2021-05-24 07:25:56 +00:00
|
|
|
/*
|
|
|
|
SPDX-FileCopyrightText: 2018 Chinmoy Ranjan Pradhan <chinmoyrp65@gmail.com>
|
|
|
|
|
|
|
|
SPDX-License-Identifier: GPL-2.0-or-later
|
|
|
|
*/
|
2019-01-05 22:30:25 +00:00
|
|
|
|
2019-07-14 07:12:06 +00:00
|
|
|
#ifndef OKULAR_SIGNATUREUTILS_H
|
|
|
|
#define OKULAR_SIGNATUREUTILS_H
|
2019-01-05 22:30:25 +00:00
|
|
|
|
|
|
|
#include "okularcore_export.h"
|
|
|
|
|
|
|
|
#include <QDateTime>
|
|
|
|
#include <QFlag>
|
|
|
|
#include <QList>
|
|
|
|
#include <QSharedPointer>
|
|
|
|
#include <QString>
|
|
|
|
|
|
|
|
namespace Okular
|
|
|
|
{
|
|
|
|
class SignatureInfoPrivate;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @short A helper class to store information about x509 certificate
|
|
|
|
*/
|
|
|
|
class OKULARCORE_EXPORT CertificateInfo
|
|
|
|
{
|
|
|
|
public:
|
|
|
|
/**
|
|
|
|
* The algorithm of public key.
|
|
|
|
*/
|
|
|
|
enum PublicKeyType { RsaKey, DsaKey, EcKey, OtherKey };
|
2020-07-10 22:15:05 +00:00
|
|
|
|
2019-01-05 22:30:25 +00:00
|
|
|
/**
|
|
|
|
* Certificate key usage extensions.
|
|
|
|
*/
|
|
|
|
enum KeyUsageExtension { KuDigitalSignature = 0x80, KuNonRepudiation = 0x40, KuKeyEncipherment = 0x20, KuDataEncipherment = 0x10, KuKeyAgreement = 0x08, KuKeyCertSign = 0x04, KuClrSign = 0x02, KuEncipherOnly = 0x01, KuNone = 0x00 };
|
|
|
|
Q_DECLARE_FLAGS(KeyUsageExtensions, KeyUsageExtension)
|
2020-07-10 22:15:05 +00:00
|
|
|
|
|
|
|
/**
|
2019-01-05 22:30:25 +00:00
|
|
|
* Predefined keys for elements in an entity's distinguished name.
|
2020-07-10 22:15:05 +00:00
|
|
|
*/
|
2019-01-05 22:30:25 +00:00
|
|
|
enum EntityInfoKey {
|
|
|
|
CommonName,
|
|
|
|
DistinguishedName,
|
|
|
|
EmailAddress,
|
|
|
|
Organization,
|
|
|
|
};
|
2020-07-10 22:15:05 +00:00
|
|
|
|
2019-01-05 22:30:25 +00:00
|
|
|
/**
|
|
|
|
* Destructor
|
2020-07-10 22:15:05 +00:00
|
|
|
*/
|
2019-01-05 22:30:25 +00:00
|
|
|
virtual ~CertificateInfo();
|
2020-07-10 22:15:05 +00:00
|
|
|
|
|
|
|
/**
|
2019-01-05 22:30:25 +00:00
|
|
|
* Returns true if certificate has no contents; otherwise returns false.
|
|
|
|
*/
|
|
|
|
virtual bool isNull() const;
|
2020-07-10 22:15:05 +00:00
|
|
|
|
2019-01-05 22:30:25 +00:00
|
|
|
/**
|
|
|
|
* The certificate version string.
|
|
|
|
*/
|
|
|
|
virtual int version() const;
|
2020-07-10 22:15:05 +00:00
|
|
|
|
2019-01-05 22:30:25 +00:00
|
|
|
/**
|
|
|
|
* The certificate serial number.
|
|
|
|
*/
|
|
|
|
virtual QByteArray serialNumber() const;
|
2020-07-10 22:15:05 +00:00
|
|
|
|
2019-01-05 22:30:25 +00:00
|
|
|
/**
|
|
|
|
* Information about the issuer.
|
|
|
|
*/
|
|
|
|
virtual QString issuerInfo(EntityInfoKey key) const;
|
2020-07-10 22:15:05 +00:00
|
|
|
|
2019-01-05 22:30:25 +00:00
|
|
|
/**
|
|
|
|
* Information about the subject
|
|
|
|
*/
|
|
|
|
virtual QString subjectInfo(EntityInfoKey key) const;
|
2020-07-10 22:15:05 +00:00
|
|
|
|
2020-01-18 14:54:47 +00:00
|
|
|
/**
|
|
|
|
* The certificate internal database nickname
|
|
|
|
*/
|
|
|
|
virtual QString nickName() const;
|
|
|
|
|
2019-01-05 22:30:25 +00:00
|
|
|
/**
|
|
|
|
* The date-time when certificate becomes valid.
|
|
|
|
*/
|
|
|
|
virtual QDateTime validityStart() const;
|
2020-07-10 22:15:05 +00:00
|
|
|
|
2019-01-05 22:30:25 +00:00
|
|
|
/**
|
|
|
|
* The date-time when certificate expires.
|
|
|
|
*/
|
|
|
|
virtual QDateTime validityEnd() const;
|
2020-07-10 22:15:05 +00:00
|
|
|
|
2019-01-05 22:30:25 +00:00
|
|
|
/**
|
|
|
|
* The uses allowed for the certificate.
|
|
|
|
*/
|
|
|
|
virtual KeyUsageExtensions keyUsageExtensions() const;
|
2020-07-10 22:15:05 +00:00
|
|
|
|
2019-01-05 22:30:25 +00:00
|
|
|
/**
|
|
|
|
* The public key value.
|
|
|
|
*/
|
|
|
|
virtual QByteArray publicKey() const;
|
2020-07-10 22:15:05 +00:00
|
|
|
|
2019-01-05 22:30:25 +00:00
|
|
|
/**
|
|
|
|
* The public key type.
|
|
|
|
*/
|
|
|
|
virtual PublicKeyType publicKeyType() const;
|
2020-07-10 22:15:05 +00:00
|
|
|
|
2019-01-05 22:30:25 +00:00
|
|
|
/**
|
|
|
|
* The strength of public key in bits.
|
|
|
|
*/
|
|
|
|
virtual int publicKeyStrength() const;
|
2020-07-10 22:15:05 +00:00
|
|
|
|
2019-01-05 22:30:25 +00:00
|
|
|
/**
|
|
|
|
* Returns true if certificate is self-signed otherwise returns false.
|
|
|
|
*/
|
|
|
|
virtual bool isSelfSigned() const;
|
2020-07-10 22:15:05 +00:00
|
|
|
|
2019-01-05 22:30:25 +00:00
|
|
|
/**
|
|
|
|
* The DER encoded certificate.
|
|
|
|
*/
|
|
|
|
virtual QByteArray certificateData() const;
|
2020-07-10 22:15:05 +00:00
|
|
|
|
2020-11-26 16:45:59 +00:00
|
|
|
/**
|
|
|
|
* Checks if the given password is the correct one for this certificate
|
|
|
|
*
|
|
|
|
* @since 21.04
|
|
|
|
*/
|
|
|
|
virtual bool checkPassword(const QString &password) const;
|
|
|
|
|
2019-01-05 22:30:25 +00:00
|
|
|
protected:
|
|
|
|
friend class SignatureInfo;
|
|
|
|
CertificateInfo();
|
2020-07-10 22:15:05 +00:00
|
|
|
|
2019-01-05 22:30:25 +00:00
|
|
|
private:
|
|
|
|
Q_DISABLE_COPY(CertificateInfo)
|
|
|
|
};
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @short A helper class to store information about digital signature
|
|
|
|
*/
|
|
|
|
class OKULARCORE_EXPORT SignatureInfo
|
|
|
|
{
|
|
|
|
public:
|
|
|
|
/**
|
2019-07-14 07:12:06 +00:00
|
|
|
* The verification result of the signature.
|
2019-01-05 22:30:25 +00:00
|
|
|
*/
|
|
|
|
enum SignatureStatus {
|
|
|
|
SignatureStatusUnknown, ///< The signature status is unknown for some reason.
|
|
|
|
SignatureValid, ///< The signature is cryptographically valid.
|
|
|
|
SignatureInvalid, ///< The signature is cryptographically invalid.
|
|
|
|
SignatureDigestMismatch, ///< The document content was changed after the signature was applied.
|
|
|
|
SignatureDecodingError, ///< The signature CMS/PKCS7 structure is malformed.
|
|
|
|
SignatureGenericError, ///< The signature could not be verified.
|
|
|
|
SignatureNotFound, ///< The requested signature is not present in the document.
|
|
|
|
SignatureNotVerified ///< The signature is not yet verified.
|
|
|
|
};
|
2020-07-10 22:15:05 +00:00
|
|
|
|
2019-01-05 22:30:25 +00:00
|
|
|
/**
|
|
|
|
* The verification result of the certificate.
|
|
|
|
*/
|
|
|
|
enum CertificateStatus {
|
|
|
|
CertificateStatusUnknown, ///< The certificate status is unknown for some reason.
|
|
|
|
CertificateTrusted, ///< The certificate is considered trusted.
|
|
|
|
CertificateUntrustedIssuer, ///< The issuer of this certificate has been marked as untrusted by the user.
|
|
|
|
CertificateUnknownIssuer, ///< The certificate trust chain has not finished in a trusted root certificate.
|
|
|
|
CertificateRevoked, ///< The certificate was revoked by the issuing certificate authority.
|
|
|
|
CertificateExpired, ///< The signing time is outside the validity bounds of this certificate.
|
|
|
|
CertificateGenericError, ///< The certificate could not be verified.
|
|
|
|
CertificateNotVerified ///< The certificate is not yet verified.
|
|
|
|
};
|
2020-07-10 22:15:05 +00:00
|
|
|
|
2019-01-05 22:30:25 +00:00
|
|
|
/**
|
|
|
|
* The hash algorithm of the signature
|
|
|
|
*/
|
|
|
|
enum HashAlgorithm { HashAlgorithmUnknown, HashAlgorithmMd2, HashAlgorithmMd5, HashAlgorithmSha1, HashAlgorithmSha256, HashAlgorithmSha384, HashAlgorithmSha512, HashAlgorithmSha224 };
|
2020-07-10 22:15:05 +00:00
|
|
|
|
2019-01-05 22:30:25 +00:00
|
|
|
/**
|
|
|
|
* Destructor.
|
|
|
|
*/
|
|
|
|
virtual ~SignatureInfo();
|
2020-07-10 22:15:05 +00:00
|
|
|
|
2019-01-05 22:30:25 +00:00
|
|
|
/**
|
|
|
|
* The signature status of the signature.
|
|
|
|
*/
|
|
|
|
virtual SignatureStatus signatureStatus() const;
|
2020-07-10 22:15:05 +00:00
|
|
|
|
2019-01-05 22:30:25 +00:00
|
|
|
/**
|
|
|
|
* The certificate status of the signature.
|
|
|
|
*/
|
|
|
|
virtual CertificateStatus certificateStatus() const;
|
2020-07-10 22:15:05 +00:00
|
|
|
|
2019-01-05 22:30:25 +00:00
|
|
|
/**
|
|
|
|
* The signer subject common name associated with the signature.
|
|
|
|
*/
|
|
|
|
virtual QString signerName() const;
|
2020-07-10 22:15:05 +00:00
|
|
|
|
2019-01-05 22:30:25 +00:00
|
|
|
/**
|
|
|
|
* The signer subject distinguished name associated with the signature.
|
|
|
|
*/
|
|
|
|
virtual QString signerSubjectDN() const;
|
2020-07-10 22:15:05 +00:00
|
|
|
|
2019-01-05 22:30:25 +00:00
|
|
|
/**
|
|
|
|
* Get signing location.
|
|
|
|
*/
|
|
|
|
virtual QString location() const;
|
2020-07-10 22:15:05 +00:00
|
|
|
|
2019-01-05 22:30:25 +00:00
|
|
|
/**
|
|
|
|
* Get signing reason.
|
|
|
|
*/
|
|
|
|
virtual QString reason() const;
|
2020-07-10 22:15:05 +00:00
|
|
|
|
2019-01-05 22:30:25 +00:00
|
|
|
/**
|
2019-10-14 09:13:33 +00:00
|
|
|
* The hash algorithm used for the signature.
|
2019-01-05 22:30:25 +00:00
|
|
|
*/
|
|
|
|
virtual HashAlgorithm hashAlgorithm() const;
|
2020-07-10 22:15:05 +00:00
|
|
|
|
2019-01-05 22:30:25 +00:00
|
|
|
/**
|
|
|
|
* The signing time associated with the signature.
|
|
|
|
*/
|
|
|
|
virtual QDateTime signingTime() const;
|
2020-07-10 22:15:05 +00:00
|
|
|
|
2019-01-05 22:30:25 +00:00
|
|
|
/**
|
|
|
|
* Get the signature binary data.
|
|
|
|
*/
|
|
|
|
virtual QByteArray signature() const;
|
2020-07-10 22:15:05 +00:00
|
|
|
|
2019-01-05 22:30:25 +00:00
|
|
|
/**
|
|
|
|
* Get the bounds of the ranges of the document which are signed.
|
|
|
|
*/
|
|
|
|
virtual QList<qint64> signedRangeBounds() const;
|
2020-07-10 22:15:05 +00:00
|
|
|
|
2019-01-05 22:30:25 +00:00
|
|
|
/**
|
|
|
|
* Checks whether the signature authenticates the total document
|
|
|
|
* except for the signature itself.
|
|
|
|
*/
|
|
|
|
virtual bool signsTotalDocument() const;
|
2020-07-10 22:15:05 +00:00
|
|
|
|
2019-01-05 22:30:25 +00:00
|
|
|
/**
|
|
|
|
* Get certificate details.
|
|
|
|
*/
|
|
|
|
virtual const CertificateInfo &certificateInfo() const;
|
2020-07-10 22:15:05 +00:00
|
|
|
|
2019-01-05 22:30:25 +00:00
|
|
|
protected:
|
|
|
|
SignatureInfo();
|
2020-07-10 22:15:05 +00:00
|
|
|
|
2019-01-05 22:30:25 +00:00
|
|
|
private:
|
|
|
|
Q_DISABLE_COPY(SignatureInfo)
|
|
|
|
};
|
|
|
|
|
2019-12-11 09:44:55 +00:00
|
|
|
/**
|
|
|
|
* @short A helper class to store information about x509 certificate
|
|
|
|
*/
|
|
|
|
class OKULARCORE_EXPORT CertificateStore
|
|
|
|
{
|
|
|
|
public:
|
|
|
|
/**
|
|
|
|
* Destructor
|
|
|
|
*/
|
|
|
|
virtual ~CertificateStore();
|
2020-10-21 14:13:37 +00:00
|
|
|
|
2019-12-11 09:44:55 +00:00
|
|
|
/**
|
2020-11-26 20:51:46 +00:00
|
|
|
* Returns list of valid, usable signing certificates.
|
|
|
|
*
|
|
|
|
* This can ask the user for a password, userCancelled will be true if the user decided not to enter it.
|
2019-12-11 09:44:55 +00:00
|
|
|
*/
|
2020-11-26 20:51:46 +00:00
|
|
|
virtual QList<CertificateInfo *> signingCertificates(bool *userCancelled) const;
|
2020-10-21 14:13:37 +00:00
|
|
|
|
2021-12-07 09:52:09 +00:00
|
|
|
/**
|
|
|
|
* Returns list of valid, usable signing certificates for current date and time.
|
|
|
|
*
|
|
|
|
* This can ask the user for a password, userCancelled will be true if the user decided not to enter it.
|
|
|
|
*
|
|
|
|
* nonDateValidCerts is true if the user has signing certificates but their validity start date is in the future or past their validity end date.
|
|
|
|
*/
|
|
|
|
QList<CertificateInfo *> signingCertificatesForNow(bool *userCancelled, bool *nonDateValidCerts) const;
|
|
|
|
|
2019-12-11 09:44:55 +00:00
|
|
|
protected:
|
|
|
|
CertificateStore();
|
2020-10-21 14:13:37 +00:00
|
|
|
|
2019-12-11 09:44:55 +00:00
|
|
|
private:
|
|
|
|
Q_DISABLE_COPY(CertificateStore)
|
|
|
|
};
|
|
|
|
|
2019-01-05 22:30:25 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
#endif
|