Closed Bug 228907 Opened 21 years ago Closed 21 years ago

PK11Store.getCertificates does not return the correct nicknames of cert instances for certs with multiple instances

Categories

(JSS Graveyard :: Library, defect, P1)

Product:
JSS Graveyard
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: wtc, Assigned: wtc)

Details

Attachments

(2 files)

Proposed patch
10.78 KB, patch
Details | Diff | Splinter Review
Supplemental patch
948 bytes, patch
Details | Diff | Splinter Review
PK11Store.getCertificates does not return the correct nicknames of cert instances for certs with multiple instances. This is because JSS always uses cert->nickname (where cert points to NSS's CERTCertificate) as the cert instance's nickname and that nickname is only correct for one of the cert's instances if the cert has multiple instances.
Attached patch Proposed patchSplinter Review
This long patch is actually quite straightforward. It added a new argument "nickname" to the constructors of all the JSS certificate classes. JSS's native C code passes cert->nickname as the "nickname" argument to the constructors by default. But where JSS has a better nickname than cert->nickname, it passes the better nickname instead. One place where JSS has a better nickname than cert->nickname is after a call to PK11_ListCertsInSlot. The node->appData field in the nodes of the returned cert list is the nickname for that particular cert instance. So JSS passes node->appData to the constructor there.
I explained the patch to Thomas Kwan in person. Patch checked in. Checking in org/mozilla/jss/pkcs11/PK11Cert.c; /cvsroot/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Cert.c,v <-- PK11Cert .c new revision: 1.11; previous revision: 1.10 done Checking in org/mozilla/jss/pkcs11/PK11Cert.java; /cvsroot/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Cert.java,v <-- PK11C ert.java new revision: 1.5; previous revision: 1.4 done Checking in org/mozilla/jss/pkcs11/PK11InternalCert.java; /cvsroot/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11InternalCert.java,v <- - PK11InternalCert.java new revision: 1.4; previous revision: 1.3 done Checking in org/mozilla/jss/pkcs11/PK11InternalTokenCert.java; /cvsroot/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11InternalTokenCert.java, v <-- PK11InternalTokenCert.java new revision: 1.4; previous revision: 1.3 done Checking in org/mozilla/jss/pkcs11/PK11Store.c; /cvsroot/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Store.c,v <-- PK11Sto re.c new revision: 1.14; previous revision: 1.13 done Checking in org/mozilla/jss/pkcs11/PK11TokenCert.java; /cvsroot/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11TokenCert.java,v <-- PK11TokenCert.java new revision: 1.4; previous revision: 1.3 done Checking in org/mozilla/jss/pkcs11/pk11util.h; /cvsroot/mozilla/security/jss/org/mozilla/jss/pkcs11/pk11util.h,v <-- pk11util .h new revision: 1.5; previous revision: 1.4 done Checking in org/mozilla/jss/util/java_ids.h; /cvsroot/mozilla/security/jss/org/mozilla/jss/util/java_ids.h,v <-- java_ids.h new revision: 1.8; previous revision: 1.7 done
Status: NEW → RESOLVED
Closed: 21 years ago
Priority: -- → P1
Resolution: --- → FIXED
Target Milestone: --- → 3.5
This supplemental patch fixes the Windows build because the symbol Java_org_mozilla_jss_pkcs11_PK11Cert_getNickname is listed in jss.def. I am not sure if it is okay to remove a symbol from jss.def, so I just added a stub implementation for the symbol.
Comment on attachment 137754 [details] [diff] [review] Supplemental patch Supplemental patch checked in. Checking in PK11Cert.c; /cvsroot/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Cert.c,v <-- PK11Cert .c new revision: 1.12; previous revision: 1.11 done
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: