diff options
Diffstat (limited to 'src/network/ssl/qsslcertificate.cpp')
-rw-r--r-- | src/network/ssl/qsslcertificate.cpp | 70 |
1 files changed, 66 insertions, 4 deletions
diff --git a/src/network/ssl/qsslcertificate.cpp b/src/network/ssl/qsslcertificate.cpp index 9ddcb70b1d..d153e0b929 100644 --- a/src/network/ssl/qsslcertificate.cpp +++ b/src/network/ssl/qsslcertificate.cpp @@ -125,7 +125,9 @@ #include "qssl_p.h" #include "qsslcertificate.h" #include "qsslcertificate_p.h" +#ifndef QT_NO_SSL #include "qsslkey_p.h" +#endif #include <QtCore/qdir.h> #include <QtCore/qdiriterator.h> @@ -142,8 +144,12 @@ QT_BEGIN_NAMESPACE QSslCertificate::QSslCertificate(QIODevice *device, QSsl::EncodingFormat format) : d(new QSslCertificatePrivate) { +#ifndef QT_NO_OPENSSL QSslSocketPrivate::ensureInitialized(); if (device && QSslSocket::supportsSsl()) +#else + if (device) +#endif d->init(device->readAll(), format); } @@ -156,8 +162,10 @@ QSslCertificate::QSslCertificate(QIODevice *device, QSsl::EncodingFormat format) QSslCertificate::QSslCertificate(const QByteArray &data, QSsl::EncodingFormat format) : d(new QSslCertificatePrivate) { +#ifndef QT_NO_OPENSSL QSslSocketPrivate::ensureInitialized(); if (QSslSocket::supportsSsl()) +#endif d->init(data, format); } @@ -557,6 +565,8 @@ QList<QSslCertificate> QSslCertificate::fromData(const QByteArray &data, QSsl::E : QSslCertificatePrivate::certificatesFromDer(data); } +#ifndef QT_NO_SSL + /*! Verifies a certificate chain. The chain to be verified is passed in the \a certificateChain parameter. The first certificate in the list should @@ -600,6 +610,8 @@ bool QSslCertificate::importPkcs12(QIODevice *device, return QSslSocketBackendPrivate::importPkcs12(device, key, certificate, caCertificates, passPhrase); } +#endif + // These certificates are known to be fraudulent and were created during the comodo // compromise. See http://www.comodo.com/Comodo-Fraud-Incident-2011-03-23.html static const char *const certificate_blacklist[] = { @@ -647,12 +659,12 @@ static const char *const certificate_blacklist[] = { "27:83", "NIC Certifying Authority", // intermediate certificate from NIC India (2007) "27:92", "NIC CA 2011", // intermediate certificate from NIC India (2011) "27:b1", "NIC CA 2014", // intermediate certificate from NIC India (2014) - 0 + nullptr }; bool QSslCertificatePrivate::isBlacklisted(const QSslCertificate &certificate) { - for (int a = 0; certificate_blacklist[a] != 0; a++) { + for (int a = 0; certificate_blacklist[a] != nullptr; a++) { QString blacklistedCommonName = QString::fromUtf8(certificate_blacklist[(a+1)]); if (certificate.serialNumber() == certificate_blacklist[a++] && (certificate.subjectInfo(QSslCertificate::CommonName).contains(blacklistedCommonName) || @@ -680,6 +692,56 @@ QByteArray QSslCertificatePrivate::subjectInfoToString(QSslCertificate::SubjectI } /*! + \since 5.12 + + Returns a name that describes the issuer. It returns the QSslCertificate::CommonName + if available, otherwise falls back to the first QSslCertificate::Organization or the + first QSslCertificate::OrganizationalUnitName. + + \sa issuerInfo() +*/ +QString QSslCertificate::issuerDisplayName() const +{ + QStringList names; + names = issuerInfo(QSslCertificate::CommonName); + if (!names.isEmpty()) + return names.first(); + names = issuerInfo(QSslCertificate::Organization); + if (!names.isEmpty()) + return names.first(); + names = issuerInfo(QSslCertificate::OrganizationalUnitName); + if (!names.isEmpty()) + return names.first(); + + return QString(); +} + +/*! + \since 5.12 + + Returns a name that describes the subject. It returns the QSslCertificate::CommonName + if available, otherwise falls back to the first QSslCertificate::Organization or the + first QSslCertificate::OrganizationalUnitName. + + \sa subjectInfo() +*/ +QString QSslCertificate::subjectDisplayName() const +{ + QStringList names; + names = subjectInfo(QSslCertificate::CommonName); + if (!names.isEmpty()) + return names.first(); + names = subjectInfo(QSslCertificate::Organization); + if (!names.isEmpty()) + return names.first(); + names = subjectInfo(QSslCertificate::OrganizationalUnitName); + if (!names.isEmpty()) + return names.first(); + + return QString(); +} + +/*! \fn uint qHash(const QSslCertificate &key, uint seed) Returns the hash value for the \a key, using \a seed to seed the calculation. @@ -696,8 +758,8 @@ QDebug operator<<(QDebug debug, const QSslCertificate &certificate) << certificate.version() << ", " << certificate.serialNumber() << ", " << certificate.digest().toBase64() - << ", " << certificate.issuerInfo(QSslCertificate::Organization) - << ", " << certificate.subjectInfo(QSslCertificate::Organization) + << ", " << certificate.issuerDisplayName() + << ", " << certificate.subjectDisplayName() << ", " << certificate.subjectAlternativeNames() #if QT_CONFIG(datestring) << ", " << certificate.effectiveDate() |