|
|
|
GIO Reference Manual | |
|---|---|---|---|---|
| Top | Description | ||||
GTlsCertificate; GTlsCertificate * g_tls_certificate_new_from_pem (const gchar *data,gssize length,GError **error); GTlsCertificate * g_tls_certificate_new_from_file (const gchar *file,GError **error); GTlsCertificate * g_tls_certificate_new_from_files (const gchar *cert_file,const gchar *key_file,GError **error); GList * g_tls_certificate_list_new_from_file (const gchar *file,GError **error); GTlsCertificate * g_tls_certificate_get_issuer (GTlsCertificate *cert); GTlsCertificateFlags g_tls_certificate_verify (GTlsCertificate *cert,GSocketConnectable *identity,GTlsCertificate *trusted_ca);
A certificate used for TLS authentication and encryption. This can represent either a public key only (eg, the certificate received by a client from a server), or the combination of a public key and a private key (which is needed when acting as a GTlsServerConnection).
typedef struct {
GObject parent_instance;
GTlsCertificatePrivate *priv;
} GTlsCertificate;
Abstract base class for TLS certificate types.
Since 2.28
GTlsCertificate * g_tls_certificate_new_from_pem (const gchar *data,gssize length,GError **error);
Creates a new GTlsCertificate from the PEM-encoded data in data.
If data includes both a certificate and a private key, then the
returned certificate will include the private key data as well.
If data includes multiple certificates, only the first one will be
parsed.
|
PEM-encoded certificate data |
|
the length of data, or -1 if it's 0-terminated.
|
|
GError for error reporting, or NULL to ignore.
|
Returns : |
the new certificate, or NULL if data is invalid
|
Since 2.28
GTlsCertificate * g_tls_certificate_new_from_file (const gchar *file,GError **error);
Creates a GTlsCertificate from the PEM-encoded data in file. If
file cannot be read or parsed, the function will return NULL and
set error. Otherwise, this behaves like g_tls_certificate_new().
|
file containing a PEM-encoded certificate to import |
|
GError for error reporting, or NULL to ignore.
|
Returns : |
the new certificate, or NULL on error
|
Since 2.28
GTlsCertificate * g_tls_certificate_new_from_files (const gchar *cert_file,const gchar *key_file,GError **error);
Creates a GTlsCertificate from the PEM-encoded data in cert_file
and key_file. If either file cannot be read or parsed, the
function will return NULL and set error. Otherwise, this behaves
like g_tls_certificate_new().
|
file containing a PEM-encoded certificate to import |
|
file containing a PEM-encoded private key to import |
|
GError for error reporting, or NULL to ignore.
|
Returns : |
the new certificate, or NULL on error
|
Since 2.28
GList * g_tls_certificate_list_new_from_file (const gchar *file,GError **error);
Creates one or more GTlsCertificates from the PEM-encoded
data in file. If file cannot be read or parsed, the function will
return NULL and set error. If file does not contain any
PEM-encoded certificates, this will return an empty list and not
set error.
|
file containing PEM-encoded certificates to import |
|
GError for error reporting, or NULL to ignore.
|
Returns : |
a GList containing GTlsCertificate objects. You must free the list and its contents when you are done with it. [element-type Gio.TlsCertificate][transfer full Gio.TlsCertificate] |
Since 2.28
GTlsCertificate * g_tls_certificate_get_issuer (GTlsCertificate *cert);
Gets the GTlsCertificate representing cert's issuer, if known
|
a GTlsCertificate |
Returns : |
The certificate of cert's issuer,
or NULL if cert is self-signed or signed with an unknown
certificate. [transfer none]
|
Since 2.28
GTlsCertificateFlags g_tls_certificate_verify (GTlsCertificate *cert,GSocketConnectable *identity,GTlsCertificate *trusted_ca);
This verifies cert and returns a set of GTlsCertificateFlags
indicating any problems found with it. This can be used to verify a
certificate outside the context of making a connection, or to
check a certificate against a CA that is not part of the system
CA database.
If identity is not NULL, cert's name(s) will be compared against
it, and G_TLS_CERTIFICATE_BAD_IDENTITY will be set in the return
value if it does not match. If identity is NULL, that bit will
never be set in the return value.
If trusted_ca is not NULL, then cert (or one of the certificates
in its chain) must be signed by it, or else
G_TLS_CERTIFICATE_UNKNOWN_CA will be set in the return value. If
trusted_ca is NULL, that bit will never be set in the return
value.
(All other GTlsCertificateFlags values will always be set or unset as appropriate.)
|
a GTlsCertificate |
|
the expected peer identity. [allow-none] |
|
the certificate of a trusted authority. [allow-none] |
Returns : |
the appropriate GTlsCertificateFlags |
Since 2.28