view ui/certificate.h @ 1088:508c96e72f62

(issue124) Switch server URL and remove some RELEASE_BUILD options As the test server speaks ECDSA we do not need so much #ifndef RELEASE_BUILD options anymore.
author Andre Heinecke <andre.heinecke@intevation.de>
date Fri, 12 Sep 2014 15:38:42 +0200
parents da00099aef5d
children 2b3526ef2d69
line wrap: on
line source
/* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik
 * Software engineering by Intevation GmbH
 *
 * This file is Free Software under the GNU GPL (v>=2)
 * and comes with ABSOLUTELY NO WARRANTY!
 * See LICENSE.txt for details.
 */
#ifndef CERTIFICATE_H
#define CERTIFICATE_H
/**
 * @file certificate.h
 * @brief Class around native certificates.
 *
 */

#include <QByteArray>
#include <QDateTime>
#include <QMap>
#include <QString>

#ifdef Q_OS_WIN
#include <windows.h>
#include <wincrypt.h>
#endif

class Certificate
{
public:

    /** @brief the Status compared to the last installed list. */
    enum Status {
        InstallNew = 1, /* Never seen this before */
        InstallOld, /* Already contained in last list */
        RemoveNew, /* Was an Install certificate in the last list */
        RemoveOld /* Already removed in the last list */
    };

    /** @brief construct a certificate from a line of a certificate list.
     *
     * The first two characters of the string are expected to be
     * the command. I: or R:
     *
     *  @param[in] b64Line The line from the certificate list.
     **/
    Certificate(const QString& b64Line = QString());

    /** @brief construct a certificate from a byte array of DER data
     *
     *  @param[in] derData a der encoded certificate.
     **/
    Certificate(const QByteArray& derData);

    /** @brief check if this certificate could be parsed */
    bool isValid() const {return mValid;}

    /** @brief get a short description of the certificate
     *
     *  This description should be used as a short overview
     *  for this certificate
     *
     **/
    QString shortDescription() const;

    /** @brief get details for the certificate
     *
     * Get a formatted details string usable for user visible
     * certificate details.
     *
     **/
    const QString& details() const {return mDetails;}

    /** @brief get the line from which this certificate was constructed
     *
     * The resulting line includes the instruction e.g.
     *
     * I:BASE64ENCODEDATA...
     *
     **/
    const QString& base64Line() const {return mBaseLine;}

    /** @brief Check if this certificate has the install instruction.
     *
     * This is shorthand for baseLine.startsWith("I:");
     **/
    bool isInstallCert() const {return mBaseLine.startsWith("I:");}

    /** @brief Set the install instruction for this certificate.
     *
     * Set the base 64 line prefix to "I:" or "R:".
     **/
    void setInstallCert(bool install);

    bool isEditable() const {return mEditable;}

    void setEditable(bool edit) {mEditable = edit;}

    /** @brief get the subject OU from the certificate */
    QString subjectOU() const {return mSubjectOU;}

    /** @brief get the subject CN from the certificate */
    QString subjectCN() const {return mSubjectCN;}

    /** @brief get the subject O from the certificate */
    QString subjectO() const {return mSubjectO;}

    /** @brief get the subject SN from the certificate */
    QString subjectSN() const {return mSubjectSN;}

    /** @brief get the date the certificate was issued */
    QDateTime validFrom() const {return mValidFrom;}

    /** @brief get the date the certificate expires */
    QDateTime validTo() const {return mValidTo;}

    /** @brief get the issuer CN from the certificate */
    QString issuerCN() const {return mIssuerCN;}

    /** @brief get the issuer Organization from the certificate */
    QString issuerO() const {return mIssuerO;}

    /** @brief get sha1 sum of the certificate */
    QString fingerprint() const {return mFingerprint;}

    /** @brief construct certificate objects from a file
     *
     *  Constructs a new Certificate Object from a file containing either
     *  one DER encoded certificate or one or many PEM certificates.
     *  If no certificate could be parsed from that file an empty list is
     *  returned.
     *
     *  The size restrictions for the certificate list file also apply
     *  for this file.
     **/
    static QList<Certificate> fromFileName (const QString& file_name);

    friend inline bool operator==(const Certificate& lhs, const Certificate& rhs) {
        return lhs.base64Line() == rhs.base64Line();
    }
private:
    /** @brief Helper function to parse the details of a certificate **/
    void parseDetails(const QByteArray& cert);

    bool mValid;
    /* bool mInstCert; */
    bool mEditable;

    QString mSubjectOU,
            mSubjectCN,
            mSubjectO,
            mSubjectSN,
            mDetails,
            mBaseLine,
            mFingerprint,
            mIssuerO,
            mIssuerCN;

    QDateTime mValidFrom,
              mValidTo;
};
#endif

http://wald.intevation.org/projects/trustbridge/