1 /* 2 * This file is part of gtkD. 3 * 4 * gtkD is free software; you can redistribute it and/or modify 5 * it under the terms of the GNU Lesser General Public License 6 * as published by the Free Software Foundation; either version 3 7 * of the License, or (at your option) any later version, with 8 * some exceptions, please read the COPYING file. 9 * 10 * gtkD is distributed in the hope that it will be useful, 11 * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 * GNU Lesser General Public License for more details. 14 * 15 * You should have received a copy of the GNU Lesser General Public License 16 * along with gtkD; if not, write to the Free Software 17 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110, USA 18 */ 19 20 // generated automatically - do not change 21 // find conversion definition on APILookup.txt 22 // implement new conversion functionalities on the wrap.utils pakage 23 24 25 module gio.TlsCertificate; 26 27 private import gio.SocketConnectableIF; 28 private import gio.c.functions; 29 public import gio.c.types; 30 private import glib.ConstructionException; 31 private import glib.ErrorG; 32 private import glib.GException; 33 private import glib.ListG; 34 private import glib.Str; 35 private import gobject.ObjectG; 36 public import gtkc.giotypes; 37 38 39 /** 40 * A certificate used for TLS authentication and encryption. 41 * This can represent either a certificate only (eg, the certificate 42 * received by a client from a server), or the combination of 43 * a certificate and a private key (which is needed when acting as a 44 * #GTlsServerConnection). 45 * 46 * Since: 2.28 47 */ 48 public class TlsCertificate : ObjectG 49 { 50 /** the main Gtk struct */ 51 protected GTlsCertificate* gTlsCertificate; 52 53 /** Get the main Gtk struct */ 54 public GTlsCertificate* getTlsCertificateStruct(bool transferOwnership = false) 55 { 56 if (transferOwnership) 57 ownedRef = false; 58 return gTlsCertificate; 59 } 60 61 /** the main Gtk struct as a void* */ 62 protected override void* getStruct() 63 { 64 return cast(void*)gTlsCertificate; 65 } 66 67 /** 68 * Sets our main struct and passes it to the parent class. 69 */ 70 public this (GTlsCertificate* gTlsCertificate, bool ownedRef = false) 71 { 72 this.gTlsCertificate = gTlsCertificate; 73 super(cast(GObject*)gTlsCertificate, ownedRef); 74 } 75 76 77 /** */ 78 public static GType getType() 79 { 80 return g_tls_certificate_get_type(); 81 } 82 83 /** 84 * Creates a #GTlsCertificate from the PEM-encoded data in @file. The 85 * returned certificate will be the first certificate found in @file. As 86 * of GLib 2.44, if @file contains more certificates it will try to load 87 * a certificate chain. All certificates will be verified in the order 88 * found (top-level certificate should be the last one in the file) and 89 * the #GTlsCertificate:issuer property of each certificate will be set 90 * accordingly if the verification succeeds. If any certificate in the 91 * chain cannot be verified, the first certificate in the file will 92 * still be returned. 93 * 94 * If @file cannot be read or parsed, the function will return %NULL and 95 * set @error. Otherwise, this behaves like 96 * g_tls_certificate_new_from_pem(). 97 * 98 * Params: 99 * file = file containing a PEM-encoded certificate to import 100 * 101 * Returns: the new certificate, or %NULL on error 102 * 103 * Since: 2.28 104 * 105 * Throws: GException on failure. 106 * Throws: ConstructionException GTK+ fails to create the object. 107 */ 108 public this(string file) 109 { 110 GError* err = null; 111 112 auto __p = g_tls_certificate_new_from_file(Str.toStringz(file), &err); 113 114 if (err !is null) 115 { 116 throw new GException( new ErrorG(err) ); 117 } 118 119 if(__p is null) 120 { 121 throw new ConstructionException("null returned by new_from_file"); 122 } 123 124 this(cast(GTlsCertificate*) __p, true); 125 } 126 127 /** 128 * Creates a #GTlsCertificate from the PEM-encoded data in @cert_file 129 * and @key_file. The returned certificate will be the first certificate 130 * found in @cert_file. As of GLib 2.44, if @cert_file contains more 131 * certificates it will try to load a certificate chain. All 132 * certificates will be verified in the order found (top-level 133 * certificate should be the last one in the file) and the 134 * #GTlsCertificate:issuer property of each certificate will be set 135 * accordingly if the verification succeeds. If any certificate in the 136 * chain cannot be verified, the first certificate in the file will 137 * still be returned. 138 * 139 * If either file cannot be read or parsed, the function will return 140 * %NULL and set @error. Otherwise, this behaves like 141 * g_tls_certificate_new_from_pem(). 142 * 143 * Params: 144 * certFile = file containing one or more PEM-encoded 145 * certificates to import 146 * keyFile = file containing a PEM-encoded private key 147 * to import 148 * 149 * Returns: the new certificate, or %NULL on error 150 * 151 * Since: 2.28 152 * 153 * Throws: GException on failure. 154 * Throws: ConstructionException GTK+ fails to create the object. 155 */ 156 public this(string certFile, string keyFile) 157 { 158 GError* err = null; 159 160 auto __p = g_tls_certificate_new_from_files(Str.toStringz(certFile), Str.toStringz(keyFile), &err); 161 162 if (err !is null) 163 { 164 throw new GException( new ErrorG(err) ); 165 } 166 167 if(__p is null) 168 { 169 throw new ConstructionException("null returned by new_from_files"); 170 } 171 172 this(cast(GTlsCertificate*) __p, true); 173 } 174 175 /** 176 * Creates a #GTlsCertificate from the PEM-encoded data in @data. If 177 * @data includes both a certificate and a private key, then the 178 * returned certificate will include the private key data as well. (See 179 * the #GTlsCertificate:private-key-pem property for information about 180 * supported formats.) 181 * 182 * The returned certificate will be the first certificate found in 183 * @data. As of GLib 2.44, if @data contains more certificates it will 184 * try to load a certificate chain. All certificates will be verified in 185 * the order found (top-level certificate should be the last one in the 186 * file) and the #GTlsCertificate:issuer property of each certificate 187 * will be set accordingly if the verification succeeds. If any 188 * certificate in the chain cannot be verified, the first certificate in 189 * the file will still be returned. 190 * 191 * Params: 192 * data = PEM-encoded certificate data 193 * length = the length of @data, or -1 if it's 0-terminated. 194 * 195 * Returns: the new certificate, or %NULL if @data is invalid 196 * 197 * Since: 2.28 198 * 199 * Throws: GException on failure. 200 * Throws: ConstructionException GTK+ fails to create the object. 201 */ 202 public this(string data, ptrdiff_t length) 203 { 204 GError* err = null; 205 206 auto __p = g_tls_certificate_new_from_pem(Str.toStringz(data), length, &err); 207 208 if (err !is null) 209 { 210 throw new GException( new ErrorG(err) ); 211 } 212 213 if(__p is null) 214 { 215 throw new ConstructionException("null returned by new_from_pem"); 216 } 217 218 this(cast(GTlsCertificate*) __p, true); 219 } 220 221 /** 222 * Creates one or more #GTlsCertificates from the PEM-encoded 223 * data in @file. If @file cannot be read or parsed, the function will 224 * return %NULL and set @error. If @file does not contain any 225 * PEM-encoded certificates, this will return an empty list and not 226 * set @error. 227 * 228 * Params: 229 * file = file containing PEM-encoded certificates to import 230 * 231 * Returns: a 232 * #GList containing #GTlsCertificate objects. You must free the list 233 * and its contents when you are done with it. 234 * 235 * Since: 2.28 236 * 237 * Throws: GException on failure. 238 */ 239 public static ListG listNewFromFile(string file) 240 { 241 GError* err = null; 242 243 auto __p = g_tls_certificate_list_new_from_file(Str.toStringz(file), &err); 244 245 if (err !is null) 246 { 247 throw new GException( new ErrorG(err) ); 248 } 249 250 if(__p is null) 251 { 252 return null; 253 } 254 255 return new ListG(cast(GList*) __p, true); 256 } 257 258 /** 259 * Gets the #GTlsCertificate representing @cert's issuer, if known 260 * 261 * Returns: The certificate of @cert's issuer, 262 * or %NULL if @cert is self-signed or signed with an unknown 263 * certificate. 264 * 265 * Since: 2.28 266 */ 267 public TlsCertificate getIssuer() 268 { 269 auto __p = g_tls_certificate_get_issuer(gTlsCertificate); 270 271 if(__p is null) 272 { 273 return null; 274 } 275 276 return ObjectG.getDObject!(TlsCertificate)(cast(GTlsCertificate*) __p); 277 } 278 279 /** 280 * Check if two #GTlsCertificate objects represent the same certificate. 281 * The raw DER byte data of the two certificates are checked for equality. 282 * This has the effect that two certificates may compare equal even if 283 * their #GTlsCertificate:issuer, #GTlsCertificate:private-key, or 284 * #GTlsCertificate:private-key-pem properties differ. 285 * 286 * Params: 287 * certTwo = second certificate to compare 288 * 289 * Returns: whether the same or not 290 * 291 * Since: 2.34 292 */ 293 public bool isSame(TlsCertificate certTwo) 294 { 295 return g_tls_certificate_is_same(gTlsCertificate, (certTwo is null) ? null : certTwo.getTlsCertificateStruct()) != 0; 296 } 297 298 /** 299 * This verifies @cert and returns a set of #GTlsCertificateFlags 300 * indicating any problems found with it. This can be used to verify a 301 * certificate outside the context of making a connection, or to 302 * check a certificate against a CA that is not part of the system 303 * CA database. 304 * 305 * If @identity is not %NULL, @cert's name(s) will be compared against 306 * it, and %G_TLS_CERTIFICATE_BAD_IDENTITY will be set in the return 307 * value if it does not match. If @identity is %NULL, that bit will 308 * never be set in the return value. 309 * 310 * If @trusted_ca is not %NULL, then @cert (or one of the certificates 311 * in its chain) must be signed by it, or else 312 * %G_TLS_CERTIFICATE_UNKNOWN_CA will be set in the return value. If 313 * @trusted_ca is %NULL, that bit will never be set in the return 314 * value. 315 * 316 * (All other #GTlsCertificateFlags values will always be set or unset 317 * as appropriate.) 318 * 319 * Params: 320 * identity = the expected peer identity 321 * trustedCa = the certificate of a trusted authority 322 * 323 * Returns: the appropriate #GTlsCertificateFlags 324 * 325 * Since: 2.28 326 */ 327 public GTlsCertificateFlags verify(SocketConnectableIF identity, TlsCertificate trustedCa) 328 { 329 return g_tls_certificate_verify(gTlsCertificate, (identity is null) ? null : identity.getSocketConnectableStruct(), (trustedCa is null) ? null : trustedCa.getTlsCertificateStruct()); 330 } 331 }