Add option to modify SiVa URL and Certificate on settings page

IB-6839

Signed-off-by: Raul Metsma <raul@metsma.ee>

client/Application.cpp

@@ -196,6 +196,17 @@ class DigidocConf: public digidoc::XmlConfCurrent
 	{ SettingsDialog::setValueEx(QStringLiteral("TSA-URL"), QString::fromStdString(url)); }
 
 	std::string TSLUrl() const override { return valueSystemScope(QStringLiteral("TSL-URL"), digidoc::XmlConfCurrent::TSLUrl()); }
+	std::vector<digidoc::X509Cert> TSLCerts() const override
+	{
+		std::vector<digidoc::X509Cert> tslcerts;
+		for(const QJsonValue &val: obj.value(QStringLiteral("TSL-CERTS")).toArray())
+		{
+			QByteArray cert = QByteArray::fromBase64(val.toString().toLatin1());
+			tslcerts.emplace_back((const unsigned char*)cert.constData(), size_t(cert.size()));
+		}
+		return tslcerts.empty() ? digidoc::XmlConfCurrent::TSLCerts() : tslcerts;
+	}
+
 	digidoc::X509Cert verifyServiceCert() const override
 	{
 		QByteArray cert = QByteArray::fromBase64(obj.value(QStringLiteral("SIVA-CERT")).toString().toLatin1());
@@ -214,17 +225,15 @@ class DigidocConf: public digidoc::XmlConfCurrent
 		}
 		return list;
 	}
-	std::string verifyServiceUri() const override { return valueSystemScope(QStringLiteral("SIVA-URL"), digidoc::XmlConfCurrent::verifyServiceUri()); }
-	std::vector<digidoc::X509Cert> TSLCerts() const override
+	std::string verifyServiceUri() const override
 	{
-		std::vector<digidoc::X509Cert> tslcerts;
-		for(const QJsonValue &val: obj.value(QStringLiteral("TSL-CERTS")).toArray())
-		{
-			QByteArray cert = QByteArray::fromBase64(val.toString().toLatin1());
-			tslcerts.emplace_back((const unsigned char*)cert.constData(), size_t(cert.size()));
-		}
-		return tslcerts.empty() ? digidoc::XmlConfCurrent::TSLCerts() : tslcerts;
+		if(s.value(QStringLiteral("SIVA-URL-CUSTOM"), s.contains(QStringLiteral("SIVA-URL"))).toBool())
+			return valueUserScope(QStringLiteral("SIVA-URL"), digidoc::XmlConfCurrent::verifyServiceUri());
+		return valueSystemScope(QStringLiteral("SIVA-URL"), digidoc::XmlConfCurrent::verifyServiceUri());
 	}
+	void setVerifyServiceUri(const std::string &url) override
+	{ SettingsDialog::setValueEx(QStringLiteral("SIVA-URL"), QString::fromStdString(url), QString()); }
+
 	std::string ocsp(const std::string &issuer) const override
 	{
 		QJsonObject ocspissuer = obj.value(QStringLiteral("OCSP-URL-ISSUER")).toObject();
@@ -1046,7 +1055,7 @@ void Application::setConfValue( ConfParameter parameter, const QVariant &value )
 		case PKCS12Disable: i->setPKCS12Disable( value.toBool() ); break;
 		case TSLOnlineDigest: i->setTSLOnlineDigest( value.toBool() ); break;
 		case TSAUrl: i->setTSUrl(v.isEmpty()? std::string() : v.constData()); break;
-		case SiVaUrl:
+		case SiVaUrl: i->setVerifyServiceUri(v.isEmpty()? std::string() : v.constData()); break;
 		case TSLCerts:
 		case TSLUrl:
 		case TSLCache: break;

client/dialogs/SettingsDialog.cpp

@@ -84,6 +84,7 @@ SettingsDialog::SettingsDialog(QWidget *parent)
 	ui->lblMenuSettings->setFont(headerFont);
 	ui->btnMenuGeneral->setFont(condensed12);
 	ui->btnMenuCertificate->setFont(condensed12);
+	ui->btnMenuValidation->setFont(condensed12);
 	ui->btnMenuProxy->setFont(condensed12);
 	ui->btnMenuDiagnostics->setFont(condensed12);
 	ui->btnMenuInfo->setFont(condensed12);
@@ -130,6 +131,16 @@ SettingsDialog::SettingsDialog(QWidget *parent)
 	ui->helpTimeStamp->installEventFilter(new ButtonHoverFilter(QStringLiteral(":/images/icon_Abi.svg"), QStringLiteral(":/images/icon_Abi_hover.svg"), this));
 	ui->helpMID->installEventFilter(new ButtonHoverFilter(QStringLiteral(":/images/icon_Abi.svg"), QStringLiteral(":/images/icon_Abi_hover.svg"), this));
 
+	// pageValidation
+	ui->lblSiVa->setFont(headerFont);
+	ui->lblSiVaCert->setFont(regularFont);
+	ui->txtSiVa->setFont(regularFont);
+	ui->txtSiVaCert->setFont(regularFont);
+	ui->rdSiVaDefault->setFont(regularFont);
+	ui->rdSiVaCustom->setFont(regularFont);
+	ui->btInstallSiVaCert->setFont(condensed12);
+	ui->helpSiVa->installEventFilter(new ButtonHoverFilter(QStringLiteral(":/images/icon_Abi.svg"), QStringLiteral(":/images/icon_Abi_hover.svg"), this));
+
 	// pageProxy
 	ui->rdProxyNone->setFont(regularFont);
 	ui->rdProxySystem->setFont(regularFont);
@@ -147,7 +158,6 @@ SettingsDialog::SettingsDialog(QWidget *parent)
 
 	// pageDiagnostics
 	ui->structureFunds->load(QStringLiteral(":/images/Struktuurifondid.svg"));
-	ui->pageInfoLayout->setAlignment(ui->structureFunds, Qt::AlignCenter);
 	ui->contact->setFont(regularFont);
 	ui->txtDiagnostics->setFont(regularFont);
 
@@ -247,7 +257,8 @@ SettingsDialog::SettingsDialog(QWidget *parent)
 #endif
 
 	ui->pageGroup->setId(ui->btnMenuGeneral, GeneralSettings);
-	ui->pageGroup->setId(ui->btnMenuCertificate, AccessCertSettings);
+	ui->pageGroup->setId(ui->btnMenuCertificate, SigningSettings);
+	ui->pageGroup->setId(ui->btnMenuValidation, ValidationSettings);
 	ui->pageGroup->setId(ui->btnMenuProxy, NetworkSettings);
 	ui->pageGroup->setId(ui->btnMenuDiagnostics, DiagnosticsSettings);
 	ui->pageGroup->setId(ui->btnMenuInfo, LicenseSettings);
@@ -378,7 +389,7 @@ void SettingsDialog::initFunctionality()
 	ui->chkProxyEnableForSSL->setDisabled((s.value(QStringLiteral("ProxyConfig"), 0).toInt() != 2));
 	updateProxy();
 
-	// pageServices
+	// pageServices - Access Cert
 	updateCert();
 	connect(ui->btShowCertificate, &QPushButton::clicked, this, [this] {
 		CertificateDetails::showCertificate(SslCertificate(AccessCert::cert()), this);
@@ -388,7 +399,11 @@ void SettingsDialog::initFunctionality()
 	connect(ui->chkIgnoreAccessCert, &QCheckBox::toggled, this, [](bool checked) {
 		Application::setConfValue(Application::PKCS12Disable, checked);
 	});
+	connect(ui->helpRevocation, &QToolButton::clicked, this, []{
+		QDesktopServices::openUrl(tr("https://www.id.ee/en/article/access-certificate-what-is-it/"));
+	});
 
+	// pageServices - TimeStamp
 	connect(ui->rdTimeStampCustom, &QRadioButton::toggled, ui->txtTimeStamp, [=](bool checked) {
 		ui->txtTimeStamp->setEnabled(checked);
 		setValueEx(QStringLiteral("TSA-URL-CUSTOM"), checked, QSettings().contains(QStringLiteral("TSA-URL")));
@@ -402,6 +417,11 @@ void SettingsDialog::initFunctionality()
 	connect(ui->txtTimeStamp, &QLineEdit::textChanged, this, [](const QString &url) {
 		qApp->setConfValue(Application::TSAUrl, url);
 	});
+	connect(ui->helpTimeStamp, &QToolButton::clicked, this, []{
+		QDesktopServices::openUrl(tr("https://www.id.ee/en/article/for-organisations-that-sign-large-quantities-of-documents-using-digidoc4-client/"));
+	});
+
+	// pageServices - MID
 	connect(ui->rdMIDUUIDCustom, &QRadioButton::toggled, ui->txtMIDUUID, [=](bool checked) {
 		ui->txtMIDUUID->setEnabled(checked);
 		setValueEx(QStringLiteral("MIDUUID-CUSTOM"), checked, QSettings().contains(QStringLiteral("MIDUUID")));
@@ -413,16 +433,45 @@ void SettingsDialog::initFunctionality()
 		setValueEx(QStringLiteral("MIDUUID"), text);
 		setValueEx(QStringLiteral("SIDUUID"), text);
 	});
-	connect(ui->helpRevocation, &QToolButton::clicked, this, []{
-		QDesktopServices::openUrl(tr("https://www.id.ee/en/article/access-certificate-what-is-it/"));
-	});
-	connect(ui->helpTimeStamp, &QToolButton::clicked, this, []{
-		QDesktopServices::openUrl(tr("https://www.id.ee/en/article/for-organisations-that-sign-large-quantities-of-documents-using-digidoc4-client/"));
-	});
 	connect(ui->helpMID, &QToolButton::clicked, this, []{
 		QDesktopServices::openUrl(tr("https://www.id.ee/en/article/for-organisations-that-sign-large-quantities-of-documents-using-digidoc4-client/"));
 	});
 
+	// pageValidation - SiVa
+	connect(ui->rdSiVaCustom, &QRadioButton::toggled, ui->txtSiVa, [=](bool checked) {
+		ui->txtSiVa->setEnabled(checked);
+		setValueEx(QStringLiteral("SIVA-URL-CUSTOM"), checked, QSettings().contains(QStringLiteral("SIVA-URL")));
+	});
+	ui->rdSiVaCustom->setChecked(s.value(QStringLiteral("SIVA-URL-CUSTOM"), s.contains(QStringLiteral("SIVA-URL"))).toBool());
+#ifdef CONFIG_URL
+	ui->txtSiVa->setPlaceholderText(Configuration::instance().object().value(QStringLiteral("SIVA-URL")).toString());
+#endif
+	QString SIVA_URL = s.value(QStringLiteral("SIVA-URL"), qApp->confValue(Application::SiVaUrl)).toString();
+	ui->txtSiVa->setText(ui->txtSiVa->placeholderText() == SIVA_URL ? QString() : SIVA_URL);
+	connect(ui->txtSiVa, &QLineEdit::textChanged, this, [](const QString &url) {
+		qApp->setConfValue(Application::SiVaUrl, url);
+	});
+	connect(ui->helpSiVa, &QToolButton::clicked, this, []{
+		QDesktopServices::openUrl(tr("https://www.id.ee/en/article/configuring-the-siva-validation-service-in-the-digidoc4-client/"));
+	});
+	connect(ui->btInstallSiVaCert, &QPushButton::clicked, this, [this] {
+		QFile file(FileDialog::getOpenFileName(this, tr("Select SiVa server certificate"), {},
+			tr("SiVa server certificates (*.crt *.cer *.pem)") ) );
+		if(!file.open(QFile::ReadOnly))
+			return;
+		QSslCertificate cert(&file, QSsl::Pem);
+		if(cert.isNull())
+		{
+			file.seek(0);
+			cert = QSslCertificate(&file, QSsl::Der);
+		}
+		if(cert.isNull())
+			return;
+		QSettings().setValue(QStringLiteral("SIVA-CERT"), cert.toDer().toBase64());
+		updateSiVaCert(cert);
+	});
+	updateSiVaCert(QSslCertificate(QByteArray::fromBase64(s.value(QStringLiteral("SIVA-CERT")).toByteArray()), QSsl::Der));
+
 	// pageDiagnostics
 	ui->chkLibdigidocppDebug->setChecked(s.value(QStringLiteral("LibdigidocppDebug"), false).toBool());
 	connect(ui->chkLibdigidocppDebug, &QCheckBox::toggled, this, [](bool checked) {
@@ -471,6 +520,23 @@ void SettingsDialog::updateCert()
 	ui->btShowCertificate->setProperty("cert", QVariant::fromValue(c));
 }
 
+void SettingsDialog::updateSiVaCert(const QSslCertificate &c)
+{
+	if(!c.isNull())
+	{
+		ui->txtSiVaCert->setText(
+			tr("Issued to: %1<br />Valid to: %2 %3").arg(
+				CertificateDetails::decodeCN(SslCertificate(c).subjectInfo(QSslCertificate::CommonName)),
+				c.expiryDate().toString(QStringLiteral("dd.MM.yyyy")),
+				!SslCertificate(c).isValid() ? "<font color='red'>(" + tr("expired") + ")</font>" : QString()));
+	}
+	else
+	{
+		ui->txtSiVaCert->setText(QStringLiteral("<b>%1</b>")
+			.arg(tr("Not installed.")));
+	}
+}
+
 void SettingsDialog::selectLanguage()
 {
 	const QList<QAbstractButton*> list = ui->langGroup->buttons();
@@ -607,7 +673,10 @@ void SettingsDialog::useDefaultSettings()
 {
 	AccessCert().remove();
 	updateCert();
+	QSettings().remove(QStringLiteral("SIVA-CERT"));
+	updateSiVaCert(QSslCertificate());
 	ui->rdTimeStampDefault->setChecked(true);
+	ui->rdSiVaDefault->setChecked(true);
 	ui->rdMIDUUIDDefault->setChecked(true);
 }
 
@@ -620,7 +689,7 @@ void SettingsDialog::changePage(QAbstractButton *button)
 {
 	button->setChecked(true);
 	ui->stackedWidget->setCurrentIndex(ui->pageGroup->id(button));
-	ui->btnNavUseByDefault->setVisible(button == ui->btnMenuCertificate);
+	ui->btnNavUseByDefault->setVisible(button == ui->btnMenuCertificate || button == ui->btnMenuValidation);
 	ui->btnFirstRun->setVisible(button == ui->btnMenuGeneral);
 	ui->btnRefreshConfig->setVisible(button == ui->btnMenuGeneral);
 	ui->btnCheckConnection->setVisible(button == ui->btnMenuProxy);

client/dialogs/SettingsDialog.h

@@ -30,6 +30,7 @@ class SettingsDialog;
 }
 
 class QAbstractButton;
+class QSslCertificate;
 
 class SettingsDialog final: public QDialog
 {
@@ -38,7 +39,8 @@ class SettingsDialog final: public QDialog
 public:
 	enum {
 		GeneralSettings,
-		AccessCertSettings,
+		SigningSettings,
+		ValidationSettings,
 		NetworkSettings,
 		DiagnosticsSettings,
 		LicenseSettings
@@ -68,6 +70,7 @@ class SettingsDialog final: public QDialog
 	void selectLanguage();
 	void setProxyEnabled();
 	void updateCert();
+	void updateSiVaCert(const QSslCertificate &c);
 	void updateProxy();
 	void updateVersion();
 	void updateDiagnostics();