security/tokentool
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

updated to qt5 with more information than ever before

Browse Source
This commit is contained in:
Marc Wäckerlin
2017-02-03 15:51:14 +00:00
parent 4c67a69402
commit 17e69f75ca
14 changed files with 791 additions and 152 deletions
Download Patch File Download Diff File Expand all files Collapse all files

213
src/tokentool.hxx
View File

@@ -12,7 +12,10 @@
#include <QMessageBox>
#include <QProgressBar>
#include <QDateTime>
#include <QColor>
#include <QSslCertificate>
#include <QSslKey>
#include <QSslCertificateExtension>
#include <ui_tokentool.hxx>
#include <memory>
@@ -20,12 +23,6 @@
#include <cryptoki.hxx>
#if QT_VERSION >= 0x050000
namespace QSsl {
typedef AlternativeNameEntryType AlternateNameEntryType;
}
#endif
inline QString qs(const std::string& s) {
return QString::fromStdString(s);
}
@@ -302,61 +299,163 @@ class tokentool: public QMainWindow, protected Ui::tokentool {
void addCertificate(const std::string& label, const std::string& id,
const QSslCertificate& cert) {
if (cert.isNull()) return;
QString txt;
QSslKey pubkey(cert.publicKey());
QTreeWidgetItem *twi(0);
QTreeWidgetItem* c(new QTreeWidgetItem(QStringList()<<qs(label)));
c->setData(0, Qt::UserRole, qs(id));
// c->setData(0, Qt::UserRole, qs(id));
_certificates->addTopLevelItem(c);
c->addChild
((new QTreeWidgetItem
(QStringList()<<tr("Valid Since")
<<cert.effectiveDate().toString(Qt::SystemLocaleLongDate))));
(new QTreeWidgetItem
(QStringList()<<tr("Valid Since")
<<cert.effectiveDate().toString(Qt::SystemLocaleLongDate)));
c->addChild
((new QTreeWidgetItem
(QStringList()<<tr("Valid Until")
<<cert.expiryDate().toString(Qt::SystemLocaleLongDate))));
(new QTreeWidgetItem
(QStringList()<<tr("Valid Until")
<<cert.expiryDate().toString(Qt::SystemLocaleLongDate)));
c->addChild
((new QTreeWidgetItem
(QStringList()<<tr("Certificate Serial Number")
<<cert.serialNumber())));
QTreeWidgetItem *it(0);
(new QTreeWidgetItem
(QStringList()<<tr("Version")
<<cert.version()));
c->addChild
((it = new QTreeWidgetItem(QStringList()<<tr("Subject Info")<<"")));
for (QSslCertificate::SubjectInfo
si(QSslCertificate::StateOrProvinceName);
si>=QSslCertificate::Organization;
si=(QSslCertificate::SubjectInfo)((int)si-1))
if (!cert.subjectInfo(si).isEmpty()) {
it->addChild
((new QTreeWidgetItem(subjectInfo(si)
<<utfConv(cert.subjectInfo(si)))));
}
it->setExpanded(true);
QMultiMap<QSsl::AlternateNameEntryType, QString>
#if QT_VERSION <0x050000
asns(cert.alternateSubjectNames())
#else
asns(cert.subjectAlternativeNames())
#endif
;
for (QMultiMap<QSsl::AlternateNameEntryType, QString>::iterator
asn(asns.begin()); asn!=asns.end(); ++asn)
it->addChild
((new QTreeWidgetItem
(QStringList()<<alternateName(asn.key())<<asn.value())));
(new QTreeWidgetItem
(QStringList()<<tr("Digest")
<<cert.digest().toHex()));
c->addChild
((it = new QTreeWidgetItem(QStringList()<<tr("Issuer Info")<<"")));
for (QSslCertificate::SubjectInfo
si(QSslCertificate::StateOrProvinceName);
si>=QSslCertificate::Organization;
si=(QSslCertificate::SubjectInfo)((int)si-1))
if (!cert.issuerInfo(si).isEmpty())
it->addChild
((new QTreeWidgetItem(subjectInfo(si)
<<utfConv(cert.issuerInfo(si)))));
it->setExpanded(true);
(new QTreeWidgetItem
(QStringList()<<tr("Serial Number")
<<cert.serialNumber()));
c->addChild
(twi = new QTreeWidgetItem
(QStringList()<<tr("Issuer Info")));
for (QByteArray attr: cert.issuerInfoAttributes())
twi->addChild
(new QTreeWidgetItem
(QStringList()<<attr
<<cert.issuerInfo(attr)));
twi->setExpanded(true);
c->addChild
(twi = new QTreeWidgetItem
(QStringList()<<tr("Subject Info")));
for (QByteArray attr: cert.subjectInfoAttributes())
twi->addChild
(new QTreeWidgetItem
(QStringList()<<attr
<<cert.subjectInfo(attr)));
twi->setExpanded(true);
c->addChild
(twi = new QTreeWidgetItem
(QStringList()<<tr("Extensions")));
for (QSslCertificateExtension ext: cert.extensions())
for (const auto& v: stringify(ext.value()).toStdMap())
twi->addChild
(new QTreeWidgetItem // not used: oid
(QStringList()<<(v.first.isEmpty()
? ext.name()
: tr("%1[%2]", "element of a certificate extension map;"
" %1: extension name, %2: map entry name")
.arg(ext.name()).arg(v.first))<<v.second));
twi->setExpanded(true);
c->addChild
(twi = new QTreeWidgetItem
(QStringList()<<tr("Public Key")));
switch (pubkey.algorithm()) {
case QSsl::Rsa: txt="RSA"; break;
case QSsl::Dsa: txt="DSA"; break;
/// @bug error: Ec is not a member of QSsl
//case QSsl::Ec: txt="EC"; break;
case QSsl::Opaque: txt="Opaque"; break;
default: txt="****ERROR****"; break;
}
twi->addChild(new QTreeWidgetItem(QStringList()<<tr("Algorithm")<<txt));
twi->setExpanded(true);
/// @bug error: const class QSslCertificate has no member named isSelfSigned
// if (cert.isSelfSigned())
// for (int i=0; i<c->columnCount(); ++i)
// c->setBackground(i, Qt::darkYellow);
if (cert.isBlacklisted())
for (int i=0; i<c->columnCount(); ++i)
c->setBackground(i, Qt::red);
// c->addChild
// ((it = new QTreeWidgetItem(QStringList()<<tr("Subject Info")<<"")));
// for (QSslCertificate::SubjectInfo
// si(QSslCertificate::StateOrProvinceName);
// si>=QSslCertificate::Organization;
// si=(QSslCertificate::SubjectInfo)((int)si-1))
// if (!cert.subjectInfo(si).isEmpty()) {
// it->addChild
// ((new QTreeWidgetItem(subjectInfo(si)
// <<utfConv(cert.subjectInfo(si)))));
// }
// it->setExpanded(true);
// QMultiMap<QSsl::AlternateNameEntryType, QString>
// #if QT_VERSION <0x050000
// asns(cert.alternateSubjectNames())
// #else
// asns(cert.subjectAlternativeNames())
// #endif
// ;
// for (QMultiMap<QSsl::AlternateNameEntryType, QString>::iterator
// asn(asns.begin()); asn!=asns.end(); ++asn)
// it->addChild
// ((new QTreeWidgetItem
// (QStringList()<<alternateName(asn.key())<<asn.value())));
// c->addChild
// ((it = new QTreeWidgetItem(QStringList()<<tr("Issuer Info")<<"")));
// for (QSslCertificate::SubjectInfo
// si(QSslCertificate::StateOrProvinceName);
// si>=QSslCertificate::Organization;
// si=(QSslCertificate::SubjectInfo)((int)si-1))
// if (!cert.issuerInfo(si).isEmpty())
// it->addChild
// ((new QTreeWidgetItem(subjectInfo(si)
// <<utfConv(cert.issuerInfo(si)))));
// it->setExpanded(true);
_certificates->resizeColumnToContents(0);
_certificates->resizeColumnToContents(1);
}
private:
QMultiMap<QString, QString> stringify(const QVariant& v) {
QMultiMap<QString, QString> res;
switch (v.type()) {
case QVariant::ByteArray: {
bool nonprint(false);
QString txt(QString::fromUtf8(v.toByteArray()));
for (QChar& c: txt) {
if (!c.isPrint())
if (c=='\n'||c=='\r') {
c = '\n';
} else {
txt.replace(c, tr("[%1]",
"stringified representation of nonprintable character;"
" %1: value in hex")
.arg(QString::fromLocal8Bit(QString(c).toUtf8().toHex())));
nonprint = true;
}
}
res.insert(QString(), txt);
} break;
case QVariant::List:
for (const QVariant& vv: v.toList())
res.insert(QString(), QStringList(stringify(vv).values()).join('\n'));
break;
case QVariant::Map:
for (auto vv: v.toMap().toStdMap())
res.insert(vv.first, QStringList(stringify(vv.second).values()).join('\n'));
break;
case QVariant::StringList:
for (const auto& vv: v.toStringList())
res.insert(QString(), vv);
break;
case QVariant::String:
res.insert(QString(), v.toString());
break;
default:
res.insert(v.typeName(), v.toString());
}
return res;
}
void deleteCert(QTreeWidgetItem* item) {
if (!_slot) return;
if (_pin->text().isEmpty()) {
@@ -388,13 +487,13 @@ class tokentool: public QMainWindow, protected Ui::tokentool {
}
setup();
}
QString alternateName(QSsl::AlternateNameEntryType an) {
switch (an) {
case QSsl::EmailEntry: return tr("E-Mail");
case QSsl::DnsEntry: return tr("URL");
}
return tr("error", "unknown certificate subject alternate name");
}
// QString alternateName(QSsl::AlternateNameEntryType an) {
// switch (an) {
// case QSsl::EmailEntry: return tr("E-Mail");
// case QSsl::DnsEntry: return tr("URL");
// }
// return tr("error", "unknown certificate subject alternate name");
// }
QStringList subjectInfo(QSslCertificate::SubjectInfo si) {
QStringList res;
switch (si) {