Mercurial > trustbridge
annotate ui/certificate.cpp @ 502:e551de11d8b6
Properly handle the case that the file does not exist.
TRUNCATE makes create file fail if the file does not exist
but we need TRUNCATE in the case that the file already exists
| author | Andre Heinecke <aheinecke@intevation.de> |
|---|---|
| date | Mon, 28 Apr 2014 09:18:07 +0000 |
| parents | 17e1c8f37d72 |
| children | fb47bab4c71a |
| rev | line source |
|---|---|
| 404 | 1 /* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik |
| 2 * Software engineering by Intevation GmbH | |
| 3 * | |
| 4 * This file is Free Software under the GNU GPL (v>=2) | |
| 5 * and comes with ABSOLUTELY NO WARRANTY! | |
| 6 * See LICENSE.txt for details. | |
| 7 */ | |
|
21
dc1e1e9e62ce
Add certificate class and use it
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
8 #include "certificate.h" |
|
82
1f27d6db5ee3
Polarssl based certificate handling
Andre Heinecke <aheinecke@intevation.de>
parents:
81
diff
changeset
|
9 #include <QDebug> |
|
349
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
10 #include <QFile> |
|
186
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
11 #include <QStringList> |
|
21
dc1e1e9e62ce
Add certificate class and use it
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
12 #include <QObject> |
|
dc1e1e9e62ce
Add certificate class and use it
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
13 |
|
378
31079bd54036
Add fingerprint to certificate
Andre Heinecke <andre.heinecke@intevation.de>
parents:
356
diff
changeset
|
14 #include <polarssl/sha1.h> |
|
31079bd54036
Add fingerprint to certificate
Andre Heinecke <andre.heinecke@intevation.de>
parents:
356
diff
changeset
|
15 |
|
338
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
16 #include "certhelp.h" |
|
349
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
17 #include "listutil.h" |
|
94
f1ebab8639dc
Do not save the x509 cert as a member variable
Andre Heinecke <aheinecke@intevation.de>
parents:
83
diff
changeset
|
18 |
|
338
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
19 /* Qt wrapper around certhelp functions. */ |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
20 QString getX509Value(x509_name *namebuf, unsigned char *oid) { |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
21 QString retval; |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
22 char * buf = get_oid_valstr(namebuf, oid); |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
23 if (buf == NULL) { |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
24 return retval; |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
25 } |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
26 retval = QString::fromUtf8(buf, -1); |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
27 free(buf); |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
28 return retval; |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
29 } |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
30 |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
31 void Certificate::parseDetails(const QByteArray& cert) { |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
32 x509_crt chain; |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
33 |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
34 x509_crt_init(&chain); |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
35 if (x509_crt_parse_der(&chain, (const unsigned char *)cert.data(), |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
36 cert.size()) != 0) { |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
37 qDebug() << "Failed to parse cert.."; |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
38 return; |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
39 } |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
40 |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
41 mValidFrom = QDateTime(QDate(chain.valid_from.year, |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
42 chain.valid_from.mon, |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
43 chain.valid_from.day), |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
44 QTime(chain.valid_from.hour, |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
45 chain.valid_from.min, |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
46 chain.valid_from.sec)); |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
47 |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
48 mValidTo = QDateTime(QDate(chain.valid_to.year, |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
49 chain.valid_to.mon, |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
50 chain.valid_to.day), |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
51 QTime(chain.valid_to.hour, |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
52 chain.valid_to.min, |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
53 chain.valid_to.sec)); |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
54 |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
55 mSubjectCN = getX509Value(&(chain.subject), CERT_OID_CN); |
|
380
1220b741cd51
Add some more fields for a certificate
Andre Heinecke <andre.heinecke@intevation.de>
parents:
379
diff
changeset
|
56 mIssuerCN = getX509Value(&(chain.issuer), CERT_OID_CN); |
|
338
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
57 mSubjectOU = getX509Value(&(chain.subject), CERT_OID_OU); |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
58 mSubjectO = getX509Value(&(chain.subject), CERT_OID_O); |
|
380
1220b741cd51
Add some more fields for a certificate
Andre Heinecke <andre.heinecke@intevation.de>
parents:
379
diff
changeset
|
59 mIssuerO = getX509Value(&(chain.issuer), CERT_OID_O); |
|
338
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
60 mSubjectSN = getX509Value(&(chain.subject), CERT_OID_SN); |
|
378
31079bd54036
Add fingerprint to certificate
Andre Heinecke <andre.heinecke@intevation.de>
parents:
356
diff
changeset
|
61 |
|
31079bd54036
Add fingerprint to certificate
Andre Heinecke <andre.heinecke@intevation.de>
parents:
356
diff
changeset
|
62 /* Calculate sha1 fingerprint */ |
|
31079bd54036
Add fingerprint to certificate
Andre Heinecke <andre.heinecke@intevation.de>
parents:
356
diff
changeset
|
63 unsigned char sha1sum[20]; |
|
31079bd54036
Add fingerprint to certificate
Andre Heinecke <andre.heinecke@intevation.de>
parents:
356
diff
changeset
|
64 sha1(chain.raw.p, chain.raw.len, sha1sum); |
|
31079bd54036
Add fingerprint to certificate
Andre Heinecke <andre.heinecke@intevation.de>
parents:
356
diff
changeset
|
65 for (int i=0; i < 20; i++) { |
|
403
7a15a3066f7b
Fill to two characters
Andre Heinecke <aheinecke@intevation.de>
parents:
380
diff
changeset
|
66 mFingerprint += QString("%1").arg(sha1sum[i], 0, 16).rightJustified(2, '0'); |
|
378
31079bd54036
Add fingerprint to certificate
Andre Heinecke <andre.heinecke@intevation.de>
parents:
356
diff
changeset
|
67 if (i != 19) { |
|
31079bd54036
Add fingerprint to certificate
Andre Heinecke <andre.heinecke@intevation.de>
parents:
356
diff
changeset
|
68 mFingerprint += ":"; |
|
31079bd54036
Add fingerprint to certificate
Andre Heinecke <andre.heinecke@intevation.de>
parents:
356
diff
changeset
|
69 } |
|
379
2ddc685cba33
Make the fingerprint uppercase
Andre Heinecke <andre.heinecke@intevation.de>
parents:
378
diff
changeset
|
70 mFingerprint = mFingerprint.toUpper(); |
|
378
31079bd54036
Add fingerprint to certificate
Andre Heinecke <andre.heinecke@intevation.de>
parents:
356
diff
changeset
|
71 } |
|
31079bd54036
Add fingerprint to certificate
Andre Heinecke <andre.heinecke@intevation.de>
parents:
356
diff
changeset
|
72 |
|
338
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
73 x509_crt_free(&chain); |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
74 |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
75 mDetails = QObject::tr("Certificate:\n" |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
76 " <bold>%1</bold>\n" |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
77 " %2, %3\n\n" |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
78 "Serial number:\n" |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
79 "%4\n" |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
80 "Valid from: <bold>%5</bold> to <bold>%6</bold>\n\n" |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
81 "Issued by: ..") |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
82 .arg(mSubjectCN) |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
83 .arg(mSubjectO) |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
84 .arg(mSubjectOU) |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
85 .arg(mSubjectSN) |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
86 .arg(QLocale::system().toString(mValidFrom)) |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
87 .arg(QLocale::system().toString(mValidTo)); |
|
378
31079bd54036
Add fingerprint to certificate
Andre Heinecke <andre.heinecke@intevation.de>
parents:
356
diff
changeset
|
88 |
|
338
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
89 } |
|
186
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
90 |
|
349
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
91 Certificate::Certificate(const QByteArray& derData) : |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
92 mValid(false) |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
93 { |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
94 if (derData.isEmpty()) { |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
95 return; |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
96 } |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
97 |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
98 parseDetails(derData); |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
99 |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
100 mValid = !mSubjectCN.isEmpty(); |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
101 |
|
356
67b471c4d1fc
Default for loaded certificates from file to install
Andre Heinecke <andre.heinecke@intevation.de>
parents:
355
diff
changeset
|
102 /* Default is installation for new certificates */ |
|
67b471c4d1fc
Default for loaded certificates from file to install
Andre Heinecke <andre.heinecke@intevation.de>
parents:
355
diff
changeset
|
103 mBaseLine = QString::fromLatin1("I:") + derData.toBase64(); |
|
349
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
104 } |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
105 |
|
83
ba8a548ff252
Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents:
82
diff
changeset
|
106 Certificate::Certificate(const QString& b64Line) : |
|
186
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
107 mValid(false) |
|
81
112228bd7e4b
Remove platform specific certificate immplementations.
Andre Heinecke <aheinecke@intevation.de>
parents:
78
diff
changeset
|
108 { |
|
204
825b42da1855
Avoid printing an error when an empty certificate ist constructed
Andre Heinecke <andre.heinecke@intevation.de>
parents:
186
diff
changeset
|
109 if (b64Line.isEmpty()) { |
|
825b42da1855
Avoid printing an error when an empty certificate ist constructed
Andre Heinecke <andre.heinecke@intevation.de>
parents:
186
diff
changeset
|
110 return; |
|
825b42da1855
Avoid printing an error when an empty certificate ist constructed
Andre Heinecke <andre.heinecke@intevation.de>
parents:
186
diff
changeset
|
111 } |
|
825b42da1855
Avoid printing an error when an empty certificate ist constructed
Andre Heinecke <andre.heinecke@intevation.de>
parents:
186
diff
changeset
|
112 |
|
83
ba8a548ff252
Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents:
82
diff
changeset
|
113 /* Cut of the first two chars (e.g. I: and decode) */ |
|
349
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
114 QByteArray derData = QByteArray::fromBase64( |
|
83
ba8a548ff252
Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents:
82
diff
changeset
|
115 b64Line.right(b64Line.size() - 2).toLatin1()); |
|
ba8a548ff252
Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents:
82
diff
changeset
|
116 |
|
349
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
117 parseDetails(derData); |
|
186
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
118 |
|
338
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
119 /* If the subject CN is set then at least one x509parse |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
120 * in polarssl was successfull. And a root certificate |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
121 * always needs to have a subject CN */ |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
122 mValid = !mSubjectCN.isEmpty(); |
|
83
ba8a548ff252
Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents:
82
diff
changeset
|
123 |
|
ba8a548ff252
Expand certificate class to make raw data accessible
Andre Heinecke <aheinecke@intevation.de>
parents:
82
diff
changeset
|
124 mBaseLine = b64Line; |
|
81
112228bd7e4b
Remove platform specific certificate immplementations.
Andre Heinecke <aheinecke@intevation.de>
parents:
78
diff
changeset
|
125 } |
|
186
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
126 |
|
338
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
127 QString Certificate::shortDescription() const { |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
128 if (!isValid()) { |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
129 return QObject::tr("Failed to parse certificate"); |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
130 } |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
131 |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
132 QString ret = mSubjectCN; /* Necessary by definition */ |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
133 if (!mSubjectO.isEmpty()) { |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
134 ret += " - " + mSubjectO; |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
135 } |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
136 if (!mSubjectOU.isEmpty()) { |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
137 ret += ", " + mSubjectOU; |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
138 } |
|
64e38886f903
Use certhelp for certificate parsing and add some dummy info
Andre Heinecke <aheinecke@intevation.de>
parents:
204
diff
changeset
|
139 return ret; |
|
186
2551ad24d3c2
Get subject from the certificate and parse it's attributes
Andre Heinecke <andre.heinecke@intevation.de>
parents:
94
diff
changeset
|
140 } |
|
349
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
141 |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
142 QList<Certificate> Certificate::fromFileName(const QString& file_name) { |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
143 /* We read the file using Qt to avoid filename encoding problems |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
144 * on Windows */ |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
145 |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
146 /* TODO change qDebug errors into messageboxes */ |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
147 QFile certificateFile(file_name); |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
148 QByteArray fileContent; |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
149 QList<Certificate> retval; |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
150 x509_crt chain; |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
151 int ret = 0; |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
152 if (!certificateFile.open(QIODevice::ReadOnly)) { |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
153 qDebug() << "Failed to read file."; |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
154 return retval; |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
155 } |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
156 |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
157 if (certificateFile.size() > MAX_LINE_LENGTH * MAX_LINES) { |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
158 qDebug() << "File too large"; |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
159 return retval; |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
160 } |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
161 |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
162 fileContent = certificateFile.readAll(); |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
163 |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
164 x509_crt_init(&chain); |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
165 |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
166 ret = x509_crt_parse(&chain, |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
167 reinterpret_cast<const unsigned char*>(fileContent.constData()), |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
168 fileContent.size()); |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
169 |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
170 if (ret < 0) { |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
171 qDebug() << "Failed to parse certificates."; |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
172 return retval; |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
173 } |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
174 |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
175 if (ret > 0) { |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
176 qDebug() << "Some certificates could not be parsed."; |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
177 /* Maybe return here? */ |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
178 } |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
179 |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
180 x509_crt *iter = &chain; |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
181 |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
182 while (iter) { |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
183 QByteArray derData(reinterpret_cast<const char*>(iter->raw.p), |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
184 static_cast<int>(iter->raw.len)); |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
185 retval << Certificate(derData); |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
186 iter = iter->next; |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
187 } |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
188 x509_crt_free(&chain); |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
189 |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
190 return retval; |
|
a49766196a7d
Add certificateFromFile method
Andre Heinecke <andre.heinecke@intevation.de>
parents:
338
diff
changeset
|
191 } |
| 355 | 192 |
|
352
b0a274f4f9e2
Added setter to certificate to change the install/remove state.
Raimund Renkert <rrenkert@intevation.de>
parents:
338
diff
changeset
|
193 void Certificate::setInstallCert(bool install) |
|
b0a274f4f9e2
Added setter to certificate to change the install/remove state.
Raimund Renkert <rrenkert@intevation.de>
parents:
338
diff
changeset
|
194 { |
|
b0a274f4f9e2
Added setter to certificate to change the install/remove state.
Raimund Renkert <rrenkert@intevation.de>
parents:
338
diff
changeset
|
195 if (install && mBaseLine.startsWith("R:")) { |
|
b0a274f4f9e2
Added setter to certificate to change the install/remove state.
Raimund Renkert <rrenkert@intevation.de>
parents:
338
diff
changeset
|
196 mBaseLine.replace(0, 1, "I"); |
|
b0a274f4f9e2
Added setter to certificate to change the install/remove state.
Raimund Renkert <rrenkert@intevation.de>
parents:
338
diff
changeset
|
197 } |
|
b0a274f4f9e2
Added setter to certificate to change the install/remove state.
Raimund Renkert <rrenkert@intevation.de>
parents:
338
diff
changeset
|
198 else if (!install && mBaseLine.startsWith("I:")) { |
|
b0a274f4f9e2
Added setter to certificate to change the install/remove state.
Raimund Renkert <rrenkert@intevation.de>
parents:
338
diff
changeset
|
199 mBaseLine.replace(0, 1, "R"); |
|
b0a274f4f9e2
Added setter to certificate to change the install/remove state.
Raimund Renkert <rrenkert@intevation.de>
parents:
338
diff
changeset
|
200 } |
|
b0a274f4f9e2
Added setter to certificate to change the install/remove state.
Raimund Renkert <rrenkert@intevation.de>
parents:
338
diff
changeset
|
201 } |