gecko/netwerk/base/nsIPackagedAppUtils.idl

82 lines
2.9 KiB
Plaintext

/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#include "nsISupports.idl"
interface nsIVerificationCallback;
%{C++
#define NS_PACKAGEDAPPUTILS_CONTRACTID "@mozilla.org/network/packaged-app-utils;1"
%}
/**
* A package using privileged APIs should be signed by marketplace or trust-
* worthy developers. When Necko receives such a package, it has to
* extract the manifest and the signature and calls verifyManifest(...) to verify
* the manifest. nsIPackagedAppUtils will parse the manifest and
* store the hash values of each resource. When a resource is ready, Necko
* will calculate its hash value (including the header like Content-Location: xxx),
* and calls checkIntegrity(...) to verify the integrity.
*
* For more detail:
* https://wiki.mozilla.org/FirefoxOS/New_security_model/Packaging
*/
[scriptable, uuid(2963609c-370b-4a76-9858-6f05121d0473)]
interface nsIPackagedAppUtils : nsISupports
{
/**
* @aHeader is the package's header including
* - "manifest-signature: xxxxxx" (base64 encoding)
* @aManifest is the manifest of the package
* - the multipart header is included
* - manifest must be the first resource of the package
* @aCallback is the callback, see comments of nsIVerificationCallback below
*/
void verifyManifest(in ACString aHeader,
in ACString aManifest,
in nsIVerificationCallback aVerifier,
in boolean aDeveloperMode);
/**
* @aFileName is the name of a resource in the package
* @aHashValue is the hash value of this resource named aFileName
* - aHashValue should be computed by the caller of this method
* @aCallback is the callback, see comments of nsIVerificationCallback below
*/
void checkIntegrity(in ACString aFileName,
in ACString aHashValue,
in nsIVerificationCallback aVerifier);
/**
* The package identifier for signed package. Only available after the
* manifest is verified.
*/
readonly attribute ACString packageIdentifier;
/**
* The moz-package-location in the manifest of this signed package.
* Only available after the manifest is verified.
*/
readonly attribute ACString packageOrigin;
};
/**
* The callback passed to verifyManifest and checkIntegrity
*/
[scriptable, uuid(e1912028-93e5-4378-aa3f-a58702937169)]
interface nsIVerificationCallback : nsISupports
{
/**
* @aForManifest
* - true if it's called by verifyManifest
* - false if it's called by checkIntegrity
* @aSuccess
* - true if the verification succeeds, false otherwise
*/
void fireVerifiedEvent(in boolean aForManifest,
in boolean aSuccess);
};