QCA

qca_cert.h
Go to the documentation of this file.
1 /*
2  * qca_cert.h - Qt Cryptographic Architecture
3  * Copyright (C) 2003-2007 Justin Karneges <[email protected]>
4  * Copyright (C) 2004-2006 Brad Hards <[email protected]>
5  *
6  * This library is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU Lesser General Public
8  * License as published by the Free Software Foundation; either
9  * version 2.1 of the License, or (at your option) any later version.
10  *
11  * This library is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14  * Lesser General Public License for more details.
15  *
16  * You should have received a copy of the GNU Lesser General Public
17  * License along with this library; if not, write to the Free Software
18  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
19  * 02110-1301 USA
20  *
21  */
22 
33 #ifndef QCA_CERT_H
34 #define QCA_CERT_H
35 
36 #include "qca_core.h"
37 #include "qca_publickey.h"
38 #include <QDateTime>
39 
40 namespace QCA {
41 
42 class CertContext;
43 class CSRContext;
44 class CRLContext;
45 class Certificate;
46 class CRL;
47 class CertificateCollection;
48 class CertificateChain;
49 
54 {
57 };
58 
65 {
77  URI,
78  DNS,
81 };
82 
119 class QCA_EXPORT CertificateInfoType
120 {
121 public:
125  enum Section
126  {
127  DN,
128  AlternativeName
129  };
130 
135 
145 
154  CertificateInfoType(const QString &id, Section section);
155 
162 
164 
170  CertificateInfoType &operator=(const CertificateInfoType &from);
171 
175  Section section() const;
176 
184  CertificateInfoTypeKnown known() const;
185 
204  QString id() const;
205 
212  bool operator<(const CertificateInfoType &other) const;
213 
220  bool operator==(const CertificateInfoType &other) const;
221 
228  inline bool operator!=(const CertificateInfoType &other) const
229  {
230  return !(*this == other);
231  }
232 
233 private:
234  class Private;
236 };
237 
245 class QCA_EXPORT CertificateInfoPair
246 {
247 public:
252 
259  CertificateInfoPair(const CertificateInfoType &type, const QString &value);
260 
267 
269 
275  CertificateInfoPair &operator=(const CertificateInfoPair &from);
276 
280  CertificateInfoType type() const;
281 
285  QString value() const;
286 
293  bool operator==(const CertificateInfoPair &other) const;
294 
301  inline bool operator!=(const CertificateInfoPair &other) const
302  {
303  return !(*this == other);
304  }
305 
306 private:
307  class Private;
309 };
310 
317 {
318  // KeyUsage
328 
329  // ExtKeyUsage
331  ClientAuth,
333  CodeSigning,
339  IPSecTunnel,
341  IPSecUser,
343  TimeStamping,
345  OCSPSigning
347 };
349 
363 class QCA_EXPORT ConstraintType
364 {
365 public:
369  enum Section
370  {
372  ExtendedKeyUsage
373  };
374 
378  ConstraintType();
379 
389 
398  ConstraintType(const QString &id, Section section);
399 
405  ConstraintType(const ConstraintType &from);
406 
407  ~ConstraintType();
408 
414  ConstraintType &operator=(const ConstraintType &from);
415 
419  Section section() const;
420 
428  ConstraintTypeKnown known() const;
429 
448  QString id() const;
449 
455  bool operator<(const ConstraintType &other) const;
456 
462  bool operator==(const ConstraintType &other) const;
463 
469  inline bool operator!=(const ConstraintType &other) const
470  {
471  return !(*this == other);
472  }
473 
474 private:
475  class Private;
477 };
478 
483 {
484  UsageAny = 0x00,
485  UsageTLSServer = 0x01,
486  UsageTLSClient = 0x02,
491 };
492 
497 {
511 };
512 
517 {
518  ValidateAll = 0x00, // Verify all conditions
519  ValidateRevoked = 0x01, // Verify the certificate was not revoked
520  ValidateExpired = 0x02, // Verify the certificate has not expired
521  ValidatePolicy = 0x04 // Verify the certificate can be used for a specified purpose
522 };
523 
536 
547 class CertificateInfoOrdered : public QList<CertificateInfoPair>
548 {
549 public:
553  inline QString toString() const;
554 
559  inline CertificateInfoOrdered dnOnly() const;
560 };
561 
567 QCA_EXPORT QString orderedToDNString(const CertificateInfoOrdered &in);
568 
576 
578 {
579  return orderedToDNString(*this);
580 }
581 
583 {
584  return orderedDNOnly(*this);
585 }
586 
591 
598 QCA_EXPORT QStringList makeFriendlyNames(const QList<Certificate> &list);
599 
609 class QCA_EXPORT CertificateOptions
610 {
611 public:
618 
626 
632  CertificateOptions &operator=(const CertificateOptions &from);
633 
637  CertificateRequestFormat format() const;
638 
644  void setFormat(CertificateRequestFormat f);
645 
651  bool isValid() const;
652 
660  QString challenge() const;
661 
667  CertificateInfo info() const;
668 
675  CertificateInfoOrdered infoOrdered() const;
676 
680  Constraints constraints() const;
681 
685  QStringList policies() const;
686 
694  QStringList crlLocations() const;
695 
703  QStringList issuerLocations() const;
704 
710  QStringList ocspLocations() const;
711 
718  bool isCA() const;
719 
723  int pathLimit() const;
724 
730  BigInteger serialNumber() const;
731 
737  QDateTime notValidBefore() const;
738 
744  QDateTime notValidAfter() const;
745 
754  void setChallenge(const QString &s);
755 
764  void setInfo(const CertificateInfo &info);
765 
774  void setInfoOrdered(const CertificateInfoOrdered &info);
775 
781  void setConstraints(const Constraints &constraints);
782 
788  void setPolicies(const QStringList &policies);
789 
797  void setCRLLocations(const QStringList &locations);
798 
806  void setIssuerLocations(const QStringList &locations);
807 
813  void setOCSPLocations(const QStringList &locations);
814 
820  void setAsCA(int pathLimit = 8); // value from Botan
821 
825  void setAsUser();
826 
832  void setSerialNumber(const BigInteger &i);
833 
840  void setValidityPeriod(const QDateTime &start, const QDateTime &end);
841 
842 private:
843  class Private;
844  Private *d;
845 };
846 
856 class QCA_EXPORT Certificate : public Algorithm
857 {
858 public:
862  Certificate();
863 
870  Certificate(const QString &fileName);
871 
881  Certificate(const CertificateOptions &opts, const PrivateKey &key, const QString &provider = QString());
882 
888  Certificate(const Certificate &from);
889 
890  ~Certificate() override;
891 
897  Certificate &operator=(const Certificate &from);
898 
903  bool isNull() const;
904 
908  QDateTime notValidBefore() const;
909 
913  QDateTime notValidAfter() const;
914 
932  CertificateInfo subjectInfo() const;
933 
953  CertificateInfoOrdered subjectInfoOrdered() const;
954 
960  CertificateInfo issuerInfo() const;
961 
974  CertificateInfoOrdered issuerInfoOrdered() const;
975 
979  Constraints constraints() const;
980 
986  QStringList policies() const;
987 
993  QStringList crlLocations() const;
994 
1000  QStringList issuerLocations() const;
1001 
1005  QStringList ocspLocations() const;
1006 
1013  QString commonName() const;
1014 
1018  BigInteger serialNumber() const;
1019 
1023  PublicKey subjectPublicKey() const;
1024 
1030  bool isCA() const;
1031 
1037  bool isSelfSigned() const;
1038 
1047  bool isIssuerOf(const Certificate &other) const;
1048 
1053  int pathLimit() const;
1054 
1058  SignatureAlgorithm signatureAlgorithm() const;
1059 
1063  QByteArray subjectKeyId() const;
1064 
1068  QByteArray issuerKeyId() const;
1069 
1081  Validity validate(const CertificateCollection &trusted,
1082  const CertificateCollection &untrusted,
1083  UsageMode u = UsageAny,
1084  ValidateFlags vf = ValidateAll) const;
1085 
1089  QByteArray toDER() const;
1090 
1094  QString toPEM() const;
1095 
1101  bool toPEMFile(const QString &fileName) const;
1102 
1115  static Certificate
1116  fromDER(const QByteArray &a, ConvertResult *result = nullptr, const QString &provider = QString());
1117 
1130  static Certificate fromPEM(const QString &s, ConvertResult *result = nullptr, const QString &provider = QString());
1131 
1145  static Certificate
1146  fromPEMFile(const QString &fileName, ConvertResult *result = nullptr, const QString &provider = QString());
1147 
1160  bool matchesHostName(const QString &host) const;
1161 
1169  bool operator==(const Certificate &a) const;
1170 
1176  inline bool operator!=(const Certificate &other) const
1177  {
1178  return !(*this == other);
1179  }
1180 
1186  void change(CertContext *c);
1187 
1188 private:
1189  class Private;
1190  friend class Private;
1192 
1193  friend class CertificateChain;
1194  Validity chain_validate(const CertificateChain & chain,
1195  const CertificateCollection &trusted,
1196  const QList<CRL> & untrusted_crls,
1197  UsageMode u,
1198  ValidateFlags vf) const;
1200  chain_complete(const CertificateChain &chain, const QList<Certificate> &issuers, Validity *result) const;
1201 };
1202 
1225 class CertificateChain : public QList<Certificate>
1226 {
1227 public:
1232  {
1233  }
1234 
1241  inline CertificateChain(const Certificate &primary)
1242  {
1243  append(primary);
1244  }
1245 
1249  inline const Certificate &primary() const
1250  {
1251  return first();
1252  }
1253 
1267  inline Validity validate(const CertificateCollection &trusted,
1268  const QList<CRL> & untrusted_crls = QList<CRL>(),
1269  UsageMode u = UsageAny,
1270  ValidateFlags vf = ValidateAll) const;
1271 
1295  inline CertificateChain complete(const QList<Certificate> &issuers = QList<Certificate>(),
1296  Validity * result = nullptr) const;
1297 };
1298 
1300  const QList<CRL> & untrusted_crls,
1301  UsageMode u,
1302  ValidateFlags vf) const
1303 {
1304  if (isEmpty())
1305  return ErrorValidityUnknown;
1306  return first().chain_validate(*this, trusted, untrusted_crls, u, vf);
1307 }
1308 
1310 {
1311  if (isEmpty())
1312  return CertificateChain();
1313  return first().chain_complete(*this, issuers, result);
1314 }
1315 
1325 class QCA_EXPORT CertificateRequest : public Algorithm
1326 {
1327 public:
1332 
1339  CertificateRequest(const QString &fileName);
1340 
1350  CertificateRequest(const CertificateOptions &opts, const PrivateKey &key, const QString &provider = QString());
1351 
1358 
1359  ~CertificateRequest() override;
1360 
1366  CertificateRequest &operator=(const CertificateRequest &from);
1367 
1373  bool isNull() const;
1374 
1385  static bool canUseFormat(CertificateRequestFormat f, const QString &provider = QString());
1386 
1390  CertificateRequestFormat format() const;
1391 
1400  CertificateInfo subjectInfo() const;
1401 
1412  CertificateInfoOrdered subjectInfoOrdered() const;
1413 
1419  Constraints constraints() const;
1420 
1426  QStringList policies() const;
1427 
1431  PublicKey subjectPublicKey() const;
1432 
1439  bool isCA() const;
1440 
1446  int pathLimit() const;
1447 
1451  QString challenge() const;
1452 
1457  SignatureAlgorithm signatureAlgorithm() const;
1458 
1466  bool operator==(const CertificateRequest &csr) const;
1467 
1473  inline bool operator!=(const CertificateRequest &other) const
1474  {
1475  return !(*this == other);
1476  }
1477 
1483  QByteArray toDER() const;
1484 
1490  QString toPEM() const;
1491 
1499  bool toPEMFile(const QString &fileName) const;
1500 
1515  static CertificateRequest
1516  fromDER(const QByteArray &a, ConvertResult *result = nullptr, const QString &provider = QString());
1517 
1533  static CertificateRequest
1534  fromPEM(const QString &s, ConvertResult *result = nullptr, const QString &provider = QString());
1535 
1551  static CertificateRequest
1552  fromPEMFile(const QString &fileName, ConvertResult *result = nullptr, const QString &provider = QString());
1553 
1561  QString toString() const;
1562 
1577  static CertificateRequest
1578  fromString(const QString &s, ConvertResult *result = nullptr, const QString &provider = QString());
1579 
1585  void change(CSRContext *c);
1586 
1587 private:
1588  class Private;
1589  friend class Private;
1591 };
1592 
1600 class QCA_EXPORT CRLEntry
1601 {
1602 public:
1606  enum Reason
1607  {
1611  AffiliationChanged,
1613  CessationOfOperation,
1616  PrivilegeWithdrawn,
1617  AACompromise
1618  };
1619 
1623  CRLEntry();
1624 
1631  explicit CRLEntry(const Certificate &c, Reason r = Unspecified);
1632 
1641  CRLEntry(const BigInteger serial, const QDateTime &time, Reason r = Unspecified);
1642 
1648  CRLEntry(const CRLEntry &from);
1649 
1650  ~CRLEntry();
1651 
1657  CRLEntry &operator=(const CRLEntry &from);
1658 
1662  BigInteger serialNumber() const;
1663 
1667  QDateTime time() const;
1668 
1672  bool isNull() const;
1673 
1680  Reason reason() const;
1681 
1689  bool operator<(const CRLEntry &a) const;
1690 
1698  bool operator==(const CRLEntry &a) const;
1699 
1705  inline bool operator!=(const CRLEntry &other) const
1706  {
1707  return !(*this == other);
1708  }
1709 
1710 private:
1711  BigInteger _serial;
1712  QDateTime _time;
1713  Reason _reason;
1714 
1715  class Private;
1716  Private *d;
1717 };
1718 
1739 class QCA_EXPORT CRL : public Algorithm
1740 {
1741 public:
1742  CRL();
1743 
1749  CRL(const CRL &from);
1750 
1751  ~CRL() override;
1752 
1758  CRL &operator=(const CRL &from);
1759 
1765  bool isNull() const;
1766 
1773  CertificateInfo issuerInfo() const;
1774 
1783  CertificateInfoOrdered issuerInfoOrdered() const;
1784 
1791  int number() const;
1792 
1796  QDateTime thisUpdate() const;
1797 
1803  QDateTime nextUpdate() const;
1804 
1808  QList<CRLEntry> revoked() const;
1809 
1813  SignatureAlgorithm signatureAlgorithm() const;
1814 
1818  QByteArray issuerKeyId() const;
1819 
1827  bool operator==(const CRL &a) const;
1828 
1834  inline bool operator!=(const CRL &other) const
1835  {
1836  return !(*this == other);
1837  }
1838 
1844  QByteArray toDER() const;
1845 
1851  QString toPEM() const;
1852 
1859  bool toPEMFile(const QString &fileName) const;
1860 
1872  static CRL fromDER(const QByteArray &a, ConvertResult *result = nullptr, const QString &provider = QString());
1873 
1885  static CRL fromPEM(const QString &s, ConvertResult *result = nullptr, const QString &provider = QString());
1886 
1899  static CRL
1900  fromPEMFile(const QString &fileName, ConvertResult *result = nullptr, const QString &provider = QString());
1901 
1907  void change(CRLContext *c);
1908 
1909 private:
1910  class Private;
1911  friend class Private;
1913 };
1914 
1928 class QCA_EXPORT CertificateCollection
1929 {
1930 public:
1935 
1942 
1944 
1950  CertificateCollection &operator=(const CertificateCollection &from);
1951 
1957  void addCertificate(const Certificate &cert);
1958 
1965  void addCRL(const CRL &crl);
1966 
1970  QList<Certificate> certificates() const;
1971 
1975  QList<CRL> crls() const;
1976 
1982  void append(const CertificateCollection &other);
1983 
1990 
1996  CertificateCollection &operator+=(const CertificateCollection &other);
1997 
2008  static bool canUsePKCS7(const QString &provider = QString());
2009 
2018  bool toFlatTextFile(const QString &fileName);
2019 
2030  bool toPKCS7File(const QString &fileName, const QString &provider = QString());
2031 
2045  static CertificateCollection
2046  fromFlatTextFile(const QString &fileName, ConvertResult *result = nullptr, const QString &provider = QString());
2047 
2061  static CertificateCollection
2062  fromPKCS7File(const QString &fileName, ConvertResult *result = nullptr, const QString &provider = QString());
2063 
2064 private:
2065  class Private;
2067 };
2068 
2077 class QCA_EXPORT CertificateAuthority : public Algorithm
2078 {
2079 public:
2088  CertificateAuthority(const Certificate &cert, const PrivateKey &key, const QString &provider);
2089 
2096 
2097  ~CertificateAuthority() override;
2098 
2104  CertificateAuthority &operator=(const CertificateAuthority &from);
2105 
2112  Certificate certificate() const;
2113 
2121  Certificate signRequest(const CertificateRequest &req, const QDateTime &notValidAfter) const;
2122 
2129  Certificate createCertificate(const PublicKey &key, const CertificateOptions &opts) const;
2130 
2138  CRL createCRL(const QDateTime &nextUpdate) const;
2139 
2149  CRL updateCRL(const CRL &crl, const QList<CRLEntry> &entries, const QDateTime &nextUpdate) const;
2150 
2151 private:
2152  class Private;
2153  Private *d;
2154 };
2155 
2175 class QCA_EXPORT KeyBundle
2176 {
2177 public:
2181  KeyBundle();
2182 
2200  explicit KeyBundle(const QString &fileName, const SecureArray &passphrase = SecureArray());
2201 
2207  KeyBundle(const KeyBundle &from);
2208 
2209  ~KeyBundle();
2210 
2216  KeyBundle &operator=(const KeyBundle &from);
2217 
2221  bool isNull() const;
2222 
2232  QString name() const;
2233 
2239  CertificateChain certificateChain() const;
2240 
2246  PrivateKey privateKey() const;
2247 
2253  void setName(const QString &s);
2254 
2264  void setCertificateChainAndKey(const CertificateChain &c, const PrivateKey &key);
2265 
2289  QByteArray toArray(const SecureArray &passphrase, const QString &provider = QString()) const;
2290 
2315  bool toFile(const QString &fileName, const SecureArray &passphrase, const QString &provider = QString()) const;
2316 
2347  static KeyBundle fromArray(const QByteArray & a,
2348  const SecureArray &passphrase = SecureArray(),
2349  ConvertResult * result = nullptr,
2350  const QString & provider = QString());
2351 
2382  static KeyBundle fromFile(const QString & fileName,
2383  const SecureArray &passphrase = SecureArray(),
2384  ConvertResult * result = nullptr,
2385  const QString & provider = QString());
2386 
2387 private:
2388  class Private;
2390 };
2391 
2406 class QCA_EXPORT PGPKey : public Algorithm
2407 {
2408 public:
2412  PGPKey();
2413 
2423  PGPKey(const QString &fileName);
2424 
2430  PGPKey(const PGPKey &from);
2431 
2432  ~PGPKey() override;
2433 
2439  PGPKey &operator=(const PGPKey &from);
2440 
2446  bool isNull() const;
2447 
2451  QString keyId() const;
2452 
2456  QString primaryUserId() const;
2457 
2461  QStringList userIds() const;
2462 
2468  bool isSecret() const;
2469 
2473  QDateTime creationDate() const;
2474 
2478  QDateTime expirationDate() const;
2479 
2486  QString fingerprint() const;
2487 
2496  bool inKeyring() const;
2497 
2503  bool isTrusted() const;
2504 
2514  QByteArray toArray() const;
2515 
2524  QString toString() const;
2525 
2531  bool toFile(const QString &fileName) const;
2532 
2542  static PGPKey fromArray(const QByteArray &a, ConvertResult *result = nullptr, const QString &provider = QString());
2543 
2553  static PGPKey fromString(const QString &s, ConvertResult *result = nullptr, const QString &provider = QString());
2554 
2565  static PGPKey
2566  fromFile(const QString &fileName, ConvertResult *result = nullptr, const QString &provider = QString());
2567 
2568 private:
2569  class Private;
2570  Private *d;
2571 };
2572 
2612 class QCA_EXPORT KeyLoader : public QObject
2613 {
2614  Q_OBJECT
2615 public:
2621  KeyLoader(QObject *parent = nullptr);
2622  ~KeyLoader() override;
2623 
2633  void loadPrivateKeyFromPEMFile(const QString &fileName);
2634 
2643  void loadPrivateKeyFromPEM(const QString &s);
2644 
2653  void loadPrivateKeyFromDER(const SecureArray &a);
2654 
2663  void loadKeyBundleFromFile(const QString &fileName);
2664 
2672  void loadKeyBundleFromArray(const QByteArray &a);
2673 
2679  ConvertResult convertResult() const;
2680 
2690  PrivateKey privateKey() const;
2691 
2700  KeyBundle keyBundle() const;
2701 
2702 Q_SIGNALS:
2710  void finished();
2711 
2712 private:
2713  Q_DISABLE_COPY(KeyLoader)
2714 
2715  class Private;
2716  friend class Private;
2717  Private *d;
2718 };
2719 
2720 }
2721 
2722 #endif
ConvertResult
Return value from a format conversion.
bool operator!=(const CertificateInfoType &other) const
Inequality operator.
Definition: qca_cert.h:228
X.509 certificate request provider.
Definition: qcaprovider.h:1428
CertificateChain complete(const QList< Certificate > &issuers=QList< Certificate >(), Validity *result=nullptr) const
Complete a certificate chain for the primary certificate, using the rest of the certificates in the c...
Definition: qca_cert.h:1309
PKCS#9 Email field, id = "1.2.840.113549.1.9.1".
Definition: qca_cert.h:68
ConstraintTypeKnown
Known types of certificate constraints.
Definition: qca_cert.h:316
X.509 certificate provider.
Definition: qcaprovider.h:1324
CertificateInfoOrdered dnOnly() const
Return a new CertificateInfoOrdered that only contains the Distinguished Name (DN) types found in thi...
Definition: qca_cert.h:582
QMultiMap< CertificateInfoType, QString > CertificateInfo
Certificate properties type.
Definition: qca_cert.h:535
General superclass for an algorithm.
Definition: qca_core.h:1163
Certificate can be used to sign code, id = "1.3.6.1.5.5.7.3.3".
Definition: qca_cert.h:334
The root CA rejected the certificate purpose.
Definition: qca_cert.h:499
certificate revocation list signing certificate
Definition: qca_cert.h:490
QCA_EXPORT QString orderedToDNString(const CertificateInfoOrdered &in)
Convert to RFC 1779 string format.
Certificate can be used to create digital signatures, id = "KeyUsage.digitalSignature" ...
Definition: qca_cert.h:319
Certificate can be used for server authentication (e.g.
Definition: qca_cert.h:330
Section
Section of the certificate that the information belongs in.
Definition: qca_cert.h:125
const Certificate & primary() const
Return the primary (end-user) Certificate.
Definition: qca_cert.h:1249
Generic private key.
Certificate can be used to sign / encrypt email, id = "1.3.6.1.5.5.7.3.4".
Definition: qca_cert.h:336
email (S/MIME) certificate
Definition: qca_cert.h:488
bool operator!=(const Certificate &other) const
Inequality operator.
Definition: qca_cert.h:1176
code signing certificate
Definition: qca_cert.h:487
X.509 certificate revocation list provider.
Definition: qcaprovider.h:1512
Certificate chain and private key pair.
Definition: qca_cert.h:2175
The certificate is self-signed, and is not found in the list of trusted certificates.
Definition: qca_cert.h:504
ValidateFlags
The conditions to validate for a certificate.
Definition: qca_cert.h:516
A Certificate Authority is used to generate Certificates and Certificate Revocation Lists (CRLs)...
Definition: qca_cert.h:2077
Validity
The validity (or otherwise) of a certificate.
Definition: qca_cert.h:496
An organisation (eg company), id = "2.5.4.10".
Definition: qca_cert.h:69
Certificate can be used to create a "time stamp" signature, id = "1.3.6.1.5.5.7.3.8".
Definition: qca_cert.h:344
Certificate can be used to sign Certificate Revocation Lists, id = "KeyUsage.crlSign" ...
Definition: qca_cert.h:325
Uniform Resource Identifier, id = "GeneralName.uniformResourceIdentifier".
Definition: qca_cert.h:77
CertificateInfoTypeKnown
Known types of information stored in certificates.
Definition: qca_cert.h:64
Certificate can be used for client authentication (e.g.
Definition: qca_cert.h:332
Distinguished name (the primary name)
Definition: qca_cert.h:127
Header file for PublicKey and PrivateKey related classes.
bool operator!=(const CRLEntry &other) const
Inequality operator.
Definition: qca_cert.h:1705
Certificate can be used for non-repudiation, id = "KeyUsage.nonRepudiation"
Definition: qca_cert.h:320
bool operator!=(const CRL &other) const
Inequality operator.
Definition: qca_cert.h:1834
XMPP address (see http://www.ietf.org/rfc/rfc3920.txt), id = "1.3.6.1.5.5.7.8.5". ...
Definition: qca_cert.h:80
QCA_EXPORT CertificateInfoOrdered orderedDNOnly(const CertificateInfoOrdered &in)
Return a new CertificateInfoOrdered that only contains the Distinguished Name (DN) types found in the...
The certificate has been revoked.
Definition: qca_cert.h:505
Certificate can be used to authenticate a user in IPSEC, id = "1.3.6.1.5.5.7.3.7".
Definition: qca_cert.h:342
Stored in the key usage section.
Definition: qca_cert.h:371
client side of a TLS or SSL connection
Definition: qca_cert.h:486
Certificate can only be used for encryption, id = "KeyUsage.encipherOnly"
Definition: qca_cert.h:326
Validity is unknown.
Definition: qca_cert.h:510
The locality (eg city, a shire, or part of a state), id = "2.5.4.7".
Definition: qca_cert.h:71
The certificate is not trusted.
Definition: qca_cert.h:500
Certificate Revocation List
Definition: qca_cert.h:1739
The signature does not match.
Definition: qca_cert.h:501
Certificate Request
Definition: qca_cert.h:1325
Certificate can only be used for decryption, id = "KeyUsage.decipherOnly"
Definition: qca_cert.h:327
Certificate can be used for encrypting / decrypting keys, id = "KeyUsage.keyEncipherment" ...
Definition: qca_cert.h:321
Section
Section of the certificate that the constraint belongs in.
Definition: qca_cert.h:369
Signed Public Key and Challenge (Netscape) format.
Definition: qca_cert.h:56
Header file for core QCA infrastructure.
SignatureAlgorithm
Signature algorithm variants.
Definition: qca_publickey.h:73
Certificate can be used for key agreement, id = "KeyUsage.keyAgreement"
Definition: qca_cert.h:323
Certificate information type.
Definition: qca_cert.h:119
bool operator!=(const CertificateInfoPair &other) const
Inequality operator.
Definition: qca_cert.h:301
Ordered certificate properties type.
Definition: qca_cert.h:547
QString toString() const
Convert to RFC 1779 string format.
Definition: qca_cert.h:577
standard PKCS#10 format
Definition: qca_cert.h:55
Asynchronous private key loader.
Definition: qca_cert.h:2612
QCA - the Qt Cryptographic Architecture.
Definition: qca_basic.h:41
CertificateChain()
Create an empty certificate chain.
Definition: qca_cert.h:1231
The locality of incorporation (EV certificates), id = "1.3.6.1.4.1.311.60.2.1.1". ...
Definition: qca_cert.h:72
The path length from the root CA to this certificate is too long.
Definition: qca_cert.h:506
The certificate has expired, or is not yet valid (e.g.
Definition: qca_cert.h:507
The Certificate Authority has expired.
Definition: qca_cert.h:509
certificate has been superseded
Definition: qca_cert.h:1612
The purpose does not match the intended usage.
Definition: qca_cert.h:503
Certificate constraint.
Definition: qca_cert.h:363
The country of incorporation (EV certificates), id = "1.3.6.1.4.1.311.60.2.1.3".
Definition: qca_cert.h:76
Email address, id = "GeneralName.rfc822Name".
Definition: qca_cert.h:67
QCA_EXPORT QStringList makeFriendlyNames(const QList< Certificate > &list)
Create a list of unique friendly names among a list of certificates.
Secure array of bytes.
Definition: qca_tools.h:316
Certificate can be used for encrypting / decrypting data, id = "KeyUsage.dataEncipherment" ...
Definition: qca_cert.h:322
certificate was previously in a CRL, but is now valid
Definition: qca_cert.h:1615
CertificateRequestFormat
Certificate Request Format.
Definition: qca_cert.h:53
QList< ConstraintType > Constraints
Certificate constraints type
Definition: qca_cert.h:590
An part of an organisation (eg a division or branch), id = "2.5.4.11".
Definition: qca_cert.h:70
bool operator!=(const ConstraintType &other) const
Inequality operator.
Definition: qca_cert.h:469
Certificate options
Definition: qca_cert.h:609
certificate is on hold
Definition: qca_cert.h:1614
IP address, id = "GeneralName.iPAddress".
Definition: qca_cert.h:79
Certificate can be used for key certificate signing, id = "KeyUsage.keyCertSign"
Definition: qca_cert.h:324
A chain of related Certificates.
Definition: qca_cert.h:1225
private key has been compromised
Definition: qca_cert.h:1609
One entry in a certificate information list.
Definition: qca_cert.h:245
certificate authority has been compromised
Definition: qca_cert.h:1610
The common name (eg person), id = "2.5.4.3".
Definition: qca_cert.h:66
The certificate is valid.
Definition: qca_cert.h:498
QCA_EXPORT const SecureArray operator+(const SecureArray &a, const SecureArray &b)
Returns an array that is the result of concatenating a and b.
Reason
The reason why the certificate has been revoked.
Definition: qca_cert.h:1606
Public Key (X.509) certificate.
Definition: qca_cert.h:856
time stamping certificate
Definition: qca_cert.h:489
The state of incorporation (EV certificates), id = "1.3.6.1.4.1.311.60.2.1.2".
Definition: qca_cert.h:74
Certificate can be used to sign an Online Certificate Status Protocol (OCSP) assertion, id = "1.3.6.1.5.5.7.3.9".
Definition: qca_cert.h:346
Any application, or unspecified.
Definition: qca_cert.h:484
Part of a CRL representing a single certificate.
Definition: qca_cert.h:1600
UsageMode
Specify the intended usage of a certificate.
Definition: qca_cert.h:482
Arbitrary precision integer.
Definition: qca_tools.h:570
Certificate can be used to authenticate a tunnel in IPSEC, id = "1.3.6.1.5.5.7.3.6".
Definition: qca_cert.h:340
CertificateChain(const Certificate &primary)
Create a certificate chain, starting at the specified certificate.
Definition: qca_cert.h:1241
Pretty Good Privacy key.
Definition: qca_cert.h:2406
The state within the country, id = "2.5.4.8".
Definition: qca_cert.h:73
Bundle of Certificates and CRLs.
Definition: qca_cert.h:1928
Generic public key.
Certificate can be used to authenticate a endpoint in IPSEC, id = "1.3.6.1.5.5.7.3.5".
Definition: qca_cert.h:338
server side of a TLS or SSL connection
Definition: qca_cert.h:485
Validity validate(const CertificateCollection &trusted, const QList< CRL > &untrusted_crls=QList< CRL >(), UsageMode u=UsageAny, ValidateFlags vf=ValidateAll) const
Check the validity of a certificate chain.
Definition: qca_cert.h:1299
DNS name, id = "GeneralName.dNSName".
Definition: qca_cert.h:78
The country, id = "2.5.4.6".
Definition: qca_cert.h:75
The Certificate Authority is invalid.
Definition: qca_cert.h:502
bool operator!=(const CertificateRequest &other) const
Inequality operator.
Definition: qca_cert.h:1473
reason is unknown
Definition: qca_cert.h:1608
This file is part of the KDE documentation.
Documentation copyright © 1996-2020 The KDE developers.
Generated on Sat Sep 19 2020 23:03:20 by doxygen 1.8.11 written by Dimitri van Heesch, © 1997-2006

KDE's Doxygen guidelines are available online.