bool CVerifyCertDialog::IsTrusted(CCertificateNotification const& notification) { if (notification.GetAlgorithmWarnings() != 0) { // These certs are never trusted. return false; } LoadTrustedCerts(); unsigned int len; CCertificate cert = notification.GetCertificates()[0]; const unsigned char* data = cert.GetRawData(len); return IsTrusted(notification.GetHost(), notification.GetPort(), data, len, false); }
void CVerifyCertDialog::ShowVerificationDialog(CCertificateNotification& notification, bool displayOnly /*=false*/) { LoadTrustedCerts(); m_pDlg = new wxDialogEx; if (!m_pDlg->Load(0, _T("ID_VERIFYCERT"))) { wxBell(); delete m_pDlg; m_pDlg = 0; return; } if (displayOnly) { xrc_call(*m_pDlg, "ID_DESC", &wxWindow::Hide); xrc_call(*m_pDlg, "ID_ALWAYS_DESC", &wxWindow::Hide); xrc_call(*m_pDlg, "ID_ALWAYS", &wxWindow::Hide); xrc_call(*m_pDlg, "wxID_CANCEL", &wxWindow::Hide); m_pDlg->SetTitle(_T("Certificate details")); } else { m_pDlg->WrapText(m_pDlg, XRCID("ID_DESC"), 400); if (COptions::Get()->GetOptionVal(OPTION_DEFAULT_KIOSKMODE) == 2) XRCCTRL(*m_pDlg, "ID_ALWAYS", wxCheckBox)->Hide(); } m_certificates = notification.GetCertificates(); if (m_certificates.size() == 1) { XRCCTRL(*m_pDlg, "ID_CHAIN_DESC", wxStaticText)->Hide(); XRCCTRL(*m_pDlg, "ID_CHAIN", wxChoice)->Hide(); } else { wxChoice* pChoice = XRCCTRL(*m_pDlg, "ID_CHAIN", wxChoice); for (unsigned int i = 0; i < m_certificates.size(); ++i) { pChoice->Append(wxString::Format(_T("%d"), i)); } pChoice->SetSelection(0); pChoice->Connect(wxEVT_COMMAND_CHOICE_SELECTED, wxCommandEventHandler(CVerifyCertDialog::OnCertificateChoice), 0, this); } m_pDlg->SetChildLabel(XRCID("ID_HOST"), wxString::Format(_T("%s:%d"), notification.GetHost(), notification.GetPort())); line_height_ = XRCCTRL(*m_pDlg, "ID_SUBJECT_DUMMY", wxStaticText)->GetSize().y; m_pSubjectSizer = XRCCTRL(*m_pDlg, "ID_SUBJECT_DUMMY", wxStaticText)->GetContainingSizer(); m_pSubjectSizer->Clear(true); m_pIssuerSizer = XRCCTRL(*m_pDlg, "ID_ISSUER_DUMMY", wxStaticText)->GetContainingSizer(); m_pIssuerSizer->Clear(true); wxSize minSize(0, 0); for (unsigned int i = 0; i < m_certificates.size(); ++i) { DisplayCert(m_pDlg, m_certificates[i]); m_pDlg->Layout(); m_pDlg->GetSizer()->Fit(m_pDlg); minSize.IncTo(m_pDlg->GetSizer()->GetMinSize()); } m_pDlg->GetSizer()->SetMinSize(minSize); bool warning = DisplayCert(m_pDlg, m_certificates[0]); DisplayAlgorithm(XRCID("ID_PROTOCOL"), notification.GetProtocol(), (notification.GetAlgorithmWarnings() & CCertificateNotification::tlsver) != 0); DisplayAlgorithm(XRCID("ID_KEYEXCHANGE"), notification.GetKeyExchange(), (notification.GetAlgorithmWarnings() & CCertificateNotification::kex) != 0); DisplayAlgorithm(XRCID("ID_CIPHER"), notification.GetSessionCipher(), (notification.GetAlgorithmWarnings() & CCertificateNotification::cipher) != 0); DisplayAlgorithm(XRCID("ID_MAC"), notification.GetSessionMac(), (notification.GetAlgorithmWarnings() & CCertificateNotification::mac) != 0); if (notification.GetAlgorithmWarnings() != 0) { warning = true; } if (warning) { XRCCTRL(*m_pDlg, "ID_IMAGE", wxStaticBitmap)->SetBitmap(wxArtProvider::GetBitmap(wxART_WARNING)); XRCCTRL(*m_pDlg, "ID_ALWAYS", wxCheckBox)->Enable(false); } m_pDlg->GetSizer()->Fit(m_pDlg); m_pDlg->GetSizer()->SetSizeHints(m_pDlg); int res = m_pDlg->ShowModal(); if (!displayOnly) { if (res == wxID_OK) { wxASSERT(!IsTrusted(notification)); notification.m_trusted = true; if (!notification.GetAlgorithmWarnings()) { if (!warning && XRCCTRL(*m_pDlg, "ID_ALWAYS", wxCheckBox)->GetValue()) SetPermanentlyTrusted(notification); else { t_certData cert; cert.host = notification.GetHost(); cert.port = notification.GetPort(); const unsigned char* data = m_certificates[0].GetRawData(cert.len); cert.data = new unsigned char[cert.len]; memcpy(cert.data, data, cert.len); m_sessionTrustedCerts.push_back(cert); } } } else notification.m_trusted = false; } delete m_pDlg; m_pDlg = 0; }