96#include <QtNetwork/qtnetworkglobal.h>
98#if QT_CONFIG(regularexpression)
112#include <QtCore/qdir.h>
113#include <QtCore/qdirlisting.h>
114#include <QtCore/qfile.h>
132 qCWarning(lcSsl,
"No TLS backend is available");
155 auto *X509Reader =
format ==
QSsl::Pem ? tlsBackend->X509PemReader() : tlsBackend->X509DerReader();
157 qCWarning(lcSsl,
"Current TLS plugin does not support reading from PEM/DER");
161 QList<QSslCertificate>
certs = X509Reader(
data, 1);
162 if (!
certs.isEmpty())
183 auto *X509Reader =
format ==
QSsl::Pem ? tlsBackend->X509PemReader() : tlsBackend->X509DerReader();
185 qCWarning(lcSsl,
"Current TLS plugin does not support reading from PEM/DER");
189 const QList<QSslCertificate>
certs = X509Reader(
data, 1);
190 if (!
certs.isEmpty())
266 if (
const auto *backend = d->
backend.get())
267 return backend->isNull();
295 if (
const auto *backend = d->
backend.get())
296 return backend->isSelfSigned();
320 if (
const auto *backend = d->
backend.get())
321 return backend->version();
333 if (
const auto *backend = d->
backend.get())
334 return backend->serialNumber();
361 if (
const auto *backend = d->
backend.get())
362 return backend->issuerInfo(
info);
378 if (
const auto *backend = d->
backend.get())
395 if (
const auto *backend = d->
backend.get())
396 return backend->subjectInfo(
info);
412 if (
const auto *backend = d->
backend.get())
432 if (
const auto *backend = d->
backend.get())
433 return backend->subjectInfoAttributes();
452 if (
const auto *backend = d->
backend.get())
453 return backend->issuerInfoAttributes();
475 if (
const auto *backend = d->
backend.get())
476 return backend->subjectAlternativeNames();
491 if (
const auto *backend = d->
backend.get())
492 return backend->effectiveDate();
507 if (
const auto *backend = d->
backend.get())
508 return backend->expiryDate();
527 if (
const auto *backend = d->
backend.get())
528 return backend->handle();
541 if (
const auto *backend = d->
backend.get())
568 if (
const auto *backend = d->
backend.get())
569 return backend->toPem();
582 if (
const auto *backend = d->
backend.get())
583 return backend->toDer();
598 if (
const auto *backend = d->
backend.get())
599 return backend->toText();
632#if QT_CONFIG(regularexpression)
639 qWarning(
"Regular expression support is disabled in this build. Only fixed string can be searched");
640 return QList<QSslCertificate>();
645 pathPrefix = pathPrefix.left(
pos);
646 const qsizetype lastIndexOfSlash = pathPrefix.lastIndexOf(u
'/');
647 if (lastIndexOfSlash != -1)
648 pathPrefix = pathPrefix.left(lastIndexOfSlash);
660 return QList<QSslCertificate>();
666 if (pathPrefix.isEmpty()) {
671 const QString pathPrefixString = pathPrefix.toString();
674 QList<QSslCertificate>
certs;
676#if QT_CONFIG(regularexpression)
684 constexpr auto iterFlags = F::FollowSymlinks | F::Recursive;
686 QString filePath = dirEntry.filePath();
688 filePath.
remove(0, startIndex);
690#if QT_CONFIG(regularexpression)
691 if (!
pattern.match(filePath).hasMatch())
694 if (sourcePath != filePath)
718 qCWarning(lcSsl,
"QSslCertificate::fromDevice: cannot read from a null device");
719 return QList<QSslCertificate>();
735 qCWarning(lcSsl,
"No TLS backend is available");
739 auto reader =
format ==
QSsl::Pem ? tlsBackend->X509PemReader() : tlsBackend->X509DerReader();
741 qCWarning(lcSsl,
"The available TLS backend does not support reading PEM/DER");
745 return reader(
data, -1);
767 qCWarning(lcSsl,
"No TLS backend is available");
770 auto verifyPtr = tlsBackend->X509Verifier();
772 qCWarning(lcSsl,
"Available TLS backend does not support manual certificate verification");
775 return verifyPtr(certificateChain, hostName);
792 QList<QSslCertificate> *caCertificates,
800 qCWarning(lcSsl,
"No TLS backend is available");
804 if (
auto reader = tlsBackend->X509Pkcs12Reader())
805 return reader(
device,
key, certificate, caCertificates, passPhrase);
807 qCWarning(lcSsl,
"Available TLS backend does not support PKCS12");
815 QList<QSslCertificateExtension>
result;
818 auto nExt =
backend->numberOfExtensions();
819 for (
decltype (nExt)
i = 0;
i < nExt; ++
i) {
836 "04:7e:cb:e9:fc:a5:5f:7b:d0:9e:ae:36:e1:0c:ae:1e",
"mail.google.com",
837 "f5:c8:6a:f3:61:62:f1:3a:64:f5:4f:6d:c9:58:7c:06",
"www.google.com",
838 "d7:55:8f:da:f5:f1:10:5b:b2:13:28:2b:70:77:29:a3",
"login.yahoo.com",
839 "39:2a:43:4f:0e:07:df:1f:8a:a3:05:de:34:e0:c2:29",
"login.yahoo.com",
840 "3e:75:ce:d4:6b:69:30:21:21:88:30:ae:86:a8:2a:71",
"login.yahoo.com",
841 "e9:02:8b:95:78:e4:15:dc:1a:71:0a:2b:88:15:44:47",
"login.skype.com",
842 "92:39:d5:34:8f:40:d1:69:5a:74:54:70:e1:f2:3f:43",
"addons.mozilla.org",
843 "b0:b7:13:3e:d0:96:f9:b5:6f:ae:91:c8:74:bd:3a:c0",
"login.live.com",
844 "d8:f3:5f:4e:b7:87:2b:2d:ab:06:92:e3:15:38:2f:b0",
"global trustee",
846 "05:e2:e6:a4:cd:09:ea:54:d6:65:b0:75:fe:22:a2:56",
"*.google.com",
847 "0c:76:da:9c:91:0c:4e:2c:9e:fe:15:d0:58:93:3c:4c",
"DigiNotar Root CA",
848 "f1:4a:13:f4:87:2b:56:dc:39:df:84:ca:7a:a1:06:49",
"DigiNotar Services CA",
849 "36:16:71:55:43:42:1b:9d:e6:cb:a3:64:41:df:24:38",
"DigiNotar Services 1024 CA",
850 "0a:82:bd:1e:14:4e:88:14:d7:5b:1a:55:27:be:bf:3e",
"DigiNotar Root CA G2",
851 "a4:b6:ce:e3:2e:d3:35:46:26:3c:b3:55:3a:a8:92:21",
"CertiID Enterprise Certificate Authority",
852 "5b:d5:60:9c:64:17:68:cf:21:0e:35:fd:fb:05:ad:41",
"DigiNotar Qualified CA",
854 "46:9c:2c:b0",
"DigiNotar Services 1024 CA",
855 "07:27:10:0d",
"DigiNotar Cyber CA",
856 "07:27:0f:f9",
"DigiNotar Cyber CA",
857 "07:27:10:03",
"DigiNotar Cyber CA",
858 "01:31:69:b0",
"DigiNotar PKIoverheid CA Overheid en Bedrijven",
859 "01:31:34:bf",
"DigiNotar PKIoverheid CA Organisatie - G2",
860 "d6:d0:29:77:f1:49:fd:1a:83:f2:b9:ea:94:8c:5c:b4",
"DigiNotar Extended Validation CA",
861 "1e:7d:7a:53:3d:45:30:41:96:40:0f:71:48:1f:45:04",
"DigiNotar Public CA 2025",
865 "46:9c:2c:af",
"DigiNotar Root CA",
866 "46:9c:3c:c9",
"DigiNotar Root CA",
868 "07:27:14:a9",
"Digisign Server ID (Enrich)",
869 "4c:0e:63:6a",
"Digisign Server ID - (Enrich)",
870 "72:03:21:05:c5:0c:08:57:3d:8e:a5:30:4e:fe:e8:b0",
"UTN-USERFirst-Hardware",
871 "41",
"MD5 Collisions Inc. (http://www.phreedom.org/md5)",
873 "08:27",
"*.EGO.GOV.TR",
874 "08:64",
"e-islem.kktcmerkezbankasi.org",
876 "03:1d:a7",
"AC DG Tr\xC3\xA9sor SSL",
877 "27:83",
"NIC Certifying Authority",
878 "27:92",
"NIC CA 2011",
879 "27:b1",
"NIC CA 2014",
924 if (!
names.isEmpty())
925 return names.constFirst();
927 if (!
names.isEmpty())
928 return names.constFirst();
930 if (!
names.isEmpty())
931 return names.constFirst();
949 if (!
names.isEmpty())
950 return names.constFirst();
952 if (!
names.isEmpty())
953 return names.constFirst();
955 if (!
names.isEmpty())
956 return names.constFirst();
968 if (
const auto *backend =
key.d->backend.get())
969 return backend->hash(
seed);
975#ifndef QT_NO_DEBUG_STREAM
979 debug.resetFormat().nospace();
980 debug <<
"QSslCertificate("
981 <<
"Version=" << certificate.
version()
987#if QT_CONFIG(datestring)
989 <<
", ExpiryDate=" << certificate.
expiryDate()
IOBluetoothDevice * device
QByteArray toBase64(Base64Options options=Base64Encoding) const
static QByteArray hash(QByteArrayView data, Algorithm method)
Returns the hash of data using method.
\inmodule QtCore\reentrant
The QDirListing class provides an STL-style iterator for directory entries.
IteratorFlag
This enum class describes flags can be used to configure the behavior of QDirListing.
static QString fromNativeSeparators(const QString &pathName)
QFILE_MAYBE_NODISCARD bool open(OpenMode flags) override
Opens the file using OpenMode mode, returning true if successful; otherwise false.
size_t qHash(const QSslCertificate &key, size_t seed) noexcept
Returns the hash value for the key, using seed to seed the calculation.
\inmodule QtCore \reentrant
QByteArray readAll()
Reads all remaining data from the device, and returns it as a byte array.
\inmodule QtCore \reentrant
static QString anchoredPattern(const QString &expression)
static QString wildcardToRegularExpression(const QString &str, WildcardConversionOptions options=DefaultWildcardConversion)
@ UnanchoredWildcardConversion
The QSslCertificateExtension class provides an API for accessing the extensions of an X509 certificat...
static Q_NETWORK_EXPORT QByteArray subjectInfoToString(QSslCertificate::SubjectInfo info)
std::unique_ptr< QTlsPrivate::X509Certificate > backend
~QSslCertificatePrivate()
QList< QSslCertificateExtension > extensions() const
static Q_NETWORK_EXPORT bool isBlacklisted(const QSslCertificate &certificate)
The QSslCertificate class provides a convenient API for an X509 certificate.
QSslCertificate(QIODevice *device, QSsl::EncodingFormat format=QSsl::Pem)
Constructs a QSslCertificate by reading format encoded data from device and using the first certifica...
~QSslCertificate()
Destroys the QSslCertificate.
QList< QByteArray > issuerInfoAttributes() const
QStringList subjectInfo(SubjectInfo info) const
Returns the information for the subject, or an empty list if there is no information for subject in t...
static QList< QSslCertificate > fromDevice(QIODevice *device, QSsl::EncodingFormat format=QSsl::Pem)
Searches for and parses all certificates in device that are encoded in the specified format and retur...
bool isSelfSigned() const
QMultiMap< QSsl::AlternativeNameEntryType, QString > subjectAlternativeNames() const
Returns the list of alternative subject names for this certificate.
static QList< QSslCertificate > fromData(const QByteArray &data, QSsl::EncodingFormat format=QSsl::Pem)
Searches for and parses all certificates in data that are encoded in the specified format and returns...
QString issuerDisplayName() const
QSslCertificate & operator=(QSslCertificate &&other) noexcept
QByteArray digest(QCryptographicHash::Algorithm algorithm=QCryptographicHash::Md5) const
Returns a cryptographic digest of this certificate.
bool operator==(const QSslCertificate &other) const
Returns true if this certificate is the same as other; otherwise returns false.
QDateTime expiryDate() const
Returns the date-time that the certificate expires, or an empty QDateTime if this is a null certifica...
static QList< QSslError > verify(const QList< QSslCertificate > &certificateChain, const QString &hostName=QString())
Verifies a certificate chain.
QSslKey publicKey() const
Returns the certificate subject's public key.
QByteArray version() const
Returns the certificate's version string.
static QList< QSslCertificate > fromPath(const QString &path, QSsl::EncodingFormat format=QSsl::Pem, PatternSyntax syntax=PatternSyntax::FixedString)
QDateTime effectiveDate() const
Returns the date-time that the certificate becomes valid, or an empty QDateTime if this is a null cer...
QStringList issuerInfo(SubjectInfo info) const
Returns the issuer information for the subject from the certificate, or an empty list if there is no ...
QString subjectDisplayName() const
SubjectInfo
Describes keys that you can pass to QSslCertificate::issuerInfo() or QSslCertificate::subjectInfo() t...
@ DistinguishedNameQualifier
QByteArray toDer() const
Returns this certificate converted to a DER (binary) encoded representation.
Qt::HANDLE handle() const
Returns a pointer to the native certificate handle, if there is one, else \nullptr.
QList< QSslCertificateExtension > extensions() const
Returns a list containing the X509 extensions of this certificate.
QList< QByteArray > subjectInfoAttributes() const
bool isNull() const
Returns true if this is a null certificate (i.e., a certificate with no contents); otherwise returns ...
bool isBlacklisted() const
Returns true if this certificate is blacklisted; otherwise returns false.
QByteArray serialNumber() const
Returns the certificate's serial number string in hexadecimal format.
void clear()
Clears the contents of this certificate, making it a null certificate.
QString toText() const
Returns this certificate converted to a human-readable text representation.
QByteArray toPem() const
Returns this certificate converted to a PEM (Base64) encoded representation.
static bool importPkcs12(QIODevice *device, QSslKey *key, QSslCertificate *cert, QList< QSslCertificate > *caCertificates=nullptr, const QByteArray &passPhrase=QByteArray())
The QSslKey class provides an interface for private and public keys.
static void ensureInitialized()
constexpr QStringView left(qsizetype n) const noexcept
\macro QT_RESTRICTED_CAST_FROM_ASCII
qsizetype indexOf(QLatin1StringView s, qsizetype from=0, Qt::CaseSensitivity cs=Qt::CaseSensitive) const
qsizetype lastIndexOf(QChar c, Qt::CaseSensitivity cs=Qt::CaseSensitive) const noexcept
QString & remove(qsizetype i, qsizetype len)
Removes n characters from the string, starting at the given position index, and returns a reference t...
QTlsBackend is a factory class, providing implementations for the QSsl classes.
static void resetBackend(QSslKey &key, QTlsPrivate::TlsKey *keyBackend)
virtual QTlsPrivate::X509Certificate * createCertificate() const
static QTlsBackend * activeOrAnyBackend()
EncodingFormat
Describes supported encoding formats for certificates and keys.
Combined button and popup list for selecting options.
typedef QByteArray(EGLAPIENTRYP PFNQGSGETDISPLAYSPROC)()
EGLOutputLayerEXT EGLint attribute
#define qCWarning(category,...)
GLboolean GLboolean GLboolean GLboolean a
[7]
GLint GLsizei GLsizei GLenum GLenum GLsizei void * data
GLint GLsizei GLsizei GLenum format
GLsizei const GLchar *const * path
static Q_CONSTINIT QBasicAtomicInteger< unsigned > seed
QDebug operator<<(QDebug debug, const QSslCertificate &certificate)
static const char *const certificate_blacklist[]
QBasicUtf8StringView< false > QUtf8StringView