2
* The contents of this file are subject to the Mozilla Public
3
* License Version 1.1 (the "License"); you may not use this file
4
* except in compliance with the License. You may obtain a copy of
5
* the License at http://www.mozilla.org/MPL/
7
* Software distributed under the License is distributed on an "AS
8
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
9
* implied. See the License for the specific language governing
10
* rights and limitations under the License.
12
* The Original Code is the Netscape security libraries.
14
* The Initial Developer of the Original Code is Netscape
15
* Communications Corporation. Portions created by Netscape are
16
* Copyright (C) 1994-2000 Netscape Communications Corporation. All
21
* Alternatively, the contents of this file may be used under the
22
* terms of the GNU General Public License Version 2 or later (the
23
* "GPL"), in which case the provisions of the GPL are applicable
24
* instead of those above. If you wish to allow use of your
25
* version of this file only under the terms of the GPL and not to
26
* allow others to use your version of this file under the MPL,
27
* indicate your decision by deleting the provisions above and
28
* replace them with the notice and other provisions required by
29
* the GPL. If you do not delete the provisions above, a recipient
30
* may use your version of this file under either the MPL or the
42
/* Call to PK11_FreeSlot below */
52
#include "pk11func.h" /* sigh */
56
#endif /* NSS_3_4_CODE */
68
SEC_CertNicknameConflict(char *nickname, SECItem *derSubject,
69
CERTCertDBHandle *handle)
71
CERTCertificate *cert;
72
PRBool conflict = PR_FALSE;
74
cert=CERT_FindCertByNickname(handle, nickname);
80
conflict = !SECITEM_ItemsAreEqual(derSubject,&cert->derSubject);
81
CERT_DestroyCertificate(cert);
86
SEC_DeletePermCertificate(CERTCertificate *cert)
89
NSSTrustDomain *td = STAN_GetDefaultTrustDomain();
90
NSSCertificate *c = STAN_GetNSSCertificate(cert);
92
/* get rid of the token instances */
93
nssrv = NSSCertificate_DeleteStoredObject(c, NULL);
95
/* get rid of the cache entry */
96
nssTrustDomain_LockCertCache(td);
97
nssTrustDomain_RemoveCertFromCacheLOCKED(td, c);
98
nssTrustDomain_UnlockCertCache(td);
100
return (nssrv == PR_SUCCESS) ? SECSuccess : SECFailure;
104
CERT_GetCertTrust(CERTCertificate *cert, CERTCertTrust *trust)
107
CERT_LockCertTrust(cert);
108
if ( cert->trust == NULL ) {
111
*trust = *cert->trust;
114
CERT_UnlockCertTrust(cert);
120
cert_parseNickname(char *nickname)
123
for (cp=nickname; *cp && *cp != ':'; cp++);
124
if (*cp == ':') return cp+1;
130
CERT_ChangeCertTrust(CERTCertDBHandle *handle, CERTCertificate *cert,
131
CERTCertTrust *trust)
133
SECStatus rv = SECFailure;
136
CERT_LockCertTrust(cert);
137
ret = STAN_ChangeCertTrust(cert, trust);
138
rv = (ret == PR_SUCCESS) ? SECSuccess : SECFailure;
139
CERT_UnlockCertTrust(cert);
143
extern const NSSError NSS_ERROR_INVALID_CERTIFICATE;
146
__CERT_AddTempCertToPerm(CERTCertificate *cert, char *nickname,
147
CERTCertTrust *trust)
152
NSSCryptoContext *context;
153
nssCryptokiObject *permInstance;
154
NSSCertificate *c = STAN_GetNSSCertificate(cert);
155
context = c->object.cryptoContext;
157
PORT_SetError(SEC_ERROR_ADDING_CERT);
158
return SECFailure; /* wasn't a temp cert */
160
stanNick = nssCertificate_GetNickname(c, NULL);
161
if (stanNick && nickname && strcmp(nickname, stanNick) != 0) {
162
/* take the new nickname */
163
cert->nickname = NULL;
166
if (!stanNick && nickname) {
167
stanNick = nssUTF8_Duplicate((NSSUTF8 *)nickname, c->object.arena);
169
/* Delete the temp instance */
170
nssCertificateStore_Lock(context->certStore);
171
nssCertificateStore_RemoveCertLOCKED(context->certStore, c);
172
nssCertificateStore_Unlock(context->certStore);
173
c->object.cryptoContext = NULL;
174
/* Import the perm instance onto the internal token */
175
slot = PK11_GetInternalKeySlot();
176
internal = PK11Slot_GetNSSToken(slot);
177
permInstance = nssToken_ImportCertificate(internal, NULL,
178
NSSCertificateType_PKIX,
189
if (NSS_GetError() == NSS_ERROR_INVALID_CERTIFICATE) {
190
PORT_SetError(SEC_ERROR_REUSED_ISSUER_AND_SERIAL);
194
nssPKIObject_AddInstance(&c->object, permInstance);
195
nssTrustDomain_AddCertsToCache(STAN_GetDefaultTrustDomain(), &c, 1);
196
/* reset the CERTCertificate fields */
197
cert->nssCertificate = NULL;
198
cert = STAN_GetCERTCertificateOrRelease(c); /* should return same pointer */
202
cert->istemp = PR_FALSE;
203
cert->isperm = PR_TRUE;
207
return (STAN_ChangeCertTrust(cert, trust) == PR_SUCCESS) ?
208
SECSuccess: SECFailure;
212
CERT_AddTempCertToPerm(CERTCertificate *cert, char *nickname,
213
CERTCertTrust *trust)
215
return __CERT_AddTempCertToPerm(cert, nickname, trust);
219
__CERT_NewTempCertificate(CERTCertDBHandle *handle, SECItem *derCert,
220
char *nickname, PRBool isperm, PRBool copyDER)
225
NSSCertificate *tempCert;
227
NSSCryptoContext *gCC = STAN_GetDefaultCryptoContext();
228
NSSTrustDomain *gTD = STAN_GetDefaultTrustDomain();
231
NSSITEM_FROM_SECITEM(&encoding, derCert);
232
/* First, see if it is already a temp cert */
233
c = NSSCryptoContext_FindCertificateByEncodedCertificate(gCC,
236
/* Then, see if it is already a perm cert */
237
c = NSSTrustDomain_FindCertificateByEncodedCertificate(handle,
241
/* actually, that search ends up going by issuer/serial,
242
* so it is still possible to return a cert with the same
243
* issuer/serial but a different encoding, and we're
244
* going to reject that
246
if (!nssItem_Equal(&c->encoding, &encoding, NULL)) {
247
nssCertificate_Destroy(c);
248
PORT_SetError(SEC_ERROR_REUSED_ISSUER_AND_SERIAL);
251
cc = STAN_GetCERTCertificateOrRelease(c);
256
pkio = nssPKIObject_Create(NULL, NULL, gTD, gCC);
260
c = nss_ZNEW(pkio->arena, NSSCertificate);
262
nssPKIObject_Destroy(pkio);
267
nssItem_Create(c->object.arena, &c->encoding,
268
derCert->len, derCert->data);
270
NSSITEM_FROM_SECITEM(&c->encoding, derCert);
272
/* Forces a decoding of the cert in order to obtain the parts used
275
/* 'c' is not adopted here, if we fail loser frees what has been
276
* allocated so far for 'c' */
277
cc = STAN_GetCERTCertificate(c);
281
nssItem_Create(c->object.arena,
282
&c->issuer, cc->derIssuer.len, cc->derIssuer.data);
283
nssItem_Create(c->object.arena,
284
&c->subject, cc->derSubject.len, cc->derSubject.data);
286
/* CERTCertificate stores serial numbers decoded. I need the DER
289
SECItem derSerial = { 0 };
290
CERT_SerialNumberFromDERCert(&cc->derCert, &derSerial);
291
if (!derSerial.data) goto loser;
292
nssItem_Create(c->object.arena, &c->serial, derSerial.len, derSerial.data);
293
PORT_Free(derSerial.data);
296
c->object.tempName = nssUTF8_Create(c->object.arena,
297
nssStringType_UTF8String,
299
PORT_Strlen(nickname));
301
if (cc->emailAddr && cc->emailAddr[0]) {
302
c->email = nssUTF8_Create(c->object.arena,
303
nssStringType_PrintableString,
304
(NSSUTF8 *)cc->emailAddr,
305
PORT_Strlen(cc->emailAddr));
307
/* this function cannot detect if the cert exists as a temp cert now, but
308
* didn't when CERT_NewTemp was first called.
310
nssrv = NSSCryptoContext_ImportCertificate(gCC, c);
311
if (nssrv != PR_SUCCESS) {
314
/* so find the entry in the temp store */
315
tempCert = NSSCryptoContext_FindCertificateByIssuerAndSerialNumber(gCC,
318
/* destroy the copy */
319
NSSCertificate_Destroy(c);
321
/* and use the "official" entry */
323
cc = STAN_GetCERTCertificateOrRelease(c);
330
cc->istemp = PR_TRUE;
331
cc->isperm = PR_FALSE;
334
nssPKIObject_Destroy(&c->object);
339
CERT_NewTempCertificate(CERTCertDBHandle *handle, SECItem *derCert,
340
char *nickname, PRBool isperm, PRBool copyDER)
342
return( __CERT_NewTempCertificate(handle, derCert, nickname,
346
/* maybe all the wincx's should be some const for internal token login? */
348
CERT_FindCertByIssuerAndSN(CERTCertDBHandle *handle, CERTIssuerAndSN *issuerAndSN)
351
CERTCertificate *cert;
353
cert = PK11_FindCertByIssuerAndSN(&slot,issuerAndSN,NULL);
361
static NSSCertificate *
362
get_best_temp_or_perm(NSSCertificate *ct, NSSCertificate *cp)
365
NSSCertificate *arr[3];
367
return nssCertificate_AddRef(cp);
369
return nssCertificate_AddRef(ct);
374
usage.anyUsage = PR_TRUE;
375
return nssCertificateArray_FindBestCertificate(arr, NULL, &usage, NULL);
379
CERT_FindCertByName(CERTCertDBHandle *handle, SECItem *name)
381
NSSCertificate *cp, *ct, *c;
384
NSSCryptoContext *cc;
385
NSSITEM_FROM_SECITEM(&subject, name);
386
usage.anyUsage = PR_TRUE;
387
cc = STAN_GetDefaultCryptoContext();
388
ct = NSSCryptoContext_FindBestCertificateBySubject(cc, &subject,
390
cp = NSSTrustDomain_FindBestCertificateBySubject(handle, &subject,
392
c = get_best_temp_or_perm(ct, cp);
394
CERT_DestroyCertificate(STAN_GetCERTCertificateOrRelease(ct));
397
CERT_DestroyCertificate(STAN_GetCERTCertificateOrRelease(cp));
399
return c ? STAN_GetCERTCertificateOrRelease(c) : NULL;
403
CERT_FindCertByKeyID(CERTCertDBHandle *handle, SECItem *name, SECItem *keyID)
406
CERT_CreateSubjectCertList(NULL,handle,name,0,PR_FALSE);
407
CERTCertificate *cert = NULL;
408
CERTCertListNode *node = CERT_LIST_HEAD(list);
410
if (list == NULL) return NULL;
412
for (node = CERT_LIST_HEAD(list); node ; node = CERT_LIST_NEXT(node)) {
413
if (SECITEM_ItemsAreEqual(&cert->subjectKeyID, keyID) ) {
414
cert = CERT_DupCertificate(node->cert);
422
CERT_FindCertByNickname(CERTCertDBHandle *handle, char *nickname)
424
NSSCryptoContext *cc;
425
NSSCertificate *c, *ct;
426
CERTCertificate *cert;
428
usage.anyUsage = PR_TRUE;
429
cc = STAN_GetDefaultCryptoContext();
430
ct = NSSCryptoContext_FindBestCertificateByNickname(cc, nickname,
432
cert = PK11_FindCertFromNickname(nickname, NULL);
435
c = get_best_temp_or_perm(ct, STAN_GetNSSCertificate(cert));
436
CERT_DestroyCertificate(cert);
438
CERT_DestroyCertificate(STAN_GetCERTCertificateOrRelease(ct));
443
return c ? STAN_GetCERTCertificateOrRelease(c) : NULL;
447
CERT_FindCertByDERCert(CERTCertDBHandle *handle, SECItem *derCert)
449
NSSCryptoContext *cc;
452
NSSITEM_FROM_SECITEM(&encoding, derCert);
453
cc = STAN_GetDefaultCryptoContext();
454
c = NSSCryptoContext_FindCertificateByEncodedCertificate(cc, &encoding);
456
c = NSSTrustDomain_FindCertificateByEncodedCertificate(handle,
460
return STAN_GetCERTCertificateOrRelease(c);
464
CERT_FindCertByNicknameOrEmailAddr(CERTCertDBHandle *handle, char *name)
466
NSSCryptoContext *cc;
467
NSSCertificate *c, *ct;
468
CERTCertificate *cert;
472
PORT_SetError(SEC_ERROR_INVALID_ARGS);
475
usage.anyUsage = PR_TRUE;
476
cc = STAN_GetDefaultCryptoContext();
477
ct = NSSCryptoContext_FindBestCertificateByNickname(cc, name,
479
if (!ct && PORT_Strchr(name, '@') != NULL) {
480
char* lowercaseName = CERT_FixupEmailAddr(name);
482
ct = NSSCryptoContext_FindBestCertificateByEmail(cc, lowercaseName,
484
PORT_Free(lowercaseName);
487
cert = PK11_FindCertFromNickname(name, NULL);
489
c = get_best_temp_or_perm(ct, STAN_GetNSSCertificate(cert));
490
CERT_DestroyCertificate(cert);
492
CERT_DestroyCertificate(STAN_GetCERTCertificateOrRelease(ct));
497
return c ? STAN_GetCERTCertificateOrRelease(c) : NULL;
501
add_to_subject_list(CERTCertList *certList, CERTCertificate *cert,
502
PRBool validOnly, int64 sorttime)
506
CERT_CheckCertValidTimes(cert, sorttime, PR_FALSE)
507
== secCertTimeValid) {
508
secrv = CERT_AddCertToListSorted(certList, cert,
511
if (secrv != SECSuccess) {
512
CERT_DestroyCertificate(cert);
515
CERT_DestroyCertificate(cert);
520
CERT_CreateSubjectCertList(CERTCertList *certList, CERTCertDBHandle *handle,
521
SECItem *name, int64 sorttime, PRBool validOnly)
523
NSSCryptoContext *cc;
524
NSSCertificate **tSubjectCerts, **pSubjectCerts;
526
CERTCertificate *cert;
528
PRBool myList = PR_FALSE;
529
cc = STAN_GetDefaultCryptoContext();
530
NSSITEM_FROM_SECITEM(&subject, name);
531
/* Collect both temp and perm certs for the subject */
532
tSubjectCerts = NSSCryptoContext_FindCertificatesBySubject(cc,
537
pSubjectCerts = NSSTrustDomain_FindCertificatesBySubject(handle,
542
if (!tSubjectCerts && !pSubjectCerts) {
545
if (certList == NULL) {
546
certList = CERT_NewCertList();
548
if (!certList) goto loser;
550
/* Iterate over the matching temp certs. Add them to the list */
553
cert = STAN_GetCERTCertificateOrRelease(*ci);
554
/* *ci may be invalid at this point, don't reference it again */
556
/* NOTE: add_to_subject_list adopts the incoming cert. */
557
add_to_subject_list(certList, cert, validOnly, sorttime);
561
/* Iterate over the matching perm certs. Add them to the list */
564
cert = STAN_GetCERTCertificateOrRelease(*ci);
565
/* *ci may be invalid at this point, don't reference it again */
567
/* NOTE: add_to_subject_list adopts the incoming cert. */
568
add_to_subject_list(certList, cert, validOnly, sorttime);
572
/* all the references have been adopted or freed at this point, just
573
* free the arrays now */
574
nss_ZFreeIf(tSubjectCerts);
575
nss_ZFreeIf(pSubjectCerts);
578
/* need to free the references in tSubjectCerts and pSubjectCerts! */
579
nssCertificateArray_Destroy(tSubjectCerts);
580
nssCertificateArray_Destroy(pSubjectCerts);
581
if (myList && certList != NULL) {
582
CERT_DestroyCertList(certList);
588
CERT_DestroyCertificate(CERTCertificate *cert)
591
/* don't use STAN_GetNSSCertificate because we don't want to
592
* go to the trouble of translating the CERTCertificate into
593
* an NSSCertificate just to destroy it. If it hasn't been done
594
* yet, don't do it at all.
596
NSSCertificate *tmp = cert->nssCertificate;
598
/* delete the NSSCertificate */
599
NSSCertificate_Destroy(tmp);
601
PORT_FreeArena(cert->arena, PR_FALSE);
609
CERT_ChangeCertTrustByUsage(CERTCertDBHandle *certdb,
610
CERTCertificate *cert, SECCertUsage usage)
614
CERTCertTrust tmptrust;
615
unsigned int certtype;
620
PORT_Memset((void *)&trust, 0, sizeof(trust));
622
certtype = cert->nsCertType;
624
/* if no app bits in cert type, then set all app bits */
625
if ( ! ( certtype & NS_CERT_TYPE_APP ) ) {
626
certtype |= NS_CERT_TYPE_APP;
630
case certUsageEmailSigner:
631
case certUsageEmailRecipient:
632
if ( certtype & NS_CERT_TYPE_EMAIL ) {
633
trust.emailFlags = CERTDB_VALID_PEER;
634
if ( ! ( cert->rawKeyUsage & KU_KEY_ENCIPHERMENT ) ) {
635
/* don't save it if KeyEncipherment is not allowed */
640
case certUsageUserCertImport:
641
if ( certtype & NS_CERT_TYPE_EMAIL ) {
642
trust.emailFlags = CERTDB_VALID_PEER;
644
/* VALID_USER is already set if the cert was imported,
645
* in the case that the cert was already in the database
646
* through SMIME or other means, we should set the USER
647
* flags, if they are not already set.
650
if ( certtype & NS_CERT_TYPE_SSL_CLIENT ) {
651
if( !(cert->trust->sslFlags & CERTDB_USER) ) {
652
trust.sslFlags |= CERTDB_USER;
656
if ( certtype & NS_CERT_TYPE_EMAIL ) {
657
if( !(cert->trust->emailFlags & CERTDB_USER) ) {
658
trust.emailFlags |= CERTDB_USER;
662
if ( certtype & NS_CERT_TYPE_OBJECT_SIGNING ) {
663
if( !(cert->trust->objectSigningFlags & CERTDB_USER) ) {
664
trust.objectSigningFlags |= CERTDB_USER;
669
default: /* XXX added to quiet warnings; no other cases needed? */
673
if ( (trust.sslFlags | trust.emailFlags | trust.objectSigningFlags) == 0 ){
677
if ( saveit && cert->isperm ) {
678
/* Cert already in the DB. Just adjust flags */
679
tmptrust = *cert->trust;
680
tmptrust.sslFlags |= trust.sslFlags;
681
tmptrust.emailFlags |= trust.emailFlags;
682
tmptrust.objectSigningFlags |= trust.objectSigningFlags;
684
rv = CERT_ChangeCertTrust(cert->dbhandle, cert,
686
if ( rv != SECSuccess ) {
703
CERT_GetDBContentVersion(CERTCertDBHandle *handle)
705
/* should read the DB content version from the pkcs #11 device */
710
certdb_SaveSingleProfile(CERTCertificate *cert, const char *emailAddr,
711
SECItem *emailProfile, SECItem *profileTime)
715
SECStatus rv = SECFailure;
717
SECItem oldprof, oldproftime;
718
SECItem *oldProfile = NULL;
719
SECItem *oldProfileTime = NULL;
720
PK11SlotInfo *slot = NULL;
722
NSSCryptoContext *cc;
723
nssSMIMEProfile *stanProfile = NULL;
724
PRBool freeOldProfile = PR_FALSE;
726
c = STAN_GetNSSCertificate(cert);
727
if (!c) return SECFailure;
728
cc = c->object.cryptoContext;
730
stanProfile = nssCryptoContext_FindSMIMEProfileForCertificate(cc, c);
732
PORT_Assert(stanProfile->profileData);
733
SECITEM_FROM_NSSITEM(&oldprof, stanProfile->profileData);
734
oldProfile = &oldprof;
735
SECITEM_FROM_NSSITEM(&oldproftime, stanProfile->profileTime);
736
oldProfileTime = &oldproftime;
739
oldProfile = PK11_FindSMimeProfile(&slot, (char *)emailAddr,
740
&cert->derSubject, &oldProfileTime);
741
freeOldProfile = PR_TRUE;
746
/* both profileTime and emailProfile have to exist or not exist */
747
if ( emailProfile == NULL ) {
749
} else if ( profileTime == NULL ) {
753
if ( oldProfileTime == NULL ) {
756
/* there was already a profile for this email addr */
758
/* we have an old and new profile - save whichever is more recent*/
759
if ( oldProfileTime->len == 0 ) {
760
/* always replace if old entry doesn't have a time */
763
rv = DER_UTCTimeToTime(&oldtime, oldProfileTime);
764
if ( rv != SECSuccess ) {
769
rv = DER_UTCTimeToTime(&newtime, profileTime);
770
if ( rv != SECSuccess ) {
774
if ( LL_CMP(newtime, >, oldtime ) ) {
775
/* this is a newer profile, save it and cert */
787
/* stanProfile is already stored in the crypto context,
790
NSSArena *arena = stanProfile->object.arena;
791
stanProfile->profileTime = nssItem_Create(arena,
795
stanProfile->profileData = nssItem_Create(arena,
799
} else if (profileTime && emailProfile) {
802
NSSItem profTime, profData;
803
NSSItem *pprofTime, *pprofData;
804
NSSITEM_FROM_SECITEM(&subject, &cert->derSubject);
806
NSSITEM_FROM_SECITEM(&profTime, profileTime);
807
pprofTime = &profTime;
812
NSSITEM_FROM_SECITEM(&profData, emailProfile);
813
pprofData = &profData;
817
stanProfile = nssSMIMEProfile_Create(c, pprofTime, pprofData);
818
if (!stanProfile) goto loser;
819
nssrv = nssCryptoContext_ImportSMIMEProfile(cc, stanProfile);
820
rv = (nssrv == PR_SUCCESS) ? SECSuccess : SECFailure;
823
rv = PK11_SaveSMimeProfile(slot, (char *)emailAddr,
824
&cert->derSubject, emailProfile, profileTime);
831
if (oldProfile && freeOldProfile) {
832
SECITEM_FreeItem(oldProfile,PR_TRUE);
834
if (oldProfileTime && freeOldProfile) {
835
SECITEM_FreeItem(oldProfileTime,PR_TRUE);
838
nssSMIMEProfile_Destroy(stanProfile);
849
* Manage S/MIME profiles
854
CERT_SaveSMimeProfile(CERTCertificate *cert, SECItem *emailProfile,
855
SECItem *profileTime)
857
const char *emailAddr;
864
if (cert->slot && !PK11_IsInternal(cert->slot)) {
865
/* this cert comes from an external source, we need to add it
866
to the cert db before creating an S/MIME profile */
867
PK11SlotInfo* internalslot = PK11_GetInternalKeySlot();
871
rv = PK11_ImportCert(internalslot, cert,
872
CK_INVALID_HANDLE, NULL, PR_FALSE);
874
PK11_FreeSlot(internalslot);
875
if (rv != SECSuccess ) {
881
for (emailAddr = CERT_GetFirstEmailAddress(cert); emailAddr != NULL;
882
emailAddr = CERT_GetNextEmailAddress(cert,emailAddr)) {
883
rv = certdb_SaveSingleProfile(cert,emailAddr,emailProfile,profileTime);
884
if (rv != SECSuccess) {
894
CERT_FindSMimeProfile(CERTCertificate *cert)
896
PK11SlotInfo *slot = NULL;
898
NSSCryptoContext *cc;
899
SECItem *rvItem = NULL;
901
c = STAN_GetNSSCertificate(cert);
903
cc = c->object.cryptoContext;
905
nssSMIMEProfile *stanProfile;
906
stanProfile = nssCryptoContext_FindSMIMEProfileForCertificate(cc, c);
908
rvItem = SECITEM_AllocItem(NULL, NULL,
909
stanProfile->profileData->size);
911
rvItem->data = stanProfile->profileData->data;
913
nssSMIMEProfile_Destroy(stanProfile);
918
PK11_FindSMimeProfile(&slot, cert->emailAddr, &cert->derSubject, NULL);
926
* depricated functions that are now just stubs.
932
__CERT_ClosePermCertDB(CERTCertDBHandle *handle)
934
PORT_Assert("CERT_ClosePermCertDB is Depricated" == NULL);
939
CERT_OpenCertDBFilename(CERTCertDBHandle *handle, char *certdbname,
942
PORT_Assert("CERT_OpenCertDBFilename is Depricated" == NULL);
947
SECKEY_HashPassword(char *pw, SECItem *salt)
949
PORT_Assert("SECKEY_HashPassword is Depricated" == NULL);
954
__CERT_TraversePermCertsForSubject(CERTCertDBHandle *handle,
956
void *cb, void *cbarg)
958
PORT_Assert("CERT_TraversePermCertsForSubject is Depricated" == NULL);
964
__CERT_TraversePermCertsForNickname(CERTCertDBHandle *handle, char *nickname,
965
void *cb, void *cbarg)
967
PORT_Assert("CERT_TraversePermCertsForNickname is Depricated" == NULL);