/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- * * The contents of this file are subject to the Mozilla Public * License Version 1.1 (the "License"); you may not use this file * except in compliance with the License. You may obtain a copy of * the License at http://www.mozilla.org/MPL/ * * Software distributed under the License is distributed on an "AS * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or * implied. See the License for the specific language governing * rights and limitations under the License. * * The Original Code is mozilla.org code. * * The Initial Developer of the Original Code is Netscape * Communications Corporation. Portions created by Netscape are * Copyright (C) 1998 Netscape Communications Corporation. All * Rights Reserved. * * Contributor(s): * Javier Delgadillo * * Alternatively, the contents of this file may be used under the * terms of the GNU General Public License Version 2 or later (the * "GPL"), in which case the provisions of the GPL are applicable * instead of those above. If you wish to allow use of your * version of this file only under the terms of the GPL and not to * allow others to use your version of this file under the MPL, * indicate your decision by deleting the provisions above and * replace them with the notice and other provisions required by * the GPL. If you do not delete the provisions above, a recipient * may use your version of this file under either the MPL or the * GPL. */ #include "nsISupports.idl" #include "nsISupportsArray.idl" [scriptable, uuid(e701dfd8-1dd1-11b2-a172-ffa6cc6156ad)] interface nsIX509CertValidity : nsISupports { readonly attribute PRTime notBefore; readonly attribute wstring notBeforeLocalTime; readonly attribute wstring notBeforeGMT; readonly attribute PRTime notAfter; readonly attribute wstring notAfterLocalTime; readonly attribute wstring notAfterGMT; }; // // Overview of how this ASN1 interface is intended to // work. // // First off, the nsIASN1Sequence is any type in ASN1 // that consists of sub-elements (ie SEQUENCE, SET) // nsIASN1Printable Items are all the other types that // can be viewed by themselves without interpreting further. // Examples would include INTEGER, UTF-8 STRING, OID. // These are not intended to directly reflect the numberous // types that exist in ASN1, but merely an interface to ease // producing a tree display the ASN1 structure of any DER // object. // [scriptable, uuid(ba8bf582-1dd1-11b2-898c-f40246bc9a63)] interface nsIASN1Object : nsISupports { const unsigned long ASN1_END_CONTENTS = 0; const unsigned long ASN1_BOOLEAN = 1; const unsigned long ASN1_INTEGER = 2; const unsigned long ASN1_BIT_STRING = 3; const unsigned long ASN1_OCTET_STRING = 4; const unsigned long ASN1_NULL = 5; const unsigned long ASN1_OBJECT_ID = 6; const unsigned long ASN1_ENUMERATED = 10; const unsigned long ASN1_UTF8_STRING = 12; const unsigned long ASN1_SEQUENCE = 16; const unsigned long ASN1_SET = 17; const unsigned long ASN1_PRINTABLE_STRING = 19; const unsigned long ASN1_T61_STRING = 20; const unsigned long ASN1_IA5_STRING = 22; const unsigned long ASN1_UTC_TIME = 23; const unsigned long ASN1_GEN_TIME = 24; const unsigned long ASN1_VISIBLE_STRING = 26; const unsigned long ASN1_UNIVERSAL_STRING = 28; const unsigned long ASN1_BMP_STRING = 30; const unsigned long ASN1_HIGH_TAG_NUMBER = 31; const unsigned long ASN1_CONTEXT_SPECIFIC = 32; const unsigned long ASN1_APPLICATION = 33; const unsigned long ASN1_PRIVATE = 34; // This will be either one of the const // values above. attribute unsigned long type; attribute unsigned long tag; attribute wstring displayName; attribute wstring displayValue; }; [scriptable, uuid(b6b957e6-1dd1-11b2-89d7-e30624f50b00)] interface nsIASN1Sequence : nsIASN1Object { attribute nsISupportsArray ASN1Objects; attribute boolean processObjects; attribute boolean showObjects; }; [scriptable, uuid(114e1142-1dd2-11b2-ac26-b6db19d9184a)] interface nsIASN1PrintableItem : nsIASN1Object { [noscript] void setData(in charPtr data, in unsigned long len); [noscript] void getData(out charPtr data, out unsigned long len); }; [scriptable, uuid(f0980f60-ee3d-11d4-998b-00b0d02354a0)] interface nsIX509Cert : nsISupports { /* * attributes for certs */ readonly attribute wstring nickname; readonly attribute wstring emailAddress; readonly attribute wstring commonName; readonly attribute wstring organization; readonly attribute wstring organizationalUnit; readonly attribute wstring subjectName; readonly attribute wstring issuerName; readonly attribute wstring serialNumber; readonly attribute wstring rsaPubModulus; readonly attribute wstring sha1Fingerprint; readonly attribute wstring md5Fingerprint; readonly attribute wstring issuedDate; readonly attribute wstring expiresDate; readonly attribute wstring tokenName; readonly attribute wstring issuerCommonName; readonly attribute wstring issuerOrganization; readonly attribute wstring issuerOrganizationUnit; readonly attribute nsIX509Cert issuer; readonly attribute nsIX509CertValidity validity; readonly attribute string dbKey; readonly attribute string windowTitle; readonly attribute boolean usesOCSP; /* * enums for certs */ const unsigned long UNKNOWN_CERT = 0; const unsigned long CA_CERT = 1 << 0; const unsigned long USER_CERT = 1 << 1; const unsigned long EMAIL_CERT = 1 << 2; const unsigned long SERVER_CERT = 1 << 3; // errors in verifying certs const unsigned long VERIFIED_OK = 0; const unsigned long NOT_VERIFIED_UNKNOWN = 1 << 0; const unsigned long CERT_REVOKED = 1 << 1; const unsigned long CERT_EXPIRED = 1 << 2; const unsigned long CERT_NOT_TRUSTED = 1 << 3; const unsigned long ISSUER_NOT_TRUSTED = 1 << 4; const unsigned long ISSUER_UNKNOWN = 1 << 5; const unsigned long INVALID_CA = 1 << 6; const unsigned long USAGE_NOT_ALLOWED = 1 << 7; /* * accessors for certs */ nsISupportsArray getChain(); void getUsages(out PRUint32 verified, out PRUint32 count, [array, size_is(count)] out wstring usages); void getPurposes(out PRUint32 verified, out wstring purposes); const unsigned long CERT_USAGE_SSLClient = 0; const unsigned long CERT_USAGE_SSLServer = 1; const unsigned long CERT_USAGE_SSLServerWithStepUp = 2; const unsigned long CERT_USAGE_SSLCA = 3; const unsigned long CERT_USAGE_EmailSigner = 4; const unsigned long CERT_USAGE_EmailRecipient = 5; const unsigned long CERT_USAGE_ObjectSigner = 6; const unsigned long CERT_USAGE_UserCertImport = 7; const unsigned long CERT_USAGE_VerifyCA = 8; const unsigned long CERT_USAGE_ProtectedObjectSigner = 9; const unsigned long CERT_USAGE_StatusResponder = 10; const unsigned long CERT_USAGE_AnyCA = 11; void verifyForUsage(in PRUint32 usage, out PRUint32 verificationResult); /* * This method is here to make it easier to view a cert. * It will get the implemention of the nsICertificateDialogs * interface and call the viewCert method passing itself * as a parameter. */ void view(); /* * This is the attribute which describes the ASN1 layout * of the certificate. This can be used when doing a * "pretty print" of the certificate's ASN1 structure. */ readonly attribute nsIASN1Object ASN1Structure; [noscript] unsigned long getRawDER(out charPtr result); PRBool isSameCert(in nsIX509Cert other); }; %{C++ #define NS_X509CERT_CID { 0xf0980f60, 0xee3d, 0x11d4, \ { 0x99, 0x8b, 0x00, 0xb0, 0xd0, 0x23, 0x54, 0xa0 } } #define NS_X509CERT_CONTRACTID "@mozilla.org/security/x509cert;1" %}