Mercurial > trustbridge
comparison ui/certificate.cpp @ 186:2551ad24d3c2
Get subject from the certificate and parse it's attributes
| author | Andre Heinecke <andre.heinecke@intevation.de> |
|---|---|
| date | Wed, 26 Mar 2014 12:07:06 +0100 |
| parents | f1ebab8639dc |
| children | 825b42da1855 |
comparison
equal
deleted
inserted
replaced
| 185:ee37c085b9f7 | 186:2551ad24d3c2 |
|---|---|
| 1 #include "certificate.h" | 1 #include "certificate.h" |
| 2 #include <QDebug> | 2 #include <QDebug> |
| 3 #include <QStringList> | |
| 3 #include <QObject> | 4 #include <QObject> |
| 4 | 5 |
| 5 #include <polarssl/x509_crt.h> | 6 #include <polarssl/x509_crt.h> |
| 6 | 7 |
| 8 #define POLARSSL_INFO_BUF_SIZE 2000 | |
| 9 | |
| 7 Certificate::Certificate(const QString& b64Line) : | 10 Certificate::Certificate(const QString& b64Line) : |
| 8 mValid(false), | 11 mValid(false) |
| 9 mShortDescription(QObject::tr("Invalid Certificate")) | |
| 10 { | 12 { |
| 11 int ret = -1; | 13 int ret = -1; |
| 12 char buf[2000]; | 14 char buf[POLARSSL_INFO_BUF_SIZE]; |
| 15 | |
| 13 x509_crt x509cert; | 16 x509_crt x509cert; |
| 14 | 17 |
| 15 /* Cut of the first two chars (e.g. I: and decode) */ | 18 /* Cut of the first two chars (e.g. I: and decode) */ |
| 16 QByteArray asn1data = QByteArray::fromBase64( | 19 QByteArray asn1data = QByteArray::fromBase64( |
| 17 b64Line.right(b64Line.size() - 2).toLatin1()); | 20 b64Line.right(b64Line.size() - 2).toLatin1()); |
| 24 qDebug() << "Parsing certificate failed with error: " << ret; | 27 qDebug() << "Parsing certificate failed with error: " << ret; |
| 25 x509_crt_free(&x509cert); | 28 x509_crt_free(&x509cert); |
| 26 return; | 29 return; |
| 27 } | 30 } |
| 28 | 31 |
| 29 ret = x509_crt_info(buf, 2000, "", &x509cert); | 32 /* Get a full details string */ |
| 30 x509_crt_free(&x509cert); | 33 ret = x509_crt_info(buf, POLARSSL_INFO_BUF_SIZE, "", &x509cert); |
| 31 | 34 |
| 32 if (ret <= 0) { | 35 if (ret <= 0) { |
| 33 qDebug() << "Getting certificate info failed with error: " << ret; | 36 qDebug() << "Getting certificate info failed with error: " << ret; |
| 34 return; | 37 return; |
| 35 } | 38 } |
| 36 | 39 |
| 37 /* In case of success the return value is the size of the information | 40 /* In case of success the return value is the size of the information |
| 38 * written into buf | 41 * written into buf */ |
| 39 * */ | |
| 40 | |
| 41 mDetails = QString::fromUtf8(buf, ret); | 42 mDetails = QString::fromUtf8(buf, ret); |
| 42 | 43 |
| 43 mShortDescription = mDetails; /* TODO */ | 44 /* Get the subject */ |
| 45 ret = x509_dn_gets(buf, POLARSSL_INFO_BUF_SIZE, &(x509cert.subject)); | |
| 46 | |
| 47 if (ret <= 0) { | |
| 48 qDebug() << "Getting certificate subject failed with error: " << ret; | |
| 49 return; | |
| 50 } | |
| 51 | |
| 52 /* TODO check that all asn encodings are handled */ | |
| 53 QString subject = QString::fromUtf8(buf, ret); | |
| 54 | |
| 55 /* TODO check that escaped , are not possible */ | |
| 56 QStringList attrs = subject.split(", "); | |
| 57 | |
| 58 foreach (const QString& attr, attrs) { | |
| 59 QStringList kv = attr.split("="); | |
| 60 if (kv.size() != 2) { | |
| 61 qDebug() << "Failed to parse subject element: " << attr; | |
| 62 continue; | |
| 63 } | |
| 64 mSubjectAttrs.insert(kv[0], kv[1]); | |
| 65 } | |
| 66 | |
| 67 /* For more information to get from a x509_crt see | |
| 68 * https://polarssl.org/api/x509_8h.html */ | |
| 69 | |
| 70 x509_crt_free(&x509cert); | |
| 44 | 71 |
| 45 mValid = true; | 72 mValid = true; |
| 46 | 73 |
| 47 mBaseLine = b64Line; | 74 mBaseLine = b64Line; |
| 48 } | 75 } |
| 76 | |
| 77 QString Certificate::getSubjectAttr (const QString& attrName) const { | |
| 78 return mSubjectAttrs.value(attrName); | |
| 79 } | |
| 80 | |
| 81 QString Certificate::shortDescription() const { | |
| 82 return getSubjectAttr("CN"); | |
| 83 } |