/security/manager/ssl/src/nsNSSCertTrust.h

http://github.com/zpao/v8monkey · C Header · 122 lines · 54 code · 12 blank · 56 comment · 0 complexity · 54b433d179a23a96801c4f9a3a0e13de MD5 · raw file 

    

  1. /* ***** BEGIN LICENSE BLOCK *****
    2. 

  2.  * Version: MPL 1.1/GPL 2.0/LGPL 2.1
    3. 

  3.  *
    4. 

  4.  * The contents of this file are subject to the Mozilla Public License Version
    5. 

  5.  * 1.1 (the "License"); you may not use this file except in compliance with
    6. 

  6.  * the License. You may obtain a copy of the License at
    7. 

  7.  * http://www.mozilla.org/MPL/
    8. 

  8.  *
    9. 

  9.  * Software distributed under the License is distributed on an "AS IS" basis,
    10. 

  10.  * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
    11. 

  11.  * for the specific language governing rights and limitations under the
    12. 

  12.  * License.
    13. 

  13.  *
    14. 

  14.  * The Original Code is the Netscape security libraries.
    15. 

  15.  *
    16. 

  16.  * The Initial Developer of the Original Code is
    17. 

  17.  * Netscape Communications Corporation.
    18. 

  18.  * Portions created by the Initial Developer are Copyright (C) 2000
    19. 

  19.  * the Initial Developer. All Rights Reserved.
    20. 

  20.  *
    21. 

  21.  * Contributor(s):
    22. 

  22.  *   Ian McGreer <mcgreer@netscape.com>
    23. 

  23.  *   Javier Delgadillo <javi@netscape.com>
    24. 

  24.  *
    25. 

  25.  * Alternatively, the contents of this file may be used under the terms of
    26. 

  26.  * either the GNU General Public License Version 2 or later (the "GPL"), or
    27. 

  27.  * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
    28. 

  28.  * in which case the provisions of the GPL or the LGPL are applicable instead
    29. 

  29.  * of those above. If you wish to allow use of your version of this file only
    30. 

  30.  * under the terms of either the GPL or the LGPL, and not to allow others to
    31. 

  31.  * use your version of this file under the terms of the MPL, indicate your
    32. 

  32.  * decision by deleting the provisions above and replace them with the notice
    33. 

  33.  * and other provisions required by the GPL or the LGPL. If you do not delete
    34. 

  34.  * the provisions above, a recipient may use your version of this file under
    35. 

  35.  * the terms of any one of the MPL, the GPL or the LGPL.
    36. 

  36.  *
    37. 

  37.  * ***** END LICENSE BLOCK ***** */
    38. 

  38. 

  39. #ifndef _NSNSSCERTTRUST_H_
    40. 

  40. #define _NSNSSCERTTRUST_H_
    41. 

  41. 

  42. #include "certt.h"
    43. 

  43. #include "certdb.h"
    44. 

  44. 

  45. /*
    46. 

  46.  * nsNSSCertTrust
    47. 

  47.  * 
    48. 

  48.  * Class for maintaining trust flags for an NSS certificate.
    49. 

  49.  */
    50. 

  50. class nsNSSCertTrust
    51. 

  51. {
    52. 

  52. public:
    53. 

  53.   nsNSSCertTrust();
    54. 

  54.   nsNSSCertTrust(unsigned int ssl, unsigned int email, unsigned int objsign);
    55. 

  55.   nsNSSCertTrust(CERTCertTrust *t);
    56. 

  56.   virtual ~nsNSSCertTrust();
    57. 

  57. 

  58.   /* query */
    59. 

  59.   bool HasAnyCA();
    60. 

  60.   bool HasAnyUser();
    61. 

  61.   bool HasCA(bool checkSSL = true, 
    62. 

  62.                bool checkEmail = true,  
    63. 

  63.                bool checkObjSign = true);
    64. 

  64.   bool HasPeer(bool checkSSL = true, 
    65. 

  65.                  bool checkEmail = true,  
    66. 

  66.                  bool checkObjSign = true);
    67. 

  67.   bool HasUser(bool checkSSL = true, 
    68. 

  68.                  bool checkEmail = true,  
    69. 

  69.                  bool checkObjSign = true);
    70. 

  70.   bool HasTrustedCA(bool checkSSL = true, 
    71. 

  71.                       bool checkEmail = true,  
    72. 

  72.                       bool checkObjSign = true);
    73. 

  73.   bool HasTrustedPeer(bool checkSSL = true, 
    74. 

  74.                         bool checkEmail = true,  
    75. 

  75.                         bool checkObjSign = true);
    76. 

  76. 

  77.   /* common defaults */
    78. 

  78.   /* equivalent to "c,c,c" */
    79. 

  79.   void SetValidCA();
    80. 

  80.   /* equivalent to "C,C,C" */
    81. 

  81.   void SetTrustedServerCA();
    82. 

  82.   /* equivalent to "CT,CT,CT" */
    83. 

  83.   void SetTrustedCA();
    84. 

  84.   /* equivalent to "p,," */
    85. 

  85.   void SetValidServerPeer();
    86. 

  86.   /* equivalent to "p,p,p" */
    87. 

  87.   void SetValidPeer();
    88. 

  88.   /* equivalent to "P,P,P" */
    89. 

  89.   void SetTrustedPeer();
    90. 

  90.   /* equivalent to "u,u,u" */
    91. 

  91.   void SetUser();
    92. 

  92. 

  93.   /* general setters */
    94. 

  94.   /* read: "p, P, c, C, T, u, w" */
    95. 

  95.   void SetSSLTrust(bool peer, bool tPeer,
    96. 

  96.                    bool ca,   bool tCA, bool tClientCA,
    97. 

  97.                    bool user, bool warn); 
    98. 

  98. 

  99.   void SetEmailTrust(bool peer, bool tPeer,
    100. 

  100.                      bool ca,   bool tCA, bool tClientCA,
    101. 

  101.                      bool user, bool warn);
    102. 

  102. 

  103.   void SetObjSignTrust(bool peer, bool tPeer,
    104. 

  104.                        bool ca,   bool tCA, bool tClientCA,
    105. 

  105.                        bool user, bool warn);
    106. 

  106. 

  107.   /* set c <--> CT */
    108. 

  108.   void AddCATrust(bool ssl, bool email, bool objSign);
    109. 

  109.   /* set p <--> P */
    110. 

  110.   void AddPeerTrust(bool ssl, bool email, bool objSign);
    111. 

  111. 

  112.   /* get it (const?) (shallow?) */
    113. 

  113.   CERTCertTrust * GetTrust() { return &mTrust; }
    114. 

  114. 

  115. private:
    116. 

  116.   void addTrust(unsigned int *t, unsigned int v);
    117. 

  117.   void removeTrust(unsigned int *t, unsigned int v);
    118. 

  118.   bool hasTrust(unsigned int t, unsigned int v);
    119. 

  119.   CERTCertTrust mTrust;
    120. 

  120. };
    121. 

  121. 

  122. #endif
    123.