Back to index

lightning-sunbird  0.9+nobinonly
Classes | Defines | Enumerations | Functions | Variables
nsNSSCertHelper.cpp File Reference
#include "prmem.h"
#include "prerror.h"
#include "prprf.h"
#include "nsNSSCertHelper.h"
#include "nsCOMPtr.h"
#include "nsNSSCertificate.h"
#include "cert.h"
#include "nsNSSCertValidity.h"
#include "nsNSSASN1Object.h"
#include "nsNSSComponent.h"
#include "nsNSSCertTrust.h"
#include "nsIDateTimeFormat.h"
#include "nsDateTimeFormatCID.h"

Go to the source code of this file.

Classes

struct  DisplayText

Defines

#define INET6_ADDRSTRLEN   46
#define CONST_OID   static const unsigned char
#define MICROSOFT_OID   0x2b, 0x6, 0x1, 0x4, 0x1, 0x82, 0x37
#define PKIX_OID   0x2b, 0x6, 0x01, 0x05, 0x05, 0x07
#define OI(x)   { siDEROID, (unsigned char *)x, sizeof x }
#define OD(oid, desc, mech, ext)   {OI(oid), SEC_OID_UNKNOWN, desc, mech, ext}
#define SEC_OID(tag)   more_oids[tag].offset
#define MS_CERT_EXT_CERTTYPE   0
#define MS_NT_PRINCIPAL_NAME   1
#define MS_CERTSERV_CA_VERSION   2
#define MS_NTDS_REPLICATION   3
#define PKIX_LOGOTYPE   4
#define SEPARATOR   "\n"

Enumerations

enum  DisplayTextForm { VisibleForm, BMPForm, UTF8Form }

Functions

static NS_DEFINE_CID (kDateTimeFormatCID, NS_DATETIMEFORMAT_CID)
static NS_DEFINE_CID (kNSSComponentCID, NS_NSSCOMPONENT_CID)
static nsresult GetIntValue (SECItem *versionItem, unsigned long *version)
static nsresult ProcessVersion (SECItem *versionItem, nsINSSComponent *nssComponent, nsIASN1PrintableItem **retItem)
static nsresult ProcessSerialNumberDER (SECItem *serialItem, nsINSSComponent *nssComponent, nsIASN1PrintableItem **retItem)
static nsresult GetDefaultOIDFormat (SECItem *oid, nsAString &outString, char separator)
static nsresult GetOIDText (SECItem *oid, nsINSSComponent *nssComponent, nsAString &text)
static nsresult ProcessRawBytes (nsINSSComponent *nssComponent, SECItem *data, nsAString &text)
static nsresult ProcessNSCertTypeExtensions (SECItem *extData, nsAString &text, nsINSSComponent *nssComponent)
static nsresult ProcessKeyUsageExtension (SECItem *extData, nsAString &text, nsINSSComponent *nssComponent)
static nsresult ProcessBasicConstraints (SECItem *extData, nsAString &text, nsINSSComponent *nssComponent)
static nsresult ProcessExtKeyUsage (SECItem *extData, nsAString &text, nsINSSComponent *nssComponent)
static nsresult ProcessRDN (CERTRDN *rdn, nsAString &finalString, nsINSSComponent *nssComponent)
static nsresult ProcessName (CERTName *name, nsINSSComponent *nssComponent, PRUnichar **value)
static nsresult ProcessIA5String (SECItem *extData, nsAString &text, nsINSSComponent *nssComponent)
static nsresult AppendBMPtoUTF16 (PRArenaPool *arena, unsigned char *data, unsigned int len, nsAString &text)
static nsresult ProcessBMPString (SECItem *extData, nsAString &text, nsINSSComponent *nssComponent)
static nsresult ProcessGeneralName (PRArenaPool *arena, CERTGeneralName *current, nsAString &text, nsINSSComponent *nssComponent)
static nsresult ProcessGeneralNames (PRArenaPool *arena, CERTGeneralName *nameList, nsAString &text, nsINSSComponent *nssComponent)
static nsresult ProcessAltName (SECItem *extData, nsAString &text, nsINSSComponent *nssComponent)
static nsresult ProcessSubjectKeyId (SECItem *extData, nsAString &text, nsINSSComponent *nssComponent)
static nsresult ProcessAuthKeyId (SECItem *extData, nsAString &text, nsINSSComponent *nssComponent)
static nsresult ProcessUserNotice (SECItem *der_notice, nsAString &text, nsINSSComponent *nssComponent)
static nsresult ProcessCertificatePolicies (SECItem *extData, nsAString &text, nsINSSComponent *nssComponent)
static nsresult ProcessCrlDistPoints (SECItem *extData, nsAString &text, nsINSSComponent *nssComponent)
static nsresult ProcessAuthInfoAccess (SECItem *extData, nsAString &text, nsINSSComponent *nssComponent)
static nsresult ProcessMSCAVersion (SECItem *extData, nsAString &text, nsINSSComponent *nssComponent)
static nsresult ProcessExtensionData (SECOidTag oidTag, SECItem *extData, nsAString &text, nsINSSComponent *nssComponent)
static nsresult ProcessSingleExtension (CERTCertExtension *extension, nsINSSComponent *nssComponent, nsIASN1PrintableItem **retExtension)
static nsresult ProcessSECAlgorithmID (SECAlgorithmID *algID, nsINSSComponent *nssComponent, nsIASN1Sequence **retSequence)
static nsresult ProcessTime (PRTime dispTime, const PRUnichar *displayName, nsIASN1Sequence *parentSequence)
static nsresult ProcessSubjectPublicKeyInfo (CERTSubjectPublicKeyInfo *spki, nsIASN1Sequence *parentSequence, nsINSSComponent *nssComponent)
static nsresult ProcessExtensions (CERTCertExtension **extensions, nsIASN1Sequence *parentSequence, nsINSSComponent *nssComponent)
static SECStatus RegisterDynamicOids ()
PRUint32 getCertType (CERTCertificate *cert)
CERTCertNicknames * getNSSCertNicknamesFromCertList (CERTCertList *certList)

Variables

CONST_OID msCertExtCerttype [] = { MICROSOFT_OID, 20, 2}
CONST_OID msNTPrincipalName [] = { MICROSOFT_OID, 20, 2, 3 }
CONST_OID msCertsrvCAVersion [] = { MICROSOFT_OID, 21, 1 }
CONST_OID msNTDSReplication [] = { MICROSOFT_OID, 25, 1 }
CONST_OID pkixLogotype [] = { PKIX_OID, 1, 12 }
static SECOidData more_oids []
static const unsigned int numOids = (sizeof more_oids) / (sizeof more_oids[0])
const SEC_ASN1Template DisplayTextTemplate []
static bool registered

Class Documentation

struct DisplayText

Definition at line 1224 of file nsNSSCertHelper.cpp.

Class Members
SECItem value
DisplayTextForm variant

Define Documentation

#define CONST_OID   static const unsigned char

Definition at line 64 of file nsNSSCertHelper.cpp.

Definition at line 60 of file nsNSSCertHelper.cpp.

#define MICROSOFT_OID   0x2b, 0x6, 0x1, 0x4, 0x1, 0x82, 0x37

Definition at line 65 of file nsNSSCertHelper.cpp.

#define OD (   oid,
  desc,
  mech,
  ext 
)    {OI(oid), SEC_OID_UNKNOWN, desc, mech, ext}

Definition at line 74 of file nsNSSCertHelper.cpp.

#define OI (   x)    { siDEROID, (unsigned char *)x, sizeof x }

Definition at line 73 of file nsNSSCertHelper.cpp.

#define PKIX_OID   0x2b, 0x6, 0x01, 0x05, 0x05, 0x07

Definition at line 66 of file nsNSSCertHelper.cpp.

Definition at line 75 of file nsNSSCertHelper.cpp.

#define SEPARATOR   "\n"

Definition at line 611 of file nsNSSCertHelper.cpp.


Enumeration Type Documentation

Enumerator:
VisibleForm 
BMPForm 
UTF8Form 

Definition at line 1222 of file nsNSSCertHelper.cpp.


Function Documentation

static nsresult AppendBMPtoUTF16 ( PRArenaPool arena,
unsigned char *  data,
unsigned int  len,
nsAString &  text 
) [static]

Definition at line 941 of file nsNSSCertHelper.cpp.

{
  unsigned int   utf8ValLen;
  unsigned char *utf8Val;

  if (len % 2 != 0)
    return NS_ERROR_FAILURE;

  /* XXX instead of converting to and from UTF-8, it would
     be sufficient to just swap bytes, or do nothing */
  utf8ValLen = len * 3 + 1;
  utf8Val = (unsigned char*)PORT_ArenaZAlloc(arena, utf8ValLen);
  if (!PORT_UCS2_UTF8Conversion(PR_FALSE, data, len,
                            utf8Val, utf8ValLen, &utf8ValLen))
    return NS_ERROR_FAILURE;
  AppendUTF8toUTF16((char*)utf8Val, text);
  return NS_OK;
}

Here is the call graph for this function:

Here is the caller graph for this function:

PRUint32 getCertType ( CERTCertificate *  cert)

Definition at line 2088 of file nsNSSCertHelper.cpp.

{
  nsNSSCertTrust trust(cert->trust);
  if (cert->nickname && trust.HasAnyUser())
    return nsIX509Cert::USER_CERT;
  if (trust.HasAnyCA())
    return nsIX509Cert::CA_CERT;
  if (trust.HasPeer(PR_TRUE, PR_FALSE, PR_FALSE))
    return nsIX509Cert::SERVER_CERT;
  if (trust.HasPeer(PR_FALSE, PR_TRUE, PR_FALSE) && cert->emailAddr)
    return nsIX509Cert::EMAIL_CERT;
  if (CERT_IsCACert(cert,NULL))
    return nsIX509Cert::CA_CERT;
  if (cert->emailAddr)
    return nsIX509Cert::EMAIL_CERT;
  return nsIX509Cert::SERVER_CERT;
}

Here is the call graph for this function:

Here is the caller graph for this function:

static nsresult GetDefaultOIDFormat ( SECItem *  oid,
nsAString &  outString,
char  separator 
) [static]

Definition at line 209 of file nsNSSCertHelper.cpp.

{
  char buf[300];
  unsigned int len;
  int written;
    
  unsigned long val  = oid->data[0];
  unsigned int  i    = val % 40;
  val /= 40;
  written = PR_snprintf(buf, 300, "%lu%c%u", val, separator, i);
  if (written < 0)
    return NS_ERROR_FAILURE;       
  len = written;

  val = 0;
  for (i = 1; i < oid->len; ++i) {
    // In this loop, we have to parse a DER formatted 
    // If the first bit is a 1, then the integer is 
    // represented by more than one byte.  If the 
    // first bit is set then we continue on and add
    // the values of the later bytes until we get 
    // a byte without the first bit set.
    unsigned long j;

    j = oid->data[i];
    val = (val << 7) | (j & 0x7f);
    if (j & 0x80)
      continue;
    written = PR_snprintf(&buf[len], sizeof(buf)-len, "%c%lu", 
                       separator, val);
    if (written < 0)
      return NS_ERROR_FAILURE;

    len += written;
    NS_ASSERTION(len < sizeof(buf), "OID data to big to display in 300 chars.");
    val = 0;      
  }

  CopyASCIItoUTF16(buf, outString);
  return NS_OK; 
}

Here is the call graph for this function:

Here is the caller graph for this function:

static nsresult GetIntValue ( SECItem *  versionItem,
unsigned long version 
) [static]

Definition at line 108 of file nsNSSCertHelper.cpp.

{
  SECStatus srv;

  srv = SEC_ASN1DecodeInteger(versionItem,version);
  if (srv != SECSuccess) {
    NS_ASSERTION(0,"Could not decode version of cert");
    return NS_ERROR_FAILURE;
  }
  return NS_OK;
}

Here is the call graph for this function:

Here is the caller graph for this function:

CERTCertNicknames* getNSSCertNicknamesFromCertList ( CERTCertList *  certList)

Definition at line 2107 of file nsNSSCertHelper.cpp.

{
  nsresult rv;

  nsCOMPtr<nsINSSComponent> nssComponent(do_GetService(kNSSComponentCID, &rv));
  if (NS_FAILED(rv))
    return nsnull;

  nsAutoString expiredString, notYetValidString;
  nsAutoString expiredStringLeadingSpace, notYetValidStringLeadingSpace;

  nssComponent->GetPIPNSSBundleString("NicknameExpired", expiredString);
  nssComponent->GetPIPNSSBundleString("NicknameNotYetValid", notYetValidString);

  expiredStringLeadingSpace.Append(NS_LITERAL_STRING(" "));
  expiredStringLeadingSpace.Append(expiredString);

  notYetValidStringLeadingSpace.Append(NS_LITERAL_STRING(" "));
  notYetValidStringLeadingSpace.Append(notYetValidString);

  NS_ConvertUCS2toUTF8 aUtf8ExpiredString(expiredStringLeadingSpace);
  NS_ConvertUCS2toUTF8 aUtf8NotYetValidString(notYetValidStringLeadingSpace);

  return CERT_NicknameStringsFromCertList(certList,
                                          NS_CONST_CAST(char*, aUtf8ExpiredString.get()),
                                          NS_CONST_CAST(char*, aUtf8NotYetValidString.get()));
  
}

Here is the call graph for this function:

Here is the caller graph for this function:

static nsresult GetOIDText ( SECItem *  oid,
nsINSSComponent *  nssComponent,
nsAString &  text 
) [static]

Definition at line 254 of file nsNSSCertHelper.cpp.

{ 
  nsresult rv;
  SECOidTag oidTag = SECOID_FindOIDTag(oid);
  const char *bundlekey = 0;

  switch (oidTag) {
  case SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION:
    bundlekey = "CertDumpMD2WithRSA";
    break;
  case SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION:
    bundlekey = "CertDumpMD5WithRSA";
    break;
  case SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION:
    bundlekey = "CertDumpSHA1WithRSA";
    break;
  case SEC_OID_PKCS1_RSA_ENCRYPTION:
    bundlekey = "CertDumpRSAEncr";
    break;
  case SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION:
    bundlekey = "CertDumpSHA256WithRSA";
    break;
  case SEC_OID_PKCS1_SHA384_WITH_RSA_ENCRYPTION:
    bundlekey = "CertDumpSHA384WithRSA";
    break;
  case SEC_OID_PKCS1_SHA512_WITH_RSA_ENCRYPTION:
    bundlekey = "CertDumpSHA512WithRSA";
    break;
  case SEC_OID_NS_CERT_EXT_CERT_TYPE:
    bundlekey = "CertDumpCertType";
    break;
  case SEC_OID_NS_CERT_EXT_BASE_URL:
    bundlekey = "CertDumpNSCertExtBaseUrl";
    break;
  case SEC_OID_NS_CERT_EXT_REVOCATION_URL:
    bundlekey = "CertDumpNSCertExtRevocationUrl";
    break;
  case SEC_OID_NS_CERT_EXT_CA_REVOCATION_URL:
    bundlekey = "CertDumpNSCertExtCARevocationUrl";
    break;
  case SEC_OID_NS_CERT_EXT_CERT_RENEWAL_URL:
    bundlekey = "CertDumpNSCertExtCertRenewalUrl";
    break;
  case SEC_OID_NS_CERT_EXT_CA_POLICY_URL:
    bundlekey = "CertDumpNSCertExtCAPolicyUrl";
    break;
  case SEC_OID_NS_CERT_EXT_SSL_SERVER_NAME:
    bundlekey = "CertDumpNSCertExtSslServerName";
    break;
  case SEC_OID_NS_CERT_EXT_COMMENT:
    bundlekey = "CertDumpNSCertExtComment";
    break;
  case SEC_OID_NS_CERT_EXT_LOST_PASSWORD_URL:
    bundlekey = "CertDumpNSCertExtLostPasswordUrl";
    break;
  case SEC_OID_NS_CERT_EXT_CERT_RENEWAL_TIME:
    bundlekey = "CertDumpNSCertExtCertRenewalTime";
    break;
  case SEC_OID_NETSCAPE_AOLSCREENNAME:
    bundlekey = "CertDumpNetscapeAolScreenname";
    break;
  case SEC_OID_AVA_COUNTRY_NAME:
    bundlekey = "CertDumpAVACountry";
    break;
  case SEC_OID_AVA_COMMON_NAME:
    bundlekey = "CertDumpAVACN";
    break;
  case SEC_OID_AVA_ORGANIZATIONAL_UNIT_NAME:
    bundlekey = "CertDumpAVAOU";
    break;
  case SEC_OID_AVA_ORGANIZATION_NAME:
    bundlekey = "CertDumpAVAOrg";
    break;
  case SEC_OID_AVA_LOCALITY:
    bundlekey = "CertDumpAVALocality";
    break;
  case SEC_OID_AVA_DN_QUALIFIER:
    bundlekey = "CertDumpAVADN";
    break;
  case SEC_OID_AVA_DC:
    bundlekey = "CertDumpAVADC";
    break;
  case SEC_OID_AVA_STATE_OR_PROVINCE:
    bundlekey = "CertDumpAVAState";
    break;
  case SEC_OID_X509_SUBJECT_DIRECTORY_ATTR:
    bundlekey = "CertDumpSubjectDirectoryAttr";
    break;
  case SEC_OID_X509_SUBJECT_KEY_ID:
    bundlekey = "CertDumpSubjectKeyID";
    break;
  case SEC_OID_X509_KEY_USAGE:
    bundlekey = "CertDumpKeyUsage";
    break;
  case SEC_OID_X509_SUBJECT_ALT_NAME:
    bundlekey = "CertDumpSubjectAltName";
    break;
  case SEC_OID_X509_ISSUER_ALT_NAME:
    bundlekey = "CertDumpIssuerAltName";
    break;
  case SEC_OID_X509_BASIC_CONSTRAINTS:
    bundlekey = "CertDumpBasicConstraints";
    break;
  case SEC_OID_X509_NAME_CONSTRAINTS:
    bundlekey = "CertDumpNameConstraints";
    break;
  case SEC_OID_X509_CRL_DIST_POINTS:
    bundlekey = "CertDumpCrlDistPoints";
    break;
  case SEC_OID_X509_CERTIFICATE_POLICIES:
    bundlekey = "CertDumpCertPolicies";
    break;
  case SEC_OID_X509_POLICY_MAPPINGS:
    bundlekey = "CertDumpPolicyMappings";
    break;
  case SEC_OID_X509_POLICY_CONSTRAINTS:
    bundlekey = "CertDumpPolicyConstraints";
    break;
  case SEC_OID_X509_AUTH_KEY_ID:
    bundlekey = "CertDumpAuthKeyID";
    break;
  case SEC_OID_X509_EXT_KEY_USAGE:
    bundlekey = "CertDumpExtKeyUsage";
    break;
  case SEC_OID_X509_AUTH_INFO_ACCESS:
    bundlekey = "CertDumpAuthInfoAccess";
    break;
  case SEC_OID_ANSIX9_DSA_SIGNATURE:
    bundlekey = "CertDumpAnsiX9DsaSignature";
    break;
  case SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST:
    bundlekey = "CertDumpAnsiX9DsaSignatureWithSha1";
    break;
  case SEC_OID_ANSIX962_ECDSA_SIGNATURE_WITH_SHA1_DIGEST:
    bundlekey = "CertDumpAnsiX962ECDsaSignatureWithSha1";
    break;
  case SEC_OID_RFC1274_UID:
    bundlekey = "CertDumpUserID";
    break;
  case SEC_OID_PKCS9_EMAIL_ADDRESS:
    bundlekey = "CertDumpPK9Email";
    break;
  case SEC_OID_ANSIX962_EC_PUBLIC_KEY:
    bundlekey = "CertDumpECPublicKey";
    break;
  /* ANSI X9.62 named elliptic curves (prime field) */
  case SEC_OID_ANSIX962_EC_PRIME192V1:
    /* same as SEC_OID_SECG_EC_SECP192r1 */
    bundlekey = "CertDumpECprime192v1";
    break;
  case SEC_OID_ANSIX962_EC_PRIME192V2:
    bundlekey = "CertDumpECprime192v2";
    break;
  case SEC_OID_ANSIX962_EC_PRIME192V3:
    bundlekey = "CertDumpECprime192v3";
    break;
  case SEC_OID_ANSIX962_EC_PRIME239V1:
    bundlekey = "CertDumpECprime239v1";
    break;
  case SEC_OID_ANSIX962_EC_PRIME239V2:
    bundlekey = "CertDumpECprime239v2";
    break;
  case SEC_OID_ANSIX962_EC_PRIME239V3:
    bundlekey = "CertDumpECprime239v3";
    break;
  case SEC_OID_ANSIX962_EC_PRIME256V1:
    /* same as SEC_OID_SECG_EC_SECP256r1 */
    bundlekey = "CertDumpECprime256v1";
    break;
  /* SECG named elliptic curves (prime field) */
  case SEC_OID_SECG_EC_SECP112R1:
    bundlekey = "CertDumpECsecp112r1";
    break;
  case SEC_OID_SECG_EC_SECP112R2:
    bundlekey = "CertDumpECsecp112r2";
    break;
  case SEC_OID_SECG_EC_SECP128R1:
    bundlekey = "CertDumpECsecp128r1";
    break;
  case SEC_OID_SECG_EC_SECP128R2:
    bundlekey = "CertDumpECsecp128r2";
    break;
  case SEC_OID_SECG_EC_SECP160K1:
    bundlekey = "CertDumpECsecp160k1";
    break;
  case SEC_OID_SECG_EC_SECP160R1:
    bundlekey = "CertDumpECsecp160r1";
    break;
  case SEC_OID_SECG_EC_SECP160R2:
    bundlekey = "CertDumpECsecp160r2";
    break;
  case SEC_OID_SECG_EC_SECP192K1:
    bundlekey = "CertDumpECsecp192k1";
    break;
  case SEC_OID_SECG_EC_SECP224K1:
    bundlekey = "CertDumpECsecp224k1";
    break;
  case SEC_OID_SECG_EC_SECP224R1:
    bundlekey = "CertDumpECsecp224r1";
    break;
  case SEC_OID_SECG_EC_SECP256K1:
    bundlekey = "CertDumpECsecp256k1";
    break;
  case SEC_OID_SECG_EC_SECP384R1:
    bundlekey = "CertDumpECsecp384r1";
    break;

  case SEC_OID_SECG_EC_SECP521R1:
    bundlekey = "CertDumpECsecp521r1";
    break;
  /* ANSI X9.62 named elliptic curves (characteristic two field) */
  case SEC_OID_ANSIX962_EC_C2PNB163V1:
    bundlekey = "CertDumpECc2pnb163v1";
    break;
  case SEC_OID_ANSIX962_EC_C2PNB163V2:
    bundlekey = "CertDumpECc2pnb163v2";
    break;
  case SEC_OID_ANSIX962_EC_C2PNB163V3:
    bundlekey = "CertDumpECc2pnb163v3";
    break;
  case SEC_OID_ANSIX962_EC_C2PNB176V1:
    bundlekey = "CertDumpECc2pnb176v1";
    break;
  case SEC_OID_ANSIX962_EC_C2TNB191V1:
    bundlekey = "CertDumpECc2tnb191v1";
    break;
  case SEC_OID_ANSIX962_EC_C2TNB191V2:
    bundlekey = "CertDumpECc2tnb191v2";
    break;
  case SEC_OID_ANSIX962_EC_C2TNB191V3:
    bundlekey = "CertDumpECc2tnb191v3";
    break;
  case SEC_OID_ANSIX962_EC_C2ONB191V4:
    bundlekey = "CertDumpECc2onb191v4";
    break;
  case SEC_OID_ANSIX962_EC_C2ONB191V5:
    bundlekey = "CertDumpECc2onb191v5";
    break;
  case SEC_OID_ANSIX962_EC_C2PNB208W1:
    bundlekey = "CertDumpECc2pnb208w1";
    break;
  case SEC_OID_ANSIX962_EC_C2TNB239V1:
    bundlekey = "CertDumpECc2tnb239v1";
    break;
  case SEC_OID_ANSIX962_EC_C2TNB239V2:
    bundlekey = "CertDumpECc2tnb239v2";
    break;
  case SEC_OID_ANSIX962_EC_C2TNB239V3:
    bundlekey = "CertDumpECc2tnb239v3";
    break;
  case SEC_OID_ANSIX962_EC_C2ONB239V4:
    bundlekey = "CertDumpECc2onb239v4";
    break;
  case SEC_OID_ANSIX962_EC_C2ONB239V5:
    bundlekey = "CertDumpECc2onb239v5";
    break;
  case SEC_OID_ANSIX962_EC_C2PNB272W1:
    bundlekey = "CertDumpECc2pnb272w1";
    break;
  case SEC_OID_ANSIX962_EC_C2PNB304W1:
    bundlekey = "CertDumpECc2pnb304w1";
    break;
  case SEC_OID_ANSIX962_EC_C2TNB359V1:
    bundlekey = "CertDumpECc2tnb359v1";
    break;
  case SEC_OID_ANSIX962_EC_C2PNB368W1:
    bundlekey = "CertDumpECc2pnb368w1";
    break;
  case SEC_OID_ANSIX962_EC_C2TNB431R1:
    bundlekey = "CertDumpECc2tnb431r1";
    break;
  /* SECG named elliptic curves (characteristic two field) */
  case SEC_OID_SECG_EC_SECT113R1:
    bundlekey = "CertDumpECsect113r1";
    break;
  case SEC_OID_SECG_EC_SECT113R2:
    bundlekey = "CertDumpECsect113r2";
    break;
  case SEC_OID_SECG_EC_SECT131R1:
    bundlekey = "CertDumpECsect131r1";
    break;
  case SEC_OID_SECG_EC_SECT131R2:
    bundlekey = "CertDumpECsect131r2";
    break;
  case SEC_OID_SECG_EC_SECT163K1:
    bundlekey = "CertDumpECsect163k1";
    break;
  case SEC_OID_SECG_EC_SECT163R1:
    bundlekey = "CertDumpECsect163r1";
    break;
  case SEC_OID_SECG_EC_SECT163R2:
    bundlekey = "CertDumpECsect163r2";
    break;
  case SEC_OID_SECG_EC_SECT193R1:
    bundlekey = "CertDumpECsect193r1";
    break;
  case SEC_OID_SECG_EC_SECT193R2:
    bundlekey = "CertDumpECsect193r2";
    break;
  case SEC_OID_SECG_EC_SECT233K1:
    bundlekey = "CertDumpECsect233k1";
    break;
  case SEC_OID_SECG_EC_SECT233R1:
    bundlekey = "CertDumpECsect233r1";
    break;
  case SEC_OID_SECG_EC_SECT239K1:
    bundlekey = "CertDumpECsect239k1";
    break;
  case SEC_OID_SECG_EC_SECT283K1:
    bundlekey = "CertDumpECsect283k1";
    break;
  case SEC_OID_SECG_EC_SECT283R1:
    bundlekey = "CertDumpECsect283r1";
    break;
  case SEC_OID_SECG_EC_SECT409K1:
    bundlekey = "CertDumpECsect409k1";
    break;
  case SEC_OID_SECG_EC_SECT409R1:
    bundlekey = "CertDumpECsect409r1";
    break;
  case SEC_OID_SECG_EC_SECT571K1:
    bundlekey = "CertDumpECsect571k1";
    break;
  case SEC_OID_SECG_EC_SECT571R1:
    bundlekey = "CertDumpECsect571r1";
    break;
  default: 
    if (oidTag == SEC_OID(MS_CERT_EXT_CERTTYPE)) {
      bundlekey = "CertDumpMSCerttype";
      break;
    }
    if (oidTag == SEC_OID(MS_CERTSERV_CA_VERSION)) {
      bundlekey = "CertDumpMSCAVersion";
      break;
    }
    if (oidTag == SEC_OID(PKIX_LOGOTYPE)) {
      bundlekey = "CertDumpLogotype";
      break;
    }
    /* fallthrough */
  }

  if (bundlekey) {
    rv = nssComponent->GetPIPNSSBundleString(bundlekey, text);
  } else {
    nsAutoString text2;
    rv = GetDefaultOIDFormat(oid, text2, ' ');
    if (NS_FAILED(rv))
      return rv;

    const PRUnichar *params[1] = {text2.get()};
    rv = nssComponent->PIPBundleFormatStringFromName("CertDumpDefOID",
                                                     params, 1, text);
  }
  return rv;  
}

Here is the call graph for this function:

Here is the caller graph for this function:

static NS_DEFINE_CID ( kDateTimeFormatCID  ,
NS_DATETIMEFORMAT_CID   
) [static]
static NS_DEFINE_CID ( kNSSComponentCID  ,
NS_NSSCOMPONENT_CID   
) [static]
static nsresult ProcessAltName ( SECItem *  extData,
nsAString &  text,
nsINSSComponent *  nssComponent 
) [static]

Definition at line 1123 of file nsNSSCertHelper.cpp.

{
  nsresult rv = NS_OK;
  PRArenaPool *arena;
  CERTGeneralName *nameList;

  arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
  if (!arena)
    return NS_ERROR_FAILURE;

  nameList = CERT_DecodeAltNameExtension(arena, extData);
  if (!nameList)
    goto finish;

  rv = ProcessGeneralNames(arena, nameList, text, nssComponent);

 finish:
  PORT_FreeArena(arena, PR_FALSE);
  return rv;
}

Here is the call graph for this function:

Here is the caller graph for this function:

static nsresult ProcessAuthInfoAccess ( SECItem *  extData,
nsAString &  text,
nsINSSComponent *  nssComponent 
) [static]

Definition at line 1496 of file nsNSSCertHelper.cpp.

{
  CERTAuthInfoAccess **aia, *desc;
  PRArenaPool *arena;
  nsresult rv = NS_OK;
  nsAutoString local;

  arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
  if (!arena)
    return NS_ERROR_FAILURE;

  aia = CERT_DecodeAuthInfoAccessExtension(arena, extData);
  if (aia == NULL)
    goto finish;

  while (*aia != NULL) {
    desc = *aia++;
    switch (SECOID_FindOIDTag(&desc->method)) {
    case SEC_OID_PKIX_OCSP:
      nssComponent->GetPIPNSSBundleString("CertDumpOCSPResponder", local);
      break;
    case SEC_OID_PKIX_CA_ISSUERS:
      nssComponent->GetPIPNSSBundleString("CertDumpCAIssuers", local);
      break;
    default:
      rv = GetDefaultOIDFormat(&desc->method, local, '.');
      if (NS_FAILED(rv))
       goto finish;
    }
    text.Append(local);
    text.Append(NS_LITERAL_STRING(": "));
    rv = ProcessGeneralName(arena, desc->location, text, nssComponent);
    if (NS_FAILED(rv))
      goto finish;
  }

 finish:
  PORT_FreeArena(arena, PR_FALSE);
  return rv;
}

Here is the call graph for this function:

Here is the caller graph for this function:

static nsresult ProcessAuthKeyId ( SECItem *  extData,
nsAString &  text,
nsINSSComponent *  nssComponent 
) [static]

Definition at line 1178 of file nsNSSCertHelper.cpp.

{
  CERTAuthKeyID *ret;
  PRArenaPool *arena;
  nsresult rv = NS_OK;
  nsAutoString local;

  arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
  if (!arena)
    return NS_ERROR_FAILURE;

  ret = CERT_DecodeAuthKeyID (arena, extData);

  if (ret->keyID.len > 0) {
    nssComponent->GetPIPNSSBundleString("CertDumpKeyID", local);
    text.Append(local);
    text.Append(NS_LITERAL_STRING(": "));
    ProcessRawBytes(nssComponent, &ret->keyID, text);
    text.Append(NS_LITERAL_STRING(SEPARATOR));
  }

  if (ret->authCertIssuer) {
    nssComponent->GetPIPNSSBundleString("CertDumpIssuer", local);
    text.Append(local);
    text.Append(NS_LITERAL_STRING(": "));
    rv = ProcessGeneralNames(arena, ret->authCertIssuer, text, nssComponent);
    if (NS_FAILED(rv))
      goto finish;
  }

  if (ret->authCertSerialNumber.len > 0) {
    nssComponent->GetPIPNSSBundleString("CertDumpSerialNo", local);
    text.Append(local);
    text.Append(NS_LITERAL_STRING(": "));
    ProcessRawBytes(nssComponent, &ret->authCertSerialNumber, text);
  }

 finish:
  PORT_FreeArena(arena, PR_FALSE);
  return rv;
}

Here is the call graph for this function:

Here is the caller graph for this function:

static nsresult ProcessBasicConstraints ( SECItem *  extData,
nsAString &  text,
nsINSSComponent *  nssComponent 
) [static]

Definition at line 758 of file nsNSSCertHelper.cpp.

{
  nsAutoString local;
  CERTBasicConstraints value;
  SECStatus rv;
  nsresult rv2;

  value.pathLenConstraint = -1;
  rv = CERT_DecodeBasicConstraintValue (&value, extData);
  if (rv != SECSuccess) {
    ProcessRawBytes(nssComponent, extData, text);
    return NS_OK;
  }
  if (value.isCA)
    rv2 = nssComponent->GetPIPNSSBundleString("CertDumpIsCA", local);
  else
    rv2 = nssComponent->GetPIPNSSBundleString("CertDumpIsNotCA", local);
  if (NS_FAILED(rv2))
    return rv2;
  text.Append(local.get());
  if (value.pathLenConstraint != -1) {
    nsAutoString depth;
    if (value.pathLenConstraint == CERT_UNLIMITED_PATH_CONSTRAINT)
      nssComponent->GetPIPNSSBundleString("CertDumpPathLenUnlimited", depth);
    else
      depth.AppendInt(value.pathLenConstraint);
    const PRUnichar *params[1] = {depth.get()};
    rv2 = nssComponent->PIPBundleFormatStringFromName("CertDumpPathLen",
                                                      params, 1, local);
    if (NS_FAILED(rv2))
      return rv2;
    text.Append(NS_LITERAL_STRING(SEPARATOR).get());
    text.Append(local.get());
  }
  return NS_OK;
}

Here is the call graph for this function:

Here is the caller graph for this function:

static nsresult ProcessBMPString ( SECItem *  extData,
nsAString &  text,
nsINSSComponent *  nssComponent 
) [static]

Definition at line 963 of file nsNSSCertHelper.cpp.

{
  SECItem item;
  PRArenaPool *arena;
  nsresult rv = NS_ERROR_FAILURE;
  
  arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
  if (!arena)
    return NS_ERROR_FAILURE;

  if (SECSuccess == SEC_ASN1DecodeItem(arena, &item, 
                                   SEC_ASN1_GET(SEC_BMPStringTemplate),
                                   extData))
    rv = AppendBMPtoUTF16(arena, item.data, item.len, text);
  PORT_FreeArena(arena, PR_FALSE);
  return rv;
}

Here is the call graph for this function:

Here is the caller graph for this function:

static nsresult ProcessCertificatePolicies ( SECItem *  extData,
nsAString &  text,
nsINSSComponent *  nssComponent 
) [static]

Definition at line 1329 of file nsNSSCertHelper.cpp.

{
  CERTCertificatePolicies *policies;
  CERTPolicyInfo **policyInfos, *policyInfo;
  CERTPolicyQualifier **policyQualifiers, *policyQualifier;
  nsAutoString local;
  nsresult rv = NS_OK;

  policies = CERT_DecodeCertificatePoliciesExtension(extData);
  if ( policies == NULL )
    return NS_ERROR_FAILURE;

  policyInfos = policies->policyInfos;
  while (*policyInfos != NULL ) {
    policyInfo = *policyInfos++;
    switch (policyInfo->oid) {
    case SEC_OID_VERISIGN_USER_NOTICES:
      nssComponent->GetPIPNSSBundleString("CertDumpVerisignNotices", local);
      text.Append(local);
      break;
    default:
      GetDefaultOIDFormat(&policyInfo->policyID, local, '.');
      text.Append(local);
    }
    if (policyInfo->policyQualifiers) {
      /* Add all qualifiers on separate lines, indented */
      policyQualifiers = policyInfo->policyQualifiers;
      text.Append(NS_LITERAL_STRING(":"));
      text.Append(NS_LITERAL_STRING(SEPARATOR));
      while (*policyQualifiers != NULL) {
       text.Append(NS_LITERAL_STRING("  "));
       policyQualifier = *policyQualifiers++;
       switch(policyQualifier->oid) {
       case SEC_OID_PKIX_CPS_POINTER_QUALIFIER:
         nssComponent->GetPIPNSSBundleString("CertDumpCPSPointer", local);
         text.Append(local);
         text.Append(NS_LITERAL_STRING(":"));
         text.Append(NS_LITERAL_STRING(SEPARATOR));
         text.Append(NS_LITERAL_STRING("    "));
         /* The CPS pointer ought to be the cPSuri alternative
            of the Qualifier choice. */
         rv = ProcessIA5String(&policyQualifier->qualifierValue,
                            text, nssComponent);
         if (NS_FAILED(rv))
           goto finish;
         break;
       case SEC_OID_PKIX_USER_NOTICE_QUALIFIER:
         nssComponent->GetPIPNSSBundleString("CertDumpUserNotice", local);
         text.Append(local);
         text.Append(NS_LITERAL_STRING(": "));
         rv = ProcessUserNotice(&policyQualifier->qualifierValue,
                             text, nssComponent);
         break;
       default:
         GetDefaultOIDFormat(&policyQualifier->qualifierID, local, '.');
         text.Append(local);
         text.Append(NS_LITERAL_STRING(": "));
         ProcessRawBytes(nssComponent, &policyQualifier->qualifierValue, text);
       }
       text.Append(NS_LITERAL_STRING(SEPARATOR));
      } /* while policyQualifiers */
    } /* if policyQualifiers */
    text.Append(NS_LITERAL_STRING(SEPARATOR));
  }

 finish:
  CERT_DestroyCertificatePoliciesExtension(policies);
  return rv;
}

Here is the call graph for this function:

Here is the caller graph for this function:

static nsresult ProcessCrlDistPoints ( SECItem *  extData,
nsAString &  text,
nsINSSComponent *  nssComponent 
) [static]

Definition at line 1402 of file nsNSSCertHelper.cpp.

{
  CERTCrlDistributionPoints *crldp;
  CRLDistributionPoint **points, *point;
  PRArenaPool *arena;
  nsresult rv = NS_OK;
  nsAutoString local;
  int reasons, comma;

  arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
  if (!arena)
    return NS_ERROR_FAILURE;

  crldp = CERT_DecodeCRLDistributionPoints(arena, extData);
  if (!crldp || !crldp->distPoints) {
    rv = NS_ERROR_FAILURE;
    goto finish;
  }

  for(points = crldp->distPoints; *points; points++) {
    point = *points;
    switch (point->distPointType) {
    case generalName:
      rv = ProcessGeneralName(arena, point->distPoint.fullName,
                           text, nssComponent);
      if (NS_FAILED(rv))
       goto finish;
      break;
    case relativeDistinguishedName:
      rv = ProcessRDN(&point->distPoint.relativeName, 
                    text, nssComponent);
      if (NS_FAILED(rv))
       goto finish;
      break;
    }
    if (point->reasons.len) { 
      reasons = point->reasons.data[0];
      text.Append(NS_LITERAL_STRING(" "));
      comma = 0;
      if (reasons & RF_UNUSED) {
       nssComponent->GetPIPNSSBundleString("CertDumpUnused", local);
       text.Append(local); comma = 1;
      }
      if (reasons & RF_KEY_COMPROMISE) {
       if (comma) text.Append(NS_LITERAL_STRING(", "));
       nssComponent->GetPIPNSSBundleString("CertDumpKeyCompromise", local);
       text.Append(local); comma = 1;
      }
      if (reasons & RF_CA_COMPROMISE) {
       if (comma) text.Append(NS_LITERAL_STRING(", "));
       nssComponent->GetPIPNSSBundleString("CertDumpCACompromise", local);
       text.Append(local); comma = 1;
      }
      if (reasons & RF_AFFILIATION_CHANGED) {
       if (comma) text.Append(NS_LITERAL_STRING(", "));
       nssComponent->GetPIPNSSBundleString("CertDumpAffiliationChanged", local);
       text.Append(local); comma = 1;
      }
      if (reasons & RF_SUPERSEDED) {
       if (comma) text.Append(NS_LITERAL_STRING(", "));
       nssComponent->GetPIPNSSBundleString("CertDumpSuperseded", local);
       text.Append(local); comma = 1;
      }
      if (reasons & RF_CESSATION_OF_OPERATION) {
       if (comma) text.Append(NS_LITERAL_STRING(", "));
       nssComponent->GetPIPNSSBundleString("CertDumpCessation", local);
       text.Append(local); comma = 1;
      }
      if (reasons & RF_CERTIFICATE_HOLD) {
       if (comma) text.Append(NS_LITERAL_STRING(", "));
       nssComponent->GetPIPNSSBundleString("CertDumpHold", local);
       text.Append(local); comma = 1;
      }
      text.Append(NS_LITERAL_STRING(SEPARATOR));
    }
    if (point->crlIssuer) {
      nssComponent->GetPIPNSSBundleString("CertDumpIssuer", local);
      text.Append(local);
      text.Append(NS_LITERAL_STRING(": "));
      rv = ProcessGeneralNames(arena, point->crlIssuer,
                            text, nssComponent);
      if (NS_FAILED(rv))
       goto finish;
    }
  }
  
 finish:
  PORT_FreeArena(arena, PR_FALSE);
  return NS_OK;
}

Here is the call graph for this function:

Here is the caller graph for this function:

static nsresult ProcessExtensionData ( SECOidTag  oidTag,
SECItem *  extData,
nsAString &  text,
nsINSSComponent *  nssComponent 
) [static]

Definition at line 1570 of file nsNSSCertHelper.cpp.

{
  nsresult rv;
  switch (oidTag) {
  case SEC_OID_NS_CERT_EXT_CERT_TYPE:
    rv = ProcessNSCertTypeExtensions(extData, text, nssComponent);
    break;
  case SEC_OID_X509_KEY_USAGE:
    rv = ProcessKeyUsageExtension(extData, text, nssComponent);
    break;
  case SEC_OID_X509_BASIC_CONSTRAINTS:
    rv = ProcessBasicConstraints(extData, text, nssComponent);
    break;
  case SEC_OID_X509_EXT_KEY_USAGE:
    rv = ProcessExtKeyUsage(extData, text, nssComponent);
    break;
  case SEC_OID_X509_ISSUER_ALT_NAME:
  case SEC_OID_X509_SUBJECT_ALT_NAME:
    rv = ProcessAltName(extData, text, nssComponent);
    break;
  case SEC_OID_X509_SUBJECT_KEY_ID:
    rv = ProcessSubjectKeyId(extData, text, nssComponent);
    break;
  case SEC_OID_X509_AUTH_KEY_ID:
    rv = ProcessAuthKeyId(extData, text, nssComponent);
    break;
  case SEC_OID_X509_CERTIFICATE_POLICIES:
    rv = ProcessCertificatePolicies(extData, text, nssComponent);
    break;
  case SEC_OID_X509_CRL_DIST_POINTS:
    rv = ProcessCrlDistPoints(extData, text, nssComponent);
    break;
  case SEC_OID_X509_AUTH_INFO_ACCESS:
    rv = ProcessAuthInfoAccess(extData, text, nssComponent);
    break;
  case SEC_OID_NS_CERT_EXT_BASE_URL:
  case SEC_OID_NS_CERT_EXT_REVOCATION_URL:
  case SEC_OID_NS_CERT_EXT_CA_REVOCATION_URL:
  case SEC_OID_NS_CERT_EXT_CA_CERT_URL:
  case SEC_OID_NS_CERT_EXT_CERT_RENEWAL_URL:
  case SEC_OID_NS_CERT_EXT_CA_POLICY_URL:
  case SEC_OID_NS_CERT_EXT_HOMEPAGE_URL:
  case SEC_OID_NS_CERT_EXT_COMMENT:
  case SEC_OID_NS_CERT_EXT_SSL_SERVER_NAME:
  case SEC_OID_NS_CERT_EXT_LOST_PASSWORD_URL:
    rv = ProcessIA5String(extData, text, nssComponent);
    break;
  default:
    if (oidTag == SEC_OID(MS_CERT_EXT_CERTTYPE)) {
      rv = ProcessBMPString(extData, text, nssComponent);
      break;
    }
    if (oidTag == SEC_OID(MS_CERTSERV_CA_VERSION)) {
      rv = ProcessMSCAVersion(extData, text, nssComponent);
      break;
    }
    rv = ProcessRawBytes(nssComponent, extData, text);
    break; 
  }
  return rv;
}

Here is the call graph for this function:

Here is the caller graph for this function:

static nsresult ProcessExtensions ( CERTCertExtension **  extensions,
nsIASN1Sequence parentSequence,
nsINSSComponent *  nssComponent 
) [static]

Definition at line 1811 of file nsNSSCertHelper.cpp.

{
  nsCOMPtr<nsIASN1Sequence> extensionSequence = new nsNSSASN1Sequence;
  if (extensionSequence == nsnull)
    return NS_ERROR_OUT_OF_MEMORY;

  nsString text;
  nssComponent->GetPIPNSSBundleString("CertDumpExtensions", text);
  extensionSequence->SetDisplayName(text);
  PRInt32 i;
  nsresult rv;
  nsCOMPtr<nsIASN1PrintableItem> newExtension;
  nsCOMPtr<nsIMutableArray> asn1Objects;
  extensionSequence->GetASN1Objects(getter_AddRefs(asn1Objects));
  for (i=0; extensions[i] != nsnull; i++) {
    rv = ProcessSingleExtension(extensions[i], nssComponent,
                                getter_AddRefs(newExtension));
    if (NS_FAILED(rv))
      return rv;

    asn1Objects->AppendElement(newExtension, PR_FALSE);
  }
  parentSequence->GetASN1Objects(getter_AddRefs(asn1Objects));
  asn1Objects->AppendElement(extensionSequence, PR_FALSE);
  return NS_OK;
}

Here is the call graph for this function:

Here is the caller graph for this function:

static nsresult ProcessExtKeyUsage ( SECItem *  extData,
nsAString &  text,
nsINSSComponent *  nssComponent 
) [static]

Definition at line 798 of file nsNSSCertHelper.cpp.

{
  nsAutoString local;
  CERTOidSequence *extKeyUsage = NULL;
  SECItem **oids;
  SECItem *oid;
  nsresult rv;
  
  extKeyUsage = CERT_DecodeOidSequence(extData);
  if (extKeyUsage == NULL)
    return NS_ERROR_FAILURE;

  oids = extKeyUsage->oids;
  while (oids != NULL && *oids != NULL) {
    // For each OID, try to find a bundle string
    // of the form CertDumpEKU_<underlined-OID>
    nsAutoString oidname;
    oid = *oids;
    rv = GetDefaultOIDFormat(oid, oidname, '_');
    if (NS_FAILED(rv))
      return rv;
    nsAutoString bundlekey = NS_LITERAL_STRING("CertDumpEKU_")+ oidname;
    NS_ConvertUTF16toUTF8 bk_ascii(bundlekey);
    
    rv = nssComponent->GetPIPNSSBundleString(bk_ascii.get(), local);
    nsresult rv2 = GetDefaultOIDFormat(oid, oidname, '.');
    if (NS_FAILED(rv2))
      return rv2;
    if (NS_SUCCEEDED(rv)) {
      // display name and OID in parentheses
      text.Append(local);
      text.Append(NS_LITERAL_STRING(" ("));
      text.Append(oidname);
      text.Append(NS_LITERAL_STRING(")"));
    } else
      // If there is no bundle string, just display the OID itself
      text.Append(oidname);

    text.Append(NS_LITERAL_STRING(SEPARATOR).get());
    oids++;
  }

  CERT_DestroyOidSequence(extKeyUsage);
  return NS_OK;
}

Here is the call graph for this function:

Here is the caller graph for this function:

static nsresult ProcessGeneralName ( PRArenaPool arena,
CERTGeneralName *  current,
nsAString &  text,
nsINSSComponent *  nssComponent 
) [static]

Definition at line 984 of file nsNSSCertHelper.cpp.

{
  nsAutoString key;
  nsXPIDLString value;
  nsresult rv = NS_OK;

  switch (current->type) {
  case certOtherName: {
    SECOidTag oidTag = SECOID_FindOIDTag(&current->name.OthName.oid);
    if (oidTag == SEC_OID(MS_NT_PRINCIPAL_NAME)) {
       /* The type of this name is apparently nowhere explicitly
          documented. However, in the generated templates, it is always
          UTF-8. So try to decode this as UTF-8; if that fails, dump the
          raw data. */
       SECItem decoded;
       nssComponent->GetPIPNSSBundleString("CertDumpMSNTPrincipal", key);
       if (SEC_ASN1DecodeItem(arena, &decoded, 
                            SEC_ASN1_GET(SEC_UTF8StringTemplate), 
                            &current->name.OthName.name) == SECSuccess) {
         AppendUTF8toUTF16(nsCAutoString((char*)decoded.data, decoded.len),
                         value);
       } else {
         ProcessRawBytes(nssComponent, &current->name.OthName.name, value);
       }
       break;
    } else if (oidTag == SEC_OID(MS_NTDS_REPLICATION)) {
       /* This should be a 16-byte GUID */
       SECItem guid;
       nssComponent->GetPIPNSSBundleString("CertDumpMSDomainGUID", key);
       if (SEC_ASN1DecodeItem(arena, &guid,
                            SEC_ASN1_GET(SEC_OctetStringTemplate),
                            &current->name.OthName.name) == SECSuccess
           && guid.len == 16) {
         char buf[40];
         unsigned char *d = guid.data;
         PR_snprintf(buf, sizeof(buf), 
                    "{%.2x%.2x%.2x%.2x-%.2x%.2x-%.2x%.2x-%.2x%.2x-%.2x%.2x%.2x%.2x%.2x%.2x}",
                    d[3], d[2], d[1], d[0], d[5], d[4], d[7], d[6],
                    d[8], d[9], d[10], d[11], d[12], d[13], d[14], d[15]);
         value.AssignASCII(buf);
       } else {
         ProcessRawBytes(nssComponent, &current->name.OthName.name, value);
       }
    } else {
      rv = GetDefaultOIDFormat(&current->name.OthName.oid, key, ' ');
      if (NS_FAILED(rv))
       goto finish;
      ProcessRawBytes(nssComponent, &current->name.OthName.name, value);
    }
    break;
  }
  case certRFC822Name:
    nssComponent->GetPIPNSSBundleString("CertDumpRFC822Name", key);
    value.AssignASCII((char*)current->name.other.data, current->name.other.len);
    break;
  case certDNSName:
    nssComponent->GetPIPNSSBundleString("CertDumpDNSName", key);
    value.AssignASCII((char*)current->name.other.data, current->name.other.len);
    break;
  case certX400Address:
    nssComponent->GetPIPNSSBundleString("CertDumpX400Address", key);
    ProcessRawBytes(nssComponent, &current->name.other, value);
    break;
  case certDirectoryName:
    nssComponent->GetPIPNSSBundleString("CertDumpDirectoryName", key);
    rv = ProcessName(&current->name.directoryName, nssComponent, 
                   getter_Copies(value));
    if (NS_FAILED(rv))
      goto finish;
    break;
  case certEDIPartyName:
    nssComponent->GetPIPNSSBundleString("CertDumpEDIPartyName", key);
    ProcessRawBytes(nssComponent, &current->name.other, value);
    break;
  case certURI:
    nssComponent->GetPIPNSSBundleString("CertDumpURI", key);
    value.AssignASCII((char*)current->name.other.data, current->name.other.len);
    break;
  case certIPAddress:
    {
      char buf[INET6_ADDRSTRLEN];
      PRStatus status = PR_FAILURE;
      PRNetAddr addr;
      memset(&addr, 0, sizeof(addr));
      nssComponent->GetPIPNSSBundleString("CertDumpIPAddress", key);
      if (current->name.other.len == 4) {
        addr.inet.family = PR_AF_INET;
        memcpy(&addr.inet.ip, current->name.other.data, current->name.other.len);
        status = PR_NetAddrToString(&addr, buf, sizeof(buf));
      } else if (current->name.other.len == 16) {
        addr.ipv6.family = PR_AF_INET6;
        memcpy(&addr.ipv6.ip, current->name.other.data, current->name.other.len);
        status = PR_NetAddrToString(&addr, buf, sizeof(buf));
      }
      if (status == PR_SUCCESS) {
        value.AssignASCII(buf);
      } else {
        /* invalid IP address */
        ProcessRawBytes(nssComponent, &current->name.other, value);
      }
      break;
    }
  case certRegisterID:
    nssComponent->GetPIPNSSBundleString("CertDumpRegisterID", key);
    rv = GetDefaultOIDFormat(&current->name.other, value, '.');
    if (NS_FAILED(rv))
      goto finish;
    break;
  }
  text.Append(key);
  text.Append(NS_LITERAL_STRING(": "));
  text.Append(value);
  text.Append(NS_LITERAL_STRING(SEPARATOR));
 finish:
    return rv;
}

Here is the call graph for this function:

Here is the caller graph for this function:

static nsresult ProcessGeneralNames ( PRArenaPool arena,
CERTGeneralName *  nameList,
nsAString &  text,
nsINSSComponent *  nssComponent 
) [static]

Definition at line 1105 of file nsNSSCertHelper.cpp.

{
  CERTGeneralName *current = nameList;
  nsresult rv;

  do {
    rv = ProcessGeneralName(arena, current, text, nssComponent);
    if (NS_FAILED(rv))
      break;
    current = CERT_GetNextGeneralName(current);
  } while (current != nameList);
  return rv;
}

Here is the call graph for this function:

Here is the caller graph for this function:

static nsresult ProcessIA5String ( SECItem *  extData,
nsAString &  text,
nsINSSComponent *  nssComponent 
) [static]

Definition at line 924 of file nsNSSCertHelper.cpp.

{
  SECItem item;
  nsAutoString local;
  if (SECSuccess != SEC_ASN1DecodeItem(nsnull, &item, 
                                   SEC_ASN1_GET(SEC_IA5StringTemplate),
                                   extData))
    return NS_ERROR_FAILURE;
  local.AssignASCII((char*)item.data, item.len);
  nsMemory::Free(item.data);
  text.Append(local);
  return NS_OK;
}

Here is the call graph for this function:

Here is the caller graph for this function:

static nsresult ProcessKeyUsageExtension ( SECItem *  extData,
nsAString &  text,
nsINSSComponent *  nssComponent 
) [static]

Definition at line 703 of file nsNSSCertHelper.cpp.

{
  nsAutoString local;
  SECItem decoded;
  decoded.data = nsnull;
  decoded.len  = 0;
  if (SECSuccess != SEC_ASN1DecodeItem(nsnull, &decoded, 
                            SEC_ASN1_GET(SEC_BitStringTemplate), extData)) {
    nssComponent->GetPIPNSSBundleString("CertDumpExtensionFailure", local);
    text.Append(local.get());
    return NS_OK;
  }
  unsigned char keyUsage = decoded.data[0];
  nsMemory::Free(decoded.data);  
  if (keyUsage & KU_DIGITAL_SIGNATURE) {
    nssComponent->GetPIPNSSBundleString("CertDumpKUSign", local);
    text.Append(local.get());
    text.Append(NS_LITERAL_STRING(SEPARATOR).get());
  }
  if (keyUsage & KU_NON_REPUDIATION) {
    nssComponent->GetPIPNSSBundleString("CertDumpKUNonRep", local);
    text.Append(local.get());
    text.Append(NS_LITERAL_STRING(SEPARATOR).get());
  }
  if (keyUsage & KU_KEY_ENCIPHERMENT) {
    nssComponent->GetPIPNSSBundleString("CertDumpKUEnc", local);
    text.Append(local.get());
    text.Append(NS_LITERAL_STRING(SEPARATOR).get());
  }
  if (keyUsage & KU_DATA_ENCIPHERMENT) {
    nssComponent->GetPIPNSSBundleString("CertDumpKUDEnc", local);
    text.Append(local.get());
    text.Append(NS_LITERAL_STRING(SEPARATOR).get());
  }
  if (keyUsage & KU_KEY_AGREEMENT) {
    nssComponent->GetPIPNSSBundleString("CertDumpKUKA", local);
    text.Append(local.get());
    text.Append(NS_LITERAL_STRING(SEPARATOR).get());
  }
  if (keyUsage & KU_KEY_CERT_SIGN) {
    nssComponent->GetPIPNSSBundleString("CertDumpKUCertSign", local);
    text.Append(local.get());
    text.Append(NS_LITERAL_STRING(SEPARATOR).get());
  }
  if (keyUsage & KU_CRL_SIGN) {
    nssComponent->GetPIPNSSBundleString("CertDumpKUCRLSigner", local);
    text.Append(local.get());
    text.Append(NS_LITERAL_STRING(SEPARATOR).get());
  }

  return NS_OK;
}

Here is the call graph for this function:

Here is the caller graph for this function:

static nsresult ProcessMSCAVersion ( SECItem *  extData,
nsAString &  text,
nsINSSComponent *  nssComponent 
) [static]

Definition at line 1540 of file nsNSSCertHelper.cpp.

{
  unsigned long version;
  nsresult rv;
  char buf[50];
  SECItem decoded;

  if (SECSuccess != SEC_ASN1DecodeItem(nsnull, &decoded, 
                                   SEC_ASN1_GET(SEC_IntegerTemplate), 
                                   extData))
    /* This extension used to be an Integer when this code
       was written, but apparently isn't anymore. Display
       the raw bytes instead. */
    return ProcessRawBytes(nssComponent, extData, text);

  rv = GetIntValue(&decoded, &version);
  nsMemory::Free(decoded.data);
  if (NS_FAILED(rv))
    /* Value out of range, display raw bytes */
    return ProcessRawBytes(nssComponent, extData, text);

  /* Apparently, the encoding is <minor><major>, with 16 bits each */
  PR_snprintf(buf, sizeof(buf), "%d.%d", version & 0xFFFF, version>>16);
  text.AppendASCII(buf);
  return NS_OK;
}

Here is the call graph for this function:

Here is the caller graph for this function:

static nsresult ProcessName ( CERTName *  name,
nsINSSComponent *  nssComponent,
PRUnichar **  value 
) [static]

Definition at line 882 of file nsNSSCertHelper.cpp.

{
  CERTRDN** rdns;
  CERTRDN** rdn;
  nsString finalString;

  rdns = name->rdns;

  nsresult rv;
  CERTRDN **lastRdn;
  lastRdn = rdns;


  /* find last RDN */
  lastRdn = rdns;
  while (*lastRdn) lastRdn++;
  // The above whille loop will put us at the last member
  // of the array which is a NULL pointer.  So let's back
  // up one spot so that we have the last non-NULL entry in 
  // the array in preparation for traversing the 
  // RDN's (Relative Distinguished Name) in reverse oder.
  lastRdn--;
   
  /*
   * Loop over name contents in _reverse_ RDN order appending to string
   * When building the Ascii string, NSS loops over these entries in 
   * reverse order, so I will as well.  The difference is that NSS
   * will always place them in a one line string separated by commas,
   * where I want each entry on a single line.  I can't just use a comma
   * as my delimitter because it is a valid character to have in the 
   * value portion of the AVA and could cause trouble when parsing.
   */
  for (rdn = lastRdn; rdn >= rdns; rdn--) {
    rv = ProcessRDN(*rdn, finalString, nssComponent);
    if (NS_FAILED(rv))
      return rv;
  }
  *value = ToNewUnicode(finalString);    
  return NS_OK;
}

Here is the call graph for this function:

Here is the caller graph for this function:

static nsresult ProcessNSCertTypeExtensions ( SECItem *  extData,
nsAString &  text,
nsINSSComponent *  nssComponent 
) [static]

Definition at line 648 of file nsNSSCertHelper.cpp.

{
  nsAutoString local;
  SECItem decoded;
  decoded.data = nsnull;
  decoded.len  = 0;
  if (SECSuccess != SEC_ASN1DecodeItem(nsnull, &decoded, 
              SEC_ASN1_GET(SEC_BitStringTemplate), extData)) {
    nssComponent->GetPIPNSSBundleString("CertDumpExtensionFailure", local);
    text.Append(local.get());
    return NS_OK;
  }
  unsigned char nsCertType = decoded.data[0];
  nsMemory::Free(decoded.data);
  if (nsCertType & NS_CERT_TYPE_SSL_CLIENT) {
    nssComponent->GetPIPNSSBundleString("VerifySSLClient", local);
    text.Append(local.get());
    text.Append(NS_LITERAL_STRING(SEPARATOR).get());
  }
  if (nsCertType & NS_CERT_TYPE_SSL_SERVER) {
    nssComponent->GetPIPNSSBundleString("VerifySSLServer", local);
    text.Append(local.get());
    text.Append(NS_LITERAL_STRING(SEPARATOR).get());
  }
  if (nsCertType & NS_CERT_TYPE_EMAIL) {
    nssComponent->GetPIPNSSBundleString("CertDumpCertTypeEmail", local);
    text.Append(local.get());
    text.Append(NS_LITERAL_STRING(SEPARATOR).get());
  }
  if (nsCertType & NS_CERT_TYPE_OBJECT_SIGNING) {
    nssComponent->GetPIPNSSBundleString("VerifyObjSign", local);
    text.Append(local.get());
    text.Append(NS_LITERAL_STRING(SEPARATOR).get());
  }
  if (nsCertType & NS_CERT_TYPE_SSL_CA) {
    nssComponent->GetPIPNSSBundleString("VerifySSLCA", local);
    text.Append(local.get());
    text.Append(NS_LITERAL_STRING(SEPARATOR).get());
  }
  if (nsCertType & NS_CERT_TYPE_EMAIL_CA) {
    nssComponent->GetPIPNSSBundleString("CertDumpEmailCA", local);
    text.Append(local.get());
    text.Append(NS_LITERAL_STRING(SEPARATOR).get());
  }
  if (nsCertType & NS_CERT_TYPE_OBJECT_SIGNING_CA) {
    nssComponent->GetPIPNSSBundleString("VerifyObjSign", local);
    text.Append(local.get());
    text.Append(NS_LITERAL_STRING(SEPARATOR).get());
  }
  return NS_OK;
}

Here is the call graph for this function:

Here is the caller graph for this function:

static nsresult ProcessRawBytes ( nsINSSComponent *  nssComponent,
SECItem *  data,
nsAString &  text 
) [static]

Definition at line 614 of file nsNSSCertHelper.cpp.

{
  // This function is used to display some DER bytes
  // that we have not added support for decoding.
  // It prints the value of the byte out into a 
  // string that can later be displayed as a byte
  // string.  We place a new line after 24 bytes
  // to break up extermaly long sequence of bytes.

  nsAutoString bytelen, bitlen;
  bytelen.AppendInt(data->len);
  bitlen.AppendInt(data->len*8);

  const PRUnichar *params[2] = {bytelen.get(), bitlen.get()};
  nsresult rv = nssComponent->PIPBundleFormatStringFromName("CertDumpRawBytesHeader",
                                                            params, 2, text);
  if (NS_FAILED(rv))
    return rv;

  text.Append(NS_LITERAL_STRING(SEPARATOR).get());

  PRUint32 i;
  char buffer[5];
  for (i=0; i<data->len; i++) {
    PR_snprintf(buffer, 5, "%02x ", data->data[i]);
    AppendASCIItoUTF16(buffer, text);
    if ((i+1)%16 == 0) {
      text.Append(NS_LITERAL_STRING(SEPARATOR).get());
    }
  }
  return NS_OK;
}    

Here is the call graph for this function:

Here is the caller graph for this function:

static nsresult ProcessRDN ( CERTRDN *  rdn,
nsAString &  finalString,
nsINSSComponent *  nssComponent 
) [static]

Definition at line 847 of file nsNSSCertHelper.cpp.

{
  nsresult rv;
  CERTAVA** avas;
  CERTAVA* ava;
  SECItem *decodeItem = nsnull;
  nsString avavalue;
  nsString type;
  nsAutoString temp;
  const PRUnichar *params[2];

  avas = rdn->avas;
  while ((ava = *avas++) != 0) {
    rv = GetOIDText(&ava->type, nssComponent, type);
    if (NS_FAILED(rv))
      return rv;
    
    //This function returns a string in UTF8 format.
    decodeItem = CERT_DecodeAVAValue(&ava->value);
    if(!decodeItem) {
      return NS_ERROR_FAILURE;
    }
    avavalue = NS_ConvertUTF8toUTF16((char*)decodeItem->data, decodeItem->len);
    
    SECITEM_FreeItem(decodeItem, PR_TRUE);
    params[0] = type.get();
    params[1] = avavalue.get();
    nssComponent->PIPBundleFormatStringFromName("AVATemplate",
                                                  params, 2, temp);
    finalString += temp + NS_LITERAL_STRING("\n");
  }
  return NS_OK;
}

Here is the call graph for this function:

Here is the caller graph for this function:

static nsresult ProcessSECAlgorithmID ( SECAlgorithmID *  algID,
nsINSSComponent *  nssComponent,
nsIASN1Sequence **  retSequence 
) [static]

Definition at line 1669 of file nsNSSCertHelper.cpp.

{
  SECOidTag algOIDTag = SECOID_FindOIDTag(&algID->algorithm);
  SECItem paramsOID = { siBuffer, NULL, 0 };
  nsCOMPtr<nsIASN1Sequence> sequence = new nsNSSASN1Sequence();
  if (sequence == nsnull)
    return NS_ERROR_OUT_OF_MEMORY;

  *retSequence = nsnull;
  nsString text;
  GetOIDText(&algID->algorithm, nssComponent, text);
  if (!algID->parameters.len || algID->parameters.data[0] == nsIASN1Object::ASN1_NULL) {
    sequence->SetDisplayValue(text);
    sequence->SetIsValidContainer(PR_FALSE);
  } else {
    nsCOMPtr<nsIASN1PrintableItem> printableItem = new nsNSSASN1PrintableItem();
    if (printableItem == nsnull)
      return NS_ERROR_OUT_OF_MEMORY;

    printableItem->SetDisplayValue(text);
    nsCOMPtr<nsIMutableArray> asn1Objects;
    sequence->GetASN1Objects(getter_AddRefs(asn1Objects));
    asn1Objects->AppendElement(printableItem, PR_FALSE);
    nssComponent->GetPIPNSSBundleString("CertDumpAlgID", text);
    printableItem->SetDisplayName(text);

    printableItem = new nsNSSASN1PrintableItem();
    if (printableItem == nsnull)
      return NS_ERROR_OUT_OF_MEMORY;

    asn1Objects->AppendElement(printableItem, PR_FALSE);
    nssComponent->GetPIPNSSBundleString("CertDumpParams", text);
    printableItem->SetDisplayName(text);
    if ((algOIDTag == SEC_OID_ANSIX962_EC_PUBLIC_KEY) &&
        (algID->parameters.len > 2) && 
        (algID->parameters.data[0] == nsIASN1Object::ASN1_OBJECT_ID)) {
       paramsOID.len = algID->parameters.len - 2;
       paramsOID.data = algID->parameters.data + 2;
       GetOIDText(&paramsOID, nssComponent, text);
    } else {
       ProcessRawBytes(nssComponent, &algID->parameters,text);
    }
    printableItem->SetDisplayValue(text);
  }
  *retSequence = sequence;
  NS_ADDREF(*retSequence);
  return NS_OK;
}

Here is the call graph for this function:

Here is the caller graph for this function:

static nsresult ProcessSerialNumberDER ( SECItem *  serialItem,
nsINSSComponent *  nssComponent,
nsIASN1PrintableItem **  retItem 
) [static]

Definition at line 178 of file nsNSSCertHelper.cpp.

{
  nsresult rv;
  nsAutoString text;
  nsCOMPtr<nsIASN1PrintableItem> printableItem = new nsNSSASN1PrintableItem();

  if (printableItem == nsnull)
    return NS_ERROR_OUT_OF_MEMORY;

  rv = nssComponent->GetPIPNSSBundleString("CertDumpSerialNo", text); 
  if (NS_FAILED(rv))
    return rv;

  rv = printableItem->SetDisplayName(text);
  if (NS_FAILED(rv))
    return rv;

  nsXPIDLCString serialNumber;
  serialNumber.Adopt(CERT_Hexify(serialItem, 1));
  if (serialNumber == nsnull)
    return NS_ERROR_OUT_OF_MEMORY;

  rv = printableItem->SetDisplayValue(NS_ConvertASCIItoUCS2(serialNumber));
  *retItem = printableItem;
  NS_ADDREF(*retItem);
  return rv;
}

Here is the call graph for this function:

Here is the caller graph for this function:

static nsresult ProcessSingleExtension ( CERTCertExtension *  extension,
nsINSSComponent *  nssComponent,
nsIASN1PrintableItem **  retExtension 
) [static]

Definition at line 1634 of file nsNSSCertHelper.cpp.

{
  nsAutoString text;
  GetOIDText(&extension->id, nssComponent, text);
  nsCOMPtr<nsIASN1PrintableItem>extensionItem = new nsNSSASN1PrintableItem();
  if (extensionItem == nsnull)
    return NS_ERROR_OUT_OF_MEMORY;

  extensionItem->SetDisplayName(text);
  SECOidTag oidTag = SECOID_FindOIDTag(&extension->id);
  text.Truncate();
  if (extension->critical.data != nsnull) {
    if (extension->critical.data[0]) {
      nssComponent->GetPIPNSSBundleString("CertDumpCritical", text);
    } else {
      nssComponent->GetPIPNSSBundleString("CertDumpNonCritical", text);
    }
  } else {
    nssComponent->GetPIPNSSBundleString("CertDumpNonCritical", text);
  }
  text.Append(NS_LITERAL_STRING(SEPARATOR).get());
  nsresult rv = ProcessExtensionData(oidTag, &extension->value, text, 
                                     nssComponent);
  if (NS_FAILED(rv))
    return rv;

  extensionItem->SetDisplayValue(text);
  *retExtension = extensionItem;
  NS_ADDREF(*retExtension);
  return NS_OK;
}

Here is the call graph for this function:

Here is the caller graph for this function:

static nsresult ProcessSubjectKeyId ( SECItem *  extData,
nsAString &  text,
nsINSSComponent *  nssComponent 
) [static]

Definition at line 1147 of file nsNSSCertHelper.cpp.

{
  PRArenaPool *arena;
  nsresult rv = NS_OK;
  SECItem decoded;
  nsAutoString local;

  arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
  if (!arena)
    return NS_ERROR_FAILURE;

  if (SEC_QuickDERDecodeItem(arena, &decoded, 
                          SEC_ASN1_GET(SEC_OctetStringTemplate), 
                          extData) != SECSuccess) {
    rv = NS_ERROR_FAILURE;
    goto finish;
  }
  
  nssComponent->GetPIPNSSBundleString("CertDumpKeyID", local);
  text.Append(local);
  text.Append(NS_LITERAL_STRING(": "));
  ProcessRawBytes(nssComponent, &decoded, text);

 finish:
  PORT_FreeArena(arena, PR_FALSE);
  return rv;
}

Here is the call graph for this function:

Here is the caller graph for this function:

static nsresult ProcessSubjectPublicKeyInfo ( CERTSubjectPublicKeyInfo *  spki,
nsIASN1Sequence parentSequence,
nsINSSComponent *  nssComponent 
) [static]

Definition at line 1764 of file nsNSSCertHelper.cpp.

{
  nsCOMPtr<nsIASN1Sequence> spkiSequence = new nsNSSASN1Sequence();

  if (spkiSequence == nsnull)
    return NS_ERROR_OUT_OF_MEMORY;

  nsString text;
  nssComponent->GetPIPNSSBundleString("CertDumpSPKI", text);
  spkiSequence->SetDisplayName(text);

  nssComponent->GetPIPNSSBundleString("CertDumpSPKIAlg", text);
  nsCOMPtr<nsIASN1Sequence> sequenceItem;
  nsresult rv = ProcessSECAlgorithmID(&spki->algorithm, nssComponent,
                                      getter_AddRefs(sequenceItem));
  if (NS_FAILED(rv))
    return rv;
  sequenceItem->SetDisplayName(text);
  nsCOMPtr<nsIMutableArray> asn1Objects;
  spkiSequence->GetASN1Objects(getter_AddRefs(asn1Objects));
  asn1Objects->AppendElement(sequenceItem, PR_FALSE);

  // The subjectPublicKey field is encoded as a bit string.
  // ProcessRawBytes expects the lenght to be in bytes, so 
  // let's convert the lenght into a temporary SECItem.
  SECItem data;
  data.data = spki->subjectPublicKey.data;
  data.len  = spki->subjectPublicKey.len / 8;
  text.Truncate();
  ProcessRawBytes(nssComponent, &data, text);
  nsCOMPtr<nsIASN1PrintableItem> printableItem = new nsNSSASN1PrintableItem();
  if (printableItem == nsnull)
    return NS_ERROR_OUT_OF_MEMORY;

  printableItem->SetDisplayValue(text);
  nssComponent->GetPIPNSSBundleString("CertDumpSubjPubKey", text);
  printableItem->SetDisplayName(text);
  asn1Objects->AppendElement(printableItem, PR_FALSE);
  
  parentSequence->GetASN1Objects(getter_AddRefs(asn1Objects));
  asn1Objects->AppendElement(spkiSequence, PR_FALSE);
  return NS_OK;
}

Here is the call graph for this function:

Here is the caller graph for this function:

static nsresult ProcessTime ( PRTime  dispTime,
const PRUnichar displayName,
nsIASN1Sequence parentSequence 
) [static]

Definition at line 1721 of file nsNSSCertHelper.cpp.

{
  nsresult rv;
  nsCOMPtr<nsIDateTimeFormat> dateFormatter =
     do_CreateInstance(kDateTimeFormatCID, &rv);
  if (NS_FAILED(rv)) 
    return rv;

  nsString text;
  nsString tempString;

  PRExplodedTime explodedTime;
  PR_ExplodeTime(dispTime, PR_LocalTimeParameters, &explodedTime);

  dateFormatter->FormatPRExplodedTime(nsnull, kDateFormatShort, kTimeFormatSecondsForce24Hour,
                              &explodedTime, tempString);

  text.Append(tempString);
  text.AppendLiteral("\n(");

  PRExplodedTime explodedTimeGMT;
  PR_ExplodeTime(dispTime, PR_GMTParameters, &explodedTimeGMT);

  dateFormatter->FormatPRExplodedTime(nsnull, kDateFormatShort, kTimeFormatSecondsForce24Hour,
                              &explodedTimeGMT, tempString);

  text.Append(tempString);
  text.Append(NS_LITERAL_STRING(" GMT)"));

  nsCOMPtr<nsIASN1PrintableItem> printableItem = new nsNSSASN1PrintableItem();
  if (printableItem == nsnull)
    return NS_ERROR_OUT_OF_MEMORY;

  printableItem->SetDisplayValue(text);
  printableItem->SetDisplayName(nsDependentString(displayName));
  nsCOMPtr<nsIMutableArray> asn1Objects;
  parentSequence->GetASN1Objects(getter_AddRefs(asn1Objects));
  asn1Objects->AppendElement(printableItem, PR_FALSE);
  return NS_OK;
}

Here is the call graph for this function:

Here is the caller graph for this function:

static nsresult ProcessUserNotice ( SECItem *  der_notice,
nsAString &  text,
nsINSSComponent *  nssComponent 
) [static]

Definition at line 1245 of file nsNSSCertHelper.cpp.

{
  nsresult rv = NS_OK;
  CERTUserNotice *notice = NULL;
  SECItem **itemList;
  DisplayText display;
  PRArenaPool *arena;
  char *buf;

  arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
  if (!arena)
    return NS_ERROR_FAILURE;

  notice = CERT_DecodeUserNotice(der_notice);
  /* XXX: currently, polcyxtn.c assumes that organization
     is an IA5String, whereas it really ought to be a
     choice of VisibleString, BMPString, and UTF8String.
     So if decoding of the user notice fails, it is most likely
     that the organization was encoded in an unexpected way.
     Make this function return "something" in this case,
     instead letting the decode for the entire certificate
     fail.
  */
  if (notice == NULL) {
    text.Append(NS_LITERAL_STRING("<implementation limitation>"));
    goto finish;
  }

  if (notice->noticeReference.organization.len != 0) {
    rv = ProcessIA5String(&notice->noticeReference.organization,
                       text, nssComponent);
    if (NS_FAILED(rv))
      goto finish;

    itemList = notice->noticeReference.noticeNumbers;
    while (*itemList) {
      unsigned long number;
      char buffer[60];
      if (SEC_ASN1DecodeInteger(*itemList, &number) != SECSuccess) {
       rv = NS_ERROR_FAILURE;
       goto finish;
      }
      PR_snprintf(buffer, sizeof(buffer), "%d ", number);
      AppendASCIItoUTF16(buffer, text);
      itemList++;
    }
  }
  if (notice->displayText.len != 0) {
    if (SEC_QuickDERDecodeItem(arena, &display,
                            DisplayTextTemplate,
                            &notice->displayText) != SECSuccess) {
      rv = NS_ERROR_FAILURE;
      goto finish;
    }
    switch (display.variant) {
    case VisibleForm:
      /* Need to null-terminate string before appending it. */
      buf = (char*)PORT_ArenaAlloc(arena, display.value.len+1);
      PORT_Memcpy(buf, display.value.data, display.value.len);
      buf[display.value.len] = '\0';
      text.AppendASCII(buf);
      break;
    case BMPForm:
      AppendBMPtoUTF16(arena, display.value.data, display.value.len,
                     text);
      break;
    case UTF8Form:
      buf = (char*)PORT_ArenaAlloc(arena, display.value.len+1);
      PORT_Memcpy(buf, display.value.data, display.value.len);
      buf[display.value.len] = '\0';
      AppendUTF8toUTF16(buf, text);
      break;
    }
  }
 finish:
  if (notice)
    CERT_DestroyUserNotice(notice);
  PORT_FreeArena(arena, PR_FALSE);
  return rv;
}

Here is the call graph for this function:

Here is the caller graph for this function:

static nsresult ProcessVersion ( SECItem *  versionItem,
nsINSSComponent *  nssComponent,
nsIASN1PrintableItem **  retItem 
) [static]

Definition at line 122 of file nsNSSCertHelper.cpp.

{
  nsresult rv;
  nsAutoString text;
  nsCOMPtr<nsIASN1PrintableItem> printableItem = new nsNSSASN1PrintableItem();
  if (printableItem == nsnull)
    return NS_ERROR_OUT_OF_MEMORY;
 
  nssComponent->GetPIPNSSBundleString("CertDumpVersion", text);
  rv = printableItem->SetDisplayName(text);
  if (NS_FAILED(rv))
    return rv;

  // Now to figure out what version this certificate is.
  unsigned long version;

  if (versionItem->data) {
    rv = GetIntValue(versionItem, &version);
    if (NS_FAILED(rv))
      return rv;
  } else {
    // If there is no version present in the cert, then rfc2459
    // says we default to v1 (0)
    version = 0;
  }

  switch (version){
  case 0:
    rv = nssComponent->GetPIPNSSBundleString("CertDumpVersion1", text);
    break;
  case 1:
    rv = nssComponent->GetPIPNSSBundleString("CertDumpVersion2", text);
    break;
  case 2:
    rv = nssComponent->GetPIPNSSBundleString("CertDumpVersion3", text);
    break;
  default:
    NS_ASSERTION(0,"Bad value for cert version");
    rv = NS_ERROR_FAILURE;
  }
    
  if (NS_FAILED(rv))
    return rv;

  rv = printableItem->SetDisplayValue(text);
  if (NS_FAILED(rv))
    return rv;

  *retItem = printableItem;
  NS_ADDREF(*retItem);
  return NS_OK;
}

Here is the call graph for this function:

Here is the caller graph for this function:

static SECStatus RegisterDynamicOids ( ) [static]

Definition at line 1841 of file nsNSSCertHelper.cpp.

{
  unsigned int i;
  SECStatus rv = SECSuccess;

  if (registered)
    return rv;

  for (i = 0; i < numOids; i++) {
    SECOidTag tag = SECOID_AddEntry(&more_oids[i]);
    if (tag == SEC_OID_UNKNOWN) {
      rv = SECFailure;
      continue;
    }
    more_oids[i].offset = tag;
  }
  registered = true;
  return rv;
}

Here is the call graph for this function:

Here is the caller graph for this function:


Variable Documentation

SECOidData more_oids[] [static]
Initial value:
 {
    
#define MS_CERT_EXT_CERTTYPE
    OD( msCertExtCerttype,
        "Microsoft Certificate Template Name", 
        CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),

#define MS_NT_PRINCIPAL_NAME
    OD( msNTPrincipalName,
        "Microsoft Principal Name", 
        CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),

#define MS_CERTSERV_CA_VERSION
    OD( msCertsrvCAVersion,
        "Microsoft CA Version", 
        CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),

#define MS_NTDS_REPLICATION
    OD( msNTDSReplication,
        "Microsoft Domain GUID", 
        CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),

#define PKIX_LOGOTYPE
    OD( pkixLogotype,
        "Logotype", 
        CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
}

Definition at line 77 of file nsNSSCertHelper.cpp.

Definition at line 67 of file nsNSSCertHelper.cpp.

Definition at line 69 of file nsNSSCertHelper.cpp.

Definition at line 70 of file nsNSSCertHelper.cpp.

Definition at line 68 of file nsNSSCertHelper.cpp.

const unsigned int numOids = (sizeof more_oids) / (sizeof more_oids[0]) [static]

Definition at line 105 of file nsNSSCertHelper.cpp.

Definition at line 71 of file nsNSSCertHelper.cpp.

bool registered [static]

Definition at line 1840 of file nsNSSCertHelper.cpp.