Back to index

lightning-sunbird  0.9+nobinonly
nsNSSComponent.h
Go to the documentation of this file.
00001 /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
00002  *
00003  * ***** BEGIN LICENSE BLOCK *****
00004  * Version: MPL 1.1/GPL 2.0/LGPL 2.1
00005  *
00006  * The contents of this file are subject to the Mozilla Public License Version
00007  * 1.1 (the "License"); you may not use this file except in compliance with
00008  * the License. You may obtain a copy of the License at
00009  * http://www.mozilla.org/MPL/
00010  *
00011  * Software distributed under the License is distributed on an "AS IS" basis,
00012  * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
00013  * for the specific language governing rights and limitations under the
00014  * License.
00015  *
00016  * The Original Code is mozilla.org code.
00017  *
00018  * The Initial Developer of the Original Code is
00019  * Netscape Communications Corporation.
00020  * Portions created by the Initial Developer are Copyright (C) 1998
00021  * the Initial Developer. All Rights Reserved.
00022  *
00023  * Contributor(s):
00024  *   Hubbie Shaw
00025  *   Doug Turner <dougt@netscape.com>
00026  *   Brian Ryner <bryner@brianryner.com>
00027  *   Kai Engert <kaie@netscape.com>
00028  *   Kai Engert <kengert@redhat.com>
00029  *
00030  * Alternatively, the contents of this file may be used under the terms of
00031  * either the GNU General Public License Version 2 or later (the "GPL"), or
00032  * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
00033  * in which case the provisions of the GPL or the LGPL are applicable instead
00034  * of those above. If you wish to allow use of your version of this file only
00035  * under the terms of either the GPL or the LGPL, and not to allow others to
00036  * use your version of this file under the terms of the MPL, indicate your
00037  * decision by deleting the provisions above and replace them with the notice
00038  * and other provisions required by the GPL or the LGPL. If you do not delete
00039  * the provisions above, a recipient may use your version of this file under
00040  * the terms of any one of the MPL, the GPL or the LGPL.
00041  *
00042  * ***** END LICENSE BLOCK ***** */
00043 
00044 #ifndef _nsNSSComponent_h_
00045 #define _nsNSSComponent_h_
00046 
00047 #include "nsCOMPtr.h"
00048 #include "nsISignatureVerifier.h"
00049 #include "nsIURIContentListener.h"
00050 #include "nsIStreamListener.h"
00051 #include "nsIEntropyCollector.h"
00052 #include "nsString.h"
00053 #include "nsIStringBundle.h"
00054 #include "nsIDOMEventTarget.h"
00055 #include "nsIPrefBranch.h"
00056 #include "nsIObserver.h"
00057 #include "nsIObserverService.h"
00058 #include "nsWeakReference.h"
00059 #include "nsIScriptSecurityManager.h"
00060 #include "nsSmartCardMonitor.h"
00061 #include "nsITimer.h"
00062 #include "nsNetUtil.h"
00063 #include "nsHashtable.h"
00064 #include "prlock.h"
00065 #include "nsICryptoHash.h"
00066 #include "hasht.h"
00067 #include "nsNSSCallbacks.h"
00068 
00069 #include "nsNSSHelper.h"
00070 #include "nsClientAuthRemember.h"
00071 
00072 #define NS_NSSCOMPONENT_CID \
00073 {0xa277189c, 0x1dd1, 0x11b2, {0xa8, 0xc9, 0xe4, 0xe8, 0xbf, 0xb1, 0x33, 0x8e}}
00074 
00075 #define PSM_COMPONENT_CONTRACTID "@mozilla.org/psm;1"
00076 #define PSM_COMPONENT_CLASSNAME "Mozilla PSM Component"
00077 
00078 //Define an interface that we can use to look up from the
00079 //callbacks passed to NSS.
00080 
00081 #define NS_INSSCOMPONENT_IID_STR "d4b49dd6-1dd1-11b2-b6fe-b14cfaf69cbd"
00082 #define NS_INSSCOMPONENT_IID \
00083   {0xd4b49dd6, 0x1dd1, 0x11b2, \
00084     { 0xb6, 0xfe, 0xb1, 0x4c, 0xfa, 0xf6, 0x9c, 0xbd }}
00085 
00086 #define NS_PSMCONTENTLISTEN_CID {0xc94f4a30, 0x64d7, 0x11d4, {0x99, 0x60, 0x00, 0xb0, 0xd0, 0x23, 0x54, 0xa0}}
00087 #define NS_PSMCONTENTLISTEN_CONTRACTID "@mozilla.org/security/psmdownload;1"
00088 
00089 #define NS_CRYPTO_HASH_CLASSNAME "Mozilla Cryto Hash Function Component"
00090 #define NS_CRYPTO_HASH_CONTRACTID "@mozilla.org/security/hash;1"
00091 #define NS_CRYPTO_HASH_CID {0x36a1d3b3, 0xd886, 0x4317, {0x96, 0xff, 0x87, 0xb0, 0x00, 0x5c, 0xfe, 0xf7}}
00092 
00093 //--------------------------------------------
00094 // Now we need a content listener to register 
00095 //--------------------------------------------
00096 class PSMContentDownloader : public nsIStreamListener
00097 {
00098 public:
00099   PSMContentDownloader() {NS_ASSERTION(PR_FALSE, "don't use this constructor."); }
00100   PSMContentDownloader(PRUint32 type);
00101   virtual ~PSMContentDownloader();
00102   void setSilentDownload(PRBool flag);
00103   void setCrlAutodownloadKey(nsAutoString key);
00104 
00105   NS_DECL_ISUPPORTS
00106   NS_DECL_NSIREQUESTOBSERVER
00107   NS_DECL_NSISTREAMLISTENER
00108 
00109   enum {UNKNOWN_TYPE = 0};
00110   enum {X509_CA_CERT  = 1};
00111   enum {X509_USER_CERT  = 2};
00112   enum {X509_EMAIL_CERT  = 3};
00113   enum {X509_SERVER_CERT  = 4};
00114   enum {PKCS7_CRL = 5};
00115 
00116 protected:
00117   char* mByteData;
00118   PRInt32 mBufferOffset;
00119   PRInt32 mBufferSize;
00120   PRUint32 mType;
00121   PRBool mDoSilentDownload;
00122   nsAutoString mCrlAutoDownloadKey;
00123   nsCOMPtr<nsIURI> mURI;
00124   nsresult handleContentDownloadError(nsresult errCode);
00125 };
00126 
00127 class NS_NO_VTABLE nsINSSComponent : public nsISupports {
00128  public:
00129   NS_DEFINE_STATIC_IID_ACCESSOR(NS_INSSCOMPONENT_IID)
00130 
00131   NS_IMETHOD GetPIPNSSBundleString(const char *name,
00132                                    nsAString &outString) = 0;
00133   NS_IMETHOD PIPBundleFormatStringFromName(const char *name,
00134                                            const PRUnichar **params,
00135                                            PRUint32 numParams,
00136                                            nsAString &outString) = 0;
00137 
00138   // This method will just disable OCSP in NSS, it will not
00139   // alter the respective pref values.
00140   NS_IMETHOD SkipOcsp() = 0;
00141 
00142   // This method will set the OCSP value according to the 
00143   // values in the preferences.
00144   NS_IMETHOD SkipOcspOff() = 0;
00145 
00146   NS_IMETHOD RememberCert(CERTCertificate *cert) = 0;
00147 
00148   NS_IMETHOD RemoveCrlFromList(nsAutoString) = 0;
00149 
00150   NS_IMETHOD DefineNextTimer() = 0;
00151 
00152   NS_IMETHOD DownloadCRLDirectly(nsAutoString, nsAutoString) = 0;
00153   
00154   NS_IMETHOD LogoutAuthenticatedPK11() = 0;
00155 
00156   NS_IMETHOD LaunchSmartCardThread(SECMODModule *module) = 0;
00157 
00158   NS_IMETHOD ShutdownSmartCardThread(SECMODModule *module) = 0;
00159 
00160   NS_IMETHOD PostEvent(const nsAString &eventType, const nsAString &token) = 0;
00161 
00162   NS_IMETHOD DispatchEvent(const nsAString &eventType, const nsAString &token) = 0;
00163   
00164   NS_IMETHOD GetClientAuthRememberService(nsClientAuthRememberService **cars) = 0;
00165 };
00166 
00167 class nsCryptoHash : public nsICryptoHash
00168 {
00169 public:
00170   NS_DECL_ISUPPORTS
00171   NS_DECL_NSICRYPTOHASH
00172 
00173   nsCryptoHash();
00174 
00175 private:
00176   ~nsCryptoHash();
00177   HASHContext* mHashContext;
00178 };
00179 
00180 struct PRLock;
00181 class nsNSSShutDownList;
00182 class nsSSLThread;
00183 class nsCertVerificationThread;
00184 
00185 // Implementation of the PSM component interface.
00186 class nsNSSComponent : public nsISignatureVerifier,
00187                        public nsIEntropyCollector,
00188                        public nsINSSComponent,
00189                        public nsIObserver,
00190                        public nsSupportsWeakReference,
00191                        public nsITimerCallback
00192 {
00193 public:
00194   NS_DEFINE_STATIC_CID_ACCESSOR( NS_NSSCOMPONENT_CID );
00195 
00196   nsNSSComponent();
00197   virtual ~nsNSSComponent();
00198 
00199   NS_DECL_ISUPPORTS
00200   NS_DECL_NSISIGNATUREVERIFIER
00201   NS_DECL_NSIENTROPYCOLLECTOR
00202   NS_DECL_NSIOBSERVER
00203   NS_DECL_NSITIMERCALLBACK
00204 
00205   NS_METHOD Init();
00206 
00207   NS_IMETHOD GetPIPNSSBundleString(const char *name,
00208                                    nsAString &outString);
00209   NS_IMETHOD PIPBundleFormatStringFromName(const char *name,
00210                                            const PRUnichar **params,
00211                                            PRUint32 numParams,
00212                                            nsAString &outString);
00213   NS_IMETHOD SkipOcsp();
00214   NS_IMETHOD SkipOcspOff();
00215   nsresult InitializeCRLUpdateTimer();
00216   nsresult StopCRLUpdateTimer();
00217   NS_IMETHOD RemoveCrlFromList(nsAutoString);
00218   NS_IMETHOD DefineNextTimer();
00219   NS_IMETHOD LogoutAuthenticatedPK11();
00220   NS_IMETHOD DownloadCRLDirectly(nsAutoString, nsAutoString);
00221   NS_IMETHOD RememberCert(CERTCertificate *cert);
00222   static nsresult GetNSSCipherIDFromPrefString(const nsACString &aPrefString, PRUint16 &aCipherId);
00223 
00224   NS_IMETHOD LaunchSmartCardThread(SECMODModule *module);
00225   NS_IMETHOD ShutdownSmartCardThread(SECMODModule *module);
00226   NS_IMETHOD PostEvent(const nsAString &eventType, const nsAString &token);
00227   NS_IMETHOD DispatchEvent(const nsAString &eventType, const nsAString &token);
00228   NS_IMETHOD GetClientAuthRememberService(nsClientAuthRememberService **cars);
00229 
00230 private:
00231 
00232   nsresult InitializeNSS(PRBool showWarningBox);
00233   nsresult ShutdownNSS();
00234 
00235 #ifdef XP_MACOSX
00236   void TryCFM2MachOMigration(nsIFile *cfmPath, nsIFile *machoPath);
00237 #endif
00238   
00239   enum AlertIdentifier {
00240     ai_nss_init_problem, 
00241     ai_sockets_still_active, 
00242     ai_crypto_ui_active,
00243     ai_incomplete_logout
00244   };
00245   
00246   void ShowAlert(AlertIdentifier ai);
00247   void InstallLoadableRoots();
00248   void LaunchSmartCardThreads();
00249   void ShutdownSmartCardThreads();
00250   nsresult InitializePIPNSSBundle();
00251   nsresult ConfigureInternalPKCS11Token();
00252   nsresult RegisterPSMContentListener();
00253   nsresult RegisterObservers();
00254   nsresult DownloadCrlSilently();
00255   nsresult PostCRLImportEvent(nsCAutoString *urlString, PSMContentDownloader *psmDownloader);
00256   nsresult getParamsForNextCrlToDownload(nsAutoString *url, PRTime *time, nsAutoString *key);
00257   nsresult DispatchEventToWindow(nsIDOMWindow *domWin, const nsAString &eventType, const nsAString &token);
00258   PRLock *mutex;
00259   
00260   nsCOMPtr<nsIScriptSecurityManager> mScriptSecurityManager;
00261   nsCOMPtr<nsIStringBundle> mPIPNSSBundle;
00262   nsCOMPtr<nsIURIContentListener> mPSMContentListener;
00263   nsCOMPtr<nsIPrefBranch> mPrefBranch;
00264   nsCOMPtr<nsITimer> mTimer;
00265   PRBool mNSSInitialized;
00266   PRBool mObserversRegistered;
00267   PLHashTable *hashTableCerts;
00268   nsAutoString mDownloadURL;
00269   nsAutoString mCrlUpdateKey;
00270   PRLock *mCrlTimerLock;
00271   nsHashtable *crlsScheduledForDownload;
00272   PRBool crlDownloadTimerOn;
00273   PRBool mUpdateTimerInitialized;
00274   static int mInstanceCount;
00275   nsNSSShutDownList *mShutdownObjectList;
00276   SmartCardThreadList *mThreadList;
00277   PRBool mIsNetworkDown;
00278   nsSSLThread *mSSLThread;
00279   nsCertVerificationThread *mCertVerificationThread;
00280   nsNSSHttpInterface mHttpForNSS;
00281   nsRefPtr<nsClientAuthRememberService> mClientAuthRememberService;
00282 };
00283 
00284 class PSMContentListener : public nsIURIContentListener,
00285                             public nsSupportsWeakReference {
00286 public:
00287   PSMContentListener();
00288   virtual ~PSMContentListener();
00289   nsresult init();
00290 
00291   NS_DECL_ISUPPORTS
00292   NS_DECL_NSIURICONTENTLISTENER
00293 private:
00294   nsCOMPtr<nsISupports> mLoadCookie;
00295   nsCOMPtr<nsIURIContentListener> mParentContentListener;
00296 };
00297 
00298 #endif // _nsNSSComponent_h_
00299