Blame docs/reference/gcr/html/GcrCertificateChain.html

Packit b00eeb
Packit b00eeb
<html>
Packit b00eeb
<head>
Packit b00eeb
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
Packit b00eeb
<title>GcrCertificateChain: Gcr Library Reference Manual</title>
Packit b00eeb
<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
Packit b00eeb
<link rel="home" href="index.html" title="Gcr Library Reference Manual">
Packit b00eeb
<link rel="up" href="certificates.html" title="Part I. Certificates">
Packit b00eeb
<link rel="prev" href="GcrPkcs11Certificate.html" title="GcrPkcs11Certificate">
Packit b00eeb
<link rel="next" href="gcr-GcrCertificateRequest.html" title="GcrCertificateRequest">
Packit b00eeb
<meta name="generator" content="GTK-Doc V1.27.1 (XML mode)">
Packit b00eeb
<link rel="stylesheet" href="style.css" type="text/css">
Packit b00eeb
</head>
Packit b00eeb
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
Packit b00eeb
Packit b00eeb
Packit b00eeb
Top  | 
Packit b00eeb
                  Description  | 
Packit b00eeb
                  Object Hierarchy  | 
Packit b00eeb
                  Properties
Packit b00eeb
Packit b00eeb
Home
Packit b00eeb
Up
Packit b00eeb
Prev
Packit b00eeb
Next
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb

GcrCertificateChain

Packit b00eeb

GcrCertificateChain — A certificate chain

Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb

Functions

Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
GcrCertificateChain *
Packit b00eeb
Packit b00eeb
Packit b00eeb
gcr_certificate_chain_new ()
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
void
Packit b00eeb
Packit b00eeb
Packit b00eeb
gcr_certificate_chain_add ()
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
GcrCertificate *
Packit b00eeb
Packit b00eeb
Packit b00eeb
gcr_certificate_chain_get_certificate ()
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
GcrCertificateChainStatus
Packit b00eeb
Packit b00eeb
Packit b00eeb
gcr_certificate_chain_get_status ()
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
GcrCertificate *
Packit b00eeb
Packit b00eeb
Packit b00eeb
gcr_certificate_chain_get_anchor ()
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
GcrCertificate *
Packit b00eeb
Packit b00eeb
Packit b00eeb
gcr_certificate_chain_get_endpoint ()
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
guint
Packit b00eeb
Packit b00eeb
Packit b00eeb
gcr_certificate_chain_get_length ()
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
gboolean
Packit b00eeb
Packit b00eeb
Packit b00eeb
gcr_certificate_chain_build ()
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
void
Packit b00eeb
Packit b00eeb
Packit b00eeb
gcr_certificate_chain_build_async ()
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
gboolean
Packit b00eeb
Packit b00eeb
Packit b00eeb
gcr_certificate_chain_build_finish ()
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb

Properties

Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
guint
Packit b00eeb
length
Packit b00eeb
Read
Packit b00eeb
Packit b00eeb
Packit b00eeb
GcrCertificateChainStatus
Packit b00eeb
status
Packit b00eeb
Read
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb

Types and Values

Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
struct
Packit b00eeb
GcrCertificateChain
Packit b00eeb
Packit b00eeb
Packit b00eeb
struct
Packit b00eeb
GcrCertificateChainClass
Packit b00eeb
Packit b00eeb
Packit b00eeb
enum
Packit b00eeb
GcrCertificateChainStatus
Packit b00eeb
Packit b00eeb
Packit b00eeb
enum
Packit b00eeb
GcrCertificateChainFlags
Packit b00eeb
Packit b00eeb
Packit b00eeb
#define
Packit b00eeb
GCR_TYPE_CERTIFICATE_CHAIN_FLAGS
Packit b00eeb
Packit b00eeb
Packit b00eeb
#define
Packit b00eeb
GCR_TYPE_CERTIFICATE_CHAIN_STATUS
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb

Object Hierarchy

Packit b00eeb
    GObject
Packit b00eeb
    ╰── GcrCertificateChain
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb

Description

Packit b00eeb

GcrCertificateChain represents a chain of certificates, normally used to

Packit b00eeb
validate the trust in a certificate. An X.509 certificate chain has one
Packit b00eeb
endpoint certificate (the one for which trust is being verified) and then
Packit b00eeb
in turn the certificate that issued each previous certificate in the chain.

Packit b00eeb

This functionality is for building of certificate chains not for validating

Packit b00eeb
them. Use your favorite crypto library to validate trust in a certificate
Packit b00eeb
chain once its built.

Packit b00eeb

The order of certificates in the chain should be first the endpoint

Packit b00eeb
certificates and then the signing certificates.

Packit b00eeb

Create a new certificate chain with gcr_certificate_chain_new() and then

Packit b00eeb
add the certificates with gcr_certificate_chain_add().

Packit b00eeb

You can then use gcr_certificate_chain_build() to build the remainder of

Packit b00eeb
the chain. This will lookup missing certificates in PKCS#11 modules and
Packit b00eeb
also check that each certificate in the chain is the signer of the previous
Packit b00eeb
one. If a trust anchor, pinned certificate, or self-signed certificate is
Packit b00eeb
found, then the chain is considered built. Any extra certificates are
Packit b00eeb
removed from the chain.

Packit b00eeb

Once the certificate chain has been built, you can access its status

Packit b00eeb
through gcr_certificate_chain_get_status(). The status signifies whether
Packit b00eeb
the chain is anchored on a trust root, self-signed, incomplete etc. See
Packit b00eeb
GcrCertificateChainStatus for information on the various statuses.

Packit b00eeb

It's important to understand that the building of a certificate chain is

Packit b00eeb
merely the first step towards verifying trust in a certificate.

Packit b00eeb
Packit b00eeb
Packit b00eeb

Functions

Packit b00eeb
Packit b00eeb

gcr_certificate_chain_new ()

Packit b00eeb
GcrCertificateChain *
Packit b00eeb
gcr_certificate_chain_new (void);
Packit b00eeb

Create a new GcrCertificateChain.

Packit b00eeb
Packit b00eeb

Returns

Packit b00eeb

a newly allocated certificate chain.

Packit b00eeb

[transfer full]

Packit b00eeb
Packit b00eeb
Packit b00eeb

Packit b00eeb
Packit b00eeb

gcr_certificate_chain_add ()

Packit b00eeb
void
Packit b00eeb
gcr_certificate_chain_add (GcrCertificateChain *self,
Packit b00eeb
                           GcrCertificate *certificate);
Packit b00eeb

Add certificate

Packit b00eeb
 to the chain. The order of certificates in the chain are
Packit b00eeb
important. The first certificate should be the endpoint certificate, and
Packit b00eeb
then come the signers (certificate authorities) each in turn. If a root
Packit b00eeb
certificate authority is present, it should come last.

Packit b00eeb

Adding a certificate an already built chain (see

Packit b00eeb
gcr_certificate_chain_build()) resets the type of the certificate chain
Packit b00eeb
to GCR_CERTIFICATE_CHAIN_UNKNOWN

Packit b00eeb
Packit b00eeb

Parameters

Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb

self

Packit b00eeb

the GcrCertificateChain

Packit b00eeb
 
Packit b00eeb
Packit b00eeb
Packit b00eeb

certificate

Packit b00eeb

a GcrCertificate to add to the chain

Packit b00eeb
 
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb

Packit b00eeb
Packit b00eeb

gcr_certificate_chain_get_certificate ()

Packit b00eeb
GcrCertificate *
Packit b00eeb
gcr_certificate_chain_get_certificate (GcrCertificateChain *self,
Packit b00eeb
                                       guint index);
Packit b00eeb

Get a certificate in the chain. It is an error to call this function

Packit b00eeb
with an invalid index.

Packit b00eeb
Packit b00eeb

Parameters

Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb

self

Packit b00eeb

the GcrCertificateChain

Packit b00eeb
 
Packit b00eeb
Packit b00eeb
Packit b00eeb

index

Packit b00eeb

index of the certificate to get

Packit b00eeb
 
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb

Returns

Packit b00eeb

the certificate.

Packit b00eeb

[transfer none]

Packit b00eeb
Packit b00eeb
Packit b00eeb

Packit b00eeb
Packit b00eeb

gcr_certificate_chain_get_status ()

Packit b00eeb
GcrCertificateChainStatus
Packit b00eeb
gcr_certificate_chain_get_status (GcrCertificateChain *self);
Packit b00eeb

Get the status of a certificate chain. If the certificate chain has not

Packit b00eeb
been built, then the status will be GCR_CERTIFICATE_CHAIN_UNKNOWN.

Packit b00eeb

A status of GCR_CERTIFICATE_CHAIN_ANCHORED does not mean that the

Packit b00eeb
certificate chain has been verified, but merely that an anchor has been
Packit b00eeb
found.

Packit b00eeb
Packit b00eeb

Parameters

Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb

self

Packit b00eeb

the GcrCertificateChain

Packit b00eeb
 
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb

Returns

Packit b00eeb

the status of the certificate chain.

Packit b00eeb
Packit b00eeb
Packit b00eeb

Packit b00eeb
Packit b00eeb

gcr_certificate_chain_get_anchor ()

Packit b00eeb
GcrCertificate *
Packit b00eeb
gcr_certificate_chain_get_anchor (GcrCertificateChain *self);
Packit b00eeb

If the certificate chain has been built and is of status

Packit b00eeb
GCR_CERTIFICATE_CHAIN_ANCHORED, then this will return the anchor
Packit b00eeb
certificate that was found. This is not necessarily a root certificate
Packit b00eeb
authority. If an intermediate certificate authority in the chain was
Packit b00eeb
found to be anchored, then that certificate will be returned.

Packit b00eeb

If an anchor is returned it does not mean that the certificate chain has

Packit b00eeb
been verified, but merely that an anchor has been found.

Packit b00eeb
Packit b00eeb

Parameters

Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb

self

Packit b00eeb

the GcrCertificateChain

Packit b00eeb
 
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb

Returns

Packit b00eeb

the anchor certificate, or NULL if not anchored.

Packit b00eeb

[transfer none]

Packit b00eeb
Packit b00eeb
Packit b00eeb

Packit b00eeb
Packit b00eeb

gcr_certificate_chain_get_endpoint ()

Packit b00eeb
GcrCertificate *
Packit b00eeb
gcr_certificate_chain_get_endpoint (GcrCertificateChain *self);
Packit b00eeb

Get the endpoint certificate in the chain. This is always the first

Packit b00eeb
certificate in the chain. The endpoint certificate cannot be anchored.

Packit b00eeb
Packit b00eeb

Parameters

Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb

self

Packit b00eeb

the GcrCertificateChain

Packit b00eeb
 
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb

Returns

Packit b00eeb

the endpoint certificate, or NULL if the chain

Packit b00eeb
is empty. 

Packit b00eeb

[transfer none]

Packit b00eeb
Packit b00eeb
Packit b00eeb

Packit b00eeb
Packit b00eeb

gcr_certificate_chain_get_length ()

Packit b00eeb
guint
Packit b00eeb
gcr_certificate_chain_get_length (GcrCertificateChain *self);
Packit b00eeb

Get the length of the certificate chain.

Packit b00eeb
Packit b00eeb

Parameters

Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb

self

Packit b00eeb

the GcrCertificateChain

Packit b00eeb
 
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb

Returns

Packit b00eeb

the length of the certificate chain

Packit b00eeb
Packit b00eeb
Packit b00eeb

Packit b00eeb
Packit b00eeb

gcr_certificate_chain_build ()

Packit b00eeb
gboolean
Packit b00eeb
gcr_certificate_chain_build (GcrCertificateChain *self,
Packit b00eeb
                             const gchar *purpose,
Packit b00eeb
                             const gchar *peer,
Packit b00eeb
                             GcrCertificateChainFlags flags,
Packit b00eeb
                             GCancellable *cancellable,
Packit b00eeb
                             GError **error);
Packit b00eeb

Complete a certificate chain. Once a certificate chain has been built

Packit b00eeb
its status can be examined.

Packit b00eeb

This operation will lookup missing certificates in PKCS#11

Packit b00eeb
modules and also that each certificate in the chain is the signer of the
Packit b00eeb
previous one. If a trust anchor, pinned certificate, or self-signed certificate
Packit b00eeb
is found, then the chain is considered built. Any extra certificates are
Packit b00eeb
removed from the chain.

Packit b00eeb

It's important to understand that building of a certificate chain does not

Packit b00eeb
constitute verifying that chain. This is merely the first step towards
Packit b00eeb
trust verification.

Packit b00eeb

The purpose

Packit b00eeb
 is a string like GCR_PURPOSE_CLIENT_AUTH and is the purpose
Packit b00eeb
for which the certificate chain will be used. Trust anchors are looked up
Packit b00eeb
for this purpose. This argument is required.

Packit b00eeb

The peer

Packit b00eeb
 is usually the host name of the peer whith which this certificate
Packit b00eeb
chain is being used. It is used to look up pinned certificates that have
Packit b00eeb
been stored for this peer. If NULL then no pinned certificates will
Packit b00eeb
be considered.

Packit b00eeb

If the GCR_CERTIFICATE_CHAIN_NO_LOOKUPS flag is specified then no

Packit b00eeb
lookups for anchors or pinned certificates are done, and the resulting chain
Packit b00eeb
will be neither anchored or pinned. Additionally no missing certificate
Packit b00eeb
authorities are looked up in PKCS#11

Packit b00eeb

This call will block, see gcr_certificate_chain_build_async() for the

Packit b00eeb
asynchronous version.

Packit b00eeb
Packit b00eeb

Parameters

Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb

self

Packit b00eeb

the GcrCertificateChain

Packit b00eeb
 
Packit b00eeb
Packit b00eeb
Packit b00eeb

purpose

Packit b00eeb

the purpose the certificate chain will be used for

Packit b00eeb
 
Packit b00eeb
Packit b00eeb
Packit b00eeb

peer

Packit b00eeb

the peer the certificate chain will be used with, or NULL.

Packit b00eeb
[allow-none]
Packit b00eeb
Packit b00eeb
Packit b00eeb

flags

Packit b00eeb

chain completion flags

Packit b00eeb
 
Packit b00eeb
Packit b00eeb
Packit b00eeb

cancellable

Packit b00eeb

a GCancellable or NULL

Packit b00eeb
 
Packit b00eeb
Packit b00eeb
Packit b00eeb

error

Packit b00eeb

a GError or NULL

Packit b00eeb
 
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb

Returns

Packit b00eeb

whether the operation completed successfully

Packit b00eeb
Packit b00eeb
Packit b00eeb

Packit b00eeb
Packit b00eeb

gcr_certificate_chain_build_async ()

Packit b00eeb
void
Packit b00eeb
gcr_certificate_chain_build_async (GcrCertificateChain *self,
Packit b00eeb
                                   const gchar *purpose,
Packit b00eeb
                                   const gchar *peer,
Packit b00eeb
                                   GcrCertificateChainFlags flags,
Packit b00eeb
                                   GCancellable *cancellable,
Packit b00eeb
                                   GAsyncReadyCallback callback,
Packit b00eeb
                                   gpointer user_data);
Packit b00eeb

Complete a certificate chain. Once a certificate chain has been built

Packit b00eeb
its status can be examined.

Packit b00eeb

This will lookup missing certificates in PKCS#11

Packit b00eeb
modules and also that each certificate in the chain is the signer of the
Packit b00eeb
previous one. If a trust anchor, pinned certificate, or self-signed certificate
Packit b00eeb
is found, then the chain is considered built. Any extra certificates are
Packit b00eeb
removed from the chain.

Packit b00eeb

It's important to understand that building of a certificate chain does not

Packit b00eeb
constitute verifying that chain. This is merely the first step towards
Packit b00eeb
trust verification.

Packit b00eeb

The purpose

Packit b00eeb
 is a string like GCR_PURPOSE_CLIENT_AUTH and is the purpose
Packit b00eeb
for which the certificate chain will be used. Trust anchors are looked up
Packit b00eeb
for this purpose. This argument is required.

Packit b00eeb

The peer

Packit b00eeb
 is usually the host name of the peer whith which this certificate
Packit b00eeb
chain is being used. It is used to look up pinned certificates that have
Packit b00eeb
been stored for this peer. If NULL then no pinned certificates will
Packit b00eeb
be considered.

Packit b00eeb

If the GCR_CERTIFICATE_CHAIN_NO_LOOKUPS flag is specified then no

Packit b00eeb
lookups for anchors or pinned certificates are done, and the resulting chain
Packit b00eeb
will be neither anchored or pinned. Additionally no missing certificate
Packit b00eeb
authorities are looked up in PKCS#11

Packit b00eeb

When the operation is finished, callback

Packit b00eeb
 will be called. You can then call
Packit b00eeb
gcr_certificate_chain_build_finish() to get the result of the operation.

Packit b00eeb
Packit b00eeb

Parameters

Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb

self

Packit b00eeb

the GcrCertificateChain

Packit b00eeb
 
Packit b00eeb
Packit b00eeb
Packit b00eeb

purpose

Packit b00eeb

the purpose the certificate chain will be used for

Packit b00eeb
 
Packit b00eeb
Packit b00eeb
Packit b00eeb

peer

Packit b00eeb

the peer the certificate chain will be used with, or NULL.

Packit b00eeb
[allow-none]
Packit b00eeb
Packit b00eeb
Packit b00eeb

flags

Packit b00eeb

chain completion flags

Packit b00eeb
 
Packit b00eeb
Packit b00eeb
Packit b00eeb

cancellable

Packit b00eeb

a GCancellable or NULL

Packit b00eeb
 
Packit b00eeb
Packit b00eeb
Packit b00eeb

callback

Packit b00eeb

this will be called when the operation completes.

Packit b00eeb
 
Packit b00eeb
Packit b00eeb
Packit b00eeb

user_data

Packit b00eeb

data to pass to the callback

Packit b00eeb
 
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb

Packit b00eeb
Packit b00eeb

gcr_certificate_chain_build_finish ()

Packit b00eeb
gboolean
Packit b00eeb
gcr_certificate_chain_build_finish (GcrCertificateChain *self,
Packit b00eeb
                                    GAsyncResult *result,
Packit b00eeb
                                    GError **error);
Packit b00eeb

Finishes an asynchronous operation started by

Packit b00eeb
gcr_certificate_chain_build_async().

Packit b00eeb
Packit b00eeb

Parameters

Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb

self

Packit b00eeb

the GcrCertificateChain

Packit b00eeb
 
Packit b00eeb
Packit b00eeb
Packit b00eeb

result

Packit b00eeb

the GAsyncResult passed to the callback

Packit b00eeb
 
Packit b00eeb
Packit b00eeb
Packit b00eeb

error

Packit b00eeb

a GError, or NULL

Packit b00eeb
 
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb

Returns

Packit b00eeb

whether the operation succeeded

Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb

Types and Values

Packit b00eeb
Packit b00eeb

struct GcrCertificateChain

Packit b00eeb
struct GcrCertificateChain;
Packit b00eeb

A chain of certificates.

Packit b00eeb
Packit b00eeb

Packit b00eeb
Packit b00eeb

struct GcrCertificateChainClass

Packit b00eeb
struct GcrCertificateChainClass {
Packit b00eeb
	GObjectClass parent_class;
Packit b00eeb
};
Packit b00eeb
Packit b00eeb

The class for GcrCertificateChain.

Packit b00eeb
Packit b00eeb

Members

Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb

Packit b00eeb
Packit b00eeb

enum GcrCertificateChainStatus

Packit b00eeb

The status of a built certificate chain. Will be set to

Packit b00eeb
GCR_CERTIFICATE_CHAIN_UNKNOWN for certificate chains that have not been
Packit b00eeb
built.

Packit b00eeb
Packit b00eeb

Members

Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb

GCR_CERTIFICATE_CHAIN_UNKNOWN

Packit b00eeb
Packit b00eeb

The certificate chain's status is unknown.

Packit b00eeb
When a chain is not yet built it has this status. If a chain is modified after
Packit b00eeb
being built, it has this status.

Packit b00eeb
Packit b00eeb
 
Packit b00eeb
Packit b00eeb
Packit b00eeb

GCR_CERTIFICATE_CHAIN_INCOMPLETE

Packit b00eeb
Packit b00eeb

A full chain could not be loaded. The

Packit b00eeb
chain does not end with a self-signed certificate, a trusted anchor, or a
Packit b00eeb
pinned certificate.

Packit b00eeb
Packit b00eeb
 
Packit b00eeb
Packit b00eeb
Packit b00eeb

GCR_CERTIFICATE_CHAIN_DISTRUSTED

Packit b00eeb
Packit b00eeb

The certificate chain contains a revoked

Packit b00eeb
or otherwise explicitly distrusted certificate. The entire chain should
Packit b00eeb
be distrusted.

Packit b00eeb
Packit b00eeb
 
Packit b00eeb
Packit b00eeb
Packit b00eeb

GCR_CERTIFICATE_CHAIN_SELFSIGNED

Packit b00eeb
Packit b00eeb

The chain ends with a self-signed

Packit b00eeb
certificate. No trust anchor was found.

Packit b00eeb
Packit b00eeb
 
Packit b00eeb
Packit b00eeb
Packit b00eeb

GCR_CERTIFICATE_CHAIN_PINNED

Packit b00eeb
Packit b00eeb

The chain represents a pinned certificate. A

Packit b00eeb
pinned certificate is an exception which trusts a given certificate
Packit b00eeb
explicitly for a purpose and communication with a certain peer.

Packit b00eeb
Packit b00eeb
 
Packit b00eeb
Packit b00eeb
Packit b00eeb

GCR_CERTIFICATE_CHAIN_ANCHORED

Packit b00eeb
Packit b00eeb

The chain ends with an anchored

Packit b00eeb
certificate. The anchored certificate is not necessarily self-signed.

Packit b00eeb
Packit b00eeb
 
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb

Packit b00eeb
Packit b00eeb

enum GcrCertificateChainFlags

Packit b00eeb

Flags to be used with the gcr_certificate_chain_build() operation.

Packit b00eeb
Packit b00eeb

Members

Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb

GCR_CERTIFICATE_CHAIN_NONE

Packit b00eeb
Packit b00eeb

no flags

Packit b00eeb
Packit b00eeb
 
Packit b00eeb
Packit b00eeb
Packit b00eeb

GCR_CERTIFICATE_CHAIN_NO_LOOKUPS

Packit b00eeb
Packit b00eeb

If this flag is specified then no

Packit b00eeb
lookups for anchors or pinned certificates are done, and the resulting chain
Packit b00eeb
will be neither anchored or pinned. Additionally no missing certificate
Packit b00eeb
authorities are looked up in PKCS#11.

Packit b00eeb
Packit b00eeb
 
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb

Packit b00eeb
Packit b00eeb

GCR_TYPE_CERTIFICATE_CHAIN_FLAGS

Packit b00eeb
#define GCR_TYPE_CERTIFICATE_CHAIN_FLAGS (gcr_certificate_chain_flags_get_type ())
Packit b00eeb
Packit b00eeb

The flags GType for GcrCertificateChainFlags.

Packit b00eeb
Packit b00eeb

Packit b00eeb
Packit b00eeb

GCR_TYPE_CERTIFICATE_CHAIN_STATUS

Packit b00eeb
#define GCR_TYPE_CERTIFICATE_CHAIN_STATUS (gcr_certificate_chain_status_get_type ())
Packit b00eeb
Packit b00eeb

The enum GType for GcrCertificateChainStatus.

Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb

Property Details

Packit b00eeb
Packit b00eeb

The “length” property

Packit b00eeb
  “length”                   guint
Packit b00eeb

The length of the certificate chain.

Packit b00eeb

Flags: Read

Packit b00eeb

Default value: 0

Packit b00eeb
Packit b00eeb

Packit b00eeb
Packit b00eeb

The “status” property

Packit b00eeb
  “status”                   GcrCertificateChainStatus
Packit b00eeb

The certificate chain status. See GcrCertificateChainStatus

Packit b00eeb

Flags: Read

Packit b00eeb

Default value: GCR_CERTIFICATE_CHAIN_UNKNOWN

Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb
Packit b00eeb

Generated by GTK-Doc V1.27.1
Packit b00eeb
</body>
Packit b00eeb
</html>