mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
gecko-dev/security/manager/ssl/nsIX509Cert.idl

234 строки
6.1 KiB
Plaintext
Исходник Ответственный История

/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#include "nsISupports.idl"
interface nsIArray;
interface nsIX509CertValidity;
interface nsIASN1Object;
interface nsICertVerificationListener;
%{ C++
/* forward declaration */
typedef struct CERTCertificateStr CERTCertificate;
%}
[ptr] native CERTCertificatePtr(CERTCertificate);
/**
* This represents a X.509 certificate.
*
* NOTE: Service workers persist x.509 certs in object form on disk. If you
* change this uuid you probably need a hack in nsBinaryInputStream to
* read the old uuid. If you change the format of the object
* serialization then more complex changes will be needed.
*/
[scriptable, uuid(bdc3979a-5422-4cd5-8589-696b6e96ea83)]
interface nsIX509Cert : nsISupports {
/**
* The primary email address of the certificate, if present.
*/
readonly attribute AString emailAddress;
/**
* Did this certificate ship with the platform as a built-in root?
*/
[must_use]
readonly attribute bool isBuiltInRoot;
/**
* Obtain a list of all email addresses
* contained in the certificate.
*
* @param length The number of strings in the returned array.
* @return An array of email addresses.
*/
[must_use]
void getEmailAddresses(out unsigned long length,
[retval, array, size_is(length)] out wstring addresses);
/**
* Check whether a given address is contained in the certificate.
* The comparison will convert the email address to lowercase.
* The behaviour for non ASCII characters is undefined.
*
* @param aEmailAddress The address to search for.
*
* @return True if the address is contained in the certificate.
*/
[must_use]
boolean containsEmailAddress(in AString aEmailAddress);
/**
* The subject owning the certificate.
*/
readonly attribute AString subjectName;
/**
* The subject alternative names of the certificate.
* It's a comma separated string of subject alt names.
*/
readonly attribute AString subjectAltNames;
/**
* The subject's common name.
*/
readonly attribute AString commonName;
/**
* The subject's organization.
*/
readonly attribute AString organization;
/**
* The subject's organizational unit.
*/
[must_use]
readonly attribute AString organizationalUnit;
/**
* The fingerprint of the certificate's DER encoding,
* calculated using the SHA-256 algorithm.
*/
readonly attribute AString sha256Fingerprint;
/**
* The fingerprint of the certificate's DER encoding,
* calculated using the SHA1 algorithm.
*/
[must_use]
readonly attribute AString sha1Fingerprint;
/**
* A human readable name identifying the hardware or
* software token the certificate is stored on.
*/
readonly attribute AString tokenName;
/**
* The subject identifying the issuer certificate.
*/
readonly attribute AString issuerName;
/**
* The serial number the issuer assigned to this certificate.
*/
[must_use]
readonly attribute AString serialNumber;
/**
* The issuer subject's common name.
*/
[must_use]
readonly attribute AString issuerCommonName;
/**
* The issuer subject's organization.
*/
readonly attribute AString issuerOrganization;
/**
* The issuer subject's organizational unit.
*/
[must_use]
readonly attribute AString issuerOrganizationUnit;
/**
* This certificate's validity period.
*/
readonly attribute nsIX509CertValidity validity;
/**
* A unique identifier of this certificate within the local storage.
*/
[must_use]
readonly attribute ACString dbKey;
/**
* A human readable identifier to label this certificate.
*/
[must_use]
readonly attribute AString displayName;
/**
* Constants to classify the type of a certificate.
*/
const unsigned long UNKNOWN_CERT = 0;
const unsigned long CA_CERT = 1 << 0;
const unsigned long USER_CERT = 1 << 1;
const unsigned long EMAIL_CERT = 1 << 2;
const unsigned long SERVER_CERT = 1 << 3;
const unsigned long ANY_CERT = 0xffff;
/**
* Type of this certificate
*/
readonly attribute unsigned long certType;
/**
* True if the certificate is self-signed. CA issued
* certificates are always self-signed.
*/
[must_use]
readonly attribute boolean isSelfSigned;
/**
* A comma separated list of localized strings representing the contents of
* the certificate's key usage extension, if present. The empty string if the
* certificate doesn't have the key usage extension, or has an empty extension.
*/
[must_use]
readonly attribute AString keyUsages;
/**
* This is the attribute which describes the ASN1 layout
* of the certificate. This can be used when doing a
* "pretty print" of the certificate's ASN1 structure.
*/
[must_use]
readonly attribute nsIASN1Object ASN1Structure;
/**
* Obtain a raw binary encoding of this certificate
* in DER format.
*
* @param length The number of bytes in the binary encoding.
* @param data The bytes representing the DER encoded certificate.
*/
[must_use]
void getRawDER(out unsigned long length,
[retval, array, size_is(length)] out octet data);
/**
* Test whether two certificate instances represent the
* same certificate.
*
* @return Whether the certificates are equal
*/
[must_use]
boolean equals(in nsIX509Cert other);
/**
* The base64 encoding of the DER encoded public key info using the specified
* digest.
*/
[must_use]
readonly attribute ACString sha256SubjectPublicKeyInfoDigest;
/**
* Retrieves the NSS certificate object wrapped by this interface
*/
[notxpcom, noscript, must_use]
CERTCertificatePtr getCert();
/**
* Either delete the certificate from all cert databases,
* or mark it as untrusted.
*/
[must_use]
void markForPermDeletion();
};
Ссылка в новой задаче Показать git blame Копировать постоянную ссылку