[Fedora-directory-commits] esc/src/app/xpcom CoolKeyCSP.cpp, 1.2, 1.3 CoolKeyCSP.h, 1.1.1.1, 1.2 Makefile.moz, 1.3, 1.4 openkey.h, 1.1.1.1, 1.2 rhCoolKey.cpp, 1.3, 1.4
Jack Magne (jmagne)
fedora-directory-commits at redhat.com
Wed Oct 25 03:58:19 UTC 2006
- Previous message (by thread): [Fedora-directory-commits] esc/src/app/daemon escd.cpp, 1.1, 1.2 manifest.mn, 1.1, 1.2
- Next message (by thread): [Fedora-directory-commits] esc/src/app/xpcom/tray Makefile.moz, 1.2, 1.3 cool.rc, 1.1.1.1, 1.2 rhMacTray.cpp, 1.3, 1.4 rhTray.cpp, 1.3, 1.4 rhTray.h, 1.2, 1.3
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: jmagne
Update of /cvs/dirsec/esc/src/app/xpcom
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv9499
Modified Files:
CoolKeyCSP.cpp CoolKeyCSP.h Makefile.moz openkey.h
rhCoolKey.cpp
Log Message:
Latest mac/win fixes.
Index: CoolKeyCSP.cpp
===================================================================
RCS file: /cvs/dirsec/esc/src/app/xpcom/CoolKeyCSP.cpp,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- CoolKeyCSP.cpp 13 Sep 2006 17:50:07 -0000 1.2
+++ CoolKeyCSP.cpp 25 Oct 2006 03:58:16 -0000 1.3
@@ -24,6 +24,8 @@
#include "openkey.h"
#include "CoolKeyCSP.h"
+
+
#define MAX_CONTAINER_NAME 128
#define MAX_KEY_ID 128
@@ -45,7 +47,7 @@
{
CryptAcquireContext(&CoolKeyCSPKeyListener::mCryptProv, NULL,
- OPENKEY_PROV, PROV_RSA_FULL,CRYPT_VERIFYCONTEXT);
+ OPENKEY_PROV, PROV_RSA_FULL,NULL);
}
@@ -73,6 +75,9 @@
const char *keyID,
HCERTSTORE hCertStore)
{
+
+ PR_LOG( coolKeyCSPLog, PR_LOG_DEBUG, ("CoolKeyCSPListener::AddCert %p \n",(void *) pbCert));
+
BOOL rv = TRUE;
PCCERT_CONTEXT pCertContext = CertCreateCertificateContext(
X509_ASN_ENCODING, pbCert, cbCert);
@@ -93,7 +98,7 @@
blob.cbData = (DWORD) (wcslen(OPENKEY_NAME_W)+1) * sizeof(wchar_t);
blob.pbData = (BYTE *) OPENKEY_NAME_W;
if (!CertSetCertificateContextProperty(pCertContext,
- CERT_FRIENDLY_NAME_PROP_ID, 0, &blob))
+ CERT_FRIENDLY_NAME_PROP_ID, 0, &blob))
{
rv = FALSE;
goto failed;
@@ -108,7 +113,7 @@
// CERT_SET_KEY_PROV_HANDLE_PROP_ID.
keyProvInfo.dwKeySpec = dwKeySpec;
if (!CertSetCertificateContextProperty(pCertContext,
- CERT_KEY_PROV_INFO_PROP_ID, 0, &keyProvInfo))
+ CERT_KEY_PROV_INFO_PROP_ID, 0, &keyProvInfo))
{
rv = FALSE;
goto failed;
@@ -144,12 +149,17 @@
//
// Return TRUE on success, FALSE on failure.
+
static BOOL
GetCert(
HCRYPTKEY hKey,
BYTE **ppbCert,
DWORD *pcbCert)
{
+
+
+ PR_LOG( coolKeyCSPLog, PR_LOG_DEBUG, ("GetCert kKey %d \n",hKey));
+
BYTE *pbCert;
DWORD cbCert;
if (!CryptGetKeyParam(hKey, KP_CERTIFICATE, NULL, &cbCert, 0))
@@ -171,6 +181,92 @@
return TRUE;
}
+// GetISCACert
+//
+// Return whether or not the presented cert is a CA cert.
+//
+// Return TRUE on success, FALSE on failure.
+
+static
+BOOL GetISCACert(const BYTE *cert, DWORD certSize)
+{
+ BOOL rv = false;
+
+ PCCERT_CONTEXT certContext = 0;
+
+
+ PR_LOG( coolKeyCSPLog, PR_LOG_DEBUG, ("GETISCACert cert %p length %d \n.",cert,certSize));
+
+
+
+ PCERT_BASIC_CONSTRAINTS2_INFO pInfo;
+
+
+ DWORD cbInfo = sizeof(CERT_BASIC_CONSTRAINTS2_INFO);
+
+ PR_LOG( coolKeyCSPLog, PR_LOG_DEBUG, ("GETISCACert size of BASIC_CONSTRAINTS structure: %d . \n",cbInfo));
+
+ pInfo = (PCERT_BASIC_CONSTRAINTS2_INFO) LocalAlloc(LPTR,cbInfo);
+
+ if(!pInfo)
+ goto failed;
+
+ certContext =
+ CertCreateCertificateContext(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING ,
+ &cert[0], certSize);
+
+ if (certContext == 0)
+ goto failed;
+
+
+ PCERT_EXTENSION pBC = CertFindExtension(szOID_BASIC_CONSTRAINTS2,
+ certContext->pCertInfo->cExtension, certContext->pCertInfo->rgExtension);
+
+ if(!pBC)
+ {
+ PR_LOG( coolKeyCSPLog, PR_LOG_DEBUG, ("GETISCACert Error in getting BASIC_CONSTRAINTS extension. \n."));
+
+ if (certContext)
+ CertFreeCertificateContext(certContext);
+
+ goto failed;
+
+ }
+
+ DWORD cbDecoded = cbInfo;
+
+
+ BOOL dResult = CryptDecodeObject(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING ,
+ X509_BASIC_CONSTRAINTS2,
+ pBC->Value.pbData, pBC->Value.cbData, 0, (void *) pInfo ,&cbDecoded
+ );
+
+ if(!dResult)
+ {
+ DWORD error = GetLastError();
+
+ PR_LOG( coolKeyCSPLog, PR_LOG_DEBUG, ("GETISCACert Error from CtypDecodeObect error: %d size needed %d \n.",error,cbDecoded));
+ }
+ else
+ {
+
+ PR_LOG( coolKeyCSPLog, PR_LOG_DEBUG, ("GETISCACert found result %d \n.",pInfo->fCA));
+ rv = (BOOL) pInfo->fCA;
+ }
+
+failed:
+
+ if (certContext)
+ CertFreeCertificateContext(certContext);
+
+ if(pInfo)
+ LocalFree(pInfo);
+
+ return rv;
+}
+
+
+
// PropCertsInContainer
//
// Propagate the certs in the key container named szContainer to
@@ -183,8 +279,11 @@
PropCertsInContainer(
const char *keyID,
const char *szContainer,
- HCERTSTORE hCertStore)
+ HCERTSTORE hCertStore,HCERTSTORE hCACertStore = NULL)
{
+
+ PR_LOG( coolKeyCSPLog, PR_LOG_DEBUG, ("PropCertsInContainer %s \n",(char *)szContainer));
+
BOOL rv = TRUE;
HCRYPTPROV hCryptProv = CoolKeyCSPKeyListener::GetCryptHandle();
@@ -211,22 +310,33 @@
// If anything fails, we go on to propagate the next cert.
+ PR_LOG( coolKeyCSPLog, PR_LOG_DEBUG, ("PropCertsInContainer dwNumKeySpec %d \n",dwNumKeySpec));
+
for (i = 0; i < dwNumKeySpec; i++)
{
HCRYPTKEY hUserKey = NULL;
if (!CryptGetUserKey(hCryptProv, dwKeySpec[i], &hUserKey))
{
+ PR_LOG( coolKeyCSPLog, PR_LOG_DEBUG, ("PropCertsInContainer No user key in this cert. Check to see if it is a CA cert. Error %d. \n",GetLastError()));
// NTE_NO_KEY means there is no key of this type and is
// not a real error.
if (GetLastError() != NTE_NO_KEY)
{
rv = FALSE;
}
- continue;
+
+
+ continue;
}
+
PBYTE pbCert = NULL;
DWORD cbCert = 0;
BOOL bOK = GetCert(hUserKey, &pbCert, &cbCert);
+
+
+ PR_LOG( coolKeyCSPLog, PR_LOG_DEBUG, ("PropCertsInContainer Result of GetCert %d \n",bOK));
+
+
if (!CryptDestroyKey(hUserKey))
{
// Should not happen.
@@ -248,13 +358,8 @@
}
failed:
+ PR_LOG( coolKeyCSPLog, PR_LOG_DEBUG, ("PropCertsInContainer We have reached the failed block. \n"));
free(wszContainer);
-/* if (!CryptReleaseContext(hContext, 0))
- {
- rv = FALSE;
- }
-
-*/
return rv;
}
@@ -271,6 +376,11 @@
{
BOOL rv = TRUE;
BOOL hasReader = (BOOL) CoolKeyHasReader(aKey);
+
+
+ PR_LOG( coolKeyCSPLog, PR_LOG_DEBUG, ("CoolKeyCSPListener::PropCerts. \n"));
+
+
if (!hasReader)
{
return FALSE;
@@ -288,6 +398,15 @@
goto failed;
}
+
+ HCERTSTORE hCACertStore = CertOpenSystemStore(NULL,"CA");
+
+ if(!hCACertStore)
+ {
+ rv = FALSE;
+ goto failed;
+ }
+
// Enumerate the key containers in our CSP and acquire
// context for each of them.
@@ -304,8 +423,37 @@
// XXX the container name should be fully qualified:
// \\.\reader\container
// But our CSP only recognizes simple container names.
- PropCertsInContainer(aKey->mKeyID, szContainer, hCertStore);
- dwContainerLen = sizeof szContainer;
+
+ PR_LOG( coolKeyCSPLog, PR_LOG_DEBUG, ("CoolKeyCSPListener::PropCerts container %s \n",(char *) szContainer));
+
+ dwContainerLen = sizeof szContainer;
+
+ if(dwContainerLen)
+ {
+
+ if(CryptAcquireContext(&CoolKeyCSPKeyListener::mCryptProv, szContainer,
+ OPENKEY_PROV, PROV_RSA_FULL,0))
+ {
+ PR_LOG( coolKeyCSPLog, PR_LOG_DEBUG, ("CoolKeyCSPListener::PropCerts: about to call PropCertsInContainer %s \n",szContainer));
+ PropCertsInContainer(aKey->mKeyID, szContainer, hCertStore);
+
+ }
+ else
+ {
+
+ PR_LOG( coolKeyCSPLog, PR_LOG_DEBUG, ("CoolKeyCSPListener::PropCerts: failed to acquire context: %s \n.",szContainer));
+
+ }
+ }
+
+
+ if(CoolKeyCSPKeyListener::mCryptProv)
+ {
+ CryptReleaseContext(CoolKeyCSPKeyListener::mCryptProv, 0);
+ CoolKeyCSPKeyListener::mCryptProv = 0;
+
+ }
+
dwFlags = 0;
}
@@ -314,12 +462,12 @@
{
rv = FALSE;
}
-/* if (!CryptReleaseContext(hCryptProv, 0))
+
+ if (!CertCloseStore(hCACertStore, CERT_CLOSE_STORE_CHECK_FLAG))
{
rv = FALSE;
}
-*/
return rv;
}
@@ -412,4 +560,5 @@
}
+
NS_IMPL_ISUPPORTS1(CoolKeyCSPKeyListener,rhIKeyNotify)
Index: CoolKeyCSP.h
===================================================================
RCS file: /cvs/dirsec/esc/src/app/xpcom/CoolKeyCSP.h,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- CoolKeyCSP.h 12 Jun 2006 23:39:49 -0000 1.1.1.1
+++ CoolKeyCSP.h 25 Oct 2006 03:58:16 -0000 1.2
@@ -32,10 +32,8 @@
static HCRYPTPROV GetCryptHandle();
+ static HCRYPTPROV mCryptProv;
-private:
-
- static HCRYPTPROV mCryptProv ;
};
#endif
Index: Makefile.moz
===================================================================
RCS file: /cvs/dirsec/esc/src/app/xpcom/Makefile.moz,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- Makefile.moz 27 Sep 2006 17:22:20 -0000 1.3
+++ Makefile.moz 25 Oct 2006 03:58:16 -0000 1.4
@@ -26,7 +26,6 @@
CORE_DIST = $(CORE_DEPTH)/dist/$(OBJDIR)
CORE_INC = $(CORE_DEPTH)/dist/public
MDDEPDIR := $(OBJDIR)/.deps
-DESTDIR = $(MOZ_OBJDIR)/install
NO_DIST_INSTALL = 1
@@ -37,6 +36,9 @@
DEPLOY_OBJDIR = $(CORE_DEPTH)/dist/$(OBJDIR)/esc_build
XULRUNNER_ZIP_NAME = xulrunner-1.8.0.1.*.tar.gz
+ifeq ($(OS_ARCH),WINNT)
+XULRUNNER_ZIP_NAME = xulrunner-1.8.0.1.*.win32.zip
+endif
XULRUNNER_BIN_PATH = $(MOZ_OBJDIR)/dist/xulrunner
XULRUNNER_EXEC = xulrunner
ifeq ($(OS_ARCH), Darwin)
@@ -46,6 +48,13 @@
XULRUNNER_FRAME_BASE = ESC.app/Contents/Frameworks
endif
+DEPLOY_OFFSET=/esc
+
+ifeq ($(OS_ARCH),Linux)
+DEPLOY_OFFSET=/src
+DESTDIR=$(MOZ_OBJDIR)/install
+endif
+
ifeq ($(OS_ARCH), WINNT)
OS_LIBS += crypt32.lib
CSPSRCS = CoolKeyCSP.cpp
@@ -74,6 +83,10 @@
DEFINES += -DXPCOM_GLUE $(GECKO_INCLUDES) -I$(CORE_INC)/ckymanager -I$(CORE_INC)/httpchuncked -I./_xpidlgen
+ifdef ESC_VERSION
+DEFINES += -DESC_VERSION=$(ESC_VERSION)
+endif
+
REQUIRES = string \
xpcom \
$(NULL)
@@ -115,7 +128,7 @@
clean::
rm -f Makefile.in
rm -rf $(DEPLOY_OBJDIR)
- rm -rf $(CORE_DEPTH)/src/app/xul/esc/esc
+ rm -rf $(CORE_DEPTH)$(DEPLOY_OFFSET)/app/xul/esc/esc
deploy: $(DEPLOY_OBJDIR)
echo "deploy! on $(OS_ARCH)"
@@ -160,14 +173,14 @@
$(DEPLOY_OBJDIR):
echo "Installing!"
- $(NSINSTALL) ./$(LIB_PREFIX)rhCoolKey$(DLL_SUFFIX) $(CORE_DEPTH)/src/app/xul/esc/components
- $(NSINSTALL) ./_xpidlgen/*.xpt $(CORE_DEPTH)/src/app/xul/esc/components
+ $(NSINSTALL) ./$(LIB_PREFIX)rhCoolKey$(DLL_SUFFIX) $(CORE_DEPTH)$(DEPLOY_OFFSET)/app/xul/esc/components
+ $(NSINSTALL) ./_xpidlgen/*.xpt $(CORE_DEPTH)$(DEPLOY_OFFSET)/app/xul/esc/components
echo "Creating $(DEPLOY_OBJDIR)"
mkdir $(DEPLOY_OBJDIR)
- cd $(CORE_DEPTH)/src/app/xul/esc; zip -r test.zip * -x *\CVS\* \*.fix*; unzip -d esc test.zip ; rm -f test.zip
- $(XULRUNNER_BIN_PATH)/$(XULRUNNER_EXEC) --install-app $(CORE_DEPTH)/src/app/xul/esc/esc $(DEPLOY_OBJDIR)
+ cd $(CORE_DEPTH)/$(DEPLOY_OFFSET)/app/xul/esc; zip -r test.zip * -x *\CVS\* \*.fix*; unzip -d esc test.zip ; rm -f test.zip
+ $(XULRUNNER_BIN_PATH)/$(XULRUNNER_EXEC) --install-app $(CORE_DEPTH)$(DEPLOY_OFFSET)/app/xul/esc/esc $(DEPLOY_OBJDIR)
ifeq ($(OS_ARCH), Darwin)
@@ -178,8 +191,11 @@
endif
#cp -Rf -v $(XULRUNNER_BIN_PATH) $(DEPLOY_OBJDIR)/$(XULRUNNER_FRAME_DEST)
+ifeq ($(OS_ARCH),Linux)
tar -xzvf $(MOZ_OBJDIR)/dist/$(XULRUNNER_ZIP_NAME) -C $(DEPLOY_OBJDIR)/$(XULRUNNER_FRAME_DEST)/esc
+endif
ifeq ($(OS_ARCH),WINNT)
+ unzip $(MOZ_OBJDIR)/dist/$(XULRUNNER_ZIP_NAME) -d $(DEPLOY_OBJDIR)/$(XULRUNNER_FRAME_DEST)/esc
cp -f $(XPCOM_EXTRA) $(DEPLOY_OBJDIR)/ESC/components
endif
ifdef DESTDIR
Index: openkey.h
===================================================================
RCS file: /cvs/dirsec/esc/src/app/xpcom/openkey.h,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- openkey.h 12 Jun 2006 23:39:49 -0000 1.1.1.1
+++ openkey.h 25 Oct 2006 03:58:16 -0000 1.2
@@ -18,13 +18,13 @@
#ifndef _OPENKEY_H
#define _OPENKEY_H 1
-#define OPENKEY_CARD_NAME "OpenKey Card Type"
-#define OPENKEY_CARD_NAME_MS "OpenKey Card Type\0" /* a multi-string */
+#define OPENKEY_CARD_NAME "CoolKey Card Type"
+#define OPENKEY_CARD_NAME_MS "CoolKey Card Type\0" /* a multi-string */
#define OPENKEY_PROV "Identity Alliance CSP"
#define OPENKEY_PROV_W L"Identity Alliance CSP"
-#define OPENKEY_NAME_W L"OpenKey"
+#define OPENKEY_NAME_W L"CoolKey"
/*
* User-defined certificate properties must faill in the range
Index: rhCoolKey.cpp
===================================================================
RCS file: /cvs/dirsec/esc/src/app/xpcom/rhCoolKey.cpp,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- rhCoolKey.cpp 27 Sep 2006 17:22:20 -0000 1.3
+++ rhCoolKey.cpp 25 Oct 2006 03:58:16 -0000 1.4
@@ -32,6 +32,7 @@
#endif
#include "nsIPrefBranch.h"
+#include "nsIPrefService.h"
#include "nsCOMPtr.h"
#include "nsIProxyObjectManager.h"
#include "nsIObserver.h"
@@ -43,6 +44,14 @@
#include <vector>
#include <string>
+
+#define STRINGIFY(x) #x
+#define GETSTRING(x) STRINGIFY(x)
+
+#ifndef ESC_VERSION
+#define ESC_VERSION 1.0.0-0
+#endif
+
#include <prlog.h>
#define COOL_MAX_PATH 1024
#define MAX_STR_LEN COOL_MAX_PATH
@@ -259,7 +268,7 @@
}
- nsCOMPtr<nsIPrefBranch> pref;
+ nsCOMPtr<nsIPrefService> pref;
pref = do_GetService("@mozilla.org/preferences-service;1");
if(!pref)
@@ -268,8 +277,15 @@
}
- pref->SetCharPref(aName, aValue);
+ nsCOMPtr<nsIPrefBranch> pBranch;
+ pref->GetBranch(nsnull,getter_AddRefs(pBranch));
+
+ if(pBranch)
+ {
+ pBranch->SetCharPref(aName, aValue);
+ pref->SavePrefFile(nsnull);
+ }
return S_OK;
@@ -1358,10 +1374,9 @@
{
PR_LOG( coolKeyLog, PR_LOG_DEBUG, ("rhCoolKey::GetCoolKeyVersion \n"));
- char *version = "1.0.0-16";
+ char *version = GETSTRING(ESC_VERSION);
char *versionVal = (char *) nsMemory::Clone(version,sizeof(char) * strlen(version) + 1);
-
*_retval = versionVal;
- Previous message (by thread): [Fedora-directory-commits] esc/src/app/daemon escd.cpp, 1.1, 1.2 manifest.mn, 1.1, 1.2
- Next message (by thread): [Fedora-directory-commits] esc/src/app/xpcom/tray Makefile.moz, 1.2, 1.3 cool.rc, 1.1.1.1, 1.2 rhMacTray.cpp, 1.3, 1.4 rhTray.cpp, 1.3, 1.4 rhTray.h, 1.2, 1.3
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the Fedora-directory-commits
mailing list