Mercurial > trustbridge

annotate ui/certificate.cpp @ 1289:34c92dbfee7e

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
(issue44) Do not ask the user to confirm start on update
author Andre Heinecke <andre.heinecke@intevation.de>
date Mon, 29 Sep 2014 13:34:19 +0200
parents 265583011f24
children c2fd36cd4093
rev   line source
404
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 403
diff changeset
1 /* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 403
diff changeset
2 * Software engineering by Intevation GmbH
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 403
diff changeset
3 *
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 403
diff changeset
4 * This file is Free Software under the GNU GPL (v>=2)
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 403
diff changeset
5 * and comes with ABSOLUTELY NO WARRANTY!
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 403
diff changeset
6 * See LICENSE.txt for details.
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 403
diff changeset
7 */
21
dc1e1e9e62ce Add certificate class and use it
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
8 #include "certificate.h"
82
1f27d6db5ee3 Polarssl based certificate handling
Andre Heinecke <aheinecke@intevation.de>
parents: 81
diff changeset
9 #include <QDebug>
349
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
10 #include <QFile>
186
2551ad24d3c2 Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents: 94
diff changeset
11 #include <QStringList>
21
dc1e1e9e62ce Add certificate class and use it
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
12 #include <QObject>
dc1e1e9e62ce Add certificate class and use it
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
13
378
31079bd54036 Add fingerprint to certificate
Andre Heinecke <andre.heinecke@intevation.de>
parents: 356
diff changeset
14 #include <polarssl/sha1.h>
31079bd54036 Add fingerprint to certificate
Andre Heinecke <andre.heinecke@intevation.de>
parents: 356
diff changeset
15
338
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
16 #include "certhelp.h"
349
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
17 #include "listutil.h"
94
f1ebab8639dc Do not save the x509 cert as a member variable
Andre Heinecke <aheinecke@intevation.de>
parents: 83
diff changeset
18
1288
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
19 #ifdef WIN32
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
20 #include <cryptuiapi.h>
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
21 #endif
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
22
338
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
23 /* Qt wrapper around certhelp functions. */
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
24 QString getX509Value(x509_name *namebuf, unsigned char *oid) {
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
25 QString retval;
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
26 char * buf = get_oid_valstr(namebuf, oid);
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
27 if (buf == NULL) {
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
28 return retval;
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
29 }
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
30 retval = QString::fromUtf8(buf, -1);
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
31 free(buf);
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
32 return retval;
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
33 }
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
34
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
35 void Certificate::parseDetails(const QByteArray& cert) {
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
36 x509_crt chain;
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
37
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
38 x509_crt_init(&chain);
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
39 if (x509_crt_parse_der(&chain, (const unsigned char *)cert.data(),
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
40 cert.size()) != 0) {
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
41 qDebug() << "Failed to parse cert..";
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
42 return;
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
43 }
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
44
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
45 mValidFrom = QDateTime(QDate(chain.valid_from.year,
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
46 chain.valid_from.mon,
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
47 chain.valid_from.day),
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
48 QTime(chain.valid_from.hour,
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
49 chain.valid_from.min,
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
50 chain.valid_from.sec));
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
51
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
52 mValidTo = QDateTime(QDate(chain.valid_to.year,
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
53 chain.valid_to.mon,
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
54 chain.valid_to.day),
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
55 QTime(chain.valid_to.hour,
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
56 chain.valid_to.min,
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
57 chain.valid_to.sec));
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
58
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
59 mSubjectCN = getX509Value(&(chain.subject), CERT_OID_CN);
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
60 mSubjectOU = getX509Value(&(chain.subject), CERT_OID_OU);
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
61 mSubjectO = getX509Value(&(chain.subject), CERT_OID_O);
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
62 mSubjectSN = getX509Value(&(chain.subject), CERT_OID_SN);
378
31079bd54036 Add fingerprint to certificate
Andre Heinecke <andre.heinecke@intevation.de>
parents: 356
diff changeset
63
31079bd54036 Add fingerprint to certificate
Andre Heinecke <andre.heinecke@intevation.de>
parents: 356
diff changeset
64 /* Calculate sha1 fingerprint */
31079bd54036 Add fingerprint to certificate
Andre Heinecke <andre.heinecke@intevation.de>
parents: 356
diff changeset
65 unsigned char sha1sum[20];
31079bd54036 Add fingerprint to certificate
Andre Heinecke <andre.heinecke@intevation.de>
parents: 356
diff changeset
66 sha1(chain.raw.p, chain.raw.len, sha1sum);
31079bd54036 Add fingerprint to certificate
Andre Heinecke <andre.heinecke@intevation.de>
parents: 356
diff changeset
67 for (int i=0; i < 20; i++) {
403
7a15a3066f7b Fill to two characters
Andre Heinecke <aheinecke@intevation.de>
parents: 380
diff changeset
68 mFingerprint += QString("%1").arg(sha1sum[i], 0, 16).rightJustified(2, '0');
378
31079bd54036 Add fingerprint to certificate
Andre Heinecke <andre.heinecke@intevation.de>
parents: 356
diff changeset
69 if (i != 19) {
31079bd54036 Add fingerprint to certificate
Andre Heinecke <andre.heinecke@intevation.de>
parents: 356
diff changeset
70 mFingerprint += ":";
31079bd54036 Add fingerprint to certificate
Andre Heinecke <andre.heinecke@intevation.de>
parents: 356
diff changeset
71 }
379
2ddc685cba33 Make the fingerprint uppercase
Andre Heinecke <andre.heinecke@intevation.de>
parents: 378
diff changeset
72 mFingerprint = mFingerprint.toUpper();
378
31079bd54036 Add fingerprint to certificate
Andre Heinecke <andre.heinecke@intevation.de>
parents: 356
diff changeset
73 }
31079bd54036 Add fingerprint to certificate
Andre Heinecke <andre.heinecke@intevation.de>
parents: 356
diff changeset
74
338
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
75 x509_crt_free(&chain);
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
76
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
77 mDetails = QObject::tr("Certificate:\n"
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
78 " <bold>%1</bold>\n"
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
79 " %2, %3\n\n"
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
80 "Serial number:\n"
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
81 "%4\n"
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
82 "Valid from: <bold>%5</bold> to <bold>%6</bold>\n\n"
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
83 "Issued by: ..")
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
84 .arg(mSubjectCN)
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
85 .arg(mSubjectO)
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
86 .arg(mSubjectOU)
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
87 .arg(mSubjectSN)
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
88 .arg(QLocale::system().toString(mValidFrom))
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
89 .arg(QLocale::system().toString(mValidTo));
378
31079bd54036 Add fingerprint to certificate
Andre Heinecke <andre.heinecke@intevation.de>
parents: 356
diff changeset
90
338
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
91 }
186
2551ad24d3c2 Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents: 94
diff changeset
92
349
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
93 Certificate::Certificate(const QByteArray& derData) :
547
bf445b0e1126 Certificate: initialising member variable mEditable in the constructors.
Bernhard Reiter <bernhard@intevation.de>
parents: 530
diff changeset
94 mValid(false),
1108
9bb9932bb819 Revert commit 1101 the inactive manual changes were a bad idea
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1101
diff changeset
95 mEditable(false)
349
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
96 {
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
97 if (derData.isEmpty()) {
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
98 return;
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
99 }
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
100
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
101 parseDetails(derData);
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
102
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
103 mValid = !mSubjectCN.isEmpty();
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
104
356
67b471c4d1fc Default for loaded certificates from file to install
Andre Heinecke <andre.heinecke@intevation.de>
parents: 355
diff changeset
105 /* Default is installation for new certificates */
67b471c4d1fc Default for loaded certificates from file to install
Andre Heinecke <andre.heinecke@intevation.de>
parents: 355
diff changeset
106 mBaseLine = QString::fromLatin1("I:") + derData.toBase64();
349
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
107 }
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
108
83
ba8a548ff252 Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents: 82
diff changeset
109 Certificate::Certificate(const QString& b64Line) :
547
bf445b0e1126 Certificate: initialising member variable mEditable in the constructors.
Bernhard Reiter <bernhard@intevation.de>
parents: 530
diff changeset
110 mValid(false),
bf445b0e1126 Certificate: initialising member variable mEditable in the constructors.
Bernhard Reiter <bernhard@intevation.de>
parents: 530
diff changeset
111 mEditable(false)
81
112228bd7e4b Remove platform specific certificate immplementations.
Andre Heinecke <aheinecke@intevation.de>
parents: 78
diff changeset
112 {
204
825b42da1855 Avoid printing an error when an empty certificate ist constructed
Andre Heinecke <andre.heinecke@intevation.de>
parents: 186
diff changeset
113 if (b64Line.isEmpty()) {
825b42da1855 Avoid printing an error when an empty certificate ist constructed
Andre Heinecke <andre.heinecke@intevation.de>
parents: 186
diff changeset
114 return;
825b42da1855 Avoid printing an error when an empty certificate ist constructed
Andre Heinecke <andre.heinecke@intevation.de>
parents: 186
diff changeset
115 }
825b42da1855 Avoid printing an error when an empty certificate ist constructed
Andre Heinecke <andre.heinecke@intevation.de>
parents: 186
diff changeset
116
83
ba8a548ff252 Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents: 82
diff changeset
117 /* Cut of the first two chars (e.g. I: and decode) */
349
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
118 QByteArray derData = QByteArray::fromBase64(
83
ba8a548ff252 Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents: 82
diff changeset
119 b64Line.right(b64Line.size() - 2).toLatin1());
ba8a548ff252 Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents: 82
diff changeset
120
349
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
121 parseDetails(derData);
186
2551ad24d3c2 Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents: 94
diff changeset
122
338
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
123 /* If the subject CN is set then at least one x509parse
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
124 * in polarssl was successfull. And a root certificate
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
125 * always needs to have a subject CN */
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
126 mValid = !mSubjectCN.isEmpty();
83
ba8a548ff252 Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents: 82
diff changeset
127
ba8a548ff252 Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents: 82
diff changeset
128 mBaseLine = b64Line;
81
112228bd7e4b Remove platform specific certificate immplementations.
Andre Heinecke <aheinecke@intevation.de>
parents: 78
diff changeset
129 }
186
2551ad24d3c2 Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents: 94
diff changeset
130
338
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
131 QString Certificate::shortDescription() const {
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
132 if (!isValid()) {
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
133 return QObject::tr("Failed to parse certificate");
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
134 }
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
135
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
136 QString ret = mSubjectCN; /* Necessary by definition */
530
fb47bab4c71a Only show CN als shortDescription
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
137 /*
338
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
138 if (!mSubjectO.isEmpty()) {
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
139 ret += " - " + mSubjectO;
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
140 }
530
fb47bab4c71a Only show CN als shortDescription
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
141 */
338
64e38886f903 Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents: 204
diff changeset
142 return ret;
186
2551ad24d3c2 Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents: 94
diff changeset
143 }
349
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
144
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
145 QList<Certificate> Certificate::fromFileName(const QString& file_name) {
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
146 /* We read the file using Qt to avoid filename encoding problems
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
147 * on Windows */
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
148
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
149 QFile certificateFile(file_name);
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
150 QByteArray fileContent;
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
151 QList<Certificate> retval;
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
152 x509_crt chain;
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
153 int ret = 0;
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
154 if (!certificateFile.open(QIODevice::ReadOnly)) {
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
155 qDebug() << "Failed to read file.";
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
156 return retval;
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
157 }
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
158
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
159 if (certificateFile.size() > MAX_LINE_LENGTH * MAX_LINES) {
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
160 qDebug() << "File too large";
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
161 return retval;
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
162 }
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
163
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
164 fileContent = certificateFile.readAll();
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
165
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
166 x509_crt_init(&chain);
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
167
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
168 ret = x509_crt_parse(&chain,
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
169 reinterpret_cast<const unsigned char*>(fileContent.constData()),
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
170 fileContent.size());
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
171
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
172 if (ret < 0) {
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
173 qDebug() << "Failed to parse certificates.";
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
174 return retval;
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
175 }
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
176
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
177 if (ret > 0) {
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
178 qDebug() << "Some certificates could not be parsed.";
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
179 }
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
180
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
181 x509_crt *iter = &chain;
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
182
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
183 while (iter) {
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
184 QByteArray derData(reinterpret_cast<const char*>(iter->raw.p),
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
185 static_cast<int>(iter->raw.len));
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
186 retval << Certificate(derData);
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
187 iter = iter->next;
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
188 }
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
189 x509_crt_free(&chain);
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
190
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
191 return retval;
a49766196a7d Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents: 338
diff changeset
192 }
355
5f1494fab517 merged.
Raimund Renkert <rrenkert@intevation.de>
parents: 352 349
diff changeset
193
352
b0a274f4f9e2 Added setter to certificate to change the install/remove state.
Raimund Renkert <rrenkert@intevation.de>
parents: 338
diff changeset
194 void Certificate::setInstallCert(bool install)
b0a274f4f9e2 Added setter to certificate to change the install/remove state.
Raimund Renkert <rrenkert@intevation.de>
parents: 338
diff changeset
195 {
b0a274f4f9e2 Added setter to certificate to change the install/remove state.
Raimund Renkert <rrenkert@intevation.de>
parents: 338
diff changeset
196 if (install && mBaseLine.startsWith("R:")) {
b0a274f4f9e2 Added setter to certificate to change the install/remove state.
Raimund Renkert <rrenkert@intevation.de>
parents: 338
diff changeset
197 mBaseLine.replace(0, 1, "I");
b0a274f4f9e2 Added setter to certificate to change the install/remove state.
Raimund Renkert <rrenkert@intevation.de>
parents: 338
diff changeset
198 }
b0a274f4f9e2 Added setter to certificate to change the install/remove state.
Raimund Renkert <rrenkert@intevation.de>
parents: 338
diff changeset
199 else if (!install && mBaseLine.startsWith("I:")) {
b0a274f4f9e2 Added setter to certificate to change the install/remove state.
Raimund Renkert <rrenkert@intevation.de>
parents: 338
diff changeset
200 mBaseLine.replace(0, 1, "R");
b0a274f4f9e2 Added setter to certificate to change the install/remove state.
Raimund Renkert <rrenkert@intevation.de>
parents: 338
diff changeset
201 }
b0a274f4f9e2 Added setter to certificate to change the install/remove state.
Raimund Renkert <rrenkert@intevation.de>
parents: 338
diff changeset
202 }
1288
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
203
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
204 #ifdef WIN32
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
205 bool Certificate::showNativeUI(void *parent)
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
206 {
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
207 /* Cut of the first two chars (e.g. I: and decode) */
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
208 bool retval = false;
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
209 QByteArray pemData = QByteArray(
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
210 mBaseLine.right(mBaseLine.size() - 2).toLatin1());
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
211 PCCERT_CONTEXT pCert = b64_to_cert_context (pemData.data(), pemData.size());
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
212 typedef BOOL (CALLBACK* LPFNVIEWDLG)(DWORD,const void *,HWND,LPCWSTR,DWORD,void *);
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
213 LPFNVIEWDLG funcPtr;
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
214
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
215 /* CryptUIDlgViewContext is not part of mingw 3.1.0
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
216 * so we workaround this by geting the process address dynamically. */
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
217 HMODULE hmod = LoadLibraryW(L"cryptui");
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
218
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
219 if (!hmod) {
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
220 qDebug() << "Failed to open Cryptui.dll";
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
221 goto done;
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
222 }
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
223
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
224 funcPtr = (LPFNVIEWDLG) GetProcAddress (hmod, "CryptUIDlgViewContext");
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
225 if (!funcPtr) {
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
226 qDebug() << "Failed to find Address of CryptUIDlgViewContext";
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
227 goto done;
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
228 }
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
229
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
230 if (pCert == NULL) {
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
231 qDebug() << "Failed to parse certificate.";
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
232 goto done;
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
233 }
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
234
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
235 if (!funcPtr(CERT_STORE_CERTIFICATE_CONTEXT,
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
236 pCert,
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
237 (HWND) parent,
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
238 NULL, // Default Title
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
239 0,
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
240 NULL)) {
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
241 qDebug() << "Failed to view certificate.";
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
242 retval = false;
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
243 goto done;
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
244 }
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
245
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
246 retval = true;
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
247 done:
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
248
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
249 if (pCert) {
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
250 CertFreeCertificateContext(pCert);
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
251 }
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
252 if (hmod) {
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
253 FreeLibrary(hmod);
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
254 }
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
255 return retval;
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
256 }
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
257 #else
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
258 bool Certificate::showNativeUI(void *parent)
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
259 {
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
260 qDebug() << "Not implemented.";
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
261 return false;
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
262 }
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
263 #endif
http://wald.intevation.org/projects/trustbridge/