| 1 | // Copyright (C) 2021 The Qt Company Ltd. |
|---|
| 2 | // SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only |
|---|
| 3 | |
|---|
| 4 | #ifndef QX509_OPENSSL_P_H |
|---|
| 5 | #define QX509_OPENSSL_P_H |
|---|
| 6 | |
|---|
| 7 | // |
|---|
| 8 | // W A R N I N G |
|---|
| 9 | // ------------- |
|---|
| 10 | // |
|---|
| 11 | // This file is not part of the Qt API. It exists purely as an |
|---|
| 12 | // implementation detail. This header file may change from version to |
|---|
| 13 | // version without notice, or even be removed. |
|---|
| 14 | // |
|---|
| 15 | // We mean it. |
|---|
| 16 | // |
|---|
| 17 | |
|---|
| 18 | #include <QtNetwork/private/qtnetworkglobal_p.h> |
|---|
| 19 | |
|---|
| 20 | #include "../shared/qx509_base_p.h" |
|---|
| 21 | |
|---|
| 22 | #include <QtNetwork/private/qtlsbackend_p.h> |
|---|
| 23 | |
|---|
| 24 | #include <QtCore/qvariant.h> |
|---|
| 25 | #include <QtCore/qglobal.h> |
|---|
| 26 | #include <QtCore/qstring.h> |
|---|
| 27 | |
|---|
| 28 | #include "qopenssl_p.h" |
|---|
| 29 | |
|---|
| 30 | #include <algorithm> |
|---|
| 31 | |
|---|
| 32 | QT_BEGIN_NAMESPACE |
|---|
| 33 | |
|---|
| 34 | namespace QTlsPrivate { |
|---|
| 35 | |
|---|
| 36 | class X509CertificateOpenSSL final : public X509CertificateBase |
|---|
| 37 | { |
|---|
| 38 | public: |
|---|
| 39 | X509CertificateOpenSSL(); |
|---|
| 40 | ~X509CertificateOpenSSL(); |
|---|
| 41 | |
|---|
| 42 | // TLSTODO: in future may become movable/copyable (ref-counted based |
|---|
| 43 | // OpenSSL's X509 implementation). |
|---|
| 44 | |
|---|
| 45 | bool isEqual(const X509Certificate &rhs) const override; |
|---|
| 46 | bool isSelfSigned() const override; |
|---|
| 47 | QMultiMap<QSsl::AlternativeNameEntryType, QString> subjectAlternativeNames() const override; |
|---|
| 48 | TlsKey *publicKey() const override; |
|---|
| 49 | |
|---|
| 50 | QByteArray toPem() const override; |
|---|
| 51 | QByteArray toDer() const override; |
|---|
| 52 | QString toText() const override; |
|---|
| 53 | Qt::HANDLE handle() const override; |
|---|
| 54 | |
|---|
| 55 | size_t hash(size_t seed) const noexcept override; |
|---|
| 56 | |
|---|
| 57 | static QSslCertificate certificateFromX509(X509 *x); |
|---|
| 58 | static QList<QSslCertificate> stackOfX509ToQSslCertificates(STACK_OF(X509) *x509); |
|---|
| 59 | static QSslErrorEntry errorEntryFromStoreContext(X509_STORE_CTX *ctx); |
|---|
| 60 | |
|---|
| 61 | static QList<QSslError> verify(const QList<QSslCertificate> &chain, const QString &hostName); |
|---|
| 62 | static QList<QSslError> verify(const QList<QSslCertificate> &caCertificates, |
|---|
| 63 | const QList<QSslCertificate> &certificateChain, |
|---|
| 64 | const QString &hostName); |
|---|
| 65 | |
|---|
| 66 | static QList<QSslCertificate> certificatesFromPem(const QByteArray &pem, int count); |
|---|
| 67 | static QList<QSslCertificate> certificatesFromDer(const QByteArray &der, int count); |
|---|
| 68 | static bool importPkcs12(QIODevice *device, QSslKey *key, QSslCertificate *cert, |
|---|
| 69 | QList<QSslCertificate> *caCertificates, |
|---|
| 70 | const QByteArray &passPhrase); |
|---|
| 71 | |
|---|
| 72 | static QSslError openSSLErrorToQSslError(int errorCode, const QSslCertificate &cert); |
|---|
| 73 | private: |
|---|
| 74 | void parseExtensions(); |
|---|
| 75 | static X509CertificateExtension convertExtension(X509_EXTENSION *ext); |
|---|
| 76 | |
|---|
| 77 | X509 *x509 = nullptr; |
|---|
| 78 | |
|---|
| 79 | Q_DISABLE_COPY_MOVE(X509CertificateOpenSSL) |
|---|
| 80 | }; |
|---|
| 81 | |
|---|
| 82 | extern "C" int qt_X509Callback(int ok, X509_STORE_CTX *ctx); |
|---|
| 83 | |
|---|
| 84 | } // namespace QTlsPrivate |
|---|
| 85 | |
|---|
| 86 | QT_END_NAMESPACE |
|---|
| 87 | |
|---|
| 88 | #endif // QX509_OPENSSL_P_H |
|---|
| 89 | |
|---|
