view ui/certificate.h @ 1316:ff9cd05e861e

(issue166) Fix certificiate removal The index that should be removed came from the filter proxy model and did not map to the real index. This was broken.
author Andre Heinecke <andre.heinecke@intevation.de>
date Mon, 13 Oct 2014 17:23:35 +0200
parents 265583011f24
children
line wrap: on
line source
/* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik
 * Software engineering by Intevation GmbH
 *
 * This file is Free Software under the GNU GPL (v>=2)
 * and comes with ABSOLUTELY NO WARRANTY!
 * See LICENSE.txt for details.
 */
#ifndef CERTIFICATE_H
#define CERTIFICATE_H
/**
 * @file certificate.h
 * @brief Class around native certificates.
 *
 */

#include <QByteArray>
#include <QDateTime>
#include <QMap>
#include <QString>

#ifdef Q_OS_WIN
#include <windows.h>
#include <wincrypt.h>
#endif

/** @brief Object representation of a single certificate
  *
  * This parses a PEM (base64 encoded der certificate) and
  * provides accessors to the parsed certificate information
  * together with meta information about the certificate as
  * it is used by the Application.
  */
class Certificate
{
public:

    /**
     * @enum Status
     * @brief the Status compared to the last installed list. */
    enum Status {
        /*! Never seen this before */ InstallNew = 1,
        /*! Already contained in last list */ InstallOld,
        /*! Was an Install certificate in the last list */ RemoveNew,
        /*! Already removed in the last list */ RemoveOld
    };

    /** @brief construct a certificate from a line of a certificate list.
     *
     * The first two characters of the string are expected to be
     * the command. I: or R:
     *
     *  @param[in] b64Line The line from the certificate list.
     **/
    Certificate(const QString& b64Line = QString());

    /** @brief construct a certificate from a byte array of DER data
     *
     *  @param[in] derData a der encoded certificate.
     **/
    Certificate(const QByteArray& derData);

    /** @brief check if this certificate could be parsed */
    bool isValid() const {return mValid;}

    /** @brief get a short description of the certificate
     *
     *  This description should be used as a short overview
     *  for this certificate
     *
     **/
    QString shortDescription() const;

    /** @brief get details for the certificate
     *
     * Get a formatted details string usable for user visible
     * certificate details.
     *
     **/
    const QString& details() const {return mDetails;}

    /** @brief get the line from which this certificate was constructed
     *
     * The resulting line includes the instruction e.g.
     *
     * I:BASE64ENCODEDATA...
     *
     **/
    const QString& base64Line() const {return mBaseLine;}

    /** @brief Check if this certificate has the install instruction.
     *
     * This is shorthand for baseLine.startsWith("I:");
     **/
    bool isInstallCert() const {return mBaseLine.startsWith("I:");}

    /** @brief Set the install instruction for this certificate.
     *
     * Set the base 64 line prefix to "I:" or "R:".
     **/
    void setInstallCert(bool install);

    /** @brief wether or not the certificate is editable.
     *
     * Editable means that the installation status can be changed.
     * E.g. You can not change the state of a removal certificate
     * that has been removed.
     *
     * @returns true if the certificate is editable */
    bool isEditable() const {return mEditable;}

    /** @brief setter for the editable property. */
    void setEditable(bool edit) {mEditable = edit;}

    /** @brief get the subject OU from the certificate */
    QString subjectOU() const {return mSubjectOU;}

    /** @brief get the subject CN from the certificate */
    QString subjectCN() const {return mSubjectCN;}

    /** @brief get the subject O from the certificate */
    QString subjectO() const {return mSubjectO;}

    /** @brief get the subject SN from the certificate */
    QString subjectSN() const {return mSubjectSN;}

    /** @brief get the date the certificate was issued */
    QDateTime validFrom() const {return mValidFrom;}

    /** @brief get the date the certificate expires */
    QDateTime validTo() const {return mValidTo;}

    /** @brief get the issuer CN from the certificate */
    QString issuerCN() const {return mIssuerCN;}

    /** @brief get the issuer Organization from the certificate */
    QString issuerO() const {return mIssuerO;}

    /** @brief get sha1 sum of the certificate */
    QString fingerprint() const {return mFingerprint;}

    /** @brief construct certificate objects from a file
     *
     *  Constructs a new Certificate Object from a file containing either
     *  one DER encoded certificate or one or many PEM certificates.
     *  If no certificate could be parsed from that file an empty list is
     *  returned.
     *
     *  The size restrictions for the certificate list file also apply
     *  for this file.
     **/
    static QList<Certificate> fromFileName (const QString& file_name);

    /** @brief comparator of two certificates.
     *
     * Two certificates are equal if their base64 raw data is a match
     * regardless of other meta information like state or wether or not
     * it is editable.
     *
     * @returns true if the base64 line of two certificates is equal. 
     **/
    friend inline bool operator==(const Certificate& lhs, const Certificate& rhs) {
        return lhs.base64Line() == rhs.base64Line();
    }

    /** @brief Show the certificate in a native ui dialog.
     *
     * The dialog is external and handled by the OS on windows
     * on GNU/Linux gcr-viewer is used.
     *
     * If parentWindow is not NULL it is used as a handle to the
     * parent Window. Unused on GNU/Linux
     *
     * @returns true on success. false if no native dialog could be shown.
     */
     bool showNativeUI(void *parentWindow);

private:
    /** @brief Helper function to parse the details of a certificate **/
    void parseDetails(const QByteArray& cert);

    bool mValid;
    /* bool mInstCert; */
    bool mEditable;

    QString mSubjectOU,
            mSubjectCN,
            mSubjectO,
            mSubjectSN,
            mDetails,
            mBaseLine,
            mFingerprint,
            mIssuerO,
            mIssuerCN;

    QDateTime mValidFrom,
              mValidTo;
};
#endif

http://wald.intevation.org/projects/trustbridge/