diff options
| author | relyea%netscape.com <devnull@localhost> | 2001-01-06 22:09:04 +0000 |
|---|---|---|
| committer | relyea%netscape.com <devnull@localhost> | 2001-01-06 22:09:04 +0000 |
| commit | 9918d471b8c77b0b8eb652e46e1605c0867618a7 (patch) | |
| tree | 1ef20fc246f9dc886e7a83c5d5730a26827b48c5 | |
| parent | e4cb240c8dd902431bbbc139619f3545936f0515 (diff) | |
| download | nss-hg-9918d471b8c77b0b8eb652e46e1605c0867618a7.tar.gz | |
Fix initialization to use NSS_Init* functions rather than low level
init functions.
| -rw-r--r-- | security/nss/cmd/crlutil/crlutil.c | 33 | ||||
| -rw-r--r-- | security/nss/cmd/modutil/modutil.c | 54 | ||||
| -rw-r--r-- | security/nss/cmd/p7content/p7content.c | 55 | ||||
| -rw-r--r-- | security/nss/cmd/p7env/p7env.c | 25 | ||||
| -rw-r--r-- | security/nss/cmd/p7sign/p7sign.c | 65 | ||||
| -rw-r--r-- | security/nss/cmd/p7verify/p7verify.c | 34 | ||||
| -rw-r--r-- | security/nss/cmd/signtool/certgen.c | 3 | ||||
| -rw-r--r-- | security/nss/cmd/signtool/list.c | 2 | ||||
| -rw-r--r-- | security/nss/cmd/signtool/sign.c | 13 | ||||
| -rw-r--r-- | security/nss/cmd/signtool/util.c | 59 | ||||
| -rw-r--r-- | security/nss/cmd/signver/signver.c | 19 |
11 files changed, 39 insertions, 323 deletions
diff --git a/security/nss/cmd/crlutil/crlutil.c b/security/nss/cmd/crlutil/crlutil.c index a075e25c2..96522c5cd 100644 --- a/security/nss/cmd/crlutil/crlutil.c +++ b/security/nss/cmd/crlutil/crlutil.c @@ -44,40 +44,12 @@ #include "secutil.h" #include "cert.h" #include "certdb.h" -#include "cdbhdl.h" #define SEC_CERT_DB_EXISTS 0 #define SEC_CREATE_CERT_DB 1 static char *progName; -static CERTCertDBHandle -*OpenCertDB(int createNew) - /* NOTE: This routine has been modified to allow the libsec/pcertdb.c routines to automatically - ** find and convert the old cert database into the new v3.0 format (cert db version 5). - */ -{ - CERTCertDBHandle *certHandle; - SECStatus rv; - - /* Allocate a handle to fill with CERT_OpenCertDB below */ - certHandle = (CERTCertDBHandle *)PORT_ZAlloc(sizeof(CERTCertDBHandle)); - if (!certHandle) { - SECU_PrintError(progName, "unable to get database handle"); - return NULL; - } - - - rv = CERT_OpenCertDB(certHandle, PR_FALSE, SECU_CertDBNameCallback, NULL); - - if (rv) { - SECU_PrintError(progName, "could not open certificate database"); - if (certHandle) free (certHandle); /* we don't want to leave anything behind... */ - return NULL; - } - - return certHandle; -} static CERTSignedCrl *FindCRL (CERTCertDBHandle *certHandle, char *name, int type) { @@ -373,10 +345,9 @@ int main(int argc, char **argv) if (importCRL && !inFile) Usage (progName); PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1); - SECU_PKCS11Init(PR_FALSE); - SEC_Init(); + NSS_InitReadWrite(SECU_ConfigDirectory(NULL)); - certHandle = OpenCertDB(SEC_CREATE_CERT_DB); + certHandle = CERT_GetDefaultCertDB(); if (certHandle == NULL) { SECU_PrintError(progName, "unable to open the cert db"); return (-1); diff --git a/security/nss/cmd/modutil/modutil.c b/security/nss/cmd/modutil/modutil.c index 2427eb444..1137e0c82 100644 --- a/security/nss/cmd/modutil/modutil.c +++ b/security/nss/cmd/modutil/modutil.c @@ -486,8 +486,11 @@ verify_params() static Error init_crypto(PRBool create, PRBool readOnly) { - char *moddbname=NULL, *dir, *keydbname, *certdbname; + char *dir; +#ifdef notdef + char *moddbname=NULL, *keydbname, *certdbname; PRBool free_moddbname = PR_FALSE; +#endif Error retval; if(SECU_ConfigDirectory(dbdir)[0] == '\0') { @@ -495,10 +498,7 @@ init_crypto(PRBool create, PRBool readOnly) retval=NO_DBDIR_ERR; goto loser; } - moddbname = SECU_SECModDBName(); /* this changes later in the function */ dir = SECU_ConfigDirectory(NULL); - keydbname = SECU_KeyDBNameCallback(NULL, PRIVATE_KEY_DB_FILE_VERSION); - certdbname = SECU_CertDBNameCallback(NULL, CERT_DB_FILE_VERSION); /* Make sure db directory exists and is readable */ if(PR_Access(dir, PR_ACCESS_EXISTS) != PR_SUCCESS) { @@ -515,6 +515,7 @@ init_crypto(PRBool create, PRBool readOnly) if(create) { /* Make sure dbs don't already exist, and the directory is writeable */ +#ifdef notdef if(PR_Access(moddbname, PR_ACCESS_EXISTS)==PR_SUCCESS) { PR_fprintf(PR_STDERR, errStrings[FILE_ALREADY_EXISTS_ERR], moddbname); @@ -528,12 +529,15 @@ init_crypto(PRBool create, PRBool readOnly) PR_fprintf(PR_STDERR, errStrings[FILE_ALREADY_EXISTS_ERR],certdbname); retval=FILE_ALREADY_EXISTS_ERR; goto loser; - } else if(PR_Access(dir, PR_ACCESS_WRITE_OK) != PR_SUCCESS) { + } else +#endif + if(PR_Access(dir, PR_ACCESS_WRITE_OK) != PR_SUCCESS) { PR_fprintf(PR_STDERR, errStrings[DIR_NOT_WRITEABLE_ERR], dir); retval=DIR_NOT_WRITEABLE_ERR; goto loser; } } else { +#ifdef notdef /* Make sure dbs are readable and writeable */ if(PR_Access(moddbname, PR_ACCESS_READ_OK) != PR_SUCCESS) { #ifndef XP_PC @@ -564,9 +568,11 @@ init_crypto(PRBool create, PRBool readOnly) goto loser; } } +#endif /* Check for write access if we'll be making changes */ if( !readOnly ) { +#ifdef notdef if(PR_Access(moddbname, PR_ACCESS_WRITE_OK) != PR_SUCCESS) { PR_fprintf(PR_STDERR, errStrings[FILE_NOT_WRITEABLE_ERR], moddbname); @@ -589,50 +595,26 @@ init_crypto(PRBool create, PRBool readOnly) goto loser; } } +#endif } PR_fprintf(PR_STDOUT, msgStrings[USING_DBDIR_MSG], SECU_ConfigDirectory(NULL)); } - SEC_Init(); /* Open/create key database */ - RNG_RNGInit(); /* This is required before SECU_OpenKeyDB */ - RNG_SystemInfoForRNG(); - if(!nocertdb) { - if(create) PR_fprintf(PR_STDOUT, msgStrings[CREATING_DB_MSG], - keydbname); - if(SECU_OpenKeyDB(readOnly) == NULL) { - PR_fprintf(PR_STDERR, "\n"); - PR_fprintf(PR_STDERR, errStrings[DB_ACCESS_ERR], keydbname); - retval=DB_ACCESS_ERR; - goto loser; - } - if(create) PR_fprintf(PR_STDOUT, msgStrings[DONE_MSG]); - } - - /* Open/create cert database */ - if(!nocertdb) { - if(create) PR_fprintf(PR_STDOUT, msgStrings[CREATING_DB_MSG], - certdbname); - if(SECU_OpenCertDB(readOnly) == NULL) { - PR_fprintf(PR_STDERR, "\n"); - PR_fprintf(PR_STDERR, errStrings[DB_ACCESS_ERR], certdbname); - retval=DB_ACCESS_ERR; - goto loser; - } - if(create) PR_fprintf(PR_STDOUT, msgStrings[DONE_MSG]); + if (readOnly) { + NSS_Init(SECU_ConfigDirectory(NULL)); + } else { + NSS_InitReadWrite(SECU_ConfigDirectory(NULL)); } - /* Open/create module database */ - if(create) PR_fprintf(PR_STDOUT, msgStrings[CREATING_DB_MSG], moddbname); - SECMOD_init(moddbname); - if(create) PR_fprintf(PR_STDOUT, msgStrings[DONE_MSG]); - retval=SUCCESS; loser: +#ifdef notdef if(free_moddbname) { PR_Free(moddbname); } +#endif return retval; } diff --git a/security/nss/cmd/p7content/p7content.c b/security/nss/cmd/p7content/p7content.c index 2c1afb6dc..f897bd439 100644 --- a/security/nss/cmd/p7content/p7content.c +++ b/security/nss/cmd/p7content/p7content.c @@ -43,7 +43,6 @@ #include "secpkcs7.h" #include "cert.h" #include "certdb.h" -#include "cdbhdl.h" #if defined(XP_UNIX) #include <unistd.h> @@ -57,7 +56,6 @@ extern int fwrite(char *, size_t, size_t, FILE*); extern int fprintf(FILE *, char *, ...); #endif -extern void SEC_Init(void); /* XXX */ static void @@ -76,38 +74,6 @@ Usage(char *progName) exit(-1); } -static SECKEYKeyDBHandle * -OpenKeyDB(char *progName) -{ - SECKEYKeyDBHandle *keyHandle; - - keyHandle = SECU_OpenKeyDB(PR_FALSE); - if (keyHandle == NULL) { - SECU_PrintError(progName, "could not open key database"); - return NULL; - } - - return(keyHandle); -} - -static CERTCertDBHandle certHandleStatic; /* avoid having to allocate */ - -static CERTCertDBHandle * -OpenCertDB(char *progName) -{ - CERTCertDBHandle *certHandle; - SECStatus rv; - - certHandle = &certHandleStatic; - rv = CERT_OpenCertDB(certHandle, PR_FALSE, SECU_CertDBNameCallback, NULL); - if (rv != SECSuccess) { - SECU_PrintError(progName, "could not open cert database"); - return NULL; - } - - return certHandle; -} - static PRBool saw_content; static void @@ -150,7 +116,7 @@ DecodeAndPrintFile(FILE *out, PRFileDesc *in, char *progName) fprintf(out, "\n---------------------------------------------\n"); saw_content = PR_FALSE; - dcx = SEC_PKCS7DecoderStart(PrintBytes, out, SECU_GetPassword, NULL, + dcx = SEC_PKCS7DecoderStart(PrintBytes, out, NULL, NULL, NULL, NULL, decryption_allowed); if (dcx != NULL) { #if 0 /* Test that decoder works when data is really streaming in. */ @@ -234,8 +200,6 @@ main(int argc, char **argv) char *progName; FILE *outFile; PRFileDesc *inFile; - SECKEYKeyDBHandle *keyHandle; - CERTCertDBHandle *certHandle; PLOptState *optstate; PLOptStatus status; @@ -286,22 +250,7 @@ main(int argc, char **argv) /* Call the initialization routines */ PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1); - SECU_PKCS11Init(PR_FALSE); - SEC_Init(); - - /* open key database */ - keyHandle = OpenKeyDB(progName); - if (keyHandle == NULL) { - return -1; - } - SECKEY_SetDefaultKeyDB(keyHandle); - - /* open cert database */ - certHandle = OpenCertDB(progName); - if (certHandle == NULL) { - return -1; - } - CERT_SetDefaultCertDB(certHandle); + NSS_Init(SECU_ConfigDirectory(NULL)); if (DecodeAndPrintFile(outFile, inFile, progName)) { SECU_PrintError(progName, "problem decoding data"); diff --git a/security/nss/cmd/p7env/p7env.c b/security/nss/cmd/p7env/p7env.c index 0482b175d..d7db24ebd 100644 --- a/security/nss/cmd/p7env/p7env.c +++ b/security/nss/cmd/p7env/p7env.c @@ -43,7 +43,6 @@ #include "secpkcs7.h" #include "cert.h" #include "certdb.h" -#include "cdbhdl.h" #if defined(XP_UNIX) #include <unistd.h> @@ -78,24 +77,6 @@ Usage(char *progName) exit(-1); } -static CERTCertDBHandle certHandleStatic; /* avoid having to allocate */ - -static CERTCertDBHandle * -OpenCertDB(char *progName) -{ - CERTCertDBHandle *certHandle; - SECStatus rv; - - certHandle = &certHandleStatic; - rv = CERT_OpenCertDB(certHandle, PR_FALSE, SECU_CertDBNameCallback, NULL); - if (rv != SECSuccess) { - SECU_PrintError(progName, "could not open cert database"); - return NULL; - } - - return certHandle; -} - struct recipient { struct recipient *next; char *nickname; @@ -258,15 +239,13 @@ main(int argc, char **argv) /* Call the libsec initialization routines */ PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1); - SECU_PKCS11Init(PR_FALSE); - SEC_Init(); + NSS_Init(SECU_ConfigDirectory(NULL)); /* open cert database */ - certHandle = OpenCertDB(progName); + certHandle = CERT_GetDefaultCertDB(); if (certHandle == NULL) { return -1; } - CERT_SetDefaultCertDB(certHandle); /* find certs */ for (rcpt = recipients; rcpt != NULL; rcpt = rcpt->next) { diff --git a/security/nss/cmd/p7sign/p7sign.c b/security/nss/cmd/p7sign/p7sign.c index b78193d83..62aaf5171 100644 --- a/security/nss/cmd/p7sign/p7sign.c +++ b/security/nss/cmd/p7sign/p7sign.c @@ -44,7 +44,6 @@ #include "secpkcs7.h" #include "cert.h" #include "certdb.h" -#include "cdbhdl.h" #include "sechash.h" /* for HASH_GetHashObject() */ #if defined(XP_UNIX) @@ -60,9 +59,6 @@ extern int fwrite(char *, size_t, size_t, FILE*); extern int fprintf(FILE *, char *, ...); #endif -extern void SEC_Init(void); /* XXX */ - - static void Usage(char *progName) { @@ -82,40 +78,6 @@ Usage(char *progName) exit(-1); } -static SECKEYKeyDBHandle * -OpenKeyDB(char *progName) -{ - SECKEYKeyDBHandle *keyHandle; - - keyHandle = SECU_OpenKeyDB(PR_FALSE); - if (keyHandle == NULL) { - SECU_PrintError(progName, "could not open key database"); - return NULL; - } - - return(keyHandle); -} - -static CERTCertDBHandle certHandleStatic; /* avoid having to allocate */ - -static CERTCertDBHandle * -OpenCertDB(char *progName) -{ - CERTCertDBHandle *certHandle; - SECStatus rv; - - certHandle = &certHandleStatic; - rv = CERT_OpenCertDB(certHandle, PR_FALSE, SECU_CertDBNameCallback, NULL); - if (rv != SECSuccess) { - SECU_PrintError(progName, "could not open cert database"); - return NULL; - } else { - CERT_SetDefaultCertDB(certHandle); - } - - return certHandle; -} - static void SignOut(void *arg, const char *buf, unsigned long len) { @@ -193,7 +155,7 @@ SignFile(FILE *outFile, PRFileDesc *inFile, CERTCertificate *cert, } rv = SEC_PKCS7Encode (cinfo, SignOut, outFile, NULL, - SECU_GetPassword, NULL); + NULL, NULL); SEC_PKCS7DestroyContentInfo (cinfo); @@ -210,7 +172,6 @@ main(int argc, char **argv) FILE *outFile; PRFileDesc *inFile; char *keyName; - SECKEYKeyDBHandle *keyHandle; CERTCertDBHandle *certHandle; CERTCertificate *cert; PRBool encapsulated = PR_FALSE; @@ -274,27 +235,9 @@ main(int argc, char **argv) /* Call the initialization routines */ PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1); - SECU_PKCS11Init(PR_FALSE); - SEC_Init(); - - /* open key database */ - keyHandle = OpenKeyDB(progName); - if (keyHandle == NULL) { - return -1; - } - -#if 0 - /* check if key actually exists */ - if (! SECU_CheckKeyNameExists(keyHandle, keyName)) { - SECU_PrintError(progName, "the key \"%s\" does not exist", keyName); - return -1; - } -#endif - - SECKEY_SetDefaultKeyDB(keyHandle); - + NSS_Init(SECU_ConfigDirectory(NULL)); /* open cert database */ - certHandle = OpenCertDB(progName); + certHandle = CERT_GetDefaultCertDB(); if (certHandle == NULL) { return -1; } @@ -308,8 +251,6 @@ main(int argc, char **argv) return -1; } - CERT_SetDefaultCertDB(certHandle); - if (SignFile(outFile, inFile, cert, encapsulated)) { SECU_PrintError(progName, "problem signing data"); return -1; diff --git a/security/nss/cmd/p7verify/p7verify.c b/security/nss/cmd/p7verify/p7verify.c index d86ef1e17..6ddc4f875 100644 --- a/security/nss/cmd/p7verify/p7verify.c +++ b/security/nss/cmd/p7verify/p7verify.c @@ -43,7 +43,6 @@ #include "secpkcs7.h" #include "cert.h" #include "certdb.h" -#include "cdbhdl.h" #include "secoid.h" #include "sechash.h" /* for HASH_GetHashObject() */ @@ -59,7 +58,6 @@ extern int fread(char *, size_t, size_t, FILE*); extern int fprintf(FILE *, char *, ...); #endif -extern void SEC_Init(void); /* XXX */ static HASH_HashType AlgorithmToHashType(SECAlgorithmID *digestAlgorithms) @@ -154,24 +152,6 @@ Usage(char *progName) exit(-1); } -static CERTCertDBHandle certHandleStatic; /* avoid having to allocate */ - -static CERTCertDBHandle * -OpenCertDB(char *progName) -{ - CERTCertDBHandle *certHandle; - SECStatus rv; - - certHandle = &certHandleStatic; - rv = CERT_OpenCertDB(certHandle, PR_FALSE, SECU_CertDBNameCallback, NULL); - if (rv != SECSuccess) { - SECU_PrintError(progName, "could not open cert database"); - return NULL; - } - - return certHandle; -} - static int HashDecodeAndVerify(FILE *out, FILE *content, PRFileDesc *signature, SECCertUsage usage, char *progName) @@ -188,7 +168,7 @@ HashDecodeAndVerify(FILE *out, FILE *content, PRFileDesc *signature, return -1; } - cinfo = SEC_PKCS7DecodeItem(&derdata, NULL, NULL, SECU_GetPassword, NULL, + cinfo = SEC_PKCS7DecodeItem(&derdata, NULL, NULL, NULL, NULL, NULL, NULL, NULL); if (cinfo == NULL) return -1; @@ -232,9 +212,7 @@ main(int argc, char **argv) char *progName; FILE *contentFile, *outFile; PRFileDesc *signatureFile; - SECKEYKeyDBHandle *keyHandle; SECCertUsage certUsage = certUsageEmailSigner; - CERTCertDBHandle *certHandle; PLOptState *optstate; PLOptStatus status; @@ -305,15 +283,7 @@ main(int argc, char **argv) /* Call the libsec initialization routines */ PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1); - SECU_PKCS11Init(PR_FALSE); - SEC_Init(); - - /* open cert database */ - certHandle = OpenCertDB(progName); - if (certHandle == NULL) { - return -1; - } - CERT_SetDefaultCertDB(certHandle); + NSS_Init(SECU_ConfigDirectory(NULL)); if (HashDecodeAndVerify(outFile, contentFile, signatureFile, certUsage, progName)) { diff --git a/security/nss/cmd/signtool/certgen.c b/security/nss/cmd/signtool/certgen.c index 4adb1930c..8206529f1 100644 --- a/security/nss/cmd/signtool/certgen.c +++ b/security/nss/cmd/signtool/certgen.c @@ -33,7 +33,6 @@ #include "signtool.h" -#include "cdbhdl.h" #include "secoid.h" #include "cryptohi.h" #include "certdb.h" @@ -87,7 +86,7 @@ GenerateCert(char *nickname, int keysize, char *token) return; } - db = OpenCertDB(PR_FALSE /*readOnly*/); + db = CERT_GetDefaultCertDB(); if(!db) { FatalError("Unable to open certificate database"); } diff --git a/security/nss/cmd/signtool/list.c b/security/nss/cmd/signtool/list.c index da29889c0..bd163f447 100644 --- a/security/nss/cmd/signtool/list.c +++ b/security/nss/cmd/signtool/list.c @@ -69,7 +69,7 @@ ListCerts(char *key, int list_certs) *ugly_list = 0; - db= OpenCertDB(PR_TRUE /*readOnly*/); + db= CERT_GetDefaultCertDB(); if (list_certs == 2) { PR_fprintf(outputFD, "\nS Certificates\n"); diff --git a/security/nss/cmd/signtool/sign.c b/security/nss/cmd/signtool/sign.c index 49fc111e9..7a974d2db 100644 --- a/security/nss/cmd/signtool/sign.c +++ b/security/nss/cmd/signtool/sign.c @@ -212,23 +212,14 @@ create_pk7 (char *dir, char *keyName, int *keyType) CERTCertificate *cert; CERTCertDBHandle *db; - SECKEYKeyDBHandle *keyHandle; - FILE *in, *out; char sf_file [FNSIZE]; char pk7_file [FNSIZE]; - /* open key database */ - keyHandle = SECU_OpenKeyDB(PR_TRUE /*readOnly*/); - - if (keyHandle == NULL) - return -1; - - SECKEY_SetDefaultKeyDB (keyHandle); /* open cert database */ - db = OpenCertDB(PR_TRUE /*readOnly*/); + db = CERT_GetDefaultCertDB(); if (db == NULL) return -1; @@ -653,7 +644,7 @@ SignFile (FILE *outFile, FILE *inFile, CERTCertificate *cert) rv = SEC_PKCS7Encode(cinfo, SignOut, outFile, NULL, password_hardcode, NULL); } else { - rv = SEC_PKCS7Encode(cinfo, SignOut, outFile, NULL, SECU_GetPassword, + rv = SEC_PKCS7Encode(cinfo, SignOut, outFile, NULL, NULL, NULL); } diff --git a/security/nss/cmd/signtool/util.c b/security/nss/cmd/signtool/util.c index 76d1487f0..43e3311ee 100644 --- a/security/nss/cmd/signtool/util.c +++ b/security/nss/cmd/signtool/util.c @@ -32,46 +32,10 @@ */ #include "signtool.h" -#include "cdbhdl.h" #include "prio.h" #include "prmem.h" static int is_dir (char *filename); -static char *certDBNameCallback(void *arg, int dbVersion); - -/*********************************************************************** - * - * O p e n C e r t D B - */ -CERTCertDBHandle * -OpenCertDB(PRBool readOnly) -{ - CERTCertDBHandle *db; - SECStatus rv; - - /* Allocate a handle to fill with CERT_OpenCertDB below */ - db = (CERTCertDBHandle *) PORT_ZAlloc (sizeof(CERTCertDBHandle)); - if (db == NULL) - { - SECU_PrintError(progName, "unable to get database handle"); - return NULL; - } - - rv = CERT_OpenCertDB (db, readOnly, certDBNameCallback, NULL); - - if (rv) - { - SECU_PrintError(progName, "could not open certificate database"); - if (db) PORT_Free (db); - return NULL; - } - else - { - CERT_SetDefaultCertDB(db); - } - - return db; -} /*********************************************************** * Nasty hackish function definitions @@ -800,29 +764,16 @@ InitCrypto(char *cert_dir, PRBool readOnly) if (prior == 0) { /* some functions such as OpenKeyDB expect this path to be * implicitly set prior to calling */ - SECU_ConfigDirectory (cert_dir); - - if ((rv = SECU_PKCS11Init(readOnly)) != SECSuccess) { - PR_fprintf(errorFD, "%s: Unable to initialize PKCS11, code %d\n", - PROGRAM_NAME, rv); - errorCount++; - exit (ERRX); + if (readOnly) { + NSS_Init(cert_dir); + } else { + NSS_InitReadWrite(cert_dir); } - - SEC_Init(); - + SECU_ConfigDirectory (cert_dir); /* Been there done that */ prior++; - - /* open cert database and set the default certificate DB */ - db = OpenCertDB(readOnly); - - if (db == NULL) return -1; - - CERT_SetDefaultCertDB (db); - if(password) { PK11_SetPasswordFunc(pk11_password_hardcode); } diff --git a/security/nss/cmd/signver/signver.c b/security/nss/cmd/signver/signver.c index 173afbd60..2ea36f744 100644 --- a/security/nss/cmd/signver/signver.c +++ b/security/nss/cmd/signver/signver.c @@ -33,7 +33,6 @@ #include "secutil.h" #include "secmod.h" -#include "cdbhdl.h" #include "cert.h" #include "secoid.h" @@ -302,8 +301,7 @@ int main(int argc, char **argv) } PR_SetError(0, 0); /* PR_Init("pp", 1, 1, 0);*/ - SECU_PKCS11Init(PR_FALSE); - SEC_Init(); + NSS_Init(SECU_ConfigDirectory(NULL)); rv = SECU_ReadDERFromFile(&der, signFile, signver.options[opt_ASCII].activated); @@ -349,8 +347,6 @@ int main(int argc, char **argv) rv = SECU_FileToItem(&data, dataFile); dataToVerify = data.data; if (dataToVerify) { - SECKEYKeyDBHandle *keyHandle; - CERTCertDBHandle *certHandle; /*certUsageObjectSigner;*/ SECCertUsage usage = certUsageEmailSigner; @@ -376,19 +372,6 @@ int main(int argc, char **argv) } #endif - keyHandle = SECKEY_GetDefaultKeyDB(); - if (keyHandle == NULL) { - PR_fprintf(PR_STDERR, ": %s\n", SECU_ErrorString((int16)PORT_GetError())); - return -1; - } - - /* open cert database */ - certHandle = SECU_OpenCertDB(PR_TRUE); - if (certHandle == NULL) { - PR_fprintf(PR_STDERR, "%s Problem open the cert dbase\n", - progName); - return -1; - } if (signver.commands[cmd_VerifySignedObj].activated) fprintf(outFile, "signatureValid="); |