search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Improve GTimeZone test coverage
[glib.git] / gio / gtlsdatabase.c
blob9d2b77e4ee39f042f07e874b829ef6d39875406d
1 /* GIO - GLib Input, Output and Streaming Library
2 *
3 * Copyright (C) 2010 Collabora, Ltd.
4 *
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2 of the License, or (at your option) any later version.
9 *
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
14 *
15 * You should have received a copy of the GNU Lesser General
16 * Public License along with this library; if not, write to the
17 * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
18 * Boston, MA 02111-1307, USA.
19 *
20 * Author: Stef Walter <stefw@collabora.co.uk>
21 */
22
23 #include "config.h"
24
25 #include "gtlsdatabase.h"
26
27 #include "gasyncresult.h"
28 #include "gcancellable.h"
29 #include "glibintl.h"
30 #include "gsimpleasyncresult.h"
31 #include "gsocketconnectable.h"
32 #include "gtlscertificate.h"
33 #include "gtlsinteraction.h"
34
35 /**
36 * SECTION:gtlsdatabase
37 * @short_description: TLS database type
38 * @include: gio/gio.h
39 *
40 * #GTlsDatabase is used to lookup certificates and other information
41 * from a certificate or key store. It is an abstract base class which
42 * TLS library specific subtypes override.
43 *
44 * Most common client applications will not directly interact with
45 * #GTlsDatabase. It is used internally by #GTlsConnection.
46 *
47 * Since: 2.30
48 */
49
50 /**
51 * GTlsDatabase:
52 *
53 * Abstract base class for the backend-specific database types.
54 *
55 * Since: 2.30
56 */
57
58 G_DEFINE_ABSTRACT_TYPE (GTlsDatabase, g_tls_database, G_TYPE_OBJECT);
59
60 enum {
61 UNLOCK_REQUIRED,
62
63 LAST_SIGNAL
64 };
65
66 /**
67 * G_TLS_DATABASE_PURPOSE_AUTHENTICATE_SERVER:
68 *
69 * The purpose used to verify the server certificate in a TLS connection. This
70 * is the most common purpose in use. Used by TLS clients.
71 */
72
73 /**
74 * G_TLS_DATABASE_PURPOSE_AUTHENTICATE_CLIENT:
75 *
76 * The purpose used to verify the client certificate in a TLS connection.
77 * Used by TLS servers.
78 */
79
80 static void
81 g_tls_database_init (GTlsDatabase *cert)
82 {
83
84 }
85
86 typedef struct _AsyncVerifyChain {
87 GTlsCertificate *chain;
88 gchar *purpose;
89 GSocketConnectable *identity;
90 GTlsInteraction *interaction;
91 GTlsDatabaseVerifyFlags flags;
92 GTlsCertificateFlags verify_result;
93 } AsyncVerifyChain;
94
95 static void
96 async_verify_chain_free (gpointer data)
97 {
98 AsyncVerifyChain *args = data;
99 g_clear_object (&args->chain);
100 g_free (args->purpose);
101 g_clear_object (&args->identity);
102 g_clear_object (&args->interaction);
103 g_slice_free (AsyncVerifyChain, args);
104 }
105
106 static void
107 async_verify_chain_thread (GSimpleAsyncResult *res,
108 GObject *object,
109 GCancellable *cancellable)
110 {
111 AsyncVerifyChain *args = g_simple_async_result_get_op_res_gpointer (res);
112 GError *error = NULL;
113
114 args->verify_result = g_tls_database_verify_chain (G_TLS_DATABASE (object),
115 args->chain,
116 args->purpose,
117 args->identity,
118 args->interaction,
119 args->flags,
120 cancellable,
121 &error);
122
123 if (error)
124 g_simple_async_result_take_error (res, error);
125 }
126
127 static void
128 g_tls_database_real_verify_chain_async (GTlsDatabase *self,
129 GTlsCertificate *chain,
130 const gchar *purpose,
131 GSocketConnectable *identity,
132 GTlsInteraction *interaction,
133 GTlsDatabaseVerifyFlags flags,
134 GCancellable *cancellable,
135 GAsyncReadyCallback callback,
136 gpointer user_data)
137 {
138 GSimpleAsyncResult *res;
139 AsyncVerifyChain *args;
140
141 args = g_slice_new0 (AsyncVerifyChain);
142 args->chain = g_object_ref (chain);
143 args->purpose = g_strdup (purpose);
144 args->identity = identity ? g_object_ref (identity) : NULL;
145 args->interaction = interaction ? g_object_ref (interaction) : NULL;
146 args->flags = flags;
147
148 res = g_simple_async_result_new (G_OBJECT (self), callback, user_data,
149 g_tls_database_real_verify_chain_async);
150 g_simple_async_result_set_op_res_gpointer (res, args, async_verify_chain_free);
151 g_simple_async_result_run_in_thread (res, async_verify_chain_thread,
152 G_PRIORITY_DEFAULT, cancellable);
153 g_object_unref (res);
154 }
155
156 static GTlsCertificateFlags
157 g_tls_database_real_verify_chain_finish (GTlsDatabase *self,
158 GAsyncResult *result,
159 GError **error)
160 {
161 AsyncVerifyChain *args;
162
163 g_return_val_if_fail (G_IS_SIMPLE_ASYNC_RESULT (result), G_TLS_CERTIFICATE_GENERIC_ERROR);
164 g_return_val_if_fail (g_simple_async_result_is_valid (result, G_OBJECT (self),
165 g_tls_database_real_verify_chain_async), FALSE);
166
167 if (g_simple_async_result_propagate_error (G_SIMPLE_ASYNC_RESULT (result), error))
168 return G_TLS_CERTIFICATE_GENERIC_ERROR;
169
170 args = g_simple_async_result_get_op_res_gpointer (G_SIMPLE_ASYNC_RESULT (result));
171 return args->verify_result;
172 }
173
174 typedef struct {
175 gchar *handle;
176 GTlsInteraction *interaction;
177 GTlsDatabaseLookupFlags flags;
178 GTlsCertificate *result;
179 } AsyncLookupCertificateForHandle;
180
181 static void
182 async_lookup_certificate_for_handle_free (gpointer data)
183 {
184 AsyncLookupCertificateForHandle *args = data;
185
186 g_free (args->handle);
187 g_clear_object (&args->interaction);
188 g_clear_object (&args->result);
189 g_slice_free (AsyncLookupCertificateForHandle, args);
190 }
191
192 static void
193 async_lookup_certificate_for_handle_thread (GSimpleAsyncResult *res,
194 GObject *object,
195 GCancellable *cancellable)
196 {
197 AsyncLookupCertificateForHandle *args = g_simple_async_result_get_op_res_gpointer (res);
198 GError *error = NULL;
199
200 args->result = g_tls_database_lookup_certificate_for_handle (G_TLS_DATABASE (object),
201 args->handle,
202 args->interaction,
203 args->flags,
204 cancellable,
205 &error);
206
207 if (error)
208 g_simple_async_result_take_error (res, error);
209 }
210
211 static void
212 g_tls_database_real_lookup_certificate_for_handle_async (GTlsDatabase *self,
213 const gchar *handle,
214 GTlsInteraction *interaction,
215 GTlsDatabaseLookupFlags flags,
216 GCancellable *cancellable,
217 GAsyncReadyCallback callback,
218 gpointer user_data)
219 {
220 GSimpleAsyncResult *res;
221 AsyncLookupCertificateForHandle *args;
222
223 g_return_if_fail (callback != NULL);
224
225 args = g_slice_new0 (AsyncLookupCertificateForHandle);
226 args->handle = g_strdup (handle);
227 args->interaction = interaction ? g_object_ref (interaction) : NULL;
228
229 res = g_simple_async_result_new (G_OBJECT (self), callback, user_data,
230 g_tls_database_real_lookup_certificate_for_handle_async);
231 g_simple_async_result_set_op_res_gpointer (res, args, async_lookup_certificate_for_handle_free);
232 g_simple_async_result_run_in_thread (res, async_lookup_certificate_for_handle_thread,
233 G_PRIORITY_DEFAULT, cancellable);
234 g_object_unref (res);
235 }
236
237 static GTlsCertificate*
238 g_tls_database_real_lookup_certificate_for_handle_finish (GTlsDatabase *self,
239 GAsyncResult *result,
240 GError **error)
241 {
242 AsyncLookupCertificateForHandle *args;
243 GTlsCertificate *certificate;
244
245 g_return_val_if_fail (G_IS_SIMPLE_ASYNC_RESULT (result), NULL);
246 g_return_val_if_fail (g_simple_async_result_is_valid (result, G_OBJECT (self),
247 g_tls_database_real_lookup_certificate_for_handle_async), FALSE);
248
249 if (g_simple_async_result_propagate_error (G_SIMPLE_ASYNC_RESULT (result), error))
250 return NULL;
251
252 args = g_simple_async_result_get_op_res_gpointer (G_SIMPLE_ASYNC_RESULT (result));
253 certificate = args->result;
254 args->result = NULL;
255 return certificate;
256 }
257
258
259 typedef struct {
260 GTlsCertificate *certificate;
261 GTlsInteraction *interaction;
262 GTlsDatabaseLookupFlags flags;
263 GTlsCertificate *issuer;
264 } AsyncLookupCertificateIssuer;
265
266 static void
267 async_lookup_certificate_issuer_free (gpointer data)
268 {
269 AsyncLookupCertificateIssuer *args = data;
270
271 g_clear_object (&args->certificate);
272 g_clear_object (&args->interaction);
273 g_clear_object (&args->issuer);
274 g_slice_free (AsyncLookupCertificateIssuer, args);
275 }
276
277 static void
278 async_lookup_certificate_issuer_thread (GSimpleAsyncResult *res,
279 GObject *object,
280 GCancellable *cancellable)
281 {
282 AsyncLookupCertificateIssuer *args = g_simple_async_result_get_op_res_gpointer (res);
283 GError *error = NULL;
284
285 args->issuer = g_tls_database_lookup_certificate_issuer (G_TLS_DATABASE (object),
286 args->certificate,
287 args->interaction,
288 args->flags,
289 cancellable,
290 &error);
291
292 if (error)
293 g_simple_async_result_take_error (res, error);
294 }
295
296 static void
297 g_tls_database_real_lookup_certificate_issuer_async (GTlsDatabase *self,
298 GTlsCertificate *certificate,
299 GTlsInteraction *interaction,
300 GTlsDatabaseLookupFlags flags,
301 GCancellable *cancellable,
302 GAsyncReadyCallback callback,
303 gpointer user_data)
304 {
305 GSimpleAsyncResult *res;
306 AsyncLookupCertificateIssuer *args;
307
308 g_return_if_fail (G_IS_TLS_CERTIFICATE (certificate));
309 g_return_if_fail (callback != NULL);
310
311 args = g_slice_new0 (AsyncLookupCertificateIssuer);
312 args->certificate = g_object_ref (certificate);
313 args->flags = flags;
314 args->interaction = interaction ? g_object_ref (interaction) : NULL;
315
316 res = g_simple_async_result_new (G_OBJECT (self), callback, user_data,
317 g_tls_database_real_lookup_certificate_issuer_async);
318 g_simple_async_result_set_op_res_gpointer (res, args, async_lookup_certificate_issuer_free);
319 g_simple_async_result_run_in_thread (res, async_lookup_certificate_issuer_thread,
320 G_PRIORITY_DEFAULT, cancellable);
321 g_object_unref (res);
322 }
323
324 static GTlsCertificate*
325 g_tls_database_real_lookup_certificate_issuer_finish (GTlsDatabase *self,
326 GAsyncResult *result,
327 GError **error)
328 {
329 AsyncLookupCertificateIssuer *args;
330 GTlsCertificate *issuer;
331
332 g_return_val_if_fail (G_IS_SIMPLE_ASYNC_RESULT (result), NULL);
333 g_return_val_if_fail (g_simple_async_result_is_valid (result, G_OBJECT (self),
334 g_tls_database_real_lookup_certificate_issuer_async), FALSE);
335
336 if (g_simple_async_result_propagate_error (G_SIMPLE_ASYNC_RESULT (result), error))
337 return NULL;
338
339 args = g_simple_async_result_get_op_res_gpointer (G_SIMPLE_ASYNC_RESULT (result));
340 issuer = args->issuer;
341 args->issuer = NULL;
342 return issuer;
343 }
344
345 typedef struct {
346 GByteArray *issuer;
347 GTlsInteraction *interaction;
348 GTlsDatabaseLookupFlags flags;
349 GList *results;
350 } AsyncLookupCertificatesIssuedBy;
351
352 static void
353 async_lookup_certificates_issued_by_free (gpointer data)
354 {
355 AsyncLookupCertificatesIssuedBy *args = data;
356 GList *l;
357
358 g_byte_array_unref (args->issuer);
359 g_clear_object (&args->interaction);
360 for (l = args->results; l; l = g_list_next (l))
361 g_object_unref (l->data);
362 g_list_free (args->results);
363 g_slice_free (AsyncLookupCertificatesIssuedBy, args);
364 }
365
366 static void
367 async_lookup_certificates_issued_by_thread (GSimpleAsyncResult *res,
368 GObject *object,
369 GCancellable *cancellable)
370 {
371 AsyncLookupCertificatesIssuedBy *args = g_simple_async_result_get_op_res_gpointer (res);
372 GError *error = NULL;
373
374 args->results = g_tls_database_lookup_certificates_issued_by (G_TLS_DATABASE (object),
375 args->issuer,
376 args->interaction,
377 args->flags,
378 cancellable,
379 &error);
380
381 if (error)
382 g_simple_async_result_take_error (res, error);
383 }
384
385 static void
386 g_tls_database_real_lookup_certificates_issued_by_async (GTlsDatabase *self,
387 GByteArray *issuer,
388 GTlsInteraction *interaction,
389 GTlsDatabaseLookupFlags flags,
390 GCancellable *cancellable,
391 GAsyncReadyCallback callback,
392 gpointer user_data)
393 {
394 GSimpleAsyncResult *res;
395 AsyncLookupCertificatesIssuedBy *args;
396
397 g_return_if_fail (callback);
398
399 args = g_slice_new0 (AsyncLookupCertificatesIssuedBy);
400 args->issuer = g_byte_array_ref (issuer);
401 args->flags = flags;
402 args->interaction = interaction ? g_object_ref (interaction) : NULL;
403
404 res = g_simple_async_result_new (G_OBJECT (self), callback, user_data,
405 g_tls_database_real_lookup_certificates_issued_by_async);
406 g_simple_async_result_set_op_res_gpointer (res, args, async_lookup_certificates_issued_by_free);
407 g_simple_async_result_run_in_thread (res, async_lookup_certificates_issued_by_thread,
408 G_PRIORITY_DEFAULT, cancellable);
409 g_object_unref (res);
410 }
411
412 static GList*
413 g_tls_database_real_lookup_certificates_issued_by_finish (GTlsDatabase *self,
414 GAsyncResult *result,
415 GError **error)
416 {
417 AsyncLookupCertificatesIssuedBy *args;
418 GList *results;
419
420 g_return_val_if_fail (G_IS_SIMPLE_ASYNC_RESULT (result), NULL);
421 g_return_val_if_fail (g_simple_async_result_is_valid (result, G_OBJECT (self),
422 g_tls_database_real_lookup_certificates_issued_by_async), FALSE);
423
424 if (g_simple_async_result_propagate_error (G_SIMPLE_ASYNC_RESULT (result), error))
425 return NULL;
426
427 args = g_simple_async_result_get_op_res_gpointer (G_SIMPLE_ASYNC_RESULT (result));
428 results = args->results;
429 args->results = NULL;
430 return results;
431 }
432
433 static void
434 g_tls_database_class_init (GTlsDatabaseClass *klass)
435 {
436 klass->verify_chain_async = g_tls_database_real_verify_chain_async;
437 klass->verify_chain_finish = g_tls_database_real_verify_chain_finish;
438 klass->lookup_certificate_for_handle_async = g_tls_database_real_lookup_certificate_for_handle_async;
439 klass->lookup_certificate_for_handle_finish = g_tls_database_real_lookup_certificate_for_handle_finish;
440 klass->lookup_certificate_issuer_async = g_tls_database_real_lookup_certificate_issuer_async;
441 klass->lookup_certificate_issuer_finish = g_tls_database_real_lookup_certificate_issuer_finish;
442 klass->lookup_certificates_issued_by_async = g_tls_database_real_lookup_certificates_issued_by_async;
443 klass->lookup_certificates_issued_by_finish = g_tls_database_real_lookup_certificates_issued_by_finish;
444 }
445
446 /**
447 * g_tls_database_verify_chain:
448 * @self: a #GTlsDatabase
449 * @chain: a #GTlsCertificate chain
450 * @purpose: the purpose that this certificate chain will be used for.
451 * @identity: (allow-none): the expected peer identity
452 * @interaction: (allow-none): used to interact with the user if necessary
453 * @flags: additional verify flags
454 * @cancellable: (allow-none): a #GCancellable, or %NULL
455 * @error: (allow-none): a #GError, or %NULL
456 *
457 * Verify's a certificate chain after looking up and adding any missing
458 * certificates to the chain.
459 *
460 * @chain is a chain of #GTlsCertificate objects each pointing to the next
461 * certificate in the chain by its %issuer property. The chain may initially
462 * consist of one or more certificates. After the verification process is
463 * complete, @chain may be modified by adding missing certificates, or removing
464 * extra certificates. If a certificate anchor was found, then it is added to
465 * the @chain.
466 *
467 * @purpose describes the purpose (or usage) for which the certificate
468 * is being used. Typically @purpose will be set to #G_TLS_DATABASE_PURPOSE_AUTHENTICATE_SERVER
469 * which means that the certificate is being used to authenticate a server
470 * (and we are acting as the client).
471 *
472 * The @identity is used to check for pinned certificates (trust exceptions)
473 * in the database. These will override the normal verification process on a
474 * host by host basis.
475 *
476 * Currently there are no @flags, and %G_TLS_DATABASE_VERIFY_NONE should be
477 * used.
478 *
479 * This function can block, use g_tls_database_verify_chain_async() to perform
480 * the verification operation asynchronously.
481 *
482 * Return value: the appropriate #GTlsCertificateFlags which represents the
483 * result of verification.
484 *
485 * Since: 2.30
486 */
487 GTlsCertificateFlags
488 g_tls_database_verify_chain (GTlsDatabase *self,
489 GTlsCertificate *chain,
490 const gchar *purpose,
491 GSocketConnectable *identity,
492 GTlsInteraction *interaction,
493 GTlsDatabaseVerifyFlags flags,
494 GCancellable *cancellable,
495 GError **error)
496 {
497 g_return_val_if_fail (G_IS_TLS_DATABASE (self), G_TLS_CERTIFICATE_GENERIC_ERROR);
498 g_return_val_if_fail (G_IS_TLS_DATABASE (self),
499 G_TLS_CERTIFICATE_GENERIC_ERROR);
500 g_return_val_if_fail (G_IS_TLS_CERTIFICATE (chain),
501 G_TLS_CERTIFICATE_GENERIC_ERROR);
502 g_return_val_if_fail (purpose, G_TLS_CERTIFICATE_GENERIC_ERROR);
503 g_return_val_if_fail (interaction == NULL || G_IS_TLS_INTERACTION (interaction),
504 G_TLS_CERTIFICATE_GENERIC_ERROR);
505 g_return_val_if_fail (identity == NULL || G_IS_SOCKET_CONNECTABLE (identity),
506 G_TLS_CERTIFICATE_GENERIC_ERROR);
507 g_return_val_if_fail (error == NULL || *error == NULL, G_TLS_CERTIFICATE_GENERIC_ERROR);
508
509 g_return_val_if_fail (G_TLS_DATABASE_GET_CLASS (self)->verify_chain,
510 G_TLS_CERTIFICATE_GENERIC_ERROR);
511
512 return G_TLS_DATABASE_GET_CLASS (self)->verify_chain (self,
513 chain,
514 purpose,
515 identity,
516 interaction,
517 flags,
518 cancellable,
519 error);
520 }
521
522 /**
523 * g_tls_database_verify_chain_async:
524 * @self: a #GTlsDatabase
525 * @chain: a #GTlsCertificate chain
526 * @purpose: the purpose that this certificate chain will be used for.
527 * @identity: (allow-none): the expected peer identity
528 * @interaction: (allow-none): used to interact with the user if necessary
529 * @flags: additional verify flags
530 * @cancellable: (allow-none): a #GCancellable, or %NULL
531 * @callback: callback to call when the operation completes
532 * @user_data: the data to pass to the callback function
533 *
534 * Asynchronously verify's a certificate chain after looking up and adding
535 * any missing certificates to the chain. See g_tls_database_verify_chain()
536 * for more information.
537 *
538 * Since: 2.30
539 */
540 void
541 g_tls_database_verify_chain_async (GTlsDatabase *self,
542 GTlsCertificate *chain,
543 const gchar *purpose,
544 GSocketConnectable *identity,
545 GTlsInteraction *interaction,
546 GTlsDatabaseVerifyFlags flags,
547 GCancellable *cancellable,
548 GAsyncReadyCallback callback,
549 gpointer user_data)
550 {
551 g_return_if_fail (G_IS_TLS_DATABASE (self));
552 g_return_if_fail (G_IS_TLS_CERTIFICATE (chain));
553 g_return_if_fail (purpose != NULL);
554 g_return_if_fail (interaction == NULL || G_IS_TLS_INTERACTION (interaction));
555 g_return_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable));
556 g_return_if_fail (identity == NULL || G_IS_SOCKET_CONNECTABLE (identity));
557 g_return_if_fail (callback != NULL);
558
559 g_return_if_fail (G_TLS_DATABASE_GET_CLASS (self)->verify_chain_async);
560 G_TLS_DATABASE_GET_CLASS (self)->verify_chain_async (self,
561 chain,
562 purpose,
563 identity,
564 interaction,
565 flags,
566 cancellable,
567 callback,
568 user_data);
569 }
570
571 /**
572 * g_tls_database_verify_chain_finish:
573 * @self: a #GTlsDatabase
574 * @result: a #GAsyncResult.
575 * @error: a #GError pointer, or %NULL
576 *
577 * Finish an asynchronous verify chain operation. See
578 * g_tls_database_verify_chain() for more information. *
579 * Return value: the appropriate #GTlsCertificateFlags which represents the
580 * result of verification.
581 *
582 * Since: 2.30
583 */
584 GTlsCertificateFlags
585 g_tls_database_verify_chain_finish (GTlsDatabase *self,
586 GAsyncResult *result,
587 GError **error)
588 {
589 g_return_val_if_fail (G_IS_TLS_DATABASE (self), G_TLS_CERTIFICATE_GENERIC_ERROR);
590 g_return_val_if_fail (G_IS_ASYNC_RESULT (result), G_TLS_CERTIFICATE_GENERIC_ERROR);
591 g_return_val_if_fail (error == NULL || *error == NULL, G_TLS_CERTIFICATE_GENERIC_ERROR);
592 g_return_val_if_fail (G_TLS_DATABASE_GET_CLASS (self)->verify_chain_finish,
593 G_TLS_CERTIFICATE_GENERIC_ERROR);
594 return G_TLS_DATABASE_GET_CLASS (self)->verify_chain_finish (self,
595 result,
596 error);
597 }
598
599 /**
600 * g_tls_database_create_certificate_handle:
601 * @self: a #GTlsDatabase
602 * @certificate: certificate for which to create a handle.
603 *
604 * Create a handle string for the certificate. The database will only be able
605 * to create a handle for certificates that originate from the database. In
606 * cases where the database cannot create a handle for a certificate, %NULL
607 * will be returned.
608 *
609 * This handle should be stable across various instances of the application,
610 * and between applications. If a certificate is modified in the database,
611 * then it is not guaranteed that this handle will continue to point to it.
612 *
613 * Returns: (allow-none): a newly allocated string containing the handle.
614 * Since: 2.30
615 */
616 gchar*
617 g_tls_database_create_certificate_handle (GTlsDatabase *self,
618 GTlsCertificate *certificate)
619 {
620 g_return_val_if_fail (G_IS_TLS_DATABASE (self), NULL);
621 g_return_val_if_fail (G_IS_TLS_CERTIFICATE (certificate), NULL);
622 g_return_val_if_fail (G_TLS_DATABASE_GET_CLASS (self)->create_certificate_handle, NULL);
623 return G_TLS_DATABASE_GET_CLASS (self)->create_certificate_handle (self,
624 certificate);
625 }
626
627 /**
628 * g_tls_database_lookup_certificate_for_handle:
629 * @self: a #GTlsDatabase
630 * @handle: a certificate handle
631 * @interaction: (allow-none): used to interact with the user if necessary
632 * @flags: Flags which affect the lookup.
633 * @cancellable: (allow-none): a #GCancellable, or %NULL
634 * @error: (allow-none): a #GError, or %NULL
635 *
636 * Lookup a certificate by its handle.
637 *
638 * The handle should have been created by calling
639 * g_tls_database_create_certificate_handle() on a #GTlsDatabase object of
640 * the same TLS backend. The handle is designed to remain valid across
641 * instantiations of the database.
642 *
643 * If the handle is no longer valid, or does not point to a certificate in
644 * this database, then %NULL will be returned.
645 *
646 * This function can block, use g_tls_database_lookup_certificate_for_handle_async() to perform
647 * the lookup operation asynchronously.
648 *
649 * Return value: (transfer full) (allow-none): a newly allocated
650 * #GTlsCertificate, or %NULL. Use g_object_unref() to release the certificate.
651 *
652 * Since: 2.30
653 */
654 GTlsCertificate*
655 g_tls_database_lookup_certificate_for_handle (GTlsDatabase *self,
656 const gchar *handle,
657 GTlsInteraction *interaction,
658 GTlsDatabaseLookupFlags flags,
659 GCancellable *cancellable,
660 GError **error)
661 {
662 g_return_val_if_fail (G_IS_TLS_DATABASE (self), NULL);
663 g_return_val_if_fail (handle != NULL, NULL);
664 g_return_val_if_fail (interaction == NULL || G_IS_TLS_INTERACTION (interaction), NULL);
665 g_return_val_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable), NULL);
666 g_return_val_if_fail (error == NULL || *error == NULL, NULL);
667 g_return_val_if_fail (G_TLS_DATABASE_GET_CLASS (self)->lookup_certificate_for_handle, NULL);
668 return G_TLS_DATABASE_GET_CLASS (self)->lookup_certificate_for_handle (self,
669 handle,
670 interaction,
671 flags,
672 cancellable,
673 error);
674 }
675
676
677 /**
678 * g_tls_database_lookup_certificate_for_handle_async:
679 * @self: a #GTlsDatabase
680 * @handle: a certificate handle
681 * @interaction: (allow-none): used to interact with the user if necessary
682 * @flags: Flags which affect the lookup.
683 * @cancellable: (allow-none): a #GCancellable, or %NULL
684 * @callback: callback to call when the operation completes
685 * @user_data: the data to pass to the callback function
686 *
687 * Asynchronously lookup a certificate by its handle in the database. See
688 * g_tls_database_lookup_certificate_for_handle() for more information.
689 *
690 * Since: 2.30
691 */
692 void
693 g_tls_database_lookup_certificate_for_handle_async (GTlsDatabase *self,
694 const gchar *handle,
695 GTlsInteraction *interaction,
696 GTlsDatabaseLookupFlags flags,
697 GCancellable *cancellable,
698 GAsyncReadyCallback callback,
699 gpointer user_data)
700 {
701 g_return_if_fail (G_IS_TLS_DATABASE (self));
702 g_return_if_fail (handle != NULL);
703 g_return_if_fail (interaction == NULL || G_IS_TLS_INTERACTION (interaction));
704 g_return_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable));
705 g_return_if_fail (G_TLS_DATABASE_GET_CLASS (self)->lookup_certificate_for_handle_async);
706 G_TLS_DATABASE_GET_CLASS (self)->lookup_certificate_for_handle_async (self,
707 handle,
708 interaction,
709 flags,
710 cancellable,
711 callback,
712 user_data);
713 }
714
715 /**
716 * g_tls_database_lookup_certificate_for_handle_finish:
717 * @self: a #GTlsDatabase
718 * @result: a #GAsyncResult.
719 * @error: a #GError pointer, or %NULL
720 *
721 * Finish an asynchronous lookup of a certificate by its handle. See
722 * g_tls_database_lookup_certificate_handle() for more information.
723 *
724 * If the handle is no longer valid, or does not point to a certificate in
725 * this database, then %NULL will be returned.
726 *
727 * Return value: (transfer full): a newly allocated #GTlsCertificate object.
728 * Use g_object_unref() to release the certificate.
729 *
730 * Since: 2.30
731 */
732 GTlsCertificate*
733 g_tls_database_lookup_certificate_for_handle_finish (GTlsDatabase *self,
734 GAsyncResult *result,
735 GError **error)
736 {
737 g_return_val_if_fail (G_IS_TLS_DATABASE (self), NULL);
738 g_return_val_if_fail (G_IS_ASYNC_RESULT (result), NULL);
739 g_return_val_if_fail (error == NULL || *error == NULL, NULL);
740 g_return_val_if_fail (G_TLS_DATABASE_GET_CLASS (self)->lookup_certificate_for_handle_finish, NULL);
741 return G_TLS_DATABASE_GET_CLASS (self)->lookup_certificate_for_handle_finish (self,
742 result,
743 error);
744 }
745
746 /**
747 * g_tls_database_lookup_certificate_issuer:
748 * @self: a #GTlsDatabase
749 * @certificate: a #GTlsCertificate
750 * @interaction: (allow-none): used to interact with the user if necessary
751 * @flags: flags which affect the lookup operation
752 * @cancellable: (allow-none): a #GCancellable, or %NULL
753 * @error: (allow-none): a #GError, or %NULL
754 *
755 * Lookup the issuer of @certificate in the database.
756 *
757 * The %issuer property
758 * of @certificate is not modified, and the two certificates are not hooked
759 * into a chain.
760 *
761 * This function can block, use g_tls_database_lookup_certificate_issuer_async() to perform
762 * the lookup operation asynchronously.
763 *
764 * Return value: (transfer full): a newly allocated issuer #GTlsCertificate,
765 * or %NULL. Use g_object_unref() to release the certificate.
766 *
767 * Since: 2.30
768 */
769 GTlsCertificate*
770 g_tls_database_lookup_certificate_issuer (GTlsDatabase *self,
771 GTlsCertificate *certificate,
772 GTlsInteraction *interaction,
773 GTlsDatabaseLookupFlags flags,
774 GCancellable *cancellable,
775 GError **error)
776 {
777 g_return_val_if_fail (G_IS_TLS_DATABASE (self), NULL);
778 g_return_val_if_fail (G_IS_TLS_CERTIFICATE (certificate), NULL);
779 g_return_val_if_fail (interaction == NULL || G_IS_TLS_INTERACTION (interaction), NULL);
780 g_return_val_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable), NULL);
781 g_return_val_if_fail (error == NULL || *error == NULL, NULL);
782 g_return_val_if_fail (G_TLS_DATABASE_GET_CLASS (self)->lookup_certificate_issuer, NULL);
783 return G_TLS_DATABASE_GET_CLASS (self)->lookup_certificate_issuer (self,
784 certificate,
785 interaction,
786 flags,
787 cancellable,
788 error);
789 }
790
791 /**
792 * g_tls_database_lookup_certificate_issuer_async:
793 * @self: a #GTlsDatabase
794 * @certificate: a #GTlsCertificate
795 * @interaction: (allow-none): used to interact with the user if necessary
796 * @flags: flags which affect the lookup operation
797 * @cancellable: (allow-none): a #GCancellable, or %NULL
798 * @callback: callback to call when the operation completes
799 * @user_data: the data to pass to the callback function
800 *
801 * Asynchronously lookup the issuer of @certificate in the database. See
802 * g_tls_database_lookup_certificate_issuer() for more information.
803 *
804 * Since: 2.30
805 */
806 void
807 g_tls_database_lookup_certificate_issuer_async (GTlsDatabase *self,
808 GTlsCertificate *certificate,
809 GTlsInteraction *interaction,
810 GTlsDatabaseLookupFlags flags,
811 GCancellable *cancellable,
812 GAsyncReadyCallback callback,
813 gpointer user_data)
814 {
815 g_return_if_fail (G_IS_TLS_DATABASE (self));
816 g_return_if_fail (G_IS_TLS_CERTIFICATE (certificate));
817 g_return_if_fail (interaction == NULL || G_IS_TLS_INTERACTION (interaction));
818 g_return_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable));
819 g_return_if_fail (callback != NULL);
820 g_return_if_fail (G_TLS_DATABASE_GET_CLASS (self)->lookup_certificate_issuer_async);
821 G_TLS_DATABASE_GET_CLASS (self)->lookup_certificate_issuer_async (self,
822 certificate,
823 interaction,
824 flags,
825 cancellable,
826 callback,
827 user_data);
828 }
829
830 /**
831 * g_tls_database_lookup_certificate_issuer_finish:
832 * @self: a #GTlsDatabase
833 * @result: a #GAsyncResult.
834 * @error: a #GError pointer, or %NULL
835 *
836 * Finish an asynchronous lookup issuer operation. See
837 * g_tls_database_lookup_certificate_issuer() for more information.
838 *
839 * Return value: (transfer full): a newly allocated issuer #GTlsCertificate,
840 * or %NULL. Use g_object_unref() to release the certificate.
841 *
842 * Since: 2.30
843 */
844 GTlsCertificate*
845 g_tls_database_lookup_certificate_issuer_finish (GTlsDatabase *self,
846 GAsyncResult *result,
847 GError **error)
848 {
849 g_return_val_if_fail (G_IS_TLS_DATABASE (self), NULL);
850 g_return_val_if_fail (G_IS_ASYNC_RESULT (result), NULL);
851 g_return_val_if_fail (error == NULL || *error == NULL, NULL);
852 g_return_val_if_fail (G_TLS_DATABASE_GET_CLASS (self)->lookup_certificate_issuer_finish, NULL);
853 return G_TLS_DATABASE_GET_CLASS (self)->lookup_certificate_issuer_finish (self,
854 result,
855 error);
856 }
857
858 /**
859 * g_tls_database_lookup_certificates_issued_by:
860 * @self: a #GTlsDatabase
861 * @issuer_raw_dn: a #GByteArray which holds the DER encoded issuer DN.
862 * @interaction: (allow-none): used to interact with the user if necessary
863 * @flags: Flags which affect the lookup operation.
864 * @cancellable: (allow-none): a #GCancellable, or %NULL
865 * @error: (allow-none): a #GError, or %NULL
866 *
867 * Lookup certificates issued by this issuer in the database.
868 *
869 * This function can block, use g_tls_database_lookup_certificates_issued_by_async() to perform
870 * the lookup operation asynchronously.
871 *
872 * Return value: (transfer full) (element-type GTlsCertificate): a newly allocated list of #GTlsCertificate
873 * objects. Use g_object_unref() on each certificate, and g_list_free() on the release the list.
874 *
875 * Since: 2.30
876 */
877 GList*
878 g_tls_database_lookup_certificates_issued_by (GTlsDatabase *self,
879 GByteArray *issuer_raw_dn,
880 GTlsInteraction *interaction,
881 GTlsDatabaseLookupFlags flags,
882 GCancellable *cancellable,
883 GError **error)
884 {
885 g_return_val_if_fail (G_IS_TLS_DATABASE (self), NULL);
886 g_return_val_if_fail (issuer_raw_dn, NULL);
887 g_return_val_if_fail (interaction == NULL || G_IS_TLS_INTERACTION (interaction), NULL);
888 g_return_val_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable), NULL);
889 g_return_val_if_fail (error == NULL || *error == NULL, NULL);
890 g_return_val_if_fail (G_TLS_DATABASE_GET_CLASS (self)->lookup_certificates_issued_by, NULL);
891 return G_TLS_DATABASE_GET_CLASS (self)->lookup_certificates_issued_by (self,
892 issuer_raw_dn,
893 interaction,
894 flags,
895 cancellable,
896 error);
897 }
898
899 /**
900 * g_tls_database_lookup_certificates_issued_by_async:
901 * @self: a #GTlsDatabase
902 * @issuer_raw_dn: a #GByteArray which holds the DER encoded issuer DN.
903 * @interaction: (allow-none): used to interact with the user if necessary
904 * @flags: Flags which affect the lookup operation.
905 * @cancellable: (allow-none): a #GCancellable, or %NULL
906 * @callback: callback to call when the operation completes
907 * @user_data: the data to pass to the callback function
908 *
909 * Asynchronously lookup certificates issued by this issuer in the database. See
910 * g_tls_database_lookup_certificates_issued_by() for more information.
911 *
912 * The database may choose to hold a reference to the issuer byte array for the duration
913 * of of this asynchronous operation. The byte array should not be modified during
914 * this time.
915 *
916 * Since: 2.30
917 */
918 void
919 g_tls_database_lookup_certificates_issued_by_async (GTlsDatabase *self,
920 GByteArray *issuer_raw_dn,
921 GTlsInteraction *interaction,
922 GTlsDatabaseLookupFlags flags,
923 GCancellable *cancellable,
924 GAsyncReadyCallback callback,
925 gpointer user_data)
926 {
927 g_return_if_fail (G_IS_TLS_DATABASE (self));
928 g_return_if_fail (issuer_raw_dn != NULL);
929 g_return_if_fail (interaction == NULL || G_IS_TLS_INTERACTION (interaction));
930 g_return_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable));
931 g_return_if_fail (callback != NULL);
932 g_return_if_fail (G_TLS_DATABASE_GET_CLASS (self)->lookup_certificates_issued_by_async);
933 G_TLS_DATABASE_GET_CLASS (self)->lookup_certificates_issued_by_async (self,
934 issuer_raw_dn,
935 interaction,
936 flags,
937 cancellable,
938 callback,
939 user_data);
940 }
941
942 /**
943 * g_tls_database_lookup_certificates_issued_by_finish:
944 * @self: a #GTlsDatabase
945 * @result: a #GAsyncResult.
946 * @error: a #GError pointer, or %NULL
947 *
948 * Finish an asynchronous lookup of certificates. See
949 * g_tls_database_lookup_certificates_issued_by() for more information.
950 *
951 * Return value: (transfer full): a newly allocated list of #GTlsCertificate objects.
952 * Use g_object_unref() on each certificate, and g_list_free() on the release the list.
953 *
954 * Since: 2.30
955 */
956 GList*
957 g_tls_database_lookup_certificates_issued_by_finish (GTlsDatabase *self,
958 GAsyncResult *result,
959 GError **error)
960 {
961 g_return_val_if_fail (G_IS_TLS_DATABASE (self), NULL);
962 g_return_val_if_fail (G_IS_ASYNC_RESULT (result), NULL);
963 g_return_val_if_fail (error == NULL || *error == NULL, NULL);
964 g_return_val_if_fail (G_TLS_DATABASE_GET_CLASS (self)->lookup_certificates_issued_by_finish, NULL);
965 return G_TLS_DATABASE_GET_CLASS (self)->lookup_certificates_issued_by_finish (self,
966 result,
967 error);
968 }
glib mirror