NS_IMETHODIMP nsNSSCertificate::GetAllTokenNames(uint32_t *aLength, PRUnichar*** aTokenNames) { nsNSSShutDownPreventionLock locker; if (isAlreadyShutDown()) return NS_ERROR_NOT_AVAILABLE; NS_ENSURE_ARG(aLength); NS_ENSURE_ARG(aTokenNames); *aLength = 0; *aTokenNames = NULL; /* Get the slots from NSS */ PK11SlotList *slots = NULL; PK11SlotListCleaner slotCleaner(slots); PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("Getting slots for \"%s\"\n", mCert->nickname)); slots = PK11_GetAllSlotsForCert(mCert, NULL); if (!slots) { if (PORT_GetError() == SEC_ERROR_NO_TOKEN) return NS_OK; // List of slots is empty, return empty array else return NS_ERROR_FAILURE; } /* read the token names from slots */ PK11SlotListElement *le; for (le = slots->head; le; le = le->next) { ++(*aLength); } *aTokenNames = (PRUnichar **)nsMemory::Alloc(sizeof(PRUnichar *) * (*aLength)); if (!*aTokenNames) { *aLength = 0; return NS_ERROR_OUT_OF_MEMORY; } uint32_t iToken; for (le = slots->head, iToken = 0; le; le = le->next, ++iToken) { char *token = PK11_GetTokenName(le->slot); (*aTokenNames)[iToken] = ToNewUnicode(NS_ConvertUTF8toUTF16(token)); if (!(*aTokenNames)[iToken]) { NS_FREE_XPCOM_ALLOCATED_POINTER_ARRAY(iToken, *aTokenNames); *aLength = 0; *aTokenNames = NULL; return NS_ERROR_OUT_OF_MEMORY; } } return NS_OK; }
SECStatus IsCertBuiltInRoot(CERTCertificate* cert, bool& result) { result = false; ScopedPK11SlotList slots; slots = PK11_GetAllSlotsForCert(cert, nullptr); if (!slots) { if (PORT_GetError() == SEC_ERROR_NO_TOKEN) { // no list return SECSuccess; } return SECFailure; } for (PK11SlotListElement* le = slots->head; le; le = le->next) { char* token = PK11_GetTokenName(le->slot); PR_LOG(gCertVerifierLog, PR_LOG_DEBUG, ("BuiltInRoot? subject=%s token=%s",cert->subjectName, token)); if (strcmp("Builtin Object Token", token) == 0) { result = true; return SECSuccess; } } return SECSuccess; }