1 | /**************************************************************************** |
2 | ** |
3 | ** Copyright (C) 2016 The Qt Company Ltd. |
4 | ** Contact: https://www.qt.io/licensing/ |
5 | ** |
6 | ** This file is part of the QtNetwork module of the Qt Toolkit. |
7 | ** |
8 | ** $QT_BEGIN_LICENSE:LGPL$ |
9 | ** Commercial License Usage |
10 | ** Licensees holding valid commercial Qt licenses may use this file in |
11 | ** accordance with the commercial license agreement provided with the |
12 | ** Software or, alternatively, in accordance with the terms contained in |
13 | ** a written agreement between you and The Qt Company. For licensing terms |
14 | ** and conditions see https://www.qt.io/terms-conditions. For further |
15 | ** information use the contact form at https://www.qt.io/contact-us. |
16 | ** |
17 | ** GNU Lesser General Public License Usage |
18 | ** Alternatively, this file may be used under the terms of the GNU Lesser |
19 | ** General Public License version 3 as published by the Free Software |
20 | ** Foundation and appearing in the file LICENSE.LGPL3 included in the |
21 | ** packaging of this file. Please review the following information to |
22 | ** ensure the GNU Lesser General Public License version 3 requirements |
23 | ** will be met: https://www.gnu.org/licenses/lgpl-3.0.html. |
24 | ** |
25 | ** GNU General Public License Usage |
26 | ** Alternatively, this file may be used under the terms of the GNU |
27 | ** General Public License version 2.0 or (at your option) the GNU General |
28 | ** Public license version 3 or any later version approved by the KDE Free |
29 | ** Qt Foundation. The licenses are as published by the Free Software |
30 | ** Foundation and appearing in the file LICENSE.GPL2 and LICENSE.GPL3 |
31 | ** included in the packaging of this file. Please review the following |
32 | ** information to ensure the GNU General Public License requirements will |
33 | ** be met: https://www.gnu.org/licenses/gpl-2.0.html and |
34 | ** https://www.gnu.org/licenses/gpl-3.0.html. |
35 | ** |
36 | ** $QT_END_LICENSE$ |
37 | ** |
38 | ****************************************************************************/ |
39 | |
40 | |
41 | #ifndef QSSLCERTIFICATE_H |
42 | #define QSSLCERTIFICATE_H |
43 | |
44 | #ifdef verify |
45 | #undef verify |
46 | #endif |
47 | |
48 | #include <QtNetwork/qtnetworkglobal.h> |
49 | #include <QtCore/qnamespace.h> |
50 | #include <QtCore/qbytearray.h> |
51 | #include <QtCore/qcryptographichash.h> |
52 | #include <QtCore/qdatetime.h> |
53 | #include <QtCore/qregexp.h> |
54 | #include <QtCore/qsharedpointer.h> |
55 | #include <QtCore/qmap.h> |
56 | #include <QtNetwork/qssl.h> |
57 | |
58 | QT_BEGIN_NAMESPACE |
59 | |
60 | class QDateTime; |
61 | class QIODevice; |
62 | class QSslError; |
63 | class QSslKey; |
64 | class QSslCertificateExtension; |
65 | class QStringList; |
66 | |
67 | class QSslCertificate; |
68 | // qHash is a friend, but we can't use default arguments for friends (ยง8.3.6.4) |
69 | Q_NETWORK_EXPORT uint qHash(const QSslCertificate &key, uint seed = 0) noexcept; |
70 | |
71 | class QSslCertificatePrivate; |
72 | class Q_NETWORK_EXPORT QSslCertificate |
73 | { |
74 | public: |
75 | enum SubjectInfo { |
76 | Organization, |
77 | CommonName, |
78 | LocalityName, |
79 | OrganizationalUnitName, |
80 | CountryName, |
81 | StateOrProvinceName, |
82 | DistinguishedNameQualifier, |
83 | SerialNumber, |
84 | EmailAddress |
85 | }; |
86 | |
87 | enum class PatternSyntax { |
88 | RegularExpression, |
89 | Wildcard, |
90 | FixedString |
91 | }; |
92 | |
93 | |
94 | explicit QSslCertificate(QIODevice *device, QSsl::EncodingFormat format = QSsl::Pem); |
95 | explicit QSslCertificate(const QByteArray &data = QByteArray(), QSsl::EncodingFormat format = QSsl::Pem); |
96 | QSslCertificate(const QSslCertificate &other); |
97 | ~QSslCertificate(); |
98 | QSslCertificate &operator=(QSslCertificate &&other) noexcept { swap(other); return *this; } |
99 | QSslCertificate &operator=(const QSslCertificate &other); |
100 | |
101 | void swap(QSslCertificate &other) noexcept |
102 | { qSwap(d, other.d); } |
103 | |
104 | bool operator==(const QSslCertificate &other) const; |
105 | inline bool operator!=(const QSslCertificate &other) const { return !operator==(other); } |
106 | |
107 | bool isNull() const; |
108 | #if QT_DEPRECATED_SINCE(5,0) |
109 | QT_DEPRECATED inline bool isValid() const { |
110 | const QDateTime currentTime = QDateTime::currentDateTimeUtc(); |
111 | return currentTime >= effectiveDate() && |
112 | currentTime <= expiryDate() && |
113 | !isBlacklisted(); |
114 | } |
115 | #endif |
116 | bool isBlacklisted() const; |
117 | bool isSelfSigned() const; |
118 | void clear(); |
119 | |
120 | // Certificate info |
121 | QByteArray version() const; |
122 | QByteArray serialNumber() const; |
123 | QByteArray digest(QCryptographicHash::Algorithm algorithm = QCryptographicHash::Md5) const; |
124 | QStringList issuerInfo(SubjectInfo info) const; |
125 | QStringList issuerInfo(const QByteArray &attribute) const; |
126 | QStringList subjectInfo(SubjectInfo info) const; |
127 | QStringList subjectInfo(const QByteArray &attribute) const; |
128 | QString issuerDisplayName() const; |
129 | QString subjectDisplayName() const; |
130 | |
131 | QList<QByteArray> subjectInfoAttributes() const; |
132 | QList<QByteArray> issuerInfoAttributes() const; |
133 | #if QT_DEPRECATED_SINCE(5,0) |
134 | QT_DEPRECATED inline QMultiMap<QSsl::AlternateNameEntryType, QString> |
135 | alternateSubjectNames() const { return subjectAlternativeNames(); } |
136 | #endif |
137 | QMultiMap<QSsl::AlternativeNameEntryType, QString> subjectAlternativeNames() const; |
138 | QDateTime effectiveDate() const; |
139 | QDateTime expiryDate() const; |
140 | #ifndef QT_NO_SSL |
141 | QSslKey publicKey() const; |
142 | #endif |
143 | QList<QSslCertificateExtension> extensions() const; |
144 | |
145 | QByteArray toPem() const; |
146 | QByteArray toDer() const; |
147 | QString toText() const; |
148 | |
149 | #if QT_DEPRECATED_SINCE(5,15) |
150 | QT_DEPRECATED_X("Use the overload not using QRegExp" ) |
151 | static QList<QSslCertificate> fromPath(const QString &path, QSsl::EncodingFormat format, |
152 | QRegExp::PatternSyntax syntax); |
153 | #endif |
154 | static QList<QSslCertificate> fromPath(const QString &path, |
155 | QSsl::EncodingFormat format = QSsl::Pem, |
156 | PatternSyntax syntax = PatternSyntax::FixedString); |
157 | |
158 | static QList<QSslCertificate> fromDevice( |
159 | QIODevice *device, QSsl::EncodingFormat format = QSsl::Pem); |
160 | static QList<QSslCertificate> fromData( |
161 | const QByteArray &data, QSsl::EncodingFormat format = QSsl::Pem); |
162 | |
163 | #ifndef QT_NO_SSL |
164 | #if QT_VERSION >= QT_VERSION_CHECK(6,0,0) |
165 | static QList<QSslError> verify(const QList<QSslCertificate> &certificateChain, const QString &hostName = QString()); |
166 | #else |
167 | static QList<QSslError> verify(QList<QSslCertificate> certificateChain, const QString &hostName = QString()); |
168 | #endif |
169 | |
170 | static bool importPkcs12(QIODevice *device, |
171 | QSslKey *key, QSslCertificate *cert, |
172 | QList<QSslCertificate> *caCertificates = nullptr, |
173 | const QByteArray &passPhrase=QByteArray()); |
174 | #endif |
175 | |
176 | Qt::HANDLE handle() const; |
177 | |
178 | private: |
179 | QExplicitlySharedDataPointer<QSslCertificatePrivate> d; |
180 | friend class QSslCertificatePrivate; |
181 | friend class QSslSocketBackendPrivate; |
182 | |
183 | friend Q_NETWORK_EXPORT uint qHash(const QSslCertificate &key, uint seed) noexcept; |
184 | }; |
185 | Q_DECLARE_SHARED(QSslCertificate) |
186 | |
187 | #ifndef QT_NO_DEBUG_STREAM |
188 | class QDebug; |
189 | Q_NETWORK_EXPORT QDebug operator<<(QDebug debug, const QSslCertificate &certificate); |
190 | Q_NETWORK_EXPORT QDebug operator<<(QDebug debug, QSslCertificate::SubjectInfo info); |
191 | #endif |
192 | |
193 | QT_END_NAMESPACE |
194 | |
195 | Q_DECLARE_METATYPE(QSslCertificate) |
196 | |
197 | #endif |
198 | |