19 #include "ui_qgsauthcertificateinfo.h" 22 #include <QDialogButtonBox> 24 #include <QPlainTextEdit> 25 #include <QPushButton> 35 static void setItemBold_( QTreeWidgetItem *item )
37 item->setFirstColumnSpanned(
true );
38 QFont secf( item->font( 0 ) );
40 item->setFont( 0, secf );
43 static void removeChildren_( QTreeWidgetItem *item )
45 Q_FOREACH ( QTreeWidgetItem *child, item->takeChildren() )
54 const QList<QSslCertificate> &connectionCAs )
56 , mConnectionCAs( connectionCAs )
57 , mDefaultItemForeground( QBrush() )
58 , mManageTrust( manageCertTrust )
59 , mTrustCacheRebuilt( false )
66 mAuthNotifyLayout =
new QVBoxLayout;
67 this->setLayout( mAuthNotifyLayout );
69 mAuthNotifyLayout->addWidget( mAuthNotify );
74 connect( btnSaveTrust, &QToolButton::clicked,
this, &QgsAuthCertInfo::btnSaveTrust_clicked );
76 lblError->setHidden(
true );
78 treeHierarchy->setRootIsDecorated(
false );
80 connect( treeHierarchy, &QTreeWidget::currentItemChanged,
81 this, &QgsAuthCertInfo::currentCertItemChanged );
85 setUpCertDetailsTree();
87 grpbxTrust->setVisible( mManageTrust );
94 res = populateQcaCertCollection();
96 res = setQcaCertificate( cert );
98 res = populateCertChain();
102 connect( cmbbxTrust,
static_cast<void ( QComboBox::* )(
int )
>( &QComboBox::currentIndexChanged ),
103 this, &QgsAuthCertInfo::currentPolicyIndexChanged );
107 void QgsAuthCertInfo::setupError(
const QString &msg )
109 lblError->setVisible(
true );
110 QString out = tr(
"<b>Setup ERROR:</b>\n\n" );
112 lblError->setText( out );
116 void QgsAuthCertInfo::currentCertItemChanged( QTreeWidgetItem *current, QTreeWidgetItem *previous )
118 Q_UNUSED( previous );
119 updateCurrentCert( current );
122 void QgsAuthCertInfo::updateCurrentCert( QTreeWidgetItem *item )
125 item = treeHierarchy->currentItem();
129 int indx( item->data( 0, Qt::UserRole ).toInt() );
130 updateCurrentCertInfo( indx );
133 bool QgsAuthCertInfo::populateQcaCertCollection()
135 const QList<QPair<QgsAuthCertUtils::CaCertSource, QSslCertificate> > &certpairs( mCaCertsCache.values() );
136 for (
int i = 0; i < certpairs.size(); ++i )
138 QCA::ConvertResult res;
139 QCA::Certificate acert = QCA::Certificate::fromPEM( certpairs.at( i ).second.toPem(), &res, QStringLiteral(
"qca-ossl" ) );
140 if ( res == QCA::ConvertGood && !acert.isNull() )
142 mCaCerts.addCertificate( acert );
145 if ( !mConnectionCAs.isEmpty() )
147 Q_FOREACH (
const QSslCertificate &cert, mConnectionCAs )
149 QCA::ConvertResult res;
150 QCA::Certificate acert = QCA::Certificate::fromPEM( cert.toPem(), &res, QStringLiteral(
"qca-ossl" ) );
151 if ( res == QCA::ConvertGood && !acert.isNull() )
153 mCaCerts.addCertificate( acert );
158 if ( mCaCerts.certificates().empty() )
160 setupError( tr(
"Could not populate QCA certificate collection" ) );
166 bool QgsAuthCertInfo::setQcaCertificate(
const QSslCertificate &cert )
168 QCA::ConvertResult res;
169 mCert = QCA::Certificate::fromPEM( cert.toPem(), &res, QStringLiteral(
"qca-ossl" ) );
170 if ( res != QCA::ConvertGood || mCert.isNull() )
172 setupError( tr(
"Could not set QCA certificate" ) );
178 bool QgsAuthCertInfo::populateCertChain()
180 QCA::CertificateChain certchain( mCert );
182 mACertChain = certchain.complete( mCaCerts.certificates(), &valid );
183 if ( valid != QCA::ValidityGood && valid != QCA::ErrorInvalidCA )
186 setupError( tr(
"Invalid population of QCA certificate chain.<br><br>" 191 if ( mACertChain.isEmpty() )
193 QgsDebugMsg( QStringLiteral(
"Could not populate QCA certificate chain" ) );
194 mACertChain = certchain;
197 if ( !mACertChain.last().isSelfSigned() )
200 mACertChain.append( QCA::Certificate() );
204 Q_FOREACH ( QCA::Certificate cert, mACertChain )
206 QSslCertificate qcert;
207 if ( !cert.isNull() )
209 qcert = QSslCertificate( cert.toPEM().toLatin1() );
211 mQCertChain.append( qcert );
216 void QgsAuthCertInfo::setCertHierarchy()
218 QListIterator<QSslCertificate> it( mQCertChain );
220 int i = mQCertChain.size();
221 QTreeWidgetItem *item =
nullptr;
222 QTreeWidgetItem *previtem =
nullptr;
223 while ( it.hasPrevious() )
225 QSslCertificate cert( it.previous() );
226 bool missingCA = cert.isNull();
228 if ( missingCA && it.hasPrevious() )
231 cert_source += QStringLiteral(
" (%1)" ).arg( tr(
"Missing CA" ) );
237 if ( mCaCertsCache.contains( sha ) )
239 const QPair<QgsAuthCertUtils::CaCertSource, QSslCertificate > &certpair( mCaCertsCache.value( sha ) );
242 else if ( mConnectionCAs.contains( cert ) )
244 cert_source += QStringLiteral(
" (%1)" )
251 item =
new QTreeWidgetItem( treeHierarchy, QStringList() << cert_source );
255 item =
new QTreeWidgetItem( previtem, QStringList() << cert_source );
257 if ( missingCA && it.hasPrevious() )
259 item->setFlags( Qt::ItemIsEnabled | Qt::ItemIsSelectable );
262 item->setData( 0, Qt::UserRole, --i );
264 if ( mDefaultItemForeground.style() == Qt::NoBrush )
266 mDefaultItemForeground = item->foreground( 0 );
271 item->setFirstColumnSpanned(
true );
273 treeHierarchy->addTopLevelItem( item );
276 treeHierarchy->setCurrentItem( item, 0, QItemSelectionModel::ClearAndSelect );
277 treeHierarchy->expandAll();
280 void QgsAuthCertInfo::updateCurrentCertInfo(
int chainindx )
282 btnSaveTrust->setEnabled(
false );
284 mCurrentQCert = mQCertChain.at( chainindx );
285 mCurrentACert = mACertChain.at( chainindx );
289 grpbxTrust->setHidden( mCurrentQCert.isNull() );
292 if ( !mCurrentQCert.isNull() )
295 mCurrentTrustPolicy = trustpolicy;
297 cmbbxTrust->setTrustPolicy( trustpolicy );
307 void QgsAuthCertInfo::setUpCertDetailsTree()
309 treeDetails->setColumnCount( 2 );
310 treeDetails->setHeaderLabels( QStringList() << tr(
"Field" ) << tr(
"Value" ) );
311 treeDetails->setColumnWidth( 0, 200 );
313 QTreeWidgetItem *headeritem = treeDetails->headerItem();
314 headeritem->setTextAlignment( 0, Qt::AlignRight );
315 headeritem->setTextAlignment( 1, Qt::AlignLeft );
317 treeDetails->setRootIsDecorated(
true );
318 treeDetails->setWordWrap(
true );
321 mSecGeneral =
new QTreeWidgetItem(
323 QStringList( tr(
"General" ) ),
324 static_cast<int>( DetailsSection ) );
325 setItemBold_( mSecGeneral );
326 mSecGeneral->setFirstColumnSpanned(
true );
327 mSecGeneral->setFlags( Qt::ItemIsEnabled );
328 mSecGeneral->setExpanded(
true );
329 treeDetails->insertTopLevelItem( 0, mSecGeneral );
331 mSecDetails =
new QTreeWidgetItem(
333 QStringList( tr(
"Details" ) ),
334 static_cast<int>( DetailsSection ) );
335 setItemBold_( mSecDetails );
336 mSecDetails->setFirstColumnSpanned(
true );
337 mSecDetails->setFlags( Qt::ItemIsEnabled );
338 mSecDetails->setExpanded(
false );
339 treeDetails->insertTopLevelItem( 0, mSecDetails );
342 mGrpSubj = addGroupItem( mSecDetails, tr(
"Subject Info" ) );
343 mGrpIssu = addGroupItem( mSecDetails, tr(
"Issuer Info" ) );
344 mGrpCert = addGroupItem( mSecDetails, tr(
"Certificate Info" ) );
345 mGrpPkey = addGroupItem( mSecDetails, tr(
"Public Key Info" ) );
346 mGrpExts = addGroupItem( mSecDetails, tr(
"Extensions" ) );
348 mSecPemText =
new QTreeWidgetItem(
350 QStringList( tr(
"PEM Text" ) ),
351 static_cast<int>( DetailsSection ) );
352 setItemBold_( mSecPemText );
353 mSecPemText->setFirstColumnSpanned(
true );
354 mSecPemText->setFlags( Qt::ItemIsEnabled );
355 mSecPemText->setExpanded(
false );
356 treeDetails->insertTopLevelItem( 0, mSecPemText );
359 void QgsAuthCertInfo::populateCertInfo()
361 mSecDetails->setHidden(
false );
362 mSecPemText->setHidden(
false );
364 populateInfoGeneralSection();
365 populateInfoDetailsSection();
366 populateInfoPemTextSection();
369 QTreeWidgetItem *QgsAuthCertInfo::addGroupItem( QTreeWidgetItem *parent,
const QString &group )
371 QTreeWidgetItem *grpitem =
new QTreeWidgetItem(
373 QStringList( group ),
374 static_cast<int>( DetailsGroup ) );
376 grpitem->setFirstColumnSpanned(
true );
377 grpitem->setFlags( Qt::ItemIsEnabled );
378 grpitem->setExpanded(
true );
380 QBrush orgb( grpitem->foreground( 0 ) );
381 orgb.setColor( QColor::fromRgb( 90, 90, 90 ) );
382 grpitem->setForeground( 0, orgb );
383 QFont grpf( grpitem->font( 0 ) );
384 grpf.setItalic(
true );
385 grpitem->setFont( 0, grpf );
390 void QgsAuthCertInfo::addFieldItem( QTreeWidgetItem *parent,
const QString &field,
const QString &value,
391 QgsAuthCertInfo::FieldWidget wdgt,
const QColor &color )
393 if ( value.isEmpty() )
396 QTreeWidgetItem *item =
new QTreeWidgetItem(
398 QStringList() << field << ( wdgt == NoWidget ? value : QString() ),
399 static_cast<int>( DetailsField ) );
401 item->setTextAlignment( 0, Qt::AlignRight );
402 item->setTextAlignment( 1, Qt::AlignLeft );
404 QBrush fieldb( item->foreground( 0 ) );
405 fieldb.setColor( QColor::fromRgb( 90, 90, 90 ) );
406 item->setForeground( 0, fieldb );
408 if ( wdgt == NoWidget )
410 if ( color.isValid() )
412 QBrush valueb( item->foreground( 1 ) );
413 valueb.setColor( color );
414 item->setForeground( 1, valueb );
417 else if ( wdgt == LineEdit )
419 QLineEdit *le =
new QLineEdit( value, treeDetails );
420 le->setReadOnly(
true );
421 le->setAlignment( Qt::AlignLeft );
422 le->setCursorPosition( 0 );
423 if ( color.isValid() )
425 le->setStyleSheet( QStringLiteral(
"QLineEdit { color: %1; }" ).arg( color.name() ) );
427 item->treeWidget()->setItemWidget( item, 1, le );
429 else if ( wdgt == TextEdit )
431 QPlainTextEdit *pte =
new QPlainTextEdit( value, treeDetails );
432 pte->setReadOnly(
true );
433 pte->setMinimumHeight( 75 );
434 pte->setMaximumHeight( 75 );
435 pte->moveCursor( QTextCursor::Start );
436 if ( color.isValid() )
438 pte->setStyleSheet( QStringLiteral(
"QPlainTextEdit { color: %1; }" ).arg( color.name() ) );
440 item->treeWidget()->setItemWidget( item, 1, pte );
445 void QgsAuthCertInfo::populateInfoGeneralSection()
447 removeChildren_( mSecGeneral );
449 if ( mCurrentQCert.isNull() )
451 addFieldItem( mSecGeneral, tr(
"Type" ),
452 tr(
"Missing CA (incomplete local CA chain)" ),
454 mSecGeneral->setExpanded(
true );
455 mSecDetails->setHidden(
true );
456 mSecPemText->setHidden(
true );
461 bool isselfsigned = mCurrentACert.isSelfSigned();
462 QString selfsigned( tr(
"self-signed" ) );
464 QList<QgsAuthCertUtils::CertUsageType> usagetypes(
479 if ( isissuer || ( isca && !isselfsigned ) )
483 if ( ( isissuer || isca ) && isselfsigned )
485 certype = QStringLiteral(
"%1 %2" )
491 certype.append( certype.isEmpty() ? selfsigned : QStringLiteral(
" (%1)" ).arg( selfsigned ) );
494 addFieldItem( mSecGeneral, tr(
"Usage type" ),
497 addFieldItem( mSecGeneral, tr(
"Subject" ),
500 addFieldItem( mSecGeneral, tr(
"Issuer" ),
503 addFieldItem( mSecGeneral, tr(
"Not valid after" ),
504 mCurrentQCert.expiryDate().toString(),
508 QSslKey pubkey( mCurrentQCert.publicKey() );
509 QString alg( pubkey.algorithm() == QSsl::Rsa ?
"RSA" :
"DSA" );
510 int bitsize( pubkey.length() );
511 addFieldItem( mSecGeneral, tr(
"Public key" ),
512 QStringLiteral(
"%1, %2 bits" ).arg( alg, bitsize == -1 ? QStringLiteral(
"?" ) : QString::number( bitsize ) ),
514 addFieldItem( mSecGeneral, tr(
"Signature algorithm" ),
519 void QgsAuthCertInfo::populateInfoDetailsSection()
521 removeChildren_( mGrpSubj );
522 removeChildren_( mGrpIssu );
523 removeChildren_( mGrpCert );
524 removeChildren_( mGrpPkey );
525 removeChildren_( mGrpExts );
527 if ( mCurrentQCert.isNull() )
531 addFieldItem( mGrpSubj, tr(
"Country (C)" ),
534 addFieldItem( mGrpSubj, tr(
"State/Province (ST)" ),
537 addFieldItem( mGrpSubj, tr(
"Locality (L)" ),
540 addFieldItem( mGrpSubj, tr(
"Organization (O)" ),
543 addFieldItem( mGrpSubj, tr(
"Organizational unit (OU)" ),
546 addFieldItem( mGrpSubj, tr(
"Common name (CN)" ),
549 addFieldItem( mGrpSubj, tr(
"Email address (E)" ),
550 mCurrentACert.subjectInfo().value( QCA::Email ),
552 addFieldItem( mGrpSubj, tr(
"Distinguished name" ),
555 addFieldItem( mGrpSubj, tr(
"Email Legacy" ),
556 mCurrentACert.subjectInfo().value( QCA::EmailLegacy ),
558 addFieldItem( mGrpSubj, tr(
"Incorporation Country" ),
559 mCurrentACert.subjectInfo().value( QCA::IncorporationCountry ),
561 addFieldItem( mGrpSubj, tr(
"Incorporation State/Province" ),
562 mCurrentACert.subjectInfo().value( QCA::IncorporationState ),
564 addFieldItem( mGrpSubj, tr(
"Incorporation Locality" ),
565 mCurrentACert.subjectInfo().value( QCA::IncorporationLocality ),
567 addFieldItem( mGrpSubj, tr(
"URI" ),
568 mCurrentACert.subjectInfo().value( QCA::URI ),
570 addFieldItem( mGrpSubj, tr(
"DNS" ),
571 mCurrentACert.subjectInfo().value( QCA::DNS ),
573 addFieldItem( mGrpSubj, tr(
"IP Address" ),
574 mCurrentACert.subjectInfo().value( QCA::IPAddress ),
576 addFieldItem( mGrpSubj, tr(
"XMPP" ),
577 mCurrentACert.subjectInfo().value( QCA::XMPP ),
580 QMultiMap<QSsl::AlternateNameEntryType, QString> alts( mCurrentQCert.alternateSubjectNames() );
581 QStringList altslist;
582 QString email( tr(
"Email: " ) );
583 QStringList emails( alts.values( QSsl::EmailEntry ) );
584 if ( !emails.isEmpty() )
586 altslist << email + emails.join(
'\n' + email );
588 QString dns( tr(
"DNS: " ) );
589 QStringList dnss( alts.values( QSsl::DnsEntry ) );
590 if ( !dnss.isEmpty() )
592 altslist << dns + dnss.join(
'\n' + dns );
594 addFieldItem( mGrpSubj, tr(
"Alternate names" ),
595 altslist.join( QStringLiteral(
"\n" ) ),
599 addFieldItem( mGrpIssu, tr(
"Country (C)" ),
602 addFieldItem( mGrpIssu, tr(
"State/Province (ST)" ),
603 SSL_ISSUER_INFO( mCurrentQCert, QSslCertificate::StateOrProvinceName ),
605 addFieldItem( mGrpIssu, tr(
"Locality (L)" ),
608 addFieldItem( mGrpIssu, tr(
"Organization (O)" ),
611 addFieldItem( mGrpIssu, tr(
"Organizational unit (OU)" ),
612 SSL_ISSUER_INFO( mCurrentQCert, QSslCertificate::OrganizationalUnitName ),
614 addFieldItem( mGrpIssu, tr(
"Common name (CN)" ),
617 addFieldItem( mGrpIssu, tr(
"Email address (E)" ),
618 mCurrentACert.issuerInfo().value( QCA::Email ),
620 addFieldItem( mGrpIssu, tr(
"Distinguished name" ),
623 addFieldItem( mGrpIssu, tr(
"Email Legacy" ),
624 mCurrentACert.issuerInfo().value( QCA::EmailLegacy ),
626 addFieldItem( mGrpIssu, tr(
"Incorporation Country" ),
627 mCurrentACert.issuerInfo().value( QCA::IncorporationCountry ),
629 addFieldItem( mGrpIssu, tr(
"Incorporation State/Province" ),
630 mCurrentACert.issuerInfo().value( QCA::IncorporationState ),
632 addFieldItem( mGrpIssu, tr(
"Incorporation Locality" ),
633 mCurrentACert.issuerInfo().value( QCA::IncorporationLocality ),
635 addFieldItem( mGrpIssu, tr(
"URI" ),
636 mCurrentACert.issuerInfo().value( QCA::URI ),
638 addFieldItem( mGrpIssu, tr(
"DNS" ),
639 mCurrentACert.issuerInfo().value( QCA::DNS ),
641 addFieldItem( mGrpIssu, tr(
"IP Address" ),
642 mCurrentACert.issuerInfo().value( QCA::IPAddress ),
644 addFieldItem( mGrpIssu, tr(
"XMPP" ),
645 mCurrentACert.issuerInfo().value( QCA::XMPP ),
649 addFieldItem( mGrpCert, tr(
"Version" ),
650 mCurrentQCert.version(),
652 addFieldItem( mGrpCert, tr(
"Serial #" ),
653 mCurrentQCert.serialNumber(),
655 addFieldItem( mGrpCert, tr(
"Not valid before" ),
656 mCurrentQCert.effectiveDate().toString(),
659 addFieldItem( mGrpCert, tr(
"Not valid after" ),
660 mCurrentQCert.expiryDate().toString(),
663 addFieldItem( mGrpCert, tr(
"Signature algorithm" ),
666 addFieldItem( mGrpCert, tr(
"MD5 fingerprint" ),
669 addFieldItem( mGrpCert, tr(
"SHA1 fingerprint" ),
673 QStringList crllocs( mCurrentACert.crlLocations() );
674 if ( !crllocs.isEmpty() )
676 addFieldItem( mGrpCert, tr(
"CRL locations" ),
677 crllocs.join( QStringLiteral(
"\n" ) ),
680 QStringList issulocs( mCurrentACert.issuerLocations() );
681 if ( !issulocs.isEmpty() )
683 addFieldItem( mGrpCert, tr(
"Issuer locations" ),
684 issulocs.join( QStringLiteral(
"\n" ) ),
687 QStringList ocsplocs( mCurrentACert.ocspLocations() );
688 if ( !ocsplocs.isEmpty() )
690 addFieldItem( mGrpCert, tr(
"OCSP locations" ),
691 ocsplocs.join( QStringLiteral(
"\n" ) ),
697 QSslKey pubqkey( mCurrentQCert.publicKey() );
698 QString alg( pubqkey.algorithm() == QSsl::Rsa ?
"RSA" :
"DSA" );
699 int bitsize( pubqkey.length() );
700 addFieldItem( mGrpPkey, tr(
"Algorithm" ),
701 bitsize == -1 ? QStringLiteral(
"Unknown (possibly Elliptic Curve)" ) : alg,
703 addFieldItem( mGrpPkey, tr(
"Key size" ),
704 bitsize == -1 ? QStringLiteral(
"?" ) : QString::number( bitsize ),
708 QCA::PublicKey pubakey( mCurrentACert.subjectPublicKey() );
710 if ( pubqkey.algorithm() == QSsl::Rsa )
712 QCA::RSAPublicKey rsakey( pubakey.toRSA() );
713 QCA::BigInteger modulus = rsakey.n();
714 QByteArray modarray( modulus.toArray().toByteArray().toHex() );
715 if ( modarray.size() > 2 && modarray.mid( 0, 2 ) == QByteArray(
"00" ) )
717 modarray = modarray.mid( 2 );
719 QCA::BigInteger exponent = rsakey.e();
720 addFieldItem( mGrpPkey, tr(
"Public key" ),
723 addFieldItem( mGrpPkey, tr(
"Exponent" ),
737 if ( pubakey.canVerify() )
739 usage.append( tr(
"Verify" ) );
743 if ( pubakey.canEncrypt() )
745 usage.append( tr(
"Encrypt" ) );
747 #if QCA_VERSION >= 0x020100 748 if ( pubakey.canDecrypt() )
750 usage.append( tr(
"Decrypt" ) );
753 if ( pubakey.canKeyAgree() )
755 usage.append( tr(
"Key agreement" ) );
757 if ( pubakey.canExport() )
759 usage.append( tr(
"Export" ) );
761 if ( !usage.isEmpty() )
763 addFieldItem( mGrpPkey, tr(
"Key usage" ),
764 usage.join( QStringLiteral(
", " ) ),
770 QStringList basicconst;
771 basicconst << tr(
"Certificate Authority: %1" ).arg( mCurrentACert.isCA() ? tr(
"Yes" ) : tr(
"No" ) )
772 << tr(
"Chain Path Limit: %1" ).arg( mCurrentACert.pathLimit() );
773 addFieldItem( mGrpExts, tr(
"Basic constraints" ),
774 basicconst.join( QStringLiteral(
"\n" ) ),
777 QStringList keyusage;
778 QStringList extkeyusage;
779 QList<QCA::ConstraintType> certconsts = mCurrentACert.constraints();
780 Q_FOREACH (
const QCA::ConstraintType &certconst, certconsts )
782 if ( certconst.section() == QCA::ConstraintType::KeyUsage )
786 else if ( certconst.section() == QCA::ConstraintType::ExtendedKeyUsage )
791 if ( !keyusage.isEmpty() )
793 addFieldItem( mGrpExts, tr(
"Key usage" ),
794 keyusage.join( QStringLiteral(
"\n" ) ),
797 if ( !extkeyusage.isEmpty() )
799 addFieldItem( mGrpExts, tr(
"Extended key usage" ),
800 extkeyusage.join( QStringLiteral(
"\n" ) ),
804 addFieldItem( mGrpExts, tr(
"Subject key ID" ),
807 addFieldItem( mGrpExts, tr(
"Authority key ID" ),
812 void QgsAuthCertInfo::populateInfoPemTextSection()
814 removeChildren_( mSecPemText );
816 if ( mCurrentQCert.isNull() )
819 QTreeWidgetItem *item =
new QTreeWidgetItem(
821 QStringList( QString() ),
822 static_cast<int>( DetailsField ) );
824 item->setFirstColumnSpanned(
true );
826 QPlainTextEdit *pte =
new QPlainTextEdit( mCurrentQCert.toPem(), treeDetails );
827 pte->setReadOnly(
true );
828 pte->setMinimumHeight( 150 );
829 pte->setMaximumHeight( 150 );
830 pte->moveCursor( QTextCursor::Start );
831 item->treeWidget()->setItemWidget( item, 0, pte );
834 void QgsAuthCertInfo::btnSaveTrust_clicked()
839 QgsDebugMsg( QStringLiteral(
"Could not set trust policy for certificate" ) );
841 mCurrentTrustPolicy = newpolicy;
842 decorateCertTreeItem( mCurrentQCert, newpolicy,
nullptr );
843 btnSaveTrust->setEnabled(
false );
847 mTrustCacheRebuilt =
true;
851 void QgsAuthCertInfo::currentPolicyIndexChanged(
int indx )
854 btnSaveTrust->setEnabled( newpolicy != mCurrentTrustPolicy );
857 void QgsAuthCertInfo::decorateCertTreeItem(
const QSslCertificate &cert,
859 QTreeWidgetItem *item )
863 item = treeHierarchy->currentItem();
874 QBrush b( item->foreground( 0 ) );
875 b.setColor( QColor::fromRgb( 90, 90, 90 ) );
876 item->setForeground( 0, b );
877 QFont f( item->font( 0 ) );
879 item->setFont( 0, f );
908 bool manageCertTrust,
910 const QList<QSslCertificate> &connectionCAs )
914 setWindowTitle( tr(
"Certificate Information" ) );
915 QVBoxLayout *layout =
new QVBoxLayout(
this );
916 layout->setMargin( 6 );
918 mCertInfoWdgt =
new QgsAuthCertInfo( cert, manageCertTrust,
this, connectionCAs );
919 layout->addWidget( mCertInfoWdgt );
921 QDialogButtonBox *buttonBox =
new QDialogButtonBox( QDialogButtonBox::Close,
922 Qt::Horizontal,
this );
923 buttonBox->button( QDialogButtonBox::Close )->setDefault(
true );
924 connect( buttonBox, &QDialogButtonBox::rejected,
this, &QWidget::close );
925 layout->addWidget( buttonBox );
bool rebuildTrustedCaCertsCache()
Rebuild trusted certificate authorities cache.
static QString certificateUsageTypeString(QgsAuthCertUtils::CertUsageType usagetype)
Certificate usage type strings per enum.
QgsAuthCertInfo(const QSslCertificate &cert, bool manageCertTrust=false, QWidget *parent=nullptr, const QList< QSslCertificate > &connectionCAs=QList< QSslCertificate >())
Constructor for QgsAuthCertInfo.
static QString qcaKnownConstraint(QCA::ConstraintTypeKnown constraint)
Certificate well-known constraint strings per enum.
Widget for viewing detailed info on a certificate and its hierarchical trust chain.
static QIcon getThemeIcon(const QString &name)
Helper to get a theme icon.
static QList< QgsAuthCertUtils::CertUsageType > certificateUsageTypes(const QSslCertificate &cert)
Try to determine the certificates usage types.
Utilities for working with certificates and keys.
const QMap< QString, QPair< QgsAuthCertUtils::CaCertSource, QSslCertificate > > caCertsCache()
caCertsCache get all CA certs mapped to their sha1 from cache.
static bool certIsViable(const QSslCertificate &cert)
certIsViable checks for viability errors of cert and whether it is NULL
static QColor redColor()
Red color representing invalid, untrusted, etc. certificate.
static QString getCertDistinguishedName(const QSslCertificate &qcert, const QCA::Certificate &acert=QCA::Certificate(), bool issuer=false)
Gets combined distinguished name for certificate.
QgsAuthCertInfoDialog(const QSslCertificate &cert, bool manageCertTrust, QWidget *parent=nullptr, const QList< QSslCertificate > &connectionCAs=QList< QSslCertificate >())
Construct a dialog displaying detailed info on a certificate and its hierarchical trust chain...
bool storeCertTrustPolicy(const QSslCertificate &cert, QgsAuthCertUtils::CertTrustPolicy policy)
Store user trust value for a certificate.
static QString shaHexForCert(const QSslCertificate &cert, bool formatted=false)
Gets the sha1 hash for certificate.
static QgsAuthManager * authManager()
Returns the application's authentication manager instance.
static QString redTextStyleSheet(const QString &selector="*")
Red text stylesheet representing invalid, untrusted, etc. certificate.
#define SSL_SUBJECT_INFO(var, prop)
static QString qcaSignatureAlgorithm(QCA::SignatureAlgorithm algorithm)
Certificate signature algorithm strings per enum.
CertTrustPolicy
Type of certificate trust policy.
static QString getColonDelimited(const QString &txt)
Gets string with colon delimiters every 2 characters.
QgsAuthCertUtils::CertTrustPolicy defaultCertTrustPolicy()
Gets the default certificate trust policy preferred by user.
#define SSL_ISSUER_INFO(var, prop)
static QString getCaSourceName(QgsAuthCertUtils::CaCertSource source, bool single=false)
Gets the general name for CA source enum type.
static QString resolvedCertName(const QSslCertificate &cert, bool issuer=false)
Gets the general name via RFC 5280 resolution.
static QString qcaValidityMessage(QCA::Validity validity)
Certificate validity check messages per enum.
bool rebuildCertTrustCache()
Rebuild certificate authority cache.