Qt 6.x
The Qt SDK
Loading...
Searching...
No Matches
qsslcertificate.cpp
Go to the documentation of this file.
1// Copyright (C) 2016 The Qt Company Ltd.
2// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only
3
4
96#include <QtNetwork/qtnetworkglobal.h>
97
98#if QT_CONFIG(regularexpression)
99#include "qregularexpression.h"
100#endif
101
102#include "qsslcertificateextension_p.h"
103#include "qsslcertificate_p.h"
104#include "qsslcertificate.h"
105#include "qssl_p.h"
106
107#ifndef QT_NO_SSL
108#include "qsslsocket_p.h"
109#include "qsslkey_p.h"
110#endif
111
112#include <QtCore/qdir.h>
113#include <QtCore/qdiriterator.h>
114#include <QtCore/qfile.h>
115
116QT_BEGIN_NAMESPACE
117
118using namespace Qt::StringLiterals;
119
120QT_IMPL_METATYPE_EXTERN(QSslCertificate)
121
122QSslCertificatePrivate::QSslCertificatePrivate()
123{
124#ifndef QT_NO_SSL
125 QSslSocketPrivate::ensureInitialized();
126#endif
127
128 const QTlsBackend *tlsBackend = QTlsBackend::activeOrAnyBackend();
129 if (tlsBackend)
130 backend.reset(tlsBackend->createCertificate());
131 else
132 qCWarning(lcSsl, "No TLS backend is available");
133}
134
135QSslCertificatePrivate::~QSslCertificatePrivate() = default;
136
143QSslCertificate::QSslCertificate(QIODevice *device, QSsl::EncodingFormat format)
144 : d(new QSslCertificatePrivate)
145{
146 if (device) {
147 const auto data = device->readAll();
148 if (data.isEmpty())
149 return;
150
151 const auto *tlsBackend = QTlsBackend::activeOrAnyBackend();
152 if (!tlsBackend)
153 return;
154
155 auto *X509Reader = format == QSsl::Pem ? tlsBackend->X509PemReader() : tlsBackend->X509DerReader();
156 if (!X509Reader) {
157 qCWarning(lcSsl, "Current TLS plugin does not support reading from PEM/DER");
158 return;
159 }
160
161 QList<QSslCertificate> certs = X509Reader(data, 1);
162 if (!certs.isEmpty())
163 d = certs.first().d;
164 }
165}
166
173QSslCertificate::QSslCertificate(const QByteArray &data, QSsl::EncodingFormat format)
174 : d(new QSslCertificatePrivate)
175{
176 if (data.isEmpty())
177 return;
178
179 const auto *tlsBackend = QTlsBackend::activeOrAnyBackend();
180 if (!tlsBackend)
181 return;
182
183 auto *X509Reader = format == QSsl::Pem ? tlsBackend->X509PemReader() : tlsBackend->X509DerReader();
184 if (!X509Reader) {
185 qCWarning(lcSsl, "Current TLS plugin does not support reading from PEM/DER");
186 return;
187 }
188
189 QList<QSslCertificate> certs = X509Reader(data, 1);
190 if (!certs.isEmpty())
191 d = certs.first().d;
192}
193
197QSslCertificate::QSslCertificate(const QSslCertificate &other) : d(other.d)
198{
199}
200
204QSslCertificate::~QSslCertificate()
205{
206}
207
212QSslCertificate &QSslCertificate::operator=(const QSslCertificate &other)
213{
214 d = other.d;
215 return *this;
216}
217
233bool QSslCertificate::operator==(const QSslCertificate &other) const
234{
235 if (d == other.d)
236 return true;
237
238 if (isNull() && other.isNull())
239 return true;
240
241 if (d->backend.get() && other.d->backend.get())
242 return d->backend->isEqual(*other.d->backend.get());
243
244 return false;
245}
246
264bool QSslCertificate::isNull() const
265{
266 if (const auto *backend = d->backend.get())
267 return backend->isNull();
268
269 return true;
270}
271
278bool QSslCertificate::isBlacklisted() const
279{
280 return QSslCertificatePrivate::isBlacklisted(*this);
281}
282
293bool QSslCertificate::isSelfSigned() const
294{
295 if (const auto *backend = d->backend.get())
296 return backend->isSelfSigned();
297
298 return false;
299}
300
307void QSslCertificate::clear()
308{
309 if (isNull())
310 return;
311 d = new QSslCertificatePrivate;
312}
313
318QByteArray QSslCertificate::version() const
319{
320 if (const auto *backend = d->backend.get())
321 return backend->version();
322
323 return {};
324}
325
331QByteArray QSslCertificate::serialNumber() const
332{
333 if (const auto *backend = d->backend.get())
334 return backend->serialNumber();
335
336 return {};
337}
338
344QByteArray QSslCertificate::digest(QCryptographicHash::Algorithm algorithm) const
345{
346 return QCryptographicHash::hash(toDer(), algorithm);
347}
348
359QStringList QSslCertificate::issuerInfo(SubjectInfo info) const
360{
361 if (const auto *backend = d->backend.get())
362 return backend->issuerInfo(info);
363
364 return {};
365}
366
376QStringList QSslCertificate::issuerInfo(const QByteArray &attribute) const
377{
378 if (const auto *backend = d->backend.get())
379 return backend->issuerInfo(attribute);
380
381 return {};
382}
383
393QStringList QSslCertificate::subjectInfo(SubjectInfo info) const
394{
395 if (const auto *backend = d->backend.get())
396 return backend->subjectInfo(info);
397
398 return {};
399}
400
410QStringList QSslCertificate::subjectInfo(const QByteArray &attribute) const
411{
412 if (const auto *backend = d->backend.get())
413 return backend->subjectInfo(attribute);
414
415 return {};
416}
417
430QList<QByteArray> QSslCertificate::subjectInfoAttributes() const
431{
432 if (const auto *backend = d->backend.get())
433 return backend->subjectInfoAttributes();
434
435 return {};
436}
437
450QList<QByteArray> QSslCertificate::issuerInfoAttributes() const
451{
452 if (const auto *backend = d->backend.get())
453 return backend->issuerInfoAttributes();
454
455 return {};
456}
457
473QMultiMap<QSsl::AlternativeNameEntryType, QString> QSslCertificate::subjectAlternativeNames() const
474{
475 if (const auto *backend = d->backend.get())
476 return backend->subjectAlternativeNames();
477
478 return {};
479}
480
489QDateTime QSslCertificate::effectiveDate() const
490{
491 if (const auto *backend = d->backend.get())
492 return backend->effectiveDate();
493
494 return {};
495}
496
505QDateTime QSslCertificate::expiryDate() const
506{
507 if (const auto *backend = d->backend.get())
508 return backend->expiryDate();
509
510 return {};
511}
512
525Qt::HANDLE QSslCertificate::handle() const
526{
527 if (const auto *backend = d->backend.get())
528 return backend->handle();
529
530 return {};
531}
532
533#ifndef QT_NO_SSL
538QSslKey QSslCertificate::publicKey() const
539{
540 QSslKey key;
541 if (const auto *backend = d->backend.get())
542 QTlsBackend::resetBackend(key, backend->publicKey());
543
544 return key;
545}
546#endif // QT_NO_SSL
547
548
555QList<QSslCertificateExtension> QSslCertificate::extensions() const
556{
557 return d->extensions();
558}
559
566QByteArray QSslCertificate::toPem() const
567{
568 if (const auto *backend = d->backend.get())
569 return backend->toPem();
570
571 return {};
572}
573
580QByteArray QSslCertificate::toDer() const
581{
582 if (const auto *backend = d->backend.get())
583 return backend->toDer();
584
585 return {};
586}
587
596QString QSslCertificate::toText() const
597{
598 if (const auto *backend = d->backend.get())
599 return backend->toText();
600
601 return {};
602}
603
617QList<QSslCertificate> QSslCertificate::fromPath(const QString &path,
618 QSsl::EncodingFormat format,
619 PatternSyntax syntax)
620{
621 // $, (,), *, +, ., ?, [, ,], ^, {, | and }.
622
623 // make sure to use the same path separators on Windows and Unix like systems.
624 QString sourcePath = QDir::fromNativeSeparators(path);
625
626 // Find the path without the filename
627 QString pathPrefix = sourcePath.left(sourcePath.lastIndexOf(u'/'));
628
629 // Check if the path contains any special chars
630 int pos = -1;
631
632#if QT_CONFIG(regularexpression)
633 if (syntax == PatternSyntax::Wildcard)
634 pos = pathPrefix.indexOf(QRegularExpression("[*?[]"_L1));
635 else if (syntax == PatternSyntax::RegularExpression)
636 pos = sourcePath.indexOf(QRegularExpression("[\\$\\(\\)\\*\\+\\.\\?\\[\\]\\^\\{\\}\\|]"_L1));
637#else
638 if (syntax == PatternSyntax::Wildcard || syntax == PatternSyntax::RegExp)
639 qWarning("Regular expression support is disabled in this build. Only fixed string can be searched");
640 return QList<QSslCertificate>();
641#endif
642
643 if (pos != -1) {
644 // there was a special char in the path so cut of the part containing that char.
645 pathPrefix = pathPrefix.left(pos);
646 const qsizetype lastIndexOfSlash = pathPrefix.lastIndexOf(u'/');
647 if (lastIndexOfSlash != -1)
648 pathPrefix = pathPrefix.left(lastIndexOfSlash);
649 else
650 pathPrefix.clear();
651 } else {
652 // Check if the path is a file.
653 if (QFileInfo(sourcePath).isFile()) {
654 QFile file(sourcePath);
655 QIODevice::OpenMode openMode = QIODevice::ReadOnly;
656 if (format == QSsl::Pem)
657 openMode |= QIODevice::Text;
658 if (file.open(openMode))
659 return QSslCertificate::fromData(file.readAll(), format);
660 return QList<QSslCertificate>();
661 }
662 }
663
664 // Special case - if the prefix ends up being nothing, use "." instead.
665 int startIndex = 0;
666 if (pathPrefix.isEmpty()) {
667 pathPrefix = "."_L1;
668 startIndex = 2;
669 }
670
671 // The path can be a file or directory.
672 QList<QSslCertificate> certs;
673
674#if QT_CONFIG(regularexpression)
675 if (syntax == PatternSyntax::Wildcard)
676 sourcePath = QRegularExpression::wildcardToRegularExpression(sourcePath, QRegularExpression::UnanchoredWildcardConversion);
677
678 QRegularExpression pattern(QRegularExpression::anchoredPattern(sourcePath));
679#endif
680
681 QDirIterator it(pathPrefix, QDir::Files, QDirIterator::FollowSymlinks | QDirIterator::Subdirectories);
682 while (it.hasNext()) {
683 QString filePath = startIndex == 0 ? it.next() : it.next().mid(startIndex);
684
685#if QT_CONFIG(regularexpression)
686 if (!pattern.match(filePath).hasMatch())
687 continue;
688#else
689 if (sourcePath != filePath)
690 continue;
691#endif
692
693 QFile file(filePath);
694 QIODevice::OpenMode openMode = QIODevice::ReadOnly;
695 if (format == QSsl::Pem)
696 openMode |= QIODevice::Text;
697 if (file.open(openMode))
698 certs += QSslCertificate::fromData(file.readAll(), format);
699 }
700 return certs;
701}
702
710QList<QSslCertificate> QSslCertificate::fromDevice(QIODevice *device, QSsl::EncodingFormat format)
711{
712 if (!device) {
713 qCWarning(lcSsl, "QSslCertificate::fromDevice: cannot read from a null device");
714 return QList<QSslCertificate>();
715 }
716 return fromData(device->readAll(), format);
717}
718
726QList<QSslCertificate> QSslCertificate::fromData(const QByteArray &data, QSsl::EncodingFormat format)
727{
728 const auto *tlsBackend = QTlsBackend::activeOrAnyBackend();
729 if (!tlsBackend) {
730 qCWarning(lcSsl, "No TLS backend is available");
731 return {};
732 }
733
734 auto reader = format == QSsl::Pem ? tlsBackend->X509PemReader() : tlsBackend->X509DerReader();
735 if (!reader) {
736 qCWarning(lcSsl, "The available TLS backend does not support reading PEM/DER");
737 return {};
738 }
739
740 return reader(data, -1);
741}
742
743#ifndef QT_NO_SSL
758QList<QSslError> QSslCertificate::verify(const QList<QSslCertificate> &certificateChain, const QString &hostName)
759{
760 const auto *tlsBackend = QTlsBackend::activeOrAnyBackend();
761 if (!tlsBackend) {
762 qCWarning(lcSsl, "No TLS backend is available");
763 return {};
764 }
765 auto verifyPtr = tlsBackend->X509Verifier();
766 if (!verifyPtr) {
767 qCWarning(lcSsl, "Available TLS backend does not support manual certificate verification");
768 return {};
769 }
770 return verifyPtr(certificateChain, hostName);
771}
772
785bool QSslCertificate::importPkcs12(QIODevice *device,
786 QSslKey *key, QSslCertificate *certificate,
787 QList<QSslCertificate> *caCertificates,
788 const QByteArray &passPhrase)
789{
790 if (!device || !key || !certificate)
791 return false;
792
793 const auto *tlsBackend = QTlsBackend::activeOrAnyBackend();
794 if (!tlsBackend) {
795 qCWarning(lcSsl, "No TLS backend is available");
796 return false;
797 }
798
799 if (auto reader = tlsBackend->X509Pkcs12Reader())
800 return reader(device, key, certificate, caCertificates, passPhrase);
801
802 qCWarning(lcSsl, "Available TLS backend does not support PKCS12");
803
804 return false;
805}
806#endif // QT_NO_SSL
807
808QList<QSslCertificateExtension> QSslCertificatePrivate::extensions() const
809{
810 QList<QSslCertificateExtension> result;
811
812 if (backend.get()) {
813 auto nExt = backend->numberOfExtensions();
814 for (decltype (nExt) i = 0; i < nExt; ++i) {
815 QSslCertificateExtension ext;
816 ext.d->oid = backend->oidForExtension(i);
817 ext.d->name = backend->nameForExtension(i);
818 ext.d->value = backend->valueForExtension(i);
819 ext.d->critical = backend->isExtensionCritical(i);
820 ext.d->supported = backend->isExtensionSupported(i);
821 result << ext;
822 }
823 }
824
825 return result;
826}
827
828// These certificates are known to be fraudulent and were created during the comodo
829// compromise. See http://www.comodo.com/Comodo-Fraud-Incident-2011-03-23.html
830static const char *const certificate_blacklist[] = {
831 "04:7e:cb:e9:fc:a5:5f:7b:d0:9e:ae:36:e1:0c:ae:1e", "mail.google.com", // Comodo
832 "f5:c8:6a:f3:61:62:f1:3a:64:f5:4f:6d:c9:58:7c:06", "www.google.com", // Comodo
833 "d7:55:8f:da:f5:f1:10:5b:b2:13:28:2b:70:77:29:a3", "login.yahoo.com", // Comodo
834 "39:2a:43:4f:0e:07:df:1f:8a:a3:05:de:34:e0:c2:29", "login.yahoo.com", // Comodo
835 "3e:75:ce:d4:6b:69:30:21:21:88:30:ae:86:a8:2a:71", "login.yahoo.com", // Comodo
836 "e9:02:8b:95:78:e4:15:dc:1a:71:0a:2b:88:15:44:47", "login.skype.com", // Comodo
837 "92:39:d5:34:8f:40:d1:69:5a:74:54:70:e1:f2:3f:43", "addons.mozilla.org", // Comodo
838 "b0:b7:13:3e:d0:96:f9:b5:6f:ae:91:c8:74:bd:3a:c0", "login.live.com", // Comodo
839 "d8:f3:5f:4e:b7:87:2b:2d:ab:06:92:e3:15:38:2f:b0", "global trustee", // Comodo
840
841 "05:e2:e6:a4:cd:09:ea:54:d6:65:b0:75:fe:22:a2:56", "*.google.com", // leaf certificate issued by DigiNotar
842 "0c:76:da:9c:91:0c:4e:2c:9e:fe:15:d0:58:93:3c:4c", "DigiNotar Root CA", // DigiNotar root
843 "f1:4a:13:f4:87:2b:56:dc:39:df:84:ca:7a:a1:06:49", "DigiNotar Services CA", // DigiNotar intermediate signed by DigiNotar Root
844 "36:16:71:55:43:42:1b:9d:e6:cb:a3:64:41:df:24:38", "DigiNotar Services 1024 CA", // DigiNotar intermediate signed by DigiNotar Root
845 "0a:82:bd:1e:14:4e:88:14:d7:5b:1a:55:27:be:bf:3e", "DigiNotar Root CA G2", // other DigiNotar Root CA
846 "a4:b6:ce:e3:2e:d3:35:46:26:3c:b3:55:3a:a8:92:21", "CertiID Enterprise Certificate Authority", // DigiNotar intermediate signed by "DigiNotar Root CA G2"
847 "5b:d5:60:9c:64:17:68:cf:21:0e:35:fd:fb:05:ad:41", "DigiNotar Qualified CA", // DigiNotar intermediate signed by DigiNotar Root
848
849 "46:9c:2c:b0", "DigiNotar Services 1024 CA", // DigiNotar intermediate cross-signed by Entrust
850 "07:27:10:0d", "DigiNotar Cyber CA", // DigiNotar intermediate cross-signed by CyberTrust
851 "07:27:0f:f9", "DigiNotar Cyber CA", // DigiNotar intermediate cross-signed by CyberTrust
852 "07:27:10:03", "DigiNotar Cyber CA", // DigiNotar intermediate cross-signed by CyberTrust
853 "01:31:69:b0", "DigiNotar PKIoverheid CA Overheid en Bedrijven", // DigiNotar intermediate cross-signed by the Dutch government
854 "01:31:34:bf", "DigiNotar PKIoverheid CA Organisatie - G2", // DigiNotar intermediate cross-signed by the Dutch government
855 "d6:d0:29:77:f1:49:fd:1a:83:f2:b9:ea:94:8c:5c:b4", "DigiNotar Extended Validation CA", // DigiNotar intermediate signed by DigiNotar EV Root
856 "1e:7d:7a:53:3d:45:30:41:96:40:0f:71:48:1f:45:04", "DigiNotar Public CA 2025", // DigiNotar intermediate
857// "(has not been seen in the wild so far)", "DigiNotar Public CA - G2", // DigiNotar intermediate
858// "(has not been seen in the wild so far)", "Koninklijke Notariele Beroepsorganisatie CA", // compromised during DigiNotar breach
859// "(has not been seen in the wild so far)", "Stichting TTP Infos CA," // compromised during DigiNotar breach
860 "46:9c:2c:af", "DigiNotar Root CA", // DigiNotar intermediate cross-signed by Entrust
861 "46:9c:3c:c9", "DigiNotar Root CA", // DigiNotar intermediate cross-signed by Entrust
862
863 "07:27:14:a9", "Digisign Server ID (Enrich)", // (Malaysian) Digicert Sdn. Bhd. cross-signed by Verizon CyberTrust
864 "4c:0e:63:6a", "Digisign Server ID - (Enrich)", // (Malaysian) Digicert Sdn. Bhd. cross-signed by Entrust
865 "72:03:21:05:c5:0c:08:57:3d:8e:a5:30:4e:fe:e8:b0", "UTN-USERFirst-Hardware", // comodogate test certificate
866 "41", "MD5 Collisions Inc. (http://www.phreedom.org/md5)", // http://www.phreedom.org/research/rogue-ca/
867
868 "08:27", "*.EGO.GOV.TR", // Turktrust mis-issued intermediate certificate
869 "08:64", "e-islem.kktcmerkezbankasi.org", // Turktrust mis-issued intermediate certificate
870
871 "03:1d:a7", "AC DG Tr\xC3\xA9sor SSL", // intermediate certificate linking back to ANSSI French National Security Agency
872 "27:83", "NIC Certifying Authority", // intermediate certificate from NIC India (2007)
873 "27:92", "NIC CA 2011", // intermediate certificate from NIC India (2011)
874 "27:b1", "NIC CA 2014", // intermediate certificate from NIC India (2014)
875 nullptr
876};
877
878bool QSslCertificatePrivate::isBlacklisted(const QSslCertificate &certificate)
879{
880 for (int a = 0; certificate_blacklist[a] != nullptr; a++) {
881 QString blacklistedCommonName = QString::fromUtf8(certificate_blacklist[(a+1)]);
882 if (certificate.serialNumber() == certificate_blacklist[a++] &&
883 (certificate.subjectInfo(QSslCertificate::CommonName).contains(blacklistedCommonName) ||
884 certificate.issuerInfo(QSslCertificate::CommonName).contains(blacklistedCommonName)))
885 return true;
886 }
887 return false;
888}
889
890QByteArray QSslCertificatePrivate::subjectInfoToString(QSslCertificate::SubjectInfo info)
891{
892 QByteArray str;
893 switch (info) {
894 case QSslCertificate::Organization: str = QByteArray("O"); break;
895 case QSslCertificate::CommonName: str = QByteArray("CN"); break;
896 case QSslCertificate::LocalityName: str = QByteArray("L"); break;
897 case QSslCertificate::OrganizationalUnitName: str = QByteArray("OU"); break;
898 case QSslCertificate::CountryName: str = QByteArray("C"); break;
899 case QSslCertificate::StateOrProvinceName: str = QByteArray("ST"); break;
900 case QSslCertificate::DistinguishedNameQualifier: str = QByteArray("dnQualifier"); break;
901 case QSslCertificate::SerialNumber: str = QByteArray("serialNumber"); break;
902 case QSslCertificate::EmailAddress: str = QByteArray("emailAddress"); break;
903 }
904 return str;
905}
906
916QString QSslCertificate::issuerDisplayName() const
917{
918 QStringList names;
919 names = issuerInfo(QSslCertificate::CommonName);
920 if (!names.isEmpty())
921 return names.first();
922 names = issuerInfo(QSslCertificate::Organization);
923 if (!names.isEmpty())
924 return names.first();
925 names = issuerInfo(QSslCertificate::OrganizationalUnitName);
926 if (!names.isEmpty())
927 return names.first();
928
929 return QString();
930}
931
941QString QSslCertificate::subjectDisplayName() const
942{
943 QStringList names;
944 names = subjectInfo(QSslCertificate::CommonName);
945 if (!names.isEmpty())
946 return names.first();
947 names = subjectInfo(QSslCertificate::Organization);
948 if (!names.isEmpty())
949 return names.first();
950 names = subjectInfo(QSslCertificate::OrganizationalUnitName);
951 if (!names.isEmpty())
952 return names.first();
953
954 return QString();
955}
956
962size_t qHash(const QSslCertificate &key, size_t seed) noexcept
963{
964 if (const auto *backend = key.d->backend.get())
965 return backend->hash(seed);
966
967 return seed;
968
969}
970
971#ifndef QT_NO_DEBUG_STREAM
972QDebug operator<<(QDebug debug, const QSslCertificate &certificate)
973{
974 QDebugStateSaver saver(debug);
975 debug.resetFormat().nospace();
976 debug << "QSslCertificate("
977 << "Version=" << certificate.version()
978 << ", SerialNumber=" << certificate.serialNumber()
979 << ", Digest=" << certificate.digest().toBase64()
980 << ", Issuer=" << certificate.issuerDisplayName()
981 << ", Subject=" << certificate.subjectDisplayName()
982 << ", AlternativeSubjectNames=" << certificate.subjectAlternativeNames()
983#if QT_CONFIG(datestring)
984 << ", EffectiveDate=" << certificate.effectiveDate()
985 << ", ExpiryDate=" << certificate.expiryDate()
986#endif
987 << ')';
988 return debug;
989}
990QDebug operator<<(QDebug debug, QSslCertificate::SubjectInfo info)
991{
992 switch (info) {
993 case QSslCertificate::Organization: debug << "Organization"; break;
994 case QSslCertificate::CommonName: debug << "CommonName"; break;
995 case QSslCertificate::CountryName: debug << "CountryName"; break;
996 case QSslCertificate::LocalityName: debug << "LocalityName"; break;
997 case QSslCertificate::OrganizationalUnitName: debug << "OrganizationalUnitName"; break;
998 case QSslCertificate::StateOrProvinceName: debug << "StateOrProvinceName"; break;
999 case QSslCertificate::DistinguishedNameQualifier: debug << "DistinguishedNameQualifier"; break;
1000 case QSslCertificate::SerialNumber: debug << "SerialNumber"; break;
1001 case QSslCertificate::EmailAddress: debug << "EmailAddress"; break;
1002 }
1003 return debug;
1004}
1005#endif
1006
1007QT_END_NAMESPACE
device
IOBluetoothDevice * device
Definition btl2capchannel.mm:17
QByteArray
\inmodule QtCore
Definition qbytearray.h:57
QByteArray::toBase64
QByteArray toBase64(Base64Options options=Base64Encoding) const
Definition qbytearray.cpp:4113
QCryptographicHash::hash
static QByteArray hash(QByteArrayView data, Algorithm method)
Returns the hash of data using method.
Definition qcryptographichash.cpp:1121
QDateTime
\inmodule QtCore\reentrant
Definition qdatetime.h:257
QDebugStateSaver
\inmodule QtCore
QDebug
\inmodule QtCore
QDirIterator
The QDirIterator class provides an iterator for directory entrylists.
Definition qdiriterator.h:13
QDir::fromNativeSeparators
static QString fromNativeSeparators(const QString &pathName)
Definition qdir.cpp:962
QDir::Files
@ Files
Definition qdir.h:22
QFileInfo
\inmodule QtCore \reentrant
Definition qfileinfo.h:22
QFile
\inmodule QtCore
Definition qfile.h:93
QFile::open
bool open(OpenMode flags) override
Opens the file using OpenMode mode, returning true if successful; otherwise false.
Definition qfile.cpp:881
QHash::qHash
size_t qHash(const QSslCertificate &key, size_t seed) noexcept
Returns the hash value for the key, using seed to seed the calculation.
Definition qsslcertificate.cpp:962
QIODevice
\inmodule QtCore \reentrant
Definition qiodevice.h:34
QIODevice::readAll
QByteArray readAll()
Reads all remaining data from the device, and returns it as a byte array.
Definition qiodevice.cpp:1226
QList
Definition qlist.h:74
QRegularExpression
\inmodule QtCore \reentrant
Definition qregularexpression.h:31
QRegularExpression::anchoredPattern
static QString anchoredPattern(const QString &expression)
Definition qregularexpression.h:149
QRegularExpression::wildcardToRegularExpression
static QString wildcardToRegularExpression(const QString &str, WildcardConversionOptions options=DefaultWildcardConversion)
Definition qregularexpression.h:144
QSslCertificateExtension
The QSslCertificateExtension class provides an API for accessing the extensions of an X509 certificat...
Definition qsslcertificateextension.h:18
QSslCertificatePrivate::subjectInfoToString
static Q_NETWORK_PRIVATE_EXPORT QByteArray subjectInfoToString(QSslCertificate::SubjectInfo info)
Definition qsslcertificate.cpp:890
QSslCertificatePrivate::backend
std::unique_ptr< QTlsPrivate::X509Certificate > backend
Definition qsslcertificate_p.h:42
QSslCertificatePrivate::extensions
QList< QSslCertificateExtension > extensions() const
Definition qsslcertificate.cpp:808
QSslCertificatePrivate::isBlacklisted
static Q_NETWORK_PRIVATE_EXPORT bool isBlacklisted(const QSslCertificate &certificate)
Definition qsslcertificate.cpp:878
QSslCertificate
The QSslCertificate class provides a convenient API for an X509 certificate.
Definition qsslcertificate.h:35
QSslCertificate::QSslCertificate
QSslCertificate(QIODevice *device, QSsl::EncodingFormat format=QSsl::Pem)
Constructs a QSslCertificate by reading format encoded data from device and using the first certifica...
Definition qsslcertificate.cpp:143
QSslCertificate::~QSslCertificate
~QSslCertificate()
Destroys the QSslCertificate.
Definition qsslcertificate.cpp:204
QSslCertificate::issuerInfoAttributes
QList< QByteArray > issuerInfoAttributes() const
Definition qsslcertificate.cpp:450
QSslCertificate::subjectInfo
QStringList subjectInfo(SubjectInfo info) const
Returns the information for the subject, or an empty list if there is no information for subject in t...
Definition qsslcertificate.cpp:393
QSslCertificate::fromDevice
static QList< QSslCertificate > fromDevice(QIODevice *device, QSsl::EncodingFormat format=QSsl::Pem)
Searches for and parses all certificates in device that are encoded in the specified format and retur...
Definition qsslcertificate.cpp:710
QSslCertificate::isSelfSigned
bool isSelfSigned() const
Definition qsslcertificate.cpp:293
QSslCertificate::subjectAlternativeNames
QMultiMap< QSsl::AlternativeNameEntryType, QString > subjectAlternativeNames() const
Returns the list of alternative subject names for this certificate.
Definition qsslcertificate.cpp:473
QSslCertificate::fromData
static QList< QSslCertificate > fromData(const QByteArray &data, QSsl::EncodingFormat format=QSsl::Pem)
Searches for and parses all certificates in data that are encoded in the specified format and returns...
Definition qsslcertificate.cpp:726
QSslCertificate::issuerDisplayName
QString issuerDisplayName() const
Definition qsslcertificate.cpp:916
QSslCertificate::operator=
QSslCertificate & operator=(QSslCertificate &&other) noexcept
Definition qsslcertificate.h:60
QSslCertificate::digest
QByteArray digest(QCryptographicHash::Algorithm algorithm=QCryptographicHash::Md5) const
Returns a cryptographic digest of this certificate.
Definition qsslcertificate.cpp:344
QSslCertificate::operator==
bool operator==(const QSslCertificate &other) const
Returns true if this certificate is the same as other; otherwise returns false.
Definition qsslcertificate.cpp:233
QSslCertificate::expiryDate
QDateTime expiryDate() const
Returns the date-time that the certificate expires, or an empty QDateTime if this is a null certifica...
Definition qsslcertificate.cpp:505
QSslCertificate::verify
static QList< QSslError > verify(const QList< QSslCertificate > &certificateChain, const QString &hostName=QString())
Verifies a certificate chain.
Definition qsslcertificate.cpp:758
QSslCertificate::publicKey
QSslKey publicKey() const
Returns the certificate subject's public key.
Definition qsslcertificate.cpp:538
QSslCertificate::version
QByteArray version() const
Returns the certificate's version string.
Definition qsslcertificate.cpp:318
QSslCertificate::fromPath
static QList< QSslCertificate > fromPath(const QString &path, QSsl::EncodingFormat format=QSsl::Pem, PatternSyntax syntax=PatternSyntax::FixedString)
Definition qsslcertificate.cpp:617
QSslCertificate::effectiveDate
QDateTime effectiveDate() const
Returns the date-time that the certificate becomes valid, or an empty QDateTime if this is a null cer...
Definition qsslcertificate.cpp:489
QSslCertificate::issuerInfo
QStringList issuerInfo(SubjectInfo info) const
Returns the issuer information for the subject from the certificate, or an empty list if there is no ...
Definition qsslcertificate.cpp:359
QSslCertificate::subjectDisplayName
QString subjectDisplayName() const
Definition qsslcertificate.cpp:941
QSslCertificate::SubjectInfo
SubjectInfo
Describes keys that you can pass to QSslCertificate::issuerInfo() or QSslCertificate::subjectInfo() t...
Definition qsslcertificate.h:37
QSslCertificate::toDer
QByteArray toDer() const
Returns this certificate converted to a DER (binary) encoded representation.
Definition qsslcertificate.cpp:580
QSslCertificate::handle
Qt::HANDLE handle() const
Returns a pointer to the native certificate handle, if there is one, else \nullptr.
Definition qsslcertificate.cpp:525
QSslCertificate::extensions
QList< QSslCertificateExtension > extensions() const
Returns a list containing the X509 extensions of this certificate.
Definition qsslcertificate.cpp:555
QSslCertificate::subjectInfoAttributes
QList< QByteArray > subjectInfoAttributes() const
Definition qsslcertificate.cpp:430
QSslCertificate::isNull
bool isNull() const
Returns true if this is a null certificate (i.e., a certificate with no contents); otherwise returns ...
Definition qsslcertificate.cpp:264
QSslCertificate::isBlacklisted
bool isBlacklisted() const
Returns true if this certificate is blacklisted; otherwise returns false.
Definition qsslcertificate.cpp:278
QSslCertificate::serialNumber
QByteArray serialNumber() const
Returns the certificate's serial number string in hexadecimal format.
Definition qsslcertificate.cpp:331
QSslCertificate::clear
void clear()
Clears the contents of this certificate, making it a null certificate.
Definition qsslcertificate.cpp:307
QSslCertificate::toText
QString toText() const
Returns this certificate converted to a human-readable text representation.
Definition qsslcertificate.cpp:596
QSslCertificate::toPem
QByteArray toPem() const
Returns this certificate converted to a PEM (Base64) encoded representation.
Definition qsslcertificate.cpp:566
QSslCertificate::importPkcs12
static bool importPkcs12(QIODevice *device, QSslKey *key, QSslCertificate *cert, QList< QSslCertificate > *caCertificates=nullptr, const QByteArray &passPhrase=QByteArray())
Definition qsslcertificate.cpp:785
QSslKey
The QSslKey class provides an interface for private and public keys.
Definition qsslkey.h:23
QSslSocketPrivate::ensureInitialized
static void ensureInitialized()
Definition qsslsocket.cpp:2016
QStringList
\inmodule QtCore
QString
\macro QT_RESTRICTED_CAST_FROM_ASCII
Definition qstring.h:127
QString::lastIndexOf
qsizetype lastIndexOf(QChar c, Qt::CaseSensitivity cs=Qt::CaseSensitive) const noexcept
Definition qstring.h:279
QString::clear
void clear()
Clears the contents of the string and makes it null.
Definition qstring.h:1107
QString::fromUtf8
static QString fromUtf8(QByteArrayView utf8)
This is an overloaded member function, provided for convenience. It differs from the above function o...
Definition qstring.cpp:5857
QString::isEmpty
bool isEmpty() const
Returns true if the string has no characters; otherwise returns false.
Definition qstring.h:1083
QString::left
QString left(qsizetype n) const
Returns a substring that contains the n leftmost characters of the string.
Definition qstring.cpp:5161
QString::indexOf
static QString static QString qsizetype indexOf(QChar c, qsizetype from=0, Qt::CaseSensitivity cs=Qt::CaseSensitive) const
Definition qstring.cpp:4420
QTlsBackend
QTlsBackend is a factory class, providing implementations for the QSsl classes.
Definition qtlsbackend_p.h:266
QTlsBackend::resetBackend
static void resetBackend(QSslKey &key, QTlsPrivate::TlsKey *keyBackend)
Definition qtlsbackend.cpp:706
QTlsBackend::createCertificate
virtual QTlsPrivate::X509Certificate * createCertificate() const
Definition qtlsbackend.cpp:298
QTlsBackend::activeOrAnyBackend
static QTlsBackend * activeOrAnyBackend()
Definition qtlsbackend.cpp:632
str
QString str
[2]
Definition doc_src_containers.cpp:175
i
i
[1]
Definition doc_src_containers.cpp:167
it
QSet< QString >::iterator it
Definition doc_src_qset.cpp:85
QSsl::EncodingFormat
EncodingFormat
Describes supported encoding formats for certificates and keys.
Definition qssl.h:24
QSsl::Pem
@ Pem
Definition qssl.h:25
QT_BEGIN_NAMESPACE
Combined button and popup list for selecting options.
Definition qstandardpaths_haiku.cpp:21
QT_END_NAMESPACE
Definition qsharedpointer.cpp:1545
Qt::HANDLE
void * HANDLE
Definition qnamespace.h:1535
attribute
EGLOutputLayerEXT EGLint attribute
Definition qeglstreamconvenience_p.h:46
qWarning
#define qWarning
Definition qlogging.h:162
qCWarning
#define qCWarning(category,...)
Definition qloggingcategory.h:125
QT_IMPL_METATYPE_EXTERN
#define QT_IMPL_METATYPE_EXTERN(TYPE)
Definition qmetatype.h:1369
key
GLuint64 key
Definition qopengles2ext.h:2268
a
GLboolean GLboolean GLboolean GLboolean a
[7]
Definition qopengles2ext.h:337
data
GLint GLsizei GLsizei GLenum GLenum GLsizei void * data
Definition qopengles2ext.h:206
format
GLint GLsizei GLsizei GLenum format
Definition qopengles2ext.h:206
names
GLuint GLuint * names
Definition qopenglext.h:5654
path
GLsizei const GLchar *const * path
Definition qopenglext.h:4283
result
GLuint64EXT * result
[6]
Definition qopenglext.h:10932
pattern
GLubyte * pattern
Definition qopenglext.h:2744
seed
static Q_CONSTINIT QBasicAtomicInteger< unsigned > seed
Definition qrandom.cpp:196
qssl_p.h
operator<<
QDebug operator<<(QDebug debug, const QSslCertificate &certificate)
Definition qsslcertificate.cpp:972
certificate_blacklist
static const char *const certificate_blacklist[]
Definition qsslcertificate.cpp:830
qsslcertificate_p.h
qsslcertificateextension_p.h
qsslkey_p.h
qsslsocket_p.h
qsizetype
ptrdiff_t qsizetype
Definition qtypes.h:70
file
QFile file
[0]
Definition src_corelib_io_qfile.cpp:5
ext
QString ext
Definition src_corelib_io_qfileinfo.cpp:83
info
QFileInfo info(fileName)
[8]
Definition src_network_kernel_qhostinfo.cpp:44
pos
pos
[7]
Definition src_corelib_io_qsettings.cpp:57
d
double d
Definition src_corelib_text_qlocale.cpp:9
other
QSharedPointer< T > other(t)
[5]
certs
const auto certs
[1]
Definition src_network_ssl_qsslcertificate.cpp:5