18 #ifndef QGSAUTHCERTUTILS_H 19 #define QGSAUTHCERTUTILS_H 24 #include <QSslCertificate> 28 #include "qgis_core.h" 32 #define SSL_ISSUER_INFO( var, prop ) var.issuerInfo( prop ).value(0) 34 #define SSL_SUBJECT_INFO( var, prop ) var.subjectInfo( prop ).value(0) 64 UndeterminedUsage = 0,
86 static QString getSslProtocolName( QSsl::SslProtocol protocol );
89 static QMap<QString, QSslCertificate> mapDigestToCerts(
const QList<QSslCertificate> &certs );
95 static QMap< QString, QList<QSslCertificate> > certsGroupedByOrg(
const QList<QSslCertificate> &certs )
SIP_SKIP;
100 static QMap<QString, QgsAuthConfigSslServer> mapDigestToSslConfigs(
const QList<QgsAuthConfigSslServer> &configs );
106 static QMap< QString, QList<QgsAuthConfigSslServer> > sslConfigsGroupedByOrg(
const QList<QgsAuthConfigSslServer> &configs )
SIP_SKIP;
113 static QByteArray fileData(
const QString &path );
116 static QList<QSslCertificate> certsFromFile(
const QString &certspath );
119 static QList<QSslCertificate> casFromFile(
const QString &certspath );
122 static QSslCertificate certFromFile(
const QString &certpath );
131 static QList<QSslCertificate> casMerge(
const QList<QSslCertificate> &bundle1,
132 const QList<QSslCertificate> &bundle2 );
140 static QSslKey keyFromFile(
const QString &keypath,
141 const QString &keypass = QString(),
142 QString *algtype =
nullptr );
145 static QList<QSslCertificate> certsFromString(
const QString &pemtext );
153 static QList<QSslCertificate> casRemoveSelfSigned(
const QList<QSslCertificate> &caList );
163 static QStringList certKeyBundleToPem(
const QString &certpath,
164 const QString &keypath,
165 const QString &keypass = QString(),
166 bool reencrypt =
true );
173 static bool pemIsPkcs8(
const QString &keyPemTxt );
190 static QByteArray pkcs8PrivateKey( QByteArray &pkcs8Der )
SIP_SKIP;
200 static QStringList pkcs12BundleToPem(
const QString &bundlepath,
201 const QString &bundlepass = QString(),
202 bool reencrypt =
true );
210 static QList<QSslCertificate> pkcs12BundleCas(
const QString &bundlepath,
211 const QString &bundlepass = QString() );
219 static QByteArray certsToPemText(
const QList<QSslCertificate> &certs );
227 static QString pemTextToTempFile(
const QString &name,
const QByteArray &pemtext );
237 static QString resolvedCertName(
const QSslCertificate &cert,
bool issuer =
false );
246 static QString getCertDistinguishedName(
const QSslCertificate &qcert,
247 const QCA::Certificate &acert = QCA::Certificate(),
248 bool issuer =
false ) SIP_SKIP;
254 static QString getColonDelimited( const QString &txt );
261 static QString shaHexForCert( const QSslCertificate &cert,
bool formatted = false );
267 static
QCA::Certificate qtCertToQcaCert( const QSslCertificate &cert ) SIP_SKIP;
273 static
QCA::CertificateCollection qtCertsToQcaCollection( const QList<QSslCertificate> &certs ) SIP_SKIP;
279 static
QCA::KeyBundle qcaKeyBundle( const QString &path, const QString &pass ) SIP_SKIP;
285 static QString qcaValidityMessage(
QCA::Validity validity ) SIP_SKIP;
291 static QString qcaSignatureAlgorithm(
QCA::SignatureAlgorithm algorithm ) SIP_SKIP;
297 static QString qcaKnownConstraint(
QCA::ConstraintTypeKnown constraint ) SIP_SKIP;
309 static
bool certificateIsAuthority( const QSslCertificate &cert );
312 static
bool certificateIsIssuer( const QSslCertificate &cert );
315 static
bool certificateIsAuthorityOrIssuer( const QSslCertificate &cert );
318 static
bool certificateIsSslServer( const QSslCertificate &cert );
321 static
bool certificateIsSslClient( const QSslCertificate &cert );
324 static QString sslErrorEnumString( QSslError::SslError errenum );
330 static QList<QPair<QSslError::SslError, QString> > sslErrorEnumStrings() SIP_SKIP;
336 static
bool certIsCurrent( const QSslCertificate &cert );
343 static QList<QSslError> certViabilityErrors( const QSslCertificate &cert );
350 static
bool certIsViable( const QSslCertificate &cert );
359 static QList<QSslError> validateCertChain( const QList<QSslCertificate> &certificateChain,
360 const QString &hostName = QString(),
361 bool trustRootCa = false ) ;
372 static QStringList validatePKIBundle(
QgsPkiBundle &bundle,
bool useIntermediates = true,
bool trustRootCa = false );
375 static
void appendDirSegment_( QStringList &dirname, const QString &segment, QString value );
377 static QSsl::EncodingFormat sniffEncoding( const QByteArray &payload );
380 #endif // QGSAUTHCERTUTILS_H
ConstraintGroup
Type of certificate key group.
Configuration container for SSL server connection exceptions or overrides.
CertUsageType
Type of certificate usage.
Utilities for working with certificates and keys.
Storage set for PKI bundle: SSL certificate, key, optional CA cert chain.
CaCertSource
Type of CA certificate source.
CertTrustPolicy
Type of certificate trust policy.