Qt 4.8: /src/network/ssl/qsslkey.cpp Source File

Go to the documentation of this file.
 /****************************************************************************
 **
 ** Copyright (C) 2014 Digia Plc and/or its subsidiary(-ies).
 ** Contact: http://www.qt-project.org/legal
 **
 ** This file is part of the QtNetwork module of the Qt Toolkit.
 **
 ** $QT_BEGIN_LICENSE:LGPL$
 ** Commercial License Usage
 ** Licensees holding valid commercial Qt licenses may use this file in
 ** accordance with the commercial license agreement provided with the
 ** Software or, alternatively, in accordance with the terms contained in
 ** a written agreement between you and Digia.  For licensing terms and
 ** conditions see http://qt.digia.com/licensing.  For further information
 ** use the contact form at http://qt.digia.com/contact-us.
 **
 ** GNU Lesser General Public License Usage
 ** Alternatively, this file may be used under the terms of the GNU Lesser
 ** General Public License version 2.1 as published by the Free Software
 ** Foundation and appearing in the file LICENSE.LGPL included in the
 ** packaging of this file.  Please review the following information to
 ** ensure the GNU Lesser General Public License version 2.1 requirements
 ** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
 **
 ** In addition, as a special exception, Digia gives you certain additional
 ** rights.  These rights are described in the Digia Qt LGPL Exception
 ** version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
 **
 ** GNU General Public License Usage
 ** Alternatively, this file may be used under the terms of the GNU
 ** General Public License version 3.0 as published by the Free Software
 ** Foundation and appearing in the file LICENSE.GPL included in the
 ** packaging of this file.  Please review the following information to
 ** ensure the GNU General Public License version 3.0 requirements will be
 ** met: http://www.gnu.org/copyleft/gpl.html.
 **
 **
 ** $QT_END_LICENSE$
 **
 ****************************************************************************/
 
 
 #include "qsslsocket_openssl_symbols_p.h"
 #include "qsslkey.h"
 #include "qsslkey_p.h"
 #include "qsslsocket.h"
 #include "qsslsocket_p.h"
 
 #include <QtCore/qatomic.h>
 #include <QtCore/qbytearray.h>
 #include <QtCore/qiodevice.h>
 #ifndef QT_NO_DEBUG_STREAM
 #include <QtCore/qdebug.h>
 
 QT_BEGIN_NAMESPACE
 #endif
 
 
 void QSslKeyPrivate::clear(bool deep)
 {
     isNull = true;
     if (!QSslSocket::supportsSsl())
         return;
     if (rsa) {
         if (deep)
             q_RSA_free(rsa);
         rsa = 0;
     }
     if (dsa) {
         if (deep)
             q_DSA_free(dsa);
         dsa = 0;
     }
 }
 
 void QSslKeyPrivate::decodePem(const QByteArray &pem, const QByteArray &passPhrase,
                                bool deepClear)
 {
     if (pem.isEmpty())
         return;
 
     clear(deepClear);
 
     if (!QSslSocket::supportsSsl())
         return;
 
     BIO *bio = q_BIO_new_mem_buf(const_cast<char *>(pem.data()), pem.size());
     if (!bio)
         return;
 
     void *phrase = (void *)passPhrase.constData();
 
     if (algorithm == QSsl::Rsa) {
         RSA *result = (type == QSsl::PublicKey)
             ? q_PEM_read_bio_RSA_PUBKEY(bio, &rsa, 0, phrase)
             : q_PEM_read_bio_RSAPrivateKey(bio, &rsa, 0, phrase);
         if (rsa && rsa == result)
             isNull = false;
     } else {
         DSA *result = (type == QSsl::PublicKey)
             ? q_PEM_read_bio_DSA_PUBKEY(bio, &dsa, 0, phrase)
             : q_PEM_read_bio_DSAPrivateKey(bio, &dsa, 0, phrase);
         if (dsa && dsa == result)
             isNull = false;
     }
 
     q_BIO_free(bio);
 }
 
 QSslKey::QSslKey()
     : d(new QSslKeyPrivate)
 {
 }
 
 QByteArray QSslKeyPrivate::pemHeader() const
 {
     // ### use QByteArray::fromRawData() instead
     if (type == QSsl::PublicKey)
         return QByteArray("-----BEGIN PUBLIC KEY-----\n");
     else if (algorithm == QSsl::Rsa)
         return QByteArray("-----BEGIN RSA PRIVATE KEY-----\n");
     return QByteArray("-----BEGIN DSA PRIVATE KEY-----\n");
 }
 
 QByteArray QSslKeyPrivate::pemFooter() const
 {
     // ### use QByteArray::fromRawData() instead
     if (type == QSsl::PublicKey)
         return QByteArray("-----END PUBLIC KEY-----\n");
     else if (algorithm == QSsl::Rsa)
         return QByteArray("-----END RSA PRIVATE KEY-----\n");
     return QByteArray("-----END DSA PRIVATE KEY-----\n");
 }
 
 QByteArray QSslKeyPrivate::pemFromDer(const QByteArray &der) const
 {
     QByteArray pem(der.toBase64());
 
     const int lineWidth = 64; // RFC 1421
     const int newLines = pem.size() / lineWidth;
     const bool rem = pem.size() % lineWidth;
 
     // ### optimize
     for (int i = 0; i < newLines; ++i)
         pem.insert((i + 1) * lineWidth + i, '\n');
     if (rem)
         pem.append('\n'); // ###
 
     pem.prepend(pemHeader());
     pem.append(pemFooter());
 
     return pem;
 }
 
 QByteArray QSslKeyPrivate::derFromPem(const QByteArray &pem) const
 {
     const QByteArray header = pemHeader();
     const QByteArray footer = pemFooter();
 
     QByteArray der(pem);
 
     const int headerIndex = der.indexOf(header);
     const int footerIndex = der.indexOf(footer);
     if (headerIndex == -1 || footerIndex == -1)
         return QByteArray();
 
     der = der.mid(headerIndex + header.size(), footerIndex - (headerIndex + header.size()));
 
     return QByteArray::fromBase64(der); // ignores newlines
 }
 
 QSslKey::QSslKey(const QByteArray &encoded, QSsl::KeyAlgorithm algorithm,
                  QSsl::EncodingFormat encoding, QSsl::KeyType type, const QByteArray &passPhrase)
     : d(new QSslKeyPrivate)
 {
     d->type = type;
     d->algorithm = algorithm;
     d->decodePem((encoding == QSsl::Der)
                  ? d->pemFromDer(encoded) : encoded,
                  passPhrase);
 }
 
 QSslKey::QSslKey(QIODevice *device, QSsl::KeyAlgorithm algorithm, QSsl::EncodingFormat encoding,
          QSsl::KeyType type, const QByteArray &passPhrase)
     : d(new QSslKeyPrivate)
 {
     QByteArray encoded;
     if (device)
         encoded = device->readAll();
     d->type = type;
     d->algorithm = algorithm;
     d->decodePem((encoding == QSsl::Der) ?
                  d->pemFromDer(encoded) : encoded,
                  passPhrase);
 }
 
 QSslKey::QSslKey(const QSslKey &other) : d(other.d)
 {
 }
 
 QSslKey::~QSslKey()
 {
 }
 
 QSslKey &QSslKey::operator=(const QSslKey &other)
 {
     d = other.d;
     return *this;
 }
 
 bool QSslKey::isNull() const
 {
     return d->isNull;
 }
 
 void QSslKey::clear()
 {
     d = new QSslKeyPrivate;
 }
 
 int QSslKey::length() const
 {
     if (d->isNull)
         return -1;
     return (d->algorithm == QSsl::Rsa)
            ? q_BN_num_bits(d->rsa->n) : q_BN_num_bits(d->dsa->p);
 }
 
 QSsl::KeyType QSslKey::type() const
 {
     return d->type;
 }
 
 QSsl::KeyAlgorithm QSslKey::algorithm() const
 {
     return d->algorithm;
 }
 
 // ### autotest failure for non-empty passPhrase and private key
 QByteArray QSslKey::toDer(const QByteArray &passPhrase) const
 {
     if (d->isNull)
         return QByteArray();
     return d->derFromPem(toPem(passPhrase));
 }
 
 QByteArray QSslKey::toPem(const QByteArray &passPhrase) const
 {
     if (!QSslSocket::supportsSsl() || d->isNull)
         return QByteArray();
 
     BIO *bio = q_BIO_new(q_BIO_s_mem());
     if (!bio)
         return QByteArray();
 
     bool fail = false;
 
     if (d->algorithm == QSsl::Rsa) {
         if (d->type == QSsl::PublicKey) {
             if (!q_PEM_write_bio_RSA_PUBKEY(bio, d->rsa))
                 fail = true;
         } else {
             if (!q_PEM_write_bio_RSAPrivateKey(
                     bio, d->rsa,
                     // ### the cipher should be selectable in the API:
                     passPhrase.isEmpty() ? (const EVP_CIPHER *)0 : q_EVP_des_ede3_cbc(),
                     (uchar *)passPhrase.data(), passPhrase.size(), 0, 0)) {
                 fail = true;
             }
         }
     } else {
         if (d->type == QSsl::PublicKey) {
             if (!q_PEM_write_bio_DSA_PUBKEY(bio, d->dsa))
                 fail = true;
         } else {
             if (!q_PEM_write_bio_DSAPrivateKey(
                     bio, d->dsa,
                     // ### the cipher should be selectable in the API:
                     passPhrase.isEmpty() ? (const EVP_CIPHER *)0 : q_EVP_des_ede3_cbc(),
                     (uchar *)passPhrase.data(), passPhrase.size(), 0, 0)) {
                 fail = true;
             }
         }
     }
 
     QByteArray pem;
     if (!fail) {
         char *data;
         long size = q_BIO_get_mem_data(bio, &data);
         pem = QByteArray(data, size);
     }
     q_BIO_free(bio);
     return pem;
 }
 
 Qt::HANDLE QSslKey::handle() const
 {
     return (d->algorithm == QSsl::Rsa) ? Qt::HANDLE(d->rsa) : Qt::HANDLE(d->dsa);
 }
 
 bool QSslKey::operator==(const QSslKey &other) const
 {
     if (isNull())
         return other.isNull();
     if (other.isNull())
         return isNull();
     if (algorithm() != other.algorithm())
         return false;
     if (type() != other.type())
         return false;
     if (length() != other.length())
         return false;
     return toDer() == other.toDer();
 }
 
 #ifndef QT_NO_DEBUG_STREAM
 class QDebug;
 QDebug operator<<(QDebug debug, const QSslKey &key)
 {
     debug << "QSslKey("
           << (key.type() == QSsl::PublicKey ? "PublicKey" : "PrivateKey")
           << ", " << (key.algorithm() == QSsl::Rsa ? "RSA" : "DSA")
           << ", " << key.length()
           << ')';
     return debug;
 }
 #endif
 
 QT_END_NAMESPACE