• Skip to content
  • Skip to link menu
  • KDE API Reference
  • kdelibs-4.14.38 API Reference
  • KDE Home
  • Contact Us
 

KIO

  • kio
  • kssl
ksslcertificate.h
Go to the documentation of this file.
1/* This file is part of the KDE project
2 *
3 * Copyright (C) 2000-2003 George Staikos <staikos@kde.org>
4 * 2008 Richard Hartmann <richih-kde@net.in.tum.de>
5 *
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Library General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
10 *
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Library General Public License for more details.
15 *
16 * You should have received a copy of the GNU Library General Public License
17 * along with this library; see the file COPYING.LIB. If not, write to
18 * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
19 * Boston, MA 02110-1301, USA.
20 */
21
22#ifndef _KSSLCERTIFICATE_H
23#define _KSSLCERTIFICATE_H
24
25
26// UPDATE: I like the structure of this class less and less every time I look
27// at it. I think it needs to change.
28//
29//
30// The biggest reason for making everything protected here is so that
31// the class can have all its methods available even if openssl is not
32// available. Also, to create a new certificate you should use the
33// KSSLCertificateFactory, and to manage the user's database of certificates,
34// you should go through the KSSLCertificateHome.
35//
36// There should be no reason to touch the X509 stuff directly.
37//
38
39class QByteArray;
40class QString;
41class QStringList;
42class KSSL;
43class KSSLCertificatePrivate;
44class QDateTime;
45class KSSLCertChain;
46class KSSLX509V3;
47
48#include <kio/kio_export.h>
49#include <ksslconfig.h>
50
51#include <QtCore/QList>
52
53#ifdef KSSL_HAVE_SSL
54typedef struct x509_st X509;
55#else
56#if !defined(QT_NO_OPENSSL)
57#include <QtNetwork/QSslCertificate>
58#else
59class X509;
60#endif
61#endif
62
74class KIO_EXPORT KSSLCertificate
75{
76 friend class KSSL;
77 friend class KSSLCertificateHome;
78 friend class KSSLCertificateFactory;
79 friend class KSSLCertificateCache;
80 friend class KSSLCertChain;
81 friend class KSSLPeerInfo;
82 friend class KSSLD;
83 friend class KSMIMECryptoPrivate;
84
85
86 public:
90 ~KSSLCertificate();
91
97 static KSSLCertificate *fromString(const QByteArray &cert);
98
106 static KSSLCertificate *fromX509(X509 *x5);
107
108 // TODO for KDE5
109 // The enum values list below have to be kept for backwards comapability
110 // They should be deleted when KDE5 comes around the corner. I am writing
111 // this on 20080202 ;)
112 // Rejected, Revoked, Untrusted, SelfSignedChain, SignatureFailed, Expired
119 enum KSSLValidation { Unknown, Ok, NoCARoot, InvalidPurpose,
120 PathLengthExceeded, InvalidCA, Expired,
121 SelfSigned, ErrorReadingRoot, NoSSL,
122 Revoked, Untrusted, SignatureFailed,
123 Rejected, PrivateKeyFailed, InvalidHost,
124 Irrelevant, SelfSignedChain,
125 GetIssuerCertFailed, DecodeIssuerPublicKeyFailed,
126 GetIssuerCertLocallyFailed,
127 CertificateNotYetValid, CertificateHasExpired,
128 CRLNotYetValid, CRLHasExpired,
129 CertificateFieldNotBeforeErroneous,
130 CertificateFieldNotAfterErroneous,
131 CRLFieldLastUpdateErroneous,
132 CRLFieldNextUpdateErroneous,
133 CertificateRevoked,
134 CertificateUntrusted, VerifyLeafSignatureFailed,
135 CertificateSignatureFailed, CRLSignatureFailed,
136 DecryptCertificateSignatureFailed,
137 DecryptCRLSignatureFailed, CertificateRejected,
138 SelfSignedInChain, ApplicationVerificationFailed,
139 AuthAndSubjectKeyIDAndNameMismatched,
140 AuthAndSubjectKeyIDMismatched, OutOfMemory,
141 GetCRLFailed, CertificateChainTooLong,
142 KeyMayNotSignCertificate,
143 IssuerSubjectMismatched
144 };
145
146 enum KSSLPurpose { None=0, SSLServer=1, SSLClient=2,
147 SMIMESign=3, SMIMEEncrypt=4, Any=5 };
148
149 typedef QList<KSSLValidation> KSSLValidationList;
150
155 QString toString();
156
161 QString getSubject() const;
162
167 QString getIssuer() const;
168
173 QString getNotBefore() const;
174
179 QString getNotAfter() const;
180
185 QDateTime getQDTNotBefore() const;
186
191 QDateTime getQDTNotAfter() const;
192
197 QByteArray toDer();
198
203 QByteArray toPem();
204
209 QByteArray toNetscape();
210
215 QString toText();
216
221 QString getSerialNumber() const;
222
227 QString getKeyType() const;
228
233 QString getPublicKeyText() const;
234
240 QString getMD5DigestText() const;
241
246 QString getMD5Digest() const;
247
252 QString getSignatureText() const;
253
258 bool isValid();
259
265 bool isValid(KSSLPurpose p);
266
271 QStringList subjAltNames() const;
272
277 KSSLValidation validate();
278
284 KSSLValidation validate(KSSLPurpose p);
285
291 KSSLValidationList validateVerbose(KSSLPurpose p);
292
300 KSSLValidationList validateVerbose(KSSLPurpose p, KSSLCertificate *ca);
301
306 KSSLValidation revalidate();
307
313 KSSLValidation revalidate(KSSLPurpose p);
314
319 KSSLCertChain& chain();
320
326 static QString verifyText(KSSLValidation x);
327
332 KSSLCertificate *replicate();
333
338 KSSLCertificate(const KSSLCertificate& x); // copy constructor
339
345 bool setCert(const QString& cert);
346
352 KSSLX509V3& x509V3Extensions();
353
358 bool isSigner();
359
363 void getEmails(QStringList& to) const;
364
370 QString getKDEKey() const;
371
375 static QString getMD5DigestFromKDEKey(const QString& k);
376
377 private:
378 KIO_EXPORT friend int operator!=(KSSLCertificate& x, KSSLCertificate& y);
379 KIO_EXPORT friend int operator==(KSSLCertificate& x, KSSLCertificate& y);
380
381 KSSLCertificatePrivate *d;
382 int purposeToOpenSSL(KSSLPurpose p) const;
383
384 protected:
385 KSSLCertificate();
386
387 void setCert(X509 *c);
388 void setChain(void *c);
389 X509 *getCert();
390 KSSLValidation processError(int ec);
391};
392
393KIO_EXPORT QDataStream& operator<<(QDataStream& s, const KSSLCertificate& r);
394KIO_EXPORT QDataStream& operator>>(QDataStream& s, KSSLCertificate& r);
395
396KIO_EXPORT int operator==(KSSLCertificate& x, KSSLCertificate& y);
397KIO_EXPORT inline int operator!=(KSSLCertificate& x, KSSLCertificate& y)
398{ return !(x == y); }
399
400#endif
401
KSSLCertChain
KDE Certificate Chain Representation Class.
Definition: ksslcertchain.h:43
KSSLCertificateFactory
Definition: ksslcertificatefactory.h:32
KSSLCertificateHome
Definition: ksslcertificatehome.h:31
KSSLCertificate
KDE X.509 Certificate.
Definition: ksslcertificate.h:75
KSSLCertificate::KSSLValidation
KSSLValidation
Result of the validate() call.
Definition: ksslcertificate.h:119
KSSLCertificate::CertificateUntrusted
@ CertificateUntrusted
Definition: ksslcertificate.h:134
KSSLCertificate::Revoked
@ Revoked
Definition: ksslcertificate.h:122
KSSLCertificate::KeyMayNotSignCertificate
@ KeyMayNotSignCertificate
Definition: ksslcertificate.h:142
KSSLCertificate::CertificateFieldNotAfterErroneous
@ CertificateFieldNotAfterErroneous
Definition: ksslcertificate.h:130
KSSLCertificate::CRLFieldLastUpdateErroneous
@ CRLFieldLastUpdateErroneous
Definition: ksslcertificate.h:131
KSSLCertificate::CertificateRevoked
@ CertificateRevoked
Definition: ksslcertificate.h:133
KSSLCertificate::CRLFieldNextUpdateErroneous
@ CRLFieldNextUpdateErroneous
Definition: ksslcertificate.h:132
KSSLCertificate::CertificateChainTooLong
@ CertificateChainTooLong
Definition: ksslcertificate.h:141
KSSLCertificate::InvalidHost
@ InvalidHost
Definition: ksslcertificate.h:123
KSSLCertificate::CertificateFieldNotBeforeErroneous
@ CertificateFieldNotBeforeErroneous
Definition: ksslcertificate.h:129
KSSLCertificate::CRLHasExpired
@ CRLHasExpired
Definition: ksslcertificate.h:128
KSSLCertificate::DecryptCertificateSignatureFailed
@ DecryptCertificateSignatureFailed
Definition: ksslcertificate.h:136
KSSLCertificate::Expired
@ Expired
Definition: ksslcertificate.h:120
KSSLCertificate::GetIssuerCertLocallyFailed
@ GetIssuerCertLocallyFailed
Definition: ksslcertificate.h:126
KSSLCertificate::DecodeIssuerPublicKeyFailed
@ DecodeIssuerPublicKeyFailed
Definition: ksslcertificate.h:125
KSSLCertificate::CertificateSignatureFailed
@ CertificateSignatureFailed
Definition: ksslcertificate.h:135
KSSLCertificate::AuthAndSubjectKeyIDMismatched
@ AuthAndSubjectKeyIDMismatched
Definition: ksslcertificate.h:140
KSSLCertificate::InvalidPurpose
@ InvalidPurpose
Definition: ksslcertificate.h:119
KSSLCertificate::ErrorReadingRoot
@ ErrorReadingRoot
Definition: ksslcertificate.h:121
KSSLCertificate::AuthAndSubjectKeyIDAndNameMismatched
@ AuthAndSubjectKeyIDAndNameMismatched
Definition: ksslcertificate.h:139
KSSLCertificate::CertificateRejected
@ CertificateRejected
Definition: ksslcertificate.h:137
KSSLCertificate::ApplicationVerificationFailed
@ ApplicationVerificationFailed
Definition: ksslcertificate.h:138
KSSLCertificate::Irrelevant
@ Irrelevant
Definition: ksslcertificate.h:124
KSSLCertificate::CertificateHasExpired
@ CertificateHasExpired
Definition: ksslcertificate.h:127
KSSLCertificate::KSSLValidationList
QList< KSSLValidation > KSSLValidationList
Definition: ksslcertificate.h:149
KSSLCertificate::KSSLPurpose
KSSLPurpose
Definition: ksslcertificate.h:146
KSSLD
KSSLPeerInfo
KDE SSL Peer Data.
Definition: ksslpeerinfo.h:41
KSSLX509V3
KDE X509v3 Flag Class.
Definition: ksslx509v3.h:37
KSSL
KDE SSL Wrapper Class.
Definition: kssl.h:39
QList
operator==
bool operator==(const KEntry &k1, const KEntry &k2)
operator!=
bool operator!=(const KEntry &k1, const KEntry &k2)
kio_export.h
operator>>
QDataStream & operator>>(QDataStream &s, KSSLCertificate &r)
Definition: ksslcertificate.cpp:1344
operator<<
QDataStream & operator<<(QDataStream &s, const KSSLCertificate &r)
Definition: ksslcertificate.cpp:1329
operator==
int operator==(KSSLCertificate &x, KSSLCertificate &y)
Definition: ksslcertificate.cpp:1026
operator!=
int operator!=(KSSLCertificate &x, KSSLCertificate &y)
Definition: ksslcertificate.h:397
Unknown
Unknown
Ok
Ok
None
None
This file is part of the KDE documentation.
Documentation copyright © 1996-2023 The KDE developers.
Generated on Mon Feb 20 2023 00:00:00 by doxygen 1.9.6 written by Dimitri van Heesch, © 1997-2006

KDE's Doxygen guidelines are available online.

KIO

Skip menu "KIO"
  • Main Page
  • Namespace List
  • Namespace Members
  • Alphabetical List
  • Class List
  • Class Hierarchy
  • Class Members
  • File List
  • File Members
  • Related Pages

kdelibs-4.14.38 API Reference

Skip menu "kdelibs-4.14.38 API Reference"
  • DNSSD
  • Interfaces
  •   KHexEdit
  •   KMediaPlayer
  •   KSpeech
  •   KTextEditor
  • kconf_update
  • KDE3Support
  •   KUnitTest
  • KDECore
  • KDED
  • KDEsu
  • KDEUI
  • KDEWebKit
  • KDocTools
  • KFile
  • KHTML
  • KImgIO
  • KInit
  • kio
  • KIOSlave
  • KJS
  •   KJS-API
  •   WTF
  • kjsembed
  • KNewStuff
  • KParts
  • KPty
  • Kross
  • KUnitConversion
  • KUtils
  • Nepomuk
  • Plasma
  • Solid
  • Sonnet
  • ThreadWeaver
Report problems with this website to our bug tracking system.
Contact the specific authors with questions and comments about the page contents.

KDE® and the K Desktop Environment® logo are registered trademarks of KDE e.V. | Legal