1 files changed, 126 insertions, 0 deletions

diff --git a/net/third_party/mozilla_security_manager/nsNSSCertTrust.h b/net/third_party/mozilla_security_manager/nsNSSCertTrust.h
new file mode 100644
index 0000000..d858c84
--- /dev/null
+++ b/net/third_party/mozilla_security_manager/nsNSSCertTrust.h
@@ -0,0 +1,126 @@
+/* ***** BEGIN LICENSE BLOCK *****
+ * Version: MPL 1.1/GPL 2.0/LGPL 2.1
+ *
+ * The contents of this file are subject to the Mozilla Public License Version
+ * 1.1 (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ * http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+ * for the specific language governing rights and limitations under the
+ * License.
+ *
+ * The Original Code is the Netscape security libraries.
+ *
+ * The Initial Developer of the Original Code is
+ * Netscape Communications Corporation.
+ * Portions created by the Initial Developer are Copyright (C) 2000
+ * the Initial Developer. All Rights Reserved.
+ *
+ * Contributor(s):
+ *   Ian McGreer <mcgreer@netscape.com>
+ *   Javier Delgadillo <javi@netscape.com>
+ *
+ * Alternatively, the contents of this file may be used under the terms of
+ * either the GNU General Public License Version 2 or later (the "GPL"), or
+ * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+ * in which case the provisions of the GPL or the LGPL are applicable instead
+ * of those above. If you wish to allow use of your version of this file only
+ * under the terms of either the GPL or the LGPL, and not to allow others to
+ * use your version of this file under the terms of the MPL, indicate your
+ * decision by deleting the provisions above and replace them with the notice
+ * and other provisions required by the GPL or the LGPL. If you do not delete
+ * the provisions above, a recipient may use your version of this file under
+ * the terms of any one of the MPL, the GPL or the LGPL.
+ *
+ * ***** END LICENSE BLOCK ***** */
+
+#ifndef NET_THIRD_PARTY_MOZILLA_SECURITY_MANAGER_NSNSSCERTTRUST_H_
+#define NET_THIRD_PARTY_MOZILLA_SECURITY_MANAGER_NSNSSCERTTRUST_H_
+
+#include <certt.h>
+#include <certdb.h>
+
+namespace mozilla_security_manager {
+
+/*
+ * nsNSSCertTrust
+ * 
+ * Class for maintaining trust flags for an NSS certificate.
+ */
+class nsNSSCertTrust
+{
+public:
+  nsNSSCertTrust();
+  nsNSSCertTrust(unsigned int ssl, unsigned int email, unsigned int objsign);
+  nsNSSCertTrust(CERTCertTrust *t);
+  virtual ~nsNSSCertTrust();
+
+  /* query */
+  PRBool HasAnyCA();
+  PRBool HasAnyUser();
+  PRBool HasCA(PRBool checkSSL = PR_TRUE, 
+               PRBool checkEmail = PR_TRUE,  
+               PRBool checkObjSign = PR_TRUE);
+  PRBool HasPeer(PRBool checkSSL = PR_TRUE, 
+                 PRBool checkEmail = PR_TRUE,  
+                 PRBool checkObjSign = PR_TRUE);
+  PRBool HasUser(PRBool checkSSL = PR_TRUE, 
+                 PRBool checkEmail = PR_TRUE,  
+                 PRBool checkObjSign = PR_TRUE);
+  PRBool HasTrustedCA(PRBool checkSSL = PR_TRUE, 
+                      PRBool checkEmail = PR_TRUE,  
+                      PRBool checkObjSign = PR_TRUE);
+  PRBool HasTrustedPeer(PRBool checkSSL = PR_TRUE, 
+                        PRBool checkEmail = PR_TRUE,  
+                        PRBool checkObjSign = PR_TRUE);
+
+  /* common defaults */
+  /* equivalent to "c,c,c" */
+  void SetValidCA();
+  /* equivalent to "C,C,C" */
+  void SetTrustedServerCA();
+  /* equivalent to "CT,CT,CT" */
+  void SetTrustedCA();
+  /* equivalent to "p,," */
+  void SetValidServerPeer();
+  /* equivalent to "p,p,p" */
+  void SetValidPeer();
+  /* equivalent to "P,P,P" */
+  void SetTrustedPeer();
+  /* equivalent to "u,u,u" */
+  void SetUser();
+
+  /* general setters */
+  /* read: "p, P, c, C, T, u, w" */
+  void SetSSLTrust(PRBool peer, PRBool tPeer,
+                   PRBool ca,   PRBool tCA, PRBool tClientCA,
+                   PRBool user, PRBool warn); 
+
+  void SetEmailTrust(PRBool peer, PRBool tPeer,
+                     PRBool ca,   PRBool tCA, PRBool tClientCA,
+                     PRBool user, PRBool warn);
+
+  void SetObjSignTrust(PRBool peer, PRBool tPeer,
+                       PRBool ca,   PRBool tCA, PRBool tClientCA,
+                       PRBool user, PRBool warn);
+
+  /* set c <--> CT */
+  void AddCATrust(PRBool ssl, PRBool email, PRBool objSign);
+  /* set p <--> P */
+  void AddPeerTrust(PRBool ssl, PRBool email, PRBool objSign);
+
+  /* get it (const?) (shallow?) */
+  CERTCertTrust * GetTrust() { return &mTrust; }
+
+private:
+  void addTrust(unsigned int *t, unsigned int v);
+  void removeTrust(unsigned int *t, unsigned int v);
+  PRBool hasTrust(unsigned int t, unsigned int v);
+  CERTCertTrust mTrust;
+};
+
+}  // namespace mozilla_security_manager
+
+#endif  // NET_THIRD_PARTY_MOZILLA_SECURITY_MANAGER_NSNSSCERTTRUST_H_