bool QSslCertificatePrivate::parse(const QByteArray &data) { QAsn1Element root; QDataStream dataStream(data); if (!root.read(dataStream) || root.type() != QAsn1Element::SequenceType) return false; QDataStream rootStream(root.value()); QAsn1Element cert; if (!cert.read(rootStream) || cert.type() != QAsn1Element::SequenceType) return false; // version or serial number QAsn1Element elem; QDataStream certStream(cert.value()); if (!elem.read(certStream)) return false; if (elem.type() == QAsn1Element::Context0Type) { QDataStream versionStream(elem.value()); if (!elem.read(versionStream) || elem.type() != QAsn1Element::IntegerType) return false; versionString = QByteArray::number(elem.value()[0] + 1); if (!elem.read(certStream)) return false; } else { versionString = QByteArray::number(1); } // serial number if (elem.type() != QAsn1Element::IntegerType) return false; serialNumberString = colonSeparatedHex(elem.value()); // algorithm ID if (!elem.read(certStream) || elem.type() != QAsn1Element::SequenceType) return false; // issuer info if (!elem.read(certStream) || elem.type() != QAsn1Element::SequenceType) return false; QByteArray issuerDer = data.mid(dataStream.device()->pos() - elem.value().length(), elem.value().length()); issuerInfo = elem.toInfo(); // validity period if (!elem.read(certStream) || elem.type() != QAsn1Element::SequenceType) return false; QDataStream validityStream(elem.value()); if (!elem.read(validityStream) || (elem.type() != QAsn1Element::UtcTimeType && elem.type() != QAsn1Element::GeneralizedTimeType)) return false; notValidBefore = elem.toDateTime(); if (!elem.read(validityStream) || (elem.type() != QAsn1Element::UtcTimeType && elem.type() != QAsn1Element::GeneralizedTimeType)) return false; notValidAfter = elem.toDateTime(); // subject name if (!elem.read(certStream) || elem.type() != QAsn1Element::SequenceType) return false; QByteArray subjectDer = data.mid(dataStream.device()->pos() - elem.value().length(), elem.value().length()); subjectInfo = elem.toInfo(); subjectMatchesIssuer = issuerDer == subjectDer; // public key qint64 keyStart = certStream.device()->pos(); if (!elem.read(certStream) || elem.type() != QAsn1Element::SequenceType) return false; publicKeyDerData.resize(certStream.device()->pos() - keyStart); QDataStream keyStream(elem.value()); if (!elem.read(keyStream) || elem.type() != QAsn1Element::SequenceType) return false; // key algorithm if (!elem.read(elem.value()) || elem.type() != QAsn1Element::ObjectIdentifierType) return false; const QByteArray oid = elem.toObjectId(); if (oid == RSA_ENCRYPTION_OID) publicKeyAlgorithm = QSsl::Rsa; else if (oid == DSA_ENCRYPTION_OID) publicKeyAlgorithm = QSsl::Dsa; else if (oid == EC_ENCRYPTION_OID) publicKeyAlgorithm = QSsl::Ec; else publicKeyAlgorithm = QSsl::Opaque; certStream.device()->seek(keyStart); certStream.readRawData(publicKeyDerData.data(), publicKeyDerData.size()); // extensions while (elem.read(certStream)) { if (elem.type() == QAsn1Element::Context3Type) { if (elem.read(elem.value()) && elem.type() == QAsn1Element::SequenceType) { QDataStream extStream(elem.value()); while (elem.read(extStream) && elem.type() == QAsn1Element::SequenceType) { QSslCertificateExtension extension; if (!parseExtension(elem.value(), &extension)) return false; extensions << extension; if (extension.oid() == QLatin1String("2.5.29.17")) { // subjectAltName QAsn1Element sanElem; if (sanElem.read(extension.value().toByteArray()) && sanElem.type() == QAsn1Element::SequenceType) { QDataStream nameStream(sanElem.value()); QAsn1Element nameElem; while (nameElem.read(nameStream)) { if (nameElem.type() == QAsn1Element::Rfc822NameType) { subjectAlternativeNames.insert(QSsl::EmailEntry, nameElem.toString()); } else if (nameElem.type() == QAsn1Element::DnsNameType) { subjectAlternativeNames.insert(QSsl::DnsEntry, nameElem.toString()); } } } } } } } } derData = data.left(dataStream.device()->pos()); null = false; return true; }
void CertificateDialog::updateValue() { const QSslCertificate certificate(m_certificates.value(m_ui->chainItemView->currentIndex().data(Qt::UserRole).toInt())); const CertificateField field(static_cast<CertificateField>(m_ui->detailsItemView->currentIndex().data(Qt::UserRole).toInt())); m_ui->valueTextEdit->clear(); switch (field) { case ValidityField: case PublicKeyField: case ExtensionsField: case DigestField: break; case VersionField: m_ui->valueTextEdit->setPlainText(QString(certificate.version())); break; case SerialNumberField: m_ui->valueTextEdit->setPlainText(formatHex(QString(certificate.serialNumber()), QLatin1Char(':'))); break; case SignatureAlgorithmField: m_ui->valueTextEdit->setPlainText(QRegularExpression(QLatin1String("Signature Algorithm:(.+)")).match(certificate.toText()).captured(1).trimmed()); break; case IssuerField: { const QList<QByteArray> attributes(certificate.issuerInfoAttributes()); for (int i = 0; i < attributes.count(); ++i) { m_ui->valueTextEdit->appendPlainText(QStringLiteral("%1 = %2").arg(QString(attributes.at(i))).arg(certificate.issuerInfo(attributes.at(i)).join(QLatin1String(", ")))); } } break; case ValidityNotBeforeField: m_ui->valueTextEdit->setPlainText(certificate.effectiveDate().toString(QLatin1String("yyyy-MM-dd hh:mm:ss t"))); break; case ValidityNotAfterField: m_ui->valueTextEdit->setPlainText(certificate.expiryDate().toString(QLatin1String("yyyy-MM-dd hh:mm:ss t"))); break; case SubjectField: { const QList<QByteArray> attributes(certificate.subjectInfoAttributes()); for (int i = 0; i < attributes.count(); ++i) { m_ui->valueTextEdit->appendPlainText(QStringLiteral("%1 = %2").arg(QString(attributes.at(i))).arg(certificate.subjectInfo(attributes.at(i)).join(QLatin1String(", ")))); } } break; case PublicKeyValueField: { const QRegularExpression expression(QLatin1String("Public-Key:[.\\s\\S]+Modulus:([.\\s\\S]+)Exponent:(.+)"), QRegularExpression::MultilineOption); const QRegularExpressionMatch match(expression.match(certificate.toText())); if (match.hasMatch()) { m_ui->valueTextEdit->setPlainText(tr("Modulus:\n%1\n\nExponent: %2").arg(formatHex(match.captured(1).trimmed().mid(3))).arg(match.captured(2).trimmed())); } } break; case PublicKeyAlgorithmField: m_ui->valueTextEdit->setPlainText(QRegularExpression(QLatin1String("Public Key Algorithm:(.+)")).match(certificate.toText()).captured(1).trimmed()); break; case ExtensionField: { const QSslCertificateExtension extension(certificate.extensions().value(m_ui->detailsItemView->currentIndex().data(Qt::UserRole + 1).toInt())); m_ui->valueTextEdit->setPlainText(extension.isCritical() ? tr("Critical") : tr("Not Critical")); m_ui->valueTextEdit->appendPlainText(tr("OID: %1").arg(extension.oid())); if (!extension.value().isNull()) { m_ui->valueTextEdit->appendPlainText(tr("Value:")); if (extension.value().type() == QVariant::List) { const QVariantList list(extension.value().toList()); for (int i = 0; i < list.count(); ++i) { m_ui->valueTextEdit->appendPlainText(list.at(i).toString()); } } else if (extension.value().type() == QVariant::Map) { const QVariantMap map(extension.value().toMap()); QVariantMap::const_iterator iterator; for (iterator = map.constBegin(); iterator != map.constEnd(); ++iterator) { m_ui->valueTextEdit->appendPlainText(QStringLiteral("%1 = %2").arg(iterator.key()).arg(iterator.value().toString())); } } else { m_ui->valueTextEdit->appendPlainText(extension.value().toString()); } } } break; case DigestSha1Field: m_ui->valueTextEdit->setPlainText(formatHex(QString(certificate.digest(QCryptographicHash::Sha1).toHex()))); break; case DigestSha256Field: m_ui->valueTextEdit->setPlainText(formatHex(QString(certificate.digest(QCryptographicHash::Sha256).toHex()))); break; default: break; } QTextCursor cursor(m_ui->valueTextEdit->textCursor()); cursor.setPosition(0); m_ui->valueTextEdit->setTextCursor(cursor); }