18 #ifndef QGSAUTHCERTUTILS_H
19 #define QGSAUTHCERTUTILS_H
24 #include <QSslCertificate>
28 #include "qgis_core.h"
32 #define SSL_ISSUER_INFO( var, prop ) var.issuerInfo( prop ).value(0)
34 #define SSL_SUBJECT_INFO( var, prop ) var.subjectInfo( prop ).value(0)
64 UndeterminedUsage = 0,
86 static QString getSslProtocolName( QSsl::SslProtocol protocol );
89 static QMap<QString, QSslCertificate> mapDigestToCerts(
const QList<QSslCertificate> &certs );
95 static QMap< QString, QList<QSslCertificate> > certsGroupedByOrg(
const QList<QSslCertificate> &certs )
SIP_SKIP;
100 static QMap<QString, QgsAuthConfigSslServer> mapDigestToSslConfigs(
const QList<QgsAuthConfigSslServer> &configs );
106 static QMap< QString, QList<QgsAuthConfigSslServer> > sslConfigsGroupedByOrg(
const QList<QgsAuthConfigSslServer> &configs )
SIP_SKIP;
113 static QByteArray fileData(
const QString &path );
116 static QList<QSslCertificate> certsFromFile(
const QString &certspath );
119 static QList<QSslCertificate> casFromFile(
const QString &certspath );
122 static QSslCertificate certFromFile(
const QString &certpath );
131 static QList<QSslCertificate> casMerge(
const QList<QSslCertificate> &bundle1,
132 const QList<QSslCertificate> &bundle2 );
140 static QSslKey keyFromFile(
const QString &keypath,
141 const QString &keypass = QString(),
142 QString *algtype =
nullptr );
145 static QList<QSslCertificate> certsFromString(
const QString &pemtext );
153 static QList<QSslCertificate> casRemoveSelfSigned(
const QList<QSslCertificate> &caList );
163 static QStringList certKeyBundleToPem(
const QString &certpath,
164 const QString &keypath,
165 const QString &keypass = QString(),
166 bool reencrypt =
true );
173 static bool pemIsPkcs8(
const QString &keyPemTxt );
190 static QByteArray pkcs8PrivateKey( QByteArray &pkcs8Der )
SIP_SKIP;
200 static QStringList pkcs12BundleToPem(
const QString &bundlepath,
201 const QString &bundlepass = QString(),
202 bool reencrypt =
true );
210 static QList<QSslCertificate> pkcs12BundleCas(
const QString &bundlepath,
211 const QString &bundlepass = QString() );
219 static QByteArray certsToPemText(
const QList<QSslCertificate> &certs );
227 static QString pemTextToTempFile(
const QString &name,
const QByteArray &pemtext );
237 static QString resolvedCertName(
const QSslCertificate &cert,
bool issuer =
false );
246 static QString getCertDistinguishedName(
const QSslCertificate &qcert,
247 const QCA::Certificate &acert = QCA::Certificate(),
254 static QString getColonDelimited( const QString &txt );
261 static QString shaHexForCert( const QSslCertificate &cert,
bool formatted = false );
267 static
QCA::Certificate qtCertToQcaCert( const QSslCertificate &cert )
SIP_SKIP;
273 static
QCA::CertificateCollection qtCertsToQcaCollection( const QList<QSslCertificate> &certs )
SIP_SKIP;
279 static
QCA::KeyBundle qcaKeyBundle( const QString &path, const QString &pass )
SIP_SKIP;
285 static QString qcaValidityMessage(
QCA::Validity validity )
SIP_SKIP;
297 static QString qcaKnownConstraint(
QCA::ConstraintTypeKnown constraint )
SIP_SKIP;
306 static QList<
QgsAuthCertUtils::CertUsageType> certificateUsageTypes( const QSslCertificate &cert );
309 static
bool certificateIsAuthority( const QSslCertificate &cert );
312 static
bool certificateIsIssuer( const QSslCertificate &cert );
315 static
bool certificateIsAuthorityOrIssuer( const QSslCertificate &cert );
318 static
bool certificateIsSslServer( const QSslCertificate &cert );
321 static
bool certificateIsSslClient( const QSslCertificate &cert );
324 static QString sslErrorEnumString( QSslError::SslError errenum );
330 static QList<QPair<QSslError::SslError, QString> > sslErrorEnumStrings()
SIP_SKIP;
336 static
bool certIsCurrent( const QSslCertificate &cert );
343 static QList<QSslError> certViabilityErrors( const QSslCertificate &cert );
350 static
bool certIsViable( const QSslCertificate &cert );
359 static QList<QSslError> validateCertChain( const QList<QSslCertificate> &certificateChain,
360 const QString &hostName = QString(),
361 bool trustRootCa = false ) ;
372 static QStringList validatePKIBundle(
QgsPkiBundle &bundle,
bool useIntermediates = true,
bool trustRootCa = false );
375 static
void appendDirSegment_( QStringList &dirname, const QString &segment, QString value );
377 static QSsl::EncodingFormat sniffEncoding( const QByteArray &payload );
380 #endif // QGSAUTHCERTUTILS_H