Mercurial > trustbridge
annotate ui/certificate.cpp @ 338:64e38886f903
Use certhelp for certificate parsing and add some dummy info
author | Andre Heinecke <aheinecke@intevation.de> |
---|---|
date | Wed, 09 Apr 2014 14:26:53 +0000 |
parents | 825b42da1855 |
children | a49766196a7d b0a274f4f9e2 |
rev | line source |
---|---|
21
dc1e1e9e62ce
Add certificate class and use it
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
1 #include "certificate.h" |
82
1f27d6db5ee3
Polarssl based certificate handling
Andre Heinecke <aheinecke@intevation.de>
parents:
81
diff
changeset
|
2 #include <QDebug> |
186
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
3 #include <QStringList> |
21
dc1e1e9e62ce
Add certificate class and use it
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
4 #include <QObject> |
dc1e1e9e62ce
Add certificate class and use it
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
5 |
338
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
6 #include "certhelp.h" |
94
f1ebab8639dc
Do not save the x509 cert as a member variable
Andre Heinecke <aheinecke@intevation.de>
parents:
83
diff
changeset
|
7 |
338
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
8 /* Qt wrapper around certhelp functions. */ |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
9 QString getX509Value(x509_name *namebuf, unsigned char *oid) { |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
10 QString retval; |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
11 char * buf = get_oid_valstr(namebuf, oid); |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
12 if (buf == NULL) { |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
13 return retval; |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
14 } |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
15 retval = QString::fromUtf8(buf, -1); |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
16 free(buf); |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
17 return retval; |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
18 } |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
19 |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
20 void Certificate::parseDetails(const QByteArray& cert) { |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
21 x509_crt chain; |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
22 |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
23 x509_crt_init(&chain); |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
24 if (x509_crt_parse_der(&chain, (const unsigned char *)cert.data(), |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
25 cert.size()) != 0) { |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
26 qDebug() << "Failed to parse cert.."; |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
27 return; |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
28 } |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
29 |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
30 mValidFrom = QDateTime(QDate(chain.valid_from.year, |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
31 chain.valid_from.mon, |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
32 chain.valid_from.day), |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
33 QTime(chain.valid_from.hour, |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
34 chain.valid_from.min, |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
35 chain.valid_from.sec)); |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
36 |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
37 mValidTo = QDateTime(QDate(chain.valid_to.year, |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
38 chain.valid_to.mon, |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
39 chain.valid_to.day), |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
40 QTime(chain.valid_to.hour, |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
41 chain.valid_to.min, |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
42 chain.valid_to.sec)); |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
43 |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
44 mSubjectCN = getX509Value(&(chain.subject), CERT_OID_CN); |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
45 mSubjectOU = getX509Value(&(chain.subject), CERT_OID_OU); |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
46 mSubjectO = getX509Value(&(chain.subject), CERT_OID_O); |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
47 mSubjectSN = getX509Value(&(chain.subject), CERT_OID_SN); |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
48 x509_crt_free(&chain); |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
49 |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
50 mDetails = QObject::tr("Certificate:\n" |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
51 " <bold>%1</bold>\n" |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
52 " %2, %3\n\n" |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
53 "Serial number:\n" |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
54 "%4\n" |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
55 "Valid from: <bold>%5</bold> to <bold>%6</bold>\n\n" |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
56 "Issued by: ..") |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
57 .arg(mSubjectCN) |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
58 .arg(mSubjectO) |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
59 .arg(mSubjectOU) |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
60 .arg(mSubjectSN) |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
61 .arg(QLocale::system().toString(mValidFrom)) |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
62 .arg(QLocale::system().toString(mValidTo)); |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
63 } |
186
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
64 |
83
ba8a548ff252
Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents:
82
diff
changeset
|
65 Certificate::Certificate(const QString& b64Line) : |
186
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
66 mValid(false) |
81
112228bd7e4b
Remove platform specific certificate immplementations.
Andre Heinecke <aheinecke@intevation.de>
parents:
78
diff
changeset
|
67 { |
204
825b42da1855
Avoid printing an error when an empty certificate ist constructed
Andre Heinecke <andre.heinecke@intevation.de>
parents:
186
diff
changeset
|
68 if (b64Line.isEmpty()) { |
825b42da1855
Avoid printing an error when an empty certificate ist constructed
Andre Heinecke <andre.heinecke@intevation.de>
parents:
186
diff
changeset
|
69 return; |
825b42da1855
Avoid printing an error when an empty certificate ist constructed
Andre Heinecke <andre.heinecke@intevation.de>
parents:
186
diff
changeset
|
70 } |
825b42da1855
Avoid printing an error when an empty certificate ist constructed
Andre Heinecke <andre.heinecke@intevation.de>
parents:
186
diff
changeset
|
71 |
83
ba8a548ff252
Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents:
82
diff
changeset
|
72 /* Cut of the first two chars (e.g. I: and decode) */ |
ba8a548ff252
Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents:
82
diff
changeset
|
73 QByteArray asn1data = QByteArray::fromBase64( |
ba8a548ff252
Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents:
82
diff
changeset
|
74 b64Line.right(b64Line.size() - 2).toLatin1()); |
ba8a548ff252
Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents:
82
diff
changeset
|
75 |
338
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
76 parseDetails(asn1data); |
186
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
77 |
338
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
78 /* If the subject CN is set then at least one x509parse |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
79 * in polarssl was successfull. And a root certificate |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
80 * always needs to have a subject CN */ |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
81 mValid = !mSubjectCN.isEmpty(); |
83
ba8a548ff252
Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents:
82
diff
changeset
|
82 |
ba8a548ff252
Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents:
82
diff
changeset
|
83 mBaseLine = b64Line; |
81
112228bd7e4b
Remove platform specific certificate immplementations.
Andre Heinecke <aheinecke@intevation.de>
parents:
78
diff
changeset
|
84 } |
186
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
85 |
338
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
86 QString Certificate::shortDescription() const { |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
87 if (!isValid()) { |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
88 return QObject::tr("Failed to parse certificate"); |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
89 } |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
90 |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
91 QString ret = mSubjectCN; /* Necessary by definition */ |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
92 if (!mSubjectO.isEmpty()) { |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
93 ret += " - " + mSubjectO; |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
94 } |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
95 if (!mSubjectOU.isEmpty()) { |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
96 ret += ", " + mSubjectOU; |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
97 } |
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
98 return ret; |
186
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
99 } |