The Tor Browser / file revision

security/certverifier/NSSCertDBTrustDomain.h@97036ab72558

security/certverifier/NSSCertDBTrustDomain.h

Tue, 06 Jan 2015 21:39:09 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Tue, 06 Jan 2015 21:39:09 +0100
branch
TOR_BUG_9701
changeset 8
97036ab72558
permissions
-rw-r--r--

Conditionally force memory storage according to privacy.thirdparty.isolate;
This solves Tor bug #9701, complying with disk avoidance documented in
https://www.torproject.org/projects/torbrowser/design/#disk-avoidance.

     1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */

     2 /* vim: set ts=8 sts=2 et sw=2 tw=80: */

     3 /* This Source Code Form is subject to the terms of the Mozilla Public

     4  * License, v. 2.0. If a copy of the MPL was not distributed with this

     5  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

     6 

     7 #ifndef mozilla_psm__NSSCertDBTrustDomain_h

     8 #define mozilla_psm__NSSCertDBTrustDomain_h

     9 

    10 #include "pkix/pkixtypes.h"

    11 #include "secmodt.h"

    12 #include "CertVerifier.h"

    13 

    14 namespace mozilla { namespace psm {

    15 

    16 SECStatus InitializeNSS(const char* dir, bool readOnly);

    17 

    18 void DisableMD5();

    19 

    20 extern const char BUILTIN_ROOTS_MODULE_DEFAULT_NAME[];

    21 

    22 void PORT_Free_string(char* str);

    23 

    24 // The dir parameter is the path to the directory containing the NSS builtin

    25 // roots module. Usually this is the same as the path to the other NSS shared

    26 // libraries. If it is null then the (library) path will be searched.

    27 //

    28 // The modNameUTF8 parameter should usually be

    29 // BUILTIN_ROOTS_MODULE_DEFAULT_NAME.

    30 SECStatus LoadLoadableRoots(/*optional*/ const char* dir,

    31                             const char* modNameUTF8);

    32 

    33 void UnloadLoadableRoots(const char* modNameUTF8);

    34 

    35 // Controls the OCSP fetching behavior of the classic verification mode. In the

    36 // classic mode, the OCSP fetching behavior is set globally instead of per

    37 // validation.

    38 void

    39 SetClassicOCSPBehavior(CertVerifier::ocsp_download_config enabled,

    40                        CertVerifier::ocsp_strict_config strict,

    41                        CertVerifier::ocsp_get_config get);

    42 

    43 // Caller must free the result with PR_Free

    44 char* DefaultServerNicknameForCert(CERTCertificate* cert);

    45 

    46 void SaveIntermediateCerts(const mozilla::pkix::ScopedCERTCertList& certList);

    47 

    48 class NSSCertDBTrustDomain : public mozilla::pkix::TrustDomain

    49 {

    50 

    51 public:

    52   enum OCSPFetching {

    53     NeverFetchOCSP = 0,

    54     FetchOCSPForDVSoftFail = 1,

    55     FetchOCSPForDVHardFail = 2,

    56     FetchOCSPForEV = 3,

    57     LocalOnlyOCSPForEV = 4,

    58   };

    59   NSSCertDBTrustDomain(SECTrustType certDBTrustType, OCSPFetching ocspFetching,

    60                        OCSPCache& ocspCache, void* pinArg,

    61                        CERTChainVerifyCallback* checkChainCallback = nullptr);

    62 

    63   virtual SECStatus FindPotentialIssuers(

    64                         const SECItem* encodedIssuerName,

    65                         PRTime time,

    66                 /*out*/ mozilla::pkix::ScopedCERTCertList& results);

    67 

    68   virtual SECStatus GetCertTrust(mozilla::pkix::EndEntityOrCA endEntityOrCA,

    69                                  SECOidTag policy,

    70                                  const CERTCertificate* candidateCert,

    71                          /*out*/ TrustLevel* trustLevel);

    72 

    73   virtual SECStatus VerifySignedData(const CERTSignedData* signedData,

    74                                      const CERTCertificate* cert);

    75 

    76   virtual SECStatus CheckRevocation(mozilla::pkix::EndEntityOrCA endEntityOrCA,

    77                                     const CERTCertificate* cert,

    78                           /*const*/ CERTCertificate* issuerCert,

    79                                     PRTime time,

    80                        /*optional*/ const SECItem* stapledOCSPResponse);

    81 

    82   virtual SECStatus IsChainValid(const CERTCertList* certChain);

    83 

    84 private:

    85   enum EncodedResponseSource {

    86     ResponseIsFromNetwork = 1,

    87     ResponseWasStapled = 2

    88   };

    89   static const PRTime ServerFailureDelay = 5 * 60 * PR_USEC_PER_SEC;

    90   SECStatus VerifyAndMaybeCacheEncodedOCSPResponse(

    91     const CERTCertificate* cert, CERTCertificate* issuerCert, PRTime time,

    92     uint16_t maxLifetimeInDays, const SECItem* encodedResponse,

    93     EncodedResponseSource responseSource, /*out*/ bool& expired);

    94 

    95   const SECTrustType mCertDBTrustType;

    96   const OCSPFetching mOCSPFetching;

    97   OCSPCache& mOCSPCache; // non-owning!

    98   void* mPinArg; // non-owning!

    99   CERTChainVerifyCallback* mCheckChainCallback; // non-owning!

   100 };

   101 

   102 } } // namespace mozilla::psm

   103 

   104 #endif // mozilla_psm__NSSCertDBTrustDomain_h

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial