Import qt-certificate-addon

2025-08-11 00:24:12 +02:00 · 2014-06-27 02:17:10 +01:00
parent 2c9fefebeb
commit 12bd51c3ef
48 changed files with 3515 additions and 0 deletions
--- a/thirdparty/qt-certificate-addon/examples/create_certificate_chain/main.cpp
+++ b/thirdparty/qt-certificate-addon/examples/create_certificate_chain/main.cpp
@@ -0,0 +1,141 @@
+#include <QByteArray>
+#include <QFile>
+#include <QDateTime>
+#include <QDebug>
+#include <QSslKey>
+#include <QSslCertificate>
+
+#include "keybuilder.h"
+#include "certificaterequestbuilder.h"
+#include "certificaterequest.h"
+#include "certificatebuilder.h"
+#include "randomgenerator.h"
+#include "certificate.h"
+
+QT_USE_NAMESPACE_CERTIFICATE
+
+void save_key(const QString &filename, const QSslKey &key)
+{
+    QFile k(filename);
+    k.open(QIODevice::WriteOnly);
+    k.write(key.toPem());
+    k.close();
+}
+
+void save_request(const QString &filename, CertificateRequest &req)
+{
+    QFile k(filename);
+    k.open(QIODevice::WriteOnly);
+    k.write(req.toPem());
+    k.close();
+}
+
+void save_certificate(const QString &filename, const QSslCertificate &crt)
+{
+    QFile k(filename);
+    k.open(QIODevice::WriteOnly);
+    k.write(crt.toPem());
+    k.close();
+}
+
+int main(int argc, char **argv)
+{
+    //
+    // Create the CA key
+    //
+    QSslKey cakey = KeyBuilder::generate(QSsl::Rsa, KeyBuilder::StrengthNormal);
+    save_key("ca.key", cakey);
+
+    CertificateRequestBuilder careqbuilder;
+    careqbuilder.setVersion(1);
+    careqbuilder.setKey(cakey);
+    careqbuilder.addNameEntry(Certificate::EntryCountryName, "GB");
+    careqbuilder.addNameEntry(Certificate::EntryOrganizationName, "Westpoint CA Key");
+    careqbuilder.addNameEntry(Certificate::EntryOrganizationName, "Westpoint");
+
+    // Sign the request
+    CertificateRequest careq = careqbuilder.signedRequest(cakey);
+    save_request("ca.req", careq);
+
+    //
+    // Now make a certificate
+    //
+    CertificateBuilder cabuilder;
+    cabuilder.setRequest(careq);
+
+    cabuilder.setVersion(3);
+    cabuilder.setSerial(RandomGenerator::getPositiveBytes(16));
+    cabuilder.setActivationTime(QDateTime::currentDateTimeUtc());
+    cabuilder.setExpirationTime(QDateTime::currentDateTimeUtc().addYears(10));
+    cabuilder.setBasicConstraints(true);
+    cabuilder.setKeyUsage(CertificateBuilder::UsageCrlSign|CertificateBuilder::UsageKeyCertSign);
+    cabuilder.addSubjectKeyIdentifier();
+
+    QSslCertificate cacert = cabuilder.signedCertificate(cakey);
+    save_certificate("ca.crt", cacert);
+
+    //
+    // Now make an intermediate
+    //
+    QSslKey interkey = KeyBuilder::generate(QSsl::Rsa, KeyBuilder::StrengthNormal);
+    save_key("inter.key", interkey);
+
+    CertificateRequestBuilder interreqbuilder;
+    interreqbuilder.setVersion(1);
+    interreqbuilder.setKey(interkey);
+    interreqbuilder.addNameEntry(Certificate::EntryCountryName, "GB");
+    interreqbuilder.addNameEntry(Certificate::EntryOrganizationName, "Westpoint Intermediate Key");
+
+    CertificateRequest interreq = interreqbuilder.signedRequest(interkey);
+    save_request("inter.req", interreq);
+
+    CertificateBuilder interbuilder;
+    interbuilder.setRequest(interreq);
+
+    interbuilder.setVersion(3);
+    interbuilder.setSerial(RandomGenerator::getPositiveBytes(16));
+    interbuilder.setActivationTime(QDateTime::currentDateTimeUtc());
+    interbuilder.setExpirationTime(QDateTime::currentDateTimeUtc().addYears(10));
+    interbuilder.copyRequestExtensions(interreq);
+    interbuilder.setBasicConstraints(true);
+    interbuilder.setKeyUsage(CertificateBuilder::UsageCrlSign|CertificateBuilder::UsageKeyCertSign);
+    interbuilder.addSubjectKeyIdentifier();
+    interbuilder.addAuthorityKeyIdentifier(cacert);
+
+    QSslCertificate intercert = interbuilder.signedCertificate(cacert, cakey);
+    save_certificate("inter.crt", intercert);
+
+    //
+    // Create the leaf
+    //
+    QSslKey leafkey = KeyBuilder::generate(QSsl::Rsa, KeyBuilder::StrengthNormal);
+    save_key("leaf.key", leafkey);
+
+    CertificateRequestBuilder leafreqbuilder;
+    leafreqbuilder.setVersion(1);
+    leafreqbuilder.setKey(leafkey);
+    leafreqbuilder.addNameEntry(Certificate::EntryCountryName, "GB");
+    leafreqbuilder.addNameEntry(Certificate::EntryOrganizationName, "Westpoint");
+    leafreqbuilder.addNameEntry(Certificate::EntryCommonName, "127.0.0.1");
+    leafreqbuilder.addSubjectAlternativeNameEntry(QSsl::DnsEntry, "127.0.0.1");
+
+    CertificateRequest leafreq = leafreqbuilder.signedRequest(leafkey);
+    save_request("leaf.req", leafreq);
+
+    CertificateBuilder leafbuilder;
+    leafbuilder.setRequest(leafreq);
+
+    leafbuilder.setVersion(3);
+    leafbuilder.setSerial(RandomGenerator::getPositiveBytes(16));
+    leafbuilder.setActivationTime(QDateTime::currentDateTimeUtc());
+    leafbuilder.setExpirationTime(QDateTime::currentDateTimeUtc().addYears(10));
+    leafbuilder.copyRequestExtensions(leafreq);
+    leafbuilder.setBasicConstraints(false);
+    leafbuilder.addKeyPurpose(CertificateBuilder::PurposeWebServer);
+    leafbuilder.setKeyUsage(CertificateBuilder::UsageKeyAgreement|CertificateBuilder::UsageKeyEncipherment);
+    leafbuilder.addSubjectKeyIdentifier();
+    leafbuilder.addAuthorityKeyIdentifier(intercert);
+
+    QSslCertificate leafcert = leafbuilder.signedCertificate(intercert, interkey);
+    save_certificate("leaf.crt", leafcert);
+}