changeset 186:2551ad24d3c2

Get subject from the certificate and parse it's attributes
author Andre Heinecke <andre.heinecke@intevation.de>
date Wed, 26 Mar 2014 12:07:06 +0100
parents ee37c085b9f7
children 17eb8ad43984
files ui/certificate.cpp ui/certificate.h
diffstat 2 files changed, 58 insertions(+), 11 deletions(-) [+]
line wrap: on
line diff
--- a/ui/certificate.cpp	Tue Mar 25 18:03:49 2014 +0000
+++ b/ui/certificate.cpp	Wed Mar 26 12:07:06 2014 +0100
@@ -1,15 +1,18 @@
 #include "certificate.h"
 #include <QDebug>
+#include <QStringList>
 #include <QObject>
 
 #include <polarssl/x509_crt.h>
 
+#define POLARSSL_INFO_BUF_SIZE 2000
+
 Certificate::Certificate(const QString& b64Line) :
-    mValid(false),
-    mShortDescription(QObject::tr("Invalid Certificate"))
+    mValid(false)
 {
     int ret = -1;
-    char buf[2000];
+    char buf[POLARSSL_INFO_BUF_SIZE];
+
     x509_crt x509cert;
 
     /* Cut of the first two chars (e.g. I: and decode) */
@@ -26,8 +29,8 @@
         return;
     }
 
-    ret = x509_crt_info(buf, 2000, "", &x509cert);
-    x509_crt_free(&x509cert);
+    /* Get a full details string */
+    ret = x509_crt_info(buf, POLARSSL_INFO_BUF_SIZE, "", &x509cert);
 
     if (ret <= 0) {
         qDebug() << "Getting certificate info failed with error: " << ret;
@@ -35,14 +38,46 @@
     }
 
     /* In case of success the return value is the size of the information
-     * written into buf
-     * */
-
+     * written into buf */
     mDetails = QString::fromUtf8(buf, ret);
 
-    mShortDescription = mDetails; /* TODO */
+    /* Get the subject */
+    ret = x509_dn_gets(buf, POLARSSL_INFO_BUF_SIZE, &(x509cert.subject));
+
+    if (ret <= 0) {
+        qDebug() << "Getting certificate subject failed with error: " << ret;
+        return;
+    }
+
+    /* TODO check that all asn encodings are handled */
+    QString subject = QString::fromUtf8(buf, ret);
+
+    /* TODO check that escaped , are not possible */
+    QStringList attrs = subject.split(", ");
+
+    foreach (const QString& attr, attrs) {
+        QStringList kv = attr.split("=");
+        if (kv.size() != 2) {
+            qDebug() << "Failed to parse subject element: " << attr;
+            continue;
+        }
+        mSubjectAttrs.insert(kv[0], kv[1]);
+    }
+
+    /* For more information to get from a x509_crt see
+     * https://polarssl.org/api/x509_8h.html */
+
+    x509_crt_free(&x509cert);
 
     mValid = true;
 
     mBaseLine = b64Line;
 }
+
+QString Certificate::getSubjectAttr (const QString& attrName) const {
+    return mSubjectAttrs.value(attrName);
+}
+
+QString Certificate::shortDescription() const {
+    return getSubjectAttr("CN");
+}
--- a/ui/certificate.h	Tue Mar 25 18:03:49 2014 +0000
+++ b/ui/certificate.h	Wed Mar 26 12:07:06 2014 +0100
@@ -7,6 +7,7 @@
  */
 
 #include <QByteArray>
+#include <QMap>
 #include <QString>
 
 #ifdef Q_OS_WIN
@@ -36,7 +37,7 @@
      *  for this certificate
      *
      **/
-    const QString& shortDescription() const {return mShortDescription;}
+    QString shortDescription() const;
 
     /** @brief get details for the certificate
      *
@@ -54,11 +55,22 @@
      **/
     const QString& base64Line() const {return mBaseLine;}
 
+    /** @brief get a single attribute of the subject
+     *
+     * Returns a single attribute of the subject such as the
+     * common name.
+     *
+     * @param[in] attr the Attribute name. to get e.g. "CN"
+     *
+     * @returns the value of the attribute or a null string
+     **/
+    QString getSubjectAttr(const QString& attr) const;
+
 private:
     bool mValid;
 
     QString mDetails;
-    QString mShortDescription;
     QString mBaseLine;
+    QMap <QString, QString> mSubjectAttrs;
 };
 #endif

http://wald.intevation.org/projects/trustbridge/