1 /* 2 * This file is part of gtkD. 3 * 4 * gtkD is free software; you can redistribute it and/or modify 5 * it under the terms of the GNU Lesser General Public License 6 * as published by the Free Software Foundation; either version 3 7 * of the License, or (at your option) any later version, with 8 * some exceptions, please read the COPYING file. 9 * 10 * gtkD is distributed in the hope that it will be useful, 11 * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 * GNU Lesser General Public License for more details. 14 * 15 * You should have received a copy of the GNU Lesser General Public License 16 * along with gtkD; if not, write to the Free Software 17 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110, USA 18 */ 19 20 // generated automatically - do not change 21 // find conversion definition on APILookup.txt 22 // implement new conversion functionalities on the wrap.utils pakage 23 24 25 module gio.TlsCertificate; 26 27 private import gio.SocketConnectableIF; 28 private import glib.ConstructionException; 29 private import glib.ErrorG; 30 private import glib.GException; 31 private import glib.ListG; 32 private import glib.Str; 33 private import gobject.ObjectG; 34 private import gtkc.gio; 35 public import gtkc.giotypes; 36 37 38 /** 39 * A certificate used for TLS authentication and encryption. 40 * This can represent either a certificate only (eg, the certificate 41 * received by a client from a server), or the combination of 42 * a certificate and a private key (which is needed when acting as a 43 * #GTlsServerConnection). 44 * 45 * Since: 2.28 46 */ 47 public class TlsCertificate : ObjectG 48 { 49 /** the main Gtk struct */ 50 protected GTlsCertificate* gTlsCertificate; 51 52 /** Get the main Gtk struct */ 53 public GTlsCertificate* getTlsCertificateStruct() 54 { 55 return gTlsCertificate; 56 } 57 58 /** the main Gtk struct as a void* */ 59 protected override void* getStruct() 60 { 61 return cast(void*)gTlsCertificate; 62 } 63 64 protected override void setStruct(GObject* obj) 65 { 66 gTlsCertificate = cast(GTlsCertificate*)obj; 67 super.setStruct(obj); 68 } 69 70 /** 71 * Sets our main struct and passes it to the parent class. 72 */ 73 public this (GTlsCertificate* gTlsCertificate, bool ownedRef = false) 74 { 75 this.gTlsCertificate = gTlsCertificate; 76 super(cast(GObject*)gTlsCertificate, ownedRef); 77 } 78 79 80 /** */ 81 public static GType getType() 82 { 83 return g_tls_certificate_get_type(); 84 } 85 86 /** 87 * Creates a #GTlsCertificate from the PEM-encoded data in @file. The 88 * returned certificate will be the first certificate found in @file. As 89 * of GLib 2.44, if @file contains more certificates it will try to load 90 * a certificate chain. All certificates will be verified in the order 91 * found (top-level certificate should be the last one in the file) and 92 * the #GTlsCertificate:issuer property of each certificate will be set 93 * accordingly if the verification succeeds. If any certificate in the 94 * chain cannot be verified, the first certificate in the file will 95 * still be returned. 96 * 97 * If @file cannot be read or parsed, the function will return %NULL and 98 * set @error. Otherwise, this behaves like 99 * g_tls_certificate_new_from_pem(). 100 * 101 * Params: 102 * file = file containing a PEM-encoded certificate to import 103 * 104 * Return: the new certificate, or %NULL on error 105 * 106 * Since: 2.28 107 * 108 * Throws: GException on failure. 109 * Throws: ConstructionException GTK+ fails to create the object. 110 */ 111 public this(string file) 112 { 113 GError* err = null; 114 115 auto p = g_tls_certificate_new_from_file(Str.toStringz(file), &err); 116 117 if (err !is null) 118 { 119 throw new GException( new ErrorG(err) ); 120 } 121 122 if(p is null) 123 { 124 throw new ConstructionException("null returned by new_from_file"); 125 } 126 127 this(cast(GTlsCertificate*) p, true); 128 } 129 130 /** 131 * Creates a #GTlsCertificate from the PEM-encoded data in @cert_file 132 * and @key_file. The returned certificate will be the first certificate 133 * found in @cert_file. As of GLib 2.44, if @cert_file contains more 134 * certificates it will try to load a certificate chain. All 135 * certificates will be verified in the order found (top-level 136 * certificate should be the last one in the file) and the 137 * #GTlsCertificate:issuer property of each certificate will be set 138 * accordingly if the verification succeeds. If any certificate in the 139 * chain cannot be verified, the first certificate in the file will 140 * still be returned. 141 * 142 * If either file cannot be read or parsed, the function will return 143 * %NULL and set @error. Otherwise, this behaves like 144 * g_tls_certificate_new_from_pem(). 145 * 146 * Params: 147 * certFile = file containing one or more PEM-encoded certificates to 148 * import 149 * keyFile = file containing a PEM-encoded private key to import 150 * 151 * Return: the new certificate, or %NULL on error 152 * 153 * Since: 2.28 154 * 155 * Throws: GException on failure. 156 * Throws: ConstructionException GTK+ fails to create the object. 157 */ 158 public this(string certFile, string keyFile) 159 { 160 GError* err = null; 161 162 auto p = g_tls_certificate_new_from_files(Str.toStringz(certFile), Str.toStringz(keyFile), &err); 163 164 if (err !is null) 165 { 166 throw new GException( new ErrorG(err) ); 167 } 168 169 if(p is null) 170 { 171 throw new ConstructionException("null returned by new_from_files"); 172 } 173 174 this(cast(GTlsCertificate*) p, true); 175 } 176 177 /** 178 * Creates a #GTlsCertificate from the PEM-encoded data in @data. If 179 * @data includes both a certificate and a private key, then the 180 * returned certificate will include the private key data as well. (See 181 * the #GTlsCertificate:private-key-pem property for information about 182 * supported formats.) 183 * 184 * The returned certificate will be the first certificate found in 185 * @data. As of GLib 2.44, if @data contains more certificates it will 186 * try to load a certificate chain. All certificates will be verified in 187 * the order found (top-level certificate should be the last one in the 188 * file) and the #GTlsCertificate:issuer property of each certificate 189 * will be set accordingly if the verification succeeds. If any 190 * certificate in the chain cannot be verified, the first certificate in 191 * the file will still be returned. 192 * 193 * Params: 194 * data = PEM-encoded certificate data 195 * length = the length of @data, or -1 if it's 0-terminated. 196 * 197 * Return: the new certificate, or %NULL if @data is invalid 198 * 199 * Since: 2.28 200 * 201 * Throws: GException on failure. 202 * Throws: ConstructionException GTK+ fails to create the object. 203 */ 204 public this(string data, ptrdiff_t length) 205 { 206 GError* err = null; 207 208 auto p = g_tls_certificate_new_from_pem(Str.toStringz(data), length, &err); 209 210 if (err !is null) 211 { 212 throw new GException( new ErrorG(err) ); 213 } 214 215 if(p is null) 216 { 217 throw new ConstructionException("null returned by new_from_pem"); 218 } 219 220 this(cast(GTlsCertificate*) p, true); 221 } 222 223 /** 224 * Creates one or more #GTlsCertificates from the PEM-encoded 225 * data in @file. If @file cannot be read or parsed, the function will 226 * return %NULL and set @error. If @file does not contain any 227 * PEM-encoded certificates, this will return an empty list and not 228 * set @error. 229 * 230 * Params: 231 * file = file containing PEM-encoded certificates to import 232 * 233 * Return: a 234 * #GList containing #GTlsCertificate objects. You must free the list 235 * and its contents when you are done with it. 236 * 237 * Since: 2.28 238 * 239 * Throws: GException on failure. 240 */ 241 public static ListG listNewFromFile(string file) 242 { 243 GError* err = null; 244 245 auto p = g_tls_certificate_list_new_from_file(Str.toStringz(file), &err); 246 247 if (err !is null) 248 { 249 throw new GException( new ErrorG(err) ); 250 } 251 252 if(p is null) 253 { 254 return null; 255 } 256 257 return new ListG(cast(GList*) p, true); 258 } 259 260 /** 261 * Gets the #GTlsCertificate representing @cert's issuer, if known 262 * 263 * Return: The certificate of @cert's issuer, 264 * or %NULL if @cert is self-signed or signed with an unknown 265 * certificate. 266 * 267 * Since: 2.28 268 */ 269 public TlsCertificate getIssuer() 270 { 271 auto p = g_tls_certificate_get_issuer(gTlsCertificate); 272 273 if(p is null) 274 { 275 return null; 276 } 277 278 return ObjectG.getDObject!(TlsCertificate)(cast(GTlsCertificate*) p); 279 } 280 281 /** 282 * Check if two #GTlsCertificate objects represent the same certificate. 283 * The raw DER byte data of the two certificates are checked for equality. 284 * This has the effect that two certificates may compare equal even if 285 * their #GTlsCertificate:issuer, #GTlsCertificate:private-key, or 286 * #GTlsCertificate:private-key-pem properties differ. 287 * 288 * Params: 289 * certTwo = second certificate to compare 290 * 291 * Return: whether the same or not 292 * 293 * Since: 2.34 294 */ 295 public bool isSame(TlsCertificate certTwo) 296 { 297 return g_tls_certificate_is_same(gTlsCertificate, (certTwo is null) ? null : certTwo.getTlsCertificateStruct()) != 0; 298 } 299 300 /** 301 * This verifies @cert and returns a set of #GTlsCertificateFlags 302 * indicating any problems found with it. This can be used to verify a 303 * certificate outside the context of making a connection, or to 304 * check a certificate against a CA that is not part of the system 305 * CA database. 306 * 307 * If @identity is not %NULL, @cert's name(s) will be compared against 308 * it, and %G_TLS_CERTIFICATE_BAD_IDENTITY will be set in the return 309 * value if it does not match. If @identity is %NULL, that bit will 310 * never be set in the return value. 311 * 312 * If @trusted_ca is not %NULL, then @cert (or one of the certificates 313 * in its chain) must be signed by it, or else 314 * %G_TLS_CERTIFICATE_UNKNOWN_CA will be set in the return value. If 315 * @trusted_ca is %NULL, that bit will never be set in the return 316 * value. 317 * 318 * (All other #GTlsCertificateFlags values will always be set or unset 319 * as appropriate.) 320 * 321 * Params: 322 * identity = the expected peer identity 323 * trustedCa = the certificate of a trusted authority 324 * 325 * Return: the appropriate #GTlsCertificateFlags 326 * 327 * Since: 2.28 328 */ 329 public GTlsCertificateFlags verify(SocketConnectableIF identity, TlsCertificate trustedCa) 330 { 331 return g_tls_certificate_verify(gTlsCertificate, (identity is null) ? null : identity.getSocketConnectableStruct(), (trustedCa is null) ? null : trustedCa.getTlsCertificateStruct()); 332 } 333 }