| Line | Source Code | Coverage |
|---|
| 1 | /**************************************************************************** | - |
| 2 | ** | - |
| 3 | ** Copyright (C) 2013 Digia Plc and/or its subsidiary(-ies). | - |
| 4 | ** Contact: http://www.qt-project.org/legal | - |
| 5 | ** | - |
| 6 | ** This file is part of the QtNetwork module of the Qt Toolkit. | - |
| 7 | ** | - |
| 8 | ** $QT_BEGIN_LICENSE:LGPL$ | - |
| 9 | ** Commercial License Usage | - |
| 10 | ** Licensees holding valid commercial Qt licenses may use this file in | - |
| 11 | ** accordance with the commercial license agreement provided with the | - |
| 12 | ** Software or, alternatively, in accordance with the terms contained in | - |
| 13 | ** a written agreement between you and Digia. For licensing terms and | - |
| 14 | ** conditions see http://qt.digia.com/licensing. For further information | - |
| 15 | ** use the contact form at http://qt.digia.com/contact-us. | - |
| 16 | ** | - |
| 17 | ** GNU Lesser General Public License Usage | - |
| 18 | ** Alternatively, this file may be used under the terms of the GNU Lesser | - |
| 19 | ** General Public License version 2.1 as published by the Free Software | - |
| 20 | ** Foundation and appearing in the file LICENSE.LGPL included in the | - |
| 21 | ** packaging of this file. Please review the following information to | - |
| 22 | ** ensure the GNU Lesser General Public License version 2.1 requirements | - |
| 23 | ** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html. | - |
| 24 | ** | - |
| 25 | ** In addition, as a special exception, Digia gives you certain additional | - |
| 26 | ** rights. These rights are described in the Digia Qt LGPL Exception | - |
| 27 | ** version 1.1, included in the file LGPL_EXCEPTION.txt in this package. | - |
| 28 | ** | - |
| 29 | ** GNU General Public License Usage | - |
| 30 | ** Alternatively, this file may be used under the terms of the GNU | - |
| 31 | ** General Public License version 3.0 as published by the Free Software | - |
| 32 | ** Foundation and appearing in the file LICENSE.GPL included in the | - |
| 33 | ** packaging of this file. Please review the following information to | - |
| 34 | ** ensure the GNU General Public License version 3.0 requirements will be | - |
| 35 | ** met: http://www.gnu.org/copyleft/gpl.html. | - |
| 36 | ** | - |
| 37 | ** | - |
| 38 | ** $QT_END_LICENSE$ | - |
| 39 | ** | - |
| 40 | ****************************************************************************/ | - |
| 41 | | - |
| 42 | | - |
| 43 | /*! | - |
| 44 | \class QSslCertificate | - |
| 45 | \brief The QSslCertificate class provides a convenient API for an X509 certificate. | - |
| 46 | \since 4.3 | - |
| 47 | | - |
| 48 | \reentrant | - |
| 49 | \ingroup network | - |
| 50 | \ingroup ssl | - |
| 51 | \ingroup shared | - |
| 52 | \inmodule QtNetwork | - |
| 53 | | - |
| 54 | QSslCertificate stores an X509 certificate, and is commonly used | - |
| 55 | to verify the identity and store information about the local host, | - |
| 56 | a remotely connected peer, or a trusted third party Certificate | - |
| 57 | Authority. | - |
| 58 | | - |
| 59 | There are many ways to construct a QSslCertificate. The most | - |
| 60 | common way is to call QSslSocket::peerCertificate(), which returns | - |
| 61 | a QSslCertificate object, or QSslSocket::peerCertificateChain(), | - |
| 62 | which returns a list of them. You can also load certificates from | - |
| 63 | a DER (binary) or PEM (Base64) encoded bundle, typically stored as | - |
| 64 | one or more local files, or in a Qt Resource. | - |
| 65 | | - |
| 66 | You can call isNull() to check if your certificate is null. By default, | - |
| 67 | QSslCertificate constructs a null certificate. A null certificate is | - |
| 68 | invalid, but an invalid certificate is not necessarily null. If you want | - |
| 69 | to reset all contents in a certificate, call clear(). | - |
| 70 | | - |
| 71 | After loading a certificate, you can find information about the | - |
| 72 | certificate, its subject, and its issuer, by calling one of the | - |
| 73 | many accessor functions, including version(), serialNumber(), | - |
| 74 | issuerInfo() and subjectInfo(). You can call effectiveDate() and | - |
| 75 | expiryDate() to check when the certificate starts being | - |
| 76 | effective and when it expires. | - |
| 77 | The publicKey() function returns the certificate | - |
| 78 | subject's public key as a QSslKey. You can call issuerInfo() or | - |
| 79 | subjectInfo() to get detailed information about the certificate | - |
| 80 | issuer and its subject. | - |
| 81 | | - |
| 82 | Internally, QSslCertificate is stored as an X509 structure. You | - |
| 83 | can access this handle by calling handle(), but the results are | - |
| 84 | likely to not be portable. | - |
| 85 | | - |
| 86 | \sa QSslSocket, QSslKey, QSslCipher, QSslError | - |
| 87 | */ | - |
| 88 | | - |
| 89 | /*! | - |
| 90 | \enum QSslCertificate::SubjectInfo | - |
| 91 | | - |
| 92 | Describes keys that you can pass to QSslCertificate::issuerInfo() or | - |
| 93 | QSslCertificate::subjectInfo() to get information about the certificate | - |
| 94 | issuer or subject. | - |
| 95 | | - |
| 96 | \value Organization "O" The name of the organization. | - |
| 97 | | - |
| 98 | \value CommonName "CN" The common name; most often this is used to store | - |
| 99 | the host name. | - |
| 100 | | - |
| 101 | \value LocalityName "L" The locality. | - |
| 102 | | - |
| 103 | \value OrganizationalUnitName "OU" The organizational unit name. | - |
| 104 | | - |
| 105 | \value CountryName "C" The country. | - |
| 106 | | - |
| 107 | \value StateOrProvinceName "ST" The state or province. | - |
| 108 | | - |
| 109 | \value DistinguishedNameQualifier The distinguished name qualifier | - |
| 110 | | - |
| 111 | \value SerialNumber The certificate's serial number | - |
| 112 | | - |
| 113 | \value EmailAddress The email address associated with the certificate | - |
| 114 | */ | - |
| 115 | | - |
| 116 | #include "qsslsocket_openssl_symbols_p.h" | - |
| 117 | #include "qsslcertificate.h" | - |
| 118 | #include "qsslcertificate_p.h" | - |
| 119 | #include "qsslkey.h" | - |
| 120 | #include "qsslkey_p.h" | - |
| 121 | #include "qsslcertificateextension.h" | - |
| 122 | #include "qsslcertificateextension_p.h" | - |
| 123 | | - |
| 124 | #include <QtCore/qatomic.h> | - |
| 125 | #include <QtCore/qdatetime.h> | - |
| 126 | #include <QtCore/qdebug.h> | - |
| 127 | #include <QtCore/qdir.h> | - |
| 128 | #include <QtCore/qdiriterator.h> | - |
| 129 | #include <QtCore/qfile.h> | - |
| 130 | #include <QtCore/qfileinfo.h> | - |
| 131 | #include <QtCore/qmap.h> | - |
| 132 | #include <QtCore/qmutex.h> | - |
| 133 | #include <QtCore/private/qmutexpool_p.h> | - |
| 134 | #include <QtCore/qstring.h> | - |
| 135 | #include <QtCore/qstringlist.h> | - |
| 136 | #include <QtCore/qvarlengtharray.h> | - |
| 137 | | - |
| 138 | QT_BEGIN_NAMESPACE | - |
| 139 | | - |
| 140 | // forward declaration | - |
| 141 | static QMap<QByteArray, QString> _q_mapFromX509Name(X509_NAME *name); | - |
| 142 | | - |
| 143 | /*! | - |
| 144 | Constructs a QSslCertificate by reading \a format encoded data | - |
| 145 | from \a device and using the first certificate found. You can | - |
| 146 | later call isNull() to see if \a device contained a certificate, | - |
| 147 | and if this certificate was loaded successfully. | - |
| 148 | */ | - |
| 149 | QSslCertificate::QSslCertificate(QIODevice *device, QSsl::EncodingFormat format) | - |
| 150 | : d(new QSslCertificatePrivate) | - |
| 151 | { | - |
| 152 | QSslSocketPrivate::ensureInitialized(); never executed (the execution status of this line is deduced): QSslSocketPrivate::ensureInitialized(); | - |
| 153 | if (device) | 0 |
| 154 | d->init(device->readAll(), format); never executed: d->init(device->readAll(), format); | 0 |
| 155 | } | 0 |
| 156 | | - |
| 157 | /*! | - |
| 158 | Constructs a QSslCertificate by parsing the \a format encoded | - |
| 159 | \a data and using the first available certificate found. You can | - |
| 160 | later call isNull() to see if \a data contained a certificate, | - |
| 161 | and if this certificate was loaded successfully. | - |
| 162 | */ | - |
| 163 | QSslCertificate::QSslCertificate(const QByteArray &data, QSsl::EncodingFormat format) | - |
| 164 | : d(new QSslCertificatePrivate) | - |
| 165 | { | - |
| 166 | QSslSocketPrivate::ensureInitialized(); executed (the execution status of this line is deduced): QSslSocketPrivate::ensureInitialized(); | - |
| 167 | d->init(data, format); executed (the execution status of this line is deduced): d->init(data, format); | - |
| 168 | } executed: }Execution Count:10290 | 10290 |
| 169 | | - |
| 170 | /*! | - |
| 171 | Constructs an identical copy of \a other. | - |
| 172 | */ | - |
| 173 | QSslCertificate::QSslCertificate(const QSslCertificate &other) : d(other.d) | - |
| 174 | { | - |
| 175 | } executed: }Execution Count:1816 | 1816 |
| 176 | | - |
| 177 | /*! | - |
| 178 | Destroys the QSslCertificate. | - |
| 179 | */ | - |
| 180 | QSslCertificate::~QSslCertificate() | - |
| 181 | { | - |
| 182 | } | - |
| 183 | | - |
| 184 | /*! | - |
| 185 | Copies the contents of \a other into this certificate, making the two | - |
| 186 | certificates identical. | - |
| 187 | */ | - |
| 188 | QSslCertificate &QSslCertificate::operator=(const QSslCertificate &other) | - |
| 189 | { | - |
| 190 | d = other.d; executed (the execution status of this line is deduced): d = other.d; | - |
| 191 | return *this; executed: return *this;Execution Count:715 | 715 |
| 192 | } | - |
| 193 | | - |
| 194 | /*! | - |
| 195 | \fn void QSslCertificate::swap(QSslCertificate &other) | - |
| 196 | \since 5.0 | - |
| 197 | | - |
| 198 | Swaps this certificate instance with \a other. This function is | - |
| 199 | very fast and never fails. | - |
| 200 | */ | - |
| 201 | | - |
| 202 | /*! | - |
| 203 | Returns true if this certificate is the same as \a other; otherwise | - |
| 204 | returns false. | - |
| 205 | */ | - |
| 206 | bool QSslCertificate::operator==(const QSslCertificate &other) const | - |
| 207 | { | - |
| 208 | if (d == other.d) evaluated: d == other.d| yes Evaluation Count:15 | yes Evaluation Count:93 |
| 15-93 |
| 209 | return true; executed: return true;Execution Count:15 | 15 |
| 210 | if (d->null && other.d->null) evaluated: d->null| yes Evaluation Count:85 | yes Evaluation Count:8 |
evaluated: other.d->null| yes Evaluation Count:83 | yes Evaluation Count:2 |
| 2-85 |
| 211 | return true; executed: return true;Execution Count:83 | 83 |
| 212 | if (d->x509 && other.d->x509) evaluated: d->x509| yes Evaluation Count:8 | yes Evaluation Count:2 |
evaluated: other.d->x509| yes Evaluation Count:6 | yes Evaluation Count:2 |
| 2-8 |
| 213 | return q_X509_cmp(d->x509, other.d->x509) == 0; executed: return q_X509_cmp(d->x509, other.d->x509) == 0;Execution Count:6 | 6 |
| 214 | return false; executed: return false;Execution Count:4 | 4 |
| 215 | } | - |
| 216 | | - |
| 217 | /*! | - |
| 218 | \fn bool QSslCertificate::operator!=(const QSslCertificate &other) const | - |
| 219 | | - |
| 220 | Returns true if this certificate is not the same as \a other; otherwise | - |
| 221 | returns false. | - |
| 222 | */ | - |
| 223 | | - |
| 224 | /*! | - |
| 225 | Returns true if this is a null certificate (i.e., a certificate | - |
| 226 | with no contents); otherwise returns false. | - |
| 227 | | - |
| 228 | By default, QSslCertificate constructs a null certificate. | - |
| 229 | | - |
| 230 | \sa clear() | - |
| 231 | */ | - |
| 232 | bool QSslCertificate::isNull() const | - |
| 233 | { | - |
| 234 | return d->null; executed: return d->null;Execution Count:629 | 629 |
| 235 | } | - |
| 236 | | - |
| 237 | #if QT_DEPRECATED_SINCE(5,0) | - |
| 238 | /*! | - |
| 239 | \fn bool QSslCertificate::isValid() const | - |
| 240 | \obsolete | - |
| 241 | | - |
| 242 | To verify a certificate, use verify(). | - |
| 243 | To check if a certificate is blacklisted, use isBlacklisted(). | - |
| 244 | To check if a certificate has expired or is not yet valid, compare | - |
| 245 | expiryDate() and effectiveDate() with QDateTime::currentDateTime() | - |
| 246 | | - |
| 247 | This function checks that the current | - |
| 248 | date-time is within the date-time range during which the | - |
| 249 | certificate is considered valid, and checks that the | - |
| 250 | certificate is not in a blacklist of fraudulent certificates. | - |
| 251 | | - |
| 252 | \sa isNull(), verify(), isBlacklisted(), expiryDate(), effectiveDate() | - |
| 253 | */ | - |
| 254 | #endif | - |
| 255 | | - |
| 256 | /*! | - |
| 257 | Returns true if this certificate is blacklisted; otherwise | - |
| 258 | returns false. | - |
| 259 | | - |
| 260 | \sa isNull() | - |
| 261 | */ | - |
| 262 | bool QSslCertificate::isBlacklisted() const | - |
| 263 | { | - |
| 264 | return QSslCertificatePrivate::isBlacklisted(*this); executed: return QSslCertificatePrivate::isBlacklisted(*this);Execution Count:43 | 43 |
| 265 | } | - |
| 266 | | - |
| 267 | /*! | - |
| 268 | Clears the contents of this certificate, making it a null | - |
| 269 | certificate. | - |
| 270 | | - |
| 271 | \sa isNull() | - |
| 272 | */ | - |
| 273 | void QSslCertificate::clear() | - |
| 274 | { | - |
| 275 | if (isNull()) evaluated: isNull()| yes Evaluation Count:320 | yes Evaluation Count:8 |
| 8-320 |
| 276 | return; executed: return;Execution Count:320 | 320 |
| 277 | d = new QSslCertificatePrivate; executed (the execution status of this line is deduced): d = new QSslCertificatePrivate; | - |
| 278 | } executed: }Execution Count:8 | 8 |
| 279 | | - |
| 280 | /*! | - |
| 281 | Returns the certificate's version string. | - |
| 282 | */ | - |
| 283 | QByteArray QSslCertificate::version() const | - |
| 284 | { | - |
| 285 | QMutexLocker lock(QMutexPool::globalInstanceGet(d.data())); executed (the execution status of this line is deduced): QMutexLocker lock(QMutexPool::globalInstanceGet(d.data())); | - |
| 286 | if (d->versionString.isEmpty() && d->x509) evaluated: d->versionString.isEmpty()| yes Evaluation Count:10 | yes Evaluation Count:50 |
evaluated: d->x509| yes Evaluation Count:9 | yes Evaluation Count:1 |
| 1-50 |
| 287 | d->versionString = executed: d->versionString = QByteArray::number(qlonglong(q_ASN1_INTEGER_get(d->x509->cert_info->version)) + 1);Execution Count:9 | 9 |
| 288 | QByteArray::number(qlonglong(q_ASN1_INTEGER_get(d->x509->cert_info->version)) + 1); executed: d->versionString = QByteArray::number(qlonglong(q_ASN1_INTEGER_get(d->x509->cert_info->version)) + 1);Execution Count:9 | 9 |
| 289 | | - |
| 290 | return d->versionString; executed: return d->versionString;Execution Count:60 | 60 |
| 291 | } | - |
| 292 | | - |
| 293 | /*! | - |
| 294 | Returns the certificate's serial number string in hexadecimal format. | - |
| 295 | */ | - |
| 296 | QByteArray QSslCertificate::serialNumber() const | - |
| 297 | { | - |
| 298 | QMutexLocker lock(QMutexPool::globalInstanceGet(d.data())); executed (the execution status of this line is deduced): QMutexLocker lock(QMutexPool::globalInstanceGet(d.data())); | - |
| 299 | if (d->serialNumberString.isEmpty() && d->x509) { evaluated: d->serialNumberString.isEmpty()| yes Evaluation Count:137 | yes Evaluation Count:3697 |
evaluated: d->x509| yes Evaluation Count:104 | yes Evaluation Count:33 |
| 33-3697 |
| 300 | ASN1_INTEGER *serialNumber = d->x509->cert_info->serialNumber; executed (the execution status of this line is deduced): ASN1_INTEGER *serialNumber = d->x509->cert_info->serialNumber; | - |
| 301 | QByteArray hexString; executed (the execution status of this line is deduced): QByteArray hexString; | - |
| 302 | hexString.reserve(serialNumber->length * 3); executed (the execution status of this line is deduced): hexString.reserve(serialNumber->length * 3); | - |
| 303 | for (int a = 0; a < serialNumber->length; ++a) { evaluated: a < serialNumber->length| yes Evaluation Count:855 | yes Evaluation Count:104 |
| 104-855 |
| 304 | hexString += QByteArray::number(serialNumber->data[a], 16).rightJustified(2, '0'); executed (the execution status of this line is deduced): hexString += QByteArray::number(serialNumber->data[a], 16).rightJustified(2, '0'); | - |
| 305 | hexString += ':'; executed (the execution status of this line is deduced): hexString += ':'; | - |
| 306 | } executed: }Execution Count:855 | 855 |
| 307 | hexString.chop(1); executed (the execution status of this line is deduced): hexString.chop(1); | - |
| 308 | d->serialNumberString = hexString; executed (the execution status of this line is deduced): d->serialNumberString = hexString; | - |
| 309 | } executed: }Execution Count:104 | 104 |
| 310 | return d->serialNumberString; executed: return d->serialNumberString;Execution Count:3834 | 3834 |
| 311 | } | - |
| 312 | | - |
| 313 | /*! | - |
| 314 | Returns a cryptographic digest of this certificate. By default, | - |
| 315 | an MD5 digest will be generated, but you can also specify a | - |
| 316 | custom \a algorithm. | - |
| 317 | */ | - |
| 318 | QByteArray QSslCertificate::digest(QCryptographicHash::Algorithm algorithm) const | - |
| 319 | { | - |
| 320 | return QCryptographicHash::hash(toDer(), algorithm); executed: return QCryptographicHash::hash(toDer(), algorithm);Execution Count:37 | 37 |
| 321 | } | - |
| 322 | | - |
| 323 | static QByteArray _q_SubjectInfoToString(QSslCertificate::SubjectInfo info) | - |
| 324 | { | - |
| 325 | QByteArray str; executed (the execution status of this line is deduced): QByteArray str; | - |
| 326 | switch (info) { | - |
| 327 | case QSslCertificate::Organization: str = QByteArray("O"); break; executed: break;Execution Count:60 | 60 |
| 328 | case QSslCertificate::CommonName: str = QByteArray("CN"); break; executed: break;Execution Count:156 | 156 |
| 329 | case QSslCertificate::LocalityName: str = QByteArray("L"); break; executed: break;Execution Count:58 | 58 |
| 330 | case QSslCertificate::OrganizationalUnitName: str = QByteArray("OU"); break; executed: break;Execution Count:58 | 58 |
| 331 | case QSslCertificate::CountryName: str = QByteArray("C"); break; executed: break;Execution Count:58 | 58 |
| 332 | case QSslCertificate::StateOrProvinceName: str = QByteArray("ST"); break; executed: break;Execution Count:58 | 58 |
| 333 | case QSslCertificate::DistinguishedNameQualifier: str = QByteArray("dnQualifier"); break; | 0 |
| 334 | case QSslCertificate::SerialNumber: str = QByteArray("serialNumber"); break; | 0 |
| 335 | case QSslCertificate::EmailAddress: str = QByteArray("emailAddress"); break; | 0 |
| 336 | } | - |
| 337 | return str; executed: return str;Execution Count:448 | 448 |
| 338 | } | - |
| 339 | | - |
| 340 | /*! | - |
| 341 | \fn QString QSslCertificate::issuerInfo(SubjectInfo subject) const | - |
| 342 | | - |
| 343 | Returns the issuer information for the \a subject from the | - |
| 344 | certificate, or an empty string if there is no information for | - |
| 345 | \a subject in the certificate. | - |
| 346 | | - |
| 347 | \sa subjectInfo() | - |
| 348 | */ | - |
| 349 | QStringList QSslCertificate::issuerInfo(SubjectInfo info) const | - |
| 350 | { | - |
| 351 | QMutexLocker lock(QMutexPool::globalInstanceGet(d.data())); executed (the execution status of this line is deduced): QMutexLocker lock(QMutexPool::globalInstanceGet(d.data())); | - |
| 352 | // lazy init | - |
| 353 | if (d->issuerInfo.isEmpty() && d->x509) evaluated: d->issuerInfo.isEmpty()| yes Evaluation Count:10 | yes Evaluation Count:167 |
evaluated: d->x509| yes Evaluation Count:9 | yes Evaluation Count:1 |
| 1-167 |
| 354 | d->issuerInfo = executed: d->issuerInfo = _q_mapFromX509Name(q_X509_get_issuer_name(d->x509));Execution Count:9 | 9 |
| 355 | _q_mapFromX509Name(q_X509_get_issuer_name(d->x509)); executed: d->issuerInfo = _q_mapFromX509Name(q_X509_get_issuer_name(d->x509));Execution Count:9 | 9 |
| 356 | | - |
| 357 | return d->issuerInfo.values(_q_SubjectInfoToString(info)); executed: return d->issuerInfo.values(_q_SubjectInfoToString(info));Execution Count:177 | 177 |
| 358 | } | - |
| 359 | | - |
| 360 | /*! | - |
| 361 | Returns the issuer information for \a attribute from the certificate, | - |
| 362 | or an empty string if there is no information for \a attribute in the | - |
| 363 | certificate. | - |
| 364 | | - |
| 365 | \sa subjectInfo() | - |
| 366 | */ | - |
| 367 | QStringList QSslCertificate::issuerInfo(const QByteArray &attribute) const | - |
| 368 | { | - |
| 369 | QMutexLocker lock(QMutexPool::globalInstanceGet(d.data())); executed (the execution status of this line is deduced): QMutexLocker lock(QMutexPool::globalInstanceGet(d.data())); | - |
| 370 | // lazy init | - |
| 371 | if (d->issuerInfo.isEmpty() && d->x509) evaluated: d->issuerInfo.isEmpty()| yes Evaluation Count:1 | yes Evaluation Count:6 |
partially evaluated: d->x509| yes Evaluation Count:1 | no Evaluation Count:0 |
| 0-6 |
| 372 | d->issuerInfo = executed: d->issuerInfo = _q_mapFromX509Name(q_X509_get_issuer_name(d->x509));Execution Count:1 | 1 |
| 373 | _q_mapFromX509Name(q_X509_get_issuer_name(d->x509)); executed: d->issuerInfo = _q_mapFromX509Name(q_X509_get_issuer_name(d->x509));Execution Count:1 | 1 |
| 374 | | - |
| 375 | return d->issuerInfo.values(attribute); executed: return d->issuerInfo.values(attribute);Execution Count:7 | 7 |
| 376 | } | - |
| 377 | | - |
| 378 | /*! | - |
| 379 | | - |
| 380 | \fn QString QSslCertificate::subjectInfo(SubjectInfo subject) const | - |
| 381 | | - |
| 382 | Returns the information for the \a subject, or an empty string if | - |
| 383 | there is no information for \a subject in the certificate. | - |
| 384 | | - |
| 385 | \sa issuerInfo() | - |
| 386 | */ | - |
| 387 | QStringList QSslCertificate::subjectInfo(SubjectInfo info) const | - |
| 388 | { | - |
| 389 | QMutexLocker lock(QMutexPool::globalInstanceGet(d.data())); executed (the execution status of this line is deduced): QMutexLocker lock(QMutexPool::globalInstanceGet(d.data())); | - |
| 390 | // lazy init | - |
| 391 | if (d->subjectInfo.isEmpty() && d->x509) evaluated: d->subjectInfo.isEmpty()| yes Evaluation Count:103 | yes Evaluation Count:168 |
evaluated: d->x509| yes Evaluation Count:102 | yes Evaluation Count:1 |
| 1-168 |
| 392 | d->subjectInfo = executed: d->subjectInfo = _q_mapFromX509Name(q_X509_get_subject_name(d->x509));Execution Count:102 | 102 |
| 393 | _q_mapFromX509Name(q_X509_get_subject_name(d->x509)); executed: d->subjectInfo = _q_mapFromX509Name(q_X509_get_subject_name(d->x509));Execution Count:102 | 102 |
| 394 | | - |
| 395 | return d->subjectInfo.values(_q_SubjectInfoToString(info)); executed: return d->subjectInfo.values(_q_SubjectInfoToString(info));Execution Count:271 | 271 |
| 396 | } | - |
| 397 | | - |
| 398 | /*! | - |
| 399 | Returns the subject information for \a attribute, or an empty string if | - |
| 400 | there is no information for \a attribute in the certificate. | - |
| 401 | | - |
| 402 | \sa issuerInfo() | - |
| 403 | */ | - |
| 404 | QStringList QSslCertificate::subjectInfo(const QByteArray &attribute) const | - |
| 405 | { | - |
| 406 | QMutexLocker lock(QMutexPool::globalInstanceGet(d.data())); executed (the execution status of this line is deduced): QMutexLocker lock(QMutexPool::globalInstanceGet(d.data())); | - |
| 407 | // lazy init | - |
| 408 | if (d->subjectInfo.isEmpty() && d->x509) evaluated: d->subjectInfo.isEmpty()| yes Evaluation Count:2 | yes Evaluation Count:9 |
partially evaluated: d->x509| yes Evaluation Count:2 | no Evaluation Count:0 |
| 0-9 |
| 409 | d->subjectInfo = executed: d->subjectInfo = _q_mapFromX509Name(q_X509_get_subject_name(d->x509));Execution Count:2 | 2 |
| 410 | _q_mapFromX509Name(q_X509_get_subject_name(d->x509)); executed: d->subjectInfo = _q_mapFromX509Name(q_X509_get_subject_name(d->x509));Execution Count:2 | 2 |
| 411 | | - |
| 412 | return d->subjectInfo.values(attribute); executed: return d->subjectInfo.values(attribute);Execution Count:11 | 11 |
| 413 | } | - |
| 414 | | - |
| 415 | /*! | - |
| 416 | \since 5.0 | - |
| 417 | Returns a list of the attributes that have values in the subject | - |
| 418 | information of this certificate. The information associated | - |
| 419 | with a given attribute can be accessed using the subjectInfo() | - |
| 420 | method. Note that this list may include the OIDs for any | - |
| 421 | elements that are not known by the SSL backend. | - |
| 422 | | - |
| 423 | \sa subjectInfo() | - |
| 424 | */ | - |
| 425 | QList<QByteArray> QSslCertificate::subjectInfoAttributes() const | - |
| 426 | { | - |
| 427 | QMutexLocker lock(QMutexPool::globalInstanceGet(d.data())); executed (the execution status of this line is deduced): QMutexLocker lock(QMutexPool::globalInstanceGet(d.data())); | - |
| 428 | // lazy init | - |
| 429 | if (d->subjectInfo.isEmpty() && d->x509) evaluated: d->subjectInfo.isEmpty()| yes Evaluation Count:2 | yes Evaluation Count:2 |
partially evaluated: d->x509| yes Evaluation Count:2 | no Evaluation Count:0 |
| 0-2 |
| 430 | d->subjectInfo = executed: d->subjectInfo = _q_mapFromX509Name(q_X509_get_subject_name(d->x509));Execution Count:2 | 2 |
| 431 | _q_mapFromX509Name(q_X509_get_subject_name(d->x509)); executed: d->subjectInfo = _q_mapFromX509Name(q_X509_get_subject_name(d->x509));Execution Count:2 | 2 |
| 432 | | - |
| 433 | return d->subjectInfo.uniqueKeys(); executed: return d->subjectInfo.uniqueKeys();Execution Count:4 | 4 |
| 434 | } | - |
| 435 | | - |
| 436 | /*! | - |
| 437 | \since 5.0 | - |
| 438 | Returns a list of the attributes that have values in the issuer | - |
| 439 | information of this certificate. The information associated | - |
| 440 | with a given attribute can be accessed using the issuerInfo() | - |
| 441 | method. Note that this list may include the OIDs for any | - |
| 442 | elements that are not known by the SSL backend. | - |
| 443 | | - |
| 444 | \sa subjectInfo() | - |
| 445 | */ | - |
| 446 | QList<QByteArray> QSslCertificate::issuerInfoAttributes() const | - |
| 447 | { | - |
| 448 | QMutexLocker lock(QMutexPool::globalInstanceGet(d.data())); executed (the execution status of this line is deduced): QMutexLocker lock(QMutexPool::globalInstanceGet(d.data())); | - |
| 449 | // lazy init | - |
| 450 | if (d->issuerInfo.isEmpty() && d->x509) partially evaluated: d->issuerInfo.isEmpty()| no Evaluation Count:0 | yes Evaluation Count:2 |
never evaluated: d->x509 | 0-2 |
| 451 | d->issuerInfo = never executed: d->issuerInfo = _q_mapFromX509Name(q_X509_get_issuer_name(d->x509)); | 0 |
| 452 | _q_mapFromX509Name(q_X509_get_issuer_name(d->x509)); never executed: d->issuerInfo = _q_mapFromX509Name(q_X509_get_issuer_name(d->x509)); | 0 |
| 453 | | - |
| 454 | return d->issuerInfo.uniqueKeys(); executed: return d->issuerInfo.uniqueKeys();Execution Count:2 | 2 |
| 455 | } | - |
| 456 | | - |
| 457 | #if QT_DEPRECATED_SINCE(5,0) | - |
| 458 | /*! | - |
| 459 | \fn QMultiMap<QSsl::AlternateNameEntryType, QString> QSslCertificate::alternateSubjectNames() const | - |
| 460 | \obsolete | - |
| 461 | | - |
| 462 | Use QSslCertificate::subjectAlternativeNames(); | - |
| 463 | */ | - |
| 464 | #endif | - |
| 465 | | - |
| 466 | /*! | - |
| 467 | Returns the list of alternative subject names for this | - |
| 468 | certificate. The alternative names typically contain host | - |
| 469 | names, optionally with wildcards, that are valid for this | - |
| 470 | certificate. | - |
| 471 | | - |
| 472 | These names are tested against the connected peer's host name, if | - |
| 473 | either the subject information for \l CommonName doesn't define a | - |
| 474 | valid host name, or the subject info name doesn't match the peer's | - |
| 475 | host name. | - |
| 476 | | - |
| 477 | \sa subjectInfo() | - |
| 478 | */ | - |
| 479 | QMultiMap<QSsl::AlternativeNameEntryType, QString> QSslCertificate::subjectAlternativeNames() const | - |
| 480 | { | - |
| 481 | QMultiMap<QSsl::AlternativeNameEntryType, QString> result; executed (the execution status of this line is deduced): QMultiMap<QSsl::AlternativeNameEntryType, QString> result; | - |
| 482 | | - |
| 483 | if (!d->x509) evaluated: !d->x509| yes Evaluation Count:1 | yes Evaluation Count:35 |
| 1-35 |
| 484 | return result; executed: return result;Execution Count:1 | 1 |
| 485 | | - |
| 486 | STACK_OF(GENERAL_NAME) *altNames = (STACK_OF(GENERAL_NAME)*)q_X509_get_ext_d2i(d->x509, NID_subject_alt_name, 0, 0); executed (the execution status of this line is deduced): STACK *altNames = (STACK*)q_X509_get_ext_d2i(d->x509, 85, 0, 0); | - |
| 487 | | - |
| 488 | if (altNames) { evaluated: altNames| yes Evaluation Count:11 | yes Evaluation Count:24 |
| 11-24 |
| 489 | for (int i = 0; i < q_sk_GENERAL_NAME_num(altNames); ++i) { evaluated: i < ((int (*)(const STACK *))q_sk_num)((altNames))| yes Evaluation Count:31 | yes Evaluation Count:11 |
| 11-31 |
| 490 | const GENERAL_NAME *genName = q_sk_GENERAL_NAME_value(altNames, i); executed (the execution status of this line is deduced): const GENERAL_NAME *genName = ((GENERAL_NAME * (*)(const STACK *, int))q_sk_value)((altNames), (i)); | - |
| 491 | if (genName->type != GEN_DNS && genName->type != GEN_EMAIL) evaluated: genName->type != 2| yes Evaluation Count:20 | yes Evaluation Count:11 |
partially evaluated: genName->type != 1| no Evaluation Count:0 | yes Evaluation Count:20 |
| 0-20 |
| 492 | continue; never executed: continue; | 0 |
| 493 | | - |
| 494 | int len = q_ASN1_STRING_length(genName->d.ia5); executed (the execution status of this line is deduced): int len = q_ASN1_STRING_length(genName->d.ia5); | - |
| 495 | if (len < 0 || len >= 8192) { partially evaluated: len < 0| no Evaluation Count:0 | yes Evaluation Count:31 |
partially evaluated: len >= 8192| no Evaluation Count:0 | yes Evaluation Count:31 |
| 0-31 |
| 496 | // broken name | - |
| 497 | continue; never executed: continue; | 0 |
| 498 | } | - |
| 499 | | - |
| 500 | const char *altNameStr = reinterpret_cast<const char *>(q_ASN1_STRING_data(genName->d.ia5)); executed (the execution status of this line is deduced): const char *altNameStr = reinterpret_cast<const char *>(q_ASN1_STRING_data(genName->d.ia5)); | - |
| 501 | const QString altName = QString::fromLatin1(altNameStr, len); executed (the execution status of this line is deduced): const QString altName = QString::fromLatin1(altNameStr, len); | - |
| 502 | if (genName->type == GEN_DNS) evaluated: genName->type == 2| yes Evaluation Count:11 | yes Evaluation Count:20 |
| 11-20 |
| 503 | result.insert(QSsl::DnsEntry, altName); executed: result.insert(QSsl::DnsEntry, altName);Execution Count:11 | 11 |
| 504 | else if (genName->type == GEN_EMAIL) partially evaluated: genName->type == 1| yes Evaluation Count:20 | no Evaluation Count:0 |
| 0-20 |
| 505 | result.insert(QSsl::EmailEntry, altName); executed: result.insert(QSsl::EmailEntry, altName);Execution Count:20 | 20 |
| 506 | } | - |
| 507 | q_sk_pop_free((STACK*)altNames, reinterpret_cast<void(*)(void*)>(q_sk_free)); executed (the execution status of this line is deduced): q_sk_pop_free((STACK*)altNames, reinterpret_cast<void(*)(void*)>(q_sk_free)); | - |
| 508 | } executed: }Execution Count:11 | 11 |
| 509 | | - |
| 510 | return result; executed: return result;Execution Count:35 | 35 |
| 511 | } | - |
| 512 | | - |
| 513 | /*! | - |
| 514 | Returns the date-time that the certificate becomes valid, or an | - |
| 515 | empty QDateTime if this is a null certificate. | - |
| 516 | | - |
| 517 | \sa expiryDate() | - |
| 518 | */ | - |
| 519 | QDateTime QSslCertificate::effectiveDate() const | - |
| 520 | { | - |
| 521 | return d->notValidBefore; executed: return d->notValidBefore;Execution Count:33 | 33 |
| 522 | } | - |
| 523 | | - |
| 524 | /*! | - |
| 525 | Returns the date-time that the certificate expires, or an empty | - |
| 526 | QDateTime if this is a null certificate. | - |
| 527 | | - |
| 528 | \sa effectiveDate() | - |
| 529 | */ | - |
| 530 | QDateTime QSslCertificate::expiryDate() const | - |
| 531 | { | - |
| 532 | return d->notValidAfter; executed: return d->notValidAfter;Execution Count:2057 | 2057 |
| 533 | } | - |
| 534 | | - |
| 535 | /*! | - |
| 536 | Returns a pointer to the native certificate handle, if there is | - |
| 537 | one, or a null pointer otherwise. | - |
| 538 | | - |
| 539 | You can use this handle, together with the native API, to access | - |
| 540 | extended information about the certificate. | - |
| 541 | | - |
| 542 | \warning Use of this function has a high probability of being | - |
| 543 | non-portable, and its return value may vary from platform to | - |
| 544 | platform or change from minor release to minor release. | - |
| 545 | */ | - |
| 546 | Qt::HANDLE QSslCertificate::handle() const | - |
| 547 | { | - |
| 548 | return Qt::HANDLE(d->x509); executed: return Qt::HANDLE(d->x509);Execution Count:2037 | 2037 |
| 549 | } | - |
| 550 | | - |
| 551 | /*! | - |
| 552 | Returns the certificate subject's public key. | - |
| 553 | */ | - |
| 554 | QSslKey QSslCertificate::publicKey() const | - |
| 555 | { | - |
| 556 | if (!d->x509) partially evaluated: !d->x509| no Evaluation Count:0 | yes Evaluation Count:6 |
| 0-6 |
| 557 | return QSslKey(); never executed: return QSslKey(); | 0 |
| 558 | | - |
| 559 | QSslKey key; never executed (the execution status of this line is deduced): QSslKey key; | - |
| 560 | | - |
| 561 | key.d->type = QSsl::PublicKey; never executed (the execution status of this line is deduced): key.d->type = QSsl::PublicKey; | - |
| 562 | X509_PUBKEY *xkey = d->x509->cert_info->key; never executed (the execution status of this line is deduced): X509_PUBKEY *xkey = d->x509->cert_info->key; | - |
| 563 | EVP_PKEY *pkey = q_X509_PUBKEY_get(xkey); never executed (the execution status of this line is deduced): EVP_PKEY *pkey = q_X509_PUBKEY_get(xkey); | - |
| 564 | Q_ASSERT(pkey); never executed (the execution status of this line is deduced): qt_noop(); | - |
| 565 | | - |
| 566 | if (q_EVP_PKEY_type(pkey->type) == EVP_PKEY_RSA) { partially evaluated: q_EVP_PKEY_type(pkey->type) == 6| yes Evaluation Count:6 | no Evaluation Count:0 |
| 0-6 |
| 567 | key.d->rsa = q_EVP_PKEY_get1_RSA(pkey); executed (the execution status of this line is deduced): key.d->rsa = q_EVP_PKEY_get1_RSA(pkey); | - |
| 568 | key.d->algorithm = QSsl::Rsa; executed (the execution status of this line is deduced): key.d->algorithm = QSsl::Rsa; | - |
| 569 | key.d->isNull = false; executed (the execution status of this line is deduced): key.d->isNull = false; | - |
| 570 | } else if (q_EVP_PKEY_type(pkey->type) == EVP_PKEY_DSA) { executed: }Execution Count:6 never evaluated: q_EVP_PKEY_type(pkey->type) == 116 | 0-6 |
| 571 | key.d->dsa = q_EVP_PKEY_get1_DSA(pkey); never executed (the execution status of this line is deduced): key.d->dsa = q_EVP_PKEY_get1_DSA(pkey); | - |
| 572 | key.d->algorithm = QSsl::Dsa; never executed (the execution status of this line is deduced): key.d->algorithm = QSsl::Dsa; | - |
| 573 | key.d->isNull = false; never executed (the execution status of this line is deduced): key.d->isNull = false; | - |
| 574 | } else if (q_EVP_PKEY_type(pkey->type) == EVP_PKEY_DH) { never executed: } never evaluated: q_EVP_PKEY_type(pkey->type) == 28 | 0 |
| 575 | // DH unsupported | - |
| 576 | } else { | 0 |
| 577 | // error? | - |
| 578 | } | 0 |
| 579 | | - |
| 580 | q_EVP_PKEY_free(pkey); executed (the execution status of this line is deduced): q_EVP_PKEY_free(pkey); | - |
| 581 | return key; executed: return key;Execution Count:6 | 6 |
| 582 | } | - |
| 583 | | - |
| 584 | /* | - |
| 585 | * Convert unknown extensions to a QVariant. | - |
| 586 | */ | - |
| 587 | static QVariant x509UnknownExtensionToValue(X509_EXTENSION *ext) | - |
| 588 | { | - |
| 589 | // Get the extension specific method object if available | - |
| 590 | // we cast away the const-ness here because some versions of openssl | - |
| 591 | // don't use const for the parameters in the functions pointers stored | - |
| 592 | // in the object. | - |
| 593 | X509V3_EXT_METHOD *meth = const_cast<X509V3_EXT_METHOD *>(q_X509V3_EXT_get(ext)); executed (the execution status of this line is deduced): X509V3_EXT_METHOD *meth = const_cast<X509V3_EXT_METHOD *>(q_X509V3_EXT_get(ext)); | - |
| 594 | if (!meth) { evaluated: !meth| yes Evaluation Count:1 | yes Evaluation Count:4 |
| 1-4 |
| 595 | ASN1_OCTET_STRING *value = q_X509_EXTENSION_get_data(ext); executed (the execution status of this line is deduced): ASN1_OCTET_STRING *value = q_X509_EXTENSION_get_data(ext); | - |
| 596 | QByteArray result( reinterpret_cast<const char *>(q_ASN1_STRING_data(value)), executed (the execution status of this line is deduced): QByteArray result( reinterpret_cast<const char *>(q_ASN1_STRING_data(value)), | - |
| 597 | q_ASN1_STRING_length(value)); executed (the execution status of this line is deduced): q_ASN1_STRING_length(value)); | - |
| 598 | return result; executed: return result;Execution Count:1 | 1 |
| 599 | } | - |
| 600 | | - |
| 601 | //const unsigned char *data = ext->value->data; | - |
| 602 | void *ext_internal = q_X509V3_EXT_d2i(ext); executed (the execution status of this line is deduced): void *ext_internal = q_X509V3_EXT_d2i(ext); | - |
| 603 | | - |
| 604 | // If this extension can be converted | - |
| 605 | if (meth->i2v && ext_internal) { evaluated: meth->i2v| yes Evaluation Count:3 | yes Evaluation Count:1 |
partially evaluated: ext_internal| yes Evaluation Count:3 | no Evaluation Count:0 |
| 0-3 |
| 606 | STACK_OF(CONF_VALUE) *val = meth->i2v(meth, ext_internal, 0); executed (the execution status of this line is deduced): STACK *val = meth->i2v(meth, ext_internal, 0); | - |
| 607 | | - |
| 608 | QVariantMap map; executed (the execution status of this line is deduced): QVariantMap map; | - |
| 609 | QVariantList list; executed (the execution status of this line is deduced): QVariantList list; | - |
| 610 | bool isMap = false; executed (the execution status of this line is deduced): bool isMap = false; | - |
| 611 | | - |
| 612 | for (int j = 0; j < q_SKM_sk_num(CONF_VALUE, val); j++) { evaluated: j < ((int (*)(const STACK *))q_sk_num)(val)| yes Evaluation Count:7 | yes Evaluation Count:3 |
| 3-7 |
| 613 | CONF_VALUE *nval = q_SKM_sk_value(CONF_VALUE, val, j); executed (the execution status of this line is deduced): CONF_VALUE *nval = ((CONF_VALUE * (*)(const STACK *, int))q_sk_value)(val, j); | - |
| 614 | if (nval->name && nval->value) { evaluated: nval->name| yes Evaluation Count:3 | yes Evaluation Count:4 |
evaluated: nval->value| yes Evaluation Count:1 | yes Evaluation Count:2 |
| 1-4 |
| 615 | isMap = true; executed (the execution status of this line is deduced): isMap = true; | - |
| 616 | map[QString::fromUtf8(nval->name)] = QString::fromUtf8(nval->value); executed (the execution status of this line is deduced): map[QString::fromUtf8(nval->name)] = QString::fromUtf8(nval->value); | - |
| 617 | } else if (nval->name) { executed: }Execution Count:1 evaluated: nval->name| yes Evaluation Count:2 | yes Evaluation Count:4 |
| 1-4 |
| 618 | list << QString::fromUtf8(nval->name); executed (the execution status of this line is deduced): list << QString::fromUtf8(nval->name); | - |
| 619 | } else if (nval->value) { executed: }Execution Count:2 partially evaluated: nval->value| yes Evaluation Count:4 | no Evaluation Count:0 |
| 0-4 |
| 620 | list << QString::fromUtf8(nval->value); executed (the execution status of this line is deduced): list << QString::fromUtf8(nval->value); | - |
| 621 | } executed: }Execution Count:4 | 4 |
| 622 | } | - |
| 623 | | - |
| 624 | if (isMap) evaluated: isMap| yes Evaluation Count:1 | yes Evaluation Count:2 |
| 1-2 |
| 625 | return map; executed: return map;Execution Count:1 | 1 |
| 626 | else | - |
| 627 | return list; executed: return list;Execution Count:2 | 2 |
| 628 | } else if (meth->i2s && ext_internal) { partially evaluated: meth->i2s| no Evaluation Count:0 | yes Evaluation Count:1 |
never evaluated: ext_internal | 0-1 |
| 629 | //qDebug() << meth->i2s(meth, ext_internal); | - |
| 630 | QVariant result(QString::fromUtf8(meth->i2s(meth, ext_internal))); never executed (the execution status of this line is deduced): QVariant result(QString::fromUtf8(meth->i2s(meth, ext_internal))); | - |
| 631 | return result; never executed: return result; | 0 |
| 632 | } else if (meth->i2r && ext_internal) { partially evaluated: meth->i2r| yes Evaluation Count:1 | no Evaluation Count:0 |
partially evaluated: ext_internal| yes Evaluation Count:1 | no Evaluation Count:0 |
| 0-1 |
| 633 | QByteArray result; executed (the execution status of this line is deduced): QByteArray result; | - |
| 634 | | - |
| 635 | BIO *bio = q_BIO_new(q_BIO_s_mem()); executed (the execution status of this line is deduced): BIO *bio = q_BIO_new(q_BIO_s_mem()); | - |
| 636 | if (!bio) partially evaluated: !bio| no Evaluation Count:0 | yes Evaluation Count:1 |
| 0-1 |
| 637 | return result; never executed: return result; | 0 |
| 638 | | - |
| 639 | meth->i2r(meth, ext_internal, bio, 0); executed (the execution status of this line is deduced): meth->i2r(meth, ext_internal, bio, 0); | - |
| 640 | | - |
| 641 | char *bio_buffer; executed (the execution status of this line is deduced): char *bio_buffer; | - |
| 642 | long bio_size = q_BIO_get_mem_data(bio, &bio_buffer); executed (the execution status of this line is deduced): long bio_size = (int)q_BIO_ctrl(bio,3,0,(char *)&bio_buffer); | - |
| 643 | result = QByteArray(bio_buffer, bio_size); executed (the execution status of this line is deduced): result = QByteArray(bio_buffer, bio_size); | - |
| 644 | | - |
| 645 | q_BIO_free(bio); executed (the execution status of this line is deduced): q_BIO_free(bio); | - |
| 646 | return result; executed: return result;Execution Count:1 | 1 |
| 647 | } | - |
| 648 | | - |
| 649 | return QVariant(); never executed: return QVariant(); | 0 |
| 650 | } | - |
| 651 | | - |
| 652 | /* | - |
| 653 | * Convert extensions to a variant. The naming of the keys of the map are | - |
| 654 | * taken from RFC 5280, however we decided the capitalisation in the RFC | - |
| 655 | * was too silly for the real world. | - |
| 656 | */ | - |
| 657 | static QVariant x509ExtensionToValue(X509_EXTENSION *ext) | - |
| 658 | { | - |
| 659 | ASN1_OBJECT *obj = q_X509_EXTENSION_get_object(ext); executed (the execution status of this line is deduced): ASN1_OBJECT *obj = q_X509_EXTENSION_get_object(ext); | - |
| 660 | int nid = q_OBJ_obj2nid(obj); executed (the execution status of this line is deduced): int nid = q_OBJ_obj2nid(obj); | - |
| 661 | | - |
| 662 | switch (nid) { | - |
| 663 | case NID_basic_constraints: | - |
| 664 | { | - |
| 665 | BASIC_CONSTRAINTS *basic = reinterpret_cast<BASIC_CONSTRAINTS *>(q_X509V3_EXT_d2i(ext)); executed (the execution status of this line is deduced): BASIC_CONSTRAINTS *basic = reinterpret_cast<BASIC_CONSTRAINTS *>(q_X509V3_EXT_d2i(ext)); | - |
| 666 | | - |
| 667 | QVariantMap result; executed (the execution status of this line is deduced): QVariantMap result; | - |
| 668 | result[QLatin1String("ca")] = basic->ca ? true : false; partially evaluated: basic->ca| no Evaluation Count:0 | yes Evaluation Count:1 |
| 0-1 |
| 669 | if (basic->pathlen) partially evaluated: basic->pathlen| no Evaluation Count:0 | yes Evaluation Count:1 |
| 0-1 |
| 670 | result[QLatin1String("pathLenConstraint")] = (qlonglong)q_ASN1_INTEGER_get(basic->pathlen); never executed: result[QLatin1String("pathLenConstraint")] = (qlonglong)q_ASN1_INTEGER_get(basic->pathlen); | 0 |
| 671 | | - |
| 672 | q_BASIC_CONSTRAINTS_free(basic); executed (the execution status of this line is deduced): q_BASIC_CONSTRAINTS_free(basic); | - |
| 673 | return result; executed: return result;Execution Count:1 | 1 |
| 674 | } | - |
| 675 | break; | - |
| 676 | case NID_info_access: | - |
| 677 | { | - |
| 678 | AUTHORITY_INFO_ACCESS *info = reinterpret_cast<AUTHORITY_INFO_ACCESS *>(q_X509V3_EXT_d2i(ext)); executed (the execution status of this line is deduced): AUTHORITY_INFO_ACCESS *info = reinterpret_cast<AUTHORITY_INFO_ACCESS *>(q_X509V3_EXT_d2i(ext)); | - |
| 679 | | - |
| 680 | QVariantMap result; executed (the execution status of this line is deduced): QVariantMap result; | - |
| 681 | for (int i=0; i < q_SKM_sk_num(ACCESS_DESCRIPTION, info); i++) { evaluated: i < ((int (*)(const STACK *))q_sk_num)(info)| yes Evaluation Count:2 | yes Evaluation Count:1 |
| 1-2 |
| 682 | ACCESS_DESCRIPTION *ad = q_SKM_sk_value(ACCESS_DESCRIPTION, info, i); executed (the execution status of this line is deduced): ACCESS_DESCRIPTION *ad = ((ACCESS_DESCRIPTION * (*)(const STACK *, int))q_sk_value)(info, i); | - |
| 683 | | - |
| 684 | GENERAL_NAME *name = ad->location; executed (the execution status of this line is deduced): GENERAL_NAME *name = ad->location; | - |
| 685 | if (name->type == GEN_URI) { partially evaluated: name->type == 6| yes Evaluation Count:2 | no Evaluation Count:0 |
| 0-2 |
| 686 | int len = q_ASN1_STRING_length(name->d.uniformResourceIdentifier); executed (the execution status of this line is deduced): int len = q_ASN1_STRING_length(name->d.uniformResourceIdentifier); | - |
| 687 | if (len < 0 || len >= 8192) { partially evaluated: len < 0| no Evaluation Count:0 | yes Evaluation Count:2 |
partially evaluated: len >= 8192| no Evaluation Count:0 | yes Evaluation Count:2 |
| 0-2 |
| 688 | // broken name | - |
| 689 | continue; never executed: continue; | 0 |
| 690 | } | - |
| 691 | | - |
| 692 | const char *uriStr = reinterpret_cast<const char *>(q_ASN1_STRING_data(name->d.uniformResourceIdentifier)); executed (the execution status of this line is deduced): const char *uriStr = reinterpret_cast<const char *>(q_ASN1_STRING_data(name->d.uniformResourceIdentifier)); | - |
| 693 | const QString uri = QString::fromUtf8(uriStr, len); executed (the execution status of this line is deduced): const QString uri = QString::fromUtf8(uriStr, len); | - |
| 694 | | - |
| 695 | result[QString::fromUtf8(QSslCertificatePrivate::asn1ObjectName(ad->method))] = uri; executed (the execution status of this line is deduced): result[QString::fromUtf8(QSslCertificatePrivate::asn1ObjectName(ad->method))] = uri; | - |
| 696 | } else { executed: }Execution Count:2 | 2 |
| 697 | qWarning() << "Strange location type" << name->type; never executed (the execution status of this line is deduced): QMessageLogger("ssl/qsslcertificate.cpp", 697, __PRETTY_FUNCTION__).warning() << "Strange location type" << name->type; | - |
| 698 | } | 0 |
| 699 | } | - |
| 700 | | - |
| 701 | #if OPENSSL_VERSION_NUMBER >= 0x10000000L | - |
| 702 | q_sk_pop_free((_STACK*)info, reinterpret_cast<void(*)(void*)>(q_sk_free)); | - |
| 703 | #else | - |
| 704 | q_sk_pop_free((STACK*)info, reinterpret_cast<void(*)(void*)>(q_sk_free)); executed (the execution status of this line is deduced): q_sk_pop_free((STACK*)info, reinterpret_cast<void(*)(void*)>(q_sk_free)); | - |
| 705 | #endif | - |
| 706 | return result; executed: return result;Execution Count:1 | 1 |
| 707 | } | - |
| 708 | break; | - |
| 709 | case NID_subject_key_identifier: | - |
| 710 | { | - |
| 711 | void *ext_internal = q_X509V3_EXT_d2i(ext); executed (the execution status of this line is deduced): void *ext_internal = q_X509V3_EXT_d2i(ext); | - |
| 712 | | - |
| 713 | // we cast away the const-ness here because some versions of openssl | - |
| 714 | // don't use const for the parameters in the functions pointers stored | - |
| 715 | // in the object. | - |
| 716 | X509V3_EXT_METHOD *meth = const_cast<X509V3_EXT_METHOD *>(q_X509V3_EXT_get(ext)); executed (the execution status of this line is deduced): X509V3_EXT_METHOD *meth = const_cast<X509V3_EXT_METHOD *>(q_X509V3_EXT_get(ext)); | - |
| 717 | | - |
| 718 | return QVariant(QString::fromUtf8(meth->i2s(meth, ext_internal))); executed: return QVariant(QString::fromUtf8(meth->i2s(meth, ext_internal)));Execution Count:1 | 1 |
| 719 | } | - |
| 720 | break; | - |
| 721 | case NID_authority_key_identifier: | - |
| 722 | { | - |
| 723 | AUTHORITY_KEYID *auth_key = reinterpret_cast<AUTHORITY_KEYID *>(q_X509V3_EXT_d2i(ext)); executed (the execution status of this line is deduced): AUTHORITY_KEYID *auth_key = reinterpret_cast<AUTHORITY_KEYID *>(q_X509V3_EXT_d2i(ext)); | - |
| 724 | | - |
| 725 | QVariantMap result; executed (the execution status of this line is deduced): QVariantMap result; | - |
| 726 | | - |
| 727 | // keyid | - |
| 728 | if (auth_key->keyid) { partially evaluated: auth_key->keyid| yes Evaluation Count:1 | no Evaluation Count:0 |
| 0-1 |
| 729 | QByteArray keyid(reinterpret_cast<const char *>(auth_key->keyid->data), executed (the execution status of this line is deduced): QByteArray keyid(reinterpret_cast<const char *>(auth_key->keyid->data), | - |
| 730 | auth_key->keyid->length); executed (the execution status of this line is deduced): auth_key->keyid->length); | - |
| 731 | result[QLatin1String("keyid")] = keyid.toHex(); executed (the execution status of this line is deduced): result[QLatin1String("keyid")] = keyid.toHex(); | - |
| 732 | } executed: }Execution Count:1 | 1 |
| 733 | | - |
| 734 | // issuer | - |
| 735 | // TODO: GENERAL_NAMES | - |
| 736 | | - |
| 737 | // serial | - |
| 738 | if (auth_key->serial) partially evaluated: auth_key->serial| no Evaluation Count:0 | yes Evaluation Count:1 |
| 0-1 |
| 739 | result[QLatin1String("serial")] = (qlonglong)q_ASN1_INTEGER_get(auth_key->serial); never executed: result[QLatin1String("serial")] = (qlonglong)q_ASN1_INTEGER_get(auth_key->serial); | 0 |
| 740 | | - |
| 741 | q_AUTHORITY_KEYID_free(auth_key); executed (the execution status of this line is deduced): q_AUTHORITY_KEYID_free(auth_key); | - |
| 742 | return result; executed: return result;Execution Count:1 | 1 |
| 743 | } | - |
| 744 | break; | - |
| 745 | } | - |
| 746 | | - |
| 747 | return QVariant(); executed: return QVariant();Execution Count:5 | 5 |
| 748 | } | - |
| 749 | | - |
| 750 | QSslCertificateExtension QSslCertificatePrivate::convertExtension(X509_EXTENSION *ext) | - |
| 751 | { | - |
| 752 | QSslCertificateExtension result; executed (the execution status of this line is deduced): QSslCertificateExtension result; | - |
| 753 | | - |
| 754 | ASN1_OBJECT *obj = q_X509_EXTENSION_get_object(ext); executed (the execution status of this line is deduced): ASN1_OBJECT *obj = q_X509_EXTENSION_get_object(ext); | - |
| 755 | QByteArray oid = QSslCertificatePrivate::asn1ObjectId(obj); executed (the execution status of this line is deduced): QByteArray oid = QSslCertificatePrivate::asn1ObjectId(obj); | - |
| 756 | QByteArray name = QSslCertificatePrivate::asn1ObjectName(obj); executed (the execution status of this line is deduced): QByteArray name = QSslCertificatePrivate::asn1ObjectName(obj); | - |
| 757 | | - |
| 758 | result.d->oid = QString::fromUtf8(oid); executed (the execution status of this line is deduced): result.d->oid = QString::fromUtf8(oid); | - |
| 759 | result.d->name = QString::fromUtf8(name); executed (the execution status of this line is deduced): result.d->name = QString::fromUtf8(name); | - |
| 760 | | - |
| 761 | bool critical = q_X509_EXTENSION_get_critical(ext); executed (the execution status of this line is deduced): bool critical = q_X509_EXTENSION_get_critical(ext); | - |
| 762 | result.d->critical = critical; executed (the execution status of this line is deduced): result.d->critical = critical; | - |
| 763 | | - |
| 764 | // Lets see if we have custom support for this one | - |
| 765 | QVariant extensionValue = x509ExtensionToValue(ext); executed (the execution status of this line is deduced): QVariant extensionValue = x509ExtensionToValue(ext); | - |
| 766 | if (extensionValue.isValid()) { evaluated: extensionValue.isValid()| yes Evaluation Count:4 | yes Evaluation Count:5 |
| 4-5 |
| 767 | result.d->value = extensionValue; executed (the execution status of this line is deduced): result.d->value = extensionValue; | - |
| 768 | result.d->supported = true; executed (the execution status of this line is deduced): result.d->supported = true; | - |
| 769 | | - |
| 770 | return result; executed: return result;Execution Count:4 | 4 |
| 771 | } | - |
| 772 | | - |
| 773 | extensionValue = x509UnknownExtensionToValue(ext); executed (the execution status of this line is deduced): extensionValue = x509UnknownExtensionToValue(ext); | - |
| 774 | if (extensionValue.isValid()) { partially evaluated: extensionValue.isValid()| yes Evaluation Count:5 | no Evaluation Count:0 |
| 0-5 |
| 775 | result.d->value = extensionValue; executed (the execution status of this line is deduced): result.d->value = extensionValue; | - |
| 776 | result.d->supported = false; executed (the execution status of this line is deduced): result.d->supported = false; | - |
| 777 | return result; executed: return result;Execution Count:5 | 5 |
| 778 | } | - |
| 779 | | - |
| 780 | return result; never executed: return result; | 0 |
| 781 | } | - |
| 782 | | - |
| 783 | /*! | - |
| 784 | Returns a list containing the X509 extensions of this certificate. | - |
| 785 | \since 5.0 | - |
| 786 | */ | - |
| 787 | QList<QSslCertificateExtension> QSslCertificate::extensions() const | - |
| 788 | { | - |
| 789 | QList<QSslCertificateExtension> result; executed (the execution status of this line is deduced): QList<QSslCertificateExtension> result; | - |
| 790 | | - |
| 791 | if (!d->x509) partially evaluated: !d->x509| no Evaluation Count:0 | yes Evaluation Count:3 |
| 0-3 |
| 792 | return result; never executed: return result; | 0 |
| 793 | | - |
| 794 | int count = q_X509_get_ext_count(d->x509); executed (the execution status of this line is deduced): int count = q_X509_get_ext_count(d->x509); | - |
| 795 | | - |
| 796 | for (int i=0; i < count; i++) { evaluated: i < count| yes Evaluation Count:9 | yes Evaluation Count:3 |
| 3-9 |
| 797 | X509_EXTENSION *ext = q_X509_get_ext(d->x509, i); executed (the execution status of this line is deduced): X509_EXTENSION *ext = q_X509_get_ext(d->x509, i); | - |
| 798 | result << QSslCertificatePrivate::convertExtension(ext); executed (the execution status of this line is deduced): result << QSslCertificatePrivate::convertExtension(ext); | - |
| 799 | } executed: }Execution Count:9 | 9 |
| 800 | | - |
| 801 | return result; executed: return result;Execution Count:3 | 3 |
| 802 | } | - |
| 803 | | - |
| 804 | /*! | - |
| 805 | Returns this certificate converted to a PEM (Base64) encoded | - |
| 806 | representation. | - |
| 807 | */ | - |
| 808 | QByteArray QSslCertificate::toPem() const | - |
| 809 | { | - |
| 810 | if (!d->x509) partially evaluated: !d->x509| no Evaluation Count:0 | yes Evaluation Count:37 |
| 0-37 |
| 811 | return QByteArray(); never executed: return QByteArray(); | 0 |
| 812 | return d->QByteArray_from_X509(d->x509, QSsl::Pem); executed: return d->QByteArray_from_X509(d->x509, QSsl::Pem);Execution Count:37 | 37 |
| 813 | } | - |
| 814 | | - |
| 815 | /*! | - |
| 816 | Returns this certificate converted to a DER (binary) encoded | - |
| 817 | representation. | - |
| 818 | */ | - |
| 819 | QByteArray QSslCertificate::toDer() const | - |
| 820 | { | - |
| 821 | if (!d->x509) evaluated: !d->x509| yes Evaluation Count:1 | yes Evaluation Count:69 |
| 1-69 |
| 822 | return QByteArray(); executed: return QByteArray();Execution Count:1 | 1 |
| 823 | return d->QByteArray_from_X509(d->x509, QSsl::Der); executed: return d->QByteArray_from_X509(d->x509, QSsl::Der);Execution Count:69 | 69 |
| 824 | } | - |
| 825 | | - |
| 826 | /*! | - |
| 827 | Returns this certificate converted to a human-readable text | - |
| 828 | representation. | - |
| 829 | | - |
| 830 | \since 5.0 | - |
| 831 | */ | - |
| 832 | QString QSslCertificate::toText() const | - |
| 833 | { | - |
| 834 | if (!d->x509) partially evaluated: !d->x509| no Evaluation Count:0 | yes Evaluation Count:3 |
| 0-3 |
| 835 | return QString(); never executed: return QString(); | 0 |
| 836 | return d->text_from_X509(d->x509); executed: return d->text_from_X509(d->x509);Execution Count:3 | 3 |
| 837 | } | - |
| 838 | | - |
| 839 | /*! | - |
| 840 | Searches all files in the \a path for certificates encoded in the | - |
| 841 | specified \a format and returns them in a list. \e must be a file or a | - |
| 842 | pattern matching one or more files, as specified by \a syntax. | - |
| 843 | | - |
| 844 | Example: | - |
| 845 | | - |
| 846 | \snippet code/src_network_ssl_qsslcertificate.cpp 0 | - |
| 847 | | - |
| 848 | \sa fromData() | - |
| 849 | */ | - |
| 850 | QList<QSslCertificate> QSslCertificate::fromPath(const QString &path, | - |
| 851 | QSsl::EncodingFormat format, | - |
| 852 | QRegExp::PatternSyntax syntax) | - |
| 853 | { | - |
| 854 | // $, (,), *, +, ., ?, [, ,], ^, {, | and }. | - |
| 855 | | - |
| 856 | // make sure to use the same path separators on Windows and Unix like systems. | - |
| 857 | QString sourcePath = QDir::fromNativeSeparators(path); executed (the execution status of this line is deduced): QString sourcePath = QDir::fromNativeSeparators(path); | - |
| 858 | | - |
| 859 | // Find the path without the filename | - |
| 860 | QString pathPrefix = sourcePath.left(sourcePath.lastIndexOf(QLatin1Char('/'))); executed (the execution status of this line is deduced): QString pathPrefix = sourcePath.left(sourcePath.lastIndexOf(QLatin1Char('/'))); | - |
| 861 | | - |
| 862 | // Check if the path contains any special chars | - |
| 863 | int pos = -1; executed (the execution status of this line is deduced): int pos = -1; | - |
| 864 | if (syntax == QRegExp::Wildcard) evaluated: syntax == QRegExp::Wildcard| yes Evaluation Count:22 | yes Evaluation Count:242 |
| 22-242 |
| 865 | pos = pathPrefix.indexOf(QRegExp(QLatin1String("[*?[]"))); executed: pos = pathPrefix.indexOf(QRegExp(QLatin1String("[*?[]")));Execution Count:22 | 22 |
| 866 | else if (syntax != QRegExp::FixedString) evaluated: syntax != QRegExp::FixedString| yes Evaluation Count:16 | yes Evaluation Count:226 |
| 16-226 |
| 867 | pos = sourcePath.indexOf(QRegExp(QLatin1String("[\\$\\(\\)\\*\\+\\.\\?\\[\\]\\^\\{\\}\\|]"))); executed: pos = sourcePath.indexOf(QRegExp(QLatin1String("[\\$\\(\\)\\*\\+\\.\\?\\[\\]\\^\\{\\}\\|]")));Execution Count:16 | 16 |
| 868 | if (pos != -1) { evaluated: pos != -1| yes Evaluation Count:20 | yes Evaluation Count:244 |
| 20-244 |
| 869 | // there was a special char in the path so cut of the part containing that char. | - |
| 870 | pathPrefix = pathPrefix.left(pos); executed (the execution status of this line is deduced): pathPrefix = pathPrefix.left(pos); | - |
| 871 | if (pathPrefix.contains(QLatin1Char('/'))) partially evaluated: pathPrefix.contains(QLatin1Char('/'))| no Evaluation Count:0 | yes Evaluation Count:20 |
| 0-20 |
| 872 | pathPrefix = pathPrefix.left(pathPrefix.lastIndexOf(QLatin1Char('/'))); never executed: pathPrefix = pathPrefix.left(pathPrefix.lastIndexOf(QLatin1Char('/'))); | 0 |
| 873 | else | - |
| 874 | pathPrefix.clear(); executed: pathPrefix.clear();Execution Count:20 | 20 |
| 875 | } else { | - |
| 876 | // Check if the path is a file. | - |
| 877 | if (QFileInfo(sourcePath).isFile()) { evaluated: QFileInfo(sourcePath).isFile()| yes Evaluation Count:212 | yes Evaluation Count:32 |
| 32-212 |
| 878 | QFile file(sourcePath); executed (the execution status of this line is deduced): QFile file(sourcePath); | - |
| 879 | QIODevice::OpenMode openMode = QIODevice::ReadOnly; executed (the execution status of this line is deduced): QIODevice::OpenMode openMode = QIODevice::ReadOnly; | - |
| 880 | if (format == QSsl::Pem) evaluated: format == QSsl::Pem| yes Evaluation Count:210 | yes Evaluation Count:2 |
| 2-210 |
| 881 | openMode |= QIODevice::Text; executed: openMode |= QIODevice::Text;Execution Count:210 | 210 |
| 882 | if (file.open(openMode)) partially evaluated: file.open(openMode)| yes Evaluation Count:212 | no Evaluation Count:0 |
| 0-212 |
| 883 | return QSslCertificate::fromData(file.readAll(), format); executed: return QSslCertificate::fromData(file.readAll(), format);Execution Count:212 | 212 |
| 884 | return QList<QSslCertificate>(); never executed: return QList<QSslCertificate>(); | 0 |
| 885 | } | - |
| 886 | } executed: }Execution Count:32 | 32 |
| 887 | | - |
| 888 | // Special case - if the prefix ends up being nothing, use "." instead. | - |
| 889 | int startIndex = 0; executed (the execution status of this line is deduced): int startIndex = 0; | - |
| 890 | if (pathPrefix.isEmpty()) { evaluated: pathPrefix.isEmpty()| yes Evaluation Count:26 | yes Evaluation Count:26 |
| 26 |
| 891 | pathPrefix = QLatin1String("."); executed (the execution status of this line is deduced): pathPrefix = QLatin1String("."); | - |
| 892 | startIndex = 2; executed (the execution status of this line is deduced): startIndex = 2; | - |
| 893 | } executed: }Execution Count:26 | 26 |
| 894 | | - |
| 895 | // The path can be a file or directory. | - |
| 896 | QList<QSslCertificate> certs; executed (the execution status of this line is deduced): QList<QSslCertificate> certs; | - |
| 897 | QRegExp pattern(sourcePath, Qt::CaseSensitive, syntax); executed (the execution status of this line is deduced): QRegExp pattern(sourcePath, Qt::CaseSensitive, syntax); | - |
| 898 | QDirIterator it(pathPrefix, QDir::Files, QDirIterator::FollowSymlinks | QDirIterator::Subdirectories); executed (the execution status of this line is deduced): QDirIterator it(pathPrefix, QDir::Files, QDirIterator::FollowSymlinks | QDirIterator::Subdirectories); | - |
| 899 | while (it.hasNext()) { evaluated: it.hasNext()| yes Evaluation Count:1928 | yes Evaluation Count:52 |
| 52-1928 |
| 900 | QString filePath = startIndex == 0 ? it.next() : it.next().mid(startIndex); evaluated: startIndex == 0| yes Evaluation Count:342 | yes Evaluation Count:1586 |
| 342-1586 |
| 901 | if (!pattern.exactMatch(filePath)) evaluated: !pattern.exactMatch(filePath)| yes Evaluation Count:1818 | yes Evaluation Count:110 |
| 110-1818 |
| 902 | continue; executed: continue;Execution Count:1818 | 1818 |
| 903 | | - |
| 904 | QFile file(filePath); executed (the execution status of this line is deduced): QFile file(filePath); | - |
| 905 | QIODevice::OpenMode openMode = QIODevice::ReadOnly; executed (the execution status of this line is deduced): QIODevice::OpenMode openMode = QIODevice::ReadOnly; | - |
| 906 | if (format == QSsl::Pem) evaluated: format == QSsl::Pem| yes Evaluation Count:78 | yes Evaluation Count:32 |
| 32-78 |
| 907 | openMode |= QIODevice::Text; executed: openMode |= QIODevice::Text;Execution Count:78 | 78 |
| 908 | if (file.open(openMode)) partially evaluated: file.open(openMode)| yes Evaluation Count:110 | no Evaluation Count:0 |
| 0-110 |
| 909 | certs += QSslCertificate::fromData(file.readAll(), format); executed: certs += QSslCertificate::fromData(file.readAll(), format);Execution Count:110 | 110 |
| 910 | } executed: }Execution Count:110 | 110 |
| 911 | return certs; executed: return certs;Execution Count:52 | 52 |
| 912 | } | - |
| 913 | | - |
| 914 | /*! | - |
| 915 | Searches for and parses all certificates in \a device that are | - |
| 916 | encoded in the specified \a format and returns them in a list of | - |
| 917 | certificates. | - |
| 918 | | - |
| 919 | \sa fromData() | - |
| 920 | */ | - |
| 921 | QList<QSslCertificate> QSslCertificate::fromDevice(QIODevice *device, QSsl::EncodingFormat format) | - |
| 922 | { | - |
| 923 | if (!device) { partially evaluated: !device| yes Evaluation Count:1 | no Evaluation Count:0 |
| 0-1 |
| 924 | qWarning("QSslCertificate::fromDevice: cannot read from a null device"); executed (the execution status of this line is deduced): QMessageLogger("ssl/qsslcertificate.cpp", 924, __PRETTY_FUNCTION__).warning("QSslCertificate::fromDevice: cannot read from a null device"); | - |
| 925 | return QList<QSslCertificate>(); executed: return QList<QSslCertificate>();Execution Count:1 | 1 |
| 926 | } | - |
| 927 | return fromData(device->readAll(), format); never executed: return fromData(device->readAll(), format); | 0 |
| 928 | } | - |
| 929 | | - |
| 930 | /*! | - |
| 931 | Searches for and parses all certificates in \a data that are | - |
| 932 | encoded in the specified \a format and returns them in a list of | - |
| 933 | certificates. | - |
| 934 | | - |
| 935 | \sa fromDevice() | - |
| 936 | */ | - |
| 937 | QList<QSslCertificate> QSslCertificate::fromData(const QByteArray &data, QSsl::EncodingFormat format) | - |
| 938 | { | - |
| 939 | return (format == QSsl::Pem) executed: return (format == QSsl::Pem) ? QSslCertificatePrivate::certificatesFromPem(data) : QSslCertificatePrivate::certificatesFromDer(data);Execution Count:322 | 322 |
| 940 | ? QSslCertificatePrivate::certificatesFromPem(data) executed: return (format == QSsl::Pem) ? QSslCertificatePrivate::certificatesFromPem(data) : QSslCertificatePrivate::certificatesFromDer(data);Execution Count:322 | 322 |
| 941 | : QSslCertificatePrivate::certificatesFromDer(data); executed: return (format == QSsl::Pem) ? QSslCertificatePrivate::certificatesFromPem(data) : QSslCertificatePrivate::certificatesFromDer(data);Execution Count:322 | 322 |
| 942 | } | - |
| 943 | | - |
| 944 | /*! | - |
| 945 | Verifies a certificate chain. The chain to be verified is passed in the | - |
| 946 | \a certificateChain parameter. The first certificate in the list should | - |
| 947 | be the leaf certificate of the chain to be verified. If \a hostName is | - |
| 948 | specified then the certificate is also checked to see if it is valid for | - |
| 949 | the specified host name. | - |
| 950 | | - |
| 951 | Note that the root (CA) certificate should not be included in the list to be verified, | - |
| 952 | this will be looked up automatically either using the CA list specified by | - |
| 953 | QSslSocket::defaultCaCertificates() or, if possible, it will be loaded on demand | - |
| 954 | on Unix. | - |
| 955 | | - |
| 956 | \since 5.0 | - |
| 957 | */ | - |
| 958 | QList<QSslError> QSslCertificate::verify(QList<QSslCertificate> certificateChain, const QString &hostName) | - |
| 959 | { | - |
| 960 | return QSslSocketBackendPrivate::verify(certificateChain, hostName); executed: return QSslSocketBackendPrivate::verify(certificateChain, hostName);Execution Count:8 | 8 |
| 961 | } | - |
| 962 | | - |
| 963 | void QSslCertificatePrivate::init(const QByteArray &data, QSsl::EncodingFormat format) | - |
| 964 | { | - |
| 965 | if (!data.isEmpty()) { evaluated: !data.isEmpty()| yes Evaluation Count:43 | yes Evaluation Count:10247 |
| 43-10247 |
| 966 | QList<QSslCertificate> certs = (format == QSsl::Pem) evaluated: (format == QSsl::Pem)| yes Evaluation Count:32 | yes Evaluation Count:11 |
| 11-32 |
| 967 | ? certificatesFromPem(data, 1) executed (the execution status of this line is deduced): ? certificatesFromPem(data, 1) | - |
| 968 | : certificatesFromDer(data, 1); executed (the execution status of this line is deduced): : certificatesFromDer(data, 1); | - |
| 969 | if (!certs.isEmpty()) { evaluated: !certs.isEmpty()| yes Evaluation Count:42 | yes Evaluation Count:1 |
| 1-42 |
| 970 | *this = *certs.first().d; executed (the execution status of this line is deduced): *this = *certs.first().d; | - |
| 971 | if (x509) partially evaluated: x509| yes Evaluation Count:42 | no Evaluation Count:0 |
| 0-42 |
| 972 | x509 = q_X509_dup(x509); executed: x509 = q_X509_dup(x509);Execution Count:42 | 42 |
| 973 | } executed: }Execution Count:42 | 42 |
| 974 | } executed: }Execution Count:43 | 43 |
| 975 | } executed: }Execution Count:10290 | 10290 |
| 976 | | - |
| 977 | #define BEGINCERTSTRING "-----BEGIN CERTIFICATE-----" | - |
| 978 | #define ENDCERTSTRING "-----END CERTIFICATE-----" | - |
| 979 | | - |
| 980 | // ### refactor against QSsl::pemFromDer() etc. (to avoid redundant implementations) | - |
| 981 | QByteArray QSslCertificatePrivate::QByteArray_from_X509(X509 *x509, QSsl::EncodingFormat format) | - |
| 982 | { | - |
| 983 | if (!x509) { partially evaluated: !x509| no Evaluation Count:0 | yes Evaluation Count:106 |
| 0-106 |
| 984 | qWarning("QSslSocketBackendPrivate::X509_to_QByteArray: null X509"); never executed (the execution status of this line is deduced): QMessageLogger("ssl/qsslcertificate.cpp", 984, __PRETTY_FUNCTION__).warning("QSslSocketBackendPrivate::X509_to_QByteArray: null X509"); | - |
| 985 | return QByteArray(); never executed: return QByteArray(); | 0 |
| 986 | } | - |
| 987 | | - |
| 988 | // Use i2d_X509 to convert the X509 to an array. | - |
| 989 | int length = q_i2d_X509(x509, 0); executed (the execution status of this line is deduced): int length = q_i2d_X509(x509, 0); | - |
| 990 | QByteArray array; executed (the execution status of this line is deduced): QByteArray array; | - |
| 991 | array.resize(length); executed (the execution status of this line is deduced): array.resize(length); | - |
| 992 | char *data = array.data(); executed (the execution status of this line is deduced): char *data = array.data(); | - |
| 993 | char **dataP = &data; executed (the execution status of this line is deduced): char **dataP = &data; | - |
| 994 | unsigned char **dataPu = (unsigned char **)dataP; executed (the execution status of this line is deduced): unsigned char **dataPu = (unsigned char **)dataP; | - |
| 995 | if (q_i2d_X509(x509, dataPu) < 0) partially evaluated: q_i2d_X509(x509, dataPu) < 0| no Evaluation Count:0 | yes Evaluation Count:106 |
| 0-106 |
| 996 | return QByteArray(); never executed: return QByteArray(); | 0 |
| 997 | | - |
| 998 | if (format == QSsl::Der) evaluated: format == QSsl::Der| yes Evaluation Count:69 | yes Evaluation Count:37 |
| 37-69 |
| 999 | return array; executed: return array;Execution Count:69 | 69 |
| 1000 | | - |
| 1001 | // Convert to Base64 - wrap at 64 characters. | - |
| 1002 | array = array.toBase64(); executed (the execution status of this line is deduced): array = array.toBase64(); | - |
| 1003 | QByteArray tmp; executed (the execution status of this line is deduced): QByteArray tmp; | - |
| 1004 | for (int i = 0; i <= array.size() - 64; i += 64) { evaluated: i <= array.size() - 64| yes Evaluation Count:413 | yes Evaluation Count:37 |
| 37-413 |
| 1005 | tmp += QByteArray::fromRawData(array.data() + i, 64); executed (the execution status of this line is deduced): tmp += QByteArray::fromRawData(array.data() + i, 64); | - |
| 1006 | tmp += '\n'; executed (the execution status of this line is deduced): tmp += '\n'; | - |
| 1007 | } executed: }Execution Count:413 | 413 |
| 1008 | if (int remainder = array.size() % 64) { evaluated: int remainder = array.size() % 64| yes Evaluation Count:36 | yes Evaluation Count:1 |
| 1-36 |
| 1009 | tmp += QByteArray::fromRawData(array.data() + array.size() - remainder, remainder); executed (the execution status of this line is deduced): tmp += QByteArray::fromRawData(array.data() + array.size() - remainder, remainder); | - |
| 1010 | tmp += '\n'; executed (the execution status of this line is deduced): tmp += '\n'; | - |
| 1011 | } executed: }Execution Count:36 | 36 |
| 1012 | | - |
| 1013 | return BEGINCERTSTRING "\n" + tmp + ENDCERTSTRING "\n"; executed: return "-----BEGIN CERTIFICATE-----" "\n" + tmp + "-----END CERTIFICATE-----" "\n";Execution Count:37 | 37 |
| 1014 | } | - |
| 1015 | | - |
| 1016 | QString QSslCertificatePrivate::text_from_X509(X509 *x509) | - |
| 1017 | { | - |
| 1018 | if (!x509) { partially evaluated: !x509| no Evaluation Count:0 | yes Evaluation Count:3 |
| 0-3 |
| 1019 | qWarning("QSslSocketBackendPrivate::text_from_X509: null X509"); never executed (the execution status of this line is deduced): QMessageLogger("ssl/qsslcertificate.cpp", 1019, __PRETTY_FUNCTION__).warning("QSslSocketBackendPrivate::text_from_X509: null X509"); | - |
| 1020 | return QString(); never executed: return QString(); | 0 |
| 1021 | } | - |
| 1022 | | - |
| 1023 | QByteArray result; executed (the execution status of this line is deduced): QByteArray result; | - |
| 1024 | BIO *bio = q_BIO_new(q_BIO_s_mem()); executed (the execution status of this line is deduced): BIO *bio = q_BIO_new(q_BIO_s_mem()); | - |
| 1025 | if (!bio) partially evaluated: !bio| no Evaluation Count:0 | yes Evaluation Count:3 |
| 0-3 |
| 1026 | return QString(); never executed: return QString(); | 0 |
| 1027 | | - |
| 1028 | q_X509_print(bio, x509); executed (the execution status of this line is deduced): q_X509_print(bio, x509); | - |
| 1029 | | - |
| 1030 | QVarLengthArray<char, 16384> data; executed (the execution status of this line is deduced): QVarLengthArray<char, 16384> data; | - |
| 1031 | int count = q_BIO_read(bio, data.data(), 16384); executed (the execution status of this line is deduced): int count = q_BIO_read(bio, data.data(), 16384); | - |
| 1032 | if ( count > 0 ) { partially evaluated: count > 0| yes Evaluation Count:3 | no Evaluation Count:0 |
| 0-3 |
| 1033 | result = QByteArray( data.data(), count ); executed (the execution status of this line is deduced): result = QByteArray( data.data(), count ); | - |
| 1034 | } executed: }Execution Count:3 | 3 |
| 1035 | | - |
| 1036 | q_BIO_free(bio); executed (the execution status of this line is deduced): q_BIO_free(bio); | - |
| 1037 | | - |
| 1038 | return QString::fromLatin1(result); executed: return QString::fromLatin1(result);Execution Count:3 | 3 |
| 1039 | } | - |
| 1040 | | - |
| 1041 | QByteArray QSslCertificatePrivate::asn1ObjectId(ASN1_OBJECT *object) | - |
| 1042 | { | - |
| 1043 | char buf[80]; // The openssl docs a buffer length of 80 should be more than enough executed (the execution status of this line is deduced): char buf[80]; | - |
| 1044 | q_OBJ_obj2txt(buf, sizeof(buf), object, 1); // the 1 says always use the oid not the long name executed (the execution status of this line is deduced): q_OBJ_obj2txt(buf, sizeof(buf), object, 1); | - |
| 1045 | | - |
| 1046 | return QByteArray(buf); executed: return QByteArray(buf);Execution Count:11 | 11 |
| 1047 | } | - |
| 1048 | | - |
| 1049 | | - |
| 1050 | QByteArray QSslCertificatePrivate::asn1ObjectName(ASN1_OBJECT *object) | - |
| 1051 | { | - |
| 1052 | int nid = q_OBJ_obj2nid(object); executed (the execution status of this line is deduced): int nid = q_OBJ_obj2nid(object); | - |
| 1053 | if (nid != NID_undef) evaluated: nid != 0| yes Evaluation Count:686 | yes Evaluation Count:2 |
| 2-686 |
| 1054 | return QByteArray(q_OBJ_nid2sn(nid)); executed: return QByteArray(q_OBJ_nid2sn(nid));Execution Count:686 | 686 |
| 1055 | | - |
| 1056 | return asn1ObjectId(object); executed: return asn1ObjectId(object);Execution Count:2 | 2 |
| 1057 | } | - |
| 1058 | | - |
| 1059 | static QMap<QByteArray, QString> _q_mapFromX509Name(X509_NAME *name) | - |
| 1060 | { | - |
| 1061 | QMap<QByteArray, QString> info; executed (the execution status of this line is deduced): QMap<QByteArray, QString> info; | - |
| 1062 | for (int i = 0; i < q_X509_NAME_entry_count(name); ++i) { evaluated: i < q_X509_NAME_entry_count(name)| yes Evaluation Count:677 | yes Evaluation Count:116 |
| 116-677 |
| 1063 | X509_NAME_ENTRY *e = q_X509_NAME_get_entry(name, i); executed (the execution status of this line is deduced): X509_NAME_ENTRY *e = q_X509_NAME_get_entry(name, i); | - |
| 1064 | | - |
| 1065 | QByteArray name = QSslCertificatePrivate::asn1ObjectName(q_X509_NAME_ENTRY_get_object(e)); executed (the execution status of this line is deduced): QByteArray name = QSslCertificatePrivate::asn1ObjectName(q_X509_NAME_ENTRY_get_object(e)); | - |
| 1066 | unsigned char *data = 0; executed (the execution status of this line is deduced): unsigned char *data = 0; | - |
| 1067 | int size = q_ASN1_STRING_to_UTF8(&data, q_X509_NAME_ENTRY_get_data(e)); executed (the execution status of this line is deduced): int size = q_ASN1_STRING_to_UTF8(&data, q_X509_NAME_ENTRY_get_data(e)); | - |
| 1068 | info.insertMulti(name, QString::fromUtf8((char*)data, size)); executed (the execution status of this line is deduced): info.insertMulti(name, QString::fromUtf8((char*)data, size)); | - |
| 1069 | q_CRYPTO_free(data); executed (the execution status of this line is deduced): q_CRYPTO_free(data); | - |
| 1070 | } executed: }Execution Count:677 | 677 |
| 1071 | | - |
| 1072 | return info; executed: return info;Execution Count:116 | 116 |
| 1073 | } | - |
| 1074 | | - |
| 1075 | QSslCertificate QSslCertificatePrivate::QSslCertificate_from_X509(X509 *x509) | - |
| 1076 | { | - |
| 1077 | QSslCertificate certificate; executed (the execution status of this line is deduced): QSslCertificate certificate; | - |
| 1078 | if (!x509 || !QSslSocket::supportsSsl()) evaluated: !x509| yes Evaluation Count:3 | yes Evaluation Count:588 |
partially evaluated: !QSslSocket::supportsSsl()| no Evaluation Count:0 | yes Evaluation Count:588 |
| 0-588 |
| 1079 | return certificate; executed: return certificate;Execution Count:3 | 3 |
| 1080 | | - |
| 1081 | ASN1_TIME *nbef = q_X509_get_notBefore(x509); executed (the execution status of this line is deduced): ASN1_TIME *nbef = ((x509)->cert_info->validity->notBefore); | - |
| 1082 | ASN1_TIME *naft = q_X509_get_notAfter(x509); executed (the execution status of this line is deduced): ASN1_TIME *naft = ((x509)->cert_info->validity->notAfter); | - |
| 1083 | certificate.d->notValidBefore = q_getTimeFromASN1(nbef); executed (the execution status of this line is deduced): certificate.d->notValidBefore = q_getTimeFromASN1(nbef); | - |
| 1084 | certificate.d->notValidAfter = q_getTimeFromASN1(naft); executed (the execution status of this line is deduced): certificate.d->notValidAfter = q_getTimeFromASN1(naft); | - |
| 1085 | certificate.d->null = false; executed (the execution status of this line is deduced): certificate.d->null = false; | - |
| 1086 | certificate.d->x509 = q_X509_dup(x509); executed (the execution status of this line is deduced): certificate.d->x509 = q_X509_dup(x509); | - |
| 1087 | | - |
| 1088 | return certificate; executed: return certificate;Execution Count:588 | 588 |
| 1089 | } | - |
| 1090 | | - |
| 1091 | static bool matchLineFeed(const QByteArray &pem, int *offset) | - |
| 1092 | { | - |
| 1093 | char ch = 0; executed (the execution status of this line is deduced): char ch = 0; | - |
| 1094 | | - |
| 1095 | // ignore extra whitespace at the end of the line | - |
| 1096 | while (*offset < pem.size() && (ch = pem.at(*offset)) == ' ') evaluated: *offset < pem.size()| yes Evaluation Count:846 | yes Evaluation Count:1 |
evaluated: (ch = pem.at(*offset)) == ' '| yes Evaluation Count:4 | yes Evaluation Count:842 |
| 1-846 |
| 1097 | ++*offset; executed: ++*offset;Execution Count:4 | 4 |
| 1098 | | - |
| 1099 | if (ch == '\n') { evaluated: ch == '\n'| yes Evaluation Count:842 | yes Evaluation Count:1 |
| 1-842 |
| 1100 | *offset += 1; executed (the execution status of this line is deduced): *offset += 1; | - |
| 1101 | return true; executed: return true;Execution Count:842 | 842 |
| 1102 | } | - |
| 1103 | if (ch == '\r' && pem.size() > (*offset + 1) && pem.at(*offset + 1) == '\n') { partially evaluated: ch == '\r'| no Evaluation Count:0 | yes Evaluation Count:1 |
never evaluated: pem.size() > (*offset + 1) never evaluated: pem.at(*offset + 1) == '\n' | 0-1 |
| 1104 | *offset += 2; never executed (the execution status of this line is deduced): *offset += 2; | - |
| 1105 | return true; never executed: return true; | 0 |
| 1106 | } | - |
| 1107 | return false; executed: return false;Execution Count:1 | 1 |
| 1108 | } | - |
| 1109 | | - |
| 1110 | QList<QSslCertificate> QSslCertificatePrivate::certificatesFromPem(const QByteArray &pem, int count) | - |
| 1111 | { | - |
| 1112 | QList<QSslCertificate> certificates; executed (the execution status of this line is deduced): QList<QSslCertificate> certificates; | - |
| 1113 | QSslSocketPrivate::ensureInitialized(); executed (the execution status of this line is deduced): QSslSocketPrivate::ensureInitialized(); | - |
| 1114 | | - |
| 1115 | int offset = 0; executed (the execution status of this line is deduced): int offset = 0; | - |
| 1116 | while (count == -1 || certificates.size() < count) { evaluated: count == -1| yes Evaluation Count:678 | yes Evaluation Count:63 |
evaluated: certificates.size() < count| yes Evaluation Count:32 | yes Evaluation Count:31 |
| 31-678 |
| 1117 | int startPos = pem.indexOf(BEGINCERTSTRING, offset); executed (the execution status of this line is deduced): int startPos = pem.indexOf("-----BEGIN CERTIFICATE-----", offset); | - |
| 1118 | if (startPos == -1) evaluated: startPos == -1| yes Evaluation Count:287 | yes Evaluation Count:423 |
| 287-423 |
| 1119 | break; executed: break;Execution Count:287 | 287 |
| 1120 | startPos += sizeof(BEGINCERTSTRING) - 1; executed (the execution status of this line is deduced): startPos += sizeof("-----BEGIN CERTIFICATE-----") - 1; | - |
| 1121 | if (!matchLineFeed(pem, &startPos)) evaluated: !matchLineFeed(pem, &startPos)| yes Evaluation Count:1 | yes Evaluation Count:422 |
| 1-422 |
| 1122 | break; executed: break;Execution Count:1 | 1 |
| 1123 | | - |
| 1124 | int endPos = pem.indexOf(ENDCERTSTRING, startPos); executed (the execution status of this line is deduced): int endPos = pem.indexOf("-----END CERTIFICATE-----", startPos); | - |
| 1125 | if (endPos == -1) evaluated: endPos == -1| yes Evaluation Count:1 | yes Evaluation Count:421 |
| 1-421 |
| 1126 | break; executed: break;Execution Count:1 | 1 |
| 1127 | | - |
| 1128 | offset = endPos + sizeof(ENDCERTSTRING) - 1; executed (the execution status of this line is deduced): offset = endPos + sizeof("-----END CERTIFICATE-----") - 1; | - |
| 1129 | if (offset < pem.size() && !matchLineFeed(pem, &offset)) evaluated: offset < pem.size()| yes Evaluation Count:420 | yes Evaluation Count:1 |
partially evaluated: !matchLineFeed(pem, &offset)| no Evaluation Count:0 | yes Evaluation Count:420 |
| 0-420 |
| 1130 | break; | 0 |
| 1131 | | - |
| 1132 | QByteArray decoded = QByteArray::fromBase64( executed (the execution status of this line is deduced): QByteArray decoded = QByteArray::fromBase64( | - |
| 1133 | QByteArray::fromRawData(pem.data() + startPos, endPos - startPos)); executed (the execution status of this line is deduced): QByteArray::fromRawData(pem.data() + startPos, endPos - startPos)); | - |
| 1134 | #if OPENSSL_VERSION_NUMBER >= 0x00908000L | - |
| 1135 | const unsigned char *data = (const unsigned char *)decoded.data(); executed (the execution status of this line is deduced): const unsigned char *data = (const unsigned char *)decoded.data(); | - |
| 1136 | #else | - |
| 1137 | unsigned char *data = (unsigned char *)decoded.data(); | - |
| 1138 | #endif | - |
| 1139 | | - |
| 1140 | if (X509 *x509 = q_d2i_X509(0, &data, decoded.size())) { partially evaluated: X509 *x509 = q_d2i_X509(0, &data, decoded.size())| yes Evaluation Count:421 | no Evaluation Count:0 |
| 0-421 |
| 1141 | certificates << QSslCertificate_from_X509(x509); executed (the execution status of this line is deduced): certificates << QSslCertificate_from_X509(x509); | - |
| 1142 | q_X509_free(x509); executed (the execution status of this line is deduced): q_X509_free(x509); | - |
| 1143 | } executed: }Execution Count:421 | 421 |
| 1144 | } executed: }Execution Count:421 | 421 |
| 1145 | | - |
| 1146 | return certificates; executed: return certificates;Execution Count:320 | 320 |
| 1147 | } | - |
| 1148 | | - |
| 1149 | QList<QSslCertificate> QSslCertificatePrivate::certificatesFromDer(const QByteArray &der, int count) | - |
| 1150 | { | - |
| 1151 | QList<QSslCertificate> certificates; executed (the execution status of this line is deduced): QList<QSslCertificate> certificates; | - |
| 1152 | QSslSocketPrivate::ensureInitialized(); executed (the execution status of this line is deduced): QSslSocketPrivate::ensureInitialized(); | - |
| 1153 | | - |
| 1154 | | - |
| 1155 | #if OPENSSL_VERSION_NUMBER >= 0x00908000L | - |
| 1156 | const unsigned char *data = (const unsigned char *)der.data(); executed (the execution status of this line is deduced): const unsigned char *data = (const unsigned char *)der.data(); | - |
| 1157 | #else | - |
| 1158 | unsigned char *data = (unsigned char *)der.data(); | - |
| 1159 | #endif | - |
| 1160 | int size = der.size(); executed (the execution status of this line is deduced): int size = der.size(); | - |
| 1161 | | - |
| 1162 | while (count == -1 || certificates.size() < count) { evaluated: count == -1| yes Evaluation Count:36 | yes Evaluation Count:22 |
evaluated: certificates.size() < count| yes Evaluation Count:11 | yes Evaluation Count:11 |
| 11-36 |
| 1163 | if (X509 *x509 = q_d2i_X509(0, &data, size)) { evaluated: X509 *x509 = q_d2i_X509(0, &data, size)| yes Evaluation Count:13 | yes Evaluation Count:34 |
| 13-34 |
| 1164 | certificates << QSslCertificate_from_X509(x509); executed (the execution status of this line is deduced): certificates << QSslCertificate_from_X509(x509); | - |
| 1165 | q_X509_free(x509); executed (the execution status of this line is deduced): q_X509_free(x509); | - |
| 1166 | } else { executed: }Execution Count:13 | 13 |
| 1167 | break; executed: break;Execution Count:34 | 34 |
| 1168 | } | - |
| 1169 | size -= ((char *)data - der.data()); executed (the execution status of this line is deduced): size -= ((char *)data - der.data()); | - |
| 1170 | } executed: }Execution Count:13 | 13 |
| 1171 | | - |
| 1172 | return certificates; executed: return certificates;Execution Count:45 | 45 |
| 1173 | } | - |
| 1174 | | - |
| 1175 | // These certificates are known to be fraudulent and were created during the comodo | - |
| 1176 | // compromise. See http://www.comodo.com/Comodo-Fraud-Incident-2011-03-23.html | - |
| 1177 | static const char *certificate_blacklist[] = { | - |
| 1178 | "04:7e:cb:e9:fc:a5:5f:7b:d0:9e:ae:36:e1:0c:ae:1e", "mail.google.com", // Comodo | - |
| 1179 | "f5:c8:6a:f3:61:62:f1:3a:64:f5:4f:6d:c9:58:7c:06", "www.google.com", // Comodo | - |
| 1180 | "d7:55:8f:da:f5:f1:10:5b:b2:13:28:2b:70:77:29:a3", "login.yahoo.com", // Comodo | - |
| 1181 | "39:2a:43:4f:0e:07:df:1f:8a:a3:05:de:34:e0:c2:29", "login.yahoo.com", // Comodo | - |
| 1182 | "3e:75:ce:d4:6b:69:30:21:21:88:30:ae:86:a8:2a:71", "login.yahoo.com", // Comodo | - |
| 1183 | "e9:02:8b:95:78:e4:15:dc:1a:71:0a:2b:88:15:44:47", "login.skype.com", // Comodo | - |
| 1184 | "92:39:d5:34:8f:40:d1:69:5a:74:54:70:e1:f2:3f:43", "addons.mozilla.org", // Comodo | - |
| 1185 | "b0:b7:13:3e:d0:96:f9:b5:6f:ae:91:c8:74:bd:3a:c0", "login.live.com", // Comodo | - |
| 1186 | "d8:f3:5f:4e:b7:87:2b:2d:ab:06:92:e3:15:38:2f:b0", "global trustee", // Comodo | - |
| 1187 | | - |
| 1188 | "05:e2:e6:a4:cd:09:ea:54:d6:65:b0:75:fe:22:a2:56", "*.google.com", // leaf certificate issued by DigiNotar | - |
| 1189 | "0c:76:da:9c:91:0c:4e:2c:9e:fe:15:d0:58:93:3c:4c", "DigiNotar Root CA", // DigiNotar root | - |
| 1190 | "f1:4a:13:f4:87:2b:56:dc:39:df:84:ca:7a:a1:06:49", "DigiNotar Services CA", // DigiNotar intermediate signed by DigiNotar Root | - |
| 1191 | "36:16:71:55:43:42:1b:9d:e6:cb:a3:64:41:df:24:38", "DigiNotar Services 1024 CA", // DigiNotar intermediate signed by DigiNotar Root | - |
| 1192 | "0a:82:bd:1e:14:4e:88:14:d7:5b:1a:55:27:be:bf:3e", "DigiNotar Root CA G2", // other DigiNotar Root CA | - |
| 1193 | "a4:b6:ce:e3:2e:d3:35:46:26:3c:b3:55:3a:a8:92:21", "CertiID Enterprise Certificate Authority", // DigiNotar intermediate signed by "DigiNotar Root CA G2" | - |
| 1194 | "5b:d5:60:9c:64:17:68:cf:21:0e:35:fd:fb:05:ad:41", "DigiNotar Qualified CA", // DigiNotar intermediate signed by DigiNotar Root | - |
| 1195 | | - |
| 1196 | "46:9c:2c:b0", "DigiNotar Services 1024 CA", // DigiNotar intermediate cross-signed by Entrust | - |
| 1197 | "07:27:10:0d", "DigiNotar Cyber CA", // DigiNotar intermediate cross-signed by CyberTrust | - |
| 1198 | "07:27:0f:f9", "DigiNotar Cyber CA", // DigiNotar intermediate cross-signed by CyberTrust | - |
| 1199 | "07:27:10:03", "DigiNotar Cyber CA", // DigiNotar intermediate cross-signed by CyberTrust | - |
| 1200 | "01:31:69:b0", "DigiNotar PKIoverheid CA Overheid en Bedrijven", // DigiNotar intermediate cross-signed by the Dutch government | - |
| 1201 | "01:31:34:bf", "DigiNotar PKIoverheid CA Organisatie - G2", // DigiNotar intermediate cross-signed by the Dutch government | - |
| 1202 | "d6:d0:29:77:f1:49:fd:1a:83:f2:b9:ea:94:8c:5c:b4", "DigiNotar Extended Validation CA", // DigiNotar intermediate signed by DigiNotar EV Root | - |
| 1203 | "1e:7d:7a:53:3d:45:30:41:96:40:0f:71:48:1f:45:04", "DigiNotar Public CA 2025", // DigiNotar intermediate | - |
| 1204 | // "(has not been seen in the wild so far)", "DigiNotar Public CA - G2", // DigiNotar intermediate | - |
| 1205 | // "(has not been seen in the wild so far)", "Koninklijke Notariele Beroepsorganisatie CA", // compromised during DigiNotar breach | - |
| 1206 | // "(has not been seen in the wild so far)", "Stichting TTP Infos CA," // compromised during DigiNotar breach | - |
| 1207 | "46:9c:2c:af", "DigiNotar Root CA", // DigiNotar intermediate cross-signed by Entrust | - |
| 1208 | "46:9c:3c:c9", "DigiNotar Root CA", // DigiNotar intermediate cross-signed by Entrust | - |
| 1209 | | - |
| 1210 | "07:27:14:a9", "Digisign Server ID (Enrich)", // (Malaysian) Digicert Sdn. Bhd. cross-signed by Verizon CyberTrust | - |
| 1211 | "4c:0e:63:6a", "Digisign Server ID - (Enrich)", // (Malaysian) Digicert Sdn. Bhd. cross-signed by Entrust | - |
| 1212 | "72:03:21:05:c5:0c:08:57:3d:8e:a5:30:4e:fe:e8:b0", "UTN-USERFirst-Hardware", // comodogate test certificate | - |
| 1213 | "41", "MD5 Collisions Inc. (http://www.phreedom.org/md5)", // http://www.phreedom.org/research/rogue-ca/ | - |
| 1214 | | - |
| 1215 | "08:27", "*.EGO.GOV.TR", // Turktrust mis-issued intermediate certificate | - |
| 1216 | "08:64", "e-islem.kktcmerkezbankasi.org", // Turktrust mis-issued intermediate certificate | - |
| 1217 | 0 | - |
| 1218 | }; | - |
| 1219 | | - |
| 1220 | bool QSslCertificatePrivate::isBlacklisted(const QSslCertificate &certificate) | - |
| 1221 | { | - |
| 1222 | for (int a = 0; certificate_blacklist[a] != 0; a++) { evaluated: certificate_blacklist[a] != 0| yes Evaluation Count:3773 | yes Evaluation Count:114 |
| 114-3773 |
| 1223 | QString blacklistedCommonName = QString::fromUtf8(certificate_blacklist[(a+1)]); executed (the execution status of this line is deduced): QString blacklistedCommonName = QString::fromUtf8(certificate_blacklist[(a+1)]); | - |
| 1224 | if (certificate.serialNumber() == certificate_blacklist[a++] && evaluated: certificate.serialNumber() == certificate_blacklist[a++]| yes Evaluation Count:13 | yes Evaluation Count:3760 |
| 13-3760 |
| 1225 | (certificate.subjectInfo(QSslCertificate::CommonName).contains(blacklistedCommonName) || partially evaluated: certificate.subjectInfo(QSslCertificate::CommonName).contains(blacklistedCommonName)| yes Evaluation Count:13 | no Evaluation Count:0 |
| 0-13 |
| 1226 | certificate.issuerInfo(QSslCertificate::CommonName).contains(blacklistedCommonName))) never evaluated: certificate.issuerInfo(QSslCertificate::CommonName).contains(blacklistedCommonName) | 0 |
| 1227 | return true; executed: return true;Execution Count:13 | 13 |
| 1228 | } executed: }Execution Count:3760 | 3760 |
| 1229 | return false; executed: return false;Execution Count:114 | 114 |
| 1230 | } | - |
| 1231 | | - |
| 1232 | #ifndef QT_NO_DEBUG_STREAM | - |
| 1233 | QDebug operator<<(QDebug debug, const QSslCertificate &certificate) | - |
| 1234 | { | - |
| 1235 | debug << "QSslCertificate(" never executed (the execution status of this line is deduced): debug << "QSslCertificate(" | - |
| 1236 | << certificate.version() never executed (the execution status of this line is deduced): << certificate.version() | - |
| 1237 | << ',' << certificate.serialNumber() never executed (the execution status of this line is deduced): << ',' << certificate.serialNumber() | - |
| 1238 | << ',' << certificate.digest().toBase64() never executed (the execution status of this line is deduced): << ',' << certificate.digest().toBase64() | - |
| 1239 | << ',' << certificate.issuerInfo(QSslCertificate::Organization) never executed (the execution status of this line is deduced): << ',' << certificate.issuerInfo(QSslCertificate::Organization) | - |
| 1240 | << ',' << certificate.subjectInfo(QSslCertificate::Organization) never executed (the execution status of this line is deduced): << ',' << certificate.subjectInfo(QSslCertificate::Organization) | - |
| 1241 | << ',' << certificate.subjectAlternativeNames() never executed (the execution status of this line is deduced): << ',' << certificate.subjectAlternativeNames() | - |
| 1242 | #ifndef QT_NO_DATESTRING never executed (the execution status of this line is deduced): | - |
| 1243 | << ',' << certificate.effectiveDate() never executed (the execution status of this line is deduced): << ',' << certificate.effectiveDate() | - |
| 1244 | << ',' << certificate.expiryDate() never executed (the execution status of this line is deduced): << ',' << certificate.expiryDate() | - |
| 1245 | #endif never executed (the execution status of this line is deduced): | - |
| 1246 | << ')'; never executed (the execution status of this line is deduced): << ')'; | - |
| 1247 | return debug; never executed: return debug; | 0 |
| 1248 | } | - |
| 1249 | QDebug operator<<(QDebug debug, QSslCertificate::SubjectInfo info) | - |
| 1250 | { | - |
| 1251 | switch (info) { | - |
| 1252 | case QSslCertificate::Organization: debug << "Organization"; break; | 0 |
| 1253 | case QSslCertificate::CommonName: debug << "CommonName"; break; | 0 |
| 1254 | case QSslCertificate::CountryName: debug << "CountryName"; break; | 0 |
| 1255 | case QSslCertificate::LocalityName: debug << "LocalityName"; break; | 0 |
| 1256 | case QSslCertificate::OrganizationalUnitName: debug << "OrganizationalUnitName"; break; | 0 |
| 1257 | case QSslCertificate::StateOrProvinceName: debug << "StateOrProvinceName"; break; | 0 |
| 1258 | case QSslCertificate::DistinguishedNameQualifier: debug << "DistinguishedNameQualifier"; break; | 0 |
| 1259 | case QSslCertificate::SerialNumber: debug << "SerialNumber"; break; | 0 |
| 1260 | case QSslCertificate::EmailAddress: debug << "EmailAddress"; break; | 0 |
| 1261 | } | - |
| 1262 | return debug; never executed: return debug; | 0 |
| 1263 | } | - |
| 1264 | #endif | - |
| 1265 | | - |
| 1266 | QT_END_NAMESPACE | - |
| 1267 | | - |
| | |