QGIS API Documentation  2.18.21-Las Palmas (9fba24a)
qgsauthcertutils.h
Go to the documentation of this file.
1 /***************************************************************************
2  qgsauthcertutils.h
3  ---------------------
4  begin : May 1, 2015
5  copyright : (C) 2015 by Boundless Spatial, Inc. USA
6  author : Larry Shaffer
7  email : lshaffer at boundlessgeo dot com
8  ***************************************************************************
9  * *
10  * This program is free software; you can redistribute it and/or modify *
11  * it under the terms of the GNU General Public License as published by *
12  * the Free Software Foundation; either version 2 of the License, or *
13  * (at your option) any later version. *
14  * *
15  ***************************************************************************/
16 
17 
18 #ifndef QGSAUTHCERTUTILS_H
19 #define QGSAUTHCERTUTILS_H
20 
21 #include <QFile>
22 #include <QtCrypto>
23 #include <QSslCertificate>
24 #include <QSslError>
25 
26 #include "qgsauthconfig.h"
27 
28 #if QT_VERSION >= 0x050000
29 #define SSL_ISSUER_INFO( var, prop ) var.issuerInfo( prop ).value(0)
30 #else
31 #define SSL_ISSUER_INFO( var, prop ) var.issuerInfo( prop )
32 #endif
33 
34 #if QT_VERSION >= 0x050000
35 #define SSL_SUBJECT_INFO( var, prop ) var.subjectInfo( prop ).value(0)
36 #else
37 #define SSL_SUBJECT_INFO( var, prop ) var.subjectInfo( prop )
38 #endif
39 
43 class CORE_EXPORT QgsAuthCertUtils
44 {
45  public:
48  {
49  SystemRoot = 0,
50  FromFile = 1,
51  InDatabase = 2,
52  Connection = 3
53  };
54 
57  {
58  DefaultTrust = 0,
59  Trusted = 1,
60  Untrusted = 2,
61  NoPolicy = 3
62  };
63 
66  {
67  UndeterminedUsage = 0,
77  CRLSigningUsage
78  };
79 
82  {
83  KeyUsage = 0,
84  ExtendedKeyUsage = 1
85  };
86 
87 
89  static QString getSslProtocolName( QSsl::SslProtocol protocol );
90 
92  static QMap<QString, QSslCertificate> mapDigestToCerts( const QList<QSslCertificate>& certs );
93 
97  static QMap< QString, QList<QSslCertificate> > certsGroupedByOrg( const QList<QSslCertificate>& certs );
98 
101  static QMap<QString, QgsAuthConfigSslServer> mapDigestToSslConfigs( const QList<QgsAuthConfigSslServer>& configs );
102 
106  static QMap< QString, QList<QgsAuthConfigSslServer> > sslConfigsGroupedByOrg( const QList<QgsAuthConfigSslServer>& configs );
107 
109  static QList<QSslCertificate> certsFromFile( const QString &certspath );
110 
112  static QSslCertificate certFromFile( const QString &certpath );
113 
119  static QSslKey keyFromFile( const QString &keypath,
120  const QString &keypass = QString(),
121  QString *algtype = nullptr );
122 
124  static QList<QSslCertificate> certsFromString( const QString &pemtext );
125 
133  static QStringList certKeyBundleToPem( const QString &certpath,
134  const QString &keypath,
135  const QString &keypass = QString(),
136  bool reencrypt = true );
137 
144  static QStringList pkcs12BundleToPem( const QString &bundlepath,
145  const QString &bundlepass = QString(),
146  bool reencrypt = true );
147 
153  static QString pemTextToTempFile( const QString &name, const QByteArray &pemtext );
154 
159  static QString getCaSourceName( QgsAuthCertUtils::CaCertSource source , bool single = false );
160 
162  static QString resolvedCertName( const QSslCertificate& cert, bool issuer = false );
163 
170  static QString getCertDistinguishedName( const QSslCertificate& qcert,
171  const QCA::Certificate& acert = QCA::Certificate(),
172  bool issuer = false );
173 
175  static QString getCertTrustName( QgsAuthCertUtils::CertTrustPolicy trust );
176 
178  static QString getColonDelimited( const QString& txt );
179 
184  static QString shaHexForCert( const QSslCertificate &cert , bool formatted = false );
185 
189  static QCA::Certificate qtCertToQcaCert( const QSslCertificate& cert );
190 
194  static QCA::CertificateCollection qtCertsToQcaCollection( const QList<QSslCertificate>& certs );
195 
199  static QCA::KeyBundle qcaKeyBundle( const QString &path, const QString &pass );
200 
204  static QString qcaValidityMessage( QCA::Validity validity );
205 
209  static QString qcaSignatureAlgorithm( QCA::SignatureAlgorithm algorithm );
210 
214  static QString qcaKnownConstraint( QCA::ConstraintTypeKnown constraint );
215 
219  static QString certificateUsageTypeString( QgsAuthCertUtils::CertUsageType usagetype );
220 
222  static QList<QgsAuthCertUtils::CertUsageType> certificateUsageTypes( const QSslCertificate& cert );
223 
225  static bool certificateIsAuthority( const QSslCertificate& cert );
226 
228  static bool certificateIsIssuer( const QSslCertificate& cert );
229 
231  static bool certificateIsAuthorityOrIssuer( const QSslCertificate& cert );
232 
234  static bool certificateIsSslServer( const QSslCertificate& cert );
235 
237  static bool certificateIsSslClient( const QSslCertificate& cert );
238 
240  static QString sslErrorEnumString( QSslError::SslError errenum );
241 
245  static QList<QPair<QSslError::SslError, QString> > sslErrorEnumStrings();
246 
247  private:
248  static void appendDirSegment_( QStringList &dirname, const QString &segment, QString value );
249 };
250 
251 #endif // QGSAUTHCERTUTILS_H
ConstraintGroup
Type of certificate key group.
CertUsageType
Type of certificate usage.
Utilities for working with certificates and keys.
CaCertSource
Type of CA certificate source.
CertTrustPolicy
Type of certificate trust policy.