You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
tdelibs/tdecert/tdecertpart.cpp

877 lines
26 KiB

/* This file is part of the KDE project
*
* Copyright (C) 2001-2003 George Staikos <staikos@kde.org>
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Library General Public
* License as published by the Free Software Foundation; either
* version 2 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Library General Public License for more details.
*
* You should have received a copy of the GNU Library General Public License
* along with this library; see the file COPYING.LIB. If not, write to
* the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
* Boston, MA 02110-1301, USA.
*/
#include "tdecertpart.h"
#include <tdeparts/genericfactory.h>
#include <kinstance.h>
#include <tdeaboutdata.h>
#include <tqframe.h>
#include <tdelocale.h>
#include <kdebug.h>
#include <tqlabel.h>
#include <tqlayout.h>
#include <tqbutton.h>
#include <tqpushbutton.h>
#include <tqcombobox.h>
#include <tdemessagebox.h>
#include <kpassdlg.h>
#include <ksslall.h>
#include <kopenssl.h>
#include <ksslpemcallback.h>
#include <tdefiledialog.h>
#include <tdeprocess.h>
#include <tqtabwidget.h>
#include <kseparator.h>
#include <tdelistview.h>
#include <tdeio/kmimemagic.h>
#include <tqmultilineedit.h>
#include <tqregexp.h>
#include <kcombobox.h>
#include <tdeparts/browserextension.h>
#include <tdeparts/browserinterface.h>
#include <tdeio/kservicetypefactory.h>
K_EXPORT_COMPONENT_FACTORY( libtdecertpart, KParts::GenericFactory<KCertPart> )
KX509Item::KX509Item(TDEListViewItem *parent, KSSLCertificate *x) :
TDEListViewItem(parent, 0L)
{
setup(x);
}
KX509Item::KX509Item(TDEListView *parent, KSSLCertificate *x) :
TDEListViewItem(parent)
{
setup(x);
}
void KX509Item::setup(KSSLCertificate *x) {
cert = x;
if (x) {
KSSLX509Map xm(x->getSubject());
TQString OU = "OU";
TQString CN = "CN";
OU = xm.getValue(OU);
CN = xm.getValue(CN);
OU.replace(TQRegExp("\n.*"), "");
CN.replace(TQRegExp("\n.*"), "");
if (OU.length() > 0) {
_prettyName = OU;
}
if (CN.length() > 0) {
if (_prettyName.length() > 0) {
_prettyName += " - ";
}
_prettyName += CN;
}
setText(0, _prettyName);
} else {
setText(0, i18n("Invalid certificate!"));
}
}
KX509Item::~KX509Item()
{
delete cert;
}
KPKCS12Item::KPKCS12Item(TDEListViewItem *parent, KSSLPKCS12 *x) :
TDEListViewItem(parent, 0L)
{
cert = x;
if (x) {
KSSLX509Map xm(x->getCertificate()->getSubject());
TQString CN = "CN";
CN = xm.getValue(CN);
CN.replace(TQRegExp("\n.*"), "");
_prettyName = CN;
setText(0, _prettyName);
} else {
setText(0, i18n("Invalid certificate!"));
}
}
KPKCS12Item::~KPKCS12Item()
{
delete cert;
}
class KCertPartPrivate {
public:
KParts::BrowserExtension *browserExtension;
};
KCertPart::KCertPart(TQWidget *parentWidget, const char *widgetName,
TQObject *parent, const char *name,
const TQStringList & /*args*/ )
: KParts::ReadWritePart(parent, name) {
TDEInstance *instance = new TDEInstance("KCertPart");
TQGridLayout *grid;
setInstance(instance);
_signers = new KSSLSigners;
// This is a bit confusing now. Here's how it works:
// We create a _frame and split it left/right
// Then we add the ListView to the left and create
// a new frame on the right. We set the main widget
// on the right.
_p12 = NULL;
_ca = NULL;
_silentImport = false;
d = new KCertPartPrivate;
d->browserExtension = new KParts::BrowserExtension(this);
_frame = new TQFrame(parentWidget, widgetName);
setWidget(_frame);
_baseGrid = new TQGridLayout(_frame, 15, 9, KDialog::marginHint(),
KDialog::spacingHint());
_sideList = new TDEListView(_frame);
_sideList->setRootIsDecorated(true);
_sideList->addColumn(i18n("Certificates"));
_parentCA = new TDEListViewItem(_sideList, i18n("Signers"));
_parentCA->setExpandable(true);
_sideList->setOpen(_parentCA, true);
_parentP12 = new TDEListViewItem(_sideList, i18n("Client"));
_parentP12->setExpandable(true);
_sideList->setOpen(_parentP12, true);
_baseGrid->addMultiCellWidget(_sideList, 0, 13, 0, 1);
_importAll = new TQPushButton(i18n("Import &All"), _frame);
_baseGrid->addMultiCellWidget(_importAll, 14, 14, 0, 1);
connect(_importAll, TQ_SIGNAL(clicked()), TQ_SLOT(slotImportAll()));
//------------------------------------------------------------------------
// The PKCS widget
//------------------------------------------------------------------------
_pkcsFrame = new TQFrame(_frame);
grid = new TQGridLayout(_pkcsFrame, 13, 6, KDialog::marginHint(),
KDialog::spacingHint() );
grid->addMultiCellWidget(new TQLabel(i18n("TDE Secure Certificate Import"), _pkcsFrame), 0, 0, 0, 5);
grid->addWidget(new TQLabel(i18n("Chain:"), _pkcsFrame), 1, 0);
_p12_chain = new KComboBox(_pkcsFrame);
grid->addMultiCellWidget(_p12_chain, 1, 1, 1, 4);
connect(_p12_chain, TQ_SIGNAL(activated(int)), TQ_SLOT(slotChain(int)));
grid->addWidget(new TQLabel(i18n("Subject:"), _pkcsFrame), 2, 0);
grid->addWidget(new TQLabel(i18n("Issued by:"), _pkcsFrame), 2, 3);
_p12_subject = KSSLInfoDlg::certInfoWidget(_pkcsFrame, TQString(""));
_p12_issuer = KSSLInfoDlg::certInfoWidget(_pkcsFrame, TQString(""));
grid->addMultiCellWidget(_p12_subject, 3, 6, 0, 2);
grid->addMultiCellWidget(_p12_issuer, 3, 6, 3, 5);
grid->addWidget(new TQLabel(i18n("File:"), _pkcsFrame), 7, 0);
_p12_filenameLabel = new TQLabel("", _pkcsFrame);
grid->addWidget(_p12_filenameLabel, 7, 1);
grid->addWidget(new TQLabel(i18n("File format:"), _pkcsFrame), 7, 3);
grid->addWidget(new TQLabel("PKCS#12", _pkcsFrame), 7, 4);
//
// Make the first tab
//
_tabs = new TQTabWidget(_pkcsFrame);
grid->addMultiCellWidget(_tabs, 8, 12, 0, 5);
TQFrame *tab = new TQFrame(_pkcsFrame);
TQGridLayout *tabGrid = new TQGridLayout(tab, 4, 5, KDialog::marginHint(),
KDialog::spacingHint() );
tabGrid->addWidget(new TQLabel(i18n("State:"), tab), 0, 0);
_p12_certState = new TQLabel("", tab);
tabGrid->addMultiCellWidget(_p12_certState, 0, 0, 1, 4);
tabGrid->addWidget(new TQLabel(i18n("Valid from:"), tab), 1, 0);
_p12_validFrom = new TQLabel("", tab);
tabGrid->addMultiCellWidget(_p12_validFrom, 1, 1, 1, 4);
tabGrid->addWidget(new TQLabel(i18n("Valid until:"), tab), 2, 0);
_p12_validUntil = new TQLabel("", tab);
tabGrid->addMultiCellWidget(_p12_validUntil, 2, 2, 1, 4);
tabGrid->addWidget(new TQLabel(i18n("Serial number:"), tab), 3, 0);
_p12_serialNum = new TQLabel("", tab);
tabGrid->addWidget(_p12_serialNum, 3, 1);
_tabs->addTab(tab, i18n("State"));
//
// Make the second tab
//
tab = new TQFrame(_pkcsFrame);
tabGrid = new TQGridLayout(tab, 4, 5, KDialog::marginHint(),
KDialog::spacingHint() );
tabGrid->addWidget(new TQLabel(i18n("MD5 digest:"), tab), 0, 0);
_p12_digest = new TQLabel(tab);
tabGrid->addMultiCellWidget(_p12_digest, 0, 0, 1, 4);
tabGrid->addWidget(new TQLabel(i18n("Signature:"), tab), 1, 0);
_p12_sig = new TQMultiLineEdit(tab);
tabGrid->addMultiCellWidget(_p12_sig, 1, 3, 1, 4);
_p12_sig->setReadOnly(true);
_tabs->addTab(tab, i18n("Signature"));
//
// Make the third tab
//
tab = new TQFrame(_pkcsFrame);
tabGrid = new TQGridLayout(tab, 4, 5, KDialog::marginHint(),
KDialog::spacingHint() );
tabGrid->addWidget(new TQLabel(i18n("Public key:"), tab), 0, 0);
_p12_pubkey = new TQMultiLineEdit(tab);
tabGrid->addMultiCellWidget(_p12_pubkey, 0, 3, 1, 4);
_p12_pubkey->setReadOnly(true);
_tabs->addTab(tab, i18n("Public Key"));
_pkcsFrame->hide();
//------------------------------------------------------------------------
// The X509 widget
//------------------------------------------------------------------------
// Note: this is almost identical to the above, but I duplicate it for
// the simple reason that the above has potential to display much
// more information, and this one has potential to display different
// information.
_x509Frame = new TQFrame(_frame);
grid = new TQGridLayout(_x509Frame, 12, 6, KDialog::marginHint(),
KDialog::spacingHint() );
grid->addMultiCellWidget(new TQLabel(i18n("TDE Secure Certificate Import"), _x509Frame), 0, 0, 0, 5);
grid->addWidget(new TQLabel(i18n("Subject:"), _x509Frame), 1, 0);
grid->addWidget(new TQLabel(i18n("Issued by:"), _x509Frame), 1, 3);
_ca_subject = KSSLInfoDlg::certInfoWidget(_x509Frame, TQString(""));
_ca_issuer = KSSLInfoDlg::certInfoWidget(_x509Frame, TQString(""));
grid->addMultiCellWidget(_ca_subject, 2, 5, 0, 2);
grid->addMultiCellWidget(_ca_issuer, 2, 5, 3, 5);
grid->addWidget(new TQLabel(i18n("File:"), _x509Frame), 6, 0);
_ca_filenameLabel = new TQLabel("", _x509Frame);
grid->addWidget(_ca_filenameLabel, 6, 1);
grid->addWidget(new TQLabel(i18n("File format:"), _x509Frame), 6, 3);
grid->addWidget(new TQLabel("PEM or DER Encoded X.509", _x509Frame), 6, 4);
//
// Make the first tab
//
_tabs = new TQTabWidget(_x509Frame);
grid->addMultiCellWidget(_tabs, 7, 11, 0, 5);
tab = new TQFrame(_x509Frame);
tabGrid = new TQGridLayout(tab, 4, 5, KDialog::marginHint(),
KDialog::spacingHint() );
tabGrid->addWidget(new TQLabel(i18n("State:"), tab), 0, 0);
_ca_certState = new TQLabel("", tab);
tabGrid->addMultiCellWidget(_ca_certState, 0, 0, 1, 4);
tabGrid->addWidget(new TQLabel(i18n("Valid from:"), tab), 1, 0);
_ca_validFrom = new TQLabel("", tab);
tabGrid->addMultiCellWidget(_ca_validFrom, 1, 1, 1, 4);
tabGrid->addWidget(new TQLabel(i18n("Valid until:"), tab), 2, 0);
_ca_validUntil = new TQLabel("", tab);
tabGrid->addMultiCellWidget(_ca_validUntil, 2, 2, 1, 4);
tabGrid->addWidget(new TQLabel(i18n("Serial number:"), tab), 3, 0);
_ca_serialNum = new TQLabel("", tab);
tabGrid->addWidget(_ca_serialNum, 3, 1);
_tabs->addTab(tab, i18n("State"));
//
// Make the second tab
//
tab = new TQFrame(_x509Frame);
tabGrid = new TQGridLayout(tab, 4, 5, KDialog::marginHint(),
KDialog::spacingHint() );
tabGrid->addWidget(new TQLabel(i18n("MD5 digest:"), tab), 0, 0);
_ca_digest = new TQLabel(tab);
tabGrid->addMultiCellWidget(_ca_digest, 0, 0, 1, 4);
tabGrid->addWidget(new TQLabel(i18n("Signature:"), tab), 1, 0);
_ca_sig = new TQMultiLineEdit(tab);
tabGrid->addMultiCellWidget(_ca_sig, 1, 3, 1, 4);
_ca_sig->setReadOnly(true);
_tabs->addTab(tab, i18n("Signature"));
//
// Make the third tab
//
tab = new TQFrame(_x509Frame);
tabGrid = new TQGridLayout(tab, 4, 5, KDialog::marginHint(),
KDialog::spacingHint() );
tabGrid->addWidget(new TQLabel(i18n("Public key:"), tab), 0, 0);
_ca_pubkey = new TQMultiLineEdit(tab);
tabGrid->addMultiCellWidget(_ca_pubkey, 0, 3, 1, 4);
_ca_pubkey->setReadOnly(true);
_tabs->addTab(tab, i18n("Public Key"));
_x509Frame->hide();
//------------------------------------------------------------------------
// The blank widget
//------------------------------------------------------------------------
_blankFrame = new TQFrame(_frame);
grid = new TQGridLayout(_blankFrame, 1, 1, KDialog::marginHint(),
KDialog::spacingHint() );
grid->addMultiCellWidget(new TQLabel(i18n("TDE Secure Certificate Import"), _blankFrame), 0, 0, 0, 0);
_blankFrame->show();
//
// Finish it off
//
_baseGrid->addMultiCellWidget(new KSeparator(KSeparator::HLine, _frame), 13, 13, 2, 8);
_launch = new TQPushButton(i18n("&Crypto Manager..."), _frame);
_import = new TQPushButton(i18n("&Import"), _frame);
_save = new TQPushButton(i18n("&Save..."), _frame);
_done = new TQPushButton(i18n("&Done"), _frame);
_baseGrid->addMultiCellWidget(_launch, 14, 14, 4, 5);
_baseGrid->addWidget(_import, 14, 6);
_baseGrid->addWidget(_save, 14, 7);
_baseGrid->addWidget(_done, 14, 8);
connect(_launch, TQ_SIGNAL(clicked()), TQ_SLOT(slotLaunch()));
connect(_import, TQ_SIGNAL(clicked()), TQ_SLOT(slotImport()));
connect(_save, TQ_SIGNAL(clicked()), TQ_SLOT(slotSave()));
connect(_done, TQ_SIGNAL(clicked()), TQ_SLOT(slotDone()));
_import->setEnabled(false);
_save->setEnabled(false);
_baseGrid->addMultiCellWidget(_pkcsFrame, 0, 12, 2, 8);
_baseGrid->addMultiCellWidget(_x509Frame, 0, 12, 2, 8);
_baseGrid->addMultiCellWidget(_blankFrame, 0, 12, 2, 8);
connect(_sideList, TQ_SIGNAL(selectionChanged(TQListViewItem*)),
this, TQ_SLOT(slotSelectionChanged(TQListViewItem*)));
setReadWrite(true);
}
KCertPart::~KCertPart() {
delete _signers;
delete d->browserExtension;
delete d;
}
void KCertPart::setReadWrite(bool rw) {
if (!rw) {
_import->setEnabled(false);
_save->setEnabled(false);
}
KParts::ReadWritePart::setReadWrite(rw);
}
bool KCertPart::saveFile() {
if (_p12) {
TQString certFile = KFileDialog::getSaveFileName(TQString::null, "application/x-pkcs12");
if (certFile.isEmpty())
return false;
if (!_p12->toFile(certFile)) {
KMessageBox::sorry(_frame, i18n("Save failed."), i18n("Certificate Import"));
return false;
}
return true;
} else if (_ca) {
TQString certFile = KFileDialog::getSaveFileName(TQString::null, "application/x-x509-ca-cert");
if (certFile.isEmpty())
return false;
TQByteArray enc;
if (certFile.endsWith("der") || certFile.endsWith("crt")) {
enc = _ca->toDer();
} else if (certFile.endsWith("netscape")) {
enc = _ca->toNetscape();
} else {
enc = _ca->toPem();
}
TQFile of(certFile);
if (!of.open(IO_WriteOnly) || (unsigned)of.writeBlock(enc) != enc.size()) {
KMessageBox::sorry(_frame, i18n("Save failed."), i18n("Certificate Import"));
return false;
}
of.flush();
return true;
} else {
return false;
}
}
bool KCertPart::openFile() {
#ifndef HAVE_SSL
KMessageBox::sorry(_frame, i18n("You do not seem to have compiled TDE with SSL support."), i18n("Certificate Import"));
return false;
#else
if (TQFileInfo(m_file).size() == 0) {
KMessageBox::sorry(_frame, i18n("Certificate file is empty."), i18n("Certificate Import"));
return false;
}
TQString whatType = d->browserExtension->urlArgs().serviceType;
//whatType = KMimeType::findByURL(m_url,0,true)->name();
if (whatType.isEmpty())
whatType = KServiceTypeFactory::self()->findFromPattern(m_file)->name();
/*
TQString blah = "file: " + m_file
+ "\nurl: " + m_url.url()
+ "\nserviceType: " + d->browserExtension->urlArgs().serviceType
+ "\nfactory: " + KServiceTypeFactory::self()->findFromPattern(m_file)->name()
+ "\nmimeType: " + KMimeType::findByURL(m_url)->name();
KMessageBox::information(_frame, blah, "ssl");
*/
emit completed();
/////////////////////////////////////////////////////////////////////////////
// x-pkcs12 loading
/////////////////////////////////////////////////////////////////////////////
if (whatType == "application/x-pkcs12") {
TQString pass;
_p12 = KSSLPKCS12::loadCertFile(m_file);
while (!_p12) {
// try prompting for a password.
int rc = KPasswordDialog::getPassword(pass, i18n("Certificate Password"));
if (rc != KPasswordDialog::Accepted) break;
_p12 = KSSLPKCS12::loadCertFile(m_file, pass);
if (!_p12) {
rc = KMessageBox::warningContinueCancel(_frame, i18n("The certificate file could not be loaded. Try a different password?"), i18n("Certificate Import"),i18n("Try Different"));
if (rc == KMessageBox::Continue) continue;
break;
}
}
if (!_p12) return false;
new KPKCS12Item(_parentP12, _p12);
_p12 = NULL;
return true;
/////////////////////////////////////////////////////////////////////////////
// x-509-ca-cert loading
/////////////////////////////////////////////////////////////////////////////
} else if (whatType == "application/x-x509-ca-cert" ||
whatType == "application/binary-certificate") {
FILE *fp;
bool isPEM = false;
_ca_filenameLabel->setText(m_file);
///////////// UGLY HACK TO GET AROUND OPENSSL PROBLEMS ///////////
if (whatType == "application/x-x509-ca-cert") {
// Check if it is PEM or not
TQFile qf(m_file);
qf.open(IO_ReadOnly);
TQByteArray theFile = qf.readAll();
qf.close();
const char *signature = "-----BEGIN CERTIFICATE-----";
theFile[(uint)(qf.size()-1)] = 0;
isPEM = (TQCString(theFile.data()).find(signature) >= 0);
}
fp = fopen(m_file.local8Bit(), "r");
if (!fp) {
KMessageBox::sorry(_frame, i18n("This file cannot be opened."), i18n("Certificate Import"));
return false;
}
/*
kdDebug() << "Reading in a file in "
<< (isPEM ? "PEM" : "DER")
<< " format." << endl;
*/
if (!isPEM) {
X509 *dx = KOSSL::self()->X509_d2i_fp(fp, NULL);
if (dx) {
KSSLCertificate *xc = KSSLCertificate::fromX509(dx);
if (xc) {
if (xc->x509V3Extensions().certTypeCA())
new KX509Item(_parentCA, xc);
else
new KX509Item(_sideList, xc);
fclose(fp);
return true;
}
KOSSL::self()->X509_free(dx);
}
return false;
}
STACK_OF(X509_INFO) *sx5i = KOSSL::self()->PEM_X509_INFO_read(fp, NULL, KSSLPemCallback, NULL);
if (!sx5i) {
KMessageBox::sorry(_frame, i18n("This file cannot be opened."), i18n("Certificate Import"));
fclose(fp);
return false;
}
_ca_filenameLabel->setText(m_file);
for (int i = 0; i < KOSSL::self()->OPENSSL_sk_num(sx5i); i++) {
X509_INFO* x5i = reinterpret_cast<X509_INFO*>(KOSSL::self()->OPENSSL_sk_value(sx5i, i));
if (x5i->x_pkey && x5i->x509) { // a personal cert (like PKCS12)
KSSLCertificate *xc = KSSLCertificate::fromX509(x5i->x509);
new KX509Item(_sideList, xc);
} else if (x5i->x509) { // something else - maybe a CA file
KSSLCertificate *xc = KSSLCertificate::fromX509(x5i->x509);
if (xc->x509V3Extensions().certTypeCA())
new KX509Item(_parentCA, xc);
else new KX509Item(_sideList, xc);
} else if (x5i->crl) { // a crl
kdDebug() << "Found a CRL..." << endl;
}
}
KOSSL::self()->OPENSSL_sk_free(sx5i);
fclose(fp);
return true;
/////////////////////////////////////////////////////////////////////////////
// Dunno how to load this
/////////////////////////////////////////////////////////////////////////////
} else {
TQString emsg = i18n("I do not know how to handle this type of file.") + "\n" + whatType;
KMessageBox::sorry(_frame, emsg, i18n("Certificate Import"));
return false;
}
#endif
}
void KCertPart::displayPKCS12() {
KSSLCertificate *xc = _p12->getCertificate();
_p12_filenameLabel->setText(m_file);
displayPKCS12Cert(xc);
_p12_certState->setText(KSSLCertificate::verifyText(_p12->validate()));
// Set the chain if it's there
if (xc->chain().depth() > 1) {
TQPtrList<KSSLCertificate> cl = xc->chain().getChain();
int cnt = 0;
_p12_chain->setEnabled(true);
_p12_chain->clear();
_p12_chain->insertItem(i18n("0 - Site Certificate"));
for (KSSLCertificate *c = cl.first(); c != 0; c = cl.next()) {
KSSLX509Map map(c->getSubject());
_p12_chain->insertItem(TQString::number(++cnt)+" - "+map.getValue("CN"));
}
_p12_chain->setCurrentItem(0);
} else {
_p12_chain->clear();
_p12_chain->setEnabled(false);
}
}
void KCertPart::displayCACert(KSSLCertificate *c) {
// We have the file, lets work with it.
_ca_subject->setValues(c->getSubject());
_ca_issuer->setValues(c->getIssuer());
// Set the valid period
TQPalette cspl = _ca_validFrom->palette();
if (TQDateTime::currentDateTime(TQt::UTC) < c->getQDTNotBefore()) {
cspl.setColor(TQColorGroup::Foreground, TQColor(196,33,21));
} else {
cspl.setColor(TQColorGroup::Foreground, TQColor(42,153,59));
}
_ca_validFrom->setPalette(cspl);
_ca_validFrom->setText(c->getNotBefore());
cspl = _ca_validUntil->palette();
if (TQDateTime::currentDateTime(TQt::UTC) > c->getQDTNotAfter()) {
cspl.setColor(TQColorGroup::Foreground, TQColor(196,33,21));
} else {
cspl.setColor(TQColorGroup::Foreground, TQColor(42,153,59));
}
_ca_validUntil->setPalette(cspl);
_ca_validUntil->setText(c->getNotAfter());
_ca_serialNum->setText(c->getSerialNumber());
cspl = _ca_certState->palette();
if (!c->isValid()) {
cspl.setColor(TQColorGroup::Foreground, TQColor(196,33,21));
} else {
cspl.setColor(TQColorGroup::Foreground, TQColor(42,153,59));
}
_ca_certState->setPalette(cspl);
_ca_certState->setText(KSSLCertificate::verifyText(c->validate()));
_ca_pubkey->setText(c->getPublicKeyText());
_ca_digest->setText(c->getMD5DigestText());
_ca_sig->setText(c->getSignatureText());
}
void KCertPart::displayPKCS12Cert(KSSLCertificate *c) {
// We have the file, lets work with it.
_p12_subject->setValues(c->getSubject());
_p12_issuer->setValues(c->getIssuer());
// Set the valid period
TQPalette cspl = _p12_validFrom->palette();
if (TQDateTime::currentDateTime(TQt::UTC) < c->getQDTNotBefore()) {
cspl.setColor(TQColorGroup::Foreground, TQColor(196,33,21));
} else {
cspl.setColor(TQColorGroup::Foreground, TQColor(42,153,59));
}
_p12_validFrom->setPalette(cspl);
_p12_validFrom->setText(c->getNotBefore());
cspl = _p12_validUntil->palette();
if (TQDateTime::currentDateTime(TQt::UTC) > c->getQDTNotAfter()) {
cspl.setColor(TQColorGroup::Foreground, TQColor(196,33,21));
} else {
cspl.setColor(TQColorGroup::Foreground, TQColor(42,153,59));
}
_p12_validUntil->setPalette(cspl);
_p12_validUntil->setText(c->getNotAfter());
_p12_serialNum->setText(c->getSerialNumber());
cspl = _p12_certState->palette();
if (!c->isValid()) {
cspl.setColor(TQColorGroup::Foreground, TQColor(196,33,21));
} else {
cspl.setColor(TQColorGroup::Foreground, TQColor(42,153,59));
}
_p12_certState->setPalette(cspl);
_p12_certState->setText(KSSLCertificate::verifyText(c->validate()));
_p12_pubkey->setText(c->getPublicKeyText());
_p12_digest->setText(c->getMD5DigestText());
_p12_sig->setText(c->getSignatureText());
}
void KCertPart::slotChain(int c) {
if (c == 0) {
displayPKCS12Cert(_p12->getCertificate());
_p12_certState->setText(KSSLCertificate::verifyText(_p12->validate()));
} else {
displayPKCS12Cert(_p12->getCertificate()->chain().getChain().at(c-1));
}
}
void KCertPart::slotImport() {
if (_p12) {
KSimpleConfig cfg("ksslcertificates", false);
if (cfg.hasGroup(_p12->getCertificate()->getSubject())) {
TQString msg = _curName + "\n" + i18n("A certificate with that name already exists. Are you sure that you wish to replace it?");
int rc= KMessageBox::warningContinueCancel(_frame, msg, i18n("Certificate Import"),i18n("Replace"));
if (rc == KMessageBox::Cancel) {
return;
}
}
cfg.setGroup(_p12->getCertificate()->getSubject());
cfg.writeEntry("PKCS12Base64", _p12->toString());
cfg.writeEntry("Password", "");
cfg.sync();
if (!_silentImport)
KMessageBox::information(_frame, i18n("Certificate has been successfully imported into TDE.\nYou can manage your certificate settings from the Trinity Control Center."), i18n("Certificate Import"));
} else if (_ca) {
TDEConfig cfg("ksslcalist", true, false);
if (cfg.hasGroup(_ca->getSubject())) {
TQString msg = _curName + "\n" + i18n("A certificate with that name already exists. Are you sure that you wish to replace it?");
int rc= KMessageBox::warningContinueCancel(_frame, msg, i18n("Certificate Import"),i18n("Replace"));
if (rc == KMessageBox::Cancel) {
return;
}
}
_signers->addCA(_ca->toString(),
_ca->x509V3Extensions().certTypeSSLCA(),
_ca->x509V3Extensions().certTypeEmailCA(),
_ca->x509V3Extensions().certTypeCodeCA());
if (!_silentImport)
_signers->regenerate();
if (!_silentImport)
KMessageBox::information(_frame, i18n("Certificate has been successfully imported into TDE.\nYou can manage your certificate settings from the Trinity Control Center."), i18n("Certificate Import"));
}
}
void KCertPart::slotSave() {
saveFile();
}
void KCertPart::slotDone() {
KParts::BrowserInterface *iface = d->browserExtension->browserInterface();
iface->callMethod("goHistory(int)", -1);
}
void KCertPart::slotLaunch() {
KShellProcess p;
p << "tdecmshell" << "crypto";
p.start(TDEProcess::DontCare);
}
void KCertPart::slotSelectionChanged(TQListViewItem *x) {
KX509Item *x5i = dynamic_cast<KX509Item*>(x);
KPKCS12Item *p12i = dynamic_cast<KPKCS12Item*>(x);
_p12 = NULL;
_ca = NULL;
if (x && x->parent() == _parentCA) {
if (!x5i) {
return;
}
x5i->cert->revalidate();
_blankFrame->hide();
_pkcsFrame->hide();
_x509Frame->show();
_ca = x5i->cert;
_import->setEnabled(true);
_save->setEnabled(true);
_curName = x5i->_prettyName;
displayCACert(_ca);
} else if (x && x->parent() == NULL && x->rtti() == 1) {
if (!x5i) {
return;
}
x5i->cert->revalidate();
_blankFrame->hide();
_pkcsFrame->hide();
_x509Frame->show();
_ca = x5i->cert;
_import->setEnabled(false);
_save->setEnabled(false);
_curName = x5i->_prettyName;
displayCACert(_ca);
} else if (x && x->parent() == _parentP12) {
if (!p12i) {
return;
}
p12i->cert->revalidate();
_blankFrame->hide();
_x509Frame->hide();
_pkcsFrame->show();
_p12 = p12i->cert;
_import->setEnabled(true);
_save->setEnabled(true);
_curName = p12i->_prettyName;
displayPKCS12();
} else {
_pkcsFrame->hide();
_x509Frame->hide();
_blankFrame->show();
_import->setEnabled(false);
_save->setEnabled(false);
_curName = "";
}
}
void KCertPart::slotImportAll() {
KSSLPKCS12 *p12Save = _p12;
KSSLCertificate *caSave = _ca;
TQString curNameSave = _curName;
_p12 = NULL;
_ca = NULL;
_silentImport = true;
for (KPKCS12Item *t = dynamic_cast<KPKCS12Item*>(_parentP12->firstChild());
t;
t = dynamic_cast<KPKCS12Item*>(t->nextSibling())) {
if (t) {
_p12 = t->cert;
_curName = t->_prettyName;
}
slotImport();
}
_p12 = NULL;
for (KX509Item *t = dynamic_cast<KX509Item*>(_parentCA->firstChild());
t;
t = dynamic_cast<KX509Item*>(t->nextSibling())) {
if (t) {
_ca = t->cert;
_curName = t->_prettyName;
}
slotImport();
}
_ca = NULL;
_signers->regenerate();
_silentImport = false;
_p12 = p12Save;
_ca = caSave;
_curName = curNameSave;
KMessageBox::information(_frame, i18n("Certificates have been successfully imported into TDE.\nYou can manage your certificate settings from the Trinity Control Center."), i18n("Certificate Import"));
}
TDEAboutData *KCertPart::createAboutData()
{
return new TDEAboutData("KCertPart", I18N_NOOP("TDE Certificate Part"), "1.0");
}
#include "tdecertpart.moc"