| OLD | NEW |
|---|
| (Empty) | |
| 1 /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- |
| 2 * |
| 3 * ***** BEGIN LICENSE BLOCK ***** |
| 4 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 |
| 5 * |
| 6 * The contents of this file are subject to the Mozilla Public License Version |
| 7 * 1.1 (the "License"); you may not use this file except in compliance with |
| 8 * the License. You may obtain a copy of the License at |
| 9 * http://www.mozilla.org/MPL/ |
| 10 * |
| 11 * Software distributed under the License is distributed on an "AS IS" basis, |
| 12 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License |
| 13 * for the specific language governing rights and limitations under the |
| 14 * License. |
| 15 * |
| 16 * The Original Code is mozilla.org code. |
| 17 * |
| 18 * The Initial Developer of the Original Code is |
| 19 * Netscape Communications Corporation. |
| 20 * Portions created by the Initial Developer are Copyright (C) 1998 |
| 21 * the Initial Developer. All Rights Reserved. |
| 22 * |
| 23 * Contributor(s): |
| 24 * Javier Delgadillo <javi@netscape.com> |
| 25 * |
| 26 * Alternatively, the contents of this file may be used under the terms of |
| 27 * either the GNU General Public License Version 2 or later (the "GPL"), or |
| 28 * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), |
| 29 * in which case the provisions of the GPL or the LGPL are applicable instead |
| 30 * of those above. If you wish to allow use of your version of this file only |
| 31 * under the terms of either the GPL or the LGPL, and not to allow others to |
| 32 * use your version of this file under the terms of the MPL, indicate your |
| 33 * decision by deleting the provisions above and replace them with the notice |
| 34 * and other provisions required by the GPL or the LGPL. If you do not delete |
| 35 * the provisions above, a recipient may use your version of this file under |
| 36 * the terms of any one of the MPL, the GPL or the LGPL. |
| 37 * |
| 38 * ***** END LICENSE BLOCK ***** */ |
| 39 |
| 40 #include "nsISupports.idl" |
| 41 |
| 42 interface nsIArray; |
| 43 interface nsIX509CertValidity; |
| 44 interface nsIASN1Object; |
| 45 |
| 46 /** |
| 47 * This represents a X.509 certificate. |
| 48 * |
| 49 * @status FROZEN |
| 50 */ |
| 51 [scriptable, uuid(f0980f60-ee3d-11d4-998b-00b0d02354a0)] |
| 52 interface nsIX509Cert : nsISupports { |
| 53 |
| 54 /** |
| 55 * A nickname for the certificate. |
| 56 */ |
| 57 readonly attribute AString nickname; |
| 58 |
| 59 /** |
| 60 * The primary email address of the certificate, if present. |
| 61 */ |
| 62 readonly attribute AString emailAddress; |
| 63 |
| 64 /** |
| 65 * Obtain a list of all email addresses |
| 66 * contained in the certificate. |
| 67 * |
| 68 * @param length The number of strings in the returned array. |
| 69 * @return An array of email addresses. |
| 70 */ |
| 71 void getEmailAddresses(out unsigned long length, |
| 72 [retval, array, size_is(length)] out wstring addresses)
; |
| 73 |
| 74 /** |
| 75 * Check whether a given address is contained in the certificate. |
| 76 * The comparison will convert the email address to lowercase. |
| 77 * The behaviour for non ASCII characters is undefined. |
| 78 * |
| 79 * @param aEmailAddress The address to search for. |
| 80 * |
| 81 * @return True if the address is contained in the certificate. |
| 82 */ |
| 83 boolean containsEmailAddress(in AString aEmailAddress); |
| 84 |
| 85 /** |
| 86 * The subject owning the certificate. |
| 87 */ |
| 88 readonly attribute AString subjectName; |
| 89 |
| 90 /** |
| 91 * The subject's common name. |
| 92 */ |
| 93 readonly attribute AString commonName; |
| 94 |
| 95 /** |
| 96 * The subject's organization. |
| 97 */ |
| 98 readonly attribute AString organization; |
| 99 |
| 100 /** |
| 101 * The subject's organizational unit. |
| 102 */ |
| 103 readonly attribute AString organizationalUnit; |
| 104 |
| 105 /** |
| 106 * The fingerprint of the certificate's public key, |
| 107 * calculated using the SHA1 algorithm. |
| 108 */ |
| 109 readonly attribute AString sha1Fingerprint; |
| 110 |
| 111 /** |
| 112 * The fingerprint of the certificate's public key, |
| 113 * calculated using the MD5 algorithm. |
| 114 */ |
| 115 readonly attribute AString md5Fingerprint; |
| 116 |
| 117 /** |
| 118 * A human readable name identifying the hardware or |
| 119 * software token the certificate is stored on. |
| 120 */ |
| 121 readonly attribute AString tokenName; |
| 122 |
| 123 /** |
| 124 * The subject identifying the issuer certificate. |
| 125 */ |
| 126 readonly attribute AString issuerName; |
| 127 |
| 128 /** |
| 129 * The serial number the issuer assigned to this certificate. |
| 130 */ |
| 131 readonly attribute AString serialNumber; |
| 132 |
| 133 /** |
| 134 * The issuer subject's common name. |
| 135 */ |
| 136 readonly attribute AString issuerCommonName; |
| 137 |
| 138 /** |
| 139 * The issuer subject's organization. |
| 140 */ |
| 141 readonly attribute AString issuerOrganization; |
| 142 |
| 143 /** |
| 144 * The issuer subject's organizational unit. |
| 145 */ |
| 146 readonly attribute AString issuerOrganizationUnit; |
| 147 |
| 148 /** |
| 149 * The certificate used by the issuer to sign this certificate. |
| 150 */ |
| 151 readonly attribute nsIX509Cert issuer; |
| 152 |
| 153 /** |
| 154 * This certificate's validity period. |
| 155 */ |
| 156 readonly attribute nsIX509CertValidity validity; |
| 157 |
| 158 /** |
| 159 * A unique identifier of this certificate within the local storage. |
| 160 */ |
| 161 readonly attribute string dbKey; |
| 162 |
| 163 /** |
| 164 * A human readable identifier to label this certificate. |
| 165 */ |
| 166 readonly attribute string windowTitle; |
| 167 |
| 168 /** |
| 169 * Constants to classify the type of a certificate. |
| 170 */ |
| 171 const unsigned long UNKNOWN_CERT = 0; |
| 172 const unsigned long CA_CERT = 1 << 0; |
| 173 const unsigned long USER_CERT = 1 << 1; |
| 174 const unsigned long EMAIL_CERT = 1 << 2; |
| 175 const unsigned long SERVER_CERT = 1 << 3; |
| 176 |
| 177 /** |
| 178 * Constants for certificate verification results. |
| 179 */ |
| 180 const unsigned long VERIFIED_OK = 0; |
| 181 const unsigned long NOT_VERIFIED_UNKNOWN = 1 << 0; |
| 182 const unsigned long CERT_REVOKED = 1 << 1; |
| 183 const unsigned long CERT_EXPIRED = 1 << 2; |
| 184 const unsigned long CERT_NOT_TRUSTED = 1 << 3; |
| 185 const unsigned long ISSUER_NOT_TRUSTED = 1 << 4; |
| 186 const unsigned long ISSUER_UNKNOWN = 1 << 5; |
| 187 const unsigned long INVALID_CA = 1 << 6; |
| 188 const unsigned long USAGE_NOT_ALLOWED = 1 << 7; |
| 189 |
| 190 /** |
| 191 * Constants that describe the certified usages of a certificate. |
| 192 */ |
| 193 const unsigned long CERT_USAGE_SSLClient = 0; |
| 194 const unsigned long CERT_USAGE_SSLServer = 1; |
| 195 const unsigned long CERT_USAGE_SSLServerWithStepUp = 2; |
| 196 const unsigned long CERT_USAGE_SSLCA = 3; |
| 197 const unsigned long CERT_USAGE_EmailSigner = 4; |
| 198 const unsigned long CERT_USAGE_EmailRecipient = 5; |
| 199 const unsigned long CERT_USAGE_ObjectSigner = 6; |
| 200 const unsigned long CERT_USAGE_UserCertImport = 7; |
| 201 const unsigned long CERT_USAGE_VerifyCA = 8; |
| 202 const unsigned long CERT_USAGE_ProtectedObjectSigner = 9; |
| 203 const unsigned long CERT_USAGE_StatusResponder = 10; |
| 204 const unsigned long CERT_USAGE_AnyCA = 11; |
| 205 |
| 206 /** |
| 207 * Obtain a list of certificates that contains this certificate |
| 208 * and the issuing certificates of all involved issuers, |
| 209 * up to the root issuer. |
| 210 * |
| 211 * @return The chain of certifficates including the issuers. |
| 212 */ |
| 213 nsIArray getChain(); |
| 214 |
| 215 /** |
| 216 * Obtain an array of human readable strings describing |
| 217 * the certificate's certified usages. |
| 218 * |
| 219 * @param ignoreOcsp Do not use OCSP even if it is currently activated. |
| 220 * @param verified The certificate verification result, see constants. |
| 221 * @param count The number of human readable usages returned. |
| 222 * @param usages The array of human readable usages. |
| 223 */ |
| 224 void getUsagesArray(in boolean ignoreOcsp, |
| 225 out PRUint32 verified, |
| 226 out PRUint32 count, |
| 227 [array, size_is(count)] out wstring usages); |
| 228 |
| 229 /** |
| 230 * Obtain a single comma separated human readable string describing |
| 231 * the certificate's certified usages. |
| 232 * |
| 233 * @param ignoreOcsp Do not use OCSP even if it is currently activated. |
| 234 * @param verified The certificate verification result, see constants. |
| 235 * @param purposes The string listing the usages. |
| 236 */ |
| 237 void getUsagesString(in boolean ignoreOcsp, out PRUint32 verified, out AString
usages); |
| 238 |
| 239 /** |
| 240 * Verify the certificate for a particular usage. |
| 241 * |
| 242 * @return The certificate verification result, see constants. |
| 243 */ |
| 244 unsigned long verifyForUsage(in unsigned long usage); |
| 245 |
| 246 /** |
| 247 * This is the attribute which describes the ASN1 layout |
| 248 * of the certificate. This can be used when doing a |
| 249 * "pretty print" of the certificate's ASN1 structure. |
| 250 */ |
| 251 readonly attribute nsIASN1Object ASN1Structure; |
| 252 |
| 253 /** |
| 254 * Obtain a raw binary encoding of this certificate |
| 255 * in DER format. |
| 256 * |
| 257 * @param length The number of bytes in the binary encoding. |
| 258 * @param data The bytes representing the DER encoded certificate. |
| 259 */ |
| 260 void getRawDER(out unsigned long length, |
| 261 [retval, array, size_is(length)] out octet data); |
| 262 |
| 263 /** |
| 264 * Test whether two certificate instances represent the |
| 265 * same certificate. |
| 266 * |
| 267 * @return Whether the certificates are equal |
| 268 */ |
| 269 boolean equals(in nsIX509Cert other); |
| 270 }; |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 20346:
Version 1.8 of gecko-sdk. Downloaded from here:... (Closed)
Base URL: svn://chrome-svn/chrome/trunk/deps/third_party/