Commit 0b12d770 authored by Ingo Klöcker's avatar Ingo Klöcker
Browse files

Allow creation of CSRs for card keys of OpenPGP cards

The creation of CSRs for the signing key and the authentication key
is possible (i.e. supported by gpgsm). The creation of a CSR for the
encryption key fails (because signing the request with this key fails
with "Invalid ID").

The creation of CSRs may still fail for certain OpenPGP keys, e.g.
ed25519 keys do not seem to be supported by gpgsm ("Invalid digest
algorithm"). I'm not checking this in Kleopatra in case those keys will
later be supported in gpgsm.

GnuPG-bug-id: 5183
parent 6106b1f8
Pipeline #44285 passed with stage
in 19 minutes and 31 seconds
......@@ -16,6 +16,7 @@
#include "dialogs/createcsrforcardkeydialog.h"
#include "smartcard/openpgpcard.h"
#include "smartcard/pivcard.h"
#include "smartcard/readerstatus.h"
......@@ -124,7 +125,7 @@ QStringList getKeyUsages(const KeyPairInfo &keyInfo)
void CreateCSRForCardKeyCommand::Private::start()
{
if (appName != PIVCard::AppName) {
if (appName != OpenPGPCard::AppName && appName != PIVCard::AppName) {
qCWarning(KLEOPATRA_LOG) << "CreateCSRForCardKeyCommand does not support card application" << QString::fromStdString(appName);
finished();
return;
......
......@@ -14,6 +14,7 @@
#include "kleopatra_debug.h"
#include "commands/changepincommand.h"
#include "commands/createcsrforcardkeycommand.h"
#include "commands/createopenpgpkeyfromcardkeyscommand.h"
#include "smartcard/openpgpcard.h"
......@@ -103,6 +104,9 @@ static void layoutKeyWidgets(QGridLayout *grid, const QString &keyName, const PG
int row = grid->rowCount();
grid->addWidget(new QLabel(keyName), row, 0);
grid->addWidget(keyWidgets.keyFingerprint, row, 1);
if (keyWidgets.createCSRButton) {
grid->addWidget(keyWidgets.createCSRButton, row, 2);
}
}
} // Namespace
......@@ -233,6 +237,14 @@ PGPCardWidget::KeyWidgets PGPCardWidget::createKeyWidgets(const KeyPairInfo &key
KeyWidgets keyWidgets;
keyWidgets.keyFingerprint = new QLabel(this);
keyWidgets.keyFingerprint->setTextInteractionFlags(Qt::TextBrowserInteraction);
if (keyInfo.canCertify() || keyInfo.canSign() || keyInfo.canAuthenticate())
{
keyWidgets.createCSRButton = new QPushButton(i18nc("@action:button", "Create CSR"), this);
keyWidgets.createCSRButton->setToolTip(i18nc("@info:tooltip", "Create a certificate signing request for this key"));
keyWidgets.createCSRButton->setEnabled(false);
connect(keyWidgets.createCSRButton, &QPushButton::clicked,
this, [this, keyRef] () { createCSR(keyRef); });
}
mKeyWidgets.insert(keyRef, keyWidgets);
return keyWidgets;
}
......@@ -500,6 +512,17 @@ void PGPCardWidget::createKeyFromCardKeys()
cmd->start();
}
void PGPCardWidget::createCSR(const std::string &keyref)
{
auto cmd = new CreateCSRForCardKeyCommand(keyref, mRealSerial, OpenPGPCard::AppName, this);
this->setEnabled(false);
connect(cmd, &CreateCSRForCardKeyCommand::finished,
this, [this]() {
this->setEnabled(true);
});
cmd->start();
}
void PGPCardWidget::updateKeyWidgets(const std::string &keyRef, const OpenPGPCard *card)
{
KeyWidgets widgets = mKeyWidgets.value(keyRef);
......@@ -507,6 +530,9 @@ void PGPCardWidget::updateKeyWidgets(const std::string &keyRef, const OpenPGPCar
widgets.keyGrip = grip;
if (grip.empty()) {
widgets.keyFingerprint->setText(i18n("Slot empty"));
if (widgets.createCSRButton) {
widgets.createCSRButton->setEnabled(false);
}
} else {
if (card) {
// update information if called with card
......@@ -533,6 +559,9 @@ void PGPCardWidget::updateKeyWidgets(const std::string &keyRef, const OpenPGPCar
widgets.keyFingerprint->setToolTip(toolTips.join(QLatin1String("<br/>")));
}
}
if (widgets.createCSRButton) {
widgets.createCSRButton->setEnabled(true);
}
}
}
......
......@@ -44,6 +44,7 @@ public:
struct KeyWidgets {
std::string keyGrip;
QLabel *keyFingerprint = nullptr;
QPushButton *createCSRButton = nullptr;
};
public Q_SLOTS:
......@@ -53,6 +54,7 @@ public Q_SLOTS:
void changeUrlRequested();
void changeUrlResult(const GpgME::Error &err);
void createKeyFromCardKeys();
void createCSR(const std::string &keyref);
private:
KeyWidgets createKeyWidgets(const SmartCard::KeyPairInfo &keyInfo);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment