api/qgsauthcertutils_8h_source.html

/***************************************************************************

    qgsauthcertutils.h

    ---------------------

    begin                : May 1, 2015

    copyright            : (C) 2015 by Boundless Spatial, Inc. USA

    author               : Larry Shaffer

    email                : lshaffer at boundlessgeo dot com

 ***************************************************************************

 *                                                                         *

 *   This program is free software; you can redistribute it and/or modify  *

 *   it under the terms of the GNU General Public License as published by  *

 *   the Free Software Foundation; either version 2 of the License, or     *

 *   (at your option) any later version.                                   *

 *                                                                         *

 ***************************************************************************/


#ifndef QGSAUTHCERTUTILS_H

#define QGSAUTHCERTUTILS_H


#include <QFile>

#include "qgis_sip.h"

#include <QtCrypto>

#include <QSslCertificate>

#include <QSslError>


#include "qgsauthconfig.h"

#include "qgis_core.h"


class QgsAuthConfigSslServer;


#define SSL_ISSUER_INFO( var, prop ) var.issuerInfo( prop ).value(0)


#define SSL_SUBJECT_INFO( var, prop ) var.subjectInfo( prop ).value(0)


class CORE_EXPORT QgsAuthCertUtils

{

  public:


    enum CaCertSource

    {

      SystemRoot = 0,

      FromFile = 1,

      InDatabase = 2,

      Connection = 3

    };


    enum CertTrustPolicy

    {

      DefaultTrust = 0,

      Trusted = 1,

      Untrusted = 2,

      NoPolicy = 3

    };


    enum CertUsageType

    {

      UndeterminedUsage = 0,

      AnyOrUnspecifiedUsage,

      CertAuthorityUsage,

      CertIssuerUsage,

      TlsServerUsage,

      TlsServerEvUsage,

      TlsClientUsage,

      CodeSigningUsage,

      EmailProtectionUsage,

      TimeStampingUsage,

      CRLSigningUsage

    };


    enum ConstraintGroup

    {

      KeyUsage = 0,

      ExtendedKeyUsage = 1

    };


    static QString getSslProtocolName( QSsl::SslProtocol protocol );


    static QMap<QString, QSslCertificate> mapDigestToCerts( const QList<QSslCertificate> &certs );


    static QMap< QString, QList<QSslCertificate> > certsGroupedByOrg( const QList<QSslCertificate> &certs ) SIP_SKIP;


    static QMap<QString, QgsAuthConfigSslServer> mapDigestToSslConfigs( const QList<QgsAuthConfigSslServer> &configs );


    static QMap< QString, QList<QgsAuthConfigSslServer> > sslConfigsGroupedByOrg( const QList<QgsAuthConfigSslServer> &configs ) SIP_SKIP;


    static QByteArray fileData( const QString &path );


    static QList<QSslCertificate> certsFromFile( const QString &certspath );


    static QList<QSslCertificate> casFromFile( const QString &certspath );


    static QSslCertificate certFromFile( const QString &certpath );


    static QList<QSslCertificate> casMerge( const QList<QSslCertificate> &bundle1,

                                            const QList<QSslCertificate> &bundle2 );


    static QSslKey keyFromFile( const QString &keypath,

                                const QString &keypass = QString(),

                                QString *algtype = nullptr );


    static QList<QSslCertificate> certsFromString( const QString &pemtext );


    static QList<QSslCertificate> casRemoveSelfSigned( const QList<QSslCertificate> &caList );


    static QStringList certKeyBundleToPem( const QString &certpath,

                                           const QString &keypath,

                                           const QString &keypass = QString(),

                                           bool reencrypt = true );


    static bool pemIsPkcs8( const QString &keyPemTxt );


#ifdef Q_OS_MAC


    static QByteArray pkcs8PrivateKey( QByteArray &pkcs8Der ) SIP_SKIP;

#endif


    static QStringList pkcs12BundleToPem( const QString &bundlepath,

                                          const QString &bundlepass = QString(),

                                          bool reencrypt = true );


    static QList<QSslCertificate> pkcs12BundleCas( const QString &bundlepath,

        const QString &bundlepass = QString() );


    static QByteArray certsToPemText( const QList<QSslCertificate> &certs );


    static QString pemTextToTempFile( const QString &name, const QByteArray &pemtext );


    static QString getCaSourceName( QgsAuthCertUtils::CaCertSource source, bool single = false );


    static QString resolvedCertName( const QSslCertificate &cert, bool issuer = false );


    static QString getCertDistinguishedName( const QSslCertificate &qcert,

        const QCA::Certificate &acert = QCA::Certificate(),

        bool issuer = false ) SIP_SKIP;


    static QString getCertTrustName( QgsAuthCertUtils::CertTrustPolicy trust );


    static QString getColonDelimited( const QString &txt );


    static QString shaHexForCert( const QSslCertificate &cert, bool formatted = false );


    static QCA::Certificate qtCertToQcaCert( const QSslCertificate &cert ) SIP_SKIP;


    static QCA::CertificateCollection qtCertsToQcaCollection( const QList<QSslCertificate> &certs ) SIP_SKIP;


    static QCA::KeyBundle qcaKeyBundle( const QString &path, const QString &pass ) SIP_SKIP;


    static QString qcaValidityMessage( QCA::Validity validity ) SIP_SKIP;


    static QString qcaSignatureAlgorithm( QCA::SignatureAlgorithm algorithm ) SIP_SKIP;


    static QString qcaKnownConstraint( QCA::ConstraintTypeKnown constraint ) SIP_SKIP;


    static QString certificateUsageTypeString( QgsAuthCertUtils::CertUsageType usagetype ) SIP_SKIP;


    static QList<QgsAuthCertUtils::CertUsageType> certificateUsageTypes( const QSslCertificate &cert );


    static bool certificateIsAuthority( const QSslCertificate &cert );


    static bool certificateIsIssuer( const QSslCertificate &cert );


    static bool certificateIsAuthorityOrIssuer( const QSslCertificate &cert );


    static bool certificateIsSslServer( const QSslCertificate &cert );


    static bool certificateIsSslClient( const QSslCertificate &cert );


    static QString sslErrorEnumString( QSslError::SslError errenum );


    static QList<QPair<QSslError::SslError, QString> > sslErrorEnumStrings() SIP_SKIP;


    static bool certIsCurrent( const QSslCertificate &cert );


    static QList<QSslError> certViabilityErrors( const QSslCertificate &cert );


    static bool certIsViable( const QSslCertificate &cert );


    static QList<QSslError> validateCertChain( const QList<QSslCertificate> &certificateChain,

        const QString &hostName = QString(),

        bool trustRootCa = false ) ;


    static QStringList validatePKIBundle( QgsPkiBundle &bundle, bool useIntermediates = true, bool trustRootCa = false );


  private:

    static void appendDirSegment_( QStringList &dirname, const QString &segment, QString value );


    static QSsl::EncodingFormat sniffEncoding( const QByteArray &payload );

};


#endif // QGSAUTHCERTUTILS_H

QgsAuthCertUtils
Utilities for working with certificates and keys.
Definition qgsauthcertutils.h:41

QgsAuthCertUtils::CertTrustPolicy
CertTrustPolicy
Type of certificate trust policy.
Definition qgsauthcertutils.h:54

QgsAuthCertUtils::ConstraintGroup
ConstraintGroup
Type of certificate key group.
Definition qgsauthcertutils.h:79

QgsAuthCertUtils::CertUsageType
CertUsageType
Type of certificate usage.
Definition qgsauthcertutils.h:63

QgsAuthCertUtils::AnyOrUnspecifiedUsage
@ AnyOrUnspecifiedUsage
Definition qgsauthcertutils.h:65

QgsAuthCertUtils::EmailProtectionUsage
@ EmailProtectionUsage
Definition qgsauthcertutils.h:72

QgsAuthCertUtils::TlsClientUsage
@ TlsClientUsage
Definition qgsauthcertutils.h:70

QgsAuthCertUtils::CodeSigningUsage
@ CodeSigningUsage
Definition qgsauthcertutils.h:71

QgsAuthCertUtils::TlsServerEvUsage
@ TlsServerEvUsage
Definition qgsauthcertutils.h:69

QgsAuthCertUtils::TlsServerUsage
@ TlsServerUsage
Definition qgsauthcertutils.h:68

QgsAuthCertUtils::TimeStampingUsage
@ TimeStampingUsage
Definition qgsauthcertutils.h:73

QgsAuthCertUtils::CertAuthorityUsage
@ CertAuthorityUsage
Definition qgsauthcertutils.h:66

QgsAuthCertUtils::CertIssuerUsage
@ CertIssuerUsage
Definition qgsauthcertutils.h:67

QgsAuthCertUtils::CaCertSource
CaCertSource
Type of CA certificate source.
Definition qgsauthcertutils.h:45

QgsAuthConfigSslServer
Configuration container for SSL server connection exceptions or overrides.
Definition qgsauthconfig.h:390

QgsPkiBundle
Storage set for PKI bundle: SSL certificate, key, optional CA cert chain.
Definition qgsauthconfig.h:208

QCA
Definition qgsauthmanager.h:49

algorithm
As part of the API refactoring and improvements which landed in the Processing API was substantially reworked from the x version This was done in order to allow much of the underlying Processing framework to be ported into allowing algorithms to be written in pure substantial changes are required in order to port existing x Processing algorithms for QGIS x The most significant changes are outlined not GeoAlgorithm For algorithms which operate on features one by consider subclassing the QgsProcessingFeatureBasedAlgorithm class This class allows much of the boilerplate code for looping over features from a vector layer to be bypassed and instead requires implementation of a processFeature method Ensure that your algorithm(or algorithm 's parent class) implements the new pure virtual createInstance(self) call

qgis_sip.h

SIP_SKIP
#define SIP_SKIP
Definition qgis_sip.h:134

qgsauthconfig.h

segment
QLineF segment(int index, QRectF rect, double radius)
Definition qgsshapegenerator.cpp:25