nsIX509CertDB

IID:da48b3c0-1284-11d5-ac67-000064657374
Inherits From:nsISupports
Status:FROZEN

This represents a service to access and manipulate X.509 certificates stored in a database.

This interface is implemented by the following components:


Constants

Constants that define which usages a certificate is trusted for.
PRUint32 UNTRUSTED = 0
PRUint32 TRUSTED_SSL = 1
PRUint32 TRUSTED_EMAIL = 2
PRUint32 TRUSTED_OBJSIGN = 4

Properties

readonly PRBool isOcspOn

Whether OCSP is enabled in preferences.


Methods

nsIX509Cert constructX509FromBase64 ( char* base64 ) void deleteCertificate ( nsIX509Cert cert ) void exportPKCS12File ( nsISupports token , nsILocalFile file , PRUint32 count , nsIX509Cert certs ) nsIX509Cert findCertByDBKey ( char* DBkey , nsISupports token ) nsIX509Cert findCertByEmailAddress ( nsISupports token , char* emailAddress ) nsIX509Cert findCertByNickname ( nsISupports token , AString nickname ) void findCertNicknames ( nsISupports token , PRUint32 type , out PRUint32 count , out arrayof PRUnichar* certNameList ) nsIX509Cert findEmailEncryptionCert ( AString nickname ) nsIX509Cert findEmailSigningCert ( AString nickname ) nsIArray getOCSPResponders ( ) void importCertificates ( arrayof PRUint8 data , PRUint32 length , PRUint32 type , nsIInterfaceRequestor ctx ) void importCertsFromFile ( nsISupports token , nsILocalFile file , PRUint32 type ) void importEmailCertificate ( arrayof PRUint8 data , PRUint32 length , nsIInterfaceRequestor ctx ) void importPKCS12File ( nsISupports token , nsILocalFile file ) void importServerCertificate ( arrayof PRUint8 data , PRUint32 length , nsIInterfaceRequestor ctx ) void importUserCertificate ( arrayof PRUint8 data , PRUint32 length , nsIInterfaceRequestor ctx ) PRBool isCertTrusted ( nsIX509Cert cert , PRUint32 certType , PRUint32 trustType ) void setCertTrust ( nsIX509Cert cert , PRUint32 type , PRUint32 trust )

nsIX509Cert constructX509FromBase64 ( char* base64 )

Arguments:
base64

void deleteCertificate ( nsIX509Cert cert )

Delete a certificate stored in the database.

Arguments:
cert: Delete this certificate.

void exportPKCS12File ( nsISupports token , nsILocalFile file , PRUint32 count , nsIX509Cert certs )

Export a set of certs and keys from the database to a PKCS#12 file.

Arguments:
token: Optionally limits the scope of this function to a token device. Can be null to mean any token.
file: Identifies a file that will be filled with the data to be exported.
count: The number of certificates to be exported.
certs: The array of all certificates to be exported.

nsIX509Cert findCertByDBKey ( char* DBkey , nsISupports token )

Will find a certificate based on its dbkey retrieved by getting the dbKey attribute of the certificate.

Arguments:
DBkey: Database internal key, as obtained using attribute dbkey in nsIX509Cert.
token: Optionally limits the scope of this function to a token device. Can be null to mean any token.

nsIX509Cert findCertByEmailAddress ( nsISupports token , char* emailAddress )

Find a certificate by email address.

Arguments:
token: Optionally limits the scope of this function to a token device. Can be null to mean any token.
emailAddress: The email address to be used as the key to find the certificate.
Returns:
The matching certificate if found.

nsIX509Cert findCertByNickname ( nsISupports token , AString nickname )

Given a nickname and optionally a token, locate the matching certificate.

Arguments:
token: Optionally limits the scope of this function to a token device. Can be null to mean any token.
nickname: The nickname to be used as the key to find a certificate.
Returns:
The matching certificate if found.

void findCertNicknames ( nsISupports token , PRUint32 type , out PRUint32 count , out arrayof PRUnichar* certNameList )

Obtain a list of certificate nicknames from the database. What the name is depends on type: user, ca, or server cert - the nickname email cert - the email address

Arguments:
token: Optionally limits the scope of this function to a token device. Can be null to mean any token.
type: Type of certificate to obtain See certificate type constants in nsIX509Cert.
count: The number of nicknames in the returned array
certNameList: The returned array of certificate nicknames.

nsIX509Cert findEmailEncryptionCert ( AString nickname )

Find the email encryption certificate by nickname.

Arguments:
nickname: The nickname to be used as the key to find the certificate.
Returns:
The matching certificate if found.

nsIX509Cert findEmailSigningCert ( AString nickname )

Find the email signing certificate by nickname.

Arguments:
nickname: The nickname to be used as the key to find the certificate.
Returns:
The matching certificate if found.

nsIArray getOCSPResponders ( )

An array of all known OCSP responders within the scope of the certificate database.

Returns:
nsIOCSPResponder.

void importCertificates ( arrayof PRUint8 data , PRUint32 length , PRUint32 type , nsIInterfaceRequestor ctx )

Use this to import a stream sent down as a mime type into the certificate database on the default token. The stream may consist of one or more certificates.

Arguments:
data: The raw data to be imported
length: The length of the data to be imported
type: The type of the certificate, see constants in nsIX509Cert
ctx: A UI context.

void importCertsFromFile ( nsISupports token , nsILocalFile file , PRUint32 type )

Import certificate(s) from file

Arguments:
token: Optionally limits the scope of this function to a token device. Can be null to mean any token.
file: Identifies a file that contains the certificate to be imported.
type: Describes the type of certificate that is going to be imported. See type constants in nsIX509Cert.

void importEmailCertificate ( arrayof PRUint8 data , PRUint32 length , nsIInterfaceRequestor ctx )

Import another person's email certificate into the database.

Arguments:
data: The raw data to be imported
length: The length of the data to be imported
ctx: A UI context.

void importPKCS12File ( nsISupports token , nsILocalFile file )

Import a PKCS#12 file containing cert(s) and key(s) into the database.

Arguments:
token: Optionally limits the scope of this function to a token device. Can be null to mean any token.
file: Identifies a file that contains the data to be imported.

void importServerCertificate ( arrayof PRUint8 data , PRUint32 length , nsIInterfaceRequestor ctx )

Import a server machine's certificate into the database.

Arguments:
data: The raw data to be imported
length: The length of the data to be imported
ctx: A UI context.

void importUserCertificate ( arrayof PRUint8 data , PRUint32 length , nsIInterfaceRequestor ctx )

Import a personal certificate into the database, assuming the database already contains the private key for this certificate.

Arguments:
data: The raw data to be imported
length: The length of the data to be imported
ctx: A UI context.

PRBool isCertTrusted ( nsIX509Cert cert , PRUint32 certType , PRUint32 trustType )

Query whether a certificate is trusted for a particular use.

Arguments:
cert: Obtain the stored trust of this certificate.
certType: The type of the certificate. See nsIX509Cert.
trustType: A single bit from the usages constants defined within this interface.
Returns:
Returns true if the certificate is trusted for the given use.

void setCertTrust ( nsIX509Cert cert , PRUint32 type , PRUint32 trust )

Modify the trust that is stored and associated to a certificate within a database. Separate trust is stored for One call manipulates the trust for one trust type only. See the trust type constants defined within this interface.

Arguments:
cert: Change the stored trust of this certificate.
type: The type of the certificate. See nsIX509Cert.
trust: A bitmask. The new trust for the possible usages. See the trust constants defined within this interface.

Reference documentation is generated from Mozilla's source.

Add a note User Contributed Notes
No comments available

Copyright © 1999 - 2005 XULPlanet.com