Back to index

lightning-sunbird  0.9+nobinonly
Public Member Functions | Public Attributes
nsIX509CertDB Interface Reference

This represents a service to access and manipulate X.509 certificates stored in a database. More...

import "nsIX509CertDB.idl";

Inheritance diagram for nsIX509CertDB:
Inheritance graph
[legend]
Collaboration diagram for nsIX509CertDB:
Collaboration graph
[legend]

List of all members.

Public Member Functions

nsIX509Cert findCertByNickname (in nsISupports aToken, in AString aNickname)
 Given a nickname and optionally a token, locate the matching certificate.
nsIX509Cert findCertByDBKey (in string aDBkey, in nsISupports aToken)
 Will find a certificate based on its dbkey retrieved by getting the dbKey attribute of the certificate.
void findCertNicknames (in nsISupports aToken, in unsigned long aType, out unsigned long count,[array, size_is(count)] out wstring certNameList)
 Obtain a list of certificate nicknames from the database.
nsIX509Cert findEmailEncryptionCert (in AString aNickname)
 Find the email encryption certificate by nickname.
nsIX509Cert findEmailSigningCert (in AString aNickname)
 Find the email signing certificate by nickname.
nsIX509Cert findCertByEmailAddress (in nsISupports aToken, in string aEmailAddress)
 Find a certificate by email address.
void importCertificates ([array, size_is(length)] in octet data, in unsigned long length, in unsigned long type, in nsIInterfaceRequestor ctx)
 Use this to import a stream sent down as a mime type into the certificate database on the default token.
void importEmailCertificate ([array, size_is(length)] in octet data, in unsigned long length, in nsIInterfaceRequestor ctx)
 Import another person's email certificate into the database.
void importServerCertificate ([array, size_is(length)] in octet data, in unsigned long length, in nsIInterfaceRequestor ctx)
 Import a server machine's certificate into the database.
void importUserCertificate ([array, size_is(length)] in octet data, in unsigned long length, in nsIInterfaceRequestor ctx)
 Import a personal certificate into the database, assuming the database already contains the private key for this certificate.
void deleteCertificate (in nsIX509Cert aCert)
 Delete a certificate stored in the database.
void setCertTrust (in nsIX509Cert cert, in unsigned long type, in unsigned long trust)
 Modify the trust that is stored and associated to a certificate within a database.
boolean isCertTrusted (in nsIX509Cert cert, in unsigned long certType, in unsigned long trustType)
 Query whether a certificate is trusted for a particular use.
void importCertsFromFile (in nsISupports aToken, in nsILocalFile aFile, in unsigned long aType)
 Import certificate(s) from file.
void importPKCS12File (in nsISupports aToken, in nsILocalFile aFile)
 Import a PKCS#12 file containing cert(s) and key(s) into the database.
void exportPKCS12File (in nsISupports aToken, in nsILocalFile aFile, in unsigned long count,[array, size_is(count)] in nsIX509Cert aCerts)
 Export a set of certs and keys from the database to a PKCS#12 file.
nsIArray getOCSPResponders ()
 An array of all known OCSP responders within the scope of the certificate database.
nsIX509Cert constructX509FromBase64 (in string base64)

Public Attributes

const unsigned long UNTRUSTED = 0
 Constants that define which usages a certificate is trusted for.
const unsigned long TRUSTED_SSL = 1 << 0
const unsigned long TRUSTED_EMAIL = 1 << 1
const unsigned long TRUSTED_OBJSIGN = 1 << 2
readonly attribute boolean isOcspOn
 Whether OCSP is enabled in preferences.

Detailed Description

This represents a service to access and manipulate X.509 certificates stored in a database.

FROZEN

Definition at line 58 of file nsIX509CertDB.idl.


Member Function Documentation

Delete a certificate stored in the database.

Parameters:
aCertDelete this certificate.
void nsIX509CertDB::exportPKCS12File ( in nsISupports  aToken,
in nsILocalFile  aFile,
in unsigned long  count,
[array, size_is(count)] in nsIX509Cert  aCerts 
)

Export a set of certs and keys from the database to a PKCS#12 file.

Parameters:
aTokenOptionally limits the scope of this function to a token device. Can be null to mean any token.
aFileIdentifies a file that will be filled with the data to be exported.
countThe number of certificates to be exported.
aCertsThe array of all certificates to be exported.
nsIX509Cert nsIX509CertDB::findCertByDBKey ( in string  aDBkey,
in nsISupports  aToken 
)

Will find a certificate based on its dbkey retrieved by getting the dbKey attribute of the certificate.

Parameters:
aDBkeyDatabase internal key, as obtained using attribute dbkey in nsIX509Cert.
aTokenOptionally limits the scope of this function to a token device. Can be null to mean any token.
nsIX509Cert nsIX509CertDB::findCertByEmailAddress ( in nsISupports  aToken,
in string  aEmailAddress 
)

Find a certificate by email address.

Parameters:
aTokenOptionally limits the scope of this function to a token device. Can be null to mean any token.
aEmailAddressThe email address to be used as the key to find the certificate.
Returns:
The matching certificate if found.
nsIX509Cert nsIX509CertDB::findCertByNickname ( in nsISupports  aToken,
in AString  aNickname 
)

Given a nickname and optionally a token, locate the matching certificate.

Parameters:
aTokenOptionally limits the scope of this function to a token device. Can be null to mean any token.
aNicknameThe nickname to be used as the key to find a certificate.
Returns:
The matching certificate if found.
void nsIX509CertDB::findCertNicknames ( in nsISupports  aToken,
in unsigned long  aType,
out unsigned long  count,
[array, size_is(count)] out wstring  certNameList 
)

Obtain a list of certificate nicknames from the database.

What the name is depends on type: user, ca, or server cert - the nickname email cert - the email address

Parameters:
aTokenOptionally limits the scope of this function to a token device. Can be null to mean any token.
aTypeType of certificate to obtain See certificate type constants in nsIX509Cert.
countThe number of nicknames in the returned array
certNameListThe returned array of certificate nicknames.

Find the email encryption certificate by nickname.

Parameters:
aNicknameThe nickname to be used as the key to find the certificate.
Returns:
The matching certificate if found.

Find the email signing certificate by nickname.

Parameters:
aNicknameThe nickname to be used as the key to find the certificate.
Returns:
The matching certificate if found.

An array of all known OCSP responders within the scope of the certificate database.

Returns:
Array of OCSP responders, entries are QIable to nsIOCSPResponder.
void nsIX509CertDB::importCertificates ( [array, size_is(length)] in octet  data,
in unsigned long  length,
in unsigned long  type,
in nsIInterfaceRequestor  ctx 
)

Use this to import a stream sent down as a mime type into the certificate database on the default token.

The stream may consist of one or more certificates.

Parameters:
dataThe raw data to be imported
lengthThe length of the data to be imported
typeThe type of the certificate, see constants in nsIX509Cert
ctxA UI context.
void nsIX509CertDB::importCertsFromFile ( in nsISupports  aToken,
in nsILocalFile  aFile,
in unsigned long  aType 
)

Import certificate(s) from file.

Parameters:
aTokenOptionally limits the scope of this function to a token device. Can be null to mean any token.
aFileIdentifies a file that contains the certificate to be imported.
aTypeDescribes the type of certificate that is going to be imported. See type constants in nsIX509Cert.
void nsIX509CertDB::importEmailCertificate ( [array, size_is(length)] in octet  data,
in unsigned long  length,
in nsIInterfaceRequestor  ctx 
)

Import another person's email certificate into the database.

Parameters:
dataThe raw data to be imported
lengthThe length of the data to be imported
ctxA UI context.
void nsIX509CertDB::importPKCS12File ( in nsISupports  aToken,
in nsILocalFile  aFile 
)

Import a PKCS#12 file containing cert(s) and key(s) into the database.

Parameters:
aTokenOptionally limits the scope of this function to a token device. Can be null to mean any token.
aFileIdentifies a file that contains the data to be imported.
void nsIX509CertDB::importServerCertificate ( [array, size_is(length)] in octet  data,
in unsigned long  length,
in nsIInterfaceRequestor  ctx 
)

Import a server machine's certificate into the database.

Parameters:
dataThe raw data to be imported
lengthThe length of the data to be imported
ctxA UI context.
void nsIX509CertDB::importUserCertificate ( [array, size_is(length)] in octet  data,
in unsigned long  length,
in nsIInterfaceRequestor  ctx 
)

Import a personal certificate into the database, assuming the database already contains the private key for this certificate.

Parameters:
dataThe raw data to be imported
lengthThe length of the data to be imported
ctxA UI context.
boolean nsIX509CertDB::isCertTrusted ( in nsIX509Cert  cert,
in unsigned long  certType,
in unsigned long  trustType 
)

Query whether a certificate is trusted for a particular use.

Parameters:
certObtain the stored trust of this certificate.
certTypeThe type of the certificate. See nsIX509Cert.
trustTypeA single bit from the usages constants defined within this interface.
Returns:
Returns true if the certificate is trusted for the given use.
void nsIX509CertDB::setCertTrust ( in nsIX509Cert  cert,
in unsigned long  type,
in unsigned long  trust 
)

Modify the trust that is stored and associated to a certificate within a database.

Separate trust is stored for One call manipulates the trust for one trust type only. See the trust type constants defined within this interface.

Parameters:
certChange the stored trust of this certificate.
typeThe type of the certificate. See nsIX509Cert.
trustA bitmask. The new trust for the possible usages. See the trust constants defined within this interface.

Member Data Documentation

Whether OCSP is enabled in preferences.

Definition at line 289 of file nsIX509CertDB.idl.

Definition at line 66 of file nsIX509CertDB.idl.

Definition at line 67 of file nsIX509CertDB.idl.

Definition at line 65 of file nsIX509CertDB.idl.

Constants that define which usages a certificate is trusted for.

Definition at line 64 of file nsIX509CertDB.idl.


The documentation for this interface was generated from the following file: