TDE personal information management applications
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

certificatewizardimpl.cpp 17KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515
  1. /*
  2. certificatewizardimpl.cpp
  3. This file is part of Kleopatra, the KDE keymanager
  4. Copyright (c) 2001,2002,2004 Klarälvdalens Datakonsult AB
  5. Kleopatra is free software; you can redistribute it and/or modify
  6. it under the terms of the GNU General Public License as published by
  7. the Free Software Foundation; either version 2 of the License, or
  8. (at your option) any later version.
  9. Kleopatra is distributed in the hope that it will be useful,
  10. but WITHOUT ANY WARRANTY; without even the implied warranty of
  11. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  12. General Public License for more details.
  13. You should have received a copy of the GNU General Public License
  14. along with this program; if not, write to the Free Software
  15. Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
  16. In addition, as a special exception, the copyright holders give
  17. permission to link the code of this program with any edition of
  18. the TQt library by Trolltech AS, Norway (or with modified versions
  19. of TQt that use the same license as TQt), and distribute linked
  20. combinations including the two. You must obey the GNU General
  21. Public License in all respects for all of the code used other than
  22. TQt. If you modify this file, you may extend this exception to
  23. your version of the file, but you are not obligated to do so. If
  24. you do not wish to do so, delete this exception statement from
  25. your version.
  26. */
  27. #ifdef HAVE_CONFIG_H
  28. #include <config.h>
  29. #endif
  30. #include "certificatewizardimpl.h"
  31. #include "storedtransferjob.h"
  32. // libkleopatra
  33. #include <kleo/oidmap.h>
  34. #include <kleo/keygenerationjob.h>
  35. #include <kleo/dn.h>
  36. #include <kleo/cryptobackendfactory.h>
  37. #include <ui/progressdialog.h>
  38. // gpgme++
  39. #include <gpgmepp/keygenerationresult.h>
  40. // KDE
  41. #include <tdeabc/stdaddressbook.h>
  42. #include <tdeabc/addressee.h>
  43. #include <tdemessagebox.h>
  44. #include <tdelocale.h>
  45. #include <tdeapplication.h>
  46. #include <kdebug.h>
  47. #include <kdialog.h>
  48. #include <kurlrequester.h>
  49. #include <kdcopservicestarter.h>
  50. #include <dcopclient.h>
  51. #include <tdeio/job.h>
  52. #include <tdeio/netaccess.h>
  53. // TQt
  54. #include <tqlineedit.h>
  55. #include <tqtextedit.h>
  56. #include <tqpushbutton.h>
  57. #include <tqcheckbox.h>
  58. #include <tqradiobutton.h>
  59. #include <tqlayout.h>
  60. #include <tqlabel.h>
  61. #include <tqcombobox.h>
  62. #include <assert.h>
  63. #include <dcopref.h>
  64. static const unsigned int keyLengths[] = {
  65. 1024, 1532, 2048, 3072, 4096
  66. };
  67. static const unsigned int numKeyLengths = sizeof keyLengths / sizeof *keyLengths;
  68. static TQString attributeLabel( const TQString & attr, bool required ) {
  69. if ( attr.isEmpty() )
  70. return TQString();
  71. const TQString label = Kleo::DNAttributeMapper::instance()->name2label( attr );
  72. if ( !label.isEmpty() )
  73. if ( required )
  74. return i18n("Format string for the labels in the \"Your Personal Data\" page - required field",
  75. "*%1 (%2):").arg( label, attr );
  76. else
  77. return i18n("Format string for the labels in the \"Your Personal Data\" page",
  78. "%1 (%2):").arg( label, attr );
  79. else if ( required )
  80. return '*' + attr + ':';
  81. else
  82. return attr + ':';
  83. }
  84. static TQString attributeFromKey( TQString key ) {
  85. return key.remove( '!' );
  86. }
  87. static bool availForMod( const TQLineEdit * le ) {
  88. return le && le->isEnabled();
  89. }
  90. /*
  91. * Constructs a CertificateWizardImpl which is a child of 'parent', with the
  92. * name 'name' and widget flags set to 'f'
  93. *
  94. * The wizard will by default be modeless, unless you set 'modal' to
  95. * TRUE to construct a modal wizard.
  96. */
  97. CertificateWizardImpl::CertificateWizardImpl( TQWidget* parent, const char* name, bool modal, WFlags fl )
  98. : CertificateWizard( parent, name, modal, fl )
  99. {
  100. // don't allow to go to last page until a key has been generated
  101. setNextEnabled( generatePage, false );
  102. // setNextEnabled( personalDataPage, false ); // ## disable again once we have a criteria when to enable again
  103. createPersonalDataPage();
  104. // Allow to select remote URLs
  105. storeUR->setMode( KFile::File );
  106. storeUR->setFilter( "application/pkcs10" );
  107. connect( storeUR, TQT_SIGNAL( urlSelected( const TQString& ) ),
  108. this, TQT_SLOT( slotURLSelected( const TQString& ) ) );
  109. const TDEConfigGroup config( TDEGlobal::config(), "CertificateCreationWizard" );
  110. caEmailED->setText( config.readEntry( "CAEmailAddress" ) );
  111. connect( this, TQT_SIGNAL( helpClicked() ),
  112. this, TQT_SLOT( slotHelpClicked() ) );
  113. connect( insertAddressButton, TQT_SIGNAL( clicked() ),
  114. this, TQT_SLOT( slotSetValuesFromWhoAmI() ) );
  115. for ( unsigned int i = 0 ; i < numKeyLengths ; ++i )
  116. keyLengthCB->insertItem( i18n("%n bit", "%n bits", keyLengths[i] ) );
  117. }
  118. static bool requirementsAreMet( const CertificateWizardImpl::AttrPairList & list ) {
  119. for ( CertificateWizardImpl::AttrPairList::const_iterator it = list.begin() ;
  120. it != list.end() ; ++it ) {
  121. const TQLineEdit * le = (*it).second;
  122. if ( !le )
  123. continue;
  124. const TQString key = (*it).first;
  125. #ifndef NDEBUG
  126. kdbgstream s = kdDebug();
  127. #else
  128. kndbgstream s = kdDebug();
  129. #endif
  130. s << "requirementsAreMet(): checking \"" << key << "\" against \"" << le->text() << "\": ";
  131. if ( key.endsWith("!") && le->text().stripWhiteSpace().isEmpty() ) {
  132. s << "required field is empty!" << endl;
  133. return false;
  134. }
  135. s << "ok" << endl;
  136. }
  137. return true;
  138. }
  139. /*
  140. This slot is called when the user changes the text.
  141. */
  142. void CertificateWizardImpl::slotEnablePersonalDataPageExit() {
  143. setNextEnabled( personalDataPage, requirementsAreMet( _attrPairList ) );
  144. }
  145. /*
  146. * Destroys the object and frees any allocated resources
  147. */
  148. CertificateWizardImpl::~CertificateWizardImpl()
  149. {
  150. // no need to delete child widgets, TQt does it all for us
  151. }
  152. static const char * oidForAttributeName( const TQString & attr ) {
  153. TQCString attrUtf8 = attr.utf8();
  154. for ( unsigned int i = 0 ; i < numOidMaps ; ++i )
  155. if ( tqstricmp( attrUtf8, oidmap[i].name ) == 0 )
  156. return oidmap[i].oid;
  157. return 0;
  158. }
  159. /*
  160. * protected slot
  161. */
  162. void CertificateWizardImpl::slotGenerateCertificate()
  163. {
  164. // Ask gpgme to generate a key and return it
  165. TQString certParms;
  166. certParms += "<GnupgKeyParms format=\"internal\">\n";
  167. certParms += "Key-Type: RSA\n";
  168. certParms += TQString( "Key-Length: %1\n" ).arg( keyLengths[keyLengthCB->currentItem()] );
  169. certParms += "Key-Usage: ";
  170. if ( signOnlyCB->isChecked() )
  171. certParms += "Sign";
  172. else if ( encryptOnlyCB->isChecked() )
  173. certParms += "Encrypt";
  174. else
  175. certParms += "Sign, Encrypt";
  176. certParms += "\n";
  177. certParms += "name-dn: ";
  178. TQString email;
  179. TQStringList rdns;
  180. for( AttrPairList::const_iterator it = _attrPairList.begin(); it != _attrPairList.end(); ++it ) {
  181. const TQString attr = attributeFromKey( (*it).first.upper() );
  182. const TQLineEdit * le = (*it).second;
  183. if ( !le )
  184. continue;
  185. const TQString value = le->text().stripWhiteSpace();
  186. if ( value.isEmpty() )
  187. continue;
  188. if ( attr == "EMAIL" ) {
  189. // EMAIL is special, since it shouldn't be part of the DN,
  190. // except for non-RFC-conformant CAs that require it to be
  191. // there.
  192. email = value;
  193. if ( !brokenCA->isChecked() )
  194. continue;
  195. }
  196. if ( const char * oid = oidForAttributeName( attr ) ) {
  197. // we need to translate the attribute name for the backend:
  198. rdns.push_back( TQString::fromUtf8( oid ) + '=' + Kleo::DN::escape( value ) );
  199. } else {
  200. rdns.push_back( attr + '=' + Kleo::DN::escape( value ) );
  201. }
  202. }
  203. certParms += rdns.join(",");
  204. if( !email.isEmpty() )
  205. certParms += "\nname-email: " + email;
  206. certParms += "\n</GnupgKeyParms>\n";
  207. kdDebug() << certParms << endl;
  208. Kleo::KeyGenerationJob * job =
  209. Kleo::CryptoBackendFactory::instance()->smime()->keyGenerationJob();
  210. assert( job );
  211. connect( job, TQT_SIGNAL(result(const GpgME::KeyGenerationResult&,const TQByteArray&)),
  212. TQT_SLOT(slotResult(const GpgME::KeyGenerationResult&,const TQByteArray&)) );
  213. certificateTE->setText( certParms );
  214. const GpgME::Error err = job->start( certParms );
  215. if ( err )
  216. KMessageBox::error( this,
  217. i18n( "Could not start certificate generation: %1" )
  218. .arg( TQString::fromLocal8Bit( err.asString() ) ),
  219. i18n( "Certificate Manager Error" ) );
  220. else {
  221. generatePB->setEnabled( false );
  222. setBackEnabled( generatePage, false );
  223. (void)new Kleo::ProgressDialog( job, i18n("Generating key"), this );
  224. }
  225. }
  226. void CertificateWizardImpl::slotResult( const GpgME::KeyGenerationResult & res,
  227. const TQByteArray & keyData ) {
  228. //kdDebug() << "keyData.size(): " << keyData.size() << endl;
  229. _keyData = keyData;
  230. if ( res.error().isCanceled() || res.error() ) {
  231. setNextEnabled( generatePage, false );
  232. setBackEnabled( generatePage, true );
  233. setFinishEnabled( finishPage, false );
  234. generatePB->setEnabled( true );
  235. if ( !res.error().isCanceled() )
  236. KMessageBox::error( this,
  237. i18n( "Could not generate certificate: %1" )
  238. .arg( TQString::fromLatin1( res.error().asString() ) ),
  239. i18n( "Certificate Manager Error" ) );
  240. } else {
  241. // next will stay enabled until the user clicks Generate
  242. // Certificate again
  243. setNextEnabled( generatePage, true );
  244. setFinishEnabled( finishPage, true );
  245. }
  246. }
  247. void CertificateWizardImpl::slotHelpClicked()
  248. {
  249. kapp->invokeHelp( "newcert" );
  250. }
  251. void CertificateWizardImpl::slotSetValuesFromWhoAmI()
  252. {
  253. const TDEABC::Addressee a = TDEABC::StdAddressBook::self( true )->whoAmI();
  254. if ( a.isEmpty() )
  255. return;
  256. const TDEABC::Address adr = a.address(TDEABC::Address::Work);
  257. for ( AttrPairList::const_iterator it = _attrPairList.begin() ;
  258. it != _attrPairList.end() ; ++it ) {
  259. TQLineEdit * le = (*it).second;
  260. if ( !availForMod( le ) )
  261. continue;
  262. const TQString attr = attributeFromKey( (*it).first.upper() );
  263. if ( attr == "CN" )
  264. le->setText( a.formattedName() );
  265. else if ( attr == "EMAIL" )
  266. le->setText( a.preferredEmail() );
  267. else if ( attr == "O" )
  268. le->setText( a.organization() );
  269. else if ( attr == "OU" )
  270. le->setText( a.custom( "KADDRESSBOOK", "X-Department" ) );
  271. else if ( attr == "L" )
  272. le->setText( adr.locality() );
  273. else if ( attr == "SP" )
  274. le->setText( adr.region() );
  275. else if ( attr == "PC" )
  276. le->setText( adr.postalCode() );
  277. else if ( attr == "SN" )
  278. le->setText( a.familyName() );
  279. else if ( attr == "GN" )
  280. le->setText( a.givenName() );
  281. else if ( attr == "T" )
  282. le->setText( a.title() );
  283. else if ( attr == "BC" )
  284. le->setText( a.role() ); // correct mapping?
  285. }
  286. }
  287. void CertificateWizardImpl::createPersonalDataPage()
  288. {
  289. TQGridLayout* grid = new TQGridLayout( edContainer, 2, 1,
  290. KDialog::marginHint(), KDialog::spacingHint() );
  291. TDEConfigGroup config( TDEGlobal::config(), "CertificateCreationWizard" );
  292. TQStringList attrOrder = config.readListEntry( "DNAttributeOrder" );
  293. if ( attrOrder.empty() )
  294. attrOrder << "CN!" << "L" << "OU" << "O!" << "C!" << "EMAIL!";
  295. int row = 0;
  296. for ( TQStringList::const_iterator it = attrOrder.begin() ; it != attrOrder.end() ; ++it, ++row ) {
  297. const TQString key = (*it).stripWhiteSpace().upper();
  298. const TQString attr = attributeFromKey( key );
  299. if ( attr.isEmpty() ) {
  300. --row;
  301. continue;
  302. }
  303. const TQString preset = config.readEntry( attr );
  304. const TQString label = config.readEntry( attr + "_label",
  305. attributeLabel( attr, key.endsWith("!") ) );
  306. TQLineEdit * le = new TQLineEdit( edContainer );
  307. grid->addWidget( le, row, 1 );
  308. grid->addWidget( new TQLabel( le, label.isEmpty() ? attr : label, edContainer ), row, 0 );
  309. le->setText( preset );
  310. if ( config.entryIsImmutable( attr ) )
  311. le->setEnabled( false );
  312. _attrPairList.append(tqMakePair(key, le));
  313. connect( le, TQT_SIGNAL(textChanged(const TQString&)),
  314. TQT_SLOT(slotEnablePersonalDataPageExit()) );
  315. }
  316. // enable button only if administrator wants to allow it
  317. if (TDEABC::StdAddressBook::self( true )->whoAmI().isEmpty() ||
  318. !config.readBoolEntry("ShowSetWhoAmI", true))
  319. insertAddressButton->setEnabled( false );
  320. slotEnablePersonalDataPageExit();
  321. }
  322. bool CertificateWizardImpl::sendToCA() const {
  323. return sendToCARB->isChecked();
  324. }
  325. TQString CertificateWizardImpl::caEMailAddress() const {
  326. return caEmailED->text().stripWhiteSpace();
  327. }
  328. void CertificateWizardImpl::slotURLSelected( const TQString& _url )
  329. {
  330. KURL url = KURL::fromPathOrURL( _url.stripWhiteSpace() );
  331. #if ! KDE_IS_VERSION(3,2,90)
  332. // The application/pkcs10 mimetype didn't have a native extension,
  333. // so the filedialog didn't have the checkbox for auto-adding it.
  334. TQString fileName = url.fileName();
  335. int pos = fileName.findRev( '.' );
  336. if ( pos < 0 ) // no extension
  337. url.setFileName( fileName + ".p10" );
  338. #endif
  339. storeUR->setURL( url.prettyURL() );
  340. }
  341. KURL CertificateWizardImpl::saveFileUrl() const {
  342. return KURL::fromPathOrURL( storeUR->url().stripWhiteSpace() );
  343. }
  344. void CertificateWizardImpl::showPage( TQWidget * page )
  345. {
  346. CertificateWizard::showPage( page );
  347. if ( page == generatePage ) {
  348. // Initial settings for the generation page: focus the correct lineedit
  349. // and disable the other one
  350. if ( storeInFileRB->isChecked() ) {
  351. storeUR->setEnabled( true );
  352. caEmailED->setEnabled( false );
  353. storeUR->setFocus();
  354. } else {
  355. storeUR->setEnabled( false );
  356. caEmailED->setEnabled( true );
  357. caEmailED->setFocus();
  358. }
  359. }
  360. }
  361. static const char* const dcopObjectId = "KMailIface";
  362. /**
  363. Send the new certificate by mail using KMail
  364. */
  365. void CertificateWizardImpl::sendCertificate( const TQString& email, const TQByteArray& certificateData )
  366. {
  367. TQString error;
  368. TQCString dcopService;
  369. int result = KDCOPServiceStarter::self()->
  370. findServiceFor( "DCOP/Mailer", TQString(),
  371. TQString(), &error, &dcopService );
  372. if ( result != 0 ) {
  373. kdDebug() << "Couldn't connect to KMail\n";
  374. KMessageBox::error( this,
  375. i18n( "DCOP Communication Error, unable to send certificate using KMail.\n%1" ).arg( error ) );
  376. return;
  377. }
  378. TQCString dummy;
  379. // OK, so kmail (or kontact) is running. Now ensure the object we want is available.
  380. // [that's not the case when kontact was already running, but kmail not loaded into it... in theory.]
  381. if ( !kapp->dcopClient()->findObject( dcopService, dcopObjectId, "", TQByteArray(), dummy, dummy ) ) {
  382. DCOPRef ref( dcopService, dcopService ); // talk to the KUniqueApplication or its kontact wrapper
  383. DCOPReply reply = ref.call( "load()" );
  384. if ( reply.isValid() && (bool)reply ) {
  385. Q_ASSERT( kapp->dcopClient()->findObject( dcopService, dcopObjectId, "", TQByteArray(), dummy, dummy ) );
  386. } else
  387. kdWarning() << "Error loading " << dcopService << endl;
  388. }
  389. DCOPClient* dcopClient = kapp->dcopClient();
  390. TQByteArray data;
  391. TQDataStream arg( data, IO_WriteOnly );
  392. arg << email;
  393. arg << certificateData;
  394. if( !dcopClient->send( dcopService, dcopObjectId,
  395. "sendCertificate(TQString,TQByteArray)", data ) ) {
  396. KMessageBox::error( this,
  397. i18n( "DCOP Communication Error, unable to send certificate using KMail." ) );
  398. return;
  399. }
  400. // All good, close dialog
  401. CertificateWizard::accept();
  402. }
  403. // Called when pressing Finish
  404. // We want to do the emailing/uploading first, before closing the dialog,
  405. // in case of errors during the upload.
  406. void CertificateWizardImpl::accept()
  407. {
  408. if( sendToCA() ) {
  409. // Ask KMail to send this key to the CA.
  410. sendCertificate( caEMailAddress(), _keyData );
  411. } else {
  412. // Save in file/URL
  413. KURL url = saveFileUrl();
  414. bool overwrite = false;
  415. if ( TDEIO::NetAccess::exists( url, false /*dest*/, this ) ) {
  416. if ( KMessageBox::Cancel == KMessageBox::warningContinueCancel(
  417. this,
  418. i18n( "A file named \"%1\" already exists. "
  419. "Are you sure you want to overwrite it?" ).arg( url.prettyURL() ),
  420. i18n( "Overwrite File?" ),
  421. i18n( "&Overwrite" ) ) )
  422. return;
  423. overwrite = true;
  424. }
  425. TDEIO::Job* uploadJob = TDEIOext::put( _keyData, url, -1, overwrite, false /*resume*/ );
  426. uploadJob->setWindow( this );
  427. connect( uploadJob, TQT_SIGNAL( result( TDEIO::Job* ) ),
  428. this, TQT_SLOT( slotUploadResult( TDEIO::Job* ) ) );
  429. // Can't press finish again during the upload
  430. setFinishEnabled( finishPage, false );
  431. }
  432. }
  433. /**
  434. This slot is invoked by the TDEIO job used in newCertificate
  435. to save/upload the certificate, when finished (success or error).
  436. */
  437. void CertificateWizardImpl::slotUploadResult( TDEIO::Job* job )
  438. {
  439. if ( job->error() ) {
  440. job->showErrorDialog();
  441. setFinishEnabled( finishPage, true );
  442. } else {
  443. // All good, close dialog
  444. CertificateWizard::accept();
  445. }
  446. }
  447. #include "certificatewizardimpl.moc"