seahorse r2630 - in trunk: . libcryptui libcryptui/tests libcryptui/tests/files pkcs11 po



Author: nnielsen
Date: Sat Nov 22 23:42:50 2008
New Revision: 2630
URL: http://svn.gnome.org/viewvc/seahorse?rev=2630&view=rev

Log:
	* libcryptui/crui-asn1.c: (added)
	* libcryptui/crui-asn1.h: (added)
	* libcryptui/pk.asn: (added)
	* libcryptui/pkix.asn: (added)
	* libcryptui/tests/unit-test-asn1.c: (added)
	* configure.in: Add libtasn1 depdencency and ASN.1 parsing functionality
	to libcryptui.
	
	* libcryptui/crui-util.c: (added)
	* libcryptui/crui-util.h: (added)
	* libcryptui/crui-x509-cert.c: (added)
	* libcryptui/crui-x509-cert.h: (added)
	* libcryptui/crui-x509-simple.c: (added)
	* libcryptui/crui-x509-simple.h: (added)
	* libcryptui/tests/unit-test-util.c: (added)
	* libcryptui/tests/unit-test-x509-cert.c: (added)
	* libcryptui/tests/files/test-certificate-1.der: (added) Add interface 
	that represents a certificate, and a basic file loader.
	
	* libcryptui/crui-x509-cert-basics.c: (added)
	* libcryptui/crui-x509-cert-basics.h: (added)
	* libcryptui/crui-x509-cert-basics.glade: (added)
	* libcryptui/crui-x509-cert-basics.ui: (added)
	* libcryptui/crui-x509-cert-dialog.c: (added)
	* libcryptui/crui-x509-cert-dialog.h: (added)
	* libcryptui/tests/crui-show.c: (added) Add a basic UI display for a X509
	certificate.
	
	* libcryptui/gtest-helpers.c: (added)
	* libcryptui/gtest-helpers.h: (added)
	* libcryptui/gtest-prep.sh: (added)
	* libcryptui/Makefile.am: Add unit testing to libcryptui for new functionality.
	
	* libcryptui/tests/cryptui-test-keyset.c: (removed)
	* libcryptui/tests/cryptui-test-ui.c: 
	* libcryptui/Makefile.am: Reorganize old tests.
	
	* pkcs11/libseahorse-pkcs11-c.vapi: (added)
	* pkcs11/Makefile.am:
	* pkcs11/seahorse-pkcs11-certificate.c:
	* pkcs11/seahorse-pkcs11-certificate.h:
	* pkcs11/seahorse-pkcs11-certificate.vala: (removed)
	* pkcs11/seahorse-pkcs11-commands.c: (added)
	* pkcs11/seahorse-pkcs11-commands.h: (added)
	* pkcs11/seahorse-pkcs11-module.c:
	* pkcs11/seahorse-pkcs11-source.vala: Use the new X509 display for certificates
	in seahorse. Very simple beginnings. Rework SeahorsePkcs11Certificate. No longer
	written in vala.


Added:
   trunk/libcryptui/crui-asn1.c
   trunk/libcryptui/crui-asn1.h
   trunk/libcryptui/crui-util.c
   trunk/libcryptui/crui-util.h
   trunk/libcryptui/crui-x509-cert-basics.c
   trunk/libcryptui/crui-x509-cert-basics.glade
   trunk/libcryptui/crui-x509-cert-basics.h
   trunk/libcryptui/crui-x509-cert-basics.ui
   trunk/libcryptui/crui-x509-cert-dialog.c
   trunk/libcryptui/crui-x509-cert-dialog.h
   trunk/libcryptui/crui-x509-cert-simple.c
   trunk/libcryptui/crui-x509-cert-simple.h
   trunk/libcryptui/crui-x509-cert.c
   trunk/libcryptui/crui-x509-cert.h
   trunk/libcryptui/pk.asn
   trunk/libcryptui/pkix.asn
   trunk/libcryptui/tests/crui-show.c
   trunk/libcryptui/tests/files/
   trunk/libcryptui/tests/files/test-certificate-1.der   (contents, props changed)
   trunk/libcryptui/tests/gtest-helpers.c
   trunk/libcryptui/tests/gtest-helpers.h
   trunk/libcryptui/tests/gtest-prep.sh
   trunk/libcryptui/tests/unit-test-asn1.c
   trunk/libcryptui/tests/unit-test-util.c
   trunk/libcryptui/tests/unit-test-x509-cert.c
   trunk/pkcs11/libseahorse-pkcs11-c.vapi
   trunk/pkcs11/seahorse-pkcs11-commands.c
   trunk/pkcs11/seahorse-pkcs11-commands.h
Removed:
   trunk/libcryptui/tests/cryptui-test-keyset.c
   trunk/pkcs11/seahorse-pkcs11-certificate.vala
Modified:
   trunk/ChangeLog
   trunk/configure.in
   trunk/libcryptui/   (props changed)
   trunk/libcryptui/Makefile.am
   trunk/libcryptui/tests/   (props changed)
   trunk/libcryptui/tests/Makefile.am
   trunk/libcryptui/tests/cryptui-test-ui.c
   trunk/pkcs11/Makefile.am
   trunk/pkcs11/seahorse-pkcs11-certificate.c
   trunk/pkcs11/seahorse-pkcs11-certificate.h
   trunk/pkcs11/seahorse-pkcs11-module.c
   trunk/pkcs11/seahorse-pkcs11-source.c
   trunk/pkcs11/seahorse-pkcs11-source.vala
   trunk/pkcs11/vala-build.stamp
   trunk/po/ChangeLog
   trunk/po/POTFILES.in
   trunk/po/POTFILES.skip

Modified: trunk/configure.in
==============================================================================
--- trunk/configure.in	(original)
+++ trunk/configure.in	Sat Nov 22 23:42:50 2008
@@ -392,30 +392,6 @@
 SEAHORSE_CFLAGS="$SEAHORSE_CFLAGS $DBUS_CFLAGS"
 SEAHORSE_LIBS="$SEAHORSE_LIBS $DBUS_LIBS"
 
-dnl ****************************************************************************
-dnl LIBCRYPTUI
-dnl ****************************************************************************
-   
-if test "$enable_dbus" != "yes"; then
-    echo "disabling libcryptui: no dbus support"
-else
-    
-    LIBCRYPTUI_LT_RELEASE=$LIBCRYPTUI_CURRENT:$LIBCRYPTUI_REVISION:$LIBCRYPTUI_AGE
-    AC_SUBST(LIBCRYPTUI_LT_RELEASE)
-
-    LIBCRYPTUI_MAJOR=$LIBCRYPTUI_CURRENT.$LIBCRYPTUI_REVISION
-    AC_SUBST(LIBCRYPTUI_MAJOR)
-    
-    PKG_CHECK_MODULES(LIBCRYPTUI, gtk+-2.0 >= 2.10.0 gconf-2.0)
-
-    LIBCRYPTUI_CFLAGS="$LIBCRYPTUI_CFLAGS $DBUS_CFLAGS"
-    LIBCRYPTUI_LIBS="$LIBCRYPTUI_LIBS $DBUS_LIBS" 
-        
-    AC_SUBST(LIBCRYPTUI_CFLAGS)
-    AC_SUBST(LIBCRYPTUI_LIBS)
-fi
-
-   
 dnl *******************
 dnl LIBNOTIFY
 dnl *******************
@@ -530,6 +506,34 @@
 AM_CONDITIONAL(WITH_TESTS, test "$enable_tests" == "yes")
 
 dnl ****************************************************************************
+dnl LIBCRYPTUI
+dnl ****************************************************************************
+   
+LIBCRYPTUI_LT_RELEASE=$LIBCRYPTUI_CURRENT:$LIBCRYPTUI_REVISION:$LIBCRYPTUI_AGE
+AC_SUBST(LIBCRYPTUI_LT_RELEASE)
+
+LIBCRYPTUI_MAJOR=$LIBCRYPTUI_CURRENT.$LIBCRYPTUI_REVISION
+AC_SUBST(LIBCRYPTUI_MAJOR)
+    
+PKG_CHECK_MODULES(LIBCRYPTUI, gtk+-2.0 >= 2.10.0 gconf-2.0)
+
+NEED_LIBTASN1_VERSION=0.3.4
+
+AM_PATH_LIBTASN1($NEED_LIBTASN1_VERSION, ,
+	AC_MSG_ERROR([[
+*** 
+*** LibtASN1 ${NEED_LIBTASN1_VERSION} was not found. 
+]]))
+
+libtasn=yes
+
+LIBCRYPTUI_CFLAGS="$LIBCRYPTUI_CFLAGS $DBUS_CFLAGS $LIBTASN1_CFLAGS"
+LIBCRYPTUI_LIBS="$LIBCRYPTUI_LIBS $DBUS_LIBS $LIBTASN1_LIBS" 
+
+AC_SUBST(LIBCRYPTUI_CFLAGS)
+AC_SUBST(LIBCRYPTUI_LIBS)
+
+dnl ****************************************************************************
 
 VALA_PKGS="--pkg glib-2.0 --pkg gio-2.0 --pkg gtk+-2.0 --pkg gconf-2.0"
 AC_SUBST(VALA_PKGS)

Modified: trunk/libcryptui/Makefile.am
==============================================================================
--- trunk/libcryptui/Makefile.am	(original)
+++ trunk/libcryptui/Makefile.am	Sat Nov 22 23:42:50 2008
@@ -6,6 +6,10 @@
 
 SUBDIRS = . $(TESTS_DIR)
 
+# -----------------------------------------------------------------
+# LIBRARY HEADERS
+# 
+
 incdir = $(includedir)/libcryptui
 
 inc_HEADERS = \
@@ -14,18 +18,32 @@
     cryptui-key-store.h \
     cryptui-key-combo.h \
     cryptui-key-list.h \
-    cryptui-key-chooser.h
+    cryptui-key-chooser.h \
+    crui-x509-cert.h \
+    crui-x509-cert-simple.h \
+    crui-x509-cert-basics.h \
+    crui-x509-cert-dialog.h
+
+# -----------------------------------------------------------------
+# MARSHALLERS
+# 
 
-INCLUDES = -I$(top_builddir) \
-    -I$(top_srcdir) \
-    $(LIBCRYPTUI_CFLAGS) \
-    -DLIBCRYPTUI_BUILD=1 \
-    -DLIBCRYPTUI_API_SUBJECT_TO_CHANGE 
+MARSHALLERS = \
+    cryptui-marshal.c cryptui-marshal.h
 
-lib_LTLIBRARIES = libcryptui.la
+cryptui-marshal.h: cryptui-marshal.list $(GLIB_GENMARSHAL)
+	$(GLIB_GENMARSHAL) $< --header --prefix=cryptui_marshal > $@
 
-BUILT_SOURCES = \
-    cryptui-marshal.c cryptui-marshal.h
+cryptui-marshal.c: cryptui-marshal.list $(GLIB_GENMARSHAL)
+	echo "#include \"cryptui-marshal.h\"" > $@ && \
+	$(GLIB_GENMARSHAL) $< --body --prefix=cryptui_marshal >> $@
+	
+
+# -----------------------------------------------------------------
+# LIBRARY SOURCES
+# 
+
+lib_LTLIBRARIES = libcryptui.la
 
 libcryptui_la_SOURCES = \
     cryptui.h cryptui.c cryptui-defines.h cryptui-priv.h \
@@ -34,31 +52,79 @@
     cryptui-key-combo.h cryptui-key-combo.c \
     cryptui-key-list.h cryptui-key-list.c \
     cryptui-key-chooser.h cryptui-key-chooser.c \
-    $(BUILT_SOURCES)
+    crui-asn1.h crui-asn1.c \
+    crui-util.h crui-util.c \
+    crui-x509-cert.h crui-x509-cert.c \
+    crui-x509-cert-basics.h crui-x509-cert-basics.c \
+    crui-x509-cert-dialog.h crui-x509-cert-dialog.c \
+    crui-x509-cert-simple.h crui-x509-cert-simple.c \
+    $(MARSHALLERS)
     
 libcryptui_la_LDFLAGS = \
     -version-info $(LIBCRYPTUI_LT_RELEASE)
     
 libcryptui_la_LIBADD = $(LIBCRYPTUI_LIBS) 
 
+# ------------------------------------------------------------------
+# PKGCONFIG
+# 
+
 pkgconfigdir = $(libdir)/pkgconfig
 pkgconfig_DATA = cryptui-$(LIBCRYPTUI_MAJOR).pc
 
+cryptui-$(LIBCRYPTUI_MAJOR).pc: cryptui.pc
+	cp cryptui.pc cryptui-$(LIBCRYPTUI_MAJOR).pc
+
+# ------------------------------------------------------------------
+# ASN1 FILES
+
+ASN1_FILES = \
+	pk.asn \
+	pkix.asn
+	
+TAB_FILES = $(ASN1_FILES:.asn=.tab)
+
+.asn.tab:
+	asn1Parser -o $@ $< 
+	
+# ------------------------------------------------------------------
+# UI BUILDER
+# 
+
+uidir = $(datadir)/cryptui/ui/
+
+GLADE_FILES = \
+	crui-x509-cert-basics.glade
+	
+.glade.ui: 
+	gtk-builder-convert --skip-windows $< $@
+	
+ui_DATA = $(GLADE_FILES:.glade=.ui)
+
+# ------------------------------------------------------------------
+# COMMON
+
+INCLUDES = -I$(top_builddir) \
+	-I$(top_srcdir) \
+	$(LIBCRYPTUI_CFLAGS) \
+	-DLIBCRYPTUI_BUILD=1 \
+	-DLIBCRYPTUI_API_SUBJECT_TO_CHANGE \
+	-DUIDIR=\""$(uidir)"\"
+
 EXTRA_DIST = \
-    cryptui-marshal.list \
-    cryptui.pc.in
+	cryptui-marshal.list \
+	cryptui.pc.in \
+	$(GLADE_FILES) \
+	$(ui_DATA) \
+	$(TAB_FILES)
     
 CLEANFILES = \
-    cryptui-marshal.h \
-    cryptui-marshal.c \
-    $(pkgconfig_DATA)
-
-cryptui-marshal.h: cryptui-marshal.list $(GLIB_GENMARSHAL)
-	$(GLIB_GENMARSHAL) $< --header --prefix=cryptui_marshal > $@
-
-cryptui-marshal.c: cryptui-marshal.list $(GLIB_GENMARSHAL)
-	echo "#include \"cryptui-marshal.h\"" > $@ && \
-	$(GLIB_GENMARSHAL) $< --body --prefix=cryptui_marshal >> $@
+	cryptui-marshal.h \
+    	cryptui-marshal.c \
+    	$(ui_DATA) \
+	$(TAB_FILES) \
+    	$(pkgconfig_DATA)
 
-cryptui-$(LIBCRYPTUI_MAJOR).pc: cryptui.pc
-	cp cryptui.pc cryptui-$(LIBCRYPTUI_MAJOR).pc
+BUILT_SOURCES = \
+	$(MARSHALLERS) \
+	$(TAB_FILES)

Added: trunk/libcryptui/crui-asn1.c
==============================================================================
--- (empty file)
+++ trunk/libcryptui/crui-asn1.c	Sat Nov 22 23:42:50 2008
@@ -0,0 +1,749 @@
+/* 
+ * Seahorse
+ * 
+ * Copyright (C) 2008 Stefan Walter
+ * 
+ * This program is free software; you can redistribute it and/or modify 
+ * it under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *  
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *  
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
+ * 02111-1307, USA.  
+ */
+
+#include "config.h"
+
+#include "crui-asn1.h"
+
+#include <libtasn1.h>
+
+#include <string.h>
+
+/* 
+ * HACK: asn1Parser defines these arrays as extern const, which gives 
+ * gcc a fit. So we def it out. 
+ */
+ 
+#define extern 
+#include "pk.tab"
+#include "pkix.tab"
+#undef extern 
+
+static gboolean asn1_initialized = FALSE;
+static ASN1_TYPE asn1_pk = NULL; 
+static ASN1_TYPE asn1_pkix = NULL;
+
+typedef struct _PrintableOid {
+	GQuark oid;
+	const gchar *oidstr;
+	const gchar *display;
+	gboolean is_choice;
+} PrintableOid;
+
+static PrintableOid printable_oids[] = {
+	{ 0, "0.9.2342.19200300.100.1.25", "DC", FALSE },
+	{ 0, "0.9.2342.19200300.100.1.1", "UID", TRUE },
+
+	{ 0, "1.2.840.113549.1.9.1", "EMAIL", FALSE },
+	{ 0, "1.2.840.113549.1.9.7", NULL, TRUE },
+	{ 0, "1.2.840.113549.1.9.20", NULL, FALSE },
+	
+	{ 0, "1.3.6.1.5.5.7.9.1", "dateOfBirth", FALSE },
+	{ 0, "1.3.6.1.5.5.7.9.2", "placeOfBirth", FALSE },
+	{ 0, "1.3.6.1.5.5.7.9.3", "gender", FALSE },
+        { 0, "1.3.6.1.5.5.7.9.4", "countryOfCitizenship", FALSE },
+        { 0, "1.3.6.1.5.5.7.9.5", "countryOfResidence", FALSE },
+
+	{ 0, "2.5.4.3", "CN", TRUE },
+	{ 0, "2.5.4.4", "surName", TRUE },
+	{ 0, "2.5.4.5", "serialNumber", FALSE },
+	{ 0, "2.5.4.6", "C", FALSE, },
+	{ 0, "2.5.4.7", "L", TRUE },
+	{ 0, "2.5.4.8", "ST", TRUE },
+	{ 0, "2.5.4.9", "STREET", TRUE },
+	{ 0, "2.5.4.10", "O", TRUE },
+	{ 0, "2.5.4.11", "OU", TRUE },
+	{ 0, "2.5.4.12", "T", TRUE },
+	{ 0, "2.5.4.20", "telephoneNumber", FALSE },
+	{ 0, "2.5.4.42", "givenName", TRUE },
+	{ 0, "2.5.4.43", "initials", TRUE },
+	{ 0, "2.5.4.44", "generationQualifier", TRUE },
+	{ 0, "2.5.4.46", "dnQualifier", FALSE },
+	{ 0, "2.5.4.65", "pseudonym", TRUE },
+
+	{ 0, NULL, NULL, FALSE }
+};
+
+ASN1_TYPE 
+_crui_asn1_get_definitions (const char *type)
+{
+	ASN1_TYPE *where = NULL;
+	const ASN1_ARRAY_TYPE *tab = NULL;
+	int res;
+
+	if (!asn1_initialized) {
+		asn1_check_version (LIBTASN1_VERSION);
+		asn1_initialized = TRUE;
+	}
+	
+	if (strncmp (type, "PKIX1.", 6) == 0) {
+		tab = pkix_asn1_tab;
+		where = &asn1_pkix;
+	} else if (strncmp (type, "PK.", 3) == 0) {
+		tab = pk_asn1_tab;
+		where = &asn1_pk;
+	} else {
+		g_return_val_if_reached (NULL);
+	}
+	
+	if (!*where) {
+		res = asn1_array2tree (tab, where, NULL);
+		g_return_val_if_fail (res == ASN1_SUCCESS, NULL);
+	}
+	
+	return *where;
+}
+
+ASN1_TYPE
+_crui_asn1_decode (const gchar *type, const guchar *data, gsize n_data)
+{
+	ASN1_TYPE definitions = _crui_asn1_get_definitions (type);
+	ASN1_TYPE asn;
+	int res;
+
+	res = asn1_create_element (definitions, type, &asn); 
+	g_return_val_if_fail (res == ASN1_SUCCESS, NULL);
+	
+	res = asn1_der_decoding (&asn, data, n_data, NULL);
+	if (res != ASN1_SUCCESS) {
+		asn1_delete_structure (&asn);
+		return NULL;
+	}
+	
+	return asn;
+}
+
+gboolean
+_crui_asn1_have_value (ASN1_TYPE asn, const gchar *part)
+{
+	int l, res;
+	
+	g_return_val_if_fail (asn, FALSE);
+	g_return_val_if_fail (part, FALSE);
+	
+	l = 0;
+	res = asn1_read_value (asn, part, NULL, &l);
+	g_return_val_if_fail (res != ASN1_SUCCESS, FALSE);
+	if (res != ASN1_MEM_ERROR)
+		return FALSE;
+	
+	return TRUE;
+}
+
+guchar*
+_crui_asn1_read_value (ASN1_TYPE asn, const gchar *part, gsize *len)
+{
+	int l, res;
+	guchar *buf;
+	
+	g_return_val_if_fail (asn, NULL);
+	g_return_val_if_fail (part, NULL);
+	g_return_val_if_fail (len, NULL);
+	
+	*len = 0;
+
+	l = 0;
+	res = asn1_read_value (asn, part, NULL, &l);
+	g_return_val_if_fail (res != ASN1_SUCCESS, NULL);
+	if (res != ASN1_MEM_ERROR)
+		return NULL;
+		
+	/* Always null terminate it, just for convenience */
+	buf = g_malloc0 (l + 1);
+	
+	res = asn1_read_value (asn, part, buf, &l);
+	if (res != ASN1_SUCCESS) {
+		g_free (buf);
+		buf = NULL;
+	} else {
+		*len = l;
+	}
+	
+	return buf;
+}
+
+gchar*
+_crui_asn1_read_string (ASN1_TYPE asn, const gchar *part)
+{
+	int l, res;
+	gchar *buf;
+	
+	g_return_val_if_fail (asn, NULL);
+	g_return_val_if_fail (part, NULL);
+	
+	l = 0;
+	res = asn1_read_value (asn, part, NULL, &l);
+	g_return_val_if_fail (res != ASN1_SUCCESS, NULL);
+	if (res != ASN1_MEM_ERROR)
+		return NULL;
+		
+	/* Always null terminate it, just for convenience */
+	buf = g_malloc0 (l + 1);
+	
+	res = asn1_read_value (asn, part, buf, &l);
+	if (res != ASN1_SUCCESS) {
+		g_free (buf);
+		buf = NULL;
+	}
+	
+	return buf;
+}
+
+GQuark
+_crui_asn1_read_oid (ASN1_TYPE asn, const gchar *part)
+{
+	GQuark quark;
+	guchar *buf;
+	gsize n_buf;
+	
+	buf = _crui_asn1_read_value (asn, part, &n_buf);
+	if (!buf)
+		return 0;
+		
+	quark = g_quark_from_string ((gchar*)buf);
+	g_free (buf);
+	
+	return quark;
+}
+
+gboolean
+_crui_asn1_read_boolean (ASN1_TYPE asn, const gchar *part, gboolean *val)
+{
+	gchar buffer[32];
+	int n_buffer = sizeof (buffer) - 1;
+	int res;
+	
+	g_return_val_if_fail (asn, FALSE);
+	g_return_val_if_fail (part, FALSE);
+	g_return_val_if_fail (val, FALSE);
+	
+	memset (buffer, 0, sizeof (buffer));
+	
+	res = asn1_read_value (asn, part, buffer, &n_buffer);
+	if (res != ASN1_SUCCESS)
+		return FALSE;
+		
+	if (g_ascii_strcasecmp (buffer, "TRUE") == 0)
+		*val = TRUE;
+	else
+		*val = FALSE;
+		
+	return TRUE;
+}
+
+gboolean
+_crui_asn1_read_uint (ASN1_TYPE asn, const gchar *part, guint *val)
+{
+	guchar buf[4];
+	int n_buf = sizeof (buf);
+	gsize i;
+	int res;
+	
+	g_return_val_if_fail (asn, FALSE);
+	g_return_val_if_fail (part, FALSE);
+	g_return_val_if_fail (val, FALSE);
+	
+	res = asn1_read_value (asn, part, buf, &n_buf);
+	if(res != ASN1_SUCCESS)
+		return FALSE;
+
+	if (n_buf > 4 || n_buf < 1)
+		return FALSE;
+
+	*val = 0;
+	for (i = 0; i < n_buf; ++i)
+		*val |= buf[i] << (8 * ((n_buf - 1) - i));
+
+	return TRUE;
+}
+
+/* -------------------------------------------------------------------------------
+ * Reading Dates
+ */
+
+#define SECS_PER_DAY  86400
+#define SECS_PER_HOUR 3600
+#define SECS_PER_MIN  60
+
+static int
+atoin (const char *p, int digits)
+{
+	int ret = 0, base = 1;
+	while(--digits >= 0) {
+		if (p[digits] < '0' || p[digits] > '9')
+			return -1;
+		ret += (p[digits] - '0') * base;
+		base *= 10;
+	}
+	return ret;
+}
+
+static int
+two_to_four_digit_year (int year)
+{
+	time_t now;
+	struct tm tm;
+	int century, current;
+	
+	g_return_val_if_fail (year > 0 && year <= 99, -1);
+	
+	/* Get the current year */
+	now = time (NULL);
+	g_return_val_if_fail (now >= 0, -1);
+	if (!gmtime_r (&now, &tm))
+		g_return_val_if_reached (-1);
+
+	current = (tm.tm_year % 100);
+	century = (tm.tm_year + 1900) - current;
+
+	/* 
+	 * Check if it's within 40 years before the 
+	 * current date. 
+	 */
+	if (current < 40) {
+		if (year < current)
+			return century + year;
+		if (year > 100 - (40 - current))
+			return (century - 100) + year;
+	} else {
+		if (year < current && year > (current - 40))
+			return century + year;
+	}
+	
+	/* 
+	 * If it's after then adjust for overflows to
+	 * the next century.
+	 */
+	if (year < current)
+		return century + 100 + year;
+	else
+		return century + year;
+}
+
+GDate*
+_crui_asn1_parse_date (const gchar *time, gboolean full_year)
+{
+	GDate date;
+	guint n_time;
+	const char *p, *e;
+	int seconds;
+
+	g_assert (time);	
+	n_time = strlen (time);
+	
+	/* 
+	 * YYMMDDhhmmss.ffff Z | +0000 
+	 * 
+	 * or 
+	 * 
+	 * YYYYMMDDhhmmss.ffff Z | +0000
+	 */
+	
+	/* Reset everything to default legal values */
+	g_date_clear (&date, 1);
+	seconds = 0;
+	
+	/* Select the digits part of it */
+	p = time;
+	for (e = p; *e >= '0' && *e <= '9'; ++e);
+	
+	/* A four digit year */
+	if (full_year) {
+		if (p + 4 <= e) {
+			g_date_set_year (&date, atoin (p, 4));
+			p += 4;
+		}
+		
+	/* A two digit year */
+	} else {
+		if (p + 2 <= e) {
+			int year = atoin (p, 2);
+			p += 2;
+		
+			/* 
+			 * 40 years in the past is our century. 60 years
+			 * in the future is the next century. 
+			 */
+			g_date_set_year (&date, two_to_four_digit_year (year));
+		}
+	}
+	
+	/* The month */
+	if (p + 2 <= e) {
+		g_date_set_month (&date, atoin (p, 2));
+		p += 2;
+	}
+	
+	/* The day of month */
+	if (p + 2 <= e) {
+		g_date_set_day (&date, atoin (p, 2));
+		p += 2;
+	}
+	
+	/* The hour */
+	if (p + 2 <= e) {
+		seconds += (atoin (p, 2) * SECS_PER_HOUR);
+		p += 2;
+	}
+	
+	/* The minute */
+	if (p + 2 <= e) {
+		seconds += (atoin (p, 2) * SECS_PER_MIN);
+		p += 2;
+	}
+	
+	/* The seconds */
+	if (p + 2 <= e) {
+		seconds += atoin (p, 2);
+		p += 2;
+	}
+
+	if (!g_date_valid (&date) || seconds > SECS_PER_DAY)
+		return NULL;
+	    	
+	/* Make sure all that got parsed */
+	if (p != e)
+		return NULL;
+
+	/* Now the remaining optional stuff */
+	e = time + n_time;
+		
+	/* See if there's a fraction, and discard it if so */
+	if (p < e && *p == '.' && p + 5 <= e)
+		p += 5;
+		
+	/* See if it's UTC */
+	if (p < e && *p == 'Z') {
+		p += 1;
+
+	/* See if it has a timezone */	
+	} else if ((*p == '-' || *p == '+') && p + 3 <= e) { 
+		int off, neg;
+		
+		neg = *p == '-';
+		++p;
+		
+		off = atoin (p, 2) * SECS_PER_HOUR;
+		if (off < 0 || off > SECS_PER_DAY)
+			return NULL;
+		p += 2;
+		
+		if (p + 2 <= e) {
+			off += atoin (p, 2) * SECS_PER_MIN;
+			p += 2;
+		}
+
+		/* See if TZ offset sends us to a different day */
+		if (neg && off > seconds)
+			g_date_subtract_days (&date, 1);
+		else if (!neg && off > (SECS_PER_DAY - seconds))
+			g_date_add_days (&date, 1);
+	}
+
+	/* Make sure everything got parsed */	
+	if (p != e)
+		return NULL;
+
+	return g_date_new_dmy (g_date_get_day (&date),
+	                       g_date_get_month (&date),
+	                       g_date_get_year (&date));
+}
+
+GDate*
+_crui_asn1_read_date (ASN1_TYPE asn, const gchar *part)
+{
+	#define MAX_TIME 1024
+	gchar ttime[MAX_TIME];
+	gchar *name;
+	int len, res;
+	gboolean full_year = TRUE;
+	
+	g_return_val_if_fail (asn, NULL);
+	g_return_val_if_fail (part, NULL);
+
+	len = sizeof (ttime) - 1;
+	res = asn1_read_value (asn, part, ttime, &len);
+	if (res != ASN1_SUCCESS)
+		return NULL;
+		
+	/* CHOICE */
+	if (strcmp (ttime, "generalTime") == 0) {
+		name = g_strconcat (part, ".generalTime", NULL);
+		full_year = TRUE;
+		
+	/* UTCTIME */
+	} else {
+		name = g_strconcat (part, ".utcTime", NULL);
+		full_year = FALSE;
+	}
+	
+	len = sizeof (ttime) - 1;
+	res = asn1_read_value (asn, name, ttime, &len);
+	g_free (name);
+	if (res != ASN1_SUCCESS)
+		return FALSE;
+
+	return _crui_asn1_parse_date (ttime, full_year);
+}
+
+/* -------------------------------------------------------------------------------
+ * Reading DN's
+ */
+
+static PrintableOid*
+dn_find_printable (GQuark oid)
+{
+	PrintableOid *printable;
+	int i;
+	
+	g_return_val_if_fail (oid != 0, NULL);
+	
+	for (i = 0; printable_oids[i].oidstr != NULL; ++i) {
+		printable = &printable_oids[i];
+		if (!printable->oid)
+			printable->oid = g_quark_from_static_string (printable->oidstr);
+		if (printable->oid == oid)
+			return printable;
+	}
+	
+	return NULL;
+}
+
+static const char HEXC[] = "0123456789ABCDEF";
+
+static gchar*
+dn_print_hex_value (const guchar *data, gsize len)
+{
+	GString *result = g_string_sized_new (len * 2 + 1);
+	gsize i;
+	
+	g_string_append_c (result, '#');
+	for (i = 0; i < len; ++i) {
+		g_string_append_c (result, HEXC[data[i] >> 4 & 0xf]);
+		g_string_append_c (result, HEXC[data[i] & 0xf]);
+	}
+	
+	return g_string_free (result, FALSE);
+}
+
+static gchar* 
+dn_print_oid_value_parsed (PrintableOid *printable, guchar *data, gsize len)
+{
+	const gchar *asn_name;
+	ASN1_TYPE asn1;
+	gchar *part;
+	gchar *value;
+	
+	g_assert (printable);
+	g_assert (data);
+	g_assert (len);
+	g_assert (printable->oid);
+	
+	asn_name = asn1_find_structure_from_oid (_crui_asn1_get_definitions ("PKIX1."), 
+	                                         printable->oidstr);
+	g_return_val_if_fail (asn_name, NULL);
+	
+	part = g_strdup_printf ("PKIX1.%s", asn_name);
+	asn1 = _crui_asn1_decode (part, data, len);
+	g_free (part);
+	
+	if (!asn1) {
+		g_message ("couldn't decode value for OID: %s", printable->oidstr);
+		return NULL;
+	}
+
+	value = _crui_asn1_read_string (asn1, "");
+	
+	/*
+	 * If it's a choice element, then we have to read depending
+	 * on what's there.
+	 */
+	if (value && printable->is_choice) {
+		if (strcmp ("printableString", value) == 0 ||
+		    strcmp ("ia5String", value) == 0 ||
+		    strcmp ("utf8String", value) == 0 ||
+		    strcmp ("teletexString", value) == 0) {
+			part = value;
+			value = _crui_asn1_read_string (asn1, part);
+			g_free (part);
+		} else {
+			g_free (value);
+			return NULL;
+		}
+	}
+
+	if (!value) {
+		g_message ("couldn't read value for OID: %s", printable->oidstr);
+		return NULL;
+	}
+
+	/* 
+	 * Now we make sure it's UTF-8. 
+	 */
+	if (!g_utf8_validate (value, -1, NULL)) {
+		gchar *hex = dn_print_hex_value ((guchar*)value, strlen (value));
+		g_free (value);
+		value = hex;
+	}
+	
+	return value;
+}
+
+static gchar*
+dn_print_oid_value (PrintableOid *printable, guchar *data, gsize len)
+{
+	gchar *value;
+	
+	if (printable) {
+		value = dn_print_oid_value_parsed (printable, data, len);
+		if (value != NULL)
+			return value;
+	}
+	
+	return dn_print_hex_value (data, len);
+}
+
+static gchar* 
+_crui_asn1_read_rdn (ASN1_TYPE asn, const gchar *part)
+{
+	PrintableOid *printable;
+	GQuark oid;
+	gchar *path;
+	guchar *value;
+	gsize n_value;
+	gchar *display;
+	gchar *result;
+	
+	path = g_strdup_printf ("%s.type", part);
+	oid = _crui_asn1_read_oid (asn, path);
+	g_free (path);
+
+	if (!oid)
+		return NULL;
+	
+	path = g_strdup_printf ("%s.value", part);
+	value = _crui_asn1_read_value (asn, path, &n_value);
+	g_free (path);
+	
+	printable = dn_find_printable (oid);
+	
+	g_return_val_if_fail (value, NULL);
+	display = dn_print_oid_value (printable, value, n_value);
+	
+	result = g_strconcat (printable ? printable->display : g_quark_to_string (oid), 
+			      "=", display, NULL);
+	g_free (display);
+	
+	return result;
+}
+
+gchar*
+_crui_asn1_read_dn (ASN1_TYPE asn, const gchar *part)
+{
+	gboolean done = FALSE;
+	GString *result;
+	gchar *path;
+	gchar *rdn;
+	gint i, j;
+	
+	g_return_val_if_fail (asn, NULL);
+	result = g_string_sized_new (64);
+	
+	/* Each (possibly multi valued) RDN */
+	for (i = 1; !done; ++i) {
+		
+		/* Each type=value pair of an RDN */
+		for (j = 1; TRUE; ++j) {
+			path = g_strdup_printf ("%s%s?%u.?%u", part ? part : "", 
+			                        part ? "." : "", i, j);
+			rdn = _crui_asn1_read_rdn (asn, path);
+			g_free (path);
+
+			if (!rdn) {
+				done = j == 1;
+				break;
+			}
+			
+			/* Account for multi valued RDNs */
+			if (j > 1)
+				g_string_append (result, "+");
+			else if (i > 1)
+				g_string_append (result, ", ");
+			
+			g_string_append (result, rdn);
+			g_free (rdn);
+		}
+	}
+
+	/* Returns null when string is empty */
+	return g_string_free (result, (result->len == 0));
+}
+
+gchar*
+_crui_asn1_read_dn_part (ASN1_TYPE asn, const gchar *part, const gchar *match)
+{
+	PrintableOid *printable;
+	gboolean done = FALSE;
+	guchar *value;
+	gsize n_value;
+	gchar *path;
+	GQuark oid;
+	gint i, j;
+	
+	g_return_val_if_fail (asn, NULL);
+	
+	/* Each (possibly multi valued) RDN */
+	for (i = 1; !done; ++i) {
+		
+		/* Each type=value pair of an RDN */
+		for (j = 1; TRUE; ++j) {
+			path = g_strdup_printf ("%s%s?%u.?%u.type", 
+			                        part ? part : "", 
+			                        part ? "." : "", i, j);
+			oid = _crui_asn1_read_oid (asn, path);
+			g_free (path);
+
+			if (!oid) {
+				done = j == 1;
+				break;
+			}
+			
+			/* Does it match either the OID or the displayable? */
+			if (g_ascii_strcasecmp (g_quark_to_string (oid), match) != 0) {
+				printable = dn_find_printable (oid);
+				if (!printable || !printable->display || 
+				    !g_ascii_strcasecmp (printable->display, match) == 0)
+					continue;
+			}
+
+			path = g_strdup_printf ("%s%s?%u.?%u.value", 
+			                        part ? part : "", 
+			                        part ? "." : "", i, j);
+			value = _crui_asn1_read_value (asn, path, &n_value);
+			g_free (path);
+			
+			g_return_val_if_fail (value, NULL);
+			return dn_print_oid_value (printable, value, n_value);
+		}
+	}
+	
+	return NULL;
+}

Added: trunk/libcryptui/crui-asn1.h
==============================================================================
--- (empty file)
+++ trunk/libcryptui/crui-asn1.h	Sat Nov 22 23:42:50 2008
@@ -0,0 +1,53 @@
+/* 
+ * Seahorse
+ * 
+ * Copyright (C) 2008 Stefan Walter
+ * 
+ * This program is free software; you can redistribute it and/or modify 
+ * it under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *  
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *  
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
+ * 02111-1307, USA.  
+ */
+
+#ifndef CRUIASN1_H_
+#define CRUIASN1_H_
+
+#include <glib.h>
+
+#include <libtasn1.h>
+
+ASN1_TYPE          _crui_asn1_get_definitions               (const gchar *type);
+
+ASN1_TYPE          _crui_asn1_decode                        (const gchar *type, const guchar *data, gsize n_data);
+
+gboolean           _crui_asn1_have_value                    (ASN1_TYPE asn, const gchar *part);
+
+guchar*            _crui_asn1_read_value                    (ASN1_TYPE asn, const gchar *part, gsize *len);
+
+gchar*             _crui_asn1_read_string                   (ASN1_TYPE asn, const gchar *part);
+
+GQuark             _crui_asn1_read_oid                      (ASN1_TYPE asn, const gchar *part);
+
+gchar*             _crui_asn1_read_dn                       (ASN1_TYPE asn, const gchar *part);
+
+gchar*             _crui_asn1_read_dn_part                  (ASN1_TYPE asn, const gchar *part, const gchar *dnpart);
+
+gboolean           _crui_asn1_read_boolean                  (ASN1_TYPE asn, const gchar *part, gboolean *val);
+
+gboolean           _crui_asn1_read_uint                     (ASN1_TYPE asn, const gchar *part, guint *val);
+
+GDate*             _crui_asn1_read_date                     (ASN1_TYPE asn, const gchar *part);
+
+GDate*             _crui_asn1_parse_date                    (const gchar* value, gboolean full_year);
+
+#endif /* CRUIASN1_H_ */

Added: trunk/libcryptui/crui-util.c
==============================================================================
--- (empty file)
+++ trunk/libcryptui/crui-util.c	Sat Nov 22 23:42:50 2008
@@ -0,0 +1,22 @@
+
+#include "config.h"
+
+#include "crui-util.h"
+
+static const char HEXC[] = "0123456789ABCDEF";
+
+gchar*
+_crui_util_encode_hex (const guchar *data, gsize n_data)
+{
+	GString *result = g_string_sized_new (n_data * 2 + 1);
+	gsize i;
+	
+	g_return_val_if_fail (data, NULL);
+		
+	for (i = 0; i < n_data; ++i) {
+		g_string_append_c (result, HEXC[data[i] >> 4 & 0xf]);
+		g_string_append_c (result, HEXC[data[i] & 0xf]);
+	}
+		
+	return g_string_free (result, FALSE);
+}

Added: trunk/libcryptui/crui-util.h
==============================================================================
--- (empty file)
+++ trunk/libcryptui/crui-util.h	Sat Nov 22 23:42:50 2008
@@ -0,0 +1,8 @@
+#ifndef CRUIUTIL_H_
+#define CRUIUTIL_H_
+
+#include <glib.h>
+
+gchar*    _crui_util_encode_hex (const guchar *data, gsize n_data);
+
+#endif /* CRUIUTIL_H_ */

Added: trunk/libcryptui/crui-x509-cert-basics.c
==============================================================================
--- (empty file)
+++ trunk/libcryptui/crui-x509-cert-basics.c	Sat Nov 22 23:42:50 2008
@@ -0,0 +1,320 @@
+/* 
+ * Seahorse
+ * 
+ * Copyright (C) 2008 Stefan Walter
+ * 
+ * This program is free software; you can redistribute it and/or modify 
+ * it under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *  
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *  
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
+ * 02111-1307, USA.  
+ */
+
+#include "config.h"
+
+#include "crui-x509-cert-basics.h"
+
+#include "crui-x509-cert.h"
+
+#include <glib/gi18n-lib.h>
+
+enum {
+	PROP_0,
+	PROP_CERTIFICATE
+};
+
+struct _CruiX509CertBasicsPrivate {
+	CruiX509Cert *certificate;
+	GtkBuilder *builder;
+};
+
+G_DEFINE_TYPE (CruiX509CertBasics, crui_x509_cert_basics, GTK_TYPE_ALIGNMENT);
+
+#define CRUI_X509_CERT_BASICS_GET_PRIVATE(o) \
+	(G_TYPE_INSTANCE_GET_PRIVATE ((o), CRUI_TYPE_X509_CERT_BASICS, CruiX509CertBasicsPrivate))
+
+/* -----------------------------------------------------------------------------
+ * INTERNAL 
+ */
+
+static void
+set_certificate_part_label (GtkBuilder *builder, const char *name, const gchar *value)
+{
+	GtkWidget *widget;
+	gchar *markup;
+	
+	widget = GTK_WIDGET (gtk_builder_get_object (builder, name));
+	g_return_if_fail (GTK_IS_LABEL (widget));
+	if(value)
+	{
+		markup = g_markup_escape_text (value, -1);
+		gtk_label_set_markup (GTK_LABEL (widget), markup);
+		g_free (markup);
+	}
+	else
+	{
+		gtk_label_set_markup (GTK_LABEL (widget), _("<i>Not Part of Certificate</i>"));
+	}
+}
+
+static void
+set_certificate_part_date (GtkBuilder *builder, const char *name, const GDate *value)
+{
+	GtkWidget *widget;
+	gchar *formatted;
+	
+	widget = GTK_WIDGET (gtk_builder_get_object (builder, name));
+	g_return_if_fail (GTK_IS_LABEL (widget));
+	if(value)
+	{
+		formatted = g_new (gchar, 11);
+		g_date_strftime (formatted, 11, "%Y-%m-%d", value);
+		gtk_label_set_text (GTK_LABEL (widget), formatted);
+		g_free (formatted);
+	}
+	else
+	{
+		gtk_label_set_markup (GTK_LABEL (widget), _("<i>unknown</i>"));
+	}
+}
+
+static void
+refresh_display (CruiX509CertBasics *self)
+{
+	CruiX509CertBasicsPrivate *pv = CRUI_X509_CERT_BASICS_GET_PRIVATE (self);
+	gchar *value;
+	GDate *date;
+	
+	/* Issued To / Subject */
+	
+	value = NULL;
+	if (pv->certificate)
+		value = crui_x509_cert_get_subject_cn (pv->certificate);
+	set_certificate_part_label (pv->builder, "issued-to-cn", value);
+	g_free (value);
+	
+	value = NULL;
+	if (pv->certificate)
+		value = crui_x509_cert_get_subject_part (pv->certificate, "o");
+	set_certificate_part_label (pv->builder, "issued-to-o", value);
+	g_free (value);
+
+	value = NULL;
+	if (pv->certificate)
+		value = crui_x509_cert_get_subject_part (pv->certificate, "ou");
+	set_certificate_part_label (pv->builder, "issued-to-ou", value);
+	g_free (value);
+
+	value = NULL;
+	if (pv->certificate)
+		value = crui_x509_cert_get_serial_number_hex (pv->certificate);
+	set_certificate_part_label (pv->builder, "issued-to-serial", value);
+	g_free (value);
+	
+	
+	/* Issued By / Issuer */
+	
+	value = NULL;
+	if (pv->certificate)
+		value = crui_x509_cert_get_issuer_cn (pv->certificate);
+	set_certificate_part_label (pv->builder, "issued-by-cn", value);
+	g_free (value);
+	
+	value = NULL;
+	if (pv->certificate)
+		value = crui_x509_cert_get_issuer_part (pv->certificate, "o");
+	set_certificate_part_label (pv->builder, "issued-by-o", value);
+	g_free (value);
+
+	value = NULL;
+	if (pv->certificate)
+		value = crui_x509_cert_get_issuer_part (pv->certificate, "ou");
+	set_certificate_part_label (pv->builder, "issued-by-ou", value);
+	g_free (value);
+
+	
+	/* Expiry */
+	
+	date = NULL;
+	if (pv->certificate)
+		date = crui_x509_cert_get_issued_date (pv->certificate);
+	set_certificate_part_date (pv->builder, "validity-issued-on", date);
+	if (date)
+		g_date_free (date);
+	
+	date = NULL;
+	if (pv->certificate)
+		date = crui_x509_cert_get_expiry_date (pv->certificate);
+	set_certificate_part_date (pv->builder, "validity-expires-on", date);
+	if (date)
+		g_date_free (date);
+
+	
+	/* Fingerprints */
+	value = NULL;
+	if (pv->certificate)
+		value = crui_x509_cert_get_fingerprint_hex (pv->certificate, G_CHECKSUM_SHA1);
+	set_certificate_part_label (pv->builder, "fingerprints-sha1", value);
+	g_free (value);
+	
+	value = NULL;
+	if (pv->certificate)
+		value = crui_x509_cert_get_fingerprint_hex (pv->certificate, G_CHECKSUM_SHA1);
+	set_certificate_part_label (pv->builder, "fingerprints-md5", value);
+	g_free (value);
+}
+
+/* -----------------------------------------------------------------------------
+ * OBJECT 
+ */
+
+
+static GObject* 
+crui_x509_cert_basics_constructor (GType type, guint n_props, GObjectConstructParam *props) 
+{
+	GObject *obj = G_OBJECT_CLASS (crui_x509_cert_basics_parent_class)->constructor (type, n_props, props);
+	CruiX509CertBasics *self = NULL;
+	CruiX509CertBasicsPrivate *pv;
+	GtkWidget *widget;
+	
+	if (obj) {
+		pv = CRUI_X509_CERT_BASICS_GET_PRIVATE (obj);
+		self = CRUI_X509_CERT_BASICS (obj);
+		
+		if (!gtk_builder_add_from_file (pv->builder, UIDIR "crui-x509-cert-basics.ui", NULL))
+			g_return_val_if_reached (obj);
+	
+		widget = GTK_WIDGET (gtk_builder_get_object (pv->builder, "crui-x509-cert-basics"));
+		g_return_val_if_fail (GTK_IS_WIDGET (widget), obj);
+		gtk_container_add (GTK_CONTAINER (self), widget);
+		gtk_widget_show (widget);
+	}
+	
+	return obj;
+}
+
+static void
+crui_x509_cert_basics_init (CruiX509CertBasics *self)
+{
+	CruiX509CertBasicsPrivate *pv = CRUI_X509_CERT_BASICS_GET_PRIVATE (self);
+	pv->builder = gtk_builder_new ();
+}
+
+static void
+crui_x509_cert_basics_dispose (GObject *obj)
+{
+#if 0
+	CruiX509CertBasics *self = CRUI_X509_CERT_BASICS (obj);
+	CruiX509CertBasicsPrivate *pv = CRUI_X509_CERT_BASICS_GET_PRIVATE (self);
+#endif 
+	
+	G_OBJECT_CLASS (crui_x509_cert_basics_parent_class)->dispose (obj);
+}
+
+static void
+crui_x509_cert_basics_finalize (GObject *obj)
+{
+#if 0
+	CruiX509CertBasics *self = CRUI_X509_CERT_BASICS (obj);
+	CruiX509CertBasicsPrivate *pv = CRUI_X509_CERT_BASICS_GET_PRIVATE (self);
+#endif
+	
+	G_OBJECT_CLASS (crui_x509_cert_basics_parent_class)->finalize (obj);
+}
+
+static void
+crui_x509_cert_basics_set_property (GObject *obj, guint prop_id, const GValue *value, 
+                                    GParamSpec *pspec)
+{
+	CruiX509CertBasics *self = CRUI_X509_CERT_BASICS (obj);
+	CruiX509CertBasicsPrivate *pv = CRUI_X509_CERT_BASICS_GET_PRIVATE (self);
+	
+	switch (prop_id) {
+	case PROP_CERTIFICATE:
+		crui_x509_cert_basics_set_certificate (self, g_value_get_object (value));
+		break;
+	default:
+		G_OBJECT_WARN_INVALID_PROPERTY_ID (obj, prop_id, pspec);
+		break;
+	}
+}
+
+static void
+crui_x509_cert_basics_get_property (GObject *obj, guint prop_id, GValue *value, 
+                                    GParamSpec *pspec)
+{
+	CruiX509CertBasics *self = CRUI_X509_CERT_BASICS (obj);
+	CruiX509CertBasicsPrivate *pv = CRUI_X509_CERT_BASICS_GET_PRIVATE (self);
+	
+	switch (prop_id) {
+	case PROP_CERTIFICATE:
+		g_value_set_object (value, pv->certificate);
+		break;
+	default:
+		G_OBJECT_WARN_INVALID_PROPERTY_ID (obj, prop_id, pspec);
+		break;
+	}
+}
+
+static void
+crui_x509_cert_basics_class_init (CruiX509CertBasicsClass *klass)
+{
+	GObjectClass *gobject_class = G_OBJECT_CLASS (klass);
+    
+	crui_x509_cert_basics_parent_class = g_type_class_peek_parent (klass);
+	g_type_class_add_private (klass, sizeof (CruiX509CertBasicsPrivate));
+
+	gobject_class->constructor = crui_x509_cert_basics_constructor;
+	gobject_class->dispose = crui_x509_cert_basics_dispose;
+	gobject_class->finalize = crui_x509_cert_basics_finalize;
+	gobject_class->set_property = crui_x509_cert_basics_set_property;
+	gobject_class->get_property = crui_x509_cert_basics_get_property;
+    
+	g_object_class_install_property (gobject_class, PROP_CERTIFICATE,
+	           g_param_spec_object("certificate", "Certificate", "Certificate to display.", 
+	                               CRUI_TYPE_X509_CERT, G_PARAM_READWRITE));
+}
+
+/* -----------------------------------------------------------------------------
+ * PUBLIC 
+ */
+
+CruiX509CertBasics*
+crui_x509_cert_basics_new (CruiX509Cert *certificate)
+{
+	return g_object_new (CRUI_TYPE_X509_CERT_BASICS, "certificate", certificate, NULL);
+}
+
+CruiX509Cert*
+crui_x509_cert_basics_get_certificate (CruiX509CertBasics *self)
+{
+	g_return_val_if_fail (CRUI_IS_X509_CERT_BASICS (self), NULL);
+	return CRUI_X509_CERT_BASICS_GET_PRIVATE (self)->certificate;
+}
+
+void
+crui_x509_cert_basics_set_certificate (CruiX509CertBasics *self, CruiX509Cert *cert)
+{
+	CruiX509CertBasicsPrivate *pv; 
+	g_return_if_fail (CRUI_IS_X509_CERT_BASICS (self));
+	
+	pv = CRUI_X509_CERT_BASICS_GET_PRIVATE (self);
+	if (pv->certificate)
+		g_object_unref (pv->certificate);
+	pv->certificate = cert;
+	if (pv->certificate)
+		g_object_ref (pv->certificate);	
+	
+	refresh_display (self);
+	g_object_notify (G_OBJECT (self), "certificate");
+}
+

Added: trunk/libcryptui/crui-x509-cert-basics.glade
==============================================================================
--- (empty file)
+++ trunk/libcryptui/crui-x509-cert-basics.glade	Sat Nov 22 23:42:50 2008
@@ -0,0 +1,512 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<!DOCTYPE glade-interface SYSTEM "glade-2.0.dtd">
+<!--*- mode: xml -*-->
+<glade-interface>
+  <widget class="GtkWindow" id="unused-window">
+    <child>
+      <widget class="GtkVBox" id="crui-x509-cert-basics">
+        <property name="visible">True</property>
+        <property name="border_width">6</property>
+        <property name="spacing">6</property>
+        <child>
+          <widget class="GtkFrame" id="frame1">
+            <property name="label_xalign">0</property>
+            <property name="shadow_type">GTK_SHADOW_NONE</property>
+            <child>
+              <widget class="GtkVBox" id="vbox2">
+                <property name="visible">True</property>
+                <property name="border_width">6</property>
+                <child>
+                  <widget class="GtkLabel" id="ssl-client-cert-verified-label">
+                    <property name="visible">True</property>
+                    <property name="xalign">0</property>
+                    <property name="label" translatable="yes">SSL Client Certificate</property>
+                  </widget>
+                  <packing>
+                    <property name="expand">False</property>
+                    <property name="fill">False</property>
+                  </packing>
+                </child>
+                <child>
+                  <widget class="GtkLabel" id="ssl-server-cert-verified-label">
+                    <property name="visible">True</property>
+                    <property name="xalign">0</property>
+                    <property name="label" translatable="yes">SSL Server Certificate</property>
+                  </widget>
+                  <packing>
+                    <property name="expand">False</property>
+                    <property name="fill">False</property>
+                    <property name="position">1</property>
+                  </packing>
+                </child>
+                <child>
+                  <widget class="GtkLabel" id="email-signer-cert-verified-label">
+                    <property name="visible">True</property>
+                    <property name="xalign">0</property>
+                    <property name="label" translatable="yes">Email Signer Certificate</property>
+                  </widget>
+                  <packing>
+                    <property name="expand">False</property>
+                    <property name="fill">False</property>
+                    <property name="position">2</property>
+                  </packing>
+                </child>
+                <child>
+                  <widget class="GtkLabel" id="email-recipient-cert-verified-label">
+                    <property name="visible">True</property>
+                    <property name="xalign">0</property>
+                    <property name="label" translatable="yes">Email Recipient Certificate</property>
+                  </widget>
+                  <packing>
+                    <property name="expand">False</property>
+                    <property name="fill">False</property>
+                    <property name="position">3</property>
+                  </packing>
+                </child>
+              </widget>
+            </child>
+            <child>
+              <widget class="GtkLabel" id="label3">
+                <property name="visible">True</property>
+                <property name="label" translatable="yes">&lt;b&gt;This certificate has been verified for the following uses:&lt;/b&gt;</property>
+                <property name="use_markup">True</property>
+              </widget>
+              <packing>
+                <property name="type">label_item</property>
+              </packing>
+            </child>
+          </widget>
+          <packing>
+            <property name="expand">False</property>
+          </packing>
+        </child>
+        <child>
+          <widget class="GtkHSeparator" id="hseparator1">
+          </widget>
+          <packing>
+            <property name="expand">False</property>
+            <property name="position">1</property>
+          </packing>
+        </child>
+        <child>
+          <widget class="GtkTable" id="table3">
+            <property name="visible">True</property>
+            <property name="border_width">3</property>
+            <property name="n_rows">15</property>
+            <property name="n_columns">2</property>
+            <property name="column_spacing">6</property>
+            <child>
+              <widget class="GtkLabel" id="label25">
+                <property name="visible">True</property>
+                <property name="xalign">0</property>
+                <property name="yalign">1</property>
+                <property name="ypad">3</property>
+                <property name="label" translatable="yes">&lt;b&gt;Issued To&lt;/b&gt;</property>
+                <property name="use_markup">True</property>
+              </widget>
+              <packing>
+                <property name="right_attach">2</property>
+                <property name="x_options">GTK_FILL</property>
+                <property name="y_options"></property>
+              </packing>
+            </child>
+            <child>
+              <widget class="GtkLabel" id="label26">
+                <property name="visible">True</property>
+                <property name="xalign">0</property>
+                <property name="xpad">6</property>
+                <property name="label" translatable="yes">Common Name (CN)</property>
+              </widget>
+              <packing>
+                <property name="top_attach">1</property>
+                <property name="bottom_attach">2</property>
+                <property name="x_options">GTK_FILL</property>
+                <property name="y_options"></property>
+              </packing>
+            </child>
+            <child>
+              <widget class="GtkLabel" id="label27">
+                <property name="visible">True</property>
+                <property name="xalign">0</property>
+                <property name="xpad">6</property>
+                <property name="label" translatable="yes">Organization (O)</property>
+              </widget>
+              <packing>
+                <property name="top_attach">2</property>
+                <property name="bottom_attach">3</property>
+                <property name="x_options">GTK_FILL</property>
+                <property name="y_options"></property>
+              </packing>
+            </child>
+            <child>
+              <widget class="GtkLabel" id="label28">
+                <property name="visible">True</property>
+                <property name="xalign">0</property>
+                <property name="xpad">6</property>
+                <property name="label" translatable="yes">Organizational Unit (OU)</property>
+              </widget>
+              <packing>
+                <property name="top_attach">3</property>
+                <property name="bottom_attach">4</property>
+                <property name="x_options">GTK_FILL</property>
+                <property name="y_options"></property>
+              </packing>
+            </child>
+            <child>
+              <widget class="GtkLabel" id="label29">
+                <property name="visible">True</property>
+                <property name="xalign">0</property>
+                <property name="xpad">6</property>
+                <property name="label" translatable="yes">Serial Number</property>
+              </widget>
+              <packing>
+                <property name="top_attach">4</property>
+                <property name="bottom_attach">5</property>
+                <property name="x_options">GTK_FILL</property>
+                <property name="y_options"></property>
+              </packing>
+            </child>
+            <child>
+              <widget class="GtkLabel" id="label31">
+                <property name="visible">True</property>
+                <property name="xalign">0</property>
+                <property name="xpad">6</property>
+                <property name="label" translatable="yes">Common Name (CN)</property>
+              </widget>
+              <packing>
+                <property name="top_attach">6</property>
+                <property name="bottom_attach">7</property>
+                <property name="x_options">GTK_FILL</property>
+                <property name="y_options"></property>
+              </packing>
+            </child>
+            <child>
+              <widget class="GtkLabel" id="label32">
+                <property name="visible">True</property>
+                <property name="xalign">0</property>
+                <property name="xpad">6</property>
+                <property name="label" translatable="yes">Organization (O)</property>
+              </widget>
+              <packing>
+                <property name="top_attach">7</property>
+                <property name="bottom_attach">8</property>
+                <property name="x_options">GTK_FILL</property>
+                <property name="y_options"></property>
+              </packing>
+            </child>
+            <child>
+              <widget class="GtkLabel" id="label33">
+                <property name="visible">True</property>
+                <property name="xalign">0</property>
+                <property name="xpad">6</property>
+                <property name="label" translatable="yes">Organizational Unit (OU)</property>
+              </widget>
+              <packing>
+                <property name="top_attach">8</property>
+                <property name="bottom_attach">9</property>
+                <property name="x_options">GTK_FILL</property>
+                <property name="y_options"></property>
+              </packing>
+            </child>
+            <child>
+              <widget class="GtkLabel" id="label36">
+                <property name="visible">True</property>
+                <property name="xalign">0</property>
+                <property name="xpad">6</property>
+                <property name="label" translatable="yes">Issued On</property>
+              </widget>
+              <packing>
+                <property name="top_attach">10</property>
+                <property name="bottom_attach">11</property>
+                <property name="x_options">GTK_FILL</property>
+                <property name="y_options"></property>
+              </packing>
+            </child>
+            <child>
+              <widget class="GtkLabel" id="label37">
+                <property name="visible">True</property>
+                <property name="xalign">0</property>
+                <property name="xpad">6</property>
+                <property name="label" translatable="yes">Expires On</property>
+              </widget>
+              <packing>
+                <property name="top_attach">11</property>
+                <property name="bottom_attach">12</property>
+                <property name="x_options">GTK_FILL</property>
+                <property name="y_options"></property>
+              </packing>
+            </child>
+            <child>
+              <widget class="GtkLabel" id="label30">
+                <property name="visible">True</property>
+                <property name="xalign">0</property>
+                <property name="yalign">1</property>
+                <property name="ypad">3</property>
+                <property name="label" translatable="yes">&lt;b&gt;Issued By&lt;/b&gt;</property>
+                <property name="use_markup">True</property>
+              </widget>
+              <packing>
+                <property name="right_attach">2</property>
+                <property name="top_attach">5</property>
+                <property name="bottom_attach">6</property>
+                <property name="x_options">GTK_FILL</property>
+                <property name="y_options"></property>
+              </packing>
+            </child>
+            <child>
+              <widget class="GtkLabel" id="label35">
+                <property name="visible">True</property>
+                <property name="xalign">0</property>
+                <property name="ypad">3</property>
+                <property name="label" translatable="yes">&lt;b&gt;Fingerprints&lt;/b&gt;</property>
+                <property name="use_markup">True</property>
+              </widget>
+              <packing>
+                <property name="right_attach">2</property>
+                <property name="top_attach">12</property>
+                <property name="bottom_attach">13</property>
+                <property name="x_options">GTK_FILL</property>
+                <property name="y_options"></property>
+              </packing>
+            </child>
+            <child>
+              <widget class="GtkLabel" id="label38">
+                <property name="visible">True</property>
+                <property name="xalign">0</property>
+                <property name="xpad">6</property>
+                <property name="label" translatable="yes">SHA1 Fingerprint</property>
+              </widget>
+              <packing>
+                <property name="top_attach">13</property>
+                <property name="bottom_attach">14</property>
+                <property name="x_options">GTK_FILL</property>
+                <property name="y_options"></property>
+              </packing>
+            </child>
+            <child>
+              <widget class="GtkLabel" id="label39">
+                <property name="visible">True</property>
+                <property name="xalign">0</property>
+                <property name="xpad">6</property>
+                <property name="label" translatable="yes">MD5 Fingerprint</property>
+              </widget>
+              <packing>
+                <property name="top_attach">14</property>
+                <property name="bottom_attach">15</property>
+                <property name="x_options">GTK_FILL</property>
+                <property name="y_options"></property>
+              </packing>
+            </child>
+            <child>
+              <widget class="GtkLabel" id="issued-to-o">
+                <property name="visible">True</property>
+                <property name="can_focus">True</property>
+                <property name="xalign">0</property>
+                <property name="label" translatable="yes">&lt;Not Part of Certificate&gt;</property>
+                <property name="selectable">True</property>
+              </widget>
+              <packing>
+                <property name="left_attach">1</property>
+                <property name="right_attach">2</property>
+                <property name="top_attach">2</property>
+                <property name="bottom_attach">3</property>
+                <property name="x_options">GTK_FILL</property>
+                <property name="y_options"></property>
+              </packing>
+            </child>
+            <child>
+              <widget class="GtkLabel" id="issued-to-ou">
+                <property name="visible">True</property>
+                <property name="can_focus">True</property>
+                <property name="xalign">0</property>
+                <property name="label" translatable="yes">&lt;Not Part of Certificate&gt;</property>
+                <property name="selectable">True</property>
+              </widget>
+              <packing>
+                <property name="left_attach">1</property>
+                <property name="right_attach">2</property>
+                <property name="top_attach">3</property>
+                <property name="bottom_attach">4</property>
+                <property name="x_options">GTK_FILL</property>
+                <property name="y_options"></property>
+              </packing>
+            </child>
+            <child>
+              <widget class="GtkLabel" id="issued-to-serial">
+                <property name="visible">True</property>
+                <property name="can_focus">True</property>
+                <property name="xalign">0</property>
+                <property name="label" translatable="yes">&lt;Not Part of Certificate&gt;</property>
+                <property name="selectable">True</property>
+              </widget>
+              <packing>
+                <property name="left_attach">1</property>
+                <property name="right_attach">2</property>
+                <property name="top_attach">4</property>
+                <property name="bottom_attach">5</property>
+                <property name="x_options">GTK_FILL</property>
+                <property name="y_options"></property>
+              </packing>
+            </child>
+            <child>
+              <widget class="GtkLabel" id="issued-by-cn">
+                <property name="visible">True</property>
+                <property name="can_focus">True</property>
+                <property name="xalign">0</property>
+                <property name="label" translatable="yes">&lt;Not Part of Certificate&gt;</property>
+                <property name="selectable">True</property>
+              </widget>
+              <packing>
+                <property name="left_attach">1</property>
+                <property name="right_attach">2</property>
+                <property name="top_attach">6</property>
+                <property name="bottom_attach">7</property>
+                <property name="x_options">GTK_FILL</property>
+                <property name="y_options"></property>
+              </packing>
+            </child>
+            <child>
+              <widget class="GtkLabel" id="issued-by-o">
+                <property name="visible">True</property>
+                <property name="can_focus">True</property>
+                <property name="xalign">0</property>
+                <property name="label" translatable="yes">&lt;Not Part of Certificate&gt;</property>
+                <property name="selectable">True</property>
+              </widget>
+              <packing>
+                <property name="left_attach">1</property>
+                <property name="right_attach">2</property>
+                <property name="top_attach">7</property>
+                <property name="bottom_attach">8</property>
+                <property name="x_options">GTK_FILL</property>
+                <property name="y_options"></property>
+              </packing>
+            </child>
+            <child>
+              <widget class="GtkLabel" id="issued-by-ou">
+                <property name="visible">True</property>
+                <property name="can_focus">True</property>
+                <property name="xalign">0</property>
+                <property name="label" translatable="yes">&lt;Not Part of Certificate&gt;</property>
+                <property name="selectable">True</property>
+              </widget>
+              <packing>
+                <property name="left_attach">1</property>
+                <property name="right_attach">2</property>
+                <property name="top_attach">8</property>
+                <property name="bottom_attach">9</property>
+                <property name="x_options">GTK_FILL</property>
+                <property name="y_options"></property>
+              </packing>
+            </child>
+            <child>
+              <widget class="GtkLabel" id="validity-issued-on">
+                <property name="visible">True</property>
+                <property name="can_focus">True</property>
+                <property name="xalign">0</property>
+                <property name="label" translatable="yes">&lt;Not Part of Certificate&gt;</property>
+                <property name="selectable">True</property>
+              </widget>
+              <packing>
+                <property name="left_attach">1</property>
+                <property name="right_attach">2</property>
+                <property name="top_attach">10</property>
+                <property name="bottom_attach">11</property>
+                <property name="x_options">GTK_FILL</property>
+                <property name="y_options"></property>
+              </packing>
+            </child>
+            <child>
+              <widget class="GtkLabel" id="validity-expires-on">
+                <property name="visible">True</property>
+                <property name="can_focus">True</property>
+                <property name="xalign">0</property>
+                <property name="label" translatable="yes">&lt;Not Part of Certificate&gt;</property>
+                <property name="selectable">True</property>
+              </widget>
+              <packing>
+                <property name="left_attach">1</property>
+                <property name="right_attach">2</property>
+                <property name="top_attach">11</property>
+                <property name="bottom_attach">12</property>
+                <property name="x_options">GTK_FILL</property>
+                <property name="y_options"></property>
+              </packing>
+            </child>
+            <child>
+              <widget class="GtkLabel" id="fingerprints-sha1">
+                <property name="visible">True</property>
+                <property name="can_focus">True</property>
+                <property name="xalign">0</property>
+                <property name="label" translatable="yes">&lt;Not Part of Certificate&gt;</property>
+                <property name="selectable">True</property>
+              </widget>
+              <packing>
+                <property name="left_attach">1</property>
+                <property name="right_attach">2</property>
+                <property name="top_attach">13</property>
+                <property name="bottom_attach">14</property>
+                <property name="x_options">GTK_FILL</property>
+                <property name="y_options"></property>
+              </packing>
+            </child>
+            <child>
+              <widget class="GtkLabel" id="fingerprints-md5">
+                <property name="visible">True</property>
+                <property name="can_focus">True</property>
+                <property name="xalign">0</property>
+                <property name="label" translatable="yes">&lt;Not Part of Certificate&gt;</property>
+                <property name="selectable">True</property>
+              </widget>
+              <packing>
+                <property name="left_attach">1</property>
+                <property name="right_attach">2</property>
+                <property name="top_attach">14</property>
+                <property name="bottom_attach">15</property>
+                <property name="x_options">GTK_FILL</property>
+                <property name="y_options"></property>
+              </packing>
+            </child>
+            <child>
+              <widget class="GtkLabel" id="issued-to-cn">
+                <property name="visible">True</property>
+                <property name="can_focus">True</property>
+                <property name="xalign">0</property>
+                <property name="label" translatable="yes">&lt;Not Part of Certificate&gt;</property>
+                <property name="selectable">True</property>
+              </widget>
+              <packing>
+                <property name="left_attach">1</property>
+                <property name="right_attach">2</property>
+                <property name="top_attach">1</property>
+                <property name="bottom_attach">2</property>
+                <property name="x_options">GTK_FILL</property>
+                <property name="y_options"></property>
+              </packing>
+            </child>
+            <child>
+              <widget class="GtkLabel" id="label34">
+                <property name="visible">True</property>
+                <property name="xalign">0</property>
+                <property name="ypad">3</property>
+                <property name="label" translatable="yes">&lt;b&gt;Validity&lt;/b&gt;</property>
+                <property name="use_markup">True</property>
+              </widget>
+              <packing>
+                <property name="right_attach">2</property>
+                <property name="top_attach">9</property>
+                <property name="bottom_attach">10</property>
+                <property name="x_options">GTK_FILL</property>
+                <property name="y_options"></property>
+              </packing>
+            </child>
+          </widget>
+          <packing>
+            <property name="expand">False</property>
+            <property name="position">2</property>
+          </packing>
+        </child>
+      </widget>
+    </child>
+  </widget>
+</glade-interface>

Added: trunk/libcryptui/crui-x509-cert-basics.h
==============================================================================
--- (empty file)
+++ trunk/libcryptui/crui-x509-cert-basics.h	Sat Nov 22 23:42:50 2008
@@ -0,0 +1,57 @@
+/* 
+ * Seahorse
+ * 
+ * Copyright (C) 2008 Stefan Walter
+ * 
+ * This program is free software; you can redistribute it and/or modify 
+ * it under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *  
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *  
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
+ * 02111-1307, USA.  
+ */
+
+#ifndef __CRUI_X509_CERT_BASICS_H__
+#define __CRUI_X509_CERT_BASICS_H__
+
+#include <glib-object.h>
+#include <gtk/gtk.h>
+
+#include "crui-x509-cert.h"
+
+#define CRUI_TYPE_X509_CERT_BASICS               (crui_x509_cert_basics_get_type ())
+#define CRUI_X509_CERT_BASICS(obj)               (G_TYPE_CHECK_INSTANCE_CAST ((obj), CRUI_TYPE_X509_CERT_BASICS, CruiX509CertBasics))
+#define CRUI_X509_CERT_BASICS_CLASS(klass)       (G_TYPE_CHECK_CLASS_CAST ((klass), CRUI_TYPE_X509_CERT_BASICS, CruiX509CertBasicsClass))
+#define CRUI_IS_X509_CERT_BASICS(obj)            (G_TYPE_CHECK_INSTANCE_TYPE ((obj), CRUI_TYPE_X509_CERT_BASICS))
+#define CRUI_IS_X509_CERT_BASICS_CLASS(klass)    (G_TYPE_CHECK_CLASS_TYPE ((klass), CRUI_TYPE_X509_CERT_BASICS))
+#define CRUI_X509_CERT_BASICS_GET_CLASS(obj)     (G_TYPE_INSTANCE_GET_CLASS ((obj), CRUI_TYPE_X509_CERT_BASICS, CruiX509CertBasicsClass))
+
+typedef struct _CruiX509CertBasics CruiX509CertBasics;
+typedef struct _CruiX509CertBasicsClass CruiX509CertBasicsClass;
+typedef struct _CruiX509CertBasicsPrivate CruiX509CertBasicsPrivate;
+    
+struct _CruiX509CertBasics {
+	GtkAlignment parent;
+};
+
+struct _CruiX509CertBasicsClass {
+	GtkAlignmentClass parent_class;
+};
+
+GType                     crui_x509_cert_basics_get_type               (void);
+
+CruiX509CertBasics*       crui_x509_cert_basics_new                    (CruiX509Cert *cert);
+
+CruiX509Cert*             crui_x509_cert_basics_get_certificate        (CruiX509CertBasics *basics);
+
+void                      crui_x509_cert_basics_set_certificate        (CruiX509CertBasics *basics, CruiX509Cert *cert);
+
+#endif /* __CRUI_X509_CERT_BASICS_H__ */

Added: trunk/libcryptui/crui-x509-cert-basics.ui
==============================================================================
--- (empty file)
+++ trunk/libcryptui/crui-x509-cert-basics.ui	Sat Nov 22 23:42:50 2008
@@ -0,0 +1,504 @@
+<?xml version="1.0"?>
+<!--*- mode: xml -*-->
+<interface>
+  <object class="GtkVBox" id="crui-x509-cert-basics">
+    <property name="visible">True</property>
+    <property name="border_width">6</property>
+    <property name="spacing">6</property>
+    <child>
+      <object class="GtkFrame" id="frame1">
+        <property name="label_xalign">0</property>
+        <property name="shadow_type">GTK_SHADOW_NONE</property>
+        <child>
+          <object class="GtkVBox" id="vbox2">
+            <property name="visible">True</property>
+            <property name="border_width">6</property>
+            <child>
+              <object class="GtkLabel" id="ssl-client-cert-verified-label">
+                <property name="visible">True</property>
+                <property name="xalign">0</property>
+                <property name="label" translatable="yes">SSL Client Certificate</property>
+              </object>
+              <packing>
+                <property name="expand">False</property>
+                <property name="fill">False</property>
+              </packing>
+            </child>
+            <child>
+              <object class="GtkLabel" id="ssl-server-cert-verified-label">
+                <property name="visible">True</property>
+                <property name="xalign">0</property>
+                <property name="label" translatable="yes">SSL Server Certificate</property>
+              </object>
+              <packing>
+                <property name="expand">False</property>
+                <property name="fill">False</property>
+                <property name="position">1</property>
+              </packing>
+            </child>
+            <child>
+              <object class="GtkLabel" id="email-signer-cert-verified-label">
+                <property name="visible">True</property>
+                <property name="xalign">0</property>
+                <property name="label" translatable="yes">Email Signer Certificate</property>
+              </object>
+              <packing>
+                <property name="expand">False</property>
+                <property name="fill">False</property>
+                <property name="position">2</property>
+              </packing>
+            </child>
+            <child>
+              <object class="GtkLabel" id="email-recipient-cert-verified-label">
+                <property name="visible">True</property>
+                <property name="xalign">0</property>
+                <property name="label" translatable="yes">Email Recipient Certificate</property>
+              </object>
+              <packing>
+                <property name="expand">False</property>
+                <property name="fill">False</property>
+                <property name="position">3</property>
+              </packing>
+            </child>
+          </object>
+        </child>
+        <child type="label">
+          <object class="GtkLabel" id="label3">
+            <property name="visible">True</property>
+            <property name="label" translatable="yes">&lt;b&gt;This certificate has been verified for the following uses:&lt;/b&gt;</property>
+            <property name="use_markup">True</property>
+          </object>
+        </child>
+      </object>
+      <packing>
+        <property name="expand">False</property>
+      </packing>
+    </child>
+    <child>
+      <object class="GtkHSeparator" id="hseparator1">
+          </object>
+      <packing>
+        <property name="expand">False</property>
+        <property name="position">1</property>
+      </packing>
+    </child>
+    <child>
+      <object class="GtkTable" id="table3">
+        <property name="visible">True</property>
+        <property name="border_width">3</property>
+        <property name="n_rows">15</property>
+        <property name="n_columns">2</property>
+        <property name="column_spacing">6</property>
+        <child>
+          <object class="GtkLabel" id="label25">
+            <property name="visible">True</property>
+            <property name="xalign">0</property>
+            <property name="yalign">1</property>
+            <property name="ypad">3</property>
+            <property name="label" translatable="yes">&lt;b&gt;Issued To&lt;/b&gt;</property>
+            <property name="use_markup">True</property>
+          </object>
+          <packing>
+            <property name="right_attach">2</property>
+            <property name="x_options">GTK_FILL</property>
+            <property name="y_options"/>
+          </packing>
+        </child>
+        <child>
+          <object class="GtkLabel" id="label26">
+            <property name="visible">True</property>
+            <property name="xalign">0</property>
+            <property name="xpad">6</property>
+            <property name="label" translatable="yes">Common Name (CN)</property>
+          </object>
+          <packing>
+            <property name="top_attach">1</property>
+            <property name="bottom_attach">2</property>
+            <property name="x_options">GTK_FILL</property>
+            <property name="y_options"/>
+          </packing>
+        </child>
+        <child>
+          <object class="GtkLabel" id="label27">
+            <property name="visible">True</property>
+            <property name="xalign">0</property>
+            <property name="xpad">6</property>
+            <property name="label" translatable="yes">Organization (O)</property>
+          </object>
+          <packing>
+            <property name="top_attach">2</property>
+            <property name="bottom_attach">3</property>
+            <property name="x_options">GTK_FILL</property>
+            <property name="y_options"/>
+          </packing>
+        </child>
+        <child>
+          <object class="GtkLabel" id="label28">
+            <property name="visible">True</property>
+            <property name="xalign">0</property>
+            <property name="xpad">6</property>
+            <property name="label" translatable="yes">Organizational Unit (OU)</property>
+          </object>
+          <packing>
+            <property name="top_attach">3</property>
+            <property name="bottom_attach">4</property>
+            <property name="x_options">GTK_FILL</property>
+            <property name="y_options"/>
+          </packing>
+        </child>
+        <child>
+          <object class="GtkLabel" id="label29">
+            <property name="visible">True</property>
+            <property name="xalign">0</property>
+            <property name="xpad">6</property>
+            <property name="label" translatable="yes">Serial Number</property>
+          </object>
+          <packing>
+            <property name="top_attach">4</property>
+            <property name="bottom_attach">5</property>
+            <property name="x_options">GTK_FILL</property>
+            <property name="y_options"/>
+          </packing>
+        </child>
+        <child>
+          <object class="GtkLabel" id="label31">
+            <property name="visible">True</property>
+            <property name="xalign">0</property>
+            <property name="xpad">6</property>
+            <property name="label" translatable="yes">Common Name (CN)</property>
+          </object>
+          <packing>
+            <property name="top_attach">6</property>
+            <property name="bottom_attach">7</property>
+            <property name="x_options">GTK_FILL</property>
+            <property name="y_options"/>
+          </packing>
+        </child>
+        <child>
+          <object class="GtkLabel" id="label32">
+            <property name="visible">True</property>
+            <property name="xalign">0</property>
+            <property name="xpad">6</property>
+            <property name="label" translatable="yes">Organization (O)</property>
+          </object>
+          <packing>
+            <property name="top_attach">7</property>
+            <property name="bottom_attach">8</property>
+            <property name="x_options">GTK_FILL</property>
+            <property name="y_options"/>
+          </packing>
+        </child>
+        <child>
+          <object class="GtkLabel" id="label33">
+            <property name="visible">True</property>
+            <property name="xalign">0</property>
+            <property name="xpad">6</property>
+            <property name="label" translatable="yes">Organizational Unit (OU)</property>
+          </object>
+          <packing>
+            <property name="top_attach">8</property>
+            <property name="bottom_attach">9</property>
+            <property name="x_options">GTK_FILL</property>
+            <property name="y_options"/>
+          </packing>
+        </child>
+        <child>
+          <object class="GtkLabel" id="label36">
+            <property name="visible">True</property>
+            <property name="xalign">0</property>
+            <property name="xpad">6</property>
+            <property name="label" translatable="yes">Issued On</property>
+          </object>
+          <packing>
+            <property name="top_attach">10</property>
+            <property name="bottom_attach">11</property>
+            <property name="x_options">GTK_FILL</property>
+            <property name="y_options"/>
+          </packing>
+        </child>
+        <child>
+          <object class="GtkLabel" id="label37">
+            <property name="visible">True</property>
+            <property name="xalign">0</property>
+            <property name="xpad">6</property>
+            <property name="label" translatable="yes">Expires On</property>
+          </object>
+          <packing>
+            <property name="top_attach">11</property>
+            <property name="bottom_attach">12</property>
+            <property name="x_options">GTK_FILL</property>
+            <property name="y_options"/>
+          </packing>
+        </child>
+        <child>
+          <object class="GtkLabel" id="label30">
+            <property name="visible">True</property>
+            <property name="xalign">0</property>
+            <property name="yalign">1</property>
+            <property name="ypad">3</property>
+            <property name="label" translatable="yes">&lt;b&gt;Issued By&lt;/b&gt;</property>
+            <property name="use_markup">True</property>
+          </object>
+          <packing>
+            <property name="right_attach">2</property>
+            <property name="top_attach">5</property>
+            <property name="bottom_attach">6</property>
+            <property name="x_options">GTK_FILL</property>
+            <property name="y_options"/>
+          </packing>
+        </child>
+        <child>
+          <object class="GtkLabel" id="label35">
+            <property name="visible">True</property>
+            <property name="xalign">0</property>
+            <property name="ypad">3</property>
+            <property name="label" translatable="yes">&lt;b&gt;Fingerprints&lt;/b&gt;</property>
+            <property name="use_markup">True</property>
+          </object>
+          <packing>
+            <property name="right_attach">2</property>
+            <property name="top_attach">12</property>
+            <property name="bottom_attach">13</property>
+            <property name="x_options">GTK_FILL</property>
+            <property name="y_options"/>
+          </packing>
+        </child>
+        <child>
+          <object class="GtkLabel" id="label38">
+            <property name="visible">True</property>
+            <property name="xalign">0</property>
+            <property name="xpad">6</property>
+            <property name="label" translatable="yes">SHA1 Fingerprint</property>
+          </object>
+          <packing>
+            <property name="top_attach">13</property>
+            <property name="bottom_attach">14</property>
+            <property name="x_options">GTK_FILL</property>
+            <property name="y_options"/>
+          </packing>
+        </child>
+        <child>
+          <object class="GtkLabel" id="label39">
+            <property name="visible">True</property>
+            <property name="xalign">0</property>
+            <property name="xpad">6</property>
+            <property name="label" translatable="yes">MD5 Fingerprint</property>
+          </object>
+          <packing>
+            <property name="top_attach">14</property>
+            <property name="bottom_attach">15</property>
+            <property name="x_options">GTK_FILL</property>
+            <property name="y_options"/>
+          </packing>
+        </child>
+        <child>
+          <object class="GtkLabel" id="issued-to-o">
+            <property name="visible">True</property>
+            <property name="can_focus">True</property>
+            <property name="xalign">0</property>
+            <property name="label" translatable="yes">&lt;Not Part of Certificate&gt;</property>
+            <property name="selectable">True</property>
+          </object>
+          <packing>
+            <property name="left_attach">1</property>
+            <property name="right_attach">2</property>
+            <property name="top_attach">2</property>
+            <property name="bottom_attach">3</property>
+            <property name="x_options">GTK_FILL</property>
+            <property name="y_options"/>
+          </packing>
+        </child>
+        <child>
+          <object class="GtkLabel" id="issued-to-ou">
+            <property name="visible">True</property>
+            <property name="can_focus">True</property>
+            <property name="xalign">0</property>
+            <property name="label" translatable="yes">&lt;Not Part of Certificate&gt;</property>
+            <property name="selectable">True</property>
+          </object>
+          <packing>
+            <property name="left_attach">1</property>
+            <property name="right_attach">2</property>
+            <property name="top_attach">3</property>
+            <property name="bottom_attach">4</property>
+            <property name="x_options">GTK_FILL</property>
+            <property name="y_options"/>
+          </packing>
+        </child>
+        <child>
+          <object class="GtkLabel" id="issued-to-serial">
+            <property name="visible">True</property>
+            <property name="can_focus">True</property>
+            <property name="xalign">0</property>
+            <property name="label" translatable="yes">&lt;Not Part of Certificate&gt;</property>
+            <property name="selectable">True</property>
+          </object>
+          <packing>
+            <property name="left_attach">1</property>
+            <property name="right_attach">2</property>
+            <property name="top_attach">4</property>
+            <property name="bottom_attach">5</property>
+            <property name="x_options">GTK_FILL</property>
+            <property name="y_options"/>
+          </packing>
+        </child>
+        <child>
+          <object class="GtkLabel" id="issued-by-cn">
+            <property name="visible">True</property>
+            <property name="can_focus">True</property>
+            <property name="xalign">0</property>
+            <property name="label" translatable="yes">&lt;Not Part of Certificate&gt;</property>
+            <property name="selectable">True</property>
+          </object>
+          <packing>
+            <property name="left_attach">1</property>
+            <property name="right_attach">2</property>
+            <property name="top_attach">6</property>
+            <property name="bottom_attach">7</property>
+            <property name="x_options">GTK_FILL</property>
+            <property name="y_options"/>
+          </packing>
+        </child>
+        <child>
+          <object class="GtkLabel" id="issued-by-o">
+            <property name="visible">True</property>
+            <property name="can_focus">True</property>
+            <property name="xalign">0</property>
+            <property name="label" translatable="yes">&lt;Not Part of Certificate&gt;</property>
+            <property name="selectable">True</property>
+          </object>
+          <packing>
+            <property name="left_attach">1</property>
+            <property name="right_attach">2</property>
+            <property name="top_attach">7</property>
+            <property name="bottom_attach">8</property>
+            <property name="x_options">GTK_FILL</property>
+            <property name="y_options"/>
+          </packing>
+        </child>
+        <child>
+          <object class="GtkLabel" id="issued-by-ou">
+            <property name="visible">True</property>
+            <property name="can_focus">True</property>
+            <property name="xalign">0</property>
+            <property name="label" translatable="yes">&lt;Not Part of Certificate&gt;</property>
+            <property name="selectable">True</property>
+          </object>
+          <packing>
+            <property name="left_attach">1</property>
+            <property name="right_attach">2</property>
+            <property name="top_attach">8</property>
+            <property name="bottom_attach">9</property>
+            <property name="x_options">GTK_FILL</property>
+            <property name="y_options"/>
+          </packing>
+        </child>
+        <child>
+          <object class="GtkLabel" id="validity-issued-on">
+            <property name="visible">True</property>
+            <property name="can_focus">True</property>
+            <property name="xalign">0</property>
+            <property name="label" translatable="yes">&lt;Not Part of Certificate&gt;</property>
+            <property name="selectable">True</property>
+          </object>
+          <packing>
+            <property name="left_attach">1</property>
+            <property name="right_attach">2</property>
+            <property name="top_attach">10</property>
+            <property name="bottom_attach">11</property>
+            <property name="x_options">GTK_FILL</property>
+            <property name="y_options"/>
+          </packing>
+        </child>
+        <child>
+          <object class="GtkLabel" id="validity-expires-on">
+            <property name="visible">True</property>
+            <property name="can_focus">True</property>
+            <property name="xalign">0</property>
+            <property name="label" translatable="yes">&lt;Not Part of Certificate&gt;</property>
+            <property name="selectable">True</property>
+          </object>
+          <packing>
+            <property name="left_attach">1</property>
+            <property name="right_attach">2</property>
+            <property name="top_attach">11</property>
+            <property name="bottom_attach">12</property>
+            <property name="x_options">GTK_FILL</property>
+            <property name="y_options"/>
+          </packing>
+        </child>
+        <child>
+          <object class="GtkLabel" id="fingerprints-sha1">
+            <property name="visible">True</property>
+            <property name="can_focus">True</property>
+            <property name="xalign">0</property>
+            <property name="label" translatable="yes">&lt;Not Part of Certificate&gt;</property>
+            <property name="selectable">True</property>
+          </object>
+          <packing>
+            <property name="left_attach">1</property>
+            <property name="right_attach">2</property>
+            <property name="top_attach">13</property>
+            <property name="bottom_attach">14</property>
+            <property name="x_options">GTK_FILL</property>
+            <property name="y_options"/>
+          </packing>
+        </child>
+        <child>
+          <object class="GtkLabel" id="fingerprints-md5">
+            <property name="visible">True</property>
+            <property name="can_focus">True</property>
+            <property name="xalign">0</property>
+            <property name="label" translatable="yes">&lt;Not Part of Certificate&gt;</property>
+            <property name="selectable">True</property>
+          </object>
+          <packing>
+            <property name="left_attach">1</property>
+            <property name="right_attach">2</property>
+            <property name="top_attach">14</property>
+            <property name="bottom_attach">15</property>
+            <property name="x_options">GTK_FILL</property>
+            <property name="y_options"/>
+          </packing>
+        </child>
+        <child>
+          <object class="GtkLabel" id="issued-to-cn">
+            <property name="visible">True</property>
+            <property name="can_focus">True</property>
+            <property name="xalign">0</property>
+            <property name="label" translatable="yes">&lt;Not Part of Certificate&gt;</property>
+            <property name="selectable">True</property>
+          </object>
+          <packing>
+            <property name="left_attach">1</property>
+            <property name="right_attach">2</property>
+            <property name="top_attach">1</property>
+            <property name="bottom_attach">2</property>
+            <property name="x_options">GTK_FILL</property>
+            <property name="y_options"/>
+          </packing>
+        </child>
+        <child>
+          <object class="GtkLabel" id="label34">
+            <property name="visible">True</property>
+            <property name="xalign">0</property>
+            <property name="ypad">3</property>
+            <property name="label" translatable="yes">&lt;b&gt;Validity&lt;/b&gt;</property>
+            <property name="use_markup">True</property>
+          </object>
+          <packing>
+            <property name="right_attach">2</property>
+            <property name="top_attach">9</property>
+            <property name="bottom_attach">10</property>
+            <property name="x_options">GTK_FILL</property>
+            <property name="y_options"/>
+          </packing>
+        </child>
+      </object>
+      <packing>
+        <property name="expand">False</property>
+        <property name="position">2</property>
+      </packing>
+    </child>
+  </object>
+</interface>

Added: trunk/libcryptui/crui-x509-cert-dialog.c
==============================================================================
--- (empty file)
+++ trunk/libcryptui/crui-x509-cert-dialog.c	Sat Nov 22 23:42:50 2008
@@ -0,0 +1,230 @@
+/* 
+ * Seahorse
+ * 
+ * Copyright (C) 2008 Stefan Walter
+ * 
+ * This program is free software; you can redistribute it and/or modify 
+ * it under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *  
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *  
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
+ * 02111-1307, USA.  
+ */
+
+#include "config.h"
+
+#include "crui-x509-cert-dialog.h"
+
+#include "crui-x509-cert-basics.h"
+
+enum {
+	PROP_0,
+	PROP_CERTIFICATE
+};
+
+struct _CruiX509CertDialogPrivate {
+	GtkNotebook *tabs;
+	CruiX509CertBasics *basics;
+};
+
+G_DEFINE_TYPE (CruiX509CertDialog, crui_x509_cert_dialog, GTK_TYPE_DIALOG);
+
+#define CRUI_X509_CERT_DIALOG_GET_PRIVATE(o) \
+	(G_TYPE_INSTANCE_GET_PRIVATE ((o), CRUI_TYPE_X509_CERT_DIALOG, CruiX509CertDialogPrivate))
+
+/* -----------------------------------------------------------------------------
+ * INTERNAL 
+ */
+
+/* -----------------------------------------------------------------------------
+ * OBJECT 
+ */
+
+
+static void
+crui_x509_cert_dialog_init (CruiX509CertDialog *self)
+{
+	CruiX509CertDialogPrivate *pv = CRUI_X509_CERT_DIALOG_GET_PRIVATE (self);
+	GtkWidget *button;
+	
+	pv->tabs = GTK_NOTEBOOK (gtk_notebook_new ());
+	gtk_container_add (GTK_CONTAINER (GTK_DIALOG (self)->vbox), GTK_WIDGET (pv->tabs));
+	gtk_container_set_border_width (GTK_CONTAINER (self), 5);
+	gtk_container_set_border_width (GTK_CONTAINER (pv->tabs), 5);
+	gtk_widget_show (GTK_WIDGET (pv->tabs));
+	
+	pv->basics = crui_x509_cert_basics_new (NULL);
+	crui_x509_cert_dialog_add_view (self, _("Certificate"), GTK_WIDGET (pv->basics));
+	gtk_widget_show (GTK_WIDGET (pv->basics));
+	
+	button = gtk_button_new_from_stock (GTK_STOCK_CLOSE);
+	gtk_dialog_add_action_widget (GTK_DIALOG (self), button, GTK_RESPONSE_CLOSE);
+	gtk_widget_show (button);
+	
+	gtk_dialog_set_has_separator (GTK_DIALOG (self), FALSE);
+}
+
+static void
+crui_x509_cert_dialog_dispose (GObject *obj)
+{
+	CruiX509CertDialog *self = CRUI_X509_CERT_DIALOG (obj);
+	CruiX509CertDialogPrivate *pv = CRUI_X509_CERT_DIALOG_GET_PRIVATE (self);
+	
+	if (pv->basics) {
+		crui_x509_cert_dialog_remove_view (self, GTK_WIDGET (pv->basics));
+		pv->basics = NULL;
+	}
+    
+	G_OBJECT_CLASS (crui_x509_cert_dialog_parent_class)->dispose (obj);
+}
+
+static void
+crui_x509_cert_dialog_finalize (GObject *obj)
+{
+	CruiX509CertDialog *self = CRUI_X509_CERT_DIALOG (obj);
+	CruiX509CertDialogPrivate *pv = CRUI_X509_CERT_DIALOG_GET_PRIVATE (self);
+
+	g_assert (pv->basics == NULL);
+	
+	G_OBJECT_CLASS (crui_x509_cert_dialog_parent_class)->finalize (obj);
+}
+
+static void
+crui_x509_cert_dialog_set_property (GObject *obj, guint prop_id, const GValue *value, 
+                           GParamSpec *pspec)
+{
+	CruiX509CertDialog *self = CRUI_X509_CERT_DIALOG (obj);
+	
+	switch (prop_id) {
+	case PROP_CERTIFICATE:
+		crui_x509_cert_dialog_set_certificate (self, g_value_get_object (value));
+		break;
+	default:
+		G_OBJECT_WARN_INVALID_PROPERTY_ID (obj, prop_id, pspec);
+		break;
+	}
+}
+
+static void
+crui_x509_cert_dialog_get_property (GObject *obj, guint prop_id, GValue *value, 
+                           GParamSpec *pspec)
+{
+	CruiX509CertDialog *self = CRUI_X509_CERT_DIALOG (obj);
+	
+	switch (prop_id) {
+	case PROP_CERTIFICATE:
+		g_value_set_object (value, crui_x509_cert_dialog_get_certificate (self));
+		break;
+	default:
+		G_OBJECT_WARN_INVALID_PROPERTY_ID (obj, prop_id, pspec);
+		break;
+	}
+}
+
+static void
+crui_x509_cert_dialog_class_init (CruiX509CertDialogClass *klass)
+{
+	GObjectClass *gobject_class = G_OBJECT_CLASS (klass);
+	
+	crui_x509_cert_dialog_parent_class = g_type_class_peek_parent (klass);
+	g_type_class_add_private (klass, sizeof (CruiX509CertDialogPrivate));
+
+	gobject_class->dispose = crui_x509_cert_dialog_dispose;
+	gobject_class->finalize = crui_x509_cert_dialog_finalize;
+	gobject_class->set_property = crui_x509_cert_dialog_set_property;
+	gobject_class->get_property = crui_x509_cert_dialog_get_property;
+
+	g_object_class_install_property (gobject_class, PROP_CERTIFICATE,
+	           g_param_spec_object ("certificate", "Certificate", "Certificate to display", 
+	                                CRUI_TYPE_X509_CERT, G_PARAM_READWRITE));
+}
+
+/* -----------------------------------------------------------------------------
+ * PUBLIC 
+ */
+
+CruiX509CertDialog*
+crui_x509_cert_dialog_new (CruiX509Cert *cert)
+{
+	return g_object_new (CRUI_TYPE_X509_CERT_DIALOG, "certificate", cert, NULL);
+}
+
+void
+crui_x509_cert_dialog_set_certificate (CruiX509CertDialog *self, CruiX509Cert *cert)
+{
+	CruiX509CertDialogPrivate *pv = CRUI_X509_CERT_DIALOG_GET_PRIVATE (self);
+	g_return_if_fail (CRUI_IS_X509_CERT_DIALOG (self));
+	
+	crui_x509_cert_basics_set_certificate (pv->basics, cert);
+	g_object_notify (G_OBJECT (self), "certificate");
+}
+
+CruiX509Cert*
+crui_x509_cert_dialog_get_certificate (CruiX509CertDialog *self)
+{
+	CruiX509CertDialogPrivate *pv = CRUI_X509_CERT_DIALOG_GET_PRIVATE (self);
+	g_return_val_if_fail (CRUI_IS_X509_CERT_DIALOG (self), NULL);
+	
+	return crui_x509_cert_basics_get_certificate (pv->basics);
+}
+
+
+void
+crui_x509_cert_dialog_add_view (CruiX509CertDialog *self, const gchar *title, GtkWidget *view)
+{
+	g_return_if_fail (CRUI_IS_X509_CERT_DIALOG (self));
+	crui_x509_cert_dialog_insert_view (self, title, view, -1);
+}
+
+void
+crui_x509_cert_dialog_insert_view (CruiX509CertDialog *self, const gchar *title, 
+                                   GtkWidget *view, gint position)
+{
+	CruiX509CertDialogPrivate *pv = CRUI_X509_CERT_DIALOG_GET_PRIVATE (self);
+	
+	g_return_if_fail (CRUI_IS_X509_CERT_DIALOG (self));
+	g_return_if_fail (title);
+	
+	g_return_if_fail (GTK_IS_WIDGET (view));
+	g_return_if_fail (gtk_notebook_page_num (pv->tabs, view) == -1);
+	
+	gtk_notebook_insert_page (pv->tabs, view, gtk_label_new (title), position);
+}
+
+void
+crui_x509_cert_dialog_focus_view (CruiX509CertDialog *self, GtkWidget *view)
+{
+	CruiX509CertDialogPrivate *pv = CRUI_X509_CERT_DIALOG_GET_PRIVATE (self);
+	gint page;
+	
+	g_return_if_fail (CRUI_IS_X509_CERT_DIALOG (self));
+	g_return_if_fail (GTK_IS_WIDGET (view));
+	
+	page = gtk_notebook_page_num (pv->tabs, view);
+	g_return_if_fail (page != -1);
+	
+	gtk_notebook_set_current_page (pv->tabs, page);
+}
+
+void
+crui_x509_cert_dialog_remove_view (CruiX509CertDialog *self, GtkWidget *view)
+{
+	CruiX509CertDialogPrivate *pv = CRUI_X509_CERT_DIALOG_GET_PRIVATE (self);
+	gint page;
+	
+	g_return_if_fail (CRUI_IS_X509_CERT_DIALOG (self));
+	g_return_if_fail (GTK_IS_WIDGET (view));
+	
+	page = gtk_notebook_page_num (pv->tabs, view);
+	g_return_if_fail (page != -1);
+	
+	gtk_notebook_remove_page (pv->tabs, page);
+}

Added: trunk/libcryptui/crui-x509-cert-dialog.h
==============================================================================
--- (empty file)
+++ trunk/libcryptui/crui-x509-cert-dialog.h	Sat Nov 22 23:42:50 2008
@@ -0,0 +1,69 @@
+/* 
+ * Seahorse
+ * 
+ * Copyright (C) 2008 Stefan Walter
+ * 
+ * This program is free software; you can redistribute it and/or modify 
+ * it under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *  
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *  
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
+ * 02111-1307, USA.  
+ */
+
+#ifndef __CRUI_X509_CERT_DIALOG_H__
+#define __CRUI_X509_CERT_DIALOG_H__
+
+#include "crui-x509-cert.h"
+
+#include <gtk/gtk.h>
+
+#include <glib-object.h>
+#include <glib/gi18n.h>
+
+#define CRUI_TYPE_X509_CERT_DIALOG               (crui_x509_cert_dialog_get_type ())
+#define CRUI_X509_CERT_DIALOG(obj)               (G_TYPE_CHECK_INSTANCE_CAST ((obj), CRUI_TYPE_X509_CERT_DIALOG, CruiX509CertDialog))
+#define CRUI_X509_CERT_DIALOG_CLASS(klass)       (G_TYPE_CHECK_CLASS_CAST ((klass), CRUI_TYPE_X509_CERT_DIALOG, CruiX509CertDialogClass))
+#define CRUI_IS_X509_CERT_DIALOG(obj)            (G_TYPE_CHECK_INSTANCE_TYPE ((obj), CRUI_TYPE_X509_CERT_DIALOG))
+#define CRUI_IS_X509_CERT_DIALOG_CLASS(klass)    (G_TYPE_CHECK_CLASS_TYPE ((klass), CRUI_TYPE_X509_CERT_DIALOG))
+#define CRUI_X509_CERT_DIALOG_GET_CLASS(obj)     (G_TYPE_INSTANCE_GET_CLASS ((obj), CRUI_TYPE_X509_CERT_DIALOG, CruiX509CertDialogClass))
+
+typedef struct _CruiX509CertDialog CruiX509CertDialog;
+typedef struct _CruiX509CertDialogClass CruiX509CertDialogClass;
+typedef struct _CruiX509CertDialogPrivate CruiX509CertDialogPrivate;
+    
+struct _CruiX509CertDialog {
+	GtkDialog parent;
+};
+
+struct _CruiX509CertDialogClass {
+	GtkDialogClass parent_class;
+};
+
+GType                      crui_x509_cert_dialog_get_type               (void);
+
+CruiX509CertDialog*        crui_x509_cert_dialog_new                    (CruiX509Cert *cert);
+
+void                       crui_x509_cert_dialog_set_certificate        (CruiX509CertDialog *self, CruiX509Cert *cert);
+
+CruiX509Cert*              crui_x509_cert_dialog_get_certificate        (CruiX509CertDialog *self);
+
+void                       crui_x509_cert_dialog_add_view               (CruiX509CertDialog *self, const gchar *title, 
+                                                                         GtkWidget *view);
+
+void                       crui_x509_cert_dialog_insert_view            (CruiX509CertDialog *self, const gchar *title, 
+                                                                         GtkWidget *view, gint position);
+
+void                       crui_x509_cert_dialog_focus_view             (CruiX509CertDialog *self, GtkWidget *view);
+
+void                       crui_x509_cert_dialog_remove_view            (CruiX509CertDialog *self, GtkWidget *view);
+
+#endif /* __CRUI_X509_CERT_DIALOG_H__ */

Added: trunk/libcryptui/crui-x509-cert-simple.c
==============================================================================
--- (empty file)
+++ trunk/libcryptui/crui-x509-cert-simple.c	Sat Nov 22 23:42:50 2008
@@ -0,0 +1,169 @@
+/* 
+ * Seahorse
+ * 
+ * Copyright (C) 2008 Stefan Walter
+ * 
+ * This program is free software; you can redistribute it and/or modify 
+ * it under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *  
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *  
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
+ * 02111-1307, USA.  
+ */
+
+#include "config.h"
+
+#include "crui-x509-cert-simple.h"
+
+#include "crui-x509-cert.h"
+
+struct _CruiX509CertSimplePrivate {
+	guchar *der;
+	gsize n_der;
+};
+
+static void crui_x509_cert_iface (CruiX509CertIface *iface);
+
+G_DEFINE_TYPE_EXTENDED (CruiX509CertSimple, crui_x509_cert_simple, G_TYPE_OBJECT, 0,
+                        G_IMPLEMENT_INTERFACE (CRUI_TYPE_X509_CERT, crui_x509_cert_iface));
+
+#define CRUI_X509_CERT_SIMPLE_GET_PRIVATE(o) \
+	(G_TYPE_INSTANCE_GET_PRIVATE ((o), CRUI_TYPE_X509_CERT_SIMPLE, CruiX509CertSimplePrivate))
+
+/* -----------------------------------------------------------------------------
+ * INTERNAL 
+ */
+
+/* -----------------------------------------------------------------------------
+ * OBJECT 
+ */
+
+static void
+crui_x509_cert_simple_init (CruiX509CertSimple *self)
+{
+#if 0
+	CruiX509CertSimplePrivate *pv = CRUI_X509_CERT_SIMPLE_GET_PRIVATE (self);
+#endif
+}
+
+static void
+crui_x509_cert_simple_finalize (GObject *obj)
+{
+	CruiX509CertSimple *self = CRUI_X509_CERT_SIMPLE (obj);
+	CruiX509CertSimplePrivate *pv = CRUI_X509_CERT_SIMPLE_GET_PRIVATE (self);
+	
+	g_free (pv->der);
+	pv->der = NULL;
+	pv->n_der = 0;
+
+	G_OBJECT_CLASS (crui_x509_cert_simple_parent_class)->finalize (obj);
+}
+
+static void
+crui_x509_cert_simple_set_property (GObject *obj, guint prop_id, const GValue *value, 
+                           GParamSpec *pspec)
+{
+#if 0
+	CruiX509CertSimplePrivate *pv = CRUI_X509_CERT_SIMPLE_GET_PRIVATE (obj);
+	CruiX509CertSimple *self = CRUI_X509_CERT_SIMPLE (obj);
+#endif
+	
+	switch (prop_id) {
+	default:
+		G_OBJECT_WARN_INVALID_PROPERTY_ID (obj, prop_id, pspec);
+		break;
+	}
+}
+
+static void
+crui_x509_cert_simple_get_property (GObject *obj, guint prop_id, GValue *value, 
+                           GParamSpec *pspec)
+{
+#if 0
+	CruiX509CertSimplePrivate *pv = CRUI_X509_CERT_SIMPLE_GET_PRIVATE (obj);
+	CruiX509CertSimple *self = CRUI_X509_CERT_SIMPLE (obj);
+#endif
+	
+	switch (prop_id) {
+	default:
+		G_OBJECT_WARN_INVALID_PROPERTY_ID (obj, prop_id, pspec);
+		break;
+	}
+}
+
+static void
+crui_x509_cert_simple_class_init (CruiX509CertSimpleClass *klass)
+{
+	GObjectClass *gobject_class = G_OBJECT_CLASS (klass);
+    
+	crui_x509_cert_simple_parent_class = g_type_class_peek_parent (klass);
+	g_type_class_add_private (klass, sizeof (CruiX509CertSimplePrivate));
+
+	gobject_class->finalize = crui_x509_cert_simple_finalize;
+	gobject_class->set_property = crui_x509_cert_simple_set_property;
+	gobject_class->get_property = crui_x509_cert_simple_get_property;
+}
+
+const guchar*
+crui_x509_cert_simple_get_der_data (CruiX509Cert *self, gsize *n_length)
+{
+	CruiX509CertSimplePrivate *pv = CRUI_X509_CERT_SIMPLE_GET_PRIVATE (self);
+	g_return_val_if_fail (pv->der && pv->n_der, NULL);
+	*n_length = pv->n_der;
+	return pv->der;
+}
+
+static void 
+crui_x509_cert_iface (CruiX509CertIface *iface) 
+{
+	iface->get_der_data = (gpointer)crui_x509_cert_simple_get_der_data;
+}
+
+/* -----------------------------------------------------------------------------
+ * PUBLIC 
+ */
+
+CruiX509CertSimple*
+crui_x509_cert_simple_new (const guchar *der, gsize n_der)
+{
+	CruiX509CertSimple *simple;
+	CruiX509CertSimplePrivate *pv;
+	
+	g_return_val_if_fail (der, NULL);
+	g_return_val_if_fail (n_der, NULL);
+	
+	simple = g_object_new (CRUI_TYPE_X509_CERT_SIMPLE, NULL);
+	if (simple) {
+		pv = CRUI_X509_CERT_SIMPLE_GET_PRIVATE (simple);
+		pv->der = g_memdup (der, n_der);
+		pv->n_der = n_der;
+	}
+	
+	return simple;
+}
+
+CruiX509CertSimple* 
+crui_x509_cert_simple_new_from_file (const gchar *filename, GError **err)
+{
+	CruiX509CertSimple *simple;
+	gchar *contents;
+	gsize n_contents;
+	
+	g_return_val_if_fail (filename, NULL);
+	g_return_val_if_fail (!err || !*err, NULL);
+	
+	if (!g_file_get_contents (filename, &contents, &n_contents, err))
+		return NULL;
+	
+	simple = crui_x509_cert_simple_new ((guchar*)contents, n_contents);
+	g_free (contents);
+	return simple;
+}

Added: trunk/libcryptui/crui-x509-cert-simple.h
==============================================================================
--- (empty file)
+++ trunk/libcryptui/crui-x509-cert-simple.h	Sat Nov 22 23:42:50 2008
@@ -0,0 +1,52 @@
+/* 
+ * Seahorse
+ * 
+ * Copyright (C) 2008 Stefan Walter
+ * 
+ * This program is free software; you can redistribute it and/or modify 
+ * it under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *  
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *  
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
+ * 02111-1307, USA.  
+ */
+
+#ifndef __CRUI_X509_CERT_SIMPLE_H__
+#define __CRUI_X509_CERT_SIMPLE_H__
+
+#include <glib-object.h>
+
+#define CRUI_TYPE_X509_CERT_SIMPLE               (crui_x509_cert_simple_get_type ())
+#define CRUI_X509_CERT_SIMPLE(obj)               (G_TYPE_CHECK_INSTANCE_CAST ((obj), CRUI_TYPE_X509_CERT_SIMPLE, CruiX509CertSimple))
+#define CRUI_X509_CERT_SIMPLE_CLASS(klass)       (G_TYPE_CHECK_CLASS_CAST ((klass), CRUI_TYPE_X509_CERT_SIMPLE, CruiX509CertSimpleClass))
+#define CRUI_IS_X509_CERT_SIMPLE(obj)            (G_TYPE_CHECK_INSTANCE_TYPE ((obj), CRUI_TYPE_X509_CERT_SIMPLE))
+#define CRUI_IS_X509_CERT_SIMPLE_CLASS(klass)    (G_TYPE_CHECK_CLASS_TYPE ((klass), CRUI_TYPE_X509_CERT_SIMPLE))
+#define CRUI_X509_CERT_SIMPLE_GET_CLASS(obj)     (G_TYPE_INSTANCE_GET_CLASS ((obj), CRUI_TYPE_X509_CERT_SIMPLE, CruiX509CertSimpleClass))
+
+typedef struct _CruiX509CertSimple CruiX509CertSimple;
+typedef struct _CruiX509CertSimpleClass CruiX509CertSimpleClass;
+typedef struct _CruiX509CertSimplePrivate CruiX509CertSimplePrivate;
+    
+struct _CruiX509CertSimple {
+	GObject parent;
+};
+
+struct _CruiX509CertSimpleClass {
+	GObjectClass parent_class;
+};
+
+GType               crui_x509_cert_simple_get_type               (void);
+
+CruiX509CertSimple* crui_x509_cert_simple_new                    (const guchar *der, gsize n_der);
+
+CruiX509CertSimple* crui_x509_cert_simple_new_from_file          (const gchar *filename, GError **err);
+
+#endif /* __CRUI_X509_CERT_SIMPLE_H__ */

Added: trunk/libcryptui/crui-x509-cert.c
==============================================================================
--- (empty file)
+++ trunk/libcryptui/crui-x509-cert.c	Sat Nov 22 23:42:50 2008
@@ -0,0 +1,315 @@
+/* 
+ * Seahorse
+ * 
+ * Copyright (C) 2008 Stefan Walter
+ * 
+ * This program is free software; you can redistribute it and/or modify 
+ * it under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *  
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *  
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
+ * 02111-1307, USA.  
+ */
+
+#include "config.h"
+
+#include "crui-x509-cert.h"
+
+#include "crui-asn1.h"
+#include "crui-util.h"
+
+#include <libtasn1.h>
+
+#include <string.h>
+
+typedef struct _Asn1Cache {
+	ASN1_TYPE asn1;
+	gconstpointer der;
+	gsize length;
+} Asn1Cache;
+
+static GQuark ASN1_CACHE = 0;
+
+static void
+free_asn1_cache (gpointer data)
+{
+	Asn1Cache *cache = (Asn1Cache*)data;
+	if (cache) {
+		g_assert (cache->asn1);
+		asn1_delete_structure (&cache->asn1);
+		g_free (cache);
+	}
+}
+
+static ASN1_TYPE
+parse_certificate_asn1 (CruiX509Cert *cert)
+{
+	Asn1Cache *cache;
+	ASN1_TYPE asn1;
+	const guchar *der;
+	gsize n_der;
+	
+	g_assert (cert);
+	
+	der = crui_x509_cert_get_der_data (cert, &n_der);
+	g_return_val_if_fail (der, NULL);
+
+	cache = (Asn1Cache*)g_object_get_qdata (G_OBJECT (cert), ASN1_CACHE);
+	if (cache) {
+		if (n_der == cache->length && memcmp (der, cache->der, n_der) == 0)
+			return cache->asn1;
+	}
+	
+	/* Cache is invalid or non existent */
+	asn1 = _crui_asn1_decode ("PKIX1.Certificate", der, n_der);
+	if (asn1 == NULL) {
+		g_warning ("a derived class provided an invalid or unparseable X509 DER certificate data.");
+		return NULL;
+	}
+	
+	cache = g_new0 (Asn1Cache, 1);
+	cache->der = der;
+	cache->length = n_der;
+	cache->asn1 = asn1;
+	
+	g_object_set_qdata_full (G_OBJECT (cert), ASN1_CACHE, cache, free_asn1_cache);
+	return asn1;
+}
+
+static GChecksum*
+digest_certificate (CruiX509Cert *cert, GChecksumType type)
+{
+	GChecksum *digest;
+	const guchar *der;
+	gsize n_der;
+	
+	g_assert (cert);
+
+	der = crui_x509_cert_get_der_data (cert, &n_der);
+	g_return_val_if_fail (der, NULL);
+	
+	digest = g_checksum_new (type);
+	g_return_val_if_fail (digest, NULL);
+	
+	g_checksum_update (digest, der, n_der);
+	return digest;
+}
+
+/* ---------------------------------------------------------------------------------
+ * INTERFACE
+ */
+
+static void
+crui_x509_cert_base_init (gpointer g_class)
+{
+	static gboolean initialized = FALSE;
+	if (!initialized) {
+		ASN1_CACHE = g_quark_from_static_string ("_crui_x509_cert_asn1_cache");
+		
+		/* Add properties and signals to the interface */
+		
+		
+		initialized = TRUE;
+	}
+}
+
+GType
+crui_x509_cert_get_type (void)
+{
+	static GType type = 0;
+	if (!type) {
+		static const GTypeInfo info = {
+			sizeof (CruiX509CertIface),
+			crui_x509_cert_base_init,               /* base init */
+			NULL,             /* base finalize */
+			NULL,             /* class_init */
+			NULL,             /* class finalize */
+			NULL,             /* class data */
+			0,
+			0,                /* n_preallocs */
+			NULL,             /* instance init */
+		};
+		type = g_type_register_static (G_TYPE_INTERFACE, "CruiX509CertIface", &info, 0);
+		g_type_interface_add_prerequisite (type, G_TYPE_OBJECT);
+	}
+	
+	return type;
+}
+
+/* -----------------------------------------------------------------------------
+ * PUBLIC
+ */
+
+const guchar*
+crui_x509_cert_get_der_data (CruiX509Cert *self, gsize *n_length)
+{
+	g_return_val_if_fail (CRUI_IS_X509_CERT (self), NULL);
+	g_return_val_if_fail (CRUI_X509_CERT_GET_INTERFACE (self)->get_der_data, NULL);
+	return CRUI_X509_CERT_GET_INTERFACE (self)->get_der_data (self, n_length);
+}
+
+gchar*
+crui_x509_cert_get_issuer_cn (CruiX509Cert *self)
+{
+	return crui_x509_cert_get_issuer_part (self, "cn");
+}
+
+gchar*
+crui_x509_cert_get_issuer_part (CruiX509Cert *self, const char *part)
+{
+	ASN1_TYPE asn1;
+	
+	g_return_val_if_fail (CRUI_IS_X509_CERT (self), NULL);
+	
+	asn1 = parse_certificate_asn1 (self);
+	g_return_val_if_fail (asn1, NULL);
+	
+	return _crui_asn1_read_dn_part (asn1, "tbsCertificate.issuer.rdnSequence", part); 	
+}
+
+gchar*
+crui_x509_cert_get_issuer_dn (CruiX509Cert *self)
+{
+	ASN1_TYPE asn1;
+	
+	g_return_val_if_fail (CRUI_IS_X509_CERT (self), NULL);
+	
+	asn1 = parse_certificate_asn1 (self);
+	g_return_val_if_fail (asn1, NULL);
+	
+	return _crui_asn1_read_dn (asn1, "tbsCertificate.issuer.rdnSequence"); 
+}
+
+gchar* 
+crui_x509_cert_get_subject_cn (CruiX509Cert *self)
+{
+	return crui_x509_cert_get_subject_part (self, "cn");
+}
+
+gchar* 
+crui_x509_cert_get_subject_part (CruiX509Cert *self, const char *part)
+{
+	ASN1_TYPE asn1;
+	
+	g_return_val_if_fail (CRUI_IS_X509_CERT (self), NULL);
+	
+	asn1 = parse_certificate_asn1 (self);
+	g_return_val_if_fail (asn1, NULL);
+	
+	return _crui_asn1_read_dn_part (asn1, "tbsCertificate.subject.rdnSequence", part); 
+}
+
+gchar* 
+crui_x509_cert_get_subject_dn (CruiX509Cert *self)
+{
+	ASN1_TYPE asn1;
+	
+	g_return_val_if_fail (CRUI_IS_X509_CERT (self), NULL);
+	
+	asn1 = parse_certificate_asn1 (self);
+	g_return_val_if_fail (asn1, NULL);
+	
+	return _crui_asn1_read_dn (asn1, "tbsCertificate.issuer.rdnSequence"); 	
+}
+
+GDate* 
+crui_x509_cert_get_issued_date (CruiX509Cert *self)
+{
+	ASN1_TYPE asn1;
+	
+	g_return_val_if_fail (CRUI_IS_X509_CERT (self), NULL);
+	
+	asn1 = parse_certificate_asn1 (self);
+	g_return_val_if_fail (asn1, NULL);
+	
+	return _crui_asn1_read_date (asn1, "tbsCertificate.validity.notBefore"); 
+}
+
+GDate* 
+crui_x509_cert_get_expiry_date (CruiX509Cert *self)
+{
+	ASN1_TYPE asn1;
+	
+	g_return_val_if_fail (CRUI_IS_X509_CERT (self), NULL);
+	
+	asn1 = parse_certificate_asn1 (self);
+	g_return_val_if_fail (asn1, NULL);
+	
+	return _crui_asn1_read_date (asn1, "tbsCertificate.validity.notAfter"); 
+}
+
+guchar*
+crui_x509_cert_get_fingerprint (CruiX509Cert *self, GChecksumType type, gsize *n_digest)
+{
+	GChecksum *sum;
+	guchar *digest;
+	gssize length;
+	
+	g_return_val_if_fail (CRUI_IS_X509_CERT (self), NULL);
+	g_return_val_if_fail (n_digest, NULL);
+	
+	sum = digest_certificate (self, type);
+	g_return_val_if_fail (sum, NULL);
+	length = g_checksum_type_get_length (type);
+	g_return_val_if_fail (length > 0, NULL);
+	digest = g_malloc (length);
+	*n_digest = length;
+	g_checksum_get_digest (sum, digest, n_digest);
+	g_checksum_free (sum);
+	
+	return digest;
+}
+
+gchar*
+crui_x509_cert_get_fingerprint_hex (CruiX509Cert *self, GChecksumType type)
+{
+	GChecksum *sum;
+	gchar *hex;
+	
+	g_return_val_if_fail (CRUI_IS_X509_CERT (self), NULL);
+	
+	sum = digest_certificate (self, type);
+	g_return_val_if_fail (sum, NULL);
+	hex = g_strdup (g_checksum_get_string (sum));
+	g_checksum_free (sum);
+	return hex;
+}
+
+guchar*
+crui_x509_cert_get_serial_number (CruiX509Cert *self, gsize *n_length)
+{
+	ASN1_TYPE asn1;
+	
+	g_return_val_if_fail (CRUI_IS_X509_CERT (self), NULL);
+	
+	asn1 = parse_certificate_asn1 (self);
+	g_return_val_if_fail (asn1, NULL);
+	
+	return _crui_asn1_read_value (asn1, "tbsCertificate.serialNumber", n_length); 
+}
+
+gchar*
+crui_x509_cert_get_serial_number_hex (CruiX509Cert *self)
+{
+	guchar *serial;
+	gsize n_serial;
+	gchar *hex;
+	
+	g_return_val_if_fail (CRUI_IS_X509_CERT (self), NULL);
+	
+	serial = crui_x509_cert_get_serial_number (self, &n_serial);
+	if (serial == NULL)
+		return NULL;
+	
+	hex = _crui_util_encode_hex (serial, n_serial);
+	g_free (serial);
+	return hex;
+}

Added: trunk/libcryptui/crui-x509-cert.h
==============================================================================
--- (empty file)
+++ trunk/libcryptui/crui-x509-cert.h	Sat Nov 22 23:42:50 2008
@@ -0,0 +1,82 @@
+/* 
+ * Seahorse
+ * 
+ * Copyright (C) 2008 Stefan Walter
+ * 
+ * This program is free software; you can redistribute it and/or modify 
+ * it under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *  
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *  
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
+ * 02111-1307, USA.  
+ */
+
+#ifndef __CRUI_X509_CERT_H__
+#define __CRUI_X509_CERT_H__
+
+#include <glib-object.h>
+
+G_BEGIN_DECLS
+
+#define CRUI_TYPE_X509_CERT                 (crui_x509_cert_get_type())
+#define CRUI_X509_CERT(obj)                 (G_TYPE_CHECK_INSTANCE_CAST ((obj), CRUI_TYPE_X509_CERT, CruiX509Cert))
+#define CRUI_IS_X509_CERT(obj)              (G_TYPE_CHECK_INSTANCE_TYPE ((obj), CRUI_TYPE_X509_CERT))
+#define CRUI_X509_CERT_GET_INTERFACE(inst)  (G_TYPE_INSTANCE_GET_INTERFACE ((inst), CRUI_TYPE_X509_CERT, CruiX509CertIface))
+
+typedef struct _CruiX509Cert      CruiX509Cert;
+typedef struct _CruiX509CertIface CruiX509CertIface;
+
+struct _CruiX509CertIface {
+	GTypeInterface parent;
+	
+	const guchar* (*get_der_data)   (CruiX509Cert *self, gsize *n_length);
+	
+	gpointer dummy1;
+	gpointer dummy2;
+	gpointer dummy3;
+	gpointer dummy5;
+	gpointer dummy6;
+	gpointer dummy7;
+	gpointer dummy8;
+};
+
+GType                  crui_x509_cert_get_type                          (void) G_GNUC_CONST;
+
+const guchar*          crui_x509_cert_get_der_data                      (CruiX509Cert *self, gsize *n_length);
+
+gchar*                 crui_x509_cert_get_issuer_cn                     (CruiX509Cert *self);
+
+gchar*                 crui_x509_cert_get_issuer_dn                     (CruiX509Cert *self);
+
+gchar*                 crui_x509_cert_get_issuer_part                   (CruiX509Cert *self, const gchar *part);
+
+gchar*                 crui_x509_cert_get_subject_cn                    (CruiX509Cert *self);
+
+gchar*                 crui_x509_cert_get_subject_dn                    (CruiX509Cert *self);
+
+gchar*                 crui_x509_cert_get_subject_part                  (CruiX509Cert *self, const gchar *part);
+
+GDate*                 crui_x509_cert_get_issued_date                   (CruiX509Cert *self);
+
+GDate*                 crui_x509_cert_get_expiry_date                   (CruiX509Cert *self);
+
+guchar*                crui_x509_cert_get_serial_number                 (CruiX509Cert *self, gsize *n_length);
+
+gchar*                 crui_x509_cert_get_serial_number_hex             (CruiX509Cert *self);
+
+guchar*                crui_x509_cert_get_fingerprint                   (CruiX509Cert *self, GChecksumType type, gsize *n_length);
+
+gchar*                 crui_x509_cert_get_fingerprint_hex               (CruiX509Cert *self, GChecksumType type);
+
+G_END_DECLS
+
+#endif /* __CRUI_X509_CERT_H__ */
+

Added: trunk/libcryptui/pk.asn
==============================================================================
--- (empty file)
+++ trunk/libcryptui/pk.asn	Sat Nov 22 23:42:50 2008
@@ -0,0 +1,103 @@
+PK { }
+
+DEFINITIONS EXPLICIT TAGS ::=
+
+BEGIN
+
+-- This file contains parts of PKCS-1 structures and some stuff
+-- required for DSA keys.
+
+RSAPublicKey ::= SEQUENCE {
+        modulus                 INTEGER, -- n
+        publicExponent          INTEGER  -- e 
+}
+
+-- 
+-- Representation of RSA private key with information for the 
+-- CRT algorithm.
+--
+RSAPrivateKey ::= SEQUENCE {
+        version          	Version,
+        modulus          	INTEGER, -- (Usually large) n
+        publicExponent   	INTEGER, -- (Usually small) e
+        privateExponent  	INTEGER, -- (Usually large) d
+        prime1           	INTEGER, -- (Usually large) p
+	prime2           	INTEGER, -- (Usually large) q
+	exponent1        	INTEGER, -- (Usually large) d mod (p-1)
+	exponent2        	INTEGER, -- (Usually large) d mod (q-1)
+	coefficient      	INTEGER, -- (Usually large) (inverse of q) mod p
+	otherPrimeInfos 	OtherPrimeInfos OPTIONAL
+}
+
+Version ::= INTEGER { two-prime(0), multi(1) }
+-- version must be multi if otherPrimeInfos present --
+
+OtherPrimeInfos ::= SEQUENCE SIZE(1..MAX) OF OtherPrimeInfo
+
+OtherPrimeInfo ::= SEQUENCE {
+	prime INTEGER,  -- ri
+	exponent INTEGER, -- di
+	coefficient INTEGER -- ti 
+}
+
+-- for signature calculation
+-- added by nmav
+
+AlgorithmIdentifier ::= SEQUENCE  {
+     algorithm               OBJECT IDENTIFIER,
+     parameters              ANY DEFINED BY algorithm OPTIONAL  
+}
+                                -- contains a value of the type
+                                -- registered for use with the
+                                -- algorithm object identifier value
+
+DigestInfo ::= SEQUENCE {
+     digestAlgorithm DigestAlgorithmIdentifier,
+     digest Digest 
+}
+
+DigestAlgorithmIdentifier ::= AlgorithmIdentifier
+
+Digest ::= OCTET STRING
+
+DSAPublicPart ::= INTEGER
+
+DSAPublicKey ::= SEQUENCE {
+        version          	INTEGER, -- should be zero
+        p          		INTEGER,
+        q   			INTEGER,
+        g  			INTEGER,
+        Y	     	      	INTEGER  -- public
+}
+
+DSAParameters ::= SEQUENCE {
+        p                   INTEGER,
+        q                   INTEGER,
+        g                   INTEGER
+}
+
+DSASignatureValue ::= SEQUENCE {
+        r                   INTEGER,
+        s                   INTEGER
+}
+
+DSAPrivatePart ::= INTEGER
+
+DSAPrivateKey ::= SEQUENCE {
+        version          	INTEGER, -- should be zero
+        p          		INTEGER,
+        q   			INTEGER,
+        g  			INTEGER,
+        Y	     	      	INTEGER, -- public
+	priv           		INTEGER
+}
+
+-- from PKCS#3
+DHParameter ::= SEQUENCE {
+	prime INTEGER, -- p
+	base INTEGER, -- g
+	privateValueLength INTEGER OPTIONAL 
+}
+
+
+END

Added: trunk/libcryptui/pkix.asn
==============================================================================
--- (empty file)
+++ trunk/libcryptui/pkix.asn	Sat Nov 22 23:42:50 2008
@@ -0,0 +1,1230 @@
+
+PKIX1 { }
+
+DEFINITIONS IMPLICIT TAGS ::=
+
+BEGIN
+
+-- This contains both PKIX1Implicit88 and RFC2630 ASN.1 modules.
+
+-- ISO arc for standard certificate and CRL extensions
+
+id-ce OBJECT IDENTIFIER  ::=  {joint-iso-ccitt(2) ds(5) 29}
+
+
+-- authority key identifier OID and syntax
+
+id-ce-authorityKeyIdentifier OBJECT IDENTIFIER ::=  { id-ce 35 }
+
+AuthorityKeyIdentifier ::= SEQUENCE {
+      keyIdentifier             [0] KeyIdentifier            OPTIONAL,
+      authorityCertIssuer       [1] GeneralNames             OPTIONAL,
+      authorityCertSerialNumber [2] CertificateSerialNumber  OPTIONAL }
+    -- authorityCertIssuer and authorityCertSerialNumber shall both
+    -- be present or both be absgent
+
+KeyIdentifier ::= OCTET STRING
+
+-- subject key identifier OID and syntax
+
+id-ce-subjectKeyIdentifier OBJECT IDENTIFIER ::=  { id-ce 14 }
+
+SubjectKeyIdentifier ::= KeyIdentifier
+
+-- key usage extension OID and syntax
+
+id-ce-keyUsage OBJECT IDENTIFIER ::=  { id-ce 15 }
+
+KeyUsage ::= BIT STRING {
+     digitalSignature        (0),
+     nonRepudiation          (1),
+     keyEncipherment         (2),
+     dataEncipherment        (3),
+     keyAgreement            (4),
+     keyCertSign             (5),
+     cRLSign                 (6),
+     encipherOnly            (7),
+     decipherOnly            (8) }
+
+-- private key usage period extension OID and syntax
+
+id-ce-privateKeyUsagePeriod OBJECT IDENTIFIER ::=  { id-ce 16 }
+
+PrivateKeyUsagePeriod ::= SEQUENCE {
+     notBefore       [0]     GeneralizedTime OPTIONAL,
+     notAfter        [1]     GeneralizedTime OPTIONAL }
+     -- either notBefore or notAfter shall be present
+
+-- certificate policies extension OID and syntax
+
+id-ce-certificatePolicies OBJECT IDENTIFIER ::=  { id-ce 32 }
+
+CertificatePolicies ::= SEQUENCE SIZE (1..MAX) OF PolicyInformation
+
+PolicyInformation ::= SEQUENCE {
+     policyIdentifier   CertPolicyId,
+     policyQualifiers   SEQUENCE SIZE (1..MAX) OF
+             PolicyQualifierInfo OPTIONAL }
+
+CertPolicyId ::= OBJECT IDENTIFIER
+
+PolicyQualifierInfo ::= SEQUENCE {
+       policyQualifierId  PolicyQualifierId,
+       qualifier        ANY DEFINED BY policyQualifierId }
+
+-- Implementations that recognize additional policy qualifiers shall
+-- augment the following definition for PolicyQualifierId
+
+PolicyQualifierId ::=
+    OBJECT IDENTIFIER  -- ( id-qt-cps | id-qt-unotice )
+
+-- CPS pointer qualifier
+
+CPSuri ::= IA5String
+
+-- user notice qualifier
+
+UserNotice ::= SEQUENCE {
+     noticeRef        NoticeReference OPTIONAL,
+     explicitText     DisplayText OPTIONAL}
+
+NoticeReference ::= SEQUENCE {
+     organization     DisplayText,
+     noticeNumbers    SEQUENCE OF INTEGER }
+
+DisplayText ::= CHOICE {
+     visibleString    VisibleString  (SIZE (1..200)),
+     bmpString        BMPString      (SIZE (1..200)),
+     utf8String       UTF8String     (SIZE (1..200)) }
+
+-- policy mapping extension OID and syntax
+
+id-ce-policyMappings OBJECT IDENTIFIER ::=  { id-ce 33 }
+
+PolicyMappings ::= SEQUENCE SIZE (1..MAX) OF SEQUENCE {
+     issuerDomainPolicy      CertPolicyId,
+     subjectDomainPolicy     CertPolicyId }
+
+-- subject alternative name extension OID and syntax
+
+-- Directory string type --
+
+DirectoryString ::= CHOICE {
+      teletexString             TeletexString (SIZE (1..MAX)),
+      printableString           PrintableString (SIZE (1..MAX)),
+      universalString           UniversalString (SIZE (1..MAX)),
+      utf8String              UTF8String (SIZE (1..MAX)),
+      bmpString               BMPString (SIZE(1..MAX)),
+      -- IA5String is added here to handle old UID encoded as ia5String --
+      -- See tests/userid/ for more information.  It shouldn't be here, --
+      -- so if it causes problems, considering dropping it. --
+      ia5String               IA5String (SIZE(1..MAX)) }
+
+id-ce-subjectAltName OBJECT IDENTIFIER ::=  { id-ce 17 }
+
+SubjectAltName ::= GeneralNames
+
+GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
+
+GeneralName ::= CHOICE {
+     otherName                       [0]     AnotherName,
+     rfc822Name                      [1]     IA5String,
+     dNSName                         [2]     IA5String,
+     x400Address                     [3]     ORAddress,
+-- Changed to work with the libtasn1 parser.
+     directoryName                   [4]     EXPLICIT RDNSequence, --Name,
+     ediPartyName                    [5]     EDIPartyName,
+     uniformResourceIdentifier       [6]     IA5String,
+     iPAddress                       [7]     OCTET STRING,
+     registeredID                    [8]     OBJECT IDENTIFIER }
+
+-- AnotherName replaces OTHER-NAME ::= TYPE-IDENTIFIER, as
+-- TYPE-IDENTIFIER is not supported in the '88 ASN.1 syntax
+
+AnotherName ::= SEQUENCE {
+     type-id    OBJECT IDENTIFIER,
+     value      [0] EXPLICIT ANY DEFINED BY type-id }
+
+EDIPartyName ::= SEQUENCE {
+     nameAssigner            [0]     DirectoryString OPTIONAL,
+     partyName               [1]     DirectoryString }
+
+-- issuer alternative name extension OID and syntax
+
+id-ce-issuerAltName OBJECT IDENTIFIER ::=  { id-ce 18 }
+
+IssuerAltName ::= GeneralNames
+
+id-ce-subjectDirectoryAttributes OBJECT IDENTIFIER ::=  { id-ce 9 }
+
+SubjectDirectoryAttributes ::= SEQUENCE SIZE (1..MAX) OF Attribute
+
+-- basic constraints extension OID and syntax
+
+id-ce-basicConstraints OBJECT IDENTIFIER ::=  { id-ce 19 }
+
+BasicConstraints ::= SEQUENCE {
+     cA                      BOOLEAN DEFAULT FALSE,
+     pathLenConstraint       INTEGER (0..MAX) OPTIONAL }
+
+-- name constraints extension OID and syntax
+
+id-ce-nameConstraints OBJECT IDENTIFIER ::=  { id-ce 30 }
+
+NameConstraints ::= SEQUENCE {
+     permittedSubtrees       [0]     GeneralSubtrees OPTIONAL,
+     excludedSubtrees        [1]     GeneralSubtrees OPTIONAL }
+
+GeneralSubtrees ::= SEQUENCE SIZE (1..MAX) OF GeneralSubtree
+
+GeneralSubtree ::= SEQUENCE {
+     base                    GeneralName,
+     minimum         [0]     BaseDistance DEFAULT 0,
+     maximum         [1]     BaseDistance OPTIONAL }
+
+BaseDistance ::= INTEGER (0..MAX)
+
+-- policy constraints extension OID and syntax
+
+id-ce-policyConstraints OBJECT IDENTIFIER ::=  { id-ce 36 }
+
+PolicyConstraints ::= SEQUENCE {
+     requireExplicitPolicy           [0] SkipCerts OPTIONAL,
+     inhibitPolicyMapping            [1] SkipCerts OPTIONAL }
+
+SkipCerts ::= INTEGER (0..MAX)
+
+-- CRL distribution points extension OID and syntax
+
+id-ce-cRLDistributionPoints     OBJECT IDENTIFIER  ::=  {id-ce 31}
+
+CRLDistributionPoints ::= SEQUENCE SIZE (1..MAX) OF DistributionPoint
+
+DistributionPoint ::= SEQUENCE {
+     distributionPoint       [0]     EXPLICIT DistributionPointName OPTIONAL,
+     reasons                 [1]     ReasonFlags OPTIONAL,
+     cRLIssuer               [2]     GeneralNames OPTIONAL
+}
+
+DistributionPointName ::= CHOICE {
+    fullName                [0]     GeneralNames,
+    nameRelativeToCRLIssuer [1]     RelativeDistinguishedName 
+}
+
+ReasonFlags ::= BIT STRING {
+     unused                  (0),
+     keyCompromise           (1),
+     cACompromise            (2),
+     affiliationChanged      (3),
+     superseded              (4),
+     cessationOfOperation    (5),
+     certificateHold         (6),
+     privilegeWithdrawn      (7),
+     aACompromise            (8) }
+
+-- extended key usage extension OID and syntax
+
+id-ce-extKeyUsage OBJECT IDENTIFIER ::= {id-ce 37}
+
+ExtKeyUsageSyntax ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId
+
+KeyPurposeId ::= OBJECT IDENTIFIER
+
+-- extended key purpose OIDs
+id-kp-serverAuth      OBJECT IDENTIFIER ::= { id-kp 1 }
+id-kp-clientAuth      OBJECT IDENTIFIER ::= { id-kp 2 }
+id-kp-codeSigning     OBJECT IDENTIFIER ::= { id-kp 3 }
+id-kp-emailProtection OBJECT IDENTIFIER ::= { id-kp 4 }
+id-kp-ipsecEndSystem  OBJECT IDENTIFIER ::= { id-kp 5 }
+id-kp-ipsecTunnel     OBJECT IDENTIFIER ::= { id-kp 6 }
+id-kp-ipsecUser       OBJECT IDENTIFIER ::= { id-kp 7 }
+id-kp-timeStamping    OBJECT IDENTIFIER ::= { id-kp 8 }
+
+-- authority info access
+
+id-pe-authorityInfoAccess OBJECT IDENTIFIER ::= { id-pe 1 }
+
+AuthorityInfoAccessSyntax  ::=
+        SEQUENCE SIZE (1..MAX) OF AccessDescription
+
+AccessDescription  ::=  SEQUENCE {
+        accessMethod          OBJECT IDENTIFIER,
+        accessLocation        GeneralName  }
+
+-- CRL number extension OID and syntax
+
+id-ce-cRLNumber OBJECT IDENTIFIER ::= { id-ce 20 }
+
+CRLNumber ::= INTEGER (0..MAX)
+
+-- issuing distribution point extension OID and syntax
+
+id-ce-issuingDistributionPoint OBJECT IDENTIFIER ::= { id-ce 28 }
+
+IssuingDistributionPoint ::= SEQUENCE {
+     distributionPoint       [0] DistributionPointName OPTIONAL,
+     onlyContainsUserCerts   [1] BOOLEAN DEFAULT FALSE,
+     onlyContainsCACerts     [2] BOOLEAN DEFAULT FALSE,
+     onlySomeReasons         [3] ReasonFlags OPTIONAL,
+     indirectCRL             [4] BOOLEAN DEFAULT FALSE }
+
+
+id-ce-deltaCRLIndicator OBJECT IDENTIFIER ::= { id-ce 27 }
+
+-- deltaCRLIndicator ::= BaseCRLNumber
+
+BaseCRLNumber ::= CRLNumber
+
+-- CRL reasons extension OID and syntax
+
+id-ce-cRLReasons OBJECT IDENTIFIER ::= { id-ce 21 }
+
+CRLReason ::= ENUMERATED {
+     unspecified             (0),
+     keyCompromise           (1),
+     cACompromise            (2),
+     affiliationChanged      (3),
+     superseded              (4),
+     cessationOfOperation    (5),
+     certificateHold         (6),
+     removeFromCRL           (8) }
+
+-- certificate issuer CRL entry extension OID and syntax
+
+id-ce-certificateIssuer OBJECT IDENTIFIER ::= { id-ce 29 }
+
+CertificateIssuer ::= GeneralNames
+
+-- hold instruction extension OID and syntax
+
+id-ce-holdInstructionCode OBJECT IDENTIFIER ::= { id-ce 23 }
+
+HoldInstructionCode ::= OBJECT IDENTIFIER
+
+-- ANSI x9 holdinstructions
+
+-- ANSI x9 arc holdinstruction arc
+holdInstruction OBJECT IDENTIFIER ::=
+          {joint-iso-itu-t(2) member-body(2) us(840) x9cm(10040) 2}
+
+-- ANSI X9 holdinstructions referenced by this standard
+id-holdinstruction-none OBJECT IDENTIFIER  ::=
+                {holdInstruction 1} -- deprecated
+id-holdinstruction-callissuer OBJECT IDENTIFIER ::=
+                {holdInstruction 2}
+id-holdinstruction-reject OBJECT IDENTIFIER ::=
+                {holdInstruction 3}
+
+-- invalidity date CRL entry extension OID and syntax
+
+id-ce-invalidityDate OBJECT IDENTIFIER ::= { id-ce 24 }
+
+InvalidityDate ::=  GeneralizedTime
+
+
+-- --------------------------------------
+--  EXPLICIT
+-- --------------------------------------
+
+-- UNIVERSAL Types defined in '93 and '98 ASN.1
+-- but required by this specification
+
+VisibleString ::= [UNIVERSAL 26] IMPLICIT OCTET STRING
+
+NumericString ::= [UNIVERSAL 18] IMPLICIT OCTET STRING
+
+IA5String ::= [UNIVERSAL 22] IMPLICIT OCTET STRING
+
+TeletexString ::= [UNIVERSAL 20] IMPLICIT OCTET STRING
+
+PrintableString ::= [UNIVERSAL 19] IMPLICIT OCTET STRING
+
+UniversalString ::= [UNIVERSAL 28] IMPLICIT OCTET STRING
+        -- UniversalString is defined in ASN.1:1993
+
+BMPString ::= [UNIVERSAL 30] IMPLICIT OCTET STRING
+      -- BMPString is the subtype of UniversalString and models
+       -- the Basic Multilingual Plane of ISO/IEC/ITU 10646-1
+
+UTF8String ::= [UNIVERSAL 12] IMPLICIT OCTET STRING
+        -- The content of this type conforms to RFC 2279.
+
+
+-- PKIX specific OIDs
+
+id-pkix  OBJECT IDENTIFIER  ::=
+         { iso(1) identified-organization(3) dod(6) internet(1)
+                    security(5) mechanisms(5) pkix(7) }
+
+-- PKIX arcs
+
+id-pe OBJECT IDENTIFIER  ::=  { id-pkix 1 }
+        -- arc for private certificate extensions
+id-qt OBJECT IDENTIFIER ::= { id-pkix 2 }
+        -- arc for policy qualifier types
+id-kp OBJECT IDENTIFIER ::= { id-pkix 3 }
+        -- arc for extended key purpose OIDS
+id-ad OBJECT IDENTIFIER ::= { id-pkix 48 }
+        -- arc for access descriptors
+
+-- policyQualifierIds for Internet policy qualifiers
+
+id-qt-cps      OBJECT IDENTIFIER ::=  { id-qt 1 }
+        -- OID for CPS qualifier
+id-qt-unotice  OBJECT IDENTIFIER ::=  { id-qt 2 }
+        -- OID for user notice qualifier
+
+-- access descriptor definitions
+
+id-ad-ocsp      OBJECT IDENTIFIER ::= { id-ad 1 }
+id-ad-caIssuers OBJECT IDENTIFIER ::= { id-ad 2 }
+
+-- attribute data types --
+
+Attribute       ::=     SEQUENCE {
+        type            AttributeType,
+        values  SET OF AttributeValue
+                -- at least one value is required -- 
+}
+
+AttributeType           ::=   OBJECT IDENTIFIER
+
+AttributeValue          ::=   ANY DEFINED BY type
+
+AttributeTypeAndValue           ::=     SEQUENCE {
+        type    AttributeType,
+        value   AttributeValue }
+
+-- suggested naming attributes: Definition of the following
+--  information object set may be augmented to meet local
+--  requirements.  Note that deleting members of the set may
+--  prevent interoperability with conforming implementations.
+--  presented in pairs: the AttributeType followed by the
+--  type definition for the corresponding AttributeValue
+
+-- Arc for standard naming attributes
+id-at           OBJECT IDENTIFIER ::= {joint-iso-ccitt(2) ds(5) 4}
+
+-- Attributes of type NameDirectoryString
+id-at-initials          AttributeType ::= { id-at 43 }
+X520initials ::= DirectoryString
+
+id-at-generationQualifier AttributeType ::= { id-at 44 }
+X520generationQualifier ::= DirectoryString
+
+id-at-surname           AttributeType ::= { id-at 4 }
+X520surName ::= DirectoryString
+
+id-at-givenName         AttributeType ::= { id-at 42 }
+X520givenName ::= DirectoryString
+
+id-at-name              AttributeType ::= { id-at 41 }
+X520name        ::= DirectoryString
+
+id-at-commonName        AttributeType   ::=     {id-at 3}
+X520CommonName  ::=      DirectoryString
+
+id-at-localityName      AttributeType   ::=     {id-at 7}
+X520LocalityName ::= DirectoryString
+
+id-at-stateOrProvinceName       AttributeType   ::=     {id-at 8}
+X520StateOrProvinceName         ::= DirectoryString
+
+id-at-organizationName          AttributeType   ::=     {id-at 10}
+X520OrganizationName ::= DirectoryString
+
+id-at-organizationalUnitName    AttributeType   ::=     {id-at 11}
+X520OrganizationalUnitName ::= DirectoryString
+
+id-at-title     AttributeType   ::=     {id-at 12}
+X520Title ::=   DirectoryString
+
+id-at-description     AttributeType   ::=     {id-at 13}
+X520Description ::=   DirectoryString
+
+id-at-dnQualifier       AttributeType   ::=     {id-at 46}
+X520dnQualifier ::=     PrintableString
+
+id-at-countryName       AttributeType   ::=     {id-at 6}
+X520countryName ::=     PrintableString (SIZE (2)) -- IS 3166 codes
+
+id-at-serialNumber       AttributeType   ::=     {id-at 5}
+X520serialNumber ::=     PrintableString
+
+id-at-telephoneNumber       AttributeType   ::=     {id-at 20}
+X520telephoneNumber ::=     PrintableString
+
+id-at-facsimileTelephoneNumber       AttributeType   ::=     {id-at 23}
+X520facsimileTelephoneNumber ::=     PrintableString
+
+id-at-pseudonym 	AttributeType   ::=     {id-at 65}
+X520pseudonym ::=	DirectoryString
+
+id-at-name 	AttributeType   ::=     {id-at 41}
+X520name ::=	DirectoryString
+
+id-at-streetAddress 	AttributeType   ::=     {id-at 9}
+X520streetAddress ::=	DirectoryString
+
+id-at-postalAddress	AttributeType	::=	{id-at 16}
+X520postalAddress ::= PostalAddress
+
+PostalAddress ::= SEQUENCE OF DirectoryString
+
+
+ -- Legacy attributes
+
+pkcs OBJECT IDENTIFIER ::=
+       { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) }
+
+pkcs-9 OBJECT IDENTIFIER ::=
+       { pkcs 9 }
+
+
+emailAddress AttributeType      ::= { pkcs-9 1 }
+
+Pkcs9email ::= IA5String (SIZE (1..ub-emailaddress-length))
+
+-- naming data types --
+
+Name            ::=   CHOICE { -- only one possibility for now --
+                                 rdnSequence  RDNSequence }
+
+RDNSequence     ::=   SEQUENCE OF RelativeDistinguishedName
+
+DistinguishedName       ::=   RDNSequence
+
+RelativeDistinguishedName  ::=
+                    SET SIZE (1 .. MAX) OF AttributeTypeAndValue
+
+
+
+-- --------------------------------------------------------
+-- certificate and CRL specific structures begin here
+-- --------------------------------------------------------
+
+Certificate  ::=  SEQUENCE  {
+     tbsCertificate       TBSCertificate,
+     signatureAlgorithm   AlgorithmIdentifier,
+     signature            BIT STRING  }
+
+TBSCertificate  ::=  SEQUENCE  {
+     version         [0]  EXPLICIT Version DEFAULT v1,
+     serialNumber         CertificateSerialNumber,
+     signature            AlgorithmIdentifier,
+     issuer               Name,
+     validity             Validity,
+     subject              Name,
+     subjectPublicKeyInfo SubjectPublicKeyInfo,
+     issuerUniqueID  [1]  IMPLICIT UniqueIdentifier OPTIONAL,
+                          -- If present, version shall be v2 or v3
+     subjectUniqueID [2]  IMPLICIT UniqueIdentifier OPTIONAL,
+                          -- If present, version shall be v2 or v3
+     extensions      [3]  EXPLICIT Extensions OPTIONAL
+                          -- If present, version shall be v3 --  
+}
+
+Version  ::=  INTEGER  {  v1(0), v2(1), v3(2)  }
+
+CertificateSerialNumber  ::=  INTEGER
+
+Validity ::= SEQUENCE {
+     notBefore      Time,
+     notAfter       Time }
+
+Time ::= CHOICE {
+     utcTime        UTCTime,
+     generalTime    GeneralizedTime }
+
+UniqueIdentifier  ::=  BIT STRING
+
+SubjectPublicKeyInfo  ::=  SEQUENCE  {
+     algorithm            AlgorithmIdentifier,
+     subjectPublicKey     BIT STRING  }
+
+Extensions  ::=  SEQUENCE SIZE (1..MAX) OF Extension
+
+Extension  ::=  SEQUENCE  {
+     extnID      OBJECT IDENTIFIER,
+     critical    BOOLEAN DEFAULT FALSE,
+     extnValue   OCTET STRING  }
+
+
+-- ------------------------------------------
+-- CRL structures
+-- ------------------------------------------
+
+CertificateList  ::=  SEQUENCE  {
+     tbsCertList          TBSCertList,
+     signatureAlgorithm   AlgorithmIdentifier,
+     signature            BIT STRING  }
+
+TBSCertList  ::=  SEQUENCE  {
+     version                 Version OPTIONAL,
+                                  -- if present, shall be v2
+     signature               AlgorithmIdentifier,
+     issuer                  Name,
+     thisUpdate              Time,
+     nextUpdate              Time OPTIONAL,
+     revokedCertificates     SEQUENCE OF SEQUENCE  {
+          userCertificate         CertificateSerialNumber,
+          revocationDate          Time,
+          crlEntryExtensions      Extensions OPTIONAL
+                                         -- if present, shall be v2
+                               }  OPTIONAL,
+     crlExtensions           [0] EXPLICIT Extensions OPTIONAL
+                                         -- if present, shall be v2 -- 
+}
+
+-- Version, Time, CertificateSerialNumber, and Extensions were
+-- defined earlier for use in the certificate structure
+
+AlgorithmIdentifier  ::=  SEQUENCE  {
+     algorithm               OBJECT IDENTIFIER,
+     parameters              ANY DEFINED BY algorithm OPTIONAL  }
+                                -- contains a value of the type
+                                -- registered for use with the
+                                -- algorithm object identifier value
+
+-- Algorithm OIDs and parameter structures
+
+pkcs-1 OBJECT IDENTIFIER ::= {
+     pkcs 1 }
+
+rsaEncryption OBJECT IDENTIFIER ::=  { pkcs-1 1 }
+
+md2WithRSAEncryption OBJECT IDENTIFIER  ::=  { pkcs-1 2 }
+
+md5WithRSAEncryption OBJECT IDENTIFIER  ::=  { pkcs-1 4 }
+
+sha1WithRSAEncryption OBJECT IDENTIFIER  ::=  { pkcs-1 5 }
+
+id-dsa-with-sha1 OBJECT IDENTIFIER ::=  {
+     iso(1) member-body(2) us(840) x9-57 (10040) x9algorithm(4) 3 }
+
+Dss-Sig-Value ::= SEQUENCE {
+     r       INTEGER,
+     s       INTEGER  
+}
+
+dhpublicnumber OBJECT IDENTIFIER ::= {
+     iso(1) member-body(2) us(840) ansi-x942(10046) number-type(2) 1 }
+
+DomainParameters ::= SEQUENCE {
+     p       INTEGER, -- odd prime, p=jq +1
+     g       INTEGER, -- generator, g
+     q       INTEGER, -- factor of p-1
+     j       INTEGER OPTIONAL, -- subgroup factor, j>= 2
+     validationParms  ValidationParms OPTIONAL }
+
+ValidationParms ::= SEQUENCE {
+     seed             BIT STRING,
+     pgenCounter      INTEGER }
+
+id-dsa OBJECT IDENTIFIER ::= {
+     iso(1) member-body(2) us(840) x9-57(10040) x9algorithm(4) 1 }
+
+Dss-Parms  ::=  SEQUENCE  {
+     p             INTEGER,
+     q             INTEGER,
+     g             INTEGER  }
+
+-- x400 address syntax starts here
+--      OR Names
+
+ORAddress ::= SEQUENCE {
+   built-in-standard-attributes BuiltInStandardAttributes,
+   built-in-domain-defined-attributes
+                        BuiltInDomainDefinedAttributes OPTIONAL,
+   -- see also teletex-domain-defined-attributes
+   extension-attributes ExtensionAttributes OPTIONAL }
+--      The OR-address is semantically absent from the OR-name if the
+--      built-in-standard-attribute sequence is empty and the
+--      built-in-domain-defined-attributes and extension-attributes are
+--      both omitted.
+
+--      Built-in Standard Attributes
+
+BuiltInStandardAttributes ::= SEQUENCE {
+   country-name CountryName OPTIONAL,
+   administration-domain-name AdministrationDomainName OPTIONAL,
+   network-address      [0] EXPLICIT NetworkAddress OPTIONAL,
+   -- see also extended-network-address
+   terminal-identifier  [1] EXPLICIT TerminalIdentifier OPTIONAL,
+   private-domain-name  [2] EXPLICIT PrivateDomainName OPTIONAL,
+   organization-name    [3] EXPLICIT OrganizationName OPTIONAL,
+   -- see also teletex-organization-name
+   numeric-user-identifier      [4] EXPLICIT NumericUserIdentifier OPTIONAL,
+   personal-name        [5] EXPLICIT PersonalName OPTIONAL,
+   -- see also teletex-personal-name
+   organizational-unit-names    [6] EXPLICIT OrganizationalUnitNames OPTIONAL
+   -- see also teletex-organizational-unit-names -- 
+}
+
+CountryName ::= [APPLICATION 1] CHOICE {
+   x121-dcc-code NumericString
+                (SIZE (ub-country-name-numeric-length)),
+   iso-3166-alpha2-code PrintableString
+                (SIZE (ub-country-name-alpha-length)) }
+
+AdministrationDomainName ::= [APPLICATION 2] EXPLICIT CHOICE {
+   numeric NumericString (SIZE (0..ub-domain-name-length)),
+   printable PrintableString (SIZE (0..ub-domain-name-length)) }
+
+NetworkAddress ::= X121Address  -- see also extended-network-address
+
+X121Address ::= NumericString (SIZE (1..ub-x121-address-length))
+
+TerminalIdentifier ::= PrintableString (SIZE (1..ub-terminal-id-length))
+
+PrivateDomainName ::= CHOICE {
+   numeric NumericString (SIZE (1..ub-domain-name-length)),
+   printable PrintableString (SIZE (1..ub-domain-name-length)) }
+
+OrganizationName ::= PrintableString
+                            (SIZE (1..ub-organization-name-length))
+-- see also teletex-organization-name
+
+NumericUserIdentifier ::= NumericString
+                            (SIZE (1..ub-numeric-user-id-length))
+
+PersonalName ::= SET {
+   surname [0] PrintableString (SIZE (1..ub-surname-length)),
+   given-name [1] PrintableString
+                        (SIZE (1..ub-given-name-length)) OPTIONAL,
+   initials [2] PrintableString (SIZE (1..ub-initials-length)) OPTIONAL,
+   generation-qualifier [3] PrintableString
+                (SIZE (1..ub-generation-qualifier-length)) OPTIONAL }
+-- see also teletex-personal-name
+
+OrganizationalUnitNames ::= SEQUENCE SIZE (1..ub-organizational-units)
+                                        OF OrganizationalUnitName
+-- see also teletex-organizational-unit-names
+
+OrganizationalUnitName ::= PrintableString (SIZE
+                        (1..ub-organizational-unit-name-length))
+
+--      Built-in Domain-defined Attributes
+
+BuiltInDomainDefinedAttributes ::= SEQUENCE SIZE
+                                (1..ub-domain-defined-attributes) OF
+                                BuiltInDomainDefinedAttribute
+
+BuiltInDomainDefinedAttribute ::= SEQUENCE {
+   type PrintableString (SIZE
+                        (1..ub-domain-defined-attribute-type-length)),
+   value PrintableString (SIZE
+                        (1..ub-domain-defined-attribute-value-length))}
+
+--      Extension Attributes
+
+ExtensionAttributes ::= SET SIZE (1..ub-extension-attributes) OF
+                        ExtensionAttribute
+
+ExtensionAttribute ::=  SEQUENCE {
+   extension-attribute-type [0] EXPLICIT INTEGER (0..ub-extension-attributes),
+   extension-attribute-value [1] EXPLICIT
+                        ANY DEFINED BY extension-attribute-type }
+
+-- Extension types and attribute values
+--
+
+common-name INTEGER ::= 1
+
+CommonName ::= PrintableString (SIZE (1..ub-common-name-length))
+
+teletex-common-name INTEGER ::= 2
+
+TeletexCommonName ::= TeletexString (SIZE (1..ub-common-name-length))
+
+teletex-organization-name INTEGER ::= 3
+
+TeletexOrganizationName ::=
+                TeletexString (SIZE (1..ub-organization-name-length))
+
+teletex-personal-name INTEGER ::= 4
+
+TeletexPersonalName ::= SET {
+   surname [0] EXPLICIT TeletexString (SIZE (1..ub-surname-length)),
+   given-name [1] EXPLICIT TeletexString
+                (SIZE (1..ub-given-name-length)) OPTIONAL,
+   initials [2] EXPLICIT TeletexString (SIZE (1..ub-initials-length)) OPTIONAL,
+   generation-qualifier [3] EXPLICIT TeletexString (SIZE
+                (1..ub-generation-qualifier-length)) OPTIONAL }
+
+teletex-organizational-unit-names INTEGER ::= 5
+
+TeletexOrganizationalUnitNames ::= SEQUENCE SIZE
+        (1..ub-organizational-units) OF TeletexOrganizationalUnitName
+
+TeletexOrganizationalUnitName ::= TeletexString
+                        (SIZE (1..ub-organizational-unit-name-length))
+
+pds-name INTEGER ::= 7
+
+PDSName ::= PrintableString (SIZE (1..ub-pds-name-length))
+
+physical-delivery-country-name INTEGER ::= 8
+
+PhysicalDeliveryCountryName ::= CHOICE {
+   x121-dcc-code NumericString (SIZE (ub-country-name-numeric-length)),
+   iso-3166-alpha2-code PrintableString
+                        (SIZE (ub-country-name-alpha-length)) }
+
+postal-code INTEGER ::= 9
+
+PostalCode ::= CHOICE {
+   numeric-code NumericString (SIZE (1..ub-postal-code-length)),
+   printable-code PrintableString (SIZE (1..ub-postal-code-length)) }
+
+physical-delivery-office-name INTEGER ::= 10
+
+PhysicalDeliveryOfficeName ::= PDSParameter
+
+physical-delivery-office-number INTEGER ::= 11
+
+PhysicalDeliveryOfficeNumber ::= PDSParameter
+
+extension-OR-address-components INTEGER ::= 12
+
+ExtensionORAddressComponents ::= PDSParameter
+
+physical-delivery-personal-name INTEGER ::= 13
+
+PhysicalDeliveryPersonalName ::= PDSParameter
+
+physical-delivery-organization-name INTEGER ::= 14
+
+PhysicalDeliveryOrganizationName ::= PDSParameter
+
+extension-physical-delivery-address-components INTEGER ::= 15
+
+ExtensionPhysicalDeliveryAddressComponents ::= PDSParameter
+
+unformatted-postal-address INTEGER ::= 16
+
+UnformattedPostalAddress ::= SET {
+   printable-address SEQUENCE SIZE (1..ub-pds-physical-address-lines) OF
+           PrintableString (SIZE (1..ub-pds-parameter-length)) OPTIONAL,
+   teletex-string TeletexString
+         (SIZE (1..ub-unformatted-address-length)) OPTIONAL }
+
+street-address INTEGER ::= 17
+
+StreetAddress ::= PDSParameter
+
+post-office-box-address INTEGER ::= 18
+
+PostOfficeBoxAddress ::= PDSParameter
+
+poste-restante-address INTEGER ::= 19
+
+PosteRestanteAddress ::= PDSParameter
+
+unique-postal-name INTEGER ::= 20
+
+UniquePostalName ::= PDSParameter
+
+local-postal-attributes INTEGER ::= 21
+
+LocalPostalAttributes ::= PDSParameter
+
+PDSParameter ::= SET {
+   printable-string PrintableString
+                (SIZE(1..ub-pds-parameter-length)) OPTIONAL,
+   teletex-string TeletexString
+                (SIZE(1..ub-pds-parameter-length)) OPTIONAL }
+
+extended-network-address INTEGER ::= 22
+
+ExtendedNetworkAddress ::= CHOICE {
+   e163-4-address SEQUENCE {
+        number [0] EXPLICIT NumericString (SIZE (1..ub-e163-4-number-length)),
+        sub-address [1] EXPLICIT NumericString
+                (SIZE (1..ub-e163-4-sub-address-length)) OPTIONAL },
+   psap-address [0] EXPLICIT PresentationAddress }
+
+PresentationAddress ::= SEQUENCE {
+        pSelector       [0] EXPLICIT OCTET STRING OPTIONAL,
+        sSelector       [1] EXPLICIT OCTET STRING OPTIONAL,
+        tSelector       [2] EXPLICIT OCTET STRING OPTIONAL,
+        nAddresses      [3] EXPLICIT SET SIZE (1..MAX) OF OCTET STRING }
+
+terminal-type  INTEGER ::= 23
+
+TerminalType ::= INTEGER {
+   telex (3),
+   teletex (4),
+   g3-facsimile (5),
+   g4-facsimile (6),
+   ia5-terminal (7),
+   videotex (8) } -- (0..ub-integer-options)
+
+--      Extension Domain-defined Attributes
+
+teletex-domain-defined-attributes INTEGER ::= 6
+
+TeletexDomainDefinedAttributes ::= SEQUENCE SIZE
+   (1..ub-domain-defined-attributes) OF TeletexDomainDefinedAttribute
+
+TeletexDomainDefinedAttribute ::= SEQUENCE {
+        type TeletexString
+               (SIZE (1..ub-domain-defined-attribute-type-length)),
+        value TeletexString
+               (SIZE (1..ub-domain-defined-attribute-value-length)) }
+
+--  specifications of Upper Bounds shall be regarded as mandatory
+--  from Annex B of ITU-T X.411 Reference Definition of MTS Parameter
+--  Upper Bounds
+
+--      Upper Bounds
+ub-name INTEGER ::=     32768
+ub-common-name  INTEGER ::=     64
+ub-locality-name        INTEGER ::=     128
+ub-state-name   INTEGER ::=     128
+ub-organization-name    INTEGER ::=     64
+ub-organizational-unit-name     INTEGER ::=     64
+ub-title        INTEGER ::=     64
+ub-match        INTEGER ::=     128
+
+ub-emailaddress-length INTEGER ::= 128
+
+ub-common-name-length INTEGER ::= 64
+ub-country-name-alpha-length INTEGER ::= 2
+ub-country-name-numeric-length INTEGER ::= 3
+ub-domain-defined-attributes INTEGER ::= 4
+ub-domain-defined-attribute-type-length INTEGER ::= 8
+ub-domain-defined-attribute-value-length INTEGER ::= 128
+ub-domain-name-length INTEGER ::= 16
+ub-extension-attributes INTEGER ::= 256
+ub-e163-4-number-length INTEGER ::= 15
+ub-e163-4-sub-address-length INTEGER ::= 40
+ub-generation-qualifier-length INTEGER ::= 3
+ub-given-name-length INTEGER ::= 16
+ub-initials-length INTEGER ::= 5
+ub-integer-options INTEGER ::= 256
+ub-numeric-user-id-length INTEGER ::= 32
+ub-organization-name-length INTEGER ::= 64
+ub-organizational-unit-name-length INTEGER ::= 32
+ub-organizational-units INTEGER ::= 4
+ub-pds-name-length INTEGER ::= 16
+ub-pds-parameter-length INTEGER ::= 30
+ub-pds-physical-address-lines INTEGER ::= 6
+ub-postal-code-length INTEGER ::= 16
+ub-surname-length INTEGER ::= 40
+ub-terminal-id-length INTEGER ::= 24
+ub-unformatted-address-length INTEGER ::= 180
+ub-x121-address-length INTEGER ::= 16
+
+-- Note - upper bounds on string types, such as TeletexString, are
+-- measured in characters.  Excepting PrintableString or IA5String, a
+-- significantly greater number of octets will be required to hold
+-- such a value.  As a minimum, 16 octets, or twice the specified upper
+-- bound, whichever is the larger, should be allowed for TeletexString.
+-- For UTF8String or UniversalString at least four times the upper
+-- bound should be allowed.
+
+
+
+-- END of PKIX1Implicit88
+
+
+-- BEGIN of RFC2630
+
+-- Cryptographic Message Syntax
+
+pkcs-7-ContentInfo ::= SEQUENCE {
+  contentType pkcs-7-ContentType,
+  content [0] EXPLICIT ANY DEFINED BY contentType }
+
+pkcs-7-DigestInfo ::= SEQUENCE {
+  digestAlgorithm pkcs-7-DigestAlgorithmIdentifier,
+  digest pkcs-7-Digest 
+}
+
+pkcs-7-Digest ::= OCTET STRING
+
+pkcs-7-ContentType ::= OBJECT IDENTIFIER
+
+pkcs-7-SignedData ::= SEQUENCE {
+  version pkcs-7-CMSVersion,
+  digestAlgorithms pkcs-7-DigestAlgorithmIdentifiers,
+  encapContentInfo pkcs-7-EncapsulatedContentInfo,
+  certificates [0] IMPLICIT pkcs-7-CertificateSet OPTIONAL,
+  crls [1] IMPLICIT pkcs-7-CertificateRevocationLists OPTIONAL,
+  signerInfos pkcs-7-SignerInfos 
+}
+
+pkcs-7-CMSVersion ::= INTEGER  { v0(0), v1(1), v2(2), v3(3), v4(4) }
+
+pkcs-7-DigestAlgorithmIdentifiers ::= SET OF pkcs-7-DigestAlgorithmIdentifier
+
+pkcs-7-DigestAlgorithmIdentifier ::= AlgorithmIdentifier
+
+pkcs-7-EncapsulatedContentInfo ::= SEQUENCE {
+  eContentType pkcs-7-ContentType,
+  eContent [0] EXPLICIT OCTET STRING OPTIONAL }
+
+-- We don't use CertificateList here since we only want
+-- to read the raw data.
+pkcs-7-CertificateRevocationLists ::= SET OF ANY
+
+pkcs-7-CertificateChoices ::= CHOICE {
+-- Although the paper uses Certificate type, we
+-- don't use it since, we don't need to parse it.
+-- We only need to read and store it.
+  certificate ANY
+}
+
+pkcs-7-CertificateSet ::= SET OF pkcs-7-CertificateChoices
+
+pkcs-7-SignerInfos ::= SET OF ANY -- this is not correct but we don't use it
+ -- anyway
+
+
+-- BEGIN of RFC2986
+
+-- Certificate requests
+pkcs-10-CertificationRequestInfo ::= SEQUENCE {
+     version       INTEGER { v1(0) },
+     subject       Name,
+     subjectPKInfo SubjectPublicKeyInfo,
+     attributes    [0] Attributes
+}
+
+Attributes ::= SET OF Attribute
+
+pkcs-10-CertificationRequest ::= SEQUENCE {
+     certificationRequestInfo pkcs-10-CertificationRequestInfo,
+     signatureAlgorithm AlgorithmIdentifier,
+     signature          BIT STRING
+}
+
+-- stuff from PKCS#9
+
+pkcs-9-ub-challengePassword   INTEGER ::= 255
+
+pkcs-9-certTypes OBJECT IDENTIFIER ::= {pkcs-9 22}
+pkcs-9-crlTypes OBJECT IDENTIFIER ::= {pkcs-9 23}
+
+pkcs-9-at-challengePassword OBJECT IDENTIFIER   ::= {pkcs-9 7}
+
+pkcs-9-challengePassword        ::= CHOICE {
+      printableString       PrintableString (SIZE (1..pkcs-9-ub-challengePassword)),
+      utf8String            UTF8String (SIZE (1..pkcs-9-ub-challengePassword)) }
+
+pkcs-9-at-localKeyId               OBJECT IDENTIFIER ::= {pkcs-9 21}
+
+pkcs-9-localKeyId ::= OCTET STRING
+
+pkcs-9-at-friendlyName             OBJECT IDENTIFIER ::= {pkcs-9 20}
+
+pkcs-9-friendlyName ::= BMPString      (SIZE (1..255))
+
+-- PKCS #8 stuff
+
+-- Private-key information syntax
+
+pkcs-8-PrivateKeyInfo ::= SEQUENCE {
+  version pkcs-8-Version,
+  privateKeyAlgorithm AlgorithmIdentifier,
+  privateKey pkcs-8-PrivateKey,
+  attributes [0] Attributes OPTIONAL }
+
+pkcs-8-Version ::= INTEGER {v1(0)}
+
+pkcs-8-PrivateKey ::= OCTET STRING
+
+pkcs-8-Attributes ::= SET OF Attribute
+
+-- Encrypted private-key information syntax
+
+pkcs-8-EncryptedPrivateKeyInfo ::= SEQUENCE {
+    encryptionAlgorithm AlgorithmIdentifier,
+    encryptedData pkcs-8-EncryptedData 
+}
+
+pkcs-8-EncryptedData ::= OCTET STRING
+
+-- PKCS #5 stuff
+
+pkcs-5 OBJECT IDENTIFIER ::=
+       { pkcs 5 }
+
+pkcs-5-encryptionAlgorithm OBJECT IDENTIFIER ::=
+       { iso(1) member-body(2) us(840) rsadsi(113549) 3 }
+
+pkcs-5-des-EDE3-CBC OBJECT IDENTIFIER ::= {pkcs-5-encryptionAlgorithm 7}
+
+pkcs-5-des-EDE3-CBC-params ::= OCTET STRING (SIZE(8))
+
+pkcs-5-des-CBC-params ::= OCTET STRING (SIZE(8))
+
+pkcs-5-rc2-CBC-params ::= SEQUENCE {
+  rc2ParameterVersion INTEGER OPTIONAL,
+  iv OCTET STRING (SIZE(8)) 
+}
+  
+pkcs-5-PBE-params ::= SEQUENCE {
+  salt OCTET STRING (SIZE(8)),
+  iterationCount INTEGER
+}
+
+pkcs-5-id-PBES2 OBJECT IDENTIFIER ::= {pkcs-5 13}
+
+pkcs-5-PBES2-params ::= SEQUENCE {
+  keyDerivationFunc AlgorithmIdentifier,
+  encryptionScheme AlgorithmIdentifier }
+
+-- PBKDF2
+
+pkcs-5-id-PBKDF2 OBJECT IDENTIFIER ::= {pkcs-5 12}
+
+-- pkcs-5-id-hmacWithSHA1 OBJECT IDENTIFIER ::= {iso(1) member-body(2) us(840) rsadsi(113549) 2 7}
+
+-- pkcs-5-algid-hmacWithSHA1 AlgorithmIdentifier ::=
+--   {algorithm pkcs-5-id-hmacWithSHA1, parameters NULL : NULL}
+
+pkcs-5-PBKDF2-params ::= SEQUENCE {
+  salt CHOICE {
+    specified OCTET STRING,
+    otherSource AlgorithmIdentifier
+  },
+  iterationCount INTEGER (1..MAX),
+  keyLength INTEGER (1..MAX) OPTIONAL,
+  prf AlgorithmIdentifier OPTIONAL -- DEFAULT pkcs-5-id-hmacWithSHA1 
+}
+
+-- PKCS #12 stuff
+
+pkcs-12	OBJECT IDENTIFIER ::= {pkcs 12}
+
+pkcs-12-PFX ::= SEQUENCE {
+    	version		INTEGER {v3(3)},
+    	authSafe	pkcs-7-ContentInfo,
+    	macData    	pkcs-12-MacData OPTIONAL
+}
+
+pkcs-12-PbeParams ::= SEQUENCE {
+	salt	OCTET STRING,
+	iterations INTEGER
+}
+
+pkcs-12-MacData ::= SEQUENCE {
+    	mac 		pkcs-7-DigestInfo,
+	macSalt	        OCTET STRING,
+	iterations	INTEGER DEFAULT 1
+-- Note: The default is for historical reasons and its use is
+-- deprecated. A higher value, like 1024 is recommended.
+}
+
+pkcs-12-AuthenticatedSafe ::= SEQUENCE OF pkcs-7-ContentInfo
+	-- Data if unencrypted
+	-- EncryptedData if password-encrypted
+	-- EnvelopedData if public key-encrypted
+
+pkcs-12-SafeContents ::= SEQUENCE OF pkcs-12-SafeBag
+
+pkcs-12-SafeBag ::= SEQUENCE {
+  	bagId	      	OBJECT IDENTIFIER,
+  	bagValue      	[0] EXPLICIT ANY DEFINED BY badId,
+  	bagAttributes 	SET OF pkcs-12-PKCS12Attribute OPTIONAL
+}
+
+-- Bag types
+
+
+pkcs-12-bagtypes OBJECT IDENTIFIER ::= {pkcs-12 10 1}
+
+pkcs-12-keyBag OBJECT IDENTIFIER ::= {pkcs-12-bagtypes 1}
+pkcs-12-pkcs8ShroudedKeyBag OBJECT IDENTIFIER ::= {pkcs-12-bagtypes 2}
+pkcs-12-certBag OBJECT IDENTIFIER ::= {pkcs-12-bagtypes 3}
+pkcs-12-crlBag OBJECT IDENTIFIER ::= {pkcs-12-bagtypes 4}
+
+pkcs-12-KeyBag ::= pkcs-8-PrivateKeyInfo
+
+-- Shrouded KeyBag
+
+pkcs-12-PKCS8ShroudedKeyBag ::= pkcs-8-EncryptedPrivateKeyInfo
+
+-- CertBag
+
+pkcs-12-CertBag ::= SEQUENCE {
+	certId    OBJECT IDENTIFIER,
+	certValue [0] EXPLICIT ANY DEFINED BY certId
+}
+
+-- x509Certificate BAG-TYPE ::= {OCTET STRING IDENTIFIED BY {pkcs-9-certTypes 1}}
+-- DER-encoded X.509 certificate stored in OCTET STRING
+
+pkcs-12-CRLBag ::= SEQUENCE {
+	crlId     	OBJECT IDENTIFIER,
+	crlValue 	[0] EXPLICIT ANY DEFINED BY crlId
+}
+
+-- x509CRL BAG-TYPE ::=
+--	{OCTET STRING IDENTIFIED BY {pkcs-9-crlTypes 1}}
+-- DER-encoded X.509 CRL stored in OCTET STRING
+
+pkcs-12-PKCS12Attribute ::= Attribute
+
+-- PKCS #7 stuff (needed in PKCS 12)
+
+pkcs-7-data OBJECT IDENTIFIER ::= { iso(1) member-body(2)
+    us(840) rsadsi(113549) pkcs(1) pkcs7(7) 1 }
+
+pkcs-7-encryptedData OBJECT IDENTIFIER ::= { iso(1) member-body(2)
+    us(840) rsadsi(113549) pkcs(1) pkcs7(7) 6 }
+
+pkcs-7-Data ::= OCTET STRING
+
+pkcs-7-EncryptedData ::= SEQUENCE {
+    version pkcs-7-CMSVersion,
+    encryptedContentInfo pkcs-7-EncryptedContentInfo,
+    unprotectedAttrs [1] IMPLICIT pkcs-7-UnprotectedAttributes OPTIONAL }
+
+pkcs-7-EncryptedContentInfo ::= SEQUENCE {
+    contentType pkcs-7-ContentType,
+    contentEncryptionAlgorithm pkcs-7-ContentEncryptionAlgorithmIdentifier,
+    encryptedContent [0] IMPLICIT pkcs-7-EncryptedContent OPTIONAL }
+
+pkcs-7-ContentEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
+
+pkcs-7-EncryptedContent ::= OCTET STRING
+
+pkcs-7-UnprotectedAttributes ::= SET SIZE (1..MAX) OF Attribute
+
+-- LDAP stuff
+-- may not be correct
+
+id-at-ldap-DC AttributeType ::= { 0 9 2342 19200300 100 1 25 }
+
+ldap-DC ::= IA5String
+
+id-at-ldap-UID AttributeType ::= { 0 9 2342 19200300 100 1 1 }
+
+ldap-UID ::= DirectoryString
+
+-- rfc3039
+
+id-pda  OBJECT IDENTIFIER ::= { id-pkix 9 }
+
+id-pda-dateOfBirth          AttributeType ::= { id-pda 1 }
+DateOfBirth ::=             GeneralizedTime
+
+id-pda-placeOfBirth         AttributeType ::= { id-pda 2 }
+PlaceOfBirth ::=            DirectoryString
+
+id-pda-gender               AttributeType ::= { id-pda 3 }
+Gender ::=                  PrintableString (SIZE(1))
+                            -- "M", "F", "m" or "f"
+
+id-pda-countryOfCitizenship AttributeType ::= { id-pda 4 }
+CountryOfCitizenship ::=    PrintableString (SIZE (2))
+                            -- ISO 3166 Country Code
+
+id-pda-countryOfResidence   AttributeType ::= { id-pda 5 }
+CountryOfResidence ::=      PrintableString (SIZE (2))
+                            -- ISO 3166 Country Code
+
+END

Modified: trunk/libcryptui/tests/Makefile.am
==============================================================================
--- trunk/libcryptui/tests/Makefile.am	(original)
+++ trunk/libcryptui/tests/Makefile.am	Sat Nov 22 23:42:50 2008
@@ -1,16 +1,49 @@
 
+noinst_PROGRAMS= \
+	run-tests \
+	crui-show \
+	cryptui-test
+	
+# ------------------------------------------------------------------------------
+# UI TEST PROGRAMS
+
+cryptui_test_SOURCES = cryptui-test-ui.c
+cryptui_test_LDADD = $(LIBCRYPTUI_LIBS) \
+	$(top_builddir)/libcryptui/libcryptui.la 
+
+crui_show_SOURCES = crui-show.c
+crui_show_LDADD = $(LIBCRYPTUI_LIBS) \
+	$(top_builddir)/libcryptui/libcryptui.la
+
+# ------------------------------------------------------------------------------
+# UNIT TEST PROGRAMS
+
+UNIT_TESTS = \
+	unit-test-asn1.c \
+	unit-test-util.c \
+	unit-test-x509-cert.c
+	
+run-tests.c: $(UNIT_TESTS) Makefile.am gtest-prep.sh
+	sh gtest-prep.sh -b run-tests $(UNIT_TESTS)
+
+run_tests_SOURCES = \
+	run-tests.c run-tests.h \
+	$(UNIT_TESTS)
+
+run_tests_LDADD = $(LIBCRYPTUI_LIBS) \
+	$(top_builddir)/libcryptui/libcryptui.la
+
+# ------------------------------------------------------------------------------
+# COMMON
+
 INCLUDES = -I$(top_builddir) \
 	-I$(top_srcdir) \
 	-I$(top_srcdir)/libcryptui \
 	-DLIBCRYPTUI_API_SUBJECT_TO_CHANGE \
 	$(LIBCRYPTUI_CFLAGS) 
 
-bin_PROGRAMS = cryptui-test-keyset cryptui-test-ui
-
-cryptui_test_keyset_SOURCES = cryptui-test-keyset.c
-cryptui_test_keyset_LDADD = $(LIBCRYPTUI_LIBS) \
-            $(top_builddir)/libcryptui/libcryptui.la 
-
-cryptui_test_ui_SOURCES = cryptui-test-ui.c
-cryptui_test_ui_LDADD = $(LIBCRYPTUI_LIBS) \
-            $(top_builddir)/libcryptui/libcryptui.la 
+EXTRA_DIST = \
+	gtest-helpers.c \
+	gtest-helpers.h \
+	gtest-prep.sh \
+	$(UNIT_TESTS)
\ No newline at end of file

Added: trunk/libcryptui/tests/crui-show.c
==============================================================================
--- (empty file)
+++ trunk/libcryptui/tests/crui-show.c	Sat Nov 22 23:42:50 2008
@@ -0,0 +1,89 @@
+/* 
+ * Seahorse
+ * 
+ * Copyright (C) 2008 Stefan Walter
+ * 
+ * This program is free software; you can redistribute it and/or modify 
+ * it under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *  
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *  
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
+ * 02111-1307, USA.  
+ */
+
+#include "config.h"
+
+#include "crui-x509-cert.h"
+#include "crui-x509-cert-dialog.h"
+#include "crui-x509-cert-simple.h"
+
+#include <gtk/gtk.h>
+
+#include <glib/gstdio.h>
+
+static void
+show_certificate_dialog (void)
+{
+	CruiX509CertSimple *simple;
+	CruiX509CertDialog *dialog;
+	GError *err = NULL;
+	
+	simple = crui_x509_cert_simple_new_from_file ("files/test-certificate-1.der", &err);
+	if (!simple) {
+		g_warning ("couldn't load certificate: %s", err->message);
+		return;
+	}
+		
+	dialog = crui_x509_cert_dialog_new (CRUI_X509_CERT (simple));
+	g_object_ref (dialog);
+	gtk_dialog_run (GTK_DIALOG (dialog));
+	
+	g_object_unref (dialog);
+	g_object_unref (simple);
+}
+
+static void 
+chdir_base_dir (char* argv0)
+{
+	gchar *dir, *base;
+
+	dir = g_path_get_dirname (argv0);
+	if (g_chdir (dir) < 0)
+		g_warning ("couldn't change directory to: %s", dir);
+	
+	base = g_path_get_basename (dir);
+	if (strcmp (base, ".libs") == 0) {
+		if (g_chdir ("..") < 0)
+			g_warning ("couldn't change directory to ..");
+	}
+
+	g_free (base);
+	g_free (dir);
+}
+
+int
+main (int argc, char **argv)
+{
+    const gchar *arg = "certificate";
+    
+    chdir_base_dir (argv[0]);
+    gtk_init(&argc, &argv);
+    
+    if (argc > 1)
+	    arg = argv[1];
+	
+    if (g_ascii_strcasecmp (arg, "certificate") == 0) 
+	    show_certificate_dialog ();
+    else
+	    g_warning ("must specify something valid to display");
+	    
+    return 0;
+}
\ No newline at end of file

Modified: trunk/libcryptui/tests/cryptui-test-ui.c
==============================================================================
--- trunk/libcryptui/tests/cryptui-test-ui.c	(original)
+++ trunk/libcryptui/tests/cryptui-test-ui.c	Sat Nov 22 23:42:50 2008
@@ -78,22 +78,57 @@
     }
 }
 
+static void
+print_keyset (CryptUIKeyset *keyset)
+{
+    GList *keys, *l;
+    gboolean cache = FALSE;
+    gchar *name;
+    guint flags;
+    
+    keys = cryptui_keyset_get_keys (keyset);
+    
+    for(l = keys; l; l = g_list_next (l)) {
+        g_print ("key: %s\n", (gchar*)l->data);
+        
+        /* Test half of them cached, half not */
+        if (cache)
+            cryptui_keyset_cache_key (keyset, (gchar*)l->data);
+        cache = !cache;
+        
+        name = cryptui_keyset_key_display_name (keyset, (gchar*)l->data);
+        g_print ("     name: %s\n", name);
+        g_free (name);
+        
+        name = cryptui_keyset_key_display_id (keyset, (gchar*)l->data);
+        g_print ("     id: %s\n", name);
+        g_free (name);
+        
+        flags = cryptui_keyset_key_flags (keyset, (gchar*)l->data);
+        g_print ("     flags: %d\n", flags);
+    }
+}
+
 int
 main (int argc, char **argv)
 {
     CryptUIKeyset *keyset;
+    const gchar *arg = "normal";
     
     gtk_init(&argc, &argv);
     
     keyset = cryptui_keyset_new ("openpgp", TRUE);
-    if (argc > 1) {
-        if (g_ascii_strcasecmp (argv[1], "plain") == 0) {
-            show_ui_dialog (keyset);
-            return 0;
-        } 
-    }
-
-    /* The default */
-    show_chooser_dialog (keyset);
+    if (argc > 1)
+	    arg = argv[1];
+	    
+    if (g_ascii_strcasecmp (arg, "plain") == 0) 
+	    show_ui_dialog (keyset);
+    else if (g_ascii_strcasecmp (arg, "normal") == 0)
+	    show_chooser_dialog (keyset);
+    else if (g_ascii_strcasecmp (arg, "keyset") == 0)
+	    print_keyset (keyset);
+    else
+	    g_warning ("must specify something valid to display");
+	    
     return 0;
 }

Added: trunk/libcryptui/tests/files/test-certificate-1.der
==============================================================================
Binary file. No diff available.

Added: trunk/libcryptui/tests/gtest-helpers.c
==============================================================================
--- (empty file)
+++ trunk/libcryptui/tests/gtest-helpers.c	Sat Nov 22 23:42:50 2008
@@ -0,0 +1,114 @@
+/* -*- Mode: C; indent-tabs-mode: t; c-basic-offset: 8; tab-width: 8 -*- */
+/* test-helpers.c: Common functions called from gtest unit tests
+
+   Copyright (C) 2008 Stefan Walter
+
+   The Gnome Keyring Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Library General Public License as
+   published by the Free Software Foundation; either version 2 of the
+   License, or (at your option) any later version.
+
+   The Gnome Keyring Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Library General Public License for more details.
+
+   You should have received a copy of the GNU Library General Public
+   License along with the Gnome Library; see the file COPYING.LIB.  If not,
+   write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+   Boston, MA 02111-1307, USA.
+
+   Author: Stef Walter <stef memberwebs com>
+*/
+
+/* This file is included into the main .c file for each gtest unit-test program */
+
+#include "config.h"
+
+#include <glib.h>
+#include <gtk/gtk.h>
+#include <stdio.h>
+#include <unistd.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+
+#include <glib/gstdio.h>
+
+#include "gtest-helpers.h"
+
+static GMainLoop *mainloop = NULL;
+
+static gboolean
+quit_loop (gpointer unused)
+{
+	g_main_loop_quit (mainloop);
+	return TRUE;	
+}
+
+void
+test_mainloop_quit (void)
+{
+	g_main_loop_quit (mainloop);
+}
+
+void
+test_mainloop_run (int timeout)
+{
+	guint id = 0;
+	
+	if (timeout)
+		id = g_timeout_add (timeout, quit_loop, NULL);
+	g_main_loop_run (mainloop);
+	if (timeout)
+		g_source_remove (id); 
+} 
+
+GMainLoop* 
+test_mainloop_get (void)
+{
+	if (!mainloop)
+		mainloop = g_main_loop_new (NULL, FALSE);
+	return mainloop;
+}
+
+static void 
+chdir_base_dir (char* argv0)
+{
+	gchar *dir, *base;
+
+	dir = g_path_get_dirname (argv0);
+	if (g_chdir (dir) < 0)
+		g_warning ("couldn't change directory to: %s: %s", 
+		           dir, g_strerror (errno));
+	
+	base = g_path_get_basename (dir);
+	if (strcmp (base, ".libs") == 0) {
+		if (g_chdir ("..") < 0)
+			g_warning ("couldn't change directory to ..: %s",
+			           g_strerror (errno));
+	}
+
+	g_free (base);
+	g_free (dir);
+}
+
+int
+main (int argc, char* argv[])
+{
+	GLogLevelFlags fatal_mask;
+
+	g_thread_init (NULL);
+
+	chdir_base_dir (argv[0]);
+	g_test_init (&argc, &argv, NULL);
+	gtk_init (&argc, &argv);
+	mainloop = g_main_loop_new (NULL, FALSE);
+
+	fatal_mask = g_log_set_always_fatal (G_LOG_FATAL_MASK);
+	fatal_mask |= G_LOG_LEVEL_WARNING | G_LOG_LEVEL_CRITICAL;
+	g_log_set_always_fatal (fatal_mask);
+
+	initialize_tests ();
+	return g_test_run ();
+}

Added: trunk/libcryptui/tests/gtest-helpers.h
==============================================================================
--- (empty file)
+++ trunk/libcryptui/tests/gtest-helpers.h	Sat Nov 22 23:42:50 2008
@@ -0,0 +1,48 @@
+/* -*- Mode: C; indent-tabs-mode: t; c-basic-offset: 8; tab-width: 8 -*- */
+/* gtest-helpers.h: Declarations for common functions called from gtest unit tests
+
+   Copyright (C) 2008 Stefan Walter
+
+   The Gnome Keyring Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Library General Public License as
+   published by the Free Software Foundation; either version 2 of the
+   License, or (at your option) any later version.
+
+   The Gnome Keyring Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Library General Public License for more details.
+
+   You should have received a copy of the GNU Library General Public
+   License along with the Gnome Library; see the file COPYING.LIB.  If not,
+   write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+   Boston, MA 02111-1307, USA.
+
+   Author: Stef Walter <stef memberwebs com>
+*/
+
+#ifndef GTEST_HELPERS_H_
+#define GTEST_HELPERS_H_
+
+#include <glib.h>
+
+void test_mainloop_quit (void);
+void test_mainloop_run (int timeout);
+GMainLoop* test_mainloop_get (void);
+
+#define DECLARE_SETUP(x) \
+	void setup_##x(int *v, gconstpointer d)
+#define DEFINE_SETUP(x) \
+	void setup_##x(int *__unused G_GNUC_UNUSED, gconstpointer __data G_GNUC_UNUSED)
+
+#define DECLARE_TEARDOWN(x) \
+	void teardown_##x(int *v, gconstpointer d)
+#define DEFINE_TEARDOWN(x) \
+	void teardown_##x(int *__unused G_GNUC_UNUSED, gconstpointer __data G_GNUC_UNUSED)
+
+#define DECLARE_TEST(x) \
+	void test_##x(int *v, gconstpointer d)
+#define DEFINE_TEST(x) \
+	void test_##x(int *__unused G_GNUC_UNUSED, gconstpointer __data G_GNUC_UNUSED)
+
+#endif /* GTEST_HELPERS_H_ */

Added: trunk/libcryptui/tests/gtest-prep.sh
==============================================================================
--- (empty file)
+++ trunk/libcryptui/tests/gtest-prep.sh	Sat Nov 22 23:42:50 2008
@@ -0,0 +1,106 @@
+#!/bin/sh -eu
+
+set -eu
+
+# --------------------------------------------------------------------
+# FUNCTIONS 
+
+usage()
+{
+	echo "usage: prep-gtest.sh -b base-name files.c ..." >&2
+	exit 2
+}
+
+# --------------------------------------------------------------------
+# SOURCE FILE 
+
+file_to_name()
+{
+	echo -n $1 | sed -e 's/unit-test-//' -e 's/\.c//'
+	# | tr -c 'a-zA-Z0-9' '_'  
+}
+
+build_header()
+{
+	local _file
+	
+	echo '/* This is auto-generated code. Edit at your own peril. */'
+	echo '#include "tests/gtest-helpers.h"'
+	echo
+
+	for _file in $@; do
+		sed -ne 's/.*DEFINE_SETUP[ 	]*(\([^)]\+\))/DECLARE_SETUP(\1);/p' $_file
+		sed -ne 's/.*DEFINE_TEARDOWN[ 	]*(\([^)]\+\))/DECLARE_TEARDOWN(\1);/p' $_file
+		sed -ne 's/.*DEFINE_TEST[ 	]*(\([^)]\+\))/DECLARE_TEST(\1);/p' $_file
+	done
+	echo
+}
+
+build_source()
+{
+	local _tcases _file _name _setup _teardown
+	
+	echo '/* This is auto-generated code. Edit at your own peril. */'
+	echo "#include \"tests/gtest-helpers.h\""
+	echo "#include \"$BASE.h\""
+	echo
+	
+	echo "static void initialize_tests (void) {"
+	# Include each file, and build a test case for it
+	_tcases=""
+	for _file in $@; do
+		_name=`file_to_name $_file`  
+
+		# Wrap each and every test
+
+		echo
+		
+		# Calculate what our setup and teardowns are. 
+		_setup=`sed -ne 's/.*DEFINE_SETUP[ 	]*(\([^)]\+\)).*/setup_\1/p' $_file || echo "NULL"`
+		if [ -z "$_setup" ]; then
+			_setup="NULL"
+		fi
+
+		_teardown=`sed -ne 's/.*DEFINE_TEARDOWN[ 	]*(\([^)]\+\)).*/teardown_\1/p' $_file`
+		if [ -z "$_teardown" ]; then
+			_teardown="NULL"
+		fi
+		
+		# Add all tests to the test case 
+		sed -ne "s/.*DEFINE_TEST[ 	]*(\([^)]\+\)).*/	g_test_add(\"\/$_name\/\1\", int, NULL, $_setup, test_\1, $_teardown);/p" $_file
+		
+	done
+	
+	echo "}"
+	echo
+		
+	echo "#include \"tests/gtest-helpers.c\""
+}
+
+# --------------------------------------------------------------------
+# ARGUMENT PARSING
+
+BASE=unit
+
+while [ $# -gt 0 ]; do
+	case "$1" in
+	-b)
+		BASE="$2"
+		shift
+		;;	
+	--)
+		shift
+		break
+		;;
+	-*)
+		usage
+		;;
+	*)
+		break
+		;;
+	esac
+	shift
+done
+	
+build_header $* > $BASE.h
+build_source $* > $BASE.c

Added: trunk/libcryptui/tests/unit-test-asn1.c
==============================================================================
--- (empty file)
+++ trunk/libcryptui/tests/unit-test-asn1.c	Sat Nov 22 23:42:50 2008
@@ -0,0 +1,241 @@
+
+#include "config.h"
+#include "run-tests.h"
+
+#include "crui-asn1.h"
+
+#include <glib.h>
+
+#include <string.h>
+
+static ASN1_TYPE certificate = NULL;
+static guchar *data = NULL;
+static gsize n_data = 0;
+
+DEFINE_SETUP (read_certificate)
+{
+	GError *err = NULL;
+	gchar *contents;
+	
+	if (!g_file_get_contents ("files/test-certificate-1.der", &contents, &n_data, &err)) {
+		g_warning ("couldn't read files/test-certificate-1.der: %s", err->message);
+		return;
+	}
+
+	data = (guchar*)contents;
+	certificate = _crui_asn1_decode ("PKIX1.Certificate", data, n_data);	
+}
+
+DEFINE_TEARDOWN (read_certificate)
+{
+	if(certificate)
+		asn1_delete_structure (&certificate);
+	g_free (data);
+	data = NULL;
+	n_data = 0;
+}
+
+DEFINE_TEST (definitions)
+{
+	ASN1_TYPE type = _crui_asn1_get_definitions ("PKIX1.Certificate");
+	g_assert (type != NULL);
+	
+	type = _crui_asn1_get_definitions ("PK.*");
+	g_assert (type != NULL);
+}
+
+DEFINE_TEST (decode)
+{
+	ASN1_TYPE type = _crui_asn1_decode ("PKIX1.Certificate", data, n_data);
+	g_assert (type);
+	asn1_delete_structure (&type);
+}
+
+DEFINE_TEST (have)
+{
+	gboolean have;
+	
+	have = _crui_asn1_have_value (certificate, "tbsCertificate.subject");
+	g_assert (have);
+	
+	have = _crui_asn1_have_value (certificate, "tbsCertificate.issuerUniqueID");
+	g_assert (!have);
+
+	have = _crui_asn1_have_value (certificate, "blahblah");
+	g_assert (!have);
+}
+
+DEFINE_TEST (value)
+{
+	#define NOT_BEFORE "960101000000Z"
+	guchar *value;
+	gsize n_value;
+	
+	value = _crui_asn1_read_value (certificate, "tbsCertificate.validity.notBefore.utcTime", &n_value);
+	g_assert (value);
+
+	/* Since it's a string value, the null termination is counted in the length */
+	g_assert_cmpint (strlen (NOT_BEFORE) + 1, ==, n_value);
+	if (memcmp (value, NOT_BEFORE, n_value) != 0)
+		g_assert_not_reached ();
+	
+	g_free (value);
+	
+	value = _crui_asn1_read_value (certificate, "nonExistant", &n_value);
+	g_assert (!value);
+}
+
+DEFINE_TEST (string)
+{
+	#define NOT_AFTER "201231235959Z"
+	gchar *value;
+	value = _crui_asn1_read_string (certificate, "tbsCertificate.validity.notAfter.utcTime");
+	
+	g_assert (value != NULL);
+	g_assert_cmpstr (NOT_AFTER, ==, value);
+	
+	g_free (value);
+	
+	value = _crui_asn1_read_string (certificate, "nonExistant");
+	g_assert (!value);
+}
+
+DEFINE_TEST (read_oid)
+{
+	GQuark oid;
+	
+	oid = _crui_asn1_read_oid (certificate, "tbsCertificate.signature.algorithm");
+	
+	g_assert (oid != 0);
+	g_assert_cmpstr (g_quark_to_string (oid), ==, "1.2.840.113549.1.1.4");
+
+	oid = _crui_asn1_read_oid (certificate, "nonExistant");
+	g_assert (oid == 0);
+}
+
+DEFINE_TEST (read_dn)
+{
+	gchar *dn;
+	
+	dn = _crui_asn1_read_dn (certificate, "tbsCertificate.issuer.rdnSequence");
+	g_assert (dn != NULL);
+	g_assert_cmpstr (dn, ==, "C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting, OU=Certification Services Division, CN=Thawte Personal Premium CA, EMAIL=personal-premium thawte com");
+	
+	g_free (dn);
+	
+	dn = _crui_asn1_read_dn (certificate, "tbsCertificate.nonExistant");
+	g_assert (dn == NULL);
+}
+
+DEFINE_TEST (read_dn_part)
+{
+	gchar *value;
+	
+	value = _crui_asn1_read_dn_part (certificate, "tbsCertificate.issuer.rdnSequence", "CN");
+	g_assert (value != NULL);
+	g_assert_cmpstr (value, ==, "Thawte Personal Premium CA");
+	g_free (value);
+
+	value = _crui_asn1_read_dn_part (certificate, "tbsCertificate.issuer.rdnSequence", "2.5.4.8");
+	g_assert (value != NULL);
+	g_assert_cmpstr (value, ==, "Western Cape");
+	g_free (value);
+	
+	value = _crui_asn1_read_dn_part (certificate, "tbsCertificate.nonExistant", "CN");
+	g_assert (value == NULL);
+
+	value = _crui_asn1_read_dn_part (certificate, "tbsCertificate.issuer.rdnSequence", "DC");
+	g_assert (value == NULL);
+
+	value = _crui_asn1_read_dn_part (certificate, "tbsCertificate.issuer.rdnSequence", "0.0.0.0");
+	g_assert (value == NULL);
+
+	value = _crui_asn1_read_dn_part (certificate, "tbsCertificate.issuer.rdnSequence", "2.5.4.9");
+	g_assert (value == NULL);
+}
+
+DEFINE_TEST (read_boolean)
+{
+	gboolean value;
+	
+	if (!_crui_asn1_read_boolean (certificate, "tbsCertificate.extensions.?1.critical", &value))
+		g_assert_not_reached ();
+	g_assert (value == TRUE);
+	
+	if (_crui_asn1_read_boolean (certificate, "tbsCertificate.nonExistant", &value))
+		g_assert_not_reached ();
+}
+
+DEFINE_TEST (read_uint)
+{
+	guint value;
+	
+	if(!_crui_asn1_read_uint (certificate, "tbsCertificate.version", &value))
+		g_assert_not_reached ();
+	g_assert (value == 0x02);
+	
+	if (_crui_asn1_read_uint (certificate, "tbsCertificate.nonExistant", &value))
+		g_assert_not_reached ();
+}
+
+typedef struct _TestDates {
+	const gchar *value;
+	gboolean full_year;
+	guint year;
+	guint month;
+	guint day;
+} TestDates;
+
+const static TestDates test_dates[] = {
+	{ "20070725130528Z", TRUE, 2007, 07, 25 },
+	{ "20070725130528.2134Z", TRUE, 2007, 07, 25 },
+	{ "19990725140528-0100", TRUE, 1999, 07, 25 },
+	{ "20070725210528+0900", TRUE, 2007, 07, 26 },
+	{ "20070725123528+1130", TRUE, 2007, 07, 26 },
+	{ "20070725103528-1130", TRUE, 2007, 07, 24 },
+	{ "20070725102959-1030", TRUE, 2007, 07, 24 },
+	{ "20070725Z", TRUE, 2007, 07, 25 },
+	{ "20070725+0000", TRUE, 2007, 07, 25 },
+	
+	{ "070725130528Z", FALSE, 2007, 07, 25 },
+	{ "020125130528Z", FALSE, 2002, 01, 25 },
+	{ "970725130528Z", FALSE, 1997, 07, 25 },
+	{ "370725130528Z", FALSE, 2037, 07, 25},
+
+	{ "070725130528.2134Z", FALSE, 2007, 07, 25 },
+	{ "070725140528-0100", FALSE, 2007, 07, 25 },
+	{ "070725040528+0900", FALSE, 2007, 07, 25 },
+	{ "070725013528+1130", FALSE, 2007, 07, 25 },
+	{ "070725Z", FALSE, 2007, 07, 25 },
+	{ "070725+0000", FALSE, 2007, 07, 25 }
+};
+
+DEFINE_TEST (parse_date)
+{
+	GDate *date;
+	int i;
+	
+	for (i = 0; i < G_N_ELEMENTS (test_dates); ++i)
+	{
+		date = _crui_asn1_parse_date (test_dates[i].value, test_dates[i].full_year);
+		g_assert (date != NULL);
+		if (g_date_get_year (date) != test_dates[i].year ||
+		    g_date_get_month (date) != test_dates[i].month ||
+		    g_date_get_day (date) != test_dates[i].day) {
+			g_test_message ("%s != %04u%02u%02u", test_dates[i].value, 
+			                test_dates[i].year, test_dates[i].month, test_dates[i].day);
+			g_assert_not_reached ();
+		}
+	}
+}
+
+DEFINE_TEST (read_date)
+{
+	GDate *date;
+	
+	date = _crui_asn1_read_date (certificate, "tbsCertificate.validity.notBefore");
+	g_assert (date != NULL);
+	g_assert_cmpuint (g_date_get_year (date), ==, 1996);
+	g_assert_cmpuint (g_date_get_month (date), ==, 1);
+	g_assert_cmpuint (g_date_get_day (date), ==, 1);
+}

Added: trunk/libcryptui/tests/unit-test-util.c
==============================================================================
--- (empty file)
+++ trunk/libcryptui/tests/unit-test-util.c	Sat Nov 22 23:42:50 2008
@@ -0,0 +1,20 @@
+
+#include "config.h"
+#include "run-tests.h"
+
+#include "crui-util.h"
+
+#include <glib.h>
+
+#include <string.h>
+
+DEFINE_TEST (encode_hex)
+{
+	gchar *value;
+	
+	value = _crui_util_encode_hex ((const guchar*)"blahblah", 8);
+	g_assert (value != NULL);
+	g_assert_cmpstr (value, ==, "626C6168626C6168");
+	g_free (value);
+}
+

Added: trunk/libcryptui/tests/unit-test-x509-cert.c
==============================================================================
--- (empty file)
+++ trunk/libcryptui/tests/unit-test-x509-cert.c	Sat Nov 22 23:42:50 2008
@@ -0,0 +1,140 @@
+
+#include "config.h"
+#include "run-tests.h"
+
+#include "crui-x509-cert.h"
+#include "crui-x509-cert-simple.h"
+
+#include <glib.h>
+
+#include <string.h>
+
+static CruiX509Cert *certificate = NULL;
+
+DEFINE_SETUP (certificate)
+{
+	GError *err = NULL;
+	gchar *contents;
+	gsize n_contents;
+	
+	if (!g_file_get_contents ("files/test-certificate-1.der", &contents, &n_contents, &err)) {
+		g_warning ("couldn't read files/test-certificate-1.der: %s", err->message);
+		return;
+	}
+
+	certificate = CRUI_X509_CERT (crui_x509_cert_simple_new ((const guchar*)contents, n_contents));
+	g_assert (certificate);
+	g_free (contents);
+}
+
+DEFINE_TEARDOWN (certificate)
+{
+	if (certificate)
+		g_object_unref (certificate);
+	certificate = NULL;
+}
+
+DEFINE_TEST (issuer_cn)
+{
+	gchar *cn = crui_x509_cert_get_issuer_cn (certificate);
+	g_assert (cn);
+	g_assert_cmpstr (cn, ==, "Thawte Personal Premium CA");
+	g_free (cn);
+}
+
+DEFINE_TEST (issuer_dn)
+{
+	gchar *dn = crui_x509_cert_get_issuer_dn (certificate);
+	g_assert (dn);
+	g_assert_cmpstr (dn, ==, "C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting, OU=Certification Services Division, CN=Thawte Personal Premium CA, EMAIL=personal-premium thawte com");
+	g_free (dn);
+}
+
+DEFINE_TEST (issuer_part)
+{
+	gchar *part = crui_x509_cert_get_issuer_part (certificate, "st");
+	g_assert (part);
+	g_assert_cmpstr (part, ==, "Western Cape");
+	g_free (part);
+}
+
+DEFINE_TEST (subject_cn)
+{
+	gchar *cn = crui_x509_cert_get_subject_cn (certificate);
+	g_assert (cn);
+	g_assert_cmpstr (cn, ==, "Thawte Personal Premium CA");
+	g_free (cn);
+}
+
+DEFINE_TEST (subject_dn)
+{
+	gchar *dn = crui_x509_cert_get_subject_dn (certificate);
+	g_assert (dn);
+	g_assert_cmpstr (dn, ==, "C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting, OU=Certification Services Division, CN=Thawte Personal Premium CA, EMAIL=personal-premium thawte com");
+	g_free (dn);
+}
+
+DEFINE_TEST (subject_part)
+{
+	gchar *part = crui_x509_cert_get_subject_part (certificate, "St");
+	g_assert (part);
+	g_assert_cmpstr (part, ==, "Western Cape");
+	g_free (part);
+}
+
+DEFINE_TEST (issued_date)
+{
+	GDate *date = crui_x509_cert_get_issued_date (certificate);
+	g_assert (date);
+	g_assert_cmpuint (g_date_get_year (date), ==, 1996);
+	g_assert_cmpuint (g_date_get_month (date), ==, 1);
+	g_assert_cmpuint (g_date_get_day (date), ==, 1);
+	g_date_free (date);
+}
+
+DEFINE_TEST (expiry_date)
+{
+	GDate *date = crui_x509_cert_get_expiry_date (certificate);
+	g_assert (date);
+	g_assert_cmpuint (g_date_get_year (date), ==, 2020);
+	g_assert_cmpuint (g_date_get_month (date), ==, 12);
+	g_assert_cmpuint (g_date_get_day (date), ==, 31);
+	g_date_free (date);
+}
+
+DEFINE_TEST (serial_number)
+{
+	gsize n_serial;
+	guchar *serial = crui_x509_cert_get_serial_number (certificate, &n_serial);
+	g_assert (serial);
+	g_assert_cmpuint (n_serial, ==, 1);
+	g_assert (memcmp (serial, "\0", n_serial) == 0);
+	g_free (serial);
+}
+
+DEFINE_TEST (serial_number_hex)
+{
+	gchar *serial = crui_x509_cert_get_serial_number_hex (certificate);
+	g_assert (serial);
+	g_assert_cmpstr (serial, ==, "00");
+	g_free (serial);
+}
+
+DEFINE_TEST (fingerprint)
+{
+	gsize n_print;
+	guchar *print = crui_x509_cert_get_fingerprint (certificate, G_CHECKSUM_MD5, &n_print);
+	g_assert (print);
+	g_assert_cmpuint (n_print, ==, g_checksum_type_get_length (G_CHECKSUM_MD5));
+	g_assert (memcmp (print, "\x3a\xb2\xde\x22\x9a\x20\x93\x49\xf9\xed\xc8\xd2\x8a\xe7\x68\x0d", n_print) == 0);
+	g_free (print);
+}
+
+DEFINE_TEST (fingerprint_hex)
+{
+	gchar *print = crui_x509_cert_get_fingerprint_hex (certificate, G_CHECKSUM_MD5);
+	g_assert (print);
+	g_assert_cmpstr (print, ==, "3ab2de229a209349f9edc8d28ae7680d");
+	g_free (print);
+}
+

Modified: trunk/pkcs11/Makefile.am
==============================================================================
--- trunk/pkcs11/Makefile.am	(original)
+++ trunk/pkcs11/Makefile.am	Sat Nov 22 23:42:50 2008
@@ -17,12 +17,12 @@
 
 VALA_SRCS = \
 	seahorse-pkcs11.vala \
-	seahorse-pkcs11-certificate.vala \
 	seahorse-pkcs11-source.vala
 	
 VALA_VAPIS = \
 	p11.vapi \
 	gp11.vapi \
+	libseahorse-pkcs11-c.vapi \
 	$(top_srcdir)/bugs.vapi \
 	$(top_srcdir)/config.vapi \
 	$(top_srcdir)/libseahorse/libseahorse-c.vapi \
@@ -43,6 +43,8 @@
 noinst_LTLIBRARIES = libseahorse-pkcs11.la
 
 libseahorse_pkcs11_la_SOURCES = \
+	seahorse-pkcs11-certificate.c seahorse-pkcs11-certificate.h \
+	seahorse-pkcs11-commands.c seahorse-pkcs11-commands.h \
 	seahorse-pkcs11-module.c seahorse-pkcs11-module.h \
 	$(VALA_CFILES) $(VALA_HFILES)
 
@@ -58,6 +60,7 @@
 	gp11-hacks.h \
 	$(glade_DATA) \
 	vala-build.stamp \
+	libseahorse-pkcs11-c.vapi \
 	$(VALA_CFILES) $(VALA_HFILES) \
 	$(VALA_SRCS)
 

Added: trunk/pkcs11/libseahorse-pkcs11-c.vapi
==============================================================================
--- (empty file)
+++ trunk/pkcs11/libseahorse-pkcs11-c.vapi	Sat Nov 22 23:42:50 2008
@@ -0,0 +1,31 @@
+/* 
+ * Seahorse
+ * 
+ * Copyright (C) 2008 Stefan Walter
+ * 
+ * This program is free software; you can redistribute it and/or modify 
+ * it under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *  
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *  
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
+ * 02111-1307, USA.  
+ */
+ 
+[CCode (cprefix = "SeahorsePkcs11", lower_case_cprefix = "seahorse_pkcs11_")]
+namespace Seahorse.Pkcs11 {
+        [CCode (cheader_filename = "seahorse-pkcs11-certificate.h")]
+        public class Certificate : Seahorse.Object {
+        	public GP11.Object pkcs11_object { get; set; }
+        	public GP11.Attributes pkcs11_attributes { get; set; }
+        	public Certificate(GP11.Object object, GP11.Attributes attrs);
+        }
+}
+

Modified: trunk/pkcs11/seahorse-pkcs11-certificate.c
==============================================================================
--- trunk/pkcs11/seahorse-pkcs11-certificate.c	(original)
+++ trunk/pkcs11/seahorse-pkcs11-certificate.c	Sat Nov 22 23:42:50 2008
@@ -1,386 +1,547 @@
+/* 
+ * Seahorse
+ * 
+ * Copyright (C) 2008 Stefan Walter
+ * 
+ * This program is free software; you can redistribute it and/or modify 
+ * it under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *  
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *  
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
+ * 02111-1307, USA.  
+ */
+
+#include "config.h"
 
 #include "seahorse-pkcs11-certificate.h"
-#include <seahorse-types.h>
-#include <seahorse-key.h>
-#include <pkcs11.h>
-#include <pkcs11g.h>
-#include <glib/gi18n-lib.h>
-#include <seahorse-util.h>
-#include <seahorse-validity.h>
-#include <time.h>
+
+#include "seahorse-key.h"
 #include "seahorse-pkcs11.h"
+#include "seahorse-util.h"
 
+#include "libcryptui/crui-x509-cert.h"
 
+#include <pkcs11.h>
+#include <pkcs11g.h>
 
+#include <glib/gi18n-lib.h>
 
-struct _SeahorsePkcs11CertificatePrivate {
-	GP11Object* _pkcs11_object;
-	GP11Attributes* _pkcs11_attributes;
+enum {
+	PROP_0,
+	PROP_PKCS11_OBJECT,
+	PROP_PKCS11_ATTRIBUTES,
+	PROP_DISPLAY_NAME,
+	PROP_DISPLAY_ID,
+	PROP_MARKUP,
+	PROP_SIMPLE_NAME,
+	PROP_FINGERPRINT,
+	PROP_VALIDITY,
+	PROP_VALIDITY_STR,
+	PROP_TRUST,
+	PROP_TRUST_STR,
+	PROP_EXPIRES,
+	PROP_EXPIRES_STR,
+	PROP_STOCK_ID
 };
 
-#define SEAHORSE_PKCS11_CERTIFICATE_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), SEAHORSE_PKCS11_TYPE_CERTIFICATE, SeahorsePkcs11CertificatePrivate))
-enum  {
-	SEAHORSE_PKCS11_CERTIFICATE_DUMMY_PROPERTY,
-	SEAHORSE_PKCS11_CERTIFICATE_PKCS11_OBJECT,
-	SEAHORSE_PKCS11_CERTIFICATE_PKCS11_ATTRIBUTES,
-	SEAHORSE_PKCS11_CERTIFICATE_DISPLAY_NAME,
-	SEAHORSE_PKCS11_CERTIFICATE_DISPLAY_ID,
-	SEAHORSE_PKCS11_CERTIFICATE_MARKUP,
-	SEAHORSE_PKCS11_CERTIFICATE_SIMPLE_NAME,
-	SEAHORSE_PKCS11_CERTIFICATE_FINGERPRINT,
-	SEAHORSE_PKCS11_CERTIFICATE_VALIDITY,
-	SEAHORSE_PKCS11_CERTIFICATE_VALIDITY_STR,
-	SEAHORSE_PKCS11_CERTIFICATE_TRUST,
-	SEAHORSE_PKCS11_CERTIFICATE_TRUST_STR,
-	SEAHORSE_PKCS11_CERTIFICATE_EXPIRES,
-	SEAHORSE_PKCS11_CERTIFICATE_EXPIRES_STR,
-	SEAHORSE_PKCS11_CERTIFICATE_STOCK_ID
+struct _SeahorsePkcs11CertificatePrivate {
+	GP11Object* pkcs11_object;
+	GP11Attributes* pkcs11_attributes;
+	GP11Attribute der_value;
 };
-static void seahorse_pkcs11_certificate_rebuild (SeahorsePkcs11Certificate* self);
-static gpointer seahorse_pkcs11_certificate_parent_class = NULL;
-static void seahorse_pkcs11_certificate_finalize (GObject * obj);
-
 
+static void seahorse_pkcs11_certificate_iface (CruiX509CertIface *iface);
 
-SeahorsePkcs11Certificate* seahorse_pkcs11_certificate_new (GP11Object* object, GP11Attributes* attributes) {
-	SeahorsePkcs11Certificate * self;
-	g_return_val_if_fail (GP11_IS_OBJECT (object), NULL);
-	g_return_val_if_fail (GP11_IS_ATTRIBUTES (attributes), NULL);
-	self = g_object_newv (SEAHORSE_PKCS11_TYPE_CERTIFICATE, 0, NULL);
-	seahorse_pkcs11_certificate_set_pkcs11_object (self, object);
-	seahorse_pkcs11_certificate_set_pkcs11_attributes (self, attributes);
-	return self;
-}
+G_DEFINE_TYPE_EXTENDED (SeahorsePkcs11Certificate, seahorse_pkcs11_certificate, SEAHORSE_TYPE_OBJECT, 0,
+                        G_IMPLEMENT_INTERFACE (CRUI_TYPE_X509_CERT, seahorse_pkcs11_certificate_iface));
 
+#define SEAHORSE_PKCS11_CERTIFICATE_GET_PRIVATE(o) \
+	(G_TYPE_INSTANCE_GET_PRIVATE ((o), SEAHORSE_PKCS11_TYPE_CERTIFICATE, SeahorsePkcs11CertificatePrivate))
 
-static void seahorse_pkcs11_certificate_rebuild (SeahorsePkcs11Certificate* self) {
-	g_return_if_fail (SEAHORSE_PKCS11_IS_CERTIFICATE (self));
-	SEAHORSE_OBJECT (self)->_id = ((GQuark) (0));
-	SEAHORSE_OBJECT (self)->_tag = SEAHORSE_PKCS11_TYPE;
-	if (self->priv->_pkcs11_attributes == NULL) {
-		SEAHORSE_OBJECT (self)->_location = SEAHORSE_LOCATION_INVALID;
-		SEAHORSE_OBJECT (self)->_usage = SEAHORSE_USAGE_NONE;
-		SEAHORSE_OBJECT (self)->_flags = ((guint) (SKEY_FLAG_DISABLED));
+/* -----------------------------------------------------------------------------
+ * INTERNAL 
+ */
+
+static void 
+certificate_rebuild (SeahorsePkcs11Certificate* self) 
+{
+	SeahorsePkcs11CertificatePrivate *pv;
+	SeahorseObject *obj;
+	gboolean exportable;
+	
+	g_assert (SEAHORSE_PKCS11_IS_CERTIFICATE (self));
+	pv = SEAHORSE_PKCS11_CERTIFICATE_GET_PRIVATE (self);
+	obj = SEAHORSE_OBJECT (self);
+	
+	obj->_id = 0;
+	obj->_tag = SEAHORSE_PKCS11_TYPE;
+	
+	if (pv->pkcs11_attributes == NULL) {
+		obj->_location = SEAHORSE_LOCATION_INVALID;
+		obj->_usage = SEAHORSE_USAGE_NONE;
+		obj->_flags = SKEY_FLAG_DISABLED;
 	} else {
-		gboolean exportable;
-		SEAHORSE_OBJECT (self)->_id = seahorse_pkcs11_id_from_attributes (self->priv->_pkcs11_attributes);
-		SEAHORSE_OBJECT (self)->_location = SEAHORSE_LOCATION_LOCAL;
-		SEAHORSE_OBJECT (self)->_usage = SEAHORSE_USAGE_PUBLIC_KEY;
+		obj->_id = seahorse_pkcs11_id_from_attributes (pv->pkcs11_attributes);
+		obj->_location = SEAHORSE_LOCATION_LOCAL;
+		obj->_usage = SEAHORSE_USAGE_PUBLIC_KEY;
+		
 		exportable = FALSE;
-		if (!gp11_attributes_find_boolean (self->priv->_pkcs11_attributes, CKA_EXTRACTABLE, &exportable)) {
+		if (!gp11_attributes_find_boolean (pv->pkcs11_attributes, CKA_EXTRACTABLE, &exportable))
 			exportable = FALSE;
-		}
-		SEAHORSE_OBJECT (self)->_flags = ((guint) (0));
-		if (exportable) {
-			SEAHORSE_OBJECT (self)->_flags = ((guint) (SKEY_FLAG_EXPORTABLE));
-		}
+
+		obj->_flags = 0;
+		if (exportable)
+			obj->_flags |= SKEY_FLAG_EXPORTABLE;
+		
 		/* TODO: Expiry, revoked, disabled etc... */
-		if (seahorse_pkcs11_certificate_get_trust (self) >= ((gint) (SEAHORSE_VALIDITY_MARGINAL))) {
-			SEAHORSE_OBJECT (self)->_flags = SEAHORSE_OBJECT (self)->_flags | (SKEY_FLAG_TRUSTED);
-		}
+		if (seahorse_pkcs11_certificate_get_trust (self) >= SEAHORSE_VALIDITY_MARGINAL)
+			obj->_flags |= SKEY_FLAG_TRUSTED;
 	}
-	seahorse_object_fire_changed (SEAHORSE_OBJECT (self), SEAHORSE_OBJECT_CHANGE_ALL);
+	
+	seahorse_object_fire_changed (obj, SEAHORSE_OBJECT_CHANGE_ALL);
 }
 
 
-GP11Object* seahorse_pkcs11_certificate_get_pkcs11_object (SeahorsePkcs11Certificate* self) {
-	g_return_val_if_fail (SEAHORSE_PKCS11_IS_CERTIFICATE (self), NULL);
-	return self->priv->_pkcs11_object;
+/* -----------------------------------------------------------------------------
+ * OBJECT 
+ */
+
+static void
+seahorse_pkcs11_certificate_init (SeahorsePkcs11Certificate *self)
+{
+	SeahorsePkcs11CertificatePrivate *pv = SEAHORSE_PKCS11_CERTIFICATE_GET_PRIVATE (self);
+	gp11_attribute_init_invalid (&pv->der_value, CKA_VALUE);
+}
+
+static void
+seahorse_pkcs11_certificate_dispose (GObject *obj)
+{
+	SeahorsePkcs11Certificate *self = SEAHORSE_PKCS11_CERTIFICATE (obj);
+	SeahorsePkcs11CertificatePrivate *pv = SEAHORSE_PKCS11_CERTIFICATE_GET_PRIVATE (self);
+    
+	if (pv->pkcs11_object)
+		g_object_unref (pv->pkcs11_object);
+	pv->pkcs11_object = NULL;
+	
+	G_OBJECT_CLASS (seahorse_pkcs11_certificate_parent_class)->dispose (obj);
+}
+
+static void
+seahorse_pkcs11_certificate_finalize (GObject *obj)
+{
+	SeahorsePkcs11Certificate *self = SEAHORSE_PKCS11_CERTIFICATE (obj);
+	SeahorsePkcs11CertificatePrivate *pv = SEAHORSE_PKCS11_CERTIFICATE_GET_PRIVATE (self);
+
+	g_assert (pv->pkcs11_object == NULL);
+	
+	if (pv->pkcs11_attributes)
+		gp11_attributes_unref (pv->pkcs11_attributes);
+	pv->pkcs11_attributes = NULL;
+	
+	gp11_attribute_clear (&pv->der_value);
+	
+	G_OBJECT_CLASS (seahorse_pkcs11_certificate_parent_class)->finalize (obj);
 }
 
+static void
+seahorse_pkcs11_certificate_get_property (GObject *obj, guint prop_id, GValue *value, 
+                                          GParamSpec *pspec)
+{
+	SeahorsePkcs11Certificate *self = SEAHORSE_PKCS11_CERTIFICATE (obj);
+	
+	switch (prop_id) {
+	case PROP_PKCS11_OBJECT:
+		g_value_set_object (value, seahorse_pkcs11_certificate_get_pkcs11_object (self));
+		break;
+	case PROP_PKCS11_ATTRIBUTES:
+		g_value_set_boxed (value, seahorse_pkcs11_certificate_get_pkcs11_attributes (self));
+		break;
+	case PROP_DISPLAY_NAME:
+		g_value_take_string (value, seahorse_object_get_display_name (SEAHORSE_OBJECT (self)));
+		break;
+	case PROP_DISPLAY_ID:
+		g_value_take_string (value, seahorse_pkcs11_certificate_get_display_id (self));
+		break;
+	case PROP_MARKUP:
+		g_value_take_string (value, seahorse_object_get_markup (SEAHORSE_OBJECT (self)));
+		break;
+	case PROP_SIMPLE_NAME:
+		g_value_take_string (value, seahorse_pkcs11_certificate_get_simple_name (self));
+		break;
+	case PROP_FINGERPRINT:
+		g_value_take_string (value, seahorse_pkcs11_certificate_get_fingerprint (self));
+		break;
+	case PROP_VALIDITY:
+		g_value_set_uint (value, seahorse_pkcs11_certificate_get_validity (self));
+		break;
+	case PROP_VALIDITY_STR:
+		g_value_set_string (value, seahorse_pkcs11_certificate_get_validity_str (self));
+		break;
+	case PROP_TRUST:
+		g_value_set_uint (value, seahorse_pkcs11_certificate_get_trust (self));
+		break;
+	case PROP_TRUST_STR:
+		g_value_set_string (value, seahorse_pkcs11_certificate_get_trust_str (self));
+		break;
+	case PROP_EXPIRES:
+		g_value_set_ulong (value, seahorse_pkcs11_certificate_get_expires (self));
+		break;
+	case PROP_EXPIRES_STR:
+		g_value_take_string (value, seahorse_pkcs11_certificate_get_expires_str (self));
+		break;
+	case PROP_STOCK_ID:
+		g_value_take_string (value, seahorse_object_get_stock_id (SEAHORSE_OBJECT (self)));
+		break;
+	default:
+		G_OBJECT_WARN_INVALID_PROPERTY_ID (obj, prop_id, pspec);
+		break;
+	}
+}
 
-void seahorse_pkcs11_certificate_set_pkcs11_object (SeahorsePkcs11Certificate* self, GP11Object* value) {
-	GP11Object* _tmp2;
-	GP11Object* _tmp1;
-	g_return_if_fail (SEAHORSE_PKCS11_IS_CERTIFICATE (self));
-	_tmp2 = NULL;
-	_tmp1 = NULL;
-	self->priv->_pkcs11_object = (_tmp2 = (_tmp1 = value, (_tmp1 == NULL ? NULL : g_object_ref (_tmp1))), (self->priv->_pkcs11_object == NULL ? NULL : (self->priv->_pkcs11_object = (g_object_unref (self->priv->_pkcs11_object), NULL))), _tmp2);
-	g_object_notify (((GObject *) (self)), "pkcs11-object");
+static void
+seahorse_pkcs11_certificate_set_property (GObject *obj, guint prop_id, const GValue *value, 
+                                          GParamSpec *pspec)
+{
+	SeahorsePkcs11Certificate *self = SEAHORSE_PKCS11_CERTIFICATE (obj);
+	
+	switch (prop_id) {
+	case PROP_PKCS11_OBJECT:
+		seahorse_pkcs11_certificate_set_pkcs11_object (self, g_value_get_object (value));
+		break;
+	case PROP_PKCS11_ATTRIBUTES:
+		seahorse_pkcs11_certificate_set_pkcs11_attributes (self, g_value_get_boxed (value));
+		break;
+	default:
+		G_OBJECT_WARN_INVALID_PROPERTY_ID (obj, prop_id, pspec);
+		break;
+	}
 }
 
 
-GP11Attributes* seahorse_pkcs11_certificate_get_pkcs11_attributes (SeahorsePkcs11Certificate* self) {
-	g_return_val_if_fail (SEAHORSE_PKCS11_IS_CERTIFICATE (self), NULL);
-	return self->priv->_pkcs11_attributes;
+static gchar* 
+seahorse_pkcs11_certificate_get_display_name (SeahorseObject* base) 
+{
+	SeahorsePkcs11Certificate* self = SEAHORSE_PKCS11_CERTIFICATE (base);
+	SeahorsePkcs11CertificatePrivate *pv = SEAHORSE_PKCS11_CERTIFICATE_GET_PRIVATE (self);
+	gchar *label = NULL;
+	
+	if (pv->pkcs11_attributes != NULL) {
+		if (gp11_attributes_find_string (pv->pkcs11_attributes, CKA_LABEL, &label))
+			return label;
+	}
+	
+	/* TODO: Calculate something from the subject? */
+	return g_strdup (_("Certificate"));
 }
 
-
-void seahorse_pkcs11_certificate_set_pkcs11_attributes (SeahorsePkcs11Certificate* self, GP11Attributes* value) {
-	GP11Attributes* _tmp2;
-	GP11Attributes* _tmp1;
-	g_return_if_fail (SEAHORSE_PKCS11_IS_CERTIFICATE (self));
-	_tmp2 = NULL;
-	_tmp1 = NULL;
-	self->priv->_pkcs11_attributes = (_tmp2 = (_tmp1 = value, (_tmp1 == NULL ? NULL : gp11_attributes_ref (_tmp1))), (self->priv->_pkcs11_attributes == NULL ? NULL : (self->priv->_pkcs11_attributes = (gp11_attributes_unref (self->priv->_pkcs11_attributes), NULL))), _tmp2);
-	seahorse_pkcs11_certificate_rebuild (self);
-	g_object_notify (((GObject *) (self)), "pkcs11-attributes");
+static char* 
+seahorse_pkcs11_certificate_get_markup (SeahorseObject* base) 
+{
+	SeahorsePkcs11Certificate* self = SEAHORSE_PKCS11_CERTIFICATE (base);
+	gchar *display = seahorse_object_get_display_name (SEAHORSE_OBJECT (self));
+	gchar *markup = g_markup_escape_text (display, -1);
+	g_free (display);
+	return markup;
+}
+
+static char*
+seahorse_pkcs11_certificate_get_stock_id (SeahorseObject* base) 
+{
+	/* TODO: A certificate icon */
+	return g_strdup ("");
 }
 
+static void
+seahorse_pkcs11_certificate_class_init (SeahorsePkcs11CertificateClass *klass)
+{
+	GObjectClass *gobject_class = G_OBJECT_CLASS (klass);
+	SeahorseObjectClass *sobj_class = SEAHORSE_OBJECT_CLASS (klass);
+	
+	seahorse_pkcs11_certificate_parent_class = g_type_class_peek_parent (klass);
+	g_type_class_add_private (klass, sizeof (SeahorsePkcs11CertificatePrivate));
 
-static char* seahorse_pkcs11_certificate_real_get_display_name (SeahorseObject* base) {
-	SeahorsePkcs11Certificate* self;
-	const char* _tmp4;
-	self = SEAHORSE_PKCS11_CERTIFICATE (base);
-	if (self->priv->_pkcs11_attributes != NULL) {
-		char* label;
-		char* _tmp2;
-		gboolean _tmp1;
-		char* _tmp0;
-		label = NULL;
-		_tmp2 = NULL;
-		_tmp0 = NULL;
-		if ((_tmp1 = gp11_attributes_find_string (self->priv->_pkcs11_attributes, CKA_LABEL, &_tmp0), label = (_tmp2 = _tmp0, (label = (g_free (label), NULL)), _tmp2), _tmp1)) {
-			if (label != NULL) {
-				return label;
-			}
-		}
-		label = (g_free (label), NULL);
-	}
-	/* TODO: Calculate something from the subject? */
-	_tmp4 = NULL;
-	return (_tmp4 = _ ("Certificate"), (_tmp4 == NULL ? NULL : g_strdup (_tmp4)));
+	gobject_class->dispose = seahorse_pkcs11_certificate_dispose;
+	gobject_class->finalize = seahorse_pkcs11_certificate_finalize;
+	gobject_class->set_property = seahorse_pkcs11_certificate_set_property;
+	gobject_class->get_property = seahorse_pkcs11_certificate_get_property;
+
+	sobj_class->get_display_name = seahorse_pkcs11_certificate_get_display_name;
+	sobj_class->get_markup = seahorse_pkcs11_certificate_get_markup;
+	sobj_class->get_stock_id = seahorse_pkcs11_certificate_get_stock_id;
+
+	g_object_class_install_property (gobject_class, PROP_PKCS11_OBJECT, 
+	         g_param_spec_object ("pkcs11-object", "pkcs11-object", "pkcs11-object", GP11_TYPE_OBJECT, 
+	                              G_PARAM_STATIC_NAME | G_PARAM_STATIC_NICK | G_PARAM_STATIC_BLURB | G_PARAM_READABLE | G_PARAM_WRITABLE));
+	
+	g_object_class_install_property (gobject_class, PROP_PKCS11_ATTRIBUTES, 
+	         g_param_spec_boxed ("pkcs11-attributes", "pkcs11-attributes", "pkcs11-attributes", GP11_TYPE_ATTRIBUTES, 
+	                             G_PARAM_STATIC_NAME | G_PARAM_STATIC_NICK | G_PARAM_STATIC_BLURB | G_PARAM_READABLE | G_PARAM_WRITABLE));
+	
+	g_object_class_install_property (gobject_class, PROP_DISPLAY_ID, 
+	         g_param_spec_string ("display-id", "display-id", "display-id", NULL, 
+	                              G_PARAM_STATIC_NAME | G_PARAM_STATIC_NICK | G_PARAM_STATIC_BLURB | G_PARAM_READABLE));
+	
+	g_object_class_install_property (gobject_class, PROP_SIMPLE_NAME, 
+	         g_param_spec_string ("simple-name", "simple-name", "simple-name", NULL, 
+	                              G_PARAM_STATIC_NAME | G_PARAM_STATIC_NICK | G_PARAM_STATIC_BLURB | G_PARAM_READABLE));
+	
+	g_object_class_install_property (gobject_class, PROP_FINGERPRINT, 
+	         g_param_spec_string ("fingerprint", "fingerprint", "fingerprint", NULL, 
+	                              G_PARAM_STATIC_NAME | G_PARAM_STATIC_NICK | G_PARAM_STATIC_BLURB | G_PARAM_READABLE));
+	
+	g_object_class_install_property (gobject_class, PROP_VALIDITY, 
+	         g_param_spec_uint ("validity", "validity", "validity", 0, G_MAXUINT, 0U, 
+	                            G_PARAM_STATIC_NAME | G_PARAM_STATIC_NICK | G_PARAM_STATIC_BLURB | G_PARAM_READABLE));
+	
+	g_object_class_install_property (gobject_class, PROP_VALIDITY_STR, 
+	         g_param_spec_string ("validity-str", "validity-str", "validity-str", NULL, 
+	                              G_PARAM_STATIC_NAME | G_PARAM_STATIC_NICK | G_PARAM_STATIC_BLURB | G_PARAM_READABLE));
+	
+	g_object_class_install_property (gobject_class, PROP_TRUST, 
+	         g_param_spec_uint ("trust", "trust", "trust", 0, G_MAXUINT, 0U, 
+	                            G_PARAM_STATIC_NAME | G_PARAM_STATIC_NICK | G_PARAM_STATIC_BLURB | G_PARAM_READABLE));
+	
+	g_object_class_install_property (gobject_class, PROP_TRUST_STR, 
+	         g_param_spec_string ("trust-str", "trust-str", "trust-str", NULL, 
+	                              G_PARAM_STATIC_NAME | G_PARAM_STATIC_NICK | G_PARAM_STATIC_BLURB | G_PARAM_READABLE));
+	
+	g_object_class_install_property (gobject_class, PROP_EXPIRES, 
+	         g_param_spec_ulong ("expires", "expires", "expires", 0, G_MAXULONG, 0UL, 
+	                             G_PARAM_STATIC_NAME | G_PARAM_STATIC_NICK | G_PARAM_STATIC_BLURB | G_PARAM_READABLE));
+	
+	g_object_class_install_property (gobject_class, PROP_EXPIRES_STR, 
+	         g_param_spec_string ("expires-str", "expires-str", "expires-str", NULL, 
+	                              G_PARAM_STATIC_NAME | G_PARAM_STATIC_NICK | G_PARAM_STATIC_BLURB | G_PARAM_READABLE));
+	
+	g_object_class_override_property (gobject_class, PROP_MARKUP, "markup");
+	
+	g_object_class_override_property (gobject_class, PROP_DISPLAY_NAME, "display-name");
+	
+	g_object_class_override_property (gobject_class, PROP_STOCK_ID, "stock-id");
+}
+
+const guchar*
+seahorse_pkcs11_certificate_get_der_data (CruiX509Cert *self, gsize *n_length)
+{
+	SeahorsePkcs11CertificatePrivate *pv;
+	
+	g_return_val_if_fail (SEAHORSE_PKCS11_IS_CERTIFICATE (self), NULL);
+	
+	pv = SEAHORSE_PKCS11_CERTIFICATE_GET_PRIVATE (self);
+	g_return_val_if_fail (pv->pkcs11_attributes, NULL);
+	
+	if (gp11_attribute_is_invalid (&pv->der_value)) {
+		GP11Attribute *attr = gp11_attributes_find (pv->pkcs11_attributes, CKA_VALUE);
+		g_return_val_if_fail (attr, NULL);
+		gp11_attribute_clear (&pv->der_value);
+		gp11_attribute_init_copy (&pv->der_value, attr);
+	}
+	
+	g_return_val_if_fail (!gp11_attribute_is_invalid (&pv->der_value), NULL);
+	*n_length = pv->der_value.length;
+	return pv->der_value.value;
+}
+
+static void 
+seahorse_pkcs11_certificate_iface (CruiX509CertIface *iface)
+{
+	iface->get_der_data = (gpointer)seahorse_pkcs11_certificate_get_der_data;
+}
+
+/* -----------------------------------------------------------------------------
+ * PUBLIC 
+ */
+
+SeahorsePkcs11Certificate*
+seahorse_pkcs11_certificate_new (GP11Object* object, GP11Attributes* attributes)
+{
+	return g_object_new (SEAHORSE_PKCS11_TYPE_CERTIFICATE, 
+	                     "pkcs11-object", object, 
+	                     "pkcs11-attributes", attributes, NULL);
+}
+
+GP11Object* 
+seahorse_pkcs11_certificate_get_pkcs11_object (SeahorsePkcs11Certificate* self) 
+{
+	g_return_val_if_fail (SEAHORSE_PKCS11_IS_CERTIFICATE (self), NULL);
+	return SEAHORSE_PKCS11_CERTIFICATE_GET_PRIVATE (self)->pkcs11_object;
 }
 
+void 
+seahorse_pkcs11_certificate_set_pkcs11_object (SeahorsePkcs11Certificate* self, GP11Object* value) 
+{
+	SeahorsePkcs11CertificatePrivate *pv;
+	
+	g_return_if_fail (SEAHORSE_PKCS11_IS_CERTIFICATE (self));
+	pv = SEAHORSE_PKCS11_CERTIFICATE_GET_PRIVATE (self);
+	
+	if (pv->pkcs11_object)
+		g_object_unref (pv->pkcs11_object);
+	pv->pkcs11_object = value;
+	if (pv->pkcs11_object)
+		g_object_ref (pv->pkcs11_object);
+	
+	certificate_rebuild (self);
+	g_object_notify (G_OBJECT (self), "pkcs11-object");
+}
 
-char* seahorse_pkcs11_certificate_get_display_id (SeahorsePkcs11Certificate* self) {
-	const char* _tmp0;
-	char* id;
-	char* _tmp2;
-	char* _tmp3;
+GP11Attributes* 
+seahorse_pkcs11_certificate_get_pkcs11_attributes (SeahorsePkcs11Certificate* self) 
+{
 	g_return_val_if_fail (SEAHORSE_PKCS11_IS_CERTIFICATE (self), NULL);
-	_tmp0 = NULL;
-	id = (_tmp0 = seahorse_pkcs11_certificate_get_fingerprint (self), (_tmp0 == NULL ? NULL : g_strdup (_tmp0)));
-	if (g_utf8_strlen (id, -1) <= 8) {
-		return id;
-	}
-	_tmp2 = NULL;
-	_tmp3 = NULL;
-	return (_tmp3 = (_tmp2 = g_utf8_offset_to_pointer (id, g_utf8_strlen (id, -1) - 8), g_strndup (_tmp2, g_utf8_offset_to_pointer (_tmp2, ((glong) (8))) - _tmp2)), (id = (g_free (id), NULL)), _tmp3);
+	return SEAHORSE_PKCS11_CERTIFICATE_GET_PRIVATE (self)->pkcs11_attributes;
 }
 
 
-static char* seahorse_pkcs11_certificate_real_get_markup (SeahorseObject* base) {
-	SeahorsePkcs11Certificate* self;
-	self = SEAHORSE_PKCS11_CERTIFICATE (base);
-	return g_markup_escape_text (seahorse_object_get_display_name (SEAHORSE_OBJECT (self)), -1);
-}
+void 
+seahorse_pkcs11_certificate_set_pkcs11_attributes (SeahorsePkcs11Certificate* self, GP11Attributes* value) 
+{
+	SeahorsePkcs11CertificatePrivate *pv;
+	
+	g_return_if_fail (SEAHORSE_PKCS11_IS_CERTIFICATE (self));
+	pv = SEAHORSE_PKCS11_CERTIFICATE_GET_PRIVATE (self);
+	
+	if (pv->pkcs11_attributes)
+		gp11_attributes_unref (pv->pkcs11_attributes);
+	pv->pkcs11_attributes = value;
+	if (pv->pkcs11_attributes)
+		gp11_attributes_ref (pv->pkcs11_attributes);
+	
+	certificate_rebuild (self);
+	g_object_notify (G_OBJECT (self), "pkcs11-attributes");
+}
+
+gchar* 
+seahorse_pkcs11_certificate_get_display_id (SeahorsePkcs11Certificate* self) 
+{
+	gsize len;
+	gchar *id, *ret;
+	
+	g_return_val_if_fail (SEAHORSE_PKCS11_IS_CERTIFICATE (self), NULL);
+	
+	id = seahorse_pkcs11_certificate_get_fingerprint (self);
+	g_return_val_if_fail (id, NULL);
+	
+	len = strlen (id);
+	if (len <= 8)
+		return id;
 
+	ret = g_strndup (id + (len - 8), 8);
+	g_free (id);
+	return ret;
+}
 
-const char* seahorse_pkcs11_certificate_get_simple_name (SeahorsePkcs11Certificate* self) {
+char* 
+seahorse_pkcs11_certificate_get_simple_name (SeahorsePkcs11Certificate* self) 
+{
 	g_return_val_if_fail (SEAHORSE_PKCS11_IS_CERTIFICATE (self), NULL);
 	return seahorse_object_get_display_name (SEAHORSE_OBJECT (self));
 }
 
-
-char* seahorse_pkcs11_certificate_get_fingerprint (SeahorsePkcs11Certificate* self) {
+char* 
+seahorse_pkcs11_certificate_get_fingerprint (SeahorsePkcs11Certificate* self) 
+{
+	SeahorsePkcs11CertificatePrivate *pv;
 	GP11Attribute* attr;
+	
 	g_return_val_if_fail (SEAHORSE_PKCS11_IS_CERTIFICATE (self), NULL);
+	pv = SEAHORSE_PKCS11_CERTIFICATE_GET_PRIVATE (self);
+	
 	/* TODO: We should be using the fingerprint off the key */
-	if (self->priv->_pkcs11_attributes == NULL) {
+	if (pv->pkcs11_attributes == NULL) 
 		return g_strdup ("");
-	}
-	attr = gp11_attributes_find (self->priv->_pkcs11_attributes, CKA_ID);
-	if (attr == NULL) {
+
+	attr = gp11_attributes_find (pv->pkcs11_attributes, CKA_ID);
+	if (attr == NULL)
 		return g_strdup ("");
-	}
+
 	return seahorse_util_hex_encode (attr->value, attr->length);
 }
 
-
-guint seahorse_pkcs11_certificate_get_validity (SeahorsePkcs11Certificate* self) {
+guint 
+seahorse_pkcs11_certificate_get_validity (SeahorsePkcs11Certificate* self) 
+{
 	g_return_val_if_fail (SEAHORSE_PKCS11_IS_CERTIFICATE (self), 0U);
+	
 	/* TODO: We need to implement proper validity checking */
-	;
-	return ((guint) (SEAHORSE_VALIDITY_UNKNOWN));
+	return SEAHORSE_VALIDITY_UNKNOWN;
 }
 
-
-char* seahorse_pkcs11_certificate_get_validity_str (SeahorsePkcs11Certificate* self) {
-	const char* _tmp0;
+const char* 
+seahorse_pkcs11_certificate_get_validity_str (SeahorsePkcs11Certificate* self) 
+{
 	g_return_val_if_fail (SEAHORSE_PKCS11_IS_CERTIFICATE (self), NULL);
-	_tmp0 = NULL;
-	return (_tmp0 = seahorse_validity_get_string (((SeahorseValidity) (seahorse_pkcs11_certificate_get_validity (self)))), (_tmp0 == NULL ? NULL : g_strdup (_tmp0)));
+	return seahorse_validity_get_string (seahorse_pkcs11_certificate_get_validity (self));
 }
 
-
-guint seahorse_pkcs11_certificate_get_trust (SeahorsePkcs11Certificate* self) {
+guint 
+seahorse_pkcs11_certificate_get_trust (SeahorsePkcs11Certificate* self) 
+{
+	SeahorsePkcs11CertificatePrivate *pv;
 	gulong trust;
+	
 	g_return_val_if_fail (SEAHORSE_PKCS11_IS_CERTIFICATE (self), 0U);
+	pv = SEAHORSE_PKCS11_CERTIFICATE_GET_PRIVATE (self);
+	
 	trust = 0UL;
-	if (self->priv->_pkcs11_attributes == NULL || !gp11_attributes_find_ulong (self->priv->_pkcs11_attributes, CKA_GNOME_USER_TRUST, &trust)) {
-		return ((guint) (SEAHORSE_VALIDITY_UNKNOWN));
-	}
-	if (trust == CKT_GNOME_TRUSTED) {
-		return ((guint) (SEAHORSE_VALIDITY_FULL));
-	} else {
-		if (trust == CKT_GNOME_UNTRUSTED) {
-			return ((guint) (SEAHORSE_VALIDITY_NEVER));
-		}
-	}
-	return ((guint) (SEAHORSE_VALIDITY_UNKNOWN));
+	if (pv->pkcs11_attributes == NULL || 
+	    !gp11_attributes_find_ulong (pv->pkcs11_attributes, CKA_GNOME_USER_TRUST, &trust)) 
+		return SEAHORSE_VALIDITY_UNKNOWN;
+	
+	if (trust == CKT_GNOME_TRUSTED)
+		return SEAHORSE_VALIDITY_FULL;
+	else if (trust == CKT_GNOME_UNTRUSTED)
+		return SEAHORSE_VALIDITY_NEVER;
+	else
+		return SEAHORSE_VALIDITY_UNKNOWN;
 }
 
-
-char* seahorse_pkcs11_certificate_get_trust_str (SeahorsePkcs11Certificate* self) {
-	const char* _tmp0;
+const char* 
+seahorse_pkcs11_certificate_get_trust_str (SeahorsePkcs11Certificate* self) 
+{
 	g_return_val_if_fail (SEAHORSE_PKCS11_IS_CERTIFICATE (self), NULL);
-	_tmp0 = NULL;
-	return (_tmp0 = seahorse_validity_get_string (((SeahorseValidity) (seahorse_pkcs11_certificate_get_trust (self)))), (_tmp0 == NULL ? NULL : g_strdup (_tmp0)));
+	return seahorse_validity_get_string (seahorse_pkcs11_certificate_get_trust (self));
 }
 
 
-gulong seahorse_pkcs11_certificate_get_expires (SeahorsePkcs11Certificate* self) {
+gulong
+seahorse_pkcs11_certificate_get_expires (SeahorsePkcs11Certificate* self) 
+{
+	SeahorsePkcs11CertificatePrivate *pv;
+
 	GDate date = {0};
 	struct tm time = {0};
+
 	g_return_val_if_fail (SEAHORSE_PKCS11_IS_CERTIFICATE (self), 0UL);
-	if (self->priv->_pkcs11_attributes == NULL || !gp11_attributes_find_date (self->priv->_pkcs11_attributes, CKA_END_DATE, &date)) {
-		return ((gulong) (0));
-	}
+	pv = SEAHORSE_PKCS11_CERTIFICATE_GET_PRIVATE (self);
+	
+	if (pv->pkcs11_attributes == NULL || 
+	    !gp11_attributes_find_date (pv->pkcs11_attributes, CKA_END_DATE, &date))
+		return 0;
+
 	g_date_to_struct_tm (&date, &time);
-	return ((gulong) (mktime (&time)));
+	return (gulong)(mktime (&time));
 }
 
-
-char* seahorse_pkcs11_certificate_get_expires_str (SeahorsePkcs11Certificate* self) {
+char* 
+seahorse_pkcs11_certificate_get_expires_str (SeahorsePkcs11Certificate* self) 
+{
 	gulong expiry;
+	
 	g_return_val_if_fail (SEAHORSE_PKCS11_IS_CERTIFICATE (self), NULL);
+	
 	/* TODO: When expired return Expired */
 	expiry = seahorse_pkcs11_certificate_get_expires (self);
-	if (expiry == 0) {
+	if (expiry == 0)
 		return g_strdup ("");
-	}
 	return seahorse_util_get_date_string (expiry);
 }
 
-
-static char* seahorse_pkcs11_certificate_real_get_stock_id (SeahorseObject* base) {
-	SeahorsePkcs11Certificate* self;
-	self = SEAHORSE_PKCS11_CERTIFICATE (base);
-	/* TODO: A certificate icon */
-	return g_strdup ("");
-}
-
-
-static void seahorse_pkcs11_certificate_get_property (GObject * object, guint property_id, GValue * value, GParamSpec * pspec) {
-	SeahorsePkcs11Certificate * self;
-	self = SEAHORSE_PKCS11_CERTIFICATE (object);
-	switch (property_id) {
-		case SEAHORSE_PKCS11_CERTIFICATE_PKCS11_OBJECT:
-		g_value_set_object (value, seahorse_pkcs11_certificate_get_pkcs11_object (self));
-		break;
-		case SEAHORSE_PKCS11_CERTIFICATE_PKCS11_ATTRIBUTES:
-		g_value_set_pointer (value, seahorse_pkcs11_certificate_get_pkcs11_attributes (self));
-		break;
-		case SEAHORSE_PKCS11_CERTIFICATE_DISPLAY_NAME:
-		g_value_set_string (value, seahorse_object_get_display_name (SEAHORSE_OBJECT (self)));
-		break;
-		case SEAHORSE_PKCS11_CERTIFICATE_DISPLAY_ID:
-		g_value_set_string (value, seahorse_pkcs11_certificate_get_display_id (self));
-		break;
-		case SEAHORSE_PKCS11_CERTIFICATE_MARKUP:
-		g_value_set_string (value, seahorse_object_get_markup (SEAHORSE_OBJECT (self)));
-		break;
-		case SEAHORSE_PKCS11_CERTIFICATE_SIMPLE_NAME:
-		g_value_set_string (value, seahorse_pkcs11_certificate_get_simple_name (self));
-		break;
-		case SEAHORSE_PKCS11_CERTIFICATE_FINGERPRINT:
-		g_value_set_string (value, seahorse_pkcs11_certificate_get_fingerprint (self));
-		break;
-		case SEAHORSE_PKCS11_CERTIFICATE_VALIDITY:
-		g_value_set_uint (value, seahorse_pkcs11_certificate_get_validity (self));
-		break;
-		case SEAHORSE_PKCS11_CERTIFICATE_VALIDITY_STR:
-		g_value_set_string (value, seahorse_pkcs11_certificate_get_validity_str (self));
-		break;
-		case SEAHORSE_PKCS11_CERTIFICATE_TRUST:
-		g_value_set_uint (value, seahorse_pkcs11_certificate_get_trust (self));
-		break;
-		case SEAHORSE_PKCS11_CERTIFICATE_TRUST_STR:
-		g_value_set_string (value, seahorse_pkcs11_certificate_get_trust_str (self));
-		break;
-		case SEAHORSE_PKCS11_CERTIFICATE_EXPIRES:
-		g_value_set_ulong (value, seahorse_pkcs11_certificate_get_expires (self));
-		break;
-		case SEAHORSE_PKCS11_CERTIFICATE_EXPIRES_STR:
-		g_value_set_string (value, seahorse_pkcs11_certificate_get_expires_str (self));
-		break;
-		case SEAHORSE_PKCS11_CERTIFICATE_STOCK_ID:
-		g_value_set_string (value, seahorse_object_get_stock_id (SEAHORSE_OBJECT (self)));
-		break;
-		default:
-		G_OBJECT_WARN_INVALID_PROPERTY_ID (object, property_id, pspec);
-		break;
-	}
-}
-
-
-static void seahorse_pkcs11_certificate_set_property (GObject * object, guint property_id, const GValue * value, GParamSpec * pspec) {
-	SeahorsePkcs11Certificate * self;
-	self = SEAHORSE_PKCS11_CERTIFICATE (object);
-	switch (property_id) {
-		case SEAHORSE_PKCS11_CERTIFICATE_PKCS11_OBJECT:
-		seahorse_pkcs11_certificate_set_pkcs11_object (self, g_value_get_object (value));
-		break;
-		case SEAHORSE_PKCS11_CERTIFICATE_PKCS11_ATTRIBUTES:
-		seahorse_pkcs11_certificate_set_pkcs11_attributes (self, g_value_get_pointer (value));
-		break;
-		default:
-		G_OBJECT_WARN_INVALID_PROPERTY_ID (object, property_id, pspec);
-		break;
-	}
-}
-
-
-static void seahorse_pkcs11_certificate_class_init (SeahorsePkcs11CertificateClass * klass) {
-	seahorse_pkcs11_certificate_parent_class = g_type_class_peek_parent (klass);
-	g_type_class_add_private (klass, sizeof (SeahorsePkcs11CertificatePrivate));
-	G_OBJECT_CLASS (klass)->get_property = seahorse_pkcs11_certificate_get_property;
-	G_OBJECT_CLASS (klass)->set_property = seahorse_pkcs11_certificate_set_property;
-	G_OBJECT_CLASS (klass)->finalize = seahorse_pkcs11_certificate_finalize;
-	SEAHORSE_OBJECT_CLASS (klass)->get_display_name = seahorse_pkcs11_certificate_real_get_display_name;
-	SEAHORSE_OBJECT_CLASS (klass)->get_markup = seahorse_pkcs11_certificate_real_get_markup;
-	SEAHORSE_OBJECT_CLASS (klass)->get_stock_id = seahorse_pkcs11_certificate_real_get_stock_id;
-	g_object_class_install_property (G_OBJECT_CLASS (klass), SEAHORSE_PKCS11_CERTIFICATE_PKCS11_OBJECT, g_param_spec_object ("pkcs11-object", "pkcs11-object", "pkcs11-object", GP11_TYPE_OBJECT, G_PARAM_STATIC_NAME | G_PARAM_STATIC_NICK | G_PARAM_STATIC_BLURB | G_PARAM_READABLE | G_PARAM_WRITABLE));
-	g_object_class_install_property (G_OBJECT_CLASS (klass), SEAHORSE_PKCS11_CERTIFICATE_PKCS11_ATTRIBUTES, g_param_spec_pointer ("pkcs11-attributes", "pkcs11-attributes", "pkcs11-attributes", G_PARAM_STATIC_NAME | G_PARAM_STATIC_NICK | G_PARAM_STATIC_BLURB | G_PARAM_READABLE | G_PARAM_WRITABLE));
-	g_object_class_override_property (G_OBJECT_CLASS (klass), SEAHORSE_PKCS11_CERTIFICATE_DISPLAY_NAME, "display-name");
-	g_object_class_install_property (G_OBJECT_CLASS (klass), SEAHORSE_PKCS11_CERTIFICATE_DISPLAY_ID, g_param_spec_string ("display-id", "display-id", "display-id", NULL, G_PARAM_STATIC_NAME | G_PARAM_STATIC_NICK | G_PARAM_STATIC_BLURB | G_PARAM_READABLE));
-	g_object_class_override_property (G_OBJECT_CLASS (klass), SEAHORSE_PKCS11_CERTIFICATE_MARKUP, "markup");
-	g_object_class_install_property (G_OBJECT_CLASS (klass), SEAHORSE_PKCS11_CERTIFICATE_SIMPLE_NAME, g_param_spec_string ("simple-name", "simple-name", "simple-name", NULL, G_PARAM_STATIC_NAME | G_PARAM_STATIC_NICK | G_PARAM_STATIC_BLURB | G_PARAM_READABLE));
-	g_object_class_install_property (G_OBJECT_CLASS (klass), SEAHORSE_PKCS11_CERTIFICATE_FINGERPRINT, g_param_spec_string ("fingerprint", "fingerprint", "fingerprint", NULL, G_PARAM_STATIC_NAME | G_PARAM_STATIC_NICK | G_PARAM_STATIC_BLURB | G_PARAM_READABLE));
-	g_object_class_install_property (G_OBJECT_CLASS (klass), SEAHORSE_PKCS11_CERTIFICATE_VALIDITY, g_param_spec_uint ("validity", "validity", "validity", 0, G_MAXUINT, 0U, G_PARAM_STATIC_NAME | G_PARAM_STATIC_NICK | G_PARAM_STATIC_BLURB | G_PARAM_READABLE));
-	g_object_class_install_property (G_OBJECT_CLASS (klass), SEAHORSE_PKCS11_CERTIFICATE_VALIDITY_STR, g_param_spec_string ("validity-str", "validity-str", "validity-str", NULL, G_PARAM_STATIC_NAME | G_PARAM_STATIC_NICK | G_PARAM_STATIC_BLURB | G_PARAM_READABLE));
-	g_object_class_install_property (G_OBJECT_CLASS (klass), SEAHORSE_PKCS11_CERTIFICATE_TRUST, g_param_spec_uint ("trust", "trust", "trust", 0, G_MAXUINT, 0U, G_PARAM_STATIC_NAME | G_PARAM_STATIC_NICK | G_PARAM_STATIC_BLURB | G_PARAM_READABLE));
-	g_object_class_install_property (G_OBJECT_CLASS (klass), SEAHORSE_PKCS11_CERTIFICATE_TRUST_STR, g_param_spec_string ("trust-str", "trust-str", "trust-str", NULL, G_PARAM_STATIC_NAME | G_PARAM_STATIC_NICK | G_PARAM_STATIC_BLURB | G_PARAM_READABLE));
-	g_object_class_install_property (G_OBJECT_CLASS (klass), SEAHORSE_PKCS11_CERTIFICATE_EXPIRES, g_param_spec_ulong ("expires", "expires", "expires", 0, G_MAXULONG, 0UL, G_PARAM_STATIC_NAME | G_PARAM_STATIC_NICK | G_PARAM_STATIC_BLURB | G_PARAM_READABLE));
-	g_object_class_install_property (G_OBJECT_CLASS (klass), SEAHORSE_PKCS11_CERTIFICATE_EXPIRES_STR, g_param_spec_string ("expires-str", "expires-str", "expires-str", NULL, G_PARAM_STATIC_NAME | G_PARAM_STATIC_NICK | G_PARAM_STATIC_BLURB | G_PARAM_READABLE));
-	g_object_class_override_property (G_OBJECT_CLASS (klass), SEAHORSE_PKCS11_CERTIFICATE_STOCK_ID, "stock-id");
-}
-
-
-static void seahorse_pkcs11_certificate_instance_init (SeahorsePkcs11Certificate * self) {
-	self->priv = SEAHORSE_PKCS11_CERTIFICATE_GET_PRIVATE (self);
-}
-
-
-static void seahorse_pkcs11_certificate_finalize (GObject * obj) {
-	SeahorsePkcs11Certificate * self;
-	self = SEAHORSE_PKCS11_CERTIFICATE (obj);
-	(self->priv->_pkcs11_object == NULL ? NULL : (self->priv->_pkcs11_object = (g_object_unref (self->priv->_pkcs11_object), NULL)));
-	(self->priv->_pkcs11_attributes == NULL ? NULL : (self->priv->_pkcs11_attributes = (gp11_attributes_unref (self->priv->_pkcs11_attributes), NULL)));
-	G_OBJECT_CLASS (seahorse_pkcs11_certificate_parent_class)->finalize (obj);
-}
-
-
-GType seahorse_pkcs11_certificate_get_type (void) {
-	static GType seahorse_pkcs11_certificate_type_id = 0;
-	if (seahorse_pkcs11_certificate_type_id == 0) {
-		static const GTypeInfo g_define_type_info = { sizeof (SeahorsePkcs11CertificateClass), (GBaseInitFunc) NULL, (GBaseFinalizeFunc) NULL, (GClassInitFunc) seahorse_pkcs11_certificate_class_init, (GClassFinalizeFunc) NULL, NULL, sizeof (SeahorsePkcs11Certificate), 0, (GInstanceInitFunc) seahorse_pkcs11_certificate_instance_init };
-		seahorse_pkcs11_certificate_type_id = g_type_register_static (SEAHORSE_TYPE_OBJECT, "SeahorsePkcs11Certificate", &g_define_type_info, 0);
-	}
-	return seahorse_pkcs11_certificate_type_id;
-}
-
-
-
-

Modified: trunk/pkcs11/seahorse-pkcs11-certificate.h
==============================================================================
--- trunk/pkcs11/seahorse-pkcs11-certificate.h	(original)
+++ trunk/pkcs11/seahorse-pkcs11-certificate.h	Sat Nov 22 23:42:50 2008
@@ -1,56 +1,83 @@
+/* 
+ * Seahorse
+ * 
+ * Copyright (C) 2008 Stefan Walter
+ * 
+ * This program is free software; you can redistribute it and/or modify 
+ * it under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *  
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *  
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
+ * 02111-1307, USA.  
+ */
 
 #ifndef __SEAHORSE_PKCS11_CERTIFICATE_H__
 #define __SEAHORSE_PKCS11_CERTIFICATE_H__
 
-#include <glib.h>
-#include <glib-object.h>
-#include <seahorse-object.h>
 #include <gp11.h>
-#include <gp11-hacks.h>
-#include <stdlib.h>
-#include <string.h>
-
-G_BEGIN_DECLS
 
+#include <glib-object.h>
+
+#include "seahorse-object.h"
 
-#define SEAHORSE_PKCS11_TYPE_CERTIFICATE (seahorse_pkcs11_certificate_get_type ())
-#define SEAHORSE_PKCS11_CERTIFICATE(obj) (G_TYPE_CHECK_INSTANCE_CAST ((obj), SEAHORSE_PKCS11_TYPE_CERTIFICATE, SeahorsePkcs11Certificate))
-#define SEAHORSE_PKCS11_CERTIFICATE_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST ((klass), SEAHORSE_PKCS11_TYPE_CERTIFICATE, SeahorsePkcs11CertificateClass))
-#define SEAHORSE_PKCS11_IS_CERTIFICATE(obj) (G_TYPE_CHECK_INSTANCE_TYPE ((obj), SEAHORSE_PKCS11_TYPE_CERTIFICATE))
-#define SEAHORSE_PKCS11_IS_CERTIFICATE_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE ((klass), SEAHORSE_PKCS11_TYPE_CERTIFICATE))
-#define SEAHORSE_PKCS11_CERTIFICATE_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS ((obj), SEAHORSE_PKCS11_TYPE_CERTIFICATE, SeahorsePkcs11CertificateClass))
+#define SEAHORSE_PKCS11_TYPE_CERTIFICATE               (seahorse_pkcs11_certificate_get_type ())
+#define SEAHORSE_PKCS11_CERTIFICATE(obj)               (G_TYPE_CHECK_INSTANCE_CAST ((obj), SEAHORSE_PKCS11_TYPE_CERTIFICATE, SeahorsePkcs11Certificate))
+#define SEAHORSE_PKCS11_CERTIFICATE_CLASS(klass)       (G_TYPE_CHECK_CLASS_CAST ((klass), SEAHORSE_PKCS11_TYPE_CERTIFICATE, SeahorsePkcs11CertificateClass))
+#define SEAHORSE_PKCS11_IS_CERTIFICATE(obj)            (G_TYPE_CHECK_INSTANCE_TYPE ((obj), SEAHORSE_PKCS11_TYPE_CERTIFICATE))
+#define SEAHORSE_PKCS11_IS_CERTIFICATE_CLASS(klass)    (G_TYPE_CHECK_CLASS_TYPE ((klass), SEAHORSE_PKCS11_TYPE_CERTIFICATE))
+#define SEAHORSE_PKCS11_CERTIFICATE_GET_CLASS(obj)     (G_TYPE_INSTANCE_GET_CLASS ((obj), SEAHORSE_PKCS11_TYPE_CERTIFICATE, SeahorsePkcs11CertificateClass))
 
 typedef struct _SeahorsePkcs11Certificate SeahorsePkcs11Certificate;
 typedef struct _SeahorsePkcs11CertificateClass SeahorsePkcs11CertificateClass;
 typedef struct _SeahorsePkcs11CertificatePrivate SeahorsePkcs11CertificatePrivate;
-
+    
 struct _SeahorsePkcs11Certificate {
-	SeahorseObject parent_instance;
-	SeahorsePkcs11CertificatePrivate * priv;
+	SeahorseObject parent;
 };
 
 struct _SeahorsePkcs11CertificateClass {
 	SeahorseObjectClass parent_class;
 };
 
+GType                       seahorse_pkcs11_certificate_get_type               (void);
+
+SeahorsePkcs11Certificate*  seahorse_pkcs11_certificate_new                    (GP11Object* object, 
+                                                                                GP11Attributes* attributes);
+
+GP11Object*                 seahorse_pkcs11_certificate_get_pkcs11_object      (SeahorsePkcs11Certificate* self);
+
+void                        seahorse_pkcs11_certificate_set_pkcs11_object      (SeahorsePkcs11Certificate* self, 
+                                                                                GP11Object* value);
+
+GP11Attributes*             seahorse_pkcs11_certificate_get_pkcs11_attributes  (SeahorsePkcs11Certificate* self);
+
+void                        seahorse_pkcs11_certificate_set_pkcs11_attributes  (SeahorsePkcs11Certificate* self, 
+                                                                                GP11Attributes* value);
+
+gchar*                      seahorse_pkcs11_certificate_get_display_id         (SeahorsePkcs11Certificate* self);
+
+gchar*                      seahorse_pkcs11_certificate_get_simple_name        (SeahorsePkcs11Certificate* self);
+
+gchar*                      seahorse_pkcs11_certificate_get_fingerprint        (SeahorsePkcs11Certificate* self);
+
+guint                       seahorse_pkcs11_certificate_get_validity           (SeahorsePkcs11Certificate* self);
+
+const gchar*                seahorse_pkcs11_certificate_get_validity_str       (SeahorsePkcs11Certificate* self);
+
+guint                       seahorse_pkcs11_certificate_get_trust              (SeahorsePkcs11Certificate* self);
 
-SeahorsePkcs11Certificate* seahorse_pkcs11_certificate_new (GP11Object* object, GP11Attributes* attributes);
-GP11Object* seahorse_pkcs11_certificate_get_pkcs11_object (SeahorsePkcs11Certificate* self);
-void seahorse_pkcs11_certificate_set_pkcs11_object (SeahorsePkcs11Certificate* self, GP11Object* value);
-GP11Attributes* seahorse_pkcs11_certificate_get_pkcs11_attributes (SeahorsePkcs11Certificate* self);
-void seahorse_pkcs11_certificate_set_pkcs11_attributes (SeahorsePkcs11Certificate* self, GP11Attributes* value);
-char* seahorse_pkcs11_certificate_get_display_id (SeahorsePkcs11Certificate* self);
-const char* seahorse_pkcs11_certificate_get_simple_name (SeahorsePkcs11Certificate* self);
-char* seahorse_pkcs11_certificate_get_fingerprint (SeahorsePkcs11Certificate* self);
-guint seahorse_pkcs11_certificate_get_validity (SeahorsePkcs11Certificate* self);
-char* seahorse_pkcs11_certificate_get_validity_str (SeahorsePkcs11Certificate* self);
-guint seahorse_pkcs11_certificate_get_trust (SeahorsePkcs11Certificate* self);
-char* seahorse_pkcs11_certificate_get_trust_str (SeahorsePkcs11Certificate* self);
-gulong seahorse_pkcs11_certificate_get_expires (SeahorsePkcs11Certificate* self);
-char* seahorse_pkcs11_certificate_get_expires_str (SeahorsePkcs11Certificate* self);
-GType seahorse_pkcs11_certificate_get_type (void);
+const gchar*                seahorse_pkcs11_certificate_get_trust_str          (SeahorsePkcs11Certificate* self);
 
+gulong                      seahorse_pkcs11_certificate_get_expires            (SeahorsePkcs11Certificate* self);
 
-G_END_DECLS
+gchar*                      seahorse_pkcs11_certificate_get_expires_str        (SeahorsePkcs11Certificate* self);
 
-#endif
+#endif /* __SEAHORSE_PKCS11_CERTIFICATE_H__ */

Added: trunk/pkcs11/seahorse-pkcs11-commands.c
==============================================================================
--- (empty file)
+++ trunk/pkcs11/seahorse-pkcs11-commands.c	Sat Nov 22 23:42:50 2008
@@ -0,0 +1,247 @@
+/* 
+ * Seahorse
+ * 
+ * Copyright (C) 2008 Stefan Walter
+ * 
+ * This program is free software; you can redistribute it and/or modify 
+ * it under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *  
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *  
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
+ * 02111-1307, USA.  
+ */
+
+#include "config.h"
+
+#include "seahorse-pkcs11-commands.h"
+
+#include "seahorse-pkcs11.h"
+#include "seahorse-pkcs11-certificate.h"
+
+#include "seahorse-util.h"
+
+#include "common/seahorse-registry.h"
+
+#include "libcryptui/crui-x509-cert-dialog.h"
+
+enum {
+	PROP_0,
+	PROP_KTYPE,
+	PROP_UI_DEFINITION,
+	PROP_COMMAND_ACTIONS
+};
+
+struct _SeahorsePkcs11CommandsPrivate {
+	GtkActionGroup *action_group;
+};
+
+static GQuark slot_certificate_window = 0; 
+
+G_DEFINE_TYPE (SeahorsePkcs11Commands, seahorse_pkcs11_commands, SEAHORSE_TYPE_COMMANDS);
+
+#define SEAHORSE_PKCS11_COMMANDS_GET_PRIVATE(o) \
+	(G_TYPE_INSTANCE_GET_PRIVATE ((o), SEAHORSE_PKCS11_TYPE_COMMANDS, SeahorsePkcs11CommandsPrivate))
+
+/* -----------------------------------------------------------------------------
+ * INTERNAL 
+ */
+
+static void 
+properties_response (GtkDialog *dialog, gint response_id, gpointer user_data)
+{
+	gtk_widget_destroy (GTK_WIDGET (dialog));
+}
+
+/* -----------------------------------------------------------------------------
+ * OBJECT 
+ */
+
+static void
+seahorse_pkcs11_commands_show_properties (SeahorseCommands *cmds, SeahorseObject *object)
+{
+	GtkWindow *window;
+	gpointer previous;
+	
+	g_return_if_fail (SEAHORSE_PKCS11_IS_COMMANDS (cmds));
+	g_return_if_fail (SEAHORSE_PKCS11_IS_CERTIFICATE (object));
+	
+	/* Try to show an already present window */
+	previous = g_object_get_qdata (G_OBJECT (object), slot_certificate_window);
+	if (GTK_IS_WINDOW (previous)) {
+		window = GTK_WINDOW (previous);
+		if (GTK_WIDGET_VISIBLE (window)) {
+			gtk_window_present (window);
+			return;
+		}
+	}
+	
+	/* Create a new dialog for the certificate */
+	window = GTK_WINDOW (crui_x509_cert_dialog_new (CRUI_X509_CERT (object)));
+	gtk_window_set_transient_for (window, seahorse_view_get_window (seahorse_commands_get_view (cmds)));
+	g_object_set_qdata (G_OBJECT (object), slot_certificate_window, window);
+	gtk_widget_show (GTK_WIDGET (window));
+
+	/* Close the window when we get a response */
+	g_signal_connect (window, "response", G_CALLBACK (properties_response), NULL);
+}
+
+static SeahorseOperation*
+seahorse_pkcs11_commands_delete_objects (SeahorseCommands *cmds, GList *objects)
+{
+	gchar *prompt;
+	gchar *display;
+	gboolean ret;
+	guint num;
+	
+	g_return_val_if_fail (SEAHORSE_PKCS11_IS_COMMANDS (cmds), NULL);
+
+	num = g_list_length (objects);
+	
+	if (num == 1) {
+		display = seahorse_object_get_display_name (SEAHORSE_OBJECT (objects->data));
+		prompt = g_strdup_printf (_("Are you sure you want to delete the certificate '%s'?"), display);
+		g_free (display);
+	} else {
+		prompt = g_strdup_printf (_("Are you sure you want to delete %d secure shell keys?"), num);
+	}
+	
+	ret = seahorse_util_prompt_delete (prompt, GTK_WIDGET (seahorse_view_get_window (seahorse_commands_get_view (cmds))));
+	g_free (prompt);
+	
+	if (ret)
+		return seahorse_source_delete_objects (objects);
+	else
+		return NULL;
+}
+
+static GQuark 
+seahorse_pkcs11_commands_get_ktype (SeahorseCommands *base)
+{
+	return SEAHORSE_PKCS11_TYPE;
+}
+
+static const char* 
+seahorse_pkcs11_commands_get_ui_definition (SeahorseCommands *base)
+{
+	return "";
+}
+
+static GtkActionGroup* 
+seahorse_pkcs11_commands_get_command_actions (SeahorseCommands *base)
+{
+	SeahorsePkcs11Commands *self = SEAHORSE_PKCS11_COMMANDS (base);
+	SeahorsePkcs11CommandsPrivate *pv = SEAHORSE_PKCS11_COMMANDS_GET_PRIVATE (self);
+	return pv->action_group;
+}
+
+static void
+seahorse_pkcs11_commands_init (SeahorsePkcs11Commands *self)
+{
+	SeahorsePkcs11CommandsPrivate *pv = SEAHORSE_PKCS11_COMMANDS_GET_PRIVATE (self);
+	pv->action_group = gtk_action_group_new ("pkcs11");
+}
+
+static void
+seahorse_pkcs11_commands_dispose (GObject *obj)
+{
+	SeahorsePkcs11Commands *self = SEAHORSE_PKCS11_COMMANDS (obj);
+	SeahorsePkcs11CommandsPrivate *pv = SEAHORSE_PKCS11_COMMANDS_GET_PRIVATE (self);
+    
+	if (pv->action_group)
+		g_object_unref (pv->action_group);
+	pv->action_group = NULL;
+	
+	G_OBJECT_CLASS (seahorse_pkcs11_commands_parent_class)->dispose (obj);
+}
+
+static void
+seahorse_pkcs11_commands_finalize (GObject *obj)
+{
+	SeahorsePkcs11Commands *self = SEAHORSE_PKCS11_COMMANDS (obj);
+	SeahorsePkcs11CommandsPrivate *pv = SEAHORSE_PKCS11_COMMANDS_GET_PRIVATE (self);
+	
+	g_assert (pv->action_group == NULL);
+
+	G_OBJECT_CLASS (seahorse_pkcs11_commands_parent_class)->finalize (obj);
+}
+
+static void
+seahorse_pkcs11_commands_set_property (GObject *obj, guint prop_id, const GValue *value, 
+                           GParamSpec *pspec)
+{
+	switch (prop_id) {
+	default:
+		G_OBJECT_WARN_INVALID_PROPERTY_ID (obj, prop_id, pspec);
+		break;
+	}
+}
+
+static void
+seahorse_pkcs11_commands_get_property (GObject *obj, guint prop_id, GValue *value, 
+                                       GParamSpec *pspec)
+{
+	SeahorseCommands *base = SEAHORSE_COMMANDS (obj);
+	
+	switch (prop_id) {
+	case PROP_KTYPE:
+		g_value_set_uint (value, seahorse_pkcs11_commands_get_ktype (base));
+		break;
+	case PROP_UI_DEFINITION:
+		g_value_set_string (value, seahorse_pkcs11_commands_get_ui_definition (base));
+		break;
+	case PROP_COMMAND_ACTIONS:
+		g_value_set_object (value, seahorse_pkcs11_commands_get_command_actions (base));
+		break;
+	default:
+		G_OBJECT_WARN_INVALID_PROPERTY_ID (obj, prop_id, pspec);
+		break;
+	}
+}
+
+static void
+seahorse_pkcs11_commands_class_init (SeahorsePkcs11CommandsClass *klass)
+{
+	GObjectClass *gobject_class = G_OBJECT_CLASS (klass);
+	SeahorseCommandsClass *cmd_class = SEAHORSE_COMMANDS_CLASS (klass);
+	
+	seahorse_pkcs11_commands_parent_class = g_type_class_peek_parent (klass);
+	g_type_class_add_private (klass, sizeof (SeahorsePkcs11CommandsPrivate));
+
+	gobject_class->dispose = seahorse_pkcs11_commands_dispose;
+	gobject_class->finalize = seahorse_pkcs11_commands_finalize;
+	gobject_class->set_property = seahorse_pkcs11_commands_set_property;
+	gobject_class->get_property = seahorse_pkcs11_commands_get_property;
+    
+	cmd_class->show_properties = seahorse_pkcs11_commands_show_properties;
+	cmd_class->delete_objects = seahorse_pkcs11_commands_delete_objects;
+	cmd_class->get_ktype = seahorse_pkcs11_commands_get_ktype;
+	cmd_class->get_ui_definition = seahorse_pkcs11_commands_get_ui_definition;
+	cmd_class->get_command_actions = seahorse_pkcs11_commands_get_command_actions;
+
+	g_object_class_override_property (gobject_class, PROP_KTYPE, "ktype");
+	g_object_class_override_property (gobject_class, PROP_UI_DEFINITION, "ui-definition");
+	g_object_class_override_property (gobject_class, PROP_COMMAND_ACTIONS, "command-actions");
+
+	slot_certificate_window = g_quark_from_static_string ("seahorse-pkcs11-commands-window");
+
+	/* Register this as a source of commands */
+	seahorse_registry_register_type (seahorse_registry_get (), SEAHORSE_PKCS11_TYPE_COMMANDS, "commands", NULL);
+}
+
+/* -----------------------------------------------------------------------------
+ * PUBLIC 
+ */
+
+SeahorsePkcs11Commands*
+seahorse_pkcs11_commands_new (void)
+{
+	return g_object_new (SEAHORSE_PKCS11_TYPE_COMMANDS, NULL);
+}

Added: trunk/pkcs11/seahorse-pkcs11-commands.h
==============================================================================
--- (empty file)
+++ trunk/pkcs11/seahorse-pkcs11-commands.h	Sat Nov 22 23:42:50 2008
@@ -0,0 +1,52 @@
+/* 
+ * Seahorse
+ * 
+ * Copyright (C) 2008 Stefan Walter
+ * 
+ * This program is free software; you can redistribute it and/or modify 
+ * it under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *  
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *  
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
+ * 02111-1307, USA.  
+ */
+
+#ifndef __SEAHORSE_PKCS11_COMMANDS_H__
+#define __SEAHORSE_PKCS11_COMMANDS_H__
+
+#include "seahorse-commands.h"
+
+#include <glib-object.h>
+
+#define SEAHORSE_PKCS11_TYPE_COMMANDS               (seahorse_pkcs11_commands_get_type ())
+#define SEAHORSE_PKCS11_COMMANDS(obj)               (G_TYPE_CHECK_INSTANCE_CAST ((obj), SEAHORSE_PKCS11_TYPE_COMMANDS, SeahorsePkcs11Commands))
+#define SEAHORSE_PKCS11_COMMANDS_CLASS(klass)       (G_TYPE_CHECK_CLASS_CAST ((klass), SEAHORSE_PKCS11_TYPE_COMMANDS, SeahorsePkcs11CommandsClass))
+#define SEAHORSE_PKCS11_IS_COMMANDS(obj)            (G_TYPE_CHECK_INSTANCE_TYPE ((obj), SEAHORSE_PKCS11_TYPE_COMMANDS))
+#define SEAHORSE_PKCS11_IS_COMMANDS_CLASS(klass)    (G_TYPE_CHECK_CLASS_TYPE ((klass), SEAHORSE_PKCS11_TYPE_COMMANDS))
+#define SEAHORSE_PKCS11_COMMANDS_GET_CLASS(obj)     (G_TYPE_INSTANCE_GET_CLASS ((obj), SEAHORSE_PKCS11_TYPE_COMMANDS, SeahorsePkcs11CommandsClass))
+
+typedef struct _SeahorsePkcs11Commands SeahorsePkcs11Commands;
+typedef struct _SeahorsePkcs11CommandsClass SeahorsePkcs11CommandsClass;
+typedef struct _SeahorsePkcs11CommandsPrivate SeahorsePkcs11CommandsPrivate;
+    
+struct _SeahorsePkcs11Commands {
+	SeahorseCommands parent;
+};
+
+struct _SeahorsePkcs11CommandsClass {
+	SeahorseCommandsClass parent_class;
+};
+
+GType                        seahorse_pkcs11_commands_get_type               (void);
+
+SeahorsePkcs11Commands*      seahorse_pkcs11_commands_new                    (void);
+
+#endif /* __SEAHORSE_PKCS11_COMMANDS_H__ */

Modified: trunk/pkcs11/seahorse-pkcs11-module.c
==============================================================================
--- trunk/pkcs11/seahorse-pkcs11-module.c	(original)
+++ trunk/pkcs11/seahorse-pkcs11-module.c	Sat Nov 22 23:42:50 2008
@@ -22,6 +22,8 @@
 #include "config.h"
 
 #include "seahorse-pkcs11-module.h"
+
+#include "seahorse-pkcs11-commands.h"
 #include "seahorse-pkcs11-source.h"
 
 #include "seahorse-gconf.h"
@@ -66,4 +68,5 @@
 
 	/* Let these register themselves */
 	g_type_class_unref (g_type_class_ref (SEAHORSE_PKCS11_TYPE_SOURCE));
+	g_type_class_unref (g_type_class_ref (SEAHORSE_PKCS11_TYPE_COMMANDS));
 }

Modified: trunk/pkcs11/seahorse-pkcs11-source.c
==============================================================================
--- trunk/pkcs11/seahorse-pkcs11-source.c	(original)
+++ trunk/pkcs11/seahorse-pkcs11-source.c	Sat Nov 22 23:42:50 2008
@@ -4,9 +4,9 @@
 #include <pkcs11g.h>
 #include <seahorse-util.h>
 #include <glib/gi18n-lib.h>
+#include <seahorse-pkcs11-certificate.h>
 #include <seahorse-context.h>
 #include "seahorse-pkcs11.h"
-#include "seahorse-pkcs11-certificate.h"
 
 
 #define SEAHORSE_PKCS11_SOURCE_TYPE_UPDATER (seahorse_pkcs11_source_updater_get_type ())
@@ -261,7 +261,7 @@
 static gpointer seahorse_pkcs11_source_parent_class = NULL;
 static void seahorse_pkcs11_source_finalize (GObject * obj);
 
-static const gulong SEAHORSE_PKCS11_ATTRIBUTE_TYPES[] = {CKA_LABEL, CKA_ID, CKA_CLASS, CKA_TOKEN, CKA_GNOME_USER_TRUST, CKA_START_DATE, CKA_END_DATE, CKA_EXTRACTABLE};
+static const gulong SEAHORSE_PKCS11_ATTRIBUTE_TYPES[] = {CKA_LABEL, CKA_ID, CKA_CLASS, CKA_TOKEN, CKA_GNOME_USER_TRUST, CKA_START_DATE, CKA_END_DATE, CKA_EXTRACTABLE, CKA_VALUE};
 
 
 /* ---------------------------------------------------------------------------------
@@ -399,6 +399,7 @@
 	/* Create a new object */
 	_tmp3 = NULL;
 	cert = (_tmp3 = seahorse_pkcs11_certificate_new (object, attrs), (cert == NULL ? NULL : (cert = (g_object_unref (cert), NULL))), _tmp3);
+	seahorse_object_set_source (SEAHORSE_OBJECT (cert), SEAHORSE_SOURCE (self));
 	seahorse_context_add_object (seahorse_context_for_app (), SEAHORSE_OBJECT (cert));
 	(cert == NULL ? NULL : (cert = (g_object_unref (cert), NULL)));
 	(prev == NULL ? NULL : (prev = (g_object_unref (prev), NULL)));

Modified: trunk/pkcs11/seahorse-pkcs11-source.vala
==============================================================================
--- trunk/pkcs11/seahorse-pkcs11-source.vala	(original)
+++ trunk/pkcs11/seahorse-pkcs11-source.vala	Sat Nov 22 23:42:50 2008
@@ -11,7 +11,8 @@
 		P11.CKA_GNOME_USER_TRUST,
 		P11.CKA_START_DATE,
 		P11.CKA_END_DATE,
-		P11.CKA_EXTRACTABLE
+		P11.CKA_EXTRACTABLE,
+		P11.CKA_VALUE
 	};
 	
 	public class Source : Seahorse.Source {
@@ -427,6 +428,7 @@
 			
 			/* Create a new object */
 			cert = new Pkcs11.Certificate(object, attrs);
+			cert.source = this;
 			Context.for_app().add_object(cert);
 		}
 	}

Modified: trunk/pkcs11/vala-build.stamp
==============================================================================
--- trunk/pkcs11/vala-build.stamp	(original)
+++ trunk/pkcs11/vala-build.stamp	Sat Nov 22 23:42:50 2008
@@ -1 +1 @@
-1221605115
+1227394203

Modified: trunk/po/POTFILES.in
==============================================================================
--- trunk/po/POTFILES.in	(original)
+++ trunk/po/POTFILES.in	Sat Nov 22 23:42:50 2008
@@ -12,6 +12,10 @@
 gkr/seahorse-gkeyring-operation.c
 gkr/seahorse-gkeyring-source.c
 gkr/seahorse-gkr-commands.vala
+libcryptui/crui-x509-cert.c
+libcryptui/crui-x509-cert-basics.c
+libcryptui/crui-x509-cert-basics.glade
+libcryptui/crui-x509-cert-dialog.c
 libcryptui/cryptui-key-chooser.c
 libcryptui/cryptui-key-list.c
 libegg/egg-datetime.c
@@ -32,7 +36,8 @@
 libseahorse/seahorse-validity.c
 libseahorse/seahorse-widget.c
 libcryptui/cryptui.c
-pkcs11/seahorse-pkcs11-certificate.vala
+pkcs11/seahorse-pkcs11-commands.c
+pkcs11/seahorse-pkcs11-certificate.c
 pkcs11/seahorse-pkcs11-source.vala
 pgp/seahorse-add-subkey.glade
 pgp/seahorse-add-uid.glade

Modified: trunk/po/POTFILES.skip
==============================================================================
--- trunk/po/POTFILES.skip	(original)
+++ trunk/po/POTFILES.skip	Sat Nov 22 23:42:50 2008
@@ -1,4 +1,5 @@
 gkr/seahorse-gkr-commands.c
+libcryptui/crui-x509-cert-basics.ui
 pkcs11/seahorse-pkcs11-certificate.c
 pkcs11/seahorse-pkcs11-source.c
 pgp/seahorse-pgp-commands.c



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]