security/manager/ssl/nsIX509Cert.idl

   1 /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
   2  *
   3  * This Source Code Form is subject to the terms of the Mozilla Public
   4  * License, v. 2.0. If a copy of the MPL was not distributed with this
   5  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
   6
   7 #include "nsISupports.idl"
   8
   9 interface nsIArray;
  10 interface nsIX509CertValidity;
  11 interface nsICertVerificationListener;
  12
  13 %{ C++
  14 namespace IPC {
  15 class MessageReader;
  16 class MessageWriter;
  17 }
  18
  19  /* forward declaration */
  20  typedef struct CERTCertificateStr CERTCertificate;
  21 %}
  22
  23 [ptr] native CERTCertificatePtr(CERTCertificate);
  24 [ptr] native IpcMessageReaderPtr(IPC::MessageReader);
  25 [ptr] native IpcMessageWriterPtr(IPC::MessageWriter);
  26
  27 /**
  28  * This represents a X.509 certificate.
  29  *
  30  * NOTE: Service workers persist x.509 certs in object form on disk.  If you
  31  *       change this uuid you probably need a hack in nsBinaryInputStream to
  32  *       read the old uuid.  If you change the format of the object
  33  *       serialization then more complex changes will be needed.
  34  */
  35 [scriptable, builtinclass, uuid(bdc3979a-5422-4cd5-8589-696b6e96ea83)]
  36 interface nsIX509Cert : nsISupports {
  37
  38   /**
  39    *  The primary email address of the certificate, if present.
  40    */
  41   readonly attribute AString emailAddress;
  42
  43   /**
  44    *  Obtain a list of all email addresses
  45    *  contained in the certificate.
  46    *
  47    *  @return An array of email addresses.
  48    */
  49   [must_use]
  50   Array<AString> getEmailAddresses();
  51
  52   /**
  53    *  Check whether a given address is contained in the certificate.
  54    *  The comparison will convert the email address to lowercase.
  55    *  The behaviour for non ASCII characters is undefined.
  56    *
  57    *  @param aEmailAddress The address to search for.
  58    *
  59    *  @return True if the address is contained in the certificate.
  60    */
  61   [must_use]
  62   boolean containsEmailAddress(in AString aEmailAddress);
  63
  64   /**
  65    *  The subject owning the certificate.
  66    */
  67   readonly attribute AString subjectName;
  68
  69   /**
  70    *  The subject's common name.
  71    */
  72   readonly attribute AString commonName;
  73
  74   /**
  75    *  The subject's organization.
  76    */
  77   readonly attribute AString organization;
  78
  79   /**
  80    *  The subject's organizational unit.
  81    */
  82   [must_use]
  83   readonly attribute AString organizationalUnit;
  84
  85   /**
  86    *  The fingerprint of the certificate's DER encoding,
  87    *  calculated using the SHA-256 algorithm.
  88    */
  89   readonly attribute AString sha256Fingerprint;
  90
  91   /**
  92    *  The fingerprint of the certificate's DER encoding,
  93    *  calculated using the SHA1 algorithm.
  94    */
  95   [must_use]
  96   readonly attribute AString sha1Fingerprint;
  97
  98   /**
  99    *  A human readable name identifying the hardware or
 100    *  software token the certificate is stored on.
 101    */
 102   readonly attribute AString tokenName;
 103
 104   /**
 105    *  The subject identifying the issuer certificate.
 106    */
 107   readonly attribute AString issuerName;
 108
 109   /**
 110    *  The serial number the issuer assigned to this certificate.
 111    */
 112   [must_use]
 113   readonly attribute AString serialNumber;
 114
 115   /**
 116    *  The issuer subject's common name.
 117    */
 118   [must_use]
 119   readonly attribute AString issuerCommonName;
 120
 121   /**
 122    *  The issuer subject's organization.
 123    */
 124   readonly attribute AString issuerOrganization;
 125
 126   /**
 127    *  The issuer subject's organizational unit.
 128    */
 129   [must_use]
 130   readonly attribute AString issuerOrganizationUnit;
 131
 132   /**
 133    *  This certificate's validity period.
 134    */
 135   readonly attribute nsIX509CertValidity validity;
 136
 137   /**
 138    *  A unique identifier of this certificate within the local storage.
 139    */
 140   [must_use]
 141   readonly attribute ACString dbKey;
 142
 143   /**
 144    *  A human readable identifier to label this certificate.
 145    */
 146   [must_use]
 147   readonly attribute AString displayName;
 148
 149   /**
 150    *  Constants to classify the type of a certificate.
 151    */
 152   const unsigned long UNKNOWN_CERT =      0;
 153   const unsigned long CA_CERT      = 1 << 0;
 154   const unsigned long USER_CERT    = 1 << 1;
 155   const unsigned long EMAIL_CERT   = 1 << 2;
 156   const unsigned long SERVER_CERT  = 1 << 3;
 157   const unsigned long ANY_CERT     = 0xffff;
 158
 159   /**
 160    * Type of this certificate
 161    */
 162   readonly attribute unsigned long certType;
 163
 164   /**
 165    *  Obtain a raw binary encoding of this certificate
 166    *  in DER format.
 167    *
 168    *  @return The bytes representing the DER encoded certificate.
 169    */
 170   [must_use]
 171   Array<octet> getRawDER();
 172
 173   /**
 174    *  Obtain a base 64 string representation of this certificate
 175    *  in DER format.
 176    *
 177    *  @return The DER encoded certificate as a string.
 178    */
 179   [must_use]
 180   ACString getBase64DERString();
 181
 182   /**
 183    * The base64 encoding of the DER encoded public key info using the specified
 184    * digest.
 185    */
 186   [must_use]
 187   readonly attribute ACString sha256SubjectPublicKeyInfoDigest;
 188
 189   /**
 190    * Retrieves the NSS certificate object wrapped by this interface
 191    */
 192   [notxpcom, noscript, must_use]
 193   CERTCertificatePtr getCert();
 194
 195   [notxpcom, noscript]
 196   void SerializeToIPC(in IpcMessageWriterPtr aWriter);
 197
 198   [notxpcom, noscript]
 199   boolean DeserializeFromIPC(in IpcMessageReaderPtr aReader);
 200 };