![]() |
![]() |
![]() |
Gcr Library Reference Manual | ![]() |
---|---|---|---|---|
Top | Description | Object Hierarchy | Prerequisites | Known Implementations | Properties |
GcrCertificate; struct GcrCertificateIface; const guchar * gcr_certificate_get_der_data (GcrCertificate *self
,gsize *n_data
); gchar * gcr_certificate_get_issuer_cn (GcrCertificate *self
); gchar * gcr_certificate_get_issuer_dn (GcrCertificate *self
); gchar * gcr_certificate_get_issuer_name (GcrCertificate *self
); gchar * gcr_certificate_get_issuer_part (GcrCertificate *self
,const gchar *part
); guchar * gcr_certificate_get_issuer_raw (GcrCertificate *self
,gsize *n_data
); gboolean gcr_certificate_is_issuer (GcrCertificate *self
,GcrCertificate *issuer
); gchar * gcr_certificate_get_subject_cn (GcrCertificate *self
); gchar * gcr_certificate_get_subject_dn (GcrCertificate *self
); gchar * gcr_certificate_get_subject_name (GcrCertificate *self
); gchar * gcr_certificate_get_subject_part (GcrCertificate *self
,const gchar *part
); guchar * gcr_certificate_get_subject_raw (GcrCertificate *self
,gsize *n_data
); GDate * gcr_certificate_get_issued_date (GcrCertificate *self
); GDate * gcr_certificate_get_expiry_date (GcrCertificate *self
); guchar * gcr_certificate_get_serial_number (GcrCertificate *self
,gsize *n_length
); gchar * gcr_certificate_get_serial_number_hex (GcrCertificate *self
); guint gcr_certificate_get_key_size (GcrCertificate *self
); guchar * gcr_certificate_get_fingerprint (GcrCertificate *self
,GChecksumType type
,gsize *n_length
); gchar * gcr_certificate_get_fingerprint_hex (GcrCertificate *self
,GChecksumType type
); gboolean gcr_certificate_get_basic_constraints (GcrCertificate *self
,gboolean *is_ca
,gint *path_len
); void gcr_certificate_mixin_class_init (GObjectClass *object_class
); void gcr_certificate_mixin_emit_notify (GcrCertificate *self
); void gcr_certificate_mixin_get_property (GObject *obj
,guint prop_id
,GValue *value
,GParamSpec *pspec
); #define GCR_CERTIFICATE_MIXIN_IMPLEMENT_COMPARABLE void gcr_certificate_mixin_comparable_init (GcrComparableIface *iface
); gint gcr_certificate_compare (GcrComparable *first
,GcrComparable *other
); GIcon * gcr_certificate_get_icon (GcrCertificate *self
);
GcrCertificate is implemented by GcrCertificateRenderer, GcrPkcs11Certificate and GcrSimpleCertificate.
"description" gchar* : Read "expiry" GDate* : Read "icon" GIcon* : Read "issuer" gchar* : Read "label" gchar* : Read "markup" gchar* : Read "subject" gchar* : Read
This is an interface that represents an X.509 certificate. Objects can implement this interface to make a certificate usable with the GCR library.
Various methods are available to parse out relevant bits of the certificate. However no verification of the validity of a certificate is done here. Use your favorite crypto library to do this.
You can use GcrSimpleCertificate to simply load a certificate for which you already have the raw certificate data.
The GcrCertificate interface has several properties that must be implemented.
You can use a mixin to implement these properties if desired. See the
gcr_certificate_mixin_class_init()
and gcr_certificate_mixin_get_property()
functions.
All certificates are comparable. If implementing a GcrCertificate, you can
use GCR_CERTIFICATE_MIXIN_IMPLEMENT_COMPARABLE()
to implement the GcrComparable
interface.
struct GcrCertificateIface { GTypeInterface parent; const guchar * (*get_der_data) (GcrCertificate *self, gsize *n_data); };
The interface that implementors of GcrCertificate must implement.
GTypeInterface |
the parent interface type |
a method which returns the RAW der data of the certificate |
const guchar * gcr_certificate_get_der_data (GcrCertificate *self
,gsize *n_data
);
Gets the raw DER data for an X.509 certificate.
|
a GcrCertificate |
|
a pointer to a location to store the size of the resulting DER data. |
Returns : |
raw DER data of the X.509 certificate. [array length=n_data] |
gchar * gcr_certificate_get_issuer_cn (GcrCertificate *self
);
Get the common name of the issuer of this certificate.
The string returned should be freed by the caller when no longer required.
|
a GcrCertificate |
Returns : |
The allocated issuer CN, or NULL if no issuer CN present. |
gchar * gcr_certificate_get_issuer_dn (GcrCertificate *self
);
Get the full issuer DN of the certificate as a (mostly) readable string.
The string returned should be freed by the caller when no longer required.
|
a GcrCertificate |
Returns : |
The allocated issuer DN of the certificate. |
gchar * gcr_certificate_get_issuer_name (GcrCertificate *self
);
Get a name to represent the issuer of this certificate.
This will try to lookup the common name, orianizational unit, organization in that order.
|
a GcrCertificate |
Returns : |
the allocated issuer name, or NULL if no issuer name |
gchar * gcr_certificate_get_issuer_part (GcrCertificate *self
,const gchar *part
);
Get a part of the DN of the issuer of this certificate.
Examples of a part
might be the 'OU' (organizational unit)
or the 'CN' (common name). Only the value of that part
of the DN is returned.
The string returned should be freed by the caller when no longer required.
|
a GcrCertificate |
|
a DN type string or OID. |
Returns : |
the allocated part of the issuer DN, or NULL if no
such part is present. [allow-none]
|
guchar * gcr_certificate_get_issuer_raw (GcrCertificate *self
,gsize *n_data
);
Get the raw DER data for the issuer DN of the certificate.
The data should be freed by using g_free()
when no longer required.
|
a GcrCertificate |
|
The length of the returned data. |
Returns : |
allocated memory containing the raw issuer. [transfer full][array length=n_data] |
gboolean gcr_certificate_is_issuer (GcrCertificate *self
,GcrCertificate *issuer
);
Check if issuer
could be the issuer of this certificate. This is done by
comparing the relevant subject and issuer fields. No signature check is
done. Proper verification of certificates must be done via a crypto
library.
|
a GcrCertificate |
|
a possible issuer GcrCertificate |
Returns : |
whether issuer could be the issuer of the certificate. |
gchar * gcr_certificate_get_subject_cn (GcrCertificate *self
);
Get the common name of the subject of this certificate.
The string returned should be freed by the caller when no longer required.
|
a GcrCertificate |
Returns : |
The allocated subject CN, or NULL if no subject CN present. |
gchar * gcr_certificate_get_subject_dn (GcrCertificate *self
);
Get the full subject DN of the certificate as a (mostly) readable string.
The string returned should be freed by the caller when no longer required.
|
a GcrCertificate |
Returns : |
The allocated subject DN of the certificate. |
gchar * gcr_certificate_get_subject_name (GcrCertificate *self
);
Get a name to represent the subject of this certificate.
This will try to lookup the common name, orianizational unit, organization in that order.
|
a GcrCertificate |
Returns : |
the allocated subject name, or NULL if no subject name |
gchar * gcr_certificate_get_subject_part (GcrCertificate *self
,const gchar *part
);
Get a part of the DN of the subject of this certificate.
Examples of a part
might be the 'OU' (organizational unit)
or the 'CN' (common name). Only the value of that part
of the DN is returned.
The string returned should be freed by the caller when no longer required.
|
a GcrCertificate |
|
a DN type string or OID. |
Returns : |
the allocated part of the subject DN, or NULL if no
such part is present. [allow-none]
|
guchar * gcr_certificate_get_subject_raw (GcrCertificate *self
,gsize *n_data
);
Get the raw DER data for the subject DN of the certificate.
The data should be freed by using g_free()
when no longer required.
|
a GcrCertificate |
|
The length of the returned data. |
Returns : |
allocated memory containing the raw subject. [transfer full][array length=n_data] |
GDate * gcr_certificate_get_issued_date (GcrCertificate *self
);
Get the issued date of this certificate.
The GDate returned should be freed by the caller using
g_date_free()
when no longer required.
|
a GcrCertificate |
Returns : |
An allocated issued date of this certificate. |
GDate * gcr_certificate_get_expiry_date (GcrCertificate *self
);
Get the expiry date of this certificate.
The GDate returned should be freed by the caller using
g_date_free()
when no longer required.
|
a GcrCertificate |
Returns : |
An allocated expiry date of this certificate. |
guchar * gcr_certificate_get_serial_number (GcrCertificate *self
,gsize *n_length
);
Get the raw binary serial number of the certificate.
The caller should free the returned data using g_free()
when
it is no longer required.
|
a GcrCertificate |
|
the length of the returned data. |
Returns : |
the raw binary serial number. [array length=n_length] |
gchar * gcr_certificate_get_serial_number_hex
(GcrCertificate *self
);
Get the serial number of the certificate as a hex string.
The caller should free the returned data using g_free()
when
it is no longer required.
|
a GcrCertificate |
Returns : |
an allocated string containing the serial number as hex. |
guint gcr_certificate_get_key_size (GcrCertificate *self
);
Get the key size in bits of the public key represented by this certificate.
|
a GcrCertificate |
Returns : |
The key size of the certificate. |
guchar * gcr_certificate_get_fingerprint (GcrCertificate *self
,GChecksumType type
,gsize *n_length
);
Calculate the fingerprint for this certificate.
You can pass G_CHECKSUM_SHA1 or G_CHECKSUM_MD5 as the type
parameter.
The caller should free the returned data using g_free()
when
it is no longer required.
|
a GcrCertificate |
|
the type of algorithm for the fingerprint. |
|
The length of the resulting fingerprint. |
Returns : |
the raw binary fingerprint. [array length=n_length] |
gchar * gcr_certificate_get_fingerprint_hex (GcrCertificate *self
,GChecksumType type
);
Calculate the fingerprint for this certificate, and return it as a hex string.
You can pass G_CHECKSUM_SHA1 or G_CHECKSUM_MD5 as the type
parameter.
The caller should free the returned data using g_free()
when
it is no longer required.
|
a GcrCertificate |
|
the type of algorithm for the fingerprint. |
Returns : |
an allocated hex string which contains the fingerprint. |
gboolean gcr_certificate_get_basic_constraints (GcrCertificate *self
,gboolean *is_ca
,gint *path_len
);
Get the basic constraints for the certificate if present. If FALSE
is
returned then no basic constraints are present and the is_ca
and
path_len
arguments are not changed.
|
the certificate |
|
location to place a TRUE if is an authority. [allow-none]
|
|
location to place the max path length. [allow-none] |
Returns : |
whether basic constraints are present or not |
void gcr_certificate_mixin_class_init (GObjectClass *object_class
);
Initialize the certificate mixin for the class. This mixin implements the various required properties for the certificate.
Call this function near the end of your derived class_init function. The derived class must implement the GcrCertificate interface.
|
The GObjectClass for this class |
void gcr_certificate_mixin_emit_notify (GcrCertificate *self
);
Implementers of the GcrCertificate mixin should call this function to notify when the certificate has changed to emit notifications on the various properties.
|
the GcrCertificate |
void gcr_certificate_mixin_get_property (GObject *obj
,guint prop_id
,GValue *value
,GParamSpec *pspec
);
Implementation to get various required certificate properties. This should be called from your derived class get_property function, or used as a get_property virtual function.
Example of use as called from derived class get_property function:
1 2 3 4 5 6 7 8 9 10 11 12 |
static void my_get_property (GObject *obj, guint prop_id, GValue *value, GParamSpec *pspec) { switch (prop_id) { ... default: gcr_certificate_mixin_get_property (obj, prop_id, value, pspec); break; } } |
Example of use as get_property function:
1 2 3 4 5 6 7 8 |
static void my_class_init (MyClass *klass) { GObjectClass *gobject_class = G_OBJECT_CLASS (klass); gobject_class->get_property = gcr_certificate_mixin_get_property; ... } |
|
The object |
|
The property id |
|
The value to fill in. |
|
The param specification. |
#define GCR_CERTIFICATE_MIXIN_IMPLEMENT_COMPARABLE()
Implement the GcrComparable interface. Use this macro like this:
1 2 3 4 |
G_DEFINE_TYPE_WITH_CODE (MyCertificate, my_certificate, G_TYPE_OBJECT, GCR_CERTIFICATE_MIXIN_IMPLEMENT_COMPARABLE (); G_IMPLEMENT_INTERFACE (GCR_TYPE_CERTIFICATE, my_certificate_iface_init); ); |
void gcr_certificate_mixin_comparable_init
(GcrComparableIface *iface
);
Initialize a GcrComparableIface to compare the current certificate.
In general it's easier to use the GCR_CERTIFICATE_MIXIN_IMPLEMENT_COMPARABLE()
macro instead of this function.
|
The interface |
gint gcr_certificate_compare (GcrComparable *first
,GcrComparable *other
);
Compare one certificate against another. If the certificates are equal
then zero is returned. If one certificate is NULL
or not a certificate,
then a non-zero value is returned.
The return value is useful in a stable sort, but has no user logical meaning.
|
the certificate to compare. [allow-none] |
|
the certificate to compare against. [allow-none] |
Returns : |
zero if the certificates match, non-zero otherwise. |
GIcon * gcr_certificate_get_icon (GcrCertificate *self
);
Get the icon for a certificate.
|
The certificate |
Returns : |
the icon for this certificate, which should be
released with g_object_unref() . [transfer full]
|