glibmm: Gio::TlsCertificate Class Reference

TlsCertificate - TLS certificate. More...

#include <giomm/tlscertificate.h>

Inheritance diagram for Gio::TlsCertificate:

Public Member Functions

TlsCertificate ( TlsCertificate && src) noexcept
TlsCertificate & operator= ( TlsCertificate && src) noexcept
~TlsCertificate () noexceptoverride
GTlsCertificate* gobj ()
Provides access to the underlying C GObject. More...

const GTlsCertificate* gobj () const
Provides access to the underlying C GObject. More...

GTlsCertificate* gobj_copy ()
Provides access to the underlying C instance. The caller is responsible for unrefing it. Use when directly setting fields in structs. More...

Glib::RefPtr < TlsCertificate > get_issuer ()
Gets the TlsCertificate representing cert's issuer, if known. More...

Glib::RefPtr < const TlsCertificate > get_issuer () const
Gets the TlsCertificate representing cert's issuer, if known. More...

TlsCertificateFlags verify (const Glib::RefPtr < const SocketConnectable >& identity, const Glib::RefPtr < const TlsCertificate >& trusted_ca) const
This verifies cert and returns a set of TlsCertificateFlags indicating any problems found with it. More...

TlsCertificateFlags verify (const Glib::RefPtr < const SocketConnectable >& identity) const
A verify() convenience overload. More...

TlsCertificateFlags verify (const Glib::RefPtr < const TlsCertificate >& trusted_ca) const
A verify() convenience overload. More...

TlsCertificateFlags verify () const
A verify() convenience overload. More...

bool is_same (const Glib::RefPtr < const TlsCertificate >& cert_two) const
Check if two TlsCertificate objects represent the same certificate. More...

Glib::PropertyProxy_ReadOnly < Glib::RefPtr < Glib::ByteArray > > property_certificate () const
The DER (binary) encoded representation of the certificate. More...

Glib::PropertyProxy_ReadOnly < std::string > property_certificate_pem () const
The PEM (ASCII) encoded representation of the certificate. More...

Glib::PropertyProxy_ReadOnly < Glib::RefPtr < TlsCertificate > > property_issuer () const
A TlsCertificate representing the entity that issued this certificate. More...

virtual TlsCertificateFlags verify_vfunc (const Glib::RefPtr < const SocketConnectable >& identity, const Glib::RefPtr < const TlsCertificate >& trusted_ca) const
- Public Member Functions inherited from Glib::Object
Object (const Object &)=delete
Object & operator= (const Object &)=delete
Object ( Object && src) noexcept
Object & operator= ( Object && src) noexcept
void* get_data (const QueryQuark & key)
void set_data (const Quark & key, void* data)
void set_data (const Quark & key, void* data, DestroyNotify notify)
void remove_data (const QueryQuark & quark)
void* steal_data (const QueryQuark & quark)
- Public Member Functions inherited from Glib::ObjectBase
ObjectBase (const ObjectBase &)=delete
ObjectBase & operator= (const ObjectBase &)=delete
void set_property_value (const Glib::ustring & property_name, const Glib::ValueBase & value)
You probably want to use a specific property_*() accessor method instead. More...

void get_property_value (const Glib::ustring & property_name, Glib::ValueBase & value) const
You probably want to use a specific property_*() accessor method instead. More...

template<class PropertyType >
void set_property (const Glib::ustring & property_name, const PropertyType& value)
You probably want to use a specific property_*() accessor method instead. More...

template<class PropertyType >
void get_property (const Glib::ustring & property_name, PropertyType& value) const
You probably want to use a specific property_*() accessor method instead. More...

void connect_property_changed (const Glib::ustring & property_name, const sigc::slot < void >& slot)
You can use the signal_changed() signal of the property proxy instead. More...

void connect_property_changed (const Glib::ustring & property_name, sigc::slot < void >&& slot)
You can use the signal_changed() signal of the property proxy instead. More...

sigc::connection connect_property_changed_with_return (const Glib::ustring & property_name, const sigc::slot < void >& slot)
You can use the signal_changed() signal of the property proxy instead. More...

sigc::connection connect_property_changed_with_return (const Glib::ustring & property_name, sigc::slot < void >&& slot)
You can use the signal_changed() signal of the property proxy instead. More...

void freeze_notify ()
Increases the freeze count on object. More...

void thaw_notify ()
Reverts the effect of a previous call to freeze_notify() . More...

virtual void reference () const
Increment the reference count for this object. More...

virtual void unreference () const
Decrement the reference count for this object. More...

GObject* gobj ()
Provides access to the underlying C GObject. More...

const GObject* gobj () const
Provides access to the underlying C GObject. More...

GObject* gobj_copy () const
Give a ref-ed copy to someone. Use for direct struct access. More...

- Public Member Functions inherited from sigc::trackable
trackable () noexcept
trackable (const trackable &src) noexcept
trackable ( trackable &&src)
~trackable ()
void add_destroy_notify_callback (void *data, func_destroy_notify func) const
void notify_callbacks ()
trackable & operator= (const trackable &src)
trackable & operator= ( trackable &&src)
void remove_destroy_notify_callback (void *data) const

Static Public Member Functions

static GType get_type ()
Get the GType for this class, for use with the underlying GObject type system. More...

static Glib::RefPtr < TlsCertificate > create_from_pem (const std::string & data, gssize length=-1)
Creates a TlsCertificate from the PEM-encoded data in data . More...

static Glib::RefPtr < TlsCertificate > create (const std::string & file)
Creates a TlsCertificate from the PEM-encoded data in file . More...

static Glib::RefPtr < TlsCertificate > create (const std::string & cert_file, const std::string & key_file)
Creates a TlsCertificate from the PEM-encoded data in cert_file and key_file . More...

static std::vector < Glib::RefPtr < TlsCertificate > > create_list_from_file (const std::string & file)
Creates one or more TlsCertificates from the PEM-encoded data in file . More...

Protected Member Functions

TlsCertificate (const std::string & data, gssize length)
TlsCertificate (const std::string & file)
TlsCertificate (const std::string & cert_file, const std::string & key_file)
- Protected Member Functions inherited from Glib::Object
Object ()
Object (const Glib::ConstructParams& construct_params)
Object (GObject* castitem)
~Object () noexceptoverride
- Protected Member Functions inherited from Glib::ObjectBase
ObjectBase ()
This default constructor is called implicitly from the constructor of user-derived classes, even if, for instance, Gtk::Button calls a different ObjectBase constructor. More...

ObjectBase (const char* custom_type_name)
A derived constructor always overrides this choice. More...

ObjectBase (const std::type_info & custom_type_info)
This constructor is a special feature to allow creation of derived types on the fly, without having to use g_object_new() manually. More...

ObjectBase ( ObjectBase && src) noexcept
ObjectBase & operator= ( ObjectBase && src) noexcept
virtual ~ObjectBase () noexcept=0
void initialize (GObject* castitem)
void initialize_move (GObject* castitem, Glib::ObjectBase * previous_wrapper)

Related Functions

(Note that these are not member functions.)

Glib::RefPtr < Gio::TlsCertificate > wrap (GTlsCertificate* object, bool take_copy=false)
A Glib::wrap() method for this object. More...

Additional Inherited Members

- Public Types inherited from Glib::Object
using DestroyNotify = void(*)(gpointer data)
- Public Types inherited from sigc::trackable
typedef internal::func_destroy_notify func_destroy_notify

Detailed Description

TlsCertificate - TLS certificate.

A certificate used for TLS authentication and encryption. This can represent either a certificate only (eg, the certificate received by a client from a server), or the combination of a certificate and a private key (which is needed when acting as a TlsServerConnection ).

Since glibmm 2.36:

Constructor & Destructor Documentation

Gio::TlsCertificate::TlsCertificate ( TlsCertificate && src )
noexcept
Gio::TlsCertificate::~TlsCertificate ( )
override noexcept
Gio::TlsCertificate::TlsCertificate ( const std::string & data ,
gssize length
)
explicit protected
Gio::TlsCertificate::TlsCertificate ( const std::string & file )
explicit protected
Gio::TlsCertificate::TlsCertificate ( const std::string & cert_file ,
const std::string & key_file
)
explicit protected

Member Function Documentation

static Glib::RefPtr < TlsCertificate > Gio::TlsCertificate::create ( const std::string & file )
static

Creates a TlsCertificate from the PEM-encoded data in file .

The returned certificate will be the first certificate found in file . As of GLib 2.44, if file contains more certificates it will try to load a certificate chain. All certificates will be verified in the order found (top-level certificate should be the last one in the file) and the TlsCertificate::property_issuer() property of each certificate will be set accordingly if the verification succeeds. If any certificate in the chain cannot be verified, the first certificate in the file will still be returned.

If file cannot be read or parsed, the function will return nullptr and set error . Otherwise, this behaves like g_tls_certificate_new_from_pem().

Since glibmm 2.28:
Parameters
file File containing a PEM-encoded certificate to import.
Returns
The new certificate, or nullptr on error.
static Glib::RefPtr < TlsCertificate > Gio::TlsCertificate::create ( const std::string & cert_file ,
const std::string & key_file
)
static

Creates a TlsCertificate from the PEM-encoded data in cert_file and key_file .

The returned certificate will be the first certificate found in cert_file . As of GLib 2.44, if cert_file contains more certificates it will try to load a certificate chain. All certificates will be verified in the order found (top-level certificate should be the last one in the file) and the TlsCertificate::property_issuer() property of each certificate will be set accordingly if the verification succeeds. If any certificate in the chain cannot be verified, the first certificate in the file will still be returned.

If either file cannot be read or parsed, the function will return nullptr and set error . Otherwise, this behaves like g_tls_certificate_new_from_pem().

Since glibmm 2.28:
Parameters
cert_file File containing one or more PEM-encoded certificates to import.
key_file File containing a PEM-encoded private key to import.
Returns
The new certificate, or nullptr on error.
static Glib::RefPtr < TlsCertificate > Gio::TlsCertificate::create_from_pem ( const std::string & data ,
gssize length = -1
)
static

Creates a TlsCertificate from the PEM-encoded data in data .

If data includes both a certificate and a private key, then the returned certificate will include the private key data as well. (See the TlsCertificate::property_private_key_pem() property for information about supported formats.)

The returned certificate will be the first certificate found in data . As of GLib 2.44, if data contains more certificates it will try to load a certificate chain. All certificates will be verified in the order found (top-level certificate should be the last one in the file) and the TlsCertificate::property_issuer() property of each certificate will be set accordingly if the verification succeeds. If any certificate in the chain cannot be verified, the first certificate in the file will still be returned.

Since glibmm 2.28:
Parameters
data PEM-encoded certificate data.
length The length of data , or -1 if it's 0-terminated.
Returns
The new certificate, or nullptr if data is invalid.
static std::vector < Glib::RefPtr < TlsCertificate > > Gio::TlsCertificate::create_list_from_file ( const std::string & file )
static

Creates one or more TlsCertificates from the PEM-encoded data in file .

If file cannot be read or parsed, the function will return nullptr and set error . If file does not contain any PEM-encoded certificates, this will return an empty list and not set error .

Since glibmm 2.28:
Parameters
file File containing PEM-encoded certificates to import.
Returns
A List containing TlsCertificate objects. You must free the list and its contents when you are done with it.
Glib::RefPtr < TlsCertificate > Gio::TlsCertificate::get_issuer ( )

Gets the TlsCertificate representing cert's issuer, if known.

Since glibmm 2.28:
Returns
The certificate of cert's issuer, or nullptr if cert is self-signed or signed with an unknown certificate.
Glib::RefPtr <const TlsCertificate > Gio::TlsCertificate::get_issuer ( ) const

Gets the TlsCertificate representing cert's issuer, if known.

Since glibmm 2.28:
Returns
The certificate of cert's issuer, or nullptr if cert is self-signed or signed with an unknown certificate.
static GType Gio::TlsCertificate::get_type ( )
static

Get the GType for this class, for use with the underlying GObject type system.

GTlsCertificate* Gio::TlsCertificate::gobj ( )
inline

Provides access to the underlying C GObject.

const GTlsCertificate* Gio::TlsCertificate::gobj ( ) const
inline

Provides access to the underlying C GObject.

GTlsCertificate* Gio::TlsCertificate::gobj_copy ( )

Provides access to the underlying C instance. The caller is responsible for unrefing it. Use when directly setting fields in structs.

bool Gio::TlsCertificate::is_same ( const Glib::RefPtr < const TlsCertificate >& cert_two ) const

Check if two TlsCertificate objects represent the same certificate.

The raw DER byte data of the two certificates are checked for equality. This has the effect that two certificates may compare equal even if their TlsCertificate::property_issuer() , TlsCertificate::property_private_key(), or TlsCertificate::property_private_key_pem() properties differ.

Since glibmm 2.34:
Parameters
cert_two Second certificate to compare.
Returns
Whether the same or not.
TlsCertificate & Gio::TlsCertificate::operator= ( TlsCertificate && src )
noexcept
Glib::PropertyProxy_ReadOnly < Glib::RefPtr < Glib::ByteArray > > Gio::TlsCertificate::property_certificate ( ) const

The DER (binary) encoded representation of the certificate.

This property and the TlsCertificate::property_certificate_pem() property represent the same data, just in different forms.

Since glibmm 2.28:
Returns
A PropertyProxy_ReadOnly that allows you to get the value of the property, or receive notification when the value of the property changes.
Glib::PropertyProxy_ReadOnly < std::string > Gio::TlsCertificate::property_certificate_pem ( ) const

The PEM (ASCII) encoded representation of the certificate.

This property and the TlsCertificate::property_certificate() property represent the same data, just in different forms.

Since glibmm 2.28:
Returns
A PropertyProxy_ReadOnly that allows you to get the value of the property, or receive notification when the value of the property changes.
Glib::PropertyProxy_ReadOnly < Glib::RefPtr < TlsCertificate > > Gio::TlsCertificate::property_issuer ( ) const

A TlsCertificate representing the entity that issued this certificate.

If nullptr , this means that the certificate is either self-signed, or else the certificate of the issuer is not available.

Since glibmm 2.28:
Returns
A PropertyProxy_ReadOnly that allows you to get the value of the property, or receive notification when the value of the property changes.
TlsCertificateFlags Gio::TlsCertificate::verify ( const Glib::RefPtr < const SocketConnectable >& identity ,
const Glib::RefPtr < const TlsCertificate >& trusted_ca
) const

This verifies cert and returns a set of TlsCertificateFlags indicating any problems found with it.

This can be used to verify a certificate outside the context of making a connection, or to check a certificate against a CA that is not part of the system CA database.

If identity is not nullptr , cert's name(s) will be compared against it, and TLS_CERTIFICATE_BAD_IDENTITY will be set in the return value if it does not match. If identity is nullptr , that bit will never be set in the return value.

If trusted_ca is not nullptr , then cert (or one of the certificates in its chain) must be signed by it, or else TLS_CERTIFICATE_UNKNOWN_CA will be set in the return value. If trusted_ca is nullptr , that bit will never be set in the return value.

(All other TlsCertificateFlags values will always be set or unset as appropriate.)

Since glibmm 2.28:
Parameters
identity The expected peer identity.
trusted_ca The certificate of a trusted authority.
Returns
The appropriate TlsCertificateFlags.
TlsCertificateFlags Gio::TlsCertificate::verify ( const Glib::RefPtr < const SocketConnectable >& identity ) const

A verify() convenience overload.

TlsCertificateFlags Gio::TlsCertificate::verify ( const Glib::RefPtr < const TlsCertificate >& trusted_ca ) const

A verify() convenience overload.

TlsCertificateFlags Gio::TlsCertificate::verify ( ) const

A verify() convenience overload.

virtual TlsCertificateFlags Gio::TlsCertificate::verify_vfunc ( const Glib::RefPtr < const SocketConnectable >& identity ,
const Glib::RefPtr < const TlsCertificate >& trusted_ca
) const
virtual

Friends And Related Function Documentation

Glib::RefPtr < Gio::TlsCertificate > wrap ( GTlsCertificate * object ,
bool take_copy = false
)
related

A Glib::wrap() method for this object.

Parameters
object The C instance.
take_copy False if the result should take ownership of the C instance. True if it should take a new copy or ref.
Returns
A C++ instance that wraps this C instance.