diff options
Diffstat (limited to 'security/nss/lib/softoken/legacydb/lgdestroy.c')
-rw-r--r-- | security/nss/lib/softoken/legacydb/lgdestroy.c | 111 |
1 files changed, 0 insertions, 111 deletions
diff --git a/security/nss/lib/softoken/legacydb/lgdestroy.c b/security/nss/lib/softoken/legacydb/lgdestroy.c deleted file mode 100644 index 914da5151..000000000 --- a/security/nss/lib/softoken/legacydb/lgdestroy.c +++ /dev/null @@ -1,111 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* - * Internal PKCS #11 functions. Should only be called by pkcs11.c - */ -#include "pkcs11.h" -#include "lgdb.h" -#include "pcert.h" -#include "lowkeyi.h" - -/* - * remove an object. - */ -CK_RV -lg_DestroyObject(SDB *sdb, CK_OBJECT_HANDLE object_id) -{ - CK_RV crv = CKR_OK; - SECStatus rv; - NSSLOWCERTCertificate *cert; - NSSLOWCERTCertTrust tmptrust; - PRBool isKrl; - NSSLOWKEYDBHandle *keyHandle; - NSSLOWCERTCertDBHandle *certHandle; - const SECItem *dbKey; - - object_id &= ~LG_TOKEN_MASK; - dbKey = lg_lookupTokenKeyByHandle(sdb,object_id); - if (dbKey == NULL) { - return CKR_OBJECT_HANDLE_INVALID; - } - - /* remove the objects from the real data base */ - switch (object_id & LG_TOKEN_TYPE_MASK) { - case LG_TOKEN_TYPE_PRIV: - case LG_TOKEN_TYPE_KEY: - /* KEYID is the public KEY for DSA and DH, and the MODULUS for - * RSA */ - keyHandle = lg_getKeyDB(sdb); - if (!keyHandle) { - crv = CKR_TOKEN_WRITE_PROTECTED; - break; - } - rv = nsslowkey_DeleteKey(keyHandle, dbKey); - if (rv != SECSuccess) { - crv = CKR_DEVICE_ERROR; - } - break; - case LG_TOKEN_TYPE_PUB: - break; /* public keys only exist at the behest of the priv key */ - case LG_TOKEN_TYPE_CERT: - certHandle = lg_getCertDB(sdb); - if (!certHandle) { - crv = CKR_TOKEN_WRITE_PROTECTED; - break; - } - cert = nsslowcert_FindCertByKey(certHandle,dbKey); - if (cert == NULL) { - crv = CKR_DEVICE_ERROR; - break; - } - rv = nsslowcert_DeletePermCertificate(cert); - if (rv != SECSuccess) { - crv = CKR_DEVICE_ERROR; - } - nsslowcert_DestroyCertificate(cert); - break; - case LG_TOKEN_TYPE_CRL: - certHandle = lg_getCertDB(sdb); - if (!certHandle) { - crv = CKR_TOKEN_WRITE_PROTECTED; - break; - } - isKrl = (PRBool) (object_id == LG_TOKEN_KRL_HANDLE); - rv = nsslowcert_DeletePermCRL(certHandle, dbKey, isKrl); - if (rv == SECFailure) crv = CKR_DEVICE_ERROR; - break; - case LG_TOKEN_TYPE_TRUST: - certHandle = lg_getCertDB(sdb); - if (!certHandle) { - crv = CKR_TOKEN_WRITE_PROTECTED; - break; - } - cert = nsslowcert_FindCertByKey(certHandle, dbKey); - if (cert == NULL) { - crv = CKR_DEVICE_ERROR; - break; - } - tmptrust = *cert->trust; - tmptrust.sslFlags &= CERTDB_PRESERVE_TRUST_BITS; - tmptrust.emailFlags &= CERTDB_PRESERVE_TRUST_BITS; - tmptrust.objectSigningFlags &= CERTDB_PRESERVE_TRUST_BITS; - tmptrust.sslFlags |= CERTDB_TRUSTED_UNKNOWN; - tmptrust.emailFlags |= CERTDB_TRUSTED_UNKNOWN; - tmptrust.objectSigningFlags |= CERTDB_TRUSTED_UNKNOWN; - rv = nsslowcert_ChangeCertTrust(certHandle, cert, &tmptrust); - if (rv != SECSuccess) crv = CKR_DEVICE_ERROR; - nsslowcert_DestroyCertificate(cert); - break; - default: - break; - } - lg_DBLock(sdb); - lg_deleteTokenKeyByHandle(sdb,object_id); - lg_DBUnlock(sdb); - - return crv; -} - - - |