|
|
|
/* This file is part of the KDE project
|
|
|
|
*
|
|
|
|
* Copyright (C) 2001-2003 George Staikos <staikos@kde.org>
|
|
|
|
*
|
|
|
|
* This library is free software; you can redistribute it and/or
|
|
|
|
* modify it under the terms of the GNU Library General Public
|
|
|
|
* License as published by the Free Software Foundation; either
|
|
|
|
* version 2 of the License, or (at your option) any later version.
|
|
|
|
*
|
|
|
|
* This library is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
|
|
* Library General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU Library General Public License
|
|
|
|
* along with this library; see the file COPYING.LIB. If not, write to
|
|
|
|
* the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
|
|
|
|
* Boston, MA 02110-1301, USA.
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
|
|
#ifndef _INCLUDE_KSSLSIGNERS_H
|
|
|
|
#define _INCLUDE_KSSLSIGNERS_H
|
|
|
|
|
|
|
|
class KSSLCertificate;
|
|
|
|
class DCOPClient;
|
|
|
|
|
|
|
|
#include <tqstringlist.h>
|
|
|
|
|
|
|
|
#include <kdelibs_export.h>
|
|
|
|
|
|
|
|
// ### KDE4 - Fix constness
|
|
|
|
/**
|
|
|
|
* KDE SSL Signer Database
|
|
|
|
*
|
|
|
|
* This class is used to manipulate the KDE SSL signer database. It
|
|
|
|
* communicates to the KDE SSL daemon via dcop for backend integration.
|
|
|
|
*
|
|
|
|
* @author George Staikos <staikos@kde.org>
|
|
|
|
* @see KSSL, KSSLCertificate
|
|
|
|
* @short KDE SSL Signer Database
|
|
|
|
*/
|
|
|
|
class KIO_EXPORT KSSLSigners {
|
|
|
|
public:
|
|
|
|
/**
|
|
|
|
* Construct a KSSLSigner object.
|
|
|
|
*/
|
|
|
|
KSSLSigners();
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Destroy this KSSLSigner object.
|
|
|
|
*/
|
|
|
|
~KSSLSigners();
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Add a signer to the database.
|
|
|
|
*
|
|
|
|
* @param cert the signer's certificate
|
|
|
|
* @param ssl allow it to sign for SSL
|
|
|
|
* @param email allow it to sign for S/MIME
|
|
|
|
* @param code allow it to sign for code signing
|
|
|
|
* @return true on success
|
|
|
|
*/
|
|
|
|
bool addCA(KSSLCertificate& cert, bool ssl, bool email, bool code);
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Add a signer to the database.
|
|
|
|
*
|
|
|
|
* @param cert the signer's certificate in base64 form
|
|
|
|
* @param ssl allow it to sign for SSL
|
|
|
|
* @param email allow it to sign for S/MIME
|
|
|
|
* @param code allow it to sign for code signing
|
|
|
|
* @return true on success
|
|
|
|
*/
|
|
|
|
bool addCA(TQString cert, bool ssl, bool email, bool code);
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Regenerate the signer-root file from the user's settings.
|
|
|
|
* @return true on success
|
|
|
|
*/
|
|
|
|
bool regenerate();
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Determine if a certificate can be used for SSL certificate signing
|
|
|
|
* @param cert the certificate
|
|
|
|
* @return true if it can be used for SSL
|
|
|
|
*/
|
|
|
|
bool useForSSL(KSSLCertificate& cert);
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Determine if a certificate can be used for SSL certificate signing
|
|
|
|
* @param subject the certificate subject
|
|
|
|
* @return true if it can be used for SSL
|
|
|
|
*/
|
|
|
|
bool useForSSL(TQString subject);
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Determine if a certificate can be used for S/MIME certificate signing
|
|
|
|
* @param cert the certificate
|
|
|
|
* @return true if it can be used for S/MIME
|
|
|
|
*/
|
|
|
|
bool useForEmail(KSSLCertificate& cert);
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Determine if a certificate can be used for S/MIME certificate signing
|
|
|
|
* @param subject the certificate subject
|
|
|
|
* @return true if it can be used for S/MIME
|
|
|
|
*/
|
|
|
|
bool useForEmail(TQString subject);
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Determine if a certificate can be used for code certificate signing
|
|
|
|
* @param cert the certificate
|
|
|
|
* @return true if it can be used for code
|
|
|
|
*/
|
|
|
|
bool useForCode(KSSLCertificate& cert);
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Determine if a certificate can be used for code certificate signing
|
|
|
|
* @param subject the certificate subject
|
|
|
|
* @return true if it can be used for code
|
|
|
|
*/
|
|
|
|
bool useForCode(TQString subject);
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Remove a certificate signer from the database
|
|
|
|
* @param cert the certificate to remove
|
|
|
|
* @return true on success
|
|
|
|
*/
|
|
|
|
bool remove(KSSLCertificate& cert);
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Remove a certificate signer from the database
|
|
|
|
* @param subject the subject of the certificate to remove
|
|
|
|
* @return true on success
|
|
|
|
*/
|
|
|
|
bool remove(TQString subject);
|
|
|
|
|
|
|
|
/**
|
|
|
|
* List the signers in the database.
|
|
|
|
* @return the list of subjects in the database
|
|
|
|
* @see getCert
|
|
|
|
*/
|
|
|
|
TQStringList list();
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Get a signer certificate from the database.
|
|
|
|
*
|
|
|
|
* @param subject the subject of the certificate desired
|
|
|
|
* @return the base64 encoded certificate
|
|
|
|
*/
|
|
|
|
TQString getCert(TQString subject);
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Set the use of a particular entry in the certificate signer database.
|
|
|
|
* @param subject the subject of the certificate in question
|
|
|
|
* @param ssl allow this for SSL certificate signing
|
|
|
|
* @param email allow this for S/MIME certificate signing
|
|
|
|
* @param code allow this for code certificate signing
|
|
|
|
* @return true on success
|
|
|
|
*/
|
|
|
|
bool setUse(TQString subject, bool ssl, bool email, bool code);
|
|
|
|
|
|
|
|
private:
|
|
|
|
class KSSLSignersPrivate;
|
|
|
|
KSSLSignersPrivate *d;
|
|
|
|
|
|
|
|
DCOPClient *dcc;
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
#endif
|