/*
# Copyright (c) 2009 - OpenSLX Project, Computer Center University of Freiburg
#
# This program is free software distributed under the GPL version 2.
# See http://openslx.org/COPYING
#
# If you have any feedback please consult http://openslx.org/feedback and
# send your suggestions, praise, or complaints to feedback@openslx.org
#
# General information about OpenSLX can be found at http://openslx.org/
# -----------------------------------------------------------------------------
# src/util/CertManager.cpp
# - Manage SSL certificates
# - provide access by name
# -----------------------------------------------------------------------------
*/
#define CERTSTORAGE ".config/openslx/pvs2/"
#include "certmanager.h"
#include <QMap>
#include <QDir>
#include <QDebug>
#include <QFileInfo>
#include <QSettings>
#include <cstdlib>
namespace CertManager
{
static QMap<QString, QSslCertificate> _certs;
static QMap<QString, QSslKey> _keys;
static void generateFiles(QString& key, QString& cert);
static bool loadFiles(QString& keyFile, QString& certFile, QSslKey &key, QSslCertificate &cert);
bool getPrivateKeyAndCert(const QString &name, QSslKey &key, QSslCertificate &cert)
{
if (_keys.contains(name)) {
key = _keys[name];
cert = _certs[name];
return true;
}
QString certDir = QDir::homePath().append("/").append(CERTSTORAGE);
if (!QDir::root().mkpath(certDir)) {
certDir = QString("/tmp/") + qrand() + "-" + qrand() + "/";
QDir::root().mkpath(certDir);
}
QString certFile = certDir.append(name);
QString keyFile = certFile;
keyFile.append(".rsa");
certFile.append(".crt");
//
if (!loadFiles(keyFile, certFile, key, cert)) {
generateFiles(keyFile, certFile);
if (!loadFiles(keyFile, certFile, key, cert)) {
qDebug() << "error while creating cert and key files";
return false;
}
}
_certs.insert(name, cert);
_keys.insert(name, key);
return true;
}
static bool loadFiles(QString& keyFile, QString& certFile, QSslKey &key, QSslCertificate &cert)
{
QFileInfo keyInfo(keyFile);
QFileInfo certInfo(certFile);
if (keyInfo.exists() && certInfo.exists()) {
// Both files exist, see if they're valid and return
QFile kf(keyFile);
kf.open(QFile::ReadOnly);
key = QSslKey(&kf, QSsl::Rsa, QSsl::Pem, QSsl::PrivateKey);
QList<QSslCertificate> certlist = QSslCertificate::fromPath(certFile);
if (!key.isNull() && !certlist.empty()) {
cert = certlist.first();
if (!cert.isNull()) {
return true;
}
}
}
return false;
}
static void generateFiles(QString& key, QString& cert)
{
char tmp[1000];
remove(key.toLocal8Bit().data());
remove(cert.toLocal8Bit().data());
snprintf(tmp, 1000,
"openssl req -x509 -nodes -days 3650 -newkey rsa:1024 -subj '/C=DE/ST=BaWue/L=Freiburg/CN=openslx.org' -keyout \"%s\" -out \"%s\"",
key.toLocal8Bit().data(), cert.toLocal8Bit().data());
system(tmp);
snprintf(tmp, 1000, "chmod 0600 \"%s\" \"%s\"", key.toLocal8Bit().data(), cert.toLocal8Bit().data());
system(tmp);
}
}