diff options
author | Timothy Pearson <[email protected]> | 2015-09-06 19:15:49 -0500 |
---|---|---|
committer | Timothy Pearson <[email protected]> | 2015-09-06 19:15:49 -0500 |
commit | 9556cd9e6908d6906717a89fff12b046beaeb7fd (patch) | |
tree | c27d61d4c6dab7f8ba932665384cf8a3e74a4617 /kcontrol | |
parent | e89d9e5e16bf98525b26104218448bcd8e91bdc2 (diff) | |
download | tdebase-9556cd9e6908d6906717a89fff12b046beaeb7fd.tar.gz tdebase-9556cd9e6908d6906717a89fff12b046beaeb7fd.zip |
Add LUKS key management to tdehwmanager
Diffstat (limited to 'kcontrol')
-rw-r--r-- | kcontrol/hwmanager/CMakeLists.txt | 3 | ||||
-rw-r--r-- | kcontrol/hwmanager/cryptpassworddlg.cpp | 115 | ||||
-rw-r--r-- | kcontrol/hwmanager/cryptpassworddlg.h | 61 | ||||
-rw-r--r-- | kcontrol/hwmanager/cryptpassworddlgbase.ui | 132 | ||||
-rw-r--r-- | kcontrol/hwmanager/devicepropsdlg.cpp | 115 | ||||
-rw-r--r-- | kcontrol/hwmanager/devicepropsdlg.h | 6 | ||||
-rw-r--r-- | kcontrol/hwmanager/devicepropsdlgbase.ui | 93 |
7 files changed, 522 insertions, 3 deletions
diff --git a/kcontrol/hwmanager/CMakeLists.txt b/kcontrol/hwmanager/CMakeLists.txt index 584eba7bc..8b46dd98e 100644 --- a/kcontrol/hwmanager/CMakeLists.txt +++ b/kcontrol/hwmanager/CMakeLists.txt @@ -33,7 +33,8 @@ set_source_files_properties( hwmanager.cpp PROPERTIES COMPILE_FLAGS -DKDE_CONFDI tde_add_kpart( kcm_hwmanager AUTOMOC SOURCES - hwmanager.cpp deviceiconview.cpp devicepropsdlg.cpp devicepropsdlgbase.ui hwmanagerbase.ui hwmanager.skel + hwmanager.cpp deviceiconview.cpp devicepropsdlg.cpp devicepropsdlgbase.ui hwmanagerbase.ui + cryptpassworddlg.cpp cryptpassworddlgbase.ui hwmanager.skel LINK tdeio-shared DESTINATION ${PLUGIN_INSTALL_DIR} ) diff --git a/kcontrol/hwmanager/cryptpassworddlg.cpp b/kcontrol/hwmanager/cryptpassworddlg.cpp new file mode 100644 index 000000000..43d714e12 --- /dev/null +++ b/kcontrol/hwmanager/cryptpassworddlg.cpp @@ -0,0 +1,115 @@ +/* This file is part of TDE + Copyright (C) 2015 Timothy Pearson <[email protected]> + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Library General Public + License as published by the Free Software Foundation; either + version 2 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Library General Public License for more details. + + You should have received a copy of the GNU Library General Public License + along with this library; see the file COPYING.LIB. If not, write to + the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, + Boston, MA 02110-1301, USA. +*/ +#include <config.h> + +#include <tqradiobutton.h> +#include <tqpushbutton.h> +#include <tqvalidator.h> +#include <tqlineedit.h> +#include <tqiconset.h> +#include <tqlabel.h> +#include <tqtabwidget.h> +#include <tqgroupbox.h> +#include <tqlayout.h> +#include <tqslider.h> +#include <tqpainter.h> +#include <tqstyle.h> +#include <tqfile.h> +#include <tqinternal_p.h> +#undef Unsorted // Required for --enable-final (tqdir.h) +#include <tqfiledialog.h> + +#include <kpassdlg.h> +#include <kbuttonbox.h> +#include <kcombobox.h> +#include <tdelocale.h> +#include <kiconloader.h> +#include <kurlrequester.h> +#include <tdeapplication.h> +#include <klineedit.h> +#include <kpushbutton.h> +#include <kstdguiitem.h> +#include <tdemessagebox.h> + +#include "cryptpassworddlg.h" + +CryptPasswordDialog::CryptPasswordDialog(TQWidget *parent, TQString passwordPrompt, TQString caption) + : KDialogBase(Plain, ((caption == "")?i18n("Enter Password"):caption), Ok|Cancel, Ok, parent, 0L, true, true) +{ + m_base = new CryptPasswordDialogBase(plainPage()); + + TQGridLayout *mainGrid = new TQGridLayout(plainPage(), 1, 1, 0, spacingHint()); + mainGrid->setRowStretch(1, 1); + mainGrid->addWidget(m_base, 0, 0); + + m_base->passwordPrompt->setText(passwordPrompt); + m_base->passwordIcon->setPixmap(SmallIcon("password.png")); + + connect(m_base->textPasswordButton, TQT_SIGNAL(clicked()), this, TQT_SLOT(processLockouts())); + connect(m_base->filePasswordButton, TQT_SIGNAL(clicked()), this, TQT_SLOT(processLockouts())); + connect(m_base->textPasswordEntry, TQT_SIGNAL(textChanged(const TQString&)), this, TQT_SLOT(processLockouts())); + connect(m_base->filePasswordURL, TQT_SIGNAL(textChanged(const TQString&)), this, TQT_SLOT(processLockouts())); + + m_base->textPasswordEntry->setFocus(); + + processLockouts(); +} + +CryptPasswordDialog::~CryptPasswordDialog() +{ +} + +TQByteArray CryptPasswordDialog::password() { + if (m_base->textPasswordButton->isOn() == true) { + m_password.duplicate(m_base->textPasswordEntry->password(), strlen(m_base->textPasswordEntry->password())); + } + else { + m_password = TQFile(m_base->filePasswordURL->url()).readAll(); + } + + return m_password; +} + +void CryptPasswordDialog::processLockouts() { + if (m_base->textPasswordButton->isOn() == true) { + m_base->textPasswordEntry->setEnabled(true); + m_base->filePasswordURL->setEnabled(false); + if (strlen(m_base->textPasswordEntry->password()) > 0) { + enableButtonOK(true); + } + else { + enableButtonOK(false); + } + } + else { + m_base->textPasswordEntry->setEnabled(false); + m_base->filePasswordURL->setEnabled(true); + if (TQFile(m_base->filePasswordURL->url()).exists()) { + enableButtonOK(true); + } + else { + enableButtonOK(false); + } + } +} + +void CryptPasswordDialog::virtual_hook( int id, void* data ) +{ KDialogBase::virtual_hook( id, data ); } + +#include "cryptpassworddlg.moc" diff --git a/kcontrol/hwmanager/cryptpassworddlg.h b/kcontrol/hwmanager/cryptpassworddlg.h new file mode 100644 index 000000000..8cec6e55b --- /dev/null +++ b/kcontrol/hwmanager/cryptpassworddlg.h @@ -0,0 +1,61 @@ +/* This file is part of TDE + Copyright (C) 2015 Timothy Pearson <[email protected]> + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Library General Public + License as published by the Free Software Foundation; either + version 2 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Library General Public License for more details. + + You should have received a copy of the GNU Library General Public License + along with this library; see the file COPYING.LIB. If not, write to + the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, + Boston, MA 02110-1301, USA. +*/ +#ifndef __cryptpassworddlg_h__ +#define __cryptpassworddlg_h__ + +#include <kdialogbase.h> + +#include "cryptpassworddlgbase.h" + +/** + * + * Dialog to enter LUKS passwords or password files + * + * @version 0.1 + * @author Timothy Pearson <[email protected]> + */ + +class TDEUI_EXPORT CryptPasswordDialog : public KDialogBase +{ + Q_OBJECT +public: + /** + * Create a dialog that allows a user to enter LUKS passwords or password files + * @param parent Parent widget + */ + CryptPasswordDialog(TQWidget *parent, TQString passwordPrompt, TQString caption=TQString::null); + virtual ~CryptPasswordDialog(); + + TQByteArray password(); + +protected: + virtual void virtual_hook( int id, void* data ); + +private slots: + void processLockouts(); + +private: + CryptPasswordDialogBase* m_base; + TQByteArray m_password; + + class CryptPasswordDialogPrivate; + CryptPasswordDialogPrivate* d; +}; + +#endif diff --git a/kcontrol/hwmanager/cryptpassworddlgbase.ui b/kcontrol/hwmanager/cryptpassworddlgbase.ui new file mode 100644 index 000000000..7c61187ae --- /dev/null +++ b/kcontrol/hwmanager/cryptpassworddlgbase.ui @@ -0,0 +1,132 @@ +<!DOCTYPE UI><UI version="3.0" stdsetdef="1"> + <class>CryptPasswordDialogBase</class> + <widget class="TQWidget"> + <property name="name"> + <cstring>CryptPasswordDialogBase</cstring> + </property> + <grid> + <property name="name"> + <cstring>unnamed</cstring> + </property> + <widget class="TQLabel" row="0" column="0" colspan="1"> + <property name="name"> + <cstring>passwordIcon</cstring> + </property> + <property name="sizePolicy"> + <sizepolicy> + <hsizetype>4</hsizetype> + <vsizetype>5</vsizetype> + <horstretch>0</horstretch> + <verstretch>0</verstretch> + </sizepolicy> + </property> + </widget> + <widget class="TQLabel" row="0" column="1" colspan="1"> + <property name="name"> + <cstring>passwordPrompt</cstring> + </property> + <property name="text"> + <string></string> + </property> + </widget> + <widget class="TQGroupBox" row="1" column="0" colspan="2"> + <property name="name"> + <cstring>passwordProps</cstring> + </property> + <property name="title"> + <string>Password Source</string> + </property> + <grid> + <property name="name"> + <cstring>unnamed</cstring> + </property> + <widget class="TQButtonGroup" row="0" column="0" colspan="1"> + <property name="name"> + <cstring>enabledBox</cstring> + </property> + <property name="sizePolicy"> + <sizepolicy> + <hsizetype>5</hsizetype> + <vsizetype>5</vsizetype> + <horstretch>0</horstretch> + <verstretch>0</verstretch> + </sizepolicy> + </property> + <property name="frameShape"> + <enum>NoFrame</enum> + </property> + <property name="frameShadow"> + <enum>Plain</enum> + </property> + <property name="title"> + <string></string> + </property> + <property name="exclusive"> + <bool>true</bool> + </property> + <property name="radioButtonExclusive"> + <bool>true</bool> + </property> + <property name="margin"> + <number>0</number> + </property> + <grid> + <property name="name"> + <cstring>unnamed</cstring> + </property> + <property name="margin"> + <number>0</number> + </property> + <widget class="TQRadioButton" row="0" column="0" colspan="1"> + <property name="name"> + <cstring>textPasswordButton</cstring> + </property> + <property name="text"> + <string>Text:</string> + </property> + <property name="checked"> + <bool>true</bool> + </property> + </widget> + <widget class="KPasswordEdit" row="0" column="1" colspan="1"> + <property name="name"> + <cstring>textPasswordEntry</cstring> + </property> + </widget> + <widget class="TQRadioButton" row="1" column="0" colspan="1"> + <property name="name"> + <cstring>filePasswordButton</cstring> + </property> + <property name="text"> + <string>File:</string> + </property> + </widget> + <widget class="KURLRequester" row="1" column="1" colspan="1"> + <property name="name"> + <cstring>filePasswordURL</cstring> + </property> + <property name="filter"> + <cstring>*</cstring> + </property> + <property name="mode"> + <number>17</number> + </property> + </widget> + </grid> + </widget> + </grid> + </widget> + </grid> + </widget> + <includes> + <include location="local" impldecl="in implementation">CryptPasswordDialogBase.ui.h</include> + </includes> + <Q_SLOTS> + <slot>enableSupport_toggled(bool)</slot> + </Q_SLOTS> + <includes> + <include location="local" impldecl="in implementation">kdialog.h</include> + </includes> + <layoutdefaults spacing="3" margin="6"/> + <layoutfunctions spacing="KDialog::spacingHint" margin="KDialog::marginHint"/> +</UI> diff --git a/kcontrol/hwmanager/devicepropsdlg.cpp b/kcontrol/hwmanager/devicepropsdlg.cpp index b14177ca3..7ce36f1b3 100644 --- a/kcontrol/hwmanager/devicepropsdlg.cpp +++ b/kcontrol/hwmanager/devicepropsdlg.cpp @@ -32,14 +32,18 @@ #undef Unsorted // Required for --enable-final (tqdir.h) #include <tqfiledialog.h> +#include <kpassdlg.h> #include <kbuttonbox.h> #include <kcombobox.h> #include <tdelocale.h> #include <tdeapplication.h> #include <klineedit.h> +#include <kpushbutton.h> #include <kstdguiitem.h> #include <tdemessagebox.h> +#include "cryptpassworddlg.h" + #include "devicepropsdlg.h" SensorDisplayLabelsWidget::SensorDisplayLabelsWidget(TQWidget *parent) @@ -255,6 +259,7 @@ DevicePropertiesDialog::DevicePropertiesDialog(TDEGenericDevice* device, TQWidge // Remove all non-applicable tabs if (m_device->type() != TDEGenericDeviceType::Disk) { base->tabBarWidget->removePage(base->tabDisk); + base->tabBarWidget->removePage(base->tabDiskCrypt); } if (m_device->type() != TDEGenericDeviceType::CPU) { base->tabBarWidget->removePage(base->tabCPU); @@ -291,8 +296,21 @@ DevicePropertiesDialog::DevicePropertiesDialog(TDEGenericDevice* device, TQWidge connect(base->comboCPUGovernor, TQT_SIGNAL(activated(const TQString &)), this, TQT_SLOT(setCPUGovernor(const TQString &))); } if (m_device->type() == TDEGenericDeviceType::Disk) { + TDEStorageDevice* sdevice = static_cast<TDEStorageDevice*>(m_device); connect(base->buttonDiskMount, TQT_SIGNAL(clicked()), this, TQT_SLOT(mountDisk())); connect(base->buttonDiskUnmount, TQT_SIGNAL(clicked()), this, TQT_SLOT(unmountDisk())); + if (sdevice->isDiskOfType(TDEDiskDeviceType::LUKS)) { + connect(base->cryptLUKSAddKey, TQT_SIGNAL(clicked()), this, TQT_SLOT(cryptLUKSAddKey())); + connect(base->cryptLUKSDelKey, TQT_SIGNAL(clicked()), this, TQT_SLOT(cryptLUKSDelKey())); + connect(base->cryptLUKSKeySlotList, TQT_SIGNAL(selectionChanged()), this, TQT_SLOT(processLockouts())); + base->cryptLUKSKeySlotList->setAllColumnsShowFocus(true); + base->cryptLUKSKeySlotList->setFullWidth(true); + cryptLUKSPopulateList(); + processLockouts(); + } + else { + base->tabBarWidget->removePage(base->tabDiskCrypt); + } } if ((m_device->type() == TDEGenericDeviceType::OtherSensor) || (m_device->type() == TDEGenericDeviceType::ThermalSensor)) { @@ -860,6 +878,103 @@ void DevicePropertiesDialog::unmountDisk() { populateDeviceInformation(); } +void DevicePropertiesDialog::cryptLUKSAddKey() { + if (m_device->type() == TDEGenericDeviceType::Disk) { + TDEStorageDevice* sdevice = static_cast<TDEStorageDevice*>(m_device); + + TQListViewItem* lvi = base->cryptLUKSKeySlotList->selectedItem(); + if (lvi) { + TQByteArray new_password; + CryptPasswordDialog* passDlg = new CryptPasswordDialog(this, i18n("Enter the new LUKS password for key slot %1").arg(lvi->text(0))); + if (passDlg->exec() == TQDialog::Accepted) { + new_password = passDlg->password(); + delete passDlg; + if (!sdevice->cryptOperationsUnlockPasswordSet()) { + TQCString password; + passDlg = new CryptPasswordDialog(this, i18n("Enter the LUKS device unlock password")); + if (passDlg->exec() == TQDialog::Accepted) { + sdevice->cryptSetOperationsUnlockPassword(passDlg->password()); + } + delete passDlg; + } + if (sdevice->cryptOperationsUnlockPasswordSet()) { + if ((lvi->text(1) == sdevice->cryptKeySlotFriendlyName(TDELUKSKeySlotStatus::Inactive)) || (KMessageBox::warningYesNo(this, i18n("<qt><b>You are about to overwrite the key in key slot %1</b><br>This action cannot be undone<p>Are you sure you want to proceed?</qt>").arg(lvi->text(0)), i18n("Confirmation Required")) == KMessageBox::Yes)) { + if (sdevice->cryptAddKey(lvi->text(0).toUInt(), new_password) != TDELUKSResult::Success) { + sdevice->cryptClearOperationsUnlockPassword(); + KMessageBox::error(this, i18n("<qt><b>Key write failed</b><br>Please check the LUKS password and try again</qt>"), i18n("Key write failure")); + } + } + } + } + else { + delete passDlg; + } + } + } + + cryptLUKSPopulateList(); +} + +void DevicePropertiesDialog::cryptLUKSDelKey() { + if (m_device->type() == TDEGenericDeviceType::Disk) { + TDEStorageDevice* sdevice = static_cast<TDEStorageDevice*>(m_device); + + TQListViewItem* lvi = base->cryptLUKSKeySlotList->selectedItem(); + if (lvi) { + if (KMessageBox::warningYesNo(this, i18n("<qt><b>You are about to purge the key in key slot %1</b><br>This action cannot be undone<p>Are you sure you want to proceed?</qt>").arg(lvi->text(0)), i18n("Confirmation Required")) == KMessageBox::Yes) { + if (sdevice->cryptKeySlotStatus()[lvi->text(0).toUInt()] & TDELUKSKeySlotStatus::Last) { + if (KMessageBox::warningYesNo(this, i18n("<qt><b>You are about to purge the last active key from the device!</b><p>This action will render the contents of the encrypted device permanently inaccessable and cannot be undone<p>Are you sure you want to proceed?</qt>"), i18n("Confirmation Required")) != KMessageBox::Yes) { + cryptLUKSPopulateList(); + return; + } + } + if (sdevice->cryptDelKey(lvi->text(0).toUInt()) != TDELUKSResult::Success) { + sdevice->cryptClearOperationsUnlockPassword(); + KMessageBox::error(this, i18n("<qt><b>Key purge failed</b><br>The key in key slot %1 is still active</qt>").arg(lvi->text(0)), i18n("Key purge failure")); + } + } + } + } + + cryptLUKSPopulateList(); +} + +void DevicePropertiesDialog::cryptLUKSPopulateList() { + unsigned int i; + TDEStorageDevice* sdevice = static_cast<TDEStorageDevice*>(m_device); + + base->cryptLUKSKeySlotList->clear(); + unsigned int count = sdevice->cryptKeySlotCount(); + TDELUKSKeySlotStatusList status = sdevice->cryptKeySlotStatus(); + for (i = 0; i < count; i++) { + new TQListViewItem(base->cryptLUKSKeySlotList, TQString("%1").arg(i), sdevice->cryptKeySlotFriendlyName(status[i])); + } + + processLockouts(); +} + +void DevicePropertiesDialog::processLockouts() { + if (m_device->type() == TDEGenericDeviceType::Disk) { + TDEStorageDevice* sdevice = static_cast<TDEStorageDevice*>(m_device); + + TQListViewItem* lvi = base->cryptLUKSKeySlotList->selectedItem(); + if (lvi) { + if (lvi->text(1) == sdevice->cryptKeySlotFriendlyName(TDELUKSKeySlotStatus::Active)) { + base->cryptLUKSAddKey->setEnabled(true); + base->cryptLUKSDelKey->setEnabled(true); + } + else { + base->cryptLUKSAddKey->setEnabled(true); + base->cryptLUKSDelKey->setEnabled(false); + } + } + else { + base->cryptLUKSAddKey->setEnabled(false); + base->cryptLUKSDelKey->setEnabled(false); + } + } +} + void DevicePropertiesDialog::virtual_hook( int id, void* data ) { KDialogBase::virtual_hook( id, data ); } diff --git a/kcontrol/hwmanager/devicepropsdlg.h b/kcontrol/hwmanager/devicepropsdlg.h index 0b8553c96..e958d39ba 100644 --- a/kcontrol/hwmanager/devicepropsdlg.h +++ b/kcontrol/hwmanager/devicepropsdlg.h @@ -191,10 +191,16 @@ private slots: void mountDisk(); void unmountDisk(); + void cryptLUKSAddKey(); + void cryptLUKSDelKey(); + void cryptLUKSPopulateList(); + void cryptographicCardInserted(); void cryptographicCardRemoved(); void updateCryptographicCardStatusDisplay(); + void processLockouts(); + private: TDEGenericDevice* m_device; DevicePropertiesDialogBase* base; diff --git a/kcontrol/hwmanager/devicepropsdlgbase.ui b/kcontrol/hwmanager/devicepropsdlgbase.ui index 1be078c43..de77d5f91 100644 --- a/kcontrol/hwmanager/devicepropsdlgbase.ui +++ b/kcontrol/hwmanager/devicepropsdlgbase.ui @@ -326,7 +326,7 @@ <property name="name"> <cstring>unnamed</cstring> </property> - <widget class="TQPushButton" row="0" column="0" colspan="1"> + <widget class="KPushButton" row="0" column="0" colspan="1"> <property name="name"> <cstring>buttonDiskMount</cstring> </property> @@ -334,7 +334,7 @@ <string>Mount</string> </property> </widget> - <widget class="TQPushButton" row="0" column="1" colspan="1"> + <widget class="KPushButton" row="0" column="1" colspan="1"> <property name="name"> <cstring>buttonDiskUnmount</cstring> </property> @@ -365,6 +365,95 @@ </widget> <widget class="TQWidget"> <property name="name"> + <cstring>tabDiskCrypt</cstring> + </property> + <attribute name="title"> + <string>LUKS</string> + </attribute> + <grid> + <property name="name"> + <cstring>unnamed</cstring> + </property> + <widget class="TQGroupBox" row="0" column="0"> + <property name="name"> + <cstring>groupLUKSProps</cstring> + </property> + <property name="title"> + <string>LUKS Information</string> + </property> + <grid> + <property name="name"> + <cstring>unnamed</cstring> + </property> + <widget class="TDEListView" row="0" column="0" colspan="2"> + <column> + <property name="text"> + <string>Slot Number</string> + </property> + <property name="clickable"> + <bool>true</bool> + </property> + <property name="resizeable"> + <bool>true</bool> + </property> + </column> + <column> + <property name="text"> + <string>Status</string> + </property> + <property name="clickable"> + <bool>true</bool> + </property> + <property name="resizeable"> + <bool>true</bool> + </property> + </column> + <property name="name"> + <cstring>cryptLUKSKeySlotList</cstring> + </property> + <property name="rootIsDecorated"> + <bool>false</bool> + </property> + </widget> + <widget class="KPushButton" row="1" column="0" colspan="1"> + <property name="name"> + <cstring>cryptLUKSAddKey</cstring> + </property> + <property name="text"> + <string>Install new password into keyslot</string> + </property> + </widget> + <widget class="KPushButton" row="1" column="1" colspan="1"> + <property name="name"> + <cstring>cryptLUKSDelKey</cstring> + </property> + <property name="text"> + <string>Delete existing password from keyslot</string> + </property> + </widget> + </grid> + </widget> + <spacer row="8" column="0"> + <property name="name" stdset="0"> + <cstring>Spacer4</cstring> + </property> + <property name="orientation"> + <enum>Vertical</enum> + </property> + <property name="sizeType"> + <enum>Expanding</enum> + </property> + <property name="sizeHint"> + <size> + <width>20</width> + <height>20</height> + </size> + </property> + </spacer> + </grid> + </widget> + <widget class="TQWidget"> + <property name="name"> <cstring>tabCPU</cstring> </property> <attribute name="title"> |