[network-manager-applet/lr/pkcs11: 9/24] libnma: add a certificate picker interface



commit 35637a528175e90141f5644dbb5618cd93162f94
Author: Lubomir Rintel <lkundrak v3 sk>
Date:   Thu Mar 2 17:25:41 2017 +0100

    libnma: add a certificate picker interface
    
    A grid with certificate & key pair optionally with passwords.
    The idea is to provide reusable interface for the 802.1x and VPN plugins
    that can be backed by a simple file-base chooser or a PKCS#11 based
    chooser. The API is designed with possible future Gcr certificate chooser
    in mind.
    
    This is available from libnm-gtk too, since the wireless-security
    library will make use for it. It still resides in the libnma/ tree not
    to introduce complexity into how the tree is organized for the sake of a
    legacy component.

 Makefile.am                     |   10 +-
 libnma-docs.xml                 |    6 +
 src/libnm-gtk/libnm-gtk.ver     |   22 ++
 src/libnm-gtk/nm-cert-chooser.h |  216 ++++++++++++++
 src/libnma/libnma.ver           |   22 ++
 src/libnma/nma-cert-chooser.c   |  585 +++++++++++++++++++++++++++++++++++++++
 src/libnma/nma-cert-chooser.h   |  239 ++++++++++++++++
 7 files changed, 1097 insertions(+), 3 deletions(-)
---
diff --git a/Makefile.am b/Makefile.am
index fdd40d5..f62cb3e 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -350,7 +350,8 @@ libnm_gtk_h_pub = \
        src/libnm-gtk/nm-mobile-wizard.h \
        src/libnm-gtk/nm-ui-utils.h \
        src/libnm-gtk/nm-mobile-providers.h \
-       src/libnm-gtk/nm-vpn-password-dialog.h
+       src/libnm-gtk/nm-vpn-password-dialog.h \
+       src/libnm-gtk/nm-cert-chooser.h
 
 libnm_gtk_c_real = \
        src/libnm-gtk/nm-wifi-dialog.c \
@@ -359,6 +360,7 @@ libnm_gtk_c_real = \
        src/libnm-gtk/nm-ui-utils.c \
        src/libnm-gtk/nm-mobile-providers.c \
        src/libnm-gtk/nm-vpn-password-dialog.c \
+       src/libnma/nma-cert-chooser.c \
        src/libnm-gtk/init.c
 
 src_libnm_gtk_libnmgtkdir = $(includedir)/libnm-gtk
@@ -479,7 +481,8 @@ libnma_h_pub = \
        src/libnma/nma-mobile-wizard.h \
        src/libnma/nma-mobile-providers.h \
        src/libnma/nma-vpn-password-dialog.h \
-       src/libnma/nma-ui-utils.h
+       src/libnma/nma-ui-utils.h \
+       src/libnma/nma-cert-chooser.h
 
 libnma_c_real = \
        src/libnma/nma-wifi-dialog.c \
@@ -487,7 +490,8 @@ libnma_c_real = \
        src/libnma/nma-mobile-providers.c \
        src/libnma/nma-vpn-password-dialog.c \
        src/libnma/nma-ui-utils.c \
-       src/libnma/init.c
+       src/libnma/init.c \
+       src/libnma/nma-cert-chooser.c
 
 src_libnma_libnmadir = $(includedir)/libnma
 
diff --git a/libnma-docs.xml b/libnma-docs.xml
index 0ef92e1..fdcfb38 100644
--- a/libnma-docs.xml
+++ b/libnma-docs.xml
@@ -50,6 +50,7 @@
     <xi:include href="xml/nma-mobile-providers.xml"/>
     <xi:include href="xml/nma-vpn-password-dialog.xml"/>
     <xi:include href="xml/nma-wifi-dialog.xml"/>
+    <xi:include href="xml/nma-cert-chooser.xml"/>
   </chapter>
 
   <chapter id="object-tree">
@@ -62,6 +63,11 @@
     <xi:include href="xml/api-index-full.xml"><xi:fallback /></xi:include>
   </index>
 
+  <index id="api-index-1.8.0">
+    <title>Index of API available in version 1.8.0</title>
+    <xi:include href="api-index-1.8.0.xml"><xi:fallback /></xi:include>
+  </index>
+
   <index id="deprecated-api-index" role="deprecated">
     <title>Index of deprecated API</title>
     <xi:include href="xml/api-index-deprecated.xml"><xi:fallback /></xi:include>
diff --git a/src/libnm-gtk/libnm-gtk.ver b/src/libnm-gtk/libnm-gtk.ver
index 769450e..415c9ca 100644
--- a/src/libnm-gtk/libnm-gtk.ver
+++ b/src/libnm-gtk/libnm-gtk.ver
@@ -14,3 +14,25 @@ local:
        nm[^a]*;
        nma[^_]*;
 };
+
+libnm_gtk_1_8_0 {
+global:
+       nma_cert_chooser_add_to_size_group;
+       nma_cert_chooser_get_cert;
+       nma_cert_chooser_get_cert_password;
+       nma_cert_chooser_get_cert_password_flags;
+       nma_cert_chooser_get_key;
+       nma_cert_chooser_get_key_password;
+       nma_cert_chooser_get_key_password_flags;
+       nma_cert_chooser_get_type;
+       nma_cert_chooser_new;
+       nma_cert_chooser_set_cert;
+       nma_cert_chooser_set_cert_password;
+       nma_cert_chooser_set_key;
+       nma_cert_chooser_set_key_password;
+       nma_cert_chooser_setup_cert_password_storage;
+       nma_cert_chooser_setup_key_password_storage;
+       nma_cert_chooser_update_cert_password_storage;
+       nma_cert_chooser_update_key_password_storage;
+       nma_cert_chooser_validate;
+} libnm_gtk_1_0_6;
diff --git a/src/libnm-gtk/nm-cert-chooser.h b/src/libnm-gtk/nm-cert-chooser.h
new file mode 100644
index 0000000..824c9b6
--- /dev/null
+++ b/src/libnm-gtk/nm-cert-chooser.h
@@ -0,0 +1,216 @@
+/* NetworkManager Applet -- allow user control over networking
+ *
+ * Lubomir Rintel <lkundrak v3 sk>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+ * Boston, MA 02110-1301 USA.
+ *
+ * Copyright (C) 2015,2017 Red Hat, Inc.
+ */
+
+#ifndef NMA_CERT_CHOOSER_H
+#define NMA_CERT_CHOOSER_H
+
+#include <gtk/gtk.h>
+#include <NetworkManager.h>
+
+G_BEGIN_DECLS
+
+#define NMA_TYPE_CERT_CHOOSER                   (nma_cert_chooser_get_type ())
+#define NMA_CERT_CHOOSER(obj)                   (G_TYPE_CHECK_INSTANCE_CAST ((obj), NMA_TYPE_CERT_CHOOSER, 
NMACertChooser))
+#define NMA_IS_CERT_CHOOSER(obj)                (G_TYPE_CHECK_INSTANCE_TYPE ((obj), NMA_TYPE_CERT_CHOOSER))
+#define NMA_CERT_CHOOSER_GET_INTERFACE(obj)     (G_TYPE_INSTANCE_GET_INTERFACE ((obj), 
NMA_TYPE_CERT_CHOOSER, NMACertChooserInterface))
+
+typedef struct _NMACertChooser NMACertChooser;
+
+/**
+ * NMACertChooserInterface:
+ * @parent_iface: The parent interface.
+ * @set_cert: Set the certificate location for the chooser button.
+ * @get_cert: Get the real certificate location from the chooser button along
+ *   with the scheme.
+ * @set_cert_password: Set the password or a PIN that might be required to
+ *   access the certificate.
+ * @get_cert_password: Obtain the password or a PIN that was be required to
+ *   access the certificate.
+ * @set_key: Set the key location for the chooser button.
+ * @get_key: Get the real key location from the chooser button along with the
+ *   scheme.
+ * @set_key_password: Set the password or a PIN that might be required to
+ *   access the key.
+ * @get_key_password: Obtain the password or a PIN that was be required to
+ *   access the key.
+ * @add_to_size_group: Add the labels to the specified size group so that they
+ *   are aligned.
+ * @validate: Validate whether the chosen values make sense.
+ * @setup_cert_password_storage: Set up certificate password storage.
+ * @update_cert_password_storage: Update certificate password storage.
+ * @get_cert_password_flags: Return secret flags corresponding to the
+ *   certificate password if one is present.
+ * @setup_key_password_storage: Set up key password storage.
+ * @update_key_password_storage: Update key password storage.
+ * @get_key_password_flags: Returns secret flags corresponding to the key
+ *   password if one is present.
+ * @cert_validate: Emitted when the certificate needs validation.
+ * @cert_password_validate: Emitted when the certificate password needs
+ *   validation.
+ * @key_validate: Emitted when the key needs validation.
+ * @key_password_validate: Emitted when the key password needs validation.
+ * @changed: Emitted when anything changes in the certificate chooser.
+ *
+ * Since: 1.8.0
+ */
+typedef struct {
+       GTypeInterface parent_iface;
+
+       /* virtual methods */
+       void                 (*set_cert)                     (NMACertChooser *cert_chooser,
+                                                             const gchar *value,
+                                                             NMSetting8021xCKScheme scheme);
+       gchar               *(*get_cert)                     (NMACertChooser *cert_chooser,
+                                                             NMSetting8021xCKScheme *scheme);
+       void                 (*set_cert_password)            (NMACertChooser *cert_chooser,
+                                                             const gchar *password);
+       const gchar         *(*get_cert_password)            (NMACertChooser *cert_chooser);
+       void                 (*set_key)                      (NMACertChooser *cert_chooser,
+                                                             const gchar *value,
+                                                             NMSetting8021xCKScheme scheme);
+       gchar               *(*get_key)                      (NMACertChooser *cert_chooser,
+                                                             NMSetting8021xCKScheme *scheme);
+       void                 (*set_key_password)             (NMACertChooser *cert_chooser,
+                                                             const gchar *password);
+       const gchar         *(*get_key_password)             (NMACertChooser *cert_chooser);
+
+       void                 (*add_to_size_group)            (NMACertChooser *cert_chooser,
+                                                             GtkSizeGroup *group);
+       gboolean             (*validate)                     (NMACertChooser *cert_chooser,
+                                                             GError **error);
+
+       void                 (*setup_cert_password_storage)  (NMACertChooser *cert_chooser,
+                                                             NMSettingSecretFlags initial_flags,
+                                                             NMSetting *setting,
+                                                             const char *password_flags_name,
+                                                             gboolean with_not_required,
+                                                             gboolean ask_mode);
+       void                 (*update_cert_password_storage) (NMACertChooser *cert_chooser,
+                                                             NMSettingSecretFlags secret_flags,
+                                                             NMSetting *setting,
+                                                             const char *password_flags_name);
+       NMSettingSecretFlags (*get_cert_password_flags)      (NMACertChooser *cert_chooser);
+       void                 (*setup_key_password_storage)   (NMACertChooser *cert_chooser,
+                                                             NMSettingSecretFlags initial_flags,
+                                                             NMSetting *setting,
+                                                             const char *password_flags_name,
+                                                             gboolean with_not_required,
+                                                             gboolean ask_mode);
+       void                 (*update_key_password_storage)  (NMACertChooser *cert_chooser,
+                                                             NMSettingSecretFlags secret_flags,
+                                                             NMSetting *setting,
+                                                             const char *password_flags_name);
+       NMSettingSecretFlags (*get_key_password_flags)       (NMACertChooser *cert_chooser);
+
+       /* signals */
+       GError      *(*cert_validate)                        (NMACertChooser *cert_chooser);
+       GError      *(*cert_password_validate)               (NMACertChooser *cert_chooser);
+       GError      *(*key_validate)                         (NMACertChooser *cert_chooser);
+       GError      *(*key_password_validate)                (NMACertChooser *cert_chooser);
+       void         (*changed)                              (NMACertChooser *cert_chooser);
+} NMACertChooserInterface;
+
+/**
+ * NMACertChooserFlags:
+ * @NMA_CERT_CHOOSER_FLAG_CERT: Only pick a certificate, not a key
+ * @NMA_CERT_CHOOSER_FLAG_PASSWORDS: Hide all controls but the secrets entries
+ * @NMA_CERT_CHOOSER_FLAG_PEM: Ensure the chooser only selects regular PEM files
+ *
+ * Flags that controls what is the certificate chooser button able to pick.
+ * Currently only local files are supported, but might be extended to use URIs,
+ * such as PKCS\#11 certificate URIs in future as well.
+ *
+ * Since: 1.8.0
+ */
+typedef enum {
+       NMA_CERT_CHOOSER_FLAG_CERT      = 0x1,
+       NMA_CERT_CHOOSER_FLAG_PASSWORDS = 0x2,
+       NMA_CERT_CHOOSER_FLAG_PEM       = 0x4,
+} NMACertChooserFlags;
+
+GType                nma_cert_chooser_get_type                     (void);
+
+void                 nma_cert_chooser_set_cert                     (NMACertChooser *cert_chooser,
+                                                                    const gchar *value,
+                                                                    NMSetting8021xCKScheme scheme);
+
+gchar               *nma_cert_chooser_get_cert                     (NMACertChooser *cert_chooser,
+                                                                    NMSetting8021xCKScheme *scheme);
+
+void                 nma_cert_chooser_set_cert_password            (NMACertChooser *cert_chooser,
+                                                                    const gchar *password);
+
+const gchar         *nma_cert_chooser_get_cert_password            (NMACertChooser *cert_chooser);
+
+void                 nma_cert_chooser_set_key                      (NMACertChooser *cert_chooser,
+                                                                    const gchar *value,
+                                                                    NMSetting8021xCKScheme scheme);
+
+gchar               *nma_cert_chooser_get_key                      (NMACertChooser *cert_chooser,
+                                                                    NMSetting8021xCKScheme *scheme);
+
+void                 nma_cert_chooser_set_key_password             (NMACertChooser *cert_chooser,
+                                                                    const gchar *password);
+
+const gchar         *nma_cert_chooser_get_key_password             (NMACertChooser *cert_chooser);
+
+GtkWidget           *nma_cert_chooser_new                          (const gchar *title,
+                                                                    NMACertChooserFlags flags);
+
+
+void                 nma_cert_chooser_add_to_size_group            (NMACertChooser *cert_chooser,
+                                                                    GtkSizeGroup *group);
+
+gboolean             nma_cert_chooser_validate                     (NMACertChooser *cert_chooser,
+                                                                    GError **error);
+
+void                 nma_cert_chooser_setup_cert_password_storage  (NMACertChooser *cert_chooser,
+                                                                    NMSettingSecretFlags initial_flags,
+                                                                    NMSetting *setting,
+                                                                    const char *password_flags_name,
+                                                                    gboolean with_not_required,
+                                                                    gboolean ask_mode);
+
+void                 nma_cert_chooser_update_cert_password_storage (NMACertChooser *cert_chooser,
+                                                                    NMSettingSecretFlags secret_flags,
+                                                                    NMSetting *setting,
+                                                                    const char *password_flags_name);
+
+NMSettingSecretFlags nma_cert_chooser_get_cert_password_flags      (NMACertChooser *cert_chooser);
+
+void                 nma_cert_chooser_setup_key_password_storage   (NMACertChooser *cert_chooser,
+                                                                    NMSettingSecretFlags initial_flags,
+                                                                    NMSetting *setting,
+                                                                    const char *password_flags_name,
+                                                                    gboolean with_not_required,
+                                                                    gboolean ask_mode);
+
+void                 nma_cert_chooser_update_key_password_storage  (NMACertChooser *cert_chooser,
+                                                                    NMSettingSecretFlags secret_flags,
+                                                                    NMSetting *setting,
+                                                                    const char *password_flags_name);
+
+NMSettingSecretFlags nma_cert_chooser_get_key_password_flags       (NMACertChooser *cert_chooser);
+
+G_END_DECLS
+
+#endif /* NMA_CERT_CHOOSER_H */
diff --git a/src/libnma/libnma.ver b/src/libnma/libnma.ver
index 30ea6b9..90b89f3 100644
--- a/src/libnma/libnma.ver
+++ b/src/libnma/libnma.ver
@@ -69,3 +69,25 @@ global:
 local:
        *;
 };
+
+libnma_1_8_0 {
+global:
+       nma_cert_chooser_add_to_size_group;
+       nma_cert_chooser_get_cert;
+       nma_cert_chooser_get_cert_password;
+       nma_cert_chooser_get_cert_password_flags;
+       nma_cert_chooser_get_key;
+       nma_cert_chooser_get_key_password;
+       nma_cert_chooser_get_key_password_flags;
+       nma_cert_chooser_get_type;
+       nma_cert_chooser_new;
+       nma_cert_chooser_set_cert;
+       nma_cert_chooser_set_cert_password;
+       nma_cert_chooser_set_key;
+       nma_cert_chooser_set_key_password;
+       nma_cert_chooser_setup_cert_password_storage;
+       nma_cert_chooser_setup_key_password_storage;
+       nma_cert_chooser_update_cert_password_storage;
+       nma_cert_chooser_update_key_password_storage;
+       nma_cert_chooser_validate;
+} libnma_1_2_0;
diff --git a/src/libnma/nma-cert-chooser.c b/src/libnma/nma-cert-chooser.c
new file mode 100644
index 0000000..8003d82
--- /dev/null
+++ b/src/libnma/nma-cert-chooser.c
@@ -0,0 +1,585 @@
+/* NetworkManager Applet -- allow user control over networking
+ *
+ * Lubomir Rintel <lkundrak v3 sk>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+ * Boston, MA 02110-1301 USA.
+ *
+ * Copyright (C) 2017 Red Hat, Inc.
+ */
+
+#include "nm-default.h"
+#include "nma-cert-chooser.h"
+
+/**
+ * SECTION:nma-cert-chooser
+ * @title: NMACertChooser
+ *
+ * Certificate chooser allows for selection of a certificate or
+ * various schemes optionally accompanied with a key and passwords
+ * or PIN.
+ *
+ * The widgets that implement this interface may allow selecting
+ * the certificates from various sources such as files or cryptographic
+ * tokens.
+ */
+
+enum {
+       CERT_VALIDATE,
+       CERT_PASSWORD_VALIDATE,
+       KEY_VALIDATE,
+       KEY_PASSWORD_VALIDATE,
+       CHANGED,
+       LAST_SIGNAL,
+};
+
+static guint signals[LAST_SIGNAL] = { 0 };
+
+G_DEFINE_INTERFACE (NMACertChooser, nma_cert_chooser, G_TYPE_OBJECT)
+
+static gboolean
+accu_validation_error (GSignalInvocationHint *ihint,
+                       GValue *return_accu,
+                       const GValue *handler_return,
+                       gpointer data)
+{
+       if (g_value_get_boxed (handler_return)) {
+               g_value_copy (handler_return, return_accu);
+               return FALSE;
+       }
+
+       return TRUE;
+}
+
+static void
+nma_cert_chooser_default_init (NMACertChooserInterface *cert_chooser_iface)
+{
+       static volatile gsize initialized = 0;
+
+       if (!g_once_init_enter (&initialized))
+               return;
+
+       /**
+        * NMACertChooser::cert-validate:
+        *
+        * Emitted when the certificate needs validation. The handlers can indicate that
+        * the certificate is invalid by returning an error, which blocks further
+        * signal processing and causes a call to nma_cert_chooser_validate()
+        * to fail.
+        *
+        * Since: 1.8.0
+        */
+       signals[CERT_VALIDATE] = g_signal_new ("cert-validate",
+                                              NMA_TYPE_CERT_CHOOSER,
+                                              G_SIGNAL_RUN_LAST,
+                                              G_STRUCT_OFFSET (NMACertChooserInterface, cert_validate),
+                                              accu_validation_error, NULL, NULL,
+                                              G_TYPE_ERROR, 0);
+
+       /**
+        * NMACertChooser::cert-password-validate:
+        *
+        * Emitted when the certificate password needs validation. The handlers
+        * can indicate that the password is invalid by returning an error, which blocks further
+        * signal processing and causes a call to nma_cert_chooser_validate()
+        * to fail.
+        *
+        * Since: 1.8.0
+        */
+       signals[CERT_PASSWORD_VALIDATE] = g_signal_new ("cert-password-validate",
+                                                       NMA_TYPE_CERT_CHOOSER,
+                                                       G_SIGNAL_RUN_LAST,
+                                                       G_STRUCT_OFFSET (NMACertChooserInterface, 
cert_password_validate),
+                                                       accu_validation_error, NULL, NULL,
+                                                       G_TYPE_ERROR, 0);
+
+       /**
+        * NMACertChooser::key-validate:
+        *
+        * Emitted when the key needs validation. The handlers can indicate that
+        * the key is invalid by returning an error, which blocks further
+        * signal processing and causes a call to nma_cert_chooser_validate()
+        * to fail.
+        *
+        * Since: 1.8.0
+        */
+       signals[KEY_VALIDATE] = g_signal_new ("key-validate",
+                                             NMA_TYPE_CERT_CHOOSER,
+                                             G_SIGNAL_RUN_LAST,
+                                             G_STRUCT_OFFSET (NMACertChooserInterface, key_validate),
+                                             accu_validation_error, NULL, NULL,
+                                             G_TYPE_ERROR, 0);
+
+       /**
+        * NMACertChooser::key-password-validate:
+        *
+        * Emitted when the key password needs validation. The handlers can indicate
+        * that the password is invalid by returning an error, which blocks further
+        * signal processing and causes a call to nma_cert_chooser_validate()
+        * to fail.
+        *
+        * Since: 1.8.0
+        */
+       signals[KEY_PASSWORD_VALIDATE] = g_signal_new ("key-password-validate",
+                                                      NMA_TYPE_CERT_CHOOSER,
+                                                      G_SIGNAL_RUN_LAST,
+                                                      G_STRUCT_OFFSET (NMACertChooserInterface, 
key_password_validate),
+                                                      accu_validation_error, NULL, NULL,
+                                                      G_TYPE_ERROR, 0);
+
+       /**
+        * NMACertChooser::changed:
+        *
+        * Emitted when anything changes in the certificate chooser, be it a certificate,
+        * a key or associated passwords.
+        *
+        * Since: 1.8.0
+        */
+       signals[CHANGED] = g_signal_new ("changed",
+                                        NMA_TYPE_CERT_CHOOSER,
+                                        G_SIGNAL_RUN_LAST | G_SIGNAL_NO_RECURSE,
+                                        G_STRUCT_OFFSET (NMACertChooserInterface, changed),
+                                        NULL, NULL, NULL,
+                                        G_TYPE_NONE, 0);
+
+       g_once_init_leave (&initialized, 1);
+}
+
+/**
+ * nma_cert_chooser_set_cert:
+ * @cert_chooser: certificate chooser button instance
+ * @value: the path or URI of a certificate
+ * @scheme: the scheme of the certificate path
+ *
+ * Sets the certificate location for the chooser button.
+ *
+ * Since: 1.8.0
+ */
+void
+nma_cert_chooser_set_cert (NMACertChooser *cert_chooser, const gchar *value, NMSetting8021xCKScheme scheme)
+{
+       NMACertChooserInterface *iface = NMA_CERT_CHOOSER_GET_INTERFACE (cert_chooser);
+
+       g_return_if_fail (NMA_IS_CERT_CHOOSER (cert_chooser));
+
+       if (!iface->set_cert)
+               return;
+       iface->set_cert (cert_chooser, value, scheme);
+}
+
+/**
+ * nma_cert_chooser_get_cert:
+ * @cert_chooser: certificate chooser button instance
+ * @scheme: (out): the scheme of the returned certificate path
+ *
+ * Gets the real certificate location from the chooser button along with the scheme.
+ *
+ * Returns: the certificate path
+ *
+ * Since: 1.8.0
+ */
+gchar *
+nma_cert_chooser_get_cert (NMACertChooser *cert_chooser, NMSetting8021xCKScheme *scheme)
+{
+       NMACertChooserInterface *iface = NMA_CERT_CHOOSER_GET_INTERFACE (cert_chooser);
+
+       g_return_val_if_fail (NMA_IS_CERT_CHOOSER (cert_chooser), NULL);
+       g_return_val_if_fail (iface->get_cert, NULL);
+
+       return iface->get_cert (cert_chooser, scheme);
+}
+
+/**
+ * nma_cert_chooser_set_cert_password:
+ * @cert_chooser: certificate chooser button instance
+ * @password: the certificate PIN or password
+ *
+ * Sets the password or a PIN that might be required to access the certificate.
+ *
+ * Since: 1.8.0
+ */
+void
+nma_cert_chooser_set_cert_password (NMACertChooser *cert_chooser, const gchar *password)
+{
+       NMACertChooserInterface *iface = NMA_CERT_CHOOSER_GET_INTERFACE (cert_chooser);
+
+       g_return_if_fail (NMA_IS_CERT_CHOOSER (cert_chooser));
+
+       if (iface->set_cert_password)
+               iface->set_cert_password (cert_chooser, password);
+       else
+               g_warning ("Can't set certificate password");
+}
+
+/**
+ * nma_cert_chooser_get_cert_password:
+ * @cert_chooser: certificate chooser button instance
+ *
+ * Obtains the password or a PIN that was be required to access the certificate.
+ *
+ * Returns: the certificate PIN or password
+ *
+ * Since: 1.8.0
+ */
+const gchar *
+nma_cert_chooser_get_cert_password (NMACertChooser *cert_chooser)
+{
+       NMACertChooserInterface *iface = NMA_CERT_CHOOSER_GET_INTERFACE (cert_chooser);
+
+       g_return_val_if_fail (NMA_IS_CERT_CHOOSER (cert_chooser), NULL);
+
+       if (!iface->get_cert_password)
+               return NULL;
+       return iface->get_cert_password (cert_chooser);
+}
+
+
+/**
+ * nma_cert_chooser_set_key:
+ * @cert_chooser: certificate chooser button instance
+ * @value: the path or URI of a key
+ * @scheme: the scheme of the key path
+ *
+ * Sets the key location for the chooser button.
+ *
+ * Since: 1.8.0
+ */
+void
+nma_cert_chooser_set_key (NMACertChooser *cert_chooser, const gchar *value, NMSetting8021xCKScheme scheme)
+{
+       NMACertChooserInterface *iface = NMA_CERT_CHOOSER_GET_INTERFACE (cert_chooser);
+
+       g_return_if_fail (NMA_IS_CERT_CHOOSER (cert_chooser));
+
+       if (!iface->set_key)
+               return;
+       iface->set_key (cert_chooser, value, scheme);
+}
+
+/**
+ * nma_cert_chooser_get_key:
+ * @cert_chooser: certificate chooser button instance
+ * @scheme: (out): the scheme of the returned key path
+ *
+ * Gets the real key location from the chooser button along with the scheme.
+ *
+ * Returns: the key path
+ *
+ * Since: 1.8.0
+ */
+gchar *
+nma_cert_chooser_get_key (NMACertChooser *cert_chooser, NMSetting8021xCKScheme *scheme)
+{
+       NMACertChooserInterface *iface = NMA_CERT_CHOOSER_GET_INTERFACE (cert_chooser);
+
+       g_return_val_if_fail (NMA_IS_CERT_CHOOSER (cert_chooser), NULL);
+       g_return_val_if_fail (iface->get_key, NULL);
+
+       return iface->get_key (cert_chooser, scheme);
+}
+
+/**
+ * nma_cert_chooser_set_key_password:
+ * @cert_chooser: certificate chooser button instance
+ * @password: the key PIN or password
+ *
+ * Sets the password or a PIN that might be required to access the key.
+ *
+ * Since: 1.8.0
+ */
+void
+nma_cert_chooser_set_key_password (NMACertChooser *cert_chooser, const gchar *password)
+{
+       NMACertChooserInterface *iface = NMA_CERT_CHOOSER_GET_INTERFACE (cert_chooser);
+
+       g_return_if_fail (NMA_IS_CERT_CHOOSER (cert_chooser));
+       g_return_if_fail (iface->set_key_password);
+
+       iface->set_key_password (cert_chooser, password);
+}
+
+/**
+ * nma_cert_chooser_get_key_password:
+ * @cert_chooser: certificate chooser button instance
+ *
+ * Obtains the password or a PIN that was be required to access the key.
+ *
+ * Returns: the key PIN or password
+ *
+ * Since: 1.8.0
+ */
+const gchar *
+nma_cert_chooser_get_key_password (NMACertChooser *cert_chooser)
+{
+       NMACertChooserInterface *iface = NMA_CERT_CHOOSER_GET_INTERFACE (cert_chooser);
+
+       g_return_val_if_fail (NMA_IS_CERT_CHOOSER (cert_chooser), NULL);
+
+       if (!iface->get_key_password)
+               return NULL;
+       return iface->get_key_password (cert_chooser);
+}
+
+/**
+ * nma_cert_chooser_add_to_size_group:
+ * @cert_chooser: certificate chooser button instance
+ * @group: a size group
+ *
+ * Adds the labels to the specified size group so that they are aligned
+ * nicely with other entries in a form.
+ *
+ * It is expected that the NMACertChooser is a GtkGrid with two columns
+ * with the labels in the first one.
+ *
+ * Since: 1.8.0
+ */
+void
+nma_cert_chooser_add_to_size_group (NMACertChooser *cert_chooser, GtkSizeGroup *group)
+{
+       NMACertChooserInterface *iface = NMA_CERT_CHOOSER_GET_INTERFACE (cert_chooser);
+
+       g_return_if_fail (NMA_IS_CERT_CHOOSER (cert_chooser));
+
+       if (iface->add_to_size_group)
+               iface->add_to_size_group (cert_chooser, group);
+}
+
+/**
+ * nma_cert_chooser_validate:
+ * @cert_chooser: certificate chooser button instance
+ * @error: error return location
+ *
+ * Validates whether the chosen values make sense. The users can do further
+ * validation by subscribing to the "*-changed" signals and returning an
+ * error themselves.
+ *
+ * Returns: %TRUE if validation passes, %FALSE otherwise
+ *
+ * Since: 1.8.0
+ */
+gboolean
+nma_cert_chooser_validate (NMACertChooser *cert_chooser, GError **error)
+{
+       NMACertChooserInterface *iface = NMA_CERT_CHOOSER_GET_INTERFACE (cert_chooser);
+
+       g_return_val_if_fail (NMA_IS_CERT_CHOOSER (cert_chooser), TRUE);
+
+       if (!iface->validate)
+               return TRUE;
+       return iface->validate (cert_chooser, error);
+}
+
+/**
+ * nma_cert_chooser_setup_cert_password_storage:
+ * @cert_chooser: certificate chooser button instance
+ * @initial_flags: initial secret flags to setup password menu from
+ * @setting: #NMSetting containing the password, or NULL
+ * @password_flags_name: name of the secret flags (like psk-flags), or NULL
+ * @with_not_required: whether to include "Not required" menu item
+ * @ask_mode: %TRUE if the entry is shown in ASK mode
+ *
+ * This method basically calls nma_utils_setup_password_storage()
+ * on the certificate password entry, in case one is present.
+ *
+ * Since: 1.8.0
+ */
+void
+nma_cert_chooser_setup_cert_password_storage (NMACertChooser *cert_chooser,
+                                              NMSettingSecretFlags initial_flags,
+                                              NMSetting *setting,
+                                              const char *password_flags_name,
+                                              gboolean with_not_required,
+                                              gboolean ask_mode)
+{
+       NMACertChooserInterface *iface = NMA_CERT_CHOOSER_GET_INTERFACE (cert_chooser);
+
+       g_return_if_fail (NMA_IS_CERT_CHOOSER (cert_chooser));
+
+       if (iface->setup_cert_password_storage) {
+               iface->setup_cert_password_storage (cert_chooser,
+                                                   initial_flags,
+                                                   setting,
+                                                   password_flags_name,
+                                                   with_not_required,
+                                                   ask_mode);
+       }
+}
+
+/**
+ * nma_cert_chooser_update_cert_password_storage:
+ * @cert_chooser: certificate chooser button instance
+ * @secret_flags: secret flags to set
+ * @setting: #NMSetting containing the password, or NULL
+ * @password_flags_name: name of the secret flags (like psk-flags), or NULL
+ *
+ * This method basically calls nma_utils_update_password_storage()
+ * on the certificate password entry, in case one is present.
+ *
+ * Since: 1.8.0
+ */
+void
+nma_cert_chooser_update_cert_password_storage (NMACertChooser *cert_chooser,
+                                               NMSettingSecretFlags secret_flags,
+                                               NMSetting *setting,
+                                               const char *password_flags_name)
+{
+       NMACertChooserInterface *iface = NMA_CERT_CHOOSER_GET_INTERFACE (cert_chooser);
+
+       g_return_if_fail (NMA_IS_CERT_CHOOSER (cert_chooser));
+
+       if (iface->update_cert_password_storage) {
+               iface->update_cert_password_storage (cert_chooser,
+                                                    secret_flags,
+                                                    setting,
+                                                    password_flags_name);
+       }
+}
+
+/**
+ * nma_cert_chooser_get_cert_password_flags:
+ * @cert_chooser: certificate chooser button instance
+ *
+ * Returns secret flags corresponding to the certificate password
+ * if one is present. The chooser would typically call into
+ * nma_utils_menu_to_secret_flags() for the certificate password
+ * entry.
+ *
+ * Returns: secret flags corresponding to the certificate password
+ *
+ * Since: 1.8.0
+ */
+NMSettingSecretFlags
+nma_cert_chooser_get_cert_password_flags (NMACertChooser *cert_chooser)
+{
+       NMACertChooserInterface *iface = NMA_CERT_CHOOSER_GET_INTERFACE (cert_chooser);
+
+       g_return_val_if_fail (NMA_IS_CERT_CHOOSER (cert_chooser),
+                             NM_SETTING_SECRET_FLAG_NONE);
+
+       if (!iface->get_cert_password_flags)
+               return NM_SETTING_SECRET_FLAG_NONE;
+       return iface->get_cert_password_flags (cert_chooser);
+}
+
+
+/**
+ * nma_cert_chooser_setup_key_password_storage:
+ * @cert_chooser: certificate chooser button instance
+ * @initial_flags: initial secret flags to setup password menu from
+ * @setting: #NMSetting containing the password, or NULL
+ * @password_flags_name: name of the secret flags (like psk-flags), or NULL
+ * @with_not_required: whether to include "Not required" menu item
+ * @ask_mode: %TRUE if the entry is shown in ASK mode
+ *
+ * This method basically calls nma_utils_setup_password_storage()
+ * on the key password entry, in case one is present.
+ *
+ * Since: 1.8.0
+ */
+void
+nma_cert_chooser_setup_key_password_storage (NMACertChooser *cert_chooser,
+                                             NMSettingSecretFlags initial_flags,
+                                             NMSetting *setting,
+                                             const char *password_flags_name,
+                                             gboolean with_not_required,
+                                             gboolean ask_mode)
+{
+       NMACertChooserInterface *iface = NMA_CERT_CHOOSER_GET_INTERFACE (cert_chooser);
+
+       g_return_if_fail (NMA_IS_CERT_CHOOSER (cert_chooser));
+
+       if (iface->setup_key_password_storage) {
+               iface->setup_key_password_storage (cert_chooser,
+                                                  initial_flags,
+                                                  setting,
+                                                  password_flags_name,
+                                                  with_not_required,
+                                                  ask_mode);
+       }
+}
+
+/**
+ * nma_cert_chooser_update_key_password_storage:
+ * @cert_chooser: certificate chooser button instance
+ * @secret_flags: secret flags to set
+ * @setting: #NMSetting containing the password, or NULL
+ * @password_flags_name: name of the secret flags (like psk-flags), or NULL
+ *
+ * This method basically calls nma_utils_update_password_storage()
+ * on the key password entry, in case one is present.
+ *
+ * Since: 1.8.0
+ */
+void
+nma_cert_chooser_update_key_password_storage (NMACertChooser *cert_chooser,
+                                               NMSettingSecretFlags secret_flags,
+                                               NMSetting *setting,
+                                               const char *password_flags_name)
+{
+       NMACertChooserInterface *iface = NMA_CERT_CHOOSER_GET_INTERFACE (cert_chooser);
+
+       g_return_if_fail (NMA_IS_CERT_CHOOSER (cert_chooser));
+
+       if (iface->update_key_password_storage) {
+               iface->update_key_password_storage (cert_chooser,
+                                                    secret_flags,
+                                                    setting,
+                                                    password_flags_name);
+       }
+}
+
+/**
+ * nma_cert_chooser_get_key_password_flags:
+ * @cert_chooser: certificate chooser button instance
+ *
+ * Returns secret flags corresponding to the key password
+ * if one is present. The chooser would typically call into
+ * nma_utils_menu_to_secret_flags() for the key password
+ * entry.
+ *
+ * Returns: secret flags corresponding to the key password
+ *
+ * Since: 1.8.0
+ */
+NMSettingSecretFlags
+nma_cert_chooser_get_key_password_flags (NMACertChooser *cert_chooser)
+{
+       NMACertChooserInterface *iface = NMA_CERT_CHOOSER_GET_INTERFACE (cert_chooser);
+
+       g_return_val_if_fail (NMA_IS_CERT_CHOOSER (cert_chooser),
+                             NM_SETTING_SECRET_FLAG_NONE);
+
+       if (!iface->get_key_password_flags)
+               return NM_SETTING_SECRET_FLAG_NONE;
+       return iface->get_key_password_flags (cert_chooser);
+}
+
+/**
+ * nma_cert_chooser_new:
+ * @title: title of the certificate chooser dialog
+ * @flags: the flags that configure the capabilities of the button
+ *
+ * Constructs the button that is capable of selecting a certificate
+ * and a key.
+ *
+ * Returns: (transfer full): the certificate chooser button instance
+ *
+ * Since: 1.8.0
+ */
+GtkWidget *
+nma_cert_chooser_new (const gchar *title, NMACertChooserFlags flags)
+{
+       g_return_val_if_reached (NULL);
+}
diff --git a/src/libnma/nma-cert-chooser.h b/src/libnma/nma-cert-chooser.h
new file mode 100644
index 0000000..b30f6ac
--- /dev/null
+++ b/src/libnma/nma-cert-chooser.h
@@ -0,0 +1,239 @@
+/* NetworkManager Applet -- allow user control over networking
+ *
+ * Lubomir Rintel <lkundrak v3 sk>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+ * Boston, MA 02110-1301 USA.
+ *
+ * Copyright (C) 2015,2017 Red Hat, Inc.
+ */
+
+#ifndef NMA_CERT_CHOOSER_H
+#define NMA_CERT_CHOOSER_H
+
+#include <gtk/gtk.h>
+#include <NetworkManager.h>
+
+#include "nma-version.h"
+
+G_BEGIN_DECLS
+
+#define NMA_TYPE_CERT_CHOOSER                   (nma_cert_chooser_get_type ())
+#define NMA_CERT_CHOOSER(obj)                   (G_TYPE_CHECK_INSTANCE_CAST ((obj), NMA_TYPE_CERT_CHOOSER, 
NMACertChooser))
+#define NMA_IS_CERT_CHOOSER(obj)                (G_TYPE_CHECK_INSTANCE_TYPE ((obj), NMA_TYPE_CERT_CHOOSER))
+#define NMA_CERT_CHOOSER_GET_INTERFACE(obj)     (G_TYPE_INSTANCE_GET_INTERFACE ((obj), 
NMA_TYPE_CERT_CHOOSER, NMACertChooserInterface))
+
+NMA_AVAILABLE_IN_1_8
+typedef struct _NMACertChooser NMACertChooser;
+
+/**
+ * NMACertChooserInterface:
+ * @parent_iface: The parent interface.
+ * @set_cert: Set the certificate location for the chooser button.
+ * @get_cert: Get the real certificate location from the chooser button along
+ *   with the scheme.
+ * @set_cert_password: Set the password or a PIN that might be required to
+ *   access the certificate.
+ * @get_cert_password: Obtain the password or a PIN that was be required to
+ *   access the certificate.
+ * @set_key: Set the key location for the chooser button.
+ * @get_key: Get the real key location from the chooser button along with the
+ *   scheme.
+ * @set_key_password: Set the password or a PIN that might be required to
+ *   access the key.
+ * @get_key_password: Obtain the password or a PIN that was be required to
+ *   access the key.
+ * @add_to_size_group: Add the labels to the specified size group so that they
+ *   are aligned.
+ * @validate: Validate whether the chosen values make sense.
+ * @setup_cert_password_storage: Set up certificate password storage.
+ * @update_cert_password_storage: Update certificate password storage.
+ * @get_cert_password_flags: Return secret flags corresponding to the
+ *   certificate password if one is present.
+ * @setup_key_password_storage: Set up key password storage.
+ * @update_key_password_storage: Update key password storage.
+ * @get_key_password_flags: Returns secret flags corresponding to the key
+ *   password if one is present.
+ * @cert_validate: Emitted when the certificate needs validation.
+ * @cert_password_validate: Emitted when the certificate password needs
+ *   validation.
+ * @key_validate: Emitted when the key needs validation.
+ * @key_password_validate: Emitted when the key password needs validation.
+ * @changed: Emitted when anything changes in the certificate chooser.
+ *
+ * Since: 1.8.0
+ */
+NMA_AVAILABLE_IN_1_8
+typedef struct {
+       GTypeInterface parent_iface;
+
+       /* virtual methods */
+       void                 (*set_cert)                     (NMACertChooser *cert_chooser,
+                                                             const gchar *value,
+                                                             NMSetting8021xCKScheme scheme);
+       gchar               *(*get_cert)                     (NMACertChooser *cert_chooser,
+                                                             NMSetting8021xCKScheme *scheme);
+       void                 (*set_cert_password)            (NMACertChooser *cert_chooser,
+                                                             const gchar *password);
+       const gchar         *(*get_cert_password)            (NMACertChooser *cert_chooser);
+       void                 (*set_key)                      (NMACertChooser *cert_chooser,
+                                                             const gchar *value,
+                                                             NMSetting8021xCKScheme scheme);
+       gchar               *(*get_key)                      (NMACertChooser *cert_chooser,
+                                                             NMSetting8021xCKScheme *scheme);
+       void                 (*set_key_password)             (NMACertChooser *cert_chooser,
+                                                             const gchar *password);
+       const gchar         *(*get_key_password)             (NMACertChooser *cert_chooser);
+
+       void                 (*add_to_size_group)            (NMACertChooser *cert_chooser,
+                                                             GtkSizeGroup *group);
+       gboolean             (*validate)                     (NMACertChooser *cert_chooser,
+                                                             GError **error);
+
+       void                 (*setup_cert_password_storage)  (NMACertChooser *cert_chooser,
+                                                             NMSettingSecretFlags initial_flags,
+                                                             NMSetting *setting,
+                                                             const char *password_flags_name,
+                                                             gboolean with_not_required,
+                                                             gboolean ask_mode);
+       void                 (*update_cert_password_storage) (NMACertChooser *cert_chooser,
+                                                             NMSettingSecretFlags secret_flags,
+                                                             NMSetting *setting,
+                                                             const char *password_flags_name);
+       NMSettingSecretFlags (*get_cert_password_flags)      (NMACertChooser *cert_chooser);
+       void                 (*setup_key_password_storage)   (NMACertChooser *cert_chooser,
+                                                             NMSettingSecretFlags initial_flags,
+                                                             NMSetting *setting,
+                                                             const char *password_flags_name,
+                                                             gboolean with_not_required,
+                                                             gboolean ask_mode);
+       void                 (*update_key_password_storage)  (NMACertChooser *cert_chooser,
+                                                             NMSettingSecretFlags secret_flags,
+                                                             NMSetting *setting,
+                                                             const char *password_flags_name);
+       NMSettingSecretFlags (*get_key_password_flags)       (NMACertChooser *cert_chooser);
+
+       /* signals */
+       GError      *(*cert_validate)                        (NMACertChooser *cert_chooser);
+       GError      *(*cert_password_validate)               (NMACertChooser *cert_chooser);
+       GError      *(*key_validate)                         (NMACertChooser *cert_chooser);
+       GError      *(*key_password_validate)                (NMACertChooser *cert_chooser);
+       void         (*changed)                              (NMACertChooser *cert_chooser);
+} NMACertChooserInterface;
+
+/**
+ * NMACertChooserFlags:
+ * @NMA_CERT_CHOOSER_FLAG_CERT: Only pick a certificate, not a key
+ * @NMA_CERT_CHOOSER_FLAG_PASSWORDS: Hide all controls but the secrets entries
+ * @NMA_CERT_CHOOSER_FLAG_PEM: Ensure the chooser only selects regular PEM files
+ *
+ * Flags that controls what is the certificate chooser button able to pick.
+ * Currently only local files are supported, but might be extended to use URIs,
+ * such as PKCS\#11 certificate URIs in future as well.
+ *
+ * Since: 1.8.0
+ */
+NMA_AVAILABLE_IN_1_8
+typedef enum {
+       NMA_CERT_CHOOSER_FLAG_CERT      = 0x1,
+       NMA_CERT_CHOOSER_FLAG_PASSWORDS = 0x2,
+       NMA_CERT_CHOOSER_FLAG_PEM       = 0x4,
+} NMACertChooserFlags;
+
+NMA_AVAILABLE_IN_1_8
+GType                nma_cert_chooser_get_type                     (void);
+
+NMA_AVAILABLE_IN_1_8
+void                 nma_cert_chooser_set_cert                     (NMACertChooser *cert_chooser,
+                                                                    const gchar *value,
+                                                                    NMSetting8021xCKScheme scheme);
+
+NMA_AVAILABLE_IN_1_8
+gchar               *nma_cert_chooser_get_cert                     (NMACertChooser *cert_chooser,
+                                                                    NMSetting8021xCKScheme *scheme);
+
+NMA_AVAILABLE_IN_1_8
+void                 nma_cert_chooser_set_cert_password            (NMACertChooser *cert_chooser,
+                                                                    const gchar *password);
+
+NMA_AVAILABLE_IN_1_8
+const gchar         *nma_cert_chooser_get_cert_password            (NMACertChooser *cert_chooser);
+
+NMA_AVAILABLE_IN_1_8
+void                 nma_cert_chooser_set_key                      (NMACertChooser *cert_chooser,
+                                                                    const gchar *value,
+                                                                    NMSetting8021xCKScheme scheme);
+
+NMA_AVAILABLE_IN_1_8
+gchar               *nma_cert_chooser_get_key                      (NMACertChooser *cert_chooser,
+                                                                    NMSetting8021xCKScheme *scheme);
+
+NMA_AVAILABLE_IN_1_8
+void                 nma_cert_chooser_set_key_password             (NMACertChooser *cert_chooser,
+                                                                    const gchar *password);
+
+NMA_AVAILABLE_IN_1_8
+const gchar         *nma_cert_chooser_get_key_password             (NMACertChooser *cert_chooser);
+
+NMA_AVAILABLE_IN_1_8
+GtkWidget           *nma_cert_chooser_new                          (const gchar *title,
+                                                                    NMACertChooserFlags flags);
+
+
+NMA_AVAILABLE_IN_1_8
+void                 nma_cert_chooser_add_to_size_group            (NMACertChooser *cert_chooser,
+                                                                    GtkSizeGroup *group);
+
+NMA_AVAILABLE_IN_1_8
+gboolean             nma_cert_chooser_validate                     (NMACertChooser *cert_chooser,
+                                                                    GError **error);
+
+NMA_AVAILABLE_IN_1_8
+void                 nma_cert_chooser_setup_cert_password_storage  (NMACertChooser *cert_chooser,
+                                                                    NMSettingSecretFlags initial_flags,
+                                                                    NMSetting *setting,
+                                                                    const char *password_flags_name,
+                                                                    gboolean with_not_required,
+                                                                    gboolean ask_mode);
+
+NMA_AVAILABLE_IN_1_8
+void                 nma_cert_chooser_update_cert_password_storage (NMACertChooser *cert_chooser,
+                                                                    NMSettingSecretFlags secret_flags,
+                                                                    NMSetting *setting,
+                                                                    const char *password_flags_name);
+
+NMA_AVAILABLE_IN_1_8
+NMSettingSecretFlags nma_cert_chooser_get_cert_password_flags      (NMACertChooser *cert_chooser);
+
+NMA_AVAILABLE_IN_1_8
+void                 nma_cert_chooser_setup_key_password_storage   (NMACertChooser *cert_chooser,
+                                                                    NMSettingSecretFlags initial_flags,
+                                                                    NMSetting *setting,
+                                                                    const char *password_flags_name,
+                                                                    gboolean with_not_required,
+                                                                    gboolean ask_mode);
+
+NMA_AVAILABLE_IN_1_8
+void                 nma_cert_chooser_update_key_password_storage  (NMACertChooser *cert_chooser,
+                                                                    NMSettingSecretFlags secret_flags,
+                                                                    NMSetting *setting,
+                                                                    const char *password_flags_name);
+
+NMA_AVAILABLE_IN_1_8
+NMSettingSecretFlags nma_cert_chooser_get_key_password_flags       (NMACertChooser *cert_chooser);
+
+G_END_DECLS
+
+#endif /* NMA_CERT_CHOOSER_H */


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]