Mercurial > trustbridge

comparison ui/certificate.cpp @ 349:a49766196a7d

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Add certificateFromFile method Currently untested
author Andre Heinecke <andre.heinecke@intevation.de>
date Thu, 10 Apr 2014 15:08:54 +0200
parents 64e38886f903
children 5f1494fab517
comparison
equal deleted inserted replaced
348:e6aa82466420 349:a49766196a7d
1 #include "certificate.h" 1 #include "certificate.h"
2 #include <QDebug> 2 #include <QDebug>
3 #include <QFile>
3 #include <QStringList> 4 #include <QStringList>
4 #include <QObject> 5 #include <QObject>
5 6
6 #include "certhelp.h" 7 #include "certhelp.h"
8 #include "listutil.h"
7 9
8 /* Qt wrapper around certhelp functions. */ 10 /* Qt wrapper around certhelp functions. */
9 QString getX509Value(x509_name *namebuf, unsigned char *oid) { 11 QString getX509Value(x509_name *namebuf, unsigned char *oid) {
10 QString retval; 12 QString retval;
11 char * buf = get_oid_valstr(namebuf, oid); 13 char * buf = get_oid_valstr(namebuf, oid);
60 .arg(mSubjectSN) 62 .arg(mSubjectSN)
61 .arg(QLocale::system().toString(mValidFrom)) 63 .arg(QLocale::system().toString(mValidFrom))
62 .arg(QLocale::system().toString(mValidTo)); 64 .arg(QLocale::system().toString(mValidTo));
63 } 65 }
64 66
67 Certificate::Certificate(const QByteArray& derData) :
68 mValid(false)
69 {
70 if (derData.isEmpty()) {
71 return;
72 }
73
74 parseDetails(derData);
75
76 mValid = !mSubjectCN.isEmpty();
77
78 mBaseLine = derData.toBase64();
79 }
80
65 Certificate::Certificate(const QString& b64Line) : 81 Certificate::Certificate(const QString& b64Line) :
66 mValid(false) 82 mValid(false)
67 { 83 {
68 if (b64Line.isEmpty()) { 84 if (b64Line.isEmpty()) {
69 return; 85 return;
70 } 86 }
71 87
72 /* Cut of the first two chars (e.g. I: and decode) */ 88 /* Cut of the first two chars (e.g. I: and decode) */
73 QByteArray asn1data = QByteArray::fromBase64( 89 QByteArray derData = QByteArray::fromBase64(
74 b64Line.right(b64Line.size() - 2).toLatin1()); 90 b64Line.right(b64Line.size() - 2).toLatin1());
75 91
76 parseDetails(asn1data); 92 parseDetails(derData);
77 93
78 /* If the subject CN is set then at least one x509parse 94 /* If the subject CN is set then at least one x509parse
79 * in polarssl was successfull. And a root certificate 95 * in polarssl was successfull. And a root certificate
80 * always needs to have a subject CN */ 96 * always needs to have a subject CN */
81 mValid = !mSubjectCN.isEmpty(); 97 mValid = !mSubjectCN.isEmpty();
95 if (!mSubjectOU.isEmpty()) { 111 if (!mSubjectOU.isEmpty()) {
96 ret += ", " + mSubjectOU; 112 ret += ", " + mSubjectOU;
97 } 113 }
98 return ret; 114 return ret;
99 } 115 }
116
117 QList<Certificate> Certificate::fromFileName(const QString& file_name) {
118 /* We read the file using Qt to avoid filename encoding problems
119 * on Windows */
120
121 /* TODO change qDebug errors into messageboxes */
122 QFile certificateFile(file_name);
123 QByteArray fileContent;
124 QList<Certificate> retval;
125 x509_crt chain;
126 int ret = 0;
127 if (!certificateFile.open(QIODevice::ReadOnly)) {
128 qDebug() << "Failed to read file.";
129 return retval;
130 }
131
132 if (certificateFile.size() > MAX_LINE_LENGTH * MAX_LINES) {
133 qDebug() << "File too large";
134 return retval;
135 }
136
137 fileContent = certificateFile.readAll();
138
139 x509_crt_init(&chain);
140
141 ret = x509_crt_parse(&chain,
142 reinterpret_cast<const unsigned char*>(fileContent.constData()),
143 fileContent.size());
144
145 if (ret < 0) {
146 qDebug() << "Failed to parse certificates.";
147 return retval;
148 }
149
150 if (ret > 0) {
151 qDebug() << "Some certificates could not be parsed.";
152 /* Maybe return here? */
153 }
154
155 x509_crt *iter = &chain;
156
157 while (iter) {
158 QByteArray derData(reinterpret_cast<const char*>(iter->raw.p),
159 static_cast<int>(iter->raw.len));
160 retval << Certificate(derData);
161 iter = iter->next;
162 }
163 x509_crt_free(&chain);
164
165 return retval;
166 }
http://wald.intevation.org/projects/trustbridge/