QCA

certtest.cpp

This example shows how QCA::Certificate and QCA::CertificateCollection can be used.

This example shows how QCA::Certificate and QCA::CertificateCollection can be used. Note that the argument, if you provide it, must be a PEM encoded file collection.

/*
Copyright (C) 2003 Justin Karneges <justin@affinix.com>
Copyright (C) 2005 Brad Hards <bradh@frogmouth.net>
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
*/
#include <QtCrypto>
#include <QCoreApplication>
#include <QFile>
#include <iostream>
#ifdef QT_STATICPLUGIN
#include "import_plugins.h"
#endif
// dump out information about some part of the certificate
// we use this same approach for information about the subject
// of the certificate, and also about the issuer of the certificate
static void dumpCertificateInfo(const QCA::CertificateInfo &info)
{
std::cout << " Organization: " << std::endl;
// Note that a single certificate can apply to more than one
// organisation. QCA::Certificate is a multimap, so when you
// ask for the values associated with a parameter, it returns
// a list.
// foreach() interates over each value in the list, and we dump
// out each value. Note that is uncommon for a certificate to
// actually contain multiple values for a single parameter.
QString organization;
foreach (organization, orgInfoList) {
std::cout << " " << qPrintable(organization) << std::endl;
}
std::cout << " Country: " << std::endl;
// As above, however this shows a more compact way to represent
// the iteration and output.
foreach (QString country, info.values(QCA::Country)) { // clazy:exclude=container-anti-pattern
std::cout << " " << qPrintable(country) << std::endl;
}
}
// This is just a convenience routine
static void dumpSubjectInfo(const QCA::CertificateInfo &subject)
{
std::cout << "Subject: " << std::endl;
dumpCertificateInfo(subject);
}
// This is just a convenience routine
static void dumpIssuerInfo(const QCA::CertificateInfo &issuer)
{
std::cout << "Issuer: " << std::endl;
dumpCertificateInfo(issuer);
}
int main(int argc, char **argv)
{
// the Initializer object sets things up, and
// also does cleanup when it goes out of scope
QCoreApplication app(argc, argv);
// We need to ensure that we have certificate handling support
if (!QCA::isSupported("cert")) {
std::cout << "Sorry, no PKI certificate support" << std::endl;
return 1;
}
// We are going to work with a number of certificates, and a
// QList is a great template class for that
// We do two different cases - if we provide an argument, it is taken
// as a filename to read the keys from. If there is no argument, we just
// read from the system store certificates.
if (argc >= 2) {
// we are going to read the certificates in using a single call
// which requires a CertificateCollection.
// The conversion can be tested (although you don't have to) to find out if it
// worked.
QCA::ConvertResult importResult;
// This imports all the PEM encoded certificates from the file specified as the argument
// Note that you pass in a pointer to the result argument.
if (QCA::ConvertGood == importResult) {
std::cout << "Import succeeded" << std::endl;
// this turns the CertificateCollection into a QList of Certificate objects
certlist = filecerts.certificates();
}
} else {
// we have no arguments, so just use the system certificates
std::cout << "System certificates not available" << std::endl;
return 2;
}
// Similar to above, except we just want the system certificates
// this turns the CertificateCollection into a QList of Certificate objects
certlist = systemcerts.certificates();
}
std::cout << "Number of certificates: " << certlist.count() << std::endl;
foreach (cert, certlist) {
std::cout << "Serial Number:";
// the serial number of the certificate is a QCA::BigInteger, but we can
// just convert it to a string, and then output it.
std::cout << qPrintable(cert.serialNumber().toString()) << std::endl;
// The subject information shows properties of who the certificate
// applies to. See the convenience routines above.
dumpSubjectInfo(cert.subjectInfo());
// The issuer information shows properties of who the certificate
// was signed by. See the convenience routines above.
dumpIssuerInfo(cert.issuerInfo());
// Test if the certificate can be used as a certificate authority
if (cert.isCA()) {
std::cout << "Is certificate authority" << std::endl;
} else {
std::cout << "Is not a certificate authority" << std::endl;
}
// Test if the certificate is self-signed.
if (cert.isSelfSigned()) {
std::cout << "Self signed" << std::endl;
} else {
std::cout << "Is not self-signed!!!" << std::endl;
}
// Certificate are only valid between specific dates. We can get the dates
// (as a QDateTime) using a couple of calls
std::cout << "Valid from " << qPrintable(cert.notValidBefore().toString());
std::cout << ", until " << qPrintable(cert.notValidAfter().toString());
std::cout << std::endl;
// You can get the certificate in PEM encoding with a simple toPEM() call
std::cout << "PEM:" << std::endl;
std::cout << qPrintable(cert.toPEM());
std::cout << std::endl << std::endl;
}
return 0;
}
QString toString() const
Convert BigInteger to a QString.
Bundle of Certificates and CRLs.
Definition qca_cert.h:1929
QList< Certificate > certificates() const
The Certificates in this collection.
static CertificateCollection fromFlatTextFile(const QString &fileName, ConvertResult *result=nullptr, const QString &provider=QString())
import a CertificateCollection from a text file
Public Key (X.509) certificate.
Definition qca_cert.h:857
bool isSelfSigned() const
Test if the Certificate is self-signed.
bool isCA() const
Test if the Certificate is valid as a Certificate Authority.
QDateTime notValidBefore() const
The earliest date that the certificate is valid.
QString toPEM() const
Export the Certificate into a PEM format.
BigInteger serialNumber() const
The serial number of the certificate.
QDateTime notValidAfter() const
The latest date that the certificate is valid.
CertificateInfo subjectInfo() const
Properties of the subject of the certificate, as a QMultiMap.
CertificateInfo issuerInfo() const
Properties of the issuer of the certificate.
Convenience method for initialising and cleaning up QCA.
Definition qca_core.h:660
void init(KXmlGuiWindow *window, KGameDifficulty *difficulty=nullptr)
QCA_EXPORT bool haveSystemStore()
Test if QCA can access the root CA certificates.
QCA_EXPORT bool isSupported(const char *features, const QString &provider=QString())
Test if a capability (algorithm) is available.
@ Country
The country, id = "2.5.4.6".
Definition qca_cert.h:75
@ Organization
An organisation (eg company), id = "2.5.4.10".
Definition qca_cert.h:69
ConvertResult
Return value from a format conversion.
@ ConvertGood
Conversion succeeded, results should be valid.
QCA_EXPORT CertificateCollection systemStore()
Get system-wide root Certificate Authority (CA) certificates.
QString toString(QStringView format, QCalendar cal) const const
QString decodeName(const QByteArray &localFileName)
qsizetype count() const const
QList< T > values() const const
This file is part of the KDE documentation.
Documentation copyright © 1996-2024 The KDE developers.
Generated on Fri Nov 29 2024 11:48:56 by doxygen 1.12.0 written by Dimitri van Heesch, © 1997-2006

KDE's Doxygen guidelines are available online.