kio

ksslcertificate.h

00001 /* This file is part of the KDE project
00002  *
00003  * Copyright (C) 2000-2003 George Staikos <staikos@kde.org>
00004  *
00005  * This library is free software; you can redistribute it and/or
00006  * modify it under the terms of the GNU Library General Public
00007  * License as published by the Free Software Foundation; either
00008  * version 2 of the License, or (at your option) any later version.
00009  *
00010  * This library is distributed in the hope that it will be useful,
00011  * but WITHOUT ANY WARRANTY; without even the implied warranty of
00012  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
00013  * Library General Public License for more details.
00014  *
00015  * You should have received a copy of the GNU Library General Public License
00016  * along with this library; see the file COPYING.LIB.  If not, write to
00017  * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
00018  * Boston, MA 02110-1301, USA.
00019  */
00020 
00021 #ifndef _KSSLCERTIFICATE_H
00022 #define _KSSLCERTIFICATE_H
00023 
00024 
00025 // UPDATE: I like the structure of this class less and less every time I look
00026 //         at it.  I think it needs to change.
00027 //
00028 //
00029 //  The biggest reason for making everything protected here is so that
00030 //  the class can have all it's methods available even if openssl is not
00031 //  available.  Also, to create a new certificate you should use the
00032 //  KSSLCertificateFactory, and to manage the user's database of certificates,
00033 //  you should go through the KSSLCertificateHome.
00034 //
00035 //  There should be no reason to touch the X509 stuff directly.
00036 //
00037 
00038 #include <qcstring.h>
00039 #include <qvaluelist.h>
00040 
00041 class QString;
00042 class QStringList;
00043 class QCString;
00044 class KSSL;
00045 class KSSLCertificatePrivate;
00046 class QDateTime;
00047 class KSSLCertChain;
00048 class KSSLX509V3;
00049 
00050 #include <kdelibs_export.h>
00051 
00052 #ifdef Q_WS_WIN
00053 #include "ksslconfig_win.h"
00054 #else
00055 #include "ksslconfig.h"
00056 #endif
00057 
00058 #ifdef KSSL_HAVE_SSL
00059 typedef struct x509_st X509;
00060 #else
00061 class X509;
00062 #endif
00063 
00075 class KIO_EXPORT KSSLCertificate {
00076 friend class KSSL;
00077 friend class KSSLCertificateHome;
00078 friend class KSSLCertificateFactory;
00079 friend class KSSLCertificateCache;
00080 friend class KSSLCertChain;
00081 friend class KSSLPeerInfo;
00082 friend class KSSLPKCS12;
00083 friend class KSSLD;
00084 friend class KSMIMECryptoPrivate;
00085 
00086 
00087 public:
00091     ~KSSLCertificate();
00092 
00098     static KSSLCertificate *fromString(QCString cert);
00099 
00107     static KSSLCertificate *fromX509(X509 *x5);
00108 
00113     enum KSSLValidation {   Unknown, Ok, NoCARoot, InvalidPurpose,
00114                 PathLengthExceeded, InvalidCA, Expired,
00115                 SelfSigned, ErrorReadingRoot, NoSSL,
00116                 Revoked, Untrusted, SignatureFailed,
00117                 Rejected, PrivateKeyFailed, InvalidHost,
00118                 Irrelevant, SelfSignedChain
00119                 };
00120 
00121     enum KSSLPurpose {      None=0, SSLServer=1, SSLClient=2,
00122                 SMIMESign=3, SMIMEEncrypt=4, Any=5 };
00123 
00124         typedef QValueList<KSSLValidation> KSSLValidationList;
00125 
00130     QString toString();
00131 
00136     QString getSubject() const;
00137 
00142     QString getIssuer() const;
00143 
00148     QString getNotBefore() const;
00149 
00154     QString getNotAfter() const;
00155 
00160     QDateTime getQDTNotBefore() const;
00161 
00166     QDateTime getQDTNotAfter() const;
00167 
00172     QByteArray toDer();
00173 
00178     QByteArray toPem();
00179 
00184     QByteArray toNetscape();
00185 
00190     QString toText();
00191 
00196     QString getSerialNumber() const;
00197 
00202     QString getKeyType() const;
00203 
00208     QString getPublicKeyText() const;
00209 
00215     QString getMD5DigestText() const;
00216 
00221     QString getMD5Digest() const;
00222 
00227     QString getSignatureText() const;
00228 
00233     bool isValid();
00234 
00240     bool isValid(KSSLPurpose p);
00241 
00246     QStringList subjAltNames() const;
00247 
00252     KSSLValidation validate();
00253 
00259     KSSLValidation validate(KSSLPurpose p);
00260 
00266     KSSLValidationList validateVerbose(KSSLPurpose p);
00267 
00275     KSSLValidationList validateVerbose(KSSLPurpose p, KSSLCertificate *ca);
00276 
00281     KSSLValidation revalidate();
00282 
00288     KSSLValidation revalidate(KSSLPurpose p);
00289 
00294     KSSLCertChain& chain();
00295 
00301     static QString verifyText(KSSLValidation x);
00302 
00307     KSSLCertificate *replicate();
00308 
00313     KSSLCertificate(const KSSLCertificate& x); // copy constructor
00314 
00320     bool setCert(QString& cert);
00321 
00327     KSSLX509V3& x509V3Extensions();
00328 
00333     bool isSigner();
00334 
00338     void getEmails(QStringList& to) const;
00339 
00345     QString getKDEKey() const;
00346 
00350     static QString getMD5DigestFromKDEKey(const QString& k);
00351 
00352 private:
00353     KIO_EXPORT friend int operator!=(KSSLCertificate& x, KSSLCertificate& y);
00354     KIO_EXPORT friend int operator==(KSSLCertificate& x, KSSLCertificate& y);
00355 
00356     KSSLCertificatePrivate *d;
00357     int purposeToOpenSSL(KSSLPurpose p) const;
00358 
00359 protected:
00360     KSSLCertificate();
00361 
00362     void setCert(X509 *c);
00363     void setChain(void *c);
00364     X509 *getCert();
00365     KSSLValidation processError(int ec);
00366 };
00367 
00368 KIO_EXPORT QDataStream& operator<<(QDataStream& s, const KSSLCertificate& r);
00369 KIO_EXPORT QDataStream& operator>>(QDataStream& s, KSSLCertificate& r);
00370 
00371 KIO_EXPORT int operator==(KSSLCertificate& x, KSSLCertificate& y);
00372 KIO_EXPORT inline int operator!=(KSSLCertificate& x, KSSLCertificate& y)
00373 { return !(x == y); }
00374 
00375 #endif
00376
kio

ksslcertificate.h

kio

API Reference
