add key generation at startup if no gpg key found

git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@2068 b45a01b8-16f6-495d-af2f-9b41ad6348cc

libretroshare/src/pqi/authgpg.cc

@@ -38,6 +38,9 @@ AuthGPG *AuthGPG::instance_gpg = new AuthGPG();
 /* Turn a set of parameters into a string */
 static std::string setKeyPairParams(bool useRsa, unsigned int blen,
                 std::string name, std::string comment, std::string email);
+static std::string setKeyPairParams(bool useRsa, unsigned int blen,
+                std::string name, std::string comment, std::string email,
+                std::string inPassphrase);
 
 static gpgme_key_t getKey(gpgme_ctx_t, std::string, std::string, std::string);
 
@@ -266,6 +269,7 @@ bool AuthGPG::availableGPGCertificatesWithPrivateKeys(std::list<std::string> &id
 int	AuthGPG::GPGInit(std::string ownId)
 {
 	RsStackMutex stack(pgpMtx); /******* LOCKED ******/
+        std::cerr << "AuthGPG::GPGInit() called with own gpg id : " << ownId << std::endl;
 
 	gpgme_key_t newKey;
         gpg_error_t ERR;
@@ -840,13 +844,32 @@ bool   AuthGPG::active()
 {
         //RsStackMutex stack(pgpMtx); /******* LOCKED ******/
 
-	return ((gpgmeInit) && (gpgmeKeySelected) && (gpgmeX509Selected));
+        return ((gpgmeInit) && (gpgmeKeySelected));
 }
 
-int     AuthGPG::InitAuth()
-{
-        gpgmeX509Selected = true;
-        return 1;
+bool    AuthGPG::GeneratePGPCertificate(std::string name, std::string email, std::string passwd, std::string &pgpId, std::string &errString) {
+        gpgme_key_t newKey;
+        gpgme_genkey_result_t result;
+        gpg_error_t ERR;
+
+        if(GPG_ERR_NO_ERROR != (ERR = gpgme_op_genkey(CTX, setKeyPairParams(true, 2048, name, "generated by Retroshare", email, \
+                passwd).c_str(), NULL, NULL))) {
+                ProcessPGPmeError(ERR);
+                std::cerr << "Error generating the key" << std::endl;
+                return 0;
+        }
+
+        if((result = gpgme_op_genkey_result(CTX)) == NULL)
+                return 0;
+
+
+        if(GPG_ERR_NO_ERROR != (ERR = gpgme_get_key(CTX, result->fpr, &newKey, 1))) {
+                std::cerr << "Error reading own key" << std::endl;
+                return 0;
+        }
+        pgpId = newKey->subkeys->keyid;
+
+        return true;
 }
 
 bool    AuthGPG::CloseAuth()
@@ -1514,6 +1537,39 @@ static std::string setKeyPairParams(bool useRsa, unsigned int blen,
 	return params.str();
 }
 
+static std::string setKeyPairParams(bool useRsa, unsigned int blen,
+                std::string name, std::string comment, std::string email,
+                std::string inPassphrase)
+{
+        std::ostringstream params;
+        params << "<GnupgKeyParms format=\"internal\">"<< std::endl;
+        if (useRsa)
+        {
+                params << "Key-Type: RSA"<< std::endl;
+                if (blen < 1024)
+                {
+                        std::cerr << "Weak Key... strengthing..."<< std::endl;
+                        blen = 1024;
+                }
+                blen = ((blen / 512) * 512); /* make multiple of 512 */
+                params << "Key-Length: "<< blen << std::endl;
+        }
+        else
+        {
+                params << "Key-Type: DSA"<< std::endl;
+                params << "Key-Length: 1024"<< std::endl;
+                params << "Subkey-Type: ELG-E"<< std::endl;
+                params << "Subkey-Length: 1024"<< std::endl;
+        }
+        params << "Name-Real: "<< name << std::endl;
+        params << "Name-Comment: "<< comment << std::endl;
+        params << "Name-Email: "<< email << std::endl;
+        params << "Expire-Date: 0"<< std::endl;
+        params << "Passphrase: "<< inPassphrase << std::endl;
+        params << "</GnupgKeyParms>"<< std::endl;
+
+        return params.str();
+}
 
 
 /* Author: Shiva

libretroshare/src/pqi/authgpg.h

@@ -111,8 +111,6 @@ class AuthGPG : public p3Config
 
         bool    availableGPGCertificatesWithPrivateKeys(std::list<std::string> &ids);
 
-	int	GPGInit(std::string ownId);
-
 	/* SKTAN */
 	void showData(gpgme_data_t dh);
 	void createDummyFriends(void); //NYI
@@ -135,9 +133,9 @@ class AuthGPG : public p3Config
   bool    active(); 
 
         /* Init by generating new Own PGP Cert, or selecting existing PGP Cert */
-  int     InitAuth();
+  int     GPGInit(std::string ownId);
   bool    CloseAuth();
-
+  bool    GeneratePGPCertificate(std::string name, std::string email, std::string passwd, std::string &pgpId, std::string &errString);
   
 /*********************************************************************************/
 /************************* STAGE 3 ***********************************************/

libretroshare/src/rsiface/rsinit.h

@@ -59,7 +59,7 @@ class RsInit
 		/* Generating GPGme Account */
 		static int 	GetPGPLogins(std::list<std::string> &pgpIds);
 		static int 	GetPGPLoginDetails(std::string id, std::string &name, std::string &email);
-		static bool	GeneratePGPCertificate(std::string name, std::string comment, std::string email, std::string passwd, std::string &pgpId, std::string &errString);
+                static bool	GeneratePGPCertificate(std::string name, std::string email, std::string passwd, std::string &pgpId, std::string &errString);
 
 		/* Login PGP */
 		static bool 	SelectGPGAccount(std::string id);

libretroshare/src/rsserver/rsinit.cc

@@ -828,14 +828,13 @@ bool RsInit::SelectGPGAccount(std::string id)
 //}
 
 
-bool     GeneratePGPCertificate(std::string name, std::string comment, std::string email, std::string passwd, std::string &pgpId, std::string &errString)
-{
-	return true;
+bool     RsInit::GeneratePGPCertificate(std::string name, std::string email, std::string passwd, std::string &pgpId, std::string &errString) {
+        AuthGPG::getAuthGPG()->GeneratePGPCertificate(name, email, passwd, pgpId, errString);
 }
 
 
                 /* Create SSL Certificates */
-bool     RsInit::GenerateSSLCertificate(std::string name, std::string org, std::string loc, std::string country, std::string passwd, std::string &sslId, std::string &errString)
+bool     RsInit::GenerateSSLCertificate(std::string gpg_id, std::string org, std::string loc, std::string country, std::string passwd, std::string &sslId, std::string &errString)
 {
 	// generate the private_key / certificate.
 	// save to file.
@@ -849,14 +848,10 @@ bool     RsInit::GenerateSSLCertificate(std::string name, std::string org, std::
 		return false;
 	}
 
-	if (name.length() < 3)
-	{
-		errString = "Name is too short (must be 3+ chars)";
-		return false;
-	}
-
 	int nbits = 2048;
 
+        std::string name = AuthGPG::getAuthGPG()->getGPGName(gpg_id);
+
 	// Create the filename .....
 	// Temporary Directory for creating files....
 	std::string tmpdir = "TMPCFG";
@@ -874,102 +869,6 @@ bool     RsInit::GenerateSSLCertificate(std::string name, std::string org, std::
 
 	bool gen_ok = false;
 
-   #if defined(PQI_USE_SSLONLY)
-	X509_REQ *req = GenerateX509Req(
-			key_name.c_str(),
-			password.c_str(),
-			name.c_str(),
-			"", //ui -> gen_email -> value(),
-			org.c_str(),
-			loc.c_str(),
-			"", //ui -> gen_state -> value(),
-			country.c_str(),
-			nbits, errString);
-
-	/* load private key */
-	/* now convert to a self-signed certificate */
-	EVP_PKEY *privkey = NULL;
-	long days = 3000;
-
-	gen_ok = true;
-        /********** Test Loading the private Key.... ************/
-        FILE *tst_in = NULL;
-        if (NULL == (tst_in = fopen(key_name.c_str(), "rb")))
-        {
-                fprintf(stderr,"RsGenerateCert() Couldn't Open Private Key");
-                fprintf(stderr," : %s\n", key_name.c_str());
-                gen_ok = false;
-        }
-
-        if ((gen_ok) && (NULL == (privkey =
-                PEM_read_PrivateKey(tst_in,NULL,NULL,(void *) password.c_str()))))
-        {
-                fprintf(stderr,"RsGenerateCert() Couldn't Read Private Key");
-                fprintf(stderr," : %s\n", key_name.c_str());
-		gen_ok = false;
-        }
-
-	
-	X509 *cert = NULL;
-	if (gen_ok)
-	{
-		cert = SignX509Certificate(X509_REQ_get_subject_name(req), 
-						privkey,req,days);
-
-		/* Print the signed Certificate! */
-       		BIO *bio_out = NULL;
-        	bio_out = BIO_new(BIO_s_file());
-        	BIO_set_fp(bio_out,stdout,BIO_NOCLOSE);
-
-        	/* Print it out */
-        	int nmflag = 0;
-        	int reqflag = 0;
-
-        	X509_print_ex(bio_out, cert, nmflag, reqflag);
-
-        	BIO_flush(bio_out);
-        	BIO_free(bio_out);
-
-	}
-	else
-        {
-                fprintf(stderr,"RsGenerateCert() Didn't Sign Certificate\n");
-		gen_ok = false;
-        }
-
-	/* Save cert to file */
-        // open the file.
-        FILE *out = NULL;
-        if (NULL == (out = fopen(cert_name.c_str(), "w")))
-        {
-                fprintf(stderr,"RsGenerateCert() Couldn't create Cert File");
-                fprintf(stderr," : %s\n", cert_name.c_str());
-                return 0;
-        }
-
-        if (!PEM_write_X509(out,cert))
-        {
-                fprintf(stderr,"RsGenerateCert() Couldn't Save Cert");
-                fprintf(stderr," : %s\n", cert_name.c_str());
-                return 0;
-        }
-
-	if (cert)
-	{	
-		gen_ok = true;
-	}
-
-	X509_free(cert);
-	X509_REQ_free(req);
-        fclose(tst_in);
-	fclose(out);
-        EVP_PKEY_free(privkey);
-
-
-  #else /* X509 Certificates */
-  /**************** PQI_USE_PGP ******************/
-
-
 	/* Extra step required for SSL + PGP, user must have selected
 	 * or generated a suitable key so the signing can happen.
 	 */
@@ -1042,9 +941,6 @@ bool     RsInit::GenerateSSLCertificate(std::string name, std::string org, std::
 		X509_free(x509);
 	}
 
-
-  #endif /* X509 Certificates */
-
 	if (!gen_ok)
 	{
 		errString = "Generation of Certificate Failed";