gecko/security/manager/ssl/public/nsISignatureVerifier.idl
Bobby Holley bac4dc387e Bug 789224 - Separate certificate principals out from CAPS. r=dveditz
There's no longer any reason why "certificate principals" need to be principals at all.
I tried to rip them out entirely, but it looks like they're still used vestigially at XPI
install time to display author information. But there's no reason that they have to be
porkbarreled into the security-critical objects that we pass around all over the place.
So let's make them their own deal.

I was tempted to call them "certificate holders", but that would involve renaming methods and
cause more compat fuss than necessary.

--HG--
rename : caps/idl/nsISignatureVerifier.idl => security/manager/ssl/public/nsISignatureVerifier.idl
2012-10-22 08:29:56 +02:00

31 lines
1.1 KiB
Plaintext

/* -*- Mode: IDL; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
/* An interface for verifying signatures */
#include "nsISupports.idl"
// NB: This isn't actually a principal at all. The naming is just historical.
interface nsICertificatePrincipal;
[uuid(22870b07-b5ef-481b-9f7f-d41787d4e617)]
interface nsISignatureVerifier : nsISupports
{
/* Sig Verification Error Codes */
const long VERIFY_OK = 0;
const long VERIFY_ERROR_UNKNOWN_CA = -8172; /* -8172 is the error code returned by PSM */
nsICertificatePrincipal verifySignature(in string aSignature,
in unsigned long aSignatureLen,
in string plaintext,
in unsigned long plaintextLen,
out long errorCode);
};
%{C++
#define SIGNATURE_VERIFIER_CONTRACTID "@mozilla.org/psm;1"
%}