Struct xpcom::interfaces::nsIX509CertDB
[−]
[src]
#[repr(C)]pub struct nsIX509CertDB { /* fields omitted */ }
interface nsIX509CertDB : nsISupports
/**
* This represents a service to access and manipulate
* X.509 certificates stored in a database.
*/
Methods
impl nsIX509CertDB
[src]
pub fn coerce<T: nsIX509CertDBCoerce>(&self) -> &T
[src]
Cast this nsIX509CertDB
to one of its base interfaces.
impl nsIX509CertDB
[src]
pub const UNTRUSTED: i64
UNTRUSTED: i64 = 0
/**
* Constants that define which usages a certificate
* is trusted for.
*/
pub const TRUSTED_SSL: i64
TRUSTED_SSL: i64 = 1
pub const TRUSTED_EMAIL: i64
TRUSTED_EMAIL: i64 = 2
pub const AppXPCShellRoot: i64
AppXPCShellRoot: i64 = 6
/**
* Verifies the signature on the given JAR file to verify that it has a
* valid signature. To be considered valid, there must be exactly one
* signature on the JAR file and that signature must have signed every
* entry. Further, the signature must come from a certificate that
* is trusted for code signing.
*
* On success, NS_OK, a nsIZipReader, and the trusted certificate that
* signed the JAR are returned.
*
* On failure, an error code is returned.
*
* This method returns a nsIZipReader, instead of taking an nsIZipReader
* as input, to encourage users of the API to verify the signature as the
* first step in opening the JAR.
*/
pub const AddonsPublicRoot: i64
AddonsPublicRoot: i64 = 7
pub const AddonsStageRoot: i64
AddonsStageRoot: i64 = 8
pub const PrivilegedPackageRoot: i64
PrivilegedPackageRoot: i64 = 9
pub const DeveloperImportedRoot: i64
DeveloperImportedRoot: i64 = 10
pub const FLAG_LOCAL_ONLY: i64
FLAG_LOCAL_ONLY: i64 = 1
pub const FLAG_MUST_BE_EV: i64
FLAG_MUST_BE_EV: i64 = 2
pub unsafe fn FindCertByDBKey(
&self,
aDBkey: &nsACString,
_retval: *mut *const nsIX509Cert
) -> nsresult
[src]
&self,
aDBkey: &nsACString,
_retval: *mut *const nsIX509Cert
) -> nsresult
/**
* Will find a certificate based on its dbkey
* retrieved by getting the dbKey attribute of
* the certificate.
*
* @param aDBkey Database internal key, as obtained using
* attribute dbkey in nsIX509Cert.
*/
[must_use] nsIX509Cert findCertByDBKey (in ACString aDBkey);
pub unsafe fn FindCertByEmailAddress(
&self,
aEmailAddress: &nsACString,
_retval: *mut *const nsIX509Cert
) -> nsresult
[src]
&self,
aEmailAddress: &nsACString,
_retval: *mut *const nsIX509Cert
) -> nsresult
/**
* Find a certificate by email address.
*
* @param aEmailAddress The email address to be used as the key
* to find the certificate.
*
* @return The matching certificate if found.
*/
[must_use] nsIX509Cert findCertByEmailAddress (in ACString aEmailAddress);
pub unsafe fn ImportCertificates(
&self,
data: *mut uint8_t,
length: uint32_t,
type_: uint32_t,
ctx: *const nsIInterfaceRequestor
) -> nsresult
[src]
&self,
data: *mut uint8_t,
length: uint32_t,
type_: uint32_t,
ctx: *const nsIInterfaceRequestor
) -> nsresult
/**
* Use this to import a stream sent down as a mime type into
* the certificate database on the default token.
* The stream may consist of one or more certificates.
*
* @param data The raw data to be imported
* @param length The length of the data to be imported
* @param type The type of the certificate, see constants in nsIX509Cert
* @param ctx A UI context.
*/
void importCertificates ([array, size_is (length)] in octet data, in unsigned long length, in unsigned long type, in nsIInterfaceRequestor ctx);
pub unsafe fn ImportEmailCertificate(
&self,
data: *mut uint8_t,
length: uint32_t,
ctx: *const nsIInterfaceRequestor
) -> nsresult
[src]
&self,
data: *mut uint8_t,
length: uint32_t,
ctx: *const nsIInterfaceRequestor
) -> nsresult
/**
* Import another person's email certificate into the database.
*
* @param data The raw data to be imported
* @param length The length of the data to be imported
* @param ctx A UI context.
*/
void importEmailCertificate ([array, size_is (length)] in octet data, in unsigned long length, in nsIInterfaceRequestor ctx);
pub unsafe fn ImportUserCertificate(
&self,
data: *mut uint8_t,
length: uint32_t,
ctx: *const nsIInterfaceRequestor
) -> nsresult
[src]
&self,
data: *mut uint8_t,
length: uint32_t,
ctx: *const nsIInterfaceRequestor
) -> nsresult
/**
* Import a personal certificate into the database, assuming
* the database already contains the private key for this certificate.
*
* @param data The raw data to be imported
* @param length The length of the data to be imported
* @param ctx A UI context.
*/
void importUserCertificate ([array, size_is (length)] in octet data, in unsigned long length, in nsIInterfaceRequestor ctx);
pub unsafe fn DeleteCertificate(&self, aCert: *const nsIX509Cert) -> nsresult
[src]
/**
* Delete a certificate stored in the database.
*
* @param aCert Delete this certificate.
*/
void deleteCertificate (in nsIX509Cert aCert);
pub unsafe fn SetCertTrust(
&self,
cert: *const nsIX509Cert,
type_: uint32_t,
trust: uint32_t
) -> nsresult
[src]
&self,
cert: *const nsIX509Cert,
type_: uint32_t,
trust: uint32_t
) -> nsresult
/**
* Modify the trust that is stored and associated to a certificate within
* a database. Separate trust is stored for
* One call manipulates the trust for one trust type only.
* See the trust type constants defined within this interface.
*
* @param cert Change the stored trust of this certificate.
* @param type The type of the certificate. See nsIX509Cert.
* @param trust A bitmask. The new trust for the possible usages.
* See the trust constants defined within this interface.
*/
[must_use] void setCertTrust (in nsIX509Cert cert, in unsigned long type, in unsigned long trust);
pub unsafe fn SetCertTrustFromString(
&self,
cert: *const nsIX509Cert,
trustString: &nsACString
) -> nsresult
[src]
&self,
cert: *const nsIX509Cert,
trustString: &nsACString
) -> nsresult
/**
* @param cert The certificate for which to modify trust.
* @param trustString decoded by CERT_DecodeTrustString. 3 comma separated
* characters, indicating SSL, Email, and Object signing
* trust. The object signing trust flags are effectively
* ignored by gecko, but they still must be specified (at
* least by a final trailing comma) because this argument
* is passed to CERT_DecodeTrustString.
*/
[must_use] void setCertTrustFromString (in nsIX509Cert cert, in ACString trustString);
pub unsafe fn IsCertTrusted(
&self,
cert: *const nsIX509Cert,
certType: uint32_t,
trustType: uint32_t,
_retval: *mut bool
) -> nsresult
[src]
&self,
cert: *const nsIX509Cert,
certType: uint32_t,
trustType: uint32_t,
_retval: *mut bool
) -> nsresult
/**
* Query whether a certificate is trusted for a particular use.
*
* @param cert Obtain the stored trust of this certificate.
* @param certType The type of the certificate. See nsIX509Cert.
* @param trustType A single bit from the usages constants defined
* within this interface.
*
* @return Returns true if the certificate is trusted for the given use.
*/
[must_use] boolean isCertTrusted (in nsIX509Cert cert, in unsigned long certType, in unsigned long trustType);
pub unsafe fn ImportCertsFromFile(
&self,
aFile: *const nsIFile,
aType: uint32_t
) -> nsresult
[src]
&self,
aFile: *const nsIFile,
aType: uint32_t
) -> nsresult
/**
* Import certificate(s) from file
*
* @param aFile Identifies a file that contains the certificate
* to be imported.
* @param aType Describes the type of certificate that is going to
* be imported. See type constants in nsIX509Cert.
*/
[must_use] void importCertsFromFile (in nsIFile aFile, in unsigned long aType);
pub unsafe fn ImportPKCS12File(&self, aFile: *const nsIFile) -> nsresult
[src]
/**
* Import a PKCS#12 file containing cert(s) and key(s) into the database.
*
* @param aFile Identifies a file that contains the data to be imported.
*/
[must_use] void importPKCS12File (in nsIFile aFile);
pub unsafe fn ExportPKCS12File(
&self,
aFile: *const nsIFile,
count: uint32_t,
aCerts: *mut *const nsIX509Cert
) -> nsresult
[src]
&self,
aFile: *const nsIFile,
count: uint32_t,
aCerts: *mut *const nsIX509Cert
) -> nsresult
/**
* Export a set of certs and keys from the database to a PKCS#12 file.
*
* @param aFile Identifies a file that will be filled with the data to be
* exported.
* @param count The number of certificates to be exported.
* @param aCerts The array of all certificates to be exported.
*/
[must_use] void exportPKCS12File (in nsIFile aFile, in unsigned long count, [array, size_is (count)] in nsIX509Cert aCerts);
pub unsafe fn ConstructX509FromBase64(
&self,
base64: &nsACString,
_retval: *mut *const nsIX509Cert
) -> nsresult
[src]
&self,
base64: &nsACString,
_retval: *mut *const nsIX509Cert
) -> nsresult
[must_use] nsIX509Cert constructX509FromBase64 (in ACString base64);
pub unsafe fn ConstructX509(
&self,
certDER: &nsACString,
_retval: *mut *const nsIX509Cert
) -> nsresult
[src]
&self,
certDER: &nsACString,
_retval: *mut *const nsIX509Cert
) -> nsresult
[must_use] nsIX509Cert constructX509 (in ACString certDER);
pub unsafe fn OpenSignedAppFileAsync(
&self,
trustedRoot: AppTrustedRoot,
aJarFile: *const nsIFile,
callback: *const nsIOpenSignedAppFileCallback
) -> nsresult
[src]
&self,
trustedRoot: AppTrustedRoot,
aJarFile: *const nsIFile,
callback: *const nsIOpenSignedAppFileCallback
) -> nsresult
[must_use] void openSignedAppFileAsync (in AppTrustedRoot trustedRoot, in nsIFile aJarFile, in nsIOpenSignedAppFileCallback callback);
pub unsafe fn VerifySignedDirectoryAsync(
&self,
trustedRoot: AppTrustedRoot,
aUnpackedDir: *const nsIFile,
callback: *const nsIVerifySignedDirectoryCallback
) -> nsresult
[src]
&self,
trustedRoot: AppTrustedRoot,
aUnpackedDir: *const nsIFile,
callback: *const nsIVerifySignedDirectoryCallback
) -> nsresult
/**
* Vestigial implementation of verifying signed unpacked add-ons. trustedRoot
* and aUnpackedDir are ignored. The callback is always called with
* NS_ERROR_SIGNED_JAR_NOT_SIGNED and a null signer cert.
*/
[must_use] void verifySignedDirectoryAsync (in AppTrustedRoot trustedRoot, in nsIFile aUnpackedDir, in nsIVerifySignedDirectoryCallback callback);
pub unsafe fn AddCert(
&self,
certDER: &nsACString,
trust: &nsACString,
_retval: *mut *const nsIX509Cert
) -> nsresult
[src]
&self,
certDER: &nsACString,
trust: &nsACString,
_retval: *mut *const nsIX509Cert
) -> nsresult
[must_use] nsIX509Cert addCert (in ACString certDER, in ACString trust);
pub unsafe fn VerifyCertAtTime(
&self,
aCert: *const nsIX509Cert,
aUsage: int64_t,
aFlags: uint32_t,
aHostname: &nsACString,
aTime: uint64_t,
aVerifiedChain: *mut *const nsIX509CertList,
aHasEVPolicy: *mut bool,
_retval: *mut int32_t
) -> nsresult
[src]
&self,
aCert: *const nsIX509Cert,
aUsage: int64_t,
aFlags: uint32_t,
aHostname: &nsACString,
aTime: uint64_t,
aVerifiedChain: *mut *const nsIX509CertList,
aHasEVPolicy: *mut bool,
_retval: *mut int32_t
) -> nsresult
/** Warning: This interface is inteded to use only for testing only as:
* 1. It can create IO on the main thread.
* 2. It is in constant change, so in/out can change at any release.
*
* Obtain the verification result for a cert given a particular usage.
* On success, the call returns 0, the chain built during verification,
* and whether the cert is good for EV usage.
* On failure, the call returns the PRErrorCode for the verification failure
*
* @param aCert Obtain the stored trust of this certificate
* @param aUsage a integer representing the usage from NSS
* @param aFlags flags as described above
* @param aHostname the (optional) hostname to verify for
* @param aTime the time at which to verify, in seconds since the epoch
* @param aVerifiedChain chain of verification up to the root if success
* @param aHasEVPolicy bool that signified that the cert was an EV cert
* @return 0 if success or the value or the error code for the verification
* failure
*/
[must_use] int32_t verifyCertAtTime (in nsIX509Cert aCert, in int64_t aUsage, in uint32_t aFlags, in ACString aHostname, in uint64_t aTime, out nsIX509CertList aVerifiedChain, out bool aHasEVPolicy);
pub unsafe fn VerifyCertNow(
&self,
aCert: *const nsIX509Cert,
aUsage: int64_t,
aFlags: uint32_t,
aHostname: &nsACString,
aVerifiedChain: *mut *const nsIX509CertList,
aHasEVPolicy: *mut bool,
_retval: *mut int32_t
) -> nsresult
[src]
&self,
aCert: *const nsIX509Cert,
aUsage: int64_t,
aFlags: uint32_t,
aHostname: &nsACString,
aVerifiedChain: *mut *const nsIX509CertList,
aHasEVPolicy: *mut bool,
_retval: *mut int32_t
) -> nsresult
[must_use] int32_t verifyCertNow (in nsIX509Cert aCert, in int64_t aUsage, in uint32_t aFlags, in ACString aHostname, out nsIX509CertList aVerifiedChain, out bool aHasEVPolicy);
pub unsafe fn AsyncVerifyCertAtTime(
&self,
aCert: *const nsIX509Cert,
aUsage: int64_t,
aFlags: uint32_t,
aHostname: &nsACString,
aTime: uint64_t,
aCallback: *const nsICertVerificationCallback
) -> nsresult
[src]
&self,
aCert: *const nsIX509Cert,
aUsage: int64_t,
aFlags: uint32_t,
aHostname: &nsACString,
aTime: uint64_t,
aCallback: *const nsICertVerificationCallback
) -> nsresult
/**
* Similar to the above, but asynchronous. As a result, use of this API is not
* limited to tests.
*/
[must_use] void asyncVerifyCertAtTime (in nsIX509Cert aCert, in int64_t aUsage, in uint32_t aFlags, in ACString aHostname, in uint64_t aTime, in nsICertVerificationCallback aCallback);
pub unsafe fn ClearOCSPCache(&self) -> nsresult
[src]
[must_use] void clearOCSPCache ();
pub unsafe fn AddCertFromBase64(
&self,
base64: &nsACString,
trust: &nsACString,
_retval: *mut *const nsIX509Cert
) -> nsresult
[src]
&self,
base64: &nsACString,
trust: &nsACString,
_retval: *mut *const nsIX509Cert
) -> nsresult
[must_use] nsIX509Cert addCertFromBase64 (in ACString base64, in ACString trust);
pub unsafe fn GetCerts(&self, _retval: *mut *const nsIX509CertList) -> nsresult
[src]
[must_use] nsIX509CertList getCerts ();
pub unsafe fn GetEnterpriseRoots(
&self,
_retval: *mut *const nsIX509CertList
) -> nsresult
[src]
&self,
_retval: *mut *const nsIX509CertList
) -> nsresult
[must_use] nsIX509CertList getEnterpriseRoots ();
Methods from Deref<Target = nsISupports>
pub fn coerce<T: nsISupportsCoerce>(&self) -> &T
[src]
Cast this nsISupports
to one of its base interfaces.
pub unsafe fn QueryInterface(
&self,
uuid: &nsIID,
result: *mut *mut c_void
) -> nsresult
[src]
&self,
uuid: &nsIID,
result: *mut *mut c_void
) -> nsresult
void QueryInterface (in nsIIDRef uuid, [iid_is (uuid), retval] out nsQIResult result);
pub unsafe fn AddRef(&self) -> nsrefcnt
[src]
[noscript,notxpcom] nsrefcnt AddRef ();
pub unsafe fn Release(&self) -> nsrefcnt
[src]
[noscript,notxpcom] nsrefcnt Release ();
Trait Implementations
impl XpCom for nsIX509CertDB
[src]
const IID: nsIID
IID: nsIID = nsID(1544998299, 23155, 18417, [171, 15, 17, 237, 231, 73, 92, 206])
fn query_interface<T: XpCom>(&self) -> Option<RefPtr<T>>
[src]
Perform a QueryInterface call on this object, attempting to dynamically cast it to the requested interface type. Returns Some(RefPtr) if the cast succeeded, and None otherwise. Read more
impl RefCounted for nsIX509CertDB
[src]
unsafe fn addref(&self)
[src]
Increment the reference count.
unsafe fn release(&self)
[src]
Decrement the reference count, potentially freeing backing memory.
impl Deref for nsIX509CertDB
[src]
type Target = nsISupports
The resulting type after dereferencing.
fn deref(&self) -> &nsISupports
[src]
Dereferences the value.