summaryrefslogtreecommitdiffstats
path: root/kcontrol/crypto
diff options
context:
space:
mode:
authortoma <toma@283d02a7-25f6-0310-bc7c-ecb5cbfe19da>2009-11-25 17:56:58 +0000
committertoma <toma@283d02a7-25f6-0310-bc7c-ecb5cbfe19da>2009-11-25 17:56:58 +0000
commit4aed2c8219774f5d797760606b8489a92ddc5163 (patch)
tree3f8c130f7d269626bf6a9447407ef6c35954426a /kcontrol/crypto
downloadtdebase-4aed2c8219774f5d797760606b8489a92ddc5163.tar.gz
tdebase-4aed2c8219774f5d797760606b8489a92ddc5163.zip
Copy the KDE 3.5 branch to branches/trinity for new KDE 3.5 features.
BUG:215923 git-svn-id: svn://anonsvn.kde.org/home/kde/branches/trinity/kdebase@1054174 283d02a7-25f6-0310-bc7c-ecb5cbfe19da
Diffstat (limited to 'kcontrol/crypto')
-rw-r--r--kcontrol/crypto/Makefile.am19
-rw-r--r--kcontrol/crypto/README2
-rw-r--r--kcontrol/crypto/certexport.cpp148
-rw-r--r--kcontrol/crypto/certexport.h55
-rw-r--r--kcontrol/crypto/certgen.ui513
-rw-r--r--kcontrol/crypto/configure.in.in1
-rw-r--r--kcontrol/crypto/crypto.cpp2458
-rw-r--r--kcontrol/crypto/crypto.desktop229
-rw-r--r--kcontrol/crypto/crypto.h362
-rw-r--r--kcontrol/crypto/kdatetimedlg.cpp118
-rw-r--r--kcontrol/crypto/kdatetimedlg.h60
11 files changed, 3965 insertions, 0 deletions
diff --git a/kcontrol/crypto/Makefile.am b/kcontrol/crypto/Makefile.am
new file mode 100644
index 000000000..73a79653d
--- /dev/null
+++ b/kcontrol/crypto/Makefile.am
@@ -0,0 +1,19 @@
+AM_CPPFLAGS = $(all_includes) $(SSL_INCLUDES)
+kde_module_LTLIBRARIES = kcm_crypto.la
+
+kcm_crypto_la_SOURCES = crypto.cpp certexport.cpp kdatetimedlg.cpp
+
+AM_CXXFLAGS = $(CXXFLAGS) -DLIBDIR=$(libdir)
+
+kcm_crypto_la_LDFLAGS = $(KDE_RPATH) $(all_libraries) $(SSL_LDFLAGS) -module -avoid-version -no-undefined
+kcm_crypto_la_LIBADD = -lkdeui $(LIB_KIO) $(LIBSSL)
+
+METASOURCES = AUTO
+
+noinst_HEADERS = crypto.h certexport.h kdatetimedlg.h
+
+messages: rc.cpp
+ : > rc.cpp
+ $(XGETTEXT) $(kcm_crypto_la_SOURCES) *.h -o $(podir)/kcmcrypto.pot
+
+xdg_apps_DATA = crypto.desktop
diff --git a/kcontrol/crypto/README b/kcontrol/crypto/README
new file mode 100644
index 000000000..f86d974f1
--- /dev/null
+++ b/kcontrol/crypto/README
@@ -0,0 +1,2 @@
+This needs to be updated to use libkssl instead of OpenSSL directly.
+
diff --git a/kcontrol/crypto/certexport.cpp b/kcontrol/crypto/certexport.cpp
new file mode 100644
index 000000000..7c31bb84b
--- /dev/null
+++ b/kcontrol/crypto/certexport.cpp
@@ -0,0 +1,148 @@
+/**
+ * certexport.cpp
+ *
+ * Copyright (c) 2001 George Staikos <staikos@kde.org>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published
+ * by the Free Software Foundation; either version 2.1 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include "certexport.h"
+#include <qpushbutton.h>
+#include <klineedit.h>
+#include <kfiledialog.h>
+#include <qradiobutton.h>
+#include <qvbuttongroup.h>
+#include <qlayout.h>
+#include <qlabel.h>
+#include <klocale.h>
+#include <kdebug.h>
+#include <kmessagebox.h>
+#include <ksslall.h>
+
+
+KCertExport::KCertExport(QWidget *parent, const char *name)
+ : KDialog(parent, name, true) {
+QGridLayout *grid = new QGridLayout(this, 9, 6, marginHint(), spacingHint());
+
+ setCaption(i18n("X509 Certificate Export"));
+
+ QVButtonGroup *bg = new QVButtonGroup(i18n("Format"), this);
+ _pem = new QRadioButton(i18n("&PEM"), bg);
+ _netscape = new QRadioButton(i18n("&Netscape"), bg);
+ _der = new QRadioButton(i18n("&DER/ASN1"), bg);
+ _text = new QRadioButton(i18n("&Text"), bg);
+ grid->addMultiCellWidget(bg, 0, 4, 0, 3);
+ _pem->setChecked(true);
+
+ grid->addMultiCellWidget(new QLabel(i18n("Filename:"), this), 5, 5, 0, 3);
+
+ _filename = new KLineEdit(this);
+ grid->addMultiCellWidget(_filename, 6, 6, 0, 4);
+ connect(_filename, SIGNAL(textChanged(const QString &)), this, SLOT(slotTextChanged(const QString &)));
+ connect(_filename, SIGNAL(returnPressed()), this, SLOT(slotExport()));
+
+ _choose = new QPushButton("...", this);
+ grid->addWidget(_choose, 6, 5);
+ connect(_choose, SIGNAL(clicked()), this, SLOT(slotChoose()));
+
+ _export = new QPushButton(i18n("&Export"), this);
+ grid->addWidget(_export, 8, 4);
+ connect(_export, SIGNAL(clicked()), this, SLOT(slotExport()));
+ _export->setEnabled(false);
+
+ _cancel = new QPushButton(i18n("&Cancel"), this);
+ grid->addWidget(_cancel, 8, 5);
+ connect(_cancel, SIGNAL(clicked()), this, SLOT(reject()));
+}
+
+
+KCertExport::~KCertExport() {
+
+}
+
+
+void KCertExport::setCertificate(KSSLCertificate *c) {
+ _c = c;
+}
+
+
+void KCertExport::slotExport() {
+QByteArray cert;
+QString certt;
+
+ if (_filename->text().isEmpty()) return;
+
+ if (!_c) {
+ KMessageBox::sorry(this, i18n("Internal error. Please report to kfm-devel@kde.org."), i18n("SSL"));
+ return;
+ }
+
+ if (_der->isChecked()) {
+ cert = _c->toDer();
+ } else if (_pem->isChecked()) {
+ cert = _c->toPem();
+ } else if (_text->isChecked()) {
+ certt = _c->toText();
+ } else { // netscape
+ cert = _c->toNetscape();
+ }
+
+ if ((!_text->isChecked() && cert.size() <= 0) && certt.isEmpty()) {
+ KMessageBox::error(this, i18n("Error converting the certificate into the requested format."), i18n("SSL"));
+ reject();
+ return;
+ }
+
+ QFile outFile(_filename->text());
+
+ if (!outFile.open(IO_WriteOnly)) {
+ KMessageBox::error(this, i18n("Error opening file for output."), i18n("SSL"));
+ reject();
+ return;
+ }
+
+ if (_text->isChecked())
+ outFile.writeBlock(certt.local8Bit(), certt.length());
+ else outFile.writeBlock(cert);
+
+ outFile.close();
+
+accept();
+}
+
+
+void KCertExport::slotChoose() {
+ //QString newFile = KFileDialog::getSaveFileName("::x509save", i18n("*.pem|Privacy Enhanced Mail Format\n*.der|DER/ASN1 Format"));
+ QString newFile = KFileDialog::getSaveFileName(QString::null, "application/x-x509-ca-cert");
+
+ // Dunno about this one yet
+ // \n*.ncert|Netscape certificate files");
+
+ if (!newFile.isEmpty()) _filename->setText(newFile);
+}
+
+
+void KCertExport::slotTextChanged(const QString& x) {
+ _export->setEnabled(!x.isEmpty());
+}
+
+
+#include "certexport.moc"
+
diff --git a/kcontrol/crypto/certexport.h b/kcontrol/crypto/certexport.h
new file mode 100644
index 000000000..983cf0804
--- /dev/null
+++ b/kcontrol/crypto/certexport.h
@@ -0,0 +1,55 @@
+/**
+ * certexport.h
+ *
+ * Copyright (c) 2001 George Staikos <staikos@kde.org>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published
+ * by the Free Software Foundation; either version 2.1 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+
+#ifndef _CERTEXPORT_H
+#define _CERTEXPORT_H
+
+#include <kdialog.h>
+
+class KLineEdit;
+class QRadioButton;
+class QPushButton;
+class KSSLCertificate;
+
+
+class KCertExport : public KDialog
+{
+ Q_OBJECT
+public:
+ KCertExport(QWidget *parent = 0L, const char *name = 0L);
+ virtual ~KCertExport();
+
+ void setCertificate(KSSLCertificate *c);
+
+protected slots:
+ void slotExport();
+ void slotChoose();
+ void slotTextChanged(const QString &);
+
+private:
+ QPushButton *_export, *_cancel, *_choose;
+ QRadioButton *_pem, *_netscape, *_der, *_text;
+ KLineEdit *_filename;
+
+ KSSLCertificate *_c;
+
+};
+
+#endif
diff --git a/kcontrol/crypto/certgen.ui b/kcontrol/crypto/certgen.ui
new file mode 100644
index 000000000..19ee05535
--- /dev/null
+++ b/kcontrol/crypto/certgen.ui
@@ -0,0 +1,513 @@
+<!DOCTYPE UI><UI version="3.3" stdsetdef="1">
+<class>D_GenCert</class>
+<widget class="QDialog">
+ <property name="name">
+ <cstring>D_GenCert</cstring>
+ </property>
+ <property name="geometry">
+ <rect>
+ <x>0</x>
+ <y>0</y>
+ <width>539</width>
+ <height>367</height>
+ </rect>
+ </property>
+ <property name="caption">
+ <string>Certificate Creation Wizard</string>
+ </property>
+ <widget class="QLabel">
+ <property name="name">
+ <cstring>TextLabel2</cstring>
+ </property>
+ <property name="geometry">
+ <rect>
+ <x>10</x>
+ <y>40</y>
+ <width>70</width>
+ <height>21</height>
+ </rect>
+ </property>
+ <property name="frameShape">
+ <enum>NoFrame</enum>
+ </property>
+ <property name="frameShadow">
+ <enum>Plain</enum>
+ </property>
+ <property name="text">
+ <string>Passphrase:</string>
+ </property>
+ </widget>
+ <widget class="QLabel">
+ <property name="name">
+ <cstring>TextLabel3</cstring>
+ </property>
+ <property name="geometry">
+ <rect>
+ <x>10</x>
+ <y>100</y>
+ <width>90</width>
+ <height>21</height>
+ </rect>
+ </property>
+ <property name="text">
+ <string>Country code:</string>
+ </property>
+ </widget>
+ <widget class="QLabel">
+ <property name="name">
+ <cstring>TextLabel4</cstring>
+ </property>
+ <property name="geometry">
+ <rect>
+ <x>10</x>
+ <y>130</y>
+ <width>150</width>
+ <height>21</height>
+ </rect>
+ </property>
+ <property name="text">
+ <string>State or province (in full):</string>
+ </property>
+ </widget>
+ <widget class="QLabel">
+ <property name="name">
+ <cstring>T_CertType</cstring>
+ </property>
+ <property name="geometry">
+ <rect>
+ <x>10</x>
+ <y>10</y>
+ <width>100</width>
+ <height>21</height>
+ </rect>
+ </property>
+ <property name="text">
+ <string>Certificate type:</string>
+ </property>
+ </widget>
+ <widget class="QLabel">
+ <property name="name">
+ <cstring>TextLabel2_2</cstring>
+ </property>
+ <property name="geometry">
+ <rect>
+ <x>10</x>
+ <y>70</y>
+ <width>120</width>
+ <height>21</height>
+ </rect>
+ </property>
+ <property name="text">
+ <string>Passphrase (verify):</string>
+ </property>
+ </widget>
+ <widget class="QLabel">
+ <property name="name">
+ <cstring>TextLabel5</cstring>
+ </property>
+ <property name="geometry">
+ <rect>
+ <x>10</x>
+ <y>160</y>
+ <width>30</width>
+ <height>21</height>
+ </rect>
+ </property>
+ <property name="text">
+ <string>City:</string>
+ </property>
+ </widget>
+ <widget class="QLabel">
+ <property name="name">
+ <cstring>TextLabel6</cstring>
+ </property>
+ <property name="geometry">
+ <rect>
+ <x>10</x>
+ <y>190</y>
+ <width>141</width>
+ <height>21</height>
+ </rect>
+ </property>
+ <property name="text">
+ <string>Organization name:</string>
+ </property>
+ </widget>
+ <widget class="QLabel">
+ <property name="name">
+ <cstring>TextLabel7</cstring>
+ </property>
+ <property name="geometry">
+ <rect>
+ <x>10</x>
+ <y>220</y>
+ <width>150</width>
+ <height>21</height>
+ </rect>
+ </property>
+ <property name="text">
+ <string>Organizational unit/group:</string>
+ </property>
+ </widget>
+ <widget class="QLabel">
+ <property name="name">
+ <cstring>TextLabel8</cstring>
+ </property>
+ <property name="geometry">
+ <rect>
+ <x>10</x>
+ <y>250</y>
+ <width>170</width>
+ <height>21</height>
+ </rect>
+ </property>
+ <property name="text">
+ <string>Full hostname of the server:</string>
+ </property>
+ </widget>
+ <widget class="QComboBox">
+ <property name="name">
+ <cstring>L_CertType</cstring>
+ </property>
+ <property name="geometry">
+ <rect>
+ <x>180</x>
+ <y>10</y>
+ <width>130</width>
+ <height>21</height>
+ </rect>
+ </property>
+ </widget>
+ <widget class="QLineEdit">
+ <property name="name">
+ <cstring>LineEdit3</cstring>
+ </property>
+ <property name="geometry">
+ <rect>
+ <x>180</x>
+ <y>100</y>
+ <width>41</width>
+ <height>22</height>
+ </rect>
+ </property>
+ <property name="maxLength">
+ <number>2</number>
+ </property>
+ </widget>
+ <widget class="QLabel">
+ <property name="name">
+ <cstring>TextLabel9</cstring>
+ </property>
+ <property name="geometry">
+ <rect>
+ <x>10</x>
+ <y>280</y>
+ <width>111</width>
+ <height>21</height>
+ </rect>
+ </property>
+ <property name="text">
+ <string>Email address:</string>
+ </property>
+ </widget>
+ <widget class="QLineEdit">
+ <property name="name">
+ <cstring>LineEdit4_2_2_2</cstring>
+ </property>
+ <property name="geometry">
+ <rect>
+ <x>180</x>
+ <y>220</y>
+ <width>121</width>
+ <height>22</height>
+ </rect>
+ </property>
+ <property name="maxLength">
+ <number>200</number>
+ </property>
+ </widget>
+ <widget class="QLineEdit">
+ <property name="name">
+ <cstring>LineEdit4_2_2_2_2</cstring>
+ </property>
+ <property name="geometry">
+ <rect>
+ <x>180</x>
+ <y>250</y>
+ <width>121</width>
+ <height>22</height>
+ </rect>
+ </property>
+ <property name="maxLength">
+ <number>200</number>
+ </property>
+ </widget>
+ <widget class="QLineEdit">
+ <property name="name">
+ <cstring>LineEdit4_2_2_2_3</cstring>
+ </property>
+ <property name="geometry">
+ <rect>
+ <x>180</x>
+ <y>280</y>
+ <width>121</width>
+ <height>22</height>
+ </rect>
+ </property>
+ <property name="maxLength">
+ <number>200</number>
+ </property>
+ </widget>
+ <widget class="QLineEdit">
+ <property name="name">
+ <cstring>E_Passphrase</cstring>
+ </property>
+ <property name="geometry">
+ <rect>
+ <x>180</x>
+ <y>40</y>
+ <width>130</width>
+ <height>22</height>
+ </rect>
+ </property>
+ <property name="maxLength">
+ <number>500</number>
+ </property>
+ <property name="echoMode">
+ <enum>Password</enum>
+ </property>
+ </widget>
+ <widget class="QLineEdit">
+ <property name="name">
+ <cstring>E_Passphrase_2</cstring>
+ </property>
+ <property name="geometry">
+ <rect>
+ <x>180</x>
+ <y>70</y>
+ <width>131</width>
+ <height>22</height>
+ </rect>
+ </property>
+ <property name="maxLength">
+ <number>500</number>
+ </property>
+ <property name="echoMode">
+ <enum>Password</enum>
+ </property>
+ </widget>
+ <widget class="QLabel">
+ <property name="name">
+ <cstring>TextLabel10</cstring>
+ </property>
+ <property name="geometry">
+ <rect>
+ <x>10</x>
+ <y>310</y>
+ <width>121</width>
+ <height>21</height>
+ </rect>
+ </property>
+ <property name="text">
+ <string>Days valid:</string>
+ </property>
+ </widget>
+ <widget class="QSpinBox">
+ <property name="name">
+ <cstring>SpinBox1</cstring>
+ </property>
+ <property name="geometry">
+ <rect>
+ <x>180</x>
+ <y>310</y>
+ <width>81</width>
+ <height>21</height>
+ </rect>
+ </property>
+ <property name="maxValue">
+ <number>365</number>
+ </property>
+ <property name="minValue">
+ <number>1</number>
+ </property>
+ <property name="value">
+ <number>365</number>
+ </property>
+ </widget>
+ <widget class="QLabel">
+ <property name="name">
+ <cstring>TextLabel11</cstring>
+ </property>
+ <property name="geometry">
+ <rect>
+ <x>320</x>
+ <y>40</y>
+ <width>60</width>
+ <height>21</height>
+ </rect>
+ </property>
+ <property name="text">
+ <string>Digest:</string>
+ </property>
+ </widget>
+ <widget class="QCheckBox">
+ <property name="name">
+ <cstring>CheckBox1</cstring>
+ </property>
+ <property name="geometry">
+ <rect>
+ <x>320</x>
+ <y>10</y>
+ <width>80</width>
+ <height>21</height>
+ </rect>
+ </property>
+ <property name="text">
+ <string>Self sign</string>
+ </property>
+ <property name="checked">
+ <bool>true</bool>
+ </property>
+ </widget>
+ <widget class="QLabel">
+ <property name="name">
+ <cstring>TextLabel12</cstring>
+ </property>
+ <property name="geometry">
+ <rect>
+ <x>320</x>
+ <y>70</y>
+ <width>50</width>
+ <height>21</height>
+ </rect>
+ </property>
+ <property name="text">
+ <string>Alias:</string>
+ </property>
+ </widget>
+ <widget class="QLineEdit">
+ <property name="name">
+ <cstring>LineEdit19</cstring>
+ </property>
+ <property name="geometry">
+ <rect>
+ <x>380</x>
+ <y>70</y>
+ <width>131</width>
+ <height>22</height>
+ </rect>
+ </property>
+ </widget>
+ <widget class="QLineEdit">
+ <property name="name">
+ <cstring>LineEdit4_2_2</cstring>
+ </property>
+ <property name="geometry">
+ <rect>
+ <x>180</x>
+ <y>190</y>
+ <width>121</width>
+ <height>22</height>
+ </rect>
+ </property>
+ <property name="maxLength">
+ <number>200</number>
+ </property>
+ </widget>
+ <widget class="QLineEdit">
+ <property name="name">
+ <cstring>LineEdit4_2</cstring>
+ </property>
+ <property name="geometry">
+ <rect>
+ <x>180</x>
+ <y>160</y>
+ <width>121</width>
+ <height>22</height>
+ </rect>
+ </property>
+ <property name="maxLength">
+ <number>200</number>
+ </property>
+ </widget>
+ <widget class="QComboBox">
+ <property name="name">
+ <cstring>ComboBox2</cstring>
+ </property>
+ <property name="geometry">
+ <rect>
+ <x>380</x>
+ <y>40</y>
+ <width>130</width>
+ <height>21</height>
+ </rect>
+ </property>
+ </widget>
+ <widget class="QCheckBox">
+ <property name="name">
+ <cstring>CheckBox2</cstring>
+ </property>
+ <property name="geometry">
+ <rect>
+ <x>320</x>
+ <y>100</y>
+ <width>161</width>
+ <height>21</height>
+ </rect>
+ </property>
+ <property name="text">
+ <string>Use DSA instead of RSA</string>
+ </property>
+ </widget>
+ <widget class="QLabel">
+ <property name="name">
+ <cstring>TextLabel13</cstring>
+ </property>
+ <property name="geometry">
+ <rect>
+ <x>320</x>
+ <y>130</y>
+ <width>71</width>
+ <height>21</height>
+ </rect>
+ </property>
+ <property name="text">
+ <string>Bit strength:</string>
+ </property>
+ </widget>
+ <widget class="QComboBox">
+ <property name="name">
+ <cstring>ComboBox5</cstring>
+ </property>
+ <property name="geometry">
+ <rect>
+ <x>400</x>
+ <y>130</y>
+ <width>111</width>
+ <height>21</height>
+ </rect>
+ </property>
+ </widget>
+ <widget class="QLineEdit">
+ <property name="name">
+ <cstring>LineEdit4</cstring>
+ </property>
+ <property name="geometry">
+ <rect>
+ <x>180</x>
+ <y>130</y>
+ <width>121</width>
+ <height>22</height>
+ </rect>
+ </property>
+ <property name="maxLength">
+ <number>200</number>
+ </property>
+ </widget>
+</widget>
+<includes>
+ <include location="local" impldecl="in implementation">kdialog.h</include>
+</includes>
+<layoutdefaults spacing="3" margin="6"/>
+<layoutfunctions spacing="KDialog::spacingHint" margin="KDialog::marginHint"/>
+</UI>
diff --git a/kcontrol/crypto/configure.in.in b/kcontrol/crypto/configure.in.in
new file mode 100644
index 000000000..680e26e0a
--- /dev/null
+++ b/kcontrol/crypto/configure.in.in
@@ -0,0 +1 @@
+KDE_CHECK_SSL
diff --git a/kcontrol/crypto/crypto.cpp b/kcontrol/crypto/crypto.cpp
new file mode 100644
index 000000000..f5c4b0099
--- /dev/null
+++ b/kcontrol/crypto/crypto.cpp
@@ -0,0 +1,2458 @@
+/**
+ * crypto.cpp
+ *
+ * Copyright (c) 2000-2005 George Staikos <staikos@kde.org>
+ * 2000 Carsten Pfeiffer <pfeiffer@kde.org>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published
+ * by the Free Software Foundation; either version 2.1 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+
+//
+// Attention. The suck factor on this code is increasing. It's a bit of a
+// hack. </understatement> It might be time to rewrite it soon.
+//
+
+#include <sys/types.h>
+#include <sys/stat.h>
+
+#include <stdlib.h>
+#include <pwd.h>
+#include <unistd.h>
+
+#include <qbuttongroup.h>
+#include <qcheckbox.h>
+#include <qfile.h>
+#include <qfileinfo.h>
+#include <qframe.h>
+#include <qhbuttongroup.h>
+#include <qhgroupbox.h>
+#include <qlabel.h>
+#include <qlayout.h>
+#include <qpushbutton.h>
+#include <qradiobutton.h>
+#include <qregexp.h>
+#include <qvbox.h>
+#include <qvbuttongroup.h>
+#include <qvgroupbox.h>
+#include <qwhatsthis.h>
+
+#include <kaboutdata.h>
+#include <kcombobox.h>
+#include <kconfig.h>
+#include <kdatepicker.h>
+#include <kdebug.h>
+#include <kdialog.h>
+#include <kfiledialog.h>
+#include <kgenericfactory.h>
+#include <kglobal.h>
+#include <klineedit.h>
+#include <klocale.h>
+#include <kmdcodec.h>
+#include <kmessagebox.h>
+#include <kpassdlg.h>
+#include <kprocess.h>
+#include <kpushbutton.h>
+#include <kresolver.h>
+#include <kseparator.h>
+#include <kstandarddirs.h>
+#include <kurllabel.h>
+#include <kurlrequester.h>
+
+#include <config.h>
+#ifdef HAVE_SSL
+#define crypt _openssl_crypt
+#include <openssl/ssl.h>
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+#include <openssl/pem.h>
+#include <openssl/rand.h>
+#include <openssl/err.h>
+#include <openssl/stack.h>
+#include <openssl/safestack.h>
+#undef crypt
+#endif
+
+#include <ksslall.h>
+#include <kopenssl.h>
+
+#include "crypto.h"
+#include "certexport.h"
+#include "kdatetimedlg.h"
+
+using namespace KNetwork;
+
+typedef KGenericFactory<KCryptoConfig, QWidget> KryptoFactory;
+K_EXPORT_COMPONENT_FACTORY( kcm_crypto, KryptoFactory("kcmcrypto") )
+
+CipherItem::CipherItem( QListView *view, const QString& cipher, int bits,
+ int maxBits, KCryptoConfig *module )
+ : QCheckListItem( view, QString::null, CheckBox )
+{
+ m_cipher = cipher;
+ m_bits = bits;
+ m_module = module;
+
+ QString tmp( i18n("%1 (%2 of %3 bits)") );
+ setText( 0, tmp.arg( cipher ).arg( bits ).arg( maxBits ));
+}
+
+void CipherItem::stateChange( bool )
+{
+ m_module->configChanged();
+}
+
+QString CipherItem::configName() const
+{
+ QString cipherName("cipher_%1");
+ return cipherName.arg( m_cipher );
+}
+
+
+
+OtherCertItem::OtherCertItem( QListView *view, const QString& sub, const QString& md5, bool perm, int policy, QDateTime exp, KCryptoConfig *module )
+ : QListViewItem( view, QString::null ), _sub(sub), _md5(md5), _exp(exp), _perm(perm), _policy(policy)
+
+{
+ m_module = module;
+KSSLX509Map cert(sub);
+ setText(0, cert.getValue("O"));
+ setText(1, cert.getValue("CN").replace("\n", ", "));
+
+ if (_exp.date().year() > 3000 || _exp.date().year() < 1900)
+ _exp.setDate(QDate(3000,1,1));
+}
+
+void OtherCertItem::stateChange( bool )
+{
+ m_module->configChanged();
+}
+
+QString OtherCertItem::configName() const
+{
+ return _sub;
+}
+
+
+YourCertItem::YourCertItem( QListView *view, QString pkcs, QString pass, QString name, KCryptoConfig *module )
+ : QListViewItem( view, QString::null )
+
+{
+ m_module = module;
+KSSLX509Map cert(name);
+ QString tmp = cert.getValue("CN").replace("\n", ", ");
+ setText(0, tmp);
+ setText(1, cert.getValue("Email"));
+ _pkcs = pkcs;
+ _name = name;
+ _pass = pass;
+}
+
+void YourCertItem::stateChange( bool )
+{
+ m_module->configChanged();
+}
+
+QString YourCertItem::configName() const
+{
+ return _name;
+}
+
+
+
+CAItem::CAItem( QListView *view, QString name, QString cert, bool site, bool email, bool code, KCryptoConfig *module )
+ : QListViewItem( view, QString::null )
+
+{
+ m_module = module;
+KSSLX509Map mcert(name);
+QString tmp;
+ setText(0, mcert.getValue("O"));
+ tmp = mcert.getValue("OU");
+ tmp.replace("\n", ", ");
+ setText(1, tmp);
+ tmp = mcert.getValue("CN");
+ tmp.replace("\n", ", ");
+ setText(2, tmp);
+ _name = name;
+ _cert = cert;
+ _site = site;
+ _email = email;
+ _code = code;
+ isNew = false;
+ modified = false;
+}
+
+void CAItem::stateChange( bool )
+{
+ m_module->configChanged();
+}
+
+QString CAItem::configName() const
+{
+ return _name;
+}
+
+
+
+
+//////////////////////////////////////////////////////////////////////////////
+//////////////////////////////////////////////////////////////////////////////
+//////////////////////////////////////////////////////////////////////////////
+//////////////////////////////////////////////////////////////////////////////
+//////////////////////////////////////////////////////////////////////////////
+
+
+
+
+KCryptoConfig::KCryptoConfig(QWidget *parent, const char *name, const QStringList &)
+ : KCModule(KryptoFactory::instance(), parent, name)
+{
+QGridLayout *grid;
+QBoxLayout *top = new QVBoxLayout(this);
+QString whatstr;
+
+ setQuickHelp( i18n("<h1>Crypto</h1> This module allows you to configure SSL for"
+ " use with most KDE applications, as well as manage your personal"
+ " certificates and the known certificate authorities."));
+
+ ___lehack = false;
+ otherCertDelList.setAutoDelete(true);
+ yourCertDelList.setAutoDelete(true);
+ authDelList.setAutoDelete(true);
+ caDelList.setAutoDelete(true);
+
+ _signers = new KSSLSigners;
+
+ KAboutData *about =
+ new KAboutData(I18N_NOOP("kcmcrypto"), I18N_NOOP("KDE Crypto Control Module"),
+ 0, 0, KAboutData::License_GPL,
+ I18N_NOOP("(c) 2000 - 2001 George Staikos"));
+ about->addAuthor("George Staikos", 0, "staikos@kde.org");
+ about->addAuthor("Carsten Pfeiffer", 0, "pfeiffer@kde.org");
+ setAboutData( about );
+
+ ///////////////////////////////////////////////////////////////////////////
+ // Create the GUI here - there are currently a total of 6 tabs.
+ // The first is SSL and cipher related
+ // The second is OpenSSL settings
+ // The third is user's SSL certificate related
+ // The fourth is certificate authentication related
+ // The fifth is other SSL certificate related
+ // The sixth is CA related
+ // The seventh is misc. settings related (unimplemented)
+ // The eighth is peer [email] certificate related (unimplemented)
+ ///////////////////////////////////////////////////////////////////////////
+
+ tabs = new QTabWidget(this);
+ top->addWidget(tabs);
+
+ ///////////////////////////////////////////////////////////////////////////
+ // FIRST TAB
+ ///////////////////////////////////////////////////////////////////////////
+ tabSSL = new QFrame(this);
+ grid = new QGridLayout(tabSSL, 7, 2, KDialog::marginHint(),
+ KDialog::spacingHint() );
+ mUseTLS = new QCheckBox(i18n("Enable &TLS support if supported by the server"), tabSSL);
+ connect(mUseTLS, SIGNAL(clicked()), SLOT(configChanged()));
+ grid->addWidget(mUseTLS, 0, 0);
+ whatstr = i18n("TLS is the newest revision of the SSL protocol."
+ " It integrates better with other protocols and has"
+ " replaced SSL in protocols such as POP3 and SMTP.");
+ QWhatsThis::add(mUseTLS, whatstr);
+
+ mUseSSLv2 = new QCheckBox(i18n("Enable SSLv&2"), tabSSL);
+ connect(mUseSSLv2, SIGNAL(clicked()), SLOT(configChanged()));
+ grid->addWidget(mUseSSLv2, 1, 0);
+ whatstr = i18n("SSL v2 is the second revision of the SSL protocol."
+ " It is most common to enable v2 and v3.");
+ QWhatsThis::add(mUseSSLv2, whatstr);
+
+ mUseSSLv3 = new QCheckBox(i18n("Enable SSLv&3"), tabSSL);
+ connect(mUseSSLv3, SIGNAL(clicked()), SLOT(configChanged()));
+ grid->addWidget(mUseSSLv3, 1, 1);
+ whatstr = i18n("SSL v3 is the third revision of the SSL protocol."
+ " It is most common to enable v2 and v3.");
+ QWhatsThis::add(mUseSSLv3, whatstr);
+
+#ifdef HAVE_SSL
+ SSLv2Box = new QListView(tabSSL, "v2ciphers");
+ (void) SSLv2Box->addColumn(i18n("SSLv2 Ciphers to Use"));
+ whatstr = i18n("Select the ciphers you wish to enable when using the"
+ " SSL v2 protocol. The actual protocol used will be"
+ " negotiated with the server at connection time.");
+ QWhatsThis::add(SSLv2Box, whatstr);
+ SSLv2Box->setSelectionMode(QListView::NoSelection);
+
+ grid->addWidget( SSLv2Box, 2, 0 );
+ connect( mUseSSLv2, SIGNAL( toggled( bool ) ),
+ SSLv2Box, SLOT( setEnabled( bool )));
+#else
+ QLabel *nossllabel = new QLabel(i18n("SSL ciphers cannot be configured"
+ " because this module was not linked"
+ " with OpenSSL."), tabSSL);
+ grid->addMultiCellWidget(nossllabel, 2, 2, 0, 1);
+ grid->addRowSpacing( 3, 100 ); // give minimum height to look better
+#endif
+
+ // no need to parse kdeglobals.
+ config = new KConfig("cryptodefaults", false, false);
+ policies = new KSimpleConfig("ksslpolicies", false);
+ pcerts = new KSimpleConfig("ksslcertificates", false);
+ authcfg = new KSimpleConfig("ksslauthmap", false);
+
+#ifdef HAVE_SSL
+ SSLv3Box = new QListView(tabSSL, "v3ciphers");
+ (void) SSLv3Box->addColumn(i18n("SSLv3 Ciphers to Use"));
+ whatstr = i18n("Select the ciphers you wish to enable when using the"
+ " SSL v3 protocol. The actual protocol used will be"
+ " negotiated with the server at connection time.");
+ QWhatsThis::add(SSLv3Box, whatstr);
+ SSLv3Box->setSelectionMode(QListView::NoSelection);
+ grid->addWidget(SSLv3Box, 2, 1);
+ connect( mUseSSLv3, SIGNAL( toggled( bool ) ),
+ SSLv3Box, SLOT( setEnabled( bool )));
+
+ loadCiphers();
+
+ //
+ // CipherWizards
+ //
+ QHGroupBox *cwbg = new QHGroupBox(i18n("Cipher Wizard"), tabSSL);
+ QComboBox *cwcb = new QComboBox(cwbg);
+ grid->addMultiCellWidget(cwbg, 3, 3, 0, 1);
+ QString whatStr = i18n("<qt>Use these preconfigurations to more easily configure the SSL encryption settings. You can choose among the following modes: <ul>");
+
+ cwcb->insertItem(QString::null);
+ cwcb->insertItem(i18n("Most Compatible"));
+ whatStr += i18n("<li><b>Most Compatible:</b> Select the settings found to be most compatible.</li>");
+ cwcb->insertItem(i18n("US Ciphers Only"));
+ whatStr += i18n("<li><b>US Ciphers Only:</b> Select only the US strong (&gt;= 128 bit) encryption ciphers.</li>");
+ cwcb->insertItem(i18n("Export Ciphers Only"));
+ whatStr += i18n("<li><b>Export Ciphers Only:</b> Select only the weak ciphers (&lt;= 56 bit).</li>");
+ cwcb->insertItem(i18n("Enable All"));
+ whatStr += i18n("<li><b>Enable All:</b> Select all SSL ciphers and methods.</li></ul>");
+
+ QWhatsThis::add(cwcb, whatStr);
+
+ connect(cwcb, SIGNAL(activated(int)), SLOT(slotSelectCipher(int)));
+
+
+
+
+#endif
+
+ mWarnOnEnter = new QCheckBox(i18n("Warn on &entering SSL mode"), tabSSL);
+ connect(mWarnOnEnter, SIGNAL(clicked()), SLOT(configChanged()));
+ grid->addWidget(mWarnOnEnter, 5, 0);
+ whatstr = i18n("If selected, you will be notified when entering an SSL"
+ " enabled site");
+ QWhatsThis::add(mWarnOnEnter, whatstr);
+
+ mWarnOnLeave = new QCheckBox(i18n("Warn on &leaving SSL mode"), tabSSL);
+ connect(mWarnOnLeave, SIGNAL(clicked()), SLOT(configChanged()));
+ grid->addWidget(mWarnOnLeave, 5, 1);
+ whatstr = i18n("If selected, you will be notified when leaving an SSL"
+ " based site.");
+ QWhatsThis::add(mWarnOnLeave, whatstr);
+
+ mWarnOnUnencrypted = new QCheckBox(i18n("Warn on sending &unencrypted data"), tabSSL);
+ connect(mWarnOnUnencrypted, SIGNAL(clicked()), SLOT(configChanged()));
+ grid->addWidget(mWarnOnUnencrypted, 6, 0);
+ whatstr = i18n("If selected, you will be notified before sending"
+ " unencrypted data via a web browser.");
+ QWhatsThis::add(mWarnOnUnencrypted, whatstr);
+
+#if 0 // NOT IMPLEMENTED IN KDE 3.0
+ mWarnOnMixed = new QCheckBox(i18n("Warn on &mixed SSL/non-SSL pages"), tabSSL);
+ connect(mWarnOnMixed, SIGNAL(clicked()), SLOT(configChanged()));
+ grid->addWidget(mWarnOnMixed, 6, 1);
+ whatstr = i18n("If selected, you will be notified if you view a page"
+ " that has both encrypted and non-encrypted parts.");
+ QWhatsThis::add(mWarnOnMixed, whatstr);
+#endif
+
+ ///////////////////////////////////////////////////////////////////////////
+ // SECOND TAB
+ ///////////////////////////////////////////////////////////////////////////
+
+#ifdef HAVE_SSL
+ tabOSSL = new QFrame(this);
+ QBoxLayout *vbox = new QVBoxLayout(tabOSSL, KDialog::marginHint(), KDialog::spacingHint());
+
+ oInfo = new QVGroupBox(i18n("Path to OpenSSL Shared Libraries"), tabOSSL);
+ vbox->addWidget(oInfo);
+ oPath = new KURLRequester(oInfo);
+ oPath->setMode(KFile::Directory);
+ oTest = new QPushButton(i18n("&Test"), oInfo);
+ connect(oTest, SIGNAL(clicked()), SLOT(slotTestOSSL()));
+
+ connect(oPath, SIGNAL(textChanged(const QString&)), SLOT(configChanged()));
+
+ //
+ // Settings for the EGD
+ //
+ QFrame *eFrame = new QFrame(tabOSSL);
+ QVBoxLayout *egrid = new QVBoxLayout(eFrame);
+ mUseEGD = new QCheckBox(i18n("Use EGD"), eFrame);
+ connect(mUseEGD, SIGNAL(clicked()), SLOT(slotUseEGD()));
+ mUseEFile = new QCheckBox(i18n("Use entropy file"), eFrame);
+ connect(mUseEFile, SIGNAL(clicked()), SLOT(slotUseEFile()));
+ vbox->addWidget(eFrame);
+ egrid->addWidget(mUseEGD);
+ egrid->addWidget(mUseEFile);
+ QFrame *egdframe = new QFrame(tabOSSL);
+ QGridLayout *grid2 = new QGridLayout(egdframe, 2, 2, KDialog::marginHint(),
+ KDialog::spacingHint());
+ mEGDLabel = new QLabel(i18n("Path to EGD:"), egdframe);
+ grid2->addWidget(mEGDLabel, 0, 0);
+ mEGDPath = new KURLRequester(egdframe);
+ grid2->addWidget(mEGDPath, 0, 1);
+ connect(mEGDPath, SIGNAL(textChanged(const QString&)), SLOT(configChanged()));
+ vbox->addWidget(egdframe);
+ whatstr = i18n("If selected, OpenSSL will be asked to use the entropy gathering"
+ " daemon (EGD) for initializing the pseudo-random number generator.");
+ QWhatsThis::add(mUseEGD, whatstr);
+ whatstr = i18n("If selected, OpenSSL will be asked to use the given file"
+ " as entropy for initializing the pseudo-random number generator.");
+ QWhatsThis::add(mUseEFile, whatstr);
+ whatstr = i18n("Enter the path to the socket created by the entropy gathering"
+ " daemon (or the entropy file) here.");
+ QWhatsThis::add(mEGDPath, whatstr);
+ whatstr = i18n("Click here to browse for the EGD socket file.");
+ QWhatsThis::add(mEGDPath, whatstr);
+
+ vbox->addStretch();
+#endif
+
+
+
+ ///////////////////////////////////////////////////////////////////////////
+ // THIRD TAB
+ ///////////////////////////////////////////////////////////////////////////
+ tabYourSSLCert = new QFrame(this);
+
+#ifdef HAVE_SSL
+ grid = new QGridLayout(tabYourSSLCert, 16, 6, KDialog::marginHint(), KDialog::spacingHint() );
+
+ yourSSLBox = new QListView(tabYourSSLCert);
+ yourSSLBox->setAllColumnsShowFocus(true);
+ whatstr = i18n("This list box shows which certificates of yours KDE"
+ " knows about. You can easily manage them from here.");
+ QWhatsThis::add(yourSSLBox, whatstr);
+ grid->addMultiCellWidget(yourSSLBox, 0, 5, 0, 4);
+ yourSSLBox->addColumn(i18n("Common Name"));
+ yourSSLBox->addColumn(i18n("Email Address"));
+ connect(yourSSLBox, SIGNAL(selectionChanged()), SLOT(slotYourCertSelect()));
+
+ yourSSLImport = new QPushButton(i18n("I&mport..."), tabYourSSLCert);
+ connect(yourSSLImport, SIGNAL(clicked()), SLOT(slotYourImport()));
+ grid->addWidget(yourSSLImport, 0, 5);
+
+ yourSSLExport = new QPushButton(i18n("&Export..."), tabYourSSLCert);
+ yourSSLExport->setEnabled(false);
+ connect(yourSSLExport, SIGNAL(clicked()), SLOT(slotYourExport()));
+ grid->addWidget(yourSSLExport, 1, 5);
+
+ yourSSLRemove = new QPushButton(i18n("Remo&ve"), tabYourSSLCert);
+ yourSSLRemove->setEnabled(false);
+ connect(yourSSLRemove, SIGNAL(clicked()), SLOT(slotYourRemove()));
+ grid->addWidget(yourSSLRemove, 2, 5);
+
+ yourSSLUnlock = new QPushButton(i18n("&Unlock"), tabYourSSLCert);
+ yourSSLUnlock->setEnabled(false);
+ connect(yourSSLUnlock, SIGNAL(clicked()), SLOT(slotYourUnlock()));
+ grid->addWidget(yourSSLUnlock, 3, 5);
+
+ yourSSLVerify = new QPushButton(i18n("Verif&y"), tabYourSSLCert);
+ yourSSLVerify->setEnabled(false);
+ connect(yourSSLVerify, SIGNAL(clicked()), SLOT(slotYourVerify()));
+ grid->addWidget(yourSSLVerify, 4, 5);
+
+ yourSSLPass = new QPushButton(i18n("Chan&ge Password..."), tabYourSSLCert);
+ yourSSLPass->setEnabled(false);
+ connect(yourSSLPass, SIGNAL(clicked()), SLOT(slotYourPass()));
+ grid->addWidget(yourSSLPass, 5, 5);
+
+ grid->addMultiCellWidget(new KSeparator(KSeparator::HLine, tabYourSSLCert), 6, 6, 0, 5);
+ ySubject = KSSLInfoDlg::certInfoWidget(tabYourSSLCert, QString(QString::null));
+ yIssuer = KSSLInfoDlg::certInfoWidget(tabYourSSLCert, QString(QString::null));
+ grid->addMultiCellWidget(ySubject, 7, 11, 0, 2);
+ grid->addMultiCellWidget(yIssuer, 7, 11, 3, 5);
+ whatstr = i18n("This is the information known about the owner of the certificate.");
+ QWhatsThis::add(ySubject, whatstr);
+ whatstr = i18n("This is the information known about the issuer of the certificate.");
+ QWhatsThis::add(yIssuer, whatstr);
+
+ grid->addWidget(new QLabel(i18n("Valid from:"), tabYourSSLCert), 12, 0);
+ grid->addWidget(new QLabel(i18n("Valid until:"), tabYourSSLCert), 13, 0);
+ yValidFrom = new QLabel(tabYourSSLCert);
+ grid->addWidget(yValidFrom, 12, 1);
+ yValidUntil = new QLabel(tabYourSSLCert);
+ grid->addWidget(yValidUntil, 13, 1);
+ whatstr = i18n("The certificate is valid starting at this date.");
+ QWhatsThis::add(yValidFrom, whatstr);
+ whatstr = i18n("The certificate is valid until this date.");
+ QWhatsThis::add(yValidUntil, whatstr);
+ grid->addWidget(new QLabel(i18n("MD5 digest:"), tabYourSSLCert), 14, 0);
+ yHash = new QLabel(tabYourSSLCert);
+ grid->addWidget(yHash, 14, 1);
+ whatstr = i18n("A hash of the certificate used to identify it quickly.");
+ QWhatsThis::add(yHash, whatstr);
+
+#if 0
+ QHButtonGroup *ocbg = new QHButtonGroup(i18n("On SSL Connection..."), tabYourSSLCert);
+ yourSSLUseDefault = new QRadioButton(i18n("&Use default certificate"), ocbg);
+ yourSSLList = new QRadioButton(i18n("&List upon connection"), ocbg);
+ yourSSLDont = new QRadioButton(i18n("&Do not use certificates"), ocbg);
+ grid->addMultiCellWidget(ocbg, 14, 14, 0, 5);
+#endif
+#else
+ nossllabel = new QLabel(i18n("SSL certificates cannot be managed"
+ " because this module was not linked"
+ " with OpenSSL."), tabYourSSLCert);
+ grid->addMultiCellWidget(nossllabel, 3, 3, 0, 5);
+#endif
+
+
+ ///////////////////////////////////////////////////////////////////////////
+ // FOURTH TAB
+ ///////////////////////////////////////////////////////////////////////////
+ tabAuth = new QFrame(this);
+
+#ifdef HAVE_SSL
+ grid = new QGridLayout(tabAuth, 20, 6, KDialog::marginHint(), KDialog::spacingHint());
+
+ grid->addMultiCellWidget(new QLabel(i18n("Default Authentication Certificate"), tabAuth), 0, 0, 0, 2);
+ defCertBG = new QVButtonGroup(i18n("Default Action"), tabAuth);
+ defSend = new QRadioButton(i18n("&Send"), defCertBG);
+ defPrompt = new QRadioButton(i18n("&Prompt"), defCertBG);
+ defDont = new QRadioButton(i18n("Do &not send"), defCertBG);
+ grid->addMultiCellWidget(defCertBG, 1, 3, 0, 2);
+ grid->addMultiCellWidget(new QLabel(i18n("Default certificate:"), tabAuth), 1, 1, 3, 5);
+ defCertBox = new KComboBox(false, tabAuth);
+ grid->addMultiCellWidget(defCertBox, 2, 2, 3, 5);
+
+ grid->addMultiCellWidget(new KSeparator(KSeparator::HLine, tabAuth), 4, 4, 0, 5);
+
+
+ grid->addMultiCellWidget(new QLabel(i18n("Host authentication:"), tabAuth), 5, 5, 0, 1);
+ hostAuthList = new QListView(tabAuth);
+ hostAuthList->setAllColumnsShowFocus(true);
+ grid->addMultiCellWidget(hostAuthList, 6, 13, 0, 5);
+ hostAuthList->addColumn(i18n("Host"));
+ hostAuthList->addColumn(i18n("Certificate"));
+ hostAuthList->addColumn(i18n("Policy"));
+
+ grid->addWidget(new QLabel(i18n("Host:"), tabAuth), 14, 0);
+ grid->addWidget(new QLabel(i18n("Certificate:"), tabAuth), 15, 0);
+
+ authHost = new QLineEdit(tabAuth);
+ grid->addMultiCellWidget(authHost, 14, 14, 1, 4);
+ hostCertBox = new KComboBox(false, tabAuth);
+ grid->addMultiCellWidget(hostCertBox, 15, 15, 1, 4);
+
+ hostCertBG = new QHButtonGroup(i18n("Action"), tabAuth);
+ hostSend = new QRadioButton(i18n("Send"), hostCertBG);
+ hostPrompt = new QRadioButton(i18n("Prompt"), hostCertBG);
+ hostDont = new QRadioButton(i18n("Do not send"), hostCertBG);
+ grid->addMultiCellWidget(hostCertBG, 16, 16, 0, 5);
+
+ authAdd = new QPushButton(i18n("Ne&w"), tabAuth);
+ authRemove = new QPushButton(i18n("Remo&ve"), tabAuth);
+ grid->addWidget(authAdd, 17, 4);
+ grid->addWidget(authRemove, 17, 5);
+
+ authHost->setEnabled(false);
+ hostCertBox->setEnabled(false);
+ hostCertBG->setEnabled(false);
+ authRemove->setEnabled(false);
+
+ connect(defCertBox, SIGNAL(activated(int)), this, SLOT(configChanged()));
+ connect(defCertBG, SIGNAL(clicked(int)), this, SLOT(configChanged()));
+ connect(hostAuthList, SIGNAL(selectionChanged()), this, SLOT(slotAuthItemChanged()));
+ connect(authAdd, SIGNAL(clicked()), this, SLOT(slotNewHostAuth()));
+ connect(authRemove, SIGNAL(clicked()), this, SLOT(slotRemoveHostAuth()));
+ connect(authHost, SIGNAL(textChanged(const QString &)), this, SLOT(slotAuthText(const QString &)));
+ connect(hostCertBG, SIGNAL(clicked(int)), this, SLOT(slotAuthButtons()));
+ connect(hostCertBox, SIGNAL(activated(int)), this, SLOT(slotAuthCombo()));
+
+#else
+ nossllabel = new QLabel(i18n("SSL certificates cannot be managed"
+ " because this module was not linked"
+ " with OpenSSL."), tabAuth);
+ grid->addMultiCellWidget(nossllabel, 3, 3, 0, 5);
+#endif
+
+
+
+ ///////////////////////////////////////////////////////////////////////////
+ // FIFTH TAB
+ ///////////////////////////////////////////////////////////////////////////
+ tabOtherSSLCert = new QFrame(this);
+
+#ifdef HAVE_SSL
+ oGrid = grid = new QGridLayout(tabOtherSSLCert, 21, 6, KDialog::marginHint(), KDialog::spacingHint());
+
+ otherSSLBox = new QListView(tabOtherSSLCert);
+ otherSSLBox->setAllColumnsShowFocus(true);
+ connect(otherSSLBox, SIGNAL(selectionChanged()), SLOT(slotOtherCertSelect()));
+ whatstr = i18n("This list box shows which site and person certificates KDE"
+ " knows about. You can easily manage them from here.");
+ QWhatsThis::add(otherSSLBox, whatstr);
+ otherSSLBox->addColumn(i18n("Organization"));
+ otherSSLBox->addColumn(i18n("Common Name"));
+ grid->addMultiCellWidget(otherSSLBox, 0, 7, 0, 4);
+
+ otherSSLExport = new QPushButton(i18n("&Export..."), tabOtherSSLCert);
+ connect(otherSSLExport, SIGNAL(clicked()), SLOT(slotExportCert()));
+ grid->addWidget(otherSSLExport, 0, 5);
+ whatstr = i18n("This button allows you to export the selected certificate"
+ " to a file of various formats.");
+ QWhatsThis::add(otherSSLExport, whatstr);
+
+ otherSSLRemove = new QPushButton(i18n("&Remove"), tabOtherSSLCert);
+ connect(otherSSLRemove, SIGNAL(clicked()), SLOT(slotRemoveCert()));
+ grid->addWidget(otherSSLRemove, 1, 5);
+ whatstr = i18n("This button removes the selected certificate"
+ " from the certificate cache.");
+ QWhatsThis::add(otherSSLRemove, whatstr);
+
+ otherSSLVerify = new QPushButton(i18n("&Verify"), tabOtherSSLCert);
+ connect(otherSSLVerify, SIGNAL(clicked()), SLOT(slotVerifyCert()));
+ grid->addWidget(otherSSLVerify, 2, 5);
+ whatstr = i18n("This button tests the selected certificate"
+ " for validity.");
+ QWhatsThis::add(otherSSLVerify, whatstr);
+
+ otherSSLExport->setEnabled(false);
+ otherSSLVerify->setEnabled(false);
+ otherSSLRemove->setEnabled(false);
+
+ grid->addMultiCellWidget(new KSeparator(KSeparator::HLine, tabOtherSSLCert), 8, 8, 0, 5);
+ oSubject = KSSLInfoDlg::certInfoWidget(tabOtherSSLCert, QString(QString::null));
+ oIssuer = KSSLInfoDlg::certInfoWidget(tabOtherSSLCert, QString(QString::null));
+ grid->addMultiCellWidget(oSubject, 9, 13, 0, 2);
+ grid->addMultiCellWidget(oIssuer, 9, 13, 3, 5);
+ whatstr = i18n("This is the information known about the owner of the certificate.");
+ QWhatsThis::add(oSubject, whatstr);
+ whatstr = i18n("This is the information known about the issuer of the certificate.");
+ QWhatsThis::add(oIssuer, whatstr);
+
+ fromLabel = new QLabel(i18n("Valid from:"), tabOtherSSLCert);
+ untilLabel = new QLabel(i18n("Valid until:"), tabOtherSSLCert);
+ grid->addWidget(fromLabel, 14, 0);
+ grid->addWidget(untilLabel, 15, 0);
+ fromLabel->setEnabled(false);
+ untilLabel->setEnabled(false);
+ validFrom = new QLabel(tabOtherSSLCert);
+ grid->addWidget(validFrom, 14, 1);
+ validUntil = new QLabel(tabOtherSSLCert);
+ grid->addWidget(validUntil, 15, 1);
+ whatstr = i18n("The certificate is valid starting at this date.");
+ QWhatsThis::add(validFrom, whatstr);
+ whatstr = i18n("The certificate is valid until this date.");
+ QWhatsThis::add(validUntil, whatstr);
+
+ cacheGroup = new QVButtonGroup(i18n("Cache"), tabOtherSSLCert);
+ cachePerm = new QRadioButton(i18n("Permanentl&y"), cacheGroup);
+ cacheUntil = new QRadioButton(i18n("&Until"), cacheGroup);
+ untilDate = new KURLLabel(QString::null, QString::null, cacheGroup);
+ cacheGroup->setEnabled(false);
+ grid->addMultiCellWidget(cacheGroup, 16, 19, 0, 2);
+
+ cachePerm->setEnabled(false);
+ cacheUntil->setEnabled(false);
+ untilDate->setEnabled(false);
+ connect(cachePerm, SIGNAL(clicked()), SLOT(slotPermanent()));
+ connect(cacheUntil, SIGNAL(clicked()), SLOT(slotUntil()));
+ connect(untilDate, SIGNAL(leftClickedURL()), SLOT(slotDatePick()));
+ whatstr = i18n("Select here to make the cache entry permanent.");
+ QWhatsThis::add(cachePerm, whatstr);
+ whatstr = i18n("Select here to make the cache entry temporary.");
+ QWhatsThis::add(cacheUntil, whatstr);
+ whatstr = i18n("The date and time until the certificate cache entry should expire.");
+ QWhatsThis::add(untilDate, whatstr);
+
+ policyGroup = new QVButtonGroup(i18n("Policy"), tabOtherSSLCert);
+ policyAccept = new QRadioButton(i18n("Accep&t"), policyGroup);
+ policyReject = new QRadioButton(i18n("Re&ject"), policyGroup);
+ policyPrompt = new QRadioButton(i18n("&Prompt"), policyGroup);
+ policyGroup->setEnabled(false);
+ grid->addMultiCellWidget(policyGroup, 16, 19, 3, 5);
+ connect(policyGroup, SIGNAL(clicked(int)), SLOT(slotPolicyChanged(int)));
+ whatstr = i18n("Select this to always accept this certificate.");
+ QWhatsThis::add(policyAccept, whatstr);
+ whatstr = i18n("Select this to always reject this certificate.");
+ QWhatsThis::add(policyReject, whatstr);
+ whatstr = i18n("Select this if you wish to be prompted for action when receiving this certificate.");
+ QWhatsThis::add(policyPrompt, whatstr);
+ grid->addWidget(new QLabel(i18n("MD5 digest:"), tabOtherSSLCert), 20, 0);
+ pHash = new QLabel(tabOtherSSLCert);
+ grid->addWidget(pHash, 20, 1);
+ whatstr = i18n("A hash of the certificate used to identify it quickly.");
+ QWhatsThis::add(pHash, whatstr);
+
+#else
+ nossllabel = new QLabel(i18n("SSL certificates cannot be managed"
+ " because this module was not linked"
+ " with OpenSSL."), tabOtherSSLCert);
+ grid->addMultiCellWidget(nossllabel, 1, 1, 0, 1);
+#endif
+
+
+ ///////////////////////////////////////////////////////////////////////////
+ // SIXTH TAB
+ ///////////////////////////////////////////////////////////////////////////
+ tabSSLCA = new QFrame(this);
+
+#ifdef HAVE_SSL
+ grid = new QGridLayout(tabSSLCA, 11, 8, KDialog::marginHint(), KDialog::spacingHint());
+
+ caList = new QListView(tabSSLCA);
+ caList->setAllColumnsShowFocus(true);
+ whatstr = i18n("This list box shows which certificate authorities KDE"
+ " knows about. You can easily manage them from here.");
+ QWhatsThis::add(caList, whatstr);
+ grid->addMultiCellWidget(caList, 0, 3, 0, 6);
+ caList->addColumn(i18n("Organization"));
+ caList->addColumn(i18n("Organizational Unit"));
+ caList->addColumn(i18n("Common Name"));
+ connect(caList, SIGNAL(selectionChanged()), SLOT(slotCAItemChanged()));
+
+ caSSLImport = new QPushButton(i18n("I&mport..."), tabSSLCA);
+ connect(caSSLImport, SIGNAL(clicked()), SLOT(slotCAImport()));
+ grid->addWidget(caSSLImport, 0, 7);
+
+ caSSLRemove = new QPushButton(i18n("&Remove"), tabSSLCA);
+ connect(caSSLRemove, SIGNAL(clicked()), SLOT(slotCARemove()));
+ grid->addWidget(caSSLRemove, 1, 7);
+ caSSLRemove->setEnabled(false);
+
+ caSSLRestore = new QPushButton(i18n("Res&tore"), tabSSLCA);
+ connect(caSSLRestore, SIGNAL(clicked()), SLOT(slotCARestore()));
+ grid->addWidget(caSSLRestore, 2, 7);
+
+ caSubject = KSSLInfoDlg::certInfoWidget(tabSSLCA, QString(QString::null));
+ caIssuer = KSSLInfoDlg::certInfoWidget(tabSSLCA, QString(QString::null));
+ grid->addMultiCellWidget(caSubject, 4, 6, 0, 3);
+ grid->addMultiCellWidget(caIssuer, 4, 6, 4, 7);
+
+ // Accept for Web Site Signing, Email Signing, Code Signing
+ caSite = new QCheckBox(i18n("Accept for site signing"), tabSSLCA);
+ caEmail = new QCheckBox(i18n("Accept for email signing"), tabSSLCA);
+ caCode = new QCheckBox(i18n("Accept for code signing"), tabSSLCA);
+ grid->addMultiCellWidget(caSite, 7, 7, 0, 3);
+ connect(caSite, SIGNAL(clicked()), SLOT(slotCAChecked()));
+ grid->addMultiCellWidget(caEmail, 8, 8, 0, 3);
+ connect(caEmail, SIGNAL(clicked()), SLOT(slotCAChecked()));
+ grid->addMultiCellWidget(caCode, 9, 9, 0, 3);
+ connect(caCode, SIGNAL(clicked()), SLOT(slotCAChecked()));
+ caSite->setEnabled(false);
+ caEmail->setEnabled(false);
+ caCode->setEnabled(false);
+ grid->addWidget(new QLabel(i18n("MD5 digest:"), tabSSLCA), 10, 0);
+ cHash = new QLabel(tabSSLCA);
+ grid->addWidget(cHash, 10, 1);
+ whatstr = i18n("A hash of the certificate used to identify it quickly.");
+ QWhatsThis::add(cHash, whatstr);
+
+#else
+ nossllabel = new QLabel(i18n("SSL certificates cannot be managed"
+ " because this module was not linked"
+ " with OpenSSL."), tabSSLCA);
+ grid->addMultiCellWidget(nossllabel, 1, 1, 0, 1);
+#endif
+
+
+#if 0
+ ///////////////////////////////////////////////////////////////////////////
+ // SEVENTH TAB
+ ///////////////////////////////////////////////////////////////////////////
+ tabSSLCOpts = new QFrame(this);
+
+#ifdef HAVE_SSL
+ grid = new QGridLayout(tabSSLCOpts, 9, 4, KDialog::marginHint(), KDialog::spacingHint());
+ mWarnSelfSigned = new QCheckBox(i18n("Warn on &self-signed certificates or unknown CA's"), tabSSLCOpts);
+ connect(mWarnSelfSigned, SIGNAL(clicked()), SLOT(configChanged()));
+ mWarnExpired = new QCheckBox(i18n("Warn on &expired certificates"), tabSSLCOpts);
+ connect(mWarnExpired, SIGNAL(clicked()), SLOT(configChanged()));
+ mWarnRevoked = new QCheckBox(i18n("Warn on re&voked certificates"), tabSSLCOpts);
+ connect(mWarnRevoked, SIGNAL(clicked()), SLOT(configChanged()));
+ grid->addMultiCellWidget(mWarnSelfSigned, 0, 0, 0, 3);
+ grid->addMultiCellWidget(mWarnExpired, 1, 1, 0, 3);
+ grid->addMultiCellWidget(mWarnRevoked, 2, 2, 0, 3);
+
+ macCert = new QLineEdit(tabSSLCOpts);
+ grid->addMultiCellWidget(macCert, 4, 4, 0, 2);
+
+ macBox = new QListBox(tabSSLCOpts);
+ whatstr = i18n("This list box shows which sites you have decided to accept"
+ " a certificate from even though the certificate might fail"
+ " the validation procedure.");
+ QWhatsThis::add(macBox, whatstr);
+ caSSLBox->setSelectionMode(QListBox::Single);
+ caSSLBox->setColumnMode(QListBox::FixedNumber);
+ grid->addMultiCellWidget(macBox, 5, 8, 0, 2);
+
+ macAdd = new QPushButton(i18n("&Add"), tabSSLCOpts);
+ //connect(macAdd, SIGNAL(), SLOT());
+ grid->addWidget(macAdd, 4, 3);
+
+ macRemove = new QPushButton(i18n("&Remove"), tabSSLCOpts);
+ //connect(macRemove, SIGNAL(), SLOT());
+ grid->addWidget(macRemove, 5, 3);
+
+ macClear = new KPushButton(KGuiItem::clear(), tabSSLCOpts);
+ //connect(macAdd, SIGNAL(), SLOT());
+ grid->addWidget(macClear, 6, 3);
+
+#else
+ nossllabel = new QLabel(i18n("These options are not configurable"
+ " because this module was not linked"
+ " with OpenSSL."), tabSSLCOpts);
+ grid->addMultiCellWidget(nossllabel, 1, 1, 0, 1);
+#endif
+#endif
+
+ ///////////////////////////////////////////////////////////////////////////
+ // Add the tabs and startup
+ ///////////////////////////////////////////////////////////////////////////
+ tabs->addTab(tabSSL, i18n("SSL"));
+#ifdef HAVE_SSL
+ tabs->addTab(tabOSSL, i18n("OpenSSL"));
+#endif
+ tabs->addTab(tabYourSSLCert, i18n("Your Certificates"));
+ tabs->addTab(tabAuth, i18n("Authentication"));
+ tabs->addTab(tabOtherSSLCert, i18n("Peer SSL Certificates"));
+ tabs->addTab(tabSSLCA, i18n("SSL Signers"));
+
+#if 0
+ tabs->addTab(tabSSLCOpts, i18n("Validation Options"));
+#endif
+
+ tabs->resize(tabs->sizeHint());
+ load();
+}
+
+KCryptoConfig::~KCryptoConfig()
+{
+ delete config;
+ delete policies;
+ delete pcerts;
+ delete authcfg;
+ delete _signers;
+}
+
+void KCryptoConfig::configChanged()
+{
+ emit changed(true);
+}
+
+void KCryptoConfig::load()
+{
+ load( false );
+}
+
+void KCryptoConfig::load( bool useDefaults )
+{
+ config->setReadDefaults( useDefaults );
+#ifdef HAVE_SSL
+ otherCertDelList.clear();
+ yourCertDelList.clear();
+ authDelList.clear();
+ caDelList.clear();
+ config->setGroup("TLS");
+ mUseTLS->setChecked(config->readBoolEntry("Enabled", true));
+
+ config->setGroup("SSLv2");
+ mUseSSLv2->setChecked(config->readBoolEntry("Enabled", true));
+
+ config->setGroup("SSLv3");
+ mUseSSLv3->setChecked(config->readBoolEntry("Enabled", true));
+
+ config->setGroup("Warnings");
+ mWarnOnEnter->setChecked(config->readBoolEntry("OnEnter", false));
+ mWarnOnLeave->setChecked(config->readBoolEntry("OnLeave", true));
+ mWarnOnUnencrypted->setChecked(config->readBoolEntry("OnUnencrypted", true));
+
+#if 0 // NOT IMPLEMENTED IN KDE 2.0
+ mWarnOnMixed->setChecked(config->readBoolEntry("OnMixed", true));
+
+ config->setGroup("Validation");
+ mWarnSelfSigned->setChecked(config->readBoolEntry("WarnSelfSigned", true));
+ mWarnExpired->setChecked(config->readBoolEntry("WarnExpired", true));
+ mWarnRevoked->setChecked(config->readBoolEntry("WarnRevoked", true));
+#endif
+
+ config->setGroup("EGD");
+ slotUseEGD(); // set the defaults
+ if (config->readBoolEntry("UseEGD", false)) {
+ mUseEGD->setChecked(true);
+ slotUseEGD();
+ } else if (config->readBoolEntry("UseEFile", false)) {
+ mUseEFile->setChecked(true);
+ slotUseEFile();
+ }
+ mEGDPath->setURL(config->readPathEntry("EGDPath"));
+
+
+#ifdef HAVE_SSL
+ config->setGroup("OpenSSL");
+ oPath->setURL(config->readPathEntry("Path"));
+#endif
+
+ config->setGroup("SSLv2");
+ CipherItem *item = static_cast<CipherItem *>(SSLv2Box->firstChild());
+ while ( item ) {
+ item->setOn(config->readBoolEntry(item->configName(),
+ item->bits() >= 56));
+ item = static_cast<CipherItem *>(item->nextSibling());
+ }
+
+ config->setGroup("SSLv3");
+ item = static_cast<CipherItem *>(SSLv3Box->firstChild());
+ while ( item ) {
+ item->setOn(config->readBoolEntry(item->configName(),
+ item->bits() >= 56));
+ item = static_cast<CipherItem *>(item->nextSibling());
+ }
+
+ SSLv2Box->setEnabled( mUseSSLv2->isChecked() );
+ SSLv3Box->setEnabled( mUseSSLv3->isChecked() );
+
+ QStringList groups = policies->groupList();
+
+ otherSSLBox->clear();
+ for (QStringList::Iterator i = groups.begin(); i != groups.end(); ++i) {
+ if ((*i).isEmpty() || *i == "<default>" || *i == "General") continue;
+ policies->setGroup(*i);
+ KSSLCertificate *cert = KSSLCertificate::fromString(policies->readEntry("Certificate", QString::null).local8Bit());
+ if (cert) {
+ new OtherCertItem(otherSSLBox, cert->getSubject(), *i,
+ policies->readBoolEntry("Permanent", true),
+ policies->readNumEntry("Policy", 3),
+ policies->readDateTimeEntry("Expires"), this );
+ delete cert;
+ }
+ }
+
+ groups = pcerts->groupList();
+
+ yourSSLBox->clear();
+ for (QStringList::Iterator i = groups.begin(); i != groups.end(); ++i) {
+ if ((*i).isEmpty() || *i == "<default>") continue;
+ pcerts->setGroup(*i);
+ YourCertItem *j = new YourCertItem(yourSSLBox,
+ pcerts->readEntry("PKCS12Base64"),
+ pcerts->readEntry("Password"),
+ *i, this );
+ j->setPassCache(QString::null);
+ }
+
+ setAuthCertLists();
+
+ config->setGroup("Auth");
+ QString whichAuth = config->readEntry("AuthMethod", "none");
+ if (whichAuth == "send")
+ defCertBG->setButton(defCertBG->id(defSend));
+ else if (whichAuth == "prompt")
+ defCertBG->setButton(defCertBG->id(defPrompt));
+ else
+ defCertBG->setButton(defCertBG->id(defDont));
+
+ QString whichCert = config->readEntry("DefaultCert");
+ defCertBox->setCurrentItem(0);
+ for (int i = 0; i < defCertBox->count(); i++) {
+ if (defCertBox->text(i) == whichCert) {
+ defCertBox->setCurrentItem(i);
+ break;
+ }
+ }
+ hostAuthList->clear();
+ groups = authcfg->groupList();
+ for (QStringList::Iterator i = groups.begin();
+ i != groups.end();
+ ++i) {
+ if ((*i).isEmpty() || *i == "<default>") continue;
+ authcfg->setGroup(*i);
+ KSSLCertificateHome::KSSLAuthAction aa = KSSLCertificateHome::AuthDont;
+ if (authcfg->readBoolEntry("send", false) == true)
+ aa = KSSLCertificateHome::AuthSend;
+ else if (authcfg->readBoolEntry("prompt", false) == true)
+ aa = KSSLCertificateHome::AuthPrompt;
+ HostAuthItem *j = new HostAuthItem(hostAuthList,
+ KResolver::domainToAscii(*i),
+ authcfg->readEntry("certificate"),
+ this );
+ j->setAction(aa);
+ j->setOriginalName(*i);
+ }
+
+ groups = _signers->list();
+ KConfig sigcfg("ksslcalist", true, false);
+ caList->clear();
+ for (QStringList::Iterator i = groups.begin();
+ i != groups.end();
+ ++i) {
+ if ((*i).isEmpty() || *i == "<default>") continue;
+ if (!sigcfg.hasGroup(*i)) continue;
+ sigcfg.setGroup(*i);
+ if (!sigcfg.hasKey("x509")) continue;
+ new CAItem(caList,
+ (*i),
+ sigcfg.readEntry("x509"),
+ sigcfg.readBoolEntry("site", false),
+ sigcfg.readBoolEntry("email", false),
+ sigcfg.readBoolEntry("code", false),
+ this );
+ }
+
+ slotCAItemChanged();
+ slotOtherCertSelect();
+ slotYourCertSelect();
+#endif
+
+ emit changed( useDefaults );
+}
+
+void KCryptoConfig::save()
+{
+#ifdef HAVE_SSL
+ if (!mUseSSLv2->isChecked() &&
+ !mUseSSLv3->isChecked())
+ KMessageBox::information(this, i18n("If you do not select at least one"
+ " SSL algorithm, either SSL will not"
+ " work or the application may be"
+ " forced to choose a suitable default."),
+ i18n("SSL"));
+
+ config->setGroup("TLS");
+ config->writeEntry("Enabled", mUseTLS->isChecked());
+
+ config->setGroup("SSLv2");
+ config->writeEntry("Enabled", mUseSSLv2->isChecked());
+
+ config->setGroup("SSLv3");
+ config->writeEntry("Enabled", mUseSSLv3->isChecked());
+
+ config->setGroup("Warnings");
+ config->writeEntry("OnEnter", mWarnOnEnter->isChecked());
+ config->writeEntry("OnLeave", mWarnOnLeave->isChecked());
+ config->writeEntry("OnUnencrypted", mWarnOnUnencrypted->isChecked());
+
+ config->setGroup("EGD");
+ config->writeEntry("UseEGD", mUseEGD->isChecked());
+ config->writeEntry("UseEFile", mUseEFile->isChecked());
+ config->writePathEntry("EGDPath", mEGDPath->url());
+
+#if 0 // NOT IMPLEMENTED IN KDE 2.0
+ config->writeEntry("OnMixed", mWarnOnMixed->isChecked());
+
+ config->setGroup("Validation");
+ config->writeEntry("WarnSelfSigned", mWarnSelfSigned->isChecked());
+ config->writeEntry("WarnExpired", mWarnExpired->isChecked());
+ config->writeEntry("WarnRevoked", mWarnRevoked->isChecked());
+#endif
+
+#ifdef HAVE_SSL
+ config->setGroup("OpenSSL");
+ config->writePathEntry("Path", oPath->url());
+#endif
+
+ int ciphercount = 0;
+ config->setGroup("SSLv2");
+ CipherItem *item = static_cast<CipherItem *>(SSLv2Box->firstChild());
+ while ( item ) {
+ if (item->isOn()) {
+ config->writeEntry(item->configName(), true);
+ ciphercount++;
+ } else config->writeEntry(item->configName(), false);
+
+ item = static_cast<CipherItem *>(item->nextSibling());
+ }
+
+ if (mUseSSLv2->isChecked() && ciphercount == 0)
+ KMessageBox::information(this, i18n("If you do not select at least one"
+ " cipher, SSLv2 will not work."),
+ i18n("SSLv2 Ciphers"));
+
+ ciphercount = 0;
+ config->setGroup("SSLv3");
+ item = static_cast<CipherItem *>(SSLv3Box->firstChild());
+ while ( item ) {
+ if (item->isOn()) {
+ config->writeEntry(item->configName(), true);
+ ciphercount++;
+ } else config->writeEntry(item->configName(), false);
+
+ item = static_cast<CipherItem *>(item->nextSibling());
+ }
+
+ KSSLCertificateCache _cc;
+
+ if (mUseSSLv3->isChecked() && ciphercount == 0)
+ KMessageBox::information(this, i18n("If you do not select at least one"
+ " cipher, SSLv3 will not work."),
+ i18n("SSLv3 Ciphers"));
+ // SSL Policies code
+ for (OtherCertItem *x = otherCertDelList.first(); x != 0; x = otherCertDelList.next()) {
+ KSSLX509Map cert(x->configName());
+ QString thisCN = cert.getValue("CN");
+ _cc.removeByCN(thisCN);
+ otherCertDelList.remove(x);
+ }
+ // Go through the non-deleted ones and save them
+ for (OtherCertItem *x =
+ static_cast<OtherCertItem *>(otherSSLBox->firstChild());
+ x;
+ x = static_cast<OtherCertItem *>(x->nextSibling())) {
+ KSSLX509Map cert(x->configName());
+ QString thisCN = cert.getValue("CN");
+ QDateTime expires = x->getExpires();
+ _cc.modifyByCN(thisCN, (KSSLCertificateCache::KSSLCertificatePolicy)x->getPolicy(), x->isPermanent(), expires);
+ }
+
+ // SSL Personal certificates code
+ for (YourCertItem *x = yourCertDelList.first(); x != 0; x = yourCertDelList.next()) {
+ pcerts->deleteGroup(x->configName());
+ yourCertDelList.remove(x);
+ }
+ // Go through the non-deleted ones and save them
+ for (YourCertItem *x =
+ static_cast<YourCertItem *>(yourSSLBox->firstChild());
+ x;
+ x = static_cast<YourCertItem *>(x->nextSibling())) {
+ pcerts->setGroup(x->configName());
+ pcerts->writeEntry("PKCS12Base64", x->getPKCS());
+ pcerts->writeEntry("Password", x->getPass());
+ }
+
+ bool doGen = false;
+
+ // CA certificates code
+ for (CAItem *x = caDelList.first(); x != 0; x = caDelList.next()) {
+ _signers->remove(x->configName());
+ caDelList.remove(x);
+ doGen = true;
+ }
+
+ // Go through the non-deleted ones and save them
+ for (CAItem *x = static_cast<CAItem *>(caList->firstChild()); x;
+ x = static_cast<CAItem *>(x->nextSibling())) {
+ if (!x->modified && !x->isNew) continue;
+ if (x->isNew) {
+ x->isNew = false;
+ _signers->addCA(x->getCert(),
+ x->getSite(),
+ x->getEmail(),
+ x->getCode());
+ } else {
+ _signers->setUse(x->configName(),
+ x->getSite(),
+ x->getEmail(),
+ x->getCode());
+ }
+ x->modified = false;
+ doGen = true;
+ }
+
+ if (doGen) genCAList();
+
+
+ config->setGroup("Auth");
+ QString whichAuth = config->readEntry("AuthMethod", "none");
+ if (defCertBG->selected() == defSend)
+ config->writeEntry("AuthMethod", "send");
+ else if (defCertBG->selected() == defPrompt)
+ config->writeEntry("AuthMethod", "prompt");
+ else
+ config->writeEntry("AuthMethod", "none");
+
+ if (defCertBox->currentItem() == 0)
+ config->writeEntry("DefaultCert", QString::null);
+ else config->writeEntry("DefaultCert", defCertBox->currentText());
+
+ for (HostAuthItem *x = authDelList.first(); x != 0; x = authDelList.next()) {
+ authcfg->deleteGroup(x->configName());
+ authDelList.remove(x);
+ }
+
+ for (HostAuthItem *x =
+ static_cast<HostAuthItem *>(hostAuthList->firstChild());
+ x;
+ x = static_cast<HostAuthItem *>(x->nextSibling())) {
+ if (!x->originalName().isNull())
+ authcfg->deleteGroup(x->originalName());
+ }
+
+ for (HostAuthItem *x =
+ static_cast<HostAuthItem *>(hostAuthList->firstChild());
+ x;
+ x = static_cast<HostAuthItem *>(x->nextSibling())) {
+ authcfg->setGroup(KResolver::domainToAscii(x->configName()));
+ authcfg->writeEntry("certificate", x->getCertName());
+ authcfg->writeEntry("prompt", (x->getAction() == KSSLCertificateHome::AuthPrompt));
+ authcfg->writeEntry("send", (x->getAction() == KSSLCertificateHome::AuthSend));
+ }
+
+#endif
+
+ config->sync();
+ policies->sync();
+ pcerts->sync();
+ authcfg->sync();
+
+ // insure proper permissions -- contains sensitive data
+ QString cfgName(KGlobal::dirs()->findResource("config", "cryptodefaults"));
+ if (!cfgName.isEmpty())
+ ::chmod(QFile::encodeName(cfgName), 0600);
+
+ emit changed(false);
+}
+
+void KCryptoConfig::defaults()
+{
+ load( true );
+}
+
+void KCryptoConfig::genCAList() {
+ _signers->regenerate();
+
+}
+
+void KCryptoConfig::slotSelectCipher(int id) {
+ switch(id) {
+ case 1:
+ cwCompatible();
+ break;
+ case 2:
+ cwUS();
+ break;
+ case 3:
+ cwExp();
+ break;
+ case 4:
+ cwAll();
+ }
+}
+
+void KCryptoConfig::cwCompatible() {
+ #ifdef HAVE_SSL
+ CipherItem *item;
+ for ( item = static_cast<CipherItem *>(SSLv2Box->firstChild()); item;
+ item = static_cast<CipherItem *>(item->nextSibling()) ) {
+ item->setOn( item->bits() >= 56 && item->bits() <= 128 );
+ }
+
+ for ( item = static_cast<CipherItem *>(SSLv3Box->firstChild()); item;
+ item = static_cast<CipherItem *>(item->nextSibling()) ) {
+ item->setOn( item->bits() >= 56 && item->bits() <= 128 );
+ }
+
+ mUseTLS->setChecked(true);
+ mUseSSLv2->setChecked(true);
+ mUseSSLv3->setChecked(true);
+ configChanged();
+ #endif
+}
+
+
+void KCryptoConfig::cwUS() {
+ #ifdef HAVE_SSL
+ CipherItem *item;
+ for ( item = static_cast<CipherItem *>(SSLv2Box->firstChild()); item;
+ item = static_cast<CipherItem *>(item->nextSibling()) ) {
+ item->setOn( item->bits() >= 128 );
+ }
+
+ for ( item = static_cast<CipherItem *>(SSLv3Box->firstChild()); item;
+ item = static_cast<CipherItem *>(item->nextSibling()) ) {
+ item->setOn( item->bits() >= 128 );
+ }
+
+ configChanged();
+ #endif
+}
+
+
+void KCryptoConfig::cwExp() {
+ #ifdef HAVE_SSL
+ CipherItem *item;
+ for ( item = static_cast<CipherItem *>(SSLv2Box->firstChild()); item;
+ item = static_cast<CipherItem *>(item->nextSibling()) ) {
+ item->setOn( item->bits() <= 56 && item->bits() > 0);
+ }
+
+ for ( item = static_cast<CipherItem *>(SSLv3Box->firstChild()); item;
+ item = static_cast<CipherItem *>(item->nextSibling()) ) {
+ item->setOn( item->bits() <= 56 && item->bits() > 0);
+ }
+
+ configChanged();
+ #endif
+}
+
+
+void KCryptoConfig::cwAll() {
+ #ifdef HAVE_SSL
+ CipherItem *item;
+ for ( item = static_cast<CipherItem *>(SSLv2Box->firstChild()); item;
+ item = static_cast<CipherItem *>(item->nextSibling()) ) {
+ item->setOn( true );
+ }
+
+ for ( item = static_cast<CipherItem *>(SSLv3Box->firstChild()); item;
+ item = static_cast<CipherItem *>(item->nextSibling()) ) {
+ item->setOn( true );
+ }
+
+ mUseTLS->setChecked(true);
+ mUseSSLv2->setChecked(true);
+ mUseSSLv3->setChecked(true);
+ configChanged();
+ #endif
+}
+
+
+
+void KCryptoConfig::slotExportCert() {
+OtherCertItem *x = static_cast<OtherCertItem *>(otherSSLBox->selectedItem());
+ if (x) {
+ policies->setGroup(x->getMD5());
+ KSSLCertificate *cert = KSSLCertificate::fromString(policies->readEntry("Certificate", QString::null).local8Bit());
+ if (cert) {
+ KCertExport kce;
+ kce.setCertificate(cert);
+ kce.exec();
+ delete cert;
+ } else KMessageBox::sorry(this, i18n("Could not open the certificate."),
+ i18n("SSL"));
+ }
+}
+
+
+
+void KCryptoConfig::slotRemoveCert() {
+QListViewItem *act = otherSSLBox->selectedItem();
+OtherCertItem *x = static_cast<OtherCertItem *>(act);
+ if (x) {
+ QListViewItem *next = act->itemBelow();
+ if (!next) next = act->itemAbove();
+ otherSSLBox->takeItem(x);
+ otherCertDelList.append(x);
+ configChanged();
+ if (next) otherSSLBox->setSelected(next, true);
+ }
+}
+
+
+
+void KCryptoConfig::slotVerifyCert() {
+OtherCertItem *x = static_cast<OtherCertItem *>(otherSSLBox->selectedItem());
+ if (!x) return;
+
+ policies->setGroup(x->getMD5());
+ KSSLCertificate *cert = KSSLCertificate::fromString(policies->readEntry("Certificate", QString::null).local8Bit());
+
+ if (!cert) {
+ KMessageBox::error(this, i18n("Error obtaining the certificate."), i18n("SSL"));
+ return;
+ }
+
+ cert->chain().setCertChain(policies->readListEntry("Chain"));
+
+ KSSLCertificate::KSSLValidation v = cert->revalidate(KSSLCertificate::SSLServer);
+
+ /*
+ * Don't enable this until we keep this info in the cache
+ if (v != KSSLCerticiate::Ok)
+ v = cert->revalidate(KSSLCertificate::SMIMESign);
+ if (v != KSSLCerticiate::Ok)
+ v = cert->revalidate(KSSLCertificate::SMIMEEncrypt);
+ */
+
+ if (v == KSSLCertificate::Ok) {
+ KMessageBox::information(this, i18n("This certificate passed the verification tests successfully."), i18n("SSL"));
+ } else {
+ KMessageBox::detailedError(this, i18n("This certificate has failed the tests and should be considered invalid."), KSSLCertificate::verifyText(v), i18n("SSL"));
+ }
+
+ delete cert;
+}
+
+
+
+void KCryptoConfig::slotUntil() {
+OtherCertItem *x = static_cast<OtherCertItem *>(otherSSLBox->selectedItem());
+
+ cachePerm->setChecked(false);
+ untilDate->setEnabled(true);
+
+ if (!x) return;
+ x->setPermanent(false);
+
+ configChanged();
+}
+
+
+
+void KCryptoConfig::slotPermanent() {
+OtherCertItem *x = static_cast<OtherCertItem *>(otherSSLBox->selectedItem());
+
+ cacheUntil->setChecked(false);
+ untilDate->setEnabled(false);
+
+ if (!x) return;
+ x->setPermanent(true);
+
+ configChanged();
+}
+
+
+
+void KCryptoConfig::slotPolicyChanged(int id) {
+OtherCertItem *x = static_cast<OtherCertItem *>(otherSSLBox->selectedItem());
+if (!x) return;
+
+ if (id == policyGroup->id(policyAccept)) {
+ x->setPolicy(KSSLCertificateCache::Accept);
+ } else if (id == policyGroup->id(policyReject)) {
+ x->setPolicy(KSSLCertificateCache::Reject);
+ } else if (id == policyGroup->id(policyPrompt)) {
+ x->setPolicy(KSSLCertificateCache::Prompt);
+ }
+
+ configChanged();
+}
+
+
+
+void KCryptoConfig::slotDatePick() {
+KDateTimeDlg kdtd;
+OtherCertItem *x = static_cast<OtherCertItem *>(otherSSLBox->selectedItem());
+
+ if (!x || !untilDate->isEnabled()) return;
+
+QDateTime qdt = x->getExpires();
+
+ kdtd.setDateTime(qdt);
+ int rc = kdtd.exec();
+ if (rc == KDialog::Accepted) {
+ x->setExpires(kdtd.getDateTime());
+ untilDate->setText(KGlobal::locale()->formatDateTime(x->getExpires()));
+ configChanged();
+ }
+}
+
+
+
+void KCryptoConfig::slotOtherCertSelect() {
+OtherCertItem *x = static_cast<OtherCertItem *>(otherSSLBox->selectedItem());
+QString iss = QString::null;
+ if (x) {
+ otherSSLExport->setEnabled(true);
+ otherSSLVerify->setEnabled(true);
+ otherSSLRemove->setEnabled(true);
+
+ fromLabel->setEnabled(true);
+ untilLabel->setEnabled(true);
+ policyGroup->setEnabled(true);
+ cacheGroup->setEnabled(true);
+ cachePerm->setEnabled(true);
+ cacheUntil->setEnabled(true);
+ policies->setGroup(x->getMD5());
+
+ KSSLCertificate *cert = KSSLCertificate::fromString(policies->readEntry("Certificate", QString::null).local8Bit());
+
+ if (cert) {
+ QPalette cspl;
+ iss = cert->getIssuer();
+ cspl = validFrom->palette();
+ if (QDateTime::currentDateTime(Qt::UTC) < cert->getQDTNotBefore()) {
+ cspl.setColor(QColorGroup::Foreground, QColor(196,33,21));
+ } else {
+ cspl.setColor(QColorGroup::Foreground, QColor(42,153,59));
+ }
+ validFrom->setPalette(cspl);
+
+ cspl = validUntil->palette();
+ if (QDateTime::currentDateTime(Qt::UTC) > cert->getQDTNotAfter()) {
+ cspl.setColor(QColorGroup::Foreground, QColor(196,33,21));
+ } else {
+ cspl.setColor(QColorGroup::Foreground, QColor(42,153,59));
+ }
+ validUntil->setPalette(cspl);
+
+ validFrom->setText(cert->getNotBefore());
+ validUntil->setText(cert->getNotAfter());
+ untilDate->setText(x ? KGlobal::locale()->formatDateTime(x->getExpires())
+ : KGlobal::locale()->formatDateTime(QDateTime::currentDateTime(Qt::UTC)));
+ untilDate->setEnabled(x && !x->isPermanent());
+ pHash->setText(cert->getMD5DigestText());
+ delete cert;
+ } else {
+ validFrom->setText(QString::null);
+ validUntil->setText(QString::null);
+ pHash->clear();
+ }
+
+ switch(x->getPolicy()) {
+ case KSSLCertificateCache::Accept:
+ policyGroup->setButton(policyGroup->id(policyAccept));
+ break;
+ case KSSLCertificateCache::Reject:
+ policyGroup->setButton(policyGroup->id(policyReject));
+ break;
+ case KSSLCertificateCache::Prompt:
+ policyGroup->setButton(policyGroup->id(policyPrompt));
+ break;
+ }
+
+ cachePerm->setChecked(x->isPermanent());
+ cacheUntil->setChecked(!x->isPermanent());
+
+ } else {
+ otherSSLExport->setEnabled(false);
+ otherSSLVerify->setEnabled(false);
+ otherSSLRemove->setEnabled(false);
+ fromLabel->setEnabled(false);
+ untilLabel->setEnabled(false);
+ policyGroup->setEnabled(false);
+ cacheGroup->setEnabled(false);
+ cachePerm->setChecked(false);
+ cacheUntil->setChecked(false);
+ policyAccept->setChecked(false);
+ policyReject->setChecked(false);
+ policyPrompt->setChecked(false);
+ cachePerm->setEnabled(false);
+ cacheUntil->setEnabled(false);
+ validFrom->setText(QString::null);
+ validUntil->setText(QString::null);
+ untilDate->setText(QString::null);
+ untilDate->setEnabled(false);
+ pHash->clear();
+ }
+
+
+ oSubject->setValues(x ? x->getSub() : QString(QString::null));
+ oIssuer->setValues(iss);
+
+}
+
+
+void KCryptoConfig::slotYourImport() {
+
+ QString certFile = KFileDialog::getOpenFileName(QString::null, "application/x-pkcs12");
+ if (certFile.isEmpty())
+ return;
+
+#ifdef HAVE_SSL
+KSSLPKCS12 *cert = NULL;
+QCString pass;
+
+TryImportPassAgain:
+ int rc = KPasswordDialog::getPassword(pass, i18n("Certificate password"));
+ if (rc != KPasswordDialog::Accepted) return;
+
+ cert = KSSLPKCS12::loadCertFile(certFile, QString(pass));
+
+ if (!cert) {
+ rc = KMessageBox::warningYesNo(this, i18n("The certificate file could not be loaded. Try a different password?"), i18n("SSL"),i18n("Try"),i18n("Do Not Try"));
+ if (rc == KMessageBox::Yes) goto TryImportPassAgain;
+ return;
+ }
+
+ // At this point, we know that we can read the certificate in.
+ // The procedure will be to convert it to Base64 in it's raw form
+ // and add it to the ListView - eventually going into the SimpleConfig.
+
+ // FIXME: prompt if the user wants the password stored along with the
+ // certificate
+
+ QString name = cert->getCertificate()->getSubject();
+ for (YourCertItem *i =
+ static_cast<YourCertItem *>(yourSSLBox->firstChild());
+ i;
+ i = static_cast<YourCertItem *>(i->nextSibling())) {
+ if (i->configName() == name) {
+ rc = KMessageBox::warningContinueCancel(this, i18n("A certificate with that name already exists. Are you sure that you wish to replace it?"), i18n("SSL"), i18n("Replace"));
+ if (rc == KMessageBox::Cancel) {
+ delete cert;
+ return;
+ }
+ yourSSLBox->takeItem(i);
+ yourCertDelList.append(i);
+ }
+ }
+
+ new YourCertItem(yourSSLBox,
+ cert->toString(),
+ QString::null, // the password - don't store it yet!
+ name,
+ this );
+
+ setAuthCertLists();
+ configChanged();
+ delete cert;
+#endif
+
+ offerImportToKMail( certFile );
+}
+
+
+void KCryptoConfig::slotYourExport() {
+YourCertItem *x = static_cast<YourCertItem *>(yourSSLBox->selectedItem());
+ if (!x) return;
+
+ KSSLPKCS12 *pkcs = KSSLPKCS12::fromString(x->getPKCS(), x->getPass());
+ if (!pkcs)
+ pkcs = KSSLPKCS12::fromString(x->getPKCS(), x->getPassCache());
+ if (!pkcs) {
+ QString pprompt = i18n("Enter the certificate password:");
+ QCString oldpass;
+ do {
+ int i = KPasswordDialog::getPassword(oldpass, pprompt);
+ if (i != KPasswordDialog::Accepted) return;
+ pkcs = KSSLPKCS12::fromString(x->getPKCS(), oldpass);
+ pprompt = i18n("Decoding failed. Please try again:");
+ } while (!pkcs);
+ x->setPassCache(oldpass);
+ slotYourUnlock();
+ }
+
+ // For now, we will only export to PKCS#12
+ QString certFile = KFileDialog::getSaveFileName(QString::null,
+ "application/x-pkcs12");
+ if (certFile.isEmpty())
+ return;
+
+ if (!pkcs->toFile(certFile))
+ KMessageBox::sorry(this, i18n("Export failed."), i18n("SSL"));
+}
+
+
+void KCryptoConfig::slotYourVerify() {
+YourCertItem *x = static_cast<YourCertItem *>(yourSSLBox->selectedItem());
+QString iss;
+ if (!x) return;
+
+ KSSLPKCS12 *pkcs = KSSLPKCS12::fromString(x->getPKCS(), x->getPass());
+ if (!pkcs)
+ pkcs = KSSLPKCS12::fromString(x->getPKCS(), x->getPassCache());
+ if (!pkcs) {
+ QString pprompt = i18n("Enter the certificate password:");
+ QCString oldpass;
+ do {
+ int i = KPasswordDialog::getPassword(oldpass, pprompt);
+ if (i != KPasswordDialog::Accepted) return;
+ pkcs = KSSLPKCS12::fromString(x->getPKCS(), oldpass);
+ pprompt = i18n("Decoding failed. Please try again:");
+ } while (!pkcs);
+ x->setPassCache(oldpass);
+ slotYourUnlock();
+ }
+
+ KSSLCertificate::KSSLValidation v = pkcs->revalidate(KSSLCertificate::SSLClient);
+ if (v != KSSLCertificate::Ok)
+ v = pkcs->revalidate(KSSLCertificate::SMIMEEncrypt);
+ if (v != KSSLCertificate::Ok)
+ v = pkcs->revalidate(KSSLCertificate::SMIMESign);
+
+ if (v == KSSLCertificate::Ok) {
+ KMessageBox::information(this, i18n("This certificate passed the verification tests successfully."), i18n("SSL"));
+ } else {
+ KMessageBox::detailedError(this, i18n("This certificate has failed the tests and should be considered invalid."), KSSLCertificate::verifyText(v), i18n("SSL"));
+ }
+
+ delete pkcs;
+}
+
+
+void KCryptoConfig::slotYourRemove() {
+YourCertItem *x = static_cast<YourCertItem *>(yourSSLBox->selectedItem());
+ if (x) {
+ yourSSLBox->takeItem(x);
+ yourCertDelList.append(x);
+ setAuthCertLists();
+ configChanged();
+ }
+}
+
+
+void KCryptoConfig::slotYourUnlock() {
+YourCertItem *x = static_cast<YourCertItem *>(yourSSLBox->selectedItem());
+QString iss;
+ if (!x || !yourSSLUnlock->isEnabled()) return;
+
+ KSSLPKCS12 *pkcs = KSSLPKCS12::fromString(x->getPKCS(), x->getPass());
+ if (!pkcs)
+ pkcs = KSSLPKCS12::fromString(x->getPKCS(), x->getPassCache());
+ if (!pkcs) {
+ QString pprompt = i18n("Enter the certificate password:");
+ QCString oldpass;
+ do {
+ int i = KPasswordDialog::getPassword(oldpass, pprompt);
+ if (i != KPasswordDialog::Accepted) return;
+ pkcs = KSSLPKCS12::fromString(x->getPKCS(), oldpass);
+ pprompt = i18n("Decoding failed. Please try again:");
+ } while (!pkcs);
+ x->setPassCache(oldpass);
+ }
+
+ // update the info
+ iss = pkcs->getCertificate()->getIssuer();
+ ySubject->setValues(x ? x->getName() : QString(QString::null));
+ yIssuer->setValues(iss);
+ QPalette cspl;
+ KSSLCertificate *cert = pkcs->getCertificate();
+ cspl = yValidFrom->palette();
+ if (QDateTime::currentDateTime(Qt::UTC) < cert->getQDTNotBefore()) {
+ cspl.setColor(QColorGroup::Foreground, QColor(196,33,21));
+ } else {
+ cspl.setColor(QColorGroup::Foreground, QColor(42,153,59));
+ }
+ yValidFrom->setPalette(cspl);
+
+ cspl = yValidUntil->palette();
+ if (QDateTime::currentDateTime(Qt::UTC) > cert->getQDTNotAfter()) {
+ cspl.setColor(QColorGroup::Foreground, QColor(196,33,21));
+ } else {
+ cspl.setColor(QColorGroup::Foreground, QColor(42,153,59));
+ }
+ yValidUntil->setPalette(cspl);
+
+ yValidFrom->setText(cert->getNotBefore());
+ yValidUntil->setText(cert->getNotAfter());
+ yHash->setText(cert->getMD5DigestText());
+ yourSSLUnlock->setEnabled(false);
+ delete pkcs;
+}
+
+
+void KCryptoConfig::slotYourCertSelect() {
+YourCertItem *x = static_cast<YourCertItem *>(yourSSLBox->selectedItem());
+QString iss;
+
+ yourSSLExport->setEnabled(x != NULL);
+ yourSSLPass->setEnabled(x != NULL);
+ yourSSLUnlock->setEnabled(false);
+ yourSSLVerify->setEnabled(x != NULL);
+ yourSSLRemove->setEnabled(x != NULL);
+
+ if (x) {
+ KSSLPKCS12 *pkcs = KSSLPKCS12::fromString(x->getPKCS(), x->getPass());
+ if (pkcs) {
+ QPalette cspl;
+ KSSLCertificate *cert = pkcs->getCertificate();
+ iss = cert->getIssuer();
+ cspl = yValidFrom->palette();
+ if (QDateTime::currentDateTime(Qt::UTC) < cert->getQDTNotBefore()) {
+ cspl.setColor(QColorGroup::Foreground, QColor(196,33,21));
+ } else {
+ cspl.setColor(QColorGroup::Foreground, QColor(42,153,59));
+ }
+ yValidFrom->setPalette(cspl);
+
+ cspl = yValidUntil->palette();
+ if (QDateTime::currentDateTime(Qt::UTC) > cert->getQDTNotAfter()) {
+ cspl.setColor(QColorGroup::Foreground, QColor(196,33,21));
+ } else {
+ cspl.setColor(QColorGroup::Foreground, QColor(42,153,59));
+ }
+ yValidUntil->setPalette(cspl);
+
+ yValidFrom->setText(cert->getNotBefore());
+ yValidUntil->setText(cert->getNotAfter());
+ yHash->setText(cert->getMD5DigestText());
+ delete pkcs;
+ } else {
+ yourSSLUnlock->setEnabled(x != NULL);
+ yHash->clear();
+ }
+ } else {
+ yHash->clear();
+ }
+
+ ySubject->setValues(x ? x->getName() : QString(QString::null));
+ yIssuer->setValues(iss);
+}
+
+
+void KCryptoConfig::slotYourPass() {
+YourCertItem *x = static_cast<YourCertItem *>(yourSSLBox->selectedItem());
+QCString oldpass = "";
+ if (!x) return;
+
+ KSSLPKCS12 *pkcs = KSSLPKCS12::fromString(x->getPKCS(), x->getPass());
+ if (!pkcs)
+ pkcs = KSSLPKCS12::fromString(x->getPKCS(), x->getPassCache());
+ if (!pkcs) {
+ QString pprompt = i18n("Enter the OLD password for the certificate:");
+ do {
+ int i = KPasswordDialog::getPassword(oldpass, pprompt);
+ if (i != KPasswordDialog::Accepted) break;
+ pkcs = KSSLPKCS12::fromString(x->getPKCS(), oldpass);
+ pprompt = i18n("Decoding failed. Please try again:");
+ } while (!pkcs);
+ }
+
+ if (pkcs) {
+ x->setPassCache(oldpass);
+ slotYourUnlock();
+ KPasswordDialog *kpd = new KPasswordDialog(KPasswordDialog::NewPassword, false, 0, this);
+ kpd->setPrompt(i18n("Enter the new certificate password"));
+ kpd->setAllowEmptyPasswords(true);
+
+ int i = kpd->exec();
+ if (i == KPasswordDialog::Accepted) {
+ QCString pass = kpd->password();
+ pkcs->changePassword(QString(oldpass), QString(pass));
+ x->setPKCS(pkcs->toString());
+ x->setPassCache(pass);
+ configChanged();
+ }
+ delete kpd;
+ delete pkcs;
+ }
+}
+
+
+void KCryptoConfig::slotCAImport() {
+ QString certFile = KFileDialog::getOpenFileName(QString::null, "application/x-x509-ca-cert");
+
+ if (certFile.isEmpty())
+ return;
+
+#ifdef HAVE_SSL
+#define sk_free KOSSL::self()->sk_free
+#define sk_num KOSSL::self()->sk_num
+#define sk_value KOSSL::self()->sk_value
+
+ // First try to load using the OpenSSL method
+ X509_STORE *certStore = KOSSL::self()->X509_STORE_new();
+ X509_LOOKUP *certLookup = KOSSL::self()->X509_STORE_add_lookup(certStore, KOSSL::self()->X509_LOOKUP_file());
+
+ if (certLookup &&
+ KOSSL::self()->X509_LOOKUP_load_file(certLookup,
+ certFile.local8Bit(),
+ X509_FILETYPE_PEM)) {
+ for (int i = 0; i < sk_X509_OBJECT_num(certStore->objs); i++) {
+ X509_OBJECT* x5o = sk_X509_OBJECT_value(certStore->objs, i);
+ if (!x5o) continue;
+
+ if (x5o->type != X509_LU_X509) continue;
+
+ X509 *x5 = x5o->data.x509;
+ if (!x5) continue;
+
+ // Easier to use in this form
+ KSSLCertificate *x = KSSLCertificate::fromX509(x5);
+
+ // Only import CA's
+ if (!x || !x->x509V3Extensions().certTypeCA()) {
+ if (x) {
+ QString emsg = x->getSubject() + ":\n" +
+ i18n("This is not a signer certificate.");
+ KMessageBox::error(this,
+ emsg,
+ i18n("SSL"));
+ delete x;
+ }
+ continue;
+ }
+
+ QString name = x->getSubject();
+
+ // search for dups
+ for (CAItem *m = static_cast<CAItem *>(caList->firstChild());
+ m;
+ m = static_cast<CAItem *>(m->nextSibling())) {
+ if (m->configName() == name) {
+ KSSLCertificate *y = KSSLCertificate::fromString(m->getCert().local8Bit());
+ if (!y) continue;
+ if (*x == *y) {
+ QString emsg = name + ":\n" +
+ i18n("You already have this signer certificate installed.");
+ KMessageBox::error(this,
+ emsg,
+ i18n("SSL"));
+ delete x;
+ delete y;
+ x = NULL;
+ break;
+ }
+ delete y;
+ }
+ }
+
+ if (!x) continue;
+
+ // Ok, add it to the list
+ (new CAItem(caList,
+ name,
+ x->toString(),
+ true, true, true, this)
+ )->isNew = true;
+ delete x;
+ }
+
+ // Can the PEM code be wiped out now?
+ } else { // try to load it manually as a single X.509 DER encoded
+ // ASSUMPTION: we only read one certificate in this code
+ QFile qf(certFile);
+ QString name;
+ QString certtext;
+ KSSLCertificate *x;
+ qf.open(IO_ReadOnly);
+ qf.readLine(certtext, qf.size());
+
+ if (certStore) { KOSSL::self()->X509_STORE_free(certStore);
+ certStore = NULL; }
+
+ if (certtext.contains("-----BEGIN CERTIFICATE-----")) {
+ qf.reset();
+ certtext = QString::null;
+ while (!qf.atEnd()) {
+ QString xx;
+ qf.readLine(xx, qf.size());
+ certtext += xx;
+ }
+ certtext = certtext.replace("-----BEGIN CERTIFICATE-----", QString::null);
+ certtext = certtext.replace("-----END CERTIFICATE-----", QString::null);
+ certtext = certtext.stripWhiteSpace();
+ certtext = certtext.replace("\n", QString::null);
+ } else {
+ // Must [could?] be DER
+ qf.close();
+ qf.open(IO_ReadOnly);
+ char *cr;
+ cr = new char[qf.size()+1];
+ qf.readBlock(cr, qf.size());
+ QByteArray qba;
+ qba.duplicate(cr, qf.size());
+ certtext = KCodecs::base64Encode(qba);
+ delete [] cr;
+ }
+
+ qf.close();
+
+ x = KSSLCertificate::fromString(certtext.latin1());
+
+ if (!x) {
+ KMessageBox::sorry(this,
+ i18n("The certificate file could not be loaded."),
+ i18n("SSL"));
+ return;
+ }
+
+ if (!x->x509V3Extensions().certTypeCA()) {
+ KMessageBox::sorry(this,
+ i18n("This is not a signer certificate."),
+ i18n("SSL"));
+ return;
+ }
+
+ name = x->getSubject();
+
+ for (CAItem *i = static_cast<CAItem *>(caList->firstChild());
+ i;
+ i = static_cast<CAItem *>(i->nextSibling())) {
+ if (i->configName() == name) {
+ KSSLCertificate *y = KSSLCertificate::fromString(i->getCert().local8Bit());
+ if (!y) continue;
+ if (*x == *y) {
+ KMessageBox::error(this,
+ i18n("You already have this signer certificate installed."),
+ i18n("SSL"));
+ delete x;
+ delete y;
+ return;
+ }
+ delete y;
+ }
+ }
+
+ (new CAItem(caList, name, x->toString(), true, true, true, this))->isNew = true;
+
+ delete x;
+ }
+
+
+ if (certStore) KOSSL::self()->X509_STORE_free(certStore);
+
+ configChanged();
+#undef sk_free
+#undef sk_num
+#undef sk_value
+#endif
+
+ offerImportToKMail( certFile );
+}
+
+void KCryptoConfig::offerImportToKMail( const QString& certFile )
+{
+ if ( KMessageBox::questionYesNo( this, i18n( "Do you want to make this certificate available to KMail as well?" ), QString::null, i18n("Make Available"), i18n("Do Not Make Available") ) == KMessageBox::Yes ) {
+ KProcess proc;
+ proc << "kleopatra";
+ proc << "--import-certificate";
+ proc << certFile;
+ if ( !proc.start( KProcess::DontCare ) )
+ KMessageBox::error( this, i18n( "Could not execute Kleopatra. You might have to install or update the kdepim package." ) );
+ }
+}
+
+
+void KCryptoConfig::slotCARemove() {
+CAItem *x = static_cast<CAItem *>(caList->selectedItem());
+ if (x) {
+ caList->takeItem(x);
+ caDelList.append(x);
+ configChanged();
+ slotCAItemChanged();
+ }
+}
+
+
+void KCryptoConfig::slotCARestore() {
+
+ int rc = KMessageBox::warningContinueCancel(this, i18n("This will revert your certificate signers database to the KDE default.\nThis operation cannot be undone.\nAre you sure you wish to continue?"), i18n("SSL"),i18n("Revert"));
+ if (rc == KMessageBox::Cancel) {
+ return;
+ }
+
+// For now, we just rm the existing file and rebuild
+
+ QString path = KGlobal::dirs()->saveLocation("config");
+
+ path += "/ksslcalist";
+
+ QFile::remove(path);
+
+ // Remove all our old work and rebuild the GUI/List
+ caDelList.clear();
+ caList->clear();
+
+
+ QStringList groups = _signers->list();
+ KConfig sigcfg("ksslcalist", true, false);
+
+ for (QStringList::Iterator i = groups.begin();
+ i != groups.end();
+ ++i) {
+ if ((*i).isEmpty() || *i == "<default>") continue;
+ if (!sigcfg.hasGroup(*i)) continue;
+ sigcfg.setGroup(*i);
+ if (!sigcfg.hasKey("x509")) continue;
+ new CAItem(caList,
+ (*i),
+ sigcfg.readEntry("x509", QString::null),
+ sigcfg.readBoolEntry("site", false),
+ sigcfg.readBoolEntry("email", false),
+ sigcfg.readBoolEntry("code", false),
+ this );
+ }
+
+ genCAList();
+ slotCAItemChanged();
+}
+
+
+void KCryptoConfig::slotCAItemChanged() {
+CAItem *x = static_cast<CAItem *>(caList->selectedItem());
+ if (x) {
+ caSSLRemove->setEnabled(true);
+ caSubject->setValues(x ? x->getName() : QString(QString::null));
+ KSSLCertificate *cert = KSSLCertificate::fromString(x->getCert().local8Bit());
+ if (!cert) {
+ caIssuer->setValues(QString(QString::null));
+ caSite->setEnabled(false);
+ caEmail->setEnabled(false);
+ caCode->setEnabled(false);
+ caSite->setChecked(false);
+ caEmail->setChecked(false);
+ caCode->setChecked(false);
+ cHash->clear();
+ } else {
+ caSite->setEnabled(cert->x509V3Extensions().certTypeSSLCA());
+ caEmail->setEnabled(cert->x509V3Extensions().certTypeEmailCA());
+ caCode->setEnabled(cert->x509V3Extensions().certTypeCodeCA());
+ caSite->setChecked(x->getSite());
+ caEmail->setChecked(x->getEmail());
+ caCode->setChecked(x->getCode());
+ caIssuer->setValues(cert->getIssuer());
+ cHash->setText(cert->getMD5DigestText());
+ delete cert;
+ }
+ } else {
+ caSSLRemove->setEnabled(false);
+ caSite->setEnabled(false);
+ caEmail->setEnabled(false);
+ caCode->setEnabled(false);
+ caSubject->setValues(QString(QString::null));
+ caIssuer->setValues(QString(QString::null));
+ cHash->clear();
+ }
+}
+
+
+void KCryptoConfig::slotCAChecked() {
+CAItem *x = static_cast<CAItem *>(caList->selectedItem());
+ if (x) {
+ x->setSite(caSite->isChecked());
+ x->setEmail(caEmail->isChecked());
+ x->setCode(caCode->isChecked());
+ x->modified = true;
+ configChanged();
+ }
+}
+
+
+
+void KCryptoConfig::slotNewHostAuth() {
+ HostAuthItem *j = new HostAuthItem(hostAuthList,
+ QString::null,
+ QString::null,
+ this );
+ j->setAction(KSSLCertificateHome::AuthSend);
+ hostAuthList->setSelected(j, true);
+ authHost->setEnabled(true);
+ hostCertBox->setEnabled(true);
+ hostCertBG->setEnabled(true);
+ authRemove->setEnabled(true);
+
+ hostCertBG->setButton(0);
+
+ authHost->setFocus();
+}
+
+
+
+void KCryptoConfig::slotRemoveHostAuth() {
+QListViewItem *act = hostAuthList->selectedItem();
+HostAuthItem *x = static_cast<HostAuthItem *>(act);
+
+ if (x) {
+ QListViewItem *next = act->itemBelow();
+ if (!next) next = act->itemAbove();
+ hostAuthList->takeItem(x);
+ authDelList.append(x);
+ configChanged();
+ if (next) hostAuthList->setSelected(next, true);
+ }
+}
+
+
+void KCryptoConfig::slotAuthItemChanged() {
+HostAuthItem *x = static_cast<HostAuthItem *>(hostAuthList->selectedItem());
+
+if (x) {
+ // Make sure the fields are enabled
+ authHost->setEnabled(true);
+ hostCertBox->setEnabled(true);
+ hostCertBG->setEnabled(true);
+ authRemove->setEnabled(true);
+
+ // Populate the fields
+ switch(x->getAction()) {
+ case KSSLCertificateHome::AuthSend:
+ hostCertBG->setButton(hostCertBG->id(hostSend));
+ break;
+ case KSSLCertificateHome::AuthPrompt:
+ hostCertBG->setButton(hostCertBG->id(hostPrompt));
+ break;
+ case KSSLCertificateHome::AuthDont:
+ hostCertBG->setButton(hostCertBG->id(hostDont));
+ break;
+ default:
+ hostSend->setChecked(false);
+ hostPrompt->setChecked(false);
+ hostDont->setChecked(false);
+ break;
+ }
+
+ ___lehack = true;
+ authHost->setText(x->configName());
+ ___lehack = false;
+ hostCertBox->setCurrentItem(0);
+
+ QString theCert = x->getCertName();
+ for (int i = 0; i < hostCertBox->count(); i++) {
+ if (hostCertBox->text(i) == theCert) {
+ hostCertBox->setCurrentItem(i);
+ break;
+ }
+ }
+} else {
+ authHost->clear();
+ authHost->setEnabled(false);
+ hostCertBox->setEnabled(false);
+ hostCertBG->setEnabled(false);
+ authRemove->setEnabled(false);
+}
+}
+
+
+void KCryptoConfig::slotAuthText(const QString &t) {
+if (___lehack) return;
+HostAuthItem *x = static_cast<HostAuthItem *>(hostAuthList->selectedItem());
+
+if (x) {
+ x->setHost(t);
+configChanged();
+}
+}
+
+
+
+void KCryptoConfig::slotAuthButtons() {
+HostAuthItem *x = static_cast<HostAuthItem *>(hostAuthList->selectedItem());
+
+if (x) {
+ KSSLCertificateHome::KSSLAuthAction aa = KSSLCertificateHome::AuthDont;
+ int sel = hostCertBG->id(hostCertBG->selected());
+
+ if (sel == hostCertBG->id(hostSend))
+ aa = KSSLCertificateHome::AuthSend;
+ else if (sel == hostCertBG->id(hostPrompt))
+ aa = KSSLCertificateHome::AuthPrompt;
+ else
+ aa = KSSLCertificateHome::AuthDont;
+
+ x->setAction(aa);
+configChanged();
+}
+}
+
+
+void KCryptoConfig::slotAuthCombo() {
+HostAuthItem *x = static_cast<HostAuthItem *>(hostAuthList->selectedItem());
+
+ if (x) {
+ if (hostCertBox->currentItem() == 0)
+ x->setCertName(QString::null);
+ else x->setCertName(hostCertBox->currentText());
+ configChanged();
+ }
+}
+
+
+void KCryptoConfig::slotTestOSSL() {
+KOSSL::self()->destroy();
+
+if (!KOSSL::self()->hasLibSSL()) {
+ KMessageBox::detailedSorry(this,
+ i18n("Failed to load OpenSSL."),
+ i18n("libssl was not found or successfully loaded."),
+ i18n("OpenSSL"));
+ return;
+}
+
+if (!KOSSL::self()->hasLibCrypto()) {
+ KMessageBox::detailedSorry(this,
+ i18n("Failed to load OpenSSL."),
+ i18n("libcrypto was not found or successfully loaded."),
+ i18n("OpenSSL"));
+ return;
+}
+
+ KMessageBox::information(this, i18n("OpenSSL was successfully loaded."), i18n("OpenSSL"));
+}
+
+
+void KCryptoConfig::slotUseEGD() {
+ if (mUseEGD->isChecked()) {
+ mUseEFile->setChecked(false);
+ }
+ mEGDLabel->setText(i18n("Path to EGD:"));
+ mEGDPath->setEnabled(mUseEGD->isChecked());
+ mEGDLabel->setEnabled(mUseEGD->isChecked());
+ configChanged();
+}
+
+
+void KCryptoConfig::slotUseEFile() {
+ if (mUseEFile->isChecked()) {
+ mUseEGD->setChecked(false);
+ }
+ mEGDLabel->setText(i18n("Path to entropy file:"));
+ mEGDPath->setEnabled(mUseEFile->isChecked());
+ mEGDLabel->setEnabled(mUseEFile->isChecked());
+ configChanged();
+}
+
+
+// Lets make this a separate module. it's a whole lot of work and can really be
+// encompassed in a separate module quite nicely.
+void KCryptoConfig::slotGeneratePersonal() {
+#if 0
+ QStringList qslCertTypes;
+
+ qslCertTypes << i18n("Personal SSL")
+ << i18n("Server SSL")
+ << i18n("S/MIME")
+ << i18n("PGP")
+ << i18n("GPG")
+ << i18n("SSL Personal Request")
+ << i18n("SSL Server Request")
+ << i18n("Netscape SSL")
+ << i18n("Server certificate authority", "Server CA")
+ << i18n("Personal certificate authority", "Personal CA")
+ << i18n("Secure MIME certificate authority", "S/MIME CA");
+#endif
+
+}
+
+
+#ifdef HAVE_SSL
+// This gets all the available ciphers from OpenSSL
+bool KCryptoConfig::loadCiphers() {
+unsigned int i;
+SSL_CTX *ctx;
+SSL *ssl;
+SSL_METHOD *meth;
+
+ SSLv2Box->clear();
+ SSLv3Box->clear();
+
+ meth = SSLv2_client_method();
+ SSLeay_add_ssl_algorithms();
+ ctx = SSL_CTX_new(meth);
+ if (ctx == NULL) return false;
+
+ ssl = SSL_new(ctx);
+ if (!ssl) return false;
+
+ CipherItem *item;
+ for (i=0; ; i++) {
+ int j, k;
+ SSL_CIPHER *sc;
+ sc = (meth->get_cipher)(i);
+ if (!sc)
+ break;
+ // Leak of sc*?
+ QString scn(sc->name);
+ if (scn.contains("ADH-") || scn.contains("NULL-") || scn.contains("DES-CBC3-SHA") || scn.contains("FZA-")) {
+ continue;
+ }
+ k = SSL_CIPHER_get_bits(sc, &j);
+
+ item = new CipherItem( SSLv2Box, sc->name, k, j, this );
+ }
+
+ if (ctx) SSL_CTX_free(ctx);
+ if (ssl) SSL_free(ssl);
+
+ // We repeat for SSLv3
+ meth = SSLv3_client_method();
+ SSLeay_add_ssl_algorithms();
+ ctx = SSL_CTX_new(meth);
+ if (ctx == NULL) return false;
+
+ ssl = SSL_new(ctx);
+ if (!ssl) return false;
+
+ for (i=0; ; i++) {
+ int j, k;
+ SSL_CIPHER *sc;
+ sc = (meth->get_cipher)(i);
+ if (!sc)
+ break;
+ // Leak of sc*?
+ QString scn(sc->name);
+ if (scn.contains("ADH-") || scn.contains("NULL-") || scn.contains("DES-CBC3-SHA") || scn.contains("FZA-")) {
+ continue;
+ }
+ k = SSL_CIPHER_get_bits(sc, &j);
+
+ item = new CipherItem( SSLv3Box, sc->name, k, j, this );
+ }
+
+ if (ctx) SSL_CTX_free(ctx);
+ if (ssl) SSL_free(ssl);
+
+return true;
+}
+#endif
+
+
+void KCryptoConfig::setAuthCertLists() {
+QString oldDef, oldHost;
+bool noneDef, noneHost;
+
+// get the old setting
+ oldDef = defCertBox->currentText();
+ oldHost = hostCertBox->currentText();
+ noneDef = (0 == defCertBox->currentItem());
+ noneHost = (0 == hostCertBox->currentItem());
+
+// repopulate
+ defCertBox->clear();
+ hostCertBox->clear();
+ QStringList defCertStrList; // = KSSLCertificateHome::getCertificateList();
+ defCertStrList.append(i18n("None"));
+ for (YourCertItem *x = static_cast<YourCertItem *>(yourSSLBox->firstChild());
+ x;
+ x = static_cast<YourCertItem *>(x->nextSibling())) {
+ defCertStrList.append(x->configName());
+ }
+ defCertBox->insertStringList(defCertStrList);
+ hostCertBox->insertStringList(defCertStrList);
+
+// try to restore it
+
+ defCertBox->setCurrentItem(0);
+ if (!noneDef) {
+ for (int i = 0; i < defCertBox->count(); i++) {
+ if (defCertBox->text(i) == oldDef) {
+ defCertBox->setCurrentItem(i);
+ break;
+ }
+ }
+ }
+
+ if (!noneDef && defCertBox->currentItem() == 0) configChanged();
+
+ hostCertBox->setCurrentItem(0);
+ if (!noneHost) {
+ for (int i = 0; i < hostCertBox->count(); i++) {
+ if (hostCertBox->text(i) == oldHost) {
+ hostCertBox->setCurrentItem(i);
+ break;
+ }
+ }
+ }
+
+ if (!noneHost && hostCertBox->currentItem() == 0) configChanged();
+
+ // Update the host entries too
+ for (HostAuthItem *x =
+ static_cast<HostAuthItem *>(hostAuthList->firstChild());
+ x;
+ x = static_cast<HostAuthItem *>(x->nextSibling())) {
+ QString newValue = QString::null;
+ for (int i = 1; i < hostCertBox->count(); i++) {
+ if (hostCertBox->text(i) == x->getCertName()) {
+ newValue = x->getCertName();
+ break;
+ }
+ }
+ if (newValue != x->getCertName()) configChanged();
+ x->setCertName(newValue);
+ }
+
+
+}
+
+#include "crypto.moc"
diff --git a/kcontrol/crypto/crypto.desktop b/kcontrol/crypto/crypto.desktop
new file mode 100644
index 000000000..127f1adab
--- /dev/null
+++ b/kcontrol/crypto/crypto.desktop
@@ -0,0 +1,229 @@
+[Desktop Entry]
+Icon=encrypted
+Type=Application
+Exec=kcmshell crypto
+DocPath=kcontrol/crypto/index.html
+
+X-KDE-Library=crypto
+X-KDE-ParentApp=kcontrol
+
+Name=Crypto
+Name[af]=Kripto
+Name[ar]=التشفير
+Name[az]=Şifrləmə
+Name[be]=Крыптаграфія
+Name[bg]=Шифроване
+Name[bn]=ক্রিপ্টো
+Name[br]=Krypto
+Name[cs]=Kryptografie
+Name[csb]=Kriptografijô
+Name[da]=Krypto
+Name[de]=Verschlüsselung
+Name[el]=Κρυπτογραφία
+Name[eo]=Ĉifrado
+Name[es]=Criptografía
+Name[et]=Krüpto
+Name[fa]=رمز
+Name[fi]=Salaus
+Name[fo]=Brongling
+Name[fr]=Cryptographie
+Name[fy]=kryptografie
+Name[ga]=Criptiú
+Name[gl]=Cifrado
+Name[he]=הצפנה
+Name[hi]=क्रिप्टो
+Name[hr]=Šifriranje
+Name[hu]=Titkosítás
+Name[id]=Kripto
+Name[is]=Dulritun
+Name[it]=Crittografia
+Name[ja]=暗号
+Name[ka]=კრიპტოგრაფია
+Name[kk]=Криптография
+Name[lo]=ການເຂົ້າລະຫັດ
+Name[lt]=Šifravimas
+Name[lv]=Kripto
+Name[mk]=Криптографија
+Name[mn]=Түлхүүрлэлт
+Name[mt]=Kriptografija
+Name[nb]=Kryptering
+Name[nds]=Verslöteln
+Name[ne]=क्रिप्टो
+Name[nl]=Cryptografie
+Name[nn]=Krypto
+Name[nso]=Tshiro
+Name[pl]=Kryptografia
+Name[pt]=Cifra
+Name[pt_BR]=Criptografia
+Name[ro]=Criptografie
+Name[ru]=Криптография
+Name[se]=Kryptografija
+Name[sk]=Šifrovanie
+Name[sl]=Kripto
+Name[sr]=Криптографија
+Name[sr@Latn]=Kriptografija
+Name[sv]=Krypto
+Name[ta]=சங்கேத
+Name[te]=క్రిప్టో
+Name[tg]=Рамзӣ
+Name[th]=การเข้ารหัส
+Name[tr]=Şifreleme
+Name[tt]=Serläw
+Name[uk]=Криптографія
+Name[uz]=Kripto
+Name[uz@cyrillic]=Крипто
+Name[vi]=Mật mã
+Name[wa]=Criptografeye
+Name[xh]=Imfihlo
+Name[zh_CN]=加密
+Name[zh_TW]=加密
+Comment=Configure SSL, manage certificates, and other cryptography settings
+Comment[af]=Konfigureer Ssl, bestuur sertifikate, en ander kriptografie instellings
+Comment[ar]=قم بتهيئة SSL و ادارة الشهادات اضافة الى اعدادات الضبط الأخرى
+Comment[az]=SSL,vəsiqə,vəsiqə qurğuları,digər şifrləmə qurğuları
+Comment[be]=Настаўленне SSL, кіраванне сертыфікатамі і іншыя настаўленні крыптаграфіі
+Comment[bg]=Настройване и управление на удостоверения за шифроване
+Comment[bn]=এস-এস-এল কনফিগার করুন, সার্টিফিকেট ম্যানেজ করুন এবং ক্রিপ্টোগ্রাফী সংক্রান্ত অন্যান্য মানসমূহ বেছে নিন
+Comment[bs]=Podešavanje SSL, upravljanje certifikatima i ostalim kriptografskim postavkama
+Comment[ca]=Aquí podeu configurar SSL, gestionar certificats, i altres valors de la criptografia
+Comment[cs]=Nastavení SSL, správa certifikátů a ostatní kryptografická nastavení
+Comment[csb]=Kònfigùracëjô SSL, sprôwianié certifikatama, jinszé kriptograficzné ùstôwë
+Comment[cy]=Ffurfweddu SSL, rheoli tystysgrifau a gosodiadau cryptograffeg eraill
+Comment[da]=Indstil SSL, håndtér certifikater og andre kryptografiske indstillinger
+Comment[de]=SSL einrichten, Zertifikate verwalten und andere Einstellungen zur Verschlüsselung von Daten vornehmen
+Comment[el]=Ρύθμιση SSL, διαχείριση πιστοποιητικών, και άλλες ρυθμίσεις κρυπτογραφίας
+Comment[eo]=Agordo de SSL, administrado de atestiloj ktp.
+Comment[es]=Configura SSL, administra los certificados y otras preferencias de criptografía.
+Comment[et]=SSL seadistamine, sertifikaatide haldamine jms.
+Comment[eu]=SSL konfiguratu, ziurtagiriak eta kriptografiaren beste ezarpen bazuk kudeatu
+Comment[fa]=پیکربندی SSL، گواهی‌نامه‌های مدیر و دیگر تنظیمات رمزنگاری
+Comment[fi]=SSL-, sertifikaatti- ja muut salausasetukset
+Comment[fr]=Configuration de SSL, de la cryptographie et gestion des certificats
+Comment[fy]=Hjir kinne jo SSL, sertifikatenbehear en oare kryptografyske ynstellings wizigje
+Comment[ga]=Cumraigh SSL, bainistigh teastais, agus socruithe cripteagrafaíochta eile
+Comment[gl]=Configurar SSL, xestionar certificados, e outras configuracións de cifrado
+Comment[he]=שינוי ההגדרות של SSL, ניהול תעודות, והגדרות הצפנה אחרות
+Comment[hi]=कॉन्फ़िगर एसएसएल, प्रमाणपत्र प्रबंधन, तथा अन्य क्रिप्टोग्राफी विन्यास करे
+Comment[hr]=Konfiguriranje SSL-a, upravljanje potvrdama i ostalim postavkama šifriranja
+Comment[hu]=Az SSL beállítása, a tanúsítványok kezelése és más titkosítási beállítások
+Comment[id]=Konfigurasi SSL, manaje sertifikat, dan seting kriptografi lainnya
+Comment[is]=Stilla SSL, vinna með skilríki og aðrar stillingar dulritunar
+Comment[it]=Configura SSL, gestisce certificati e altre impostazioni crittografiche
+Comment[ja]=SSL の設定、証明書の管理、その他の暗号作成形式の設定
+Comment[ka]= SSL კონფიგურაცია, სერთიფიკატის მენეჯმენტი და სხვა კრიპტოგრაფიული ელემენტების კონფიგურაცია
+Comment[kk]=SSL-ді баптау, сертификаттарды және басқа шифрлау параметрлерді басқару
+Comment[km]=កំណត់​រចនាសម្ព័ន្ធ SSL, គ្រប់គ្រង​វិញ្ញាបនបត្រ និង​ការ​កំណត់​រហស្សលិខសាស្ត្រ
+Comment[lo]=ປັບແຕ່ງ SSL, ຈັດການໃບຮັບຮອງແລະຕັ້ງການເຂົ້າລະຫັດອື່ນໆ
+Comment[lt]=Derina SSL, tvarko sertifikatus ir kitus šifravimo parametrus
+Comment[lv]=Konfigurēt SSL, pārvaldīt sertifikātus un citus kriptogrāfijas parametrus
+Comment[mk]=Конфигурација на SSL, менаџмент на сертификати\nи други криптографски поставувања
+Comment[mn]=SSL, Үнэмлэх зохицуулах, ба бусад нууцлалт тохируулах
+Comment[ms]=Konfigur SSL, urus sijil, dan seting kriptografi lain
+Comment[mt]=Ikkonfigura l-SSL, immaniġġja ċertifikati, u konfigurazzjoni oħra tal-kriptografija
+Comment[nb]=Innstilling av SSL, behandling av sertifikater og andre krypteringsinnstillinger
+Comment[nds]=SSL instellen, Zertifikaten plegen, un annere Verslöteln-Instellen
+Comment[ne]=SSL कन्फिगर गर्नुहोस्, प्रमाणपत्रहरू र अन्य गुप्तलेखन सेटिङ प्रबन्ध गर्नुहोस्
+Comment[nl]=Hier kunt u SSL, certificatenbeheer en andere cryptografische instellingen wijzigen
+Comment[nn]=Oppsett av SSL, sertifikat og andre krypteringsinnstillingar
+Comment[nso]=Beakanya SSL, laola dikgonthisiso, le dipeakanyo tsedingwe tsa tshiro
+Comment[oc]=Configura SSL, gestiona certificats, e autres valors de criptografia
+Comment[pa]=SSL ਸੰਰਚਨਾ,ਸਰਟੀਫਕੇਟ ਅਤੇ ਕਰੋਫਟੋਗਰਾਫੀ ਸੈਟਿੰਗ
+Comment[pl]=Konfiguracja SSL, zarządzanie certyfikatami, inne ustawienia kryptograficzne
+Comment[pt]=Configurar o SSL, gerir certificados e outras configurações de cifra
+Comment[pt_BR]=Configura SSL, gerencia certificados e outras configurações de criptografia
+Comment[ro]=Configurează SSL, administrează certificate și alte setări criptografice
+Comment[ru]=Настройка SSL, управление сертификатами и другими параметрами шифрования
+Comment[rw]=Kuboneza SSL, kuyobora impamyabushobozi , n'andi magenamiterere y'umukonobanga.
+Comment[se]=Heivet SSL:a, fuolat duođaštusaid, ja eará kryptografiija heivehusaid
+Comment[sk]=Konfigurácia SSL, správa certifikátov a iné kryptografické nastavenia
+Comment[sl]=Nastavite SSL, urejajte certifikate in ostale nastavitve šifriranja
+Comment[sr]=Подесите SSL, управљајте сертификатима и другим крииптографским поставкама
+Comment[sr@Latn]=Podesite SSL, upravljajte sertifikatima i drugim kriiptografskim postavkama
+Comment[sv]=Anpassa SSL, hantera certifikat, samt andra kryptografiska inställningar
+Comment[ta]=SSLஐ அமை , சான்றிதழ்களை கையாளு, மற்றும் ரகசிய அமைப்புகளை வடிவமை
+Comment[tg]= Мудирияти эътиборномаҳо, ва соири танзими SSL, танзимоти рамзнагузорӣ
+Comment[th]=ปรับแต่ง SSL, จัดการใบรับรอง และตั้งการการเข้ารหัสอื่น ๆ
+Comment[tr]=SSL,sertifika,sertifika ayarları,diğer şifreleme ayarları
+Comment[tt]=SSL, tanıqlıqlar, şulay uq başqa serläw çaraların caylaw üzäge bu
+Comment[uk]=Налаштування SSL, керування сертифікатами та іншими параметрами криптографії
+Comment[uz]=SSL'ni moslash, sertifikatlarni boshqarish va boshqa kriptografiya moslamalari
+Comment[uz@cyrillic]=SSL'ни мослаш, сертификатларни бошқариш ва бошқа криптография мосламалари
+Comment[ven]=Khonifiga SSL, i laula sethifikheithi, na dzine mbekanyo dza khiraiputogirafi
+Comment[vi]=Cấu hình SSL, quản lí giấy chứng nhận và các thiết lập về mật mã khác
+Comment[wa]=Apontiaedje SSL, manaedje les acertinaedjes et ls ôtès tchuzes di criptografeye
+Comment[xh]=Qwalasela i SSL, yenza iziqinisekiso, kunye nezinye izicwangciso zokufihlakeleyo
+Comment[zh_CN]=配置 SSL,管理证书和其它加密设置
+Comment[zh_TW]=設定 SSL、管理憑證和其它的加密設定
+Comment[zu]=Hlanganisela i-SSL, phatha izitifiketi, kanye nezinye izilungiselelo zokuqaqa umbhalo ongaqondakali
+
+Keywords=Crypto,Krypto,Cryptography,encryption,SSL,https,certificates,ciphers,TLS,secure,security
+Keywords[ar]=Crypto,Krypto,Cryptography,encryption,SSL,https,certificates,ciphers,TLS,secure,security,تشفير,التشفير,شهادات,الشهادات,الشفرات,آمن,الأمن
+Keywords[az]=Şifr,şifrləmə,kriptoqrafiya,SSL,https,vəsiqə,TLS,təhlüükəsizlik,e'tibarlı
+Keywords[be]=Крыптаграфія,шыфраванне,бяспека,бяспечны,Crypto,Krypto,Cryptography,encryption,SSL,https,certificates,ciphers,TLS,secure,security
+Keywords[bg]=шифър, шифроване, удостоверения, удостоверение, сигурност, сертификат, сертификати, шифри, ключове, Crypto, Krypto, Cryptography, encryption, SSL, https, certificates, ciphers, TLS, secure, security
+Keywords[ca]=Cripto,Kripto,Criptografia,xifrat,SSL,https,certificats,xifres,TLS,segur,seguretat
+Keywords[cs]=Kryptografie,Šifrování,SSL,https,Certifikáty,Kódy,Krypto,TLS,bezpečnost
+Keywords[csb]=Krypto,Kriptografijô,szifrowanié,SSL,https,cerifikatë,szifrë,TLS,bezpieczno,bezpiek
+Keywords[cy]=Crypto,Krypto,Cryptograffaeth,amgryptio,SSL,https,tystysgrifau,seifferau,TLS,diogel,diogelwch
+Keywords[da]=Crypto,Krypto,Kryptografi,kryptering,SSL,https,certifikater,chifre,TLS,sikker,sikkerhed
+Keywords[de]=Chiffrierung,Crypto,Krypto,Kryptographie,Verschlüsselung,SSL,https,Zertifikate,TLS,Sicherheit
+Keywords[el]=Κρυπτογραφία,Krypto,Κρυπτογράφηση,κρυπτογράφηση,SSL,https,πιστοποιητικά,ciphers,TLS,ασφαλές,ασφάλεια
+Keywords[eo]=ĉifrado,SSL,HTTPS,atestoj,ĉifroj,TLS,sekureco
+Keywords[es]=Criptografía,cifra,SSL,https,certificados,cifrados,TLS,seguro,seguridad
+Keywords[et]=Crypto,krüpto,krüptograafia,krüptimine,SSL,https,sertifikaadid,šifrid,TLS,turvaline,turvalisus
+Keywords[eu]=Crypto,Krypto,Kriptografia,enkriptazioa,SSL,https,ziurtagiriak,zifratuak,TLS,segurua,segurtasuna
+Keywords[fa]=Crypto، Krypto، رمزنگاری، رمزبندی،SSL، https،گواهی‌نامه‌ها، رمزها، TLS،امن، امنیت
+Keywords[fi]=Salaus,Krypto,SSL,https,sertifikaatit,salaukset,TLS,turvallinen,turvallisuus
+Keywords[fr]=cryptographie,cryptage,encryptage,chiffrage,SSL,https,certificats,codes,TLS,sécurisé,sécurité
+Keywords[fy]=crypto,krypto,kryptografie,fersifering,ssl,https,sertifikaten,siferje,tls,befeiliging,feilig,kodearring,kodearre,fersifering
+Keywords[ga]=Krypto,rúnscríobh,criptiú,incriptiúchán,SSL,https,teastais,sifir,TLS,daingean,slándáil
+Keywords[gl]=Criptografia,krypto,cripto,cifrado,SSL,https,certificados,ciphers,TLS,seguro,seguridade
+Keywords[he]=מאובטח,אבטחה,TLS,תעודות,צפנים,https,SSL,הצפנה,Crypto,Krypto,Cryptography,encryption,SSL,https,certificates,ciphers,TLS,secure,security
+Keywords[hi]=क्रिप्टो,क्रिप्टोग्राफी,एनक्रिप्शन,एसएसएल,एचटीटीपीएस,प्रमाणपत्र,साइफर्स,टीएलएस,सुरक्षित,सुरक्षा
+Keywords[hr]=Crypto,Krypto,Cryptography,encryption,SSL,https,certificates,ciphers,TLS,secure,security,Šifriranje,šifriranje,šifre,šifra,potvrde,sigurnost,osigurano
+Keywords[hu]=Crypto,Krypto,kriptográfia,titkosítás,SSL,https,tanúsítványok,kódolás,TLS,biztonságos,biztonság
+Keywords[id]=Kripto,Kriptografi,enkripsi,SSL,https,sertifikat,ciphers,TLS,secure,security
+Keywords[is]=Dulritun,Dulmál,Krypto,SSL,https,skilríki,brenglun,TLS,öryggi,öruggt
+Keywords[it]=crittografia,cifratura,SSL,https,certificati,cifrari,TLS,sicuro,sicurezza
+Keywords[ja]=暗号化,Krypto,暗号作成形式,暗号化,SSL,http,証明書,暗号,TLS,セキュア,セキュリティ
+Keywords[km]=Crypto,Krypto,រហស្សលិខសាស្ត្រ,ការ​បម្លែង​ជា​កូដ,SSL,https,វិញ្ញាបនបត្រ,សរសេរ​សម្ងាត់,TLS,សុវត្ថិភាព
+Keywords[lt]=Crypto,Krypto,Cryptography,kriptografija,encryption,šifravimas,SSL,https,certificates,sertifikatai,ciphers,šifrai,TLS,secure,saugus,security,saugumas,apsauga
+Keywords[lv]=Kripto,Kriptogrāfija,kodēšana,SSL,https,sertifkāti,kiperi,TLS,droši,drošība
+Keywords[mk]=Crypto,Krypto,Cryptography,encryption,SSL,https,certificates,ciphers,TLS,secure,security,Крипто,Криптографија,енкрипција,сертификати,шифри,сигурно,сигурност
+Keywords[mn]=Шифрлэх,Crypto,Krypto,Түлхүүрлэлт,Нууцлалт,SSL,https,Үнэмлэх,TLS,Хамгаалалт
+Keywords[mt]=Crypto,Krypto,Cryptography,encryption,SSL,https,certificates,ciphers,TLS,secure,security,kriptografija
+Keywords[nb]=Krypto,Kryptering,SSL,https,sertifikater,TTL,sikkerhet,sikker
+Keywords[nds]=Crypto,Krypto,Kryptografie,verslöteln,SSL,https,Zertifikaten,ciphers,TLS,seker,Sekerheit
+Keywords[ne]=क्रिप्टो, क्राइप्टो, गुप्तलेखन, समक्रमण, SSL, https, प्रमाणपत्र, गुप्त, TLS, सुरक्षण, सुरक्षा
+Keywords[nl]=crypto,krypto,cryptografie,encryptie,ssl,https,certificaten,ciphers,tls,beveiliging,veilig,codering,gecodeerd,versleuteling
+Keywords[nn]=Crypto,Krypto,kryptering,SSL,https,sertifikat,TLS,sikker,tryggleik
+Keywords[nso]=Tshiro,Krypto,Tshiro,sesiro,SSL,https,dikgonthisiso,ciphers,TSL, sireletsa,tshireletso
+Keywords[pa]=Crypto,Krypto,Cryptography,encryption,SSL,https,certificates,ciphers,TLS,secure,security, ਸੁਰੱਖਿਆ, ਇਕਰਿਪਸ਼ਨ
+Keywords[pl]=Krypto,Kryptografia,szyfrowanie,SSL,https,certyfikaty,szyfry,TLS,bezpieczny,bezpieczeństwo
+Keywords[pt]=Cifra,Criptografia,cifra,SSL,https,certificados,cifras,TLS,seguro,segurança,encriptação
+Keywords[pt_BR]=Cripto,Krypto,Criptografia,criptografia,SSL,https,certificados,cifras, TLS,seguro,segurança
+Keywords[ro]=crypto,criptografie,criptare,SSL,https,certificate,cifrare,TLS,sigur,securitate
+Keywords[ru]=Crypto,Krypto,Cryptography,encryption,SSL,https,certificates,ciphers,TLS,secure,security,сертификат,сертификаты,шифрование,подпись
+Keywords[rw]=Crypto,Krypto,Umukonobanga,isobeka,SSL,https,impamyabushobozi,imibarebanga,TLS,byizewe,umutekano
+Keywords[se]=Krypto,krypteren,SSL,https,duođaštusat,cipherat,sihkkarvuohtta,TLS
+Keywords[sk]=Crypto,Krypto,Kryptografia,kryptovanie,SSL,https,certifikáty,šifra,TLS,zabezpečenie,bezpečnosť
+Keywords[sl]=Kripto,Kriptografija,šifriranje,SSL,https,certifikati,šifrirni algoritmi,TLS,varnost,varno
+Keywords[sr]=Crypto,Krypto,Cryptography,encryption,SSL,https,certificates,ciphers,TLS,secure,security,Крипто,Криптографија,енкрипција,сертификати,шифре,безбедност
+Keywords[sr@Latn]=Crypto,Krypto,Cryptography,encryption,SSL,https,certificates,ciphers,TLS,secure,security,Kripto,Kriptografija,enkripcija,sertifikati,šifre,bezbednost
+Keywords[sv]=Crypto,Krypto,Kryptografi,kryptering,SSL,https,certifikat,krypton,TLS,säkra,säkerhet
+Keywords[ta]=ரகசிய,ரகசிய,ரகசியமான,சங்கேதம்,SSL,https,சான்றிதழ்கள்,ciphers,TLS,பாதுகாப்பான,பாதுகாப்பு
+Keywords[tg]=Crypto,Krypto,Cryptography,encryption,SSL,https,certificates,ciphers,TLS,secure,security,рамз,рамзгузорӣ,амният
+Keywords[th]=เข้ารหัส,Krypto,Cryptography,การเข้ารหัส,SSL,https,ใบรับรอง,ciphers,TLS,ปลอดภัย,ความปลอดภัย
+Keywords[tr]=Şifre,şifreleme,şifrebilim,SSL,https,sertifika,TLS,güvenlik,güvenli
+Keywords[uk]=криптографія,криптографія,Cryptography,шифрування,SSL,https,TLS,сертифікати,шифри,Crypto,Krypto,безпека,безпечність
+Keywords[uz]=SSL,https,TLS,Kripto,Kriptografiya,kodlash,sertifikatlar,shifr,xavfsiz,xavfsizlik
+Keywords[uz@cyrillic]=SSL,https,TLS,Крипто,Криптография,кодлаш,сертификатлар,шифр,хавфсиз,хавфсизлик
+Keywords[ven]=Crypto,Krypto,Cryptography,encryption,SSL,https,sethifikheithi,ciphers,TLS,tsireledza,vhutsireledzi
+Keywords[vi]=Mật mã,Mã khoá,Mật mã học,mã hóa,SSL,https,giấy chứng nhận,phá mã,TLS,bảo mật,sự bảo mật
+Keywords[wa]=Crypto,Krypto,criptografeye,SSL,https,certificates,acertinaedjes,ciphers,TLS,secure,security,såve,såvrité
+Keywords[xh]=Imfihlo,Imfihlo,Okufihlakeleyo,ufihlo,SSL,https,iziqinisekiso,imibhalo efihlakeleyo,TLS,khusela,ukhuseleko
+Keywords[zh_CN]=Crypto,Krypto,Cryptography,encryption,SSL,https,certificates,ciphers,TLS,secure,security,加密,加密学,证书,密码,安全
+Keywords[zh_TW]=Crypto,Krypto,Cryptography,encryption,SSL,https,certificates,ciphers,TLS,secure,security,加密,加密學,証書,密碼,安全
+Keywords[zu]=Crypto,Krypto,Ukuqaqa umbhalo ongaqondakali,SSL,https, izitifiketi,imibhalo yekhodi,TLS,vikela,ukuvikela
+
+Categories=Qt;KDE;X-KDE-settings-security;
diff --git a/kcontrol/crypto/crypto.h b/kcontrol/crypto/crypto.h
new file mode 100644
index 000000000..4d335570a
--- /dev/null
+++ b/kcontrol/crypto/crypto.h
@@ -0,0 +1,362 @@
+/**
+ * crypto.h
+ *
+ * Copyright (c) 2000-2001 George Staikos <staikos@kde.org>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published
+ * by the Free Software Foundation; either version 2.1 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+
+#ifndef _CRYPTO_H
+#define _CRYPTO_H
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <qcheckbox.h>
+#include <qdatetime.h>
+#include <qlineedit.h>
+#include <qlistview.h>
+#include <qptrlist.h>
+#include <qtabwidget.h>
+#include <qvbuttongroup.h>
+
+#include <kcmodule.h>
+#include <ksimpleconfig.h>
+
+class QGridLayout;
+class QVButtonGroup;
+
+class KComboBox;
+class KCryptoConfig;
+class KPushButton;
+class KSSLCertBox;
+class KSSLSigners;
+class KURLLabel;
+class KURLRequester;
+
+class CipherItem : public QCheckListItem
+{
+public:
+ CipherItem( QListView *view, const QString& cipher, int bits, int maxBits,
+ KCryptoConfig *module );
+ ~CipherItem() {}
+
+ void setCipher( const QString& cipher ) { m_cipher = cipher; }
+ const QString& cipher() const { return m_cipher; }
+ void setBits( int bits ) { m_bits = bits; }
+ int bits() const { return m_bits; }
+
+ QString configName() const;
+
+protected:
+ virtual void stateChange( bool );
+
+private:
+ int m_bits;
+ QString m_cipher;
+ KCryptoConfig *m_module; // just to call configChanged()
+};
+
+
+
+class OtherCertItem : public QListViewItem
+{
+public:
+ OtherCertItem(QListView *view, const QString& sub, const QString& md5, bool perm, int policy, QDateTime exp, KCryptoConfig *module );
+ ~OtherCertItem() {}
+
+ QString configName() const;
+ const QString& getSub() { return _sub; }
+ int getPolicy() { return _policy; }
+ const QString& getMD5() { return _md5; }
+ bool isPermanent() { return _perm; }
+ QDateTime getExpires() { return _exp; }
+ void setPolicy(int x) { _policy = x; }
+ void setPermanent(bool x) { _perm = x; }
+ void setExpires(QDateTime x) { _exp = x; }
+
+protected:
+ virtual void stateChange( bool );
+
+private:
+ QString _sub, _md5;
+ KCryptoConfig *m_module; // just to call configChanged()
+ QDateTime _exp;
+ bool _perm;
+ int _policy;
+};
+
+
+
+
+class YourCertItem : public QListViewItem
+{
+public:
+ YourCertItem(QListView *view, QString pkcs, QString pass, QString name, KCryptoConfig *module );
+ ~YourCertItem() {}
+
+ QString configName() const;
+ QString& getPKCS() { return _pkcs; }
+ void setPKCS(QString pkcs) { _pkcs = pkcs; }
+ QString& getPass() { return _pass; }
+ void setPass(QString pass) { _pass = pass; }
+ QString& getName() { return _name; }
+ void setName(QString name) { _name = name; }
+ QString& getPassCache() { return _cpass; }
+ void setPassCache(QString pass) { _cpass = pass; }
+
+protected:
+ virtual void stateChange( bool );
+
+private:
+ QString _pkcs;
+ QString _pass;
+ QString _cpass;
+ QString _name;
+ KCryptoConfig *m_module; // just to call configChanged()
+};
+
+
+
+
+class CAItem : public QListViewItem
+{
+public:
+ CAItem(QListView *view, QString name, QString cert, bool site, bool email, bool code, KCryptoConfig *module );
+ ~CAItem() {}
+
+ QString configName() const;
+ QString& getName() { return _name; }
+ void setName(QString name) { _name = name; }
+
+ inline QString getCert() const { return _cert; }
+ inline bool getSite() const { return _site; }
+ inline bool getEmail() const { return _email; }
+ inline bool getCode() const { return _code; }
+ inline void setSite(bool x) { _site = x; }
+ inline void setEmail(bool x) { _email = x; }
+ inline void setCode(bool x) { _code = x; }
+
+ bool isNew, modified;
+
+protected:
+ virtual void stateChange( bool );
+
+private:
+ QString _name;
+ QString _cert;
+ bool _site, _email, _code;
+ KCryptoConfig *m_module; // just to call configChanged()
+};
+
+
+
+
+
+class HostAuthItem : public QListViewItem
+{
+public:
+ HostAuthItem(QListView *view, QString host, QString name, KCryptoConfig *module ) : QListViewItem(view, QString::null ) {
+ _name = name; _host = host;
+ m_module = module;
+ setText(0, _host);
+ setText(1, _name);
+ _oname = QString::null;
+ }
+ ~HostAuthItem() {}
+
+ void setAction(KSSLCertificateHome::KSSLAuthAction aa) {
+ _aa = aa;
+ switch (aa) {
+ case KSSLCertificateHome::AuthSend:
+ setText(2, i18n("Send"));
+ break;
+ case KSSLCertificateHome::AuthDont:
+ setText(2, i18n("Don't Send"));
+ break;
+ case KSSLCertificateHome::AuthPrompt:
+ setText(2, i18n("Prompt"));
+ break;
+ default:
+ break;
+ }
+ }
+ KSSLCertificateHome::KSSLAuthAction getAction() const { return _aa; }
+ QString configName() const { return _host; }
+ QString getCertName() const { return _name; }
+ void setCertName(QString name) { _name = name; setText(1, name); }
+ void setHost(QString name) { _host = name; setText(0, name); }
+ void setOriginalName(QString oname) { _oname = oname; }
+ QString originalName() const { return _oname; }
+
+protected:
+
+private:
+ QString _host;
+ QString _name, _oname;
+ KSSLCertificateHome::KSSLAuthAction _aa;
+ KCryptoConfig *m_module; // just to call configChanged()
+};
+
+
+
+
+
+class KCryptoConfig : public KCModule
+{
+ Q_OBJECT
+public:
+ KCryptoConfig(QWidget *parent = 0L, const char *name = 0L, const QStringList &list = QStringList());
+ virtual ~KCryptoConfig();
+
+ void load();
+ void load( bool useDefaults );
+ void save();
+ void defaults();
+
+#ifdef HAVE_SSL
+ bool loadCiphers();
+#endif
+
+public slots:
+ void configChanged();
+
+ void slotGeneratePersonal();
+ void slotUseEGD();
+ void slotUseEFile();
+ void slotSelectCipher(int id);
+
+ void slotTestOSSL();
+
+ void slotExportCert();
+ void slotRemoveCert();
+ void slotVerifyCert();
+ void slotOtherCertSelect();
+ void slotPolicyChanged(int id);
+ void slotPermanent();
+ void slotUntil();
+ void slotDatePick();
+
+ void slotYourImport();
+ void slotYourExport();
+ void slotYourVerify();
+ void slotYourRemove();
+ void slotYourUnlock();
+ void slotYourPass();
+ void slotYourCertSelect();
+
+ void slotNewHostAuth();
+ void slotRemoveHostAuth();
+ void slotAuthItemChanged();
+ void slotAuthText(const QString &t);
+ void slotAuthButtons();
+ void slotAuthCombo();
+
+ void slotCAImport();
+ void slotCARemove();
+ void slotCARestore();
+ void slotCAItemChanged();
+ void slotCAChecked();
+
+protected:
+ void cwCompatible();
+ void cwUS();
+ void cwExp();
+ void cwAll();
+
+private:
+
+ void offerImportToKMail( const QString& certFile );
+ void setAuthCertLists();
+ void genCAList();
+
+ QTabWidget *tabs;
+ QWidget *tabSSL, *tabOSSL;
+
+ QWidget *tabYourSSLCert, *tabOtherSSLCert, *tabSSLCA, *tabSSLCOpts, *tabAuth;
+
+ QListView *SSLv2Box, *SSLv3Box;
+ QCheckBox *mUseTLS, *mUseSSLv2, *mUseSSLv3;
+ QCheckBox *mWarnOnEnter, *mWarnOnLeave;
+
+ /* EGD stuff */
+ QLabel *mEGDLabel;
+ KURLRequester *mEGDPath;
+ QCheckBox *mUseEGD;
+ QCheckBox *mUseEFile;
+
+ /* CipherWizards */
+ QPushButton *mCWall, *mCWus, *mCWexp, *mCWcompatible;
+
+ QCheckBox *mWarnOnUnencrypted, *mWarnOnMixed;
+ QListView *yourSSLBox, *otherSSLBox, *caList;
+ QCheckBox *mWarnSelfSigned, *mWarnExpired, *mWarnRevoked;
+ QPushButton *macAdd, *macRemove;
+ KPushButton *macClear;
+ QListBox *macBox;
+ QPushButton *otherSSLExport, *otherSSLView, *otherSSLRemove, *otherSSLVerify;
+ QPushButton *yourSSLImport, *yourSSLPass, *yourSSLRemove, *yourSSLExport,
+ *yourSSLUnlock, *yourSSLVerify;
+ QRadioButton *yourSSLUseDefault, *yourSSLList, *yourSSLDont;
+ QLineEdit *macCert;
+ KSSLCertBox *oSubject, *oIssuer;
+ KSSLCertBox *ySubject, *yIssuer;
+ QGridLayout *oGrid;
+
+ QVButtonGroup *policyGroup;
+ QVButtonGroup *cacheGroup;
+ QRadioButton *policyAccept, *policyReject, *policyPrompt;
+ QRadioButton *cacheUntil, *cachePerm;
+ QLabel *fromLabel, *untilLabel;
+ QLabel *validFrom, *validUntil;
+ QLabel *yValidFrom, *yValidUntil;
+ KURLLabel *untilDate;
+
+ QVGroupBox *oInfo;
+ KURLRequester *oPath;
+ QPushButton *oTest;
+ QPtrList<OtherCertItem> otherCertDelList;
+ QPtrList<YourCertItem> yourCertDelList;
+ QPtrList<CAItem> caDelList;
+
+ /* Personal Cert Policies tab */
+ KComboBox *defCertBox;
+ KComboBox *hostCertBox;
+ QVButtonGroup *defCertBG;
+ QHButtonGroup *hostCertBG;
+ QRadioButton *defSend, *defPrompt, *defDont;
+ QRadioButton *hostSend, *hostPrompt, *hostDont;
+ QListView *hostAuthList;
+ QPushButton *authAdd, *authRemove;
+ QLineEdit *authHost;
+ QPtrList<HostAuthItem> authDelList;
+ QLabel *yHash, *pHash;
+
+ /* CA stuff */
+ KSSLCertBox *caSubject, *caIssuer;
+ QPushButton *caSSLImport, *caSSLRemove, *caSSLRestore;
+ QCheckBox *caSite, *caEmail, *caCode;
+ KSSLSigners *_signers;
+ QLabel *cHash;
+
+ KConfig *config;
+ KSimpleConfig *policies, *pcerts, *authcfg;
+ KConfig *cacfg;
+
+ bool ___lehack; // to hack around a lineedit problem
+};
+
+#endif
diff --git a/kcontrol/crypto/kdatetimedlg.cpp b/kcontrol/crypto/kdatetimedlg.cpp
new file mode 100644
index 000000000..26001afdd
--- /dev/null
+++ b/kcontrol/crypto/kdatetimedlg.cpp
@@ -0,0 +1,118 @@
+/**
+ * kdatetimedlg.cpp
+ *
+ * Copyright (c) 2001 George Staikos <staikos@kde.org>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published
+ * by the Free Software Foundation; either version 2.1 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include "kdatetimedlg.h"
+#include <qlayout.h>
+#include <qlabel.h>
+#include <klocale.h>
+#include <kdebug.h>
+#include <kdatepicker.h>
+#include <kpushbutton.h>
+#include <knuminput.h>
+#include <kstdguiitem.h>
+
+KDateTimeDlg::KDateTimeDlg(QWidget *parent, const char *name)
+ : KDialog(parent, name, true) {
+QGridLayout *grid = new QGridLayout(this, 9, 6, marginHint(), spacingHint());
+
+ setCaption(i18n("Date & Time Selector"));
+
+ _date = new KDatePicker(this);
+ grid->addMultiCellWidget(_date, 0, 5, 0, 5);
+
+ grid->addWidget(new QLabel(i18n("Hour:"), this), 7, 0);
+ _hours = new KIntNumInput(this);
+ _hours->setRange(0, 23, 1, false);
+ grid->addWidget(_hours, 7, 1);
+
+ grid->addWidget(new QLabel(i18n("Minute:"), this), 7, 2);
+ _mins = new KIntNumInput(this);
+ _mins->setRange(0, 59, 1, false);
+ grid->addWidget(_mins, 7, 3);
+
+ grid->addWidget(new QLabel(i18n("Second:"), this), 7, 4);
+ _secs = new KIntNumInput(this);
+ _secs->setRange(0, 59, 1, false);
+ grid->addWidget(_secs, 7, 5);
+
+ _ok = new KPushButton(KStdGuiItem::ok(), this);
+ grid->addWidget(_ok, 8, 4);
+ connect(_ok, SIGNAL(clicked()), SLOT(accept()));
+
+ _cancel = new KPushButton(KStdGuiItem::cancel(), this);
+ grid->addWidget(_cancel, 8, 5);
+ connect(_cancel, SIGNAL(clicked()), SLOT(reject()));
+
+}
+
+
+KDateTimeDlg::~KDateTimeDlg() {
+
+}
+
+
+QDate KDateTimeDlg::getDate() {
+ return _date->date();
+}
+
+
+QTime KDateTimeDlg::getTime() {
+QTime rc(_hours->value(), _mins->value(), _secs->value());
+return rc;
+}
+
+
+QDateTime KDateTimeDlg::getDateTime() {
+QDateTime qdt;
+QTime qtime(_hours->value(), _mins->value(), _secs->value());
+
+ qdt.setDate(_date->date());
+ qdt.setTime(qtime);
+
+return qdt;
+}
+
+
+void KDateTimeDlg::setDate(const QDate& qdate) {
+ _date->setDate(qdate);
+}
+
+
+void KDateTimeDlg::setTime(const QTime& qtime) {
+ _hours->setValue(qtime.hour());
+ _mins->setValue(qtime.minute());
+ _secs->setValue(qtime.second());
+}
+
+
+void KDateTimeDlg::setDateTime(const QDateTime& qdatetime) {
+ _date->setDate(qdatetime.date());
+ _hours->setValue(qdatetime.time().hour());
+ _mins->setValue(qdatetime.time().minute());
+ _secs->setValue(qdatetime.time().second());
+}
+
+
+#include "kdatetimedlg.moc"
+
diff --git a/kcontrol/crypto/kdatetimedlg.h b/kcontrol/crypto/kdatetimedlg.h
new file mode 100644
index 000000000..3f25cad2b
--- /dev/null
+++ b/kcontrol/crypto/kdatetimedlg.h
@@ -0,0 +1,60 @@
+/**
+ * kdatetimedlg.h
+ *
+ * Copyright (c) 2001 George Staikos <staikos@kde.org>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published
+ * by the Free Software Foundation; either version 2.1 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+
+#ifndef _KDATETIMEDLG_H
+#define _KDATETIMEDLG_H
+
+#include <kdialog.h>
+
+class KDatePicker;
+class KIntNumInput;
+class KPushButton;
+class QDate;
+class QTime;
+class QDateTime;
+
+class KDateTimeDlgPrivate;
+
+class KDateTimeDlg : public KDialog
+{
+ Q_OBJECT
+public:
+ KDateTimeDlg(QWidget *parent = 0L, const char *name = 0L);
+ virtual ~KDateTimeDlg();
+
+ virtual QTime getTime();
+ virtual QDate getDate();
+ virtual QDateTime getDateTime();
+
+ virtual void setDate(const QDate& qdate);
+ virtual void setTime(const QTime& qtime);
+ virtual void setDateTime(const QDateTime& qdatetime);
+
+protected slots:
+
+private:
+ KPushButton *_ok, *_cancel;
+ KDatePicker *_date;
+ KIntNumInput *_hours, *_mins, *_secs;
+
+ KDateTimeDlgPrivate *d;
+};
+
+#endif