Mercurial > trustbridge
view ui/certificate.h @ 1402:1adf72328b75 tip
Added tag 1.0 for changeset ee807f64e21e
author | Andre Heinecke <andre.heinecke@intevation.de> |
---|---|
date | Tue, 27 Jan 2015 15:18:32 +0100 |
parents | 265583011f24 |
children |
line wrap: on
line source
/* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik * Software engineering by Intevation GmbH * * This file is Free Software under the GNU GPL (v>=2) * and comes with ABSOLUTELY NO WARRANTY! * See LICENSE.txt for details. */ #ifndef CERTIFICATE_H #define CERTIFICATE_H /** * @file certificate.h * @brief Class around native certificates. * */ #include <QByteArray> #include <QDateTime> #include <QMap> #include <QString> #ifdef Q_OS_WIN #include <windows.h> #include <wincrypt.h> #endif /** @brief Object representation of a single certificate * * This parses a PEM (base64 encoded der certificate) and * provides accessors to the parsed certificate information * together with meta information about the certificate as * it is used by the Application. */ class Certificate { public: /** * @enum Status * @brief the Status compared to the last installed list. */ enum Status { /*! Never seen this before */ InstallNew = 1, /*! Already contained in last list */ InstallOld, /*! Was an Install certificate in the last list */ RemoveNew, /*! Already removed in the last list */ RemoveOld }; /** @brief construct a certificate from a line of a certificate list. * * The first two characters of the string are expected to be * the command. I: or R: * * @param[in] b64Line The line from the certificate list. **/ Certificate(const QString& b64Line = QString()); /** @brief construct a certificate from a byte array of DER data * * @param[in] derData a der encoded certificate. **/ Certificate(const QByteArray& derData); /** @brief check if this certificate could be parsed */ bool isValid() const {return mValid;} /** @brief get a short description of the certificate * * This description should be used as a short overview * for this certificate * **/ QString shortDescription() const; /** @brief get details for the certificate * * Get a formatted details string usable for user visible * certificate details. * **/ const QString& details() const {return mDetails;} /** @brief get the line from which this certificate was constructed * * The resulting line includes the instruction e.g. * * I:BASE64ENCODEDATA... * **/ const QString& base64Line() const {return mBaseLine;} /** @brief Check if this certificate has the install instruction. * * This is shorthand for baseLine.startsWith("I:"); **/ bool isInstallCert() const {return mBaseLine.startsWith("I:");} /** @brief Set the install instruction for this certificate. * * Set the base 64 line prefix to "I:" or "R:". **/ void setInstallCert(bool install); /** @brief wether or not the certificate is editable. * * Editable means that the installation status can be changed. * E.g. You can not change the state of a removal certificate * that has been removed. * * @returns true if the certificate is editable */ bool isEditable() const {return mEditable;} /** @brief setter for the editable property. */ void setEditable(bool edit) {mEditable = edit;} /** @brief get the subject OU from the certificate */ QString subjectOU() const {return mSubjectOU;} /** @brief get the subject CN from the certificate */ QString subjectCN() const {return mSubjectCN;} /** @brief get the subject O from the certificate */ QString subjectO() const {return mSubjectO;} /** @brief get the subject SN from the certificate */ QString subjectSN() const {return mSubjectSN;} /** @brief get the date the certificate was issued */ QDateTime validFrom() const {return mValidFrom;} /** @brief get the date the certificate expires */ QDateTime validTo() const {return mValidTo;} /** @brief get the issuer CN from the certificate */ QString issuerCN() const {return mIssuerCN;} /** @brief get the issuer Organization from the certificate */ QString issuerO() const {return mIssuerO;} /** @brief get sha1 sum of the certificate */ QString fingerprint() const {return mFingerprint;} /** @brief construct certificate objects from a file * * Constructs a new Certificate Object from a file containing either * one DER encoded certificate or one or many PEM certificates. * If no certificate could be parsed from that file an empty list is * returned. * * The size restrictions for the certificate list file also apply * for this file. **/ static QList<Certificate> fromFileName (const QString& file_name); /** @brief comparator of two certificates. * * Two certificates are equal if their base64 raw data is a match * regardless of other meta information like state or wether or not * it is editable. * * @returns true if the base64 line of two certificates is equal. **/ friend inline bool operator==(const Certificate& lhs, const Certificate& rhs) { return lhs.base64Line() == rhs.base64Line(); } /** @brief Show the certificate in a native ui dialog. * * The dialog is external and handled by the OS on windows * on GNU/Linux gcr-viewer is used. * * If parentWindow is not NULL it is used as a handle to the * parent Window. Unused on GNU/Linux * * @returns true on success. false if no native dialog could be shown. */ bool showNativeUI(void *parentWindow); private: /** @brief Helper function to parse the details of a certificate **/ void parseDetails(const QByteArray& cert); bool mValid; /* bool mInstCert; */ bool mEditable; QString mSubjectOU, mSubjectCN, mSubjectO, mSubjectSN, mDetails, mBaseLine, mFingerprint, mIssuerO, mIssuerCN; QDateTime mValidFrom, mValidTo; }; #endif