1 /* GIO - GLib Input, Output and Streaming Library
3 * Copyright (C) 2010 Collabora, Ltd.
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2 of the License, or (at your option) any later version.
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
15 * You should have received a copy of the GNU Lesser General
16 * Public License along with this library; if not, see <http://www.gnu.org/licenses/>.
18 * Author: Stef Walter <stefw@collabora.co.uk>
23 #include "gtlsdatabase.h"
25 #include "gasyncresult.h"
26 #include "gcancellable.h"
28 #include "gsocketconnectable.h"
30 #include "gtlscertificate.h"
31 #include "gtlsinteraction.h"
34 * SECTION:gtlsdatabase
35 * @short_description: TLS database type
38 * #GTlsDatabase is used to lookup certificates and other information
39 * from a certificate or key store. It is an abstract base class which
40 * TLS library specific subtypes override.
42 * Most common client applications will not directly interact with
43 * #GTlsDatabase. It is used internally by #GTlsConnection.
51 * Abstract base class for the backend-specific database types.
58 * @verify_chain: Virtual method implementing
59 * g_tls_database_verify_chain().
60 * @verify_chain_async: Virtual method implementing
61 * g_tls_database_verify_chain_async().
62 * @verify_chain_finish: Virtual method implementing
63 * g_tls_database_verify_chain_finish().
64 * @create_certificate_handle: Virtual method implementing
65 * g_tls_database_create_certificate_handle().
66 * @lookup_certificate_for_handle: Virtual method implementing
67 * g_tls_database_lookup_certificate_for_handle().
68 * @lookup_certificate_for_handle_async: Virtual method implementing
69 * g_tls_database_lookup_certificate_for_handle_async().
70 * @lookup_certificate_for_handle_finish: Virtual method implementing
71 * g_tls_database_lookup_certificate_for_handle_finish().
72 * @lookup_certificate_issuer: Virtual method implementing
73 * g_tls_database_lookup_certificate_issuer().
74 * @lookup_certificate_issuer_async: Virtual method implementing
75 * g_tls_database_lookup_certificate_issuer_async().
76 * @lookup_certificate_issuer_finish: Virtual method implementing
77 * g_tls_database_lookup_certificate_issuer_finish().
78 * @lookup_certificates_issued_by: Virtual method implementing
79 * g_tls_database_lookup_certificates_issued_by().
80 * @lookup_certificates_issued_by_async: Virtual method implementing
81 * g_tls_database_lookup_certificates_issued_by_async().
82 * @lookup_certificates_issued_by_finish: Virtual method implementing
83 * g_tls_database_lookup_certificates_issued_by_finish().
85 * The class for #GTlsDatabase. Derived classes should implement the various
86 * virtual methods. _async and _finish methods have a default
87 * implementation that runs the corresponding sync method in a thread.
92 G_DEFINE_ABSTRACT_TYPE (GTlsDatabase, g_tls_database, G_TYPE_OBJECT)
101 * G_TLS_DATABASE_PURPOSE_AUTHENTICATE_SERVER:
103 * The purpose used to verify the server certificate in a TLS connection. This
104 * is the most common purpose in use. Used by TLS clients.
108 * G_TLS_DATABASE_PURPOSE_AUTHENTICATE_CLIENT:
110 * The purpose used to verify the client certificate in a TLS connection.
111 * Used by TLS servers.
115 g_tls_database_init (GTlsDatabase *cert)
120 typedef struct _AsyncVerifyChain {
121 GTlsCertificate *chain;
123 GSocketConnectable *identity;
124 GTlsInteraction *interaction;
125 GTlsDatabaseVerifyFlags flags;
129 async_verify_chain_free (gpointer data)
131 AsyncVerifyChain *args = data;
132 g_clear_object (&args->chain);
133 g_free (args->purpose);
134 g_clear_object (&args->identity);
135 g_clear_object (&args->interaction);
136 g_slice_free (AsyncVerifyChain, args);
140 async_verify_chain_thread (GTask *task,
143 GCancellable *cancellable)
145 AsyncVerifyChain *args = task_data;
146 GTlsCertificateFlags verify_result;
147 GError *error = NULL;
149 verify_result = g_tls_database_verify_chain (G_TLS_DATABASE (object),
158 g_task_return_error (task, error);
160 g_task_return_int (task, (gssize)verify_result);
164 g_tls_database_real_verify_chain_async (GTlsDatabase *self,
165 GTlsCertificate *chain,
166 const gchar *purpose,
167 GSocketConnectable *identity,
168 GTlsInteraction *interaction,
169 GTlsDatabaseVerifyFlags flags,
170 GCancellable *cancellable,
171 GAsyncReadyCallback callback,
175 AsyncVerifyChain *args;
177 args = g_slice_new0 (AsyncVerifyChain);
178 args->chain = g_object_ref (chain);
179 args->purpose = g_strdup (purpose);
180 args->identity = identity ? g_object_ref (identity) : NULL;
181 args->interaction = interaction ? g_object_ref (interaction) : NULL;
184 task = g_task_new (self, cancellable, callback, user_data);
185 g_task_set_source_tag (task, g_tls_database_real_verify_chain_async);
186 g_task_set_task_data (task, args, async_verify_chain_free);
187 g_task_run_in_thread (task, async_verify_chain_thread);
188 g_object_unref (task);
191 static GTlsCertificateFlags
192 g_tls_database_real_verify_chain_finish (GTlsDatabase *self,
193 GAsyncResult *result,
196 GTlsCertificateFlags ret;
198 g_return_val_if_fail (g_task_is_valid (result, self), G_TLS_CERTIFICATE_GENERIC_ERROR);
200 ret = (GTlsCertificateFlags)g_task_propagate_int (G_TASK (result), error);
201 if (ret == (GTlsCertificateFlags)-1)
202 return G_TLS_CERTIFICATE_GENERIC_ERROR;
209 GTlsInteraction *interaction;
210 GTlsDatabaseLookupFlags flags;
211 } AsyncLookupCertificateForHandle;
214 async_lookup_certificate_for_handle_free (gpointer data)
216 AsyncLookupCertificateForHandle *args = data;
218 g_free (args->handle);
219 g_clear_object (&args->interaction);
220 g_slice_free (AsyncLookupCertificateForHandle, args);
224 async_lookup_certificate_for_handle_thread (GTask *task,
227 GCancellable *cancellable)
229 AsyncLookupCertificateForHandle *args = task_data;
230 GTlsCertificate *result;
231 GError *error = NULL;
233 result = g_tls_database_lookup_certificate_for_handle (G_TLS_DATABASE (object),
240 g_task_return_pointer (task, result, g_object_unref);
242 g_task_return_error (task, error);
246 g_tls_database_real_lookup_certificate_for_handle_async (GTlsDatabase *self,
248 GTlsInteraction *interaction,
249 GTlsDatabaseLookupFlags flags,
250 GCancellable *cancellable,
251 GAsyncReadyCallback callback,
255 AsyncLookupCertificateForHandle *args;
257 args = g_slice_new0 (AsyncLookupCertificateForHandle);
258 args->handle = g_strdup (handle);
259 args->interaction = interaction ? g_object_ref (interaction) : NULL;
261 task = g_task_new (self, cancellable, callback, user_data);
262 g_task_set_source_tag (task,
263 g_tls_database_real_lookup_certificate_for_handle_async);
264 g_task_set_task_data (task, args, async_lookup_certificate_for_handle_free);
265 g_task_run_in_thread (task, async_lookup_certificate_for_handle_thread);
266 g_object_unref (task);
269 static GTlsCertificate*
270 g_tls_database_real_lookup_certificate_for_handle_finish (GTlsDatabase *self,
271 GAsyncResult *result,
274 g_return_val_if_fail (g_task_is_valid (result, self), NULL);
276 return g_task_propagate_pointer (G_TASK (result), error);
281 GTlsCertificate *certificate;
282 GTlsInteraction *interaction;
283 GTlsDatabaseLookupFlags flags;
284 } AsyncLookupCertificateIssuer;
287 async_lookup_certificate_issuer_free (gpointer data)
289 AsyncLookupCertificateIssuer *args = data;
291 g_clear_object (&args->certificate);
292 g_clear_object (&args->interaction);
293 g_slice_free (AsyncLookupCertificateIssuer, args);
297 async_lookup_certificate_issuer_thread (GTask *task,
300 GCancellable *cancellable)
302 AsyncLookupCertificateIssuer *args = task_data;
303 GTlsCertificate *issuer;
304 GError *error = NULL;
306 issuer = g_tls_database_lookup_certificate_issuer (G_TLS_DATABASE (object),
313 g_task_return_pointer (task, issuer, g_object_unref);
315 g_task_return_error (task, error);
319 g_tls_database_real_lookup_certificate_issuer_async (GTlsDatabase *self,
320 GTlsCertificate *certificate,
321 GTlsInteraction *interaction,
322 GTlsDatabaseLookupFlags flags,
323 GCancellable *cancellable,
324 GAsyncReadyCallback callback,
328 AsyncLookupCertificateIssuer *args;
330 args = g_slice_new0 (AsyncLookupCertificateIssuer);
331 args->certificate = g_object_ref (certificate);
333 args->interaction = interaction ? g_object_ref (interaction) : NULL;
335 task = g_task_new (self, cancellable, callback, user_data);
336 g_task_set_source_tag (task,
337 g_tls_database_real_lookup_certificate_issuer_async);
338 g_task_set_task_data (task, args, async_lookup_certificate_issuer_free);
339 g_task_run_in_thread (task, async_lookup_certificate_issuer_thread);
340 g_object_unref (task);
343 static GTlsCertificate *
344 g_tls_database_real_lookup_certificate_issuer_finish (GTlsDatabase *self,
345 GAsyncResult *result,
348 g_return_val_if_fail (g_task_is_valid (result, self), NULL);
350 return g_task_propagate_pointer (G_TASK (result), error);
355 GTlsInteraction *interaction;
356 GTlsDatabaseLookupFlags flags;
357 } AsyncLookupCertificatesIssuedBy;
360 async_lookup_certificates_issued_by_free (gpointer data)
362 AsyncLookupCertificatesIssuedBy *args = data;
364 g_byte_array_unref (args->issuer);
365 g_clear_object (&args->interaction);
366 g_slice_free (AsyncLookupCertificatesIssuedBy, args);
370 async_lookup_certificates_free_certificates (gpointer data)
374 g_list_free_full (list, g_object_unref);
378 async_lookup_certificates_issued_by_thread (GTask *task,
381 GCancellable *cancellable)
383 AsyncLookupCertificatesIssuedBy *args = task_data;
385 GError *error = NULL;
387 results = g_tls_database_lookup_certificates_issued_by (G_TLS_DATABASE (object),
394 g_task_return_pointer (task, results, async_lookup_certificates_free_certificates);
396 g_task_return_error (task, error);
400 g_tls_database_real_lookup_certificates_issued_by_async (GTlsDatabase *self,
402 GTlsInteraction *interaction,
403 GTlsDatabaseLookupFlags flags,
404 GCancellable *cancellable,
405 GAsyncReadyCallback callback,
409 AsyncLookupCertificatesIssuedBy *args;
411 args = g_slice_new0 (AsyncLookupCertificatesIssuedBy);
412 args->issuer = g_byte_array_ref (issuer);
414 args->interaction = interaction ? g_object_ref (interaction) : NULL;
416 task = g_task_new (self, cancellable, callback, user_data);
417 g_task_set_source_tag (task,
418 g_tls_database_real_lookup_certificates_issued_by_async);
419 g_task_set_task_data (task, args, async_lookup_certificates_issued_by_free);
420 g_task_run_in_thread (task, async_lookup_certificates_issued_by_thread);
421 g_object_unref (task);
425 g_tls_database_real_lookup_certificates_issued_by_finish (GTlsDatabase *self,
426 GAsyncResult *result,
429 g_return_val_if_fail (g_task_is_valid (result, self), NULL);
431 return g_task_propagate_pointer (G_TASK (result), error);
435 g_tls_database_class_init (GTlsDatabaseClass *klass)
437 klass->verify_chain_async = g_tls_database_real_verify_chain_async;
438 klass->verify_chain_finish = g_tls_database_real_verify_chain_finish;
439 klass->lookup_certificate_for_handle_async = g_tls_database_real_lookup_certificate_for_handle_async;
440 klass->lookup_certificate_for_handle_finish = g_tls_database_real_lookup_certificate_for_handle_finish;
441 klass->lookup_certificate_issuer_async = g_tls_database_real_lookup_certificate_issuer_async;
442 klass->lookup_certificate_issuer_finish = g_tls_database_real_lookup_certificate_issuer_finish;
443 klass->lookup_certificates_issued_by_async = g_tls_database_real_lookup_certificates_issued_by_async;
444 klass->lookup_certificates_issued_by_finish = g_tls_database_real_lookup_certificates_issued_by_finish;
448 * g_tls_database_verify_chain:
449 * @self: a #GTlsDatabase
450 * @chain: a #GTlsCertificate chain
451 * @purpose: the purpose that this certificate chain will be used for.
452 * @identity: (nullable): the expected peer identity
453 * @interaction: (nullable): used to interact with the user if necessary
454 * @flags: additional verify flags
455 * @cancellable: (nullable): a #GCancellable, or %NULL
456 * @error: (nullable): a #GError, or %NULL
458 * Determines the validity of a certificate chain after looking up and
459 * adding any missing certificates to the chain.
461 * @chain is a chain of #GTlsCertificate objects each pointing to the next
462 * certificate in the chain by its %issuer property. The chain may initially
463 * consist of one or more certificates. After the verification process is
464 * complete, @chain may be modified by adding missing certificates, or removing
465 * extra certificates. If a certificate anchor was found, then it is added to
468 * @purpose describes the purpose (or usage) for which the certificate
469 * is being used. Typically @purpose will be set to #G_TLS_DATABASE_PURPOSE_AUTHENTICATE_SERVER
470 * which means that the certificate is being used to authenticate a server
471 * (and we are acting as the client).
473 * The @identity is used to check for pinned certificates (trust exceptions)
474 * in the database. These will override the normal verification process on a
475 * host by host basis.
477 * Currently there are no @flags, and %G_TLS_DATABASE_VERIFY_NONE should be
480 * If @chain is found to be valid, then the return value will be 0. If
481 * @chain is found to be invalid, then the return value will indicate
482 * the problems found. If the function is unable to determine whether
483 * @chain is valid or not (eg, because @cancellable is triggered
484 * before it completes) then the return value will be
485 * %G_TLS_CERTIFICATE_GENERIC_ERROR and @error will be set
486 * accordingly. @error is not set when @chain is successfully analyzed
487 * but found to be invalid.
489 * This function can block, use g_tls_database_verify_chain_async() to perform
490 * the verification operation asynchronously.
492 * Returns: the appropriate #GTlsCertificateFlags which represents the
493 * result of verification.
498 g_tls_database_verify_chain (GTlsDatabase *self,
499 GTlsCertificate *chain,
500 const gchar *purpose,
501 GSocketConnectable *identity,
502 GTlsInteraction *interaction,
503 GTlsDatabaseVerifyFlags flags,
504 GCancellable *cancellable,
507 g_return_val_if_fail (G_IS_TLS_DATABASE (self), G_TLS_CERTIFICATE_GENERIC_ERROR);
508 g_return_val_if_fail (G_IS_TLS_DATABASE (self),
509 G_TLS_CERTIFICATE_GENERIC_ERROR);
510 g_return_val_if_fail (G_IS_TLS_CERTIFICATE (chain),
511 G_TLS_CERTIFICATE_GENERIC_ERROR);
512 g_return_val_if_fail (purpose, G_TLS_CERTIFICATE_GENERIC_ERROR);
513 g_return_val_if_fail (interaction == NULL || G_IS_TLS_INTERACTION (interaction),
514 G_TLS_CERTIFICATE_GENERIC_ERROR);
515 g_return_val_if_fail (identity == NULL || G_IS_SOCKET_CONNECTABLE (identity),
516 G_TLS_CERTIFICATE_GENERIC_ERROR);
517 g_return_val_if_fail (error == NULL || *error == NULL, G_TLS_CERTIFICATE_GENERIC_ERROR);
519 g_return_val_if_fail (G_TLS_DATABASE_GET_CLASS (self)->verify_chain,
520 G_TLS_CERTIFICATE_GENERIC_ERROR);
522 return G_TLS_DATABASE_GET_CLASS (self)->verify_chain (self,
533 * g_tls_database_verify_chain_async:
534 * @self: a #GTlsDatabase
535 * @chain: a #GTlsCertificate chain
536 * @purpose: the purpose that this certificate chain will be used for.
537 * @identity: (nullable): the expected peer identity
538 * @interaction: (nullable): used to interact with the user if necessary
539 * @flags: additional verify flags
540 * @cancellable: (nullable): a #GCancellable, or %NULL
541 * @callback: callback to call when the operation completes
542 * @user_data: the data to pass to the callback function
544 * Asynchronously determines the validity of a certificate chain after
545 * looking up and adding any missing certificates to the chain. See
546 * g_tls_database_verify_chain() for more information.
551 g_tls_database_verify_chain_async (GTlsDatabase *self,
552 GTlsCertificate *chain,
553 const gchar *purpose,
554 GSocketConnectable *identity,
555 GTlsInteraction *interaction,
556 GTlsDatabaseVerifyFlags flags,
557 GCancellable *cancellable,
558 GAsyncReadyCallback callback,
561 g_return_if_fail (G_IS_TLS_DATABASE (self));
562 g_return_if_fail (G_IS_TLS_CERTIFICATE (chain));
563 g_return_if_fail (purpose != NULL);
564 g_return_if_fail (interaction == NULL || G_IS_TLS_INTERACTION (interaction));
565 g_return_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable));
566 g_return_if_fail (identity == NULL || G_IS_SOCKET_CONNECTABLE (identity));
567 g_return_if_fail (callback != NULL);
569 g_return_if_fail (G_TLS_DATABASE_GET_CLASS (self)->verify_chain_async);
570 G_TLS_DATABASE_GET_CLASS (self)->verify_chain_async (self,
582 * g_tls_database_verify_chain_finish:
583 * @self: a #GTlsDatabase
584 * @result: a #GAsyncResult.
585 * @error: a #GError pointer, or %NULL
587 * Finish an asynchronous verify chain operation. See
588 * g_tls_database_verify_chain() for more information.
590 * If @chain is found to be valid, then the return value will be 0. If
591 * @chain is found to be invalid, then the return value will indicate
592 * the problems found. If the function is unable to determine whether
593 * @chain is valid or not (eg, because @cancellable is triggered
594 * before it completes) then the return value will be
595 * %G_TLS_CERTIFICATE_GENERIC_ERROR and @error will be set
596 * accordingly. @error is not set when @chain is successfully analyzed
597 * but found to be invalid.
599 * Returns: the appropriate #GTlsCertificateFlags which represents the
600 * result of verification.
605 g_tls_database_verify_chain_finish (GTlsDatabase *self,
606 GAsyncResult *result,
609 g_return_val_if_fail (G_IS_TLS_DATABASE (self), G_TLS_CERTIFICATE_GENERIC_ERROR);
610 g_return_val_if_fail (G_IS_ASYNC_RESULT (result), G_TLS_CERTIFICATE_GENERIC_ERROR);
611 g_return_val_if_fail (error == NULL || *error == NULL, G_TLS_CERTIFICATE_GENERIC_ERROR);
612 g_return_val_if_fail (G_TLS_DATABASE_GET_CLASS (self)->verify_chain_finish,
613 G_TLS_CERTIFICATE_GENERIC_ERROR);
614 return G_TLS_DATABASE_GET_CLASS (self)->verify_chain_finish (self,
620 * g_tls_database_create_certificate_handle:
621 * @self: a #GTlsDatabase
622 * @certificate: certificate for which to create a handle.
624 * Create a handle string for the certificate. The database will only be able
625 * to create a handle for certificates that originate from the database. In
626 * cases where the database cannot create a handle for a certificate, %NULL
629 * This handle should be stable across various instances of the application,
630 * and between applications. If a certificate is modified in the database,
631 * then it is not guaranteed that this handle will continue to point to it.
633 * Returns: (nullable): a newly allocated string containing the
639 g_tls_database_create_certificate_handle (GTlsDatabase *self,
640 GTlsCertificate *certificate)
642 g_return_val_if_fail (G_IS_TLS_DATABASE (self), NULL);
643 g_return_val_if_fail (G_IS_TLS_CERTIFICATE (certificate), NULL);
644 g_return_val_if_fail (G_TLS_DATABASE_GET_CLASS (self)->create_certificate_handle, NULL);
645 return G_TLS_DATABASE_GET_CLASS (self)->create_certificate_handle (self,
650 * g_tls_database_lookup_certificate_for_handle:
651 * @self: a #GTlsDatabase
652 * @handle: a certificate handle
653 * @interaction: (nullable): used to interact with the user if necessary
654 * @flags: Flags which affect the lookup.
655 * @cancellable: (nullable): a #GCancellable, or %NULL
656 * @error: (nullable): a #GError, or %NULL
658 * Lookup a certificate by its handle.
660 * The handle should have been created by calling
661 * g_tls_database_create_certificate_handle() on a #GTlsDatabase object of
662 * the same TLS backend. The handle is designed to remain valid across
663 * instantiations of the database.
665 * If the handle is no longer valid, or does not point to a certificate in
666 * this database, then %NULL will be returned.
668 * This function can block, use g_tls_database_lookup_certificate_for_handle_async() to perform
669 * the lookup operation asynchronously.
671 * Returns: (transfer full) (nullable): a newly allocated
672 * #GTlsCertificate, or %NULL. Use g_object_unref() to release the certificate.
677 g_tls_database_lookup_certificate_for_handle (GTlsDatabase *self,
679 GTlsInteraction *interaction,
680 GTlsDatabaseLookupFlags flags,
681 GCancellable *cancellable,
684 g_return_val_if_fail (G_IS_TLS_DATABASE (self), NULL);
685 g_return_val_if_fail (handle != NULL, NULL);
686 g_return_val_if_fail (interaction == NULL || G_IS_TLS_INTERACTION (interaction), NULL);
687 g_return_val_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable), NULL);
688 g_return_val_if_fail (error == NULL || *error == NULL, NULL);
689 g_return_val_if_fail (G_TLS_DATABASE_GET_CLASS (self)->lookup_certificate_for_handle, NULL);
690 return G_TLS_DATABASE_GET_CLASS (self)->lookup_certificate_for_handle (self,
700 * g_tls_database_lookup_certificate_for_handle_async:
701 * @self: a #GTlsDatabase
702 * @handle: a certificate handle
703 * @interaction: (nullable): used to interact with the user if necessary
704 * @flags: Flags which affect the lookup.
705 * @cancellable: (nullable): a #GCancellable, or %NULL
706 * @callback: callback to call when the operation completes
707 * @user_data: the data to pass to the callback function
709 * Asynchronously lookup a certificate by its handle in the database. See
710 * g_tls_database_lookup_certificate_for_handle() for more information.
715 g_tls_database_lookup_certificate_for_handle_async (GTlsDatabase *self,
717 GTlsInteraction *interaction,
718 GTlsDatabaseLookupFlags flags,
719 GCancellable *cancellable,
720 GAsyncReadyCallback callback,
723 g_return_if_fail (G_IS_TLS_DATABASE (self));
724 g_return_if_fail (handle != NULL);
725 g_return_if_fail (interaction == NULL || G_IS_TLS_INTERACTION (interaction));
726 g_return_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable));
727 g_return_if_fail (G_TLS_DATABASE_GET_CLASS (self)->lookup_certificate_for_handle_async);
728 G_TLS_DATABASE_GET_CLASS (self)->lookup_certificate_for_handle_async (self,
738 * g_tls_database_lookup_certificate_for_handle_finish:
739 * @self: a #GTlsDatabase
740 * @result: a #GAsyncResult.
741 * @error: a #GError pointer, or %NULL
743 * Finish an asynchronous lookup of a certificate by its handle. See
744 * g_tls_database_lookup_certificate_handle() for more information.
746 * If the handle is no longer valid, or does not point to a certificate in
747 * this database, then %NULL will be returned.
749 * Returns: (transfer full): a newly allocated #GTlsCertificate object.
750 * Use g_object_unref() to release the certificate.
755 g_tls_database_lookup_certificate_for_handle_finish (GTlsDatabase *self,
756 GAsyncResult *result,
759 g_return_val_if_fail (G_IS_TLS_DATABASE (self), NULL);
760 g_return_val_if_fail (G_IS_ASYNC_RESULT (result), NULL);
761 g_return_val_if_fail (error == NULL || *error == NULL, NULL);
762 g_return_val_if_fail (G_TLS_DATABASE_GET_CLASS (self)->lookup_certificate_for_handle_finish, NULL);
763 return G_TLS_DATABASE_GET_CLASS (self)->lookup_certificate_for_handle_finish (self,
769 * g_tls_database_lookup_certificate_issuer:
770 * @self: a #GTlsDatabase
771 * @certificate: a #GTlsCertificate
772 * @interaction: (nullable): used to interact with the user if necessary
773 * @flags: flags which affect the lookup operation
774 * @cancellable: (nullable): a #GCancellable, or %NULL
775 * @error: (nullable): a #GError, or %NULL
777 * Lookup the issuer of @certificate in the database.
779 * The %issuer property
780 * of @certificate is not modified, and the two certificates are not hooked
783 * This function can block, use g_tls_database_lookup_certificate_issuer_async() to perform
784 * the lookup operation asynchronously.
786 * Returns: (transfer full): a newly allocated issuer #GTlsCertificate,
787 * or %NULL. Use g_object_unref() to release the certificate.
792 g_tls_database_lookup_certificate_issuer (GTlsDatabase *self,
793 GTlsCertificate *certificate,
794 GTlsInteraction *interaction,
795 GTlsDatabaseLookupFlags flags,
796 GCancellable *cancellable,
799 g_return_val_if_fail (G_IS_TLS_DATABASE (self), NULL);
800 g_return_val_if_fail (G_IS_TLS_CERTIFICATE (certificate), NULL);
801 g_return_val_if_fail (interaction == NULL || G_IS_TLS_INTERACTION (interaction), NULL);
802 g_return_val_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable), NULL);
803 g_return_val_if_fail (error == NULL || *error == NULL, NULL);
804 g_return_val_if_fail (G_TLS_DATABASE_GET_CLASS (self)->lookup_certificate_issuer, NULL);
805 return G_TLS_DATABASE_GET_CLASS (self)->lookup_certificate_issuer (self,
814 * g_tls_database_lookup_certificate_issuer_async:
815 * @self: a #GTlsDatabase
816 * @certificate: a #GTlsCertificate
817 * @interaction: (nullable): used to interact with the user if necessary
818 * @flags: flags which affect the lookup operation
819 * @cancellable: (nullable): a #GCancellable, or %NULL
820 * @callback: callback to call when the operation completes
821 * @user_data: the data to pass to the callback function
823 * Asynchronously lookup the issuer of @certificate in the database. See
824 * g_tls_database_lookup_certificate_issuer() for more information.
829 g_tls_database_lookup_certificate_issuer_async (GTlsDatabase *self,
830 GTlsCertificate *certificate,
831 GTlsInteraction *interaction,
832 GTlsDatabaseLookupFlags flags,
833 GCancellable *cancellable,
834 GAsyncReadyCallback callback,
837 g_return_if_fail (G_IS_TLS_DATABASE (self));
838 g_return_if_fail (G_IS_TLS_CERTIFICATE (certificate));
839 g_return_if_fail (interaction == NULL || G_IS_TLS_INTERACTION (interaction));
840 g_return_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable));
841 g_return_if_fail (callback != NULL);
842 g_return_if_fail (G_TLS_DATABASE_GET_CLASS (self)->lookup_certificate_issuer_async);
843 G_TLS_DATABASE_GET_CLASS (self)->lookup_certificate_issuer_async (self,
853 * g_tls_database_lookup_certificate_issuer_finish:
854 * @self: a #GTlsDatabase
855 * @result: a #GAsyncResult.
856 * @error: a #GError pointer, or %NULL
858 * Finish an asynchronous lookup issuer operation. See
859 * g_tls_database_lookup_certificate_issuer() for more information.
861 * Returns: (transfer full): a newly allocated issuer #GTlsCertificate,
862 * or %NULL. Use g_object_unref() to release the certificate.
867 g_tls_database_lookup_certificate_issuer_finish (GTlsDatabase *self,
868 GAsyncResult *result,
871 g_return_val_if_fail (G_IS_TLS_DATABASE (self), NULL);
872 g_return_val_if_fail (G_IS_ASYNC_RESULT (result), NULL);
873 g_return_val_if_fail (error == NULL || *error == NULL, NULL);
874 g_return_val_if_fail (G_TLS_DATABASE_GET_CLASS (self)->lookup_certificate_issuer_finish, NULL);
875 return G_TLS_DATABASE_GET_CLASS (self)->lookup_certificate_issuer_finish (self,
881 * g_tls_database_lookup_certificates_issued_by:
882 * @self: a #GTlsDatabase
883 * @issuer_raw_dn: a #GByteArray which holds the DER encoded issuer DN.
884 * @interaction: (nullable): used to interact with the user if necessary
885 * @flags: Flags which affect the lookup operation.
886 * @cancellable: (nullable): a #GCancellable, or %NULL
887 * @error: (nullable): a #GError, or %NULL
889 * Lookup certificates issued by this issuer in the database.
891 * This function can block, use g_tls_database_lookup_certificates_issued_by_async() to perform
892 * the lookup operation asynchronously.
894 * Returns: (transfer full) (element-type GTlsCertificate): a newly allocated list of #GTlsCertificate
895 * objects. Use g_object_unref() on each certificate, and g_list_free() on the release the list.
900 g_tls_database_lookup_certificates_issued_by (GTlsDatabase *self,
901 GByteArray *issuer_raw_dn,
902 GTlsInteraction *interaction,
903 GTlsDatabaseLookupFlags flags,
904 GCancellable *cancellable,
907 g_return_val_if_fail (G_IS_TLS_DATABASE (self), NULL);
908 g_return_val_if_fail (issuer_raw_dn, NULL);
909 g_return_val_if_fail (interaction == NULL || G_IS_TLS_INTERACTION (interaction), NULL);
910 g_return_val_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable), NULL);
911 g_return_val_if_fail (error == NULL || *error == NULL, NULL);
912 g_return_val_if_fail (G_TLS_DATABASE_GET_CLASS (self)->lookup_certificates_issued_by, NULL);
913 return G_TLS_DATABASE_GET_CLASS (self)->lookup_certificates_issued_by (self,
922 * g_tls_database_lookup_certificates_issued_by_async:
923 * @self: a #GTlsDatabase
924 * @issuer_raw_dn: a #GByteArray which holds the DER encoded issuer DN.
925 * @interaction: (nullable): used to interact with the user if necessary
926 * @flags: Flags which affect the lookup operation.
927 * @cancellable: (nullable): a #GCancellable, or %NULL
928 * @callback: callback to call when the operation completes
929 * @user_data: the data to pass to the callback function
931 * Asynchronously lookup certificates issued by this issuer in the database. See
932 * g_tls_database_lookup_certificates_issued_by() for more information.
934 * The database may choose to hold a reference to the issuer byte array for the duration
935 * of of this asynchronous operation. The byte array should not be modified during
941 g_tls_database_lookup_certificates_issued_by_async (GTlsDatabase *self,
942 GByteArray *issuer_raw_dn,
943 GTlsInteraction *interaction,
944 GTlsDatabaseLookupFlags flags,
945 GCancellable *cancellable,
946 GAsyncReadyCallback callback,
949 g_return_if_fail (G_IS_TLS_DATABASE (self));
950 g_return_if_fail (issuer_raw_dn != NULL);
951 g_return_if_fail (interaction == NULL || G_IS_TLS_INTERACTION (interaction));
952 g_return_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable));
953 g_return_if_fail (callback != NULL);
954 g_return_if_fail (G_TLS_DATABASE_GET_CLASS (self)->lookup_certificates_issued_by_async);
955 G_TLS_DATABASE_GET_CLASS (self)->lookup_certificates_issued_by_async (self,
965 * g_tls_database_lookup_certificates_issued_by_finish:
966 * @self: a #GTlsDatabase
967 * @result: a #GAsyncResult.
968 * @error: a #GError pointer, or %NULL
970 * Finish an asynchronous lookup of certificates. See
971 * g_tls_database_lookup_certificates_issued_by() for more information.
973 * Returns: (transfer full) (element-type GTlsCertificate): a newly allocated list of #GTlsCertificate
974 * objects. Use g_object_unref() on each certificate, and g_list_free() on the release the list.
979 g_tls_database_lookup_certificates_issued_by_finish (GTlsDatabase *self,
980 GAsyncResult *result,
983 g_return_val_if_fail (G_IS_TLS_DATABASE (self), NULL);
984 g_return_val_if_fail (G_IS_ASYNC_RESULT (result), NULL);
985 g_return_val_if_fail (error == NULL || *error == NULL, NULL);
986 g_return_val_if_fail (G_TLS_DATABASE_GET_CLASS (self)->lookup_certificates_issued_by_finish, NULL);
987 return G_TLS_DATABASE_GET_CLASS (self)->lookup_certificates_issued_by_finish (self,
projects / platform / upstream / glib.git / blob