mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-11-07 20:17:37 +00:00
133 lines
4.9 KiB
Plaintext
133 lines
4.9 KiB
Plaintext
/* ***** BEGIN LICENSE BLOCK *****
|
|
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
|
|
*
|
|
* The contents of this file are subject to the Mozilla Public License Version
|
|
* 1.1 (the "License"); you may not use this file except in compliance with
|
|
* the License. You may obtain a copy of the License at
|
|
* http://www.mozilla.org/MPL/
|
|
*
|
|
* Software distributed under the License is distributed on an "AS IS" basis,
|
|
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
|
|
* for the specific language governing rights and limitations under the
|
|
* License.
|
|
*
|
|
* The Original Code is mozilla.org code.
|
|
*
|
|
* The Initial Developer of the Original Code is
|
|
* Red Hat, Inc.
|
|
* Portions created by the Initial Developer are Copyright (C) 2006
|
|
* the Initial Developer. All Rights Reserved.
|
|
*
|
|
* Contributor(s):
|
|
* Kai Engert <kengert@redhat.com>
|
|
* Jesper Kristensen <mail@jesperkristensen.dk>
|
|
*
|
|
* Alternatively, the contents of this file may be used under the terms of
|
|
* either the GNU General Public License Version 2 or later (the "GPL"), or
|
|
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
|
|
* in which case the provisions of the GPL or the LGPL are applicable instead
|
|
* of those above. If you wish to allow use of your version of this file only
|
|
* under the terms of either the GPL or the LGPL, and not to allow others to
|
|
* use your version of this file under the terms of the MPL, indicate your
|
|
* decision by deleting the provisions above and replace them with the notice
|
|
* and other provisions required by the GPL or the LGPL. If you do not delete
|
|
* the provisions above, a recipient may use your version of this file under
|
|
* the terms of any one of the MPL, the GPL or the LGPL.
|
|
*
|
|
* ***** END LICENSE BLOCK ***** */
|
|
|
|
#include "nsIX509Cert2.idl"
|
|
|
|
interface nsICertVerificationListener;
|
|
|
|
/**
|
|
* Extending nsIX509Cert
|
|
*/
|
|
[scriptable, uuid(399004d8-b8c7-4eb9-8362-d99f4c0161fd)]
|
|
interface nsIX509Cert3 : nsIX509Cert2 {
|
|
|
|
/**
|
|
* Constants for specifying the chain mode when exporting a certificate
|
|
*/
|
|
const unsigned long CMS_CHAIN_MODE_CertOnly = 1;
|
|
const unsigned long CMS_CHAIN_MODE_CertChain = 2;
|
|
const unsigned long CMS_CHAIN_MODE_CertChainWithRoot = 3;
|
|
|
|
/**
|
|
* Async version of nsIX509Cert::getUsagesArray()
|
|
*
|
|
* Will not block, will request results asynchronously,
|
|
* availability of results will be notified.
|
|
*/
|
|
void requestUsagesArrayAsync(in nsICertVerificationListener cvl);
|
|
|
|
/**
|
|
* Obtain the certificate wrapped in a PKCS#7 SignedData structure,
|
|
* with or without the certificate chain
|
|
*
|
|
* @param chainMode Whether to include the chain (with or without the root),
|
|
see CMS_CHAIN_MODE constants.
|
|
* @param length The number of bytes of the PKCS#7 data.
|
|
* @param data The bytes representing the PKCS#7 wrapped certificate.
|
|
*/
|
|
void exportAsCMS(in unsigned long chainMode,
|
|
out unsigned long length,
|
|
[retval, array, size_is(length)] out octet data);
|
|
|
|
readonly attribute boolean isSelfSigned;
|
|
|
|
/**
|
|
* Human readable names identifying all hardware or
|
|
* software tokens the certificate is stored on.
|
|
*
|
|
* @param length On success, the number of entries in the returned array.
|
|
* @return On success, an array containing the names of all tokens
|
|
* the certificate is stored on (may be empty).
|
|
* On failure the function throws/returns an error.
|
|
*/
|
|
void getAllTokenNames(out unsigned long length,
|
|
[retval, array, size_is(length)] out wstring
|
|
tokenNames);
|
|
};
|
|
|
|
[scriptable, uuid(2fd0a785-9f2d-4327-8871-8c3e0783891d)]
|
|
interface nsICertVerificationResult : nsISupports {
|
|
|
|
/**
|
|
* This interface reflects a container of
|
|
* verification results. Call will not block.
|
|
*
|
|
* Obtain an array of human readable strings describing
|
|
* the certificate's certified usages.
|
|
*
|
|
* Mirrors the results produced by
|
|
* nsIX509Cert::getUsagesArray()
|
|
*
|
|
* As of today, this function is a one-shot object,
|
|
* only the first call will succeed.
|
|
* This allows an optimization in the implementation,
|
|
* ownership of result data will be transfered to caller.
|
|
*
|
|
* @param cert The certificate that was verified.
|
|
* @param verified The certificate verification result,
|
|
* see constants in nsIX509Cert.
|
|
* @param count The number of human readable usages returned.
|
|
* @param usages The array of human readable usages.
|
|
*/
|
|
void getUsagesArrayResult(out PRUint32 verified,
|
|
out PRUint32 count,
|
|
[array, size_is(count)] out wstring usages);
|
|
};
|
|
|
|
|
|
[scriptable, uuid(6684bce9-50db-48e1-81b7-98102bf81357)]
|
|
interface nsICertVerificationListener : nsISupports {
|
|
|
|
/**
|
|
* Notify that results are ready, that have been requested
|
|
* using nsIX509Cert3::requestUsagesArrayAsync()
|
|
*/
|
|
void notify(in nsIX509Cert3 verifiedCert,
|
|
in nsICertVerificationResult result);
|
|
};
|