easyssl 0.51.8d8e9a5
EasySSL is base back end library for your c++ Qt projects.
x509.cpp
Go to the documentation of this file.
1//#
2//# Copyright (C) 2021-2025 QuasarApp.
3//# Distributed under the GPLv3 software license, see the accompanying
4//# Everyone is permitted to copy and distribute verbatim copies
5//# of this license document, but changing it is not allowed.
6//#
7
8#include "x509.h"
9#include <openssl/evp.h>
10#include <openssl/pem.h>
11#include <openssl/x509.h>
12#include <easysslutils.h>
13namespace EasySSL {
14
15X509::X509(const QSharedPointer<ICrypto>& generator): ICertificate(generator) {
16
17}
18
19SelfSignedSertificate X509::create(const SslSrtData &certificateData) const {
20 SelfSignedSertificate result;
21 if (!(keyGenerator()->supportedFeatures() & ICrypto::Features::Signing)) {
22 return {};
23 }
24
25 EVP_PKEY *pkey = static_cast<EVP_PKEY *>(keyGenerator()->makeRawKeys());
26
27 ::X509 * x509 = nullptr;
28 X509_NAME * name = nullptr;
29
30 x509 = X509_new();
31 q_check_ptr(x509);
32 ASN1_INTEGER_set(X509_get_serialNumber(x509), 1);
33 X509_gmtime_adj(X509_get_notBefore(x509), 0); // not before current time
34 X509_gmtime_adj(X509_get_notAfter(x509), certificateData.endTime); // not after a year from this point
35 X509_set_pubkey(x509, pkey);
36 name = X509_get_subject_name(x509);
37 q_check_ptr(name);
38
39 unsigned char *C = reinterpret_cast<unsigned char *>(certificateData.country.toLatin1().data());
40 X509_NAME_add_entry_by_txt(name, "C", MBSTRING_ASC, C, -1, -1, 0);
41
42 unsigned char *O = reinterpret_cast<unsigned char *>(certificateData.organization.toLatin1().data());
43 X509_NAME_add_entry_by_txt(name, "O", MBSTRING_ASC, O, -1, -1, 0);
44
45 unsigned char *CN = reinterpret_cast<unsigned char *>(certificateData.commonName.toLatin1().data());
46 X509_NAME_add_entry_by_txt(name, "CN", MBSTRING_ASC, CN, -1, -1, 0);
47
48 X509_set_issuer_name(x509, name);
49 X509_sign(x509, pkey, EVP_sha256());
50
51 result.key = QSslKey(EasySSLUtils::extractPrivateKey(pkey), keyGenerator()->keyAlgorithm());
52 if(result.key.isNull()) {
53 EVP_PKEY_free(pkey);
54 X509_free(x509);
55 qCritical("Failed to generate a random private key");
56 return {};
57 }
58 EVP_PKEY_free(pkey);
59
60 BIO * bp_public = BIO_new(BIO_s_mem());
61 q_check_ptr(bp_public);
62 if(PEM_write_bio_X509(bp_public, x509) != 1){
63 X509_free(x509);
64 BIO_free_all(bp_public);
65 qCritical("PEM_write_bio_PrivateKey");
66 return {};
67 }
68
69 result.crt = QSslCertificate(EasySSLUtils::bioToByteArray(bp_public));
70 if(result.crt.isNull()) {
71 X509_free(x509);
72 BIO_free_all(bp_public);
73 qCritical("Failed to generate a random client certificate");
74 return {};
75 }
76
77 X509_free(x509);
78 BIO_free_all(bp_public);
79
80 return result;
81}
82
83}
EasySSL::EasySSLUtils::bioToByteArray
static QByteArray bioToByteArray(BIO *bio)
bioToByteArray This method converts the openssl BIO to the QByteArry
Definition easysslutils.cpp:42
EasySSL::EasySSLUtils::extractPrivateKey
static QByteArray extractPrivateKey(EVP_PKEY *ssl_keys)
extractPrivateKey This method extracts the private key from the ssl (pem) structure.
Definition easysslutils.cpp:75
EasySSL::ICertificate
The ICertificate class is base interface for all certificate generators classes.
Definition icertificate.h:48
EasySSL::ICertificate::keyGenerator
const QSharedPointer< ICrypto > & keyGenerator() const
generator This method return private key generator.
Definition icertificate.cpp:19
EasySSL::ICrypto::Signing
@ Signing
Signin and check sign of the data.
Definition icrypto.h:31
EasySSL::X509::X509
X509(const QSharedPointer< ICrypto > &generator)
Definition x509.cpp:15
EasySSL::X509::create
SelfSignedSertificate create(const SslSrtData &certificateData) const override
create This method create a self signed certificate.
Definition x509.cpp:19
EasySSL::SelfSignedSertificate
The SelfSignedSertificate struct contains qt certificate object and private key of them.
Definition icertificate.h:33
EasySSL::SslSrtData
The SslSrtData struct This structure contains base information to generate self-signed SSL certificat...
Definition icertificate.h:23