diff options
Diffstat (limited to 'smime/lib/e-cert-trust.c')
-rw-r--r-- | smime/lib/e-cert-trust.c | 418 |
1 files changed, 0 insertions, 418 deletions
diff --git a/smime/lib/e-cert-trust.c b/smime/lib/e-cert-trust.c deleted file mode 100644 index 7386a88963..0000000000 --- a/smime/lib/e-cert-trust.c +++ /dev/null @@ -1,418 +0,0 @@ -/* -*- Mode: C; tab-width: 8; indent-tabs-mode: t; c-basic-offset: 8 -*- */ -/* - * Authors: Chris Toshok <toshok@ximian.com> - * - * Copyright (C) 2003 Novell, Inc. (www.novell.com) - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Street #330, Boston, MA 02111-1307, USA. - * - */ - -/* this code is pretty much cut&pasted and renamed from mozilla. - here's their copyright/blurb */ - -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * Ian McGreer <mcgreer@netscape.com> - * Javier Delgadillo <javi@netscape.com> - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - * - */ - -#include "e-cert-trust.h" - -void -e_cert_trust_init (CERTCertTrust *trust) -{ - memset(trust, 0, sizeof(CERTCertTrust)); -} - -void -e_cert_trust_init_with_values (CERTCertTrust *trust, - unsigned int ssl, - unsigned int email, - unsigned int objsign) -{ - memset(trust, 0, sizeof(CERTCertTrust)); - e_cert_trust_add_trust(&trust->sslFlags, ssl); - e_cert_trust_add_trust(&trust->emailFlags, email); - e_cert_trust_add_trust(&trust->objectSigningFlags, objsign); -} - -void -e_cert_trust_copy (CERTCertTrust *trust, CERTCertTrust *t) -{ - if (t) - memcpy(trust, t, sizeof(CERTCertTrust)); - else - memset(trust, 0, sizeof(CERTCertTrust)); -} - -void -e_cert_trust_add_ca_trust (CERTCertTrust *trust, PRBool ssl, PRBool email, PRBool objSign) -{ - if (ssl) { - e_cert_trust_add_trust(&trust->sslFlags, CERTDB_TRUSTED_CA); - e_cert_trust_add_trust(&trust->sslFlags, CERTDB_TRUSTED_CLIENT_CA); - } - if (email) { - e_cert_trust_add_trust(&trust->emailFlags, CERTDB_TRUSTED_CA); - e_cert_trust_add_trust(&trust->emailFlags, CERTDB_TRUSTED_CLIENT_CA); - } - if (objSign) { - e_cert_trust_add_trust(&trust->objectSigningFlags, CERTDB_TRUSTED_CA); - e_cert_trust_add_trust(&trust->objectSigningFlags, CERTDB_TRUSTED_CLIENT_CA); - } -} - -void -e_cert_trust_add_peer_trust (CERTCertTrust *trust, PRBool ssl, PRBool email, PRBool objSign) -{ - if (ssl) - e_cert_trust_add_trust(&trust->sslFlags, CERTDB_TRUSTED); - if (email) - e_cert_trust_add_trust(&trust->emailFlags, CERTDB_TRUSTED); - if (objSign) - e_cert_trust_add_trust(&trust->objectSigningFlags, CERTDB_TRUSTED); -} - -void -e_cert_trust_set_ssl_trust (CERTCertTrust *trust, - PRBool peer, PRBool tPeer, - PRBool ca, PRBool tCA, PRBool tClientCA, - PRBool user, PRBool warn) -{ - trust->sslFlags = 0; - if (peer || tPeer) - e_cert_trust_add_trust(&trust->sslFlags, CERTDB_VALID_PEER); - if (tPeer) - e_cert_trust_add_trust(&trust->sslFlags, CERTDB_TRUSTED); - if (ca || tCA) - e_cert_trust_add_trust(&trust->sslFlags, CERTDB_VALID_CA); - if (tClientCA) - e_cert_trust_add_trust(&trust->sslFlags, CERTDB_TRUSTED_CLIENT_CA); - if (tCA) - e_cert_trust_add_trust(&trust->sslFlags, CERTDB_TRUSTED_CA); - if (user) - e_cert_trust_add_trust(&trust->sslFlags, CERTDB_USER); - if (warn) - e_cert_trust_add_trust(&trust->sslFlags, CERTDB_SEND_WARN); -} - -void -e_cert_trust_set_email_trust (CERTCertTrust *trust, - PRBool peer, PRBool tPeer, - PRBool ca, PRBool tCA, PRBool tClientCA, - PRBool user, PRBool warn) -{ - trust->emailFlags = 0; - if (peer || tPeer) - e_cert_trust_add_trust(&trust->emailFlags, CERTDB_VALID_PEER); - if (tPeer) - e_cert_trust_add_trust(&trust->emailFlags, CERTDB_TRUSTED); - if (ca || tCA) - e_cert_trust_add_trust(&trust->emailFlags, CERTDB_VALID_CA); - if (tClientCA) - e_cert_trust_add_trust(&trust->emailFlags, CERTDB_TRUSTED_CLIENT_CA); - if (tCA) - e_cert_trust_add_trust(&trust->emailFlags, CERTDB_TRUSTED_CA); - if (user) - e_cert_trust_add_trust(&trust->emailFlags, CERTDB_USER); - if (warn) - e_cert_trust_add_trust(&trust->emailFlags, CERTDB_SEND_WARN); -} - -void -e_cert_trust_set_objsign_trust (CERTCertTrust *trust, - PRBool peer, PRBool tPeer, - PRBool ca, PRBool tCA, PRBool tClientCA, - PRBool user, PRBool warn) -{ - trust->objectSigningFlags = 0; - if (peer || tPeer) - e_cert_trust_add_trust(&trust->objectSigningFlags, CERTDB_VALID_PEER); - if (tPeer) - e_cert_trust_add_trust(&trust->objectSigningFlags, CERTDB_TRUSTED); - if (ca || tCA) - e_cert_trust_add_trust(&trust->objectSigningFlags, CERTDB_VALID_CA); - if (tClientCA) - e_cert_trust_add_trust(&trust->objectSigningFlags, CERTDB_TRUSTED_CLIENT_CA); - if (tCA) - e_cert_trust_add_trust(&trust->objectSigningFlags, CERTDB_TRUSTED_CA); - if (user) - e_cert_trust_add_trust(&trust->objectSigningFlags, CERTDB_USER); - if (warn) - e_cert_trust_add_trust(&trust->objectSigningFlags, CERTDB_SEND_WARN); -} - -void -e_cert_trust_set_valid_ca (CERTCertTrust *trust) -{ - e_cert_trust_set_ssl_trust (trust, - PR_FALSE, PR_FALSE, - PR_TRUE, PR_FALSE, PR_FALSE, - PR_FALSE, PR_FALSE); - e_cert_trust_set_email_trust (trust, - PR_FALSE, PR_FALSE, - PR_TRUE, PR_FALSE, PR_FALSE, - PR_FALSE, PR_FALSE); - e_cert_trust_set_objsign_trust (trust, - PR_FALSE, PR_FALSE, - PR_TRUE, PR_FALSE, PR_FALSE, - PR_FALSE, PR_FALSE); -} - -void -e_cert_trust_set_trusted_server_ca (CERTCertTrust *trust) -{ - e_cert_trust_set_ssl_trust (trust, - PR_FALSE, PR_FALSE, - PR_TRUE, PR_TRUE, PR_FALSE, - PR_FALSE, PR_FALSE); - e_cert_trust_set_email_trust (trust, - PR_FALSE, PR_FALSE, - PR_TRUE, PR_TRUE, PR_FALSE, - PR_FALSE, PR_FALSE); - e_cert_trust_set_objsign_trust (trust, - PR_FALSE, PR_FALSE, - PR_TRUE, PR_TRUE, PR_FALSE, - PR_FALSE, PR_FALSE); -} - -void -e_cert_trust_set_trusted_ca (CERTCertTrust *trust) -{ - e_cert_trust_set_ssl_trust (trust, - PR_FALSE, PR_FALSE, - PR_TRUE, PR_TRUE, PR_TRUE, - PR_FALSE, PR_FALSE); - e_cert_trust_set_email_trust (trust, - PR_FALSE, PR_FALSE, - PR_TRUE, PR_TRUE, PR_TRUE, - PR_FALSE, PR_FALSE); - e_cert_trust_set_objsign_trust (trust, - PR_FALSE, PR_FALSE, - PR_TRUE, PR_TRUE, PR_TRUE, - PR_FALSE, PR_FALSE); -} - -void -e_cert_trust_set_valid_peer (CERTCertTrust *trust) -{ - e_cert_trust_set_ssl_trust (trust, - PR_TRUE, PR_FALSE, - PR_FALSE, PR_FALSE, PR_FALSE, - PR_FALSE, PR_FALSE); - e_cert_trust_set_email_trust (trust, - PR_TRUE, PR_FALSE, - PR_FALSE, PR_FALSE, PR_FALSE, - PR_FALSE, PR_FALSE); - e_cert_trust_set_objsign_trust (trust, - PR_TRUE, PR_FALSE, - PR_FALSE, PR_FALSE, PR_FALSE, - PR_FALSE, PR_FALSE); -} - -void -e_cert_trust_set_valid_server_peer (CERTCertTrust *trust) -{ - e_cert_trust_set_ssl_trust (trust, - PR_TRUE, PR_FALSE, - PR_FALSE, PR_FALSE, PR_FALSE, - PR_FALSE, PR_FALSE); - e_cert_trust_set_email_trust (trust, - PR_FALSE, PR_FALSE, - PR_FALSE, PR_FALSE, PR_FALSE, - PR_FALSE, PR_FALSE); - e_cert_trust_set_objsign_trust (trust, - PR_FALSE, PR_FALSE, - PR_FALSE, PR_FALSE, PR_FALSE, - PR_FALSE, PR_FALSE); -} - -void -e_cert_trust_set_trusted_peer (CERTCertTrust *trust) -{ - e_cert_trust_set_ssl_trust (trust, - PR_TRUE, PR_TRUE, - PR_FALSE, PR_FALSE, PR_FALSE, - PR_FALSE, PR_FALSE); - e_cert_trust_set_email_trust (trust, - PR_TRUE, PR_TRUE, - PR_FALSE, PR_FALSE, PR_FALSE, - PR_FALSE, PR_FALSE); - e_cert_trust_set_objsign_trust (trust, - PR_TRUE, PR_TRUE, - PR_FALSE, PR_FALSE, PR_FALSE, - PR_FALSE, PR_FALSE); -} - -void -e_cert_trust_set_user (CERTCertTrust *trust) -{ - e_cert_trust_set_ssl_trust (trust, - PR_FALSE, PR_FALSE, - PR_FALSE, PR_FALSE, PR_FALSE, - PR_TRUE, PR_FALSE); - e_cert_trust_set_email_trust (trust, - PR_FALSE, PR_FALSE, - PR_FALSE, PR_FALSE, PR_FALSE, - PR_TRUE, PR_FALSE); - e_cert_trust_set_objsign_trust (trust, - PR_FALSE, PR_FALSE, - PR_FALSE, PR_FALSE, PR_FALSE, - PR_TRUE, PR_FALSE); -} - -PRBool -e_cert_trust_has_any_ca (CERTCertTrust *trust) -{ - if (e_cert_trust_has_trust(trust->sslFlags, CERTDB_VALID_CA) || - e_cert_trust_has_trust(trust->emailFlags, CERTDB_VALID_CA) || - e_cert_trust_has_trust(trust->objectSigningFlags, CERTDB_VALID_CA)) - return PR_TRUE; - return PR_FALSE; -} - -PRBool -e_cert_trust_has_ca (CERTCertTrust *trust, - PRBool checkSSL, - PRBool checkEmail, - PRBool checkObjSign) -{ - if (checkSSL && !e_cert_trust_has_trust(trust->sslFlags, CERTDB_VALID_CA)) - return PR_FALSE; - if (checkEmail && !e_cert_trust_has_trust(trust->emailFlags, CERTDB_VALID_CA)) - return PR_FALSE; - if (checkObjSign && !e_cert_trust_has_trust(trust->objectSigningFlags, CERTDB_VALID_CA)) - return PR_FALSE; - return PR_TRUE; -} - -PRBool -e_cert_trust_has_peer (CERTCertTrust *trust, - PRBool checkSSL, - PRBool checkEmail, - PRBool checkObjSign) -{ - if (checkSSL && !e_cert_trust_has_trust(trust->sslFlags, CERTDB_VALID_PEER)) - return PR_FALSE; - if (checkEmail && !e_cert_trust_has_trust(trust->emailFlags, CERTDB_VALID_PEER)) - return PR_FALSE; - if (checkObjSign && !e_cert_trust_has_trust(trust->objectSigningFlags, CERTDB_VALID_PEER)) - return PR_FALSE; - return PR_TRUE; -} - -PRBool -e_cert_trust_has_any_user (CERTCertTrust *trust) -{ - if (e_cert_trust_has_trust(trust->sslFlags, CERTDB_USER) || - e_cert_trust_has_trust(trust->emailFlags, CERTDB_USER) || - e_cert_trust_has_trust(trust->objectSigningFlags, CERTDB_USER)) - return PR_TRUE; - return PR_FALSE; -} - -PRBool -e_cert_trust_has_user (CERTCertTrust *trust, - PRBool checkSSL, - PRBool checkEmail, - PRBool checkObjSign) -{ - if (checkSSL && !e_cert_trust_has_trust(trust->sslFlags, CERTDB_USER)) - return PR_FALSE; - if (checkEmail && !e_cert_trust_has_trust(trust->emailFlags, CERTDB_USER)) - return PR_FALSE; - if (checkObjSign && !e_cert_trust_has_trust(trust->objectSigningFlags, CERTDB_USER)) - return PR_FALSE; - return PR_TRUE; -} - -PRBool -e_cert_trust_has_trusted_ca (CERTCertTrust *trust, - PRBool checkSSL, - PRBool checkEmail, - PRBool checkObjSign) -{ - if (checkSSL && !(e_cert_trust_has_trust(trust->sslFlags, CERTDB_TRUSTED_CA) || - e_cert_trust_has_trust(trust->sslFlags, CERTDB_TRUSTED_CLIENT_CA))) - return PR_FALSE; - if (checkEmail && !(e_cert_trust_has_trust(trust->emailFlags, CERTDB_TRUSTED_CA) || - e_cert_trust_has_trust(trust->emailFlags, CERTDB_TRUSTED_CLIENT_CA))) - return PR_FALSE; - if (checkObjSign && - !(e_cert_trust_has_trust(trust->objectSigningFlags, CERTDB_TRUSTED_CA) || - e_cert_trust_has_trust(trust->objectSigningFlags, CERTDB_TRUSTED_CLIENT_CA))) - return PR_FALSE; - return PR_TRUE; -} - -PRBool -e_cert_trust_has_trusted_peer (CERTCertTrust *trust, - PRBool checkSSL, - PRBool checkEmail, - PRBool checkObjSign) -{ - if (checkSSL && !(e_cert_trust_has_trust(trust->sslFlags, CERTDB_TRUSTED))) - return PR_FALSE; - if (checkEmail && !(e_cert_trust_has_trust(trust->emailFlags, CERTDB_TRUSTED))) - return PR_FALSE; - if (checkObjSign && - !(e_cert_trust_has_trust(trust->objectSigningFlags, CERTDB_TRUSTED))) - return PR_FALSE; - return PR_TRUE; -} - -void -e_cert_trust_add_trust (unsigned int *t, unsigned int v) -{ - *t |= v; -} - -PRBool -e_cert_trust_has_trust (unsigned int t, unsigned int v) -{ - return (t & v); -} - |