nsIContentSignatureVerifier.idl (2301B)
1 /* This Source Code Form is subject to the terms of the Mozilla Public 2 * License, v. 2.0. If a copy of the MPL was not distributed with this 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ 4 5 6 #include "nsISupports.idl" 7 #include "nsIX509CertDB.idl" 8 9 interface nsIContentSignatureReceiverCallback; 10 11 /** 12 * An interface for verifying content-signatures, inspired by 13 * https://tools.ietf.org/html/draft-thomson-http-content-signature-00 14 * described here https://github.com/franziskuskiefer/content-signature/tree/pki 15 */ 16 [scriptable, uuid(45a5fe2f-c350-4b86-962d-02d5aaaa955a)] 17 interface nsIContentSignatureVerifier : nsISupports 18 { 19 const AppTrustedRoot ContentSignatureProdRoot = 1; 20 const AppTrustedRoot ContentSignatureStageRoot = 2; 21 const AppTrustedRoot ContentSignatureDevRoot = 3; 22 const AppTrustedRoot ContentSignatureLocalRoot = 4; 23 24 /** 25 * Verifies that the data matches the data that was used to generate the 26 * signature. 27 * 28 * @param aData The data to be tested. 29 * @param aContentSignatureHeader The content-signature header, 30 * url-safe base64 encoded. 31 * @param aCertificateChain The certificate chain to use for verification. 32 * PEM encoded string. 33 * @param aHostname The hostname for which the end entity must 34 * be valid. 35 * @param aTrustedRoot The identifier corresponding to the 36 * expected root certificate of the 37 * certificate chain (note that the root need 38 * not actually be included in the chain). 39 * @returns Promise that resolves with the value true if the signature 40 * matches the data and aCertificateChain is valid within aContext, 41 * and false if not. Rejects if another error occurred. 42 */ 43 [implicit_jscontext, must_use] 44 Promise asyncVerifyContentSignature(in ACString aData, 45 in ACString aContentSignatureHeader, 46 in ACString aCertificateChain, 47 in ACString aHostname, 48 in AppTrustedRoot aTrustedRoot); 49 };