Certify key.

In-place editing with a popup if user is allowed in app config file.
User must of course manage at least a private key. User identities of
target key may be selectively chosen. Optionally, certification may be
exportable and non-revocable.

AppConfig.cpp

@@ -30,6 +30,7 @@ using namespace std;
             "canImport" : true,
             "canDelete" : true,
             "canEditOwnerTrust" : true,
+            "canEditUidValidity" : true,
             "privKeyIds" : [
                 "fullKeyId1",
                 "fullKeyId2"
@@ -127,6 +128,19 @@ bool AppConfig::CanEditOwnerTrust() const
     return cnObject.get("canEditOwnerTrust");
 }
 
+bool AppConfig::CanEditUidValidity() const
+{
+    if (PrivateKeyIds().size() == 0)
+        return false;
+    const WString commonName = GetSubjectDnAttribute(WSslCertificate::DnAttributeName::CommonName);
+    if (!m_SubjectCNObject.contains(commonName.toUTF8()))
+        return false;
+    Json::Object cnObject = m_SubjectCNObject.get(commonName.toUTF8());
+    if (!cnObject.contains("canEditUidValidity"))
+        return false;
+    return cnObject.get("canEditUidValidity");
+}
+
 vector<WString> AppConfig::PrivateKeyIds() const
 {
     // List private key identifiers.
@@ -156,4 +170,4 @@ const WString AppConfig::GetSubjectDnAttribute(const WSslCertificate::DnAttribut
             return dnAttr->at(i).value();
     }
     return WString::Empty;
-}
+}