netwerk/base/nsIPackagedAppUtils.idl
author Henry <hchang@mozilla.com>
Wed, 07 Oct 2015 20:02:00 +0200
changeset 266845 189ab4d27daf760a4f5be489d7f860ceb97eebd7
parent 264239 ed0301097c860d6b3ca33156f06e1cb3dde60d03
child 268812 a2335e0a53d9e28a234328d4ffe721738717e779
permissions -rw-r--r--
Bug 1210573 - Add attribute 'packageIdentifier' to nsIPackagedAppUtils. r=valentin.

/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
/* This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

#include "nsISupports.idl"

interface nsIVerificationCallback;

%{C++
#define NS_PACKAGEDAPPUTILS_CONTRACTID "@mozilla.org/network/packaged-app-utils;1"
%}

/**
 * A package using privileged APIs should be signed by marketplace or trust-
 * worthy developers. When Necko receives such a package, it has to
 * extract the manifest and the signature and calls verifyManifest(...) to verify
 * the manifest. nsIPackagedAppUtils will parse the manifest and
 * store the hash values of each resource. When a resource is ready, Necko
 * will calculate its hash value (including the header like Content-Location: xxx),
 * and calls checkIntegrity(...) to verify the integrity.
 *
 * For more detail:
 *   https://wiki.mozilla.org/FirefoxOS/New_security_model/Packaging
 */

[scriptable, uuid(cc245638-6a38-4f70-8d77-21c55aabd636)]
interface nsIPackagedAppUtils : nsISupports
{
  /**
   * @aHeader is the package's header including
   *   - "manifest-signature: xxxxxx" (base64 encoding)
   * @aManifest is the manifest of the package
   *   - the multipart header is included
   *   - manifest must be the first resource of the package
   * @aCallback is the callback, see comments of nsIVerificationCallback below
   */
  void verifyManifest(in ACString aHeader,
                      in ACString aManifest,
                      in nsIVerificationCallback aVerifier);

  /**
   * @aFileName is the name of a resource in the package
   * @aHashValue is the hash value of this resource named aFileName
   *   - aHashValue should be computed by the caller of this method
   * @aCallback is the callback, see comments of nsIVerificationCallback below
   */
  void checkIntegrity(in ACString aFileName,
                      in ACString aHashValue,
                      in nsIVerificationCallback aVerifier);

  /**
   * The package identifier for signed package. Only available after the
   * manifest is verified.
   */
  readonly attribute ACString packageIdentifier;
};

/**
  * The callback passed to verifyManifest and checkIntegrity
  */
[scriptable, uuid(e1912028-93e5-4378-aa3f-a58702937169)]
interface nsIVerificationCallback : nsISupports
{
  /**
   * @aForManifest
   *   - true if it's called by verifyManifest
   *   - false if it's called by checkIntegrity
   * @aSuccess
   *   - true if the verification succeeds, false otherwise
   */
  void fireVerifiedEvent(in boolean aForManifest,
                         in boolean aSuccess);
};