Determines the validity of a certificate chain after looking up and adding any missing certificates to the chain.
chain is a chain of TlsCertificate objects each pointing to the next
certificate in the chain by its issuer property. The chain may
initially consist of one or more certificates. After the verification process is complete,
chain may be modified by adding missing
certificates, or removing extra certificates. If a certificate anchor was found, then it is added to the
purpose describes the purpose (or usage) for which the certificate is being used. Typically
purpose will be set to
TLS_DATABASE_PURPOSE_AUTHENTICATE_SERVER which means
that the certificate is being used to authenticate a server (and we are acting as the client).
identity is used to check for pinned certificates (trust exceptions) in the database. These will override the normal
verification process on a host by host basis.
Currently there are no
flags, and g_tls_database_verify_none should be used.
chain is found to be valid, then the return value will be 0. If
chain is found to be invalid, then the return
value will indicate the problems found. If the function is unable to determine whether
chain is valid or not (eg, because
cancellable is triggered before it completes) then the return value will be g_tls_certificate_generic_error
and throws will be set accordingly. throws is not set when
chain is successfully analyzed but found to be invalid.
This function can block, use verify_chain_async to perform the verification operation asynchronously.
a TlsCertificate chain
the purpose that this certificate chain will be used for.
the expected peer identity
used to interact with the user if necessary
additional verify flags
a Cancellable, or null
the appropriate TlsCertificateFlags which represents the result of verification.