security/manager/ssl/public/nsIX509Cert3.idl@141e0f1194b1
security/manager/ssl/public/nsIX509Cert3.idl
Wed, 31 Dec 2014 07:16:47 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Wed, 31 Dec 2014 07:16:47 +0100
- branch
- TOR_BUG_9701
- changeset 3
- 141e0f1194b1
- permissions
- -rw-r--r--
Revert simplistic fix pending revisit of Mozilla integration attempt.
1 /* This Source Code Form is subject to the terms of the Mozilla Public
2 * License, v. 2.0. If a copy of the MPL was not distributed with this
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
5 #include "nsIX509Cert2.idl"
7 interface nsICertVerificationListener;
9 /**
10 * Extending nsIX509Cert
11 */
12 [scriptable, uuid(399004d8-b8c7-4eb9-8362-d99f4c0161fd)]
13 interface nsIX509Cert3 : nsIX509Cert2 {
15 /**
16 * Constants for specifying the chain mode when exporting a certificate
17 */
18 const unsigned long CMS_CHAIN_MODE_CertOnly = 1;
19 const unsigned long CMS_CHAIN_MODE_CertChain = 2;
20 const unsigned long CMS_CHAIN_MODE_CertChainWithRoot = 3;
22 /**
23 * Async version of nsIX509Cert::getUsagesArray()
24 *
25 * Will not block, will request results asynchronously,
26 * availability of results will be notified on the main thread.
27 */
28 void requestUsagesArrayAsync(in nsICertVerificationListener cvl);
30 /**
31 * Obtain the certificate wrapped in a PKCS#7 SignedData structure,
32 * with or without the certificate chain
33 *
34 * @param chainMode Whether to include the chain (with or without the root),
35 see CMS_CHAIN_MODE constants.
36 * @param length The number of bytes of the PKCS#7 data.
37 * @param data The bytes representing the PKCS#7 wrapped certificate.
38 */
39 void exportAsCMS(in unsigned long chainMode,
40 out unsigned long length,
41 [retval, array, size_is(length)] out octet data);
43 readonly attribute boolean isSelfSigned;
45 /**
46 * Human readable names identifying all hardware or
47 * software tokens the certificate is stored on.
48 *
49 * @param length On success, the number of entries in the returned array.
50 * @return On success, an array containing the names of all tokens
51 * the certificate is stored on (may be empty).
52 * On failure the function throws/returns an error.
53 */
54 void getAllTokenNames(out unsigned long length,
55 [retval, array, size_is(length)] out wstring
56 tokenNames);
57 };
59 [scriptable, uuid(2fd0a785-9f2d-4327-8871-8c3e0783891d)]
60 interface nsICertVerificationResult : nsISupports {
62 /**
63 * This interface reflects a container of
64 * verification results. Call will not block.
65 *
66 * Obtain an array of human readable strings describing
67 * the certificate's certified usages.
68 *
69 * Mirrors the results produced by
70 * nsIX509Cert::getUsagesArray()
71 *
72 * As of today, this function is a one-shot object,
73 * only the first call will succeed.
74 * This allows an optimization in the implementation,
75 * ownership of result data will be transfered to caller.
76 *
77 * @param cert The certificate that was verified.
78 * @param verified The certificate verification result,
79 * see constants in nsIX509Cert.
80 * @param count The number of human readable usages returned.
81 * @param usages The array of human readable usages.
82 */
83 void getUsagesArrayResult(out uint32_t verified,
84 out uint32_t count,
85 [array, size_is(count)] out wstring usages);
86 };
89 [scriptable, uuid(6684bce9-50db-48e1-81b7-98102bf81357)]
90 interface nsICertVerificationListener : nsISupports {
92 /**
93 * Notify that results are ready, that have been requested
94 * using nsIX509Cert3::requestUsagesArrayAsync()
95 */
96 void notify(in nsIX509Cert3 verifiedCert,
97 in nsICertVerificationResult result);
98 };
