firefox-main/__GENERATED__/dist/xpcrs/rt/nsILockstore.rs

Generated file

Copy as Markdown

Other Tools

//
// DO NOT EDIT. THIS FILE IS GENERATED FROM $SRCDIR/security/lockstore/nsILockstore.idl
//
/// `interface nsILockstore : nsISupports`
///
/// ```text
/// /**
/// * Scriptable wrapper over the Lockstore keystore. A single instance per
/// * process is opened against the current profile's keystore file
/// * (lockstore.keys.sqlite).
/// *
/// * KEK references are opaque strings such as "lockstore::kek::local" or
/// * "lockstore::kek::primary_password". A collection is an arbitrary
/// * namespace under which a single DEK (data encryption key) is wrapped by
/// * one or more KEKs; see `createDek`.
/// *
/// * Methods that touch SQLite or run PBKDF2 return a `Promise` and execute
/// * on a private background queue so they do not block the main thread.
/// * The cheap in-memory state checks (`isKekUnlocked`, `lockKek`, `lock`,
/// * `hasPrimaryPassword`) remain synchronous.
/// */
/// ```
///
// The actual type definition for the interface. This struct has methods
// declared on it which will call through its vtable. You never want to pass
// this type around by value, always pass it behind a reference.
#[repr(C)]
pub struct nsILockstore {
vtable: &'static nsILockstoreVTable,
/// This field is a phantomdata to ensure that the VTable type and any
/// struct containing it is not safe to send across threads by default, as
/// XPCOM is generally not threadsafe.
///
/// If this type is marked as [rust_sync], there will be explicit `Send` and
/// `Sync` implementations on this type, which will override the inherited
/// negative impls from `Rc`.
__nosync: ::std::marker::PhantomData<::std::rc::Rc<u8>>,
// Make the rust compiler aware that there might be interior mutability
// in what actually implements the interface. This works around UB
// that a rust lint would make blatantly obvious, but doesn't exist.
// This prevents optimizations, but those optimizations weren't available
// before rustc switched to LLVM 16, and they now cause problems because
// of the UB.
// Until there's a lint available to find all our UB, it's simpler to
// avoid the UB in the first place, at the cost of preventing optimizations
// in places that don't cause UB. But again, those optimizations weren't
// available before.
__maybe_interior_mutability: ::std::cell::UnsafeCell<[u8; 0]>,
}
// Implementing XpCom for an interface exposes its IID, which allows for easy
// use of the `.query_interface<T>` helper method. This also defines that
// method for nsILockstore.
unsafe impl XpCom for nsILockstore {
const IID: nsIID = nsID(0xa83f5d62, 0x7b1c, 0x4d2e,
[0x9f, 0x0a, 0x3c, 0x5e, 0x8b, 0x6a, 0x1d, 0x4e]);
}
// We need to implement the RefCounted trait so we can be used with `RefPtr`.
// This trait teaches `RefPtr` how to manage our memory.
unsafe impl RefCounted for nsILockstore {
#[inline]
unsafe fn addref(&self) {
self.AddRef();
}
#[inline]
unsafe fn release(&self) {
self.Release();
}
}
// This trait is implemented on all types which can be coerced to from nsILockstore.
// It is used in the implementation of `fn coerce<T>`. We hide it from the
// documentation, because it clutters it up a lot.
#[doc(hidden)]
pub trait nsILockstoreCoerce {
/// Cheaply cast a value of this type from a `nsILockstore`.
fn coerce_from(v: &nsILockstore) -> &Self;
}
// The trivial implementation: We can obviously coerce ourselves to ourselves.
impl nsILockstoreCoerce for nsILockstore {
#[inline]
fn coerce_from(v: &nsILockstore) -> &Self {
v
}
}
impl nsILockstore {
/// Cast this `nsILockstore` to one of its base interfaces.
#[inline]
pub fn coerce<T: nsILockstoreCoerce>(&self) -> &T {
T::coerce_from(self)
}
}
// Every interface struct type implements `Deref` to its base interface. This
// causes methods on the base interfaces to be directly avaliable on the
// object. For example, you can call `.AddRef` or `.QueryInterface` directly
// on any interface which inherits from `nsISupports`.
impl ::std::ops::Deref for nsILockstore {
type Target = nsISupports;
#[inline]
fn deref(&self) -> &nsISupports {
unsafe {
::std::mem::transmute(self)
}
}
}
// Ensure we can use .coerce() to cast to our base types as well. Any type which
// our base interface can coerce from should be coercable from us as well.
impl<T: nsISupportsCoerce> nsILockstoreCoerce for T {
#[inline]
fn coerce_from(v: &nsILockstore) -> &Self {
T::coerce_from(v)
}
}
// This struct represents the interface's VTable. A pointer to a statically
// allocated version of this struct is at the beginning of every nsILockstore
// object. It contains one pointer field for each method in the interface. In
// the case where we can't generate a binding for a method, we include a void
// pointer.
#[doc(hidden)]
#[repr(C)]
pub struct nsILockstoreVTable {
/// We need to include the members from the base interface's vtable at the start
/// of the VTable definition.
pub __base: nsISupportsVTable,
/* readonly attribute boolean hasPrimaryPassword; */
pub GetHasPrimaryPassword: unsafe extern "system" fn (this: *const nsILockstore, aHasPrimaryPassword: *mut bool) -> ::nserror::nsresult,
/* [implicit_jscontext] Promise setPrimaryPassword (in ACString oldPassword, in ACString newPassword); */
/// Unable to generate binding because `jscontext is unsupported`
pub SetPrimaryPassword: *const ::libc::c_void,
/* [implicit_jscontext] Promise unlockKek (in AUTF8String kekRef, in ACString secret, in uint32_t timeoutMs); */
/// Unable to generate binding because `jscontext is unsupported`
pub UnlockKek: *const ::libc::c_void,
/* [implicit_jscontext] Promise lockKek (in AUTF8String kekRef); */
/// Unable to generate binding because `jscontext is unsupported`
pub LockKek: *const ::libc::c_void,
/* boolean isKekUnlocked (in AUTF8String kekRef); */
pub IsKekUnlocked: unsafe extern "system" fn (this: *const nsILockstore, kekRef: *const ::nsstring::nsACString, _retval: *mut bool) -> ::nserror::nsresult,
/* [implicit_jscontext] Promise lock (); */
/// Unable to generate binding because `jscontext is unsupported`
pub Lock: *const ::libc::c_void,
/* [implicit_jscontext] Promise createDek (in AUTF8String collection, in AUTF8String kekRef, in boolean extractable); */
/// Unable to generate binding because `jscontext is unsupported`
pub CreateDek: *const ::libc::c_void,
/* [implicit_jscontext] Promise importDek (in AUTF8String collection, in AUTF8String kekRef, in Array<octet> dekBytes, in boolean extractable); */
/// Unable to generate binding because `jscontext is unsupported`
pub ImportDek: *const ::libc::c_void,
/* [implicit_jscontext] Promise isDekExtractable (in AUTF8String collection); */
/// Unable to generate binding because `jscontext is unsupported`
pub IsDekExtractable: *const ::libc::c_void,
/* [implicit_jscontext] Promise deleteDek (in AUTF8String collection); */
/// Unable to generate binding because `jscontext is unsupported`
pub DeleteDek: *const ::libc::c_void,
/* [implicit_jscontext] Promise listCollections (); */
/// Unable to generate binding because `jscontext is unsupported`
pub ListCollections: *const ::libc::c_void,
/* [implicit_jscontext] Promise listKeks (in AUTF8String collection); */
/// Unable to generate binding because `jscontext is unsupported`
pub ListKeks: *const ::libc::c_void,
/* [implicit_jscontext] Promise addKek (in AUTF8String collection, in AUTF8String fromKekRef, in AUTF8String toKekRef); */
/// Unable to generate binding because `jscontext is unsupported`
pub AddKek: *const ::libc::c_void,
/* [implicit_jscontext] Promise removeKek (in AUTF8String collection, in AUTF8String kekRef); */
/// Unable to generate binding because `jscontext is unsupported`
pub RemoveKek: *const ::libc::c_void,
/* [implicit_jscontext] Promise switchKek (in AUTF8String collection, in AUTF8String oldKekRef, in AUTF8String newKekRef); */
/// Unable to generate binding because `jscontext is unsupported`
pub SwitchKek: *const ::libc::c_void,
/* [implicit_jscontext] Promise encrypt (in AUTF8String collection, in AUTF8String kekRef, in Array<octet> plaintext); */
/// Unable to generate binding because `jscontext is unsupported`
pub Encrypt: *const ::libc::c_void,
/* [implicit_jscontext] Promise decrypt (in AUTF8String collection, in AUTF8String kekRef, in Array<octet> ciphertext); */
/// Unable to generate binding because `jscontext is unsupported`
pub Decrypt: *const ::libc::c_void,
/* [implicit_jscontext] Promise getDek (in AUTF8String collection, in AUTF8String kekRef); */
/// Unable to generate binding because `jscontext is unsupported`
pub GetDek: *const ::libc::c_void,
}
// The implementations of the function wrappers which are exposed to rust code.
// Call these methods rather than manually calling through the VTable struct.
impl nsILockstore {
/// `readonly attribute boolean hasPrimaryPassword;`
#[inline]
pub unsafe fn GetHasPrimaryPassword(&self, aHasPrimaryPassword: *mut bool) -> ::nserror::nsresult {
((*self.vtable).GetHasPrimaryPassword)(self, aHasPrimaryPassword)
}
/// ```text
/// /**
/// * Initialise (oldPassword == "") or change the primary password.
/// * PBKDF2 hashes the password as raw bytes; no normalisation or
/// * encoding conversion is performed. Callers passing non-ASCII text
/// * must normalise the encoding themselves before calling.
/// *
/// * Lockstore's internal copy of each password is zeroised after the
/// * background work consumes it; the caller's `ACString` arguments are
/// * left untouched.
/// *
/// * The returned Promise resolves with `undefined` on success and
/// * rejects with:
/// * - NS_ERROR_ABORT if `oldPassword` does not authenticate.
/// * - NS_ERROR_FAILURE on any other failure (e.g. SQLite write
/// * errors, crypto-layer errors).
/// */
/// ```
///
/// `[implicit_jscontext] Promise setPrimaryPassword (in ACString oldPassword, in ACString newPassword);`
const _SetPrimaryPassword: () = ();
/// ```text
/// /**
/// * Unlock `kekRef` so subsequent DEK accesses under it succeed for at
/// * most `timeoutMs` milliseconds.
/// *
/// * The returned Promise resolves with `undefined` on success and rejects
/// * with:
/// * - NS_ERROR_ABORT on wrong secret / PIN.
/// * - NS_ERROR_NOT_INITIALIZED if the KEK requires initialisation that
/// * hasn't been performed yet (e.g. no primary password set).
/// * - NS_ERROR_INVALID_ARG on an unrecognised `kekRef`.
/// */
/// ```
///
/// `[implicit_jscontext] Promise unlockKek (in AUTF8String kekRef, in ACString secret, in uint32_t timeoutMs);`
const _UnlockKek: () = ();
/// `[implicit_jscontext] Promise lockKek (in AUTF8String kekRef);`
const _LockKek: () = ();
/// `boolean isKekUnlocked (in AUTF8String kekRef);`
#[inline]
pub unsafe fn IsKekUnlocked(&self, kekRef: *const ::nsstring::nsACString, _retval: *mut bool) -> ::nserror::nsresult {
((*self.vtable).IsKekUnlocked)(self, kekRef, _retval)
}
/// `[implicit_jscontext] Promise lock ();`
const _Lock: () = ();
/// ```text
/// /**
/// * Create a new DEK for `collection`, wrapped under `kekRef`. The
/// * returned Promise rejects with NS_ERROR_FAILURE if the collection
/// * already has a DEK.
/// *
/// * `extractable` controls whether the raw DEK bytes can later be
/// * exported via `getDek`. Use the default (`false`) unless an
/// * external cipher demands raw key material (e.g. mozStorage's
/// * ObfuscatingVFS, which needs a 32-byte key for SQLite page
/// * encryption); `encrypt`/`decrypt` work regardless of `extractable`.
/// */
/// ```
///
/// `[implicit_jscontext] Promise createDek (in AUTF8String collection, in AUTF8String kekRef, in boolean extractable);`
const _CreateDek: () = ();
/// ```text
/// /**
/// * Install caller-supplied `dekBytes` as the DEK for `collection`,
/// * wrapped under the existing `kekRef`. Used for migrating data
/// * already encrypted under a known external DEK into the keystore-
/// * managed model without re-encrypting at rest.
/// *
/// * `dekBytes` must be 32 bytes (AES-256-GCM default cipher suite).
/// * The Promise rejects with:
/// * - NS_ERROR_INVALID_ARG on wrong length, or empty `collection`
/// * / `kekRef`
/// * - NS_ERROR_NOT_AVAILABLE if `kekRef` doesn't exist or is locked
/// * - NS_ERROR_FAILURE if `collection` already has a DEK
/// *
/// * Note: imported DEKs are inherently extractable by the caller (the
/// * bytes are already in their hands). The `extractable` flag controls
/// * only whether future `getDek` calls succeed on this DEK.
/// */
/// ```
///
/// `[implicit_jscontext] Promise importDek (in AUTF8String collection, in AUTF8String kekRef, in Array<octet> dekBytes, in boolean extractable);`
const _ImportDek: () = ();
/// ```text
/// /**
/// * Resolves with `true` iff the DEK for `collection` was created
/// * with `extractable = true`. Touches SQLite (loads the DEK metadata
/// * row), hence async — distinct from `isKekUnlocked` and the
/// * `hasPrimaryPassword` attribute, which are in-memory cache checks.
/// *
/// * Rejects with NS_ERROR_NOT_AVAILABLE if `collection` doesn't exist.
/// */
/// ```
///
/// `[implicit_jscontext] Promise isDekExtractable (in AUTF8String collection);`
const _IsDekExtractable: () = ();
/// ```text
/// /**
/// * Delete the DEK for `collection`. Rejects with
/// * NS_ERROR_NOT_AVAILABLE if no DEK exists. The keystore does not
/// * track any associated datastore; callers are responsible for
/// * disposing of ciphertext under this collection by other means.
/// */
/// ```
///
/// `[implicit_jscontext] Promise deleteDek (in AUTF8String collection);`
const _DeleteDek: () = ();
/// `[implicit_jscontext] Promise listCollections ();`
const _ListCollections: () = ();
/// `[implicit_jscontext] Promise listKeks (in AUTF8String collection);`
const _ListKeks: () = ();
/// `[implicit_jscontext] Promise addKek (in AUTF8String collection, in AUTF8String fromKekRef, in AUTF8String toKekRef);`
const _AddKek: () = ();
/// `[implicit_jscontext] Promise removeKek (in AUTF8String collection, in AUTF8String kekRef);`
const _RemoveKek: () = ();
/// ```text
/// /**
/// * Atomically rewrap the DEK for `collection` from `oldKekRef` to
/// * `newKekRef`. The DEK bytes are unchanged, so ciphertexts at rest
/// * under this collection remain valid. Equivalent in effect to
/// * `addKek(collection, oldKekRef, newKekRef)` followed by
/// * `removeKek(collection, oldKekRef)` but atomic at the kvstore-row
/// * level — a crash mid-operation leaves the keystore in the old
/// * state or the new state, never a transient half-state.
/// *
/// * `oldKekRef` must currently wrap the collection and be unlocked.
/// * The Promise rejects with:
/// * - NS_ERROR_INVALID_ARG if `oldKekRef` == `newKekRef`, or either
/// * is empty
/// * - NS_ERROR_NOT_AVAILABLE if `collection` or its `oldKekRef`
/// * wrapping doesn't exist
/// * - NS_ERROR_FAILURE if `newKekRef` already wraps this collection
/// * - NS_ERROR_NOT_AVAILABLE (`Locked`) if `oldKekRef` is locked
/// */
/// ```
///
/// `[implicit_jscontext] Promise switchKek (in AUTF8String collection, in AUTF8String oldKekRef, in AUTF8String newKekRef);`
const _SwitchKek: () = ();
/// ```text
/// /**
/// * Encrypt `plaintext` with the DEK for `(collection, kekRef)`. The work
/// * runs off the main thread. The returned Promise resolves with a byte
/// * array (Array<octet>) containing a self-describing blob:
/// * [cipher_suite_id(1)] || [nonce] || [ciphertext+tag]
/// * and rejects with an nsresult on failure. The DEK need not be
/// * extractable.
/// */
/// ```
///
/// `[implicit_jscontext] Promise encrypt (in AUTF8String collection, in AUTF8String kekRef, in Array<octet> plaintext);`
const _Encrypt: () = ();
/// ```text
/// /**
/// * Decrypt a blob produced by `encrypt`. Cipher suite is inferred from
/// * the blob's leading byte. Runs off the main thread; the Promise
/// * resolves with the plaintext bytes.
/// */
/// ```
///
/// `[implicit_jscontext] Promise decrypt (in AUTF8String collection, in AUTF8String kekRef, in Array<octet> ciphertext);`
const _Decrypt: () = ();
/// ```text
/// /**
/// * Return the raw DEK bytes for `(collection, kekRef)` as an
/// * `Array<octet>` (32 bytes for the default AES-256-GCM /
/// * ChaCha20-Poly1305 suites). The DEK must have been created with
/// * `extractable = true`; otherwise the Promise rejects with
/// * `NS_ERROR_NOT_AVAILABLE`.
/// *
/// * The returned bytes are sensitive: any caller is now in possession
/// * of the symmetric key that can decrypt every ciphertext stored
/// * under this DEK. Prefer `encrypt`/`decrypt` unless an external
/// * cipher (e.g. mozStorage's ObfuscatingVFS, which needs a 32-byte
/// * key for SQLite page encryption) requires raw key material.
/// *
/// * The Promise also rejects with `NS_ERROR_NOT_AVAILABLE` if no DEK
/// * exists for `(collection, kekRef)`, and with `NS_ERROR_INVALID_ARG`
/// * if either argument is empty.
/// */
/// ```
///
/// `[implicit_jscontext] Promise getDek (in AUTF8String collection, in AUTF8String kekRef);`
const _GetDek: () = ();
}