#[repr(transparent)]
pub struct TlsCertificate { /* private fields */ }
Expand description

A certificate used for TLS authentication and encryption. This can represent either a certificate only (eg, the certificate received by a client from a server), or the combination of a certificate and a private key (which is needed when acting as a TlsServerConnection).

This is an Abstract Base Class, you cannot instantiate it.

Implements

TlsCertificateExt, glib::ObjectExt

Implementations

Creates a TlsCertificate from the data in file.

As of 2.72, if the filename ends in .p12 or .pfx the data is loaded by from_pkcs12() otherwise it is loaded by from_pem(). See those functions for exact details.

If file cannot be read or parsed, the function will return None and set error.

file

file containing a certificate to import

Returns

the new certificate, or None on error

Available on crate feature v2_72 only.

Creates a TlsCertificate from the data in file.

If file cannot be read or parsed, the function will return None and set error.

Any unknown file types will error with IOErrorEnum::NotSupported. Currently only .p12 and .pfx files are supported. See from_pkcs12() for more details.

file

file containing a certificate to import

password

password for PKCS 12 files

Returns

the new certificate, or None on error

Creates a TlsCertificate from the PEM-encoded data in cert_file and key_file. The returned certificate will be the first certificate found in cert_file. As of GLib 2.44, if cert_file contains more certificates it will try to load a certificate chain. All certificates will be verified in the order found (top-level certificate should be the last one in the file) and the property::TlsCertificate::issuer property of each certificate will be set accordingly if the verification succeeds. If any certificate in the chain cannot be verified, the first certificate in the file will still be returned.

If either file cannot be read or parsed, the function will return None and set error. Otherwise, this behaves like from_pem().

cert_file

file containing one or more PEM-encoded certificates to import

key_file

file containing a PEM-encoded private key to import

Returns

the new certificate, or None on error

Creates a TlsCertificate from the PEM-encoded data in data. If data includes both a certificate and a private key, then the returned certificate will include the private key data as well. (See the property::TlsCertificate::private-key-pem property for information about supported formats.)

The returned certificate will be the first certificate found in data. As of GLib 2.44, if data contains more certificates it will try to load a certificate chain. All certificates will be verified in the order found (top-level certificate should be the last one in the file) and the property::TlsCertificate::issuer property of each certificate will be set accordingly if the verification succeeds. If any certificate in the chain cannot be verified, the first certificate in the file will still be returned.

data

PEM-encoded certificate data

length

the length of data, or -1 if it’s 0-terminated.

Returns

the new certificate, or None if data is invalid

Available on crate feature v2_68 only.

Creates a TlsCertificate from a PKCS `11` URI.

An example pkcs11_uri would be pkcs11:model=Model;manufacturer=Manufacture;serial=1;token=My20Client20Certificate`;id=`01

Where the token’s layout is:

Object 0:
  URL: pkcs11:model=Model;manufacturer=Manufacture;serial=1;token=My%20Client%20Certificate;id=%01;object=private%20key;type=private
  Type: Private key (RSA-2048)
  ID: 01

Object 1:
  URL: pkcs11:model=Model;manufacturer=Manufacture;serial=1;token=My%20Client%20Certificate;id=%01;object=Certificate%20for%20Authentication;type=cert
  Type: X.509 Certificate (RSA-2048)
  ID: 01

In this case the certificate and private key would both be detected and used as expected. pkcs_uri may also just reference an X.509 certificate object and then optionally private_key_pkcs11_uri allows using a private key exposed under a different URI.

Note that the private key is not accessed until usage and may fail or require a PIN later.

pkcs11_uri

A PKCS `11` URI

private_key_pkcs11_uri

A PKCS `11` URI

Returns

the new certificate, or None on error

Available on crate feature v2_72 only.

Creates a TlsCertificate from the data in data. It must contain a certificate and matching private key.

If extra certificates are included they will be verified as a chain and the property::TlsCertificate::issuer property will be set. All other data will be ignored.

You can pass as single password for all of the data which will be used both for the PKCS 12 container as well as encrypted private keys. If decryption fails it will error with TlsError::BadCertificatePassword.

This constructor requires support in the current TlsBackend. If support is missing it will error with IOErrorEnum::NotSupported.

Other parsing failures will error with TlsError::BadCertificate.

data

DER-encoded PKCS 12 format certificate data

password

optional password for encrypted certificate data

Returns

the new certificate, or None if data is invalid

Creates one or more GTlsCertificates from the PEM-encoded data in file. If file cannot be read or parsed, the function will return None and set error. If file does not contain any PEM-encoded certificates, this will return an empty list and not set error.

file

file containing PEM-encoded certificates to import

Returns

a GList containing TlsCertificate objects. You must free the list and its contents when you are done with it.

Trait Implementations

Returns a copy of the value. Read more

Performs copy-assignment from source. Read more

Formats the value using the given formatter. Read more

Formats the value using the given formatter. Read more

Feeds this value into the given Hasher. Read more

Feeds a slice of this type into the given Hasher. Read more

This method returns an Ordering between self and other. Read more

Compares and returns the maximum of two values. Read more

Compares and returns the minimum of two values. Read more

Restrict a value to a certain interval. Read more

This method tests for self and other values to be equal, and is used by ==. Read more

This method tests for !=.

This method returns an ordering between self and other values if one exists. Read more

This method tests less than (for self and other) and is used by the < operator. Read more

This method tests less than or equal to (for self and other) and is used by the <= operator. Read more

This method tests greater than (for self and other) and is used by the > operator. Read more

This method tests greater than or equal to (for self and other) and is used by the >= operator. Read more

Returns the type identifier of Self.

Auto Trait Implementations

Blanket Implementations

Gets the TypeId of self. Read more

Immutably borrows from an owned value. Read more

Mutably borrows from an owned value. Read more

Upcasts an object to a superclass or interface T. Read more

Upcasts an object to a reference of its superclass or interface T. Read more

Tries to downcast to a subclass or interface implementor T. Read more

Tries to downcast to a reference of its subclass or interface implementor T. Read more

Tries to cast to an object of type T. This handles upcasting, downcasting and casting between interface and interface implementors. All checks are performed at runtime, while downcast and upcast will do many checks at compile-time already. Read more

Tries to cast to reference to an object of type T. This handles upcasting, downcasting and casting between interface and interface implementors. All checks are performed at runtime, while downcast and upcast will do many checks at compile-time already. Read more

Casts to T unconditionally. Read more

Casts to &T unconditionally. Read more

Returns the argument unchanged.

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Returns true if the object is an instance of (can be cast to) T.

Returns the type of the object.

Returns the ObjectClass of the object. Read more

Returns the class of the object.

Returns the class of the object in the given type T. Read more

Returns the interface T of the object. Read more

Similar to Self::set_property but fails instead of panicking.

Sets the property property_name of the object to value value. Read more

Similar to Self::set_property but fails instead of panicking.

Sets the property property_name of the object to value value. Read more

Similar to Self::set_properties but fails instead of panicking.

Sets multiple properties of the object at once. Read more

Similar to Self::set_properties_from_value but fails instead of panicking.

Sets multiple properties of the object at once. Read more

Similar to Self::property but fails instead of panicking.

Gets the property property_name of the object and cast it to the type V. Read more

Similar to Self::property_value but fails instead of panicking.

Gets the property property_name of the object. Read more

Check if the object has a property property_name of the given type_. Read more

Get the type of the property property_name of this object. Read more

Get the ParamSpec of the property property_name of this object.

Return all ParamSpec of the properties of this object.

Freeze all property notifications until the return guard object is dropped. Read more

Set arbitrary data on this object with the given key. Read more

Return previously set arbitrary data of this object with the given key. Read more

Retrieve previously set arbitrary data of this object with the given key. Read more

Set arbitrary data on this object with the given key. Read more

Return previously set arbitrary data of this object with the given key. Read more

Retrieve previously set arbitrary data of this object with the given key. Read more

Block a given signal handler. Read more

Unblock a given signal handler.

Stop emission of the currently emitted signal.

Stop emission of the currently emitted signal by the (possibly detailed) signal name.

Similar to Self::connect but fails instead of panicking.

Connect to the signal signal_name on this object. Read more

Similar to Self::connect_id but fails instead of panicking.

Connect to the signal signal_id on this object. Read more

Similar to Self::connect_local but fails instead of panicking.

Connect to the signal signal_name on this object. Read more

Similar to Self::connect_local_id but fails instead of panicking.

Connect to the signal signal_id on this object. Read more

Similar to Self::connect_unsafe but fails instead of panicking.

Connect to the signal signal_name on this object. Read more

Similar to Self::connect_unsafe_id but fails instead of panicking.

Similar to Self::connect_closure but fails instead of panicking.

Connect a closure to the signal signal_name on this object. Read more

Similar to Self::connect_closure_id but fails instead of panicking.

Connect a closure to the signal signal_id on this object. Read more

Limits the lifetime of closure to the lifetime of the object. When the object’s reference count drops to zero, the closure will be invalidated. An invalidated closure will ignore any calls to Closure::invoke. Read more

Connect to the signal signal_id on this object. Read more

Similar to Self::emit but fails instead of panicking.

Emit signal by signal id. Read more

Similar to Self::emit_with_values but fails instead of panicking.

Same as Self::emit but takes Value for the arguments.

Similar to Self::emit_by_name but fails instead of panicking.

Emit signal by its name. Read more

Similar to Self::emit_by_name_with_values but fails instead of panicking.

Emit signal by its name. Read more

Similar to Self::emit_with_details but fails instead of panicking.

Emit signal by signal id with details. Read more

Similar to Self::emit_with_details_and_values but fails instead of panicking.

Emit signal by signal id with details. Read more

Disconnect a previously connected signal handler.

Connect to the notify signal of the object. Read more

Connect to the notify signal of the object. Read more

Connect to the notify signal of the object. Read more

Notify that the given property has changed its value. Read more

Notify that the given property has changed its value. Read more

Downgrade this object to a weak reference.

Bind property source_property on this object to the target_property on the target object. Read more

Returns the strong reference count of this object.

Ensures that the type has been registered with the type system.

The resulting type after obtaining ownership.

Creates owned data from borrowed data, usually by cloning. Read more

🔬 This is a nightly-only experimental API. (toowned_clone_into)

Uses borrowed data to replace owned data, usually by cloning. Read more

Converts the given value to a String. Read more

The type returned in the event of a conversion error.

Performs the conversion.

The type returned in the event of a conversion error.

Performs the conversion.