summaryrefslogtreecommitdiffstats
path: root/security/manager/ssl/nsISiteSecurityService.idl
diff options
context:
space:
mode:
authorwolfbeast <mcwerewolf@wolfbeast.com>2020-03-28 01:06:56 +0100
committerwolfbeast <mcwerewolf@wolfbeast.com>2020-04-14 13:19:41 +0200
commit99bad1726e897a82239e543a7a8e8fea36b797c0 (patch)
treeaf15c93fca2c7052c029e2422e852cd98b82eb8e /security/manager/ssl/nsISiteSecurityService.idl
parentd86349716a9740226d9175b1cf4b60765cb707fc (diff)
downloadUXP-99bad1726e897a82239e543a7a8e8fea36b797c0.tar
UXP-99bad1726e897a82239e543a7a8e8fea36b797c0.tar.gz
UXP-99bad1726e897a82239e543a7a8e8fea36b797c0.tar.lz
UXP-99bad1726e897a82239e543a7a8e8fea36b797c0.tar.xz
UXP-99bad1726e897a82239e543a7a8e8fea36b797c0.zip
Issue #1280 - Part 1: Remove HPKP components.
This also removes leftover plumbing for storing preload information in SiteSecurityService since no service still uses it.
Diffstat (limited to 'security/manager/ssl/nsISiteSecurityService.idl')
-rw-r--r--security/manager/ssl/nsISiteSecurityService.idl46
1 files changed, 5 insertions, 41 deletions
diff --git a/security/manager/ssl/nsISiteSecurityService.idl b/security/manager/ssl/nsISiteSecurityService.idl
index 4286848a9..d0e5f61ed 100644
--- a/security/manager/ssl/nsISiteSecurityService.idl
+++ b/security/manager/ssl/nsISiteSecurityService.idl
@@ -27,7 +27,7 @@ namespace mozilla
interface nsISiteSecurityService : nsISupports
{
const uint32_t HEADER_HSTS = 0;
- const uint32_t HEADER_HPKP = 1;
+ const uint32_t HEADER_HPKP = 1; /* no longer used */
const uint32_t HEADER_OMS = 2;
const uint32_t Success = 0;
@@ -39,10 +39,10 @@ interface nsISiteSecurityService : nsISupports
const uint32_t ERROR_INVALID_MAX_AGE = 6;
const uint32_t ERROR_MULTIPLE_INCLUDE_SUBDOMAINS = 7;
const uint32_t ERROR_INVALID_INCLUDE_SUBDOMAINS = 8;
- const uint32_t ERROR_INVALID_PIN = 9;
- const uint32_t ERROR_MULTIPLE_REPORT_URIS = 10;
- const uint32_t ERROR_PINSET_DOES_NOT_MATCH_CHAIN = 11;
- const uint32_t ERROR_NO_BACKUP_PIN = 12;
+ const uint32_t ERROR_INVALID_PIN = 9; /* no longer used */
+ const uint32_t ERROR_MULTIPLE_REPORT_URIS = 10; /* no longer used */
+ const uint32_t ERROR_PINSET_DOES_NOT_MATCH_CHAIN = 11; /* no longer used */
+ const uint32_t ERROR_NO_BACKUP_PIN = 12; /* no longer used */
const uint32_t ERROR_COULD_NOT_SAVE_STATE = 13;
const uint32_t ERROR_ROOT_NOT_BUILT_IN = 14;
@@ -150,42 +150,6 @@ interface nsISiteSecurityService : nsISupports
* settings.
*/
void clearAll();
-
- /**
- * Returns an array of sha256-hashed key pins for the given domain, if any.
- * If these pins also apply to subdomains of the given domain,
- * aIncludeSubdomains will be true. Pins returned are only for non-built-in
- * pin entries.
- *
- * @param aHostname the hosname (punycode) to be queried about
- * @param the time at which the pins should be valid. This is in
- mozilla::pkix::Time which uses internally seconds since 0 AD.
- * @param aPinArray the set of sha256-hashed key pins for the given domain
- * @param aIncludeSubdomains true if the pins apply to subdomains of the
- * given domain
- */
- [noscript] boolean getKeyPinsForHostname(in string aHostname,
- in mozillaPkixTime evalTime,
- out nsCStringTArrayRef aPinArray,
- out boolean aIncludeSubdomains);
-
- /**
- * Set public-key pins for a host. The resulting pins will be permanent
- * and visible from private and non-private contexts. These pins replace
- * any already set by this mechanism or those built-in to Gecko.
- *
- * @param aHost the hostname (punycode) that pins will apply to
- * @param aIncludeSubdomains whether these pins also apply to subdomains
- * @param aExpires the time this pin should expire (millis since epoch)
- * @param aPinCount number of keys being pinnned
- * @param aSha256Pins array of hashed key fingerprints (SHA-256, base64)
- * @param aIsPreload are these key pins for a preload entry? (false by
- * default)
- */
- boolean setKeyPins(in string aHost, in boolean aIncludeSubdomains,
- in int64_t aExpires, in unsigned long aPinCount,
- [array, size_is(aPinCount)] in string aSha256Pins,
- [optional] in boolean aIsPreload);
};
%{C++