The Tor Browser / annotate

security/manager/ssl/src/nsNSSCertTrust.h@141e0f1194b1 (annotated)

security/manager/ssl/src/nsNSSCertTrust.h

Wed, 31 Dec 2014 07:16:47 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Wed, 31 Dec 2014 07:16:47 +0100
branch
TOR_BUG_9701
changeset 3
141e0f1194b1
permissions
-rw-r--r--

Revert simplistic fix pending revisit of Mozilla integration attempt.

michael@0 1 /* This Source Code Form is subject to the terms of the Mozilla Public
michael@0 2 * License, v. 2.0. If a copy of the MPL was not distributed with this
michael@0 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
michael@0 4
michael@0 5 #ifndef _NSNSSCERTTRUST_H_
michael@0 6 #define _NSNSSCERTTRUST_H_
michael@0 7
michael@0 8 #include "certt.h"
michael@0 9 #include "certdb.h"
michael@0 10
michael@0 11 /*
michael@0 12 * nsNSSCertTrust
michael@0 13 *
michael@0 14 * Class for maintaining trust flags for an NSS certificate.
michael@0 15 */
michael@0 16 class nsNSSCertTrust
michael@0 17 {
michael@0 18 public:
michael@0 19 nsNSSCertTrust();
michael@0 20 nsNSSCertTrust(unsigned int ssl, unsigned int email, unsigned int objsign);
michael@0 21 nsNSSCertTrust(CERTCertTrust *t);
michael@0 22 virtual ~nsNSSCertTrust();
michael@0 23
michael@0 24 /* query */
michael@0 25 bool HasAnyCA();
michael@0 26 bool HasAnyUser();
michael@0 27 bool HasCA(bool checkSSL = true,
michael@0 28 bool checkEmail = true,
michael@0 29 bool checkObjSign = true);
michael@0 30 bool HasPeer(bool checkSSL = true,
michael@0 31 bool checkEmail = true,
michael@0 32 bool checkObjSign = true);
michael@0 33 bool HasUser(bool checkSSL = true,
michael@0 34 bool checkEmail = true,
michael@0 35 bool checkObjSign = true);
michael@0 36 bool HasTrustedCA(bool checkSSL = true,
michael@0 37 bool checkEmail = true,
michael@0 38 bool checkObjSign = true);
michael@0 39 bool HasTrustedPeer(bool checkSSL = true,
michael@0 40 bool checkEmail = true,
michael@0 41 bool checkObjSign = true);
michael@0 42
michael@0 43 /* common defaults */
michael@0 44 /* equivalent to "c,c,c" */
michael@0 45 void SetValidCA();
michael@0 46 /* equivalent to "C,C,C" */
michael@0 47 void SetTrustedServerCA();
michael@0 48 /* equivalent to "CT,CT,CT" */
michael@0 49 void SetTrustedCA();
michael@0 50 /* equivalent to "p,," */
michael@0 51 void SetValidServerPeer();
michael@0 52 /* equivalent to "p,p,p" */
michael@0 53 void SetValidPeer();
michael@0 54 /* equivalent to "P,P,P" */
michael@0 55 void SetTrustedPeer();
michael@0 56 /* equivalent to "u,u,u" */
michael@0 57 void SetUser();
michael@0 58
michael@0 59 /* general setters */
michael@0 60 /* read: "p, P, c, C, T, u, w" */
michael@0 61 void SetSSLTrust(bool peer, bool tPeer,
michael@0 62 bool ca, bool tCA, bool tClientCA,
michael@0 63 bool user, bool warn);
michael@0 64
michael@0 65 void SetEmailTrust(bool peer, bool tPeer,
michael@0 66 bool ca, bool tCA, bool tClientCA,
michael@0 67 bool user, bool warn);
michael@0 68
michael@0 69 void SetObjSignTrust(bool peer, bool tPeer,
michael@0 70 bool ca, bool tCA, bool tClientCA,
michael@0 71 bool user, bool warn);
michael@0 72
michael@0 73 /* set c <--> CT */
michael@0 74 void AddCATrust(bool ssl, bool email, bool objSign);
michael@0 75 /* set p <--> P */
michael@0 76 void AddPeerTrust(bool ssl, bool email, bool objSign);
michael@0 77
michael@0 78 /* get it (const?) (shallow?) */
michael@0 79 CERTCertTrust * GetTrust() { return &mTrust; }
michael@0 80
michael@0 81 private:
michael@0 82 void addTrust(unsigned int *t, unsigned int v);
michael@0 83 void removeTrust(unsigned int *t, unsigned int v);
michael@0 84 bool hasTrust(unsigned int t, unsigned int v);
michael@0 85 CERTCertTrust mTrust;
michael@0 86 };
michael@0 87
michael@0 88 #endif

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial