search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Add new api to symbol lists and docs
[glib.git] / gio / gtlsdatabase.c
blobcaab28205b74fe5bda6f1068f8aac3721970fcc0
1 /* GIO - GLib Input, Output and Streaming Library
2 *
3 * Copyright (C) 2010 Collabora, Ltd.
4 *
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2 of the License, or (at your option) any later version.
9 *
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
14 *
15 * You should have received a copy of the GNU Lesser General
16 * Public License along with this library; if not, write to the
17 * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
18 * Boston, MA 02111-1307, USA.
19 *
20 * Author: Stef Walter <stefw@collabora.co.uk>
21 */
22
23 #include "config.h"
24
25 #include "gtlsdatabase.h"
26
27 #include "gasyncresult.h"
28 #include "gcancellable.h"
29 #include "glibintl.h"
30 #include "gsimpleasyncresult.h"
31 #include "gsocketconnectable.h"
32 #include "gtlscertificate.h"
33 #include "gtlsinteraction.h"
34
35 /**
36 * SECTION:gtlsdatabase
37 * @short_description: TLS database type
38 * @include: gio/gio.h
39 *
40 * #GTlsDatabase is used to lookup certificates and other information
41 * from a certificate or key store. It is an abstract base class which
42 * TLS library specific subtypes override.
43 *
44 * Most common client applications will not directly interact with
45 * #GTlsDatabase. It is used internally by #GTlsConnection.
46 *
47 * Since: 2.30
48 */
49
50 /**
51 * GTlsDatabase:
52 *
53 * Abstract base class for the backend-specific database types.
54 *
55 * Since: 2.30
56 */
57
58 G_DEFINE_ABSTRACT_TYPE (GTlsDatabase, g_tls_database, G_TYPE_OBJECT);
59
60 enum {
61 UNLOCK_REQUIRED,
62
63 LAST_SIGNAL
64 };
65
66 /**
67 * G_TLS_DATABASE_PURPOSE_AUTHENTICATE_SERVER:
68 *
69 * The purpose used to verify the server certificate in a TLS connection. This
70 * is the most common purpose in use. Used by TLS clients.
71 */
72
73 /**
74 * G_TLS_DATABASE_PURPOSE_AUTHENTICATE_CLIENT:
75 *
76 * The purpose used to verify the client certificate in a TLS connection.
77 * Used by TLS servers.
78 */
79
80 static void
81 g_tls_database_init (GTlsDatabase *cert)
82 {
83
84 }
85
86 typedef struct _AsyncVerifyChain {
87 GTlsCertificate *chain;
88 gchar *purpose;
89 GSocketConnectable *identity;
90 GTlsInteraction *interaction;
91 GTlsDatabaseVerifyFlags flags;
92 GTlsCertificateFlags verify_result;
93 } AsyncVerifyChain;
94
95 static void
96 async_verify_chain_free (gpointer data)
97 {
98 AsyncVerifyChain *args = data;
99 g_clear_object (&args->chain);
100 g_free (args->purpose);
101 g_clear_object (&args->identity);
102 g_clear_object (&args->interaction);
103 g_slice_free (AsyncVerifyChain, args);
104 }
105
106 static void
107 async_verify_chain_thread (GSimpleAsyncResult *res,
108 GObject *object,
109 GCancellable *cancellable)
110 {
111 AsyncVerifyChain *args = g_simple_async_result_get_op_res_gpointer (res);
112 GError *error = NULL;
113
114 args->verify_result = g_tls_database_verify_chain (G_TLS_DATABASE (object),
115 args->chain,
116 args->purpose,
117 args->identity,
118 args->interaction,
119 args->flags,
120 cancellable,
121 &error);
122
123 if (error)
124 g_simple_async_result_take_error (res, error);
125 }
126
127 static void
128 g_tls_database_real_verify_chain_async (GTlsDatabase *self,
129 GTlsCertificate *chain,
130 const gchar *purpose,
131 GSocketConnectable *identity,
132 GTlsInteraction *interaction,
133 GTlsDatabaseVerifyFlags flags,
134 GCancellable *cancellable,
135 GAsyncReadyCallback callback,
136 gpointer user_data)
137 {
138 GSimpleAsyncResult *res;
139 AsyncVerifyChain *args;
140
141 args = g_slice_new0 (AsyncVerifyChain);
142 args->chain = g_object_ref (chain);
143 args->purpose = g_strdup (purpose);
144 args->identity = identity ? g_object_ref (identity) : NULL;
145 args->interaction = interaction ? g_object_ref (interaction) : NULL;
146 args->flags = flags;
147
148 res = g_simple_async_result_new (G_OBJECT (self), callback, user_data,
149 g_tls_database_real_verify_chain_async);
150 g_simple_async_result_set_op_res_gpointer (res, args, async_verify_chain_free);
151 g_simple_async_result_run_in_thread (res, async_verify_chain_thread,
152 G_PRIORITY_DEFAULT, cancellable);
153 g_object_unref (res);
154 }
155
156 static GTlsCertificateFlags
157 g_tls_database_real_verify_chain_finish (GTlsDatabase *self,
158 GAsyncResult *result,
159 GError **error)
160 {
161 AsyncVerifyChain *args;
162
163 g_return_val_if_fail (G_IS_SIMPLE_ASYNC_RESULT (result), G_TLS_CERTIFICATE_GENERIC_ERROR);
164 g_return_val_if_fail (g_simple_async_result_is_valid (result, G_OBJECT (self),
165 g_tls_database_real_verify_chain_async), FALSE);
166
167 if (g_simple_async_result_propagate_error (G_SIMPLE_ASYNC_RESULT (result), error))
168 return G_TLS_CERTIFICATE_GENERIC_ERROR;
169
170 args = g_simple_async_result_get_op_res_gpointer (G_SIMPLE_ASYNC_RESULT (result));
171 return args->verify_result;
172 }
173
174 typedef struct {
175 gchar *handle;
176 GTlsInteraction *interaction;
177 GTlsDatabaseLookupFlags flags;
178 GTlsCertificate *result;
179 } AsyncLookupCertificateForHandle;
180
181 static void
182 async_lookup_certificate_for_handle_free (gpointer data)
183 {
184 AsyncLookupCertificateForHandle *args = data;
185
186 g_free (args->handle);
187 g_clear_object (&args->interaction);
188 g_clear_object (&args->result);
189 g_slice_free (AsyncLookupCertificateForHandle, args);
190 }
191
192 static void
193 async_lookup_certificate_for_handle_thread (GSimpleAsyncResult *res,
194 GObject *object,
195 GCancellable *cancellable)
196 {
197 AsyncLookupCertificateForHandle *args = g_simple_async_result_get_op_res_gpointer (res);
198 GError *error = NULL;
199
200 args->result = g_tls_database_lookup_certificate_for_handle (G_TLS_DATABASE (object),
201 args->handle,
202 args->interaction,
203 args->flags,
204 cancellable,
205 &error);
206
207 if (error)
208 g_simple_async_result_take_error (res, error);
209 }
210
211 static void
212 g_tls_database_real_lookup_certificate_for_handle_async (GTlsDatabase *self,
213 const gchar *handle,
214 GTlsInteraction *interaction,
215 GTlsDatabaseLookupFlags flags,
216 GCancellable *cancellable,
217 GAsyncReadyCallback callback,
218 gpointer user_data)
219 {
220 GSimpleAsyncResult *res;
221 AsyncLookupCertificateForHandle *args;
222
223 args = g_slice_new0 (AsyncLookupCertificateForHandle);
224 args->handle = g_strdup (handle);
225 args->interaction = interaction ? g_object_ref (interaction) : NULL;
226
227 res = g_simple_async_result_new (G_OBJECT (self), callback, user_data,
228 g_tls_database_real_lookup_certificate_for_handle_async);
229 g_simple_async_result_set_op_res_gpointer (res, args, async_lookup_certificate_for_handle_free);
230 g_simple_async_result_run_in_thread (res, async_lookup_certificate_for_handle_thread,
231 G_PRIORITY_DEFAULT, cancellable);
232 g_object_unref (res);
233 }
234
235 static GTlsCertificate*
236 g_tls_database_real_lookup_certificate_for_handle_finish (GTlsDatabase *self,
237 GAsyncResult *result,
238 GError **error)
239 {
240 AsyncLookupCertificateForHandle *args;
241 GTlsCertificate *certificate;
242
243 g_return_val_if_fail (G_IS_SIMPLE_ASYNC_RESULT (result), NULL);
244 g_return_val_if_fail (g_simple_async_result_is_valid (result, G_OBJECT (self),
245 g_tls_database_real_lookup_certificate_for_handle_async), FALSE);
246
247 if (g_simple_async_result_propagate_error (G_SIMPLE_ASYNC_RESULT (result), error))
248 return NULL;
249
250 args = g_simple_async_result_get_op_res_gpointer (G_SIMPLE_ASYNC_RESULT (result));
251 certificate = args->result;
252 args->result = NULL;
253 return certificate;
254 }
255
256
257 typedef struct {
258 GTlsCertificate *certificate;
259 GTlsInteraction *interaction;
260 GTlsDatabaseLookupFlags flags;
261 GTlsCertificate *issuer;
262 } AsyncLookupCertificateIssuer;
263
264 static void
265 async_lookup_certificate_issuer_free (gpointer data)
266 {
267 AsyncLookupCertificateIssuer *args = data;
268
269 g_clear_object (&args->certificate);
270 g_clear_object (&args->interaction);
271 g_clear_object (&args->issuer);
272 g_slice_free (AsyncLookupCertificateIssuer, args);
273 }
274
275 static void
276 async_lookup_certificate_issuer_thread (GSimpleAsyncResult *res,
277 GObject *object,
278 GCancellable *cancellable)
279 {
280 AsyncLookupCertificateIssuer *args = g_simple_async_result_get_op_res_gpointer (res);
281 GError *error = NULL;
282
283 args->issuer = g_tls_database_lookup_certificate_issuer (G_TLS_DATABASE (object),
284 args->certificate,
285 args->interaction,
286 args->flags,
287 cancellable,
288 &error);
289
290 if (error)
291 g_simple_async_result_take_error (res, error);
292 }
293
294 static void
295 g_tls_database_real_lookup_certificate_issuer_async (GTlsDatabase *self,
296 GTlsCertificate *certificate,
297 GTlsInteraction *interaction,
298 GTlsDatabaseLookupFlags flags,
299 GCancellable *cancellable,
300 GAsyncReadyCallback callback,
301 gpointer user_data)
302 {
303 GSimpleAsyncResult *res;
304 AsyncLookupCertificateIssuer *args;
305
306 args = g_slice_new0 (AsyncLookupCertificateIssuer);
307 args->certificate = g_object_ref (certificate);
308 args->flags = flags;
309 args->interaction = interaction ? g_object_ref (interaction) : NULL;
310
311 res = g_simple_async_result_new (G_OBJECT (self), callback, user_data,
312 g_tls_database_real_lookup_certificate_issuer_async);
313 g_simple_async_result_set_op_res_gpointer (res, args, async_lookup_certificate_issuer_free);
314 g_simple_async_result_run_in_thread (res, async_lookup_certificate_issuer_thread,
315 G_PRIORITY_DEFAULT, cancellable);
316 g_object_unref (res);
317 }
318
319 static GTlsCertificate*
320 g_tls_database_real_lookup_certificate_issuer_finish (GTlsDatabase *self,
321 GAsyncResult *result,
322 GError **error)
323 {
324 AsyncLookupCertificateIssuer *args;
325 GTlsCertificate *issuer;
326
327 g_return_val_if_fail (G_IS_SIMPLE_ASYNC_RESULT (result), NULL);
328 g_return_val_if_fail (g_simple_async_result_is_valid (result, G_OBJECT (self),
329 g_tls_database_real_lookup_certificate_issuer_async), FALSE);
330
331 if (g_simple_async_result_propagate_error (G_SIMPLE_ASYNC_RESULT (result), error))
332 return NULL;
333
334 args = g_simple_async_result_get_op_res_gpointer (G_SIMPLE_ASYNC_RESULT (result));
335 issuer = args->issuer;
336 args->issuer = NULL;
337 return issuer;
338 }
339
340 typedef struct {
341 GByteArray *issuer;
342 GTlsInteraction *interaction;
343 GTlsDatabaseLookupFlags flags;
344 GList *results;
345 } AsyncLookupCertificatesIssuedBy;
346
347 static void
348 async_lookup_certificates_issued_by_free (gpointer data)
349 {
350 AsyncLookupCertificatesIssuedBy *args = data;
351 GList *l;
352
353 g_byte_array_unref (args->issuer);
354 g_clear_object (&args->interaction);
355 for (l = args->results; l; l = g_list_next (l))
356 g_object_unref (l->data);
357 g_list_free (args->results);
358 g_slice_free (AsyncLookupCertificatesIssuedBy, args);
359 }
360
361 static void
362 async_lookup_certificates_issued_by_thread (GSimpleAsyncResult *res,
363 GObject *object,
364 GCancellable *cancellable)
365 {
366 AsyncLookupCertificatesIssuedBy *args = g_simple_async_result_get_op_res_gpointer (res);
367 GError *error = NULL;
368
369 args->results = g_tls_database_lookup_certificates_issued_by (G_TLS_DATABASE (object),
370 args->issuer,
371 args->interaction,
372 args->flags,
373 cancellable,
374 &error);
375
376 if (error)
377 g_simple_async_result_take_error (res, error);
378 }
379
380 static void
381 g_tls_database_real_lookup_certificates_issued_by_async (GTlsDatabase *self,
382 GByteArray *issuer,
383 GTlsInteraction *interaction,
384 GTlsDatabaseLookupFlags flags,
385 GCancellable *cancellable,
386 GAsyncReadyCallback callback,
387 gpointer user_data)
388 {
389 GSimpleAsyncResult *res;
390 AsyncLookupCertificatesIssuedBy *args;
391
392 args = g_slice_new0 (AsyncLookupCertificatesIssuedBy);
393 args->issuer = g_byte_array_ref (issuer);
394 args->flags = flags;
395 args->interaction = interaction ? g_object_ref (interaction) : NULL;
396
397 res = g_simple_async_result_new (G_OBJECT (self), callback, user_data,
398 g_tls_database_real_lookup_certificates_issued_by_async);
399 g_simple_async_result_set_op_res_gpointer (res, args, async_lookup_certificates_issued_by_free);
400 g_simple_async_result_run_in_thread (res, async_lookup_certificates_issued_by_thread,
401 G_PRIORITY_DEFAULT, cancellable);
402 g_object_unref (res);
403 }
404
405 static GList*
406 g_tls_database_real_lookup_certificates_issued_by_finish (GTlsDatabase *self,
407 GAsyncResult *result,
408 GError **error)
409 {
410 AsyncLookupCertificatesIssuedBy *args;
411 GList *results;
412
413 g_return_val_if_fail (G_IS_SIMPLE_ASYNC_RESULT (result), NULL);
414 g_return_val_if_fail (g_simple_async_result_is_valid (result, G_OBJECT (self),
415 g_tls_database_real_lookup_certificates_issued_by_async), FALSE);
416
417 if (g_simple_async_result_propagate_error (G_SIMPLE_ASYNC_RESULT (result), error))
418 return NULL;
419
420 args = g_simple_async_result_get_op_res_gpointer (G_SIMPLE_ASYNC_RESULT (result));
421 results = args->results;
422 args->results = NULL;
423 return results;
424 }
425
426 static void
427 g_tls_database_class_init (GTlsDatabaseClass *klass)
428 {
429 klass->verify_chain_async = g_tls_database_real_verify_chain_async;
430 klass->verify_chain_finish = g_tls_database_real_verify_chain_finish;
431 klass->lookup_certificate_for_handle_async = g_tls_database_real_lookup_certificate_for_handle_async;
432 klass->lookup_certificate_for_handle_finish = g_tls_database_real_lookup_certificate_for_handle_finish;
433 klass->lookup_certificate_issuer_async = g_tls_database_real_lookup_certificate_issuer_async;
434 klass->lookup_certificate_issuer_finish = g_tls_database_real_lookup_certificate_issuer_finish;
435 klass->lookup_certificates_issued_by_async = g_tls_database_real_lookup_certificates_issued_by_async;
436 klass->lookup_certificates_issued_by_finish = g_tls_database_real_lookup_certificates_issued_by_finish;
437 }
438
439 /**
440 * g_tls_database_verify_chain:
441 * @self: a #GTlsDatabase
442 * @chain: a #GTlsCertificate chain
443 * @purpose: the purpose that this certificate chain will be used for.
444 * @identity: (allow-none): the expected peer identity
445 * @interaction: (allow-none): used to interact with the user if necessary
446 * @flags: additional verify flags
447 * @cancellable: (allow-none): a #GCancellable, or %NULL
448 * @error: (allow-none): a #GError, or %NULL
449 *
450 * Verify's a certificate chain after looking up and adding any missing
451 * certificates to the chain.
452 *
453 * @chain is a chain of #GTlsCertificate objects each pointing to the next
454 * certificate in the chain by its %issuer property. The chain may initially
455 * consist of one or more certificates. After the verification process is
456 * complete, @chain may be modified by adding missing certificates, or removing
457 * extra certificates. If a certificate anchor was found, then it is added to
458 * the @chain.
459 *
460 * @purpose describes the purpose (or usage) for which the certificate
461 * is being used. Typically @purpose will be set to #G_TLS_DATABASE_PURPOSE_AUTHENTICATE_SERVER
462 * which means that the certificate is being used to authenticate a server
463 * (and we are acting as the client).
464 *
465 * The @identity is used to check for pinned certificates (trust exceptions)
466 * in the database. These will override the normal verification process on a
467 * host by host basis.
468 *
469 * Currently there are no @flags, and %G_TLS_DATABASE_VERIFY_NONE should be
470 * used.
471 *
472 * This function can block, use g_tls_database_verify_chain_async() to perform
473 * the verification operation asynchronously.
474 *
475 * Return value: the appropriate #GTlsCertificateFlags which represents the
476 * result of verification.
477 *
478 * Since: 2.30
479 */
480 GTlsCertificateFlags
481 g_tls_database_verify_chain (GTlsDatabase *self,
482 GTlsCertificate *chain,
483 const gchar *purpose,
484 GSocketConnectable *identity,
485 GTlsInteraction *interaction,
486 GTlsDatabaseVerifyFlags flags,
487 GCancellable *cancellable,
488 GError **error)
489 {
490 g_return_val_if_fail (G_IS_TLS_DATABASE (self), G_TLS_CERTIFICATE_GENERIC_ERROR);
491 g_return_val_if_fail (G_IS_TLS_DATABASE (self),
492 G_TLS_CERTIFICATE_GENERIC_ERROR);
493 g_return_val_if_fail (G_IS_TLS_CERTIFICATE (chain),
494 G_TLS_CERTIFICATE_GENERIC_ERROR);
495 g_return_val_if_fail (purpose, G_TLS_CERTIFICATE_GENERIC_ERROR);
496 g_return_val_if_fail (interaction == NULL || G_IS_TLS_INTERACTION (interaction),
497 G_TLS_CERTIFICATE_GENERIC_ERROR);
498 g_return_val_if_fail (identity == NULL || G_IS_SOCKET_CONNECTABLE (identity),
499 G_TLS_CERTIFICATE_GENERIC_ERROR);
500 g_return_val_if_fail (error == NULL || *error == NULL, G_TLS_CERTIFICATE_GENERIC_ERROR);
501
502 g_return_val_if_fail (G_TLS_DATABASE_GET_CLASS (self)->verify_chain,
503 G_TLS_CERTIFICATE_GENERIC_ERROR);
504
505 return G_TLS_DATABASE_GET_CLASS (self)->verify_chain (self,
506 chain,
507 purpose,
508 identity,
509 interaction,
510 flags,
511 cancellable,
512 error);
513 }
514
515 /**
516 * g_tls_database_verify_chain_async:
517 * @self: a #GTlsDatabase
518 * @chain: a #GTlsCertificate chain
519 * @purpose: the purpose that this certificate chain will be used for.
520 * @identity: (allow-none): the expected peer identity
521 * @interaction: (allow-none): used to interact with the user if necessary
522 * @flags: additional verify flags
523 * @cancellable: (allow-none): a #GCancellable, or %NULL
524 * @callback: callback to call when the operation completes
525 * @user_data: the data to pass to the callback function
526 *
527 * Asynchronously verify's a certificate chain after looking up and adding
528 * any missing certificates to the chain. See g_tls_database_verify_chain()
529 * for more information.
530 *
531 * Since: 2.30
532 */
533 void
534 g_tls_database_verify_chain_async (GTlsDatabase *self,
535 GTlsCertificate *chain,
536 const gchar *purpose,
537 GSocketConnectable *identity,
538 GTlsInteraction *interaction,
539 GTlsDatabaseVerifyFlags flags,
540 GCancellable *cancellable,
541 GAsyncReadyCallback callback,
542 gpointer user_data)
543 {
544 g_return_if_fail (G_IS_TLS_DATABASE (self));
545 g_return_if_fail (G_IS_TLS_CERTIFICATE (chain));
546 g_return_if_fail (purpose != NULL);
547 g_return_if_fail (interaction == NULL || G_IS_TLS_INTERACTION (interaction));
548 g_return_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable));
549 g_return_if_fail (identity == NULL || G_IS_SOCKET_CONNECTABLE (identity));
550 g_return_if_fail (callback != NULL);
551
552 g_return_if_fail (G_TLS_DATABASE_GET_CLASS (self)->verify_chain_async);
553 G_TLS_DATABASE_GET_CLASS (self)->verify_chain_async (self,
554 chain,
555 purpose,
556 identity,
557 interaction,
558 flags,
559 cancellable,
560 callback,
561 user_data);
562 }
563
564 /**
565 * g_tls_database_verify_chain_finish:
566 * @self: a #GTlsDatabase
567 * @result: a #GAsyncResult.
568 * @error: a #GError pointer, or %NULL
569 *
570 * Finish an asynchronous verify chain operation. See
571 * g_tls_database_verify_chain() for more information. *
572 * Return value: the appropriate #GTlsCertificateFlags which represents the
573 * result of verification.
574 *
575 * Since: 2.30
576 */
577 GTlsCertificateFlags
578 g_tls_database_verify_chain_finish (GTlsDatabase *self,
579 GAsyncResult *result,
580 GError **error)
581 {
582 g_return_val_if_fail (G_IS_TLS_DATABASE (self), G_TLS_CERTIFICATE_GENERIC_ERROR);
583 g_return_val_if_fail (G_IS_ASYNC_RESULT (result), G_TLS_CERTIFICATE_GENERIC_ERROR);
584 g_return_val_if_fail (error == NULL || *error == NULL, G_TLS_CERTIFICATE_GENERIC_ERROR);
585 g_return_val_if_fail (G_TLS_DATABASE_GET_CLASS (self)->verify_chain_finish,
586 G_TLS_CERTIFICATE_GENERIC_ERROR);
587 return G_TLS_DATABASE_GET_CLASS (self)->verify_chain_finish (self,
588 result,
589 error);
590 }
591
592 /**
593 * g_tls_database_create_certificate_handle:
594 * @self: a #GTlsDatabase
595 * @certificate: certificate for which to create a handle.
596 *
597 * Create a handle string for the certificate. The database will only be able
598 * to create a handle for certificates that originate from the database. In
599 * cases where the database cannot create a handle for a certificate, %NULL
600 * will be returned.
601 *
602 * This handle should be stable across various instances of the application,
603 * and between applications. If a certificate is modified in the database,
604 * then it is not guaranteed that this handle will continue to point to it.
605 *
606 * Returns: (allow-none): a newly allocated string containing the handle.
607 * Since: 2.30
608 */
609 gchar*
610 g_tls_database_create_certificate_handle (GTlsDatabase *self,
611 GTlsCertificate *certificate)
612 {
613 g_return_val_if_fail (G_IS_TLS_DATABASE (self), NULL);
614 g_return_val_if_fail (G_IS_TLS_CERTIFICATE (certificate), NULL);
615 g_return_val_if_fail (G_TLS_DATABASE_GET_CLASS (self)->create_certificate_handle, NULL);
616 return G_TLS_DATABASE_GET_CLASS (self)->create_certificate_handle (self,
617 certificate);
618 }
619
620 /**
621 * g_tls_database_lookup_certificate_for_handle:
622 * @self: a #GTlsDatabase
623 * @handle: a certificate handle
624 * @interaction: (allow-none): used to interact with the user if necessary
625 * @flags: Flags which affect the lookup.
626 * @cancellable: (allow-none): a #GCancellable, or %NULL
627 * @error: (allow-none): a #GError, or %NULL
628 *
629 * Lookup a certificate by its handle.
630 *
631 * The handle should have been created by calling
632 * g_tls_database_create_certificate_handle() on a #GTlsDatabase object of
633 * the same TLS backend. The handle is designed to remain valid across
634 * instantiations of the database.
635 *
636 * If the handle is no longer valid, or does not point to a certificate in
637 * this database, then %NULL will be returned.
638 *
639 * This function can block, use g_tls_database_lookup_certificate_for_handle_async() to perform
640 * the lookup operation asynchronously.
641 *
642 * Return value: (transfer full) (allow-none): a newly allocated
643 * #GTlsCertificate, or %NULL. Use g_object_unref() to release the certificate.
644 *
645 * Since: 2.30
646 */
647 GTlsCertificate*
648 g_tls_database_lookup_certificate_for_handle (GTlsDatabase *self,
649 const gchar *handle,
650 GTlsInteraction *interaction,
651 GTlsDatabaseLookupFlags flags,
652 GCancellable *cancellable,
653 GError **error)
654 {
655 g_return_val_if_fail (G_IS_TLS_DATABASE (self), NULL);
656 g_return_val_if_fail (handle != NULL, NULL);
657 g_return_val_if_fail (interaction == NULL || G_IS_TLS_INTERACTION (interaction), NULL);
658 g_return_val_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable), NULL);
659 g_return_val_if_fail (error == NULL || *error == NULL, NULL);
660 g_return_val_if_fail (G_TLS_DATABASE_GET_CLASS (self)->lookup_certificate_for_handle, NULL);
661 return G_TLS_DATABASE_GET_CLASS (self)->lookup_certificate_for_handle (self,
662 handle,
663 interaction,
664 flags,
665 cancellable,
666 error);
667 }
668
669
670 /**
671 * g_tls_database_lookup_certificate_for_handle_async:
672 * @self: a #GTlsDatabase
673 * @handle: a certificate handle
674 * @interaction: (allow-none): used to interact with the user if necessary
675 * @flags: Flags which affect the lookup.
676 * @cancellable: (allow-none): a #GCancellable, or %NULL
677 * @callback: callback to call when the operation completes
678 * @user_data: the data to pass to the callback function
679 *
680 * Asynchronously lookup a certificate by its handle in the database. See
681 * g_tls_database_lookup_certificate_for_handle() for more information.
682 *
683 * Since: 2.30
684 */
685 void
686 g_tls_database_lookup_certificate_for_handle_async (GTlsDatabase *self,
687 const gchar *handle,
688 GTlsInteraction *interaction,
689 GTlsDatabaseLookupFlags flags,
690 GCancellable *cancellable,
691 GAsyncReadyCallback callback,
692 gpointer user_data)
693 {
694 g_return_if_fail (G_IS_TLS_DATABASE (self));
695 g_return_if_fail (handle != NULL);
696 g_return_if_fail (interaction == NULL || G_IS_TLS_INTERACTION (interaction));
697 g_return_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable));
698 g_return_if_fail (G_TLS_DATABASE_GET_CLASS (self)->lookup_certificate_for_handle_async);
699 G_TLS_DATABASE_GET_CLASS (self)->lookup_certificate_for_handle_async (self,
700 handle,
701 interaction,
702 flags,
703 cancellable,
704 callback,
705 user_data);
706 }
707
708 /**
709 * g_tls_database_lookup_certificate_for_handle_finish:
710 * @self: a #GTlsDatabase
711 * @result: a #GAsyncResult.
712 * @error: a #GError pointer, or %NULL
713 *
714 * Finish an asynchronous lookup of a certificate by its handle. See
715 * g_tls_database_lookup_certificate_handle() for more information.
716 *
717 * If the handle is no longer valid, or does not point to a certificate in
718 * this database, then %NULL will be returned.
719 *
720 * Return value: (transfer full): a newly allocated #GTlsCertificate object.
721 * Use g_object_unref() to release the certificate.
722 *
723 * Since: 2.30
724 */
725 GTlsCertificate*
726 g_tls_database_lookup_certificate_for_handle_finish (GTlsDatabase *self,
727 GAsyncResult *result,
728 GError **error)
729 {
730 g_return_val_if_fail (G_IS_TLS_DATABASE (self), NULL);
731 g_return_val_if_fail (G_IS_ASYNC_RESULT (result), NULL);
732 g_return_val_if_fail (error == NULL || *error == NULL, NULL);
733 g_return_val_if_fail (G_TLS_DATABASE_GET_CLASS (self)->lookup_certificate_for_handle_finish, NULL);
734 return G_TLS_DATABASE_GET_CLASS (self)->lookup_certificate_for_handle_finish (self,
735 result,
736 error);
737 }
738
739 /**
740 * g_tls_database_lookup_certificate_issuer:
741 * @self: a #GTlsDatabase
742 * @certificate: a #GTlsCertificate
743 * @interaction: (allow-none): used to interact with the user if necessary
744 * @flags: flags which affect the lookup operation
745 * @cancellable: (allow-none): a #GCancellable, or %NULL
746 * @error: (allow-none): a #GError, or %NULL
747 *
748 * Lookup the issuer of @certificate in the database.
749 *
750 * The %issuer property
751 * of @certificate is not modified, and the two certificates are not hooked
752 * into a chain.
753 *
754 * This function can block, use g_tls_database_lookup_certificate_issuer_async() to perform
755 * the lookup operation asynchronously.
756 *
757 * Return value: (transfer full): a newly allocated issuer #GTlsCertificate,
758 * or %NULL. Use g_object_unref() to release the certificate.
759 *
760 * Since: 2.30
761 */
762 GTlsCertificate*
763 g_tls_database_lookup_certificate_issuer (GTlsDatabase *self,
764 GTlsCertificate *certificate,
765 GTlsInteraction *interaction,
766 GTlsDatabaseLookupFlags flags,
767 GCancellable *cancellable,
768 GError **error)
769 {
770 g_return_val_if_fail (G_IS_TLS_DATABASE (self), NULL);
771 g_return_val_if_fail (G_IS_TLS_CERTIFICATE (certificate), NULL);
772 g_return_val_if_fail (interaction == NULL || G_IS_TLS_INTERACTION (interaction), NULL);
773 g_return_val_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable), NULL);
774 g_return_val_if_fail (error == NULL || *error == NULL, NULL);
775 g_return_val_if_fail (G_TLS_DATABASE_GET_CLASS (self)->lookup_certificate_issuer, NULL);
776 return G_TLS_DATABASE_GET_CLASS (self)->lookup_certificate_issuer (self,
777 certificate,
778 interaction,
779 flags,
780 cancellable,
781 error);
782 }
783
784 /**
785 * g_tls_database_lookup_certificate_issuer_async:
786 * @self: a #GTlsDatabase
787 * @certificate: a #GTlsCertificate
788 * @interaction: (allow-none): used to interact with the user if necessary
789 * @flags: flags which affect the lookup operation
790 * @cancellable: (allow-none): a #GCancellable, or %NULL
791 * @callback: callback to call when the operation completes
792 * @user_data: the data to pass to the callback function
793 *
794 * Asynchronously lookup the issuer of @certificate in the database. See
795 * g_tls_database_lookup_certificate_issuer() for more information.
796 *
797 * Since: 2.30
798 */
799 void
800 g_tls_database_lookup_certificate_issuer_async (GTlsDatabase *self,
801 GTlsCertificate *certificate,
802 GTlsInteraction *interaction,
803 GTlsDatabaseLookupFlags flags,
804 GCancellable *cancellable,
805 GAsyncReadyCallback callback,
806 gpointer user_data)
807 {
808 g_return_if_fail (G_IS_TLS_DATABASE (self));
809 g_return_if_fail (G_IS_TLS_CERTIFICATE (certificate));
810 g_return_if_fail (interaction == NULL || G_IS_TLS_INTERACTION (interaction));
811 g_return_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable));
812 g_return_if_fail (callback != NULL);
813 g_return_if_fail (G_TLS_DATABASE_GET_CLASS (self)->lookup_certificate_issuer_async);
814 G_TLS_DATABASE_GET_CLASS (self)->lookup_certificate_issuer_async (self,
815 certificate,
816 interaction,
817 flags,
818 cancellable,
819 callback,
820 user_data);
821 }
822
823 /**
824 * g_tls_database_lookup_certificate_issuer_finish:
825 * @self: a #GTlsDatabase
826 * @result: a #GAsyncResult.
827 * @error: a #GError pointer, or %NULL
828 *
829 * Finish an asynchronous lookup issuer operation. See
830 * g_tls_database_lookup_certificate_issuer() for more information.
831 *
832 * Return value: (transfer full): a newly allocated issuer #GTlsCertificate,
833 * or %NULL. Use g_object_unref() to release the certificate.
834 *
835 * Since: 2.30
836 */
837 GTlsCertificate*
838 g_tls_database_lookup_certificate_issuer_finish (GTlsDatabase *self,
839 GAsyncResult *result,
840 GError **error)
841 {
842 g_return_val_if_fail (G_IS_TLS_DATABASE (self), NULL);
843 g_return_val_if_fail (G_IS_ASYNC_RESULT (result), NULL);
844 g_return_val_if_fail (error == NULL || *error == NULL, NULL);
845 g_return_val_if_fail (G_TLS_DATABASE_GET_CLASS (self)->lookup_certificate_issuer_finish, NULL);
846 return G_TLS_DATABASE_GET_CLASS (self)->lookup_certificate_issuer_finish (self,
847 result,
848 error);
849 }
850
851 /**
852 * g_tls_database_lookup_certificates_issued_by:
853 * @self: a #GTlsDatabase
854 * @issuer_raw_dn: a #GByteArray which holds the DER encoded issuer DN.
855 * @interaction: (allow-none): used to interact with the user if necessary
856 * @flags: Flags which affect the lookup operation.
857 * @cancellable: (allow-none): a #GCancellable, or %NULL
858 * @error: (allow-none): a #GError, or %NULL
859 *
860 * Lookup certificates issued by this issuer in the database.
861 *
862 * This function can block, use g_tls_database_lookup_certificates_issued_by_async() to perform
863 * the lookup operation asynchronously.
864 *
865 * Return value: (transfer full) (element-type GTlsCertificate): a newly allocated list of #GTlsCertificate
866 * objects. Use g_object_unref() on each certificate, and g_list_free() on the release the list.
867 *
868 * Since: 2.30
869 */
870 GList*
871 g_tls_database_lookup_certificates_issued_by (GTlsDatabase *self,
872 GByteArray *issuer_raw_dn,
873 GTlsInteraction *interaction,
874 GTlsDatabaseLookupFlags flags,
875 GCancellable *cancellable,
876 GError **error)
877 {
878 g_return_val_if_fail (G_IS_TLS_DATABASE (self), NULL);
879 g_return_val_if_fail (issuer_raw_dn, NULL);
880 g_return_val_if_fail (interaction == NULL || G_IS_TLS_INTERACTION (interaction), NULL);
881 g_return_val_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable), NULL);
882 g_return_val_if_fail (error == NULL || *error == NULL, NULL);
883 g_return_val_if_fail (G_TLS_DATABASE_GET_CLASS (self)->lookup_certificates_issued_by, NULL);
884 return G_TLS_DATABASE_GET_CLASS (self)->lookup_certificates_issued_by (self,
885 issuer_raw_dn,
886 interaction,
887 flags,
888 cancellable,
889 error);
890 }
891
892 /**
893 * g_tls_database_lookup_certificates_issued_by_async:
894 * @self: a #GTlsDatabase
895 * @issuer_raw_dn: a #GByteArray which holds the DER encoded issuer DN.
896 * @interaction: (allow-none): used to interact with the user if necessary
897 * @flags: Flags which affect the lookup operation.
898 * @cancellable: (allow-none): a #GCancellable, or %NULL
899 * @callback: callback to call when the operation completes
900 * @user_data: the data to pass to the callback function
901 *
902 * Asynchronously lookup certificates issued by this issuer in the database. See
903 * g_tls_database_lookup_certificates_issued_by() for more information.
904 *
905 * The database may choose to hold a reference to the issuer byte array for the duration
906 * of of this asynchronous operation. The byte array should not be modified during
907 * this time.
908 *
909 * Since: 2.30
910 */
911 void
912 g_tls_database_lookup_certificates_issued_by_async (GTlsDatabase *self,
913 GByteArray *issuer_raw_dn,
914 GTlsInteraction *interaction,
915 GTlsDatabaseLookupFlags flags,
916 GCancellable *cancellable,
917 GAsyncReadyCallback callback,
918 gpointer user_data)
919 {
920 g_return_if_fail (G_IS_TLS_DATABASE (self));
921 g_return_if_fail (issuer_raw_dn != NULL);
922 g_return_if_fail (interaction == NULL || G_IS_TLS_INTERACTION (interaction));
923 g_return_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable));
924 g_return_if_fail (callback != NULL);
925 g_return_if_fail (G_TLS_DATABASE_GET_CLASS (self)->lookup_certificates_issued_by_async);
926 G_TLS_DATABASE_GET_CLASS (self)->lookup_certificates_issued_by_async (self,
927 issuer_raw_dn,
928 interaction,
929 flags,
930 cancellable,
931 callback,
932 user_data);
933 }
934
935 /**
936 * g_tls_database_lookup_certificates_issued_by_finish:
937 * @self: a #GTlsDatabase
938 * @result: a #GAsyncResult.
939 * @error: a #GError pointer, or %NULL
940 *
941 * Finish an asynchronous lookup of certificates. See
942 * g_tls_database_lookup_certificates_issued_by() for more information.
943 *
944 * Return value: (transfer full): a newly allocated list of #GTlsCertificate objects.
945 * Use g_object_unref() on each certificate, and g_list_free() on the release the list.
946 *
947 * Since: 2.30
948 */
949 GList*
950 g_tls_database_lookup_certificates_issued_by_finish (GTlsDatabase *self,
951 GAsyncResult *result,
952 GError **error)
953 {
954 g_return_val_if_fail (G_IS_TLS_DATABASE (self), NULL);
955 g_return_val_if_fail (G_IS_ASYNC_RESULT (result), NULL);
956 g_return_val_if_fail (error == NULL || *error == NULL, NULL);
957 g_return_val_if_fail (G_TLS_DATABASE_GET_CLASS (self)->lookup_certificates_issued_by_finish, NULL);
958 return G_TLS_DATABASE_GET_CLASS (self)->lookup_certificates_issued_by_finish (self,
959 result,
960 error);
961 }
glib mirror