security/apps/AppTrustDomain.h@97036ab72558 (annotated)
security/apps/AppTrustDomain.h
Tue, 06 Jan 2015 21:39:09 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Tue, 06 Jan 2015 21:39:09 +0100
- branch
- TOR_BUG_9701
- changeset 8
- 97036ab72558
- permissions
- -rw-r--r--
Conditionally force memory storage according to privacy.thirdparty.isolate;
This solves Tor bug #9701, complying with disk avoidance documented in
https://www.torproject.org/projects/torbrowser/design/#disk-avoidance.
| michael@0 | 1 | /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ |
| michael@0 | 2 | /* vim: set ts=8 sts=2 et sw=2 tw=80: */ |
| michael@0 | 3 | /* This Source Code Form is subject to the terms of the Mozilla Public |
| michael@0 | 4 | * License, v. 2.0. If a copy of the MPL was not distributed with this |
| michael@0 | 5 | * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
| michael@0 | 6 | |
| michael@0 | 7 | #ifndef mozilla_psm_AppsTrustDomain_h |
| michael@0 | 8 | #define mozilla_psm_AppsTrustDomain_h |
| michael@0 | 9 | |
| michael@0 | 10 | #include "pkix/pkixtypes.h" |
| michael@0 | 11 | #include "nsDebug.h" |
| michael@0 | 12 | #include "nsIX509CertDB.h" |
| michael@0 | 13 | |
| michael@0 | 14 | namespace mozilla { namespace psm { |
| michael@0 | 15 | |
| michael@0 | 16 | class AppTrustDomain MOZ_FINAL : public mozilla::pkix::TrustDomain |
| michael@0 | 17 | { |
| michael@0 | 18 | public: |
| michael@0 | 19 | AppTrustDomain(void* pinArg); |
| michael@0 | 20 | |
| michael@0 | 21 | SECStatus SetTrustedRoot(AppTrustedRoot trustedRoot); |
| michael@0 | 22 | |
| michael@0 | 23 | SECStatus GetCertTrust(mozilla::pkix::EndEntityOrCA endEntityOrCA, |
| michael@0 | 24 | SECOidTag policy, |
| michael@0 | 25 | const CERTCertificate* candidateCert, |
| michael@0 | 26 | /*out*/ TrustLevel* trustLevel) MOZ_OVERRIDE; |
| michael@0 | 27 | SECStatus FindPotentialIssuers(const SECItem* encodedIssuerName, |
| michael@0 | 28 | PRTime time, |
| michael@0 | 29 | /*out*/ mozilla::pkix::ScopedCERTCertList& results) |
| michael@0 | 30 | MOZ_OVERRIDE; |
| michael@0 | 31 | SECStatus VerifySignedData(const CERTSignedData* signedData, |
| michael@0 | 32 | const CERTCertificate* cert) MOZ_OVERRIDE; |
| michael@0 | 33 | SECStatus CheckRevocation(mozilla::pkix::EndEntityOrCA endEntityOrCA, |
| michael@0 | 34 | const CERTCertificate* cert, |
| michael@0 | 35 | /*const*/ CERTCertificate* issuerCertToDup, |
| michael@0 | 36 | PRTime time, |
| michael@0 | 37 | /*optional*/ const SECItem* stapledOCSPresponse); |
| michael@0 | 38 | SECStatus IsChainValid(const CERTCertList* certChain) { return SECSuccess; } |
| michael@0 | 39 | |
| michael@0 | 40 | private: |
| michael@0 | 41 | void* mPinArg; // non-owning! |
| michael@0 | 42 | mozilla::pkix::ScopedCERTCertificate mTrustedRoot; |
| michael@0 | 43 | }; |
| michael@0 | 44 | |
| michael@0 | 45 | } } // namespace mozilla::psm |
| michael@0 | 46 | |
| michael@0 | 47 | #endif // mozilla_psm_AppsTrustDomain_h |
