00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
#ifdef HAVE_CONFIG_H
00021
#include <config.h>
00022
#endif
00023
00024
#include "kssldefs.h"
00025
#include "ksslcertificate.h"
00026
#include "ksslcertchain.h"
00027
00028
00029
00030
#ifdef KSSL_HAVE_SSL
00031
#define crypt _openssl_crypt
00032
#include <openssl/ssl.h>
00033
#include <openssl/x509.h>
00034
#include <openssl/x509v3.h>
00035
#include <openssl/x509_vfy.h>
00036
#include <openssl/pem.h>
00037
#include <openssl/stack.h>
00038
#include <openssl/safestack.h>
00039
#undef crypt
00040
#endif
00041
00042
#include <kopenssl.h>
00043
#include <kdebug.h>
00044
#include <qstringlist.h>
00045
00046
00047
00048
#ifdef KSSL_HAVE_SSL
00049
#define sk_new d->kossl->sk_new
00050
#define sk_push d->kossl->sk_push
00051
#define sk_free d->kossl->sk_free
00052
#define sk_value d->kossl->sk_value
00053
#define sk_num d->kossl->sk_num
00054
#define sk_dup d->kossl->sk_dup
00055
#define sk_pop d->kossl->sk_pop
00056
#endif
00057
00058
class KSSLCertChainPrivate {
00059
public:
00060 KSSLCertChainPrivate() {
00061 kossl = KOSSL::self();
00062 }
00063
00064 ~KSSLCertChainPrivate() {
00065 }
00066
00067 KOSSL *kossl;
00068 };
00069
00070 KSSLCertChain::KSSLCertChain() {
00071 d =
new KSSLCertChainPrivate;
00072 _chain = NULL;
00073 }
00074
00075
00076 KSSLCertChain::~KSSLCertChain() {
00077
#ifdef KSSL_HAVE_SSL
00078
if (_chain) {
00079 STACK_OF(X509) *x = (STACK_OF(X509) *)_chain;
00080
00081
for (;;) {
00082 X509* x5 = sk_X509_pop(x);
00083
if (!x5)
break;
00084 d->kossl->X509_free(x5);
00085 }
00086 sk_X509_free(x);
00087 }
00088
#endif
00089
delete d;
00090 }
00091
00092
00093 bool KSSLCertChain::isValid() {
00094
return (_chain &&
depth() > 0);
00095 }
00096
00097
00098 KSSLCertChain *
KSSLCertChain::replicate() {
00099
KSSLCertChain *x =
new KSSLCertChain;
00100
QPtrList<KSSLCertificate> ch =
getChain();
00101
00102 x->
setChain(ch);
00103 ch.setAutoDelete(
true);
00104
return x;
00105 }
00106
00107
00108 int KSSLCertChain::depth() {
00109
#ifdef KSSL_HAVE_SSL
00110
return sk_X509_num((STACK_OF(X509)*)_chain);
00111
#endif
00112
return 0;
00113 }
00114
00115
00116 QPtrList<KSSLCertificate> KSSLCertChain::getChain() {
00117
QPtrList<KSSLCertificate> cl;
00118
if (!_chain)
return cl;
00119
#ifdef KSSL_HAVE_SSL
00120
STACK_OF(X509) *x = (STACK_OF(X509) *)_chain;
00121
00122
for (
int i = 0; i < sk_X509_num(x); i++) {
00123 X509* x5 = sk_X509_value(x, i);
00124
if (!x5)
continue;
00125
KSSLCertificate *nc =
new KSSLCertificate;
00126 nc->
setCert(d->kossl->X509_dup(x5));
00127 cl.append(nc);
00128 }
00129
00130
#endif
00131
return cl;
00132 }
00133
00134
00135 void KSSLCertChain::setChain(
QPtrList<KSSLCertificate>& chain) {
00136
#ifdef KSSL_HAVE_SSL
00137
if (_chain) {
00138 STACK_OF(X509) *x = (STACK_OF(X509) *)_chain;
00139
00140
for (;;) {
00141 X509* x5 = sk_X509_pop(x);
00142
if (!x5)
break;
00143 d->kossl->X509_free(x5);
00144 }
00145 sk_X509_free(x);
00146 _chain = NULL;
00147 }
00148
00149
if (chain.count() == 0)
return;
00150 _chain = (
void *)sk_new(NULL);
00151
for (
KSSLCertificate *x = chain.first(); x != 0; x = chain.next()) {
00152 sk_X509_push((STACK_OF(X509)*)_chain, d->kossl->X509_dup(x->
getCert()));
00153 }
00154
00155
#endif
00156
}
00157
00158
00159 void KSSLCertChain::setChain(
void *stack_of_x509) {
00160
#ifdef KSSL_HAVE_SSL
00161
if (_chain) {
00162 STACK_OF(X509) *x = (STACK_OF(X509) *)_chain;
00163
00164
for (;;) {
00165 X509* x5 = sk_X509_pop(x);
00166
if (!x5)
break;
00167 d->kossl->X509_free(x5);
00168 }
00169 sk_X509_free(x);
00170 _chain = NULL;
00171 }
00172
00173
if (!stack_of_x509)
return;
00174
00175 _chain = (
void *)sk_new(NULL);
00176 STACK_OF(X509) *x = (STACK_OF(X509) *)stack_of_x509;
00177
00178
for (
int i = 0; i < sk_X509_num(x); i++) {
00179 X509* x5 = sk_X509_value(x, i);
00180
if (!x5)
continue;
00181 sk_X509_push((STACK_OF(X509)*)_chain,d->kossl->X509_dup(x5));
00182 }
00183
00184
#else
00185
_chain = NULL;
00186
#endif
00187
}
00188
00189
00190 void KSSLCertChain::setChain(
QStringList chain) {
00191
setCertChain(chain);
00192 }
00193
00194 void KSSLCertChain::setCertChain(
const QStringList& chain) {
00195
QPtrList<KSSLCertificate> cl;
00196 cl.setAutoDelete(
true);
00197
for (QStringList::ConstIterator s = chain.begin(); s != chain.end(); ++s) {
00198
KSSLCertificate *c =
KSSLCertificate::fromString((*s).local8Bit());
00199
if (c) {
00200 cl.append(c);
00201 }
00202 }
00203
setChain(cl);
00204 }
00205
00206
00207
#ifdef KSSL_HAVE_SSL
00208
#undef sk_new
00209
#undef sk_push
00210
#undef sk_free
00211
#undef sk_value
00212
#undef sk_num
00213
#undef sk_dup
00214
#undef sk_pop
00215
#endif
00216