122 #include <QtCore/qatomic.h> 123 #include <QtCore/qdatetime.h> 124 #include <QtCore/qdebug.h> 125 #include <QtCore/qdir.h> 126 #include <QtCore/qdiriterator.h> 127 #include <QtCore/qfile.h> 128 #include <QtCore/qfileinfo.h> 129 #include <QtCore/qmap.h> 130 #include <QtCore/qmutex.h> 131 #include <QtCore/private/qmutexpool_p.h> 132 #include <QtCore/qstring.h> 133 #include <QtCore/qstringlist.h> 164 d->
init(data, format);
286 if (serialNumber->length > 4) {
288 hexString.
reserve(serialNumber->length * 3);
289 for (
int a = 0;
a < serialNumber->length; ++
a) {
432 if (genName->type != GEN_DNS && genName->type != GEN_EMAIL)
436 if (len < 0 || len >= 8192) {
441 const char *altNameStr =
reinterpret_cast<const char *
>(
q_ASN1_STRING_data(genName->d.ia5));
443 if (genName->type == GEN_DNS)
445 else if (genName->type == GEN_EMAIL)
503 X509_PUBKEY *xkey =
d->
x509->cert_info->key;
586 if (pos == -1 &&
QFileInfo(pathPrefix).isFile()) {
587 QFile file(pathPrefix);
602 QFile file(filePath);
619 qWarning(
"QSslCertificate::fromDevice: cannot read from a null device");
643 ? certificatesFromPem(data, 1)
644 : certificatesFromDer(data, 1);
653 #define BEGINCERTSTRING "-----BEGIN CERTIFICATE-----" 654 #define ENDCERTSTRING "-----END CERTIFICATE-----" 660 qWarning(
"QSslSocketBackendPrivate::X509_to_QByteArray: null X509");
669 char **dataP = &
data;
670 unsigned char **dataPu = (
unsigned char **)dataP;
680 for (
int i = 0; i <= array.
size() - 64; i += 64) {
684 if (
int remainder = array.
size() % 64) {
698 unsigned char *
data = 0;
716 certificate.
d->
null =
false;
727 while (*offset < pem.
size() && (ch = pem.
at(*offset)) ==
' ')
734 if (ch ==
'\r' && pem.
size() > (*offset + 1) && pem.
at(*offset + 1) ==
'\n') {
747 while (count == -1 || certificates.
size() < count) {
765 #if OPENSSL_VERSION_NUMBER >= 0x00908000L 766 const unsigned char *
data = (
const unsigned char *)decoded.
data();
768 unsigned char *data = (
unsigned char *)decoded.
data();
772 certificates << QSslCertificate_from_X509(x509);
786 #if OPENSSL_VERSION_NUMBER >= 0x00908000L 787 const unsigned char *
data = (
const unsigned char *)der.
data();
789 unsigned char *data = (
unsigned char *)der.
data();
791 int size = der.
size();
793 while (count == -1 || certificates.
size() < count) {
795 certificates << QSslCertificate_from_X509(x509);
800 size -= ((
char *)data - der.
data());
809 "04:7e:cb:e9:fc:a5:5f:7b:d0:9e:ae:36:e1:0c:ae:1e",
"mail.google.com",
810 "f5:c8:6a:f3:61:62:f1:3a:64:f5:4f:6d:c9:58:7c:06",
"www.google.com",
811 "d7:55:8f:da:f5:f1:10:5b:b2:13:28:2b:70:77:29:a3",
"login.yahoo.com",
812 "39:2a:43:4f:0e:07:df:1f:8a:a3:05:de:34:e0:c2:29",
"login.yahoo.com",
813 "3e:75:ce:d4:6b:69:30:21:21:88:30:ae:86:a8:2a:71",
"login.yahoo.com",
814 "e9:02:8b:95:78:e4:15:dc:1a:71:0a:2b:88:15:44:47",
"login.skype.com",
815 "92:39:d5:34:8f:40:d1:69:5a:74:54:70:e1:f2:3f:43",
"addons.mozilla.org",
816 "b0:b7:13:3e:d0:96:f9:b5:6f:ae:91:c8:74:bd:3a:c0",
"login.live.com",
817 "d8:f3:5f:4e:b7:87:2b:2d:ab:06:92:e3:15:38:2f:b0",
"global trustee",
819 "05:e2:e6:a4:cd:09:ea:54:d6:65:b0:75:fe:22:a2:56",
"*.google.com",
820 "0c:76:da:9c:91:0c:4e:2c:9e:fe:15:d0:58:93:3c:4c",
"DigiNotar Root CA",
821 "f1:4a:13:f4:87:2b:56:dc:39:df:84:ca:7a:a1:06:49",
"DigiNotar Services CA",
822 "36:16:71:55:43:42:1b:9d:e6:cb:a3:64:41:df:24:38",
"DigiNotar Services 1024 CA",
823 "0a:82:bd:1e:14:4e:88:14:d7:5b:1a:55:27:be:bf:3e",
"DigiNotar Root CA G2",
824 "a4:b6:ce:e3:2e:d3:35:46:26:3c:b3:55:3a:a8:92:21",
"CertiID Enterprise Certificate Authority",
825 "5b:d5:60:9c:64:17:68:cf:21:0e:35:fd:fb:05:ad:41",
"DigiNotar Qualified CA",
827 "1184640176",
"DigiNotar Services 1024 CA",
828 "120000525",
"DigiNotar Cyber CA",
829 "120000505",
"DigiNotar Cyber CA",
830 "120000515",
"DigiNotar Cyber CA",
831 "20015536",
"DigiNotar PKIoverheid CA Overheid en Bedrijven",
832 "20001983",
"DigiNotar PKIoverheid CA Organisatie - G2",
833 "d6:d0:29:77:f1:49:fd:1a:83:f2:b9:ea:94:8c:5c:b4",
"DigiNotar Extended Validation CA",
834 "1e:7d:7a:53:3d:45:30:41:96:40:0f:71:48:1f:45:04",
"DigiNotar Public CA 2025",
838 "1184640175",
"DigiNotar Root CA",
839 "1184644297",
"DigiNotar Root CA",
841 "120001705",
"Digisign Server ID (Enrich)",
842 "1276011370",
"Digisign Server ID - (Enrich)",
843 "72:03:21:05:c5:0c:08:57:3d:8e:a5:30:4e:fe:e8:b0",
"UTN-USERFirst-Hardware",
844 "41",
"MD5 Collisions Inc. (http://www.phreedom.org/md5)",
846 "2087",
"*.EGO.GOV.TR",
847 "2148",
"e-islem.kktcmerkezbankasi.org",
849 "204199",
"AC DG Tr\xC3\xA9sor SSL",
865 #ifndef QT_NO_DEBUG_STREAM 868 debug <<
"QSslCertificate(" 875 #ifndef QT_NO_TEXTSTREAM The QMultiMap class is a convenience QMap subclass that provides multi-valued maps.
The QDebug class provides an output stream for debugging information.
void chop(int n)
Removes n bytes from the end of the byte array.
long q_ASN1_INTEGER_get(ASN1_INTEGER *a)
The QSslKey class provides an interface for private and public keys.
const char * q_OBJ_nid2sn(int a)
QExplicitlySharedDataPointer< QSslKeyPrivate > d
EVP_PKEY * q_X509_PUBKEY_get(X509_PUBKEY *a)
X509 * q_X509_dup(X509 *a)
QDebug operator<<(QDebug debug, const QSslCertificate &certificate)
static QList< QSslCertificate > fromDevice(QIODevice *device, QSsl::EncodingFormat format=QSsl::Pem)
Searches for and parses all certificates in device that are encoded in the specified format and retur...
static mach_timebase_info_data_t info
static QList< QSslCertificate > certificatesFromDer(const QByteArray &der, int count=-1)
#define QT_END_NAMESPACE
This macro expands to.
QByteArray serialNumber() const
Returns the certificate's serial number string in decimal format.
bool hasNext() const
Returns true if there is at least one more entry in the directory; otherwise, false is returned...
char * data()
Returns a pointer to the data stored in the byte array.
The QRegExp class provides pattern matching using regular expressions.
#define it(className, varName)
bool open(OpenMode flags)
Opens the file using OpenMode mode, returning true if successful; otherwise false.
QMap< Key, T >::iterator insert(const Key &key, const T &value)
Inserts a new item with the key key and a value of value.
QByteArray rightJustified(int width, char fill=' ', bool truncate=false) const
Returns a byte array of size width that contains the fill character followed by this byte array...
The QByteArray class provides an array of bytes.
QMap< QString, QString > subjectInfo
~QSslCertificate()
Destroys the QSslCertificate.
#define q_X509_get_notBefore(x)
bool operator==(const QSslCertificate &other) const
Returns true if this certificate is the same as other; otherwise returns false.
bool startsWith(const QString &s, Qt::CaseSensitivity cs=Qt::CaseSensitive) const
Returns true if the string starts with s; otherwise returns false.
QLatin1String(DBUS_INTERFACE_DBUS))) Q_GLOBAL_STATIC_WITH_ARGS(QString
long ASN1_INTEGER_get ASN1_INTEGER * a
static bool isBlacklisted(const QSslCertificate &certificate)
The QDirIterator class provides an iterator for directory entrylists.
The QString class provides a Unicode character string.
#define q_sk_GENERAL_NAME_num(st)
QSsl::KeyAlgorithm algorithm
static bool supportsSsl()
Returns true if this platform supports SSL; otherwise, returns false.
bool isEmpty() const
Returns true if the list contains no items; otherwise returns false.
void init(const QByteArray &data, QSsl::EncodingFormat format)
bool isNull() const
Returns true if this is a null certificate (i.e., a certificate with no contents); otherwise returns ...
QSslCertificate(QIODevice *device, QSsl::EncodingFormat format=QSsl::Pem)
Constructs a QSslCertificate by reading format encoded data from device and using the first certifica...
T * data() const
Returns a pointer to the shared data object.
#define QT_BEGIN_NAMESPACE
This macro expands to.
static QMap< QString, QString > _q_mapFromX509Name(X509_NAME *name)
QByteArray toPem() const
Returns this certificate converted to a PEM (Base64) encoded representation.
bool isValid() const
Returns true if this certificate is valid; otherwise returns false.
QString left(int n) const Q_REQUIRED_RESULT
Returns a substring that contains the n leftmost characters of the string.
QString trimmed() const Q_REQUIRED_RESULT
Returns a string that has whitespace removed from the start and the end.
bool isEmpty() const
Returns true if the string has no characters; otherwise returns false.
Qt::HANDLE handle() const
Returns a pointer to the native certificate handle, if there is one, or a null pointer otherwise...
static bool matchLineFeed(const QByteArray &pem, int *offset)
const T value(const Key &key) const
Returns the value associated with the key key.
static QByteArray fromRawData(const char *, int size)
Constructs a QByteArray that uses the first size bytes of the data array.
static QString fromUtf8(const char *, int size=-1)
Returns a QString initialized with the first size bytes of the UTF-8 string str.
Q_CORE_EXPORT void qWarning(const char *,...)
unsigned char * q_ASN1_STRING_data(ASN1_STRING *a)
static QSslCertificate QSslCertificate_from_X509(X509 *x509)
static const char * certificate_blacklist[]
static const char * data(const QByteArray &arr)
int indexOf(QChar c, int from=0, Qt::CaseSensitivity cs=Qt::CaseSensitive) const
QString subjectInfo(SubjectInfo info) const
Returns the information for the subject, or an empty string if there is no information for subject in...
QString issuerInfo(SubjectInfo info) const
Returns the issuer information for the subject from the certificate, or an empty string if there is n...
QExplicitlySharedDataPointer< QSslCertificatePrivate > d
X509_NAME * q_X509_get_issuer_name(X509 *a)
void q_sk_pop_free(STACK *a, void(*b)(void *))
void q_X509_free(X509 *a)
SubjectInfo
Describes keys that you can pass to QSslCertificate::issuerInfo() or QSslCertificate::subjectInfo() t...
int indexOf(char c, int from=0) const
Returns the index position of the first occurrence of the character ch in the byte array...
int q_EVP_PKEY_type(int a)
DSA * q_EVP_PKEY_get1_DSA(EVP_PKEY *a)
QDateTime effectiveDate() const
Returns the date-time that the certificate becomes valid, or an empty QDateTime if this is a null cer...
T & first()
Returns a reference to the first item in the list.
QDateTime q_getTimeFromASN1(const ASN1_TIME *aTime)
ASN1_OBJECT * q_X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *a)
static QList< QSslCertificate > certificatesFromPem(const QByteArray &pem, int count=-1)
QString mid(int position, int n=-1) const Q_REQUIRED_RESULT
Returns a string that contains n characters of this string, starting at the specified position index...
static QByteArray fromBase64(const QByteArray &base64)
Returns a decoded copy of the Base64 array base64.
void * q_X509_get_ext_d2i(X509 *a, int b, int *c, int *d)
int q_OBJ_obj2nid(const ASN1_OBJECT *a)
int q_X509_NAME_entry_count(X509_NAME *a)
The QMutexLocker class is a convenience class that simplifies locking and unlocking mutexes...
int q_i2d_X509(X509 *a, unsigned char **b)
QMultiMap< QSsl::AlternateNameEntryType, QString > alternateSubjectNames() const
Returns the list of alternative subject names for this certificate.
PatternSyntax
The syntax used to interpret the meaning of the pattern.
QString next()
Advances the iterator to the next entry, and returns the file path of this new entry.
QSslKey publicKey() const
Returns the certificate subject's public key.
The QDateTime class provides date and time functions.
The QFile class provides an interface for reading from and writing to files.
EncodingFormat
Describes supported encoding formats for certificates and keys.
RSA * q_EVP_PKEY_get1_RSA(EVP_PKEY *a)
int lastIndexOf(QChar c, int from=-1, Qt::CaseSensitivity cs=Qt::CaseSensitive) const
static QString fromLatin1(const char *, int size=-1)
Returns a QString initialized with the first size characters of the Latin-1 string str...
X509_NAME * q_X509_get_subject_name(X509 *a)
QSslCertificate & operator=(const QSslCertificate &other)
Copies the contents of other into this certificate, making the two certificates identical.
QByteArray version() const
Returns the certificate's version string.
QDateTime expiryDate() const
Returns the date-time that the certificate expires, or an empty QDateTime if this is a null certifica...
void resize(int size)
Sets the size of the byte array to size bytes.
int size() const
Returns the number of items in the list.
bool isEmpty() const
Returns true if the map contains no items; otherwise returns false.
static QReadWriteLock lock
QByteArray digest(QCryptographicHash::Algorithm algorithm=QCryptographicHash::Md5) const
Returns a cryptographic digest of this certificate.
static QDateTime currentDateTime()
Returns the current datetime, as reported by the system clock, in the local time zone.
QByteArray toBase64() const
Returns a copy of the byte array, encoded as Base64.
QByteArray readAll()
Reads all available data from the device, and returns it as a QByteArray.
static QList< QSslCertificate > fromPath(const QString &path, QSsl::EncodingFormat format=QSsl::Pem, QRegExp::PatternSyntax syntax=QRegExp::FixedString)
Searches all files in the path for certificates encoded in the specified format and returns them in a...
int size() const
Returns the number of bytes in this byte array.
friend class QSslCertificatePrivate
int q_ASN1_STRING_to_UTF8(unsigned char **a, ASN1_STRING *b)
bool exactMatch(const QString &str) const
Returns true if str is matched exactly by this regular expression; otherwise returns false...
static void ensureInitialized()
Declared static in QSslSocketPrivate, makes sure the SSL libraries have been initialized.
ASN1_STRING * q_X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *a)
The QSslCertificate class provides a convenient API for an X509 certificate.
bool isEmpty() const
Returns true if the byte array has size 0; otherwise returns false.
void q_EVP_PKEY_free(EVP_PKEY *a)
#define q_sk_GENERAL_NAME_value(st, i)
void clear()
Clears the contents of this certificate, making it a null certificate.
QMap< QString, QString > issuerInfo
QByteArray toDer() const
Returns this certificate converted to a DER (binary) encoded representation.
char at(int i) const
Returns the character at index position i in the byte array.
static QByteArray QByteArray_from_X509(X509 *x509, QSsl::EncodingFormat format)
void q_CRYPTO_free(void *a)
The QFileInfo class provides system-independent file information.
void reserve(int size)
Attempts to allocate memory for at least size bytes.
X509_NAME_ENTRY * q_X509_NAME_get_entry(X509_NAME *a, int b)
The QIODevice class is the base interface class of all I/O devices in Qt.
STACK_OF(SSL_CIPHER) *SSL_get_ciphers SSL *a
int q_ASN1_STRING_length(ASN1_STRING *a)
static QByteArray number(int, int base=10)
Returns a byte array containing the string equivalent of the number n to base base (10 by default)...
static QMutex * globalInstanceGet(const void *address)
Returns a QMutex from the global mutex pool.
static QList< QSslCertificate > fromData(const QByteArray &data, QSsl::EncodingFormat format=QSsl::Pem)
Searches for and parses all certificates in data that are encoded in the specified format and returns...
The QLatin1Char class provides an 8-bit ASCII/Latin-1 character.
static QByteArray hash(const QByteArray &data, Algorithm method)
Returns the hash of data using method.
#define q_X509_get_notAfter(x)
QByteArray serialNumberString
X509 * q_d2i_X509(X509 **a, unsigned char **b, long c)
int q_X509_cmp(X509 *a, X509 *b)
static QString _q_SubjectInfoToString(QSslCertificate::SubjectInfo info)