nsIX509Cert.idl (5207B)
1 /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- 2 * 3 * This Source Code Form is subject to the terms of the Mozilla Public 4 * License, v. 2.0. If a copy of the MPL was not distributed with this 5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ 6 7 #include "nsISupports.idl" 8 9 interface nsIArray; 10 interface nsIX509CertValidity; 11 interface nsICertVerificationListener; 12 13 %{ C++ 14 namespace IPC { 15 class MessageReader; 16 class MessageWriter; 17 } 18 19 /* forward declaration */ 20 typedef struct CERTCertificateStr CERTCertificate; 21 %} 22 23 [ptr] native CERTCertificatePtr(CERTCertificate); 24 [ptr] native IpcMessageReaderPtr(IPC::MessageReader); 25 [ptr] native IpcMessageWriterPtr(IPC::MessageWriter); 26 27 /** 28 * This represents a X.509 certificate. 29 * 30 * NOTE: Service workers persist x.509 certs in object form on disk. If you 31 * change this uuid you probably need a hack in nsBinaryInputStream to 32 * read the old uuid. If you change the format of the object 33 * serialization then more complex changes will be needed. 34 */ 35 [scriptable, builtinclass, uuid(bdc3979a-5422-4cd5-8589-696b6e96ea83)] 36 interface nsIX509Cert : nsISupports { 37 38 /** 39 * The primary email address of the certificate, if present. 40 */ 41 readonly attribute AString emailAddress; 42 43 /** 44 * Obtain a list of all email addresses 45 * contained in the certificate. 46 * 47 * @return An array of email addresses. 48 */ 49 [must_use] 50 Array<AString> getEmailAddresses(); 51 52 /** 53 * Check whether a given address is contained in the certificate. 54 * The comparison will convert the email address to lowercase. 55 * The behaviour for non ASCII characters is undefined. 56 * 57 * @param aEmailAddress The address to search for. 58 * 59 * @return True if the address is contained in the certificate. 60 */ 61 [must_use] 62 boolean containsEmailAddress(in AString aEmailAddress); 63 64 /** 65 * The subject owning the certificate. 66 */ 67 readonly attribute AString subjectName; 68 69 /** 70 * The subject's common name. 71 */ 72 readonly attribute AString commonName; 73 74 /** 75 * The subject's organization. 76 */ 77 readonly attribute AString organization; 78 79 /** 80 * The subject's organizational unit. 81 */ 82 [must_use] 83 readonly attribute AString organizationalUnit; 84 85 /** 86 * The fingerprint of the certificate's DER encoding, 87 * calculated using the SHA-256 algorithm. 88 */ 89 readonly attribute AString sha256Fingerprint; 90 91 /** 92 * The fingerprint of the certificate's DER encoding, 93 * calculated using the SHA1 algorithm. 94 */ 95 [must_use] 96 readonly attribute AString sha1Fingerprint; 97 98 /** 99 * A human readable name identifying the hardware or 100 * software token the certificate is stored on. 101 */ 102 readonly attribute AString tokenName; 103 104 /** 105 * The subject identifying the issuer certificate. 106 */ 107 readonly attribute AString issuerName; 108 109 /** 110 * The serial number the issuer assigned to this certificate. 111 */ 112 [must_use] 113 readonly attribute AString serialNumber; 114 115 /** 116 * The issuer subject's common name. 117 */ 118 [must_use] 119 readonly attribute AString issuerCommonName; 120 121 /** 122 * The issuer subject's organization. 123 */ 124 readonly attribute AString issuerOrganization; 125 126 /** 127 * The issuer subject's organizational unit. 128 */ 129 [must_use] 130 readonly attribute AString issuerOrganizationUnit; 131 132 /** 133 * This certificate's validity period. 134 */ 135 readonly attribute nsIX509CertValidity validity; 136 137 /** 138 * A unique identifier of this certificate within the local storage. 139 */ 140 [must_use] 141 readonly attribute ACString dbKey; 142 143 /** 144 * A human readable identifier to label this certificate. 145 */ 146 [must_use] 147 readonly attribute AString displayName; 148 149 /** 150 * Constants to classify the type of a certificate. 151 */ 152 const unsigned long UNKNOWN_CERT = 0; 153 const unsigned long CA_CERT = 1 << 0; 154 const unsigned long USER_CERT = 1 << 1; 155 const unsigned long EMAIL_CERT = 1 << 2; 156 const unsigned long SERVER_CERT = 1 << 3; 157 const unsigned long ANY_CERT = 0xffff; 158 159 /** 160 * Type of this certificate 161 */ 162 readonly attribute unsigned long certType; 163 164 /** 165 * Obtain a raw binary encoding of this certificate 166 * in DER format. 167 * 168 * @return The bytes representing the DER encoded certificate. 169 */ 170 [must_use] 171 Array<octet> getRawDER(); 172 173 /** 174 * Obtain a base 64 string representation of this certificate 175 * in DER format. 176 * 177 * @return The DER encoded certificate as a string. 178 */ 179 [must_use] 180 ACString getBase64DERString(); 181 182 /** 183 * The bytes of the certificate's DER encoded subject public key info. 184 */ 185 [must_use] 186 readonly attribute Array<octet> subjectPublicKeyInfo; 187 188 /** 189 * The base64 encoding of the DER encoded public key info using the specified 190 * digest. 191 */ 192 [must_use] 193 readonly attribute ACString sha256SubjectPublicKeyInfoDigest; 194 195 /** 196 * Retrieves the NSS certificate object wrapped by this interface 197 */ 198 [notxpcom, noscript, must_use] 199 CERTCertificatePtr getCert(); 200 201 [notxpcom, noscript] 202 void SerializeToIPC(in IpcMessageWriterPtr aWriter); 203 204 [notxpcom, noscript] 205 boolean DeserializeFromIPC(in IpcMessageReaderPtr aReader); 206 };