winrt: complete QSslCertificate implementation

The native handle and import functions are now available for use in other
parts of the winrt backend.

Change-Id: I07e6f95b3411c3dc7c1a7a164544b18e5e435d01
Reviewed-by: Maurice Kalinowski <[email protected]>
Reviewed-by: Andrew Knight <[email protected]>

6 files changed, 141 insertions, 0 deletions

diff --git a/src/network/ssl/qsslcertificate_p.h b/src/network/ssl/qsslcertificate_p.h
index 0eeff0db41b..472553c30cd 100644
--- a/src/network/ssl/qsslcertificate_p.h
+++ b/src/network/ssl/qsslcertificate_p.h
@@ -69,6 +69,11 @@ struct X509_EXTENSION;
 struct ASN1_OBJECT;
 #endif
 
+#ifdef Q_OS_WINRT
+#include <wrl.h>
+#include <windows.security.cryptography.certificates.h>
+#endif
+
 QT_BEGIN_NAMESPACE
 
 // forward declaration
@@ -126,6 +131,12 @@ public:
     friend class QSslSocketBackendPrivate;
 
     QAtomicInt ref;
+
+#ifdef Q_OS_WINRT
+    Microsoft::WRL::ComPtr<ABI::Windows::Security::Cryptography::Certificates::ICertificate> certificate;
+
+    static QSslCertificate QSslCertificate_from_Certificate(ABI::Windows::Security::Cryptography::Certificates::ICertificate *iCertificate);
+#endif
 };
 
 QT_END_NAMESPACE
diff --git a/src/network/ssl/qsslcertificate_qt.cpp b/src/network/ssl/qsslcertificate_qt.cpp
index 0dcc9d9d4b5..26c9c5e64e0 100644
--- a/src/network/ssl/qsslcertificate_qt.cpp
+++ b/src/network/ssl/qsslcertificate_qt.cpp
@@ -129,11 +129,13 @@ QDateTime QSslCertificate::expiryDate() const
     return d->notValidAfter;
 }
 
+#ifndef Q_OS_WINRT // implemented in qsslcertificate_winrt.cpp
 Qt::HANDLE QSslCertificate::handle() const
 {
     Q_UNIMPLEMENTED();
     return 0;
 }
+#endif
 
 QSslKey QSslCertificate::publicKey() const
 {
diff --git a/src/network/ssl/qsslcertificate_winrt.cpp b/src/network/ssl/qsslcertificate_winrt.cpp
new file mode 100644
index 00000000000..6f4bb80cf9c
--- /dev/null
+++ b/src/network/ssl/qsslcertificate_winrt.cpp
@@ -0,0 +1,114 @@
+/****************************************************************************
+**
+** Copyright (C) 2014 Digia Plc and/or its subsidiary(-ies).
+** Contact: http://www.qt-project.org/legal
+**
+** This file is part of the QtNetwork module of the Qt Toolkit.
+**
+** $QT_BEGIN_LICENSE:LGPL$
+** Commercial License Usage
+** Licensees holding valid commercial Qt licenses may use this file in
+** accordance with the commercial license agreement provided with the
+** Software or, alternatively, in accordance with the terms contained in
+** a written agreement between you and Digia.  For licensing terms and
+** conditions see http://qt.digia.com/licensing.  For further information
+** use the contact form at http://qt.digia.com/contact-us.
+**
+** GNU Lesser General Public License Usage
+** Alternatively, this file may be used under the terms of the GNU Lesser
+** General Public License version 2.1 as published by the Free Software
+** Foundation and appearing in the file LICENSE.LGPL included in the
+** packaging of this file.  Please review the following information to
+** ensure the GNU Lesser General Public License version 2.1 requirements
+** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
+**
+** In addition, as a special exception, Digia gives you certain additional
+** rights.  These rights are described in the Digia Qt LGPL Exception
+** version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
+**
+** GNU General Public License Usage
+** Alternatively, this file may be used under the terms of the GNU
+** General Public License version 3.0 as published by the Free Software
+** Foundation and appearing in the file LICENSE.GPL included in the
+** packaging of this file.  Please review the following information to
+** ensure the GNU General Public License version 3.0 requirements will be
+** met: http://www.gnu.org/copyleft/gpl.html.
+**
+**
+** $QT_END_LICENSE$
+**
+****************************************************************************/
+
+#include "qsslcertificate_p.h"
+
+#include <QtCore/qfunctions_winrt.h>
+
+#include <wrl.h>
+#include <windows.storage.streams.h>
+#include <windows.security.cryptography.h>
+#include <robuffer.h>
+
+using namespace Microsoft::WRL;
+using namespace Microsoft::WRL::Wrappers;
+using namespace ABI::Windows::Foundation;
+using namespace ABI::Windows::Security::Cryptography;
+using namespace ABI::Windows::Security::Cryptography::Certificates;
+using namespace ABI::Windows::Storage::Streams;
+
+QT_USE_NAMESPACE
+
+struct SslCertificateGlobal
+{
+    SslCertificateGlobal() {
+        HRESULT hr;
+        hr = GetActivationFactory(HString::MakeReference(RuntimeClass_Windows_Security_Cryptography_Certificates_Certificate).Get(),
+                                  &certificateFactory);
+        Q_ASSERT_SUCCEEDED(hr);
+        hr = GetActivationFactory(HString::MakeReference(RuntimeClass_Windows_Security_Cryptography_CryptographicBuffer).Get(),
+                                  &bufferFactory);
+        Q_ASSERT_SUCCEEDED(hr);
+    }
+
+    ComPtr<ICertificateFactory> certificateFactory;
+    ComPtr<ICryptographicBufferStatics> bufferFactory;
+};
+Q_GLOBAL_STATIC(SslCertificateGlobal, g)
+
+QSslCertificate QSslCertificatePrivate::QSslCertificate_from_Certificate(ICertificate *iCertificate)
+{
+    Q_ASSERT(iCertificate);
+    ComPtr<IBuffer> buffer;
+    HRESULT hr = iCertificate->GetCertificateBlob(&buffer);
+    RETURN_IF_FAILED("Could not obtain certification blob", return QSslCertificate());
+    ComPtr<Windows::Storage::Streams::IBufferByteAccess> byteAccess;
+    hr = buffer.As(&byteAccess);
+    RETURN_IF_FAILED("Could not obtain byte access to buffer", return QSslCertificate());
+    char *data;
+    hr = byteAccess->Buffer(reinterpret_cast<byte **>(&data));
+    RETURN_IF_FAILED("Could not obtain buffer data", return QSslCertificate());
+    UINT32 size;
+    hr = buffer->get_Length(&size);
+    RETURN_IF_FAILED("Could not obtain buffer length ", return QSslCertificate());
+    QByteArray der(data, size);
+
+    QSslCertificate certificate;
+    certificate.d->null = false;
+    certificate.d->certificate = iCertificate;
+
+    return certificatesFromDer(der, 1).at(0);
+}
+
+Qt::HANDLE QSslCertificate::handle() const
+{
+    if (!d->certificate) {
+        HRESULT hr;
+        ComPtr<IBuffer> buffer;
+        hr = g->bufferFactory->CreateFromByteArray(d->derData.length(), (BYTE *)d->derData.data(), &buffer);
+        RETURN_IF_FAILED("Failed to create the certificate data buffer", return 0);
+
+        hr = g->certificateFactory->CreateCertificate(buffer.Get(), &d->certificate);
+        RETURN_IF_FAILED("Failed to create the certificate handle from the data buffer", return 0);
+    }
+
+    return d->certificate.Get();
+}
diff --git a/src/network/ssl/qsslkey_winrt.cpp b/src/network/ssl/qsslkey_winrt.cpp
index c1dc7890f79..2c830696944 100644
--- a/src/network/ssl/qsslkey_winrt.cpp
+++ b/src/network/ssl/qsslkey_winrt.cpp
@@ -41,6 +41,7 @@
 
 #include "qsslkey.h"
 #include "qsslkey_p.h"
+#include "qsslcertificate_p.h"
 
 #include <QtCore/qfunctions_winrt.h>
 
diff --git a/src/network/ssl/ssl.pri b/src/network/ssl/ssl.pri
index ad14b994237..384e149241d 100644
--- a/src/network/ssl/ssl.pri
+++ b/src/network/ssl/ssl.pri
@@ -28,6 +28,7 @@ contains(QT_CONFIG, ssl) | contains(QT_CONFIG, openssl) | contains(QT_CONFIG, op
     winrt {
         HEADERS += ssl/qsslsocket_winrt_p.h
         SOURCES += ssl/qsslcertificate_qt.cpp \
+                   ssl/qsslcertificate_winrt.cpp \
                    ssl/qsslkey_qt.cpp \
                    ssl/qsslkey_winrt.cpp \
                    ssl/qsslsocket_winrt.cpp
diff --git a/tests/auto/network/ssl/qsslcertificate/tst_qsslcertificate.cpp b/tests/auto/network/ssl/qsslcertificate/tst_qsslcertificate.cpp
index 83462568f53..cc90be00a2a 100644
--- a/tests/auto/network/ssl/qsslcertificate/tst_qsslcertificate.cpp
+++ b/tests/auto/network/ssl/qsslcertificate/tst_qsslcertificate.cpp
@@ -927,6 +927,9 @@ void tst_QSslCertificate::toText()
 
     QString txtcert = cert.toText();
 
+#ifdef Q_OS_WINRT
+    QEXPECT_FAIL("", "QTBUG-40884: QSslCertificate::toText is not implemented on WinRT", Continue);
+#endif
     QVERIFY(QString::fromLatin1(txt098) == txtcert ||
             QString::fromLatin1(txt100) == txtcert ||
             QString::fromLatin1(txt101) == txtcert ||
@@ -972,6 +975,9 @@ void tst_QSslCertificate::verify()
         qPrintable(QString("errors: %1").arg(toString(errors))) \
     )
 
+#ifdef Q_OS_WINRT
+    QEXPECT_FAIL("", "QTBUG-40884: WinRT API does not yet support verifying a chain", Abort);
+#endif
     // Empty chain is unspecified error
     errors = QSslCertificate::verify(toVerify);
     VERIFY_VERBOSE(errors.count() == 1);
@@ -1053,6 +1059,9 @@ void tst_QSslCertificate::extensions()
 
     QSslCertificate cert = certList[0];
     QList<QSslCertificateExtension> extensions = cert.extensions();
+#ifdef Q_OS_WINRT
+    QEXPECT_FAIL("", "QTBUG-40884: WinRT API does not support extensions information", Abort);
+#endif
     QVERIFY(extensions.count() == 9);
 
     int unknown_idx = -1;
@@ -1245,6 +1254,9 @@ void tst_QSslCertificate::pkcs12()
     QSslCertificate cert;
     QList<QSslCertificate> caCerts;
 
+#ifdef Q_OS_WINRT
+    QEXPECT_FAIL("", "QTBUG-40884: WinRT API does not support pkcs12 imports", Abort);
+#endif
     ok = QSslCertificate::importPKCS12(&f, &key, &cert, &caCerts);
     QVERIFY(ok);
     f.close();