QCA
qca_cert.h
Go to the documentation of this file.
57};
72 IncorporationLocality, ///< The locality of incorporation (EV certificates), id = "1.3.6.1.4.1.311.60.2.1.1"
74 IncorporationState, ///< The state of incorporation (EV certificates), id = "1.3.6.1.4.1.311.60.2.1.2"
76 IncorporationCountry, ///< The country of incorporation (EV certificates), id = "1.3.6.1.4.1.311.60.2.1.3"
81};
129 };
319 DigitalSignature, ///< %Certificate can be used to create digital signatures, id = "KeyUsage.digitalSignature"
320 NonRepudiation, ///< %Certificate can be used for non-repudiation, id = "KeyUsage.nonRepudiation"
321 KeyEncipherment, ///< %Certificate can be used for encrypting / decrypting keys, id = "KeyUsage.keyEncipherment"
322 DataEncipherment, ///< %Certificate can be used for encrypting / decrypting data, id = "KeyUsage.dataEncipherment"
324 KeyCertificateSign, ///< %Certificate can be used for key certificate signing, id = "KeyUsage.keyCertSign"
325 CRLSign, ///< %Certificate can be used to sign %Certificate Revocation Lists, id = "KeyUsage.crlSign"
330 ServerAuth, ///< %Certificate can be used for server authentication (e.g. web server), id = "1.3.6.1.5.5.7.3.1".
332 ClientAuth, ///< %Certificate can be used for client authentication (e.g. web browser), id = "1.3.6.1.5.5.7.3.2".
334 CodeSigning, ///< %Certificate can be used to sign code, id = "1.3.6.1.5.5.7.3.3". This is an extended usage
336 EmailProtection, ///< %Certificate can be used to sign / encrypt email, id = "1.3.6.1.5.5.7.3.4". This is an
338 IPSecEndSystem, ///< %Certificate can be used to authenticate a endpoint in IPSEC, id = "1.3.6.1.5.5.7.3.5". This is
340 IPSecTunnel, ///< %Certificate can be used to authenticate a tunnel in IPSEC, id = "1.3.6.1.5.5.7.3.6". This is an
342 IPSecUser, ///< %Certificate can be used to authenticate a user in IPSEC, id = "1.3.6.1.5.5.7.3.7". This is an
344 TimeStamping, ///< %Certificate can be used to create a "time stamp" signature, id = "1.3.6.1.5.5.7.3.8". This is an
346 OCSPSigning ///< %Certificate can be used to sign an Online %Certificate Status Protocol (OCSP) assertion, id =
348};
373 };
491};
504 ErrorSelfSigned, ///< The certificate is self-signed, and is not found in the list of trusted certificates
507 ErrorExpired, ///< The certificate has expired, or is not yet valid (e.g. current time is earlier than notBefore
511};
881 Certificate(const CertificateOptions &opts, const PrivateKey &key, const QString &provider = QString());
1116 fromDER(const QByteArray &a, ConvertResult *result = nullptr, const QString &provider = QString());
1130 static Certificate fromPEM(const QString &s, ConvertResult *result = nullptr, const QString &provider = QString());
1146 fromPEMFile(const QString &fileName, ConvertResult *result = nullptr, const QString &provider = QString());
1200 chain_complete(const CertificateChain &chain, const QList<Certificate> &issuers, Validity *result) const;
1309inline CertificateChain CertificateChain::complete(const QList<Certificate> &issuers, Validity *result) const
1350 CertificateRequest(const CertificateOptions &opts, const PrivateKey &key, const QString &provider = QString());
1516 fromDER(const QByteArray &a, ConvertResult *result = nullptr, const QString &provider = QString());
1534 fromPEM(const QString &s, ConvertResult *result = nullptr, const QString &provider = QString());
1552 fromPEMFile(const QString &fileName, ConvertResult *result = nullptr, const QString &provider = QString());
1578 fromString(const QString &s, ConvertResult *result = nullptr, const QString &provider = QString());
1618 };
1872 static CRL fromDER(const QByteArray &a, ConvertResult *result = nullptr, const QString &provider = QString());
1885 static CRL fromPEM(const QString &s, ConvertResult *result = nullptr, const QString &provider = QString());
1900 fromPEMFile(const QString &fileName, ConvertResult *result = nullptr, const QString &provider = QString());
2046 fromFlatTextFile(const QString &fileName, ConvertResult *result = nullptr, const QString &provider = QString());
2062 fromPKCS7File(const QString &fileName, ConvertResult *result = nullptr, const QString &provider = QString());
2171 href="ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-12/pkcs-12v1.pdf">ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-12/pkcs-12v1.pdf</a>.
2542 static PGPKey fromArray(const QByteArray &a, ConvertResult *result = nullptr, const QString &provider = QString());
2553 static PGPKey fromString(const QString &s, ConvertResult *result = nullptr, const QString &provider = QString());
BigInteger serialNumber() const
The serial number of the certificate that is the subject of this CRL entry.
bool operator<(const CRLEntry &a) const
Test if one CRL entry is "less than" another.
bool operator==(const CRLEntry &a) const
Test for equality of two CRL Entries.
CRLEntry(const BigInteger serial, const QDateTime &time, Reason r=Unspecified)
create a CRL entry
static CRL fromPEMFile(const QString &fileName, ConvertResult *result=nullptr, const QString &provider=QString())
Import a PEM encoded Certificate Revocation List (CRL) from a file.
void change(CRLContext *c)
static CRL fromPEM(const QString &s, ConvertResult *result=nullptr, const QString &provider=QString())
Import a PEM encoded Certificate Revocation List (CRL)
bool toPEMFile(const QString &fileName) const
Export the Certificate Revocation List (CRL) into PEM format in a file.
SignatureAlgorithm signatureAlgorithm() const
The signature algorithm used for the signature on this CRL.
bool operator==(const CRL &a) const
Test for equality of two Certificate Revocation Lists.
CertificateInfoOrdered issuerInfoOrdered() const
Information on the issuer of the CRL as an ordered list (QList of CertificateInfoPair).
CertificateInfo issuerInfo() const
Information on the issuer of the CRL as a QMultiMap.
static CRL fromDER(const QByteArray &a, ConvertResult *result=nullptr, const QString &provider=QString())
Import a DER encoded Certificate Revocation List (CRL)
A Certificate Authority is used to generate Certificates and Certificate Revocation Lists (CRLs).
Definition qca_cert.h:2078
CRL createCRL(const QDateTime &nextUpdate) const
Create a new Certificate Revocation List (CRL)
Certificate createCertificate(const PublicKey &key, const CertificateOptions &opts) const
Create a new Certificate.
CRL updateCRL(const CRL &crl, const QList< CRLEntry > &entries, const QDateTime &nextUpdate) const
Update the CRL to include new entries.
CertificateAuthority(const Certificate &cert, const PrivateKey &key, const QString &provider)
Create a new Certificate Authority.
CertificateAuthority(const CertificateAuthority &from)
Copy constructor.
Certificate signRequest(const CertificateRequest &req, const QDateTime ¬ValidAfter) const
Create a new Certificate by signing the provider CertificateRequest.
Certificate certificate() const
The Certificate belonging to the CertificateAuthority.
CertificateAuthority & operator=(const CertificateAuthority &from)
Standard assignment operator.
CertificateChain(const Certificate &primary)
Create a certificate chain, starting at the specified certificate.
Definition qca_cert.h:1241
const Certificate & primary() const
Return the primary (end-user) Certificate.
Definition qca_cert.h:1249
Validity validate(const CertificateCollection &trusted, const QList< CRL > &untrusted_crls=QList< CRL >(), UsageMode u=UsageAny, ValidateFlags vf=ValidateAll) const
Check the validity of a certificate chain.
Definition qca_cert.h:1299
CertificateChain complete(const QList< Certificate > &issuers=QList< Certificate >(), Validity *result=nullptr) const
Complete a certificate chain for the primary certificate, using the rest of the certificates in the c...
Definition qca_cert.h:1309
bool toPKCS7File(const QString &fileName, const QString &provider=QString())
export the CertificateCollection to a PKCS#7 file
CertificateCollection & operator+=(const CertificateCollection &other)
Add another CertificateCollection to this collection.
QList< Certificate > certificates() const
The Certificates in this collection.
static CertificateCollection fromFlatTextFile(const QString &fileName, ConvertResult *result=nullptr, const QString &provider=QString())
import a CertificateCollection from a text file
CertificateCollection()
Create an empty Certificate / CRL collection.
CertificateCollection & operator=(const CertificateCollection &from)
Standard assignment operator.
void append(const CertificateCollection &other)
Add another CertificateCollection to this collection.
static bool canUsePKCS7(const QString &provider=QString())
test if the CertificateCollection can be imported and exported to PKCS#7 format
CertificateCollection(const CertificateCollection &from)
Standard copy constructor.
CertificateCollection operator+(const CertificateCollection &other) const
Add another CertificateCollection to this collection.
static CertificateCollection fromPKCS7File(const QString &fileName, ConvertResult *result=nullptr, const QString &provider=QString())
import a CertificateCollection from a PKCS#7 file
bool toFlatTextFile(const QString &fileName)
export the CertificateCollection to a plain text file
void addCertificate(const Certificate &cert)
Append a Certificate to this collection.
CertificateInfoOrdered dnOnly() const
Return a new CertificateInfoOrdered that only contains the Distinguished Name (DN) types found in thi...
Definition qca_cert.h:582
CertificateInfoPair(const CertificateInfoPair &from)
Standard copy constructor.
bool operator!=(const CertificateInfoPair &other) const
Inequality operator.
Definition qca_cert.h:301
CertificateInfoPair(const CertificateInfoType &type, const QString &value)
Construct a new pair.
QString value() const
The value of the information stored in the pair.
CertificateInfoPair & operator=(const CertificateInfoPair &from)
Standard assignment operator.
bool operator==(const CertificateInfoPair &other) const
Comparison operator.
CertificateInfoType type() const
The type of information stored in the pair.
bool operator<(const CertificateInfoType &other) const
Comparison operator.
CertificateInfoType & operator=(const CertificateInfoType &from)
Standard assignment operator.
bool operator==(const CertificateInfoType &other) const
Comparison operator.
CertificateInfoTypeKnown known() const
The type as part of the CertificateInfoTypeKnown enumerator.
CertificateInfoType(CertificateInfoTypeKnown known)
Construct a new type.
bool operator!=(const CertificateInfoType &other) const
Inequality operator.
Definition qca_cert.h:228
CertificateInfoType(const QString &id, Section section)
Construct a new type.
CertificateInfoType(const CertificateInfoType &from)
Standard copy constructor.
BigInteger serialNumber() const
The serial number for the certificate.
CertificateOptions & operator=(const CertificateOptions &from)
Standard assignment operator.
QDateTime notValidBefore() const
the first time the certificate will be valid
void setInfo(const CertificateInfo &info)
Specify information for the subject associated with the certificate.
void setPolicies(const QStringList &policies)
set the policies on the certificate
CertificateInfoOrdered infoOrdered() const
Information on the subject of the certificate, in the exact order the items will be written.
void setCRLLocations(const QStringList &locations)
set the CRL locations of the certificate
QStringList crlLocations() const
list of URI locations for CRL files
void setOCSPLocations(const QStringList &locations)
set the OCSP service locations of the certificate
void setInfoOrdered(const CertificateInfoOrdered &info)
Specify information for the subject associated with the certificate.
void setChallenge(const QString &s)
Specify the challenge associated with this certificate.
void setIssuerLocations(const QStringList &locations)
set the issuer certificate locations of the certificate
CertificateOptions(const CertificateOptions &from)
Standard copy constructor.
void setValidityPeriod(const QDateTime &start, const QDateTime &end)
Set the validity period for the certificate.
QDateTime notValidAfter() const
the last time the certificate is valid
void setConstraints(const Constraints &constraints)
set the constraints on the certificate
void setFormat(CertificateRequestFormat f)
Specify the format for this certificate.
CertificateRequestFormat format() const
test the format type for this certificate
CertificateInfo info() const
Information on the subject of the certificate.
void setSerialNumber(const BigInteger &i)
Set the serial number property on this certificate.
void setAsUser()
set the certificate to be a user cert (this is the default)
QStringList issuerLocations() const
list of URI locations for issuer certificate files
Constraints constraints() const
List the constraints on this certificate.
bool isValid() const
Test if the certificate options object is valid.
QStringList ocspLocations() const
list of URI locations for OCSP services
CertificateOptions(CertificateRequestFormat format=PKCS10)
Create a Certificate options set.
static CertificateRequest fromPEM(const QString &s, ConvertResult *result=nullptr, const QString &provider=QString())
Import the certificate request from PEM format.
QStringList policies() const
The policies that apply to this certificate request.
CertificateRequest(const CertificateRequest &from)
Standard copy constructor.
CertificateRequest & operator=(const CertificateRequest &from)
Standard assignment operator.
bool operator==(const CertificateRequest &csr) const
Test for equality of two certificate requests.
QByteArray toDER() const
Export the Certificate Request into a DER format.
static bool canUseFormat(CertificateRequestFormat f, const QString &provider=QString())
Test if the certificate request can use a specified format.
bool toPEMFile(const QString &fileName) const
Export the Certificate into PEM format in a file.
static CertificateRequest fromDER(const QByteArray &a, ConvertResult *result=nullptr, const QString &provider=QString())
Import the certificate request from DER.
bool operator!=(const CertificateRequest &other) const
Inequality operator.
Definition qca_cert.h:1473
QString challenge() const
The challenge associated with this certificate request.
CertificateInfoOrdered subjectInfoOrdered() const
Information on the subject of the certificate being requested, as an ordered list (QList of Certifica...
CertificateRequest(const CertificateOptions &opts, const PrivateKey &key, const QString &provider=QString())
Create a certificate request based on specified options.
QString toPEM() const
Export the Certificate Request into a PEM format.
bool isCA() const
Test if this Certificate Request is for a Certificate Authority certificate.
CertificateRequest(const QString &fileName)
Create a certificate request based on the contents of a file.
SignatureAlgorithm signatureAlgorithm() const
The algorithm used to make the signature on this certificate request.
CertificateInfo subjectInfo() const
Information on the subject of the certificate being requested.
int pathLimit() const
The path limit for the certificate in this Certificate Request.
Constraints constraints() const
The constraints that apply to this certificate request.
CertificateRequestFormat format() const
the format that this Certificate request is in
void change(CSRContext *c)
static CertificateRequest fromPEMFile(const QString &fileName, ConvertResult *result=nullptr, const QString &provider=QString())
Import the certificate request from a file.
PublicKey subjectPublicKey() const
The public key belonging to the issuer.
static CertificateRequest fromString(const QString &s, ConvertResult *result=nullptr, const QString &provider=QString())
Import the CertificateRequest from a string.
bool matchesHostName(const QString &host) const
Test if the subject of the certificate matches a specified host name.
SignatureAlgorithm signatureAlgorithm() const
The signature algorithm used for the signature on this certificate.
static Certificate fromPEM(const QString &s, ConvertResult *result=nullptr, const QString &provider=QString())
Import the certificate from PEM format.
Constraints constraints() const
The constraints that apply to this certificate.
QString commonName() const
The common name of the subject of the certificate.
CertificateInfoOrdered subjectInfoOrdered() const
Properties of the subject of the certificate, as an ordered list (QList of CertificateInfoPair).
Certificate(const CertificateOptions &opts, const PrivateKey &key, const QString &provider=QString())
Create a Certificate with specified options and a specified private key.
Certificate & operator=(const Certificate &from)
Standard assignment operator.
void change(CertContext *c)
static Certificate fromDER(const QByteArray &a, ConvertResult *result=nullptr, const QString &provider=QString())
Import the certificate from DER.
int pathLimit() const
The upper bound of the number of links in the certificate chain, if any.
QDateTime notValidBefore() const
The earliest date that the certificate is valid.
CertificateInfoOrdered issuerInfoOrdered() const
Properties of the issuer of the certificate, as an ordered list (QList of CertificateInfoPair).
PublicKey subjectPublicKey() const
The public key associated with the subject of the certificate.
bool operator==(const Certificate &a) const
Test for equality of two certificates.
QStringList issuerLocations() const
List of URI locations for issuer certificate files.
bool toPEMFile(const QString &fileName) const
Export the Certificate into PEM format in a file.
QByteArray issuerKeyId() const
The key identifier associated with the issuer.
static Certificate fromPEMFile(const QString &fileName, ConvertResult *result=nullptr, const QString &provider=QString())
Import the certificate from a file.
Certificate(const QString &fileName)
Create a Certificate from a PEM encoded file.
QDateTime notValidAfter() const
The latest date that the certificate is valid.
Validity validate(const CertificateCollection &trusted, const CertificateCollection &untrusted, UsageMode u=UsageAny, ValidateFlags vf=ValidateAll) const
Check the validity of a certificate.
QByteArray subjectKeyId() const
The key identifier associated with the subject.
CertificateInfo subjectInfo() const
Properties of the subject of the certificate, as a QMultiMap.
CertificateInfo issuerInfo() const
Properties of the issuer of the certificate.
QStringList ocspLocations() const
List of URI locations for OCSP services.
bool isIssuerOf(const Certificate &other) const
Test if the Certificate has signed another Certificate object and is therefore the issuer.
ConstraintType(const ConstraintType &from)
Standard copy constructor.
ConstraintTypeKnown known() const
The type as part of the ConstraintTypeKnown enumerator.
ConstraintType(const QString &id, Section section)
Construct a new constraint.
bool operator==(const ConstraintType &other) const
Comparison operator.
ConstraintType & operator=(const ConstraintType &from)
Standard assignment operator.
ConstraintType(ConstraintTypeKnown known)
Construct a new constraint.
KeyBundle(const QString &fileName, const SecureArray &passphrase=SecureArray())
Create a KeyBundle from a PKCS12 (.p12) encoded file.
CertificateChain certificateChain() const
The public certificate part of this bundle.
void setCertificateChainAndKey(const CertificateChain &c, const PrivateKey &key)
Set the public certificate and private key.
static KeyBundle fromFile(const QString &fileName, const SecureArray &passphrase=SecureArray(), ConvertResult *result=nullptr, const QString &provider=QString())
Import the key bundle from a file in PKCS12 (.p12) format.
QByteArray toArray(const SecureArray &passphrase, const QString &provider=QString()) const
Export the key bundle to an array in PKCS12 format.
static KeyBundle fromArray(const QByteArray &a, const SecureArray &passphrase=SecureArray(), ConvertResult *result=nullptr, const QString &provider=QString())
Import the key bundle from an array in PKCS12 format.
bool toFile(const QString &fileName, const SecureArray &passphrase, const QString &provider=QString()) const
Export the key bundle to a file in PKCS12 (.p12) format.
void loadKeyBundleFromFile(const QString &fileName)
Initiate an asynchronous loading of a KeyBundle from a file.
void loadPrivateKeyFromDER(const SecureArray &a)
Initiate an asynchronous loading of a PrivateKey from a DER format array.
void loadKeyBundleFromArray(const QByteArray &a)
Initiate an asynchronous loading of a KeyBundle from an array.
void loadPrivateKeyFromPEMFile(const QString &fileName)
Initiate an asynchronous loading of a PrivateKey from a PEM format file.
void loadPrivateKeyFromPEM(const QString &s)
Initiate an asynchronous loading of a PrivateKey from a PEM format string.
static PGPKey fromFile(const QString &fileName, ConvertResult *result=nullptr, const QString &provider=QString())
Import the key from a file.
static PGPKey fromString(const QString &s, ConvertResult *result=nullptr, const QString &provider=QString())
Import the key from a string.
static PGPKey fromArray(const QByteArray &a, ConvertResult *result=nullptr, const QString &provider=QString())
Import the key from an array.
QStringList userIds() const
The list of all user identifications associated with the key.
Q_SCRIPTABLE Q_NOREPLY void start()
@ DataEncipherment
Certificate can be used for encrypting / decrypting data, id = "KeyUsage.dataEncipherment"
Definition qca_cert.h:322
@ IPSecUser
Certificate can be used to authenticate a user in IPSEC, id = "1.3.6.1.5.5.7.3.7".
Definition qca_cert.h:342
@ EmailProtection
Certificate can be used to sign / encrypt email, id = "1.3.6.1.5.5.7.3.4".
Definition qca_cert.h:336
@ CRLSign
Certificate can be used to sign Certificate Revocation Lists, id = "KeyUsage.crlSign"
Definition qca_cert.h:325
@ KeyAgreement
Certificate can be used for key agreement, id = "KeyUsage.keyAgreement"
Definition qca_cert.h:323
@ IPSecEndSystem
Certificate can be used to authenticate a endpoint in IPSEC, id = "1.3.6.1.5.5.7.3....
Definition qca_cert.h:338
@ IPSecTunnel
Certificate can be used to authenticate a tunnel in IPSEC, id = "1.3.6.1.5.5.7.3.6".
Definition qca_cert.h:340
@ KeyEncipherment
Certificate can be used for encrypting / decrypting keys, id = "KeyUsage.keyEncipherment"
Definition qca_cert.h:321
@ TimeStamping
Certificate can be used to create a "time stamp" signature, id = "1.3.6.1.5.5.7.3....
Definition qca_cert.h:344
@ CodeSigning
Certificate can be used to sign code, id = "1.3.6.1.5.5.7.3.3".
Definition qca_cert.h:334
@ EncipherOnly
Certificate can only be used for encryption, id = "KeyUsage.encipherOnly"
Definition qca_cert.h:326
@ OCSPSigning
Certificate can be used to sign an Online Certificate Status Protocol (OCSP) assertion,...
Definition qca_cert.h:346
@ NonRepudiation
Certificate can be used for non-repudiation, id = "KeyUsage.nonRepudiation"
Definition qca_cert.h:320
@ DecipherOnly
Certificate can only be used for decryption, id = "KeyUsage.decipherOnly"
Definition qca_cert.h:327
@ DigitalSignature
Certificate can be used to create digital signatures, id = "KeyUsage.digitalSignature"
Definition qca_cert.h:319
@ KeyCertificateSign
Certificate can be used for key certificate signing, id = "KeyUsage.keyCertSign"
Definition qca_cert.h:324
@ ErrorPathLengthExceeded
The path length from the root CA to this certificate is too long.
Definition qca_cert.h:506
@ ErrorSelfSigned
The certificate is self-signed, and is not found in the list of trusted certificates.
Definition qca_cert.h:504
QCA_EXPORT QString orderedToDNString(const CertificateInfoOrdered &in)
Convert to RFC 1779 string format.
QCA_EXPORT CertificateInfoOrdered orderedDNOnly(const CertificateInfoOrdered &in)
Return a new CertificateInfoOrdered that only contains the Distinguished Name (DN) types found in the...
@ IncorporationCountry
The country of incorporation (EV certificates), id = "1.3.6.1.4.1.311.60.2.1.3".
Definition qca_cert.h:76
@ XMPP
XMPP address (see http://www.ietf.org/rfc/rfc3920.txt), id = "1.3.6.1.5.5.7.8.5".
Definition qca_cert.h:80
@ Locality
The locality (eg city, a shire, or part of a state), id = "2.5.4.7".
Definition qca_cert.h:71
@ IncorporationLocality
The locality of incorporation (EV certificates), id = "1.3.6.1.4.1.311.60.2.1.1".
Definition qca_cert.h:72
@ URI
Uniform Resource Identifier, id = "GeneralName.uniformResourceIdentifier".
Definition qca_cert.h:77
@ IncorporationState
The state of incorporation (EV certificates), id = "1.3.6.1.4.1.311.60.2.1.2".
Definition qca_cert.h:74
@ OrganizationalUnit
An part of an organisation (eg a division or branch), id = "2.5.4.11".
Definition qca_cert.h:70
QCA_EXPORT QStringList makeFriendlyNames(const QList< Certificate > &list)
Create a list of unique friendly names among a list of certificates.
QMultiMap< CertificateInfoType, QString > CertificateInfo
Certificate properties type.
Definition qca_cert.h:535
Header file for core QCA infrastructure.
Header file for PublicKey and PrivateKey related classes.
void append(QList< T > &&value)
T & first()
bool isEmpty() const const
Certificate
This file is part of the KDE documentation.
Documentation copyright © 1996-2024 The KDE developers.
Generated on Fri Nov 29 2024 11:48:56 by doxygen 1.12.0 written by Dimitri van Heesch, © 1997-2006
Documentation copyright © 1996-2024 The KDE developers.
Generated on Fri Nov 29 2024 11:48:56 by doxygen 1.12.0 written by Dimitri van Heesch, © 1997-2006
KDE's Doxygen guidelines are available online.