security/apps/AppTrustDomain.h

   1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
   2 /* vim: set ts=8 sts=2 et sw=2 tw=80: */
   3 /* This Source Code Form is subject to the terms of the Mozilla Public
   4  * License, v. 2.0. If a copy of the MPL was not distributed with this
   5  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
   6
   7 #ifndef mozilla_psm_AppsTrustDomain_h
   8 #define mozilla_psm_AppsTrustDomain_h
   9
  10 #include "pkix/pkixtypes.h"
  11 #include "nsDebug.h"
  12 #include "nsIX509CertDB.h"
  13 #include "ScopedNSSTypes.h"
  14
  15 namespace mozilla { namespace psm {
  16
  17 class AppTrustDomain MOZ_FINAL : public mozilla::pkix::TrustDomain
  18 {
  19 public:
  20   typedef mozilla::pkix::Result Result;
  21
  22   AppTrustDomain(ScopedCERTCertList&, void* pinArg);
  23
  24   SECStatus SetTrustedRoot(AppTrustedRoot trustedRoot);
  25
  26   virtual Result GetCertTrust(mozilla::pkix::EndEntityOrCA endEntityOrCA,
  27                               const mozilla::pkix::CertPolicyId& policy,
  28                               mozilla::pkix::Input candidateCertDER,
  29                               /*out*/ mozilla::pkix::TrustLevel& trustLevel)
  30                               MOZ_OVERRIDE;
  31   virtual Result FindIssuer(mozilla::pkix::Input encodedIssuerName,
  32                             IssuerChecker& checker,
  33                             mozilla::pkix::Time time) MOZ_OVERRIDE;
  34   virtual Result CheckRevocation(mozilla::pkix::EndEntityOrCA endEntityOrCA,
  35                                  const mozilla::pkix::CertID& certID,
  36                                  mozilla::pkix::Time time,
  37                     /*optional*/ const mozilla::pkix::Input* stapledOCSPresponse,
  38                     /*optional*/ const mozilla::pkix::Input* aiaExtension) MOZ_OVERRIDE;
  39   virtual Result IsChainValid(const mozilla::pkix::DERArray& certChain,
  40                               mozilla::pkix::Time time) MOZ_OVERRIDE;
  41   virtual Result CheckPublicKey(mozilla::pkix::Input subjectPublicKeyInfo)
  42                                 MOZ_OVERRIDE;
  43   virtual Result VerifySignedData(
  44            const mozilla::pkix::SignedDataWithSignature& signedData,
  45            mozilla::pkix::Input subjectPublicKeyInfo) MOZ_OVERRIDE;
  46   virtual Result DigestBuf(mozilla::pkix::Input item,
  47                            /*out*/ uint8_t* digestBuf,
  48                            size_t digestBufLen) MOZ_OVERRIDE;
  49
  50 private:
  51   /*out*/ ScopedCERTCertList& mCertChain;
  52   void* mPinArg; // non-owning!
  53   ScopedCERTCertificate mTrustedRoot;
  54   unsigned int mMinimumNonECCBits;
  55 };
  56
  57 } } // namespace mozilla::psm
  58
  59 #endif // mozilla_psm_AppsTrustDomain_h