blob: ff541165feb1fa25163a06999aae1e7d8f08b061 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
|
// Copyright (C) 2021 The Qt Company Ltd.
// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only
#include "qtlskey_base_p.h"
#include "qasn1element_p.h"
QT_BEGIN_NAMESPACE
namespace QTlsPrivate {
QByteArray TlsKeyBase::pemFromDer(const QByteArray &der, const QMap<QByteArray, QByteArray> &headers) const
{
QByteArray pem(der.toBase64());
const int lineWidth = 64; // RFC 1421
const int newLines = pem.size() / lineWidth;
const bool rem = pem.size() % lineWidth;
for (int i = 0; i < newLines; ++i)
pem.insert((i + 1) * lineWidth + i, '\n');
if (rem)
pem.append('\n');
QByteArray extra;
if (!headers.isEmpty()) {
QMap<QByteArray, QByteArray>::const_iterator it = headers.constEnd();
do {
--it;
extra += it.key() + ": " + it.value() + '\n';
} while (it != headers.constBegin());
extra += '\n';
}
if (isEncryptedPkcs8(der)) {
pem.prepend(pkcs8Header(true) + '\n' + extra);
pem.append(pkcs8Footer(true) + '\n');
} else if (isPkcs8()) {
pem.prepend(pkcs8Header(false) + '\n' + extra);
pem.append(pkcs8Footer(false) + '\n');
} else {
pem.prepend(pemHeader() + '\n' + extra);
pem.append(pemFooter() + '\n');
}
return pem;
}
QByteArray TlsKeyBase::pkcs8Header(bool encrypted)
{
return encrypted
? QByteArrayLiteral("-----BEGIN ENCRYPTED PRIVATE KEY-----")
: QByteArrayLiteral("-----BEGIN PRIVATE KEY-----");
}
QByteArray TlsKeyBase::pkcs8Footer(bool encrypted)
{
return encrypted
? QByteArrayLiteral("-----END ENCRYPTED PRIVATE KEY-----")
: QByteArrayLiteral("-----END PRIVATE KEY-----");
}
bool TlsKeyBase::isEncryptedPkcs8(const QByteArray &der)
{
static const QList<QByteArray> pbes1OIds {
// PKCS5
{ PKCS5_MD2_DES_CBC_OID }, { PKCS5_MD2_RC2_CBC_OID }, { PKCS5_MD5_DES_CBC_OID },
{ PKCS5_MD5_RC2_CBC_OID }, { PKCS5_SHA1_DES_CBC_OID }, { PKCS5_SHA1_RC2_CBC_OID },
};
QAsn1Element elem;
if (!elem.read(der) || elem.type() != QAsn1Element::SequenceType)
return false;
const auto items = elem.toList();
if (items.size() != 2
|| items[0].type() != QAsn1Element::SequenceType
|| items[1].type() != QAsn1Element::OctetStringType) {
return false;
}
const auto encryptionSchemeContainer = items[0].toList();
if (encryptionSchemeContainer.size() != 2
|| encryptionSchemeContainer[0].type() != QAsn1Element::ObjectIdentifierType
|| encryptionSchemeContainer[1].type() != QAsn1Element::SequenceType) {
return false;
}
const QByteArray encryptionScheme = encryptionSchemeContainer[0].toObjectId();
return encryptionScheme == PKCS5_PBES2_ENCRYPTION_OID
|| pbes1OIds.contains(encryptionScheme)
|| encryptionScheme.startsWith(PKCS12_OID);
}
} // namespace QTlsPrivate
QT_END_NAMESPACE
|