19 #include "ui_qgsauthcertificateinfo.h"
22 #include <QDialogButtonBox>
24 #include <QPlainTextEdit>
25 #include <QPushButton>
35 static void setItemBold_( QTreeWidgetItem *item )
37 item->setFirstColumnSpanned(
true );
38 QFont secf( item->font( 0 ) );
40 item->setFont( 0, secf );
43 static void removeChildren_( QTreeWidgetItem *item )
45 const auto constTakeChildren = item->takeChildren();
46 for ( QTreeWidgetItem *child : constTakeChildren )
55 const QList<QSslCertificate> &connectionCAs )
57 , mConnectionCAs( connectionCAs )
58 , mDefaultItemForeground( QBrush() )
59 , mManageTrust( manageCertTrust )
60 , mTrustCacheRebuilt( false )
67 mAuthNotifyLayout =
new QVBoxLayout;
68 this->setLayout( mAuthNotifyLayout );
70 mAuthNotifyLayout->addWidget( mAuthNotify );
75 connect( btnSaveTrust, &QToolButton::clicked,
this, &QgsAuthCertInfo::btnSaveTrust_clicked );
77 lblError->setHidden(
true );
79 treeHierarchy->setRootIsDecorated(
false );
81 connect( treeHierarchy, &QTreeWidget::currentItemChanged,
82 this, &QgsAuthCertInfo::currentCertItemChanged );
86 setUpCertDetailsTree();
88 grpbxTrust->setVisible( mManageTrust );
95 res = populateQcaCertCollection();
97 res = setQcaCertificate( cert );
99 res = populateCertChain();
103 connect( cmbbxTrust,
static_cast<void ( QComboBox::* )(
int )
>( &QComboBox::currentIndexChanged ),
104 this, &QgsAuthCertInfo::currentPolicyIndexChanged );
108 void QgsAuthCertInfo::setupError(
const QString &msg )
110 lblError->setVisible(
true );
111 QString out = tr(
"<b>Setup ERROR:</b>\n\n" );
113 lblError->setText( out );
117 void QgsAuthCertInfo::currentCertItemChanged( QTreeWidgetItem *current, QTreeWidgetItem *previous )
120 updateCurrentCert( current );
123 void QgsAuthCertInfo::updateCurrentCert( QTreeWidgetItem *item )
126 item = treeHierarchy->currentItem();
130 const int indx( item->data( 0, Qt::UserRole ).toInt() );
131 updateCurrentCertInfo( indx );
134 bool QgsAuthCertInfo::populateQcaCertCollection()
136 const QList<QPair<QgsAuthCertUtils::CaCertSource, QSslCertificate> > &certpairs( mCaCertsCache.values() );
137 for (
int i = 0; i < certpairs.size(); ++i )
139 QCA::ConvertResult res;
140 const QCA::Certificate acert = QCA::Certificate::fromPEM( certpairs.at( i ).second.toPem(), &res, QStringLiteral(
"qca-ossl" ) );
141 if ( res == QCA::ConvertGood && !acert.isNull() )
143 mCaCerts.addCertificate( acert );
146 if ( !mConnectionCAs.isEmpty() )
148 const auto constMConnectionCAs = mConnectionCAs;
149 for (
const QSslCertificate &cert : constMConnectionCAs )
151 QCA::ConvertResult res;
152 const QCA::Certificate acert = QCA::Certificate::fromPEM( cert.toPem(), &res, QStringLiteral(
"qca-ossl" ) );
153 if ( res == QCA::ConvertGood && !acert.isNull() )
155 mCaCerts.addCertificate( acert );
160 if ( mCaCerts.certificates().empty() )
162 setupError( tr(
"Could not populate QCA certificate collection" ) );
168 bool QgsAuthCertInfo::setQcaCertificate(
const QSslCertificate &cert )
170 QCA::ConvertResult res;
171 mCert = QCA::Certificate::fromPEM( cert.toPem(), &res, QStringLiteral(
"qca-ossl" ) );
172 if ( res != QCA::ConvertGood || mCert.isNull() )
174 setupError( tr(
"Could not set QCA certificate" ) );
180 bool QgsAuthCertInfo::populateCertChain()
182 const QCA::CertificateChain certchain( mCert );
184 mACertChain = certchain.complete( mCaCerts.certificates(), &valid );
185 if ( valid != QCA::ValidityGood && valid != QCA::ErrorInvalidCA )
188 setupError( tr(
"Invalid population of QCA certificate chain.<br><br>"
193 if ( mACertChain.isEmpty() )
195 QgsDebugMsg( QStringLiteral(
"Could not populate QCA certificate chain" ) );
196 mACertChain = certchain;
199 if ( !mACertChain.last().isSelfSigned() )
202 mACertChain.append( QCA::Certificate() );
206 const auto constMACertChain = mACertChain;
207 for (
const QCA::Certificate &cert : constMACertChain )
209 QSslCertificate qcert;
210 if ( !cert.isNull() )
212 qcert = QSslCertificate( cert.toPEM().toLatin1() );
214 mQCertChain.append( qcert );
219 void QgsAuthCertInfo::setCertHierarchy()
221 QListIterator<QSslCertificate> it( mQCertChain );
223 int i = mQCertChain.size();
224 QTreeWidgetItem *item =
nullptr;
225 QTreeWidgetItem *previtem =
nullptr;
226 while ( it.hasPrevious() )
228 const QSslCertificate cert( it.previous() );
229 const bool missingCA = cert.isNull();
231 if ( missingCA && it.hasPrevious() )
234 cert_source += QStringLiteral(
" (%1)" ).arg( tr(
"Missing CA" ) );
240 if ( mCaCertsCache.contains( sha ) )
242 const QPair<QgsAuthCertUtils::CaCertSource, QSslCertificate > &certpair( mCaCertsCache.value( sha ) );
245 else if ( mConnectionCAs.contains( cert ) )
247 cert_source += QStringLiteral(
" (%1)" )
254 item =
new QTreeWidgetItem( treeHierarchy, QStringList() << cert_source );
258 item =
new QTreeWidgetItem( previtem, QStringList() << cert_source );
260 if ( missingCA && it.hasPrevious() )
262 item->setFlags( Qt::ItemIsEnabled | Qt::ItemIsSelectable );
265 item->setData( 0, Qt::UserRole, --i );
267 if ( mDefaultItemForeground.style() == Qt::NoBrush )
269 mDefaultItemForeground = item->foreground( 0 );
274 item->setFirstColumnSpanned(
true );
276 treeHierarchy->addTopLevelItem( item );
279 treeHierarchy->setCurrentItem( item, 0, QItemSelectionModel::ClearAndSelect );
280 treeHierarchy->expandAll();
283 void QgsAuthCertInfo::updateCurrentCertInfo(
int chainindx )
285 btnSaveTrust->setEnabled(
false );
287 mCurrentQCert = mQCertChain.at( chainindx );
288 mCurrentACert = mACertChain.at( chainindx );
292 grpbxTrust->setHidden( mCurrentQCert.isNull() );
295 if ( !mCurrentQCert.isNull() )
298 mCurrentTrustPolicy = trustpolicy;
300 cmbbxTrust->setTrustPolicy( trustpolicy );
310 void QgsAuthCertInfo::setUpCertDetailsTree()
312 treeDetails->setColumnCount( 2 );
313 treeDetails->setHeaderLabels( QStringList() << tr(
"Field" ) << tr(
"Value" ) );
314 treeDetails->setColumnWidth( 0, 200 );
316 QTreeWidgetItem *headeritem = treeDetails->headerItem();
317 headeritem->setTextAlignment( 0, Qt::AlignRight );
318 headeritem->setTextAlignment( 1, Qt::AlignLeft );
320 treeDetails->setRootIsDecorated(
true );
321 treeDetails->setWordWrap(
true );
324 mSecGeneral =
new QTreeWidgetItem(
326 QStringList( tr(
"General" ) ),
327 static_cast<int>( DetailsSection ) );
328 setItemBold_( mSecGeneral );
329 mSecGeneral->setFirstColumnSpanned(
true );
330 mSecGeneral->setFlags( Qt::ItemIsEnabled );
331 mSecGeneral->setExpanded(
true );
332 treeDetails->insertTopLevelItem( 0, mSecGeneral );
334 mSecDetails =
new QTreeWidgetItem(
336 QStringList( tr(
"Details" ) ),
337 static_cast<int>( DetailsSection ) );
338 setItemBold_( mSecDetails );
339 mSecDetails->setFirstColumnSpanned(
true );
340 mSecDetails->setFlags( Qt::ItemIsEnabled );
341 mSecDetails->setExpanded(
false );
342 treeDetails->insertTopLevelItem( 0, mSecDetails );
345 mGrpSubj = addGroupItem( mSecDetails, tr(
"Subject Info" ) );
346 mGrpIssu = addGroupItem( mSecDetails, tr(
"Issuer Info" ) );
347 mGrpCert = addGroupItem( mSecDetails, tr(
"Certificate Info" ) );
348 mGrpPkey = addGroupItem( mSecDetails, tr(
"Public Key Info" ) );
349 mGrpExts = addGroupItem( mSecDetails, tr(
"Extensions" ) );
351 mSecPemText =
new QTreeWidgetItem(
353 QStringList( tr(
"PEM Text" ) ),
354 static_cast<int>( DetailsSection ) );
355 setItemBold_( mSecPemText );
356 mSecPemText->setFirstColumnSpanned(
true );
357 mSecPemText->setFlags( Qt::ItemIsEnabled );
358 mSecPemText->setExpanded(
false );
359 treeDetails->insertTopLevelItem( 0, mSecPemText );
362 void QgsAuthCertInfo::populateCertInfo()
364 mSecDetails->setHidden(
false );
365 mSecPemText->setHidden(
false );
367 populateInfoGeneralSection();
368 populateInfoDetailsSection();
369 populateInfoPemTextSection();
372 QTreeWidgetItem *QgsAuthCertInfo::addGroupItem( QTreeWidgetItem *parent,
const QString &group )
374 QTreeWidgetItem *grpitem =
new QTreeWidgetItem(
376 QStringList( group ),
377 static_cast<int>( DetailsGroup ) );
379 grpitem->setFirstColumnSpanned(
true );
380 grpitem->setFlags( Qt::ItemIsEnabled );
381 grpitem->setExpanded(
true );
383 QBrush orgb( grpitem->foreground( 0 ) );
384 orgb.setColor( QColor::fromRgb( 90, 90, 90 ) );
385 grpitem->setForeground( 0, orgb );
386 QFont grpf( grpitem->font( 0 ) );
387 grpf.setItalic(
true );
388 grpitem->setFont( 0, grpf );
393 void QgsAuthCertInfo::addFieldItem( QTreeWidgetItem *parent,
const QString &
field,
const QString &value,
394 QgsAuthCertInfo::FieldWidget wdgt,
const QColor &color )
396 if ( value.isEmpty() )
399 QTreeWidgetItem *item =
new QTreeWidgetItem(
401 QStringList() <<
field << ( wdgt == NoWidget ? value : QString() ),
402 static_cast<int>( DetailsField ) );
404 item->setTextAlignment( 0, Qt::AlignRight );
405 item->setTextAlignment( 1, Qt::AlignLeft );
407 QBrush fieldb( item->foreground( 0 ) );
408 fieldb.setColor( QColor::fromRgb( 90, 90, 90 ) );
409 item->setForeground( 0, fieldb );
411 if ( wdgt == NoWidget )
413 if ( color.isValid() )
415 QBrush valueb( item->foreground( 1 ) );
416 valueb.setColor( color );
417 item->setForeground( 1, valueb );
420 else if ( wdgt == LineEdit )
422 QLineEdit *le =
new QLineEdit( value, treeDetails );
423 le->setReadOnly(
true );
424 le->setAlignment( Qt::AlignLeft );
425 le->setCursorPosition( 0 );
426 if ( color.isValid() )
428 le->setStyleSheet( QStringLiteral(
"QLineEdit { color: %1; }" ).arg( color.name() ) );
430 item->treeWidget()->setItemWidget( item, 1, le );
432 else if ( wdgt == TextEdit )
434 QPlainTextEdit *pte =
new QPlainTextEdit( value, treeDetails );
435 pte->setReadOnly(
true );
436 pte->setMinimumHeight( 75 );
437 pte->setMaximumHeight( 75 );
438 pte->moveCursor( QTextCursor::Start );
439 if ( color.isValid() )
441 pte->setStyleSheet( QStringLiteral(
"QPlainTextEdit { color: %1; }" ).arg( color.name() ) );
443 item->treeWidget()->setItemWidget( item, 1, pte );
448 void QgsAuthCertInfo::populateInfoGeneralSection()
450 removeChildren_( mSecGeneral );
452 if ( mCurrentQCert.isNull() )
454 addFieldItem( mSecGeneral, tr(
"Type" ),
455 tr(
"Missing CA (incomplete local CA chain)" ),
457 mSecGeneral->setExpanded(
true );
458 mSecDetails->setHidden(
true );
459 mSecPemText->setHidden(
true );
464 const bool isselfsigned = mCurrentACert.isSelfSigned();
465 const QString selfsigned( tr(
"self-signed" ) );
467 const QList<QgsAuthCertUtils::CertUsageType> usagetypes(
482 if ( isissuer || ( isca && !isselfsigned ) )
486 if ( ( isissuer || isca ) && isselfsigned )
488 certype = QStringLiteral(
"%1 %2" )
494 certype.append( certype.isEmpty() ? selfsigned : QStringLiteral(
" (%1)" ).arg( selfsigned ) );
497 addFieldItem( mSecGeneral, tr(
"Usage type" ),
500 addFieldItem( mSecGeneral, tr(
"Subject" ),
503 addFieldItem( mSecGeneral, tr(
"Issuer" ),
506 addFieldItem( mSecGeneral, tr(
"Not valid after" ),
507 mCurrentQCert.expiryDate().toString(),
511 const QSslKey pubkey( mCurrentQCert.publicKey() );
512 const QString alg( pubkey.algorithm() == QSsl::Rsa ?
"RSA" :
"DSA" );
513 const int bitsize( pubkey.length() );
514 addFieldItem( mSecGeneral, tr(
"Public key" ),
515 QStringLiteral(
"%1, %2 bits" ).arg( alg, bitsize == -1 ? QStringLiteral(
"?" ) : QString::number( bitsize ) ),
517 addFieldItem( mSecGeneral, tr(
"Signature algorithm" ),
522 void QgsAuthCertInfo::populateInfoDetailsSection()
524 removeChildren_( mGrpSubj );
525 removeChildren_( mGrpIssu );
526 removeChildren_( mGrpCert );
527 removeChildren_( mGrpPkey );
528 removeChildren_( mGrpExts );
530 if ( mCurrentQCert.isNull() )
534 addFieldItem( mGrpSubj, tr(
"Country (C)" ),
537 addFieldItem( mGrpSubj, tr(
"State/Province (ST)" ),
540 addFieldItem( mGrpSubj, tr(
"Locality (L)" ),
543 addFieldItem( mGrpSubj, tr(
"Organization (O)" ),
546 addFieldItem( mGrpSubj, tr(
"Organizational unit (OU)" ),
549 addFieldItem( mGrpSubj, tr(
"Common name (CN)" ),
552 addFieldItem( mGrpSubj, tr(
"Email address (E)" ),
553 mCurrentACert.subjectInfo().value( QCA::Email ),
555 addFieldItem( mGrpSubj, tr(
"Distinguished name" ),
558 addFieldItem( mGrpSubj, tr(
"Email Legacy" ),
559 mCurrentACert.subjectInfo().value( QCA::EmailLegacy ),
561 addFieldItem( mGrpSubj, tr(
"Incorporation Country" ),
562 mCurrentACert.subjectInfo().value( QCA::IncorporationCountry ),
564 addFieldItem( mGrpSubj, tr(
"Incorporation State/Province" ),
565 mCurrentACert.subjectInfo().value( QCA::IncorporationState ),
567 addFieldItem( mGrpSubj, tr(
"Incorporation Locality" ),
568 mCurrentACert.subjectInfo().value( QCA::IncorporationLocality ),
570 addFieldItem( mGrpSubj, tr(
"URI" ),
571 mCurrentACert.subjectInfo().value( QCA::URI ),
573 addFieldItem( mGrpSubj, tr(
"DNS" ),
574 mCurrentACert.subjectInfo().value( QCA::DNS ),
576 addFieldItem( mGrpSubj, tr(
"IP Address" ),
577 mCurrentACert.subjectInfo().value( QCA::IPAddress ),
579 addFieldItem( mGrpSubj, tr(
"XMPP" ),
580 mCurrentACert.subjectInfo().value( QCA::XMPP ),
583 const QMultiMap<QSsl::AlternativeNameEntryType, QString> alts( mCurrentQCert.subjectAlternativeNames() );
584 QStringList altslist;
585 const QString email( tr(
"Email: " ) );
586 const QStringList emails( alts.values( QSsl::EmailEntry ) );
587 if ( !emails.isEmpty() )
589 altslist << email + emails.join(
'\n' + email );
591 const QString dns( tr(
"DNS: " ) );
592 const QStringList dnss( alts.values( QSsl::DnsEntry ) );
593 if ( !dnss.isEmpty() )
595 altslist << dns + dnss.join(
'\n' + dns );
597 addFieldItem( mGrpSubj, tr(
"Alternate names" ),
598 altslist.join( QLatin1Char(
'\n' ) ),
602 addFieldItem( mGrpIssu, tr(
"Country (C)" ),
605 addFieldItem( mGrpIssu, tr(
"State/Province (ST)" ),
606 SSL_ISSUER_INFO( mCurrentQCert, QSslCertificate::StateOrProvinceName ),
608 addFieldItem( mGrpIssu, tr(
"Locality (L)" ),
611 addFieldItem( mGrpIssu, tr(
"Organization (O)" ),
614 addFieldItem( mGrpIssu, tr(
"Organizational unit (OU)" ),
615 SSL_ISSUER_INFO( mCurrentQCert, QSslCertificate::OrganizationalUnitName ),
617 addFieldItem( mGrpIssu, tr(
"Common name (CN)" ),
620 addFieldItem( mGrpIssu, tr(
"Email address (E)" ),
621 mCurrentACert.issuerInfo().value( QCA::Email ),
623 addFieldItem( mGrpIssu, tr(
"Distinguished name" ),
626 addFieldItem( mGrpIssu, tr(
"Email Legacy" ),
627 mCurrentACert.issuerInfo().value( QCA::EmailLegacy ),
629 addFieldItem( mGrpIssu, tr(
"Incorporation Country" ),
630 mCurrentACert.issuerInfo().value( QCA::IncorporationCountry ),
632 addFieldItem( mGrpIssu, tr(
"Incorporation State/Province" ),
633 mCurrentACert.issuerInfo().value( QCA::IncorporationState ),
635 addFieldItem( mGrpIssu, tr(
"Incorporation Locality" ),
636 mCurrentACert.issuerInfo().value( QCA::IncorporationLocality ),
638 addFieldItem( mGrpIssu, tr(
"URI" ),
639 mCurrentACert.issuerInfo().value( QCA::URI ),
641 addFieldItem( mGrpIssu, tr(
"DNS" ),
642 mCurrentACert.issuerInfo().value( QCA::DNS ),
644 addFieldItem( mGrpIssu, tr(
"IP Address" ),
645 mCurrentACert.issuerInfo().value( QCA::IPAddress ),
647 addFieldItem( mGrpIssu, tr(
"XMPP" ),
648 mCurrentACert.issuerInfo().value( QCA::XMPP ),
652 addFieldItem( mGrpCert, tr(
"Version" ),
653 mCurrentQCert.version(),
655 addFieldItem( mGrpCert, tr(
"Serial #" ),
656 mCurrentQCert.serialNumber(),
658 addFieldItem( mGrpCert, tr(
"Not valid before" ),
659 mCurrentQCert.effectiveDate().toString(),
662 addFieldItem( mGrpCert, tr(
"Not valid after" ),
663 mCurrentQCert.expiryDate().toString(),
666 addFieldItem( mGrpCert, tr(
"Signature algorithm" ),
669 addFieldItem( mGrpCert, tr(
"MD5 fingerprint" ),
672 addFieldItem( mGrpCert, tr(
"SHA1 fingerprint" ),
676 const QStringList crllocs( mCurrentACert.crlLocations() );
677 if ( !crllocs.isEmpty() )
679 addFieldItem( mGrpCert, tr(
"CRL locations" ),
680 crllocs.join( QLatin1Char(
'\n' ) ),
683 const QStringList issulocs( mCurrentACert.issuerLocations() );
684 if ( !issulocs.isEmpty() )
686 addFieldItem( mGrpCert, tr(
"Issuer locations" ),
687 issulocs.join( QLatin1Char(
'\n' ) ),
690 const QStringList ocsplocs( mCurrentACert.ocspLocations() );
691 if ( !ocsplocs.isEmpty() )
693 addFieldItem( mGrpCert, tr(
"OCSP locations" ),
694 ocsplocs.join( QLatin1Char(
'\n' ) ),
700 const QSslKey pubqkey( mCurrentQCert.publicKey() );
701 const QString alg( pubqkey.algorithm() == QSsl::Rsa ?
"RSA" :
"DSA" );
702 const int bitsize( pubqkey.length() );
703 addFieldItem( mGrpPkey, tr(
"Algorithm" ),
704 bitsize == -1 ? QStringLiteral(
"Unknown (possibly Elliptic Curve)" ) : alg,
706 addFieldItem( mGrpPkey, tr(
"Key size" ),
707 bitsize == -1 ? QStringLiteral(
"?" ) : QString::number( bitsize ),
711 const QCA::PublicKey pubakey( mCurrentACert.subjectPublicKey() );
713 if ( pubqkey.algorithm() == QSsl::Rsa )
715 const QCA::RSAPublicKey rsakey( pubakey.toRSA() );
716 const QCA::BigInteger modulus = rsakey.n();
717 QByteArray modarray( modulus.toArray().toByteArray().toHex() );
718 if ( modarray.size() > 2 && modarray.mid( 0, 2 ) == QByteArray(
"00" ) )
720 modarray = modarray.mid( 2 );
722 const QCA::BigInteger exponent = rsakey.e();
723 addFieldItem( mGrpPkey, tr(
"Public key" ),
726 addFieldItem( mGrpPkey, tr(
"Exponent" ),
740 if ( pubakey.canVerify() )
742 usage.append( tr(
"Verify" ) );
746 if ( pubakey.canEncrypt() )
748 usage.append( tr(
"Encrypt" ) );
750 #if QCA_VERSION >= 0x020100
751 if ( pubakey.canDecrypt() )
753 usage.append( tr(
"Decrypt" ) );
756 if ( pubakey.canKeyAgree() )
758 usage.append( tr(
"Key agreement" ) );
760 if ( pubakey.canExport() )
762 usage.append( tr(
"Export" ) );
764 if ( !usage.isEmpty() )
766 addFieldItem( mGrpPkey, tr(
"Key usage" ),
767 usage.join( QLatin1String(
", " ) ),
773 QStringList basicconst;
774 basicconst << tr(
"Certificate Authority: %1" ).arg( mCurrentACert.isCA() ? tr(
"Yes" ) : tr(
"No" ) )
775 << tr(
"Chain Path Limit: %1" ).arg( mCurrentACert.pathLimit() );
776 addFieldItem( mGrpExts, tr(
"Basic constraints" ),
777 basicconst.join( QLatin1Char(
'\n' ) ),
780 QStringList keyusage;
781 QStringList extkeyusage;
782 const QList<QCA::ConstraintType> certconsts = mCurrentACert.constraints();
783 const auto constCertconsts = certconsts;
784 for (
const QCA::ConstraintType &certconst : constCertconsts )
786 if ( certconst.section() == QCA::ConstraintType::KeyUsage )
790 else if ( certconst.section() == QCA::ConstraintType::ExtendedKeyUsage )
795 if ( !keyusage.isEmpty() )
797 addFieldItem( mGrpExts, tr(
"Key usage" ),
798 keyusage.join( QLatin1Char(
'\n' ) ),
801 if ( !extkeyusage.isEmpty() )
803 addFieldItem( mGrpExts, tr(
"Extended key usage" ),
804 extkeyusage.join( QLatin1Char(
'\n' ) ),
808 addFieldItem( mGrpExts, tr(
"Subject key ID" ),
811 addFieldItem( mGrpExts, tr(
"Authority key ID" ),
816 void QgsAuthCertInfo::populateInfoPemTextSection()
818 removeChildren_( mSecPemText );
820 if ( mCurrentQCert.isNull() )
823 QTreeWidgetItem *item =
new QTreeWidgetItem(
825 QStringList( QString() ),
826 static_cast<int>( DetailsField ) );
828 item->setFirstColumnSpanned(
true );
830 QPlainTextEdit *pte =
new QPlainTextEdit( mCurrentQCert.toPem(), treeDetails );
831 pte->setReadOnly(
true );
832 pte->setMinimumHeight( 150 );
833 pte->setMaximumHeight( 150 );
834 pte->moveCursor( QTextCursor::Start );
835 item->treeWidget()->setItemWidget( item, 0, pte );
838 void QgsAuthCertInfo::btnSaveTrust_clicked()
843 QgsDebugMsg( QStringLiteral(
"Could not set trust policy for certificate" ) );
845 mCurrentTrustPolicy = newpolicy;
846 decorateCertTreeItem( mCurrentQCert, newpolicy,
nullptr );
847 btnSaveTrust->setEnabled(
false );
851 mTrustCacheRebuilt =
true;
855 void QgsAuthCertInfo::currentPolicyIndexChanged(
int indx )
858 btnSaveTrust->setEnabled( newpolicy != mCurrentTrustPolicy );
861 void QgsAuthCertInfo::decorateCertTreeItem(
const QSslCertificate &cert,
863 QTreeWidgetItem *item )
867 item = treeHierarchy->currentItem();
878 QBrush b( item->foreground( 0 ) );
879 b.setColor( QColor::fromRgb( 90, 90, 90 ) );
880 item->setForeground( 0, b );
881 QFont f( item->font( 0 ) );
883 item->setFont( 0, f );
912 bool manageCertTrust,
914 const QList<QSslCertificate> &connectionCAs )
918 setWindowTitle( tr(
"Certificate Information" ) );
919 QVBoxLayout *layout =
new QVBoxLayout(
this );
920 layout->setContentsMargins( 6, 6, 6, 6 );
922 mCertInfoWdgt =
new QgsAuthCertInfo( cert, manageCertTrust,
this, connectionCAs );
923 layout->addWidget( mCertInfoWdgt );
925 QDialogButtonBox *buttonBox =
new QDialogButtonBox( QDialogButtonBox::Close,
926 Qt::Horizontal,
this );
927 buttonBox->button( QDialogButtonBox::Close )->setDefault(
true );
928 connect( buttonBox, &QDialogButtonBox::rejected,
this, &QWidget::close );
929 layout->addWidget( buttonBox );
static QIcon getThemeIcon(const QString &name, const QColor &fillColor=QColor(), const QColor &strokeColor=QColor())
Helper to get a theme icon.
static QgsAuthManager * authManager()
Returns the application's authentication manager instance.
QgsAuthCertInfoDialog(const QSslCertificate &cert, bool manageCertTrust, QWidget *parent=nullptr, const QList< QSslCertificate > &connectionCAs=QList< QSslCertificate >())
Construct a dialog displaying detailed info on a certificate and its hierarchical trust chain.
Widget for viewing detailed info on a certificate and its hierarchical trust chain.
QgsAuthCertInfo(const QSslCertificate &cert, bool manageCertTrust=false, QWidget *parent=nullptr, const QList< QSslCertificate > &connectionCAs=QList< QSslCertificate >())
Constructor for QgsAuthCertInfo.
Utilities for working with certificates and keys.
static QString qcaValidityMessage(QCA::Validity validity)
Certificate validity check messages per enum.
static QList< QgsAuthCertUtils::CertUsageType > certificateUsageTypes(const QSslCertificate &cert)
Try to determine the certificates usage types.
static QString qcaSignatureAlgorithm(QCA::SignatureAlgorithm algorithm)
Certificate signature algorithm strings per enum.
static QString resolvedCertName(const QSslCertificate &cert, bool issuer=false)
Gets the general name via RFC 5280 resolution.
static QString certificateUsageTypeString(QgsAuthCertUtils::CertUsageType usagetype)
Certificate usage type strings per enum.
static QString shaHexForCert(const QSslCertificate &cert, bool formatted=false)
Gets the sha1 hash for certificate.
CertTrustPolicy
Type of certificate trust policy.
static QString qcaKnownConstraint(QCA::ConstraintTypeKnown constraint)
Certificate well-known constraint strings per enum.
static bool certIsViable(const QSslCertificate &cert)
certIsViable checks for viability errors of cert and whether it is NULL
static QString getColonDelimited(const QString &txt)
Gets string with colon delimiters every 2 characters.
static QString getCaSourceName(QgsAuthCertUtils::CaCertSource source, bool single=false)
Gets the general name for CA source enum type.
static QString getCertDistinguishedName(const QSslCertificate &qcert, const QCA::Certificate &acert=QCA::Certificate(), bool issuer=false)
Gets combined distinguished name for certificate.
static QString redTextStyleSheet(const QString &selector="*")
Red text stylesheet representing invalid, untrusted, etc. certificate.
static QColor redColor()
Red color representing invalid, untrusted, etc. certificate.
QgsAuthCertUtils::CertTrustPolicy defaultCertTrustPolicy()
Gets the default certificate trust policy preferred by user.
bool rebuildCertTrustCache()
Rebuild certificate authority cache.
const QMap< QString, QPair< QgsAuthCertUtils::CaCertSource, QSslCertificate > > caCertsCache()
caCertsCache get all CA certs mapped to their sha1 from cache.
bool rebuildTrustedCaCertsCache()
Rebuild trusted certificate authorities cache.
#define SSL_SUBJECT_INFO(var, prop)
#define SSL_ISSUER_INFO(var, prop)