SSH: Allow creation of encrypted keys.

Change-Id: Id896246ad9f82d37cc7594c80e5bcf9c042149ce
Reviewed-on: http://codereview.qt.nokia.com/2351

Reviewed-by: Christian Kandeler <christian.kandeler@nokia.com>

src/libs/utils/ssh/sshkeygenerator.cpp

@@ -46,6 +46,9 @@
 #include <botan/x509_key.h>
 
 #include <QtCore/QDateTime>
+#include <QtGui/QInputDialog>
+
+#include <string>
 
 namespace Utils {
 
@@ -69,14 +72,14 @@ bool SshKeyGenerator::generateKeys(KeyType type, PrivateKeyFormat format, int ke
             key = KeyPtr(new DSA_PrivateKey(rng, DL_Group(rng, DL_Group::DSA_Kosherizer, keySize)));
         switch (format) {
         case Pkcs8:
-            generatePkcs8KeyStrings(key);
+            generatePkcs8KeyStrings(key, rng);
             break;
         case OpenSsl:
             generateOpenSslKeyStrings(key);
             break;
         case Mixed:
         default:
-            generatePkcs8KeyString(key, true);
+            generatePkcs8KeyString(key, true, rng);
             generateOpenSslPublicKeyString(key);
         }
         return true;
@@ -86,19 +89,37 @@ bool SshKeyGenerator::generateKeys(KeyType type, PrivateKeyFormat format, int ke
     }
 }
 
-void SshKeyGenerator::generatePkcs8KeyStrings(const KeyPtr &key)
+void SshKeyGenerator::generatePkcs8KeyStrings(const KeyPtr &key, Botan::RandomNumberGenerator &rng)
 {
-    generatePkcs8KeyString(key, false);
-    generatePkcs8KeyString(key, true);
+    generatePkcs8KeyString(key, false, rng);
+    generatePkcs8KeyString(key, true, rng);
 }
 
-void SshKeyGenerator::generatePkcs8KeyString(const KeyPtr &key, bool privateKey)
+void SshKeyGenerator::generatePkcs8KeyString(const KeyPtr &key, bool privateKey,
+    Botan::RandomNumberGenerator &rng)
 {
     Pipe pipe;
     pipe.start_msg();
     QByteArray *keyData;
     if (privateKey) {
-        PKCS8::encode(*key, pipe);
+        QInputDialog d;
+        d.setInputMode(QInputDialog::TextInput);
+        d.setTextEchoMode(QLineEdit::Password);
+        d.setWindowTitle(tr("Password for Private Key"));
+        d.setLabelText(tr("It is recommended that you secure your private key\n"
+            "with a password, which you can can enter below."));
+        d.setOkButtonText(tr("Encrypt key file"));
+        d.setCancelButtonText(tr("Do not encrypt key file"));
+        int result = QDialog::Accepted;
+        QString password;
+        while (result == QDialog::Accepted && password.isEmpty()) {
+            result = d.exec();
+            password = d.textValue();
+        }
+        if (result == QDialog::Accepted)
+            PKCS8::encrypt_key(*key, pipe, rng, password.toLocal8Bit().data());
+        else
+            PKCS8::encode(*key, pipe);
         keyData = &m_privateKey;
     } else {
         X509::encode(*key, pipe);

src/libs/utils/ssh/sshkeygenerator.h

@@ -40,6 +40,7 @@
 
 namespace Botan {
     class Private_Key;
+    class RandomNumberGenerator;
 }
 
 namespace Utils {
@@ -62,8 +63,9 @@ public:
 private:
     typedef QSharedPointer<Botan::Private_Key> KeyPtr;
 
-    void generatePkcs8KeyStrings(const KeyPtr &key);
-    void generatePkcs8KeyString(const KeyPtr &key, bool privateKey);
+    void generatePkcs8KeyStrings(const KeyPtr &key, Botan::RandomNumberGenerator &rng);
+    void generatePkcs8KeyString(const KeyPtr &key, bool privateKey,
+        Botan::RandomNumberGenerator &rng);
     void generateOpenSslKeyStrings(const KeyPtr &key);
     void generateOpenSslPrivateKeyString(const KeyPtr &key);
     void generateOpenSslPublicKeyString(const KeyPtr &key);

src/libs/utils/ssh/sshkeypasswordretriever.cpp

@@ -43,7 +43,7 @@ std::string SshKeyPasswordRetriever::get_passphrase(const std::string &, const s
 {
     bool ok;
     const QString &password = QInputDialog::getText(0,
-        QCoreApplication::translate("Utils::Ssh", "Password required"),
+        QCoreApplication::translate("Utils::Ssh", "Password Required"),
         QCoreApplication::translate("Utils::Ssh", "Please enter the password for your private key."),
         QLineEdit::Password, QString(), &ok);
     result = ok ? OK : CANCEL_ACTION;