Commit d0378580 authored by Christian Kandeler's avatar Christian Kandeler
Browse files

SSH: Allow creation of encrypted keys.

Change-Id: Id896246ad9f82d37cc7594c80e5bcf9c042149ce

Reviewed-by: default avatarChristian Kandeler <>
parent 70407c73
......@@ -46,6 +46,9 @@
#include <botan/x509_key.h>
#include <QtCore/QDateTime>
#include <QtGui/QInputDialog>
#include <string>
namespace Utils {
......@@ -69,14 +72,14 @@ bool SshKeyGenerator::generateKeys(KeyType type, PrivateKeyFormat format, int ke
key = KeyPtr(new DSA_PrivateKey(rng, DL_Group(rng, DL_Group::DSA_Kosherizer, keySize)));
switch (format) {
case Pkcs8:
generatePkcs8KeyStrings(key, rng);
case OpenSsl:
case Mixed:
generatePkcs8KeyString(key, true);
generatePkcs8KeyString(key, true, rng);
return true;
......@@ -86,19 +89,37 @@ bool SshKeyGenerator::generateKeys(KeyType type, PrivateKeyFormat format, int ke
void SshKeyGenerator::generatePkcs8KeyStrings(const KeyPtr &key)
void SshKeyGenerator::generatePkcs8KeyStrings(const KeyPtr &key, Botan::RandomNumberGenerator &rng)
generatePkcs8KeyString(key, false);
generatePkcs8KeyString(key, true);
generatePkcs8KeyString(key, false, rng);
generatePkcs8KeyString(key, true, rng);
void SshKeyGenerator::generatePkcs8KeyString(const KeyPtr &key, bool privateKey)
void SshKeyGenerator::generatePkcs8KeyString(const KeyPtr &key, bool privateKey,
Botan::RandomNumberGenerator &rng)
Pipe pipe;
QByteArray *keyData;
if (privateKey) {
PKCS8::encode(*key, pipe);
QInputDialog d;
d.setWindowTitle(tr("Password for Private Key"));
d.setLabelText(tr("It is recommended that you secure your private key\n"
"with a password, which you can can enter below."));
d.setOkButtonText(tr("Encrypt key file"));
d.setCancelButtonText(tr("Do not encrypt key file"));
int result = QDialog::Accepted;
QString password;
while (result == QDialog::Accepted && password.isEmpty()) {
result = d.exec();
password = d.textValue();
if (result == QDialog::Accepted)
PKCS8::encrypt_key(*key, pipe, rng, password.toLocal8Bit().data());
PKCS8::encode(*key, pipe);
keyData = &m_privateKey;
} else {
X509::encode(*key, pipe);
......@@ -40,6 +40,7 @@
namespace Botan {
class Private_Key;
class RandomNumberGenerator;
namespace Utils {
......@@ -62,8 +63,9 @@ public:
typedef QSharedPointer<Botan::Private_Key> KeyPtr;
void generatePkcs8KeyStrings(const KeyPtr &key);
void generatePkcs8KeyString(const KeyPtr &key, bool privateKey);
void generatePkcs8KeyStrings(const KeyPtr &key, Botan::RandomNumberGenerator &rng);
void generatePkcs8KeyString(const KeyPtr &key, bool privateKey,
Botan::RandomNumberGenerator &rng);
void generateOpenSslKeyStrings(const KeyPtr &key);
void generateOpenSslPrivateKeyString(const KeyPtr &key);
void generateOpenSslPublicKeyString(const KeyPtr &key);
......@@ -43,7 +43,7 @@ std::string SshKeyPasswordRetriever::get_passphrase(const std::string &, const s
bool ok;
const QString &password = QInputDialog::getText(0,
QCoreApplication::translate("Utils::Ssh", "Password required"),
QCoreApplication::translate("Utils::Ssh", "Password Required"),
QCoreApplication::translate("Utils::Ssh", "Please enter the password for your private key."),
QLineEdit::Password, QString(), &ok);
result = ok ? OK : CANCEL_ACTION;
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment