GcrCertificate

GcrCertificate — Represents an X.509 certificate

Synopsis

                    GcrCertificate;
struct              GcrCertificateIface;
gconstpointer       gcr_certificate_get_der_data        (GcrCertificate *self,
                                                         gsize *n_data);
gchar *               gcr_certificate_get_issuer_cn     (GcrCertificate *self);
gchar *               gcr_certificate_get_issuer_dn     (GcrCertificate *self);
gchar *               gcr_certificate_get_issuer_part   (GcrCertificate *self,
                                                         const gchar *part);
gpointer            gcr_certificate_get_issuer_raw      (GcrCertificate *self,
                                                         gsize *n_data);
gboolean            gcr_certificate_is_issuer           (GcrCertificate *self,
                                                         GcrCertificate *issuer);
gchar *               gcr_certificate_get_subject_cn    (GcrCertificate *self);
gchar *               gcr_certificate_get_subject_dn    (GcrCertificate *self);
gchar *               gcr_certificate_get_subject_part  (GcrCertificate *self,
                                                         const gchar *part);
gpointer            gcr_certificate_get_subject_raw     (GcrCertificate *self,
                                                         gsize *n_data);
GDate *               gcr_certificate_get_issued_date   (GcrCertificate *self);
GDate *               gcr_certificate_get_expiry_date   (GcrCertificate *self);
guchar *              gcr_certificate_get_serial_number (GcrCertificate *self,
                                                         gsize *n_length);
gchar *               gcr_certificate_get_serial_number_hex
                                                        (GcrCertificate *self);
guint               gcr_certificate_get_key_size        (GcrCertificate *self);
guchar *              gcr_certificate_get_fingerprint   (GcrCertificate *self,
                                                         GChecksumType type,
                                                         gsize *n_length);
gchar *               gcr_certificate_get_fingerprint_hex
                                                        (GcrCertificate *self,
                                                         GChecksumType type);

Object Hierarchy

  GInterface
   +----GcrCertificateIface

Prerequisites

GcrCertificateIface requires GObject.

Known Implementations

GcrCertificateIface is implemented by GcrPkcs11Certificate and GcrSimpleCertificate.

Description

This is an interface that represents an X.509 certificate. Objects can implement this interface to make a certificate usable with the GCR library.

Various methods are available to parse out relevant bits of the certificate. However no verification of the validity of a certificate is done here. Use your favorite crypto library to do this.

You can use GcrSimpleCertificate to simply load a certificate for which you already have the raw certificate data.

Details

GcrCertificate

typedef struct _GcrCertificate GcrCertificate;

An object which holds a certificate.


struct GcrCertificateIface

struct GcrCertificateIface;

The interface that implementors of GcrCertificate must implement.


gcr_certificate_get_der_data ()

gconstpointer       gcr_certificate_get_der_data        (GcrCertificate *self,
                                                         gsize *n_data);

Gets the raw DER data for an X.509 certificate.

self :

a GcrCertificate

n_data :

a pointer to a location to store the size of the resulting DER data.

Returns :

raw DER data of the X.509 certificate.

gcr_certificate_get_issuer_cn ()

gchar *               gcr_certificate_get_issuer_cn     (GcrCertificate *self);

Get the common name of the issuer of this certificate.

The string returned should be freed by the caller when no longer required.

self :

a GcrCertificate

Returns :

The allocated issuer CN, or NULL if no issuer CN present.

gcr_certificate_get_issuer_dn ()

gchar *               gcr_certificate_get_issuer_dn     (GcrCertificate *self);

Get the full issuer DN of the certificate as a (mostly) readable string.

The string returned should be freed by the caller when no longer required.

self :

a GcrCertificate

Returns :

The allocated issuer DN of the certificate.

gcr_certificate_get_issuer_part ()

gchar *               gcr_certificate_get_issuer_part   (GcrCertificate *self,
                                                         const gchar *part);

Get a part of the DN of the issuer of this certificate.

Examples of a part might be the 'OU' (organizational unit) or the 'CN' (common name). Only the value of that part of the DN is returned.

The string returned should be freed by the caller when no longer required.

self :

a GcrCertificate

part :

a DN type string or OID.

Returns :

The allocated part of the issuer DN, or NULL if no such part is present.

gcr_certificate_get_issuer_raw ()

gpointer            gcr_certificate_get_issuer_raw      (GcrCertificate *self,
                                                         gsize *n_data);

Get the raw DER data for the issuer DN of the certificate.

The data should be freed by using g_free() when no longer required.

self :

a GcrCertificate

n_data :

The length of the returned data.

Returns :

allocated memory containing the raw issuer.

gcr_certificate_is_issuer ()

gboolean            gcr_certificate_is_issuer           (GcrCertificate *self,
                                                         GcrCertificate *issuer);

Check if issuer could be the issuer of this certificate. This is done by comparing the relevant subject and issuer fields. No signature check is done. Proper verification of certificates must be done via a crypto library.

self :

a GcrCertificate

issuer :

a possible issuer GcrCertificate

Returns :

whether issuer could be the issuer of the certificate.

gcr_certificate_get_subject_cn ()

gchar *               gcr_certificate_get_subject_cn    (GcrCertificate *self);

Get the common name of the subject of this certificate.

The string returned should be freed by the caller when no longer required.

self :

a GcrCertificate

Returns :

The allocated subject CN, or NULL if no subject CN present.

gcr_certificate_get_subject_dn ()

gchar *               gcr_certificate_get_subject_dn    (GcrCertificate *self);

Get the full subject DN of the certificate as a (mostly) readable string.

The string returned should be freed by the caller when no longer required.

self :

a GcrCertificate

Returns :

The allocated subject DN of the certificate.

gcr_certificate_get_subject_part ()

gchar *               gcr_certificate_get_subject_part  (GcrCertificate *self,
                                                         const gchar *part);

Get a part of the DN of the subject of this certificate.

Examples of a part might be the 'OU' (organizational unit) or the 'CN' (common name). Only the value of that part of the DN is returned.

The string returned should be freed by the caller when no longer required.

self :

a GcrCertificate

part :

a DN type string or OID.

Returns :

The allocated part of the subject DN, or NULL if no such part is present.

gcr_certificate_get_subject_raw ()

gpointer            gcr_certificate_get_subject_raw     (GcrCertificate *self,
                                                         gsize *n_data);

Get the raw DER data for the subject DN of the certificate.

The data should be freed by using g_free() when no longer required.

self :

a GcrCertificate

n_data :

The length of the returned data.

Returns :

allocated memory containing the raw subject.

gcr_certificate_get_issued_date ()

GDate *               gcr_certificate_get_issued_date   (GcrCertificate *self);

Get the issued date of this certificate.

The GDate returned should be freed by the caller using g_date_free() when no longer required.

self :

a GcrCertificate

Returns :

An allocated issued date of this certificate.

gcr_certificate_get_expiry_date ()

GDate *               gcr_certificate_get_expiry_date   (GcrCertificate *self);

Get the expiry date of this certificate.

The GDate returned should be freed by the caller using g_date_free() when no longer required.

self :

a GcrCertificate

Returns :

An allocated expiry date of this certificate.

gcr_certificate_get_serial_number ()

guchar *              gcr_certificate_get_serial_number (GcrCertificate *self,
                                                         gsize *n_length);

Get the raw binary serial number of the certificate.

The caller should free the returned data using g_free() when it is no longer required.

self :

a GcrCertificate

n_length :

the length of the returned data.

Returns :

the raw binary serial number.

gcr_certificate_get_serial_number_hex ()

gchar *               gcr_certificate_get_serial_number_hex
                                                        (GcrCertificate *self);

Get the serial number of the certificate as a hex string.

The caller should free the returned data using g_free() when it is no longer required.

self :

a GcrCertificate

Returns :

an allocated string containing the serial number as hex.

gcr_certificate_get_key_size ()

guint               gcr_certificate_get_key_size        (GcrCertificate *self);

Get the key size in bits of the public key represented by this certificate.

self :

a GcrCertificate

Returns :

The key size of the certificate.

gcr_certificate_get_fingerprint ()

guchar *              gcr_certificate_get_fingerprint   (GcrCertificate *self,
                                                         GChecksumType type,
                                                         gsize *n_length);

Calculate the fingerprint for this certificate.

You can pass G_CHECKSUM_SHA1 or G_CHECKSUM_MD5 as the type parameter.

The caller should free the returned data using g_free() when it is no longer required.

self :

a GcrCertificate

type :

the type of algorithm for the fingerprint.

n_length :

The length of the resulting fingerprint.

Returns :

the raw binary fingerprint.

gcr_certificate_get_fingerprint_hex ()

gchar *               gcr_certificate_get_fingerprint_hex
                                                        (GcrCertificate *self,
                                                         GChecksumType type);

Calculate the fingerprint for this certificate, and return it as a hex string.

You can pass G_CHECKSUM_SHA1 or G_CHECKSUM_MD5 as the type parameter.

The caller should free the returned data using g_free() when it is no longer required.

self :

a GcrCertificate

type :

the type of algorithm for the fingerprint.

Returns :

an allocated hex string which contains the fingerprint.