1 : /* ***** BEGIN LICENSE BLOCK *****
2 : * Version: MPL 1.1/GPL 2.0/LGPL 2.1
3 : *
4 : * The contents of this file are subject to the Mozilla Public License Version
5 : * 1.1 (the "License"); you may not use this file except in compliance with
6 : * the License. You may obtain a copy of the License at
7 : * http://www.mozilla.org/MPL/
8 : *
9 : * Software distributed under the License is distributed on an "AS IS" basis,
10 : * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
11 : * for the specific language governing rights and limitations under the
12 : * License.
13 : *
14 : * The Original Code is the Netscape security libraries.
15 : *
16 : * The Initial Developer of the Original Code is
17 : * Netscape Communications Corporation.
18 : * Portions created by the Initial Developer are Copyright (C) 2000
19 : * the Initial Developer. All Rights Reserved.
20 : *
21 : * Contributor(s):
22 : * Ian McGreer <mcgreer@netscape.com>
23 : * Javier Delgadillo <javi@netscape.com>
24 : *
25 : * Alternatively, the contents of this file may be used under the terms of
26 : * either the GNU General Public License Version 2 or later (the "GPL"), or
27 : * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
28 : * in which case the provisions of the GPL or the LGPL are applicable instead
29 : * of those above. If you wish to allow use of your version of this file only
30 : * under the terms of either the GPL or the LGPL, and not to allow others to
31 : * use your version of this file under the terms of the MPL, indicate your
32 : * decision by deleting the provisions above and replace them with the notice
33 : * and other provisions required by the GPL or the LGPL. If you do not delete
34 : * the provisions above, a recipient may use your version of this file under
35 : * the terms of any one of the MPL, the GPL or the LGPL.
36 : *
37 : * ***** END LICENSE BLOCK ***** */
38 :
39 : #ifndef _NSNSSCERTTRUST_H_
40 : #define _NSNSSCERTTRUST_H_
41 :
42 : #include "certt.h"
43 : #include "certdb.h"
44 :
45 : /*
46 : * nsNSSCertTrust
47 : *
48 : * Class for maintaining trust flags for an NSS certificate.
49 : */
50 : class nsNSSCertTrust
51 : {
52 : public:
53 : nsNSSCertTrust();
54 : nsNSSCertTrust(unsigned int ssl, unsigned int email, unsigned int objsign);
55 : nsNSSCertTrust(CERTCertTrust *t);
56 : virtual ~nsNSSCertTrust();
57 :
58 : /* query */
59 : bool HasAnyCA();
60 : bool HasAnyUser();
61 : bool HasCA(bool checkSSL = true,
62 : bool checkEmail = true,
63 : bool checkObjSign = true);
64 : bool HasPeer(bool checkSSL = true,
65 : bool checkEmail = true,
66 : bool checkObjSign = true);
67 : bool HasUser(bool checkSSL = true,
68 : bool checkEmail = true,
69 : bool checkObjSign = true);
70 : bool HasTrustedCA(bool checkSSL = true,
71 : bool checkEmail = true,
72 : bool checkObjSign = true);
73 : bool HasTrustedPeer(bool checkSSL = true,
74 : bool checkEmail = true,
75 : bool checkObjSign = true);
76 :
77 : /* common defaults */
78 : /* equivalent to "c,c,c" */
79 : void SetValidCA();
80 : /* equivalent to "C,C,C" */
81 : void SetTrustedServerCA();
82 : /* equivalent to "CT,CT,CT" */
83 : void SetTrustedCA();
84 : /* equivalent to "p,," */
85 : void SetValidServerPeer();
86 : /* equivalent to "p,p,p" */
87 : void SetValidPeer();
88 : /* equivalent to "P,P,P" */
89 : void SetTrustedPeer();
90 : /* equivalent to "u,u,u" */
91 : void SetUser();
92 :
93 : /* general setters */
94 : /* read: "p, P, c, C, T, u, w" */
95 : void SetSSLTrust(bool peer, bool tPeer,
96 : bool ca, bool tCA, bool tClientCA,
97 : bool user, bool warn);
98 :
99 : void SetEmailTrust(bool peer, bool tPeer,
100 : bool ca, bool tCA, bool tClientCA,
101 : bool user, bool warn);
102 :
103 : void SetObjSignTrust(bool peer, bool tPeer,
104 : bool ca, bool tCA, bool tClientCA,
105 : bool user, bool warn);
106 :
107 : /* set c <--> CT */
108 : void AddCATrust(bool ssl, bool email, bool objSign);
109 : /* set p <--> P */
110 : void AddPeerTrust(bool ssl, bool email, bool objSign);
111 :
112 : /* get it (const?) (shallow?) */
113 0 : CERTCertTrust * GetTrust() { return &mTrust; }
114 :
115 : private:
116 : void addTrust(unsigned int *t, unsigned int v);
117 : void removeTrust(unsigned int *t, unsigned int v);
118 : bool hasTrust(unsigned int t, unsigned int v);
119 : CERTCertTrust mTrust;
120 : };
121 :
122 : #endif
|