'[libnm-qt/8021x-certkeyschmeme-attempt] settings: Dump this attempt somewhere'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-commits
Subject:    [libnm-qt/8021x-certkeyschmeme-attempt] settings: Dump this attempt somewhere
From:       Will Stephenson <wstephenson () kde ! org>
Date:       2013-08-28 14:55:54
Message-ID: E1VEhA2-00043v-Nu () scm ! kde ! org
[Download RAW message or body]

Git commit 2ab2c4f8de37622e374d5a5efe7ac9c56fac77a7 by Will Stephenson.
Committed on 14/05/2013 at 13:01.
Pushed by wstephens into branch '8021x-certkeyschmeme-attempt'.

Dump this attempt somewhere

M  +24   -8    settings/802-1x.cpp
M  +28   -20   settings/802-1x.h
M  +26   -9    settings/802-1x_p.h

http://commits.kde.org/libnm-qt/2ab2c4f8de37622e374d5a5efe7ac9c56fac77a7

diff --git a/settings/802-1x.cpp b/settings/802-1x.cpp
index e4ebd36..8bf97fa 100644
--- a/settings/802-1x.cpp
+++ b/settings/802-1x.cpp
@@ -22,9 +22,24 @@
 #include "802-1x_p.h"
 
 #include <nm-setting-8021x.h>
-
+a
 #include <QtCore/QDebug>
 
+
+NetworkManager::Settings::CryptographicToken::CryptographicToken(const \
CryptographicToken &other) : +    scheme(other.scheme), blob(other.blob), \
path(other.path) +{
+}
+
+NetworkManager::Settings::CryptographicToken::CryptographicToken() :
+    scheme(Security8021xSetting::CertKeySchemeNone)
+{
+}
+
+NetworkManager::Settings::CryptographicToken::~CryptographicToken()
+{
+}
+
 NetworkManager::Settings::Security8021xSettingPrivate::Security8021xSettingPrivate():
  name(NM_SETTING_802_1X_SETTING_NAME),
     phase1PeapVer(Security8021xSetting::PeapVersionUnknown),
@@ -49,35 +64,36 @@ NetworkManager::Settings::Security8021xSetting::Security8021xSetting(const \
Ptr &  Setting(other),
     d_ptr(new Security8021xSettingPrivate())
 {
+    Q_D(Security8021xSetting)
     setEapMethods(other->eapMethods());
     setIdentity(other->identity());
     setAnonymousIdentity(other->anonymousIdentity());
     setPacFile(other->pacFile());
-    setCaCertificate(other->caCertificate());
-    setCaPath(other->caPath());
     setSubjectMatch(other->subjectMatch());
     setAltSubjectMatches(other->altSubjectMatches());
-    setClientCertificate(other->clientCertificate());
     setPhase1PeapVersion(other->phase1PeapVersion());
     setPhase1PeapLabel(other->phase1PeapLabel());
     setPhase1FastProvisioning(other->phase1FastProvisioning());
     setPhase2AuthMethod(other->phase2AuthMethod());
     setPhase2AuthEapMethod(other->phase2AuthEapMethod());
-    setPhase2CaCertificate(other->phase2CaCertificate());
-    setPhase2CaPath(other->phase2CaPath());
     setPhase2SubjectMatch(other->phase2SubjectMatch());
     setPhase2AltSubjectMatches(other->phase2AltSubjectMatches());
     setPassword(other->password());
     setPasswordFlags(other->passwordFlags());
     setPasswordRaw(other->passwordRaw());
     setPasswordRawFlags(other->passwordRawFlags());
-    setPrivateKey(other->privateKey());
     setPrivateKeyPassword(other->privateKeyPassword());
     setPrivateKeyPasswordFlags(other->privateKeyPasswordFlags());
-    setPhase2PrivateKey(other->phase2PrivateKey());
     setPhase2PrivateKeyPassword(other->phase2PrivateKeyPassword());
     setPhase2PrivateKeyPasswordFlags(other->phase2PrivateKeyPasswordFlags());
     setSystemCaCertificates(other->systemCaCertificates());
+
+    d.caCert = other.caCert;
+    d.clientCert = other.clientCert;
+    d.phase2CaCert = other.phase2CaCert;
+    d.phase2ClientCert = other.phase2ClientCert;
+    d.privateKey = other.privateKey;
+    d.phase2PrivateKey = other.phase2PrivateKey;
 }
 
 NetworkManager::Settings::Security8021xSetting::~Security8021xSetting()
diff --git a/settings/802-1x.h b/settings/802-1x.h
index d5d4b28..5633fd9 100644
--- a/settings/802-1x.h
+++ b/settings/802-1x.h
@@ -47,6 +47,9 @@ public:
                         AuthEapMethodOtp, AuthEapMethodGtc, AuthEapMethodTls
                        };
 
+    enum CertKeyScheme {CertKeySchemeNone = 0, CertKeySchemeBlob, CertKeySchemePath, \
CertKeySchemeHash +                       };
+
     Security8021xSetting();
     Security8021xSetting(const Ptr &other);
     ~Security8021xSetting();
@@ -65,11 +68,11 @@ public:
     void setPacFile(const QString & file);
     QString pacFile() const;
 
-    void setCaCertificate(const QByteArray & certificate);
-    QByteArray caCertificate() const;
-
-    void setCaPath(const QString & path);
-    QString caPath() const;
+    void setCaCertificate(const KUrl &caCertPath, CertKeyScheme scheme);
+    CertKeyScheme caCertificateScheme() const;
+    QByteArray caCertificateBlob() const;
+    KUrl caCertificatePath() const;
+    QString caCertificateServerHash() const; // name is subject to change
 
     void setSubjectMatch(const QString & substring);
     QString subjectMatch() const;
@@ -77,8 +80,9 @@ public:
     void setAltSubjectMatches(const QStringList & strings);
     QStringList altSubjectMatches() const;
 
-    void setClientCertificate(const QByteArray & certificate);
-    QByteArray clientCertificate() const;
+    void setClientCertificate(const KUrl &certPath, CertKeyScheme scheme);
+    QByteArray clientCertificateBlob() const;
+    KUrl clientCertificatePath() const;
 
     void setPhase1PeapVersion(PeapVersion version);
     PeapVersion phase1PeapVersion() const;
@@ -95,11 +99,10 @@ public:
     void setPhase2AuthEapMethod(AuthEapMethod method);
     AuthEapMethod phase2AuthEapMethod() const;
 
-    void setPhase2CaCertificate(const QByteArray & certificate);
-    QByteArray phase2CaCertificate() const;
-
-    void setPhase2CaPath(const QString & path);
-    QString phase2CaPath() const;
+    void setPhase2CaCertificate(const KUrl &caCertPath, CertKeyScheme scheme);
+    CertKeyScheme phase2CaCertificateScheme() const;
+    QByteArray phase2CaCertificateBlob() const;
+    KUrl phase2CaCertificatePath() const;
 
     void setPhase2SubjectMatch(const QString & substring);
     QString phase2SubjectMatch() const;
@@ -107,6 +110,11 @@ public:
     void setPhase2AltSubjectMatches(const QStringList & strings);
     QStringList phase2AltSubjectMatches() const;
 
+    void setPhase2ClientCertificate(const KUrl &clientCertPath, CertKeyScheme \
scheme); +    CertKeyScheme phase2ClientCertificateScheme() const;
+    QByteArray phase2ClientCertificateBlob() const;
+    KUrl phase2ClientCertificatePath() const;
+
     void setPhase2ClientCertificate(const QByteArray & certificate);
     QByteArray phase2ClientCertificate() const;
 
@@ -122,19 +130,19 @@ public:
     void setPasswordRawFlags(Setting::SecretFlags flags);
     Setting::SecretFlags passwordRawFlags() const;
 
-    void setPrivateKey(const QByteArray & key);
-    QByteArray privateKey() const;
-
-    void setPrivateKeyPassword(const QString & password);
+    void setPrivateKey(const KUrl &privateKeyPath, const QString & password, \
CertKeyScheme scheme); +    CertKeyScheme privateKeyScheme() const;
+    QByteArray privateKeyBlob() const;
+    KUrl privateKeyPath() const;
     QString privateKeyPassword() const;
 
     void setPrivateKeyPasswordFlags(Setting::SecretFlags flags);
     Setting::SecretFlags privateKeyPasswordFlags() const;
 
-    void setPhase2PrivateKey(const QByteArray & key);
-    QByteArray phase2PrivateKey() const;
-
-    void setPhase2PrivateKeyPassword(const QString & password);
+    void setPhase2PrivateKey(const KUrl &phase2PrivateKeyPath, const QString & \
password, CertKeyScheme scheme); +    CertKeyScheme phase2PrivateKeyScheme() const;
+    QByteArray phase2PrivateKeyBlob() const;
+    KUrl phase2PrivateKeyPath() const;
     QString phase2PrivateKeyPassword() const;
 
     void setPhase2PrivateKeyPasswordFlags(Setting::SecretFlags flags);
diff --git a/settings/802-1x_p.h b/settings/802-1x_p.h
index 4079407..005f1ff 100644
--- a/settings/802-1x_p.h
+++ b/settings/802-1x_p.h
@@ -27,6 +27,17 @@ namespace NetworkManager
 {
 namespace Settings
 {
+class CryptographicToken
+{
+public:
+    CryptographicToken();
+    CryptographicToken(const CryptographicToken&);
+    ~CryptographicToken();
+    Security8021xSetting::CertKeyScheme scheme;
+    QByteArray blob;
+    KUrl path;
+};
+
 class Security8021xSettingPrivate
 {
 public:
@@ -37,30 +48,36 @@ public:
     QString identity;
     QString anonymousIdentity;
     QString pacFile;
-    QByteArray caCert;
-    QString caPath;
+
+    CryptographicToken caCert;
+    CryptographicToken clientCert;
+    CryptographicToken phase2CaCert;
+    CryptographicToken phase2ClientCert;
+    CryptographicToken privateKey;
+    CryptographicToken phase2PrivateKey;
+    // used if there is no CA certificate
+    QString serverHash;
+
     QString subjectMatch;
     QStringList altSubjectMatches;
-    QByteArray clientCert;
+
+
     Security8021xSetting::PeapVersion phase1PeapVer;
     Security8021xSetting::PeapLabel phase1PeapLabel;
     Security8021xSetting::FastProvisioning phase1FastProvisioning;
     Security8021xSetting::AuthMethod phase2AuthMethod;
     Security8021xSetting::AuthEapMethod phase2AuthEapMethod;
-    QByteArray phase2CaCert;
-    QString phase2CaPath;
+
     QString phase2SubjectMatch;
     QStringList phase2AltSubjectMatches;
-    QByteArray phase2ClientCert;
+
     QString password;
     Setting::SecretFlags passwordFlags;
     QByteArray passwordRaw;
     Setting::SecretFlags passwordRawFlags;
-    QByteArray privateKey;
+
     QString privateKeyPassword;
     Setting::SecretFlags privateKeyPasswordFlags;
-    QByteArray phase2PrivateKey;
-    QString phase2PrivateKeyPassword;
     Setting::SecretFlags phase2PrivateKeyPasswordFlags;
     QString pin;
     Setting::SecretFlags pinFlags;


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic