kio
ksslcertchain.cc
Go to the documentation of this file.00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020 #ifdef HAVE_CONFIG_H
00021 #include <config.h>
00022 #endif
00023
00024 #include "kssldefs.h"
00025 #include "ksslcertificate.h"
00026 #include "ksslcertchain.h"
00027
00028
00029
00030 #ifdef KSSL_HAVE_SSL
00031 #define crypt _openssl_crypt
00032 #include <openssl/ssl.h>
00033 #include <openssl/x509.h>
00034 #include <openssl/x509v3.h>
00035 #include <openssl/x509_vfy.h>
00036 #include <openssl/pem.h>
00037 #include <openssl/stack.h>
00038 #include <openssl/safestack.h>
00039 #undef crypt
00040 #endif
00041
00042 #include <kopenssl.h>
00043 #include <kdebug.h>
00044 #include <qstringlist.h>
00045
00046
00047
00048 #ifdef KSSL_HAVE_SSL
00049 #define sk_new d->kossl->sk_new
00050 #define sk_push d->kossl->sk_push
00051 #define sk_free d->kossl->sk_free
00052 #define sk_value d->kossl->sk_value
00053 #define sk_num d->kossl->sk_num
00054 #define sk_dup d->kossl->sk_dup
00055 #define sk_pop d->kossl->sk_pop
00056 #endif
00057
00058 class KSSLCertChainPrivate {
00059 public:
00060 KSSLCertChainPrivate() {
00061 kossl = KOSSL::self();
00062 }
00063
00064 ~KSSLCertChainPrivate() {
00065 }
00066
00067 KOSSL *kossl;
00068 };
00069
00070 KSSLCertChain::KSSLCertChain() {
00071 d = new KSSLCertChainPrivate;
00072 _chain = NULL;
00073 }
00074
00075
00076 KSSLCertChain::~KSSLCertChain() {
00077 #ifdef KSSL_HAVE_SSL
00078 if (_chain) {
00079 STACK_OF(X509) *x = (STACK_OF(X509) *)_chain;
00080
00081 for (;;) {
00082 X509* x5 = sk_X509_pop(x);
00083 if (!x5) break;
00084 d->kossl->X509_free(x5);
00085 }
00086 sk_X509_free(x);
00087 }
00088 #endif
00089 delete d;
00090 }
00091
00092
00093 bool KSSLCertChain::isValid() {
00094 return (_chain && depth() > 0);
00095 }
00096
00097
00098 KSSLCertChain *KSSLCertChain::replicate() {
00099 KSSLCertChain *x = new KSSLCertChain;
00100 QPtrList<KSSLCertificate> ch = getChain();
00101
00102 x->setChain(ch);
00103 ch.setAutoDelete(true);
00104 return x;
00105 }
00106
00107
00108 int KSSLCertChain::depth() {
00109 #ifdef KSSL_HAVE_SSL
00110 return sk_X509_num((STACK_OF(X509)*)_chain);
00111 #endif
00112 return 0;
00113 }
00114
00115
00116 QPtrList<KSSLCertificate> KSSLCertChain::getChain() {
00117 QPtrList<KSSLCertificate> cl;
00118 if (!_chain) return cl;
00119 #ifdef KSSL_HAVE_SSL
00120 STACK_OF(X509) *x = (STACK_OF(X509) *)_chain;
00121
00122 for (int i = 0; i < sk_X509_num(x); i++) {
00123 X509* x5 = sk_X509_value(x, i);
00124 if (!x5) continue;
00125 KSSLCertificate *nc = new KSSLCertificate;
00126 nc->setCert(d->kossl->X509_dup(x5));
00127 cl.append(nc);
00128 }
00129
00130 #endif
00131 return cl;
00132 }
00133
00134
00135 void KSSLCertChain::setChain(QPtrList<KSSLCertificate>& chain) {
00136 #ifdef KSSL_HAVE_SSL
00137 if (_chain) {
00138 STACK_OF(X509) *x = (STACK_OF(X509) *)_chain;
00139
00140 for (;;) {
00141 X509* x5 = sk_X509_pop(x);
00142 if (!x5) break;
00143 d->kossl->X509_free(x5);
00144 }
00145 sk_X509_free(x);
00146 _chain = NULL;
00147 }
00148
00149 if (chain.count() == 0) return;
00150 _chain = (void *)sk_new(NULL);
00151 for (KSSLCertificate *x = chain.first(); x != 0; x = chain.next()) {
00152 sk_X509_push((STACK_OF(X509)*)_chain, d->kossl->X509_dup(x->getCert()));
00153 }
00154
00155 #endif
00156 }
00157
00158
00159 void KSSLCertChain::setChain(void *stack_of_x509) {
00160 #ifdef KSSL_HAVE_SSL
00161 if (_chain) {
00162 STACK_OF(X509) *x = (STACK_OF(X509) *)_chain;
00163
00164 for (;;) {
00165 X509* x5 = sk_X509_pop(x);
00166 if (!x5) break;
00167 d->kossl->X509_free(x5);
00168 }
00169 sk_X509_free(x);
00170 _chain = NULL;
00171 }
00172
00173 if (!stack_of_x509) return;
00174
00175 _chain = (void *)sk_new(NULL);
00176 STACK_OF(X509) *x = (STACK_OF(X509) *)stack_of_x509;
00177
00178 for (int i = 0; i < sk_X509_num(x); i++) {
00179 X509* x5 = sk_X509_value(x, i);
00180 if (!x5) continue;
00181 sk_X509_push((STACK_OF(X509)*)_chain,d->kossl->X509_dup(x5));
00182 }
00183
00184 #else
00185 _chain = NULL;
00186 #endif
00187 }
00188
00189
00190 void KSSLCertChain::setChain(QStringList chain) {
00191 setCertChain(chain);
00192 }
00193
00194 void KSSLCertChain::setCertChain(const QStringList& chain) {
00195 QPtrList<KSSLCertificate> cl;
00196 cl.setAutoDelete(true);
00197 for (QStringList::ConstIterator s = chain.begin(); s != chain.end(); ++s) {
00198 KSSLCertificate *c = KSSLCertificate::fromString((*s).local8Bit());
00199 if (c) {
00200 cl.append(c);
00201 }
00202 }
00203 setChain(cl);
00204 }
00205
00206
00207 #ifdef KSSL_HAVE_SSL
00208 #undef sk_new
00209 #undef sk_push
00210 #undef sk_free
00211 #undef sk_value
00212 #undef sk_num
00213 #undef sk_dup
00214 #undef sk_pop
00215 #endif
00216