static QString cert_info_string(const QCA::Certificate &cert)
{
QString out;
out += CertViewDlg::tr("Serial Number: %1").arg(cert.serialNumber().toString()) + '\n';
out += print_info(CertViewDlg::tr("Subject"), cert.subjectInfo());
out += print_info(CertViewDlg::tr("Issuer"), cert.issuerInfo());
out += CertViewDlg::tr("Validity") + '\n';
out += QString(" ") + CertViewDlg::tr("Not before: %1").arg(cert.notValidBefore().toString()) + '\n';
out += QString(" ") + CertViewDlg::tr("Not after: %1").arg(cert.notValidAfter().toString()) + '\n';
return out;
}
// shared by PsiAccount and MiniClient
bool CertificateHelpers::checkCertificate(QCA::TLS* tls, XMPP::QCATLSHandler *tlsHandler, QString &tlsOverrideDomain, QByteArray &tlsOverrideCert, QObject * canceler, const QString &title, const QString &host) {
QCA::Certificate cert = tls->peerCertificateChain().primary();
int result = tls->peerIdentityResult();
QString hostnameOverrideable;
if (result == QCA::TLS::Valid && !tlsHandler->certMatchesHostname()) {
QList<QString> lst = cert.subjectInfo().values(QCA::CommonName);
if (lst.size() == 1) {
hostnameOverrideable = lst[0];
}
if (lst.size() != 1 || lst[0].isEmpty() || lst[0] != tlsOverrideDomain) {
result = QCA::TLS::HostMismatch;
}
}
// if this cert equals the user trusted certificate, just trust the user's choice.
if (result != QCA::TLS::Valid && !tlsOverrideCert.isEmpty()) {
if (cert.toDER() == tlsOverrideCert) {
result = QCA::TLS::Valid;
}
}
if (result != QCA::TLS::Valid) {
CertificateErrorDialog errorDialog(
title, host, cert,
result, tls->peerCertificateValidity(),
hostnameOverrideable, tlsOverrideDomain, tlsOverrideCert);
if (canceler) {
QObject::connect(canceler, SIGNAL(disconnected()), &errorDialog, SLOT(reject()), Qt::AutoConnection);
QObject::connect(canceler, SIGNAL(reconnecting()), &errorDialog, SLOT(reject()), Qt::AutoConnection);
}
if (errorDialog.exec() == QDialog::Accepted) {
return true;
}
else {
return false;
}
}
else {
return true;
}
}
CertificateDisplayDialog::CertificateDisplayDialog(const QCA::Certificate &cert, int result, QCA::Validity validity, QWidget *parent) : QDialog(parent)
{
ui_.setupUi(this);
setModal(true);
connect(ui_.pb_close, SIGNAL(clicked()), SLOT(close()));
ui_.pb_close->setDefault(true);
ui_.pb_close->setFocus();
if(cert.isNull()) {
return;
}
if (result == QCA::TLS::Valid) {
ui_.lb_valid->setText(tr("The certificate is valid."));
setLabelStatus(*ui_.lb_valid, true);
}
else {
ui_.lb_valid->setText(tr("The certificate is NOT valid!") + "\n" + QString(tr("Reason: %1.")).arg(CertificateHelpers::resultToString(result, validity)));
setLabelStatus(*ui_.lb_valid, false);
}
QDateTime now = QDateTime::currentDateTime();
QDateTime notBefore = cert.notValidBefore();
QDateTime notAfter = cert.notValidAfter();
ui_.lb_notBefore->setText(cert.notValidBefore().toString());
setLabelStatus(*ui_.lb_notBefore, now > notBefore);
ui_.lb_notAfter->setText(cert.notValidAfter().toString());
setLabelStatus(*ui_.lb_notAfter, now < notAfter);
ui_.lb_sn->setText(cert.serialNumber().toString());
QString str;
QString direction = qApp->layoutDirection() == Qt::RightToLeft ? "rtl" : "ltr";
str += "<table dir=\"" + direction + "\">";
str += makePropTable(tr("Subject Details:"), cert.subjectInfo());
str += makePropTable(tr("Issuer Details:"), cert.issuerInfo());
str += "</table>";
for (int i=0; i < 2; i++) {
QString hashstr = QCA::Hash(i == 0 ? "md5" : "sha1").hashToString(cert.toDER()).toUpper().replace(QRegExp("(..)"), ":\\1").mid(1);
str += QString("Fingerprint(%1): %2<br>").arg(i == 0 ? "MD5" : "SHA-1").arg(hashstr);
}
ui_.tb_cert->setText(str);
}
CertificateDisplayDialog::CertificateDisplayDialog(const QCA::Certificate &cert, int result, QCA::Validity validity, QWidget *parent) : QDialog(parent)
{
// raw code from uic
resize(518, 369);
vboxLayout = new QVBoxLayout(this);
vboxLayout->setSpacing(6);
vboxLayout->setMargin(11);
vboxLayout->setObjectName(QString::fromUtf8("vboxLayout"));
hboxLayout = new QHBoxLayout();
hboxLayout->setSpacing(6);
hboxLayout->setMargin(0);
hboxLayout->setObjectName(QString::fromUtf8("hboxLayout"));
vboxLayout1 = new QVBoxLayout();
vboxLayout1->setSpacing(6);
vboxLayout1->setMargin(0);
vboxLayout1->setObjectName(QString::fromUtf8("vboxLayout1"));
textLabel4 = new QLabel;
textLabel4->setObjectName(QString::fromUtf8("textLabel4"));
vboxLayout1->addWidget(textLabel4);
lb_valid = new QLabel;
lb_valid->setObjectName(QString::fromUtf8("lb_valid"));
vboxLayout1->addWidget(lb_valid);
textLabel2 = new QLabel;
textLabel2->setObjectName(QString::fromUtf8("textLabel2"));
vboxLayout1->addWidget(textLabel2);
lb_notBefore = new QLabel;
lb_notBefore->setObjectName(QString::fromUtf8("lb_notBefore"));
vboxLayout1->addWidget(lb_notBefore);
textLabel3 = new QLabel;
textLabel3->setObjectName(QString::fromUtf8("textLabel3"));
vboxLayout1->addWidget(textLabel3);
lb_notAfter = new QLabel;
lb_notAfter->setObjectName(QString::fromUtf8("lb_notAfter"));
vboxLayout1->addWidget(lb_notAfter);
textLabel1 = new QLabel;
textLabel1->setObjectName(QString::fromUtf8("textLabel1"));
vboxLayout1->addWidget(textLabel1);
lb_sn = new QLabel;
lb_sn->setObjectName(QString::fromUtf8("lb_sn"));
vboxLayout1->addWidget(lb_sn);
spacerItem = new QSpacerItem(20, 106, QSizePolicy::Minimum, QSizePolicy::Expanding);
vboxLayout1->addItem(spacerItem);
hboxLayout->addLayout(vboxLayout1);
tb_cert = new QTextBrowser;
tb_cert->setObjectName(QString::fromUtf8("tb_cert"));
tb_cert->setMinimumSize(QSize(350, 300));
tb_cert->setHorizontalScrollBarPolicy(Qt::ScrollBarAlwaysOff);
hboxLayout->addWidget(tb_cert);
vboxLayout->addLayout(hboxLayout);
line1 = new QFrame;
line1->setObjectName(QString::fromUtf8("line1"));
line1->setFrameShape(QFrame::HLine);
line1->setFrameShadow(QFrame::Sunken);
line1->setFrameShape(QFrame::HLine);
vboxLayout->addWidget(line1);
hboxLayout1 = new QHBoxLayout();
hboxLayout1->setSpacing(6);
hboxLayout1->setMargin(0);
hboxLayout1->setObjectName(QString::fromUtf8("hboxLayout1"));
spacerItem1 = new QSpacerItem(421, 20, QSizePolicy::Expanding, QSizePolicy::Minimum);
hboxLayout1->addItem(spacerItem1);
pb_close = new QPushButton;
pb_close->setObjectName(QString::fromUtf8("pb_close"));
hboxLayout1->addWidget(pb_close);
vboxLayout->addLayout(hboxLayout1);
setWindowTitle(tr("Certificate Information"));
textLabel4->setText(tr("Certificate Validation") + ':');
lb_valid->setText(QString());
textLabel2->setText(tr("Valid From") + ':');
lb_notBefore->setText(QString());
textLabel3->setText(tr("Valid Until") + ':');
lb_notAfter->setText(QString());
textLabel1->setText(tr("Serial Number") + ':');
lb_sn->setText(QString());
pb_close->setText(tr("Close"));
// end of raw code from uic
setModal(true);
connect(pb_close, SIGNAL(clicked()), SLOT(close()));
pb_close->setDefault(true);
pb_close->setFocus();
if (cert.isNull())
return;
if (result == QCA::TLS::Valid)
{
lb_valid->setText(tr("The certificate is valid."));
setLabelStatus(*lb_valid, true);
}
else
{
lb_valid->setText(tr("The certificate is NOT valid!") + '\n' + QString(tr("Reason: %1.")).arg(CertificateHelpers::resultToString(result, validity)));
setLabelStatus(*lb_valid, false);
}
QDateTime now = QDateTime::currentDateTime();
QDateTime notBefore = cert.notValidBefore();
QDateTime notAfter = cert.notValidAfter();
lb_notBefore->setText(cert.notValidBefore().toString());
setLabelStatus(*lb_notBefore, now > notBefore);
lb_notAfter->setText(cert.notValidAfter().toString());
setLabelStatus(*lb_notAfter, now < notAfter);
lb_sn->setText(cert.serialNumber().toString());
QString str;
str += "<table>";
str += makePropTable(tr("Subject Details:"), cert.subjectInfo());
str += makePropTable(tr("Issuer Details:"), cert.issuerInfo());
str += "</table>";
for (int i=0; i < 2; i++)
{
QString hashstr = QCA::Hash(i == 0 ? "md5" : "sha1").hashToString(cert.toDER()).toUpper().replace(QRegExp("(..)"), ":\\1").mid(1);
str += QString("Fingerprint(%1): %2<br>").arg(i == 0 ? "MD5" : "SHA-1").arg(hashstr);
}
tb_cert->setText(str);
}