bug 1241650 - remove nsIX509CertDB.findCertNicknames r?mgoodwin
MozReview-Commit-ID: JtU7H5qGvge
--- a/security/manager/ssl/nsIX509CertDB.idl
+++ b/security/manager/ssl/nsIX509CertDB.idl
@@ -75,31 +75,16 @@ interface nsIX509CertDB : nsISupports {
* the certificate.
*
* @param aDBkey Database internal key, as obtained using
* attribute dbkey in nsIX509Cert.
*/
nsIX509Cert findCertByDBKey(in string aDBkey);
/**
- * Obtain a list of certificate nicknames from the database.
- * What the name is depends on type:
- * user, ca, or server cert - the nickname
- * email cert - the email address
- *
- * @param aType Type of certificate to obtain
- * See certificate type constants in nsIX509Cert.
- * @param count The number of nicknames in the returned array
- * @param certNameList The returned array of certificate nicknames.
- */
- void findCertNicknames(in unsigned long aType,
- out unsigned long count,
- [array, size_is(count)] out wstring certNameList);
-
- /**
* Find user's own email encryption certificate by nickname.
*
* @param aNickname The nickname to be used as the key
* to find the certificate.
*
* @return The matching certificate if found.
*/
nsIX509Cert findEmailEncryptionCert(in AString aNickname);
--- a/security/manager/ssl/nsNSSCertificateDB.cpp
+++ b/security/manager/ssl/nsNSSCertificateDB.cpp
@@ -191,46 +191,16 @@ nsNSSCertificateDB::FindCertByDBKey(cons
if (!nssCert) {
return NS_ERROR_OUT_OF_MEMORY;
}
nssCert.forget(_cert);
}
return NS_OK;
}
-NS_IMETHODIMP
-nsNSSCertificateDB::FindCertNicknames(uint32_t aType,
- uint32_t* _count,
- char16_t*** _certNames)
-{
- nsNSSShutDownPreventionLock locker;
- if (isAlreadyShutDown()) {
- return NS_ERROR_NOT_AVAILABLE;
- }
-
- nsresult rv = NS_ERROR_FAILURE;
- /*
- * obtain the cert list from NSS
- */
- ScopedCERTCertList certList(PK11_ListCerts(PK11CertListUnique, nullptr));
- if (!certList)
- goto cleanup;
- /*
- * get list of cert names from list of certs
- * XXX also cull the list (NSS only distinguishes based on user/non-user
- */
- getCertNames(certList.get(), aType, _count, _certNames, locker);
- rv = NS_OK;
- /*
- * finish up
- */
-cleanup:
- return rv;
-}
-
SECStatus
collect_certs(void *arg, SECItem **certs, int numcerts)
{
CERTDERCerts *collectArgs;
SECItem *cert;
SECStatus rv;
collectArgs = (CERTDERCerts *)arg;
@@ -1111,82 +1081,16 @@ nsNSSCertificateDB::ExportPKCS12File(nsI
localRef = do_QueryInterface(aToken);
}
blob.SetToken(localRef);
//blob.LoadCerts(aCertNames, count);
//return blob.ExportToFile(aFile);
return blob.ExportToFile(aFile, certs, count);
}
-/*
- * NSS Helper Routines (private to nsNSSCertificateDB)
- */
-
-#define DELIM '\001'
-
-/*
- * GetSortedNameList
- *
- * Converts a CERTCertList to a list of certificate names
- */
-void
-nsNSSCertificateDB::getCertNames(CERTCertList *certList,
- uint32_t type,
- uint32_t *_count,
- char16_t ***_certNames,
- const nsNSSShutDownPreventionLock &/*proofOfLock*/)
-{
- CERTCertListNode *node;
- uint32_t numcerts = 0, i=0;
- char16_t **tmpArray = nullptr;
-
- MOZ_LOG(gPIPNSSLog, LogLevel::Debug, ("List of certs %d:\n", type));
- for (node = CERT_LIST_HEAD(certList);
- !CERT_LIST_END(node, certList);
- node = CERT_LIST_NEXT(node)) {
- if (getCertType(node->cert) == type) {
- numcerts++;
- }
- }
- MOZ_LOG(gPIPNSSLog, LogLevel::Debug, ("num certs: %d\n", numcerts));
- int nc = (numcerts == 0) ? 1 : numcerts;
- tmpArray = (char16_t **)moz_xmalloc(sizeof(char16_t *) * nc);
- if (numcerts == 0) goto finish;
- for (node = CERT_LIST_HEAD(certList);
- !CERT_LIST_END(node, certList);
- node = CERT_LIST_NEXT(node)) {
- if (getCertType(node->cert) == type) {
- RefPtr<nsNSSCertificate> pipCert(new nsNSSCertificate(node->cert));
- nsAutoCString dbkey;
- pipCert->GetDbKey(dbkey);
- nsAutoString keystr = NS_ConvertASCIItoUTF16(dbkey);
- char *namestr = nullptr;
- if (type == nsIX509Cert::EMAIL_CERT) {
- namestr = node->cert->emailAddr;
- } else {
- namestr = node->cert->nickname;
- if (namestr) {
- char *sc = strchr(namestr, ':');
- if (sc) *sc = DELIM;
- }
- }
- nsAutoString certname = NS_ConvertASCIItoUTF16(namestr ? namestr : "");
- nsAutoString certstr;
- certstr.Append(char16_t(DELIM));
- certstr += certname;
- certstr.Append(char16_t(DELIM));
- certstr += keystr;
- tmpArray[i++] = ToNewUnicode(certstr);
- }
- }
-finish:
- *_count = numcerts;
- *_certNames = tmpArray;
-}
-
NS_IMETHODIMP
nsNSSCertificateDB::FindEmailEncryptionCert(const nsAString& aNickname,
nsIX509Cert** _retval)
{
NS_ENSURE_ARG_POINTER(_retval);
*_retval = nullptr;
if (aNickname.IsEmpty())
--- a/security/manager/ssl/nsNSSCertificateDB.h
+++ b/security/manager/ssl/nsNSSCertificateDB.h
@@ -42,22 +42,16 @@ private:
static nsresult
ImportValidCACertsInList(CERTCertList *certList, nsIInterfaceRequestor *ctx,
const nsNSSShutDownPreventionLock &proofOfLock);
static void DisplayCertificateAlert(nsIInterfaceRequestor *ctx,
const char *stringID, nsIX509Cert *certToShow,
const nsNSSShutDownPreventionLock &proofOfLock);
- void getCertNames(CERTCertList *certList,
- uint32_t type,
- uint32_t *_count,
- char16_t ***_certNameList,
- const nsNSSShutDownPreventionLock &proofOfLock);
-
CERTDERCerts *getCertsFromPackage(PLArenaPool *arena, uint8_t *data,
uint32_t length,
const nsNSSShutDownPreventionLock &proofOfLock);
nsresult handleCACertDownload(nsIArray *x509Certs,
nsIInterfaceRequestor *ctx,
const nsNSSShutDownPreventionLock &proofOfLock);
// We don't own any NSS objects here, so no need to clean up