diff --git a/libnm-util/libnm-util.ver b/libnm-util/libnm-util.ver index 2bf48955ab..db50282551 100644 --- a/libnm-util/libnm-util.ver +++ b/libnm-util/libnm-util.ver @@ -31,14 +31,18 @@ global: nm_setting_802_1x_error_get_type; nm_setting_802_1x_error_quark; nm_setting_802_1x_get_anonymous_identity; - nm_setting_802_1x_get_ca_cert_scheme; + nm_setting_802_1x_get_ca_cert; nm_setting_802_1x_get_ca_cert_blob; + nm_setting_802_1x_set_ca_cert_from_file; nm_setting_802_1x_get_ca_cert_path; + nm_setting_802_1x_get_ca_cert_scheme; nm_setting_802_1x_set_ca_cert; nm_setting_802_1x_get_ca_path; - nm_setting_802_1x_get_client_cert_scheme; + nm_setting_802_1x_get_client_cert; nm_setting_802_1x_get_client_cert_blob; + nm_setting_802_1x_set_client_cert_from_file; nm_setting_802_1x_get_client_cert_path; + nm_setting_802_1x_get_client_cert_scheme; nm_setting_802_1x_set_client_cert; nm_setting_802_1x_get_eap_method; nm_setting_802_1x_get_identity; @@ -49,27 +53,37 @@ global: nm_setting_802_1x_get_phase1_peapver; nm_setting_802_1x_get_phase2_auth; nm_setting_802_1x_get_phase2_autheap; - nm_setting_802_1x_get_phase2_ca_cert_scheme; + nm_setting_802_1x_get_phase2_ca_cert; nm_setting_802_1x_get_phase2_ca_cert_blob; + nm_setting_802_1x_set_phase2_ca_cert_from_file; nm_setting_802_1x_get_phase2_ca_cert_path; + nm_setting_802_1x_get_phase2_ca_cert_scheme; nm_setting_802_1x_set_phase2_ca_cert; nm_setting_802_1x_get_phase2_ca_path; - nm_setting_802_1x_get_phase2_client_cert_scheme; + nm_setting_802_1x_get_phase2_client_cert; nm_setting_802_1x_get_phase2_client_cert_blob; + nm_setting_802_1x_set_phase2_client_cert_from_file; nm_setting_802_1x_get_phase2_client_cert_path; + nm_setting_802_1x_get_phase2_client_cert_scheme; nm_setting_802_1x_set_phase2_client_cert; + nm_setting_802_1x_get_phase2_private_key; nm_setting_802_1x_get_phase2_private_key_blob; nm_setting_802_1x_get_phase2_private_key_format; + nm_setting_802_1x_set_phase2_private_key_from_file; nm_setting_802_1x_get_phase2_private_key_password; nm_setting_802_1x_get_phase2_private_key_path; nm_setting_802_1x_get_phase2_private_key_scheme; + nm_setting_802_1x_get_phase2_private_key_type; nm_setting_802_1x_set_phase2_private_key; nm_setting_802_1x_get_pin; + nm_setting_802_1x_get_private_key; nm_setting_802_1x_get_private_key_blob; nm_setting_802_1x_get_private_key_format; + nm_setting_802_1x_set_private_key_from_file; nm_setting_802_1x_get_private_key_password; nm_setting_802_1x_get_private_key_path; nm_setting_802_1x_get_private_key_scheme; + nm_setting_802_1x_get_private_key_type; nm_setting_802_1x_set_private_key; nm_setting_802_1x_get_psk; nm_setting_802_1x_get_system_ca_certs; diff --git a/libnm-util/nm-setting-8021x.c b/libnm-util/nm-setting-8021x.c index b37d7dc8d4..01366811e7 100644 --- a/libnm-util/nm-setting-8021x.c +++ b/libnm-util/nm-setting-8021x.c @@ -423,6 +423,29 @@ nm_setting_802_1x_get_ca_cert_blob (NMSetting8021x *setting) return NM_SETTING_802_1X_GET_PRIVATE (setting)->ca_cert; } +/** + * nm_setting_802_1x_get_ca_cert: + * @setting: the #NMSetting8021x + * + * Returns the CA certificate blob if the CA certificate is stored using the + * %NM_SETTING_802_1X_CK_SCHEME_BLOB scheme. Not all EAP methods use a + * CA certificate (LEAP for example), and those that can take advantage of the + * CA certificate allow it to be unset. Note that lack of a CA certificate + * reduces security by allowing man-in-the-middle attacks, because the identity + * of the network cannot be confirmed by the client. + * + * Deprecated: 0.8: This function has been deprecated and should + * not be used in newly written code. Calling this function is + * equivalent to calling nm_setting_802_1x_get_ca_cert_blob(). + * + * Returns: the CA certificate data + **/ +const GByteArray * +nm_setting_802_1x_get_ca_cert (NMSetting8021x *setting) +{ + return nm_setting_802_1x_get_ca_cert_blob (setting); +} + /** * nm_setting_802_1x_get_ca_cert_path: * @setting: the #NMSetting8021x @@ -537,6 +560,61 @@ nm_setting_802_1x_set_ca_cert (NMSetting8021x *self, return priv->ca_cert != NULL; } +static NMSetting8021xCKType +ck_format_to_type (NMSetting8021xCKFormat format) +{ + switch (format) { + case NM_SETTING_802_1X_CK_FORMAT_X509: + return NM_SETTING_802_1X_CK_TYPE_X509; + case NM_SETTING_802_1X_CK_FORMAT_RAW_KEY: + return NM_SETTING_802_1X_CK_TYPE_RAW_KEY; + case NM_SETTING_802_1X_CK_FORMAT_PKCS12: + return NM_SETTING_802_1X_CK_TYPE_PKCS12; + default: + break; + } + return NM_SETTING_802_1X_CK_TYPE_UNKNOWN; +} + +/** + * nm_setting_802_1x_set_ca_cert_from_file: + * @setting: the #NMSetting8021x + * @filename: the path of the CA certificate file (PEM or DER format). Passing + * NULL clears the CA certificate. + * @out_ck_type: on successful return, the type of the certificate added + * @error: on unsuccessful return, an error + * + * Reads a certificate from disk and sets the #NMSetting8021x:ca-cert property + * with the raw certificate data using the %NM_SETTING_802_1X_CK_SCHEME_BLOB + * scheme. + * + * Deprecated: 0.8: This function has been deprecated and should + * not be used in newly written code. Calling this function is + * equivalent to calling nm_setting_802_1x_set_ca_cert() with the + * %NM_SETTING_802_1X_CK_SCHEME_BLOB scheme. + * + * Returns: TRUE if the operation succeeded, FALSE if it was unsuccessful + **/ +gboolean +nm_setting_802_1x_set_ca_cert_from_file (NMSetting8021x *setting, + const char *filename, + NMSetting8021xCKType *out_ck_type, + GError **error) +{ + gboolean success; + NMSetting8021xCKFormat format = NM_SETTING_802_1X_CK_FORMAT_UNKNOWN; + + success = nm_setting_802_1x_set_ca_cert (setting, + filename, + NM_SETTING_802_1X_CK_SCHEME_BLOB, + &format, + error); + if (success && out_ck_type) + *out_ck_type = ck_format_to_type (format); + + return success; +} + /** * nm_setting_802_1x_get_client_cert_scheme: * @setting: the #NMSetting8021x @@ -578,6 +656,26 @@ nm_setting_802_1x_get_client_cert_blob (NMSetting8021x *setting) return NM_SETTING_802_1X_GET_PRIVATE (setting)->client_cert; } +/** + * nm_setting_802_1x_get_client_cert: + * @setting: the #NMSetting8021x + * + * Client certificates are used to identify the connecting client to the network + * when EAP-TLS is used as either the "phase 1" or "phase 2" 802.1x + * authentication method. + * + * Deprecated: 0.8: This function has been deprecated and should + * not be used in newly written code. Calling this function is + * equivalent to calling nm_setting_802_1x_get_client_cert_blob(). + * + * Returns: the client certificate data + **/ +const GByteArray * +nm_setting_802_1x_get_client_cert (NMSetting8021x *setting) +{ + return nm_setting_802_1x_get_client_cert_blob (setting); +} + /** * nm_setting_802_1x_get_client_cert_path: * @setting: the #NMSetting8021x @@ -697,6 +795,48 @@ nm_setting_802_1x_set_client_cert (NMSetting8021x *self, return priv->client_cert != NULL; } +/** + * nm_setting_802_1x_set_client_cert_from_file: + * @setting: the #NMSetting8021x + * @filename: the path of the client certificate file (PEM, DER, or + * PKCS#12 format). Passing NULL clears the client certificate. + * @out_ck_type: on successful return, the type of the certificate added + * @error: on unsuccessful return, an error + * + * Reads a certificate from disk and sets the #NMSetting8021x:client-cert + * property with the raw certificate data. + * + * Client certificates are used to identify the connecting client to the network + * when EAP-TLS is used as either the "phase 1" or "phase 2" 802.1x + * authentication method. + * + * Deprecated: 0.8: This function has been deprecated and should + * not be used in newly written code. Calling this function is + * equivalent to calling nm_setting_802_1x_set_client_cert() with the + * %NM_SETTING_802_1X_CK_SCHEME_BLOB scheme. + * + * Returns: TRUE if the operation succeeded, FALSE if it was unsuccessful + **/ +gboolean +nm_setting_802_1x_set_client_cert_from_file (NMSetting8021x *setting, + const char *filename, + NMSetting8021xCKType *out_ck_type, + GError **error) +{ + gboolean success; + NMSetting8021xCKFormat format = NM_SETTING_802_1X_CK_FORMAT_UNKNOWN; + + success = nm_setting_802_1x_set_client_cert (setting, + filename, + NM_SETTING_802_1X_CK_SCHEME_BLOB, + &format, + error); + if (success && out_ck_type) + *out_ck_type = ck_format_to_type (format); + + return success; +} + /** * nm_setting_802_1x_get_phase1_peapver: * @setting: the #NMSetting8021x @@ -842,6 +982,28 @@ nm_setting_802_1x_get_phase2_ca_cert_blob (NMSetting8021x *setting) return NM_SETTING_802_1X_GET_PRIVATE (setting)->phase2_ca_cert; } +/** + * nm_setting_802_1x_get_phase2_ca_cert: + * @setting: the #NMSetting8021x + * + * Returns the "phase 2" CA certificate blob. Not all EAP methods use + * a CA certificate (LEAP for example), and those that can take advantage of the + * CA certificate allow it to be unset. Note that lack of a CA certificate + * reduces security by allowing man-in-the-middle attacks, because the identity + * of the network cannot be confirmed by the client. + * + * Deprecated: 0.8: This function has been deprecated and should + * not be used in newly written code. Calling this function is + * equivalent to calling nm_setting_802_1x_get_phase2_ca_cert_blob(). + * + * Returns: the "phase 2" CA certificate data + **/ +const GByteArray * +nm_setting_802_1x_get_phase2_ca_cert (NMSetting8021x *setting) +{ + return nm_setting_802_1x_get_phase2_ca_cert_blob (setting); +} + /** * nm_setting_802_1x_get_phase2_ca_cert_path: * @setting: the #NMSetting8021x @@ -956,6 +1118,44 @@ nm_setting_802_1x_set_phase2_ca_cert (NMSetting8021x *self, return priv->phase2_ca_cert != NULL; } +/** + * nm_setting_802_1x_set_phase2_ca_cert_from_file: + * @setting: the #NMSetting8021x + * @filename: the path of the "phase2" CA certificate file (PEM or DER format). + * Passing NULL with any @scheme clears the "phase2" CA certificate. + * @out_ck_type: on successful return, the type of the certificate added + * @error: on unsuccessful return, an error + * + * Reads a certificate from disk and sets the #NMSetting8021x:phase2-ca-cert + * property with the raw certificate data. + * + * Deprecated: 0.8: This function has been deprecated and should + * not be used in newly written code. Calling this function is + * equivalent to calling nm_setting_802_1x_set_phase2_ca_cert(). + * with the %NM_SETTING_802_1X_CK_SCHEME_BLOB scheme. + * + * Returns: TRUE if the operation succeeded, FALSE if it was unsuccessful + **/ +gboolean +nm_setting_802_1x_set_phase2_ca_cert_from_file (NMSetting8021x *setting, + const char *filename, + NMSetting8021xCKType *out_ck_type, + GError **error) +{ + gboolean success; + NMSetting8021xCKFormat format = NM_SETTING_802_1X_CK_FORMAT_UNKNOWN; + + success = nm_setting_802_1x_set_phase2_ca_cert (setting, + filename, + NM_SETTING_802_1X_CK_SCHEME_BLOB, + &format, + error); + if (success && out_ck_type) + *out_ck_type = ck_format_to_type (format); + + return success; +} + /** * nm_setting_802_1x_get_phase2_client_cert_scheme: * @setting: the #NMSetting8021x @@ -999,6 +1199,26 @@ nm_setting_802_1x_get_phase2_client_cert_blob (NMSetting8021x *setting) return NM_SETTING_802_1X_GET_PRIVATE (setting)->phase2_client_cert; } +/** + * nm_setting_802_1x_get_phase2_client_cert: + * @setting: the #NMSetting8021x + * + * Client certificates are used to identify the connecting client to the network + * when EAP-TLS is used as either the "phase 1" or "phase 2" 802.1x + * authentication method. + * + * Deprecated: 0.8: This function has been deprecated and should + * not be used in newly written code. Calling this function is + * equivalent to calling nm_setting_802_1x_get_phase2_client_cert_blob(). + * + * Returns: the "phase 2" client certificate data + **/ +const GByteArray * +nm_setting_802_1x_get_phase2_client_cert (NMSetting8021x *setting) +{ + return nm_setting_802_1x_get_phase2_client_cert_blob (setting); +} + /** * nm_setting_802_1x_get_phase2_client_cert_path: * @setting: the #NMSetting8021x @@ -1118,6 +1338,48 @@ nm_setting_802_1x_set_phase2_client_cert (NMSetting8021x *self, return priv->phase2_client_cert != NULL; } +/** + * nm_setting_802_1x_set_phase2_client_cert_from_file: + * @setting: the #NMSetting8021x + * @filename: pass the path of the "phase2" client certificate file (PEM, DER, + * or PKCS#12 format). Passing NULL clears the "phase2" client certificate. + * @out_ck_type: on successful return, the type of the certificate added + * @error: on unsuccessful return, an error + * + * Reads a certificate from disk and sets the #NMSetting8021x:phase2-client-cert + * property with the raw certificate data. + * + * Client certificates are used to identify the connecting client to the network + * when EAP-TLS is used as either the "phase 1" or "phase 2" 802.1x + * authentication method. + * + * Deprecated: 0.8: This function has been deprecated and should + * not be used in newly written code. Calling this function is + * equivalent to calling nm_setting_802_1x_set_phase2_client_cert() with the. + * %NM_SETTING_802_1X_CK_SCHEME_BLOB scheme. + * + * Returns: TRUE if the operation succeeded, FALSE if it was unsuccessful + **/ +gboolean +nm_setting_802_1x_set_phase2_client_cert_from_file (NMSetting8021x *setting, + const char *filename, + NMSetting8021xCKType *out_ck_type, + GError **error) +{ + gboolean success; + NMSetting8021xCKFormat format = NM_SETTING_802_1X_CK_FORMAT_UNKNOWN; + + success = nm_setting_802_1x_set_phase2_client_cert (setting, + filename, + NM_SETTING_802_1X_CK_SCHEME_BLOB, + &format, + error); + if (success && out_ck_type) + *out_ck_type = ck_format_to_type (format); + + return success; +} + /** * nm_setting_802_1x_get_password: * @setting: the #NMSetting8021x @@ -1206,6 +1468,26 @@ nm_setting_802_1x_get_private_key_blob (NMSetting8021x *setting) return NM_SETTING_802_1X_GET_PRIVATE (setting)->private_key; } +/** + * nm_setting_802_1x_get_private_key: + * @setting: the #NMSetting8021x + * + * Private keys are used to authenticate the connecting client to the network + * when EAP-TLS is used as either the "phase 1" or "phase 2" 802.1x + * authentication method. + * + * Deprecated: 0.8: This function has been deprecated and should + * not be used in newly written code. Calling this function is + * equivalent to calling nm_setting_802_1x_get_private_key_blob(). + * + * Returns: the private key data + **/ +const GByteArray * +nm_setting_802_1x_get_private_key (NMSetting8021x *setting) +{ + return nm_setting_802_1x_get_private_key_blob (setting); +} + /** * nm_setting_802_1x_get_private_key_path: * @setting: the #NMSetting8021x @@ -1384,6 +1666,51 @@ nm_setting_802_1x_set_private_key (NMSetting8021x *self, return priv->private_key != NULL; } +/** + * nm_setting_802_1x_set_private_key_from_file: + * @setting: the #NMSetting8021x + * @filename: the path of the private key file (PEM, DER, or PKCS#12 format). + * Passing NULL clears the private key. + * @password: password used to decrypt the private key + * @out_ck_type: on successful return, the type of the private key added + * @error: on unsuccessful return, an error + * + * Reads a private key from disk and sets the #NMSetting8021x:private-key + * property with the raw private key data. + * + * Private keys are used to authenticate the connecting client to the network + * when EAP-TLS is used as either the "phase 1" or "phase 2" 802.1x + * authentication method. + * + * Deprecated: 0.8: This function has been deprecated and should + * not be used in newly written code. Calling this function is + * equivalent to calling nm_setting_802_1x_set_private_key() with. + * the %NM_SETTING_802_1X_CK_SCHEME_BLOB scheme. + * + * Returns: TRUE if the operation succeeded, FALSE if it was unsuccessful + **/ +gboolean +nm_setting_802_1x_set_private_key_from_file (NMSetting8021x *setting, + const char *filename, + const char *password, + NMSetting8021xCKType *out_ck_type, + GError **error) +{ + gboolean success; + NMSetting8021xCKFormat format = NM_SETTING_802_1X_CK_FORMAT_UNKNOWN; + + success = nm_setting_802_1x_set_private_key (setting, + filename, + password, + NM_SETTING_802_1X_CK_SCHEME_BLOB, + &format, + error); + if (success && out_ck_type) + *out_ck_type = ck_format_to_type (format); + + return success; +} + /** * nm_setting_802_1x_get_private_key_password: * @setting: the #NMSetting8021x @@ -1443,6 +1770,23 @@ nm_setting_802_1x_get_private_key_format (NMSetting8021x *setting) return NM_SETTING_802_1X_CK_FORMAT_UNKNOWN; } +/** + * nm_setting_802_1x_get_private_key_type: + * @setting: the #NMSetting8021x + * + * Deprecated: 0.8: This function has been deprecated and should + * not be used in newly written code. Calling this function is + * equivalent to calling nm_setting_802_1x_get_private_key_format(). + * + * Returns: the data format of the private key data stored in the + * #NMSetting8021x:private-key property + **/ +NMSetting8021xCKType +nm_setting_802_1x_get_private_key_type (NMSetting8021x *setting) +{ + return ck_format_to_type (nm_setting_802_1x_get_private_key_format (setting)); +} + /** * nm_setting_802_1x_get_phase2_private_key_password: * @setting: the #NMSetting8021x @@ -1503,6 +1847,26 @@ nm_setting_802_1x_get_phase2_private_key_blob (NMSetting8021x *setting) return NM_SETTING_802_1X_GET_PRIVATE (setting)->phase2_private_key; } +/** + * nm_setting_802_1x_get_phase2_private_key: + * @setting: the #NMSetting8021x + * + * Private keys are used to authenticate the connecting client to the network + * when EAP-TLS is used as either the "phase 1" or "phase 2" 802.1x + * authentication method. + * + * Deprecated: 0.8: This function has been deprecated and should + * not be used in newly written code. Calling this function is + * equivalent to calling nm_setting_802_1x_get_private_key_blob(). + * + * Returns: the "phase 2" private key data + **/ +const GByteArray * +nm_setting_802_1x_get_phase2_private_key (NMSetting8021x *setting) +{ + return nm_setting_802_1x_get_phase2_private_key_blob (setting); +} + /** * nm_setting_802_1x_get_phase2_private_key_path: * @setting: the #NMSetting8021x @@ -1680,6 +2044,51 @@ nm_setting_802_1x_set_phase2_private_key (NMSetting8021x *self, return priv->phase2_private_key != NULL; } +/** + * nm_setting_802_1x_set_phase2_private_key: + * @setting: the #NMSetting8021x + * @filename: the path of the "phase2" private key file (PEM, DER, or PKCS#12 + * format). Passing NULL clears the "phase2" private key. + * @password: password used to decrypt the private key + * @out_ck_type: on successful return, the type of the private key added + * @error: on unsuccessful return, an error + * + * Reads a "phase 2" private key from disk and sets the + * #NMSetting8021x:phase2-private-key property with the raw private key data. + * + * Private keys are used to authenticate the connecting client to the network + * when EAP-TLS is used as either the "phase 1" or "phase 2" 802.1x + * authentication method. + * + * Deprecated: 0.8: This function has been deprecated and should + * not be used in newly written code. Calling this function is + * equivalent to calling nm_setting_802_1x_set_phase2_private_key() with + * the %NM_SETTING_802_1X_CK_SCHEME_BLOB scheme. + * + * Returns: TRUE if the operation succeeded, FALSE if it was unsuccessful + **/ +gboolean +nm_setting_802_1x_set_phase2_private_key_from_file (NMSetting8021x *setting, + const char *filename, + const char *password, + NMSetting8021xCKType *out_ck_type, + GError **error) +{ + gboolean success; + NMSetting8021xCKFormat format = NM_SETTING_802_1X_CK_FORMAT_UNKNOWN; + + success = nm_setting_802_1x_set_phase2_private_key (setting, + filename, + password, + NM_SETTING_802_1X_CK_SCHEME_BLOB, + &format, + error); + if (success && out_ck_type) + *out_ck_type = ck_format_to_type (format); + + return success; +} + /** * nm_setting_802_1x_get_phase2_private_key_format: * @setting: the #NMSetting8021x @@ -1722,6 +2131,23 @@ nm_setting_802_1x_get_phase2_private_key_format (NMSetting8021x *setting) return NM_SETTING_802_1X_CK_FORMAT_UNKNOWN; } +/** + * nm_setting_802_1x_get_phase2_private_key_type: + * @setting: the #NMSetting8021x + * + * Deprecated: 0.8: This function has been deprecated and should + * not be used in newly written code. Calling this function is + * equivalent to calling nm_setting_802_1x_get_phase2_private_key_format(). + * + * Returns: the data format of the private key data stored in the + * #NMSetting8021x:phase2-private-key property + **/ +NMSetting8021xCKType +nm_setting_802_1x_get_phase2_private_key_type (NMSetting8021x *setting) +{ + return ck_format_to_type (nm_setting_802_1x_get_phase2_private_key_format (setting)); +} + static void need_secrets_password (NMSetting8021x *self, GPtrArray *secrets, diff --git a/libnm-util/nm-setting-8021x.h b/libnm-util/nm-setting-8021x.h index 81e20b38f5..0d332b33b1 100644 --- a/libnm-util/nm-setting-8021x.h +++ b/libnm-util/nm-setting-8021x.h @@ -217,6 +217,58 @@ const char * nm_setting_802_1x_get_phase2_private_key_password (NMSett NMSetting8021xCKFormat nm_setting_802_1x_get_phase2_private_key_format (NMSetting8021x *setting); + +/***** DEPRECATED; anything below will be removed in version 0.9 *****/ + +typedef enum { + NM_SETTING_802_1X_CK_TYPE_UNKNOWN = 0, + NM_SETTING_802_1X_CK_TYPE_X509, + NM_SETTING_802_1X_CK_TYPE_RAW_KEY, + NM_SETTING_802_1X_CK_TYPE_PKCS12 +} NMSetting8021xCKType; + +const GByteArray *nm_setting_802_1x_get_ca_cert (NMSetting8021x *setting); +gboolean nm_setting_802_1x_set_ca_cert_from_file (NMSetting8021x *setting, + const char *filename, + NMSetting8021xCKType *out_ck_type, + GError **error); + +const GByteArray *nm_setting_802_1x_get_client_cert (NMSetting8021x *setting); +gboolean nm_setting_802_1x_set_client_cert_from_file (NMSetting8021x *setting, + const char *filename, + NMSetting8021xCKType *out_ck_type, + GError **error); + +const GByteArray *nm_setting_802_1x_get_phase2_ca_cert (NMSetting8021x *setting); +gboolean nm_setting_802_1x_set_phase2_ca_cert_from_file (NMSetting8021x *setting, + const char *filename, + NMSetting8021xCKType *out_ck_type, + GError **error); + +const GByteArray *nm_setting_802_1x_get_phase2_client_cert (NMSetting8021x *setting); +gboolean nm_setting_802_1x_set_phase2_client_cert_from_file (NMSetting8021x *setting, + const char *filename, + NMSetting8021xCKType *out_ck_type, + GError **error); + +const GByteArray *nm_setting_802_1x_get_private_key (NMSetting8021x *setting); +gboolean nm_setting_802_1x_set_private_key_from_file (NMSetting8021x *setting, + const char *filename, + const char *password, + NMSetting8021xCKType *out_ck_type, + GError **error); + +NMSetting8021xCKType nm_setting_802_1x_get_private_key_type (NMSetting8021x *setting); + +const GByteArray *nm_setting_802_1x_get_phase2_private_key (NMSetting8021x *setting); +gboolean nm_setting_802_1x_set_phase2_private_key_from_file (NMSetting8021x *setting, + const char *filename, + const char *password, + NMSetting8021xCKType *out_ck_type, + GError **error); + +NMSetting8021xCKType nm_setting_802_1x_get_phase2_private_key_type (NMSetting8021x *setting); + G_END_DECLS #endif /* NM_SETTING_8021X_H */