QGIS API Documentation 4.0.0-Norrköping (1ddcee3d0e4)
Loading...
Searching...
No Matches
qgsauthcertutils.h
Go to the documentation of this file.
1/***************************************************************************
2 qgsauthcertutils.h
3 ---------------------
4 begin : May 1, 2015
5 copyright : (C) 2015 by Boundless Spatial, Inc. USA
6 author : Larry Shaffer
7 email : lshaffer at boundlessgeo dot com
8 ***************************************************************************
9 * *
10 * This program is free software; you can redistribute it and/or modify *
11 * it under the terms of the GNU General Public License as published by *
12 * the Free Software Foundation; either version 2 of the License, or *
13 * (at your option) any later version. *
14 * *
15 ***************************************************************************/
16
17
18#ifndef QGSAUTHCERTUTILS_H
19#define QGSAUTHCERTUTILS_H
20
21#include "qgsconfig.h"
22
23#include "qgis_core.h"
24#include "qgis_sip.h"
25#include "qgsauthconfig.h"
26
27#include <QFile>
28#include <QSslCertificate>
29#include <QSslError>
30
31#ifdef HAVE_AUTH
32#include <QtCrypto>
33#endif
34
35class QgsAuthConfigSslServer;
36
37#define SSL_ISSUER_INFO( var, prop ) var.issuerInfo( prop ).value( 0 )
38
39#define SSL_SUBJECT_INFO( var, prop ) var.subjectInfo( prop ).value( 0 )
40
45class CORE_EXPORT QgsAuthCertUtils
46{
47 public:
56
65
81
88
89#ifdef HAVE_AUTH
90
92 static QString getSslProtocolName( QSsl::SslProtocol protocol );
93
95 static QMap<QString, QSslCertificate> mapDigestToCerts( const QList<QSslCertificate> &certs );
96
101 static QMap< QString, QList<QSslCertificate> > certsGroupedByOrg( const QList<QSslCertificate> &certs ) SIP_SKIP;
102
106 static QMap<QString, QgsAuthConfigSslServer> mapDigestToSslConfigs( const QList<QgsAuthConfigSslServer> &configs );
107
112 static QMap< QString, QList<QgsAuthConfigSslServer> > sslConfigsGroupedByOrg( const QList<QgsAuthConfigSslServer> &configs ) SIP_SKIP;
113
119 static QByteArray fileData( const QString &path );
120
122 static QList<QSslCertificate> certsFromFile( const QString &certspath );
123
125 static QList<QSslCertificate> casFromFile( const QString &certspath );
126
128 static QSslCertificate certFromFile( const QString &certpath );
129
137 static QList<QSslCertificate> casMerge( const QList<QSslCertificate> &bundle1, const QList<QSslCertificate> &bundle2 );
138
145 static QSslKey keyFromFile( const QString &keypath, const QString &keypass = QString(), QString *algtype = nullptr );
146
148 static QList<QSslCertificate> certsFromString( const QString &pemtext );
149
150
156 static QList<QSslCertificate> casRemoveSelfSigned( const QList<QSslCertificate> &caList );
157
166 static QStringList certKeyBundleToPem( const QString &certpath, const QString &keypath, const QString &keypass = QString(), bool reencrypt = true );
167
173 static bool pemIsPkcs8( const QString &keyPemTxt );
174
175#ifdef Q_OS_MAC
176
190 static QByteArray pkcs8PrivateKey( QByteArray &pkcs8Der ) SIP_SKIP;
191#endif
192
200 static QStringList pkcs12BundleToPem( const QString &bundlepath, const QString &bundlepass = QString(), bool reencrypt = true );
201
208 static QList<QSslCertificate> pkcs12BundleCas( const QString &bundlepath, const QString &bundlepass = QString() );
209
210
216 static QByteArray certsToPemText( const QList<QSslCertificate> &certs );
217
224 static QString pemTextToTempFile( const QString &name, const QByteArray &pemtext );
225
231 static QString getCaSourceName( QgsAuthCertUtils::CaCertSource source, bool single = false );
232
234 static QString resolvedCertName( const QSslCertificate &cert, bool issuer = false );
235
243 static QString getCertDistinguishedName( const QSslCertificate &qcert, const QCA::Certificate &acert = QCA::Certificate(), bool issuer = false ) SIP_SKIP;
244
246 static QString getCertTrustName( QgsAuthCertUtils::CertTrustPolicy trust );
247
249 static QString getColonDelimited( const QString &txt );
250
256 static QString shaHexForCert( const QSslCertificate &cert, bool formatted = false );
257
262 static QCA::Certificate qtCertToQcaCert( const QSslCertificate &cert ) SIP_SKIP;
263
268 static QCA::CertificateCollection qtCertsToQcaCollection( const QList<QSslCertificate> &certs ) SIP_SKIP;
269
274 static QCA::KeyBundle qcaKeyBundle( const QString &path, const QString &pass ) SIP_SKIP;
275
280 static QString qcaValidityMessage( QCA::Validity validity ) SIP_SKIP;
281
286 static QString qcaSignatureAlgorithm( QCA::SignatureAlgorithm algorithm ) SIP_SKIP;
287
292 static QString qcaKnownConstraint( QCA::ConstraintTypeKnown constraint ) SIP_SKIP;
293
298 static QString certificateUsageTypeString( QgsAuthCertUtils::CertUsageType usagetype ) SIP_SKIP;
299
300#ifndef QT_NO_SSL
302 static QList<QgsAuthCertUtils::CertUsageType> certificateUsageTypes( const QSslCertificate &cert );
303
305 static bool certificateIsAuthority( const QSslCertificate &cert );
306
308 static bool certificateIsIssuer( const QSslCertificate &cert );
309
311 static bool certificateIsAuthorityOrIssuer( const QSslCertificate &cert );
312
314 static bool certificateIsSslServer( const QSslCertificate &cert );
315
317 static bool certificateIsSslClient( const QSslCertificate &cert );
318
320 static QString sslErrorEnumString( QSslError::SslError errenum );
321
326 static QList<QPair<QSslError::SslError, QString> > sslErrorEnumStrings() SIP_SKIP;
327
332 static bool certIsCurrent( const QSslCertificate &cert );
333
339 static QList<QSslError> certViabilityErrors( const QSslCertificate &cert );
340
346 static bool certIsViable( const QSslCertificate &cert );
347
355 static QList<QSslError> validateCertChain( const QList<QSslCertificate> &certificateChain, const QString &hostName = QString(), bool trustRootCa = false );
356
357#endif
358
368 static QStringList validatePKIBundle( QgsPkiBundle &bundle, bool useIntermediates = true, bool trustRootCa = false );
369
370 private:
371 static void appendDirSegment_( QStringList &dirname, const QString &segment, QString value );
372
373 static QSsl::EncodingFormat sniffEncoding( const QByteArray &payload );
374#endif
375};
376
377#endif // QGSAUTHCERTUTILS_H
QgsAuthCertUtils
Utilities for working with certificates and keys.
Definition qgsauthcertutils.h:46
QgsAuthCertUtils::CertTrustPolicy
CertTrustPolicy
Type of certificate trust policy.
Definition qgsauthcertutils.h:59
QgsAuthCertUtils::ConstraintGroup
ConstraintGroup
Type of certificate key group.
Definition qgsauthcertutils.h:84
QgsAuthCertUtils::CertUsageType
CertUsageType
Type of certificate usage.
Definition qgsauthcertutils.h:68
QgsAuthCertUtils::CaCertSource
CaCertSource
Type of CA certificate source.
Definition qgsauthcertutils.h:50
QgsAuthConfigSslServer
Configuration container for SSL server connection exceptions or overrides.
Definition qgsauthconfig.h:330
QgsPkiBundle
Storage set for PKI bundle: SSL certificate, key, optional CA cert chain.
Definition qgsauthconfig.h:208
algorithm
As part of the API refactoring and improvements which landed in the Processing API was substantially reworked from the x version This was done in order to allow much of the underlying Processing framework to be ported into allowing algorithms to be written in pure substantial changes are required in order to port existing x Processing algorithms for QGIS x The most significant changes are outlined not GeoAlgorithm For algorithms which operate on features one by consider subclassing the QgsProcessingFeatureBasedAlgorithm class This class allows much of the boilerplate code for looping over features from a vector layer to be bypassed and instead requires implementation of a processFeature method Ensure that your algorithm(or algorithm 's parent class) implements the new pure virtual createInstance(self) call
qgis_sip.h
SIP_SKIP
#define SIP_SKIP
Definition qgis_sip.h:133
segment
QLineF segment(int index, QRectF rect, double radius)
Definition qgsshapegenerator.cpp:28
Generated on for QGIS API Documentation by doxygen 1.15.0