ksslpkcs12.cc
00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022 #ifdef HAVE_CONFIG_H
00023 #include <config.h>
00024 #endif
00025
00026 #include <kopenssl.h>
00027
00028 #include <qstring.h>
00029 #include <qfile.h>
00030 #include <ksslall.h>
00031 #include <kdebug.h>
00032 #include <ktempfile.h>
00033 #include <kmdcodec.h>
00034
00035 #include <assert.h>
00036
00037 #ifdef KSSL_HAVE_SSL
00038 #define sk_new kossl->sk_new
00039 #define sk_push kossl->sk_push
00040 #define sk_free kossl->sk_free
00041 #define sk_value kossl->sk_value
00042 #define sk_num kossl->sk_num
00043 #define sk_dup kossl->sk_dup
00044 #define sk_pop kossl->sk_pop
00045 #endif
00046
00047
00048 KSSLPKCS12::KSSLPKCS12() {
00049 _pkcs = NULL;
00050 _pkey = NULL;
00051 _cert = NULL;
00052 _caStack = NULL;
00053 kossl = KOSSL::self();
00054 }
00055
00056
00057
00058 KSSLPKCS12::~KSSLPKCS12() {
00059 #ifdef KSSL_HAVE_SSL
00060 if (_pkey) kossl->EVP_PKEY_free(_pkey);
00061 if (_caStack) {
00062 for (;;) {
00063 X509* x5 = sk_X509_pop(_caStack);
00064 if (!x5) break;
00065 kossl->X509_free(x5);
00066 }
00067 sk_X509_free(_caStack);
00068 }
00069 if (_pkcs) kossl->PKCS12_free(_pkcs);
00070 #endif
00071 if (_cert) delete _cert;
00072 }
00073
00074
00075 KSSLPKCS12* KSSLPKCS12::fromString(QString base64, QString password) {
00076 #ifdef KSSL_HAVE_SSL
00077 KTempFile ktf;
00078
00079 if (base64.isEmpty()) return NULL;
00080 QByteArray qba, qbb = QCString(base64.latin1()).copy();
00081 KCodecs::base64Decode(qbb, qba);
00082 ktf.file()->writeBlock(qba);
00083 ktf.close();
00084 KSSLPKCS12* rc = loadCertFile(ktf.name(), password);
00085 ktf.unlink();
00086 return rc;
00087 #endif
00088 return NULL;
00089 }
00090
00091
00092
00093 KSSLPKCS12* KSSLPKCS12::loadCertFile(QString filename, QString password) {
00094 #ifdef KSSL_HAVE_SSL
00095 QFile qf(filename);
00096 PKCS12 *newpkcs = NULL;
00097
00098 if (!qf.open(IO_ReadOnly))
00099 return NULL;
00100
00101 FILE *fp = fdopen(qf.handle(), "r");
00102 if (!fp) return NULL;
00103
00104 newpkcs = KOSSL::self()->d2i_PKCS12_fp(fp, &newpkcs);
00105
00106 fclose(fp);
00107 if (!newpkcs) {
00108 KOSSL::self()->ERR_clear_error();
00109 return NULL;
00110 }
00111
00112 KSSLPKCS12 *c = new KSSLPKCS12;
00113 c->setCert(newpkcs);
00114
00115
00116 if (!c->parse(password)) {
00117 delete c; c = NULL;
00118 }
00119
00120 return c;
00121 #endif
00122 return NULL;
00123 }
00124
00125
00126 void KSSLPKCS12::setCert(PKCS12 *c) {
00127 #ifdef KSSL_HAVE_SSL
00128 _pkcs = c;
00129 #endif
00130 }
00131
00132
00133 bool KSSLPKCS12::changePassword(QString pold, QString pnew) {
00134 #ifdef KSSL_HAVE_SSL
00135
00136 return (0 == kossl->PKCS12_newpass(_pkcs,
00137 (char *)pold.latin1(),
00138 (char *)pnew.latin1()));
00139 #endif
00140 return false;
00141 }
00142
00143
00144 bool KSSLPKCS12::parse(QString pass) {
00145 #ifdef KSSL_HAVE_SSL
00146 X509 *x = NULL;
00147
00148 assert(_pkcs);
00149
00150 if (_cert) delete _cert;
00151 if (_pkey) kossl->EVP_PKEY_free(_pkey);
00152 if (_caStack) {
00153 for (;;) {
00154 X509* x5 = sk_X509_pop(_caStack);
00155 if (!x5) break;
00156 kossl->X509_free(x5);
00157 }
00158 sk_X509_free(_caStack);
00159 }
00160 _pkey = NULL;
00161 _caStack = NULL;
00162 _cert = NULL;
00163
00164 int rc = kossl->PKCS12_parse(_pkcs, pass.latin1(), &_pkey, &x, &_caStack);
00165
00166 if (rc == 1) {
00167
00168 if (x) {
00169 _cert = new KSSLCertificate;
00170 _cert->setCert(x);
00171 if (_caStack) {
00172 _cert->setChain(_caStack);
00173 }
00174 return true;
00175 }
00176 } else {
00177 _caStack = NULL;
00178 _pkey = NULL;
00179 kossl->ERR_clear_error();
00180 }
00181 #endif
00182 return false;
00183 }
00184
00185
00186 EVP_PKEY *KSSLPKCS12::getPrivateKey() {
00187 return _pkey;
00188 }
00189
00190
00191 KSSLCertificate *KSSLPKCS12::getCertificate() {
00192 return _cert;
00193 }
00194
00195
00196 QString KSSLPKCS12::toString() {
00197 QString base64;
00198 #ifdef KSSL_HAVE_SSL
00199 unsigned char *p;
00200 int len;
00201
00202 len = kossl->i2d_PKCS12(_pkcs, NULL);
00203 char *buf = new char[len];
00204 p = (unsigned char *)buf;
00205 kossl->i2d_PKCS12(_pkcs, &p);
00206 QByteArray qba;
00207 qba.setRawData(buf, len);
00208 base64 = KCodecs::base64Encode(qba);
00209 qba.resetRawData(buf, len);
00210 delete[] buf;
00211 #endif
00212 return base64;
00213 }
00214
00215
00216
00217 bool KSSLPKCS12::toFile(QString filename) {
00218 #ifdef KSSL_HAVE_SSL
00219 QFile out(filename);
00220
00221 if (!out.open(IO_WriteOnly)) return false;
00222
00223 int fd = out.handle();
00224 FILE *fp = fdopen(fd, "w");
00225
00226 if (!fp) {
00227 unlink(filename.latin1());
00228 return false;
00229 }
00230
00231 kossl->i2d_PKCS12_fp(fp, _pkcs);
00232
00233 fclose(fp);
00234 return true;
00235 #endif
00236 return false;
00237 }
00238
00239
00240 KSSLCertificate::KSSLValidation KSSLPKCS12::validate() {
00241 return validate(KSSLCertificate::SSLServer);
00242 }
00243
00244
00245 KSSLCertificate::KSSLValidation KSSLPKCS12::validate(KSSLCertificate::KSSLPurpose p) {
00246 #ifdef KSSL_HAVE_SSL
00247 KSSLCertificate::KSSLValidation xx = _cert->validate(p);
00248 if (1 != kossl->X509_check_private_key(_cert->getCert(), _pkey)) {
00249 xx = KSSLCertificate::PrivateKeyFailed;
00250 }
00251
00252 return xx;
00253 #else
00254 return KSSLCertificate::NoSSL;
00255 #endif
00256 }
00257
00258
00259 KSSLCertificate::KSSLValidation KSSLPKCS12::revalidate() {
00260 return revalidate(KSSLCertificate::SSLServer);
00261 }
00262
00263
00264 KSSLCertificate::KSSLValidation KSSLPKCS12::revalidate(KSSLCertificate::KSSLPurpose p) {
00265 return _cert->revalidate(p);
00266 }
00267
00268
00269 bool KSSLPKCS12::isValid() {
00270 return isValid(KSSLCertificate::SSLServer);
00271 }
00272
00273
00274 bool KSSLPKCS12::isValid(KSSLCertificate::KSSLPurpose p) {
00275 return (validate(p) == KSSLCertificate::Ok);
00276 }
00277
00278
00279 QString KSSLPKCS12::name() {
00280 return _cert->getSubject();
00281 }
00282
00283
00284 #ifdef KSSL_HAVE_SSL
00285 #undef sk_new
00286 #undef sk_push
00287 #undef sk_free
00288 #undef sk_value
00289 #undef sk_num
00290 #undef sk_pop
00291 #undef sk_dup
00292 #endif
00293
This file is part of the documentation for kdelibs Version 3.1.0.