Utilities for working with certificates and keys. More...

#include <qgsauthcertutils.h>

Public Types
enum	CaCertSource { SystemRoot = 0, FromFile = 1, InDatabase = 2, Connection = 3 }
	Type of CA certificate source. More...

enum	CertTrustPolicy { DefaultTrust = 0, Trusted = 1, Untrusted = 2, NoPolicy = 3 }
	Type of certificate trust policy. More...

enum	CertUsageType { UndeterminedUsage = 0, AnyOrUnspecifiedUsage, CertAuthorityUsage, CertIssuerUsage, TlsServerUsage, TlsServerEvUsage, TlsClientUsage, CodeSigningUsage, EmailProtectionUsage, TimeStampingUsage, CRLSigningUsage }
	Type of certificate usage. More...

enum	ConstraintGroup { KeyUsage = 0, ExtendedKeyUsage = 1 }
	Type of certificate key group. More...

Static Public Member Functions
static QList< QSslCertificate >	casFromFile (const QString &certspath)
	Return list of concatenated CAs from a PEM or DER formatted file. More...

static QList< QSslCertificate >	casMerge (const QList< QSslCertificate > &bundle1, const QList< QSslCertificate > &bundle2)
	casMerge merges two certificate bundles in a single one removing duplicates, the certificates from the bundle2 are appended to bundle1 if not already there More...

static QList< QSslCertificate >	casRemoveSelfSigned (const QList< QSslCertificate > &caList)
	casRemoveSelfSigned remove self-signed CA certificates from caList More...

static QSslCertificate	certFromFile (const QString &certpath)
	Return first cert from a PEM or DER formatted file. More...

static bool	certificateIsAuthority (const QSslCertificate &cert)
	Get whether a certificate is an Authority. More...

static bool	certificateIsAuthorityOrIssuer (const QSslCertificate &cert)
	Get whether a certificate is an Authority or can at least sign other certificates. More...

static bool	certificateIsIssuer (const QSslCertificate &cert)
	Get whether a certificate can sign other certificates. More...

static bool	certificateIsSslClient (const QSslCertificate &cert)
	Get whether a certificate is probably used for a client identity. More...

static bool	certificateIsSslServer (const QSslCertificate &cert)
	Get whether a certificate is probably used for a SSL server. More...

static QList< QgsAuthCertUtils::CertUsageType >	certificateUsageTypes (const QSslCertificate &cert)
	Try to determine the certificates usage types. More...

static QString	certificateUsageTypeString (QgsAuthCertUtils::CertUsageType usagetype)
	Certificate usage type strings per enum. More...

static bool	certIsCurrent (const QSslCertificate &cert)
	certIsCurrent checks if cert is viable for its not before and not after dates More...

static bool	certIsViable (const QSslCertificate &cert)
	certIsViable checks for viability errors of cert and whether it is NULL More...

static QStringList	certKeyBundleToPem (const QString &certpath, const QString &keypath, const QString &keypass=QString(), bool reencrypt=true)
	Return list of certificate, private key and algorithm (as PEM text) from file path components. More...

static QList< QSslCertificate >	certsFromFile (const QString &certspath)
	Return list of concatenated certs from a PEM or DER formatted file. More...

static QList< QSslCertificate >	certsFromString (const QString &pemtext)
	Return list of concatenated certs from a PEM Base64 text block. More...

static QMap< QString, QList< QSslCertificate > >	certsGroupedByOrg (const QList< QSslCertificate > &certs)
	Map certificates to their oraganization. More...

static QByteArray	certsToPemText (const QList< QSslCertificate > &certs)
	certsToPemText dump a list of QSslCertificates to PEM text More...

static QList< QSslError >	certViabilityErrors (const QSslCertificate &cert)
	certViabilityErrors checks basic characteristics (validity dates, blacklisting, etc.) of given cert More...

static QByteArray	fileData (const QString &path)
	Return data from a local file via a read-only operation. More...

static QString	getCaSourceName (QgsAuthCertUtils::CaCertSource source, bool single=false)
	Get the general name for CA source enum type. More...

static QString	getCertDistinguishedName (const QSslCertificate &qcert, const QCA::Certificate &acert=QCA::Certificate(), bool issuer=false)
	Get combined distinguished name for certificate. More...

static QString	getCertTrustName (QgsAuthCertUtils::CertTrustPolicy trust)
	Get the general name for certificate trust. More...

static QString	getColonDelimited (const QString &txt)
	Get string with colon delimiters every 2 characters. More...

static QString	getSslProtocolName (QSsl::SslProtocol protocol)
	SSL Protocol name strings per enum. More...

static QSslKey	keyFromFile (const QString &keypath, const QString &keypass=QString(), QString *algtype=nullptr)
	Return non-encrypted key from a PEM or DER formatted file. More...

static QMap< QString, QSslCertificate >	mapDigestToCerts (const QList< QSslCertificate > &certs)
	Map certificate sha1 to certificate as simple cache. More...

static QMap< QString, QgsAuthConfigSslServer >	mapDigestToSslConfigs (const QList< QgsAuthConfigSslServer > &configs)
	Map SSL custom configs' certificate sha1 to custom config as simple cache. More...

static bool	pemIsPkcs8 (const QString &keyPemTxt)
	Determine if the PEM-encoded text of a key is PKCS#8 format. More...

static QString	pemTextToTempFile (const QString &name, const QByteArray &pemtext)
	Write a temporary file for a PEM text of cert/key/CAs bundle component. More...

static QList< QSslCertificate >	pkcs12BundleCas (const QString &bundlepath, const QString &bundlepass=QString())
	Return list of CA certificates (as QSslCertificate) for a PKCS#12 bundle. More...

static QStringList	pkcs12BundleToPem (const QString &bundlepath, const QString &bundlepass=QString(), bool reencrypt=true)
	Return list of certificate, private key and algorithm (as PEM text) for a PKCS#12 bundle. More...

static QCA::KeyBundle	qcaKeyBundle (const QString &path, const QString &pass)
	PKI key/cert bundle from file path, e.g. More...

static QString	qcaKnownConstraint (QCA::ConstraintTypeKnown constraint)
	Certificate well-known constraint strings per enum. More...

static QString	qcaSignatureAlgorithm (QCA::SignatureAlgorithm algorithm)
	Certificate signature algorithm strings per enum. More...

static QString	qcaValidityMessage (QCA::Validity validity)
	Certificate validity check messages per enum. More...

static QCA::CertificateCollection	qtCertsToQcaCollection (const QList< QSslCertificate > &certs)
	Convert a QList of QSslCertificate to a QCA::CertificateCollection. More...

static QCA::Certificate	qtCertToQcaCert (const QSslCertificate &cert)
	Convert a QSslCertificate to a QCA::Certificate. More...

static QString	resolvedCertName (const QSslCertificate &cert, bool issuer=false)
	Get the general name via RFC 5280 resolution. More...

static QString	shaHexForCert (const QSslCertificate &cert, bool formatted=false)
	Get the sha1 hash for certificate. More...

static QMap< QString, QList< QgsAuthConfigSslServer > >	sslConfigsGroupedByOrg (const QList< QgsAuthConfigSslServer > &configs)
	Map SSL custom configs' certificates to their oraganization. More...

static QString	sslErrorEnumString (QSslError::SslError errenum)
	Get short strings describing an SSL error. More...

static QList< QPair< QSslError::SslError, QString > >	sslErrorEnumStrings ()
	Get short strings describing SSL errors. More...

static QList< QSslError >	validateCertChain (const QList< QSslCertificate > &certificateChain, const QString &hostName=QString(), bool trustRootCa=false)
	validateCertChain validates the given certificateChain More...

static QStringList	validatePKIBundle (QgsPkiBundle &bundle, bool useIntermediates=true, bool trustRootCa=false)
	validatePKIBundle validate the PKI bundle by checking the certificate chain, the expiration and effective dates, optionally trusts the root CA More...

Detailed Description

Utilities for working with certificates and keys.

Definition at line 40 of file qgsauthcertutils.h.

Member Enumeration Documentation

◆ CaCertSource

enum QgsAuthCertUtils::CaCertSource

Type of CA certificate source.

Enumerator
SystemRoot
FromFile
InDatabase
Connection

Definition at line 44 of file qgsauthcertutils.h.

◆ CertTrustPolicy

enum QgsAuthCertUtils::CertTrustPolicy

Type of certificate trust policy.

Enumerator
DefaultTrust
Trusted
Untrusted
NoPolicy

Definition at line 53 of file qgsauthcertutils.h.

◆ CertUsageType

enum QgsAuthCertUtils::CertUsageType

Type of certificate usage.

Enumerator
UndeterminedUsage
AnyOrUnspecifiedUsage
CertAuthorityUsage
CertIssuerUsage
TlsServerUsage
TlsServerEvUsage
TlsClientUsage
CodeSigningUsage
EmailProtectionUsage
TimeStampingUsage
CRLSigningUsage

Definition at line 62 of file qgsauthcertutils.h.

◆ ConstraintGroup

enum QgsAuthCertUtils::ConstraintGroup

Type of certificate key group.

Enumerator
KeyUsage
ExtendedKeyUsage

Definition at line 78 of file qgsauthcertutils.h.

Member Function Documentation

◆ casFromFile()

QList< QSslCertificate > QgsAuthCertUtils::casFromFile ( const QString & certspath )

static

Return list of concatenated CAs from a PEM or DER formatted file.

Definition at line 137 of file qgsauthcertutils.cpp.

◆ casMerge()

QList< QSslCertificate > QgsAuthCertUtils::casMerge	(	const QList< QSslCertificate > &	bundle1,
		const QList< QSslCertificate > &	bundle2
	)

static

casMerge merges two certificate bundles in a single one removing duplicates, the certificates from the bundle2 are appended to bundle1 if not already there

Parameters

bundle1	first bundle
bundle2	second bundle

Returns: a list of unique certificates

Definition at line 151 of file qgsauthcertutils.cpp.

◆ casRemoveSelfSigned()

QList< QSslCertificate > QgsAuthCertUtils::casRemoveSelfSigned ( const QList< QSslCertificate > & caList )

static

casRemoveSelfSigned remove self-signed CA certificates from caList

Parameters

caList list of CA certificates

Returns: a list of non self-signed certificates

Definition at line 250 of file qgsauthcertutils.cpp.

◆ certFromFile()

QSslCertificate QgsAuthCertUtils::certFromFile ( const QString & certpath )

static

Return first cert from a PEM or DER formatted file.

Definition at line 173 of file qgsauthcertutils.cpp.

◆ certificateIsAuthority()

bool QgsAuthCertUtils::certificateIsAuthority ( const QSslCertificate & cert )

static

Get whether a certificate is an Authority.

Definition at line 1006 of file qgsauthcertutils.cpp.

◆ certificateIsAuthorityOrIssuer()

bool QgsAuthCertUtils::certificateIsAuthorityOrIssuer ( const QSslCertificate & cert )

static

Get whether a certificate is an Authority or can at least sign other certificates.

Definition at line 1016 of file qgsauthcertutils.cpp.

◆ certificateIsIssuer()

bool QgsAuthCertUtils::certificateIsIssuer ( const QSslCertificate & cert )

static

Get whether a certificate can sign other certificates.

Definition at line 1011 of file qgsauthcertutils.cpp.

◆ certificateIsSslClient()

bool QgsAuthCertUtils::certificateIsSslClient ( const QSslCertificate & cert )

static

Get whether a certificate is probably used for a client identity.

Definition at line 1143 of file qgsauthcertutils.cpp.

◆ certificateIsSslServer()

bool QgsAuthCertUtils::certificateIsSslServer ( const QSslCertificate & cert )

static

Get whether a certificate is probably used for a SSL server.

Definition at line 1022 of file qgsauthcertutils.cpp.

◆ certificateUsageTypes()

QList< QgsAuthCertUtils::CertUsageType > QgsAuthCertUtils::certificateUsageTypes ( const QSslCertificate & cert )

static

Try to determine the certificates usage types.

Definition at line 931 of file qgsauthcertutils.cpp.

◆ certificateUsageTypeString()

QString QgsAuthCertUtils::certificateUsageTypeString ( QgsAuthCertUtils::CertUsageType usagetype )

static

Certificate usage type strings per enum.

Note: not available in Python bindings

Definition at line 901 of file qgsauthcertutils.cpp.

◆ certIsCurrent()

bool QgsAuthCertUtils::certIsCurrent ( const QSslCertificate & cert )

static

certIsCurrent checks if cert is viable for its not before and not after dates

Parameters

cert	certificate to be checked

Definition at line 1263 of file qgsauthcertutils.cpp.

◆ certIsViable()

bool QgsAuthCertUtils::certIsViable ( const QSslCertificate & cert )

static

certIsViable checks for viability errors of cert and whether it is NULL

Parameters

cert	certificate to be checked

Returns: false if cert is NULL or has viability errors

Definition at line 1295 of file qgsauthcertutils.cpp.

◆ certKeyBundleToPem()

QStringList QgsAuthCertUtils::certKeyBundleToPem	(	const QString &	certpath,
		const QString &	keypath,
		const QString &	keypass = `QString()`,
		bool	reencrypt = `true`
	)

static

Return list of certificate, private key and algorithm (as PEM text) from file path components.

Parameters

certpath	File path to certificate
keypath	File path to private key
keypass	Passphrase for private key
reencrypt	Whether to re-encrypt the private key with the passphrase

Returns: certificate, private key, key's algorithm type

Definition at line 263 of file qgsauthcertutils.cpp.

◆ certsFromFile()

QList< QSslCertificate > QgsAuthCertUtils::certsFromFile ( const QString & certspath )

static

Return list of concatenated certs from a PEM or DER formatted file.

Definition at line 125 of file qgsauthcertutils.cpp.

◆ certsFromString()

QList< QSslCertificate > QgsAuthCertUtils::certsFromString ( const QString & pemtext )

static

Return list of concatenated certs from a PEM Base64 text block.

Definition at line 239 of file qgsauthcertutils.cpp.

◆ certsGroupedByOrg()

QMap< QString, QList< QSslCertificate > > QgsAuthCertUtils::certsGroupedByOrg ( const QList< QSslCertificate > & certs )

static

Map certificates to their oraganization.

Note: not available in Python bindings

Definition at line 65 of file qgsauthcertutils.cpp.

◆ certsToPemText()

QByteArray QgsAuthCertUtils::certsToPemText ( const QList< QSslCertificate > & certs )

static

certsToPemText dump a list of QSslCertificates to PEM text

Parameters

certs list of certs

Returns: a byte array of concatenated certificates as PEM text

Definition at line 554 of file qgsauthcertutils.cpp.

◆ certViabilityErrors()

QList< QSslError > QgsAuthCertUtils::certViabilityErrors ( const QSslCertificate & cert )

static

certViabilityErrors checks basic characteristics (validity dates, blacklisting, etc.) of given cert

Parameters

cert	certificate to be checked

Returns: list of QSslError (will return NO ERRORS if a null QSslCertificate is passed)

Definition at line 1271 of file qgsauthcertutils.cpp.

◆ fileData()

QByteArray QgsAuthCertUtils::fileData ( const QString & path )

static

Return data from a local file via a read-only operation.

Parameters

path	Path to file to read

Returns: All data contained in file or empty contents if file does not exist

Definition at line 104 of file qgsauthcertutils.cpp.

◆ getCaSourceName()

QString QgsAuthCertUtils::getCaSourceName	(	QgsAuthCertUtils::CaCertSource	source,
		bool	single = `false`
	)

static

Get the general name for CA source enum type.

Parameters

source	The enum source type for the CA
single	Whether to return singular or plural description

Definition at line 598 of file qgsauthcertutils.cpp.

◆ getCertDistinguishedName()

QString QgsAuthCertUtils::getCertDistinguishedName	(	const QSslCertificate &	qcert,
		const QCA::Certificate &	acert = `QCA::Certificate()`,
		bool	issuer = `false`
	)

static

Get combined distinguished name for certificate.

Parameters

qcert	Qt SSL cert object
acert	QCA SSL cert object to add more info to the output
issuer	Whether to return cert's subject or issuer combined name

Note: not available in Python bindings

Definition at line 660 of file qgsauthcertutils.cpp.

◆ getCertTrustName()

QString QgsAuthCertUtils::getCertTrustName ( QgsAuthCertUtils::CertTrustPolicy trust )

static

Get the general name for certificate trust.

Definition at line 710 of file qgsauthcertutils.cpp.

◆ getColonDelimited()

QString QgsAuthCertUtils::getColonDelimited ( const QString & txt )

static

Get string with colon delimiters every 2 characters.

Definition at line 725 of file qgsauthcertutils.cpp.

◆ getSslProtocolName()

QString QgsAuthCertUtils::getSslProtocolName ( QSsl::SslProtocol protocol )

static

SSL Protocol name strings per enum.

Definition at line 36 of file qgsauthcertutils.cpp.

◆ keyFromFile()

QSslKey QgsAuthCertUtils::keyFromFile	(	const QString &	keypath,
		const QString &	keypass = `QString()`,
		QString *	algtype = `nullptr`
	)

static

Return non-encrypted key from a PEM or DER formatted file.

Parameters

keypath	File path to private key
keypass	Passphrase for private key
algtype	QString to set with resolved algorithm type

Definition at line 188 of file qgsauthcertutils.cpp.

◆ mapDigestToCerts()

QMap< QString, QSslCertificate > QgsAuthCertUtils::mapDigestToCerts ( const QList< QSslCertificate > & certs )

static

Map certificate sha1 to certificate as simple cache.

Definition at line 55 of file qgsauthcertutils.cpp.

◆ mapDigestToSslConfigs()

QMap< QString, QgsAuthConfigSslServer > QgsAuthCertUtils::mapDigestToSslConfigs ( const QList< QgsAuthConfigSslServer > & configs )

static

Map SSL custom configs' certificate sha1 to custom config as simple cache.

Definition at line 79 of file qgsauthcertutils.cpp.

◆ pemIsPkcs8()

bool QgsAuthCertUtils::pemIsPkcs8 ( const QString & keyPemTxt )

static

Determine if the PEM-encoded text of a key is PKCS#8 format.

Parameters

keyPemTxt PEM-encoded text

Returns: True if PKCS#8, otherwise false

Definition at line 288 of file qgsauthcertutils.cpp.

◆ pemTextToTempFile()

QString QgsAuthCertUtils::pemTextToTempFile	(	const QString &	name,
		const QByteArray &	pemtext
	)

static

Write a temporary file for a PEM text of cert/key/CAs bundle component.

Parameters

pemtext	Component content as PEM text
name	Name of file

Returns: File path to temporary file

Definition at line 569 of file qgsauthcertutils.cpp.

◆ pkcs12BundleCas()

QList< QSslCertificate > QgsAuthCertUtils::pkcs12BundleCas	(	const QString &	bundlepath,
		const QString &	bundlepass = `QString()`
	)

static

Return list of CA certificates (as QSslCertificate) for a PKCS#12 bundle.

Parameters

bundlepath	File path to the PKCS bundle
bundlepass	Passphrase for bundle

Returns: list of certificate

Definition at line 533 of file qgsauthcertutils.cpp.

◆ pkcs12BundleToPem()

QStringList QgsAuthCertUtils::pkcs12BundleToPem	(	const QString &	bundlepath,
		const QString &	bundlepass = `QString()`,
		bool	reencrypt = `true`
	)

static

Return list of certificate, private key and algorithm (as PEM text) for a PKCS#12 bundle.

Parameters

bundlepath	File path to the PKCS bundle
bundlepass	Passphrase for bundle
reencrypt	Whether to re-encrypt the private key with the passphrase

Returns: certificate, private key, key's algorithm type

Definition at line 438 of file qgsauthcertutils.cpp.

◆ qcaKeyBundle()

QCA::KeyBundle QgsAuthCertUtils::qcaKeyBundle	(	const QString &	path,
		const QString &	pass
	)

static

PKI key/cert bundle from file path, e.g.

from .p12 or pfx files.

Note: not available in Python bindings

Definition at line 780 of file qgsauthcertutils.cpp.

◆ qcaKnownConstraint()

QString QgsAuthCertUtils::qcaKnownConstraint ( QCA::ConstraintTypeKnown constraint )

static

Certificate well-known constraint strings per enum.

Note: not available in Python bindings

Definition at line 856 of file qgsauthcertutils.cpp.

◆ qcaSignatureAlgorithm()

QString QgsAuthCertUtils::qcaSignatureAlgorithm ( QCA::SignatureAlgorithm algorithm )

static

Certificate signature algorithm strings per enum.

Note: not available in Python bindings

Definition at line 825 of file qgsauthcertutils.cpp.

◆ qcaValidityMessage()

QString QgsAuthCertUtils::qcaValidityMessage ( QCA::Validity validity )

static

Certificate validity check messages per enum.

Note: not available in Python bindings

Definition at line 792 of file qgsauthcertutils.cpp.

◆ qtCertsToQcaCollection()

QCA::CertificateCollection QgsAuthCertUtils::qtCertsToQcaCollection ( const QList< QSslCertificate > & certs )

static

Convert a QList of QSslCertificate to a QCA::CertificateCollection.

Note: not available in Python bindings

Definition at line 763 of file qgsauthcertutils.cpp.

◆ qtCertToQcaCert()

QCA::Certificate QgsAuthCertUtils::qtCertToQcaCert ( const QSslCertificate & cert )

static

Convert a QSslCertificate to a QCA::Certificate.

Note: not available in Python bindings

Definition at line 748 of file qgsauthcertutils.cpp.

◆ resolvedCertName()

QString QgsAuthCertUtils::resolvedCertName	(	const QSslCertificate &	cert,
		bool	issuer = `false`
	)

static

Get the general name via RFC 5280 resolution.

Definition at line 615 of file qgsauthcertutils.cpp.

◆ shaHexForCert()

QString QgsAuthCertUtils::shaHexForCert	(	const QSslCertificate &	cert,
		bool	formatted = `false`
	)

static

Get the sha1 hash for certificate.

Parameters

cert	Qt SSL certificate to generate hash from
formatted	Whether to colon-delimit the hash

Definition at line 738 of file qgsauthcertutils.cpp.

◆ sslConfigsGroupedByOrg()

QMap< QString, QList< QgsAuthConfigSslServer > > QgsAuthCertUtils::sslConfigsGroupedByOrg ( const QList< QgsAuthConfigSslServer > & configs )

static

Map SSL custom configs' certificates to their oraganization.

Note: not available in Python bindings

Definition at line 89 of file qgsauthcertutils.cpp.

◆ sslErrorEnumString()

QString QgsAuthCertUtils::sslErrorEnumString ( QSslError::SslError errenum )

static

Get short strings describing an SSL error.

Definition at line 1148 of file qgsauthcertutils.cpp.

◆ sslErrorEnumStrings()

QList< QPair< QSslError::SslError, QString > > QgsAuthCertUtils::sslErrorEnumStrings ( )

static

Get short strings describing SSL errors.

Note: not available in Python bindings

Definition at line 1209 of file qgsauthcertutils.cpp.

◆ validateCertChain()

QList< QSslError > QgsAuthCertUtils::validateCertChain	(	const QList< QSslCertificate > &	certificateChain,
		const QString &	hostName = `QString()`,
		bool	trustRootCa = `false`
	)

static

validateCertChain validates the given certificateChain

Parameters

certificateChain	list of certificates to be checked, with leaf first and with optional root CA last
hostName	(optional) name of the host to be verified
trustRootCa	if true the CA will be added to the trusted CAs for this validation check

Returns: list of QSslError, if the list is empty then the cert chain is valid

Definition at line 1300 of file qgsauthcertutils.cpp.

◆ validatePKIBundle()

QStringList QgsAuthCertUtils::validatePKIBundle	(	QgsPkiBundle &	bundle,
		bool	useIntermediates = `true`,
		bool	trustRootCa = `false`
	)

static

validatePKIBundle validate the PKI bundle by checking the certificate chain, the expiration and effective dates, optionally trusts the root CA

Parameters

bundle
useIntermediates	if true the intermediate certs are also checked
trustRootCa	if true the CA will be added to the trusted CAs for this validation check (if useIntermediates is false) this option is ignored and set to false

Returns: a list of error strings, if the list is empty then the PKI bundle is valid

Definition at line 1350 of file qgsauthcertutils.cpp.

The documentation for this class was generated from the following files:

/tmp/buildd/qgis-3.0.2+14stretch/src/core/auth/qgsauthcertutils.h
/tmp/buildd/qgis-3.0.2+14stretch/src/core/auth/qgsauthcertutils.cpp

Public Types

Static Public Member Functions

Detailed Description

Member Enumeration Documentation

◆ CaCertSource

◆ CertTrustPolicy

◆ CertUsageType

◆ ConstraintGroup

Member Function Documentation

◆ casFromFile()

◆ casMerge()

◆ casRemoveSelfSigned()

◆ certFromFile()

◆ certificateIsAuthority()

◆ certificateIsAuthorityOrIssuer()

◆ certificateIsIssuer()

◆ certificateIsSslClient()

◆ certificateIsSslServer()

◆ certificateUsageTypes()

◆ certificateUsageTypeString()

◆ certIsCurrent()

◆ certIsViable()

◆ certKeyBundleToPem()

◆ certsFromFile()

◆ certsFromString()

◆ certsGroupedByOrg()

◆ certsToPemText()

◆ certViabilityErrors()

◆ fileData()

◆ getCaSourceName()

◆ getCertDistinguishedName()

◆ getCertTrustName()

◆ getColonDelimited()

◆ getSslProtocolName()

◆ keyFromFile()

◆ mapDigestToCerts()

◆ mapDigestToSslConfigs()

◆ pemIsPkcs8()

◆ pemTextToTempFile()

◆ pkcs12BundleCas()

◆ pkcs12BundleToPem()

◆ qcaKeyBundle()

◆ qcaKnownConstraint()

◆ qcaSignatureAlgorithm()

◆ qcaValidityMessage()

◆ qtCertsToQcaCollection()

◆ qtCertToQcaCert()

◆ resolvedCertName()

◆ shaHexForCert()

◆ sslConfigsGroupedByOrg()

◆ sslErrorEnumString()

◆ sslErrorEnumStrings()

◆ validateCertChain()

◆ validatePKIBundle()