Added qsslcertificate_qt.cpp

Having QAsn1Element in place, we can have a common foundation
for the ssl certificate class for upcoming ports like WinRT
and SecureTransport. The only thing that has to be added to
the existing class is the handle() functionality.

Change-Id: I560a8e412b26f350855c7bc456fcdb8e9b750939
Reviewed-by: Richard J. Moore <rich@kde.org>

src/network/ssl/qsslcertificate_qt.cpp

@@ -43,6 +43,10 @@
 
 #include "qsslcertificate.h"
 #include "qsslcertificate_p.h"
+#include "qsslkey.h"
+#include "qsslkey_p.h"
+#include "qsslcertificateextension.h"
+#include "qsslcertificateextension_p.h"
 
 QT_BEGIN_NAMESPACE
 
@@ -50,85 +54,79 @@ bool QSslCertificate::operator==(const QSslCertificate &other) const
 {
     if (d == other.d)
         return true;
-    return false;
+    if (d->null && other.d->null)
+        return true;
+    return d->derData == other.d->derData;
 }
 
 bool QSslCertificate::isNull() const
 {
-    Q_UNIMPLEMENTED();
+    return d->null;
-    return true;
 }
 
 bool QSslCertificate::isSelfSigned() const
 {
-    Q_UNIMPLEMENTED();
+    if (d->null)
-    return true;
+        return false;
+
+    qWarning("QSslCertificate::isSelfSigned: This function does not check, whether the certificate \
+             is actually signed. It just checks whether issuer and subject are identical");
+    return d->subjectMatchesIssuer;
 }
 
 QByteArray QSslCertificate::version() const
 {
-    Q_UNIMPLEMENTED();
+    return d->versionString;
-    return QByteArray();
 }
 
 QByteArray QSslCertificate::serialNumber() const
 {
-    Q_UNIMPLEMENTED();
+    return d->serialNumberString;
-    return QByteArray();
 }
 
 QStringList QSslCertificate::issuerInfo(SubjectInfo info) const
 {
-    Q_UNIMPLEMENTED();
+    return issuerInfo(QSslCertificatePrivate::subjectInfoToString(info));
-    return QStringList();
 }
 
 QStringList QSslCertificate::issuerInfo(const QByteArray &attribute) const
 {
-    Q_UNIMPLEMENTED();
+    return d->issuerInfo.values(attribute);
-    return QStringList();
 }
 
 QStringList QSslCertificate::subjectInfo(SubjectInfo info) const
 {
-    Q_UNIMPLEMENTED();
+    return subjectInfo(QSslCertificatePrivate::subjectInfoToString(info));
-    return QStringList();
 }
 
 QStringList QSslCertificate::subjectInfo(const QByteArray &attribute) const
 {
-    Q_UNIMPLEMENTED();
+    return d->subjectInfo.values(attribute);
-    return QStringList();
 }
 
 QList<QByteArray> QSslCertificate::subjectInfoAttributes() const
 {
-    Q_UNIMPLEMENTED();
+    return d->subjectInfo.uniqueKeys();
-    return QList<QByteArray>();
 }
 
 QList<QByteArray> QSslCertificate::issuerInfoAttributes() const
 {
-    Q_UNIMPLEMENTED();
+    return d->issuerInfo.uniqueKeys();
-    return QList<QByteArray>();
 }
 
 QMultiMap<QSsl::AlternativeNameEntryType, QString> QSslCertificate::subjectAlternativeNames() const
 {
-    Q_UNIMPLEMENTED();
+    return d->subjectAlternativeNames;
-    return QMultiMap<QSsl::AlternativeNameEntryType, QString>();
 }
 
 QDateTime QSslCertificate::effectiveDate() const
 {
-    Q_UNIMPLEMENTED();
+    return d->notValidBefore;
-    return QDateTime();
 }
 
 QDateTime QSslCertificate::expiryDate() const
 {
-    Q_UNIMPLEMENTED();
+    return d->notValidAfter;
-    return QDateTime();
 }
 
 Qt::HANDLE QSslCertificate::handle() const
@@ -139,8 +137,13 @@ Qt::HANDLE QSslCertificate::handle() const
 
 QSslKey QSslCertificate::publicKey() const
 {
-    Q_UNIMPLEMENTED();
+    QSslKey key;
-    return QSslKey();
+    key.d->type = QSsl::PublicKey;
+    if (d->publicKeyAlgorithm != QSsl::Opaque) {
+    key.d->algorithm = d->publicKeyAlgorithm;
+    key.d->decodeDer(d->publicKeyDerData, QByteArray());
+    }
+    return key;
 }
 
 QList<QSslCertificateExtension> QSslCertificate::extensions() const
@@ -149,16 +152,31 @@ QList<QSslCertificateExtension> QSslCertificate::extensions() const
     return QList<QSslCertificateExtension>();
 }
 
+#define BEGINCERTSTRING "-----BEGIN CERTIFICATE-----"
+#define ENDCERTSTRING "-----END CERTIFICATE-----"
+
 QByteArray QSslCertificate::toPem() const
 {
-    Q_UNIMPLEMENTED();
+    QByteArray array = toDer();
-    return QByteArray();
+
+    // Convert to Base64 - wrap at 64 characters.
+    array = array.toBase64();
+    QByteArray tmp;
+    for (int i = 0; i <= array.size() - 64; i += 64) {
+        tmp += QByteArray::fromRawData(array.data() + i, 64);
+        tmp += '\n';
+    }
+    if (int remainder = array.size() % 64) {
+        tmp += QByteArray::fromRawData(array.data() + array.size() - remainder, remainder);
+        tmp += '\n';
+    }
+
+    return BEGINCERTSTRING "\n" + tmp + ENDCERTSTRING "\n";
 }
 
 QByteArray QSslCertificate::toDer() const
 {
-    Q_UNIMPLEMENTED();
+    return d->derData;
-    return QByteArray();
 }
 
 QString QSslCertificate::toText() const
@@ -169,23 +187,78 @@ QString QSslCertificate::toText() const
 
 void QSslCertificatePrivate::init(const QByteArray &data, QSsl::EncodingFormat format)
 {
-    Q_UNIMPLEMENTED();
+    if (!data.isEmpty()) {
+        QList<QSslCertificate> certs = (format == QSsl::Pem)
+            ? certificatesFromPem(data, 1)
+            : certificatesFromDer(data, 1);
+        if (!certs.isEmpty()) {
+            *this = *certs.first().d;
+        }
+    }
+}
+
+static bool matchLineFeed(const QByteArray &pem, int *offset)
+{
+    char ch = 0;
+
+    // ignore extra whitespace at the end of the line
+    while (*offset < pem.size() && (ch = pem.at(*offset)) == ' ')
+        ++*offset;
+
+    if (ch == '\n') {
+        *offset += 1;
+        return true;
+    }
+    if (ch == '\r' && pem.size() > (*offset + 1) && pem.at(*offset + 1) == '\n') {
+        *offset += 2;
+        return true;
+    }
+    return false;
 }
 
 QList<QSslCertificate> QSslCertificatePrivate::certificatesFromPem(const QByteArray &pem, int count)
 {
-    Q_UNIMPLEMENTED();
+    QList<QSslCertificate> certificates;
-    Q_UNUSED(pem)
+    int offset = 0;
-    Q_UNUSED(count)
+    while (count == -1 || certificates.size() < count) {
-    return QList<QSslCertificate>();
+        int startPos = pem.indexOf(BEGINCERTSTRING, offset);
+        if (startPos == -1)
+            break;
+        startPos += sizeof(BEGINCERTSTRING) - 1;
+        if (!matchLineFeed(pem, &startPos))
+            break;
+
+        int endPos = pem.indexOf(ENDCERTSTRING, startPos);
+        if (endPos == -1)
+            break;
+
+        offset = endPos + sizeof(ENDCERTSTRING) - 1;
+        if (offset < pem.size() && !matchLineFeed(pem, &offset))
+            break;
+
+        QByteArray decoded = QByteArray::fromBase64(
+            QByteArray::fromRawData(pem.data() + startPos, endPos - startPos));
+        certificates << certificatesFromDer(decoded, 1);;
+    }
+
+    return certificates;
 }
 
 QList<QSslCertificate> QSslCertificatePrivate::certificatesFromDer(const QByteArray &der, int count)
 {
-    Q_UNIMPLEMENTED();
+    QList<QSslCertificate> certificates;
-    Q_UNUSED(der)
+
-    Q_UNUSED(count)
+    QByteArray data = der;
-    return QList<QSslCertificate>();
+    while (count == -1 || certificates.size() < count) {
+        QSslCertificate cert;
+        if (!cert.d->parse(data))
+            break;
+
+        certificates << cert;
+        data.remove(0, cert.d->derData.size());
+    }
+
+    return certificates;
 }
 
 QT_END_NAMESPACE

src/network/ssl/ssl.pri

@@ -27,7 +27,7 @@ contains(QT_CONFIG, ssl) | contains(QT_CONFIG, openssl) | contains(QT_CONFIG, op
 
     winrt {
         HEADERS += ssl/qsslsocket_winrt_p.h
-        SOURCES += ssl/qsslcertificate_winrt.cpp \
+        SOURCES += ssl/qsslcertificate_qt.cpp \
                    ssl/qsslkey_winrt.cpp \
                    ssl/qsslsocket_winrt.cpp
     }