ksslcertificate.cc

来自「将konqueror浏览器移植到ARM9 2410中」· CC 代码 · 共 643 行 · 第 1/2 页
643 行
case X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:case X509_V_ERR_CERT_SIGNATURE_FAILURE:case X509_V_ERR_CRL_SIGNATURE_FAILURE:case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE:case X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE:  rc = KSSLCertificate::SignatureFailed;break;case X509_V_ERR_INVALID_CA:case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:case X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY:case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY:  rc = KSSLCertificate::InvalidCA;break;case X509_V_ERR_INVALID_PURPOSE:  rc = KSSLCertificate::InvalidPurpose;break;case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:  rc = KSSLCertificate::SelfSigned;break;case X509_V_ERR_CERT_REVOKED:  rc = KSSLCertificate::Revoked;break;case X509_V_ERR_PATH_LENGTH_EXCEEDED:  rc = KSSLCertificate::PathLengthExceeded;break;case X509_V_ERR_CERT_NOT_YET_VALID:case X509_V_ERR_CERT_HAS_EXPIRED:case X509_V_ERR_CRL_NOT_YET_VALID:case X509_V_ERR_CRL_HAS_EXPIRED:case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:case X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD:case X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD: rc = KSSLCertificate::Expired; kdDebug(7029) << "KSSL apparently this is expired.  Not after: "           << getNotAfter() << endl;break;case 1:case X509_V_ERR_APPLICATION_VERIFICATION:case X509_V_ERR_OUT_OF_MEM:case X509_V_ERR_UNABLE_TO_GET_CRL:case X509_V_ERR_CERT_CHAIN_TOO_LONG:default:  rc = KSSLCertificate::Unknown;break;}d->m_stateCache = rc;d->m_stateCached = true;#endifreturn rc;}QString KSSLCertificate::getNotBefore() const {#ifdef HAVE_SSLreturn ASN1_UTCTIME_QString(X509_get_notBefore(d->m_cert));#elsereturn QString::null;#endif}QString KSSLCertificate::getNotAfter() const {#ifdef HAVE_SSLreturn ASN1_UTCTIME_QString(X509_get_notAfter(d->m_cert));#elsereturn QString::null;#endif}QDateTime KSSLCertificate::getQDTNotBefore() const {#ifdef HAVE_SSLreturn ASN1_UTCTIME_QDateTime(X509_get_notBefore(d->m_cert), NULL);#elsereturn QDateTime::currentDateTime();#endif}QDateTime KSSLCertificate::getQDTNotAfter() const {#ifdef HAVE_SSLreturn ASN1_UTCTIME_QDateTime(X509_get_notAfter(d->m_cert), NULL);#elsereturn QDateTime::currentDateTime();#endif}int operator==(KSSLCertificate &x, KSSLCertificate &y) {#ifndef HAVE_SSL  return 1;#else  if (!KOSSL::self()->X509_cmp(x.getCert(), y.getCert())) return 1;  return 0;#endif}KSSLCertificate::KSSLCertificate(const KSSLCertificate& x) {  d = new KSSLCertificatePrivate;  d->m_stateCached = false;  KGlobal::dirs()->addResourceType("kssl", "share/apps/kssl");#ifdef HAVE_SSL  d->m_cert = NULL;  setCert(KOSSL::self()->X509_dup(const_cast<KSSLCertificate&>(x).getCert()));  KSSLCertChain *c = x.d->_chain.replicate();  setChain(c->rawChain());  delete c;#endif}KSSLCertificate *KSSLCertificate::replicate() {  // The new certificate doesn't have the cached value.  It's probably  // better this way.  We can't anticipate every reason for doing this.  KSSLCertificate *newOne = new KSSLCertificate();  #ifdef HAVE_SSL  newOne->setCert(d->kossl->X509_dup(getCert()));  KSSLCertChain *c = d->_chain.replicate();  newOne->setChain(c->rawChain());  delete c;  #endif  return newOne;}QString KSSLCertificate::toString() {return KCodecs::base64Encode(toDer());}QString KSSLCertificate::verifyText(KSSLValidation x) {  switch (x) {  case KSSLCertificate::Ok:     return i18n("The certificate is valid.");  case KSSLCertificate::PathLengthExceeded:  case KSSLCertificate::ErrorReadingRoot:  case KSSLCertificate::NoCARoot:     return i18n("Certificate signing authority root files could not be found so the certificate is not verified.");  case KSSLCertificate::InvalidCA:     return i18n("Certificate signing authority is unknown or invalid.");  case KSSLCertificate::SelfSigned:     return i18n("Certificate is self-signed and thus may not be trustworthy.");  case KSSLCertificate::Expired:     return i18n("Certificate has expired.");  case KSSLCertificate::Revoked:     return i18n("Certificate has been revoked.");  case KSSLCertificate::NoSSL:     return i18n("SSL support was not found.");  case KSSLCertificate::Untrusted:  case KSSLCertificate::SignatureFailed:  case KSSLCertificate::Rejected:  case KSSLCertificate::InvalidPurpose:  break;  }return i18n("The certificate is invalid.");}QByteArray KSSLCertificate::toDer() {QByteArray qba;#ifdef HAVE_SSL      unsigned int certlen = d->kossl->i2d_X509(getCert(), NULL);      // These should technically be unsigned char * but it doesn't matter      // for our purposes      char *cert = new char[certlen];      char *p = cert;      // FIXME: return code!      d->kossl->i2d_X509(getCert(), (unsigned char **)&p);       // encode it into a QString      qba.duplicate(cert, certlen);      delete[] cert;#endifreturn qba;}QByteArray KSSLCertificate::toPem() {QByteArray qba;QString thecert = toString();const char *header = "-----BEGIN CERTIFICATE-----\n";const char *footer = "-----END CERTIFICATE-----\n";   // We just do base64 on the ASN1   //  64 character lines  (unpadded)   unsigned int xx = thecert.length()-1;   for (unsigned int i = 0; i < xx/64; i++) {      thecert.insert(64*(i+1)+i, '\n');   }   thecert.prepend(header);   if (thecert[thecert.length()-1] != '\n')      thecert += "\n";   thecert.append(footer);   qba.duplicate(thecert.local8Bit(), thecert.length());return qba;}#define NETSCAPE_CERT_HDR     "certificate"// what a piece of crap this isQByteArray KSSLCertificate::toNetscape() {QByteArray qba;#ifdef HAVE_SSL      ASN1_HEADER ah;      ASN1_OCTET_STRING os;      KTempFile ktf;       os.data=(unsigned char *)NETSCAPE_CERT_HDR;      os.length=strlen(NETSCAPE_CERT_HDR);      ah.header= &os;      ah.data=(char *)getCert();      ah.meth=d->kossl->X509_asn1_meth();       d->kossl->ASN1_i2d_fp(ktf.fstream(),(unsigned char *)&ah);      ktf.close();      QFile qf(ktf.name());      qf.open(IO_ReadOnly);      char *buf = new char[qf.size()];      qf.readBlock(buf, qf.size());      qba.duplicate(buf, qf.size());      qf.close();      delete[] buf;      ktf.unlink();#endifreturn qba;}QString KSSLCertificate::toText() {QString text;#ifdef HAVE_SSLKTempFile ktf;   d->kossl->X509_print(ktf.fstream(), getCert());   ktf.close();   QFile qf(ktf.name());   qf.open(IO_ReadOnly);   char *buf = new char[qf.size()+1];   qf.readBlock(buf, qf.size());   buf[qf.size()] = 0;   text = buf;   delete[] buf;   qf.close();   ktf.unlink();#endifreturn text;}bool KSSLCertificate::setCert(QString& cert) {#ifdef HAVE_SSL    QByteArray qba, qbb = cert.local8Bit().copy();    KCodecs::base64Decode(qbb, qba);    unsigned char *qbap = reinterpret_cast<unsigned char *>(qba.data());    X509 *x5c = KOSSL::self()->d2i_X509(NULL, &qbap, qba.size());    if (x5c) {       setCert(x5c);       return true;    }#endifreturn false;}QDataStream& operator<<(QDataStream& s, const KSSLCertificate& r) {QStringList qsl;QList<KSSLCertificate> cl = const_cast<KSSLCertificate&>(r).chain().getChain();      for (KSSLCertificate *c = cl.first(); c != 0; c = cl.next()) {         //kdDebug() << "Certificate in chain: " <<  c->toString() << endl;         qsl << c->toString();      }      cl.setAutoDelete(true);s << const_cast<KSSLCertificate&>(r).toString() << qsl;return s;}QDataStream& operator>>(QDataStream& s, KSSLCertificate& r) {QStringList qsl;QString cert;s >> cert >> qsl;       if (r.setCert(cert) && !qsl.isEmpty())          r.chain().setChain(qsl);return s;}
ksslcertificate.cc - 源码说明

本页面展示了「将konqueror浏览器移植到ARM9 2410中」中的 ksslcertificate.cc 源码文件，采用 CC 编程语言编写，共 643 行代码。您可以在线阅读完整代码内容，也可以返回资源详情页下载完整源码包进行本地学习和开发。
虫虫下载站收录了大量与konqueror相关的技术资源，包括源代码、技术文档、电路图等，是电子工程师和嵌入式开发者的专业学习平台。
⌨️ 快捷键说明

复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?