diff options
Diffstat (limited to 'security/nss/lib/pk11wrap/pk11cert.c')
-rw-r--r-- | security/nss/lib/pk11wrap/pk11cert.c | 36 |
1 files changed, 31 insertions, 5 deletions
diff --git a/security/nss/lib/pk11wrap/pk11cert.c b/security/nss/lib/pk11wrap/pk11cert.c index d2b2cd578..a100caca3 100644 --- a/security/nss/lib/pk11wrap/pk11cert.c +++ b/security/nss/lib/pk11wrap/pk11cert.c @@ -3525,17 +3525,40 @@ PK11_GetLowLevelKeyIDForPrivateKey(SECKEYPrivateKey *privKey) return pk11_GetLowLevelKeyFromHandle(privKey->pkcs11Slot,privKey->pkcs11ID); } +/* argument type for listCertsCallback */ +typedef struct { + CERTCertList *list; + PK11SlotInfo *slot; +} ListCertsArg; + static SECStatus listCertsCallback(CERTCertificate* cert, void*arg) { - CERTCertList *list = (CERTCertList*)arg; + ListCertsArg *cdata = (ListCertsArg*)arg; char *nickname = NULL; + nssCryptokiObject *instance, **ci; + nssCryptokiObject **instances; + NSSCertificate *c = STAN_GetNSSCertificate(cert); - if (cert->nickname) { - nickname = PORT_ArenaStrdup(list->arena,cert->nickname); + instances = nssPKIObject_GetInstances(&c->object); + instance = NULL; + for (ci = instances; *ci; ci++) { + if ((*ci)->token->pk11slot == cdata->slot) { + instance = *ci; + break; + } + } + PORT_Assert(instance != NULL); + if (!instance) { + nssCryptokiObjectArray_Destroy(instances); + PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); + return SECFailure; } + nickname = STAN_GetCERTCertificateNameForInstance(cdata->list->arena, + c, instance); + nssCryptokiObjectArray_Destroy(instances); - return CERT_AddCertToListTailWithData(list, + return CERT_AddCertToListTailWithData(cdata->list, CERT_DupCertificate(cert),nickname); } @@ -3544,12 +3567,15 @@ PK11_ListCertsInSlot(PK11SlotInfo *slot) { SECStatus status; CERTCertList *certs; + ListCertsArg cdata; certs = CERT_NewCertList(); if(certs == NULL) return NULL; + cdata.list = certs; + cdata.slot = slot; status = PK11_TraverseCertsInSlot(slot, listCertsCallback, - (void*)certs); + &cdata); if( status != SECSuccess ) { CERT_DestroyCertList(certs); |