diff options
Diffstat (limited to 'smime/lib/e-cert-trust.c')
-rw-r--r-- | smime/lib/e-cert-trust.c | 529 |
1 files changed, 291 insertions, 238 deletions
diff --git a/smime/lib/e-cert-trust.c b/smime/lib/e-cert-trust.c index 8a8329c7f8..cec7e06041 100644 --- a/smime/lib/e-cert-trust.c +++ b/smime/lib/e-cert-trust.c @@ -48,355 +48,408 @@ void e_cert_trust_init (CERTCertTrust *trust) { - memset(trust, 0, sizeof(CERTCertTrust)); + memset(trust, 0, sizeof(CERTCertTrust)); } void e_cert_trust_init_with_values (CERTCertTrust *trust, - guint ssl, - guint email, - guint objsign) + guint ssl, + guint email, + guint objsign) { - memset(trust, 0, sizeof(CERTCertTrust)); - e_cert_trust_add_trust(&trust->sslFlags, ssl); - e_cert_trust_add_trust(&trust->emailFlags, email); - e_cert_trust_add_trust(&trust->objectSigningFlags, objsign); + memset(trust, 0, sizeof(CERTCertTrust)); + e_cert_trust_add_trust(&trust->sslFlags, ssl); + e_cert_trust_add_trust(&trust->emailFlags, email); + e_cert_trust_add_trust(&trust->objectSigningFlags, objsign); } void -e_cert_trust_copy (CERTCertTrust *trust, CERTCertTrust *t) +e_cert_trust_copy (CERTCertTrust *trust, + CERTCertTrust *t) { - if (t) - memcpy(trust, t, sizeof(CERTCertTrust)); - else - memset(trust, 0, sizeof(CERTCertTrust)); + if (t) + memcpy(trust, t, sizeof(CERTCertTrust)); + else + memset(trust, 0, sizeof(CERTCertTrust)); } void -e_cert_trust_add_ca_trust (CERTCertTrust *trust, PRBool ssl, PRBool email, PRBool objSign) +e_cert_trust_add_ca_trust (CERTCertTrust *trust, + PRBool ssl, + PRBool email, + PRBool objSign) { - if (ssl) { - e_cert_trust_add_trust(&trust->sslFlags, CERTDB_TRUSTED_CA); - e_cert_trust_add_trust(&trust->sslFlags, CERTDB_TRUSTED_CLIENT_CA); - } - if (email) { - e_cert_trust_add_trust(&trust->emailFlags, CERTDB_TRUSTED_CA); - e_cert_trust_add_trust(&trust->emailFlags, CERTDB_TRUSTED_CLIENT_CA); - } - if (objSign) { - e_cert_trust_add_trust(&trust->objectSigningFlags, CERTDB_TRUSTED_CA); - e_cert_trust_add_trust(&trust->objectSigningFlags, CERTDB_TRUSTED_CLIENT_CA); - } + if (ssl) { + e_cert_trust_add_trust ( + &trust->sslFlags, CERTDB_TRUSTED_CA); + e_cert_trust_add_trust ( + &trust->sslFlags, CERTDB_TRUSTED_CLIENT_CA); + } + + if (email) { + e_cert_trust_add_trust ( + &trust->emailFlags, CERTDB_TRUSTED_CA); + e_cert_trust_add_trust ( + &trust->emailFlags, CERTDB_TRUSTED_CLIENT_CA); + } + + if (objSign) { + e_cert_trust_add_trust ( + &trust->objectSigningFlags, CERTDB_TRUSTED_CA); + e_cert_trust_add_trust ( + &trust->objectSigningFlags, CERTDB_TRUSTED_CLIENT_CA); + } } void -e_cert_trust_add_peer_trust (CERTCertTrust *trust, PRBool ssl, PRBool email, PRBool objSign) +e_cert_trust_add_peer_trust (CERTCertTrust *trust, + PRBool ssl, + PRBool email, + PRBool objSign) { - if (ssl) - e_cert_trust_add_trust(&trust->sslFlags, CERTDB_TRUSTED); - if (email) - e_cert_trust_add_trust(&trust->emailFlags, CERTDB_TRUSTED); - if (objSign) - e_cert_trust_add_trust(&trust->objectSigningFlags, CERTDB_TRUSTED); + if (ssl) + e_cert_trust_add_trust(&trust->sslFlags, CERTDB_TRUSTED); + if (email) + e_cert_trust_add_trust(&trust->emailFlags, CERTDB_TRUSTED); + if (objSign) + e_cert_trust_add_trust(&trust->objectSigningFlags, CERTDB_TRUSTED); } void e_cert_trust_set_ssl_trust (CERTCertTrust *trust, - PRBool peer, PRBool tPeer, - PRBool ca, PRBool tCA, PRBool tClientCA, - PRBool user, PRBool warn) + PRBool peer, + PRBool tPeer, + PRBool ca, + PRBool tCA, + PRBool tClientCA, + PRBool user, + PRBool warn) { - trust->sslFlags = 0; - if (peer || tPeer) - e_cert_trust_add_trust(&trust->sslFlags, CERTDB_VALID_PEER); - if (tPeer) - e_cert_trust_add_trust(&trust->sslFlags, CERTDB_TRUSTED); - if (ca || tCA) - e_cert_trust_add_trust(&trust->sslFlags, CERTDB_VALID_CA); - if (tClientCA) - e_cert_trust_add_trust(&trust->sslFlags, CERTDB_TRUSTED_CLIENT_CA); - if (tCA) - e_cert_trust_add_trust(&trust->sslFlags, CERTDB_TRUSTED_CA); - if (user) - e_cert_trust_add_trust(&trust->sslFlags, CERTDB_USER); - if (warn) - e_cert_trust_add_trust(&trust->sslFlags, CERTDB_SEND_WARN); + trust->sslFlags = 0; + if (peer || tPeer) + e_cert_trust_add_trust(&trust->sslFlags, CERTDB_VALID_PEER); + if (tPeer) + e_cert_trust_add_trust(&trust->sslFlags, CERTDB_TRUSTED); + if (ca || tCA) + e_cert_trust_add_trust(&trust->sslFlags, CERTDB_VALID_CA); + if (tClientCA) + e_cert_trust_add_trust(&trust->sslFlags, CERTDB_TRUSTED_CLIENT_CA); + if (tCA) + e_cert_trust_add_trust(&trust->sslFlags, CERTDB_TRUSTED_CA); + if (user) + e_cert_trust_add_trust(&trust->sslFlags, CERTDB_USER); + if (warn) + e_cert_trust_add_trust(&trust->sslFlags, CERTDB_SEND_WARN); } void e_cert_trust_set_email_trust (CERTCertTrust *trust, - PRBool peer, PRBool tPeer, - PRBool ca, PRBool tCA, PRBool tClientCA, - PRBool user, PRBool warn) + PRBool peer, + PRBool tPeer, + PRBool ca, + PRBool tCA, + PRBool tClientCA, + PRBool user, + PRBool warn) { - trust->emailFlags = 0; - if (peer || tPeer) - e_cert_trust_add_trust(&trust->emailFlags, CERTDB_VALID_PEER); - if (tPeer) - e_cert_trust_add_trust(&trust->emailFlags, CERTDB_TRUSTED); - if (ca || tCA) - e_cert_trust_add_trust(&trust->emailFlags, CERTDB_VALID_CA); - if (tClientCA) - e_cert_trust_add_trust(&trust->emailFlags, CERTDB_TRUSTED_CLIENT_CA); - if (tCA) - e_cert_trust_add_trust(&trust->emailFlags, CERTDB_TRUSTED_CA); - if (user) - e_cert_trust_add_trust(&trust->emailFlags, CERTDB_USER); - if (warn) - e_cert_trust_add_trust(&trust->emailFlags, CERTDB_SEND_WARN); + trust->emailFlags = 0; + if (peer || tPeer) + e_cert_trust_add_trust(&trust->emailFlags, CERTDB_VALID_PEER); + if (tPeer) + e_cert_trust_add_trust(&trust->emailFlags, CERTDB_TRUSTED); + if (ca || tCA) + e_cert_trust_add_trust(&trust->emailFlags, CERTDB_VALID_CA); + if (tClientCA) + e_cert_trust_add_trust(&trust->emailFlags, CERTDB_TRUSTED_CLIENT_CA); + if (tCA) + e_cert_trust_add_trust(&trust->emailFlags, CERTDB_TRUSTED_CA); + if (user) + e_cert_trust_add_trust(&trust->emailFlags, CERTDB_USER); + if (warn) + e_cert_trust_add_trust(&trust->emailFlags, CERTDB_SEND_WARN); } void e_cert_trust_set_objsign_trust (CERTCertTrust *trust, - PRBool peer, PRBool tPeer, - PRBool ca, PRBool tCA, PRBool tClientCA, - PRBool user, PRBool warn) + PRBool peer, + PRBool tPeer, + PRBool ca, + PRBool tCA, + PRBool tClientCA, + PRBool user, + PRBool warn) { - trust->objectSigningFlags = 0; - if (peer || tPeer) - e_cert_trust_add_trust(&trust->objectSigningFlags, CERTDB_VALID_PEER); - if (tPeer) - e_cert_trust_add_trust(&trust->objectSigningFlags, CERTDB_TRUSTED); - if (ca || tCA) - e_cert_trust_add_trust(&trust->objectSigningFlags, CERTDB_VALID_CA); - if (tClientCA) - e_cert_trust_add_trust(&trust->objectSigningFlags, CERTDB_TRUSTED_CLIENT_CA); - if (tCA) - e_cert_trust_add_trust(&trust->objectSigningFlags, CERTDB_TRUSTED_CA); - if (user) - e_cert_trust_add_trust(&trust->objectSigningFlags, CERTDB_USER); - if (warn) - e_cert_trust_add_trust(&trust->objectSigningFlags, CERTDB_SEND_WARN); + trust->objectSigningFlags = 0; + if (peer || tPeer) + e_cert_trust_add_trust(&trust->objectSigningFlags, CERTDB_VALID_PEER); + if (tPeer) + e_cert_trust_add_trust(&trust->objectSigningFlags, CERTDB_TRUSTED); + if (ca || tCA) + e_cert_trust_add_trust(&trust->objectSigningFlags, CERTDB_VALID_CA); + if (tClientCA) + e_cert_trust_add_trust(&trust->objectSigningFlags, CERTDB_TRUSTED_CLIENT_CA); + if (tCA) + e_cert_trust_add_trust(&trust->objectSigningFlags, CERTDB_TRUSTED_CA); + if (user) + e_cert_trust_add_trust(&trust->objectSigningFlags, CERTDB_USER); + if (warn) + e_cert_trust_add_trust(&trust->objectSigningFlags, CERTDB_SEND_WARN); } void e_cert_trust_set_valid_ca (CERTCertTrust *trust) { - e_cert_trust_set_ssl_trust (trust, - PR_FALSE, PR_FALSE, - PR_TRUE, PR_FALSE, PR_FALSE, - PR_FALSE, PR_FALSE); - e_cert_trust_set_email_trust (trust, - PR_FALSE, PR_FALSE, - PR_TRUE, PR_FALSE, PR_FALSE, - PR_FALSE, PR_FALSE); - e_cert_trust_set_objsign_trust (trust, - PR_FALSE, PR_FALSE, - PR_TRUE, PR_FALSE, PR_FALSE, - PR_FALSE, PR_FALSE); + e_cert_trust_set_ssl_trust ( + trust, PR_FALSE, PR_FALSE, PR_TRUE, + PR_FALSE, PR_FALSE, PR_FALSE, PR_FALSE); + + e_cert_trust_set_email_trust ( + trust, PR_FALSE, PR_FALSE, PR_TRUE, + PR_FALSE, PR_FALSE, PR_FALSE, PR_FALSE); + + e_cert_trust_set_objsign_trust ( + trust, PR_FALSE, PR_FALSE, PR_TRUE, + PR_FALSE, PR_FALSE, PR_FALSE, PR_FALSE); } void e_cert_trust_set_trusted_server_ca (CERTCertTrust *trust) { - e_cert_trust_set_ssl_trust (trust, - PR_FALSE, PR_FALSE, - PR_TRUE, PR_TRUE, PR_FALSE, - PR_FALSE, PR_FALSE); - e_cert_trust_set_email_trust (trust, - PR_FALSE, PR_FALSE, - PR_TRUE, PR_TRUE, PR_FALSE, - PR_FALSE, PR_FALSE); - e_cert_trust_set_objsign_trust (trust, - PR_FALSE, PR_FALSE, - PR_TRUE, PR_TRUE, PR_FALSE, - PR_FALSE, PR_FALSE); + e_cert_trust_set_ssl_trust ( + trust, PR_FALSE, PR_FALSE, PR_TRUE, + PR_TRUE, PR_FALSE, PR_FALSE, PR_FALSE); + + e_cert_trust_set_email_trust ( + trust, PR_FALSE, PR_FALSE, PR_TRUE, + PR_TRUE, PR_FALSE, PR_FALSE, PR_FALSE); + + e_cert_trust_set_objsign_trust ( + trust, PR_FALSE, PR_FALSE, PR_TRUE, + PR_TRUE, PR_FALSE, PR_FALSE, PR_FALSE); } void e_cert_trust_set_trusted_ca (CERTCertTrust *trust) { - e_cert_trust_set_ssl_trust (trust, - PR_FALSE, PR_FALSE, - PR_TRUE, PR_TRUE, PR_TRUE, - PR_FALSE, PR_FALSE); - e_cert_trust_set_email_trust (trust, - PR_FALSE, PR_FALSE, - PR_TRUE, PR_TRUE, PR_TRUE, - PR_FALSE, PR_FALSE); - e_cert_trust_set_objsign_trust (trust, - PR_FALSE, PR_FALSE, - PR_TRUE, PR_TRUE, PR_TRUE, - PR_FALSE, PR_FALSE); + e_cert_trust_set_ssl_trust ( + trust, PR_FALSE, PR_FALSE, PR_TRUE, + PR_TRUE, PR_TRUE, PR_FALSE, PR_FALSE); + + e_cert_trust_set_email_trust ( + trust, PR_FALSE, PR_FALSE, PR_TRUE, + PR_TRUE, PR_TRUE, PR_FALSE, PR_FALSE); + + e_cert_trust_set_objsign_trust ( + trust, PR_FALSE, PR_FALSE, PR_TRUE, + PR_TRUE, PR_TRUE, PR_FALSE, PR_FALSE); } void e_cert_trust_set_valid_peer (CERTCertTrust *trust) { - e_cert_trust_set_ssl_trust (trust, - PR_TRUE, PR_FALSE, - PR_FALSE, PR_FALSE, PR_FALSE, - PR_FALSE, PR_FALSE); - e_cert_trust_set_email_trust (trust, - PR_TRUE, PR_FALSE, - PR_FALSE, PR_FALSE, PR_FALSE, - PR_FALSE, PR_FALSE); - e_cert_trust_set_objsign_trust (trust, - PR_TRUE, PR_FALSE, - PR_FALSE, PR_FALSE, PR_FALSE, - PR_FALSE, PR_FALSE); + e_cert_trust_set_ssl_trust ( + trust, PR_TRUE, PR_FALSE, PR_FALSE, + PR_FALSE, PR_FALSE, PR_FALSE, PR_FALSE); + + e_cert_trust_set_email_trust ( + trust, PR_TRUE, PR_FALSE, PR_FALSE, + PR_FALSE, PR_FALSE, PR_FALSE, PR_FALSE); + + e_cert_trust_set_objsign_trust ( + trust, PR_TRUE, PR_FALSE, PR_FALSE, + PR_FALSE, PR_FALSE, PR_FALSE, PR_FALSE); } void e_cert_trust_set_valid_server_peer (CERTCertTrust *trust) { - e_cert_trust_set_ssl_trust (trust, - PR_TRUE, PR_FALSE, - PR_FALSE, PR_FALSE, PR_FALSE, - PR_FALSE, PR_FALSE); - e_cert_trust_set_email_trust (trust, - PR_FALSE, PR_FALSE, - PR_FALSE, PR_FALSE, PR_FALSE, - PR_FALSE, PR_FALSE); - e_cert_trust_set_objsign_trust (trust, - PR_FALSE, PR_FALSE, - PR_FALSE, PR_FALSE, PR_FALSE, - PR_FALSE, PR_FALSE); + e_cert_trust_set_ssl_trust ( + trust, PR_TRUE, PR_FALSE, PR_FALSE, + PR_FALSE, PR_FALSE, PR_FALSE, PR_FALSE); + + e_cert_trust_set_email_trust ( + trust, PR_FALSE, PR_FALSE, PR_FALSE, + PR_FALSE, PR_FALSE, PR_FALSE, PR_FALSE); + + e_cert_trust_set_objsign_trust ( + trust, PR_FALSE, PR_FALSE, PR_FALSE, + PR_FALSE, PR_FALSE, PR_FALSE, PR_FALSE); } void e_cert_trust_set_trusted_peer (CERTCertTrust *trust) { - e_cert_trust_set_ssl_trust (trust, - PR_TRUE, PR_TRUE, - PR_FALSE, PR_FALSE, PR_FALSE, - PR_FALSE, PR_FALSE); - e_cert_trust_set_email_trust (trust, - PR_TRUE, PR_TRUE, - PR_FALSE, PR_FALSE, PR_FALSE, - PR_FALSE, PR_FALSE); - e_cert_trust_set_objsign_trust (trust, - PR_TRUE, PR_TRUE, - PR_FALSE, PR_FALSE, PR_FALSE, - PR_FALSE, PR_FALSE); + e_cert_trust_set_ssl_trust ( + trust, PR_TRUE, PR_TRUE, PR_FALSE, + PR_FALSE, PR_FALSE, PR_FALSE, PR_FALSE); + + e_cert_trust_set_email_trust ( + trust, PR_TRUE, PR_TRUE, PR_FALSE, + PR_FALSE, PR_FALSE, PR_FALSE, PR_FALSE); + + e_cert_trust_set_objsign_trust ( + trust, PR_TRUE, PR_TRUE, PR_FALSE, + PR_FALSE, PR_FALSE, PR_FALSE, PR_FALSE); } void e_cert_trust_set_user (CERTCertTrust *trust) { - e_cert_trust_set_ssl_trust (trust, - PR_FALSE, PR_FALSE, - PR_FALSE, PR_FALSE, PR_FALSE, - PR_TRUE, PR_FALSE); - e_cert_trust_set_email_trust (trust, - PR_FALSE, PR_FALSE, - PR_FALSE, PR_FALSE, PR_FALSE, - PR_TRUE, PR_FALSE); - e_cert_trust_set_objsign_trust (trust, - PR_FALSE, PR_FALSE, - PR_FALSE, PR_FALSE, PR_FALSE, - PR_TRUE, PR_FALSE); + e_cert_trust_set_ssl_trust ( + trust, PR_FALSE, PR_FALSE, PR_FALSE, + PR_FALSE, PR_FALSE, PR_TRUE, PR_FALSE); + + e_cert_trust_set_email_trust ( + trust, PR_FALSE, PR_FALSE, PR_FALSE, + PR_FALSE, PR_FALSE, PR_TRUE, PR_FALSE); + + e_cert_trust_set_objsign_trust ( + trust, PR_FALSE, PR_FALSE, PR_FALSE, + PR_FALSE, PR_FALSE, PR_TRUE, PR_FALSE); } PRBool e_cert_trust_has_any_ca (CERTCertTrust *trust) { - if (e_cert_trust_has_trust(trust->sslFlags, CERTDB_VALID_CA) || - e_cert_trust_has_trust(trust->emailFlags, CERTDB_VALID_CA) || - e_cert_trust_has_trust(trust->objectSigningFlags, CERTDB_VALID_CA)) - return PR_TRUE; - return PR_FALSE; + if (e_cert_trust_has_trust(trust->sslFlags, CERTDB_VALID_CA) || + e_cert_trust_has_trust(trust->emailFlags, CERTDB_VALID_CA) || + e_cert_trust_has_trust(trust->objectSigningFlags, CERTDB_VALID_CA)) + return PR_TRUE; + + return PR_FALSE; } PRBool e_cert_trust_has_ca (CERTCertTrust *trust, - PRBool checkSSL, - PRBool checkEmail, - PRBool checkObjSign) + PRBool checkSSL, + PRBool checkEmail, + PRBool checkObjSign) { - if (checkSSL && !e_cert_trust_has_trust(trust->sslFlags, CERTDB_VALID_CA)) - return PR_FALSE; - if (checkEmail && !e_cert_trust_has_trust(trust->emailFlags, CERTDB_VALID_CA)) - return PR_FALSE; - if (checkObjSign && !e_cert_trust_has_trust(trust->objectSigningFlags, CERTDB_VALID_CA)) - return PR_FALSE; - return PR_TRUE; + if (checkSSL && !e_cert_trust_has_trust ( + trust->sslFlags, CERTDB_VALID_CA)) + return PR_FALSE; + + if (checkEmail && !e_cert_trust_has_trust ( + trust->emailFlags, CERTDB_VALID_CA)) + return PR_FALSE; + + if (checkObjSign && !e_cert_trust_has_trust ( + trust->objectSigningFlags, CERTDB_VALID_CA)) + return PR_FALSE; + + return PR_TRUE; } PRBool e_cert_trust_has_peer (CERTCertTrust *trust, - PRBool checkSSL, - PRBool checkEmail, - PRBool checkObjSign) + PRBool checkSSL, + PRBool checkEmail, + PRBool checkObjSign) { - if (checkSSL && !e_cert_trust_has_trust(trust->sslFlags, CERTDB_VALID_PEER)) - return PR_FALSE; - if (checkEmail && !e_cert_trust_has_trust(trust->emailFlags, CERTDB_VALID_PEER)) - return PR_FALSE; - if (checkObjSign && !e_cert_trust_has_trust(trust->objectSigningFlags, CERTDB_VALID_PEER)) - return PR_FALSE; - return PR_TRUE; + if (checkSSL && !e_cert_trust_has_trust ( + trust->sslFlags, CERTDB_VALID_PEER)) + return PR_FALSE; + + if (checkEmail && !e_cert_trust_has_trust ( + trust->emailFlags, CERTDB_VALID_PEER)) + return PR_FALSE; + + if (checkObjSign && !e_cert_trust_has_trust ( + trust->objectSigningFlags, CERTDB_VALID_PEER)) + return PR_FALSE; + + return PR_TRUE; } PRBool e_cert_trust_has_any_user (CERTCertTrust *trust) { - if (e_cert_trust_has_trust(trust->sslFlags, CERTDB_USER) || - e_cert_trust_has_trust(trust->emailFlags, CERTDB_USER) || - e_cert_trust_has_trust(trust->objectSigningFlags, CERTDB_USER)) - return PR_TRUE; - return PR_FALSE; + if (e_cert_trust_has_trust(trust->sslFlags, CERTDB_USER) || + e_cert_trust_has_trust(trust->emailFlags, CERTDB_USER) || + e_cert_trust_has_trust(trust->objectSigningFlags, CERTDB_USER)) + return PR_TRUE; + + return PR_FALSE; } PRBool e_cert_trust_has_user (CERTCertTrust *trust, - PRBool checkSSL, - PRBool checkEmail, - PRBool checkObjSign) + PRBool checkSSL, + PRBool checkEmail, + PRBool checkObjSign) { - if (checkSSL && !e_cert_trust_has_trust(trust->sslFlags, CERTDB_USER)) - return PR_FALSE; - if (checkEmail && !e_cert_trust_has_trust(trust->emailFlags, CERTDB_USER)) - return PR_FALSE; - if (checkObjSign && !e_cert_trust_has_trust(trust->objectSigningFlags, CERTDB_USER)) - return PR_FALSE; - return PR_TRUE; + if (checkSSL && !e_cert_trust_has_trust ( + trust->sslFlags, CERTDB_USER)) + return PR_FALSE; + + if (checkEmail && !e_cert_trust_has_trust ( + trust->emailFlags, CERTDB_USER)) + return PR_FALSE; + + if (checkObjSign && !e_cert_trust_has_trust ( + trust->objectSigningFlags, CERTDB_USER)) + return PR_FALSE; + + return PR_TRUE; } PRBool e_cert_trust_has_trusted_ca (CERTCertTrust *trust, - PRBool checkSSL, - PRBool checkEmail, - PRBool checkObjSign) + PRBool checkSSL, + PRBool checkEmail, + PRBool checkObjSign) { - if (checkSSL && !(e_cert_trust_has_trust(trust->sslFlags, CERTDB_TRUSTED_CA) || - e_cert_trust_has_trust(trust->sslFlags, CERTDB_TRUSTED_CLIENT_CA))) - return PR_FALSE; - if (checkEmail && !(e_cert_trust_has_trust(trust->emailFlags, CERTDB_TRUSTED_CA) || - e_cert_trust_has_trust(trust->emailFlags, CERTDB_TRUSTED_CLIENT_CA))) - return PR_FALSE; - if (checkObjSign && - !(e_cert_trust_has_trust(trust->objectSigningFlags, CERTDB_TRUSTED_CA) || - e_cert_trust_has_trust(trust->objectSigningFlags, CERTDB_TRUSTED_CLIENT_CA))) - return PR_FALSE; - return PR_TRUE; + if (checkSSL && !(e_cert_trust_has_trust ( + trust->sslFlags, CERTDB_TRUSTED_CA) || + e_cert_trust_has_trust ( + trust->sslFlags, CERTDB_TRUSTED_CLIENT_CA))) + return PR_FALSE; + + if (checkEmail && !(e_cert_trust_has_trust ( + trust->emailFlags, CERTDB_TRUSTED_CA) || + e_cert_trust_has_trust ( + trust->emailFlags, CERTDB_TRUSTED_CLIENT_CA))) + return PR_FALSE; + + if (checkObjSign && !(e_cert_trust_has_trust ( + trust->objectSigningFlags, CERTDB_TRUSTED_CA) || + e_cert_trust_has_trust ( + trust->objectSigningFlags, CERTDB_TRUSTED_CLIENT_CA))) + return PR_FALSE; + + return PR_TRUE; } PRBool e_cert_trust_has_trusted_peer (CERTCertTrust *trust, - PRBool checkSSL, - PRBool checkEmail, - PRBool checkObjSign) + PRBool checkSSL, + PRBool checkEmail, + PRBool checkObjSign) { - if (checkSSL && !(e_cert_trust_has_trust(trust->sslFlags, CERTDB_TRUSTED))) - return PR_FALSE; - if (checkEmail && !(e_cert_trust_has_trust(trust->emailFlags, CERTDB_TRUSTED))) - return PR_FALSE; - if (checkObjSign && - !(e_cert_trust_has_trust(trust->objectSigningFlags, CERTDB_TRUSTED))) - return PR_FALSE; - return PR_TRUE; + if (checkSSL && !(e_cert_trust_has_trust ( + trust->sslFlags, CERTDB_TRUSTED))) + return PR_FALSE; + + if (checkEmail && !(e_cert_trust_has_trust ( + trust->emailFlags, CERTDB_TRUSTED))) + return PR_FALSE; + + if (checkObjSign && !(e_cert_trust_has_trust ( + trust->objectSigningFlags, CERTDB_TRUSTED))) + return PR_FALSE; + + return PR_TRUE; } void e_cert_trust_add_trust (guint *t, guint v) { - *t |= v; + *t |= v; } PRBool e_cert_trust_has_trust (guint t, guint v) { - return (t & v); + return (t & v); } |