kio Library API Documentation

KSSLCertificate Class Reference

KDE X.509 CertificateKDE X.509 Certificate. More...

#include <ksslcertificate.h>

List of all members.

Public Types

typedef QValueList< KSSLValidationKSSLValidationList
enum  KSSLValidation {
  Unknown, Ok, NoCARoot, InvalidPurpose,
  PathLengthExceeded, InvalidCA, Expired, SelfSigned,
  ErrorReadingRoot, NoSSL, Revoked, Untrusted,
  SignatureFailed, Rejected, PrivateKeyFailed, InvalidHost,
  Irrelevant, SelfSignedChain
}
enum  KSSLPurpose {
  None = 0, SSLServer = 1, SSLClient = 2, SMIMESign = 3,
  SMIMEEncrypt = 4, Any = 5
}

Public Member Functions

 ~KSSLCertificate ()
QString toString ()
QString getSubject () const
QString getIssuer () const
QString getNotBefore () const
QString getNotAfter () const
QDateTime getQDTNotBefore () const
QDateTime getQDTNotAfter () const
QByteArray toDer ()
QByteArray toPem ()
QByteArray toNetscape ()
QString toText ()
QString getSerialNumber () const
QString getKeyType () const
QString getPublicKeyText () const
QString getMD5DigestText () const
QString getMD5Digest () const
QString getSignatureText () const
bool isValid ()
bool isValid (KSSLPurpose p)
QStringList subjAltNames () const
KSSLValidation validate ()
KSSLValidation validate (KSSLPurpose p)
KSSLValidationList validateVerbose (KSSLPurpose p)
KSSLValidationList validateVerbose (KSSLPurpose p, KSSLCertificate *ca)
KSSLValidation revalidate ()
KSSLValidation revalidate (KSSLPurpose p)
KSSLCertChainchain ()
KSSLCertificatereplicate ()
 KSSLCertificate (const KSSLCertificate &x)
bool setCert (QString &cert)
KSSLX509V3x509V3Extensions ()
bool isSigner ()
void getEmails (QStringList &to) const
QString getKDEKey () const

Static Public Member Functions

static KSSLCertificatefromString (QCString cert)
static KSSLCertificatefromX509 (X509 *x5)
static QString verifyText (KSSLValidation x)
static QString getMD5DigestFromKDEKey (const QString &k)

Protected Member Functions

 KSSLCertificate ()
void setCert (X509 *c)
void setChain (void *c)
X509 * getCert ()
KSSLValidation processError (int ec)

Friends

class KSSL
class KSSLCertificateHome
class KSSLCertificateFactory
class KSSLCertificateCache
class KSSLCertChain
class KSSLPeerInfo
class KSSLPKCS12
class KSSLD
class KSMIMECryptoPrivate
KIO_EXPORT friend int operator!= (KSSLCertificate &x, KSSLCertificate &y)
KIO_EXPORT friend int operator== (KSSLCertificate &x, KSSLCertificate &y)


Detailed Description

KDE X.509 CertificateKDE X.509 Certificate.

This class represents an X.509 (SSL) certificate. Note: this object is VERY HEAVY TO COPY. Please try to use reference or pointer whenever possible

Author:
George Staikos <staikos@kde.org>
See also:
KSSL

Definition at line 75 of file ksslcertificate.h.


Member Enumeration Documentation

enum KSSLCertificate::KSSLValidation
 

A CA certificate can be validated as Irrelevant when it was not used to sign any other relevant certificate.

Definition at line 113 of file ksslcertificate.h.


Constructor & Destructor Documentation

KSSLCertificate::~KSSLCertificate  ) 
 

Destroy this X.509 certificate.

Definition at line 118 of file ksslcertificate.cc.

KSSLCertificate::KSSLCertificate const KSSLCertificate x  ) 
 

Copy constructor.

Beware, this is very expensive.

Parameters:
x the object to copy from

Definition at line 103 of file ksslcertificate.cc.

References KStandardDirs::addResourceType(), KGlobal::dirs(), getCert(), KStandardDirs::kde_default(), KSSLCertChain::rawChain(), setCert(), and setChain().


Member Function Documentation

KSSLCertificate * KSSLCertificate::fromString QCString  cert  )  [static]
 

Create an X.509 certificate from a base64 encoded string.

Parameters:
cert the certificate in base64 form
Returns:
the X.509 certificate, or NULL

Definition at line 144 of file ksslcertificate.cc.

References KCodecs::base64Decode(), QCString::copy(), QCString::length(), and setCert().

Referenced by Observer::messageBox(), and KSSLCertChain::setCertChain().

KSSLCertificate * KSSLCertificate::fromX509 X509 *  x5  )  [static]
 

Create an X.509 certificate from the internal representation.

This one duplicates the X509 object for itself.

Parameters:
x5 the OpenSSL representation of the certificate
Returns:
the X.509 certificate, or NULL

Definition at line 132 of file ksslcertificate.cc.

References setCert().

QString KSSLCertificate::toString  ) 
 

Convert this certificate to a string.

Returns:
the certificate in base64 format

Definition at line 912 of file ksslcertificate.cc.

References KCodecs::base64Encode(), and toDer().

Referenced by KSSLSigners::addCA(), and toPem().

QString KSSLCertificate::getSubject  )  const
 

Get the subject of the certificate (X.509 map).

Returns:
the subject

Definition at line 166 of file ksslcertificate.cc.

Referenced by KSSLPeerInfo::certMatchesAddress(), getKDEKey(), KSSLPKCS7::name(), KSSLPKCS12::name(), KSSLSigners::remove(), setCert(), KSSLInfoDlg::setup(), KSSLSigners::useForCode(), KSSLSigners::useForEmail(), and KSSLSigners::useForSSL().

QString KSSLCertificate::getIssuer  )  const
 

Get the issuer of the certificate (X.509 map).

Returns:
the issuer

Definition at line 425 of file ksslcertificate.cc.

Referenced by KSSLInfoDlg::setup().

QString KSSLCertificate::getNotBefore  )  const
 

Get the date that the certificate becomes valid on.

Returns:
the date as a string, localised

Definition at line 852 of file ksslcertificate.cc.

QString KSSLCertificate::getNotAfter  )  const
 

Get the date that the certificate is valid until.

Returns:
the date as a string, localised

Definition at line 861 of file ksslcertificate.cc.

Referenced by processError().

QDateTime KSSLCertificate::getQDTNotBefore  )  const
 

Get the date that the certificate becomes valid on.

Returns:
the date

Definition at line 870 of file ksslcertificate.cc.

References QDateTime::currentDateTime().

QDateTime KSSLCertificate::getQDTNotAfter  )  const
 

Get the date that the certificate is valid until.

Returns:
the date

Definition at line 879 of file ksslcertificate.cc.

References QDateTime::currentDateTime().

QByteArray KSSLCertificate::toDer  ) 
 

Convert the certificate to DER (ASN.1) format.

Returns:
the binary data of the DER encoding

Definition at line 957 of file ksslcertificate.cc.

References getCert().

Referenced by toString().

QByteArray KSSLCertificate::toPem  ) 
 

Convert the certificate to PEM (base64) format.

Returns:
the binary data of the PEM encoding

Definition at line 977 of file ksslcertificate.cc.

References QString::append(), QString::insert(), QString::length(), QString::local8Bit(), QString::prepend(), and toString().

QByteArray KSSLCertificate::toNetscape  ) 
 

Convert the certificate to Netscape format.

Returns:
the binary data of the Netscape encoding

Definition at line 1005 of file ksslcertificate.cc.

References QFile::close(), KTempFile::close(), KTempFile::fstream(), getCert(), KTempFile::name(), QFile::open(), QFile::size(), and KTempFile::unlink().

QString KSSLCertificate::toText  ) 
 

Convert the certificate to OpenSSL plain text format.

Returns:
the OpenSSL text encoding

Definition at line 1038 of file ksslcertificate.cc.

References QFile::close(), KTempFile::close(), KTempFile::fstream(), getCert(), KTempFile::name(), QFile::open(), QFile::size(), and KTempFile::unlink().

QString KSSLCertificate::getSerialNumber  )  const
 

Get the serial number of the certificate.

Returns:
the serial number as a string

Definition at line 180 of file ksslcertificate.cc.

QString KSSLCertificate::getKeyType  )  const
 

Get the key type (RSA, DSA, etc).

Returns:
the key type as a string

Definition at line 305 of file ksslcertificate.cc.

QString KSSLCertificate::getPublicKeyText  )  const
 

Get the public key.

Returns:
the public key as a hexidecimal string

Definition at line 331 of file ksslcertificate.cc.

References QString::arg().

QString KSSLCertificate::getMD5DigestText  )  const
 

Get the MD5 digest of the certificate.

Result is padded with : to separate bytes - it's a text version!

Returns:
the MD5 digest in a hexidecimal string

Definition at line 257 of file ksslcertificate.cc.

References QString::append().

Referenced by getKDEKey().

QString KSSLCertificate::getMD5Digest  )  const
 

Get the MD5 digest of the certificate.

Returns:
the MD5 digest in a hexidecimal string

Definition at line 282 of file ksslcertificate.cc.

References QString::append().

QString KSSLCertificate::getSignatureText  )  const
 

Get the signature.

Returns:
the signature in text format

Definition at line 194 of file ksslcertificate.cc.

References QString::append().

bool KSSLCertificate::isValid  ) 
 

Check if this is a valid certificate.

Will use cached data.

Returns:
true if it is valid

Definition at line 565 of file ksslcertificate.cc.

bool KSSLCertificate::isValid KSSLPurpose  p  ) 
 

Check if this is a valid certificate.

Will use cached data.

Parameters:
p the purpose to validate for
Returns:
true if it is valid

Definition at line 560 of file ksslcertificate.cc.

References validate().

QStringList KSSLCertificate::subjAltNames  )  const
 

The alternate subject name.

Returns:
string list with subjectAltName

Definition at line 1085 of file ksslcertificate.cc.

References QString::isEmpty().

Referenced by KSSLPeerInfo::certMatchesAddress().

KSSLCertificate::KSSLValidation KSSLCertificate::validate  ) 
 

Check if this is a valid certificate.

Will use cached data.

Returns:
the result of the validation

Definition at line 590 of file ksslcertificate.cc.

Referenced by isValid(), revalidate(), KSSLInfoDlg::setup(), KSSLPKCS7::validate(), and KSSLPKCS12::validate().

KSSLCertificate::KSSLValidation KSSLCertificate::validate KSSLPurpose  p  ) 
 

Check if this is a valid certificate.

Will use cached data.

Parameters:
p the purpose to validate for
Returns:
the result of the validation

Definition at line 594 of file ksslcertificate.cc.

References QValueList::first(), QValueList::isEmpty(), and validateVerbose().

KSSLCertificate::KSSLValidationList KSSLCertificate::validateVerbose KSSLPurpose  p  ) 
 

Check if this is a valid certificate.

Will use cached data.

Parameters:
p the purpose to validate for
Returns:
all problems encountered during validation

Definition at line 608 of file ksslcertificate.cc.

Referenced by validate().

KSSLCertificate::KSSLValidationList KSSLCertificate::validateVerbose KSSLPurpose  p,
KSSLCertificate ca
 

Check if the certificate ca is a proper CA for this certificate.

Parameters:
p the purpose to validate for
Returns:
all problems encountered during validation

Definition at line 613 of file ksslcertificate.cc.

References d, KGlobal::dirs(), endl(), kdDebug(), processError(), and KStandardDirs::resourceDirs().

KSSLCertificate::KSSLValidation KSSLCertificate::revalidate  ) 
 

Check if this is a valid certificate.

Will NOT use cached data.

Returns:
the result of the validation

Definition at line 753 of file ksslcertificate.cc.

Referenced by KSSLPKCS7::revalidate(), and KSSLPKCS12::revalidate().

KSSLCertificate::KSSLValidation KSSLCertificate::revalidate KSSLPurpose  p  ) 
 

Check if this is a valid certificate.

Will NOT use cached data.

Parameters:
p the purpose to validate for
Returns:
the result of the validation

Definition at line 758 of file ksslcertificate.cc.

References validate().

KSSLCertChain & KSSLCertificate::chain  ) 
 

Get a reference to the certificate chain.

Returns:
reference to the chain

Definition at line 127 of file ksslcertificate.cc.

Referenced by Observer::messageBox(), and KSSLInfoDlg::setup().

QString KSSLCertificate::verifyText KSSLValidation  x  )  [static]
 

Obtain the localized message that corresponds to a validation result.

Parameters:
x the code to look up
Returns:
the message text corresponding to the validation code

Definition at line 917 of file ksslcertificate.cc.

KSSLCertificate * KSSLCertificate::replicate  ) 
 

Explicitly make a copy of this certificate.

Returns:
a copy of the certificate

Definition at line 898 of file ksslcertificate.cc.

References getCert(), KSSLCertificate(), KSSLCertChain::rawChain(), setCert(), and setChain().

bool KSSLCertificate::setCert QString cert  ) 
 

Re-set the certificate from a base64 string.

Parameters:
cert the certificate to set to
Returns:
true on success

Definition at line 1060 of file ksslcertificate.cc.

References KCodecs::base64Decode(), and QString::local8Bit().

Referenced by fromString(), fromX509(), KSSLCertChain::getChain(), KSSLCertificate(), KSSLPKCS12::parse(), and replicate().

KSSLX509V3 & KSSLCertificate::x509V3Extensions  ) 
 

Access the X.509v3 parameters.

Returns:
reference to the extension object
See also:
KSSLX509V3

Definition at line 1075 of file ksslcertificate.cc.

Referenced by KSSL::setClientCertificate().

bool KSSLCertificate::isSigner  ) 
 

Check if this is a signer certificate.

Returns:
true if this is a signer certificate

Definition at line 1080 of file ksslcertificate.cc.

void KSSLCertificate::getEmails QStringList to  )  const
 

FIXME: document.

Definition at line 222 of file ksslcertificate.cc.

QString KSSLCertificate::getKDEKey  )  const
 

KDEKey is a concatenation "Subject (MD5)", mostly needed for SMIME.

The result of getKDEKey might change and should not be used for persistant storage.

Definition at line 239 of file ksslcertificate.cc.

References getMD5DigestText(), and getSubject().

QString KSSLCertificate::getMD5DigestFromKDEKey const QString k  )  [static]
 

Aegypten semantics force us to search by MD5Digest only.

Definition at line 244 of file ksslcertificate.cc.

References QString::at(), QString::findRev(), QString::length(), and QString::mid().


The documentation for this class was generated from the following files:
KDE Logo
This file is part of the documentation for kio Library Version 3.4.2.
Documentation copyright © 1996-2004 the KDE developers.
Generated on Wed Feb 8 06:23:42 2006 by doxygen 1.4.4 written by Dimitri van Heesch, © 1997-2003