security/certverifier/ExtendedValidation.h
author Marian-Vasile Laza <mlaza@mozilla.com>
Tue, 30 Nov 2021 23:30:59 +0200
changeset 600683 15c1262d6e8f4524fa63dcc9cc2572038ffb3a92
parent 576423 95778b9fb5cb8c74887e335aa56915c57fca56b5
permissions -rw-r--r--
Backed out 6 changesets (bug 1715892, bug 1719735) for causing bc test failures. CLOSED TREE Backed out changeset 196952bd8c9c (bug 1715892) Backed out changeset 9105fe01c025 (bug 1715892) Backed out changeset 4c15d1a24ccd (bug 1715892) Backed out changeset 2c328b84285f (bug 1715892) Backed out changeset 8fcdcdf44b62 (bug 1719735) Backed out changeset c48f398e301f (bug 1719735)

/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
 * This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

#ifndef ExtendedValidation_h
#define ExtendedValidation_h

#include "ScopedNSSTypes.h"
#include "certt.h"

namespace mozilla {
namespace pkix {
struct CertPolicyId;
}  // namespace pkix
}  // namespace mozilla

namespace mozilla {
namespace psm {

nsresult LoadExtendedValidationInfo();

/**
 * Finds the first policy OID in the given cert that is known to be an EV policy
 * OID.
 *
 * @param cert
 *        The cert to find the first EV policy of.
 * @param policy
 *        The found policy.
 * @param policyOidTag
 *        The OID tag of the found policy.
 * @return true if a suitable policy was found, false otherwise.
 */
bool GetFirstEVPolicy(const nsTArray<uint8_t>& cert,
                      /*out*/ mozilla::pkix::CertPolicyId& policy);

// CertIsAuthoritativeForEVPolicy does NOT evaluate whether the cert is trusted
// or distrusted.
bool CertIsAuthoritativeForEVPolicy(const nsTArray<uint8_t>& cert,
                                    const mozilla::pkix::CertPolicyId& policy);

}  // namespace psm
}  // namespace mozilla

#endif  // ExtendedValidation_h