annotate ui/certificate.h @ 379:2ddc685cba33

Make the fingerprint uppercase
author Andre Heinecke <andre.heinecke@intevation.de>
date Tue, 15 Apr 2014 12:39:27 +0200
parents 31079bd54036
children 1220b741cd51
rev   line source
21
dc1e1e9e62ce Add certificate class and use it
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
1 #ifndef CERTIFICATE_H
dc1e1e9e62ce Add certificate class and use it
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
2 #define CERTIFICATE_H
dc1e1e9e62ce Add certificate class and use it
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
3 /**
dc1e1e9e62ce Add certificate class and use it
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
4 * @file certificate.h
dc1e1e9e62ce Add certificate class and use it
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
5 * @brief Class around native certificates.
dc1e1e9e62ce Add certificate class and use it
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
6 *
dc1e1e9e62ce Add certificate class and use it
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
7 */
dc1e1e9e62ce Add certificate class and use it
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
8
dc1e1e9e62ce Add certificate class and use it
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
9 #include <QByteArray>
338
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 265
diff changeset
10 #include <QDateTime>
186
2551ad24d3c2 Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents: 94
diff changeset
11 #include <QMap>
21
dc1e1e9e62ce Add certificate class and use it
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
12 #include <QString>
dc1e1e9e62ce Add certificate class and use it
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
13
dc1e1e9e62ce Add certificate class and use it
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
14 #ifdef Q_OS_WIN
dc1e1e9e62ce Add certificate class and use it
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
15 #include <windows.h>
dc1e1e9e62ce Add certificate class and use it
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
16 #include <wincrypt.h>
dc1e1e9e62ce Add certificate class and use it
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
17 #endif
dc1e1e9e62ce Add certificate class and use it
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
18
dc1e1e9e62ce Add certificate class and use it
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
19 class Certificate
dc1e1e9e62ce Add certificate class and use it
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
20 {
dc1e1e9e62ce Add certificate class and use it
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
21 public:
94
f1ebab8639dc Do not save the x509 cert as a member variable
Andre Heinecke <aheinecke@intevation.de>
parents: 83
diff changeset
22
374
4836537f87da Document certificate status values
Andre Heinecke <andre.heinecke@intevation.de>
parents: 357
diff changeset
23 /** @brief the Status compared to the last installed list. */
265
ffd47b045d19 Added certificate status enum and register it as metatype.
Raimund Renkert <rrenkert@intevation.de>
parents: 248
diff changeset
24 enum Status {
374
4836537f87da Document certificate status values
Andre Heinecke <andre.heinecke@intevation.de>
parents: 357
diff changeset
25 InstallNew = 1, /* Never seen this before */
4836537f87da Document certificate status values
Andre Heinecke <andre.heinecke@intevation.de>
parents: 357
diff changeset
26 InstallOld, /* Already contained in last list */
4836537f87da Document certificate status values
Andre Heinecke <andre.heinecke@intevation.de>
parents: 357
diff changeset
27 RemoveNew, /* Was an Install certificate in the last list */
4836537f87da Document certificate status values
Andre Heinecke <andre.heinecke@intevation.de>
parents: 357
diff changeset
28 RemoveOld /* Already removed in the last list */
265
ffd47b045d19 Added certificate status enum and register it as metatype.
Raimund Renkert <rrenkert@intevation.de>
parents: 248
diff changeset
29 };
ffd47b045d19 Added certificate status enum and register it as metatype.
Raimund Renkert <rrenkert@intevation.de>
parents: 248
diff changeset
30
83
ba8a548ff252 Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents: 82
diff changeset
31 /** @brief construct a certificate from a line of a certificate list.
ba8a548ff252 Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents: 82
diff changeset
32 *
ba8a548ff252 Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents: 82
diff changeset
33 * The first two characters of the string are expected to be
ba8a548ff252 Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents: 82
diff changeset
34 * the command. I: or R:
ba8a548ff252 Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents: 82
diff changeset
35 *
ba8a548ff252 Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents: 82
diff changeset
36 * @param[in] b64Line The line from the certificate list.
21
dc1e1e9e62ce Add certificate class and use it
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
37 **/
94
f1ebab8639dc Do not save the x509 cert as a member variable
Andre Heinecke <aheinecke@intevation.de>
parents: 83
diff changeset
38 Certificate(const QString& b64Line = QString());
21
dc1e1e9e62ce Add certificate class and use it
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
39
349
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 341
diff changeset
40 /** @brief construct a certificate from a byte array of DER data
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 341
diff changeset
41 *
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 341
diff changeset
42 * @param[in] derData a der encoded certificate.
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 341
diff changeset
43 **/
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 341
diff changeset
44 Certificate(const QByteArray& derData);
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 341
diff changeset
45
21
dc1e1e9e62ce Add certificate class and use it
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
46 /** @brief check if this certificate could be parsed */
78
2f5db8c70bc2 Constify
Andre Heinecke <aheinecke@intevation.de>
parents: 21
diff changeset
47 bool isValid() const {return mValid;}
21
dc1e1e9e62ce Add certificate class and use it
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
48
dc1e1e9e62ce Add certificate class and use it
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
49 /** @brief get a short description of the certificate
dc1e1e9e62ce Add certificate class and use it
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
50 *
dc1e1e9e62ce Add certificate class and use it
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
51 * This description should be used as a short overview
dc1e1e9e62ce Add certificate class and use it
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
52 * for this certificate
dc1e1e9e62ce Add certificate class and use it
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
53 *
dc1e1e9e62ce Add certificate class and use it
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
54 **/
186
2551ad24d3c2 Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents: 94
diff changeset
55 QString shortDescription() const;
83
ba8a548ff252 Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents: 82
diff changeset
56
ba8a548ff252 Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents: 82
diff changeset
57 /** @brief get details for the certificate
ba8a548ff252 Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents: 82
diff changeset
58 *
338
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 265
diff changeset
59 * Get a formatted details string usable for user visible
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 265
diff changeset
60 * certificate details.
83
ba8a548ff252 Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents: 82
diff changeset
61 *
ba8a548ff252 Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents: 82
diff changeset
62 **/
ba8a548ff252 Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents: 82
diff changeset
63 const QString& details() const {return mDetails;}
ba8a548ff252 Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents: 82
diff changeset
64
ba8a548ff252 Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents: 82
diff changeset
65 /** @brief get the line from which this certificate was constructed
ba8a548ff252 Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents: 82
diff changeset
66 *
ba8a548ff252 Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents: 82
diff changeset
67 * The resulting line includes the instruction e.g.
ba8a548ff252 Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents: 82
diff changeset
68 *
ba8a548ff252 Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents: 82
diff changeset
69 * I:BASE64ENCODEDATA...
ba8a548ff252 Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents: 82
diff changeset
70 *
ba8a548ff252 Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents: 82
diff changeset
71 **/
ba8a548ff252 Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents: 82
diff changeset
72 const QString& base64Line() const {return mBaseLine;}
21
dc1e1e9e62ce Add certificate class and use it
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
73
248
9f0865dc8b14 Add accessor to check if the certificate should be installed
Andre Heinecke <aheinecke@intevation.de>
parents: 186
diff changeset
74 /** @brief Check if this certificate has the install instruction.
9f0865dc8b14 Add accessor to check if the certificate should be installed
Andre Heinecke <aheinecke@intevation.de>
parents: 186
diff changeset
75 *
9f0865dc8b14 Add accessor to check if the certificate should be installed
Andre Heinecke <aheinecke@intevation.de>
parents: 186
diff changeset
76 * This is shorthand for baseLine.startsWith("I:");
9f0865dc8b14 Add accessor to check if the certificate should be installed
Andre Heinecke <aheinecke@intevation.de>
parents: 186
diff changeset
77 **/
9f0865dc8b14 Add accessor to check if the certificate should be installed
Andre Heinecke <aheinecke@intevation.de>
parents: 186
diff changeset
78 bool isInstallCert() const {return mBaseLine.startsWith("I:");}
9f0865dc8b14 Add accessor to check if the certificate should be installed
Andre Heinecke <aheinecke@intevation.de>
parents: 186
diff changeset
79
352
b0a274f4f9e2 Added setter to certificate to change the install/remove state.
Raimund Renkert <rrenkert@intevation.de>
parents: 341
diff changeset
80 /** @brief Set the install instruction for this certificate.
b0a274f4f9e2 Added setter to certificate to change the install/remove state.
Raimund Renkert <rrenkert@intevation.de>
parents: 341
diff changeset
81 *
b0a274f4f9e2 Added setter to certificate to change the install/remove state.
Raimund Renkert <rrenkert@intevation.de>
parents: 341
diff changeset
82 * Set the base 64 line prefix to "I:" or "R:".
b0a274f4f9e2 Added setter to certificate to change the install/remove state.
Raimund Renkert <rrenkert@intevation.de>
parents: 341
diff changeset
83 **/
b0a274f4f9e2 Added setter to certificate to change the install/remove state.
Raimund Renkert <rrenkert@intevation.de>
parents: 341
diff changeset
84 void setInstallCert(bool install);
b0a274f4f9e2 Added setter to certificate to change the install/remove state.
Raimund Renkert <rrenkert@intevation.de>
parents: 341
diff changeset
85
357
d56f952ba817 Added member variable for edit state of a certificate.
Raimund Renkert <rrenkert@intevation.de>
parents: 355
diff changeset
86 /** @brief Check if this certificate is editable. */
d56f952ba817 Added member variable for edit state of a certificate.
Raimund Renkert <rrenkert@intevation.de>
parents: 355
diff changeset
87 bool isEditable() const {return mEditable;}
d56f952ba817 Added member variable for edit state of a certificate.
Raimund Renkert <rrenkert@intevation.de>
parents: 355
diff changeset
88
d56f952ba817 Added member variable for edit state of a certificate.
Raimund Renkert <rrenkert@intevation.de>
parents: 355
diff changeset
89 /** @brief Set the edit state for this certificate. */
d56f952ba817 Added member variable for edit state of a certificate.
Raimund Renkert <rrenkert@intevation.de>
parents: 355
diff changeset
90 void setEditable(bool edit) {mEditable = edit;}
d56f952ba817 Added member variable for edit state of a certificate.
Raimund Renkert <rrenkert@intevation.de>
parents: 355
diff changeset
91
341
36c68dfb821d Added accessors for certificate details.
Raimund Renkert <rrenkert@intevation.de>
parents: 338
diff changeset
92 /** @brief get the subject OU from the certificate */
36c68dfb821d Added accessors for certificate details.
Raimund Renkert <rrenkert@intevation.de>
parents: 338
diff changeset
93 QString subjectOU() const {return mSubjectOU;}
36c68dfb821d Added accessors for certificate details.
Raimund Renkert <rrenkert@intevation.de>
parents: 338
diff changeset
94
36c68dfb821d Added accessors for certificate details.
Raimund Renkert <rrenkert@intevation.de>
parents: 338
diff changeset
95 /** @brief get the subject CN from the certificate */
36c68dfb821d Added accessors for certificate details.
Raimund Renkert <rrenkert@intevation.de>
parents: 338
diff changeset
96 QString subjectCN() const {return mSubjectCN;}
36c68dfb821d Added accessors for certificate details.
Raimund Renkert <rrenkert@intevation.de>
parents: 338
diff changeset
97
36c68dfb821d Added accessors for certificate details.
Raimund Renkert <rrenkert@intevation.de>
parents: 338
diff changeset
98 /** @brief get the subject O from the certificate */
36c68dfb821d Added accessors for certificate details.
Raimund Renkert <rrenkert@intevation.de>
parents: 338
diff changeset
99 QString subjectO() const {return mSubjectO;}
36c68dfb821d Added accessors for certificate details.
Raimund Renkert <rrenkert@intevation.de>
parents: 338
diff changeset
100
36c68dfb821d Added accessors for certificate details.
Raimund Renkert <rrenkert@intevation.de>
parents: 338
diff changeset
101 /** @brief get the subject SN from the certificate */
36c68dfb821d Added accessors for certificate details.
Raimund Renkert <rrenkert@intevation.de>
parents: 338
diff changeset
102 QString subjectSN() const {return mSubjectSN;}
36c68dfb821d Added accessors for certificate details.
Raimund Renkert <rrenkert@intevation.de>
parents: 338
diff changeset
103
36c68dfb821d Added accessors for certificate details.
Raimund Renkert <rrenkert@intevation.de>
parents: 338
diff changeset
104 /** @brief get the date the certificate was issued */
36c68dfb821d Added accessors for certificate details.
Raimund Renkert <rrenkert@intevation.de>
parents: 338
diff changeset
105 QDateTime validFrom() const {return mValidFrom;}
36c68dfb821d Added accessors for certificate details.
Raimund Renkert <rrenkert@intevation.de>
parents: 338
diff changeset
106
36c68dfb821d Added accessors for certificate details.
Raimund Renkert <rrenkert@intevation.de>
parents: 338
diff changeset
107 /** @brief get the date the certificate expires */
36c68dfb821d Added accessors for certificate details.
Raimund Renkert <rrenkert@intevation.de>
parents: 338
diff changeset
108 QDateTime validTo() const {return mValidTo;}
36c68dfb821d Added accessors for certificate details.
Raimund Renkert <rrenkert@intevation.de>
parents: 338
diff changeset
109
378
31079bd54036 Add fingerprint to certificate
Andre Heinecke <andre.heinecke@intevation.de>
parents: 374
diff changeset
110 /** @brief get sha1 sum of the certificate */
31079bd54036 Add fingerprint to certificate
Andre Heinecke <andre.heinecke@intevation.de>
parents: 374
diff changeset
111 QString fingerprint() const {return mFingerprint;}
31079bd54036 Add fingerprint to certificate
Andre Heinecke <andre.heinecke@intevation.de>
parents: 374
diff changeset
112
349
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 341
diff changeset
113 /** @brief construct certificate objects from a file
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 341
diff changeset
114 *
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 341
diff changeset
115 * Constructs a new Certificate Object from a file containing either
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 341
diff changeset
116 * one DER encoded certificate or one or many PEM certificates.
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 341
diff changeset
117 * If no certificate could be parsed from that file an empty list is
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 341
diff changeset
118 * returned.
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 341
diff changeset
119 *
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 341
diff changeset
120 * The size restrictions for the certificate list file also apply
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 341
diff changeset
121 * for this file.
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 341
diff changeset
122 **/
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 341
diff changeset
123 static QList<Certificate> fromFileName (const QString& file_name);
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 341
diff changeset
124
21
dc1e1e9e62ce Add certificate class and use it
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
125 private:
338
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 265
diff changeset
126 /** @brief Helper function to parse the details of a certificate **/
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 265
diff changeset
127 void parseDetails(const QByteArray& cert);
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 265
diff changeset
128
21
dc1e1e9e62ce Add certificate class and use it
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
129 bool mValid;
248
9f0865dc8b14 Add accessor to check if the certificate should be installed
Andre Heinecke <aheinecke@intevation.de>
parents: 186
diff changeset
130 bool mInstCert;
357
d56f952ba817 Added member variable for edit state of a certificate.
Raimund Renkert <rrenkert@intevation.de>
parents: 355
diff changeset
131 bool mEditable;
83
ba8a548ff252 Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents: 82
diff changeset
132
338
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 265
diff changeset
133 QString mSubjectOU,
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 265
diff changeset
134 mSubjectCN,
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 265
diff changeset
135 mSubjectO,
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 265
diff changeset
136 mSubjectSN,
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 265
diff changeset
137 mDetails,
378
31079bd54036 Add fingerprint to certificate
Andre Heinecke <andre.heinecke@intevation.de>
parents: 374
diff changeset
138 mBaseLine,
31079bd54036 Add fingerprint to certificate
Andre Heinecke <andre.heinecke@intevation.de>
parents: 374
diff changeset
139 mFingerprint;
338
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 265
diff changeset
140
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 265
diff changeset
141 QDateTime mValidFrom,
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 265
diff changeset
142 mValidTo;
21
dc1e1e9e62ce Add certificate class and use it
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
143 };
dc1e1e9e62ce Add certificate class and use it
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
144 #endif

http://wald.intevation.org/projects/trustbridge/