Trait gio::prelude::TlsDatabaseExt[][src]

pub trait TlsDatabaseExt: 'static {

Show methods    fn create_certificate_handle<P: IsA<TlsCertificate>>(
        &self, 
        certificate: &P
    ) -> Option<GString>;

    fn lookup_certificate_for_handle<P: IsA<TlsInteraction>, Q: IsA<Cancellable>>(
        &self, 
        handle: &str, 
        interaction: Option<&P>, 
        flags: TlsDatabaseLookupFlags, 
        cancellable: Option<&Q>
    ) -> Result<Option<TlsCertificate>, Error>;

    fn lookup_certificate_for_handle_async<P: IsA<TlsInteraction>, Q: IsA<Cancellable>, R: FnOnce(Result<TlsCertificate, Error>) + Send + 'static>(
        &self, 
        handle: &str, 
        interaction: Option<&P>, 
        flags: TlsDatabaseLookupFlags, 
        cancellable: Option<&Q>, 
        callback: R
    );

    fn lookup_certificate_for_handle_async_future<P: IsA<TlsInteraction> + Clone + 'static>(
        &self, 
        handle: &str, 
        interaction: Option<&P>, 
        flags: TlsDatabaseLookupFlags
    ) -> Pin<Box_<dyn Future<Output = Result<TlsCertificate, Error>> + 'static>>;

    fn lookup_certificate_issuer<P: IsA<TlsCertificate>, Q: IsA<TlsInteraction>, R: IsA<Cancellable>>(
        &self, 
        certificate: &P, 
        interaction: Option<&Q>, 
        flags: TlsDatabaseLookupFlags, 
        cancellable: Option<&R>
    ) -> Result<TlsCertificate, Error>;

    fn lookup_certificate_issuer_async<P: IsA<TlsCertificate>, Q: IsA<TlsInteraction>, R: IsA<Cancellable>, S: FnOnce(Result<TlsCertificate, Error>) + Send + 'static>(
        &self, 
        certificate: &P, 
        interaction: Option<&Q>, 
        flags: TlsDatabaseLookupFlags, 
        cancellable: Option<&R>, 
        callback: S
    );

    fn lookup_certificate_issuer_async_future<P: IsA<TlsCertificate> + Clone + 'static, Q: IsA<TlsInteraction> + Clone + 'static>(
        &self, 
        certificate: &P, 
        interaction: Option<&Q>, 
        flags: TlsDatabaseLookupFlags
    ) -> Pin<Box_<dyn Future<Output = Result<TlsCertificate, Error>> + 'static>>;

    fn lookup_certificates_issued_by<P: IsA<TlsInteraction>, Q: IsA<Cancellable>>(
        &self, 
        issuer_raw_dn: &ByteArray, 
        interaction: Option<&P>, 
        flags: TlsDatabaseLookupFlags, 
        cancellable: Option<&Q>
    ) -> Result<Vec<TlsCertificate>, Error>;

    fn lookup_certificates_issued_by_async<P: IsA<TlsInteraction>, Q: IsA<Cancellable>, R: FnOnce(Result<Vec<TlsCertificate>, Error>) + Send + 'static>(
        &self, 
        issuer_raw_dn: &ByteArray, 
        interaction: Option<&P>, 
        flags: TlsDatabaseLookupFlags, 
        cancellable: Option<&Q>, 
        callback: R
    );

    fn lookup_certificates_issued_by_async_future<P: IsA<TlsInteraction> + Clone + 'static>(
        &self, 
        issuer_raw_dn: &ByteArray, 
        interaction: Option<&P>, 
        flags: TlsDatabaseLookupFlags
    ) -> Pin<Box_<dyn Future<Output = Result<Vec<TlsCertificate>, Error>> + 'static>>;

    fn verify_chain<P: IsA<TlsCertificate>, Q: IsA<SocketConnectable>, R: IsA<TlsInteraction>, S: IsA<Cancellable>>(
        &self, 
        chain: &P, 
        purpose: &str, 
        identity: Option<&Q>, 
        interaction: Option<&R>, 
        flags: TlsDatabaseVerifyFlags, 
        cancellable: Option<&S>
    ) -> Result<TlsCertificateFlags, Error>;

    fn verify_chain_async<P: IsA<TlsCertificate>, Q: IsA<SocketConnectable>, R: IsA<TlsInteraction>, S: IsA<Cancellable>, T: FnOnce(Result<TlsCertificateFlags, Error>) + Send + 'static>(
        &self, 
        chain: &P, 
        purpose: &str, 
        identity: Option<&Q>, 
        interaction: Option<&R>, 
        flags: TlsDatabaseVerifyFlags, 
        cancellable: Option<&S>, 
        callback: T
    );

    fn verify_chain_async_future<P: IsA<TlsCertificate> + Clone + 'static, Q: IsA<SocketConnectable> + Clone + 'static, R: IsA<TlsInteraction> + Clone + 'static>(
        &self, 
        chain: &P, 
        purpose: &str, 
        identity: Option<&Q>, 
        interaction: Option<&R>, 
        flags: TlsDatabaseVerifyFlags
    ) -> Pin<Box_<dyn Future<Output = Result<TlsCertificateFlags, Error>> + 'static>>;

}
Expand description

Trait containing all TlsDatabase methods.

Implementors

TlsDatabase, TlsFileDatabase

Required methods

Create a handle string for the certificate. The database will only be able to create a handle for certificates that originate from the database. In cases where the database cannot create a handle for a certificate, None will be returned.

This handle should be stable across various instances of the application, and between applications. If a certificate is modified in the database, then it is not guaranteed that this handle will continue to point to it.

certificate

certificate for which to create a handle.

Returns

a newly allocated string containing the handle.

Look up a certificate by its handle.

The handle should have been created by calling create_certificate_handle() on a TlsDatabase object of the same TLS backend. The handle is designed to remain valid across instantiations of the database.

If the handle is no longer valid, or does not point to a certificate in this database, then None will be returned.

This function can block, use lookup_certificate_for_handle_async() to perform the lookup operation asynchronously.

handle

a certificate handle

interaction

used to interact with the user if necessary

flags

Flags which affect the lookup.

cancellable

a Cancellable, or None

Returns

a newly allocated TlsCertificate, or None. Use g_object_unref() to release the certificate.

Asynchronously look up a certificate by its handle in the database. See lookup_certificate_for_handle() for more information.

handle

a certificate handle

interaction

used to interact with the user if necessary

flags

Flags which affect the lookup.

cancellable

a Cancellable, or None

callback

callback to call when the operation completes

Look up the issuer of certificate in the database.

The property::TlsCertificate::issuer property of certificate is not modified, and the two certificates are not hooked into a chain.

This function can block, use lookup_certificate_issuer_async() to perform the lookup operation asynchronously.

certificate

a TlsCertificate

interaction

used to interact with the user if necessary

flags

flags which affect the lookup operation

cancellable

a Cancellable, or None

Returns

a newly allocated issuer TlsCertificate, or None. Use g_object_unref() to release the certificate.

Asynchronously look up the issuer of certificate in the database. See lookup_certificate_issuer() for more information.

certificate

a TlsCertificate

interaction

used to interact with the user if necessary

flags

flags which affect the lookup operation

cancellable

a Cancellable, or None

callback

callback to call when the operation completes

Look up certificates issued by this issuer in the database.

This function can block, use lookup_certificates_issued_by_async() to perform the lookup operation asynchronously.

issuer_raw_dn

a glib::ByteArray which holds the DER encoded issuer DN.

interaction

used to interact with the user if necessary

flags

Flags which affect the lookup operation.

cancellable

a Cancellable, or None

Returns

a newly allocated list of TlsCertificate objects. Use g_object_unref() on each certificate, and g_list_free() on the release the list.

Asynchronously look up certificates issued by this issuer in the database. See lookup_certificates_issued_by() for more information.

The database may choose to hold a reference to the issuer byte array for the duration of of this asynchronous operation. The byte array should not be modified during this time.

issuer_raw_dn

a glib::ByteArray which holds the DER encoded issuer DN.

interaction

used to interact with the user if necessary

flags

Flags which affect the lookup operation.

cancellable

a Cancellable, or None

callback

callback to call when the operation completes

Determines the validity of a certificate chain after looking up and adding any missing certificates to the chain.

chain is a chain of TlsCertificate objects each pointing to the next certificate in the chain by its property::TlsCertificate::issuer property. The chain may initially consist of one or more certificates. After the verification process is complete, chain may be modified by adding missing certificates, or removing extra certificates. If a certificate anchor was found, then it is added to the chain.

purpose describes the purpose (or usage) for which the certificate is being used. Typically purpose will be set to TLS_DATABASE_PURPOSE_AUTHENTICATE_SERVER which means that the certificate is being used to authenticate a server (and we are acting as the client).

The identity is used to ensure the server certificate is valid for the expected peer identity. If the identity does not match the certificate, TlsCertificateFlags::BAD_IDENTITY will be set in the return value. If identity is None, that bit will never be set in the return value. The peer identity may also be used to check for pinned certificates (trust exceptions) in the database. These may override the normal verification process on a host-by-host basis.

Currently there are no flags, and TlsDatabaseVerifyFlags::NONE should be used.

If chain is found to be valid, then the return value will be 0. If chain is found to be invalid, then the return value will indicate the problems found. If the function is unable to determine whether chain is valid or not (eg, because cancellable is triggered before it completes) then the return value will be TlsCertificateFlags::GENERIC_ERROR and error will be set accordingly. error is not set when chain is successfully analyzed but found to be invalid.

This function can block, use verify_chain_async() to perform the verification operation asynchronously.

chain

a TlsCertificate chain

purpose

the purpose that this certificate chain will be used for.

identity

the expected peer identity

interaction

used to interact with the user if necessary

flags

additional verify flags

cancellable

a Cancellable, or None

Returns

the appropriate TlsCertificateFlags which represents the result of verification.

Asynchronously determines the validity of a certificate chain after looking up and adding any missing certificates to the chain. See verify_chain() for more information.

chain

a TlsCertificate chain

purpose

the purpose that this certificate chain will be used for.

identity

the expected peer identity

interaction

used to interact with the user if necessary

flags

additional verify flags

cancellable

a Cancellable, or None

callback

callback to call when the operation completes

Implementors