|
|
|
GIO Reference Manual | |
|---|---|---|---|---|
| Top | Description | ||||
GTlsCertificate;
GTlsCertificate * g_tls_certificate_new_from_pem (const gchar *data,
gssize length,
GError **error);
GTlsCertificate * g_tls_certificate_new_from_file (const gchar *file,
GError **error);
GTlsCertificate * g_tls_certificate_new_from_files (const gchar *cert_file,
const gchar *key_file,
GError **error);
GList * g_tls_certificate_list_new_from_file
(const gchar *file,
GError **error);
GTlsCertificate * g_tls_certificate_get_issuer (GTlsCertificate *cert);
GTlsCertificateFlags g_tls_certificate_verify (GTlsCertificate *cert,
GSocketConnectable *identity,
GTlsCertificate *trusted_ca);
A certificate used for TLS authentication and encryption. This can represent either a public key only (eg, the certificate received by a client from a server), or the combination of a public key and a private key (which is needed when acting as a GTlsServerConnection).
typedef struct {
GObject parent_instance;
GTlsCertificatePrivate *priv;
} GTlsCertificate;
Abstract base class for TLS certificate types.
Since 2.28
GTlsCertificate * g_tls_certificate_new_from_pem (const gchar *data, gssize length, GError **error);
Creates a new GTlsCertificate from the PEM-encoded data in data.
If data includes both a certificate and a private key, then the
returned certificate will include the private key data as well.
If data includes multiple certificates, only the first one will be
parsed.
|
PEM-encoded certificate data |
|
the length of data, or -1 if it's 0-terminated.
|
|
GError for error reporting, or NULL to ignore.
|
Returns : |
the new certificate, or NULL if data is invalid
|
Since 2.28
GTlsCertificate * g_tls_certificate_new_from_file (const gchar *file, GError **error);
Creates a GTlsCertificate from the PEM-encoded data in file. If
file cannot be read or parsed, the function will return NULL and
set error. Otherwise, this behaves like g_tls_certificate_new().
|
file containing a PEM-encoded certificate to import |
|
GError for error reporting, or NULL to ignore.
|
Returns : |
the new certificate, or NULL on error
|
Since 2.28
GTlsCertificate * g_tls_certificate_new_from_files (const gchar *cert_file, const gchar *key_file, GError **error);
Creates a GTlsCertificate from the PEM-encoded data in cert_file
and key_file. If either file cannot be read or parsed, the
function will return NULL and set error. Otherwise, this behaves
like g_tls_certificate_new().
|
file containing a PEM-encoded certificate to import |
|
file containing a PEM-encoded private key to import |
|
GError for error reporting, or NULL to ignore.
|
Returns : |
the new certificate, or NULL on error
|
Since 2.28
GList * g_tls_certificate_list_new_from_file
(const gchar *file,
GError **error);
Creates one or more GTlsCertificates from the PEM-encoded
data in file. If file cannot be read or parsed, the function will
return NULL and set error. If file does not contain any
PEM-encoded certificates, this will return an empty list and not
set error.
|
file containing PEM-encoded certificates to import |
|
GError for error reporting, or NULL to ignore.
|
Returns : |
element-type Gio.TlsCertificate) (transfer full. element-type Gio.TlsCertificate. transfer full. |
Since 2.28
GTlsCertificate * g_tls_certificate_get_issuer (GTlsCertificate *cert);
Gets the GTlsCertificate representing cert's issuer, if known
|
a GTlsCertificate |
Returns : |
transfer none. transfer none. |
Since 2.28
GTlsCertificateFlags g_tls_certificate_verify (GTlsCertificate *cert, GSocketConnectable *identity, GTlsCertificate *trusted_ca);
This verifies cert and returns a set of GTlsCertificateFlags
indicating any problems found with it. This can be used to verify a
certificate outside the context of making a connection, or to
check a certificate against a CA that is not part of the system
CA database.
If identity is not NULL, cert's name(s) will be compared against
it, and G_TLS_CERTIFICATE_BAD_IDENTITY will be set in the return
value if it does not match. If identity is NULL, that bit will
never be set in the return value.
If trusted_ca is not NULL, then cert (or one of the certificates
in its chain) must be signed by it, or else
G_TLS_CERTIFICATE_UNKNOWN_CA will be set in the return value. If
trusted_ca is NULL, that bit will never be set in the return
value.
(All other GTlsCertificateFlags values will always be set or unset as appropriate.)
|
a GTlsCertificate |
|
the expected peer identity. allow-none. |
|
the certificate of a trusted authority. allow-none. |
Returns : |
the appropriate GTlsCertificateFlags |
Since 2.28