1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2 /* vim: set sw=2 ts=8 et tw=80 : */
3
4 /* This Source Code Form is subject to the terms of the Mozilla Public
5 * License, v. 2.0. If a copy of the MPL was not distributed with this
6 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
7
8 #ifndef mozilla_psm_VerifySSLServerCertParent_h__
9 #define mozilla_psm_VerifySSLServerCertParent_h__
10
11 #include "mozilla/psm/PVerifySSLServerCertParent.h"
12 #include "mozpkix/Time.h"
13 #include "ScopedNSSTypes.h"
14 #include "SharedCertVerifier.h"
15
16 class nsNSSSocketInfo;
17
18 namespace mozilla {
19 namespace psm {
20
21 // This class implements the main process side of the server certificate
22 // verification for socket process.
23 // SSLServerCertVerificationJob::Dispatch is called in
24 // VerifySSLServerCertParent::Dispatch with IPCServerCertVerificationResult and
25 // the result of the certificate verification will be sent to the socket process
26 // via IPC.
27 class VerifySSLServerCertParent : public PVerifySSLServerCertParent {
28 public:
VerifySSLServerCertParent()29 NS_INLINE_DECL_THREADSAFE_REFCOUNTING(VerifySSLServerCertParent, override)
30
31 VerifySSLServerCertParent();
32
33 bool Dispatch(const ByteArray& aServerCert,
34 nsTArray<ByteArray>&& aPeerCertChain,
35 const nsCString& aHostName, const int32_t& aPort,
36 const OriginAttributes& aOriginAttributes,
37 const Maybe<ByteArray>& aStapledOCSPResponse,
38 const Maybe<ByteArray>& aSctsFromTLSExtension,
39 const Maybe<DelegatedCredentialInfoArg>& aDcInfo,
40 const uint32_t& aProviderFlags,
41 const uint32_t& aCertVerifierFlags);
42
43 void OnVerifiedSSLServerCert(const nsTArray<ByteArray>& aBuiltCertChain,
44 uint16_t aCertificateTransparencyStatus,
45 uint8_t aEVStatus, bool aSucceeded,
46 PRErrorCode aFinalError,
47 uint32_t aCollectedErrors,
48 bool aIsBuiltCertChainRootBuiltInRoot);
49
50 private:
51 virtual ~VerifySSLServerCertParent();
52
53 // PVerifySSLServerCertParent
54 void ActorDestroy(ActorDestroyReason aWhy) override;
55
56 nsCOMPtr<nsIEventTarget> mBackgroundThread;
NS_INLINE_DECL_THREADSAFE_REFCOUNTING(IPCServerCertVerificationResult,override)57 };
58
59 } // namespace psm
60 } // namespace mozilla
61
62 #endif // mozilla_psm_VerifySSLServerCertParent_h__
63