From c13421c20a66238e1638133aff3da545e40e3118 Mon Sep 17 00:00:00 2001
From: sithlord48 <sithlord48@gmail.com>
Date: Sat, 22 Nov 2025 12:35:41 -0500
Subject: [PATCH] refactor: TlsUtility::generateCertificate() handle all the
 steps internally and make method static

---
 src/lib/gui/MainWindow.cpp             |  6 +++---
 src/lib/gui/MainWindow.h               |  2 --
 src/lib/gui/dialogs/SettingsDialog.cpp |  6 ++----
 src/lib/gui/dialogs/SettingsDialog.h   |  2 --
 src/lib/gui/tls/TlsUtility.cpp         | 23 +++++++++++++++--------
 src/lib/gui/tls/TlsUtility.h           |  4 +---
 6 files changed, 21 insertions(+), 22 deletions(-)

diff --git a/src/lib/gui/MainWindow.cpp b/src/lib/gui/MainWindow.cpp
index 6a7d55e85..473a13f89 100644
--- a/src/lib/gui/MainWindow.cpp
+++ b/src/lib/gui/MainWindow.cpp
@@ -24,6 +24,7 @@
 #include "gui/Messages.h"
 #include "gui/core/CoreProcess.h"
 #include "gui/ipc/DaemonIpcClient.h"
+#include "gui/tls/TlsUtility.h"
 #include "gui/widgets/LogDock.h"
 #include "net/FingerprintDatabase.h"
 
@@ -63,7 +64,6 @@ MainWindow::MainWindow()
       m_coreProcess(m_serverConfig),
       m_serverConnection(this, m_serverConfig),
       m_clientConnection(this),
-      m_tlsUtility(this),
       m_trayIcon{new QSystemTrayIcon(this)},
       m_guiDupeChecker{new QLocalServer(this)},
       m_daemonIpcClient{new ipc::DaemonIpcClient(this)},
@@ -367,7 +367,7 @@ void MainWindow::settingsChanged(const QString &key)
       (key == Settings::Security::TlsEnabled) || (key == Settings::Security::CheckPeers)) {
     if (TlsUtility::isEnabled() && !TlsUtility::isCertValid()) {
       qWarning() << tr("invalid certificate, generating a new one");
-      m_tlsUtility.generateCertificate();
+      TlsUtility::generateCertificate();
     }
     updateSecurityIcon(m_lblSecurityStatus->isVisible());
     return;
@@ -1173,7 +1173,7 @@ QString MainWindow::trustedFingerprintDatabase() const
 bool MainWindow::generateCertificate()
 {
   const auto certificate = Settings::value(Settings::Security::Certificate).toString();
-  if (!QFile::exists(certificate) && !m_tlsUtility.generateCertificate()) {
+  if (!QFile::exists(certificate) && !TlsUtility::generateCertificate()) {
     return false;
   }
 
diff --git a/src/lib/gui/MainWindow.h b/src/lib/gui/MainWindow.h
index 255196d05..1b3701e20 100644
--- a/src/lib/gui/MainWindow.h
+++ b/src/lib/gui/MainWindow.h
@@ -22,7 +22,6 @@
 #include "gui/core/CoreProcess.h"
 #include "gui/core/ServerConnection.h"
 #include "gui/core/WaylandWarnings.h"
-#include "gui/tls/TlsUtility.h"
 #include "net/Fingerprint.h"
 
 #ifdef Q_OS_MACOS
@@ -180,7 +179,6 @@ private:
   deskflow::gui::CoreProcess m_coreProcess;
   deskflow::gui::ServerConnection m_serverConnection;
   deskflow::gui::ClientConnection m_clientConnection;
-  deskflow::gui::TlsUtility m_tlsUtility;
   QSize m_expandedSize = QSize();
   QStringList m_checkedClients;
   QStringList m_checkedServers;
diff --git a/src/lib/gui/dialogs/SettingsDialog.cpp b/src/lib/gui/dialogs/SettingsDialog.cpp
index 82b33ab97..1788569d1 100644
--- a/src/lib/gui/dialogs/SettingsDialog.cpp
+++ b/src/lib/gui/dialogs/SettingsDialog.cpp
@@ -13,7 +13,6 @@
 #include "common/I18N.h"
 #include "common/Settings.h"
 #include "gui/Messages.h"
-#include "gui/tls/TlsCertificate.h"
 #include "gui/tls/TlsUtility.h"
 
 #include <QComboBox>
@@ -27,8 +26,7 @@ SettingsDialog::SettingsDialog(QWidget *parent, const IServerConfig &serverConfi
     : QDialog(parent),
       ui{std::make_unique<Ui::SettingsDialog>()},
       m_serverConfig(serverConfig),
-      m_coreProcess(coreProcess),
-      m_tlsUtility(this)
+      m_coreProcess(coreProcess)
 {
 
   ui->setupUi(this);
@@ -90,7 +88,7 @@ void SettingsDialog::initConnections() const
 
 void SettingsDialog::regenCertificates()
 {
-  if (m_tlsUtility.generateCertificate()) {
+  if (TlsUtility::generateCertificate()) {
     QMessageBox::information(this, tr("TLS Certificate Regenerated"), tr("TLS certificate regenerated successfully."));
     const auto certificate = Settings::value(Settings::Security::Certificate).toString();
     updateKeyLengthOnFile(certificate);
diff --git a/src/lib/gui/dialogs/SettingsDialog.h b/src/lib/gui/dialogs/SettingsDialog.h
index 944110d47..c1495c184 100644
--- a/src/lib/gui/dialogs/SettingsDialog.h
+++ b/src/lib/gui/dialogs/SettingsDialog.h
@@ -11,7 +11,6 @@
 
 #include "gui/config/IServerConfig.h"
 #include "gui/core/CoreProcess.h"
-#include "gui/tls/TlsUtility.h"
 
 namespace Ui {
 class SettingsDialog;
@@ -67,5 +66,4 @@ private:
   std::unique_ptr<Ui::SettingsDialog> ui;
   const IServerConfig &m_serverConfig;
   const CoreProcess &m_coreProcess;
-  deskflow::gui::TlsUtility m_tlsUtility;
 };
diff --git a/src/lib/gui/tls/TlsUtility.cpp b/src/lib/gui/tls/TlsUtility.cpp
index c116cca46..47025d4e3 100644
--- a/src/lib/gui/tls/TlsUtility.cpp
+++ b/src/lib/gui/tls/TlsUtility.cpp
@@ -91,23 +91,30 @@ QByteArray TlsUtility::certFingerprint(const QString &certPath)
   return cert.digest(QCryptographicHash::Sha256);
 }
 
-bool TlsUtility::generateCertificate() const
+bool TlsUtility::generateCertificate()
 {
   qDebug(
       "generating tls certificate, "
       "all clients must trust the new fingerprint"
   );
 
-  auto length = Settings::value(Settings::Security::KeySize).toInt();
+  const auto keyLength = std::max(2048, Settings::value(Settings::Security::KeySize).toInt());
+  const auto certPath = Settings::value(Settings::Security::Certificate).toString();
 
-  if (length < 2048) {
-    length = 2048;
-    qDebug("selected size too small setting certificate size to 2048");
-    Settings::setValue(Settings::Security::KeySize, 2048);
+  QFileInfo info(certPath);
+  if (QDir dir(info.absolutePath()); !dir.exists() && !dir.mkpath(".")) {
+    qCritical("failed to create directory for tls certificate");
+    return false;
   }
 
-  const auto certificate = Settings::value(Settings::Security::Certificate).toString();
-  return m_certificate.generateCertificate(certificate, length);
+  try {
+    deskflow::generatePemSelfSignedCert(certPath.toStdString(), keyLength);
+  } catch (const std::exception &e) {
+    qCritical() << "failed to generate self-signed pem cert: " << e.what();
+    return false;
+  }
+  qDebug("tls certificate generated");
+  return true;
 }
 
 } // namespace deskflow::gui
diff --git a/src/lib/gui/tls/TlsUtility.h b/src/lib/gui/tls/TlsUtility.h
index 2a36425a9..e99df6d8e 100644
--- a/src/lib/gui/tls/TlsUtility.h
+++ b/src/lib/gui/tls/TlsUtility.h
@@ -21,7 +21,7 @@ class TlsUtility : public QObject
 public:
   explicit TlsUtility(QObject *parent = nullptr);
 
-  bool generateCertificate() const;
+  static bool generateCertificate();
 
   /**
    * @brief Checks the settings values Settings::Security::TlsEnabled
@@ -51,8 +51,6 @@ public:
   // clang-format off
   static QByteArray certFingerprint(const QString &certPath = Settings::value(Settings::Security::Certificate).toString());
   // clang-format on
-private:
-  TlsCertificate m_certificate;
 };
 
 } // namespace deskflow::gui