/security/manager/ssl/src/nsNSSCertTrust.h
C Header | 122 lines | 54 code | 12 blank | 56 comment | 0 complexity | 54b433d179a23a96801c4f9a3a0e13de MD5 | raw file
1/* ***** BEGIN LICENSE BLOCK ***** 2 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 3 * 4 * The contents of this file are subject to the Mozilla Public License Version 5 * 1.1 (the "License"); you may not use this file except in compliance with 6 * the License. You may obtain a copy of the License at 7 * http://www.mozilla.org/MPL/ 8 * 9 * Software distributed under the License is distributed on an "AS IS" basis, 10 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License 11 * for the specific language governing rights and limitations under the 12 * License. 13 * 14 * The Original Code is the Netscape security libraries. 15 * 16 * The Initial Developer of the Original Code is 17 * Netscape Communications Corporation. 18 * Portions created by the Initial Developer are Copyright (C) 2000 19 * the Initial Developer. All Rights Reserved. 20 * 21 * Contributor(s): 22 * Ian McGreer <mcgreer@netscape.com> 23 * Javier Delgadillo <javi@netscape.com> 24 * 25 * Alternatively, the contents of this file may be used under the terms of 26 * either the GNU General Public License Version 2 or later (the "GPL"), or 27 * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), 28 * in which case the provisions of the GPL or the LGPL are applicable instead 29 * of those above. If you wish to allow use of your version of this file only 30 * under the terms of either the GPL or the LGPL, and not to allow others to 31 * use your version of this file under the terms of the MPL, indicate your 32 * decision by deleting the provisions above and replace them with the notice 33 * and other provisions required by the GPL or the LGPL. If you do not delete 34 * the provisions above, a recipient may use your version of this file under 35 * the terms of any one of the MPL, the GPL or the LGPL. 36 * 37 * ***** END LICENSE BLOCK ***** */ 38 39#ifndef _NSNSSCERTTRUST_H_ 40#define _NSNSSCERTTRUST_H_ 41 42#include "certt.h" 43#include "certdb.h" 44 45/* 46 * nsNSSCertTrust 47 * 48 * Class for maintaining trust flags for an NSS certificate. 49 */ 50class nsNSSCertTrust 51{ 52public: 53 nsNSSCertTrust(); 54 nsNSSCertTrust(unsigned int ssl, unsigned int email, unsigned int objsign); 55 nsNSSCertTrust(CERTCertTrust *t); 56 virtual ~nsNSSCertTrust(); 57 58 /* query */ 59 bool HasAnyCA(); 60 bool HasAnyUser(); 61 bool HasCA(bool checkSSL = true, 62 bool checkEmail = true, 63 bool checkObjSign = true); 64 bool HasPeer(bool checkSSL = true, 65 bool checkEmail = true, 66 bool checkObjSign = true); 67 bool HasUser(bool checkSSL = true, 68 bool checkEmail = true, 69 bool checkObjSign = true); 70 bool HasTrustedCA(bool checkSSL = true, 71 bool checkEmail = true, 72 bool checkObjSign = true); 73 bool HasTrustedPeer(bool checkSSL = true, 74 bool checkEmail = true, 75 bool checkObjSign = true); 76 77 /* common defaults */ 78 /* equivalent to "c,c,c" */ 79 void SetValidCA(); 80 /* equivalent to "C,C,C" */ 81 void SetTrustedServerCA(); 82 /* equivalent to "CT,CT,CT" */ 83 void SetTrustedCA(); 84 /* equivalent to "p,," */ 85 void SetValidServerPeer(); 86 /* equivalent to "p,p,p" */ 87 void SetValidPeer(); 88 /* equivalent to "P,P,P" */ 89 void SetTrustedPeer(); 90 /* equivalent to "u,u,u" */ 91 void SetUser(); 92 93 /* general setters */ 94 /* read: "p, P, c, C, T, u, w" */ 95 void SetSSLTrust(bool peer, bool tPeer, 96 bool ca, bool tCA, bool tClientCA, 97 bool user, bool warn); 98 99 void SetEmailTrust(bool peer, bool tPeer, 100 bool ca, bool tCA, bool tClientCA, 101 bool user, bool warn); 102 103 void SetObjSignTrust(bool peer, bool tPeer, 104 bool ca, bool tCA, bool tClientCA, 105 bool user, bool warn); 106 107 /* set c <--> CT */ 108 void AddCATrust(bool ssl, bool email, bool objSign); 109 /* set p <--> P */ 110 void AddPeerTrust(bool ssl, bool email, bool objSign); 111 112 /* get it (const?) (shallow?) */ 113 CERTCertTrust * GetTrust() { return &mTrust; } 114 115private: 116 void addTrust(unsigned int *t, unsigned int v); 117 void removeTrust(unsigned int *t, unsigned int v); 118 bool hasTrust(unsigned int t, unsigned int v); 119 CERTCertTrust mTrust; 120}; 121 122#endif