Certificate key usage

PdfForQtLib/sources/pdfsignaturehandler.cpp

@@ -523,8 +523,24 @@ PDFCertificateInfo PDFPublicKeySignatureHandler::getCertificateInfo(X509* certif
         }
         info.setPublicKey(key);
 
-        EVP_PKEY_bits();
+        const int bits = EVP_PKEY_bits(evpKey);
-        EVP_PKEY_security_bits();
+        info.setKeySize(bits);
+
+        const uint32_t keyUsage = X509_get_key_usage(certificate);
+        if (keyUsage != UINT32_MAX)
+        {
+            static_assert(PDFCertificateInfo::KeyUsageDigitalSignature    == KU_DIGITAL_SIGNATURE, "Fix this code!");
+            static_assert(PDFCertificateInfo::KeyUsageNonRepudiation      == KU_NON_REPUDIATION, "Fix this code!");
+            static_assert(PDFCertificateInfo::KeyUsageKeyEncipherment     == KU_KEY_ENCIPHERMENT, "Fix this code!");
+            static_assert(PDFCertificateInfo::KeyUsageDataEncipherment    == KU_DATA_ENCIPHERMENT, "Fix this code!");
+            static_assert(PDFCertificateInfo::KeyUsageAgreement           == KU_KEY_AGREEMENT, "Fix this code!");
+            static_assert(PDFCertificateInfo::KeyUsageCertSign            == KU_KEY_CERT_SIGN, "Fix this code!");
+            static_assert(PDFCertificateInfo::KeyUsageCrlSign             == KU_CRL_SIGN, "Fix this code!");
+            static_assert(PDFCertificateInfo::KeyUsageEncipherOnly        == KU_ENCIPHER_ONLY, "Fix this code!");
+            static_assert(PDFCertificateInfo::KeyUsageDecipherOnly        == KU_DECIPHER_ONLY, "Fix this code!");
+
+            info.setKeyUsage(static_cast<PDFCertificateInfo::KeyUsageFlags>(keyUsage));
+        }
     }
 
     return info;
@@ -570,6 +586,26 @@ void PDFCertificateInfo::setPublicKey(const PublicKey& publicKey)
     m_publicKey = publicKey;
 }
 
+int PDFCertificateInfo::getKeySize() const
+{
+    return m_keySize;
+}
+
+void PDFCertificateInfo::setKeySize(int keySize)
+{
+    m_keySize = keySize;
+}
+
+PDFCertificateInfo::KeyUsageFlags PDFCertificateInfo::getKeyUsage() const
+{
+    return m_keyUsage;
+}
+
+void PDFCertificateInfo::setKeyUsage(KeyUsageFlags keyUsage)
+{
+    m_keyUsage = keyUsage;
+}
+
 QString PDFPublicKeySignatureHandler::getStringFromX509Name(X509_NAME* name, int nid)
 {
     QString result;

PdfForQtLib/sources/pdfsignaturehandler.h

@@ -185,6 +185,22 @@ public:
         KeyUnknown
     };
 
+    // This enum is defined in RFC 5280, chapter 4.2.1.3, Key Usage
+    enum KeyUsageFlag : uint32_t
+    {
+        KeyUsageNone                = 0x0000,
+        KeyUsageDigitalSignature    = 0x0080,
+        KeyUsageNonRepudiation      = 0x0040,
+        KeyUsageKeyEncipherment     = 0x0020,
+        KeyUsageDataEncipherment    = 0x0010,
+        KeyUsageAgreement           = 0x0008,
+        KeyUsageCertSign            = 0x0004,
+        KeyUsageCrlSign             = 0x0002,
+        KeyUsageEncipherOnly        = 0x0001,
+        KeyUsageDecipherOnly        = 0x8000,
+    };
+    Q_DECLARE_FLAGS(KeyUsageFlags, KeyUsageFlag)
+
     const QString& getName(NameEntry name) const { return m_nameEntries[name]; }
     void setName(NameEntry name, QString string) { m_nameEntries[name] = qMove(string); }
 
@@ -200,12 +216,20 @@ public:
     PublicKey getPublicKey() const;
     void setPublicKey(const PublicKey& publicKey);
 
+    int getKeySize() const;
+    void setKeySize(int keySize);
+
+    KeyUsageFlags getKeyUsage() const;
+    void setKeyUsage(KeyUsageFlags keyUsage);
+
 private:
     long m_version = 0;
+    int m_keySize = 0;
     PublicKey m_publicKey = KeyUnknown;
     std::array<QString, NameEnd> m_nameEntries;
     QDateTime m_notValidBefore;
     QDateTime m_notValidAfter;
+    KeyUsageFlags m_keyUsage;
 };
 
 using PDFCertificateInfos = std::vector<PDFCertificateInfo>;