| /* ***** BEGIN LICENSE BLOCK ***** |
| * Version: MPL 1.1/GPL 2.0/LGPL 2.1 |
| * |
| * The contents of this file are subject to the Mozilla Public License Version |
| * 1.1 (the "License"); you may not use this file except in compliance with |
| * the License. You may obtain a copy of the License at |
| * http://www.mozilla.org/MPL/ |
| * |
| * Software distributed under the License is distributed on an "AS IS" basis, |
| * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License |
| * for the specific language governing rights and limitations under the |
| * License. |
| * |
| * The Original Code is the Netscape security libraries. |
| * |
| * The Initial Developer of the Original Code is |
| * Netscape Communications Corporation. |
| * Portions created by the Initial Developer are Copyright (C) 2000 |
| * the Initial Developer. All Rights Reserved. |
| * |
| * Contributor(s): |
| * Ian McGreer <mcgreer@netscape.com> |
| * Javier Delgadillo <javi@netscape.com> |
| * |
| * Alternatively, the contents of this file may be used under the terms of |
| * either the GNU General Public License Version 2 or later (the "GPL"), or |
| * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), |
| * in which case the provisions of the GPL or the LGPL are applicable instead |
| * of those above. If you wish to allow use of your version of this file only |
| * under the terms of either the GPL or the LGPL, and not to allow others to |
| * use your version of this file under the terms of the MPL, indicate your |
| * decision by deleting the provisions above and replace them with the notice |
| * and other provisions required by the GPL or the LGPL. If you do not delete |
| * the provisions above, a recipient may use your version of this file under |
| * the terms of any one of the MPL, the GPL or the LGPL. |
| * |
| * ***** END LICENSE BLOCK ***** */ |
| |
| #ifndef NET_THIRD_PARTY_MOZILLA_SECURITY_MANAGER_NSNSSCERTTRUST_H_ |
| #define NET_THIRD_PARTY_MOZILLA_SECURITY_MANAGER_NSNSSCERTTRUST_H_ |
| |
| #include <certt.h> |
| #include <certdb.h> |
| |
| #include "net/base/net_export.h" |
| |
| namespace mozilla_security_manager { |
| |
| /* |
| * nsNSSCertTrust |
| * |
| * Class for maintaining trust flags for an NSS certificate. |
| */ |
| class NET_EXPORT nsNSSCertTrust |
| { |
| public: |
| nsNSSCertTrust(); |
| nsNSSCertTrust(unsigned int ssl, unsigned int email, unsigned int objsign); |
| nsNSSCertTrust(CERTCertTrust *t); |
| virtual ~nsNSSCertTrust(); |
| |
| /* query */ |
| PRBool HasAnyCA(); |
| PRBool HasAnyUser(); |
| PRBool HasCA(PRBool checkSSL = PR_TRUE, |
| PRBool checkEmail = PR_TRUE, |
| PRBool checkObjSign = PR_TRUE); |
| PRBool HasPeer(PRBool checkSSL = PR_TRUE, |
| PRBool checkEmail = PR_TRUE, |
| PRBool checkObjSign = PR_TRUE); |
| PRBool HasUser(PRBool checkSSL = PR_TRUE, |
| PRBool checkEmail = PR_TRUE, |
| PRBool checkObjSign = PR_TRUE); |
| PRBool HasTrustedCA(PRBool checkSSL = PR_TRUE, |
| PRBool checkEmail = PR_TRUE, |
| PRBool checkObjSign = PR_TRUE); |
| PRBool HasTrustedPeer(PRBool checkSSL = PR_TRUE, |
| PRBool checkEmail = PR_TRUE, |
| PRBool checkObjSign = PR_TRUE); |
| |
| /* common defaults */ |
| /* equivalent to "c,c,c" */ |
| void SetValidCA(); |
| /* equivalent to "C,C,C" */ |
| void SetTrustedServerCA(); |
| /* equivalent to "CT,CT,CT" */ |
| void SetTrustedCA(); |
| /* equivalent to "p,," */ |
| void SetValidServerPeer(); |
| /* equivalent to "p,p,p" */ |
| void SetValidPeer(); |
| /* equivalent to "P,P,P" */ |
| void SetTrustedPeer(); |
| /* equivalent to "u,u,u" */ |
| void SetUser(); |
| |
| /* general setters */ |
| /* read: "p, P, c, C, T, u, w" */ |
| void SetSSLTrust(PRBool peer, PRBool tPeer, |
| PRBool ca, PRBool tCA, PRBool tClientCA, |
| PRBool user, PRBool warn); |
| |
| void SetEmailTrust(PRBool peer, PRBool tPeer, |
| PRBool ca, PRBool tCA, PRBool tClientCA, |
| PRBool user, PRBool warn); |
| |
| void SetObjSignTrust(PRBool peer, PRBool tPeer, |
| PRBool ca, PRBool tCA, PRBool tClientCA, |
| PRBool user, PRBool warn); |
| |
| /* set c <--> CT */ |
| void AddCATrust(PRBool ssl, PRBool email, PRBool objSign); |
| /* set p <--> P */ |
| void AddPeerTrust(PRBool ssl, PRBool email, PRBool objSign); |
| |
| /* get it (const?) (shallow?) */ |
| CERTCertTrust * GetTrust() { return &mTrust; } |
| |
| private: |
| void addTrust(unsigned int *t, unsigned int v); |
| void removeTrust(unsigned int *t, unsigned int v); |
| PRBool hasTrust(unsigned int t, unsigned int v); |
| CERTCertTrust mTrust; |
| }; |
| |
| } // namespace mozilla_security_manager |
| |
| #endif // NET_THIRD_PARTY_MOZILLA_SECURITY_MANAGER_NSNSSCERTTRUST_H_ |