NS_IMETHODIMP
nsNSSCertificate::GetValidEVPolicyOid(nsACString &outDottedOid)
{
nsNSSShutDownPreventionLock locker;
if (isAlreadyShutDown())
return NS_ERROR_NOT_AVAILABLE;
SECOidTag oid_tag;
PRBool valid;
nsresult rv = getValidEVOidTag(oid_tag, valid);
if (NS_FAILED(rv))
return rv;
if (valid) {
SECOidData *oid_data = SECOID_FindOIDByTag(oid_tag);
if (!oid_data)
return NS_ERROR_FAILURE;
char *oid_str = CERT_GetOidString(&oid_data->oid);
if (!oid_str)
return NS_ERROR_FAILURE;
outDottedOid = oid_str;
PR_smprintf_free(oid_str);
}
return NS_OK;
}
/* This function does NOT expect a DER type and length. */
SECOidTag
SECU_PrintObjectID(FILE *out, SECItem *oid, char *m, int level)
{
SECOidData *oiddata;
char *oidString = NULL;
oiddata = SECOID_FindOID(oid);
if (oiddata != NULL) {
const char *name = oiddata->desc;
SECU_Indent(out, level);
if (m != NULL)
fprintf(out, "%s: ", m);
fprintf(out, "%s\n", name);
return oiddata->offset;
}
oidString = CERT_GetOidString(oid);
if (oidString) {
SECU_Indent(out, level);
if (m != NULL)
fprintf(out, "%s: ", m);
fprintf(out, "%s\n", oidString);
PR_smprintf_free(oidString);
return SEC_OID_UNKNOWN;
}
SECU_PrintAsHex(out, oid, m, level);
return SEC_OID_UNKNOWN;
}
/*
* FUNCTION: pkix_pl_OID_ToString
* (see comments for PKIX_PL_ToStringCallback in pkix_pl_system.h)
* Use this function only for printing OIDs and not to make any
* critical security decision.
*/
static PKIX_Error *
pkix_pl_OID_ToString(
PKIX_PL_Object *object,
PKIX_PL_String **pString,
void *plContext)
{
PKIX_PL_OID *oid = NULL;
char *oidString = NULL;
PKIX_ENTER(OID, "pkix_pl_OID_toString");
PKIX_NULLCHECK_TWO(object, pString);
PKIX_CHECK(pkix_CheckType(object, PKIX_OID_TYPE, plContext),
PKIX_OBJECTNOTANOID);
oid = (PKIX_PL_OID*)object;
oidString = CERT_GetOidString(&oid->derOid);
PKIX_CHECK(PKIX_PL_String_Create
(PKIX_ESCASCII, oidString , 0, pString, plContext),
PKIX_STRINGCREATEFAILED);
cleanup:
PR_smprintf_free(oidString);
PKIX_RETURN(OID);
}
nsresult
nsCertOverrideService::Init()
{
if (!mSettingsTable.Init())
return NS_ERROR_OUT_OF_MEMORY;
mOidTagForStoringNewHashes = SEC_OID_SHA256;
SECOidData *od = SECOID_FindOIDByTag(mOidTagForStoringNewHashes);
if (!od)
return NS_ERROR_FAILURE;
char *dotted_oid = CERT_GetOidString(&od->oid);
if (!dotted_oid)
return NS_ERROR_FAILURE;
mDottedOidForStoringNewHashes = dotted_oid;
PR_smprintf_free(dotted_oid);
// cache mSettingsFile
NS_GetSpecialDirectory(NS_APP_USER_PROFILE_50_DIR, getter_AddRefs(mSettingsFile));
if (mSettingsFile) {
mSettingsFile->AppendNative(NS_LITERAL_CSTRING(kCertOverrideFileName));
}
Read();
nsresult rv;
NS_WITH_ALWAYS_PROXIED_SERVICE(nsIObserverService, mObserverService,
"@mozilla.org/observer-service;1",
NS_PROXY_TO_MAIN_THREAD, &rv);
if (mObserverService) {
mObserverService->AddObserver(this, "profile-before-change", PR_TRUE);
mObserverService->AddObserver(this, "profile-do-change", PR_TRUE);
mObserverService->AddObserver(this, "shutdown-cleanse", PR_TRUE);
}
return NS_OK;
}
