Qt 4.8
Public Types | Public Functions | Static Public Functions | Properties | Friends | List of all members
QSslCertificate Class Reference

The QSslCertificate class provides a convenient API for an X509 certificate. More...

#include <qsslcertificate.h>

Public Types

enum  SubjectInfo {
  Organization, CommonName, LocalityName, OrganizationalUnitName,
  CountryName, StateOrProvinceName
}
 Describes keys that you can pass to QSslCertificate::issuerInfo() or QSslCertificate::subjectInfo() to get information about the certificate issuer or subject. More...
 

Public Functions

QMultiMap< QSsl::AlternateNameEntryType, QStringalternateSubjectNames () const
 Returns the list of alternative subject names for this certificate. More...
 
void clear ()
 Clears the contents of this certificate, making it a null certificate. More...
 
QByteArray digest (QCryptographicHash::Algorithm algorithm=QCryptographicHash::Md5) const
 Returns a cryptographic digest of this certificate. More...
 
QDateTime effectiveDate () const
 Returns the date-time that the certificate becomes valid, or an empty QDateTime if this is a null certificate. More...
 
QDateTime expiryDate () const
 Returns the date-time that the certificate expires, or an empty QDateTime if this is a null certificate. More...
 
Qt::HANDLE handle () const
 Returns a pointer to the native certificate handle, if there is one, or a null pointer otherwise. More...
 
bool isNull () const
 Returns true if this is a null certificate (i.e., a certificate with no contents); otherwise returns false. More...
 
QString issuerInfo (SubjectInfo info) const
 Returns the issuer information for the subject from the certificate, or an empty string if there is no information for subject in the certificate. More...
 
QString issuerInfo (const QByteArray &tag) const
 Returns the issuer information for tag from the certificate, or an empty string if there is no information for tag in the certificate. More...
 
bool isValid () const
 Returns true if this certificate is valid; otherwise returns false. More...
 
bool operator!= (const QSslCertificate &other) const
 Returns true if this certificate is not the same as other; otherwise returns false. More...
 
QSslCertificateoperator= (const QSslCertificate &other)
 Copies the contents of other into this certificate, making the two certificates identical. More...
 
bool operator== (const QSslCertificate &other) const
 Returns true if this certificate is the same as other; otherwise returns false. More...
 
QSslKey publicKey () const
 Returns the certificate subject's public key. More...
 
 QSslCertificate (QIODevice *device, QSsl::EncodingFormat format=QSsl::Pem)
 Constructs a QSslCertificate by reading format encoded data from device and using the first certificate found. More...
 
 QSslCertificate (const QByteArray &encoded=QByteArray(), QSsl::EncodingFormat format=QSsl::Pem)
 Constructs a QSslCertificate by parsing the format encoded data and using the first available certificate found. More...
 
 QSslCertificate (const QSslCertificate &other)
 Constructs an identical copy of other. More...
 
QByteArray serialNumber () const
 Returns the certificate's serial number string in decimal format. More...
 
QString subjectInfo (SubjectInfo info) const
 Returns the information for the subject, or an empty string if there is no information for subject in the certificate. More...
 
QString subjectInfo (const QByteArray &tag) const
 Returns the subject information for tag, or an empty string if there is no information for tag in the certificate. More...
 
QByteArray toDer () const
 Returns this certificate converted to a DER (binary) encoded representation. More...
 
QByteArray toPem () const
 Returns this certificate converted to a PEM (Base64) encoded representation. More...
 
QByteArray version () const
 Returns the certificate's version string. More...
 
 ~QSslCertificate ()
 Destroys the QSslCertificate. More...
 

Static Public Functions

static QList< QSslCertificatefromData (const QByteArray &data, QSsl::EncodingFormat format=QSsl::Pem)
 Searches for and parses all certificates in data that are encoded in the specified format and returns them in a list of certificates. More...
 
static QList< QSslCertificatefromDevice (QIODevice *device, QSsl::EncodingFormat format=QSsl::Pem)
 Searches for and parses all certificates in device that are encoded in the specified format and returns them in a list of certificates. More...
 
static QList< QSslCertificatefromPath (const QString &path, QSsl::EncodingFormat format=QSsl::Pem, QRegExp::PatternSyntax syntax=QRegExp::FixedString)
 Searches all files in the path for certificates encoded in the specified format and returns them in a list. More...
 

Properties

QExplicitlySharedDataPointer< QSslCertificatePrivated
 

Friends

class QSslCertificatePrivate
 
class QSslSocketBackendPrivate
 

Detailed Description

The QSslCertificate class provides a convenient API for an X509 certificate.

Since
4.3
Note
This class or function is reentrant.
Attention
Module: QtNetwork

QSslCertificate stores an X509 certificate, and is commonly used to verify the identity and store information about the local host, a remotely connected peer, or a trusted third party Certificate Authority.

There are many ways to construct a QSslCertificate. The most common way is to call QSslSocket::peerCertificate(), which returns a QSslCertificate object, or QSslSocket::peerCertificateChain(), which returns a list of them. You can also load certificates from a DER (binary) or PEM (Base64) encoded bundle, typically stored as one or more local files, or in a Qt Resource.

You can call isNull() to check if your certificate is null. By default, QSslCertificate constructs a null certificate. To check if the certificate is valid, call isValid(). A null certificate is invalid, but an invalid certificate is not necessarily null. If you want to reset all contents in a certificate, call clear().

After loading a certificate, you can find information about the certificate, its subject, and its issuer, by calling one of the many accessor functions, including version(), serialNumber(), issuerInfo() and subjectInfo(). You can call effectiveDate() and expiryDate() to check when the certificate starts being effective and when it expires. The publicKey() function returns the certificate subject's public key as a QSslKey. You can call issuerInfo() or subjectInfo() to get detailed information about the certificate issuer and its subject.

Internally, QSslCertificate is stored as an X509 structure. You can access this handle by calling handle(), but the results are likely to not be portable.

See also
QSslSocket, QSslKey, QSslCipher, QSslError

Definition at line 70 of file qsslcertificate.h.

Enumerations

◆ SubjectInfo

Describes keys that you can pass to QSslCertificate::issuerInfo() or QSslCertificate::subjectInfo() to get information about the certificate issuer or subject.

  • Organization "O" The name of the organization.
  • CommonName "CN" The common name; most often this is used to store the host name.
  • LocalityName "L" The locality.
  • OrganizationalUnitName "OU" The organizational unit name.
  • CountryName "C" The country.
  • StateOrProvinceName "ST" The state or province.
Enumerator
Organization 
CommonName 
LocalityName 
OrganizationalUnitName 
CountryName 
StateOrProvinceName 

Definition at line 73 of file qsslcertificate.h.

Constructors and Destructors

◆ QSslCertificate() [1/3]

QSslCertificate::QSslCertificate ( QIODevice device,
QSsl::EncodingFormat  format = QSsl::Pem 
)

Constructs a QSslCertificate by reading format encoded data from device and using the first certificate found.

You can later call isNull() to see if device contained a certificate, and if this certificate was loaded successfully.

Definition at line 146 of file qsslcertificate.cpp.

148 {
150  if (device)
151  d->init(device->readAll(), format);
152 }
void init(const QByteArray &data, QSsl::EncodingFormat format)
QExplicitlySharedDataPointer< QSslCertificatePrivate > d
QByteArray readAll()
Reads all available data from the device, and returns it as a QByteArray.
Definition: qiodevice.cpp:1025
static void ensureInitialized()
Declared static in QSslSocketPrivate, makes sure the SSL libraries have been initialized.

◆ QSslCertificate() [2/3]

QSslCertificate::QSslCertificate ( const QByteArray data = QByteArray(),
QSsl::EncodingFormat  format = QSsl::Pem 
)

Constructs a QSslCertificate by parsing the format encoded data and using the first available certificate found.

You can later call isNull() to see if data contained a certificate, and if this certificate was loaded successfully.

Definition at line 160 of file qsslcertificate.cpp.

162 {
164  d->init(data, format);
165 }
void init(const QByteArray &data, QSsl::EncodingFormat format)
QExplicitlySharedDataPointer< QSslCertificatePrivate > d
static void ensureInitialized()
Declared static in QSslSocketPrivate, makes sure the SSL libraries have been initialized.

◆ QSslCertificate() [3/3]

QSslCertificate::QSslCertificate ( const QSslCertificate other)

Constructs an identical copy of other.

Definition at line 170 of file qsslcertificate.cpp.

170  : d(other.d)
171 {
172 }
QExplicitlySharedDataPointer< QSslCertificatePrivate > d

◆ ~QSslCertificate()

QSslCertificate::~QSslCertificate ( )

Destroys the QSslCertificate.

Definition at line 177 of file qsslcertificate.cpp.

178 {
179 }

Functions

◆ alternateSubjectNames()

QMultiMap< QSsl::AlternateNameEntryType, QString > QSslCertificate::alternateSubjectNames ( ) const

Returns the list of alternative subject names for this certificate.

The alternate subject names typically contain host names, optionally with wildcards, that are valid for this certificate.

These names are tested against the connected peer's host name, if either the subject information for CommonName doesn't define a valid host name, or the subject info name doesn't match the peer's host name.

See also
subjectInfo()

Definition at line 420 of file qsslcertificate.cpp.

Referenced by operator<<(), and QSslSocketBackendPrivate::startHandshake().

421 {
423 
424  if (!d->x509)
425  return result;
426 
427  STACK_OF(GENERAL_NAME) *altNames = (STACK_OF(GENERAL_NAME)*)q_X509_get_ext_d2i(d->x509, NID_subject_alt_name, 0, 0);
428 
429  if (altNames) {
430  for (int i = 0; i < q_sk_GENERAL_NAME_num(altNames); ++i) {
431  const GENERAL_NAME *genName = q_sk_GENERAL_NAME_value(altNames, i);
432  if (genName->type != GEN_DNS && genName->type != GEN_EMAIL)
433  continue;
434 
435  int len = q_ASN1_STRING_length(genName->d.ia5);
436  if (len < 0 || len >= 8192) {
437  // broken name
438  continue;
439  }
440 
441  const char *altNameStr = reinterpret_cast<const char *>(q_ASN1_STRING_data(genName->d.ia5));
442  const QString altName = QString::fromLatin1(altNameStr, len);
443  if (genName->type == GEN_DNS)
444  result.insert(QSsl::DnsEntry, altName);
445  else if (genName->type == GEN_EMAIL)
446  result.insert(QSsl::EmailEntry, altName);
447  }
448  q_sk_pop_free((STACK*)altNames, reinterpret_cast<void(*)(void*)>(q_sk_free));
449  }
450 
451  return result;
452 }
The QMultiMap class is a convenience QMap subclass that provides multi-valued maps.
Definition: qcontainerfwd.h:59
QMap< Key, T >::iterator insert(const Key &key, const T &value)
Inserts a new item with the key key and a value of value.
Definition: qmap.h:982
The QString class provides a Unicode character string.
Definition: qstring.h:83
#define q_sk_GENERAL_NAME_num(st)
unsigned char * q_ASN1_STRING_data(ASN1_STRING *a)
QExplicitlySharedDataPointer< QSslCertificatePrivate > d
void q_sk_pop_free(STACK *a, void(*b)(void *))
void * q_X509_get_ext_d2i(X509 *a, int b, int *c, int *d)
void q_sk_free(STACK *a)
static QString fromLatin1(const char *, int size=-1)
Returns a QString initialized with the first size characters of the Latin-1 string str...
Definition: qstring.cpp:4188
#define q_sk_GENERAL_NAME_value(st, i)
STACK_OF(SSL_CIPHER) *SSL_get_ciphers SSL *a
int q_ASN1_STRING_length(ASN1_STRING *a)

◆ clear()

void QSslCertificate::clear ( )

Clears the contents of this certificate, making it a null certificate.

See also
isNull()

Definition at line 254 of file qsslcertificate.cpp.

Referenced by QSslSocketPrivate::createPlainSocket(), and QSslSocketPrivate::init().

255 {
256  if (isNull())
257  return;
259 }
bool isNull() const
Returns true if this is a null certificate (i.e., a certificate with no contents); otherwise returns ...
QExplicitlySharedDataPointer< QSslCertificatePrivate > d
friend class QSslCertificatePrivate

◆ digest()

QByteArray QSslCertificate::digest ( QCryptographicHash::Algorithm  algorithm = QCryptographicHash::Md5) const

Returns a cryptographic digest of this certificate.

By default, an MD5 digest will be generated, but you can also specify a custom algorithm.

Definition at line 307 of file qsslcertificate.cpp.

Referenced by operator<<().

308 {
309  return QCryptographicHash::hash(toDer(), algorithm);
310 }
QByteArray toDer() const
Returns this certificate converted to a DER (binary) encoded representation.
static QByteArray hash(const QByteArray &data, Algorithm method)
Returns the hash of data using method.

◆ effectiveDate()

QDateTime QSslCertificate::effectiveDate ( ) const

Returns the date-time that the certificate becomes valid, or an empty QDateTime if this is a null certificate.

See also
expiryDate()

Definition at line 460 of file qsslcertificate.cpp.

Referenced by operator<<().

461 {
462  return d->notValidBefore;
463 }
QExplicitlySharedDataPointer< QSslCertificatePrivate > d

◆ expiryDate()

QDateTime QSslCertificate::expiryDate ( ) const

Returns the date-time that the certificate expires, or an empty QDateTime if this is a null certificate.

See also
effectiveDate()

Definition at line 471 of file qsslcertificate.cpp.

Referenced by operator<<().

472 {
473  return d->notValidAfter;
474 }
QExplicitlySharedDataPointer< QSslCertificatePrivate > d

◆ fromData()

QList< QSslCertificate > QSslCertificate::fromData ( const QByteArray data,
QSsl::EncodingFormat  format = QSsl::Pem 
)
static

Searches for and parses all certificates in data that are encoded in the specified format and returns them in a list of certificates.

See also
fromDevice()

Definition at line 632 of file qsslcertificate.cpp.

Referenced by fromDevice(), fromPath(), and QSslSocketPrivate::systemCaCertificates().

633 {
634  return (format == QSsl::Pem)
636  : QSslCertificatePrivate::certificatesFromDer(data);
637 }
Definition: qssl.h:62
static QList< QSslCertificate > certificatesFromPem(const QByteArray &pem, int count=-1)

◆ fromDevice()

QList< QSslCertificate > QSslCertificate::fromDevice ( QIODevice device,
QSsl::EncodingFormat  format = QSsl::Pem 
)
static

Searches for and parses all certificates in device that are encoded in the specified format and returns them in a list of certificates.

See also
fromData()

Definition at line 616 of file qsslcertificate.cpp.

617 {
618  if (!device) {
619  qWarning("QSslCertificate::fromDevice: cannot read from a null device");
620  return QList<QSslCertificate>();
621  }
622  return fromData(device->readAll(), format);
623 }
Q_CORE_EXPORT void qWarning(const char *,...)
QByteArray readAll()
Reads all available data from the device, and returns it as a QByteArray.
Definition: qiodevice.cpp:1025
static QList< QSslCertificate > fromData(const QByteArray &data, QSsl::EncodingFormat format=QSsl::Pem)
Searches for and parses all certificates in data that are encoded in the specified format and returns...

◆ fromPath()

QList< QSslCertificate > QSslCertificate::fromPath ( const QString path,
QSsl::EncodingFormat  format = QSsl::Pem,
QRegExp::PatternSyntax  syntax = QRegExp::FixedString 
)
static

Searches all files in the path for certificates encoded in the specified format and returns them in a list.

must be a file or a pattern matching one or more files, as specified by syntax.

Example:

foreach (const QSslCertificate &cert, QSslCertificate::fromPath("C:/ssl/certificate.*.pem", QSsl::Pem,
}
See also
fromData()

Definition at line 558 of file qsslcertificate.cpp.

Referenced by QSslSocket::addCaCertificates(), QSslSocketPrivate::addDefaultCaCertificates(), and QSslSocketPrivate::systemCaCertificates().

561 {
562  // $, (,), *, +, ., ?, [, ,], ^, {, | and }.
563  int pos = -1;
564  if (syntax == QRegExp::Wildcard)
565  pos = path.indexOf(QRegExp(QLatin1String("[^\\][\\*\\?\\[\\]]")));
566  else if (syntax != QRegExp::FixedString)
567  pos = path.indexOf(QRegExp(QLatin1String("[^\\][\\$\\(\\)\\*\\+\\.\\?\\[\\]\\^\\{\\}\\|]")));
568  QString pathPrefix = path.left(pos); // == path if pos < 0
569  if (pos != -1)
570  pathPrefix = pathPrefix.left(pathPrefix.lastIndexOf(QLatin1Char('/')));
571 
572  // Special case - if the prefix ends up being nothing, use "." instead and
573  // chop off the first two characters from the glob'ed paths.
574  int startIndex = 0;
575  if (pathPrefix.trimmed().isEmpty()) {
576  if(path.startsWith(QLatin1Char('/'))) {
577  pathPrefix = path.left(path.indexOf(QRegExp(QLatin1String("[\\*\\?\\[]"))));
578  pathPrefix = path.left(path.lastIndexOf(QLatin1Char('/')));
579  } else {
580  startIndex = 2;
581  pathPrefix = QLatin1String(".");
582  }
583  }
584 
585  // The path is a file.
586  if (pos == -1 && QFileInfo(pathPrefix).isFile()) {
587  QFile file(pathPrefix);
588  if (file.open(QIODevice::ReadOnly | QIODevice::Text))
589  return QSslCertificate::fromData(file.readAll(),format);
590  return QList<QSslCertificate>();
591  }
592 
593  // The path can be a file or directory.
595  QRegExp pattern(path, Qt::CaseSensitive, syntax);
597  while (it.hasNext()) {
598  QString filePath = startIndex == 0 ? it.next() : it.next().mid(startIndex);
599  if (!pattern.exactMatch(filePath))
600  continue;
601 
602  QFile file(filePath);
603  if (file.open(QIODevice::ReadOnly | QIODevice::Text))
604  certs += QSslCertificate::fromData(file.readAll(),format);
605  }
606  return certs;
607 }
The QRegExp class provides pattern matching using regular expressions.
Definition: qregexp.h:61
#define it(className, varName)
bool startsWith(const QString &s, Qt::CaseSensitivity cs=Qt::CaseSensitive) const
Returns true if the string starts with s; otherwise returns false.
Definition: qstring.cpp:3734
QLatin1String(DBUS_INTERFACE_DBUS))) Q_GLOBAL_STATIC_WITH_ARGS(QString
The QDirIterator class provides an iterator for directory entrylists.
Definition: qdiriterator.h:54
The QString class provides a Unicode character string.
Definition: qstring.h:83
QString left(int n) const Q_REQUIRED_RESULT
Returns a substring that contains the n leftmost characters of the string.
Definition: qstring.cpp:3664
QString trimmed() const Q_REQUIRED_RESULT
Returns a string that has whitespace removed from the start and the end.
Definition: qstring.cpp:4506
bool isEmpty() const
Returns true if the string has no characters; otherwise returns false.
Definition: qstring.h:704
int indexOf(QChar c, int from=0, Qt::CaseSensitivity cs=Qt::CaseSensitive) const
Definition: qstring.cpp:2838
The QFile class provides an interface for reading from and writing to files.
Definition: qfile.h:65
int lastIndexOf(QChar c, int from=-1, Qt::CaseSensitivity cs=Qt::CaseSensitive) const
Definition: qstring.cpp:3000
The QFileInfo class provides system-independent file information.
Definition: qfileinfo.h:60
static QList< QSslCertificate > fromData(const QByteArray &data, QSsl::EncodingFormat format=QSsl::Pem)
Searches for and parses all certificates in data that are encoded in the specified format and returns...
The QLatin1Char class provides an 8-bit ASCII/Latin-1 character.
Definition: qchar.h:55

◆ handle()

Qt::HANDLE QSslCertificate::handle ( ) const

Returns a pointer to the native certificate handle, if there is one, or a null pointer otherwise.

You can use this handle, together with the native API, to access extended information about the certificate.

Warning
Use of this function has a high probability of being non-portable, and its return value may vary from platform to platform or change from minor release to minor release.

Definition at line 487 of file qsslcertificate.cpp.

Referenced by QSslSocketBackendPrivate::initSslContext().

488 {
489  return Qt::HANDLE(d->x509);
490 }
QExplicitlySharedDataPointer< QSslCertificatePrivate > d
void * HANDLE
Definition: qnamespace.h:1671

◆ isNull()

bool QSslCertificate::isNull ( ) const

Returns true if this is a null certificate (i.e., a certificate with no contents); otherwise returns false.

By default, QSslCertificate constructs a null certificate.

See also
isValid(), clear()

Definition at line 224 of file qsslcertificate.cpp.

Referenced by clear(), QSslSocketBackendPrivate::initSslContext(), QSslConfiguration::isNull(), QSslSocketBackendPrivate::startHandshake(), and QSslSocketPrivate::systemCaCertificates().

225 {
226  return d->null;
227 }
QExplicitlySharedDataPointer< QSslCertificatePrivate > d

◆ issuerInfo() [1/2]

QString QSslCertificate::issuerInfo ( SubjectInfo  subject) const

Returns the issuer information for the subject from the certificate, or an empty string if there is no information for subject in the certificate.

See also
subjectInfo()

Definition at line 338 of file qsslcertificate.cpp.

Referenced by QSslCertificatePrivate::isBlacklisted(), operator<<(), and QSslSocketPrivate::systemCaCertificates().

339 {
341  // lazy init
342  if (d->issuerInfo.isEmpty() && d->x509)
343  d->issuerInfo =
345 
347 }
static mach_timebase_info_data_t info
T * data() const
Returns a pointer to the shared data object.
Definition: qshareddata.h:145
static QMap< QString, QString > _q_mapFromX509Name(X509_NAME *name)
const T value(const Key &key) const
Returns the value associated with the key key.
Definition: qmap.h:499
QExplicitlySharedDataPointer< QSslCertificatePrivate > d
X509_NAME * q_X509_get_issuer_name(X509 *a)
The QMutexLocker class is a convenience class that simplifies locking and unlocking mutexes...
Definition: qmutex.h:101
bool isEmpty() const
Returns true if the map contains no items; otherwise returns false.
Definition: qmap.h:203
static QReadWriteLock lock
Definition: proxyconf.cpp:399
QMap< QString, QString > issuerInfo
static QMutex * globalInstanceGet(const void *address)
Returns a QMutex from the global mutex pool.
Definition: qmutexpool.cpp:150
static QString _q_SubjectInfoToString(QSslCertificate::SubjectInfo info)

◆ issuerInfo() [2/2]

QString QSslCertificate::issuerInfo ( const QByteArray tag) const

Returns the issuer information for tag from the certificate, or an empty string if there is no information for tag in the certificate.

See also
subjectInfo()

Definition at line 356 of file qsslcertificate.cpp.

357 {
359  // lazy init
360  if (d->issuerInfo.isEmpty() && d->x509)
361  d->issuerInfo =
363 
364  return d->issuerInfo.value(QString::fromLatin1(tag));
365 }
T * data() const
Returns a pointer to the shared data object.
Definition: qshareddata.h:145
static QMap< QString, QString > _q_mapFromX509Name(X509_NAME *name)
const T value(const Key &key) const
Returns the value associated with the key key.
Definition: qmap.h:499
QExplicitlySharedDataPointer< QSslCertificatePrivate > d
X509_NAME * q_X509_get_issuer_name(X509 *a)
The QMutexLocker class is a convenience class that simplifies locking and unlocking mutexes...
Definition: qmutex.h:101
static QString fromLatin1(const char *, int size=-1)
Returns a QString initialized with the first size characters of the Latin-1 string str...
Definition: qstring.cpp:4188
bool isEmpty() const
Returns true if the map contains no items; otherwise returns false.
Definition: qmap.h:203
static QReadWriteLock lock
Definition: proxyconf.cpp:399
QMap< QString, QString > issuerInfo
static QMutex * globalInstanceGet(const void *address)
Returns a QMutex from the global mutex pool.
Definition: qmutexpool.cpp:150

◆ isValid()

bool QSslCertificate::isValid ( ) const

Returns true if this certificate is valid; otherwise returns false.

Note: Currently, this function checks that the current data-time is within the date-time range during which the certificate is considered valid, and checks that the certificate is not in a blacklist of fraudulent certificates.

See also
isNull()

Definition at line 240 of file qsslcertificate.cpp.

Referenced by QSslSocketBackendPrivate::initSslContext().

241 {
242  const QDateTime currentTime = QDateTime::currentDateTime();
243  return currentTime >= d->notValidBefore &&
244  currentTime <= d->notValidAfter &&
246 }
static bool isBlacklisted(const QSslCertificate &certificate)
QExplicitlySharedDataPointer< QSslCertificatePrivate > d
The QDateTime class provides date and time functions.
Definition: qdatetime.h:216
static QDateTime currentDateTime()
Returns the current datetime, as reported by the system clock, in the local time zone.
Definition: qdatetime.cpp:3138

◆ operator!=()

bool QSslCertificate::operator!= ( const QSslCertificate other) const
inline

Returns true if this certificate is not the same as other; otherwise returns false.

Definition at line 89 of file qsslcertificate.h.

89 { return !operator==(other); }
bool operator==(const QSslCertificate &other) const
Returns true if this certificate is the same as other; otherwise returns false.

◆ operator=()

QSslCertificate & QSslCertificate::operator= ( const QSslCertificate other)

Copies the contents of other into this certificate, making the two certificates identical.

Definition at line 185 of file qsslcertificate.cpp.

186 {
187  d = other.d;
188  return *this;
189 }
QExplicitlySharedDataPointer< QSslCertificatePrivate > d

◆ operator==()

bool QSslCertificate::operator== ( const QSslCertificate other) const

Returns true if this certificate is the same as other; otherwise returns false.

Definition at line 195 of file qsslcertificate.cpp.

196 {
197  if (d == other.d)
198  return true;
199  if (d->null && other.d->null)
200  return true;
201  if (d->x509 && other.d->x509)
202  return q_X509_cmp(d->x509, other.d->x509) == 0;
203  return false;
204 }
QExplicitlySharedDataPointer< QSslCertificatePrivate > d
int q_X509_cmp(X509 *a, X509 *b)

◆ publicKey()

QSslKey QSslCertificate::publicKey ( ) const

Returns the certificate subject's public key.

Definition at line 495 of file qsslcertificate.cpp.

496 {
497  if (!d->x509)
498  return QSslKey();
499 
500  QSslKey key;
501 
502  key.d->type = QSsl::PublicKey;
503  X509_PUBKEY *xkey = d->x509->cert_info->key;
504  EVP_PKEY *pkey = q_X509_PUBKEY_get(xkey);
505  Q_ASSERT(pkey);
506 
507  if (q_EVP_PKEY_type(pkey->type) == EVP_PKEY_RSA) {
508  key.d->rsa = q_EVP_PKEY_get1_RSA(pkey);
509  key.d->algorithm = QSsl::Rsa;
510  key.d->isNull = false;
511  } else if (q_EVP_PKEY_type(pkey->type) == EVP_PKEY_DSA) {
512  key.d->dsa = q_EVP_PKEY_get1_DSA(pkey);
513  key.d->algorithm = QSsl::Dsa;
514  key.d->isNull = false;
515  } else if (q_EVP_PKEY_type(pkey->type) == EVP_PKEY_DH) {
516  // DH unsupported
517  } else {
518  // error?
519  }
520 
521  q_EVP_PKEY_free(pkey);
522  return key;
523 }
Definition: qssl.h:68
The QSslKey class provides an interface for private and public keys.
Definition: qsslkey.h:64
QExplicitlySharedDataPointer< QSslKeyPrivate > d
Definition: qsslkey.h:96
EVP_PKEY * q_X509_PUBKEY_get(X509_PUBKEY *a)
QSsl::KeyType type
Definition: qsslkey_p.h:87
Definition: qssl.h:67
#define Q_ASSERT(cond)
Definition: qglobal.h:1823
QSsl::KeyAlgorithm algorithm
Definition: qsslkey_p.h:88
QExplicitlySharedDataPointer< QSslCertificatePrivate > d
int q_EVP_PKEY_type(int a)
DSA * q_EVP_PKEY_get1_DSA(EVP_PKEY *a)
RSA * q_EVP_PKEY_get1_RSA(EVP_PKEY *a)
int key
void q_EVP_PKEY_free(EVP_PKEY *a)

◆ serialNumber()

QByteArray QSslCertificate::serialNumber ( ) const

Returns the certificate's serial number string in decimal format.

In case the serial number cannot be converted to decimal format (i.e. if it is bigger than 4294967295, which means it does not fit into 4 bytes), its hexadecimal version is returned.

Definition at line 280 of file qsslcertificate.cpp.

Referenced by QSslCertificatePrivate::isBlacklisted(), and operator<<().

281 {
283  if (d->serialNumberString.isEmpty() && d->x509) {
284  ASN1_INTEGER *serialNumber = d->x509->cert_info->serialNumber;
285  // if we cannot convert to a long, just output the hexadecimal number
286  if (serialNumber->length > 4) {
287  QByteArray hexString;
288  hexString.reserve(serialNumber->length * 3);
289  for (int a = 0; a < serialNumber->length; ++a) {
290  hexString += QByteArray::number(serialNumber->data[a], 16).rightJustified(2, '0');
291  hexString += ':';
292  }
293  hexString.chop(1);
294  d->serialNumberString = hexString;
295  } else {
297  }
298  }
299  return d->serialNumberString;
300 }
void chop(int n)
Removes n bytes from the end of the byte array.
long q_ASN1_INTEGER_get(ASN1_INTEGER *a)
QByteArray serialNumber() const
Returns the certificate&#39;s serial number string in decimal format.
QByteArray rightJustified(int width, char fill=' ', bool truncate=false) const
Returns a byte array of size width that contains the fill character followed by this byte array...
The QByteArray class provides an array of bytes.
Definition: qbytearray.h:135
long ASN1_INTEGER_get ASN1_INTEGER * a
T * data() const
Returns a pointer to the shared data object.
Definition: qshareddata.h:145
QExplicitlySharedDataPointer< QSslCertificatePrivate > d
The QMutexLocker class is a convenience class that simplifies locking and unlocking mutexes...
Definition: qmutex.h:101
static QReadWriteLock lock
Definition: proxyconf.cpp:399
bool isEmpty() const
Returns true if the byte array has size 0; otherwise returns false.
Definition: qbytearray.h:421
void reserve(int size)
Attempts to allocate memory for at least size bytes.
Definition: qbytearray.h:449
qint64 qlonglong
Definition: qglobal.h:951
static QByteArray number(int, int base=10)
Returns a byte array containing the string equivalent of the number n to base base (10 by default)...
static QMutex * globalInstanceGet(const void *address)
Returns a QMutex from the global mutex pool.
Definition: qmutexpool.cpp:150

◆ subjectInfo() [1/2]

QString QSslCertificate::subjectInfo ( SubjectInfo  subject) const

Returns the information for the subject, or an empty string if there is no information for subject in the certificate.

See also
issuerInfo()

Definition at line 379 of file qsslcertificate.cpp.

Referenced by QSslCertificatePrivate::isBlacklisted(), operator<<(), and QSslSocketBackendPrivate::startHandshake().

380 {
382  // lazy init
383  if (d->subjectInfo.isEmpty() && d->x509)
384  d->subjectInfo =
386 
388 }
static mach_timebase_info_data_t info
QMap< QString, QString > subjectInfo
T * data() const
Returns a pointer to the shared data object.
Definition: qshareddata.h:145
static QMap< QString, QString > _q_mapFromX509Name(X509_NAME *name)
const T value(const Key &key) const
Returns the value associated with the key key.
Definition: qmap.h:499
QExplicitlySharedDataPointer< QSslCertificatePrivate > d
The QMutexLocker class is a convenience class that simplifies locking and unlocking mutexes...
Definition: qmutex.h:101
X509_NAME * q_X509_get_subject_name(X509 *a)
bool isEmpty() const
Returns true if the map contains no items; otherwise returns false.
Definition: qmap.h:203
static QReadWriteLock lock
Definition: proxyconf.cpp:399
static QMutex * globalInstanceGet(const void *address)
Returns a QMutex from the global mutex pool.
Definition: qmutexpool.cpp:150
static QString _q_SubjectInfoToString(QSslCertificate::SubjectInfo info)

◆ subjectInfo() [2/2]

QString QSslCertificate::subjectInfo ( const QByteArray tag) const

Returns the subject information for tag, or an empty string if there is no information for tag in the certificate.

See also
issuerInfo()

Definition at line 396 of file qsslcertificate.cpp.

397 {
399  // lazy init
400  if (d->subjectInfo.isEmpty() && d->x509)
401  d->subjectInfo =
403 
404  return d->subjectInfo.value(QString::fromLatin1(tag));
405 }
QMap< QString, QString > subjectInfo
T * data() const
Returns a pointer to the shared data object.
Definition: qshareddata.h:145
static QMap< QString, QString > _q_mapFromX509Name(X509_NAME *name)
const T value(const Key &key) const
Returns the value associated with the key key.
Definition: qmap.h:499
QExplicitlySharedDataPointer< QSslCertificatePrivate > d
The QMutexLocker class is a convenience class that simplifies locking and unlocking mutexes...
Definition: qmutex.h:101
static QString fromLatin1(const char *, int size=-1)
Returns a QString initialized with the first size characters of the Latin-1 string str...
Definition: qstring.cpp:4188
X509_NAME * q_X509_get_subject_name(X509 *a)
bool isEmpty() const
Returns true if the map contains no items; otherwise returns false.
Definition: qmap.h:203
static QReadWriteLock lock
Definition: proxyconf.cpp:399
static QMutex * globalInstanceGet(const void *address)
Returns a QMutex from the global mutex pool.
Definition: qmutexpool.cpp:150

◆ toDer()

QByteArray QSslCertificate::toDer ( ) const

Returns this certificate converted to a DER (binary) encoded representation.

Definition at line 540 of file qsslcertificate.cpp.

Referenced by digest().

541 {
542  if (!d->x509)
543  return QByteArray();
545 }
The QByteArray class provides an array of bytes.
Definition: qbytearray.h:135
QExplicitlySharedDataPointer< QSslCertificatePrivate > d
Definition: qssl.h:63
static QByteArray QByteArray_from_X509(X509 *x509, QSsl::EncodingFormat format)

◆ toPem()

QByteArray QSslCertificate::toPem ( ) const

Returns this certificate converted to a PEM (Base64) encoded representation.

Definition at line 529 of file qsslcertificate.cpp.

530 {
531  if (!d->x509)
532  return QByteArray();
534 }
The QByteArray class provides an array of bytes.
Definition: qbytearray.h:135
QExplicitlySharedDataPointer< QSslCertificatePrivate > d
Definition: qssl.h:62
static QByteArray QByteArray_from_X509(X509 *x509, QSsl::EncodingFormat format)

◆ version()

QByteArray QSslCertificate::version ( ) const

Returns the certificate's version string.

Definition at line 264 of file qsslcertificate.cpp.

Referenced by operator<<().

265 {
267  if (d->versionString.isEmpty() && d->x509)
268  d->versionString =
269  QByteArray::number(qlonglong(q_ASN1_INTEGER_get(d->x509->cert_info->version)) + 1);
270 
271  return d->versionString;
272 }
long q_ASN1_INTEGER_get(ASN1_INTEGER *a)
T * data() const
Returns a pointer to the shared data object.
Definition: qshareddata.h:145
QExplicitlySharedDataPointer< QSslCertificatePrivate > d
The QMutexLocker class is a convenience class that simplifies locking and unlocking mutexes...
Definition: qmutex.h:101
static QReadWriteLock lock
Definition: proxyconf.cpp:399
bool isEmpty() const
Returns true if the byte array has size 0; otherwise returns false.
Definition: qbytearray.h:421
qint64 qlonglong
Definition: qglobal.h:951
static QByteArray number(int, int base=10)
Returns a byte array containing the string equivalent of the number n to base base (10 by default)...
static QMutex * globalInstanceGet(const void *address)
Returns a QMutex from the global mutex pool.
Definition: qmutexpool.cpp:150

Friends and Related Functions

◆ QSslCertificatePrivate

Definition at line 123 of file qsslcertificate.h.

Referenced by clear().

◆ QSslSocketBackendPrivate

Definition at line 124 of file qsslcertificate.h.

Properties

◆ d


The documentation for this class was generated from the following files: