diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 8dff72e54..ded14ec31 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -1,370 +1,372 @@ add_subdirectory(icons) include_directories(${CMAKE_CURRENT_BINARY_DIR}) include_directories(${CMAKE_CURRENT_SOURCE_DIR}) if (NOT DISABLE_KWATCHGNUPG) add_subdirectory(kwatchgnupg) endif() add_subdirectory(libkleopatraclient) add_subdirectory(conf) add_subdirectory(kconf_update) if(WIN32) set(_kleopatra_extra_uiserver_SRCS uiserver/uiserver_win.cpp) set(_kleopatra_extra_SRCS utils/gnupg-registry.c selftest/registrycheck.cpp utils/windowsprocessdevice.cpp ) else() set(_kleopatra_extra_uiserver_SRCS uiserver/uiserver_unix.cpp) set(_kleopatra_extra_SRCS) endif() set(_kleopatra_uiserver_SRCS uiserver/sessiondata.cpp uiserver/uiserver.cpp ${_kleopatra_extra_uiserver_SRCS} uiserver/assuanserverconnection.cpp uiserver/echocommand.cpp uiserver/decryptverifycommandemailbase.cpp uiserver/decryptverifycommandfilesbase.cpp uiserver/signcommand.cpp uiserver/signencryptfilescommand.cpp uiserver/prepencryptcommand.cpp uiserver/prepsigncommand.cpp uiserver/encryptcommand.cpp uiserver/selectcertificatecommand.cpp uiserver/importfilescommand.cpp uiserver/createchecksumscommand.cpp uiserver/verifychecksumscommand.cpp selftest/uiservercheck.cpp ) if(ASSUAN2_FOUND) include_directories(${ASSUAN2_INCLUDES}) set(_kleopatra_uiserver_extra_libs ${ASSUAN2_LIBRARIES}) else() include_directories(${ASSUAN_INCLUDES}) if(WIN32) set(_kleopatra_uiserver_extra_libs ${ASSUAN_VANILLA_LIBRARIES}) else() set(_kleopatra_uiserver_extra_libs ${ASSUAN_PTHREAD_LIBRARIES}) endif() endif() if(HAVE_GPG_ERR_SOURCE_KLEO) add_definitions(-DGPG_ERR_SOURCE_DEFAULT=GPG_ERR_SOURCE_KLEO) add_definitions(-DGPGMEPP_ERR_SOURCE_DEFAULT=GPG_ERR_SOURCE_KLEO) else() add_definitions(-DGPG_ERR_SOURCE_DEFAULT=GPG_ERR_SOURCE_USER_1) add_definitions(-DGPGMEPP_ERR_SOURCE_DEFAULT=GPG_ERR_SOURCE_USER_1) endif() ki18n_wrap_ui(_kleopatra_uiserver_SRCS crypto/gui/signingcertificateselectionwidget.ui) if("${Gpgmepp_VERSION}" VERSION_GREATER_EQUAL "1.14.1") set(_kleopatra_deviceinfowatcher_files smartcard/deviceinfowatcher.cpp ) else() set(_kleopatra_deviceinfowatcher_files) endif() set(_kleopatra_SRCS utils/gui-helper.cpp utils/filedialog.cpp utils/kdpipeiodevice.cpp utils/headerview.cpp utils/scrollarea.cpp utils/dragqueen.cpp utils/multivalidator.cpp utils/systemtrayicon.cpp utils/hex.cpp utils/path-helper.cpp utils/input.cpp utils/output.cpp utils/validation.cpp utils/wsastarter.cpp utils/iodevicelogger.cpp utils/log.cpp utils/action_data.cpp utils/types.cpp utils/archivedefinition.cpp utils/auditlog.cpp utils/clipboardmenu.cpp utils/kuniqueservice.cpp utils/remarks.cpp utils/writecertassuantransaction.cpp utils/keyparameters.cpp selftest/selftest.cpp selftest/enginecheck.cpp selftest/gpgconfcheck.cpp selftest/gpgagentcheck.cpp selftest/libkleopatrarccheck.cpp ${_kleopatra_extra_SRCS} view/keylistcontroller.cpp view/keytreeview.cpp view/searchbar.cpp view/smartcardwidget.cpp view/padwidget.cpp view/pgpcardwidget.cpp view/pivcardwidget.cpp view/netkeywidget.cpp view/nullpinwidget.cpp view/tabwidget.cpp view/keycacheoverlay.cpp view/waitwidget.cpp view/welcomewidget.cpp dialogs/certificateselectiondialog.cpp dialogs/certifywidget.cpp dialogs/expirydialog.cpp dialogs/lookupcertificatesdialog.cpp dialogs/ownertrustdialog.cpp dialogs/selftestdialog.cpp dialogs/certifycertificatedialog.cpp dialogs/revokecertificationwidget.cpp dialogs/revokecertificationdialog.cpp dialogs/adduseriddialog.cpp dialogs/addemaildialog.cpp dialogs/exportcertificatesdialog.cpp dialogs/deletecertificatesdialog.cpp dialogs/setinitialpindialog.cpp dialogs/certificatedetailswidget.cpp dialogs/trustchainwidget.cpp dialogs/weboftrustwidget.cpp dialogs/weboftrustdialog.cpp dialogs/exportdialog.cpp dialogs/subkeyswidget.cpp dialogs/gencardkeydialog.cpp dialogs/updatenotification.cpp dialogs/pivcardapplicationadministrationkeyinputdialog.cpp dialogs/certificatedetailsinputwidget.cpp dialogs/createcsrforcardkeydialog.cpp + dialogs/csrcreationresultdialog.cpp crypto/controller.cpp crypto/certificateresolver.cpp crypto/sender.cpp crypto/recipient.cpp crypto/task.cpp crypto/taskcollection.cpp crypto/decryptverifytask.cpp crypto/decryptverifyemailcontroller.cpp crypto/decryptverifyfilescontroller.cpp crypto/autodecryptverifyfilescontroller.cpp crypto/encryptemailtask.cpp crypto/encryptemailcontroller.cpp crypto/newsignencryptemailcontroller.cpp crypto/signencrypttask.cpp crypto/signencryptfilescontroller.cpp crypto/signemailtask.cpp crypto/signemailcontroller.cpp crypto/createchecksumscontroller.cpp crypto/verifychecksumscontroller.cpp crypto/gui/wizard.cpp crypto/gui/wizardpage.cpp crypto/gui/certificateselectionline.cpp crypto/gui/certificatelineedit.cpp crypto/gui/signingcertificateselectionwidget.cpp crypto/gui/signingcertificateselectiondialog.cpp crypto/gui/resultitemwidget.cpp crypto/gui/resultlistwidget.cpp crypto/gui/resultpage.cpp crypto/gui/newresultpage.cpp crypto/gui/signencryptfileswizard.cpp crypto/gui/signencryptemailconflictdialog.cpp crypto/gui/decryptverifyoperationwidget.cpp crypto/gui/decryptverifyfileswizard.cpp crypto/gui/decryptverifyfilesdialog.cpp crypto/gui/objectspage.cpp crypto/gui/resolverecipientspage.cpp crypto/gui/signerresolvepage.cpp crypto/gui/encryptemailwizard.cpp crypto/gui/signemailwizard.cpp crypto/gui/signencryptwidget.cpp crypto/gui/signencryptwizard.cpp crypto/gui/unknownrecipientwidget.cpp crypto/gui/verifychecksumsdialog.cpp commands/command.cpp commands/gnupgprocesscommand.cpp commands/detailscommand.cpp commands/exportcertificatecommand.cpp commands/importcertificatescommand.cpp commands/importcertificatefromfilecommand.cpp commands/importcertificatefromclipboardcommand.cpp commands/importcertificatefromdatacommand.cpp commands/lookupcertificatescommand.cpp commands/reloadkeyscommand.cpp commands/refreshx509certscommand.cpp commands/refreshopenpgpcertscommand.cpp commands/deletecertificatescommand.cpp commands/decryptverifyfilescommand.cpp commands/signencryptfilescommand.cpp commands/signencryptfoldercommand.cpp commands/encryptclipboardcommand.cpp commands/signclipboardcommand.cpp commands/decryptverifyclipboardcommand.cpp commands/clearcrlcachecommand.cpp commands/dumpcrlcachecommand.cpp commands/dumpcertificatecommand.cpp commands/importcrlcommand.cpp commands/changeexpirycommand.cpp commands/changeownertrustcommand.cpp commands/changeroottrustcommand.cpp commands/changepassphrasecommand.cpp commands/certifycertificatecommand.cpp commands/revokecertificationcommand.cpp commands/selftestcommand.cpp commands/exportsecretkeycommand.cpp commands/exportopenpgpcertstoservercommand.cpp commands/adduseridcommand.cpp commands/newcertificatecommand.cpp commands/setinitialpincommand.cpp commands/learncardkeyscommand.cpp commands/checksumcreatefilescommand.cpp commands/checksumverifyfilescommand.cpp commands/exportpaperkeycommand.cpp commands/importpaperkeycommand.cpp commands/genrevokecommand.cpp commands/keytocardcommand.cpp commands/cardcommand.cpp commands/pivgeneratecardkeycommand.cpp commands/changepincommand.cpp commands/authenticatepivcardapplicationcommand.cpp commands/setpivcardapplicationadministrationkeycommand.cpp commands/certificatetopivcardcommand.cpp commands/importcertificatefrompivcardcommand.cpp commands/createopenpgpkeyfromcardkeyscommand.cpp + commands/createcsrforcardkeycommand.cpp ${_kleopatra_uiserver_files} conf/configuredialog.cpp newcertificatewizard/listwidget.cpp newcertificatewizard/newcertificatewizard.cpp smartcard/readerstatus.cpp smartcard/card.cpp smartcard/openpgpcard.cpp smartcard/netkeycard.cpp smartcard/pivcard.cpp smartcard/keypairinfo.cpp smartcard/utils.cpp ${_kleopatra_deviceinfowatcher_files} aboutdata.cpp systrayicon.cpp kleopatraapplication.cpp mainwindow.cpp main.cpp ) if(WIN32) configure_file (versioninfo.rc.in versioninfo.rc) set(_kleopatra_SRCS ${CMAKE_CURRENT_BINARY_DIR}/versioninfo.rc ${_kleopatra_SRCS}) endif() if(HAVE_KCMUTILS) set (_kleopatra_extra_libs KF5::KCMUtils) else() set (_kleopatra_SRCS conf/kleopageconfigdialog.cpp ${_kleopatra_SRCS}) endif() ecm_qt_declare_logging_category(_kleopatra_SRCS HEADER kleopatra_debug.h IDENTIFIER KLEOPATRA_LOG CATEGORY_NAME org.kde.pim.kleopatra DESCRIPTION "kleopatra (kleopatra)" OLD_CATEGORY_NAMES log_kleopatra EXPORT KLEOPATRA ) if(KLEO_MODEL_TEST) add_definitions(-DKLEO_MODEL_TEST) set(_kleopatra_SRCS ${_kleopatra_SRCS} models/modeltest.cpp) endif() ki18n_wrap_ui(_kleopatra_SRCS dialogs/expirydialog.ui dialogs/lookupcertificatesdialog.ui dialogs/ownertrustdialog.ui dialogs/selectchecklevelwidget.ui dialogs/selftestdialog.ui dialogs/adduseriddialog.ui dialogs/setinitialpindialog.ui dialogs/certificatedetailswidget.ui dialogs/trustchainwidget.ui dialogs/subkeyswidget.ui newcertificatewizard/listwidget.ui newcertificatewizard/chooseprotocolpage.ui newcertificatewizard/enterdetailspage.ui newcertificatewizard/overviewpage.ui newcertificatewizard/keycreationpage.ui newcertificatewizard/resultpage.ui newcertificatewizard/advancedsettingsdialog.ui ) kconfig_add_kcfg_files(_kleopatra_SRCS kcfg/tooltippreferences.kcfgc kcfg/emailoperationspreferences.kcfgc kcfg/fileoperationspreferences.kcfgc kcfg/smimevalidationpreferences.kcfgc ) file(GLOB ICONS_SRCS "${CMAKE_CURRENT_SOURCE_DIR}/icons/*-apps-kleopatra.png") ecm_add_app_icon(_kleopatra_SRCS ICONS ${ICONS_SRCS}) qt5_add_resources(_kleopatra_SRCS kleopatra.qrc) add_executable(kleopatra_bin ${_kleopatra_SRCS} ${_kleopatra_uiserver_SRCS}) set_target_properties(kleopatra_bin PROPERTIES OUTPUT_NAME kleopatra) target_link_libraries(kleopatra_bin Gpgmepp QGpgme ${_kleopatra_extra_libs} KF5::Libkleo KF5::Mime KF5::I18n KF5::XmlGui KF5::IconThemes KF5::WindowSystem KF5::CoreAddons KF5::ItemModels KF5::Crash Qt5::Network Qt5::PrintSupport # Printing secret keys ${_kleopatra_uiserver_extra_libs} ${_kleopatra_dbusaddons_libs} kleopatraclientcore ) install(TARGETS kleopatra_bin ${KDE_INSTALL_TARGETS_DEFAULT_ARGS}) install( PROGRAMS data/org.kde.kleopatra.desktop data/kleopatra_import.desktop DESTINATION ${KDE_INSTALL_APPDIR} ) install(FILES data/org.kde.kleopatra.appdata.xml DESTINATION ${KDE_INSTALL_METAINFODIR}) install( FILES data/kleopatra_signencryptfiles.desktop data/kleopatra_signencryptfolders.desktop data/kleopatra_decryptverifyfiles.desktop data/kleopatra_decryptverifyfolders.desktop DESTINATION ${KDE_INSTALL_KSERVICES5DIR} ) diff --git a/src/commands/createcsrforcardkeycommand.cpp b/src/commands/createcsrforcardkeycommand.cpp new file mode 100644 index 000000000..57ff5d79d --- /dev/null +++ b/src/commands/createcsrforcardkeycommand.cpp @@ -0,0 +1,242 @@ +/* -*- mode: c++; c-basic-offset:4 -*- + commands/createcsrforcardkeycommand.cpp + + This file is part of Kleopatra, the KDE keymanager + SPDX-FileCopyrightText: 2020 g10 Code GmbH + SPDX-FileContributor: Ingo Klöcker + + SPDX-License-Identifier: GPL-2.0-or-later +*/ + +#include + +#include "createcsrforcardkeycommand.h" + +#include "cardcommand_p.h" + +#include "dialogs/createcsrforcardkeydialog.h" +#include "dialogs/csrcreationresultdialog.h" + +#include "smartcard/pivcard.h" +#include "smartcard/readerstatus.h" + +#include "utils/keyparameters.h" + +#include + +#include + +#include + +#include +#include + +#include +#include +#include + +#include + +#include "kleopatra_debug.h" + +using namespace Kleo; +using namespace Kleo::Commands; +using namespace Kleo::Dialogs; +using namespace Kleo::SmartCard; +using namespace GpgME; +using namespace QGpgME; + +class CreateCSRForCardKeyCommand::Private : public CardCommand::Private +{ + friend class ::Kleo::Commands::CreateCSRForCardKeyCommand; + CreateCSRForCardKeyCommand *q_func() const + { + return static_cast(q); + } +public: + explicit Private(CreateCSRForCardKeyCommand *qq, + const std::string &keyRef, const std::string &serialNumber, const std::string &appName, QWidget *parent); + ~Private(); + +private: + void start(); + + void slotDialogAccepted(); + void slotDialogRejected(); + void slotResult(const KeyGenerationResult &result, const QByteArray &request); + + void ensureDialogCreated(); + +private: + std::string appName; + std::string keyRef; + QStringList keyUsages; + QPointer dialog; +}; + +CreateCSRForCardKeyCommand::Private *CreateCSRForCardKeyCommand::d_func() +{ + return static_cast(d.get()); +} +const CreateCSRForCardKeyCommand::Private *CreateCSRForCardKeyCommand::d_func() const +{ + return static_cast(d.get()); +} + +#define d d_func() +#define q q_func() + +CreateCSRForCardKeyCommand::Private::Private(CreateCSRForCardKeyCommand *qq, + const std::string &keyRef_, const std::string &serialNumber, const std::string &appName_, QWidget *parent) + : CardCommand::Private(qq, serialNumber, parent) + , appName(appName_) + , keyRef(keyRef_) +{ +} + +CreateCSRForCardKeyCommand::Private::~Private() +{ +} + +namespace +{ +QStringList getKeyUsages(const KeyPairInfo &keyInfo) +{ + // note: gpgsm does not support creating CSRs for authentication certificates + QStringList usages; + if (keyInfo.canCertify()) { + usages.push_back(QStringLiteral("cert")); + } + if (keyInfo.canSign()) { + usages.push_back(QStringLiteral("sign")); + } + if (keyInfo.canEncrypt()) { + usages.push_back(QStringLiteral("encrypt")); + } + return usages; +} +} + +void CreateCSRForCardKeyCommand::Private::start() +{ + if (appName != PIVCard::AppName) { + qCWarning(KLEOPATRA_LOG) << "CreateCSRForCardKeyCommand does not support card application" << QString::fromStdString(appName); + finished(); + return; + } + + const auto card = ReaderStatus::instance()->getCard(serialNumber(), appName); + if (!card) { + error(i18n("Failed to find the smartcard with the serial number: %1", QString::fromStdString(serialNumber()))); + finished(); + return; + } + + const KeyPairInfo &keyInfo = card->keyInfo(keyRef); + keyUsages = getKeyUsages(keyInfo); + + ensureDialogCreated(); + + dialog->setWindowTitle(i18n("Certificate Details")); + dialog->setName(card->cardHolder()); + + dialog->show(); +} + +void CreateCSRForCardKeyCommand::Private::slotDialogAccepted() +{ + const Error err = ReaderStatus::switchCardAndApp(serialNumber(), appName); + if (err) { + finished(); + return; + } + + const auto backend = smime(); + if (!backend) { + finished(); + return; + } + + KeyGenerationJob *const job = backend->keyGenerationJob(); + if (!job) { + finished(); + return; + } + + Job::context(job)->setArmor(true); + + connect(job, SIGNAL(result(const GpgME::KeyGenerationResult &, const QByteArray &)), + q, SLOT(slotResult(const GpgME::KeyGenerationResult &, const QByteArray &))); + + KeyParameters keyParameters(KeyParameters::CMS); + keyParameters.setKeyType(QString::fromStdString(keyRef)); + keyParameters.setKeyUsages(keyUsages); + keyParameters.setDN(dialog->dn()); + keyParameters.setEmail(dialog->email()); + + if (const Error err = job->start(keyParameters.toString())) { + error(i18nc("@info", "Creating a CSR for the card key failed:\n%1", QString::fromUtf8(err.asString())), + i18nc("@title", "Error")); + finished(); + } +} + +void CreateCSRForCardKeyCommand::Private::slotDialogRejected() +{ + canceled(); +} + +void CreateCSRForCardKeyCommand::Private::slotResult(const KeyGenerationResult &result, const QByteArray &request) +{ + if (result.error().isCanceled()) { + // do nothing + } else if (result.error()) { + error(i18nc("@info", "Creating a CSR for the card key failed:\n%1", QString::fromUtf8(result.error().asString())), + i18nc("@title", "Error")); + } else { + auto resultDialog = new CSRCreationResultDialog; + applyWindowID(resultDialog); + resultDialog->setAttribute(Qt::WA_DeleteOnClose); + resultDialog->setCSR(request); + resultDialog->show(); + } + + finished(); +} + +void CreateCSRForCardKeyCommand::Private::ensureDialogCreated() +{ + if (dialog) { + return; + } + + dialog = new CreateCSRForCardKeyDialog; + applyWindowID(dialog); + dialog->setAttribute(Qt::WA_DeleteOnClose); + + connect(dialog, SIGNAL(accepted()), q, SLOT(slotDialogAccepted())); + connect(dialog, SIGNAL(rejected()), q, SLOT(slotDialogRejected())); +} + +CreateCSRForCardKeyCommand::CreateCSRForCardKeyCommand(const std::string &keyRef, const std::string &serialNumber, const std::string &appName, QWidget *parent) + : CardCommand(new Private(this, keyRef, serialNumber, appName, parent)) +{ +} + +CreateCSRForCardKeyCommand::~CreateCSRForCardKeyCommand() +{ +} + +void CreateCSRForCardKeyCommand::doStart() +{ + d->start(); +} + +void CreateCSRForCardKeyCommand::doCancel() +{ +} + +#undef d +#undef q + +#include "moc_createcsrforcardkeycommand.cpp" diff --git a/src/commands/createcsrforcardkeycommand.h b/src/commands/createcsrforcardkeycommand.h new file mode 100644 index 000000000..cbac948dc --- /dev/null +++ b/src/commands/createcsrforcardkeycommand.h @@ -0,0 +1,44 @@ +/* -*- mode: c++; c-basic-offset:4 -*- + commands/createcsrforcardkeycommand.h + + This file is part of Kleopatra, the KDE keymanager + SPDX-FileCopyrightText: 2020 g10 Code GmbH + SPDX-FileContributor: Ingo Klöcker + + SPDX-License-Identifier: GPL-2.0-or-later +*/ + +#ifndef __KLEOPATRA_COMMANDS_CREATECSRFORCARDKEYCOMMAND_H__ +#define __KLEOPATRA_COMMANDS_CREATECSRFORCARDKEYCOMMAND_H__ + +#include "cardcommand.h" + +namespace Kleo +{ +namespace Commands +{ + +class CreateCSRForCardKeyCommand : public CardCommand +{ + Q_OBJECT +public: + explicit CreateCSRForCardKeyCommand(const std::string &keyRef, const std::string &serialNumber, const std::string &appName, QWidget *parent = nullptr); + ~CreateCSRForCardKeyCommand() override; + +private: + void doStart() override; + void doCancel() override; + +private: + class Private; + inline Private *d_func(); + inline const Private *d_func() const; + Q_PRIVATE_SLOT(d_func(), void slotDialogAccepted()) + Q_PRIVATE_SLOT(d_func(), void slotDialogRejected()) + Q_PRIVATE_SLOT(d_func(), void slotResult(const GpgME::KeyGenerationResult &, const QByteArray &)) +}; + +} // namespace Commands +} // namespace Kleo + +#endif // __KLEOPATRA_COMMANDS_CREATECSRFORCARDKEYCOMMAND_H__ diff --git a/src/dialogs/csrcreationresultdialog.cpp b/src/dialogs/csrcreationresultdialog.cpp new file mode 100644 index 000000000..5418977b6 --- /dev/null +++ b/src/dialogs/csrcreationresultdialog.cpp @@ -0,0 +1,113 @@ +/* -*- mode: c++; c-basic-offset:4 -*- + dialogs/csrcreationresultdialog.h + + This file is part of Kleopatra, the KDE keymanager + SPDX-FileCopyrightText: 2020 g10 Code GmbH + SPDX-FileContributor: Ingo Klöcker + + SPDX-License-Identifier: GPL-2.0-or-later +*/ + +#include "csrcreationresultdialog.h" + +#include +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include + +using namespace Kleo; +using namespace Kleo::Dialogs; + +class CSRCreationResultDialog::Private +{ + friend class ::Kleo::Dialogs::CSRCreationResultDialog; + CSRCreationResultDialog *const q; + + struct { + QPlainTextEdit *csrBrowser = nullptr; + QDialogButtonBox *buttonBox = nullptr; + } ui; + QByteArray csr; + +public: + Private(CSRCreationResultDialog *qq) + : q(qq) + { + auto mainLayout = new QVBoxLayout(q); + + { + auto label = new QLabel(i18n("The certificate signing request was created successfully. Please find the result and suggested next steps below.")); + label->setWordWrap(true); + mainLayout->addWidget(label); + } + + mainLayout->addWidget(new KSeparator(Qt::Horizontal)); + + ui.csrBrowser = new QPlainTextEdit(); + ui.csrBrowser->setLineWrapMode(QPlainTextEdit::NoWrap); + ui.csrBrowser->setReadOnly(true); + ui.csrBrowser->setTextInteractionFlags(Qt::TextSelectableByMouse | Qt::TextSelectableByKeyboard); + mainLayout->addWidget(ui.csrBrowser); + + mainLayout->addWidget(new KSeparator(Qt::Horizontal)); + + ui.buttonBox = new QDialogButtonBox(QDialogButtonBox::Close); + KGuiItem::assign(ui.buttonBox->button(QDialogButtonBox::Close), KStandardGuiItem::close()); + connect(ui.buttonBox, &QDialogButtonBox::clicked, q, &QDialog::close); + mainLayout->addWidget(ui.buttonBox); + + // calculate default size with enough space for the text edit + const auto fm = ui.csrBrowser->fontMetrics(); + const QSize sizeHint = q->sizeHint(); + const QSize defaultSize = QSize(qMax(sizeHint.width(), 90 * fm.horizontalAdvance(QLatin1Char('x'))), + sizeHint.height() - ui.csrBrowser->sizeHint().height() + 10 * fm.lineSpacing()); + restoreGeometry(defaultSize); + } + + ~Private() + { + saveGeometry(); + } + +private: + void saveGeometry() + { + KConfigGroup cfgGroup(KSharedConfig::openConfig(), "CSRCreationResultDialog"); + cfgGroup.writeEntry("Size", q->size()); + cfgGroup.sync(); + } + + void restoreGeometry(const QSize &defaultSize) + { + KConfigGroup cfgGroup(KSharedConfig::openConfig(), "CSRCreationResultDialog"); + const QSize size = cfgGroup.readEntry("Size", defaultSize); + if (size.isValid()) { + q->resize(size); + } + } +}; + +CSRCreationResultDialog::CSRCreationResultDialog(QWidget *parent) + : QDialog(parent) + , d(new Private(this)) +{ + setWindowTitle(i18nc("@title:window", "CSR Created")); +} + +CSRCreationResultDialog::~CSRCreationResultDialog() +{ +} + +void CSRCreationResultDialog::setCSR(const QByteArray &csr) +{ + d->csr = csr; + d->ui.csrBrowser->setPlainText(QString::fromLatin1(csr)); +} diff --git a/src/dialogs/csrcreationresultdialog.h b/src/dialogs/csrcreationresultdialog.h new file mode 100644 index 000000000..a348f90c7 --- /dev/null +++ b/src/dialogs/csrcreationresultdialog.h @@ -0,0 +1,38 @@ +/* -*- mode: c++; c-basic-offset:4 -*- + dialogs/csrcreationresultdialog.h + + This file is part of Kleopatra, the KDE keymanager + SPDX-FileCopyrightText: 2020 g10 Code GmbH + SPDX-FileContributor: Ingo Klöcker + + SPDX-License-Identifier: GPL-2.0-or-later +*/ + +#ifndef __KLEOPATRA_DIALOGS_CSRCREATIONRESULTDIALOG_H__ +#define __KLEOPATRA_DIALOGS_CSRCREATIONRESULTDIALOG_H__ + +#include + +namespace Kleo +{ +namespace Dialogs +{ + +class CSRCreationResultDialog : public QDialog +{ + Q_OBJECT +public: + explicit CSRCreationResultDialog(QWidget *parent = nullptr); + ~CSRCreationResultDialog() override; + + void setCSR(const QByteArray &csr); + +private: + class Private; + const std::unique_ptr d; +}; + +} +} + +#endif // __KLEOPATRA_DIALOGS_CSRCREATIONRESULTDIALOG_H__ diff --git a/src/utils/keyparameters.cpp b/src/utils/keyparameters.cpp index 87df47d67..1ce924444 100644 --- a/src/utils/keyparameters.cpp +++ b/src/utils/keyparameters.cpp @@ -1,182 +1,187 @@ /* -*- mode: c++; c-basic-offset:4 -*- utils/keyparameters.cpp This file is part of Kleopatra, the KDE keymanager SPDX-FileCopyrightText: 2008 Klarälvdalens Datakonsult AB SPDX-FileCopyrightText: 2020 g10 Code GmbH SPDX-FileContributor: Ingo Klöcker SPDX-License-Identifier: GPL-2.0-or-later */ #include "keyparameters.h" #include #include #include #include "kleopatra_debug.h" using namespace Kleo; using namespace GpgME; namespace { QString encodeDomainName(const QString &domain) { const QByteArray encodedDomain = QUrl::toAce(domain); return encodedDomain.isEmpty() ? domain : QString::fromLatin1(encodedDomain); } QString encodeEmail(const QString &email) { const int at = email.lastIndexOf(QLatin1Char('@')); if (at < 0) { return email; } return email.left(at + 1) + encodeDomainName(email.mid(at + 1)); } } class KeyParameters::Private { friend class ::Kleo::KeyParameters; KeyParameters *const q; Protocol protocol; QString keyType; QMap parameters; public: explicit Private(KeyParameters *qq, Protocol proto) : q(qq) , protocol(proto) { } void setValue(const QString &key, const QString &value) { parameters[key] = QStringList() << value; } void addValue(const QString &key, const QString &value) { parameters[key].push_back(value); } }; KeyParameters::KeyParameters(Protocol protocol) : d(new Private(this, protocol)) { } KeyParameters::~KeyParameters() { } void KeyParameters::setKeyType(Subkey::PubkeyAlgo type) { d->keyType = QString::fromLatin1(Subkey::publicKeyAlgorithmAsString(type)); } +void KeyParameters::setKeyType(const QString &cardKeyRef) +{ + d->keyType = QLatin1String("card:") + cardKeyRef; +} + void KeyParameters::setKeyLength(unsigned int length) { d->setValue(QStringLiteral("Key-Length"), QString::number(length)); } void KeyParameters::setKeyCurve(const QString &curve) { d->setValue(QStringLiteral("Key-Curve"), curve); } void KeyParameters::setKeyUsages(const QStringList &usages) { d->setValue(QStringLiteral("Key-Usage"), usages.join(QLatin1Char(' '))); } void KeyParameters::setSubkeyType(Subkey::PubkeyAlgo type) { d->setValue(QStringLiteral("Subkey-Type"), QString::fromLatin1(Subkey::publicKeyAlgorithmAsString(type))); } void KeyParameters::setSubkeyLength(unsigned int length) { d->setValue(QStringLiteral("Subkey-Length"), QString::number(length)); } void KeyParameters::setSubkeyCurve(const QString &curve) { d->setValue(QStringLiteral("Subkey-Curve"), curve); } void KeyParameters::setSubkeyUsages(const QStringList &usages) { d->setValue(QStringLiteral("Subkey-Usage"), usages.join(QLatin1Char(' '))); } void KeyParameters::setExpirationDate(const QDate &date) { d->setValue(QStringLiteral("Expire-Date"), date.toString(Qt::ISODate)); } void KeyParameters::setName(const QString &name) { d->setValue(QStringLiteral("Name-Real"), name); } void KeyParameters::setDN(const QString &dn) { d->setValue(QStringLiteral("Name-DN"), dn); } void KeyParameters::setEmail(const QString &email) { d->setValue(QStringLiteral("Name-Email"), (d->protocol == CMS) ? encodeEmail(email) : email); } void KeyParameters::addEmail(const QString& email) { d->addValue(QStringLiteral("Name-Email"), (d->protocol == CMS) ? encodeEmail(email) : email); } void KeyParameters::addDomainName(const QString& domain) { d->addValue(QStringLiteral("Name-DNS"), encodeDomainName(domain)); } void KeyParameters::addURI(const QString& uri) { d->addValue(QStringLiteral("Name-URI"), uri); } QString KeyParameters::toString() const { QStringList keyParameters; keyParameters.push_back(QLatin1String("")); if (d->protocol == OpenPGP) { // for backward compatibility with GnuPG 2.0 and earlier keyParameters.push_back(QStringLiteral("%ask-passphrase")); } // add Key-Type as first parameter if (!d->keyType.isEmpty()) { keyParameters.push_back(QLatin1String("Key-Type:") + d->keyType); } else { qCWarning(KLEOPATRA_LOG) << "KeyParameters::toString(): Key type is unset/empty"; } for (auto it = d->parameters.constBegin(); it != d->parameters.constEnd(); ++it) { for (const auto &v : it.value()) { keyParameters.push_back(it.key() + QLatin1Char(':') + v); } } keyParameters.push_back(QLatin1String("")); return keyParameters.join(QLatin1Char('\n')); } diff --git a/src/utils/keyparameters.h b/src/utils/keyparameters.h index 70b5531c0..0ee487d33 100644 --- a/src/utils/keyparameters.h +++ b/src/utils/keyparameters.h @@ -1,64 +1,65 @@ /* -*- mode: c++; c-basic-offset:4 -*- utils/keyparameters.h This file is part of Kleopatra, the KDE keymanager SPDX-FileCopyrightText: 2020 g10 Code GmbH SPDX-FileContributor: Ingo Klöcker SPDX-License-Identifier: GPL-2.0-or-later */ #ifndef __KLEOPATRA_UTILS_KEYPARAMETERS_H__ #define __KLEOPATRA_UTILS_KEYPARAMETERS_H__ #include #include class QDate; class QString; #include namespace Kleo { class KeyParameters { public: enum Protocol { OpenPGP, CMS }; explicit KeyParameters(Protocol protocol); ~KeyParameters(); void setKeyType(GpgME::Subkey::PubkeyAlgo type); + void setKeyType(const QString &cardKeyRef); void setKeyLength(unsigned int length); void setKeyCurve(const QString &curve); void setKeyUsages(const QStringList &usages); void setSubkeyType(GpgME::Subkey::PubkeyAlgo type); void setSubkeyLength(unsigned int length); void setSubkeyCurve(const QString &curve); void setSubkeyUsages(const QStringList &usages); void setExpirationDate(const QDate &date); void setName(const QString &name); void setDN(const QString &dn); void setEmail(const QString &email); void addEmail(const QString &email); void addDomainName(const QString &domain); void addURI(const QString &uri); QString toString() const; private: class Private; const std::unique_ptr d; }; } #endif // __KLEOPATRA_UTILS_KEYPARAMETERS_H__ diff --git a/src/view/pivcardwidget.cpp b/src/view/pivcardwidget.cpp index 2ea59c014..b717986b4 100644 --- a/src/view/pivcardwidget.cpp +++ b/src/view/pivcardwidget.cpp @@ -1,353 +1,381 @@ /* view/pivcardwiget.cpp This file is part of Kleopatra, the KDE keymanager SPDX-FileCopyrightText: 2020 g10 Code GmbH SPDX-FileContributor: Ingo Klöcker SPDX-License-Identifier: GPL-2.0-or-later */ #include "pivcardwidget.h" #include "tooltippreferences.h" #include "commands/certificatetopivcardcommand.h" #include "commands/changepincommand.h" +#include "commands/createcsrforcardkeycommand.h" #include "commands/createopenpgpkeyfromcardkeyscommand.h" #include "commands/importcertificatefrompivcardcommand.h" #include "commands/keytocardcommand.h" #include "commands/pivgeneratecardkeycommand.h" #include "commands/setpivcardapplicationadministrationkeycommand.h" #include "smartcard/pivcard.h" #include "smartcard/readerstatus.h" #include #include #include #include #include #include #include #include #include #include using namespace GpgME; using namespace Kleo; using namespace Kleo::Commands; using namespace Kleo::SmartCard; namespace { static void layoutKeyWidgets(QGridLayout *grid, const QString &keyName, const PIVCardWidget::KeyWidgets &keyWidgets) { int row = grid->rowCount(); grid->addWidget(new QLabel(keyName), row, 0); grid->addWidget(keyWidgets.keyGrip, row, 1); grid->addWidget(keyWidgets.keyAlgorithm, row, 2); grid->addWidget(keyWidgets.generateButton, row, 3); if (keyWidgets.writeKeyButton) { grid->addWidget(keyWidgets.writeKeyButton, row, 4); } row++; grid->addWidget(keyWidgets.certificateInfo, row, 1, 1, 2); grid->addWidget(keyWidgets.writeCertificateButton, row, 3); grid->addWidget(keyWidgets.importCertificateButton, row, 4); + if (keyWidgets.createCSRButton) { + grid->addWidget(keyWidgets.createCSRButton, row, 5); + } } static int toolTipOptions() { using namespace Kleo::Formatting; static const int validityFlags = Validity | Issuer | ExpiryDates | CertificateUsage; static const int ownerFlags = Subject | UserIDs | OwnerTrust; static const int detailsFlags = StorageLocation | CertificateType | SerialNumber | Fingerprint; const TooltipPreferences prefs; int flags = KeyID; flags |= prefs.showValidity() ? validityFlags : 0; flags |= prefs.showOwnerInformation() ? ownerFlags : 0; flags |= prefs.showCertificateDetails() ? detailsFlags : 0; return flags; } } PIVCardWidget::PIVCardWidget(QWidget *parent) : QWidget(parent) , mSerialNumber(new QLabel(this)) , mVersionLabel(new QLabel(this)) { // Set up the scroll area auto myLayout = new QVBoxLayout(this); myLayout->setContentsMargins(0, 0, 0, 0); auto area = new QScrollArea; area->setFrameShape(QFrame::NoFrame); area->setWidgetResizable(true); myLayout->addWidget(area); auto areaWidget = new QWidget; area->setWidget(areaWidget); auto areaVLay = new QVBoxLayout(areaWidget); auto grid = new QGridLayout; areaVLay->addLayout(grid); areaVLay->addStretch(1); const int columnCount = 5; int row = 0; // Version and Serialnumber grid->addWidget(mVersionLabel, row++, 0, 1, 2); mVersionLabel->setTextInteractionFlags(Qt::TextBrowserInteraction); grid->addWidget(new QLabel(i18n("Serial number:")), row, 0); grid->addWidget(mSerialNumber, row++, 1); mSerialNumber->setTextInteractionFlags(Qt::TextBrowserInteraction); { auto line = new QFrame(); line->setFrameShape(QFrame::HLine); grid->addWidget(line, row++, 0, 1, columnCount); } // The keys grid->addWidget(new QLabel(QStringLiteral("%1").arg(i18n("Keys:"))), row++, 0); for (const auto &keyInfo : PIVCard::supportedKeys()) { KeyWidgets keyWidgets = createKeyWidgets(keyInfo); layoutKeyWidgets(grid, PIVCard::keyDisplayName(keyInfo.keyRef), keyWidgets); } row = grid->rowCount(); { auto line = new QFrame(); line->setFrameShape(QFrame::HLine); grid->addWidget(line, row++, 0, 1, columnCount); } auto actionLayout = new QHBoxLayout; if (CreateOpenPGPKeyFromCardKeysCommand::isSupported()) { mKeyForCardKeysButton = new QPushButton(this); mKeyForCardKeysButton->setText(i18nc("@action:button", "Create OpenPGP Key")); mKeyForCardKeysButton->setToolTip(i18nc("@info:tooltip", "Create an OpenPGP key for the keys stored on the card.")); actionLayout->addWidget(mKeyForCardKeysButton); connect(mKeyForCardKeysButton, &QPushButton::clicked, this, &PIVCardWidget::createKeyFromCardKeys); } { auto button = new QPushButton(i18nc("@action:button", "Change PIN")); button->setToolTip(i18nc("@info:tooltip", "Change the PIV Card Application PIN that activates the PIV Card " "and enables private key operations using the stored keys.")); actionLayout->addWidget(button); connect(button, &QPushButton::clicked, this, [this] () { changePin(PIVCard::pinKeyRef()); }); } { auto button = new QPushButton(i18nc("@action:button", "Change PUK")); button->setToolTip(i18nc("@info:tooltip", "Change the PIN Unblocking Key that enables a reset of the PIN.")); actionLayout->addWidget(button); connect(button, &QPushButton::clicked, this, [this] () { changePin(PIVCard::pukKeyRef()); }); } { auto button = new QPushButton(i18nc("@action:button", "Change Admin Key")); button->setToolTip(i18nc("@info:tooltip", "Change the PIV Card Application Administration Key that is used by the " "PIV Card Application to authenticate the PIV Card Application Administrator and by the " "administrator (resp. Kleopatra) to authenticate the PIV Card Application.")); actionLayout->addWidget(button); connect(button, &QPushButton::clicked, this, [this] () { setAdminKey(); }); } actionLayout->addStretch(-1); grid->addLayout(actionLayout, row++, 0, 1, columnCount); grid->setColumnStretch(4, -1); } PIVCardWidget::KeyWidgets PIVCardWidget::createKeyWidgets(const KeyPairInfo &keyInfo) { const std::string keyRef = keyInfo.keyRef; KeyWidgets keyWidgets; keyWidgets.keyGrip = new QLabel(this); keyWidgets.keyGrip->setTextInteractionFlags(Qt::TextBrowserInteraction); keyWidgets.keyAlgorithm = new QLabel(this); keyWidgets.keyAlgorithm->setTextInteractionFlags(Qt::TextSelectableByMouse); keyWidgets.certificateInfo = new QLabel(this); keyWidgets.certificateInfo->setTextInteractionFlags(Qt::TextBrowserInteraction); keyWidgets.generateButton = new QPushButton(i18nc("@action:button", "Generate"), this); keyWidgets.generateButton->setEnabled(false); connect(keyWidgets.generateButton, &QPushButton::clicked, this, [this, keyRef] () { generateKey(keyRef); }); + if (keyInfo.canSign() || keyInfo.canEncrypt()) { + keyWidgets.createCSRButton = new QPushButton(i18nc("@action:button", "Create CSR"), this); + keyWidgets.createCSRButton->setToolTip(i18nc("@info:tooltip", "Create a certificate signing request for this key")); + keyWidgets.createCSRButton->setEnabled(false); + connect(keyWidgets.createCSRButton, &QPushButton::clicked, + this, [this, keyRef] () { createCSR(keyRef); }); + } keyWidgets.writeCertificateButton = new QPushButton(i18nc("@action:button", "Write Certificate")); keyWidgets.writeCertificateButton->setToolTip(i18nc("@info:tooltip", "Write the certificate corresponding to this key to the card")); keyWidgets.writeCertificateButton->setEnabled(false); connect(keyWidgets.writeCertificateButton, &QPushButton::clicked, this, [this, keyRef] () { writeCertificateToCard(keyRef); }); keyWidgets.importCertificateButton = new QPushButton(i18nc("@action:button", "Import Certificate")); keyWidgets.importCertificateButton->setToolTip(i18nc("@info:tooltip", "Import the certificate stored on the card")); keyWidgets.importCertificateButton->setEnabled(false); connect(keyWidgets.importCertificateButton, &QPushButton::clicked, this, [this, keyRef] () { importCertificateFromCard(keyRef); }); if (keyRef == PIVCard::cardAuthenticationKeyRef() || keyRef == PIVCard::keyManagementKeyRef()) { keyWidgets.writeKeyButton = new QPushButton(i18nc("@action:button", "Write Key")); keyWidgets.writeKeyButton->setToolTip(i18nc("@info:tooltip", "Write the key pair of a certificate to the card")); keyWidgets.writeKeyButton->setEnabled(true); connect(keyWidgets.writeKeyButton, &QPushButton::clicked, this, [this, keyRef] () { writeKeyToCard(keyRef); }); } mKeyWidgets.insert(keyRef, keyWidgets); return keyWidgets; } PIVCardWidget::~PIVCardWidget() { } void PIVCardWidget::setCard(const PIVCard *card) { mCardSerialNumber = card->serialNumber(); mVersionLabel->setText(i18nc("%1 version number", "PIV v%1 card", card->displayAppVersion())); mSerialNumber->setText(card->displaySerialNumber()); mSerialNumber->setToolTip(QString::fromStdString(card->serialNumber())); updateKeyWidgets(PIVCard::pivAuthenticationKeyRef(), card); updateKeyWidgets(PIVCard::cardAuthenticationKeyRef(), card); updateKeyWidgets(PIVCard::digitalSignatureKeyRef(), card); updateKeyWidgets(PIVCard::keyManagementKeyRef(), card); if (mKeyForCardKeysButton) { mKeyForCardKeysButton->setEnabled(card->hasSigningKey() && card->hasEncryptionKey()); } } void PIVCardWidget::updateKeyWidgets(const std::string &keyRef, const PIVCard *card) { KeyWidgets widgets = mKeyWidgets.value(keyRef); const std::string grip = card ? card->keyInfo(keyRef).grip : widgets.keyGrip->text().toStdString(); if (grip.empty()) { widgets.certificateInfo->setText(i18nc("@info", "slot empty")); widgets.certificateInfo->setToolTip(QString()); widgets.keyGrip->setText(QString()); widgets.keyAlgorithm->setText(QString()); widgets.generateButton->setText(i18nc("@action:button", "Generate")); widgets.generateButton->setToolTip( i18nc("@info:tooltip %1 display name of a key", "Generate %1", PIVCard::keyDisplayName(keyRef))); + if (widgets.createCSRButton) { + widgets.createCSRButton->setEnabled(false); + } widgets.writeCertificateButton->setEnabled(false); widgets.importCertificateButton->setEnabled(false); } else { const Key certificate = KeyCache::instance()->findSubkeyByKeyGrip(grip, GpgME::CMS).parent(); if (!certificate.isNull()) { widgets.certificateInfo->setText( i18nc("X.509 certificate DN (validity, created: date)", "%1 (%2, created: %3)", DN(certificate.userID(0).id()).prettyDN(), Formatting::complianceStringShort(certificate), Formatting::creationDateString(certificate))); widgets.certificateInfo->setToolTip(Formatting::toolTip(certificate, toolTipOptions())); widgets.writeCertificateButton->setEnabled(true); } else { widgets.certificateInfo->setText(i18nc("@info", "no matching certificate")); widgets.certificateInfo->setToolTip(QString()); widgets.writeCertificateButton->setEnabled(false); } if (card) { // update information if called with card widgets.keyGrip->setText(QString::fromStdString(grip)); const std::string algo = card->keyAlgorithm(keyRef); widgets.keyAlgorithm->setText(algo.empty() ? i18nc("@info unknown key algorithm", "unknown") : QString::fromStdString(algo)); widgets.importCertificateButton->setEnabled(!card->certificateData(keyRef).empty()); } widgets.generateButton->setText(i18nc("@action:button", "Replace")); widgets.generateButton->setToolTip( i18nc("@info:tooltip %1 display name of a key", "Replace %1 with new key", PIVCard::keyDisplayName(keyRef))); + if (widgets.createCSRButton) { + widgets.createCSRButton->setEnabled(true); + } } widgets.generateButton->setEnabled(true); } void PIVCardWidget::generateKey(const std::string &keyref) { auto cmd = new PIVGenerateCardKeyCommand(mCardSerialNumber, this); this->setEnabled(false); connect(cmd, &PIVGenerateCardKeyCommand::finished, this, [this]() { this->setEnabled(true); }); cmd->setKeyRef(keyref); cmd->start(); } +void PIVCardWidget::createCSR(const std::string &keyref) +{ + auto cmd = new CreateCSRForCardKeyCommand(keyref, mCardSerialNumber, PIVCard::AppName, this); + this->setEnabled(false); + connect(cmd, &CreateCSRForCardKeyCommand::finished, + this, [this]() { + this->setEnabled(true); + }); + cmd->start(); +} + void PIVCardWidget::writeCertificateToCard(const std::string &keyref) { auto cmd = new CertificateToPIVCardCommand(keyref, mCardSerialNumber); this->setEnabled(false); connect(cmd, &CertificateToPIVCardCommand::finished, this, [this]() { this->setEnabled(true); }); cmd->setParentWidget(this); cmd->start(); } void PIVCardWidget::importCertificateFromCard(const std::string &keyref) { auto cmd = new ImportCertificateFromPIVCardCommand(keyref, mCardSerialNumber); this->setEnabled(false); connect(cmd, &ImportCertificateFromPIVCardCommand::finished, this, [this, keyref] () { this->updateKeyWidgets(keyref, nullptr); this->setEnabled(true); }); cmd->setParentWidget(this); cmd->start(); } void PIVCardWidget::writeKeyToCard(const std::string &keyref) { auto cmd = new KeyToCardCommand(keyref, mCardSerialNumber, PIVCard::AppName); this->setEnabled(false); connect(cmd, &KeyToCardCommand::finished, this, [this]() { this->setEnabled(true); }); cmd->setParentWidget(this); cmd->start(); } void PIVCardWidget::createKeyFromCardKeys() { auto cmd = new CreateOpenPGPKeyFromCardKeysCommand(mCardSerialNumber, PIVCard::AppName, this); this->setEnabled(false); connect(cmd, &CreateOpenPGPKeyFromCardKeysCommand::finished, this, [this]() { this->setEnabled(true); }); cmd->start(); } void PIVCardWidget::changePin(const std::string &keyRef) { auto cmd = new ChangePinCommand(mCardSerialNumber, PIVCard::AppName, this); this->setEnabled(false); connect(cmd, &ChangePinCommand::finished, this, [this]() { this->setEnabled(true); }); cmd->setKeyRef(keyRef); cmd->start(); } void PIVCardWidget::setAdminKey() { auto cmd = new SetPIVCardApplicationAdministrationKeyCommand(mCardSerialNumber, this); this->setEnabled(false); connect(cmd, &SetPIVCardApplicationAdministrationKeyCommand::finished, this, [this]() { this->setEnabled(true); }); cmd->start(); } diff --git a/src/view/pivcardwidget.h b/src/view/pivcardwidget.h index 85ecb15b3..b36b41704 100644 --- a/src/view/pivcardwidget.h +++ b/src/view/pivcardwidget.h @@ -1,69 +1,71 @@ /* view/pivcardwiget.h This file is part of Kleopatra, the KDE keymanager SPDX-FileCopyrightText: 2020 g10 Code GmbH SPDX-FileContributor: Ingo Klöcker SPDX-License-Identifier: GPL-2.0-or-later */ #ifndef VIEW_PIVCARDWIDGET_H #define VIEW_PIVCARDWIDGET_H #include #include #include class QGridLayout; class QLabel; class QPushButton; namespace Kleo { namespace SmartCard { class KeyPairInfo; class PIVCard; } // namespace SmartCard class PIVCardWidget: public QWidget { Q_OBJECT public: explicit PIVCardWidget(QWidget *parent = nullptr); ~PIVCardWidget(); void setCard(const SmartCard::PIVCard* card); struct KeyWidgets { QLabel *keyGrip = nullptr; QLabel *keyAlgorithm = nullptr; QLabel *certificateInfo = nullptr; QPushButton *generateButton = nullptr; + QPushButton *createCSRButton = nullptr; QPushButton *writeCertificateButton = nullptr; QPushButton *importCertificateButton = nullptr; QPushButton *writeKeyButton = nullptr; }; private: KeyWidgets createKeyWidgets(const SmartCard::KeyPairInfo &keyInfo); void updateKeyWidgets(const std::string &keyRef, const SmartCard::PIVCard *card); void generateKey(const std::string &keyref); + void createCSR(const std::string &keyref); void writeCertificateToCard(const std::string &keyref); void importCertificateFromCard(const std::string &keyref); void writeKeyToCard(const std::string &keyref); void createKeyFromCardKeys(); void changePin(const std::string &keyRef); void setAdminKey(); private: std::string mCardSerialNumber; QLabel *mSerialNumber = nullptr; QLabel *mVersionLabel = nullptr; QPushButton *mKeyForCardKeysButton = nullptr; QMap mKeyWidgets; }; } // namespace Kleo #endif // VIEW_PIVCARDWIDGET_H