1 /* 2 * Copyright (C) the libgit2 contributors. All rights reserved. 3 * 4 * This file is part of libgit2, distributed under the GNU GPL v2 with 5 * a Linking Exception. For full terms see the included COPYING file. 6 */ 7 module libgit2_d.cert; 8 9 10 /** 11 * @file git2/cert.h 12 * @brief Git certificate objects 13 * @defgroup git_cert Certificate objects 14 * @ingroup Git 15 * @{ 16 */ 17 extern (C): 18 nothrow @nogc: 19 public: 20 21 /** 22 * Type of host certificate structure that is passed to the check callback 23 */ 24 enum git_cert_t 25 { 26 /** 27 * No information about the certificate is available. This may 28 * happen when using curl. 29 */ 30 GIT_CERT_NONE, 31 32 /** 33 * The `data` argument to the callback will be a pointer to 34 * the DER-encoded data. 35 */ 36 GIT_CERT_X509, 37 38 /** 39 * The `data` argument to the callback will be a pointer to a 40 * `git_cert_hostkey` structure. 41 */ 42 GIT_CERT_HOSTKEY_LIBSSH2, 43 44 /** 45 * The `data` argument to the callback will be a pointer to a 46 * `git_strarray` with `name:content` strings containing 47 * information about the certificate. This is used when using 48 * curl. 49 */ 50 GIT_CERT_STRARRAY, 51 } 52 53 /** 54 * Parent type for `git_cert_hostkey` and `git_cert_x509`. 55 */ 56 struct git_cert 57 { 58 /** 59 * Type of certificate. A `GIT_CERT_` value. 60 */ 61 .git_cert_t cert_type; 62 } 63 64 /** 65 * Callback for the user's custom certificate checks. 66 * 67 * @param cert The host certificate 68 * @param valid Whether the libgit2 checks (OpenSSL or WinHTTP) think 69 * this certificate is valid 70 * @param host Hostname of the host libgit2 connected to 71 * @param payload Payload provided by the caller 72 * @return 0 to proceed with the connection, < 0 to fail the connection 73 * or > 0 to indicate that the callback refused to act and that 74 * the existing validity determination should be honored 75 */ 76 alias git_transport_certificate_check_cb = int function(.git_cert* cert, int valid, const (char)* host, void* payload); 77 78 /** 79 * Type of SSH host fingerprint 80 */ 81 enum git_cert_ssh_t 82 { 83 /** 84 * MD5 is available 85 */ 86 GIT_CERT_SSH_MD5 = 1 << 0, 87 88 /** 89 * SHA-1 is available 90 */ 91 GIT_CERT_SSH_SHA1 = 1 << 1, 92 93 /** 94 * SHA-256 is available 95 */ 96 GIT_CERT_SSH_SHA256 = 1 << 2, 97 } 98 99 /** 100 * Hostkey information taken from libssh2 101 */ 102 struct git_cert_hostkey 103 { 104 /** 105 * The parent cert 106 */ 107 .git_cert parent; 108 109 /** 110 * A hostkey type from libssh2, either 111 * `git_cert_ssh_t.GIT_CERT_SSH_MD5` or `git_cert_ssh_t.GIT_CERT_SSH_SHA1` 112 */ 113 .git_cert_ssh_t type; 114 115 /** 116 * Hostkey hash. If type has `git_cert_ssh_t.GIT_CERT_SSH_MD5` set, this will 117 * have the MD5 hash of the hostkey. 118 */ 119 ubyte[16] hash_md5; 120 121 /** 122 * Hostkey hash. If type has `git_cert_ssh_t.GIT_CERT_SSH_SHA1` set, this will 123 * have the SHA-1 hash of the hostkey. 124 */ 125 ubyte[20] hash_sha1; 126 127 /** 128 * Hostkey hash. If type has `GIT_CERT_SSH_SHA256` set, this will 129 * have the SHA-256 hash of the hostkey. 130 */ 131 ubyte[32] hash_sha256; 132 } 133 134 /** 135 * X.509 certificate information 136 */ 137 struct git_cert_x509 138 { 139 /** 140 * The parent cert 141 */ 142 .git_cert parent; 143 144 /** 145 * Pointer to the X.509 certificate data 146 */ 147 void* data; 148 149 /** 150 * Length of the memory block pointed to by `data`. 151 */ 152 size_t len; 153 } 154 155 /** @} */