• Skip to content
  • Skip to link menu
Trinity API Reference
  • Trinity API Reference
  • kio/kssl
 

kio/kssl

  • kio
  • kssl
ksslpkcs12.cc
1 /* This file is part of the KDE project
2  *
3  * Copyright (C) 2001 George Staikos <staikos@kde.org>
4  *
5  * This library is free software; you can redistribute it and/or
6  * modify it under the terms of the GNU Library General Public
7  * License as published by the Free Software Foundation; either
8  * version 2 of the License, or (at your option) any later version.
9  *
10  * This library is distributed in the hope that it will be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13  * Library General Public License for more details.
14  *
15  * You should have received a copy of the GNU Library General Public License
16  * along with this library; see the file COPYING.LIB. If not, write to
17  * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
18  * Boston, MA 02110-1301, USA.
19  */
20 
21 
22 #ifdef HAVE_CONFIG_H
23 #include <config.h>
24 #endif
25 
26 #include <kopenssl.h>
27 
28 #include <tqstring.h>
29 #include <tqfile.h>
30 #include <ksslall.h>
31 #include <kdebug.h>
32 #include <ktempfile.h>
33 #include <kmdcodec.h>
34 
35 #include <assert.h>
36 
37 #ifdef KSSL_HAVE_SSL
38 #define sk_new kossl->sk_new
39 #define sk_push kossl->sk_push
40 #define sk_free kossl->sk_free
41 #define sk_value kossl->sk_value
42 #define sk_num kossl->sk_num
43 #define sk_dup kossl->sk_dup
44 #define sk_pop kossl->sk_pop
45 #endif
46 
47 
48 KSSLPKCS12::KSSLPKCS12() {
49  _pkcs = NULL;
50  _pkey = NULL;
51  _cert = NULL;
52  _caStack = NULL;
53  kossl = KOSSL::self();
54 }
55 
56 
57 
58 KSSLPKCS12::~KSSLPKCS12() {
59 #ifdef KSSL_HAVE_SSL
60  if (_pkey) kossl->EVP_PKEY_free(_pkey);
61  if (_caStack) {
62  for (;;) {
63  X509* x5 = sk_X509_pop(_caStack);
64  if (!x5) break;
65  kossl->X509_free(x5);
66  }
67  sk_X509_free(_caStack);
68  }
69  if (_pkcs) kossl->PKCS12_free(_pkcs);
70 #endif
71  if (_cert) delete _cert;
72 }
73 
74 
75 KSSLPKCS12* KSSLPKCS12::fromString(TQString base64, TQString password) {
76 #ifdef KSSL_HAVE_SSL
77 KTempFile ktf;
78 
79  if (base64.isEmpty()) return NULL;
80  TQByteArray qba, qbb = TQCString(base64.latin1()).copy();
81  KCodecs::base64Decode(qbb, qba);
82  ktf.file()->writeBlock(qba);
83  ktf.close();
84  KSSLPKCS12* rc = loadCertFile(ktf.name(), password);
85  ktf.unlink();
86  return rc;
87 #endif
88 return NULL;
89 }
90 
91 
92 
93 KSSLPKCS12* KSSLPKCS12::loadCertFile(TQString filename, TQString password) {
94 #ifdef KSSL_HAVE_SSL
95 TQFile qf(filename);
96 PKCS12 *newpkcs = NULL;
97 
98  if (!qf.open(IO_ReadOnly))
99  return NULL;
100 
101  FILE *fp = fdopen(qf.handle(), "r");
102  if (!fp) return NULL;
103 
104  newpkcs = KOSSL::self()->d2i_PKCS12_fp(fp, &newpkcs);
105 
106  fclose(fp);
107  if (!newpkcs) {
108  KOSSL::self()->ERR_clear_error();
109  return NULL;
110  }
111 
112  KSSLPKCS12 *c = new KSSLPKCS12;
113  c->setCert(newpkcs);
114 
115  // Now we parse it to see if we can decrypt it and interpret it
116  if (!c->parse(password)) {
117  delete c; c = NULL;
118  }
119 
120  return c;
121 #endif
122 return NULL;
123 }
124 
125 
126 void KSSLPKCS12::setCert(PKCS12 *c) {
127 #ifdef KSSL_HAVE_SSL
128  _pkcs = c;
129 #endif
130 }
131 
132 
133 bool KSSLPKCS12::changePassword(TQString pold, TQString pnew) {
134 #ifdef KSSL_HAVE_SSL
135  // OpenSSL makes me cast away the const here. argh
136  return (0 == kossl->PKCS12_newpass(_pkcs,
137  pold.isNull() ? (char *)"" : (char *)pold.latin1(),
138  pnew.isNull() ? (char *)"" : (char *)pnew.latin1()));
139 #endif
140 return false;
141 }
142 
143 
144 bool KSSLPKCS12::parse(TQString pass) {
145 #ifdef KSSL_HAVE_SSL
146 X509 *x = NULL;
147 
148  assert(_pkcs); // if you're calling this before pkcs gets set, it's a BUG!
149 
150  if (_cert) delete _cert;
151  if (_pkey) kossl->EVP_PKEY_free(_pkey);
152  if (_caStack) {
153  for (;;) {
154  X509* x5 = sk_X509_pop(_caStack);
155  if (!x5) break;
156  kossl->X509_free(x5);
157  }
158  sk_X509_free(_caStack);
159  }
160  _pkey = NULL;
161  _caStack = NULL;
162  _cert = NULL;
163 
164  int rc = kossl->PKCS12_parse(_pkcs, pass.latin1(), &_pkey, &x, &_caStack);
165 
166  if (rc == 1) {
167  // kdDebug(7029) << "PKCS12_parse success" << endl;
168  if (x) {
169  _cert = new KSSLCertificate;
170  _cert->setCert(x);
171  if (_caStack) {
172  _cert->setChain(_caStack);
173  }
174  return true;
175  }
176  } else {
177  _caStack = NULL;
178  _pkey = NULL;
179  kossl->ERR_clear_error();
180  }
181 #endif
182 return false;
183 }
184 
185 
186 EVP_PKEY *KSSLPKCS12::getPrivateKey() {
187  return _pkey;
188 }
189 
190 
191 KSSLCertificate *KSSLPKCS12::getCertificate() {
192  return _cert;
193 }
194 
195 
196 TQString KSSLPKCS12::toString() {
197 TQString base64;
198 #ifdef KSSL_HAVE_SSL
199 unsigned char *p;
200 int len;
201 
202  len = kossl->i2d_PKCS12(_pkcs, NULL);
203  if (len >= 0) {
204  char *buf = new char[len];
205  p = (unsigned char *)buf;
206  kossl->i2d_PKCS12(_pkcs, &p);
207  TQByteArray qba;
208  qba.setRawData(buf, len);
209  base64 = KCodecs::base64Encode(qba);
210  qba.resetRawData(buf, len);
211  delete[] buf;
212  }
213 #endif
214 return base64;
215 }
216 
217 
218 
219 bool KSSLPKCS12::toFile(TQString filename) {
220 #ifdef KSSL_HAVE_SSL
221 TQFile out(filename);
222 
223  if (!out.open(IO_WriteOnly)) return false;
224 
225  int fd = out.handle();
226  FILE *fp = fdopen(fd, "w");
227 
228  if (!fp) {
229  unlink(filename.latin1());
230  return false;
231  }
232 
233  kossl->i2d_PKCS12_fp(fp, _pkcs);
234 
235  fclose(fp);
236  return true;
237 #endif
238 return false;
239 }
240 
241 
242 KSSLCertificate::KSSLValidation KSSLPKCS12::validate() {
243  return validate(KSSLCertificate::SSLServer);
244 }
245 
246 
247 KSSLCertificate::KSSLValidation KSSLPKCS12::validate(KSSLCertificate::KSSLPurpose p) {
248 #ifdef KSSL_HAVE_SSL
249 KSSLCertificate::KSSLValidation xx = _cert->validate(p);
250  if (1 != kossl->X509_check_private_key(_cert->getCert(), _pkey)) {
251  xx = KSSLCertificate::PrivateKeyFailed;
252  }
253 
254 return xx;
255 #else
256 return KSSLCertificate::NoSSL;
257 #endif
258 }
259 
260 
261 KSSLCertificate::KSSLValidation KSSLPKCS12::revalidate() {
262  return revalidate(KSSLCertificate::SSLServer);
263 }
264 
265 
266 KSSLCertificate::KSSLValidation KSSLPKCS12::revalidate(KSSLCertificate::KSSLPurpose p) {
267  return _cert->revalidate(p);
268 }
269 
270 
271 bool KSSLPKCS12::isValid() {
272 return isValid(KSSLCertificate::SSLServer);
273 }
274 
275 
276 bool KSSLPKCS12::isValid(KSSLCertificate::KSSLPurpose p) {
277 return (validate(p) == KSSLCertificate::Ok);
278 }
279 
280 
281 TQString KSSLPKCS12::name() {
282  return _cert->getSubject();
283 }
284 
285 
286 #ifdef KSSL_HAVE_SSL
287 #undef sk_new
288 #undef sk_push
289 #undef sk_free
290 #undef sk_value
291 #undef sk_num
292 #undef sk_pop
293 #undef sk_dup
294 #endif
295 

kio/kssl

Skip menu "kio/kssl"
  • Main Page
  • Alphabetical List
  • Class List
  • File List
  • Class Members
  • Related Pages

kio/kssl

Skip menu "kio/kssl"
  • arts
  • dcop
  • dnssd
  • interfaces
  •     interface
  •     library
  •   kspeech
  •   ktexteditor
  • kabc
  • kate
  • kcmshell
  • kdecore
  • kded
  • kdefx
  • kdeprint
  • kdesu
  • kdeui
  • kdoctools
  • khtml
  • kimgio
  • kinit
  • kio
  •   bookmarks
  •   httpfilter
  •   kfile
  •   kio
  •   kioexec
  •   kpasswdserver
  •   kssl
  • kioslave
  •   http
  • kjs
  • kmdi
  •   kmdi
  • knewstuff
  • kparts
  • krandr
  • kresources
  • kspell2
  • kunittest
  • kutils
  • kwallet
  • libkmid
  • libkscreensaver
Generated for kio/kssl by doxygen 1.8.3.1
This website is maintained by Timothy Pearson.
KDE® and the K Desktop Environment® logo are registered trademarks of KDE e.V. |