aboutsummaryrefslogtreecommitdiffstats
path: root/smime/lib/e-cert.c
diff options
context:
space:
mode:
authorChris Toshok <toshok@ximian.com>2003-11-12 10:07:25 +0800
committerChris Toshok <toshok@src.gnome.org>2003-11-12 10:07:25 +0800
commit4e1bce59fa373fd302b994d495427109c9fff121 (patch)
tree0769e76165203f6ee8395589441a5053074e3ea5 /smime/lib/e-cert.c
parent747e7843d135ca6640db787819b2664fe97afdad (diff)
downloadgsoc2013-evolution-4e1bce59fa373fd302b994d495427109c9fff121.tar.gz
gsoc2013-evolution-4e1bce59fa373fd302b994d495427109c9fff121.tar.zst
gsoc2013-evolution-4e1bce59fa373fd302b994d495427109c9fff121.zip
don't init NSS here. it's done in e_cert_db_peek.
2003-11-11 Chris Toshok <toshok@ximian.com> * tests/import-cert.c (main): don't init NSS here. it's done in e_cert_db_peek. * lib/Makefile.am (libessmime_la_SOURCES): add e-cert-db.[ch] * gui/smime-ui.glade: set the initial sensitivity of the buttons here, and add the beginnings of the CA import dialog (where you assign trust levels to it.) * gui/certificate-manager.c (handle_selection_changed): sensitize/desensitize all the various buttons correctly when the GtkTreeView's selection changes. (yourcerts_selection_changed): new, selection change handler for the Your Certs tab. (initialize_yourcerts_ui): hook up the tree selection, and add a model column for the ECert. (contactcerts_selection_changed): new, selection change handler for the Contact Certs tab. (initialize_contactcerts_ui): hook up the tree selection, and add a model column for the ECert. (import_ca): new function. (delete_ca): new function. (authoritycerts_selection_changed): new, selection change handler for the Authority Certs tab. (create_authoritycerts_treemodel): new function for creating the authority cert tree model. the other tabs will eventually use a separate function for this too, as unload_certs gets fleshed out. (initialize_authoritycerts_ui): hook up the tree selection, and add import/delete buttons. (destroy_key): dtor for the keys in our hashes. (destroy_value): dtor for the values in our hashes. (unload_certs): new function. basically destroy/recreate the model and hash for the particular cert type/tab. (load_certs): use e_cert_get_cert_type. (populate_ui): use unload_certs as well as load_certs. (certificate_manager_config_control_new): call e_cert_db_peek ,which will initialize all of NSS. hook up all the widgets from libglade. * lib/e-cert.h: add prototypes for all the new methods, and add the ECertType enum. * lib/e-cert.c (e_cert_dispose): handle deletion from the DB here. (e_cert_new_from_der): new function. (e_cert_get_internal_cert): new function. (e_cert_get_raw_der): new function. (e_cert_get_issuer_name): new (e_cert_get_subject_name): new (e_cert_mark_for_deletion): new (e_cert_get_cert_type): new. (e_cert_is_ca_cert): nuke. * lib/e-cert-db.[ch]: new, partly implemented, derived from mozilla's nsNSSCertificateDB code. svn path=/trunk/; revision=23292
Diffstat (limited to 'smime/lib/e-cert.c')
-rw-r--r--smime/lib/e-cert.c138
1 files changed, 134 insertions, 4 deletions
diff --git a/smime/lib/e-cert.c b/smime/lib/e-cert.c
index 5636730401..7db638b884 100644
--- a/smime/lib/e-cert.c
+++ b/smime/lib/e-cert.c
@@ -20,12 +20,54 @@
* Author: Chris Toshok (toshok@ximian.com)
*/
+/* The following is the mozilla license blurb, as the bodies some of
+ these functions were derived from the mozilla source. */
+
+/*
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is the Netscape security libraries.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation. Portions created by Netscape are
+ * Copyright (C) 2000 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Alternatively, the contents of this file may be used under the
+ * terms of the GNU General Public License Version 2 or later (the
+ * "GPL"), in which case the provisions of the GPL are applicable
+ * instead of those above. If you wish to allow use of your
+ * version of this file only under the terms of the GPL and not to
+ * allow others to use your version of this file under the MPL,
+ * indicate your decision by deleting the provisions above and
+ * replace them with the notice and other provisions required by
+ * the GPL. If you do not delete the provisions above, a recipient
+ * may use your version of this file under either the MPL or the
+ * GPL.
+ *
+ */
+
#include "e-cert.h"
+#include "pk11func.h"
+#include "certdb.h"
struct _ECertPrivate {
CERTCertificate *cert;
+
+ /* pointers we cache since the nss implementation allocs the
+ string */
char *org_name;
char *cn;
+
+ gboolean delete;
};
#define PARENT_TYPE G_TYPE_OBJECT
@@ -42,11 +84,23 @@ e_cert_dispose (GObject *object)
if (ec->priv->org_name)
PORT_Free (ec->priv->org_name);
if (ec->priv->cn)
- PORT_Free (ec->priv->org_name);
+ PORT_Free (ec->priv->cn);
+
+ if (ec->priv->delete) {
+ printf ("attempting to delete cert marked for deletion\n");
+ if (e_cert_get_cert_type (ec) == E_CERT_USER) {
+ PK11_DeleteTokenCertAndKey(ec->priv->cert, NULL);
+ } else if (!PK11_IsReadOnly(ec->priv->cert->slot)) {
+ /* If the list of built-ins does contain a non-removable
+ copy of this certificate, our call will not remove
+ the certificate permanently, but rather remove all trust. */
+ SEC_DeletePermCertificate(ec->priv->cert);
+ }
+ }
g_free (ec->priv);
ec->priv = NULL;
-
+
if (G_OBJECT_CLASS (parent_class)->dispose)
G_OBJECT_CLASS (parent_class)->dispose (object);
}
@@ -115,9 +169,47 @@ e_cert_new (CERTCertificate *cert)
return ecert;
}
+ECert*
+e_cert_new_from_der (char *data, guint32 len)
+{
+ CERTCertificate *cert = CERT_DecodeCertFromPackage (data, len);
+
+ if (!cert)
+ return NULL;
+
+ if (cert->dbhandle == NULL)
+ cert->dbhandle = CERT_GetDefaultCertDB();
+
+ return e_cert_new (cert);
+}
+
+CERTCertificate*
+e_cert_get_internal_cert (ECert *cert)
+{
+ /* XXX should this refcnt it? */
+ return cert->priv->cert;
+}
+
+gboolean
+e_cert_get_raw_der (ECert *cert, char **data, guint32 *len)
+{
+ /* XXX do we really need to check if cert->priv->cert is NULL
+ here? it should always be non-null if we have the
+ ECert.. */
+ if (cert->priv->cert) {
+ *data = (char*)cert->priv->cert->derCert.data;
+ *len = (guint32)cert->priv->cert->derCert.len;
+ return TRUE;
+ }
+
+ *len = 0;
+ return FALSE;
+
+}
+
const char*
e_cert_get_nickname (ECert *cert)
{
@@ -141,8 +233,46 @@ e_cert_get_cn (ECert *cert)
return cert->priv->cn;
}
+const char*
+e_cert_get_issuer_name (ECert *cert)
+{
+ return cert->priv->cert->issuerName;
+}
+
+const char*
+e_cert_get_subject_name (ECert *cert)
+{
+ return cert->priv->cert->subjectName;
+}
+
gboolean
-e_cert_is_ca_cert (ECert *cert)
+e_cert_mark_for_deletion (ECert *cert)
+{
+ // nsNSSShutDownPreventionLock locker;
+
+#if 0
+ // make sure user is logged in to the token
+ nsCOMPtr<nsIInterfaceRequestor> ctx = new PipUIContext();
+#endif
+
+ if (PK11_NeedLogin(cert->priv->cert->slot)
+ && !PK11_NeedUserInit(cert->priv->cert->slot)
+ && !PK11_IsInternal(cert->priv->cert->slot)) {
+ if (SECSuccess != PK11_Authenticate(cert->priv->cert->slot, PR_TRUE, NULL)) {
+ return FALSE;
+ }
+ }
+
+ cert->priv->delete = TRUE;
+
+ return TRUE;
+}
+
+ECertType
+e_cert_get_cert_type (ECert *cert)
{
- return CERT_IsCACert (cert->priv->cert, NULL);
+ if (CERT_IsCACert (cert->priv->cert, NULL))
+ return E_CERT_CA;
+ else /* XXX more here */
+ return E_CERT_USER;
}