bug 1335576 - stop passing nsINSSComponent around everywhere in nsNSSCertHelper.cpp r=Cykesiopka
authorDavid Keeler <dkeeler@mozilla.com>
Tue, 31 Jan 2017 14:08:56 -0800
changeset 479648 19cd77acf2e0cf418224ecea75078d40dcf6e0da
parent 479647 2b15133c98cc855a553551cc50c8d66ef48d1fdf
child 479649 4f4dcc23d36b2c9598349c0a05583efb9fefd0c3
push id44315
push usertnguyen@mozilla.com
push dateTue, 07 Feb 2017 02:03:39 +0000
reviewersCykesiopka
bugs1335576
milestone54.0a1
bug 1335576 - stop passing nsINSSComponent around everywhere in nsNSSCertHelper.cpp r=Cykesiopka MozReview-Commit-ID: LW4JEnvh1tR
security/manager/ssl/nsNSSCertHelper.cpp
security/manager/ssl/nsNSSCertificate.cpp
security/manager/ssl/nsNSSCertificate.h
--- a/security/manager/ssl/nsNSSCertHelper.cpp
+++ b/security/manager/ssl/nsNSSCertHelper.cpp
@@ -9,22 +9,21 @@
 #include "DateTimeFormat.h"
 #include "ScopedNSSTypes.h"
 #include "mozilla/Assertions.h"
 #include "mozilla/Casting.h"
 #include "mozilla/NotNull.h"
 #include "mozilla/Sprintf.h"
 #include "mozilla/UniquePtr.h"
 #include "nsCOMPtr.h"
-#include "nsComponentManagerUtils.h"
+#include "nsIStringBundle.h"
 #include "nsNSSASN1Object.h"
 #include "nsNSSCertTrust.h"
 #include "nsNSSCertValidity.h"
 #include "nsNSSCertificate.h"
-#include "nsNSSComponent.h"
 #include "nsServiceManagerUtils.h"
 #include "prerror.h"
 #include "secder.h"
 
 using namespace mozilla;
 
 /* Object Identifier constants */
 #define CONST_OID static const unsigned char
@@ -74,22 +73,69 @@ static SECOidData more_oids[] = {
 
 #define PKIX_LOGOTYPE 4
   OD(pkixLogotype, "Logotype", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
 };
 
 static const unsigned int numOids = (sizeof more_oids) / (sizeof more_oids[0]);
 
 static nsresult
-ProcessVersion(SECItem* versionItem,
-               nsINSSComponent* nssComponent,
-               nsIASN1PrintableItem** retItem)
+GetPIPNSSBundle(nsIStringBundle** pipnssBundle)
+{
+  nsCOMPtr<nsIStringBundleService> bundleService(
+    do_GetService(NS_STRINGBUNDLE_CONTRACTID));
+  if (!bundleService) {
+    return NS_ERROR_NOT_AVAILABLE;
+  }
+  return bundleService->CreateBundle("chrome://pipnss/locale/pipnss.properties",
+                                     pipnssBundle);
+}
+
+static nsresult
+GetPIPNSSBundleString(const char* stringName, nsAString& result)
+{
+  MOZ_ASSERT(stringName);
+  if (!stringName) {
+    return NS_ERROR_INVALID_ARG;
+  }
+  nsCOMPtr<nsIStringBundle> pipnssBundle;
+  nsresult rv = GetPIPNSSBundle(getter_AddRefs(pipnssBundle));
+  if (NS_FAILED(rv)) {
+    return rv;
+  }
+  result.Truncate();
+  return pipnssBundle->GetStringFromName(
+    NS_ConvertASCIItoUTF16(stringName).get(), getter_Copies(result));
+}
+
+static nsresult
+PIPBundleFormatStringFromName(const char* stringName, const char16_t** params,
+                              uint32_t numParams, nsAString& result)
+{
+  MOZ_ASSERT(stringName);
+  MOZ_ASSERT(params);
+  if (!stringName || !params) {
+    return NS_ERROR_INVALID_ARG;
+  }
+  nsCOMPtr<nsIStringBundle> pipnssBundle;
+  nsresult rv = GetPIPNSSBundle(getter_AddRefs(pipnssBundle));
+  if (NS_FAILED(rv)) {
+    return rv;
+  }
+  result.Truncate();
+  return pipnssBundle->FormatStringFromName(
+    NS_ConvertASCIItoUTF16(stringName).get(), params, numParams,
+    getter_Copies(result));
+}
+
+static nsresult
+ProcessVersion(SECItem* versionItem, nsIASN1PrintableItem** retItem)
 {
   nsAutoString text;
-  nssComponent->GetPIPNSSBundleString("CertDumpVersion", text);
+  GetPIPNSSBundleString("CertDumpVersion", text);
   nsCOMPtr<nsIASN1PrintableItem> printableItem = new nsNSSASN1PrintableItem();
   nsresult rv = printableItem->SetDisplayName(text);
   if (NS_FAILED(rv)) {
     return rv;
   }
 
   // Now to figure out what version this certificate is.
   unsigned int version;
@@ -104,38 +150,37 @@ ProcessVersion(SECItem* versionItem,
     // default to v1 (0).
     version = 0;
   }
 
   // A value of n actually corresponds to version n + 1
   nsAutoString versionString;
   versionString.AppendInt(version + 1);
   const char16_t* params[1] = { versionString.get() };
-  rv = nssComponent->PIPBundleFormatStringFromName(
+  rv = PIPBundleFormatStringFromName(
     "CertDumpVersionValue", params, MOZ_ARRAY_LENGTH(params), text);
   if (NS_FAILED(rv)) {
     return rv;
   }
 
   rv = printableItem->SetDisplayValue(text);
   if (NS_FAILED(rv)) {
     return rv;
   }
 
   printableItem.forget(retItem);
   return NS_OK;
 }
 
 static nsresult
 ProcessSerialNumberDER(const SECItem& serialItem,
-                       NotNull<nsINSSComponent*> nssComponent,
                        /*out*/ nsCOMPtr<nsIASN1PrintableItem>& retItem)
 {
   nsAutoString text;
-  nsresult rv = nssComponent->GetPIPNSSBundleString("CertDumpSerialNo", text);
+  nsresult rv = GetPIPNSSBundleString("CertDumpSerialNo", text);
   if (NS_FAILED(rv)) {
     return rv;
   }
 
   nsCOMPtr<nsIASN1PrintableItem> printableItem = new nsNSSASN1PrintableItem();
   rv = printableItem->SetDisplayName(text);
   if (NS_FAILED(rv)) {
     return rv;
@@ -153,20 +198,17 @@ ProcessSerialNumberDER(const SECItem& se
     return rv;
   }
 
   retItem = printableItem.forget();
   return NS_OK;
 }
 
 static nsresult
-GetDefaultOIDFormat(SECItem* oid,
-                    nsINSSComponent* nssComponent,
-                    nsAString& outString,
-                    char separator)
+GetDefaultOIDFormat(SECItem* oid, nsAString& outString, char separator)
 {
   char buf[300];
   unsigned int len = 0;
   int written, invalidCount = 0;
 
   unsigned int i;
   unsigned long val = 0;
   bool invalid = false;
@@ -208,17 +250,17 @@ GetDefaultOIDFormat(SECItem* oid,
         written = snprintf(
           &buf[len], sizeof(buf) - len, "%lu%c%lu", one, separator, two);
       } else {
         written =
           snprintf(&buf[len], sizeof(buf) - len, "%c%lu", separator, val);
       }
     } else {
       nsAutoString unknownText;
-      nssComponent->GetPIPNSSBundleString("CertUnknown", unknownText);
+      GetPIPNSSBundleString("CertUnknown", unknownText);
       if (first) {
         written = snprintf(&buf[len],
                            sizeof(buf) - len,
                            "%s",
                            NS_ConvertUTF16toUTF8(unknownText).get());
       } else {
         written = snprintf(&buf[len],
                            sizeof(buf) - len,
@@ -244,17 +286,17 @@ GetDefaultOIDFormat(SECItem* oid,
     first = false;
   }
 
   CopyASCIItoUTF16(buf, outString);
   return NS_OK;
 }
 
 static nsresult
-GetOIDText(SECItem* oid, nsINSSComponent* nssComponent, nsAString& text)
+GetOIDText(SECItem* oid, nsAString& text)
 {
   nsresult rv;
   SECOidTag oidTag = SECOID_FindOIDTag(oid);
   const char* bundlekey = 0;
 
   switch (oidTag) {
     case SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION:
       bundlekey = "CertDumpMD2WithRSA";
@@ -575,37 +617,33 @@ GetOIDText(SECItem* oid, nsINSSComponent
       if (oidTag == SEC_OID(PKIX_LOGOTYPE)) {
         bundlekey = "CertDumpLogotype";
         break;
       }
       /* fallthrough */
   }
 
   if (bundlekey) {
-    rv = nssComponent->GetPIPNSSBundleString(bundlekey, text);
+    rv = GetPIPNSSBundleString(bundlekey, text);
   } else {
     nsAutoString text2;
-    rv = GetDefaultOIDFormat(oid, nssComponent, text2, ' ');
+    rv = GetDefaultOIDFormat(oid, text2, ' ');
     if (NS_FAILED(rv))
       return rv;
 
     const char16_t* params[1] = { text2.get() };
-    rv = nssComponent->PIPBundleFormatStringFromName(
-      "CertDumpDefOID", params, 1, text);
+    rv = PIPBundleFormatStringFromName("CertDumpDefOID", params, 1, text);
   }
   return rv;
 }
 
 #define SEPARATOR "\n"
 
 static nsresult
-ProcessRawBytes(nsINSSComponent* nssComponent,
-                SECItem* data,
-                nsAString& text,
-                bool wantHeader = true)
+ProcessRawBytes(SECItem* data, nsAString& text, bool wantHeader = true)
 {
   // This function is used to display some DER bytes
   // that we have not added support for decoding.
   // If it's short, let's display as an integer, no size header.
 
   if (data->len <= 4) {
     int i_pv = DER_GetInteger(data);
     nsAutoString value;
@@ -618,18 +656,18 @@ ProcessRawBytes(nsINSSComponent* nssComp
   // Else produce a hex dump.
 
   if (wantHeader) {
     nsAutoString bytelen, bitlen;
     bytelen.AppendInt(data->len);
     bitlen.AppendInt(data->len * 8);
 
     const char16_t* params[2] = { bytelen.get(), bitlen.get() };
-    nsresult rv = nssComponent->PIPBundleFormatStringFromName(
-      "CertDumpRawBytesHeader", params, 2, text);
+    nsresult rv = PIPBundleFormatStringFromName("CertDumpRawBytesHeader",
+                                                params, 2, text);
     if (NS_FAILED(rv))
       return rv;
 
     text.AppendLiteral(SEPARATOR);
   }
 
   // This prints the value of the byte out into a
   // string that can later be displayed as a byte
@@ -646,128 +684,116 @@ ProcessRawBytes(nsINSSComponent* nssComp
     }
   }
   return NS_OK;
 }
 
 /**
  * Appends a pipnss bundle string to the given string.
  *
- * @param nssComponent For accessing the string bundle.
  * @param bundleKey Key for the string to append.
  * @param currentText The text to append to, using |SEPARATOR| as the separator.
  */
 template <size_t N>
 void
-AppendBundleString(const NotNull<nsINSSComponent*>& nssComponent,
-                   const char (&bundleKey)[N],
+AppendBundleString(const char (&bundleKey)[N],
                    /*in/out*/ nsAString& currentText)
 {
   nsAutoString bundleString;
-  nsresult rv = nssComponent->GetPIPNSSBundleString(bundleKey, bundleString);
+  nsresult rv = GetPIPNSSBundleString(bundleKey, bundleString);
   if (NS_FAILED(rv)) {
     return;
   }
 
   currentText.Append(bundleString);
   currentText.AppendLiteral(SEPARATOR);
 }
 
 static nsresult
-ProcessKeyUsageExtension(SECItem* extData,
-                         nsAString& text,
-                         nsINSSComponent* nssComponent)
+ProcessKeyUsageExtension(SECItem* extData, nsAString& text)
 {
   MOZ_ASSERT(extData);
-  MOZ_ASSERT(nssComponent);
   NS_ENSURE_ARG(extData);
-  NS_ENSURE_ARG(nssComponent);
 
-  NotNull<nsINSSComponent*> wrappedNSSComponent = WrapNotNull(nssComponent);
   ScopedAutoSECItem decoded;
   if (SEC_ASN1DecodeItem(
         nullptr, &decoded, SEC_ASN1_GET(SEC_BitStringTemplate), extData) !=
       SECSuccess) {
-    AppendBundleString(wrappedNSSComponent, "CertDumpExtensionFailure", text);
+    AppendBundleString("CertDumpExtensionFailure", text);
     return NS_OK;
   }
   unsigned char keyUsage = 0;
   if (decoded.len) {
     keyUsage = decoded.data[0];
   }
 
   if (keyUsage & KU_DIGITAL_SIGNATURE) {
-    AppendBundleString(wrappedNSSComponent, "CertDumpKUSign", text);
+    AppendBundleString("CertDumpKUSign", text);
   }
   if (keyUsage & KU_NON_REPUDIATION) {
-    AppendBundleString(wrappedNSSComponent, "CertDumpKUNonRep", text);
+    AppendBundleString("CertDumpKUNonRep", text);
   }
   if (keyUsage & KU_KEY_ENCIPHERMENT) {
-    AppendBundleString(wrappedNSSComponent, "CertDumpKUEnc", text);
+    AppendBundleString("CertDumpKUEnc", text);
   }
   if (keyUsage & KU_DATA_ENCIPHERMENT) {
-    AppendBundleString(wrappedNSSComponent, "CertDumpKUDEnc", text);
+    AppendBundleString("CertDumpKUDEnc", text);
   }
   if (keyUsage & KU_KEY_AGREEMENT) {
-    AppendBundleString(wrappedNSSComponent, "CertDumpKUKA", text);
+    AppendBundleString("CertDumpKUKA", text);
   }
   if (keyUsage & KU_KEY_CERT_SIGN) {
-    AppendBundleString(wrappedNSSComponent, "CertDumpKUCertSign", text);
+    AppendBundleString("CertDumpKUCertSign", text);
   }
   if (keyUsage & KU_CRL_SIGN) {
-    AppendBundleString(wrappedNSSComponent, "CertDumpKUCRLSigner", text);
+    AppendBundleString("CertDumpKUCRLSigner", text);
   }
 
   return NS_OK;
 }
 
 static nsresult
-ProcessBasicConstraints(SECItem* extData,
-                        nsAString& text,
-                        nsINSSComponent* nssComponent)
+ProcessBasicConstraints(SECItem* extData, nsAString& text)
 {
   nsAutoString local;
   CERTBasicConstraints value;
   SECStatus rv;
   nsresult rv2;
 
   value.pathLenConstraint = -1;
   rv = CERT_DecodeBasicConstraintValue(&value, extData);
   if (rv != SECSuccess) {
-    ProcessRawBytes(nssComponent, extData, text);
+    ProcessRawBytes(extData, text);
     return NS_OK;
   }
   if (value.isCA)
-    rv2 = nssComponent->GetPIPNSSBundleString("CertDumpIsCA", local);
+    rv2 = GetPIPNSSBundleString("CertDumpIsCA", local);
   else
-    rv2 = nssComponent->GetPIPNSSBundleString("CertDumpIsNotCA", local);
+    rv2 = GetPIPNSSBundleString("CertDumpIsNotCA", local);
   if (NS_FAILED(rv2))
     return rv2;
   text.Append(local.get());
   if (value.pathLenConstraint != -1) {
     nsAutoString depth;
     if (value.pathLenConstraint == CERT_UNLIMITED_PATH_CONSTRAINT)
-      nssComponent->GetPIPNSSBundleString("CertDumpPathLenUnlimited", depth);
+      GetPIPNSSBundleString("CertDumpPathLenUnlimited", depth);
     else
       depth.AppendInt(value.pathLenConstraint);
     const char16_t* params[1] = { depth.get() };
-    rv2 = nssComponent->PIPBundleFormatStringFromName(
-      "CertDumpPathLen", params, 1, local);
+    rv2 = PIPBundleFormatStringFromName("CertDumpPathLen", params, 1, local);
     if (NS_FAILED(rv2))
       return rv2;
     text.AppendLiteral(SEPARATOR);
     text.Append(local.get());
   }
   return NS_OK;
 }
 
 static nsresult
-ProcessExtKeyUsage(SECItem* extData,
-                   nsAString& text,
-                   nsINSSComponent* nssComponent)
+ProcessExtKeyUsage(SECItem* extData, nsAString& text)
 {
   nsAutoString local;
   SECItem** oids;
   SECItem* oid;
   nsresult rv;
 
   UniqueCERTOidSequence extKeyUsage(CERT_DecodeOidSequence(extData));
   if (!extKeyUsage) {
@@ -775,24 +801,24 @@ ProcessExtKeyUsage(SECItem* extData,
   }
 
   oids = extKeyUsage->oids;
   while (oids && *oids) {
     // For each OID, try to find a bundle string
     // of the form CertDumpEKU_<underlined-OID>
     nsAutoString oidname;
     oid = *oids;
-    rv = GetDefaultOIDFormat(oid, nssComponent, oidname, '_');
+    rv = GetDefaultOIDFormat(oid, oidname, '_');
     if (NS_FAILED(rv))
       return rv;
     nsAutoString bundlekey = NS_LITERAL_STRING("CertDumpEKU_") + oidname;
     NS_ConvertUTF16toUTF8 bk_ascii(bundlekey);
 
-    rv = nssComponent->GetPIPNSSBundleString(bk_ascii.get(), local);
-    nsresult rv2 = GetDefaultOIDFormat(oid, nssComponent, oidname, '.');
+    rv = GetPIPNSSBundleString(bk_ascii.get(), local);
+    nsresult rv2 = GetDefaultOIDFormat(oid, oidname, '.');
     if (NS_FAILED(rv2))
       return rv2;
     if (NS_SUCCEEDED(rv)) {
       // display name and OID in parentheses
       text.Append(local);
       text.AppendLiteral(" (");
       text.Append(oidname);
       text.Append(')');
@@ -803,29 +829,29 @@ ProcessExtKeyUsage(SECItem* extData,
     text.AppendLiteral(SEPARATOR);
     oids++;
   }
 
   return NS_OK;
 }
 
 static nsresult
-ProcessRDN(CERTRDN* rdn, nsAString& finalString, nsINSSComponent* nssComponent)
+ProcessRDN(CERTRDN* rdn, nsAString& finalString)
 {
   nsresult rv;
   CERTAVA** avas;
   CERTAVA* ava;
   nsString avavalue;
   nsString type;
   nsAutoString temp;
   const char16_t* params[2];
 
   avas = rdn->avas;
   while ((ava = *avas++) != 0) {
-    rv = GetOIDText(&ava->type, nssComponent, type);
+    rv = GetOIDText(&ava->type, type);
     if (NS_FAILED(rv)) {
       return rv;
     }
 
     // This function returns a string in UTF8 format.
     UniqueSECItem decodeItem(CERT_DecodeAVAValue(&ava->value));
     if (!decodeItem) {
       return NS_ERROR_FAILURE;
@@ -843,24 +869,24 @@ ProcessRDN(CERTRDN* rdn, nsAString& fina
     if (SECSuccess != status) {
       return NS_ERROR_FAILURE;
     }
 
     avavalue = NS_ConvertUTF8toUTF16(escapedValue.get());
 
     params[0] = type.get();
     params[1] = avavalue.get();
-    nssComponent->PIPBundleFormatStringFromName("AVATemplate", params, 2, temp);
+    PIPBundleFormatStringFromName("AVATemplate", params, 2, temp);
     finalString += temp + NS_LITERAL_STRING("\n");
   }
   return NS_OK;
 }
 
 static nsresult
-ProcessName(CERTName* name, nsINSSComponent* nssComponent, char16_t** value)
+ProcessName(CERTName* name, char16_t** value)
 {
   CERTRDN** rdns;
   CERTRDN** rdn;
   nsString finalString;
 
   rdns = name->rdns;
 
   nsresult rv;
@@ -881,17 +907,17 @@ ProcessName(CERTName* name, nsINSSCompon
    * When building the Ascii string, NSS loops over these entries in
    * reverse order, so I will as well.  The difference is that NSS
    * will always place them in a one line string separated by commas,
    * where I want each entry on a single line.  I can't just use a comma
    * as my delimitter because it is a valid character to have in the
    * value portion of the AVA and could cause trouble when parsing.
    */
   for (rdn = lastRdn; rdn >= rdns; rdn--) {
-    rv = ProcessRDN(*rdn, finalString, nssComponent);
+    rv = ProcessRDN(*rdn, finalString);
     if (NS_FAILED(rv))
       return rv;
   }
   *value = ToNewUnicode(finalString);
   return NS_OK;
 }
 
 static nsresult
@@ -947,51 +973,49 @@ ProcessBMPString(SECItem* extData, nsASt
       SECSuccess) {
     return NS_ERROR_FAILURE;
   }
 
   return AppendBMPtoUTF16(arena, item.data, item.len, text);
 }
 
 static nsresult
-ProcessGeneralName(const UniquePLArenaPool& arena,
-                   CERTGeneralName* current,
-                   nsAString& text,
-                   nsINSSComponent* nssComponent)
+ProcessGeneralName(const UniquePLArenaPool& arena, CERTGeneralName* current,
+                   nsAString& text)
 {
   NS_ENSURE_ARG_POINTER(current);
 
   nsAutoString key;
   nsXPIDLString value;
   nsresult rv = NS_OK;
 
   switch (current->type) {
     case certOtherName: {
       SECOidTag oidTag = SECOID_FindOIDTag(&current->name.OthName.oid);
       if (oidTag == SEC_OID(MS_NT_PRINCIPAL_NAME)) {
         /* The type of this name is apparently nowhere explicitly
          documented. However, in the generated templates, it is always
          UTF-8. So try to decode this as UTF-8; if that fails, dump the
          raw data. */
         SECItem decoded;
-        nssComponent->GetPIPNSSBundleString("CertDumpMSNTPrincipal", key);
+        GetPIPNSSBundleString("CertDumpMSNTPrincipal", key);
         if (SEC_ASN1DecodeItem(arena.get(),
                                &decoded,
                                SEC_ASN1_GET(SEC_UTF8StringTemplate),
                                &current->name.OthName.name) == SECSuccess) {
           AppendUTF8toUTF16(nsAutoCString((char*)decoded.data, decoded.len),
                             value);
         } else {
-          ProcessRawBytes(nssComponent, &current->name.OthName.name, value);
+          ProcessRawBytes(&current->name.OthName.name, value);
         }
         break;
       } else if (oidTag == SEC_OID(MS_NTDS_REPLICATION)) {
         /* This should be a 16-byte GUID */
         SECItem guid;
-        nssComponent->GetPIPNSSBundleString("CertDumpMSDomainGUID", key);
+        GetPIPNSSBundleString("CertDumpMSDomainGUID", key);
         if (SEC_ASN1DecodeItem(arena.get(),
                                &guid,
                                SEC_ASN1_GET(SEC_OctetStringTemplate),
                                &current->name.OthName.name) == SECSuccess &&
             guid.len == 16) {
           char buf[40];
           unsigned char* d = guid.data;
           SprintfLiteral(buf,
@@ -1010,222 +1034,214 @@ ProcessGeneralName(const UniquePLArenaPo
                          d[10],
                          d[11],
                          d[12],
                          d[13],
                          d[14],
                          d[15]);
           value.AssignASCII(buf);
         } else {
-          ProcessRawBytes(nssComponent, &current->name.OthName.name, value);
+          ProcessRawBytes(&current->name.OthName.name, value);
         }
       } else {
         rv = GetDefaultOIDFormat(
-          &current->name.OthName.oid, nssComponent, key, ' ');
+          &current->name.OthName.oid, key, ' ');
         if (NS_FAILED(rv)) {
           return rv;
         }
-        ProcessRawBytes(nssComponent, &current->name.OthName.name, value);
+        ProcessRawBytes(&current->name.OthName.name, value);
       }
       break;
     }
     case certRFC822Name:
-      nssComponent->GetPIPNSSBundleString("CertDumpRFC822Name", key);
+      GetPIPNSSBundleString("CertDumpRFC822Name", key);
       value.AssignASCII((char*)current->name.other.data,
                         current->name.other.len);
       break;
     case certDNSName:
-      nssComponent->GetPIPNSSBundleString("CertDumpDNSName", key);
+      GetPIPNSSBundleString("CertDumpDNSName", key);
       value.AssignASCII((char*)current->name.other.data,
                         current->name.other.len);
       break;
     case certX400Address:
-      nssComponent->GetPIPNSSBundleString("CertDumpX400Address", key);
-      ProcessRawBytes(nssComponent, &current->name.other, value);
+      GetPIPNSSBundleString("CertDumpX400Address", key);
+      ProcessRawBytes(&current->name.other, value);
       break;
     case certDirectoryName:
-      nssComponent->GetPIPNSSBundleString("CertDumpDirectoryName", key);
+      GetPIPNSSBundleString("CertDumpDirectoryName", key);
       rv = ProcessName(
-        &current->name.directoryName, nssComponent, getter_Copies(value));
+        &current->name.directoryName, getter_Copies(value));
       if (NS_FAILED(rv)) {
         return rv;
       }
       break;
     case certEDIPartyName:
-      nssComponent->GetPIPNSSBundleString("CertDumpEDIPartyName", key);
-      ProcessRawBytes(nssComponent, &current->name.other, value);
+      GetPIPNSSBundleString("CertDumpEDIPartyName", key);
+      ProcessRawBytes(&current->name.other, value);
       break;
     case certURI:
-      nssComponent->GetPIPNSSBundleString("CertDumpURI", key);
+      GetPIPNSSBundleString("CertDumpURI", key);
       value.AssignASCII((char*)current->name.other.data,
                         current->name.other.len);
       break;
     case certIPAddress: {
       char buf[INET6_ADDRSTRLEN];
       PRStatus status = PR_FAILURE;
       PRNetAddr addr;
       memset(&addr, 0, sizeof(addr));
-      nssComponent->GetPIPNSSBundleString("CertDumpIPAddress", key);
+      GetPIPNSSBundleString("CertDumpIPAddress", key);
       if (current->name.other.len == 4) {
         addr.inet.family = PR_AF_INET;
         memcpy(
           &addr.inet.ip, current->name.other.data, current->name.other.len);
         status = PR_NetAddrToString(&addr, buf, sizeof(buf));
       } else if (current->name.other.len == 16) {
         addr.ipv6.family = PR_AF_INET6;
         memcpy(
           &addr.ipv6.ip, current->name.other.data, current->name.other.len);
         status = PR_NetAddrToString(&addr, buf, sizeof(buf));
       }
       if (status == PR_SUCCESS) {
         value.AssignASCII(buf);
       } else {
         /* invalid IP address */
-        ProcessRawBytes(nssComponent, &current->name.other, value);
+        ProcessRawBytes(&current->name.other, value);
       }
       break;
     }
     case certRegisterID:
-      nssComponent->GetPIPNSSBundleString("CertDumpRegisterID", key);
-      rv = GetDefaultOIDFormat(&current->name.other, nssComponent, value, '.');
+      GetPIPNSSBundleString("CertDumpRegisterID", key);
+      rv = GetDefaultOIDFormat(&current->name.other, value, '.');
       if (NS_FAILED(rv)) {
         return rv;
       }
       break;
   }
   text.Append(key);
   text.AppendLiteral(": ");
   text.Append(value);
   text.AppendLiteral(SEPARATOR);
 
   return rv;
 }
 
 static nsresult
-ProcessGeneralNames(const UniquePLArenaPool& arena,
-                    CERTGeneralName* nameList,
-                    nsAString& text,
-                    nsINSSComponent* nssComponent)
+ProcessGeneralNames(const UniquePLArenaPool& arena, CERTGeneralName* nameList,
+                    nsAString& text)
 {
   CERTGeneralName* current = nameList;
   nsresult rv;
 
   do {
-    rv = ProcessGeneralName(arena, current, text, nssComponent);
+    rv = ProcessGeneralName(arena, current, text);
     if (NS_FAILED(rv)) {
       break;
     }
     current = CERT_GetNextGeneralName(current);
   } while (current != nameList);
   return rv;
 }
 
 static nsresult
-ProcessAltName(SECItem* extData, nsAString& text, nsINSSComponent* nssComponent)
+ProcessAltName(SECItem* extData, nsAString& text)
 {
   UniquePLArenaPool arena(PORT_NewArena(DER_DEFAULT_CHUNKSIZE));
   if (!arena) {
     return NS_ERROR_OUT_OF_MEMORY;
   }
 
   CERTGeneralName* nameList = CERT_DecodeAltNameExtension(arena.get(), extData);
   if (!nameList) {
     return NS_OK;
   }
 
-  return ProcessGeneralNames(arena, nameList, text, nssComponent);
+  return ProcessGeneralNames(arena, nameList, text);
 }
 
 static nsresult
-ProcessSubjectKeyId(SECItem* extData,
-                    nsAString& text,
-                    nsINSSComponent* nssComponent)
+ProcessSubjectKeyId(SECItem* extData, nsAString& text)
 {
   SECItem decoded;
   nsAutoString local;
 
   UniquePLArenaPool arena(PORT_NewArena(DER_DEFAULT_CHUNKSIZE));
   if (!arena) {
     return NS_ERROR_OUT_OF_MEMORY;
   }
 
   if (SEC_QuickDERDecodeItem(arena.get(),
                              &decoded,
                              SEC_ASN1_GET(SEC_OctetStringTemplate),
                              extData) != SECSuccess) {
     return NS_ERROR_FAILURE;
   }
 
-  nssComponent->GetPIPNSSBundleString("CertDumpKeyID", local);
+  GetPIPNSSBundleString("CertDumpKeyID", local);
   text.Append(local);
   text.AppendLiteral(": ");
-  ProcessRawBytes(nssComponent, &decoded, text);
+  ProcessRawBytes(&decoded, text);
 
   return NS_OK;
 }
 
 static nsresult
-ProcessAuthKeyId(SECItem* extData,
-                 nsAString& text,
-                 nsINSSComponent* nssComponent)
+ProcessAuthKeyId(SECItem* extData, nsAString& text)
 {
   nsresult rv = NS_OK;
   nsAutoString local;
 
   UniquePLArenaPool arena(PORT_NewArena(DER_DEFAULT_CHUNKSIZE));
   if (!arena) {
     return NS_ERROR_OUT_OF_MEMORY;
   }
 
   CERTAuthKeyID* ret = CERT_DecodeAuthKeyID(arena.get(), extData);
   if (!ret) {
     return NS_ERROR_FAILURE;
   }
 
   if (ret->keyID.len > 0) {
-    nssComponent->GetPIPNSSBundleString("CertDumpKeyID", local);
+    GetPIPNSSBundleString("CertDumpKeyID", local);
     text.Append(local);
     text.AppendLiteral(": ");
-    ProcessRawBytes(nssComponent, &ret->keyID, text);
+    ProcessRawBytes(&ret->keyID, text);
     text.AppendLiteral(SEPARATOR);
   }
 
   if (ret->authCertIssuer) {
-    nssComponent->GetPIPNSSBundleString("CertDumpIssuer", local);
+    GetPIPNSSBundleString("CertDumpIssuer", local);
     text.Append(local);
     text.AppendLiteral(": ");
-    rv = ProcessGeneralNames(arena, ret->authCertIssuer, text, nssComponent);
+    rv = ProcessGeneralNames(arena, ret->authCertIssuer, text);
     if (NS_FAILED(rv)) {
       return rv;
     }
   }
 
   if (ret->authCertSerialNumber.len > 0) {
-    nssComponent->GetPIPNSSBundleString("CertDumpSerialNo", local);
+    GetPIPNSSBundleString("CertDumpSerialNo", local);
     text.Append(local);
     text.AppendLiteral(": ");
-    ProcessRawBytes(nssComponent, &ret->authCertSerialNumber, text);
+    ProcessRawBytes(&ret->authCertSerialNumber, text);
   }
 
   return rv;
 }
 
 static nsresult
-ProcessUserNotice(SECItem* derNotice,
-                  nsAString& text,
-                  nsINSSComponent* nssComponent)
+ProcessUserNotice(SECItem* derNotice, nsAString& text)
 {
   UniquePLArenaPool arena(PORT_NewArena(DER_DEFAULT_CHUNKSIZE));
   if (!arena) {
     return NS_ERROR_OUT_OF_MEMORY;
   }
 
   UniqueCERTUserNotice notice(CERT_DecodeUserNotice(derNotice));
   if (!notice) {
-    ProcessRawBytes(nssComponent, derNotice, text);
+    ProcessRawBytes(derNotice, text);
     return NS_OK;
   }
 
   if (notice->noticeReference.organization.len != 0) {
     switch (notice->noticeReference.organization.type) {
       case siAsciiString:
       case siVisibleString:
       case siUTF8String:
@@ -1274,19 +1290,17 @@ ProcessUserNotice(SECItem* derNotice,
         break;
     }
   }
 
   return NS_OK;
 }
 
 static nsresult
-ProcessCertificatePolicies(SECItem* extData,
-                           nsAString& text,
-                           nsINSSComponent* nssComponent)
+ProcessCertificatePolicies(SECItem* extData, nsAString& text)
 {
   CERTPolicyInfo **policyInfos, *policyInfo;
   CERTPolicyQualifier **policyQualifiers, *policyQualifier;
   nsAutoString local;
   nsresult rv = NS_OK;
 
   UniqueCERTCertificatePolicies policies(
     CERT_DecodeCertificatePoliciesExtension(extData));
@@ -1294,74 +1308,69 @@ ProcessCertificatePolicies(SECItem* extD
     return NS_ERROR_FAILURE;
   }
 
   policyInfos = policies->policyInfos;
   while (*policyInfos) {
     policyInfo = *policyInfos++;
     switch (policyInfo->oid) {
       case SEC_OID_VERISIGN_USER_NOTICES:
-        nssComponent->GetPIPNSSBundleString("CertDumpVerisignNotices", local);
+        GetPIPNSSBundleString("CertDumpVerisignNotices", local);
         text.Append(local);
         break;
       default:
-        GetDefaultOIDFormat(&policyInfo->policyID, nssComponent, local, '.');
+        GetDefaultOIDFormat(&policyInfo->policyID, local, '.');
         text.Append(local);
     }
 
     if (policyInfo->policyQualifiers) {
       /* Add all qualifiers on separate lines, indented */
       policyQualifiers = policyInfo->policyQualifiers;
       text.Append(':');
       text.AppendLiteral(SEPARATOR);
       while (*policyQualifiers) {
         text.AppendLiteral("  ");
         policyQualifier = *policyQualifiers++;
         switch (policyQualifier->oid) {
           case SEC_OID_PKIX_CPS_POINTER_QUALIFIER:
-            nssComponent->GetPIPNSSBundleString("CertDumpCPSPointer", local);
+            GetPIPNSSBundleString("CertDumpCPSPointer", local);
             text.Append(local);
             text.Append(':');
             text.AppendLiteral(SEPARATOR);
             text.AppendLiteral("    ");
             /* The CPS pointer ought to be the cPSuri alternative
              of the Qualifier choice. */
             rv = ProcessIA5String(policyQualifier->qualifierValue, text);
             if (NS_FAILED(rv)) {
               return rv;
             }
             break;
           case SEC_OID_PKIX_USER_NOTICE_QUALIFIER:
-            nssComponent->GetPIPNSSBundleString("CertDumpUserNotice", local);
+            GetPIPNSSBundleString("CertDumpUserNotice", local);
             text.Append(local);
             text.AppendLiteral(": ");
-            rv = ProcessUserNotice(
-              &policyQualifier->qualifierValue, text, nssComponent);
+            rv = ProcessUserNotice(&policyQualifier->qualifierValue, text);
             break;
           default:
-            GetDefaultOIDFormat(
-              &policyQualifier->qualifierID, nssComponent, local, '.');
+            GetDefaultOIDFormat(&policyQualifier->qualifierID, local, '.');
             text.Append(local);
             text.AppendLiteral(": ");
-            ProcessRawBytes(
-              nssComponent, &policyQualifier->qualifierValue, text);
+            ProcessRawBytes(&policyQualifier->qualifierValue, text);
         }
         text.AppendLiteral(SEPARATOR);
       } /* while policyQualifiers */
     }   /* if policyQualifiers */
     text.AppendLiteral(SEPARATOR);
   }
 
   return rv;
 }
 
 static nsresult
-ProcessCrlDistPoints(SECItem* extData,
-                     nsAString& text,
-                     nsINSSComponent* nssComponent)
+ProcessCrlDistPoints(SECItem* extData, nsAString& text)
 {
   nsresult rv = NS_OK;
   nsAutoString local;
 
   UniquePLArenaPool arena(PORT_NewArena(DER_DEFAULT_CHUNKSIZE));
   if (!arena) {
     return NS_ERROR_OUT_OF_MEMORY;
   }
@@ -1372,100 +1381,97 @@ ProcessCrlDistPoints(SECItem* extData,
     return NS_ERROR_FAILURE;
   }
 
   for (CRLDistributionPoint** points = crldp->distPoints; *points; points++) {
     CRLDistributionPoint* point = *points;
     switch (point->distPointType) {
       case generalName:
         rv = ProcessGeneralName(
-          arena, point->distPoint.fullName, text, nssComponent);
+          arena, point->distPoint.fullName, text);
         if (NS_FAILED(rv)) {
           return rv;
         }
         break;
       case relativeDistinguishedName:
-        rv = ProcessRDN(&point->distPoint.relativeName, text, nssComponent);
+        rv = ProcessRDN(&point->distPoint.relativeName, text);
         if (NS_FAILED(rv)) {
           return rv;
         }
         break;
     }
     if (point->reasons.len) {
       int reasons = point->reasons.data[0];
       text.Append(' ');
       bool comma = false;
       if (reasons & RF_UNUSED) {
-        nssComponent->GetPIPNSSBundleString("CertDumpUnused", local);
+        GetPIPNSSBundleString("CertDumpUnused", local);
         text.Append(local);
         comma = true;
       }
       if (reasons & RF_KEY_COMPROMISE) {
         if (comma)
           text.AppendLiteral(", ");
-        nssComponent->GetPIPNSSBundleString("CertDumpKeyCompromise", local);
+        GetPIPNSSBundleString("CertDumpKeyCompromise", local);
         text.Append(local);
         comma = true;
       }
       if (reasons & RF_CA_COMPROMISE) {
         if (comma)
           text.AppendLiteral(", ");
-        nssComponent->GetPIPNSSBundleString("CertDumpCACompromise", local);
+        GetPIPNSSBundleString("CertDumpCACompromise", local);
         text.Append(local);
         comma = true;
       }
       if (reasons & RF_AFFILIATION_CHANGED) {
         if (comma)
           text.AppendLiteral(", ");
-        nssComponent->GetPIPNSSBundleString("CertDumpAffiliationChanged",
-                                            local);
+        GetPIPNSSBundleString("CertDumpAffiliationChanged", local);
         text.Append(local);
         comma = true;
       }
       if (reasons & RF_SUPERSEDED) {
         if (comma)
           text.AppendLiteral(", ");
-        nssComponent->GetPIPNSSBundleString("CertDumpSuperseded", local);
+        GetPIPNSSBundleString("CertDumpSuperseded", local);
         text.Append(local);
         comma = true;
       }
       if (reasons & RF_CESSATION_OF_OPERATION) {
         if (comma)
           text.AppendLiteral(", ");
-        nssComponent->GetPIPNSSBundleString("CertDumpCessation", local);
+        GetPIPNSSBundleString("CertDumpCessation", local);
         text.Append(local);
         comma = true;
       }
       if (reasons & RF_CERTIFICATE_HOLD) {
         if (comma)
           text.AppendLiteral(", ");
-        nssComponent->GetPIPNSSBundleString("CertDumpHold", local);
+        GetPIPNSSBundleString("CertDumpHold", local);
         text.Append(local);
         comma = true;
       }
       text.AppendLiteral(SEPARATOR);
     }
     if (point->crlIssuer) {
-      nssComponent->GetPIPNSSBundleString("CertDumpIssuer", local);
+      GetPIPNSSBundleString("CertDumpIssuer", local);
       text.Append(local);
       text.AppendLiteral(": ");
-      rv = ProcessGeneralNames(arena, point->crlIssuer, text, nssComponent);
+      rv = ProcessGeneralNames(arena, point->crlIssuer, text);
       if (NS_FAILED(rv)) {
         return rv;
       }
     }
   }
 
   return NS_OK;
 }
 
 static nsresult
-ProcessAuthInfoAccess(SECItem* extData,
-                      nsAString& text,
-                      nsINSSComponent* nssComponent)
+ProcessAuthInfoAccess(SECItem* extData, nsAString& text)
 {
   nsresult rv = NS_OK;
   nsAutoString local;
 
   UniquePLArenaPool arena(PORT_NewArena(DER_DEFAULT_CHUNKSIZE));
   if (!arena) {
     return NS_ERROR_OUT_OF_MEMORY;
   }
@@ -1475,197 +1481,189 @@ ProcessAuthInfoAccess(SECItem* extData,
   if (!aia) {
     return NS_OK;
   }
 
   while (*aia) {
     CERTAuthInfoAccess* desc = *aia++;
     switch (SECOID_FindOIDTag(&desc->method)) {
       case SEC_OID_PKIX_OCSP:
-        nssComponent->GetPIPNSSBundleString("CertDumpOCSPResponder", local);
+        GetPIPNSSBundleString("CertDumpOCSPResponder", local);
         break;
       case SEC_OID_PKIX_CA_ISSUERS:
-        nssComponent->GetPIPNSSBundleString("CertDumpCAIssuers", local);
+        GetPIPNSSBundleString("CertDumpCAIssuers", local);
         break;
       default:
-        rv = GetDefaultOIDFormat(&desc->method, nssComponent, local, '.');
+        rv = GetDefaultOIDFormat(&desc->method, local, '.');
         if (NS_FAILED(rv)) {
           return rv;
         }
     }
     text.Append(local);
     text.AppendLiteral(": ");
-    rv = ProcessGeneralName(arena, desc->location, text, nssComponent);
+    rv = ProcessGeneralName(arena, desc->location, text);
     if (NS_FAILED(rv)) {
       return rv;
     }
   }
 
   return rv;
 }
 
 static nsresult
-ProcessMSCAVersion(SECItem* extData,
-                   nsAString& text,
-                   nsINSSComponent* nssComponent)
+ProcessMSCAVersion(SECItem* extData, nsAString& text)
 {
   MOZ_ASSERT(extData);
   NS_ENSURE_ARG(extData);
 
   ScopedAutoSECItem decoded;
   if (SEC_ASN1DecodeItem(
         nullptr, &decoded, SEC_ASN1_GET(SEC_IntegerTemplate), extData) !=
       SECSuccess) {
     /* This extension used to be an Integer when this code
        was written, but apparently isn't anymore. Display
        the raw bytes instead. */
-    return ProcessRawBytes(nssComponent, extData, text);
+    return ProcessRawBytes(extData, text);
   }
 
   unsigned long version;
   if (SEC_ASN1DecodeInteger(&decoded, &version) != SECSuccess) {
     /* Value out of range, display raw bytes */
-    return ProcessRawBytes(nssComponent, extData, text);
+    return ProcessRawBytes(extData, text);
   }
 
   /* Apparently, the encoding is <minor><major>, with 16 bits each */
   char buf[50];
   if (SprintfLiteral(buf, "%lu.%lu", version & 0xFFFF, version >> 16) <= 0) {
     return NS_ERROR_FAILURE;
   }
 
   text.AppendASCII(buf);
   return NS_OK;
 }
 
 static nsresult
-ProcessExtensionData(SECOidTag oidTag,
-                     SECItem* extData,
-                     nsAString& text,
-                     nsINSSComponent* nssComponent)
+ProcessExtensionData(SECOidTag oidTag, SECItem* extData, nsAString& text)
 {
   nsresult rv;
   switch (oidTag) {
     case SEC_OID_X509_KEY_USAGE:
-      rv = ProcessKeyUsageExtension(extData, text, nssComponent);
+      rv = ProcessKeyUsageExtension(extData, text);
       break;
     case SEC_OID_X509_BASIC_CONSTRAINTS:
-      rv = ProcessBasicConstraints(extData, text, nssComponent);
+      rv = ProcessBasicConstraints(extData, text);
       break;
     case SEC_OID_X509_EXT_KEY_USAGE:
-      rv = ProcessExtKeyUsage(extData, text, nssComponent);
+      rv = ProcessExtKeyUsage(extData, text);
       break;
     case SEC_OID_X509_ISSUER_ALT_NAME:
     case SEC_OID_X509_SUBJECT_ALT_NAME:
-      rv = ProcessAltName(extData, text, nssComponent);
+      rv = ProcessAltName(extData, text);
       break;
     case SEC_OID_X509_SUBJECT_KEY_ID:
-      rv = ProcessSubjectKeyId(extData, text, nssComponent);
+      rv = ProcessSubjectKeyId(extData, text);
       break;
     case SEC_OID_X509_AUTH_KEY_ID:
-      rv = ProcessAuthKeyId(extData, text, nssComponent);
+      rv = ProcessAuthKeyId(extData, text);
       break;
     case SEC_OID_X509_CERTIFICATE_POLICIES:
-      rv = ProcessCertificatePolicies(extData, text, nssComponent);
+      rv = ProcessCertificatePolicies(extData, text);
       break;
     case SEC_OID_X509_CRL_DIST_POINTS:
-      rv = ProcessCrlDistPoints(extData, text, nssComponent);
+      rv = ProcessCrlDistPoints(extData, text);
       break;
     case SEC_OID_X509_AUTH_INFO_ACCESS:
-      rv = ProcessAuthInfoAccess(extData, text, nssComponent);
+      rv = ProcessAuthInfoAccess(extData, text);
       break;
     default:
       if (oidTag == SEC_OID(MS_CERT_EXT_CERTTYPE)) {
         rv = ProcessBMPString(extData, text);
         break;
       }
       if (oidTag == SEC_OID(MS_CERTSERV_CA_VERSION)) {
-        rv = ProcessMSCAVersion(extData, text, nssComponent);
+        rv = ProcessMSCAVersion(extData, text);
         break;
       }
-      rv = ProcessRawBytes(nssComponent, extData, text);
+      rv = ProcessRawBytes(extData, text);
       break;
   }
   return rv;
 }
 
 static nsresult
 ProcessSingleExtension(CERTCertExtension* extension,
-                       nsINSSComponent* nssComponent,
                        nsIASN1PrintableItem** retExtension)
 {
   nsAutoString text, extvalue;
-  GetOIDText(&extension->id, nssComponent, text);
+  GetOIDText(&extension->id, text);
   nsCOMPtr<nsIASN1PrintableItem> extensionItem = new nsNSSASN1PrintableItem();
 
   extensionItem->SetDisplayName(text);
   SECOidTag oidTag = SECOID_FindOIDTag(&extension->id);
   text.Truncate();
   if (extension->critical.data) {
     if (extension->critical.data[0]) {
-      nssComponent->GetPIPNSSBundleString("CertDumpCritical", text);
+      GetPIPNSSBundleString("CertDumpCritical", text);
     } else {
-      nssComponent->GetPIPNSSBundleString("CertDumpNonCritical", text);
+      GetPIPNSSBundleString("CertDumpNonCritical", text);
     }
   } else {
-    nssComponent->GetPIPNSSBundleString("CertDumpNonCritical", text);
+    GetPIPNSSBundleString("CertDumpNonCritical", text);
   }
   text.AppendLiteral(SEPARATOR);
   nsresult rv =
-    ProcessExtensionData(oidTag, &extension->value, extvalue, nssComponent);
+    ProcessExtensionData(oidTag, &extension->value, extvalue);
   if (NS_FAILED(rv)) {
     extvalue.Truncate();
-    rv = ProcessRawBytes(nssComponent, &extension->value, extvalue, false);
+    rv = ProcessRawBytes(&extension->value, extvalue, false);
   }
   text.Append(extvalue);
 
   extensionItem->SetDisplayValue(text);
   extensionItem.forget(retExtension);
   return NS_OK;
 }
 
 static nsresult
-ProcessSECAlgorithmID(SECAlgorithmID* algID,
-                      nsINSSComponent* nssComponent,
-                      nsIASN1Sequence** retSequence)
+ProcessSECAlgorithmID(SECAlgorithmID* algID, nsIASN1Sequence** retSequence)
 {
   SECOidTag algOIDTag = SECOID_FindOIDTag(&algID->algorithm);
   SECItem paramsOID = { siBuffer, nullptr, 0 };
   nsCOMPtr<nsIASN1Sequence> sequence = new nsNSSASN1Sequence();
 
   *retSequence = nullptr;
   nsString text;
-  GetOIDText(&algID->algorithm, nssComponent, text);
+  GetOIDText(&algID->algorithm, text);
   if (!algID->parameters.len ||
       algID->parameters.data[0] == nsIASN1Object::ASN1_NULL) {
     sequence->SetDisplayValue(text);
     sequence->SetIsValidContainer(false);
   } else {
     nsCOMPtr<nsIASN1PrintableItem> printableItem = new nsNSSASN1PrintableItem();
 
     printableItem->SetDisplayValue(text);
     nsCOMPtr<nsIMutableArray> asn1Objects;
     sequence->GetASN1Objects(getter_AddRefs(asn1Objects));
     asn1Objects->AppendElement(printableItem, false);
-    nssComponent->GetPIPNSSBundleString("CertDumpAlgID", text);
+    GetPIPNSSBundleString("CertDumpAlgID", text);
     printableItem->SetDisplayName(text);
 
     printableItem = new nsNSSASN1PrintableItem();
 
     asn1Objects->AppendElement(printableItem, false);
-    nssComponent->GetPIPNSSBundleString("CertDumpParams", text);
+    GetPIPNSSBundleString("CertDumpParams", text);
     printableItem->SetDisplayName(text);
     if ((algOIDTag == SEC_OID_ANSIX962_EC_PUBLIC_KEY) &&
         (algID->parameters.len > 2) &&
         (algID->parameters.data[0] == nsIASN1Object::ASN1_OBJECT_ID)) {
       paramsOID.len = algID->parameters.len - 2;
       paramsOID.data = algID->parameters.data + 2;
-      GetOIDText(&paramsOID, nssComponent, text);
+      GetOIDText(&paramsOID, text);
     } else {
-      ProcessRawBytes(nssComponent, &algID->parameters, text);
+      ProcessRawBytes(&algID->parameters, text);
     }
     printableItem->SetDisplayValue(text);
   }
   sequence.forget(retSequence);
   return NS_OK;
 }
 
 static nsresult
@@ -1701,29 +1699,28 @@ ProcessTime(PRTime dispTime,
   nsCOMPtr<nsIMutableArray> asn1Objects;
   parentSequence->GetASN1Objects(getter_AddRefs(asn1Objects));
   asn1Objects->AppendElement(printableItem, false);
   return NS_OK;
 }
 
 static nsresult
 ProcessSubjectPublicKeyInfo(CERTSubjectPublicKeyInfo* spki,
-                            nsIASN1Sequence* parentSequence,
-                            nsINSSComponent* nssComponent)
+                            nsIASN1Sequence* parentSequence)
 {
   nsCOMPtr<nsIASN1Sequence> spkiSequence = new nsNSSASN1Sequence();
 
   nsString text;
-  nssComponent->GetPIPNSSBundleString("CertDumpSPKI", text);
+  GetPIPNSSBundleString("CertDumpSPKI", text);
   spkiSequence->SetDisplayName(text);
 
-  nssComponent->GetPIPNSSBundleString("CertDumpSPKIAlg", text);
+  GetPIPNSSBundleString("CertDumpSPKIAlg", text);
   nsCOMPtr<nsIASN1Sequence> sequenceItem;
   nsresult rv = ProcessSECAlgorithmID(
-    &spki->algorithm, nssComponent, getter_AddRefs(sequenceItem));
+    &spki->algorithm, getter_AddRefs(sequenceItem));
   if (NS_FAILED(rv))
     return rv;
   sequenceItem->SetDisplayName(text);
   nsCOMPtr<nsIMutableArray> asn1Objects;
   spkiSequence->GetASN1Objects(getter_AddRefs(asn1Objects));
   asn1Objects->AppendElement(sequenceItem, false);
 
   nsCOMPtr<nsIASN1PrintableItem> printableItem = new nsNSSASN1PrintableItem();
@@ -1734,91 +1731,88 @@ ProcessSubjectPublicKeyInfo(CERTSubjectP
   bool displayed = false;
   if (key) {
     switch (key->keyType) {
       case rsaKey: {
         displayed = true;
         nsAutoString length1, length2, data1, data2;
         length1.AppendInt(key->u.rsa.modulus.len * 8);
         length2.AppendInt(key->u.rsa.publicExponent.len * 8);
-        ProcessRawBytes(nssComponent, &key->u.rsa.modulus, data1, false);
-        ProcessRawBytes(nssComponent, &key->u.rsa.publicExponent, data2, false);
+        ProcessRawBytes(&key->u.rsa.modulus, data1, false);
+        ProcessRawBytes(&key->u.rsa.publicExponent, data2, false);
         const char16_t* params[4] = {
           length1.get(), data1.get(), length2.get(), data2.get()
         };
-        nssComponent->PIPBundleFormatStringFromName(
-          "CertDumpRSATemplate", params, 4, text);
+        PIPBundleFormatStringFromName("CertDumpRSATemplate", params, 4, text);
         break;
       }
       case ecKey: {
         displayed = true;
         SECKEYECPublicKey& ecpk = key->u.ec;
         int fieldSizeLenAsBits =
           SECKEY_ECParamsToKeySize(&ecpk.DEREncodedParams);
         int basePointOrderLenAsBits =
           SECKEY_ECParamsToBasePointOrderLen(&ecpk.DEREncodedParams);
         nsAutoString s_fsl, s_bpol, s_pv;
         s_fsl.AppendInt(fieldSizeLenAsBits);
         s_bpol.AppendInt(basePointOrderLenAsBits);
 
         if (ecpk.publicValue.len > 4) {
-          ProcessRawBytes(nssComponent, &ecpk.publicValue, s_pv, false);
+          ProcessRawBytes(&ecpk.publicValue, s_pv, false);
         } else {
           int i_pv = DER_GetInteger(&ecpk.publicValue);
           s_pv.AppendInt(i_pv);
         }
         const char16_t* params[] = { s_fsl.get(), s_bpol.get(), s_pv.get() };
-        nssComponent->PIPBundleFormatStringFromName(
-          "CertDumpECTemplate", params, 3, text);
+        PIPBundleFormatStringFromName("CertDumpECTemplate", params, 3, text);
         break;
       }
       default:
         /* Algorithm unknown, or too rarely used to bother displaying it */
         break;
     }
   }
   if (!displayed) {
     // Algorithm unknown, display raw bytes
     // The subjectPublicKey field is encoded as a bit string.
     // ProcessRawBytes expects the length to be in bytes, so
     // let's convert the lenght into a temporary SECItem.
     SECItem data;
     data.data = spki->subjectPublicKey.data;
     data.len = spki->subjectPublicKey.len / 8;
-    ProcessRawBytes(nssComponent, &data, text);
+    ProcessRawBytes(&data, text);
   }
 
   printableItem->SetDisplayValue(text);
-  nssComponent->GetPIPNSSBundleString("CertDumpSubjPubKey", text);
+  GetPIPNSSBundleString("CertDumpSubjPubKey", text);
   printableItem->SetDisplayName(text);
   asn1Objects->AppendElement(printableItem, false);
 
   parentSequence->GetASN1Objects(getter_AddRefs(asn1Objects));
   asn1Objects->AppendElement(spkiSequence, false);
   return NS_OK;
 }
 
 static nsresult
 ProcessExtensions(CERTCertExtension** extensions,
-                  nsIASN1Sequence* parentSequence,
-                  nsINSSComponent* nssComponent)
+                  nsIASN1Sequence* parentSequence)
 {
   nsCOMPtr<nsIASN1Sequence> extensionSequence = new nsNSSASN1Sequence;
 
   nsString text;
-  nssComponent->GetPIPNSSBundleString("CertDumpExtensions", text);
+  GetPIPNSSBundleString("CertDumpExtensions", text);
   extensionSequence->SetDisplayName(text);
   int32_t i;
   nsresult rv;
   nsCOMPtr<nsIASN1PrintableItem> newExtension;
   nsCOMPtr<nsIMutableArray> asn1Objects;
   extensionSequence->GetASN1Objects(getter_AddRefs(asn1Objects));
   for (i = 0; extensions[i] != nullptr; i++) {
     rv = ProcessSingleExtension(
-      extensions[i], nssComponent, getter_AddRefs(newExtension));
+      extensions[i], getter_AddRefs(newExtension));
     if (NS_FAILED(rv))
       return rv;
 
     asn1Objects->AppendElement(newExtension, false);
   }
   parentSequence->GetASN1Objects(getter_AddRefs(asn1Objects));
   asn1Objects->AppendElement(extensionSequence, false);
   return NS_OK;
@@ -1842,22 +1836,18 @@ RegisterDynamicOids()
     }
     more_oids[i].offset = tag;
   }
   registered = true;
   return rv;
 }
 
 nsresult
-nsNSSCertificate::CreateTBSCertificateASN1Struct(nsIASN1Sequence** retSequence,
-                                                 nsINSSComponent* nssComponent)
+nsNSSCertificate::CreateTBSCertificateASN1Struct(nsIASN1Sequence** retSequence)
 {
-  MOZ_ASSERT(nssComponent);
-  NS_ENSURE_ARG(nssComponent);
-
   nsNSSShutDownPreventionLock locker;
   if (isAlreadyShutDown())
     return NS_ERROR_NOT_AVAILABLE;
 
   if (RegisterDynamicOids() != SECSuccess)
     return NS_ERROR_FAILURE;
 
   //
@@ -1878,140 +1868,134 @@ nsNSSCertificate::CreateTBSCertificateAS
   //        }
   //
   // This is the ASN1 structure we should be dealing with at this point.
   // The code in this method will assert this is the structure we're dealing
   // and then add more user friendly text for that field.
   nsCOMPtr<nsIASN1Sequence> sequence = new nsNSSASN1Sequence();
 
   nsString text;
-  nssComponent->GetPIPNSSBundleString("CertDumpCertificate", text);
+  GetPIPNSSBundleString("CertDumpCertificate", text);
   sequence->SetDisplayName(text);
   nsCOMPtr<nsIASN1PrintableItem> printableItem;
 
   nsCOMPtr<nsIMutableArray> asn1Objects;
   sequence->GetASN1Objects(getter_AddRefs(asn1Objects));
 
-  nsresult rv = ProcessVersion(
-    &mCert->version, nssComponent, getter_AddRefs(printableItem));
+  nsresult rv = ProcessVersion(&mCert->version, getter_AddRefs(printableItem));
   if (NS_FAILED(rv))
     return rv;
 
   asn1Objects->AppendElement(printableItem, false);
 
-  rv = ProcessSerialNumberDER(
-    mCert->serialNumber, WrapNotNull(nssComponent), printableItem);
+  rv = ProcessSerialNumberDER(mCert->serialNumber, printableItem);
   if (NS_FAILED(rv))
     return rv;
   asn1Objects->AppendElement(printableItem, false);
 
   nsCOMPtr<nsIASN1Sequence> algID;
-  rv = ProcessSECAlgorithmID(
-    &mCert->signature, nssComponent, getter_AddRefs(algID));
+  rv = ProcessSECAlgorithmID(&mCert->signature, getter_AddRefs(algID));
   if (NS_FAILED(rv))
     return rv;
 
-  nssComponent->GetPIPNSSBundleString("CertDumpSigAlg", text);
+  GetPIPNSSBundleString("CertDumpSigAlg", text);
   algID->SetDisplayName(text);
   asn1Objects->AppendElement(algID, false);
 
   nsXPIDLString value;
-  ProcessName(&mCert->issuer, nssComponent, getter_Copies(value));
+  ProcessName(&mCert->issuer, getter_Copies(value));
 
   printableItem = new nsNSSASN1PrintableItem();
 
   printableItem->SetDisplayValue(value);
-  nssComponent->GetPIPNSSBundleString("CertDumpIssuer", text);
+  GetPIPNSSBundleString("CertDumpIssuer", text);
   printableItem->SetDisplayName(text);
   asn1Objects->AppendElement(printableItem, false);
 
   nsCOMPtr<nsIASN1Sequence> validitySequence = new nsNSSASN1Sequence();
-  nssComponent->GetPIPNSSBundleString("CertDumpValidity", text);
+  GetPIPNSSBundleString("CertDumpValidity", text);
   validitySequence->SetDisplayName(text);
   asn1Objects->AppendElement(validitySequence, false);
-  nssComponent->GetPIPNSSBundleString("CertDumpNotBefore", text);
+  GetPIPNSSBundleString("CertDumpNotBefore", text);
   nsCOMPtr<nsIX509CertValidity> validityData;
   GetValidity(getter_AddRefs(validityData));
   PRTime notBefore, notAfter;
 
   validityData->GetNotBefore(&notBefore);
   validityData->GetNotAfter(&notAfter);
   validityData = nullptr;
   rv = ProcessTime(notBefore, text.get(), validitySequence);
   if (NS_FAILED(rv))
     return rv;
 
-  nssComponent->GetPIPNSSBundleString("CertDumpNotAfter", text);
+  GetPIPNSSBundleString("CertDumpNotAfter", text);
   rv = ProcessTime(notAfter, text.get(), validitySequence);
   if (NS_FAILED(rv))
     return rv;
 
-  nssComponent->GetPIPNSSBundleString("CertDumpSubject", text);
+  GetPIPNSSBundleString("CertDumpSubject", text);
 
   printableItem = new nsNSSASN1PrintableItem();
 
   printableItem->SetDisplayName(text);
-  ProcessName(&mCert->subject, nssComponent, getter_Copies(value));
+  ProcessName(&mCert->subject, getter_Copies(value));
   printableItem->SetDisplayValue(value);
   asn1Objects->AppendElement(printableItem, false);
 
-  rv = ProcessSubjectPublicKeyInfo(
-    &mCert->subjectPublicKeyInfo, sequence, nssComponent);
+  rv = ProcessSubjectPublicKeyInfo(&mCert->subjectPublicKeyInfo, sequence);
   if (NS_FAILED(rv))
     return rv;
 
   SECItem data;
   // Is there an issuerUniqueID?
   if (mCert->issuerID.data) {
     // The issuerID is encoded as a bit string.
     // The function ProcessRawBytes expects the
     // length to be in bytes, so let's convert the
     // length in a temporary SECItem
     data.data = mCert->issuerID.data;
     data.len = (mCert->issuerID.len + 7) / 8;
 
-    ProcessRawBytes(nssComponent, &data, text);
+    ProcessRawBytes(&data, text);
     printableItem = new nsNSSASN1PrintableItem();
 
     printableItem->SetDisplayValue(text);
-    nssComponent->GetPIPNSSBundleString("CertDumpIssuerUniqueID", text);
+    GetPIPNSSBundleString("CertDumpIssuerUniqueID", text);
     printableItem->SetDisplayName(text);
     asn1Objects->AppendElement(printableItem, false);
   }
 
   if (mCert->subjectID.data) {
     // The subjectID is encoded as a bit string.
     // The function ProcessRawBytes expects the
     // length to be in bytes, so let's convert the
     // length in a temporary SECItem
     data.data = mCert->subjectID.data;
     data.len = (mCert->subjectID.len + 7) / 8;
 
-    ProcessRawBytes(nssComponent, &data, text);
+    ProcessRawBytes(&data, text);
     printableItem = new nsNSSASN1PrintableItem();
 
     printableItem->SetDisplayValue(text);
-    nssComponent->GetPIPNSSBundleString("CertDumpSubjectUniqueID", text);
+    GetPIPNSSBundleString("CertDumpSubjectUniqueID", text);
     printableItem->SetDisplayName(text);
     asn1Objects->AppendElement(printableItem, false);
   }
   if (mCert->extensions) {
-    rv = ProcessExtensions(mCert->extensions, sequence, nssComponent);
+    rv = ProcessExtensions(mCert->extensions, sequence);
     if (NS_FAILED(rv))
       return rv;
   }
   sequence.forget(retSequence);
   return NS_OK;
 }
 
 nsresult
 nsNSSCertificate::CreateASN1Struct(nsIASN1Object** aRetVal)
 {
-  static NS_DEFINE_CID(kNSSComponentCID, NS_NSSCOMPONENT_CID);
-
   nsNSSShutDownPreventionLock locker;
   if (isAlreadyShutDown())
     return NS_ERROR_NOT_AVAILABLE;
 
   nsCOMPtr<nsIASN1Sequence> sequence = new nsNSSASN1Sequence();
 
   nsCOMPtr<nsIMutableArray> asn1Objects;
   sequence->GetASN1Objects(getter_AddRefs(asn1Objects));
@@ -2025,48 +2009,43 @@ nsNSSCertificate::CreateASN1Struct(nsIAS
   rv = sequence->SetDisplayName(displayName);
   if (NS_FAILED(rv)) {
     return rv;
   }
   sequence.forget(aRetVal);
 
   // This sequence will be contain the tbsCertificate, signatureAlgorithm,
   // and signatureValue.
-  nsCOMPtr<nsINSSComponent> nssComponent(do_GetService(kNSSComponentCID, &rv));
-  if (NS_FAILED(rv))
-    return rv;
-
-  rv = CreateTBSCertificateASN1Struct(getter_AddRefs(sequence), nssComponent);
+  rv = CreateTBSCertificateASN1Struct(getter_AddRefs(sequence));
   if (NS_FAILED(rv))
     return rv;
 
   asn1Objects->AppendElement(sequence, false);
   nsCOMPtr<nsIASN1Sequence> algID;
 
   rv = ProcessSECAlgorithmID(&mCert->signatureWrap.signatureAlgorithm,
-                             nssComponent,
                              getter_AddRefs(algID));
   if (NS_FAILED(rv))
     return rv;
   nsString text;
-  nssComponent->GetPIPNSSBundleString("CertDumpSigAlg", text);
+  GetPIPNSSBundleString("CertDumpSigAlg", text);
   algID->SetDisplayName(text);
   asn1Objects->AppendElement(algID, false);
   nsCOMPtr<nsIASN1PrintableItem> printableItem = new nsNSSASN1PrintableItem();
-  nssComponent->GetPIPNSSBundleString("CertDumpCertSig", text);
+  GetPIPNSSBundleString("CertDumpCertSig", text);
   printableItem->SetDisplayName(text);
   // The signatureWrap is encoded as a bit string.
   // The function ProcessRawBytes expects the
   // length to be in bytes, so let's convert the
   // length in a temporary SECItem
   SECItem temp;
   temp.data = mCert->signatureWrap.signature.data;
   temp.len = mCert->signatureWrap.signature.len / 8;
   text.Truncate();
-  ProcessRawBytes(nssComponent, &temp, text);
+  ProcessRawBytes(&temp, text);
   printableItem->SetDisplayValue(text);
   asn1Objects->AppendElement(printableItem, false);
   return NS_OK;
 }
 
 uint32_t
 getCertType(CERTCertificate* cert)
 {
--- a/security/manager/ssl/nsNSSCertificate.cpp
+++ b/security/manager/ssl/nsNSSCertificate.cpp
@@ -1103,16 +1103,19 @@ nsNSSCertificate::GetValidity(nsIX509Cer
   validity.forget(aValidity);
   return NS_OK;
 }
 
 NS_IMETHODIMP
 nsNSSCertificate::GetASN1Structure(nsIASN1Object** aASN1Structure)
 {
   NS_ENSURE_ARG_POINTER(aASN1Structure);
+  if (!NS_IsMainThread()) {
+    return NS_ERROR_NOT_SAME_THREAD;
+  }
   return CreateASN1Struct(aASN1Structure);
 }
 
 NS_IMETHODIMP
 nsNSSCertificate::Equals(nsIX509Cert* other, bool* result)
 {
   nsNSSShutDownPreventionLock locker;
   if (isAlreadyShutDown())
--- a/security/manager/ssl/nsNSSCertificate.h
+++ b/security/manager/ssl/nsNSSCertificate.h
@@ -49,18 +49,17 @@ public:
 
 private:
   virtual ~nsNSSCertificate();
 
   mozilla::UniqueCERTCertificate mCert;
   bool             mPermDelete;
   uint32_t         mCertType;
   nsresult CreateASN1Struct(nsIASN1Object** aRetVal);
-  nsresult CreateTBSCertificateASN1Struct(nsIASN1Sequence** retSequence,
-                                          nsINSSComponent* nssComponent);
+  nsresult CreateTBSCertificateASN1Struct(nsIASN1Sequence** retSequence);
   nsresult GetSortableDate(PRTime aTime, nsAString& _aSortableDate);
   virtual void virtualDestroyNSSReference() override;
   void destructorSafeDestroyNSSReference();
   bool InitFromDER(char* certDER, int derLen);  // return false on failure
 
   nsresult GetCertificateHash(nsAString& aFingerprint, SECOidTag aHashAlg);
 };