void pkey_manage_crypt_auto (gchar *password,
gchar **pem_private_key,
const gchar *pem_ca_certificate)
{
gchar *clean_private_key = *pem_private_key;
gchar *res = NULL;
TlsCert *tls_cert = NULL;
tls_cert = tls_parse_cert_pem (pem_ca_certificate);
res = pkey_manage_crypt_w_pwd (clean_private_key, tls_cert->dn, password);
tls_cert_free (tls_cert);
*pem_private_key = res;
g_free (clean_private_key);
return;
}
G_MODULE_EXPORT void on_new_req_next1_clicked (GtkButton *button,
gpointer user_data)
{
GtkTreeView *treeview = GTK_TREE_VIEW(gtk_builder_get_object(new_req_window_gtkb, "new_req_ca_treeview"));
GtkTreeSelection *selection = gtk_tree_view_get_selection (treeview);
GValue *value = g_new0(GValue, 1);
GtkTreeModel *model;
GtkTreeIter iter;
TlsCert * tlscert;
GtkWidget * widget;
const gchar *pem;
if (gtk_tree_selection_get_selected (selection, &model, &iter)) {
gtk_tree_model_get_value (model, &iter, NEW_REQ_CA_MODEL_COLUMN_PEM, value);
pem = g_value_get_string (value);
g_assert (pem);
tlscert = tls_parse_cert_pem (pem);
g_value_unset (value);
gtk_tree_model_get_value (model, &iter, NEW_REQ_CA_MODEL_COLUMN_ID, value);
new_req_ca_id_valid = TRUE;
new_req_ca_id = g_value_get_uint64(value);
widget = GTK_WIDGET(gtk_builder_get_object(new_req_window_gtkb,"country_combobox1"));
if (ca_file_policy_get (new_req_ca_id, "C_INHERIT")) {
gtk_widget_set_sensitive (widget, ! ca_file_policy_get (new_req_ca_id, "C_FORCE_SAME"));
model = GTK_TREE_MODEL(gtk_combo_box_get_model (GTK_COMBO_BOX(widget)));
gtk_tree_model_foreach (model, __new_req_window_lookup_country, tlscert->c);
} else {
gtk_widget_set_sensitive (widget, TRUE);
gtk_combo_box_set_active (GTK_COMBO_BOX(widget), -1);
}
widget = GTK_WIDGET(gtk_builder_get_object(new_req_window_gtkb,"st_entry1"));
if (ca_file_policy_get (new_req_ca_id, "ST_INHERIT")) {
gtk_widget_set_sensitive (widget, ! ca_file_policy_get (new_req_ca_id, "ST_FORCE_SAME"));
gtk_entry_set_text(GTK_ENTRY(widget), tlscert->st);
} else {
gtk_widget_set_sensitive (widget, TRUE);
gtk_entry_set_text(GTK_ENTRY(widget), "");
}
widget = GTK_WIDGET(gtk_builder_get_object(new_req_window_gtkb,"city_entry1"));
if (ca_file_policy_get (new_req_ca_id, "L_INHERIT")) {
gtk_widget_set_sensitive (widget, ! ca_file_policy_get (new_req_ca_id, "L_FORCE_SAME"));
gtk_entry_set_text(GTK_ENTRY(widget), tlscert->l);
} else {
gtk_widget_set_sensitive (widget, TRUE);
gtk_entry_set_text(GTK_ENTRY(widget), "");
}
widget = GTK_WIDGET(gtk_builder_get_object(new_req_window_gtkb,"o_entry1"));
if (ca_file_policy_get (new_req_ca_id, "O_INHERIT")) {
gtk_widget_set_sensitive (widget, ! ca_file_policy_get (new_req_ca_id, "O_FORCE_SAME"));
gtk_entry_set_text(GTK_ENTRY(widget), tlscert->o);
} else {
gtk_widget_set_sensitive (widget, TRUE);
gtk_entry_set_text(GTK_ENTRY(widget), "");
}
widget = GTK_WIDGET(gtk_builder_get_object(new_req_window_gtkb,"ou_entry1"));
if (ca_file_policy_get (new_req_ca_id, "OU_INHERIT")) {
gtk_widget_set_sensitive (widget, ! ca_file_policy_get (new_req_ca_id, "OU_FORCE_SAME"));
gtk_entry_set_text(GTK_ENTRY(widget), tlscert->ou);
} else {
gtk_widget_set_sensitive (widget, TRUE);
gtk_entry_set_text(GTK_ENTRY(widget), "");
}
tls_cert_free (tlscert);
} else {
new_req_ca_id_valid = FALSE;
widget = GTK_WIDGET(gtk_builder_get_object(new_req_window_gtkb,"country_combobox1"));
gtk_widget_set_sensitive (widget, TRUE);
widget = GTK_WIDGET(gtk_builder_get_object(new_req_window_gtkb,"st_entry1"));
gtk_widget_set_sensitive (widget, TRUE);
widget = GTK_WIDGET(gtk_builder_get_object(new_req_window_gtkb,"city_entry1"));
gtk_widget_set_sensitive (widget, TRUE);
widget = GTK_WIDGET(gtk_builder_get_object(new_req_window_gtkb,"o_entry1"));
gtk_widget_set_sensitive (widget, TRUE);
widget = GTK_WIDGET(gtk_builder_get_object(new_req_window_gtkb,"ou_entry1"));
gtk_widget_set_sensitive (widget, TRUE);
}
g_free (value);
new_req_tab_activate (1);
}
gchar * __pkey_retrieve_from_file (gchar **fn, gchar *cert_pem)
{
gsize file_length = 0;
GError *error = NULL;
gboolean cancel = FALSE;
gboolean save_new_filename = FALSE;
gchar *file_name = g_strdup(* fn);
gchar *file_contents = NULL;
gchar *pem_pkey = NULL;
gint tls_error = 0;
gchar *password = NULL;
TlsCert *cert = tls_parse_cert_pem (cert_pem);
do {
if (g_file_test(file_name, G_FILE_TEST_EXISTS)) {
GIOChannel *gc = g_io_channel_new_file (file_name, "r", &error);
if (gc) {
g_io_channel_read_to_end (gc, &file_contents, &file_length, &error);
g_io_channel_shutdown (gc, TRUE, NULL);
do {
pem_pkey = tls_load_pkcs8_private_key (file_contents, password, cert->key_id, &tls_error);
if (tls_error == TLS_INVALID_PASSWORD) {
if (password)
dialog_error (_("The given password doesn't match with the one used while crypting the file."));
// We ask for a password
password = __pkey_manage_ask_external_file_password (cert->dn);
if (! password)
cancel = TRUE;
}
} while (tls_error == TLS_INVALID_PASSWORD && ! cancel);
g_free (password);
if (! pem_pkey) {
if (tls_error == TLS_NON_MATCHING_PRIVATE_KEY) {
// The file could be opened, but it didn't contain any recognized private key
dialog_error (_("The file designated in database contains a private key, but it "
"is not the private key corresponding to the certificate."));
} else {
// The file could be opened, but it didn't contain any recognized private key
dialog_error (_("The file designated in database doesn't contain any recognized private key."));
}
}
} else {
// The file cannot be opened
dialog_error (_("The file designated in database couldn't be opened."));
}
} else {
// The file doesn't exist
dialog_error (_("The file designated in database doesn't exist."));
}
if (! pem_pkey && ! cancel) {
#ifndef GNOMINTCLI
// Show file open dialog
GObject * widget = NULL, * filepath_widget = NULL, *remember_filepath_widget = NULL;
GtkBuilder * dialog_gtkb = NULL;
gint response = 0;
dialog_gtkb = gtk_builder_new();
gtk_builder_add_from_file (dialog_gtkb,
g_build_filename (PACKAGE_DATA_DIR, "gnomint", "get_pkey_dialog.ui", NULL),
NULL);
gtk_builder_connect_signals (dialog_gtkb, NULL);
filepath_widget = gtk_builder_get_object (dialog_gtkb, "pkey_filechooser");
remember_filepath_widget = gtk_builder_get_object (dialog_gtkb, "save_filename_checkbutton");
g_object_set (G_OBJECT(remember_filepath_widget), "visible", FALSE, NULL);
gtk_widget_grab_focus (GTK_WIDGET(filepath_widget));
gtk_file_chooser_set_filename (GTK_FILE_CHOOSER(filepath_widget), file_name);
g_object_set_data (G_OBJECT(filepath_widget), "save_filename_checkbutton", remember_filepath_widget);
widget = gtk_builder_get_object (dialog_gtkb, "cert_dn_label");
gtk_label_set_text (GTK_LABEL(widget), cert->dn);
widget = gtk_builder_get_object (dialog_gtkb, "get_pkey_dialog");
response = gtk_dialog_run(GTK_DIALOG(widget));
if (! response) {
cancel = TRUE;
} else {
g_free (file_name);
file_name = g_strdup ((gchar *) gtk_file_chooser_get_filename (GTK_FILE_CHOOSER(filepath_widget)));
save_new_filename = gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON(remember_filepath_widget));
}
widget = gtk_builder_get_object (dialog_gtkb, "get_pkey_dialog");
gtk_widget_destroy (GTK_WIDGET(widget));
g_object_unref (G_OBJECT(dialog_gtkb));
#else
cancel = TRUE;
#endif
}
} while (! pem_pkey && ! cancel);
tls_cert_free (cert);
g_free (file_contents);
if (error)
g_error_free (error);
if (cancel) {
g_free (file_name);
return NULL;
}
if (save_new_filename) {
g_free (*fn);
(* fn) = file_name;
}
return pem_pkey;
}
void __certificate_properties_populate (const char *certificate_pem)
{
GObject *widget = NULL;
#ifndef WIN32
struct tm tim;
#else
struct tm* tim = NULL;
#endif
TlsCert * cert = NULL;
gchar model_time_str[100];
gchar * aux;
UInt160 * serial_number;
cert = tls_parse_cert_pem (certificate_pem);
serial_number = &cert->serial_number;
widget = gtk_builder_get_object (certificate_properties_window_gtkb, "certActivationDateLabel");
#ifndef WIN32
gmtime_r (&cert->activation_time, &tim);
strftime (model_time_str, 100, _("%m/%d/%Y %R GMT"), &tim);
#else
tim = gmtime (&cert->activation_time);
strftime (model_time_str, 100, _("%m/%d/%Y %H:%M GMT"), tim);
#endif
gtk_label_set_text (GTK_LABEL(widget), model_time_str);
widget = gtk_builder_get_object (certificate_properties_window_gtkb, "certExpirationDateLabel");
#ifndef WIN32
gmtime_r (&cert->expiration_time, &tim);
strftime (model_time_str, 100, _("%m/%d/%Y %R GMT"), &tim);
#else
tim = gmtime (&cert->expiration_time);
strftime (model_time_str, 100, _("%m/%d/%Y %H:%M GMT"), tim);
#endif
gtk_label_set_text (GTK_LABEL(widget), model_time_str);
widget = gtk_builder_get_object (certificate_properties_window_gtkb, "certSNLabel");
aux = uint160_strdup_printf (serial_number);
gtk_label_set_text (GTK_LABEL(widget), aux);
g_free (aux);
widget = gtk_builder_get_object (certificate_properties_window_gtkb, "certSubjectCNLabel");
gtk_label_set_text (GTK_LABEL(widget), cert->cn);
widget = gtk_builder_get_object (certificate_properties_window_gtkb, "certSubjectOLabel");
gtk_label_set_text (GTK_LABEL(widget), cert->o);
widget = gtk_builder_get_object (certificate_properties_window_gtkb, "certSubjectOULabel");
gtk_label_set_text (GTK_LABEL(widget), cert->ou);
widget = gtk_builder_get_object (certificate_properties_window_gtkb, "certIssuerCNLabel");
gtk_label_set_text (GTK_LABEL(widget), cert->i_cn);
widget = gtk_builder_get_object (certificate_properties_window_gtkb, "certIssuerOLabel");
gtk_label_set_text (GTK_LABEL(widget), cert->i_o);
widget = gtk_builder_get_object (certificate_properties_window_gtkb, "certIssuerOULabel");
gtk_label_set_text (GTK_LABEL(widget), cert->i_ou);
widget = gtk_builder_get_object (certificate_properties_window_gtkb, "sha1Label");
gtk_label_set_text (GTK_LABEL(widget), cert->sha1);
widget = gtk_builder_get_object (certificate_properties_window_gtkb, "md5Label");
gtk_label_set_text (GTK_LABEL(widget), cert->md5);
widget = gtk_builder_get_object (certificate_properties_window_gtkb, "sha256Label");
gtk_label_set_text (GTK_LABEL(widget), cert->sha256);
widget = gtk_builder_get_object (certificate_properties_window_gtkb, "sha512Label");
gtk_label_set_text (GTK_LABEL(widget), cert->sha512);
if (g_list_length (cert->uses)) {
GValue * valtrue = g_new0 (GValue, 1);
int i;
g_value_init (valtrue, G_TYPE_BOOLEAN);
g_value_set_boolean (valtrue, TRUE);
widget = gtk_builder_get_object (certificate_properties_window_gtkb, "certPropSeparator");
gtk_widget_show (GTK_WIDGET(widget));
widget = gtk_builder_get_object (certificate_properties_window_gtkb, "vboxCertCapabilities");
for (i = g_list_length(cert->uses) - 1; i >= 0; i--) {
GtkLabel *label = NULL;
label = GTK_LABEL(gtk_label_new ((gchar *) g_list_nth_data (cert->uses, i)));
gtk_misc_set_alignment (GTK_MISC(label), 0.0, 0.5);
gtk_box_pack_end (GTK_BOX(widget), GTK_WIDGET(label), 0, 0, 0);
}
gtk_widget_show_all (GTK_WIDGET(widget));
g_free (valtrue);
}
tls_cert_free (cert);
return;
}
