Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
What's new
10
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Open sidebar
PIM
Kleopatra
Commits
39d57bdd
Commit
39d57bdd
authored
Sep 15, 2020
by
Ingo Klöcker
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Support transferring X.509 encryption certificates to PIV cards
GnuPG-bug-id: 4794
parent
01b419c5
Pipeline
#34394
failed with stage
in 109 minutes and 24 seconds
Changes
3
Pipelines
1
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
25 additions
and
21 deletions
+25
-21
src/commands/certificatetopivcardcommand.cpp
src/commands/certificatetopivcardcommand.cpp
+7
-10
src/view/pivcardwidget.cpp
src/view/pivcardwidget.cpp
+15
-9
src/view/pivcardwidget.h
src/view/pivcardwidget.h
+3
-2
No files found.
src/commands/certificatetopivcardcommand.cpp
View file @
39d57bdd
...
...
@@ -100,18 +100,15 @@ namespace {
static
GpgME
::
Subkey
getSubkeyToTransferToPIVCard
(
const
std
::
string
&
cardSlot
,
const
std
::
shared_ptr
<
PIVCard
>
&
card
)
{
if
(
!
cardSlot
.
empty
())
{
if
(
cardSlot
==
PIVCard
::
digitalSignatureKeyRef
())
{
// get signing certificate matching the key grip
const
std
::
string
cardKeygrip
=
card
->
keyGrip
(
cardSlot
);
const
auto
subkey
=
KeyCache
::
instance
()
->
findSubkeyByKeyGrip
(
cardKeygrip
);
if
(
subkey
.
canSign
()
&&
subkey
.
parent
().
protocol
()
==
GpgME
::
CMS
)
{
return
subkey
;
}
const
std
::
string
cardKeygrip
=
card
->
keyGrip
(
cardSlot
);
const
auto
subkey
=
KeyCache
::
instance
()
->
findSubkeyByKeyGrip
(
cardKeygrip
);
if
(
subkey
.
isNull
()
||
subkey
.
parent
().
protocol
()
!=
GpgME
::
CMS
)
{
return
GpgME
::
Subkey
();
}
if
(
cardSlot
==
PIVCard
::
keyManagementKeyRef
())
{
// get encryption certificate with secret subkey
if
((
cardSlot
==
PIVCard
::
digitalSignatureKeyRef
()
&&
subkey
.
canSign
())
||
(
cardSlot
==
PIVCard
::
keyManagementKeyRef
()
&&
subkey
.
canEncrypt
()))
{
return
subkey
;
}
return
GpgME
::
Subkey
();
}
return
GpgME
::
Subkey
();
...
...
src/view/pivcardwidget.cpp
View file @
39d57bdd
...
...
@@ -64,8 +64,9 @@ PIVCardWidget::PIVCardWidget(QWidget *parent):
mGeneratePIVAuthenticationKeyBtn
(
new
QPushButton
(
this
)),
mGenerateCardAuthenticationKeyBtn
(
new
QPushButton
(
this
)),
mGenerateDigitalSignatureKeyBtn
(
new
QPushButton
(
this
)),
mWriteDigitalSignatureKeyBtn
(
new
QPushButton
(
this
)),
mGenerateKeyManagementKeyBtn
(
new
QPushButton
(
this
))
mWriteDigitalSignatureCertificateBtn
(
new
QPushButton
(
this
)),
mGenerateKeyManagementKeyBtn
(
new
QPushButton
(
this
)),
mWriteKeyManagementCertificateBtn
(
new
QPushButton
(
this
))
{
auto
grid
=
new
QGridLayout
;
int
row
=
0
;
...
...
@@ -121,11 +122,11 @@ PIVCardWidget::PIVCardWidget(QWidget *parent):
mGenerateDigitalSignatureKeyBtn
->
setEnabled
(
false
);
grid
->
addWidget
(
mGenerateDigitalSignatureKeyBtn
,
row
,
2
);
connect
(
mGenerateDigitalSignatureKeyBtn
,
&
QPushButton
::
clicked
,
this
,
&
PIVCardWidget
::
generateDigitalSignatureKey
);
mWriteDigitalSignature
Key
Btn
->
setText
(
i18n
(
"Write Certificate"
));
mWriteDigitalSignature
Key
Btn
->
setToolTip
(
i18n
(
"Write the certificate corresponding to this key to the card"
));
mWriteDigitalSignature
Key
Btn
->
setEnabled
(
false
);
grid
->
addWidget
(
mWriteDigitalSignature
Key
Btn
,
row
,
3
);
connect
(
mWriteDigitalSignature
Key
Btn
,
&
QPushButton
::
clicked
,
this
,
[
this
]
()
{
writeCertificateToCard
(
PIVCard
::
digitalSignatureKeyRef
());
});
mWriteDigitalSignature
Certificate
Btn
->
setText
(
i18n
(
"Write Certificate"
));
mWriteDigitalSignature
Certificate
Btn
->
setToolTip
(
i18n
(
"Write the certificate corresponding to this key to the card"
));
mWriteDigitalSignature
Certificate
Btn
->
setEnabled
(
false
);
grid
->
addWidget
(
mWriteDigitalSignature
Certificate
Btn
,
row
,
3
);
connect
(
mWriteDigitalSignature
Certificate
Btn
,
&
QPushButton
::
clicked
,
this
,
[
this
]
()
{
writeCertificateToCard
(
PIVCard
::
digitalSignatureKeyRef
());
});
row
++
;
grid
->
addWidget
(
new
QLabel
(
i18n
(
"Key management:"
)),
row
,
0
);
...
...
@@ -135,6 +136,11 @@ PIVCardWidget::PIVCardWidget(QWidget *parent):
mGenerateKeyManagementKeyBtn
->
setEnabled
(
false
);
grid
->
addWidget
(
mGenerateKeyManagementKeyBtn
,
row
,
2
);
connect
(
mGenerateKeyManagementKeyBtn
,
&
QPushButton
::
clicked
,
this
,
&
PIVCardWidget
::
generateKeyManagementKey
);
mWriteKeyManagementCertificateBtn
->
setText
(
i18n
(
"Write Certificate"
));
mWriteKeyManagementCertificateBtn
->
setToolTip
(
i18n
(
"Write the certificate corresponding to this key to the card"
));
mWriteKeyManagementCertificateBtn
->
setEnabled
(
false
);
grid
->
addWidget
(
mWriteKeyManagementCertificateBtn
,
row
,
3
);
connect
(
mWriteKeyManagementCertificateBtn
,
&
QPushButton
::
clicked
,
this
,
[
this
]
()
{
writeCertificateToCard
(
PIVCard
::
keyManagementKeyRef
());
});
row
++
;
auto
line2
=
new
QFrame
();
...
...
@@ -188,8 +194,8 @@ void PIVCardWidget::setCard(const PIVCard *card)
updateKey
(
PIVCard
::
pivAuthenticationKeyRef
(),
card
,
mPIVAuthenticationKey
,
mGeneratePIVAuthenticationKeyBtn
,
nullptr
);
updateKey
(
PIVCard
::
cardAuthenticationKeyRef
(),
card
,
mCardAuthenticationKey
,
mGenerateCardAuthenticationKeyBtn
,
nullptr
);
updateKey
(
PIVCard
::
digitalSignatureKeyRef
(),
card
,
mDigitalSignatureKey
,
mGenerateDigitalSignatureKeyBtn
,
mWriteDigitalSignature
Key
Btn
);
updateKey
(
PIVCard
::
keyManagementKeyRef
(),
card
,
mKeyManagementKey
,
mGenerateKeyManagementKeyBtn
,
nullptr
);
updateKey
(
PIVCard
::
digitalSignatureKeyRef
(),
card
,
mDigitalSignatureKey
,
mGenerateDigitalSignatureKeyBtn
,
mWriteDigitalSignature
Certificate
Btn
);
updateKey
(
PIVCard
::
keyManagementKeyRef
(),
card
,
mKeyManagementKey
,
mGenerateKeyManagementKeyBtn
,
mWriteKeyManagementCertificateBtn
);
}
void
PIVCardWidget
::
updateKey
(
const
std
::
string
&
keyRef
,
const
PIVCard
*
card
,
QLabel
*
label
,
QPushButton
*
generateButton
,
QPushButton
*
writeButton
)
...
...
src/view/pivcardwidget.h
View file @
39d57bdd
...
...
@@ -57,8 +57,9 @@ private:
QPushButton
*
mGeneratePIVAuthenticationKeyBtn
=
nullptr
,
*
mGenerateCardAuthenticationKeyBtn
=
nullptr
,
*
mGenerateDigitalSignatureKeyBtn
=
nullptr
,
*
mWriteDigitalSignatureKeyBtn
=
nullptr
,
*
mGenerateKeyManagementKeyBtn
=
nullptr
;
*
mWriteDigitalSignatureCertificateBtn
=
nullptr
,
*
mGenerateKeyManagementKeyBtn
=
nullptr
,
*
mWriteKeyManagementCertificateBtn
=
nullptr
;
};
}
// namespace Kleo
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment