47 class CertificateCollection;
48 class CertificateChain;
176 Section section()
const;
231 return !(*
this == other);
236 QSharedDataPointer<Private> d;
286 QString value()
const;
304 return !(*
this == other);
309 QSharedDataPointer<Private> d;
412 Section section()
const;
464 return !(*
this == other);
469 QSharedDataPointer<Private> d;
511 ValidateRevoked = 0x01,
512 ValidateExpired = 0x02,
513 ValidatePolicy = 0x04
643 bool isValid()
const;
652 QString challenge()
const;
659 CertificateInfo info()
const;
672 Constraints constraints()
const;
677 QStringList policies()
const;
686 QStringList crlLocations()
const;
695 QStringList issuerLocations()
const;
702 QStringList ocspLocations()
const;
715 int pathLimit()
const;
729 QDateTime notValidBefore()
const;
736 QDateTime notValidAfter()
const;
746 void setChallenge(
const QString &s);
756 void setInfo(
const CertificateInfo &info);
773 void setConstraints(
const Constraints &constraints);
780 void setPolicies(
const QStringList &policies);
789 void setCRLLocations(
const QStringList &locations);
798 void setIssuerLocations(
const QStringList &locations);
805 void setOCSPLocations(
const QStringList &locations);
812 void setAsCA(
int pathLimit = 8);
832 void setValidityPeriod(
const QDateTime &start,
const QDateTime &end);
900 QDateTime notValidBefore()
const;
905 QDateTime notValidAfter()
const;
924 CertificateInfo subjectInfo()
const;
952 CertificateInfo issuerInfo()
const;
971 Constraints constraints()
const;
978 QStringList policies()
const;
985 QStringList crlLocations()
const;
992 QStringList issuerLocations()
const;
997 QStringList ocspLocations()
const;
1005 QString commonName()
const;
1029 bool isSelfSigned()
const;
1045 int pathLimit()
const;
1055 QByteArray subjectKeyId()
const;
1060 QByteArray issuerKeyId()
const;
1078 QByteArray toDER()
const;
1083 QString toPEM()
const;
1090 bool toPEMFile(
const QString &fileName)
const;
1133 static Certificate fromPEMFile(
const QString &fileName,
ConvertResult *result = 0,
const QString &provider = QString());
1147 bool matchesHostName(
const QString &host)
const;
1165 return !(*
this == other);
1177 friend class Private;
1178 QSharedDataPointer<Private> d;
1273 return first().chain_validate(*
this, trusted, untrusted_crls, u, vf);
1280 return first().chain_complete(*
this, issuers, result);
1340 bool isNull()
const;
1367 CertificateInfo subjectInfo()
const;
1386 Constraints constraints()
const;
1393 QStringList policies()
const;
1413 int pathLimit()
const;
1418 QString challenge()
const;
1442 return !(*
this == other);
1450 QByteArray toDER()
const;
1457 QString toPEM()
const;
1466 bool toPEMFile(
const QString &fileName)
const;
1525 QString toString()
const;
1552 friend class Private;
1553 QSharedDataPointer<Private> d;
1576 CessationOfOperation,
1630 QDateTime time()
const;
1635 bool isNull()
const;
1643 Reason reason()
const;
1652 bool operator<(
const CRLEntry &a)
const;
1661 bool operator==(
const CRLEntry &a)
const;
1670 return !(*
this == other);
1721 CRL & operator=(
const CRL &from);
1728 bool isNull()
const;
1736 CertificateInfo issuerInfo()
const;
1759 QDateTime thisUpdate()
const;
1766 QDateTime nextUpdate()
const;
1781 QByteArray issuerKeyId()
const;
1790 bool operator==(
const CRL &a)
const;
1799 return !(*
this == other);
1807 QByteArray toDER()
const;
1814 QString toPEM()
const;
1822 bool toPEMFile(
const QString &fileName)
const;
1835 static CRL fromDER(
const QByteArray &a,
ConvertResult *result = 0,
const QString &provider = QString());
1848 static CRL fromPEM(
const QString &s,
ConvertResult *result = 0,
const QString &provider = QString());
1862 static CRL fromPEMFile(
const QString &fileName,
ConvertResult *result = 0,
const QString &provider = QString());
1873 friend class Private;
1874 QSharedDataPointer<Private> d;
1927 void addCRL(
const CRL &crl);
1970 static bool canUsePKCS7(
const QString &provider = QString());
1980 bool toFlatTextFile(
const QString &fileName);
1992 bool toPKCS7File(
const QString &fileName,
const QString &provider = QString());
2026 QSharedDataPointer<Private> d;
2098 CRL createCRL(
const QDateTime &nextUpdate)
const;
2181 bool isNull()
const;
2192 QString name()
const;
2213 void setName(
const QString &s);
2249 QByteArray toArray(
const SecureArray &passphrase,
const QString &provider = QString())
const;
2275 bool toFile(
const QString &fileName,
const SecureArray &passphrase,
const QString &provider = QString())
const;
2343 QSharedDataPointer<Private> d;
2377 PGPKey(
const QString &fileName);
2400 bool isNull()
const;
2405 QString keyId()
const;
2410 QString primaryUserId()
const;
2415 QStringList userIds()
const;
2422 bool isSecret()
const;
2427 QDateTime creationDate()
const;
2432 QDateTime expirationDate()
const;
2440 QString fingerprint()
const;
2450 bool inKeyring()
const;
2457 bool isTrusted()
const;
2468 QByteArray toArray()
const;
2478 QString toString()
const;
2485 bool toFile(
const QString &fileName)
const;
2496 static PGPKey fromArray(
const QByteArray &a,
ConvertResult *result = 0,
const QString &provider = QString());
2507 static PGPKey fromString(
const QString &s,
ConvertResult *result = 0,
const QString &provider = QString());
2519 static PGPKey fromFile(
const QString &fileName,
ConvertResult *result = 0,
const QString &provider = QString());
2586 void loadPrivateKeyFromPEMFile(
const QString &fileName);
2596 void loadPrivateKeyFromPEM(
const QString &s);
2616 void loadKeyBundleFromFile(
const QString &fileName);
2625 void loadKeyBundleFromArray(
const QByteArray &a);
2669 friend class Private;
ConvertResult
Return value from a format conversion.
Definition: qca_publickey.h:117
bool operator!=(const CertificateInfoType &other) const
Inequality operator.
Definition: qca_cert.h:229
X.509 certificate request provider.
Definition: qcaprovider.h:1327
PKCS#9 Email field, id = "1.2.840.113549.1.9.1".
Definition: qca_cert.h:69
ConstraintTypeKnown
Known types of certificate constraints.
Definition: qca_cert.h:318
X.509 certificate provider.
Definition: qcaprovider.h:1234
CertificateInfoOrdered dnOnly() const
Return a new CertificateInfoOrdered that only contains the Distinguished Name (DN) types found in thi...
Definition: qca_cert.h:574
QMultiMap< CertificateInfoType, QString > CertificateInfo
Certificate properties type.
Definition: qca_cert.h:527
General superclass for an algorithm.
Definition: qca_core.h:1121
Certificate can be used to sign code, id = "1.3.6.1.5.5.7.3.3". This is an extended usage constraint...
Definition: qca_cert.h:334
The root CA rejected the certificate purpose.
Definition: qca_cert.h:492
certificate revocation list signing certificate
Definition: qca_cert.h:483
QCA_EXPORT QString orderedToDNString(const CertificateInfoOrdered &in)
Convert to RFC 1779 string format.
Certificate can be used to create digital signatures, id = "KeyUsage.digitalSignature" ...
Definition: qca_cert.h:321
Certificate can be used for server authentication (e.g. web server), id = "1.3.6.1.5.5.7.3.1". This is an extended usage constraint.
Definition: qca_cert.h:332
Section
Section of the certificate that the information belongs in.
Definition: qca_cert.h:126
const Certificate & primary() const
Return the primary (end-user) Certificate.
Definition: qca_cert.h:1226
Generic private key.
Definition: qca_publickey.h:826
Certificate can be used to sign / encrypt email, id = "1.3.6.1.5.5.7.3.4". This is an extended usage ...
Definition: qca_cert.h:335
email (S/MIME) certificate
Definition: qca_cert.h:481
bool operator!=(const Certificate &other) const
Inequality operator.
Definition: qca_cert.h:1163
code signing certificate
Definition: qca_cert.h:480
X.509 certificate revocation list provider.
Definition: qcaprovider.h:1408
Certificate chain and private key pair.
Definition: qca_cert.h:2135
The certificate is self-signed, and is not found in the list of trusted certificates.
Definition: qca_cert.h:497
ValidateFlags
The conditions to validate for a certificate.
Definition: qca_cert.h:508
A Certificate Authority is used to generate Certificates and Certificate Revocation Lists (CRLs)...
Definition: qca_cert.h:2037
Validity
The validity (or otherwise) of a certificate.
Definition: qca_cert.h:489
An organisation (eg company), id = "2.5.4.10".
Definition: qca_cert.h:70
Certificate can be used to create a "time stamp" signature, id = "1.3.6.1.5.5.7.3.8". This is an extended usage constraint.
Definition: qca_cert.h:339
Certificate can be used to sign Certificate Revocation Lists, id = "KeyUsage.crlSign" ...
Definition: qca_cert.h:327
Uniform Resource Identifier, id = "GeneralName.uniformResourceIdentifier".
Definition: qca_cert.h:78
CertificateInfoTypeKnown
Known types of information stored in certificates.
Definition: qca_cert.h:65
Certificate can be used for client authentication (e.g. web browser), id = "1.3.6.1.5.5.7.3.2". This is an extended usage constraint.
Definition: qca_cert.h:333
Distinguished name (the primary name)
Definition: qca_cert.h:128
Header file for PublicKey and PrivateKey related classes.
bool operator!=(const CRLEntry &other) const
Inequality operator.
Definition: qca_cert.h:1668
Certificate can be used for non-repudiation, id = "KeyUsage.nonRepudiation"
Definition: qca_cert.h:322
bool operator!=(const CRL &other) const
Inequality operator.
Definition: qca_cert.h:1797
XMPP address (see http://www.ietf.org/rfc/rfc3920.txt), id = "1.3.6.1.5.5.7.8.5". ...
Definition: qca_cert.h:81
QCA_EXPORT CertificateInfoOrdered orderedDNOnly(const CertificateInfoOrdered &in)
Return a new CertificateInfoOrdered that only contains the Distinguished Name (DN) types found in the...
The certificate has been revoked.
Definition: qca_cert.h:498
Certificate can be used to authenticate a user in IPSEC, id = "1.3.6.1.5.5.7.3.7". This is an extended usage constraint.
Definition: qca_cert.h:338
Stored in the key usage section.
Definition: qca_cert.h:364
client side of a TLS or SSL connection
Definition: qca_cert.h:479
Certificate can only be used for encryption, id = "KeyUsage.encipherOnly"
Definition: qca_cert.h:328
Validity is unknown.
Definition: qca_cert.h:502
The locality (eg city, a shire, or part of a state), id = "2.5.4.7".
Definition: qca_cert.h:72
The certificate is not trusted.
Definition: qca_cert.h:493
Certificate Revocation List
Definition: qca_cert.h:1702
The signature does not match.
Definition: qca_cert.h:494
Certificate Request
Definition: qca_cert.h:1292
Certificate can only be used for decryption, id = "KeyUsage.decipherOnly"
Definition: qca_cert.h:329
Certificate can be used for encrypting / decrypting keys, id = "KeyUsage.keyEncipherment" ...
Definition: qca_cert.h:323
Section
Section of the certificate that the constraint belongs in.
Definition: qca_cert.h:362
Signed Public Key and Challenge (Netscape) format.
Definition: qca_cert.h:57
Header file for core QCA infrastructure.
SignatureAlgorithm
Signature algorithm variants.
Definition: qca_publickey.h:73
Certificate can be used for key agreement, id = "KeyUsage.keyAgreement"
Definition: qca_cert.h:325
Certificate information type.
Definition: qca_cert.h:120
bool operator!=(const CertificateInfoPair &other) const
Inequality operator.
Definition: qca_cert.h:302
Ordered certificate properties type.
Definition: qca_cert.h:539
QString toString() const
Convert to RFC 1779 string format.
Definition: qca_cert.h:569
standard PKCS#10 format
Definition: qca_cert.h:56
Asynchronous private key loader.
Definition: qca_cert.h:2565
QCA - the Qt Cryptographic Architecture.
Definition: qca_basic.h:47
CertificateChain()
Create an empty certificate chain.
Definition: qca_cert.h:1213
The locality of incorporation (EV certificates), id = "1.3.6.1.4.1.311.60.2.1.1". ...
Definition: qca_cert.h:73
The path length from the root CA to this certificate is too long.
Definition: qca_cert.h:499
The certificate has expired, or is not yet valid (e.g. current time is earlier than notBefore time) ...
Definition: qca_cert.h:500
The Certificate Authority has expired.
Definition: qca_cert.h:501
certificate has been superseded
Definition: qca_cert.h:1575
The purpose does not match the intended usage.
Definition: qca_cert.h:496
Certificate constraint.
Definition: qca_cert.h:356
The country of incorporation (EV certificates), id = "1.3.6.1.4.1.311.60.2.1.3".
Definition: qca_cert.h:77
Email address, id = "GeneralName.rfc822Name".
Definition: qca_cert.h:68
QCA_EXPORT QStringList makeFriendlyNames(const QList< Certificate > &list)
Create a list of unique friendly names among a list of certificates.
Secure array of bytes.
Definition: qca_tools.h:316
Certificate can be used for encrypting / decrypting data, id = "KeyUsage.dataEncipherment" ...
Definition: qca_cert.h:324
certificate was previously in a CRL, but is now valid
Definition: qca_cert.h:1578
CertificateChain complete(const QList< Certificate > &issuers=QList< Certificate >(), Validity *result=0) const
Complete a certificate chain for the primary certificate, using the rest of the certificates in the c...
Definition: qca_cert.h:1276
CertificateRequestFormat
Certificate Request Format.
Definition: qca_cert.h:54
QList< ConstraintType > Constraints
Certificate constraints type
Definition: qca_cert.h:582
An part of an organisation (eg a division or branch), id = "2.5.4.11".
Definition: qca_cert.h:71
bool operator!=(const ConstraintType &other) const
Inequality operator.
Definition: qca_cert.h:462
Certificate options
Definition: qca_cert.h:601
certificate is on hold
Definition: qca_cert.h:1577
IP address, id = "GeneralName.iPAddress".
Definition: qca_cert.h:80
Certificate can be used for key certificate signing, id = "KeyUsage.keyCertSign"
Definition: qca_cert.h:326
A chain of related Certificates.
Definition: qca_cert.h:1207
private key has been compromised
Definition: qca_cert.h:1572
One entry in a certificate information list.
Definition: qca_cert.h:246
certificate authority has been compromised
Definition: qca_cert.h:1573
The common name (eg person), id = "2.5.4.3".
Definition: qca_cert.h:67
The certificate is valid.
Definition: qca_cert.h:491
QCA_EXPORT const SecureArray operator+(const SecureArray &a, const SecureArray &b)
Returns an array that is the result of concatenating a and b.
Reason
The reason why the certificate has been revoked.
Definition: qca_cert.h:1569
Public Key (X.509) certificate.
Definition: qca_cert.h:848
time stamping certificate
Definition: qca_cert.h:482
The state of incorporation (EV certificates), id = "1.3.6.1.4.1.311.60.2.1.2".
Definition: qca_cert.h:75
Certificate can be used to sign an Online Certificate Status Protocol (OCSP) assertion, id = "1.3.6.1.5.5.7.3.9". This is an extended usage constraint.
Definition: qca_cert.h:340
Any application, or unspecified.
Definition: qca_cert.h:477
Part of a CRL representing a single certificate.
Definition: qca_cert.h:1563
UsageMode
Specify the intended usage of a certificate.
Definition: qca_cert.h:475
Arbitrary precision integer.
Definition: qca_tools.h:570
Certificate can be used to authenticate a tunnel in IPSEC, id = "1.3.6.1.5.5.7.3.6". This is an extended usage constraint.
Definition: qca_cert.h:337
CertificateChain(const Certificate &primary)
Create a certificate chain, starting at the specified certificate.
Definition: qca_cert.h:1221
Pretty Good Privacy key.
Definition: qca_cert.h:2360
The state within the country, id = "2.5.4.8".
Definition: qca_cert.h:74
Bundle of Certificates and CRLs.
Definition: qca_cert.h:1890
Generic public key.
Definition: qca_publickey.h:526
Certificate can be used to authenticate a endpoint in IPSEC, id = "1.3.6.1.5.5.7.3.5". This is an extended usage constraint.
Definition: qca_cert.h:336
server side of a TLS or SSL connection
Definition: qca_cert.h:478
Validity validate(const CertificateCollection &trusted, const QList< CRL > &untrusted_crls=QList< CRL >(), UsageMode u=UsageAny, ValidateFlags vf=ValidateAll) const
Check the validity of a certificate chain.
Definition: qca_cert.h:1269
DNS name, id = "GeneralName.dNSName".
Definition: qca_cert.h:79
The country, id = "2.5.4.6".
Definition: qca_cert.h:76
The Certificate Authority is invalid.
Definition: qca_cert.h:495
bool operator!=(const CertificateRequest &other) const
Inequality operator.
Definition: qca_cert.h:1440
reason is unknown
Definition: qca_cert.h:1571