Gjsify LogoGjsify Logo

Index

Enumerations

Classes

Interfaces

Variables

Functions

Variables

ICON_CERTIFICATE: string
ICON_GNUPG: string
ICON_HOME_DIRECTORY: string
ICON_KEY: string
ICON_KEY_PAIR: string
ICON_PASSWORD: string
ICON_SMART_CARD: string
MAJOR_VERSION: number

The major version number of the Gcr library.

MICRO_VERSION: number

The micro version number of the Gcr library.

MINOR_VERSION: number

The minor version number of the Gcr library.

PURPOSE_CLIENT_AUTH: string

The purpose used to verify the client certificate in a TLS connection.

PURPOSE_CODE_SIGNING: string

The purpose used to verify certificate used for the signature on signed code.

PURPOSE_EMAIL: string

The purpose used to verify certificates that are used in email communication such as S/MIME.

PURPOSE_SERVER_AUTH: string

The purpose used to verify the server certificate in a TLS connection. This is the most common purpose in use.

SECRET_EXCHANGE_PROTOCOL_1: string

The current secret exchange protocol. Key agreement is done using DH with the 1536 bit IKE parameter group. Keys are derived using SHA256 with HKDF. The transport encryption is done with 128 bit AES.

UNLOCK_OPTION_ALWAYS: string
UNLOCK_OPTION_IDLE: string
UNLOCK_OPTION_SESSION: string
UNLOCK_OPTION_TIMEOUT: string

Functions

  • Compare one certificate against another. If the certificates are equal then zero is returned. If one certificate is %NULL or not a certificate, then a non-zero value is returned.

    The return value is useful in a stable sort, but has no user logical meaning.

    Parameters

    Returns number

  • dataErrorGetDomain(): Quark
  • Create a key fingerprint for a certificate, public key or private key. Note that this is not a fingerprint of certificate data, which you would use gcr_certificate_get_fingerprint() for.

    Parameters

    • attrs: Attributes

      attributes for key or certificate

    • checksumType: ChecksumType

      the type of fingerprint to create

    Returns Uint8Array | null

  • fingerprintFromSubjectPublicKeyInfo(keyInfo: Uint8Array, checksumType: ChecksumType): Uint8Array | null
  • Create a key fingerprint for a DER encoded subjectPublicKeyInfo. The fingerprint is created so that it will be identical for a key and its corresponding certificate.

    Note that in the case of certificates this is not a fingerprint of the actual certificate data, but rather of the public key contained in a certificate.

    Parameters

    • keyInfo: Uint8Array

      DER encoded subjectPublicKeyInfo structure

    • checksumType: ChecksumType

      the type of fingerprint to create

    Returns Uint8Array | null

  • Create a set of importers which can import this parsed item. The parsed item is represented by the state of the GcrParser at the time of calling this method.

    Parameters

    • parsed: Parsed

      a parser with a parsed item to import

    Returns Importer[]

  • Queues an additional item to be imported in all compattible importers in the set. The parsed item is represented by the state of the #GcrParser at the time of calling this method.

    If the parsed item is incompatible with an importer, then that the item will not be queued on that importer.

    Parameters

    • importers: Importer[]

      a set of importers

    • parsed: Parsed

      a parsed item

    Returns Importer[]

  • Register an importer to handle parsed items that match the given attributes.

    If attrs are a floating reference, then it is consumed.

    Parameters

    • importerType: GType<unknown>

      the GType of the importer being registered

    • attrs: Attributes

      the attributes that this importer is compatible with

    Returns void

  • importerRegisterWellKnown(): void
  • Register built-in PKCS#11 and GnuPG importers.

    Returns void

  • mockPrompterDisconnect(): void
  • mockPrompterExpectClose(): void
  • Queue an expected response on the mock prompter.

    Expects any prompt, and closes the prompt when it gets it.

    Returns void

  • mockPrompterExpectConfirmCancel(): void
  • Queue an expected response on the mock prompter.

    Expects a confirmation prompt, and then cancels that prompt.

    Returns void

  • mockPrompterExpectPasswordCancel(): void
  • Queue an expected response on the mock prompter.

    Expects a password prompt, and then cancels that prompt.

    Returns void

  • mockPrompterGetDelayMsec(): number
  • Get the delay in milliseconds before the mock prompter completes an expected prompt.

    Returns number

  • mockPrompterIsExpecting(): boolean
  • Check if the mock prompter is expecting a response. This will be %TRUE when one of the gcr_mock_prompter_expect_xxx() functions have been used to queue an expected prompt, but that prompt response has not be 'used' yet.

    Returns boolean

  • mockPrompterIsPrompting(): boolean
  • Check if the mock prompter is showing any prompts.

    Returns boolean

  • mockPrompterSetDelayMsec(delayMsec: number): void
  • Set the delay in milliseconds before the mock prompter completes an expected prompt.

    Parameters

    • delayMsec: number

      prompt response delay in milliseconds

    Returns void

  • mockPrompterStart(): string
  • Start the mock prompter. This is often used from the setup() function of tests.

    Starts the mock prompter in an additional thread. Use the returned DBus bus name with gcr_system_prompt_open_for_prompter() to connect to this prompter.

    Returns string

  • mockPrompterStop(): void
  • Stop the mock prompter. This is often used from the teardown() function of tests.

    Returns void

  • parsedUnref(parsed: object): void
  • Unreferences a parsed item which was referenced with gcr_parsed_ref()

    Parameters

    • parsed: object

      a parsed item

    Returns void

  • Add a #GckModule to the list of PKCS#11 modules that are used by the GCR library.

    It is not normally necessary to call this function. The available PKCS#11 modules installed on the system are automatically loaded by the GCR library.

    Parameters

    Returns void

  • pkcs11AddModuleFromFile(modulePath: string, unused: object): boolean
  • Initialize a PKCS#11 module and add it to the modules that are used by the GCR library. Note that is an error to initialize the same PKCS#11 module twice.

    It is not normally necessary to call this function. The available PKCS#11 modules installed on the system are automatically loaded by the GCR library.

    Parameters

    • modulePath: string

      the full file path of the PKCS#11 module

    • unused: object

      unused

    Returns boolean

  • List all the PKCS#11 modules that are used by the GCR library. Each module is a [classGck.Module] object.

    An empty list of modules will be returned if [funcpkcs11_set_modules], or [funcpkcs11_initialize] has not yet run.

    When done with the list, free it with gck_list_unref_free().

    Returns Gck.Module[]

  • pkcs11GetTrustLookupSlots(): Gck.Slot[]
  • List all the PKCS#11 slots that are used by the GCR library for lookup of trust assertions. Each slot is a [classGck.Slot] object.

    This will return an empty list if the [funcpkcs11_initialize] function has not yet been called.

    Returns Gck.Slot[]

  • pkcs11GetTrustLookupUris(): string[] | null
  • Get the PKCS#11 URIs that are used to identify which slots to use for lookup trust assertions.

    Returns string[] | null

  • pkcs11GetTrustStoreSlot(): Gck.Slot | null
  • Selects an appropriate PKCS#11 slot to store trust assertions. The slot to use is normally configured automatically by the system.

    This will only return a valid result after the [funcpkcs11_initialize] method has been called.

    When done with the #GckSlot, use g_object_unref() to release it.

    Returns Gck.Slot | null

  • pkcs11GetTrustStoreUri(): string | null
  • Get the PKCS#11 URI that is used to identify which slot to use for storing trust storage.

    Returns string | null

  • Asynchronously initialize the registered PKCS#11 modules.

    Parameters

    • cancellable: Gio.Cancellable

      optional cancellable used to cancel the operation

    Returns boolean

  • Asynchronously initialize the registered PKCS#11 modules.

    Parameters

    • cancellable: Gio.Cancellable

      optional cancellable used to cancel the operation

    • callback: AsyncReadyCallback

      callback which will be called when the operation completes

    Returns void

  • Complete the asynchronous operation to initialize the registered PKCS#11 modules.

    Parameters

    Returns boolean

  • pkcs11SetModules(modules: Gck.Module[]): void
  • Set the list of PKCS#11 modules that are used by the GCR library. Each module in the list is a [classGck.Module] object.

    It is not normally necessary to call this function. The available PKCS#11 modules installed on the system are automatically loaded by the GCR library.

    Parameters

    • modules: Gck.Module[]

      a list of PKCS#11 modules

    Returns void

  • pkcs11SetTrustLookupUris(pkcs11Uris: string): void
  • Set the PKCS#11 URIs that are used to identify which slots to use for lookup of trust assertions.

    It is not normally necessary to call this function. The relevant PKCS#11 slots are automatically configured by the GCR library.

    Parameters

    • pkcs11Uris: string

      the uris which identifies trust lookup slots

    Returns void

  • pkcs11SetTrustStoreUri(pkcs11Uri: string): void
  • Set the PKCS#11 URI that is used to identify which slot to use for storing trust assertions.

    It is not normally necessary to call this function. The relevant PKCS#11 slot is automatically configured by the GCR library.

    Parameters

    • pkcs11Uri: string

      the uri which identifies trust storage slot

    Returns void

  • Add a pinned certificate for connections to peer for purpose. A pinned certificate overrides all other certificate verification and should be used with care.

    If the same pinned certificate already exists, then this operation does not add another, and succeeds without error.

    This call may block, see gcr_trust_add_pinned_certificate_async() for the non-blocking version.

    Parameters

    • certificate: Gcr.Certificate

      a #GcrCertificate

    • purpose: string

      the purpose string

    • peer: string

      the peer for this pinned certificate

    • cancellable: Gio.Cancellable

      a #GCancellable

    Returns boolean

  • Add a pinned certificate for communication with peer for purpose. A pinned certificate overrides all other certificate verification and should be used with care.

    If the same pinned certificate already exists, then this operation does not add another, and succeeds without error.

    When the operation is finished, callback will be called. You can then call [funcGcr.trust_add_pinned_certificate_finish] to get the result of the operation.

    Parameters

    • certificate: Gcr.Certificate

      a #GcrCertificate

    • purpose: string

      the purpose string

    • peer: string

      the peer for this pinned certificate

    • cancellable: Gio.Cancellable

      a #GCancellable

    • callback: AsyncReadyCallback

      a #GAsyncReadyCallback to call when the operation completes

    Returns void

  • trustAddPinnedCertificateFinish(result: AsyncResult): boolean
  • Finishes an asynchronous operation started by gcr_trust_add_pinned_certificate_async().

    Parameters

    • result: AsyncResult

      the #GAsyncResult passed to the callback

    Returns boolean

  • Check if the certificate is a trust anchor for the given purpose. A trust anchor is used to verify the signatures on other certificates when verifying a certificate chain. Also known as a trusted certificate authority.

    This call may block, see [funcGcr.trust_is_certificate_anchored_async] for the non-blocking version.

    In the case of an error, %FALSE is also returned. Check error to detect if an error occurred.

    Parameters

    Returns boolean

  • Check if the certificate is a trust anchor for the given purpose. A trust anchor is used to verify the signatures on other certificates when verifying a certificate chain. Also known as a trusted certificate authority.

    When the operation is finished, callback will be called. You can then call gcr_trust_is_certificate_anchored_finish() to get the result of the operation.

    Parameters

    Returns void

  • trustIsCertificateAnchoredFinish(result: AsyncResult): boolean
  • Finishes an asynchronous operation started by gcr_trust_is_certificate_anchored_async().

    In the case of an error, %FALSE is also returned. Check error to detect if an error occurred.

    Parameters

    • result: AsyncResult

      the #GAsyncResult passed to the callback

    Returns boolean

  • Check if certificate is pinned for purpose to communicate with peer. A pinned certificate overrides all other certificate verification.

    This call may block, see gcr_trust_is_certificate_pinned_async() for the non-blocking version.

    In the case of an error, %FALSE is also returned. Check error to detect if an error occurred.

    Parameters

    • certificate: Gcr.Certificate

      a #GcrCertificate to check

    • purpose: string

      the purpose string

    • peer: string

      the peer for this pinned

    • cancellable: Gio.Cancellable

      a #GCancellable

    Returns boolean

  • Check if certificate is pinned for purpose to communicate with peer. A pinned certificate overrides all other certificate verification.

    When the operation is finished, callback will be called. You can then call [funcGcr.trust_is_certificate_pinned_finish] to get the result of the operation.

    Parameters

    • certificate: Gcr.Certificate

      a #GcrCertificate to check

    • purpose: string

      the purpose string

    • peer: string

      the peer for this pinned

    • cancellable: Gio.Cancellable

      a #GCancellable

    • callback: AsyncReadyCallback

      a #GAsyncReadyCallback to call when the operation completes

    Returns void

  • trustIsCertificatePinnedFinish(result: AsyncResult): boolean
  • Finishes an asynchronous operation started by gcr_trust_is_certificate_pinned_async().

    In the case of an error, %FALSE is also returned. Check error to detect if an error occurred.

    Parameters

    • result: AsyncResult

      the #GAsyncResult passed to the callback

    Returns boolean

  • Remove a pinned certificate for communication with peer for purpose.

    If the same pinned certificate does not exist, or was already removed, then this operation succeeds without error.

    This call may block, see gcr_trust_remove_pinned_certificate_async() for the non-blocking version.

    Parameters

    • certificate: Gcr.Certificate

      a #GcrCertificate

    • purpose: string

      the purpose string

    • peer: string

      the peer for this pinned certificate

    • cancellable: Gio.Cancellable

      a #GCancellable

    Returns boolean

  • Remove a pinned certificate for communication with peer for purpose.

    If the same pinned certificate does not exist, or was already removed, then this operation succeeds without error.

    When the operation is finished, callback will be called. You can then call gcr_trust_remove_pinned_certificate_finish() to get the result of the operation.

    Parameters

    • certificate: Gcr.Certificate

      a #GcrCertificate

    • purpose: string

      the purpose string

    • peer: string

      the peer for this pinned certificate

    • cancellable: Gio.Cancellable

      a #GCancellable

    • callback: AsyncReadyCallback

      a #GAsyncReadyCallback to call when the operation completes

    Returns void

  • trustRemovePinnedCertificateFinish(result: AsyncResult): boolean
  • Finishes an asynchronous operation started by gcr_trust_remove_pinned_certificate_async().

    Parameters

    • result: AsyncResult

      the #GAsyncResult passed to the callback

    Returns boolean

Legend

  • Module
  • Object literal
  • Variable
  • Function
  • Function with type parameter
  • Index signature
  • Type alias
  • Type alias with type parameter
  • Enumeration
  • Enumeration member
  • Property
  • Method
  • Interface
  • Interface with type parameter
  • Constructor
  • Property
  • Method
  • Index signature
  • Class
  • Class with type parameter
  • Constructor
  • Property
  • Method
  • Accessor
  • Index signature
  • Inherited constructor
  • Inherited property
  • Inherited method
  • Inherited accessor
  • Protected property
  • Protected method
  • Protected accessor
  • Private property
  • Private method
  • Private accessor
  • Static property
  • Static method