const QgsPkiBundle QgsPkiBundle::fromPkcs12Paths( const QString &bundlepath, const QString &bundlepass ) { QgsPkiBundle pkibundle; if ( QCA::isSupported( "pkcs12" ) && !bundlepath.isEmpty() && ( bundlepath.endsWith( QLatin1String( ".p12" ), Qt::CaseInsensitive ) || bundlepath.endsWith( QLatin1String( ".pfx" ), Qt::CaseInsensitive ) ) && QFile::exists( bundlepath ) ) { QCA::SecureArray passarray; if ( !bundlepass.isNull() ) passarray = QCA::SecureArray( bundlepass.toUtf8() ); QCA::ConvertResult res; QCA::KeyBundle bundle( QCA::KeyBundle::fromFile( bundlepath, passarray, &res, QStringLiteral( "qca-ossl" ) ) ); if ( res == QCA::ConvertGood && !bundle.isNull() ) { const QCA::CertificateChain cert_chain( bundle.certificateChain() ); QSslCertificate cert( cert_chain.primary().toPEM().toLatin1() ); if ( !cert.isNull() ) { pkibundle.setClientCert( cert ); } QSslKey cert_key( bundle.privateKey().toPEM().toLatin1(), QSsl::Rsa, QSsl::Pem, QSsl::PrivateKey, QByteArray() ); if ( !cert_key.isNull() ) { pkibundle.setClientKey( cert_key ); } if ( cert_chain.size() > 1 ) { QList<QSslCertificate> ca_chain; for ( const auto &ca_cert : cert_chain ) { if ( ca_cert != cert_chain.primary() ) { ca_chain << QSslCertificate( ca_cert.toPEM().toLatin1() ); } } pkibundle.setCaChain( ca_chain ); } } } return pkibundle; }
int main(int argc,char *argv[]) { int arg,err=1; char *fpr=NULL,*url=NULL,*keyfile=NULL,*name=NULL; if(argc==1) { usage(stderr); return 1; } else if(argc>1 && strcmp(argv[1],"--version")==0) { #if defined(HAVE_CONFIG_H) && defined(VERSION) printf ("make-dns-cert (GnuPG) " VERSION "\n"); #else printf ("make-dns-cert gnupg-svn%d\n", atoi (10+"$Revision$")); #endif return 0; } else if(argc>1 && strcmp(argv[1],"--help")==0) { usage(stdout); return 0; } while((arg=getopt(argc,argv,"hf:u:k:n:"))!=-1) switch(arg) { default: case 'h': usage(stdout); exit(0); case 'f': fpr=optarg; break; case 'u': url=optarg; break; case 'k': keyfile=optarg; break; case 'n': name=optarg; break; } if(!name) { fprintf(stderr,"No name provided\n"); return 1; } if(keyfile && (fpr || url)) { fprintf(stderr,"Cannot generate a CERT record with both a keyfile and" " a fingerprint or URL\n"); return 1; } if(keyfile) err=cert_key(name,keyfile); else err=url_key(name,fpr,url); return err; }