Version 9 - History - API - kCA certificate helper library - Redmine

API » History » Version 9

Felix Tiede, 09/08/2013 01:13 PM
API has been changed to use std::exception::what() as well as a serial constraint.

-Felix Tiede
+h1. Public API
 The real code is documented, of course. See header files in source:src.
 For a history of how it was created, see ticket #34.
 Regardless of the files the API is split into, in C++ it looks like this:
 <pre><code class="cplusplus">namespace Kca
+{
 namespace OpenSSL
+{
   enum Digest {
     RIPEMD160,
     SHA1,
     SHA256,
     SHA384,
     SHA512,
   };
   enum RevocationReason {
     Unspecified,
     KeyCompromise,
     CACompromise,
     AffilitionChanged,
     Superseded,
     CessationOfOperation,
     CertificateHold,
     RemoveFromCRL = 8
   };
-Felix Tiede
+  class OpenSSLException : public std::exception
+  {
     public:
       ~OpenSSLException() throw();
 Felix Tiede
-Felix Tiede
+      const char * what() const throw();
 Felix Tiede
     protected:
       OpenSSLException(const QString& message) throw();
-Felix Tiede
+  };
   class SigningException : public std::exception
+  {
     public:
       enum Operation {
         SignCsr,
         SignCrl,
       };
       enum Failure {
         NoCACertificate,
         KeyMismatch,
-Felix Tiede
+        SerialConstraint,
-Felix Tiede
+        TimeConstraint,
         ExtensionError,
         ObjectError,
       };
       ~SigningException() throw();
       const Operation operation() const throw();
       const Failure failure() const throw();
-Felix Tiede
+      const char * what() const throw();
 Felix Tiede
     protected:
       SigningException(Operation operation, Failure failure, const QString& description) throw();
       void setFailure(Failure failure) throw();
-Felix Tiede
+      void setMessage(const QString& message) throw();
-Felix Tiede
+  };
 Felix Tiede
   class Extension {
     public:
       struct ObjectID {
         QString oid;
         QString shortName;
         QString longName;
       };
       Extension(const ObjectID& oid, const QString& value,
                 bool critical=false, bool replace=false);
       ~Extension();
       const ObjectID oid() const;
       const QString value() const;
       void setValue(const QString& value);
       bool critical() const;
       void setCritical(bool critical);
       bool replace() const;
       void setReplace(bool replace);
       bool operator==(const Extension& other) const;
       Extension& operator=(const Extension& other);
     protected:
       Extension(const QString& name, const QString& value,
                 bool critical = false, bool replace = false) throw(OpenSSLException);
       X509_EXTENSION* handle(X509V3_CTX* ctx = NULL) const throw(OpenSSLException);
   };
   typedef QList< Extension > ExtensionList;
   struct CRLEntry {
     quint64 serial;
     RevocationReason reason;
     QDateTime timestamp;
   };
   typedef QList< CRLEntry > CRL;
   QString version();
   QString build_information();
   quint64 random();
-Felix Tiede
+  const QSslKey generateKeyPair(unsigned int length = 2048, QSsl::KeyAlgorithm algorithm = QSsl::Rsa);
-Felix Tiede
+  const QByteArray generateRequest(const QSslKey& key,
                                    const QString& subject,
                                    const ExtensionList& extensions,
                                    Digest digest = SHA256);
   ExtensionList emailCertExtensions();
   QString requestSubject(const QByteArray& request);
   ExtensionList requestExtensions(const QByteArray& request);
 Felix Tiede
   class Certificate : public QSslCertificate
+  {
     public:
       struct SignatureDetails {
         quint64 serial;
         Digest digest;
         QDateTime effectiveDate;
         QDateTime expiryDate;
       };
       Certificate(const QSslKey& key, const QString& subject,
                   const SignatureDetails& details, const ExtensionList& extensions) throw(SigningException);
       bool isCA() const;
       bool keyMatch(const QSslKey& key) const;
       const QSslCertificate sign(const QByteArray& request, const QSslKey& signingKey,
                                  const SignatureDetails& details,
                                  const ExtensionList& extensions) const throw(SigningException);
       const QByteArray sign(const CRL& crl, const QSslKey& signingKey,
                             const SignatureDetails& details,
                             const ExtensionList& extensions) const throw(SigningException);
   };
 };
 };</code></pre>

Project

General

Profile

KDE Certification Authority Tool » kCA certificate helper library

API » History » Version 9