1 /* This Source Code Form is subject to the terms of the Mozilla Public
2 * License, v. 2.0. If a copy of the MPL was not distributed with this
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
5 #include "NSSErrorsService.h"
7 #include "nsNSSComponent.h"
8 #include "nsServiceManagerUtils.h"
12 #define PIPNSS_STRBUNDLE_URL "chrome://pipnss/locale/pipnss.properties"
13 #define NSSERR_STRBUNDLE_URL "chrome://pipnss/locale/nsserrors.properties"
18 NS_IMPL_ISUPPORTS1(NSSErrorsService
, nsINSSErrorsService
)
21 NSSErrorsService::Init()
24 nsCOMPtr
<nsIStringBundleService
> bundleService(do_GetService(NS_STRINGBUNDLE_CONTRACTID
, &rv
));
25 if (NS_FAILED(rv
) || !bundleService
)
26 return NS_ERROR_FAILURE
;
28 bundleService
->CreateBundle(PIPNSS_STRBUNDLE_URL
,
29 getter_AddRefs(mPIPNSSBundle
));
31 rv
= NS_ERROR_FAILURE
;
33 bundleService
->CreateBundle(NSSERR_STRBUNDLE_URL
,
34 getter_AddRefs(mNSSErrorsBundle
));
35 if (!mNSSErrorsBundle
)
36 rv
= NS_ERROR_FAILURE
;
41 #define EXPECTED_SEC_ERROR_BASE (-0x2000)
42 #define EXPECTED_SSL_ERROR_BASE (-0x3000)
44 #if SEC_ERROR_BASE != EXPECTED_SEC_ERROR_BASE || SSL_ERROR_BASE != EXPECTED_SSL_ERROR_BASE
45 #error "Unexpected change of error code numbers in lib NSS, please adjust the mapping code"
47 * Please ensure the NSS error codes are mapped into the positive range 0x1000 to 0xf000
48 * Search for NS_ERROR_MODULE_SECURITY to ensure there are no conflicts.
49 * The current code also assumes that NSS library error codes are negative.
54 NSSErrorsService::IsNSSErrorCode(PRInt32 aNSPRCode
, bool *_retval
)
57 return NS_ERROR_FAILURE
;
59 *_retval
= IS_SEC_ERROR(aNSPRCode
) || IS_SSL_ERROR(aNSPRCode
);
64 NSSErrorsService::GetXPCOMFromNSSError(PRInt32 aNSPRCode
, nsresult
*aXPCOMErrorCode
)
66 if (!IS_SEC_ERROR(aNSPRCode
) && !IS_SSL_ERROR(aNSPRCode
))
67 return NS_ERROR_FAILURE
;
70 return NS_ERROR_INVALID_ARG
;
72 // The error codes within each module may be a 16 bit value.
73 // For simplicity let's use the positive value of the NSS code.
74 // XXX Don't make up nsresults, it's supposed to be an enum (bug 778113)
77 (nsresult
)NS_ERROR_GENERATE_FAILURE(NS_ERROR_MODULE_SECURITY
,
83 NSSErrorsService::GetErrorClass(nsresult aXPCOMErrorCode
, PRUint32
*aErrorClass
)
85 NS_ENSURE_ARG(aErrorClass
);
87 if (NS_ERROR_GET_MODULE(aXPCOMErrorCode
) != NS_ERROR_MODULE_SECURITY
88 || NS_ERROR_GET_SEVERITY(aXPCOMErrorCode
) != NS_ERROR_SEVERITY_ERROR
)
89 return NS_ERROR_FAILURE
;
91 PRInt32 aNSPRCode
= -1 * NS_ERROR_GET_CODE(aXPCOMErrorCode
);
93 if (!IS_SEC_ERROR(aNSPRCode
) && !IS_SSL_ERROR(aNSPRCode
))
94 return NS_ERROR_FAILURE
;
98 case SEC_ERROR_UNKNOWN_ISSUER
:
99 case SEC_ERROR_CA_CERT_INVALID
:
100 case SEC_ERROR_UNTRUSTED_ISSUER
:
101 case SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE
:
102 case SEC_ERROR_UNTRUSTED_CERT
:
103 case SEC_ERROR_INADEQUATE_KEY_USAGE
:
104 case SSL_ERROR_BAD_CERT_DOMAIN
:
105 case SEC_ERROR_EXPIRED_CERTIFICATE
:
106 case SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED
:
107 *aErrorClass
= ERROR_CLASS_BAD_CERT
;
110 *aErrorClass
= ERROR_CLASS_SSL_PROTOCOL
;
117 NSSErrorsService::GetErrorMessage(nsresult aXPCOMErrorCode
, nsAString
&aErrorMessage
)
119 if (NS_ERROR_GET_MODULE(aXPCOMErrorCode
) != NS_ERROR_MODULE_SECURITY
120 || NS_ERROR_GET_SEVERITY(aXPCOMErrorCode
) != NS_ERROR_SEVERITY_ERROR
)
121 return NS_ERROR_FAILURE
;
123 PRInt32 aNSPRCode
= -1 * NS_ERROR_GET_CODE(aXPCOMErrorCode
);
125 if (!IS_SEC_ERROR(aNSPRCode
) && !IS_SSL_ERROR(aNSPRCode
))
126 return NS_ERROR_FAILURE
;
128 nsCOMPtr
<nsIStringBundle
> theBundle
= mPIPNSSBundle
;
129 const char *id_str
= nsNSSErrors::getOverrideErrorStringName(aNSPRCode
);
132 id_str
= nsNSSErrors::getDefaultErrorStringName(aNSPRCode
);
133 theBundle
= mNSSErrorsBundle
;
136 if (!id_str
|| !theBundle
)
137 return NS_ERROR_FAILURE
;
141 theBundle
->GetStringFromName(NS_ConvertASCIItoUTF16(id_str
).get(),
143 if (NS_SUCCEEDED(rv
)) {