search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Bug 1631807 [wpt PR 23140] - Test new Web IDL class string behavior, a=testonly
[gecko.git] / netwerk / socket / nsITransportSecurityInfo.idl
blob60bb505fdb8b06b97acf8a0f12d28d279f1615dd
1 /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
2 *
3 * This Source Code Form is subject to the terms of the Mozilla Public
4 * License, v. 2.0. If a copy of the MPL was not distributed with this
5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
6
7 #include "nsISupports.idl"
8
9 interface nsIX509Cert;
10
11 %{ C++
12 namespace IPC {
13 class Message;
14 }
15 class PickleIterator;
16 %}
17
18 [ptr] native IpcMessagePtr(IPC::Message);
19 [ptr] native PickleIteratorPtr(PickleIterator);
20
21 [builtinclass, scriptable, uuid(216112d3-28bc-4671-b057-f98cc09ba1ea)]
22 interface nsITransportSecurityInfo : nsISupports {
23 readonly attribute unsigned long securityState;
24 readonly attribute long errorCode; // PRErrorCode
25 // errorCode as string (e.g. "SEC_ERROR_UNKNOWN_ISSUER")
26 readonly attribute AString errorCodeString;
27
28 /**
29 * The following parameters are only valid after the TLS handshake
30 * has completed. Check securityState first.
31 */
32
33 /**
34 * If certificate verification failed, this will be the peer certificate
35 * chain provided in the handshake, so it can be used for error reporting.
36 * If verification succeeded, this will be empty.
37 */
38 readonly attribute Array<nsIX509Cert> failedCertChain;
39
40 readonly attribute nsIX509Cert serverCert;
41 readonly attribute Array<nsIX509Cert> succeededCertChain;
42
43 [must_use]
44 readonly attribute ACString cipherName;
45 [must_use]
46 readonly attribute unsigned long keyLength;
47 [must_use]
48 readonly attribute unsigned long secretKeyLength;
49 [must_use]
50 readonly attribute ACString keaGroupName;
51 [must_use]
52 readonly attribute ACString signatureSchemeName;
53
54 const short SSL_VERSION_3 = 0;
55 const short TLS_VERSION_1 = 1;
56 const short TLS_VERSION_1_1 = 2;
57 const short TLS_VERSION_1_2 = 3;
58 const short TLS_VERSION_1_3 = 4;
59 [must_use]
60 readonly attribute unsigned short protocolVersion;
61
62 const short CERTIFICATE_TRANSPARENCY_NOT_APPLICABLE = 0;
63 const short CERTIFICATE_TRANSPARENCY_POLICY_COMPLIANT = 5;
64 const short CERTIFICATE_TRANSPARENCY_POLICY_NOT_ENOUGH_SCTS = 6;
65 const short CERTIFICATE_TRANSPARENCY_POLICY_NOT_DIVERSE_SCTS = 7;
66 [must_use]
67 readonly attribute unsigned short certificateTransparencyStatus;
68
69 [must_use]
70 readonly attribute boolean isDelegatedCredential;
71 [must_use]
72 readonly attribute boolean isDomainMismatch;
73 [must_use]
74 readonly attribute boolean isNotValidAtThisTime;
75
76 [must_use]
77 readonly attribute boolean isUntrusted;
78
79 /**
80 * True only if (and after) serverCert was successfully validated as
81 * Extended Validation (EV).
82 */
83 [must_use]
84 readonly attribute boolean isExtendedValidation;
85
86 [notxpcom, noscript]
87 void SerializeToIPC(in IpcMessagePtr aMsg);
88
89 [notxpcom, noscript]
90 bool DeserializeFromIPC([const] in IpcMessagePtr aMsg, in PickleIteratorPtr aIter);
91
92 /* negotiatedNPN is '' if no NPN list was provided by the client,
93 * or if the server did not select any protocol choice from that
94 * list. That also includes the case where the server does not
95 * implement NPN.
96 *
97 * If negotiatedNPN is read before NPN has progressed to the point
98 * where this information is available NS_ERROR_NOT_CONNECTED is
99 * raised.
100 */
101 readonly attribute ACString negotiatedNPN;
102
103 /**
104 * True iff the connection was resumed using the resumption token.
105 */
106 readonly attribute boolean resumed;
107
108 /**
109 * True iff the succeededCertChain is built in root.
110 */
111 attribute boolean isBuiltCertChainRootBuiltInRoot;
112 };