Qt Cryptographic Architecture
|
#include <QtCrypto>
Public Types | |
enum | Error { ErrorPassphrase, ErrorFormat, ErrorSignerExpired, ErrorSignerInvalid, ErrorEncryptExpired, ErrorEncryptUntrusted, ErrorEncryptInvalid, ErrorNeedCard, ErrorCertKeyMismatch, ErrorUnknown, ErrorSignerRevoked, ErrorSignatureExpired, ErrorEncryptRevoked } |
enum | Format { Binary, Ascii } |
enum | SignMode { Message, Clearsign, Detached } |
enum | Type { OpenPGP, CMS } |
Signals | |
void | bytesWritten (int bytes) |
void | finished () |
void | readyRead () |
Friends | |
class | Private |
Additional Inherited Members | |
![]() | |
Algorithm () | |
Algorithm (const QString &type, const QString &provider) | |
Class representing a secure message.
SecureMessage presents a unified interface for working with both OpenPGP and CMS (S/MIME) messages. Prepare the object by calling setFormat(), setRecipient(), and setSigner() as necessary, and then begin the operation by calling an appropriate 'start' function, such as startSign().
Here is an example of how to perform a Clearsign operation using PGP:
Performing a CMS sign operation is similar. Simply set up the SecureMessageKey with a Certificate instead of a PGPKey, and operate on a CMS object instead of an OpenPGP object.
Errors for secure messages.
QCA::SecureMessage::SecureMessage | ( | SecureMessageSystem * | system | ) |
Create a new secure message.
This constructor uses an existing SecureMessageSystem object (for example, an OpenPGP or CMS object) to generate a specific kind of secure message.
system | a pre-existing and configured SecureMessageSystem object |
Type QCA::SecureMessage::type | ( | ) | const |
The Type of secure message.
bool QCA::SecureMessage::canSignMultiple | ( | ) | const |
Test if the message type supports multiple (parallel) signatures.
bool QCA::SecureMessage::canClearsign | ( | ) | const |
True if the SecureMessageSystem can clearsign messages.
bool QCA::SecureMessage::canSignAndEncrypt | ( | ) | const |
True if the SecureMessageSystem can both sign and encrypt (in the same operation).
void QCA::SecureMessage::reset | ( | ) |
Reset the object state to that of original construction.
Now a new operation can be performed immediately.
bool QCA::SecureMessage::bundleSignerEnabled | ( | ) | const |
Returns true if bundling of the signer certificate chain is enabled.
bool QCA::SecureMessage::smimeAttributesEnabled | ( | ) | const |
Returns true if inclusion of S/MIME attributes is enabled.
Format QCA::SecureMessage::format | ( | ) | const |
Return the format type set for this message.
SecureMessageKeyList QCA::SecureMessage::recipientKeys | ( | ) | const |
Return the recipient(s) set for this message with setRecipient() or setRecipients()
SecureMessageKeyList QCA::SecureMessage::signerKeys | ( | ) | const |
Return the signer(s) set for this message with setSigner() or setSigners()
void QCA::SecureMessage::setBundleSignerEnabled | ( | bool | b | ) |
For CMS only, this will bundle the signer certificate chain into the message.
This allows a message to be verified on its own, without the need to have obtained the signer's certificate in advance. Email clients using S/MIME often bundle the signer, greatly simplifying key management.
This behavior is enabled by default.
b | whether to bundle (if true) or not (false) |
void QCA::SecureMessage::setSMIMEAttributesEnabled | ( | bool | b | ) |
For CMS only, this will put extra attributes into the message related to S/MIME, such as the preferred type of algorithm to use in replies.
The attributes used are decided by the provider.
This behavior is enabled by default.
b | whether to embed extra attribues (if true) or not (false) |
void QCA::SecureMessage::setFormat | ( | Format | f | ) |
Set the Format used for messages.
The default is Binary.
f | whether to use Binary or Ascii |
void QCA::SecureMessage::setRecipient | ( | const SecureMessageKey & | key | ) |
Set the recipient for an encrypted message.
key | the recipient's key |
void QCA::SecureMessage::setRecipients | ( | const SecureMessageKeyList & | keys | ) |
Set the list of recipients for an encrypted message.
For a list with one item, this has the same effect as setRecipient.
keys | the recipients' key |
void QCA::SecureMessage::setSigner | ( | const SecureMessageKey & | key | ) |
Set the signer for a signed message.
This is used for both creating signed messages as well as for verifying CMS messages that have no signer bundled.
key | the key associated with the signer |
void QCA::SecureMessage::setSigners | ( | const SecureMessageKeyList & | keys | ) |
void QCA::SecureMessage::startEncrypt | ( | ) |
Start an encryption operation.
You will normally use this with some code along these lines:
Each update() may (or may not) result in some encrypted data, as indicated by the readyRead() signal being emitted. Alternatively, you can wait until the whole message is available (using either waitForFinished(), or use the finished() signal. The encrypted message can then be read using the read() method.
void QCA::SecureMessage::startDecrypt | ( | ) |
Start an decryption operation.
You will normally use this with some code along these lines:
Each update() may (or may not) result in some decrypted data, as indicated by the readyRead() signal being emitted. Alternatively, you can wait until the whole message is available (using either waitForFinished(), or the finished() signal). The decrypted message can then be read using the read() method.
Start a signing operation.
You will normally use this with some code along these lines:
For Detached signatures, you won't get any results until the whole process is done - you either waitForFinished(), or use the finished() signal, to figure out when you can get the signature (using the signature() method, not using read()). For other formats, you can use the readyRead() signal to determine when there may be part of a signed message to read().
m | the mode that will be used to generate the signature |
void QCA::SecureMessage::startVerify | ( | const QByteArray & | detachedSig = QByteArray() | ) |
Start a verification operation.
detachedSig | the detached signature to verify. Do not pass a signature for other signature types. |
void QCA::SecureMessage::startSignAndEncrypt | ( | ) |
Start a combined signing and encrypting operation.
You use this in the same way as startEncrypt().
void QCA::SecureMessage::update | ( | const QByteArray & | in | ) |
Process a message (or the next part of a message) in the current operation.
You need to have already set up the message (startEncrypt(), startDecrypt(), startSign(), startSignAndEncrypt() and startVerify()) before calling this method.
in | the data to process |
QByteArray QCA::SecureMessage::read | ( | ) |
Read the available data.
int QCA::SecureMessage::bytesAvailable | ( | ) | const |
The number of bytes available to be read.
void QCA::SecureMessage::end | ( | ) |
Complete an operation.
You need to call this method after you have processed the message (which you pass in as the argument to update().
bool QCA::SecureMessage::waitForFinished | ( | int | msecs = 30000 | ) |
Block until the operation (encryption, decryption, signing or verifying) completes.
msecs | the number of milliseconds to wait for the operation to complete. Pass -1 to wait indefinitely. |
bool QCA::SecureMessage::success | ( | ) | const |
Indicates whether or not the operation was successful or failed.
If this function returns false, then the reason for failure can be obtained with errorCode().
Error QCA::SecureMessage::errorCode | ( | ) | const |
QByteArray QCA::SecureMessage::signature | ( | ) | const |
The signature for the message.
This is only used for Detached signatures. For other message types, you get the message and signature together using read().
QString QCA::SecureMessage::hashName | ( | ) | const |
The name of the hash used for the signature process.
bool QCA::SecureMessage::wasSigned | ( | ) | const |
Test if the message was signed.
This is true for OpenPGP if the decrypted message was also signed.
bool QCA::SecureMessage::verifySuccess | ( | ) | const |
Verify that the message signature is correct.
SecureMessageSignature QCA::SecureMessage::signer | ( | ) | const |
Information on the signer for the message.
SecureMessageSignatureList QCA::SecureMessage::signers | ( | ) | const |
Information on the signers for the message.
This is only meaningful if the message type supports multiple signatures (see canSignMultiple() for a suitable test).
QString QCA::SecureMessage::diagnosticText | ( | ) | const |
Returns a log of technical information about the operation, which may be useful for presenting to the user in an advanced error dialog.
|
signal |
This signal is emitted when there is some data to read.
Typically you connect this signal to a slot that does a read() of the available data.
|
signal |
This signal is emitted when data has been accepted by the message processor.
bytes | the number of bytes written |
|
signal |
This signal is emitted when the message is fully processed.