bool QSslCertificatePrivate::parse(const QByteArray &data)
{
QAsn1Element root;
QDataStream dataStream(data);
if (!root.read(dataStream) || root.type() != QAsn1Element::SequenceType)
return false;
QDataStream rootStream(root.value());
QAsn1Element cert;
if (!cert.read(rootStream) || cert.type() != QAsn1Element::SequenceType)
return false;
// version or serial number
QAsn1Element elem;
QDataStream certStream(cert.value());
if (!elem.read(certStream))
return false;
if (elem.type() == QAsn1Element::Context0Type) {
QDataStream versionStream(elem.value());
if (!elem.read(versionStream) || elem.type() != QAsn1Element::IntegerType)
return false;
versionString = QByteArray::number(elem.value()[0] + 1);
if (!elem.read(certStream))
return false;
} else {
versionString = QByteArray::number(1);
}
// serial number
if (elem.type() != QAsn1Element::IntegerType)
return false;
serialNumberString = colonSeparatedHex(elem.value());
// algorithm ID
if (!elem.read(certStream) || elem.type() != QAsn1Element::SequenceType)
return false;
// issuer info
if (!elem.read(certStream) || elem.type() != QAsn1Element::SequenceType)
return false;
QByteArray issuerDer = data.mid(dataStream.device()->pos() - elem.value().length(), elem.value().length());
issuerInfo = elem.toInfo();
// validity period
if (!elem.read(certStream) || elem.type() != QAsn1Element::SequenceType)
return false;
QDataStream validityStream(elem.value());
if (!elem.read(validityStream) || (elem.type() != QAsn1Element::UtcTimeType && elem.type() != QAsn1Element::GeneralizedTimeType))
return false;
notValidBefore = elem.toDateTime();
if (!elem.read(validityStream) || (elem.type() != QAsn1Element::UtcTimeType && elem.type() != QAsn1Element::GeneralizedTimeType))
return false;
notValidAfter = elem.toDateTime();
// subject name
if (!elem.read(certStream) || elem.type() != QAsn1Element::SequenceType)
return false;
QByteArray subjectDer = data.mid(dataStream.device()->pos() - elem.value().length(), elem.value().length());
subjectInfo = elem.toInfo();
subjectMatchesIssuer = issuerDer == subjectDer;
// public key
qint64 keyStart = certStream.device()->pos();
if (!elem.read(certStream) || elem.type() != QAsn1Element::SequenceType)
return false;
publicKeyDerData.resize(certStream.device()->pos() - keyStart);
QDataStream keyStream(elem.value());
if (!elem.read(keyStream) || elem.type() != QAsn1Element::SequenceType)
return false;
// key algorithm
if (!elem.read(elem.value()) || elem.type() != QAsn1Element::ObjectIdentifierType)
return false;
const QByteArray oid = elem.toObjectId();
if (oid == RSA_ENCRYPTION_OID)
publicKeyAlgorithm = QSsl::Rsa;
else if (oid == DSA_ENCRYPTION_OID)
publicKeyAlgorithm = QSsl::Dsa;
else if (oid == EC_ENCRYPTION_OID)
publicKeyAlgorithm = QSsl::Ec;
else
publicKeyAlgorithm = QSsl::Opaque;
certStream.device()->seek(keyStart);
certStream.readRawData(publicKeyDerData.data(), publicKeyDerData.size());
// extensions
while (elem.read(certStream)) {
if (elem.type() == QAsn1Element::Context3Type) {
if (elem.read(elem.value()) && elem.type() == QAsn1Element::SequenceType) {
QDataStream extStream(elem.value());
while (elem.read(extStream) && elem.type() == QAsn1Element::SequenceType) {
QSslCertificateExtension extension;
if (!parseExtension(elem.value(), &extension))
return false;
extensions << extension;
if (extension.oid() == QLatin1String("2.5.29.17")) {
// subjectAltName
QAsn1Element sanElem;
if (sanElem.read(extension.value().toByteArray()) && sanElem.type() == QAsn1Element::SequenceType) {
QDataStream nameStream(sanElem.value());
QAsn1Element nameElem;
while (nameElem.read(nameStream)) {
if (nameElem.type() == QAsn1Element::Rfc822NameType) {
subjectAlternativeNames.insert(QSsl::EmailEntry, nameElem.toString());
} else if (nameElem.type() == QAsn1Element::DnsNameType) {
subjectAlternativeNames.insert(QSsl::DnsEntry, nameElem.toString());
}
}
}
}
}
}
}
}
derData = data.left(dataStream.device()->pos());
null = false;
return true;
}
void CertificateDialog::updateValue()
{
const QSslCertificate certificate(m_certificates.value(m_ui->chainItemView->currentIndex().data(Qt::UserRole).toInt()));
const CertificateField field(static_cast<CertificateField>(m_ui->detailsItemView->currentIndex().data(Qt::UserRole).toInt()));
m_ui->valueTextEdit->clear();
switch (field)
{
case ValidityField:
case PublicKeyField:
case ExtensionsField:
case DigestField:
break;
case VersionField:
m_ui->valueTextEdit->setPlainText(QString(certificate.version()));
break;
case SerialNumberField:
m_ui->valueTextEdit->setPlainText(formatHex(QString(certificate.serialNumber()), QLatin1Char(':')));
break;
case SignatureAlgorithmField:
m_ui->valueTextEdit->setPlainText(QRegularExpression(QLatin1String("Signature Algorithm:(.+)")).match(certificate.toText()).captured(1).trimmed());
break;
case IssuerField:
{
const QList<QByteArray> attributes(certificate.issuerInfoAttributes());
for (int i = 0; i < attributes.count(); ++i)
{
m_ui->valueTextEdit->appendPlainText(QStringLiteral("%1 = %2").arg(QString(attributes.at(i))).arg(certificate.issuerInfo(attributes.at(i)).join(QLatin1String(", "))));
}
}
break;
case ValidityNotBeforeField:
m_ui->valueTextEdit->setPlainText(certificate.effectiveDate().toString(QLatin1String("yyyy-MM-dd hh:mm:ss t")));
break;
case ValidityNotAfterField:
m_ui->valueTextEdit->setPlainText(certificate.expiryDate().toString(QLatin1String("yyyy-MM-dd hh:mm:ss t")));
break;
case SubjectField:
{
const QList<QByteArray> attributes(certificate.subjectInfoAttributes());
for (int i = 0; i < attributes.count(); ++i)
{
m_ui->valueTextEdit->appendPlainText(QStringLiteral("%1 = %2").arg(QString(attributes.at(i))).arg(certificate.subjectInfo(attributes.at(i)).join(QLatin1String(", "))));
}
}
break;
case PublicKeyValueField:
{
const QRegularExpression expression(QLatin1String("Public-Key:[.\\s\\S]+Modulus:([.\\s\\S]+)Exponent:(.+)"), QRegularExpression::MultilineOption);
const QRegularExpressionMatch match(expression.match(certificate.toText()));
if (match.hasMatch())
{
m_ui->valueTextEdit->setPlainText(tr("Modulus:\n%1\n\nExponent: %2").arg(formatHex(match.captured(1).trimmed().mid(3))).arg(match.captured(2).trimmed()));
}
}
break;
case PublicKeyAlgorithmField:
m_ui->valueTextEdit->setPlainText(QRegularExpression(QLatin1String("Public Key Algorithm:(.+)")).match(certificate.toText()).captured(1).trimmed());
break;
case ExtensionField:
{
const QSslCertificateExtension extension(certificate.extensions().value(m_ui->detailsItemView->currentIndex().data(Qt::UserRole + 1).toInt()));
m_ui->valueTextEdit->setPlainText(extension.isCritical() ? tr("Critical") : tr("Not Critical"));
m_ui->valueTextEdit->appendPlainText(tr("OID: %1").arg(extension.oid()));
if (!extension.value().isNull())
{
m_ui->valueTextEdit->appendPlainText(tr("Value:"));
if (extension.value().type() == QVariant::List)
{
const QVariantList list(extension.value().toList());
for (int i = 0; i < list.count(); ++i)
{
m_ui->valueTextEdit->appendPlainText(list.at(i).toString());
}
}
else if (extension.value().type() == QVariant::Map)
{
const QVariantMap map(extension.value().toMap());
QVariantMap::const_iterator iterator;
for (iterator = map.constBegin(); iterator != map.constEnd(); ++iterator)
{
m_ui->valueTextEdit->appendPlainText(QStringLiteral("%1 = %2").arg(iterator.key()).arg(iterator.value().toString()));
}
}
else
{
m_ui->valueTextEdit->appendPlainText(extension.value().toString());
}
}
}
break;
case DigestSha1Field:
m_ui->valueTextEdit->setPlainText(formatHex(QString(certificate.digest(QCryptographicHash::Sha1).toHex())));
break;
case DigestSha256Field:
m_ui->valueTextEdit->setPlainText(formatHex(QString(certificate.digest(QCryptographicHash::Sha256).toHex())));
break;
default:
break;
}
QTextCursor cursor(m_ui->valueTextEdit->textCursor());
cursor.setPosition(0);
m_ui->valueTextEdit->setTextCursor(cursor);
}
