security/manager/ssl/nsINSSErrorsService.idl

   1 /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
   2  *
   3  * This Source Code Form is subject to the terms of the Mozilla Public
   4  * License, v. 2.0. If a copy of the MPL was not distributed with this
   5  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
   6
   7 #include "nsISupports.idl"
   8
   9 [scriptable, uuid(12f60021-e14b-4020-99d1-ed2c795be66a)]
  10 interface nsINSSErrorsService : nsISupports
  11 {
  12     /**
  13      *  @param aNSPRCode An error code obtained using PR_GetError()
  14      *  @return True if it is error code defined by the NSS library
  15      */
  16     [must_use]
  17     boolean isNSSErrorCode(in int32_t aNSPRCode);
  18
  19     /**
  20      *  Function will fail if aNSPRCode is not an NSS error code.
  21      *  @param aNSPRCode An error code obtained using PR_GetError()
  22      *  @return The result of the conversion, an XPCOM error code
  23      */
  24     [must_use]
  25     nsresult getXPCOMFromNSSError(in int32_t aNSPRCode);
  26
  27     /**
  28      *  Function will fail if aXPCOMErrorCode is not an NSS error code.
  29      *  @param aXPCOMErrorCode An error code obtained using getXPCOMFromNSSError
  30      *  return A localized human readable error explanation.
  31      */
  32     AString getErrorMessage(in nsresult aXPCOMErrorCode);
  33
  34     /**
  35      *  Function will fail if aXPCOMErrorCode is not an NSS error code.
  36      *  @param aXPCOMErrorCode An error code obtained using getXPCOMFromNSSError
  37      *  return the error class of the code, either ERROR_CLASS_BAD_CERT
  38      *         or ERROR_CLASS_SSL_PROTOCOL
  39      */
  40     [must_use]
  41     uint32_t getErrorClass(in nsresult aXPCOMErrorCode);
  42
  43     const unsigned long ERROR_CLASS_SSL_PROTOCOL = 1;
  44     const unsigned long ERROR_CLASS_BAD_CERT     = 2;
  45
  46     /**
  47      *  The following values define the range of NSPR error codes used by NSS.
  48      *  NSS remains the authorative source for these numbers, as a result,
  49      *  the values might change in the future.
  50      *  The security module will perform a runtime check and assertion
  51      *  to ensure the values are in synch with NSS.
  52      */
  53     const long NSS_SEC_ERROR_BASE  = -(0x2000);
  54     const long NSS_SEC_ERROR_LIMIT = (NSS_SEC_ERROR_BASE + 1000);
  55     const long NSS_SSL_ERROR_BASE  = -(0x3000);
  56     const long NSS_SSL_ERROR_LIMIT = (NSS_SSL_ERROR_BASE + 1000);
  57
  58     /**
  59      * The error codes within each module must fit in 16 bits. We want these
  60      * errors to fit in the same module as the NSS errors but not overlap with
  61      * any of them. Converting an NSS SEC, NSS SSL, or mozilla::pkix error to
  62      * an NS error involves negating the value of the error and then
  63      * synthesizing an error in the NS_ERROR_MODULE_SECURITY module. Hence,
  64      * mozilla::pkix errors will start at a negative value that both doesn't
  65      * overlap with the current value ranges for NSS errors and that will fit
  66      * in 16 bits when negated.
  67      *
  68      * Keep these in sync with pkixnss.h.
  69      */
  70     const long MOZILLA_PKIX_ERROR_BASE  = -(0x4000);
  71     const long MOZILLA_PKIX_ERROR_LIMIT = (MOZILLA_PKIX_ERROR_BASE + 1000);
  72 };