2021-05-24 07:25:56 +00:00
/*
SPDX - FileCopyrightText : 2018 Chinmoy Ranjan Pradhan < chinmoyrp65 @ gmail . com >
SPDX - License - Identifier : GPL - 2.0 - or - later
*/
2019-01-05 22:30:25 +00:00
2019-07-14 07:12:06 +00:00
# ifndef OKULAR_SIGNATUREUTILS_H
# define OKULAR_SIGNATUREUTILS_H
2019-01-05 22:30:25 +00:00
# include "okularcore_export.h"
# include <QDateTime>
# include <QFlag>
# include <QList>
# include <QSharedPointer>
# include <QString>
namespace Okular
{
/**
* @ short A helper class to store information about x509 certificate
*/
2023-04-21 10:50:46 +00:00
class CertificateInfoPrivate ;
2019-01-05 22:30:25 +00:00
class OKULARCORE_EXPORT CertificateInfo
{
public :
2023-06-25 22:41:22 +00:00
/** The certificate backend is mostly
important if there is a wish to integrate
third party viewers , where some third party
viewers only interacts with some and not other
backend */
enum class Backend {
/** The backend is either unknown
or known , but not something there is
currently supported need for */
Unknown ,
/** The certificates in question originates
in gpg and thus can be queried using e . g .
KDE ' s certificate manager Kleopatra */
Gpg
} ;
2019-01-05 22:30:25 +00:00
/**
* The algorithm of public key .
*/
enum PublicKeyType { RsaKey , DsaKey , EcKey , OtherKey } ;
2020-07-10 22:15:05 +00:00
2019-01-05 22:30:25 +00:00
/**
* Certificate key usage extensions .
*/
enum KeyUsageExtension { KuDigitalSignature = 0x80 , KuNonRepudiation = 0x40 , KuKeyEncipherment = 0x20 , KuDataEncipherment = 0x10 , KuKeyAgreement = 0x08 , KuKeyCertSign = 0x04 , KuClrSign = 0x02 , KuEncipherOnly = 0x01 , KuNone = 0x00 } ;
Q_DECLARE_FLAGS ( KeyUsageExtensions , KeyUsageExtension )
2020-07-10 22:15:05 +00:00
/**
2019-01-05 22:30:25 +00:00
* Predefined keys for elements in an entity ' s distinguished name .
2020-07-10 22:15:05 +00:00
*/
2019-01-05 22:30:25 +00:00
enum EntityInfoKey {
CommonName ,
DistinguishedName ,
EmailAddress ,
Organization ,
} ;
2023-05-03 13:41:14 +00:00
/**
* How should certain empty strings be treated
* @ since 23.08
*/
enum class EmptyString { /** Empty strings should just be empty*/ Empty , TranslatedNotAvailable /** Empty strings should be a localized version of "Not available" */ } ;
2020-07-10 22:15:05 +00:00
2023-12-07 12:15:03 +00:00
/** A signing key can be located in different places
* sometimes , for the user , it might be easier to pick
* the key located on a card if it have some visual
* indicator that it is somehow removable .
*
* \ note a keylocation for a certificate without a private
* key ( cannot be used for signing ) will likely be " Unknown "
*/
enum class KeyLocation {
Unknown , /** We don't know the location */
Other , /** We know the location, but it is somehow not covered by this enum */
Computer , /** The key is on this computer */
HardwareToken /** The key is on a dedicated hardware token, either a smartcard or a dedicated usb token (e.g. gnuk, nitrokey or yubikey) */
} ;
2019-01-05 22:30:25 +00:00
/**
* Destructor
2020-07-10 22:15:05 +00:00
*/
2023-04-21 10:50:46 +00:00
~ CertificateInfo ( ) ;
/**
* Returns true if the certificate has no contents ; otherwise returns false
* @ since 23.08
*/
bool isNull ( ) const ;
2020-07-10 22:15:05 +00:00
/**
2023-04-21 10:50:46 +00:00
* Sets the null value of the certificate .
* @ since 23.08
2019-01-05 22:30:25 +00:00
*/
2023-04-21 10:50:46 +00:00
void setNull ( bool null ) ;
2020-07-10 22:15:05 +00:00
2019-01-05 22:30:25 +00:00
/**
* The certificate version string .
2023-04-21 10:50:46 +00:00
* @ since 23.08
2019-01-05 22:30:25 +00:00
*/
2023-04-21 10:50:46 +00:00
int version ( ) const ;
/**
* Sets the certificate version string .
* @ since 23.08
*/
void setVersion ( int version ) ;
2020-07-10 22:15:05 +00:00
2019-01-05 22:30:25 +00:00
/**
* The certificate serial number .
2023-04-21 10:50:46 +00:00
* @ since 23.08
2019-01-05 22:30:25 +00:00
*/
2023-04-21 10:50:46 +00:00
QByteArray serialNumber ( ) const ;
/**
* Sets the certificate serial number .
* @ since 23.08
*/
void setSerialNumber ( const QByteArray & serial ) ;
2020-07-10 22:15:05 +00:00
2019-01-05 22:30:25 +00:00
/**
* Information about the issuer .
2023-04-21 10:50:46 +00:00
* @ since 23.08
*/
2023-05-03 13:41:14 +00:00
QString issuerInfo ( EntityInfoKey key , EmptyString empty ) const ;
2023-04-21 10:50:46 +00:00
/**
* Sets information about the issuer .
* @ since 23.08
2019-01-05 22:30:25 +00:00
*/
2023-04-21 10:50:46 +00:00
void setIssuerInfo ( EntityInfoKey key , const QString & value ) ;
2020-07-10 22:15:05 +00:00
2019-01-05 22:30:25 +00:00
/**
* Information about the subject
2023-04-21 10:50:46 +00:00
* @ since 23.08
*/
2023-05-03 13:41:14 +00:00
QString subjectInfo ( EntityInfoKey key , EmptyString empty ) const ;
2023-04-21 10:50:46 +00:00
/**
* Sets information about the subject
* @ since 23.08
2019-01-05 22:30:25 +00:00
*/
2023-04-21 10:50:46 +00:00
void setSubjectInfo ( EntityInfoKey key , const QString & value ) ;
2020-07-10 22:15:05 +00:00
2020-01-18 14:54:47 +00:00
/**
* The certificate internal database nickname
2023-04-21 10:50:46 +00:00
* @ since 23.08
2020-01-18 14:54:47 +00:00
*/
2023-04-21 10:50:46 +00:00
QString nickName ( ) const ;
/**
* Sets the certificate internal database nickname
* @ since 23.08
*/
void setNickName ( const QString & nickName ) ;
2020-01-18 14:54:47 +00:00
2019-01-05 22:30:25 +00:00
/**
* The date - time when certificate becomes valid .
2023-04-21 10:50:46 +00:00
* @ since 23.08
*/
QDateTime validityStart ( ) const ;
/**
* Sets the date - time when certificate becomes valid .
* @ since 23.08
2019-01-05 22:30:25 +00:00
*/
2023-04-21 10:50:46 +00:00
void setValidityStart ( const QDateTime & start ) ;
2020-07-10 22:15:05 +00:00
2019-01-05 22:30:25 +00:00
/**
* The date - time when certificate expires .
2023-04-21 10:50:46 +00:00
* @ since 23.08
2019-01-05 22:30:25 +00:00
*/
2023-04-21 10:50:46 +00:00
QDateTime validityEnd ( ) const ;
/**
* Sets the date - time when certificate expires .
* @ since 23.08
*/
void setValidityEnd ( const QDateTime & validityEnd ) ;
2020-07-10 22:15:05 +00:00
2019-01-05 22:30:25 +00:00
/**
* The uses allowed for the certificate .
2023-04-21 10:50:46 +00:00
* @ since 23.08
*/
KeyUsageExtensions keyUsageExtensions ( ) const ;
/**
* Sets the uses allowed for the certificate .
* @ since 23.08
2019-01-05 22:30:25 +00:00
*/
2023-04-21 10:50:46 +00:00
void setKeyUsageExtensions ( KeyUsageExtensions ext ) ;
2020-07-10 22:15:05 +00:00
2019-01-05 22:30:25 +00:00
/**
* The public key value .
2023-04-21 10:50:46 +00:00
* @ since 23.08
2019-01-05 22:30:25 +00:00
*/
2023-04-21 10:50:46 +00:00
QByteArray publicKey ( ) const ;
/**
* Sets the public key value .
* @ since 23.08
*/
void setPublicKey ( const QByteArray & publicKey ) ;
2020-07-10 22:15:05 +00:00
2019-01-05 22:30:25 +00:00
/**
* The public key type .
2023-04-21 10:50:46 +00:00
* @ since 23.08
*/
PublicKeyType publicKeyType ( ) const ;
/**
* Sets the public key type .
* @ since 23.08
2019-01-05 22:30:25 +00:00
*/
2023-04-21 10:50:46 +00:00
void setPublicKeyType ( PublicKeyType type ) ;
2020-07-10 22:15:05 +00:00
2019-01-05 22:30:25 +00:00
/**
* The strength of public key in bits .
2023-04-21 10:50:46 +00:00
* @ since 23.08
2019-01-05 22:30:25 +00:00
*/
2023-04-21 10:50:46 +00:00
int publicKeyStrength ( ) const ;
/**
* Sets the strength of strength key in bits .
* @ since 23.08
*/
void setPublicKeyStrength ( int strength ) ;
2020-07-10 22:15:05 +00:00
2019-01-05 22:30:25 +00:00
/**
* Returns true if certificate is self - signed otherwise returns false .
2023-04-21 10:50:46 +00:00
* @ since 23.08
*/
bool isSelfSigned ( ) const ;
/**
* Sets if certificate is self - signed
* @ since 23.08
2019-01-05 22:30:25 +00:00
*/
2023-04-21 10:50:46 +00:00
void setSelfSigned ( bool selfSigned ) ;
2020-07-10 22:15:05 +00:00
2019-01-05 22:30:25 +00:00
/**
* The DER encoded certificate .
2023-04-21 10:50:46 +00:00
* @ since 23.08
2019-01-05 22:30:25 +00:00
*/
2023-04-21 10:50:46 +00:00
QByteArray certificateData ( ) const ;
/**
* Sets the DER encoded certificate .
* @ since 23.08
*/
void setCertificateData ( const QByteArray & certificateData ) ;
2023-12-07 12:15:03 +00:00
/*
* Sets the location of the certificate
*
* see \ ref KeyLocation enum for details
2023-12-07 14:57:43 +00:00
* @ since 24.02
2023-12-07 12:15:03 +00:00
*/
void setKeyLocation ( KeyLocation location ) ;
/**
* the location of the certificate
*
* see \ ref KeyLocation enum for details
2023-12-07 14:57:43 +00:00
* @ since 24.02
2023-12-07 12:15:03 +00:00
*/
KeyLocation keyLocation ( ) const ;
2020-07-10 22:15:05 +00:00
2023-06-25 22:41:22 +00:00
/**
* The backend where the certificate originates .
* see @ ref Backend for details
* @ since 23.08
*/
Backend backend ( ) const ;
/**
* Sets the backend for this certificate .
* see @ ref Backend for details
* @ since 23.08
*/
void setBackend ( Backend backend ) ;
2020-11-26 16:45:59 +00:00
/**
* Checks if the given password is the correct one for this certificate
*
2023-04-21 10:50:46 +00:00
* @ since 23.08
2020-11-26 16:45:59 +00:00
*/
2023-04-21 10:50:46 +00:00
bool checkPassword ( const QString & password ) const ;
/**
* Sets a function to check if the current password is correct .
*
* The default reject all passwords
*
* @ since 23.08
*/
void setCheckPasswordFunction ( const std : : function < bool ( const QString & ) > & passwordFunction ) ;
2020-11-26 16:45:59 +00:00
2019-01-05 22:30:25 +00:00
CertificateInfo ( ) ;
2023-04-21 10:50:46 +00:00
CertificateInfo ( const CertificateInfo & other ) ;
CertificateInfo ( CertificateInfo & & other ) noexcept ;
CertificateInfo & operator = ( const CertificateInfo & other ) ;
CertificateInfo & operator = ( CertificateInfo & & other ) noexcept ;
2020-07-10 22:15:05 +00:00
2019-01-05 22:30:25 +00:00
private :
2023-04-21 10:50:46 +00:00
QSharedDataPointer < CertificateInfoPrivate > d ;
2019-01-05 22:30:25 +00:00
} ;
/**
* @ short A helper class to store information about digital signature
*/
2023-04-21 10:50:46 +00:00
class SignatureInfoPrivate ;
2019-01-05 22:30:25 +00:00
class OKULARCORE_EXPORT SignatureInfo
{
public :
/**
2019-07-14 07:12:06 +00:00
* The verification result of the signature .
2019-01-05 22:30:25 +00:00
*/
enum SignatureStatus {
SignatureStatusUnknown , ///< The signature status is unknown for some reason.
SignatureValid , ///< The signature is cryptographically valid.
SignatureInvalid , ///< The signature is cryptographically invalid.
SignatureDigestMismatch , ///< The document content was changed after the signature was applied.
SignatureDecodingError , ///< The signature CMS/PKCS7 structure is malformed.
SignatureGenericError , ///< The signature could not be verified.
SignatureNotFound , ///< The requested signature is not present in the document.
SignatureNotVerified ///< The signature is not yet verified.
} ;
2020-07-10 22:15:05 +00:00
2019-01-05 22:30:25 +00:00
/**
* The verification result of the certificate .
*/
enum CertificateStatus {
2023-06-24 18:33:00 +00:00
CertificateStatusUnknown , ///< The certificate status is unknown for some reason.
CertificateTrusted , ///< The certificate is considered trusted.
CertificateUntrustedIssuer , ///< The issuer of this certificate has been marked as untrusted by the user.
CertificateUnknownIssuer , ///< The certificate trust chain has not finished in a trusted root certificate.
CertificateRevoked , ///< The certificate was revoked by the issuing certificate authority.
CertificateExpired , ///< The signing time is outside the validity bounds of this certificate.
CertificateGenericError , ///< The certificate could not be verified.
CertificateNotVerified , ///< The certificate is not yet verified.
CertificateVerificationInProgress , ///< The certification is not yet verified, but in progress \since 24.08
2019-01-05 22:30:25 +00:00
} ;
2020-07-10 22:15:05 +00:00
2019-01-05 22:30:25 +00:00
/**
* The hash algorithm of the signature
*/
enum HashAlgorithm { HashAlgorithmUnknown , HashAlgorithmMd2 , HashAlgorithmMd5 , HashAlgorithmSha1 , HashAlgorithmSha256 , HashAlgorithmSha384 , HashAlgorithmSha512 , HashAlgorithmSha224 } ;
2020-07-10 22:15:05 +00:00
2019-01-05 22:30:25 +00:00
/**
* Destructor .
*/
2023-04-21 10:50:46 +00:00
~ SignatureInfo ( ) ;
2020-07-10 22:15:05 +00:00
2019-01-05 22:30:25 +00:00
/**
* The signature status of the signature .
2023-04-21 10:50:46 +00:00
* @ since 23.08
2019-01-05 22:30:25 +00:00
*/
2023-04-21 10:50:46 +00:00
SignatureStatus signatureStatus ( ) const ;
/**
* Sets the signature status of the signature .
* @ since 23.08
*/
void setSignatureStatus ( SignatureStatus status ) ;
2020-07-10 22:15:05 +00:00
2019-01-05 22:30:25 +00:00
/**
* The certificate status of the signature .
2023-04-21 10:50:46 +00:00
* @ since 23.08
*/
CertificateStatus certificateStatus ( ) const ;
/**
* Sets the certificate status of the signature .
* @ since 23.08
2019-01-05 22:30:25 +00:00
*/
2023-04-21 10:50:46 +00:00
void setCertificateStatus ( CertificateStatus status ) ;
2020-07-10 22:15:05 +00:00
2019-01-05 22:30:25 +00:00
/**
* The signer subject common name associated with the signature .
2023-04-21 10:50:46 +00:00
* @ since 23.08
2019-01-05 22:30:25 +00:00
*/
2023-04-21 10:50:46 +00:00
QString signerName ( ) const ;
/**
* Sets the signer subject common name associated with the signature .
* @ since 23.08
*/
void setSignerName ( const QString & signerName ) ;
2020-07-10 22:15:05 +00:00
2019-01-05 22:30:25 +00:00
/**
* The signer subject distinguished name associated with the signature .
2023-04-21 10:50:46 +00:00
* @ since 23.08
*/
QString signerSubjectDN ( ) const ;
/**
* Sets the signer subject distinguished name associated with the signature .
* @ since 23.08
2019-01-05 22:30:25 +00:00
*/
2023-04-21 10:50:46 +00:00
void setSignerSubjectDN ( const QString & signerSubjectDN ) ;
2020-07-10 22:15:05 +00:00
2019-01-05 22:30:25 +00:00
/**
* Get signing location .
2023-04-21 10:50:46 +00:00
* @ since 23.08
2019-01-05 22:30:25 +00:00
*/
2023-04-21 10:50:46 +00:00
QString location ( ) const ;
/**
* Sets the signing location .
* @ since 23.08
*/
void setLocation ( const QString & location ) ;
2020-07-10 22:15:05 +00:00
2019-01-05 22:30:25 +00:00
/**
* Get signing reason .
2023-04-21 10:50:46 +00:00
* @ since 23.08
*/
QString reason ( ) const ;
/**
* Sets the signing reason .
* @ since 23.08
2019-01-05 22:30:25 +00:00
*/
2023-04-21 10:50:46 +00:00
void setReason ( const QString & reason ) ;
2020-07-10 22:15:05 +00:00
2019-01-05 22:30:25 +00:00
/**
2019-10-14 09:13:33 +00:00
* The hash algorithm used for the signature .
2023-04-21 10:50:46 +00:00
* @ since 23.08
*/
HashAlgorithm hashAlgorithm ( ) const ;
/**
* Sets the hash algorithm used for the signature .
* @ since 23.08
2019-01-05 22:30:25 +00:00
*/
2023-04-21 10:50:46 +00:00
void setHashAlgorithm ( HashAlgorithm algorithm ) ;
2020-07-10 22:15:05 +00:00
2019-01-05 22:30:25 +00:00
/**
* The signing time associated with the signature .
2023-04-21 10:50:46 +00:00
* @ since 23.08
2019-01-05 22:30:25 +00:00
*/
2023-04-21 10:50:46 +00:00
QDateTime signingTime ( ) const ;
/**
* Sets the signing time associated with the signature .
* @ since 23.08
*/
void setSigningTime ( const QDateTime & time ) ;
2020-07-10 22:15:05 +00:00
2019-01-05 22:30:25 +00:00
/**
* Get the signature binary data .
2023-04-21 10:50:46 +00:00
* @ since 23.08
2019-01-05 22:30:25 +00:00
*/
2023-04-21 10:50:46 +00:00
QByteArray signature ( ) const ;
/**
* Sets the signature binary data .
* @ since 23.08
*/
void setSignature ( const QByteArray & signature ) ;
2020-07-10 22:15:05 +00:00
2019-01-05 22:30:25 +00:00
/**
* Get the bounds of the ranges of the document which are signed .
2023-04-21 10:50:46 +00:00
* @ since 23.08
*/
QList < qint64 > signedRangeBounds ( ) const ;
/**
* Sets the bounds of the ranges of the document which are signed .
* @ since 23.08
2019-01-05 22:30:25 +00:00
*/
2023-04-21 10:50:46 +00:00
void setSignedRangeBounds ( const QList < qint64 > & range ) ;
2020-07-10 22:15:05 +00:00
2019-01-05 22:30:25 +00:00
/**
* Checks whether the signature authenticates the total document
* except for the signature itself .
2023-04-21 10:50:46 +00:00
* @ since 23.08
2019-01-05 22:30:25 +00:00
*/
2023-04-21 10:50:46 +00:00
bool signsTotalDocument ( ) const ;
/**
* Checks whether the signature authenticates the total document
* except for the signature itself .
* @ since 23.08
*/
void setSignsTotalDocument ( bool total ) ;
2020-07-10 22:15:05 +00:00
2019-01-05 22:30:25 +00:00
/**
* Get certificate details .
2023-04-21 10:50:46 +00:00
* @ since 23.08
2019-01-05 22:30:25 +00:00
*/
2023-04-21 10:50:46 +00:00
CertificateInfo certificateInfo ( ) const ;
/**
* Sets certificate details .
* @ since 23.08
*/
void setCertificateInfo ( const CertificateInfo & info ) ;
2020-07-10 22:15:05 +00:00
2019-01-05 22:30:25 +00:00
SignatureInfo ( ) ;
2023-04-21 10:50:46 +00:00
SignatureInfo ( const SignatureInfo & other ) ;
SignatureInfo ( SignatureInfo & & other ) noexcept ;
SignatureInfo & operator = ( const SignatureInfo & other ) ;
SignatureInfo & operator = ( SignatureInfo & & other ) noexcept ;
2020-07-10 22:15:05 +00:00
2019-01-05 22:30:25 +00:00
private :
2023-04-21 10:50:46 +00:00
QSharedDataPointer < SignatureInfoPrivate > d ;
2019-01-05 22:30:25 +00:00
} ;
2019-12-11 09:44:55 +00:00
/**
* @ short A helper class to store information about x509 certificate
*/
class OKULARCORE_EXPORT CertificateStore
{
public :
/**
* Destructor
*/
virtual ~ CertificateStore ( ) ;
2020-10-21 14:13:37 +00:00
2019-12-11 09:44:55 +00:00
/**
2020-11-26 20:51:46 +00:00
* Returns list of valid , usable signing certificates .
*
* This can ask the user for a password , userCancelled will be true if the user decided not to enter it .
2023-04-21 10:50:46 +00:00
* @ since 23.08
2019-12-11 09:44:55 +00:00
*/
2023-04-21 10:50:46 +00:00
virtual QList < CertificateInfo > signingCertificates ( bool * userCancelled ) const ;
2020-10-21 14:13:37 +00:00
2021-12-07 09:52:09 +00:00
/**
* Returns list of valid , usable signing certificates for current date and time .
*
* This can ask the user for a password , userCancelled will be true if the user decided not to enter it .
*
* nonDateValidCerts is true if the user has signing certificates but their validity start date is in the future or past their validity end date .
2023-04-21 10:50:46 +00:00
* @ since 23.08
2021-12-07 09:52:09 +00:00
*/
2023-04-21 10:50:46 +00:00
QList < CertificateInfo > signingCertificatesForNow ( bool * userCancelled , bool * nonDateValidCerts ) const ;
2021-12-07 09:52:09 +00:00
2019-12-11 09:44:55 +00:00
protected :
CertificateStore ( ) ;
2020-10-21 14:13:37 +00:00
2019-12-11 09:44:55 +00:00
private :
Q_DISABLE_COPY ( CertificateStore )
} ;
2024-04-03 21:41:48 +00:00
/**
* \ since 24.12
*/
enum SigningResult {
SigningSuccess ,
FieldAlreadySigned ,
GenericSigningError ,
} ;
2019-01-05 22:30:25 +00:00
}
# endif