|
|
|
GIO Reference Manual | |
|---|---|---|---|---|
| Top | Description | Object Hierarchy | Properties | ||||
GTlsCertificate; GTlsCertificate * g_tls_certificate_new_from_pem (const gchar *data,gssize length,GError **error); GTlsCertificate * g_tls_certificate_new_from_file (const gchar *file,GError **error); GTlsCertificate * g_tls_certificate_new_from_files (const gchar *cert_file,const gchar *key_file,GError **error); GList * g_tls_certificate_list_new_from_file (const gchar *file,GError **error); GTlsCertificate * g_tls_certificate_get_issuer (GTlsCertificate *cert); GTlsCertificateFlags g_tls_certificate_verify (GTlsCertificate *cert,GSocketConnectable *identity,GTlsCertificate *trusted_ca);
"certificate" GByteArray* : Read / Write / Construct Only "certificate-pem" gchar* : Read / Write / Construct Only "issuer" GTlsCertificate* : Read / Write / Construct Only "private-key" GByteArray* : Write / Construct Only "private-key-pem" gchar* : Write / Construct Only
A certificate used for TLS authentication and encryption. This can represent either a public key only (eg, the certificate received by a client from a server), or the combination of a public key and a private key (which is needed when acting as a GTlsServerConnection).
typedef struct _GTlsCertificate GTlsCertificate;
Abstract base class for TLS certificate types.
Since 2.28
GTlsCertificate * g_tls_certificate_new_from_pem (const gchar *data,gssize length,GError **error);
Creates a new GTlsCertificate from the PEM-encoded data in data.
If data includes both a certificate and a private key, then the
returned certificate will include the private key data as well.
If data includes multiple certificates, only the first one will be
parsed.
|
PEM-encoded certificate data |
|
the length of data, or -1 if it's 0-terminated. |
|
GError for error reporting, or NULL to ignore. |
Returns : |
the new certificate, or NULL if data is invalid |
Since 2.28
GTlsCertificate * g_tls_certificate_new_from_file (const gchar *file,GError **error);
Creates a GTlsCertificate from the PEM-encoded data in file. If
file cannot be read or parsed, the function will return NULL and
set error. Otherwise, this behaves like g_tls_certificate_new().
|
file containing a PEM-encoded certificate to import |
|
GError for error reporting, or NULL to ignore. |
Returns : |
the new certificate, or NULL on error |
Since 2.28
GTlsCertificate * g_tls_certificate_new_from_files (const gchar *cert_file,const gchar *key_file,GError **error);
Creates a GTlsCertificate from the PEM-encoded data in cert_file
and key_file. If either file cannot be read or parsed, the
function will return NULL and set error. Otherwise, this behaves
like g_tls_certificate_new().
|
file containing a PEM-encoded certificate to import |
|
file containing a PEM-encoded private key to import |
|
GError for error reporting, or NULL to ignore. |
Returns : |
the new certificate, or NULL on error |
Since 2.28
GList * g_tls_certificate_list_new_from_file (const gchar *file,GError **error);
Creates one or more GTlsCertificates from the PEM-encoded
data in file. If file cannot be read or parsed, the function will
return NULL and set error. If file does not contain any
PEM-encoded certificates, this will return an empty list and not
set error.
|
file containing PEM-encoded certificates to import |
|
GError for error reporting, or NULL to ignore. |
Returns : |
a GList containing GTlsCertificate objects. You must free the list and its contents when you are done with it. [element-type Gio.TlsCertificate][transfer full] |
Since 2.28
GTlsCertificate * g_tls_certificate_get_issuer (GTlsCertificate *cert);
Gets the GTlsCertificate representing cert's issuer, if known
|
a GTlsCertificate |
Returns : |
The certificate of cert's issuer,
or NULL if cert is self-signed or signed with an unknown
certificate. [transfer none]
|
Since 2.28
GTlsCertificateFlags g_tls_certificate_verify (GTlsCertificate *cert,GSocketConnectable *identity,GTlsCertificate *trusted_ca);
This verifies cert and returns a set of GTlsCertificateFlags
indicating any problems found with it. This can be used to verify a
certificate outside the context of making a connection, or to
check a certificate against a CA that is not part of the system
CA database.
If identity is not NULL, cert's name(s) will be compared against
it, and G_TLS_CERTIFICATE_BAD_IDENTITY will be set in the return
value if it does not match. If identity is NULL, that bit will
never be set in the return value.
If trusted_ca is not NULL, then cert (or one of the certificates
in its chain) must be signed by it, or else
G_TLS_CERTIFICATE_UNKNOWN_CA will be set in the return value. If
trusted_ca is NULL, that bit will never be set in the return
value.
(All other GTlsCertificateFlags values will always be set or unset as appropriate.)
|
a GTlsCertificate |
|
the expected peer identity. [allow-none] |
|
the certificate of a trusted authority. [allow-none] |
Returns : |
the appropriate GTlsCertificateFlags |
Since 2.28
"certificate" property"certificate" GByteArray* : Read / Write / Construct Only
The DER (binary) encoded representation of the certificate's public key. This property and the "certificate-pem" property represent the same data, just in different forms.
Since 2.28
"certificate-pem" property"certificate-pem" gchar* : Read / Write / Construct Only
The PEM (ASCII) encoded representation of the certificate's public key. This property and the "certificate" property represent the same data, just in different forms.
Default value: NULL
Since 2.28
"issuer" property"issuer" GTlsCertificate* : Read / Write / Construct Only
A GTlsCertificate representing the entity that issued this
certificate. If NULL, this means that the certificate is either
self-signed, or else the certificate of the issuer is not
available.
Since 2.28
"private-key" property"private-key" GByteArray* : Write / Construct Only
The DER (binary) encoded representation of the certificate's private key. This property (or the "private-key-pem" property) can be set when constructing a key (eg, from a file), but cannot be read.
Since 2.28
"private-key-pem" property"private-key-pem" gchar* : Write / Construct Only
The PEM (ASCII) encoded representation of the certificate's private key. This property (or the "private-key" property) can be set when constructing a key (eg, from a file), but cannot be read.
Default value: NULL
Since 2.28