Commit Graph

49 Commits

Author SHA1 Message Date
Philip Withnall
2c75c392eb gtlscertificate: Hold a ref on the root certificate when building chains
This is unlikely to be a bug in practice, as the certificate pointed to
by `root` should have a ref held on it as the issuer of another
certificate in the chain.

However, we can’t guarantee that’s how the `GTlsCertificate`
implementation behaves, so keep a temporary ref on `root` until it’s no
longer needed.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>

Coverity CID: #1489985
2022-06-21 12:11:27 +01:00
Philip Withnall
5942cd7984 gio: Add SPDX license headers automatically
Add SPDX license (but not copyright) headers to all files which follow a
certain pattern in their existing non-machine-readable header comment.

This commit was entirely generated using the command:
```
git ls-files gio/*.[ch] | xargs perl -0777 -pi -e 's/\n \*\n \* This library is free software; you can redistribute it and\/or\n \* modify it under the terms of the GNU Lesser General Public/\n \*\n \* SPDX-License-Identifier: LGPL-2.1-or-later\n \*\n \* This library is free software; you can redistribute it and\/or\n \* modify it under the terms of the GNU Lesser General Public/igs'
```

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>

Helps: #1415
2022-05-18 09:18:52 +01:00
Loic Le Page
49d0c5a90b Fix redefinition of local variable in gio/gtlscertificate.c 2022-04-01 00:18:40 +01:00
Sebastian Dröge
1979bfed4b Add (array length) annotation to g_tls_certificate_new_from_pkcs12() 2022-01-25 12:39:18 +02:00
Patrick Griffis
96ce3feeb9 gtlscertificate: Add ability to load PKCS #12 encrypted files
This depends on the GTlsBackend implementing these properties
2022-01-07 11:27:56 -06:00
Michael Catanzaro
a6a41cfc17 gtlscertificate: tone down warning about g_tls_certificate_verify() 2021-11-22 15:56:56 +00:00
Michael Catanzaro
780af9cff3 Document potential footgun with GTlsCertificateFlags
Once upon a time, we tried to return all possible certificate errors,
but it never actually worked reliably and nowadays we have given up.
This needs to be documented because a reasonable developer would not
expect it.

Because mistakes could be security-critical, I decided to copy the same
warning in several different places rather than relying only on
cross-referencese.
2021-11-16 15:21:21 +00:00
Michael Catanzaro
b11d3fc2f4 gtlscertificate: improve documentation
Let's explain the advantages of relying on GTlsConnection to perform
certificate verification.

Also, document that the issuer property is a little tricky, because the
issuer certificate might not be the certificate that actually gets used
in final certification path building. This is very unexpected to anybody
who is not an expert.
2021-08-04 14:39:11 -05:00
Michael Catanzaro
5e19ccd237 gtlscertificate: Add more annotations to new properties 2021-06-21 16:07:42 +00:00
Michael Catanzaro
022ea47603 gtlscertificate: add some doc links to PKCS #11 specification 2021-06-15 16:06:52 -05:00
Michael Catanzaro
c50e543e9d gtlscertificate: make private key properties readable
WebKit wants these private key properties to be readable in order to
implement a deserialization function. Currently they are read-only
because at the time GTlsCertificate was originally designed, the plan
was to support PKCS#11-backed private keys: private keys that are stored
on a smartcard, where the private key is completely unreadable. The
design goal was to support both memory-backed and smartcard-backed
private keys with the same GTlsCertificate API, abstracting away the
implementation differences such that code using GTlsCertificate doesn't
need to know the difference.

The original PKCS#11 implementation was never fully baked and at some
point in the past I deleted it all. It has since been replaced with a
new implementation, including a GTlsCertificate:private-key-pkcs11-uri
property, which is readable. So our current API already exposes the
differences between normal private keys and PKCS#11-backed private keys.
The point of making the private-key and private-key-pem properties
write-only was to avoid exposing this difference.

Do we have to make this API function readable? No, because WebKit could
be just as well served if we were to expose serialize and deserialize
functions instead. But WebKit needs to support serializing and
deserializing the non-private portion of GTlsCertificate with older
versions of GLib anyway, so we can do whatever is nicest for GLib. And I
think making this property readable is nicest, since the original design
reason for it to not be readable is now obsolete. The disadvantage to
this approach is that it's now possible for an application to read the
private-key or private-key-pem property, receive NULL, and think "this
certificate must not have a private key," which would be incorrect if
the private-key-pkcs11-uri property is set. That seems like a minor
risk, but it should be documented.
2021-06-15 16:06:52 -05:00
Ross Wollman
4d3618cbd1 tls: expose SAN details on GTlsCertificate
This changeset exposes

* `dns-names`
* `ip-addresses`

on GTlsCertificate provided by the underlying TLS Backend.

See https://gitlab.gnome.org/GNOME/glib-networking/-/merge_requests/165 for the corresponding glib-networking changes.

Relates: https://gitlab.gnome.org/GNOME/glib/-/merge_requests/2113
Relates: https://gitlab.gnome.org/GNOME/glib-networking/-/merge_requests/156/diffs
Relates: https://github.com/microsoft/playwright/issues/6759
2021-06-10 00:54:45 +00:00
Peter Bloomfield
39f661b070 tlscertificate: Avoid possible invalid read
In various places, do not read past the end of the data.
Fixes https://gitlab.gnome.org/GNOME/glib/-/issues/2416
2021-06-04 20:46:44 -04:00
Ross A. Wollman
a17c28790a tls: expose cert details on GTlsCertificate
This changeset exposes

* `not-valid-before`
* `not-valid-after`
* `subject-name`
* `issuer-name`

on GTlsCertificate provided by the underlying TLS Backend.

In order to make use of these changes,
see the related [glib-networking MR][glib-networking].

This change aims to help populate more of the [`Certificate`][wk-cert]
info in the WebKit Inspector Protocol on Linux.

This changeset stems from work in Microsoft Playwright to [add more info
into its HAR capture][pw] generated from the Inspector Protocol events
and will bring feature parity across WebKit platforms.

[wk-cert]: 8afe31a018/Source/JavaScriptCore/inspector/protocol/Security.json
[pw]: https://github.com/microsoft/playwright/pull/6631
[glib-networking]: https://gitlab.gnome.org/GNOME/glib-networking/-/merge_requests/156
2021-06-01 16:24:33 +00:00
Patrick Griffis
e926efe8e2 docs: Fix formatting of code block 2021-04-19 11:58:35 -05:00
Sebastian Dröge
705a59a315 gio: Add missing nullable annotations 2020-11-11 13:15:21 +02:00
Patrick Griffis
f9fc29f0b7 gtlscertificate: Add support for PKCS #11 backed certificates
This reverts commit d58e5de9e9.
2020-10-01 17:09:04 +01:00
Michael Catanzaro
d58e5de9e9 Revert "gtlscertificate: Add support for PKCS #11 backed certificates"
This reverts commit b6d8efbebc.

This GLib API is good, but the implentation is not ready, so there's no
reason to commit to the API in GLib 2.64. We can reland again when the
implementation is ready.

There are three problems: (a) The glib-networking implementation normally
works, but the test has been broken for a long time. I'm not comfortable
with adding a major new feature without a working test. This is
glib-networking#104. (b) The WebKit implementation never landed. There
is a working patch, but it hasn't been accepted upstream yet. This API
isn't needed in GLib until WebKit is ready to start using it.
https://bugs.webkit.org/show_bug.cgi?id=200805. (c) Similarly, even if
the WebKit API was ready, that itself isn't useful until an application
is ready to start using it, and the Epiphany level work never happened.

Let's try again for GLib 2.66. Reverting this commit now just means we
gain another six months before committing to the API forever. No reason
to keep this in GLib 2.64 when nothing is using it yet.
2020-01-30 04:19:22 -06:00
Patrick Griffis
b6d8efbebc gtlscertificate: Add support for PKCS #11 backed certificates
This adds properties to allow backends to expose PKCS #11 support.
2019-10-02 10:12:40 -07:00
Fredrik Ternerot
a437a50694 gtlscertificate: Allow any type of private key in PEM files
Allow any type of private key in PEM files by treating PEM guards ending
with "PRIVATE KEY-----" as a private key instead of looking for a
pre-defined set of PEM guards. This enables the possibility for custom
GTlsBackend to add support for new key types.

Test cases have been expanded to ensure PEM parsing works for private
key when either header or footer is missing.

Encrypted PKCS#8 is still rejected. Test case has been added for this to
ensure behaviour is the same before and after this change.
2018-12-18 11:43:08 +01:00
Fredrik Ternerot
feff178c3f gtlscertificate: Fix bug in PEM private key parser
Make sure to not go outside of PEM data buffer when looking for private
key.

Also adding test case that triggers this bug.
2018-12-14 20:18:55 +01:00
Sébastien Wilmet
3bf4a720c3 gio/: LGPLv2+ -> LGPLv2.1+
Sub-directories inside gio/ already processed in a previous commit:
- fam/
- gdbus-2.0/ (which contains only codegen/)
- gvdb/
- inotify/
- tests/
- win32/
- xdgmime/

Other sub-directories inside gio/:
- completion/: no license headers
- kqueue/: not LGPL, BSD-style license

https://bugzilla.gnome.org/show_bug.cgi?id=776504
2017-05-29 19:53:34 +02:00
Emmanuele Bassi
f952fdf3fc Drop trailing semi-colon from G_DEFINE_ macro
It's unnecessary, and only adds visual noise; we have been fairly
inconsistent in the past, but the semi-colon-less version clearly
dominates in the code base.

https://bugzilla.gnome.org/show_bug.cgi?id=669355
2017-04-10 10:38:31 +01:00
Christian Hergert
18a33f72db introspection: use (nullable) or (optional) instead of (allow-none)
If we have an input parameter (or return value) we need to use (nullable).
However, if it is an (inout) or (out) parameter, (optional) is sufficient.

It looks like (nullable) could be used for everything according to the
Annotation documentation, but (optional) is more specific.
2016-11-22 14:14:37 -08:00
Piotr Drąg
10c490cdfe Use Unicode in translatable strings
See https://developer.gnome.org/hig/stable/typography.html

https://bugzilla.gnome.org/show_bug.cgi?id=772221
2016-10-12 21:30:42 +02:00
Christoph Reiter
f8189ddf98 gio: Add filename type annotations
https://bugzilla.gnome.org/show_bug.cgi?id=767245
2016-06-04 20:38:42 +02:00
Philip Withnall
292fd1155a gtlscertificate: Fix error reporting if a GError is not passed in
If the certificate constructor is called as:
   g_tls_certificate_new_from_pem (data, length, NULL);
and PEM parsing fails for the private key, the function would have
continued to try and create a certificate using a NULL key_pem value,
which would have failed or crashed.

Use g_propagate_error() correctly to avoid this.

Coverity CID: 1325403
2015-10-03 10:58:18 +01:00
Michael Catanzaro
587068c969 GTlsCertificate: fix loading of chain with private key
If a private key (or anything, in fact) follows the final certificate in
the file, certificate parsing will be aborted and only the first
certificate in the chain will be returned, with the private key not set.
Be tolerant of this, rather than expecting the final character in the
file to be the newline following the last certificate.

https://bugzilla.gnome.org/show_bug.cgi?id=754264
2015-08-29 08:43:29 -05:00
Xavier Claessens
74c22150cf docs: fix up docs issues in gio/ 2015-02-05 16:20:43 +01:00
Dan Winship
982d0e11d7 GTlsCertificate: fix loading of bad certificate chains
g_tls_certificate_new_from_file() was only loading the complete chain
if it was fully valid, but we only meant to be validating that it
formed an actual chain (since the caller may be planning to ignore
other errors).

https://bugzilla.gnome.org/show_bug.cgi?id=729739
2014-11-01 17:11:25 -04:00
Aleix Conchillo Flaqué
da053e345b tlscertificate: add support for certificate chains
This patch changes the behavior of the following functions:

   g_tls_certificate_new_from_pem
   g_tls_certificate_new_from_file
   g_tls_certificate_new_from_files

If more than one certificate is found it will try to load the chain.

It is assumed that the chain will be in the right order (top-level
certificate will be the last one in the file). If the chain cannot be
verified, the first certificate in the file will be returned as before.

https://bugzilla.gnome.org/show_bug.cgi?id=729739
2014-10-06 10:19:48 -07:00
Dan Winship
65f2669173 gtlscertificate: fix certificate list parsing with trailing comments
g_tls_certificate_list_new_from_file() was supposed to ignore non-PEM
content, but it accidentally required that there not be anything after
the last certificate. Fix that.

https://bugzilla.gnome.org/show_bug.cgi?id=727692
2014-04-09 10:39:45 -04:00
William Jon McCann
20f4d1820b docs: use "Returns:" consistently
Instead of "Return value:".
2014-02-19 19:41:52 -05:00
Matthias Clasen
3232425785 Docs: replace <literal> by ` 2014-02-06 08:07:16 -05:00
Matthias Clasen
42cf80780b Docs: Big entity cleanup
Strip lots of entity use from |[ ]| examples (which are now
implicit CDATA). Also remove many redundant uses of <!-- -->.
2014-02-01 12:00:30 -05:00
Daniel Mustieles
078dbda148 Updated FSF's address 2014-01-31 14:31:55 +01:00
Matthias Clasen
3872049445 Add includes to all gio docs 2014-01-07 22:55:43 -05:00
Stef Walter
7518f7a674 Revert "gtlscertificate: Add certificate-bytes and private-key-bytes props"
* In order to add contstruct properties to an abstract base
   calls, and retain ABI stability, the base class must add a
   default implementation of those properties.
 * We cannot add a default implementation of certificate-bytes
   or private-key-bytes since certificate and private-key properties
   are writable on construct-only.

This reverts commit 541c985869.

https://bugzilla.gnome.org/show_bug.cgi?id=682081
2012-08-21 13:30:02 +02:00
Stef Walter
541c985869 gtlscertificate: Add certificate-bytes and private-key-bytes props
* These properties contain the same data as certificate and
   private-key, but as GBytes

https://bugzilla.gnome.org/show_bug.cgi?id=681319
2012-08-06 22:23:20 +02:00
Stef Walter
49b35f0930 gtlscertificate: Don't confuse certificate and public key in docs
* A certificate sorta acts as a public key, but more specifically
   it contains a public key (in its subjectPublicKeyInfo) field.
 * Documentation was confusing and could have read like the
   certificate and certificate-pem properties were returning the
   public key part of the certificate.

https://bugzilla.gnome.org/show_bug.cgi?id=681158
2012-08-06 10:44:52 +02:00
Stef Walter
6ddf40f301 gtlscertificate: Add g_tls_certificate_is_same() function
* Certificate equality in PKIX in general is equality between
   the DER encoding of the certificates.

https://bugzilla.gnome.org/show_bug.cgi?id=681116
2012-08-03 18:58:30 +02:00
Dan Winship
1dc8d1f932 GTlsCertificate: support unencrypted PKCS#8 private keys
PKCS#8 is the "right" way to encode private keys. Although the APIs do
not currently support encrypted keys, we should at least support
unencrypted PKCS#8 keys.

https://bugzilla.gnome.org/show_bug.cgi?id=664321
2011-11-18 20:26:58 -05:00
Ryan Lortie
09429e2c82 gio static fixups 2011-10-16 21:41:15 -04:00
Nicolas Dufresne
fdfb42b9f2 Rework PEM parsing to not be order dependent
Some valid PEM file would not work because the private key was put
before the certificate.
2011-07-27 16:23:33 -04:00
Dan Winship
784619bc3a Fix two leaks seen when using TLS connections
g_tls_certificate_list_new_from_file() was leaking the file contents,
and GSource was leaking the GSourcePrivate structure that got
created when using child sources.
2011-04-07 08:32:06 -04:00
Johan Dahlin
fdaaa22b58 Correct gtk-doc SECTION: syntax
g-ir-scanner does not allow a space between the : and the
section name.
2011-02-01 16:18:02 -02:00
Dan Winship
73d6bd8a45 Add g_tls_certificate_verify()
Add a method to verify a certificate against a CA; this can be used
for apps that need to test against non-default CAs.

Also make the GTlsCertificate::issuer property virtual
2010-12-07 10:41:05 +01:00
Matthias Clasen
eed36d38d1 Various doc tweaks 2010-11-28 23:55:43 -05:00
Dan Winship
59d62726de Add initial TLS (SSL) support to gio
This adds an extension point for TLS connections to gio, with a
gnutls-based implementation in glib-networking.

Full TLS support is still a work in progress; the current API is
missing some features, and parts of it may still be changed before
2.28.

https://bugzilla.gnome.org/show_bug.cgi?id=588189
2010-11-26 15:57:11 -05:00