Classes | |
| class | AbstractLogDevice |
| An abstract log device. More... | |
| class | Algorithm |
| General superclass for an algorithm. More... | |
| class | Base64 |
| Base64 encoding / decoding More... | |
| class | BasicContext |
| Base class to use for primitive provider contexts. More... | |
| class | BigInteger |
| Arbitrary precision integer. More... | |
| class | BufferedComputation |
| General superclass for buffered computation algorithms. More... | |
| class | CAContext |
| X.509 certificate authority provider. More... | |
| class | CertBase |
| X.509 certificate and certificate request provider base. More... | |
| class | CertCollectionContext |
| X.509 certificate collection provider. More... | |
| class | CertContext |
| X.509 certificate provider. More... | |
| class | CertContextProps |
| X.509 certificate or certificate request properties. More... | |
| class | Certificate |
| Public Key (X.509) certificate. More... | |
| class | CertificateAuthority |
| A Certificate Authority is used to generate Certificates and Certificate Revocation Lists (CRLs). More... | |
| class | CertificateChain |
| A chain of related Certificates. More... | |
| class | CertificateCollection |
| Bundle of Certificates and CRLs. More... | |
| class | CertificateInfoOrdered |
| Ordered certificate properties type. More... | |
| class | CertificateInfoPair |
| One entry in a certificate information list. More... | |
| class | CertificateInfoType |
| Certificate information type. More... | |
| class | CertificateOptions |
| Certificate options More... | |
| class | CertificateRequest |
| Certificate Request More... | |
| class | Cipher |
| General class for cipher (encryption / decryption) algorithms. More... | |
| class | CipherContext |
| Cipher provider. More... | |
| class | CMS |
| Cryptographic Message Syntax messaging system. More... | |
| class | Console |
| QCA Console system More... | |
| class | ConsolePrompt |
| Console prompt handler. More... | |
| class | ConsoleReference |
| Manager for a Console. More... | |
| class | ConstraintType |
| Certificate constraint. More... | |
| class | CRL |
| Certificate Revocation List More... | |
| class | CRLContext |
| X.509 certificate revocation list provider. More... | |
| class | CRLContextProps |
| X.509 certificate revocation list properties. More... | |
| class | CRLEntry |
| Part of a CRL representing a single certificate. More... | |
| class | CSRContext |
| X.509 certificate request provider. More... | |
| class | DHContext |
| Diffie-Hellman provider. More... | |
| class | DHPrivateKey |
| Diffie-Hellman Private Key. More... | |
| class | DHPublicKey |
| Diffie-Hellman Public Key. More... | |
| class | DirWatch |
| Support class to monitor a directory for activity. More... | |
| class | DLGroup |
| A discrete logarithm group. More... | |
| class | DLGroupContext |
| Discrete logarithm provider. More... | |
| class | DSAContext |
| DSA provider. More... | |
| class | DSAPrivateKey |
| Digital Signature Algorithm Private Key. More... | |
| class | DSAPublicKey |
| Digital Signature Algorithm Public Key. More... | |
| class | Event |
| An asynchronous event. More... | |
| class | EventHandler |
| Interface class for password / passphrase / PIN and token handlers. More... | |
| class | FileWatch |
| Support class to monitor a file for activity. More... | |
| class | Filter |
| General superclass for filtering transformation algorithms. More... | |
| class | Hash |
| General class for hashing algorithms. More... | |
| class | HashContext |
| Hash provider. More... | |
| class | Hex |
| Hexadecimal encoding / decoding. More... | |
| class | InfoContext |
| Extended provider information. More... | |
| class | InitializationVector |
| Container for initialisation vectors and nonces. More... | |
| class | Initializer |
| Convenience method for initialising and cleaning up QCA. More... | |
| class | KDFContext |
| Key derivation function provider. More... | |
| class | KeyBundle |
| Certificate chain and private key pair. More... | |
| class | KeyDerivationFunction |
| General superclass for key derivation algorithms. More... | |
| class | KeyGenerator |
| Class for generating asymmetric key pairs. More... | |
| class | KeyLength |
| Simple container for acceptable key lengths. More... | |
| class | KeyLoader |
| Asynchronous private key loader. More... | |
| class | KeyStore |
| General purpose key storage object. More... | |
| class | KeyStoreEntry |
| Single entry in a KeyStore. More... | |
| class | KeyStoreEntryContext |
| KeyStoreEntry provider. More... | |
| class | KeyStoreEntryWatcher |
| Class to monitor the availability of a KeyStoreEntry. More... | |
| class | KeyStoreInfo |
| Key store information, outside of a KeyStore object. More... | |
| class | KeyStoreListContext |
| KeyStore provider. More... | |
| class | KeyStoreManager |
| Access keystores, and monitor keystores for changes. More... | |
| class | Logger |
| A simple logging system. More... | |
| class | MACContext |
| Message authentication code provider. More... | |
| class | MemoryRegion |
| Array of bytes that may be optionally secured. More... | |
| class | MessageAuthenticationCode |
| General class for message authentication code (MAC) algorithms. More... | |
| class | MessageContext |
| SecureMessage provider. More... | |
| class | OpenPGP |
| Pretty Good Privacy messaging system. More... | |
| class | PasswordAsker |
| User password / passphrase / PIN handler. More... | |
| class | PBKDF1 |
| Password based key derivation function version 1. More... | |
| class | PBKDF2 |
| Password based key derivation function version 2. More... | |
| class | PGPKey |
| Pretty Good Privacy key. More... | |
| class | PGPKeyContext |
| OpenPGP key provider. More... | |
| class | PGPKeyContextProps |
| OpenPGP key properties. More... | |
| class | PKCS12Context |
| PKCS#12 provider. More... | |
| class | PKey |
| General superclass for public (PublicKey) and private (PrivateKey) keys used with asymmetric encryption techniques. More... | |
| class | PKeyBase |
| Public key implementation provider base. More... | |
| class | PKeyContext |
| Public key container provider. More... | |
| class | PrivateKey |
| Generic private key. More... | |
| class | Provider |
| Algorithm provider. More... | |
| class | PublicKey |
| Generic public key. More... | |
| class | QPipe |
| A FIFO buffer (named pipe) abstraction. More... | |
| class | QPipeDevice |
| Unbuffered direct pipe. More... | |
| class | QPipeEnd |
| A buffered higher-level pipe end. More... | |
| class | Random |
| Source of random numbers. More... | |
| class | RandomContext |
| Random provider. More... | |
| class | RSAContext |
| RSA provider. More... | |
| class | RSAPrivateKey |
| RSA Private Key. More... | |
| class | RSAPublicKey |
| RSA Public Key. More... | |
| class | SASL |
| Simple Authentication and Security Layer protocol implementation. More... | |
| class | SASLContext |
| SASL provider. More... | |
| class | SecureArray |
| Secure array of bytes. More... | |
| class | SecureLayer |
| Abstract interface to a security layer. More... | |
| class | SecureMessage |
| Class representing a secure message. More... | |
| class | SecureMessageKey |
| Key for SecureMessage system. More... | |
| class | SecureMessageSignature |
| SecureMessage signature. More... | |
| class | SecureMessageSystem |
| Abstract superclass for secure messaging systems. More... | |
| class | SMSContext |
| SecureMessageSystem provider. More... | |
| class | SymmetricKey |
| Container for keys for symmetric encryption algorithms. More... | |
| class | Synchronizer |
| Enable synchronization between two threads. More... | |
| class | SyncThread |
| Convenience class to run a thread and interact with it synchronously. More... | |
| class | TextFilter |
| Superclass for text based filtering algorithms. More... | |
| class | TLS |
| Transport Layer Security / Secure Socket Layer. More... | |
| class | TLSContext |
| TLS provider. More... | |
| class | TLSSession |
| Session token, used for TLS resuming. More... | |
| class | TLSSessionContext |
| TLS "session" provider. More... | |
| class | TokenAsker |
| User token handler. More... | |
Typedefs | |
| typedef QMultiMap < CertificateInfoType, QString > | CertificateInfo |
| typedef QList< ConstraintType > | Constraints |
| typedef QList< Provider * > | ProviderList |
| typedef QList< SecureMessageKey > | SecureMessageKeyList |
| typedef QList < SecureMessageSignature > | SecureMessageSignatureList |
Enumerations | |
| enum | CertificateInfoTypeKnown { CommonName, Email, EmailLegacy, Organization, OrganizationalUnit, Locality, IncorporationLocality, State, IncorporationState, Country, IncorporationCountry, URI, DNS, IPAddress, XMPP } |
| enum | CertificateRequestFormat { PKCS10, SPKAC } |
| enum | ConstraintTypeKnown { DigitalSignature, NonRepudiation, KeyEncipherment, DataEncipherment, KeyAgreement, KeyCertificateSign, CRLSign, EncipherOnly, DecipherOnly, ServerAuth, ClientAuth, CodeSigning, EmailProtection, IPSecEndSystem, IPSecTunnel, IPSecUser, TimeStamping, OCSPSigning } |
| enum | ConvertResult { ConvertGood, ErrorDecode, ErrorPassphrase, ErrorFile } |
| enum | Direction { Encode, Decode } |
| enum | DLGroupSet { DSA_512, DSA_768, DSA_1024, IETF_768, IETF_1024, IETF_1536, IETF_2048, IETF_3072, IETF_4096, IETF_6144, IETF_8192 } |
| enum | EncryptionAlgorithm { EME_PKCS1v15, EME_PKCS1_OAEP } |
| enum | MemoryMode { Practical, Locking, LockingKeepPrivileges } |
| enum | PBEAlgorithm { PBEDefault, PBES2_DES_SHA1, PBES2_TripleDES_SHA1, PBES2_AES128_SHA1, PBES2_AES192_SHA1, PBES2_AES256_SHA1 } |
| enum | SecurityLevel { SL_None, SL_Integrity, SL_Export, SL_Baseline, SL_High, SL_Highest } |
| enum | SignatureAlgorithm { SignatureUnknown, EMSA1_SHA1, EMSA3_SHA1, EMSA3_MD5, EMSA3_MD2, EMSA3_RIPEMD160, EMSA3_Raw } |
| enum | SignatureFormat { DefaultFormat, IEEE_1363, DERSequence } |
| enum | UsageMode { UsageAny = 0x00, UsageTLSServer = 0x01, UsageTLSClient = 0x02, UsageCodeSigning = 0x04, UsageEmailProtection = 0x08, UsageTimeStamping = 0x10, UsageCRLSigning = 0x20 } |
| enum | ValidateFlags { ValidateAll = 0x00, ValidateRevoked = 0x01, ValidateExpired = 0x02, ValidatePolicy = 0x04 } |
| enum | Validity { ValidityGood, ErrorRejected, ErrorUntrusted, ErrorSignatureFailed, ErrorInvalidCA, ErrorInvalidPurpose, ErrorSelfSigned, ErrorRevoked, ErrorPathLengthExceeded, ErrorExpired, ErrorExpiredCA, ErrorValidityUnknown = 64 } |
Functions | |
| QCA_EXPORT void | appendPluginDiagnosticText (const QString &text) |
| QCA_EXPORT QString | appName () |
| QCA_EXPORT QString | arrayToHex (const QByteArray &array) |
| QCA_EXPORT void | clearPluginDiagnosticText () |
| QCA_EXPORT QStringList | defaultFeatures () |
| QCA_EXPORT Provider * | defaultProvider () |
| QCA_EXPORT void | deinit () |
| QCA_EXPORT QByteArray | emsa3Encode (const QString &hashName, const QByteArray &digest, int size=-1) |
| QCA_EXPORT Provider * | findProvider (const QString &name) |
| QCA_EXPORT QVariant | getProperty (const QString &name) |
| QCA_EXPORT QVariantMap | getProviderConfig (const QString &name) |
| QCA_EXPORT QString | globalRandomProvider () |
| QCA_EXPORT bool | haveSecureMemory () |
| QCA_EXPORT bool | haveSecureRandom () |
| QCA_EXPORT bool | haveSystemStore () |
| QCA_EXPORT QByteArray | hexToArray (const QString &hexString) |
| QCA_EXPORT void | init (MemoryMode m, int prealloc) |
| QCA_EXPORT void | init () |
| QCA_EXPORT bool | insertProvider (Provider *p, int priority=0) |
| QCA_EXPORT bool | isSupported (const QStringList &features, const QString &provider=QString()) |
| QCA_EXPORT bool | isSupported (const char *features, const QString &provider=QString()) |
| QCA_EXPORT Logger * | logger () |
| QCA_EXPORT QStringList | makeFriendlyNames (const QList< Certificate > &list) |
| QCA_EXPORT const SecureArray | operator+ (const SecureArray &a, const SecureArray &b) |
| QCA_EXPORT CertificateInfoOrdered | orderedDNOnly (const CertificateInfoOrdered &in) |
| QCA_EXPORT QString | orderedToDNString (const CertificateInfoOrdered &in) |
| QCA_EXPORT QString | pluginDiagnosticText () |
| QCA_EXPORT int | providerPriority (const QString &name) |
| QCA_EXPORT ProviderList | providers () |
| QCA_EXPORT void | saveProviderConfig (const QString &name) |
| QCA_EXPORT void | scanForPlugins () |
| QCA_EXPORT void | setAppName (const QString &name) |
| QCA_EXPORT void | setGlobalRandomProvider (const QString &provider) |
| QCA_EXPORT void | setProperty (const QString &name, const QVariant &value) |
| QCA_EXPORT void | setProviderConfig (const QString &name, const QVariantMap &config) |
| QCA_EXPORT void | setProviderPriority (const QString &name, int priority) |
| QCA_EXPORT QStringList | supportedFeatures () |
| QCA_EXPORT CertificateCollection | systemStore () |
| QCA_EXPORT void | unloadAllPlugins () |
Certificate properties type.
With this container, the information is not necessarily stored in the same sequence as the certificate format itself. Use this container if the order the information is/was stored does not matter for you (this is the case with most applications).
Additionally, the EmailLegacy type should not be used with this container. Use Email instead.
| typedef QList<ConstraintType> QCA::Constraints |
Certificate constraints type
| typedef QList<Provider*> QCA::ProviderList |
Convenience representation for the plugin providers.
You can get a list of providers using the providers() function
A list of message keys.
A list of signatures.
Certificate Request Format.
Known types of information stored in certificates.
This enumerator offers a convenient way to work with common types.
| CommonName | The common name (eg person), id = "2.5.4.3". |
| Email address, id = "GeneralName.rfc822Name". | |
| EmailLegacy | PKCS#9 Email field, id = "1.2.840.113549.1.9.1". |
| Organization | An organisation (eg company), id = "2.5.4.10". |
| OrganizationalUnit | An part of an organisation (eg a division or branch), id = "2.5.4.11". |
| Locality | The locality (eg city, a shire, or part of a state), id = "2.5.4.7". |
| IncorporationLocality | The locality of incorporation (EV certificates), id = "1.3.6.1.4.1.311.60.2.1.1". |
| State | The state within the country, id = "2.5.4.8". |
| IncorporationState | The state of incorporation (EV certificates), id = "1.3.6.1.4.1.311.60.2.1.2". |
| Country | The country, id = "2.5.4.6". |
| IncorporationCountry | The country of incorporation (EV certificates), id = "1.3.6.1.4.1.311.60.2.1.3". |
| URI | Uniform Resource Identifier, id = "GeneralName.uniformResourceIdentifier". |
| DNS | DNS name, id = "GeneralName.dNSName". |
| IPAddress | IP address, id = "GeneralName.iPAddress". |
| XMPP | XMPP address (see http://www.ietf.org/rfc/rfc3920.txt), id = "1.3.6.1.5.5.7.8.5". |
Known types of certificate constraints.
This enumerator offers a convenient way to work with common types.
| enum QCA::UsageMode |
Specify the intended usage of a certificate.
| UsageAny | Any application, or unspecified. |
| UsageTLSServer | server side of a TLS or SSL connection |
| UsageTLSClient | client side of a TLS or SSL connection |
| UsageCodeSigning | code signing certificate |
| UsageEmailProtection | email (S/MIME) certificate |
| UsageTimeStamping | time stamping certificate |
| UsageCRLSigning | certificate revocation list signing certificate |
| enum QCA::Validity |
The validity (or otherwise) of a certificate.
| ValidityGood | The certificate is valid. |
| ErrorRejected | The root CA rejected the certificate purpose. |
| ErrorUntrusted | The certificate is not trusted. |
| ErrorSignatureFailed | The signature does not match. |
| ErrorInvalidCA | The Certificate Authority is invalid. |
| ErrorInvalidPurpose | The purpose does not match the intended usage. |
| ErrorSelfSigned | The certificate is self-signed, and is not found in the list of trusted certificates. |
| ErrorRevoked | The certificate has been revoked. |
| ErrorPathLengthExceeded | The path length from the root CA to this certificate is too long. |
| ErrorExpired | The certificate has expired, or is not yet valid (e.g. current time is earlier than notBefore time). |
| ErrorExpiredCA | The Certificate Authority has expired. |
| ErrorValidityUnknown | Validity is unknown. |
| enum QCA::ValidateFlags |
The conditions to validate for a certificate.
| enum QCA::MemoryMode |
Mode settings for memory allocation.
QCA can use secure memory, however most operating systems restrict the amount of memory that can be pinned by user applications, to prevent a denial-of-service attack.
QCA supports two approaches to getting memory - the mlock method, which generally requires root (administrator) level privileges, and the mmap method which is not as secure, but which should be able to be used by any process.
| enum QCA::Direction |
Direction settings for symmetric algorithms.
For some algorithms, it makes sense to have a "direction", such as Cipher algorithms which can be used to encrypt or decrypt.
Signature algorithm variants.
| enum QCA::SignatureFormat |
| enum QCA::PBEAlgorithm |
Password-based encryption.
| enum QCA::ConvertResult |
Return value from a format conversion.
Note that if you are checking for any result other than ConvertGood, then you may be introducing a provider specific dependency.
| enum QCA::DLGroupSet |
Well known discrete logarithm group sets.
These sets are derived from three main sources: Java Cryptographic Extensions, RFC2412 and RFC3526.
| enum QCA::SecurityLevel |
Specify the lower-bound for acceptable TLS/SASL security layers.
For TLS, the interpretation of these levels is:
| QCA_EXPORT QString QCA::orderedToDNString | ( | const CertificateInfoOrdered & | in | ) |
Convert to RFC 1779 string format.
| in | the certificate info to convert |
Referenced by QCA::CertificateInfoOrdered::toString().
| QCA_EXPORT CertificateInfoOrdered QCA::orderedDNOnly | ( | const CertificateInfoOrdered & | in | ) |
Return a new CertificateInfoOrdered that only contains the Distinguished Name (DN) types found in the input object.
| in | the certificate info to extract from |
Referenced by QCA::CertificateInfoOrdered::dnOnly().
| QCA_EXPORT QStringList QCA::makeFriendlyNames | ( | const QList< Certificate > & | list | ) |
Create a list of unique friendly names among a list of certificates.
| list | the list of certificates for which a friendly name is required. |
| QCA_EXPORT void QCA::init | ( | ) |
Initialise QCA.
This call is not normally required, because it is cleaner to use an Initializer.
| QCA_EXPORT void QCA::init | ( | MemoryMode | m, | |
| int | prealloc | |||
| ) |
This is an overloaded member function, provided for convenience. It differs from the above function only in what argument(s) it accepts.
| m | the MemoryMode to use | |
| prealloc | the amount of memory in kilobytes to allocate for secure storage |