kio Library API Documentation

ksslcertificate.h

00001 /* This file is part of the KDE project
00002  *
00003  * Copyright (C) 2000,2001 George Staikos <staikos@kde.org>
00004  *
00005  * This library is free software; you can redistribute it and/or
00006  * modify it under the terms of the GNU Library General Public
00007  * License as published by the Free Software Foundation; either
00008  * version 2 of the License, or (at your option) any later version.
00009  *
00010  * This library is distributed in the hope that it will be useful,
00011  * but WITHOUT ANY WARRANTY; without even the implied warranty of
00012  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
00013  * Library General Public License for more details.
00014  *
00015  * You should have received a copy of the GNU Library General Public License
00016  * along with this library; see the file COPYING.LIB.  If not, write to
00017  * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
00018  * Boston, MA 02111-1307, USA.
00019  */
00020 
00021 #ifndef _KSSLCERTIFICATE_H
00022 #define _KSSLCERTIFICATE_H
00023 
00024 
00025 // Note: this object is VERY HEAVY TO COPY.  Please try to use reference
00026 //       or ptr whenever possible
00027 
00028 // UPDATE: I like the structure of this class less and less every time I look
00029 //         at it.  I think it needs to change.
00030 //
00031 
00032 //
00033 //  The biggest reason for making everything protected here is so that
00034 //  the class can have all it's methods available even if openssl is not
00035 //  available.  Also, to create a new certificate you should use the
00036 //  KSSLCertificateFactory, and to manage the user's database of certificates,
00037 //  you should go through the KSSLCertificateHome.
00038 //
00039 //  There should be no reason to touch the X509 stuff directly.
00040 //
00041 
00042 #include <qcstring.h>
00043 
00044 class QString;
00045 class QCString;
00046 class KSSL;
00047 class KSSLCertificatePrivate;
00048 class QDateTime;
00049 class KSSLCertChain;
00050 class KSSLX509V3;
00051 
00052 #include "ksslconfig.h"
00053 
00054 #ifdef KSSL_HAVE_SSL
00055 typedef struct x509_st X509;
00056 #else
00057 class X509;
00058 #endif
00059 
00060 class KSSLCertificate {
00061 friend class KSSL;
00062 friend class KSSLCertificateHome;
00063 friend class KSSLCertificateFactory;
00064 friend class KSSLCertificateCache;
00065 friend class KSSLCertChain;
00066 friend class KSSLPeerInfo;
00067 friend class KSSLPKCS12;
00068 friend class KSSLD;
00069 
00070 public:
00071   ~KSSLCertificate();
00072   static KSSLCertificate *fromString(QCString cert);
00073   // This one duplicates the X509 object for itself.
00074   static KSSLCertificate *fromX509(X509 *x5);
00075 
00076   // We need a static method to generate one of these, given a filename that
00077   // points to a PEM encoded certificate file.  It will return NULL on failure.
00078   // (that's why I don't want to use a constructor)
00079 
00080   enum KSSLValidation { Unknown, Ok, NoCARoot, InvalidPurpose,
00081                         PathLengthExceeded, InvalidCA, Expired,
00082                         SelfSigned, ErrorReadingRoot, NoSSL,
00083                         Revoked, Untrusted, SignatureFailed,
00084                         Rejected, PrivateKeyFailed };
00085 
00086   enum KSSLPurpose { None=0, SSLServer=1, SSLClient=2, 
00087             SMIMESign=3, SMIMEEncrypt=4, Any=5 };
00088 
00089   QString toString();
00090 
00091   QString getSubject() const;
00092 
00093   QString getIssuer() const;
00094 
00095   QString getNotBefore() const;
00096   QString getNotAfter() const;
00097 
00098   QDateTime getQDTNotBefore() const;
00099   QDateTime getQDTNotAfter() const;
00100 
00101   QByteArray toDer();
00102   QByteArray toPem();
00103   QByteArray toNetscape();
00104   QString    toText();
00105 
00106   QString getSerialNumber() const;
00107   QString getKeyType() const;
00108   QString getPublicKeyText() const;
00109   QString getMD5DigestText() const;
00110   QString getSignatureText() const;
00111 
00112   bool isValid();
00113   bool isValid(KSSLPurpose p);
00114   KSSLValidation validate();
00115   KSSLValidation validate(KSSLPurpose p);
00116   KSSLValidation revalidate();
00117   KSSLValidation revalidate(KSSLPurpose p);
00118   KSSLCertChain& chain();
00119 
00120   static QString verifyText(KSSLValidation x);
00121 
00122   KSSLCertificate *replicate();
00123   KSSLCertificate(const KSSLCertificate& x); // copy constructor
00124 
00125          friend int operator==(KSSLCertificate &x, KSSLCertificate &y);
00126   inline friend int operator!=(KSSLCertificate &x, KSSLCertificate &y) 
00127                                                        { return !(x == y); }
00128   bool setCert(QString& cert);
00129 
00130   KSSLX509V3& x509V3Extensions();
00131 
00132   bool isSigner();
00133 
00134 private:
00135   KSSLCertificatePrivate *d;
00136   int purposeToOpenSSL(KSSLPurpose p) const; 
00137 
00138 
00139 protected:
00140   KSSLCertificate();
00141 
00142   void setCert(X509 *c);
00143   void setChain(void *c);
00144   X509 *getCert();
00145   KSSLValidation processError(int ec);
00146 };
00147 
00148 
00149 QDataStream& operator<<(QDataStream& s, const KSSLCertificate& r);
00150 QDataStream& operator>>(QDataStream& s, KSSLCertificate& r);
00151 
00152 #endif
00153 
KDE Logo
This file is part of the documentation for kdelibs Version 3.1.4.
Documentation copyright © 1996-2002 the KDE developers.
Generated on Sun Feb 27 22:15:32 2005 by doxygen 1.3.4 written by Dimitri van Heesch, © 1997-2001