Back to index

lightning-sunbird  0.9+nobinonly
nsNSSCertTrust.h
Go to the documentation of this file.
00001 /* ***** BEGIN LICENSE BLOCK *****
00002  * Version: MPL 1.1/GPL 2.0/LGPL 2.1
00003  *
00004  * The contents of this file are subject to the Mozilla Public License Version
00005  * 1.1 (the "License"); you may not use this file except in compliance with
00006  * the License. You may obtain a copy of the License at
00007  * http://www.mozilla.org/MPL/
00008  *
00009  * Software distributed under the License is distributed on an "AS IS" basis,
00010  * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
00011  * for the specific language governing rights and limitations under the
00012  * License.
00013  *
00014  * The Original Code is the Netscape security libraries.
00015  *
00016  * The Initial Developer of the Original Code is
00017  * Netscape Communications Corporation.
00018  * Portions created by the Initial Developer are Copyright (C) 2000
00019  * the Initial Developer. All Rights Reserved.
00020  *
00021  * Contributor(s):
00022  *   Ian McGreer <mcgreer@netscape.com>
00023  *   Javier Delgadillo <javi@netscape.com>
00024  *
00025  * Alternatively, the contents of this file may be used under the terms of
00026  * either the GNU General Public License Version 2 or later (the "GPL"), or
00027  * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
00028  * in which case the provisions of the GPL or the LGPL are applicable instead
00029  * of those above. If you wish to allow use of your version of this file only
00030  * under the terms of either the GPL or the LGPL, and not to allow others to
00031  * use your version of this file under the terms of the MPL, indicate your
00032  * decision by deleting the provisions above and replace them with the notice
00033  * and other provisions required by the GPL or the LGPL. If you do not delete
00034  * the provisions above, a recipient may use your version of this file under
00035  * the terms of any one of the MPL, the GPL or the LGPL.
00036  *
00037  * ***** END LICENSE BLOCK ***** */
00038 
00039 #ifndef _NSNSSCERTTRUST_H_
00040 #define _NSNSSCERTTRUST_H_
00041 
00042 #include "certt.h"
00043 #include "certdb.h"
00044 
00045 /*
00046  * nsNSSCertTrust
00047  * 
00048  * Class for maintaining trust flags for an NSS certificate.
00049  */
00050 class nsNSSCertTrust
00051 {
00052 public:
00053   nsNSSCertTrust();
00054   nsNSSCertTrust(unsigned int ssl, unsigned int email, unsigned int objsign);
00055   nsNSSCertTrust(CERTCertTrust *t);
00056   virtual ~nsNSSCertTrust();
00057 
00058   /* query */
00059   PRBool HasAnyCA();
00060   PRBool HasAnyUser();
00061   PRBool HasCA(PRBool checkSSL = PR_TRUE, 
00062                PRBool checkEmail = PR_TRUE,  
00063                PRBool checkObjSign = PR_TRUE);
00064   PRBool HasPeer(PRBool checkSSL = PR_TRUE, 
00065                  PRBool checkEmail = PR_TRUE,  
00066                  PRBool checkObjSign = PR_TRUE);
00067   PRBool HasUser(PRBool checkSSL = PR_TRUE, 
00068                  PRBool checkEmail = PR_TRUE,  
00069                  PRBool checkObjSign = PR_TRUE);
00070   PRBool HasTrustedCA(PRBool checkSSL = PR_TRUE, 
00071                       PRBool checkEmail = PR_TRUE,  
00072                       PRBool checkObjSign = PR_TRUE);
00073   PRBool HasTrustedPeer(PRBool checkSSL = PR_TRUE, 
00074                         PRBool checkEmail = PR_TRUE,  
00075                         PRBool checkObjSign = PR_TRUE);
00076 
00077   /* common defaults */
00078   /* equivalent to "c,c,c" */
00079   void SetValidCA();
00080   /* equivalent to "C,C,C" */
00081   void SetTrustedServerCA();
00082   /* equivalent to "CT,CT,CT" */
00083   void SetTrustedCA();
00084   /* equivalent to "p,," */
00085   void SetValidServerPeer();
00086   /* equivalent to "p,p,p" */
00087   void SetValidPeer();
00088   /* equivalent to "P,P,P" */
00089   void SetTrustedPeer();
00090   /* equivalent to "u,u,u" */
00091   void SetUser();
00092 
00093   /* general setters */
00094   /* read: "p, P, c, C, T, u, w" */
00095   void SetSSLTrust(PRBool peer, PRBool tPeer,
00096                    PRBool ca,   PRBool tCA, PRBool tClientCA,
00097                    PRBool user, PRBool warn); 
00098 
00099   void SetEmailTrust(PRBool peer, PRBool tPeer,
00100                      PRBool ca,   PRBool tCA, PRBool tClientCA,
00101                      PRBool user, PRBool warn);
00102 
00103   void SetObjSignTrust(PRBool peer, PRBool tPeer,
00104                        PRBool ca,   PRBool tCA, PRBool tClientCA,
00105                        PRBool user, PRBool warn);
00106 
00107   /* set c <--> CT */
00108   void AddCATrust(PRBool ssl, PRBool email, PRBool objSign);
00109   /* set p <--> P */
00110   void AddPeerTrust(PRBool ssl, PRBool email, PRBool objSign);
00111 
00112   /* get it (const?) (shallow?) */
00113   CERTCertTrust * GetTrust() { return &mTrust; }
00114 
00115 private:
00116   void addTrust(unsigned int *t, unsigned int v);
00117   void removeTrust(unsigned int *t, unsigned int v);
00118   PRBool hasTrust(unsigned int t, unsigned int v);
00119   CERTCertTrust mTrust;
00120 };
00121 
00122 #endif