security/manager/ssl/nsIX509CertDB.idl

   1 /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
   2  *
   3  * This Source Code Form is subject to the terms of the Mozilla Public
   4  * License, v. 2.0. If a copy of the MPL was not distributed with this
   5  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
   6
   7 #include "nsISupports.idl"
   8
   9 interface nsIArray;
  10 interface nsIX509Cert;
  11 interface nsIFile;
  12 interface nsIInterfaceRequestor;
  13 interface nsIZipReader;
  14 interface nsIInputStream;
  15
  16 %{C++
  17 #define NS_X509CERTDB_CONTRACTID "@mozilla.org/security/x509certdb;1"
  18 %}
  19
  20 typedef uint32_t AppTrustedRoot;
  21
  22 [scriptable, builtinclass, uuid(e5795418-86e0-4c0b-9b98-ac7eee0c2af7)]
  23 interface nsIAppSignatureInfo : nsISupports {
  24   // Supported signature algorithms.
  25   cenum SignatureAlgorithm : 32 {
  26     PKCS7_WITH_SHA1,
  27     PKCS7_WITH_SHA256,
  28     COSE_WITH_SHA256,
  29   };
  30
  31   // The certificate that created the signature.
  32   readonly attribute nsIX509Cert signerCert;
  33   readonly attribute nsIAppSignatureInfo_SignatureAlgorithm signatureAlgorithm;
  34 };
  35
  36 [scriptable, function, uuid(fc2b60e5-9a07-47c2-a2cd-b83b68a660ac)]
  37 interface nsIOpenSignedAppFileCallback : nsISupports
  38 {
  39   void openSignedAppFileFinished(in nsresult rv,
  40                                  in nsIZipReader aZipReader,
  41                                  in Array<nsIAppSignatureInfo> aSignatureInfos);
  42 };
  43
  44 [scriptable, function, uuid(07c08655-8b11-4650-b6c4-0c145595ceb5)]
  45 interface nsIAsyncBoolCallback : nsISupports
  46 {
  47     void onResult(in boolean result);
  48 };
  49
  50 /**
  51  * Callback type for use with asyncVerifyCertAtTime.
  52  * If aPRErrorCode is PRErrorCodeSuccess (i.e. 0), aVerifiedChain represents the
  53  * verified certificate chain determined by asyncVerifyCertAtTime. aHasEVPolicy
  54  * represents whether or not the end-entity certificate verified as EV.
  55  * If aPRErrorCode is non-zero, it represents the error encountered during
  56  * verification. aVerifiedChain is null in that case and aHasEVPolicy has no
  57  * meaning.
  58  */
  59 [scriptable, function, uuid(49e16fc8-efac-4f57-8361-956ef6b960a4)]
  60 interface nsICertVerificationCallback : nsISupports {
  61   void verifyCertFinished(in int32_t aPRErrorCode,
  62                           in Array<nsIX509Cert> aVerifiedChain,
  63                           in boolean aHasEVPolicy);
  64 };
  65
  66 /**
  67  * This represents a service to access and manipulate
  68  * X.509 certificates stored in a database.
  69  */
  70 [scriptable, uuid(5c16cd9b-5a73-47f1-ab0f-11ede7495cce)]
  71 interface nsIX509CertDB : nsISupports {
  72
  73   /**
  74    *  Constants that define which usages a certificate
  75    *  is trusted for.
  76    */
  77   const unsigned long UNTRUSTED       =      0;
  78   const unsigned long TRUSTED_SSL     = 1 << 0;
  79   const unsigned long TRUSTED_EMAIL   = 1 << 1;
  80
  81   /**
  82    *  Will find a certificate based on its dbkey
  83    *  retrieved by getting the dbKey attribute of
  84    *  the certificate.
  85    *
  86    *  @param aDBkey Database internal key, as obtained using
  87    *                attribute dbkey in nsIX509Cert.
  88    */
  89   [must_use]
  90   nsIX509Cert findCertByDBKey(in ACString aDBkey);
  91
  92   /**
  93    *  Use this to import a stream sent down as a mime type into
  94    *  the certificate database on the default token.
  95    *  The stream may consist of one or more certificates.
  96    *
  97    *  @param data The raw data to be imported
  98    *  @param length The length of the data to be imported
  99    *  @param type The type of the certificate, see constants in nsIX509Cert
 100    *  @param ctx A UI context.
 101    */
 102   void importCertificates([array, size_is(length)] in octet data,
 103                           in unsigned long length,
 104                           in unsigned long type,
 105                           in nsIInterfaceRequestor ctx);
 106
 107   /**
 108    *  Import another person's email certificate into the database.
 109    *
 110    *  @param data The raw data to be imported
 111    *  @param length The length of the data to be imported
 112    *  @param ctx A UI context.
 113    */
 114   void importEmailCertificate([array, size_is(length)] in octet data,
 115                               in unsigned long length,
 116                               in nsIInterfaceRequestor ctx);
 117
 118   /**
 119    *  Import a personal certificate into the database, assuming
 120    *  the database already contains the private key for this certificate.
 121    *
 122    *  @param data The raw data to be imported
 123    *  @param length The length of the data to be imported
 124    *  @param ctx A UI context.
 125    */
 126   void importUserCertificate([array, size_is(length)] in octet data,
 127                              in unsigned long length,
 128                              in nsIInterfaceRequestor ctx);
 129
 130   /**
 131    *  Delete a certificate stored in the database.
 132    *
 133    *  @param aCert Delete this certificate.
 134    */
 135   void deleteCertificate(in nsIX509Cert aCert);
 136
 137   /**
 138    *  Modify the trust that is stored and associated to a certificate within
 139    *  a database. Separate trust is stored for
 140    *  One call manipulates the trust for one trust type only.
 141    *  See the trust type constants defined within this interface.
 142    *
 143    *  @param cert Change the stored trust of this certificate.
 144    *  @param type The type of the certificate. See nsIX509Cert.
 145    *  @param trust A bitmask. The new trust for the possible usages.
 146    *               See the trust constants defined within this interface.
 147    */
 148   [must_use]
 149   void setCertTrust(in nsIX509Cert cert,
 150                     in unsigned long type,
 151                     in unsigned long trust);
 152
 153   /**
 154    * @param cert        The certificate for which to modify trust.
 155    * @param trustString decoded by CERT_DecodeTrustString. 3 comma separated
 156    *                    characters, indicating SSL, Email, and Object signing
 157    *                    trust. The object signing trust flags are effectively
 158    *                    ignored by gecko, but they still must be specified (at
 159    *                    least by a final trailing comma) because this argument
 160    *                    is passed to CERT_DecodeTrustString.
 161    */
 162   [must_use]
 163   void setCertTrustFromString(in nsIX509Cert cert, in ACString trustString);
 164
 165   /**
 166    *  Query whether a certificate is trusted for a particular use.
 167    *
 168    *  @param cert Obtain the stored trust of this certificate.
 169    *  @param certType The type of the certificate. See nsIX509Cert.
 170    *  @param trustType A single bit from the usages constants defined
 171    *                   within this interface.
 172    *
 173    *  @return Returns true if the certificate is trusted for the given use.
 174    */
 175   [must_use]
 176   boolean isCertTrusted(in nsIX509Cert cert,
 177                         in unsigned long certType,
 178                         in unsigned long trustType);
 179
 180   /**
 181    *  Import certificate(s) from file
 182    *
 183    *  @param aFile Identifies a file that contains the certificate
 184    *               to be imported.
 185    *  @param aType Describes the type of certificate that is going to
 186    *               be imported. See type constants in nsIX509Cert.
 187    */
 188   [must_use]
 189   void importCertsFromFile(in nsIFile aFile,
 190                            in unsigned long aType);
 191
 192   const uint32_t Success = 0;
 193   const uint32_t ERROR_UNKNOWN = 1;
 194   const uint32_t ERROR_PKCS12_NOSMARTCARD_EXPORT = 2;
 195   const uint32_t ERROR_PKCS12_RESTORE_FAILED = 3;
 196   const uint32_t ERROR_PKCS12_BACKUP_FAILED = 4;
 197   const uint32_t ERROR_PKCS12_CERT_COLLISION = 5;
 198   const uint32_t ERROR_BAD_PASSWORD = 6;
 199   const uint32_t ERROR_DECODE_ERROR = 7;
 200   const uint32_t ERROR_PKCS12_DUPLICATE_DATA = 8;
 201
 202   /**
 203    *  Import a PKCS#12 file containing cert(s) and key(s) into the database.
 204    *
 205    *  @param aFile Identifies a file that contains the data to be imported.
 206    *  @param password The password used to protect the file.
 207    *  @return Success or the specific error code on failure.  The return
 208    *          values are defined in this file.
 209    */
 210   [must_use]
 211   uint32_t importPKCS12File(in nsIFile aFile, in AString aPassword);
 212
 213   /**
 214    *  Export a set of certs and keys from the database to a PKCS#12 file.
 215    *
 216    *  @param aFile Identifies a file that will be filled with the data to be
 217    *               exported.
 218    *  @param count The number of certificates to be exported.
 219    *  @param aCerts The array of all certificates to be exported.
 220    *  @param password The password used to protect the file.
 221    *  @return Success or the specific error code on failure
 222    */
 223   [must_use]
 224   uint32_t exportPKCS12File(in nsIFile aFile,
 225                             in Array<nsIX509Cert> aCerts,
 226                             in AString aPassword);
 227
 228   /*
 229    *  Decode a raw data presentation and instantiate an object in memory.
 230    *
 231    *  @param base64 The raw representation of a certificate,
 232    *                encoded as Base 64.
 233    *  @return The new certificate object.
 234    */
 235   [must_use]
 236   nsIX509Cert constructX509FromBase64(in ACString base64);
 237
 238   /*
 239    *  Decode a raw data presentation and instantiate an object in memory.
 240    *
 241    *  @param certDER The raw representation of a certificate,
 242    *                 encoded as raw DER.
 243    *  @return The new certificate object.
 244    */
 245   [must_use]
 246   nsIX509Cert constructX509(in Array<uint8_t> certDER);
 247
 248   /**
 249    *  Verifies the signature on the given JAR file to verify that it has a
 250    *  valid signature.  To be considered valid, there must be exactly one
 251    *  signature on the JAR file and that signature must have signed every
 252    *  entry. Further, the signature must come from a certificate that
 253    *  is trusted for code signing.
 254    *
 255    *  On success, NS_OK, a nsIZipReader, and the trusted certificate that
 256    *  signed the JAR are returned.
 257    *
 258    *  On failure, an error code is returned.
 259    *
 260    *  This method returns a nsIZipReader, instead of taking an nsIZipReader
 261    *  as input, to encourage users of the API to verify the signature as the
 262    *  first step in opening the JAR.
 263    */
 264   // 1 used to be AppMarketplaceProdPublicRoot.
 265   // 2 used to be AppMarketplaceProdReviewersRoot.
 266   // 3 used to be AppMarketplaceDevPublicRoot.
 267   // 4 used to be AppMarketplaceDevReviewersRoot.
 268   // 5 used to be AppMarketplaceStageRoot.
 269   const AppTrustedRoot AppXPCShellRoot = 6;
 270   const AppTrustedRoot AddonsPublicRoot = 7;
 271   const AppTrustedRoot AddonsStageRoot = 8;
 272   [must_use]
 273   void openSignedAppFileAsync(in AppTrustedRoot trustedRoot,
 274                               in nsIFile aJarFile,
 275                               in nsIOpenSignedAppFileCallback callback);
 276
 277   /*
 278    * Add a cert to a cert DB from a binary string.
 279    *
 280    * @param certDER The raw DER encoding of a certificate.
 281    * @param trust String describing the trust settings to assign the
 282    *              certificate. Decoded by CERT_DecodeTrustString. Consists of 3
 283    *              comma separated sets of characters, indicating SSL, Email, and
 284    *              Object signing trust. The object signing trust flags are
 285    *              effectively ignored by gecko, but they still must be specified
 286    *              (at least by a final trailing comma) because this argument is
 287    *              passed to CERT_DecodeTrustString.
 288    * @return nsIX509Cert the resulting certificate
 289    */
 290   [must_use]
 291   nsIX509Cert addCert(in ACString certDER, in ACString trust);
 292
 293   // Flags for asyncVerifyCertAtTime (these must match the values in
 294   // CertVerifier.cpp):
 295   // Prevent network traffic.
 296   const uint32_t FLAG_LOCAL_ONLY = 1 << 0;
 297   // Do not fall back to DV verification after attempting EV validation.
 298   const uint32_t FLAG_MUST_BE_EV = 1 << 1;
 299
 300   /*
 301    * Asynchronously verify a certificate given a set of parameters. Calls the
 302    * `verifyCertFinished` function on the provided `nsICertVerificationCallback`
 303    * with the results of the verification operation.
 304    * See the documentation for  nsICertVerificationCallback.
 305    *
 306    * @param aCert the certificate to verify
 307    * @param aUsage an integer representing the usage to verify for (see
 308    *               SECCertificateUsage in certt.h from NSS)
 309    * @param aFlags flags as described above
 310    * @param aHostname the (optional) hostname to verify for
 311    * @param aTime the time at which to verify, in seconds since the epoch
 312    * @param aCallback the nsICertVerificationCallback that will receive the
 313                       results of this verification
 314    * @return a succeeding nsresult if the job was dispatched successfully
 315    */
 316   [must_use]
 317   void asyncVerifyCertAtTime(in nsIX509Cert aCert,
 318                              in int64_t /*SECCertificateUsage*/ aUsage,
 319                              in uint32_t aFlags,
 320                              in ACString aHostname,
 321                              in uint64_t aTime,
 322                              in nsICertVerificationCallback aCallback);
 323
 324   // Clears the OCSP cache for the current certificate verification
 325   // implementation.
 326   [must_use]
 327   void clearOCSPCache();
 328
 329   /*
 330    * Add a cert to a cert DB from a base64 encoded string.
 331    *
 332    * @param base64 The raw representation of a certificate, encoded as Base 64.
 333    * @param trust String describing the trust settings to assign the
 334    *              certificate. Decoded by CERT_DecodeTrustString. Consists of 3
 335    *              comma separated sets of characters, indicating SSL, Email, and
 336    *              Object signing trust. The object signing trust flags are
 337    *              effectively ignored by gecko, but they still must be specified
 338    *              (at least by a final trailing comma) because this argument is
 339    *              passed to CERT_DecodeTrustString.
 340    * @return nsIX509Cert the resulting certificate
 341    */
 342   [must_use]
 343   nsIX509Cert addCertFromBase64(in ACString base64, in ACString trust);
 344
 345   /*
 346    * Get all the known certs in the database
 347    */
 348   [must_use]
 349   Array<nsIX509Cert> getCerts();
 350
 351   /**
 352    * Encode the list of certificates as a PKCS#7 SignedData structure. No data
 353    * is actually signed - this is merely a way of exporting a collection of
 354    * certificates.
 355    */
 356   [must_use]
 357   ACString asPKCS7Blob(in Array<nsIX509Cert> certList);
 358
 359   /**
 360    * Iterates through all the certs and returns false if any of the trusted
 361    * CA certs are not built-in roots; and true otherwise.
 362    */
 363   [must_use]
 364   void asyncHasThirdPartyRoots(in nsIAsyncBoolCallback callback);
 365
 366   unsigned long countTrustObjects();
 367 };