diff options
author | Michele Calgaro <michele.calgaro@yahoo.it> | 2020-12-06 21:23:48 +0900 |
---|---|---|
committer | Michele Calgaro <michele.calgaro@yahoo.it> | 2020-12-06 21:24:20 +0900 |
commit | 4f99f868f09bbffa2e15733b8b7c78eba07a199e (patch) | |
tree | 3fb0957e93160f69f55942fff50a2ad496bf4f4c /tdeio/kssl/ksslpkcs12.cpp | |
parent | 19f44e5ff3756172540e768fc0d08d761f0c374e (diff) | |
download | tdelibs-4f99f868f09bbffa2e15733b8b7c78eba07a199e.tar.gz tdelibs-4f99f868f09bbffa2e15733b8b7c78eba07a199e.zip |
Renaming of files in preparation for code style tools.
Signed-off-by: Michele Calgaro <michele.calgaro@yahoo.it>
Diffstat (limited to 'tdeio/kssl/ksslpkcs12.cpp')
-rw-r--r-- | tdeio/kssl/ksslpkcs12.cpp | 274 |
1 files changed, 274 insertions, 0 deletions
diff --git a/tdeio/kssl/ksslpkcs12.cpp b/tdeio/kssl/ksslpkcs12.cpp new file mode 100644 index 000000000..08bc54a0b --- /dev/null +++ b/tdeio/kssl/ksslpkcs12.cpp @@ -0,0 +1,274 @@ +/* This file is part of the KDE project + * + * Copyright (C) 2001 George Staikos <staikos@kde.org> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Library General Public + * License as published by the Free Software Foundation; either + * version 2 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Library General Public License for more details. + * + * You should have received a copy of the GNU Library General Public License + * along with this library; see the file COPYING.LIB. If not, write to + * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, + * Boston, MA 02110-1301, USA. + */ + + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif + +#include <kopenssl.h> + +#include <tqstring.h> +#include <tqfile.h> +#include <ksslall.h> +#include <kdebug.h> +#include <tdetempfile.h> +#include <kmdcodec.h> + +#include <assert.h> + + +KSSLPKCS12::KSSLPKCS12() { + _pkcs = NULL; + _pkey = NULL; + _cert = NULL; + _caStack = NULL; + kossl = KOSSL::self(); +} + + + +KSSLPKCS12::~KSSLPKCS12() { +#ifdef KSSL_HAVE_SSL + if (_pkey) kossl->EVP_PKEY_free(_pkey); + if (_caStack) { + for (;;) { + X509* x5 = reinterpret_cast<X509*>(kossl->OPENSSL_sk_pop(_caStack)); + if (!x5) break; + kossl->X509_free(x5); + } + kossl->OPENSSL_sk_free(_caStack); + } + if (_pkcs) kossl->PKCS12_free(_pkcs); +#endif + if (_cert) delete _cert; +} + + +KSSLPKCS12* KSSLPKCS12::fromString(TQString base64, TQString password) { +#ifdef KSSL_HAVE_SSL +KTempFile ktf; + + if (base64.isEmpty()) return NULL; + TQByteArray qba, qbb = TQCString(base64.latin1()).copy(); + KCodecs::base64Decode(qbb, qba); + ktf.file()->writeBlock(qba); + ktf.close(); + KSSLPKCS12* rc = loadCertFile(ktf.name(), password); + ktf.unlink(); + return rc; +#endif +return NULL; +} + + + +KSSLPKCS12* KSSLPKCS12::loadCertFile(TQString filename, TQString password) { +#ifdef KSSL_HAVE_SSL +TQFile qf(filename); +PKCS12 *newpkcs = NULL; + + if (!qf.open(IO_ReadOnly)) + return NULL; + + FILE *fp = fdopen(qf.handle(), "r"); + if (!fp) return NULL; + + newpkcs = KOSSL::self()->d2i_PKCS12_fp(fp, &newpkcs); + + fclose(fp); + if (!newpkcs) { + KOSSL::self()->ERR_clear_error(); + return NULL; + } + + KSSLPKCS12 *c = new KSSLPKCS12; + c->setCert(newpkcs); + + // Now we parse it to see if we can decrypt it and interpret it + if (!c->parse(password)) { + delete c; c = NULL; + } + + return c; +#endif +return NULL; +} + + +void KSSLPKCS12::setCert(PKCS12 *c) { +#ifdef KSSL_HAVE_SSL + _pkcs = c; +#endif +} + + +bool KSSLPKCS12::changePassword(TQString pold, TQString pnew) { +#ifdef KSSL_HAVE_SSL + // OpenSSL makes me cast away the const here. argh + return (0 == kossl->PKCS12_newpass(_pkcs, + pold.isNull() ? (char *)"" : (char *)pold.latin1(), + pnew.isNull() ? (char *)"" : (char *)pnew.latin1())); +#endif +return false; +} + + +bool KSSLPKCS12::parse(TQString pass) { +#ifdef KSSL_HAVE_SSL +X509 *x = NULL; + + assert(_pkcs); // if you're calling this before pkcs gets set, it's a BUG! + + if (_cert) delete _cert; + if (_pkey) kossl->EVP_PKEY_free(_pkey); + if (_caStack) { + for (;;) { + X509* x5 = reinterpret_cast<X509*>(kossl->OPENSSL_sk_pop(_caStack)); + if (!x5) break; + kossl->X509_free(x5); + } + kossl->OPENSSL_sk_free(_caStack); + } + _pkey = NULL; + _caStack = NULL; + _cert = NULL; + + int rc = kossl->PKCS12_parse(_pkcs, pass.latin1(), &_pkey, &x, &_caStack); + + if (rc == 1) { + // kdDebug(7029) << "PKCS12_parse success" << endl; + if (x) { + _cert = new KSSLCertificate; + _cert->setCert(x); + if (_caStack) { + _cert->setChain(_caStack); + } + return true; + } + } else { + _caStack = NULL; + _pkey = NULL; + kossl->ERR_clear_error(); + } +#endif +return false; +} + + +EVP_PKEY *KSSLPKCS12::getPrivateKey() { + return _pkey; +} + + +KSSLCertificate *KSSLPKCS12::getCertificate() { + return _cert; +} + + +TQString KSSLPKCS12::toString() { +TQString base64; +#ifdef KSSL_HAVE_SSL +unsigned char *p; +int len; + + len = kossl->i2d_PKCS12(_pkcs, NULL); + if (len >= 0) { + char *buf = new char[len]; + p = (unsigned char *)buf; + kossl->i2d_PKCS12(_pkcs, &p); + TQByteArray qba; + qba.setRawData(buf, len); + base64 = KCodecs::base64Encode(qba); + qba.resetRawData(buf, len); + delete[] buf; + } +#endif +return base64; +} + + + +bool KSSLPKCS12::toFile(TQString filename) { +#ifdef KSSL_HAVE_SSL +TQFile out(filename); + + if (!out.open(IO_WriteOnly)) return false; + + int fd = out.handle(); + FILE *fp = fdopen(fd, "w"); + + if (!fp) { + unlink(filename.latin1()); + return false; + } + + kossl->i2d_PKCS12_fp(fp, _pkcs); + + fclose(fp); + return true; +#endif +return false; +} + + +KSSLCertificate::KSSLValidation KSSLPKCS12::validate() { + return validate(KSSLCertificate::SSLServer); +} + + +KSSLCertificate::KSSLValidation KSSLPKCS12::validate(KSSLCertificate::KSSLPurpose p) { +#ifdef KSSL_HAVE_SSL +KSSLCertificate::KSSLValidation xx = _cert->validate(p); + if (1 != kossl->X509_check_private_key(_cert->getCert(), _pkey)) { + xx = KSSLCertificate::PrivateKeyFailed; + } + +return xx; +#else +return KSSLCertificate::NoSSL; +#endif +} + + +KSSLCertificate::KSSLValidation KSSLPKCS12::revalidate() { + return revalidate(KSSLCertificate::SSLServer); +} + + +KSSLCertificate::KSSLValidation KSSLPKCS12::revalidate(KSSLCertificate::KSSLPurpose p) { + return _cert->revalidate(p); +} + + +bool KSSLPKCS12::isValid() { +return isValid(KSSLCertificate::SSLServer); +} + + +bool KSSLPKCS12::isValid(KSSLCertificate::KSSLPurpose p) { +return (validate(p) == KSSLCertificate::Ok); +} + + +TQString KSSLPKCS12::name() { + return _cert->getSubject(); +} + |