Automatically loaded attributes for this certificate.
A readable description for this certificate
The expiry date of the certificate
The raw PKCS11 handle for this object.
An icon representing the certificate
Common name part of the certificate issuer
A readable label for this certificate.
GLib markup to describe the certificate
The GckModule that this object belongs to.
The PKCS11 session to make calls on when this object needs to perform operations on itself.
If this is NULL then a new session is opened for each operation, such as gck_object_get(), gck_object_set() or gck_object_destroy().
Common name part of the certificate subject
Creates a binding between source_property on source and target_property
on target.
Whenever the source_property is changed the target_property is
updated using the same value. For instance:
g_object_bind_property (action, "active", widget, "sensitive", 0);
Will result in the "sensitive" property of the widget #GObject instance to be updated with the same value of the "active" property of the action #GObject instance.
If flags contains %G_BINDING_BIDIRECTIONAL then the binding will be mutual:
if target_property on target changes then the source_property on source
will be updated as well.
The binding will automatically be removed when either the source or the
target instances are finalized. To remove the binding without affecting the
source and the target you can just call g_object_unref() on the returned
#GBinding instance.
Removing the binding by calling g_object_unref() on it must only be done if
the binding, source and target are only used from a single thread and it
is clear that both source and target outlive the binding. Especially it
is not safe to rely on this if the binding, source or target can be
finalized from different threads. Keep another reference to the binding and
use g_binding_unbind() instead to be on the safe side.
A #GObject can have multiple bindings.
the property on source to bind
the target #GObject
the property on target to bind
flags to pass to #GBinding
Creates a binding between source_property on source and target_property
on target, allowing you to set the transformation functions to be used by
the binding.
This function is the language bindings friendly version of g_object_bind_property_full(), using #GClosures instead of function pointers.
the property on source to bind
the target #GObject
the property on target to bind
flags to pass to #GBinding
a #GClosure wrapping the transformation function from the source to the target, or %NULL to use the default
a #GClosure wrapping the transformation function from the target to the source, or %NULL to use the default
Lookup attributes in the cache, or retrieve them from the object if necessary.
If object is a #GckObjectCache then this will lookup the attributes there
first if available, otherwise will read them from the object and update
the cache.
If object is not a #GckObjectCache, then the attributes will simply be
read from the object.
This may block, use the asynchronous version when this is not desirable
the types of attributes to update
optional cancellation object
Lookup attributes in the cache, or retrieve them from the object if necessary.
If object is a #GckObjectCache then this will lookup the attributes there
first if available, otherwise will read them from the object and update
the cache.
If object is not a #GckObjectCache, then the attributes will simply be
read from the object.
This will return immediately and complete asynchronously
the types of attributes to update
optional cancellation object
called when the operation completes
Complete an operation to lookup attributes in the cache or retrieve them from the object if necessary.
the asynchrounous result passed to the callback
Compare whether two objects represent the same thing. The return value can also be used to sort the objects.
Another comparable object
Destroy a PKCS#11 object, deleting it from storage or the session. This call may block for an indefinite period.
Optional cancellable object, or %NULL to ignore.
Destroy a PKCS#11 object, deleting it from storage or the session. This call will return immediately and complete asynchronously.
Optional cancellable object, or %NULL to ignore.
Callback which is called when operation completes.
Get the status of the operation to destroy a PKCS#11 object, begun with gck_object_destroy_async().
The result of the destory operation passed to the callback.
This function is intended for #GObject implementations to re-enforce a [floating][floating-ref] object reference. Doing this is seldom required: all #GInitiallyUnowneds are created with a floating reference which usually just needs to be sunken by calling g_object_ref_sink().
Increases the freeze count on object. If the freeze count is
non-zero, the emission of "notify" signals on object is
stopped. The signals are queued until the freeze count is decreased
to zero. Duplicate notifications are squashed so that at most one
#GObject::notify signal is emitted for each property modified while the
object is frozen.
This is necessary for accessors that modify multiple properties to prevent premature notification while the object is still being modified.
Get the specified attributes from the object. The attributes will be cleared of their current values, and new attributes will be stored. The attributes should not be accessed in any way except for referencing and unreferencing them until gck_object_get_finish() is called.
This call returns immediately and completes asynchronously.
the types of the attributes to get
optional cancellation object, or %NULL
A callback which is called when the operation completes.
Access the automatically loaded attributes for this certificate.
Get the basic constraints for the certificate if present. If %FALSE is
returned then no basic constraints are present and the is_ca and
path_len arguments are not changed.
Gets a named field from the objects table of associations (see g_object_set_data()).
Get the data for the specified attribute from the object.
This call will return immediately and complete asynchronously.
The attribute to get data for.
An allocator with which to allocate memory for the data, or %NULL for default.
Optional cancellation object, or %NULL.
Called when the operation completes.
Get the result of an operation to get attribute data from an object. For convenience the returned data has an extra null terminator, not included in the returned length.
The result passed to the callback.
Gets the raw DER data for an X.509 certificate.
Calculate the fingerprint for this certificate.
The caller should free the returned data using g_free() when it is no longer required.
the type of algorithm for the fingerprint.
Calculate the fingerprint for this certificate, and return it as a hex string.
The caller should free the returned data using g_free() when it is no longer required.
the type of algorithm for the fingerprint.
Get the result of a get operation and return specified attributes from the object.
No extra references are added to the returned attributes pointer.
The result passed to the callback.
Get the specified attributes from the object. This call may block for an indefinite period.
No extra references are added to the returned attributes pointer. During this call you may not access the attributes in any way.
the types of the attributes to get
optional cancellation object, or %NULL
Get the raw PKCS#11 handle of a GckObject.
Get the common name of the issuer of this certificate.
The string returned should be freed by the caller when no longer required.
Get the full issuer DN of the certificate as a (mostly) readable string.
The string returned should be freed by the caller when no longer required.
Get a name to represent the issuer of this certificate.
This will try to lookup the common name, orianizational unit, organization in that order.
Get a part of the DN of the issuer of this certificate.
Examples of a part might be the 'OU' (organizational unit)
or the 'CN' (common name). Only the value of that part
of the DN is returned.
The string returned should be freed by the caller when no longer required.
a DN type string or OID.
Get the raw DER data for the issuer DN of the certificate.
The data should be freed by using g_free() when no longer required.
Get the key size in bits of the public key represented by this certificate.
Calculate a GMarkup string for displaying this certificate.
Gets a property of an object.
The value can be:
In general, a copy is made of the property contents and the caller is responsible for freeing the memory by calling g_value_unset().
Note that g_object_get_property() is really intended for language bindings, g_object_get() is much more convenient for C programming.
the name of the property to get
return location for the property value
This function gets back user data pointers stored via g_object_set_qdata().
A #GQuark, naming the user data pointer
Get the raw binary serial number of the certificate.
The caller should free the returned data using g_free() when it is no longer required.
Get the serial number of the certificate as a hex string.
The caller should free the returned data using g_free() when it is no longer required.
Get the common name of the subject of this certificate.
The string returned should be freed by the caller when no longer required.
Get the full subject DN of the certificate as a (mostly) readable string.
The string returned should be freed by the caller when no longer required.
Get a name to represent the subject of this certificate.
This will try to lookup the common name, orianizational unit, organization in that order.
Get a part of the DN of the subject of this certificate.
Examples of a part might be the 'OU' (organizational unit)
or the 'CN' (common name). Only the value of that part
of the DN is returned.
The string returned should be freed by the caller when no longer required.
a DN type string or OID.
Get the raw DER data for the subject DN of the certificate.
The data should be freed by using g_free() when no longer required.
Get an attribute template from the object. The attr_type must be for an attribute which returns a template.
This call may block for an indefinite period.
The template attribute type.
Optional cancellation object, or %NULL.
Get an attribute template from the object. The attr_type must be for
an attribute which returns a template.
This call will return immediately and complete asynchronously.
The template attribute type.
Optional cancellation object, or %NULL.
Called when the operation completes.
Get the result of an operation to get attribute template from an object.
The result passed to the callback.
Gets n_properties properties for an object.
Obtained properties will be set to values. All properties must be valid.
Warnings will be emitted and undefined behaviour may result if invalid
properties are passed in.
the names of each property to get
the values of each property to get
Create a hash value for the GckObject.
This function is intended for easily hashing a GckObject to add to a GHashTable or similar data structure.
Checks whether object has a [floating][floating-ref] reference.
Check if issuer could be the issuer of this certificate. This is done by
comparing the relevant subject and issuer fields. No signature check is
done. Proper verification of certificates must be done via a crypto
library.
a possible issuer #GcrCertificate
Implementers of the #GcrCertificate mixin should call this function to notify when the certificate has changed to emit notifications on the various properties.
Emits a "notify" signal for the property property_name on object.
When possible, eg. when signaling a property change from within the class that registered the property, you should use g_object_notify_by_pspec() instead.
Note that emission of the notify signal may be blocked with g_object_freeze_notify(). In this case, the signal emissions are queued and will be emitted (in reverse order) when g_object_thaw_notify() is called.
the name of a property installed on the class of object.
Emits a "notify" signal for the property specified by pspec on object.
This function omits the property name lookup, hence it is faster than g_object_notify().
One way to avoid using g_object_notify() from within the class that registered the properties, and using g_object_notify_by_pspec() instead, is to store the GParamSpec used with g_object_class_install_property() inside a static array, e.g.:
enum
{
PROP_0,
PROP_FOO,
PROP_LAST
};
static GParamSpec *properties[PROP_LAST];
static void
my_object_class_init (MyObjectClass *klass)
{
properties[PROP_FOO] = g_param_spec_int ("foo", "Foo", "The foo",
0, 100,
50,
G_PARAM_READWRITE);
g_object_class_install_property (gobject_class,
PROP_FOO,
properties[PROP_FOO]);
}
and then notify a change on the "foo" property with:
g_object_notify_by_pspec (self, properties[PROP_FOO]);
the #GParamSpec of a property installed on the class of object.
Increase the reference count of object, and possibly remove the
[floating][floating-ref] reference, if object has a floating reference.
In other words, if the object is floating, then this call "assumes ownership" of the floating reference, converting it to a normal reference by clearing the floating flag while leaving the reference count unchanged. If the object is not floating, then this call adds a new normal reference increasing the reference count by one.
Since GLib 2.56, the type of object will be propagated to the return type
under the same conditions as for g_object_ref().
Releases all references to other objects. This can be used to break reference cycles.
This function should only be called from object system implementations.
Set PKCS#11 attributes on an object. This call may block for an indefinite period.
If the attrs #GckAttributes is floating, it is consumed.
The attributes to set on the object.
Optional cancellable object, or %NULL to ignore.
Set PKCS#11 attributes on an object. This call will return immediately and completes asynchronously.
If the attrs #GckAttributes is floating, it is consumed.
The attributes to set on the object.
Optional cancellable object, or %NULL to ignore.
Callback which is called when operation completes.
Each object carries around a table of associations from strings to pointers. This function lets you set an association.
If the object already had an association with that name, the old association will be destroyed.
Internally, the key is converted to a #GQuark using g_quark_from_string().
This means a copy of key is kept permanently (even after object has been
finalized) — so it is recommended to only use a small, bounded set of values
for key in your program, to avoid the #GQuark storage growing unbounded.
name of the key
data to associate with that key
Get the status of the operation to set attributes on a PKCS#11 object, begun with gck_object_set_async().
The result of the destory operation passed to the callback.
Sets a property on an object.
the name of the property to set
the value
Set an attribute template on the object. The attr_type must be for an attribute which contains a template.
If the attrs #GckAttributes is floating, it is consumed.
This call may block for an indefinite period.
The attribute template type.
The attribute template.
Optional cancellation object, or %NULL.
Set an attribute template on the object. The attr_type must be for an attribute which contains a template.
If the attrs #GckAttributes is floating, it is consumed.
This call will return immediately and complete asynchronously.
The attribute template type.
The attribute template.
Optional cancellation object, or %NULL.
Called when the operation completes.
Get the result of an operation to set attribute template on an object.
The result passed to the callback.
Remove a specified datum from the object's data associations, without invoking the association's destroy handler.
name of the key
This function gets back user data pointers stored via
g_object_set_qdata() and removes the data from object
without invoking its destroy() function (if any was
set).
Usually, calling this function is only required to update
user data pointers with a destroy notifier, for example:
void
object_add_to_user_list (GObject *object,
const gchar *new_string)
{
// the quark, naming the object data
GQuark quark_string_list = g_quark_from_static_string ("my-string-list");
// retrieve the old string list
GList *list = g_object_steal_qdata (object, quark_string_list);
// prepend new string
list = g_list_prepend (list, g_strdup (new_string));
// this changed 'list', so we need to set it again
g_object_set_qdata_full (object, quark_string_list, list, free_string_list);
}
static void
free_string_list (gpointer data)
{
GList *node, *list = data;
for (node = list; node; node = node->next)
g_free (node->data);
g_list_free (list);
}
Using g_object_get_qdata() in the above example, instead of g_object_steal_qdata() would have left the destroy function set, and thus the partial string list would have been freed upon g_object_set_qdata_full().
A #GQuark, naming the user data pointer
Reverts the effect of a previous call to
g_object_freeze_notify(). The freeze count is decreased on object
and when it reaches zero, queued "notify" signals are emitted.
Duplicate notifications for each property are squashed so that at most one #GObject::notify signal is emitted for each property, in the reverse order in which they have been queued.
It is an error to call this function when the freeze count is zero.
Decreases the reference count of object. When its reference count
drops to 0, the object is finalized (i.e. its memory is freed).
If the pointer to the #GObject may be reused in future (for example, if it is an instance variable of another object), it is recommended to clear the pointer to %NULL rather than retain a dangling pointer to a potentially invalid #GObject instance. Use g_clear_object() for this.
This function essentially limits the life time of the closure to
the life time of the object. That is, when the object is finalized,
the closure is invalidated by calling g_closure_invalidate() on
it, in order to prevent invocations of the closure with a finalized
(nonexisting) object. Also, g_object_ref() and g_object_unref() are
added as marshal guards to the closure, to ensure that an extra
reference count is held on object during invocation of the
closure. Usually, this function will be called on closures that
use this object as closure data.
#GClosure to watch
Initialize a GckObject from a raw PKCS#11 handle. Normally you would use
[methodSession.create_object] or [methodSession.find_objects] to access
objects.
The session through which this object is accessed or created.
The raw CK_OBJECT_HANDLE of the object.
Find the #GParamSpec with the given name for an
interface. Generally, the interface vtable passed in as g_iface
will be the default vtable from g_type_default_interface_ref(), or,
if you know the interface has already been loaded,
g_type_default_interface_peek().
any interface vtable for the interface, or the default vtable for the interface
name of a property to look up.
Add a property to an interface; this is only useful for interfaces that are added to GObject-derived types. Adding a property to an interface forces all objects classes with that interface to have a compatible property. The compatible property could be a newly created #GParamSpec, but normally g_object_class_override_property() will be used so that the object class only needs to provide an implementation and inherits the property description, default value, bounds, and so forth from the interface property.
This function is meant to be called from the interface's default
vtable initialization function (the class_init member of
#GTypeInfo.) It must not be called after after class_init has
been called for any object types implementing this interface.
If pspec is a floating reference, it will be consumed.
any interface vtable for the interface, or the default vtable for the interface.
the #GParamSpec for the new property
Lists the properties of an interface.Generally, the interface
vtable passed in as g_iface will be the default vtable from
g_type_default_interface_ref(), or, if you know the interface has
already been loaded, g_type_default_interface_peek().
any interface vtable for the interface, or the default vtable for the interface
Lookup a the issuer of a certificate in the PKCS#11 storage. The
lookup is done using the issuer DN of the certificate. No certificate chain
verification is done. Use a crypto library to make trust decisions.
This call may block, see gcr_pkcs11_certificate_lookup_issuer() for the non-blocking version.
Will return %NULL if no issuer certificate is found. Use error to determine
if an error occurred.
a #GcrCertificate
a #GCancellable
Lookup a the issuer of a certificate in the PKCS#11 storage. The
lookup is done using the issuer DN of the certificate. No certificate chain
verification is done. Use a crypto library to make trust decisions.
When the operation is finished, callback will be called. You can then call gcr_pkcs11_certificate_lookup_issuer_finish() to get the result of the operation.
a #GcrCertificate
a #GCancellable
a #GAsyncReadyCallback to call when the operation completes
Finishes an asynchronous operation started by gcr_pkcs11_certificate_lookup_issuer_async().
Will return %NULL if no issuer certificate is found. Use error to determine
if an error occurred.
the #GAsyncResult passed to the callback
Creates a new instance of a #GObject subtype and sets its properties.
Construction parameters (see %G_PARAM_CONSTRUCT, %G_PARAM_CONSTRUCT_ONLY) which are not explicitly specified are set to their default values.
the type id of the #GObject subtype to instantiate
an array of #GParameter
A certificate loaded from a PKCS#11 storage. It is also a valid [class
Gck.Object] and can be used as such.Use gcr_pkcs11_certificate_lookup_issuer() to lookup the issuer of a given certificate in the PKCS#11 store.
Various common PKCS#11 certificate attributes are automatically loaded and are available via gcr_pkcs11_certificate_get_attributes().