1 /* GIO - GLib Input, Output and Streaming Library
3 * Copyright (C) 2010 Collabora, Ltd.
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2 of the License, or (at your option) any later version.
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
15 * You should have received a copy of the GNU Lesser General
16 * Public License along with this library; if not, write to the
17 * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
18 * Boston, MA 02111-1307, USA.
20 * Author: Stef Walter <stefw@collabora.co.uk>
25 #include "gtlsdatabase.h"
27 #include "gasyncresult.h"
28 #include "gcancellable.h"
30 #include "gsimpleasyncresult.h"
31 #include "gsocketconnectable.h"
32 #include "gtlscertificate.h"
33 #include "gtlsinteraction.h"
36 * SECTION:gtlsdatabase
37 * @short_description: TLS database type
40 * #GTlsDatabase is used to lookup certificates and other information
41 * from a certificate or key store. It is an abstract base class which
42 * TLS library specific subtypes override.
44 * Most common client applications will not directly interact with
45 * #GTlsDatabase. It is used internally by #GTlsConnection.
53 * Abstract base class for the backend-specific database types.
58 G_DEFINE_ABSTRACT_TYPE (GTlsDatabase
, g_tls_database
, G_TYPE_OBJECT
);
67 * G_TLS_DATABASE_PURPOSE_AUTHENTICATE_SERVER:
69 * The purpose used to verify the server certificate in a TLS connection. This
70 * is the most common purpose in use. Used by TLS clients.
74 * G_TLS_DATABASE_PURPOSE_AUTHENTICATE_CLIENT:
76 * The purpose used to verify the client certificate in a TLS connection.
77 * Used by TLS servers.
81 g_tls_database_init (GTlsDatabase
*cert
)
86 typedef struct _AsyncVerifyChain
{
87 GTlsCertificate
*chain
;
89 GSocketConnectable
*identity
;
90 GTlsInteraction
*interaction
;
91 GTlsDatabaseVerifyFlags flags
;
92 GTlsCertificateFlags verify_result
;
96 async_verify_chain_free (gpointer data
)
98 AsyncVerifyChain
*args
= data
;
99 g_clear_object (&args
->chain
);
100 g_free (args
->purpose
);
101 g_clear_object (&args
->identity
);
102 g_clear_object (&args
->interaction
);
103 g_slice_free (AsyncVerifyChain
, args
);
107 async_verify_chain_thread (GSimpleAsyncResult
*res
,
109 GCancellable
*cancellable
)
111 AsyncVerifyChain
*args
= g_simple_async_result_get_op_res_gpointer (res
);
112 GError
*error
= NULL
;
114 args
->verify_result
= g_tls_database_verify_chain (G_TLS_DATABASE (object
),
124 g_simple_async_result_take_error (res
, error
);
128 g_tls_database_real_verify_chain_async (GTlsDatabase
*self
,
129 GTlsCertificate
*chain
,
130 const gchar
*purpose
,
131 GSocketConnectable
*identity
,
132 GTlsInteraction
*interaction
,
133 GTlsDatabaseVerifyFlags flags
,
134 GCancellable
*cancellable
,
135 GAsyncReadyCallback callback
,
138 GSimpleAsyncResult
*res
;
139 AsyncVerifyChain
*args
;
141 args
= g_slice_new0 (AsyncVerifyChain
);
142 args
->chain
= g_object_ref (chain
);
143 args
->purpose
= g_strdup (purpose
);
144 args
->identity
= identity
? g_object_ref (identity
) : NULL
;
145 args
->interaction
= interaction
? g_object_ref (interaction
) : NULL
;
148 res
= g_simple_async_result_new (G_OBJECT (self
), callback
, user_data
,
149 g_tls_database_real_verify_chain_async
);
150 g_simple_async_result_set_op_res_gpointer (res
, args
, async_verify_chain_free
);
151 g_simple_async_result_run_in_thread (res
, async_verify_chain_thread
,
152 G_PRIORITY_DEFAULT
, cancellable
);
153 g_object_unref (res
);
156 static GTlsCertificateFlags
157 g_tls_database_real_verify_chain_finish (GTlsDatabase
*self
,
158 GAsyncResult
*result
,
161 AsyncVerifyChain
*args
;
163 g_return_val_if_fail (G_IS_SIMPLE_ASYNC_RESULT (result
), G_TLS_CERTIFICATE_GENERIC_ERROR
);
164 g_return_val_if_fail (g_simple_async_result_is_valid (result
, G_OBJECT (self
),
165 g_tls_database_real_verify_chain_async
), FALSE
);
167 if (g_simple_async_result_propagate_error (G_SIMPLE_ASYNC_RESULT (result
), error
))
168 return G_TLS_CERTIFICATE_GENERIC_ERROR
;
170 args
= g_simple_async_result_get_op_res_gpointer (G_SIMPLE_ASYNC_RESULT (result
));
171 return args
->verify_result
;
176 GTlsInteraction
*interaction
;
177 GTlsDatabaseLookupFlags flags
;
178 GTlsCertificate
*result
;
179 } AsyncLookupCertificateForHandle
;
182 async_lookup_certificate_for_handle_free (gpointer data
)
184 AsyncLookupCertificateForHandle
*args
= data
;
186 g_free (args
->handle
);
187 g_clear_object (&args
->interaction
);
188 g_clear_object (&args
->result
);
189 g_slice_free (AsyncLookupCertificateForHandle
, args
);
193 async_lookup_certificate_for_handle_thread (GSimpleAsyncResult
*res
,
195 GCancellable
*cancellable
)
197 AsyncLookupCertificateForHandle
*args
= g_simple_async_result_get_op_res_gpointer (res
);
198 GError
*error
= NULL
;
200 args
->result
= g_tls_database_lookup_certificate_for_handle (G_TLS_DATABASE (object
),
208 g_simple_async_result_take_error (res
, error
);
212 g_tls_database_real_lookup_certificate_for_handle_async (GTlsDatabase
*self
,
214 GTlsInteraction
*interaction
,
215 GTlsDatabaseLookupFlags flags
,
216 GCancellable
*cancellable
,
217 GAsyncReadyCallback callback
,
220 GSimpleAsyncResult
*res
;
221 AsyncLookupCertificateForHandle
*args
;
223 g_return_if_fail (callback
!= NULL
);
225 args
= g_slice_new0 (AsyncLookupCertificateForHandle
);
226 args
->handle
= g_strdup (handle
);
227 args
->interaction
= interaction
? g_object_ref (interaction
) : NULL
;
229 res
= g_simple_async_result_new (G_OBJECT (self
), callback
, user_data
,
230 g_tls_database_real_lookup_certificate_for_handle_async
);
231 g_simple_async_result_set_op_res_gpointer (res
, args
, async_lookup_certificate_for_handle_free
);
232 g_simple_async_result_run_in_thread (res
, async_lookup_certificate_for_handle_thread
,
233 G_PRIORITY_DEFAULT
, cancellable
);
234 g_object_unref (res
);
237 static GTlsCertificate
*
238 g_tls_database_real_lookup_certificate_for_handle_finish (GTlsDatabase
*self
,
239 GAsyncResult
*result
,
242 AsyncLookupCertificateForHandle
*args
;
243 GTlsCertificate
*certificate
;
245 g_return_val_if_fail (G_IS_SIMPLE_ASYNC_RESULT (result
), NULL
);
246 g_return_val_if_fail (g_simple_async_result_is_valid (result
, G_OBJECT (self
),
247 g_tls_database_real_lookup_certificate_for_handle_async
), FALSE
);
249 if (g_simple_async_result_propagate_error (G_SIMPLE_ASYNC_RESULT (result
), error
))
252 args
= g_simple_async_result_get_op_res_gpointer (G_SIMPLE_ASYNC_RESULT (result
));
253 certificate
= args
->result
;
260 GTlsCertificate
*certificate
;
261 GTlsInteraction
*interaction
;
262 GTlsDatabaseLookupFlags flags
;
263 GTlsCertificate
*issuer
;
264 } AsyncLookupCertificateIssuer
;
267 async_lookup_certificate_issuer_free (gpointer data
)
269 AsyncLookupCertificateIssuer
*args
= data
;
271 g_clear_object (&args
->certificate
);
272 g_clear_object (&args
->interaction
);
273 g_clear_object (&args
->issuer
);
274 g_slice_free (AsyncLookupCertificateIssuer
, args
);
278 async_lookup_certificate_issuer_thread (GSimpleAsyncResult
*res
,
280 GCancellable
*cancellable
)
282 AsyncLookupCertificateIssuer
*args
= g_simple_async_result_get_op_res_gpointer (res
);
283 GError
*error
= NULL
;
285 args
->issuer
= g_tls_database_lookup_certificate_issuer (G_TLS_DATABASE (object
),
293 g_simple_async_result_take_error (res
, error
);
297 g_tls_database_real_lookup_certificate_issuer_async (GTlsDatabase
*self
,
298 GTlsCertificate
*certificate
,
299 GTlsInteraction
*interaction
,
300 GTlsDatabaseLookupFlags flags
,
301 GCancellable
*cancellable
,
302 GAsyncReadyCallback callback
,
305 GSimpleAsyncResult
*res
;
306 AsyncLookupCertificateIssuer
*args
;
308 g_return_if_fail (G_IS_TLS_CERTIFICATE (certificate
));
309 g_return_if_fail (callback
!= NULL
);
311 args
= g_slice_new0 (AsyncLookupCertificateIssuer
);
312 args
->certificate
= g_object_ref (certificate
);
314 args
->interaction
= interaction
? g_object_ref (interaction
) : NULL
;
316 res
= g_simple_async_result_new (G_OBJECT (self
), callback
, user_data
,
317 g_tls_database_real_lookup_certificate_issuer_async
);
318 g_simple_async_result_set_op_res_gpointer (res
, args
, async_lookup_certificate_issuer_free
);
319 g_simple_async_result_run_in_thread (res
, async_lookup_certificate_issuer_thread
,
320 G_PRIORITY_DEFAULT
, cancellable
);
321 g_object_unref (res
);
324 static GTlsCertificate
*
325 g_tls_database_real_lookup_certificate_issuer_finish (GTlsDatabase
*self
,
326 GAsyncResult
*result
,
329 AsyncLookupCertificateIssuer
*args
;
330 GTlsCertificate
*issuer
;
332 g_return_val_if_fail (G_IS_SIMPLE_ASYNC_RESULT (result
), NULL
);
333 g_return_val_if_fail (g_simple_async_result_is_valid (result
, G_OBJECT (self
),
334 g_tls_database_real_lookup_certificate_issuer_async
), FALSE
);
336 if (g_simple_async_result_propagate_error (G_SIMPLE_ASYNC_RESULT (result
), error
))
339 args
= g_simple_async_result_get_op_res_gpointer (G_SIMPLE_ASYNC_RESULT (result
));
340 issuer
= args
->issuer
;
347 GTlsInteraction
*interaction
;
348 GTlsDatabaseLookupFlags flags
;
350 } AsyncLookupCertificatesIssuedBy
;
353 async_lookup_certificates_issued_by_free (gpointer data
)
355 AsyncLookupCertificatesIssuedBy
*args
= data
;
358 g_byte_array_unref (args
->issuer
);
359 g_clear_object (&args
->interaction
);
360 for (l
= args
->results
; l
; l
= g_list_next (l
))
361 g_object_unref (l
->data
);
362 g_list_free (args
->results
);
363 g_slice_free (AsyncLookupCertificatesIssuedBy
, args
);
367 async_lookup_certificates_issued_by_thread (GSimpleAsyncResult
*res
,
369 GCancellable
*cancellable
)
371 AsyncLookupCertificatesIssuedBy
*args
= g_simple_async_result_get_op_res_gpointer (res
);
372 GError
*error
= NULL
;
374 args
->results
= g_tls_database_lookup_certificates_issued_by (G_TLS_DATABASE (object
),
382 g_simple_async_result_take_error (res
, error
);
386 g_tls_database_real_lookup_certificates_issued_by_async (GTlsDatabase
*self
,
388 GTlsInteraction
*interaction
,
389 GTlsDatabaseLookupFlags flags
,
390 GCancellable
*cancellable
,
391 GAsyncReadyCallback callback
,
394 GSimpleAsyncResult
*res
;
395 AsyncLookupCertificatesIssuedBy
*args
;
397 g_return_if_fail (callback
);
399 args
= g_slice_new0 (AsyncLookupCertificatesIssuedBy
);
400 args
->issuer
= g_byte_array_ref (issuer
);
402 args
->interaction
= interaction
? g_object_ref (interaction
) : NULL
;
404 res
= g_simple_async_result_new (G_OBJECT (self
), callback
, user_data
,
405 g_tls_database_real_lookup_certificates_issued_by_async
);
406 g_simple_async_result_set_op_res_gpointer (res
, args
, async_lookup_certificates_issued_by_free
);
407 g_simple_async_result_run_in_thread (res
, async_lookup_certificates_issued_by_thread
,
408 G_PRIORITY_DEFAULT
, cancellable
);
409 g_object_unref (res
);
413 g_tls_database_real_lookup_certificates_issued_by_finish (GTlsDatabase
*self
,
414 GAsyncResult
*result
,
417 AsyncLookupCertificatesIssuedBy
*args
;
420 g_return_val_if_fail (G_IS_SIMPLE_ASYNC_RESULT (result
), NULL
);
421 g_return_val_if_fail (g_simple_async_result_is_valid (result
, G_OBJECT (self
),
422 g_tls_database_real_lookup_certificates_issued_by_async
), FALSE
);
424 if (g_simple_async_result_propagate_error (G_SIMPLE_ASYNC_RESULT (result
), error
))
427 args
= g_simple_async_result_get_op_res_gpointer (G_SIMPLE_ASYNC_RESULT (result
));
428 results
= args
->results
;
429 args
->results
= NULL
;
434 g_tls_database_class_init (GTlsDatabaseClass
*klass
)
436 klass
->verify_chain_async
= g_tls_database_real_verify_chain_async
;
437 klass
->verify_chain_finish
= g_tls_database_real_verify_chain_finish
;
438 klass
->lookup_certificate_for_handle_async
= g_tls_database_real_lookup_certificate_for_handle_async
;
439 klass
->lookup_certificate_for_handle_finish
= g_tls_database_real_lookup_certificate_for_handle_finish
;
440 klass
->lookup_certificate_issuer_async
= g_tls_database_real_lookup_certificate_issuer_async
;
441 klass
->lookup_certificate_issuer_finish
= g_tls_database_real_lookup_certificate_issuer_finish
;
442 klass
->lookup_certificates_issued_by_async
= g_tls_database_real_lookup_certificates_issued_by_async
;
443 klass
->lookup_certificates_issued_by_finish
= g_tls_database_real_lookup_certificates_issued_by_finish
;
447 * g_tls_database_verify_chain:
448 * @self: a #GTlsDatabase
449 * @chain: a #GTlsCertificate chain
450 * @purpose: the purpose that this certificate chain will be used for.
451 * @identity: (allow-none): the expected peer identity
452 * @interaction: (allow-none): used to interact with the user if necessary
453 * @flags: additional verify flags
454 * @cancellable: (allow-none): a #GCancellable, or %NULL
455 * @error: (allow-none): a #GError, or %NULL
457 * Verify's a certificate chain after looking up and adding any missing
458 * certificates to the chain.
460 * @chain is a chain of #GTlsCertificate objects each pointing to the next
461 * certificate in the chain by its %issuer property. The chain may initially
462 * consist of one or more certificates. After the verification process is
463 * complete, @chain may be modified by adding missing certificates, or removing
464 * extra certificates. If a certificate anchor was found, then it is added to
467 * @purpose describes the purpose (or usage) for which the certificate
468 * is being used. Typically @purpose will be set to #G_TLS_DATABASE_PURPOSE_AUTHENTICATE_SERVER
469 * which means that the certificate is being used to authenticate a server
470 * (and we are acting as the client).
472 * The @identity is used to check for pinned certificates (trust exceptions)
473 * in the database. These will override the normal verification process on a
474 * host by host basis.
476 * Currently there are no @flags, and %G_TLS_DATABASE_VERIFY_NONE should be
479 * This function can block, use g_tls_database_verify_chain_async() to perform
480 * the verification operation asynchronously.
482 * Return value: the appropriate #GTlsCertificateFlags which represents the
483 * result of verification.
488 g_tls_database_verify_chain (GTlsDatabase
*self
,
489 GTlsCertificate
*chain
,
490 const gchar
*purpose
,
491 GSocketConnectable
*identity
,
492 GTlsInteraction
*interaction
,
493 GTlsDatabaseVerifyFlags flags
,
494 GCancellable
*cancellable
,
497 g_return_val_if_fail (G_IS_TLS_DATABASE (self
), G_TLS_CERTIFICATE_GENERIC_ERROR
);
498 g_return_val_if_fail (G_IS_TLS_DATABASE (self
),
499 G_TLS_CERTIFICATE_GENERIC_ERROR
);
500 g_return_val_if_fail (G_IS_TLS_CERTIFICATE (chain
),
501 G_TLS_CERTIFICATE_GENERIC_ERROR
);
502 g_return_val_if_fail (purpose
, G_TLS_CERTIFICATE_GENERIC_ERROR
);
503 g_return_val_if_fail (interaction
== NULL
|| G_IS_TLS_INTERACTION (interaction
),
504 G_TLS_CERTIFICATE_GENERIC_ERROR
);
505 g_return_val_if_fail (identity
== NULL
|| G_IS_SOCKET_CONNECTABLE (identity
),
506 G_TLS_CERTIFICATE_GENERIC_ERROR
);
507 g_return_val_if_fail (error
== NULL
|| *error
== NULL
, G_TLS_CERTIFICATE_GENERIC_ERROR
);
509 g_return_val_if_fail (G_TLS_DATABASE_GET_CLASS (self
)->verify_chain
,
510 G_TLS_CERTIFICATE_GENERIC_ERROR
);
512 return G_TLS_DATABASE_GET_CLASS (self
)->verify_chain (self
,
523 * g_tls_database_verify_chain_async:
524 * @self: a #GTlsDatabase
525 * @chain: a #GTlsCertificate chain
526 * @purpose: the purpose that this certificate chain will be used for.
527 * @identity: (allow-none): the expected peer identity
528 * @interaction: (allow-none): used to interact with the user if necessary
529 * @flags: additional verify flags
530 * @cancellable: (allow-none): a #GCancellable, or %NULL
531 * @callback: callback to call when the operation completes
532 * @user_data: the data to pass to the callback function
534 * Asynchronously verify's a certificate chain after looking up and adding
535 * any missing certificates to the chain. See g_tls_database_verify_chain()
536 * for more information.
541 g_tls_database_verify_chain_async (GTlsDatabase
*self
,
542 GTlsCertificate
*chain
,
543 const gchar
*purpose
,
544 GSocketConnectable
*identity
,
545 GTlsInteraction
*interaction
,
546 GTlsDatabaseVerifyFlags flags
,
547 GCancellable
*cancellable
,
548 GAsyncReadyCallback callback
,
551 g_return_if_fail (G_IS_TLS_DATABASE (self
));
552 g_return_if_fail (G_IS_TLS_CERTIFICATE (chain
));
553 g_return_if_fail (purpose
!= NULL
);
554 g_return_if_fail (interaction
== NULL
|| G_IS_TLS_INTERACTION (interaction
));
555 g_return_if_fail (cancellable
== NULL
|| G_IS_CANCELLABLE (cancellable
));
556 g_return_if_fail (identity
== NULL
|| G_IS_SOCKET_CONNECTABLE (identity
));
557 g_return_if_fail (callback
!= NULL
);
559 g_return_if_fail (G_TLS_DATABASE_GET_CLASS (self
)->verify_chain_async
);
560 G_TLS_DATABASE_GET_CLASS (self
)->verify_chain_async (self
,
572 * g_tls_database_verify_chain_finish:
573 * @self: a #GTlsDatabase
574 * @result: a #GAsyncResult.
575 * @error: a #GError pointer, or %NULL
577 * Finish an asynchronous verify chain operation. See
578 * g_tls_database_verify_chain() for more information. *
579 * Return value: the appropriate #GTlsCertificateFlags which represents the
580 * result of verification.
585 g_tls_database_verify_chain_finish (GTlsDatabase
*self
,
586 GAsyncResult
*result
,
589 g_return_val_if_fail (G_IS_TLS_DATABASE (self
), G_TLS_CERTIFICATE_GENERIC_ERROR
);
590 g_return_val_if_fail (G_IS_ASYNC_RESULT (result
), G_TLS_CERTIFICATE_GENERIC_ERROR
);
591 g_return_val_if_fail (error
== NULL
|| *error
== NULL
, G_TLS_CERTIFICATE_GENERIC_ERROR
);
592 g_return_val_if_fail (G_TLS_DATABASE_GET_CLASS (self
)->verify_chain_finish
,
593 G_TLS_CERTIFICATE_GENERIC_ERROR
);
594 return G_TLS_DATABASE_GET_CLASS (self
)->verify_chain_finish (self
,
600 * g_tls_database_create_certificate_handle:
601 * @self: a #GTlsDatabase
602 * @certificate: certificate for which to create a handle.
604 * Create a handle string for the certificate. The database will only be able
605 * to create a handle for certificates that originate from the database. In
606 * cases where the database cannot create a handle for a certificate, %NULL
609 * This handle should be stable across various instances of the application,
610 * and between applications. If a certificate is modified in the database,
611 * then it is not guaranteed that this handle will continue to point to it.
613 * Returns: (allow-none): a newly allocated string containing the handle.
617 g_tls_database_create_certificate_handle (GTlsDatabase
*self
,
618 GTlsCertificate
*certificate
)
620 g_return_val_if_fail (G_IS_TLS_DATABASE (self
), NULL
);
621 g_return_val_if_fail (G_IS_TLS_CERTIFICATE (certificate
), NULL
);
622 g_return_val_if_fail (G_TLS_DATABASE_GET_CLASS (self
)->create_certificate_handle
, NULL
);
623 return G_TLS_DATABASE_GET_CLASS (self
)->create_certificate_handle (self
,
628 * g_tls_database_lookup_certificate_for_handle:
629 * @self: a #GTlsDatabase
630 * @handle: a certificate handle
631 * @interaction: (allow-none): used to interact with the user if necessary
632 * @flags: Flags which affect the lookup.
633 * @cancellable: (allow-none): a #GCancellable, or %NULL
634 * @error: (allow-none): a #GError, or %NULL
636 * Lookup a certificate by its handle.
638 * The handle should have been created by calling g_tls_database_create_handle()
639 * on a #GTlsDatabase object of the same TLS backend. The handle is designed
640 * to remain valid across instantiations of the database.
642 * If the handle is no longer valid, or does not point to a certificate in
643 * this database, then %NULL will be returned.
645 * This function can block, use g_tls_database_lookup_certificate_for_handle_async() to perform
646 * the lookup operation asynchronously.
648 * Return value: (transfer full) (allow-none): a newly allocated
649 * #GTlsCertificate, or %NULL. Use g_object_unref() to release the certificate.
654 g_tls_database_lookup_certificate_for_handle (GTlsDatabase
*self
,
656 GTlsInteraction
*interaction
,
657 GTlsDatabaseLookupFlags flags
,
658 GCancellable
*cancellable
,
661 g_return_val_if_fail (G_IS_TLS_DATABASE (self
), NULL
);
662 g_return_val_if_fail (handle
!= NULL
, NULL
);
663 g_return_val_if_fail (interaction
== NULL
|| G_IS_TLS_INTERACTION (interaction
), NULL
);
664 g_return_val_if_fail (cancellable
== NULL
|| G_IS_CANCELLABLE (cancellable
), NULL
);
665 g_return_val_if_fail (error
== NULL
|| *error
== NULL
, NULL
);
666 g_return_val_if_fail (G_TLS_DATABASE_GET_CLASS (self
)->lookup_certificate_for_handle
, NULL
);
667 return G_TLS_DATABASE_GET_CLASS (self
)->lookup_certificate_for_handle (self
,
677 * g_tls_database_lookup_certificate_for_handle_async:
678 * @self: a #GTlsDatabase
679 * @handle: a certificate handle
680 * @interaction: (allow-none): used to interact with the user if necessary
681 * @flags: Flags which affect the lookup.
682 * @cancellable: (allow-none): a #GCancellable, or %NULL
683 * @callback: callback to call when the operation completes
684 * @user_data: the data to pass to the callback function
686 * Asynchronously lookup a certificate by its handle in the database. See
687 * g_tls_database_lookup_handle() for more information.
692 g_tls_database_lookup_certificate_for_handle_async (GTlsDatabase
*self
,
694 GTlsInteraction
*interaction
,
695 GTlsDatabaseLookupFlags flags
,
696 GCancellable
*cancellable
,
697 GAsyncReadyCallback callback
,
700 g_return_if_fail (G_IS_TLS_DATABASE (self
));
701 g_return_if_fail (handle
!= NULL
);
702 g_return_if_fail (interaction
== NULL
|| G_IS_TLS_INTERACTION (interaction
));
703 g_return_if_fail (cancellable
== NULL
|| G_IS_CANCELLABLE (cancellable
));
704 g_return_if_fail (G_TLS_DATABASE_GET_CLASS (self
)->lookup_certificate_for_handle_async
);
705 G_TLS_DATABASE_GET_CLASS (self
)->lookup_certificate_for_handle_async (self
,
715 * g_tls_database_lookup_certificate_for_handle_finish:
716 * @self: a #GTlsDatabase
717 * @result: a #GAsyncResult.
718 * @error: a #GError pointer, or %NULL
720 * Finish an asynchronous lookup of a certificate by its handle. See
721 * g_tls_database_lookup_handle() for more information.
723 * If the handle is no longer valid, or does not point to a certificate in
724 * this database, then %NULL will be returned.
726 * Return value: (transfer full): a newly allocated #GTlsCertificate object.
727 * Use g_object_unref() to release the certificate.
732 g_tls_database_lookup_certificate_for_handle_finish (GTlsDatabase
*self
,
733 GAsyncResult
*result
,
736 g_return_val_if_fail (G_IS_TLS_DATABASE (self
), NULL
);
737 g_return_val_if_fail (G_IS_ASYNC_RESULT (result
), NULL
);
738 g_return_val_if_fail (error
== NULL
|| *error
== NULL
, NULL
);
739 g_return_val_if_fail (G_TLS_DATABASE_GET_CLASS (self
)->lookup_certificate_for_handle_finish
, NULL
);
740 return G_TLS_DATABASE_GET_CLASS (self
)->lookup_certificate_for_handle_finish (self
,
746 * g_tls_database_lookup_certificate_issuer:
747 * @self: a #GTlsDatabase
748 * @certificate: a #GTlsCertificate
749 * @interaction: (allow-none): used to interact with the user if necessary
750 * @flags: flags which affect the lookup operation
751 * @cancellable: (allow-none): a #GCancellable, or %NULL
752 * @error: (allow-none): a #GError, or %NULL
754 * Lookup the issuer of @certificate in the database.
756 * The %issuer property
757 * of @certificate is not modified, and the two certificates are not hooked
760 * This function can block, use g_tls_database_lookup_certificate_issuer_async() to perform
761 * the lookup operation asynchronously.
763 * Return value: (transfer full): a newly allocated issuer #GTlsCertificate,
764 * or %NULL. Use g_object_unref() to release the certificate.
769 g_tls_database_lookup_certificate_issuer (GTlsDatabase
*self
,
770 GTlsCertificate
*certificate
,
771 GTlsInteraction
*interaction
,
772 GTlsDatabaseLookupFlags flags
,
773 GCancellable
*cancellable
,
776 g_return_val_if_fail (G_IS_TLS_DATABASE (self
), NULL
);
777 g_return_val_if_fail (G_IS_TLS_CERTIFICATE (certificate
), NULL
);
778 g_return_val_if_fail (interaction
== NULL
|| G_IS_TLS_INTERACTION (interaction
), NULL
);
779 g_return_val_if_fail (cancellable
== NULL
|| G_IS_CANCELLABLE (cancellable
), NULL
);
780 g_return_val_if_fail (error
== NULL
|| *error
== NULL
, NULL
);
781 g_return_val_if_fail (G_TLS_DATABASE_GET_CLASS (self
)->lookup_certificate_issuer
, NULL
);
782 return G_TLS_DATABASE_GET_CLASS (self
)->lookup_certificate_issuer (self
,
791 * g_tls_database_lookup_certificate_issuer_async:
792 * @self: a #GTlsDatabase
793 * @certificate: a #GTlsCertificate
794 * @interaction: (allow-none): used to interact with the user if necessary
795 * @flags: flags which affect the lookup operation
796 * @cancellable: (allow-none): a #GCancellable, or %NULL
797 * @callback: callback to call when the operation completes
798 * @user_data: the data to pass to the callback function
800 * Asynchronously lookup the issuer of @certificate in the database. See
801 * g_tls_database_lookup_certificate_issuer() for more information.
806 g_tls_database_lookup_certificate_issuer_async (GTlsDatabase
*self
,
807 GTlsCertificate
*certificate
,
808 GTlsInteraction
*interaction
,
809 GTlsDatabaseLookupFlags flags
,
810 GCancellable
*cancellable
,
811 GAsyncReadyCallback callback
,
814 g_return_if_fail (G_IS_TLS_DATABASE (self
));
815 g_return_if_fail (G_IS_TLS_CERTIFICATE (certificate
));
816 g_return_if_fail (interaction
== NULL
|| G_IS_TLS_INTERACTION (interaction
));
817 g_return_if_fail (cancellable
== NULL
|| G_IS_CANCELLABLE (cancellable
));
818 g_return_if_fail (callback
!= NULL
);
819 g_return_if_fail (G_TLS_DATABASE_GET_CLASS (self
)->lookup_certificate_issuer_async
);
820 G_TLS_DATABASE_GET_CLASS (self
)->lookup_certificate_issuer_async (self
,
830 * g_tls_database_lookup_certificate_issuer_finish:
831 * @self: a #GTlsDatabase
832 * @result: a #GAsyncResult.
833 * @error: a #GError pointer, or %NULL
835 * Finish an asynchronous lookup issuer operation. See
836 * g_tls_database_lookup_certificate_issuer() for more information.
838 * Return value: (transfer full): a newly allocated issuer #GTlsCertificate,
839 * or %NULL. Use g_object_unref() to release the certificate.
844 g_tls_database_lookup_certificate_issuer_finish (GTlsDatabase
*self
,
845 GAsyncResult
*result
,
848 g_return_val_if_fail (G_IS_TLS_DATABASE (self
), NULL
);
849 g_return_val_if_fail (G_IS_ASYNC_RESULT (result
), NULL
);
850 g_return_val_if_fail (error
== NULL
|| *error
== NULL
, NULL
);
851 g_return_val_if_fail (G_TLS_DATABASE_GET_CLASS (self
)->lookup_certificate_issuer_finish
, NULL
);
852 return G_TLS_DATABASE_GET_CLASS (self
)->lookup_certificate_issuer_finish (self
,
858 * g_tls_database_lookup_certificates_issued_by:
859 * @self: a #GTlsDatabase
860 * @issuer_raw_dn: a #GByteArray which holds the DER encoded issuer DN.
861 * @interaction: (allow-none): used to interact with the user if necessary
862 * @flags: Flags which affect the lookup operation.
863 * @cancellable: (allow-none): a #GCancellable, or %NULL
864 * @error: (allow-none): a #GError, or %NULL
866 * Lookup certificates issued by this issuer in the database.
868 * This function can block, use g_tls_database_lookup_certificates_issued_by_async() to perform
869 * the lookup operation asynchronously.
871 * Return value: (transfer full) (element-type GTlsCertificate): a newly allocated list of #GTlsCertificate
872 * objects. Use g_object_unref() on each certificate, and g_list_free() on the release the list.
877 g_tls_database_lookup_certificates_issued_by (GTlsDatabase
*self
,
878 GByteArray
*issuer_raw_dn
,
879 GTlsInteraction
*interaction
,
880 GTlsDatabaseLookupFlags flags
,
881 GCancellable
*cancellable
,
884 g_return_val_if_fail (G_IS_TLS_DATABASE (self
), NULL
);
885 g_return_val_if_fail (issuer_raw_dn
, NULL
);
886 g_return_val_if_fail (interaction
== NULL
|| G_IS_TLS_INTERACTION (interaction
), NULL
);
887 g_return_val_if_fail (cancellable
== NULL
|| G_IS_CANCELLABLE (cancellable
), NULL
);
888 g_return_val_if_fail (error
== NULL
|| *error
== NULL
, NULL
);
889 g_return_val_if_fail (G_TLS_DATABASE_GET_CLASS (self
)->lookup_certificates_issued_by
, NULL
);
890 return G_TLS_DATABASE_GET_CLASS (self
)->lookup_certificates_issued_by (self
,
899 * g_tls_database_lookup_certificates_issued_by_async:
900 * @self: a #GTlsDatabase
901 * @issuer_raw_dn: a #GByteArray which holds the DER encoded issuer DN.
902 * @interaction: (allow-none): used to interact with the user if necessary
903 * @flags: Flags which affect the lookup operation.
904 * @cancellable: (allow-none): a #GCancellable, or %NULL
905 * @callback: callback to call when the operation completes
906 * @user_data: the data to pass to the callback function
908 * Asynchronously lookup certificates issued by this issuer in the database. See
909 * g_tls_database_lookup_certificates_issued_by() for more information.
911 * The database may choose to hold a reference to the issuer byte array for the duration
912 * of of this asynchronous operation. The byte array should not be modified during
918 g_tls_database_lookup_certificates_issued_by_async (GTlsDatabase
*self
,
919 GByteArray
*issuer_raw_dn
,
920 GTlsInteraction
*interaction
,
921 GTlsDatabaseLookupFlags flags
,
922 GCancellable
*cancellable
,
923 GAsyncReadyCallback callback
,
926 g_return_if_fail (G_IS_TLS_DATABASE (self
));
927 g_return_if_fail (issuer_raw_dn
!= NULL
);
928 g_return_if_fail (interaction
== NULL
|| G_IS_TLS_INTERACTION (interaction
));
929 g_return_if_fail (cancellable
== NULL
|| G_IS_CANCELLABLE (cancellable
));
930 g_return_if_fail (callback
!= NULL
);
931 g_return_if_fail (G_TLS_DATABASE_GET_CLASS (self
)->lookup_certificates_issued_by_async
);
932 G_TLS_DATABASE_GET_CLASS (self
)->lookup_certificates_issued_by_async (self
,
942 * g_tls_database_lookup_certificates_issued_by_finish:
943 * @self: a #GTlsDatabase
944 * @result: a #GAsyncResult.
945 * @error: a #GError pointer, or %NULL
947 * Finish an asynchronous lookup of certificates. See
948 * g_tls_database_lookup_certificates_issued_by() for more information.
950 * Return value: (transfer full): a newly allocated list of #GTlsCertificate objects.
951 * Use g_object_unref() on each certificate, and g_list_free() on the release the list.
956 g_tls_database_lookup_certificates_issued_by_finish (GTlsDatabase
*self
,
957 GAsyncResult
*result
,
960 g_return_val_if_fail (G_IS_TLS_DATABASE (self
), NULL
);
961 g_return_val_if_fail (G_IS_ASYNC_RESULT (result
), NULL
);
962 g_return_val_if_fail (error
== NULL
|| *error
== NULL
, NULL
);
963 g_return_val_if_fail (G_TLS_DATABASE_GET_CLASS (self
)->lookup_certificates_issued_by_finish
, NULL
);
964 return G_TLS_DATABASE_GET_CLASS (self
)->lookup_certificates_issued_by_finish (self
,