web/surfer
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

cleanup old stuff; refs #32

Browse Source
This commit is contained in:
Marc Wäckerlin
2011-04-21 06:17:04 +00:00
parent 9620b5e810
commit f44ab3ec6d
2 changed files with 1 additions and 125 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
swisssurfer/src/qmake.pro.in
View File

@@ -20,7 +20,7 @@ TRANSLATIONS = @PACKAGENAME@_en.ts \
@PACKAGENAME@_fr.ts \
@PACKAGENAME@_it.ts
SOURCES = main.cxx smartcardauth.cxx webpage.cxx
SOURCES = main.cxx webpage.cxx
HEADERS = browser.hxx smartcardauth.hxx pinentry.hxx \
downloadmanager.hxx settings.hxx sslclientnetworkmanager.hxx \

124
swisssurfer/src/smartcardauth.cxx
View File

@@ -1,124 +0,0 @@
#include "smartcardauth.hxx"
#include "pindialog.hxx"
#include "engine_sct.h"
#include <string>
#include <set>
#include <openssl/engine.h>
#include <QtCore/QCoreApplication>
#include <QtGui/QMessageBox>
#include <QtCore/QDebug>
/*
std::map<ssl_ctx_st*, QSslSocket*> sockets;
int client_cert_cb(SSL* ssl, X509 **x509, EVP_PKEY **pkey) {
// NB: Keep in mind that this function is called for EVERY SSL connection to be opened.
for(size_t i=certs_found->num_certs;i--;)
{
const char *id_p = certs_found->certificate[i].id;
if(id_p == NULL) continue;
// Name has the format "slot-x-name-SwissSign_digSig" for the certificate/key we're looking for
std::string name(certs_found->certificate[i].name);
qDebug()<<"Certificate:"<<name.c_str();
std::string compare("-name-SwissSign_digSig");
// Compare the rightmost part of the retrieved name to locate the certificate/keypair
size_t pos = name.length() - compare.length();
if(name.substr(pos) != compare)
continue;
// Here we found a suitable certificate.
// Now prepare the reference to the SmartCard's private key and a copy of the certificate
// to pass back to the caller.
*x509 = X509_dup(certs_found->certificate[i].cert);
*pkey = NULL;
// If we don't have a PIN yet, pop up a dialog, ask for a PIN and pass it along to the engine
// for usage.
if(!pin_configured)
{
PinDialog dlg;
int ok=dlg.exec();
if(ok!=1) {_mutex.unlock(); return 0;} // User cancelled
QByteArray pinByteArray=dlg.pin().toAscii();
char *pin_str = pinByteArray.data();
// The engine control command takes a copy and overwrites the source array
if(ENGINE_ctrl_cmd_string(e, "PIN", pin_str, 0))
pin_configured = true;
else
{_mutex.unlock(); return 0;} // Engine refuses to take the PIN
*pkey = ENGINE_load_private_key(e, id_p, NULL, NULL);
// We do a test authorization on loading of the private key. If the operation fails at all,
// DON'T try again (see below) or we would instantly lock the card in a single session because
// of the retries!
if(!*pkey)
pin_rejected = true;
}
// Second to nth iteration: We skipped the PIN dialog here, now load the key if we don't have the
// explicit information not to do it (because the PIN is wrong)
if(!*pkey && !pin_rejected)
*pkey = ENGINE_load_private_key(e, id_p, NULL, NULL);
break;
}
if(!*x509) {
qWarning("Unable to load certificate");
_mutex.unlock();
return 0;
}
if(!*pkey) {
qWarning("Unable to load key");
_mutex.unlock();
return 0;
}
_mutex.unlock();
return 1;
}
/*
/*
void SmartCardAuth::extendedContextInitialization(ssl_ctx_st *ctx,
QSslSocket *socket)
{
if (!e) return;
bool result = false;
if(!certs_found)
result = (ENGINE_ctrl_cmd(e, "ENUM_CERTS", 0, &certs_found, NULL, 0) != 0);
else
result = true;
#ifdef USE_CERTIFICATE_FILE
// Load a specific intermediate certificate from a file
//! @todo PEM-File
BIO* cert_file= BIO_new_file("swsign_interm.pem", "r");
X509* interm=PEM_read_bio_X509(cert_file,NULL,NULL, NULL);
BIO_free(cert_file);
SSL_CTX_add_extra_chain_cert(ctx,interm);
#else
// Add all of the card's certificates without a private key as intermediate certs
for(size_t i=certs_found->num_certs;i--;)
{
if(certs_found->certificate[i].id == NULL)
SSL_CTX_add_extra_chain_cert(ctx, X509_dup(certs_found->certificate[i].cert));
}
#endif
sockets[ctx] = socket;
SSL_CTX_set_client_cert_cb(ctx, client_cert_cb);
}
*/