TDE core libraries
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

877 lines
25KB

  1. /* This file is part of the KDE project
  2. *
  3. * Copyright (C) 2001-2003 George Staikos <staikos@kde.org>
  4. *
  5. * This library is free software; you can redistribute it and/or
  6. * modify it under the terms of the GNU Library General Public
  7. * License as published by the Free Software Foundation; either
  8. * version 2 of the License, or (at your option) any later version.
  9. *
  10. * This library is distributed in the hope that it will be useful,
  11. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  12. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  13. * Library General Public License for more details.
  14. *
  15. * You should have received a copy of the GNU Library General Public License
  16. * along with this library; see the file COPYING.LIB. If not, write to
  17. * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
  18. * Boston, MA 02110-1301, USA.
  19. */
  20. #include "tdecertpart.h"
  21. #include <tdeparts/genericfactory.h>
  22. #include <kinstance.h>
  23. #include <tdeaboutdata.h>
  24. #include <tqframe.h>
  25. #include <tdelocale.h>
  26. #include <kdebug.h>
  27. #include <tqlabel.h>
  28. #include <tqlayout.h>
  29. #include <tqbutton.h>
  30. #include <tqpushbutton.h>
  31. #include <tqcombobox.h>
  32. #include <tdemessagebox.h>
  33. #include <kpassdlg.h>
  34. #include <ksslall.h>
  35. #include <kopenssl.h>
  36. #include <ksslpemcallback.h>
  37. #include <tdefiledialog.h>
  38. #include <kprocess.h>
  39. #include <tqtabwidget.h>
  40. #include <kseparator.h>
  41. #include <tdelistview.h>
  42. #include <tdeio/kmimemagic.h>
  43. #include <tqmultilineedit.h>
  44. #include <tqregexp.h>
  45. #include <kcombobox.h>
  46. #include <tdeparts/browserextension.h>
  47. #include <tdeparts/browserinterface.h>
  48. #include <tdeio/kservicetypefactory.h>
  49. K_EXPORT_COMPONENT_FACTORY( libtdecertpart, KParts::GenericFactory<KCertPart> )
  50. KX509Item::KX509Item(TDEListViewItem *parent, KSSLCertificate *x) :
  51. TDEListViewItem(parent, 0L)
  52. {
  53. setup(x);
  54. }
  55. KX509Item::KX509Item(TDEListView *parent, KSSLCertificate *x) :
  56. TDEListViewItem(parent)
  57. {
  58. setup(x);
  59. }
  60. void KX509Item::setup(KSSLCertificate *x) {
  61. cert = x;
  62. if (x) {
  63. KSSLX509Map xm(x->getSubject());
  64. TQString OU = "OU";
  65. TQString CN = "CN";
  66. OU = xm.getValue(OU);
  67. CN = xm.getValue(CN);
  68. OU.replace(TQRegExp("\n.*"), "");
  69. CN.replace(TQRegExp("\n.*"), "");
  70. if (OU.length() > 0) {
  71. _prettyName = OU;
  72. }
  73. if (CN.length() > 0) {
  74. if (_prettyName.length() > 0) {
  75. _prettyName += " - ";
  76. }
  77. _prettyName += CN;
  78. }
  79. setText(0, _prettyName);
  80. } else {
  81. setText(0, i18n("Invalid certificate!"));
  82. }
  83. }
  84. KX509Item::~KX509Item()
  85. {
  86. delete cert;
  87. }
  88. KPKCS12Item::KPKCS12Item(TDEListViewItem *parent, KSSLPKCS12 *x) :
  89. TDEListViewItem(parent, 0L)
  90. {
  91. cert = x;
  92. if (x) {
  93. KSSLX509Map xm(x->getCertificate()->getSubject());
  94. TQString CN = "CN";
  95. CN = xm.getValue(CN);
  96. CN.replace(TQRegExp("\n.*"), "");
  97. _prettyName = CN;
  98. setText(0, _prettyName);
  99. } else {
  100. setText(0, i18n("Invalid certificate!"));
  101. }
  102. }
  103. KPKCS12Item::~KPKCS12Item()
  104. {
  105. delete cert;
  106. }
  107. class KCertPartPrivate {
  108. public:
  109. KParts::BrowserExtension *browserExtension;
  110. };
  111. KCertPart::KCertPart(TQWidget *parentWidget, const char *widgetName,
  112. TQObject *parent, const char *name,
  113. const TQStringList & /*args*/ )
  114. : KParts::ReadWritePart(parent, name) {
  115. TDEInstance *instance = new TDEInstance("KCertPart");
  116. TQGridLayout *grid;
  117. setInstance(instance);
  118. _signers = new KSSLSigners;
  119. // This is a bit confusing now. Here's how it works:
  120. // We create a _frame and split it left/right
  121. // Then we add the ListView to the left and create
  122. // a new frame on the right. We set the main widget
  123. // on the right.
  124. _p12 = NULL;
  125. _ca = NULL;
  126. _silentImport = false;
  127. d = new KCertPartPrivate;
  128. d->browserExtension = new KParts::BrowserExtension(this);
  129. _frame = new TQFrame(parentWidget, widgetName);
  130. setWidget(_frame);
  131. _baseGrid = new TQGridLayout(_frame, 15, 9, KDialog::marginHint(),
  132. KDialog::spacingHint());
  133. _sideList = new TDEListView(_frame);
  134. _sideList->setRootIsDecorated(true);
  135. _sideList->addColumn(i18n("Certificates"));
  136. _parentCA = new TDEListViewItem(_sideList, i18n("Signers"));
  137. _parentCA->setExpandable(true);
  138. _sideList->setOpen(_parentCA, true);
  139. _parentP12 = new TDEListViewItem(_sideList, i18n("Client"));
  140. _parentP12->setExpandable(true);
  141. _sideList->setOpen(_parentP12, true);
  142. _baseGrid->addMultiCellWidget(_sideList, 0, 13, 0, 1);
  143. _importAll = new TQPushButton(i18n("Import &All"), _frame);
  144. _baseGrid->addMultiCellWidget(_importAll, 14, 14, 0, 1);
  145. connect(_importAll, TQT_SIGNAL(clicked()), TQT_SLOT(slotImportAll()));
  146. //------------------------------------------------------------------------
  147. // The PKCS widget
  148. //------------------------------------------------------------------------
  149. _pkcsFrame = new TQFrame(_frame);
  150. grid = new TQGridLayout(_pkcsFrame, 13, 6, KDialog::marginHint(),
  151. KDialog::spacingHint() );
  152. grid->addMultiCellWidget(new TQLabel(i18n("TDE Secure Certificate Import"), _pkcsFrame), 0, 0, 0, 5);
  153. grid->addWidget(new TQLabel(i18n("Chain:"), _pkcsFrame), 1, 0);
  154. _p12_chain = new KComboBox(_pkcsFrame);
  155. grid->addMultiCellWidget(_p12_chain, 1, 1, 1, 4);
  156. connect(_p12_chain, TQT_SIGNAL(activated(int)), TQT_SLOT(slotChain(int)));
  157. grid->addWidget(new TQLabel(i18n("Subject:"), _pkcsFrame), 2, 0);
  158. grid->addWidget(new TQLabel(i18n("Issued by:"), _pkcsFrame), 2, 3);
  159. _p12_subject = KSSLInfoDlg::certInfoWidget(_pkcsFrame, TQString(""));
  160. _p12_issuer = KSSLInfoDlg::certInfoWidget(_pkcsFrame, TQString(""));
  161. grid->addMultiCellWidget(_p12_subject, 3, 6, 0, 2);
  162. grid->addMultiCellWidget(_p12_issuer, 3, 6, 3, 5);
  163. grid->addWidget(new TQLabel(i18n("File:"), _pkcsFrame), 7, 0);
  164. _p12_filenameLabel = new TQLabel("", _pkcsFrame);
  165. grid->addWidget(_p12_filenameLabel, 7, 1);
  166. grid->addWidget(new TQLabel(i18n("File format:"), _pkcsFrame), 7, 3);
  167. grid->addWidget(new TQLabel("PKCS#12", _pkcsFrame), 7, 4);
  168. //
  169. // Make the first tab
  170. //
  171. _tabs = new TQTabWidget(_pkcsFrame);
  172. grid->addMultiCellWidget(_tabs, 8, 12, 0, 5);
  173. TQFrame *tab = new TQFrame(_pkcsFrame);
  174. TQGridLayout *tabGrid = new TQGridLayout(tab, 4, 5, KDialog::marginHint(),
  175. KDialog::spacingHint() );
  176. tabGrid->addWidget(new TQLabel(i18n("State:"), tab), 0, 0);
  177. _p12_certState = new TQLabel("", tab);
  178. tabGrid->addMultiCellWidget(_p12_certState, 0, 0, 1, 4);
  179. tabGrid->addWidget(new TQLabel(i18n("Valid from:"), tab), 1, 0);
  180. _p12_validFrom = new TQLabel("", tab);
  181. tabGrid->addMultiCellWidget(_p12_validFrom, 1, 1, 1, 4);
  182. tabGrid->addWidget(new TQLabel(i18n("Valid until:"), tab), 2, 0);
  183. _p12_validUntil = new TQLabel("", tab);
  184. tabGrid->addMultiCellWidget(_p12_validUntil, 2, 2, 1, 4);
  185. tabGrid->addWidget(new TQLabel(i18n("Serial number:"), tab), 3, 0);
  186. _p12_serialNum = new TQLabel("", tab);
  187. tabGrid->addWidget(_p12_serialNum, 3, 1);
  188. _tabs->addTab(tab, i18n("State"));
  189. //
  190. // Make the second tab
  191. //
  192. tab = new TQFrame(_pkcsFrame);
  193. tabGrid = new TQGridLayout(tab, 4, 5, KDialog::marginHint(),
  194. KDialog::spacingHint() );
  195. tabGrid->addWidget(new TQLabel(i18n("MD5 digest:"), tab), 0, 0);
  196. _p12_digest = new TQLabel(tab);
  197. tabGrid->addMultiCellWidget(_p12_digest, 0, 0, 1, 4);
  198. tabGrid->addWidget(new TQLabel(i18n("Signature:"), tab), 1, 0);
  199. _p12_sig = new TQMultiLineEdit(tab);
  200. tabGrid->addMultiCellWidget(_p12_sig, 1, 3, 1, 4);
  201. _p12_sig->setReadOnly(true);
  202. _tabs->addTab(tab, i18n("Signature"));
  203. //
  204. // Make the third tab
  205. //
  206. tab = new TQFrame(_pkcsFrame);
  207. tabGrid = new TQGridLayout(tab, 4, 5, KDialog::marginHint(),
  208. KDialog::spacingHint() );
  209. tabGrid->addWidget(new TQLabel(i18n("Public key:"), tab), 0, 0);
  210. _p12_pubkey = new TQMultiLineEdit(tab);
  211. tabGrid->addMultiCellWidget(_p12_pubkey, 0, 3, 1, 4);
  212. _p12_pubkey->setReadOnly(true);
  213. _tabs->addTab(tab, i18n("Public Key"));
  214. _pkcsFrame->hide();
  215. //------------------------------------------------------------------------
  216. // The X509 widget
  217. //------------------------------------------------------------------------
  218. // Note: this is almost identical to the above, but I duplicate it for
  219. // the simple reason that the above has potential to display much
  220. // more information, and this one has potential to display different
  221. // information.
  222. _x509Frame = new TQFrame(_frame);
  223. grid = new TQGridLayout(_x509Frame, 12, 6, KDialog::marginHint(),
  224. KDialog::spacingHint() );
  225. grid->addMultiCellWidget(new TQLabel(i18n("TDE Secure Certificate Import"), _x509Frame), 0, 0, 0, 5);
  226. grid->addWidget(new TQLabel(i18n("Subject:"), _x509Frame), 1, 0);
  227. grid->addWidget(new TQLabel(i18n("Issued by:"), _x509Frame), 1, 3);
  228. _ca_subject = KSSLInfoDlg::certInfoWidget(_x509Frame, TQString(""));
  229. _ca_issuer = KSSLInfoDlg::certInfoWidget(_x509Frame, TQString(""));
  230. grid->addMultiCellWidget(_ca_subject, 2, 5, 0, 2);
  231. grid->addMultiCellWidget(_ca_issuer, 2, 5, 3, 5);
  232. grid->addWidget(new TQLabel(i18n("File:"), _x509Frame), 6, 0);
  233. _ca_filenameLabel = new TQLabel("", _x509Frame);
  234. grid->addWidget(_ca_filenameLabel, 6, 1);
  235. grid->addWidget(new TQLabel(i18n("File format:"), _x509Frame), 6, 3);
  236. grid->addWidget(new TQLabel("PEM or DER Encoded X.509", _x509Frame), 6, 4);
  237. //
  238. // Make the first tab
  239. //
  240. _tabs = new TQTabWidget(_x509Frame);
  241. grid->addMultiCellWidget(_tabs, 7, 11, 0, 5);
  242. tab = new TQFrame(_x509Frame);
  243. tabGrid = new TQGridLayout(tab, 4, 5, KDialog::marginHint(),
  244. KDialog::spacingHint() );
  245. tabGrid->addWidget(new TQLabel(i18n("State:"), tab), 0, 0);
  246. _ca_certState = new TQLabel("", tab);
  247. tabGrid->addMultiCellWidget(_ca_certState, 0, 0, 1, 4);
  248. tabGrid->addWidget(new TQLabel(i18n("Valid from:"), tab), 1, 0);
  249. _ca_validFrom = new TQLabel("", tab);
  250. tabGrid->addMultiCellWidget(_ca_validFrom, 1, 1, 1, 4);
  251. tabGrid->addWidget(new TQLabel(i18n("Valid until:"), tab), 2, 0);
  252. _ca_validUntil = new TQLabel("", tab);
  253. tabGrid->addMultiCellWidget(_ca_validUntil, 2, 2, 1, 4);
  254. tabGrid->addWidget(new TQLabel(i18n("Serial number:"), tab), 3, 0);
  255. _ca_serialNum = new TQLabel("", tab);
  256. tabGrid->addWidget(_ca_serialNum, 3, 1);
  257. _tabs->addTab(tab, i18n("State"));
  258. //
  259. // Make the second tab
  260. //
  261. tab = new TQFrame(_x509Frame);
  262. tabGrid = new TQGridLayout(tab, 4, 5, KDialog::marginHint(),
  263. KDialog::spacingHint() );
  264. tabGrid->addWidget(new TQLabel(i18n("MD5 digest:"), tab), 0, 0);
  265. _ca_digest = new TQLabel(tab);
  266. tabGrid->addMultiCellWidget(_ca_digest, 0, 0, 1, 4);
  267. tabGrid->addWidget(new TQLabel(i18n("Signature:"), tab), 1, 0);
  268. _ca_sig = new TQMultiLineEdit(tab);
  269. tabGrid->addMultiCellWidget(_ca_sig, 1, 3, 1, 4);
  270. _ca_sig->setReadOnly(true);
  271. _tabs->addTab(tab, i18n("Signature"));
  272. //
  273. // Make the third tab
  274. //
  275. tab = new TQFrame(_x509Frame);
  276. tabGrid = new TQGridLayout(tab, 4, 5, KDialog::marginHint(),
  277. KDialog::spacingHint() );
  278. tabGrid->addWidget(new TQLabel(i18n("Public key:"), tab), 0, 0);
  279. _ca_pubkey = new TQMultiLineEdit(tab);
  280. tabGrid->addMultiCellWidget(_ca_pubkey, 0, 3, 1, 4);
  281. _ca_pubkey->setReadOnly(true);
  282. _tabs->addTab(tab, i18n("Public Key"));
  283. _x509Frame->hide();
  284. //------------------------------------------------------------------------
  285. // The blank widget
  286. //------------------------------------------------------------------------
  287. _blankFrame = new TQFrame(_frame);
  288. grid = new TQGridLayout(_blankFrame, 1, 1, KDialog::marginHint(),
  289. KDialog::spacingHint() );
  290. grid->addMultiCellWidget(new TQLabel(i18n("TDE Secure Certificate Import"), _blankFrame), 0, 0, 0, 0);
  291. _blankFrame->show();
  292. //
  293. // Finish it off
  294. //
  295. _baseGrid->addMultiCellWidget(new KSeparator(KSeparator::HLine, _frame), 13, 13, 2, 8);
  296. _launch = new TQPushButton(i18n("&Crypto Manager..."), _frame);
  297. _import = new TQPushButton(i18n("&Import"), _frame);
  298. _save = new TQPushButton(i18n("&Save..."), _frame);
  299. _done = new TQPushButton(i18n("&Done"), _frame);
  300. _baseGrid->addMultiCellWidget(_launch, 14, 14, 4, 5);
  301. _baseGrid->addWidget(_import, 14, 6);
  302. _baseGrid->addWidget(_save, 14, 7);
  303. _baseGrid->addWidget(_done, 14, 8);
  304. connect(_launch, TQT_SIGNAL(clicked()), TQT_SLOT(slotLaunch()));
  305. connect(_import, TQT_SIGNAL(clicked()), TQT_SLOT(slotImport()));
  306. connect(_save, TQT_SIGNAL(clicked()), TQT_SLOT(slotSave()));
  307. connect(_done, TQT_SIGNAL(clicked()), TQT_SLOT(slotDone()));
  308. _import->setEnabled(false);
  309. _save->setEnabled(false);
  310. _baseGrid->addMultiCellWidget(_pkcsFrame, 0, 12, 2, 8);
  311. _baseGrid->addMultiCellWidget(_x509Frame, 0, 12, 2, 8);
  312. _baseGrid->addMultiCellWidget(_blankFrame, 0, 12, 2, 8);
  313. connect(_sideList, TQT_SIGNAL(selectionChanged(TQListViewItem*)),
  314. this, TQT_SLOT(slotSelectionChanged(TQListViewItem*)));
  315. setReadWrite(true);
  316. }
  317. KCertPart::~KCertPart() {
  318. delete _signers;
  319. delete d->browserExtension;
  320. delete d;
  321. }
  322. void KCertPart::setReadWrite(bool rw) {
  323. if (!rw) {
  324. _import->setEnabled(false);
  325. _save->setEnabled(false);
  326. }
  327. KParts::ReadWritePart::setReadWrite(rw);
  328. }
  329. bool KCertPart::saveFile() {
  330. if (_p12) {
  331. TQString certFile = KFileDialog::getSaveFileName(TQString::null, "application/x-pkcs12");
  332. if (certFile.isEmpty())
  333. return false;
  334. if (!_p12->toFile(certFile)) {
  335. KMessageBox::sorry(_frame, i18n("Save failed."), i18n("Certificate Import"));
  336. return false;
  337. }
  338. return true;
  339. } else if (_ca) {
  340. TQString certFile = KFileDialog::getSaveFileName(TQString::null, "application/x-x509-ca-cert");
  341. if (certFile.isEmpty())
  342. return false;
  343. TQByteArray enc;
  344. if (certFile.endsWith("der") || certFile.endsWith("crt")) {
  345. enc = _ca->toDer();
  346. } else if (certFile.endsWith("netscape")) {
  347. enc = _ca->toNetscape();
  348. } else {
  349. enc = _ca->toPem();
  350. }
  351. TQFile of(certFile);
  352. if (!of.open(IO_WriteOnly) || (unsigned)of.writeBlock(enc) != enc.size()) {
  353. KMessageBox::sorry(_frame, i18n("Save failed."), i18n("Certificate Import"));
  354. return false;
  355. }
  356. of.flush();
  357. return true;
  358. } else {
  359. return false;
  360. }
  361. }
  362. bool KCertPart::openFile() {
  363. #ifndef HAVE_SSL
  364. KMessageBox::sorry(_frame, i18n("You do not seem to have compiled TDE with SSL support."), i18n("Certificate Import"));
  365. return false;
  366. #else
  367. if (TQFileInfo(m_file).size() == 0) {
  368. KMessageBox::sorry(_frame, i18n("Certificate file is empty."), i18n("Certificate Import"));
  369. return false;
  370. }
  371. TQString whatType = d->browserExtension->urlArgs().serviceType;
  372. //whatType = KMimeType::findByURL(m_url,0,true)->name();
  373. if (whatType.isEmpty())
  374. whatType = KServiceTypeFactory::self()->findFromPattern(m_file)->name();
  375. /*
  376. TQString blah = "file: " + m_file
  377. + "\nurl: " + m_url.url()
  378. + "\nserviceType: " + d->browserExtension->urlArgs().serviceType
  379. + "\nfactory: " + KServiceTypeFactory::self()->findFromPattern(m_file)->name()
  380. + "\nmimeType: " + KMimeType::findByURL(m_url)->name();
  381. KMessageBox::information(_frame, blah, "ssl");
  382. */
  383. emit completed();
  384. /////////////////////////////////////////////////////////////////////////////
  385. // x-pkcs12 loading
  386. /////////////////////////////////////////////////////////////////////////////
  387. if (whatType == "application/x-pkcs12") {
  388. TQString pass;
  389. _p12 = KSSLPKCS12::loadCertFile(m_file);
  390. while (!_p12) {
  391. // try prompting for a password.
  392. int rc = KPasswordDialog::getPassword(pass, i18n("Certificate Password"));
  393. if (rc != KPasswordDialog::Accepted) break;
  394. _p12 = KSSLPKCS12::loadCertFile(m_file, pass);
  395. if (!_p12) {
  396. rc = KMessageBox::warningContinueCancel(_frame, i18n("The certificate file could not be loaded. Try a different password?"), i18n("Certificate Import"),i18n("Try Different"));
  397. if (rc == KMessageBox::Continue) continue;
  398. break;
  399. }
  400. }
  401. if (!_p12) return false;
  402. new KPKCS12Item(_parentP12, _p12);
  403. _p12 = NULL;
  404. return true;
  405. /////////////////////////////////////////////////////////////////////////////
  406. // x-509-ca-cert loading
  407. /////////////////////////////////////////////////////////////////////////////
  408. } else if (whatType == "application/x-x509-ca-cert" ||
  409. whatType == "application/binary-certificate") {
  410. FILE *fp;
  411. bool isPEM = false;
  412. _ca_filenameLabel->setText(m_file);
  413. ///////////// UGLY HACK TO GET AROUND OPENSSL PROBLEMS ///////////
  414. if (whatType == "application/x-x509-ca-cert") {
  415. // Check if it is PEM or not
  416. TQFile qf(m_file);
  417. qf.open(IO_ReadOnly);
  418. TQByteArray theFile = qf.readAll();
  419. qf.close();
  420. const char *signature = "-----BEGIN CERTIFICATE-----";
  421. theFile[(uint)(qf.size()-1)] = 0;
  422. isPEM = (TQCString(theFile.data()).find(signature) >= 0);
  423. }
  424. fp = fopen(m_file.local8Bit(), "r");
  425. if (!fp) {
  426. KMessageBox::sorry(_frame, i18n("This file cannot be opened."), i18n("Certificate Import"));
  427. return false;
  428. }
  429. /*
  430. kdDebug() << "Reading in a file in "
  431. << (isPEM ? "PEM" : "DER")
  432. << " format." << endl;
  433. */
  434. if (!isPEM) {
  435. X509 *dx = KOSSL::self()->X509_d2i_fp(fp, NULL);
  436. if (dx) {
  437. KSSLCertificate *xc = KSSLCertificate::fromX509(dx);
  438. if (xc) {
  439. if (xc->x509V3Extensions().certTypeCA())
  440. new KX509Item(_parentCA, xc);
  441. else
  442. new KX509Item(_sideList, xc);
  443. fclose(fp);
  444. return true;
  445. }
  446. KOSSL::self()->X509_free(dx);
  447. }
  448. return false;
  449. }
  450. STACK_OF(X509_INFO) *sx5i = KOSSL::self()->PEM_X509_INFO_read(fp, NULL, KSSLPemCallback, NULL);
  451. if (!sx5i) {
  452. KMessageBox::sorry(_frame, i18n("This file cannot be opened."), i18n("Certificate Import"));
  453. fclose(fp);
  454. return false;
  455. }
  456. _ca_filenameLabel->setText(m_file);
  457. for (int i = 0; i < KOSSL::self()->OPENSSL_sk_num(sx5i); i++) {
  458. X509_INFO* x5i = reinterpret_cast<X509_INFO*>(KOSSL::self()->OPENSSL_sk_value(sx5i, i));
  459. if (x5i->x_pkey && x5i->x509) { // a personal cert (like PKCS12)
  460. KSSLCertificate *xc = KSSLCertificate::fromX509(x5i->x509);
  461. new KX509Item(_sideList, xc);
  462. } else if (x5i->x509) { // something else - maybe a CA file
  463. KSSLCertificate *xc = KSSLCertificate::fromX509(x5i->x509);
  464. if (xc->x509V3Extensions().certTypeCA())
  465. new KX509Item(_parentCA, xc);
  466. else new KX509Item(_sideList, xc);
  467. } else if (x5i->crl) { // a crl
  468. kdDebug() << "Found a CRL..." << endl;
  469. }
  470. }
  471. KOSSL::self()->OPENSSL_sk_free(sx5i);
  472. fclose(fp);
  473. return true;
  474. /////////////////////////////////////////////////////////////////////////////
  475. // Dunno how to load this
  476. /////////////////////////////////////////////////////////////////////////////
  477. } else {
  478. TQString emsg = i18n("I do not know how to handle this type of file.") + "\n" + whatType;
  479. KMessageBox::sorry(_frame, emsg, i18n("Certificate Import"));
  480. return false;
  481. }
  482. #endif
  483. }
  484. void KCertPart::displayPKCS12() {
  485. KSSLCertificate *xc = _p12->getCertificate();
  486. _p12_filenameLabel->setText(m_file);
  487. displayPKCS12Cert(xc);
  488. _p12_certState->setText(KSSLCertificate::verifyText(_p12->validate()));
  489. // Set the chain if it's there
  490. if (xc->chain().depth() > 1) {
  491. TQPtrList<KSSLCertificate> cl = xc->chain().getChain();
  492. int cnt = 0;
  493. _p12_chain->setEnabled(true);
  494. _p12_chain->clear();
  495. _p12_chain->insertItem(i18n("0 - Site Certificate"));
  496. for (KSSLCertificate *c = cl.first(); c != 0; c = cl.next()) {
  497. KSSLX509Map map(c->getSubject());
  498. _p12_chain->insertItem(TQString::number(++cnt)+" - "+map.getValue("CN"));
  499. }
  500. _p12_chain->setCurrentItem(0);
  501. } else {
  502. _p12_chain->clear();
  503. _p12_chain->setEnabled(false);
  504. }
  505. }
  506. void KCertPart::displayCACert(KSSLCertificate *c) {
  507. // We have the file, lets work with it.
  508. _ca_subject->setValues(c->getSubject());
  509. _ca_issuer->setValues(c->getIssuer());
  510. // Set the valid period
  511. TQPalette cspl = _ca_validFrom->palette();
  512. if (TQDateTime::currentDateTime(Qt::UTC) < c->getQDTNotBefore()) {
  513. cspl.setColor(TQColorGroup::Foreground, TQColor(196,33,21));
  514. } else {
  515. cspl.setColor(TQColorGroup::Foreground, TQColor(42,153,59));
  516. }
  517. _ca_validFrom->setPalette(cspl);
  518. _ca_validFrom->setText(c->getNotBefore());
  519. cspl = _ca_validUntil->palette();
  520. if (TQDateTime::currentDateTime(Qt::UTC) > c->getQDTNotAfter()) {
  521. cspl.setColor(TQColorGroup::Foreground, TQColor(196,33,21));
  522. } else {
  523. cspl.setColor(TQColorGroup::Foreground, TQColor(42,153,59));
  524. }
  525. _ca_validUntil->setPalette(cspl);
  526. _ca_validUntil->setText(c->getNotAfter());
  527. _ca_serialNum->setText(c->getSerialNumber());
  528. cspl = _ca_certState->palette();
  529. if (!c->isValid()) {
  530. cspl.setColor(TQColorGroup::Foreground, TQColor(196,33,21));
  531. } else {
  532. cspl.setColor(TQColorGroup::Foreground, TQColor(42,153,59));
  533. }
  534. _ca_certState->setPalette(cspl);
  535. _ca_certState->setText(KSSLCertificate::verifyText(c->validate()));
  536. _ca_pubkey->setText(c->getPublicKeyText());
  537. _ca_digest->setText(c->getMD5DigestText());
  538. _ca_sig->setText(c->getSignatureText());
  539. }
  540. void KCertPart::displayPKCS12Cert(KSSLCertificate *c) {
  541. // We have the file, lets work with it.
  542. _p12_subject->setValues(c->getSubject());
  543. _p12_issuer->setValues(c->getIssuer());
  544. // Set the valid period
  545. TQPalette cspl = _p12_validFrom->palette();
  546. if (TQDateTime::currentDateTime(Qt::UTC) < c->getQDTNotBefore()) {
  547. cspl.setColor(TQColorGroup::Foreground, TQColor(196,33,21));
  548. } else {
  549. cspl.setColor(TQColorGroup::Foreground, TQColor(42,153,59));
  550. }
  551. _p12_validFrom->setPalette(cspl);
  552. _p12_validFrom->setText(c->getNotBefore());
  553. cspl = _p12_validUntil->palette();
  554. if (TQDateTime::currentDateTime(Qt::UTC) > c->getQDTNotAfter()) {
  555. cspl.setColor(TQColorGroup::Foreground, TQColor(196,33,21));
  556. } else {
  557. cspl.setColor(TQColorGroup::Foreground, TQColor(42,153,59));
  558. }
  559. _p12_validUntil->setPalette(cspl);
  560. _p12_validUntil->setText(c->getNotAfter());
  561. _p12_serialNum->setText(c->getSerialNumber());
  562. cspl = _p12_certState->palette();
  563. if (!c->isValid()) {
  564. cspl.setColor(TQColorGroup::Foreground, TQColor(196,33,21));
  565. } else {
  566. cspl.setColor(TQColorGroup::Foreground, TQColor(42,153,59));
  567. }
  568. _p12_certState->setPalette(cspl);
  569. _p12_certState->setText(KSSLCertificate::verifyText(c->validate()));
  570. _p12_pubkey->setText(c->getPublicKeyText());
  571. _p12_digest->setText(c->getMD5DigestText());
  572. _p12_sig->setText(c->getSignatureText());
  573. }
  574. void KCertPart::slotChain(int c) {
  575. if (c == 0) {
  576. displayPKCS12Cert(_p12->getCertificate());
  577. _p12_certState->setText(KSSLCertificate::verifyText(_p12->validate()));
  578. } else {
  579. displayPKCS12Cert(_p12->getCertificate()->chain().getChain().at(c-1));
  580. }
  581. }
  582. void KCertPart::slotImport() {
  583. if (_p12) {
  584. KSimpleConfig cfg("ksslcertificates", false);
  585. if (cfg.hasGroup(_p12->getCertificate()->getSubject())) {
  586. TQString msg = _curName + "\n" + i18n("A certificate with that name already exists. Are you sure that you wish to replace it?");
  587. int rc= KMessageBox::warningContinueCancel(_frame, msg, i18n("Certificate Import"),i18n("Replace"));
  588. if (rc == KMessageBox::Cancel) {
  589. return;
  590. }
  591. }
  592. cfg.setGroup(_p12->getCertificate()->getSubject());
  593. cfg.writeEntry("PKCS12Base64", _p12->toString());
  594. cfg.writeEntry("Password", "");
  595. cfg.sync();
  596. if (!_silentImport)
  597. KMessageBox::information(_frame, i18n("Certificate has been successfully imported into TDE.\nYou can manage your certificate settings from the Trinity Control Center."), i18n("Certificate Import"));
  598. } else if (_ca) {
  599. TDEConfig cfg("ksslcalist", true, false);
  600. if (cfg.hasGroup(_ca->getSubject())) {
  601. TQString msg = _curName + "\n" + i18n("A certificate with that name already exists. Are you sure that you wish to replace it?");
  602. int rc= KMessageBox::warningContinueCancel(_frame, msg, i18n("Certificate Import"),i18n("Replace"));
  603. if (rc == KMessageBox::Cancel) {
  604. return;
  605. }
  606. }
  607. _signers->addCA(_ca->toString(),
  608. _ca->x509V3Extensions().certTypeSSLCA(),
  609. _ca->x509V3Extensions().certTypeEmailCA(),
  610. _ca->x509V3Extensions().certTypeCodeCA());
  611. if (!_silentImport)
  612. _signers->regenerate();
  613. if (!_silentImport)
  614. KMessageBox::information(_frame, i18n("Certificate has been successfully imported into TDE.\nYou can manage your certificate settings from the Trinity Control Center."), i18n("Certificate Import"));
  615. }
  616. }
  617. void KCertPart::slotSave() {
  618. saveFile();
  619. }
  620. void KCertPart::slotDone() {
  621. KParts::BrowserInterface *iface = d->browserExtension->browserInterface();
  622. iface->callMethod("goHistory(int)", -1);
  623. }
  624. void KCertPart::slotLaunch() {
  625. KShellProcess p;
  626. p << "tdecmshell" << "crypto";
  627. p.start(TDEProcess::DontCare);
  628. }
  629. void KCertPart::slotSelectionChanged(TQListViewItem *x) {
  630. KX509Item *x5i = dynamic_cast<KX509Item*>(x);
  631. KPKCS12Item *p12i = dynamic_cast<KPKCS12Item*>(x);
  632. _p12 = NULL;
  633. _ca = NULL;
  634. if (x && x->parent() == _parentCA) {
  635. if (!x5i) {
  636. return;
  637. }
  638. x5i->cert->revalidate();
  639. _blankFrame->hide();
  640. _pkcsFrame->hide();
  641. _x509Frame->show();
  642. _ca = x5i->cert;
  643. _import->setEnabled(true);
  644. _save->setEnabled(true);
  645. _curName = x5i->_prettyName;
  646. displayCACert(_ca);
  647. } else if (x && x->parent() == NULL && x->rtti() == 1) {
  648. if (!x5i) {
  649. return;
  650. }
  651. x5i->cert->revalidate();
  652. _blankFrame->hide();
  653. _pkcsFrame->hide();
  654. _x509Frame->show();
  655. _ca = x5i->cert;
  656. _import->setEnabled(false);
  657. _save->setEnabled(false);
  658. _curName = x5i->_prettyName;
  659. displayCACert(_ca);
  660. } else if (x && x->parent() == _parentP12) {
  661. if (!p12i) {
  662. return;
  663. }
  664. p12i->cert->revalidate();
  665. _blankFrame->hide();
  666. _x509Frame->hide();
  667. _pkcsFrame->show();
  668. _p12 = p12i->cert;
  669. _import->setEnabled(true);
  670. _save->setEnabled(true);
  671. _curName = p12i->_prettyName;
  672. displayPKCS12();
  673. } else {
  674. _pkcsFrame->hide();
  675. _x509Frame->hide();
  676. _blankFrame->show();
  677. _import->setEnabled(false);
  678. _save->setEnabled(false);
  679. _curName = "";
  680. }
  681. }
  682. void KCertPart::slotImportAll() {
  683. KSSLPKCS12 *p12Save = _p12;
  684. KSSLCertificate *caSave = _ca;
  685. TQString curNameSave = _curName;
  686. _p12 = NULL;
  687. _ca = NULL;
  688. _silentImport = true;
  689. for (KPKCS12Item *t = dynamic_cast<KPKCS12Item*>(_parentP12->firstChild());
  690. t;
  691. t = dynamic_cast<KPKCS12Item*>(t->nextSibling())) {
  692. if (t) {
  693. _p12 = t->cert;
  694. _curName = t->_prettyName;
  695. }
  696. slotImport();
  697. }
  698. _p12 = NULL;
  699. for (KX509Item *t = dynamic_cast<KX509Item*>(_parentCA->firstChild());
  700. t;
  701. t = dynamic_cast<KX509Item*>(t->nextSibling())) {
  702. if (t) {
  703. _ca = t->cert;
  704. _curName = t->_prettyName;
  705. }
  706. slotImport();
  707. }
  708. _ca = NULL;
  709. _signers->regenerate();
  710. _silentImport = false;
  711. _p12 = p12Save;
  712. _ca = caSave;
  713. _curName = curNameSave;
  714. KMessageBox::information(_frame, i18n("Certificates have been successfully imported into TDE.\nYou can manage your certificate settings from the Trinity Control Center."), i18n("Certificate Import"));
  715. }
  716. TDEAboutData *KCertPart::createAboutData()
  717. {
  718. return new TDEAboutData("KCertPart", I18N_NOOP("TDE Certificate Part"), "1.0");
  719. }
  720. #include "tdecertpart.moc"