QOpcUaX509CertificateSigningRequest Class
QOpcUaX509CertificateSigningRequest 创建证书签名请求。更多
| 头文件: | #include <QOpcUaX509CertificateSigningRequest> |
| CMake: | find_package(Qt6 REQUIRED COMPONENTS OpcUa)target_link_libraries(mytarget PRIVATE Qt6::OpcUa) |
| qmake: | QT += opcua |
公共类型
| enum class | Encoding { PEM, DER } |
| enum class | MessageDigest { SHA256 } |
公共函数
| QOpcUaX509CertificateSigningRequest() | |
| ~QOpcUaX509CertificateSigningRequest() | |
| void | addExtension(QOpcUaX509Extension *extension) |
| QByteArray | createRequest(const QOpcUaKeyPair &privateKey) |
| QByteArray | createSelfSignedCertificate(const QOpcUaKeyPair &privateKey, int validityInDays = 365) |
| QOpcUaX509CertificateSigningRequest::Encoding | encoding() const |
| QOpcUaX509CertificateSigningRequest::MessageDigest | messageDigest() const |
| void | setEncoding(QOpcUaX509CertificateSigningRequest::Encoding encoding) |
| void | setMessageDigest(QOpcUaX509CertificateSigningRequest::MessageDigest digest) |
| void | setSubject(const QOpcUaX509DistinguishedName &subject) |
| const QOpcUaX509DistinguishedName & | subject() const |
详细说明
该类目前为技术预览版,因此其提供的 API 和功能可能会随时更改,恕不另行通知。
在实际创建唱歌请求数据之前,必须添加该特定请求所需的任何扩展。目前支持的扩展有 SubjectAlternativeName、BasicConstrains、KeyUsage 和 ExtendedKeyUsage。
// Generate key QOpcUaKeyPair key; key.generateRsaKey(QOpcUaKeyPair::RsaKeyStrength::Bits1024); QOpcUaX509CertificateSigningRequest csr; QOpcUaX509DistinguishedName dn; dn.setEntry(QOpcUaX509DistinguishedName::Type::CommonName, "QtOpcUaViewer"); dn.setEntry(QOpcUaX509DistinguishedName::Type::CountryName, "DE"); dn.setEntry(QOpcUaX509DistinguishedName::Type::LocalityName, "Berlin"); dn.setEntry(QOpcUaX509DistinguishedName::Type::StateOrProvinceName, "Berlin"); dn.setEntry(QOpcUaX509DistinguishedName::Type::OrganizationName, "The Qt Company"); csr.setSubject(dn); QOpcUaX509ExtensionSubjectAlternativeName *san = new QOpcUaX509ExtensionSubjectAlternativeName; san->addData(QOpcUaX509ExtensionSubjectAlternativeName::Type::DNS, "foo.com"); san->addData(QOpcUaX509ExtensionSubjectAlternativeName::Type::DNS, "foo.com"); san->addData(QOpcUaX509ExtensionSubjectAlternativeName::Type::URI, "urn:foo.com:The%20Qt%20Company:QtOpcUaViewer"); san->setCritical(true); csr.addExtension(san); QOpcUaX509ExtensionBasicConstraints *bc = new QOpcUaX509ExtensionBasicConstraints; bc->setCa(false); bc->setCritical(true); csr.addExtension(bc); QOpcUaX509ExtensionKeyUsage *ku = new QOpcUaX509ExtensionKeyUsage; ku->setCritical(true); ku->setKeyUsage(QOpcUaX509ExtensionKeyUsage::KeyUsage::DigitalSignature); ku->setKeyUsage(QOpcUaX509ExtensionKeyUsage::KeyUsage::NonRepudiation); ku->setKeyUsage(QOpcUaX509ExtensionKeyUsage::KeyUsage::KeyEncipherment); ku->setKeyUsage(QOpcUaX509ExtensionKeyUsage::KeyUsage::DataEncipherment); ku->setKeyUsage(QOpcUaX509ExtensionKeyUsage::KeyUsage::CertificateSigning); csr.addExtension(ku); QOpcUaX509ExtensionExtendedKeyUsage *eku = new QOpcUaX509ExtensionExtendedKeyUsage; eku->setCritical(true); eku->setKeyUsage(QOpcUaX509ExtensionExtendedKeyUsage::KeyUsage::EmailProtection); csr.addExtension(eku); QByteArray csrData = csr.createRequest(key);
另请参阅 QOpcUaX509ExtensionSubjectAlternativeName,QOpcUaX509ExtensionBasicConstraints,QOpcUaX509ExtensionKeyUsage, 和QOpcUaX509ExtensionKeyUsage 。
成员类型文档
enum class QOpcUaX509CertificateSigningRequest::Encoding
该枚举类型指定生成的证书签名请求的编码。
| 常量 | 值 | 说明 |
|---|---|---|
QOpcUaX509CertificateSigningRequest::Encoding::PEM | 0 | 使用 PEM 编码 |
QOpcUaX509CertificateSigningRequest::Encoding::DER | 1 | 使用 DER 编码 |
enum class QOpcUaX509CertificateSigningRequest::MessageDigest
该枚举类型指定要使用的报文摘要。
| 常量 | 值 | 说明 |
|---|---|---|
QOpcUaX509CertificateSigningRequest::MessageDigest::SHA256 | 0 | 使用 SHA256 消息摘要 |
成员函数文档
QOpcUaX509CertificateSigningRequest::QOpcUaX509CertificateSigningRequest()
创建一个空的证书签名请求。
[noexcept] QOpcUaX509CertificateSigningRequest::~QOpcUaX509CertificateSigningRequest()
销毁请求并释放所有扩展名。
void QOpcUaX509CertificateSigningRequest::addExtension(QOpcUaX509Extension *extension)
将证书扩展名添加到请求中。
extension 对象的所有权将转移到该类。
另请参阅 QOpcUaX509ExtensionSubjectAlternativeName,QOpcUaX509ExtensionBasicConstraints,QOpcUaX509ExtensionKeyUsage 和QOpcUaX509ExtensionKeyUsage 。
QByteArray QOpcUaX509CertificateSigningRequest::createRequest(const QOpcUaKeyPair &privateKey)
创建一个证书签名请求,提交给 CA 进行签名。privateKey 中的私钥用于签署请求。请求数据以setEncoding() 设置的编码字节数组形式返回。
QByteArray QOpcUaX509CertificateSigningRequest::createSelfSignedCertificate(const QOpcUaKeyPair &privateKey, int validityInDays = 365)
根据该请求创建自签名证书,以供立即使用。privateKey 中的私钥用于签署请求。可在validityInDays 中指定有效期(以天为单位)。请求数据以setEncoding() 设置的编码字节数组形式返回。
QOpcUaX509CertificateSigningRequest::Encoding QOpcUaX509CertificateSigningRequest::encoding() const
返回使用的请求编码。
另请参阅 setEncoding()。
QOpcUaX509CertificateSigningRequest::MessageDigest QOpcUaX509CertificateSigningRequest::messageDigest() const
返回使用的消息摘要。
另请参阅 setMessageDigest()。
void QOpcUaX509CertificateSigningRequest::setEncoding(QOpcUaX509CertificateSigningRequest::Encoding encoding)
将使用的请求编码设置为encoding 。默认请求编码为 PEM。
另请参阅 encoding().
void QOpcUaX509CertificateSigningRequest::setMessageDigest(QOpcUaX509CertificateSigningRequest::MessageDigest digest)
将使用的消息摘要设置为digest 。默认消息摘要为 SHA256。
另请参阅 messageDigest().
void QOpcUaX509CertificateSigningRequest::setSubject(const QOpcUaX509DistinguishedName &subject)
为该请求设置subject 。如果没有主题,则无法生成请求。
另请参阅 subject().
const QOpcUaX509DistinguishedName &QOpcUaX509CertificateSigningRequest::subject() const
返回该请求的主题。
另请参阅 setSubject()。
© 2025 The Qt Company Ltd. Documentation contributions included herein are the copyrights of their respective owners. The documentation provided herein is licensed under the terms of the GNU Free Documentation License version 1.3 as published by the Free Software Foundation. Qt and respective logos are trademarks of The Qt Company Ltd. in Finland and/or other countries worldwide. All other trademarks are property of their respective owners.
