#include <ksslcertificate.h>

Public Types
enum	KSSLValidation { Unknown , Ok , NoCARoot , InvalidPurpose , PathLengthExceeded , InvalidCA , Expired , SelfSigned , ErrorReadingRoot , NoSSL , Revoked , Untrusted , SignatureFailed , Rejected , PrivateKeyFailed , InvalidHost , Irrelevant , SelfSignedChain }

enum	KSSLPurpose { None =0 , SSLServer =1 , SSLClient =2 , SMIMESign =3 , SMIMEEncrypt =4 , Any =5 }

typedef TQValueList< KSSLValidation >	KSSLValidationList

Public Member Functions
	~KSSLCertificate ()

TQString	toString ()

TQString	getSubject () const

TQString	getIssuer () const

TQString	getNotBefore () const

TQString	getNotAfter () const

TQDateTime	getQDTNotBefore () const

TQDateTime	getQDTNotAfter () const

TQDateTime	getQDTLastUpdate () const

TQDateTime	getQDTNextUpdate () const

TQByteArray	toDer ()

TQByteArray	toPem ()

TQByteArray	toNetscape ()

TQString	toText ()

TQString	getSerialNumber () const

TQString	getKeyType () const

TQString	getPublicKeyText () const

TQString	getMD5DigestText () const

TQString	getMD5Digest () const

TQString	getSignatureText () const

bool	isValid ()

bool	isValid (KSSLPurpose p)

TQStringList	subjAltNames () const

KSSLValidation	validate ()

KSSLValidation	validate (KSSLPurpose p)

KSSLValidationList	validateVerbose (KSSLPurpose p)

KSSLValidationList	validateVerbose (KSSLPurpose p, KSSLCertificate *ca)

KSSLValidation	revalidate ()

KSSLValidation	revalidate (KSSLPurpose p)

KSSLCertChain &	chain ()

KSSLCertificate *	replicate ()

	KSSLCertificate (const KSSLCertificate &x)

bool	setCert (TQString &cert)

KSSLX509V3 &	x509V3Extensions ()

bool	isSigner ()

void	getEmails (TQStringList &to) const

TQString	getKDEKey () const

Static Public Member Functions
static KSSLCertificate *	fromString (TQCString cert)

static KSSLCertificate *	crlFromString (TQCString cert)

static KSSLCertificate *	fromX509 (X509 *x5)

static TQString	verifyText (KSSLValidation x)

static TQString	getMD5DigestFromKDEKey (const TQString &k)

Protected Member Functions
void	setCert (X509 *c)

void	setCRL (X509_CRL *c)

void	setChain (void *c)

X509 *	getCert ()

KSSLValidation	processError (int ec)

Friends
class	KSSL

class	KSSLCertificateHome

class	KSSLCertificateFactory

class	KSSLCertificateCache

class	KSSLCertChain

class	KSSLPeerInfo

class	KSSLPKCS12

class	KSSLD

class	KSMIMECryptoPrivate

TDEIO_EXPORT friend int	operator!= (KSSLCertificate &x, KSSLCertificate &y)

TDEIO_EXPORT friend int	operator== (KSSLCertificate &x, KSSLCertificate &y)

Detailed Description

KDE X.509 Certificate.

This class represents an X.509 (SSL) certificate. Note: this object is VERY HEAVY TO COPY. Please try to use reference or pointer whenever possible

Author: George Staikos staik.nosp@m.os@k.nosp@m.de.or.nosp@m.g

See also: KSSL

KDE X.509 Certificate

Definition at line 77 of file ksslcertificate.h.

Member Enumeration Documentation

◆ KSSLValidation

enum KSSLCertificate::KSSLValidation

A CA certificate can be validated as Irrelevant when it was not used to sign any other relevant certificate.

Definition at line 122 of file ksslcertificate.h.

Constructor & Destructor Documentation

◆ ~KSSLCertificate()

KSSLCertificate::~KSSLCertificate ( )

Destroy this X.509 certificate.

Definition at line 121 of file ksslcertificate.cpp.

◆ KSSLCertificate()

KSSLCertificate::KSSLCertificate ( const KSSLCertificate & x )

Copy constructor.

Beware, this is very expensive.

Parameters

x	the object to copy from

Definition at line 105 of file ksslcertificate.cpp.

Member Function Documentation

◆ chain()

KSSLCertChain & KSSLCertificate::chain ( )

Get a reference to the certificate chain.

Returns: reference to the chain

Definition at line 134 of file ksslcertificate.cpp.

◆ crlFromString()

KSSLCertificate * KSSLCertificate::crlFromString ( TQCString cert )

static

Create an X.509 CRL certificate from a base64 encoded string.

Parameters

cert	the certificate in base64 form

Returns: the X.509 CRL certificate, or NULL

Definition at line 171 of file ksslcertificate.cpp.

◆ fromString()

KSSLCertificate * KSSLCertificate::fromString ( TQCString cert )

static

Create an X.509 certificate from a base64 encoded string.

Parameters

cert	the certificate in base64 form

Returns: the X.509 certificate, or NULL

Definition at line 151 of file ksslcertificate.cpp.

◆ fromX509()

KSSLCertificate * KSSLCertificate::fromX509 ( X509 * x5 )

static

Create an X.509 certificate from the internal representation.

This one duplicates the X509 object for itself.

Parameters

x5	the OpenSSL representation of the certificate

Returns: the X.509 certificate, or NULL

Definition at line 139 of file ksslcertificate.cpp.

◆ getEmails()

void KSSLCertificate::getEmails ( TQStringList & to ) const

FIXME: document.

Definition at line 252 of file ksslcertificate.cpp.

◆ getIssuer()

TQString KSSLCertificate::getIssuer ( ) const

Get the issuer of the certificate (X.509 map).

Returns: the issuer

Definition at line 467 of file ksslcertificate.cpp.

◆ getKDEKey()

TQString KSSLCertificate::getKDEKey ( ) const

KDEKey is a concatenation "Subject (MD5)", mostly needed for SMIME.

The result of getKDEKey might change and should not be used for persistant storage.

Definition at line 269 of file ksslcertificate.cpp.

◆ getKeyType()

TQString KSSLCertificate::getKeyType ( ) const

Get the key type (RSA, DSA, etc).

Returns: the key type as a string

Definition at line 335 of file ksslcertificate.cpp.

◆ getMD5Digest()

TQString KSSLCertificate::getMD5Digest ( ) const

Get the MD5 digest of the certificate.

Returns: the MD5 digest in a hexidecimal string

Definition at line 312 of file ksslcertificate.cpp.

◆ getMD5DigestFromKDEKey()

TQString KSSLCertificate::getMD5DigestFromKDEKey ( const TQString & k )

static

Aegypten semantics force us to search by MD5Digest only.

Definition at line 274 of file ksslcertificate.cpp.

◆ getMD5DigestText()

TQString KSSLCertificate::getMD5DigestText ( ) const

Get the MD5 digest of the certificate.

Result is padded with : to separate bytes - it's a text version!

Returns: the MD5 digest in a hexidecimal string

Definition at line 287 of file ksslcertificate.cpp.

◆ getNotAfter()

TQString KSSLCertificate::getNotAfter ( ) const

Get the date that the certificate is valid until.

Returns: the date as a string, localised

Definition at line 913 of file ksslcertificate.cpp.

◆ getNotBefore()

TQString KSSLCertificate::getNotBefore ( ) const

Get the date that the certificate becomes valid on.

Returns: the date as a string, localised

Definition at line 904 of file ksslcertificate.cpp.

◆ getPublicKeyText()

TQString KSSLCertificate::getPublicKeyText ( ) const

Get the public key.

Returns: the public key as a hexidecimal string

Definition at line 361 of file ksslcertificate.cpp.

◆ getQDTLastUpdate()

TQDateTime KSSLCertificate::getQDTLastUpdate ( ) const

Get the date that the CRL was generated on.

Returns: the date

Definition at line 940 of file ksslcertificate.cpp.

◆ getQDTNextUpdate()

TQDateTime KSSLCertificate::getQDTNextUpdate ( ) const

Get the date that the CRL must be updated by.

Returns: the date

Definition at line 949 of file ksslcertificate.cpp.

◆ getQDTNotAfter()

TQDateTime KSSLCertificate::getQDTNotAfter ( ) const

Get the date that the certificate is valid until.

Returns: the date

Definition at line 931 of file ksslcertificate.cpp.

◆ getQDTNotBefore()

TQDateTime KSSLCertificate::getQDTNotBefore ( ) const

Get the date that the certificate becomes valid on.

Returns: the date

Definition at line 922 of file ksslcertificate.cpp.

◆ getSerialNumber()

TQString KSSLCertificate::getSerialNumber ( ) const

Get the serial number of the certificate.

Returns: the serial number as a string

Definition at line 207 of file ksslcertificate.cpp.

◆ getSignatureText()

TQString KSSLCertificate::getSignatureText ( ) const

Get the signature.

Returns: the signature in text format

Definition at line 221 of file ksslcertificate.cpp.

◆ getSubject()

TQString KSSLCertificate::getSubject ( ) const

Get the subject of the certificate (X.509 map).

Returns: the subject

Definition at line 193 of file ksslcertificate.cpp.

◆ isSigner()

bool KSSLCertificate::isSigner ( )

Check if this is a signer certificate.

Returns: true if this is a signer certificate

Definition at line 1171 of file ksslcertificate.cpp.

◆ isValid() [1/2]

bool KSSLCertificate::isValid ( )

Check if this is a valid certificate.

Will use cached data.

Returns: true if it is valid

Definition at line 618 of file ksslcertificate.cpp.

◆ isValid() [2/2]

bool KSSLCertificate::isValid ( KSSLCertificate::KSSLPurpose p )

Check if this is a valid certificate.

Will use cached data.

Parameters

p	the purpose to validate for

Returns: true if it is valid

Definition at line 613 of file ksslcertificate.cpp.

◆ replicate()

KSSLCertificate * KSSLCertificate::replicate ( )

Explicitly make a copy of this certificate.

Returns: a copy of the certificate

Definition at line 968 of file ksslcertificate.cpp.

◆ revalidate() [1/2]

KSSLCertificate::KSSLValidation KSSLCertificate::revalidate ( )

Check if this is a valid certificate.

Will NOT use cached data.

Returns: the result of the validation

Definition at line 805 of file ksslcertificate.cpp.

◆ revalidate() [2/2]

KSSLCertificate::KSSLValidation KSSLCertificate::revalidate ( KSSLCertificate::KSSLPurpose p )

Check if this is a valid certificate.

Will NOT use cached data.

Parameters

p	the purpose to validate for

Returns: the result of the validation

Definition at line 810 of file ksslcertificate.cpp.

◆ setCert()

bool KSSLCertificate::setCert ( TQString & cert )

Re-set the certificate from a base64 string.

Parameters

cert	the certificate to set to

Returns: true on success

Definition at line 1151 of file ksslcertificate.cpp.

◆ subjAltNames()

TQStringList KSSLCertificate::subjAltNames ( ) const

The alternate subject name.

Returns: string list with subjectAltName

Definition at line 1176 of file ksslcertificate.cpp.

◆ toDer()

TQByteArray KSSLCertificate::toDer ( )

Convert the certificate to DER (ASN.1) format.

Returns: the binary data of the DER encoding

Definition at line 1027 of file ksslcertificate.cpp.

◆ toNetscape()

TQByteArray KSSLCertificate::toNetscape ( )

Convert the certificate to Netscape format.

Returns: the binary data of the Netscape encoding

Definition at line 1082 of file ksslcertificate.cpp.

◆ toPem()

TQByteArray KSSLCertificate::toPem ( )

Convert the certificate to PEM (base64) format.

Returns: the binary data of the PEM encoding

Definition at line 1045 of file ksslcertificate.cpp.

◆ toString()

TQString KSSLCertificate::toString ( )

Convert this certificate to a string.

Returns: the certificate in base64 format

Definition at line 982 of file ksslcertificate.cpp.

◆ toText()

TQString KSSLCertificate::toText ( )

Convert the certificate to OpenSSL plain text format.

Returns: the OpenSSL text encoding

Definition at line 1129 of file ksslcertificate.cpp.

◆ validate() [1/2]

KSSLCertificate::KSSLValidation KSSLCertificate::validate ( )

Check if this is a valid certificate.

Will use cached data.

Returns: the result of the validation

Definition at line 643 of file ksslcertificate.cpp.

◆ validate() [2/2]

KSSLCertificate::KSSLValidation KSSLCertificate::validate ( KSSLCertificate::KSSLPurpose purpose )

Check if this is a valid certificate.

Will use cached data.

Parameters

p	the purpose to validate for

Returns: the result of the validation

Definition at line 647 of file ksslcertificate.cpp.

◆ validateVerbose() [1/2]

KSSLCertificate::KSSLValidationList KSSLCertificate::validateVerbose ( KSSLCertificate::KSSLPurpose purpose )

Check if this is a valid certificate.

Will use cached data.

Parameters

p	the purpose to validate for

Returns: all problems encountered during validation

Definition at line 661 of file ksslcertificate.cpp.

◆ validateVerbose() [2/2]

KSSLCertificate::KSSLValidationList KSSLCertificate::validateVerbose	(	KSSLCertificate::KSSLPurpose	purpose,
		KSSLCertificate *	ca
	)

Check if the certificate ca is a proper CA for this certificate.

Parameters

p	the purpose to validate for
ca	the certificate to check

Returns: all problems encountered during validation

Definition at line 666 of file ksslcertificate.cpp.

◆ verifyText()

TQString KSSLCertificate::verifyText ( KSSLValidation x )

static

Obtain the localized message that corresponds to a validation result.

Parameters

x	the code to look up

Returns: the message text corresponding to the validation code

Definition at line 987 of file ksslcertificate.cpp.

◆ x509V3Extensions()

KSSLX509V3 & KSSLCertificate::x509V3Extensions ( )

Access the X.509v3 parameters.

Returns: reference to the extension object

See also: KSSLX509V3

Definition at line 1166 of file ksslcertificate.cpp.

The documentation for this class was generated from the following files:

tdeio/kssl

Public Types

Public Member Functions

Static Public Member Functions

Protected Member Functions

Friends

Detailed Description

Member Enumeration Documentation

◆ KSSLValidation

Constructor & Destructor Documentation

◆ ~KSSLCertificate()

◆ KSSLCertificate()

Member Function Documentation

◆ chain()

◆ crlFromString()

◆ fromString()

◆ fromX509()

◆ getEmails()

◆ getIssuer()

◆ getKDEKey()

◆ getKeyType()

◆ getMD5Digest()

◆ getMD5DigestFromKDEKey()

◆ getMD5DigestText()

◆ getNotAfter()

◆ getNotBefore()

◆ getPublicKeyText()

◆ getQDTLastUpdate()

◆ getQDTNextUpdate()

◆ getQDTNotAfter()

◆ getQDTNotBefore()

◆ getSerialNumber()

◆ getSignatureText()

◆ getSubject()

◆ isSigner()

◆ isValid() [1/2]

◆ isValid() [2/2]

◆ replicate()

◆ revalidate() [1/2]

◆ revalidate() [2/2]

◆ setCert()

◆ subjAltNames()

◆ toDer()

◆ toNetscape()

◆ toPem()

◆ toString()

◆ toText()

◆ validate() [1/2]

◆ validate() [2/2]

◆ validateVerbose() [1/2]

◆ validateVerbose() [2/2]

◆ verifyText()

◆ x509V3Extensions()

tdeio/kssl

tdeio/kssl