Added pkcs12 options

Author: patrickpr

YetAnotherOpensslGui.pro

@@ -13,6 +13,8 @@ TARGET = YetAnotherOpensslGui
 TEMPLATE = app
 
 SOURCES +=  src/app/main.cpp\
+            #src/app/cx509extensions.cpp \
+            src/app/dialogx509extensions.cpp \
             src/app/sslmainwindow.cpp \
             src/app/sslcertificates.cpp \
             src/app/dialoggeneratekey.cpp \
@@ -23,6 +25,8 @@ SOURCES +=  src/app/main.cpp\
             src/app/stackwindow.cpp
 
 HEADERS  += src/app/sslmainwindow.h \
+            #src/app/cx509extensions.h \
+            src/app/dialogx509extensions.h \
             src/app/sslcertificates.h \
             src/app/dialoggeneratekey.h \
             src/app/dialogsslerrors.h \
@@ -35,6 +39,7 @@ FORMS    += src/app/sslmainwindow.ui \
             src/app/dialoggeneratekey.ui \
             src/app/dialogsslerrors.ui \
             src/app/dialogcertdate.ui \
+            src/app/dialogx509extensions.ui \
             src/app/dialogx509v3extention.ui \
             src/app/cdialogpkcs12.ui \
             src/app/stackwindow.ui

src/app/cdialogpkcs12.cpp

@@ -38,9 +38,25 @@ CDialogPKCS12::CDialogPKCS12(SSLCertificates *Certificate, QString Filename, boo
     this->ui->pushButtonImportCert->hide();
     this->ui->pushButtonImportMain->hide();
     this->ui->pushButtonPushAll->hide();
+    for (unsigned long long i=0; i<this->cert->p12Encrypt.size();i++)
+    {
+      this->ui->comboBoxCertEncryption->addItem(QString::fromStdString(this->cert->p12Encrypt[i].second),QVariant(this->cert->p12Encrypt[i].first));
+      this->ui->comboBoxKeyEncryption->addItem(QString::fromStdString(this->cert->p12Encrypt[i].second),QVariant(this->cert->p12Encrypt[i].first));
+    }
+    for (unsigned long long i=0; i<this->cert->p12KeyType.size();i++)
+    {
+      this->ui->comboBoxKeyType->addItem(QString::fromStdString(this->cert->p12KeyType[i].second),QVariant(this->cert->p12KeyType[i].first));
+    }
   }
   else
   {
+    this->ui->comboBoxCertEncryption->hide();
+    this->ui->labelCertEncryption->hide();
+    this->ui->comboBoxKeyEncryption->hide();
+    this->ui->labelKeyEncryption->hide();
+    this->ui->comboBoxKeyType->hide();
+    this->ui->labelKeyType->hide();
+
     this->ui->lineEditPassword->hide();
     this->ui->labelPassword->hide();
     this->ui->pushButtonLoadCert->hide();
@@ -179,7 +195,37 @@ void CDialogPKCS12::on_pushButtonSaveAs_clicked()
   QString pass=ui->lineEditPassword->text();
   ui->lineEditPassword->setText("                ");
   ui->lineEditPassword->setText("");
-  switch (this->cert->save_to_pkcs12(file,name.toLocal8Bit().data(),pass.toLocal8Bit().data()))
+
+  int keyType,certEncrypt,keyEncrypt = 0;
+  if (ui->comboBoxKeyType->currentData().canConvert(QMetaType::Int))
+  {
+    keyType = ui->comboBoxKeyType->currentData().toInt();
+  }
+  else
+  {
+    QMessageBox::warning(this,tr("Error in keytype"),tr("Invalid key type : ")+ui->comboBoxKeyType->currentData().toString());
+    return;
+  }
+  if (ui->comboBoxCertEncryption->currentData().canConvert(QMetaType::Int))
+  {
+    certEncrypt = ui->comboBoxCertEncryption->currentData().toInt();
+  }
+  else
+  {
+    QMessageBox::warning(this,tr("Error in keytype"),tr("Invalid key type : ")+ui->comboBoxCertEncryption->currentData().toString());
+    return;
+  }
+  if (ui->comboBoxKeyEncryption->currentData().canConvert(QMetaType::Int))
+  {
+    keyEncrypt = ui->comboBoxKeyEncryption->currentData().toInt();
+  }
+  else
+  {
+    QMessageBox::warning(this,tr("Error in keytype"),tr("Invalid key type : ")+ui->comboBoxKeyEncryption->currentData().toString());
+    return;
+  }
+
+  switch (this->cert->save_to_pkcs12(file,name.toLocal8Bit().data(),pass.toLocal8Bit().data(),keyEncrypt,certEncrypt,0,0,keyType))
   {
     case 0:
       QMessageBox::information(this,tr("Saved"),tr("File saved"));

src/app/cdialogpkcs12.ui

@@ -7,7 +7,7 @@
     <x>0</x>
     <y>0</y>
     <width>492</width>
-    <height>411</height>
+    <height>471</height>
    </rect>
   </property>
   <property name="windowTitle">
@@ -152,7 +152,7 @@
    <property name="geometry">
     <rect>
      <x>20</x>
-     <y>370</y>
+     <y>430</y>
      <width>461</width>
      <height>31</height>
     </rect>
@@ -194,6 +194,75 @@
     </item>
    </layout>
   </widget>
+  <widget class="QComboBox" name="comboBoxKeyType">
+   <property name="geometry">
+    <rect>
+     <x>20</x>
+     <y>360</y>
+     <width>90</width>
+     <height>22</height>
+    </rect>
+   </property>
+  </widget>
+  <widget class="QLabel" name="labelKeyType">
+   <property name="geometry">
+    <rect>
+     <x>20</x>
+     <y>340</y>
+     <width>80</width>
+     <height>16</height>
+    </rect>
+   </property>
+   <property name="text">
+    <string>Private key flag</string>
+   </property>
+  </widget>
+  <widget class="QLabel" name="labelKeyEncryption">
+   <property name="geometry">
+    <rect>
+     <x>22</x>
+     <y>383</y>
+     <width>80</width>
+     <height>16</height>
+    </rect>
+   </property>
+   <property name="text">
+    <string>Key encryption</string>
+   </property>
+  </widget>
+  <widget class="QLabel" name="labelCertEncryption">
+   <property name="geometry">
+    <rect>
+     <x>130</x>
+     <y>340</y>
+     <width>91</width>
+     <height>16</height>
+    </rect>
+   </property>
+   <property name="text">
+    <string>Cert encryption</string>
+   </property>
+  </widget>
+  <widget class="QComboBox" name="comboBoxKeyEncryption">
+   <property name="geometry">
+    <rect>
+     <x>20</x>
+     <y>402</y>
+     <width>201</width>
+     <height>22</height>
+    </rect>
+   </property>
+  </widget>
+  <widget class="QComboBox" name="comboBoxCertEncryption">
+   <property name="geometry">
+    <rect>
+     <x>130</x>
+     <y>360</y>
+     <width>231</width>
+     <height>22</height>
+    </rect>
+   </property>
+  </widget>
  </widget>
  <resources/>
  <connections/>

src/app/sslcertificates.cpp

@@ -1116,20 +1116,45 @@ int SSLCertificates::get_key_params(keyTypes* keytype,std::string &keyTypeString
     return 1;
 }
 
-int SSLCertificates::save_to_pkcs12(FILE *file, char* name,char* pass)
+/**
+ * @brief SSLCertificates::save_to_pkcs12
+ * @param file FILE Handler to file
+ * @param name char* Friendly name of p12
+ * @param pass char* password
+ * @param keyEcrypt int Key encryption NID or 0 for default
+ * @param certEcrypt int Certificate encryption NID or 0 for default
+ * @param keyIterations int Number of key iterations or 0 for default (PKCS12_DEFAULT_ITER)
+ * @param macIterations int Number of MAC iterations or 0 for default (1)
+ * @parma keyType int 0 = none, KEY_SIG = Signature key, KEY_EX = Export key
+ * @return int 1=error generating key, 2=error saving file, 0=OK
+ */
+int SSLCertificates::save_to_pkcs12(FILE *file, char* name,char* pass,
+                       int keyEcrypt, int certEcrypt, int  keyIterations, int macIterations, int keyType )
 {
     PKCS12 *newkey;
+    if (keyIterations == 0 ) keyIterations = PKCS12_DEFAULT_ITER;
+    switch (keyType)
+    {
+      case 0: break;
+      case KEY_SIG : break;
+      case KEY_EX : break;
+      default:
+        // Error message TODO
+        return 1;
+        break;
+    }
+
     newkey = PKCS12_create(
                 pass, //char *pass
                 name, // char *name
                 this->pkey, //EVP_PKEY *pkey
                 this->x509, //X509 *cert,
                 this->ca,   //STACK_OF(X509) *ca,
-                0,      //    int nid_key
-                0,      //    int nid_cert
-                PKCS12_DEFAULT_ITER,      //    int iter
-                0,      //    int mac_iter
-                NID_key_usage);      //   int keytype
+                keyEcrypt,      //    int nid_key
+                certEcrypt,      //    int nid_cert
+                keyIterations,      //    int iter
+                macIterations,      //    int mac_iter
+                keyType); //   int keytype
     if (newkey==nullptr)
       {
         this->get_ssl_errors();

src/app/sslcertificates.h

@@ -182,14 +182,29 @@ class SSLCertificates
      * check ssl errors
      */
     int set_cert_PEM(const char* Skey, const char *password=nullptr);
+
+    std::vector<std::pair<int,std::string>> p12Encrypt =
+    {{0,"Default"},
+     {NID_pbe_WithSHA1And3_Key_TripleDES_CBC,LN_pbe_WithSHA1And3_Key_TripleDES_CBC},
+     {NID_pbe_WithSHA1And2_Key_TripleDES_CBC,LN_pbe_WithSHA1And2_Key_TripleDES_CBC},
+     {NID_pbe_WithSHA1And128BitRC4,LN_pbe_WithSHA1And128BitRC4},
+     {NID_pbe_WithSHA1And40BitRC4,LN_pbe_WithSHA1And40BitRC4}
+    };
+
+    std::vector<std::pair<int,std::string>> p12KeyType =
+    {{0,"None"},
+     {KEY_EX, "Exchange key"},
+     {KEY_SIG, "Signature key"}
+    };
     /**
      * @brief save_to_pkcs12 : save cert and key to pkcs12 file
      * @param file : opened file descriptor
      * @param name : fancy name of P12
      * @param pass : password
      * @return 0: success, 1: error creating p12 struct, 2 : error writing p12
      */
-    int save_to_pkcs12(FILE* file, char *name, char *pass);
+    int save_to_pkcs12(FILE* file, char *name, char *pass,
+                       int keyEcrypt = 0, int certEcrypt = 0, int  keyIterations = 0, int macIterations = 0, int keyType = 0 );
     /**
      * @brief find_friendly_name : copy of SSL Demo pkread.c to find name of pkcs12 structure
      * @param p12 : pkcs12 structure

src/app/sslmainwindow.h

@@ -25,8 +25,8 @@
 #include "cdialogpkcs12.h"
 #include "stackwindow.h"
 
-#define YAOGVERSION "1.1.1"
-#define YAOGVERSIONF "01010100"
+#define YAOGVERSION "1.1.2"
+#define YAOGVERSIONF "01010200"
 #define YAOGPLATFORM "W64"
 #define UPDATESRC "https://www.proy.org/yaog/update.php"