--- a/security/manager/pki/nsIASN1Tree.idl
+++ b/security/manager/pki/nsIASN1Tree.idl
@@ -5,21 +5,20 @@
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#include "nsISupports.idl"
#include "nsITreeView.idl"
#include "nsIX509Cert.idl"
[scriptable, uuid(de142307-7b88-4e0a-b232-250f310e25d8)]
interface nsIASN1Tree : nsITreeView {
-
+ [must_use]
void loadASN1Structure(in nsIASN1Object asn1Object);
+ [must_use]
AString getDisplayData(in unsigned long index);
-
};
%{C++
#define NS_ASN1TREE_CONTRACTID "@mozilla.org/security/nsASN1Tree;1"
%}
-
--- a/security/manager/ssl/nsIASN1PrintableItem.idl
+++ b/security/manager/ssl/nsIASN1PrintableItem.idl
@@ -5,11 +5,10 @@
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#include "nsISupports.idl"
#include "nsIASN1Object.idl"
[scriptable, uuid(114e1142-1dd2-11b2-ac26-b6db19d9184a)]
interface nsIASN1PrintableItem : nsIASN1Object {
[noscript] void setData(in charPtr data, in unsigned long len);
- [noscript] void getData(out charPtr data, out unsigned long len);
+ [noscript, must_use] void getData(out charPtr data, out unsigned long len);
};
-
--- a/security/manager/ssl/nsICertBlocklist.idl
+++ b/security/manager/ssl/nsICertBlocklist.idl
@@ -15,49 +15,54 @@ interface nsIX509Cert;
* Represents a service to add certificates as explicitly blocked/distrusted.
*/
[scriptable, uuid(e0654480-f433-11e4-b939-0800200c9a66)]
interface nsICertBlocklist : nsISupports {
/**
* Add details of a revoked certificate :
* issuer name (base-64 encoded DER) and serial number (base-64 encoded DER).
*/
- void revokeCertByIssuerAndSerial(in ACString issuer,
- in ACString serialNumber);
+ [must_use]
+ void revokeCertByIssuerAndSerial(in ACString issuer,
+ in ACString serialNumber);
/**
* Add details of a revoked certificate :
* subject name (base-64 encoded DER) and hash of public key (base-64 encoded
* sha-256 hash of the public key).
*/
- void revokeCertBySubjectAndPubKey(in ACString subject,
- in ACString pubKeyHash);
+ [must_use]
+ void revokeCertBySubjectAndPubKey(in ACString subject,
+ in ACString pubKeyHash);
/**
* Persist (fresh) blocklist entries to the profile (if a profile directory is
* available). Note: calling this will result in synchronous I/O.
*/
- void saveEntries();
+ [must_use]
+ void saveEntries();
/**
* Check if a certificate is blocked.
- * isser - issuer name, DER encoded
+ * issuer - issuer name, DER encoded
* serial - serial number, DER encoded
* subject - subject name, DER encoded
* pubkey - public key, DER encoded
*/
- boolean isCertRevoked([const, array, size_is(issuer_length)] in octet issuer,
- in unsigned long issuer_length,
- [const, array, size_is(serial_length)] in octet serial,
- in unsigned long serial_length,
- [const, array, size_is(subject_length)] in octet subject,
- in unsigned long subject_length,
- [const, array, size_is(pubkey_length)] in octet pubkey,
- in unsigned long pubkey_length);
+ [must_use]
+ boolean isCertRevoked([const, array, size_is(issuer_length)] in octet issuer,
+ in unsigned long issuer_length,
+ [const, array, size_is(serial_length)] in octet serial,
+ in unsigned long serial_length,
+ [const, array, size_is(subject_length)] in octet subject,
+ in unsigned long subject_length,
+ [const, array, size_is(pubkey_length)] in octet pubkey,
+ in unsigned long pubkey_length);
/**
* Check that the blocklist data is current. Specifically, that the current
* time is no more than security.onecrl.maximum_staleness_in_seconds seconds
* after the last blocklist update (as stored in the
* app.update.lastUpdateTime.blocklist-background-update-timer pref)
*/
- boolean isBlocklistFresh();
+ [must_use]
+ boolean isBlocklistFresh();
};
--- a/security/manager/ssl/nsICertOverrideService.idl
+++ b/security/manager/ssl/nsICertOverrideService.idl
@@ -48,16 +48,17 @@ interface nsICertOverrideService : nsISu
* which only exhibit some subset of errors.
*
* @param aHostName The host (punycode) this mapping belongs to
* @param aPort The port this mapping belongs to, if it is -1 then it
* is internaly treated as 443
* @param aCert The cert that should always be accepted
* @param aOverrideBits The precise set of errors we want to be overriden
*/
+ [must_use]
void rememberValidityOverride(in ACString aHostName,
in int32_t aPort,
in nsIX509Cert aCert,
in uint32_t aOverrideBits,
in boolean aTemporary);
/**
* Certs with the given fingerprint should always be accepted for the
@@ -67,16 +68,17 @@ interface nsICertOverrideService : nsISu
*
* @param aHostName The host (punycode) this mapping belongs to
* @param aPort The port this mapping belongs to, if it is -1 then it
* is internaly treated as 443
* @param aCertFingerprint The cert fingerprint that should be accepted, in
* the format 'AA:BB:...' (colon-separated upper-case hex bytes).
* @param aOverrideBits The errors we want to be overriden
*/
+ [must_use]
void rememberTemporaryValidityOverrideUsingFingerprint(
in ACString aHostName,
in int32_t aPort,
in ACString aCertFingerprint,
in uint32_t aOverrideBits);
/**
* Return whether this host, port, cert triple has a stored override.
@@ -88,16 +90,17 @@ interface nsICertOverrideService : nsISu
* @param aPort The port this mapping belongs to, if it is -1 then it
* is internally treated as 443
* @param aCert The certificate this mapping belongs to
* @param aOverrideBits The errors that are currently overridden
* @param aIsTemporary Whether the stored override is session-only,
* or permanent
* @return Whether an override has been stored for this host+port+cert
*/
+ [must_use]
boolean hasMatchingOverride(in ACString aHostName,
in int32_t aPort,
in nsIX509Cert aCert,
out uint32_t aOverrideBits,
out boolean aIsTemporary);
/**
* Retrieve the stored override for the given hostname:port.
@@ -107,16 +110,17 @@ interface nsICertOverrideService : nsISu
* is internaly treated as 443
* @param aHashAlg On return value True, the fingerprint hash algorithm
* as an OID value in dotted notation.
* @param aFingerprint On return value True, the stored fingerprint
* @param aOverrideBits The errors that are currently overriden
* @return whether a matching override entry for aHostNameWithPort
* and aFingerprint is currently on file
*/
+ [must_use]
boolean getValidityOverride(in ACString aHostName,
in int32_t aPort,
out ACString aHashAlg,
out ACString aFingerprint,
out uint32_t aOverrideBits,
out boolean aIsTemporary);
/**
@@ -133,12 +137,13 @@ interface nsICertOverrideService : nsISu
/**
* Is the given cert used in rules?
*
* @param aCert The cert we're looking for
* @return how many override entries are currently on file
* for the given certificate
*/
+ [must_use]
uint32_t isCertUsedForOverrides(in nsIX509Cert aCert,
in boolean aCheckTemporaries,
in boolean aCheckPermanents);
};
--- a/security/manager/ssl/nsICertTree.idl
+++ b/security/manager/ssl/nsICertTree.idl
@@ -7,28 +7,35 @@
#include "nsISupports.idl"
#include "nsITreeView.idl"
interface nsIX509Cert;
interface nsIX509CertList;
[scriptable, uuid(d0180863-606e-49e6-8324-cf45ed4dd891)]
interface nsICertTreeItem : nsISupports {
+ [must_use]
readonly attribute nsIX509Cert cert;
+ [must_use]
readonly attribute AString hostPort;
};
[scriptable, uuid(55d5ad6b-5572-47fe-941c-f01fe723659e)]
interface nsICertTree : nsITreeView {
+ [must_use]
void loadCerts(in unsigned long type);
+ [must_use]
void loadCertsFromCache(in nsIX509CertList cache, in unsigned long type);
+ [must_use]
nsIX509Cert getCert(in unsigned long index);
+ [must_use]
nsICertTreeItem getTreeItem(in unsigned long index);
+ [must_use]
void deleteEntryObject(in unsigned long index);
};
%{C++
#define NS_CERTTREE_CID { 0x4ea60761, 0x31d6, 0x491d, \
{ 0x9e, 0x34, 0x4b, 0x53, 0xa2, 0x6c, 0x41, 0x6c } }
--- a/security/manager/ssl/nsICertificateDialogs.idl
+++ b/security/manager/ssl/nsICertificateDialogs.idl
@@ -15,63 +15,65 @@ interface nsICertificateDialogs : nsISup
{
/**
* UI shown when a user is asked to download a new CA cert.
* Provides user with ability to choose trust settings for the cert.
* Asks the user to grant permission to import the certificate.
*
* @param ctx A user interface context.
* @param cert The certificate that is about to get installed.
- * @param trust a bit mask of trust flags,
- * see nsIX509CertDB for possible values.
+ * @param trust A bit mask of trust flags.
+ * See nsIX509CertDB for possible values.
*
* @return true if the user allows to import the certificate.
*/
+ [must_use]
boolean confirmDownloadCACert(in nsIInterfaceRequestor ctx,
in nsIX509Cert cert,
out unsigned long trust);
/**
* UI shown when a user's personal certificate is going to be
* exported to a backup file.
- * The implementation of this dialog should make sure
- * to prompt the user to type the password twice in order to
- * confirm correct input.
- * The wording in the dialog should also motivate the user
- * to enter a strong password.
+ * The implementation of this dialog should make sure to prompt the user to
+ * type the password twice in order to confirm correct input.
+ * The wording in the dialog should also motivate the user to enter a strong
+ * password.
*
* @param ctx A user interface context.
* @param password The password provided by the user.
*
* @return false if the user requests to cancel.
*/
- boolean setPKCS12FilePassword(in nsIInterfaceRequestor ctx,
+ [must_use]
+ boolean setPKCS12FilePassword(in nsIInterfaceRequestor ctx,
out AString password);
/**
* UI shown when a user is about to restore a personal
* certificate from a backup file.
* The user is requested to enter the password
* that was used in the past to protect that backup file.
*
* @param ctx A user interface context.
* @param password The password provided by the user.
*
* @return false if the user requests to cancel.
*/
- boolean getPKCS12FilePassword(in nsIInterfaceRequestor ctx,
+ [must_use]
+ boolean getPKCS12FilePassword(in nsIInterfaceRequestor ctx,
out AString password);
/**
* UI shown when a certificate needs to be shown to the user.
* The implementation should try to display as many attributes
* as possible.
*
* @param ctx A user interface context.
* @param cert The certificate to be shown to the user.
*/
- void viewCert(in nsIInterfaceRequestor ctx,
- in nsIX509Cert cert);
+ [must_use]
+ void viewCert(in nsIInterfaceRequestor ctx, in nsIX509Cert cert);
};
%{C++
#define NS_CERTIFICATEDIALOGS_CONTRACTID "@mozilla.org/nsCertificateDialogs;1"
%}
--- a/security/manager/ssl/nsIClientAuthDialogs.idl
+++ b/security/manager/ssl/nsIClientAuthDialogs.idl
@@ -22,16 +22,17 @@ interface nsIClientAuthDialogs : nsISupp
* @param port Port of the server.
* @param organization Organization field of the server cert.
* @param issuerOrg Organization field of the issuer cert of the server cert.
* @param certList List of certificates the user can choose from.
* @param selectedIndex Index of the cert in |certList| that the user chose.
* Ignored if the return value is false.
* @return true if a certificate was chosen. false if the user canceled.
*/
+ [must_use]
boolean chooseCertificate(in nsIInterfaceRequestor ctx,
in AUTF8String hostname,
in long port,
in AUTF8String organization,
in AUTF8String issuerOrg,
in nsIArray certList,
out unsigned long selectedIndex);
};
--- a/security/manager/ssl/nsIContentSignatureVerifier.idl
+++ b/security/manager/ssl/nsIContentSignatureVerifier.idl
@@ -35,16 +35,17 @@ interface nsIContentSignatureVerifier :
* url-safe base64 encoded.
* @param aCertificateChain The certificate chain to use for verification.
* PEM encoded string.
* @param aName The (host)name for which the end entity must
be valid.
* @returns true if the signature matches the data and aCertificateChain is
* valid within aContext, false if not.
*/
+ [must_use]
boolean verifyContentSignature(in ACString aData,
in ACString aContentSignatureHeader,
in ACString aCertificateChain,
in ACString aName);
/**
* Creates a context to verify a content signature against data that is added
* later with update calls.
@@ -52,16 +53,17 @@ interface nsIContentSignatureVerifier :
* @param aData The first chunk of data to be tested.
* @param aContentSignatureHeader The signature of the data, url-safe base64
* encoded.
* @param aCertificateChain The certificate chain to use for
* verification. PEM encoded string.
* @param aName The (host)name for which the end entity must
be valid.
*/
+ [must_use]
void createContext(in ACString aData, in ACString aContentSignatureHeader,
in ACString aCertificateChain, in ACString aName);
/**
* Creates a context to verify a content signature against data that is added
* later with update calls.
* This does not require the caller to download the certificate chain. It's
* done internally.
@@ -72,34 +74,37 @@ interface nsIContentSignatureVerifier :
*
* @param aCallback Callback that's invoked when the cert chain
* got fetched.
* @param aContentSignatureHeader The signature of the data, url-safe base64
* encoded, and the x5u value.
* @param aName The (host)name for which the end entity must
be valid.
*/
+ [must_use]
void createContextWithoutCertChain(in nsIContentSignatureReceiverCallback aCallback,
in ACString aContentSignatureHeader,
in ACString aName);
/**
* Adds data to the context that was used to generate the signature.
*
* @param aData More data to be tested.
*/
+ [must_use]
void update(in ACString aData);
/**
* Finalises the signature and returns the result of the signature
* verification.
*
* @returns true if the signature matches the data added with createContext
* and update, false if not.
*/
+ [must_use]
boolean end();
};
/**
* Callback for nsIContentSignatureVerifier.
* { 0x1eb90707, 0xdf59, 0x48b7, \
* { 0x9d, 0x42, 0xd8, 0xbf, 0x63, 0x0a, 0xe7, 0x44 } }
*/
--- a/security/manager/ssl/nsICryptoHMAC.idl
+++ b/security/manager/ssl/nsICryptoHMAC.idl
@@ -41,67 +41,66 @@ interface nsICryptoHMAC : nsISupports
* .getService(Components.interfaces.nsIKeyObjectFactory)
* .keyFromString(Components.interfaces.nsIKeyObject.HMAC, rawKeyData);
*
* WARNING: This approach is not FIPS compliant.
*
* @throws NS_ERROR_INVALID_ARG if an unsupported algorithm
* type is passed.
*
- * NOTE: This method must be called before any other method
- * on this interface is called.
+ * NOTE: This method must be called before any other method on this
+ * interface is called.
*/
+ [must_use]
void init(in unsigned long aAlgorithm, in nsIKeyObject aKeyObject);
/**
* @param aData a buffer to calculate the hash over
*
* @param aLen the length of the buffer |aData|
*
- * @throws NS_ERROR_NOT_INITIALIZED if |init| has not been
- * called.
+ * @throws NS_ERROR_NOT_INITIALIZED If |init| has not been called.
*/
+ [must_use]
void update([const, array, size_is(aLen)] in octet aData, in unsigned long aLen);
/**
* Calculates and updates a new hash based on a given data stream.
*
* @param aStream an input stream to read from.
*
- * @param aLen how much to read from the given |aStream|. Passing
- * UINT32_MAX indicates that all data available will be used
- * to update the hash.
+ * @param aLen How much to read from the given |aStream|. Passing UINT32_MAX
+ * indicates that all data available will be used to update the hash.
*
- * @throws NS_ERROR_NOT_INITIALIZED if |init| has not been
- * called.
+ * @throws NS_ERROR_NOT_INITIALIZED If |init| has not been called.
*
- * @throws NS_ERROR_NOT_AVAILABLE if the requested amount of
- * data to be calculated into the hash is not available.
+ * @throws NS_ERROR_NOT_AVAILABLE If the requested amount of data to be
+ * calculated into the hash is not available.
*
*/
+ [must_use]
void updateFromStream(in nsIInputStream aStream, in unsigned long aLen);
-
+
/**
- * Completes this HMAC object and produces the actual HMAC diegest data.
+ * Completes this HMAC object and produces the actual HMAC digest data.
*
- * @param aASCII if true then the returned value is a base-64
- * encoded string. if false, then the returned value is
- * binary data.
+ * @param aASCII If true then the returned value is a base64 encoded string.
+ * If false, then the returned value is binary data.
*
* @return a hash of the data that was read by this object. This can
* be either binary data or base 64 encoded.
*
- * @throws NS_ERROR_NOT_INITIALIZED if |init| has not been
- * called.
+ * @throws NS_ERROR_NOT_INITIALIZED If |init| has not been called.
*
* NOTE: This method may be called any time after |init|
* is called. This call resets the object to its
* pre-init state.
*/
+ [must_use]
ACString finish(in boolean aASCII);
/**
- * Reinitialize HMAC context to be reused with the same
- * settings (the key and hash algorithm) but on different
- * set of data.
+ * Reinitialize HMAC context to be reused with the same settings (the key
+ * and hash algorithm) but on a different set of data.
*/
+ [must_use]
void reset();
};
--- a/security/manager/ssl/nsICryptoHash.idl
+++ b/security/manager/ssl/nsICryptoHash.idl
@@ -49,57 +49,54 @@ interface nsICryptoHash : nsISupports
* @param aAlgorithm the algorithm type to be used.
*
* @throws NS_ERROR_INVALID_ARG if an unsupported algorithm
* type is passed.
*
* NOTE: This method or init must be called before any
* other method on this interface is called.
*/
+ [must_use]
void initWithString(in ACString aAlgorithm);
-
+
/**
* @param aData a buffer to calculate the hash over
*
* @param aLen the length of the buffer |aData|
*
- * @throws NS_ERROR_NOT_INITIALIZED if |init| has not been
- * called.
+ * @throws NS_ERROR_NOT_INITIALIZED If |init| has not been called.
*/
void update([const, array, size_is(aLen)] in octet aData, in unsigned long aLen);
/**
* Calculates and updates a new hash based on a given data stream.
*
* @param aStream an input stream to read from.
*
- * @param aLen how much to read from the given |aStream|. Passing
- * UINT32_MAX indicates that all data available will be used
- * to update the hash.
+ * @param aLen How much to read from the given |aStream|. Passing UINT32_MAX
+ * indicates that all data available will be used to update the hash.
*
- * @throws NS_ERROR_NOT_INITIALIZED if |init| has not been
- * called.
+ * @throws NS_ERROR_NOT_INITIALIZED If |init| has not been called.
*
- * @throws NS_ERROR_NOT_AVAILABLE if the requested amount of
+ * @throws NS_ERROR_NOT_AVAILABLE If the requested amount of
* data to be calculated into the hash is not available.
*
*/
+ [must_use]
void updateFromStream(in nsIInputStream aStream, in unsigned long aLen);
-
+
/**
* Completes this hash object and produces the actual hash data.
*
- * @param aASCII if true then the returned value is a base-64
- * encoded string. if false, then the returned value is
- * binary data.
+ * @param aASCII If true then the returned value is a base64 encoded string.
+ * If false, then the returned value is binary data.
*
* @return a hash of the data that was read by this object. This can
* be either binary data or base 64 encoded.
*
- * @throws NS_ERROR_NOT_INITIALIZED if |init| has not been
- * called.
+ * @throws NS_ERROR_NOT_INITIALIZED If |init| has not been called.
*
* NOTE: This method may be called any time after |init|
* is called. This call resets the object to its
* pre-init state.
*/
ACString finish(in boolean aASCII);
};
--- a/security/manager/ssl/nsIDataSignatureVerifier.idl
+++ b/security/manager/ssl/nsIDataSignatureVerifier.idl
@@ -19,19 +19,21 @@ interface nsIDataSignatureVerifier : nsI
* signature.
*
* @param aData The data to be tested.
* @param aSignature The signature of the data, base64 encoded.
* @param aPublicKey The public part of the key used for signing, DER encoded
* then base64 encoded.
* @returns true if the signature matches the data, false if not.
*/
+ [must_use]
boolean verifyData(in ACString aData, in ACString aSignature, in ACString aPublicKey);
/* Sig Verification Error Codes */
const long VERIFY_OK = 0;
const long VERIFY_ERROR_UNKNOWN_ISSUER = 1;
const long VERIFY_ERROR_OTHER = 2;
+ [must_use]
nsIX509Cert verifySignature(in ACString signature, in ACString plaintext,
out long errorCode);
};
--- a/security/manager/ssl/nsIGenKeypairInfoDlg.idl
+++ b/security/manager/ssl/nsIGenKeypairInfoDlg.idl
@@ -10,16 +10,17 @@ interface nsIKeygenThread;
/**
* nsIGeneratingKeypairInfoDialogs
* This is the interface for giving feedback to the user
* while generating a key pair.
*/
[scriptable, uuid(11bf5cdc-1dd2-11b2-ba6a-c76afb326fa1)]
interface nsIGeneratingKeypairInfoDialogs : nsISupports
{
+ [must_use]
void displayGeneratingKeypairInfo(in nsIInterfaceRequestor ctx,
in nsIKeygenThread runnable);
};
%{C++
/**
* This component is to be implemented by the embeddor. It is used to show
* feedback to the user while a private key is being generated.
--- a/security/manager/ssl/nsIKeyModule.idl
+++ b/security/manager/ssl/nsIKeyModule.idl
@@ -17,21 +17,25 @@ interface nsIKeyObject : nsISupports
// Key types
const short SYM_KEY = 1;
// Algorithm types
const short HMAC = 257;
// The nsIKeyObject will take ownership of the key and be responsible
// for freeing the key memory when destroyed.
- [noscript] void initKey(in short aAlgorithm, in PK11SymKeyPtr aKey);
+ [noscript, must_use]
+ void initKey(in short aAlgorithm, in PK11SymKeyPtr aKey);
// Returns a pointer to the underlying key object.
- [noscript] PK11SymKeyPtr getKeyObj();
+ [noscript, must_use]
+ PK11SymKeyPtr getKeyObj();
+ [must_use]
short getType();
};
[scriptable, uuid(838bdbf1-8244-448f-8bcd-cede70227d75)]
interface nsIKeyObjectFactory : nsISupports
{
+ [must_use]
nsIKeyObject keyFromString(in short aAlgorithm, in ACString aKey);
};
--- a/security/manager/ssl/nsIKeygenThread.idl
+++ b/security/manager/ssl/nsIKeygenThread.idl
@@ -24,24 +24,26 @@ interface nsIKeygenThread : nsISupports
* To allow the closure of the status information,
* the thread needs a handle to an observer.
*
* observer will be called on the UI thread.
* When the key generation is done, the observe method will
* be called with a topic of "keygen-finished" and null data
* and subject.
*/
+ [must_use]
void startKeyGeneration(in nsIObserver observer);
/**
* userCanceled - notify the thread
* If the user canceled, the thread is no longer allowed to
* close the dialog. However, if the thread already closed
* it, we are not allowed to close it.
*/
+ [must_use]
void userCanceled(out boolean threadAlreadyClosedDialog);
};
%{ C++
// {195763b8-1dd2-11b2-a843-eb44e44aaa37}
#define NS_KEYGENTHREAD_CID \
{ 0x195763b8, 0x1dd2, 0x11b2, { 0xa8, 0x43, 0xeb, 0x44, 0xe4, 0x4a, 0xaa, 0x37 } }
#define NS_KEYGENTHREAD_CONTRACTID "@mozilla.org/security/keygenthread;1"
--- a/security/manager/ssl/nsILocalCertService.idl
+++ b/security/manager/ssl/nsILocalCertService.idl
@@ -17,31 +17,34 @@ interface nsILocalCertService : nsISuppo
*
* The cert is stored permanently in the profile's key store after first use,
* and is valid for 1 year. If an expired or otherwise invalid cert is found
* with the nickname supplied here, it is removed and a new one is made.
*
* @param nickname Nickname that identifies the cert
* @param cb Callback to be notified with the result
*/
+ [must_use]
void getOrCreateCert(in ACString nickname, in nsILocalCertGetCallback cb);
/**
* Remove a X.509 cert with the given nickname.
*
* @param nickname Nickname that identifies the cert
* @param cb Callback to be notified with the result
*/
+ [must_use]
void removeCert(in ACString nickname, in nsILocalCertCallback cb);
/**
* Whether calling |getOrCreateCert| or |removeCert| will trigger a login
* prompt to be displayed. Generally this happens if the user has set a
* master password, but has not yet logged in.
*/
+ [must_use]
readonly attribute boolean loginPromptRequired;
};
[scriptable, uuid(cc09633e-7c70-4093-a9cf-79ab676ca8a9)]
interface nsILocalCertGetCallback : nsISupports
{
/**
* Called with the result of the getOrCreateCert operation above.
--- a/security/manager/ssl/nsINSSErrorsService.idl
+++ b/security/manager/ssl/nsINSSErrorsService.idl
@@ -8,38 +8,41 @@
[scriptable, uuid(12f60021-e14b-4020-99d1-ed2c795be66a)]
interface nsINSSErrorsService : nsISupports
{
/**
* @param aNSPRCode An error code obtained using PR_GetError()
* @return True if it is error code defined by the NSS library
*/
+ [must_use]
boolean isNSSErrorCode(in int32_t aNSPRCode);
/**
* Function will fail if aNSPRCode is not an NSS error code.
* @param aNSPRCode An error code obtained using PR_GetError()
* @return The result of the conversion, an XPCOM error code
*/
+ [must_use]
nsresult getXPCOMFromNSSError(in int32_t aNSPRCode);
/**
* Function will fail if aXPCOMErrorCode is not an NSS error code.
* @param aXPCOMErrorCode An error code obtained using getXPCOMFromNSSError
* return A localized human readable error explanation.
*/
AString getErrorMessage(in nsresult aXPCOMErrorCode);
/**
* Function will fail if aXPCOMErrorCode is not an NSS error code.
* @param aXPCOMErrorCode An error code obtained using getXPCOMFromNSSError
* return the error class of the code, either ERROR_CLASS_BAD_CERT
* or ERROR_CLASS_SSL_PROTOCOL
*/
+ [must_use]
uint32_t getErrorClass(in nsresult aXPCOMErrorCode);
const unsigned long ERROR_CLASS_SSL_PROTOCOL = 1;
const unsigned long ERROR_CLASS_BAD_CERT = 2;
/**
* The following values define the range of NSPR error codes used by NSS.
* NSS remains the authorative source for these numbers, as a result,
--- a/security/manager/ssl/nsINSSVersion.idl
+++ b/security/manager/ssl/nsINSSVersion.idl
@@ -7,21 +7,31 @@
%{C++
#define NS_NSSVERSION_CONTRACTID "@mozilla.org/security/nssversion;1"
%}
[scriptable, uuid(a8a53a2b-75cc-4c68-a9bb-9791dbddaa00)]
interface nsINSSVersion : nsISupports {
/* Minimal required versions as used at build time */
+ [must_use]
readonly attribute AString NSPR_MinVersion;
+ [must_use]
readonly attribute AString NSS_MinVersion;
+ [must_use]
readonly attribute AString NSSUTIL_MinVersion;
+ [must_use]
readonly attribute AString NSSSSL_MinVersion;
+ [must_use]
readonly attribute AString NSSSMIME_MinVersion;
/* Versions of libraries currently in use */
+ [must_use]
readonly attribute AString NSPR_Version;
+ [must_use]
readonly attribute AString NSS_Version;
+ [must_use]
readonly attribute AString NSSUTIL_Version;
+ [must_use]
readonly attribute AString NSSSSL_Version;
+ [must_use]
readonly attribute AString NSSSMIME_Version;
};
--- a/security/manager/ssl/nsIPK11Token.idl
+++ b/security/manager/ssl/nsIPK11Token.idl
@@ -11,70 +11,92 @@ interface nsIPK11Token : nsISupports
{
const long ASK_EVERY_TIME = -1;
const long ASK_FIRST_TIME = 0;
const long ASK_EXPIRE_TIME = 1;
/*
* The name of the token
*/
+ [must_use]
readonly attribute AUTF8String tokenName;
+ [must_use]
readonly attribute AUTF8String tokenLabel;
/**
* Manufacturer ID of the token.
*/
+ [must_use]
readonly attribute AUTF8String tokenManID;
/**
* Hardware version of the token.
*/
+ [must_use]
readonly attribute AUTF8String tokenHWVersion;
/**
* Firmware version of the token.
*/
+ [must_use]
readonly attribute AUTF8String tokenFWVersion;
+ [must_use]
readonly attribute AUTF8String tokenSerialNumber;
/*
* Login information
*/
+ [must_use]
boolean isLoggedIn();
+ [must_use]
void login(in boolean force);
+ [must_use]
void logoutSimple();
+ [must_use]
void logoutAndDropAuthenticatedResources();
/*
* Reset password
*/
+ [must_use]
void reset();
/*
* Password information
*/
+ [must_use]
readonly attribute long minimumPasswordLength;
+ [must_use]
readonly attribute boolean needsUserInit;
/**
* Checks whether the given password is correct. Logs the token out if an
* incorrect password is given.
*
* @param password The password to check.
* @return true if the password was correct, false otherwise.
*/
+ [must_use]
boolean checkPassword(in AUTF8String password);
+ [must_use]
void initPassword(in AUTF8String initialPassword);
+ [must_use]
void changePassword(in AUTF8String oldPassword, in AUTF8String newPassword);
+ [must_use]
long getAskPasswordTimes();
+ [must_use]
long getAskPasswordTimeout();
+ [must_use]
void setAskPasswordDefaults([const] in long askTimes, [const] in long timeout);
/*
* True if a password has been configured for this token, and false otherwise.
* (Whether or not the user is currently logged in makes no difference.)
* In particular, this can be used to determine if a user has set a master
* password (if this is the internal key token).
*/
+ [must_use]
readonly attribute boolean hasPassword;
/*
* Other attributes
*/
+ [must_use]
boolean isHardwareToken();
+ [must_use]
boolean needsLogin();
};
--- a/security/manager/ssl/nsIPK11TokenDB.idl
+++ b/security/manager/ssl/nsIPK11TokenDB.idl
@@ -32,15 +32,17 @@ interface nsIPK11TokenDB : nsISupports
/*
* Find a token by name. Throws NS_ERROR_FAILURE if no token with the given
* name can be found.
* @param tokenName a string identifying the name of the token. Must be
* non-empty.
* @return a token with the given name
*/
+ [must_use]
nsIPK11Token findTokenByName(in AUTF8String tokenName);
/*
* List all tokens
*/
+ [must_use]
nsISimpleEnumerator listTokens();
};
--- a/security/manager/ssl/nsIPKCS11.idl
+++ b/security/manager/ssl/nsIPKCS11.idl
@@ -7,14 +7,16 @@
%{C++
#define NS_PKCS11_CONTRACTID "@mozilla.org/security/pkcs11;1"
%}
[scriptable, uuid(5743f870-958e-4f02-aef2-c0afeef67f05)]
interface nsIPKCS11 : nsISupports
{
+ [must_use]
void deleteModule(in AString moduleName);
+ [must_use]
void addModule(in AString moduleName,
in AString libraryFullPath,
in long cryptoMechanismFlags,
in long cipherFlags);
};
--- a/security/manager/ssl/nsIPKCS11Module.idl
+++ b/security/manager/ssl/nsIPKCS11Module.idl
@@ -7,15 +7,19 @@
#include "nsISupports.idl"
interface nsIPKCS11Slot;
interface nsISimpleEnumerator;
[scriptable, uuid(8a44bdf9-d1a5-4734-bd5a-34ed7fe564c2)]
interface nsIPKCS11Module : nsISupports
{
+ [must_use]
readonly attribute AUTF8String name;
+ [must_use]
readonly attribute AUTF8String libName;
+ [must_use]
nsIPKCS11Slot findSlotByName(in AUTF8String name);
+ [must_use]
nsISimpleEnumerator listSlots();
};
--- a/security/manager/ssl/nsIPKCS11ModuleDB.idl
+++ b/security/manager/ssl/nsIPKCS11ModuleDB.idl
@@ -12,24 +12,32 @@ interface nsISimpleEnumerator;
%{C++
#define NS_PKCS11MODULEDB_CONTRACTID "@mozilla.org/security/pkcs11moduledb;1"
%}
[scriptable, uuid(ff9fbcd7-9517-4334-b97a-ceed78909974)]
interface nsIPKCS11ModuleDB : nsISupports
{
+ [must_use]
nsIPKCS11Module getInternal();
+ [must_use]
nsIPKCS11Module getInternalFIPS();
+ [must_use]
nsIPKCS11Module findModuleByName(in AUTF8String name);
+ [must_use]
nsIPKCS11Slot findSlotByName(in AUTF8String name);
+ [must_use]
nsISimpleEnumerator listModules();
+ [must_use]
readonly attribute boolean canToggleFIPS;
+ [must_use]
void toggleFIPSMode();
+ [must_use]
readonly attribute boolean isFIPSEnabled;
};
--- a/security/manager/ssl/nsIPKCS11Slot.idl
+++ b/security/manager/ssl/nsIPKCS11Slot.idl
@@ -5,40 +5,48 @@
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#include "nsISupports.idl"
interface nsIPK11Token;
[scriptable, uuid(c2d4f296-ee60-11d4-998b-00b0d02354a0)]
interface nsIPKCS11Slot : nsISupports {
+ [must_use]
readonly attribute AUTF8String name;
+ [must_use]
readonly attribute AUTF8String desc;
/**
* Manufacturer ID of the slot.
*/
+ [must_use]
readonly attribute AUTF8String manID;
/**
* Hardware version of the slot.
*/
+ [must_use]
readonly attribute AUTF8String HWVersion;
/**
* Firmware version of the slot.
*/
+ [must_use]
readonly attribute AUTF8String FWVersion;
const unsigned long SLOT_DISABLED = 0;
const unsigned long SLOT_NOT_PRESENT = 1;
const unsigned long SLOT_UNINITIALIZED = 2;
const unsigned long SLOT_NOT_LOGGED_IN = 3;
const unsigned long SLOT_LOGGED_IN = 4;
const unsigned long SLOT_READY = 5;
+ [must_use]
readonly attribute unsigned long status;
/* This is really a workaround for now. All of the "slot" functions
* (isTokenPresent(), etc.) are in nsIPK11Token. For now, return the
* token and handle those things there.
*/
+ [must_use]
nsIPK11Token getToken();
/* more fun with workarounds - we're referring to everything by token name */
+ [must_use]
readonly attribute AUTF8String tokenName;
};
--- a/security/manager/ssl/nsIProtectedAuthThread.idl
+++ b/security/manager/ssl/nsIProtectedAuthThread.idl
@@ -2,44 +2,46 @@
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#include "nsISupports.idl"
#include "nsIObserver.idl"
#include "nsIPKCS11Slot.idl"
/**
- * nsIProtectedAuthThread
- * This is used to communicate with the thread login on to
- * a token with CKF_PROTECTED_AUTHENTICATION_PATH set.
+ * Used to communicate with the thread for logging on to a token with
+ * CKF_PROTECTED_AUTHENTICATION_PATH set.
*/
[scriptable, uuid(4bb27cb7-8984-4cee-8ce7-9b014c3d091b)]
interface nsIProtectedAuthThread : nsISupports
{
/**
* login - run the thread
* A user interface implementing this interface needs to
* call this method as soon as the message to the user is
- * displayed. This will trigger login operation. No user
+ * displayed. This will trigger login operation. No user
* cancellation is possible during login operation.
*
* When the login is done, the observe method of @observer will
* be called on the UI thread with a topic of "login-finished"
* and null data and subject.
*/
+ [must_use]
void login(in nsIObserver observer);
/**
* The PKCS11 slot
*/
+ [must_use]
readonly attribute nsIPKCS11Slot slot;
/**
* Gets token to be logged in name.
*/
+ [must_use]
AString getTokenName();
};
%{ C++
// {45334489-3D30-47c6-920B-0A55A313AEBF}
#define NS_PROTECTEDAUTHTHREAD_CID \
{ 0x45334489, 0x3d30, 0x47c6, { 0x92, 0x0b, 0x0a, 0x55, 0xa3, 0x13, 0xae, 0xbf } }
#define NS_PROTECTEDAUTHTHREAD_CONTRACTID "@mozilla.org/security/protectedauththread;1"
--- a/security/manager/ssl/nsISSLStatus.idl
+++ b/security/manager/ssl/nsISSLStatus.idl
@@ -7,42 +7,51 @@
#include "nsISupports.idl"
interface nsIX509Cert;
[scriptable, uuid(fa9ba95b-ca3b-498a-b889-7c79cf28fee8)]
interface nsISSLStatus : nsISupports {
readonly attribute nsIX509Cert serverCert;
+ [must_use]
readonly attribute ACString cipherName;
+ [must_use]
readonly attribute unsigned long keyLength;
+ [must_use]
readonly attribute unsigned long secretKeyLength;
const short SSL_VERSION_3 = 0;
const short TLS_VERSION_1 = 1;
const short TLS_VERSION_1_1 = 2;
const short TLS_VERSION_1_2 = 3;
const short TLS_VERSION_1_3 = 4;
+ [must_use]
readonly attribute unsigned short protocolVersion;
const short CERTIFICATE_TRANSPARENCY_NOT_APPLICABLE = 0;
const short CERTIFICATE_TRANSPARENCY_POLICY_COMPLIANT = 5;
const short CERTIFICATE_TRANSPARENCY_POLICY_NOT_ENOUGH_SCTS = 6;
const short CERTIFICATE_TRANSPARENCY_POLICY_NOT_DIVERSE_SCTS = 7;
+ [must_use]
readonly attribute unsigned short certificateTransparencyStatus;
+ [must_use]
readonly attribute boolean isDomainMismatch;
+ [must_use]
readonly attribute boolean isNotValidAtThisTime;
/* Note: To distinguish between
* "unstrusted because missing or untrusted issuer"
* and
* "untrusted because self signed"
* query nsIX509Cert::isSelfSigned
*/
+ [must_use]
readonly attribute boolean isUntrusted;
/**
* True only if (and after) serverCert was successfully validated as
* Extended Validation (EV).
*/
+ [must_use]
readonly attribute boolean isExtendedValidation;
};
--- a/security/manager/ssl/nsISecretDecoderRing.idl
+++ b/security/manager/ssl/nsISecretDecoderRing.idl
@@ -14,36 +14,41 @@ interface nsISecretDecoderRing: nsISuppo
* encrypt passwords (or any text, really) won't work as expected.
* Instead, use something like nsIScriptableUnicodeConverter to first convert
* the desired password or text to UTF-8, then encrypt that. Remember to
* convert back when calling decryptString().
*
* @param text The text to encrypt.
* @return The encrypted text, encoded as Base64.
*/
+ [must_use]
ACString encryptString(in ACString text);
/**
* Decrypt Base64 input.
* See the encryptString() documentation - this method has basically the same
* limitations.
*
* @param encryptedBase64Text Encrypted input text, encoded as Base64.
* @return The decoded text.
*/
+ [must_use]
ACString decryptString(in ACString encryptedBase64Text);
/**
* Prompt the user to change the password on the SDR key.
*/
+ [must_use]
void changePassword();
/**
* Logout of the security device that protects the SDR key.
*/
+ [must_use]
void logout();
/**
* Logout of the security device that protects the SDR key and tear
* down authenticated objects.
*/
+ [must_use]
void logoutAndTeardown();
};
--- a/security/manager/ssl/nsISiteSecurityService.idl
+++ b/security/manager/ssl/nsISiteSecurityService.idl
@@ -24,22 +24,23 @@ namespace mozilla
[ref] native nsCStringTArrayRef(nsTArray<nsCString>);
[ref] native mozillaPkixTime(mozilla::pkix::Time);
[ref] native const_OriginAttributesRef(const mozilla::OriginAttributes);
// [infallible] attributes are only allowed on [builtinclass]
[scriptable, uuid(31313372-842c-4110-bdf1-6aea17c845ad), builtinclass]
interface nsISiteSecurityState : nsISupports
{
+ [must_use]
readonly attribute ACString hostname;
[infallible] readonly attribute long long expireTime;
[infallible] readonly attribute short securityPropertyState;
[infallible] readonly attribute boolean includeSubdomains;
- [implicit_jscontext]
+ [implicit_jscontext, must_use]
readonly attribute jsval originAttributes;
/*
* SECURITY_PROPERTY_SET and SECURITY_PROPERTY_UNSET correspond to indicating
* a site has or does not have the security property in question,
* respectively.
* SECURITY_PROPERTY_KNOCKOUT indicates a value on a preloaded
* list is being overridden, and the associated site does not have the
@@ -58,16 +59,17 @@ interface nsISiteSecurityState : nsISupp
interface nsISiteHSTSState : nsISiteSecurityState
{
};
// This has to be a builtinclass because it derives from a builtinclass.
[scriptable, uuid(ae395078-c7d0-474d-b147-f4aa203a9b2c), builtinclass]
interface nsISiteHPKPState : nsISiteSecurityState
{
+ [must_use]
readonly attribute nsISimpleEnumerator sha256Keys;
};
[scriptable, uuid(275127f8-dbd7-4681-afbf-6df0c6587a01)]
interface nsISiteSecurityService : nsISupports
{
const uint32_t HEADER_HSTS = 0;
const uint32_t HEADER_HPKP = 1;
@@ -116,28 +118,29 @@ interface nsISiteSecurityService : nsISu
* @param aIncludeSubdomains the parsed includeSubdomains directive.
* @param aFailureResult a more specific failure result if NS_ERROR_FAILURE
was returned.
* @return NS_OK if it succeeds
* NS_ERROR_FAILURE if it can't be parsed
* NS_SUCCESS_LOSS_OF_INSIGNIFICANT_DATA
* if there are unrecognized tokens in the header.
*/
- [binaryname(ProcessHeader), noscript]
+ [binaryname(ProcessHeader), noscript, must_use]
void processHeaderNative(in uint32_t aType,
in nsIURI aSourceURI,
in ACString aHeader,
in nsISSLStatus aSSLStatus,
in uint32_t aFlags,
in const_OriginAttributesRef aOriginAttributes,
[optional] out unsigned long long aMaxAge,
[optional] out boolean aIncludeSubdomains,
[optional] out uint32_t aFailureResult);
- [binaryname(ProcessHeaderScriptable), implicit_jscontext, optional_argc]
+ [binaryname(ProcessHeaderScriptable), implicit_jscontext, optional_argc,
+ must_use]
void processHeader(in uint32_t aType,
in nsIURI aSourceURI,
in ACString aHeader,
in nsISSLStatus aSSLStatus,
in uint32_t aFlags,
[optional] in jsval aOriginAttributes,
[optional] out unsigned long long aMaxAge,
[optional] out boolean aIncludeSubdomains,
@@ -153,17 +156,17 @@ interface nsISiteSecurityService : nsISu
* @param aFlags options for this request as defined in nsISocketProvider:
* NO_PERMANENT_STORAGE
* @param aOriginAttributes the origin attributes that isolate this origin,
* (note that this implementation does not isolate
* by userContextId because of the risk of man-in-
* the-middle attacks before trust-on-second-use
* happens).
*/
- [implicit_jscontext, optional_argc]
+ [implicit_jscontext, optional_argc, must_use]
void removeState(in uint32_t aType,
in nsIURI aURI,
in uint32_t aFlags,
[optional] in jsval aOriginAttributes);
/**
* Checks whether or not the URI's hostname has a given security state set.
* For example, for HSTS:
@@ -180,36 +183,39 @@ interface nsISiteSecurityService : nsISu
* @param aOriginAttributes the origin attributes that isolate this origin,
* (note that this implementation does not isolate
* by userContextId because of the risk of man-in-
* the-middle attacks before trust-on-second-use
* happens).
* @param aCached true if we have cached information regarding whether or not
* the host is HSTS, false otherwise.
*/
- [binaryname(IsSecureURI), noscript]
+ [binaryname(IsSecureURI), noscript, must_use]
boolean isSecureURINative(in uint32_t aType, in nsIURI aURI,
in uint32_t aFlags,
in const_OriginAttributesRef aOriginAttributes,
[optional] out boolean aCached);
- [binaryname(IsSecureURIScriptable), implicit_jscontext, optional_argc]
+ [binaryname(IsSecureURIScriptable), implicit_jscontext, optional_argc,
+ must_use]
boolean isSecureURI(in uint32_t aType, in nsIURI aURI, in uint32_t aFlags,
[optional] in jsval aOriginAttributes,
[optional] out boolean aCached);
/**
* Removes all non-preloaded security state by resetting to factory-original
* settings.
*/
+ [must_use]
void clearAll();
/**
* Removes all preloaded security state.
*/
+ [must_use]
void clearPreloads();
/**
* Returns an array of sha256-hashed key pins for the given domain, if any.
* If these pins also apply to subdomains of the given domain,
* aIncludeSubdomains will be true. Pins returned are only for non-built-in
* pin entries.
*
@@ -220,17 +226,17 @@ interface nsISiteSecurityService : nsISu
* (note that this implementation does not isolate
* by userContextId because of the risk of man-in-
* the-middle attacks before trust-on-second-use
* happens).
* @param aPinArray the set of sha256-hashed key pins for the given domain
* @param aIncludeSubdomains true if the pins apply to subdomains of the
* given domain
*/
- [noscript] boolean getKeyPinsForHostname(
+ [noscript, must_use] boolean getKeyPinsForHostname(
in ACString aHostname,
in mozillaPkixTime evalTime,
in const_OriginAttributesRef aOriginAttributes,
out nsCStringTArrayRef aPinArray,
out boolean aIncludeSubdomains);
/**
* Set public-key pins for a host. The resulting pins will be permanent
@@ -245,60 +251,62 @@ interface nsISiteSecurityService : nsISu
* @param aIsPreload are these key pins for a preload entry? (false by
* default)
* @param aOriginAttributes the origin attributes that isolate this origin,
* (note that this implementation does not isolate
* by userContextId because of the risk of man-in-
* the-middle attacks before trust-on-second-use
* happens).
*/
- [implicit_jscontext, optional_argc]
+ [implicit_jscontext, optional_argc, must_use]
boolean setKeyPins(in ACString aHost, in boolean aIncludeSubdomains,
in int64_t aExpires, in unsigned long aPinCount,
[array, size_is(aPinCount)] in string aSha256Pins,
[optional] in boolean aIsPreload,
[optional] in jsval aOriginAttributes);
/**
* Set an HSTS preload entry for a host. The resulting entries will be
* permanent and visible from private and non-private contexts. These
* entries replace any already set by this mechanism or those built-in to
* Gecko.
*
* @param aHost the hostname (punycode) that the entry applies to
* @param aIncludeSubdomains whether this entry also applies to subdomains
* @param aExpires the time this entry should expire (millis since epoch)
*/
+ [must_use]
boolean setHSTSPreload(in ACString aHost,
in boolean aIncludesSubdomains,
in int64_t aExpires);
/**
* Mark a host as declining to provide a given security state so that features
* such as HSTS priming will not flood a server with requests.
*
* @param aURI the nsIURI that this applies to
* @param aMaxAge lifetime (in seconds) of this negative cache
* @param aOriginAttributes the origin attributes that isolate this origin,
* (note that this implementation does not isolate
* by userContextId because of the risk of man-in-
* the-middle attacks before trust-on-second-use
* happens).
*/
- [noscript] void cacheNegativeHSTSResult(
+ [noscript, must_use] void cacheNegativeHSTSResult(
in nsIURI aURI, in unsigned long long aMaxAge,
in const_OriginAttributesRef aOriginAttributes);
/**
* Returns an enumerator of the nsISiteSecurityService storage. Each item in
* the enumeration is a nsISiteSecurityState that can be QueryInterfaced to
* the appropriate nsISiteHSTSState or nsISiteHPKPState, depending on the
* provided type. Doesn't include preloaded entries (either the hard-coded
* ones or the preloaded-delivered-by-kinto ones).
*
* @param aType the type of security state in question.
*/
+ [must_use]
nsISimpleEnumerator enumerate(in uint32_t aType);
};
%{C++
#define NS_SSSERVICE_CONTRACTID "@mozilla.org/ssservice;1"
%}
--- a/security/manager/ssl/nsITokenDialogs.idl
+++ b/security/manager/ssl/nsITokenDialogs.idl
@@ -5,26 +5,27 @@
#include "nsISupports.idl"
interface nsIInterfaceRequestor;
interface nsIProtectedAuthThread;
[scriptable, uuid(a1cbc159-468c-495d-8068-61dd538cbcca)]
interface nsITokenDialogs : nsISupports
{
+ [must_use]
void ChooseToken(in nsIInterfaceRequestor ctx,
[array, size_is(count)] in wstring tokenNameList,
in unsigned long count,
out AString tokenName,
out boolean canceled);
- /**
- * displayProtectedAuth - displays notification dialog to the user
- * that he is expected to authenticate to the token using its
- * "protected authentication path" feature
- */
+ /**
+ * Displays notification dialog to the user that they are expected to
+ * authenticate to the token using its "protected authentication path" feature.
+ */
+ [must_use]
void displayProtectedAuth(in nsIInterfaceRequestor ctx,
in nsIProtectedAuthThread runnable);
};
%{C++
#define NS_TOKENDIALOGS_CONTRACTID "@mozilla.org/nsTokenDialogs;1"
%}
--- a/security/manager/ssl/nsITokenPasswordDialogs.idl
+++ b/security/manager/ssl/nsITokenPasswordDialogs.idl
@@ -15,14 +15,15 @@ interface nsITokenPasswordDialogs : nsIS
{
/**
* Brings up a dialog to set the password on a token.
*
* @param ctx A user interface context.
* @param tokenName Name of the token.
* @return true if the user canceled the dialog, false otherwise.
*/
+ [must_use]
boolean setPassword(in nsIInterfaceRequestor ctx, in AString tokenName);
};
%{C++
#define NS_TOKENPASSWORDSDIALOG_CONTRACTID "@mozilla.org/nsTokenPasswordDialogs;1"
%}
--- a/security/manager/ssl/nsIU2FToken.idl
+++ b/security/manager/ssl/nsIU2FToken.idl
@@ -12,57 +12,61 @@ interface nsIArray;
[scriptable, uuid(5778242f-1f42-47a2-b514-fa1adde2d904)]
interface nsIU2FToken : nsISupports {
/**
* Is this token compatible with the provided version?
*
* @param version The offered version to test
* @return True if the offered version is compatible
*/
+ [must_use]
void isCompatibleVersion(in AString version, [retval] out boolean result);
/**
* Return whether the provided KeyHandle belongs to this Token
*
* @param keyHandle Key Handle to evaluate.
* @param application The FIDO Application data to associate with the key.
* @return True if the Key Handle is ours.
*/
+ [must_use]
void isRegistered([array, size_is(keyHandleLen)] in octet keyHandle,
in uint32_t keyHandleLen,
[array, size_is(applicationLen)] in octet application,
in uint32_t applicationLen,
[retval] out boolean result);
/**
* Generates a public/private keypair for the provided application
* and challenge, returning the pubkey, challenge response, and
* key handle in the registration data.
*
* @param application The FIDO Application data to associate with the key.
* @param challenge The Challenge to satisfy in the response.
* @param registration An array containing the pubkey, challenge response,
* and key handle.
*/
+ [must_use]
void register([array, size_is(applicationLen)] in octet application,
in uint32_t applicationLen,
[array, size_is(challengeLen)] in octet challenge,
in uint32_t challengeLen,
[array, size_is(registrationLen)] out octet registration,
out uint32_t registrationLen);
/**
* Creates a signature over the "param" arguments using the private key
* provided in the key handle argument.
*
* @param application The FIDO Application data to associate with the key.
* @param challenge The Challenge to satisfy in the response.
* @param keyHandle The Key Handle opaque object to use.
* @param signature The resulting signature.
*/
+ [must_use]
void sign([array, size_is(applicationLen)] in octet application,
in uint32_t applicationLen,
[array, size_is(challengeLen)] in octet challenge,
in uint32_t challengeLen,
[array, size_is(keyHandleLen)] in octet keyHandle,
in uint32_t keyHandleLen,
[array, size_is(signatureLen)] out octet signature,
out uint32_t signatureLen);
--- a/security/manager/ssl/nsIX509Cert.idl
+++ b/security/manager/ssl/nsIX509Cert.idl
@@ -31,37 +31,40 @@ interface nsIX509Cert : nsISupports {
/**
* The primary email address of the certificate, if present.
*/
readonly attribute AString emailAddress;
/**
* Did this certificate ship with the platform as a built-in root?
*/
+ [must_use]
readonly attribute bool isBuiltInRoot;
/**
* Obtain a list of all email addresses
* contained in the certificate.
*
* @param length The number of strings in the returned array.
* @return An array of email addresses.
*/
+ [must_use]
void getEmailAddresses(out unsigned long length,
[retval, array, size_is(length)] out wstring addresses);
/**
* Check whether a given address is contained in the certificate.
* The comparison will convert the email address to lowercase.
* The behaviour for non ASCII characters is undefined.
*
* @param aEmailAddress The address to search for.
*
* @return True if the address is contained in the certificate.
*/
+ [must_use]
boolean containsEmailAddress(in AString aEmailAddress);
/**
* The subject owning the certificate.
*/
readonly attribute AString subjectName;
/**
@@ -72,79 +75,87 @@ interface nsIX509Cert : nsISupports {
/**
* The subject's organization.
*/
readonly attribute AString organization;
/**
* The subject's organizational unit.
*/
+ [must_use]
readonly attribute AString organizationalUnit;
/**
* The fingerprint of the certificate's DER encoding,
* calculated using the SHA-256 algorithm.
*/
readonly attribute AString sha256Fingerprint;
/**
* The fingerprint of the certificate's DER encoding,
* calculated using the SHA1 algorithm.
*/
+ [must_use]
readonly attribute AString sha1Fingerprint;
/**
* A human readable name identifying the hardware or
* software token the certificate is stored on.
*/
readonly attribute AString tokenName;
/**
* The subject identifying the issuer certificate.
*/
readonly attribute AString issuerName;
/**
* The serial number the issuer assigned to this certificate.
*/
+ [must_use]
readonly attribute AString serialNumber;
/**
* The issuer subject's common name.
*/
+ [must_use]
readonly attribute AString issuerCommonName;
/**
* The issuer subject's organization.
*/
readonly attribute AString issuerOrganization;
/**
* The issuer subject's organizational unit.
*/
+ [must_use]
readonly attribute AString issuerOrganizationUnit;
/**
* The certificate used by the issuer to sign this certificate.
*/
+ [must_use]
readonly attribute nsIX509Cert issuer;
/**
* This certificate's validity period.
*/
readonly attribute nsIX509CertValidity validity;
/**
* A unique identifier of this certificate within the local storage.
*/
+ [must_use]
readonly attribute ACString dbKey;
/**
* A human readable identifier to label this certificate.
*/
+ [must_use]
readonly attribute AString displayName;
/**
* Constants to classify the type of a certificate.
*/
const unsigned long UNKNOWN_CERT = 0;
const unsigned long CA_CERT = 1 << 0;
const unsigned long USER_CERT = 1 << 1;
@@ -156,88 +167,98 @@ interface nsIX509Cert : nsISupports {
* Type of this certificate
*/
readonly attribute unsigned long certType;
/**
* True if the certificate is self-signed. CA issued
* certificates are always self-signed.
*/
+ [must_use]
readonly attribute boolean isSelfSigned;
/**
* Constants for specifying the chain mode when exporting a certificate
*/
const unsigned long CMS_CHAIN_MODE_CertOnly = 1;
const unsigned long CMS_CHAIN_MODE_CertChain = 2;
const unsigned long CMS_CHAIN_MODE_CertChainWithRoot = 3;
/**
* Obtain a list of certificates that contains this certificate
* and the issuing certificates of all involved issuers,
* up to the root issuer.
*
* @return The chain of certifficates including the issuers.
*/
+ [must_use]
nsIArray getChain();
/**
* A comma separated list of localized strings representing the contents of
* the certificate's key usage extension, if present. The empty string if the
* certificate doesn't have the key usage extension, or has an empty extension.
*/
+ [must_use]
readonly attribute AString keyUsages;
/**
* This is the attribute which describes the ASN1 layout
* of the certificate. This can be used when doing a
* "pretty print" of the certificate's ASN1 structure.
*/
+ [must_use]
readonly attribute nsIASN1Object ASN1Structure;
/**
* Obtain a raw binary encoding of this certificate
* in DER format.
*
* @param length The number of bytes in the binary encoding.
* @param data The bytes representing the DER encoded certificate.
*/
+ [must_use]
void getRawDER(out unsigned long length,
[retval, array, size_is(length)] out octet data);
/**
* Test whether two certificate instances represent the
* same certificate.
*
* @return Whether the certificates are equal
*/
+ [must_use]
boolean equals(in nsIX509Cert other);
/**
* The base64 encoding of the DER encoded public key info using the specified
* digest.
*/
+ [must_use]
readonly attribute ACString sha256SubjectPublicKeyInfoDigest;
/**
* Obtain the certificate wrapped in a PKCS#7 SignedData structure,
* with or without the certificate chain
*
* @param chainMode Whether to include the chain (with or without the root),
see CMS_CHAIN_MODE constants.
* @param length The number of bytes of the PKCS#7 data.
* @param data The bytes representing the PKCS#7 wrapped certificate.
*/
+ [must_use]
void exportAsCMS(in unsigned long chainMode,
out unsigned long length,
[retval, array, size_is(length)] out octet data);
/**
* Retrieves the NSS certificate object wrapped by this interface
*/
- [notxpcom, noscript] CERTCertificatePtr getCert();
+ [notxpcom, noscript, must_use]
+ CERTCertificatePtr getCert();
/**
* Either delete the certificate from all cert databases,
* or mark it as untrusted.
*/
+ [must_use]
void markForPermDeletion();
};
--- a/security/manager/ssl/nsIX509CertDB.idl
+++ b/security/manager/ssl/nsIX509CertDB.idl
@@ -70,26 +70,28 @@ interface nsIX509CertDB : nsISupports {
/**
* Will find a certificate based on its dbkey
* retrieved by getting the dbKey attribute of
* the certificate.
*
* @param aDBkey Database internal key, as obtained using
* attribute dbkey in nsIX509Cert.
*/
+ [must_use]
nsIX509Cert findCertByDBKey(in ACString aDBkey);
/**
* Find a certificate by email address.
*
* @param aEmailAddress The email address to be used as the key
* to find the certificate.
*
* @return The matching certificate if found.
*/
+ [must_use]
nsIX509Cert findCertByEmailAddress(in ACString aEmailAddress);
/**
* Use this to import a stream sent down as a mime type into
* the certificate database on the default token.
* The stream may consist of one or more certificates.
*
* @param data The raw data to be imported
@@ -138,88 +140,96 @@ interface nsIX509CertDB : nsISupports {
* One call manipulates the trust for one trust type only.
* See the trust type constants defined within this interface.
*
* @param cert Change the stored trust of this certificate.
* @param type The type of the certificate. See nsIX509Cert.
* @param trust A bitmask. The new trust for the possible usages.
* See the trust constants defined within this interface.
*/
+ [must_use]
void setCertTrust(in nsIX509Cert cert,
in unsigned long type,
in unsigned long trust);
/**
* @param cert The certificate for which to modify trust.
* @param trustString decoded by CERT_DecodeTrustString. 3 comma separated
* characters, indicating SSL, Email, and Obj signing
* trust.
*/
+ [must_use]
void setCertTrustFromString(in nsIX509Cert cert, in ACString trustString);
/**
* Query whether a certificate is trusted for a particular use.
*
* @param cert Obtain the stored trust of this certificate.
* @param certType The type of the certificate. See nsIX509Cert.
* @param trustType A single bit from the usages constants defined
* within this interface.
*
* @return Returns true if the certificate is trusted for the given use.
*/
+ [must_use]
boolean isCertTrusted(in nsIX509Cert cert,
in unsigned long certType,
in unsigned long trustType);
/**
* Import certificate(s) from file
*
* @param aFile Identifies a file that contains the certificate
* to be imported.
* @param aType Describes the type of certificate that is going to
* be imported. See type constants in nsIX509Cert.
*/
+ [must_use]
void importCertsFromFile(in nsIFile aFile,
in unsigned long aType);
/**
* Import a PKCS#12 file containing cert(s) and key(s) into the database.
*
* @param aFile Identifies a file that contains the data to be imported.
*/
+ [must_use]
void importPKCS12File(in nsIFile aFile);
/**
* Export a set of certs and keys from the database to a PKCS#12 file.
*
* @param aFile Identifies a file that will be filled with the data to be
* exported.
* @param count The number of certificates to be exported.
* @param aCerts The array of all certificates to be exported.
*/
+ [must_use]
void exportPKCS12File(in nsIFile aFile,
in unsigned long count,
[array, size_is(count)] in nsIX509Cert aCerts);
/*
* Decode a raw data presentation and instantiate an object in memory.
*
* @param base64 The raw representation of a certificate,
* encoded as Base 64.
* @return The new certificate object.
*/
+ [must_use]
nsIX509Cert constructX509FromBase64(in ACString base64);
/*
* Decode a raw data presentation and instantiate an object in memory.
*
* @param certDER The raw representation of a certificate,
* encoded as raw DER.
* @return The new certificate object.
*/
+ [must_use]
nsIX509Cert constructX509(in ACString certDER);
/**
* Verifies the signature on the given JAR file to verify that it has a
* valid signature. To be considered valid, there must be exactly one
* signature on the JAR file and that signature must have signed every
* entry. Further, the signature must come from a certificate that
* is trusted for code signing.
@@ -245,46 +255,49 @@ interface nsIX509CertDB : nsISupports {
/*
* If DeveloperImportedRoot is set as trusted root, a CA from local file
* system will be imported. Only used when preference
* "network.http.packaged-apps-developer-mode" is set.
* The path of the CA is specified by preference
* "network.http.packaged-apps-developer-trusted-root".
*/
const AppTrustedRoot DeveloperImportedRoot = 10;
+ [must_use]
void openSignedAppFileAsync(in AppTrustedRoot trustedRoot,
in nsIFile aJarFile,
in nsIOpenSignedAppFileCallback callback);
/**
* Verifies the signature on a directory representing an unpacked signed
* JAR file. To be considered valid, there must be exactly one signature
* on the directory structure and that signature must have signed every
* entry. Further, the signature must come from a certificate that
* is trusted for code signing.
*
* On success NS_OK and the trusted certificate that signed the
* unpacked JAR are returned.
*
* On failure, an error code is returned.
*/
+ [must_use]
void verifySignedDirectoryAsync(in AppTrustedRoot trustedRoot,
in nsIFile aUnpackedDir,
in nsIVerifySignedDirectoryCallback callback);
/*
* Add a cert to a cert DB from a binary string.
*
* @param certDER The raw DER encoding of a certificate.
* @param trust String describing the trust settings to assign the
* certificate. Decoded by CERT_DecodeTrustString. Consists of 3
* comma separated sets of characters, indicating SSL, Email, and
* Object signing trust.
* @return nsIX509Cert the resulting certificate
*/
+ [must_use]
nsIX509Cert addCert(in ACString certDER, in ACString trust);
// Flags for verifyCertNow (these must match the values in CertVerifier.cpp):
// Prevent network traffic. Doesn't work with classic verification.
const uint32_t FLAG_LOCAL_ONLY = 1 << 0;
// Do not fall back to DV verification after attempting EV validation.
// Actually does prevent network traffic, but can cause a valid EV
// certificate to not be considered valid.
@@ -304,62 +317,69 @@ interface nsIX509CertDB : nsISupports {
* @param aFlags flags as described above
* @param aHostname the (optional) hostname to verify for
* @param aTime the time at which to verify, in seconds since the epoch
* @param aVerifiedChain chain of verification up to the root if success
* @param aHasEVPolicy bool that signified that the cert was an EV cert
* @return 0 if success or the value or the error code for the verification
* failure
*/
+ [must_use]
int32_t /*PRErrorCode*/
verifyCertAtTime(in nsIX509Cert aCert,
in int64_t /*SECCertificateUsage*/ aUsage,
in uint32_t aFlags,
in ACString aHostname,
in uint64_t aTime,
out nsIX509CertList aVerifiedChain,
out bool aHasEVPolicy);
+ [must_use]
int32_t /*PRErrorCode*/
verifyCertNow(in nsIX509Cert aCert,
in int64_t /*SECCertificateUsage*/ aUsage,
in uint32_t aFlags,
in ACString aHostname,
out nsIX509CertList aVerifiedChain,
out bool aHasEVPolicy);
/**
* Similar to the above, but asynchronous. As a result, use of this API is not
* limited to tests.
*/
+ [must_use]
void asyncVerifyCertAtTime(in nsIX509Cert aCert,
in int64_t /*SECCertificateUsage*/ aUsage,
in uint32_t aFlags,
in ACString aHostname,
in uint64_t aTime,
in nsICertVerificationCallback aCallback);
// Clears the OCSP cache for the current certificate verification
// implementation.
+ [must_use]
void clearOCSPCache();
/*
* Add a cert to a cert DB from a base64 encoded string.
*
* @param base64 The raw representation of a certificate, encoded as Base 64.
* @param trust String describing the trust settings to assign the
* certificate. Decoded by CERT_DecodeTrustString. Consists of 3
* comma separated sets of characters, indicating SSL, Email, and
* Object signing trust.
* @return nsIX509Cert the resulting certificate
*/
+ [must_use]
nsIX509Cert addCertFromBase64(in ACString base64, in ACString trust);
/*
* Get all the known certs in the database
*/
+ [must_use]
nsIX509CertList getCerts();
/*
* Get a list of imported enterprise root certificates (currently only
* implemented on Windows).
*/
+ [must_use]
nsIX509CertList getEnterpriseRoots();
};
--- a/security/manager/ssl/nsIX509CertList.idl
+++ b/security/manager/ssl/nsIX509CertList.idl
@@ -9,35 +9,39 @@ interface nsIX509Cert;
%{C++
typedef struct CERTCertListStr CERTCertList;
%}
[ptr] native CERTCertListPtr(CERTCertList);
[scriptable, uuid(ae74cda5-cd2f-473f-96f5-f0b7fff62c68)]
interface nsIX509CertList : nsISupports {
- void addCert(in nsIX509Cert cert);
- void deleteCert(in nsIX509Cert cert);
- nsISimpleEnumerator getEnumerator();
+ [must_use]
+ void addCert(in nsIX509Cert cert);
+ [must_use]
+ void deleteCert(in nsIX509Cert cert);
+ [must_use]
+ nsISimpleEnumerator getEnumerator();
- /**
- * Returns the raw, backing cert list.
- * Must be called only from functions where an nsNSSShutDownPreventionLock
- * has been acquired.
- */
- [notxpcom, noscript] CERTCertListPtr getRawCertList();
+ /**
+ * Returns the raw, backing cert list.
+ * Must be called only from functions where an nsNSSShutDownPreventionLock
+ * has been acquired.
+ */
+ [notxpcom, noscript, must_use]
+ CERTCertListPtr getRawCertList();
- /**
- * Test whether two certificate list instances represent the same
- * certificate list.
- *
- * @return Whether the certificate lists are equal
- */
- boolean equals(in nsIX509CertList other);
-
+ /**
+ * Test whether two certificate list instances represent the same
+ * certificate list.
+ *
+ * @return Whether the certificate lists are equal
+ */
+ [must_use]
+ boolean equals(in nsIX509CertList other);
};
%{C++
#define NS_X509CERTLIST_CID { /* 959fb165-6517-487f-ab9b-d8913be53197 */ \
0x959fb165, \
0x6517, \
0x487f, \
--- a/security/manager/ssl/nsIX509CertValidity.idl
+++ b/security/manager/ssl/nsIX509CertValidity.idl
@@ -12,59 +12,61 @@
[scriptable, uuid(e701dfd8-1dd1-11b2-a172-ffa6cc6156ad)]
interface nsIX509CertValidity : nsISupports {
/**
* The earliest point in time where
* a certificate is valid.
*/
readonly attribute PRTime notBefore;
-
+
/**
* "notBefore" attribute formatted as a time string
* according to the environment locale,
* according to the environment time zone.
*/
+ [must_use]
readonly attribute AString notBeforeLocalTime;
/**
- * The day portion of "notBefore"
- * formatted as a time string
+ * The day portion of "notBefore" formatted as a time string
* according to the environment locale,
* according to the environment time zone.
*/
readonly attribute AString notBeforeLocalDay;
/**
* "notBefore" attribute formatted as a string
* according to the environment locale,
* displayed as GMT / UTC.
*/
+ [must_use]
readonly attribute AString notBeforeGMT;
/**
* The latest point in time where
* a certificate is valid.
*/
readonly attribute PRTime notAfter;
/**
* "notAfter" attribute formatted as a time string
* according to the environment locale,
* according to the environment time zone.
*/
+ [must_use]
readonly attribute AString notAfterLocalTime;
/**
- * The day portion of "notAfter"
- * formatted as a time string
+ * The day portion of "notAfter" formatted as a time string
* according to the environment locale,
* according to the environment time zone.
*/
readonly attribute AString notAfterLocalDay;
/**
* "notAfter" attribute formatted as a time string
* according to the environment locale,
* displayed as GMT / UTC.
*/
+ [must_use]
readonly attribute AString notAfterGMT;
};