KIO
ksslcertchain.cpp
Go to the documentation of this file.00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021 #include "ksslcertchain.h"
00022
00023 #include <config.h>
00024 #include <ksslconfig.h>
00025
00026 #include "kssldefs.h"
00027 #include "ksslcertificate.h"
00028
00029
00030
00031 #ifdef KSSL_HAVE_SSL
00032 #define crypt _openssl_crypt
00033 #include <openssl/ssl.h>
00034 #include <openssl/x509.h>
00035 #include <openssl/x509v3.h>
00036 #include <openssl/x509_vfy.h>
00037 #include <openssl/pem.h>
00038 #include <openssl/stack.h>
00039 #include <openssl/safestack.h>
00040 #undef crypt
00041 #endif
00042
00043 #include <kopenssl.h>
00044 #include <kdebug.h>
00045 #include <QtCore/QStringList>
00046
00047 #ifdef KSSL_HAVE_SSL
00048 #define sk_new d->kossl->sk_new
00049 #define sk_push d->kossl->sk_push
00050 #define sk_free d->kossl->sk_free
00051 #define sk_value d->kossl->sk_value
00052 #define sk_num d->kossl->sk_num
00053 #define sk_dup d->kossl->sk_dup
00054 #define sk_pop d->kossl->sk_pop
00055 #endif
00056
00057 class KSSLCertChainPrivate {
00058 public:
00059 KSSLCertChainPrivate() {
00060 kossl = KOSSL::self();
00061 }
00062
00063 ~KSSLCertChainPrivate() {
00064 }
00065
00066 KOSSL *kossl;
00067 };
00068
00069 KSSLCertChain::KSSLCertChain()
00070 :d(new KSSLCertChainPrivate)
00071 {
00072 _chain = NULL;
00073 }
00074
00075
00076 KSSLCertChain::~KSSLCertChain() {
00077 #ifdef KSSL_HAVE_SSL
00078 if (_chain) {
00079 STACK_OF(X509) *x = (STACK_OF(X509) *)_chain;
00080
00081 for (;;) {
00082 X509* x5 = sk_X509_pop(x);
00083 if (!x5) break;
00084 d->kossl->X509_free(x5);
00085 }
00086 sk_X509_free(x);
00087 }
00088 #endif
00089 delete d;
00090 }
00091
00092
00093 bool KSSLCertChain::isValid() {
00094 return (_chain && depth() > 0);
00095 }
00096
00097
00098 KSSLCertChain *KSSLCertChain::replicate() {
00099 KSSLCertChain *x = new KSSLCertChain;
00100 QList<KSSLCertificate *> ch = getChain();
00101 x->setChain(ch);
00102 qDeleteAll(ch);
00103 return x;
00104 }
00105
00106
00107 int KSSLCertChain::depth() {
00108 #ifdef KSSL_HAVE_SSL
00109 return sk_X509_num((STACK_OF(X509)*)_chain);
00110 #endif
00111 return 0;
00112 }
00113
00114 void *KSSLCertChain::rawChain()
00115 {
00116 return _chain;
00117 }
00118
00119
00120 QList<KSSLCertificate *> KSSLCertChain::getChain() const {
00121 QList<KSSLCertificate *> cl;
00122 if (!_chain) return cl;
00123 #ifdef KSSL_HAVE_SSL
00124 STACK_OF(X509) *x = (STACK_OF(X509) *)_chain;
00125
00126 for (int i = 0; i < sk_X509_num(x); i++) {
00127 X509* x5 = sk_X509_value(x, i);
00128 if (!x5) continue;
00129 KSSLCertificate *nc = new KSSLCertificate;
00130 nc->setCert(d->kossl->X509_dup(x5));
00131 cl.append(nc);
00132 }
00133
00134 #endif
00135 return cl;
00136 }
00137
00138
00139 void KSSLCertChain::setChain(const QList<KSSLCertificate *>& chain) {
00140 #ifdef KSSL_HAVE_SSL
00141 if (_chain) {
00142 STACK_OF(X509) *x = (STACK_OF(X509) *)_chain;
00143
00144 for (;;) {
00145 X509* x5 = sk_X509_pop(x);
00146 if (!x5) break;
00147 d->kossl->X509_free(x5);
00148 }
00149 sk_X509_free(x);
00150 _chain = NULL;
00151 }
00152
00153 if (chain.isEmpty()) return;
00154 _chain = (void *)sk_new(NULL);
00155 foreach (KSSLCertificate *x, chain) {
00156 sk_X509_push((STACK_OF(X509)*)_chain, d->kossl->X509_dup(x->getCert()));
00157 }
00158
00159 #endif
00160 }
00161
00162
00163 void KSSLCertChain::setChain(void *stack_of_x509) {
00164 #ifdef KSSL_HAVE_SSL
00165 if (_chain) {
00166 STACK_OF(X509) *x = (STACK_OF(X509) *)_chain;
00167
00168 for (;;) {
00169 X509* x5 = sk_X509_pop(x);
00170 if (!x5) break;
00171 d->kossl->X509_free(x5);
00172 }
00173 sk_X509_free(x);
00174 _chain = NULL;
00175 }
00176
00177 if (!stack_of_x509) return;
00178
00179 _chain = (void *)sk_new(NULL);
00180 STACK_OF(X509) *x = (STACK_OF(X509) *)stack_of_x509;
00181
00182 for (int i = 0; i < sk_X509_num(x); i++) {
00183 X509* x5 = sk_X509_value(x, i);
00184 if (!x5) continue;
00185 sk_X509_push((STACK_OF(X509)*)_chain,d->kossl->X509_dup(x5));
00186 }
00187
00188 #else
00189 _chain = NULL;
00190 #endif
00191 }
00192
00193
00194 void KSSLCertChain::setCertChain(const QStringList& chain) {
00195 QList<KSSLCertificate *> cl;
00196 for (QStringList::ConstIterator s = chain.begin(); s != chain.end(); ++s) {
00197 KSSLCertificate *c = KSSLCertificate::fromString((*s).toLocal8Bit());
00198 if (c) {
00199 cl.append(c);
00200 }
00201 }
00202 setChain(cl);
00203 }
00204
00205
00206 #ifdef KSSL_HAVE_SSL
00207 #undef sk_new
00208 #undef sk_push
00209 #undef sk_free
00210 #undef sk_value
00211 #undef sk_num
00212 #undef sk_dup
00213 #undef sk_pop
00214 #endif
00215