2012-05-31 09:33:35 +00:00
|
|
|
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
2002-09-17 18:51:22 +00:00
|
|
|
|
|
|
|
#ifndef _NSNSSCERTTRUST_H_
|
|
|
|
#define _NSNSSCERTTRUST_H_
|
|
|
|
|
|
|
|
#include "certt.h"
|
|
|
|
#include "certdb.h"
|
|
|
|
|
|
|
|
/*
|
|
|
|
* nsNSSCertTrust
|
|
|
|
*
|
|
|
|
* Class for maintaining trust flags for an NSS certificate.
|
|
|
|
*/
|
|
|
|
class nsNSSCertTrust
|
|
|
|
{
|
|
|
|
public:
|
|
|
|
nsNSSCertTrust();
|
|
|
|
nsNSSCertTrust(unsigned int ssl, unsigned int email, unsigned int objsign);
|
2014-08-31 23:26:27 +00:00
|
|
|
explicit nsNSSCertTrust(CERTCertTrust *t);
|
2002-09-17 18:51:22 +00:00
|
|
|
virtual ~nsNSSCertTrust();
|
|
|
|
|
|
|
|
/* query */
|
2011-09-29 06:19:26 +00:00
|
|
|
bool HasAnyCA();
|
|
|
|
bool HasAnyUser();
|
|
|
|
bool HasCA(bool checkSSL = true,
|
|
|
|
bool checkEmail = true,
|
|
|
|
bool checkObjSign = true);
|
|
|
|
bool HasPeer(bool checkSSL = true,
|
|
|
|
bool checkEmail = true,
|
|
|
|
bool checkObjSign = true);
|
|
|
|
bool HasUser(bool checkSSL = true,
|
|
|
|
bool checkEmail = true,
|
|
|
|
bool checkObjSign = true);
|
|
|
|
bool HasTrustedCA(bool checkSSL = true,
|
|
|
|
bool checkEmail = true,
|
|
|
|
bool checkObjSign = true);
|
|
|
|
bool HasTrustedPeer(bool checkSSL = true,
|
|
|
|
bool checkEmail = true,
|
|
|
|
bool checkObjSign = true);
|
2002-09-17 18:51:22 +00:00
|
|
|
|
|
|
|
/* common defaults */
|
|
|
|
/* equivalent to "c,c,c" */
|
|
|
|
void SetValidCA();
|
|
|
|
/* equivalent to "C,C,C" */
|
|
|
|
void SetTrustedServerCA();
|
|
|
|
/* equivalent to "CT,CT,CT" */
|
|
|
|
void SetTrustedCA();
|
|
|
|
/* equivalent to "p,," */
|
|
|
|
void SetValidServerPeer();
|
|
|
|
/* equivalent to "p,p,p" */
|
|
|
|
void SetValidPeer();
|
|
|
|
/* equivalent to "P,P,P" */
|
|
|
|
void SetTrustedPeer();
|
|
|
|
/* equivalent to "u,u,u" */
|
|
|
|
void SetUser();
|
|
|
|
|
|
|
|
/* general setters */
|
|
|
|
/* read: "p, P, c, C, T, u, w" */
|
2011-09-29 06:19:26 +00:00
|
|
|
void SetSSLTrust(bool peer, bool tPeer,
|
|
|
|
bool ca, bool tCA, bool tClientCA,
|
|
|
|
bool user, bool warn);
|
2002-09-17 18:51:22 +00:00
|
|
|
|
2011-09-29 06:19:26 +00:00
|
|
|
void SetEmailTrust(bool peer, bool tPeer,
|
|
|
|
bool ca, bool tCA, bool tClientCA,
|
|
|
|
bool user, bool warn);
|
2002-09-17 18:51:22 +00:00
|
|
|
|
2011-09-29 06:19:26 +00:00
|
|
|
void SetObjSignTrust(bool peer, bool tPeer,
|
|
|
|
bool ca, bool tCA, bool tClientCA,
|
|
|
|
bool user, bool warn);
|
2002-09-17 18:51:22 +00:00
|
|
|
|
|
|
|
/* set c <--> CT */
|
2011-09-29 06:19:26 +00:00
|
|
|
void AddCATrust(bool ssl, bool email, bool objSign);
|
2002-09-17 18:51:22 +00:00
|
|
|
/* set p <--> P */
|
2011-09-29 06:19:26 +00:00
|
|
|
void AddPeerTrust(bool ssl, bool email, bool objSign);
|
2002-09-17 18:51:22 +00:00
|
|
|
|
|
|
|
/* get it (const?) (shallow?) */
|
|
|
|
CERTCertTrust * GetTrust() { return &mTrust; }
|
|
|
|
|
|
|
|
private:
|
|
|
|
void addTrust(unsigned int *t, unsigned int v);
|
|
|
|
void removeTrust(unsigned int *t, unsigned int v);
|
2011-09-29 06:19:26 +00:00
|
|
|
bool hasTrust(unsigned int t, unsigned int v);
|
2002-09-17 18:51:22 +00:00
|
|
|
CERTCertTrust mTrust;
|
|
|
|
};
|
|
|
|
|
|
|
|
#endif
|