bool InstallChecker::verifyPackage( const QString &filePath, bool )
{
QProcess proc;
proc.start( "hdiutil", QStringList() << "verify" << filePath );
proc.waitForFinished();
if( proc.exitCode() )
return false;
QString path = mountPackage( filePath );
if( path.isEmpty() )
return false;
xar_t xar = xar_open( path.toUtf8().constData(), 0 );
if( !xar )
return false;
QSslCertificate cert;
xar_signature_t sig = xar_signature_first( xar );
int32_t count = xar_signature_get_x509certificate_count( sig );
for( int32_t i = 0; i < count; ++i )
{
uint32_t size = 0;
const uint8_t *data = 0;
if( xar_signature_get_x509certificate_data( sig, i, &data, &size ) )
continue;
QSslCertificate c( QByteArray( (const char*)data, size ), QSsl::Der );
#if QT_VERSION >= 0x050000
QString cn = c.subjectInfo( QSslCertificate::CommonName ).value(0);
#else
QString cn = c.subjectInfo( QSslCertificate::CommonName );
#endif
if( cn == "Estonian Informatics Centre" ||
cn == "Developer ID Installer: Riigi Infosüsteemi Amet" )
cert = c;
}
if( cert.isNull() )
{
xar_close( xar );
return false;
}
uint8_t *data = 0, *signature = 0;
uint32_t dataSize = 0, signatureSize = 0;
off_t offset = 0;
if( xar_signature_copy_signed_data( sig, &data, &dataSize, &signature, &signatureSize, &offset ) )
{
xar_close( xar );
return false;
}
int result = RSA_verify( NID_sha1, data, dataSize, signature, signatureSize, (RSA*)cert.publicKey().handle() );
xar_close( xar );
free( data );
free( signature );
return result;
}
QString clientController::getCertificateString(const QSslCertificate &cert)
{
QString certInfo;
certInfo += "Issuer Org: ";
certInfo += cert.issuerInfo(QSslCertificate::Organization).join(" ") + QString("\n");
certInfo += "Common Name: ";
certInfo += cert.issuerInfo(QSslCertificate::CommonName).join(" ") + "\n";
certInfo += "Effective Date: ";
certInfo += cert.effectiveDate().toString() + "\n";
certInfo += "Expiry Date: ";
certInfo += cert.expiryDate().toString() + "\n";
certInfo += "Public Key: ";
certInfo += cert.publicKey().toPem() + "\n";
certInfo += "Serial Number: ";
certInfo += cert.serialNumber() + "\n";
return certInfo;
}
QString Client::getCertificateString(const QSslCertificate &cert)
{
// Grab the fields and append to certInfo
QString certInfo;
certInfo += "Issuer Org: ";
certInfo += cert.issuerInfo(QSslCertificate::Organization) + "\n";
certInfo += "Common Name: ";
certInfo += cert.issuerInfo(QSslCertificate::CommonName) + "\n";
certInfo += "Effective Date: ";
certInfo += cert.effectiveDate().toString() + "\n";
certInfo += "Expiry Date: ";
certInfo += cert.expiryDate().toString() + "\n";
certInfo += "Public Key: ";
certInfo += cert.publicKey().toPem() + "\n";
certInfo += "Serial Number: ";
certInfo += cert.serialNumber() + "\n";
return certInfo;
}
