1 /* 2 * This file is part of gtkD. 3 * 4 * gtkD is free software; you can redistribute it and/or modify 5 * it under the terms of the GNU Lesser General Public License 6 * as published by the Free Software Foundation; either version 3 7 * of the License, or (at your option) any later version, with 8 * some exceptions, please read the COPYING file. 9 * 10 * gtkD is distributed in the hope that it will be useful, 11 * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 * GNU Lesser General Public License for more details. 14 * 15 * You should have received a copy of the GNU Lesser General Public License 16 * along with gtkD; if not, write to the Free Software 17 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110, USA 18 */ 19 20 // generated automatically - do not change 21 // find conversion definition on APILookup.txt 22 // implement new conversion functionalities on the wrap.utils pakage 23 24 25 module gio.TlsCertificate; 26 27 private import gio.SocketConnectableIF; 28 private import glib.ConstructionException; 29 private import glib.ErrorG; 30 private import glib.GException; 31 private import glib.ListG; 32 private import glib.Str; 33 private import gobject.ObjectG; 34 private import gtkc.gio; 35 public import gtkc.giotypes; 36 37 38 /** 39 * A certificate used for TLS authentication and encryption. 40 * This can represent either a certificate only (eg, the certificate 41 * received by a client from a server), or the combination of 42 * a certificate and a private key (which is needed when acting as a 43 * #GTlsServerConnection). 44 * 45 * Since: 2.28 46 */ 47 public class TlsCertificate : ObjectG 48 { 49 /** the main Gtk struct */ 50 protected GTlsCertificate* gTlsCertificate; 51 52 /** Get the main Gtk struct */ 53 public GTlsCertificate* getTlsCertificateStruct() 54 { 55 return gTlsCertificate; 56 } 57 58 /** the main Gtk struct as a void* */ 59 protected override void* getStruct() 60 { 61 return cast(void*)gTlsCertificate; 62 } 63 64 protected override void setStruct(GObject* obj) 65 { 66 gTlsCertificate = cast(GTlsCertificate*)obj; 67 super.setStruct(obj); 68 } 69 70 /** 71 * Sets our main struct and passes it to the parent class. 72 */ 73 public this (GTlsCertificate* gTlsCertificate, bool ownedRef = false) 74 { 75 this.gTlsCertificate = gTlsCertificate; 76 super(cast(GObject*)gTlsCertificate, ownedRef); 77 } 78 79 /** 80 */ 81 82 public static GType getType() 83 { 84 return g_tls_certificate_get_type(); 85 } 86 87 /** 88 * Creates a #GTlsCertificate from the PEM-encoded data in @file. If 89 * @file cannot be read or parsed, the function will return %NULL and 90 * set @error. Otherwise, this behaves like 91 * g_tls_certificate_new_from_pem(). 92 * 93 * Params: 94 * file = file containing a PEM-encoded certificate to import 95 * 96 * Return: the new certificate, or %NULL on error 97 * 98 * Since: 2.28 99 * 100 * Throws: GException on failure. 101 * Throws: ConstructionException GTK+ fails to create the object. 102 */ 103 public this(string file) 104 { 105 GError* err = null; 106 107 auto p = g_tls_certificate_new_from_file(Str.toStringz(file), &err); 108 109 if(p is null) 110 { 111 throw new ConstructionException("null returned by new_from_file"); 112 } 113 114 if (err !is null) 115 { 116 throw new GException( new ErrorG(err) ); 117 } 118 119 this(cast(GTlsCertificate*) p, true); 120 } 121 122 /** 123 * Creates a #GTlsCertificate from the PEM-encoded data in @cert_file 124 * and @key_file. If either file cannot be read or parsed, the 125 * function will return %NULL and set @error. Otherwise, this behaves 126 * like g_tls_certificate_new_from_pem(). 127 * 128 * Params: 129 * certFile = file containing a PEM-encoded certificate to import 130 * keyFile = file containing a PEM-encoded private key to import 131 * 132 * Return: the new certificate, or %NULL on error 133 * 134 * Since: 2.28 135 * 136 * Throws: GException on failure. 137 * Throws: ConstructionException GTK+ fails to create the object. 138 */ 139 public this(string certFile, string keyFile) 140 { 141 GError* err = null; 142 143 auto p = g_tls_certificate_new_from_files(Str.toStringz(certFile), Str.toStringz(keyFile), &err); 144 145 if(p is null) 146 { 147 throw new ConstructionException("null returned by new_from_files"); 148 } 149 150 if (err !is null) 151 { 152 throw new GException( new ErrorG(err) ); 153 } 154 155 this(cast(GTlsCertificate*) p, true); 156 } 157 158 /** 159 * Creates a new #GTlsCertificate from the PEM-encoded data in @data. 160 * If @data includes both a certificate and a private key, then the 161 * returned certificate will include the private key data as well. (See 162 * the #GTlsCertificate:private-key-pem property for information about 163 * supported formats.) 164 * 165 * If @data includes multiple certificates, only the first one will be 166 * parsed. 167 * 168 * Params: 169 * data = PEM-encoded certificate data 170 * length = the length of @data, or -1 if it's 0-terminated. 171 * 172 * Return: the new certificate, or %NULL if @data is invalid 173 * 174 * Since: 2.28 175 * 176 * Throws: GException on failure. 177 * Throws: ConstructionException GTK+ fails to create the object. 178 */ 179 public this(string data, ptrdiff_t length) 180 { 181 GError* err = null; 182 183 auto p = g_tls_certificate_new_from_pem(Str.toStringz(data), length, &err); 184 185 if(p is null) 186 { 187 throw new ConstructionException("null returned by new_from_pem"); 188 } 189 190 if (err !is null) 191 { 192 throw new GException( new ErrorG(err) ); 193 } 194 195 this(cast(GTlsCertificate*) p, true); 196 } 197 198 /** 199 * Creates one or more #GTlsCertificates from the PEM-encoded 200 * data in @file. If @file cannot be read or parsed, the function will 201 * return %NULL and set @error. If @file does not contain any 202 * PEM-encoded certificates, this will return an empty list and not 203 * set @error. 204 * 205 * Params: 206 * file = file containing PEM-encoded certificates to import 207 * 208 * Return: a 209 * #GList containing #GTlsCertificate objects. You must free the list 210 * and its contents when you are done with it. 211 * 212 * Since: 2.28 213 * 214 * Throws: GException on failure. 215 */ 216 public static ListG listNewFromFile(string file) 217 { 218 GError* err = null; 219 220 auto p = g_tls_certificate_list_new_from_file(Str.toStringz(file), &err); 221 222 if (err !is null) 223 { 224 throw new GException( new ErrorG(err) ); 225 } 226 227 if(p is null) 228 { 229 return null; 230 } 231 232 return new ListG(cast(GList*) p); 233 } 234 235 /** 236 * Gets the #GTlsCertificate representing @cert's issuer, if known 237 * 238 * Return: The certificate of @cert's issuer, 239 * or %NULL if @cert is self-signed or signed with an unknown 240 * certificate. 241 * 242 * Since: 2.28 243 */ 244 public TlsCertificate getIssuer() 245 { 246 auto p = g_tls_certificate_get_issuer(gTlsCertificate); 247 248 if(p is null) 249 { 250 return null; 251 } 252 253 return ObjectG.getDObject!(TlsCertificate)(cast(GTlsCertificate*) p); 254 } 255 256 /** 257 * Check if two #GTlsCertificate objects represent the same certificate. 258 * The raw DER byte data of the two certificates are checked for equality. 259 * This has the effect that two certificates may compare equal even if 260 * their #GTlsCertificate:issuer, #GTlsCertificate:private-key, or 261 * #GTlsCertificate:private-key-pem properties differ. 262 * 263 * Params: 264 * certTwo = second certificate to compare 265 * 266 * Return: whether the same or not 267 * 268 * Since: 2.34 269 */ 270 public bool isSame(TlsCertificate certTwo) 271 { 272 return g_tls_certificate_is_same(gTlsCertificate, (certTwo is null) ? null : certTwo.getTlsCertificateStruct()) != 0; 273 } 274 275 /** 276 * This verifies @cert and returns a set of #GTlsCertificateFlags 277 * indicating any problems found with it. This can be used to verify a 278 * certificate outside the context of making a connection, or to 279 * check a certificate against a CA that is not part of the system 280 * CA database. 281 * 282 * If @identity is not %NULL, @cert's name(s) will be compared against 283 * it, and %G_TLS_CERTIFICATE_BAD_IDENTITY will be set in the return 284 * value if it does not match. If @identity is %NULL, that bit will 285 * never be set in the return value. 286 * 287 * If @trusted_ca is not %NULL, then @cert (or one of the certificates 288 * in its chain) must be signed by it, or else 289 * %G_TLS_CERTIFICATE_UNKNOWN_CA will be set in the return value. If 290 * @trusted_ca is %NULL, that bit will never be set in the return 291 * value. 292 * 293 * (All other #GTlsCertificateFlags values will always be set or unset 294 * as appropriate.) 295 * 296 * Params: 297 * identity = the expected peer identity 298 * trustedCa = the certificate of a trusted authority 299 * 300 * Return: the appropriate #GTlsCertificateFlags 301 * 302 * Since: 2.28 303 */ 304 public GTlsCertificateFlags verify(SocketConnectableIF identity, TlsCertificate trustedCa) 305 { 306 return g_tls_certificate_verify(gTlsCertificate, (identity is null) ? null : identity.getSocketConnectableStruct(), (trustedCa is null) ? null : trustedCa.getTlsCertificateStruct()); 307 } 308 }