Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-15 06:15:43 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
fb96ead697
gecko-dev/security/manager/ssl/nsNSSCertTrust.h
David Keeler e3018d572d bug 1382866 - prompt for authentication when changing certificate trust fails r=Cykesiopka,jcj 
MozReview-Commit-ID: 3ryUyAfbNCs

--HG--
rename : security/manager/ssl/tests/unit/test_certDB_import.js => security/manager/ssl/tests/unit/test_certDB_import_with_master_password.js
extra : rebase_source : ad39258078c1084166f0c59250352cd899b10507
2017-07-21 16:58:42 -07:00

70 lines
2.0 KiB
C++
Raw Blame History

/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#ifndef nsNSSCertTrust_h
#define nsNSSCertTrust_h
#include "certdb.h"
#include "certt.h"
/*
* Class for maintaining trust flags for an NSS certificate.
*/
class nsNSSCertTrust
{
public:
nsNSSCertTrust();
nsNSSCertTrust(unsigned int ssl, unsigned int email, unsigned int objsign);
explicit nsNSSCertTrust(CERTCertTrust *t);
virtual ~nsNSSCertTrust();
/* query */
bool HasAnyCA();
bool HasAnyUser();
bool HasPeer(bool checkSSL = true,
bool checkEmail = true,
bool checkObjSign = true);
bool HasTrustedCA(bool checkSSL = true,
bool checkEmail = true,
bool checkObjSign = true);
bool HasTrustedPeer(bool checkSSL = true,
bool checkEmail = true,
bool checkObjSign = true);
/* common defaults */
/* equivalent to "c,c,c" */
void SetValidCA();
/* equivalent to "p,p,p" */
void SetValidPeer();
/* general setters */
/* read: "p, P, c, C, T, u, w" */
void SetSSLTrust(bool peer, bool tPeer,
bool ca, bool tCA, bool tClientCA,
bool user, bool warn);
void SetEmailTrust(bool peer, bool tPeer,
bool ca, bool tCA, bool tClientCA,
bool user, bool warn);
void SetObjSignTrust(bool peer, bool tPeer,
bool ca, bool tCA, bool tClientCA,
bool user, bool warn);
/* set c <--> CT */
void AddCATrust(bool ssl, bool email, bool objSign);
/* set p <--> P */
void AddPeerTrust(bool ssl, bool email, bool objSign);
CERTCertTrust& GetTrust() { return mTrust; }
private:
void addTrust(unsigned int *t, unsigned int v);
void removeTrust(unsigned int *t, unsigned int v);
bool hasTrust(unsigned int t, unsigned int v);
CERTCertTrust mTrust;
};
#endif // nsNSSCertTrust_h
Reference in New Issue View Git Blame Copy Permalink