QOpcUaX509CertificateSigningRequest 类

QOpcUaX509CertificateSigningRequest 创建证书签名请求。更多...

头文件	#include <QOpcUaX509CertificateSigningRequest>
CMake	find_package(Qt6 REQUIRED COMPONENTS OpcUa) target_link_libraries(mytarget PRIVATE Qt6::OpcUa)
qmake	QT += opcua

所有成员列表，包括继承的成员

公共类型

枚举类	Encoding { PEM, DER }
枚举类	MessageDigest { SHA256 }

公共函数

	QOpcUaX509CertificateSigningRequest()
	~QOpcUaX509CertificateSigningRequest()
void	addExtension(QOpcUaX509Extension *extension)
QByteArray	createRequest(const QOpcUaKeyPair &privateKey)
QByteArray	createSelfSignedCertificate(const QOpcUaKeyPair &privateKey, int validityInDays = 365)
QOpcUaX509CertificateSigningRequest::Encoding	encoding() const
QOpcUaX509CertificateSigningRequest::MessageDigest	messageDigest() const
void	setEncoding(QOpcUaX509CertificateSigningRequest::Encoding encoding)
void	setMessageDigest(QOpcUaX509CertificateSigningRequest::MessageDigest digest)
void	setSubject(const QOpcUaX509DistinguishedName &subject)
const QOpcUaX509DistinguishedName &	subject() const

详细描述

此类目前作为技术预览版提供，因此该类提供的 API 和功能可能在任何时间无事先通知的情况下进行更改。

在实际创建签名请求数据之前，必须添加对该特定请求所需的所有扩展。当前支持的扩展包括 SubjectAlternativeName、BasicConstrains、KeyUsage 和 ExtendedKeyUsage。

// Generate key
QOpcUaKeyPair key;
key.generateRsaKey(QOpcUaKeyPair::RsaKeyStrength::Bits1024);

QOpcUaX509CertificateSigningRequest csr;

QOpcUaX509DistinguishedName dn;
dn.setEntry(QOpcUaX509DistinguishedName::Type::CommonName, "QtOpcUaViewer");
dn.setEntry(QOpcUaX509DistinguishedName::Type::CountryName, "DE");
dn.setEntry(QOpcUaX509DistinguishedName::Type::LocalityName, "Berlin");
dn.setEntry(QOpcUaX509DistinguishedName::Type::StateOrProvinceName, "Berlin");
dn.setEntry(QOpcUaX509DistinguishedName::Type::OrganizationName, "The Qt Company");
csr.setSubject(dn);

QOpcUaX509ExtensionSubjectAlternativeName *san = new QOpcUaX509ExtensionSubjectAlternativeName;
san->addData(QOpcUaX509ExtensionSubjectAlternativeName::Type::DNS, "foo.com");
san->addData(QOpcUaX509ExtensionSubjectAlternativeName::Type::DNS, "foo.com");
san->addData(QOpcUaX509ExtensionSubjectAlternativeName::Type::URI, "urn:foo.com:The%20Qt%20Company:QtOpcUaViewer");
san->setCritical(true);
csr.addExtension(san);

QOpcUaX509ExtensionBasicConstraints *bc = new QOpcUaX509ExtensionBasicConstraints;
bc->setCa(false);
bc->setCritical(true);
csr.addExtension(bc);

QOpcUaX509ExtensionKeyUsage *ku = new QOpcUaX509ExtensionKeyUsage;
ku->setCritical(true);
ku->setKeyUsage(QOpcUaX509ExtensionKeyUsage::KeyUsage::DigitalSignature);
ku->setKeyUsage(QOpcUaX509ExtensionKeyUsage::KeyUsage::NonRepudiation);
ku->setKeyUsage(QOpcUaX509ExtensionKeyUsage::KeyUsage::KeyEncipherment);
ku->setKeyUsage(QOpcUaX509ExtensionKeyUsage::KeyUsage::DataEncipherment);
ku->setKeyUsage(QOpcUaX509ExtensionKeyUsage::KeyUsage::CertificateSigning);
csr.addExtension(ku);

QOpcUaX509ExtensionExtendedKeyUsage *eku = new QOpcUaX509ExtensionExtendedKeyUsage;
eku->setCritical(true);
eku->setKeyUsage(QOpcUaX509ExtensionExtendedKeyUsage::KeyUsage::EmailProtection);
csr.addExtension(eku);

QByteArray csrData = csr.createRequest(key);

也见 QOpcUaX509ExtensionSubjectAlternativeName，QOpcUaX509ExtensionBasicConstraints，QOpcUaX509ExtensionKeyUsage 和 QOpcUaX509ExtensionKeyUsage。

成员类型文档

enum class QOpcUaX509CertificateSigningRequest::Encoding

此枚举类型指定生成的证书签名请求的编码。

常量	值	描述
`QOpcUaX509CertificateSigningRequest::Encoding::PEM`	`0`	使用 PEM 编码
`QOpcUaX509CertificateSigningRequest::Encoding::DER`	`1`	使用 DER 编码

enum class QOpcUaX509CertificateSigningRequest::MessageDigest

此枚举类型指定要使用的消息摘要。

常量	值	描述
`QOpcUaX509CertificateSigningRequest::MessageDigest::SHA256`	`0`	使用SHA256消息摘要函数

成员函数文档

QOpcUaX509CertificateSigningRequest::QOpcUaX509CertificateSigningRequest()

创建一个空的证书签名请求。

`[noexcept]` QOpcUaX509CertificateSigningRequest::~QOpcUaX509CertificateSigningRequest()

销毁请求并释放所有扩展。

void QOpcUaX509CertificateSigningRequest::addExtension(QOpcUaX509Extension **extension*)

将证书扩展添加到请求中。

扩展对象的所有权将转让给此类。

也见 QOpcUaX509ExtensionSubjectAlternativeName，QOpcUaX509ExtensionBasicConstraints，QOpcUaX509ExtensionKeyUsage 和 QOpcUaX509ExtensionKeyUsage。

QByteArray QOpcUaX509CertificateSigningRequest::createRequest(const QOpcUaKeyPair &privateKey)

创建一个CA签名签名的证书签名请求。使用privateKey中的私钥签名请求。请求数据以由 setEncoding() 设置的编码返回为字节数组。

QByteArray QOpcUaX509CertificateSigningRequest::createSelfSignedCertificate(const QOpcUaKeyPair &privateKey, int validityInDays = 365)

从该请求创建自签名证书，供即时使用。使用privateKey中的私钥签名请求。可以指定有效期的天数validityInDays。请求数据以由 setEncoding() 设置的编码返回为字节数组。

QOpcUaX509CertificateSigningRequest::Encoding QOpcUaX509CertificateSigningRequest::encoding() const

返回所使用的请求编码。

参见setEncoding。

QOpcUaX509CertificateSigningRequest::MessageDigest QOpcUaX509CertificateSigningRequest::messageDigest() const

返回所使用的消息摘要。

参见setMessageDigest。

void QOpcUaX509CertificateSigningRequest::setEncoding(QOpcUaX509CertificateSigningRequest::Encoding encoding)

设置所使用的请求编码为 encoding。默认请求编码为 PEM。

参见encoding。

void QOpcUaX509CertificateSigningRequest::setMessageDigest(QOpcUaX509CertificateSigningRequest::MessageDigest digest)

设置所使用的消息摘要为 digest。默认消息摘要为 SHA256。

参见messageDigest。

void QOpcUaX509CertificateSigningRequest::setSubject(const QOpcUaX509DistinguishedName &subject)

为此请求设置主题。如果没有主题，则无法生成请求。

另请参见主题。

const QOpcUaX509DistinguishedName &QOpcUaX509CertificateSigningRequest::subject() const

返回此请求的主题。

另请参见设置主题。