KHtml

ksslkeygen.cpp
1 /* This file is part of the KDE project
2  *
3  * Copyright (C) 2001 George Staikos <[email protected]>
4  *
5  * This library is free software; you can redistribute it and/or
6  * modify it under the terms of the GNU Library General Public
7  * License as published by the Free Software Foundation; either
8  * version 2 of the License, or (at your option) any later version.
9  *
10  * This library is distributed in the hope that it will be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13  * Library General Public License for more details.
14  *
15  * You should have received a copy of the GNU Library General Public License
16  * along with this library; see the file COPYING.LIB. If not, write to
17  * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
18  * Boston, MA 02110-1301, USA.
19  */
20 
21 #include "ksslkeygen.h"
22 #include "ksslkeygen_p.h"
23 #include "ui_keygenwizard.h"
24 
25 #include <klocalizedstring.h>
26 #include <kmessagebox.h>
27 #include <kopenssl.h>
28 #include <kwallet.h>
29 
30 #include <QProgressDialog>
31 #include <QStandardPaths>
32 #include <qplatformdefs.h>
33 #include <qtemporaryfile.h>
34 
35 #include <assert.h>
36 
37 KSSLKeyGenWizardPage2::KSSLKeyGenWizardPage2(QWidget *parent)
38  : QWizardPage(parent)
39 {
40  ui2 = new Ui_KGWizardPage2;
41  ui2->setupUi(this);
42  connect(ui2->_password1, SIGNAL(textChanged(QString)), this, SLOT(slotPassChanged()));
43  connect(ui2->_password2, SIGNAL(textChanged(QString)), this, SLOT(slotPassChanged()));
44 }
45 
46 bool KSSLKeyGenWizardPage2::isComplete() const
47 {
48  return ui2->_password1->text() == ui2->_password2->text() && ui2->_password1->text().length() >= 4;
49 }
50 
51 void KSSLKeyGenWizardPage2::slotPassChanged()
52 {
53  emit completeChanged(); // well maybe it hasn't changed, but it might have; QWizard calls isComplete() to find out
54 }
55 
56 QString KSSLKeyGenWizardPage2::password() const
57 {
58  Q_ASSERT(isComplete());
59  return ui2->_password1->text();
60 }
61 
62 ////
63 
64 class KSSLKeyGenPrivate
65 {
66 public:
67  KSSLKeyGenPrivate()
68  : idx(-1)
69  {
70  }
71  int idx;
72  Ui_KGWizardPage1 *ui1;
73  KSSLKeyGenWizardPage2 *page2;
74 };
75 
77  : QWizard(parent), d(new KSSLKeyGenPrivate)
78 {
79 #if KSSL_HAVE_SSL
80 
81  QWizardPage *page1 = new QWizardPage(this);
82  page1->setTitle(i18n("KDE Certificate Request"));
83  d->ui1 = new Ui_KGWizardPage1;
84  d->ui1->setupUi(page1);
85  addPage(page1);
86  //setHelpEnabled(page1, false);
87 
88  d->page2 = new KSSLKeyGenWizardPage2(this);
89  d->page2->setTitle(i18n("KDE Certificate Request - Password"));
90  addPage(d->page2);
91 #else
92  // tell him he doesn't have SSL
93 #endif
94 }
95 
97 {
98  delete d->ui1;
99  delete d;
100 }
101 
102 bool KSSLKeyGen::validateCurrentPage()
103 {
104  if (currentPage() != d->page2) {
105  return true;
106  }
107 
108  assert(d->idx >= 0 && d->idx <= 3); // for now
109 
110  // Generate the CSR
111  int bits;
112  switch (d->idx) {
113  case 0:
114  bits = 2048;
115  break;
116  case 1:
117  bits = 1024;
118  break;
119  case 2:
120  bits = 768;
121  break;
122  case 3:
123  bits = 512;
124  break;
125  default:
126  KMessageBox::sorry(this, i18n("Unsupported key size."), i18n("KDE SSL Information"));
127  return false;
128  }
129 
130  QProgressDialog *kpd = new QProgressDialog(this);
131  kpd->setObjectName("progress dialog");
132  kpd->setWindowTitle(i18n("KDE"));
133  kpd->setLabelText(i18n("Please wait while the encryption keys are generated..."));
134  kpd->setRange(0, 100);
135  kpd->setValue(0);
136  kpd->show();
137  // FIXME - progress dialog won't show this way
138 
139  int rc = generateCSR("This CSR" /*FIXME */, d->page2->password(), bits, 0x10001 /* This is the traditional exponent used */);
140  if (rc != 0) { // error
141  return false;
142  }
143 
144  kpd->setValue(100);
145 
146 #if 0 // TODO: implement
147  if (rc == 0 && KWallet::Wallet::isEnabled()) {
148  rc = KMessageBox::questionYesNo(this, i18n("Do you wish to store the passphrase in your wallet file?"), QString(), KGuiItem(i18n("Store")), KGuiItem(i18n("Do Not Store")));
149  if (rc == KMessageBox::Yes) {
151  if (w) {
152  // FIXME: store passphrase in wallet
153  delete w;
154  }
155  }
156  }
157 #endif
158 
159  kpd->deleteLater();
160  return true;
161 }
162 
163 int KSSLKeyGen::generateCSR(const QString &name, const QString &pass, int bits, int e)
164 {
165 #if KSSL_HAVE_SSL
166  KOSSL *kossl = KOSSL::self();
167  int rc;
168 
169  X509_REQ *req = kossl->X509_REQ_new();
170  if (!req) {
171  return -2;
172  }
173 
174  EVP_PKEY *pkey = kossl->EVP_PKEY_new();
175  if (!pkey) {
176  kossl->X509_REQ_free(req);
177  return -4;
178  }
179 
180  RSA *rsakey = kossl->RSA_generate_key(bits, e, nullptr, nullptr);
181  if (!rsakey) {
182  kossl->X509_REQ_free(req);
183  kossl->EVP_PKEY_free(pkey);
184  return -3;
185  }
186 
187  rc = kossl->EVP_PKEY_assign(pkey, EVP_PKEY_RSA, (char *)rsakey);
188 
189  rc = kossl->X509_REQ_set_pubkey(req, pkey);
190 
191  // Set the subject
192  X509_NAME *n = kossl->X509_NAME_new();
193 
194  kossl->X509_NAME_add_entry_by_txt(n, (char *)LN_countryName, MBSTRING_UTF8, (unsigned char *)name.toLocal8Bit().data(), -1, -1, 0);
195  kossl->X509_NAME_add_entry_by_txt(n, (char *)LN_organizationName, MBSTRING_UTF8, (unsigned char *)name.toLocal8Bit().data(), -1, -1, 0);
196  kossl->X509_NAME_add_entry_by_txt(n, (char *)LN_organizationalUnitName, MBSTRING_UTF8, (unsigned char *)name.toLocal8Bit().data(), -1, -1, 0);
197  kossl->X509_NAME_add_entry_by_txt(n, (char *)LN_localityName, MBSTRING_UTF8, (unsigned char *)name.toLocal8Bit().data(), -1, -1, 0);
198  kossl->X509_NAME_add_entry_by_txt(n, (char *)LN_stateOrProvinceName, MBSTRING_UTF8, (unsigned char *)name.toLocal8Bit().data(), -1, -1, 0);
199  kossl->X509_NAME_add_entry_by_txt(n, (char *)LN_commonName, MBSTRING_UTF8, (unsigned char *)name.toLocal8Bit().data(), -1, -1, 0);
200  kossl->X509_NAME_add_entry_by_txt(n, (char *)LN_pkcs9_emailAddress, MBSTRING_UTF8, (unsigned char *)name.toLocal8Bit().data(), -1, -1, 0);
201 
202  rc = kossl->X509_REQ_set_subject_name(req, n);
203 
204  rc = kossl->X509_REQ_sign(req, pkey, kossl->EVP_md5());
205 
206  // We write it to the database and then the caller can obtain it
207  // back from there. Yes it's inefficient, but it doesn't happen
208  // often and this way things are uniform.
209 
211  QTemporaryFile csrFile(path + "csr_XXXXXX.der");
212  csrFile.setAutoRemove(false);
213 
214  if (!csrFile.open()) {
215  kossl->X509_REQ_free(req);
216  kossl->EVP_PKEY_free(pkey);
217  return -5;
218  }
219 
220  QTemporaryFile p8File(path + "pkey_XXXXXX.p8");
221  p8File.setAutoRemove(false);
222 
223  if (!p8File.open()) {
224  kossl->X509_REQ_free(req);
225  kossl->EVP_PKEY_free(pkey);
226  return -5;
227  }
228 
229  FILE *csr_fs = QT_FOPEN(QFile::encodeName(csrFile.fileName()), "r+");
230  FILE *p8_fs = QT_FOPEN(QFile::encodeName(p8File.fileName()), "r+");
231 
232  kossl->i2d_X509_REQ_fp(csr_fs, req);
233 
234  kossl->i2d_PKCS8PrivateKey_fp(p8_fs, pkey,
235  kossl->EVP_bf_cbc(), pass.toLocal8Bit().data(),
236  pass.length(), nullptr, nullptr);
237 
238  // FIXME Write kconfig entry to store the filenames under the md5 hash
239 
240  kossl->X509_REQ_free(req);
241  kossl->EVP_PKEY_free(pkey);
242 
243  fclose(csr_fs);
244  fclose(p8_fs);
245 
246  return 0;
247 #else
248  return -1;
249 #endif
250 }
251 
253 {
254  QStringList x;
255 
256 #if KSSL_HAVE_SSL
257  x << i18n("2048 (High Grade)")
258  << i18n("1024 (Medium Grade)")
259  << i18n("768 (Low Grade)")
260  << i18n("512 (Low Grade)");
261 #else
262  x << i18n("No SSL support.");
263 #endif
264 
265  return x;
266 }
267 
269 {
270  d->idx = idx;
271 }
272 
273 #include "moc_ksslkeygen.cpp"
274 
275 #include "moc_ksslkeygen_p.cpp"
void setupUi(QWidget *widget)
QString writableLocation(QStandardPaths::StandardLocation type)
int addPage(QWizardPage *page)
void setLabelText(const QString &text)
static bool isEnabled()
static Wallet * openWallet(const QString &name, WId w, OpenType ot=Synchronous)
void setValue(int progress)
int x() const const
KSSLKeyGen(QWidget *parent=nullptr)
Construct a keygen dialog.
Definition: ksslkeygen.cpp:76
void setAutoRemove(bool b)
void setObjectName(const QString &name)
QWizardPage * currentPage() const const
static QStringList supportedKeySizes()
List the supported key sizes.
Definition: ksslkeygen.cpp:252
void deleteLater()
void setRange(int minimum, int maximum)
virtual ~KSSLKeyGen()
Destroy this dialog.
Definition: ksslkeygen.cpp:96
ButtonCode questionYesNo(QWidget *parent, const QString &text, const QString &caption=QString(), const KGuiItem &buttonYes=KStandardGuiItem::yes(), const KGuiItem &buttonNo=KStandardGuiItem::no(), const QString &dontAskAgainName=QString(), Options options=Notify)
void setKeySize(int idx)
Set the key size.
Definition: ksslkeygen.cpp:268
QByteArray toLocal8Bit() const const
virtual QString fileName() const const override
int generateCSR(const QString &name, const QString &pass, int bits, int e=0x10001)
Generate the certificate signing request.
Definition: ksslkeygen.cpp:163
QString i18n(const char *text, const TYPE &arg...)
void setWindowTitle(const QString &)
int length() const const
char * data()
void show()
WId effectiveWinId() const const
static const QString LocalWallet()
QByteArray encodeName(const QString &fileName)
void setTitle(const QString &title)
void sorry(QWidget *parent, const QString &text, const QString &caption=QString(), Options options=Notify)
This file is part of the KDE documentation.
Documentation copyright © 1996-2021 The KDE developers.
Generated on Fri Oct 15 2021 22:48:09 by doxygen 1.8.11 written by Dimitri van Heesch, © 1997-2006

KDE's Doxygen guidelines are available online.