kio

ksslcertchain.cc

00001 /* This file is part of the KDE project
00002  *
00003  * Copyright (C) 2001 George Staikos <staikos@kde.org>
00004  *
00005  * This library is free software; you can redistribute it and/or
00006  * modify it under the terms of the GNU Library General Public
00007  * License as published by the Free Software Foundation; either
00008  * version 2 of the License, or (at your option) any later version.
00009  *
00010  * This library is distributed in the hope that it will be useful,
00011  * but WITHOUT ANY WARRANTY; without even the implied warranty of
00012  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
00013  * Library General Public License for more details.
00014  *
00015  * You should have received a copy of the GNU Library General Public License
00016  * along with this library; see the file COPYING.LIB.  If not, write to
00017  * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
00018  * Boston, MA 02110-1301, USA.
00019  */
00020 #ifdef HAVE_CONFIG_H 
00021 #include <config.h>
00022 #endif
00023 
00024 #include "kssldefs.h"
00025 #include "ksslcertificate.h"
00026 #include "ksslcertchain.h"
00027 
00028 // this hack provided by Malte Starostik to avoid glibc/openssl bug
00029 // on some systems
00030 #ifdef KSSL_HAVE_SSL
00031 #define crypt _openssl_crypt
00032 #include <openssl/ssl.h>
00033 #include <openssl/x509.h>
00034 #include <openssl/x509v3.h>
00035 #include <openssl/x509_vfy.h>
00036 #include <openssl/pem.h>
00037 #include <openssl/stack.h>
00038 #include <openssl/safestack.h>
00039 #undef crypt
00040 #endif
00041 
00042 #include <kopenssl.h>
00043 #include <kdebug.h>
00044 #include <qstringlist.h>
00045 
00046 
00047 
00048 #ifdef KSSL_HAVE_SSL
00049 #define sk_new d->kossl->sk_new
00050 #define sk_push d->kossl->sk_push
00051 #define sk_free d->kossl->sk_free
00052 #define sk_value d->kossl->sk_value
00053 #define sk_num d->kossl->sk_num
00054 #define sk_dup d->kossl->sk_dup
00055 #define sk_pop d->kossl->sk_pop
00056 #endif
00057 
00058 class KSSLCertChainPrivate {
00059 public:
00060   KSSLCertChainPrivate() {
00061      kossl = KOSSL::self();
00062   }
00063 
00064   ~KSSLCertChainPrivate() {
00065   }
00066 
00067   KOSSL *kossl;
00068 };
00069 
00070 KSSLCertChain::KSSLCertChain() {
00071   d = new KSSLCertChainPrivate;
00072   _chain = NULL;
00073 }
00074 
00075 
00076 KSSLCertChain::~KSSLCertChain() {
00077 #ifdef KSSL_HAVE_SSL
00078   if (_chain) {
00079     STACK_OF(X509) *x = (STACK_OF(X509) *)_chain;
00080 
00081     for (;;) {
00082       X509* x5 = sk_X509_pop(x);
00083       if (!x5) break;
00084       d->kossl->X509_free(x5);
00085     }
00086     sk_X509_free(x);
00087   }
00088 #endif
00089   delete d;
00090 }
00091 
00092 
00093 bool KSSLCertChain::isValid() {
00094   return (_chain && depth() > 0);
00095 }
00096 
00097 
00098 KSSLCertChain *KSSLCertChain::replicate() {
00099 KSSLCertChain *x = new KSSLCertChain;
00100 QPtrList<KSSLCertificate> ch = getChain();
00101 
00102   x->setChain(ch);   // this will do a deep copy for us
00103   ch.setAutoDelete(true);
00104 return x;
00105 }
00106 
00107 
00108 int KSSLCertChain::depth() {
00109 #ifdef KSSL_HAVE_SSL
00110   return sk_X509_num((STACK_OF(X509)*)_chain);
00111 #endif
00112 return 0;
00113 }
00114 
00115 
00116 QPtrList<KSSLCertificate> KSSLCertChain::getChain() {
00117 QPtrList<KSSLCertificate> cl;
00118 if (!_chain) return cl;
00119 #ifdef KSSL_HAVE_SSL
00120 STACK_OF(X509) *x = (STACK_OF(X509) *)_chain;
00121 
00122    for (int i = 0; i < sk_X509_num(x); i++) {
00123      X509* x5 = sk_X509_value(x, i);
00124      if (!x5) continue;
00125      KSSLCertificate *nc = new KSSLCertificate;
00126      nc->setCert(d->kossl->X509_dup(x5));
00127      cl.append(nc);
00128    }
00129 
00130 #endif
00131 return cl;
00132 }
00133 
00134 
00135 void KSSLCertChain::setChain(QPtrList<KSSLCertificate>& chain) {
00136 #ifdef KSSL_HAVE_SSL
00137 if (_chain) {
00138     STACK_OF(X509) *x = (STACK_OF(X509) *)_chain;
00139 
00140     for (;;) {
00141       X509* x5 = sk_X509_pop(x);
00142       if (!x5) break;
00143       d->kossl->X509_free(x5);
00144     }
00145     sk_X509_free(x);
00146     _chain = NULL;
00147 }
00148 
00149   if (chain.count() == 0) return;
00150   _chain = (void *)sk_new(NULL);
00151   for (KSSLCertificate *x = chain.first(); x != 0; x = chain.next()) {
00152     sk_X509_push((STACK_OF(X509)*)_chain, d->kossl->X509_dup(x->getCert()));
00153   }
00154 
00155 #endif
00156 }
00157 
00158  
00159 void KSSLCertChain::setChain(void *stack_of_x509) {
00160 #ifdef KSSL_HAVE_SSL
00161 if (_chain) {
00162     STACK_OF(X509) *x = (STACK_OF(X509) *)_chain;
00163 
00164     for (;;) {
00165       X509* x5 = sk_X509_pop(x);
00166       if (!x5) break;
00167       d->kossl->X509_free(x5);
00168     }
00169     sk_X509_free(x);
00170     _chain = NULL;
00171 }
00172 
00173 if (!stack_of_x509) return;
00174 
00175 _chain = (void *)sk_new(NULL);
00176 STACK_OF(X509) *x = (STACK_OF(X509) *)stack_of_x509;
00177 
00178    for (int i = 0; i < sk_X509_num(x); i++) {
00179      X509* x5 = sk_X509_value(x, i);
00180      if (!x5) continue;
00181      sk_X509_push((STACK_OF(X509)*)_chain,d->kossl->X509_dup(x5));
00182    }
00183 
00184 #else
00185 _chain = NULL;
00186 #endif
00187 }
00188 
00189 
00190 void KSSLCertChain::setChain(QStringList chain) {
00191     setCertChain(chain);
00192 }
00193 
00194 void KSSLCertChain::setCertChain(const QStringList& chain) {
00195     QPtrList<KSSLCertificate> cl;
00196     cl.setAutoDelete(true);
00197     for (QStringList::ConstIterator s = chain.begin(); s != chain.end(); ++s) {
00198        KSSLCertificate *c = KSSLCertificate::fromString((*s).local8Bit());
00199        if (c) {
00200           cl.append(c);
00201        }
00202     }
00203     setChain(cl);
00204 }
00205 
00206 
00207 #ifdef KSSL_HAVE_SSL
00208 #undef sk_new
00209 #undef sk_push
00210 #undef sk_free
00211 #undef sk_value
00212 #undef sk_num
00213 #undef sk_dup
00214 #undef sk_pop
00215 #endif
00216
kio

ksslcertchain.cc

kio

API Reference
