18#ifndef QGSAUTHCERTUTILS_H
19#define QGSAUTHCERTUTILS_H
24#include <QSslCertificate>
32#define SSL_ISSUER_INFO( var, prop ) var.issuerInfo( prop ).value(0)
34#define SSL_SUBJECT_INFO( var, prop ) var.subjectInfo( prop ).value(0)
64 UndeterminedUsage = 0,
86 static QString getSslProtocolName( QSsl::SslProtocol protocol );
89 static QMap<QString, QSslCertificate> mapDigestToCerts(
const QList<QSslCertificate> &certs );
95 static QMap< QString, QList<QSslCertificate> > certsGroupedByOrg(
const QList<QSslCertificate> &certs )
SIP_SKIP;
100 static QMap<QString, QgsAuthConfigSslServer> mapDigestToSslConfigs(
const QList<QgsAuthConfigSslServer> &configs );
106 static QMap< QString, QList<QgsAuthConfigSslServer> > sslConfigsGroupedByOrg(
const QList<QgsAuthConfigSslServer> &configs )
SIP_SKIP;
113 static QByteArray fileData(
const QString &path );
116 static QList<QSslCertificate> certsFromFile(
const QString &certspath );
119 static QList<QSslCertificate> casFromFile(
const QString &certspath );
122 static QSslCertificate certFromFile(
const QString &certpath );
131 static QList<QSslCertificate> casMerge(
const QList<QSslCertificate> &bundle1,
132 const QList<QSslCertificate> &bundle2 );
140 static QSslKey keyFromFile(
const QString &keypath,
141 const QString &keypass = QString(),
142 QString *algtype =
nullptr );
145 static QList<QSslCertificate> certsFromString(
const QString &pemtext );
153 static QList<QSslCertificate> casRemoveSelfSigned(
const QList<QSslCertificate> &caList );
163 static QStringList certKeyBundleToPem(
const QString &certpath,
164 const QString &keypath,
165 const QString &keypass = QString(),
166 bool reencrypt =
true );
173 static bool pemIsPkcs8(
const QString &keyPemTxt );
190 static QByteArray pkcs8PrivateKey( QByteArray &pkcs8Der )
SIP_SKIP;
200 static QStringList pkcs12BundleToPem(
const QString &bundlepath,
201 const QString &bundlepass = QString(),
202 bool reencrypt =
true );
210 static QList<QSslCertificate> pkcs12BundleCas(
const QString &bundlepath,
211 const QString &bundlepass = QString() );
219 static QByteArray certsToPemText(
const QList<QSslCertificate> &certs );
227 static QString pemTextToTempFile(
const QString &name,
const QByteArray &pemtext );
237 static QString resolvedCertName(
const QSslCertificate &cert,
bool issuer =
false );
246 static QString getCertDistinguishedName(
const QSslCertificate &qcert,
247 const QCA::Certificate &acert = QCA::Certificate(),
254 static QString getColonDelimited( const QString &txt );
261 static QString shaHexForCert( const QSslCertificate &cert,
bool formatted = false );
267 static
QCA::Certificate qtCertToQcaCert( const QSslCertificate &cert )
SIP_SKIP;
273 static
QCA::CertificateCollection qtCertsToQcaCollection( const QList<QSslCertificate> &certs )
SIP_SKIP;
279 static
QCA::KeyBundle qcaKeyBundle( const QString &path, const QString &pass )
SIP_SKIP;
285 static QString qcaValidityMessage(
QCA::Validity validity )
SIP_SKIP;
297 static QString qcaKnownConstraint(
QCA::ConstraintTypeKnown constraint )
SIP_SKIP;
306 static QList<
QgsAuthCertUtils::CertUsageType> certificateUsageTypes( const QSslCertificate &cert );
309 static
bool certificateIsAuthority( const QSslCertificate &cert );
312 static
bool certificateIsIssuer( const QSslCertificate &cert );
315 static
bool certificateIsAuthorityOrIssuer( const QSslCertificate &cert );
318 static
bool certificateIsSslServer( const QSslCertificate &cert );
321 static
bool certificateIsSslClient( const QSslCertificate &cert );
324 static QString sslErrorEnumString( QSslError::SslError errenum );
330 static QList<QPair<QSslError::SslError, QString> > sslErrorEnumStrings()
SIP_SKIP;
336 static
bool certIsCurrent( const QSslCertificate &cert );
343 static QList<QSslError> certViabilityErrors( const QSslCertificate &cert );
350 static
bool certIsViable( const QSslCertificate &cert );
359 static QList<QSslError> validateCertChain( const QList<QSslCertificate> &certificateChain,
360 const QString &hostName = QString(),
361 bool trustRootCa = false ) ;
372 static QStringList validatePKIBundle(
QgsPkiBundle &bundle,
bool useIntermediates = true,
bool trustRootCa = false );
375 static
void appendDirSegment_( QStringList &dirname, const QString &
segment, QString value );
377 static QSsl::EncodingFormat sniffEncoding( const QByteArray &payload );
Utilities for working with certificates and keys.
CertTrustPolicy
Type of certificate trust policy.
ConstraintGroup
Type of certificate key group.
CertUsageType
Type of certificate usage.
CaCertSource
Type of CA certificate source.
Configuration container for SSL server connection exceptions or overrides.
Storage set for PKI bundle: SSL certificate, key, optional CA cert chain.
As part of the API refactoring and improvements which landed in the Processing API was substantially reworked from the x version This was done in order to allow much of the underlying Processing framework to be ported into allowing algorithms to be written in pure substantial changes are required in order to port existing x Processing algorithms for QGIS x The most significant changes are outlined not GeoAlgorithm For algorithms which operate on features one by consider subclassing the QgsProcessingFeatureBasedAlgorithm class This class allows much of the boilerplate code for looping over features from a vector layer to be bypassed and instead requires implementation of a processFeature method Ensure that your algorithm(or algorithm 's parent class) implements the new pure virtual createInstance(self) call
QLineF segment(int index, QRectF rect, double radius)