00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022 #ifndef _KSSLCERTIFICATE_H
00023 #define _KSSLCERTIFICATE_H
00024
00025
00026
00027
00028
00029
00030
00031
00032
00033
00034
00035
00036
00037
00038
00039 class QByteArray;
00040 class QString;
00041 class QStringList;
00042 class KSSL;
00043 class KSSLCertificatePrivate;
00044 class QDateTime;
00045 class KSSLCertChain;
00046 class KSSLX509V3;
00047
00048 #include <kio/kio_export.h>
00049 #include <ksslconfig.h>
00050
00051 #include <QtCore/QList>
00052
00053 #ifdef KSSL_HAVE_SSL
00054 typedef struct x509_st X509;
00055 #else
00056 #if !defined(QT_NO_OPENSSL)
00057 #include <QtNetwork/QSslCertificate>
00058 #else
00059 class X509;
00060 #endif
00061 #endif
00062
00074 class KIO_EXPORT KSSLCertificate
00075 {
00076 friend class KSSL;
00077 friend class KSSLCertificateHome;
00078 friend class KSSLCertificateFactory;
00079 friend class KSSLCertificateCache;
00080 friend class KSSLCertChain;
00081 friend class KSSLPeerInfo;
00082 friend class KSSLD;
00083 friend class KSMIMECryptoPrivate;
00084
00085
00086 public:
00090 ~KSSLCertificate();
00091
00097 static KSSLCertificate *fromString(const QByteArray &cert);
00098
00106 static KSSLCertificate *fromX509(X509 *x5);
00107
00108
00109
00110
00111
00112
00119 enum KSSLValidation { Unknown, Ok, NoCARoot, InvalidPurpose,
00120 PathLengthExceeded, InvalidCA, Expired,
00121 SelfSigned, ErrorReadingRoot, NoSSL,
00122 Revoked, Untrusted, SignatureFailed,
00123 Rejected, PrivateKeyFailed, InvalidHost,
00124 Irrelevant, SelfSignedChain,
00125 GetIssuerCertFailed, DecodeIssuerPublicKeyFailed,
00126 GetIssuerCertLocallyFailed,
00127 CertificateNotYetValid, CertificateHasExpired,
00128 CRLNotYetValid, CRLHasExpired,
00129 CertificateFieldNotBeforeErroneous,
00130 CertificateFieldNotAfterErroneous,
00131 CRLFieldLastUpdateErroneous,
00132 CRLFieldNextUpdateErroneous,
00133 CertificateRevoked,
00134 CertificateUntrusted, VerifyLeafSignatureFailed,
00135 CertificateSignatureFailed, CRLSignatureFailed,
00136 DecryptCertificateSignatureFailed,
00137 DecryptCRLSignatureFailed, CertificateRejected,
00138 SelfSignedInChain, ApplicationVerificationFailed,
00139 AuthAndSubjectKeyIDAndNameMismatched,
00140 AuthAndSubjectKeyIDMismatched, OutOfMemory,
00141 GetCRLFailed, CertificateChainTooLong,
00142 KeyMayNotSignCertificate,
00143 IssuerSubjectMismatched
00144 };
00145
00146 enum KSSLPurpose { None=0, SSLServer=1, SSLClient=2,
00147 SMIMESign=3, SMIMEEncrypt=4, Any=5 };
00148
00149 typedef QList<KSSLValidation> KSSLValidationList;
00150
00155 QString toString();
00156
00161 QString getSubject() const;
00162
00167 QString getIssuer() const;
00168
00173 QString getNotBefore() const;
00174
00179 QString getNotAfter() const;
00180
00185 QDateTime getQDTNotBefore() const;
00186
00191 QDateTime getQDTNotAfter() const;
00192
00197 QByteArray toDer();
00198
00203 QByteArray toPem();
00204
00209 QByteArray toNetscape();
00210
00215 QString toText();
00216
00221 QString getSerialNumber() const;
00222
00227 QString getKeyType() const;
00228
00233 QString getPublicKeyText() const;
00234
00240 QString getMD5DigestText() const;
00241
00246 QString getMD5Digest() const;
00247
00252 QString getSignatureText() const;
00253
00258 bool isValid();
00259
00265 bool isValid(KSSLPurpose p);
00266
00271 QStringList subjAltNames() const;
00272
00277 KSSLValidation validate();
00278
00284 KSSLValidation validate(KSSLPurpose p);
00285
00291 KSSLValidationList validateVerbose(KSSLPurpose p);
00292
00300 KSSLValidationList validateVerbose(KSSLPurpose p, KSSLCertificate *ca);
00301
00306 KSSLValidation revalidate();
00307
00313 KSSLValidation revalidate(KSSLPurpose p);
00314
00319 KSSLCertChain& chain();
00320
00326 static QString verifyText(KSSLValidation x);
00327
00332 KSSLCertificate *replicate();
00333
00338 KSSLCertificate(const KSSLCertificate& x);
00339
00345 bool setCert(const QString& cert);
00346
00352 KSSLX509V3& x509V3Extensions();
00353
00358 bool isSigner();
00359
00363 void getEmails(QStringList& to) const;
00364
00370 QString getKDEKey() const;
00371
00375 static QString getMD5DigestFromKDEKey(const QString& k);
00376
00377 private:
00378 KIO_EXPORT friend int operator!=(KSSLCertificate& x, KSSLCertificate& y);
00379 KIO_EXPORT friend int operator==(KSSLCertificate& x, KSSLCertificate& y);
00380
00381 KSSLCertificatePrivate *d;
00382 int purposeToOpenSSL(KSSLPurpose p) const;
00383
00384 protected:
00385 KSSLCertificate();
00386
00387 void setCert(X509 *c);
00388 void setChain(void *c);
00389 X509 *getCert();
00390 KSSLValidation processError(int ec);
00391 };
00392
00393 KIO_EXPORT QDataStream& operator<<(QDataStream& s, const KSSLCertificate& r);
00394 KIO_EXPORT QDataStream& operator>>(QDataStream& s, KSSLCertificate& r);
00395
00396 KIO_EXPORT int operator==(KSSLCertificate& x, KSSLCertificate& y);
00397 KIO_EXPORT inline int operator!=(KSSLCertificate& x, KSSLCertificate& y)
00398 { return !(x == y); }
00399
00400 #endif
00401