security/manager/ssl/nsNSSCertTrust.h

   1 /* This Source Code Form is subject to the terms of the Mozilla Public
   2  * License, v. 2.0. If a copy of the MPL was not distributed with this
   3  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
   4
   5 #ifndef nsNSSCertTrust_h
   6 #define nsNSSCertTrust_h
   7
   8 #include "certt.h"
   9
  10 /*
  11  * Class for maintaining trust flags for an NSS certificate.
  12  */
  13 class nsNSSCertTrust {
  14  public:
  15   nsNSSCertTrust();
  16   nsNSSCertTrust(unsigned int ssl, unsigned int email);
  17   explicit nsNSSCertTrust(CERTCertTrust* t);
  18   virtual ~nsNSSCertTrust();
  19
  20   /* query */
  21   bool HasAnyCA();
  22   bool HasAnyUser();
  23   bool HasPeer(bool checkSSL = true, bool checkEmail = true);
  24   bool HasTrustedCA(bool checkSSL = true, bool checkEmail = true);
  25   bool HasTrustedPeer(bool checkSSL = true, bool checkEmail = true);
  26
  27   /* common defaults */
  28   /* equivalent to "c,c,c" */
  29   void SetValidCA();
  30   /* equivalent to "p,p,p" */
  31   void SetValidPeer();
  32
  33   /* general setters */
  34   /* read: "p, P, c, C, T, u, w" */
  35   void SetSSLTrust(bool peer, bool tPeer, bool ca, bool tCA, bool tClientCA,
  36                    bool user, bool warn);
  37
  38   void SetEmailTrust(bool peer, bool tPeer, bool ca, bool tCA, bool tClientCA,
  39                      bool user, bool warn);
  40
  41   /* set c <--> CT */
  42   void AddCATrust(bool ssl, bool email);
  43   /* set p <--> P */
  44   void AddPeerTrust(bool ssl, bool email);
  45
  46   CERTCertTrust& GetTrust() { return mTrust; }
  47
  48  private:
  49   void addTrust(unsigned int* t, unsigned int v);
  50   void removeTrust(unsigned int* t, unsigned int v);
  51   bool hasTrust(unsigned int t, unsigned int v);
  52   CERTCertTrust mTrust;
  53 };
  54
  55 #endif  // nsNSSCertTrust_h