00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
#include "ksslinfodlg.h"
00023
00024
#include <kssl.h>
00025
00026
#include <qlayout.h>
00027
#include <kpushbutton.h>
00028
#include <qframe.h>
00029
#include <qlabel.h>
00030
#include <qscrollview.h>
00031
#include <qfile.h>
00032
00033
#include <kapplication.h>
00034
#include <kglobal.h>
00035
#include <klocale.h>
00036
#include <kprocess.h>
00037
#include <kiconloader.h>
00038
#include <kglobalsettings.h>
00039
#include <ksqueezedtextlabel.h>
00040
#include <kurllabel.h>
00041
#include <kstdguiitem.h>
00042
00043
00044
#include <kcombobox.h>
00045
#include "ksslcertificate.h"
00046
#include "ksslcertchain.h"
00047
#include "ksslsigners.h"
00048
00049
00050
class KSSLInfoDlg::KSSLInfoDlgPrivate {
00051
private:
00052
friend class KSSLInfoDlg;
00053
bool m_secCon;
00054
QGridLayout *m_layout;
00055
KComboBox *_chain;
00056
KSSLCertificate *_cert;
00057
KSSLCertificate::KSSLValidationList _cert_ksvl;
00058
00059
bool inQuestion;
00060
00061
QLabel *_serialNum;
00062
QLabel *_csl;
00063
QLabel *_validFrom;
00064
QLabel *_validUntil;
00065
QLabel *_digest;
00066
00067
QLabel *pixmap;
00068
QLabel *info;
00069
00070
KSSLCertBox *_subject, *_issuer;
00071 };
00072
00073
00074
00075 KSSLInfoDlg::KSSLInfoDlg(
bool secureConnection,
QWidget *parent,
const char *name,
bool modal)
00076 :
KDialog(parent, name, modal,
Qt::WDestructiveClose), d(new KSSLInfoDlgPrivate) {
00077
QVBoxLayout *topLayout =
new QVBoxLayout(
this, KDialog::marginHint(), KDialog::spacingHint());
00078 d->m_secCon = secureConnection;
00079 d->m_layout =
new QGridLayout(topLayout, 3, 3, KDialog::spacingHint());
00080 d->m_layout->setColStretch(1, 1);
00081 d->m_layout->setColStretch(2, 1);
00082
00083 d->pixmap =
new QLabel(
this);
00084 d->m_layout->addWidget(d->pixmap, 0, 0);
00085
00086 d->info =
new QLabel(
this);
00087 d->m_layout->addWidget(d->info, 0, 1);
00088
00089
if (
KSSL::doesSSLWork()) {
00090
if (d->m_secCon) {
00091 d->pixmap->setPixmap(BarIcon(
"encrypted"));
00092 d->info->setText(i18n(
"Current connection is secured with SSL."));
00093 }
else {
00094 d->pixmap->setPixmap(BarIcon(
"decrypted"));
00095 d->info->setText(i18n(
"Current connection is not secured with SSL."));
00096 }
00097 }
else {
00098 d->pixmap->setPixmap(BarIcon(
"decrypted"));
00099 d->info->setText(i18n(
"SSL support is not available in this build of KDE."));
00100 }
00101 d->m_layout->addRowSpacing( 0, 50 );
00102
00103
QHBoxLayout *buttonLayout =
new QHBoxLayout(topLayout, KDialog::spacingHint());
00104 buttonLayout->addStretch( 1 );
00105
00106
KPushButton *button;
00107
00108
if (
KSSL::doesSSLWork()) {
00109 button =
new KPushButton(
KGuiItem(i18n(
"C&ryptography Configuration..."),
"configure"),
this);
00110 connect(button, SIGNAL(clicked()), SLOT(launchConfig()));
00111 buttonLayout->addWidget( button );
00112 }
00113
00114 button =
new KPushButton(KStdGuiItem::close(),
this);
00115 connect(button, SIGNAL(clicked()), SLOT(close()));
00116 buttonLayout->addWidget( button );
00117
00118 button->setFocus();
00119
00120 setCaption(i18n(
"KDE SSL Information"));
00121 d->inQuestion =
false;
00122 }
00123
00124
00125 KSSLInfoDlg::~KSSLInfoDlg() {
00126
delete d;
00127 }
00128
00129
void KSSLInfoDlg::launchConfig() {
00130
KProcess p;
00131 p <<
"kcmshell" <<
"crypto";
00132 p.
start(KProcess::DontCare);
00133 }
00134
00135
00136 void KSSLInfoDlg::setSecurityInQuestion(
bool isIt) {
00137 d->inQuestion = isIt;
00138
if (
KSSL::doesSSLWork())
00139
if (isIt) {
00140 d->pixmap->setPixmap(BarIcon(
"halfencrypted"));
00141
if (d->m_secCon) {
00142 d->info->setText(i18n(
"The main part of this document is secured with SSL, but some parts are not."));
00143 }
else {
00144 d->info->setText(i18n(
"Some of this document is secured with SSL, but the main part is not."));
00145 }
00146 }
else {
00147
if (d->m_secCon) {
00148 d->pixmap->setPixmap(BarIcon(
"encrypted"));
00149 d->info->setText(i18n(
"Current connection is secured with SSL."));
00150 }
else {
00151 d->pixmap->setPixmap(BarIcon(
"decrypted"));
00152 d->info->setText(i18n(
"Current connection is not secured with SSL."));
00153 }
00154 }
00155 }
00156
00157
00158 void KSSLInfoDlg::setup(
KSSL & ssl,
const QString & ip,
const QString & url )
00159 {
00160
setup(
00161 &ssl.
peerInfo().
getPeerCertificate(),
00162 ip,
00163 url,
00164 ssl.
connectionInfo().
getCipher(),
00165 ssl.
connectionInfo().
getCipherDescription(),
00166 ssl.
connectionInfo().
getCipherVersion(),
00167 ssl.
connectionInfo().
getCipherUsedBits(),
00168 ssl.
connectionInfo().
getCipherBits(),
00169 ssl.
peerInfo().
getPeerCertificate().
validate()
00170 );
00171 }
00172
00173 void KSSLInfoDlg::setup(
KSSLCertificate *cert,
00174
const QString& ip,
const QString& url,
00175
const QString& cipher,
const QString& cipherdesc,
00176
const QString& sslversion,
int usedbits,
int bits,
00177 KSSLCertificate::KSSLValidation ) {
00178
00179
00180 d->_cert = cert;
00181
00182
QGridLayout *layout =
new QGridLayout(4, 2, KDialog::spacingHint());
00183
00184 layout->
addWidget(
new QLabel(i18n(
"Chain:"),
this), 0, 0);
00185 d->_chain =
new KComboBox(
this);
00186 layout->
addMultiCellWidget(d->_chain, 1, 1, 0, 1);
00187 connect(d->_chain, SIGNAL(activated(
int)),
this, SLOT(slotChain(
int)));
00188
00189 d->_chain->clear();
00190
00191
if (cert->
chain().
isValid() && cert->
chain().
depth() > 1) {
00192 d->_chain->setEnabled(
true);
00193 d->_chain->insertItem(i18n(
"0 - Site Certificate"));
00194
int cnt = 0;
00195
QPtrList<KSSLCertificate> cl = cert->
chain().
getChain();
00196
for (
KSSLCertificate *c = cl.
first(); c != 0; c = cl.
next()) {
00197
KSSLX509Map map(c->
getSubject());
00198
QString id;
00199
id = map.
getValue(
"CN");
00200
if (
id.length() == 0)
00201
id = map.
getValue(
"O");
00202
if (
id.length() == 0)
00203
id = map.
getValue(
"OU");
00204 d->_chain->insertItem(QString::number(++cnt)+
" - "+
id);
00205 }
00206 d->_chain->setCurrentItem(0);
00207 }
else d->_chain->setEnabled(
false);
00208
00209 layout->
addWidget(
new QLabel(i18n(
"Peer certificate:"),
this), 2, 0);
00210 layout->
addWidget(d->_subject = static_cast<KSSLCertBox*>(buildCertInfo(cert->
getSubject())), 3, 0);
00211 layout->
addWidget(
new QLabel(i18n(
"Issuer:"),
this), 2, 1);
00212 layout->
addWidget(d->_issuer = static_cast<KSSLCertBox*>(buildCertInfo(cert->
getIssuer())), 3, 1);
00213 d->m_layout->addMultiCell(layout, 1, 1, 0, 2);
00214
00215 layout =
new QGridLayout(11, 2, KDialog::spacingHint());
00216 layout->
setColStretch(1, 1);
00217 layout->
addWidget(
new QLabel(i18n(
"IP address:"),
this), 0, 0);
00218 layout->
addWidget(
new QLabel(ip,
this), 0, 1);
00219 layout->
addWidget(
new QLabel(i18n(
"URL:"),
this), 1, 0);
00220
KSqueezedTextLabel *urlLabel =
new KSqueezedTextLabel(url,
this);
00221 layout->
addWidget(urlLabel, 1, 1);
00222 layout->
addWidget(
new QLabel(i18n(
"Certificate state:"),
this), 2, 0);
00223
00224 layout->
addWidget(d->_csl =
new QLabel(
"",
this), 2, 1);
00225
00226 update();
00227
00228 layout->
addWidget(
new QLabel(i18n(
"Valid from:"),
this), 3, 0);
00229 layout->
addWidget(d->_validFrom =
new QLabel(
"",
this), 3, 1);
00230 layout->
addWidget(
new QLabel(i18n(
"Valid until:"),
this), 4, 0);
00231 layout->
addWidget(d->_validUntil =
new QLabel(
"",
this), 4, 1);
00232
00233 layout->
addWidget(
new QLabel(i18n(
"Serial number:"),
this), 5, 0);
00234 layout->
addWidget(d->_serialNum =
new QLabel(
"",
this), 5, 1);
00235 layout->
addWidget(
new QLabel(i18n(
"MD5 digest:"),
this), 6, 0);
00236 layout->
addWidget(d->_digest =
new QLabel(
"",
this), 6, 1);
00237
00238 layout->
addWidget(
new QLabel(i18n(
"Cipher in use:"),
this), 7, 0);
00239 layout->
addWidget(
new QLabel(cipher,
this), 7, 1);
00240 layout->
addWidget(
new QLabel(i18n(
"Details:"),
this), 8, 0);
00241 layout->
addWidget(
new QLabel(cipherdesc.
simplifyWhiteSpace(),
this), 8, 1);
00242 layout->
addWidget(
new QLabel(i18n(
"SSL version:"),
this), 9, 0);
00243 layout->
addWidget(
new QLabel(sslversion,
this), 9, 1);
00244 layout->
addWidget(
new QLabel(i18n(
"Cipher strength:"),
this), 10, 0);
00245 layout->
addWidget(
new QLabel(i18n(
"%1 bits used of a %2 bit cipher").arg(usedbits).arg(bits),
this), 10, 1);
00246 d->m_layout->addMultiCell(layout, 2, 2, 0, 2);
00247
00248 displayCert(cert);
00249 }
00250
00251 void KSSLInfoDlg::setCertState(
const QString &errorNrs)
00252 {
00253 d->_cert_ksvl.clear();
00254
QStringList errors = QStringList::split(
':', errorNrs);
00255
for(QStringList::ConstIterator it = errors.begin();
00256 it != errors.end(); ++it)
00257 {
00258 d->_cert_ksvl << (KSSLCertificate::KSSLValidation) (*it).toInt();
00259 }
00260 }
00261
00262
void KSSLInfoDlg::displayCert(
KSSLCertificate *x) {
00263
QPalette cspl;
00264
00265 d->_serialNum->setText(x->
getSerialNumber());
00266
00267 cspl = d->_validFrom->palette();
00268
if (x->
getQDTNotBefore() >
QDateTime::currentDateTime(Qt::UTC))
00269 cspl.
setColor(QColorGroup::Foreground,
QColor(196,33,21));
00270
else cspl.
setColor(QColorGroup::Foreground,
QColor(42,153,59));
00271 d->_validFrom->setPalette(cspl);
00272 d->_validFrom->setText(x->
getNotBefore());
00273
00274 cspl = d->_validUntil->palette();
00275
if (x->
getQDTNotAfter() <
QDateTime::currentDateTime(Qt::UTC))
00276 cspl.
setColor(QColorGroup::Foreground,
QColor(196,33,21));
00277
else cspl.
setColor(QColorGroup::Foreground,
QColor(42,153,59));
00278 d->_validUntil->setPalette(cspl);
00279 d->_validUntil->setText(x->
getNotAfter());
00280
00281 cspl = palette();
00282
00283 KSSLCertificate::KSSLValidation ksv;
00284
KSSLCertificate::KSSLValidationList ksvl;
00285
if ((x == d->_cert) && !d->_cert_ksvl.isEmpty()) {
00286 ksvl = d->_cert_ksvl;
00287 ksv = ksvl.
first();
00288 }
else {
00289
if (x == d->_cert)
00290 ksvl = d->_cert->validateVerbose(KSSLCertificate::SSLServer);
00291
else
00292 ksvl = d->_cert->validateVerbose(KSSLCertificate::SSLServer, x);
00293
00294
if (ksvl.
isEmpty())
00295 ksvl << KSSLCertificate::Ok;
00296
00297 ksv = ksvl.
first();
00298
00299
if (ksv == KSSLCertificate::SelfSigned) {
00300
if (x->
getQDTNotAfter() >
QDateTime::currentDateTime(Qt::UTC) &&
00301 x->
getQDTNotBefore() <
QDateTime::currentDateTime(Qt::UTC)) {
00302
if (
KSSLSigners().useForSSL(*x))
00303 ksv = KSSLCertificate::Ok;
00304 }
else {
00305 ksv = KSSLCertificate::Expired;
00306 }
00307 }
00308 }
00309
00310
if (ksv == KSSLCertificate::Ok) {
00311 cspl.
setColor(QColorGroup::Foreground,
QColor(42,153,59));
00312 }
else if (ksv != KSSLCertificate::Irrelevant) {
00313 cspl.
setColor(QColorGroup::Foreground,
QColor(196,33,21));
00314 }
00315 d->_csl->setPalette(cspl);
00316
00317
QString errorStr;
00318
for(KSSLCertificate::KSSLValidationList::ConstIterator it = ksvl.
begin();
00319 it != ksvl.
end(); ++it) {
00320
if (!errorStr.
isEmpty())
00321 errorStr.
append(
'\n');
00322 errorStr +=
KSSLCertificate::verifyText(*it);
00323 }
00324
00325 d->_csl->setText(errorStr);
00326 d->_csl->setMinimumSize(d->_csl->sizeHint());
00327
00328 d->_subject->setValues(x->
getSubject());
00329 d->_issuer->setValues(x->
getIssuer());
00330
00331 d->_digest->setText(x->
getMD5DigestText());
00332 }
00333
00334
00335
void KSSLInfoDlg::slotChain(
int x) {
00336
if (x == 0) {
00337 displayCert(d->_cert);
00338 }
else {
00339
QPtrList<KSSLCertificate> cl = d->_cert->chain().getChain();
00340 cl.
setAutoDelete(
true);
00341
for (
int i = 0; i < x-1; i++)
00342 cl.
remove((
unsigned int)0);
00343
KSSLCertificate thisCert = *(cl.
at(0));
00344 cl.
remove((
unsigned int)0);
00345 thisCert.
chain().
setChain(cl);
00346 displayCert(&thisCert);
00347 }
00348 }
00349
00350
00351 KSSLCertBox *
KSSLInfoDlg::certInfoWidget(
QWidget *parent,
const QString &certName,
QWidget *mailCatcher) {
00352
KSSLCertBox *result =
new KSSLCertBox(parent);
00353
if (!certName.
isEmpty()) {
00354 result->
setValues(certName, mailCatcher);
00355 }
00356
return result;
00357 }
00358
00359
00360 KSSLCertBox::KSSLCertBox(
QWidget *parent,
const char *name, WFlags f)
00361 :
QScrollView(parent, name, f)
00362 {
00363 _frame = 0L;
00364 setBackgroundMode(QWidget::PaletteButton);
00365
setValues(QString::null, 0L);
00366 }
00367
00368
00369 void KSSLCertBox::setValues(
QString certName,
QWidget *mailCatcher) {
00370
if (_frame) {
00371 removeChild(_frame);
00372
delete _frame;
00373 }
00374
00375
if (certName.
isEmpty()) {
00376 _frame =
new QFrame(
this);
00377 addChild(_frame);
00378
viewport()->setBackgroundMode(_frame->backgroundMode());
00379 _frame->show();
00380
updateScrollBars();
00381 show();
00382
return;
00383 }
00384
00385
KSSLX509Map cert(certName);
00386
QString tmp;
00387
viewport()->setBackgroundMode(QWidget::PaletteButton);
00388 _frame =
new QFrame(
this);
00389
QGridLayout *grid =
new QGridLayout(_frame, 1, 2, KDialog::marginHint(), KDialog::spacingHint());
00390 grid->setAutoAdd(
true);
00391
QLabel *label = 0L;
00392
if (!(tmp = cert.
getValue(
"O")).isEmpty()) {
00393 label =
new QLabel(i18n(
"Organization:"), _frame);
00394 label->setAlignment(Qt::AlignLeft | Qt::AlignTop);
00395
new QLabel(tmp, _frame);
00396 }
00397
if (!(tmp = cert.
getValue(
"OU")).isEmpty()) {
00398 label =
new QLabel(i18n(
"Organizational unit:"), _frame);
00399 label->setAlignment(Qt::AlignLeft | Qt::AlignTop);
00400
new QLabel(tmp, _frame);
00401 }
00402
if (!(tmp = cert.
getValue(
"L")).isEmpty()) {
00403 label =
new QLabel(i18n(
"Locality:"), _frame);
00404 label->setAlignment(Qt::AlignLeft | Qt::AlignTop);
00405
new QLabel(tmp, _frame);
00406 }
00407
if (!(tmp = cert.
getValue(
"ST")).isEmpty()) {
00408 label =
new QLabel(i18n(
"Federal State",
"State:"), _frame);
00409 label->setAlignment(Qt::AlignLeft | Qt::AlignTop);
00410
new QLabel(tmp, _frame);
00411 }
00412
if (!(tmp = cert.
getValue(
"C")).isEmpty()) {
00413 label =
new QLabel(i18n(
"Country:"), _frame);
00414 label->setAlignment(Qt::AlignLeft | Qt::AlignTop);
00415
new QLabel(tmp, _frame);
00416 }
00417
if (!(tmp = cert.
getValue(
"CN")).isEmpty()) {
00418 label =
new QLabel(i18n(
"Common name:"), _frame);
00419 label->setAlignment(Qt::AlignLeft | Qt::AlignTop);
00420
new QLabel(tmp, _frame);
00421 }
00422
if (!(tmp = cert.
getValue(
"Email")).isEmpty()) {
00423 label =
new QLabel(i18n(
"Email:"), _frame);
00424 label->setAlignment(Qt::AlignLeft | Qt::AlignTop);
00425
if (mailCatcher) {
00426
KURLLabel *mail =
new KURLLabel(tmp, tmp, _frame);
00427 connect(mail, SIGNAL(leftClickedURL(
const QString &)), mailCatcher, SLOT(mailClicked(
const QString &)));
00428 }
else {
00429
new QLabel(tmp, _frame);
00430 }
00431 }
00432
if (label &&
viewport()) {
00433
viewport()->setBackgroundMode(label->backgroundMode());
00434 }
00435 addChild(_frame);
00436
updateScrollBars();
00437 _frame->show();
00438 show();
00439 }
00440
00441
00442
QScrollView *KSSLInfoDlg::buildCertInfo(
const QString &certName) {
00443
return KSSLInfoDlg::certInfoWidget(
this, certName,
this);
00444 }
00445
00446
void KSSLInfoDlg::urlClicked(
const QString &url) {
00447 kapp->invokeBrowser(url);
00448 }
00449
00450
void KSSLInfoDlg::mailClicked(
const QString &url) {
00451 kapp->invokeMailer(url, QString::null);
00452 }
00453
00454
#include "ksslinfodlg.moc"
00455