Skip to content
Permalink
Browse files

[auth system] Python bindings for core and gui classes

  • Loading branch information
dakcarto committed Sep 21, 2015
1 parent 907b019 commit c894357a946bb4fd9d795632d7b63cd0566405c1
@@ -0,0 +1,147 @@
class QgsAuthCertUtils
{
%TypeHeaderCode
#include <qgsauthcertutils.h>
%End
public:
enum CaCertSource
{
SystemRoot = 0,
FromFile = 1,
InDatabase = 2,
Connection = 3
};

enum CertTrustPolicy
{
DefaultTrust = 0,
Trusted = 1,
Untrusted = 2,
NoPolicy = 3
};

enum CertUsageType
{
UndeterminedUsage = 0,
AnyOrUnspecifiedUsage,
CertAuthorityUsage,
CertIssuerUsage,
TlsServerUsage,
TlsServerEvUsage,
TlsClientUsage,
CodeSigningUsage,
EmailProtectionUsage,
TimeStampingUsage,
CRLSigningUsage
};

enum ConstraintGroup
{
KeyUsage = 0,
ExtendedKeyUsage = 1
};



static const QString getSslProtocolName( QSsl::SslProtocol protocol );


static const QMap< QString, QSslCertificate> mapDigestToCerts( QList<QSslCertificate> certs );


// static const QMap< QString, QList<QSslCertificate> > certsGroupedByOrg( QList<QSslCertificate> certs );


static const QMap< QString, QgsAuthConfigSslServer> mapDigestToSslConfigs( QList<QgsAuthConfigSslServer> configs );


// static const QMap< QString, QList<QgsAuthConfigSslServer> > sslConfigsGroupedByOrg( QList<QgsAuthConfigSslServer> configs );


static const QList<QSslCertificate> certsFromFile( const QString &certspath );


static const QSslCertificate certFromFile( const QString &certpath );


static const QSslKey keyFromFile( const QString &keypath,
const QString &keypass = QString(),
QString *algtype = 0 );


static const QList<QSslCertificate> certsFromString( const QString &pemtext );


static const QStringList certKeyBundleToPem( const QString &certpath,
const QString &keypath,
const QString &keypass = QString(),
bool reencrypt = true );


static const QStringList pkcs12BundleToPem( const QString &bundlepath,
const QString &bundlepass = QString(),
bool reencrypt = true );


static const QString getCaSourceName( QgsAuthCertUtils::CaCertSource source , bool single = false );


static const QString resolvedCertName( const QSslCertificate& cert, bool issuer = false );


// static const QString getCertDistinguishedName( const QSslCertificate& qcert,
// const QCA::Certificate& acert = QCA::Certificate(),
// bool issuer = false );


static const QString getCertTrustName( QgsAuthCertUtils::CertTrustPolicy trust );


static const QString getColonDelimited( const QString& txt );


static const QString shaHexForCert( const QSslCertificate &cert , bool formatted = false );


// static const QCA::Certificate qtCertToQcaCert( const QSslCertificate& cert );


// static const QCA::CertificateCollection qtCertsToQcaCollection( const QList<QSslCertificate>& certs );


// static const QCA::KeyBundle qcaKeyBundle( const QString &path, const QString &pass );


// static const QString qcaValidityMessage( QCA::Validity validity );


// static const QString qcaSignatureAlgorithm( QCA::SignatureAlgorithm algorithm );


// static const QString qcaKnownConstraint( QCA::ConstraintTypeKnown constraint );


static const QString certificateUsageTypeString( QgsAuthCertUtils::CertUsageType usagetype );


static QList<QgsAuthCertUtils::CertUsageType> certificateUsageTypes( const QSslCertificate& cert );


static bool certificateIsAuthority( const QSslCertificate& cert );


static bool certificateIsIssuer( const QSslCertificate& cert );


static bool certificateIsAuthorityOrIssuer( const QSslCertificate& cert );


static bool certificateIsSslServer( const QSslCertificate& cert );


static bool certificateIsSslClient( const QSslCertificate& cert );

static const QString sslErrorEnumString( QSslError::SslError errenum );

// static const QList<QPair<QSslError::SslError, QString> > sslErrorEnumStrings();
};
@@ -0,0 +1,208 @@
class QgsAuthMethodConfig
{
%TypeHeaderCode
#include <qgsauthconfig.h>
%End
public:

QgsAuthMethodConfig( QString method = QString(), int version = 0 );

QgsAuthMethodConfig( const QgsAuthMethodConfig& methodconfig );

~QgsAuthMethodConfig();

const QString id() const;
void setId( const QString& id );

const QString name() const;
void setName( const QString& name );

const QString uri() const;
void setUri( const QString& uri );

QString method() const;
void setMethod( QString method );

int version() const;
void setVersion( int version );

bool isValid( bool validateid = false ) const;

const QString configString() const;
void loadConfigString( const QString& configstr );

QgsStringMap configMap() const;
void setConfigMap( QgsStringMap map );

void setConfig( const QString &key, const QString &value );
void setConfigList( const QString &key, const QStringList &value );

int removeConfig( const QString &key );

QString config( const QString &key , const QString defaultvalue = QString() ) const;

QStringList configList( const QString &key ) const;

bool hasConfig( const QString &key ) const;

void clearConfigMap();

static bool uriToResource( const QString &accessurl, QString *resource, bool withpath = false );
};

typedef QHash<QString, QgsAuthMethodConfig> QgsAuthMethodConfigsMap;


class QgsPkiBundle
{
%TypeHeaderCode
#include <qgsauthconfig.h>
%End
public:
QgsPkiBundle( const QSslCertificate &clientCert = QSslCertificate(),
const QSslKey &clientKey = QSslKey(),
const QString &keyPassphrase = QString::null ,
const QList<QSslCertificate> &caChain = QList<QSslCertificate>() );
~QgsPkiBundle();

static const QgsPkiBundle fromPemPaths( const QString &certPath,
const QString &keyPath,
const QString &keyPass = QString::null,
const QList<QSslCertificate> &caChain = QList<QSslCertificate>() );

static const QgsPkiBundle fromPkcs12Paths( const QString &bundlepath,
const QString &bundlepass = QString::null );

bool isNull() const;
bool isValid() const;

const QString certId() const;

const QSslCertificate clientCert() const;
void setClientCert( const QSslCertificate &cert );

const QSslKey clientKey( bool reencrypt = true ) const;
void setClientKey( const QSslKey &certkey );

const QString keyPassphrase() const;
void setKeyPassphrase( const QString &pass );

const QList<QSslCertificate> caChain() const;
void setCaChain( const QList<QSslCertificate> &cachain );
};


class QgsPkiConfigBundle
{
%TypeHeaderCode
#include <qgsauthconfig.h>
%End

public:
QgsPkiConfigBundle( const QgsAuthMethodConfig& config,
const QSslCertificate& cert,
const QSslKey& certkey );
~QgsPkiConfigBundle();

bool isValid();

const QgsAuthMethodConfig config() const;
void setConfig( const QgsAuthMethodConfig& config );

const QSslCertificate clientCert() const;
void setClientCert( const QSslCertificate& cert );

const QSslKey clientCertKey() const;
void setClientCertKey( const QSslKey& certkey );
};


%MappedType QList<QSslError::SslError>
{
%TypeHeaderCode
#include <QList>
%End

%ConvertFromTypeCode
// Create the list.
PyObject *l;

if ((l = PyList_New(sipCpp->size())) == NULL)
return NULL;

// Set the list elements.
QList<QSslError::SslError>::iterator it = sipCpp->begin();
for (int i = 0; it != sipCpp->end(); ++it, ++i)
{
PyObject *tobj;

if ((tobj = sipConvertFromEnum(*it, sipType_QSslError_SslError)) == NULL)
{
Py_DECREF(l);
return NULL;
}
PyList_SET_ITEM(l, i, tobj);
}

return l;
%End

%ConvertToTypeCode
// Check the type if that is all that is required.
if (sipIsErr == NULL)
return PyList_Check(sipPy);

QList<QSslError::SslError> *qlist = new QList<QSslError::SslError>;

for (int i = 0; i < PyList_GET_SIZE(sipPy); ++i)
{
*qlist << (QSslError::SslError)SIPLong_AsLong(PyList_GET_ITEM(sipPy, i));
}

*sipCppPtr = qlist;
return sipGetState(sipTransferObj);
%End
};


class QgsAuthConfigSslServer
{
%TypeHeaderCode
#include <qgsauthconfig.h>
%End
public:
QgsAuthConfigSslServer();

~QgsAuthConfigSslServer();

const QSslCertificate sslCertificate() const;
void setSslCertificate( const QSslCertificate& cert );

const QString sslHostPort() const;
void setSslHostPort( const QString& hostport );

QSsl::SslProtocol sslProtocol() const;
void setSslProtocol( QSsl::SslProtocol protocol );

const QList<QSslError> sslIgnoredErrors() const;
const QList<QSslError::SslError> sslIgnoredErrorEnums() const;
void setSslIgnoredErrorEnums( const QList<QSslError::SslError>& errors );

QSslSocket::PeerVerifyMode sslPeerVerifyMode() const;
void setSslPeerVerifyMode( QSslSocket::PeerVerifyMode mode );

int sslPeerVerifyDepth() const;
void setSslPeerVerifyDepth( int depth );

int version() const;
void setVersion( int version );

int qtVersion() const;
void setQtVersion( int version );

const QString configString() const;
void loadConfigString( const QString& config = QString() );

bool isNull() const;
};

@@ -0,0 +1,23 @@
class QgsAuthCrypto
{
%TypeHeaderCode
#include <qgsauthcrypto.h>
%End

public:
static bool isDisabled();

static const QString encrypt( QString pass, QString cipheriv, QString text );

static const QString decrypt( QString pass, QString cipheriv, QString text );

static void passwordKeyHash( const QString &pass,
QString *salt,
QString *hash,
QString *cipheriv = 0 );

static bool verifyPasswordKeyHash( const QString& pass,
const QString& salt,
const QString& hash,
QString *hashderived = 0 );
};

0 comments on commit c894357

Please sign in to comment.
You can’t perform that action at this time.