kio Library API Documentation

ksslcertificate.h

00001 /* This file is part of the KDE project
00002  *
00003  * Copyright (C) 2000-2003 George Staikos <staikos@kde.org>
00004  *
00005  * This library is free software; you can redistribute it and/or
00006  * modify it under the terms of the GNU Library General Public
00007  * License as published by the Free Software Foundation; either
00008  * version 2 of the License, or (at your option) any later version.
00009  *
00010  * This library is distributed in the hope that it will be useful,
00011  * but WITHOUT ANY WARRANTY; without even the implied warranty of
00012  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
00013  * Library General Public License for more details.
00014  *
00015  * You should have received a copy of the GNU Library General Public License
00016  * along with this library; see the file COPYING.LIB.  If not, write to
00017  * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
00018  * Boston, MA 02111-1307, USA.
00019  */
00020 
00021 #ifndef _KSSLCERTIFICATE_H
00022 #define _KSSLCERTIFICATE_H
00023 
00024 
00025 // UPDATE: I like the structure of this class less and less every time I look
00026 //         at it.  I think it needs to change.
00027 //
00028 //
00029 //  The biggest reason for making everything protected here is so that
00030 //  the class can have all it's methods available even if openssl is not
00031 //  available.  Also, to create a new certificate you should use the
00032 //  KSSLCertificateFactory, and to manage the user's database of certificates,
00033 //  you should go through the KSSLCertificateHome.
00034 //
00035 //  There should be no reason to touch the X509 stuff directly.
00036 //
00037 
00038 #include <qcstring.h>
00039 #include <qvaluelist.h>
00040 
00041 class QString;
00042 class QStringList;
00043 class QCString;
00044 class KSSL;
00045 class KSSLCertificatePrivate;
00046 class QDateTime;
00047 class KSSLCertChain;
00048 class KSSLX509V3;
00049 
00050 #include "ksslconfig.h"
00051 
00052 #ifdef KSSL_HAVE_SSL
00053 typedef struct x509_st X509;
00054 #else
00055 class X509;
00056 #endif
00057 
00069 class KSSLCertificate {
00070 friend class KSSL;
00071 friend class KSSLCertificateHome;
00072 friend class KSSLCertificateFactory;
00073 friend class KSSLCertificateCache;
00074 friend class KSSLCertChain;
00075 friend class KSSLPeerInfo;
00076 friend class KSSLPKCS12;
00077 friend class KSSLD;
00078 friend class KSMIMECryptoPrivate;
00079 
00080 
00081 public:
00085     ~KSSLCertificate();
00086 
00092     static KSSLCertificate *fromString(QCString cert);
00093 
00101     static KSSLCertificate *fromX509(X509 *x5);
00102 
00107     enum KSSLValidation {   Unknown, Ok, NoCARoot, InvalidPurpose,
00108                 PathLengthExceeded, InvalidCA, Expired,
00109                 SelfSigned, ErrorReadingRoot, NoSSL,
00110                 Revoked, Untrusted, SignatureFailed,
00111                 Rejected, PrivateKeyFailed, InvalidHost, 
00112                 Irrelevant 
00113                 };
00114                 
00115     enum KSSLPurpose {      None=0, SSLServer=1, SSLClient=2, 
00116                 SMIMESign=3, SMIMEEncrypt=4, Any=5 };
00117 
00118         typedef QValueList<KSSLValidation> KSSLValidationList;
00119 
00124     QString toString();
00125 
00130     QString getSubject() const;
00131 
00136     QString getIssuer() const;
00137 
00142     QString getNotBefore() const;
00143 
00148     QString getNotAfter() const;
00149 
00154     QDateTime getQDTNotBefore() const;
00155 
00160     QDateTime getQDTNotAfter() const;
00161 
00166     QByteArray toDer();
00167 
00172     QByteArray toPem();
00173 
00178     QByteArray toNetscape();
00179 
00184     QString toText();
00185 
00190     QString getSerialNumber() const;
00191 
00196     QString getKeyType() const;
00197 
00202     QString getPublicKeyText() const;
00203 
00208     QString getMD5DigestText() const;
00209 
00214     QString getSignatureText() const;
00215 
00220     bool isValid();
00221 
00227     bool isValid(KSSLPurpose p);
00228 
00233     KSSLValidation validate();
00234 
00240     KSSLValidation validate(KSSLPurpose p);
00241 
00247     KSSLValidationList validateVerbose(KSSLPurpose p);
00248 
00255     KSSLValidationList validateVerbose(KSSLPurpose p, KSSLCertificate *ca);
00256 
00261     KSSLValidation revalidate();
00262 
00268     KSSLValidation revalidate(KSSLPurpose p);
00269 
00274     KSSLCertChain& chain();
00275 
00281     static QString verifyText(KSSLValidation x);
00282 
00287     KSSLCertificate *replicate();
00288 
00293     KSSLCertificate(const KSSLCertificate& x); // copy constructor
00294 
00298     friend int operator==(KSSLCertificate& x, KSSLCertificate& y);
00299 
00303     inline friend int operator!=(KSSLCertificate& x, KSSLCertificate& y) 
00304                                                        { return !(x == y); }
00305 
00311     bool setCert(QString& cert);
00312 
00318     KSSLX509V3& x509V3Extensions();
00319 
00324     bool isSigner();
00325 
00329     void getEmails(QStringList& to) const;
00330 
00336     QString getKDEKey() const;
00337 
00341     static QString getMD5DigestFromKDEKey(const QString& k);
00342 
00343 private:
00344     KSSLCertificatePrivate *d;
00345     int purposeToOpenSSL(KSSLPurpose p) const; 
00346 
00347 protected:
00348     KSSLCertificate();
00349 
00350     void setCert(X509 *c);
00351     void setChain(void *c);
00352     X509 *getCert();
00353     KSSLValidation processError(int ec);
00354 };
00355 
00356 
00357 QDataStream& operator<<(QDataStream& s, const KSSLCertificate& r);
00358 QDataStream& operator>>(QDataStream& s, KSSLCertificate& r);
00359 
00360 #endif
00361 
KDE Logo
This file is part of the documentation for kio Library Version 3.3.2.
Documentation copyright © 1996-2004 the KDE developers.
Generated on Sun Jan 15 13:33:29 2006 by doxygen 1.4.2 written by Dimitri van Heesch, © 1997-2003