Skip to content

Commit

Permalink
allow user to select and confirm the certificate to use for e2e
Browse files Browse the repository at this point in the history
Signed-off-by: Matthieu Gallien <[email protected]>
  • Loading branch information
mgallien committed Nov 15, 2023
1 parent d2a9b54 commit 29a0f05
Show file tree
Hide file tree
Showing 9 changed files with 166 additions and 188 deletions.
12 changes: 8 additions & 4 deletions src/gui/EncryptionTokenSelectionWindow.qml
Original file line number Diff line number Diff line change
Expand Up @@ -25,8 +25,9 @@ import "./tray"
ApplicationWindow {
id: encryptionKeyChooserDialog

required property var tokensInfo
required property var keysInfo
required property var certificatesInfo
required property ClientSideTokenSelector certificateSelector
property string selectedSerialNumber: ''

flags: Qt.Window | Qt.Dialog
visible: true
Expand Down Expand Up @@ -94,18 +95,19 @@ ApplicationWindow {
currentIndex: -1

model: DelegateModel {
model: keysInfo
model: certificatesInfo

delegate: ItemDelegate {
width: tokensListView.contentItem.width

text: modelData.label
text: modelData.subject

highlighted: tokensListView.currentIndex === index

onClicked: function()
{
tokensListView.currentIndex = index
selectedSerialNumber = modelData.serialNumber
}
}
}
Expand All @@ -126,10 +128,12 @@ ApplicationWindow {

onAccepted: function() {
Systray.destroyDialog(encryptionKeyChooserDialog)
certificateSelector.serialNumber = selectedSerialNumber
}

onRejected: function() {
Systray.destroyDialog(encryptionKeyChooserDialog)
certificateSelector.serialNumber = ''
}
}
}
Expand Down
3 changes: 1 addition & 2 deletions src/gui/accountsettings.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -307,8 +307,7 @@ void AccountSettings::slotDisplayTokenInitDialog()
{
disconnect(_accountState->account()->e2e(), &ClientSideEncryption::initializationFinished, this, &AccountSettings::slotE2eEncryptionInitializationFinished);
disconnect(_accountState->account()->e2e(), &ClientSideEncryption::displayTokenInitDialog, this, &AccountSettings::slotDisplayTokenInitDialog);
Systray::instance()->createTokenInitDialog(_accountState->account()->e2e()->discoveredTokens(),
_accountState->account()->e2e()->discoveredKeys());
Systray::instance()->createTokenInitDialog(_accountState->account()->e2e()->discoveredCertificates(), _accountState->account()->e2e()->usbTokenInformation());
}

void AccountSettings::slotEncryptFolderFinished(int status)
Expand Down
1 change: 1 addition & 0 deletions src/gui/owncloudgui.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -132,6 +132,7 @@ ownCloudGui::ownCloudGui(Application *parent)
qmlRegisterUncreatableType<UnifiedSearchResultsListModel>("com.nextcloud.desktopclient", 1, 0, "UnifiedSearchResultsListModel", "UnifiedSearchResultsListModel");
qmlRegisterUncreatableType<UserStatus>("com.nextcloud.desktopclient", 1, 0, "UserStatus", "Access to Status enum");
qmlRegisterUncreatableType<Sharee>("com.nextcloud.desktopclient", 1, 0, "Sharee", "Access to Type enum");
qmlRegisterUncreatableType<ClientSideTokenSelector>("com.nextcloud.desktopclient", 1, 0, "ClientSideTokenSelector", "Access to the certificate selector");

qRegisterMetaTypeStreamOperators<Emoji>();

Expand Down
20 changes: 15 additions & 5 deletions src/gui/systray.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@
#include "configfile.h"
#include "accessmanager.h"
#include "callstatechecker.h"
#include "clientsidetokenselector.h"

#include <QCursor>
#include <QGuiApplication>
Expand All @@ -35,6 +36,7 @@
#include <QMenu>
#include <QGuiApplication>
#include <QQuickView>
#include <QMessageBox>

#ifdef USE_FDO_NOTIFICATIONS
#include <QDBusConnection>
Expand Down Expand Up @@ -413,24 +415,32 @@ void Systray::createFileActivityDialog(const QString &localPath)
Q_EMIT showFileDetailsPage(localPath, FileDetailsPage::Activity);
}

void Systray::createTokenInitDialog(const QVariantList &tokensInfo,
const QVariantList &keysInfo)
void Systray::createTokenInitDialog(const QVariantList &certificatesInfo,
ClientSideTokenSelector *certificateSelector)
{
if(_tokenInitDialog) {
destroyDialog(_tokenInitDialog);
_tokenInitDialog = nullptr;
}

qCDebug(lcSystray) << "Opening new token init dialog with " << tokensInfo.size() << "possible tokens";
qCDebug(lcSystray) << "Opening new token init dialog with " << certificatesInfo.size() << "possible certificates";

if (!_trayEngine) {
qCWarning(lcSystray) << "Could not open token init dialog as no tray engine was available";
return;
}

if (certificatesInfo.isEmpty() || certificatesInfo.isEmpty()) {
QMessageBox errorDialog;

errorDialog.show();

return;
}

const QVariantMap initialProperties{
{"tokensInfo", tokensInfo},
{"keysInfo", keysInfo}
{"certificatesInfo", certificatesInfo},
{"certificateSelector", QVariant::fromValue(certificateSelector)},
};

QQmlComponent encryptionTokenDialog(_trayEngine, QStringLiteral("qrc:/qml/src/gui/EncryptionTokenSelectionWindow.qml"));
Expand Down
6 changes: 4 additions & 2 deletions src/gui/systray.h
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,8 @@ class QGuiApplication;

namespace OCC {

class ClientSideTokenSelector;

class AccessManagerFactory : public QQmlNetworkAccessManagerFactory
{
public:
Expand Down Expand Up @@ -147,8 +149,8 @@ public slots:

void createShareDialog(const QString &localPath);
void createFileActivityDialog(const QString &localPath);
void createTokenInitDialog(const QVariantList &tokensInfo,
const QVariantList &keysInfo);
void createTokenInitDialog(const QVariantList &certificatesInfo,
ClientSideTokenSelector *certificateSelector);

void presentShareViewInTray(const QString &localPath);

Expand Down
18 changes: 9 additions & 9 deletions src/libsync/clientsideencryption.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -1014,7 +1014,7 @@ std::optional<QByteArray> decryptStringAsymmetricWithToken(ENGINE *sslEngine,

ClientSideEncryption::ClientSideEncryption()
{
connect(&_usbTokenInformation, &ClientSideTokenSelector::discoveredTokensChanged,
connect(&_usbTokenInformation, &ClientSideTokenSelector::discoveredCertificatesChanged,
this, &ClientSideEncryption::displayTokenInitDialog);
}

Expand All @@ -1023,14 +1023,9 @@ bool ClientSideEncryption::isInitialized() const
return !getMnemonic().isEmpty();
}

QVariantList ClientSideEncryption::discoveredTokens() const
QVariantList ClientSideEncryption::discoveredCertificates() const
{
return _usbTokenInformation.discoveredTokens();
}

QVariantList ClientSideEncryption::discoveredKeys() const
{
return _usbTokenInformation.discoveredKeys();
return _usbTokenInformation.discoveredCertificates();
}

const QSslKey &ClientSideEncryption::getPublicKey() const
Expand Down Expand Up @@ -1083,6 +1078,11 @@ ENGINE* ClientSideEncryption::sslEngine() const
return ENGINE_get_default_RSA();
}

ClientSideTokenSelector *ClientSideEncryption::usbTokenInformation()
{
return &_usbTokenInformation;
}

void ClientSideEncryption::initialize(const AccountPtr &account)
{
Q_ASSERT(account);
Expand All @@ -1098,7 +1098,7 @@ void ClientSideEncryption::initialize(const AccountPtr &account)
if (_usbTokenInformation.isSetup()) {
initializeHardwareTokenEncryption(account);
} else if (account->e2eEncryptionKeysGenerationAllowed() && account->askUserForMnemonic()) {
_usbTokenInformation.searchForToken(account);
_usbTokenInformation.searchForCertificates(account);
if (_usbTokenInformation.isSetup()) {
initializeHardwareTokenEncryption(account);
} else {
Expand Down
10 changes: 5 additions & 5 deletions src/libsync/clientsideencryption.h
Original file line number Diff line number Diff line change
Expand Up @@ -143,9 +143,7 @@ class OWNCLOUDSYNC_EXPORT ClientSideEncryption : public QObject {

[[nodiscard]] bool tokenIsSetup() const;

[[nodiscard]] QVariantList discoveredTokens() const;

[[nodiscard]] QVariantList discoveredKeys() const;
[[nodiscard]] QVariantList discoveredCertificates() const;

[[nodiscard]] const QSslKey& getPublicKey() const;

Expand All @@ -165,7 +163,9 @@ class OWNCLOUDSYNC_EXPORT ClientSideEncryption : public QObject {

void setCertificate(const QSslCertificate &certificate);

ENGINE* sslEngine() const;
[[nodiscard]] ENGINE* sslEngine() const;

[[nodiscard]] ClientSideTokenSelector* usbTokenInformation();

signals:
void initializationFinished(bool isNewMnemonicGenerated = false);
Expand All @@ -178,7 +178,7 @@ class OWNCLOUDSYNC_EXPORT ClientSideEncryption : public QObject {

public slots:
void initialize(const OCC::AccountPtr &account);
void initializeHardwareTokenEncryption(const AccountPtr &account);
void initializeHardwareTokenEncryption(const OCC::AccountPtr &account);
void forgetSensitiveData(const OCC::AccountPtr &account);

private slots:
Expand Down
Loading

0 comments on commit 29a0f05

Please sign in to comment.