Qt 4.8
|
The QSslCertificate class provides a convenient API for an X509 certificate. More...
#include <qsslcertificate.h>
Public Types | |
enum | SubjectInfo { Organization, CommonName, LocalityName, OrganizationalUnitName, CountryName, StateOrProvinceName } |
Describes keys that you can pass to QSslCertificate::issuerInfo() or QSslCertificate::subjectInfo() to get information about the certificate issuer or subject. More... | |
Public Functions | |
QMultiMap< QSsl::AlternateNameEntryType, QString > | alternateSubjectNames () const |
Returns the list of alternative subject names for this certificate. More... | |
void | clear () |
Clears the contents of this certificate, making it a null certificate. More... | |
QByteArray | digest (QCryptographicHash::Algorithm algorithm=QCryptographicHash::Md5) const |
Returns a cryptographic digest of this certificate. More... | |
QDateTime | effectiveDate () const |
Returns the date-time that the certificate becomes valid, or an empty QDateTime if this is a null certificate. More... | |
QDateTime | expiryDate () const |
Returns the date-time that the certificate expires, or an empty QDateTime if this is a null certificate. More... | |
Qt::HANDLE | handle () const |
Returns a pointer to the native certificate handle, if there is one, or a null pointer otherwise. More... | |
bool | isNull () const |
Returns true if this is a null certificate (i.e., a certificate with no contents); otherwise returns false. More... | |
QString | issuerInfo (SubjectInfo info) const |
Returns the issuer information for the subject from the certificate, or an empty string if there is no information for subject in the certificate. More... | |
QString | issuerInfo (const QByteArray &tag) const |
Returns the issuer information for tag from the certificate, or an empty string if there is no information for tag in the certificate. More... | |
bool | isValid () const |
Returns true if this certificate is valid; otherwise returns false. More... | |
bool | operator!= (const QSslCertificate &other) const |
Returns true if this certificate is not the same as other; otherwise returns false. More... | |
QSslCertificate & | operator= (const QSslCertificate &other) |
Copies the contents of other into this certificate, making the two certificates identical. More... | |
bool | operator== (const QSslCertificate &other) const |
Returns true if this certificate is the same as other; otherwise returns false. More... | |
QSslKey | publicKey () const |
Returns the certificate subject's public key. More... | |
QSslCertificate (QIODevice *device, QSsl::EncodingFormat format=QSsl::Pem) | |
Constructs a QSslCertificate by reading format encoded data from device and using the first certificate found. More... | |
QSslCertificate (const QByteArray &encoded=QByteArray(), QSsl::EncodingFormat format=QSsl::Pem) | |
Constructs a QSslCertificate by parsing the format encoded data and using the first available certificate found. More... | |
QSslCertificate (const QSslCertificate &other) | |
Constructs an identical copy of other. More... | |
QByteArray | serialNumber () const |
Returns the certificate's serial number string in decimal format. More... | |
QString | subjectInfo (SubjectInfo info) const |
Returns the information for the subject, or an empty string if there is no information for subject in the certificate. More... | |
QString | subjectInfo (const QByteArray &tag) const |
Returns the subject information for tag, or an empty string if there is no information for tag in the certificate. More... | |
QByteArray | toDer () const |
Returns this certificate converted to a DER (binary) encoded representation. More... | |
QByteArray | toPem () const |
Returns this certificate converted to a PEM (Base64) encoded representation. More... | |
QByteArray | version () const |
Returns the certificate's version string. More... | |
~QSslCertificate () | |
Destroys the QSslCertificate. More... | |
Static Public Functions | |
static QList< QSslCertificate > | fromData (const QByteArray &data, QSsl::EncodingFormat format=QSsl::Pem) |
Searches for and parses all certificates in data that are encoded in the specified format and returns them in a list of certificates. More... | |
static QList< QSslCertificate > | fromDevice (QIODevice *device, QSsl::EncodingFormat format=QSsl::Pem) |
Searches for and parses all certificates in device that are encoded in the specified format and returns them in a list of certificates. More... | |
static QList< QSslCertificate > | fromPath (const QString &path, QSsl::EncodingFormat format=QSsl::Pem, QRegExp::PatternSyntax syntax=QRegExp::FixedString) |
Searches all files in the path for certificates encoded in the specified format and returns them in a list. More... | |
Properties | |
QExplicitlySharedDataPointer< QSslCertificatePrivate > | d |
Friends | |
class | QSslCertificatePrivate |
class | QSslSocketBackendPrivate |
The QSslCertificate class provides a convenient API for an X509 certificate.
QSslCertificate stores an X509 certificate, and is commonly used to verify the identity and store information about the local host, a remotely connected peer, or a trusted third party Certificate Authority.
There are many ways to construct a QSslCertificate. The most common way is to call QSslSocket::peerCertificate(), which returns a QSslCertificate object, or QSslSocket::peerCertificateChain(), which returns a list of them. You can also load certificates from a DER (binary) or PEM (Base64) encoded bundle, typically stored as one or more local files, or in a Qt Resource.
You can call isNull() to check if your certificate is null. By default, QSslCertificate constructs a null certificate. To check if the certificate is valid, call isValid(). A null certificate is invalid, but an invalid certificate is not necessarily null. If you want to reset all contents in a certificate, call clear().
After loading a certificate, you can find information about the certificate, its subject, and its issuer, by calling one of the many accessor functions, including version(), serialNumber(), issuerInfo() and subjectInfo(). You can call effectiveDate() and expiryDate() to check when the certificate starts being effective and when it expires. The publicKey() function returns the certificate subject's public key as a QSslKey. You can call issuerInfo() or subjectInfo() to get detailed information about the certificate issuer and its subject.
Internally, QSslCertificate is stored as an X509 structure. You can access this handle by calling handle(), but the results are likely to not be portable.
Definition at line 70 of file qsslcertificate.h.
Describes keys that you can pass to QSslCertificate::issuerInfo() or QSslCertificate::subjectInfo() to get information about the certificate issuer or subject.
Enumerator | |
---|---|
Organization | |
CommonName | |
LocalityName | |
OrganizationalUnitName | |
CountryName | |
StateOrProvinceName |
Definition at line 73 of file qsslcertificate.h.
QSslCertificate::QSslCertificate | ( | QIODevice * | device, |
QSsl::EncodingFormat | format = QSsl::Pem |
||
) |
Constructs a QSslCertificate by reading format encoded data from device and using the first certificate found.
You can later call isNull() to see if device contained a certificate, and if this certificate was loaded successfully.
Definition at line 146 of file qsslcertificate.cpp.
QSslCertificate::QSslCertificate | ( | const QByteArray & | data = QByteArray() , |
QSsl::EncodingFormat | format = QSsl::Pem |
||
) |
Constructs a QSslCertificate by parsing the format encoded data and using the first available certificate found.
You can later call isNull() to see if data contained a certificate, and if this certificate was loaded successfully.
Definition at line 160 of file qsslcertificate.cpp.
QSslCertificate::QSslCertificate | ( | const QSslCertificate & | other | ) |
Constructs an identical copy of other.
Definition at line 170 of file qsslcertificate.cpp.
QSslCertificate::~QSslCertificate | ( | ) |
QMultiMap< QSsl::AlternateNameEntryType, QString > QSslCertificate::alternateSubjectNames | ( | ) | const |
Returns the list of alternative subject names for this certificate.
The alternate subject names typically contain host names, optionally with wildcards, that are valid for this certificate.
These names are tested against the connected peer's host name, if either the subject information for CommonName doesn't define a valid host name, or the subject info name doesn't match the peer's host name.
Definition at line 420 of file qsslcertificate.cpp.
Referenced by operator<<(), and QSslSocketBackendPrivate::startHandshake().
void QSslCertificate::clear | ( | ) |
Clears the contents of this certificate, making it a null certificate.
Definition at line 254 of file qsslcertificate.cpp.
Referenced by QSslSocketPrivate::createPlainSocket(), and QSslSocketPrivate::init().
QByteArray QSslCertificate::digest | ( | QCryptographicHash::Algorithm | algorithm = QCryptographicHash::Md5 | ) | const |
Returns a cryptographic digest of this certificate.
By default, an MD5 digest will be generated, but you can also specify a custom algorithm.
Definition at line 307 of file qsslcertificate.cpp.
Referenced by operator<<().
QDateTime QSslCertificate::effectiveDate | ( | ) | const |
Returns the date-time that the certificate becomes valid, or an empty QDateTime if this is a null certificate.
Definition at line 460 of file qsslcertificate.cpp.
Referenced by operator<<().
QDateTime QSslCertificate::expiryDate | ( | ) | const |
Returns the date-time that the certificate expires, or an empty QDateTime if this is a null certificate.
Definition at line 471 of file qsslcertificate.cpp.
Referenced by operator<<().
|
static |
Searches for and parses all certificates in data that are encoded in the specified format and returns them in a list of certificates.
Definition at line 632 of file qsslcertificate.cpp.
Referenced by fromDevice(), fromPath(), and QSslSocketPrivate::systemCaCertificates().
|
static |
Searches for and parses all certificates in device that are encoded in the specified format and returns them in a list of certificates.
Definition at line 616 of file qsslcertificate.cpp.
|
static |
Searches all files in the path for certificates encoded in the specified format and returns them in a list.
must be a file or a pattern matching one or more files, as specified by syntax.
Example:
Definition at line 558 of file qsslcertificate.cpp.
Referenced by QSslSocket::addCaCertificates(), QSslSocketPrivate::addDefaultCaCertificates(), and QSslSocketPrivate::systemCaCertificates().
Qt::HANDLE QSslCertificate::handle | ( | ) | const |
Returns a pointer to the native certificate handle, if there is one, or a null pointer otherwise.
You can use this handle, together with the native API, to access extended information about the certificate.
Definition at line 487 of file qsslcertificate.cpp.
Referenced by QSslSocketBackendPrivate::initSslContext().
bool QSslCertificate::isNull | ( | ) | const |
Returns true if this is a null certificate (i.e., a certificate with no contents); otherwise returns false.
By default, QSslCertificate constructs a null certificate.
Definition at line 224 of file qsslcertificate.cpp.
Referenced by clear(), QSslSocketBackendPrivate::initSslContext(), QSslConfiguration::isNull(), QSslSocketBackendPrivate::startHandshake(), and QSslSocketPrivate::systemCaCertificates().
QString QSslCertificate::issuerInfo | ( | SubjectInfo | subject | ) | const |
Returns the issuer information for the subject from the certificate, or an empty string if there is no information for subject in the certificate.
Definition at line 338 of file qsslcertificate.cpp.
Referenced by QSslCertificatePrivate::isBlacklisted(), operator<<(), and QSslSocketPrivate::systemCaCertificates().
QString QSslCertificate::issuerInfo | ( | const QByteArray & | tag | ) | const |
Returns the issuer information for tag from the certificate, or an empty string if there is no information for tag in the certificate.
Definition at line 356 of file qsslcertificate.cpp.
bool QSslCertificate::isValid | ( | ) | const |
Returns true if this certificate is valid; otherwise returns false.
Note: Currently, this function checks that the current data-time is within the date-time range during which the certificate is considered valid, and checks that the certificate is not in a blacklist of fraudulent certificates.
Definition at line 240 of file qsslcertificate.cpp.
Referenced by QSslSocketBackendPrivate::initSslContext().
|
inline |
Returns true if this certificate is not the same as other; otherwise returns false.
Definition at line 89 of file qsslcertificate.h.
QSslCertificate & QSslCertificate::operator= | ( | const QSslCertificate & | other | ) |
Copies the contents of other into this certificate, making the two certificates identical.
Definition at line 185 of file qsslcertificate.cpp.
bool QSslCertificate::operator== | ( | const QSslCertificate & | other | ) | const |
Returns true if this certificate is the same as other; otherwise returns false.
Definition at line 195 of file qsslcertificate.cpp.
QSslKey QSslCertificate::publicKey | ( | ) | const |
Returns the certificate subject's public key.
Definition at line 495 of file qsslcertificate.cpp.
QByteArray QSslCertificate::serialNumber | ( | ) | const |
Returns the certificate's serial number string in decimal format.
In case the serial number cannot be converted to decimal format (i.e. if it is bigger than 4294967295, which means it does not fit into 4 bytes), its hexadecimal version is returned.
Definition at line 280 of file qsslcertificate.cpp.
Referenced by QSslCertificatePrivate::isBlacklisted(), and operator<<().
QString QSslCertificate::subjectInfo | ( | SubjectInfo | subject | ) | const |
Returns the information for the subject, or an empty string if there is no information for subject in the certificate.
Definition at line 379 of file qsslcertificate.cpp.
Referenced by QSslCertificatePrivate::isBlacklisted(), operator<<(), and QSslSocketBackendPrivate::startHandshake().
QString QSslCertificate::subjectInfo | ( | const QByteArray & | tag | ) | const |
Returns the subject information for tag, or an empty string if there is no information for tag in the certificate.
Definition at line 396 of file qsslcertificate.cpp.
QByteArray QSslCertificate::toDer | ( | ) | const |
Returns this certificate converted to a DER (binary) encoded representation.
Definition at line 540 of file qsslcertificate.cpp.
Referenced by digest().
QByteArray QSslCertificate::toPem | ( | ) | const |
Returns this certificate converted to a PEM (Base64) encoded representation.
Definition at line 529 of file qsslcertificate.cpp.
QByteArray QSslCertificate::version | ( | ) | const |
Returns the certificate's version string.
Definition at line 264 of file qsslcertificate.cpp.
Referenced by operator<<().
|
friend |
Definition at line 123 of file qsslcertificate.h.
Referenced by clear().
|
friend |
Definition at line 124 of file qsslcertificate.h.
|
private |
Definition at line 122 of file qsslcertificate.h.
Referenced by alternateSubjectNames(), clear(), effectiveDate(), expiryDate(), handle(), QSslCertificatePrivate::init(), isNull(), issuerInfo(), isValid(), operator=(), operator==(), publicKey(), QSslCertificate(), QSslCertificatePrivate::QSslCertificate_from_X509(), serialNumber(), subjectInfo(), toDer(), toPem(), and version().