Bug 642503 - Generic blacklisting mechanism for bogus certs

Patch 1: rename (see comment 20).
r=emaldona

4 files changed, 56 insertions, 61 deletions

diff --git a/security/nss/lib/softoken/legacydb/lgattr.c b/security/nss/lib/softoken/legacydb/lgattr.c
index 002b8c7d2..0d26bf4e8 100644
--- a/security/nss/lib/softoken/legacydb/lgattr.c
+++ b/security/nss/lib/softoken/legacydb/lgattr.c
@@ -61,7 +61,7 @@ typedef struct LGObjectCacheStr {
 
 static const CK_OBJECT_HANDLE lg_classArray[] = {
     0, CKO_PRIVATE_KEY, CKO_PUBLIC_KEY, CKO_SECRET_KEY,
-    CKO_NETSCAPE_TRUST, CKO_NETSCAPE_CRL, CKO_NETSCAPE_SMIME,
+    CKO_NSS_TRUST, CKO_NSS_CRL, CKO_NSS_SMIME,
      CKO_CERTIFICATE };
 
 #define handleToClass(handle) \
@@ -290,7 +290,7 @@ lg_getSMime(LGObjectCache *obj)
     certDBEntrySMime *entry;
     NSSLOWCERTCertDBHandle *certHandle;
 
-    if (obj->objclass != CKO_NETSCAPE_SMIME) {
+    if (obj->objclass != CKO_NSS_SMIME) {
 	return NULL;
     }
     if (obj->objectInfo) {
@@ -314,7 +314,7 @@ lg_getCrl(LGObjectCache *obj)
     PRBool isKrl;
     NSSLOWCERTCertDBHandle *certHandle;
 
-    if (obj->objclass != CKO_NETSCAPE_CRL) {
+    if (obj->objclass != CKO_NSS_CRL) {
 	return NULL;
     }
     if (obj->objectInfo) {
@@ -339,7 +339,7 @@ lg_getCert(LGObjectCache *obj, NSSLOWCERTCertDBHandle *certHandle)
     NSSLOWCERTCertificate *cert;
     CK_OBJECT_CLASS objClass = obj->objclass;
 
-    if ((objClass != CKO_CERTIFICATE) && (objClass != CKO_NETSCAPE_TRUST)) {
+    if ((objClass != CKO_CERTIFICATE) && (objClass != CKO_NSS_TRUST)) {
 	return NULL;
     }
     if (objClass == CKO_CERTIFICATE && obj->objectInfo) {
@@ -358,7 +358,7 @@ lg_getTrust(LGObjectCache *obj, NSSLOWCERTCertDBHandle *certHandle)
 {
     NSSLOWCERTTrust *trust;
 
-    if (obj->objclass != CKO_NETSCAPE_TRUST) {
+    if (obj->objclass != CKO_NSS_TRUST) {
 	return NULL;
     }
     if (obj->objectInfo) {
@@ -1083,10 +1083,10 @@ lg_FindSMIMEAttribute(LGObjectCache *obj, CK_ATTRIBUTE_TYPE type,
     case CKA_PRIVATE:
     case CKA_MODIFIABLE:
 	return LG_CLONE_ATTR(attribute,type,lg_StaticFalseAttr);
-    case CKA_NETSCAPE_EMAIL:
+    case CKA_NSS_EMAIL:
 	return lg_CopyAttribute(attribute,type,obj->dbKey.data,
 						obj->dbKey.len-1);
-    case CKA_NETSCAPE_SMIME_TIMESTAMP:
+    case CKA_NSS_SMIME_TIMESTAMP:
     case CKA_SUBJECT:
     case CKA_VALUE:
 	break;
@@ -1098,7 +1098,7 @@ lg_FindSMIMEAttribute(LGObjectCache *obj, CK_ATTRIBUTE_TYPE type,
 	return CKR_OBJECT_HANDLE_INVALID;
     }
     switch (type) {
-    case CKA_NETSCAPE_SMIME_TIMESTAMP:
+    case CKA_NSS_SMIME_TIMESTAMP:
 	return lg_CopyAttribute(attribute,type,entry->optionsDate.data,
 					entry->optionsDate.len);
     case CKA_SUBJECT:
@@ -1172,26 +1172,25 @@ lg_FindTrustAttribute(LGObjectCache *obj, CK_ATTRIBUTE_TYPE type,
 trust:
 	if (trustFlags & CERTDB_TRUSTED_CA ) {
 	    return lg_ULongAttribute(attribute, type,
-				     CKT_NETSCAPE_TRUSTED_DELEGATOR);
+				     CKT_NSS_TRUSTED_DELEGATOR);
 	}
 	if (trustFlags & CERTDB_TRUSTED) {
-	    return lg_ULongAttribute(attribute, type, CKT_NETSCAPE_TRUSTED);
+	    return lg_ULongAttribute(attribute, type, CKT_NSS_TRUSTED);
 	}
-	if (trustFlags & CERTDB_NOT_TRUSTED) {
-	    return lg_ULongAttribute(attribute, type, CKT_NETSCAPE_UNTRUSTED);
+	if (trustFlags & CERTDB_MUST_VERIFY) {
+	    return lg_ULongAttribute(attribute, type, 
+				     CKT_NSS_MUST_VERIFY_TRUST);
 	}
 	if (trustFlags & CERTDB_TRUSTED_UNKNOWN) {
-	    return lg_ULongAttribute(attribute, type,
-				     CKT_NETSCAPE_TRUST_UNKNOWN);
+	    return lg_ULongAttribute(attribute, type, CKT_NSS_TRUST_UNKNOWN);
 	}
 	if (trustFlags & CERTDB_VALID_CA) {
-	    return lg_ULongAttribute(attribute, type,
-				     CKT_NETSCAPE_VALID_DELEGATOR);
+	    return lg_ULongAttribute(attribute, type, CKT_NSS_VALID_DELEGATOR);
 	}
-	if (trustFlags & CERTDB_VALID_PEER) {
-	    return lg_ULongAttribute(attribute, type, CKT_NETSCAPE_VALID);
+	if (trustFlags & CERTDB_TERMINAL_RECORD) {
+	    return lg_ULongAttribute(attribute, type, CKT_NSS_NOT_TRUSTED);
 	}
-	return lg_ULongAttribute(attribute, type, CKT_NETSCAPE_MUST_VERIFY);
+	return lg_ULongAttribute(attribute, type, CKT_NSS_TRUST_UNKNOWN);
     case CKA_TRUST_STEP_UP_APPROVED:
 	if (trust->trust->sslFlags & CERTDB_GOVT_APPROVED_CA) {
 	    return LG_CLONE_ATTR(attribute,type,lg_StaticTrueAttr);
@@ -1237,14 +1236,14 @@ lg_FindCrlAttribute(LGObjectCache *obj, CK_ATTRIBUTE_TYPE type,
     case CKA_PRIVATE:
     case CKA_MODIFIABLE:
 	return LG_CLONE_ATTR(attribute,type,lg_StaticFalseAttr);
-    case CKA_NETSCAPE_KRL:
+    case CKA_NSS_KRL:
 	return ((obj->handle == LG_TOKEN_KRL_HANDLE) 
 		? LG_CLONE_ATTR(attribute,type,lg_StaticTrueAttr)
 		: LG_CLONE_ATTR(attribute,type,lg_StaticFalseAttr));
     case CKA_SUBJECT:
 	return lg_CopyAttribute(attribute,type,obj->dbKey.data,
 						obj->dbKey.len);
-    case CKA_NETSCAPE_URL:
+    case CKA_NSS_URL:
     case CKA_VALUE:
 	break;
     default:
@@ -1255,7 +1254,7 @@ lg_FindCrlAttribute(LGObjectCache *obj, CK_ATTRIBUTE_TYPE type,
 	return CKR_OBJECT_HANDLE_INVALID;
     }
     switch (type) {
-    case CKA_NETSCAPE_URL:
+    case CKA_NSS_URL:
 	if (crl->url == NULL) {
 	    return LG_CLONE_ATTR(attribute,type,lg_StaticNullAttr);
 	}
@@ -1294,7 +1293,7 @@ lg_FindCertAttribute(LGObjectCache *obj, CK_ATTRIBUTE_TYPE type,
     case CKA_SUBJECT:
     case CKA_ISSUER:
     case CKA_SERIAL_NUMBER:
-    case CKA_NETSCAPE_EMAIL:
+    case CKA_NSS_EMAIL:
 	break;
     default:
 	return lg_invalidAttribute(attribute);
@@ -1344,7 +1343,7 @@ lg_FindCertAttribute(LGObjectCache *obj, CK_ATTRIBUTE_TYPE type,
     case CKA_SERIAL_NUMBER:
 	return lg_CopyAttribute(attribute,type,cert->derSN.data,
 						cert->derSN.len);
-    case CKA_NETSCAPE_EMAIL:
+    case CKA_NSS_EMAIL:
 	return (cert->emailAddr && cert->emailAddr[0])
 	    ? lg_CopyAttribute(attribute, type, cert->emailAddr,
 	                             PORT_Strlen(cert->emailAddr))
@@ -1379,11 +1378,11 @@ lg_GetSingleAttribute(LGObjectCache *obj, CK_ATTRIBUTE *attribute)
     switch (obj->objclass) {
     case CKO_CERTIFICATE:
 	return lg_FindCertAttribute(obj,type,attribute);
-    case CKO_NETSCAPE_CRL:
+    case CKO_NSS_CRL:
 	return lg_FindCrlAttribute(obj,type,attribute);
-    case CKO_NETSCAPE_TRUST:
+    case CKO_NSS_TRUST:
 	return lg_FindTrustAttribute(obj,type,attribute);
-    case CKO_NETSCAPE_SMIME:
+    case CKO_NSS_SMIME:
 	return lg_FindSMIMEAttribute(obj,type,attribute);
     case CKO_PUBLIC_KEY:
 	return lg_FindPublicKeyAttribute(obj,type,attribute);
@@ -1501,7 +1500,7 @@ lg_SetCertAttribute(LGObjectCache *obj, CK_ATTRIBUTE_TYPE type,
 
     /* we can't change  the EMAIL values, but let the
      * upper layers feel better about the fact we tried to set these */
-    if (type == CKA_NETSCAPE_EMAIL) {
+    if (type == CKA_NSS_EMAIL) {
 	return CKR_OK;
     }
 
@@ -1763,10 +1762,10 @@ lg_SetSingleAttribute(LGObjectCache *obj, const CK_ATTRIBUTE *attr,
 	crv = lg_SetCertAttribute(obj,attr->type,
 				  attr->pValue,attr->ulValueLen);
 	break;
-    case CKO_NETSCAPE_CRL:
+    case CKO_NSS_CRL:
 	/* change URL */
 	break;
-    case CKO_NETSCAPE_TRUST:
+    case CKO_NSS_TRUST:
 	crv = lg_SetTrustAttribute(obj,attr);
 	break;
     case CKO_PRIVATE_KEY:
diff --git a/security/nss/lib/softoken/legacydb/lgcreate.c b/security/nss/lib/softoken/legacydb/lgcreate.c
index 5b36bb8a8..fa76297c1 100644
--- a/security/nss/lib/softoken/legacydb/lgcreate.c
+++ b/security/nss/lib/softoken/legacydb/lgcreate.c
@@ -143,7 +143,7 @@ lg_createCertObject(SDB *sdb, CK_OBJECT_HANDLE *handle,
     /*
      * Add a NULL S/MIME profile if necessary.
      */
-    email = lg_getString(CKA_NETSCAPE_EMAIL, templ, count);
+    email = lg_getString(CKA_NSS_EMAIL, templ, count);
     if (email) {
 	certDBEntrySMime *entry;
 
@@ -168,17 +168,15 @@ lg_MapTrust(CK_TRUST trust, PRBool clientAuth)
     unsigned int trustCA = clientAuth ? CERTDB_TRUSTED_CLIENT_CA :
 							CERTDB_TRUSTED_CA;
     switch (trust) {
-    case CKT_NETSCAPE_TRUSTED:
-	return CERTDB_VALID_PEER|CERTDB_TRUSTED;
-    case CKT_NETSCAPE_TRUSTED_DELEGATOR:
+    case CKT_NSS_TRUSTED:
+	return CERTDB_TERMINAL_RECORD|CERTDB_TRUSTED;
+    case CKT_NSS_TRUSTED_DELEGATOR:
 	return CERTDB_VALID_CA|trustCA;
-    case CKT_NETSCAPE_UNTRUSTED:
-	return CERTDB_NOT_TRUSTED;
-    case CKT_NETSCAPE_MUST_VERIFY:
-	return 0;
-    case CKT_NETSCAPE_VALID: /* implies must verify */
-	return CERTDB_VALID_PEER;
-    case CKT_NETSCAPE_VALID_DELEGATOR: /* implies must verify */
+    case CKT_NSS_MUST_VERIFY_TRUST:
+	return CERTDB_MUST_VERIFY;
+    case CKT_NSS_NOT_TRUSTED:
+	return CERTDB_TERMINAL_RECORD;
+    case CKT_NSS_VALID_DELEGATOR: /* implies must verify */
 	return CERTDB_VALID_CA;
     default:
 	break;
@@ -198,10 +196,10 @@ lg_createTrustObject(SDB *sdb, CK_OBJECT_HANDLE *handle,
     const CK_ATTRIBUTE *serial = NULL;
     NSSLOWCERTCertificate *cert = NULL;
     const CK_ATTRIBUTE *trust;
-    CK_TRUST sslTrust = CKT_NETSCAPE_TRUST_UNKNOWN;
-    CK_TRUST clientTrust = CKT_NETSCAPE_TRUST_UNKNOWN;
-    CK_TRUST emailTrust = CKT_NETSCAPE_TRUST_UNKNOWN;
-    CK_TRUST signTrust = CKT_NETSCAPE_TRUST_UNKNOWN;
+    CK_TRUST sslTrust = CKT_NSS_TRUST_UNKNOWN;
+    CK_TRUST clientTrust = CKT_NSS_TRUST_UNKNOWN;
+    CK_TRUST emailTrust = CKT_NSS_TRUST_UNKNOWN;
+    CK_TRUST signTrust = CKT_NSS_TRUST_UNKNOWN;
     CK_BBOOL stepUp;
     NSSLOWCERTCertTrust dbTrust = { 0 };
     SECStatus rv;
@@ -323,7 +321,7 @@ lg_createSMimeObject(SDB *sdb, CK_OBJECT_HANDLE *handle,
     }
 
     /* lookup Time */
-    time = lg_FindAttribute(CKA_NETSCAPE_SMIME_TIMESTAMP,templ,count);
+    time = lg_FindAttribute(CKA_NSS_SMIME_TIMESTAMP,templ,count);
     if (time) {
 	rawTime.data = (unsigned char *)time->pValue;
 	rawTime.len = time->ulValueLen ;
@@ -332,7 +330,7 @@ lg_createSMimeObject(SDB *sdb, CK_OBJECT_HANDLE *handle,
     }
 
 
-    email = lg_getString(CKA_NETSCAPE_EMAIL,templ,count);
+    email = lg_getString(CKA_NSS_EMAIL,templ,count);
     if (!email) {
 	ck_rv = CKR_ATTRIBUTE_VALUE_INVALID;
 	goto loser;
@@ -399,8 +397,8 @@ lg_createCrlObject(SDB *sdb, CK_OBJECT_HANDLE *handle,
     derCrl.data = (unsigned char *)crl->pValue;
     derCrl.len = crl->ulValueLen ;
 
-    url = lg_getString(CKA_NETSCAPE_URL,templ,count);
-    isKRL = lg_isTrue(CKA_NETSCAPE_KRL,templ,count);
+    url = lg_getString(CKA_NSS_URL,templ,count);
+    isKRL = lg_isTrue(CKA_NSS_KRL,templ,count);
 
     /* Store CRL by SUBJECT */
     rv = nsslowcert_AddCrl(certHandle, &derCrl, &derSubj, url, isKRL);
@@ -987,13 +985,13 @@ lg_CreateObject(SDB *sdb, CK_OBJECT_HANDLE *handle,
     case CKO_CERTIFICATE:
 	crv = lg_createCertObject(sdb,handle,templ,count);
 	break;
-    case CKO_NETSCAPE_TRUST:
+    case CKO_NSS_TRUST:
 	crv = lg_createTrustObject(sdb,handle,templ,count);
 	break;
-    case CKO_NETSCAPE_CRL:
+    case CKO_NSS_CRL:
 	crv = lg_createCrlObject(sdb,handle,templ,count);
 	break;
-    case CKO_NETSCAPE_SMIME:
+    case CKO_NSS_SMIME:
 	crv = lg_createSMimeObject(sdb,handle,templ,count);
 	break;
     case CKO_PRIVATE_KEY:
diff --git a/security/nss/lib/softoken/legacydb/pcertt.h b/security/nss/lib/softoken/legacydb/pcertt.h
index 29782953d..972e18307 100644
--- a/security/nss/lib/softoken/legacydb/pcertt.h
+++ b/security/nss/lib/softoken/legacydb/pcertt.h
@@ -431,7 +431,7 @@ typedef union {
 #define DB_CERT_ENTRY_HEADER_LEN	10
 
 /* common flags for all types of certificates */
-#define CERTDB_VALID_PEER	(1<<0)
+#define CERTDB_TERMINAL_RECORD	(1<<0)
 #define CERTDB_TRUSTED		(1<<1)
 #define CERTDB_SEND_WARN	(1<<2)
 #define CERTDB_VALID_CA		(1<<3)
@@ -441,11 +441,11 @@ typedef union {
 #define CERTDB_TRUSTED_CLIENT_CA (1<<7) /* trusted for issuing client certs */
 #define CERTDB_INVISIBLE_CA	(1<<8) /* don't show in UI */
 #define CERTDB_GOVT_APPROVED_CA	(1<<9) /* can do strong crypto in export ver */
-#define CERTDB_NOT_TRUSTED	(1<<10) /* explicitly don't trust this cert */
+#define CERTDB_MUST_VERIFY	(1<<10) /* explicitly don't trust this cert */
 #define CERTDB_TRUSTED_UNKNOWN	(1<<11) /* accept trust from another source */
 
 /* bits not affected by the CKO_NETSCAPE_TRUST object */
-#define CERTDB_PRESERVE_TRUST_BITS (CERTDB_USER | CERTDB_VALID_PEER | \
+#define CERTDB_PRESERVE_TRUST_BITS (CERTDB_USER | \
         CERTDB_NS_TRUSTED_CA | CERTDB_VALID_CA | CERTDB_INVISIBLE_CA | \
                                         CERTDB_GOVT_APPROVED_CA)
 
diff --git a/security/nss/lib/softoken/sftkdb.c b/security/nss/lib/softoken/sftkdb.c
index adb1b1fcb..c650d06f1 100644
--- a/security/nss/lib/softoken/sftkdb.c
+++ b/security/nss/lib/softoken/sftkdb.c
@@ -1914,17 +1914,15 @@ sftkdb_reconcileTrustEntry(PRArenaPool *arena, CK_ATTRIBUTE *target,
      * trust attribute should be, and neither agree exactly. 
      * At this point, we prefer 'hard' attributes over 'soft' ones. 
      * 'hard' ones are CKT_NSS_TRUSTED, CKT_NSS_TRUSTED_DELEGATOR, and
-     * CKT_NSS_UNTRUTED. Soft ones are ones which don't change the
-     * actual trust of the cert (CKT_MUST_VERIFY, CKT_NSS_VALID,
+     * CKT_NSS_NOT_TRUTED. Soft ones are ones which don't change the
+     * actual trust of the cert (CKT_MUST_VERIFY_TRUST, 
      * CKT_NSS_VALID_DELEGATOR).
      */
-    if ((sourceTrust == CKT_NSS_MUST_VERIFY) 
-	|| (sourceTrust == CKT_NSS_VALID)
+    if ((sourceTrust == CKT_NSS_MUST_VERIFY_TRUST) 
 	|| (sourceTrust == CKT_NSS_VALID_DELEGATOR)) {
 	return SFTKDB_DROP_ATTRIBUTE;
     }
-    if ((targetTrust == CKT_NSS_MUST_VERIFY) 
-	|| (targetTrust == CKT_NSS_VALID)
+    if ((targetTrust == CKT_NSS_MUST_VERIFY_TRUST) 
 	|| (targetTrust == CKT_NSS_VALID_DELEGATOR)) {
 	/* again, overwriting the target in this case is OK */
 	return SFTKDB_MODIFY_OBJECT;