diff options
| author | wurstsalat <mailtrash@posteo.de> | 2023-04-16 20:21:36 +0300 |
|---|---|---|
| committer | wurstsalat <mailtrash@posteo.de> | 2023-04-16 20:22:29 +0300 |
| commit | 79ef0d0c312e9cf8678de117dcb2b238caa0b09a (patch) | |
| tree | 27528a9b877cc841221a5636d7c6019db3fe5bed | |
| parent | bd71d7db0e7b2dd60f1b4d5b0eb1fe730212d60b (diff) | |
imprv: CertificateDialog: Add additional infos and remove org unit field
- Remove org unit field
- Add Subject Alt Names
- Add Public key information
Fixes #11461
| -rw-r--r-- | gajim/data/gui/certificate.ui | 214 | ||||
| -rw-r--r-- | gajim/gtk/builder.pyi | 5 | ||||
| -rw-r--r-- | gajim/gtk/certificate_dialog.py | 58 |
3 files changed, 176 insertions, 101 deletions
diff --git a/gajim/data/gui/certificate.ui b/gajim/data/gui/certificate.ui index 58601a10f..0892ce08f 100644 --- a/gajim/data/gui/certificate.ui +++ b/gajim/data/gui/certificate.ui @@ -1,7 +1,7 @@ <?xml version="1.0" encoding="UTF-8"?> -<!-- Generated with glade 3.38.2 --> +<!-- Generated with glade 3.40.0 --> <interface> - <requires lib="gtk+" version="3.20"/> + <requires lib="gtk+" version="3.24"/> <object class="GtkBox" id="certificate_box"> <property name="visible">True</property> <property name="can-focus">False</property> @@ -52,7 +52,7 @@ </packing> </child> <child> - <!-- n-columns=3 n-rows=16 --> + <!-- n-columns=3 n-rows=18 --> <object class="GtkGrid"> <property name="visible">True</property> <property name="can-focus">False</property> @@ -123,7 +123,7 @@ <property name="can-focus">False</property> <property name="halign">end</property> <property name="valign">start</property> - <property name="label" translatable="yes">Organizational Unit (OU)</property> + <property name="label" translatable="yes">Subject Alt Names</property> <style> <class name="dim-label"/> </style> @@ -134,7 +134,7 @@ </packing> </child> <child> - <object class="GtkLabel" id="data_it_organizational_unit"> + <object class="GtkLabel" id="data_it_subject_alt_names"> <property name="visible">True</property> <property name="can-focus">False</property> <property name="halign">start</property> @@ -243,29 +243,48 @@ <object class="GtkLabel"> <property name="visible">True</property> <property name="can-focus">False</property> - <property name="halign">end</property> - <property name="valign">start</property> - <property name="label" translatable="yes">Organizational Unit (OU)</property> + <property name="margin-top">6</property> + <property name="label" translatable="yes">Issued to</property> <style> - <class name="dim-label"/> + <class name="bold"/> </style> </object> <packing> <property name="left-attach">0</property> - <property name="top-attach">8</property> + <property name="top-attach">0</property> + <property name="width">2</property> </packing> </child> <child> - <object class="GtkLabel" id="data_ib_organizational_unit"> + <object class="GtkLabel"> <property name="visible">True</property> <property name="can-focus">False</property> - <property name="halign">start</property> - <property name="label"><></property> - <property name="xalign">0</property> + <property name="margin-top">12</property> + <property name="label" translatable="yes">Issued by</property> + <style> + <class name="bold"/> + </style> </object> <packing> - <property name="left-attach">1</property> + <property name="left-attach">0</property> + <property name="top-attach">5</property> + <property name="width">2</property> + </packing> + </child> + <child> + <object class="GtkLabel"> + <property name="visible">True</property> + <property name="can-focus">False</property> + <property name="margin-top">12</property> + <property name="label" translatable="yes">Validity</property> + <style> + <class name="bold"/> + </style> + </object> + <packing> + <property name="left-attach">0</property> <property name="top-attach">8</property> + <property name="width">3</property> </packing> </child> <child> @@ -281,7 +300,7 @@ </object> <packing> <property name="left-attach">0</property> - <property name="top-attach">10</property> + <property name="top-attach">9</property> </packing> </child> <child> @@ -294,6 +313,19 @@ </object> <packing> <property name="left-attach">1</property> + <property name="top-attach">9</property> + </packing> + </child> + <child> + <object class="GtkLabel" id="data_expires_on"> + <property name="visible">True</property> + <property name="can-focus">False</property> + <property name="halign">start</property> + <property name="label"><></property> + <property name="xalign">0</property> + </object> + <packing> + <property name="left-attach">1</property> <property name="top-attach">10</property> </packing> </child> @@ -310,20 +342,41 @@ </object> <packing> <property name="left-attach">0</property> + <property name="top-attach">10</property> + </packing> + </child> + <child> + <object class="GtkLabel"> + <property name="visible">True</property> + <property name="can-focus">False</property> + <property name="margin-top">12</property> + <property name="label" translatable="yes">Fingerprints</property> + <style> + <class name="bold"/> + </style> + </object> + <packing> + <property name="left-attach">0</property> <property name="top-attach">11</property> + <property name="width">3</property> </packing> </child> <child> - <object class="GtkLabel" id="data_expires_on"> + <object class="GtkLabel" id="data_sha1"> <property name="visible">True</property> <property name="can-focus">False</property> <property name="halign">start</property> <property name="label"><></property> - <property name="xalign">0</property> + <property name="wrap">True</property> + <property name="wrap-mode">char</property> + <property name="selectable">True</property> + <attributes> + <attribute name="font-desc" value="Monospace 8"/> + </attributes> </object> <packing> <property name="left-attach">1</property> - <property name="top-attach">11</property> + <property name="top-attach">12</property> </packing> </child> <child> @@ -339,55 +392,63 @@ </object> <packing> <property name="left-attach">0</property> - <property name="top-attach">13</property> + <property name="top-attach">12</property> </packing> </child> <child> - <object class="GtkLabel"> + <object class="GtkLabel" id="data_sha256"> <property name="visible">True</property> <property name="can-focus">False</property> - <property name="margin-top">6</property> - <property name="label" translatable="yes">Issued to</property> - <style> - <class name="bold"/> - </style> + <property name="halign">start</property> + <property name="label"><></property> + <property name="wrap">True</property> + <property name="wrap-mode">char</property> + <property name="selectable">True</property> + <attributes> + <attribute name="font-desc" value="Monospace 8"/> + </attributes> </object> <packing> - <property name="left-attach">0</property> - <property name="top-attach">0</property> - <property name="width">2</property> + <property name="left-attach">1</property> + <property name="top-attach">13</property> </packing> </child> <child> <object class="GtkLabel"> <property name="visible">True</property> <property name="can-focus">False</property> - <property name="margin-top">12</property> - <property name="label" translatable="yes">Issued by</property> + <property name="halign">end</property> + <property name="valign">start</property> + <property name="label" translatable="yes">SHA-256</property> <style> - <class name="bold"/> + <class name="dim-label"/> </style> </object> <packing> <property name="left-attach">0</property> - <property name="top-attach">5</property> - <property name="width">2</property> + <property name="top-attach">13</property> </packing> </child> <child> - <object class="GtkLabel"> + <object class="GtkButton" id="copy_cert_info_button"> <property name="visible">True</property> - <property name="can-focus">False</property> - <property name="margin-top">12</property> - <property name="label" translatable="yes">Validity</property> - <style> - <class name="bold"/> - </style> + <property name="can-focus">True</property> + <property name="has-focus">True</property> + <property name="receives-default">False</property> + <property name="tooltip-text" translatable="yes">Copy Certificate Information</property> + <property name="halign">end</property> + <signal name="clicked" handler="_on_copy_cert_info_button_clicked" swapped="no"/> + <child> + <object class="GtkImage" id="image1"> + <property name="visible">True</property> + <property name="can-focus">False</property> + <property name="icon-name">edit-copy-symbolic</property> + </object> + </child> </object> <packing> - <property name="left-attach">0</property> - <property name="top-attach">9</property> - <property name="width">2</property> + <property name="left-attach">1</property> + <property name="top-attach">17</property> </packing> </child> <child> @@ -395,33 +456,31 @@ <property name="visible">True</property> <property name="can-focus">False</property> <property name="margin-top">12</property> - <property name="label" translatable="yes">Fingerprints</property> + <property name="label" translatable="yes">Public Key Information</property> <style> <class name="bold"/> </style> </object> <packing> <property name="left-attach">0</property> - <property name="top-attach">12</property> - <property name="width">2</property> + <property name="top-attach">14</property> + <property name="width">3</property> </packing> </child> <child> - <object class="GtkLabel" id="data_sha1"> + <object class="GtkLabel"> <property name="visible">True</property> <property name="can-focus">False</property> - <property name="halign">start</property> - <property name="label"><></property> - <property name="wrap">True</property> - <property name="wrap-mode">char</property> - <property name="selectable">True</property> - <attributes> - <attribute name="font-desc" value="Monospace 8"/> - </attributes> + <property name="halign">end</property> + <property name="valign">start</property> + <property name="label" translatable="yes">Algorithm</property> + <style> + <class name="dim-label"/> + </style> </object> <packing> - <property name="left-attach">1</property> - <property name="top-attach">13</property> + <property name="left-attach">0</property> + <property name="top-attach">15</property> </packing> </child> <child> @@ -430,54 +489,38 @@ <property name="can-focus">False</property> <property name="halign">end</property> <property name="valign">start</property> - <property name="label" translatable="yes">SHA-256</property> + <property name="label" translatable="yes">Key Size</property> <style> <class name="dim-label"/> </style> </object> <packing> <property name="left-attach">0</property> - <property name="top-attach">14</property> + <property name="top-attach">16</property> </packing> </child> <child> - <object class="GtkLabel" id="data_sha256"> + <object class="GtkLabel" id="public_key_algorithm"> <property name="visible">True</property> <property name="can-focus">False</property> - <property name="halign">start</property> <property name="label"><></property> - <property name="wrap">True</property> - <property name="wrap-mode">char</property> - <property name="selectable">True</property> - <attributes> - <attribute name="font-desc" value="Monospace 8"/> - </attributes> + <property name="xalign">0</property> </object> <packing> <property name="left-attach">1</property> - <property name="top-attach">14</property> + <property name="top-attach">15</property> </packing> </child> <child> - <object class="GtkButton" id="copy_cert_info_button"> + <object class="GtkLabel" id="public_key_size"> <property name="visible">True</property> - <property name="can-focus">True</property> - <property name="has-focus">True</property> - <property name="receives-default">False</property> - <property name="tooltip-text" translatable="yes">Copy Certificate Information</property> - <property name="halign">end</property> - <signal name="clicked" handler="_on_copy_cert_info_button_clicked" swapped="no"/> - <child> - <object class="GtkImage" id="image1"> - <property name="visible">True</property> - <property name="can-focus">False</property> - <property name="icon-name">edit-copy-symbolic</property> - </object> - </child> + <property name="can-focus">False</property> + <property name="label"><></property> + <property name="xalign">0</property> </object> <packing> <property name="left-attach">1</property> - <property name="top-attach">15</property> + <property name="top-attach">16</property> </packing> </child> <child> @@ -528,9 +571,6 @@ <child> <placeholder/> </child> - <child> - <placeholder/> - </child> </object> <packing> <property name="expand">False</property> diff --git a/gajim/gtk/builder.pyi b/gajim/gtk/builder.pyi index 224ad1d46..d3c3202a1 100644 --- a/gajim/gtk/builder.pyi +++ b/gajim/gtk/builder.pyi @@ -172,17 +172,18 @@ class CertificateBuilder(Builder): label_cert_for_account: Gtk.Label data_it_common_name: Gtk.Label data_it_organization: Gtk.Label - data_it_organizational_unit: Gtk.Label + data_it_subject_alt_names: Gtk.Label data_it_serial_number: Gtk.Label data_ib_common_name: Gtk.Label data_ib_organization: Gtk.Label - data_ib_organizational_unit: Gtk.Label data_issued_on: Gtk.Label data_expires_on: Gtk.Label data_sha1: Gtk.Label data_sha256: Gtk.Label copy_cert_info_button: Gtk.Button image1: Gtk.Image + public_key_algorithm: Gtk.Label + public_key_size: Gtk.Label class ChatBannerBuilder(Builder): diff --git a/gajim/gtk/certificate_dialog.py b/gajim/gtk/certificate_dialog.py index 7dbebe37e..8a938d6ea 100644 --- a/gajim/gtk/certificate_dialog.py +++ b/gajim/gtk/certificate_dialog.py @@ -12,7 +12,16 @@ # You should have received a copy of the GNU General Public License # along with Gajim. If not, see <http://www.gnu.org/licenses/>. +from typing import cast + from cryptography.hazmat.primitives import hashes +from cryptography.hazmat.primitives.asymmetric.dsa import DSAPublicKey +from cryptography.hazmat.primitives.asymmetric.ec import EllipticCurvePublicKey +from cryptography.hazmat.primitives.asymmetric.ed448 import Ed448PublicKey +from cryptography.hazmat.primitives.asymmetric.ed25519 import Ed25519PublicKey +from cryptography.hazmat.primitives.asymmetric.rsa import RSAPublicKey +from cryptography.x509 import DNSName +from cryptography.x509.oid import ExtensionOID from gi.repository import Gdk from gi.repository import Gio from gi.repository import Gtk @@ -64,7 +73,6 @@ class CertificateBox(Gtk.Box): self._it_common_name = '' self._it_organization = '' - self._it_org_unit = '' for attribute in cert.subject: # See https://datatracker.ietf.org/doc/html/rfc4514.html dotted_string = attribute.oid.dotted_string @@ -72,16 +80,23 @@ class CertificateBox(Gtk.Box): self._it_common_name = str(attribute.value) if dotted_string == '2.5.4.10': self._it_organization = str(attribute.value) - if dotted_string == '2.5.4.11': - self._it_org_unit = str(attribute.value) - serial_str = '0{:02X}'.format(cert.serial_number) + # Get the subjectAltName extension from the certificate + subject_ext = cert.extensions.get_extension_for_oid( + ExtensionOID.SUBJECT_ALTERNATIVE_NAME) + # Get the DNSName entries from the SAN extension + alt_names = cast( + list[str], + subject_ext.value.get_values_for_type(DNSName)) # pyright: ignore + self._it_subject_alt_names = '\n'.join(alt_names) + + serial_str = '0{:02X}'.format(cert.serial_number) serial_str_foratted = ':'.join( map('{}{}'.format, *(serial_str[::2], serial_str[1::2]))) self._it_serial_number = serial_str_foratted + self._ib_common_name = '' self._ib_organization = '' - self._ib_org_unit = '' for attribute in cert.issuer: # See https://datatracker.ietf.org/doc/html/rfc4514.html dotted_string = attribute.oid.dotted_string @@ -89,8 +104,6 @@ class CertificateBox(Gtk.Box): self._ib_common_name = str(attribute.value) if dotted_string == '2.5.4.10': self._ib_organization = str(attribute.value) - if dotted_string == '2.5.4.11': - self._ib_org_unit = str(attribute.value) self._issued = cert.not_valid_before.strftime('%c %Z') self._expires = cert.not_valid_after.strftime('%c %Z') @@ -104,14 +117,35 @@ class CertificateBox(Gtk.Box): self._sha256 = '%s\n%s\n%s\n%s' % ( sha256[:23], sha256[24:47], sha256[48:71], sha256[72:]) + public_key = cert.public_key() + self._pk_algorithm = '' + if isinstance(public_key, RSAPublicKey): + self._pk_algorithm = 'RSA' + elif isinstance(public_key, DSAPublicKey): + self._pk_algorithm = 'DSA' + elif isinstance(public_key, EllipticCurvePublicKey): + self._pk_algorithm = 'Elliptic Curve' + elif isinstance(public_key, Ed25519PublicKey): + self._pk_algorithm = 'ED25519' + elif isinstance(public_key, Ed448PublicKey): + self._pk_algorithm = 'ED448' + + self._pk_size = _('Unknown') + if isinstance(public_key, + (RSAPublicKey, DSAPublicKey, EllipticCurvePublicKey)): + self._pk_size = f'{public_key.key_size} Bit' + + self._ui.public_key_algorithm.set_text(self._pk_algorithm) + self._ui.public_key_size.set_text(self._pk_size) + self._ui.label_cert_for_account.set_text(self._headline) self._ui.data_it_common_name.set_text(self._it_common_name) self._ui.data_it_organization.set_text(self._it_organization) - self._ui.data_it_organizational_unit.set_text(self._it_org_unit) + self._ui.data_it_subject_alt_names.set_text( + self._it_subject_alt_names) self._ui.data_it_serial_number.set_text(self._it_serial_number) self._ui.data_ib_common_name.set_text(self._ib_common_name) self._ui.data_ib_organization.set_text(self._ib_organization) - self._ui.data_ib_organizational_unit.set_text(self._ib_org_unit) self._ui.data_issued_on.set_text(self._issued) self._ui.data_expires_on.set_text(self._expires) self._ui.data_sha1.set_text(self._sha1) @@ -127,19 +161,19 @@ class CertificateBox(Gtk.Box): _('Issued to\n') + \ _('Common Name (CN): ') + self._it_common_name + '\n' + \ _('Organization (O): ') + self._it_organization + '\n' + \ - _('Organizational Unit (OU): ') + self._it_org_unit + '\n' + \ + _('Subject Alt Names: ') + self._it_subject_alt_names + '\n' + \ _('Serial Number: ') + self._it_serial_number + '\n\n' + \ _('Issued by\n') + \ _('Common Name (CN): ') + self._ib_common_name + '\n' + \ _('Organization (O): ') + self._ib_organization + '\n' + \ - _('Organizational Unit (OU): ') + self._ib_org_unit + '\n\n' + \ _('Validity\n') + \ _('Issued on: ') + self._issued + '\n' + \ _('Expires on: ') + self._expires + '\n\n' + \ _('SHA-1:') + '\n' + \ self._sha1 + '\n' + \ _('SHA-256:') + '\n' + \ - self._sha256 + '\n' + self._sha256 + '\n\n' + \ + _('Public Key: ') + self._pk_algorithm + ' ' + self._pk_size clipboard = Gtk.Clipboard.get(Gdk.SELECTION_CLIPBOARD) clipboard.set_text(clipboard_text, -1) |