roytam1/palemoon27
1
0
Fork 0
mirror of https://github.com/roytam1/palemoon27.git synced 2026-05-27 13:28:42 +00:00
Code Issues Projects Releases Wiki Activity
Files
eeee2498f73dd4daaf4c79dd421c2c57b0b557cf
palemoon27/toolkit/devtools/security/LocalCertService.cpp
T
roytam1 eeee2498f7 import changes from `dev' branch of rmottola/Arctic-Fox: 
- Bug 1153978 - Part 1: Separate buildIdOp from AsmJSCacheOps. r=jandem,bz (3e2b2c2754)
- Bug 1190032 - Sandbox failure in nsPluginHost::GetPluginTempDir. r=areinald (5698ee5709)
- Bug 1190032 - Sandbox failure in nsPluginHost::GetPluginTempDir, tighten earlier patch. r=areinald (81fad0767b)
- Bug 1201935 - Allow reading from TmpD in OS X content processes. r=smichaud (d67de1d8da)
- Bug 1237847 - [e10s] Null deref crash when running test_pluginstream_newstream.html; r=bobowen (c61e5fa268)
- Add a helper function for iterating indirect layer trees. (bug 1245765 part 1, r=mattwoodrow) (9fcc19e731)
- Propagate D3D9 device resets to remote layers. (bug 1245765 part 2, r=mattwoodrow) (15ab24ebd6)
- Don't propagate simulated device resets to child processes. (bug 1245765 part 3, r=mattwoodrow) (fe0986532c)
- Fix async drawing when we lose the D3D11 device. (bug 1245765 part 4, r=mattwoodrow) (fcf9e1a009)
- Factor compositor initialization out of LayerManagerComposite. (bug 1245765 part 6, r=mattwoodrow) (7af570b6fc)
- Bug 1232042: Execute an additional present for D3D11 on the compositor thread when a WM_PAINT event has returned. r=jrmuizel (ac14c78377)
- Handle device resets by recreating the compositor, rather than the compositor IPDL stack. (bug 1245765 part 7, r=mattwoodrow) (87292d6e2b)
- Ensure that content processes recreate rendering devices. (bug 1245765 part 8, r=mattwoodrow) (8c4e712c6e)
- Invalidate layers when starting a transaction on a stale device. (bug 1245765 part 9, r=mattwoodrow) (330efa7199)
- Bug 1041599 - Maintain a single volume control session between browser, content, and plugins on Windows. r=aklotz (bdab2a3b35)
- align more tests (c6445e1646)
- Bug 1241646 - remove unused token arguments from nsIX509CertDB r=keeler (13e50d449c)
- Bug 1064402 - Part 1: Remove Import button in Servers tab of the Certificate Manager. r=keeler (181a5a0be2)
- Bug 1064402 - Part 2: Remove nsIX509CertDB.importServerCertificate() and nsIX509Cert::SERVER_CERT support in importCertsFromFile(). r=keeler (a4ee6e83f4)
- Bug 1130418 - Remove broken e-mail cert trust editing UI. r=emk (d8dca873c1)
- Bug 1243182 - Enable eslint "space-infix-ops" rule for PSM. r=keeler (9f5110213f)
- Bug 1244245 - Enable eslint "curly" rule for PSM. r=keeler (09b4d913ab)
- Bug 1246365 - Enable eslint "comma-spacing" and "semi" rules for PSM. r=keeler (e85d033547)
- bug 1246765 - remove unnecessary resource://app/ registration from getHSTSPreloadList.js r=Cykesiopka DONTBUILD NPOTB (e4eb6d1a1e)
- Bug 1249595 - Enable 11 more ESLint rules for PSM. r=keeler (7daa42685a)
- Bug 1224968 - Support public key input to unbreak periodic HPKP updates. r=keeler (a14415f3c3)
- Bug 1229284 - Remove support for SHA-1 hashes in genHPKPStaticPins.js. r=keeler (2e54ef3566)
- Bug 1197607, Automated hsts & hpkp updates are failing on mozilla-central, mozilla-aurora, mozilla-esr38, r=cykesiopka (8754cce3ba)
- Bug 1224481 - Comment out CA certs removed in NSS 3.21 in PreloadedHPKPins.json to keep periodic Static HPKP updates working. r=dkeeler (6680c85a1b)
- bug 1232766 - update the preloaded pinset for Google domains r=rbarnes (83697d274b)
- Bug 1250254 - Enable ESLint "no-throw-literal" rule for PSM. r=dkeeler (300ef6f5b8)
- Bug 1256088 - Merge mock app-info implementation into AppInfo.jsm. r=gps (e38ae85b3d)
- Bug 1153978 - Part 0: Separate nsIPlatformInfo from nsIXULAppInfo. r=jst,gps (2f4eef64c1)
- Bug 1153978 - Part 2: Clear pending exception thrown from XDR related APIs when ignoring ReadCachedScript failure. r=bz (09f06d4c74)
- Bug 1153978 - Part 3: Use the build id instead of the XDR_BYTECODE_VERSION constant. r=jandem (2e8e01f534)
- bug 1241317 - gather telemetry on prevalence of FIPS r=jcj r=vladan (905485c911)
- Bug 1220237 - Remove uses of nsIEnumerator from PSM. r=keeler (6b17abd967)
- bug 1239455 - rework telemetry for SHA-1 certificates to reflect possible policy states r=Cykesiopka,mgoodwin,rbarnes (95fb0f63ab)
- Bug 1247847 - Use smart pointers in nsNSSCertHelper.cpp to manage NSS resources. r=keeler (56140f95c4)
- Bug 1248874 - Replace Scoped.h templates used only by PSM in ScopedNSSTypes.h with UniquePtr equivalents. r=dkeeler (1cedc01ab9)
- Bug 1016555 - Disable OCSP checking for certificates covered by OneCRL r=keeler (3dc16a87d6)
- Bug 1227970 - Perform preference checks to allow OCSP Bypass for OneCRL via Kinto r=keeler (58136eb9e5)
- Bug 1219482: Replace PRLogModuleInfo with LazyLogModule in security subdirectory.r=nfroyd (896838cc5d)
- Bug 1226928 - remove Wshadow warning in ScopedNSSTypes, r=keeler (52ccbac1bc)
- Bug 1226928 - signature verification for content-signing, r=keeler,mayhemer (5f589bf0e0)
- Bug 1250256 - Partially clean up nsSDR.cpp. r=keeler (665c582a90)
- bug 1241650 - remove nsIX509CertDB.findCertNicknames r=mgoodwin (bf0c26772b)
- Bug 1250258 - Partially clean up nsNSSCertificateDB.cpp import methods. r=keeler (693e213484)
- Bug 1204202 - Package Universal CRT DLLs for VS2015. r=glandium,ehsan (9b9e1e4057)
- bug 496234 - add test vectors from RFC 1320 for md4 implementation r=mayhemer (6526e81ec7)
- bug 1228175 - fix IsCertBuiltInRoot r=Cykesiopka,mgoodwin (13bdaf7bb3)
- bug 1240118 - add functionality to treat a test certificate as a built-in root r=mgoodwin (bf31c4365b)
- Bug 1245649: Turn on valid-typeof, no-invalid-regexp, no-empty-pattern and no-empty-character-class. r=felipe (f637f26dc7)
- Bug 1245916: Add additional default globals. r=felipe (229e39bbbe)
- Bug 1251011 - Enable ESLint "no-undef" rule for PSM. r=keeler r=mossop (a6e17d09aa)
- Bug 1243636. Switch to gfx::CriticalSection (a4d6172870)
- Bug 1137561 part.1 Implement WinTextEventDispatcherListener as a singleton class for using TextEventDispatcher at handling native keyboard and IME events r=m_kato (f4582070b0)
- Bug 1137572 part.1 TextEventDispatcher should manage its input transaction type r=smaug (ccafc27024)
- Bug 1137572 part.2 Add nsIWidget::GetNativeTextEventDispatcherListener() for TextEventDispatcher::NotifyIME() r=smaug, sr=smaug (21571501e8)
- Bug 1137572 part.3 Use pseudo IME context when TextEventDispatcher has input transaction which is not for native event handler r=smaug (40be7193b1)
- Bug 1137572 part.4 TextEventDispatcher::DispatchInputEvent() should decide if dispatches events with nsIWidget::DispatchInputEvent() with input transaction type r=smaug (ae71f47af2)
- Bug 1137572 part.5 Implement TextEventDispatcher::SetPendingComposition() for some platforms whose clause information may overlap each other or the order may not be from start to the end r=smaug (fd046de0fc)
- Bug 1137572 part.6 TextEventDispatcher::DispatchKeyboardEventInternal() should copy mNativeKeyEvent when it's in native text input transaction r=smaug (eb17ab1738)
- Bug 1137572 part.7 Add TextEventDispatcherListener::WillDispatchKeyboardEvent() for easier to maintain r=smaug (e66759a731)
- Bug 1137572 part.8 Callers of methods to dispatch composition events of TextEventDispatcher should be able to specify specific time/timeStamp r=smaug (2cdfd2f3d4)
- Bug 1137572 part.9 TextEventDispatcher should not allow WillDispatchKeyboardEvent() modifies unexpected members of WidgetKeyboardEvent r=smaug (94f97ff72d)
- Bug 1137561 part.2 Make TSFTextStore use TextEventDispatcher r=m_kato (5b0d92117d)
- Bug 1137561 part.3 Make IMMHandler use TextEventDispatcher r=m_kato (2b5ef42de7)
- Bug 1137561 part.4 Make NativeKey use TextEventDispatcher r=m_kato (e98eb8b72f)
- Bug 1137561 part.5 TextEventDispatcher should decide if keypress events should be fired for specific keys r=m_kato (b5ad4d702c)
2024-01-31 13:43:16 +08:00

499 lines
14 KiB
C++
Raw Blame History

/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#include "LocalCertService.h"
#include "mozilla/ModuleUtils.h"
#include "mozilla/RefPtr.h"
#include "cert.h"
#include "CryptoTask.h"
#include "nsIPK11Token.h"
#include "nsIPK11TokenDB.h"
#include "nsIX509Cert.h"
#include "nsIX509CertDB.h"
#include "nsIX509CertValidity.h"
#include "nsLiteralString.h"
#include "nsProxyRelease.h"
#include "nsServiceManagerUtils.h"
#include "nsString.h"
#include "pk11pub.h"
#include "ScopedNSSTypes.h"
namespace mozilla {
class LocalCertTask : public CryptoTask
{
protected:
explicit LocalCertTask(const nsACString& aNickname)
: mNickname(aNickname)
{
}
nsresult RemoveExisting()
{
// Search for any existing certs with this name and remove them
nsresult rv;
for (;;) {
ScopedCERTCertificate cert(
PK11_FindCertFromNickname(mNickname.get(), nullptr));
if (!cert) {
return NS_OK; // All done
}
// Found a cert, check if generated by this service
if (!cert->isRoot) {
return NS_ERROR_UNEXPECTED; // Should be self-signed
}
NS_NAMED_LITERAL_CSTRING(commonNamePrefix, "CN=");
nsAutoCString subjectNameFromNickname(commonNamePrefix + mNickname);
if (!subjectNameFromNickname.Equals(cert->subjectName)) {
return NS_ERROR_UNEXPECTED; // Subject should match nickname
}
if (!subjectNameFromNickname.Equals(cert->issuerName)) {
return NS_ERROR_UNEXPECTED; // Issuer should match nickname
}
rv = MapSECStatus(PK11_DeleteTokenCertAndKey(cert, nullptr));
if (NS_FAILED(rv)) {
return rv; // Some error, abort the loop
}
}
}
nsCString mNickname;
};
class LocalCertGetTask final : public LocalCertTask
{
public:
LocalCertGetTask(const nsACString& aNickname,
nsILocalCertGetCallback* aCallback)
: LocalCertTask(aNickname)
, mCallback(new nsMainThreadPtrHolder<nsILocalCertGetCallback>(aCallback))
, mCert(nullptr)
{
}
private:
virtual nsresult CalculateResult() override
{
// Try to lookup an existing cert in the DB
nsresult rv = GetFromDB();
// Make a new one if getting fails
if (NS_FAILED(rv)) {
rv = Generate();
}
// If generation fails, we're out of luck
if (NS_FAILED(rv)) {
return rv;
}
// Validate cert, make a new one if it fails
rv = Validate();
if (NS_FAILED(rv)) {
rv = Generate();
}
// If generation fails, we're out of luck
if (NS_FAILED(rv)) {
return rv;
}
return NS_OK;
}
nsresult Generate()
{
nsresult rv;
// Get the key slot for generation later
ScopedPK11SlotInfo slot(PK11_GetInternalKeySlot());
if (!slot) {
return mozilla::psm::GetXPCOMFromNSSError(PR_GetError());
}
// Remove existing certs with this name (if any)
rv = RemoveExisting();
if (NS_FAILED(rv)) {
return rv;
}
// Generate a new cert
NS_NAMED_LITERAL_CSTRING(commonNamePrefix, "CN=");
nsAutoCString subjectNameStr(commonNamePrefix + mNickname);
ScopedCERTName subjectName(CERT_AsciiToName(subjectNameStr.get()));
if (!subjectName) {
return mozilla::psm::GetXPCOMFromNSSError(PR_GetError());
}
// Use the well-known NIST P-256 curve
SECOidData* curveOidData = SECOID_FindOIDByTag(SEC_OID_SECG_EC_SECP256R1);
if (!curveOidData) {
return mozilla::psm::GetXPCOMFromNSSError(PR_GetError());
}
// Get key params from the curve
ScopedAutoSECItem keyParams(2 + curveOidData->oid.len);
keyParams.data[0] = SEC_ASN1_OBJECT_ID;
keyParams.data[1] = curveOidData->oid.len;
memcpy(keyParams.data + 2, curveOidData->oid.data, curveOidData->oid.len);
// Generate cert key pair
ScopedSECKEYPrivateKey privateKey;
ScopedSECKEYPublicKey publicKey;
SECKEYPublicKey* tempPublicKey;
privateKey = PK11_GenerateKeyPair(slot, CKM_EC_KEY_PAIR_GEN, &keyParams,
&tempPublicKey, true /* token */,
true /* sensitive */, nullptr);
if (!privateKey) {
return mozilla::psm::GetXPCOMFromNSSError(PR_GetError());
}
publicKey = tempPublicKey;
// Create subject public key info and cert request
ScopedCERTSubjectPublicKeyInfo spki(
SECKEY_CreateSubjectPublicKeyInfo(publicKey));
if (!spki) {
return mozilla::psm::GetXPCOMFromNSSError(PR_GetError());
}
ScopedCERTCertificateRequest certRequest(
CERT_CreateCertificateRequest(subjectName, spki, nullptr));
if (!certRequest) {
return mozilla::psm::GetXPCOMFromNSSError(PR_GetError());
}
// Valid from one day before to 1 year after
static const PRTime oneDay = PRTime(PR_USEC_PER_SEC)
* PRTime(60) // sec
* PRTime(60) // min
* PRTime(24); // hours
PRTime now = PR_Now();
PRTime notBefore = now - oneDay;
PRTime notAfter = now + (PRTime(365) * oneDay);
ScopedCERTValidity validity(CERT_CreateValidity(notBefore, notAfter));
if (!validity) {
return mozilla::psm::GetXPCOMFromNSSError(PR_GetError());
}
// Generate random serial
unsigned long serial;
// This serial in principle could collide, but it's unlikely
rv = MapSECStatus(
PK11_GenerateRandomOnSlot(slot,
reinterpret_cast<unsigned char *>(&serial),
sizeof(serial)));
if (NS_FAILED(rv)) {
return rv;
}
// Create the cert from these pieces
ScopedCERTCertificate cert(
CERT_CreateCertificate(serial, subjectName, validity, certRequest));
if (!cert) {
return mozilla::psm::GetXPCOMFromNSSError(PR_GetError());
}
// Update the cert version to X509v3
if (!cert->version.data) {
return NS_ERROR_INVALID_POINTER;
}
*(cert->version.data) = SEC_CERTIFICATE_VERSION_3;
cert->version.len = 1;
// Set cert signature algorithm
PLArenaPool* arena = cert->arena;
if (!arena) {
return NS_ERROR_INVALID_POINTER;
}
rv = MapSECStatus(
SECOID_SetAlgorithmID(arena, &cert->signature,
SEC_OID_ANSIX962_ECDSA_SHA256_SIGNATURE, 0));
if (NS_FAILED(rv)) {
return rv;
}
// Encode and self-sign the cert
ScopedSECItem certDER(
SEC_ASN1EncodeItem(nullptr, nullptr, cert,
SEC_ASN1_GET(CERT_CertificateTemplate)));
if (!certDER) {
return mozilla::psm::GetXPCOMFromNSSError(PR_GetError());
}
rv = MapSECStatus(
SEC_DerSignData(arena, &cert->derCert, certDER->data, certDER->len,
privateKey,
SEC_OID_ANSIX962_ECDSA_SHA256_SIGNATURE));
if (NS_FAILED(rv)) {
return rv;
}
// Create a CERTCertificate from the signed data
ScopedCERTCertificate certFromDER(
CERT_NewTempCertificate(CERT_GetDefaultCertDB(), &cert->derCert, nullptr,
true /* perm */, true /* copyDER */));
if (!certFromDER) {
return mozilla::psm::GetXPCOMFromNSSError(PR_GetError());
}
// Save the cert in the DB
rv = MapSECStatus(PK11_ImportCert(slot, certFromDER, CK_INVALID_HANDLE,
mNickname.get(), false /* unused */));
if (NS_FAILED(rv)) {
return rv;
}
// We should now have cert in the DB, read it back in nsIX509Cert form
return GetFromDB();
}
nsresult GetFromDB()
{
nsCOMPtr<nsIX509CertDB> certDB = do_GetService(NS_X509CERTDB_CONTRACTID);
if (!certDB) {
return NS_ERROR_FAILURE;
}
nsCOMPtr<nsIX509Cert> certFromDB;
nsresult rv;
rv = certDB->FindCertByNickname(NS_ConvertASCIItoUTF16(mNickname),
getter_AddRefs(certFromDB));
if (NS_FAILED(rv)) {
return rv;
}
mCert = certFromDB;
return NS_OK;
}
nsresult Validate()
{
// Verify cert is self-signed
bool selfSigned;
nsresult rv = mCert->GetIsSelfSigned(&selfSigned);
if (NS_FAILED(rv)) {
return rv;
}
if (!selfSigned) {
return NS_ERROR_FAILURE;
}
// Check that subject and issuer match nickname
nsXPIDLString subjectName;
nsXPIDLString issuerName;
mCert->GetSubjectName(subjectName);
mCert->GetIssuerName(issuerName);
if (!subjectName.Equals(issuerName)) {
return NS_ERROR_FAILURE;
}
NS_NAMED_LITERAL_STRING(commonNamePrefix, "CN=");
nsAutoString subjectNameFromNickname(
commonNamePrefix + NS_ConvertASCIItoUTF16(mNickname));
if (!subjectName.Equals(subjectNameFromNickname)) {
return NS_ERROR_FAILURE;
}
nsCOMPtr<nsIX509CertValidity> validity;
mCert->GetValidity(getter_AddRefs(validity));
PRTime notBefore, notAfter;
validity->GetNotBefore(&notBefore);
validity->GetNotAfter(&notAfter);
// Ensure cert will last at least one more day
static const PRTime oneDay = PRTime(PR_USEC_PER_SEC)
* PRTime(60) // sec
* PRTime(60) // min
* PRTime(24); // hours
PRTime now = PR_Now();
if (notBefore > now ||
notAfter < (now - oneDay)) {
return NS_ERROR_FAILURE;
}
return NS_OK;
}
virtual void ReleaseNSSResources() override {}
virtual void CallCallback(nsresult rv) override
{
(void) mCallback->HandleCert(mCert, rv);
}
nsMainThreadPtrHandle<nsILocalCertGetCallback> mCallback;
nsCOMPtr<nsIX509Cert> mCert; // out
};
class LocalCertRemoveTask final : public LocalCertTask
{
public:
LocalCertRemoveTask(const nsACString& aNickname,
nsILocalCertCallback* aCallback)
: LocalCertTask(aNickname)
, mCallback(new nsMainThreadPtrHolder<nsILocalCertCallback>(aCallback))
{
}
private:
virtual nsresult CalculateResult() override
{
return RemoveExisting();
}
virtual void ReleaseNSSResources() override {}
virtual void CallCallback(nsresult rv) override
{
(void) mCallback->HandleResult(rv);
}
nsMainThreadPtrHandle<nsILocalCertCallback> mCallback;
};
NS_IMPL_ISUPPORTS(LocalCertService, nsILocalCertService)
LocalCertService::LocalCertService()
{
}
LocalCertService::~LocalCertService()
{
}
nsresult
LocalCertService::LoginToKeySlot()
{
nsresult rv;
// Get access to key slot
ScopedPK11SlotInfo slot(PK11_GetInternalKeySlot());
if (!slot) {
return mozilla::psm::GetXPCOMFromNSSError(PR_GetError());
}
// If no user password yet, set it an empty one
if (PK11_NeedUserInit(slot)) {
rv = MapSECStatus(PK11_InitPin(slot, "", ""));
if (NS_FAILED(rv)) {
return rv;
}
}
// If user has a password set, prompt to login
if (PK11_NeedLogin(slot) && !PK11_IsLoggedIn(slot, nullptr)) {
// Switching to XPCOM to get the UI prompt that PSM owns
nsCOMPtr<nsIPK11TokenDB> tokenDB =
do_GetService(NS_PK11TOKENDB_CONTRACTID);
if (!tokenDB) {
return NS_ERROR_FAILURE;
}
nsCOMPtr<nsIPK11Token> keyToken;
tokenDB->GetInternalKeyToken(getter_AddRefs(keyToken));
if (!keyToken) {
return NS_ERROR_FAILURE;
}
// Prompt the user to login
return keyToken->Login(false /* force */);
}
return NS_OK;
}
NS_IMETHODIMP
LocalCertService::GetOrCreateCert(const nsACString& aNickname,
nsILocalCertGetCallback* aCallback)
{
if (NS_WARN_IF(aNickname.IsEmpty())) {
return NS_ERROR_INVALID_ARG;
}
if (NS_WARN_IF(!aCallback)) {
return NS_ERROR_INVALID_POINTER;
}
// Before sending off the task, login to key slot if needed
nsresult rv = LoginToKeySlot();
if (NS_FAILED(rv)) {
aCallback->HandleCert(nullptr, rv);
return NS_OK;
}
RefPtr<LocalCertGetTask> task(new LocalCertGetTask(aNickname, aCallback));
return task->Dispatch("LocalCertGet");
}
NS_IMETHODIMP
LocalCertService::RemoveCert(const nsACString& aNickname,
nsILocalCertCallback* aCallback)
{
if (NS_WARN_IF(aNickname.IsEmpty())) {
return NS_ERROR_INVALID_ARG;
}
if (NS_WARN_IF(!aCallback)) {
return NS_ERROR_INVALID_POINTER;
}
// Before sending off the task, login to key slot if needed
nsresult rv = LoginToKeySlot();
if (NS_FAILED(rv)) {
aCallback->HandleResult(rv);
return NS_OK;
}
RefPtr<LocalCertRemoveTask> task(
new LocalCertRemoveTask(aNickname, aCallback));
return task->Dispatch("LocalCertRm");
}
NS_IMETHODIMP
LocalCertService::GetLoginPromptRequired(bool* aRequired)
{
nsresult rv;
// Get access to key slot
ScopedPK11SlotInfo slot(PK11_GetInternalKeySlot());
if (!slot) {
return mozilla::psm::GetXPCOMFromNSSError(PR_GetError());
}
// If no user password yet, set it an empty one
if (PK11_NeedUserInit(slot)) {
rv = MapSECStatus(PK11_InitPin(slot, "", ""));
if (NS_FAILED(rv)) {
return rv;
}
}
*aRequired = PK11_NeedLogin(slot) && !PK11_IsLoggedIn(slot, nullptr);
return NS_OK;
}
#define LOCALCERTSERVICE_CID \
{ 0x47402be2, 0xe653, 0x45d0, \
{ 0x8d, 0xaa, 0x9f, 0x0d, 0xce, 0x0a, 0xc1, 0x48 } }
NS_GENERIC_FACTORY_CONSTRUCTOR(LocalCertService)
NS_DEFINE_NAMED_CID(LOCALCERTSERVICE_CID);
static const Module::CIDEntry kLocalCertServiceCIDs[] = {
{ &kLOCALCERTSERVICE_CID, false, nullptr, LocalCertServiceConstructor },
{ nullptr }
};
static const Module::ContractIDEntry kLocalCertServiceContracts[] = {
{ LOCALCERTSERVICE_CONTRACTID, &kLOCALCERTSERVICE_CID },
{ nullptr }
};
static const Module kLocalCertServiceModule = {
Module::kVersion,
kLocalCertServiceCIDs,
kLocalCertServiceContracts
};
NSMODULE_DEFN(LocalCertServiceModule) = &kLocalCertServiceModule;
} // namespace mozilla
Reference in New Issue View Git Blame Copy Permalink