN NSSItem* nssPublicKey_GetID ( NSSPublicKey *  vk)
NSS_EXTERN nssSMIMEProfile* nssSMIMEProfile_AddRef ( nssSMIMEProfile *  profile)

Definition at line 1061 of file certificate.c.

{
    if (profile) {
       nssPKIObject_AddRef(&profile->object);
    }
    return profile;
}
NSS_EXTERN nssSMIMEProfile* nssSMIMEProfile_Create ( NSSCertificate *  cert,
NSSItem *  profileTime,
NSSItem *  profileData 
)

Definition at line 881 of file certificate.c.

{
    NSSArena *arena;
    nssSMIMEProfile *rvProfile;
    nssPKIObject *object;
    NSSTrustDomain *td = nssCertificate_GetTrustDomain(cert);
    NSSCryptoContext *cc = nssCertificate_GetCryptoContext(cert);
    arena = nssArena_Create();
    if (!arena) {
       return NULL;
    }
    object = nssPKIObject_Create(arena, NULL, td, cc, nssPKILock);
    if (!object) {
       goto loser;
    }
    rvProfile = nss_ZNEW(arena, nssSMIMEProfile);
    if (!rvProfile) {
       goto loser;
    }
    rvProfile->object = *object;
    rvProfile->certificate = cert;
    rvProfile->email = nssUTF8_Duplicate(cert->email, arena);
    rvProfile->subject = nssItem_Duplicate(&cert->subject, arena, NULL);
    if (profileTime) {
       rvProfile->profileTime = nssItem_Duplicate(profileTime, arena, NULL);
    }
    if (profileData) {
       rvProfile->profileData = nssItem_Duplicate(profileData, arena, NULL);
    }
    return rvProfile;
loser:
    if (object) nssPKIObject_Destroy(object);
    else if (arena)  nssArena_Destroy(arena);
    return (nssSMIMEProfile *)NULL;
}
NSS_EXTERN PRStatus nssSMIMEProfile_Destroy ( nssSMIMEProfile *  profile)

Definition at line 1072 of file certificate.c.

{
    if (profile) {
       (void)nssPKIObject_Destroy(&profile->object);
    }
    return PR_SUCCESS;
}
NSS_EXTERN NSSTrust* nssTrust_AddRef ( NSSTrust *  trust)

Definition at line 1039 of file certificate.c.

{
    if (trust) {
       nssPKIObject_AddRef(&trust->object);
    }
    return trust;
}
NSS_EXTERN PRStatus nssTrust_Destroy ( NSSTrust *  trust)

Definition at line 1050 of file certificate.c.

{
    if (trust) {
       (void)nssPKIObject_Destroy(&trust->object);
    }
    return PR_SUCCESS;
}
NSS_EXTERN NSSCertificate** nssTrustDomain_FindCertificatesBySubject ( NSSTrustDomain *  td,
NSSDER subject,
NSSCertificate *  rvOpt[],
PRUint32  maximumOpt,
NSSArena *  arenaOpt 
)

Definition at line 580 of file trustdomain.c.

{
    PRStatus status;
    PRUint32 numRemaining;
    NSSToken *token = NULL;
    NSSSlot **slots = NULL;
    NSSSlot **slotp;
    NSSCertificate **rvCerts = NULL;
    nssPKIObjectCollection *collection = NULL;
    nssUpdateLevel updateLevel;
    nssList *subjectList;
    /* look in cache */
    subjectList = nssList_Create(NULL, PR_FALSE);
    if (!subjectList) {
       return NULL;
    }
    (void)nssTrustDomain_GetCertsForSubjectFromCache(td, subject, subjectList);
    rvCerts = get_certs_from_list(subjectList);
    collection = nssCertificateCollection_Create(td, rvCerts);
    nssCertificateArray_Destroy(rvCerts);
    nssList_Destroy(subjectList);
    if (!collection) {
       return (NSSCertificate **)NULL;
    }
    slots = nssTrustDomain_GetActiveSlots(td, &updateLevel);
    if (!slots) {
       goto loser;
    }
    numRemaining = maximumOpt;
    for (slotp = slots; *slotp; slotp++) {
       token = nssSlot_GetToken(*slotp);
       if (token) {
           nssSession *session;
           nssCryptokiObject **instances;
           nssTokenSearchType tokenOnly = nssTokenSearchType_TokenOnly;
           session = nssTrustDomain_GetSessionForToken(td, token);
           if (!session) {
              nssToken_Destroy(token);
              goto loser;
           }
           instances = nssToken_FindCertificatesBySubject(token,
                                                          session,
                                                          subject,
                                                          tokenOnly,
                                                          numRemaining,
                                                          &status);
           nssToken_Destroy(token);
           if (status != PR_SUCCESS) {
              goto loser;
           }
           if (instances) {
              status = nssPKIObjectCollection_AddInstances(collection, 
                                                           instances, 0);
              nss_ZFreeIf(instances);
              if (status != PR_SUCCESS) {
                  goto loser;
              }
              if (maximumOpt > 0) {
                  PRUint32 count;
                  count = nssPKIObjectCollection_Count(collection);
                  numRemaining = maximumOpt - count;
                  if (numRemaining == 0) break;
              }
           }
       }
    }
    rvCerts = nssPKIObjectCollection_GetCertificates(collection,
                                                     rvOpt, maximumOpt,
                                                     arenaOpt);
    nssPKIObjectCollection_Destroy(collection);
    nssSlotArray_Destroy(slots);
    return rvCerts;
loser:
    if (slots) {
       nssSlotArray_Destroy(slots);
    }
    if (collection) {
       nssPKIObjectCollection_Destroy(collection);
    }
    return (NSSCertificate **)NULL;
}

Here is the caller graph for this function:

NSS_EXTERN NSSTrust* nssTrustDomain_FindTrustForCertificate ( NSSTrustDomain *  td,
NSSCertificate *  c 
)

Definition at line 1180 of file trustdomain.c.

{
    PRStatus status;
    NSSSlot **slots;
    NSSSlot **slotp;
    NSSToken *token;
    nssCryptokiObject *to = NULL;
    nssPKIObject *pkio = NULL;
    NSSTrust *rvt = NULL;
    nssUpdateLevel updateLevel;
    slots = nssTrustDomain_GetActiveSlots(td, &updateLevel);
    if (!slots) {
       return (NSSTrust *)NULL;
    }
    for (slotp = slots; *slotp; slotp++) {
       token = nssSlot_GetToken(*slotp);
       if (token) {
           to = nssToken_FindTrustForCertificate(token, NULL, 
                                                 &c->encoding,
                                                 &c->issuer,
                                                 &c->serial,
                                             nssTokenSearchType_TokenOnly);
           if (to) {
              if (!pkio) {
                  pkio = nssPKIObject_Create(NULL, to, td, NULL, nssPKILock);
                  if (!pkio) {
                     nssToken_Destroy(token);
                     nssCryptokiObject_Destroy(to);
                     goto loser;
                  }
              } else {
                  status = nssPKIObject_AddInstance(pkio, to);
                  if (status != PR_SUCCESS) {
                     nssToken_Destroy(token);
                     nssCryptokiObject_Destroy(to);
                     goto loser;
                  }
              }
           }
           nssToken_Destroy(token);
       }
    }
    if (pkio) {
       rvt = nssTrust_Create(pkio, &c->encoding);
       if (!rvt) {
           goto loser;
       }
    }
    nssSlotArray_Destroy(slots);
    return rvt;
loser:
    nssSlotArray_Destroy(slots);
    if (pkio) {
       nssPKIObject_Destroy(pkio);
    }
    return (NSSTrust *)NULL;
}

Here is the caller graph for this function:

PR_BEGIN_EXTERN_C NSS_EXTERN NSSCallback* nssTrustDomain_GetDefaultCallback ( NSSTrustDomain *  td,
PRStatus statusOpt 
)

Definition at line 197 of file trustdomain.c.

{
    if (statusOpt) {
       *statusOpt = PR_SUCCESS;
    }
    return td->defaultCallback;
}

Here is the caller graph for this function: