Bug 385642, Add usage for object signing to certutil's -V option
authorneil.williams%sun.com
Wed, 27 Jun 2007 01:50:16 +0000
changeset 7907 ee3cdd041a3fbdc1135da667d7a829814fbcb4ca
parent 7905 0de1e5a70d4f5c538e81d1e2a327500d9c37595b
child 7908 738b9c26bd124f29e8891a73e81e0c53481def45
push idunknown
push userunknown
push dateunknown
bugs385642
Bug 385642, Add usage for object signing to certutil's -V option r=nelson, developer=Kaspar Brand,mozbugzilla@velox.ch
security/nss/cmd/certutil/certutil.c
--- a/security/nss/cmd/certutil/certutil.c
+++ b/security/nss/cmd/certutil/certutil.c
@@ -604,16 +604,19 @@ ValidateCert(CERTCertDBHandle *handle, c
 	    usage = certificateUsageSSLServer;
 	    break;
 	case 'S':
 	    usage = certificateUsageEmailSigner;
 	    break;
 	case 'R':
 	    usage = certificateUsageEmailRecipient;
 	    break;
+	case 'J':
+	    usage = certificateUsageObjectSigner;
+	    break;
 	default:
 	    PORT_SetError (SEC_ERROR_INVALID_ARGS);
 	    return (SECFailure);
     }
     do {
 	cert = CERT_FindCertByNicknameOrEmailAddr(handle, name);
 	if (!cert) {
 	    SECU_PrintError(progName, "could not find certificate named \"%s\"",
@@ -1148,16 +1151,17 @@ static void LongUsage(char *progName)
     FPS "%-20s Check certificate signature \n",
 	"   -e ");   
     FPS "%-20s Specify certificate usage:\n", "   -u certusage");
     FPS "%-25s C \t SSL Client\n", "");
     FPS "%-25s V \t SSL Server\n", "");
     FPS "%-25s S \t Email signer\n", "");
     FPS "%-25s R \t Email Recipient\n", "");   
     FPS "%-25s O \t OCSP status responder\n", "");   
+    FPS "%-25s J \t Object signer\n", "");   
     FPS "%-20s Cert database directory (default is ~/.netscape)\n",
 	"   -d certdir");
     FPS "%-20s Cert & Key database prefix\n",
 	"   -P dbprefix");
     FPS "%-20s force the database to open R/W\n",
 	"   -X");
     FPS "\n");
 
@@ -2076,16 +2080,18 @@ secuCommandFlag certutil_options[] =
 		PK11_Authenticate(slot, PR_TRUE, &pwdata);
 	}
 	rv = ValidateCert(certHandle, name, 
 	                  certutil.options[opt_ValidityTime].arg,
 			  certutil.options[opt_Usage].arg,
 			  certutil.options[opt_VerifySig].activated,
 			  certutil.options[opt_DetailedInfo].activated,
 	                  &pwdata);
+	if (rv != SECSuccess && PR_GetError() == SEC_ERROR_INVALID_ARGS)
+            SECU_PrintError(progName, "validation failed");
 	goto shutdown;
     }
 
     /*
      *  Key generation
      */
 
     /*  These commands may require keygen.  */