• Skip to content
  • Skip to link menu
KDE API Reference
  • KDE API Reference
  • kdelibs API Reference
  • KDE Home
  • Contact Us
 

KIO

  • sources
  • kde-4.14
  • kdelibs
  • kio
  • kssl
ksslcertchain.cpp
Go to the documentation of this file.
1 /* This file is part of the KDE project
2  *
3  * Copyright (C) 2001 George Staikos <staikos@kde.org>
4  *
5  * This library is free software; you can redistribute it and/or
6  * modify it under the terms of the GNU Library General Public
7  * License as published by the Free Software Foundation; either
8  * version 2 of the License, or (at your option) any later version.
9  *
10  * This library is distributed in the hope that it will be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13  * Library General Public License for more details.
14  *
15  * You should have received a copy of the GNU Library General Public License
16  * along with this library; see the file COPYING.LIB. If not, write to
17  * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
18  * Boston, MA 02110-1301, USA.
19  */
20 
21 #include "ksslcertchain.h"
22 
23 #include <config.h>
24 #include <ksslconfig.h>
25 
26 #include "kssldefs.h"
27 #include "ksslcertificate.h"
28 
29 // this hack provided by Malte Starostik to avoid glibc/openssl bug
30 // on some systems
31 #ifdef KSSL_HAVE_SSL
32 #define crypt _openssl_crypt
33 #include <openssl/ssl.h>
34 #include <openssl/x509.h>
35 #include <openssl/x509v3.h>
36 #include <openssl/x509_vfy.h>
37 #include <openssl/pem.h>
38 #include <openssl/stack.h>
39 #include <openssl/safestack.h>
40 #undef crypt
41 #endif
42 
43 #include <kopenssl.h>
44 #include <kdebug.h>
45 #include <QtCore/QStringList>
46 
47 class KSSLCertChainPrivate {
48 public:
49  KSSLCertChainPrivate() {
50  kossl = KOSSL::self();
51  }
52 
53  ~KSSLCertChainPrivate() {
54  }
55 
56  KOSSL *kossl;
57 };
58 
59 KSSLCertChain::KSSLCertChain()
60  :d(new KSSLCertChainPrivate)
61 {
62  _chain = NULL;
63 }
64 
65 
66 KSSLCertChain::~KSSLCertChain() {
67 #ifdef KSSL_HAVE_SSL
68  if (_chain) {
69  STACK_OF(X509) *x = (STACK_OF(X509) *)_chain;
70 
71  for (;;) {
72  X509 *x5 = reinterpret_cast<X509*>(d->kossl->OPENSSL_sk_pop(reinterpret_cast<STACK *>(x)));
73  if (!x5) break;
74  d->kossl->X509_free(x5);
75  }
76  d->kossl->OPENSSL_sk_free(reinterpret_cast<STACK *>(x));
77  }
78 #endif
79  delete d;
80 }
81 
82 
83 bool KSSLCertChain::isValid() {
84  return (_chain && depth() > 0);
85 }
86 
87 
88 KSSLCertChain *KSSLCertChain::replicate() {
89  KSSLCertChain *x = new KSSLCertChain;
90  QList<KSSLCertificate *> ch = getChain();
91  x->setChain(ch); // this will do a deep copy for us
92  qDeleteAll(ch);
93  return x;
94 }
95 
96 
97 int KSSLCertChain::depth() {
98 #ifdef KSSL_HAVE_SSL
99  return d->kossl->OPENSSL_sk_num(static_cast<STACK *>(_chain));
100 #endif
101 return 0;
102 }
103 
104 void *KSSLCertChain::rawChain()
105 {
106  return _chain;
107 }
108 
109 
110 QList<KSSLCertificate *> KSSLCertChain::getChain() const {
111  QList<KSSLCertificate *> cl;
112  if (!_chain) return cl;
113 #ifdef KSSL_HAVE_SSL
114  STACK_OF(X509) *x = (STACK_OF(X509) *)_chain;
115 
116  for (int i = 0; i < d->kossl->OPENSSL_sk_num(reinterpret_cast<STACK *>(x)); i++) {
117  X509 *x5 = reinterpret_cast<X509*>(d->kossl->OPENSSL_sk_value(reinterpret_cast<STACK *>(x), i));
118  if (!x5) continue;
119  KSSLCertificate *nc = new KSSLCertificate;
120  nc->setCert(d->kossl->X509_dup(x5));
121  cl.append(nc);
122  }
123 
124 #endif
125  return cl;
126 }
127 
128 
129 void KSSLCertChain::setChain(const QList<KSSLCertificate *>& chain) {
130 #ifdef KSSL_HAVE_SSL
131  if (_chain) {
132  STACK_OF(X509) *x = (STACK_OF(X509) *)_chain;
133 
134  for (;;) {
135  X509 *x5 = reinterpret_cast<X509*>(d->kossl->OPENSSL_sk_pop(reinterpret_cast<STACK*>(x)));
136  if (!x5) break;
137  d->kossl->X509_free(x5);
138  }
139  d->kossl->OPENSSL_sk_free(reinterpret_cast<STACK*>(x));
140  _chain = NULL;
141  }
142 
143  if (chain.isEmpty()) return;
144  _chain = (void *)d->kossl->OPENSSL_sk_new(NULL);
145  foreach (KSSLCertificate *x, chain) {
146  d->kossl->OPENSSL_sk_push(static_cast<STACK*>(_chain), d->kossl->X509_dup(x->getCert()));
147  }
148 
149 #endif
150 }
151 
152 
153 void KSSLCertChain::setChain(void *stack_of_x509) {
154 #ifdef KSSL_HAVE_SSL
155 if (_chain) {
156  STACK_OF(X509) *x = (STACK_OF(X509) *)_chain;
157 
158  for (;;) {
159  X509 *x5 = reinterpret_cast<X509 *>(d->kossl->OPENSSL_sk_pop(reinterpret_cast<STACK *>(x)));
160  if (!x5) break;
161  d->kossl->X509_free(x5);
162  }
163  d->kossl->OPENSSL_sk_free(reinterpret_cast<STACK *>(x));
164  _chain = NULL;
165 }
166 
167 if (!stack_of_x509) return;
168 
169 _chain = (void *)d->kossl->OPENSSL_sk_new(NULL);
170 STACK_OF(X509) *x = (STACK_OF(X509) *)stack_of_x509;
171 
172  for (int i = 0; i < d->kossl->OPENSSL_sk_num(reinterpret_cast<STACK *>(x)); i++) {
173  X509 *x5 = reinterpret_cast<X509*>(d->kossl->OPENSSL_sk_value(reinterpret_cast<STACK *>(x), i));
174  if (!x5) continue;
175  d->kossl->OPENSSL_sk_push(reinterpret_cast<STACK *>(_chain), d->kossl->X509_dup(x5));
176  }
177 
178 #else
179 _chain = NULL;
180 #endif
181 }
182 
183 
184 void KSSLCertChain::setCertChain(const QStringList& chain) {
185  QList<KSSLCertificate *> cl;
186  for (QStringList::ConstIterator s = chain.begin(); s != chain.end(); ++s) {
187  KSSLCertificate *c = KSSLCertificate::fromString((*s).toLocal8Bit());
188  if (c) {
189  cl.append(c);
190  }
191  }
192  setChain(cl);
193 }
194 
KSSLCertChain::KSSLCertChain
KSSLCertChain()
Construct a KSSLCertChain object.
Definition: ksslcertchain.cpp:59
kssldefs.h
kdebug.h
ksslcertificate.h
KSSLCertChain::~KSSLCertChain
~KSSLCertChain()
Destroy this KSSLCertChain object.
Definition: ksslcertchain.cpp:66
KSSLCertificate
KDE X.509 Certificate.
Definition: ksslcertificate.h:74
KSSLCertChain::getChain
QList< KSSLCertificate * > getChain() const
Obtain a copy of the certificate chain.
Definition: ksslcertchain.cpp:110
KSSLCertChain::rawChain
void * rawChain()
Read the raw chain in OpenSSL format.
Definition: ksslcertchain.cpp:104
KSSLCertChain::setChain
void setChain(void *stack_of_x509)
Set the raw chain from OpenSSL.
Definition: ksslcertchain.cpp:153
KSSLCertChain
KDE Certificate Chain Representation Class.
Definition: ksslcertchain.h:43
KSSLCertificate::getCert
X509 * getCert()
Definition: ksslcertificate.cpp:580
QList::append
void append(const T &value)
STACK_OF
#define STACK_OF(x)
Definition: ksslpkcs12.h:46
KSSLCertChain::setCertChain
void setCertChain(const QStringList &chain)
Set the certificate chain as a list of base64 encoded X.509 certificates.
Definition: ksslcertchain.cpp:184
QList::isEmpty
bool isEmpty() const
KOSSL
#define KOSSL
Definition: kopenssl.h:25
KSSLCertChain::replicate
KSSLCertChain * replicate()
Do a deep copy of the certificate chain.
Definition: ksslcertchain.cpp:88
QList
QStringList
KSSLCertChain::depth
int depth()
Determine the number of entries (depth) of the chain.
Definition: ksslcertchain.cpp:97
QList::end
iterator end()
KSSLCertificate::fromString
static KSSLCertificate * fromString(const QByteArray &cert)
Create an X.509 certificate from a base64 encoded string.
Definition: ksslcertificate.cpp:145
KSSLCertChain::isValid
bool isValid()
Determine if this represents a valid certificate chain.
Definition: ksslcertchain.cpp:83
QList::ConstIterator
typedef ConstIterator
kopenssl.h
ksslcertchain.h
QList::begin
iterator begin()
KSSLCertificate::setCert
bool setCert(const QString &cert)
Re-set the certificate from a base64 string.
Definition: ksslcertificate.cpp:1273
This file is part of the KDE documentation.
Documentation copyright © 1996-2020 The KDE developers.
Generated on Mon Jun 22 2020 13:24:53 by doxygen 1.8.7 written by Dimitri van Heesch, © 1997-2006

KDE's Doxygen guidelines are available online.

KIO

Skip menu "KIO"
  • Main Page
  • Namespace List
  • Namespace Members
  • Alphabetical List
  • Class List
  • Class Hierarchy
  • Class Members
  • File List
  • File Members
  • Related Pages

kdelibs API Reference

Skip menu "kdelibs API Reference"
  • DNSSD
  • Interfaces
  •   KHexEdit
  •   KMediaPlayer
  •   KSpeech
  •   KTextEditor
  • kconf_update
  • KDE3Support
  •   KUnitTest
  • KDECore
  • KDED
  • KDEsu
  • KDEUI
  • KDEWebKit
  • KDocTools
  • KFile
  • KHTML
  • KImgIO
  • KInit
  • kio
  • KIOSlave
  • KJS
  •   KJS-API
  •   WTF
  • kjsembed
  • KNewStuff
  • KParts
  • KPty
  • Kross
  • KUnitConversion
  • KUtils
  • Nepomuk
  • Plasma
  • Solid
  • Sonnet
  • ThreadWeaver

Search



Report problems with this website to our bug tracking system.
Contact the specific authors with questions and comments about the page contents.

KDE® and the K Desktop Environment® logo are registered trademarks of KDE e.V. | Legal