Git-Mirrors/RetroShare
1
0
Fork 0
mirror of https://github.com/RetroShare/RetroShare.git synced 2025-05-23 08:11:24 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

add key generation at startup if no gpg key found

Browse source 
git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@2068 b45a01b8-16f6-495d-af2f-9b41ad6348cc
This commit is contained in:
joss17 2010-01-18 12:30:54 +00:00
parent 28882efe03
commit af68fa36ce
7 changed files with 189 additions and 197 deletions
Download patch file Download diff file Expand all files Collapse all files

66
libretroshare/src/pqi/authgpg.cc
View file

@ -38,6 +38,9 @@ AuthGPG *AuthGPG::instance_gpg = new AuthGPG();
/* Turn a set of parameters into a string */ /* Turn a set of parameters into a string */
static std::string setKeyPairParams(bool useRsa, unsigned int blen, static std::string setKeyPairParams(bool useRsa, unsigned int blen,
std::string name, std::string comment, std::string email); std::string name, std::string comment, std::string email);
static std::string setKeyPairParams(bool useRsa, unsigned int blen,
std::string name, std::string comment, std::string email,
std::string inPassphrase);
static gpgme_key_t getKey(gpgme_ctx_t, std::string, std::string, std::string); static gpgme_key_t getKey(gpgme_ctx_t, std::string, std::string, std::string);
@ -266,6 +269,7 @@ bool AuthGPG::availableGPGCertificatesWithPrivateKeys(std::list<std::string> &id
int AuthGPG::GPGInit(std::string ownId) int AuthGPG::GPGInit(std::string ownId)
{ {
RsStackMutex stack(pgpMtx); /******* LOCKED ******/ RsStackMutex stack(pgpMtx); /******* LOCKED ******/
std::cerr << "AuthGPG::GPGInit() called with own gpg id : " << ownId << std::endl;
gpgme_key_t newKey; gpgme_key_t newKey;
gpg_error_t ERR; gpg_error_t ERR;
@ -840,13 +844,32 @@ bool AuthGPG::active()
{ {
//RsStackMutex stack(pgpMtx); /******* LOCKED ******/ //RsStackMutex stack(pgpMtx); /******* LOCKED ******/
return ((gpgmeInit) && (gpgmeKeySelected) && (gpgmeX509Selected)); return ((gpgmeInit) && (gpgmeKeySelected));
} }
int AuthGPG::InitAuth() bool AuthGPG::GeneratePGPCertificate(std::string name, std::string email, std::string passwd, std::string &pgpId, std::string &errString) {
{ gpgme_key_t newKey;
gpgmeX509Selected = true; gpgme_genkey_result_t result;
return 1; gpg_error_t ERR;
if(GPG_ERR_NO_ERROR != (ERR = gpgme_op_genkey(CTX, setKeyPairParams(true, 2048, name, "generated by Retroshare", email, \
passwd).c_str(), NULL, NULL))) {
ProcessPGPmeError(ERR);
std::cerr << "Error generating the key" << std::endl;
return 0;
}
if((result = gpgme_op_genkey_result(CTX)) == NULL)
return 0;
if(GPG_ERR_NO_ERROR != (ERR = gpgme_get_key(CTX, result->fpr, &newKey, 1))) {
std::cerr << "Error reading own key" << std::endl;
return 0;
}
pgpId = newKey->subkeys->keyid;
return true;
} }
bool AuthGPG::CloseAuth() bool AuthGPG::CloseAuth()
@ -1514,6 +1537,39 @@ static std::string setKeyPairParams(bool useRsa, unsigned int blen,
return params.str(); return params.str();
} }
static std::string setKeyPairParams(bool useRsa, unsigned int blen,
std::string name, std::string comment, std::string email,
std::string inPassphrase)
{
std::ostringstream params;
params << "<GnupgKeyParms format=\"internal\">"<< std::endl;
if (useRsa)
{
params << "Key-Type: RSA"<< std::endl;
if (blen < 1024)
{
std::cerr << "Weak Key... strengthing..."<< std::endl;
blen = 1024;
}
blen = ((blen / 512) * 512); /* make multiple of 512 */
params << "Key-Length: "<< blen << std::endl;
}
else
{
params << "Key-Type: DSA"<< std::endl;
params << "Key-Length: 1024"<< std::endl;
params << "Subkey-Type: ELG-E"<< std::endl;
params << "Subkey-Length: 1024"<< std::endl;
}
params << "Name-Real: "<< name << std::endl;
params << "Name-Comment: "<< comment << std::endl;
params << "Name-Email: "<< email << std::endl;
params << "Expire-Date: 0"<< std::endl;
params << "Passphrase: "<< inPassphrase << std::endl;
params << "</GnupgKeyParms>"<< std::endl;
return params.str();
}
/* Author: Shiva /* Author: Shiva

6
libretroshare/src/pqi/authgpg.h
View file

@ -111,8 +111,6 @@ class AuthGPG : public p3Config
bool availableGPGCertificatesWithPrivateKeys(std::list<std::string> &ids); bool availableGPGCertificatesWithPrivateKeys(std::list<std::string> &ids);
int GPGInit(std::string ownId);
/* SKTAN */ /* SKTAN */
void showData(gpgme_data_t dh); void showData(gpgme_data_t dh);
void createDummyFriends(void); //NYI void createDummyFriends(void); //NYI
@ -135,9 +133,9 @@ class AuthGPG : public p3Config
bool active(); bool active();
/* Init by generating new Own PGP Cert, or selecting existing PGP Cert */ /* Init by generating new Own PGP Cert, or selecting existing PGP Cert */
int InitAuth(); int GPGInit(std::string ownId);
bool CloseAuth(); bool CloseAuth();
bool GeneratePGPCertificate(std::string name, std::string email, std::string passwd, std::string &pgpId, std::string &errString);
/*********************************************************************************/ /*********************************************************************************/
/************************* STAGE 3 ***********************************************/ /************************* STAGE 3 ***********************************************/

2
libretroshare/src/rsiface/rsinit.h
View file

@ -59,7 +59,7 @@ class RsInit
/* Generating GPGme Account */ /* Generating GPGme Account */
static int GetPGPLogins(std::list<std::string> &pgpIds); static int GetPGPLogins(std::list<std::string> &pgpIds);
static int GetPGPLoginDetails(std::string id, std::string &name, std::string &email); static int GetPGPLoginDetails(std::string id, std::string &name, std::string &email);
static bool GeneratePGPCertificate(std::string name, std::string comment, std::string email, std::string passwd, std::string &pgpId, std::string &errString); static bool GeneratePGPCertificate(std::string name, std::string email, std::string passwd, std::string &pgpId, std::string &errString);
/* Login PGP */ /* Login PGP */
static bool SelectGPGAccount(std::string id); static bool SelectGPGAccount(std::string id);

114
libretroshare/src/rsserver/rsinit.cc
View file

@ -828,14 +828,13 @@ bool RsInit::SelectGPGAccount(std::string id)
//} //}
bool GeneratePGPCertificate(std::string name, std::string comment, std::string email, std::string passwd, std::string &pgpId, std::string &errString) bool RsInit::GeneratePGPCertificate(std::string name, std::string email, std::string passwd, std::string &pgpId, std::string &errString) {
{ AuthGPG::getAuthGPG()->GeneratePGPCertificate(name, email, passwd, pgpId, errString);
return true;
} }
/* Create SSL Certificates */ /* Create SSL Certificates */
bool RsInit::GenerateSSLCertificate(std::string name, std::string org, std::string loc, std::string country, std::string passwd, std::string &sslId, std::string &errString) bool RsInit::GenerateSSLCertificate(std::string gpg_id, std::string org, std::string loc, std::string country, std::string passwd, std::string &sslId, std::string &errString)
{ {
// generate the private_key / certificate. // generate the private_key / certificate.
// save to file. // save to file.
@ -849,14 +848,10 @@ bool RsInit::GenerateSSLCertificate(std::string name, std::string org, std::
return false; return false;
} }
if (name.length() < 3)
{
errString = "Name is too short (must be 3+ chars)";
return false;
}
int nbits = 2048; int nbits = 2048;
std::string name = AuthGPG::getAuthGPG()->getGPGName(gpg_id);
// Create the filename ..... // Create the filename .....
// Temporary Directory for creating files.... // Temporary Directory for creating files....
std::string tmpdir = "TMPCFG"; std::string tmpdir = "TMPCFG";
@ -874,102 +869,6 @@ bool RsInit::GenerateSSLCertificate(std::string name, std::string org, std::
bool gen_ok = false; bool gen_ok = false;
#if defined(PQI_USE_SSLONLY)
X509_REQ *req = GenerateX509Req(
key_name.c_str(),
password.c_str(),
name.c_str(),
"", //ui -> gen_email -> value(),
org.c_str(),
loc.c_str(),
"", //ui -> gen_state -> value(),
country.c_str(),
nbits, errString);
/* load private key */
/* now convert to a self-signed certificate */
EVP_PKEY *privkey = NULL;
long days = 3000;
gen_ok = true;
/********** Test Loading the private Key.... ************/
FILE *tst_in = NULL;
if (NULL == (tst_in = fopen(key_name.c_str(), "rb")))
{
fprintf(stderr,"RsGenerateCert() Couldn't Open Private Key");
fprintf(stderr," : %s\n", key_name.c_str());
gen_ok = false;
}
if ((gen_ok) && (NULL == (privkey =
PEM_read_PrivateKey(tst_in,NULL,NULL,(void *) password.c_str()))))
{
fprintf(stderr,"RsGenerateCert() Couldn't Read Private Key");
fprintf(stderr," : %s\n", key_name.c_str());
gen_ok = false;
}
X509 *cert = NULL;
if (gen_ok)
{
cert = SignX509Certificate(X509_REQ_get_subject_name(req),
privkey,req,days);
/* Print the signed Certificate! */
BIO *bio_out = NULL;
bio_out = BIO_new(BIO_s_file());
BIO_set_fp(bio_out,stdout,BIO_NOCLOSE);
/* Print it out */
int nmflag = 0;
int reqflag = 0;
X509_print_ex(bio_out, cert, nmflag, reqflag);
BIO_flush(bio_out);
BIO_free(bio_out);
}
else
{
fprintf(stderr,"RsGenerateCert() Didn't Sign Certificate\n");
gen_ok = false;
}
/* Save cert to file */
// open the file.
FILE *out = NULL;
if (NULL == (out = fopen(cert_name.c_str(), "w")))
{
fprintf(stderr,"RsGenerateCert() Couldn't create Cert File");
fprintf(stderr," : %s\n", cert_name.c_str());
return 0;
}
if (!PEM_write_X509(out,cert))
{
fprintf(stderr,"RsGenerateCert() Couldn't Save Cert");
fprintf(stderr," : %s\n", cert_name.c_str());
return 0;
}
if (cert)
{
gen_ok = true;
}
X509_free(cert);
X509_REQ_free(req);
fclose(tst_in);
fclose(out);
EVP_PKEY_free(privkey);
#else /* X509 Certificates */
/**************** PQI_USE_PGP ******************/
/* Extra step required for SSL + PGP, user must have selected /* Extra step required for SSL + PGP, user must have selected
* or generated a suitable key so the signing can happen. * or generated a suitable key so the signing can happen.
*/ */
@ -1042,9 +941,6 @@ bool RsInit::GenerateSSLCertificate(std::string name, std::string org, std::
X509_free(x509); X509_free(x509);
} }
#endif /* X509 Certificates */
if (!gen_ok) if (!gen_ok)
{ {
errString = "Generation of Certificate Failed"; errString = "Generation of Certificate Failed";

81
retroshare-gui/src/gui/GenCertDialog.cpp
View file

@ -50,20 +50,15 @@ GenCertDialog::GenCertDialog(QWidget *parent, Qt::WFlags flags)
//ui.genName->setFocus(Qt::OtherFocusReason); //ui.genName->setFocus(Qt::OtherFocusReason);
ui.genCountry->hide();
ui.label_6->hide();
ui.genOrg->hide();
ui.label_8->hide();
/* get all available pgp private certificates.... /* get all available pgp private certificates....
* mark last one as default. * mark last one as default.
*/ */
std::cerr << "Finding PGPUsers" << std::endl; std::cerr << "Finding PGPUsers" << std::endl;
foundGPGKeys = false;
std::list<std::string> pgpIds; std::list<std::string> pgpIds;
std::list<std::string>::iterator it; std::list<std::string>::iterator it;
if (RsInit::GetPGPLogins(pgpIds)) if (RsInit::GetPGPLogins(pgpIds)) {
{
for(it = pgpIds.begin(); it != pgpIds.end(); it++) for(it = pgpIds.begin(); it != pgpIds.end(); it++)
{ {
const QVariant & userData = QVariant(QString::fromStdString(*it)); const QVariant & userData = QVariant(QString::fromStdString(*it));
@ -71,10 +66,22 @@ GenCertDialog::GenCertDialog(QWidget *parent, Qt::WFlags flags)
RsInit::GetPGPLoginDetails(*it, name, email); RsInit::GetPGPLoginDetails(*it, name, email);
std::cerr << "Adding PGPUser: " << name << " id: " << *it << std::endl; std::cerr << "Adding PGPUser: " << name << " id: " << *it << std::endl;
ui.genPGPuser->addItem(QString::fromStdString(name), userData); ui.genPGPuser->addItem(QString::fromStdString(name), userData);
foundGPGKeys = true;
} }
} }
if (foundGPGKeys) {
ui.no_gpg_key_label->hide();
ui.name_label->hide();
ui.name_input->hide();
ui.email_label->hide();
ui.email_input->hide();
ui.password_label->hide();
ui.password_input->hide();
} else {
ui.genPGPuserlabel->hide();
ui.genPGPuser->hide();
}
} }
/** Destructor. */ /** Destructor. */
@ -111,24 +118,47 @@ void GenCertDialog::genPerson()
{ {
/* Check the data from the GUI. */ /* Check the data from the GUI. */
std::string genOrg = ui.genOrg->text().toStdString();
std::string genLoc = ui.genLoc->text().toStdString(); std::string genLoc = ui.genLoc->text().toStdString();
std::string genCountry = ui.genCountry->text().toStdString(); std::string PGPId;
std::string err;
int pgpidx = ui.genPGPuser->currentIndex(); if (foundGPGKeys) {
if (pgpidx < 0) int pgpidx = ui.genPGPuser->currentIndex();
{ if (pgpidx < 0)
/* Message Dialog */ {
QMessageBox::StandardButton sb = QMessageBox::warning ( NULL, /* Message Dialog */
"Generate ID Failure", QMessageBox::StandardButton sb = QMessageBox::warning ( NULL,
"Missing PGP Certificate", "Generate ID Failure",
QMessageBox::Ok); "Missing PGP Certificate",
return; QMessageBox::Ok);
} return;
}
QVariant data = ui.genPGPuser->itemData(pgpidx);
PGPId = (data.toString()).toStdString();
} else {
//generate a new gpg key
std::string err_string;
ui.no_gpg_key_label->setText(tr("Generating new GPG key, please be patient. Fill in your GPG password when asked."));
ui.no_gpg_key_label->show();
ui.name_label->hide();
ui.name_input->hide();
ui.email_label->hide();
ui.email_input->hide();
ui.password_label->hide();
ui.password_input->hide();
ui.genPGPuserlabel->hide();
ui.genPGPuser->hide();
ui.location_label->hide();
ui.genLoc->hide();
ui.infopushButton->hide();
ui.genButton->hide();
QMessageBox::StandardButton info = QMessageBox::information( NULL,
"Generating GPG key",
"This process can take some time, please be patient after pressing the OK button",
QMessageBox::Ok);
//info->
RsInit::GeneratePGPCertificate(ui.name_input->text().toStdString(), ui.email_input->text().toStdString(), ui.password_input->text().toStdString(), PGPId, err_string);
}
QVariant data = ui.genPGPuser->itemData(pgpidx);
std::string PGPId = (data.toString()).toStdString();
//generate a random ssl password //generate a random ssl password
std::cerr << " generating sslPasswd." << std::endl; std::cerr << " generating sslPasswd." << std::endl;
@ -146,8 +176,9 @@ void GenCertDialog::genPerson()
//RsInit::LoadGPGPassword(PGPpasswd); //RsInit::LoadGPGPassword(PGPpasswd);
std::string sslId; std::string sslId;
std::cerr << "Generating SSL cert with name : " << ui.genPGPuser->itemText(pgpidx).toStdString() << std::endl; std::cerr << "Generating SSL cert with gpg id : " << PGPId << std::endl;
bool okGen = RsInit::GenerateSSLCertificate(ui.genPGPuser->itemText(pgpidx).toStdString(), genOrg, genLoc, genCountry, sslPasswd, sslId, err); std::string err;
bool okGen = RsInit::GenerateSSLCertificate(PGPId, "", genLoc, "", sslPasswd, sslId, err);
if (okGen) if (okGen)
{ {

2
retroshare-gui/src/gui/GenCertDialog.h
View file

@ -64,6 +64,8 @@ private:
/** Qt Designer generated object */ /** Qt Designer generated object */
Ui::GenCertDialog ui; Ui::GenCertDialog ui;
bool foundGPGKeys;
}; };
#endif #endif

115
retroshare-gui/src/gui/GenCertDialog.ui
View file

@ -1010,12 +1010,14 @@
&lt;html&gt;&lt;head&gt;&lt;meta name=&quot;qrichtext&quot; content=&quot;1&quot; /&gt;&lt;style type=&quot;text/css&quot;&gt; &lt;html&gt;&lt;head&gt;&lt;meta name=&quot;qrichtext&quot; content=&quot;1&quot; /&gt;&lt;style type=&quot;text/css&quot;&gt;
p, li { white-space: pre-wrap; } p, li { white-space: pre-wrap; }
&lt;/style&gt;&lt;/head&gt;&lt;body style=&quot; font-family:'Arial'; font-size:8pt; font-weight:400; font-style:normal;&quot;&gt; &lt;/style&gt;&lt;/head&gt;&lt;body style=&quot; font-family:'Arial'; font-size:8pt; font-weight:400; font-style:normal;&quot;&gt;
&lt;p style=&quot; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;&lt;span style=&quot; font-size:16pt;&quot;&gt;Create a new RetroShare profile&lt;/span&gt;&lt;br /&gt;&lt;br /&gt;&lt;span style=&quot; font-size:9pt;&quot;&gt;Please fill in the information which will&lt;br /&gt;allow your RetroShare to connect to&lt;/span&gt;&lt;/p&gt; &lt;p style=&quot; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;&lt;span style=&quot; font-size:16pt;&quot;&gt;Create a new RetroShare profile&lt;/span&gt;&lt;br /&gt;&lt;br /&gt;Retroshare uses gpg keys. Please fill in the location field, it will be permanently attached to this retroshare installation. You can generate a new retroshare location profile with the same gpg key on another computer.&lt;/p&gt;&lt;/body&gt;&lt;/html&gt;</string>
&lt;p style=&quot; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;&lt;span style=&quot; font-size:9pt;&quot;&gt;Friends.&lt;/span&gt;&lt;/p&gt;&lt;/body&gt;&lt;/html&gt;</string>
</property> </property>
<property name="alignment"> <property name="alignment">
<set>Qt::AlignLeading|Qt::AlignLeft|Qt::AlignVCenter</set> <set>Qt::AlignLeading|Qt::AlignLeft|Qt::AlignVCenter</set>
</property> </property>
<property name="wordWrap">
<bool>true</bool>
</property>
<property name="indent"> <property name="indent">
<number>100</number> <number>100</number>
</property> </property>
@ -1028,65 +1030,69 @@ p, li { white-space: pre-wrap; }
</property> </property>
<layout class="QGridLayout" name="gridLayout_2"> <layout class="QGridLayout" name="gridLayout_2">
<item row="0" column="0"> <item row="0" column="0">
<layout class="QGridLayout"> <widget class="QLabel" name="no_gpg_key_label">
<property name="margin"> <property name="text">
<number>9</number> <string>It looks like you don't own any GPG keys. Please fill in the form below to generate one, or use your favorite gnupg keys manager.</string>
</property> </property>
<property name="spacing"> <property name="wordWrap">
<number>6</number> <bool>true</bool>
</property> </property>
<item row="2" column="0"> </widget>
<widget class="QLabel" name="label_6"> </item>
<property name="text"> <item row="2" column="0">
<string>Organisation:</string> <layout class="QFormLayout" name="formLayout">
</property> <property name="fieldGrowthPolicy">
</widget> <enum>QFormLayout::AllNonFixedFieldsGrow</enum>
</item> </property>
<item row="2" column="1" colspan="2"> <item row="1" column="0">
<widget class="QLineEdit" name="genOrg"/> <widget class="QLabel" name="genPGPuserlabel">
</item>
<item row="3" column="0">
<widget class="QLabel" name="label_7">
<property name="text">
<string>Location:</string>
</property>
</widget>
</item>
<item row="3" column="1" colspan="2">
<widget class="QLineEdit" name="genLoc"/>
</item>
<item row="4" column="0">
<widget class="QLabel" name="label_8">
<property name="text">
<string>Country:</string>
</property>
</widget>
</item>
<item row="4" column="1" colspan="2">
<widget class="QLineEdit" name="genCountry"/>
</item>
<item row="0" column="1" colspan="2">
<widget class="QComboBox" name="genPGPuser"/>
</item>
<item row="0" column="0">
<widget class="QLabel" name="label">
<property name="text"> <property name="text">
<string>OpenPGP User</string> <string>OpenPGP User</string>
</property> </property>
</widget> </widget>
</item> </item>
<item row="1" column="1">
<widget class="QComboBox" name="genPGPuser"/>
</item>
<item row="2" column="0">
<widget class="QLabel" name="name_label">
<property name="text">
<string>Name</string>
</property>
</widget>
</item>
<item row="2" column="1">
<widget class="QLineEdit" name="name_input"/>
</item>
<item row="5" column="0">
<widget class="QLabel" name="location_label">
<property name="text">
<string>Location:</string>
</property>
</widget>
</item>
<item row="5" column="1"> <item row="5" column="1">
<spacer name="verticalSpacer"> <widget class="QLineEdit" name="genLoc"/>
<property name="orientation"> </item>
<enum>Qt::Vertical</enum> <item row="3" column="0">
<widget class="QLabel" name="email_label">
<property name="text">
<string>Email</string>
</property> </property>
<property name="sizeHint" stdset="0"> </widget>
<size> </item>
<width>20</width> <item row="3" column="1">
<height>40</height> <widget class="QLineEdit" name="email_input"/>
</size> </item>
<item row="4" column="0">
<widget class="QLabel" name="password_label">
<property name="text">
<string>GPG Password</string>
</property> </property>
</spacer> </widget>
</item>
<item row="4" column="1">
<widget class="QLineEdit" name="password_input"/>
</item> </item>
</layout> </layout>
</item> </item>
@ -1124,9 +1130,12 @@ p, li { white-space: pre-wrap; }
</widget> </widget>
<tabstops> <tabstops>
<tabstop>genPGPuser</tabstop> <tabstop>genPGPuser</tabstop>
<tabstop>genOrg</tabstop> <tabstop>name_input</tabstop>
<tabstop>email_input</tabstop>
<tabstop>password_input</tabstop>
<tabstop>genLoc</tabstop> <tabstop>genLoc</tabstop>
<tabstop>genCountry</tabstop> <tabstop>genButton</tabstop>
<tabstop>infopushButton</tabstop>
</tabstops> </tabstops>
<resources> <resources>
<include location="images.qrc"/> <include location="images.qrc"/>