NS_IMETHODIMP
nsNSSCertificate::GetAllTokenNames(uint32_t *aLength, PRUnichar*** aTokenNames)
{
nsNSSShutDownPreventionLock locker;
if (isAlreadyShutDown())
return NS_ERROR_NOT_AVAILABLE;
NS_ENSURE_ARG(aLength);
NS_ENSURE_ARG(aTokenNames);
*aLength = 0;
*aTokenNames = NULL;
/* Get the slots from NSS */
PK11SlotList *slots = NULL;
PK11SlotListCleaner slotCleaner(slots);
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("Getting slots for \"%s\"\n", mCert->nickname));
slots = PK11_GetAllSlotsForCert(mCert, NULL);
if (!slots) {
if (PORT_GetError() == SEC_ERROR_NO_TOKEN)
return NS_OK; // List of slots is empty, return empty array
else
return NS_ERROR_FAILURE;
}
/* read the token names from slots */
PK11SlotListElement *le;
for (le = slots->head; le; le = le->next) {
++(*aLength);
}
*aTokenNames = (PRUnichar **)nsMemory::Alloc(sizeof(PRUnichar *) * (*aLength));
if (!*aTokenNames) {
*aLength = 0;
return NS_ERROR_OUT_OF_MEMORY;
}
uint32_t iToken;
for (le = slots->head, iToken = 0; le; le = le->next, ++iToken) {
char *token = PK11_GetTokenName(le->slot);
(*aTokenNames)[iToken] = ToNewUnicode(NS_ConvertUTF8toUTF16(token));
if (!(*aTokenNames)[iToken]) {
NS_FREE_XPCOM_ALLOCATED_POINTER_ARRAY(iToken, *aTokenNames);
*aLength = 0;
*aTokenNames = NULL;
return NS_ERROR_OUT_OF_MEMORY;
}
}
return NS_OK;
}
SECStatus
IsCertBuiltInRoot(CERTCertificate* cert, bool& result) {
result = false;
ScopedPK11SlotList slots;
slots = PK11_GetAllSlotsForCert(cert, nullptr);
if (!slots) {
if (PORT_GetError() == SEC_ERROR_NO_TOKEN) {
// no list
return SECSuccess;
}
return SECFailure;
}
for (PK11SlotListElement* le = slots->head; le; le = le->next) {
char* token = PK11_GetTokenName(le->slot);
PR_LOG(gCertVerifierLog, PR_LOG_DEBUG,
("BuiltInRoot? subject=%s token=%s",cert->subjectName, token));
if (strcmp("Builtin Object Token", token) == 0) {
result = true;
return SECSuccess;
}
}
return SECSuccess;
}
