Okular

signatureutils.h
1 /*
2  SPDX-FileCopyrightText: 2018 Chinmoy Ranjan Pradhan <[email protected]>
3 
4  SPDX-License-Identifier: GPL-2.0-or-later
5 */
6 
7 #ifndef OKULAR_SIGNATUREUTILS_H
8 #define OKULAR_SIGNATUREUTILS_H
9 
10 #include "okularcore_export.h"
11 
12 #include <QDateTime>
13 #include <QFlag>
14 #include <QList>
15 #include <QSharedPointer>
16 #include <QString>
17 
18 namespace Okular
19 {
20 class SignatureInfoPrivate;
21 
22 /**
23  * @short A helper class to store information about x509 certificate
24  */
25 class OKULARCORE_EXPORT CertificateInfo
26 {
27 public:
28  /**
29  * The algorithm of public key.
30  */
31  enum PublicKeyType { RsaKey, DsaKey, EcKey, OtherKey };
32 
33  /**
34  * Certificate key usage extensions.
35  */
36  enum KeyUsageExtension { KuDigitalSignature = 0x80, KuNonRepudiation = 0x40, KuKeyEncipherment = 0x20, KuDataEncipherment = 0x10, KuKeyAgreement = 0x08, KuKeyCertSign = 0x04, KuClrSign = 0x02, KuEncipherOnly = 0x01, KuNone = 0x00 };
37  Q_DECLARE_FLAGS(KeyUsageExtensions, KeyUsageExtension)
38 
39  /**
40  * Predefined keys for elements in an entity's distinguished name.
41  */
43  CommonName,
44  DistinguishedName,
45  EmailAddress,
47  };
48 
49  /**
50  * Destructor
51  */
52  virtual ~CertificateInfo();
53 
54  /**
55  * Returns true if certificate has no contents; otherwise returns false.
56  */
57  virtual bool isNull() const;
58 
59  /**
60  * The certificate version string.
61  */
62  virtual int version() const;
63 
64  /**
65  * The certificate serial number.
66  */
67  virtual QByteArray serialNumber() const;
68 
69  /**
70  * Information about the issuer.
71  */
72  virtual QString issuerInfo(EntityInfoKey key) const;
73 
74  /**
75  * Information about the subject
76  */
77  virtual QString subjectInfo(EntityInfoKey key) const;
78 
79  /**
80  * The certificate internal database nickname
81  */
82  virtual QString nickName() const;
83 
84  /**
85  * The date-time when certificate becomes valid.
86  */
87  virtual QDateTime validityStart() const;
88 
89  /**
90  * The date-time when certificate expires.
91  */
92  virtual QDateTime validityEnd() const;
93 
94  /**
95  * The uses allowed for the certificate.
96  */
97  virtual KeyUsageExtensions keyUsageExtensions() const;
98 
99  /**
100  * The public key value.
101  */
102  virtual QByteArray publicKey() const;
103 
104  /**
105  * The public key type.
106  */
107  virtual PublicKeyType publicKeyType() const;
108 
109  /**
110  * The strength of public key in bits.
111  */
112  virtual int publicKeyStrength() const;
113 
114  /**
115  * Returns true if certificate is self-signed otherwise returns false.
116  */
117  virtual bool isSelfSigned() const;
118 
119  /**
120  * The DER encoded certificate.
121  */
122  virtual QByteArray certificateData() const;
123 
124  /**
125  * Checks if the given password is the correct one for this certificate
126  *
127  * @since 21.04
128  */
129  virtual bool checkPassword(const QString &password) const;
130 
131 protected:
132  friend class SignatureInfo;
133  CertificateInfo();
134 
135 private:
136  Q_DISABLE_COPY(CertificateInfo)
137 };
138 
139 /**
140  * @short A helper class to store information about digital signature
141  */
142 class OKULARCORE_EXPORT SignatureInfo
143 {
144 public:
145  /**
146  * The verification result of the signature.
147  */
149  SignatureStatusUnknown, ///< The signature status is unknown for some reason.
150  SignatureValid, ///< The signature is cryptographically valid.
151  SignatureInvalid, ///< The signature is cryptographically invalid.
152  SignatureDigestMismatch, ///< The document content was changed after the signature was applied.
153  SignatureDecodingError, ///< The signature CMS/PKCS7 structure is malformed.
154  SignatureGenericError, ///< The signature could not be verified.
155  SignatureNotFound, ///< The requested signature is not present in the document.
156  SignatureNotVerified ///< The signature is not yet verified.
157  };
158 
159  /**
160  * The verification result of the certificate.
161  */
163  CertificateStatusUnknown, ///< The certificate status is unknown for some reason.
164  CertificateTrusted, ///< The certificate is considered trusted.
165  CertificateUntrustedIssuer, ///< The issuer of this certificate has been marked as untrusted by the user.
166  CertificateUnknownIssuer, ///< The certificate trust chain has not finished in a trusted root certificate.
167  CertificateRevoked, ///< The certificate was revoked by the issuing certificate authority.
168  CertificateExpired, ///< The signing time is outside the validity bounds of this certificate.
169  CertificateGenericError, ///< The certificate could not be verified.
170  CertificateNotVerified ///< The certificate is not yet verified.
171  };
172 
173  /**
174  * The hash algorithm of the signature
175  */
176  enum HashAlgorithm { HashAlgorithmUnknown, HashAlgorithmMd2, HashAlgorithmMd5, HashAlgorithmSha1, HashAlgorithmSha256, HashAlgorithmSha384, HashAlgorithmSha512, HashAlgorithmSha224 };
177 
178  /**
179  * Destructor.
180  */
181  virtual ~SignatureInfo();
182 
183  /**
184  * The signature status of the signature.
185  */
186  virtual SignatureStatus signatureStatus() const;
187 
188  /**
189  * The certificate status of the signature.
190  */
191  virtual CertificateStatus certificateStatus() const;
192 
193  /**
194  * The signer subject common name associated with the signature.
195  */
196  virtual QString signerName() const;
197 
198  /**
199  * The signer subject distinguished name associated with the signature.
200  */
201  virtual QString signerSubjectDN() const;
202 
203  /**
204  * Get signing location.
205  */
206  virtual QString location() const;
207 
208  /**
209  * Get signing reason.
210  */
211  virtual QString reason() const;
212 
213  /**
214  * The hash algorithm used for the signature.
215  */
216  virtual HashAlgorithm hashAlgorithm() const;
217 
218  /**
219  * The signing time associated with the signature.
220  */
221  virtual QDateTime signingTime() const;
222 
223  /**
224  * Get the signature binary data.
225  */
226  virtual QByteArray signature() const;
227 
228  /**
229  * Get the bounds of the ranges of the document which are signed.
230  */
231  virtual QList<qint64> signedRangeBounds() const;
232 
233  /**
234  * Checks whether the signature authenticates the total document
235  * except for the signature itself.
236  */
237  virtual bool signsTotalDocument() const;
238 
239  /**
240  * Get certificate details.
241  */
242  virtual const CertificateInfo &certificateInfo() const;
243 
244 protected:
245  SignatureInfo();
246 
247 private:
248  Q_DISABLE_COPY(SignatureInfo)
249 };
250 
251 /**
252  * @short A helper class to store information about x509 certificate
253  */
254 class OKULARCORE_EXPORT CertificateStore
255 {
256 public:
257  /**
258  * Destructor
259  */
260  virtual ~CertificateStore();
261 
262  /**
263  * Returns list of valid, usable signing certificates.
264  *
265  * This can ask the user for a password, userCancelled will be true if the user decided not to enter it.
266  */
267  virtual QList<CertificateInfo *> signingCertificates(bool *userCancelled) const;
268 
269 protected:
271 
272 private:
273  Q_DISABLE_COPY(CertificateStore)
274 };
275 
276 }
277 
278 #endif
PublicKeyType
The algorithm of public key.
Organization
The signature CMS/PKCS7 structure is malformed.
global.h
Definition: action.h:16
The signing time is outside the validity bounds of this certificate.
The certificate was revoked by the issuing certificate authority.
The signature is cryptographically valid.
SignatureStatus
The verification result of the signature.
The certificate is considered trusted.
HashAlgorithm
The hash algorithm of the signature.
A helper class to store information about digital signature.
The issuer of this certificate has been marked as untrusted by the user.
The requested signature is not present in the document.
The certificate status is unknown for some reason.
A helper class to store information about x509 certificate.
The signature is cryptographically invalid.
CertificateStatus
The verification result of the certificate.
EntityInfoKey
Predefined keys for elements in an entity&#39;s distinguished name.
A helper class to store information about x509 certificate.
The signature status is unknown for some reason.
The document content was changed after the signature was applied.
The certificate trust chain has not finished in a trusted root certificate.
CommonName
KeyUsageExtension
Certificate key usage extensions.
The signature could not be verified.
The certificate could not be verified.
This file is part of the KDE documentation.
Documentation copyright © 1996-2021 The KDE developers.
Generated on Fri Nov 26 2021 22:38:09 by doxygen 1.8.11 written by Dimitri van Heesch, © 1997-2006

KDE's Doxygen guidelines are available online.