API » History » Revision 10
Revision 9 (Felix Tiede, 09/08/2013 01:13 PM) → Revision 10/11 (Felix Tiede, 12/08/2013 10:10 PM)
h1. Public API
The real code is documented, of course. See header files in source:src.
For a history of how it was created, see ticket #34.
Regardless of the files the API is split into, in C++ it looks like this:
<pre><code class="cplusplus">namespace Kca
{
namespace OpenSSL
{
enum Digest {
RIPEMD160,
SHA1,
SHA256,
SHA384,
SHA512,
}; /* End enum Digest */
enum RevocationReason {
Unspecified,
KeyCompromise,
CACompromise,
AffilitionChanged,
Superseded,
CessationOfOperation,
CertificateHold,
RemoveFromCRL = 8
}; /* End enum RevocationReason */
class OpenSSLException : public std::exception
{
public:
~OpenSSLException() throw();
const char * what() const throw();
const char * where() const throw();
protected:
OpenSSLException(const QString&, const char* = NULL, int = 0) QString& message) throw();
OpenSSLException(const OpenSSLException&) throw();
}; /* End class OpenSSLException */
class SigningException : public std::exception
{
public:
enum Operation {
SignCsr,
SignCrl,
}; /* End enum Operation */
enum Failure {
NoCACertificate,
KeyMismatch,
SerialConstraint,
TimeConstraint,
ExtensionError,
ObjectError,
}; /* End enum Failure */
~SigningException() throw();
const Operation operation() const throw();
const Failure failure() const throw();
const char * what() const throw();
const char * where() const throw();
protected:
SigningException(Operation, Failure, SigningException(Operation operation, Failure failure, const QString&, const char* = NULL, int = 0) QString& description) throw();
SigningException(const SigningException&) throw();
void setFailure(Failure) setFailure(Failure failure) throw();
void setMessage(const QString&) QString& message) throw();
}; /* End class SigningException */
class Extension {
public:
struct ObjectID {
QString oid;
QString shortName;
QString longName;
}; /* End struct ObjectID */
Extension(const ObjectID&, ObjectID& oid, const QString&, QString& value,
bool = false, critical=false, bool = false); replace=false);
~Extension();
const ObjectID oid() const;
const QString value() const;
void setValue(const QString&); QString& value);
bool critical() const;
void setCritical(bool); setCritical(bool critical);
bool replace() const;
void setReplace(bool); setReplace(bool replace);
bool operator==(const Extension&) Extension& other) const;
Extension& operator=(const Extension&); Extension& other);
protected:
Extension(const QString&, QString& name, const QString&, QString& value,
bool critical = false, bool replace = false); false) throw(OpenSSLException);
Extension(int, const QString&,
bool = false, bool = false);
Extension(const X509_EXTENSION*);
X509_EXTENSION* handle(X509V3_CTX* ctx = NULL) const; const throw(OpenSSLException);
}; /* End class Extension */
typedef QList< Extension > ExtensionList;
struct CRLEntry {
quint64 serial;
RevocationReason reason;
QDateTime timestamp;
}; /* End struct CRLEntry */
typedef QList< CRLEntry > CRL;
QString version();
QString build_information();
quint64 random();
ExtensionList emailCertExtensions();
class Key : public QSslKey
{
public:
Key(const QSslKey& = QSslKey());
Key(const Key&);
~Key();
operator=(const Key&);
static const Key generateKeyPair(int QSslKey generateKeyPair(unsigned int length = 2048, QSsl::KeyAlgorithm algorithm = QSsl::Rsa);
protected:
EVP_PKEY* handle() const;
}; /* End class Key */
class Request
{
public:
Request(const QByteArray& = QByteArray(), QSsl::EncodingFormat = QSsl::Pem);
Request(const Request&)
~Request();
bool isNull() const;
const QByteArray subject() const;
ExtensionList extensions() const;
QByteArray toDer() const;
QByteArray toPem() const;
QByteArray version() const;
bool operator!=(const Request&) const;
bool operator==(const Request&) const;
Request& operator=(const Request&);
static Request generate(const Key&, generateRequest(const QSslKey& key,
const QByteArray&,
QString& subject,
const ExtensionList& = ExtensionList(),
extensions,
Digest digest = SHA256);
protected:
X509_REQ* handle() const;
ExtensionList emailCertExtensions();
QString requestSubject(const QByteArray& request);
}; /* End ExtensionList requestExtensions(const QByteArray& request);
class Request */
class Certificate : public QSslCertificate
{
public:
struct SignatureDetails {
quint64 serial;
Digest digest;
QDateTime effectiveDate;
QDateTime expiryDate;
}; /* End struct SignatureDetails */
Certificate(const QSslCertificate& = QSslCertificate());
Certificate(const Certificate&);
Certificate(const Key&, QSslKey& key, const QString&, QString& subject,
const SignatureDetails&, SignatureDetails& details, const ExtensionList&); ExtensionList& extensions) throw(SigningException);
~Certificate();
bool isCA() const;
bool keyMatch(const Key&) QSslKey& key) const;
ExtensionList extensions() const;
const Certificate QSslCertificate sign(const Request&, QByteArray& request, const Key&,
QSslKey& signingKey,
const SignatureDetails&,
SignatureDetails& details,
const ExtensionList&) const; ExtensionList& extensions) const throw(SigningException);
const QByteArray sign(const CRL&, CRL& crl, const Key&, QSslKey& signingKey,
const SignatureDetails&, SignatureDetails& details,
const ExtensionList&, QSsl::EncodingFormat = QSsl::Der) const; ExtensionList& extensions) const throw(SigningException);
}; /* End class Certificate */
}; /* End namespace OpenSSL */
}; /* End namespace Kca */</code></pre> };</code></pre>