32 #include <tdetempfile.h> 38 #define sk_new kossl->sk_new 39 #define sk_push kossl->sk_push 40 #define sk_free kossl->sk_free 41 #define sk_value kossl->sk_value 42 #define sk_num kossl->sk_num 43 #define sk_dup kossl->sk_dup 44 #define sk_pop kossl->sk_pop 48 KSSLPKCS12::KSSLPKCS12() {
53 kossl = KOSSL::self();
60 if (_pkey) kossl->EVP_PKEY_free(_pkey);
63 X509* x5 = sk_X509_pop(_caStack);
67 sk_X509_free(_caStack);
69 if (_pkcs) kossl->PKCS12_free(_pkcs);
71 if (_cert)
delete _cert;
79 if (base64.isEmpty())
return NULL;
80 TQByteArray qba, qbb = TQCString(base64.latin1()).copy();
81 KCodecs::base64Decode(qbb, qba);
82 ktf.file()->writeBlock(qba);
96 PKCS12 *newpkcs = NULL;
98 if (!qf.open(IO_ReadOnly))
101 FILE *fp = fdopen(qf.handle(),
"r");
102 if (!fp)
return NULL;
104 newpkcs = KOSSL::self()->d2i_PKCS12_fp(fp, &newpkcs);
108 KOSSL::self()->ERR_clear_error();
116 if (!c->parse(password)) {
136 return (0 == kossl->PKCS12_newpass(_pkcs,
137 pold.isNull() ? (
char *)
"" : (
char *)pold.latin1(),
138 pnew.isNull() ? (
char *)
"" : (
char *)pnew.latin1()));
144 bool KSSLPKCS12::parse(TQString pass) {
150 if (_cert)
delete _cert;
151 if (_pkey) kossl->EVP_PKEY_free(_pkey);
154 X509* x5 = sk_X509_pop(_caStack);
156 kossl->X509_free(x5);
158 sk_X509_free(_caStack);
164 int rc = kossl->PKCS12_parse(_pkcs, pass.latin1(), &_pkey, &x, &_caStack);
172 _cert->setChain(_caStack);
179 kossl->ERR_clear_error();
202 len = kossl->i2d_PKCS12(_pkcs, NULL);
204 char *buf =
new char[len];
205 p = (
unsigned char *)buf;
206 kossl->i2d_PKCS12(_pkcs, &p);
208 qba.setRawData(buf, len);
209 base64 = KCodecs::base64Encode(qba);
210 qba.resetRawData(buf, len);
221 TQFile out(filename);
223 if (!out.open(IO_WriteOnly))
return false;
225 int fd = out.handle();
226 FILE *fp = fdopen(fd,
"w");
229 unlink(filename.latin1());
233 kossl->i2d_PKCS12_fp(fp, _pkcs);
243 return validate(KSSLCertificate::SSLServer);
250 if (1 != kossl->X509_check_private_key(_cert->getCert(), _pkey)) {
251 xx = KSSLCertificate::PrivateKeyFailed;
256 return KSSLCertificate::NoSSL;
262 return revalidate(KSSLCertificate::SSLServer);
272 return isValid(KSSLCertificate::SSLServer);
277 return (
validate(p) == KSSLCertificate::Ok);
TQString toString()
Convert to a Base64 string.
static KSSLPKCS12 * fromString(TQString base64, TQString password="")
Create a KSSLPKCS12 object from a Base64 in a TQString.
void setCert(PKCS12 *c)
Raw set the PKCS12 object.
virtual ~KSSLPKCS12()
Destroy this PKCS#12 certificate.
KSSLValidation validate()
Check if this is a valid certificate.
bool changePassword(TQString pold, TQString pnew)
Change the password of the PKCS#12 in memory.
bool setCert(TQString &cert)
Re-set the certificate from a base64 string.
KSSLValidation revalidate()
Check if this is a valid certificate.
static KSSLPKCS12 * loadCertFile(TQString filename, TQString password="")
Create a KSSLPKCS12 object by reading a PKCS#12 file.
TQString name()
The name of this certificate.
KSSLCertificate::KSSLValidation revalidate()
Check the X.509 and private key to make sure they're valid.
KSSLValidation
A CA certificate can be validated as Irrelevant when it was not used to sign any other relevant certi...
KSSLCertificate::KSSLValidation validate()
Check the X.509 and private key to make sure they're valid.
EVP_PKEY * getPrivateKey()
Get the private key.
TQString getSubject() const
Get the subject of the certificate (X.509 map).
bool isValid()
Check if the X.509 and private key are valid.
bool toFile(TQString filename)
Write the PKCS#12 to a file in raw mode.
KSSLCertificate * getCertificate()
Get the X.509 certificate.