#include <ksslcertificate.h>

Public Types
enum	KSSLPurpose { None =0, SSLServer =1, SSLClient =2, SMIMESign =3, SMIMEEncrypt =4, Any =5 }

enum	KSSLValidation { Unknown, Ok, NoCARoot, InvalidPurpose, PathLengthExceeded, InvalidCA, Expired, SelfSigned, ErrorReadingRoot, NoSSL, Revoked, Untrusted, SignatureFailed, Rejected, PrivateKeyFailed, InvalidHost, Irrelevant, SelfSignedChain, GetIssuerCertFailed, DecodeIssuerPublicKeyFailed, GetIssuerCertLocallyFailed, CertificateNotYetValid, CertificateHasExpired, CRLNotYetValid, CRLHasExpired, CertificateFieldNotBeforeErroneous, CertificateFieldNotAfterErroneous, CRLFieldLastUpdateErroneous, CRLFieldNextUpdateErroneous, CertificateRevoked, CertificateUntrusted, VerifyLeafSignatureFailed, CertificateSignatureFailed, CRLSignatureFailed, DecryptCertificateSignatureFailed, DecryptCRLSignatureFailed, CertificateRejected, SelfSignedInChain, ApplicationVerificationFailed, AuthAndSubjectKeyIDAndNameMismatched, AuthAndSubjectKeyIDMismatched, OutOfMemory, GetCRLFailed, CertificateChainTooLong, KeyMayNotSignCertificate, IssuerSubjectMismatched }

typedef QList< KSSLValidation >	KSSLValidationList

Public Member Functions
	KSSLCertificate (const KSSLCertificate &x)

	~KSSLCertificate ()

KSSLCertChain &	chain ()

void	getEmails (QStringList &to) const

QString	getIssuer () const

QString	getKDEKey () const

QString	getKeyType () const

QString	getMD5Digest () const

QString	getMD5DigestText () const

QString	getNotAfter () const

QString	getNotBefore () const

QString	getPublicKeyText () const

QDateTime	getQDTNotAfter () const

QDateTime	getQDTNotBefore () const

QString	getSerialNumber () const

QString	getSignatureText () const

QString	getSubject () const

bool	isSigner ()

bool	isValid ()

bool	isValid (KSSLPurpose p)

KSSLCertificate *	replicate ()

KSSLValidation	revalidate ()

KSSLValidation	revalidate (KSSLPurpose p)

bool	setCert (const QString &cert)

QStringList	subjAltNames () const

QByteArray	toDer ()

QByteArray	toNetscape ()

QByteArray	toPem ()

QString	toString ()

QString	toText ()

KSSLValidation	validate ()

KSSLValidation	validate (KSSLPurpose p)

KSSLValidationList	validateVerbose (KSSLPurpose p)

KSSLValidationList	validateVerbose (KSSLPurpose p, KSSLCertificate *ca)

KSSLX509V3 &	x509V3Extensions ()

Static Public Member Functions
static KSSLCertificate *	fromString (const QByteArray &cert)

static KSSLCertificate *	fromX509 (X509 *x5)

static QString	getMD5DigestFromKDEKey (const QString &k)

static QString	verifyText (KSSLValidation x)

Protected Member Functions
	KSSLCertificate ()

X509 *	getCert ()

KSSLValidation	processError (int ec)

void	setCert (X509 *c)

void	setChain (void *c)

Friends
int	operator!= (KSSLCertificate &x, KSSLCertificate &y)

int	operator== (KSSLCertificate &x, KSSLCertificate &y)

Detailed Description

KDE X.509 Certificate.

This class represents an X.509 (SSL) certificate. Note: this object is VERY HEAVY TO COPY. Please try to use reference or pointer whenever possible

Author: George Staikos staik.nosp@m.os@k.nosp@m.de.or.nosp@m.g

See also: KSSL KDE X.509 Certificate

Definition at line 74 of file ksslcertificate.h.

Member Typedef Documentation

typedef QList<KSSLValidation> KSSLCertificate::KSSLValidationList

Definition at line 149 of file ksslcertificate.h.

Member Enumeration Documentation

enum KSSLCertificate::KSSLPurpose

Enumerator
None
SSLServer
SSLClient
SMIMESign
SMIMEEncrypt
Any

Definition at line 146 of file ksslcertificate.h.

enum KSSLCertificate::KSSLValidation

Result of the validate() call.

A CA certificate can be validated as Irrelevant when it was not used to sign any other relevant certificate.

Enumerator
Unknown
Ok
NoCARoot
InvalidPurpose
PathLengthExceeded
InvalidCA
Expired
SelfSigned
ErrorReadingRoot
NoSSL
Revoked
Untrusted
SignatureFailed
Rejected
PrivateKeyFailed
InvalidHost
Irrelevant
SelfSignedChain
GetIssuerCertFailed
DecodeIssuerPublicKeyFailed
GetIssuerCertLocallyFailed
CertificateNotYetValid
CertificateHasExpired
CRLNotYetValid
CRLHasExpired
CertificateFieldNotBeforeErroneous
CertificateFieldNotAfterErroneous
CRLFieldLastUpdateErroneous
CRLFieldNextUpdateErroneous
CertificateRevoked
CertificateUntrusted
VerifyLeafSignatureFailed
CertificateSignatureFailed
CRLSignatureFailed
DecryptCertificateSignatureFailed
DecryptCRLSignatureFailed
CertificateRejected
SelfSignedInChain
ApplicationVerificationFailed
AuthAndSubjectKeyIDAndNameMismatched
AuthAndSubjectKeyIDMismatched
OutOfMemory
GetCRLFailed
CertificateChainTooLong
KeyMayNotSignCertificate
IssuerSubjectMismatched

Definition at line 119 of file ksslcertificate.h.

Constructor & Destructor Documentation

KSSLCertificate::~KSSLCertificate ( )

Destroy this X.509 certificate.

Definition at line 118 of file ksslcertificate.cpp.

KSSLCertificate::KSSLCertificate ( const KSSLCertificate & x )

Copy constructor.

Beware, this is very expensive.

Parameters

x	the object to copy from

Definition at line 103 of file ksslcertificate.cpp.

KSSLCertificate::KSSLCertificate ( )

protected

Definition at line 93 of file ksslcertificate.cpp.

Member Function Documentation

KSSLCertChain & KSSLCertificate::chain ( )

Get a reference to the certificate chain.

Returns: reference to the chain

Definition at line 128 of file ksslcertificate.cpp.

KSSLCertificate * KSSLCertificate::fromString ( const QByteArray & cert )

static

Create an X.509 certificate from a base64 encoded string.

Parameters

cert	the certificate in base64 form

Returns: the X.509 certificate, or NULL

Definition at line 145 of file ksslcertificate.cpp.

KSSLCertificate * KSSLCertificate::fromX509 ( X509 * x5 )

static

Create an X.509 certificate from the internal representation.

This one duplicates the X509 object for itself.

Parameters

x5	the OpenSSL representation of the certificate

Returns: the X.509 certificate, or NULL

Definition at line 133 of file ksslcertificate.cpp.

X509 * KSSLCertificate::getCert ( )

protected

Definition at line 580 of file ksslcertificate.cpp.

void KSSLCertificate::getEmails ( QStringList & to ) const

FIXME: document.

Definition at line 231 of file ksslcertificate.cpp.

QString KSSLCertificate::getIssuer ( ) const

Get the issuer of the certificate (X.509 map).

Returns: the issuer

Definition at line 455 of file ksslcertificate.cpp.

QString KSSLCertificate::getKDEKey ( ) const

KDEKey is a concatenation "Subject (MD5)", mostly needed for SMIME.

The result of getKDEKey might change and should not be used for persistant storage.

Definition at line 250 of file ksslcertificate.cpp.

QString KSSLCertificate::getKeyType ( ) const

Get the key type (RSA, DSA, etc).

Returns: the key type as a string

Definition at line 317 of file ksslcertificate.cpp.

QString KSSLCertificate::getMD5Digest ( ) const

Get the MD5 digest of the certificate.

Returns: the MD5 digest in a hexidecimal string

Definition at line 294 of file ksslcertificate.cpp.

QString KSSLCertificate::getMD5DigestFromKDEKey ( const QString & k )

static

Aegypten semantics force us to search by MD5Digest only.

Definition at line 255 of file ksslcertificate.cpp.

QString KSSLCertificate::getMD5DigestText ( ) const

Get the MD5 digest of the certificate.

Result is padded with : to separate bytes - it's a text version!

Returns: the MD5 digest in a hexidecimal string

Definition at line 268 of file ksslcertificate.cpp.

QString KSSLCertificate::getNotAfter ( ) const

Get the date that the certificate is valid until.

Returns: the date as a string, localised

Definition at line 999 of file ksslcertificate.cpp.

QString KSSLCertificate::getNotBefore ( ) const

Get the date that the certificate becomes valid on.

Returns: the date as a string, localised

Definition at line 990 of file ksslcertificate.cpp.

QString KSSLCertificate::getPublicKeyText ( ) const

Get the public key.

Returns: the public key as a hexidecimal string

Definition at line 345 of file ksslcertificate.cpp.

QDateTime KSSLCertificate::getQDTNotAfter ( ) const

Get the date that the certificate is valid until.

Returns: the date

Definition at line 1017 of file ksslcertificate.cpp.

QDateTime KSSLCertificate::getQDTNotBefore ( ) const

Get the date that the certificate becomes valid on.

Returns: the date

Definition at line 1008 of file ksslcertificate.cpp.

QString KSSLCertificate::getSerialNumber ( ) const

Get the serial number of the certificate.

Returns: the serial number as a string

Definition at line 182 of file ksslcertificate.cpp.

QString KSSLCertificate::getSignatureText ( ) const

Get the signature.

Returns: the signature in text format

Definition at line 196 of file ksslcertificate.cpp.

QString KSSLCertificate::getSubject ( ) const

Get the subject of the certificate (X.509 map).

Returns: the subject

Definition at line 167 of file ksslcertificate.cpp.

bool KSSLCertificate::isSigner ( )

Check if this is a signer certificate.

Returns: true if this is a signer certificate

Definition at line 1293 of file ksslcertificate.cpp.

bool KSSLCertificate::isValid ( )

Check if this is a valid certificate.

Will use cached data.

Returns: true if it is valid

Definition at line 598 of file ksslcertificate.cpp.

bool KSSLCertificate::isValid ( KSSLCertificate::KSSLPurpose p )

Check if this is a valid certificate.

Will use cached data.

Parameters

p	the purpose to validate for

Returns: true if it is valid

Definition at line 593 of file ksslcertificate.cpp.

KSSLCertificate::KSSLValidation KSSLCertificate::processError ( int ec )

protected

Definition at line 799 of file ksslcertificate.cpp.

KSSLCertificate * KSSLCertificate::replicate ( )

Explicitly make a copy of this certificate.

Returns: a copy of the certificate

Definition at line 1038 of file ksslcertificate.cpp.

KSSLCertificate::KSSLValidation KSSLCertificate::revalidate ( )

Check if this is a valid certificate.

Will NOT use cached data.

Returns: the result of the validation

Definition at line 788 of file ksslcertificate.cpp.

KSSLCertificate::KSSLValidation KSSLCertificate::revalidate ( KSSLCertificate::KSSLPurpose p )

Check if this is a valid certificate.

Will NOT use cached data.

Parameters

p	the purpose to validate for

Returns: the result of the validation

Definition at line 793 of file ksslcertificate.cpp.

bool KSSLCertificate::setCert ( const QString & cert )

Re-set the certificate from a base64 string.

Parameters

cert	the certificate to set to

Returns: true on success

Definition at line 1273 of file ksslcertificate.cpp.

void KSSLCertificate::setCert ( X509 * c )

protected

Definition at line 480 of file ksslcertificate.cpp.

void KSSLCertificate::setChain ( void * c )

protected

Definition at line 472 of file ksslcertificate.cpp.

QStringList KSSLCertificate::subjAltNames ( ) const

The alternate subject name.

Returns: string list with subjectAltName

Definition at line 1298 of file ksslcertificate.cpp.

QByteArray KSSLCertificate::toDer ( )

Convert the certificate to DER (ASN.1) format.

Returns: the binary data of the DER encoding

Definition at line 1160 of file ksslcertificate.cpp.

QByteArray KSSLCertificate::toNetscape ( )

Convert the certificate to Netscape format.

Returns: the binary data of the Netscape encoding

Definition at line 1222 of file ksslcertificate.cpp.

QByteArray KSSLCertificate::toPem ( )

Convert the certificate to PEM (base64) format.

Returns: the binary data of the PEM encoding

Definition at line 1182 of file ksslcertificate.cpp.

QString KSSLCertificate::toString ( )

Convert this certificate to a string.

Returns: the certificate in base64 format

Definition at line 1052 of file ksslcertificate.cpp.

QString KSSLCertificate::toText ( )

Convert the certificate to OpenSSL plain text format.

Returns: the OpenSSL text encoding

Definition at line 1250 of file ksslcertificate.cpp.

KSSLCertificate::KSSLValidation KSSLCertificate::validate ( )

Check if this is a valid certificate.

Will use cached data.

Returns: the result of the validation

Definition at line 623 of file ksslcertificate.cpp.

KSSLCertificate::KSSLValidation KSSLCertificate::validate ( KSSLCertificate::KSSLPurpose purpose )

Check if this is a valid certificate.

Will use cached data.

Parameters

p	the purpose to validate for

Returns: the result of the validation

Definition at line 627 of file ksslcertificate.cpp.

KSSLCertificate::KSSLValidationList KSSLCertificate::validateVerbose ( KSSLCertificate::KSSLPurpose purpose )

Check if this is a valid certificate.

Will use cached data.

Parameters

p	the purpose to validate for

Returns: all problems encountered during validation

Definition at line 642 of file ksslcertificate.cpp.

KSSLCertificate::KSSLValidationList KSSLCertificate::validateVerbose	(	KSSLCertificate::KSSLPurpose	purpose,
		KSSLCertificate *	ca
	)

Check if the certificate ca is a proper CA for this certificate.

Parameters

p	the purpose to validate for
ca	the certificate to check

Returns: all problems encountered during validation

Definition at line 647 of file ksslcertificate.cpp.

QString KSSLCertificate::verifyText ( KSSLValidation x )

static

Obtain the localized message that corresponds to a validation result.

Parameters

x	the code to look up

Returns: the message text corresponding to the validation code

Definition at line 1058 of file ksslcertificate.cpp.

KSSLX509V3 & KSSLCertificate::x509V3Extensions ( )

Access the X.509v3 parameters.

Returns: reference to the extension object

See also: KSSLX509V3

Definition at line 1288 of file ksslcertificate.cpp.

Friends And Related Function Documentation

int operator!=	(	KSSLCertificate &	x,
		KSSLCertificate &	y
	)

friend

Definition at line 397 of file ksslcertificate.h.

int operator==	(	KSSLCertificate &	x,
		KSSLCertificate &	y
	)

friend

Definition at line 1026 of file ksslcertificate.cpp.

The documentation for this class was generated from the following files:

KIO

Public Types

Public Member Functions

Static Public Member Functions

Protected Member Functions

Friends

Detailed Description

Member Typedef Documentation

Member Enumeration Documentation

Constructor & Destructor Documentation

Member Function Documentation

Friends And Related Function Documentation

KIO

kdelibs API Reference

Search