2
* The contents of this file are subject to the Mozilla Public
3
* License Version 1.1 (the "License"); you may not use this file
4
* except in compliance with the License. You may obtain a copy of
5
* the License at http://www.mozilla.org/MPL/
7
* Software distributed under the License is distributed on an "AS
8
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
9
* implied. See the License for the specific language governing
10
* rights and limitations under the License.
12
* The Original Code is the Netscape security libraries.
14
* The Initial Developer of the Original Code is Netscape
15
* Communications Corporation. Portions created by Netscape are
16
* Copyright (C) 2000 Netscape Communications Corporation. All
20
* Ian McGreer <mcgreer@netscape.com>
21
* Javier Delgadillo <javi@netscape.com>
23
* Alternatively, the contents of this file may be used under the
24
* terms of the GNU General Public License Version 2 or later (the
25
* "GPL"), in which case the provisions of the GPL are applicable
26
* instead of those above. If you wish to allow use of your
27
* version of this file only under the terms of the GPL and not to
28
* allow others to use your version of this file under the MPL,
29
* indicate your decision by deleting the provisions above and
30
* replace them with the notice and other provisions required by
31
* the GPL. If you do not delete the provisions above, a recipient
32
* may use your version of this file under either the MPL or the
37
#ifndef _NSNSSCERTTRUST_H_
38
#define _NSNSSCERTTRUST_H_
46
* Class for maintaining trust flags for an NSS certificate.
52
nsNSSCertTrust(unsigned int ssl, unsigned int email, unsigned int objsign);
53
nsNSSCertTrust(CERTCertTrust *t);
54
virtual ~nsNSSCertTrust();
59
PRBool HasCA(PRBool checkSSL = PR_TRUE,
60
PRBool checkEmail = PR_TRUE,
61
PRBool checkObjSign = PR_TRUE);
62
PRBool HasPeer(PRBool checkSSL = PR_TRUE,
63
PRBool checkEmail = PR_TRUE,
64
PRBool checkObjSign = PR_TRUE);
65
PRBool HasUser(PRBool checkSSL = PR_TRUE,
66
PRBool checkEmail = PR_TRUE,
67
PRBool checkObjSign = PR_TRUE);
68
PRBool HasTrustedCA(PRBool checkSSL = PR_TRUE,
69
PRBool checkEmail = PR_TRUE,
70
PRBool checkObjSign = PR_TRUE);
71
PRBool HasTrustedPeer(PRBool checkSSL = PR_TRUE,
72
PRBool checkEmail = PR_TRUE,
73
PRBool checkObjSign = PR_TRUE);
76
/* equivalent to "c,c,c" */
78
/* equivalent to "C,C,C" */
79
void SetTrustedServerCA();
80
/* equivalent to "CT,CT,CT" */
82
/* equivalent to "p,," */
83
void SetValidServerPeer();
84
/* equivalent to "p,p,p" */
86
/* equivalent to "P,P,P" */
87
void SetTrustedPeer();
88
/* equivalent to "u,u,u" */
92
/* read: "p, P, c, C, T, u, w" */
93
void SetSSLTrust(PRBool peer, PRBool tPeer,
94
PRBool ca, PRBool tCA, PRBool tClientCA,
95
PRBool user, PRBool warn);
97
void SetEmailTrust(PRBool peer, PRBool tPeer,
98
PRBool ca, PRBool tCA, PRBool tClientCA,
99
PRBool user, PRBool warn);
101
void SetObjSignTrust(PRBool peer, PRBool tPeer,
102
PRBool ca, PRBool tCA, PRBool tClientCA,
103
PRBool user, PRBool warn);
106
void AddCATrust(PRBool ssl, PRBool email, PRBool objSign);
108
void AddPeerTrust(PRBool ssl, PRBool email, PRBool objSign);
110
/* get it (const?) (shallow?) */
111
CERTCertTrust * GetTrust() { return &mTrust; }
114
void addTrust(unsigned int *t, unsigned int v);
115
void removeTrust(unsigned int *t, unsigned int v);
116
PRBool hasTrust(unsigned int t, unsigned int v);
117
CERTCertTrust mTrust;