Refactor and document: fix cert filenames, add Doxygen, improve demo

Refactoring (issues 1,3,4,5,7,8,9,10 from review):
- Replace hardcoded cert filenames with certFile/keyFile properties
- Add 30s timeout to certificate trust QEventLoop
- Cache servers() QVariantList instead of rebuilding per call
- Validate URLs before passing to QtOpcUa
- Use ComboBox valueRole for robust enum mapping
- Add certificate trust dialog to demo
- Remove unnecessary RowLayout wrapper
- Remove debug output from BuildDeps.cmake

Documentation:
- Add Doxygen file blocks to all C++ files
- Document AuthMode enum, toAuthenticationInformation(), key
  Q_INVOKABLE methods, certificateTrustRequested signal contract
- Convert section banners to standard format
- Add file/target comments to CMake and QML files

1 files changed, 61 insertions, 26 deletions

diff --git a/demo/Main.qml b/demo/Main.qml
index 6d1327d..5609c12 100644
--- a/demo/Main.qml
+++ b/demo/Main.qml
@@ -1,3 +1,5 @@
+// Main.qml — Demo app for testing BobinkClient connection flow.
+
 import QtQuick
 import QtQuick.Controls
 import QtQuick.Layouts
@@ -23,6 +25,22 @@ ApplicationWindow {
         function onDiscoveringChanged() {
             console.log("Discovering:", BobinkClient.discovering)
         }
+        function onCertificateTrustRequested(certInfo) {
+            certTrustDialog.certInfo = certInfo
+            certTrustDialog.open()
+        }
+    }
+
+    Dialog {
+        id: certTrustDialog
+        property string certInfo
+        anchors.centerIn: parent
+        title: "Certificate Trust"
+        modal: true
+        standardButtons: Dialog.Yes | Dialog.No
+        Label { text: certTrustDialog.certInfo }
+        onAccepted: BobinkClient.acceptCertificate()
+        onRejected: BobinkClient.rejectCertificate()
     }
 
     ColumnLayout {
@@ -74,47 +92,58 @@ ApplicationWindow {
             ScrollBar.vertical: ScrollBar {}
         }
 
-        Label { text: "PKI Directory"; font.bold: true }
+        Label { text: "PKI"; font.bold: true }
 
-        RowLayout {
+        GridLayout {
+            columns: 2
+            Layout.fillWidth: true
+
+            Label { text: "PKI directory:" }
             TextField {
                 id: pkiDirField
                 Layout.fillWidth: true
                 text: BobinkClient.pkiDir
                 onEditingFinished: BobinkClient.pkiDir = text
             }
-            Button {
-                text: "Apply PKI"
-                onClicked: {
-                    BobinkClient.pkiDir = pkiDirField.text
-                    BobinkClient.applyPki()
-                    console.log("PKI applied:", BobinkClient.pkiDir)
-                }
+            Label { text: "Certificate:" }
+            TextField {
+                id: certFileField
+                Layout.fillWidth: true
+                placeholderText: "/path/to/cert.der"
+            }
+            Label { text: "Private key:" }
+            TextField {
+                id: keyFileField
+                Layout.fillWidth: true
+                placeholderText: "/path/to/key.pem"
+            }
+        }
+
+        Button {
+            text: "Apply PKI"
+            Layout.fillWidth: true
+            onClicked: {
+                BobinkClient.pkiDir = pkiDirField.text
+                BobinkClient.certFile = certFileField.text
+                BobinkClient.keyFile = keyFileField.text
+                BobinkClient.applyPki()
+                console.log("PKI applied:", BobinkClient.pkiDir)
             }
         }
 
         Label { text: "Server URL"; font.bold: true }
 
-        RowLayout {
-            TextField {
-                id: serverUrlField
-                Layout.fillWidth: true
-                placeholderText: "opc.tcp://..."
-            }
+        TextField {
+            id: serverUrlField
+            Layout.fillWidth: true
+            placeholderText: "opc.tcp://..."
         }
 
         Label { text: "Authentication"; font.bold: true }
 
         BobinkAuth {
             id: auth
-            mode: {
-                switch (authModeCombo.currentIndex) {
-                case 0: return BobinkAuth.Anonymous
-                case 1: return BobinkAuth.UserPass
-                case 2: return BobinkAuth.Certificate
-                default: return BobinkAuth.Anonymous
-                }
-            }
+            mode: authModeCombo.currentValue
             username: usernameField.text
             password: passwordField.text
             certPath: certPathField.text
@@ -124,12 +153,18 @@ ApplicationWindow {
         ComboBox {
             id: authModeCombo
             Layout.fillWidth: true
-            model: ["Anonymous", "Username / Password", "Certificate"]
+            textRole: "text"
+            valueRole: "mode"
+            model: [
+                { text: "Anonymous", mode: BobinkAuth.Anonymous },
+                { text: "Username / Password", mode: BobinkAuth.UserPass },
+                { text: "Certificate", mode: BobinkAuth.Certificate }
+            ]
         }
 
         GridLayout {
             columns: 2
-            visible: authModeCombo.currentIndex === 1
+            visible: authModeCombo.currentValue === BobinkAuth.UserPass
             Layout.fillWidth: true
 
             Label { text: "Username:" }
@@ -147,7 +182,7 @@ ApplicationWindow {
 
         GridLayout {
             columns: 2
-            visible: authModeCombo.currentIndex === 2
+            visible: authModeCombo.currentValue === BobinkAuth.Certificate
             Layout.fillWidth: true
 
             Label { text: "Certificate:" }