From 2e76fc3949786de678415fdd79056fba6d93b1de Mon Sep 17 00:00:00 2001
From: Raul Metsma <raul@metsma.ee>
Date: Mon, 20 May 2024 08:59:54 +0300
Subject: [PATCH] Load user selected SiVa certificate (#1259)

IB-7885

Signed-off-by: Raul Metsma <raul@metsma.ee>
---
 client/Application.cpp            | 35 +++++++++++++------------------
 client/Settings.cpp               |  4 +++-
 client/Settings.h                 |  2 +-
 client/dialogs/SettingsDialog.cpp |  4 ++--
 4 files changed, 21 insertions(+), 24 deletions(-)

diff --git a/client/Application.cpp b/client/Application.cpp
index fbd42f44..a8b3329e 100644
--- a/client/Application.cpp
+++ b/client/Application.cpp
@@ -161,7 +161,7 @@ class DigidocConf final: public digidoc::XmlConfCurrent
 	std::vector<digidoc::X509Cert> TSCerts() const final
 	{
 		std::vector<digidoc::X509Cert> list = toCerts(QLatin1String("CERT-BUNDLE"));
-		if(digidoc::X509Cert cert = toCert(fromBase64(QVariant(Settings::TSA_CERT))))
+		if(digidoc::X509Cert cert = toCert(fromBase64(Settings::TSA_CERT)))
 			list.push_back(cert);
 		list.emplace_back(); // Make sure that TSA cert pinning is enabled
 		return list;
@@ -169,12 +169,8 @@ class DigidocConf final: public digidoc::XmlConfCurrent
 
 	std::string TSUrl() const final
 	{
-		if(Settings::TSA_URL_CUSTOM)
-			return valueUserScope(Settings::TSA_URL, digidoc::XmlConfCurrent::TSUrl());
-		return valueSystemScope(Settings::TSA_URL.KEY, digidoc::XmlConfCurrent::TSUrl());
+		return valueUserScope(Settings::TSA_URL_CUSTOM, Settings::TSA_URL, digidoc::XmlConfCurrent::TSUrl());
 	}
-	void setTSUrl(const std::string &url) final
-	{ Settings::TSA_URL = url; }
 
 	std::string TSLUrl() const final
 	{ return valueSystemScope(QLatin1String("TSL-URL"), digidoc::XmlConfCurrent::TSLUrl()); }
@@ -186,7 +182,7 @@ class DigidocConf final: public digidoc::XmlConfCurrent
 
 	digidoc::X509Cert verifyServiceCert() const final
 	{
-		QByteArray cert = fromBase64(Application::confValue(Settings::SIVA_CERT.KEY));
+		QByteArray cert = fromBase64(Settings::SIVA_CERT);
 		return cert.isEmpty() ? digidoc::XmlConfCurrent::verifyServiceCert() : toCert(cert);
 	}
 	std::vector<digidoc::X509Cert> verifyServiceCerts() const final
@@ -199,12 +195,8 @@ class DigidocConf final: public digidoc::XmlConfCurrent
 	}
 	std::string verifyServiceUri() const final
 	{
-		if(Settings::SIVA_URL_CUSTOM)
-			return valueUserScope(Settings::SIVA_URL, digidoc::XmlConfCurrent::verifyServiceUri());
-		return valueSystemScope(Settings::SIVA_URL.KEY, digidoc::XmlConfCurrent::verifyServiceUri());
+		return valueUserScope(Settings::SIVA_URL_CUSTOM, Settings::SIVA_URL, digidoc::XmlConfCurrent::verifyServiceUri());
 	}
-	void setVerifyServiceUri(const std::string &url) final
-	{ Settings::SIVA_URL = url; }
 
 	bool TSLAllowExpired() const final
 	{
@@ -239,15 +231,15 @@ class DigidocConf final: public digidoc::XmlConfCurrent
 	template<class T>
 	static std::string valueSystemScope(const T &key, std::string &&defaultValue)
 	{
-		if(const auto &value = Application::confValue(key); value.isString())
+		if(auto value = Application::confValue(key); value.isString())
 			return value.toString().toStdString();
-		return std::forward<std::string>(defaultValue);
+		return std::move(defaultValue);
 	}
 
 	template<typename Option>
-	static std::string valueUserScope(const Option &option, std::string &&defaultValue)
+	static std::string valueUserScope(bool custom, const Option &option, std::string &&defaultValue)
 	{
-		return option.isSet() ? option : valueSystemScope(option.KEY, std::forward<std::string>(defaultValue));
+		return custom && option.isSet() ? option : valueSystemScope(option.KEY, std::move(defaultValue));
 	}
 
 	template<typename System, typename Config, class Option>
@@ -271,7 +263,10 @@ class DigidocConf final: public digidoc::XmlConfCurrent
 	template<class T>
 	static QByteArray fromBase64(const T &data)
 	{
-		return QByteArray::fromBase64(data.toString().toLatin1());
+		if constexpr (std::is_convertible_v<T, QByteArray>)
+			return QByteArray::fromBase64(data);
+		else
+			return QByteArray::fromBase64(data.toString().toLatin1());
 	}
 
 	static digidoc::X509Cert toCert(const QByteArray &der)
@@ -358,7 +353,7 @@ Application::Application( int &argc, char **argv )
 		connect(d->conf, &Configuration::finished, this, [lessThanVersion](bool changed, const QString &){
 			if(changed && lessThanVersion(QLatin1String("QDIGIDOC4-LATEST")))
 			{
-				auto dlg = new WarningDialog(tr(
+				auto *dlg = new WarningDialog(tr(
 					"An ID-software update has been found. To download the update, go to the "
 					"<a href=\"https://www.id.ee/en/article/install-id-software/\">id.ee</a> website. "
 					"macOS users can download the update from the "
@@ -849,8 +844,8 @@ void Application::setConfValue( ConfParameter parameter, const QVariant &value )
 		case ProxyPort: i->setProxyPort( v.isEmpty()? std::string() : v.constData() ); break;
 		case ProxyUser: i->setProxyUser( v.isEmpty()? std::string() : v.constData() ); break;
 		case ProxyPass: i->setProxyPass( v.isEmpty()? std::string() : v.constData() ); break;
-		case TSAUrl: i->setTSUrl(v.isEmpty()? std::string() : v.constData()); break;
-		case SiVaUrl: i->setVerifyServiceUri(v.isEmpty()? std::string() : v.constData()); break;
+		case TSAUrl:
+		case SiVaUrl:
 		case TSLCerts:
 		case TSLUrl:
 		case TSLCache: break;
diff --git a/client/Settings.cpp b/client/Settings.cpp
index 56507da1..3a95ff9b 100644
--- a/client/Settings.cpp
+++ b/client/Settings.cpp
@@ -73,7 +73,9 @@ const QStringList Settings::SMARTID_COUNTRY_LIST {
 	QStringLiteral("LV"),
 };
 
-const Option<QByteArray> Settings::SIVA_CERT { QStringLiteral("SIVA-CERT") };
+const Option<QByteArray, QByteArray (*)()> Settings::SIVA_CERT { QStringLiteral("SIVA-CERT"), [] {
+	return Application::confValue(QLatin1String("SIVA-CERT")).toString().toLatin1();
+}};
 const Option<QString> Settings::SIVA_URL { QStringLiteral("SIVA-URL") };
 const Option<bool, bool (*)()> Settings::SIVA_URL_CUSTOM
 	{ QStringLiteral("SIVA-URL-CUSTOM"), [] { return Settings::SIVA_URL.isSet(); } };
diff --git a/client/Settings.h b/client/Settings.h
index 711b2400..4b85525c 100644
--- a/client/Settings.h
+++ b/client/Settings.h
@@ -126,7 +126,7 @@ struct Settings
 	static const Option<QString> SMARTID_COUNTRY;
 	static const QStringList SMARTID_COUNTRY_LIST;
 
-	static const Option<QByteArray> SIVA_CERT;
+	static const Option<QByteArray, QByteArray (*)()> SIVA_CERT;
 	static const Option<QString> SIVA_URL;
 	static const Option<bool, bool (*)()> SIVA_URL_CUSTOM;
 	static const Option<QByteArray> TSA_CERT;
diff --git a/client/dialogs/SettingsDialog.cpp b/client/dialogs/SettingsDialog.cpp
index 97d417ee..f26a6199 100644
--- a/client/dialogs/SettingsDialog.cpp
+++ b/client/dialogs/SettingsDialog.cpp
@@ -430,7 +430,7 @@ void SettingsDialog::initFunctionality()
 		Settings::TSA_URL_CUSTOM = checked;
 	});
 	connect(ui->txtTimeStamp, &QLineEdit::textChanged, this, [this](const QString &url) {
-		Application::setConfValue(Application::TSAUrl, url);
+		Settings::TSA_URL = url;
 		if(url.isEmpty())
 		{
 			Settings::TSA_CERT.clear();
@@ -487,7 +487,7 @@ void SettingsDialog::initFunctionality()
 		Settings::SIVA_URL_CUSTOM = checked;
 	});
 	connect(ui->txtSiVa, &QLineEdit::textChanged, this, [this](const QString &url) {
-		Application::setConfValue(Application::SiVaUrl, url);
+		Settings::SIVA_URL = url;
 		if(url.isEmpty())
 		{
 			Settings::SIVA_CERT.clear();