KDE 4.6 API Reference KIO
ksslcertchain.cpp
Go to the documentation of this file.
00001 /* This file is part of the KDE project 00002 * 00003 * Copyright (C) 2001 George Staikos <staikos@kde.org> 00004 * 00005 * This library is free software; you can redistribute it and/or 00006 * modify it under the terms of the GNU Library General Public 00007 * License as published by the Free Software Foundation; either 00008 * version 2 of the License, or (at your option) any later version. 00009 * 00010 * This library is distributed in the hope that it will be useful, 00011 * but WITHOUT ANY WARRANTY; without even the implied warranty of 00012 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 00013 * Library General Public License for more details. 00014 * 00015 * You should have received a copy of the GNU Library General Public License 00016 * along with this library; see the file COPYING.LIB. If not, write to 00017 * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, 00018 * Boston, MA 02110-1301, USA. 00019 */ 00020 00021 #include "ksslcertchain.h" 00022 00023 #include <config.h> 00024 #include <ksslconfig.h> 00025 00026 #include "kssldefs.h" 00027 #include "ksslcertificate.h" 00028 00029 // this hack provided by Malte Starostik to avoid glibc/openssl bug 00030 // on some systems 00031 #ifdef KSSL_HAVE_SSL 00032 #define crypt _openssl_crypt 00033 #include <openssl/ssl.h> 00034 #include <openssl/x509.h> 00035 #include <openssl/x509v3.h> 00036 #include <openssl/x509_vfy.h> 00037 #include <openssl/pem.h> 00038 #include <openssl/stack.h> 00039 #include <openssl/safestack.h> 00040 #undef crypt 00041 #endif 00042 00043 #include <kopenssl.h> 00044 #include <kdebug.h> 00045 #include <QtCore/QStringList> 00046 00047 #ifdef KSSL_HAVE_SSL 00048 #define sk_new d->kossl->sk_new 00049 #define sk_push d->kossl->sk_push 00050 #define sk_free d->kossl->sk_free 00051 #define sk_value d->kossl->sk_value 00052 #define sk_num d->kossl->sk_num 00053 #define sk_dup d->kossl->sk_dup 00054 #define sk_pop d->kossl->sk_pop 00055 #endif 00056 00057 class KSSLCertChainPrivate { 00058 public: 00059 KSSLCertChainPrivate() { 00060 kossl = KOSSL::self(); 00061 } 00062 00063 ~KSSLCertChainPrivate() { 00064 } 00065 00066 KOSSL *kossl; 00067 }; 00068 00069 KSSLCertChain::KSSLCertChain() 00070 :d(new KSSLCertChainPrivate) 00071 { 00072 _chain = NULL; 00073 } 00074 00075 00076 KSSLCertChain::~KSSLCertChain() { 00077 #ifdef KSSL_HAVE_SSL 00078 if (_chain) { 00079 STACK_OF(X509) *x = (STACK_OF(X509) *)_chain; 00080 00081 for (;;) { 00082 X509* x5 = sk_X509_pop(x); 00083 if (!x5) break; 00084 d->kossl->X509_free(x5); 00085 } 00086 sk_X509_free(x); 00087 } 00088 #endif 00089 delete d; 00090 } 00091 00092 00093 bool KSSLCertChain::isValid() { 00094 return (_chain && depth() > 0); 00095 } 00096 00097 00098 KSSLCertChain *KSSLCertChain::replicate() { 00099 KSSLCertChain *x = new KSSLCertChain; 00100 QList<KSSLCertificate *> ch = getChain(); 00101 x->setChain(ch); // this will do a deep copy for us 00102 qDeleteAll(ch); 00103 return x; 00104 } 00105 00106 00107 int KSSLCertChain::depth() { 00108 #ifdef KSSL_HAVE_SSL 00109 return sk_X509_num((STACK_OF(X509)*)_chain); 00110 #endif 00111 return 0; 00112 } 00113 00114 void *KSSLCertChain::rawChain() 00115 { 00116 return _chain; 00117 } 00118 00119 00120 QList<KSSLCertificate *> KSSLCertChain::getChain() const { 00121 QList<KSSLCertificate *> cl; 00122 if (!_chain) return cl; 00123 #ifdef KSSL_HAVE_SSL 00124 STACK_OF(X509) *x = (STACK_OF(X509) *)_chain; 00125 00126 for (int i = 0; i < sk_X509_num(x); i++) { 00127 X509* x5 = sk_X509_value(x, i); 00128 if (!x5) continue; 00129 KSSLCertificate *nc = new KSSLCertificate; 00130 nc->setCert(d->kossl->X509_dup(x5)); 00131 cl.append(nc); 00132 } 00133 00134 #endif 00135 return cl; 00136 } 00137 00138 00139 void KSSLCertChain::setChain(const QList<KSSLCertificate *>& chain) { 00140 #ifdef KSSL_HAVE_SSL 00141 if (_chain) { 00142 STACK_OF(X509) *x = (STACK_OF(X509) *)_chain; 00143 00144 for (;;) { 00145 X509* x5 = sk_X509_pop(x); 00146 if (!x5) break; 00147 d->kossl->X509_free(x5); 00148 } 00149 sk_X509_free(x); 00150 _chain = NULL; 00151 } 00152 00153 if (chain.isEmpty()) return; 00154 _chain = (void *)sk_new(NULL); 00155 foreach (KSSLCertificate *x, chain) { 00156 sk_X509_push((STACK_OF(X509)*)_chain, d->kossl->X509_dup(x->getCert())); 00157 } 00158 00159 #endif 00160 } 00161 00162 00163 void KSSLCertChain::setChain(void *stack_of_x509) { 00164 #ifdef KSSL_HAVE_SSL 00165 if (_chain) { 00166 STACK_OF(X509) *x = (STACK_OF(X509) *)_chain; 00167 00168 for (;;) { 00169 X509* x5 = sk_X509_pop(x); 00170 if (!x5) break; 00171 d->kossl->X509_free(x5); 00172 } 00173 sk_X509_free(x); 00174 _chain = NULL; 00175 } 00176 00177 if (!stack_of_x509) return; 00178 00179 _chain = (void *)sk_new(NULL); 00180 STACK_OF(X509) *x = (STACK_OF(X509) *)stack_of_x509; 00181 00182 for (int i = 0; i < sk_X509_num(x); i++) { 00183 X509* x5 = sk_X509_value(x, i); 00184 if (!x5) continue; 00185 sk_X509_push((STACK_OF(X509)*)_chain,d->kossl->X509_dup(x5)); 00186 } 00187 00188 #else 00189 _chain = NULL; 00190 #endif 00191 } 00192 00193 00194 void KSSLCertChain::setCertChain(const QStringList& chain) { 00195 QList<KSSLCertificate *> cl; 00196 for (QStringList::ConstIterator s = chain.begin(); s != chain.end(); ++s) { 00197 KSSLCertificate *c = KSSLCertificate::fromString((*s).toLocal8Bit()); 00198 if (c) { 00199 cl.append(c); 00200 } 00201 } 00202 setChain(cl); 00203 } 00204 00205 00206 #ifdef KSSL_HAVE_SSL 00207 #undef sk_new 00208 #undef sk_push 00209 #undef sk_free 00210 #undef sk_value 00211 #undef sk_num 00212 #undef sk_dup 00213 #undef sk_pop 00214 #endif 00215
