1 /* 2 * Copyright (C) the libgit2 contributors. All rights reserved. 3 * 4 * This file is part of libgit2, distributed under the GNU GPL v2 with 5 * a Linking Exception. For full terms see the included COPYING file. 6 */ 7 module libgit2_d.cert; 8 9 10 /** 11 * @file git2/cert.h 12 * @brief Git certificate objects 13 * @defgroup git_cert Certificate objects 14 * @ingroup Git 15 * @{ 16 */ 17 extern (C): 18 nothrow @nogc: 19 public: 20 21 /** 22 * Type of host certificate structure that is passed to the check callback 23 */ 24 enum git_cert_t 25 { 26 /** 27 * No information about the certificate is available. This may 28 * happen when using curl. 29 */ 30 GIT_CERT_NONE, 31 32 /** 33 * The `data` argument to the callback will be a pointer to 34 * the DER-encoded data. 35 */ 36 GIT_CERT_X509, 37 38 /** 39 * The `data` argument to the callback will be a pointer to a 40 * `git_cert_hostkey` structure. 41 */ 42 GIT_CERT_HOSTKEY_LIBSSH2, 43 44 /** 45 * The `data` argument to the callback will be a pointer to a 46 * `git_strarray` with `name:content` strings containing 47 * information about the certificate. This is used when using 48 * curl. 49 */ 50 GIT_CERT_STRARRAY, 51 } 52 53 /** 54 * Parent type for `git_cert_hostkey` and `git_cert_x509`. 55 */ 56 struct git_cert 57 { 58 /** 59 * Type of certificate. A `GIT_CERT_` value. 60 */ 61 .git_cert_t cert_type; 62 } 63 64 /** 65 * Callback for the user's custom certificate checks. 66 * 67 * Params: 68 * cert = The host certificate 69 * valid = Whether the libgit2 checks (OpenSSL or WinHTTP) think this certificate is valid 70 * host = Hostname of the host libgit2 connected to 71 * payload = Payload provided by the caller 72 * 73 * Returns: 0 to proceed with the connection, < 0 to fail the connection or > 0 to indicate that the callback refused to act and that the existing validity determination should be honored 74 */ 75 alias git_transport_certificate_check_cb = int function(.git_cert* cert, int valid, const (char)* host, void* payload); 76 77 /** 78 * Type of SSH host fingerprint 79 */ 80 enum git_cert_ssh_t 81 { 82 /** 83 * MD5 is available 84 */ 85 GIT_CERT_SSH_MD5 = 1 << 0, 86 87 /** 88 * SHA-1 is available 89 */ 90 GIT_CERT_SSH_SHA1 = 1 << 1, 91 92 /** 93 * SHA-256 is available 94 */ 95 GIT_CERT_SSH_SHA256 = 1 << 2, 96 } 97 98 /** 99 * Hostkey information taken from libssh2 100 */ 101 struct git_cert_hostkey 102 { 103 /** 104 * The parent cert 105 */ 106 .git_cert parent; 107 108 /** 109 * A hostkey type from libssh2, either 110 * `git_cert_ssh_t.GIT_CERT_SSH_MD5` or `git_cert_ssh_t.GIT_CERT_SSH_SHA1` 111 */ 112 .git_cert_ssh_t type; 113 114 /** 115 * Hostkey hash. If type has `git_cert_ssh_t.GIT_CERT_SSH_MD5` set, this will 116 * have the MD5 hash of the hostkey. 117 */ 118 ubyte[16] hash_md5; 119 120 /** 121 * Hostkey hash. If type has `git_cert_ssh_t.GIT_CERT_SSH_SHA1` set, this will 122 * have the SHA-1 hash of the hostkey. 123 */ 124 ubyte[20] hash_sha1; 125 126 /** 127 * Hostkey hash. If type has `GIT_CERT_SSH_SHA256` set, this will 128 * have the SHA-256 hash of the hostkey. 129 */ 130 ubyte[32] hash_sha256; 131 } 132 133 /** 134 * X.509 certificate information 135 */ 136 struct git_cert_x509 137 { 138 /** 139 * The parent cert 140 */ 141 .git_cert parent; 142 143 /** 144 * Pointer to the X.509 certificate data 145 */ 146 void* data; 147 148 /** 149 * Length of the memory block pointed to by `data`. 150 */ 151 size_t len; 152 } 153 154 /** @} */