QGIS API Documentation  2.18.21-Las Palmas (9fba24a)
Public Types | Static Public Member Functions | List of all members
QgsAuthCertUtils Class Reference

Utilities for working with certificates and keys. More...

#include <qgsauthcertutils.h>

Public Types

enum  CaCertSource { SystemRoot = 0, FromFile = 1, InDatabase = 2, Connection = 3 }
 Type of CA certificate source. More...
 
enum  CertTrustPolicy { DefaultTrust = 0, Trusted = 1, Untrusted = 2, NoPolicy = 3 }
 Type of certificate trust policy. More...
 
enum  CertUsageType {
  UndeterminedUsage = 0, AnyOrUnspecifiedUsage, CertAuthorityUsage, CertIssuerUsage,
  TlsServerUsage, TlsServerEvUsage, TlsClientUsage, CodeSigningUsage,
  EmailProtectionUsage, TimeStampingUsage, CRLSigningUsage
}
 Type of certificate usage. More...
 
enum  ConstraintGroup { KeyUsage = 0, ExtendedKeyUsage = 1 }
 Type of certificate key group. More...
 

Static Public Member Functions

static QSslCertificate certFromFile (const QString &certpath)
 Return first cert from a PEM or DER formatted file. More...
 
static bool certificateIsAuthority (const QSslCertificate &cert)
 Get whether a certificate is an Authority. More...
 
static bool certificateIsAuthorityOrIssuer (const QSslCertificate &cert)
 Get whether a certificate is an Authority or can at least sign other certificates. More...
 
static bool certificateIsIssuer (const QSslCertificate &cert)
 Get whether a certificate can sign other certificates. More...
 
static bool certificateIsSslClient (const QSslCertificate &cert)
 Get whether a certificate is probably used for a client identity. More...
 
static bool certificateIsSslServer (const QSslCertificate &cert)
 Get whether a certificate is probably used for a SSL server. More...
 
static QList< QgsAuthCertUtils::CertUsageTypecertificateUsageTypes (const QSslCertificate &cert)
 Try to determine the certificates usage types. More...
 
static QString certificateUsageTypeString (QgsAuthCertUtils::CertUsageType usagetype)
 Certificate usage type strings per enum. More...
 
static QStringList certKeyBundleToPem (const QString &certpath, const QString &keypath, const QString &keypass=QString(), bool reencrypt=true)
 Return list of certificate, private key and algorithm (as PEM text) from file path components. More...
 
static QList< QSslCertificatecertsFromFile (const QString &certspath)
 Return list of concatenated certs from a PEM or DER formatted file. More...
 
static QList< QSslCertificatecertsFromString (const QString &pemtext)
 Return list of concatenated certs from a PEM Base64 text block. More...
 
static QMap< QString, QList< QSslCertificate > > certsGroupedByOrg (const QList< QSslCertificate > &certs)
 Map certificates to their oraganization. More...
 
static QString getCaSourceName (QgsAuthCertUtils::CaCertSource source, bool single=false)
 Get the general name for CA source enum type. More...
 
static QString getCertDistinguishedName (const QSslCertificate &qcert, const QCA::Certificate &acert=QCA::Certificate(), bool issuer=false)
 Get combined distinguished name for certificate. More...
 
static QString getCertTrustName (QgsAuthCertUtils::CertTrustPolicy trust)
 Get the general name for certificate trust. More...
 
static QString getColonDelimited (const QString &txt)
 Get string with colon delimeters every 2 characters. More...
 
static QString getSslProtocolName (QSsl::SslProtocol protocol)
 SSL Protocol name strings per enum. More...
 
static QSslKey keyFromFile (const QString &keypath, const QString &keypass=QString(), QString *algtype=nullptr)
 Return non-encrypted key from a PEM or DER formatted file. More...
 
static QMap< QString, QSslCertificatemapDigestToCerts (const QList< QSslCertificate > &certs)
 Map certificate sha1 to certificate as simple cache. More...
 
static QMap< QString, QgsAuthConfigSslServermapDigestToSslConfigs (const QList< QgsAuthConfigSslServer > &configs)
 Map SSL custom configs' certificate sha1 to custom config as simple cache. More...
 
static QString pemTextToTempFile (const QString &name, const QByteArray &pemtext)
 Write a temporary file for a PEM text of cert/key/CAs bundle component. More...
 
static QStringList pkcs12BundleToPem (const QString &bundlepath, const QString &bundlepass=QString(), bool reencrypt=true)
 Return list of certificate, private key and algorithm (as PEM text) for a PKCS#12 bundle. More...
 
static QCA::KeyBundle qcaKeyBundle (const QString &path, const QString &pass)
 PKI key/cert bundle from file path, e.g. More...
 
static QString qcaKnownConstraint (QCA::ConstraintTypeKnown constraint)
 Certificate well-known constraint strings per enum. More...
 
static QString qcaSignatureAlgorithm (QCA::SignatureAlgorithm algorithm)
 Certificate signature algorithm strings per enum. More...
 
static QString qcaValidityMessage (QCA::Validity validity)
 Certificate validity check messages per enum. More...
 
static QCA::CertificateCollection qtCertsToQcaCollection (const QList< QSslCertificate > &certs)
 Convert a QList of QSslCertificate to a QCA::CertificateCollection. More...
 
static QCA::Certificate qtCertToQcaCert (const QSslCertificate &cert)
 Convert a QSslCertificate to a QCA::Certificate. More...
 
static QString resolvedCertName (const QSslCertificate &cert, bool issuer=false)
 Get the general name via RFC 5280 resolution. More...
 
static QString shaHexForCert (const QSslCertificate &cert, bool formatted=false)
 Get the sha1 hash for certificate. More...
 
static QMap< QString, QList< QgsAuthConfigSslServer > > sslConfigsGroupedByOrg (const QList< QgsAuthConfigSslServer > &configs)
 Map SSL custom configs' certificates to their oraganization. More...
 
static QString sslErrorEnumString (QSslError::SslError errenum)
 Get short strings describing an SSL error. More...
 
static QList< QPair< QSslError::SslError, QString > > sslErrorEnumStrings ()
 Get short strings describing SSL errors. More...
 

Detailed Description

Utilities for working with certificates and keys.

Definition at line 43 of file qgsauthcertutils.h.

Member Enumeration Documentation

◆ CaCertSource

Type of CA certificate source.

Enumerator
SystemRoot 
FromFile 
InDatabase 
Connection 

Definition at line 47 of file qgsauthcertutils.h.

◆ CertTrustPolicy

Type of certificate trust policy.

Enumerator
DefaultTrust 
Trusted 
Untrusted 
NoPolicy 

Definition at line 56 of file qgsauthcertutils.h.

◆ CertUsageType

Type of certificate usage.

Enumerator
UndeterminedUsage 
AnyOrUnspecifiedUsage 
CertAuthorityUsage 
CertIssuerUsage 
TlsServerUsage 
TlsServerEvUsage 
TlsClientUsage 
CodeSigningUsage 
EmailProtectionUsage 
TimeStampingUsage 
CRLSigningUsage 

Definition at line 65 of file qgsauthcertutils.h.

◆ ConstraintGroup

Type of certificate key group.

Enumerator
KeyUsage 
ExtendedKeyUsage 

Definition at line 81 of file qgsauthcertutils.h.

Member Function Documentation

◆ certFromFile()

QSslCertificate QgsAuthCertUtils::certFromFile ( const QString certpath)
static

Return first cert from a PEM or DER formatted file.

Definition at line 130 of file qgsauthcertutils.cpp.

◆ certificateIsAuthority()

bool QgsAuthCertUtils::certificateIsAuthority ( const QSslCertificate cert)
static

Get whether a certificate is an Authority.

Definition at line 681 of file qgsauthcertutils.cpp.

◆ certificateIsAuthorityOrIssuer()

bool QgsAuthCertUtils::certificateIsAuthorityOrIssuer ( const QSslCertificate cert)
static

Get whether a certificate is an Authority or can at least sign other certificates.

Definition at line 691 of file qgsauthcertutils.cpp.

◆ certificateIsIssuer()

bool QgsAuthCertUtils::certificateIsIssuer ( const QSslCertificate cert)
static

Get whether a certificate can sign other certificates.

Definition at line 686 of file qgsauthcertutils.cpp.

◆ certificateIsSslClient()

bool QgsAuthCertUtils::certificateIsSslClient ( const QSslCertificate cert)
static

Get whether a certificate is probably used for a client identity.

Definition at line 818 of file qgsauthcertutils.cpp.

◆ certificateIsSslServer()

bool QgsAuthCertUtils::certificateIsSslServer ( const QSslCertificate cert)
static

Get whether a certificate is probably used for a SSL server.

Definition at line 697 of file qgsauthcertutils.cpp.

◆ certificateUsageTypes()

QList< QgsAuthCertUtils::CertUsageType > QgsAuthCertUtils::certificateUsageTypes ( const QSslCertificate cert)
static

Try to determine the certificates usage types.

Definition at line 606 of file qgsauthcertutils.cpp.

◆ certificateUsageTypeString()

QString QgsAuthCertUtils::certificateUsageTypeString ( QgsAuthCertUtils::CertUsageType  usagetype)
static

Certificate usage type strings per enum.

Note
not available in Python bindings

Definition at line 576 of file qgsauthcertutils.cpp.

◆ certKeyBundleToPem()

QStringList QgsAuthCertUtils::certKeyBundleToPem ( const QString certpath,
const QString keypath,
const QString keypass = QString(),
bool  reencrypt = true 
)
static

Return list of certificate, private key and algorithm (as PEM text) from file path components.

Parameters
certpathFile path to certificate
keypathFile path to private key
keypassPassphrase for private key
reencryptWhether to re-encrypt the private key with the passphrase
Returns
certificate, private key, key's algorithm type

Definition at line 193 of file qgsauthcertutils.cpp.

◆ certsFromFile()

QList< QSslCertificate > QgsAuthCertUtils::certsFromFile ( const QString certspath)
static

Return list of concatenated certs from a PEM or DER formatted file.

Definition at line 118 of file qgsauthcertutils.cpp.

◆ certsFromString()

QList< QSslCertificate > QgsAuthCertUtils::certsFromString ( const QString pemtext)
static

Return list of concatenated certs from a PEM Base64 text block.

Definition at line 182 of file qgsauthcertutils.cpp.

◆ certsGroupedByOrg()

QMap< QString, QList< QSslCertificate > > QgsAuthCertUtils::certsGroupedByOrg ( const QList< QSslCertificate > &  certs)
static

Map certificates to their oraganization.

Note
not available in Python bindings

Definition at line 60 of file qgsauthcertutils.cpp.

◆ getCaSourceName()

QString QgsAuthCertUtils::getCaSourceName ( QgsAuthCertUtils::CaCertSource  source,
bool  single = false 
)
static

Get the general name for CA source enum type.

Parameters
sourceThe enum source type for the CA
singleWhether to return singular or plural description

Definition at line 280 of file qgsauthcertutils.cpp.

◆ getCertDistinguishedName()

QString QgsAuthCertUtils::getCertDistinguishedName ( const QSslCertificate qcert,
const QCA::Certificate &  acert = QCA::Certificate(),
bool  issuer = false 
)
static

Get combined distinguished name for certificate.

Parameters
qcertQt SSL cert object
acertQCA SSL cert object to add more info to the output
issuerWhether to return cert's subject or issuer combined name
Note
not available in Python bindings

Definition at line 335 of file qgsauthcertutils.cpp.

◆ getCertTrustName()

QString QgsAuthCertUtils::getCertTrustName ( QgsAuthCertUtils::CertTrustPolicy  trust)
static

Get the general name for certificate trust.

Definition at line 385 of file qgsauthcertutils.cpp.

◆ getColonDelimited()

QString QgsAuthCertUtils::getColonDelimited ( const QString txt)
static

Get string with colon delimeters every 2 characters.

Definition at line 400 of file qgsauthcertutils.cpp.

◆ getSslProtocolName()

QString QgsAuthCertUtils::getSslProtocolName ( QSsl::SslProtocol  protocol)
static

SSL Protocol name strings per enum.

Definition at line 29 of file qgsauthcertutils.cpp.

◆ keyFromFile()

QSslKey QgsAuthCertUtils::keyFromFile ( const QString keypath,
const QString keypass = QString(),
QString algtype = nullptr 
)
static

Return non-encrypted key from a PEM or DER formatted file.

Parameters
keypathFile path to private key
keypassPassphrase for private key
algtypeQString to set with resolved algorithm type

Definition at line 145 of file qgsauthcertutils.cpp.

◆ mapDigestToCerts()

QMap< QString, QSslCertificate > QgsAuthCertUtils::mapDigestToCerts ( const QList< QSslCertificate > &  certs)
static

Map certificate sha1 to certificate as simple cache.

Definition at line 50 of file qgsauthcertutils.cpp.

◆ mapDigestToSslConfigs()

QMap< QString, QgsAuthConfigSslServer > QgsAuthCertUtils::mapDigestToSslConfigs ( const QList< QgsAuthConfigSslServer > &  configs)
static

Map SSL custom configs' certificate sha1 to custom config as simple cache.

Definition at line 74 of file qgsauthcertutils.cpp.

◆ pemTextToTempFile()

QString QgsAuthCertUtils::pemTextToTempFile ( const QString name,
const QByteArray pemtext 
)
static

Write a temporary file for a PEM text of cert/key/CAs bundle component.

Parameters
pemtextComponent content as PEM text
nameName of file
Returns
File path to temporary file

Definition at line 251 of file qgsauthcertutils.cpp.

◆ pkcs12BundleToPem()

QStringList QgsAuthCertUtils::pkcs12BundleToPem ( const QString bundlepath,
const QString bundlepass = QString(),
bool  reencrypt = true 
)
static

Return list of certificate, private key and algorithm (as PEM text) for a PKCS#12 bundle.

Parameters
bundlepathFile path to the PKCS bundle
bundlepassPassphrase for bundle
reencryptWhether to re-encrypt the private key with the passphrase
Returns
certificate, private key, key's algorithm type

Definition at line 218 of file qgsauthcertutils.cpp.

◆ qcaKeyBundle()

QCA::KeyBundle QgsAuthCertUtils::qcaKeyBundle ( const QString path,
const QString pass 
)
static

PKI key/cert bundle from file path, e.g.

from .p12 or pfx files.

Note
not available in Python bindings

Definition at line 455 of file qgsauthcertutils.cpp.

◆ qcaKnownConstraint()

QString QgsAuthCertUtils::qcaKnownConstraint ( QCA::ConstraintTypeKnown  constraint)
static

Certificate well-known constraint strings per enum.

Note
not available in Python bindings

Definition at line 531 of file qgsauthcertutils.cpp.

◆ qcaSignatureAlgorithm()

QString QgsAuthCertUtils::qcaSignatureAlgorithm ( QCA::SignatureAlgorithm  algorithm)
static

Certificate signature algorithm strings per enum.

Note
not available in Python bindings

Definition at line 500 of file qgsauthcertutils.cpp.

◆ qcaValidityMessage()

QString QgsAuthCertUtils::qcaValidityMessage ( QCA::Validity  validity)
static

Certificate validity check messages per enum.

Note
not available in Python bindings

Definition at line 467 of file qgsauthcertutils.cpp.

◆ qtCertsToQcaCollection()

QCA::CertificateCollection QgsAuthCertUtils::qtCertsToQcaCollection ( const QList< QSslCertificate > &  certs)
static

Convert a QList of QSslCertificate to a QCA::CertificateCollection.

Note
not available in Python bindings

Definition at line 438 of file qgsauthcertutils.cpp.

◆ qtCertToQcaCert()

QCA::Certificate QgsAuthCertUtils::qtCertToQcaCert ( const QSslCertificate cert)
static

Convert a QSslCertificate to a QCA::Certificate.

Note
not available in Python bindings

Definition at line 423 of file qgsauthcertutils.cpp.

◆ resolvedCertName()

QString QgsAuthCertUtils::resolvedCertName ( const QSslCertificate cert,
bool  issuer = false 
)
static

Get the general name via RFC 5280 resolution.

Definition at line 297 of file qgsauthcertutils.cpp.

◆ shaHexForCert()

QString QgsAuthCertUtils::shaHexForCert ( const QSslCertificate cert,
bool  formatted = false 
)
static

Get the sha1 hash for certificate.

Parameters
certQt SSL certificate to generate hash from
formattedWhether to colon-delimit the hash

Definition at line 413 of file qgsauthcertutils.cpp.

◆ sslConfigsGroupedByOrg()

QMap< QString, QList< QgsAuthConfigSslServer > > QgsAuthCertUtils::sslConfigsGroupedByOrg ( const QList< QgsAuthConfigSslServer > &  configs)
static

Map SSL custom configs' certificates to their oraganization.

Note
not available in Python bindings

Definition at line 84 of file qgsauthcertutils.cpp.

◆ sslErrorEnumString()

QString QgsAuthCertUtils::sslErrorEnumString ( QSslError::SslError  errenum)
static

Get short strings describing an SSL error.

Definition at line 823 of file qgsauthcertutils.cpp.

◆ sslErrorEnumStrings()

QList< QPair< QSslError::SslError, QString > > QgsAuthCertUtils::sslErrorEnumStrings ( )
static

Get short strings describing SSL errors.

Note
not available in Python bindings

Definition at line 884 of file qgsauthcertutils.cpp.


The documentation for this class was generated from the following files: