Auto reconfiguration of own certificate:
currently:
if kdeconncectd loads its certificate and its expired or not effective yet
it generates a new certificate
previously:
if kdeconncectd loads its certificate and its expired or not effective yet
it continues having the same certificate
This brings forth an issue: Other devices would refuse to connect to a device with
an expired or non-effective certificate.
Auto-delete of orphan certificates:
currently:
Devices in kdeconnectd's devicelist that have illegal ssl certificates
(expired, not effective yet, empty) get automatically deleted from the
devicelist
previously:
they would just exist forever until the user deletes them
A year does not have 356 days:
currently: int a_year_in_seconds = 365 * 24 * 60 * 60;
previously: int a_year_in_seconds = 356 * 24 * 60 * 60;
Use smaller and safer EC keys, replacing 2048 bit RSA.
NID_X9_62_prime256v1 is roughly as secure as a 3072 bit RSA key, but way shorter.
Since we have to embed the key in the identity packet that is sent over UDP and
some stacks aren't happy with large UDP messages (notably: macos), I switched to
EC instead of to a longer RSA key.
This seems to be compatible with other clients even on older systems like Android 5.0.
I did stick with NID_X9_62_prime256v1 because stronger EC like NID_secp384r1 failed
the handshake (I didn't investigate why).
We now store the kind of key in the config, so we can know which kind of key we are loading.
