web
/
surfer
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

it works, first cleanup; refs #49

Browse Source
master
Marc Wäckerlin 14 years ago
parent 7c5f67b5cc
commit 2e20b696f4
6 changed files with 32 additions and 133 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 12
      swisssurfer/src/browser.hxx
  2. 137
      swisssurfer/src/smartcardauth.hxx
  3. 4
      swisssurfer/src/swisssurfer_de.ts
  4. 4
      swisssurfer/src/swisssurfer_en.ts
  5. 4
      swisssurfer/src/swisssurfer_fr.ts
  6. 4
      swisssurfer/src/swisssurfer_it.ts

12
swisssurfer/src/browser.hxx
Unescape View File

@ -77,12 +77,12 @@ class Browser: public QMainWindow, protected Ui::Browser {
_url->addItems(urls);
assert(connect(_url, SIGNAL(currentIndexChanged(const QString&)),
SLOT(load(QString))));
assert(connect(&_networkManager,
SIGNAL(extendedContextInitialization(ssl_ctx_st*,
QSslSocket*)),
&_scAuth,
SLOT(extendedContextInitialization(ssl_ctx_st*,
QSslSocket*))));
// assert(connect(&_networkManager,
// SIGNAL(extendedContextInitialization(ssl_ctx_st*,
// QSslSocket*)),
// &_scAuth,
// SLOT(extendedContextInitialization(ssl_ctx_st*,
// QSslSocket*))));
assert(connect(&_networkManager, SIGNAL(created(QNetworkReply*)),
&_downloadManager, SLOT(add(QNetworkReply*))));

137
swisssurfer/src/smartcardauth.hxx
Unescape View File

@ -16,8 +16,6 @@
#include <memory>
// extern const QByteArray SWISSSIGN_GOLD_CA_G2;
class CryptokiEngine: public QObject, public openssl::Engine {
Q_OBJECT;
@ -57,46 +55,10 @@ class CryptokiEngine: public QObject, public openssl::Engine {
const openssl::X509& cert() {
return *_cert;
}
// virtual EVP_PKEY* privkey() {
// OPENSSL_LOG("log");
// EVP_PKEY* k(EVP_PKEY_new());
// RSA* r(RSA_new_method(_e));
// r->n = BN_bin2bn((const unsigned char*)_modulus.data(),
// _modulus.size(), r->n);
// r->e = BN_bin2bn((const unsigned char*)_exponent.data(),
// _exponent.size(), r->e);
// // otherwise OpenSSL emulates sign/verify with encrypt/decrypt
// r->flags |= RSA_FLAG_SIGN_VER;
// EVP_PKEY_set1_RSA(k, r);
// OPENSSL_LOG("RSA_free");
// RSA_free(r);
// return k;
// }
// virtual RSA* rsaKey() {
// //EVP_PKEY* k(EVP_PKEY_new());
// RSA* r(RSA_new_method(_e));
// // RSA* r(RSA_new());
// r->n = BN_bin2bn((const unsigned char*)_modulus.data(),
// _modulus.size(), r->n);
// r->e = BN_bin2bn((const unsigned char*)_exponent.data(),
// _exponent.size(), r->e);
// // otherwise OpenSSL emulates sign/verify with encrypt/decrypt
// r->flags |= RSA_FLAG_SIGN_VER;
// //EVP_PKEY_set1_RSA(k, r);
// r->d = BN_bin2bn(0, 0, r->d);
// r->p = BN_bin2bn(0, 0, r->p);
// r->q = BN_bin2bn(0, 0, r->q);
// r->dmp1 = BN_bin2bn(0, 0, r->dmp1);
// r->dmp1 = BN_bin2bn(0, 0, r->dmq1);
// r->iqmp = r->n;/*BN_bin2bn(0, 0, r->iqmp);*/
// return r;
// }
virtual RSA* setupRsa(RSA* r) {
RSA_set_method(r, ENGINE_get_RSA(_e));
r->engine=_e;
RSA_free(r);
r = RSA_new_method(_e);
r->n = BN_bin2bn((const unsigned char*)_modulus.data(),
_modulus.size(), r->n);
r->e = BN_bin2bn((const unsigned char*)_exponent.data(),
@ -106,11 +68,6 @@ class CryptokiEngine: public QObject, public openssl::Engine {
return r;
}
// const RSA_METHOD* rsaMethod() {
// return ENGINE_get_RSA(_e);
// }
protected:
virtual const char* id() {
@ -153,38 +110,6 @@ class SmartCardAuth: public QObject {
//assert(connect(e(), SIGNAL(certRequired()), SLOT(login())));
}
private Q_SLOTS:
void extendedContextInitialization(ssl_ctx_st* ctx, QSslSocket* socket) {
// qDebug()<<__PRETTY_FUNCTION__;
// QList<QSslError> expectedSslErrors;
// for (std::list<std::string>::iterator cert(_cacerts.begin());
// cert!=_cacerts.end(); ++cert) {
// SSL_CTX_add_extra_chain_cert(ctx, openssl::X509(*cert).lowLevelCopy());
// expectedSslErrors.push_back(QSslError(QSslError::SelfSignedCertificateInChain,
// QSslCertificate::fromData
// (QByteArray(cert->data(),
// cert->size()),
// QSsl::Der).at(0)));
// //qDebug()<<"Added:\n"<<QSslCertificate(QByteArray(cert->data(), cert->size()), QSsl::Der).toPem();
// }
// //socket->ignoreSslErrors(expectedSslErrors);
// SSL_CTX_set_client_cert_cb(ctx, &SmartCardAuth::clientCert);
}
private:
// static int clientCert(SSL* ssl, X509 **x509, EVP_PKEY **pkey) {
// qDebug()<<__PRETTY_FUNCTION__;
// if (!e() || !*e()) return 0; // no certificate found
// qDebug()<<"*** A "<<__PRETTY_FUNCTION__;
// *x509 = e()->cert().lowLevelCopy();
// qDebug()<<"*** B "<<__PRETTY_FUNCTION__;
// *pkey = e()->privkey();
// qDebug()<<"*** C "<<__PRETTY_FUNCTION__;
// return 1;
// }
static CryptokiEngine* e(const QString& lib = QString()) try {
static CryptokiEngine* _e(new CryptokiEngine(lib.toStdString()));
return _e;
@ -205,7 +130,6 @@ class SmartCardAuth: public QObject {
QMutexLocker lock(&_mutex);
if (!e() || (!force && *e())) return; // no smartcard or already logged in
try {
// _cacerts.clear();
QList<CertInfo> authcerts;
QList<CertInfo> allcerts;
QSslConfiguration sslConfig(QSslConfiguration::defaultConfiguration());
@ -230,7 +154,6 @@ class SmartCardAuth: public QObject {
std::string data(cert->attribute(CKA_VALUE).value);
if (!keys.size()) { // add CA-certificate
OPENSSL_LOG("**** add to CA-certificates");
// _cacerts.push_back(data);
} else {
OPENSSL_LOG("**** user cert, check for authentictaion");
if (label.value.find("auth")==0 ||
@ -272,47 +195,25 @@ class SmartCardAuth: public QObject {
sslConfig.setLocalCertificate(localcert);
assert(localcert.isValid());
EVP_PKEY* pk(e()->privkey());
// QByteArray secret("That's my Secret");
RSA* rsa(e()->rsaKey());
BIO *bio = BIO_new(BIO_s_mem());
assert(bio);
OPENSSL_CHECK(PEM_write_bio_RSAPrivateKey
(bio, rsa,
0, 0,0,0,0));
// EVP_des_ede3_cbc(),(unsigned char*)secret.data(), secret.size(),
// 0, 0));
char *data(0);
long size(BIO_get_mem_data(bio, &data));
assert(size);
assert(data);
QByteArray pem(data, size);
BIO_free(bio);
OPENSSL_LOG(pem.data());
pem = "-----BEGIN RSA PRIVATE KEY-----\n"
"MIIBOwIBAAJBAMH2yqAGeVNPdgeZ2GoHo31m9aUxZ7QfK2Go2qLTahLpQ3UL1C8G\n"
"LkuMS8SNK0ZGfRMalIpIhv6bW5l3kjogOncCAwEAAQJABVGECtFCoGMsZFb2lSmy\n"
"dOzOzYHGSy0TnnDn1dEgNnZ8sIljElPtUzm9dyXs2P3ICL1sOd7qjpzfJeyxknDL\n"
"AQIhAO5iKdLmhyuW+EDEH19vDs1Pmqs3/ZnT5UgUiJnTJqz3AiEA0ExIfUOCnxq2\n"
"a3Z46KEivcr8JB2P9VqouBbVryiq/oECIQDj8bPCejMoiEzMSX0iWWTTB9qC/KAg\n"
"FtF4skHIrXKfEwIgPCs86Uo+Ch2aQjKHvJMHSRHAgeI0OmiEwiB+e0lhE4ECIQDd\n"
"IbUmHIXt6oHLJmoGFX46bCcfil5eE5FXfiaw7Q9iPw==\n"
"-----END RSA PRIVATE KEY-----\n";
bio = BIO_new_mem_buf(const_cast<char *>(pem.data()), pem.size());
rsa = 0;
OPENSSL_CHECK(PEM_read_bio_RSAPrivateKey(bio, &rsa, 0, 0));
assert(rsa);
BIO_free(bio);
QByteArray pem
("-----BEGIN RSA PRIVATE KEY-----\n"
"MIIBOwIBAAJBAMH2yqAGeVNPdgeZ2GoHo31m9aUxZ7QfK2"
"Go2qLTahLpQ3UL1C8G\n"
"LkuMS8SNK0ZGfRMalIpIhv6bW5l3kjogOncCAwEAAQJABV"
"GECtFCoGMsZFb2lSmy\n"
"dOzOzYHGSy0TnnDn1dEgNnZ8sIljElPtUzm9dyXs2P3ICL"
"1sOd7qjpzfJeyxknDL\n"
"AQIhAO5iKdLmhyuW+EDEH19vDs1Pmqs3/ZnT5UgUiJnTJq"
"z3AiEA0ExIfUOCnxq2\n"
"a3Z46KEivcr8JB2P9VqouBbVryiq/oECIQDj8bPCejMoiE"
"zMSX0iWWTTB9qC/KAg\n"
"FtF4skHIrXKfEwIgPCs86Uo+Ch2aQjKHvJMHSRHAgeI0Om"
"iEwiB+e0lhE4ECIQDd\n"
"IbUmHIXt6oHLJmoGFX46bCcfil5eE5FXfiaw7Q9iPw==\n"
"-----END RSA PRIVATE KEY-----\n");
QSslKey privkey(pem, QSsl::Rsa, QSsl::Pem, QSsl::PrivateKey);
// ,
// secret);
e()->setupRsa((RSA*)privkey.handle());
OPENSSL_LOG("Got Key");
OPENSSL_LOG(privkey.toPem().data());
assert(!privkey.isNull());
sslConfig.setPrivateKey(privkey);
QSslConfiguration::setDefaultConfiguration(sslConfig);
@ -329,8 +230,6 @@ class SmartCardAuth: public QObject {
" please try again."));
}
}
// QByteArray ca(QSslCertificate(SWISSSIGN_GOLD_CA_G2, QSsl::Pem).toDer());
// _cacerts.push_back(std::string(ca.data(), ca.size()));
} catch (...) {
throw;
}

4
swisssurfer/src/swisssurfer_de.ts
Unescape View File

@ -541,12 +541,12 @@ p, li { white-space: pre-wrap; }
<context>
<name>QMessageBox</name>
<message>
<location filename="smartcardauth.hxx" line="327"/>
<location filename="smartcardauth.hxx" line="228"/>
<source>Wrong PIN</source>
<translation type="unfinished"></translation>
</message>
<message>
<location filename="smartcardauth.hxx" line="328"/>
<location filename="smartcardauth.hxx" line="229"/>
<source>Authentication failed, please try again.</source>
<translation type="unfinished"></translation>
</message>

4
swisssurfer/src/swisssurfer_en.ts
Unescape View File

@ -541,12 +541,12 @@ p, li { white-space: pre-wrap; }
<context>
<name>QMessageBox</name>
<message>
<location filename="smartcardauth.hxx" line="327"/>
<location filename="smartcardauth.hxx" line="228"/>
<source>Wrong PIN</source>
<translation type="unfinished"></translation>
</message>
<message>
<location filename="smartcardauth.hxx" line="328"/>
<location filename="smartcardauth.hxx" line="229"/>
<source>Authentication failed, please try again.</source>
<translation type="unfinished"></translation>
</message>

4
swisssurfer/src/swisssurfer_fr.ts
Unescape View File

@ -541,12 +541,12 @@ p, li { white-space: pre-wrap; }
<context>
<name>QMessageBox</name>
<message>
<location filename="smartcardauth.hxx" line="327"/>
<location filename="smartcardauth.hxx" line="228"/>
<source>Wrong PIN</source>
<translation type="unfinished"></translation>
</message>
<message>
<location filename="smartcardauth.hxx" line="328"/>
<location filename="smartcardauth.hxx" line="229"/>
<source>Authentication failed, please try again.</source>
<translation type="unfinished"></translation>
</message>

4
swisssurfer/src/swisssurfer_it.ts
Unescape View File

@ -541,12 +541,12 @@ p, li { white-space: pre-wrap; }
<context>
<name>QMessageBox</name>
<message>
<location filename="smartcardauth.hxx" line="327"/>
<location filename="smartcardauth.hxx" line="228"/>
<source>Wrong PIN</source>
<translation type="unfinished"></translation>
</message>
<message>
<location filename="smartcardauth.hxx" line="328"/>
<location filename="smartcardauth.hxx" line="229"/>
<source>Authentication failed, please try again.</source>
<translation type="unfinished"></translation>
</message>

Write Preview
Loading…
Cancel
Save