Skip to content

Commit 5a135a7

Browse files
metsmametsma
authored
Clean Zetes Estonia OÜ certifcates (#1346)
IB-8542 Signed-off-by: Raul Metsma <[email protected]>
1 parent 16d19c6 commit 5a135a7

File tree

4 files changed

+28
-148
lines changed

4 files changed

+28
-148
lines changed

client/CMakeLists.txt

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -228,7 +228,7 @@ if( APPLE )
228228
COMMAND zip -r ${CMAKE_BINARY_DIR}/${PROJECT_NAME}-dbg_${VERSION}$ENV{VER_SUFFIX}.zip ${PROJECT_NAME}.dSYM
229229
)
230230
elseif(WIN32)
231-
target_sources(${PROJECT_NAME} PRIVATE QCNG.cpp QCNG.h CertStore.cpp CertStore.h)
231+
target_sources(${PROJECT_NAME} PRIVATE QCNG.cpp QCNG.h)
232232
target_compile_options(${PROJECT_NAME} PRIVATE "/guard:cf")
233233
target_link_options(${PROJECT_NAME} PRIVATE "/guard:cf" $<$<BOOL:${CROSSSIGNCERT}>:/INTEGRITYCHECK>)
234234
target_link_libraries(${PROJECT_NAME} NCrypt Crypt32 Cryptui winscard)

client/CertStore.cpp

Lines changed: 0 additions & 96 deletions
This file was deleted.

client/CertStore.h

Lines changed: 0 additions & 39 deletions
This file was deleted.

client/dialogs/SettingsDialog.cpp

Lines changed: 27 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -21,9 +21,6 @@
2121
#include "ui_SettingsDialog.h"
2222

2323
#include "Application.h"
24-
#ifdef Q_OS_WIN
25-
#include "CertStore.h"
26-
#endif
2724
#include "CheckConnection.h"
2825
#include "Configuration.h"
2926
#include "Diagnostics.h"
@@ -51,6 +48,13 @@
5148

5249
#include <algorithm>
5350

51+
#ifdef Q_OS_WIN
52+
#include <qt_windows.h>
53+
#include <WinCrypt.h>
54+
55+
using namespace Qt::StringLiterals;
56+
#endif
57+
5458
#define qdigidoc4log QStringLiteral("%1/%2.log").arg(QDir::tempPath(), QApplication::applicationName())
5559

5660
SettingsDialog::SettingsDialog(int page, QWidget *parent)
@@ -94,7 +98,7 @@ SettingsDialog::SettingsDialog(int page, QWidget *parent)
9498
ui->btGeneralChooseDirectory->hide();
9599
ui->rdGeneralSpecifyDirectory->hide();
96100
#else
97-
connect(ui->btGeneralChooseDirectory, &QPushButton::clicked, this, [=]{
101+
connect(ui->btGeneralChooseDirectory, &QPushButton::clicked, this, [this]{
98102
QString dir = FileDialog::getExistingDirectory(this, tr("Select folder"), Settings::DEFAULT_DIR);
99103
if(!dir.isEmpty())
100104
{
@@ -103,7 +107,7 @@ SettingsDialog::SettingsDialog(int page, QWidget *parent)
103107
ui->txtGeneralDirectory->setText(dir);
104108
}
105109
});
106-
connect(ui->rdGeneralSpecifyDirectory, &QRadioButton::toggled, this, [=](bool enable) {
110+
connect(ui->rdGeneralSpecifyDirectory, &QRadioButton::toggled, this, [this](bool enable) {
107111
ui->btGeneralChooseDirectory->setVisible(enable);
108112
ui->txtGeneralDirectory->setVisible(enable);
109113
if(!enable)
@@ -385,16 +389,27 @@ SettingsDialog::SettingsDialog(int page, QWidget *parent)
385389
});
386390
#ifdef Q_OS_WIN
387391
connect(ui->btnNavFromHistory, &QPushButton::clicked, this, [this] {
388-
// remove certificates from browsing history of Internet Explorer and/or Google Chrome, and do it for all users.
392+
// remove certificates from browsing history of Edge and Google Chrome, and do it for all users.
389393
QList<TokenData> cache = qApp->signer()->cache();
390-
CertStore s;
391-
for(const QSslCertificate &c: s.list())
394+
HCERTSTORE s = CertOpenStore(CERT_STORE_PROV_SYSTEM_W,
395+
X509_ASN_ENCODING, 0, CERT_SYSTEM_STORE_CURRENT_USER, L"MY");
396+
if(!s)
397+
return;
398+
399+
auto scope = qScopeGuard([&s] {
400+
CertCloseStore(s, 0);
401+
});
402+
403+
PCCERT_CONTEXT c{};
404+
while((c = CertEnumCertificatesInStore(s, c)))
392405
{
393-
if(std::any_of(cache.cbegin(), cache.cend(), [&](const TokenData &token) { return token.cert() == c; }))
406+
QSslCertificate cert(QByteArray::fromRawData((char*)c->pbCertEncoded, c->cbCertEncoded), QSsl::Der);
407+
if(std::any_of(cache.cbegin(), cache.cend(), [&](const TokenData &token) { return token.cert() == cert; }))
394408
continue;
395-
if(c.issuerInfo(QSslCertificate::CommonName).join(QString()).contains(QStringLiteral("KLASS3-SK"), Qt::CaseInsensitive) ||
396-
c.issuerInfo(QSslCertificate::Organization).contains(QStringLiteral("SK ID Solutions AS"), Qt::CaseInsensitive))
397-
s.remove(c);
409+
if(cert.issuerInfo(QSslCertificate::CommonName).join(QString()).contains(u"KLASS3-SK"_s, Qt::CaseInsensitive) ||
410+
cert.issuerInfo(QSslCertificate::Organization).contains(u"SK ID Solutions AS"_s, Qt::CaseInsensitive) ||
411+
cert.issuerInfo(QSslCertificate::Organization).contains(u"Zetes Estonia OÜ"_s, Qt::CaseInsensitive))
412+
CertDeleteCertificateFromStore(CertDuplicateCertificateContext(c));
398413
}
399414
WarningDialog::show(this, tr("Redundant certificates have been successfully removed."));
400415
});

0 commit comments

Comments
 (0)