/* ***** BEGIN LICENSE BLOCK ***** * Version: MPL 1.1/GPL 2.0/LGPL 2.1 * * The contents of this file are subject to the Mozilla Public License Version * 1.1 (the "License"); you may not use this file except in compliance with * the License. You may obtain a copy of the License at * http://www.mozilla.org/MPL/ * * Software distributed under the License is distributed on an "AS IS" basis, * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License * for the specific language governing rights and limitations under the * License. * * The Original Code is the Netscape security libraries. * * The Initial Developer of the Original Code is * Netscape Communications Corporation. * Portions created by the Initial Developer are Copyright (C) 2000 * the Initial Developer. All Rights Reserved. * * Contributor(s): * Ian McGreer * Javier Delgadillo * * Alternatively, the contents of this file may be used under the terms of * either the GNU General Public License Version 2 or later (the "GPL"), or * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), * in which case the provisions of the GPL or the LGPL are applicable instead * of those above. If you wish to allow use of your version of this file only * under the terms of either the GPL or the LGPL, and not to allow others to * use your version of this file under the terms of the MPL, indicate your * decision by deleting the provisions above and replace them with the notice * and other provisions required by the GPL or the LGPL. If you do not delete * the provisions above, a recipient may use your version of this file under * the terms of any one of the MPL, the GPL or the LGPL. * * ***** END LICENSE BLOCK ***** */ #ifndef NET_THIRD_PARTY_MOZILLA_SECURITY_MANAGER_NSNSSCERTTRUST_H_ #define NET_THIRD_PARTY_MOZILLA_SECURITY_MANAGER_NSNSSCERTTRUST_H_ #include #include namespace mozilla_security_manager { /* * nsNSSCertTrust * * Class for maintaining trust flags for an NSS certificate. */ class nsNSSCertTrust { public: nsNSSCertTrust(); nsNSSCertTrust(unsigned int ssl, unsigned int email, unsigned int objsign); nsNSSCertTrust(CERTCertTrust *t); virtual ~nsNSSCertTrust(); /* query */ PRBool HasAnyCA(); PRBool HasAnyUser(); PRBool HasCA(PRBool checkSSL = PR_TRUE, PRBool checkEmail = PR_TRUE, PRBool checkObjSign = PR_TRUE); PRBool HasPeer(PRBool checkSSL = PR_TRUE, PRBool checkEmail = PR_TRUE, PRBool checkObjSign = PR_TRUE); PRBool HasUser(PRBool checkSSL = PR_TRUE, PRBool checkEmail = PR_TRUE, PRBool checkObjSign = PR_TRUE); PRBool HasTrustedCA(PRBool checkSSL = PR_TRUE, PRBool checkEmail = PR_TRUE, PRBool checkObjSign = PR_TRUE); PRBool HasTrustedPeer(PRBool checkSSL = PR_TRUE, PRBool checkEmail = PR_TRUE, PRBool checkObjSign = PR_TRUE); /* common defaults */ /* equivalent to "c,c,c" */ void SetValidCA(); /* equivalent to "C,C,C" */ void SetTrustedServerCA(); /* equivalent to "CT,CT,CT" */ void SetTrustedCA(); /* equivalent to "p,," */ void SetValidServerPeer(); /* equivalent to "p,p,p" */ void SetValidPeer(); /* equivalent to "P,P,P" */ void SetTrustedPeer(); /* equivalent to "u,u,u" */ void SetUser(); /* general setters */ /* read: "p, P, c, C, T, u, w" */ void SetSSLTrust(PRBool peer, PRBool tPeer, PRBool ca, PRBool tCA, PRBool tClientCA, PRBool user, PRBool warn); void SetEmailTrust(PRBool peer, PRBool tPeer, PRBool ca, PRBool tCA, PRBool tClientCA, PRBool user, PRBool warn); void SetObjSignTrust(PRBool peer, PRBool tPeer, PRBool ca, PRBool tCA, PRBool tClientCA, PRBool user, PRBool warn); /* set c <--> CT */ void AddCATrust(PRBool ssl, PRBool email, PRBool objSign); /* set p <--> P */ void AddPeerTrust(PRBool ssl, PRBool email, PRBool objSign); /* get it (const?) (shallow?) */ CERTCertTrust * GetTrust() { return &mTrust; } private: void addTrust(unsigned int *t, unsigned int v); void removeTrust(unsigned int *t, unsigned int v); PRBool hasTrust(unsigned int t, unsigned int v); CERTCertTrust mTrust; }; } // namespace mozilla_security_manager #endif // NET_THIRD_PARTY_MOZILLA_SECURITY_MANAGER_NSNSSCERTTRUST_H_