From 9714fdf25cfe910e60d1c3a31d6349bcc0e754c9 Mon Sep 17 00:00:00 2001 From: Jakub Melka Date: Thu, 18 Jun 2020 20:58:33 +0200 Subject: [PATCH] Certificate key usage --- PdfForQtLib/sources/pdfsignaturehandler.cpp | 40 +++++++++++++++++++-- PdfForQtLib/sources/pdfsignaturehandler.h | 24 +++++++++++++ 2 files changed, 62 insertions(+), 2 deletions(-) diff --git a/PdfForQtLib/sources/pdfsignaturehandler.cpp b/PdfForQtLib/sources/pdfsignaturehandler.cpp index ec3e607..dd703bf 100644 --- a/PdfForQtLib/sources/pdfsignaturehandler.cpp +++ b/PdfForQtLib/sources/pdfsignaturehandler.cpp @@ -523,8 +523,24 @@ PDFCertificateInfo PDFPublicKeySignatureHandler::getCertificateInfo(X509* certif } info.setPublicKey(key); - EVP_PKEY_bits(); - EVP_PKEY_security_bits(); + const int bits = EVP_PKEY_bits(evpKey); + info.setKeySize(bits); + + const uint32_t keyUsage = X509_get_key_usage(certificate); + if (keyUsage != UINT32_MAX) + { + static_assert(PDFCertificateInfo::KeyUsageDigitalSignature == KU_DIGITAL_SIGNATURE, "Fix this code!"); + static_assert(PDFCertificateInfo::KeyUsageNonRepudiation == KU_NON_REPUDIATION, "Fix this code!"); + static_assert(PDFCertificateInfo::KeyUsageKeyEncipherment == KU_KEY_ENCIPHERMENT, "Fix this code!"); + static_assert(PDFCertificateInfo::KeyUsageDataEncipherment == KU_DATA_ENCIPHERMENT, "Fix this code!"); + static_assert(PDFCertificateInfo::KeyUsageAgreement == KU_KEY_AGREEMENT, "Fix this code!"); + static_assert(PDFCertificateInfo::KeyUsageCertSign == KU_KEY_CERT_SIGN, "Fix this code!"); + static_assert(PDFCertificateInfo::KeyUsageCrlSign == KU_CRL_SIGN, "Fix this code!"); + static_assert(PDFCertificateInfo::KeyUsageEncipherOnly == KU_ENCIPHER_ONLY, "Fix this code!"); + static_assert(PDFCertificateInfo::KeyUsageDecipherOnly == KU_DECIPHER_ONLY, "Fix this code!"); + + info.setKeyUsage(static_cast(keyUsage)); + } } return info; @@ -570,6 +586,26 @@ void PDFCertificateInfo::setPublicKey(const PublicKey& publicKey) m_publicKey = publicKey; } +int PDFCertificateInfo::getKeySize() const +{ + return m_keySize; +} + +void PDFCertificateInfo::setKeySize(int keySize) +{ + m_keySize = keySize; +} + +PDFCertificateInfo::KeyUsageFlags PDFCertificateInfo::getKeyUsage() const +{ + return m_keyUsage; +} + +void PDFCertificateInfo::setKeyUsage(KeyUsageFlags keyUsage) +{ + m_keyUsage = keyUsage; +} + QString PDFPublicKeySignatureHandler::getStringFromX509Name(X509_NAME* name, int nid) { QString result; diff --git a/PdfForQtLib/sources/pdfsignaturehandler.h b/PdfForQtLib/sources/pdfsignaturehandler.h index bfd40be..6a316c3 100644 --- a/PdfForQtLib/sources/pdfsignaturehandler.h +++ b/PdfForQtLib/sources/pdfsignaturehandler.h @@ -185,6 +185,22 @@ public: KeyUnknown }; + // This enum is defined in RFC 5280, chapter 4.2.1.3, Key Usage + enum KeyUsageFlag : uint32_t + { + KeyUsageNone = 0x0000, + KeyUsageDigitalSignature = 0x0080, + KeyUsageNonRepudiation = 0x0040, + KeyUsageKeyEncipherment = 0x0020, + KeyUsageDataEncipherment = 0x0010, + KeyUsageAgreement = 0x0008, + KeyUsageCertSign = 0x0004, + KeyUsageCrlSign = 0x0002, + KeyUsageEncipherOnly = 0x0001, + KeyUsageDecipherOnly = 0x8000, + }; + Q_DECLARE_FLAGS(KeyUsageFlags, KeyUsageFlag) + const QString& getName(NameEntry name) const { return m_nameEntries[name]; } void setName(NameEntry name, QString string) { m_nameEntries[name] = qMove(string); } @@ -200,12 +216,20 @@ public: PublicKey getPublicKey() const; void setPublicKey(const PublicKey& publicKey); + int getKeySize() const; + void setKeySize(int keySize); + + KeyUsageFlags getKeyUsage() const; + void setKeyUsage(KeyUsageFlags keyUsage); + private: long m_version = 0; + int m_keySize = 0; PublicKey m_publicKey = KeyUnknown; std::array m_nameEntries; QDateTime m_notValidBefore; QDateTime m_notValidAfter; + KeyUsageFlags m_keyUsage; }; using PDFCertificateInfos = std::vector;