Commit a505ae39 authored by Oleg Korshul's avatar Oleg Korshul

verify cert (openssl only)

parent c3898019
...@@ -12,6 +12,7 @@ ...@@ -12,6 +12,7 @@
#define OPEN_SSL_WARNING_ERR 1 #define OPEN_SSL_WARNING_ERR 1
#define OPEN_SSL_WARNING_ALL_OK 2 #define OPEN_SSL_WARNING_ALL_OK 2
#define OPEN_SSL_WARNING_PASS 4 #define OPEN_SSL_WARNING_PASS 4
#define OPEN_SSL_WARNING_NOVERIFY 8
class ICertificate; class ICertificate;
class Q_DECL_EXPORT ICertificateSelectDialogOpenSsl class Q_DECL_EXPORT ICertificateSelectDialogOpenSsl
...@@ -102,6 +103,7 @@ public: ...@@ -102,6 +103,7 @@ public:
virtual std::string GetDate() = 0; virtual std::string GetDate() = 0;
virtual std::string GetId() = 0; virtual std::string GetId() = 0;
virtual int VerifySelf() = 0;
public: public:
virtual std::string Sign(const std::string& sXml) = 0; virtual std::string Sign(const std::string& sXml) = 0;
......
...@@ -249,6 +249,12 @@ public: ...@@ -249,6 +249,12 @@ public:
if (!m_cert->Verify(sSignatureCalcValue, sSignatureValue, nSignatureMethod)) if (!m_cert->Verify(sSignatureCalcValue, sSignatureValue, nSignatureMethod))
m_valid = OOXML_SIGNATURE_INVALID; m_valid = OOXML_SIGNATURE_INVALID;
else
{
int nCertVerify = m_cert->VerifySelf();
if (OPEN_SSL_WARNING_NOVERIFY == nCertVerify)
m_valid = OOXML_SIGNATURE_INVALID;
}
} }
XmlUtils::CXmlNode GetObjectById(std::string sId) XmlUtils::CXmlNode GetObjectById(std::string sId)
......
...@@ -131,6 +131,11 @@ public: ...@@ -131,6 +131,11 @@ public:
return GetNumber(); return GetNumber();
} }
virtual int VerifySelf()
{
return OPEN_SSL_WARNING_OK;
}
public: public:
virtual std::string Sign(const std::string& sXml) virtual std::string Sign(const std::string& sXml)
{ {
......
...@@ -328,6 +328,7 @@ public: ...@@ -328,6 +328,7 @@ public:
RELEASEARRAYOBJECTS(pData); RELEASEARRAYOBJECTS(pData);
return (NULL == m_cert) ? false : true; return (NULL == m_cert) ? false : true;
} }
return false; return false;
} }
...@@ -424,6 +425,27 @@ public: ...@@ -424,6 +425,27 @@ public:
m_pDialog = pDialog; m_pDialog = pDialog;
} }
int VerifySelf()
{
if (NULL == m_cert)
return OPEN_SSL_WARNING_NOVERIFY;
X509_STORE_CTX* ctx = X509_STORE_CTX_new();
X509_STORE* store = X509_STORE_new();
X509_STORE_add_cert(store, m_cert);
X509_STORE_CTX_init(ctx, store, m_cert, NULL);
int status = X509_verify_cert(ctx);
int nErr = X509_STORE_CTX_get_error(ctx);
std::string sErr(X509_verify_cert_error_string(nErr));
X509_STORE_free(store);
X509_STORE_CTX_free(ctx);
return (1 == status) ? OPEN_SSL_WARNING_OK : OPEN_SSL_WARNING_NOVERIFY;
}
protected: protected:
tm ASN1_GetTimeT(ASN1_TIME* time) tm ASN1_GetTimeT(ASN1_TIME* time)
{ {
...@@ -716,6 +738,11 @@ std::string CCertificate_openssl::GetId() ...@@ -716,6 +738,11 @@ std::string CCertificate_openssl::GetId()
return m_internal->GetId(); return m_internal->GetId();
} }
int CCertificate_openssl::VerifySelf()
{
return m_internal->VerifySelf();
}
std::string CCertificate_openssl::Sign(const std::string& sXml) std::string CCertificate_openssl::Sign(const std::string& sXml)
{ {
return m_internal->Sign(sXml); return m_internal->Sign(sXml);
......
...@@ -26,6 +26,8 @@ public: ...@@ -26,6 +26,8 @@ public:
virtual std::string GetId(); virtual std::string GetId();
virtual int VerifySelf();
public: public:
virtual std::string Sign(const std::string& sXml); virtual std::string Sign(const std::string& sXml);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment