Mercurial > trustbridge
view ui/certificate.h @ 1287:d3d66d43365f
Merged
| author | Emanuel Schuetze <emanuel@intevation.de> |
|---|---|
| date | Mon, 29 Sep 2014 13:02:41 +0200 |
| parents | 2a1aa9df8f11 |
| children | 265583011f24 |
line wrap: on
line source
/* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik * Software engineering by Intevation GmbH * * This file is Free Software under the GNU GPL (v>=2) * and comes with ABSOLUTELY NO WARRANTY! * See LICENSE.txt for details. */ #ifndef CERTIFICATE_H #define CERTIFICATE_H /** * @file certificate.h * @brief Class around native certificates. * */ #include <QByteArray> #include <QDateTime> #include <QMap> #include <QString> #ifdef Q_OS_WIN #include <windows.h> #include <wincrypt.h> #endif /** @brief Object representation of a single certificate * * This parses a PEM (base64 encoded der certificate) and * provides accessors to the parsed certificate information * together with meta information about the certificate as * it is used by the Application. */ class Certificate { public: /** * @enum Status * @brief the Status compared to the last installed list. */ enum Status { /*! Never seen this before */ InstallNew = 1, /*! Already contained in last list */ InstallOld, /*! Was an Install certificate in the last list */ RemoveNew, /*! Already removed in the last list */ RemoveOld }; /** @brief construct a certificate from a line of a certificate list. * * The first two characters of the string are expected to be * the command. I: or R: * * @param[in] b64Line The line from the certificate list. **/ Certificate(const QString& b64Line = QString()); /** @brief construct a certificate from a byte array of DER data * * @param[in] derData a der encoded certificate. **/ Certificate(const QByteArray& derData); /** @brief check if this certificate could be parsed */ bool isValid() const {return mValid;} /** @brief get a short description of the certificate * * This description should be used as a short overview * for this certificate * **/ QString shortDescription() const; /** @brief get details for the certificate * * Get a formatted details string usable for user visible * certificate details. * **/ const QString& details() const {return mDetails;} /** @brief get the line from which this certificate was constructed * * The resulting line includes the instruction e.g. * * I:BASE64ENCODEDATA... * **/ const QString& base64Line() const {return mBaseLine;} /** @brief Check if this certificate has the install instruction. * * This is shorthand for baseLine.startsWith("I:"); **/ bool isInstallCert() const {return mBaseLine.startsWith("I:");} /** @brief Set the install instruction for this certificate. * * Set the base 64 line prefix to "I:" or "R:". **/ void setInstallCert(bool install); /** @brief wether or not the certificate is editable. * * Editable means that the installation status can be changed. * E.g. You can not change the state of a removal certificate * that has been removed. * * @returns true if the certificate is editable */ bool isEditable() const {return mEditable;} /** @brief setter for the editable property. */ void setEditable(bool edit) {mEditable = edit;} /** @brief get the subject OU from the certificate */ QString subjectOU() const {return mSubjectOU;} /** @brief get the subject CN from the certificate */ QString subjectCN() const {return mSubjectCN;} /** @brief get the subject O from the certificate */ QString subjectO() const {return mSubjectO;} /** @brief get the subject SN from the certificate */ QString subjectSN() const {return mSubjectSN;} /** @brief get the date the certificate was issued */ QDateTime validFrom() const {return mValidFrom;} /** @brief get the date the certificate expires */ QDateTime validTo() const {return mValidTo;} /** @brief get the issuer CN from the certificate */ QString issuerCN() const {return mIssuerCN;} /** @brief get the issuer Organization from the certificate */ QString issuerO() const {return mIssuerO;} /** @brief get sha1 sum of the certificate */ QString fingerprint() const {return mFingerprint;} /** @brief construct certificate objects from a file * * Constructs a new Certificate Object from a file containing either * one DER encoded certificate or one or many PEM certificates. * If no certificate could be parsed from that file an empty list is * returned. * * The size restrictions for the certificate list file also apply * for this file. **/ static QList<Certificate> fromFileName (const QString& file_name); /** @brief comparator of two certificates. * * Two certificates are equal if their base64 raw data is a match * regardless of other meta information like state or wether or not * it is editable. * * @returns true if the base64 line of two certificates is equal. **/ friend inline bool operator==(const Certificate& lhs, const Certificate& rhs) { return lhs.base64Line() == rhs.base64Line(); } private: /** @brief Helper function to parse the details of a certificate **/ void parseDetails(const QByteArray& cert); bool mValid; /* bool mInstCert; */ bool mEditable; QString mSubjectOU, mSubjectCN, mSubjectO, mSubjectSN, mDetails, mBaseLine, mFingerprint, mIssuerO, mIssuerCN; QDateTime mValidFrom, mValidTo; }; #endif