* 02111-1307, USA.
*/
+#if !defined (__GCR_INSIDE_HEADER__) && !defined (GCR_COMPILATION)
+#error "Only <gcr/gcr.h> or <gcr/gcr-base.h> can be included directly."
+#endif
+
#ifndef __GCR_TRUST_H__
#define __GCR_TRUST_H__
+#include "gcr-certificate.h"
#include "gcr-types.h"
G_BEGIN_DECLS
-typedef enum _GcrTrust {
- GCR_TRUST_UNTRUSTED = -1,
- GCR_TRUST_UNKNOWN = 0,
- GCR_TRUST_TRUSTED,
-} GcrTrust;
-
-typedef enum _GcrPurpose {
- GCR_PURPOSE_SERVER_AUTH = 1,
- GCR_PURPOSE_CLIENT_AUTH,
- GCR_PURPOSE_CODE_SIGNING,
- GCR_PURPOSE_EMAIL,
- GCR_PURPOSE_TIME_STAMPING,
- GCR_PURPOSE_IPSEC_ENDPOINT,
- GCR_PURPOSE_IPSEC_TUNNEL,
- GCR_PURPOSE_IPSEC_USER,
- GCR_PURPOSE_IKE_INTERMEDIATE,
-} GcrPurpose;
-
-GcrTrust gcr_trust_get_certificate_exception (GcrCertificate *cert,
- GcrPurpose purpose,
- GCancellable *cancel,
- GError **error);
-
-void gcr_trust_get_certificate_exception_async (GcrCertificate *cert,
- GcrPurpose purpose,
- GCancellable *cancel,
- GAsyncReadyCallback callback,
- gpointer user_data);
-
-GcrTrust gcr_trust_get_certificate_exception_finish (GAsyncResult *res,
- GError **error);
-
-gboolean gcr_trust_set_certificate_exception (GcrCertificate *cert,
- GcrPurpose purpose,
- GcrTrust trust,
- GCancellable *cancel,
- GError **error);
-
-void gcr_trust_set_certificate_exception_async (GcrCertificate *cert,
- GcrPurpose purpose,
- GcrTrust trust,
- GCancellable *cancel,
- GAsyncReadyCallback callback,
- gpointer user_data);
-
-gboolean gcr_trust_set_certificate_exception_finish (GAsyncResult *res,
- GError **error);
-
-gboolean gcr_trust_is_certificate_root (GcrCertificate *cert,
- GcrPurpose purpose,
- GCancellable *cancel,
- GError **error);
-
-void gcr_trust_is_certificate_root_async (GcrCertificate *cert,
- GcrPurpose purpose,
- GCancellable *cancel,
- GAsyncReadyCallback callback,
- gpointer user_data);
-
-gboolean gcr_trust_is_certificate_root_finish (GAsyncResult *res,
- GError **error);
+#define GCR_PURPOSE_SERVER_AUTH "1.3.6.1.5.5.7.3.1"
+#define GCR_PURPOSE_CLIENT_AUTH "1.3.6.1.5.5.7.3.2"
+#define GCR_PURPOSE_CODE_SIGNING "1.3.6.1.5.5.7.3.3"
+#define GCR_PURPOSE_EMAIL "1.3.6.1.5.5.7.3.4"
+
+gboolean gcr_trust_is_certificate_pinned (GcrCertificate *certificate,
+ const gchar *purpose,
+ const gchar *peer,
+ GCancellable *cancellable,
+ GError **error);
+
+void gcr_trust_is_certificate_pinned_async (GcrCertificate *certificate,
+ const gchar *purpose,
+ const gchar *peer,
+ GCancellable *cancellable,
+ GAsyncReadyCallback callback,
+ gpointer user_data);
+
+gboolean gcr_trust_is_certificate_pinned_finish (GAsyncResult *result,
+ GError **error);
+
+gboolean gcr_trust_add_pinned_certificate (GcrCertificate *certificate,
+ const gchar *purpose,
+ const gchar *peer,
+ GCancellable *cancellable,
+ GError **error);
+
+void gcr_trust_add_pinned_certificate_async (GcrCertificate *certificate,
+ const gchar *purpose,
+ const gchar *peer,
+ GCancellable *cancellable,
+ GAsyncReadyCallback callback,
+ gpointer user_data);
+
+gboolean gcr_trust_add_pinned_certificate_finish (GAsyncResult *result,
+ GError **error);
+
+gboolean gcr_trust_remove_pinned_certificate (GcrCertificate *certificate,
+ const gchar *purpose,
+ const gchar *peer,
+ GCancellable *cancellable,
+ GError **error);
+
+void gcr_trust_remove_pinned_certificate_async (GcrCertificate *certificate,
+ const gchar *purpose,
+ const gchar *peer,
+ GCancellable *cancellable,
+ GAsyncReadyCallback callback,
+ gpointer user_data);
+
+gboolean gcr_trust_remove_pinned_certificate_finish (GAsyncResult *result,
+ GError **error);
+
+gboolean gcr_trust_is_certificate_anchored (GcrCertificate *certificate,
+ const gchar *purpose,
+ GCancellable *cancellable,
+ GError **error);
+
+void gcr_trust_is_certificate_anchored_async (GcrCertificate *certificate,
+ const gchar *purpose,
+ GCancellable *cancellable,
+ GAsyncReadyCallback callback,
+ gpointer user_data);
+
+gboolean gcr_trust_is_certificate_anchored_finish (GAsyncResult *result,
+ GError **error);
G_END_DECLS