IdentifiantMot de passe
Mot de passe oublié ?Je m'inscris ! (gratuit)

QOpcUaX509CertificateSigningRequest Class

QOpcUaX509CertificateSigningRequest create a certificate signing request.

This class was introduced in Qt 5.14.

Article lu   fois.

L'auteur

L'article

Publié le - Mis à jour le 27 décembre 2024 

Liens sociaux

Viadeo Twitter Facebook Share on Google+   

QOpcUaX509CertificateSigningRequest Class

  • Header: QOpcUaX509CertificateSigningRequest

  • Since: Qt 5.14

  • qmake: QT += opcua

Detailed Description

This class is currently available as a Technology Preview, and therefore the API and functionality provided by the class may be subject to change at any time without prior notice.

Before actually creating the singing request data, any extension needed for that specific request has to be added. Current supported extensions are SubjectAlternativeName, BasicConstrains, KeyUsage and ExtendedKeyUsage.

 
Sélectionnez
// Generate key
QOpcUaKeyPair key;
key.generateRsaKey(QOpcUaKeyPair::RsaKeyStrength::Bits1024);

QOpcUaX509CertificateSigningRequest csr;

QOpcUaX509DistinguishedName dn;
dn.setEntry(QOpcUaX509DistinguishedName::Type::CommonName, "QtOpcUaViewer");
dn.setEntry(QOpcUaX509DistinguishedName::Type::CountryName, "DE");
dn.setEntry(QOpcUaX509DistinguishedName::Type::LocalityName, "Berlin");
dn.setEntry(QOpcUaX509DistinguishedName::Type::StateOrProvinceName, "Berlin");
dn.setEntry(QOpcUaX509DistinguishedName::Type::OrganizationName, "The Qt Company");
csr.setSubject(dn);

QOpcUaX509ExtensionSubjectAlternativeName *san = new QOpcUaX509ExtensionSubjectAlternativeName;
san->addData(QOpcUaX509ExtensionSubjectAlternativeName::Type::DNS, "foo.com");
san->addData(QOpcUaX509ExtensionSubjectAlternativeName::Type::DNS, "foo.com");
san->addData(QOpcUaX509ExtensionSubjectAlternativeName::Type::URI, "urn:foo.com:The%20Qt%20Company:QtOpcUaViewer");
san->setCritical(true);
csr.addExtension(san);

QOpcUaX509ExtensionBasicConstraints *bc = new QOpcUaX509ExtensionBasicConstraints;
bc->setCa(false);
bc->setCritical(true);
csr.addExtension(bc);

QOpcUaX509ExtensionKeyUsage *ku = new QOpcUaX509ExtensionKeyUsage;
ku->setCritical(true);
ku->setKeyUsage(QOpcUaX509ExtensionKeyUsage::KeyUsage::DigitalSignature);
ku->setKeyUsage(QOpcUaX509ExtensionKeyUsage::KeyUsage::NonRepudiation);
ku->setKeyUsage(QOpcUaX509ExtensionKeyUsage::KeyUsage::KeyEncipherment);
ku->setKeyUsage(QOpcUaX509ExtensionKeyUsage::KeyUsage::DataEncipherment);
ku->setKeyUsage(QOpcUaX509ExtensionKeyUsage::KeyUsage::CertificateSigning);
csr.addExtension(ku);

QOpcUaX509ExtensionExtendedKeyUsage *eku = new QOpcUaX509ExtensionExtendedKeyUsage;
eku->setCritical(true);
eku->setKeyUsage(QOpcUaX509ExtensionExtendedKeyUsage::KeyUsage::EmailProtection);
csr.addExtension(eku);

QByteArray csrData = csr.createRequest(key);

See Also

See also QOpcUaX509ExtensionSubjectAlternativeName, QOpcUaX509ExtensionBasicConstraints, QOpcUaX509ExtensionKeyUsage, QOpcUaX509ExtensionKeyUsage

Member Type Documentation

 

enum QOpcUaX509CertificateSigningRequest::Encoding

This enum type specifies the encoding of the generated certificate siging request.

Constant

Value

Description

QOpcUaX509CertificateSigningRequest::Encoding::PEM

0

Using PEM encoding

QOpcUaX509CertificateSigningRequest::Encoding::DER

1

Using DER encoding

enum QOpcUaX509CertificateSigningRequest::MessageDigest

This enum type specifies the message digest to be used.

Constant

Value

Description

QOpcUaX509CertificateSigningRequest::MessageDigest::SHA256

0

Using the SHA256 message digest

Member Function Documentation

 

QOpcUaX509CertificateSigningRequest::QOpcUaX509CertificateSigningRequest()

Creates an empty certificate signing request.

QOpcUaX509CertificateSigningRequest::~QOpcUaX509CertificateSigningRequest()

Destroys the request and frees all extensions.

void QOpcUaX509CertificateSigningRequest::addExtension(QOpcUaX509Extension *extension)

Adds a certificate extension to the request.

The ownership of the extension object will be transferred to this class.

See Also

See also QOpcUaX509ExtensionSubjectAlternativeName, QOpcUaX509ExtensionBasicConstraints, QOpcUaX509ExtensionKeyUsage, QOpcUaX509ExtensionKeyUsage

QOpcUaX509CertificateSigningRequest::Encoding QOpcUaX509CertificateSigningRequest::encoding() const

Returns the used request encoding.

See Also

See also setEncoding()

QOpcUaX509CertificateSigningRequest::MessageDigest QOpcUaX509CertificateSigningRequest::messageDigest() const

Returns the used message digest.

See Also

See also setMessageDigest()

void QOpcUaX509CertificateSigningRequest::setEncoding(QOpcUaX509CertificateSigningRequest::Encoding encoding)

Sets the used request encoding to encoding. The default request encoding is PEM.

See Also

See also encoding()

void QOpcUaX509CertificateSigningRequest::setMessageDigest(QOpcUaX509CertificateSigningRequest::MessageDigest digest)

Sets the used message digest to digest. The default message digest is SHA256.

See Also

See also messageDigest()

void QOpcUaX509CertificateSigningRequest::setSubject(const QOpcUaX509DistinguishedName &subject)

Sets the subject for this request. Without a subject it is not possible to generate the request.

See Also

See also subject()

const QOpcUaX509DistinguishedName &QOpcUaX509CertificateSigningRequest::subject() const

Returns the subject of this request.

See Also

See also setSubject()

Vous avez aimé ce tutoriel ? Alors partagez-le en cliquant sur les boutons suivants : Viadeo Twitter Facebook Share on Google+