QOpcUaX509CertificateSigningRequest create a certificate signing request. 更多...
头: | #include <QOpcUaX509CertificateSigningRequest> |
qmake: | QT += opcua |
Since: | Qt 5.14 |
enum class | 编码 { PEM, DER } |
enum class | MessageDigest { SHA256 } |
QOpcUaX509CertificateSigningRequest () | |
~QOpcUaX509CertificateSigningRequest () | |
void | addExtension (QOpcUaX509Extension * extension ) |
QByteArray | createRequest (const QOpcUaKeyPair & privateKey ) |
QByteArray | createSelfSignedCertificate (const QOpcUaKeyPair & privateKey , int validityInDays = 365) |
QOpcUaX509CertificateSigningRequest::Encoding | encoding () const |
QOpcUaX509CertificateSigningRequest::MessageDigest | messageDigest () const |
void | setEncoding (QOpcUaX509CertificateSigningRequest::Encoding encoding ) |
void | setMessageDigest (QOpcUaX509CertificateSigningRequest::MessageDigest digest ) |
void | setSubject (const QOpcUaX509DistinguishedName & subject ) |
const QOpcUaX509DistinguishedName & | subject () const |
This class is currently available as a Technology Preview, and therefore the API and functionality provided by the class may be subject to change at any time without prior notice.
Before actually creating the singing request data, any extension needed for that specific request has to be added. Current supported extensions are SubjectAlternativeName, BasicConstrains, KeyUsage and ExtendedKeyUsage.
// Generate key QOpcUaKeyPair key; key.generateRsaKey(QOpcUaKeyPair::RsaKeyStrength::Bits1024); QOpcUaX509CertificateSigningRequest csr; QOpcUaX509DistinguishedName dn; dn.setEntry(QOpcUaX509DistinguishedName::Type::CommonName, "QtOpcUaViewer"); dn.setEntry(QOpcUaX509DistinguishedName::Type::CountryName, "DE"); dn.setEntry(QOpcUaX509DistinguishedName::Type::LocalityName, "Berlin"); dn.setEntry(QOpcUaX509DistinguishedName::Type::StateOrProvinceName, "Berlin"); dn.setEntry(QOpcUaX509DistinguishedName::Type::OrganizationName, "The Qt Company"); csr.setSubject(dn); QOpcUaX509ExtensionSubjectAlternativeName *san = new QOpcUaX509ExtensionSubjectAlternativeName; san->addData(QOpcUaX509ExtensionSubjectAlternativeName::Type::DNS, "foo.com"); san->addData(QOpcUaX509ExtensionSubjectAlternativeName::Type::DNS, "foo.com"); san->addData(QOpcUaX509ExtensionSubjectAlternativeName::Type::URI, "urn:foo.com:The%20Qt%20Company:QtOpcUaViewer"); san->setCritical(true); csr.addExtension(san); QOpcUaX509ExtensionBasicConstraints *bc = new QOpcUaX509ExtensionBasicConstraints; bc->setCa(false); bc->setCritical(true); csr.addExtension(bc); QOpcUaX509ExtensionKeyUsage *ku = new QOpcUaX509ExtensionKeyUsage; ku->setCritical(true); ku->setKeyUsage(QOpcUaX509ExtensionKeyUsage::KeyUsage::DigitalSignature); ku->setKeyUsage(QOpcUaX509ExtensionKeyUsage::KeyUsage::NonRepudiation); ku->setKeyUsage(QOpcUaX509ExtensionKeyUsage::KeyUsage::KeyEncipherment); ku->setKeyUsage(QOpcUaX509ExtensionKeyUsage::KeyUsage::DataEncipherment); ku->setKeyUsage(QOpcUaX509ExtensionKeyUsage::KeyUsage::CertificateSigning); csr.addExtension(ku); QOpcUaX509ExtensionExtendedKeyUsage *eku = new QOpcUaX509ExtensionExtendedKeyUsage; eku->setCritical(true); eku->setKeyUsage(QOpcUaX509ExtensionExtendedKeyUsage::KeyUsage::EmailProtection); csr.addExtension(eku); QByteArray csrData = csr.createRequest(key);
另请参阅 QOpcUaX509ExtensionSubjectAlternativeName , QOpcUaX509ExtensionBasicConstraints , QOpcUaX509ExtensionKeyUsage ,和 QOpcUaX509ExtensionKeyUsage .
This enum type specifies the encoding of the generated certificate siging request.
常量 | 值 | 描述 |
---|---|---|
QOpcUaX509CertificateSigningRequest::Encoding::PEM
|
0
|
Using PEM encoding |
QOpcUaX509CertificateSigningRequest::Encoding::DER
|
1
|
Using DER encoding |
This enum type specifies the message digest to be used.
常量 | 值 | 描述 |
---|---|---|
QOpcUaX509CertificateSigningRequest::MessageDigest::SHA256
|
0
|
Using the SHA256 message digest |
Creates an empty certificate signing request.
Destroys the request and frees all extensions.
Adds a certificate extension to the request.
The ownership of the extension object will be transferred to this class.
另请参阅 QOpcUaX509ExtensionSubjectAlternativeName , QOpcUaX509ExtensionBasicConstraints , QOpcUaX509ExtensionKeyUsage ,和 QOpcUaX509ExtensionKeyUsage .
Creates a certificate signing request to be the to a CA for signing. The private key in privateKey is used to sign the request. The request data is returned as a byte array in the encoding set by setEncoding ().
Creates a self-signed certificate from this request for immediate use. The private key in privateKey is used to sign the request. A validity in days can be specified in validityInDays . The request data is returned as a byte array in the encoding set by setEncoding ().
Returns the used request encoding.
另请参阅 setEncoding ().
Returns the used message digest.
另请参阅 setMessageDigest ().
Sets the used request encoding to encoding . The default request encoding is PEM.
另请参阅 encoding ().
Sets the used message digest to digest . The default message digest is SHA256.
另请参阅 messageDigest ().
设置 subject for this request. Without a subject it is not possible to generate the request.
另请参阅 subject ().
Returns the subject of this request.
另请参阅 setSubject ().