diff options
Diffstat (limited to '')
-rw-r--r-- | security/manager/ssl/nsNSSCertificateDB.h | 71 |
1 files changed, 71 insertions, 0 deletions
diff --git a/security/manager/ssl/nsNSSCertificateDB.h b/security/manager/ssl/nsNSSCertificateDB.h new file mode 100644 index 0000000000..125bb32acd --- /dev/null +++ b/security/manager/ssl/nsNSSCertificateDB.h @@ -0,0 +1,71 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#ifndef nsNSSCertificateDB_h +#define nsNSSCertificateDB_h + +#include "ScopedNSSTypes.h" +#include "certt.h" +#include "mozilla/Mutex.h" +#include "mozilla/NotNull.h" +#include "mozilla/RefPtr.h" +#include "mozilla/UniquePtr.h" +#include "nsIX509CertDB.h" +#include "nsString.h" + +class nsIArray; + +class nsNSSCertificateDB final : public nsIX509CertDB + +{ + public: + NS_DECL_THREADSAFE_ISUPPORTS + NS_DECL_NSIX509CERTDB + + // This is a separate static method so nsNSSComponent can use it during NSS + // initialization. Other code should probably not use it. + static nsresult FindCertByDBKey(const nsACString& aDBKey, + mozilla::UniqueCERTCertificate& cert); + + static nsresult ConstructCertArrayFromUniqueCertList( + const mozilla::UniqueCERTCertList& aCertListIn, + nsTArray<RefPtr<nsIX509Cert>>& aCertListOut); + + protected: + virtual ~nsNSSCertificateDB() = default; + + private: + // Use this function to generate a default nickname for a user + // certificate that is to be imported onto a token. + static void get_default_nickname(CERTCertificate* cert, + nsIInterfaceRequestor* ctx, + nsCString& nickname); + + static nsresult ImportCACerts(nsTArray<nsTArray<uint8_t>>& CACerts, + nsIInterfaceRequestor* ctx); + + static void DisplayCertificateAlert(nsIInterfaceRequestor* ctx, + const char* stringID, + nsIX509Cert* certToShow); + + nsresult getCertsFromPackage(nsTArray<nsTArray<uint8_t>>& collectArgs, + uint8_t* data, uint32_t length); + nsresult handleCACertDownload(mozilla::NotNull<nsIArray*> x509Certs, + nsIInterfaceRequestor* ctx); + nsresult ConstructX509FromSpan(const mozilla::Span<const uint8_t> aInputSpan, + nsIX509Cert** _retval); +}; + +#define NS_X509CERTDB_CID \ + { /* fb0bbc5c-452e-4783-b32c-80124693d871 */ \ + 0xfb0bbc5c, 0x452e, 0x4783, { \ + 0xb3, 0x2c, 0x80, 0x12, 0x46, 0x93, 0xd8, 0x71 \ + } \ + } + +SECStatus ChangeCertTrustWithPossibleAuthentication( + const mozilla::UniqueCERTCertificate& cert, CERTCertTrust& trust, + void* ctx); + +#endif // nsNSSCertificateDB_h |