00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022 #include "ksslinfodialog.h"
00023 #include "ui_sslinfo.h"
00024 #include "ksslcertificatebox.h"
00025
00026 #include <kssl.h>
00027
00028 #include <QtGui/QFrame>
00029 #include <QtCore/QDate>
00030 #include <QtCore/QFile>
00031 #include <QtGui/QLabel>
00032 #include <QtGui/QLayout>
00033 #include <QtCore/Q_PID>
00034 #include <QtNetwork/QSslCertificate>
00035
00036 #include <kcombobox.h>
00037 #include <kglobal.h>
00038 #include <kglobalsettings.h>
00039 #include <kguiitem.h>
00040 #include <kiconloader.h>
00041 #include <klocale.h>
00042 #include <kpushbutton.h>
00043 #include <ksqueezedtextlabel.h>
00044 #include <kstandardguiitem.h>
00045 #include <ktoolinvocation.h>
00046 #include <kurllabel.h>
00047
00048 #include "ksslcertificate.h"
00049 #include "ksslcertchain.h"
00050 #include "ksslsigners.h"
00051 #include "ktcpsocket.h"
00052
00053
00054 class KSSLInfoDialog::KSSLInfoDialogPrivate
00055 {
00056 public:
00057 QList<QSslCertificate> certificateChain;
00058
00059 bool isMainPartEncrypted;
00060 bool auxPartsEncrypted;
00061
00062 Ui::SslInfo ui;
00063 KSslCertificateBox *subject;
00064 KSslCertificateBox *issuer;
00065 };
00066
00067
00068
00069 KSSLInfoDialog::KSSLInfoDialog(QWidget *parent)
00070 : KDialog(parent),
00071 d(new KSSLInfoDialogPrivate)
00072 {
00073 setCaption(i18n("KDE SSL Information"));
00074 setAttribute(Qt::WA_DeleteOnClose);
00075
00076 d->ui.setupUi(mainWidget());
00077
00078 d->subject = new KSslCertificateBox(d->ui.certParties);
00079 d->issuer = new KSslCertificateBox(d->ui.certParties);
00080 d->ui.certParties->addTab(d->subject, i18n("Subject"));
00081 d->ui.certParties->addTab(d->issuer, i18n("Issuer"));
00082
00083 d->isMainPartEncrypted = true;
00084 d->auxPartsEncrypted = true;
00085 updateWhichPartsEncrypted();
00086
00087 #if 0
00088 if (KSSL::doesSSLWork()) {
00089 if (d->m_secCon) {
00090 d->pixmap->setPixmap(BarIcon("security-high"));
00091 d->info->setText(i18n("Current connection is secured with SSL."));
00092 } else {
00093 d->pixmap->setPixmap(BarIcon("security-low"));
00094 d->info->setText(i18n("Current connection is not secured with SSL."));
00095 }
00096 } else {
00097 d->pixmap->setPixmap(BarIcon("security-low"));
00098 d->info->setText(i18n("SSL support is not available in this build of KDE."));
00099 }
00100 #endif
00101 }
00102
00103
00104 KSSLInfoDialog::~KSSLInfoDialog()
00105 {
00106 delete d;
00107 }
00108
00109
00110
00111 void KSSLInfoDialog::launchConfig()
00112 {
00113 QProcess::startDetached("kcmshell4", QStringList() << "crypto");
00114 }
00115
00116
00117 void KSSLInfoDialog::setMainPartEncrypted(bool mainEncrypted)
00118 {
00119 d->isMainPartEncrypted = mainEncrypted;
00120 updateWhichPartsEncrypted();
00121 }
00122
00123
00124 void KSSLInfoDialog::setAuxiliaryPartsEncrypted(bool auxEncrypted)
00125 {
00126 d->auxPartsEncrypted = auxEncrypted;
00127 updateWhichPartsEncrypted();
00128 }
00129
00130
00131 void KSSLInfoDialog::updateWhichPartsEncrypted()
00132 {
00133 if (d->isMainPartEncrypted) {
00134 if (d->auxPartsEncrypted) {
00135 d->ui.encryptionIndicator->setPixmap(BarIcon("security-high"));
00136 d->ui.explanation->setText(i18n("Current connection is secured with SSL."));
00137 } else {
00138 d->ui.encryptionIndicator->setPixmap(BarIcon("security-medium"));
00139 d->ui.explanation->setText(i18n("The main part of this document is secured "
00140 "with SSL, but some parts are not."));
00141 }
00142 } else {
00143 if (d->auxPartsEncrypted) {
00144 d->ui.encryptionIndicator->setPixmap(BarIcon("security-medium"));
00145 d->ui.explanation->setText(i18n("Some of this document is secured with SSL, "
00146 "but the main part is not."));
00147 } else {
00148 d->ui.encryptionIndicator->setPixmap(BarIcon("security-low"));
00149 d->ui.explanation->setText(i18n("Current connection is not secured with SSL."));
00150 }
00151 }
00152 }
00153
00154
00155 void KSSLInfoDialog::setup(const KTcpSocket &socket, const QString &ip, const QString &url)
00156 {
00157 Q_ASSERT(false);
00158 #if 0
00159 setup(&ssl.peerInfo().getPeerCertificate(),
00160 ip, url,
00161 ssl.connectionInfo().getCipher(),
00162 ssl.connectionInfo().getCipherDescription(),
00163 ssl.connectionInfo().getCipherVersion(),
00164 ssl.connectionInfo().getCipherUsedBits(),
00165 ssl.connectionInfo().getCipherBits(),
00166 ssl.peerInfo().getPeerCertificate().validate());
00167 #endif
00168 }
00169
00170 void KSSLInfoDialog::setSslInfo(const QList<QSslCertificate> &certificateChain,
00171 const QString &ip, const QString &url,
00172 const QString &sslProtocol, const QString &cipher,
00173 int usedBits, int bits,
00174 const QList<QSslError::SslError> &validationErrors) {
00175
00176 d->certificateChain = certificateChain;
00177 d->ui.certSelector->clear();
00178 for (int i = 0; i < certificateChain.size(); i++) {
00179 const QSslCertificate &cert = certificateChain[i];
00180 QString name;
00181 static const QSslCertificate::SubjectInfo si[] = {
00182 QSslCertificate::CommonName,
00183 QSslCertificate::Organization,
00184 QSslCertificate::OrganizationalUnitName
00185 };
00186 for (int j = 0; j < 3 && name.isEmpty(); j++)
00187 name = cert.subjectInfo(si[j]);
00188 d->ui.certSelector->addItem(name);
00189 }
00190 if (certificateChain.size() < 2) {
00191 d->ui.certSelector->setEnabled(false);
00192 }
00193 connect(d->ui.certSelector, SIGNAL(currentIndexChanged(int)),
00194 this, SLOT(displayFromChain(int)));
00195 if (d->certificateChain.isEmpty())
00196 d->certificateChain.append(QSslCertificate());
00197 displayFromChain(0);
00198
00199 d->ui.ip->setText(ip);
00200 d->ui.address->setText(url);
00201 d->ui.sslVersion->setText(sslProtocol);
00202
00203 const QStringList cipherInfo = cipher.split('\n', QString::SkipEmptyParts);
00204 if (cipherInfo.size() >= 4) {
00205 d->ui.encryption->setText(i18n("%1, using %2 bits of a %3 bit key",
00206 cipherInfo[0], QString::number(usedBits),
00207 QString::number(bits)));
00208 d->ui.details->setText(QString("Auth = %1, Kx = %2, MAC = %3")
00209 .arg(cipherInfo[1], cipherInfo[2],
00210 cipherInfo[3]));
00211 } else {
00212 d->ui.encryption->setText("");
00213 d->ui.details->setText("");
00214 }
00215 }
00216
00217
00218 #if 0 //###
00219 void KSSLInfoDialog::displayCert(const QSslCertificate &x) {
00220 QPalette cspl;
00221
00222 d->_serialNum->setText(x.getSerialNumber());
00223
00224 cspl = d->_validFrom->palette();
00225 if (x->getQDTNotBefore() > QDateTime::currentDateTime().toUTC())
00226 cspl.setColor(QPalette::Foreground, QColor(196,33,21));
00227 else cspl.setColor(QPalette::Foreground, QColor(42,153,59));
00228 d->_validFrom->setPalette(cspl);
00229 d->_validFrom->setText(x.getNotBefore());
00230
00231 cspl = d->_validUntil->palette();
00232 if (x->getQDTNotAfter() < QDateTime::currentDateTime().toUTC())
00233 cspl.setColor(QPalette::Foreground, QColor(196,33,21));
00234 else cspl.setColor(QPalette::Foreground, QColor(42,153,59));
00235 d->_validUntil->setPalette(cspl);
00236 d->_validUntil->setText(x->getNotAfter());
00237
00238 cspl = palette();
00239
00240 KSSLCertificate::KSSLValidation ksv;
00241 KSSLCertificate::KSSLValidationList ksvl;
00242 if ((x == d->_cert) && !d->_cert_ksvl.isEmpty()) {
00243 ksvl = d->_cert_ksvl;
00244 ksv = ksvl.first();
00245 } else {
00246 if (x == d->_cert)
00247 ksvl = d->_cert->validateVerbose(KSSLCertificate::SSLServer);
00248 else
00249 ksvl = d->_cert->validateVerbose(KSSLCertificate::SSLServer, x);
00250
00251 if (ksvl.isEmpty())
00252 ksvl << KSSLCertificate::Ok;
00253
00254 ksv = ksvl.first();
00255
00256 if (ksv == KSSLCertificate::SelfSigned) {
00257 if (x->getQDTNotAfter() > QDateTime::currentDateTime().toUTC() &&
00258 x->getQDTNotBefore() < QDateTime::currentDateTime().toUTC()) {
00259 if (KSSLSigners().useForSSL(*x))
00260 ksv = KSSLCertificate::Ok;
00261 } else {
00262 ksv = KSSLCertificate::Expired;
00263 }
00264 }
00265 }
00266
00267 if (ksv == KSSLCertificate::Ok) {
00268 cspl.setColor(QPalette::Foreground, QColor(42,153,59));
00269 } else if (ksv != KSSLCertificate::Irrelevant) {
00270 cspl.setColor(QPalette::Foreground, QColor(196,33,21));
00271 }
00272 d->_csl->setPalette(cspl);
00273
00274 QString errorStr;
00275 for(KSSLCertificate::KSSLValidationList::ConstIterator it = ksvl.begin();
00276 it != ksvl.end(); ++it) {
00277 if (!errorStr.isEmpty())
00278 errorStr.append(QChar('\n'));
00279 errorStr += KSSLCertificate::verifyText(*it);
00280 }
00281
00282 d->_csl->setText(errorStr);
00283 d->_csl->setMinimumSize(d->_csl->sizeHint());
00284
00285 d->_subject->setValues(x->getSubject());
00286 d->_issuer->setValues(x->getIssuer());
00287
00288 d->_digest->setText(x->getMD5DigestText());
00289 }
00290 #endif
00291
00292
00293 void KSSLInfoDialog::displayFromChain(int i)
00294 {
00295 const QSslCertificate &cert = d->certificateChain[i];
00296 d->ui.trusted->setText("TODO");
00297
00298 QString vp = "%1 to %2";
00299 vp = vp.arg(KGlobal::locale()->formatDateTime(cert.effectiveDate()));
00300 vp = vp.arg(KGlobal::locale()->formatDateTime(cert.expiryDate()));
00301 d->ui.validityPeriod->setText(vp);
00302
00303 d->ui.serial->setText(cert.serialNumber());
00304 d->ui.digest->setText(cert.digest().toHex());
00305
00306 d->subject->setCertificate(cert, KSslCertificateBox::Subject);
00307 d->issuer->setCertificate(cert, KSslCertificateBox::Issuer);
00308 }
00309
00310 #if 0
00311 void KSSLCertBox::setValues(const QString &certName, QWidget *mailCatcher) {
00312 if (certName.isEmpty()) {
00313 setWidget(new QFrame(this));
00314 show();
00315 return;
00316 }
00317
00318 KSSLX509Map cert(certName);
00319 QString tmp;
00320 viewport()->setBackgroundRole(QPalette::Button);
00321 QFrame* _frame = new QFrame;
00322 QGridLayout *grid = new QGridLayout(_frame);
00323 grid->setMargin(KDialog::marginHint());
00324 grid->setSpacing(KDialog::spacingHint());
00325 int row = 0;
00326 QLabel *label = 0L;
00327 if (!(tmp = cert.getValue("O")).isEmpty()) {
00328 label = new QLabel(i18n("Organization:"));
00329 label->setAlignment(Qt::AlignLeft | Qt::AlignTop);
00330 grid->addWidget( label,row, 0);
00331 grid->addWidget( new QLabel(tmp), row, 1 );
00332 row++;
00333 }
00334 if (!(tmp = cert.getValue("OU")).isEmpty()) {
00335 label = new QLabel(i18n("Organizational unit:"));
00336 label->setAlignment(Qt::AlignLeft | Qt::AlignTop);
00337 grid->addWidget( label,row, 0);
00338 grid->addWidget( new QLabel(tmp), row, 1 );
00339 row++;
00340 }
00341 if (!(tmp = cert.getValue("L")).isEmpty()) {
00342 label = new QLabel(i18n("Locality:"));
00343 label->setAlignment(Qt::AlignLeft | Qt::AlignTop);
00344 grid->addWidget( label,row, 0);
00345 grid->addWidget( new QLabel(tmp), row, 1 );
00346 row++;
00347 }
00348 if (!(tmp = cert.getValue("ST")).isEmpty()) {
00349 label = new QLabel(i18nc("Federal State","State:"));
00350 label->setAlignment(Qt::AlignLeft | Qt::AlignTop);
00351 grid->addWidget( label,row, 0);
00352 grid->addWidget( new QLabel(tmp), row, 1 );
00353 row++;
00354 }
00355 if (!(tmp = cert.getValue("C")).isEmpty()) {
00356 label = new QLabel(i18n("Country:"));
00357 label->setAlignment(Qt::AlignLeft | Qt::AlignTop);
00358 grid->addWidget( label,row, 0);
00359 grid->addWidget( new QLabel(tmp), row, 1 );
00360 row++;
00361 }
00362 if (!(tmp = cert.getValue("CN")).isEmpty()) {
00363 label = new QLabel(i18n("Common name:"));
00364 label->setAlignment(Qt::AlignLeft | Qt::AlignTop);
00365 grid->addWidget( label,row, 0);
00366 grid->addWidget( new QLabel(tmp), row, 1 );
00367 row++;
00368 }
00369 if (!(tmp = cert.getValue("Email")).isEmpty()) {
00370 label = new QLabel(i18n("Email:"));
00371 grid->addWidget( label,row, 0);
00372 label->setAlignment(Qt::AlignLeft | Qt::AlignTop);
00373 if (mailCatcher) {
00374 KUrlLabel *mail = new KUrlLabel(tmp, tmp);
00375 grid->addWidget( mail, row, 1 );
00376 connect(mail, SIGNAL(leftClickedURL(const QString &)), mailCatcher, SLOT(mailClicked(const QString &)));
00377 } else {
00378 label = new QLabel(tmp);
00379 grid->addWidget( label, row, 1 );
00380 }
00381 }
00382 if (label && viewport()) {
00383 viewport()->setBackgroundRole(label->backgroundRole());
00384 }
00385 setWidget(_frame);
00386 show();
00387 }
00388 #endif
00389
00390
00391 #include "ksslinfodialog.moc"