tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

nsNSSCertificateDB.h (2575B)

      1 /* This Source Code Form is subject to the terms of the Mozilla Public
      2 * License, v. 2.0. If a copy of the MPL was not distributed with this
      3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
      4 
      5 #ifndef nsNSSCertificateDB_h
      6 #define nsNSSCertificateDB_h
      7 
      8 #include "ScopedNSSTypes.h"
      9 #include "certt.h"
     10 #include "mozilla/Mutex.h"
     11 #include "mozilla/NotNull.h"
     12 #include "mozilla/RefPtr.h"
     13 #include "nsIX509CertDB.h"
     14 #include "nsString.h"
     15 
     16 class nsIArray;
     17 
     18 class nsNSSCertificateDB final : public nsIX509CertDB
     19 
     20 {
     21 public:
     22  NS_DECL_THREADSAFE_ISUPPORTS
     23  NS_DECL_NSIX509CERTDB
     24 
     25  // This is a separate static method so nsNSSComponent can use it during NSS
     26  // initialization. Other code should probably not use it.
     27  static nsresult FindCertByDBKey(const nsACString& aDBKey,
     28                                  mozilla::UniqueCERTCertificate& cert);
     29 
     30  static nsresult ConstructCertArrayFromUniqueCertList(
     31      const mozilla::UniqueCERTCertList& aCertListIn,
     32      nsTArray<RefPtr<nsIX509Cert>>& aCertListOut);
     33 
     34 protected:
     35  ~nsNSSCertificateDB() = default;
     36 
     37 private:
     38  // Use this function to generate a default nickname for a user
     39  // certificate that is to be imported onto a token.
     40  static void get_default_nickname(CERTCertificate* cert,
     41                                   nsIInterfaceRequestor* ctx,
     42                                   nsCString& nickname);
     43 
     44  static nsresult ImportCACerts(nsTArray<nsTArray<uint8_t>>& CACerts,
     45                                nsIInterfaceRequestor* ctx);
     46 
     47  static void DisplayCertificateAlert(nsIInterfaceRequestor* ctx,
     48                                      const char* stringID,
     49                                      nsIX509Cert* certToShow);
     50 
     51  nsresult getCertsFromPackage(nsTArray<nsTArray<uint8_t>>& collectArgs,
     52                               uint8_t* data, uint32_t length);
     53  nsresult handleCACertDownload(mozilla::NotNull<nsIArray*> x509Certs,
     54                                nsIInterfaceRequestor* ctx);
     55  nsresult ConstructX509FromSpan(const mozilla::Span<const uint8_t> aInputSpan,
     56                                 nsIX509Cert** _retval);
     57 };
     58 
     59 #define NS_X509CERTDB_CID                     \
     60  {/* fb0bbc5c-452e-4783-b32c-80124693d871 */ \
     61   0xfb0bbc5c,                                \
     62   0x452e,                                    \
     63   0x4783,                                    \
     64   {0xb3, 0x2c, 0x80, 0x12, 0x46, 0x93, 0xd8, 0x71}}
     65 
     66 SECStatus ChangeCertTrustWithPossibleAuthentication(
     67    const mozilla::UniqueCERTCertificate& cert, CERTCertTrust& trust,
     68    void* ctx);
     69 
     70 #endif  // nsNSSCertificateDB_h