Added pkcs12 options

YetAnotherOpensslGui.pro

@@ -13,6 +13,8 @@ TARGET = YetAnotherOpensslGui
 TEMPLATE = app
 
 SOURCES += src/app/main.cpp\
+ #src/app/cx509extensions.cpp \
+ src/app/dialogx509extensions.cpp \
  src/app/sslmainwindow.cpp \
  src/app/sslcertificates.cpp \
  src/app/dialoggeneratekey.cpp \
@@ -23,6 +25,8 @@ SOURCES += src/app/main.cpp\
  src/app/stackwindow.cpp
 
 HEADERS += src/app/sslmainwindow.h \
+ #src/app/cx509extensions.h \
+ src/app/dialogx509extensions.h \
  src/app/sslcertificates.h \
  src/app/dialoggeneratekey.h \
  src/app/dialogsslerrors.h \
@@ -35,6 +39,7 @@ FORMS += src/app/sslmainwindow.ui \
  src/app/dialoggeneratekey.ui \
  src/app/dialogsslerrors.ui \
  src/app/dialogcertdate.ui \
+ src/app/dialogx509extensions.ui \
  src/app/dialogx509v3extention.ui \
  src/app/cdialogpkcs12.ui \
  src/app/stackwindow.ui

src/app/cdialogpkcs12.cpp

@@ -38,9 +38,25 @@ CDialogPKCS12::CDialogPKCS12(SSLCertificates *Certificate, QString Filename, boo
  this->ui->pushButtonImportCert->hide();
  this->ui->pushButtonImportMain->hide();
  this->ui->pushButtonPushAll->hide();
+ for (unsigned long long i=0; i<this->cert->p12Encrypt.size();i++)
+ {
+ this->ui->comboBoxCertEncryption->addItem(QString::fromStdString(this->cert->p12Encrypt[i].second),QVariant(this->cert->p12Encrypt[i].first));
+ this->ui->comboBoxKeyEncryption->addItem(QString::fromStdString(this->cert->p12Encrypt[i].second),QVariant(this->cert->p12Encrypt[i].first));
+ }
+ for (unsigned long long i=0; i<this->cert->p12KeyType.size();i++)
+ {
+ this->ui->comboBoxKeyType->addItem(QString::fromStdString(this->cert->p12KeyType[i].second),QVariant(this->cert->p12KeyType[i].first));
+ }
  }
  else
  {
+ this->ui->comboBoxCertEncryption->hide();
+ this->ui->labelCertEncryption->hide();
+ this->ui->comboBoxKeyEncryption->hide();
+ this->ui->labelKeyEncryption->hide();
+ this->ui->comboBoxKeyType->hide();
+ this->ui->labelKeyType->hide();
+
  this->ui->lineEditPassword->hide();
  this->ui->labelPassword->hide();
  this->ui->pushButtonLoadCert->hide();
@@ -179,7 +195,37 @@ void CDialogPKCS12::on_pushButtonSaveAs_clicked()
  QString pass=ui->lineEditPassword->text();
  ui->lineEditPassword->setText(" ");
  ui->lineEditPassword->setText("");
- switch (this->cert->save_to_pkcs12(file,name.toLocal8Bit().data(),pass.toLocal8Bit().data()))
+
+ int keyType,certEncrypt,keyEncrypt = 0;
+ if (ui->comboBoxKeyType->currentData().canConvert(QMetaType::Int))
+ {
+ keyType = ui->comboBoxKeyType->currentData().toInt();
+ }
+ else
+ {
+ QMessageBox::warning(this,tr("Error in keytype"),tr("Invalid key type : ")+ui->comboBoxKeyType->currentData().toString());
+ return;
+ }
+ if (ui->comboBoxCertEncryption->currentData().canConvert(QMetaType::Int))
+ {
+ certEncrypt = ui->comboBoxCertEncryption->currentData().toInt();
+ }
+ else
+ {
+ QMessageBox::warning(this,tr("Error in keytype"),tr("Invalid key type : ")+ui->comboBoxCertEncryption->currentData().toString());
+ return;
+ }
+ if (ui->comboBoxKeyEncryption->currentData().canConvert(QMetaType::Int))
+ {
+ keyEncrypt = ui->comboBoxKeyEncryption->currentData().toInt();
+ }
+ else
+ {
+ QMessageBox::warning(this,tr("Error in keytype"),tr("Invalid key type : ")+ui->comboBoxKeyEncryption->currentData().toString());
+ return;
+ }
+
+ switch (this->cert->save_to_pkcs12(file,name.toLocal8Bit().data(),pass.toLocal8Bit().data(),keyEncrypt,certEncrypt,0,0,keyType))
  {
  case 0:
  QMessageBox::information(this,tr("Saved"),tr("File saved"));

src/app/cdialogpkcs12.ui

@@ -7,7 +7,7 @@
  <x>0</x>
  <y>0</y>
  <width>492</width>
- <height>411</height>
+ <height>471</height>
  </rect>
  </property>
  <property name="windowTitle">
@@ -152,7 +152,7 @@
  <property name="geometry">
  <rect>
  <x>20</x>
- <y>370</y>
+ <y>430</y>
  <width>461</width>
  <height>31</height>
  </rect>
@@ -194,6 +194,75 @@
  </item>
  </layout>
  </widget>
+ <widget class="QComboBox" name="comboBoxKeyType">
+ <property name="geometry">
+ <rect>
+ <x>20</x>
+ <y>360</y>
+ <width>90</width>
+ <height>22</height>
+ </rect>
+ </property>
+ </widget>
+ <widget class="QLabel" name="labelKeyType">
+ <property name="geometry">
+ <rect>
+ <x>20</x>
+ <y>340</y>
+ <width>80</width>
+ <height>16</height>
+ </rect>
+ </property>
+ <property name="text">
+ <string>Private key flag</string>
+ </property>
+ </widget>
+ <widget class="QLabel" name="labelKeyEncryption">
+ <property name="geometry">
+ <rect>
+ <x>22</x>
+ <y>383</y>
+ <width>80</width>
+ <height>16</height>
+ </rect>
+ </property>
+ <property name="text">
+ <string>Key encryption</string>
+ </property>
+ </widget>
+ <widget class="QLabel" name="labelCertEncryption">
+ <property name="geometry">
+ <rect>
+ <x>130</x>
+ <y>340</y>
+ <width>91</width>
+ <height>16</height>
+ </rect>
+ </property>
+ <property name="text">
+ <string>Cert encryption</string>
+ </property>
+ </widget>
+ <widget class="QComboBox" name="comboBoxKeyEncryption">
+ <property name="geometry">
+ <rect>
+ <x>20</x>
+ <y>402</y>
+ <width>201</width>
+ <height>22</height>
+ </rect>
+ </property>
+ </widget>
+ <widget class="QComboBox" name="comboBoxCertEncryption">
+ <property name="geometry">
+ <rect>
+ <x>130</x>
+ <y>360</y>
+ <width>231</width>
+ <height>22</height>
+ </rect>
+ </property>
+ </widget>
  </widget>
  <resources/>
  <connections/>

src/app/sslcertificates.cpp

@@ -1116,20 +1116,45 @@ int SSLCertificates::get_key_params(keyTypes* keytype,std::string &keyTypeString
  return 1;
 }
 
-int SSLCertificates::save_to_pkcs12(FILE *file, char* name,char* pass)
+/**
+ * @brief SSLCertificates::save_to_pkcs12
+ * @param file FILE Handler to file
+ * @param name char* Friendly name of p12
+ * @param pass char* password
+ * @param keyEcrypt int Key encryption NID or 0 for default
+ * @param certEcrypt int Certificate encryption NID or 0 for default
+ * @param keyIterations int Number of key iterations or 0 for default (PKCS12_DEFAULT_ITER)
+ * @param macIterations int Number of MAC iterations or 0 for default (1)
+ * @parma keyType int 0 = none, KEY_SIG = Signature key, KEY_EX = Export key
+ * @return int 1=error generating key, 2=error saving file, 0=OK
+ */
+int SSLCertificates::save_to_pkcs12(FILE *file, char* name,char* pass,
+ int keyEcrypt, int certEcrypt, int keyIterations, int macIterations, int keyType )
 {
  PKCS12 *newkey;
+ if (keyIterations == 0 ) keyIterations = PKCS12_DEFAULT_ITER;
+ switch (keyType)
+ {
+ case 0: break;
+ case KEY_SIG : break;
+ case KEY_EX : break;
+ default:
+ // Error message TODO
+ return 1;
+ break;
+ }
+
  newkey = PKCS12_create(
  pass, //char *pass
  name, // char *name
  this->pkey, //EVP_PKEY *pkey
  this->x509, //X509 *cert,
  this->ca, //STACK_OF(X509) *ca,
- 0, // int nid_key
- 0, // int nid_cert
- PKCS12_DEFAULT_ITER, // int iter
- 0, // int mac_iter
- NID_key_usage);  // int keytype
+ keyEcrypt, // int nid_key
+ certEcrypt, // int nid_cert
+ keyIterations, // int iter
+ macIterations, // int mac_iter
+ keyType); // int keytype
  if (newkey==nullptr)
  {
  this->get_ssl_errors();

src/app/sslcertificates.h

@@ -182,14 +182,29 @@ class SSLCertificates
  * check ssl errors
  */
  int set_cert_PEM(const char* Skey, const char *password=nullptr);
+
+ std::vector<std::pair<int,std::string>> p12Encrypt =
+ {{0,"Default"},
+ {NID_pbe_WithSHA1And3_Key_TripleDES_CBC,LN_pbe_WithSHA1And3_Key_TripleDES_CBC},
+ {NID_pbe_WithSHA1And2_Key_TripleDES_CBC,LN_pbe_WithSHA1And2_Key_TripleDES_CBC},
+ {NID_pbe_WithSHA1And128BitRC4,LN_pbe_WithSHA1And128BitRC4},
+ {NID_pbe_WithSHA1And40BitRC4,LN_pbe_WithSHA1And40BitRC4}
+ };
+
+ std::vector<std::pair<int,std::string>> p12KeyType =
+ {{0,"None"},
+ {KEY_EX, "Exchange key"},
+ {KEY_SIG, "Signature key"}
+ };
  /**
  * @brief save_to_pkcs12 : save cert and key to pkcs12 file
  * @param file : opened file descriptor
  * @param name : fancy name of P12
  * @param pass : password
  * @return 0: success, 1: error creating p12 struct, 2 : error writing p12
  */
- int save_to_pkcs12(FILE* file, char *name, char *pass);
+ int save_to_pkcs12(FILE* file, char *name, char *pass,
+ int keyEcrypt = 0, int certEcrypt = 0, int keyIterations = 0, int macIterations = 0, int keyType = 0 );
  /**
  * @brief find_friendly_name : copy of SSL Demo pkread.c to find name of pkcs12 structure
  * @param p12 : pkcs12 structure

src/app/sslmainwindow.h

@@ -25,8 +25,8 @@
 #include "cdialogpkcs12.h"
 #include "stackwindow.h"
 
-#define YAOGVERSION "1.1.1"
-#define YAOGVERSIONF "01010100"
+#define YAOGVERSION "1.1.2"
+#define YAOGVERSIONF "01010200"
 #define YAOGPLATFORM "W64"
 #define UPDATESRC "https://www.proy.org/yaog/update.php"