QCA::Certificate Class Reference

Public Key (X.509) certificate. More...

#include <QtCrypto>

Inheritance diagram for QCA::Certificate:

QCA::Algorithm Collaboration diagram for QCA::Certificate:

Collaboration graph
[legend]
List of all members.

Public Member Functions

 Certificate ()
 Certificate (const QString &fileName)
 Certificate (const CertificateOptions &opts, const PrivateKey &key, const QString &provider=QString())
 Certificate (const Certificate &from)
Certificateoperator= (const Certificate &from)
bool isNull () const
QDateTime notValidBefore () const
QDateTime notValidAfter () const
CertificateInfo subjectInfo () const
CertificateInfoOrdered subjectInfoOrdered () const
CertificateInfo issuerInfo () const
CertificateInfoOrdered issuerInfoOrdered () const
Constraints constraints () const
QStringList policies () const
QStringList crlLocations () const
QStringList issuerLocations () const
QStringList ocspLocations () const
QString commonName () const
BigInteger serialNumber () const
PublicKey subjectPublicKey () const
bool isCA () const
bool isSelfSigned () const
bool isIssuerOf (const Certificate &other) const
int pathLimit () const
SignatureAlgorithm signatureAlgorithm () const
QByteArray subjectKeyId () const
QByteArray issuerKeyId () const
Validity validate (const CertificateCollection &trusted, const CertificateCollection &untrusted, UsageMode u=UsageAny, ValidateFlags vf=ValidateAll) const
QByteArray toDER () const
QString toPEM () const
bool toPEMFile (const QString &fileName) const
bool matchesHostName (const QString &host) const
bool operator== (const Certificate &a) const
bool operator!= (const Certificate &other) const
void change (CertContext *c)

Static Public Member Functions

static Certificate fromDER (const QByteArray &a, ConvertResult *result=0, const QString &provider=QString())
static Certificate fromPEM (const QString &s, ConvertResult *result=0, const QString &provider=QString())
static Certificate fromPEMFile (const QString &fileName, ConvertResult *result=0, const QString &provider=QString())

Friends

class Private
class CertificateChain

Detailed Description

Public Key (X.509) certificate.

This class contains one X.509 certificate

Examples:

certtest.cpp, cmsexample.cpp, publickeyexample.cpp, sslservtest.cpp, and ssltest.cpp.


Constructor & Destructor Documentation

QCA::Certificate::Certificate  ) 
 

Create an empty Certificate.

QCA::Certificate::Certificate const QString fileName  ) 
 

Create a Certificate from a PEM encoded file.

Parameters:
fileName the name (and path, if required) of the file that contains the PEM encoded certificate

QCA::Certificate::Certificate const CertificateOptions opts,
const PrivateKey key,
const QString provider = QString()
 

Create a Certificate with specified options and a specified private key.

Parameters:
opts the options to use
key the private key for this certificate
provider the provider to use to create this key, if a particular provider is required

QCA::Certificate::Certificate const Certificate from  ) 
 

Standard copy constructor.


Member Function Documentation

Certificate& QCA::Certificate::operator= const Certificate from  ) 
 

Standard assignment operator.

bool QCA::Certificate::isNull  )  const
 

Test if the certificate is empty (null).

Returns:
true if the certificate is null
Examples:
cmsexample.cpp, publickeyexample.cpp, sslservtest.cpp, and ssltest.cpp.

QDateTime QCA::Certificate::notValidBefore  )  const
 

The earliest date that the certificate is valid.

Examples:
certtest.cpp, and ssltest.cpp.

QDateTime QCA::Certificate::notValidAfter  )  const
 

The latest date that the certificate is valid.

Examples:
certtest.cpp, and ssltest.cpp.

CertificateInfo QCA::Certificate::subjectInfo  )  const
 

Properties of the subject of the certificate, as a QMultiMap.

This is the method that provides information on the subject organisation, common name, DNS name, and so on. The list of information types (i.e. the key to the multi-map) is a CertificateInfoType. The values are a list of QString.

An example of how you can iterate over the list is:

foreach( QString dns, info.values(QCA::DNS) )
{
        std::cout << "    " << qPrintable(dns) << std::endl;
}
Examples:
certtest.cpp.

CertificateInfoOrdered QCA::Certificate::subjectInfoOrdered  )  const
 

Properties of the subject of the certificate, as an ordered list (QList of CertificateInfoPair).

This allows access to the certificate information in the same order as they appear in a certificate. Each pair in the list has a type and a value.

For example:

CertificateInfoOrdered info = cert.subjectInfoOrdered();
// info[0].type == CommonName
// info[0].value == "example.com"

See also:
subjectInfo for an unordered version

issuerInfoOrdered for the ordered information on the issuer

CertificateInfoPair for the elements in the list

CertificateInfo QCA::Certificate::issuerInfo  )  const
 

Properties of the issuer of the certificate.

See also:
subjectInfo for how the return value works.
Examples:
certtest.cpp.

CertificateInfoOrdered QCA::Certificate::issuerInfoOrdered  )  const
 

Properties of the issuer of the certificate, as an ordered list (QList of CertificateInfoPair).

This allows access to the certificate information in the same order as they appear in a certificate. Each pair in the list has a type and a value.

See also:
issuerInfo for an unordered version

subjectInfoOrdered for the ordered information on the subject

CertificateInfoPair for the elements in the list

Constraints QCA::Certificate::constraints  )  const
 

The constraints that apply to this certificate.

QStringList QCA::Certificate::policies  )  const
 

The policies that apply to this certificate.

Policies are specified as strings containing OIDs

QStringList QCA::Certificate::crlLocations  )  const
 

list of URI locations for CRL files

each URI refers to the same CRL file

QStringList QCA::Certificate::issuerLocations  )  const
 

list of URI locations for issuer certificate files

each URI refers to the same issuer file

QStringList QCA::Certificate::ocspLocations  )  const
 

list of URI locations for OCSP services

QString QCA::Certificate::commonName  )  const
 

The common name of the subject of the certificate.

Common names are normally the name of a person, company or organisation

Examples:
ssltest.cpp.

BigInteger QCA::Certificate::serialNumber  )  const
 

The serial number of the certificate.

Examples:
certtest.cpp.

PublicKey QCA::Certificate::subjectPublicKey  )  const
 

The public key associated with the subject of the certificate.

bool QCA::Certificate::isCA  )  const
 

Test if the Certificate is valid as a Certificate Authority.

Returns:
true if the Certificate is valid as a Certificate Authority
Examples:
certtest.cpp.

bool QCA::Certificate::isSelfSigned  )  const
 

Test if the Certificate is self-signed.

Returns:
true if the certificate is self-signed
Examples:
certtest.cpp.

bool QCA::Certificate::isIssuerOf const Certificate other  )  const
 

Test if the Certificate has signed another Certificate object and is therefore the issuer.

Returns:
true if the certificate is the issuer

int QCA::Certificate::pathLimit  )  const
 

The upper bound of the number of links in the certificate chain, if any.

SignatureAlgorithm QCA::Certificate::signatureAlgorithm  )  const
 

The signature algorithm used for the signature on this certificate.

QByteArray QCA::Certificate::subjectKeyId  )  const
 

The key identifier associated with the subject.

QByteArray QCA::Certificate::issuerKeyId  )  const
 

The key identifier associated with the issuer.

Validity QCA::Certificate::validate const CertificateCollection trusted,
const CertificateCollection untrusted,
UsageMode  u = UsageAny,
ValidateFlags  vf = ValidateAll
const
 

Check the validity of a certificate.

Parameters:
trusted a collection of trusted certificates
untrusted a collection of additional certificates, not necessarily trusted
u the use required for the certificate
vf the conditions to validate
Note:
This function may block

QByteArray QCA::Certificate::toDER  )  const
 

Export the Certificate into a DER format.

QString QCA::Certificate::toPEM  )  const
 

Export the Certificate into a PEM format.

Examples:
certtest.cpp, and ssltest.cpp.

bool QCA::Certificate::toPEMFile const QString fileName  )  const
 

Export the Certificate into PEM format in a file.

Parameters:
fileName the name of the file to use

static Certificate QCA::Certificate::fromDER const QByteArray a,
ConvertResult result = 0,
const QString provider = QString()
[static]
 

Import the certificate from DER.

Parameters:
a the array containing the certificate in DER format
result a pointer to a ConvertResult, which if not-null will be set to the conversion status
provider the provider to use, if a specific provider is required
Returns:
the Certificate corresponding to the certificate in the provided array

static Certificate QCA::Certificate::fromPEM const QString s,
ConvertResult result = 0,
const QString provider = QString()
[static]
 

Import the certificate from PEM format.

Parameters:
s the string containing the certificate in PEM format
result a pointer to a ConvertResult, which if not-null will be set to the conversion status
provider the provider to use, if a specific provider is required
Returns:
the Certificate corresponding to the certificate in the provided string
Examples:
sslservtest.cpp, and ssltest.cpp.

static Certificate QCA::Certificate::fromPEMFile const QString fileName,
ConvertResult result = 0,
const QString provider = QString()
[static]
 

Import the certificate from a file.

Parameters:
fileName the name (and path, if required) of the file containing the certificate in PEM format
result a pointer to a ConvertResult, which if not-null will be set to the conversion status
provider the provider to use, if a specific provider is required
Returns:
the Certificate corresponding to the certificate in the provided string

bool QCA::Certificate::matchesHostName const QString host  )  const
 

Test if the subject of the certificate matches a specified host name.

This will return true (indicating a match), if the specified host name meets the RFC 2818 validation rules with this certificate.

If the host is an internationalized domain name, then it must be provided in unicode format, not in IDNA ACE/punycode format.

Parameters:
host the name of the host to compare to

bool QCA::Certificate::operator== const Certificate a  )  const
 

Test for equality of two certificates.

Returns:
true if the two certificates are the same

bool QCA::Certificate::operator!= const Certificate other  )  const [inline]
 

Inequality operator.

void QCA::Certificate::change CertContext *  c  ) 
 

For internal use only.


The documentation for this class was generated from the following file:
Generated on Fri Jul 6 12:14:50 2007 for Qt Cryptographic Architecture by  doxygen 1.4.6