Gcr.CertificateChain – gcr-3 – Vala Binding Reference

Description:

[ CCode ( type_id = "gcr_certificate_chain_get_type ()" ) ]
public class CertificateChain : Object

Represents a chain of certificates, normally used to validate the trust in a certificate.

An X.509 certificate chain has one endpoint certificate (the one for which trust is being verified) and then in turn the certificate that issued each previous certificate in the chain.

This functionality is for building of certificate chains not for validating them. Use your favorite crypto library to validate trust in a certificate chain once its built.

The order of certificates in the chain should be first the endpoint certificates and then the signing certificates.

Create a new certificate chain with [[email protected]] and then add the certificates with [[email protected]].

You can then use [[email protected]] to build the remainder of the chain. This will lookup missing certificates in PKCS#11 modules and also check that each certificate in the chain is the signer of the previous one. If a trust anchor, pinned certificate, or self-signed certificate is found, then the chain is considered built. Any extra certificates are removed from the chain.

Once the certificate chain has been built, you can access its status through [[email protected]_status]. The status signifies whether the chain is anchored on a trust root, self-signed, incomplete etc. See [enum@CertificateChainStatus] for information on the various statuses.

It's important to understand that the building of a certificate chain is merely the first step towards verifying trust in a certificate.

Namespace: Gcr

Package: gcr-3

Content:

Properties:

public uint length { get; }

The length of the certificate chain.

Creation methods:

public CertificateChain ()

Create a new CertificateChain.

Methods:

public void add (Certificate certificate)

Add certificate to the chain.

public bool build (string purpose, string? peer, CertificateChainFlags flags, Cancellable? cancellable = null) throws Error

Complete a certificate chain.

public async bool build_async (string purpose, string? peer, CertificateChainFlags flags, Cancellable? cancellable) throws Error

Complete a certificate chain.

public unowned Certificate get_anchor ()

If the certificate chain has been built and is of status gcr_certificate_chain_anchored, then this will return the anchor certificate that was found.

public unowned Certificate get_certificate (uint index)

Get a certificate in the chain.

public unowned Certificate get_endpoint ()

Get the endpoint certificate in the chain.

public uint get_length ()

Get the length of the certificate chain.

public CertificateChainStatus get_status ()

Get the status of a certificate chain.

Inherited Members:

All known members inherited from class GLib.Object

@get
@new
@ref
@set
add_toggle_ref
add_weak_pointer
bind_property
connect
constructed
disconnect
dispose
dup_data
dup_qdata
force_floating
freeze_notify
get_class
get_data

get_property
get_qdata
get_type
getv
interface_find_property
interface_install_property
interface_list_properties
is_floating
new_valist
new_with_properties
newv
notify
notify_property
ref_count
ref_sink
remove_toggle_ref
remove_weak_pointer

replace_data
replace_qdata
set_data
set_data_full
set_property
set_qdata
set_qdata_full
set_valist
setv
steal_data
steal_qdata
thaw_notify
unref
watch_closure
weak_ref
weak_unref