/**
* gcr_certificate_get_subject_raw:
* @self: a #GcrCertificate
* @n_data: The length of the returned data.
*
* Get the raw DER data for the subject DN of the certificate.
*
* The data should be freed by using g_free() when no longer required.
*
* Returns: allocated memory containing the raw subject.
*/
gpointer
gcr_certificate_get_subject_raw (GcrCertificate *self, gsize *n_data)
{
GcrCertificateInfo *info;
gconstpointer data;
g_return_val_if_fail (GCR_IS_CERTIFICATE (self), NULL);
g_return_val_if_fail (n_data, NULL);
info = certificate_info_load (self);
g_return_val_if_fail (info, NULL);
data = _gcr_certificate_get_subject_const (self, n_data);
return g_memdup (data, data ? *n_data : 0);
}
/**
* gcr_certificate_is_issuer:
* @self: a #GcrCertificate
* @issuer: a possible issuer #GcrCertificate
*
* Check if @issuer could be the issuer of this certificate. This is done by
* comparing the relevant subject and issuer fields. No signature check is
* done. Proper verification of certificates must be done via a crypto
* library.
*
* Returns: whether @issuer could be the issuer of the certificate.
*/
gboolean
gcr_certificate_is_issuer (GcrCertificate *self, GcrCertificate *issuer)
{
gconstpointer subject_dn, issuer_dn;
gsize n_subject_dn, n_issuer_dn;
g_return_val_if_fail (GCR_IS_CERTIFICATE (self), FALSE);
g_return_val_if_fail (GCR_IS_CERTIFICATE (issuer), FALSE);
subject_dn = _gcr_certificate_get_subject_const (issuer, &n_subject_dn);
g_return_val_if_fail (subject_dn, FALSE);
issuer_dn = _gcr_certificate_get_issuer_const (self, &n_issuer_dn);
g_return_val_if_fail (issuer_dn, FALSE);
return (n_issuer_dn == n_subject_dn &&
memcmp (issuer_dn, subject_dn, n_issuer_dn) == 0);
}
/**
* gcr_certificate_get_subject_raw:
* @self: a #GcrCertificate
* @n_data: The length of the returned data.
*
* Get the raw DER data for the subject DN of the certificate.
*
* The data should be freed by using g_free() when no longer required.
*
* Returns: (transfer full) (array length=n_data): allocated memory containing
* the raw subject
*/
guchar *
gcr_certificate_get_subject_raw (GcrCertificate *self, gsize *n_data)
{
EggBytes *bytes;
guchar *result;
g_return_val_if_fail (GCR_IS_CERTIFICATE (self), NULL);
g_return_val_if_fail (n_data != NULL, NULL);
bytes = _gcr_certificate_get_subject_const (self);
if (bytes == NULL)
return NULL;
*n_data = egg_bytes_get_size (bytes);
result = g_memdup (egg_bytes_get_data (bytes), *n_data);
egg_bytes_unref (bytes);
return result;
}
/**
* gcr_certificate_is_issuer:
* @self: a #GcrCertificate
* @issuer: a possible issuer #GcrCertificate
*
* Check if @issuer could be the issuer of this certificate. This is done by
* comparing the relevant subject and issuer fields. No signature check is
* done. Proper verification of certificates must be done via a crypto
* library.
*
* Returns: whether @issuer could be the issuer of the certificate.
*/
gboolean
gcr_certificate_is_issuer (GcrCertificate *self, GcrCertificate *issuer)
{
EggBytes *subject_dn;
EggBytes *issuer_dn;
gboolean ret;
g_return_val_if_fail (GCR_IS_CERTIFICATE (self), FALSE);
g_return_val_if_fail (GCR_IS_CERTIFICATE (issuer), FALSE);
subject_dn = _gcr_certificate_get_subject_const (issuer);
g_return_val_if_fail (subject_dn, FALSE);
issuer_dn = _gcr_certificate_get_issuer_const (self);
g_return_val_if_fail (issuer_dn, FALSE);
ret = egg_bytes_equal (subject_dn, issuer_dn);
egg_bytes_unref (subject_dn);
egg_bytes_unref (issuer_dn);
return ret;
}
