gecko/netwerk/base/public/nsISiteSecurityService.idl

168 lines
6.8 KiB
Plaintext

/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#include "nsISupports.idl"
interface nsIURI;
interface nsIObserver;
interface nsIHttpChannel;
interface nsISSLStatus;
%{C++
template<class T> class nsTArray;
class nsCString;
namespace mozilla
{
namespace pkix
{
class Time;
}
}
%}
[ref] native nsCStringTArrayRef(nsTArray<nsCString>);
[ref] native mozillaPkixTime(mozilla::pkix::Time);
[scriptable, uuid(46555f70-3ab5-11e4-8613-180373d97f23)]
interface nsISiteSecurityService : nsISupports
{
const uint32_t HEADER_HSTS = 0;
const uint32_t HEADER_HPKP = 1;
const uint32_t HEADER_OMS = 2;
/**
* Parses a given HTTP header and records the results internally.
* Currently two header types are supported: HSTS (aka STS) and HPKP
* The format of the HSTS header is defined by the HSTS specification:
* https://tools.ietf.org/html/rfc6797
* and allows a host to specify that future HTTP requests should be
* upgraded to HTTPS.
* The Format of the HPKP header is currently defined by:
* https://tools.ietf.org/html/draft-ietf-websec-key-pinning-20
* and allows a host to speficy a subset of trusted anchors to be used
* in future HTTPS connections.
*
* @param aType the type of security header in question.
* @param aSourceURI the URI of the resource with the HTTP header.
* @param aSSLStatus the SSLStatus of the current channel
* @param aHeader the HTTP response header specifying security data.
* @param aFlags options for this request as defined in nsISocketProvider:
* NO_PERMANENT_STORAGE
* @param aMaxAge the parsed max-age directive of the header.
* @param aIncludeSubdomains the parsed includeSubdomains directive.
* @return NS_OK if it succeeds
* NS_ERROR_FAILURE if it can't be parsed
* NS_SUCCESS_LOSS_OF_INSIGNIFICANT_DATA
* if there are unrecognized tokens in the header.
*/
void processHeader(in uint32_t aType,
in nsIURI aSourceURI,
in string aHeader,
in nsISSLStatus aSSLStatus,
in uint32_t aFlags,
[optional] out unsigned long long aMaxAge,
[optional] out boolean aIncludeSubdomains);
/**
* Same as processHeader but without checking for the security properties
* of the connection. Use ONLY for testing.
*/
void unsafeProcessHeader(in uint32_t aType,
in nsIURI aSourceURI,
in string aHeader,
in uint32_t aFlags,
[optional] out unsigned long long aMaxAge,
[optional] out boolean aIncludeSubdomains);
/**
* Given a header type, removes state relating to that header of a host,
* including the includeSubdomains state that would affect subdomains.
* This essentially removes the state for the domain tree rooted at this
* host.
* @param aType the type of security state in question
* @param aURI the URI of the target host
* @param aFlags options for this request as defined in nsISocketProvider:
* NO_PERMANENT_STORAGE
*/
void removeState(in uint32_t aType,
in nsIURI aURI,
in uint32_t aFlags);
/**
* See isSecureURI
*
* @param aType the type of security state in question.
* @param aHost the hostname (punycode) to query for state.
* @param aFlags options for this request as defined in nsISocketProvider:
* NO_PERMANENT_STORAGE
*/
boolean isSecureHost(in uint32_t aType,
in string aHost,
in uint32_t aFlags);
/**
* Checks if the given security info is for a host with a broken
* transport layer (certificate errors like invalid CN).
*/
boolean shouldIgnoreHeaders(in nsISupports aSecurityInfo);
/**
* Checks whether or not the URI's hostname has a given security state set.
* For example, for HSTS:
* The URI is an HSTS URI if either the host has the HSTS state set, or one
* of its super-domains has the HSTS "includeSubdomains" flag set.
* NOTE: this function makes decisions based only on the
* host contained in the URI, and disregards other portions of the URI
* such as path and port.
*
* @param aType the type of security state in question.
* @param aURI the URI to query for STS state.
* @param aFlags options for this request as defined in nsISocketProvider:
* NO_PERMANENT_STORAGE
*/
boolean isSecureURI(in uint32_t aType, in nsIURI aURI, in uint32_t aFlags);
/**
* Removes all security state by resetting to factory-original settings.
*/
void clearAll();
/**
* Returns an array of sha256-hashed key pins for the given domain, if any.
* If these pins also apply to subdomains of the given domain,
* aIncludeSubdomains will be true. Pins returned are only for non-built-in
* pin entries.
*
* @param aHostname the hosname (punycode) to be queried about
* @param the time at which the pins should be valid. This is in
mozilla::pkix::Time which uses internally seconds since 0 AD.
* @param aPinArray the set of sha256-hashed key pins for the given domain
* @param aIncludeSubdomains true if the pins apply to subdomains of the
* given domain
*/
[noscript] boolean getKeyPinsForHostname(in string aHostname,
in mozillaPkixTime evalTime,
out nsCStringTArrayRef aPinArray,
out boolean aIncludeSubdomains);
/**
* Set public-key pins for a host. The resulting pins will be permanent
* and visible from private and non-private contexts. These pins replace
* any already set by this mechanism or those built-in to Gecko.
*
* @param aHost the hostname (punycode) that pins will apply to
* @param aIncludeSubdomains whether these pins also apply to subdomains
* @param aMaxAge lifetime (in seconds) of this pin set
* @param aPinCount number of keys being pinnned
* @param aSha256Pins array of hashed key fingerprints (SHA-256, base64)
*/
boolean setKeyPins(in string aHost, in boolean aIncludeSubdomains,
in unsigned long aMaxAge, in unsigned long aPinCount,
[array, size_is(aPinCount)] in string aSha256Pins);
};
%{C++
#define NS_SSSERVICE_CONTRACTID "@mozilla.org/ssservice;1"
%}