All Classes Namespaces Files Functions Variables Groups
Certificates.idl
Go to the documentation of this file.
1 /**
2  * @file Certificates.idl
3  * @brief %Certificates management
4  *
5  * @author Frantisek Boranek
6  *
7  * @copyright Copyright © 2017 Kerio Technologies s.r.o.
8  */
9 
10 #import <Structures.idl>
11 #import <common.idl>
12 
13 module kerio {
14 module jsonapi {
15 module webmail {
16 module certificates {
17 
18 struct Validity {
19  boolean isValid;
20  kerio::web::LocalizableMessage error;
21 };
22 
23 struct NameEntry {
24  string commonName; ///< CN
25  string organizationName; ///< O
26  string organizationalUnitName; ///< OU
27  string localityName; ///< L
28  string countryName; ///< C
29  string stateOrProvinceName; ///< ST
30  kerio::web::StringList emailAddresses; ///< 'emailAddress' or 'subjectAltName'(X509v3 Subject Alternative Name)
31 };
32 
33 struct Certificate {
34  kerio::web::KId id;
35  NameEntry subject;
36  NameEntry issuer;
37  UtcDateTime validFrom;
38  UtcDateTime validTo;
39  string serial;
40  Validity validity;
41 };
42 
43 typedef sequence<Certificate> CertificateList;
44 
45 enum CertStoreStatus {
46  Uninitialized, ///< The user has not personal certificate store initialized yet.
47  Opened, ///< The personal certificate store is not opened. The mails are automatically decrypted. Signing and encrypting is possible.
48  Closed, ///< The personal certificate store is closed.
49  FailedToOpen ///< Failed to open it during login in. Valid only if the user uses the login password for the personal certificate store.
50 };
51 
52 /**
53  * the personal certificate store manager class
54  */
55 interface Certificates {
56 
57  /**
58  * Initialize the personal certificate store
59  *
60  * @param password - password of certificate store
61  * @param isLoginPassword - given password is the same which user uses to log in
62  */
63  void init(in string password, in boolean isLoginPassword);
64 
65  /**
66  * Open the personal certificate store
67  *
68  * @param password - password of certificate store
69  */
70  void open(in string password);
71 
72  /**
73  * Close the personal certificate store
74  */
75  void close();
76 
77  /**
78  * Obtain a list of certificates
79  *
80  * @param certificates - current list of certificates
81  */
82  void get(out CertificateList certificates);
83 
84  /**
85  * Obtain particular certificate
86  *
87  * @param certificate - a certificate
88  * @param certificate - global identifier
89  */
90  void getById(out Certificate certificate, in kerio::web::KId id);
91 
92  /**
93  * Obtain a list of certificates
94  *
95  * @param certificates - current list of certificates
96  */
97  void getStatus(out CertStoreStatus status);
98 
99  /**
100  * Obtain source (plain-text representation) of the certificate
101  *
102  * @param source - certificate in plain text
103  * @param id - global identifier
104  */
105  void toSource(out string source, in kerio::web::KId id);
106 
107  /**
108  * Open certificate store uses old password and if successful then updated password to current login password.
109  * Calling is valid only if login password is used as well for certificate store.
110  *
111  * @param oldPassword - password to certificate store (old login password)
112  */
113  void openWithOldLoginPassword(in string oldPassword);
114  void openEditWithOldLoginPassword(in string oldPassword);
115 
116  /**
117  * Reset personal certificate store to uninitialized state. All current store will be removed!
118  *
119  * @param loginPassword - current login password to verify user)
120  */
121  void reset(in string loginPassword);
122 
123 
124  /**
125  * Unlock edit functions
126  *
127  * @param password - password of certificate store
128  */
129  void openEdit(in string password);
130 
131  /**
132  * Lock edit functions
133  */
134  void closeEdit();
135 
136  //////////////////////////////////////////////////////////////////////////
137  // edit functions
138  //////////////////////////////////////////////////////////////////////////
139 
140  /**
141  * Set preferred flag to one of certificates for particular email address.
142  * Preferred flag is removed from other certificates issued for the same email address.
143  *
144  * @param id - ID of the certificate
145  */
146  void setPreferred(in kerio::web::KId id);
147 
148  void changePassword(in string oldPassword, in string newPassword, in boolean isLoginPassword);
149 
150  void importPKCS12(in kerio::web::KId fileId, in string password);
151 
152  /**
153  * Export of certificate and private key
154  * Note: "export" is a keyword in C++, so the name of the method must be changed: exportPrivateKey
155  *
156  * @param id - ID of the certificate
157  * @param fileDownload - description of the output file
158  */
159  void exportPKCS12(out kerio::web::Download fileDownload, in string newPassword, in kerio::web::KId id);
160 
161  void remove(in kerio::web::KId id);
162 };
163 
164 }; }; }; };//end of namespace