annotate ui/certificate.cpp @ 1289:34c92dbfee7e

(issue44) Do not ask the user to confirm start on update
author Andre Heinecke <andre.heinecke@intevation.de>
date Mon, 29 Sep 2014 13:34:19 +0200
parents 265583011f24
children c2fd36cd4093
rev   line source
404
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 403
diff changeset
1 /* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 403
diff changeset
2 * Software engineering by Intevation GmbH
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 403
diff changeset
3 *
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 403
diff changeset
4 * This file is Free Software under the GNU GPL (v>=2)
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 403
diff changeset
5 * and comes with ABSOLUTELY NO WARRANTY!
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 403
diff changeset
6 * See LICENSE.txt for details.
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 403
diff changeset
7 */
21
dc1e1e9e62ce Add certificate class and use it
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
8 #include "certificate.h"
82
1f27d6db5ee3 Polarssl based certificate handling
Andre Heinecke <aheinecke@intevation.de>
parents: 81
diff changeset
9 #include <QDebug>
349
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
10 #include <QFile>
186
2551ad24d3c2 Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents: 94
diff changeset
11 #include <QStringList>
21
dc1e1e9e62ce Add certificate class and use it
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
12 #include <QObject>
dc1e1e9e62ce Add certificate class and use it
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
13
378
31079bd54036 Add fingerprint to certificate
Andre Heinecke <andre.heinecke@intevation.de>
parents: 356
diff changeset
14 #include <polarssl/sha1.h>
31079bd54036 Add fingerprint to certificate
Andre Heinecke <andre.heinecke@intevation.de>
parents: 356
diff changeset
15
338
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
16 #include "certhelp.h"
349
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
17 #include "listutil.h"
94
f1ebab8639dc Do not save the x509 cert as a member variable
Andre Heinecke <aheinecke@intevation.de>
parents: 83
diff changeset
18
1288
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
19 #ifdef WIN32
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
20 #include <cryptuiapi.h>
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
21 #endif
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
22
338
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
23 /* Qt wrapper around certhelp functions. */
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
24 QString getX509Value(x509_name *namebuf, unsigned char *oid) {
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
25 QString retval;
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
26 char * buf = get_oid_valstr(namebuf, oid);
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
27 if (buf == NULL) {
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
28 return retval;
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
29 }
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
30 retval = QString::fromUtf8(buf, -1);
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
31 free(buf);
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
32 return retval;
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
33 }
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
34
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
35 void Certificate::parseDetails(const QByteArray& cert) {
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
36 x509_crt chain;
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
37
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
38 x509_crt_init(&chain);
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
39 if (x509_crt_parse_der(&chain, (const unsigned char *)cert.data(),
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
40 cert.size()) != 0) {
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
41 qDebug() << "Failed to parse cert..";
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
42 return;
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
43 }
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
44
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
45 mValidFrom = QDateTime(QDate(chain.valid_from.year,
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
46 chain.valid_from.mon,
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
47 chain.valid_from.day),
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
48 QTime(chain.valid_from.hour,
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
49 chain.valid_from.min,
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
50 chain.valid_from.sec));
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
51
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
52 mValidTo = QDateTime(QDate(chain.valid_to.year,
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
53 chain.valid_to.mon,
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
54 chain.valid_to.day),
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
55 QTime(chain.valid_to.hour,
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
56 chain.valid_to.min,
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
57 chain.valid_to.sec));
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
58
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
59 mSubjectCN = getX509Value(&(chain.subject), CERT_OID_CN);
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
60 mSubjectOU = getX509Value(&(chain.subject), CERT_OID_OU);
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
61 mSubjectO = getX509Value(&(chain.subject), CERT_OID_O);
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
62 mSubjectSN = getX509Value(&(chain.subject), CERT_OID_SN);
378
31079bd54036 Add fingerprint to certificate
Andre Heinecke <andre.heinecke@intevation.de>
parents: 356
diff changeset
63
31079bd54036 Add fingerprint to certificate
Andre Heinecke <andre.heinecke@intevation.de>
parents: 356
diff changeset
64 /* Calculate sha1 fingerprint */
31079bd54036 Add fingerprint to certificate
Andre Heinecke <andre.heinecke@intevation.de>
parents: 356
diff changeset
65 unsigned char sha1sum[20];
31079bd54036 Add fingerprint to certificate
Andre Heinecke <andre.heinecke@intevation.de>
parents: 356
diff changeset
66 sha1(chain.raw.p, chain.raw.len, sha1sum);
31079bd54036 Add fingerprint to certificate
Andre Heinecke <andre.heinecke@intevation.de>
parents: 356
diff changeset
67 for (int i=0; i < 20; i++) {
403
7a15a3066f7b Fill to two characters
Andre Heinecke <aheinecke@intevation.de>
parents: 380
diff changeset
68 mFingerprint += QString("%1").arg(sha1sum[i], 0, 16).rightJustified(2, '0');
378
31079bd54036 Add fingerprint to certificate
Andre Heinecke <andre.heinecke@intevation.de>
parents: 356
diff changeset
69 if (i != 19) {
31079bd54036 Add fingerprint to certificate
Andre Heinecke <andre.heinecke@intevation.de>
parents: 356
diff changeset
70 mFingerprint += ":";
31079bd54036 Add fingerprint to certificate
Andre Heinecke <andre.heinecke@intevation.de>
parents: 356
diff changeset
71 }
379
2ddc685cba33 Make the fingerprint uppercase
Andre Heinecke <andre.heinecke@intevation.de>
parents: 378
diff changeset
72 mFingerprint = mFingerprint.toUpper();
378
31079bd54036 Add fingerprint to certificate
Andre Heinecke <andre.heinecke@intevation.de>
parents: 356
diff changeset
73 }
31079bd54036 Add fingerprint to certificate
Andre Heinecke <andre.heinecke@intevation.de>
parents: 356
diff changeset
74
338
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
75 x509_crt_free(&chain);
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
76
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
77 mDetails = QObject::tr("Certificate:\n"
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
78 " <bold>%1</bold>\n"
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
79 " %2, %3\n\n"
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
80 "Serial number:\n"
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
81 "%4\n"
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
82 "Valid from: <bold>%5</bold> to <bold>%6</bold>\n\n"
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
83 "Issued by: ..")
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
84 .arg(mSubjectCN)
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
85 .arg(mSubjectO)
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
86 .arg(mSubjectOU)
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
87 .arg(mSubjectSN)
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
88 .arg(QLocale::system().toString(mValidFrom))
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
89 .arg(QLocale::system().toString(mValidTo));
378
31079bd54036 Add fingerprint to certificate
Andre Heinecke <andre.heinecke@intevation.de>
parents: 356
diff changeset
90
338
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
91 }
186
2551ad24d3c2 Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents: 94
diff changeset
92
349
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
93 Certificate::Certificate(const QByteArray& derData) :
547
bf445b0e1126 Certificate: initialising member variable mEditable in the constructors.
Bernhard Reiter <bernhard@intevation.de>
parents: 530
diff changeset
94 mValid(false),
1108
9bb9932bb819 Revert commit 1101 the inactive manual changes were a bad idea
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1101
diff changeset
95 mEditable(false)
349
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
96 {
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
97 if (derData.isEmpty()) {
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
98 return;
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
99 }
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
100
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
101 parseDetails(derData);
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
102
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
103 mValid = !mSubjectCN.isEmpty();
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
104
356
67b471c4d1fc Default for loaded certificates from file to install
Andre Heinecke <andre.heinecke@intevation.de>
parents: 355
diff changeset
105 /* Default is installation for new certificates */
67b471c4d1fc Default for loaded certificates from file to install
Andre Heinecke <andre.heinecke@intevation.de>
parents: 355
diff changeset
106 mBaseLine = QString::fromLatin1("I:") + derData.toBase64();
349
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
107 }
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
108
83
ba8a548ff252 Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents: 82
diff changeset
109 Certificate::Certificate(const QString& b64Line) :
547
bf445b0e1126 Certificate: initialising member variable mEditable in the constructors.
Bernhard Reiter <bernhard@intevation.de>
parents: 530
diff changeset
110 mValid(false),
bf445b0e1126 Certificate: initialising member variable mEditable in the constructors.
Bernhard Reiter <bernhard@intevation.de>
parents: 530
diff changeset
111 mEditable(false)
81
112228bd7e4b Remove platform specific certificate immplementations.
Andre Heinecke <aheinecke@intevation.de>
parents: 78
diff changeset
112 {
204
825b42da1855 Avoid printing an error when an empty certificate ist constructed
Andre Heinecke <andre.heinecke@intevation.de>
parents: 186
diff changeset
113 if (b64Line.isEmpty()) {
825b42da1855 Avoid printing an error when an empty certificate ist constructed
Andre Heinecke <andre.heinecke@intevation.de>
parents: 186
diff changeset
114 return;
825b42da1855 Avoid printing an error when an empty certificate ist constructed
Andre Heinecke <andre.heinecke@intevation.de>
parents: 186
diff changeset
115 }
825b42da1855 Avoid printing an error when an empty certificate ist constructed
Andre Heinecke <andre.heinecke@intevation.de>
parents: 186
diff changeset
116
83
ba8a548ff252 Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents: 82
diff changeset
117 /* Cut of the first two chars (e.g. I: and decode) */
349
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
118 QByteArray derData = QByteArray::fromBase64(
83
ba8a548ff252 Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents: 82
diff changeset
119 b64Line.right(b64Line.size() - 2).toLatin1());
ba8a548ff252 Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents: 82
diff changeset
120
349
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
121 parseDetails(derData);
186
2551ad24d3c2 Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents: 94
diff changeset
122
338
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
123 /* If the subject CN is set then at least one x509parse
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
124 * in polarssl was successfull. And a root certificate
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
125 * always needs to have a subject CN */
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
126 mValid = !mSubjectCN.isEmpty();
83
ba8a548ff252 Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents: 82
diff changeset
127
ba8a548ff252 Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents: 82
diff changeset
128 mBaseLine = b64Line;
81
112228bd7e4b Remove platform specific certificate immplementations.
Andre Heinecke <aheinecke@intevation.de>
parents: 78
diff changeset
129 }
186
2551ad24d3c2 Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents: 94
diff changeset
130
338
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
131 QString Certificate::shortDescription() const {
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
132 if (!isValid()) {
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
133 return QObject::tr("Failed to parse certificate");
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
134 }
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
135
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
136 QString ret = mSubjectCN; /* Necessary by definition */
530
fb47bab4c71a Only show CN als shortDescription
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
137 /*
338
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
138 if (!mSubjectO.isEmpty()) {
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
139 ret += " - " + mSubjectO;
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
140 }
530
fb47bab4c71a Only show CN als shortDescription
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
141 */
338
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
142 return ret;
186
2551ad24d3c2 Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents: 94
diff changeset
143 }
349
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
144
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
145 QList<Certificate> Certificate::fromFileName(const QString& file_name) {
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
146 /* We read the file using Qt to avoid filename encoding problems
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
147 * on Windows */
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
148
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
149 QFile certificateFile(file_name);
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
150 QByteArray fileContent;
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
151 QList<Certificate> retval;
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
152 x509_crt chain;
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
153 int ret = 0;
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
154 if (!certificateFile.open(QIODevice::ReadOnly)) {
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
155 qDebug() << "Failed to read file.";
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
156 return retval;
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
157 }
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
158
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
159 if (certificateFile.size() > MAX_LINE_LENGTH * MAX_LINES) {
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
160 qDebug() << "File too large";
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
161 return retval;
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
162 }
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
163
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
164 fileContent = certificateFile.readAll();
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
165
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
166 x509_crt_init(&chain);
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
167
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
168 ret = x509_crt_parse(&chain,
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
169 reinterpret_cast<const unsigned char*>(fileContent.constData()),
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
170 fileContent.size());
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
171
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
172 if (ret < 0) {
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
173 qDebug() << "Failed to parse certificates.";
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
174 return retval;
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
175 }
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
176
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
177 if (ret > 0) {
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
178 qDebug() << "Some certificates could not be parsed.";
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
179 }
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
180
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
181 x509_crt *iter = &chain;
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
182
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
183 while (iter) {
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
184 QByteArray derData(reinterpret_cast<const char*>(iter->raw.p),
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
185 static_cast<int>(iter->raw.len));
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
186 retval << Certificate(derData);
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
187 iter = iter->next;
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
188 }
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
189 x509_crt_free(&chain);
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
190
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
191 return retval;
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
192 }
355
5f1494fab517 merged.
Raimund Renkert <rrenkert@intevation.de>
parents: 352 349
diff changeset
193
352
b0a274f4f9e2 Added setter to certificate to change the install/remove state.
Raimund Renkert <rrenkert@intevation.de>
parents: 338
diff changeset
194 void Certificate::setInstallCert(bool install)
b0a274f4f9e2 Added setter to certificate to change the install/remove state.
Raimund Renkert <rrenkert@intevation.de>
parents: 338
diff changeset
195 {
b0a274f4f9e2 Added setter to certificate to change the install/remove state.
Raimund Renkert <rrenkert@intevation.de>
parents: 338
diff changeset
196 if (install && mBaseLine.startsWith("R:")) {
b0a274f4f9e2 Added setter to certificate to change the install/remove state.
Raimund Renkert <rrenkert@intevation.de>
parents: 338
diff changeset
197 mBaseLine.replace(0, 1, "I");
b0a274f4f9e2 Added setter to certificate to change the install/remove state.
Raimund Renkert <rrenkert@intevation.de>
parents: 338
diff changeset
198 }
b0a274f4f9e2 Added setter to certificate to change the install/remove state.
Raimund Renkert <rrenkert@intevation.de>
parents: 338
diff changeset
199 else if (!install && mBaseLine.startsWith("I:")) {
b0a274f4f9e2 Added setter to certificate to change the install/remove state.
Raimund Renkert <rrenkert@intevation.de>
parents: 338
diff changeset
200 mBaseLine.replace(0, 1, "R");
b0a274f4f9e2 Added setter to certificate to change the install/remove state.
Raimund Renkert <rrenkert@intevation.de>
parents: 338
diff changeset
201 }
b0a274f4f9e2 Added setter to certificate to change the install/remove state.
Raimund Renkert <rrenkert@intevation.de>
parents: 338
diff changeset
202 }
1288
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
203
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
204 #ifdef WIN32
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
205 bool Certificate::showNativeUI(void *parent)
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
206 {
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
207 /* Cut of the first two chars (e.g. I: and decode) */
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
208 bool retval = false;
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
209 QByteArray pemData = QByteArray(
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
210 mBaseLine.right(mBaseLine.size() - 2).toLatin1());
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
211 PCCERT_CONTEXT pCert = b64_to_cert_context (pemData.data(), pemData.size());
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
212 typedef BOOL (CALLBACK* LPFNVIEWDLG)(DWORD,const void *,HWND,LPCWSTR,DWORD,void *);
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
213 LPFNVIEWDLG funcPtr;
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
214
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
215 /* CryptUIDlgViewContext is not part of mingw 3.1.0
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
216 * so we workaround this by geting the process address dynamically. */
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
217 HMODULE hmod = LoadLibraryW(L"cryptui");
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
218
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
219 if (!hmod) {
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
220 qDebug() << "Failed to open Cryptui.dll";
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
221 goto done;
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
222 }
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
223
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
224 funcPtr = (LPFNVIEWDLG) GetProcAddress (hmod, "CryptUIDlgViewContext");
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
225 if (!funcPtr) {
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
226 qDebug() << "Failed to find Address of CryptUIDlgViewContext";
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
227 goto done;
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
228 }
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
229
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
230 if (pCert == NULL) {
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
231 qDebug() << "Failed to parse certificate.";
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
232 goto done;
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
233 }
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
234
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
235 if (!funcPtr(CERT_STORE_CERTIFICATE_CONTEXT,
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
236 pCert,
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
237 (HWND) parent,
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
238 NULL, // Default Title
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
239 0,
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
240 NULL)) {
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
241 qDebug() << "Failed to view certificate.";
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
242 retval = false;
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
243 goto done;
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
244 }
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
245
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
246 retval = true;
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
247 done:
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
248
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
249 if (pCert) {
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
250 CertFreeCertificateContext(pCert);
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
251 }
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
252 if (hmod) {
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
253 FreeLibrary(hmod);
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
254 }
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
255 return retval;
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
256 }
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
257 #else
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
258 bool Certificate::showNativeUI(void *parent)
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
259 {
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
260 qDebug() << "Not implemented.";
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
261 return false;
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
262 }
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
263 #endif

http://wald.intevation.org/projects/trustbridge/