Fix bug 87650: replace slot traversal functions with list functions.

Add SECKEY_ImportDERPublicKey.
author: nicolson%netscape.com <devnull@localhost> 2001-06-25 19:31:17 +0000
committer: nicolson%netscape.com <devnull@localhost> 2001-06-25 19:31:17 +0000
commit: 8f41539fad1eac419015ca1d2428765514f15d9f (patch)
tree: 46b25dffe87a43808c7566160cbab268732e0393
parent: cc7f9e0593b229c4eadafa25ef35cd174b8d149d (diff)
download: nss-hg-8f41539fad1eac419015ca1d2428765514f15d9f.tar.gz
7 files changed, 218 insertions, 3 deletions
diff --git a/security/nss/lib/cryptohi/keyhi.h b/security/nss/lib/cryptohi/keyhi.h
index 46394bf10..5b4bcbaa6 100644
--- a/security/nss/lib/cryptohi/keyhi.h
+++ b/security/nss/lib/cryptohi/keyhi.h
@@ -227,6 +227,29 @@ SECKEY_CopyEncryptedPrivateKeyInfo(PRArenaPool *poolp,
 KeyType SECKEY_GetPrivateKeyType(SECKEYPrivateKey *privKey);
 KeyType SECKEY_GetPublicKeyType(SECKEYPublicKey *pubKey);
 
+/*
+ * Creates a PublicKey from its DER encoding.
+ * Currently only supports RSA and DSA keys.
+ */
+SECKEYPublicKey*
+SECKEY_ImportDERPublicKey(SECItem *derKey, CK_KEY_TYPE type);
+
+SECKEYPrivateKeyList*
+SECKEY_NewPrivateKeyList(void);
+
+void
+SECKEY_DestroyPrivateKeyList(SECKEYPrivateKeyList *keys);
+
+void
+SECKEY_RemovePrivateKeyListNode(SECKEYPrivateKeyListNode *node);
+
+SECStatus
+SECKEY_AddPrivateKeyToListTail( SECKEYPrivateKeyList *list,
+                                SECKEYPrivateKey *key);
+
+#define PRIVKEY_LIST_HEAD(l) ((SECKEYPrivateKeyListNode*)PR_LIST_HEAD(&l->list))
+#define PRIVKEY_LIST_NEXT(n) ((SECKEYPrivateKeyListNode *)n->links.next)
+#define PRIVKEY_LIST_END(n,l) (((void *)n) == ((void *)&l->list))
 
 SEC_END_PROTOS
 
diff --git a/security/nss/lib/cryptohi/keythi.h b/security/nss/lib/cryptohi/keythi.h
index ba1aec401..27add7476 100644
--- a/security/nss/lib/cryptohi/keythi.h
+++ b/security/nss/lib/cryptohi/keythi.h
@@ -38,6 +38,7 @@
 #include "plarena.h"
 #include "pkcs11t.h"
 #include "secmodt.h"
+#include "prclist.h"
 
 /*
 ** A Generic  public key object.
@@ -80,4 +81,14 @@ typedef struct {
     void *wincx;
 } SEC_PKCS5KeyAndPassword;
 
+typedef struct {
+    PRCList links;
+    SECKEYPrivateKey *key;
+} SECKEYPrivateKeyListNode;
+
+typedef struct {
+    PRCList list;
+    PRArenaPool *arena;
+} SECKEYPrivateKeyList;
+
 #endif /* _KEYTHI_H_ */
diff --git a/security/nss/lib/cryptohi/seckey.c b/security/nss/lib/cryptohi/seckey.c
index d9ec73121..11eb94876 100644
--- a/security/nss/lib/cryptohi/seckey.c
+++ b/security/nss/lib/cryptohi/seckey.c
@@ -1693,3 +1693,112 @@ SECKEY_GetPublicKeyType(SECKEYPublicKey *pubKey)
 {
    return pubKey->keyType;
 }
+
+SECKEYPublicKey*
+SECKEY_ImportDERPublicKey(SECItem *derKey, CK_KEY_TYPE type)
+{
+    SECKEYPublicKey *pubk = NULL;
+    SECStatus rv = SECFailure;
+
+    pubk = PORT_New(SECKEYPublicKey);
+    if(pubk == NULL) {
+        goto finish;
+    }
+    pubk->arena = NULL;
+    pubk->pkcs11Slot = NULL;
+    pubk->pkcs11ID = CK_INVALID_HANDLE;
+    pubk->keyType = type;
+
+    if( type == CKK_RSA) {
+        rv = SEC_ASN1DecodeItem(NULL, pubk, SECKEY_RSAPublicKeyTemplate,
+                                derKey);
+    } else if( type == CKK_DSA) {
+        rv = SEC_ASN1DecodeItem(NULL, pubk, SECKEY_DSAPublicKeyTemplate,
+                                derKey);
+    } else {
+        rv = SECFailure;
+    }
+
+finish:
+    if( rv != SECSuccess && pubk != NULL) {
+        PORT_Free(pubk);
+        pubk = NULL;
+    }
+    return pubk;
+}
+
+SECKEYPrivateKeyList*
+SECKEY_NewPrivateKeyList(void)
+{
+    PRArenaPool *arena = NULL;
+    SECKEYPrivateKeyList *ret = NULL;
+
+    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+    if ( arena == NULL ) {
+        goto loser;
+    }
+
+    ret = (SECKEYPrivateKeyList *)PORT_ArenaZAlloc(arena,
+                sizeof(SECKEYPrivateKeyList));
+    if ( ret == NULL ) {
+        goto loser;
+    }
+
+    ret->arena = arena;
+
+    PR_INIT_CLIST(&ret->list);
+
+    return(ret);
+
+loser:
+    if ( arena != NULL ) {
+        PORT_FreeArena(arena, PR_FALSE);
+    }
+
+    return(NULL);
+}
+
+void
+SECKEY_DestroyPrivateKeyList(SECKEYPrivateKeyList *keys)
+{
+    while( !PR_CLIST_IS_EMPTY(&keys->list) ) {
+        SECKEY_RemovePrivateKeyListNode(
+            (SECKEYPrivateKeyListNode*)(PR_LIST_HEAD(&keys->list)) );
+    }
+
+    PORT_FreeArena(keys->arena, PR_FALSE);
+
+    return;
+}
+
+
+void
+SECKEY_RemovePrivateKeyListNode(SECKEYPrivateKeyListNode *node)
+{
+    PR_ASSERT(node->key);
+    SECKEY_DestroyPrivateKey(node->key);
+    node->key = NULL;
+    PR_REMOVE_LINK(&node->links);
+    return;
+
+}
+
+SECStatus
+SECKEY_AddPrivateKeyToListTail( SECKEYPrivateKeyList *list,
+                                SECKEYPrivateKey *key)
+{
+    SECKEYPrivateKeyListNode *node;
+
+    node = (SECKEYPrivateKeyListNode *)PORT_ArenaZAlloc(list->arena,
+                sizeof(SECKEYPrivateKeyListNode));
+    if ( node == NULL ) {
+        goto loser;
+    }
+
+    PR_INSERT_BEFORE(&node->links, &list->list);
+    node->key = key;
+    return(SECSuccess);
+
+loser:
+    return(SECFailure);
+}
diff --git a/security/nss/lib/nss/nss.def b/security/nss/lib/nss/nss.def
index 70b23da59..53f87d641 100644
--- a/security/nss/lib/nss/nss.def
+++ b/security/nss/lib/nss/nss.def
@@ -518,8 +518,6 @@ PK11_ReferenceSlot;
 PK11_GetSlotPWValues;
 PK11_ImportSymKey;
 PK11_ExtractKeyValue;
-PK11_TraversePrivateKeysInSlot;
-PK11_TraverseCertsInSlot;
 SEC_CertNicknameConflict;
 SECMOD_DeleteInternalModule;
 SECMOD_DestroyModule;
@@ -533,7 +531,14 @@ SECKEY_GetPrivateKeyType;
 SECKEY_EncodeDERSubjectPublicKeyInfo;
 SECKEY_ExtractPublicKey;
 SECKEY_HashPassword;
+SECKEY_ImportDERPublicKey;
+SECKEY_NewPrivateKeyList;
+SECKEY_DestroyPrivateKeyList;
+SECKEY_RemovePrivateKeyListNode;
+SECKEY_AddPrivateKeyToListTail;
 SEC_PKCS5GetIV;
+PK11_ListPrivateKeysInSlot;
+PK11_ListCertsInSlot;
 VFY_EndWithSignature;
 ;+    local:
 ;+       *;
diff --git a/security/nss/lib/nss/nssinit.c b/security/nss/lib/nss/nssinit.c
index 27b51ff18..e8c9ab925 100644
--- a/security/nss/lib/nss/nssinit.c
+++ b/security/nss/lib/nss/nssinit.c
@@ -345,7 +345,11 @@ NSS_NoDB_Init(const char * configdir)
 {
           
       SECStatus rv = SECSuccess;
-     
+
+      if( isInitialized ) {
+	   return SECSuccess;
+      }
+
       rv = RNG_RNGInit();
       if (rv != SECSuccess) {
 	   return rv;
@@ -358,6 +362,8 @@ NSS_NoDB_Init(const char * configdir)
       }
       rv = nss_OpenVolatileSecModDB();
 
+      isInitialized = PR_TRUE;
+
       return rv;
 }
 
@@ -378,6 +384,8 @@ NSS_Shutdown(void)
     if (keyHandle)
     	SECKEY_CloseKeyDB(keyHandle);
     SECKEY_SetDefaultKeyDB(NULL); 
+
+    isInitialized = PR_FALSE;
 }
 
 
diff --git a/security/nss/lib/pk11wrap/pk11cert.c b/security/nss/lib/pk11wrap/pk11cert.c
index 2059269b7..657ddfa17 100644
--- a/security/nss/lib/pk11wrap/pk11cert.c
+++ b/security/nss/lib/pk11wrap/pk11cert.c
@@ -2806,3 +2806,59 @@ PK11_GetLowLevelKeyIDForPrivateKey(SECKEYPrivateKey *privKey)
     return pk11_GetLowLevelKeyFromHandle(privKey->pkcs11Slot,privKey->pkcs11ID);
 }
 
+static SECStatus
+listCertsCallback(CERTCertificate* cert, void*arg)
+{
+    CERTCertList *list = (CERTCertList*)arg;
+
+    return CERT_AddCertToListTail(list, CERT_DupCertificate(cert));
+}
+
+CERTCertList *
+PK11_ListCertsInSlot(PK11SlotInfo *slot)
+{
+    SECStatus status;
+    CERTCertList *certs;
+
+    certs = CERT_NewCertList();
+    if(certs == NULL) return NULL;
+
+    status = PK11_TraverseCertsInSlot(slot, listCertsCallback,
+		(void*)certs);
+
+    if( status != SECSuccess ) {
+	SECKEY_DestroyCertList(certs);
+	certs = NULL;
+    }
+
+    return certs;
+}
+
+static SECStatus
+privateKeyListCallback(SECKEYPrivateKey *key, void *arg)
+{
+    SECKEYPrivateKeyList *list = (SECKEYPrivateKeyList*)arg;
+
+    return SECKEY_AddPrivateKeyToListTail(list, SECKEY_CopyPrivateKey(key));
+}
+
+SECKEYPrivateKeyList*
+PK11_ListPrivateKeysInSlot(PK11SlotInfo *slot)
+{
+    SECStatus status;
+    SECKEYPrivateKeyList *keys;
+
+    keys = SECKEY_NewPrivateKeyList();
+    if(keys == NULL) return NULL;
+
+    status = PK11_TraversePrivateKeysInSlot(slot, privateKeyListCallback,
+		(void*)keys);
+
+    if( status != SECSuccess ) {
+	SECKEY_DestroyPrivateKeyList(keys);
+	keys = NULL;
+    }
+
+    return keys;
+}
+
diff --git a/security/nss/lib/pk11wrap/pk11func.h b/security/nss/lib/pk11wrap/pk11func.h
index e67246252..f3411681c 100644
--- a/security/nss/lib/pk11wrap/pk11func.h
+++ b/security/nss/lib/pk11wrap/pk11func.h
@@ -336,6 +336,7 @@ SECItem * PK11_GetKeyIDFromPrivateKey(SECKEYPrivateKey *key, void *wincx);
 SECItem* PK11_DEREncodePublicKey(SECKEYPublicKey *pubk);
 PK11SymKey* PK11_CopySymKeyForSigning(PK11SymKey *originalKey,
 	CK_MECHANISM_TYPE mech);
+SECKEYPrivateKeyList* PK11_ListPrivateKeysInSlot(PK11SlotInfo *slot);
 
 /**********************************************************************
  *                   Certs
@@ -403,6 +404,8 @@ SECStatus PK11_TraverseCertsInSlot(PK11SlotInfo *slot,
        SECStatus(* callback)(CERTCertificate*, void *), void *arg);
 CERTCertList *
 PK11_ListCerts(PK11CertListType type, void *pwarg);
+CERTCertList *
+PK11_ListCertsInSlot(PK11SlotInfo *slot);
 
 
 /**********************************************************************
author	nicolson%netscape.com <devnull@localhost>	2001-06-25 19:31:17 +0000
committer	nicolson%netscape.com <devnull@localhost>	2001-06-25 19:31:17 +0000
commit	8f41539fad1eac419015ca1d2428765514f15d9f (patch)
tree	46b25dffe87a43808c7566160cbab268732e0393
parent	cc7f9e0593b229c4eadafa25ef35cd174b8d149d (diff)
download	nss-hg-8f41539fad1eac419015ca1d2428765514f15d9f.tar.gz