00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022 #ifndef _KSSLCERTIFICATE_H
00023 #define _KSSLCERTIFICATE_H
00024
00025
00026
00027
00028
00029
00030
00031
00032
00033
00034
00035
00036
00037
00038
00039 class QByteArray;
00040 class QString;
00041 class QStringList;
00042 class KSSL;
00043 class KSSLCertificatePrivate;
00044 class QDateTime;
00045 class KSSLCertChain;
00046 class KSSLX509V3;
00047
00048 #include <kio/kio_export.h>
00049 #include <ksslconfig.h>
00050
00051 #include <QtCore/QList>
00052
00053 #ifdef KSSL_HAVE_SSL
00054 typedef struct x509_st X509;
00055 #else
00056 #if !defined(QT_NO_OPENSSL)
00057 #include <QtNetwork/QSslCertificate>
00058 #else
00059 class X509;
00060 #endif
00061 #endif
00062
00074 class KIO_EXPORT KSSLCertificate
00075 {
00076 friend class KSSL;
00077 friend class KSSLCertificateHome;
00078 friend class KSSLCertificateFactory;
00079 friend class KSSLCertificateCache;
00080 friend class KSSLCertChain;
00081 friend class KSSLPeerInfo;
00082 friend class KSSLPKCS12;
00083 friend class KSSLD;
00084 friend class KSMIMECryptoPrivate;
00085
00086
00087 public:
00091 ~KSSLCertificate();
00092
00098 static KSSLCertificate *fromString(const QByteArray &cert);
00099
00107 static KSSLCertificate *fromX509(X509 *x5);
00108
00109
00110
00111
00112
00113
00120 enum KSSLValidation { Unknown, Ok, NoCARoot, InvalidPurpose,
00121 PathLengthExceeded, InvalidCA, Expired,
00122 SelfSigned, ErrorReadingRoot, NoSSL,
00123 Revoked, Untrusted, SignatureFailed,
00124 Rejected, PrivateKeyFailed, InvalidHost,
00125 Irrelevant, SelfSignedChain,
00126 GetIssuerCertFailed, DecodeIssuerPublicKeyFailed,
00127 GetIssuerCertLocallyFailed,
00128 CertificateNotYetValid, CertificateHasExpired,
00129 CRLNotYetValid, CRLHasExpired,
00130 CertificateFieldNotBeforeErroneous,
00131 CertificateFieldNotAfterErroneous,
00132 CRLFieldLastUpdateErroneous,
00133 CRLFieldNextUpdateErroneous,
00134 CertificateRevoked,
00135 CertificateUntrusted, VerifyLeafSignatureFailed,
00136 CertificateSignatureFailed, CRLSignatureFailed,
00137 DecryptCertificateSignatureFailed,
00138 DecryptCRLSignatureFailed, CertificateRejected,
00139 SelfSignedInChain, ApplicationVerificationFailed,
00140 AuthAndSubjectKeyIDAndNameMismatched,
00141 AuthAndSubjectKeyIDMismatched, OutOfMemory,
00142 GetCRLFailed, CertificateChainTooLong,
00143 KeyMayNotSignCertificate,
00144 IssuerSubjectMismatched
00145 };
00146
00147 enum KSSLPurpose { None=0, SSLServer=1, SSLClient=2,
00148 SMIMESign=3, SMIMEEncrypt=4, Any=5 };
00149
00150 typedef QList<KSSLValidation> KSSLValidationList;
00151
00156 QString toString();
00157
00162 QString getSubject() const;
00163
00168 QString getIssuer() const;
00169
00174 QString getNotBefore() const;
00175
00180 QString getNotAfter() const;
00181
00186 QDateTime getQDTNotBefore() const;
00187
00192 QDateTime getQDTNotAfter() const;
00193
00198 QByteArray toDer();
00199
00204 QByteArray toPem();
00205
00210 QByteArray toNetscape();
00211
00216 QString toText();
00217
00222 QString getSerialNumber() const;
00223
00228 QString getKeyType() const;
00229
00234 QString getPublicKeyText() const;
00235
00241 QString getMD5DigestText() const;
00242
00247 QString getMD5Digest() const;
00248
00253 QString getSignatureText() const;
00254
00259 bool isValid();
00260
00266 bool isValid(KSSLPurpose p);
00267
00272 QStringList subjAltNames() const;
00273
00278 KSSLValidation validate();
00279
00285 KSSLValidation validate(KSSLPurpose p);
00286
00292 KSSLValidationList validateVerbose(KSSLPurpose p);
00293
00301 KSSLValidationList validateVerbose(KSSLPurpose p, KSSLCertificate *ca);
00302
00307 KSSLValidation revalidate();
00308
00314 KSSLValidation revalidate(KSSLPurpose p);
00315
00320 KSSLCertChain& chain();
00321
00327 static QString verifyText(KSSLValidation x);
00328
00333 KSSLCertificate *replicate();
00334
00339 KSSLCertificate(const KSSLCertificate& x);
00340
00346 bool setCert(const QString& cert);
00347
00353 KSSLX509V3& x509V3Extensions();
00354
00359 bool isSigner();
00360
00364 void getEmails(QStringList& to) const;
00365
00371 QString getKDEKey() const;
00372
00376 static QString getMD5DigestFromKDEKey(const QString& k);
00377
00378 private:
00379 KIO_EXPORT friend int operator!=(KSSLCertificate& x, KSSLCertificate& y);
00380 KIO_EXPORT friend int operator==(KSSLCertificate& x, KSSLCertificate& y);
00381
00382 KSSLCertificatePrivate *d;
00383 int purposeToOpenSSL(KSSLPurpose p) const;
00384
00385 protected:
00386 KSSLCertificate();
00387
00388 void setCert(X509 *c);
00389 void setChain(void *c);
00390 X509 *getCert();
00391 KSSLValidation processError(int ec);
00392 };
00393
00394 KIO_EXPORT QDataStream& operator<<(QDataStream& s, const KSSLCertificate& r);
00395 KIO_EXPORT QDataStream& operator>>(QDataStream& s, KSSLCertificate& r);
00396
00397 KIO_EXPORT int operator==(KSSLCertificate& x, KSSLCertificate& y);
00398 KIO_EXPORT inline int operator!=(KSSLCertificate& x, KSSLCertificate& y)
00399 { return !(x == y); }
00400
00401 #endif
00402