Adding upstream version 86.0.1.upstream/86.0.1upstream

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

1 files changed, 47 insertions, 0 deletions

diff --git a/security/certverifier/ExtendedValidation.h b/security/certverifier/ExtendedValidation.h
new file mode 100644
index 0000000000..42b9524f02
--- /dev/null
+++ b/security/certverifier/ExtendedValidation.h
@@ -0,0 +1,47 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef ExtendedValidation_h
+#define ExtendedValidation_h
+
+#include "ScopedNSSTypes.h"
+#include "certt.h"
+
+namespace mozilla {
+namespace pkix {
+struct CertPolicyId;
+}
+}  // namespace mozilla
+
+namespace mozilla {
+namespace psm {
+
+nsresult LoadExtendedValidationInfo();
+
+/**
+ * Finds the first policy OID in the given cert that is known to be an EV policy
+ * OID.
+ *
+ * @param cert
+ *        The cert to find the first EV policy of.
+ * @param policy
+ *        The found policy.
+ * @param policyOidTag
+ *        The OID tag of the found policy.
+ * @return true if a suitable policy was found, false otherwise.
+ */
+bool GetFirstEVPolicy(CERTCertificate& cert,
+                      /*out*/ mozilla::pkix::CertPolicyId& policy,
+                      /*out*/ SECOidTag& policyOidTag);
+
+// CertIsAuthoritativeForEVPolicy does NOT evaluate whether the cert is trusted
+// or distrusted.
+bool CertIsAuthoritativeForEVPolicy(const UniqueCERTCertificate& cert,
+                                    const mozilla::pkix::CertPolicyId& policy);
+
+}  // namespace psm
+}  // namespace mozilla
+
+#endif  // ExtendedValidation_h