Commit e1dbb3e5 authored by Christian Kandeler's avatar Christian Kandeler
Browse files

SSH: Add possibility to force unencrypted private key.



Change-Id: I1161ac5b40bc2d32b3a5a825ba907eea310e7691
Reviewed-by: default avatarNikolai Kosjar <nikolai.kosjar@nokia.com>
parent 5873e52a
......@@ -59,9 +59,11 @@ SshKeyGenerator::SshKeyGenerator() : m_type(Rsa)
{
}
bool SshKeyGenerator::generateKeys(KeyType type, PrivateKeyFormat format, int keySize)
bool SshKeyGenerator::generateKeys(KeyType type, PrivateKeyFormat format, int keySize,
EncryptionMode encryptionMode)
{
m_type = type;
m_encryptionMode = encryptionMode;
try {
AutoSeeded_RNG rng;
......@@ -102,21 +104,10 @@ void SshKeyGenerator::generatePkcs8KeyString(const KeyPtr &key, bool privateKey,
pipe.start_msg();
QByteArray *keyData;
if (privateKey) {
QInputDialog d;
d.setInputMode(QInputDialog::TextInput);
d.setTextEchoMode(QLineEdit::Password);
d.setWindowTitle(tr("Password for Private Key"));
d.setLabelText(tr("It is recommended that you secure your private key\n"
"with a password, which you can enter below."));
d.setOkButtonText(tr("Encrypt key file"));
d.setCancelButtonText(tr("Do not encrypt key file"));
int result = QDialog::Accepted;
QString password;
while (result == QDialog::Accepted && password.isEmpty()) {
result = d.exec();
password = d.textValue();
}
if (result == QDialog::Accepted)
if (m_encryptionMode == DoOfferEncryption)
password = getPassword();
if (!password.isEmpty())
PKCS8::encrypt_key(*key, pipe, rng, password.toLocal8Bit().data());
else
PKCS8::encode(*key, pipe);
......@@ -188,4 +179,23 @@ void SshKeyGenerator::generateOpenSslPrivateKeyString(const KeyPtr &key)
m_privateKey = QByteArray(PEM_Code::encode (encoder.get_contents(), label).c_str());
}
QString SshKeyGenerator::getPassword() const
{
QInputDialog d;
d.setInputMode(QInputDialog::TextInput);
d.setTextEchoMode(QLineEdit::Password);
d.setWindowTitle(tr("Password for Private Key"));
d.setLabelText(tr("It is recommended that you secure your private key\n"
"with a password, which you can enter below."));
d.setOkButtonText(tr("Encrypt key file"));
d.setCancelButtonText(tr("Do not encrypt key file"));
int result = QDialog::Accepted;
QString password;
while (result == QDialog::Accepted && password.isEmpty()) {
result = d.exec();
password = d.textValue();
}
return result == QDialog::Accepted ? password : QString();
}
} // namespace Utils
......@@ -51,9 +51,11 @@ class QTCREATOR_UTILS_EXPORT SshKeyGenerator
public:
enum KeyType { Rsa, Dsa };
enum PrivateKeyFormat { Pkcs8, OpenSsl, Mixed };
enum EncryptionMode { DoOfferEncryption, DoNotOfferEncryption }; // Only relevant for Pkcs8 format.
SshKeyGenerator();
bool generateKeys(KeyType type, PrivateKeyFormat format, int keySize);
bool generateKeys(KeyType type, PrivateKeyFormat format, int keySize,
EncryptionMode encryptionMode = DoOfferEncryption);
QString error() const { return m_error; }
QByteArray privateKey() const { return m_privateKey; }
......@@ -69,11 +71,13 @@ private:
void generateOpenSslKeyStrings(const KeyPtr &key);
void generateOpenSslPrivateKeyString(const KeyPtr &key);
void generateOpenSslPublicKeyString(const KeyPtr &key);
QString getPassword() const;
QString m_error;
QByteArray m_publicKey;
QByteArray m_privateKey;
KeyType m_type;
EncryptionMode m_encryptionMode;
};
} // namespace Utils
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment