gecko-dev/security/apps/AppTrustDomain.h
Brian Smith 3f110246be Bug 1035009: Stop using CERTCertList in mozilla::pkix, r=keeler
--HG--
extra : rebase_source : fc2b39e5e2b44fea365914e83a7d1f2dc9b784bc
extra : histedit_source : b40e5e8cb106fe87f6f065b01ca43adb0bf3a605
2014-07-06 15:55:38 -07:00

47 lines
1.8 KiB
C++

/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#ifndef mozilla_psm_AppsTrustDomain_h
#define mozilla_psm_AppsTrustDomain_h
#include "pkix/pkixtypes.h"
#include "nsDebug.h"
#include "nsIX509CertDB.h"
#include "ScopedNSSTypes.h"
namespace mozilla { namespace psm {
class AppTrustDomain MOZ_FINAL : public mozilla::pkix::TrustDomain
{
public:
AppTrustDomain(ScopedCERTCertList&, void* pinArg);
SECStatus SetTrustedRoot(AppTrustedRoot trustedRoot);
SECStatus GetCertTrust(mozilla::pkix::EndEntityOrCA endEntityOrCA,
const mozilla::pkix::CertPolicyId& policy,
const SECItem& candidateCertDER,
/*out*/ mozilla::pkix::TrustLevel* trustLevel) MOZ_OVERRIDE;
SECStatus FindIssuer(const SECItem& encodedIssuerName,
IssuerChecker& checker, PRTime time) MOZ_OVERRIDE;
SECStatus VerifySignedData(const CERTSignedData& signedData,
const SECItem& subjectPublicKeyInfo) MOZ_OVERRIDE;
SECStatus CheckRevocation(mozilla::pkix::EndEntityOrCA endEntityOrCA,
const mozilla::pkix::CertID& certID, PRTime time,
/*optional*/ const SECItem* stapledOCSPresponse,
/*optional*/ const SECItem* aiaExtension);
SECStatus IsChainValid(const mozilla::pkix::DERArray& certChain);
private:
/*out*/ ScopedCERTCertList& mCertChain;
void* mPinArg; // non-owning!
ScopedCERTCertificate mTrustedRoot;
};
} } // namespace mozilla::psm
#endif // mozilla_psm_AppsTrustDomain_h