1 /*
2  * This file is part of gtkD.
3  *
4  * gtkD is free software; you can redistribute it and/or modify
5  * it under the terms of the GNU Lesser General Public License
6  * as published by the Free Software Foundation; either version 3
7  * of the License, or (at your option) any later version, with
8  * some exceptions, please read the COPYING file.
9  *
10  * gtkD is distributed in the hope that it will be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
13  * GNU Lesser General Public License for more details.
14  *
15  * You should have received a copy of the GNU Lesser General Public License
16  * along with gtkD; if not, write to the Free Software
17  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110, USA
18  */
19 
20 // generated automatically - do not change
21 // find conversion definition on APILookup.txt
22 // implement new conversion functionalities on the wrap.utils pakage
23 
24 
25 module gio.TlsCertificate;
26 
27 private import gio.SocketConnectableIF;
28 private import gio.c.functions;
29 public  import gio.c.types;
30 private import glib.ConstructionException;
31 private import glib.ErrorG;
32 private import glib.GException;
33 private import glib.ListG;
34 private import glib.Str;
35 private import gobject.ObjectG;
36 public  import gtkc.giotypes;
37 
38 
39 /**
40  * A certificate used for TLS authentication and encryption.
41  * This can represent either a certificate only (eg, the certificate
42  * received by a client from a server), or the combination of
43  * a certificate and a private key (which is needed when acting as a
44  * #GTlsServerConnection).
45  *
46  * Since: 2.28
47  */
48 public class TlsCertificate : ObjectG
49 {
50 	/** the main Gtk struct */
51 	protected GTlsCertificate* gTlsCertificate;
52 
53 	/** Get the main Gtk struct */
54 	public GTlsCertificate* getTlsCertificateStruct(bool transferOwnership = false)
55 	{
56 		if (transferOwnership)
57 			ownedRef = false;
58 		return gTlsCertificate;
59 	}
60 
61 	/** the main Gtk struct as a void* */
62 	protected override void* getStruct()
63 	{
64 		return cast(void*)gTlsCertificate;
65 	}
66 
67 	/**
68 	 * Sets our main struct and passes it to the parent class.
69 	 */
70 	public this (GTlsCertificate* gTlsCertificate, bool ownedRef = false)
71 	{
72 		this.gTlsCertificate = gTlsCertificate;
73 		super(cast(GObject*)gTlsCertificate, ownedRef);
74 	}
75 
76 
77 	/** */
78 	public static GType getType()
79 	{
80 		return g_tls_certificate_get_type();
81 	}
82 
83 	/**
84 	 * Creates a #GTlsCertificate from the PEM-encoded data in @file. The
85 	 * returned certificate will be the first certificate found in @file. As
86 	 * of GLib 2.44, if @file contains more certificates it will try to load
87 	 * a certificate chain. All certificates will be verified in the order
88 	 * found (top-level certificate should be the last one in the file) and
89 	 * the #GTlsCertificate:issuer property of each certificate will be set
90 	 * accordingly if the verification succeeds. If any certificate in the
91 	 * chain cannot be verified, the first certificate in the file will
92 	 * still be returned.
93 	 *
94 	 * If @file cannot be read or parsed, the function will return %NULL and
95 	 * set @error. Otherwise, this behaves like
96 	 * g_tls_certificate_new_from_pem().
97 	 *
98 	 * Params:
99 	 *     file = file containing a PEM-encoded certificate to import
100 	 *
101 	 * Returns: the new certificate, or %NULL on error
102 	 *
103 	 * Since: 2.28
104 	 *
105 	 * Throws: GException on failure.
106 	 * Throws: ConstructionException GTK+ fails to create the object.
107 	 */
108 	public this(string file)
109 	{
110 		GError* err = null;
111 
112 		auto p = g_tls_certificate_new_from_file(Str.toStringz(file), &err);
113 
114 		if (err !is null)
115 		{
116 			throw new GException( new ErrorG(err) );
117 		}
118 
119 		if(p is null)
120 		{
121 			throw new ConstructionException("null returned by new_from_file");
122 		}
123 
124 		this(cast(GTlsCertificate*) p, true);
125 	}
126 
127 	/**
128 	 * Creates a #GTlsCertificate from the PEM-encoded data in @cert_file
129 	 * and @key_file. The returned certificate will be the first certificate
130 	 * found in @cert_file. As of GLib 2.44, if @cert_file contains more
131 	 * certificates it will try to load a certificate chain. All
132 	 * certificates will be verified in the order found (top-level
133 	 * certificate should be the last one in the file) and the
134 	 * #GTlsCertificate:issuer property of each certificate will be set
135 	 * accordingly if the verification succeeds. If any certificate in the
136 	 * chain cannot be verified, the first certificate in the file will
137 	 * still be returned.
138 	 *
139 	 * If either file cannot be read or parsed, the function will return
140 	 * %NULL and set @error. Otherwise, this behaves like
141 	 * g_tls_certificate_new_from_pem().
142 	 *
143 	 * Params:
144 	 *     certFile = file containing one or more PEM-encoded
145 	 *         certificates to import
146 	 *     keyFile = file containing a PEM-encoded private key
147 	 *         to import
148 	 *
149 	 * Returns: the new certificate, or %NULL on error
150 	 *
151 	 * Since: 2.28
152 	 *
153 	 * Throws: GException on failure.
154 	 * Throws: ConstructionException GTK+ fails to create the object.
155 	 */
156 	public this(string certFile, string keyFile)
157 	{
158 		GError* err = null;
159 
160 		auto p = g_tls_certificate_new_from_files(Str.toStringz(certFile), Str.toStringz(keyFile), &err);
161 
162 		if (err !is null)
163 		{
164 			throw new GException( new ErrorG(err) );
165 		}
166 
167 		if(p is null)
168 		{
169 			throw new ConstructionException("null returned by new_from_files");
170 		}
171 
172 		this(cast(GTlsCertificate*) p, true);
173 	}
174 
175 	/**
176 	 * Creates a #GTlsCertificate from the PEM-encoded data in @data. If
177 	 * @data includes both a certificate and a private key, then the
178 	 * returned certificate will include the private key data as well. (See
179 	 * the #GTlsCertificate:private-key-pem property for information about
180 	 * supported formats.)
181 	 *
182 	 * The returned certificate will be the first certificate found in
183 	 * @data. As of GLib 2.44, if @data contains more certificates it will
184 	 * try to load a certificate chain. All certificates will be verified in
185 	 * the order found (top-level certificate should be the last one in the
186 	 * file) and the #GTlsCertificate:issuer property of each certificate
187 	 * will be set accordingly if the verification succeeds. If any
188 	 * certificate in the chain cannot be verified, the first certificate in
189 	 * the file will still be returned.
190 	 *
191 	 * Params:
192 	 *     data = PEM-encoded certificate data
193 	 *     length = the length of @data, or -1 if it's 0-terminated.
194 	 *
195 	 * Returns: the new certificate, or %NULL if @data is invalid
196 	 *
197 	 * Since: 2.28
198 	 *
199 	 * Throws: GException on failure.
200 	 * Throws: ConstructionException GTK+ fails to create the object.
201 	 */
202 	public this(string data, ptrdiff_t length)
203 	{
204 		GError* err = null;
205 
206 		auto p = g_tls_certificate_new_from_pem(Str.toStringz(data), length, &err);
207 
208 		if (err !is null)
209 		{
210 			throw new GException( new ErrorG(err) );
211 		}
212 
213 		if(p is null)
214 		{
215 			throw new ConstructionException("null returned by new_from_pem");
216 		}
217 
218 		this(cast(GTlsCertificate*) p, true);
219 	}
220 
221 	/**
222 	 * Creates one or more #GTlsCertificates from the PEM-encoded
223 	 * data in @file. If @file cannot be read or parsed, the function will
224 	 * return %NULL and set @error. If @file does not contain any
225 	 * PEM-encoded certificates, this will return an empty list and not
226 	 * set @error.
227 	 *
228 	 * Params:
229 	 *     file = file containing PEM-encoded certificates to import
230 	 *
231 	 * Returns: a
232 	 *     #GList containing #GTlsCertificate objects. You must free the list
233 	 *     and its contents when you are done with it.
234 	 *
235 	 * Since: 2.28
236 	 *
237 	 * Throws: GException on failure.
238 	 */
239 	public static ListG listNewFromFile(string file)
240 	{
241 		GError* err = null;
242 
243 		auto p = g_tls_certificate_list_new_from_file(Str.toStringz(file), &err);
244 
245 		if (err !is null)
246 		{
247 			throw new GException( new ErrorG(err) );
248 		}
249 
250 		if(p is null)
251 		{
252 			return null;
253 		}
254 
255 		return new ListG(cast(GList*) p, true);
256 	}
257 
258 	/**
259 	 * Gets the #GTlsCertificate representing @cert's issuer, if known
260 	 *
261 	 * Returns: The certificate of @cert's issuer,
262 	 *     or %NULL if @cert is self-signed or signed with an unknown
263 	 *     certificate.
264 	 *
265 	 * Since: 2.28
266 	 */
267 	public TlsCertificate getIssuer()
268 	{
269 		auto p = g_tls_certificate_get_issuer(gTlsCertificate);
270 
271 		if(p is null)
272 		{
273 			return null;
274 		}
275 
276 		return ObjectG.getDObject!(TlsCertificate)(cast(GTlsCertificate*) p);
277 	}
278 
279 	/**
280 	 * Check if two #GTlsCertificate objects represent the same certificate.
281 	 * The raw DER byte data of the two certificates are checked for equality.
282 	 * This has the effect that two certificates may compare equal even if
283 	 * their #GTlsCertificate:issuer, #GTlsCertificate:private-key, or
284 	 * #GTlsCertificate:private-key-pem properties differ.
285 	 *
286 	 * Params:
287 	 *     certTwo = second certificate to compare
288 	 *
289 	 * Returns: whether the same or not
290 	 *
291 	 * Since: 2.34
292 	 */
293 	public bool isSame(TlsCertificate certTwo)
294 	{
295 		return g_tls_certificate_is_same(gTlsCertificate, (certTwo is null) ? null : certTwo.getTlsCertificateStruct()) != 0;
296 	}
297 
298 	/**
299 	 * This verifies @cert and returns a set of #GTlsCertificateFlags
300 	 * indicating any problems found with it. This can be used to verify a
301 	 * certificate outside the context of making a connection, or to
302 	 * check a certificate against a CA that is not part of the system
303 	 * CA database.
304 	 *
305 	 * If @identity is not %NULL, @cert's name(s) will be compared against
306 	 * it, and %G_TLS_CERTIFICATE_BAD_IDENTITY will be set in the return
307 	 * value if it does not match. If @identity is %NULL, that bit will
308 	 * never be set in the return value.
309 	 *
310 	 * If @trusted_ca is not %NULL, then @cert (or one of the certificates
311 	 * in its chain) must be signed by it, or else
312 	 * %G_TLS_CERTIFICATE_UNKNOWN_CA will be set in the return value. If
313 	 * @trusted_ca is %NULL, that bit will never be set in the return
314 	 * value.
315 	 *
316 	 * (All other #GTlsCertificateFlags values will always be set or unset
317 	 * as appropriate.)
318 	 *
319 	 * Params:
320 	 *     identity = the expected peer identity
321 	 *     trustedCa = the certificate of a trusted authority
322 	 *
323 	 * Returns: the appropriate #GTlsCertificateFlags
324 	 *
325 	 * Since: 2.28
326 	 */
327 	public GTlsCertificateFlags verify(SocketConnectableIF identity, TlsCertificate trustedCa)
328 	{
329 		return g_tls_certificate_verify(gTlsCertificate, (identity is null) ? null : identity.getSocketConnectableStruct(), (trustedCa is null) ? null : trustedCa.getTlsCertificateStruct());
330 	}
331 }