Detailed Description
The QSslCertificateExtension class provides an API for accessing the extensions of an X509 certificate.
QSslCertificateExtension provides access to an extension stored in an X509 certificate. The information available depends on the type of extension being accessed.
All X509 certificate extensions have the following properties:
Property | Description |
name | The human readable name of the extension, eg. 'basicConstraints'. |
criticality | This is a boolean value indicating if the extension is critical to correctly interpreting the certificate. |
oid | The ASN.1 object identifier that specifies which extension this is. |
supported | If this is true the structure of the extension's value will not change between Qt versions. |
value | A QVariant with a structure dependent on the type of extension. |
Whilst this class provides access to any type of extension, only some are guaranteed to be returned in a format that will remain unchanged between releases. The isSupported() method returns true for extensions where this is the case.
The extensions currently supported, and the structure of the value returned are as follows:
Name | OID | Details |
basicConstraints | 2.5.29.19 | Returned as a QVariantMap. The key 'ca' contains a boolean value, the optional key 'pathLenConstraint' contains an integer. |
authorityInfoAccess | 1.3.6.1.5.5.7.1.1 | Returned as a QVariantMap. There is a key for each access method, with the value being a URI. |
subjectKeyIdentifier | 2.5.29.14 | Returned as a QVariant containing a QString. The string is the key identifier. |
authorityKeyIdentifier | 2.5.29.35 | Returned as a QVariantMap. The optional key 'keyid' contains the key identifier as a hex string stored in a QByteArray. The optional key 'serial' contains the authority key serial number as a qlonglong. Currently there is no support for the general names field of this extension. |
In addition to the supported extensions above, many other common extensions will be returned in a reasonably structured way. Extensions that the SSL backend has no support for at all will be returned as a QByteArray.
Further information about the types of extensions certificates can contain can be found in RFC 5280.
Member Function Documentation
QSslCertificateExtension::QSslCertificateExtension()
Constructs a QSslCertificateExtension.
QSslCertificateExtension::QSslCertificateExtension(const QSslCertificateExtension & other)
Constructs a copy of other.
QSslCertificateExtension::~QSslCertificateExtension()
Destroys the extension.
bool QSslCertificateExtension::isCritical() const
Returns the criticality of the extension.
bool QSslCertificateExtension::isSupported() const
Returns the true if this extension is supported. In this case, supported simply means that the structure of the QVariant returned by the value() accessor will remain unchanged between versions. Unsupported extensions can be freely used, however there is no guarantee that the returned data will have the same structure between versions.
QString QSslCertificateExtension::name() const
Returns the name of the extension. If no name is known for the extension then the OID will be returned.
QString QSslCertificateExtension::oid() const
Returns the ASN.1 OID of this extension.
QVariant QSslCertificateExtension::value() const
Returns the value of the extension. The structure of the value returned depends on the extension type.
QSslCertificateExtension & QSslCertificateExtension::operator=(const QSslCertificateExtension & other)
Assigns other to this extension and returns a reference to this extension.