32 #include <tdetempfile.h>
38 KSSLPKCS12::KSSLPKCS12() {
43 kossl = KOSSL::self();
50 if (_pkey) kossl->EVP_PKEY_free(_pkey);
53 X509* x5 =
reinterpret_cast<X509*
>(kossl->OPENSSL_sk_pop(_caStack));
57 kossl->OPENSSL_sk_free(_caStack);
59 if (_pkcs) kossl->PKCS12_free(_pkcs);
61 if (_cert)
delete _cert;
69 if (base64.isEmpty())
return NULL;
70 TQByteArray qba, qbb = TQCString(base64.latin1()).copy();
71 KCodecs::base64Decode(qbb, qba);
72 ktf.file()->writeBlock(qba);
86 PKCS12 *newpkcs = NULL;
88 if (!qf.open(IO_ReadOnly))
91 FILE *fp = fdopen(qf.handle(),
"r");
94 newpkcs = KOSSL::self()->d2i_PKCS12_fp(fp, &newpkcs);
98 KOSSL::self()->ERR_clear_error();
106 if (!c->parse(password)) {
126 return (0 == kossl->PKCS12_newpass(_pkcs,
127 pold.isNull() ? (
char *)
"" : (
char *)pold.latin1(),
128 pnew.isNull() ? (
char *)
"" : (
char *)pnew.latin1()));
134 bool KSSLPKCS12::parse(TQString pass) {
140 if (_cert)
delete _cert;
141 if (_pkey) kossl->EVP_PKEY_free(_pkey);
144 X509* x5 =
reinterpret_cast<X509*
>(kossl->OPENSSL_sk_pop(_caStack));
146 kossl->X509_free(x5);
148 kossl->OPENSSL_sk_free(_caStack);
154 int rc = kossl->PKCS12_parse(_pkcs, pass.latin1(), &_pkey, &x, &_caStack);
162 _cert->setChain(_caStack);
169 kossl->ERR_clear_error();
192 len = kossl->i2d_PKCS12(_pkcs, NULL);
194 char *buf =
new char[len];
195 p = (
unsigned char *)buf;
196 kossl->i2d_PKCS12(_pkcs, &p);
198 qba.setRawData(buf, len);
199 base64 = KCodecs::base64Encode(qba);
200 qba.resetRawData(buf, len);
211 TQFile out(filename);
213 if (!out.open(IO_WriteOnly))
return false;
215 int fd = out.handle();
216 FILE *fp = fdopen(fd,
"w");
219 unlink(filename.latin1());
223 kossl->i2d_PKCS12_fp(fp, _pkcs);
233 return validate(KSSLCertificate::SSLServer);
240 if (1 != kossl->X509_check_private_key(_cert->getCert(), _pkey)) {
241 xx = KSSLCertificate::PrivateKeyFailed;
246 return KSSLCertificate::NoSSL;
252 return revalidate(KSSLCertificate::SSLServer);
262 return isValid(KSSLCertificate::SSLServer);
267 return (
validate(p) == KSSLCertificate::Ok);
TQString toString()
Convert to a Base64 string.
static KSSLPKCS12 * fromString(TQString base64, TQString password="")
Create a KSSLPKCS12 object from a Base64 in a TQString.
void setCert(PKCS12 *c)
Raw set the PKCS12 object.
virtual ~KSSLPKCS12()
Destroy this PKCS#12 certificate.
KSSLValidation validate()
Check if this is a valid certificate.
bool changePassword(TQString pold, TQString pnew)
Change the password of the PKCS#12 in memory.
bool setCert(TQString &cert)
Re-set the certificate from a base64 string.
KSSLValidation revalidate()
Check if this is a valid certificate.
static KSSLPKCS12 * loadCertFile(TQString filename, TQString password="")
Create a KSSLPKCS12 object by reading a PKCS#12 file.
TQString name()
The name of this certificate.
KSSLCertificate::KSSLValidation revalidate()
Check the X.509 and private key to make sure they're valid.
KSSLValidation
A CA certificate can be validated as Irrelevant when it was not used to sign any other relevant certi...
KSSLCertificate::KSSLValidation validate()
Check the X.509 and private key to make sure they're valid.
EVP_PKEY * getPrivateKey()
Get the private key.
TQString getSubject() const
Get the subject of the certificate (X.509 map).
bool isValid()
Check if the X.509 and private key are valid.
bool toFile(TQString filename)
Write the PKCS#12 to a file in raw mode.
KSSLCertificate * getCertificate()
Get the X.509 certificate.