Mercurial > trustbridge
annotate ui/certificate.cpp @ 186:2551ad24d3c2
Get subject from the certificate and parse it's attributes
| author | Andre Heinecke <andre.heinecke@intevation.de> |
|---|---|
| date | Wed, 26 Mar 2014 12:07:06 +0100 |
| parents | f1ebab8639dc |
| children | 825b42da1855 |
| rev | line source |
|---|---|
|
21
dc1e1e9e62ce
Add certificate class and use it
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
1 #include "certificate.h" |
|
82
1f27d6db5ee3
Polarssl based certificate handling
Andre Heinecke <aheinecke@intevation.de>
parents:
81
diff
changeset
|
2 #include <QDebug> |
|
186
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
3 #include <QStringList> |
|
21
dc1e1e9e62ce
Add certificate class and use it
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
4 #include <QObject> |
|
dc1e1e9e62ce
Add certificate class and use it
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
5 |
|
94
f1ebab8639dc
Do not save the x509 cert as a member variable
Andre Heinecke <aheinecke@intevation.de>
parents:
83
diff
changeset
|
6 #include <polarssl/x509_crt.h> |
|
f1ebab8639dc
Do not save the x509 cert as a member variable
Andre Heinecke <aheinecke@intevation.de>
parents:
83
diff
changeset
|
7 |
|
186
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
8 #define POLARSSL_INFO_BUF_SIZE 2000 |
|
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
9 |
|
83
ba8a548ff252
Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents:
82
diff
changeset
|
10 Certificate::Certificate(const QString& b64Line) : |
|
186
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
11 mValid(false) |
|
81
112228bd7e4b
Remove platform specific certificate immplementations.
Andre Heinecke <aheinecke@intevation.de>
parents:
78
diff
changeset
|
12 { |
|
82
1f27d6db5ee3
Polarssl based certificate handling
Andre Heinecke <aheinecke@intevation.de>
parents:
81
diff
changeset
|
13 int ret = -1; |
|
186
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
14 char buf[POLARSSL_INFO_BUF_SIZE]; |
|
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
15 |
|
94
f1ebab8639dc
Do not save the x509 cert as a member variable
Andre Heinecke <aheinecke@intevation.de>
parents:
83
diff
changeset
|
16 x509_crt x509cert; |
|
81
112228bd7e4b
Remove platform specific certificate immplementations.
Andre Heinecke <aheinecke@intevation.de>
parents:
78
diff
changeset
|
17 |
|
83
ba8a548ff252
Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents:
82
diff
changeset
|
18 /* Cut of the first two chars (e.g. I: and decode) */ |
|
ba8a548ff252
Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents:
82
diff
changeset
|
19 QByteArray asn1data = QByteArray::fromBase64( |
|
ba8a548ff252
Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents:
82
diff
changeset
|
20 b64Line.right(b64Line.size() - 2).toLatin1()); |
|
ba8a548ff252
Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents:
82
diff
changeset
|
21 |
|
94
f1ebab8639dc
Do not save the x509 cert as a member variable
Andre Heinecke <aheinecke@intevation.de>
parents:
83
diff
changeset
|
22 x509_crt_init(&x509cert); |
|
f1ebab8639dc
Do not save the x509 cert as a member variable
Andre Heinecke <aheinecke@intevation.de>
parents:
83
diff
changeset
|
23 ret = x509_crt_parse(&x509cert, |
|
82
1f27d6db5ee3
Polarssl based certificate handling
Andre Heinecke <aheinecke@intevation.de>
parents:
81
diff
changeset
|
24 (const unsigned char*) asn1data.constData(), |
|
1f27d6db5ee3
Polarssl based certificate handling
Andre Heinecke <aheinecke@intevation.de>
parents:
81
diff
changeset
|
25 asn1data.size()); |
|
1f27d6db5ee3
Polarssl based certificate handling
Andre Heinecke <aheinecke@intevation.de>
parents:
81
diff
changeset
|
26 if (ret != 0) { |
|
1f27d6db5ee3
Polarssl based certificate handling
Andre Heinecke <aheinecke@intevation.de>
parents:
81
diff
changeset
|
27 qDebug() << "Parsing certificate failed with error: " << ret; |
|
94
f1ebab8639dc
Do not save the x509 cert as a member variable
Andre Heinecke <aheinecke@intevation.de>
parents:
83
diff
changeset
|
28 x509_crt_free(&x509cert); |
|
82
1f27d6db5ee3
Polarssl based certificate handling
Andre Heinecke <aheinecke@intevation.de>
parents:
81
diff
changeset
|
29 return; |
|
1f27d6db5ee3
Polarssl based certificate handling
Andre Heinecke <aheinecke@intevation.de>
parents:
81
diff
changeset
|
30 } |
|
1f27d6db5ee3
Polarssl based certificate handling
Andre Heinecke <aheinecke@intevation.de>
parents:
81
diff
changeset
|
31 |
|
186
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
32 /* Get a full details string */ |
|
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
33 ret = x509_crt_info(buf, POLARSSL_INFO_BUF_SIZE, "", &x509cert); |
|
82
1f27d6db5ee3
Polarssl based certificate handling
Andre Heinecke <aheinecke@intevation.de>
parents:
81
diff
changeset
|
34 |
|
1f27d6db5ee3
Polarssl based certificate handling
Andre Heinecke <aheinecke@intevation.de>
parents:
81
diff
changeset
|
35 if (ret <= 0) { |
|
1f27d6db5ee3
Polarssl based certificate handling
Andre Heinecke <aheinecke@intevation.de>
parents:
81
diff
changeset
|
36 qDebug() << "Getting certificate info failed with error: " << ret; |
|
1f27d6db5ee3
Polarssl based certificate handling
Andre Heinecke <aheinecke@intevation.de>
parents:
81
diff
changeset
|
37 return; |
|
1f27d6db5ee3
Polarssl based certificate handling
Andre Heinecke <aheinecke@intevation.de>
parents:
81
diff
changeset
|
38 } |
|
1f27d6db5ee3
Polarssl based certificate handling
Andre Heinecke <aheinecke@intevation.de>
parents:
81
diff
changeset
|
39 |
|
1f27d6db5ee3
Polarssl based certificate handling
Andre Heinecke <aheinecke@intevation.de>
parents:
81
diff
changeset
|
40 /* In case of success the return value is the size of the information |
|
186
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
41 * written into buf */ |
|
83
ba8a548ff252
Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents:
82
diff
changeset
|
42 mDetails = QString::fromUtf8(buf, ret); |
|
ba8a548ff252
Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents:
82
diff
changeset
|
43 |
|
186
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
44 /* Get the subject */ |
|
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
45 ret = x509_dn_gets(buf, POLARSSL_INFO_BUF_SIZE, &(x509cert.subject)); |
|
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
46 |
|
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
47 if (ret <= 0) { |
|
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
48 qDebug() << "Getting certificate subject failed with error: " << ret; |
|
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
49 return; |
|
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
50 } |
|
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
51 |
|
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
52 /* TODO check that all asn encodings are handled */ |
|
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
53 QString subject = QString::fromUtf8(buf, ret); |
|
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
54 |
|
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
55 /* TODO check that escaped , are not possible */ |
|
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
56 QStringList attrs = subject.split(", "); |
|
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
57 |
|
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
58 foreach (const QString& attr, attrs) { |
|
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
59 QStringList kv = attr.split("="); |
|
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
60 if (kv.size() != 2) { |
|
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
61 qDebug() << "Failed to parse subject element: " << attr; |
|
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
62 continue; |
|
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
63 } |
|
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
64 mSubjectAttrs.insert(kv[0], kv[1]); |
|
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
65 } |
|
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
66 |
|
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
67 /* For more information to get from a x509_crt see |
|
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
68 * https://polarssl.org/api/x509_8h.html */ |
|
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
69 |
|
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
70 x509_crt_free(&x509cert); |
|
82
1f27d6db5ee3
Polarssl based certificate handling
Andre Heinecke <aheinecke@intevation.de>
parents:
81
diff
changeset
|
71 |
|
1f27d6db5ee3
Polarssl based certificate handling
Andre Heinecke <aheinecke@intevation.de>
parents:
81
diff
changeset
|
72 mValid = true; |
|
83
ba8a548ff252
Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents:
82
diff
changeset
|
73 |
|
ba8a548ff252
Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents:
82
diff
changeset
|
74 mBaseLine = b64Line; |
|
81
112228bd7e4b
Remove platform specific certificate immplementations.
Andre Heinecke <aheinecke@intevation.de>
parents:
78
diff
changeset
|
75 } |
|
186
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
76 |
|
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
77 QString Certificate::getSubjectAttr (const QString& attrName) const { |
|
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
78 return mSubjectAttrs.value(attrName); |
|
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
79 } |
|
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
80 |
|
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
81 QString Certificate::shortDescription() const { |
|
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
82 return getSubjectAttr("CN"); |
|
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
83 } |