glibmm: Gio::TlsCertificate Class Reference

TlsCertificate - TLS certificate. More...

#include <giomm/tlscertificate.h>

Inheritance diagram for Gio::TlsCertificate:

Public Member Functions

 TlsCertificate (TlsCertificate&& src) noexcept
 
TlsCertificateoperator= (TlsCertificate&& src) noexcept
 
 ~TlsCertificate () noexcept override
 
GTlsCertificate* gobj ()
 Provides access to the underlying C GObject. More...

 
const GTlsCertificate* gobj () const
 Provides access to the underlying C GObject. More...

 
GTlsCertificate* gobj_copy ()
 Provides access to the underlying C instance. The caller is responsible for unrefing it. Use when directly setting fields in structs. More...

 
Glib::RefPtr< TlsCertificateget_issuer ()
 Gets the TlsCertificate representing cert's issuer, if known. More...

 
Glib::RefPtr< const TlsCertificateget_issuer () const
 Gets the TlsCertificate representing cert's issuer, if known. More...

 
TlsCertificateFlags verify (const Glib::RefPtr< const SocketConnectable >& identity, const Glib::RefPtr< const TlsCertificate >& trusted_ca) const
 This verifies cert and returns a set of TlsCertificateFlags indicating any problems found with it. More...

 
TlsCertificateFlags verify (const Glib::RefPtr< const SocketConnectable >& identity) const
 A verify() convenience overload. More...

 
TlsCertificateFlags verify (const Glib::RefPtr< const TlsCertificate >& trusted_ca) const
 A verify() convenience overload. More...

 
TlsCertificateFlags verify () const
 A verify() convenience overload. More...

 
bool is_same (const Glib::RefPtr< const TlsCertificate >& cert_two) const
 Check if two TlsCertificate objects represent the same certificate. More...

 
Glib::PropertyProxy_ReadOnly< Glib::RefPtr< Glib::ByteArray > > property_certificate () const
 The DER (binary) encoded representation of the certificate. More...

 
Glib::PropertyProxy_ReadOnly< std::stringproperty_certificate_pem () const
 The PEM (ASCII) encoded representation of the certificate. More...

 
Glib::PropertyProxy_ReadOnly< Glib::RefPtr< TlsCertificate > > property_issuer () const
 A TlsCertificate representing the entity that issued this certificate. More...

 
- Public Member Functions inherited from Glib::Object
 Object (const Object&)=delete
 
Objectoperator= (const Object&)=delete
 
 Object (Object&& src) noexcept
 
Objectoperator= (Object&& src) noexcept
 
void* get_data (const QueryQuark& key)
 
void set_data (const Quark& key, void* data)
 
void set_data (const Quark& key, void* data, DestroyNotify notify)
 
void remove_data (const QueryQuark& quark)
 
void* steal_data (const QueryQuark& quark)
 
- Public Member Functions inherited from Glib::ObjectBase
 ObjectBase (const ObjectBase&)=delete
 
ObjectBaseoperator= (const ObjectBase&)=delete
 
void set_property_value (const Glib::ustring& property_name, const Glib::ValueBase& value)
 You probably want to use a specific property_*() accessor method instead. More...

 
void get_property_value (const Glib::ustring& property_name, Glib::ValueBase& value) const
 You probably want to use a specific property_*() accessor method instead. More...

 
template<class PropertyType >
void set_property (const Glib::ustring& property_name, const PropertyType& value)
 You probably want to use a specific property_*() accessor method instead. More...

 
template<class PropertyType >
void get_property (const Glib::ustring& property_name, PropertyType& value) const
 You probably want to use a specific property_*() accessor method instead. More...

 
template<class PropertyType >
PropertyType get_property (const Glib::ustring& property_name) const
 You probably want to use a specific property_*() accessor method instead. More...

 
sigc::connection connect_property_changed (const Glib::ustring& property_name, const sigc::slot< void()>& slot)
 You can use the signal_changed() signal of the property proxy instead. More...

 
sigc::connection connect_property_changed (const Glib::ustring& property_name, sigc::slot< void()>&& slot)
 You can use the signal_changed() signal of the property proxy instead. More...

 
void freeze_notify ()
 Increases the freeze count on object. More...

 
void thaw_notify ()
 Reverts the effect of a previous call to freeze_notify(). More...

 
virtual void reference () const
 Increment the reference count for this object. More...

 
virtual void unreference () const
 Decrement the reference count for this object. More...

 
GObject* gobj ()
 Provides access to the underlying C GObject. More...

 
const GObject* gobj () const
 Provides access to the underlying C GObject. More...

 
GObject* gobj_copy () const
 Give a ref-ed copy to someone. Use for direct struct access. More...

 
- Public Member Functions inherited from sigc::trackable
 trackable () noexcept
 
 trackable (const trackable &src) noexcept
 
 trackable (trackable &&src) noexcept
 
 ~trackable ()
 
void add_destroy_notify_callback (notifiable *data, func_destroy_notify func) const
 
void notify_callbacks ()
 
trackableoperator= (const trackable &src)
 
trackableoperator= (trackable &&src) noexcept
 
void remove_destroy_notify_callback (notifiable *data) const
 

Static Public Member Functions

static GType get_type ()
 Get the GType for this class, for use with the underlying GObject type system. More...

 
static Glib::RefPtr< TlsCertificatecreate_from_pem (const std::string& data, gssize length=-1)
 Creates a TlsCertificate from the PEM-encoded data in data. More...

 
static Glib::RefPtr< TlsCertificatecreate (const std::string& file)
 Creates a TlsCertificate from the PEM-encoded data in file. More...

 
static Glib::RefPtr< TlsCertificatecreate (const std::string& cert_file, const std::string& key_file)
 Creates a TlsCertificate from the PEM-encoded data in cert_file and key_file. More...

 
static std::vector< Glib::RefPtr< TlsCertificate > > create_list_from_file (const std::string& file)
 Creates one or more TlsCertificates from the PEM-encoded data in file. More...

 

Protected Member Functions

 TlsCertificate (const std::string& data, gssize length)
 
 TlsCertificate (const std::string& file)
 
 TlsCertificate (const std::string& cert_file, const std::string& key_file)
 
virtual TlsCertificateFlags verify_vfunc (const Glib::RefPtr< const SocketConnectable >& identity, const Glib::RefPtr< const TlsCertificate >& trusted_ca) const
 
- Protected Member Functions inherited from Glib::Object
 Object ()
 
 Object (const Glib::ConstructParams& construct_params)
 
 Object (GObject* castitem)
 
 ~Object () noexcept override
 
- Protected Member Functions inherited from Glib::ObjectBase
 ObjectBase ()
 This default constructor is called implicitly from the constructor of user-derived classes, even if, for instance, Gtk::Button calls a different ObjectBase constructor. More...

 
 ObjectBase (const char* custom_type_name)
 A derived constructor always overrides this choice. More...

 
 ObjectBase (const std::type_info& custom_type_info)
 This constructor is a special feature to allow creation of derived types on the fly, without having to use g_object_new() manually. More...

 
 ObjectBase (ObjectBase&& src) noexcept
 
ObjectBaseoperator= (ObjectBase&& src) noexcept
 
virtual ~ObjectBase () noexcept=0
 
void initialize (GObject* castitem)
 
void initialize_move (GObject* castitem, Glib::ObjectBase* previous_wrapper)
 

Related Functions

(Note that these are not member functions.)

Glib::RefPtr< Gio::TlsCertificatewrap (GTlsCertificate* object, bool take_copy=false)
 A Glib::wrap() method for this object. More...

 

Additional Inherited Members

- Public Types inherited from Glib::Object
using DestroyNotify = void(*)(gpointer data)
 
- Public Types inherited from sigc::trackable
typedef internal::func_destroy_notify func_destroy_notify
 
- Public Types inherited from sigc::notifiable
typedef internal::func_destroy_notify func_destroy_notify
 

Detailed Description

TlsCertificate - TLS certificate.

A certificate used for TLS authentication and encryption. This can represent either a certificate only (eg, the certificate received by a client from a server), or the combination of a certificate and a private key (which is needed when acting as a TlsServerConnection).

Since glibmm 2.36:

Constructor & Destructor Documentation

Gio::TlsCertificate::TlsCertificate ( TlsCertificate&&  src)
noexcept
Gio::TlsCertificate::~TlsCertificate ( )
overridenoexcept
Gio::TlsCertificate::TlsCertificate ( const std::string data,
gssize  length 
)
explicitprotected
Gio::TlsCertificate::TlsCertificate ( const std::string file)
explicitprotected
Gio::TlsCertificate::TlsCertificate ( const std::string cert_file,
const std::string key_file 
)
explicitprotected

Member Function Documentation

static Glib::RefPtr<TlsCertificate> Gio::TlsCertificate::create ( const std::string file)
static

Creates a TlsCertificate from the PEM-encoded data in file.

The returned certificate will be the first certificate found in file. As of GLib 2.44, if file contains more certificates it will try to load a certificate chain. All certificates will be verified in the order found (top-level certificate should be the last one in the file) and the TlsCertificate::property_issuer() property of each certificate will be set accordingly if the verification succeeds. If any certificate in the chain cannot be verified, the first certificate in the file will still be returned.

If file cannot be read or parsed, the function will return nullptr and set error. Otherwise, this behaves like g_tls_certificate_new_from_pem().

Since glibmm 2.28:
Parameters
fileFile containing a PEM-encoded certificate to import.
Returns
The new certificate, or nullptr on error.
static Glib::RefPtr<TlsCertificate> Gio::TlsCertificate::create ( const std::string cert_file,
const std::string key_file 
)
static

Creates a TlsCertificate from the PEM-encoded data in cert_file and key_file.

The returned certificate will be the first certificate found in cert_file. As of GLib 2.44, if cert_file contains more certificates it will try to load a certificate chain. All certificates will be verified in the order found (top-level certificate should be the last one in the file) and the TlsCertificate::property_issuer() property of each certificate will be set accordingly if the verification succeeds. If any certificate in the chain cannot be verified, the first certificate in the file will still be returned.

If either file cannot be read or parsed, the function will return nullptr and set error. Otherwise, this behaves like g_tls_certificate_new_from_pem().

Since glibmm 2.28:
Parameters
cert_fileFile containing one or more PEM-encoded certificates to import.
key_fileFile containing a PEM-encoded private key to import.
Returns
The new certificate, or nullptr on error.
static Glib::RefPtr<TlsCertificate> Gio::TlsCertificate::create_from_pem ( const std::string data,
gssize  length = -1 
)
static

Creates a TlsCertificate from the PEM-encoded data in data.

If data includes both a certificate and a private key, then the returned certificate will include the private key data as well. (See the TlsCertificate::property_private_key_pem() property for information about supported formats.)

The returned certificate will be the first certificate found in data. As of GLib 2.44, if data contains more certificates it will try to load a certificate chain. All certificates will be verified in the order found (top-level certificate should be the last one in the file) and the TlsCertificate::property_issuer() property of each certificate will be set accordingly if the verification succeeds. If any certificate in the chain cannot be verified, the first certificate in the file will still be returned.

Since glibmm 2.28:
Parameters
dataPEM-encoded certificate data.
lengthThe length of data, or -1 if it's 0-terminated.
Returns
The new certificate, or nullptr if data is invalid.
static std::vector< Glib::RefPtr<TlsCertificate> > Gio::TlsCertificate::create_list_from_file ( const std::string file)
static

Creates one or more TlsCertificates from the PEM-encoded data in file.

If file cannot be read or parsed, the function will return nullptr and set error. If file does not contain any PEM-encoded certificates, this will return an empty list and not set error.

Since glibmm 2.28:
Parameters
fileFile containing PEM-encoded certificates to import.
Returns
A List containing TlsCertificate objects. You must free the list and its contents when you are done with it.
Exceptions
Glib::Error
Glib::RefPtr<TlsCertificate> Gio::TlsCertificate::get_issuer ( )

Gets the TlsCertificate representing cert's issuer, if known.

Since glibmm 2.28:
Returns
The certificate of cert's issuer, or nullptr if cert is self-signed or signed with an unknown certificate.
Glib::RefPtr<const TlsCertificate> Gio::TlsCertificate::get_issuer ( ) const

Gets the TlsCertificate representing cert's issuer, if known.

Since glibmm 2.28:
Returns
The certificate of cert's issuer, or nullptr if cert is self-signed or signed with an unknown certificate.
static GType Gio::TlsCertificate::get_type ( )
static

Get the GType for this class, for use with the underlying GObject type system.

GTlsCertificate* Gio::TlsCertificate::gobj ( )
inline

Provides access to the underlying C GObject.

const GTlsCertificate* Gio::TlsCertificate::gobj ( ) const
inline

Provides access to the underlying C GObject.

GTlsCertificate* Gio::TlsCertificate::gobj_copy ( )

Provides access to the underlying C instance. The caller is responsible for unrefing it. Use when directly setting fields in structs.

bool Gio::TlsCertificate::is_same ( const Glib::RefPtr< const TlsCertificate >&  cert_two) const

Check if two TlsCertificate objects represent the same certificate.

The raw DER byte data of the two certificates are checked for equality. This has the effect that two certificates may compare equal even if their TlsCertificate::property_issuer(), TlsCertificate::property_private_key(), or TlsCertificate::property_private_key_pem() properties differ.

Since glibmm 2.34:
Parameters
cert_twoSecond certificate to compare.
Returns
Whether the same or not.
TlsCertificate& Gio::TlsCertificate::operator= ( TlsCertificate&&  src)
noexcept
Glib::PropertyProxy_ReadOnly< Glib::RefPtr<Glib::ByteArray> > Gio::TlsCertificate::property_certificate ( ) const

The DER (binary) encoded representation of the certificate.

This property and the TlsCertificate::property_certificate_pem() property represent the same data, just in different forms.

Since glibmm 2.28:
Returns
A PropertyProxy_ReadOnly that allows you to get the value of the property, or receive notification when the value of the property changes.
Glib::PropertyProxy_ReadOnly< std::string > Gio::TlsCertificate::property_certificate_pem ( ) const

The PEM (ASCII) encoded representation of the certificate.

This property and the TlsCertificate::property_certificate() property represent the same data, just in different forms.

Since glibmm 2.28:

Default value: ""

Returns
A PropertyProxy_ReadOnly that allows you to get the value of the property, or receive notification when the value of the property changes.
Glib::PropertyProxy_ReadOnly< Glib::RefPtr<TlsCertificate> > Gio::TlsCertificate::property_issuer ( ) const

A TlsCertificate representing the entity that issued this certificate.

If nullptr, this means that the certificate is either self-signed, or else the certificate of the issuer is not available.

Since glibmm 2.28:
Returns
A PropertyProxy_ReadOnly that allows you to get the value of the property, or receive notification when the value of the property changes.
TlsCertificateFlags Gio::TlsCertificate::verify ( const Glib::RefPtr< const SocketConnectable >&  identity,
const Glib::RefPtr< const TlsCertificate >&  trusted_ca 
) const

This verifies cert and returns a set of TlsCertificateFlags indicating any problems found with it.

This can be used to verify a certificate outside the context of making a connection, or to check a certificate against a CA that is not part of the system CA database.

If identity is not nullptr, cert's name(s) will be compared against it, and Gio::TlsCertificateFlags::BAD_IDENTITY will be set in the return value if it does not match. If identity is nullptr, that bit will never be set in the return value.

If trusted_ca is not nullptr, then cert (or one of the certificates in its chain) must be signed by it, or else Gio::TlsCertificateFlags::UNKNOWN_CA will be set in the return value. If trusted_ca is nullptr, that bit will never be set in the return value.

(All other TlsCertificateFlags values will always be set or unset as appropriate.)

Since glibmm 2.28:
Parameters
identityThe expected peer identity.
trusted_caThe certificate of a trusted authority.
Returns
The appropriate TlsCertificateFlags.
TlsCertificateFlags Gio::TlsCertificate::verify ( const Glib::RefPtr< const SocketConnectable >&  identity) const

A verify() convenience overload.

TlsCertificateFlags Gio::TlsCertificate::verify ( const Glib::RefPtr< const TlsCertificate >&  trusted_ca) const

A verify() convenience overload.

TlsCertificateFlags Gio::TlsCertificate::verify ( ) const

A verify() convenience overload.

virtual TlsCertificateFlags Gio::TlsCertificate::verify_vfunc ( const Glib::RefPtr< const SocketConnectable >&  identity,
const Glib::RefPtr< const TlsCertificate >&  trusted_ca 
) const
protectedvirtual

Friends And Related Function Documentation

Glib::RefPtr< Gio::TlsCertificate > wrap ( GTlsCertificate *  object,
bool  take_copy = false 
)
related

A Glib::wrap() method for this object.

Parameters
objectThe C instance.
take_copyFalse if the result should take ownership of the C instance. True if it should take a new copy or ref.
Returns
A C++ instance that wraps this C instance.