1 /*
2  * This file is part of gtkD.
3  *
4  * gtkD is free software; you can redistribute it and/or modify
5  * it under the terms of the GNU Lesser General Public License
6  * as published by the Free Software Foundation; either version 3
7  * of the License, or (at your option) any later version, with
8  * some exceptions, please read the COPYING file.
9  *
10  * gtkD is distributed in the hope that it will be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
13  * GNU Lesser General Public License for more details.
14  *
15  * You should have received a copy of the GNU Lesser General Public License
16  * along with gtkD; if not, write to the Free Software
17  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110, USA
18  */
19 
20 // generated automatically - do not change
21 // find conversion definition on APILookup.txt
22 // implement new conversion functionalities on the wrap.utils pakage
23 
24 
25 module gio.TlsCertificate;
26 
27 private import gio.SocketConnectableIF;
28 private import glib.ConstructionException;
29 private import glib.ErrorG;
30 private import glib.GException;
31 private import glib.ListG;
32 private import glib.Str;
33 private import gobject.ObjectG;
34 private import gtkc.gio;
35 public  import gtkc.giotypes;
36 
37 
38 /**
39  * A certificate used for TLS authentication and encryption.
40  * This can represent either a certificate only (eg, the certificate
41  * received by a client from a server), or the combination of
42  * a certificate and a private key (which is needed when acting as a
43  * #GTlsServerConnection).
44  *
45  * Since: 2.28
46  */
47 public class TlsCertificate : ObjectG
48 {
49 	/** the main Gtk struct */
50 	protected GTlsCertificate* gTlsCertificate;
51 
52 	/** Get the main Gtk struct */
53 	public GTlsCertificate* getTlsCertificateStruct()
54 	{
55 		return gTlsCertificate;
56 	}
57 
58 	/** the main Gtk struct as a void* */
59 	protected override void* getStruct()
60 	{
61 		return cast(void*)gTlsCertificate;
62 	}
63 
64 	protected override void setStruct(GObject* obj)
65 	{
66 		gTlsCertificate = cast(GTlsCertificate*)obj;
67 		super.setStruct(obj);
68 	}
69 
70 	/**
71 	 * Sets our main struct and passes it to the parent class.
72 	 */
73 	public this (GTlsCertificate* gTlsCertificate, bool ownedRef = false)
74 	{
75 		this.gTlsCertificate = gTlsCertificate;
76 		super(cast(GObject*)gTlsCertificate, ownedRef);
77 	}
78 
79 
80 	/** */
81 	public static GType getType()
82 	{
83 		return g_tls_certificate_get_type();
84 	}
85 
86 	/**
87 	 * Creates a #GTlsCertificate from the PEM-encoded data in @file. The
88 	 * returned certificate will be the first certificate found in @file. As
89 	 * of GLib 2.44, if @file contains more certificates it will try to load
90 	 * a certificate chain. All certificates will be verified in the order
91 	 * found (top-level certificate should be the last one in the file) and
92 	 * the #GTlsCertificate:issuer property of each certificate will be set
93 	 * accordingly if the verification succeeds. If any certificate in the
94 	 * chain cannot be verified, the first certificate in the file will
95 	 * still be returned.
96 	 *
97 	 * If @file cannot be read or parsed, the function will return %NULL and
98 	 * set @error. Otherwise, this behaves like
99 	 * g_tls_certificate_new_from_pem().
100 	 *
101 	 * Params:
102 	 *     file = file containing a PEM-encoded certificate to import
103 	 *
104 	 * Return: the new certificate, or %NULL on error
105 	 *
106 	 * Since: 2.28
107 	 *
108 	 * Throws: GException on failure.
109 	 * Throws: ConstructionException GTK+ fails to create the object.
110 	 */
111 	public this(string file)
112 	{
113 		GError* err = null;
114 		
115 		auto p = g_tls_certificate_new_from_file(Str.toStringz(file), &err);
116 		
117 		if (err !is null)
118 		{
119 			throw new GException( new ErrorG(err) );
120 		}
121 		
122 		if(p is null)
123 		{
124 			throw new ConstructionException("null returned by new_from_file");
125 		}
126 		
127 		this(cast(GTlsCertificate*) p, true);
128 	}
129 
130 	/**
131 	 * Creates a #GTlsCertificate from the PEM-encoded data in @cert_file
132 	 * and @key_file. The returned certificate will be the first certificate
133 	 * found in @cert_file. As of GLib 2.44, if @cert_file contains more
134 	 * certificates it will try to load a certificate chain. All
135 	 * certificates will be verified in the order found (top-level
136 	 * certificate should be the last one in the file) and the
137 	 * #GTlsCertificate:issuer property of each certificate will be set
138 	 * accordingly if the verification succeeds. If any certificate in the
139 	 * chain cannot be verified, the first certificate in the file will
140 	 * still be returned.
141 	 *
142 	 * If either file cannot be read or parsed, the function will return
143 	 * %NULL and set @error. Otherwise, this behaves like
144 	 * g_tls_certificate_new_from_pem().
145 	 *
146 	 * Params:
147 	 *     certFile = file containing one or more PEM-encoded certificates to
148 	 *         import
149 	 *     keyFile = file containing a PEM-encoded private key to import
150 	 *
151 	 * Return: the new certificate, or %NULL on error
152 	 *
153 	 * Since: 2.28
154 	 *
155 	 * Throws: GException on failure.
156 	 * Throws: ConstructionException GTK+ fails to create the object.
157 	 */
158 	public this(string certFile, string keyFile)
159 	{
160 		GError* err = null;
161 		
162 		auto p = g_tls_certificate_new_from_files(Str.toStringz(certFile), Str.toStringz(keyFile), &err);
163 		
164 		if (err !is null)
165 		{
166 			throw new GException( new ErrorG(err) );
167 		}
168 		
169 		if(p is null)
170 		{
171 			throw new ConstructionException("null returned by new_from_files");
172 		}
173 		
174 		this(cast(GTlsCertificate*) p, true);
175 	}
176 
177 	/**
178 	 * Creates a #GTlsCertificate from the PEM-encoded data in @data. If
179 	 * @data includes both a certificate and a private key, then the
180 	 * returned certificate will include the private key data as well. (See
181 	 * the #GTlsCertificate:private-key-pem property for information about
182 	 * supported formats.)
183 	 *
184 	 * The returned certificate will be the first certificate found in
185 	 * @data. As of GLib 2.44, if @data contains more certificates it will
186 	 * try to load a certificate chain. All certificates will be verified in
187 	 * the order found (top-level certificate should be the last one in the
188 	 * file) and the #GTlsCertificate:issuer property of each certificate
189 	 * will be set accordingly if the verification succeeds. If any
190 	 * certificate in the chain cannot be verified, the first certificate in
191 	 * the file will still be returned.
192 	 *
193 	 * Params:
194 	 *     data = PEM-encoded certificate data
195 	 *     length = the length of @data, or -1 if it's 0-terminated.
196 	 *
197 	 * Return: the new certificate, or %NULL if @data is invalid
198 	 *
199 	 * Since: 2.28
200 	 *
201 	 * Throws: GException on failure.
202 	 * Throws: ConstructionException GTK+ fails to create the object.
203 	 */
204 	public this(string data, ptrdiff_t length)
205 	{
206 		GError* err = null;
207 		
208 		auto p = g_tls_certificate_new_from_pem(Str.toStringz(data), length, &err);
209 		
210 		if (err !is null)
211 		{
212 			throw new GException( new ErrorG(err) );
213 		}
214 		
215 		if(p is null)
216 		{
217 			throw new ConstructionException("null returned by new_from_pem");
218 		}
219 		
220 		this(cast(GTlsCertificate*) p, true);
221 	}
222 
223 	/**
224 	 * Creates one or more #GTlsCertificates from the PEM-encoded
225 	 * data in @file. If @file cannot be read or parsed, the function will
226 	 * return %NULL and set @error. If @file does not contain any
227 	 * PEM-encoded certificates, this will return an empty list and not
228 	 * set @error.
229 	 *
230 	 * Params:
231 	 *     file = file containing PEM-encoded certificates to import
232 	 *
233 	 * Return: a
234 	 *     #GList containing #GTlsCertificate objects. You must free the list
235 	 *     and its contents when you are done with it.
236 	 *
237 	 * Since: 2.28
238 	 *
239 	 * Throws: GException on failure.
240 	 */
241 	public static ListG listNewFromFile(string file)
242 	{
243 		GError* err = null;
244 		
245 		auto p = g_tls_certificate_list_new_from_file(Str.toStringz(file), &err);
246 		
247 		if (err !is null)
248 		{
249 			throw new GException( new ErrorG(err) );
250 		}
251 		
252 		if(p is null)
253 		{
254 			return null;
255 		}
256 		
257 		return new ListG(cast(GList*) p, true);
258 	}
259 
260 	/**
261 	 * Gets the #GTlsCertificate representing @cert's issuer, if known
262 	 *
263 	 * Return: The certificate of @cert's issuer,
264 	 *     or %NULL if @cert is self-signed or signed with an unknown
265 	 *     certificate.
266 	 *
267 	 * Since: 2.28
268 	 */
269 	public TlsCertificate getIssuer()
270 	{
271 		auto p = g_tls_certificate_get_issuer(gTlsCertificate);
272 		
273 		if(p is null)
274 		{
275 			return null;
276 		}
277 		
278 		return ObjectG.getDObject!(TlsCertificate)(cast(GTlsCertificate*) p);
279 	}
280 
281 	/**
282 	 * Check if two #GTlsCertificate objects represent the same certificate.
283 	 * The raw DER byte data of the two certificates are checked for equality.
284 	 * This has the effect that two certificates may compare equal even if
285 	 * their #GTlsCertificate:issuer, #GTlsCertificate:private-key, or
286 	 * #GTlsCertificate:private-key-pem properties differ.
287 	 *
288 	 * Params:
289 	 *     certTwo = second certificate to compare
290 	 *
291 	 * Return: whether the same or not
292 	 *
293 	 * Since: 2.34
294 	 */
295 	public bool isSame(TlsCertificate certTwo)
296 	{
297 		return g_tls_certificate_is_same(gTlsCertificate, (certTwo is null) ? null : certTwo.getTlsCertificateStruct()) != 0;
298 	}
299 
300 	/**
301 	 * This verifies @cert and returns a set of #GTlsCertificateFlags
302 	 * indicating any problems found with it. This can be used to verify a
303 	 * certificate outside the context of making a connection, or to
304 	 * check a certificate against a CA that is not part of the system
305 	 * CA database.
306 	 *
307 	 * If @identity is not %NULL, @cert's name(s) will be compared against
308 	 * it, and %G_TLS_CERTIFICATE_BAD_IDENTITY will be set in the return
309 	 * value if it does not match. If @identity is %NULL, that bit will
310 	 * never be set in the return value.
311 	 *
312 	 * If @trusted_ca is not %NULL, then @cert (or one of the certificates
313 	 * in its chain) must be signed by it, or else
314 	 * %G_TLS_CERTIFICATE_UNKNOWN_CA will be set in the return value. If
315 	 * @trusted_ca is %NULL, that bit will never be set in the return
316 	 * value.
317 	 *
318 	 * (All other #GTlsCertificateFlags values will always be set or unset
319 	 * as appropriate.)
320 	 *
321 	 * Params:
322 	 *     identity = the expected peer identity
323 	 *     trustedCa = the certificate of a trusted authority
324 	 *
325 	 * Return: the appropriate #GTlsCertificateFlags
326 	 *
327 	 * Since: 2.28
328 	 */
329 	public GTlsCertificateFlags verify(SocketConnectableIF identity, TlsCertificate trustedCa)
330 	{
331 		return g_tls_certificate_verify(gTlsCertificate, (identity is null) ? null : identity.getSocketConnectableStruct(), (trustedCa is null) ? null : trustedCa.getTlsCertificateStruct());
332 	}
333 }