/************************************************************************ * This file has been generated automatically from * * * * src/core/auth/qgsauthcertutils.h * * * * Do not edit manually ! Edit header and run scripts/sipify.pl again * ************************************************************************/ class QgsAuthCertUtils { %Docstring Utilities for working with certificates and keys %End %TypeHeaderCode #include "qgsauthcertutils.h" %End public: enum CaCertSource { SystemRoot, FromFile, InDatabase, Connection }; enum CertTrustPolicy { DefaultTrust, Trusted, Untrusted, NoPolicy }; enum CertUsageType { UndeterminedUsage, AnyOrUnspecifiedUsage, CertAuthorityUsage, CertIssuerUsage, TlsServerUsage, TlsServerEvUsage, TlsClientUsage, CodeSigningUsage, EmailProtectionUsage, TimeStampingUsage, CRLSigningUsage }; enum ConstraintGroup { KeyUsage, ExtendedKeyUsage }; static QString getSslProtocolName( QSsl::SslProtocol protocol ); %Docstring SSL Protocol name strings per enum %End static QMap mapDigestToCerts( const QList &certs ); %Docstring Map certificate sha1 to certificate as simple cache %End static QMap mapDigestToSslConfigs( const QList &configs ); %Docstring Map SSL custom configs' certificate sha1 to custom config as simple cache %End static QByteArray fileData( const QString &path ); %Docstring Returns data from a local file via a read-only operation :param path: Path to file to read :return: All data contained in file or empty contents if file does not exist %End static QList certsFromFile( const QString &certspath ); %Docstring Returns a list of concatenated certs from a PEM or DER formatted file %End static QList casFromFile( const QString &certspath ); %Docstring Returns a list of concatenated CAs from a PEM or DER formatted file %End static QSslCertificate certFromFile( const QString &certpath ); %Docstring Returns the first cert from a PEM or DER formatted file %End static QList casMerge( const QList &bundle1, const QList &bundle2 ); %Docstring casMerge merges two certificate bundles in a single one removing duplicates, the certificates from the ``bundle2`` are appended to ``bundle1`` if not already there :param bundle1: first bundle :param bundle2: second bundle :return: a list of unique certificates %End static QSslKey keyFromFile( const QString &keypath, const QString &keypass = QString(), QString *algtype = 0 ); %Docstring Returns non-encrypted key from a PEM or DER formatted file :param keypath: File path to private key :param keypass: Passphrase for private key :param algtype: QString to set with resolved algorithm type %End static QList certsFromString( const QString &pemtext ); %Docstring Returns a list of concatenated certs from a PEM Base64 text block %End static QList casRemoveSelfSigned( const QList &caList ); %Docstring casRemoveSelfSigned remove self-signed CA certificates from ``caList`` :param caList: list of CA certificates :return: a list of non self-signed certificates %End static QStringList certKeyBundleToPem( const QString &certpath, const QString &keypath, const QString &keypass = QString(), bool reencrypt = true ); %Docstring Returns list of certificate, private key and algorithm (as PEM text) from file path components :param certpath: File path to certificate :param keypath: File path to private key :param keypass: Passphrase for private key :param reencrypt: Whether to re-encrypt the private key with the passphrase :return: certificate, private key, key's algorithm type %End static bool pemIsPkcs8( const QString &keyPemTxt ); %Docstring Determine if the PEM-encoded text of a key is PKCS#8 format :param keyPemTxt: PEM-encoded text :return: True if PKCS#8, otherwise false %End static QStringList pkcs12BundleToPem( const QString &bundlepath, const QString &bundlepass = QString(), bool reencrypt = true ); %Docstring Returns list of certificate, private key and algorithm (as PEM text) for a PKCS#12 bundle :param bundlepath: File path to the PKCS bundle :param bundlepass: Passphrase for bundle :param reencrypt: Whether to re-encrypt the private key with the passphrase :return: certificate, private key, key's algorithm type %End static QList pkcs12BundleCas( const QString &bundlepath, const QString &bundlepass = QString() ); %Docstring Returns list of CA certificates (as QSslCertificate) for a PKCS#12 bundle :param bundlepath: File path to the PKCS bundle :param bundlepass: Passphrase for bundle :return: list of certificate %End static QByteArray certsToPemText( const QList &certs ); %Docstring certsToPemText dump a list of QSslCertificates to PEM text :param certs: list of certs :return: a byte array of concatenated certificates as PEM text %End static QString pemTextToTempFile( const QString &name, const QByteArray &pemtext ); %Docstring Write a temporary file for a PEM text of cert/key/CAs bundle component :param pemtext: Component content as PEM text :param name: Name of file :return: File path to temporary file %End static QString getCaSourceName( QgsAuthCertUtils::CaCertSource source, bool single = false ); %Docstring Gets the general name for CA source enum type :param source: The enum source type for the CA :param single: Whether to return singular or plural description %End static QString resolvedCertName( const QSslCertificate &cert, bool issuer = false ); %Docstring Gets the general name via RFC 5280 resolution %End static QString getCertTrustName( QgsAuthCertUtils::CertTrustPolicy trust ); %Docstring Gets the general name for certificate trust %End static QString getColonDelimited( const QString &txt ); %Docstring Gets string with colon delimiters every 2 characters %End static QString shaHexForCert( const QSslCertificate &cert, bool formatted = false ); %Docstring Gets the sha1 hash for certificate :param cert: Qt SSL certificate to generate hash from :param formatted: Whether to colon-delimit the hash %End static QList certificateUsageTypes( const QSslCertificate &cert ); %Docstring Try to determine the certificates usage types %End static bool certificateIsAuthority( const QSslCertificate &cert ); %Docstring Gets whether a certificate is an Authority %End static bool certificateIsIssuer( const QSslCertificate &cert ); %Docstring Gets whether a certificate can sign other certificates %End static bool certificateIsAuthorityOrIssuer( const QSslCertificate &cert ); %Docstring Gets whether a certificate is an Authority or can at least sign other certificates %End static bool certificateIsSslServer( const QSslCertificate &cert ); %Docstring Gets whether a certificate is probably used for a SSL server %End static bool certificateIsSslClient( const QSslCertificate &cert ); %Docstring Gets whether a certificate is probably used for a client identity %End static QString sslErrorEnumString( QSslError::SslError errenum ); %Docstring Gets short strings describing an SSL error %End static bool certIsCurrent( const QSslCertificate &cert ); %Docstring certIsCurrent checks if ``cert`` is viable for its not before and not after dates :param cert: certificate to be checked %End static QList certViabilityErrors( const QSslCertificate &cert ); %Docstring certViabilityErrors checks basic characteristics (validity dates, blacklisting, etc.) of given ``cert`` :param cert: certificate to be checked :return: list of QSslError (will return NO ERRORS if a null QSslCertificate is passed) %End static bool certIsViable( const QSslCertificate &cert ); %Docstring certIsViable checks for viability errors of ``cert`` and whether it is NULL :param cert: certificate to be checked :return: false if cert is NULL or has viability errors %End static QList validateCertChain( const QList &certificateChain, const QString &hostName = QString(), bool trustRootCa = false ); %Docstring validateCertChain validates the given ``certificateChain`` :param certificateChain: list of certificates to be checked, with leaf first and with optional root CA last :param hostName: (optional) name of the host to be verified :param trustRootCa: if true the CA will be added to the trusted CAs for this validation check :return: list of QSslError, if the list is empty then the cert chain is valid %End static QStringList validatePKIBundle( QgsPkiBundle &bundle, bool useIntermediates = true, bool trustRootCa = false ); %Docstring validatePKIBundle validate the PKI bundle by checking the certificate chain, the expiration and effective dates, optionally trusts the root CA :param bundle: :param useIntermediates: if true the intermediate certs are also checked :param trustRootCa: if true the CA will be added to the trusted CAs for this validation check (if useIntermediates is false) this option is ignored and set to false :return: a list of error strings, if the list is empty then the PKI bundle is valid %End }; /************************************************************************ * This file has been generated automatically from * * * * src/core/auth/qgsauthcertutils.h * * * * Do not edit manually ! Edit header and run scripts/sipify.pl again * ************************************************************************/