1  /* GIO - GLib Input, Output and Streaming Library
       2   *
       3   * Copyright © 2010 Collabora, Ltd
       4   *
       5   * SPDX-License-Identifier: LGPL-2.1-or-later
       6   *
       7   * This library is free software; you can redistribute it and/or
       8   * modify it under the terms of the GNU Lesser General Public
       9   * License as published by the Free Software Foundation; either
      10   * version 2.1 of the License, or (at your option) any later version.
      11   *
      12   * This library is distributed in the hope that it will be useful,
      13   * but WITHOUT ANY WARRANTY; without even the implied warranty of
      14   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
      15   * Lesser General Public License for more details.
      16   *
      17   * You should have received a copy of the GNU Lesser General
      18   * Public License along with this library; if not, see <http://www.gnu.org/licenses/>.
      19   *
      20   * Author: Stef Walter <stefw@collabora.co.uk>
      21   */
      22  
      23  #include "config.h"
      24  
      25  #include "gtlsfiledatabase.h"
      26  
      27  #include "ginitable.h"
      28  #include "gtlsbackend.h"
      29  #include "gtlsdatabase.h"
      30  #include "glibintl.h"
      31  
      32  /**
      33   * GTlsFileDatabase:
      34   *
      35   * `GTlsFileDatabase` is implemented by [class@Gio.TlsDatabase] objects which
      36   * load their certificate information from a file. It is an interface which
      37   * TLS library specific subtypes implement.
      38   *
      39   * Since: 2.30
      40   */
      41  
      42  G_DEFINE_INTERFACE (GTlsFileDatabase, g_tls_file_database, G_TYPE_TLS_DATABASE)
      43  
      44  static void
      45  g_tls_file_database_default_init (GTlsFileDatabaseInterface *iface)
      46  {
      47    /**
      48     * GTlsFileDatabase:anchors:
      49     *
      50     * The path to a file containing PEM encoded certificate authority
      51     * root anchors. The certificates in this file will be treated as
      52     * root authorities for the purpose of verifying other certificates
      53     * via the g_tls_database_verify_chain() operation.
      54     *
      55     * Since: 2.30
      56     */
      57    g_object_interface_install_property (iface,
      58                                         g_param_spec_string ("anchors", NULL, NULL,
      59                                                             NULL,
      60                                                             G_PARAM_READWRITE |
      61                                                             G_PARAM_CONSTRUCT |
      62                                                             G_PARAM_STATIC_STRINGS));
      63  }
      64  
      65  /**
      66   * g_tls_file_database_new:
      67   * @anchors: (type filename): filename of anchor certificate authorities.
      68   * @error: #GError for error reporting, or %NULL to ignore.
      69   *
      70   * Creates a new #GTlsFileDatabase which uses anchor certificate authorities
      71   * in @anchors to verify certificate chains.
      72   *
      73   * The certificates in @anchors must be PEM encoded.
      74   *
      75   * Returns: (transfer full) (type GTlsFileDatabase): the new
      76   * #GTlsFileDatabase, or %NULL on error
      77   *
      78   * Since: 2.30
      79   */
      80  GTlsDatabase*
      81  g_tls_file_database_new (const gchar     *anchors,
      82                           GError         **error)
      83  {
      84    GObject *database;
      85    GTlsBackend *backend;
      86  
      87    backend = g_tls_backend_get_default ();
      88    database = g_initable_new (g_tls_backend_get_file_database_type (backend),
      89                               NULL, error,
      90                               "anchors", anchors,
      91                               NULL);
      92    return G_TLS_DATABASE (database);
      93  }