Gcr.Certificate

g GObject.GInterface GObject.GInterface Gcr.Certificate Gcr.Certificate GObject.GInterface->Gcr.Certificate

Implementations:

Gcr.Pkcs11Certificate, Gcr.SimpleCertificate

Methods

get_basic_constraints ()

get_der_data ()

get_expiry_date ()

get_fingerprint (type)

get_fingerprint_hex (type)

get_interface_elements ()

get_issued_date ()

get_issuer_cn ()

get_issuer_dn ()

get_issuer_name ()

get_issuer_part (part)

get_issuer_raw ()

get_key_size ()

get_serial_number ()

get_serial_number_hex ()

get_subject_cn ()

get_subject_dn ()

get_subject_name ()

get_subject_part (part)

get_subject_raw ()

is_issuer (issuer)

mixin_emit_notify ()

Virtual Methods

do_get_der_data ()

Properties

Name

Type

Flags

Short Description

description

str

r

Description of object being rendered

expiry-date

GLib.DateTime

r

Certificate expiry date

issuer-name

str

r

Common name of issuer

label

str

r

Certificate label

subject-name

str

r

Common name of subject

Signals

None

Fields

None

Class Details

class Gcr.Certificate
Bases:

GObject.GInterface

Structure:

Gcr.CertificateIface

An interface that represents an X.509 certificate.

Objects can implement this interface to make a certificate usable with the GCR library.

Various methods are available to parse out relevant bits of the certificate. However no verification of the validity of a certificate is done here. Use your favorite crypto library to do this.

You can use [class`SimpleCertificate`] to simply load a certificate for which you already have the raw certificate data.

The Gcr.Certificate interface has several properties that must be implemented. You can use a mixin to implement these properties if desired. See the gcr_certificate_mixin_class_init() and gcr_certificate_mixin_get_property() functions.

get_basic_constraints()[source]
Returns:

whether basic constraints are present or not

is_ca:

location to place a True if is an authority

path_len:

location to place the max path length

Return type:

(bool, is_ca: bool, path_len: int)

Get the basic constraints for the certificate if present. If False is returned then no basic constraints are present and the is_ca and path_len arguments are not changed.

get_der_data()[source]
Returns:

raw DER data of the X.509 certificate

Return type:

bytes

Gets the raw DER data for an X.509 certificate.

get_expiry_date()[source]
Returns:

An expiry date of this certificate.

Return type:

GLib.DateTime or None

Get the expiry date of this certificate.

get_fingerprint(type)[source]
Parameters:

type (GLib.ChecksumType) – the type of algorithm for the fingerprint.

Returns:

the raw binary fingerprint

Return type:

bytes or None

Calculate the fingerprint for this certificate.

The caller should free the returned data using GLib.free() when it is no longer required.

get_fingerprint_hex(type)[source]
Parameters:

type (GLib.ChecksumType) – the type of algorithm for the fingerprint.

Returns:

an allocated hex string which contains the fingerprint.

Return type:

str or None

Calculate the fingerprint for this certificate, and return it as a hex string.

The caller should free the returned data using GLib.free() when it is no longer required.

get_interface_elements()[source]
Returns:

A GLib.List of Gcr.CertificateSection

Return type:

[Gcr.CertificateSection]

Get the list of sections from the certificate that can be shown to the user interface.

get_issued_date()[source]
Returns:

A issued date of this certificate.

Return type:

GLib.DateTime or None

Get the issued date of this certificate.

get_issuer_cn()[source]
Returns:

The allocated issuer CN, or None if no issuer CN present.

Return type:

str or None

Get the common name of the issuer of this certificate.

The string returned should be freed by the caller when no longer required.

get_issuer_dn()[source]
Returns:

The allocated issuer DN of the certificate.

Return type:

str or None

Get the full issuer DN of the certificate as a (mostly) readable string.

The string returned should be freed by the caller when no longer required.

get_issuer_name()[source]
Returns:

the allocated issuer name, or None if no issuer name

Return type:

str or None

Get a name to represent the issuer of this certificate.

This will try to lookup the common name, orianizational unit, organization in that order.

get_issuer_part(part)[source]
Parameters:

part (str) – a DN type string or OID.

Returns:

the allocated part of the issuer DN, or None if no such part is present

Return type:

str or None

Get a part of the DN of the issuer of this certificate.

Examples of a part might be the ‘OU’ (organizational unit) or the ‘CN’ (common name). Only the value of that part of the DN is returned.

The string returned should be freed by the caller when no longer required.

get_issuer_raw()[source]
Returns:

allocated memory containing the raw issuer

Return type:

bytes or None

Get the raw DER data for the issuer DN of the certificate.

The data should be freed by using GLib.free() when no longer required.

get_key_size()[source]
Returns:

The key size of the certificate.

Return type:

int

Get the key size in bits of the public key represented by this certificate.

get_serial_number()[source]
Returns:

the raw binary serial number.

Return type:

bytes or None

Get the raw binary serial number of the certificate.

The caller should free the returned data using GLib.free() when it is no longer required.

get_serial_number_hex()[source]
Returns:

an allocated string containing the serial number as hex.

Return type:

str or None

Get the serial number of the certificate as a hex string.

The caller should free the returned data using GLib.free() when it is no longer required.

get_subject_cn()[source]
Returns:

The allocated subject CN, or None if no subject CN present.

Return type:

str or None

Get the common name of the subject of this certificate.

The string returned should be freed by the caller when no longer required.

get_subject_dn()[source]
Returns:

The allocated subject DN of the certificate.

Return type:

str or None

Get the full subject DN of the certificate as a (mostly) readable string.

The string returned should be freed by the caller when no longer required.

get_subject_name()[source]
Returns:

the allocated subject name, or None if no subject name

Return type:

str or None

Get a name to represent the subject of this certificate.

This will try to lookup the common name, orianizational unit, organization in that order.

get_subject_part(part)[source]
Parameters:

part (str) – a DN type string or OID.

Returns:

the allocated part of the subject DN, or None if no such part is present.

Return type:

str or None

Get a part of the DN of the subject of this certificate.

Examples of a part might be the ‘OU’ (organizational unit) or the ‘CN’ (common name). Only the value of that part of the DN is returned.

The string returned should be freed by the caller when no longer required.

get_subject_raw()[source]
Returns:

allocated memory containing the raw subject

Return type:

bytes or None

Get the raw DER data for the subject DN of the certificate.

The data should be freed by using GLib.free() when no longer required.

is_issuer(issuer)[source]
Parameters:

issuer (Gcr.Certificate) – a possible issuer Gcr.Certificate

Returns:

whether issuer could be the issuer of the certificate.

Return type:

bool

Check if issuer could be the issuer of this certificate. This is done by comparing the relevant subject and issuer fields. No signature check is done. Proper verification of certificates must be done via a crypto library.

mixin_emit_notify()[source]

Implementers of the Gcr.Certificate mixin should call this function to notify when the certificate has changed to emit notifications on the various properties.

do_get_der_data() virtual
Returns:

raw DER data of the X.509 certificate

Return type:

bytes

Gets the raw DER data for an X.509 certificate.

Property Details

Gcr.Certificate.props.description
Name:

description

Type:

str

Default Value:

''

Flags:

READABLE

A readable description for this certificate

Gcr.Certificate.props.expiry_date
Name:

expiry-date

Type:

GLib.DateTime

Default Value:

None

Flags:

READABLE

The expiry date of the certificate

Gcr.Certificate.props.issuer_name
Name:

issuer-name

Type:

str

Default Value:

''

Flags:

READABLE

Common name part of the certificate issuer

Gcr.Certificate.props.label
Name:

label

Type:

str

Default Value:

''

Flags:

READABLE

A readable label for this certificate.

Gcr.Certificate.props.subject_name
Name:

subject-name

Type:

str

Default Value:

''

Flags:

READABLE

Common name of subject