• Skip to content
  • Skip to link menu
Trinity API Reference
  • Trinity API Reference
  • tdeio/kssl
 

tdeio/kssl

  • tdeio
  • kssl
ksslkeygen.cpp
1 /* This file is part of the KDE project
2  *
3  * Copyright (C) 2001 George Staikos <staikos@kde.org>
4  *
5  * This library is free software; you can redistribute it and/or
6  * modify it under the terms of the GNU Library General Public
7  * License as published by the Free Software Foundation; either
8  * version 2 of the License, or (at your option) any later version.
9  *
10  * This library is distributed in the hope that it will be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13  * Library General Public License for more details.
14  *
15  * You should have received a copy of the GNU Library General Public License
16  * along with this library; see the file COPYING.LIB. If not, write to
17  * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
18  * Boston, MA 02110-1301, USA.
19  */
20 
21 
22 #include "ksslkeygen.h"
23 #include "keygenwizard.h"
24 #include "keygenwizard2.h"
25 
26 #include <tdeapplication.h>
27 #include <kdebug.h>
28 #include <tdelocale.h>
29 #include <tdemessagebox.h>
30 #include <kopenssl.h>
31 #include <kprogress.h>
32 #include <kstandarddirs.h>
33 #include <tdetempfile.h>
34 #include <tdewallet.h>
35 
36 #include <tqlineedit.h>
37 #include <tqpushbutton.h>
38 
39 #include <assert.h>
40 
41 
42 KSSLKeyGen::KSSLKeyGen(TQWidget *parent, const char *name, bool modal)
43 :KWizard(parent,name,modal) {
44  _idx = -1;
45 
46 #ifdef KSSL_HAVE_SSL
47  page1 = new KGWizardPage1(this, "Wizard Page 1");
48  addPage(page1, i18n("TDE Certificate Request"));
49  page2 = new KGWizardPage2(this, "Wizard Page 2");
50  addPage(page2, i18n("TDE Certificate Request - Password"));
51  setHelpEnabled(page1, false);
52  setHelpEnabled(page2, false);
53  setFinishEnabled(page2, false);
54  connect(page2->_password1, TQT_SIGNAL(textChanged(const TQString&)), this, TQT_SLOT(slotPassChanged()));
55  connect(page2->_password2, TQT_SIGNAL(textChanged(const TQString&)), this, TQT_SLOT(slotPassChanged()));
56  connect(finishButton(), TQT_SIGNAL(clicked()), TQT_SLOT(slotGenerate()));
57 #else
58  // tell him he doesn't have SSL
59 #endif
60 }
61 
62 
63 KSSLKeyGen::~KSSLKeyGen() {
64 
65 }
66 
67 
68 void KSSLKeyGen::slotPassChanged() {
69  setFinishEnabled(page2, page2->_password1->text() == page2->_password2->text() && page2->_password1->text().length() >= 4);
70 }
71 
72 
73 void KSSLKeyGen::slotGenerate() {
74  assert(_idx >= 0 && _idx <= 3); // for now
75 
76 
77  // Generate the CSR
78  int bits;
79  switch (_idx) {
80  case 0:
81  bits = 2048;
82  break;
83  case 1:
84  bits = 1024;
85  break;
86  case 2:
87  bits = 768;
88  break;
89  case 3:
90  bits = 512;
91  break;
92  default:
93  KMessageBox::sorry(NULL, i18n("Unsupported key size."), i18n("TDE SSL Information"));
94  return;
95  }
96 
97  KProgressDialog *kpd = new KProgressDialog(this, "progress dialog", i18n("TDE"), i18n("Please wait while the encryption keys are generated..."));
98  kpd->progressBar()->setProgress(0);
99  kpd->show();
100  // FIXME - progress dialog won't show this way
101 
102  int rc = generateCSR("This CSR" /*FIXME */, page2->_password1->text(), bits, 0x10001 /* This is the traditional exponent used */);
103  kpd->progressBar()->setProgress(100);
104 
105 #ifndef Q_OS_WIN //TODO: reenable for WIN32
106  if (rc == 0 && TDEWallet::Wallet::isEnabled()) {
107  rc = KMessageBox::questionYesNo(this, i18n("Do you wish to store the passphrase in your wallet file?"), TQString::null, i18n("Store"), i18n("Do Not Store"));
108  if (rc == KMessageBox::Yes) {
109  TDEWallet::Wallet *w = TDEWallet::Wallet::openWallet(TDEWallet::Wallet::LocalWallet(), winId());
110  if (w) {
111  // FIXME: store passphrase in wallet
112  delete w;
113  }
114  }
115  }
116 #endif
117 
118  kpd->deleteLater();
119 }
120 
121 
122 int KSSLKeyGen::generateCSR(const TQString& name, const TQString& pass, int bits, int e) {
123 #ifdef KSSL_HAVE_SSL
124  KOSSL *kossl = KOSSL::self();
125  int rc;
126 
127  X509_REQ *req = kossl->X509_REQ_new();
128  if (!req) {
129  return -2;
130  }
131 
132  EVP_PKEY *pkey = kossl->EVP_PKEY_new();
133  if (!pkey) {
134  kossl->X509_REQ_free(req);
135  return -4;
136  }
137 
138  RSA *rsakey = kossl->RSA_generate_key(bits, e, NULL, NULL);
139  if (!rsakey) {
140  kossl->X509_REQ_free(req);
141  kossl->EVP_PKEY_free(pkey);
142  return -3;
143  }
144 
145  rc = kossl->EVP_PKEY_assign(pkey, EVP_PKEY_RSA, (char *)rsakey);
146 
147  rc = kossl->X509_REQ_set_pubkey(req, pkey);
148 
149  // Set the subject
150  X509_NAME *n = kossl->X509_NAME_new();
151 
152  kossl->X509_NAME_add_entry_by_txt(n, (char*)LN_countryName, MBSTRING_UTF8, (unsigned char*)name.local8Bit().data(), -1, -1, 0);
153  kossl->X509_NAME_add_entry_by_txt(n, (char*)LN_organizationName, MBSTRING_UTF8, (unsigned char*)name.local8Bit().data(), -1, -1, 0);
154  kossl->X509_NAME_add_entry_by_txt(n, (char*)LN_organizationalUnitName, MBSTRING_UTF8, (unsigned char*)name.local8Bit().data(), -1, -1, 0);
155  kossl->X509_NAME_add_entry_by_txt(n, (char*)LN_localityName, MBSTRING_UTF8, (unsigned char*)name.local8Bit().data(), -1, -1, 0);
156  kossl->X509_NAME_add_entry_by_txt(n, (char*)LN_stateOrProvinceName, MBSTRING_UTF8, (unsigned char*)name.local8Bit().data(), -1, -1, 0);
157  kossl->X509_NAME_add_entry_by_txt(n, (char*)LN_commonName, MBSTRING_UTF8, (unsigned char*)name.local8Bit().data(), -1, -1, 0);
158  kossl->X509_NAME_add_entry_by_txt(n, (char*)LN_pkcs9_emailAddress, MBSTRING_UTF8, (unsigned char*)name.local8Bit().data(), -1, -1, 0);
159 
160  rc = kossl->X509_REQ_set_subject_name(req, n);
161 
162 
163  rc = kossl->X509_REQ_sign(req, pkey, kossl->EVP_md5());
164 
165  // We write it to the database and then the caller can obtain it
166  // back from there. Yes it's inefficient, but it doesn't happen
167  // often and this way things are uniform.
168 
169  TDEGlobal::dirs()->addResourceType("kssl", TDEStandardDirs::kde_default("data") + "kssl");
170 
171  TQString path = TDEGlobal::dirs()->saveLocation("kssl");
172  KTempFile csrFile(path + "csr_", ".der");
173 
174  if (!csrFile.fstream()) {
175  kossl->X509_REQ_free(req);
176  kossl->EVP_PKEY_free(pkey);
177  return -5;
178  }
179 
180  KTempFile p8File(path + "pkey_", ".p8");
181 
182  if (!p8File.fstream()) {
183  kossl->X509_REQ_free(req);
184  kossl->EVP_PKEY_free(pkey);
185  return -5;
186  }
187 
188  kossl->i2d_X509_REQ_fp(csrFile.fstream(), req);
189 
190  kossl->i2d_PKCS8PrivateKey_fp(p8File.fstream(), pkey,
191  kossl->EVP_bf_cbc(), pass.local8Bit().data(),
192  pass.length(), 0L, 0L);
193 
194  // FIXME Write tdeconfig entry to store the filenames under the md5 hash
195 
196  kossl->X509_REQ_free(req);
197  kossl->EVP_PKEY_free(pkey);
198 
199  return 0;
200 #else
201  return -1;
202 #endif
203 }
204 
205 
206 TQStringList KSSLKeyGen::supportedKeySizes() {
207  TQStringList x;
208 
209 #ifdef KSSL_HAVE_SSL
210  x << i18n("2048 (High Grade)")
211  << i18n("1024 (Medium Grade)")
212  << i18n("768 (Low Grade)")
213  << i18n("512 (Low Grade)");
214 #else
215  x << i18n("No SSL support.");
216 #endif
217 
218  return x;
219 }
220 
221 
222 #include "ksslkeygen.moc"
223 
KSSLKeyGen::supportedKeySizes
static TQStringList supportedKeySizes()
List the supported key sizes.
Definition: ksslkeygen.cpp:206
KSSLKeyGen::~KSSLKeyGen
virtual ~KSSLKeyGen()
Destroy this dialog.
Definition: ksslkeygen.cpp:63
KSSLKeyGen::KSSLKeyGen
KSSLKeyGen(TQWidget *parent=0L, const char *name=0L, bool modal=false)
Construct a keygen dialog.
Definition: ksslkeygen.cpp:42
KSSLKeyGen::generateCSR
int generateCSR(const TQString &name, const TQString &pass, int bits, int e=0x10001)
Generate the certificate signing request.
Definition: ksslkeygen.cpp:122

tdeio/kssl

Skip menu "tdeio/kssl"
  • Main Page
  • Alphabetical List
  • Class List
  • File List
  • Class Members
  • Related Pages

tdeio/kssl

Skip menu "tdeio/kssl"
  • arts
  • dcop
  • dnssd
  • interfaces
  •   kspeech
  •     interface
  •     library
  •   tdetexteditor
  • kate
  • kded
  • kdoctools
  • kimgio
  • kjs
  • libtdemid
  • libtdescreensaver
  •     tdecore
  • tdeabc
  • tdecmshell
  • tdecore
  • tdefx
  • tdehtml
  • tdeinit
  • tdeio
  •   bookmarks
  •   httpfilter
  •   kpasswdserver
  •   kssl
  • tdeioslave
  •   http
  •   tdefile
  •   tdeio
  •   tdeioexec
  • tdemdi
  •   tdemdi
  • tdenewstuff
  • tdeparts
  • tdeprint
  • tderandr
  • tderesources
  • tdespell2
  • tdesu
  • tdeui
  • tdeunittest
  • tdeutils
  • tdewallet
Generated for tdeio/kssl by doxygen 1.8.8
This website is maintained by Timothy Pearson.