d9/d14/qsslcertificate_8cpp_source.html

// Copyright (C) 2016 The Qt Company Ltd.

// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only


#include <QtNetwork/qtnetworkglobal.h>


#if QT_CONFIG(regularexpression)

#include "qregularexpression.h"

#endif


#include "qsslcertificateextension_p.h"

#include "qsslcertificate_p.h"

#include "qsslcertificate.h"

#include "qssl_p.h"


#ifndef QT_NO_SSL

#include "qsslsocket_p.h"

#include "qsslkey_p.h"

#endif


#include <QtCore/qdir.h>

#include <QtCore/qdirlisting.h>

#include <QtCore/qfile.h>


QT_BEGIN_NAMESPACE


using namespace Qt::StringLiterals;


QT_IMPL_METATYPE_EXTERN(QSslCertificate)


QSslCertificatePrivate::QSslCertificatePrivate()

{

#ifndef QT_NO_SSL

    QSslSocketPrivate::ensureInitialized();

#endif


    const QTlsBackend *tlsBackend = QTlsBackend::activeOrAnyBackend();

    if (tlsBackend)

        backend.reset(tlsBackend->createCertificate());

    else

        qCWarning(lcSsl, "No TLS backend is available");

}


QSslCertificatePrivate::~QSslCertificatePrivate() = default;


QSslCertificate::QSslCertificate(QIODevice *device, QSsl::EncodingFormat format)

    : d(new QSslCertificatePrivate)

{

    if (device) {

        const auto data = device->readAll();

        if (data.isEmpty())

            return;


        const auto *tlsBackend = QTlsBackend::activeOrAnyBackend();

        if (!tlsBackend)

            return;


        auto *X509Reader = format == QSsl::Pem ? tlsBackend->X509PemReader() : tlsBackend->X509DerReader();

        if (!X509Reader) {

            qCWarning(lcSsl, "Current TLS plugin does not support reading from PEM/DER");

            return;

        }


        QList<QSslCertificate> certs = X509Reader(data, 1);

        if (!certs.isEmpty())

            d = certs.first().d;

    }

}


QSslCertificate::QSslCertificate(const QByteArray &data, QSsl::EncodingFormat format)

    : d(new QSslCertificatePrivate)

{

    if (data.isEmpty())

        return;


    const auto *tlsBackend = QTlsBackend::activeOrAnyBackend();

    if (!tlsBackend)

        return;


    auto *X509Reader = format == QSsl::Pem ? tlsBackend->X509PemReader() : tlsBackend->X509DerReader();

    if (!X509Reader) {

        qCWarning(lcSsl, "Current TLS plugin does not support reading from PEM/DER");

        return;

    }


    const QList<QSslCertificate> certs = X509Reader(data, 1);

    if (!certs.isEmpty())

        d = certs.first().d;

}


QSslCertificate::QSslCertificate(const QSslCertificate &other) : d(other.d)

{

}


QSslCertificate::~QSslCertificate()

{

}


QSslCertificate &QSslCertificate::operator=(const QSslCertificate &other)

{

    d = other.d;

    return *this;

}


bool QSslCertificate::operator==(const QSslCertificate &other) const

{

    if (d == other.d)

        return true;


    if (isNull() && other.isNull())

        return true;


    if (d->backend.get() && other.d->backend.get())

        return d->backend->isEqual(*other.d->backend.get());


    return false;

}


bool QSslCertificate::isNull() const

{

    if (const auto *backend = d->backend.get())

        return backend->isNull();


    return true;

}


bool QSslCertificate::isBlacklisted() const

{

    return QSslCertificatePrivate::isBlacklisted(*this);

}


bool QSslCertificate::isSelfSigned() const

{

    if (const auto *backend = d->backend.get())

        return backend->isSelfSigned();


    return false;

}


void QSslCertificate::clear()

{

    if (isNull())

        return;

    d = new QSslCertificatePrivate;

}


QByteArray QSslCertificate::version() const

{

    if (const auto *backend = d->backend.get())

        return backend->version();


    return {};

}


QByteArray QSslCertificate::serialNumber() const

{

    if (const auto *backend = d->backend.get())

        return backend->serialNumber();


    return {};

}


QByteArray QSslCertificate::digest(QCryptographicHash::Algorithm algorithm) const

{

    return QCryptographicHash::hash(toDer(), algorithm);

}


QStringList QSslCertificate::issuerInfo(SubjectInfo info) const

{

    if (const auto *backend = d->backend.get())

        return backend->issuerInfo(info);


    return {};

}


QStringList QSslCertificate::issuerInfo(const QByteArray &attribute) const

{

    if (const auto *backend = d->backend.get())

        return backend->issuerInfo(attribute);


    return {};

}


QStringList QSslCertificate::subjectInfo(SubjectInfo info) const

{

    if (const auto *backend = d->backend.get())

        return backend->subjectInfo(info);


    return {};

}


QStringList QSslCertificate::subjectInfo(const QByteArray &attribute) const

{

    if (const auto *backend = d->backend.get())

        return backend->subjectInfo(attribute);


    return {};

}


QList<QByteArray> QSslCertificate::subjectInfoAttributes() const

{

    if (const auto *backend = d->backend.get())

        return backend->subjectInfoAttributes();


    return {};

}


QList<QByteArray> QSslCertificate::issuerInfoAttributes() const

{

    if (const auto *backend = d->backend.get())

        return backend->issuerInfoAttributes();


    return {};

}


QMultiMap<QSsl::AlternativeNameEntryType, QString> QSslCertificate::subjectAlternativeNames() const

{

    if (const auto *backend = d->backend.get())

        return backend->subjectAlternativeNames();


    return {};

}


QDateTime QSslCertificate::effectiveDate() const

{

    if (const auto *backend = d->backend.get())

        return backend->effectiveDate();


    return {};

}


QDateTime QSslCertificate::expiryDate() const

{

    if (const auto *backend = d->backend.get())

        return backend->expiryDate();


    return {};

}


Qt::HANDLE QSslCertificate::handle() const

{

    if (const auto *backend = d->backend.get())

        return backend->handle();


    return {};

}


#ifndef QT_NO_SSL


QSslKey QSslCertificate::publicKey() const

{

    QSslKey key;

    if (const auto *backend = d->backend.get())

        QTlsBackend::resetBackend(key, backend->publicKey());


    return key;

}


#endif // QT_NO_SSL


QList<QSslCertificateExtension> QSslCertificate::extensions() const

{

    return d->extensions();

}


QByteArray QSslCertificate::toPem() const

{

    if (const auto *backend = d->backend.get())

        return backend->toPem();


    return {};

}


QByteArray QSslCertificate::toDer() const

{

    if (const auto *backend = d->backend.get())

        return backend->toDer();


    return {};

}


QString QSslCertificate::toText() const

{

    if (const auto *backend = d->backend.get())

        return backend->toText();


    return {};

}


QList<QSslCertificate> QSslCertificate::fromPath(const QString &path,

                                                 QSsl::EncodingFormat format,

                                                 PatternSyntax syntax)

{

    // $, (,), *, +, ., ?, [, ,], ^, {, | and }.


    // make sure to use the same path separators on Windows and Unix like systems.

    QString sourcePath = QDir::fromNativeSeparators(path);


    // Find the path without the filename

    QStringView pathPrefix = QStringView(sourcePath).left(sourcePath.lastIndexOf(u'/'));


    // Check if the path contains any special chars

    int pos = -1;


#if QT_CONFIG(regularexpression)

    if (syntax == PatternSyntax::Wildcard)

        pos = pathPrefix.indexOf(QRegularExpression("[*?[]"_L1));

    else if (syntax == PatternSyntax::RegularExpression)

        pos = sourcePath.indexOf(QRegularExpression("[\\$\\(\\)\\*\\+\\.\\?\\[\\]\\^\\{\\}\\|]"_L1));

#else

    if (syntax == PatternSyntax::Wildcard || syntax == PatternSyntax::RegExp)

        qWarning("Regular expression support is disabled in this build. Only fixed string can be searched");

        return QList<QSslCertificate>();

#endif


    if (pos != -1) {

        // there was a special char in the path so cut of the part containing that char.

        pathPrefix = pathPrefix.left(pos);

        const qsizetype lastIndexOfSlash = pathPrefix.lastIndexOf(u'/');

        if (lastIndexOfSlash != -1)

            pathPrefix = pathPrefix.left(lastIndexOfSlash);

        else

            pathPrefix = {};

    } else {

        // Check if the path is a file.

        if (QFileInfo(sourcePath).isFile()) {

            QFile file(sourcePath);

            QIODevice::OpenMode openMode = QIODevice::ReadOnly;

            if (format == QSsl::Pem)

                openMode |= QIODevice::Text;

            if (file.open(openMode))

                return QSslCertificate::fromData(file.readAll(), format);

            return QList<QSslCertificate>();

        }

    }


    // Special case - if the prefix ends up being nothing, use "." instead.

    int startIndex = 0;

    if (pathPrefix.isEmpty()) {

        pathPrefix = u".";

        startIndex = 2;

    }


    const QString pathPrefixString = pathPrefix.toString();


    // The path can be a file or directory.

    QList<QSslCertificate> certs;


#if QT_CONFIG(regularexpression)

    if (syntax == PatternSyntax::Wildcard)

        sourcePath = QRegularExpression::wildcardToRegularExpression(sourcePath, QRegularExpression::UnanchoredWildcardConversion);


    QRegularExpression pattern(QRegularExpression::anchoredPattern(sourcePath));

#endif


    using F = QDirListing::IteratorFlag;

    constexpr auto iterFlags = F::FollowSymlinks | F::Recursive;

    for (const auto &dirEntry : QDirListing(pathPrefixString, QDir::Files, iterFlags)) {

        QString filePath = dirEntry.filePath();

        if (startIndex > 0)

            filePath.remove(0, startIndex);


#if QT_CONFIG(regularexpression)

        if (!pattern.match(filePath).hasMatch())

            continue;

#else

        if (sourcePath != filePath)

            continue;

#endif


        QFile file(filePath);

        QIODevice::OpenMode openMode = QIODevice::ReadOnly;

        if (format == QSsl::Pem)

            openMode |= QIODevice::Text;

        if (file.open(openMode))

            certs += QSslCertificate::fromData(file.readAll(), format);

    }

    return certs;

}


QList<QSslCertificate> QSslCertificate::fromDevice(QIODevice *device, QSsl::EncodingFormat format)

{

    if (!device) {

        qCWarning(lcSsl, "QSslCertificate::fromDevice: cannot read from a null device");

        return QList<QSslCertificate>();

    }

    return fromData(device->readAll(), format);

}


QList<QSslCertificate> QSslCertificate::fromData(const QByteArray &data, QSsl::EncodingFormat format)

{

    const auto *tlsBackend = QTlsBackend::activeOrAnyBackend();

    if (!tlsBackend) {

        qCWarning(lcSsl, "No TLS backend is available");

        return {};

    }


    auto reader = format == QSsl::Pem ? tlsBackend->X509PemReader() : tlsBackend->X509DerReader();

    if (!reader) {

        qCWarning(lcSsl, "The available TLS backend does not support reading PEM/DER");

        return {};

    }


    return reader(data, -1);

}


#ifndef QT_NO_SSL


QList<QSslError> QSslCertificate::verify(const QList<QSslCertificate> &certificateChain, const QString &hostName)

{

    const auto *tlsBackend = QTlsBackend::activeOrAnyBackend();

    if (!tlsBackend) {

        qCWarning(lcSsl, "No TLS backend is available");

        return {};

    }

    auto verifyPtr = tlsBackend->X509Verifier();

    if (!verifyPtr) {

        qCWarning(lcSsl, "Available TLS backend does not support manual certificate verification");

        return {};

    }

    return verifyPtr(certificateChain, hostName);

}


bool QSslCertificate::importPkcs12(QIODevice *device,

                                   QSslKey *key, QSslCertificate *certificate,

                                   QList<QSslCertificate> *caCertificates,

                                   const QByteArray &passPhrase)

{

    if (!device || !key || !certificate)

        return false;


    const auto *tlsBackend = QTlsBackend::activeOrAnyBackend();

    if (!tlsBackend) {

        qCWarning(lcSsl, "No TLS backend is available");

        return false;

    }


    if (auto reader = tlsBackend->X509Pkcs12Reader())

        return reader(device, key, certificate, caCertificates, passPhrase);


    qCWarning(lcSsl, "Available TLS backend does not support PKCS12");


    return false;

}


#endif // QT_NO_SSL


QList<QSslCertificateExtension> QSslCertificatePrivate::extensions() const

{

    QList<QSslCertificateExtension> result;


    if (backend.get()) {

        auto nExt = backend->numberOfExtensions();

        for (decltype (nExt) i = 0; i < nExt; ++i) {

            QSslCertificateExtension ext;

            ext.d->oid = backend->oidForExtension(i);

            ext.d->name = backend->nameForExtension(i);

            ext.d->value = backend->valueForExtension(i);

            ext.d->critical = backend->isExtensionCritical(i);

            ext.d->supported = backend->isExtensionSupported(i);

            result << ext;

        }

    }


    return result;

}


// These certificates are known to be fraudulent and were created during the comodo

// compromise. See http://www.comodo.com/Comodo-Fraud-Incident-2011-03-23.html


static const char *const certificate_blacklist[] = {

    "04:7e:cb:e9:fc:a5:5f:7b:d0:9e:ae:36:e1:0c:ae:1e", "mail.google.com", // Comodo

    "f5:c8:6a:f3:61:62:f1:3a:64:f5:4f:6d:c9:58:7c:06", "www.google.com", // Comodo

    "d7:55:8f:da:f5:f1:10:5b:b2:13:28:2b:70:77:29:a3", "login.yahoo.com", // Comodo

    "39:2a:43:4f:0e:07:df:1f:8a:a3:05:de:34:e0:c2:29", "login.yahoo.com", // Comodo

    "3e:75:ce:d4:6b:69:30:21:21:88:30:ae:86:a8:2a:71", "login.yahoo.com", // Comodo

    "e9:02:8b:95:78:e4:15:dc:1a:71:0a:2b:88:15:44:47", "login.skype.com", // Comodo

    "92:39:d5:34:8f:40:d1:69:5a:74:54:70:e1:f2:3f:43", "addons.mozilla.org", // Comodo

    "b0:b7:13:3e:d0:96:f9:b5:6f:ae:91:c8:74:bd:3a:c0", "login.live.com", // Comodo

    "d8:f3:5f:4e:b7:87:2b:2d:ab:06:92:e3:15:38:2f:b0", "global trustee", // Comodo


    "05:e2:e6:a4:cd:09:ea:54:d6:65:b0:75:fe:22:a2:56", "*.google.com", // leaf certificate issued by DigiNotar

    "0c:76:da:9c:91:0c:4e:2c:9e:fe:15:d0:58:93:3c:4c", "DigiNotar Root CA", // DigiNotar root

    "f1:4a:13:f4:87:2b:56:dc:39:df:84:ca:7a:a1:06:49", "DigiNotar Services CA", // DigiNotar intermediate signed by DigiNotar Root

    "36:16:71:55:43:42:1b:9d:e6:cb:a3:64:41:df:24:38", "DigiNotar Services 1024 CA", // DigiNotar intermediate signed by DigiNotar Root

    "0a:82:bd:1e:14:4e:88:14:d7:5b:1a:55:27:be:bf:3e", "DigiNotar Root CA G2", // other DigiNotar Root CA

    "a4:b6:ce:e3:2e:d3:35:46:26:3c:b3:55:3a:a8:92:21", "CertiID Enterprise Certificate Authority", // DigiNotar intermediate signed by "DigiNotar Root CA G2"

    "5b:d5:60:9c:64:17:68:cf:21:0e:35:fd:fb:05:ad:41", "DigiNotar Qualified CA", // DigiNotar intermediate signed by DigiNotar Root


    "46:9c:2c:b0",                                     "DigiNotar Services 1024 CA", // DigiNotar intermediate cross-signed by Entrust

    "07:27:10:0d",                                     "DigiNotar Cyber CA", // DigiNotar intermediate cross-signed by CyberTrust

    "07:27:0f:f9",                                     "DigiNotar Cyber CA", // DigiNotar intermediate cross-signed by CyberTrust

    "07:27:10:03",                                     "DigiNotar Cyber CA", // DigiNotar intermediate cross-signed by CyberTrust

    "01:31:69:b0",                                     "DigiNotar PKIoverheid CA Overheid en Bedrijven", // DigiNotar intermediate cross-signed by the Dutch government

    "01:31:34:bf",                                     "DigiNotar PKIoverheid CA Organisatie - G2", // DigiNotar intermediate cross-signed by the Dutch government

    "d6:d0:29:77:f1:49:fd:1a:83:f2:b9:ea:94:8c:5c:b4", "DigiNotar Extended Validation CA", // DigiNotar intermediate signed by DigiNotar EV Root

    "1e:7d:7a:53:3d:45:30:41:96:40:0f:71:48:1f:45:04", "DigiNotar Public CA 2025", // DigiNotar intermediate

//    "(has not been seen in the wild so far)", "DigiNotar Public CA - G2", // DigiNotar intermediate

//    "(has not been seen in the wild so far)", "Koninklijke Notariele Beroepsorganisatie CA", // compromised during DigiNotar breach

//    "(has not been seen in the wild so far)", "Stichting TTP Infos CA," // compromised during DigiNotar breach

    "46:9c:2c:af",                                     "DigiNotar Root CA", // DigiNotar intermediate cross-signed by Entrust

    "46:9c:3c:c9",                                     "DigiNotar Root CA", // DigiNotar intermediate cross-signed by Entrust


    "07:27:14:a9",                                     "Digisign Server ID (Enrich)", // (Malaysian) Digicert Sdn. Bhd. cross-signed by Verizon CyberTrust

    "4c:0e:63:6a",                                     "Digisign Server ID - (Enrich)", // (Malaysian) Digicert Sdn. Bhd. cross-signed by Entrust

    "72:03:21:05:c5:0c:08:57:3d:8e:a5:30:4e:fe:e8:b0", "UTN-USERFirst-Hardware", // comodogate test certificate

    "41",                                              "MD5 Collisions Inc. (http://www.phreedom.org/md5)", // http://www.phreedom.org/research/rogue-ca/


    "08:27",                                           "*.EGO.GOV.TR", // Turktrust mis-issued intermediate certificate

    "08:64",                                           "e-islem.kktcmerkezbankasi.org", // Turktrust mis-issued intermediate certificate


    "03:1d:a7",                                        "AC DG Tr\xC3\xA9sor SSL", // intermediate certificate linking back to ANSSI French National Security Agency

    "27:83",                                           "NIC Certifying Authority", // intermediate certificate from NIC India (2007)

    "27:92",                                           "NIC CA 2011", // intermediate certificate from NIC India (2011)

    "27:b1",                                           "NIC CA 2014", // intermediate certificate from NIC India (2014)

    nullptr

};


bool QSslCertificatePrivate::isBlacklisted(const QSslCertificate &certificate)

{

    for (int a = 0; certificate_blacklist[a] != nullptr; a++) {

        auto blacklistedCommonName = QAnyStringView(QUtf8StringView(certificate_blacklist[(a+1)]));

        if (certificate.serialNumber() == certificate_blacklist[a++] &&

            (certificate.subjectInfo(QSslCertificate::CommonName).contains(blacklistedCommonName) ||

             certificate.issuerInfo(QSslCertificate::CommonName).contains(blacklistedCommonName)))

            return true;

    }

    return false;

}


QByteArray QSslCertificatePrivate::subjectInfoToString(QSslCertificate::SubjectInfo info)

{

    switch (info) {

    case QSslCertificate::Organization: return "O"_ba;

    case QSslCertificate::CommonName: return "CN"_ba;

    case QSslCertificate::LocalityName: return"L"_ba;

    case QSslCertificate::OrganizationalUnitName: return "OU"_ba;

    case QSslCertificate::CountryName: return "C"_ba;

    case QSslCertificate::StateOrProvinceName: return "ST"_ba;

    case QSslCertificate::DistinguishedNameQualifier: return "dnQualifier"_ba;

    case QSslCertificate::SerialNumber: return "serialNumber"_ba;

    case QSslCertificate::EmailAddress: return "emailAddress"_ba;

    }

    return QByteArray();

}


QString QSslCertificate::issuerDisplayName() const

{

    QStringList names;

    names = issuerInfo(QSslCertificate::CommonName);

    if (!names.isEmpty())

        return names.constFirst();

    names = issuerInfo(QSslCertificate::Organization);

    if (!names.isEmpty())

        return names.constFirst();

    names = issuerInfo(QSslCertificate::OrganizationalUnitName);

    if (!names.isEmpty())

        return names.constFirst();


    return QString();

}


QString QSslCertificate::subjectDisplayName() const

{

    QStringList names;

    names = subjectInfo(QSslCertificate::CommonName);

    if (!names.isEmpty())

        return names.constFirst();

    names = subjectInfo(QSslCertificate::Organization);

    if (!names.isEmpty())

        return names.constFirst();

    names = subjectInfo(QSslCertificate::OrganizationalUnitName);

    if (!names.isEmpty())

        return names.constFirst();


    return QString();

}


size_t qHash(const QSslCertificate &key, size_t seed) noexcept

{

    if (const auto *backend = key.d->backend.get())

        return backend->hash(seed);


    return seed;


}


#ifndef QT_NO_DEBUG_STREAM


QDebug operator<<(QDebug debug, const QSslCertificate &certificate)

{

    QDebugStateSaver saver(debug);

    debug.resetFormat().nospace();

    debug << "QSslCertificate("

          << "Version=" << certificate.version()

          << ", SerialNumber=" << certificate.serialNumber()

          << ", Digest=" << certificate.digest().toBase64()

          << ", Issuer=" << certificate.issuerDisplayName()

          << ", Subject=" << certificate.subjectDisplayName()

          << ", AlternativeSubjectNames=" << certificate.subjectAlternativeNames()

#if QT_CONFIG(datestring)

          << ", EffectiveDate=" << certificate.effectiveDate()

          << ", ExpiryDate=" << certificate.expiryDate()

#endif

          << ')';

    return debug;

}


QDebug operator<<(QDebug debug, QSslCertificate::SubjectInfo info)

{

    switch (info) {

    case QSslCertificate::Organization: debug << "Organization"; break;

    case QSslCertificate::CommonName: debug << "CommonName"; break;

    case QSslCertificate::CountryName: debug << "CountryName"; break;

    case QSslCertificate::LocalityName: debug << "LocalityName"; break;

    case QSslCertificate::OrganizationalUnitName: debug << "OrganizationalUnitName"; break;

    case QSslCertificate::StateOrProvinceName: debug << "StateOrProvinceName"; break;

    case QSslCertificate::DistinguishedNameQualifier: debug << "DistinguishedNameQualifier"; break;

    case QSslCertificate::SerialNumber: debug << "SerialNumber"; break;

    case QSslCertificate::EmailAddress: debug << "EmailAddress"; break;

    }

    return debug;

}


#endif


QT_END_NAMESPACE

device
IOBluetoothDevice * device
Definition btl2capchannel.mm:17

QAnyStringView
\inmodule QtCore
Definition qanystringview.h:33

QByteArray
\inmodule QtCore
Definition qbytearray.h:57

QByteArray::toBase64
QByteArray toBase64(Base64Options options=Base64Encoding) const
Definition qbytearray.cpp:4110

QCryptographicHash::Algorithm
Algorithm
Definition qcryptographichash.h:22

QCryptographicHash::hash
static QByteArray hash(QByteArrayView data, Algorithm method)
Returns the hash of data using method.
Definition qcryptographichash.cpp:1157

QDateTime
\inmodule QtCore\reentrant
Definition qdatetime.h:283

QDebugStateSaver
\inmodule QtCore

QDebug
\inmodule QtCore

QDirListing
The QDirListing class provides an STL-style iterator for directory entries.
Definition qdirlisting.h:18

QDirListing::IteratorFlag
IteratorFlag
This enum class describes flags can be used to configure the behavior of QDirListing.
Definition qdirlisting.h:20

QDir::fromNativeSeparators
static QString fromNativeSeparators(const QString &pathName)
Definition qdir.cpp:962

QDir::Files
@ Files
Definition qdir.h:23

QFileInfo
Definition qfileinfo.h:23

QFile
\inmodule QtCore
Definition qfile.h:93

QFile::open
QFILE_MAYBE_NODISCARD bool open(OpenMode flags) override
Opens the file using OpenMode mode, returning true if successful; otherwise false.
Definition qfile.cpp:904

QHash::qHash
size_t qHash(const QSslCertificate &key, size_t seed) noexcept
Returns the hash value for the key, using seed to seed the calculation.
Definition qsslcertificate.cpp:966

QIODeviceBase::ReadOnly
@ ReadOnly
Definition qiodevicebase.h:18

QIODeviceBase::Text
@ Text
Definition qiodevicebase.h:23

QIODevice
\inmodule QtCore \reentrant
Definition qiodevice.h:34

QIODevice::readAll
QByteArray readAll()
Reads all remaining data from the device, and returns it as a byte array.
Definition qiodevice.cpp:1226

QRegularExpression
\inmodule QtCore \reentrant
Definition qregularexpression.h:31

QRegularExpression::anchoredPattern
static QString anchoredPattern(const QString &expression)
Definition qregularexpression.h:149

QRegularExpression::wildcardToRegularExpression
static QString wildcardToRegularExpression(const QString &str, WildcardConversionOptions options=DefaultWildcardConversion)
Definition qregularexpression.h:144

QRegularExpression::UnanchoredWildcardConversion
@ UnanchoredWildcardConversion
Definition qregularexpression.h:134

QSslCertificateExtensionPrivate::oid
QString oid
Definition qsslcertificateextension_p.h:32

QSslCertificateExtensionPrivate::value
QVariant value
Definition qsslcertificateextension_p.h:34

QSslCertificateExtensionPrivate::critical
bool critical
Definition qsslcertificateextension_p.h:35

QSslCertificateExtensionPrivate::name
QString name
Definition qsslcertificateextension_p.h:33

QSslCertificateExtensionPrivate::supported
bool supported
Definition qsslcertificateextension_p.h:36

QSslCertificateExtension
The QSslCertificateExtension class provides an API for accessing the extensions of an X509 certificat...
Definition qsslcertificateextension.h:18

QSslCertificatePrivate
Definition qsslcertificate_p.h:32

QSslCertificatePrivate::subjectInfoToString
static Q_NETWORK_EXPORT QByteArray subjectInfoToString(QSslCertificate::SubjectInfo info)
Definition qsslcertificate.cpp:895

QSslCertificatePrivate::backend
std::unique_ptr< QTlsPrivate::X509Certificate > backend
Definition qsslcertificate_p.h:42

QSslCertificatePrivate::~QSslCertificatePrivate
~QSslCertificatePrivate()

QSslCertificatePrivate::extensions
QList< QSslCertificateExtension > extensions() const
Definition qsslcertificate.cpp:813

QSslCertificatePrivate::isBlacklisted
static Q_NETWORK_EXPORT bool isBlacklisted(const QSslCertificate &certificate)
Definition qsslcertificate.cpp:883

QSslCertificate
The QSslCertificate class provides a convenient API for an X509 certificate.
Definition qsslcertificate.h:35

QSslCertificate::QSslCertificate
QSslCertificate(QIODevice *device, QSsl::EncodingFormat format=QSsl::Pem)
Constructs a QSslCertificate by reading format encoded data from device and using the first certifica...
Definition qsslcertificate.cpp:143

QSslCertificate::~QSslCertificate
~QSslCertificate()
Destroys the QSslCertificate.
Definition qsslcertificate.cpp:204

QSslCertificate::issuerInfoAttributes
QList< QByteArray > issuerInfoAttributes() const
Definition qsslcertificate.cpp:450

QSslCertificate::subjectInfo
QStringList subjectInfo(SubjectInfo info) const
Returns the information for the subject, or an empty list if there is no information for subject in t...
Definition qsslcertificate.cpp:393

QSslCertificate::fromDevice
static QList< QSslCertificate > fromDevice(QIODevice *device, QSsl::EncodingFormat format=QSsl::Pem)
Searches for and parses all certificates in device that are encoded in the specified format and retur...
Definition qsslcertificate.cpp:715

QSslCertificate::isSelfSigned
bool isSelfSigned() const
Definition qsslcertificate.cpp:293

QSslCertificate::subjectAlternativeNames
QMultiMap< QSsl::AlternativeNameEntryType, QString > subjectAlternativeNames() const
Returns the list of alternative subject names for this certificate.
Definition qsslcertificate.cpp:473

QSslCertificate::fromData
static QList< QSslCertificate > fromData(const QByteArray &data, QSsl::EncodingFormat format=QSsl::Pem)
Searches for and parses all certificates in data that are encoded in the specified format and returns...
Definition qsslcertificate.cpp:731

QSslCertificate::issuerDisplayName
QString issuerDisplayName() const
Definition qsslcertificate.cpp:920

QSslCertificate::operator=
QSslCertificate & operator=(QSslCertificate &&other) noexcept
Definition qsslcertificate.h:60

QSslCertificate::digest
QByteArray digest(QCryptographicHash::Algorithm algorithm=QCryptographicHash::Md5) const
Returns a cryptographic digest of this certificate.
Definition qsslcertificate.cpp:344

QSslCertificate::operator==
bool operator==(const QSslCertificate &other) const
Returns true if this certificate is the same as other; otherwise returns false.
Definition qsslcertificate.cpp:233

QSslCertificate::expiryDate
QDateTime expiryDate() const
Returns the date-time that the certificate expires, or an empty QDateTime if this is a null certifica...
Definition qsslcertificate.cpp:505

QSslCertificate::verify
static QList< QSslError > verify(const QList< QSslCertificate > &certificateChain, const QString &hostName=QString())
Verifies a certificate chain.
Definition qsslcertificate.cpp:763

QSslCertificate::publicKey
QSslKey publicKey() const
Returns the certificate subject's public key.
Definition qsslcertificate.cpp:538

QSslCertificate::version
QByteArray version() const
Returns the certificate's version string.
Definition qsslcertificate.cpp:318

QSslCertificate::fromPath
static QList< QSslCertificate > fromPath(const QString &path, QSsl::EncodingFormat format=QSsl::Pem, PatternSyntax syntax=PatternSyntax::FixedString)
Definition qsslcertificate.cpp:617

QSslCertificate::effectiveDate
QDateTime effectiveDate() const
Returns the date-time that the certificate becomes valid, or an empty QDateTime if this is a null cer...
Definition qsslcertificate.cpp:489

QSslCertificate::issuerInfo
QStringList issuerInfo(SubjectInfo info) const
Returns the issuer information for the subject from the certificate, or an empty list if there is no ...
Definition qsslcertificate.cpp:359

QSslCertificate::subjectDisplayName
QString subjectDisplayName() const
Definition qsslcertificate.cpp:945

QSslCertificate::SubjectInfo
SubjectInfo
Describes keys that you can pass to QSslCertificate::issuerInfo() or QSslCertificate::subjectInfo() t...
Definition qsslcertificate.h:37

QSslCertificate::Organization
@ Organization
Definition qsslcertificate.h:38

QSslCertificate::LocalityName
@ LocalityName
Definition qsslcertificate.h:40

QSslCertificate::StateOrProvinceName
@ StateOrProvinceName
Definition qsslcertificate.h:43

QSslCertificate::DistinguishedNameQualifier
@ DistinguishedNameQualifier
Definition qsslcertificate.h:44

QSslCertificate::CountryName
@ CountryName
Definition qsslcertificate.h:42

QSslCertificate::EmailAddress
@ EmailAddress
Definition qsslcertificate.h:46

QSslCertificate::OrganizationalUnitName
@ OrganizationalUnitName
Definition qsslcertificate.h:41

QSslCertificate::CommonName
@ CommonName
Definition qsslcertificate.h:39

QSslCertificate::SerialNumber
@ SerialNumber
Definition qsslcertificate.h:45

QSslCertificate::toDer
QByteArray toDer() const
Returns this certificate converted to a DER (binary) encoded representation.
Definition qsslcertificate.cpp:580

QSslCertificate::handle
Qt::HANDLE handle() const
Returns a pointer to the native certificate handle, if there is one, else \nullptr.
Definition qsslcertificate.cpp:525

QSslCertificate::extensions
QList< QSslCertificateExtension > extensions() const
Returns a list containing the X509 extensions of this certificate.
Definition qsslcertificate.cpp:555

QSslCertificate::subjectInfoAttributes
QList< QByteArray > subjectInfoAttributes() const
Definition qsslcertificate.cpp:430

QSslCertificate::isNull
bool isNull() const
Returns true if this is a null certificate (i.e., a certificate with no contents); otherwise returns ...
Definition qsslcertificate.cpp:264

QSslCertificate::isBlacklisted
bool isBlacklisted() const
Returns true if this certificate is blacklisted; otherwise returns false.
Definition qsslcertificate.cpp:278

QSslCertificate::serialNumber
QByteArray serialNumber() const
Returns the certificate's serial number string in hexadecimal format.
Definition qsslcertificate.cpp:331

QSslCertificate::clear
void clear()
Clears the contents of this certificate, making it a null certificate.
Definition qsslcertificate.cpp:307

QSslCertificate::toText
QString toText() const
Returns this certificate converted to a human-readable text representation.
Definition qsslcertificate.cpp:596

QSslCertificate::PatternSyntax
PatternSyntax
Definition qsslcertificate.h:49

QSslCertificate::PatternSyntax::Wildcard
@ Wildcard

QSslCertificate::PatternSyntax::RegularExpression
@ RegularExpression

QSslCertificate::toPem
QByteArray toPem() const
Returns this certificate converted to a PEM (Base64) encoded representation.
Definition qsslcertificate.cpp:566

QSslCertificate::importPkcs12
static bool importPkcs12(QIODevice *device, QSslKey *key, QSslCertificate *cert, QList< QSslCertificate > *caCertificates=nullptr, const QByteArray &passPhrase=QByteArray())
Definition qsslcertificate.cpp:790

QSslKey
The QSslKey class provides an interface for private and public keys.
Definition qsslkey.h:23

QSslSocketPrivate::ensureInitialized
static void ensureInitialized()
Definition qsslsocket.cpp:2026

QStringList
\inmodule QtCore

QStringView
\inmodule QtCore
Definition qstringview.h:78

QStringView::left
constexpr QStringView left(qsizetype n) const noexcept
Definition qstringview.h:209

QString
\macro QT_RESTRICTED_CAST_FROM_ASCII
Definition qstring.h:129

QString::indexOf
qsizetype indexOf(QLatin1StringView s, qsizetype from=0, Qt::CaseSensitivity cs=Qt::CaseSensitive) const
Definition qstring.cpp:4517

QString::lastIndexOf
qsizetype lastIndexOf(QChar c, Qt::CaseSensitivity cs=Qt::CaseSensitive) const noexcept
Definition qstring.h:296

QString::remove
QString & remove(qsizetype i, qsizetype len)
Removes n characters from the string, starting at the given position index, and returns a reference t...
Definition qstring.cpp:3466

QTlsBackend
QTlsBackend is a factory class, providing implementations for the QSsl classes.
Definition qtlsbackend_p.h:266

QTlsBackend::resetBackend
static void resetBackend(QSslKey &key, QTlsPrivate::TlsKey *keyBackend)
Definition qtlsbackend.cpp:706

QTlsBackend::createCertificate
virtual QTlsPrivate::X509Certificate * createCertificate() const
Definition qtlsbackend.cpp:298

QTlsBackend::activeOrAnyBackend
static QTlsBackend * activeOrAnyBackend()
Definition qtlsbackend.cpp:632

i
i
[1]
Definition doc_src_containers.cpp:169

QSsl::EncodingFormat
EncodingFormat
Describes supported encoding formats for certificates and keys.
Definition qssl.h:28

QSsl::Pem
@ Pem
Definition qssl.h:29

QT_BEGIN_NAMESPACE
Combined button and popup list for selecting options.
Definition qstandardpaths_haiku.cpp:21

QT_END_NAMESPACE
Definition qsharedpointer.cpp:1590

Qt::StringLiterals
Definition qbytearray.h:803

Qt::HANDLE
void * HANDLE
Definition qnamespace.h:1545

QByteArray
typedef QByteArray(EGLAPIENTRYP PFNQGSGETDISPLAYSPROC)()

attribute
EGLOutputLayerEXT EGLint attribute
Definition qeglstreamconvenience_p.h:46

debug
@ debug
Definition qibusplatforminputcontext.cpp:48

qWarning
#define qWarning
Definition qlogging.h:166

qCWarning
#define qCWarning(category,...)
Definition qloggingcategory.h:125

QT_IMPL_METATYPE_EXTERN
#define QT_IMPL_METATYPE_EXTERN(TYPE)
Definition qmetatype.h:1390

key
GLuint64 key
Definition qopengles2ext.h:2268

a
GLboolean GLboolean GLboolean GLboolean a
[7]
Definition qopengles2ext.h:337

data
GLint GLsizei GLsizei GLenum GLenum GLsizei void * data
Definition qopengles2ext.h:206

format
GLint GLsizei GLsizei GLenum format
Definition qopengles2ext.h:206

names
GLuint GLuint * names
Definition qopenglext.h:5654

path
GLsizei const GLchar *const  * path
Definition qopenglext.h:4283

result
GLuint64EXT * result
[6]
Definition qopenglext.h:10932

pattern
GLubyte * pattern
Definition qopenglext.h:2744

seed
static Q_CONSTINIT QBasicAtomicInteger< unsigned > seed
Definition qrandom.cpp:196

qregularexpression.h

qssl_p.h

operator<<
QDebug operator<<(QDebug debug, const QSslCertificate &certificate)
Definition qsslcertificate.cpp:976

certificate_blacklist
static const char *const certificate_blacklist[]
Definition qsslcertificate.cpp:835

qsslcertificate.h

qsslcertificate_p.h

qsslcertificateextension_p.h

qsslkey_p.h

qsslsocket_p.h

QUtf8StringView
QBasicUtf8StringView< false > QUtf8StringView
Definition qstringfwd.h:46

qsizetype
ptrdiff_t qsizetype
Definition qtypes.h:165

file
QFile file
[0]
Definition src_corelib_io_qfile.cpp:5

pos
pos
[7]
Definition src_corelib_io_qsettings.cpp:57

d
double d
Definition src_corelib_text_qlocale.cpp:9

other
QSharedPointer< T > other(t)
[5]

info
QHostInfo info
[0]
Definition src_network_kernel_qhostinfo.cpp:14

certs
const auto certs
[1]
Definition src_network_ssl_qsslcertificate.cpp:5