diff options
| author | Matt A. Tobin <mattatobin@localhost.localdomain> | 2018-02-02 04:16:08 -0500 |
|---|---|---|
| committer | Matt A. Tobin <mattatobin@localhost.localdomain> | 2018-02-02 04:16:08 -0500 |
| commit | 5f8de423f190bbb79a62f804151bc24824fa32d8 (patch) | |
| tree | 10027f336435511475e392454359edea8e25895d /security/manager/ssl/nsNSSCertTrust.h | |
| parent | 49ee0794b5d912db1f95dce6eb52d781dc210db5 (diff) | |
| download | UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.tar UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.tar.gz UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.tar.lz UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.tar.xz UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.zip | |
Add m-esr52 at 52.6.0
Diffstat (limited to 'security/manager/ssl/nsNSSCertTrust.h')
| -rw-r--r-- | security/manager/ssl/nsNSSCertTrust.h | 70 |
1 files changed, 70 insertions, 0 deletions
diff --git a/security/manager/ssl/nsNSSCertTrust.h b/security/manager/ssl/nsNSSCertTrust.h new file mode 100644 index 000000000..c3f7e5441 --- /dev/null +++ b/security/manager/ssl/nsNSSCertTrust.h @@ -0,0 +1,70 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#ifndef nsNSSCertTrust_h +#define nsNSSCertTrust_h + +#include "certdb.h" +#include "certt.h" + +/* + * Class for maintaining trust flags for an NSS certificate. + */ +class nsNSSCertTrust +{ +public: + nsNSSCertTrust(); + nsNSSCertTrust(unsigned int ssl, unsigned int email, unsigned int objsign); + explicit nsNSSCertTrust(CERTCertTrust *t); + virtual ~nsNSSCertTrust(); + + /* query */ + bool HasAnyCA(); + bool HasAnyUser(); + bool HasPeer(bool checkSSL = true, + bool checkEmail = true, + bool checkObjSign = true); + bool HasTrustedCA(bool checkSSL = true, + bool checkEmail = true, + bool checkObjSign = true); + bool HasTrustedPeer(bool checkSSL = true, + bool checkEmail = true, + bool checkObjSign = true); + + /* common defaults */ + /* equivalent to "c,c,c" */ + void SetValidCA(); + /* equivalent to "p,p,p" */ + void SetValidPeer(); + + /* general setters */ + /* read: "p, P, c, C, T, u, w" */ + void SetSSLTrust(bool peer, bool tPeer, + bool ca, bool tCA, bool tClientCA, + bool user, bool warn); + + void SetEmailTrust(bool peer, bool tPeer, + bool ca, bool tCA, bool tClientCA, + bool user, bool warn); + + void SetObjSignTrust(bool peer, bool tPeer, + bool ca, bool tCA, bool tClientCA, + bool user, bool warn); + + /* set c <--> CT */ + void AddCATrust(bool ssl, bool email, bool objSign); + /* set p <--> P */ + void AddPeerTrust(bool ssl, bool email, bool objSign); + + /* get it (const?) (shallow?) */ + CERTCertTrust * GetTrust() { return &mTrust; } + +private: + void addTrust(unsigned int *t, unsigned int v); + void removeTrust(unsigned int *t, unsigned int v); + bool hasTrust(unsigned int t, unsigned int v); + CERTCertTrust mTrust; +}; + +#endif // nsNSSCertTrust_h |