diff options
| author | Sebastian | 2010-05-12 19:42:27 +0200 |
|---|---|---|
| committer | Sebastian | 2010-05-12 19:42:27 +0200 |
| commit | ce3329047d378a14006ce74ec273ac59e3375303 (patch) | |
| tree | 782430f270b4c7aca1b35d5b7813518e3797c555 /src/util/CertManager.cpp | |
| download | pvs-ce3329047d378a14006ce74ec273ac59e3375303.tar.gz pvs-ce3329047d378a14006ce74ec273ac59e3375303.tar.xz pvs-ce3329047d378a14006ce74ec273ac59e3375303.zip | |
initial import of latest svn version
Diffstat (limited to 'src/util/CertManager.cpp')
| -rw-r--r-- | src/util/CertManager.cpp | 87 |
1 files changed, 87 insertions, 0 deletions
diff --git a/src/util/CertManager.cpp b/src/util/CertManager.cpp new file mode 100644 index 0000000..99d2438 --- /dev/null +++ b/src/util/CertManager.cpp @@ -0,0 +1,87 @@ +/*
+# Copyright (c) 2009 - OpenSLX Project, Computer Center University of Freiburg
+#
+# This program is free software distributed under the GPL version 2.
+# See http://openslx.org/COPYING
+#
+# If you have any feedback please consult http://openslx.org/feedback and
+# send your suggestions, praise, or complaints to feedback@openslx.org
+#
+# General information about OpenSLX can be found at http://openslx.org/
+# -----------------------------------------------------------------------------
+# src/util/CertManager.cpp
+# - Manage SSL certificates
+# - provide access by name
+# -----------------------------------------------------------------------------
+*/
+
+#include "CertManager.h"
+#include "util.h"
+#include <QMap>
+#include <QFileInfo>
+#include <cstdlib>
+
+namespace CertManager
+{
+ static QMap<QString, QSslCertificate> _certs;
+ static QMap<QString, QSslKey> _keys;
+
+ void generateFiles(QString key, QString cert);
+
+ QSslKey getPrivateKey(QString name) {
+ if (_keys.contains(name)) return _keys[name];
+ QString cert = getPolicyFilePath(name);
+ QString key = cert;
+ key.append(".rsa");
+ cert.append(".crt");
+ //
+ QFileInfo keyfile(key);
+ QFileInfo certfile(cert);
+ if (keyfile.exists() && certfile.exists())
+ { // It wouldn't make sense to have one without the other
+ if (getCertificate(name).isNull()) return QSslKey();
+ QFile f(key);
+ f.open(QFile::ReadOnly);
+ QSslKey k = QSslKey(&f, QSsl::Rsa, QSsl::Pem, QSsl::PrivateKey);
+ _keys.insert(name, k);
+ return k;
+ }
+ generateFiles(key, cert);
+ keyfile = QFileInfo(key);
+ if (!keyfile.exists() || getCertificate(name).isNull()) return QSslKey();
+ QFile f(key);
+ f.open(QFile::ReadOnly);
+ QSslKey k = QSslKey(&f, QSsl::Rsa, QSsl::Pem, QSsl::PrivateKey);
+ if (!k.isNull()) _keys.insert(name, k);
+ return k;
+ }
+
+ QSslCertificate getCertificate(QString name) {
+ if (_certs.contains(name)) return _certs[name];
+ QString cert = getPolicyFilePath(name);
+ cert.append(".crt");
+ //
+ QFileInfo certfile(cert);
+ if (certfile.exists())
+ {
+ QList<QSslCertificate> certlist = QSslCertificate::fromPath(cert);
+ if (certlist.empty()) return QSslCertificate();
+ QSslCertificate c = certlist.first();
+ if (!c.isNull()) _certs.insert(name, c);
+ return c;
+ }
+ return QSslCertificate();
+ }
+
+ void generateFiles(QString key, QString cert)
+ {
+ char tmp[1000];
+ unlink(key.toLocal8Bit().data());
+ unlink(cert.toLocal8Bit().data());
+ snprintf(tmp, 1000, "openssl req -x509 -nodes -days 3650 -newkey rsa:1024 -subj '/C=DE/ST=BaWue/L=Freiburg/CN=openslx.org' -keyout \"%s\" -out \"%s\"",
+ key.toLocal8Bit().data(), cert.toLocal8Bit().data());
+ system(tmp);
+ snprintf(tmp, 1000, "chmod 0600 \"%s\" \"%s\"", key.toLocal8Bit().data(), cert.toLocal8Bit().data());
+ system(tmp);
+ }
+}
|