1 /*
2  * This file is part of gtkD.
3  *
4  * gtkD is free software; you can redistribute it and/or modify
5  * it under the terms of the GNU Lesser General Public License
6  * as published by the Free Software Foundation; either version 3
7  * of the License, or (at your option) any later version, with
8  * some exceptions, please read the COPYING file.
9  *
10  * gtkD is distributed in the hope that it will be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
13  * GNU Lesser General Public License for more details.
14  *
15  * You should have received a copy of the GNU Lesser General Public License
16  * along with gtkD; if not, write to the Free Software
17  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110, USA
18  */
19 
20 // generated automatically - do not change
21 // find conversion definition on APILookup.txt
22 // implement new conversion functionalities on the wrap.utils pakage
23 
24 
25 module gio.TlsCertificate;
26 
27 private import gio.SocketConnectableIF;
28 private import glib.ConstructionException;
29 private import glib.ErrorG;
30 private import glib.GException;
31 private import glib.ListG;
32 private import glib.Str;
33 private import gobject.ObjectG;
34 private import gtkc.gio;
35 public  import gtkc.giotypes;
36 
37 
38 /**
39  * A certificate used for TLS authentication and encryption.
40  * This can represent either a certificate only (eg, the certificate
41  * received by a client from a server), or the combination of
42  * a certificate and a private key (which is needed when acting as a
43  * #GTlsServerConnection).
44  *
45  * Since: 2.28
46  */
47 public class TlsCertificate : ObjectG
48 {
49 	/** the main Gtk struct */
50 	protected GTlsCertificate* gTlsCertificate;
51 
52 	/** Get the main Gtk struct */
53 	public GTlsCertificate* getTlsCertificateStruct()
54 	{
55 		return gTlsCertificate;
56 	}
57 
58 	/** the main Gtk struct as a void* */
59 	protected override void* getStruct()
60 	{
61 		return cast(void*)gTlsCertificate;
62 	}
63 
64 	protected override void setStruct(GObject* obj)
65 	{
66 		gTlsCertificate = cast(GTlsCertificate*)obj;
67 		super.setStruct(obj);
68 	}
69 
70 	/**
71 	 * Sets our main struct and passes it to the parent class.
72 	 */
73 	public this (GTlsCertificate* gTlsCertificate, bool ownedRef = false)
74 	{
75 		this.gTlsCertificate = gTlsCertificate;
76 		super(cast(GObject*)gTlsCertificate, ownedRef);
77 	}
78 
79 
80 	/** */
81 	public static GType getType()
82 	{
83 		return g_tls_certificate_get_type();
84 	}
85 
86 	/**
87 	 * Creates a #GTlsCertificate from the PEM-encoded data in @file. The
88 	 * returned certificate will be the first certificate found in @file. As
89 	 * of GLib 2.44, if @file contains more certificates it will try to load
90 	 * a certificate chain. All certificates will be verified in the order
91 	 * found (top-level certificate should be the last one in the file) and
92 	 * the #GTlsCertificate:issuer property of each certificate will be set
93 	 * accordingly if the verification succeeds. If any certificate in the
94 	 * chain cannot be verified, the first certificate in the file will
95 	 * still be returned.
96 	 *
97 	 * If @file cannot be read or parsed, the function will return %NULL and
98 	 * set @error. Otherwise, this behaves like
99 	 * g_tls_certificate_new_from_pem().
100 	 *
101 	 * Params:
102 	 *     file = file containing a PEM-encoded certificate to import
103 	 *
104 	 * Return: the new certificate, or %NULL on error
105 	 *
106 	 * Since: 2.28
107 	 *
108 	 * Throws: GException on failure.
109 	 * Throws: ConstructionException GTK+ fails to create the object.
110 	 */
111 	public this(string file)
112 	{
113 		GError* err = null;
114 		
115 		auto p = g_tls_certificate_new_from_file(Str.toStringz(file), &err);
116 		
117 		if (err !is null)
118 		{
119 			throw new GException( new ErrorG(err) );
120 		}
121 		
122 		if(p is null)
123 		{
124 			throw new ConstructionException("null returned by new_from_file");
125 		}
126 		
127 		this(cast(GTlsCertificate*) p, true);
128 	}
129 
130 	/**
131 	 * Creates a #GTlsCertificate from the PEM-encoded data in @cert_file
132 	 * and @key_file. The returned certificate will be the first certificate
133 	 * found in @cert_file. As of GLib 2.44, if @cert_file contains more
134 	 * certificates it will try to load a certificate chain. All
135 	 * certificates will be verified in the order found (top-level
136 	 * certificate should be the last one in the file) and the
137 	 * #GTlsCertificate:issuer property of each certificate will be set
138 	 * accordingly if the verification succeeds. If any certificate in the
139 	 * chain cannot be verified, the first certificate in the file will
140 	 * still be returned.
141 	 *
142 	 * If either file cannot be read or parsed, the function will return
143 	 * %NULL and set @error. Otherwise, this behaves like
144 	 * g_tls_certificate_new_from_pem().
145 	 *
146 	 * Params:
147 	 *     certFile = file containing one or more PEM-encoded
148 	 *         certificates to import
149 	 *     keyFile = file containing a PEM-encoded private key
150 	 *         to import
151 	 *
152 	 * Return: the new certificate, or %NULL on error
153 	 *
154 	 * Since: 2.28
155 	 *
156 	 * Throws: GException on failure.
157 	 * Throws: ConstructionException GTK+ fails to create the object.
158 	 */
159 	public this(string certFile, string keyFile)
160 	{
161 		GError* err = null;
162 		
163 		auto p = g_tls_certificate_new_from_files(Str.toStringz(certFile), Str.toStringz(keyFile), &err);
164 		
165 		if (err !is null)
166 		{
167 			throw new GException( new ErrorG(err) );
168 		}
169 		
170 		if(p is null)
171 		{
172 			throw new ConstructionException("null returned by new_from_files");
173 		}
174 		
175 		this(cast(GTlsCertificate*) p, true);
176 	}
177 
178 	/**
179 	 * Creates a #GTlsCertificate from the PEM-encoded data in @data. If
180 	 * @data includes both a certificate and a private key, then the
181 	 * returned certificate will include the private key data as well. (See
182 	 * the #GTlsCertificate:private-key-pem property for information about
183 	 * supported formats.)
184 	 *
185 	 * The returned certificate will be the first certificate found in
186 	 * @data. As of GLib 2.44, if @data contains more certificates it will
187 	 * try to load a certificate chain. All certificates will be verified in
188 	 * the order found (top-level certificate should be the last one in the
189 	 * file) and the #GTlsCertificate:issuer property of each certificate
190 	 * will be set accordingly if the verification succeeds. If any
191 	 * certificate in the chain cannot be verified, the first certificate in
192 	 * the file will still be returned.
193 	 *
194 	 * Params:
195 	 *     data = PEM-encoded certificate data
196 	 *     length = the length of @data, or -1 if it's 0-terminated.
197 	 *
198 	 * Return: the new certificate, or %NULL if @data is invalid
199 	 *
200 	 * Since: 2.28
201 	 *
202 	 * Throws: GException on failure.
203 	 * Throws: ConstructionException GTK+ fails to create the object.
204 	 */
205 	public this(string data, ptrdiff_t length)
206 	{
207 		GError* err = null;
208 		
209 		auto p = g_tls_certificate_new_from_pem(Str.toStringz(data), length, &err);
210 		
211 		if (err !is null)
212 		{
213 			throw new GException( new ErrorG(err) );
214 		}
215 		
216 		if(p is null)
217 		{
218 			throw new ConstructionException("null returned by new_from_pem");
219 		}
220 		
221 		this(cast(GTlsCertificate*) p, true);
222 	}
223 
224 	/**
225 	 * Creates one or more #GTlsCertificates from the PEM-encoded
226 	 * data in @file. If @file cannot be read or parsed, the function will
227 	 * return %NULL and set @error. If @file does not contain any
228 	 * PEM-encoded certificates, this will return an empty list and not
229 	 * set @error.
230 	 *
231 	 * Params:
232 	 *     file = file containing PEM-encoded certificates to import
233 	 *
234 	 * Return: a
235 	 *     #GList containing #GTlsCertificate objects. You must free the list
236 	 *     and its contents when you are done with it.
237 	 *
238 	 * Since: 2.28
239 	 *
240 	 * Throws: GException on failure.
241 	 */
242 	public static ListG listNewFromFile(string file)
243 	{
244 		GError* err = null;
245 		
246 		auto p = g_tls_certificate_list_new_from_file(Str.toStringz(file), &err);
247 		
248 		if (err !is null)
249 		{
250 			throw new GException( new ErrorG(err) );
251 		}
252 		
253 		if(p is null)
254 		{
255 			return null;
256 		}
257 		
258 		return new ListG(cast(GList*) p, true);
259 	}
260 
261 	/**
262 	 * Gets the #GTlsCertificate representing @cert's issuer, if known
263 	 *
264 	 * Return: The certificate of @cert's issuer,
265 	 *     or %NULL if @cert is self-signed or signed with an unknown
266 	 *     certificate.
267 	 *
268 	 * Since: 2.28
269 	 */
270 	public TlsCertificate getIssuer()
271 	{
272 		auto p = g_tls_certificate_get_issuer(gTlsCertificate);
273 		
274 		if(p is null)
275 		{
276 			return null;
277 		}
278 		
279 		return ObjectG.getDObject!(TlsCertificate)(cast(GTlsCertificate*) p);
280 	}
281 
282 	/**
283 	 * Check if two #GTlsCertificate objects represent the same certificate.
284 	 * The raw DER byte data of the two certificates are checked for equality.
285 	 * This has the effect that two certificates may compare equal even if
286 	 * their #GTlsCertificate:issuer, #GTlsCertificate:private-key, or
287 	 * #GTlsCertificate:private-key-pem properties differ.
288 	 *
289 	 * Params:
290 	 *     certTwo = second certificate to compare
291 	 *
292 	 * Return: whether the same or not
293 	 *
294 	 * Since: 2.34
295 	 */
296 	public bool isSame(TlsCertificate certTwo)
297 	{
298 		return g_tls_certificate_is_same(gTlsCertificate, (certTwo is null) ? null : certTwo.getTlsCertificateStruct()) != 0;
299 	}
300 
301 	/**
302 	 * This verifies @cert and returns a set of #GTlsCertificateFlags
303 	 * indicating any problems found with it. This can be used to verify a
304 	 * certificate outside the context of making a connection, or to
305 	 * check a certificate against a CA that is not part of the system
306 	 * CA database.
307 	 *
308 	 * If @identity is not %NULL, @cert's name(s) will be compared against
309 	 * it, and %G_TLS_CERTIFICATE_BAD_IDENTITY will be set in the return
310 	 * value if it does not match. If @identity is %NULL, that bit will
311 	 * never be set in the return value.
312 	 *
313 	 * If @trusted_ca is not %NULL, then @cert (or one of the certificates
314 	 * in its chain) must be signed by it, or else
315 	 * %G_TLS_CERTIFICATE_UNKNOWN_CA will be set in the return value. If
316 	 * @trusted_ca is %NULL, that bit will never be set in the return
317 	 * value.
318 	 *
319 	 * (All other #GTlsCertificateFlags values will always be set or unset
320 	 * as appropriate.)
321 	 *
322 	 * Params:
323 	 *     identity = the expected peer identity
324 	 *     trustedCa = the certificate of a trusted authority
325 	 *
326 	 * Return: the appropriate #GTlsCertificateFlags
327 	 *
328 	 * Since: 2.28
329 	 */
330 	public GTlsCertificateFlags verify(SocketConnectableIF identity, TlsCertificate trustedCa)
331 	{
332 		return g_tls_certificate_verify(gTlsCertificate, (identity is null) ? null : identity.getSocketConnectableStruct(), (trustedCa is null) ? null : trustedCa.getTlsCertificateStruct());
333 	}
334 }