PKIFNSSCredential.cpp

Go to the documentation of this file.
00001 
00009 #include "PKIFNSSCredential.h"
00010 
00011 #include "PKIFNSSDatabase.h"
00012 
00013 #include "ToolkitUtils.h"
00014 #include "PKIFMemoryUtils.h"
00015 #include "components.h"
00016 #include "PKIFNSSErrors.h"
00017 #include "PKIFCryptoException.h"
00018 #include "Name.h"
00019 #include "Buffer.h"
00020 
00021 #include "Certificate.h"
00022 #include "SubjectKeyIdentifier.h"
00023 
00024 #include "PKIFNSSConfig.h"
00025 
00026 using namespace std;
00027 
00038 CPKIFNSSCredential::CPKIFNSSCredential(
00040     SECKEYPrivateKey * key, 
00042     SECItem * derCert)
00043 :m_password(0),m_pwLen(0),m_pkifCert(new CPKIFCertificate()),m_privateKey(0)
00044 {
00045     LOG_STRING_DEBUG(__FUNCTION__,TOOLKIT_CRYPTO_NSSCRED,0,this);
00046     // this poorly named function retains a reference to a PKCS#11 private key
00047     m_privateKey = SECKEY_CopyPrivateKey(key);
00048     if(!m_privateKey) {
00049         RAISE_CRYPTO_EXCEPTION("Unable to retain a reference to an NSS private key",TOOLKIT_CRYPTO_NSSCRED,PKIFNSS_COPYKEY_FAILED,this);
00050     }
00051     m_pkifCert->Decode(derCert->data,derCert->len);
00052     char * nick = PK11_GetPrivateKeyNickname(m_privateKey);
00053     if(nick && strlen(nick)) {
00054         CPKIFCredential::m_name = CPKIFStringPtr(new string(nick));
00055     } else {
00056         CPKIFCredential::m_name = CPKIFStringPtr(new string(m_pkifCert->Subject()->ToString()));
00057     }
00058     if(nick) PR_Delete(nick);
00059     CPKIFSubjectKeyIdentifierPtr skid = m_pkifCert->GetExtension<CPKIFSubjectKeyIdentifier>();
00060     if(skid) {
00061         CPKIFBufferPtr idbuf = skid->KeyIdentifier();
00062         char * id = new char[idbuf->GetLength() * 2 + 1];
00063         btoa((char *)idbuf->GetBuffer(),id,idbuf->GetLength());
00064         CPKIFCredential::m_id = CPKIFStringPtr(new string(id));
00065         delete[] id;
00066     }   
00067 }
00076 CPKIFNSSCredential::~CPKIFNSSCredential(void)
00077 {
00078     LOG_STRING_DEBUG(__FUNCTION__,TOOLKIT_CRYPTO_NSSCRED,0,this);
00079     if(m_password) {
00080         PKIFZero(m_password,m_pwLen);
00081         PKIFDelete(m_password);
00082         m_password = 0;
00083     }
00084     if(m_privateKey) {
00085         SECKEY_DestroyPrivateKey(m_privateKey);
00086         m_privateKey = 0;
00087     }
00088 }
00089 
00101 void CPKIFNSSCredential::SetPassword(
00103     unsigned char* password, 
00105     int len)
00106 {
00107     LOG_STRING_DEBUG(__FUNCTION__,TOOLKIT_CRYPTO_NSSCRED,0,this);
00108     RAISE_CRYPTO_EXCEPTION("Credential-level passwords make no sense for NSS",
00109         TOOLKIT_CRYPTO_NSSCRED,COMMON_NOT_IMPLEMENTED,this);
00110 
00111 }
00122 CPKIFCertificatePtr CPKIFNSSCredential::GetCertificate() const
00123 {
00124     LOG_STRING_DEBUG(__FUNCTION__,TOOLKIT_CRYPTO_NSSCRED,0,this);
00125     return m_pkifCert;
00126 }
00127
Generated on Mon Nov 15 11:15:55 2010 for PublicKeyInfrastructureFramework(PKIF) by  doxygen 1.5.6