Mercurial > trustbridge > nss-cmake-static

comparison nss/lib/softoken/legacydb/lgdestroy.c @ 3:150b72113545

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Add DBM and legacydb support
author Andre Heinecke <andre.heinecke@intevation.de>
date Tue, 05 Aug 2014 18:32:02 +0200
parents
children
comparison
equal deleted inserted replaced
2:a945361df361 3:150b72113545
1 /* This Source Code Form is subject to the terms of the Mozilla Public
2 * License, v. 2.0. If a copy of the MPL was not distributed with this
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4 /*
5 * Internal PKCS #11 functions. Should only be called by pkcs11.c
6 */
7 #include "pkcs11.h"
8 #include "lgdb.h"
9 #include "pcert.h"
10 #include "lowkeyi.h"
11
12 /*
13 * remove an object.
14 */
15 CK_RV
16 lg_DestroyObject(SDB *sdb, CK_OBJECT_HANDLE object_id)
17 {
18 CK_RV crv = CKR_OK;
19 SECStatus rv;
20 NSSLOWCERTCertificate *cert;
21 NSSLOWCERTCertTrust tmptrust;
22 PRBool isKrl;
23 NSSLOWKEYDBHandle *keyHandle;
24 NSSLOWCERTCertDBHandle *certHandle;
25 const SECItem *dbKey;
26
27 object_id &= ~LG_TOKEN_MASK;
28 dbKey = lg_lookupTokenKeyByHandle(sdb,object_id);
29 if (dbKey == NULL) {
30 return CKR_OBJECT_HANDLE_INVALID;
31 }
32
33 /* remove the objects from the real data base */
34 switch (object_id & LG_TOKEN_TYPE_MASK) {
35 case LG_TOKEN_TYPE_PRIV:
36 case LG_TOKEN_TYPE_KEY:
37 /* KEYID is the public KEY for DSA and DH, and the MODULUS for
38 * RSA */
39 keyHandle = lg_getKeyDB(sdb);
40 if (!keyHandle) {
41 crv = CKR_TOKEN_WRITE_PROTECTED;
42 break;
43 }
44 rv = nsslowkey_DeleteKey(keyHandle, dbKey);
45 if (rv != SECSuccess) {
46 crv = CKR_DEVICE_ERROR;
47 }
48 break;
49 case LG_TOKEN_TYPE_PUB:
50 break; /* public keys only exist at the behest of the priv key */
51 case LG_TOKEN_TYPE_CERT:
52 certHandle = lg_getCertDB(sdb);
53 if (!certHandle) {
54 crv = CKR_TOKEN_WRITE_PROTECTED;
55 break;
56 }
57 cert = nsslowcert_FindCertByKey(certHandle,dbKey);
58 if (cert == NULL) {
59 crv = CKR_DEVICE_ERROR;
60 break;
61 }
62 rv = nsslowcert_DeletePermCertificate(cert);
63 if (rv != SECSuccess) {
64 crv = CKR_DEVICE_ERROR;
65 }
66 nsslowcert_DestroyCertificate(cert);
67 break;
68 case LG_TOKEN_TYPE_CRL:
69 certHandle = lg_getCertDB(sdb);
70 if (!certHandle) {
71 crv = CKR_TOKEN_WRITE_PROTECTED;
72 break;
73 }
74 isKrl = (PRBool) (object_id == LG_TOKEN_KRL_HANDLE);
75 rv = nsslowcert_DeletePermCRL(certHandle, dbKey, isKrl);
76 if (rv == SECFailure) crv = CKR_DEVICE_ERROR;
77 break;
78 case LG_TOKEN_TYPE_TRUST:
79 certHandle = lg_getCertDB(sdb);
80 if (!certHandle) {
81 crv = CKR_TOKEN_WRITE_PROTECTED;
82 break;
83 }
84 cert = nsslowcert_FindCertByKey(certHandle, dbKey);
85 if (cert == NULL) {
86 crv = CKR_DEVICE_ERROR;
87 break;
88 }
89 tmptrust = *cert->trust;
90 tmptrust.sslFlags &= CERTDB_PRESERVE_TRUST_BITS;
91 tmptrust.emailFlags &= CERTDB_PRESERVE_TRUST_BITS;
92 tmptrust.objectSigningFlags &= CERTDB_PRESERVE_TRUST_BITS;
93 tmptrust.sslFlags |= CERTDB_TRUSTED_UNKNOWN;
94 tmptrust.emailFlags |= CERTDB_TRUSTED_UNKNOWN;
95 tmptrust.objectSigningFlags |= CERTDB_TRUSTED_UNKNOWN;
96 rv = nsslowcert_ChangeCertTrust(certHandle, cert, &tmptrust);
97 if (rv != SECSuccess) crv = CKR_DEVICE_ERROR;
98 nsslowcert_DestroyCertificate(cert);
99 break;
100 default:
101 break;
102 }
103 lg_DBLock(sdb);
104 lg_deleteTokenKeyByHandle(sdb,object_id);
105 lg_DBUnlock(sdb);
106
107 return crv;
108 }
109
110
111
This site is hosted by Intevation GmbH (Datenschutzerklärung und Impressum | Privacy Policy and Imprint)