Qt Cryptographic Architecture
qca_cert.h
Go to the documentation of this file.
1 /*
2  * qca_cert.h - Qt Cryptographic Architecture
3  * Copyright (C) 2003-2007 Justin Karneges <justin@affinix.com>
4  * Copyright (C) 2004-2006 Brad Hards <bradh@frogmouth.net>
5  *
6  * This library is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU Lesser General Public
8  * License as published by the Free Software Foundation; either
9  * version 2.1 of the License, or (at your option) any later version.
10  *
11  * This library is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14  * Lesser General Public License for more details.
15  *
16  * You should have received a copy of the GNU Lesser General Public
17  * License along with this library; if not, write to the Free Software
18  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
19  * 02110-1301 USA
20  *
21  */
22 
33 #ifndef QCA_CERT_H
34 #define QCA_CERT_H
35 
36 #include <QDateTime>
37 #include "qca_core.h"
38 #include "qca_publickey.h"
39 
40 namespace QCA {
41 
42 class CertContext;
43 class CSRContext;
44 class CRLContext;
45 class Certificate;
46 class CRL;
47 class CertificateCollection;
48 class CertificateChain;
49 
50 
55 {
57  SPKAC
58 };
59 
66 {
78  URI,
79  DNS,
81  XMPP
82 };
83 
120 class QCA_EXPORT CertificateInfoType
121 {
122 public:
126  enum Section
127  {
128  DN,
129  AlternativeName
130  };
131 
136 
146 
155  CertificateInfoType(const QString &id, Section section);
156 
163 
165 
172 
176  Section section() const;
177 
186 
205  QString id() const;
206 
213  bool operator<(const CertificateInfoType &other) const;
214 
221  bool operator==(const CertificateInfoType &other) const;
222 
229  inline bool operator!=(const CertificateInfoType &other) const
230  {
231  return !(*this == other);
232  }
233 
234 private:
235  class Private;
236  QSharedDataPointer<Private> d;
237 };
238 
246 class QCA_EXPORT CertificateInfoPair
247 {
248 public:
253 
260  CertificateInfoPair(const CertificateInfoType &type, const QString &value);
261 
268 
270 
277 
282 
286  QString value() const;
287 
294  bool operator==(const CertificateInfoPair &other) const;
295 
302  inline bool operator!=(const CertificateInfoPair &other) const
303  {
304  return !(*this == other);
305  }
306 
307 private:
308  class Private;
309  QSharedDataPointer<Private> d;
310 };
311 
312 
319 {
320  // KeyUsage
330 
331  // ExtKeyUsage
340  OCSPSigning
341 };
342 
356 class QCA_EXPORT ConstraintType
357 {
358 public:
362  enum Section
363  {
365  ExtendedKeyUsage
366  };
367 
372 
382 
391  ConstraintType(const QString &id, Section section);
392 
399 
400  ~ConstraintType();
401 
408 
412  Section section() const;
413 
422 
441  QString id() const;
442 
448  bool operator<(const ConstraintType &other) const;
449 
455  bool operator==(const ConstraintType &other) const;
456 
462  inline bool operator!=(const ConstraintType &other) const
463  {
464  return !(*this == other);
465  }
466 
467 private:
468  class Private;
469  QSharedDataPointer<Private> d;
470 };
471 
476 {
477  UsageAny = 0x00,
478  UsageTLSServer = 0x01,
479  UsageTLSClient = 0x02,
483  UsageCRLSigning = 0x20
484 };
485 
490 {
503 };
504 
509 {
510  ValidateAll = 0x00, // Verify all conditions
511  ValidateRevoked = 0x01, // Verify the certificate was not revoked
512  ValidateExpired = 0x02, // Verify the certificate has not expired
513  ValidatePolicy = 0x04 // Verify the certificate can be used for a specified purpose
514 };
515 
527 typedef QMultiMap<CertificateInfoType, QString> CertificateInfo;
528 
539 class CertificateInfoOrdered : public QList<CertificateInfoPair>
540 {
541 public:
545  inline QString toString() const;
546 
551  inline CertificateInfoOrdered dnOnly() const;
552 };
553 
559 QCA_EXPORT QString orderedToDNString(const CertificateInfoOrdered &in);
560 
568 
569 inline QString CertificateInfoOrdered::toString() const
570 {
571  return orderedToDNString(*this);
572 }
573 
575 {
576  return orderedDNOnly(*this);
577 }
578 
583 
590 QCA_EXPORT QStringList makeFriendlyNames(const QList<Certificate> &list);
591 
601 class QCA_EXPORT CertificateOptions
602 {
603 public:
610 
618 
625 
630 
637 
643  bool isValid() const;
644 
652  QString challenge() const;
653 
660 
668 
673 
677  QStringList policies() const;
678 
686  QStringList crlLocations() const;
687 
695  QStringList issuerLocations() const;
696 
702  QStringList ocspLocations() const;
703 
710  bool isCA() const;
711 
715  int pathLimit() const;
716 
723 
729  QDateTime notValidBefore() const;
730 
736  QDateTime notValidAfter() const;
737 
746  void setChallenge(const QString &s);
747 
756  void setInfo(const CertificateInfo &info);
757 
767 
773  void setConstraints(const Constraints &constraints);
774 
780  void setPolicies(const QStringList &policies);
781 
789  void setCRLLocations(const QStringList &locations);
790 
798  void setIssuerLocations(const QStringList &locations);
799 
805  void setOCSPLocations(const QStringList &locations);
806 
812  void setAsCA(int pathLimit = 8); // value from Botan
813 
817  void setAsUser();
818 
824  void setSerialNumber(const BigInteger &i);
825 
832  void setValidityPeriod(const QDateTime &start, const QDateTime &end);
833 
834 private:
835  class Private;
836  Private *d;
837 };
838 
848 class QCA_EXPORT Certificate : public Algorithm
849 {
850 public:
855 
862  Certificate(const QString &fileName);
863 
873  Certificate(const CertificateOptions &opts, const PrivateKey &key, const QString &provider = QString());
874 
880  Certificate(const Certificate &from);
881 
882  ~Certificate() override;
883 
890 
895  bool isNull() const;
896 
900  QDateTime notValidBefore() const;
901 
905  QDateTime notValidAfter() const;
906 
925 
946 
953 
967 
972 
978  QStringList policies() const;
979 
985  QStringList crlLocations() const;
986 
992  QStringList issuerLocations() const;
993 
997  QStringList ocspLocations() const;
998 
1005  QString commonName() const;
1006 
1011 
1016 
1022  bool isCA() const;
1023 
1029  bool isSelfSigned() const;
1030 
1039  bool isIssuerOf(const Certificate &other) const;
1040 
1045  int pathLimit() const;
1046 
1051 
1055  QByteArray subjectKeyId() const;
1056 
1060  QByteArray issuerKeyId() const;
1061 
1073  Validity validate(const CertificateCollection &trusted, const CertificateCollection &untrusted, UsageMode u = UsageAny, ValidateFlags vf = ValidateAll) const;
1074 
1078  QByteArray toDER() const;
1079 
1083  QString toPEM() const;
1084 
1090  bool toPEMFile(const QString &fileName) const;
1091 
1104  static Certificate fromDER(const QByteArray &a, ConvertResult *result = nullptr, const QString &provider = QString());
1105 
1118  static Certificate fromPEM(const QString &s, ConvertResult *result = nullptr, const QString &provider = QString());
1119 
1133  static Certificate fromPEMFile(const QString &fileName, ConvertResult *result = nullptr, const QString &provider = QString());
1134 
1147  bool matchesHostName(const QString &host) const;
1148 
1156  bool operator==(const Certificate &a) const;
1157 
1163  inline bool operator!=(const Certificate &other) const
1164  {
1165  return !(*this == other);
1166  }
1167 
1174 
1175 private:
1176  class Private;
1177  friend class Private;
1178  QSharedDataPointer<Private> d;
1179 
1180  friend class CertificateChain;
1181  Validity chain_validate(const CertificateChain &chain, const CertificateCollection &trusted, const QList<CRL> &untrusted_crls, UsageMode u, ValidateFlags vf) const;
1182  CertificateChain chain_complete(const CertificateChain &chain, const QList<Certificate> &issuers, Validity *result) const;
1183 };
1184 
1207 class CertificateChain : public QList<Certificate>
1208 {
1209 public:
1213  inline CertificateChain() {}
1214 
1221  inline CertificateChain(const Certificate &primary) { append(primary); }
1222 
1226  inline const Certificate & primary() const { return first(); }
1227 
1241  inline Validity validate(const CertificateCollection &trusted, const QList<CRL> &untrusted_crls = QList<CRL>(), UsageMode u = UsageAny, ValidateFlags vf = ValidateAll) const;
1242 
1266  inline CertificateChain complete(const QList<Certificate> &issuers = QList<Certificate>(), Validity *result = nullptr) const;
1267 };
1268 
1269 inline Validity CertificateChain::validate(const CertificateCollection &trusted, const QList<CRL> &untrusted_crls, UsageMode u, ValidateFlags vf) const
1270 {
1271  if(isEmpty())
1272  return ErrorValidityUnknown;
1273  return first().chain_validate(*this, trusted, untrusted_crls, u, vf);
1274 }
1275 
1277 {
1278  if(isEmpty())
1279  return CertificateChain();
1280  return first().chain_complete(*this, issuers, result);
1281 }
1282 
1292 class QCA_EXPORT CertificateRequest : public Algorithm
1293 {
1294 public:
1299 
1306  CertificateRequest(const QString &fileName);
1307 
1317  CertificateRequest(const CertificateOptions &opts, const PrivateKey &key, const QString &provider = QString());
1318 
1325 
1326  ~CertificateRequest() override;
1327 
1334 
1340  bool isNull() const;
1341 
1352  static bool canUseFormat(CertificateRequestFormat f, const QString &provider = QString());
1353 
1358 
1368 
1380 
1387 
1393  QStringList policies() const;
1394 
1399 
1406  bool isCA() const;
1407 
1413  int pathLimit() const;
1414 
1418  QString challenge() const;
1419 
1425 
1433  bool operator==(const CertificateRequest &csr) const;
1434 
1440  inline bool operator!=(const CertificateRequest &other) const
1441  {
1442  return !(*this == other);
1443  }
1444 
1450  QByteArray toDER() const;
1451 
1457  QString toPEM() const;
1458 
1466  bool toPEMFile(const QString &fileName) const;
1467 
1482  static CertificateRequest fromDER(const QByteArray &a, ConvertResult *result = nullptr, const QString &provider = QString());
1483 
1499  static CertificateRequest fromPEM(const QString &s, ConvertResult *result = nullptr, const QString &provider = QString());
1500 
1516  static CertificateRequest fromPEMFile(const QString &fileName, ConvertResult *result = nullptr, const QString &provider = QString());
1517 
1525  QString toString() const;
1526 
1541  static CertificateRequest fromString(const QString &s, ConvertResult *result = nullptr, const QString &provider = QString());
1542 
1548  void change(CSRContext *c);
1549 
1550 private:
1551  class Private;
1552  friend class Private;
1553  QSharedDataPointer<Private> d;
1554 };
1555 
1563 class QCA_EXPORT CRLEntry
1564 {
1565 public:
1569  enum Reason
1570  {
1574  AffiliationChanged,
1576  CessationOfOperation,
1579  PrivilegeWithdrawn,
1580  AACompromise
1581  };
1582 
1587 
1594  explicit CRLEntry(const Certificate &c, Reason r = Unspecified);
1595 
1604  CRLEntry(const BigInteger serial, const QDateTime &time, Reason r = Unspecified);
1605 
1611  CRLEntry(const CRLEntry &from);
1612 
1613  ~CRLEntry();
1614 
1620  CRLEntry & operator=(const CRLEntry &from);
1621 
1626 
1630  QDateTime time() const;
1631 
1635  bool isNull() const;
1636 
1643  Reason reason() const;
1644 
1652  bool operator<(const CRLEntry &a) const;
1653 
1661  bool operator==(const CRLEntry &a) const;
1662 
1668  inline bool operator!=(const CRLEntry &other) const
1669  {
1670  return !(*this == other);
1671  }
1672 
1673 private:
1674  BigInteger _serial;
1675  QDateTime _time;
1676  Reason _reason;
1677 
1678  class Private;
1679  Private *d;
1680 };
1681 
1702 class QCA_EXPORT CRL : public Algorithm
1703 {
1704 public:
1705  CRL();
1706 
1712  CRL(const CRL &from);
1713 
1714  ~CRL() override;
1715 
1721  CRL & operator=(const CRL &from);
1722 
1728  bool isNull() const;
1729 
1737 
1747 
1754  int number() const;
1755 
1759  QDateTime thisUpdate() const;
1760 
1766  QDateTime nextUpdate() const;
1767 
1772 
1777 
1781  QByteArray issuerKeyId() const;
1782 
1790  bool operator==(const CRL &a) const;
1791 
1797  inline bool operator!=(const CRL &other) const
1798  {
1799  return !(*this == other);
1800  }
1801 
1807  QByteArray toDER() const;
1808 
1814  QString toPEM() const;
1815 
1822  bool toPEMFile(const QString &fileName) const;
1823 
1835  static CRL fromDER(const QByteArray &a, ConvertResult *result = nullptr, const QString &provider = QString());
1836 
1848  static CRL fromPEM(const QString &s, ConvertResult *result = nullptr, const QString &provider = QString());
1849 
1862  static CRL fromPEMFile(const QString &fileName, ConvertResult *result = nullptr, const QString &provider = QString());
1863 
1869  void change(CRLContext *c);
1870 
1871 private:
1872  class Private;
1873  friend class Private;
1874  QSharedDataPointer<Private> d;
1875 };
1876 
1890 class QCA_EXPORT CertificateCollection
1891 {
1892 public:
1897 
1904 
1906 
1913 
1919  void addCertificate(const Certificate &cert);
1920 
1927  void addCRL(const CRL &crl);
1928 
1933 
1937  QList<CRL> crls() const;
1938 
1944  void append(const CertificateCollection &other);
1945 
1952 
1959 
1970  static bool canUsePKCS7(const QString &provider = QString());
1971 
1980  bool toFlatTextFile(const QString &fileName);
1981 
1992  bool toPKCS7File(const QString &fileName, const QString &provider = QString());
1993 
2007  static CertificateCollection fromFlatTextFile(const QString &fileName, ConvertResult *result = nullptr, const QString &provider = QString());
2008 
2022  static CertificateCollection fromPKCS7File(const QString &fileName, ConvertResult *result = nullptr, const QString &provider = QString());
2023 
2024 private:
2025  class Private;
2026  QSharedDataPointer<Private> d;
2027 };
2028 
2037 class QCA_EXPORT CertificateAuthority : public Algorithm
2038 {
2039 public:
2048  CertificateAuthority(const Certificate &cert, const PrivateKey &key, const QString &provider);
2049 
2056 
2057  ~CertificateAuthority() override;
2058 
2065 
2073 
2081  Certificate signRequest(const CertificateRequest &req, const QDateTime &notValidAfter) const;
2082 
2090 
2098  CRL createCRL(const QDateTime &nextUpdate) const;
2099 
2109  CRL updateCRL(const CRL &crl, const QList<CRLEntry> &entries, const QDateTime &nextUpdate) const;
2110 
2111 private:
2112  class Private;
2113  Private *d;
2114 };
2115 
2135 class QCA_EXPORT KeyBundle
2136 {
2137 public:
2142 
2160  explicit KeyBundle(const QString &fileName, const SecureArray &passphrase = SecureArray());
2161 
2167  KeyBundle(const KeyBundle &from);
2168 
2169  ~KeyBundle();
2170 
2177 
2181  bool isNull() const;
2182 
2192  QString name() const;
2193 
2200 
2207 
2213  void setName(const QString &s);
2214 
2225 
2249  QByteArray toArray(const SecureArray &passphrase, const QString &provider = QString()) const;
2250 
2275  bool toFile(const QString &fileName, const SecureArray &passphrase, const QString &provider = QString()) const;
2276 
2307  static KeyBundle fromArray(const QByteArray &a, const SecureArray &passphrase = SecureArray(), ConvertResult *result = nullptr, const QString &provider = QString());
2308 
2339  static KeyBundle fromFile(const QString &fileName, const SecureArray &passphrase = SecureArray(), ConvertResult *result = nullptr, const QString &provider = QString());
2340 
2341 private:
2342  class Private;
2343  QSharedDataPointer<Private> d;
2344 };
2345 
2360 class QCA_EXPORT PGPKey : public Algorithm
2361 {
2362 public:
2367 
2377  PGPKey(const QString &fileName);
2378 
2384  PGPKey(const PGPKey &from);
2385 
2386  ~PGPKey() override;
2387 
2393  PGPKey & operator=(const PGPKey &from);
2394 
2400  bool isNull() const;
2401 
2405  QString keyId() const;
2406 
2410  QString primaryUserId() const;
2411 
2415  QStringList userIds() const;
2416 
2422  bool isSecret() const;
2423 
2427  QDateTime creationDate() const;
2428 
2432  QDateTime expirationDate() const;
2433 
2440  QString fingerprint() const;
2441 
2450  bool inKeyring() const;
2451 
2457  bool isTrusted() const;
2458 
2468  QByteArray toArray() const;
2469 
2478  QString toString() const;
2479 
2485  bool toFile(const QString &fileName) const;
2486 
2496  static PGPKey fromArray(const QByteArray &a, ConvertResult *result = nullptr, const QString &provider = QString());
2497 
2507  static PGPKey fromString(const QString &s, ConvertResult *result = nullptr, const QString &provider = QString());
2508 
2519  static PGPKey fromFile(const QString &fileName, ConvertResult *result = nullptr, const QString &provider = QString());
2520 
2521 private:
2522  class Private;
2523  Private *d;
2524 };
2525 
2565 class QCA_EXPORT KeyLoader : public QObject
2566 {
2567  Q_OBJECT
2568 public:
2574  KeyLoader(QObject *parent = nullptr);
2575  ~KeyLoader() override;
2576 
2586  void loadPrivateKeyFromPEMFile(const QString &fileName);
2587 
2596  void loadPrivateKeyFromPEM(const QString &s);
2597 
2607 
2616  void loadKeyBundleFromFile(const QString &fileName);
2617 
2625  void loadKeyBundleFromArray(const QByteArray &a);
2626 
2633 
2644 
2654 
2655 Q_SIGNALS:
2663  void finished();
2664 
2665 private:
2666  Q_DISABLE_COPY(KeyLoader)
2667 
2668  class Private;
2669  friend class Private;
2670  Private *d;
2671 };
2672 
2673 }
2674 
2675 #endif
QCA::CertificateInfoType::DN
@ DN
Distinguished name (the primary name)
Definition: qca_cert.h:128
QCA::IncorporationLocality
@ IncorporationLocality
The locality of incorporation (EV certificates), id = "1.3.6.1.4.1.311.60.2.1.1".
Definition: qca_cert.h:73
QCA::CertificateInfoType::operator==
bool operator==(const CertificateInfoType &other) const
Comparison operator.
QCA::Certificate::operator==
bool operator==(const Certificate &a) const
Test for equality of two certificates.
QCA::Certificate::toPEM
QString toPEM() const
Export the Certificate into a PEM format.
QCA::CertificateChain::complete
CertificateChain complete(const QList< Certificate > &issuers=QList< Certificate >(), Validity *result=nullptr) const
Complete a certificate chain for the primary certificate, using the rest of the certificates in the c...
Definition: qca_cert.h:1276
QObject
QCA::KeyAgreement
@ KeyAgreement
Certificate can be used for key agreement, id = "KeyUsage.keyAgreement"
Definition: qca_cert.h:325
QCA::KeyLoader::loadPrivateKeyFromPEM
void loadPrivateKeyFromPEM(const QString &s)
Initiate an asynchronous loading of a PrivateKey from a PEM format string.
QCA::CertificateAuthority
A Certificate Authority is used to generate Certificates and Certificate Revocation Lists (CRLs).
Definition: qca_cert.h:2038
QCA::ErrorExpiredCA
@ ErrorExpiredCA
The Certificate Authority has expired.
Definition: qca_cert.h:501
QCA::ErrorInvalidPurpose
@ ErrorInvalidPurpose
The purpose does not match the intended usage.
Definition: qca_cert.h:496
QCA::KeyBundle::isNull
bool isNull() const
Test if this key is empty (null)
QCA::CertificateRequest::toPEM
QString toPEM() const
Export the Certificate Request into a PEM format.
QCA::CertificateCollection::fromFlatTextFile
static CertificateCollection fromFlatTextFile(const QString &fileName, ConvertResult *result=nullptr, const QString &provider=QString())
import a CertificateCollection from a text file
QCA::CRL::issuerKeyId
QByteArray issuerKeyId() const
The key identification of the CRL issuer.
QCA::CertificateOptions::notValidBefore
QDateTime notValidBefore() const
the first time the certificate will be valid
QCA::ConstraintType::Section
Section
Section of the certificate that the constraint belongs in.
Definition: qca_cert.h:363
QCA::CertificateOptions::operator=
CertificateOptions & operator=(const CertificateOptions &from)
Standard assignment operator.
QCA::CRL::operator!=
bool operator!=(const CRL &other) const
Inequality operator.
Definition: qca_cert.h:1797
QCA::Certificate::isCA
bool isCA() const
Test if the Certificate is valid as a Certificate Authority.
QCA::CRLEntry::isNull
bool isNull() const
Test if this CRL entry is empty.
QCA::CertificateOptions::format
CertificateRequestFormat format() const
test the format type for this certificate
QCA::CertificateCollection::operator=
CertificateCollection & operator=(const CertificateCollection &from)
Standard assignment operator.
QCA::KeyBundle::fromFile
static KeyBundle fromFile(const QString &fileName, const SecureArray &passphrase=SecureArray(), ConvertResult *result=nullptr, const QString &provider=QString())
QCA::CertificateInfoType::operator!=
bool operator!=(const CertificateInfoType &other) const
Inequality operator.
Definition: qca_cert.h:229
QCA::CertificateInfoType
Certificate information type.
Definition: qca_cert.h:121
QCA::KeyLoader::loadPrivateKeyFromDER
void loadPrivateKeyFromDER(const SecureArray &a)
Initiate an asynchronous loading of a PrivateKey from a DER format array.
QCA::KeyLoader::privateKey
PrivateKey privateKey() const
The private key that has been loaded.
QCA::CertificateInfoOrdered::dnOnly
CertificateInfoOrdered dnOnly() const
Return a new CertificateInfoOrdered that only contains the Distinguished Name (DN) types found in thi...
Definition: qca_cert.h:574
QCA::PGPKey::userIds
QStringList userIds() const
The list of all user identifications associated with the key.
QCA::ErrorExpired
@ ErrorExpired
The certificate has expired, or is not yet valid (e.g. current time is earlier than notBefore time)
Definition: qca_cert.h:500
QCA::CertificateRequest::operator==
bool operator==(const CertificateRequest &csr) const
Test for equality of two certificate requests.
QCA::CertificateCollection::canUsePKCS7
static bool canUsePKCS7(const QString &provider=QString())
test if the CertificateCollection can be imported and exported to PKCS#7 format
QCA::ErrorPathLengthExceeded
@ ErrorPathLengthExceeded
The path length from the root CA to this certificate is too long.
Definition: qca_cert.h:499
QCA::CertificateRequest::isNull
bool isNull() const
test if the certificate request is empty
QCA::CertificateOptions::setCRLLocations
void setCRLLocations(const QStringList &locations)
set the CRL locations of the certificate
QCA::makeFriendlyNames
QCA_EXPORT QStringList makeFriendlyNames(const QList< Certificate > &list)
Create a list of unique friendly names among a list of certificates.
QCA::Certificate::matchesHostName
bool matchesHostName(const QString &host) const
Test if the subject of the certificate matches a specified host name.
QCA::PGPKey::PGPKey
PGPKey()
Create an empty PGP key.
QCA::PGPKey::toFile
bool toFile(const QString &fileName) const
Export the key to a file.
QCA::CRLEntry::RemoveFromCRL
@ RemoveFromCRL
certificate was previously in a CRL, but is now valid
Definition: qca_cert.h:1578
QCA::IncorporationCountry
@ IncorporationCountry
The country of incorporation (EV certificates), id = "1.3.6.1.4.1.311.60.2.1.3".
Definition: qca_cert.h:77
QCA::CRL::toDER
QByteArray toDER() const
Export the Certificate Revocation List (CRL) in DER format.
QCA::CertificateRequest::toDER
QByteArray toDER() const
Export the Certificate Request into a DER format.
QCA::CRLEntry::reason
Reason reason() const
The reason that this CRL entry was created.
QCA::Certificate::subjectKeyId
QByteArray subjectKeyId() const
The key identifier associated with the subject.
QCA::IPAddress
@ IPAddress
IP address, id = "GeneralName.iPAddress".
Definition: qca_cert.h:80
QCA::KeyLoader::KeyLoader
KeyLoader(QObject *parent=nullptr)
Create a KeyLoader object.
QCA::CRL::toPEMFile
bool toPEMFile(const QString &fileName) const
Export the Certificate Revocation List (CRL) into PEM format in a file.
QCA::KeyBundle::operator=
KeyBundle & operator=(const KeyBundle &from)
Standard assignment operator.
QCA::Email
@ Email
Email address, id = "GeneralName.rfc822Name".
Definition: qca_cert.h:68
QCA::PrivateKey
Generic private key.
Definition: qca_publickey.h:827
QCA::KeyCertificateSign
@ KeyCertificateSign
Certificate can be used for key certificate signing, id = "KeyUsage.keyCertSign"
Definition: qca_cert.h:326
QCA::CertificateRequest::CertificateRequest
CertificateRequest(const CertificateRequest &from)
Standard copy constructor.
QCA::CertificateCollection::toPKCS7File
bool toPKCS7File(const QString &fileName, const QString &provider=QString())
export the CertificateCollection to a PKCS#7 file
QCA::CertificateCollection::crls
QList< CRL > crls() const
The CRLs in this collection.
QCA::CertificateRequest::toPEMFile
bool toPEMFile(const QString &fileName) const
Export the Certificate into PEM format in a file.
QCA::Certificate::subjectInfoOrdered
CertificateInfoOrdered subjectInfoOrdered() const
QCA::DataEncipherment
@ DataEncipherment
Certificate can be used for encrypting / decrypting data, id = "KeyUsage.dataEncipherment"
Definition: qca_cert.h:324
QCA
QCA - the Qt Cryptographic Architecture.
Definition: qca_basic.h:41
QCA::CRLEntry::KeyCompromise
@ KeyCompromise
private key has been compromised
Definition: qca_cert.h:1572
QCA::KeyLoader::loadKeyBundleFromFile
void loadKeyBundleFromFile(const QString &fileName)
Initiate an asynchronous loading of a KeyBundle from a file.
QCA::CertificateCollection::addCRL
void addCRL(const CRL &crl)
Append a CRL to this collection.
QCA::CertificateRequest::toString
QString toString() const
Export the CertificateRequest to a string.
QCA::Certificate::fromPEM
static Certificate fromPEM(const QString &s, ConvertResult *result=nullptr, const QString &provider=QString())
Import the certificate from PEM format.
QCA::Algorithm
General superclass for an algorithm.
Definition: qca_core.h:1152
QCA::CertificateInfoType::known
CertificateInfoTypeKnown known() const
The type as part of the CertificateInfoTypeKnown enumerator.
QCA::CertificateInfoPair
One entry in a certificate information list.
Definition: qca_cert.h:247
QCA::CertificateRequest::fromPEMFile
static CertificateRequest fromPEMFile(const QString &fileName, ConvertResult *result=nullptr, const QString &provider=QString())
Import the certificate request from a file.
QCA::CertificateAuthority::createCertificate
Certificate createCertificate(const PublicKey &key, const CertificateOptions &opts) const
Create a new Certificate.
QCA::CertificateRequest::challenge
QString challenge() const
The challenge associated with this certificate request.
QCA::Certificate::fromPEMFile
static Certificate fromPEMFile(const QString &fileName, ConvertResult *result=nullptr, const QString &provider=QString())
Import the certificate from a file.
QCA::PGPKey::operator=
PGPKey & operator=(const PGPKey &from)
Standard assignment operator.
QCA::OrganizationalUnit
@ OrganizationalUnit
An part of an organisation (eg a division or branch), id = "2.5.4.11".
Definition: qca_cert.h:71
QCA::CertificateInfoType::CertificateInfoType
CertificateInfoType(const CertificateInfoType &from)
Standard copy constructor.
QCA::CertificateAuthority::CertificateAuthority
CertificateAuthority(const CertificateAuthority &from)
Copy constructor.
QList
QCA::ConstraintType::ConstraintType
ConstraintType(const QString &id, Section section)
Construct a new constraint.
QCA::UsageTimeStamping
@ UsageTimeStamping
time stamping certificate
Definition: qca_cert.h:482
QCA::CertificateInfoPair::operator=
CertificateInfoPair & operator=(const CertificateInfoPair &from)
Standard assignment operator.
QCA::Certificate::constraints
Constraints constraints() const
The constraints that apply to this certificate.
QCA::CertificateInfoType::operator=
CertificateInfoType & operator=(const CertificateInfoType &from)
Standard assignment operator.
QCA::CRLEntry::operator=
CRLEntry & operator=(const CRLEntry &from)
Standard assignment operator.
QCA::PGPKey::isNull
bool isNull() const
Test if the PGP key is empty (null)
QCA::CertificateCollection::toFlatTextFile
bool toFlatTextFile(const QString &fileName)
export the CertificateCollection to a plain text file
QCA::CertificateRequest::operator=
CertificateRequest & operator=(const CertificateRequest &from)
Standard assignment operator.
QCA::CertificateOptions::info
CertificateInfo info() const
Information on the subject of the certificate.
QCA::CertificateOptions::isValid
bool isValid() const
Test if the certificate options object is valid.
QCA::CertificateOptions::isCA
bool isCA() const
test if the certificate is a CA cert
QCA::Certificate::validate
Validity validate(const CertificateCollection &trusted, const CertificateCollection &untrusted, UsageMode u=UsageAny, ValidateFlags vf=ValidateAll) const
Check the validity of a certificate.
QCA::OCSPSigning
@ OCSPSigning
Certificate can be used to sign an Online Certificate Status Protocol (OCSP) assertion,...
Definition: qca_cert.h:340
QCA::CertificateRequest::CertificateRequest
CertificateRequest(const CertificateOptions &opts, const PrivateKey &key, const QString &provider=QString())
Create a certificate request based on specified options.
QCA::CertificateRequest::fromString
static CertificateRequest fromString(const QString &s, ConvertResult *result=nullptr, const QString &provider=QString())
Import the CertificateRequest from a string.
QCA::PGPKey::fingerprint
QString fingerprint() const
The key fingerpint.
QCA::CertificateRequest::policies
QStringList policies() const
The policies that apply to this certificate request.
QCA::CertificateInfoType::CertificateInfoType
CertificateInfoType(CertificateInfoTypeKnown known)
Construct a new type.
QCA::CertContext
X.509 certificate provider.
Definition: qcaprovider.h:1275
QCA::CRLEntry::CRLEntry
CRLEntry(const CRLEntry &from)
Copy constructor.
QCA::CertificateOptions::CertificateOptions
CertificateOptions(CertificateRequestFormat format=PKCS10)
Create a Certificate options set.
QCA::Certificate::commonName
QString commonName() const
The common name of the subject of the certificate.
QCA::PGPKey::fromString
static PGPKey fromString(const QString &s, ConvertResult *result=nullptr, const QString &provider=QString())
Import the key from a string.
QCA::SignatureAlgorithm
SignatureAlgorithm
Signature algorithm variants.
Definition: qca_publickey.h:74
QCA::CertificateCollection
Bundle of Certificates and CRLs.
Definition: qca_cert.h:1891
QCA::CertificateAuthority::CertificateAuthority
CertificateAuthority(const Certificate &cert, const PrivateKey &key, const QString &provider)
Create a new Certificate Authority.
QCA::CertificateInfoPair::value
QString value() const
The value of the information stored in the pair.
QCA::ConstraintType::ConstraintType
ConstraintType()
Standard constructor.
QCA::CertificateOptions::policies
QStringList policies() const
list the policies on this certificate
QCA::Certificate::toPEMFile
bool toPEMFile(const QString &fileName) const
Export the Certificate into PEM format in a file.
QCA::CertificateInfoType::Section
Section
Section of the certificate that the information belongs in.
Definition: qca_cert.h:127
QCA::orderedToDNString
QCA_EXPORT QString orderedToDNString(const CertificateInfoOrdered &in)
Convert to RFC 1779 string format.
QCA::CertificateChain::validate
Validity validate(const CertificateCollection &trusted, const QList< CRL > &untrusted_crls=QList< CRL >(), UsageMode u=UsageAny, ValidateFlags vf=ValidateAll) const
Check the validity of a certificate chain.
Definition: qca_cert.h:1269
QCA::CommonName
@ CommonName
The common name (eg person), id = "2.5.4.3".
Definition: qca_cert.h:67
QCA::KeyBundle::fromArray
static KeyBundle fromArray(const QByteArray &a, const SecureArray &passphrase=SecureArray(), ConvertResult *result=nullptr, const QString &provider=QString())
QCA::ValidityGood
@ ValidityGood
The certificate is valid.
Definition: qca_cert.h:491
QCA::CertificateOptions::setValidityPeriod
void setValidityPeriod(const QDateTime &start, const QDateTime &end)
Set the validity period for the certificate.
QCA::Certificate::signatureAlgorithm
SignatureAlgorithm signatureAlgorithm() const
The signature algorithm used for the signature on this certificate.
QCA::IncorporationState
@ IncorporationState
The state of incorporation (EV certificates), id = "1.3.6.1.4.1.311.60.2.1.2".
Definition: qca_cert.h:75
QCA::State
@ State
The state within the country, id = "2.5.4.8".
Definition: qca_cert.h:74
QCA::UsageTLSServer
@ UsageTLSServer
server side of a TLS or SSL connection
Definition: qca_cert.h:478
QCA::IPSecEndSystem
@ IPSecEndSystem
Certificate can be used to authenticate a endpoint in IPSEC, id = "1.3.6.1.5.5.7.3....
Definition: qca_cert.h:336
QCA::Certificate::pathLimit
int pathLimit() const
The upper bound of the number of links in the certificate chain, if any.
QCA::CRLEntry::CRLEntry
CRLEntry(const Certificate &c, Reason r=Unspecified)
create a CRL entry
QCA::CRL::issuerInfoOrdered
CertificateInfoOrdered issuerInfoOrdered() const
Information on the issuer of the CRL as an ordered list (QList of CertificateInfoPair).
QCA::CertificateRequestFormat
CertificateRequestFormat
Certificate Request Format.
Definition: qca_cert.h:55
QCA::Constraints
QList< ConstraintType > Constraints
Certificate constraints type
Definition: qca_cert.h:582
QCA::CertificateRequest::change
void change(CSRContext *c)
QCA::CertificateRequest::subjectPublicKey
PublicKey subjectPublicKey() const
The public key belonging to the issuer.
QCA::UsageAny
@ UsageAny
Any application, or unspecified.
Definition: qca_cert.h:477
QCA::CertificateRequest::CertificateRequest
CertificateRequest(const QString &fileName)
Create a certificate request based on the contents of a file.
QCA::Certificate::issuerInfo
CertificateInfo issuerInfo() const
Properties of the issuer of the certificate.
QCA::CertificateInfoPair::operator!=
bool operator!=(const CertificateInfoPair &other) const
Inequality operator.
Definition: qca_cert.h:302
QCA::KeyLoader::keyBundle
KeyBundle keyBundle() const
The key bundle that has been loaded.
QCA::PGPKey::fromArray
static PGPKey fromArray(const QByteArray &a, ConvertResult *result=nullptr, const QString &provider=QString())
Import the key from an array.
QCA::PGPKey::expirationDate
QDateTime expirationDate() const
The expiration date for the key.
QCA::IPSecTunnel
@ IPSecTunnel
Certificate can be used to authenticate a tunnel in IPSEC, id = "1.3.6.1.5.5.7.3.6"....
Definition: qca_cert.h:337
QCA::CRLEntry::serialNumber
BigInteger serialNumber() const
The serial number of the certificate that is the subject of this CRL entry.
QCA::CRLEntry::CRLEntry
CRLEntry()
create an empty CRL entry
QCA::CertificateOptions::setAsCA
void setAsCA(int pathLimit=8)
set the certificate to be a CA cert
QCA::EmailLegacy
@ EmailLegacy
PKCS#9 Email field, id = "1.2.840.113549.1.9.1".
Definition: qca_cert.h:69
QCA::CertificateOptions::issuerLocations
QStringList issuerLocations() const
list of URI locations for issuer certificate files
QCA::CertificateChain
A chain of related Certificates.
Definition: qca_cert.h:1208
QCA::ConstraintType::operator==
bool operator==(const ConstraintType &other) const
Comparison operator.
QCA::ConstraintType::id
QString id() const
The type as an identifier string.
QCA::DNS
@ DNS
DNS name, id = "GeneralName.dNSName".
Definition: qca_cert.h:79
QCA::CertificateInfoType::operator<
bool operator<(const CertificateInfoType &other) const
Comparison operator.
QCA::CRLEntry::CACompromise
@ CACompromise
certificate authority has been compromised
Definition: qca_cert.h:1573
QCA::Certificate::toDER
QByteArray toDER() const
Export the Certificate into a DER format.
QCA::ErrorRejected
@ ErrorRejected
The root CA rejected the certificate purpose.
Definition: qca_cert.h:492
QCA::CertificateAuthority::createCRL
CRL createCRL(const QDateTime &nextUpdate) const
Create a new Certificate Revocation List (CRL)
QCA::CertificateChain::CertificateChain
CertificateChain()
Create an empty certificate chain.
Definition: qca_cert.h:1213
QCA::PGPKey::PGPKey
PGPKey(const PGPKey &from)
Standard copy constructor.
QCA::DigitalSignature
@ DigitalSignature
Certificate can be used to create digital signatures, id = "KeyUsage.digitalSignature"
Definition: qca_cert.h:321
QCA::KeyBundle::toArray
QByteArray toArray(const SecureArray &passphrase, const QString &provider=QString()) const
QCA::PGPKey::fromFile
static PGPKey fromFile(const QString &fileName, ConvertResult *result=nullptr, const QString &provider=QString())
Import the key from a file.
QCA::CertificateRequest
Certificate Request
Definition: qca_cert.h:1293
QCA::ConstraintTypeKnown
ConstraintTypeKnown
Known types of certificate constraints.
Definition: qca_cert.h:319
QCA::ServerAuth
@ ServerAuth
Certificate can be used for server authentication (e.g. web server), id = "1.3.6.1....
Definition: qca_cert.h:332
QCA::Country
@ Country
The country, id = "2.5.4.6".
Definition: qca_cert.h:76
QCA::CertificateOptions::crlLocations
QStringList crlLocations() const
list of URI locations for CRL files
QCA::CertificateRequest::fromDER
static CertificateRequest fromDER(const QByteArray &a, ConvertResult *result=nullptr, const QString &provider=QString())
Import the certificate request from DER.
QCA::CertificateCollection::certificates
QList< Certificate > certificates() const
The Certificates in this collection.
QCA::CertificateInfo
QMultiMap< CertificateInfoType, QString > CertificateInfo
Certificate properties type.
Definition: qca_cert.h:527
QCA::CRLEntry::time
QDateTime time() const
The time this CRL entry was created.
QCA::Certificate::change
void change(CertContext *c)
QCA::CertificateInfoPair::operator==
bool operator==(const CertificateInfoPair &other) const
Comparison operator.
QCA::ErrorInvalidCA
@ ErrorInvalidCA
The Certificate Authority is invalid.
Definition: qca_cert.h:495
QCA::CertificateRequest::pathLimit
int pathLimit() const
The path limit for the certificate in this Certificate Request.
QCA::Certificate::policies
QStringList policies() const
The policies that apply to this certificate.
QCA::CertificateOptions::setPolicies
void setPolicies(const QStringList &policies)
set the policies on the certificate
QCA::PGPKey::inKeyring
bool inKeyring() const
Test if this key is in a keyring.
QCA::EmailProtection
@ EmailProtection
Certificate can be used to sign / encrypt email, id = "1.3.6.1.5.5.7.3.4". This is an extended usage ...
Definition: qca_cert.h:335
QCA::CertificateCollection::operator+=
CertificateCollection & operator+=(const CertificateCollection &other)
Add another CertificateCollection to this collection.
QCA::UsageEmailProtection
@ UsageEmailProtection
email (S/MIME) certificate
Definition: qca_cert.h:481
QCA::Certificate::fromDER
static Certificate fromDER(const QByteArray &a, ConvertResult *result=nullptr, const QString &provider=QString())
Import the certificate from DER.
QCA::CSRContext
X.509 certificate request provider.
Definition: qcaprovider.h:1368
QCA::SecureArray
Secure array of bytes.
Definition: qca_tools.h:317
QCA::CRL::revoked
QList< CRLEntry > revoked() const
a list of the revoked certificates in this CRL
QCA::CertificateInfoOrdered
Ordered certificate properties type.
Definition: qca_cert.h:540
QCA::Certificate::ocspLocations
QStringList ocspLocations() const
List of URI locations for OCSP services.
QCA::Certificate::isNull
bool isNull() const
Test if the certificate is empty (null)
QCA::CertificateRequest::canUseFormat
static bool canUseFormat(CertificateRequestFormat f, const QString &provider=QString())
Test if the certificate request can use a specified format.
QCA::PGPKey::toString
QString toString() const
Export the key to a string.
QCA::KeyLoader::loadKeyBundleFromArray
void loadKeyBundleFromArray(const QByteArray &a)
Initiate an asynchronous loading of a KeyBundle from an array.
QCA::CertificateInfoType::CertificateInfoType
CertificateInfoType(const QString &id, Section section)
Construct a new type.
QCA::PGPKey::creationDate
QDateTime creationDate() const
The creation date for the key.
QCA::CRLEntry::CRLEntry
CRLEntry(const BigInteger serial, const QDateTime &time, Reason r=Unspecified)
create a CRL entry
QCA::Certificate
Public Key (X.509) certificate.
Definition: qca_cert.h:849
QCA::UsageMode
UsageMode
Specify the intended usage of a certificate.
Definition: qca_cert.h:476
QCA::BigInteger
Arbitrary precision integer.
Definition: qca_tools.h:571
QCA::CertificateOptions::setFormat
void setFormat(CertificateRequestFormat f)
Specify the format for this certificate.
QCA::CRL
Certificate Revocation List
Definition: qca_cert.h:1703
QCA::CodeSigning
@ CodeSigning
Certificate can be used to sign code, id = "1.3.6.1.5.5.7.3.3". This is an extended usage constraint.
Definition: qca_cert.h:334
QCA::CertificateInfoPair::CertificateInfoPair
CertificateInfoPair()
Standard constructor.
QCA::ErrorSelfSigned
@ ErrorSelfSigned
The certificate is self-signed, and is not found in the list of trusted certificates.
Definition: qca_cert.h:497
QCA::CertificateOptions::CertificateOptions
CertificateOptions(const CertificateOptions &from)
Standard copy constructor.
QCA::CertificateRequest::subjectInfoOrdered
CertificateInfoOrdered subjectInfoOrdered() const
Information on the subject of the certificate being requested, as an ordered list (QList of Certifica...
QCA::UsageCRLSigning
@ UsageCRLSigning
certificate revocation list signing certificate
Definition: qca_cert.h:483
QCA::KeyBundle
Certificate chain and private key pair.
Definition: qca_cert.h:2136
QCA::CRL::change
void change(CRLContext *c)
QCA::CertificateOptions::pathLimit
int pathLimit() const
return the path limit on this certificate
QCA::CertificateOptions::challenge
QString challenge() const
The challenge part of the certificate.
QCA::PGPKey::primaryUserId
QString primaryUserId() const
The primary user identification for the key.
QCA::orderedDNOnly
QCA_EXPORT CertificateInfoOrdered orderedDNOnly(const CertificateInfoOrdered &in)
Return a new CertificateInfoOrdered that only contains the Distinguished Name (DN) types found in the...
QCA::CertificateRequest::fromPEM
static CertificateRequest fromPEM(const QString &s, ConvertResult *result=nullptr, const QString &provider=QString())
Import the certificate request from PEM format.
QCA::CertificateCollection::CertificateCollection
CertificateCollection(const CertificateCollection &from)
Standard copy constructor.
QCA::PGPKey::isTrusted
bool isTrusted() const
Test if the key is trusted.
QCA::CertificateCollection::append
void append(const CertificateCollection &other)
Add another CertificateCollection to this collection.
QCA::CRL::isNull
bool isNull() const
Test if the CRL is empty.
QCA::Certificate::crlLocations
QStringList crlLocations() const
List of URI locations for CRL files.
QCA::KeyBundle::setCertificateChainAndKey
void setCertificateChainAndKey(const CertificateChain &c, const PrivateKey &key)
Set the public certificate and private key.
QCA::CRLContext
X.509 certificate revocation list provider.
Definition: qcaprovider.h:1449
QCA::CRLEntry::operator!=
bool operator!=(const CRLEntry &other) const
Inequality operator.
Definition: qca_cert.h:1668
QCA::CertificateOptions::ocspLocations
QStringList ocspLocations() const
list of URI locations for OCSP services
QCA::CRLSign
@ CRLSign
Certificate can be used to sign Certificate Revocation Lists, id = "KeyUsage.crlSign"
Definition: qca_cert.h:327
QCA::UsageCodeSigning
@ UsageCodeSigning
code signing certificate
Definition: qca_cert.h:480
QCA::CRL::CRL
CRL(const CRL &from)
Standard copy constructor.
QCA::CRLEntry::CertificateHold
@ CertificateHold
certificate is on hold
Definition: qca_cert.h:1577
QCA::ConstraintType::operator<
bool operator<(const ConstraintType &other) const
Comparison operator.
QCA::Certificate::operator!=
bool operator!=(const Certificate &other) const
Inequality operator.
Definition: qca_cert.h:1163
QCA::CRL::thisUpdate
QDateTime thisUpdate() const
the time that this CRL became (or becomes) valid
QCA::KeyBundle::setName
void setName(const QString &s)
Specify the name of this bundle.
QCA::CertificateChain::primary
const Certificate & primary() const
Return the primary (end-user) Certificate.
Definition: qca_cert.h:1226
QCA::CRL::operator==
bool operator==(const CRL &a) const
Test for equality of two Certificate Revocation Lists.
QCA::CertificateInfoPair::CertificateInfoPair
CertificateInfoPair(const CertificateInfoType &type, const QString &value)
Construct a new pair.
QCA::ConstraintType::known
ConstraintTypeKnown known() const
The type as part of the ConstraintTypeKnown enumerator.
QCA::ValidateFlags
ValidateFlags
The conditions to validate for a certificate.
Definition: qca_cert.h:509
QCA::CertificateInfoPair::type
CertificateInfoType type() const
The type of information stored in the pair.
QCA::ConvertResult
ConvertResult
Return value from a format conversion.
Definition: qca_publickey.h:118
QCA::Certificate::Certificate
Certificate(const CertificateOptions &opts, const PrivateKey &key, const QString &provider=QString())
Create a Certificate with specified options and a specified private key.
QCA::CRLEntry::Unspecified
@ Unspecified
reason is unknown
Definition: qca_cert.h:1571
QCA::CRL::toPEM
QString toPEM() const
Export the Certificate Revocation List (CRL) in PEM format.
QCA::ClientAuth
@ ClientAuth
Certificate can be used for client authentication (e.g. web browser), id = "1.3.6....
Definition: qca_cert.h:333
QCA::KeyBundle::KeyBundle
KeyBundle()
Create an empty KeyBundle.
QCA::Certificate::Certificate
Certificate(const QString &fileName)
Create a Certificate from a PEM encoded file.
QCA::CertificateInfoPair::CertificateInfoPair
CertificateInfoPair(const CertificateInfoPair &from)
Standard copy constructor.
QCA::CertificateRequest::subjectInfo
CertificateInfo subjectInfo() const
Information on the subject of the certificate being requested.
qca_core.h
Header file for core QCA infrastructure.
QCA::CertificateOptions::setAsUser
void setAsUser()
set the certificate to be a user cert (this is the default)
QCA::CertificateInfoTypeKnown
CertificateInfoTypeKnown
Known types of information stored in certificates.
Definition: qca_cert.h:66
QCA::KeyBundle::KeyBundle
KeyBundle(const KeyBundle &from)
Standard copy constructor.
QCA::Certificate::issuerLocations
QStringList issuerLocations() const
List of URI locations for issuer certificate files.
QCA::Organization
@ Organization
An organisation (eg company), id = "2.5.4.10".
Definition: qca_cert.h:70
QCA::Certificate::isIssuerOf
bool isIssuerOf(const Certificate &other) const
Test if the Certificate has signed another Certificate object and is therefore the issuer.
QCA::Certificate::issuerKeyId
QByteArray issuerKeyId() const
The key identifier associated with the issuer.
QCA::CRL::issuerInfo
CertificateInfo issuerInfo() const
Information on the issuer of the CRL as a QMultiMap.
QCA::CertificateRequest::operator!=
bool operator!=(const CertificateRequest &other) const
Inequality operator.
Definition: qca_cert.h:1440
QCA::CRL::number
int number() const
The CRL serial number.
QCA::TimeStamping
@ TimeStamping
Certificate can be used to create a "time stamp" signature, id = "1.3.6.1.5.5.7.3....
Definition: qca_cert.h:339
QCA::CertificateCollection::operator+
CertificateCollection operator+(const CertificateCollection &other) const
Add another CertificateCollection to this collection.
QCA::CertificateOptions::setOCSPLocations
void setOCSPLocations(const QStringList &locations)
set the OCSP service locations of the certificate
QCA::URI
@ URI
Uniform Resource Identifier, id = "GeneralName.uniformResourceIdentifier".
Definition: qca_cert.h:78
QCA::KeyBundle::privateKey
PrivateKey privateKey() const
The private key part of this bundle.
QCA::Certificate::isSelfSigned
bool isSelfSigned() const
Test if the Certificate is self-signed.
QCA::CertificateRequest::constraints
Constraints constraints() const
The constraints that apply to this certificate request.
QCA::ErrorRevoked
@ ErrorRevoked
The certificate has been revoked.
Definition: qca_cert.h:498
QCA::ConstraintType
Certificate constraint.
Definition: qca_cert.h:357
QCA::CertificateOptions::notValidAfter
QDateTime notValidAfter() const
the last time the certificate is valid
QCA::ConstraintType::operator=
ConstraintType & operator=(const ConstraintType &from)
Standard assignment operator.
QCA::ConstraintType::ConstraintType
ConstraintType(const ConstraintType &from)
Standard copy constructor.
QCA::IPSecUser
@ IPSecUser
Certificate can be used to authenticate a user in IPSEC, id = "1.3.6.1.5.5.7.3.7"....
Definition: qca_cert.h:338
QCA::CRL::fromPEMFile
static CRL fromPEMFile(const QString &fileName, ConvertResult *result=nullptr, const QString &provider=QString())
Import a PEM encoded Certificate Revocation List (CRL) from a file.
QCA::CertificateInfoType::id
QString id() const
The type as an identifier string.
QCA::PGPKey::toArray
QByteArray toArray() const
Export the key to an array.
QCA::CertificateOptions
Certificate options
Definition: qca_cert.h:602
QCA::KeyLoader::convertResult
ConvertResult convertResult() const
The result of the loading process.
QCA::ErrorValidityUnknown
@ ErrorValidityUnknown
Validity is unknown.
Definition: qca_cert.h:502
QCA::KeyBundle::toFile
bool toFile(const QString &fileName, const SecureArray &passphrase, const QString &provider=QString()) const
QCA::CertificateOptions::setConstraints
void setConstraints(const Constraints &constraints)
set the constraints on the certificate
QCA::UsageTLSClient
@ UsageTLSClient
client side of a TLS or SSL connection
Definition: qca_cert.h:479
QCA::ConstraintType::KeyUsage
@ KeyUsage
Stored in the key usage section.
Definition: qca_cert.h:364
QCA::KeyBundle::name
QString name() const
The name associated with this key.
QCA::KeyBundle::certificateChain
CertificateChain certificateChain() const
The public certificate part of this bundle.
QCA::CertificateRequest::isCA
bool isCA() const
Test if this Certificate Request is for a Certificate Authority certificate.
QCA::CRL::nextUpdate
QDateTime nextUpdate() const
the time that this CRL will be obsoleted
QCA::CRLEntry::operator==
bool operator==(const CRLEntry &a) const
Test for equality of two CRL Entries.
QCA::KeyLoader::finished
void finished()
Signal that is emitted when the load process has completed.
QCA::Certificate::issuerInfoOrdered
CertificateInfoOrdered issuerInfoOrdered() const
Properties of the issuer of the certificate, as an ordered list (QList of CertificateInfoPair).
QCA::KeyBundle::KeyBundle
KeyBundle(const QString &fileName, const SecureArray &passphrase=SecureArray())
Create a KeyBundle from a PKCS12 (.p12) encoded file.
QCA::Locality
@ Locality
The locality (eg city, a shire, or part of a state), id = "2.5.4.7".
Definition: qca_cert.h:72
QCA::PGPKey::isSecret
bool isSecret() const
Test if the PGP key is the secret key.
QCA::Certificate::serialNumber
BigInteger serialNumber() const
The serial number of the certificate.
QCA::PGPKey::keyId
QString keyId() const
The Key identification for the PGP key.
QCA::CertificateOptions::constraints
Constraints constraints() const
List the constraints on this certificate.
QCA::CRLEntry
Part of a CRL representing a single certificate.
Definition: qca_cert.h:1564
QCA::CertificateRequest::format
CertificateRequestFormat format() const
the format that this Certificate request is in
QCA::CertificateCollection::fromPKCS7File
static CertificateCollection fromPKCS7File(const QString &fileName, ConvertResult *result=nullptr, const QString &provider=QString())
import a CertificateCollection from a PKCS#7 file
QCA::PGPKey
Pretty Good Privacy key.
Definition: qca_cert.h:2361
QCA::CRL::operator=
CRL & operator=(const CRL &from)
Standard assignment operator.
QCA::CertificateAuthority::certificate
Certificate certificate() const
The Certificate belonging to the CertificateAuthority.
QCA::CertificateAuthority::operator=
CertificateAuthority & operator=(const CertificateAuthority &from)
Standard assignment operator.
QCA::NonRepudiation
@ NonRepudiation
Certificate can be used for non-repudiation, id = "KeyUsage.nonRepudiation"
Definition: qca_cert.h:322
QCA::Certificate::operator=
Certificate & operator=(const Certificate &from)
Standard assignment operator.
QCA::ConstraintType::operator!=
bool operator!=(const ConstraintType &other) const
Inequality operator.
Definition: qca_cert.h:462
QCA::CRL::signatureAlgorithm
SignatureAlgorithm signatureAlgorithm() const
The signature algorithm used for the signature on this CRL.
qca_publickey.h
Header file for PublicKey and PrivateKey related classes.
QCA::Certificate::Certificate
Certificate(const Certificate &from)
Standard copy constructor.
QCA::CertificateAuthority::signRequest
Certificate signRequest(const CertificateRequest &req, const QDateTime &notValidAfter) const
Create a new Certificate by signing the provider CertificateRequest.
QCA::XMPP
@ XMPP
XMPP address (see http://www.ietf.org/rfc/rfc3920.txt), id = "1.3.6.1.5.5.7.8.5".
Definition: qca_cert.h:81
QCA::CertificateAuthority::updateCRL
CRL updateCRL(const CRL &crl, const QList< CRLEntry > &entries, const QDateTime &nextUpdate) const
Update the CRL to include new entries.
QCA::CertificateOptions::setInfo
void setInfo(const CertificateInfo &info)
Specify information for the subject associated with the certificate.
QCA::KeyLoader
Asynchronous private key loader.
Definition: qca_cert.h:2566
QCA::CertificateOptions::infoOrdered
CertificateInfoOrdered infoOrdered() const
Information on the subject of the certificate, in the exact order the items will be written.
QCA::PublicKey
Generic public key.
Definition: qca_publickey.h:527
QCA::CRLEntry::operator<
bool operator<(const CRLEntry &a) const
Test if one CRL entry is "less than" another.
QCA::Certificate::subjectPublicKey
PublicKey subjectPublicKey() const
The public key associated with the subject of the certificate.
QCA::Validity
Validity
The validity (or otherwise) of a certificate.
Definition: qca_cert.h:490
QCA::CertificateRequest::CertificateRequest
CertificateRequest()
Create an empty certificate request.
QCA::KeyLoader::loadPrivateKeyFromPEMFile
void loadPrivateKeyFromPEMFile(const QString &fileName)
Initiate an asynchronous loading of a PrivateKey from a PEM format file.
QCA::EncipherOnly
@ EncipherOnly
Certificate can only be used for encryption, id = "KeyUsage.encipherOnly"
Definition: qca_cert.h:328
QCA::PGPKey::PGPKey
PGPKey(const QString &fileName)
Create a PGP key from an encoded file.
QCA::CertificateOptions::setInfoOrdered
void setInfoOrdered(const CertificateInfoOrdered &info)
Specify information for the subject associated with the certificate.
QCA::SPKAC
@ SPKAC
Signed Public Key and Challenge (Netscape) format.
Definition: qca_cert.h:57
QCA::CertificateCollection::CertificateCollection
CertificateCollection()
Create an empty Certificate / CRL collection.
QCA::CertificateCollection::addCertificate
void addCertificate(const Certificate &cert)
Append a Certificate to this collection.
QCA::ErrorUntrusted
@ ErrorUntrusted
The certificate is not trusted.
Definition: qca_cert.h:493
QCA::ErrorSignatureFailed
@ ErrorSignatureFailed
The signature does not match.
Definition: qca_cert.h:494
QCA::CertificateOptions::setChallenge
void setChallenge(const QString &s)
Specify the challenge associated with this certificate.
QCA::CertificateOptions::serialNumber
BigInteger serialNumber() const
The serial number for the certificate.
QCA::CertificateRequest::signatureAlgorithm
SignatureAlgorithm signatureAlgorithm() const
The algorithm used to make the signature on this certificate request.
QCA::ConstraintType::section
Section section() const
The section the constraint is part of.
QCA::CertificateOptions::setSerialNumber
void setSerialNumber(const BigInteger &i)
Set the serial number property on this certificate.
QCA::Certificate::subjectInfo
CertificateInfo subjectInfo() const
QCA::Certificate::notValidBefore
QDateTime notValidBefore() const
The earliest date that the certificate is valid.
QCA::CertificateInfoOrdered::toString
QString toString() const
Convert to RFC 1779 string format.
Definition: qca_cert.h:569
QCA::PKCS10
@ PKCS10
standard PKCS#10 format
Definition: qca_cert.h:56
QCA::CertificateChain::CertificateChain
CertificateChain(const Certificate &primary)
Create a certificate chain, starting at the specified certificate.
Definition: qca_cert.h:1221
QCA::CertificateInfoType::section
Section section() const
The section the type is part of.
QCA::DecipherOnly
@ DecipherOnly
Certificate can only be used for decryption, id = "KeyUsage.decipherOnly"
Definition: qca_cert.h:329
QCA::CertificateInfoType::CertificateInfoType
CertificateInfoType()
Standard constructor.
QCA::KeyEncipherment
@ KeyEncipherment
Certificate can be used for encrypting / decrypting keys, id = "KeyUsage.keyEncipherment"
Definition: qca_cert.h:323
QCA::Certificate::notValidAfter
QDateTime notValidAfter() const
The latest date that the certificate is valid.
QCA::CRL::fromPEM
static CRL fromPEM(const QString &s, ConvertResult *result=nullptr, const QString &provider=QString())
Import a PEM encoded Certificate Revocation List (CRL)
QCA::CRLEntry::Superseded
@ Superseded
certificate has been superseded
Definition: qca_cert.h:1575
QCA::CRL::fromDER
static CRL fromDER(const QByteArray &a, ConvertResult *result=nullptr, const QString &provider=QString())
Import a DER encoded Certificate Revocation List (CRL)
QCA::Certificate::Certificate
Certificate()
Create an empty Certificate.
QCA::ConstraintType::ConstraintType
ConstraintType(ConstraintTypeKnown known)
Construct a new constraint.
QCA::CRLEntry::Reason
Reason
The reason why the certificate has been revoked.
Definition: qca_cert.h:1570
QCA::CertificateOptions::setIssuerLocations
void setIssuerLocations(const QStringList &locations)
set the issuer certificate locations of the certificate