static CERTCertTrust *
cert_trust_from_stan_trust(NSSTrust *t, PRArenaPool *arena)
{
CERTCertTrust *rvTrust;
unsigned int client;
if (!t) {
return NULL;
}
rvTrust = PORT_ArenaAlloc(arena, sizeof(CERTCertTrust));
if (!rvTrust) return NULL;
rvTrust->sslFlags = get_nss3trust_from_nss4trust(t->serverAuth);
client = get_nss3trust_from_nss4trust(t->clientAuth);
if (client & (CERTDB_TRUSTED_CA|CERTDB_NS_TRUSTED_CA)) {
client &= ~(CERTDB_TRUSTED_CA|CERTDB_NS_TRUSTED_CA);
rvTrust->sslFlags |= CERTDB_TRUSTED_CLIENT_CA;
}
rvTrust->sslFlags |= client;
rvTrust->emailFlags = get_nss3trust_from_nss4trust(t->emailProtection);
rvTrust->objectSigningFlags = get_nss3trust_from_nss4trust(t->codeSigning);
/* The cert is a valid step-up cert (in addition to/lieu of trust above */
if (t->stepUpApproved) {
rvTrust->sslFlags |= CERTDB_GOVT_APPROVED_CA;
}
return rvTrust;
}
static CERTCertTrust *
cert_trust_from_stan_trust(NSSTrust *t, PRArenaPool *arena)
{
CERTCertTrust *rvTrust;
unsigned int client;
if (!t) {
return NULL;
}
rvTrust = PORT_ArenaAlloc(arena, sizeof(CERTCertTrust));
if (!rvTrust) return NULL;
rvTrust->sslFlags = get_nss3trust_from_nss4trust(t->serverAuth);
client = get_nss3trust_from_nss4trust(t->clientAuth);
if (client & (CERTDB_TRUSTED_CA|CERTDB_NS_TRUSTED_CA)) {
client &= ~(CERTDB_TRUSTED_CA|CERTDB_NS_TRUSTED_CA);
rvTrust->sslFlags |= CERTDB_TRUSTED_CLIENT_CA;
}
rvTrust->sslFlags |= client;
rvTrust->emailFlags = get_nss3trust_from_nss4trust(t->emailProtection);
rvTrust->objectSigningFlags = get_nss3trust_from_nss4trust(t->codeSigning);
return rvTrust;
}