diff options
| author | Chris Toshok <toshok@ximian.com> | 2003-11-12 10:07:25 +0800 |
|---|---|---|
| committer | Chris Toshok <toshok@src.gnome.org> | 2003-11-12 10:07:25 +0800 |
| commit | 4e1bce59fa373fd302b994d495427109c9fff121 (patch) | |
| tree | 0769e76165203f6ee8395589441a5053074e3ea5 /smime/lib/e-cert.c | |
| parent | 747e7843d135ca6640db787819b2664fe97afdad (diff) | |
| download | gsoc2013-evolution-4e1bce59fa373fd302b994d495427109c9fff121.tar gsoc2013-evolution-4e1bce59fa373fd302b994d495427109c9fff121.tar.gz gsoc2013-evolution-4e1bce59fa373fd302b994d495427109c9fff121.tar.bz2 gsoc2013-evolution-4e1bce59fa373fd302b994d495427109c9fff121.tar.lz gsoc2013-evolution-4e1bce59fa373fd302b994d495427109c9fff121.tar.xz gsoc2013-evolution-4e1bce59fa373fd302b994d495427109c9fff121.tar.zst gsoc2013-evolution-4e1bce59fa373fd302b994d495427109c9fff121.zip | |
don't init NSS here. it's done in e_cert_db_peek.
2003-11-11 Chris Toshok <toshok@ximian.com>
* tests/import-cert.c (main): don't init NSS here. it's done in
e_cert_db_peek.
* lib/Makefile.am (libessmime_la_SOURCES): add e-cert-db.[ch]
* gui/smime-ui.glade: set the initial sensitivity of the buttons
here, and add the beginnings of the CA import dialog (where you
assign trust levels to it.)
* gui/certificate-manager.c (handle_selection_changed):
sensitize/desensitize all the various buttons correctly when the
GtkTreeView's selection changes.
(yourcerts_selection_changed): new, selection change handler for
the Your Certs tab.
(initialize_yourcerts_ui): hook up the tree selection, and add a
model column for the ECert.
(contactcerts_selection_changed): new, selection change handler
for the Contact Certs tab.
(initialize_contactcerts_ui): hook up the tree selection, and add
a model column for the ECert.
(import_ca): new function.
(delete_ca): new function.
(authoritycerts_selection_changed): new, selection change handler
for the Authority Certs tab.
(create_authoritycerts_treemodel): new function for creating the
authority cert tree model. the other tabs will eventually use a
separate function for this too, as unload_certs gets fleshed out.
(initialize_authoritycerts_ui): hook up the tree selection, and
add import/delete buttons.
(destroy_key): dtor for the keys in our hashes.
(destroy_value): dtor for the values in our hashes.
(unload_certs): new function. basically destroy/recreate the
model and hash for the particular cert type/tab.
(load_certs): use e_cert_get_cert_type.
(populate_ui): use unload_certs as well as load_certs.
(certificate_manager_config_control_new): call e_cert_db_peek
,which will initialize all of NSS. hook up all the widgets from
libglade.
* lib/e-cert.h: add prototypes for all the new methods, and add
the ECertType enum.
* lib/e-cert.c (e_cert_dispose): handle deletion from the DB here.
(e_cert_new_from_der): new function.
(e_cert_get_internal_cert): new function.
(e_cert_get_raw_der): new function.
(e_cert_get_issuer_name): new
(e_cert_get_subject_name): new
(e_cert_mark_for_deletion): new
(e_cert_get_cert_type): new.
(e_cert_is_ca_cert): nuke.
* lib/e-cert-db.[ch]: new, partly implemented, derived from
mozilla's nsNSSCertificateDB code.
svn path=/trunk/; revision=23292
Diffstat (limited to 'smime/lib/e-cert.c')
| -rw-r--r-- | smime/lib/e-cert.c | 138 |
1 files changed, 134 insertions, 4 deletions
diff --git a/smime/lib/e-cert.c b/smime/lib/e-cert.c index 5636730401..7db638b884 100644 --- a/smime/lib/e-cert.c +++ b/smime/lib/e-cert.c @@ -20,12 +20,54 @@ * Author: Chris Toshok (toshok@ximian.com) */ +/* The following is the mozilla license blurb, as the bodies some of + these functions were derived from the mozilla source. */ + +/* + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the Netscape security libraries. + * + * The Initial Developer of the Original Code is Netscape + * Communications Corporation. Portions created by Netscape are + * Copyright (C) 2000 Netscape Communications Corporation. All + * Rights Reserved. + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the + * GPL. + * + */ + #include "e-cert.h" +#include "pk11func.h" +#include "certdb.h" struct _ECertPrivate { CERTCertificate *cert; + + /* pointers we cache since the nss implementation allocs the + string */ char *org_name; char *cn; + + gboolean delete; }; #define PARENT_TYPE G_TYPE_OBJECT @@ -42,11 +84,23 @@ e_cert_dispose (GObject *object) if (ec->priv->org_name) PORT_Free (ec->priv->org_name); if (ec->priv->cn) - PORT_Free (ec->priv->org_name); + PORT_Free (ec->priv->cn); + + if (ec->priv->delete) { + printf ("attempting to delete cert marked for deletion\n"); + if (e_cert_get_cert_type (ec) == E_CERT_USER) { + PK11_DeleteTokenCertAndKey(ec->priv->cert, NULL); + } else if (!PK11_IsReadOnly(ec->priv->cert->slot)) { + /* If the list of built-ins does contain a non-removable + copy of this certificate, our call will not remove + the certificate permanently, but rather remove all trust. */ + SEC_DeletePermCertificate(ec->priv->cert); + } + } g_free (ec->priv); ec->priv = NULL; - + if (G_OBJECT_CLASS (parent_class)->dispose) G_OBJECT_CLASS (parent_class)->dispose (object); } @@ -115,9 +169,47 @@ e_cert_new (CERTCertificate *cert) return ecert; } +ECert* +e_cert_new_from_der (char *data, guint32 len) +{ + CERTCertificate *cert = CERT_DecodeCertFromPackage (data, len); + + if (!cert) + return NULL; + + if (cert->dbhandle == NULL) + cert->dbhandle = CERT_GetDefaultCertDB(); + + return e_cert_new (cert); +} + +CERTCertificate* +e_cert_get_internal_cert (ECert *cert) +{ + /* XXX should this refcnt it? */ + return cert->priv->cert; +} + +gboolean +e_cert_get_raw_der (ECert *cert, char **data, guint32 *len) +{ + /* XXX do we really need to check if cert->priv->cert is NULL + here? it should always be non-null if we have the + ECert.. */ + if (cert->priv->cert) { + *data = (char*)cert->priv->cert->derCert.data; + *len = (guint32)cert->priv->cert->derCert.len; + return TRUE; + } + + *len = 0; + return FALSE; + +} + const char* e_cert_get_nickname (ECert *cert) { @@ -141,8 +233,46 @@ e_cert_get_cn (ECert *cert) return cert->priv->cn; } +const char* +e_cert_get_issuer_name (ECert *cert) +{ + return cert->priv->cert->issuerName; +} + +const char* +e_cert_get_subject_name (ECert *cert) +{ + return cert->priv->cert->subjectName; +} + gboolean -e_cert_is_ca_cert (ECert *cert) +e_cert_mark_for_deletion (ECert *cert) +{ + // nsNSSShutDownPreventionLock locker; + +#if 0 + // make sure user is logged in to the token + nsCOMPtr<nsIInterfaceRequestor> ctx = new PipUIContext(); +#endif + + if (PK11_NeedLogin(cert->priv->cert->slot) + && !PK11_NeedUserInit(cert->priv->cert->slot) + && !PK11_IsInternal(cert->priv->cert->slot)) { + if (SECSuccess != PK11_Authenticate(cert->priv->cert->slot, PR_TRUE, NULL)) { + return FALSE; + } + } + + cert->priv->delete = TRUE; + + return TRUE; +} + +ECertType +e_cert_get_cert_type (ECert *cert) { - return CERT_IsCACert (cert->priv->cert, NULL); + if (CERT_IsCACert (cert->priv->cert, NULL)) + return E_CERT_CA; + else /* XXX more here */ + return E_CERT_USER; } |