diff options
Diffstat (limited to '')
-rw-r--r-- | security/manager/ssl/nsINSSErrorsService.idl | 72 |
1 files changed, 72 insertions, 0 deletions
diff --git a/security/manager/ssl/nsINSSErrorsService.idl b/security/manager/ssl/nsINSSErrorsService.idl new file mode 100644 index 0000000000..e68cba3a05 --- /dev/null +++ b/security/manager/ssl/nsINSSErrorsService.idl @@ -0,0 +1,72 @@ +/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#include "nsISupports.idl" + +[scriptable, uuid(12f60021-e14b-4020-99d1-ed2c795be66a)] +interface nsINSSErrorsService : nsISupports +{ + /** + * @param aNSPRCode An error code obtained using PR_GetError() + * @return True if it is error code defined by the NSS library + */ + [must_use] + boolean isNSSErrorCode(in int32_t aNSPRCode); + + /** + * Function will fail if aNSPRCode is not an NSS error code. + * @param aNSPRCode An error code obtained using PR_GetError() + * @return The result of the conversion, an XPCOM error code + */ + [must_use] + nsresult getXPCOMFromNSSError(in int32_t aNSPRCode); + + /** + * Function will fail if aXPCOMErrorCode is not an NSS error code. + * @param aXPCOMErrorCode An error code obtained using getXPCOMFromNSSError + * return A localized human readable error explanation. + */ + AString getErrorMessage(in nsresult aXPCOMErrorCode); + + /** + * Function will fail if aXPCOMErrorCode is not an NSS error code. + * @param aXPCOMErrorCode An error code obtained using getXPCOMFromNSSError + * return the error class of the code, either ERROR_CLASS_BAD_CERT + * or ERROR_CLASS_SSL_PROTOCOL + */ + [must_use] + uint32_t getErrorClass(in nsresult aXPCOMErrorCode); + + const unsigned long ERROR_CLASS_SSL_PROTOCOL = 1; + const unsigned long ERROR_CLASS_BAD_CERT = 2; + + /** + * The following values define the range of NSPR error codes used by NSS. + * NSS remains the authorative source for these numbers, as a result, + * the values might change in the future. + * The security module will perform a runtime check and assertion + * to ensure the values are in synch with NSS. + */ + const long NSS_SEC_ERROR_BASE = -(0x2000); + const long NSS_SEC_ERROR_LIMIT = (NSS_SEC_ERROR_BASE + 1000); + const long NSS_SSL_ERROR_BASE = -(0x3000); + const long NSS_SSL_ERROR_LIMIT = (NSS_SSL_ERROR_BASE + 1000); + + /** + * The error codes within each module must fit in 16 bits. We want these + * errors to fit in the same module as the NSS errors but not overlap with + * any of them. Converting an NSS SEC, NSS SSL, or mozilla::pkix error to + * an NS error involves negating the value of the error and then + * synthesizing an error in the NS_ERROR_MODULE_SECURITY module. Hence, + * mozilla::pkix errors will start at a negative value that both doesn't + * overlap with the current value ranges for NSS errors and that will fit + * in 16 bits when negated. + * + * Keep these in sync with pkixnss.h. + */ + const long MOZILLA_PKIX_ERROR_BASE = -(0x4000); + const long MOZILLA_PKIX_ERROR_LIMIT = (MOZILLA_PKIX_ERROR_BASE + 1000); +}; |