KIO
ksslcertificate.cpp
Go to the documentation of this file.
631 KSSLCertificate::KSSLValidationList KSSLCertificate::validateVerbose(KSSLCertificate::KSSLPurpose purpose)
636 KSSLCertificate::KSSLValidationList KSSLCertificate::validateVerbose(KSSLCertificate::KSSLPurpose purpose, KSSLCertificate *ca)
694 if (!d->kossl->X509_LOOKUP_load_file(certLookup, _j.toLatin1().constData(), X509_FILETYPE_PEM)) {
759 if (ksslv != NoCARoot && ksslv != InvalidCA && ksslv != GetIssuerCertFailed && ksslv != DecodeIssuerPublicKeyFailed && ksslv != GetIssuerCertLocallyFailed ) {
1053 return i18n("Retrieval of the issuer certificate failed. This means the CA's (Certificate Authority) certificate can not be found.");
1055 return i18n("Retrieval of the CRL (Certificate Revocation List) failed. This means the CA's (Certificate Authority) CRL can not be found.");
1057 return i18n("The decryption of the certificate's signature failed. This means it could not even be calculated as opposed to just not matching the expected result.");
1059 return i18n("The decryption of the CRL's (Certificate Revocation List) signature failed. This means it could not even be calculated as opposed to just not matching the expected result.");
1061 return i18n("The decoding of the public key of the issuer failed. This means that the CA's (Certificate Authority) certificate can not be used to verify the certificate you wanted to use.");
1063 return i18n("The certificate's signature is invalid. This means that the certificate can not be verified.");
1065 return i18n("The CRL's (Certificate Revocation List) signature is invalid. This means that the CRL can not be verified.");
1079 return i18n("The time format of the CRL's (Certificate Revocation List) 'lastUpdate' field is invalid.");
1081 return i18n("The time format of the CRL's (Certificate Revocation List) 'nextUpdate' field is invalid.");
1085 return i18n("The certificate is self-signed and not in the list of trusted certificates. If you want to accept this certificate, import it into the list of trusted certificates.");
1086 case KSSLCertificate::SelfSignedChain: // this is obsolete and kept around for backwards compatibility, only
1088 return i18n("The certificate is self-signed. While the trust chain could be built up, the root CA's (Certificate Authority) certificate can not be found.");
1090 return i18n("The CA's (Certificate Authority) certificate can not be found. Most likely, your trust chain is broken.");
1092 return i18n("The certificate can not be verified as it is the only certificate in the trust chain and not self-signed. If you self-sign the certificate, make sure to import it into the list of trusted certificates.");
1095 case KSSLCertificate::Revoked: // this is obsolete and kept around for backwards compatibility, only
1101 return i18n("The length of the trust chain exceeded one of the CA's (Certificate Authority) 'pathlength' parameters, making all subsequent signatures invalid.");
1103 return i18n("The certificate has not been signed for the purpose you tried to use it for. This means the CA (Certificate Authority) does not allow this usage.");
1104 case KSSLCertificate::Untrusted: // this is obsolete and kept around for backwards compatibility, only
1106 return i18n("The root CA (Certificate Authority) is not trusted for the purpose you tried to use this certificate for.");
1107 case KSSLCertificate::Rejected: // this is obsolete and kept around for backwards compatibility, only // this is obsolete and kept around for backwards compatibility, onle
1109 return i18n("The root CA (Certificate Authority) has been marked to be rejected for the purpose you tried to use it for.");
1111 return i18n("The certificate's CA (Certificate Authority) does not match the CA name of the certificate.");
1113 return i18n("The CA (Certificate Authority) certificate's key ID does not match the key ID in the 'Issuer' section of the certificate you are trying to use.");
1115 return i18n("The CA (Certificate Authority) certificate's key ID and name do not match the key ID and name in the 'Issuer' section of the certificate you are trying to use.");
1117 return i18n("The certificate's CA (Certificate Authority) is not allowed to sign certificates.");
1124 return i18n("The signature test for this certificate failed. This could mean that the signature of this certificate or any in its trust path are invalid, could not be decoded or that the CRL (Certificate Revocation List) could not be verified. If you see this message, please let the author of the software you are using know that he or she should use the new, more specific error messages.");
1126 return i18n("This certificate, any in its trust path or its CA's (Certificate Authority) CRL (Certificate Revocation List) is not valid. Any of them could not be valid yet or not valid any more. If you see this message, please let the author of the software you are using know that he or she should use the new, more specific error messages.");
1132 return i18n("Certificate signing authority root files could not be found so the certificate is not verified.");
1290 names = (STACK_OF(GENERAL_NAME)*)d->kossl->X509_get_ext_d2i(d->m_cert, NID_subject_alt_name, 0, 0);
QDataStream & operator>>(QDataStream &s, KSSLCertificate &r)
Definition: ksslcertificate.cpp:1332
Definition: ksslcertificate.h:120
QString i18n(const char *text)
KSSLCertificate * replicate()
Explicitly make a copy of this certificate.
Definition: ksslcertificate.cpp:1027
Definition: ksslcertificate.h:119
const char header[]
Definition: ksslcertificate.h:122
Definition: ksslcertificate.h:119
bool addResourceType(const char *type, const QString &relativename, bool priority=true)
QString getSerialNumber() const
Get the serial number of the certificate.
Definition: ksslcertificate.cpp:182
Definition: ksslcertificate.h:147
KSSLCertChain & chain()
Get a reference to the certificate chain.
Definition: ksslcertificate.cpp:128
Definition: ksslcertificate.h:122
QByteArray toNetscape()
Convert the certificate to Netscape format.
Definition: ksslcertificate.cpp:1211
KStandardDirs * dirs()
KSSLValidation revalidate()
Check if this is a valid certificate.
Definition: ksslcertificate.cpp:777
QString getIssuer() const
Get the issuer of the certificate (X.509 map).
Definition: ksslcertificate.cpp:444
Definition: ksslcertificate.h:121
static QDebug kDebug(bool cond, int area=KDE_DEFAULT_DEBUG_AREA)
QString getSubject() const
Get the subject of the certificate (X.509 map).
Definition: ksslcertificate.cpp:167
QString getMD5DigestText() const
Get the MD5 digest of the certificate.
Definition: ksslcertificate.cpp:264
QDateTime getQDTNotAfter() const
Get the date that the certificate is valid until.
Definition: ksslcertificate.cpp:1006
Definition: ksslcertificate.h:119
QString i18nc(const char *ctxt, const char *text)
Definition: ksslcertificate.h:123
Definition: ksslcertificate.h:146
QDateTime getQDTNotBefore() const
Get the date that the certificate becomes valid on.
Definition: ksslcertificate.cpp:997
static QString verifyText(KSSLValidation x)
Obtain the localized message that corresponds to a validation result.
Definition: ksslcertificate.cpp:1047
Definition: ksslcertificate.h:120
void setCertChain(const QStringList &chain)
Set the certificate chain as a list of base64 encoded X.509 certificates.
Definition: ksslcertchain.cpp:194
QDataStream & operator<<(QDataStream &s, const KSSLCertificate &r)
Definition: ksslcertificate.cpp:1317
QString getKDEKey() const
KDEKey is a concatenation "Subject (MD5)", mostly needed for SMIME.
Definition: ksslcertificate.cpp:246
Definition: ksslcertificate.h:121
static QString getMD5DigestFromKDEKey(const QString &k)
Aegypten semantics force us to search by MD5Digest only.
Definition: ksslcertificate.cpp:251
static KSSLCertificate * fromX509(X509 *x5)
Create an X.509 certificate from the internal representation.
Definition: ksslcertificate.cpp:133
QStringList resourceDirs(const char *type) const
QString toText()
Convert the certificate to OpenSSL plain text format.
Definition: ksslcertificate.cpp:1238
QString getNotBefore() const
Get the date that the certificate becomes valid on.
Definition: ksslcertificate.cpp:979
static KSSLCertificate * fromString(const QByteArray &cert)
Create an X.509 certificate from a base64 encoded string.
Definition: ksslcertificate.cpp:145
Definition: ksslcertificate.h:124
QString getNotAfter() const
Get the date that the certificate is valid until.
Definition: ksslcertificate.cpp:988
QByteArray toDer()
Convert the certificate to DER (ASN.1) format.
Definition: ksslcertificate.cpp:1149
FILE * fopen(const QString &pathname, const char *mode)
QByteArray toPem()
Convert the certificate to PEM (base64) format.
Definition: ksslcertificate.cpp:1171
QString getMD5Digest() const
Get the MD5 digest of the certificate.
Definition: ksslcertificate.cpp:290
KSSLValidationList validateVerbose(KSSLPurpose p)
Check if this is a valid certificate.
Definition: ksslcertificate.cpp:631
Definition: ksslcertificate.h:146
int operator==(KSSLCertificate &x, KSSLCertificate &y)
Definition: ksslcertificate.cpp:1015
bool setCert(const QString &cert)
Re-set the certificate from a base64 string.
Definition: ksslcertificate.cpp:1261
QString number(KIO::filesize_t size)
Converts a size to a string representation Not unlike QString::number(...)
Definition: global.cpp:63
Definition: ksslcertificate.h:146
Definition: ksslcertificate.h:147
This file is part of the KDE documentation.
Documentation copyright © 1996-2014 The KDE developers.
Generated on Tue Oct 14 2014 22:50:02 by doxygen 1.8.7 written by Dimitri van Heesch, © 1997-2006
Documentation copyright © 1996-2014 The KDE developers.
Generated on Tue Oct 14 2014 22:50:02 by doxygen 1.8.7 written by Dimitri van Heesch, © 1997-2006
KDE's Doxygen guidelines are available online.