diff options
Diffstat (limited to 'security/manager/ssl')
-rw-r--r-- | security/manager/ssl/CSTrustDomain.cpp | 6 | ||||
-rw-r--r-- | security/manager/ssl/CSTrustDomain.h | 6 |
2 files changed, 8 insertions, 4 deletions
diff --git a/security/manager/ssl/CSTrustDomain.cpp b/security/manager/ssl/CSTrustDomain.cpp index c3b48dca28..0dd357e75d 100644 --- a/security/manager/ssl/CSTrustDomain.cpp +++ b/security/manager/ssl/CSTrustDomain.cpp @@ -129,7 +129,8 @@ CSTrustDomain::CheckRevocation(EndEntityOrCA endEntityOrCA, const CertID& certID, Time time, Duration validityDuration, /*optional*/ const Input* stapledOCSPresponse, - /*optional*/ const Input* aiaExtension) + /*optional*/ const Input* aiaExtension, + /*optional*/ const Input* sctExtension) { // We're relying solely on the CertBlocklist for revocation - and we're // performing checks on this in GetCertTrust (as per nsNSSCertDBTrustDomain) @@ -137,7 +138,8 @@ CSTrustDomain::CheckRevocation(EndEntityOrCA endEntityOrCA, } Result -CSTrustDomain::IsChainValid(const DERArray& certChain, Time time) +CSTrustDomain::IsChainValid(const DERArray& certChain, Time time, + const CertPolicyId& requiredPolicy) { // Check that our chain is not empty if (certChain.GetLength() == 0) { diff --git a/security/manager/ssl/CSTrustDomain.h b/security/manager/ssl/CSTrustDomain.h index a1e7a21bf0..02448b7dfa 100644 --- a/security/manager/ssl/CSTrustDomain.h +++ b/security/manager/ssl/CSTrustDomain.h @@ -36,9 +36,11 @@ public: const mozilla::pkix::CertID& certID, mozilla::pkix::Time time, mozilla::pkix::Duration validityDuration, /*optional*/ const mozilla::pkix::Input* stapledOCSPresponse, - /*optional*/ const mozilla::pkix::Input* aiaExtension) override; + /*optional*/ const mozilla::pkix::Input* aiaExtension, + /*optional*/ const mozilla::pkix::Input* sctExtension) override; virtual Result IsChainValid(const mozilla::pkix::DERArray& certChain, - mozilla::pkix::Time time) override; + mozilla::pkix::Time time, + const mozilla::pkix::CertPolicyId& requiredPolicy) override; virtual Result CheckSignatureDigestAlgorithm( mozilla::pkix::DigestAlgorithm digestAlg, mozilla::pkix::EndEntityOrCA endEntityOrCA, |