void tst_QAsn1Element::invalid()
{
QFETCH(QByteArray, encoded);
QAsn1Element elem;
QVERIFY(!elem.read(encoded));
}
void tst_QAsn1Element::dateTime()
{
QFETCH(QByteArray, encoded);
QFETCH(QDateTime, value);
QAsn1Element elem;
QVERIFY(elem.read(encoded));
QCOMPARE(elem.toDateTime(), value);
}
void tst_QAsn1Element::toBool()
{
QFETCH(QByteArray, encoded);
QFETCH(bool, value);
QFETCH(bool, valid);
bool ok;
QAsn1Element elem;
QVERIFY(elem.read(encoded));
QCOMPARE(elem.toBool(&ok), value);
QCOMPARE(ok, valid);
}
void tst_QAsn1Element::objectIdentifier()
{
QFETCH(QByteArray, encoded);
QFETCH(QByteArray, oid);
QFETCH(QByteArray, name);
QAsn1Element elem;
QVERIFY(elem.read(encoded));
QCOMPARE(elem.type(), quint8(QAsn1Element::ObjectIdentifierType));
QCOMPARE(elem.toObjectId(), oid);
QCOMPARE(QAsn1Element::fromObjectId(oid).toObjectId(), oid);
QCOMPARE(elem.toObjectName(), name);
}
bool QSslCertificatePrivate::parseExtension(const QByteArray &data, QSslCertificateExtension *extension)
{
bool ok;
bool critical = false;
QAsn1Element oidElem, valElem;
QDataStream seqStream(data);
// oid
if (!oidElem.read(seqStream) || oidElem.type() != QAsn1Element::ObjectIdentifierType)
return false;
const QByteArray oid = oidElem.toObjectId();
// critical and value
if (!valElem.read(seqStream))
return false;
if (valElem.type() == QAsn1Element::BooleanType) {
critical = valElem.toBool(&ok);
if (!ok || !valElem.read(seqStream))
return false;
}
if (valElem.type() != QAsn1Element::OctetStringType)
return false;
// interpret value
QAsn1Element val;
bool supported = true;
QVariant value;
if (oid == "1.3.6.1.5.5.7.1.1") {
// authorityInfoAccess
if (!val.read(valElem.value()) || val.type() != QAsn1Element::SequenceType)
return false;
QVariantMap result;
foreach (const QAsn1Element &el, val.toVector()) {
QVector<QAsn1Element> items = el.toVector();
if (items.size() != 2)
return false;
const QString key = QString::fromLatin1(items.at(0).toObjectName());
switch (items.at(1).type()) {
case QAsn1Element::Rfc822NameType:
case QAsn1Element::DnsNameType:
case QAsn1Element::UniformResourceIdentifierType:
result[key] = items.at(1).toString();
break;
}
}
value = result;
} else if (oid == "2.5.29.14") {
void tst_QAsn1Element::octetString()
{
QFETCH(QByteArray, encoded);
QFETCH(QByteArray, value);
// read
QAsn1Element elem;
QVERIFY(elem.read(encoded));
QCOMPARE(elem.type(), quint8(QAsn1Element::OctetStringType));
QCOMPARE(elem.value(), value);
// write
QByteArray buffer;
QDataStream stream(&buffer, QIODevice::WriteOnly);
elem.write(stream);
QCOMPARE(buffer, encoded);
}
void tst_QAsn1Element::integer()
{
QFETCH(QByteArray, encoded);
QFETCH(int, value);
// read
bool ok;
QAsn1Element elem;
QVERIFY(elem.read(encoded));
QCOMPARE(elem.type(), quint8(QAsn1Element::IntegerType));
QCOMPARE(elem.toInteger(&ok), value);
QVERIFY(ok);
// write
QByteArray buffer;
QDataStream stream(&buffer, QIODevice::WriteOnly);
QAsn1Element::fromInteger(value).write(stream);
QCOMPARE(buffer, encoded);
}
void tst_QAsn1Element::emptyConstructor()
{
QAsn1Element elem;
QCOMPARE(elem.type(), quint8(0));
QCOMPARE(elem.value(), QByteArray());
}
bool QSslCertificatePrivate::parse(const QByteArray &data)
{
QAsn1Element root;
QDataStream dataStream(data);
if (!root.read(dataStream) || root.type() != QAsn1Element::SequenceType)
return false;
QDataStream rootStream(root.value());
QAsn1Element cert;
if (!cert.read(rootStream) || cert.type() != QAsn1Element::SequenceType)
return false;
// version or serial number
QAsn1Element elem;
QDataStream certStream(cert.value());
if (!elem.read(certStream))
return false;
if (elem.type() == QAsn1Element::Context0Type) {
QDataStream versionStream(elem.value());
if (!elem.read(versionStream) || elem.type() != QAsn1Element::IntegerType)
return false;
versionString = QByteArray::number(elem.value()[0] + 1);
if (!elem.read(certStream))
return false;
} else {
versionString = QByteArray::number(1);
}
// serial number
if (elem.type() != QAsn1Element::IntegerType)
return false;
serialNumberString = colonSeparatedHex(elem.value());
// algorithm ID
if (!elem.read(certStream) || elem.type() != QAsn1Element::SequenceType)
return false;
// issuer info
if (!elem.read(certStream) || elem.type() != QAsn1Element::SequenceType)
return false;
QByteArray issuerDer = data.mid(dataStream.device()->pos() - elem.value().length(), elem.value().length());
issuerInfo = elem.toInfo();
// validity period
if (!elem.read(certStream) || elem.type() != QAsn1Element::SequenceType)
return false;
QDataStream validityStream(elem.value());
if (!elem.read(validityStream) || (elem.type() != QAsn1Element::UtcTimeType && elem.type() != QAsn1Element::GeneralizedTimeType))
return false;
notValidBefore = elem.toDateTime();
if (!elem.read(validityStream) || (elem.type() != QAsn1Element::UtcTimeType && elem.type() != QAsn1Element::GeneralizedTimeType))
return false;
notValidAfter = elem.toDateTime();
// subject name
if (!elem.read(certStream) || elem.type() != QAsn1Element::SequenceType)
return false;
QByteArray subjectDer = data.mid(dataStream.device()->pos() - elem.value().length(), elem.value().length());
subjectInfo = elem.toInfo();
subjectMatchesIssuer = issuerDer == subjectDer;
// public key
qint64 keyStart = certStream.device()->pos();
if (!elem.read(certStream) || elem.type() != QAsn1Element::SequenceType)
return false;
publicKeyDerData.resize(certStream.device()->pos() - keyStart);
QDataStream keyStream(elem.value());
if (!elem.read(keyStream) || elem.type() != QAsn1Element::SequenceType)
return false;
// key algorithm
if (!elem.read(elem.value()) || elem.type() != QAsn1Element::ObjectIdentifierType)
return false;
const QByteArray oid = elem.toObjectId();
if (oid == RSA_ENCRYPTION_OID)
publicKeyAlgorithm = QSsl::Rsa;
else if (oid == DSA_ENCRYPTION_OID)
publicKeyAlgorithm = QSsl::Dsa;
else if (oid == EC_ENCRYPTION_OID)
publicKeyAlgorithm = QSsl::Ec;
else
publicKeyAlgorithm = QSsl::Opaque;
certStream.device()->seek(keyStart);
certStream.readRawData(publicKeyDerData.data(), publicKeyDerData.size());
// extensions
while (elem.read(certStream)) {
if (elem.type() == QAsn1Element::Context3Type) {
if (elem.read(elem.value()) && elem.type() == QAsn1Element::SequenceType) {
QDataStream extStream(elem.value());
while (elem.read(extStream) && elem.type() == QAsn1Element::SequenceType) {
QSslCertificateExtension extension;
if (!parseExtension(elem.value(), &extension))
return false;
extensions << extension;
if (extension.oid() == QLatin1String("2.5.29.17")) {
// subjectAltName
QAsn1Element sanElem;
if (sanElem.read(extension.value().toByteArray()) && sanElem.type() == QAsn1Element::SequenceType) {
QDataStream nameStream(sanElem.value());
QAsn1Element nameElem;
while (nameElem.read(nameStream)) {
if (nameElem.type() == QAsn1Element::Rfc822NameType) {
subjectAlternativeNames.insert(QSsl::EmailEntry, nameElem.toString());
} else if (nameElem.type() == QAsn1Element::DnsNameType) {
subjectAlternativeNames.insert(QSsl::DnsEntry, nameElem.toString());
}
}
}
}
}
}
}
}
derData = data.left(dataStream.device()->pos());
null = false;
return true;
}
void QSslKeyPrivate::decodeDer(const QByteArray &der, bool deepClear)
{
clear(deepClear);
if (der.isEmpty())
return;
QAsn1Element elem;
if (!elem.read(der) || elem.type() != QAsn1Element::SequenceType)
return;
if (type == QSsl::PublicKey) {
// key info
QDataStream keyStream(elem.value());
if (!elem.read(keyStream) || elem.type() != QAsn1Element::SequenceType)
return;
QVector<QAsn1Element> infoItems = elem.toVector();
if (infoItems.size() < 2 || infoItems[0].type() != QAsn1Element::ObjectIdentifierType)
return;
if (algorithm == QSsl::Rsa) {
if (infoItems[0].toObjectId() != RSA_ENCRYPTION_OID)
return;
// key data
if (!elem.read(keyStream) || elem.type() != QAsn1Element::BitStringType || elem.value().isEmpty())
return;
if (!elem.read(elem.value().mid(1)) || elem.type() != QAsn1Element::SequenceType)
return;
if (!elem.read(elem.value()) || elem.type() != QAsn1Element::IntegerType)
return;
keyLength = numberOfBits(elem.value());
} else if (algorithm == QSsl::Dsa) {
if (infoItems[0].toObjectId() != DSA_ENCRYPTION_OID)
return;
if (infoItems[1].type() != QAsn1Element::SequenceType)
return;
// key params
QVector<QAsn1Element> params = infoItems[1].toVector();
if (params.isEmpty() || params[0].type() != QAsn1Element::IntegerType)
return;
keyLength = numberOfBits(params[0].value());
}
} else {
QVector<QAsn1Element> items = elem.toVector();
if (items.isEmpty())
return;
// version
if (items[0].type() != QAsn1Element::IntegerType || items[0].value().toHex() != "00")
return;
if (algorithm == QSsl::Rsa) {
if (items.size() != 9 || items[1].type() != QAsn1Element::IntegerType)
return;
keyLength = numberOfBits(items[1].value());
} else if (algorithm == QSsl::Dsa) {
if (items.size() != 6 || items[1].type() != QAsn1Element::IntegerType)
return;
keyLength = numberOfBits(items[1].value());
}
}
derData = der;
isNull = false;
}
