implement using the e-cert-trust foo. (e_cert_get_email): implement.

2003-11-12 Chris Toshok <toshok@ximian.com> * lib/e-cert.c (e_cert_get_cert_type): implement using the e-cert-trust foo. (e_cert_get_email): implement. * lib/e-cert.h: add UNKNOWN cert type. * gui/smime-ui.glade: fix capitalization of "Import" on the contact certificate page. * gui/certificate-manager.c (import_contact): new function. implement email cert importing. (delete_contact): new function. (unload_certs): implement for E_CERT_CONTACT. (certificate_manager_config_control_new): get the contact cert action buttons from libglade. * lib/e-cert-db.c (handle_ca_cert_download): mostly implement the trust settings correctly. this still needs work pending the CA trust dialog's completion. (e_cert_db_delete_cert): fix the ifdef'ed code. (e_cert_db_import_user_cert): remove the ifdef'ed body of this, since it was copied from the CA code. * lib/Makefile.am (libessmime_la_SOURCES): add e-cert-trust.[ch] * lib/e-cert-trust.[ch]: new files, basically c&p nsNSSCertTrust from mozilla's PSM. svn path=/trunk/; revision=23308
author: Chris Toshok <toshok@ximian.com> 2003-11-13 10:23:52 +0800
committer: Chris Toshok <toshok@src.gnome.org> 2003-11-13 10:23:52 +0800
commit: bdba680ed59ee12b4bdcdae2d5a6c3e8cc59daea (patch)
tree: 18089837a8fe8eb029233dac94a8f5a06d9ea39b /smime/lib/e-cert-trust.c
parent: 7e734202c2be76070d5f9a0af821f03191aaf25e (diff)
download: gsoc2013-evolution-bdba680ed59ee12b4bdcdae2d5a6c3e8cc59daea.tar
gsoc2013-evolution-bdba680ed59ee12b4bdcdae2d5a6c3e8cc59daea.tar.gz
gsoc2013-evolution-bdba680ed59ee12b4bdcdae2d5a6c3e8cc59daea.tar.bz2
gsoc2013-evolution-bdba680ed59ee12b4bdcdae2d5a6c3e8cc59daea.tar.lz
gsoc2013-evolution-bdba680ed59ee12b4bdcdae2d5a6c3e8cc59daea.tar.xz
gsoc2013-evolution-bdba680ed59ee12b4bdcdae2d5a6c3e8cc59daea.tar.zst
gsoc2013-evolution-bdba680ed59ee12b4bdcdae2d5a6c3e8cc59daea.zip
1 files changed, 418 insertions, 0 deletions
diff --git a/smime/lib/e-cert-trust.c b/smime/lib/e-cert-trust.c
new file mode 100644
index 0000000000..7386a88963
--- /dev/null
+++ b/smime/lib/e-cert-trust.c
@@ -0,0 +1,418 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: t; c-basic-offset: 8 -*- */
+/*
+ *  Authors: Chris Toshok <toshok@ximian.com>
+ *
+ *  Copyright (C) 2003 Novell, Inc. (www.novell.com)
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 2 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, write to the Free Software
+ *  Foundation, Inc., 59 Temple Street #330, Boston, MA 02111-1307, USA.
+ *
+ */
+
+/* this code is pretty much cut&pasted and renamed from mozilla.
+   here's their copyright/blurb */
+
+/*
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ * 
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ * 
+ * The Original Code is the Netscape security libraries.
+ * 
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are 
+ * Copyright (C) 2000 Netscape Communications Corporation.  All
+ * Rights Reserved.
+ * 
+ * Contributor(s):
+ *  Ian McGreer <mcgreer@netscape.com>
+ *  Javier Delgadillo <javi@netscape.com>
+ * 
+ * Alternatively, the contents of this file may be used under the
+ * terms of the GNU General Public License Version 2 or later (the
+ * "GPL"), in which case the provisions of the GPL are applicable 
+ * instead of those above.  If you wish to allow use of your 
+ * version of this file only under the terms of the GPL and not to
+ * allow others to use your version of this file under the MPL,
+ * indicate your decision by deleting the provisions above and
+ * replace them with the notice and other provisions required by
+ * the GPL.  If you do not delete the provisions above, a recipient
+ * may use your version of this file under either the MPL or the
+ * GPL.
+ *
+ */
+
+#include "e-cert-trust.h"
+
+void
+e_cert_trust_init (CERTCertTrust *trust)
+{
+  memset(trust, 0, sizeof(CERTCertTrust));
+}
+
+void
+e_cert_trust_init_with_values (CERTCertTrust *trust,
+			       unsigned int ssl, 
+			       unsigned int email, 
+			       unsigned int objsign)
+{
+  memset(trust, 0, sizeof(CERTCertTrust));
+  e_cert_trust_add_trust(&trust->sslFlags, ssl);
+  e_cert_trust_add_trust(&trust->emailFlags, email);
+  e_cert_trust_add_trust(&trust->objectSigningFlags, objsign);
+}
+
+void
+e_cert_trust_copy (CERTCertTrust *trust, CERTCertTrust *t)
+{
+  if (t)
+    memcpy(trust, t, sizeof(CERTCertTrust));
+  else
+    memset(trust, 0, sizeof(CERTCertTrust)); 
+}
+
+void
+e_cert_trust_add_ca_trust (CERTCertTrust *trust, PRBool ssl, PRBool email, PRBool objSign)
+{
+  if (ssl) {
+    e_cert_trust_add_trust(&trust->sslFlags, CERTDB_TRUSTED_CA);
+    e_cert_trust_add_trust(&trust->sslFlags, CERTDB_TRUSTED_CLIENT_CA);
+  }
+  if (email) {
+    e_cert_trust_add_trust(&trust->emailFlags, CERTDB_TRUSTED_CA);
+    e_cert_trust_add_trust(&trust->emailFlags, CERTDB_TRUSTED_CLIENT_CA);
+  }
+  if (objSign) {
+    e_cert_trust_add_trust(&trust->objectSigningFlags, CERTDB_TRUSTED_CA);
+    e_cert_trust_add_trust(&trust->objectSigningFlags, CERTDB_TRUSTED_CLIENT_CA);
+  }
+}
+
+void
+e_cert_trust_add_peer_trust (CERTCertTrust *trust, PRBool ssl, PRBool email, PRBool objSign)
+{
+  if (ssl)
+    e_cert_trust_add_trust(&trust->sslFlags, CERTDB_TRUSTED);
+  if (email)
+    e_cert_trust_add_trust(&trust->emailFlags, CERTDB_TRUSTED);
+  if (objSign)
+    e_cert_trust_add_trust(&trust->objectSigningFlags, CERTDB_TRUSTED);
+}
+
+void
+e_cert_trust_set_ssl_trust (CERTCertTrust *trust,
+			    PRBool peer, PRBool tPeer,
+			    PRBool ca,   PRBool tCA, PRBool tClientCA,
+			    PRBool user, PRBool warn)
+{
+  trust->sslFlags = 0;
+  if (peer || tPeer)
+    e_cert_trust_add_trust(&trust->sslFlags, CERTDB_VALID_PEER);
+  if (tPeer)
+    e_cert_trust_add_trust(&trust->sslFlags, CERTDB_TRUSTED);
+  if (ca || tCA)
+    e_cert_trust_add_trust(&trust->sslFlags, CERTDB_VALID_CA);
+  if (tClientCA)
+    e_cert_trust_add_trust(&trust->sslFlags, CERTDB_TRUSTED_CLIENT_CA);
+  if (tCA)
+    e_cert_trust_add_trust(&trust->sslFlags, CERTDB_TRUSTED_CA);
+  if (user)
+    e_cert_trust_add_trust(&trust->sslFlags, CERTDB_USER);
+  if (warn)
+    e_cert_trust_add_trust(&trust->sslFlags, CERTDB_SEND_WARN);
+}
+
+void
+e_cert_trust_set_email_trust (CERTCertTrust *trust,
+			      PRBool peer, PRBool tPeer,
+			      PRBool ca,   PRBool tCA, PRBool tClientCA,
+			      PRBool user, PRBool warn)
+{
+  trust->emailFlags = 0;
+  if (peer || tPeer)
+    e_cert_trust_add_trust(&trust->emailFlags, CERTDB_VALID_PEER);
+  if (tPeer)
+    e_cert_trust_add_trust(&trust->emailFlags, CERTDB_TRUSTED);
+  if (ca || tCA)
+    e_cert_trust_add_trust(&trust->emailFlags, CERTDB_VALID_CA);
+  if (tClientCA)
+    e_cert_trust_add_trust(&trust->emailFlags, CERTDB_TRUSTED_CLIENT_CA);
+  if (tCA)
+    e_cert_trust_add_trust(&trust->emailFlags, CERTDB_TRUSTED_CA);
+  if (user)
+    e_cert_trust_add_trust(&trust->emailFlags, CERTDB_USER);
+  if (warn)
+    e_cert_trust_add_trust(&trust->emailFlags, CERTDB_SEND_WARN);
+}
+
+void
+e_cert_trust_set_objsign_trust (CERTCertTrust *trust,
+				PRBool peer, PRBool tPeer,
+				PRBool ca,   PRBool tCA, PRBool tClientCA,
+				PRBool user, PRBool warn)
+{
+  trust->objectSigningFlags = 0;
+  if (peer || tPeer)
+    e_cert_trust_add_trust(&trust->objectSigningFlags, CERTDB_VALID_PEER);
+  if (tPeer)
+    e_cert_trust_add_trust(&trust->objectSigningFlags, CERTDB_TRUSTED);
+  if (ca || tCA)
+    e_cert_trust_add_trust(&trust->objectSigningFlags, CERTDB_VALID_CA);
+  if (tClientCA)
+    e_cert_trust_add_trust(&trust->objectSigningFlags, CERTDB_TRUSTED_CLIENT_CA);
+  if (tCA)
+    e_cert_trust_add_trust(&trust->objectSigningFlags, CERTDB_TRUSTED_CA);
+  if (user)
+    e_cert_trust_add_trust(&trust->objectSigningFlags, CERTDB_USER);
+  if (warn)
+    e_cert_trust_add_trust(&trust->objectSigningFlags, CERTDB_SEND_WARN);
+}
+
+void
+e_cert_trust_set_valid_ca (CERTCertTrust *trust)
+{
+  e_cert_trust_set_ssl_trust (trust,
+			      PR_FALSE, PR_FALSE,
+			      PR_TRUE, PR_FALSE, PR_FALSE,
+			      PR_FALSE, PR_FALSE);
+  e_cert_trust_set_email_trust (trust,
+				PR_FALSE, PR_FALSE,
+				PR_TRUE, PR_FALSE, PR_FALSE,
+				PR_FALSE, PR_FALSE);
+  e_cert_trust_set_objsign_trust (trust,
+				  PR_FALSE, PR_FALSE,
+				  PR_TRUE, PR_FALSE, PR_FALSE,
+				  PR_FALSE, PR_FALSE);
+}
+
+void
+e_cert_trust_set_trusted_server_ca (CERTCertTrust *trust)
+{
+  e_cert_trust_set_ssl_trust (trust,
+			      PR_FALSE, PR_FALSE,
+			      PR_TRUE, PR_TRUE, PR_FALSE,
+			      PR_FALSE, PR_FALSE);
+  e_cert_trust_set_email_trust (trust,
+				PR_FALSE, PR_FALSE,
+				PR_TRUE, PR_TRUE, PR_FALSE,
+				PR_FALSE, PR_FALSE);
+  e_cert_trust_set_objsign_trust (trust,
+				  PR_FALSE, PR_FALSE,
+				  PR_TRUE, PR_TRUE, PR_FALSE,
+				  PR_FALSE, PR_FALSE);
+}
+
+void
+e_cert_trust_set_trusted_ca (CERTCertTrust *trust)
+{
+  e_cert_trust_set_ssl_trust (trust,
+			      PR_FALSE, PR_FALSE,
+			      PR_TRUE, PR_TRUE, PR_TRUE,
+			      PR_FALSE, PR_FALSE);
+  e_cert_trust_set_email_trust (trust,
+				PR_FALSE, PR_FALSE,
+				PR_TRUE, PR_TRUE, PR_TRUE,
+				PR_FALSE, PR_FALSE);
+  e_cert_trust_set_objsign_trust (trust,
+				  PR_FALSE, PR_FALSE,
+				  PR_TRUE, PR_TRUE, PR_TRUE,
+				  PR_FALSE, PR_FALSE);
+}
+
+void 
+e_cert_trust_set_valid_peer (CERTCertTrust *trust)
+{
+  e_cert_trust_set_ssl_trust (trust,
+			      PR_TRUE, PR_FALSE,
+			      PR_FALSE, PR_FALSE, PR_FALSE,
+			      PR_FALSE, PR_FALSE);
+  e_cert_trust_set_email_trust (trust,
+				PR_TRUE, PR_FALSE,
+				PR_FALSE, PR_FALSE, PR_FALSE,
+				PR_FALSE, PR_FALSE);
+  e_cert_trust_set_objsign_trust (trust,
+				  PR_TRUE, PR_FALSE,
+				  PR_FALSE, PR_FALSE, PR_FALSE,
+				  PR_FALSE, PR_FALSE);
+}
+
+void 
+e_cert_trust_set_valid_server_peer (CERTCertTrust *trust)
+{
+  e_cert_trust_set_ssl_trust (trust,
+			      PR_TRUE, PR_FALSE,
+			      PR_FALSE, PR_FALSE, PR_FALSE,
+			      PR_FALSE, PR_FALSE);
+  e_cert_trust_set_email_trust (trust,
+				PR_FALSE, PR_FALSE,
+				PR_FALSE, PR_FALSE, PR_FALSE,
+				PR_FALSE, PR_FALSE);
+  e_cert_trust_set_objsign_trust (trust,
+				  PR_FALSE, PR_FALSE,
+				  PR_FALSE, PR_FALSE, PR_FALSE,
+				  PR_FALSE, PR_FALSE);
+}
+
+void 
+e_cert_trust_set_trusted_peer (CERTCertTrust *trust)
+{
+  e_cert_trust_set_ssl_trust (trust,
+			      PR_TRUE, PR_TRUE,
+			      PR_FALSE, PR_FALSE, PR_FALSE,
+			      PR_FALSE, PR_FALSE);
+  e_cert_trust_set_email_trust (trust,
+				PR_TRUE, PR_TRUE,
+				PR_FALSE, PR_FALSE, PR_FALSE,
+				PR_FALSE, PR_FALSE);
+  e_cert_trust_set_objsign_trust (trust,
+				  PR_TRUE, PR_TRUE,
+				  PR_FALSE, PR_FALSE, PR_FALSE,
+				  PR_FALSE, PR_FALSE);
+}
+
+void
+e_cert_trust_set_user (CERTCertTrust *trust)
+{
+  e_cert_trust_set_ssl_trust (trust,
+			      PR_FALSE, PR_FALSE,
+			      PR_FALSE, PR_FALSE, PR_FALSE,
+			      PR_TRUE, PR_FALSE);
+  e_cert_trust_set_email_trust (trust,
+				PR_FALSE, PR_FALSE,
+				PR_FALSE, PR_FALSE, PR_FALSE,
+				PR_TRUE, PR_FALSE);
+  e_cert_trust_set_objsign_trust (trust,
+				  PR_FALSE, PR_FALSE,
+				  PR_FALSE, PR_FALSE, PR_FALSE,
+				  PR_TRUE, PR_FALSE);
+}
+
+PRBool
+e_cert_trust_has_any_ca (CERTCertTrust *trust)
+{
+  if (e_cert_trust_has_trust(trust->sslFlags, CERTDB_VALID_CA) ||
+      e_cert_trust_has_trust(trust->emailFlags, CERTDB_VALID_CA) ||
+      e_cert_trust_has_trust(trust->objectSigningFlags, CERTDB_VALID_CA))
+    return PR_TRUE;
+  return PR_FALSE;
+}
+
+PRBool
+e_cert_trust_has_ca (CERTCertTrust *trust,
+		     PRBool checkSSL, 
+		     PRBool checkEmail,  
+		     PRBool checkObjSign)
+{
+  if (checkSSL && !e_cert_trust_has_trust(trust->sslFlags, CERTDB_VALID_CA))
+    return PR_FALSE;
+  if (checkEmail && !e_cert_trust_has_trust(trust->emailFlags, CERTDB_VALID_CA))
+    return PR_FALSE;
+  if (checkObjSign && !e_cert_trust_has_trust(trust->objectSigningFlags, CERTDB_VALID_CA))
+    return PR_FALSE;
+  return PR_TRUE;
+}
+
+PRBool
+e_cert_trust_has_peer (CERTCertTrust *trust,
+		       PRBool checkSSL, 
+		       PRBool checkEmail,  
+		       PRBool checkObjSign)
+{
+  if (checkSSL && !e_cert_trust_has_trust(trust->sslFlags, CERTDB_VALID_PEER))
+    return PR_FALSE;
+  if (checkEmail && !e_cert_trust_has_trust(trust->emailFlags, CERTDB_VALID_PEER))
+    return PR_FALSE;
+  if (checkObjSign && !e_cert_trust_has_trust(trust->objectSigningFlags, CERTDB_VALID_PEER))
+    return PR_FALSE;
+  return PR_TRUE;
+}
+
+PRBool
+e_cert_trust_has_any_user (CERTCertTrust *trust)
+{
+  if (e_cert_trust_has_trust(trust->sslFlags, CERTDB_USER) ||
+      e_cert_trust_has_trust(trust->emailFlags, CERTDB_USER) ||
+      e_cert_trust_has_trust(trust->objectSigningFlags, CERTDB_USER))
+    return PR_TRUE;
+  return PR_FALSE;
+}
+
+PRBool
+e_cert_trust_has_user (CERTCertTrust *trust,
+		       PRBool checkSSL, 
+		       PRBool checkEmail,  
+		       PRBool checkObjSign)
+{
+  if (checkSSL && !e_cert_trust_has_trust(trust->sslFlags, CERTDB_USER))
+    return PR_FALSE;
+  if (checkEmail && !e_cert_trust_has_trust(trust->emailFlags, CERTDB_USER))
+    return PR_FALSE;
+  if (checkObjSign && !e_cert_trust_has_trust(trust->objectSigningFlags, CERTDB_USER))
+    return PR_FALSE;
+  return PR_TRUE;
+}
+
+PRBool
+e_cert_trust_has_trusted_ca (CERTCertTrust *trust,
+			     PRBool checkSSL, 
+			     PRBool checkEmail,  
+			     PRBool checkObjSign)
+{
+  if (checkSSL && !(e_cert_trust_has_trust(trust->sslFlags, CERTDB_TRUSTED_CA) ||
+                    e_cert_trust_has_trust(trust->sslFlags, CERTDB_TRUSTED_CLIENT_CA)))
+    return PR_FALSE;
+  if (checkEmail && !(e_cert_trust_has_trust(trust->emailFlags, CERTDB_TRUSTED_CA) ||
+                      e_cert_trust_has_trust(trust->emailFlags, CERTDB_TRUSTED_CLIENT_CA)))
+    return PR_FALSE;
+  if (checkObjSign && 
+       !(e_cert_trust_has_trust(trust->objectSigningFlags, CERTDB_TRUSTED_CA) ||
+         e_cert_trust_has_trust(trust->objectSigningFlags, CERTDB_TRUSTED_CLIENT_CA)))
+    return PR_FALSE;
+  return PR_TRUE;
+}
+
+PRBool
+e_cert_trust_has_trusted_peer (CERTCertTrust *trust,
+			       PRBool checkSSL, 
+			       PRBool checkEmail,  
+			       PRBool checkObjSign)
+{
+  if (checkSSL && !(e_cert_trust_has_trust(trust->sslFlags, CERTDB_TRUSTED)))
+    return PR_FALSE;
+  if (checkEmail && !(e_cert_trust_has_trust(trust->emailFlags, CERTDB_TRUSTED)))
+    return PR_FALSE;
+  if (checkObjSign && 
+       !(e_cert_trust_has_trust(trust->objectSigningFlags, CERTDB_TRUSTED)))
+    return PR_FALSE;
+  return PR_TRUE;
+}
+
+void
+e_cert_trust_add_trust (unsigned int *t, unsigned int v)
+{
+  *t |= v;
+}
+
+PRBool
+e_cert_trust_has_trust (unsigned int t, unsigned int v)
+{
+  return (t & v);
+}
+
author	Chris Toshok <toshok@ximian.com>	2003-11-13 10:23:52 +0800
committer	Chris Toshok <toshok@src.gnome.org>	2003-11-13 10:23:52 +0800
commit	bdba680ed59ee12b4bdcdae2d5a6c3e8cc59daea (patch)
tree	18089837a8fe8eb029233dac94a8f5a06d9ea39b /smime/lib/e-cert-trust.c
parent	7e734202c2be76070d5f9a0af821f03191aaf25e (diff)
download	gsoc2013-evolution-bdba680ed59ee12b4bdcdae2d5a6c3e8cc59daea.tar gsoc2013-evolution-bdba680ed59ee12b4bdcdae2d5a6c3e8cc59daea.tar.gz gsoc2013-evolution-bdba680ed59ee12b4bdcdae2d5a6c3e8cc59daea.tar.bz2 gsoc2013-evolution-bdba680ed59ee12b4bdcdae2d5a6c3e8cc59daea.tar.lz gsoc2013-evolution-bdba680ed59ee12b4bdcdae2d5a6c3e8cc59daea.tar.xz gsoc2013-evolution-bdba680ed59ee12b4bdcdae2d5a6c3e8cc59daea.tar.zst gsoc2013-evolution-bdba680ed59ee12b4bdcdae2d5a6c3e8cc59daea.zip