security/manager/ssl/src/nsNSSCertificate.h@141e0f1194b1 (annotated)
security/manager/ssl/src/nsNSSCertificate.h
Wed, 31 Dec 2014 07:16:47 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Wed, 31 Dec 2014 07:16:47 +0100
- branch
- TOR_BUG_9701
- changeset 3
- 141e0f1194b1
- permissions
- -rw-r--r--
Revert simplistic fix pending revisit of Mozilla integration attempt.
| michael@0 | 1 | /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ |
| michael@0 | 2 | /* This Source Code Form is subject to the terms of the Mozilla Public |
| michael@0 | 3 | * License, v. 2.0. If a copy of the MPL was not distributed with this |
| michael@0 | 4 | * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
| michael@0 | 5 | |
| michael@0 | 6 | #ifndef _NS_NSSCERTIFICATE_H_ |
| michael@0 | 7 | #define _NS_NSSCERTIFICATE_H_ |
| michael@0 | 8 | |
| michael@0 | 9 | #include "nsIX509Cert.h" |
| michael@0 | 10 | #include "nsIX509Cert2.h" |
| michael@0 | 11 | #include "nsIX509Cert3.h" |
| michael@0 | 12 | #include "nsIX509CertDB.h" |
| michael@0 | 13 | #include "nsIX509CertList.h" |
| michael@0 | 14 | #include "nsIASN1Object.h" |
| michael@0 | 15 | #include "nsISMimeCert.h" |
| michael@0 | 16 | #include "nsIIdentityInfo.h" |
| michael@0 | 17 | #include "nsCOMPtr.h" |
| michael@0 | 18 | #include "nsNSSShutDown.h" |
| michael@0 | 19 | #include "nsISimpleEnumerator.h" |
| michael@0 | 20 | #include "nsISerializable.h" |
| michael@0 | 21 | #include "nsIClassInfo.h" |
| michael@0 | 22 | #include "pkix/pkixtypes.h" |
| michael@0 | 23 | #include "certt.h" |
| michael@0 | 24 | |
| michael@0 | 25 | class nsAutoString; |
| michael@0 | 26 | class nsINSSComponent; |
| michael@0 | 27 | class nsIASN1Sequence; |
| michael@0 | 28 | |
| michael@0 | 29 | class nsNSSCertificate : public nsIX509Cert3, |
| michael@0 | 30 | public nsIIdentityInfo, |
| michael@0 | 31 | public nsISMimeCert, |
| michael@0 | 32 | public nsISerializable, |
| michael@0 | 33 | public nsIClassInfo, |
| michael@0 | 34 | public nsNSSShutDownObject |
| michael@0 | 35 | { |
| michael@0 | 36 | public: |
| michael@0 | 37 | NS_DECL_THREADSAFE_ISUPPORTS |
| michael@0 | 38 | NS_DECL_NSIX509CERT |
| michael@0 | 39 | NS_DECL_NSIX509CERT2 |
| michael@0 | 40 | NS_DECL_NSIX509CERT3 |
| michael@0 | 41 | NS_DECL_NSIIDENTITYINFO |
| michael@0 | 42 | NS_DECL_NSISMIMECERT |
| michael@0 | 43 | NS_DECL_NSISERIALIZABLE |
| michael@0 | 44 | NS_DECL_NSICLASSINFO |
| michael@0 | 45 | |
| michael@0 | 46 | friend class nsNSSCertificateFakeTransport; |
| michael@0 | 47 | |
| michael@0 | 48 | nsNSSCertificate(CERTCertificate* cert, SECOidTag* evOidPolicy = nullptr); |
| michael@0 | 49 | nsNSSCertificate(); |
| michael@0 | 50 | virtual ~nsNSSCertificate(); |
| michael@0 | 51 | nsresult FormatUIStrings(const nsAutoString& nickname, |
| michael@0 | 52 | nsAutoString& nickWithSerial, |
| michael@0 | 53 | nsAutoString& details); |
| michael@0 | 54 | static nsNSSCertificate* Create(CERTCertificate*cert = nullptr, |
| michael@0 | 55 | SECOidTag* evOidPolicy = nullptr); |
| michael@0 | 56 | static nsNSSCertificate* ConstructFromDER(char* certDER, int derLen); |
| michael@0 | 57 | |
| michael@0 | 58 | private: |
| michael@0 | 59 | mozilla::pkix::ScopedCERTCertificate mCert; |
| michael@0 | 60 | bool mPermDelete; |
| michael@0 | 61 | uint32_t mCertType; |
| michael@0 | 62 | nsresult CreateASN1Struct(nsIASN1Object** aRetVal); |
| michael@0 | 63 | nsresult CreateTBSCertificateASN1Struct(nsIASN1Sequence** retSequence, |
| michael@0 | 64 | nsINSSComponent* nssComponent); |
| michael@0 | 65 | nsresult GetSortableDate(PRTime aTime, nsAString& _aSortableDate); |
| michael@0 | 66 | virtual void virtualDestroyNSSReference(); |
| michael@0 | 67 | void destructorSafeDestroyNSSReference(); |
| michael@0 | 68 | bool InitFromDER(char* certDER, int derLen); // return false on failure |
| michael@0 | 69 | |
| michael@0 | 70 | enum { |
| michael@0 | 71 | ev_status_invalid = 0, ev_status_valid = 1, ev_status_unknown = 2 |
| michael@0 | 72 | } mCachedEVStatus; |
| michael@0 | 73 | SECOidTag mCachedEVOidTag; |
| michael@0 | 74 | nsresult hasValidEVOidTag(SECOidTag& resultOidTag, bool& validEV); |
| michael@0 | 75 | nsresult getValidEVOidTag(SECOidTag& resultOidTag, bool& validEV); |
| michael@0 | 76 | }; |
| michael@0 | 77 | |
| michael@0 | 78 | class nsNSSCertList: public nsIX509CertList, |
| michael@0 | 79 | public nsNSSShutDownObject |
| michael@0 | 80 | { |
| michael@0 | 81 | public: |
| michael@0 | 82 | NS_DECL_THREADSAFE_ISUPPORTS |
| michael@0 | 83 | NS_DECL_NSIX509CERTLIST |
| michael@0 | 84 | |
| michael@0 | 85 | // certList is adopted |
| michael@0 | 86 | nsNSSCertList(mozilla::pkix::ScopedCERTCertList& certList, |
| michael@0 | 87 | const nsNSSShutDownPreventionLock& proofOfLock); |
| michael@0 | 88 | |
| michael@0 | 89 | nsNSSCertList(); |
| michael@0 | 90 | |
| michael@0 | 91 | static CERTCertList* DupCertList(CERTCertList* aCertList, |
| michael@0 | 92 | const nsNSSShutDownPreventionLock& |
| michael@0 | 93 | proofOfLock); |
| michael@0 | 94 | private: |
| michael@0 | 95 | virtual ~nsNSSCertList(); |
| michael@0 | 96 | virtual void virtualDestroyNSSReference(); |
| michael@0 | 97 | void destructorSafeDestroyNSSReference(); |
| michael@0 | 98 | |
| michael@0 | 99 | mozilla::pkix::ScopedCERTCertList mCertList; |
| michael@0 | 100 | |
| michael@0 | 101 | nsNSSCertList(const nsNSSCertList&) MOZ_DELETE; |
| michael@0 | 102 | void operator=(const nsNSSCertList&) MOZ_DELETE; |
| michael@0 | 103 | }; |
| michael@0 | 104 | |
| michael@0 | 105 | class nsNSSCertListEnumerator: public nsISimpleEnumerator, |
| michael@0 | 106 | public nsNSSShutDownObject |
| michael@0 | 107 | { |
| michael@0 | 108 | public: |
| michael@0 | 109 | NS_DECL_THREADSAFE_ISUPPORTS |
| michael@0 | 110 | NS_DECL_NSISIMPLEENUMERATOR |
| michael@0 | 111 | |
| michael@0 | 112 | nsNSSCertListEnumerator(CERTCertList* certList, |
| michael@0 | 113 | const nsNSSShutDownPreventionLock& proofOfLock); |
| michael@0 | 114 | private: |
| michael@0 | 115 | virtual ~nsNSSCertListEnumerator(); |
| michael@0 | 116 | virtual void virtualDestroyNSSReference(); |
| michael@0 | 117 | void destructorSafeDestroyNSSReference(); |
| michael@0 | 118 | |
| michael@0 | 119 | mozilla::pkix::ScopedCERTCertList mCertList; |
| michael@0 | 120 | |
| michael@0 | 121 | nsNSSCertListEnumerator(const nsNSSCertListEnumerator&) MOZ_DELETE; |
| michael@0 | 122 | void operator=(const nsNSSCertListEnumerator&) MOZ_DELETE; |
| michael@0 | 123 | }; |
| michael@0 | 124 | |
| michael@0 | 125 | |
| michael@0 | 126 | #define NS_NSS_LONG 4 |
| michael@0 | 127 | #define NS_NSS_GET_LONG(x) ((((unsigned long)((x)[0])) << 24) | \ |
| michael@0 | 128 | (((unsigned long)((x)[1])) << 16) | \ |
| michael@0 | 129 | (((unsigned long)((x)[2])) << 8) | \ |
| michael@0 | 130 | ((unsigned long)((x)[3])) ) |
| michael@0 | 131 | #define NS_NSS_PUT_LONG(src,dest) (dest)[0] = (((src) >> 24) & 0xff); \ |
| michael@0 | 132 | (dest)[1] = (((src) >> 16) & 0xff); \ |
| michael@0 | 133 | (dest)[2] = (((src) >> 8) & 0xff); \ |
| michael@0 | 134 | (dest)[3] = ((src) & 0xff); |
| michael@0 | 135 | |
| michael@0 | 136 | #define NS_X509CERT_CID { /* 660a3226-915c-4ffb-bb20-8985a632df05 */ \ |
| michael@0 | 137 | 0x660a3226, \ |
| michael@0 | 138 | 0x915c, \ |
| michael@0 | 139 | 0x4ffb, \ |
| michael@0 | 140 | { 0xbb, 0x20, 0x89, 0x85, 0xa6, 0x32, 0xdf, 0x05 } \ |
| michael@0 | 141 | } |
| michael@0 | 142 | |
| michael@0 | 143 | #endif // _NS_NSSCERTIFICATE_H_ |
