TDE core libraries
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

477 lines
16KB

  1. /* This file is part of the KDE project
  2. *
  3. * Copyright (C) 2000,2001 George Staikos <staikos@kde.org>
  4. * Copyright (C) 2000 Malte Starostik <malte@kde.org>
  5. *
  6. * This library is free software; you can redistribute it and/or
  7. * modify it under the terms of the GNU Library General Public
  8. * License as published by the Free Software Foundation; either
  9. * version 2 of the License, or (at your option) any later version.
  10. *
  11. * This library is distributed in the hope that it will be useful,
  12. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  14. * Library General Public License for more details.
  15. *
  16. * You should have received a copy of the GNU Library General Public License
  17. * along with this library; see the file COPYING.LIB. If not, write to
  18. * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
  19. * Boston, MA 02110-1301, USA.
  20. */
  21. #include "ksslinfodlg.h"
  22. #include <kssl.h>
  23. #include <tqlayout.h>
  24. #include <kpushbutton.h>
  25. #include <tqframe.h>
  26. #include <tqlabel.h>
  27. #include <tqscrollview.h>
  28. #include <tqfile.h>
  29. #include <tdeapplication.h>
  30. #include <tdeglobal.h>
  31. #include <tdelocale.h>
  32. #include <kprocess.h>
  33. #include <kiconloader.h>
  34. #include <tdeglobalsettings.h>
  35. #include <ksqueezedtextlabel.h>
  36. #include <kurllabel.h>
  37. #include <kstdguiitem.h>
  38. //#include <kstandarddirs.h>
  39. //#include <krun.h>
  40. #include <kcombobox.h>
  41. #include "ksslcertificate.h"
  42. #include "ksslcertchain.h"
  43. #include "ksslsigners.h"
  44. class KSSLInfoDlg::KSSLInfoDlgPrivate {
  45. private:
  46. friend class KSSLInfoDlg;
  47. bool m_secCon;
  48. TQGridLayout *m_layout;
  49. KComboBox *_chain;
  50. KSSLCertificate *_cert;
  51. KSSLCertificate::KSSLValidationList _cert_ksvl;
  52. bool inQuestion;
  53. TQLabel *_serialNum;
  54. TQLabel *_csl;
  55. TQLabel *_validFrom;
  56. TQLabel *_validUntil;
  57. TQLabel *_digest;
  58. TQLabel *pixmap;
  59. TQLabel *info;
  60. KSSLCertBox *_subject, *_issuer;
  61. };
  62. KSSLInfoDlg::KSSLInfoDlg(bool secureConnection, TQWidget *parent, const char *name, bool modal)
  63. : KDialog(parent, name, modal, (WFlags)TQt::WDestructiveClose), d(new KSSLInfoDlgPrivate) {
  64. TQVBoxLayout *topLayout = new TQVBoxLayout(this, KDialog::marginHint(), KDialog::spacingHint());
  65. d->m_secCon = secureConnection;
  66. d->m_layout = new TQGridLayout(topLayout, 3, 3, KDialog::spacingHint());
  67. d->m_layout->setColStretch(1, 1);
  68. d->m_layout->setColStretch(2, 1);
  69. d->pixmap = new TQLabel(this);
  70. d->m_layout->addWidget(d->pixmap, 0, 0);
  71. d->info = new TQLabel(this);
  72. d->m_layout->addWidget(d->info, 0, 1);
  73. if (KSSL::doesSSLWork()) {
  74. if (d->m_secCon) {
  75. d->pixmap->setPixmap(BarIcon("encrypted"));
  76. d->info->setText(i18n("Current connection is secured with SSL."));
  77. } else {
  78. d->pixmap->setPixmap(BarIcon("decrypted"));
  79. d->info->setText(i18n("Current connection is not secured with SSL."));
  80. }
  81. } else {
  82. d->pixmap->setPixmap(BarIcon("decrypted"));
  83. d->info->setText(i18n("SSL support is not available in this build of TDE."));
  84. }
  85. d->m_layout->addRowSpacing( 0, 50 ); // give minimum height to look better
  86. TQHBoxLayout *buttonLayout = new TQHBoxLayout(topLayout, KDialog::spacingHint());
  87. buttonLayout->addStretch( 1 );
  88. KPushButton *button;
  89. if (KSSL::doesSSLWork()) {
  90. button = new KPushButton(KGuiItem(i18n("C&ryptography Configuration..."),"configure"), this);
  91. connect(button, TQT_SIGNAL(clicked()), TQT_SLOT(launchConfig()));
  92. buttonLayout->addWidget( button );
  93. }
  94. button = new KPushButton(KStdGuiItem::close(), this);
  95. connect(button, TQT_SIGNAL(clicked()), TQT_SLOT(close()));
  96. buttonLayout->addWidget( button );
  97. button->setFocus();
  98. setCaption(i18n("TDE SSL Information"));
  99. d->inQuestion = false;
  100. }
  101. KSSLInfoDlg::~KSSLInfoDlg() {
  102. delete d;
  103. }
  104. void KSSLInfoDlg::launchConfig() {
  105. TDEProcess p;
  106. p << "tdecmshell" << "crypto";
  107. p.start(TDEProcess::DontCare);
  108. }
  109. void KSSLInfoDlg::setSecurityInQuestion(bool isIt) {
  110. d->inQuestion = isIt;
  111. if (KSSL::doesSSLWork()) {
  112. if (isIt) {
  113. d->pixmap->setPixmap(BarIcon("halfencrypted"));
  114. if (d->m_secCon) {
  115. d->info->setText(i18n("The main part of this document is secured with SSL, but some parts are not."));
  116. }
  117. else {
  118. d->info->setText(i18n("Some of this document is secured with SSL, but the main part is not."));
  119. }
  120. }
  121. else {
  122. if (d->m_secCon) {
  123. d->pixmap->setPixmap(BarIcon("encrypted"));
  124. d->info->setText(i18n("Current connection is secured with SSL."));
  125. }
  126. else {
  127. d->pixmap->setPixmap(BarIcon("decrypted"));
  128. d->info->setText(i18n("Current connection is not secured with SSL."));
  129. }
  130. }
  131. }
  132. }
  133. void KSSLInfoDlg::setup( KSSL & ssl, const TQString & ip, const TQString & url )
  134. {
  135. setup(
  136. &ssl.peerInfo().getPeerCertificate(),
  137. ip,
  138. url,
  139. ssl.connectionInfo().getCipher(),
  140. ssl.connectionInfo().getCipherDescription(),
  141. ssl.connectionInfo().getCipherVersion(),
  142. ssl.connectionInfo().getCipherUsedBits(),
  143. ssl.connectionInfo().getCipherBits(),
  144. ssl.peerInfo().getPeerCertificate().validate()
  145. );
  146. }
  147. void KSSLInfoDlg::setup(KSSLCertificate *cert,
  148. const TQString& ip, const TQString& url,
  149. const TQString& cipher, const TQString& cipherdesc,
  150. const TQString& sslversion, int usedbits, int bits,
  151. KSSLCertificate::KSSLValidation /*certState*/) {
  152. // Needed to put the GUI stuff here to get the layouting right
  153. d->_cert = cert;
  154. TQGridLayout *layout = new TQGridLayout(4, 2, KDialog::spacingHint());
  155. layout->addWidget(new TQLabel(i18n("Chain:"), this), 0, 0);
  156. d->_chain = new KComboBox(this);
  157. layout->addMultiCellWidget(d->_chain, 1, 1, 0, 1);
  158. connect(d->_chain, TQT_SIGNAL(activated(int)), this, TQT_SLOT(slotChain(int)));
  159. d->_chain->clear();
  160. if (cert->chain().isValid() && cert->chain().depth() > 1) {
  161. d->_chain->setEnabled(true);
  162. d->_chain->insertItem(i18n("0 - Site Certificate"));
  163. int cnt = 0;
  164. TQPtrList<KSSLCertificate> cl = cert->chain().getChain();
  165. cl.setAutoDelete(true);
  166. for (KSSLCertificate *c = cl.first(); c != 0; c = cl.next()) {
  167. KSSLX509Map map(c->getSubject());
  168. TQString id;
  169. id = map.getValue("CN");
  170. if (id.length() == 0)
  171. id = map.getValue("O");
  172. if (id.length() == 0)
  173. id = map.getValue("OU");
  174. d->_chain->insertItem(TQString::number(++cnt)+" - "+id);
  175. }
  176. d->_chain->setCurrentItem(0);
  177. } else d->_chain->setEnabled(false);
  178. layout->addWidget(new TQLabel(i18n("Peer certificate:"), this), 2, 0);
  179. layout->addWidget(d->_subject = static_cast<KSSLCertBox*>(buildCertInfo(cert->getSubject())), 3, 0);
  180. layout->addWidget(new TQLabel(i18n("Issuer:"), this), 2, 1);
  181. layout->addWidget(d->_issuer = static_cast<KSSLCertBox*>(buildCertInfo(cert->getIssuer())), 3, 1);
  182. d->m_layout->addMultiCell(layout, 1, 1, 0, 2);
  183. layout = new TQGridLayout(11, 2, KDialog::spacingHint());
  184. layout->setColStretch(1, 1);
  185. TQLabel *ipl = new TQLabel(i18n("IP address:"), this);
  186. layout->addWidget(ipl, 0, 0);
  187. if (ip.isEmpty()) {
  188. ipl->hide();
  189. }
  190. layout->addWidget(ipl = new TQLabel(ip, this), 0, 1);
  191. if (ip.isEmpty()) {
  192. ipl->hide();
  193. }
  194. layout->addWidget(new TQLabel(i18n("URL:"), this), 1, 0);
  195. KSqueezedTextLabel *urlLabel = new KSqueezedTextLabel(url, this);
  196. layout->addWidget(urlLabel, 1, 1);
  197. layout->addWidget(new TQLabel(i18n("Certificate state:"), this), 2, 0);
  198. layout->addWidget(d->_csl = new TQLabel("", this), 2, 1);
  199. update();
  200. layout->addWidget(new TQLabel(i18n("Valid from:"), this), 3, 0);
  201. layout->addWidget(d->_validFrom = new TQLabel("", this), 3, 1);
  202. layout->addWidget(new TQLabel(i18n("Valid until:"), this), 4, 0);
  203. layout->addWidget(d->_validUntil = new TQLabel("", this), 4, 1);
  204. layout->addWidget(new TQLabel(i18n("Serial number:"), this), 5, 0);
  205. layout->addWidget(d->_serialNum = new TQLabel("", this), 5, 1);
  206. layout->addWidget(new TQLabel(i18n("MD5 digest:"), this), 6, 0);
  207. layout->addWidget(d->_digest = new TQLabel("", this), 6, 1);
  208. layout->addWidget(new TQLabel(i18n("Cipher in use:"), this), 7, 0);
  209. layout->addWidget(new TQLabel(cipher, this), 7, 1);
  210. layout->addWidget(new TQLabel(i18n("Details:"), this), 8, 0);
  211. layout->addWidget(new TQLabel(cipherdesc.simplifyWhiteSpace(), this), 8, 1);
  212. layout->addWidget(new TQLabel(i18n("SSL version:"), this), 9, 0);
  213. layout->addWidget(new TQLabel(sslversion, this), 9, 1);
  214. layout->addWidget(new TQLabel(i18n("Cipher strength:"), this), 10, 0);
  215. layout->addWidget(new TQLabel(i18n("%1 bits used of a %2 bit cipher").arg(usedbits).arg(bits), this), 10, 1);
  216. d->m_layout->addMultiCell(layout, 2, 2, 0, 2);
  217. ipl->setTextFormat(TQt::PlainText);
  218. urlLabel->setTextFormat(TQt::PlainText);
  219. d->_serialNum->setTextFormat(TQt::PlainText);
  220. d->_csl->setTextFormat(TQt::PlainText);
  221. d->_validFrom->setTextFormat(TQt::PlainText);
  222. d->_validUntil->setTextFormat(TQt::PlainText);
  223. d->_digest->setTextFormat(TQt::PlainText);
  224. displayCert(cert);
  225. }
  226. void KSSLInfoDlg::setCertState(const TQString &errorNrs)
  227. {
  228. d->_cert_ksvl.clear();
  229. TQStringList errors = TQStringList::split(':', errorNrs);
  230. for(TQStringList::ConstIterator it = errors.begin();
  231. it != errors.end(); ++it)
  232. {
  233. d->_cert_ksvl << (KSSLCertificate::KSSLValidation) (*it).toInt();
  234. }
  235. }
  236. void KSSLInfoDlg::displayCert(KSSLCertificate *x) {
  237. TQPalette cspl;
  238. d->_serialNum->setText(x->getSerialNumber());
  239. cspl = d->_validFrom->palette();
  240. if (x->getQDTNotBefore() > TQDateTime::currentDateTime(Qt::UTC))
  241. cspl.setColor(TQColorGroup::Foreground, TQColor(196,33,21));
  242. else cspl.setColor(TQColorGroup::Foreground, TQColor(42,153,59));
  243. d->_validFrom->setPalette(cspl);
  244. d->_validFrom->setText(x->getNotBefore());
  245. cspl = d->_validUntil->palette();
  246. if (x->getQDTNotAfter() < TQDateTime::currentDateTime(Qt::UTC))
  247. cspl.setColor(TQColorGroup::Foreground, TQColor(196,33,21));
  248. else cspl.setColor(TQColorGroup::Foreground, TQColor(42,153,59));
  249. d->_validUntil->setPalette(cspl);
  250. d->_validUntil->setText(x->getNotAfter());
  251. cspl = palette();
  252. KSSLCertificate::KSSLValidation ksv;
  253. KSSLCertificate::KSSLValidationList ksvl;
  254. if ((x == d->_cert) && !d->_cert_ksvl.isEmpty()) {
  255. ksvl = d->_cert_ksvl;
  256. ksv = ksvl.first();
  257. } else {
  258. if (x == d->_cert)
  259. ksvl = d->_cert->validateVerbose(KSSLCertificate::SSLServer);
  260. else
  261. ksvl = d->_cert->validateVerbose(KSSLCertificate::SSLServer, x);
  262. if (ksvl.isEmpty())
  263. ksvl << KSSLCertificate::Ok;
  264. ksv = ksvl.first();
  265. if (ksv == KSSLCertificate::SelfSigned) {
  266. if (x->getQDTNotAfter() > TQDateTime::currentDateTime(Qt::UTC) &&
  267. x->getQDTNotBefore() < TQDateTime::currentDateTime(Qt::UTC)) {
  268. if (KSSLSigners().useForSSL(*x))
  269. ksv = KSSLCertificate::Ok;
  270. } else {
  271. ksv = KSSLCertificate::Expired;
  272. }
  273. }
  274. }
  275. if (ksv == KSSLCertificate::Ok) {
  276. cspl.setColor(TQColorGroup::Foreground, TQColor(42,153,59));
  277. } else if (ksv != KSSLCertificate::Irrelevant) {
  278. cspl.setColor(TQColorGroup::Foreground, TQColor(196,33,21));
  279. }
  280. d->_csl->setPalette(cspl);
  281. TQString errorStr;
  282. for(KSSLCertificate::KSSLValidationList::ConstIterator it = ksvl.begin();
  283. it != ksvl.end(); ++it) {
  284. if (!errorStr.isEmpty())
  285. errorStr.append('\n');
  286. errorStr += KSSLCertificate::verifyText(*it);
  287. }
  288. d->_csl->setText(errorStr);
  289. d->_csl->setMinimumSize(d->_csl->sizeHint());
  290. d->_subject->setValues(x->getSubject());
  291. d->_issuer->setValues(x->getIssuer());
  292. d->_digest->setText(x->getMD5DigestText());
  293. }
  294. void KSSLInfoDlg::slotChain(int x) {
  295. if (x == 0) {
  296. displayCert(d->_cert);
  297. } else {
  298. TQPtrList<KSSLCertificate> cl = d->_cert->chain().getChain();
  299. cl.setAutoDelete(true);
  300. for (int i = 0; i < x-1; i++)
  301. cl.remove((unsigned int)0);
  302. KSSLCertificate thisCert = *(cl.at(0));
  303. cl.remove((unsigned int)0);
  304. thisCert.chain().setChain(cl);
  305. displayCert(&thisCert);
  306. }
  307. }
  308. KSSLCertBox *KSSLInfoDlg::certInfoWidget(TQWidget *parent, const TQString &certName, TQWidget *mailCatcher) {
  309. KSSLCertBox *result = new KSSLCertBox(parent);
  310. if (!certName.isEmpty()) {
  311. result->setValues(certName, mailCatcher);
  312. }
  313. return result;
  314. }
  315. KSSLCertBox::KSSLCertBox(TQWidget *parent, const char *name, WFlags f)
  316. : TQScrollView(parent, name, f)
  317. {
  318. _frame = 0L;
  319. setBackgroundMode(TQWidget::PaletteButton);
  320. setValues(TQString::null, 0L);
  321. }
  322. void KSSLCertBox::setValues(TQString certName, TQWidget *mailCatcher) {
  323. if (_frame) {
  324. removeChild(_frame);
  325. delete _frame;
  326. }
  327. if (certName.isEmpty()) {
  328. _frame = new TQFrame(this);
  329. addChild(_frame);
  330. viewport()->setBackgroundMode(_frame->backgroundMode());
  331. _frame->show();
  332. updateScrollBars();
  333. show();
  334. return;
  335. }
  336. KSSLX509Map cert(certName);
  337. TQString tmp;
  338. viewport()->setBackgroundMode(TQWidget::PaletteButton);
  339. _frame = new TQFrame(this);
  340. TQGridLayout *grid = new TQGridLayout(_frame, 1, 2, KDialog::marginHint(), KDialog::spacingHint());
  341. grid->setAutoAdd(true);
  342. TQLabel *label = 0L;
  343. if (!(tmp = cert.getValue("O")).isEmpty()) {
  344. label = new TQLabel(i18n("Organization:"), _frame);
  345. label->setAlignment(Qt::AlignLeft | Qt::AlignTop);
  346. (new TQLabel(tmp, _frame))->setTextFormat(TQt::PlainText);
  347. }
  348. if (!(tmp = cert.getValue("OU")).isEmpty()) {
  349. label = new TQLabel(i18n("Organizational unit:"), _frame);
  350. label->setAlignment(Qt::AlignLeft | Qt::AlignTop);
  351. (new TQLabel(tmp, _frame))->setTextFormat(TQt::PlainText);
  352. }
  353. if (!(tmp = cert.getValue("L")).isEmpty()) {
  354. label = new TQLabel(i18n("Locality:"), _frame);
  355. label->setAlignment(Qt::AlignLeft | Qt::AlignTop);
  356. (new TQLabel(tmp, _frame))->setTextFormat(TQt::PlainText);
  357. }
  358. if (!(tmp = cert.getValue("ST")).isEmpty()) {
  359. label = new TQLabel(i18n("Federal State","State:"), _frame);
  360. label->setAlignment(Qt::AlignLeft | Qt::AlignTop);
  361. (new TQLabel(tmp, _frame))->setTextFormat(TQt::PlainText);
  362. }
  363. if (!(tmp = cert.getValue("C")).isEmpty()) {
  364. label = new TQLabel(i18n("Country:"), _frame);
  365. label->setAlignment(Qt::AlignLeft | Qt::AlignTop);
  366. (new TQLabel(tmp, _frame))->setTextFormat(TQt::PlainText);
  367. }
  368. if (!(tmp = cert.getValue("CN")).isEmpty()) {
  369. label = new TQLabel(i18n("Common name:"), _frame);
  370. label->setAlignment(Qt::AlignLeft | Qt::AlignTop);
  371. (new TQLabel(tmp, _frame))->setTextFormat(TQt::PlainText);
  372. }
  373. if (!(tmp = cert.getValue("Email")).isEmpty()) {
  374. label = new TQLabel(i18n("Email:"), _frame);
  375. label->setAlignment(Qt::AlignLeft | Qt::AlignTop);
  376. if (mailCatcher) {
  377. KURLLabel *mail = new KURLLabel(tmp, tmp, _frame);
  378. connect(mail, TQT_SIGNAL(leftClickedURL(const TQString &)), mailCatcher, TQT_SLOT(mailClicked(const TQString &)));
  379. } else {
  380. label = new TQLabel(tmp, _frame);
  381. label->setTextFormat(TQt::PlainText);
  382. }
  383. }
  384. if (label && viewport()) {
  385. viewport()->setBackgroundMode(label->backgroundMode());
  386. }
  387. addChild(_frame);
  388. updateScrollBars();
  389. _frame->show();
  390. show();
  391. }
  392. TQScrollView *KSSLInfoDlg::buildCertInfo(const TQString &certName) {
  393. return KSSLInfoDlg::certInfoWidget(this, certName, this);
  394. }
  395. void KSSLInfoDlg::urlClicked(const TQString &url) {
  396. kapp->invokeBrowser(url);
  397. }
  398. void KSSLInfoDlg::mailClicked(const TQString &url) {
  399. kapp->invokeMailer(url, TQString::null);
  400. }
  401. #include "ksslinfodlg.moc"
  402. // vim: ts=4 sw=4 et