<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" lang="en_US" xml:lang="en_US"> <head> <title>kio/kssl: ksslcertificate.cc Source File (kio/kssl)</title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <meta http-equiv="Content-Style-Type" content="text/css" /> <meta http-equiv="pics-label" content='(pics-1.1 "http://www.icra.org/ratingsv02.html" comment "ICRAonline DE v2.0" l gen true for "http://www.kde.org" r (nz 1 vz 1 lz 1 oz 1 cb 1) "http://www.rsac.org/ratingsv01.html" l gen true for "http://www.kde.org" r (n 0 s 0 v 0 l 0))' /> <meta name="trademark" content="KDE e.V." /> <meta name="description" content="K Desktop Environment Homepage, KDE.org" /> <meta name="MSSmartTagsPreventParsing" content="true" /> <meta name="robots" content="all" /> <link rel="shortcut icon" href="../../../favicon.ico" /> <link rel="stylesheet" media="screen" type="text/css" title="APIDOX" href="doxygen.css" /> </head> <body> <div id="nav_header_top" align="right"> <a href="#content" class="doNotDisplay" accesskey="2">Skip to main content ::</a> <a href="../../.."><img id="nav_header_logo" alt="Home" align="left" src="../../../kde_gear_64.png" border="0" /></a> <span class="doNotDisplay">::</span> <div id="nav_header_title" align="left">KDE API Reference</div> </div> <div id="nav_header_bottom" align="right"> <span class="doNotDisplay">:: <a href="#navigation" accesskey="5">Skip to Link Menu</a><br/></span> <div id="nav_header_bottom_right" style="text-align: left;"> / <a href="../../..">API Reference</a> / <a href="../../html/index.html">kio</a> / <a href=".">kssl</a> </div> </div> <table id="main" border="0" cellpadding="0" cellspacing="0" width="100%"> <tr> <td valign="top" class="menuheader" height="0"></td> <td id="contentcolumn" valign="top" rowspan="2" > <div id="content" style="padding-top: 0px;"><div style="width:100%; margin: 0px; padding: 0px;"> <a name="content"></a> <!-- Generated by Doxygen 1.4.7 --> <h1>ksslcertificate.cc</h1><div class="fragment"><pre class="fragment"><a name="l00001"></a>00001 <span class="comment">/* This file is part of the KDE project</span> <a name="l00002"></a>00002 <span class="comment"> *</span> <a name="l00003"></a>00003 <span class="comment"> * Copyright (C) 2000-2003 George Staikos <staikos@kde.org></span> <a name="l00004"></a>00004 <span class="comment"> *</span> <a name="l00005"></a>00005 <span class="comment"> * This library is free software; you can redistribute it and/or</span> <a name="l00006"></a>00006 <span class="comment"> * modify it under the terms of the GNU Library General Public</span> <a name="l00007"></a>00007 <span class="comment"> * License as published by the Free Software Foundation; either</span> <a name="l00008"></a>00008 <span class="comment"> * version 2 of the License, or (at your option) any later version.</span> <a name="l00009"></a>00009 <span class="comment"> *</span> <a name="l00010"></a>00010 <span class="comment"> * This library is distributed in the hope that it will be useful,</span> <a name="l00011"></a>00011 <span class="comment"> * but WITHOUT ANY WARRANTY; without even the implied warranty of</span> <a name="l00012"></a>00012 <span class="comment"> * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU</span> <a name="l00013"></a>00013 <span class="comment"> * Library General Public License for more details.</span> <a name="l00014"></a>00014 <span class="comment"> *</span> <a name="l00015"></a>00015 <span class="comment"> * You should have received a copy of the GNU Library General Public License</span> <a name="l00016"></a>00016 <span class="comment"> * along with this library; see the file COPYING.LIB. If not, write to</span> <a name="l00017"></a>00017 <span class="comment"> * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,</span> <a name="l00018"></a>00018 <span class="comment"> * Boston, MA 02110-1301, USA.</span> <a name="l00019"></a>00019 <span class="comment"> */</span> <a name="l00020"></a>00020 <a name="l00021"></a>00021 <a name="l00022"></a>00022 <span class="preprocessor">#ifdef HAVE_CONFIG_H</span> <a name="l00023"></a>00023 <span class="preprocessor"></span><span class="preprocessor">#include <config.h></span> <a name="l00024"></a>00024 <span class="preprocessor">#endif</span> <a name="l00025"></a>00025 <span class="preprocessor"></span> <a name="l00026"></a>00026 <a name="l00027"></a>00027 <a name="l00028"></a>00028 <span class="preprocessor">#include <unistd.h></span> <a name="l00029"></a>00029 <span class="preprocessor">#include <qstring.h></span> <a name="l00030"></a>00030 <span class="preprocessor">#include <qstringlist.h></span> <a name="l00031"></a>00031 <span class="preprocessor">#include <qfile.h></span> <a name="l00032"></a>00032 <a name="l00033"></a>00033 <span class="preprocessor">#include "kssldefs.h"</span> <a name="l00034"></a>00034 <span class="preprocessor">#include "ksslcertificate.h"</span> <a name="l00035"></a>00035 <span class="preprocessor">#include "ksslcertchain.h"</span> <a name="l00036"></a>00036 <span class="preprocessor">#include "ksslutils.h"</span> <a name="l00037"></a>00037 <a name="l00038"></a>00038 <span class="preprocessor">#include <kstandarddirs.h></span> <a name="l00039"></a>00039 <span class="preprocessor">#include <kmdcodec.h></span> <a name="l00040"></a>00040 <span class="preprocessor">#include <klocale.h></span> <a name="l00041"></a>00041 <span class="preprocessor">#include <qdatetime.h></span> <a name="l00042"></a>00042 <span class="preprocessor">#include <ktempfile.h></span> <a name="l00043"></a>00043 <a name="l00044"></a>00044 <span class="preprocessor">#include <sys/types.h></span> <a name="l00045"></a>00045 <a name="l00046"></a>00046 <span class="preprocessor">#ifdef HAVE_SYS_STAT_H</span> <a name="l00047"></a>00047 <span class="preprocessor"></span><span class="preprocessor">#include <sys/stat.h></span> <a name="l00048"></a>00048 <span class="preprocessor">#endif</span> <a name="l00049"></a>00049 <span class="preprocessor"></span> <a name="l00050"></a>00050 <span class="comment">// this hack provided by Malte Starostik to avoid glibc/openssl bug</span> <a name="l00051"></a>00051 <span class="comment">// on some systems</span> <a name="l00052"></a>00052 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span> <a name="l00053"></a>00053 <span class="preprocessor"></span><span class="preprocessor">#define crypt _openssl_crypt</span> <a name="l00054"></a>00054 <span class="preprocessor"></span><span class="preprocessor">#include <openssl/ssl.h></span> <a name="l00055"></a>00055 <span class="preprocessor">#include <openssl/x509.h></span> <a name="l00056"></a>00056 <span class="preprocessor">#include <openssl/x509v3.h></span> <a name="l00057"></a>00057 <span class="preprocessor">#include <openssl/x509_vfy.h></span> <a name="l00058"></a>00058 <span class="preprocessor">#include <openssl/pem.h></span> <a name="l00059"></a>00059 <span class="preprocessor">#undef crypt</span> <a name="l00060"></a>00060 <span class="preprocessor"></span><span class="preprocessor">#endif</span> <a name="l00061"></a>00061 <span class="preprocessor"></span> <a name="l00062"></a>00062 <span class="preprocessor">#include <kopenssl.h></span> <a name="l00063"></a>00063 <span class="preprocessor">#include <qcstring.h></span> <a name="l00064"></a>00064 <span class="preprocessor">#include <kdebug.h></span> <a name="l00065"></a>00065 <span class="preprocessor">#include "ksslx509v3.h"</span> <a name="l00066"></a>00066 <a name="l00067"></a>00067 <a name="l00068"></a>00068 <a name="l00069"></a>00069 <span class="keyword">static</span> <span class="keywordtype">char</span> hv[] = {<span class="charliteral">'0'</span>,<span class="charliteral">'1'</span>,<span class="charliteral">'2'</span>,<span class="charliteral">'3'</span>,<span class="charliteral">'4'</span>,<span class="charliteral">'5'</span>,<span class="charliteral">'6'</span>,<span class="charliteral">'7'</span>,<span class="charliteral">'8'</span>,<span class="charliteral">'9'</span>,<span class="charliteral">'A'</span>,<span class="charliteral">'B'</span>,<span class="charliteral">'C'</span>,<span class="charliteral">'D'</span>,<span class="charliteral">'E'</span>,<span class="charliteral">'F'</span>}; <a name="l00070"></a>00070 <a name="l00071"></a>00071 <a name="l00072"></a>00072 <span class="keyword">class </span>KSSLCertificatePrivate { <a name="l00073"></a>00073 <span class="keyword">public</span>: <a name="l00074"></a>00074 KSSLCertificatePrivate() { <a name="l00075"></a>00075 kossl = KOSSL::self(); <a name="l00076"></a>00076 _lastPurpose = KSSLCertificate::None; <a name="l00077"></a>00077 } <a name="l00078"></a>00078 <a name="l00079"></a>00079 ~KSSLCertificatePrivate() { <a name="l00080"></a>00080 } <a name="l00081"></a>00081 <a name="l00082"></a>00082 <a class="code" href="classKSSLCertificate.html#2e4a36dd232c6a88307875ad7853a9c5">KSSLCertificate::KSSLValidation</a> m_stateCache; <a name="l00083"></a>00083 <span class="keywordtype">bool</span> m_stateCached; <a name="l00084"></a>00084 <span class="preprocessor"> #ifdef KSSL_HAVE_SSL</span> <a name="l00085"></a>00085 <span class="preprocessor"></span> X509 *m_cert; <a name="l00086"></a>00086 <span class="preprocessor"> #endif</span> <a name="l00087"></a>00087 <span class="preprocessor"></span> KOSSL *kossl; <a name="l00088"></a>00088 <a class="code" href="classKSSLCertChain.html">KSSLCertChain</a> _chain; <a name="l00089"></a>00089 <a class="code" href="classKSSLX509V3.html">KSSLX509V3</a> _extensions; <a name="l00090"></a>00090 <a class="code" href="classKSSLCertificate.html#c4d313c57b6578d672b5de99dbff6402">KSSLCertificate::KSSLPurpose</a> _lastPurpose; <a name="l00091"></a>00091 }; <a name="l00092"></a>00092 <a name="l00093"></a><a class="code" href="classKSSLCertificate.html#27be3d2e0cefa8a05b54721ab750bbef">00093</a> <a class="code" href="classKSSLCertificate.html#27be3d2e0cefa8a05b54721ab750bbef">KSSLCertificate::KSSLCertificate</a>() { <a name="l00094"></a>00094 d = <span class="keyword">new</span> KSSLCertificatePrivate; <a name="l00095"></a>00095 d->m_stateCached = <span class="keyword">false</span>; <a name="l00096"></a>00096 KGlobal::dirs()->addResourceType(<span class="stringliteral">"kssl"</span>, KStandardDirs::kde_default(<span class="stringliteral">"data"</span>) + <span class="stringliteral">"kssl"</span>); <a name="l00097"></a>00097 <span class="preprocessor"> #ifdef KSSL_HAVE_SSL</span> <a name="l00098"></a>00098 <span class="preprocessor"></span> d->m_cert = NULL; <a name="l00099"></a>00099 <span class="preprocessor"> #endif</span> <a name="l00100"></a>00100 <span class="preprocessor"></span>} <a name="l00101"></a>00101 <a name="l00102"></a>00102 <a name="l00103"></a><a class="code" href="classKSSLCertificate.html#0cad9b05686c9bbd5df49befedd5b8b0">00103</a> <a class="code" href="classKSSLCertificate.html#27be3d2e0cefa8a05b54721ab750bbef">KSSLCertificate::KSSLCertificate</a>(<span class="keyword">const</span> <a class="code" href="classKSSLCertificate.html">KSSLCertificate</a>& x) { <a name="l00104"></a>00104 d = <span class="keyword">new</span> KSSLCertificatePrivate; <a name="l00105"></a>00105 d->m_stateCached = <span class="keyword">false</span>; <a name="l00106"></a>00106 KGlobal::dirs()->addResourceType(<span class="stringliteral">"kssl"</span>, KStandardDirs::kde_default(<span class="stringliteral">"data"</span>) + <span class="stringliteral">"kssl"</span>); <a name="l00107"></a>00107 <span class="preprocessor"> #ifdef KSSL_HAVE_SSL</span> <a name="l00108"></a>00108 <span class="preprocessor"></span> d->m_cert = NULL; <a name="l00109"></a>00109 <a class="code" href="classKSSLCertificate.html#f8609d00c4b29f2faa69dd7edc2566ba">setCert</a>(KOSSL::self()->X509_dup(const_cast<KSSLCertificate&>(x).<a class="code" href="classKSSLCertificate.html#1b8d423e500050c5e7b8892d9b4f163e">getCert</a>())); <a name="l00110"></a>00110 <a class="code" href="classKSSLCertChain.html">KSSLCertChain</a> *c = x.d->_chain.replicate(); <a name="l00111"></a>00111 <a class="code" href="classKSSLCertificate.html#755ca88aa2625a230fa9b0f0d040e19f">setChain</a>(c-><a class="code" href="classKSSLCertChain.html#ff079cbb61e376a773a2a6e192bcb495">rawChain</a>()); <a name="l00112"></a>00112 <span class="keyword">delete</span> c; <a name="l00113"></a>00113 <span class="preprocessor"> #endif</span> <a name="l00114"></a>00114 <span class="preprocessor"></span>} <a name="l00115"></a>00115 <a name="l00116"></a>00116 <a name="l00117"></a>00117 <a name="l00118"></a><a class="code" href="classKSSLCertificate.html#cb1f0276d0ad2bec87d18bbf42a653f6">00118</a> <a class="code" href="classKSSLCertificate.html#cb1f0276d0ad2bec87d18bbf42a653f6">KSSLCertificate::~KSSLCertificate</a>() { <a name="l00119"></a>00119 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span> <a name="l00120"></a>00120 <span class="preprocessor"></span> <span class="keywordflow">if</span> (d->m_cert) <a name="l00121"></a>00121 d->kossl->X509_free(d->m_cert); <a name="l00122"></a>00122 <span class="preprocessor">#endif</span> <a name="l00123"></a>00123 <span class="preprocessor"></span> <span class="keyword">delete</span> d; <a name="l00124"></a>00124 } <a name="l00125"></a>00125 <a name="l00126"></a>00126 <a name="l00127"></a><a class="code" href="classKSSLCertificate.html#eceb3e8a7e680c3bc5ed802db8940343">00127</a> <a class="code" href="classKSSLCertChain.html">KSSLCertChain</a>& <a class="code" href="classKSSLCertificate.html#eceb3e8a7e680c3bc5ed802db8940343">KSSLCertificate::chain</a>() { <a name="l00128"></a>00128 <span class="keywordflow">return</span> d->_chain; <a name="l00129"></a>00129 } <a name="l00130"></a>00130 <a name="l00131"></a>00131 <a name="l00132"></a><a class="code" href="classKSSLCertificate.html#c7e097a18c944275a204310adbe1c786">00132</a> <a class="code" href="classKSSLCertificate.html">KSSLCertificate</a> *<a class="code" href="classKSSLCertificate.html#c7e097a18c944275a204310adbe1c786">KSSLCertificate::fromX509</a>(X509 *x5) { <a name="l00133"></a>00133 <a class="code" href="classKSSLCertificate.html">KSSLCertificate</a> *n = NULL; <a name="l00134"></a>00134 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span> <a name="l00135"></a>00135 <span class="preprocessor"></span> <span class="keywordflow">if</span> (x5) { <a name="l00136"></a>00136 n = <span class="keyword">new</span> <a class="code" href="classKSSLCertificate.html">KSSLCertificate</a>; <a name="l00137"></a>00137 n-><a class="code" href="classKSSLCertificate.html#f8609d00c4b29f2faa69dd7edc2566ba">setCert</a>(KOSSL::self()->X509_dup(x5)); <a name="l00138"></a>00138 } <a name="l00139"></a>00139 <span class="preprocessor">#endif</span> <a name="l00140"></a>00140 <span class="preprocessor"></span><span class="keywordflow">return</span> n; <a name="l00141"></a>00141 } <a name="l00142"></a>00142 <a name="l00143"></a>00143 <a name="l00144"></a><a class="code" href="classKSSLCertificate.html#4e41e1e31909ed2fe2ec1d2ecdbf1dce">00144</a> <a class="code" href="classKSSLCertificate.html">KSSLCertificate</a> *<a class="code" href="classKSSLCertificate.html#4e41e1e31909ed2fe2ec1d2ecdbf1dce">KSSLCertificate::fromString</a>(<a class="codeRef" doxygen="qt.tag:" href="qcstring.html">QCString</a> cert) { <a name="l00145"></a>00145 <a class="code" href="classKSSLCertificate.html">KSSLCertificate</a> *n = NULL; <a name="l00146"></a>00146 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span> <a name="l00147"></a>00147 <span class="preprocessor"></span> <span class="keywordflow">if</span> (cert.<a class="codeRef" doxygen="qt.tag:" href="qcstring.html#length">length</a>() == 0) <a name="l00148"></a>00148 <span class="keywordflow">return</span> NULL; <a name="l00149"></a>00149 <a name="l00150"></a>00150 <a class="codeRef" doxygen="qt.tag:" href="qbytearray.html">QByteArray</a> qba, qbb = cert.<a class="codeRef" doxygen="qt.tag:" href="qcstring.html#copy">copy</a>(); <a name="l00151"></a>00151 KCodecs::base64Decode(qbb, qba); <a name="l00152"></a>00152 <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *qbap = reinterpret_cast<unsigned char *>(qba.data()); <a name="l00153"></a>00153 X509 *x5c = KOSSL::self()->d2i_X509(NULL, &qbap, qba.size()); <a name="l00154"></a>00154 <span class="keywordflow">if</span> (!x5c) { <a name="l00155"></a>00155 <span class="keywordflow">return</span> NULL; <a name="l00156"></a>00156 } <a name="l00157"></a>00157 <a name="l00158"></a>00158 n = <span class="keyword">new</span> <a class="code" href="classKSSLCertificate.html">KSSLCertificate</a>; <a name="l00159"></a>00159 n-><a class="code" href="classKSSLCertificate.html#f8609d00c4b29f2faa69dd7edc2566ba">setCert</a>(x5c); <a name="l00160"></a>00160 <span class="preprocessor">#endif</span> <a name="l00161"></a>00161 <span class="preprocessor"></span><span class="keywordflow">return</span> n; <a name="l00162"></a>00162 } <a name="l00163"></a>00163 <a name="l00164"></a>00164 <a name="l00165"></a>00165 <a name="l00166"></a><a class="code" href="classKSSLCertificate.html#049269d43c054633acc843eab4352d78">00166</a> <a class="codeRef" doxygen="qt.tag:" href="qstring.html">QString</a> <a class="code" href="classKSSLCertificate.html#049269d43c054633acc843eab4352d78">KSSLCertificate::getSubject</a>()<span class="keyword"> const </span>{ <a name="l00167"></a>00167 <a class="codeRef" doxygen="qt.tag:" href="qstring.html">QString</a> rc = <span class="stringliteral">""</span>; <a name="l00168"></a>00168 <a name="l00169"></a>00169 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span> <a name="l00170"></a>00170 <span class="preprocessor"></span> <span class="keywordtype">char</span> *t = d->kossl->X509_NAME_oneline(d->kossl->X509_get_subject_name(d->m_cert), 0, 0); <a name="l00171"></a>00171 <span class="keywordflow">if</span> (!t) <a name="l00172"></a>00172 <span class="keywordflow">return</span> rc; <a name="l00173"></a>00173 rc = t; <a name="l00174"></a>00174 d->kossl->OPENSSL_free(t); <a name="l00175"></a>00175 <span class="preprocessor">#endif</span> <a name="l00176"></a>00176 <span class="preprocessor"></span><span class="keywordflow">return</span> rc; <a name="l00177"></a>00177 } <a name="l00178"></a>00178 <a name="l00179"></a>00179 <a name="l00180"></a><a class="code" href="classKSSLCertificate.html#daa42fc574520ea0f785d6aa31bfc6a5">00180</a> <a class="codeRef" doxygen="qt.tag:" href="qstring.html">QString</a> <a class="code" href="classKSSLCertificate.html#daa42fc574520ea0f785d6aa31bfc6a5">KSSLCertificate::getSerialNumber</a>()<span class="keyword"> const </span>{ <a name="l00181"></a>00181 <a class="codeRef" doxygen="qt.tag:" href="qstring.html">QString</a> rc = <span class="stringliteral">""</span>; <a name="l00182"></a>00182 <a name="l00183"></a>00183 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span> <a name="l00184"></a>00184 <span class="preprocessor"></span> ASN1_INTEGER *aint = d->kossl->X509_get_serialNumber(d->m_cert); <a name="l00185"></a>00185 <span class="keywordflow">if</span> (aint) { <a name="l00186"></a>00186 rc = ASN1_INTEGER_QString(aint); <a name="l00187"></a>00187 <span class="comment">// d->kossl->ASN1_INTEGER_free(aint); this makes the sig test fail</span> <a name="l00188"></a>00188 } <a name="l00189"></a>00189 <span class="preprocessor">#endif</span> <a name="l00190"></a>00190 <span class="preprocessor"></span><span class="keywordflow">return</span> rc; <a name="l00191"></a>00191 } <a name="l00192"></a>00192 <a name="l00193"></a>00193 <a name="l00194"></a><a class="code" href="classKSSLCertificate.html#f4feee48b08e85f627c3fcc25fc5924c">00194</a> <a class="codeRef" doxygen="qt.tag:" href="qstring.html">QString</a> <a class="code" href="classKSSLCertificate.html#f4feee48b08e85f627c3fcc25fc5924c">KSSLCertificate::getSignatureText</a>()<span class="keyword"> const </span>{ <a name="l00195"></a>00195 <a class="codeRef" doxygen="qt.tag:" href="qstring.html">QString</a> rc = <span class="stringliteral">""</span>; <a name="l00196"></a>00196 <a name="l00197"></a>00197 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span> <a name="l00198"></a>00198 <span class="preprocessor"></span><span class="keywordtype">char</span> *s; <a name="l00199"></a>00199 <span class="keywordtype">int</span> n, i; <a name="l00200"></a>00200 <a name="l00201"></a>00201 i = d->kossl->OBJ_obj2nid(d->m_cert->sig_alg->algorithm); <a name="l00202"></a>00202 rc = i18n(<span class="stringliteral">"Signature Algorithm: "</span>); <a name="l00203"></a>00203 rc += (i == NID_undef)?i18n(<span class="stringliteral">"Unknown"</span>):<a class="codeRef" doxygen="qt.tag:" href="qstring.html">QString</a>(d->kossl->OBJ_nid2ln(i)); <a name="l00204"></a>00204 <a name="l00205"></a>00205 rc += <span class="stringliteral">"\n"</span>; <a name="l00206"></a>00206 rc += i18n(<span class="stringliteral">"Signature Contents:"</span>); <a name="l00207"></a>00207 n = d->m_cert->signature->length; <a name="l00208"></a>00208 s = (<span class="keywordtype">char</span> *)d->m_cert->signature->data; <a name="l00209"></a>00209 for (i = 0; i < n; i++) { <a name="l00210"></a>00210 <span class="keywordflow">if</span> (i%20 != 0) rc += <span class="stringliteral">":"</span>; <a name="l00211"></a>00211 <span class="keywordflow">else</span> rc += <span class="stringliteral">"\n"</span>; <a name="l00212"></a>00212 rc.<a class="codeRef" doxygen="qt.tag:" href="qstring.html#append">append</a>(hv[(s[i]&0xf0)>>4]); <a name="l00213"></a>00213 rc.<a class="codeRef" doxygen="qt.tag:" href="qstring.html#append">append</a>(hv[s[i]&0x0f]); <a name="l00214"></a>00214 } <a name="l00215"></a>00215 <a name="l00216"></a>00216 <span class="preprocessor">#endif</span> <a name="l00217"></a>00217 <span class="preprocessor"></span> <a name="l00218"></a>00218 <span class="keywordflow">return</span> rc; <a name="l00219"></a>00219 } <a name="l00220"></a>00220 <a name="l00221"></a>00221 <a name="l00222"></a><a class="code" href="classKSSLCertificate.html#bbe7161439315d86d38ae1809a1b7208">00222</a> <span class="keywordtype">void</span> <a class="code" href="classKSSLCertificate.html#bbe7161439315d86d38ae1809a1b7208">KSSLCertificate::getEmails</a>(<a class="codeRef" doxygen="qt.tag:" href="qstringlist.html">QStringList</a> &to)<span class="keyword"> const </span>{ <a name="l00223"></a>00223 to.clear(); <a name="l00224"></a>00224 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span> <a name="l00225"></a>00225 <span class="preprocessor"></span> <span class="keywordflow">if</span> (!d->m_cert) <a name="l00226"></a>00226 <span class="keywordflow">return</span>; <a name="l00227"></a>00227 <a name="l00228"></a>00228 STACK *s = d->kossl->X509_get1_email(d->m_cert); <a name="l00229"></a>00229 <span class="keywordflow">if</span> (s) { <a name="l00230"></a>00230 <span class="keywordflow">for</span>(<span class="keywordtype">int</span> n=0; n < s->num; n++) { <a name="l00231"></a>00231 to.append(d->kossl->sk_value(s,n)); <a name="l00232"></a>00232 } <a name="l00233"></a>00233 d->kossl->X509_email_free(s); <a name="l00234"></a>00234 } <a name="l00235"></a>00235 <span class="preprocessor">#endif </span> <a name="l00236"></a>00236 <span class="preprocessor"></span>} <a name="l00237"></a>00237 <a name="l00238"></a>00238 <a name="l00239"></a><a class="code" href="classKSSLCertificate.html#2137ca44eadfe368200159c8fcadcd8a">00239</a> <a class="codeRef" doxygen="qt.tag:" href="qstring.html">QString</a> <a class="code" href="classKSSLCertificate.html#2137ca44eadfe368200159c8fcadcd8a">KSSLCertificate::getKDEKey</a>()<span class="keyword"> const </span>{ <a name="l00240"></a>00240 <span class="keywordflow">return</span> <a class="code" href="classKSSLCertificate.html#049269d43c054633acc843eab4352d78">getSubject</a>() + <span class="stringliteral">" ("</span> + <a class="code" href="classKSSLCertificate.html#e8c0061aa5f96377407a06f3d708afb1">getMD5DigestText</a>() + <span class="stringliteral">")"</span>; <a name="l00241"></a>00241 } <a name="l00242"></a>00242 <a name="l00243"></a>00243 <a name="l00244"></a><a class="code" href="classKSSLCertificate.html#da767419b1096892967e67d08006007a">00244</a> <a class="codeRef" doxygen="qt.tag:" href="qstring.html">QString</a> <a class="code" href="classKSSLCertificate.html#da767419b1096892967e67d08006007a">KSSLCertificate::getMD5DigestFromKDEKey</a>(<span class="keyword">const</span> <a class="codeRef" doxygen="qt.tag:" href="qstring.html">QString</a> &k) { <a name="l00245"></a>00245 <a class="codeRef" doxygen="qt.tag:" href="qstring.html">QString</a> rc; <a name="l00246"></a>00246 <span class="keywordtype">int</span> pos = k.<a class="codeRef" doxygen="qt.tag:" href="qstring.html#findRev">findRev</a>(<span class="charliteral">'('</span>); <a name="l00247"></a>00247 <span class="keywordflow">if</span> (pos != -1) { <a name="l00248"></a>00248 <span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> len = k.<a class="codeRef" doxygen="qt.tag:" href="qstring.html#length">length</a>(); <a name="l00249"></a>00249 <span class="keywordflow">if</span> (k.<a class="codeRef" doxygen="qt.tag:" href="qstring.html#at">at</a>(len-1) == <span class="charliteral">')'</span>) { <a name="l00250"></a>00250 rc = k.<a class="codeRef" doxygen="qt.tag:" href="qstring.html#mid">mid</a>(pos+1, len-pos-2); <a name="l00251"></a>00251 } <a name="l00252"></a>00252 } <a name="l00253"></a>00253 <span class="keywordflow">return</span> rc; <a name="l00254"></a>00254 } <a name="l00255"></a>00255 <a name="l00256"></a>00256 <a name="l00257"></a><a class="code" href="classKSSLCertificate.html#e8c0061aa5f96377407a06f3d708afb1">00257</a> <a class="codeRef" doxygen="qt.tag:" href="qstring.html">QString</a> <a class="code" href="classKSSLCertificate.html#e8c0061aa5f96377407a06f3d708afb1">KSSLCertificate::getMD5DigestText</a>()<span class="keyword"> const </span>{ <a name="l00258"></a>00258 <a class="codeRef" doxygen="qt.tag:" href="qstring.html">QString</a> rc = <span class="stringliteral">""</span>; <a name="l00259"></a>00259 <a name="l00260"></a>00260 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span> <a name="l00261"></a>00261 <span class="preprocessor"></span> <span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> n; <a name="l00262"></a>00262 <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> md[EVP_MAX_MD_SIZE]; <a name="l00263"></a>00263 <a name="l00264"></a>00264 <span class="keywordflow">if</span> (!d->kossl->X509_digest(d->m_cert, d->kossl->EVP_md5(), md, &n)) { <a name="l00265"></a>00265 <span class="keywordflow">return</span> rc; <a name="l00266"></a>00266 } <a name="l00267"></a>00267 <a name="l00268"></a>00268 <span class="keywordflow">for</span> (<span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> j = 0; j < n; j++) { <a name="l00269"></a>00269 <span class="keywordflow">if</span> (j > 0) <a name="l00270"></a>00270 rc += <span class="stringliteral">":"</span>; <a name="l00271"></a>00271 rc.<a class="codeRef" doxygen="qt.tag:" href="qstring.html#append">append</a>(hv[(md[j]&0xf0)>>4]); <a name="l00272"></a>00272 rc.<a class="codeRef" doxygen="qt.tag:" href="qstring.html#append">append</a>(hv[md[j]&0x0f]); <a name="l00273"></a>00273 } <a name="l00274"></a>00274 <a name="l00275"></a>00275 <span class="preprocessor">#endif</span> <a name="l00276"></a>00276 <span class="preprocessor"></span> <a name="l00277"></a>00277 <span class="keywordflow">return</span> rc; <a name="l00278"></a>00278 } <a name="l00279"></a>00279 <a name="l00280"></a>00280 <a name="l00281"></a>00281 <a name="l00282"></a><a class="code" href="classKSSLCertificate.html#e8f189dd61363fd9ad29edfcc01faf63">00282</a> <a class="codeRef" doxygen="qt.tag:" href="qstring.html">QString</a> <a class="code" href="classKSSLCertificate.html#e8f189dd61363fd9ad29edfcc01faf63">KSSLCertificate::getMD5Digest</a>()<span class="keyword"> const </span>{ <a name="l00283"></a>00283 <a class="codeRef" doxygen="qt.tag:" href="qstring.html">QString</a> rc = <span class="stringliteral">""</span>; <a name="l00284"></a>00284 <a name="l00285"></a>00285 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span> <a name="l00286"></a>00286 <span class="preprocessor"></span> <span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> n; <a name="l00287"></a>00287 <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> md[EVP_MAX_MD_SIZE]; <a name="l00288"></a>00288 <a name="l00289"></a>00289 <span class="keywordflow">if</span> (!d->kossl->X509_digest(d->m_cert, d->kossl->EVP_md5(), md, &n)) { <a name="l00290"></a>00290 <span class="keywordflow">return</span> rc; <a name="l00291"></a>00291 } <a name="l00292"></a>00292 <a name="l00293"></a>00293 <span class="keywordflow">for</span> (<span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> j = 0; j < n; j++) { <a name="l00294"></a>00294 rc.<a class="codeRef" doxygen="qt.tag:" href="qstring.html#append">append</a>(hv[(md[j]&0xf0)>>4]); <a name="l00295"></a>00295 rc.<a class="codeRef" doxygen="qt.tag:" href="qstring.html#append">append</a>(hv[md[j]&0x0f]); <a name="l00296"></a>00296 } <a name="l00297"></a>00297 <a name="l00298"></a>00298 <span class="preprocessor">#endif</span> <a name="l00299"></a>00299 <span class="preprocessor"></span> <a name="l00300"></a>00300 <span class="keywordflow">return</span> rc; <a name="l00301"></a>00301 } <a name="l00302"></a>00302 <a name="l00303"></a>00303 <a name="l00304"></a>00304 <a name="l00305"></a><a class="code" href="classKSSLCertificate.html#7905ae68949e6e9874654d0c3d284335">00305</a> <a class="codeRef" doxygen="qt.tag:" href="qstring.html">QString</a> <a class="code" href="classKSSLCertificate.html#7905ae68949e6e9874654d0c3d284335">KSSLCertificate::getKeyType</a>()<span class="keyword"> const </span>{ <a name="l00306"></a>00306 <a class="codeRef" doxygen="qt.tag:" href="qstring.html">QString</a> rc = <span class="stringliteral">""</span>; <a name="l00307"></a>00307 <a name="l00308"></a>00308 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span> <a name="l00309"></a>00309 <span class="preprocessor"></span> EVP_PKEY *pkey = d->kossl->X509_get_pubkey(d->m_cert); <a name="l00310"></a>00310 <span class="keywordflow">if</span> (pkey) { <a name="l00311"></a>00311 <span class="preprocessor"> #ifndef NO_RSA</span> <a name="l00312"></a>00312 <span class="preprocessor"></span> <span class="keywordflow">if</span> (pkey->type == EVP_PKEY_RSA) <a name="l00313"></a>00313 rc = <span class="stringliteral">"RSA"</span>; <a name="l00314"></a>00314 <span class="keywordflow">else</span> <a name="l00315"></a>00315 <span class="preprocessor"> #endif</span> <a name="l00316"></a>00316 <span class="preprocessor"></span><span class="preprocessor"> #ifndef NO_DSA</span> <a name="l00317"></a>00317 <span class="preprocessor"></span> <span class="keywordflow">if</span> (pkey->type == EVP_PKEY_DSA) <a name="l00318"></a>00318 rc = <span class="stringliteral">"DSA"</span>; <a name="l00319"></a>00319 <span class="keywordflow">else</span> <a name="l00320"></a>00320 <span class="preprocessor"> #endif</span> <a name="l00321"></a>00321 <span class="preprocessor"></span> rc = <span class="stringliteral">"Unknown"</span>; <a name="l00322"></a>00322 d->kossl->EVP_PKEY_free(pkey); <a name="l00323"></a>00323 } <a name="l00324"></a>00324 <span class="preprocessor">#endif</span> <a name="l00325"></a>00325 <span class="preprocessor"></span> <a name="l00326"></a>00326 <span class="keywordflow">return</span> rc; <a name="l00327"></a>00327 } <a name="l00328"></a>00328 <a name="l00329"></a>00329 <a name="l00330"></a>00330 <a name="l00331"></a><a class="code" href="classKSSLCertificate.html#f904d0ff218539df7a3560daf39dab45">00331</a> <a class="codeRef" doxygen="qt.tag:" href="qstring.html">QString</a> <a class="code" href="classKSSLCertificate.html#f904d0ff218539df7a3560daf39dab45">KSSLCertificate::getPublicKeyText</a>()<span class="keyword"> const </span>{ <a name="l00332"></a>00332 <a class="codeRef" doxygen="qt.tag:" href="qstring.html">QString</a> rc = <span class="stringliteral">""</span>; <a name="l00333"></a>00333 <span class="keywordtype">char</span> *x = NULL; <a name="l00334"></a>00334 <a name="l00335"></a>00335 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span> <a name="l00336"></a>00336 <span class="preprocessor"></span> EVP_PKEY *pkey = d->kossl->X509_get_pubkey(d->m_cert); <a name="l00337"></a>00337 <span class="keywordflow">if</span> (pkey) { <a name="l00338"></a>00338 rc = i18n(<span class="stringliteral">"Unknown"</span>, <span class="stringliteral">"Unknown key algorithm"</span>); <a name="l00339"></a>00339 <span class="preprocessor"> #ifndef NO_RSA</span> <a name="l00340"></a>00340 <span class="preprocessor"></span> <span class="keywordflow">if</span> (pkey->type == EVP_PKEY_RSA) { <a name="l00341"></a>00341 rc = i18n(<span class="stringliteral">"Key type: RSA (%1 bit)"</span>) + <span class="stringliteral">"\n"</span>; <a name="l00342"></a>00342 <a name="l00343"></a>00343 x = d->kossl->BN_bn2hex(pkey->pkey.rsa->n); <a name="l00344"></a>00344 rc += i18n(<span class="stringliteral">"Modulus: "</span>); <a name="l00345"></a>00345 rc = rc.<a class="codeRef" doxygen="qt.tag:" href="qstring.html#arg">arg</a>(strlen(x)*4); <a name="l00346"></a>00346 <span class="keywordflow">for</span> (<span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> i = 0; i < strlen(x); i++) { <a name="l00347"></a>00347 <span class="keywordflow">if</span> (i%40 != 0 && i%2 == 0) <a name="l00348"></a>00348 rc += <span class="stringliteral">":"</span>; <a name="l00349"></a>00349 <span class="keywordflow">else</span> <span class="keywordflow">if</span> (i%40 == 0) <a name="l00350"></a>00350 rc += <span class="stringliteral">"\n"</span>; <a name="l00351"></a>00351 rc += x[i]; <a name="l00352"></a>00352 } <a name="l00353"></a>00353 rc += <span class="stringliteral">"\n"</span>; <a name="l00354"></a>00354 d->kossl->OPENSSL_free(x); <a name="l00355"></a>00355 <a name="l00356"></a>00356 x = d->kossl->BN_bn2hex(pkey->pkey.rsa->e); <a name="l00357"></a>00357 rc += i18n(<span class="stringliteral">"Exponent: 0x"</span>) + x + <span class="stringliteral">"\n"</span>; <a name="l00358"></a>00358 d->kossl->OPENSSL_free(x); <a name="l00359"></a>00359 } <a name="l00360"></a>00360 <span class="preprocessor"> #endif</span> <a name="l00361"></a>00361 <span class="preprocessor"></span><span class="preprocessor"> #ifndef NO_DSA</span> <a name="l00362"></a>00362 <span class="preprocessor"></span> <span class="keywordflow">if</span> (pkey->type == EVP_PKEY_DSA) { <a name="l00363"></a>00363 rc = i18n(<span class="stringliteral">"Key type: DSA (%1 bit)"</span>) + <span class="stringliteral">"\n"</span>; <a name="l00364"></a>00364 <a name="l00365"></a>00365 x = d->kossl->BN_bn2hex(pkey->pkey.dsa->p); <a name="l00366"></a>00366 rc += i18n(<span class="stringliteral">"Prime: "</span>); <a name="l00367"></a>00367 <span class="comment">// hack - this may not be always accurate</span> <a name="l00368"></a>00368 rc = rc.<a class="codeRef" doxygen="qt.tag:" href="qstring.html#arg">arg</a>(strlen(x)*4) ; <a name="l00369"></a>00369 <span class="keywordflow">for</span> (<span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> i = 0; i < strlen(x); i++) { <a name="l00370"></a>00370 <span class="keywordflow">if</span> (i%40 != 0 && i%2 == 0) <a name="l00371"></a>00371 rc += <span class="stringliteral">":"</span>; <a name="l00372"></a>00372 <span class="keywordflow">else</span> <span class="keywordflow">if</span> (i%40 == 0) <a name="l00373"></a>00373 rc += <span class="stringliteral">"\n"</span>; <a name="l00374"></a>00374 rc += x[i]; <a name="l00375"></a>00375 } <a name="l00376"></a>00376 rc += <span class="stringliteral">"\n"</span>; <a name="l00377"></a>00377 d->kossl->OPENSSL_free(x); <a name="l00378"></a>00378 <a name="l00379"></a>00379 x = d->kossl->BN_bn2hex(pkey->pkey.dsa->q); <a name="l00380"></a>00380 rc += i18n(<span class="stringliteral">"160 bit prime factor: "</span>); <a name="l00381"></a>00381 <span class="keywordflow">for</span> (<span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> i = 0; i < strlen(x); i++) { <a name="l00382"></a>00382 <span class="keywordflow">if</span> (i%40 != 0 && i%2 == 0) <a name="l00383"></a>00383 rc += <span class="stringliteral">":"</span>; <a name="l00384"></a>00384 <span class="keywordflow">else</span> <span class="keywordflow">if</span> (i%40 == 0) <a name="l00385"></a>00385 rc += <span class="stringliteral">"\n"</span>; <a name="l00386"></a>00386 rc += x[i]; <a name="l00387"></a>00387 } <a name="l00388"></a>00388 rc += <span class="stringliteral">"\n"</span>; <a name="l00389"></a>00389 d->kossl->OPENSSL_free(x); <a name="l00390"></a>00390 <a name="l00391"></a>00391 x = d->kossl->BN_bn2hex(pkey->pkey.dsa->g); <a name="l00392"></a>00392 rc += <a class="codeRef" doxygen="qt.tag:" href="qstring.html">QString</a>(<span class="stringliteral">"g: "</span>); <a name="l00393"></a>00393 <span class="keywordflow">for</span> (<span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> i = 0; i < strlen(x); i++) { <a name="l00394"></a>00394 <span class="keywordflow">if</span> (i%40 != 0 && i%2 == 0) <a name="l00395"></a>00395 rc += <span class="stringliteral">":"</span>; <a name="l00396"></a>00396 <span class="keywordflow">else</span> <span class="keywordflow">if</span> (i%40 == 0) <a name="l00397"></a>00397 rc += <span class="stringliteral">"\n"</span>; <a name="l00398"></a>00398 rc += x[i]; <a name="l00399"></a>00399 } <a name="l00400"></a>00400 rc += <span class="stringliteral">"\n"</span>; <a name="l00401"></a>00401 d->kossl->OPENSSL_free(x); <a name="l00402"></a>00402 <a name="l00403"></a>00403 x = d->kossl->BN_bn2hex(pkey->pkey.dsa->pub_key); <a name="l00404"></a>00404 rc += i18n(<span class="stringliteral">"Public key: "</span>); <a name="l00405"></a>00405 <span class="keywordflow">for</span> (<span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> i = 0; i < strlen(x); i++) { <a name="l00406"></a>00406 <span class="keywordflow">if</span> (i%40 != 0 && i%2 == 0) <a name="l00407"></a>00407 rc += <span class="stringliteral">":"</span>; <a name="l00408"></a>00408 <span class="keywordflow">else</span> <span class="keywordflow">if</span> (i%40 == 0) <a name="l00409"></a>00409 rc += <span class="stringliteral">"\n"</span>; <a name="l00410"></a>00410 rc += x[i]; <a name="l00411"></a>00411 } <a name="l00412"></a>00412 rc += <span class="stringliteral">"\n"</span>; <a name="l00413"></a>00413 d->kossl->OPENSSL_free(x); <a name="l00414"></a>00414 } <a name="l00415"></a>00415 <span class="preprocessor"> #endif</span> <a name="l00416"></a>00416 <span class="preprocessor"></span> d->kossl->EVP_PKEY_free(pkey); <a name="l00417"></a>00417 } <a name="l00418"></a>00418 <span class="preprocessor">#endif</span> <a name="l00419"></a>00419 <span class="preprocessor"></span> <a name="l00420"></a>00420 <span class="keywordflow">return</span> rc; <a name="l00421"></a>00421 } <a name="l00422"></a>00422 <a name="l00423"></a>00423 <a name="l00424"></a>00424 <a name="l00425"></a><a class="code" href="classKSSLCertificate.html#e5c6a7a8ea0f0c4dca53a11834c7beed">00425</a> <a class="codeRef" doxygen="qt.tag:" href="qstring.html">QString</a> <a class="code" href="classKSSLCertificate.html#e5c6a7a8ea0f0c4dca53a11834c7beed">KSSLCertificate::getIssuer</a>()<span class="keyword"> const </span>{ <a name="l00426"></a>00426 <a class="codeRef" doxygen="qt.tag:" href="qstring.html">QString</a> rc = <span class="stringliteral">""</span>; <a name="l00427"></a>00427 <a name="l00428"></a>00428 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span> <a name="l00429"></a>00429 <span class="preprocessor"></span> <span class="keywordtype">char</span> *t = d->kossl->X509_NAME_oneline(d->kossl->X509_get_issuer_name(d->m_cert), 0, 0); <a name="l00430"></a>00430 <a name="l00431"></a>00431 <span class="keywordflow">if</span> (!t) <a name="l00432"></a>00432 <span class="keywordflow">return</span> rc; <a name="l00433"></a>00433 <a name="l00434"></a>00434 rc = t; <a name="l00435"></a>00435 d->kossl->OPENSSL_free(t); <a name="l00436"></a>00436 <span class="preprocessor">#endif</span> <a name="l00437"></a>00437 <span class="preprocessor"></span> <a name="l00438"></a>00438 <span class="keywordflow">return</span> rc; <a name="l00439"></a>00439 } <a name="l00440"></a>00440 <a name="l00441"></a><a class="code" href="classKSSLCertificate.html#755ca88aa2625a230fa9b0f0d040e19f">00441</a> <span class="keywordtype">void</span> <a class="code" href="classKSSLCertificate.html#755ca88aa2625a230fa9b0f0d040e19f">KSSLCertificate::setChain</a>(<span class="keywordtype">void</span> *c) { <a name="l00442"></a>00442 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span> <a name="l00443"></a>00443 <span class="preprocessor"></span> d->_chain.setChain(c); <a name="l00444"></a>00444 <span class="preprocessor">#endif</span> <a name="l00445"></a>00445 <span class="preprocessor"></span> d->m_stateCached = <span class="keyword">false</span>; <a name="l00446"></a>00446 d->m_stateCache = KSSLCertificate::Unknown; <a name="l00447"></a>00447 } <a name="l00448"></a>00448 <a name="l00449"></a><a class="code" href="classKSSLCertificate.html#3af342b3a65e7951776e98a75690480d">00449</a> <span class="keywordtype">void</span> <a class="code" href="classKSSLCertificate.html#f8609d00c4b29f2faa69dd7edc2566ba">KSSLCertificate::setCert</a>(X509 *c) { <a name="l00450"></a>00450 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span> <a name="l00451"></a>00451 <span class="preprocessor"></span>d->m_cert = c; <a name="l00452"></a>00452 <span class="keywordflow">if</span> (c) { <a name="l00453"></a>00453 d->_extensions.flags = 0; <a name="l00454"></a>00454 d->kossl->X509_check_purpose(c, -1, 0); <span class="comment">// setup the fields (!!)</span> <a name="l00455"></a>00455 <a name="l00456"></a>00456 <span class="preprocessor">#if 0</span> <a name="l00457"></a>00457 <span class="preprocessor"></span> kdDebug(7029) << <span class="stringliteral">"---------------- Certificate ------------------"</span> <a name="l00458"></a>00458 << endl; <a name="l00459"></a>00459 kdDebug(7029) << <a class="code" href="classKSSLCertificate.html#049269d43c054633acc843eab4352d78">getSubject</a>() << endl; <a name="l00460"></a>00460 <span class="preprocessor">#endif</span> <a name="l00461"></a>00461 <span class="preprocessor"></span> <a name="l00462"></a>00462 <span class="keywordflow">for</span> (<span class="keywordtype">int</span> j = 0; j < d->kossl->X509_PURPOSE_get_count(); j++) { <a name="l00463"></a>00463 X509_PURPOSE *ptmp = d->kossl->X509_PURPOSE_get0(j); <a name="l00464"></a>00464 <span class="keywordtype">int</span> <span class="keywordtype">id</span> = d->kossl->X509_PURPOSE_get_id(ptmp); <a name="l00465"></a>00465 <span class="keywordflow">for</span> (<span class="keywordtype">int</span> ca = 0; ca < 2; ca++) { <a name="l00466"></a>00466 <span class="keywordtype">int</span> idret = d->kossl->X509_check_purpose(c, <span class="keywordtype">id</span>, ca); <a name="l00467"></a>00467 <span class="keywordflow">if</span> (idret == 1 || idret == 2) { <span class="comment">// have it</span> <a name="l00468"></a>00468 <span class="comment">// kdDebug() << "PURPOSE: " << id << (ca?" CA":"") << endl;</span> <a name="l00469"></a>00469 <span class="keywordflow">if</span> (!ca) <a name="l00470"></a>00470 d->_extensions.flags |= (1L <<(<span class="keywordtype">id</span>-1)); <a name="l00471"></a>00471 <span class="keywordflow">else</span> d->_extensions.flags |= (1L <<(16+<span class="keywordtype">id</span>-1)); <a name="l00472"></a>00472 } <span class="keywordflow">else</span> { <a name="l00473"></a>00473 <span class="keywordflow">if</span> (!ca) <a name="l00474"></a>00474 d->_extensions.flags &= ~(1L <<(<span class="keywordtype">id</span>-1)); <a name="l00475"></a>00475 <span class="keywordflow">else</span> d->_extensions.flags &= ~(1L <<(16+<span class="keywordtype">id</span>-1)); <a name="l00476"></a>00476 } <a name="l00477"></a>00477 } <a name="l00478"></a>00478 } <a name="l00479"></a>00479 <a name="l00480"></a>00480 <span class="preprocessor">#if 0</span> <a name="l00481"></a>00481 <span class="preprocessor"></span> kdDebug(7029) << <span class="stringliteral">"flags: "</span> << <a class="codeRef" doxygen="qt.tag:" href="qstring.html#number">QString::number</a>(c->ex_flags, 2) <a name="l00482"></a>00482 << <span class="stringliteral">"\nkeyusage: "</span> << <a class="codeRef" doxygen="qt.tag:" href="qstring.html#number">QString::number</a>(c->ex_kusage, 2) <a name="l00483"></a>00483 << <span class="stringliteral">"\nxkeyusage: "</span> << <a class="codeRef" doxygen="qt.tag:" href="qstring.html#number">QString::number</a>(c->ex_xkusage, 2) <a name="l00484"></a>00484 << <span class="stringliteral">"\nnscert: "</span> << <a class="codeRef" doxygen="qt.tag:" href="qstring.html#number">QString::number</a>(c->ex_nscert, 2) <a name="l00485"></a>00485 << endl; <a name="l00486"></a>00486 <span class="keywordflow">if</span> (c->ex_flags & EXFLAG_KUSAGE) <a name="l00487"></a>00487 kdDebug(7029) << <span class="stringliteral">" --- Key Usage extensions found"</span> << endl; <a name="l00488"></a>00488 <span class="keywordflow">else</span> kdDebug(7029) << <span class="stringliteral">" --- Key Usage extensions NOT found"</span> << endl; <a name="l00489"></a>00489 <a name="l00490"></a>00490 <span class="keywordflow">if</span> (c->ex_flags & EXFLAG_XKUSAGE) <a name="l00491"></a>00491 kdDebug(7029) << <span class="stringliteral">" --- Extended key usage extensions found"</span> << endl; <a name="l00492"></a>00492 <span class="keywordflow">else</span> kdDebug(7029) << <span class="stringliteral">" --- Extended key usage extensions NOT found"</span> << endl; <a name="l00493"></a>00493 <a name="l00494"></a>00494 <span class="keywordflow">if</span> (c->ex_flags & EXFLAG_NSCERT) <a name="l00495"></a>00495 kdDebug(7029) << <span class="stringliteral">" --- NS extensions found"</span> << endl; <a name="l00496"></a>00496 <span class="keywordflow">else</span> kdDebug(7029) << <span class="stringliteral">" --- NS extensions NOT found"</span> << endl; <a name="l00497"></a>00497 <a name="l00498"></a>00498 <span class="keywordflow">if</span> (d->_extensions.certTypeSSLCA()) <a name="l00499"></a>00499 kdDebug(7029) << <span class="stringliteral">"NOTE: this is an SSL CA file."</span> << endl; <a name="l00500"></a>00500 <span class="keywordflow">else</span> kdDebug(7029) << <span class="stringliteral">"NOTE: this is NOT an SSL CA file."</span> << endl; <a name="l00501"></a>00501 <a name="l00502"></a>00502 <span class="keywordflow">if</span> (d->_extensions.certTypeEmailCA()) <a name="l00503"></a>00503 kdDebug(7029) << <span class="stringliteral">"NOTE: this is an EMAIL CA file."</span> << endl; <a name="l00504"></a>00504 <span class="keywordflow">else</span> kdDebug(7029) << <span class="stringliteral">"NOTE: this is NOT an EMAIL CA file."</span> << endl; <a name="l00505"></a>00505 <a name="l00506"></a>00506 <span class="keywordflow">if</span> (d->_extensions.certTypeCodeCA()) <a name="l00507"></a>00507 kdDebug(7029) << <span class="stringliteral">"NOTE: this is a CODE CA file."</span> << endl; <a name="l00508"></a>00508 <span class="keywordflow">else</span> kdDebug(7029) << <span class="stringliteral">"NOTE: this is NOT a CODE CA file."</span> << endl; <a name="l00509"></a>00509 <a name="l00510"></a>00510 <span class="keywordflow">if</span> (d->_extensions.certTypeSSLClient()) <a name="l00511"></a>00511 kdDebug(7029) << <span class="stringliteral">"NOTE: this is an SSL client."</span> << endl; <a name="l00512"></a>00512 <span class="keywordflow">else</span> kdDebug(7029) << <span class="stringliteral">"NOTE: this is NOT an SSL client."</span> << endl; <a name="l00513"></a>00513 <a name="l00514"></a>00514 <span class="keywordflow">if</span> (d->_extensions.certTypeSSLServer()) <a name="l00515"></a>00515 kdDebug(7029) << <span class="stringliteral">"NOTE: this is an SSL server."</span> << endl; <a name="l00516"></a>00516 <span class="keywordflow">else</span> kdDebug(7029) << <span class="stringliteral">"NOTE: this is NOT an SSL server."</span> << endl; <a name="l00517"></a>00517 <a name="l00518"></a>00518 <span class="keywordflow">if</span> (d->_extensions.certTypeNSSSLServer()) <a name="l00519"></a>00519 kdDebug(7029) << <span class="stringliteral">"NOTE: this is a NETSCAPE SSL server."</span> << endl; <a name="l00520"></a>00520 <span class="keywordflow">else</span> kdDebug(7029) << <span class="stringliteral">"NOTE: this is NOT a NETSCAPE SSL server."</span> << endl; <a name="l00521"></a>00521 <a name="l00522"></a>00522 <span class="keywordflow">if</span> (d->_extensions.certTypeSMIME()) <a name="l00523"></a>00523 kdDebug(7029) << <span class="stringliteral">"NOTE: this is an SMIME certificate."</span> << endl; <a name="l00524"></a>00524 <span class="keywordflow">else</span> kdDebug(7029) << <span class="stringliteral">"NOTE: this is NOT an SMIME certificate."</span> << endl; <a name="l00525"></a>00525 <a name="l00526"></a>00526 <span class="keywordflow">if</span> (d->_extensions.certTypeSMIMEEncrypt()) <a name="l00527"></a>00527 kdDebug(7029) << <span class="stringliteral">"NOTE: this is an SMIME encrypt cert."</span> << endl; <a name="l00528"></a>00528 <span class="keywordflow">else</span> kdDebug(7029) << <span class="stringliteral">"NOTE: this is NOT an SMIME encrypt cert."</span> << endl; <a name="l00529"></a>00529 <a name="l00530"></a>00530 <span class="keywordflow">if</span> (d->_extensions.certTypeSMIMESign()) <a name="l00531"></a>00531 kdDebug(7029) << <span class="stringliteral">"NOTE: this is an SMIME sign cert."</span> << endl; <a name="l00532"></a>00532 <span class="keywordflow">else</span> kdDebug(7029) << <span class="stringliteral">"NOTE: this is NOT an SMIME sign cert."</span> << endl; <a name="l00533"></a>00533 <a name="l00534"></a>00534 <span class="keywordflow">if</span> (d->_extensions.certTypeCRLSign()) <a name="l00535"></a>00535 kdDebug(7029) << <span class="stringliteral">"NOTE: this is a CRL signer."</span> << endl; <a name="l00536"></a>00536 <span class="keywordflow">else</span> kdDebug(7029) << <span class="stringliteral">"NOTE: this is NOT a CRL signer."</span> << endl; <a name="l00537"></a>00537 <a name="l00538"></a>00538 kdDebug(7029) << <span class="stringliteral">"-----------------------------------------------"</span> <a name="l00539"></a>00539 << endl; <a name="l00540"></a>00540 <span class="preprocessor">#endif</span> <a name="l00541"></a>00541 <span class="preprocessor"></span>} <a name="l00542"></a>00542 <span class="preprocessor">#endif</span> <a name="l00543"></a>00543 <span class="preprocessor"></span>d->m_stateCached = <span class="keyword">false</span>; <a name="l00544"></a>00544 d->m_stateCache = KSSLCertificate::Unknown; <a name="l00545"></a>00545 } <a name="l00546"></a>00546 <a name="l00547"></a><a class="code" href="classKSSLCertificate.html#1b8d423e500050c5e7b8892d9b4f163e">00547</a> X509 *<a class="code" href="classKSSLCertificate.html#1b8d423e500050c5e7b8892d9b4f163e">KSSLCertificate::getCert</a>() { <a name="l00548"></a>00548 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span> <a name="l00549"></a>00549 <span class="preprocessor"></span> <span class="keywordflow">return</span> d->m_cert; <a name="l00550"></a>00550 <span class="preprocessor">#endif</span> <a name="l00551"></a>00551 <span class="preprocessor"></span><span class="keywordflow">return</span> 0; <a name="l00552"></a>00552 } <a name="l00553"></a>00553 <a name="l00554"></a>00554 <span class="comment">// pull in the callback. It's common across multiple files but we want</span> <a name="l00555"></a>00555 <span class="comment">// it to be hidden.</span> <a name="l00556"></a>00556 <a name="l00557"></a>00557 <span class="preprocessor">#include "ksslcallback.c"</span> <a name="l00558"></a>00558 <a name="l00559"></a>00559 <a name="l00560"></a><a class="code" href="classKSSLCertificate.html#4fd05cba55dc2c9be24dc37f8fb8a140">00560</a> <span class="keywordtype">bool</span> <a class="code" href="classKSSLCertificate.html#43b350abc81f44d9cc83db83b450f587">KSSLCertificate::isValid</a>(<a class="code" href="classKSSLCertificate.html#c4d313c57b6578d672b5de99dbff6402">KSSLCertificate::KSSLPurpose</a> p) { <a name="l00561"></a>00561 <span class="keywordflow">return</span> (<a class="code" href="classKSSLCertificate.html#b0f3499c141ff191c79ff7d513dcb609">validate</a>(p) == KSSLCertificate::Ok); <a name="l00562"></a>00562 } <a name="l00563"></a>00563 <a name="l00564"></a>00564 <a name="l00565"></a><a class="code" href="classKSSLCertificate.html#43b350abc81f44d9cc83db83b450f587">00565</a> <span class="keywordtype">bool</span> <a class="code" href="classKSSLCertificate.html#43b350abc81f44d9cc83db83b450f587">KSSLCertificate::isValid</a>() { <a name="l00566"></a>00566 <span class="keywordflow">return</span> <a class="code" href="classKSSLCertificate.html#43b350abc81f44d9cc83db83b450f587">isValid</a>(KSSLCertificate::SSLServer); <a name="l00567"></a>00567 } <a name="l00568"></a>00568 <a name="l00569"></a>00569 <a name="l00570"></a>00570 <span class="keywordtype">int</span> KSSLCertificate::purposeToOpenSSL(<a class="code" href="classKSSLCertificate.html#c4d313c57b6578d672b5de99dbff6402">KSSLCertificate::KSSLPurpose</a> p)<span class="keyword"> const </span>{ <a name="l00571"></a>00571 <span class="keywordtype">int</span> rc = 0; <a name="l00572"></a>00572 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span> <a name="l00573"></a>00573 <span class="preprocessor"></span> <span class="keywordflow">if</span> (p == KSSLCertificate::SSLServer) { <a name="l00574"></a>00574 rc = X509_PURPOSE_SSL_SERVER; <a name="l00575"></a>00575 } <span class="keywordflow">else</span> <span class="keywordflow">if</span> (p == KSSLCertificate::SSLClient) { <a name="l00576"></a>00576 rc = X509_PURPOSE_SSL_CLIENT; <a name="l00577"></a>00577 } <span class="keywordflow">else</span> <span class="keywordflow">if</span> (p == KSSLCertificate::SMIMEEncrypt) { <a name="l00578"></a>00578 rc = X509_PURPOSE_SMIME_ENCRYPT; <a name="l00579"></a>00579 } <span class="keywordflow">else</span> <span class="keywordflow">if</span> (p == KSSLCertificate::SMIMESign) { <a name="l00580"></a>00580 rc = X509_PURPOSE_SMIME_SIGN; <a name="l00581"></a>00581 } <span class="keywordflow">else</span> <span class="keywordflow">if</span> (p == KSSLCertificate::Any) { <a name="l00582"></a>00582 rc = X509_PURPOSE_ANY; <a name="l00583"></a>00583 } <a name="l00584"></a>00584 <span class="preprocessor">#endif</span> <a name="l00585"></a>00585 <span class="preprocessor"></span><span class="keywordflow">return</span> rc; <a name="l00586"></a>00586 } <a name="l00587"></a>00587 <a name="l00588"></a>00588 <a name="l00589"></a>00589 <span class="comment">// For backward compatibility</span> <a name="l00590"></a><a class="code" href="classKSSLCertificate.html#b0f3499c141ff191c79ff7d513dcb609">00590</a> <a class="code" href="classKSSLCertificate.html#2e4a36dd232c6a88307875ad7853a9c5">KSSLCertificate::KSSLValidation</a> <a class="code" href="classKSSLCertificate.html#b0f3499c141ff191c79ff7d513dcb609">KSSLCertificate::validate</a>() { <a name="l00591"></a>00591 <span class="keywordflow">return</span> <a class="code" href="classKSSLCertificate.html#b0f3499c141ff191c79ff7d513dcb609">validate</a>(KSSLCertificate::SSLServer); <a name="l00592"></a>00592 } <a name="l00593"></a>00593 <a name="l00594"></a><a class="code" href="classKSSLCertificate.html#9f8261cd828ea1a820acfc6d1df9d0e6">00594</a> <a class="code" href="classKSSLCertificate.html#2e4a36dd232c6a88307875ad7853a9c5">KSSLCertificate::KSSLValidation</a> <a class="code" href="classKSSLCertificate.html#b0f3499c141ff191c79ff7d513dcb609">KSSLCertificate::validate</a>(<a class="code" href="classKSSLCertificate.html#c4d313c57b6578d672b5de99dbff6402">KSSLCertificate::KSSLPurpose</a> purpose) <a name="l00595"></a>00595 { <a name="l00596"></a>00596 <a class="codeRef" doxygen="qt.tag:" href="qvaluelist.html">KSSLValidationList</a> result = <a class="code" href="classKSSLCertificate.html#808f42cc270d053c6552444e21066720">validateVerbose</a>(purpose); <a name="l00597"></a>00597 <span class="keywordflow">if</span> (result.<a class="codeRef" doxygen="qt.tag:" href="qvaluelist.html#isEmpty">isEmpty</a>()) <a name="l00598"></a>00598 <span class="keywordflow">return</span> KSSLCertificate::Ok; <a name="l00599"></a>00599 <span class="keywordflow">else</span> <a name="l00600"></a>00600 <span class="keywordflow">return</span> result.<a class="codeRef" doxygen="qt.tag:" href="qvaluelist.html#first">first</a>(); <a name="l00601"></a>00601 } <a name="l00602"></a>00602 <a name="l00603"></a>00603 <span class="comment">//</span> <a name="l00604"></a>00604 <span class="comment">// See apps/verify.c in OpenSSL for the source of most of this logic.</span> <a name="l00605"></a>00605 <span class="comment">//</span> <a name="l00606"></a>00606 <a name="l00607"></a>00607 <span class="comment">// CRL files? we don't do that yet</span> <a name="l00608"></a><a class="code" href="classKSSLCertificate.html#808f42cc270d053c6552444e21066720">00608</a> <a class="codeRef" doxygen="qt.tag:" href="qvaluelist.html">KSSLCertificate::KSSLValidationList</a> <a class="code" href="classKSSLCertificate.html#808f42cc270d053c6552444e21066720">KSSLCertificate::validateVerbose</a>(<a class="code" href="classKSSLCertificate.html#c4d313c57b6578d672b5de99dbff6402">KSSLCertificate::KSSLPurpose</a> purpose) <a name="l00609"></a>00609 { <a name="l00610"></a>00610 <span class="keywordflow">return</span> <a class="code" href="classKSSLCertificate.html#808f42cc270d053c6552444e21066720">validateVerbose</a>(purpose, 0); <a name="l00611"></a>00611 } <a name="l00612"></a>00612 <a name="l00613"></a><a class="code" href="classKSSLCertificate.html#b3ccb91dde5a951863bed485fae288e4">00613</a> <a class="codeRef" doxygen="qt.tag:" href="qvaluelist.html">KSSLCertificate::KSSLValidationList</a> <a class="code" href="classKSSLCertificate.html#808f42cc270d053c6552444e21066720">KSSLCertificate::validateVerbose</a>(<a class="code" href="classKSSLCertificate.html#c4d313c57b6578d672b5de99dbff6402">KSSLCertificate::KSSLPurpose</a> purpose, <a class="code" href="classKSSLCertificate.html">KSSLCertificate</a> *ca) <a name="l00614"></a>00614 { <a name="l00615"></a>00615 <a class="codeRef" doxygen="qt.tag:" href="qvaluelist.html">KSSLValidationList</a> errors; <a name="l00616"></a>00616 <span class="keywordflow">if</span> (ca || (d->_lastPurpose != purpose)) { <a name="l00617"></a>00617 d->m_stateCached = <span class="keyword">false</span>; <a name="l00618"></a>00618 } <a name="l00619"></a>00619 <a name="l00620"></a>00620 <span class="keywordflow">if</span> (!d->m_stateCached) <a name="l00621"></a>00621 d->_lastPurpose = purpose; <a name="l00622"></a>00622 <a name="l00623"></a>00623 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span> <a name="l00624"></a>00624 <span class="preprocessor"></span> X509_STORE *certStore; <a name="l00625"></a>00625 X509_LOOKUP *certLookup; <a name="l00626"></a>00626 X509_STORE_CTX *certStoreCTX; <a name="l00627"></a>00627 <span class="keywordtype">int</span> rc = 0; <a name="l00628"></a>00628 <a name="l00629"></a>00629 <span class="keywordflow">if</span> (!d->m_cert) <a name="l00630"></a>00630 { <a name="l00631"></a>00631 errors << KSSLCertificate::Unknown; <a name="l00632"></a>00632 <span class="keywordflow">return</span> errors; <a name="l00633"></a>00633 } <a name="l00634"></a>00634 <a name="l00635"></a>00635 <span class="keywordflow">if</span> (d->m_stateCached) { <a name="l00636"></a>00636 errors << d->m_stateCache; <a name="l00637"></a>00637 <span class="keywordflow">return</span> errors; <a name="l00638"></a>00638 } <a name="l00639"></a>00639 <a name="l00640"></a>00640 <a class="codeRef" doxygen="qt.tag:" href="qstringlist.html">QStringList</a> qsl = KGlobal::dirs()->resourceDirs(<span class="stringliteral">"kssl"</span>); <a name="l00641"></a>00641 <a name="l00642"></a>00642 <span class="keywordflow">if</span> (qsl.isEmpty()) { <a name="l00643"></a>00643 errors << KSSLCertificate::NoCARoot; <a name="l00644"></a>00644 <span class="keywordflow">return</span> errors; <a name="l00645"></a>00645 } <a name="l00646"></a>00646 <a name="l00647"></a>00647 <a class="code" href="classKSSLCertificate.html#2e4a36dd232c6a88307875ad7853a9c5">KSSLCertificate::KSSLValidation</a> ksslv = Unknown; <a name="l00648"></a>00648 <a name="l00649"></a>00649 <span class="keywordflow">for</span> (QStringList::Iterator j = qsl.begin(); j != qsl.end(); ++j) { <a name="l00650"></a>00650 <span class="keyword">struct</span> stat sb; <a name="l00651"></a>00651 <a class="codeRef" doxygen="qt.tag:" href="qstring.html">QString</a> _j = (*j) + <span class="stringliteral">"ca-bundle.crt"</span>; <a name="l00652"></a>00652 <span class="keywordflow">if</span> (-1 == stat(_j.<a class="codeRef" doxygen="qt.tag:" href="qstring.html#ascii">ascii</a>(), &sb)) { <a name="l00653"></a>00653 <span class="keywordflow">continue</span>; <a name="l00654"></a>00654 } <a name="l00655"></a>00655 <a name="l00656"></a>00656 certStore = d->kossl->X509_STORE_new(); <a name="l00657"></a>00657 <span class="keywordflow">if</span> (!certStore) { <a name="l00658"></a>00658 errors << KSSLCertificate::Unknown; <a name="l00659"></a>00659 <span class="keywordflow">return</span> errors; <a name="l00660"></a>00660 } <a name="l00661"></a>00661 <a name="l00662"></a>00662 X509_STORE_set_verify_cb_func(certStore, X509Callback); <a name="l00663"></a>00663 <a name="l00664"></a>00664 certLookup = d->kossl->X509_STORE_add_lookup(certStore, d->kossl->X509_LOOKUP_file()); <a name="l00665"></a>00665 <span class="keywordflow">if</span> (!certLookup) { <a name="l00666"></a>00666 ksslv = KSSLCertificate::Unknown; <a name="l00667"></a>00667 d->kossl->X509_STORE_free(certStore); <a name="l00668"></a>00668 <span class="keywordflow">continue</span>; <a name="l00669"></a>00669 } <a name="l00670"></a>00670 <a name="l00671"></a>00671 <span class="keywordflow">if</span> (!d->kossl->X509_LOOKUP_load_file(certLookup, _j.<a class="codeRef" doxygen="qt.tag:" href="qstring.html#ascii">ascii</a>(), X509_FILETYPE_PEM)) { <a name="l00672"></a>00672 <span class="comment">// error accessing directory and loading pems</span> <a name="l00673"></a>00673 kdDebug(7029) << <span class="stringliteral">"KSSL couldn't read CA root: "</span> <a name="l00674"></a>00674 << _j << endl; <a name="l00675"></a>00675 ksslv = KSSLCertificate::ErrorReadingRoot; <a name="l00676"></a>00676 d->kossl->X509_STORE_free(certStore); <a name="l00677"></a>00677 <span class="keywordflow">continue</span>; <a name="l00678"></a>00678 } <a name="l00679"></a>00679 <a name="l00680"></a>00680 <span class="comment">// This is the checking code</span> <a name="l00681"></a>00681 certStoreCTX = d->kossl->X509_STORE_CTX_new(); <a name="l00682"></a>00682 <a name="l00683"></a>00683 <span class="comment">// this is a bad error - could mean no free memory.</span> <a name="l00684"></a>00684 <span class="comment">// This may be the wrong thing to do here</span> <a name="l00685"></a>00685 <span class="keywordflow">if</span> (!certStoreCTX) { <a name="l00686"></a>00686 kdDebug(7029) << <span class="stringliteral">"KSSL couldn't create an X509 store context."</span> << endl; <a name="l00687"></a>00687 d->kossl->X509_STORE_free(certStore); <a name="l00688"></a>00688 <span class="keywordflow">continue</span>; <a name="l00689"></a>00689 } <a name="l00690"></a>00690 <a name="l00691"></a>00691 d->kossl->X509_STORE_CTX_init(certStoreCTX, certStore, d->m_cert, NULL); <a name="l00692"></a>00692 <span class="keywordflow">if</span> (d->_chain.isValid()) { <a name="l00693"></a>00693 d->kossl->X509_STORE_CTX_set_chain(certStoreCTX, (STACK_OF(X509)*)d->_chain.rawChain()); <a name="l00694"></a>00694 } <a name="l00695"></a>00695 <a name="l00696"></a>00696 <span class="comment">//kdDebug(7029) << "KSSL setting CRL.............." << endl;</span> <a name="l00697"></a>00697 <span class="comment">// int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x);</span> <a name="l00698"></a>00698 <a name="l00699"></a>00699 d->kossl->X509_STORE_CTX_set_purpose(certStoreCTX, purposeToOpenSSL(purpose)); <a name="l00700"></a>00700 <a name="l00701"></a>00701 KSSL_X509CallBack_ca = ca ? ca-><a class="code" href="classKSSLCertificate.html#86e442b425d74a20f51198d429690eda">d</a>->m_cert : 0; <a name="l00702"></a>00702 KSSL_X509CallBack_ca_found = <span class="keyword">false</span>; <a name="l00703"></a>00703 <a name="l00704"></a>00704 certStoreCTX->error = X509_V_OK; <a name="l00705"></a>00705 rc = d->kossl->X509_verify_cert(certStoreCTX); <a name="l00706"></a>00706 <span class="keywordtype">int</span> errcode = certStoreCTX->error; <a name="l00707"></a>00707 <span class="keywordflow">if</span> (ca && !KSSL_X509CallBack_ca_found) { <a name="l00708"></a>00708 ksslv = KSSLCertificate::Irrelevant; <a name="l00709"></a>00709 } <span class="keywordflow">else</span> { <a name="l00710"></a>00710 ksslv = <a class="code" href="classKSSLCertificate.html#7a2fe2dee62561f013a66a2a828d7b09">processError</a>(errcode); <a name="l00711"></a>00711 } <a name="l00712"></a>00712 <span class="comment">// For servers, we can try NS_SSL_SERVER too</span> <a name="l00713"></a>00713 <span class="keywordflow">if</span> ( (ksslv != KSSLCertificate::Ok) && <a name="l00714"></a>00714 (ksslv != KSSLCertificate::Irrelevant) && <a name="l00715"></a>00715 purpose == KSSLCertificate::SSLServer) { <a name="l00716"></a>00716 d->kossl->X509_STORE_CTX_set_purpose(certStoreCTX, <a name="l00717"></a>00717 X509_PURPOSE_NS_SSL_SERVER); <a name="l00718"></a>00718 <a name="l00719"></a>00719 certStoreCTX->error = X509_V_OK; <a name="l00720"></a>00720 rc = d->kossl->X509_verify_cert(certStoreCTX); <a name="l00721"></a>00721 errcode = certStoreCTX->error; <a name="l00722"></a>00722 ksslv = <a class="code" href="classKSSLCertificate.html#7a2fe2dee62561f013a66a2a828d7b09">processError</a>(errcode); <a name="l00723"></a>00723 } <a name="l00724"></a>00724 d->kossl->X509_STORE_CTX_free(certStoreCTX); <a name="l00725"></a>00725 d->kossl->X509_STORE_free(certStore); <a name="l00726"></a>00726 <span class="comment">// end of checking code</span> <a name="l00727"></a>00727 <span class="comment">//</span> <a name="l00728"></a>00728 <a name="l00729"></a>00729 <span class="comment">//kdDebug(7029) << "KSSL Validation procedure RC: " </span> <a name="l00730"></a>00730 <span class="comment">// << rc << endl;</span> <a name="l00731"></a>00731 <span class="comment">//kdDebug(7029) << "KSSL Validation procedure errcode: "</span> <a name="l00732"></a>00732 <span class="comment">// << errcode << endl;</span> <a name="l00733"></a>00733 <span class="comment">//kdDebug(7029) << "KSSL Validation procedure RESULTS: "</span> <a name="l00734"></a>00734 <span class="comment">// << ksslv << endl;</span> <a name="l00735"></a>00735 <a name="l00736"></a>00736 <span class="keywordflow">if</span> (ksslv != NoCARoot && ksslv != InvalidCA) { <a name="l00737"></a>00737 d->m_stateCached = <span class="keyword">true</span>; <a name="l00738"></a>00738 d->m_stateCache = ksslv; <a name="l00739"></a>00739 } <a name="l00740"></a>00740 <span class="keywordflow">break</span>; <a name="l00741"></a>00741 } <a name="l00742"></a>00742 <a name="l00743"></a>00743 <span class="keywordflow">if</span> (ksslv != KSSLCertificate::Ok) <a name="l00744"></a>00744 errors << ksslv; <a name="l00745"></a>00745 <span class="preprocessor">#else</span> <a name="l00746"></a>00746 <span class="preprocessor"></span> errors << KSSLCertificate::NoSSL; <a name="l00747"></a>00747 <span class="preprocessor">#endif</span> <a name="l00748"></a>00748 <span class="preprocessor"></span> <span class="keywordflow">return</span> errors; <a name="l00749"></a>00749 } <a name="l00750"></a>00750 <a name="l00751"></a>00751 <a name="l00752"></a>00752 <a name="l00753"></a><a class="code" href="classKSSLCertificate.html#385d22e68fc6529820f06c7111aff3a9">00753</a> <a class="code" href="classKSSLCertificate.html#2e4a36dd232c6a88307875ad7853a9c5">KSSLCertificate::KSSLValidation</a> <a class="code" href="classKSSLCertificate.html#385d22e68fc6529820f06c7111aff3a9">KSSLCertificate::revalidate</a>() { <a name="l00754"></a>00754 <span class="keywordflow">return</span> <a class="code" href="classKSSLCertificate.html#385d22e68fc6529820f06c7111aff3a9">revalidate</a>(KSSLCertificate::SSLServer); <a name="l00755"></a>00755 } <a name="l00756"></a>00756 <a name="l00757"></a>00757 <a name="l00758"></a><a class="code" href="classKSSLCertificate.html#d5be0b928cd4fda9ab8923938b07e39a">00758</a> <a class="code" href="classKSSLCertificate.html#2e4a36dd232c6a88307875ad7853a9c5">KSSLCertificate::KSSLValidation</a> <a class="code" href="classKSSLCertificate.html#385d22e68fc6529820f06c7111aff3a9">KSSLCertificate::revalidate</a>(<a class="code" href="classKSSLCertificate.html#c4d313c57b6578d672b5de99dbff6402">KSSLCertificate::KSSLPurpose</a> p) { <a name="l00759"></a>00759 d->m_stateCached = <span class="keyword">false</span>; <a name="l00760"></a>00760 <span class="keywordflow">return</span> <a class="code" href="classKSSLCertificate.html#b0f3499c141ff191c79ff7d513dcb609">validate</a>(p); <a name="l00761"></a>00761 } <a name="l00762"></a>00762 <a name="l00763"></a>00763 <a name="l00764"></a><a class="code" href="classKSSLCertificate.html#7a2fe2dee62561f013a66a2a828d7b09">00764</a> <a class="code" href="classKSSLCertificate.html#2e4a36dd232c6a88307875ad7853a9c5">KSSLCertificate::KSSLValidation</a> <a class="code" href="classKSSLCertificate.html#7a2fe2dee62561f013a66a2a828d7b09">KSSLCertificate::processError</a>(<span class="keywordtype">int</span> ec) { <a name="l00765"></a>00765 <a class="code" href="classKSSLCertificate.html#2e4a36dd232c6a88307875ad7853a9c5">KSSLCertificate::KSSLValidation</a> rc; <a name="l00766"></a>00766 <a name="l00767"></a>00767 rc = KSSLCertificate::Unknown; <a name="l00768"></a>00768 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span> <a name="l00769"></a>00769 <span class="preprocessor"></span> <span class="keywordflow">switch</span> (ec) { <a name="l00770"></a>00770 <span class="keywordflow">case</span> X509_V_OK: <span class="comment">// OK</span> <a name="l00771"></a>00771 rc = KSSLCertificate::Ok; <a name="l00772"></a>00772 <span class="keywordflow">break</span>; <a name="l00773"></a>00773 <a name="l00774"></a>00774 <a name="l00775"></a>00775 <span class="keywordflow">case</span> X509_V_ERR_CERT_REJECTED: <a name="l00776"></a>00776 rc = KSSLCertificate::Rejected; <a name="l00777"></a>00777 <span class="keywordflow">break</span>; <a name="l00778"></a>00778 <a name="l00779"></a>00779 <a name="l00780"></a>00780 <span class="keywordflow">case</span> X509_V_ERR_CERT_UNTRUSTED: <a name="l00781"></a>00781 rc = KSSLCertificate::Untrusted; <a name="l00782"></a>00782 <span class="keywordflow">break</span>; <a name="l00783"></a>00783 <a name="l00784"></a>00784 <a name="l00785"></a>00785 <span class="keywordflow">case</span> X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: <a name="l00786"></a>00786 <span class="keywordflow">case</span> X509_V_ERR_CERT_SIGNATURE_FAILURE: <a name="l00787"></a>00787 <span class="keywordflow">case</span> X509_V_ERR_CRL_SIGNATURE_FAILURE: <a name="l00788"></a>00788 <span class="keywordflow">case</span> X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: <a name="l00789"></a>00789 <span class="keywordflow">case</span> X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE: <a name="l00790"></a>00790 rc = KSSLCertificate::SignatureFailed; <a name="l00791"></a>00791 <span class="keywordflow">break</span>; <a name="l00792"></a>00792 <a name="l00793"></a>00793 <span class="keywordflow">case</span> X509_V_ERR_INVALID_CA: <a name="l00794"></a>00794 <span class="keywordflow">case</span> X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: <a name="l00795"></a>00795 <span class="keywordflow">case</span> X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY: <a name="l00796"></a>00796 <span class="keywordflow">case</span> X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: <a name="l00797"></a>00797 rc = KSSLCertificate::InvalidCA; <a name="l00798"></a>00798 <span class="keywordflow">break</span>; <a name="l00799"></a>00799 <a name="l00800"></a>00800 <a name="l00801"></a>00801 <span class="keywordflow">case</span> X509_V_ERR_INVALID_PURPOSE: <a name="l00802"></a>00802 rc = KSSLCertificate::InvalidPurpose; <a name="l00803"></a>00803 <span class="keywordflow">break</span>; <a name="l00804"></a>00804 <a name="l00805"></a>00805 <a name="l00806"></a>00806 <span class="keywordflow">case</span> X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: <a name="l00807"></a>00807 rc = KSSLCertificate::SelfSigned; <a name="l00808"></a>00808 <span class="keywordflow">break</span>; <a name="l00809"></a>00809 <a name="l00810"></a>00810 <span class="keywordflow">case</span> X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: <a name="l00811"></a>00811 rc = KSSLCertificate::SelfSignedChain; <a name="l00812"></a>00812 <span class="keywordflow">break</span>; <a name="l00813"></a>00813 <a name="l00814"></a>00814 <span class="keywordflow">case</span> X509_V_ERR_CERT_REVOKED: <a name="l00815"></a>00815 rc = KSSLCertificate::Revoked; <a name="l00816"></a>00816 <span class="keywordflow">break</span>; <a name="l00817"></a>00817 <a name="l00818"></a>00818 <span class="keywordflow">case</span> X509_V_ERR_PATH_LENGTH_EXCEEDED: <a name="l00819"></a>00819 rc = KSSLCertificate::PathLengthExceeded; <a name="l00820"></a>00820 <span class="keywordflow">break</span>; <a name="l00821"></a>00821 <a name="l00822"></a>00822 <span class="keywordflow">case</span> X509_V_ERR_CERT_NOT_YET_VALID: <a name="l00823"></a>00823 <span class="keywordflow">case</span> X509_V_ERR_CERT_HAS_EXPIRED: <a name="l00824"></a>00824 <span class="keywordflow">case</span> X509_V_ERR_CRL_NOT_YET_VALID: <a name="l00825"></a>00825 <span class="keywordflow">case</span> X509_V_ERR_CRL_HAS_EXPIRED: <a name="l00826"></a>00826 <span class="keywordflow">case</span> X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: <a name="l00827"></a>00827 <span class="keywordflow">case</span> X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: <a name="l00828"></a>00828 <span class="keywordflow">case</span> X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD: <a name="l00829"></a>00829 <span class="keywordflow">case</span> X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD: <a name="l00830"></a>00830 rc = KSSLCertificate::Expired; <a name="l00831"></a>00831 kdDebug(7029) << <span class="stringliteral">"KSSL apparently this is expired. Not after: "</span> <a name="l00832"></a>00832 << <a class="code" href="classKSSLCertificate.html#1750d3fec00b94f790ec25c7fa2f434f">getNotAfter</a>() << endl; <a name="l00833"></a>00833 <span class="keywordflow">break</span>; <a name="l00834"></a>00834 <a name="l00835"></a>00835 <span class="comment">//case 1:</span> <a name="l00836"></a>00836 <span class="keywordflow">case</span> X509_V_ERR_APPLICATION_VERIFICATION: <a name="l00837"></a>00837 <span class="keywordflow">case</span> X509_V_ERR_OUT_OF_MEM: <a name="l00838"></a>00838 <span class="keywordflow">case</span> X509_V_ERR_UNABLE_TO_GET_CRL: <a name="l00839"></a>00839 <span class="keywordflow">case</span> X509_V_ERR_CERT_CHAIN_TOO_LONG: <a name="l00840"></a>00840 <span class="keywordflow">default</span>: <a name="l00841"></a>00841 rc = KSSLCertificate::Unknown; <a name="l00842"></a>00842 <span class="keywordflow">break</span>; <a name="l00843"></a>00843 } <a name="l00844"></a>00844 <a name="l00845"></a>00845 d->m_stateCache = rc; <a name="l00846"></a>00846 d->m_stateCached = <span class="keyword">true</span>; <a name="l00847"></a>00847 <span class="preprocessor">#endif</span> <a name="l00848"></a>00848 <span class="preprocessor"></span><span class="keywordflow">return</span> rc; <a name="l00849"></a>00849 } <a name="l00850"></a>00850 <a name="l00851"></a>00851 <a name="l00852"></a><a class="code" href="classKSSLCertificate.html#dfc2a0ba40feaaec6e43a4eff5eedcf9">00852</a> <a class="codeRef" doxygen="qt.tag:" href="qstring.html">QString</a> <a class="code" href="classKSSLCertificate.html#dfc2a0ba40feaaec6e43a4eff5eedcf9">KSSLCertificate::getNotBefore</a>()<span class="keyword"> const </span>{ <a name="l00853"></a>00853 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span> <a name="l00854"></a>00854 <span class="preprocessor"></span><span class="keywordflow">return</span> ASN1_UTCTIME_QString(X509_get_notBefore(d->m_cert)); <a name="l00855"></a>00855 <span class="preprocessor">#else</span> <a name="l00856"></a>00856 <span class="preprocessor"></span><span class="keywordflow">return</span> QString::null; <a name="l00857"></a>00857 <span class="preprocessor">#endif</span> <a name="l00858"></a>00858 <span class="preprocessor"></span>} <a name="l00859"></a>00859 <a name="l00860"></a>00860 <a name="l00861"></a><a class="code" href="classKSSLCertificate.html#1750d3fec00b94f790ec25c7fa2f434f">00861</a> <a class="codeRef" doxygen="qt.tag:" href="qstring.html">QString</a> <a class="code" href="classKSSLCertificate.html#1750d3fec00b94f790ec25c7fa2f434f">KSSLCertificate::getNotAfter</a>()<span class="keyword"> const </span>{ <a name="l00862"></a>00862 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span> <a name="l00863"></a>00863 <span class="preprocessor"></span><span class="keywordflow">return</span> ASN1_UTCTIME_QString(X509_get_notAfter(d->m_cert)); <a name="l00864"></a>00864 <span class="preprocessor">#else</span> <a name="l00865"></a>00865 <span class="preprocessor"></span><span class="keywordflow">return</span> QString::null; <a name="l00866"></a>00866 <span class="preprocessor">#endif</span> <a name="l00867"></a>00867 <span class="preprocessor"></span>} <a name="l00868"></a>00868 <a name="l00869"></a>00869 <a name="l00870"></a><a class="code" href="classKSSLCertificate.html#e38e8ea8faa1115277983e31e5710742">00870</a> <a class="codeRef" doxygen="qt.tag:" href="qdatetime.html">QDateTime</a> <a class="code" href="classKSSLCertificate.html#e38e8ea8faa1115277983e31e5710742">KSSLCertificate::getQDTNotBefore</a>()<span class="keyword"> const </span>{ <a name="l00871"></a>00871 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span> <a name="l00872"></a>00872 <span class="preprocessor"></span><span class="keywordflow">return</span> ASN1_UTCTIME_QDateTime(X509_get_notBefore(d->m_cert), NULL); <a name="l00873"></a>00873 <span class="preprocessor">#else</span> <a name="l00874"></a>00874 <span class="preprocessor"></span><span class="keywordflow">return</span> <a class="codeRef" doxygen="qt.tag:" href="qdatetime.html#currentDateTime-2">QDateTime::currentDateTime</a>(); <a name="l00875"></a>00875 <span class="preprocessor">#endif</span> <a name="l00876"></a>00876 <span class="preprocessor"></span>} <a name="l00877"></a>00877 <a name="l00878"></a>00878 <a name="l00879"></a><a class="code" href="classKSSLCertificate.html#8615373781894a8cb8d268f9f94fcb87">00879</a> <a class="codeRef" doxygen="qt.tag:" href="qdatetime.html">QDateTime</a> <a class="code" href="classKSSLCertificate.html#8615373781894a8cb8d268f9f94fcb87">KSSLCertificate::getQDTNotAfter</a>()<span class="keyword"> const </span>{ <a name="l00880"></a>00880 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span> <a name="l00881"></a>00881 <span class="preprocessor"></span><span class="keywordflow">return</span> ASN1_UTCTIME_QDateTime(X509_get_notAfter(d->m_cert), NULL); <a name="l00882"></a>00882 <span class="preprocessor">#else</span> <a name="l00883"></a>00883 <span class="preprocessor"></span><span class="keywordflow">return</span> <a class="codeRef" doxygen="qt.tag:" href="qdatetime.html#currentDateTime-2">QDateTime::currentDateTime</a>(); <a name="l00884"></a>00884 <span class="preprocessor">#endif</span> <a name="l00885"></a>00885 <span class="preprocessor"></span>} <a name="l00886"></a>00886 <a name="l00887"></a>00887 <a name="l00888"></a><a class="code" href="classKSSLCertificate.html#e039f4a8b10021519e1926fe6746f313">00888</a> <span class="keywordtype">int</span> operator==(<a class="code" href="classKSSLCertificate.html">KSSLCertificate</a> &x, <a class="code" href="classKSSLCertificate.html">KSSLCertificate</a> &y) { <a name="l00889"></a>00889 <span class="preprocessor">#ifndef KSSL_HAVE_SSL</span> <a name="l00890"></a>00890 <span class="preprocessor"></span> <span class="keywordflow">return</span> 1; <a name="l00891"></a>00891 <span class="preprocessor">#else</span> <a name="l00892"></a>00892 <span class="preprocessor"></span> <span class="keywordflow">if</span> (!KOSSL::self()->X509_cmp(x.<a class="code" href="classKSSLCertificate.html#1b8d423e500050c5e7b8892d9b4f163e">getCert</a>(), y.<a class="code" href="classKSSLCertificate.html#1b8d423e500050c5e7b8892d9b4f163e">getCert</a>())) <span class="keywordflow">return</span> 1; <a name="l00893"></a>00893 <span class="keywordflow">return</span> 0; <a name="l00894"></a>00894 <span class="preprocessor">#endif</span> <a name="l00895"></a>00895 <span class="preprocessor"></span>} <a name="l00896"></a>00896 <a name="l00897"></a>00897 <a name="l00898"></a><a class="code" href="classKSSLCertificate.html#f05f9d608f93ca71a2b353bb48a224c6">00898</a> <a class="code" href="classKSSLCertificate.html">KSSLCertificate</a> *<a class="code" href="classKSSLCertificate.html#f05f9d608f93ca71a2b353bb48a224c6">KSSLCertificate::replicate</a>() { <a name="l00899"></a>00899 <span class="comment">// The new certificate doesn't have the cached value. It's probably</span> <a name="l00900"></a>00900 <span class="comment">// better this way. We can't anticipate every reason for doing this.</span> <a name="l00901"></a>00901 <a class="code" href="classKSSLCertificate.html">KSSLCertificate</a> *newOne = <span class="keyword">new</span> <a class="code" href="classKSSLCertificate.html#27be3d2e0cefa8a05b54721ab750bbef">KSSLCertificate</a>(); <a name="l00902"></a>00902 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span> <a name="l00903"></a>00903 <span class="preprocessor"></span> newOne-><a class="code" href="classKSSLCertificate.html#f8609d00c4b29f2faa69dd7edc2566ba">setCert</a>(d->kossl->X509_dup(<a class="code" href="classKSSLCertificate.html#1b8d423e500050c5e7b8892d9b4f163e">getCert</a>())); <a name="l00904"></a>00904 <a class="code" href="classKSSLCertChain.html">KSSLCertChain</a> *c = d->_chain.replicate(); <a name="l00905"></a>00905 newOne-><a class="code" href="classKSSLCertificate.html#755ca88aa2625a230fa9b0f0d040e19f">setChain</a>(c-><a class="code" href="classKSSLCertChain.html#ff079cbb61e376a773a2a6e192bcb495">rawChain</a>()); <a name="l00906"></a>00906 <span class="keyword">delete</span> c; <a name="l00907"></a>00907 <span class="preprocessor">#endif</span> <a name="l00908"></a>00908 <span class="preprocessor"></span><span class="keywordflow">return</span> newOne; <a name="l00909"></a>00909 } <a name="l00910"></a>00910 <a name="l00911"></a>00911 <a name="l00912"></a><a class="code" href="classKSSLCertificate.html#bf9118acbd91f924914cf993820150df">00912</a> <a class="codeRef" doxygen="qt.tag:" href="qstring.html">QString</a> <a class="code" href="classKSSLCertificate.html#bf9118acbd91f924914cf993820150df">KSSLCertificate::toString</a>() { <a name="l00913"></a>00913 <span class="keywordflow">return</span> KCodecs::base64Encode(<a class="code" href="classKSSLCertificate.html#89ed3cc2ff9165eda4cb5cb332d70ac2">toDer</a>()); <a name="l00914"></a>00914 } <a name="l00915"></a>00915 <a name="l00916"></a>00916 <a name="l00917"></a><a class="code" href="classKSSLCertificate.html#7c9be1daa6bb52fce8843f96f9192bed">00917</a> <a class="codeRef" doxygen="qt.tag:" href="qstring.html">QString</a> <a class="code" href="classKSSLCertificate.html#7c9be1daa6bb52fce8843f96f9192bed">KSSLCertificate::verifyText</a>(<a class="code" href="classKSSLCertificate.html#2e4a36dd232c6a88307875ad7853a9c5">KSSLValidation</a> x) { <a name="l00918"></a>00918 <span class="keywordflow">switch</span> (x) { <a name="l00919"></a>00919 <span class="keywordflow">case</span> KSSLCertificate::Ok: <a name="l00920"></a>00920 <span class="keywordflow">return</span> i18n(<span class="stringliteral">"The certificate is valid."</span>); <a name="l00921"></a>00921 <span class="keywordflow">case</span> KSSLCertificate::PathLengthExceeded: <a name="l00922"></a>00922 <span class="keywordflow">case</span> KSSLCertificate::ErrorReadingRoot: <a name="l00923"></a>00923 <span class="keywordflow">case</span> KSSLCertificate::NoCARoot: <a name="l00924"></a>00924 <span class="keywordflow">return</span> i18n(<span class="stringliteral">"Certificate signing authority root files could not be found so the certificate is not verified."</span>); <a name="l00925"></a>00925 <span class="keywordflow">case</span> KSSLCertificate::SelfSignedChain: <a name="l00926"></a>00926 <span class="keywordflow">case</span> KSSLCertificate::InvalidCA: <a name="l00927"></a>00927 <span class="keywordflow">return</span> i18n(<span class="stringliteral">"Certificate signing authority is unknown or invalid."</span>); <a name="l00928"></a>00928 <span class="keywordflow">case</span> KSSLCertificate::SelfSigned: <a name="l00929"></a>00929 <span class="keywordflow">return</span> i18n(<span class="stringliteral">"Certificate is self-signed and thus may not be trustworthy."</span>); <a name="l00930"></a>00930 <span class="keywordflow">case</span> KSSLCertificate::Expired: <a name="l00931"></a>00931 <span class="keywordflow">return</span> i18n(<span class="stringliteral">"Certificate has expired."</span>); <a name="l00932"></a>00932 <span class="keywordflow">case</span> KSSLCertificate::Revoked: <a name="l00933"></a>00933 <span class="keywordflow">return</span> i18n(<span class="stringliteral">"Certificate has been revoked."</span>); <a name="l00934"></a>00934 <span class="keywordflow">case</span> KSSLCertificate::NoSSL: <a name="l00935"></a>00935 <span class="keywordflow">return</span> i18n(<span class="stringliteral">"SSL support was not found."</span>); <a name="l00936"></a>00936 <span class="keywordflow">case</span> KSSLCertificate::Untrusted: <a name="l00937"></a>00937 <span class="keywordflow">return</span> i18n(<span class="stringliteral">"Signature is untrusted."</span>); <a name="l00938"></a>00938 <span class="keywordflow">case</span> KSSLCertificate::SignatureFailed: <a name="l00939"></a>00939 <span class="keywordflow">return</span> i18n(<span class="stringliteral">"Signature test failed."</span>); <a name="l00940"></a>00940 <span class="keywordflow">case</span> KSSLCertificate::Rejected: <a name="l00941"></a>00941 <span class="keywordflow">case</span> KSSLCertificate::InvalidPurpose: <a name="l00942"></a>00942 <span class="keywordflow">return</span> i18n(<span class="stringliteral">"Rejected, possibly due to an invalid purpose."</span>); <a name="l00943"></a>00943 <span class="keywordflow">case</span> KSSLCertificate::PrivateKeyFailed: <a name="l00944"></a>00944 <span class="keywordflow">return</span> i18n(<span class="stringliteral">"Private key test failed."</span>); <a name="l00945"></a>00945 <span class="keywordflow">case</span> KSSLCertificate::InvalidHost: <a name="l00946"></a>00946 <span class="keywordflow">return</span> i18n(<span class="stringliteral">"The certificate has not been issued for this host."</span>); <a name="l00947"></a>00947 <span class="keywordflow">case</span> KSSLCertificate::Irrelevant: <a name="l00948"></a>00948 <span class="keywordflow">return</span> i18n(<span class="stringliteral">"This certificate is not relevant."</span>); <a name="l00949"></a>00949 <span class="keywordflow">default</span>: <a name="l00950"></a>00950 <span class="keywordflow">break</span>; <a name="l00951"></a>00951 } <a name="l00952"></a>00952 <a name="l00953"></a>00953 <span class="keywordflow">return</span> i18n(<span class="stringliteral">"The certificate is invalid."</span>); <a name="l00954"></a>00954 } <a name="l00955"></a>00955 <a name="l00956"></a>00956 <a name="l00957"></a><a class="code" href="classKSSLCertificate.html#89ed3cc2ff9165eda4cb5cb332d70ac2">00957</a> <a class="codeRef" doxygen="qt.tag:" href="qbytearray.html">QByteArray</a> <a class="code" href="classKSSLCertificate.html#89ed3cc2ff9165eda4cb5cb332d70ac2">KSSLCertificate::toDer</a>() { <a name="l00958"></a>00958 <a class="codeRef" doxygen="qt.tag:" href="qbytearray.html">QByteArray</a> qba; <a name="l00959"></a>00959 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span> <a name="l00960"></a>00960 <span class="preprocessor"></span><span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> certlen = d->kossl->i2d_X509(<a class="code" href="classKSSLCertificate.html#1b8d423e500050c5e7b8892d9b4f163e">getCert</a>(), NULL); <a name="l00961"></a>00961 <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *cert = <span class="keyword">new</span> <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span>[certlen]; <a name="l00962"></a>00962 <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *p = cert; <a name="l00963"></a>00963 <span class="comment">// FIXME: return code!</span> <a name="l00964"></a>00964 d->kossl->i2d_X509(<a class="code" href="classKSSLCertificate.html#1b8d423e500050c5e7b8892d9b4f163e">getCert</a>(), &p); <a name="l00965"></a>00965 <a name="l00966"></a>00966 <span class="comment">// encode it into a QString</span> <a name="l00967"></a>00967 qba.duplicate((<span class="keyword">const</span> <span class="keywordtype">char</span>*)cert, certlen); <a name="l00968"></a>00968 <span class="keyword">delete</span>[] cert; <a name="l00969"></a>00969 <span class="preprocessor">#endif</span> <a name="l00970"></a>00970 <span class="preprocessor"></span><span class="keywordflow">return</span> qba; <a name="l00971"></a>00971 } <a name="l00972"></a>00972 <a name="l00973"></a>00973 <a name="l00974"></a>00974 <a name="l00975"></a><a class="code" href="classKSSLCertificate.html#e5de926e7edf4dfeae70ab46fe3740fb">00975</a> <a class="codeRef" doxygen="qt.tag:" href="qbytearray.html">QByteArray</a> <a class="code" href="classKSSLCertificate.html#e5de926e7edf4dfeae70ab46fe3740fb">KSSLCertificate::toPem</a>() { <a name="l00976"></a>00976 <a class="codeRef" doxygen="qt.tag:" href="qbytearray.html">QByteArray</a> qba; <a name="l00977"></a>00977 <a class="codeRef" doxygen="qt.tag:" href="qstring.html">QString</a> thecert = <a class="code" href="classKSSLCertificate.html#bf9118acbd91f924914cf993820150df">toString</a>(); <a name="l00978"></a>00978 <span class="keyword">const</span> <span class="keywordtype">char</span> *header = <span class="stringliteral">"-----BEGIN CERTIFICATE-----\n"</span>; <a name="l00979"></a>00979 <span class="keyword">const</span> <span class="keywordtype">char</span> *footer = <span class="stringliteral">"-----END CERTIFICATE-----\n"</span>; <a name="l00980"></a>00980 <a name="l00981"></a>00981 <span class="comment">// We just do base64 on the ASN1</span> <a name="l00982"></a>00982 <span class="comment">// 64 character lines (unpadded)</span> <a name="l00983"></a>00983 <span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> xx = thecert.<a class="codeRef" doxygen="qt.tag:" href="qstring.html#length">length</a>() - 1; <a name="l00984"></a>00984 <span class="keywordflow">for</span> (<span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> i = 0; i < xx/64; i++) { <a name="l00985"></a>00985 thecert.<a class="codeRef" doxygen="qt.tag:" href="qstring.html#insert">insert</a>(64*(i+1)+i, <span class="charliteral">'\n'</span>); <a name="l00986"></a>00986 } <a name="l00987"></a>00987 <a name="l00988"></a>00988 thecert.<a class="codeRef" doxygen="qt.tag:" href="qstring.html#prepend">prepend</a>(header); <a name="l00989"></a>00989 <a name="l00990"></a>00990 <span class="keywordflow">if</span> (thecert[thecert.<a class="codeRef" doxygen="qt.tag:" href="qstring.html#length">length</a>()-1] != <span class="charliteral">'\n'</span>) <a name="l00991"></a>00991 thecert += <span class="stringliteral">"\n"</span>; <a name="l00992"></a>00992 <a name="l00993"></a>00993 thecert.<a class="codeRef" doxygen="qt.tag:" href="qstring.html#append">append</a>(footer); <a name="l00994"></a>00994 <a name="l00995"></a>00995 qba.duplicate(thecert.<a class="codeRef" doxygen="qt.tag:" href="qstring.html#local8Bit">local8Bit</a>(), thecert.<a class="codeRef" doxygen="qt.tag:" href="qstring.html#length">length</a>()); <a name="l00996"></a>00996 <span class="keywordflow">return</span> qba; <a name="l00997"></a>00997 } <a name="l00998"></a>00998 <a name="l00999"></a>00999 <a name="l01000"></a>01000 <span class="preprocessor">#define NETSCAPE_CERT_HDR "certificate"</span> <a name="l01001"></a>01001 <span class="preprocessor"></span> <a name="l01002"></a>01002 <span class="comment">// what a piece of crap this is</span> <a name="l01003"></a><a class="code" href="classKSSLCertificate.html#8c74e113239238b63dd5b5afb8271b1a">01003</a> <a class="codeRef" doxygen="qt.tag:" href="qbytearray.html">QByteArray</a> <a class="code" href="classKSSLCertificate.html#8c74e113239238b63dd5b5afb8271b1a">KSSLCertificate::toNetscape</a>() { <a name="l01004"></a>01004 <a class="codeRef" doxygen="qt.tag:" href="qbytearray.html">QByteArray</a> qba; <a name="l01005"></a>01005 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span> <a name="l01006"></a>01006 <span class="preprocessor"></span>ASN1_HEADER ah; <a name="l01007"></a>01007 ASN1_OCTET_STRING os; <a name="l01008"></a>01008 KTempFile ktf; <a name="l01009"></a>01009 <a name="l01010"></a>01010 os.data = (<span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *)NETSCAPE_CERT_HDR; <a name="l01011"></a>01011 os.length = strlen(NETSCAPE_CERT_HDR); <a name="l01012"></a>01012 ah.header = &os; <a name="l01013"></a>01013 ah.data = (<span class="keywordtype">char</span> *)<a class="code" href="classKSSLCertificate.html#1b8d423e500050c5e7b8892d9b4f163e">getCert</a>(); <a name="l01014"></a>01014 ah.meth = d->kossl->X509_asn1_meth(); <a name="l01015"></a>01015 <a name="l01016"></a>01016 d->kossl->ASN1_i2d_fp(ktf.fstream(),(<span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *)&ah); <a name="l01017"></a>01017 <a name="l01018"></a>01018 ktf.close(); <a name="l01019"></a>01019 <a name="l01020"></a>01020 <a class="codeRef" doxygen="qt.tag:" href="qfile.html">QFile</a> qf(ktf.name()); <a name="l01021"></a>01021 qf.open(IO_ReadOnly); <a name="l01022"></a>01022 <span class="keywordtype">char</span> *buf = <span class="keyword">new</span> <span class="keywordtype">char</span>[qf.size()]; <a name="l01023"></a>01023 qf.readBlock(buf, qf.size()); <a name="l01024"></a>01024 qba.duplicate(buf, qf.size()); <a name="l01025"></a>01025 qf.close(); <a name="l01026"></a>01026 <span class="keyword">delete</span>[] buf; <a name="l01027"></a>01027 <a name="l01028"></a>01028 ktf.unlink(); <a name="l01029"></a>01029 <a name="l01030"></a>01030 <span class="preprocessor">#endif</span> <a name="l01031"></a>01031 <span class="preprocessor"></span><span class="keywordflow">return</span> qba; <a name="l01032"></a>01032 } <a name="l01033"></a>01033 <a name="l01034"></a>01034 <a name="l01035"></a>01035 <a name="l01036"></a><a class="code" href="classKSSLCertificate.html#f7e2c1530eb581856466c9b640e38918">01036</a> <a class="codeRef" doxygen="qt.tag:" href="qstring.html">QString</a> <a class="code" href="classKSSLCertificate.html#f7e2c1530eb581856466c9b640e38918">KSSLCertificate::toText</a>() { <a name="l01037"></a>01037 <a class="codeRef" doxygen="qt.tag:" href="qstring.html">QString</a> text; <a name="l01038"></a>01038 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span> <a name="l01039"></a>01039 <span class="preprocessor"></span>KTempFile ktf; <a name="l01040"></a>01040 <a name="l01041"></a>01041 d->kossl->X509_print(ktf.fstream(), <a class="code" href="classKSSLCertificate.html#1b8d423e500050c5e7b8892d9b4f163e">getCert</a>()); <a name="l01042"></a>01042 ktf.close(); <a name="l01043"></a>01043 <a name="l01044"></a>01044 <a class="codeRef" doxygen="qt.tag:" href="qfile.html">QFile</a> qf(ktf.name()); <a name="l01045"></a>01045 qf.open(IO_ReadOnly); <a name="l01046"></a>01046 <span class="keywordtype">char</span> *buf = <span class="keyword">new</span> <span class="keywordtype">char</span>[qf.size()+1]; <a name="l01047"></a>01047 qf.readBlock(buf, qf.size()); <a name="l01048"></a>01048 buf[qf.size()] = 0; <a name="l01049"></a>01049 text = buf; <a name="l01050"></a>01050 <span class="keyword">delete</span>[] buf; <a name="l01051"></a>01051 qf.close(); <a name="l01052"></a>01052 ktf.unlink(); <a name="l01053"></a>01053 <span class="preprocessor">#endif</span> <a name="l01054"></a>01054 <span class="preprocessor"></span><span class="keywordflow">return</span> text; <a name="l01055"></a>01055 } <a name="l01056"></a>01056 <a name="l01057"></a>01057 <span class="comment">// KDE 4: Make it const QString &</span> <a name="l01058"></a><a class="code" href="classKSSLCertificate.html#f8609d00c4b29f2faa69dd7edc2566ba">01058</a> <span class="keywordtype">bool</span> <a class="code" href="classKSSLCertificate.html#f8609d00c4b29f2faa69dd7edc2566ba">KSSLCertificate::setCert</a>(<a class="codeRef" doxygen="qt.tag:" href="qstring.html">QString</a>& cert) { <a name="l01059"></a>01059 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span> <a name="l01060"></a>01060 <span class="preprocessor"></span><a class="codeRef" doxygen="qt.tag:" href="qbytearray.html">QByteArray</a> qba, qbb = cert.<a class="codeRef" doxygen="qt.tag:" href="qstring.html#local8Bit">local8Bit</a>().copy(); <a name="l01061"></a>01061 KCodecs::base64Decode(qbb, qba); <a name="l01062"></a>01062 <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *qbap = reinterpret_cast<unsigned char *>(qba.data()); <a name="l01063"></a>01063 X509 *x5c = KOSSL::self()->d2i_X509(NULL, &qbap, qba.size()); <a name="l01064"></a>01064 <span class="keywordflow">if</span> (x5c) { <a name="l01065"></a>01065 <a class="code" href="classKSSLCertificate.html#f8609d00c4b29f2faa69dd7edc2566ba">setCert</a>(x5c); <a name="l01066"></a>01066 <span class="keywordflow">return</span> <span class="keyword">true</span>; <a name="l01067"></a>01067 } <a name="l01068"></a>01068 <span class="preprocessor">#endif</span> <a name="l01069"></a>01069 <span class="preprocessor"></span><span class="keywordflow">return</span> <span class="keyword">false</span>; <a name="l01070"></a>01070 } <a name="l01071"></a>01071 <a name="l01072"></a>01072 <a name="l01073"></a><a class="code" href="classKSSLCertificate.html#100edb1c7cf92fee486f84d288c14f93">01073</a> <a class="code" href="classKSSLX509V3.html">KSSLX509V3</a>& <a class="code" href="classKSSLCertificate.html#100edb1c7cf92fee486f84d288c14f93">KSSLCertificate::x509V3Extensions</a>() { <a name="l01074"></a>01074 <span class="keywordflow">return</span> d->_extensions; <a name="l01075"></a>01075 } <a name="l01076"></a>01076 <a name="l01077"></a>01077 <a name="l01078"></a><a class="code" href="classKSSLCertificate.html#f0bb742d280dfcbb27d71e769df5b74d">01078</a> <span class="keywordtype">bool</span> <a class="code" href="classKSSLCertificate.html#f0bb742d280dfcbb27d71e769df5b74d">KSSLCertificate::isSigner</a>() { <a name="l01079"></a>01079 <span class="keywordflow">return</span> d->_extensions.certTypeCA(); <a name="l01080"></a>01080 } <a name="l01081"></a>01081 <a name="l01082"></a>01082 <a name="l01083"></a><a class="code" href="classKSSLCertificate.html#f422f6d50964c3a792c6b40c000ef8d9">01083</a> <a class="codeRef" doxygen="qt.tag:" href="qstringlist.html">QStringList</a> <a class="code" href="classKSSLCertificate.html#f422f6d50964c3a792c6b40c000ef8d9">KSSLCertificate::subjAltNames</a>()<span class="keyword"> const </span>{ <a name="l01084"></a>01084 <a class="codeRef" doxygen="qt.tag:" href="qstringlist.html">QStringList</a> rc; <a name="l01085"></a>01085 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span> <a name="l01086"></a>01086 <span class="preprocessor"></span> STACK_OF(GENERAL_NAME) *names; <a name="l01087"></a>01087 names = (STACK_OF(GENERAL_NAME)*)d->kossl->X509_get_ext_d2i(d->m_cert, NID_subject_alt_name, 0, 0); <a name="l01088"></a>01088 <a name="l01089"></a>01089 <span class="keywordflow">if</span> (!names) { <a name="l01090"></a>01090 <span class="keywordflow">return</span> rc; <a name="l01091"></a>01091 } <a name="l01092"></a>01092 <a name="l01093"></a>01093 <span class="keywordtype">int</span> cnt = d->kossl->sk_GENERAL_NAME_num(names); <a name="l01094"></a>01094 <a name="l01095"></a>01095 <span class="keywordflow">for</span> (<span class="keywordtype">int</span> i = 0; i < cnt; i++) { <a name="l01096"></a>01096 <span class="keyword">const</span> GENERAL_NAME *val = (<span class="keyword">const</span> GENERAL_NAME *)d->kossl->sk_value(names, i); <a name="l01097"></a>01097 <span class="keywordflow">if</span> (val->type != GEN_DNS) { <a name="l01098"></a>01098 <span class="keywordflow">continue</span>; <a name="l01099"></a>01099 } <a name="l01100"></a>01100 <a name="l01101"></a>01101 <a class="codeRef" doxygen="qt.tag:" href="qstring.html">QString</a> s = (<span class="keyword">const</span> <span class="keywordtype">char</span> *)d->kossl->ASN1_STRING_data(val->d.ia5); <a name="l01102"></a>01102 <span class="keywordflow">if</span> (!s.<a class="codeRef" doxygen="qt.tag:" href="qstring.html#isEmpty">isEmpty</a>()) { <a name="l01103"></a>01103 rc += s; <a name="l01104"></a>01104 } <a name="l01105"></a>01105 } <a name="l01106"></a>01106 d->kossl->sk_free(names); <a name="l01107"></a>01107 <span class="preprocessor">#endif</span> <a name="l01108"></a>01108 <span class="preprocessor"></span> <span class="keywordflow">return</span> rc; <a name="l01109"></a>01109 } <a name="l01110"></a>01110 <a name="l01111"></a>01111 <a name="l01112"></a>01112 <a class="codeRef" doxygen="qt.tag:" href="qdatastream.html">QDataStream</a>& operator<<(<a class="codeRef" doxygen="qt.tag:" href="qdatastream.html">QDataStream</a>& s, <span class="keyword">const</span> <a class="code" href="classKSSLCertificate.html">KSSLCertificate</a>& r) { <a name="l01113"></a>01113 <a class="codeRef" doxygen="qt.tag:" href="qstringlist.html">QStringList</a> qsl; <a name="l01114"></a>01114 <a class="codeRef" doxygen="qt.tag:" href="qptrlist.html">QPtrList<KSSLCertificate></a> cl = const_cast<KSSLCertificate&>(r).chain().getChain(); <a name="l01115"></a>01115 <a name="l01116"></a>01116 <span class="keywordflow">for</span> (<a class="code" href="classKSSLCertificate.html">KSSLCertificate</a> *c = cl.<a class="codeRef" doxygen="qt.tag:" href="qptrlist.html#first">first</a>(); c != 0; c = cl.<a class="codeRef" doxygen="qt.tag:" href="qptrlist.html#next">next</a>()) { <a name="l01117"></a>01117 qsl << c->toString(); <a name="l01118"></a>01118 } <a name="l01119"></a>01119 <a name="l01120"></a>01120 cl.<a class="codeRef" doxygen="qt.tag:" href="qptrlist.html#setAutoDelete">setAutoDelete</a>(<span class="keyword">true</span>); <a name="l01121"></a>01121 <a name="l01122"></a>01122 s << const_cast<KSSLCertificate&>(r).toString() << qsl; <a name="l01123"></a>01123 <a name="l01124"></a>01124 <span class="keywordflow">return</span> s; <a name="l01125"></a>01125 } <a name="l01126"></a>01126 <a name="l01127"></a>01127 <a name="l01128"></a>01128 <a class="codeRef" doxygen="qt.tag:" href="qdatastream.html">QDataStream</a>& operator>>(<a class="codeRef" doxygen="qt.tag:" href="qdatastream.html">QDataStream</a>& s, <a class="code" href="classKSSLCertificate.html">KSSLCertificate</a>& r) { <a name="l01129"></a>01129 <a class="codeRef" doxygen="qt.tag:" href="qstringlist.html">QStringList</a> qsl; <a name="l01130"></a>01130 <a class="codeRef" doxygen="qt.tag:" href="qstring.html">QString</a> cert; <a name="l01131"></a>01131 <a name="l01132"></a>01132 s >> cert >> qsl; <a name="l01133"></a>01133 <a name="l01134"></a>01134 <span class="keywordflow">if</span> (r.<a class="code" href="classKSSLCertificate.html#f8609d00c4b29f2faa69dd7edc2566ba">setCert</a>(cert) && !qsl.isEmpty()) <a name="l01135"></a>01135 r.<a class="code" href="classKSSLCertificate.html#eceb3e8a7e680c3bc5ed802db8940343">chain</a>().<a class="code" href="classKSSLCertChain.html#c12786408f31f477835d1b92ade3dd64">setCertChain</a>(qsl); <a name="l01136"></a>01136 <a name="l01137"></a>01137 <span class="keywordflow">return</span> s; <a name="l01138"></a>01138 } <a name="l01139"></a>01139 <a name="l01140"></a>01140 <a name="l01141"></a>01141 </pre></div> </div></div> </td> </tr> <tr> <td valign="top" id="leftmenu" width="25%"> <a name="navigation"></a> <div class="menu_box"><h2>kio/kssl</h2> <div class="nav_list"> <ul><li><a href="index.html">Main Page</a></li><li><a href="hierarchy.html">Class Hierarchy</a></li><li><a href="classes.html">Alphabetical List</a></li><li><a href="annotated.html">Class List</a></li><li><a href="files.html">File List</a></li><li><a href="functions.html">Class Members</a></li><li><a href="pages.html">Related Pages</a></li></ul> <!-- <h2>Class Picker</h2> <div style="text-align: center;"> <form name="guideform"> <select name="guidelinks" style="width:100%;" onChange="window.location=document.guideform.guidelinks.options[document.guideform.guidelinks.selectedIndex].value"> <option value="annotated.html">-- Choose --</option> <option value="classKGWizardPage1.html">kgwizardpage1</option>, <option value="classKGWizardPage2.html">kgwizardpage2</option>, <option value="classKOpenSSLProxy.html">kopensslproxy</option>, <option value="classKSMIMECrypto.html">ksmimecrypto</option>, <option value="classKSSL.html">kssl</option>, <option value="classKSSLCertBox.html">ksslcertbox</option>, <option value="classKSSLCertChain.html">ksslcertchain</option>, <option value="classKSSLCertDlg.html">ksslcertdlg</option>, <option value="classKSSLCertDlgRet.html">ksslcertdlgret</option>, <option value="classKSSLCertificate.html">ksslcertificate</option>, <option value="classKSSLCertificateCache.html">ksslcertificatecache</option>, <option value="classKSSLCertificateFactory.html">ksslcertificatefactory</option>, <option value="classKSSLCertificateHome.html">ksslcertificatehome</option>, <option value="classKSSLConnectionInfo.html">ksslconnectioninfo</option>, <option value="classKSSLCSessionCache.html">ksslcsessioncache</option>, <option value="classKSSLInfoDlg.html">ksslinfodlg</option>, <option value="classKSSLKeyGen.html">ksslkeygen</option>, <option value="classKSSLPeerInfo.html">ksslpeerinfo</option>, <option value="classKSSLPKCS12.html">ksslpkcs12</option>, <option value="classKSSLPKCS7.html">ksslpkcs7</option>, <option value="classKSSLSession.html">ksslsession</option>, <option value="classKSSLSettings.html">ksslsettings</option>, <option value="classKSSLSigners.html">ksslsigners</option>, <option value="classKSSLX509Map.html">ksslx509map</option>, <option value="classKSSLX509V3.html">ksslx509v3</option>, </select> </form> </div> --> </div></div> <div class="menu_box"><h2>API Dox</h2> <div class="nav_list"> <ul> <li><a href="../../../arts/html/index.html">arts</a></li><li><a href="../../../dcop/html/index.html">dcop</a></li><li><a href="../../../dnssd/html/index.html">dnssd</a></li><li><a href="../../../interfaces/html/index.html">interfaces</a></li><li> <a href="../../../interfaces/kimproxy/interface/html/index.html">interface</a></li><li> <a href="../../../interfaces/kimproxy/library/html/index.html">library</a></li><li> <a href="../../../interfaces/kspeech/html/index.html">kspeech</a></li><li> <a href="../../../interfaces/ktexteditor/html/index.html">ktexteditor</a></li><li><a href="../../../kabc/html/index.html">kabc</a></li><li><a href="../../../kate/html/index.html">kate</a></li><li><a href="../../../kcmshell/html/index.html">kcmshell</a></li><li><a href="../../../kdecore/html/index.html">kdecore</a></li><li><a href="../../../kded/html/index.html">kded</a></li><li><a href="../../../kdefx/html/index.html">kdefx</a></li><li><a href="../../../kdeprint/html/index.html">kdeprint</a></li><li><a href="../../../kdesu/html/index.html">kdesu</a></li><li><a href="../../../kdeui/html/index.html">kdeui</a></li><li><a href="../../../kdoctools/html/index.html">kdoctools</a></li><li><a href="../../../khtml/html/index.html">khtml</a></li><li><a href="../../../kimgio/html/index.html">kimgio</a></li><li><a href="../../../kinit/html/index.html">kinit</a></li><li><a href="../../../kio/html/index.html">kio</a></li><li> <a href="../../../kio/bookmarks/html/index.html">bookmarks</a></li><li> <a href="../../../kio/httpfilter/html/index.html">httpfilter</a></li><li> <a href="../../../kio/kfile/html/index.html">kfile</a></li><li> <a href="../../../kio/kio/html/index.html">kio</a></li><li> <a href="../../../kio/kioexec/html/index.html">kioexec</a></li><li> <a href="../../../kio/kpasswdserver/html/index.html">kpasswdserver</a></li><li> <a href="../../../kio/kssl/html/index.html">kssl</a></li><li><a href="../../../kioslave/html/index.html">kioslave</a></li><li> <a href="../../../kioslave/http/html/index.html">http</a></li><li><a href="../../../kjs/html/index.html">kjs</a></li><li><a href="../../../kmdi/html/index.html">kmdi</a></li><li> <a href="../../../kmdi/kmdi/html/index.html">kmdi</a></li><li><a href="../../../knewstuff/html/index.html">knewstuff</a></li><li><a href="../../../kparts/html/index.html">kparts</a></li><li><a href="../../../kresources/html/index.html">kresources</a></li><li><a href="../../../kspell2/html/index.html">kspell2</a></li><li><a href="../../../kunittest/html/index.html">kunittest</a></li><li><a href="../../../kutils/html/index.html">kutils</a></li><li><a href="../../../kwallet/html/index.html">kwallet</a></li><li><a href="../../../libkmid/html/index.html">libkmid</a></li><li><a href="../../../libkscreensaver/html/index.html">libkscreensaver</a></li> </ul></div></div> </td> </tr> </table> <span class="doNotDisplay"> <a href="http://www.kde.org/" accesskey="8">KDE Home</a> | <a href="http://accessibility.kde.org/" accesskey="9">KDE Accessibility Home</a> | <a href="http://www.kde.org/media/accesskeys.php" accesskey="0">Description of Access Keys</a> </span> <div style="height: 8px"></div> <div id="footer"> <div id="footer_left"> Maintained by <a href="mailto:groot@kde.org">Adriaan de Groot</a> and <a href="mailto:wintert@kde.org">Allen Winter</a>. <br/> KDE and K Desktop Environment are trademarks of <a href="http://www.kde.org/areas/kde-ev/" title="Homepage of the KDE non-profit Organization">KDE e.V.</a> | <a href="http://www.kde.org/contact/impressum.php">Legal</a> </div> <div id="footer_right"><img src="/media/images/footer_right.png" style="margin: 0px" alt="" /></div> </div> <!-- WARNING: DO NOT SEND MAIL TO THE FOLLOWING EMAIL ADDRESS! YOU WILL BE BLOCKED INSTANTLY AND PERMANENTLY! <a href="mailto:aaaatrap-425acc3b5374943f@kde.org">Block me</a> WARNING END --> </body> </html>