static gconstpointer
_gcr_certificate_get_subject_const (GcrCertificate *self, gsize *n_data)
{
GcrCertificateInfo *info;
info = certificate_info_load (self);
g_return_val_if_fail (info, NULL);
return egg_asn1x_get_raw_element (egg_asn1x_node (info->asn1, "tbsCertificate", "subject", NULL), n_data);
}
/**
* gcr_certificate_get_subject_dn:
* @self: a #GcrCertificate
*
* Get the full subject DN of the certificate as a (mostly)
* readable string.
*
* The string returned should be freed by the caller when no longer
* required.
*
* Returns: The allocated subject DN of the certificate.
*/
gchar*
gcr_certificate_get_subject_dn (GcrCertificate *self)
{
GcrCertificateInfo *info;
g_return_val_if_fail (GCR_IS_CERTIFICATE (self), NULL);
info = certificate_info_load (self);
g_return_val_if_fail (info, NULL);
return egg_dn_read (egg_asn1x_node (info->asn1, "tbsCertificate", "subject", "rdnSequence", NULL));
}
/**
* gcr_certificate_get_issuer_part:
* @self: a #GcrCertificate
* @part: a DN type string or OID.
*
* Get a part of the DN of the issuer of this certificate.
*
* Examples of a @part might be the 'OU' (organizational unit)
* or the 'CN' (common name). Only the value of that part
* of the DN is returned.
*
* The string returned should be freed by the caller when no longer
* required.
*
* Returns: The allocated part of the issuer DN, or NULL if no such part is present.
*/
gchar*
gcr_certificate_get_issuer_part (GcrCertificate *self, const char *part)
{
GcrCertificateInfo *info;
g_return_val_if_fail (GCR_IS_CERTIFICATE (self), NULL);
info = certificate_info_load (self);
g_return_val_if_fail (info, NULL);
return egg_dn_read_part (egg_asn1x_node (info->asn1, "tbsCertificate", "issuer", "rdnSequence", NULL), part);
}
static EggBytes *
_gcr_certificate_get_subject_const (GcrCertificate *self)
{
GcrCertificateInfo *info;
g_return_val_if_fail (GCR_IS_CERTIFICATE (self), NULL);
info = certificate_info_load (self);
g_return_val_if_fail (info, NULL);
return egg_asn1x_get_element_raw (egg_asn1x_node (info->asn1, "tbsCertificate", "subject", NULL));
}
/**
* gcr_certificate_get_serial_number:
* @self: a #GcrCertificate
* @n_length: the length of the returned data.
*
* Get the raw binary serial number of the certificate.
*
* The caller should free the returned data using g_free() when
* it is no longer required.
*
* Returns: the raw binary serial number.
*/
guchar*
gcr_certificate_get_serial_number (GcrCertificate *self, gsize *n_length)
{
GcrCertificateInfo *info;
g_return_val_if_fail (GCR_IS_CERTIFICATE (self), NULL);
g_return_val_if_fail (n_length, NULL);
info = certificate_info_load (self);
g_return_val_if_fail (info, NULL);
return egg_asn1x_get_integer_as_raw (egg_asn1x_node (info->asn1, "tbsCertificate", "serialNumber", NULL), NULL, n_length);
}
/**
* gcr_certificate_get_key_size:
* @self: a #GcrCertificate
*
* Get the key size in bits of the public key represented
* by this certificate.
*
* Returns: The key size of the certificate.
*/
guint
gcr_certificate_get_key_size (GcrCertificate *self)
{
GcrCertificateInfo *info;
g_return_val_if_fail (GCR_IS_CERTIFICATE (self), 0);
info = certificate_info_load (self);
g_return_val_if_fail (info, 0);
if (!info->key_size)
info->key_size = calculate_key_size (info);
return info->key_size;
}
/**
* gcr_certificate_get_subject_raw:
* @self: a #GcrCertificate
* @n_data: The length of the returned data.
*
* Get the raw DER data for the subject DN of the certificate.
*
* The data should be freed by using g_free() when no longer required.
*
* Returns: allocated memory containing the raw subject.
*/
gpointer
gcr_certificate_get_subject_raw (GcrCertificate *self, gsize *n_data)
{
GcrCertificateInfo *info;
gconstpointer data;
g_return_val_if_fail (GCR_IS_CERTIFICATE (self), NULL);
g_return_val_if_fail (n_data, NULL);
info = certificate_info_load (self);
g_return_val_if_fail (info, NULL);
data = _gcr_certificate_get_subject_const (self, n_data);
return g_memdup (data, data ? *n_data : 0);
}
/**
* gcr_certificate_get_expiry_date:
* @self: a #GcrCertificate
*
* Get the expiry date of this certificate.
*
* The #GDate returned should be freed by the caller using
* g_date_free() when no longer required.
*
* Returns: An allocated expiry date of this certificate.
*/
GDate*
gcr_certificate_get_expiry_date (GcrCertificate *self)
{
GcrCertificateInfo *info;
GDate *date;
g_return_val_if_fail (GCR_IS_CERTIFICATE (self), NULL);
info = certificate_info_load (self);
g_return_val_if_fail (info, NULL);
date = g_date_new ();
if (!egg_asn1x_get_time_as_date (egg_asn1x_node (info->asn1, "tbsCertificate", "validity", "notAfter", NULL), date)) {
g_date_free (date);
return NULL;
}
return date;
}
/**
* gcr_certificate_get_key_size:
* @self: a #GcrCertificate
*
* Get the key size in bits of the public key represented
* by this certificate.
*
* Returns: The key size of the certificate.
*/
guint
gcr_certificate_get_key_size (GcrCertificate *self)
{
GcrCertificateInfo *info;
GNode *subject_public_key;
g_return_val_if_fail (GCR_IS_CERTIFICATE (self), 0);
info = certificate_info_load (self);
g_return_val_if_fail (info, 0);
if (!info->key_size) {
subject_public_key = egg_asn1x_node (info->asn1, "tbsCertificate",
"subjectPublicKeyInfo", NULL);
info->key_size = _gcr_subject_public_key_calculate_size (subject_public_key);
}
return info->key_size;
}
/**
* gcr_certificate_get_serial_number:
* @self: a #GcrCertificate
* @n_length: the length of the returned data.
*
* Get the raw binary serial number of the certificate.
*
* The caller should free the returned data using g_free() when
* it is no longer required.
*
* Returns: (array length=n_length): the raw binary serial number.
*/
guchar *
gcr_certificate_get_serial_number (GcrCertificate *self, gsize *n_length)
{
GcrCertificateInfo *info;
EggBytes *bytes;
guchar *result;
g_return_val_if_fail (GCR_IS_CERTIFICATE (self), NULL);
g_return_val_if_fail (n_length != NULL, NULL);
info = certificate_info_load (self);
g_return_val_if_fail (info, NULL);
bytes = egg_asn1x_get_integer_as_raw (egg_asn1x_node (info->asn1, "tbsCertificate", "serialNumber", NULL));
g_return_val_if_fail (bytes != NULL, NULL);
*n_length = egg_bytes_get_size (bytes);
result = g_memdup (egg_bytes_get_data (bytes), *n_length);
egg_bytes_unref (bytes);
return result;
}
/**
* gcr_certificate_get_basic_constraints:
* @self: the certificate
* @is_ca: (allow-none): location to place a %TRUE if is an authority
* @path_len: (allow-none): location to place the max path length
*
* Get the basic constraints for the certificate if present. If %FALSE is
* returned then no basic constraints are present and the @is_ca and
* @path_len arguments are not changed.
*
* Returns: whether basic constraints are present or not
*/
gboolean
gcr_certificate_get_basic_constraints (GcrCertificate *self,
gboolean *is_ca,
gint *path_len)
{
GcrCertificateInfo *info;
EggBytes *value;
g_return_val_if_fail (GCR_IS_CERTIFICATE (self), FALSE);
info = certificate_info_load (self);
g_return_val_if_fail (info, FALSE);
value = _gcr_certificate_extension_find (info->asn1, GCR_OID_BASIC_CONSTRAINTS, NULL);
if (!value)
return FALSE;
if (!_gcr_certificate_extension_basic_constraints (value, is_ca, path_len))
g_return_val_if_reached (FALSE);
egg_bytes_unref (value);
return TRUE;
}
