diff options
| author | wolfbeast <mcwerewolf@wolfbeast.com> | 2020-04-14 21:49:04 +0200 |
|---|---|---|
| committer | wolfbeast <mcwerewolf@wolfbeast.com> | 2020-04-14 21:49:04 +0200 |
| commit | 39dac57259cff8b61db0b22cb2ad0a8adb02692e (patch) | |
| tree | 52a026cc8c22793eb17fd0f5e22adce1ae08a1dd /security/manager/ssl/nsSiteSecurityService.h | |
| parent | a1cce3b2b00bbd9f4983013ddd8934a7bccb9e99 (diff) | |
| parent | c2d9ab62f3d097c9e0e00184cab1f546554f5eaa (diff) | |
| download | UXP-39dac57259cff8b61db0b22cb2ad0a8adb02692e.tar UXP-39dac57259cff8b61db0b22cb2ad0a8adb02692e.tar.gz UXP-39dac57259cff8b61db0b22cb2ad0a8adb02692e.tar.lz UXP-39dac57259cff8b61db0b22cb2ad0a8adb02692e.tar.xz UXP-39dac57259cff8b61db0b22cb2ad0a8adb02692e.zip | |
Merge branch 'redwood' into 28.9-platform
Diffstat (limited to 'security/manager/ssl/nsSiteSecurityService.h')
| -rw-r--r-- | security/manager/ssl/nsSiteSecurityService.h | 55 |
1 files changed, 3 insertions, 52 deletions
diff --git a/security/manager/ssl/nsSiteSecurityService.h b/security/manager/ssl/nsSiteSecurityService.h index c14543684..9395cd092 100644 --- a/security/manager/ssl/nsSiteSecurityService.h +++ b/security/manager/ssl/nsSiteSecurityService.h @@ -17,10 +17,10 @@ class nsIURI; class nsISSLStatus; -// {16955eee-6c48-4152-9309-c42a465138a1} +// 91ea3803-9c79-45d9-97bf-88bc80269236 #define NS_SITE_SECURITY_SERVICE_CID \ - {0x16955eee, 0x6c48, 0x4152, \ - {0x93, 0x09, 0xc4, 0x2a, 0x46, 0x51, 0x38, 0xa1} } + { 0x91ea3803, 0x9c79, 0x45d9, \ + { 0x97, 0xbf, 0x88, 0xbc, 0x80, 0x26, 0x92, 0x36 } } /** * SecurityPropertyState: A utility enum for representing the different states @@ -39,40 +39,6 @@ enum SecurityPropertyState { }; /** - * SiteHPKPState: A utility class that encodes/decodes a string describing - * the public key pins of a site. - * HPKP state consists of: - * - Expiry time (PRTime (aka int64_t) in milliseconds) - * - A state flag (SecurityPropertyState, default SecurityPropertyUnset) - * - An include subdomains flag (bool, default false) - * - An array of sha-256 hashed base 64 encoded fingerprints of required keys - */ -class SiteHPKPState -{ -public: - SiteHPKPState(); - explicit SiteHPKPState(nsCString& aStateString); - SiteHPKPState(PRTime aExpireTime, SecurityPropertyState aState, - bool aIncludeSubdomains, nsTArray<nsCString>& SHA256keys); - - PRTime mExpireTime; - SecurityPropertyState mState; - bool mIncludeSubdomains; - nsTArray<nsCString> mSHA256keys; - - bool IsExpired(mozilla::pkix::Time aTime) - { - if (aTime > mozilla::pkix::TimeFromEpochInSeconds(mExpireTime / - PR_MSEC_PER_SEC)) { - return true; - } - return false; - } - - void ToString(nsCString& aString); -}; - -/** * SiteHSTSState: A utility class that encodes/decodes a string describing * the security state of a site. Currently only handles HSTS. * HSTS state consists of: @@ -110,8 +76,6 @@ public: void ToString(nsCString &aString); }; -class nsSTSPreload; - class nsSiteSecurityService : public nsISiteSecurityService , public nsIObserver { @@ -139,23 +103,10 @@ private: nsresult ProcessSTSHeader(nsIURI* aSourceURI, const char* aHeader, uint32_t flags, uint64_t* aMaxAge, bool* aIncludeSubdomains, uint32_t* aFailureResult); - nsresult ProcessPKPHeader(nsIURI* aSourceURI, const char* aHeader, - nsISSLStatus* aSSLStatus, uint32_t flags, - uint64_t* aMaxAge, bool* aIncludeSubdomains, - uint32_t* aFailureResult); - nsresult SetHPKPState(const char* aHost, SiteHPKPState& entry, uint32_t flags, - bool aIsPreload); - - const nsSTSPreload *GetPreloadListEntry(const char *aHost); - uint64_t mMaxMaxAge; - bool mUsePreloadList; bool mUseStsService; int64_t mPreloadListTimeOffset; - bool mHPKPEnabled; - bool mProcessPKPHeadersFromNonBuiltInRoots; RefPtr<mozilla::DataStorage> mSiteStateStorage; - RefPtr<mozilla::DataStorage> mPreloadStateStorage; }; #endif // __nsSiteSecurityService_h__ |