Certificate key usage

This commit is contained in:
Jakub Melka 2020-06-18 20:58:33 +02:00
parent 6a089a953e
commit 9714fdf25c
2 changed files with 62 additions and 2 deletions

View File

@ -523,8 +523,24 @@ PDFCertificateInfo PDFPublicKeySignatureHandler::getCertificateInfo(X509* certif
} }
info.setPublicKey(key); info.setPublicKey(key);
EVP_PKEY_bits(); const int bits = EVP_PKEY_bits(evpKey);
EVP_PKEY_security_bits(); info.setKeySize(bits);
const uint32_t keyUsage = X509_get_key_usage(certificate);
if (keyUsage != UINT32_MAX)
{
static_assert(PDFCertificateInfo::KeyUsageDigitalSignature == KU_DIGITAL_SIGNATURE, "Fix this code!");
static_assert(PDFCertificateInfo::KeyUsageNonRepudiation == KU_NON_REPUDIATION, "Fix this code!");
static_assert(PDFCertificateInfo::KeyUsageKeyEncipherment == KU_KEY_ENCIPHERMENT, "Fix this code!");
static_assert(PDFCertificateInfo::KeyUsageDataEncipherment == KU_DATA_ENCIPHERMENT, "Fix this code!");
static_assert(PDFCertificateInfo::KeyUsageAgreement == KU_KEY_AGREEMENT, "Fix this code!");
static_assert(PDFCertificateInfo::KeyUsageCertSign == KU_KEY_CERT_SIGN, "Fix this code!");
static_assert(PDFCertificateInfo::KeyUsageCrlSign == KU_CRL_SIGN, "Fix this code!");
static_assert(PDFCertificateInfo::KeyUsageEncipherOnly == KU_ENCIPHER_ONLY, "Fix this code!");
static_assert(PDFCertificateInfo::KeyUsageDecipherOnly == KU_DECIPHER_ONLY, "Fix this code!");
info.setKeyUsage(static_cast<PDFCertificateInfo::KeyUsageFlags>(keyUsage));
}
} }
return info; return info;
@ -570,6 +586,26 @@ void PDFCertificateInfo::setPublicKey(const PublicKey& publicKey)
m_publicKey = publicKey; m_publicKey = publicKey;
} }
int PDFCertificateInfo::getKeySize() const
{
return m_keySize;
}
void PDFCertificateInfo::setKeySize(int keySize)
{
m_keySize = keySize;
}
PDFCertificateInfo::KeyUsageFlags PDFCertificateInfo::getKeyUsage() const
{
return m_keyUsage;
}
void PDFCertificateInfo::setKeyUsage(KeyUsageFlags keyUsage)
{
m_keyUsage = keyUsage;
}
QString PDFPublicKeySignatureHandler::getStringFromX509Name(X509_NAME* name, int nid) QString PDFPublicKeySignatureHandler::getStringFromX509Name(X509_NAME* name, int nid)
{ {
QString result; QString result;

View File

@ -185,6 +185,22 @@ public:
KeyUnknown KeyUnknown
}; };
// This enum is defined in RFC 5280, chapter 4.2.1.3, Key Usage
enum KeyUsageFlag : uint32_t
{
KeyUsageNone = 0x0000,
KeyUsageDigitalSignature = 0x0080,
KeyUsageNonRepudiation = 0x0040,
KeyUsageKeyEncipherment = 0x0020,
KeyUsageDataEncipherment = 0x0010,
KeyUsageAgreement = 0x0008,
KeyUsageCertSign = 0x0004,
KeyUsageCrlSign = 0x0002,
KeyUsageEncipherOnly = 0x0001,
KeyUsageDecipherOnly = 0x8000,
};
Q_DECLARE_FLAGS(KeyUsageFlags, KeyUsageFlag)
const QString& getName(NameEntry name) const { return m_nameEntries[name]; } const QString& getName(NameEntry name) const { return m_nameEntries[name]; }
void setName(NameEntry name, QString string) { m_nameEntries[name] = qMove(string); } void setName(NameEntry name, QString string) { m_nameEntries[name] = qMove(string); }
@ -200,12 +216,20 @@ public:
PublicKey getPublicKey() const; PublicKey getPublicKey() const;
void setPublicKey(const PublicKey& publicKey); void setPublicKey(const PublicKey& publicKey);
int getKeySize() const;
void setKeySize(int keySize);
KeyUsageFlags getKeyUsage() const;
void setKeyUsage(KeyUsageFlags keyUsage);
private: private:
long m_version = 0; long m_version = 0;
int m_keySize = 0;
PublicKey m_publicKey = KeyUnknown; PublicKey m_publicKey = KeyUnknown;
std::array<QString, NameEnd> m_nameEntries; std::array<QString, NameEnd> m_nameEntries;
QDateTime m_notValidBefore; QDateTime m_notValidBefore;
QDateTime m_notValidAfter; QDateTime m_notValidAfter;
KeyUsageFlags m_keyUsage;
}; };
using PDFCertificateInfos = std::vector<PDFCertificateInfo>; using PDFCertificateInfos = std::vector<PDFCertificateInfo>;