mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-12-07 05:15:09 +00:00
8b85837b61
In a profile, loading the loadable roots PKCS#11 module (i.e. the built-in root CA module) accounted for about 60% of the time to initialize PSM/NSS. Since we only need the roots module loaded when we're actually looking for an issuing certificate or querying a certificate's trust, we can do the load asynchronously (where it hopefully finishes before we actually need it, because otherwise we'll have to wait anyway). MozReview-Commit-ID: JyY6NtpQAUj --HG-- extra : rebase_source : f63a697b18a409dd042289afa2b727b09f81f19f
44 lines
1.4 KiB
C++
44 lines
1.4 KiB
C++
/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
|
|
* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
|
|
#ifndef ExtendedValidation_h
|
|
#define ExtendedValidation_h
|
|
|
|
#include "ScopedNSSTypes.h"
|
|
#include "certt.h"
|
|
#include "nsNSSShutDown.h"
|
|
|
|
namespace mozilla { namespace pkix { struct CertPolicyId; } }
|
|
|
|
namespace mozilla { namespace psm {
|
|
|
|
nsresult LoadExtendedValidationInfo(
|
|
const nsNSSShutDownPreventionLock& proofOfLock);
|
|
|
|
/**
|
|
* Finds the first policy OID in the given cert that is known to be an EV policy
|
|
* OID.
|
|
*
|
|
* @param cert
|
|
* The cert to find the first EV policy of.
|
|
* @param policy
|
|
* The found policy.
|
|
* @param policyOidTag
|
|
* The OID tag of the found policy.
|
|
* @return true if a suitable policy was found, false otherwise.
|
|
*/
|
|
bool GetFirstEVPolicy(CERTCertificate& cert,
|
|
/*out*/ mozilla::pkix::CertPolicyId& policy,
|
|
/*out*/ SECOidTag& policyOidTag);
|
|
|
|
// CertIsAuthoritativeForEVPolicy does NOT evaluate whether the cert is trusted
|
|
// or distrusted.
|
|
bool CertIsAuthoritativeForEVPolicy(const UniqueCERTCertificate& cert,
|
|
const mozilla::pkix::CertPolicyId& policy);
|
|
|
|
} } // namespace mozilla::psm
|
|
|
|
#endif // ExtendedValidation_h
|