QGIS API Documentation 3.99.0-Master (d270888f95f)
Loading...
Searching...
No Matches
qgsauthcertutils.h
Go to the documentation of this file.
1/***************************************************************************
2 qgsauthcertutils.h
3 ---------------------
4 begin : May 1, 2015
5 copyright : (C) 2015 by Boundless Spatial, Inc. USA
6 author : Larry Shaffer
7 email : lshaffer at boundlessgeo dot com
8 ***************************************************************************
9 * *
10 * This program is free software; you can redistribute it and/or modify *
11 * it under the terms of the GNU General Public License as published by *
12 * the Free Software Foundation; either version 2 of the License, or *
13 * (at your option) any later version. *
14 * *
15 ***************************************************************************/
16
17
18#ifndef QGSAUTHCERTUTILS_H
19#define QGSAUTHCERTUTILS_H
20
21#include "qgsconfig.h"
22
23#include "qgis_core.h"
24#include "qgis_sip.h"
25#include "qgsauthconfig.h"
26
27#include <QFile>
28#include <QSslCertificate>
29#include <QSslError>
30
31#ifdef HAVE_AUTH
32#include <QtCrypto>
33#endif
34
35class QgsAuthConfigSslServer;
36
37#define SSL_ISSUER_INFO( var, prop ) var.issuerInfo( prop ).value(0)
38
39#define SSL_SUBJECT_INFO( var, prop ) var.subjectInfo( prop ).value(0)
40
45class CORE_EXPORT QgsAuthCertUtils
46{
47 public:
56
65
81
88
89#ifdef HAVE_AUTH
90
92 static QString getSslProtocolName( QSsl::SslProtocol protocol );
93
95 static QMap<QString, QSslCertificate> mapDigestToCerts( const QList<QSslCertificate> &certs );
96
101 static QMap< QString, QList<QSslCertificate> > certsGroupedByOrg( const QList<QSslCertificate> &certs ) SIP_SKIP;
102
106 static QMap<QString, QgsAuthConfigSslServer> mapDigestToSslConfigs( const QList<QgsAuthConfigSslServer> &configs );
107
112 static QMap< QString, QList<QgsAuthConfigSslServer> > sslConfigsGroupedByOrg( const QList<QgsAuthConfigSslServer> &configs ) SIP_SKIP;
113
119 static QByteArray fileData( const QString &path );
120
122 static QList<QSslCertificate> certsFromFile( const QString &certspath );
123
125 static QList<QSslCertificate> casFromFile( const QString &certspath );
126
128 static QSslCertificate certFromFile( const QString &certpath );
129
137 static QList<QSslCertificate> casMerge( const QList<QSslCertificate> &bundle1,
138 const QList<QSslCertificate> &bundle2 );
139
146 static QSslKey keyFromFile( const QString &keypath,
147 const QString &keypass = QString(),
148 QString *algtype = nullptr );
149
151 static QList<QSslCertificate> certsFromString( const QString &pemtext );
152
153
159 static QList<QSslCertificate> casRemoveSelfSigned( const QList<QSslCertificate> &caList );
160
169 static QStringList certKeyBundleToPem( const QString &certpath,
170 const QString &keypath,
171 const QString &keypass = QString(),
172 bool reencrypt = true );
173
179 static bool pemIsPkcs8( const QString &keyPemTxt );
180
181#ifdef Q_OS_MAC
182
196 static QByteArray pkcs8PrivateKey( QByteArray &pkcs8Der ) SIP_SKIP;
197#endif
198
206 static QStringList pkcs12BundleToPem( const QString &bundlepath,
207 const QString &bundlepass = QString(),
208 bool reencrypt = true );
209
216 static QList<QSslCertificate> pkcs12BundleCas( const QString &bundlepath,
217 const QString &bundlepass = QString() );
218
219
225 static QByteArray certsToPemText( const QList<QSslCertificate> &certs );
226
233 static QString pemTextToTempFile( const QString &name, const QByteArray &pemtext );
234
240 static QString getCaSourceName( QgsAuthCertUtils::CaCertSource source, bool single = false );
241
243 static QString resolvedCertName( const QSslCertificate &cert, bool issuer = false );
244
252 static QString getCertDistinguishedName( const QSslCertificate &qcert,
253 const QCA::Certificate &acert = QCA::Certificate(),
254 bool issuer = false ) SIP_SKIP;
255
257 static QString getCertTrustName( QgsAuthCertUtils::CertTrustPolicy trust );
258
260 static QString getColonDelimited( const QString &txt );
261
267 static QString shaHexForCert( const QSslCertificate &cert, bool formatted = false );
268
273 static QCA::Certificate qtCertToQcaCert( const QSslCertificate &cert ) SIP_SKIP;
274
279 static QCA::CertificateCollection qtCertsToQcaCollection( const QList<QSslCertificate> &certs ) SIP_SKIP;
280
285 static QCA::KeyBundle qcaKeyBundle( const QString &path, const QString &pass ) SIP_SKIP;
286
291 static QString qcaValidityMessage( QCA::Validity validity ) SIP_SKIP;
292
297 static QString qcaSignatureAlgorithm( QCA::SignatureAlgorithm algorithm ) SIP_SKIP;
298
303 static QString qcaKnownConstraint( QCA::ConstraintTypeKnown constraint ) SIP_SKIP;
304
309 static QString certificateUsageTypeString( QgsAuthCertUtils::CertUsageType usagetype ) SIP_SKIP;
310
311#ifndef QT_NO_SSL
313 static QList<QgsAuthCertUtils::CertUsageType> certificateUsageTypes( const QSslCertificate &cert );
314
316 static bool certificateIsAuthority( const QSslCertificate &cert );
317
319 static bool certificateIsIssuer( const QSslCertificate &cert );
320
322 static bool certificateIsAuthorityOrIssuer( const QSslCertificate &cert );
323
325 static bool certificateIsSslServer( const QSslCertificate &cert );
326
328 static bool certificateIsSslClient( const QSslCertificate &cert );
329
331 static QString sslErrorEnumString( QSslError::SslError errenum );
332
337 static QList<QPair<QSslError::SslError, QString> > sslErrorEnumStrings() SIP_SKIP;
338
343 static bool certIsCurrent( const QSslCertificate &cert );
344
350 static QList<QSslError> certViabilityErrors( const QSslCertificate &cert );
351
357 static bool certIsViable( const QSslCertificate &cert );
358
366 static QList<QSslError> validateCertChain( const QList<QSslCertificate> &certificateChain,
367 const QString &hostName = QString(),
368 bool trustRootCa = false ) ;
369
370#endif
371
381 static QStringList validatePKIBundle( QgsPkiBundle &bundle, bool useIntermediates = true, bool trustRootCa = false );
382
383 private:
384 static void appendDirSegment_( QStringList &dirname, const QString &segment, QString value );
385
386 static QSsl::EncodingFormat sniffEncoding( const QByteArray &payload );
387#endif
388};
389
390#endif // QGSAUTHCERTUTILS_H
QgsAuthCertUtils
Utilities for working with certificates and keys.
Definition qgsauthcertutils.h:46
QgsAuthCertUtils::CertTrustPolicy
CertTrustPolicy
Type of certificate trust policy.
Definition qgsauthcertutils.h:59
QgsAuthCertUtils::ConstraintGroup
ConstraintGroup
Type of certificate key group.
Definition qgsauthcertutils.h:84
QgsAuthCertUtils::CertUsageType
CertUsageType
Type of certificate usage.
Definition qgsauthcertutils.h:68
QgsAuthCertUtils::CaCertSource
CaCertSource
Type of CA certificate source.
Definition qgsauthcertutils.h:50
QgsAuthConfigSslServer
Configuration container for SSL server connection exceptions or overrides.
Definition qgsauthconfig.h:342
QgsPkiBundle
Storage set for PKI bundle: SSL certificate, key, optional CA cert chain.
Definition qgsauthconfig.h:209
algorithm
As part of the API refactoring and improvements which landed in the Processing API was substantially reworked from the x version This was done in order to allow much of the underlying Processing framework to be ported into allowing algorithms to be written in pure substantial changes are required in order to port existing x Processing algorithms for QGIS x The most significant changes are outlined not GeoAlgorithm For algorithms which operate on features one by consider subclassing the QgsProcessingFeatureBasedAlgorithm class This class allows much of the boilerplate code for looping over features from a vector layer to be bypassed and instead requires implementation of a processFeature method Ensure that your algorithm(or algorithm 's parent class) implements the new pure virtual createInstance(self) call
qgis_sip.h
SIP_SKIP
#define SIP_SKIP
Definition qgis_sip.h:134
segment
QLineF segment(int index, QRectF rect, double radius)
Definition qgsshapegenerator.cpp:28
Generated on for QGIS API Documentation by doxygen 1.15.0