<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en_US" xml:lang="en_US">
<head>
<title>kio/kssl: ksslcertificate.cc Source File (kio/kssl)</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="Content-Style-Type" content="text/css" />
<meta http-equiv="pics-label" content='(pics-1.1 "http://www.icra.org/ratingsv02.html" comment "ICRAonline DE v2.0" l gen true for "http://www.kde.org" r (nz 1 vz 1 lz 1 oz 1 cb 1) "http://www.rsac.org/ratingsv01.html" l gen true for "http://www.kde.org" r (n 0 s 0 v 0 l 0))' />
<meta name="trademark" content="KDE e.V." />
<meta name="description" content="K Desktop Environment Homepage, KDE.org" />
<meta name="MSSmartTagsPreventParsing" content="true" />
<meta name="robots" content="all" />
<link rel="shortcut icon" href="../../../favicon.ico" />
<link rel="stylesheet" media="screen" type="text/css" title="APIDOX" href="doxygen.css" />
</head>
<body>
<div id="nav_header_top" align="right">
<a href="#content" class="doNotDisplay" accesskey="2">Skip to main content ::</a>
<a href="../../.."><img id="nav_header_logo" alt="Home" align="left" src="../../../kde_gear_64.png" border="0" /></a>
<span class="doNotDisplay">::</span>
<div id="nav_header_title" align="left">KDE API Reference</div>
</div>
<div id="nav_header_bottom" align="right">
<span class="doNotDisplay">:: <a href="#navigation" accesskey="5">Skip to Link Menu</a><br/></span>
<div id="nav_header_bottom_right" style="text-align: left;">
/ <a href="../../..">API Reference</a>
/ <a href="../../html/index.html">kio</a> / <a href=".">kssl</a>
</div>
</div>
<table id="main" border="0" cellpadding="0" cellspacing="0" width="100%">
<tr>
<td valign="top" class="menuheader" height="0"></td>
<td id="contentcolumn" valign="top" rowspan="2" >
<div id="content" style="padding-top: 0px;"><div style="width:100%; margin: 0px; padding: 0px;">
<a name="content"></a>
<!-- Generated by Doxygen 1.7.4 -->
<div class="header">
<div class="headertitle">
<div class="title">ksslcertificate.cc</div> </div>
</div>
<div class="contents">
<div class="fragment"><pre class="fragment"><a name="l00001"></a>00001 <span class="comment">/* This file is part of the KDE project</span>
<a name="l00002"></a>00002 <span class="comment"> *</span>
<a name="l00003"></a>00003 <span class="comment"> * Copyright (C) 2000-2003 George Staikos <staikos@kde.org></span>
<a name="l00004"></a>00004 <span class="comment"> *</span>
<a name="l00005"></a>00005 <span class="comment"> * This library is free software; you can redistribute it and/or</span>
<a name="l00006"></a>00006 <span class="comment"> * modify it under the terms of the GNU Library General Public</span>
<a name="l00007"></a>00007 <span class="comment"> * License as published by the Free Software Foundation; either</span>
<a name="l00008"></a>00008 <span class="comment"> * version 2 of the License, or (at your option) any later version.</span>
<a name="l00009"></a>00009 <span class="comment"> *</span>
<a name="l00010"></a>00010 <span class="comment"> * This library is distributed in the hope that it will be useful,</span>
<a name="l00011"></a>00011 <span class="comment"> * but WITHOUT ANY WARRANTY; without even the implied warranty of</span>
<a name="l00012"></a>00012 <span class="comment"> * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU</span>
<a name="l00013"></a>00013 <span class="comment"> * Library General Public License for more details.</span>
<a name="l00014"></a>00014 <span class="comment"> *</span>
<a name="l00015"></a>00015 <span class="comment"> * You should have received a copy of the GNU Library General Public License</span>
<a name="l00016"></a>00016 <span class="comment"> * along with this library; see the file COPYING.LIB. If not, write to</span>
<a name="l00017"></a>00017 <span class="comment"> * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,</span>
<a name="l00018"></a>00018 <span class="comment"> * Boston, MA 02110-1301, USA.</span>
<a name="l00019"></a>00019 <span class="comment"> */</span>
<a name="l00020"></a>00020
<a name="l00021"></a>00021
<a name="l00022"></a>00022 <span class="preprocessor">#ifdef HAVE_CONFIG_H</span>
<a name="l00023"></a>00023 <span class="preprocessor"></span><span class="preprocessor">#include <config.h></span>
<a name="l00024"></a>00024 <span class="preprocessor">#endif</span>
<a name="l00025"></a>00025 <span class="preprocessor"></span>
<a name="l00026"></a>00026
<a name="l00027"></a>00027
<a name="l00028"></a>00028 <span class="preprocessor">#include <unistd.h></span>
<a name="l00029"></a>00029 <span class="preprocessor">#include <qstring.h></span>
<a name="l00030"></a>00030 <span class="preprocessor">#include <qstringlist.h></span>
<a name="l00031"></a>00031 <span class="preprocessor">#include <qfile.h></span>
<a name="l00032"></a>00032
<a name="l00033"></a>00033 <span class="preprocessor">#include "kssldefs.h"</span>
<a name="l00034"></a>00034 <span class="preprocessor">#include "ksslcertificate.h"</span>
<a name="l00035"></a>00035 <span class="preprocessor">#include "ksslcertchain.h"</span>
<a name="l00036"></a>00036 <span class="preprocessor">#include "ksslutils.h"</span>
<a name="l00037"></a>00037
<a name="l00038"></a>00038 <span class="preprocessor">#include <kstandarddirs.h></span>
<a name="l00039"></a>00039 <span class="preprocessor">#include <kmdcodec.h></span>
<a name="l00040"></a>00040 <span class="preprocessor">#include <klocale.h></span>
<a name="l00041"></a>00041 <span class="preprocessor">#include <qdatetime.h></span>
<a name="l00042"></a>00042 <span class="preprocessor">#include <ktempfile.h></span>
<a name="l00043"></a>00043
<a name="l00044"></a>00044 <span class="preprocessor">#include <sys/types.h></span>
<a name="l00045"></a>00045
<a name="l00046"></a>00046 <span class="preprocessor">#ifdef HAVE_SYS_STAT_H</span>
<a name="l00047"></a>00047 <span class="preprocessor"></span><span class="preprocessor">#include <sys/stat.h></span>
<a name="l00048"></a>00048 <span class="preprocessor">#endif</span>
<a name="l00049"></a>00049 <span class="preprocessor"></span>
<a name="l00050"></a>00050 <span class="comment">// this hack provided by Malte Starostik to avoid glibc/openssl bug</span>
<a name="l00051"></a>00051 <span class="comment">// on some systems</span>
<a name="l00052"></a>00052 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span>
<a name="l00053"></a>00053 <span class="preprocessor"></span><span class="preprocessor">#define crypt _openssl_crypt</span>
<a name="l00054"></a>00054 <span class="preprocessor"></span><span class="preprocessor">#include <openssl/ssl.h></span>
<a name="l00055"></a>00055 <span class="preprocessor">#include <openssl/x509.h></span>
<a name="l00056"></a>00056 <span class="preprocessor">#include <openssl/x509v3.h></span>
<a name="l00057"></a>00057 <span class="preprocessor">#include <openssl/x509_vfy.h></span>
<a name="l00058"></a>00058 <span class="preprocessor">#include <openssl/pem.h></span>
<a name="l00059"></a>00059 <span class="preprocessor">#undef crypt</span>
<a name="l00060"></a>00060 <span class="preprocessor"></span><span class="preprocessor">#endif</span>
<a name="l00061"></a>00061 <span class="preprocessor"></span>
<a name="l00062"></a>00062 <span class="preprocessor">#include <kopenssl.h></span>
<a name="l00063"></a>00063 <span class="preprocessor">#include <qcstring.h></span>
<a name="l00064"></a>00064 <span class="preprocessor">#include <kdebug.h></span>
<a name="l00065"></a>00065 <span class="preprocessor">#include "ksslx509v3.h"</span>
<a name="l00066"></a>00066
<a name="l00067"></a>00067
<a name="l00068"></a>00068
<a name="l00069"></a>00069 <span class="keyword">static</span> <span class="keywordtype">char</span> hv[] = {<span class="charliteral">'0'</span>,<span class="charliteral">'1'</span>,<span class="charliteral">'2'</span>,<span class="charliteral">'3'</span>,<span class="charliteral">'4'</span>,<span class="charliteral">'5'</span>,<span class="charliteral">'6'</span>,<span class="charliteral">'7'</span>,<span class="charliteral">'8'</span>,<span class="charliteral">'9'</span>,<span class="charliteral">'A'</span>,<span class="charliteral">'B'</span>,<span class="charliteral">'C'</span>,<span class="charliteral">'D'</span>,<span class="charliteral">'E'</span>,<span class="charliteral">'F'</span>};
<a name="l00070"></a>00070
<a name="l00071"></a>00071
<a name="l00072"></a>00072 <span class="keyword">class </span>KSSLCertificatePrivate {
<a name="l00073"></a>00073 <span class="keyword">public</span>:
<a name="l00074"></a>00074 KSSLCertificatePrivate() {
<a name="l00075"></a>00075 kossl = KOSSL::self();
<a name="l00076"></a>00076 _lastPurpose = KSSLCertificate::None;
<a name="l00077"></a>00077 }
<a name="l00078"></a>00078
<a name="l00079"></a>00079 ~KSSLCertificatePrivate() {
<a name="l00080"></a>00080 }
<a name="l00081"></a>00081
<a name="l00082"></a>00082 <a class="code" href="classKSSLCertificate.html#a2e4a36dd232c6a88307875ad7853a9c5" title="A CA certificate can be validated as Irrelevant when it was not used to sign any other relevant certi...">KSSLCertificate::KSSLValidation</a> m_stateCache;
<a name="l00083"></a>00083 <span class="keywordtype">bool</span> m_stateCached;
<a name="l00084"></a>00084 <span class="preprocessor"> #ifdef KSSL_HAVE_SSL</span>
<a name="l00085"></a>00085 <span class="preprocessor"></span> X509 *m_cert;
<a name="l00086"></a>00086 <span class="preprocessor"> #endif</span>
<a name="l00087"></a>00087 <span class="preprocessor"></span> KOSSL *kossl;
<a name="l00088"></a>00088 <a class="code" href="classKSSLCertChain.html" title="KDE Certificate Chain Representation Class.">KSSLCertChain</a> _chain;
<a name="l00089"></a>00089 <a class="code" href="classKSSLX509V3.html" title="KDE X509v3 Flag Class.">KSSLX509V3</a> _extensions;
<a name="l00090"></a>00090 KSSLCertificate::KSSLPurpose _lastPurpose;
<a name="l00091"></a>00091 };
<a name="l00092"></a>00092
<a name="l00093"></a>00093 <a class="code" href="classKSSLCertificate.html#a0cad9b05686c9bbd5df49befedd5b8b0" title="Copy constructor.">KSSLCertificate::KSSLCertificate</a>() {
<a name="l00094"></a>00094 d = <span class="keyword">new</span> KSSLCertificatePrivate;
<a name="l00095"></a>00095 d->m_stateCached = <span class="keyword">false</span>;
<a name="l00096"></a>00096 KGlobal::dirs()->addResourceType(<span class="stringliteral">"kssl"</span>, KStandardDirs::kde_default(<span class="stringliteral">"data"</span>) + <span class="stringliteral">"kssl"</span>);
<a name="l00097"></a>00097 <span class="preprocessor"> #ifdef KSSL_HAVE_SSL</span>
<a name="l00098"></a>00098 <span class="preprocessor"></span> d->m_cert = NULL;
<a name="l00099"></a>00099 <span class="preprocessor"> #endif</span>
<a name="l00100"></a>00100 <span class="preprocessor"></span>}
<a name="l00101"></a>00101
<a name="l00102"></a>00102
<a name="l00103"></a><a class="code" href="classKSSLCertificate.html#a0cad9b05686c9bbd5df49befedd5b8b0">00103</a> <a class="code" href="classKSSLCertificate.html#a0cad9b05686c9bbd5df49befedd5b8b0" title="Copy constructor.">KSSLCertificate::KSSLCertificate</a>(<span class="keyword">const</span> <a class="code" href="classKSSLCertificate.html" title="KDE X.509 Certificate.">KSSLCertificate</a>& x) {
<a name="l00104"></a>00104 d = <span class="keyword">new</span> KSSLCertificatePrivate;
<a name="l00105"></a>00105 d->m_stateCached = <span class="keyword">false</span>;
<a name="l00106"></a>00106 KGlobal::dirs()->addResourceType(<span class="stringliteral">"kssl"</span>, KStandardDirs::kde_default(<span class="stringliteral">"data"</span>) + <span class="stringliteral">"kssl"</span>);
<a name="l00107"></a>00107 <span class="preprocessor"> #ifdef KSSL_HAVE_SSL</span>
<a name="l00108"></a>00108 <span class="preprocessor"></span> d->m_cert = NULL;
<a name="l00109"></a>00109 <a class="code" href="classKSSLCertificate.html#af8609d00c4b29f2faa69dd7edc2566ba" title="Re-set the certificate from a base64 string.">setCert</a>(KOSSL::self()->X509_dup(const_cast<KSSLCertificate&>(x).getCert()));
<a name="l00110"></a>00110 <a class="code" href="classKSSLCertChain.html" title="KDE Certificate Chain Representation Class.">KSSLCertChain</a> *c = x.d->_chain.replicate();
<a name="l00111"></a>00111 setChain(c-><a class="code" href="classKSSLCertChain.html#aff079cbb61e376a773a2a6e192bcb495" title="Read the raw chain in OpenSSL format.">rawChain</a>());
<a name="l00112"></a>00112 <span class="keyword">delete</span> c;
<a name="l00113"></a>00113 <span class="preprocessor"> #endif</span>
<a name="l00114"></a>00114 <span class="preprocessor"></span>}
<a name="l00115"></a>00115
<a name="l00116"></a>00116
<a name="l00117"></a>00117
<a name="l00118"></a><a class="code" href="classKSSLCertificate.html#acb1f0276d0ad2bec87d18bbf42a653f6">00118</a> <a class="code" href="classKSSLCertificate.html#acb1f0276d0ad2bec87d18bbf42a653f6" title="Destroy this X.509 certificate.">KSSLCertificate::~KSSLCertificate</a>() {
<a name="l00119"></a>00119 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span>
<a name="l00120"></a>00120 <span class="preprocessor"></span> <span class="keywordflow">if</span> (d->m_cert)
<a name="l00121"></a>00121 d->kossl->X509_free(d->m_cert);
<a name="l00122"></a>00122 <span class="preprocessor">#endif</span>
<a name="l00123"></a>00123 <span class="preprocessor"></span> <span class="keyword">delete</span> d;
<a name="l00124"></a>00124 }
<a name="l00125"></a>00125
<a name="l00126"></a>00126
<a name="l00127"></a><a class="code" href="classKSSLCertificate.html#aeceb3e8a7e680c3bc5ed802db8940343">00127</a> <a class="code" href="classKSSLCertChain.html" title="KDE Certificate Chain Representation Class.">KSSLCertChain</a>& <a class="code" href="classKSSLCertificate.html#aeceb3e8a7e680c3bc5ed802db8940343" title="Get a reference to the certificate chain.">KSSLCertificate::chain</a>() {
<a name="l00128"></a>00128 <span class="keywordflow">return</span> d->_chain;
<a name="l00129"></a>00129 }
<a name="l00130"></a>00130
<a name="l00131"></a>00131
<a name="l00132"></a><a class="code" href="classKSSLCertificate.html#ac7e097a18c944275a204310adbe1c786">00132</a> <a class="code" href="classKSSLCertificate.html" title="KDE X.509 Certificate.">KSSLCertificate</a> *<a class="code" href="classKSSLCertificate.html#ac7e097a18c944275a204310adbe1c786" title="Create an X.509 certificate from the internal representation.">KSSLCertificate::fromX509</a>(X509 *x5) {
<a name="l00133"></a>00133 <a class="code" href="classKSSLCertificate.html" title="KDE X.509 Certificate.">KSSLCertificate</a> *n = NULL;
<a name="l00134"></a>00134 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span>
<a name="l00135"></a>00135 <span class="preprocessor"></span> <span class="keywordflow">if</span> (x5) {
<a name="l00136"></a>00136 n = <span class="keyword">new</span> <a class="code" href="classKSSLCertificate.html" title="KDE X.509 Certificate.">KSSLCertificate</a>;
<a name="l00137"></a>00137 n-><a class="code" href="classKSSLCertificate.html#af8609d00c4b29f2faa69dd7edc2566ba" title="Re-set the certificate from a base64 string.">setCert</a>(KOSSL::self()->X509_dup(x5));
<a name="l00138"></a>00138 }
<a name="l00139"></a>00139 <span class="preprocessor">#endif</span>
<a name="l00140"></a>00140 <span class="preprocessor"></span><span class="keywordflow">return</span> n;
<a name="l00141"></a>00141 }
<a name="l00142"></a>00142
<a name="l00143"></a>00143
<a name="l00144"></a><a class="code" href="classKSSLCertificate.html#a4e41e1e31909ed2fe2ec1d2ecdbf1dce">00144</a> <a class="code" href="classKSSLCertificate.html" title="KDE X.509 Certificate.">KSSLCertificate</a> *<a class="code" href="classKSSLCertificate.html#a4e41e1e31909ed2fe2ec1d2ecdbf1dce" title="Create an X.509 certificate from a base64 encoded string.">KSSLCertificate::fromString</a>(<a class="codeRef" href="qcstring.html">QCString</a> cert) {
<a name="l00145"></a>00145 <a class="code" href="classKSSLCertificate.html" title="KDE X.509 Certificate.">KSSLCertificate</a> *n = NULL;
<a name="l00146"></a>00146 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span>
<a name="l00147"></a>00147 <span class="preprocessor"></span> <span class="keywordflow">if</span> (cert.<a class="codeRef" href="qcstring.html#length">length</a>() == 0)
<a name="l00148"></a>00148 <span class="keywordflow">return</span> NULL;
<a name="l00149"></a>00149
<a name="l00150"></a>00150 <a class="codeRef" href="qbytearray.html">QByteArray</a> qba, qbb = cert.<a class="codeRef" href="qcstring.html#copy">copy</a>();
<a name="l00151"></a>00151 KCodecs::base64Decode(qbb, qba);
<a name="l00152"></a>00152 <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *qbap = <span class="keyword">reinterpret_cast<</span><span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *<span class="keyword">></span>(qba.data());
<a name="l00153"></a>00153 X509 *x5c = KOSSL::self()->d2i_X509(NULL, &qbap, qba.size());
<a name="l00154"></a>00154 <span class="keywordflow">if</span> (!x5c) {
<a name="l00155"></a>00155 <span class="keywordflow">return</span> NULL;
<a name="l00156"></a>00156 }
<a name="l00157"></a>00157
<a name="l00158"></a>00158 n = <span class="keyword">new</span> <a class="code" href="classKSSLCertificate.html" title="KDE X.509 Certificate.">KSSLCertificate</a>;
<a name="l00159"></a>00159 n-><a class="code" href="classKSSLCertificate.html#af8609d00c4b29f2faa69dd7edc2566ba" title="Re-set the certificate from a base64 string.">setCert</a>(x5c);
<a name="l00160"></a>00160 <span class="preprocessor">#endif</span>
<a name="l00161"></a>00161 <span class="preprocessor"></span><span class="keywordflow">return</span> n;
<a name="l00162"></a>00162 }
<a name="l00163"></a>00163
<a name="l00164"></a>00164
<a name="l00165"></a>00165
<a name="l00166"></a><a class="code" href="classKSSLCertificate.html#a049269d43c054633acc843eab4352d78">00166</a> <a class="codeRef" href="qstring.html">QString</a> <a class="code" href="classKSSLCertificate.html#a049269d43c054633acc843eab4352d78" title="Get the subject of the certificate (X.509 map).">KSSLCertificate::getSubject</a>()<span class="keyword"> const </span>{
<a name="l00167"></a>00167 <a class="codeRef" href="qstring.html">QString</a> rc = <span class="stringliteral">""</span>;
<a name="l00168"></a>00168
<a name="l00169"></a>00169 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span>
<a name="l00170"></a>00170 <span class="preprocessor"></span> <span class="keywordtype">char</span> *t = d->kossl->X509_NAME_oneline(d->kossl->X509_get_subject_name(d->m_cert), 0, 0);
<a name="l00171"></a>00171 <span class="keywordflow">if</span> (!t)
<a name="l00172"></a>00172 <span class="keywordflow">return</span> rc;
<a name="l00173"></a>00173 rc = t;
<a name="l00174"></a>00174 d->kossl->OPENSSL_free(t);
<a name="l00175"></a>00175 <span class="preprocessor">#endif</span>
<a name="l00176"></a>00176 <span class="preprocessor"></span><span class="keywordflow">return</span> rc;
<a name="l00177"></a>00177 }
<a name="l00178"></a>00178
<a name="l00179"></a>00179
<a name="l00180"></a><a class="code" href="classKSSLCertificate.html#adaa42fc574520ea0f785d6aa31bfc6a5">00180</a> <a class="codeRef" href="qstring.html">QString</a> <a class="code" href="classKSSLCertificate.html#adaa42fc574520ea0f785d6aa31bfc6a5" title="Get the serial number of the certificate.">KSSLCertificate::getSerialNumber</a>()<span class="keyword"> const </span>{
<a name="l00181"></a>00181 <a class="codeRef" href="qstring.html">QString</a> rc = <span class="stringliteral">""</span>;
<a name="l00182"></a>00182
<a name="l00183"></a>00183 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span>
<a name="l00184"></a>00184 <span class="preprocessor"></span> ASN1_INTEGER *aint = d->kossl->X509_get_serialNumber(d->m_cert);
<a name="l00185"></a>00185 <span class="keywordflow">if</span> (aint) {
<a name="l00186"></a>00186 rc = ASN1_INTEGER_QString(aint);
<a name="l00187"></a>00187 <span class="comment">// d->kossl->ASN1_INTEGER_free(aint); this makes the sig test fail</span>
<a name="l00188"></a>00188 }
<a name="l00189"></a>00189 <span class="preprocessor">#endif</span>
<a name="l00190"></a>00190 <span class="preprocessor"></span><span class="keywordflow">return</span> rc;
<a name="l00191"></a>00191 }
<a name="l00192"></a>00192
<a name="l00193"></a>00193
<a name="l00194"></a><a class="code" href="classKSSLCertificate.html#af4feee48b08e85f627c3fcc25fc5924c">00194</a> <a class="codeRef" href="qstring.html">QString</a> <a class="code" href="classKSSLCertificate.html#af4feee48b08e85f627c3fcc25fc5924c" title="Get the signature.">KSSLCertificate::getSignatureText</a>()<span class="keyword"> const </span>{
<a name="l00195"></a>00195 <a class="codeRef" href="qstring.html">QString</a> rc = <span class="stringliteral">""</span>;
<a name="l00196"></a>00196
<a name="l00197"></a>00197 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span>
<a name="l00198"></a>00198 <span class="preprocessor"></span><span class="keywordtype">char</span> *s;
<a name="l00199"></a>00199 <span class="keywordtype">int</span> n, i;
<a name="l00200"></a>00200
<a name="l00201"></a>00201 i = d->kossl->OBJ_obj2nid(d->m_cert->sig_alg->algorithm);
<a name="l00202"></a>00202 rc = i18n(<span class="stringliteral">"Signature Algorithm: "</span>);
<a name="l00203"></a>00203 rc += (i == NID_undef)?i18n(<span class="stringliteral">"Unknown"</span>):<a class="codeRef" href="qstring.html">QString</a>(d->kossl->OBJ_nid2ln(i));
<a name="l00204"></a>00204
<a name="l00205"></a>00205 rc += <span class="stringliteral">"\n"</span>;
<a name="l00206"></a>00206 rc += i18n(<span class="stringliteral">"Signature Contents:"</span>);
<a name="l00207"></a>00207 n = d->m_cert->signature->length;
<a name="l00208"></a>00208 s = (<span class="keywordtype">char</span> *)d->m_cert->signature->data;
<a name="l00209"></a>00209 for (i = 0; i < n; i++) {
<a name="l00210"></a>00210 <span class="keywordflow">if</span> (i%20 != 0) rc += <span class="stringliteral">":"</span>;
<a name="l00211"></a>00211 <span class="keywordflow">else</span> rc += <span class="stringliteral">"\n"</span>;
<a name="l00212"></a>00212 rc.<a class="codeRef" href="qstring.html#append">append</a>(hv[(s[i]&0xf0)>>4]);
<a name="l00213"></a>00213 rc.<a class="codeRef" href="qstring.html#append">append</a>(hv[s[i]&0x0f]);
<a name="l00214"></a>00214 }
<a name="l00215"></a>00215
<a name="l00216"></a>00216 <span class="preprocessor">#endif</span>
<a name="l00217"></a>00217 <span class="preprocessor"></span>
<a name="l00218"></a>00218 <span class="keywordflow">return</span> rc;
<a name="l00219"></a>00219 }
<a name="l00220"></a>00220
<a name="l00221"></a>00221
<a name="l00222"></a><a class="code" href="classKSSLCertificate.html#abbe7161439315d86d38ae1809a1b7208">00222</a> <span class="keywordtype">void</span> <a class="code" href="classKSSLCertificate.html#abbe7161439315d86d38ae1809a1b7208" title="FIXME: document.">KSSLCertificate::getEmails</a>(<a class="codeRef" href="qstringlist.html">QStringList</a> &to)<span class="keyword"> const </span>{
<a name="l00223"></a>00223 to.clear();
<a name="l00224"></a>00224 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span>
<a name="l00225"></a>00225 <span class="preprocessor"></span> <span class="keywordflow">if</span> (!d->m_cert)
<a name="l00226"></a>00226 <span class="keywordflow">return</span>;
<a name="l00227"></a>00227
<a name="l00228"></a>00228 STACK *s = d->kossl->X509_get1_email(d->m_cert);
<a name="l00229"></a>00229 <span class="keywordflow">if</span> (s) {
<a name="l00230"></a>00230 <span class="keywordflow">for</span>(<span class="keywordtype">int</span> n=0; n < s->num; n++) {
<a name="l00231"></a>00231 to.append(d->kossl->sk_value(s,n));
<a name="l00232"></a>00232 }
<a name="l00233"></a>00233 d->kossl->X509_email_free(s);
<a name="l00234"></a>00234 }
<a name="l00235"></a>00235 <span class="preprocessor">#endif </span>
<a name="l00236"></a>00236 <span class="preprocessor"></span>}
<a name="l00237"></a>00237
<a name="l00238"></a>00238
<a name="l00239"></a><a class="code" href="classKSSLCertificate.html#a2137ca44eadfe368200159c8fcadcd8a">00239</a> <a class="codeRef" href="qstring.html">QString</a> <a class="code" href="classKSSLCertificate.html#a2137ca44eadfe368200159c8fcadcd8a" title="KDEKey is a concatenation "Subject (MD5)", mostly needed for SMIME.">KSSLCertificate::getKDEKey</a>()<span class="keyword"> const </span>{
<a name="l00240"></a>00240 <span class="keywordflow">return</span> <a class="code" href="classKSSLCertificate.html#a049269d43c054633acc843eab4352d78" title="Get the subject of the certificate (X.509 map).">getSubject</a>() + <span class="stringliteral">" ("</span> + <a class="code" href="classKSSLCertificate.html#ae8c0061aa5f96377407a06f3d708afb1" title="Get the MD5 digest of the certificate.">getMD5DigestText</a>() + <span class="stringliteral">")"</span>;
<a name="l00241"></a>00241 }
<a name="l00242"></a>00242
<a name="l00243"></a>00243
<a name="l00244"></a><a class="code" href="classKSSLCertificate.html#ada767419b1096892967e67d08006007a">00244</a> <a class="codeRef" href="qstring.html">QString</a> <a class="code" href="classKSSLCertificate.html#ada767419b1096892967e67d08006007a" title="Aegypten semantics force us to search by MD5Digest only.">KSSLCertificate::getMD5DigestFromKDEKey</a>(<span class="keyword">const</span> <a class="codeRef" href="qstring.html">QString</a> &k) {
<a name="l00245"></a>00245 <a class="codeRef" href="qstring.html">QString</a> rc;
<a name="l00246"></a>00246 <span class="keywordtype">int</span> pos = k.<a class="codeRef" href="qstring.html#findRev">findRev</a>(<span class="charliteral">'('</span>);
<a name="l00247"></a>00247 <span class="keywordflow">if</span> (pos != -1) {
<a name="l00248"></a>00248 <span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> len = k.<a class="codeRef" href="qstring.html#length">length</a>();
<a name="l00249"></a>00249 <span class="keywordflow">if</span> (k.<a class="codeRef" href="qstring.html#at">at</a>(len-1) == <span class="charliteral">')'</span>) {
<a name="l00250"></a>00250 rc = k.<a class="codeRef" href="qstring.html#mid">mid</a>(pos+1, len-pos-2);
<a name="l00251"></a>00251 }
<a name="l00252"></a>00252 }
<a name="l00253"></a>00253 <span class="keywordflow">return</span> rc;
<a name="l00254"></a>00254 }
<a name="l00255"></a>00255
<a name="l00256"></a>00256
<a name="l00257"></a><a class="code" href="classKSSLCertificate.html#ae8c0061aa5f96377407a06f3d708afb1">00257</a> <a class="codeRef" href="qstring.html">QString</a> <a class="code" href="classKSSLCertificate.html#ae8c0061aa5f96377407a06f3d708afb1" title="Get the MD5 digest of the certificate.">KSSLCertificate::getMD5DigestText</a>()<span class="keyword"> const </span>{
<a name="l00258"></a>00258 <a class="codeRef" href="qstring.html">QString</a> rc = <span class="stringliteral">""</span>;
<a name="l00259"></a>00259
<a name="l00260"></a>00260 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span>
<a name="l00261"></a>00261 <span class="preprocessor"></span> <span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> n;
<a name="l00262"></a>00262 <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> md[EVP_MAX_MD_SIZE];
<a name="l00263"></a>00263
<a name="l00264"></a>00264 <span class="keywordflow">if</span> (!d->kossl->X509_digest(d->m_cert, d->kossl->EVP_md5(), md, &n)) {
<a name="l00265"></a>00265 <span class="keywordflow">return</span> rc;
<a name="l00266"></a>00266 }
<a name="l00267"></a>00267
<a name="l00268"></a>00268 <span class="keywordflow">for</span> (<span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> j = 0; j < n; j++) {
<a name="l00269"></a>00269 <span class="keywordflow">if</span> (j > 0)
<a name="l00270"></a>00270 rc += <span class="stringliteral">":"</span>;
<a name="l00271"></a>00271 rc.<a class="codeRef" href="qstring.html#append">append</a>(hv[(md[j]&0xf0)>>4]);
<a name="l00272"></a>00272 rc.<a class="codeRef" href="qstring.html#append">append</a>(hv[md[j]&0x0f]);
<a name="l00273"></a>00273 }
<a name="l00274"></a>00274
<a name="l00275"></a>00275 <span class="preprocessor">#endif</span>
<a name="l00276"></a>00276 <span class="preprocessor"></span>
<a name="l00277"></a>00277 <span class="keywordflow">return</span> rc;
<a name="l00278"></a>00278 }
<a name="l00279"></a>00279
<a name="l00280"></a>00280
<a name="l00281"></a>00281
<a name="l00282"></a><a class="code" href="classKSSLCertificate.html#ae8f189dd61363fd9ad29edfcc01faf63">00282</a> <a class="codeRef" href="qstring.html">QString</a> <a class="code" href="classKSSLCertificate.html#ae8f189dd61363fd9ad29edfcc01faf63" title="Get the MD5 digest of the certificate.">KSSLCertificate::getMD5Digest</a>()<span class="keyword"> const </span>{
<a name="l00283"></a>00283 <a class="codeRef" href="qstring.html">QString</a> rc = <span class="stringliteral">""</span>;
<a name="l00284"></a>00284
<a name="l00285"></a>00285 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span>
<a name="l00286"></a>00286 <span class="preprocessor"></span> <span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> n;
<a name="l00287"></a>00287 <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> md[EVP_MAX_MD_SIZE];
<a name="l00288"></a>00288
<a name="l00289"></a>00289 <span class="keywordflow">if</span> (!d->kossl->X509_digest(d->m_cert, d->kossl->EVP_md5(), md, &n)) {
<a name="l00290"></a>00290 <span class="keywordflow">return</span> rc;
<a name="l00291"></a>00291 }
<a name="l00292"></a>00292
<a name="l00293"></a>00293 <span class="keywordflow">for</span> (<span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> j = 0; j < n; j++) {
<a name="l00294"></a>00294 rc.<a class="codeRef" href="qstring.html#append">append</a>(hv[(md[j]&0xf0)>>4]);
<a name="l00295"></a>00295 rc.<a class="codeRef" href="qstring.html#append">append</a>(hv[md[j]&0x0f]);
<a name="l00296"></a>00296 }
<a name="l00297"></a>00297
<a name="l00298"></a>00298 <span class="preprocessor">#endif</span>
<a name="l00299"></a>00299 <span class="preprocessor"></span>
<a name="l00300"></a>00300 <span class="keywordflow">return</span> rc;
<a name="l00301"></a>00301 }
<a name="l00302"></a>00302
<a name="l00303"></a>00303
<a name="l00304"></a>00304
<a name="l00305"></a><a class="code" href="classKSSLCertificate.html#a7905ae68949e6e9874654d0c3d284335">00305</a> <a class="codeRef" href="qstring.html">QString</a> <a class="code" href="classKSSLCertificate.html#a7905ae68949e6e9874654d0c3d284335" title="Get the key type (RSA, DSA, etc).">KSSLCertificate::getKeyType</a>()<span class="keyword"> const </span>{
<a name="l00306"></a>00306 <a class="codeRef" href="qstring.html">QString</a> rc = <span class="stringliteral">""</span>;
<a name="l00307"></a>00307
<a name="l00308"></a>00308 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span>
<a name="l00309"></a>00309 <span class="preprocessor"></span> EVP_PKEY *pkey = d->kossl->X509_get_pubkey(d->m_cert);
<a name="l00310"></a>00310 <span class="keywordflow">if</span> (pkey) {
<a name="l00311"></a>00311 <span class="preprocessor"> #ifndef NO_RSA</span>
<a name="l00312"></a>00312 <span class="preprocessor"></span> <span class="keywordflow">if</span> (pkey->type == EVP_PKEY_RSA)
<a name="l00313"></a>00313 rc = <span class="stringliteral">"RSA"</span>;
<a name="l00314"></a>00314 <span class="keywordflow">else</span>
<a name="l00315"></a>00315 <span class="preprocessor"> #endif</span>
<a name="l00316"></a>00316 <span class="preprocessor"></span><span class="preprocessor"> #ifndef NO_DSA</span>
<a name="l00317"></a>00317 <span class="preprocessor"></span> <span class="keywordflow">if</span> (pkey->type == EVP_PKEY_DSA)
<a name="l00318"></a>00318 rc = <span class="stringliteral">"DSA"</span>;
<a name="l00319"></a>00319 <span class="keywordflow">else</span>
<a name="l00320"></a>00320 <span class="preprocessor"> #endif</span>
<a name="l00321"></a>00321 <span class="preprocessor"></span> rc = <span class="stringliteral">"Unknown"</span>;
<a name="l00322"></a>00322 d->kossl->EVP_PKEY_free(pkey);
<a name="l00323"></a>00323 }
<a name="l00324"></a>00324 <span class="preprocessor">#endif</span>
<a name="l00325"></a>00325 <span class="preprocessor"></span>
<a name="l00326"></a>00326 <span class="keywordflow">return</span> rc;
<a name="l00327"></a>00327 }
<a name="l00328"></a>00328
<a name="l00329"></a>00329
<a name="l00330"></a>00330
<a name="l00331"></a><a class="code" href="classKSSLCertificate.html#af904d0ff218539df7a3560daf39dab45">00331</a> <a class="codeRef" href="qstring.html">QString</a> <a class="code" href="classKSSLCertificate.html#af904d0ff218539df7a3560daf39dab45" title="Get the public key.">KSSLCertificate::getPublicKeyText</a>()<span class="keyword"> const </span>{
<a name="l00332"></a>00332 <a class="codeRef" href="qstring.html">QString</a> rc = <span class="stringliteral">""</span>;
<a name="l00333"></a>00333 <span class="keywordtype">char</span> *x = NULL;
<a name="l00334"></a>00334
<a name="l00335"></a>00335 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span>
<a name="l00336"></a>00336 <span class="preprocessor"></span> EVP_PKEY *pkey = d->kossl->X509_get_pubkey(d->m_cert);
<a name="l00337"></a>00337 <span class="keywordflow">if</span> (pkey) {
<a name="l00338"></a>00338 rc = i18n(<span class="stringliteral">"Unknown"</span>, <span class="stringliteral">"Unknown key algorithm"</span>);
<a name="l00339"></a>00339 <span class="preprocessor"> #ifndef NO_RSA</span>
<a name="l00340"></a>00340 <span class="preprocessor"></span> <span class="keywordflow">if</span> (pkey->type == EVP_PKEY_RSA) {
<a name="l00341"></a>00341 rc = i18n(<span class="stringliteral">"Key type: RSA (%1 bit)"</span>) + <span class="stringliteral">"\n"</span>;
<a name="l00342"></a>00342
<a name="l00343"></a>00343 x = d->kossl->BN_bn2hex(pkey->pkey.rsa->n);
<a name="l00344"></a>00344 rc += i18n(<span class="stringliteral">"Modulus: "</span>);
<a name="l00345"></a>00345 rc = rc.<a class="codeRef" href="qstring.html#arg">arg</a>(strlen(x)*4);
<a name="l00346"></a>00346 <span class="keywordflow">for</span> (<span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> i = 0; i < strlen(x); i++) {
<a name="l00347"></a>00347 <span class="keywordflow">if</span> (i%40 != 0 && i%2 == 0)
<a name="l00348"></a>00348 rc += <span class="stringliteral">":"</span>;
<a name="l00349"></a>00349 <span class="keywordflow">else</span> <span class="keywordflow">if</span> (i%40 == 0)
<a name="l00350"></a>00350 rc += <span class="stringliteral">"\n"</span>;
<a name="l00351"></a>00351 rc += x[i];
<a name="l00352"></a>00352 }
<a name="l00353"></a>00353 rc += <span class="stringliteral">"\n"</span>;
<a name="l00354"></a>00354 d->kossl->OPENSSL_free(x);
<a name="l00355"></a>00355
<a name="l00356"></a>00356 x = d->kossl->BN_bn2hex(pkey->pkey.rsa->e);
<a name="l00357"></a>00357 rc += i18n(<span class="stringliteral">"Exponent: 0x"</span>) + x + <span class="stringliteral">"\n"</span>;
<a name="l00358"></a>00358 d->kossl->OPENSSL_free(x);
<a name="l00359"></a>00359 }
<a name="l00360"></a>00360 <span class="preprocessor"> #endif</span>
<a name="l00361"></a>00361 <span class="preprocessor"></span><span class="preprocessor"> #ifndef NO_DSA</span>
<a name="l00362"></a>00362 <span class="preprocessor"></span> <span class="keywordflow">if</span> (pkey->type == EVP_PKEY_DSA) {
<a name="l00363"></a>00363 rc = i18n(<span class="stringliteral">"Key type: DSA (%1 bit)"</span>) + <span class="stringliteral">"\n"</span>;
<a name="l00364"></a>00364
<a name="l00365"></a>00365 x = d->kossl->BN_bn2hex(pkey->pkey.dsa->p);
<a name="l00366"></a>00366 rc += i18n(<span class="stringliteral">"Prime: "</span>);
<a name="l00367"></a>00367 <span class="comment">// hack - this may not be always accurate</span>
<a name="l00368"></a>00368 rc = rc.<a class="codeRef" href="qstring.html#arg">arg</a>(strlen(x)*4) ;
<a name="l00369"></a>00369 <span class="keywordflow">for</span> (<span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> i = 0; i < strlen(x); i++) {
<a name="l00370"></a>00370 <span class="keywordflow">if</span> (i%40 != 0 && i%2 == 0)
<a name="l00371"></a>00371 rc += <span class="stringliteral">":"</span>;
<a name="l00372"></a>00372 <span class="keywordflow">else</span> <span class="keywordflow">if</span> (i%40 == 0)
<a name="l00373"></a>00373 rc += <span class="stringliteral">"\n"</span>;
<a name="l00374"></a>00374 rc += x[i];
<a name="l00375"></a>00375 }
<a name="l00376"></a>00376 rc += <span class="stringliteral">"\n"</span>;
<a name="l00377"></a>00377 d->kossl->OPENSSL_free(x);
<a name="l00378"></a>00378
<a name="l00379"></a>00379 x = d->kossl->BN_bn2hex(pkey->pkey.dsa->q);
<a name="l00380"></a>00380 rc += i18n(<span class="stringliteral">"160 bit prime factor: "</span>);
<a name="l00381"></a>00381 <span class="keywordflow">for</span> (<span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> i = 0; i < strlen(x); i++) {
<a name="l00382"></a>00382 <span class="keywordflow">if</span> (i%40 != 0 && i%2 == 0)
<a name="l00383"></a>00383 rc += <span class="stringliteral">":"</span>;
<a name="l00384"></a>00384 <span class="keywordflow">else</span> <span class="keywordflow">if</span> (i%40 == 0)
<a name="l00385"></a>00385 rc += <span class="stringliteral">"\n"</span>;
<a name="l00386"></a>00386 rc += x[i];
<a name="l00387"></a>00387 }
<a name="l00388"></a>00388 rc += <span class="stringliteral">"\n"</span>;
<a name="l00389"></a>00389 d->kossl->OPENSSL_free(x);
<a name="l00390"></a>00390
<a name="l00391"></a>00391 x = d->kossl->BN_bn2hex(pkey->pkey.dsa->g);
<a name="l00392"></a>00392 rc += <a class="codeRef" href="qstring.html">QString</a>(<span class="stringliteral">"g: "</span>);
<a name="l00393"></a>00393 <span class="keywordflow">for</span> (<span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> i = 0; i < strlen(x); i++) {
<a name="l00394"></a>00394 <span class="keywordflow">if</span> (i%40 != 0 && i%2 == 0)
<a name="l00395"></a>00395 rc += <span class="stringliteral">":"</span>;
<a name="l00396"></a>00396 <span class="keywordflow">else</span> <span class="keywordflow">if</span> (i%40 == 0)
<a name="l00397"></a>00397 rc += <span class="stringliteral">"\n"</span>;
<a name="l00398"></a>00398 rc += x[i];
<a name="l00399"></a>00399 }
<a name="l00400"></a>00400 rc += <span class="stringliteral">"\n"</span>;
<a name="l00401"></a>00401 d->kossl->OPENSSL_free(x);
<a name="l00402"></a>00402
<a name="l00403"></a>00403 x = d->kossl->BN_bn2hex(pkey->pkey.dsa->pub_key);
<a name="l00404"></a>00404 rc += i18n(<span class="stringliteral">"Public key: "</span>);
<a name="l00405"></a>00405 <span class="keywordflow">for</span> (<span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> i = 0; i < strlen(x); i++) {
<a name="l00406"></a>00406 <span class="keywordflow">if</span> (i%40 != 0 && i%2 == 0)
<a name="l00407"></a>00407 rc += <span class="stringliteral">":"</span>;
<a name="l00408"></a>00408 <span class="keywordflow">else</span> <span class="keywordflow">if</span> (i%40 == 0)
<a name="l00409"></a>00409 rc += <span class="stringliteral">"\n"</span>;
<a name="l00410"></a>00410 rc += x[i];
<a name="l00411"></a>00411 }
<a name="l00412"></a>00412 rc += <span class="stringliteral">"\n"</span>;
<a name="l00413"></a>00413 d->kossl->OPENSSL_free(x);
<a name="l00414"></a>00414 }
<a name="l00415"></a>00415 <span class="preprocessor"> #endif</span>
<a name="l00416"></a>00416 <span class="preprocessor"></span> d->kossl->EVP_PKEY_free(pkey);
<a name="l00417"></a>00417 }
<a name="l00418"></a>00418 <span class="preprocessor">#endif</span>
<a name="l00419"></a>00419 <span class="preprocessor"></span>
<a name="l00420"></a>00420 <span class="keywordflow">return</span> rc;
<a name="l00421"></a>00421 }
<a name="l00422"></a>00422
<a name="l00423"></a>00423
<a name="l00424"></a>00424
<a name="l00425"></a><a class="code" href="classKSSLCertificate.html#ae5c6a7a8ea0f0c4dca53a11834c7beed">00425</a> <a class="codeRef" href="qstring.html">QString</a> <a class="code" href="classKSSLCertificate.html#ae5c6a7a8ea0f0c4dca53a11834c7beed" title="Get the issuer of the certificate (X.509 map).">KSSLCertificate::getIssuer</a>()<span class="keyword"> const </span>{
<a name="l00426"></a>00426 <a class="codeRef" href="qstring.html">QString</a> rc = <span class="stringliteral">""</span>;
<a name="l00427"></a>00427
<a name="l00428"></a>00428 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span>
<a name="l00429"></a>00429 <span class="preprocessor"></span> <span class="keywordtype">char</span> *t = d->kossl->X509_NAME_oneline(d->kossl->X509_get_issuer_name(d->m_cert), 0, 0);
<a name="l00430"></a>00430
<a name="l00431"></a>00431 <span class="keywordflow">if</span> (!t)
<a name="l00432"></a>00432 <span class="keywordflow">return</span> rc;
<a name="l00433"></a>00433
<a name="l00434"></a>00434 rc = t;
<a name="l00435"></a>00435 d->kossl->OPENSSL_free(t);
<a name="l00436"></a>00436 <span class="preprocessor">#endif</span>
<a name="l00437"></a>00437 <span class="preprocessor"></span>
<a name="l00438"></a>00438 <span class="keywordflow">return</span> rc;
<a name="l00439"></a>00439 }
<a name="l00440"></a>00440
<a name="l00441"></a>00441 <span class="keywordtype">void</span> KSSLCertificate::setChain(<span class="keywordtype">void</span> *c) {
<a name="l00442"></a>00442 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span>
<a name="l00443"></a>00443 <span class="preprocessor"></span> d->_chain.setChain(c);
<a name="l00444"></a>00444 <span class="preprocessor">#endif</span>
<a name="l00445"></a>00445 <span class="preprocessor"></span> d->m_stateCached = <span class="keyword">false</span>;
<a name="l00446"></a>00446 d->m_stateCache = KSSLCertificate::Unknown;
<a name="l00447"></a>00447 }
<a name="l00448"></a>00448
<a name="l00449"></a>00449 <span class="keywordtype">void</span> <a class="code" href="classKSSLCertificate.html#af8609d00c4b29f2faa69dd7edc2566ba" title="Re-set the certificate from a base64 string.">KSSLCertificate::setCert</a>(X509 *c) {
<a name="l00450"></a>00450 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span>
<a name="l00451"></a>00451 <span class="preprocessor"></span>d->m_cert = c;
<a name="l00452"></a>00452 <span class="keywordflow">if</span> (c) {
<a name="l00453"></a>00453 d->_extensions.flags = 0;
<a name="l00454"></a>00454 d->kossl->X509_check_purpose(c, -1, 0); <span class="comment">// setup the fields (!!)</span>
<a name="l00455"></a>00455
<a name="l00456"></a>00456 <span class="preprocessor">#if 0</span>
<a name="l00457"></a>00457 <span class="preprocessor"></span> kdDebug(7029) << <span class="stringliteral">"---------------- Certificate ------------------"</span>
<a name="l00458"></a>00458 << endl;
<a name="l00459"></a>00459 kdDebug(7029) << <a class="code" href="classKSSLCertificate.html#a049269d43c054633acc843eab4352d78" title="Get the subject of the certificate (X.509 map).">getSubject</a>() << endl;
<a name="l00460"></a>00460 <span class="preprocessor">#endif</span>
<a name="l00461"></a>00461 <span class="preprocessor"></span>
<a name="l00462"></a>00462 <span class="keywordflow">for</span> (<span class="keywordtype">int</span> j = 0; j < d->kossl->X509_PURPOSE_get_count(); j++) {
<a name="l00463"></a>00463 X509_PURPOSE *ptmp = d->kossl->X509_PURPOSE_get0(j);
<a name="l00464"></a>00464 <span class="keywordtype">int</span> <span class="keywordtype">id</span> = d->kossl->X509_PURPOSE_get_id(ptmp);
<a name="l00465"></a>00465 <span class="keywordflow">for</span> (<span class="keywordtype">int</span> ca = 0; ca < 2; ca++) {
<a name="l00466"></a>00466 <span class="keywordtype">int</span> idret = d->kossl->X509_check_purpose(c, <span class="keywordtype">id</span>, ca);
<a name="l00467"></a>00467 <span class="keywordflow">if</span> (idret == 1 || idret == 2) { <span class="comment">// have it</span>
<a name="l00468"></a>00468 <span class="comment">// kdDebug() << "PURPOSE: " << id << (ca?" CA":"") << endl;</span>
<a name="l00469"></a>00469 <span class="keywordflow">if</span> (!ca)
<a name="l00470"></a>00470 d->_extensions.flags |= (1L <<(<span class="keywordtype">id</span>-1));
<a name="l00471"></a>00471 <span class="keywordflow">else</span> d->_extensions.flags |= (1L <<(16+<span class="keywordtype">id</span>-1));
<a name="l00472"></a>00472 } <span class="keywordflow">else</span> {
<a name="l00473"></a>00473 <span class="keywordflow">if</span> (!ca)
<a name="l00474"></a>00474 d->_extensions.flags &= ~(1L <<(<span class="keywordtype">id</span>-1));
<a name="l00475"></a>00475 <span class="keywordflow">else</span> d->_extensions.flags &= ~(1L <<(16+<span class="keywordtype">id</span>-1));
<a name="l00476"></a>00476 }
<a name="l00477"></a>00477 }
<a name="l00478"></a>00478 }
<a name="l00479"></a>00479
<a name="l00480"></a>00480 <span class="preprocessor">#if 0</span>
<a name="l00481"></a>00481 <span class="preprocessor"></span> kdDebug(7029) << <span class="stringliteral">"flags: "</span> << <a class="codeRef" href="qstring.html#number">QString::number</a>(c->ex_flags, 2)
<a name="l00482"></a>00482 << <span class="stringliteral">"\nkeyusage: "</span> << <a class="codeRef" href="qstring.html#number">QString::number</a>(c->ex_kusage, 2)
<a name="l00483"></a>00483 << <span class="stringliteral">"\nxkeyusage: "</span> << <a class="codeRef" href="qstring.html#number">QString::number</a>(c->ex_xkusage, 2)
<a name="l00484"></a>00484 << <span class="stringliteral">"\nnscert: "</span> << <a class="codeRef" href="qstring.html#number">QString::number</a>(c->ex_nscert, 2)
<a name="l00485"></a>00485 << endl;
<a name="l00486"></a>00486 <span class="keywordflow">if</span> (c->ex_flags & EXFLAG_KUSAGE)
<a name="l00487"></a>00487 kdDebug(7029) << <span class="stringliteral">" --- Key Usage extensions found"</span> << endl;
<a name="l00488"></a>00488 <span class="keywordflow">else</span> kdDebug(7029) << <span class="stringliteral">" --- Key Usage extensions NOT found"</span> << endl;
<a name="l00489"></a>00489
<a name="l00490"></a>00490 <span class="keywordflow">if</span> (c->ex_flags & EXFLAG_XKUSAGE)
<a name="l00491"></a>00491 kdDebug(7029) << <span class="stringliteral">" --- Extended key usage extensions found"</span> << endl;
<a name="l00492"></a>00492 <span class="keywordflow">else</span> kdDebug(7029) << <span class="stringliteral">" --- Extended key usage extensions NOT found"</span> << endl;
<a name="l00493"></a>00493
<a name="l00494"></a>00494 <span class="keywordflow">if</span> (c->ex_flags & EXFLAG_NSCERT)
<a name="l00495"></a>00495 kdDebug(7029) << <span class="stringliteral">" --- NS extensions found"</span> << endl;
<a name="l00496"></a>00496 <span class="keywordflow">else</span> kdDebug(7029) << <span class="stringliteral">" --- NS extensions NOT found"</span> << endl;
<a name="l00497"></a>00497
<a name="l00498"></a>00498 <span class="keywordflow">if</span> (d->_extensions.certTypeSSLCA())
<a name="l00499"></a>00499 kdDebug(7029) << <span class="stringliteral">"NOTE: this is an SSL CA file."</span> << endl;
<a name="l00500"></a>00500 <span class="keywordflow">else</span> kdDebug(7029) << <span class="stringliteral">"NOTE: this is NOT an SSL CA file."</span> << endl;
<a name="l00501"></a>00501
<a name="l00502"></a>00502 <span class="keywordflow">if</span> (d->_extensions.certTypeEmailCA())
<a name="l00503"></a>00503 kdDebug(7029) << <span class="stringliteral">"NOTE: this is an EMAIL CA file."</span> << endl;
<a name="l00504"></a>00504 <span class="keywordflow">else</span> kdDebug(7029) << <span class="stringliteral">"NOTE: this is NOT an EMAIL CA file."</span> << endl;
<a name="l00505"></a>00505
<a name="l00506"></a>00506 <span class="keywordflow">if</span> (d->_extensions.certTypeCodeCA())
<a name="l00507"></a>00507 kdDebug(7029) << <span class="stringliteral">"NOTE: this is a CODE CA file."</span> << endl;
<a name="l00508"></a>00508 <span class="keywordflow">else</span> kdDebug(7029) << <span class="stringliteral">"NOTE: this is NOT a CODE CA file."</span> << endl;
<a name="l00509"></a>00509
<a name="l00510"></a>00510 <span class="keywordflow">if</span> (d->_extensions.certTypeSSLClient())
<a name="l00511"></a>00511 kdDebug(7029) << <span class="stringliteral">"NOTE: this is an SSL client."</span> << endl;
<a name="l00512"></a>00512 <span class="keywordflow">else</span> kdDebug(7029) << <span class="stringliteral">"NOTE: this is NOT an SSL client."</span> << endl;
<a name="l00513"></a>00513
<a name="l00514"></a>00514 <span class="keywordflow">if</span> (d->_extensions.certTypeSSLServer())
<a name="l00515"></a>00515 kdDebug(7029) << <span class="stringliteral">"NOTE: this is an SSL server."</span> << endl;
<a name="l00516"></a>00516 <span class="keywordflow">else</span> kdDebug(7029) << <span class="stringliteral">"NOTE: this is NOT an SSL server."</span> << endl;
<a name="l00517"></a>00517
<a name="l00518"></a>00518 <span class="keywordflow">if</span> (d->_extensions.certTypeNSSSLServer())
<a name="l00519"></a>00519 kdDebug(7029) << <span class="stringliteral">"NOTE: this is a NETSCAPE SSL server."</span> << endl;
<a name="l00520"></a>00520 <span class="keywordflow">else</span> kdDebug(7029) << <span class="stringliteral">"NOTE: this is NOT a NETSCAPE SSL server."</span> << endl;
<a name="l00521"></a>00521
<a name="l00522"></a>00522 <span class="keywordflow">if</span> (d->_extensions.certTypeSMIME())
<a name="l00523"></a>00523 kdDebug(7029) << <span class="stringliteral">"NOTE: this is an SMIME certificate."</span> << endl;
<a name="l00524"></a>00524 <span class="keywordflow">else</span> kdDebug(7029) << <span class="stringliteral">"NOTE: this is NOT an SMIME certificate."</span> << endl;
<a name="l00525"></a>00525
<a name="l00526"></a>00526 <span class="keywordflow">if</span> (d->_extensions.certTypeSMIMEEncrypt())
<a name="l00527"></a>00527 kdDebug(7029) << <span class="stringliteral">"NOTE: this is an SMIME encrypt cert."</span> << endl;
<a name="l00528"></a>00528 <span class="keywordflow">else</span> kdDebug(7029) << <span class="stringliteral">"NOTE: this is NOT an SMIME encrypt cert."</span> << endl;
<a name="l00529"></a>00529
<a name="l00530"></a>00530 <span class="keywordflow">if</span> (d->_extensions.certTypeSMIMESign())
<a name="l00531"></a>00531 kdDebug(7029) << <span class="stringliteral">"NOTE: this is an SMIME sign cert."</span> << endl;
<a name="l00532"></a>00532 <span class="keywordflow">else</span> kdDebug(7029) << <span class="stringliteral">"NOTE: this is NOT an SMIME sign cert."</span> << endl;
<a name="l00533"></a>00533
<a name="l00534"></a>00534 <span class="keywordflow">if</span> (d->_extensions.certTypeCRLSign())
<a name="l00535"></a>00535 kdDebug(7029) << <span class="stringliteral">"NOTE: this is a CRL signer."</span> << endl;
<a name="l00536"></a>00536 <span class="keywordflow">else</span> kdDebug(7029) << <span class="stringliteral">"NOTE: this is NOT a CRL signer."</span> << endl;
<a name="l00537"></a>00537
<a name="l00538"></a>00538 kdDebug(7029) << <span class="stringliteral">"-----------------------------------------------"</span>
<a name="l00539"></a>00539 << endl;
<a name="l00540"></a>00540 <span class="preprocessor">#endif</span>
<a name="l00541"></a>00541 <span class="preprocessor"></span>}
<a name="l00542"></a>00542 <span class="preprocessor">#endif</span>
<a name="l00543"></a>00543 <span class="preprocessor"></span>d->m_stateCached = <span class="keyword">false</span>;
<a name="l00544"></a>00544 d->m_stateCache = KSSLCertificate::Unknown;
<a name="l00545"></a>00545 }
<a name="l00546"></a>00546
<a name="l00547"></a>00547 X509 *KSSLCertificate::getCert() {
<a name="l00548"></a>00548 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span>
<a name="l00549"></a>00549 <span class="preprocessor"></span> <span class="keywordflow">return</span> d->m_cert;
<a name="l00550"></a>00550 <span class="preprocessor">#endif</span>
<a name="l00551"></a>00551 <span class="preprocessor"></span><span class="keywordflow">return</span> 0;
<a name="l00552"></a>00552 }
<a name="l00553"></a>00553
<a name="l00554"></a>00554 <span class="comment">// pull in the callback. It's common across multiple files but we want</span>
<a name="l00555"></a>00555 <span class="comment">// it to be hidden.</span>
<a name="l00556"></a>00556
<a name="l00557"></a>00557 <span class="preprocessor">#include "ksslcallback.c"</span>
<a name="l00558"></a>00558
<a name="l00559"></a>00559
<a name="l00560"></a><a class="code" href="classKSSLCertificate.html#a4fd05cba55dc2c9be24dc37f8fb8a140">00560</a> <span class="keywordtype">bool</span> <a class="code" href="classKSSLCertificate.html#a43b350abc81f44d9cc83db83b450f587" title="Check if this is a valid certificate.">KSSLCertificate::isValid</a>(KSSLCertificate::KSSLPurpose p) {
<a name="l00561"></a>00561 <span class="keywordflow">return</span> (<a class="code" href="classKSSLCertificate.html#ab0f3499c141ff191c79ff7d513dcb609" title="Check if this is a valid certificate.">validate</a>(p) == KSSLCertificate::Ok);
<a name="l00562"></a>00562 }
<a name="l00563"></a>00563
<a name="l00564"></a>00564
<a name="l00565"></a><a class="code" href="classKSSLCertificate.html#a43b350abc81f44d9cc83db83b450f587">00565</a> <span class="keywordtype">bool</span> <a class="code" href="classKSSLCertificate.html#a43b350abc81f44d9cc83db83b450f587" title="Check if this is a valid certificate.">KSSLCertificate::isValid</a>() {
<a name="l00566"></a>00566 <span class="keywordflow">return</span> <a class="code" href="classKSSLCertificate.html#a43b350abc81f44d9cc83db83b450f587" title="Check if this is a valid certificate.">isValid</a>(KSSLCertificate::SSLServer);
<a name="l00567"></a>00567 }
<a name="l00568"></a>00568
<a name="l00569"></a>00569
<a name="l00570"></a>00570 <span class="keywordtype">int</span> KSSLCertificate::purposeToOpenSSL(KSSLCertificate::KSSLPurpose p)<span class="keyword"> const </span>{
<a name="l00571"></a>00571 <span class="keywordtype">int</span> rc = 0;
<a name="l00572"></a>00572 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span>
<a name="l00573"></a>00573 <span class="preprocessor"></span> <span class="keywordflow">if</span> (p == KSSLCertificate::SSLServer) {
<a name="l00574"></a>00574 rc = X509_PURPOSE_SSL_SERVER;
<a name="l00575"></a>00575 } <span class="keywordflow">else</span> <span class="keywordflow">if</span> (p == KSSLCertificate::SSLClient) {
<a name="l00576"></a>00576 rc = X509_PURPOSE_SSL_CLIENT;
<a name="l00577"></a>00577 } <span class="keywordflow">else</span> <span class="keywordflow">if</span> (p == KSSLCertificate::SMIMEEncrypt) {
<a name="l00578"></a>00578 rc = X509_PURPOSE_SMIME_ENCRYPT;
<a name="l00579"></a>00579 } <span class="keywordflow">else</span> <span class="keywordflow">if</span> (p == KSSLCertificate::SMIMESign) {
<a name="l00580"></a>00580 rc = X509_PURPOSE_SMIME_SIGN;
<a name="l00581"></a>00581 } <span class="keywordflow">else</span> <span class="keywordflow">if</span> (p == KSSLCertificate::Any) {
<a name="l00582"></a>00582 rc = X509_PURPOSE_ANY;
<a name="l00583"></a>00583 }
<a name="l00584"></a>00584 <span class="preprocessor">#endif</span>
<a name="l00585"></a>00585 <span class="preprocessor"></span><span class="keywordflow">return</span> rc;
<a name="l00586"></a>00586 }
<a name="l00587"></a>00587
<a name="l00588"></a>00588
<a name="l00589"></a>00589 <span class="comment">// For backward compatibility</span>
<a name="l00590"></a><a class="code" href="classKSSLCertificate.html#ab0f3499c141ff191c79ff7d513dcb609">00590</a> <a class="code" href="classKSSLCertificate.html#a2e4a36dd232c6a88307875ad7853a9c5" title="A CA certificate can be validated as Irrelevant when it was not used to sign any other relevant certi...">KSSLCertificate::KSSLValidation</a> <a class="code" href="classKSSLCertificate.html#ab0f3499c141ff191c79ff7d513dcb609" title="Check if this is a valid certificate.">KSSLCertificate::validate</a>() {
<a name="l00591"></a>00591 <span class="keywordflow">return</span> <a class="code" href="classKSSLCertificate.html#ab0f3499c141ff191c79ff7d513dcb609" title="Check if this is a valid certificate.">validate</a>(KSSLCertificate::SSLServer);
<a name="l00592"></a>00592 }
<a name="l00593"></a>00593
<a name="l00594"></a><a class="code" href="classKSSLCertificate.html#a9f8261cd828ea1a820acfc6d1df9d0e6">00594</a> <a class="code" href="classKSSLCertificate.html#a2e4a36dd232c6a88307875ad7853a9c5" title="A CA certificate can be validated as Irrelevant when it was not used to sign any other relevant certi...">KSSLCertificate::KSSLValidation</a> <a class="code" href="classKSSLCertificate.html#ab0f3499c141ff191c79ff7d513dcb609" title="Check if this is a valid certificate.">KSSLCertificate::validate</a>(KSSLCertificate::KSSLPurpose purpose)
<a name="l00595"></a>00595 {
<a name="l00596"></a>00596 <a class="codeRef" href="qvaluelist.html">KSSLValidationList</a> result = <a class="code" href="classKSSLCertificate.html#a808f42cc270d053c6552444e21066720" title="Check if this is a valid certificate.">validateVerbose</a>(purpose);
<a name="l00597"></a>00597 <span class="keywordflow">if</span> (result.<a class="codeRef" href="qvaluelist.html#isEmpty">isEmpty</a>())
<a name="l00598"></a>00598 <span class="keywordflow">return</span> KSSLCertificate::Ok;
<a name="l00599"></a>00599 <span class="keywordflow">else</span>
<a name="l00600"></a>00600 <span class="keywordflow">return</span> result.<a class="codeRef" href="qvaluelist.html#first">first</a>();
<a name="l00601"></a>00601 }
<a name="l00602"></a>00602
<a name="l00603"></a>00603 <span class="comment">//</span>
<a name="l00604"></a>00604 <span class="comment">// See apps/verify.c in OpenSSL for the source of most of this logic.</span>
<a name="l00605"></a>00605 <span class="comment">//</span>
<a name="l00606"></a>00606
<a name="l00607"></a>00607 <span class="comment">// CRL files? we don't do that yet</span>
<a name="l00608"></a><a class="code" href="classKSSLCertificate.html#a808f42cc270d053c6552444e21066720">00608</a> <a class="codeRef" href="qvaluelist.html">KSSLCertificate::KSSLValidationList</a> <a class="code" href="classKSSLCertificate.html#a808f42cc270d053c6552444e21066720" title="Check if this is a valid certificate.">KSSLCertificate::validateVerbose</a>(KSSLCertificate::KSSLPurpose purpose)
<a name="l00609"></a>00609 {
<a name="l00610"></a>00610 <span class="keywordflow">return</span> <a class="code" href="classKSSLCertificate.html#a808f42cc270d053c6552444e21066720" title="Check if this is a valid certificate.">validateVerbose</a>(purpose, 0);
<a name="l00611"></a>00611 }
<a name="l00612"></a>00612
<a name="l00613"></a><a class="code" href="classKSSLCertificate.html#ab3ccb91dde5a951863bed485fae288e4">00613</a> <a class="codeRef" href="qvaluelist.html">KSSLCertificate::KSSLValidationList</a> <a class="code" href="classKSSLCertificate.html#a808f42cc270d053c6552444e21066720" title="Check if this is a valid certificate.">KSSLCertificate::validateVerbose</a>(KSSLCertificate::KSSLPurpose purpose, <a class="code" href="classKSSLCertificate.html" title="KDE X.509 Certificate.">KSSLCertificate</a> *ca)
<a name="l00614"></a>00614 {
<a name="l00615"></a>00615 <a class="codeRef" href="qvaluelist.html">KSSLValidationList</a> errors;
<a name="l00616"></a>00616 <span class="keywordflow">if</span> (ca || (d->_lastPurpose != purpose)) {
<a name="l00617"></a>00617 d->m_stateCached = <span class="keyword">false</span>;
<a name="l00618"></a>00618 }
<a name="l00619"></a>00619
<a name="l00620"></a>00620 <span class="keywordflow">if</span> (!d->m_stateCached)
<a name="l00621"></a>00621 d->_lastPurpose = purpose;
<a name="l00622"></a>00622
<a name="l00623"></a>00623 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span>
<a name="l00624"></a>00624 <span class="preprocessor"></span> X509_STORE *certStore;
<a name="l00625"></a>00625 X509_LOOKUP *certLookup;
<a name="l00626"></a>00626 X509_STORE_CTX *certStoreCTX;
<a name="l00627"></a>00627 <span class="keywordtype">int</span> rc = 0;
<a name="l00628"></a>00628
<a name="l00629"></a>00629 <span class="keywordflow">if</span> (!d->m_cert)
<a name="l00630"></a>00630 {
<a name="l00631"></a>00631 errors << KSSLCertificate::Unknown;
<a name="l00632"></a>00632 <span class="keywordflow">return</span> errors;
<a name="l00633"></a>00633 }
<a name="l00634"></a>00634
<a name="l00635"></a>00635 <span class="keywordflow">if</span> (d->m_stateCached) {
<a name="l00636"></a>00636 errors << d->m_stateCache;
<a name="l00637"></a>00637 <span class="keywordflow">return</span> errors;
<a name="l00638"></a>00638 }
<a name="l00639"></a>00639
<a name="l00640"></a>00640 <a class="codeRef" href="qstringlist.html">QStringList</a> qsl = KGlobal::dirs()->resourceDirs(<span class="stringliteral">"kssl"</span>);
<a name="l00641"></a>00641
<a name="l00642"></a>00642 <span class="keywordflow">if</span> (qsl.isEmpty()) {
<a name="l00643"></a>00643 errors << KSSLCertificate::NoCARoot;
<a name="l00644"></a>00644 <span class="keywordflow">return</span> errors;
<a name="l00645"></a>00645 }
<a name="l00646"></a>00646
<a name="l00647"></a>00647 <a class="code" href="classKSSLCertificate.html#a2e4a36dd232c6a88307875ad7853a9c5" title="A CA certificate can be validated as Irrelevant when it was not used to sign any other relevant certi...">KSSLCertificate::KSSLValidation</a> ksslv = Unknown;
<a name="l00648"></a>00648
<a name="l00649"></a>00649 <span class="keywordflow">for</span> (QStringList::Iterator j = qsl.begin(); j != qsl.end(); ++j) {
<a name="l00650"></a>00650 <span class="keyword">struct </span>stat sb;
<a name="l00651"></a>00651 <a class="codeRef" href="qstring.html">QString</a> _j = (*j) + <span class="stringliteral">"ca-bundle.crt"</span>;
<a name="l00652"></a>00652 <span class="keywordflow">if</span> (-1 == stat(_j.ascii(), &sb)) {
<a name="l00653"></a>00653 <span class="keywordflow">continue</span>;
<a name="l00654"></a>00654 }
<a name="l00655"></a>00655
<a name="l00656"></a>00656 certStore = d->kossl->X509_STORE_new();
<a name="l00657"></a>00657 <span class="keywordflow">if</span> (!certStore) {
<a name="l00658"></a>00658 errors << KSSLCertificate::Unknown;
<a name="l00659"></a>00659 <span class="keywordflow">return</span> errors;
<a name="l00660"></a>00660 }
<a name="l00661"></a>00661
<a name="l00662"></a>00662 X509_STORE_set_verify_cb_func(certStore, X509Callback);
<a name="l00663"></a>00663
<a name="l00664"></a>00664 certLookup = d->kossl->X509_STORE_add_lookup(certStore, d->kossl->X509_LOOKUP_file());
<a name="l00665"></a>00665 <span class="keywordflow">if</span> (!certLookup) {
<a name="l00666"></a>00666 ksslv = KSSLCertificate::Unknown;
<a name="l00667"></a>00667 d->kossl->X509_STORE_free(certStore);
<a name="l00668"></a>00668 <span class="keywordflow">continue</span>;
<a name="l00669"></a>00669 }
<a name="l00670"></a>00670
<a name="l00671"></a>00671 <span class="keywordflow">if</span> (!d->kossl->X509_LOOKUP_load_file(certLookup, _j.ascii(), X509_FILETYPE_PEM)) {
<a name="l00672"></a>00672 <span class="comment">// error accessing directory and loading pems</span>
<a name="l00673"></a>00673 kdDebug(7029) << <span class="stringliteral">"KSSL couldn't read CA root: "</span>
<a name="l00674"></a>00674 << _j << endl;
<a name="l00675"></a>00675 ksslv = KSSLCertificate::ErrorReadingRoot;
<a name="l00676"></a>00676 d->kossl->X509_STORE_free(certStore);
<a name="l00677"></a>00677 <span class="keywordflow">continue</span>;
<a name="l00678"></a>00678 }
<a name="l00679"></a>00679
<a name="l00680"></a>00680 <span class="comment">// This is the checking code</span>
<a name="l00681"></a>00681 certStoreCTX = d->kossl->X509_STORE_CTX_new();
<a name="l00682"></a>00682
<a name="l00683"></a>00683 <span class="comment">// this is a bad error - could mean no free memory.</span>
<a name="l00684"></a>00684 <span class="comment">// This may be the wrong thing to do here</span>
<a name="l00685"></a>00685 <span class="keywordflow">if</span> (!certStoreCTX) {
<a name="l00686"></a>00686 kdDebug(7029) << <span class="stringliteral">"KSSL couldn't create an X509 store context."</span> << endl;
<a name="l00687"></a>00687 d->kossl->X509_STORE_free(certStore);
<a name="l00688"></a>00688 <span class="keywordflow">continue</span>;
<a name="l00689"></a>00689 }
<a name="l00690"></a>00690
<a name="l00691"></a>00691 d->kossl->X509_STORE_CTX_init(certStoreCTX, certStore, d->m_cert, NULL);
<a name="l00692"></a>00692 <span class="keywordflow">if</span> (d->_chain.isValid()) {
<a name="l00693"></a>00693 d->kossl->X509_STORE_CTX_set_chain(certStoreCTX, (STACK_OF(X509)*)d->_chain.rawChain());
<a name="l00694"></a>00694 }
<a name="l00695"></a>00695
<a name="l00696"></a>00696 <span class="comment">//kdDebug(7029) << "KSSL setting CRL.............." << endl;</span>
<a name="l00697"></a>00697 <span class="comment">// int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x);</span>
<a name="l00698"></a>00698
<a name="l00699"></a>00699 d->kossl->X509_STORE_CTX_set_purpose(certStoreCTX, purposeToOpenSSL(purpose));
<a name="l00700"></a>00700
<a name="l00701"></a>00701 KSSL_X509CallBack_ca = ca ? ca->d->m_cert : 0;
<a name="l00702"></a>00702 KSSL_X509CallBack_ca_found = <span class="keyword">false</span>;
<a name="l00703"></a>00703
<a name="l00704"></a>00704 certStoreCTX->error = X509_V_OK;
<a name="l00705"></a>00705 rc = d->kossl->X509_verify_cert(certStoreCTX);
<a name="l00706"></a>00706 <span class="keywordtype">int</span> errcode = certStoreCTX->error;
<a name="l00707"></a>00707 <span class="keywordflow">if</span> (ca && !KSSL_X509CallBack_ca_found) {
<a name="l00708"></a>00708 ksslv = KSSLCertificate::Irrelevant;
<a name="l00709"></a>00709 } <span class="keywordflow">else</span> {
<a name="l00710"></a>00710 ksslv = processError(errcode);
<a name="l00711"></a>00711 }
<a name="l00712"></a>00712 <span class="comment">// For servers, we can try NS_SSL_SERVER too</span>
<a name="l00713"></a>00713 <span class="keywordflow">if</span> ( (ksslv != KSSLCertificate::Ok) &&
<a name="l00714"></a>00714 (ksslv != KSSLCertificate::Irrelevant) &&
<a name="l00715"></a>00715 purpose == KSSLCertificate::SSLServer) {
<a name="l00716"></a>00716 d->kossl->X509_STORE_CTX_set_purpose(certStoreCTX,
<a name="l00717"></a>00717 X509_PURPOSE_NS_SSL_SERVER);
<a name="l00718"></a>00718
<a name="l00719"></a>00719 certStoreCTX->error = X509_V_OK;
<a name="l00720"></a>00720 rc = d->kossl->X509_verify_cert(certStoreCTX);
<a name="l00721"></a>00721 errcode = certStoreCTX->error;
<a name="l00722"></a>00722 ksslv = processError(errcode);
<a name="l00723"></a>00723 }
<a name="l00724"></a>00724 d->kossl->X509_STORE_CTX_free(certStoreCTX);
<a name="l00725"></a>00725 d->kossl->X509_STORE_free(certStore);
<a name="l00726"></a>00726 <span class="comment">// end of checking code</span>
<a name="l00727"></a>00727 <span class="comment">//</span>
<a name="l00728"></a>00728
<a name="l00729"></a>00729 <span class="comment">//kdDebug(7029) << "KSSL Validation procedure RC: " </span>
<a name="l00730"></a>00730 <span class="comment">// << rc << endl;</span>
<a name="l00731"></a>00731 <span class="comment">//kdDebug(7029) << "KSSL Validation procedure errcode: "</span>
<a name="l00732"></a>00732 <span class="comment">// << errcode << endl;</span>
<a name="l00733"></a>00733 <span class="comment">//kdDebug(7029) << "KSSL Validation procedure RESULTS: "</span>
<a name="l00734"></a>00734 <span class="comment">// << ksslv << endl;</span>
<a name="l00735"></a>00735
<a name="l00736"></a>00736 <span class="keywordflow">if</span> (ksslv != NoCARoot && ksslv != InvalidCA) {
<a name="l00737"></a>00737 d->m_stateCached = <span class="keyword">true</span>;
<a name="l00738"></a>00738 d->m_stateCache = ksslv;
<a name="l00739"></a>00739 }
<a name="l00740"></a>00740 <span class="keywordflow">break</span>;
<a name="l00741"></a>00741 }
<a name="l00742"></a>00742
<a name="l00743"></a>00743 <span class="keywordflow">if</span> (ksslv != KSSLCertificate::Ok)
<a name="l00744"></a>00744 errors << ksslv;
<a name="l00745"></a>00745 <span class="preprocessor">#else</span>
<a name="l00746"></a>00746 <span class="preprocessor"></span> errors << KSSLCertificate::NoSSL;
<a name="l00747"></a>00747 <span class="preprocessor">#endif</span>
<a name="l00748"></a>00748 <span class="preprocessor"></span> <span class="keywordflow">return</span> errors;
<a name="l00749"></a>00749 }
<a name="l00750"></a>00750
<a name="l00751"></a>00751
<a name="l00752"></a>00752
<a name="l00753"></a><a class="code" href="classKSSLCertificate.html#a385d22e68fc6529820f06c7111aff3a9">00753</a> <a class="code" href="classKSSLCertificate.html#a2e4a36dd232c6a88307875ad7853a9c5" title="A CA certificate can be validated as Irrelevant when it was not used to sign any other relevant certi...">KSSLCertificate::KSSLValidation</a> <a class="code" href="classKSSLCertificate.html#a385d22e68fc6529820f06c7111aff3a9" title="Check if this is a valid certificate.">KSSLCertificate::revalidate</a>() {
<a name="l00754"></a>00754 <span class="keywordflow">return</span> <a class="code" href="classKSSLCertificate.html#a385d22e68fc6529820f06c7111aff3a9" title="Check if this is a valid certificate.">revalidate</a>(KSSLCertificate::SSLServer);
<a name="l00755"></a>00755 }
<a name="l00756"></a>00756
<a name="l00757"></a>00757
<a name="l00758"></a><a class="code" href="classKSSLCertificate.html#ad5be0b928cd4fda9ab8923938b07e39a">00758</a> <a class="code" href="classKSSLCertificate.html#a2e4a36dd232c6a88307875ad7853a9c5" title="A CA certificate can be validated as Irrelevant when it was not used to sign any other relevant certi...">KSSLCertificate::KSSLValidation</a> <a class="code" href="classKSSLCertificate.html#a385d22e68fc6529820f06c7111aff3a9" title="Check if this is a valid certificate.">KSSLCertificate::revalidate</a>(KSSLCertificate::KSSLPurpose p) {
<a name="l00759"></a>00759 d->m_stateCached = <span class="keyword">false</span>;
<a name="l00760"></a>00760 <span class="keywordflow">return</span> <a class="code" href="classKSSLCertificate.html#ab0f3499c141ff191c79ff7d513dcb609" title="Check if this is a valid certificate.">validate</a>(p);
<a name="l00761"></a>00761 }
<a name="l00762"></a>00762
<a name="l00763"></a>00763
<a name="l00764"></a>00764 <a class="code" href="classKSSLCertificate.html#a2e4a36dd232c6a88307875ad7853a9c5" title="A CA certificate can be validated as Irrelevant when it was not used to sign any other relevant certi...">KSSLCertificate::KSSLValidation</a> KSSLCertificate::processError(<span class="keywordtype">int</span> ec) {
<a name="l00765"></a>00765 <a class="code" href="classKSSLCertificate.html#a2e4a36dd232c6a88307875ad7853a9c5" title="A CA certificate can be validated as Irrelevant when it was not used to sign any other relevant certi...">KSSLCertificate::KSSLValidation</a> rc;
<a name="l00766"></a>00766
<a name="l00767"></a>00767 rc = KSSLCertificate::Unknown;
<a name="l00768"></a>00768 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span>
<a name="l00769"></a>00769 <span class="preprocessor"></span> <span class="keywordflow">switch</span> (ec) {
<a name="l00770"></a>00770 <span class="keywordflow">case</span> X509_V_OK: <span class="comment">// OK</span>
<a name="l00771"></a>00771 rc = KSSLCertificate::Ok;
<a name="l00772"></a>00772 <span class="keywordflow">break</span>;
<a name="l00773"></a>00773
<a name="l00774"></a>00774
<a name="l00775"></a>00775 <span class="keywordflow">case</span> X509_V_ERR_CERT_REJECTED:
<a name="l00776"></a>00776 rc = KSSLCertificate::Rejected;
<a name="l00777"></a>00777 <span class="keywordflow">break</span>;
<a name="l00778"></a>00778
<a name="l00779"></a>00779
<a name="l00780"></a>00780 <span class="keywordflow">case</span> X509_V_ERR_CERT_UNTRUSTED:
<a name="l00781"></a>00781 rc = KSSLCertificate::Untrusted;
<a name="l00782"></a>00782 <span class="keywordflow">break</span>;
<a name="l00783"></a>00783
<a name="l00784"></a>00784
<a name="l00785"></a>00785 <span class="keywordflow">case</span> X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:
<a name="l00786"></a>00786 <span class="keywordflow">case</span> X509_V_ERR_CERT_SIGNATURE_FAILURE:
<a name="l00787"></a>00787 <span class="keywordflow">case</span> X509_V_ERR_CRL_SIGNATURE_FAILURE:
<a name="l00788"></a>00788 <span class="keywordflow">case</span> X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE:
<a name="l00789"></a>00789 <span class="keywordflow">case</span> X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE:
<a name="l00790"></a>00790 rc = KSSLCertificate::SignatureFailed;
<a name="l00791"></a>00791 <span class="keywordflow">break</span>;
<a name="l00792"></a>00792
<a name="l00793"></a>00793 <span class="keywordflow">case</span> X509_V_ERR_INVALID_CA:
<a name="l00794"></a>00794 <span class="keywordflow">case</span> X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
<a name="l00795"></a>00795 <span class="keywordflow">case</span> X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY:
<a name="l00796"></a>00796 <span class="keywordflow">case</span> X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY:
<a name="l00797"></a>00797 rc = KSSLCertificate::InvalidCA;
<a name="l00798"></a>00798 <span class="keywordflow">break</span>;
<a name="l00799"></a>00799
<a name="l00800"></a>00800
<a name="l00801"></a>00801 <span class="keywordflow">case</span> X509_V_ERR_INVALID_PURPOSE:
<a name="l00802"></a>00802 rc = KSSLCertificate::InvalidPurpose;
<a name="l00803"></a>00803 <span class="keywordflow">break</span>;
<a name="l00804"></a>00804
<a name="l00805"></a>00805
<a name="l00806"></a>00806 <span class="keywordflow">case</span> X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
<a name="l00807"></a>00807 rc = KSSLCertificate::SelfSigned;
<a name="l00808"></a>00808 <span class="keywordflow">break</span>;
<a name="l00809"></a>00809
<a name="l00810"></a>00810 <span class="keywordflow">case</span> X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:
<a name="l00811"></a>00811 rc = KSSLCertificate::SelfSignedChain;
<a name="l00812"></a>00812 <span class="keywordflow">break</span>;
<a name="l00813"></a>00813
<a name="l00814"></a>00814 <span class="keywordflow">case</span> X509_V_ERR_CERT_REVOKED:
<a name="l00815"></a>00815 rc = KSSLCertificate::Revoked;
<a name="l00816"></a>00816 <span class="keywordflow">break</span>;
<a name="l00817"></a>00817
<a name="l00818"></a>00818 <span class="keywordflow">case</span> X509_V_ERR_PATH_LENGTH_EXCEEDED:
<a name="l00819"></a>00819 rc = KSSLCertificate::PathLengthExceeded;
<a name="l00820"></a>00820 <span class="keywordflow">break</span>;
<a name="l00821"></a>00821
<a name="l00822"></a>00822 <span class="keywordflow">case</span> X509_V_ERR_CERT_NOT_YET_VALID:
<a name="l00823"></a>00823 <span class="keywordflow">case</span> X509_V_ERR_CERT_HAS_EXPIRED:
<a name="l00824"></a>00824 <span class="keywordflow">case</span> X509_V_ERR_CRL_NOT_YET_VALID:
<a name="l00825"></a>00825 <span class="keywordflow">case</span> X509_V_ERR_CRL_HAS_EXPIRED:
<a name="l00826"></a>00826 <span class="keywordflow">case</span> X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
<a name="l00827"></a>00827 <span class="keywordflow">case</span> X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
<a name="l00828"></a>00828 <span class="keywordflow">case</span> X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD:
<a name="l00829"></a>00829 <span class="keywordflow">case</span> X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD:
<a name="l00830"></a>00830 rc = KSSLCertificate::Expired;
<a name="l00831"></a>00831 kdDebug(7029) << <span class="stringliteral">"KSSL apparently this is expired. Not after: "</span>
<a name="l00832"></a>00832 << <a class="code" href="classKSSLCertificate.html#a1750d3fec00b94f790ec25c7fa2f434f" title="Get the date that the certificate is valid until.">getNotAfter</a>() << endl;
<a name="l00833"></a>00833 <span class="keywordflow">break</span>;
<a name="l00834"></a>00834
<a name="l00835"></a>00835 <span class="comment">//case 1:</span>
<a name="l00836"></a>00836 <span class="keywordflow">case</span> X509_V_ERR_APPLICATION_VERIFICATION:
<a name="l00837"></a>00837 <span class="keywordflow">case</span> X509_V_ERR_OUT_OF_MEM:
<a name="l00838"></a>00838 <span class="keywordflow">case</span> X509_V_ERR_UNABLE_TO_GET_CRL:
<a name="l00839"></a>00839 <span class="keywordflow">case</span> X509_V_ERR_CERT_CHAIN_TOO_LONG:
<a name="l00840"></a>00840 <span class="keywordflow">default</span>:
<a name="l00841"></a>00841 rc = KSSLCertificate::Unknown;
<a name="l00842"></a>00842 <span class="keywordflow">break</span>;
<a name="l00843"></a>00843 }
<a name="l00844"></a>00844
<a name="l00845"></a>00845 d->m_stateCache = rc;
<a name="l00846"></a>00846 d->m_stateCached = <span class="keyword">true</span>;
<a name="l00847"></a>00847 <span class="preprocessor">#endif</span>
<a name="l00848"></a>00848 <span class="preprocessor"></span><span class="keywordflow">return</span> rc;
<a name="l00849"></a>00849 }
<a name="l00850"></a>00850
<a name="l00851"></a>00851
<a name="l00852"></a><a class="code" href="classKSSLCertificate.html#adfc2a0ba40feaaec6e43a4eff5eedcf9">00852</a> <a class="codeRef" href="qstring.html">QString</a> <a class="code" href="classKSSLCertificate.html#adfc2a0ba40feaaec6e43a4eff5eedcf9" title="Get the date that the certificate becomes valid on.">KSSLCertificate::getNotBefore</a>()<span class="keyword"> const </span>{
<a name="l00853"></a>00853 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span>
<a name="l00854"></a>00854 <span class="preprocessor"></span><span class="keywordflow">return</span> ASN1_UTCTIME_QString(X509_get_notBefore(d->m_cert));
<a name="l00855"></a>00855 <span class="preprocessor">#else</span>
<a name="l00856"></a>00856 <span class="preprocessor"></span><span class="keywordflow">return</span> QString::null;
<a name="l00857"></a>00857 <span class="preprocessor">#endif</span>
<a name="l00858"></a>00858 <span class="preprocessor"></span>}
<a name="l00859"></a>00859
<a name="l00860"></a>00860
<a name="l00861"></a><a class="code" href="classKSSLCertificate.html#a1750d3fec00b94f790ec25c7fa2f434f">00861</a> <a class="codeRef" href="qstring.html">QString</a> <a class="code" href="classKSSLCertificate.html#a1750d3fec00b94f790ec25c7fa2f434f" title="Get the date that the certificate is valid until.">KSSLCertificate::getNotAfter</a>()<span class="keyword"> const </span>{
<a name="l00862"></a>00862 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span>
<a name="l00863"></a>00863 <span class="preprocessor"></span><span class="keywordflow">return</span> ASN1_UTCTIME_QString(X509_get_notAfter(d->m_cert));
<a name="l00864"></a>00864 <span class="preprocessor">#else</span>
<a name="l00865"></a>00865 <span class="preprocessor"></span><span class="keywordflow">return</span> QString::null;
<a name="l00866"></a>00866 <span class="preprocessor">#endif</span>
<a name="l00867"></a>00867 <span class="preprocessor"></span>}
<a name="l00868"></a>00868
<a name="l00869"></a>00869
<a name="l00870"></a><a class="code" href="classKSSLCertificate.html#ae38e8ea8faa1115277983e31e5710742">00870</a> <a class="codeRef" href="qdatetime.html">QDateTime</a> <a class="code" href="classKSSLCertificate.html#ae38e8ea8faa1115277983e31e5710742" title="Get the date that the certificate becomes valid on.">KSSLCertificate::getQDTNotBefore</a>()<span class="keyword"> const </span>{
<a name="l00871"></a>00871 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span>
<a name="l00872"></a>00872 <span class="preprocessor"></span><span class="keywordflow">return</span> ASN1_UTCTIME_QDateTime(X509_get_notBefore(d->m_cert), NULL);
<a name="l00873"></a>00873 <span class="preprocessor">#else</span>
<a name="l00874"></a>00874 <span class="preprocessor"></span><span class="keywordflow">return</span> <a class="codeRef" href="qdatetime.html#currentDateTime-2">QDateTime::currentDateTime</a>();
<a name="l00875"></a>00875 <span class="preprocessor">#endif</span>
<a name="l00876"></a>00876 <span class="preprocessor"></span>}
<a name="l00877"></a>00877
<a name="l00878"></a>00878
<a name="l00879"></a><a class="code" href="classKSSLCertificate.html#a8615373781894a8cb8d268f9f94fcb87">00879</a> <a class="codeRef" href="qdatetime.html">QDateTime</a> <a class="code" href="classKSSLCertificate.html#a8615373781894a8cb8d268f9f94fcb87" title="Get the date that the certificate is valid until.">KSSLCertificate::getQDTNotAfter</a>()<span class="keyword"> const </span>{
<a name="l00880"></a>00880 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span>
<a name="l00881"></a>00881 <span class="preprocessor"></span><span class="keywordflow">return</span> ASN1_UTCTIME_QDateTime(X509_get_notAfter(d->m_cert), NULL);
<a name="l00882"></a>00882 <span class="preprocessor">#else</span>
<a name="l00883"></a>00883 <span class="preprocessor"></span><span class="keywordflow">return</span> <a class="codeRef" href="qdatetime.html#currentDateTime-2">QDateTime::currentDateTime</a>();
<a name="l00884"></a>00884 <span class="preprocessor">#endif</span>
<a name="l00885"></a>00885 <span class="preprocessor"></span>}
<a name="l00886"></a>00886
<a name="l00887"></a>00887
<a name="l00888"></a>00888 <span class="keywordtype">int</span> operator==(<a class="code" href="classKSSLCertificate.html" title="KDE X.509 Certificate.">KSSLCertificate</a> &x, <a class="code" href="classKSSLCertificate.html" title="KDE X.509 Certificate.">KSSLCertificate</a> &y) {
<a name="l00889"></a>00889 <span class="preprocessor">#ifndef KSSL_HAVE_SSL</span>
<a name="l00890"></a>00890 <span class="preprocessor"></span> <span class="keywordflow">return</span> 1;
<a name="l00891"></a>00891 <span class="preprocessor">#else</span>
<a name="l00892"></a>00892 <span class="preprocessor"></span> <span class="keywordflow">if</span> (!KOSSL::self()->X509_cmp(x.getCert(), y.getCert())) <span class="keywordflow">return</span> 1;
<a name="l00893"></a>00893 <span class="keywordflow">return</span> 0;
<a name="l00894"></a>00894 <span class="preprocessor">#endif</span>
<a name="l00895"></a>00895 <span class="preprocessor"></span>}
<a name="l00896"></a>00896
<a name="l00897"></a>00897
<a name="l00898"></a><a class="code" href="classKSSLCertificate.html#af05f9d608f93ca71a2b353bb48a224c6">00898</a> <a class="code" href="classKSSLCertificate.html" title="KDE X.509 Certificate.">KSSLCertificate</a> *<a class="code" href="classKSSLCertificate.html#af05f9d608f93ca71a2b353bb48a224c6" title="Explicitly make a copy of this certificate.">KSSLCertificate::replicate</a>() {
<a name="l00899"></a>00899 <span class="comment">// The new certificate doesn't have the cached value. It's probably</span>
<a name="l00900"></a>00900 <span class="comment">// better this way. We can't anticipate every reason for doing this.</span>
<a name="l00901"></a>00901 <a class="code" href="classKSSLCertificate.html" title="KDE X.509 Certificate.">KSSLCertificate</a> *newOne = <span class="keyword">new</span> <a class="code" href="classKSSLCertificate.html" title="KDE X.509 Certificate.">KSSLCertificate</a>();
<a name="l00902"></a>00902 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span>
<a name="l00903"></a>00903 <span class="preprocessor"></span> newOne-><a class="code" href="classKSSLCertificate.html#af8609d00c4b29f2faa69dd7edc2566ba" title="Re-set the certificate from a base64 string.">setCert</a>(d->kossl->X509_dup(getCert()));
<a name="l00904"></a>00904 <a class="code" href="classKSSLCertChain.html" title="KDE Certificate Chain Representation Class.">KSSLCertChain</a> *c = d->_chain.replicate();
<a name="l00905"></a>00905 newOne->setChain(c-><a class="code" href="classKSSLCertChain.html#aff079cbb61e376a773a2a6e192bcb495" title="Read the raw chain in OpenSSL format.">rawChain</a>());
<a name="l00906"></a>00906 <span class="keyword">delete</span> c;
<a name="l00907"></a>00907 <span class="preprocessor">#endif</span>
<a name="l00908"></a>00908 <span class="preprocessor"></span><span class="keywordflow">return</span> newOne;
<a name="l00909"></a>00909 }
<a name="l00910"></a>00910
<a name="l00911"></a>00911
<a name="l00912"></a><a class="code" href="classKSSLCertificate.html#abf9118acbd91f924914cf993820150df">00912</a> <a class="codeRef" href="qstring.html">QString</a> <a class="code" href="classKSSLCertificate.html#abf9118acbd91f924914cf993820150df" title="Convert this certificate to a string.">KSSLCertificate::toString</a>() {
<a name="l00913"></a>00913 <span class="keywordflow">return</span> KCodecs::base64Encode(<a class="code" href="classKSSLCertificate.html#a89ed3cc2ff9165eda4cb5cb332d70ac2" title="Convert the certificate to DER (ASN.1) format.">toDer</a>());
<a name="l00914"></a>00914 }
<a name="l00915"></a>00915
<a name="l00916"></a>00916
<a name="l00917"></a><a class="code" href="classKSSLCertificate.html#a7c9be1daa6bb52fce8843f96f9192bed">00917</a> <a class="codeRef" href="qstring.html">QString</a> <a class="code" href="classKSSLCertificate.html#a7c9be1daa6bb52fce8843f96f9192bed" title="Obtain the localized message that corresponds to a validation result.">KSSLCertificate::verifyText</a>(<a class="code" href="classKSSLCertificate.html#a2e4a36dd232c6a88307875ad7853a9c5" title="A CA certificate can be validated as Irrelevant when it was not used to sign any other relevant certi...">KSSLValidation</a> x) {
<a name="l00918"></a>00918 <span class="keywordflow">switch</span> (x) {
<a name="l00919"></a>00919 <span class="keywordflow">case</span> KSSLCertificate::Ok:
<a name="l00920"></a>00920 <span class="keywordflow">return</span> i18n(<span class="stringliteral">"The certificate is valid."</span>);
<a name="l00921"></a>00921 <span class="keywordflow">case</span> KSSLCertificate::PathLengthExceeded:
<a name="l00922"></a>00922 <span class="keywordflow">case</span> KSSLCertificate::ErrorReadingRoot:
<a name="l00923"></a>00923 <span class="keywordflow">case</span> KSSLCertificate::NoCARoot:
<a name="l00924"></a>00924 <span class="keywordflow">return</span> i18n(<span class="stringliteral">"Certificate signing authority root files could not be found so the certificate is not verified."</span>);
<a name="l00925"></a>00925 <span class="keywordflow">case</span> KSSLCertificate::SelfSignedChain:
<a name="l00926"></a>00926 <span class="keywordflow">case</span> KSSLCertificate::InvalidCA:
<a name="l00927"></a>00927 <span class="keywordflow">return</span> i18n(<span class="stringliteral">"Certificate signing authority is unknown or invalid."</span>);
<a name="l00928"></a>00928 <span class="keywordflow">case</span> KSSLCertificate::SelfSigned:
<a name="l00929"></a>00929 <span class="keywordflow">return</span> i18n(<span class="stringliteral">"Certificate is self-signed and thus may not be trustworthy."</span>);
<a name="l00930"></a>00930 <span class="keywordflow">case</span> KSSLCertificate::Expired:
<a name="l00931"></a>00931 <span class="keywordflow">return</span> i18n(<span class="stringliteral">"Certificate has expired."</span>);
<a name="l00932"></a>00932 <span class="keywordflow">case</span> KSSLCertificate::Revoked:
<a name="l00933"></a>00933 <span class="keywordflow">return</span> i18n(<span class="stringliteral">"Certificate has been revoked."</span>);
<a name="l00934"></a>00934 <span class="keywordflow">case</span> KSSLCertificate::NoSSL:
<a name="l00935"></a>00935 <span class="keywordflow">return</span> i18n(<span class="stringliteral">"SSL support was not found."</span>);
<a name="l00936"></a>00936 <span class="keywordflow">case</span> KSSLCertificate::Untrusted:
<a name="l00937"></a>00937 <span class="keywordflow">return</span> i18n(<span class="stringliteral">"Signature is untrusted."</span>);
<a name="l00938"></a>00938 <span class="keywordflow">case</span> KSSLCertificate::SignatureFailed:
<a name="l00939"></a>00939 <span class="keywordflow">return</span> i18n(<span class="stringliteral">"Signature test failed."</span>);
<a name="l00940"></a>00940 <span class="keywordflow">case</span> KSSLCertificate::Rejected:
<a name="l00941"></a>00941 <span class="keywordflow">case</span> KSSLCertificate::InvalidPurpose:
<a name="l00942"></a>00942 <span class="keywordflow">return</span> i18n(<span class="stringliteral">"Rejected, possibly due to an invalid purpose."</span>);
<a name="l00943"></a>00943 <span class="keywordflow">case</span> KSSLCertificate::PrivateKeyFailed:
<a name="l00944"></a>00944 <span class="keywordflow">return</span> i18n(<span class="stringliteral">"Private key test failed."</span>);
<a name="l00945"></a>00945 <span class="keywordflow">case</span> KSSLCertificate::InvalidHost:
<a name="l00946"></a>00946 <span class="keywordflow">return</span> i18n(<span class="stringliteral">"The certificate has not been issued for this host."</span>);
<a name="l00947"></a>00947 <span class="keywordflow">case</span> KSSLCertificate::Irrelevant:
<a name="l00948"></a>00948 <span class="keywordflow">return</span> i18n(<span class="stringliteral">"This certificate is not relevant."</span>);
<a name="l00949"></a>00949 <span class="keywordflow">default</span>:
<a name="l00950"></a>00950 <span class="keywordflow">break</span>;
<a name="l00951"></a>00951 }
<a name="l00952"></a>00952
<a name="l00953"></a>00953 <span class="keywordflow">return</span> i18n(<span class="stringliteral">"The certificate is invalid."</span>);
<a name="l00954"></a>00954 }
<a name="l00955"></a>00955
<a name="l00956"></a>00956
<a name="l00957"></a><a class="code" href="classKSSLCertificate.html#a89ed3cc2ff9165eda4cb5cb332d70ac2">00957</a> <a class="codeRef" href="qbytearray.html">QByteArray</a> <a class="code" href="classKSSLCertificate.html#a89ed3cc2ff9165eda4cb5cb332d70ac2" title="Convert the certificate to DER (ASN.1) format.">KSSLCertificate::toDer</a>() {
<a name="l00958"></a>00958 <a class="codeRef" href="qbytearray.html">QByteArray</a> qba;
<a name="l00959"></a>00959 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span>
<a name="l00960"></a>00960 <span class="preprocessor"></span><span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> certlen = d->kossl->i2d_X509(getCert(), NULL);
<a name="l00961"></a>00961 <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *cert = <span class="keyword">new</span> <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span>[certlen];
<a name="l00962"></a>00962 <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *p = cert;
<a name="l00963"></a>00963 <span class="comment">// FIXME: return code!</span>
<a name="l00964"></a>00964 d->kossl->i2d_X509(getCert(), &p);
<a name="l00965"></a>00965
<a name="l00966"></a>00966 <span class="comment">// encode it into a QString</span>
<a name="l00967"></a>00967 qba.duplicate((<span class="keyword">const</span> <span class="keywordtype">char</span>*)cert, certlen);
<a name="l00968"></a>00968 <span class="keyword">delete</span>[] cert;
<a name="l00969"></a>00969 <span class="preprocessor">#endif</span>
<a name="l00970"></a>00970 <span class="preprocessor"></span><span class="keywordflow">return</span> qba;
<a name="l00971"></a>00971 }
<a name="l00972"></a>00972
<a name="l00973"></a>00973
<a name="l00974"></a>00974
<a name="l00975"></a><a class="code" href="classKSSLCertificate.html#ae5de926e7edf4dfeae70ab46fe3740fb">00975</a> <a class="codeRef" href="qbytearray.html">QByteArray</a> <a class="code" href="classKSSLCertificate.html#ae5de926e7edf4dfeae70ab46fe3740fb" title="Convert the certificate to PEM (base64) format.">KSSLCertificate::toPem</a>() {
<a name="l00976"></a>00976 <a class="codeRef" href="qbytearray.html">QByteArray</a> qba;
<a name="l00977"></a>00977 <a class="codeRef" href="qstring.html">QString</a> thecert = <a class="code" href="classKSSLCertificate.html#abf9118acbd91f924914cf993820150df" title="Convert this certificate to a string.">toString</a>();
<a name="l00978"></a>00978 <span class="keyword">const</span> <span class="keywordtype">char</span> *header = <span class="stringliteral">"-----BEGIN CERTIFICATE-----\n"</span>;
<a name="l00979"></a>00979 <span class="keyword">const</span> <span class="keywordtype">char</span> *footer = <span class="stringliteral">"-----END CERTIFICATE-----\n"</span>;
<a name="l00980"></a>00980
<a name="l00981"></a>00981 <span class="comment">// We just do base64 on the ASN1</span>
<a name="l00982"></a>00982 <span class="comment">// 64 character lines (unpadded)</span>
<a name="l00983"></a>00983 <span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> xx = thecert.<a class="codeRef" href="qstring.html#length">length</a>() - 1;
<a name="l00984"></a>00984 <span class="keywordflow">for</span> (<span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> i = 0; i < xx/64; i++) {
<a name="l00985"></a>00985 thecert.<a class="codeRef" href="qstring.html#insert">insert</a>(64*(i+1)+i, <span class="charliteral">'\n'</span>);
<a name="l00986"></a>00986 }
<a name="l00987"></a>00987
<a name="l00988"></a>00988 thecert.<a class="codeRef" href="qstring.html#prepend">prepend</a>(header);
<a name="l00989"></a>00989
<a name="l00990"></a>00990 <span class="keywordflow">if</span> (thecert[thecert.<a class="codeRef" href="qstring.html#length">length</a>()-1] != <span class="charliteral">'\n'</span>)
<a name="l00991"></a>00991 thecert += <span class="stringliteral">"\n"</span>;
<a name="l00992"></a>00992
<a name="l00993"></a>00993 thecert.<a class="codeRef" href="qstring.html#append">append</a>(footer);
<a name="l00994"></a>00994
<a name="l00995"></a>00995 qba.duplicate(thecert.<a class="codeRef" href="qstring.html#local8Bit">local8Bit</a>(), thecert.<a class="codeRef" href="qstring.html#length">length</a>());
<a name="l00996"></a>00996 <span class="keywordflow">return</span> qba;
<a name="l00997"></a>00997 }
<a name="l00998"></a>00998
<a name="l00999"></a>00999
<a name="l01000"></a>01000 <span class="preprocessor">#define NETSCAPE_CERT_HDR "certificate"</span>
<a name="l01001"></a>01001 <span class="preprocessor"></span>
<a name="l01002"></a>01002 <span class="comment">// what a piece of crap this is</span>
<a name="l01003"></a><a class="code" href="classKSSLCertificate.html#a8c74e113239238b63dd5b5afb8271b1a">01003</a> <a class="codeRef" href="qbytearray.html">QByteArray</a> <a class="code" href="classKSSLCertificate.html#a8c74e113239238b63dd5b5afb8271b1a" title="Convert the certificate to Netscape format.">KSSLCertificate::toNetscape</a>() {
<a name="l01004"></a>01004 <a class="codeRef" href="qbytearray.html">QByteArray</a> qba;
<a name="l01005"></a>01005 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span>
<a name="l01006"></a>01006 <span class="preprocessor"></span><span class="preprocessor">#if OPENSSL_VERSION_NUMBER >= 0x10000000L</span>
<a name="l01007"></a>01007 <span class="preprocessor"></span> NETSCAPE_X509 nx;
<a name="l01008"></a>01008 ASN1_OCTET_STRING hdr;
<a name="l01009"></a>01009 <span class="preprocessor">#else</span>
<a name="l01010"></a>01010 <span class="preprocessor"></span> ASN1_HEADER ah;
<a name="l01011"></a>01011 ASN1_OCTET_STRING os;
<a name="l01012"></a>01012 <span class="preprocessor">#endif</span>
<a name="l01013"></a>01013 <span class="preprocessor"></span> KTempFile ktf;
<a name="l01014"></a>01014
<a name="l01015"></a>01015 <span class="preprocessor">#if OPENSSL_VERSION_NUMBER >= 0x10000000L</span>
<a name="l01016"></a>01016 <span class="preprocessor"></span> hdr.data = (<span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *)NETSCAPE_CERT_HDR;
<a name="l01017"></a>01017 hdr.length = strlen(NETSCAPE_CERT_HDR);
<a name="l01018"></a>01018 nx.header = &hdr;
<a name="l01019"></a>01019 nx.cert = getCert();
<a name="l01020"></a>01020
<a name="l01021"></a>01021 d->kossl->ASN1_i2d_fp(ktf.fstream(),(<span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *)&nx);
<a name="l01022"></a>01022 <span class="preprocessor">#else</span>
<a name="l01023"></a>01023 <span class="preprocessor"></span> os.data = (<span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *)NETSCAPE_CERT_HDR;
<a name="l01024"></a>01024 os.length = strlen(NETSCAPE_CERT_HDR);
<a name="l01025"></a>01025 ah.header = &os;
<a name="l01026"></a>01026 ah.data = (<span class="keywordtype">char</span> *)getCert();
<a name="l01027"></a>01027 ah.meth = d->kossl->X509_asn1_meth();
<a name="l01028"></a>01028
<a name="l01029"></a>01029 d->kossl->ASN1_i2d_fp(ktf.fstream(),(<span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *)&ah);
<a name="l01030"></a>01030 <span class="preprocessor">#endif</span>
<a name="l01031"></a>01031 <span class="preprocessor"></span>
<a name="l01032"></a>01032 ktf.close();
<a name="l01033"></a>01033
<a name="l01034"></a>01034 <a class="codeRef" href="qfile.html">QFile</a> qf(ktf.name());
<a name="l01035"></a>01035 qf.<a class="codeRef" href="qfile.html#open">open</a>(IO_ReadOnly);
<a name="l01036"></a>01036 <span class="keywordtype">char</span> *buf = <span class="keyword">new</span> <span class="keywordtype">char</span>[qf.size()];
<a name="l01037"></a>01037 qf.readBlock(buf, qf.size());
<a name="l01038"></a>01038 qba.duplicate(buf, qf.size());
<a name="l01039"></a>01039 qf.close();
<a name="l01040"></a>01040 <span class="keyword">delete</span>[] buf;
<a name="l01041"></a>01041
<a name="l01042"></a>01042 ktf.unlink();
<a name="l01043"></a>01043
<a name="l01044"></a>01044 <span class="preprocessor">#endif</span>
<a name="l01045"></a>01045 <span class="preprocessor"></span><span class="keywordflow">return</span> qba;
<a name="l01046"></a>01046 }
<a name="l01047"></a>01047
<a name="l01048"></a>01048
<a name="l01049"></a>01049
<a name="l01050"></a><a class="code" href="classKSSLCertificate.html#af7e2c1530eb581856466c9b640e38918">01050</a> <a class="codeRef" href="qstring.html">QString</a> <a class="code" href="classKSSLCertificate.html#af7e2c1530eb581856466c9b640e38918" title="Convert the certificate to OpenSSL plain text format.">KSSLCertificate::toText</a>() {
<a name="l01051"></a>01051 <a class="codeRef" href="qstring.html">QString</a> text;
<a name="l01052"></a>01052 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span>
<a name="l01053"></a>01053 <span class="preprocessor"></span>KTempFile ktf;
<a name="l01054"></a>01054
<a name="l01055"></a>01055 d->kossl->X509_print(ktf.fstream(), getCert());
<a name="l01056"></a>01056 ktf.close();
<a name="l01057"></a>01057
<a name="l01058"></a>01058 <a class="codeRef" href="qfile.html">QFile</a> qf(ktf.name());
<a name="l01059"></a>01059 qf.<a class="codeRef" href="qfile.html#open">open</a>(IO_ReadOnly);
<a name="l01060"></a>01060 <span class="keywordtype">char</span> *buf = <span class="keyword">new</span> <span class="keywordtype">char</span>[qf.size()+1];
<a name="l01061"></a>01061 qf.readBlock(buf, qf.size());
<a name="l01062"></a>01062 buf[qf.size()] = 0;
<a name="l01063"></a>01063 text = buf;
<a name="l01064"></a>01064 <span class="keyword">delete</span>[] buf;
<a name="l01065"></a>01065 qf.close();
<a name="l01066"></a>01066 ktf.unlink();
<a name="l01067"></a>01067 <span class="preprocessor">#endif</span>
<a name="l01068"></a>01068 <span class="preprocessor"></span><span class="keywordflow">return</span> text;
<a name="l01069"></a>01069 }
<a name="l01070"></a>01070
<a name="l01071"></a>01071 <span class="comment">// KDE 4: Make it const QString &</span>
<a name="l01072"></a><a class="code" href="classKSSLCertificate.html#af8609d00c4b29f2faa69dd7edc2566ba">01072</a> <span class="keywordtype">bool</span> <a class="code" href="classKSSLCertificate.html#af8609d00c4b29f2faa69dd7edc2566ba" title="Re-set the certificate from a base64 string.">KSSLCertificate::setCert</a>(<a class="codeRef" href="qstring.html">QString</a>& cert) {
<a name="l01073"></a>01073 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span>
<a name="l01074"></a>01074 <span class="preprocessor"></span><a class="codeRef" href="qbytearray.html">QByteArray</a> qba, qbb = cert.<a class="codeRef" href="qstring.html#local8Bit">local8Bit</a>().copy();
<a name="l01075"></a>01075 KCodecs::base64Decode(qbb, qba);
<a name="l01076"></a>01076 <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *qbap = <span class="keyword">reinterpret_cast<</span><span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *<span class="keyword">></span>(qba.data());
<a name="l01077"></a>01077 X509 *x5c = KOSSL::self()->d2i_X509(NULL, &qbap, qba.size());
<a name="l01078"></a>01078 <span class="keywordflow">if</span> (x5c) {
<a name="l01079"></a>01079 <a class="code" href="classKSSLCertificate.html#af8609d00c4b29f2faa69dd7edc2566ba" title="Re-set the certificate from a base64 string.">setCert</a>(x5c);
<a name="l01080"></a>01080 <span class="keywordflow">return</span> <span class="keyword">true</span>;
<a name="l01081"></a>01081 }
<a name="l01082"></a>01082 <span class="preprocessor">#endif</span>
<a name="l01083"></a>01083 <span class="preprocessor"></span><span class="keywordflow">return</span> <span class="keyword">false</span>;
<a name="l01084"></a>01084 }
<a name="l01085"></a>01085
<a name="l01086"></a>01086
<a name="l01087"></a><a class="code" href="classKSSLCertificate.html#a100edb1c7cf92fee486f84d288c14f93">01087</a> <a class="code" href="classKSSLX509V3.html" title="KDE X509v3 Flag Class.">KSSLX509V3</a>& <a class="code" href="classKSSLCertificate.html#a100edb1c7cf92fee486f84d288c14f93" title="Access the X.509v3 parameters.">KSSLCertificate::x509V3Extensions</a>() {
<a name="l01088"></a>01088 <span class="keywordflow">return</span> d->_extensions;
<a name="l01089"></a>01089 }
<a name="l01090"></a>01090
<a name="l01091"></a>01091
<a name="l01092"></a><a class="code" href="classKSSLCertificate.html#af0bb742d280dfcbb27d71e769df5b74d">01092</a> <span class="keywordtype">bool</span> <a class="code" href="classKSSLCertificate.html#af0bb742d280dfcbb27d71e769df5b74d" title="Check if this is a signer certificate.">KSSLCertificate::isSigner</a>() {
<a name="l01093"></a>01093 <span class="keywordflow">return</span> d->_extensions.certTypeCA();
<a name="l01094"></a>01094 }
<a name="l01095"></a>01095
<a name="l01096"></a>01096
<a name="l01097"></a><a class="code" href="classKSSLCertificate.html#af422f6d50964c3a792c6b40c000ef8d9">01097</a> <a class="codeRef" href="qstringlist.html">QStringList</a> <a class="code" href="classKSSLCertificate.html#af422f6d50964c3a792c6b40c000ef8d9" title="The alternate subject name.">KSSLCertificate::subjAltNames</a>()<span class="keyword"> const </span>{
<a name="l01098"></a>01098 <a class="codeRef" href="qstringlist.html">QStringList</a> rc;
<a name="l01099"></a>01099 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span>
<a name="l01100"></a>01100 <span class="preprocessor"></span> STACK_OF(GENERAL_NAME) *names;
<a name="l01101"></a>01101 names = (STACK_OF(GENERAL_NAME)*)d->kossl->X509_get_ext_d2i(d->m_cert, NID_subject_alt_name, 0, 0);
<a name="l01102"></a>01102
<a name="l01103"></a>01103 <span class="keywordflow">if</span> (!names) {
<a name="l01104"></a>01104 <span class="keywordflow">return</span> rc;
<a name="l01105"></a>01105 }
<a name="l01106"></a>01106
<a name="l01107"></a>01107 <span class="keywordtype">int</span> cnt = d->kossl->sk_GENERAL_NAME_num(names);
<a name="l01108"></a>01108
<a name="l01109"></a>01109 <span class="keywordflow">for</span> (<span class="keywordtype">int</span> i = 0; i < cnt; i++) {
<a name="l01110"></a>01110 <span class="keyword">const</span> GENERAL_NAME *val = (<span class="keyword">const</span> GENERAL_NAME *)d->kossl->sk_value(names, i);
<a name="l01111"></a>01111 <span class="keywordflow">if</span> (val->type != GEN_DNS) {
<a name="l01112"></a>01112 <span class="keywordflow">continue</span>;
<a name="l01113"></a>01113 }
<a name="l01114"></a>01114
<a name="l01115"></a>01115 <a class="codeRef" href="qstring.html">QString</a> s = (<span class="keyword">const</span> <span class="keywordtype">char</span> *)d->kossl->ASN1_STRING_data(val->d.ia5);
<a name="l01116"></a>01116 <span class="keywordflow">if</span> (!s.<a class="codeRef" href="qstring.html#isEmpty">isEmpty</a>() &&
<a name="l01117"></a>01117 <span class="comment">/* skip subjectAltNames with embedded NULs */</span>
<a name="l01118"></a>01118 s.<a class="codeRef" href="qstring.html#length">length</a>() == d->kossl->ASN1_STRING_length(val->d.ia5)) {
<a name="l01119"></a>01119 rc += s;
<a name="l01120"></a>01120 }
<a name="l01121"></a>01121 }
<a name="l01122"></a>01122 d->kossl->sk_free(names);
<a name="l01123"></a>01123 <span class="preprocessor">#endif</span>
<a name="l01124"></a>01124 <span class="preprocessor"></span> <span class="keywordflow">return</span> rc;
<a name="l01125"></a>01125 }
<a name="l01126"></a>01126
<a name="l01127"></a>01127
<a name="l01128"></a>01128 <a class="codeRef" href="qdatastream.html">QDataStream</a>& operator<<(<a class="codeRef" href="qdatastream.html">QDataStream</a>& s, <span class="keyword">const</span> <a class="code" href="classKSSLCertificate.html" title="KDE X.509 Certificate.">KSSLCertificate</a>& r) {
<a name="l01129"></a>01129 <a class="codeRef" href="qstringlist.html">QStringList</a> qsl;
<a name="l01130"></a>01130 <a class="codeRef" href="qptrlist.html">QPtrList<KSSLCertificate></a> cl = <span class="keyword">const_cast<</span><a class="code" href="classKSSLCertificate.html" title="KDE X.509 Certificate.">KSSLCertificate</a>&<span class="keyword">></span>(r).chain().getChain();
<a name="l01131"></a>01131
<a name="l01132"></a>01132 <span class="keywordflow">for</span> (<a class="code" href="classKSSLCertificate.html" title="KDE X.509 Certificate.">KSSLCertificate</a> *c = cl.<a class="codeRef" href="qptrlist.html#first">first</a>(); c != 0; c = cl.<a class="codeRef" href="qptrlist.html#next">next</a>()) {
<a name="l01133"></a>01133 qsl << c->toString();
<a name="l01134"></a>01134 }
<a name="l01135"></a>01135
<a name="l01136"></a>01136 cl.<a class="codeRef" href="qptrlist.html#setAutoDelete">setAutoDelete</a>(<span class="keyword">true</span>);
<a name="l01137"></a>01137
<a name="l01138"></a>01138 s << const_cast<KSSLCertificate&>(r).toString() << qsl;
<a name="l01139"></a>01139
<a name="l01140"></a>01140 <span class="keywordflow">return</span> s;
<a name="l01141"></a>01141 }
<a name="l01142"></a>01142
<a name="l01143"></a>01143
<a name="l01144"></a>01144 <a class="codeRef" href="qdatastream.html">QDataStream</a>& operator>>(<a class="codeRef" href="qdatastream.html">QDataStream</a>& s, <a class="code" href="classKSSLCertificate.html" title="KDE X.509 Certificate.">KSSLCertificate</a>& r) {
<a name="l01145"></a>01145 <a class="codeRef" href="qstringlist.html">QStringList</a> qsl;
<a name="l01146"></a>01146 <a class="codeRef" href="qstring.html">QString</a> cert;
<a name="l01147"></a>01147
<a name="l01148"></a>01148 s >> cert >> qsl;
<a name="l01149"></a>01149
<a name="l01150"></a>01150 <span class="keywordflow">if</span> (r.<a class="code" href="classKSSLCertificate.html#af8609d00c4b29f2faa69dd7edc2566ba" title="Re-set the certificate from a base64 string.">setCert</a>(cert) && !qsl.isEmpty())
<a name="l01151"></a>01151 r.<a class="code" href="classKSSLCertificate.html#aeceb3e8a7e680c3bc5ed802db8940343" title="Get a reference to the certificate chain.">chain</a>().<a class="code" href="classKSSLCertChain.html#ac12786408f31f477835d1b92ade3dd64" title="Set the certificate chain as a list of base64 encoded X.509 certificates.">setCertChain</a>(qsl);
<a name="l01152"></a>01152
<a name="l01153"></a>01153 <span class="keywordflow">return</span> s;
<a name="l01154"></a>01154 }
<a name="l01155"></a>01155
<a name="l01156"></a>01156
<a name="l01157"></a>01157
</pre></div></div>
</div>
</div></div>
</td>
</tr>
<tr>
<td valign="top" id="leftmenu" width="25%">
<a name="navigation"></a>
<div class="menu_box"><h2>kio/kssl</h2>
<div class="nav_list">
<ul><li><a href="index.html">Main Page</a></li><li><a href="hierarchy.html">Class Hierarchy</a></li><li><a href="classes.html">Alphabetical List</a></li><li><a href="annotated.html">Class List</a></li><li><a href="files.html">File List</a></li><li><a href="functions.html">Class Members</a></li><li><a href="pages.html">Related Pages</a></li></ul>
<!--
<h2>Class Picker</h2>
<div style="text-align: center;">
<form name="guideform">
<select name="guidelinks" style="width:100%;" onChange="window.location=document.guideform.guidelinks.options[document.guideform.guidelinks.selectedIndex].value">
<option value="annotated.html">-- Choose --</option>
<option value="classKOpenSSLProxy.html">kopensslproxy</option>, <option value="classKSSL.html">kssl</option>, <option value="classKSSLCertBox.html">ksslcertbox</option>, <option value="classKSSLCertChain.html">ksslcertchain</option>, <option value="classKSSLCertDlg.html">ksslcertdlg</option>, <option value="classKSSLCertificate.html">ksslcertificate</option>, <option value="classKSSLConnectionInfo.html">ksslconnectioninfo</option>, <option value="classKSSLInfoDlg.html">ksslinfodlg</option>, <option value="classKSSLKeyGen.html">ksslkeygen</option>, <option value="classKSSLPeerInfo.html">ksslpeerinfo</option>, <option value="classKSSLPKCS12.html">ksslpkcs12</option>, <option value="classKSSLPKCS7.html">ksslpkcs7</option>, <option value="classKSSLSession.html">ksslsession</option>, <option value="classKSSLSettings.html">ksslsettings</option>, <option value="classKSSLSigners.html">ksslsigners</option>, <option value="classKSSLX509Map.html">ksslx509map</option>, <option value="classKSSLX509V3.html">ksslx509v3</option>,
</select>
</form>
</div>
-->
</div></div>
<div class="menu_box"><h2>API Dox</h2>
<div class="nav_list">
<ul>
<li><a href="../../../arts/html/index.html">arts</a></li><li><a href="../../../dcop/html/index.html">dcop</a></li><li><a href="../../../dnssd/html/index.html">dnssd</a></li><li><a href="../../../interfaces/html/index.html">interfaces</a></li><li> <a href="../../../interfaces/kimproxy/interface/html/index.html">interface</a></li><li> <a href="../../../interfaces/kimproxy/library/html/index.html">library</a></li><li> <a href="../../../interfaces/kspeech/html/index.html">kspeech</a></li><li> <a href="../../../interfaces/ktexteditor/html/index.html">ktexteditor</a></li><li><a href="../../../kabc/html/index.html">kabc</a></li><li><a href="../../../kate/html/index.html">kate</a></li><li><a href="../../../kcmshell/html/index.html">kcmshell</a></li><li><a href="../../../kdecore/html/index.html">kdecore</a></li><li><a href="../../../kded/html/index.html">kded</a></li><li><a href="../../../kdefx/html/index.html">kdefx</a></li><li><a href="../../../kdeprint/html/index.html">kdeprint</a></li><li><a href="../../../kdesu/html/index.html">kdesu</a></li><li><a href="../../../kdeui/html/index.html">kdeui</a></li><li><a href="../../../kdoctools/html/index.html">kdoctools</a></li><li><a href="../../../khtml/html/index.html">khtml</a></li><li><a href="../../../kimgio/html/index.html">kimgio</a></li><li><a href="../../../kinit/html/index.html">kinit</a></li><li><a href="../../../kio/html/index.html">kio</a></li><li> <a href="../../../kio/bookmarks/html/index.html">bookmarks</a></li><li> <a href="../../../kio/httpfilter/html/index.html">httpfilter</a></li><li> <a href="../../../kio/kfile/html/index.html">kfile</a></li><li> <a href="../../../kio/kio/html/index.html">kio</a></li><li> <a href="../../../kio/kioexec/html/index.html">kioexec</a></li><li> <a href="../../../kio/kpasswdserver/html/index.html">kpasswdserver</a></li><li> <a href="../../../kio/kssl/html/index.html">kssl</a></li><li><a href="../../../kioslave/html/index.html">kioslave</a></li><li> <a href="../../../kioslave/http/html/index.html">http</a></li><li><a href="../../../kjs/html/index.html">kjs</a></li><li><a href="../../../kmdi/html/index.html">kmdi</a></li><li> <a href="../../../kmdi/kmdi/html/index.html">kmdi</a></li><li><a href="../../../knewstuff/html/index.html">knewstuff</a></li><li><a href="../../../kparts/html/index.html">kparts</a></li><li><a href="../../../kresources/html/index.html">kresources</a></li><li><a href="../../../kspell2/html/index.html">kspell2</a></li><li><a href="../../../kunittest/html/index.html">kunittest</a></li><li><a href="../../../kutils/html/index.html">kutils</a></li><li><a href="../../../kwallet/html/index.html">kwallet</a></li><li><a href="../../../libkmid/html/index.html">libkmid</a></li><li><a href="../../../libkscreensaver/html/index.html">libkscreensaver</a></li>
</ul></div></div>
</td>
</tr>
</table>
<span class="doNotDisplay">
<a href="http://www.kde.org/" accesskey="8">KDE Home</a> |
<a href="http://accessibility.kde.org/" accesskey="9">KDE Accessibility Home</a> |
<a href="http://www.kde.org/media/accesskeys.php" accesskey="0">Description of Access Keys</a>
</span>
<div style="height: 8px"></div>
<div id="footer">
<div id="footer_left">
Maintained by <a href="mailto:groot@kde.org">Adriaan de Groot</a>
and
<a href="mailto:winter@kde.org">Allen Winter</a>.
<br/>
KDE and K Desktop Environment are trademarks of <a href="http://www.kde.org/areas/kde-ev/" title="Homepage of the KDE non-profit Organization">KDE e.V.</a> |
<a href="http://www.kde.org/contact/impressum.php">Legal</a>
</div>
<div id="footer_right"><img src="/media/images/footer_right.png" style="margin: 0px" alt="" /></div>
</div>
<!--
WARNING: DO NOT SEND MAIL TO THE FOLLOWING EMAIL ADDRESS! YOU WILL
BE BLOCKED INSTANTLY AND PERMANENTLY!
<a href="mailto:aaaatrap-425acc3b5374943f@kde.org">Block me</a>
WARNING END
-->
</body>
</html>
