From f8a2c45843ecf0b2eee65cc1eb0c37538d2cd8db Mon Sep 17 00:00:00 2001 From: Aaron Rainbolt Date: Sun, 29 Oct 2023 21:35:10 -0500 Subject: [PATCH] Tons more 802.1x security work --- connectionsettingsengine.cpp | 293 ++++++++++++++++++++++++++++++++++- connectionsettingsengine.h | 40 +++++ security802_1xtab.cpp | 14 ++ security802_1xtab.h | 3 + security802_1xtab.ui | 132 +++++++--------- 5 files changed, 402 insertions(+), 80 deletions(-) diff --git a/connectionsettingsengine.cpp b/connectionsettingsengine.cpp index 4f87e0e..e791071 100644 --- a/connectionsettingsengine.cpp +++ b/connectionsettingsengine.cpp @@ -18,6 +18,47 @@ QString ConnectionSettingsEngine::targetConnUuidStr = QString(); * clonedMacAddress: QString * mtu: int * + * All things 802.1x: + * + * 802.1xEnabled: bool + * 802.1xAuthMode: ConnectionSettingsEngine::Security802_1xAuthMode + * 802.1xPasswordStore: ConnectionSettingsEngine::Security802_1xPasswordStoreMode + * MD5: + * 802.1xMd5Username: QString + * 802.1xMd5Password: QString + * TLS: + * 802.1xTlsIdentity: QString + * 802.1xTlsDomain: QString + * 802.1xTlsCaCertificate: QString (file path) + * 802.1xTlsUserCertificate: QString (file path) + * 802.1xTlsUserPrivateKey: QString (file path) + * 802.1xTlsUserKeyPassword: QString + * PWD: + * 802.1xPwdUsername: QString + * 802.1xPwdPassword: QString + * FAST: + * 802.1xFastAnonymousIdentity: QString + * 802.1xFastProvisioningMode: ConnectionSettingsEngine::Security802_1xFastProvisioningMode + * 802.1xFastPacFile: QString + * 802.1xFastAuthMethod: ConnectionSettingsEngine::Security802_1xAuthMethod + * 802.1xFastUsername: QString + * 802.1xFastPassword: QString + * Tunneled TLS: + * 802.1xTtlsAnonymousIdentity: QString + * 802.1xTtlsDomain: QString + * 802.1xTtlsCaCertificate: QString (file path) + * 802.1xTtlsAuthMethod: ConnectionSettingsEngine::Security802_1xAuthMethod + * 802.1xTtlsUsername: QString + * 802.1xTtlePassword: QString + * Protected EAP: + * 802.1xPeapAnonymousIdentity: QString + * 802.1xPeapDomain: QString + * 802.1xPeapCaCertificate: QByteArray (file path) + * 802.1xPeapVersion: ConnectionSettingsEngine::Security802_1xPeapVersion + * 802.1xPeapAuthMethod: ConnectionSettingsEngine::Security802_1xAuthMethod + * 802.1xPeapUsername: QString + * 802.1xPeapPassword: QString + * * For Ethernet devices only: * autoLinkNegotiation: ConnectionSettingsEngine::LinkNegotiation * linkSpeed: ConnectionSettingsEngine::LinkSpeed @@ -33,6 +74,7 @@ QVariantMap ConnectionSettingsEngine::readConnectionSettings(QString connUuidStr // Contains adapted code from plasma-nm NetworkManager::Connection::Ptr conn = NetworkManager::findConnectionByUuid(connUuidStr); NetworkManager::ConnectionSettings::Ptr connSettings = conn->settings(); + NetworkManager::Security8021xSetting::Ptr connSecurity802_1xSetting = connSettings->setting(NetworkManager::Setting::Security8021x).dynamicCast(); NetworkManager::WiredSetting::Ptr connWiredSetting = connSettings->setting(NetworkManager::Setting::Wired).dynamicCast(); NetworkManager::WirelessSetting::Ptr connWirelessSetting = connSettings->setting(NetworkManager::Setting::Wireless).dynamicCast(); QVariantMap result; @@ -41,6 +83,8 @@ QVariantMap ConnectionSettingsEngine::readConnectionSettings(QString connUuidStr result.insert("autoconnectPriority", connSettings->autoconnectPriority()); result.insert("allUsersMayConnect", connSettings->permissions().isEmpty() ? true : false); + qWarning() << connSettings->toMap(); + QStringList secondaryConns = connSettings->secondaries(); NetworkManager::Connection::List list = NetworkManager::listConnections(); @@ -83,6 +127,128 @@ QVariantMap ConnectionSettingsEngine::readConnectionSettings(QString connUuidStr result.insert("device", connSettings->interfaceName()); + if (!connSecurity802_1xSetting.isNull()) { + QList eapMethods = connSecurity802_1xSetting->eapMethods(); + if (eapMethods.length() != 0) { + result.insert("802.1xEnabled", true); + switch (eapMethods[0]) { + case NetworkManager::Security8021xSetting::EapMethodMd5: + result.insert("802.1xAuthMode", ConnectionSettingsEngine::Security802_1xAuthMd5); + result.insert("802.1xMd5Username", connSecurity802_1xSetting->identity()); + result.insert("802.1xMd5Password", connSecurity802_1xSetting->password()); + break; + case NetworkManager::Security8021xSetting::EapMethodTls: + result.insert("802.1xAuthMode", ConnectionSettingsEngine::Security802_1xAuthTls); + result.insert("802.1xTlsIdentity", connSecurity802_1xSetting->identity()); + result.insert("802.1xTlsDomain", connSecurity802_1xSetting->domainSuffixMatch()); + result.insert("802.1xTlsCaCertificate", QString(connSecurity802_1xSetting->caCertificate())); + result.insert("802.1xTlsUserCertificate", QString(connSecurity802_1xSetting->clientCertificate())); + result.insert("802.1xTlsUserPrivateKey", QString(connSecurity802_1xSetting->privateKey())); + result.insert("802.1xTlsUserKeyPassword", connSecurity802_1xSetting->privateKeyPassword()); + break; + case NetworkManager::Security8021xSetting::EapMethodPwd: + result.insert("802.1xAuthMode", ConnectionSettingsEngine::Security802_1xAuthPwd); + result.insert("802.1xPwdUsername", connSecurity802_1xSetting->identity()); + result.insert("802.1xPwdPassword", connSecurity802_1xSetting->password()); + break; + case NetworkManager::Security8021xSetting::EapMethodFast: + result.insert("802.1xAuthMode", ConnectionSettingsEngine::Security802_1xAuthFast); + result.insert("802.1xFastAnonymousIdentity", connSecurity802_1xSetting->anonymousIdentity()); + switch (connSecurity802_1xSetting->phase1FastProvisioning()) { + case NetworkManager::Security8021xSetting::FastProvisioningAllowUnauthenticated: + result.insert("802.1xFastProvisioningMode", ConnectionSettingsEngine::Security802_1xFastProvisioningAnonymous); + break; + case NetworkManager::Security8021xSetting::FastProvisioningAllowAuthenticated: + result.insert("802.1xFastProvisioningMode", ConnectionSettingsEngine::Security802_1xFastProvisioningAuthenticated); + break; + case NetworkManager::Security8021xSetting::FastProvisioningAllowBoth: + result.insert("802.1xFastProvisioningMode", ConnectionSettingsEngine::Security802_1xFastProvisioningBoth); + break; + default: + result.insert("802.1xFastProvisioningMode", ConnectionSettingsEngine::Security802_1xFastProvisioningOff); + break; + } + result.insert("802.1xFastPacFile", connSecurity802_1xSetting->pacFile()); + switch (connSecurity802_1xSetting->phase2AuthMethod()) { + case NetworkManager::Security8021xSetting::AuthMethodGtc: + result.insert("802.1xFastAuthMethod", ConnectionSettingsEngine::Security802_1xAuthMethodGtc); + break; + case NetworkManager::Security8021xSetting::AuthMethodMschapv2: + result.insert("802.1xFastAuthMethod", ConnectionSettingsEngine::Security802_1xAuthMethodMschapv2); + break; + default: + result.insert("802.1xFastAuthMethod", ConnectionSettingsEngine::Security802_1xAuthMethodUnknown); + break; + } + result.insert("802.1xFastUsername", connSecurity802_1xSetting->identity()); + result.insert("802.1xFastPassword", connSecurity802_1xSetting->password()); + break; + case NetworkManager::Security8021xSetting::EapMethodTtls: + result.insert("802.1xAuthMode", ConnectionSettingsEngine::Security802_1xAuthTtls); + result.insert("802.1xTtlsAnonymousIdentity", connSecurity802_1xSetting->anonymousIdentity()); + result.insert("802.1xTtlsDomain", connSecurity802_1xSetting->domainSuffixMatch()); + result.insert("802.1xTtlsCaCertificate", QString(connSecurity802_1xSetting->caCertificate())); + switch (connSecurity802_1xSetting->phase2AuthMethod()) { + case NetworkManager::Security8021xSetting::AuthMethodPap: + result.insert("802.1xTtlsAuthMethod", ConnectionSettingsEngine::Security802_1xAuthMethodPap); + break; + case NetworkManager::Security8021xSetting::AuthMethodChap: + result.insert("802.1xTtlsAuthMethod", ConnectionSettingsEngine::Security802_1xAuthMethodChap); + break; + case NetworkManager::Security8021xSetting::AuthMethodMschap: + result.insert("802.1xTtlsAuthMethod", ConnectionSettingsEngine::Security802_1xAuthMethodMschap); + break; + case NetworkManager::Security8021xSetting::AuthMethodMschapv2: + result.insert("802.1xTtlsAuthMethod", ConnectionSettingsEngine::Security802_1xAuthMethodMschapv2); + break; + default: + ; + } + result.insert("802.1xTtlsUsername", connSecurity802_1xSetting->identity()); + result.insert("802.1xTtlsPassword", connSecurity802_1xSetting->password()); + break; + case NetworkManager::Security8021xSetting::EapMethodPeap: + result.insert("802.1xAuthMode", ConnectionSettingsEngine::Security802_1xAuthPeap); + result.insert("802.1xPeapAnonymousIdentity", connSecurity802_1xSetting->anonymousIdentity()); + result.insert("802.1xPeapDomain", connSecurity802_1xSetting->domainSuffixMatch()); + result.insert("802.1xPeapCaCertificate", QString(connSecurity802_1xSetting->caCertificate())); + switch (connSecurity802_1xSetting->phase1PeapVersion()) { + case NetworkManager::Security8021xSetting::PeapVersionUnknown: + result.insert("802.1xPeapVersion", ConnectionSettingsEngine::Security802_1xPeapVersionUnknown); + break; + case NetworkManager::Security8021xSetting::PeapVersionZero: + result.insert("802.1xPeapVersion", ConnectionSettingsEngine::Security802_1xPeapVersionZero); + break; + case NetworkManager::Security8021xSetting::PeapVersionOne: + result.insert("802.1xPeapVersion", ConnectionSettingsEngine::Security802_1xPeapVersionOne); + break; + } + switch (connSecurity802_1xSetting->phase2AuthMethod()) { + case NetworkManager::Security8021xSetting::AuthMethodMschapv2: + result.insert("802.1xPeapAuthMethod", ConnectionSettingsEngine::Security802_1xAuthMethodMschapv2); + break; + case NetworkManager::Security8021xSetting::AuthMethodMd5: + result.insert("802.1xPeapAuthMethod", ConnectionSettingsEngine::Security802_1xAuthMethodMd5); + break; + case NetworkManager::Security8021xSetting::AuthMethodGtc: + result.insert("802.1xPeapAuthMethod", ConnectionSettingsEngine::Security802_1xAuthMethodGtc); + break; + default: + ; + } + result.insert("802.1xPeapUsername", connSecurity802_1xSetting->identity()); + result.insert("802.1xPeapPassword", connSecurity802_1xSetting->password()); + break; + default: + ; + } + } else { + result.insert("802.1xEnabled", false); + } + } else { + result.insert("802.1xEnabled", false); + } + if (!connWiredSetting.isNull()) { result.insert("clonedMacAddress", NetworkManager::macAddressAsString(connWiredSetting->clonedMacAddress())); result.insert("mtu", connWiredSetting->mtu()); @@ -150,10 +316,12 @@ void ConnectionSettingsEngine::modifyConnectionSettings(QString connUuidStr, QVa { // Contains adapted code from plasma-nm wipeClonedMacAddress = false; + bool ensure802_1xSettings = false; NetworkManager::Connection::Ptr conn = NetworkManager::findConnectionByUuid(connUuidStr); NetworkManager::ConnectionSettings::Ptr connSettings = conn->settings(); NetworkManager::WiredSetting::Ptr connWiredSetting = connSettings->setting(NetworkManager::Setting::Wired).dynamicCast(); NetworkManager::WirelessSetting::Ptr connWirelessSetting = connSettings->setting(NetworkManager::Setting::Wireless).dynamicCast(); + NetworkManager::Security8021xSetting secSetting; if (settings["connName"].isValid()) { connSettings->setId(settings["connName"].toString()); @@ -198,6 +366,124 @@ void ConnectionSettingsEngine::modifyConnectionSettings(QString connUuidStr, QVa connSettings->setInterfaceName(settings["device"].toString()); } + if (settings["802.1xEnabled"].isValid() && settings["802.1xEnabled"].toBool()) { + NetworkManager::Security8021xSetting secSetting; + QList eapMethodsList; + switch (settings["802.1xAuthMode"].toInt()) { + case ConnectionSettingsEngine::Security802_1xAuthMd5: + eapMethodsList.append(NetworkManager::Security8021xSetting::EapMethodMd5); + secSetting.setIdentity(settings["802.1xMd5Username"].toString()); + secSetting.setPassword(settings["802.1xMd5Password"].toString()); + break; + case ConnectionSettingsEngine::Security802_1xAuthTls: + eapMethodsList.append(NetworkManager::Security8021xSetting::EapMethodTls); + secSetting.setIdentity(settings["802.1xTlsIdentity"].toString()); + secSetting.setDomainSuffixMatch(settings["802.1xTlsDomain"].toString()); + secSetting.setCaCertificate(settings["802.1xTlsCaCertificate"].toString().toUtf8().append('\0')); + secSetting.setClientCertificate(settings["802.1xTlsUserCertificate"].toString().toUtf8().append('\0')); + secSetting.setPrivateKey(settings["802.1xTlsUserPrivateKey"].toString().toUtf8().append('\0')); + secSetting.setPrivateKeyPassword(settings["802.1xTlsUserKeyPassword"].toString()); + break; + case ConnectionSettingsEngine::Security802_1xAuthPwd: + eapMethodsList.append(NetworkManager::Security8021xSetting::EapMethodPwd); + secSetting.setIdentity(settings["802.1xPwdUsername"].toString()); + secSetting.setPassword(settings["802.1xPwdPassword"].toString()); + break; + case ConnectionSettingsEngine::Security802_1xAuthFast: + eapMethodsList.append(NetworkManager::Security8021xSetting::EapMethodFast); + secSetting.setAnonymousIdentity(settings["802.1xFastAnonymousIdentity"].toString()); + switch (settings["802.1xFastProvisioningMode"].toInt()) { + case ConnectionSettingsEngine::Security802_1xFastProvisioningAnonymous: + secSetting.setPhase1FastProvisioning(NetworkManager::Security8021xSetting::FastProvisioningAllowUnauthenticated); + break; + case ConnectionSettingsEngine::Security802_1xFastProvisioningAuthenticated: + secSetting.setPhase1FastProvisioning(NetworkManager::Security8021xSetting::FastProvisioningAllowAuthenticated); + break; + case ConnectionSettingsEngine::Security802_1xFastProvisioningBoth: + secSetting.setPhase1FastProvisioning(NetworkManager::Security8021xSetting::FastProvisioningAllowBoth); + break; + default: + secSetting.setPhase1FastProvisioning(NetworkManager::Security8021xSetting::FastProvisioningDisabled); + break; + } + secSetting.setPacFile(settings["802.1xFastPacFile"].toString()); + switch (settings["802.1xFastAuthMethod"].toInt()) { + case ConnectionSettingsEngine::Security802_1xAuthMethodGtc: + secSetting.setPhase2AuthMethod(NetworkManager::Security8021xSetting::AuthMethodGtc); + break; + case ConnectionSettingsEngine::Security802_1xAuthMethodMschapv2: + secSetting.setPhase2AuthMethod(NetworkManager::Security8021xSetting::AuthMethodMschapv2); + break; + default: + secSetting.setPhase2AuthMethod(NetworkManager::Security8021xSetting::AuthMethodUnknown); + break; + } + secSetting.setIdentity(settings["802.1xFastUsername"].toString()); + secSetting.setPassword(settings["802.1xFastPassword"].toString()); + break; + case ConnectionSettingsEngine::Security802_1xAuthTtls: + eapMethodsList.append(NetworkManager::Security8021xSetting::EapMethodTtls); + secSetting.setAnonymousIdentity(settings["802.1xTtlsAnonymousIdentity"].toString()); + secSetting.setDomainSuffixMatch(settings["802.1xTtleAnonymousIdentity"].toString()); + secSetting.setCaCertificate(settings["802.1xTtlsCaCertificate"].toString().toUtf8().append('\0')); + switch (settings["802.1xTtlsAuthMethod"].toInt()) { + case ConnectionSettingsEngine::Security802_1xAuthMethodPap: + secSetting.setPhase2AuthMethod(NetworkManager::Security8021xSetting::AuthMethodPap); + break; + case ConnectionSettingsEngine::Security802_1xAuthMethodChap: + secSetting.setPhase2AuthMethod(NetworkManager::Security8021xSetting::AuthMethodChap); + break; + case ConnectionSettingsEngine::Security802_1xAuthMethodMschap: + secSetting.setPhase2AuthMethod(NetworkManager::Security8021xSetting::AuthMethodMschap); + break; + case ConnectionSettingsEngine::Security802_1xAuthMethodMschapv2: + secSetting.setPhase2AuthMethod(NetworkManager::Security8021xSetting::AuthMethodMschapv2); + break; + default: + ; + } + secSetting.setIdentity(settings["802.1xTtlsUsername"].toString()); + secSetting.setPassword(settings["802.1xTtlsPassword"].toString()); + break; + case ConnectionSettingsEngine::Security802_1xAuthPeap: + eapMethodsList.append(NetworkManager::Security8021xSetting::EapMethodPeap); + secSetting.setAnonymousIdentity(settings["802.1xPeapAnonymousIdentity"].toString()); + secSetting.setDomainSuffixMatch(settings["802.1xPeapAnonymousIdentity"].toString()); + secSetting.setCaCertificate(settings["802.1xPeapCaCertificate"].toString().toUtf8().append('\0')); + switch (settings["802.1xPeapVersion"].toInt()) { + case ConnectionSettingsEngine::Security802_1xPeapVersionUnknown: + secSetting.setPhase1PeapVersion(NetworkManager::Security8021xSetting::PeapVersionUnknown); + break; + case ConnectionSettingsEngine::Security802_1xPeapVersionZero: + secSetting.setPhase1PeapVersion(NetworkManager::Security8021xSetting::PeapVersionZero); + break; + case ConnectionSettingsEngine::Security802_1xPeapVersionOne: + secSetting.setPhase1PeapVersion(NetworkManager::Security8021xSetting::PeapVersionOne); + break; + } + switch (settings["802.1xPeapAuthMethod"].toInt()) { + case ConnectionSettingsEngine::Security802_1xAuthMethodMschapv2: + secSetting.setPhase2AuthMethod(NetworkManager::Security8021xSetting::AuthMethodMschapv2); + break; + case ConnectionSettingsEngine::Security802_1xAuthMethodMd5: + secSetting.setPhase2AuthMethod(NetworkManager::Security8021xSetting::AuthMethodMd5); + break; + case ConnectionSettingsEngine::Security802_1xAuthMethodGtc: + secSetting.setPhase2AuthMethod(NetworkManager::Security8021xSetting::AuthMethodGtc); + break; + default: + ; + } + secSetting.setIdentity(settings["802.1xPeapUsername"].toString()); + secSetting.setPassword(settings["802.1xPeapPassword"].toString()); + break; + } + secSetting.setEapMethods(eapMethodsList); + ensure802_1xSettings = true; + } else { + ensure802_1xSettings = false; + } + QByteArray macBin = NetworkManager::macAddressFromString(settings["clonedMacAddress"].toString()); if (settings["clonedMacAddress"].toString().length() != 17) { wipeClonedMacAddress = true; @@ -275,7 +561,12 @@ void ConnectionSettingsEngine::modifyConnectionSettings(QString connUuidStr, QVa // TODO: pick up here targetConnUuidStr = connUuidStr; - QDBusPendingReply<> reply = conn->update(connSettings->toMap()); + NMVariantMapMap connSettingsMap = connSettings->toMap(); + connSettingsMap.remove("802-1x"); + if (ensure802_1xSettings) { + connSettingsMap.insert("802-1x", secSetting.toMap()); + } + QDBusPendingReply<> reply = conn->update(connSettingsMap); auto watcher = new QDBusPendingCallWatcher(reply); QObject::connect(watcher, &QDBusPendingCallWatcher::finished, saveReplyFinished); } diff --git a/connectionsettingsengine.h b/connectionsettingsengine.h index 48d3ace..0b967ff 100644 --- a/connectionsettingsengine.h +++ b/connectionsettingsengine.h @@ -6,12 +6,14 @@ #include #include #include +#include #include #include #include #include #include #include +#include #include #include #include @@ -49,6 +51,44 @@ public: DuplexFull }; + enum Security802_1xAuthMode { + Security802_1xAuthMd5, + Security802_1xAuthTls, + Security802_1xAuthPwd, + Security802_1xAuthFast, + Security802_1xAuthTtls, + Security802_1xAuthPeap + }; + + enum Security802_1xPasswordStoreMode { + Security802_1xPasswordStoreForAllUsers, + Security802_1xPasswordStoreForOneUser, + Security802_1xPasswordStoreNotSaved + }; + + enum Security802_1xFastProvisioningMode { + Security802_1xFastProvisioningOff, + Security802_1xFastProvisioningAnonymous, + Security802_1xFastProvisioningAuthenticated, + Security802_1xFastProvisioningBoth + }; + + enum Security802_1xAuthMethod { + Security802_1xAuthMethodUnknown, + Security802_1xAuthMethodPap, + Security802_1xAuthMethodChap, + Security802_1xAuthMethodMschap, + Security802_1xAuthMethodMschapv2, + Security802_1xAuthMethodGtc, + Security802_1xAuthMethodMd5 + }; + + enum Security802_1xPeapVersion { + Security802_1xPeapVersionUnknown, + Security802_1xPeapVersionZero, + Security802_1xPeapVersionOne + }; + ConnectionSettingsEngine(); static QVariantMap readConnectionSettings(QString connUuidStr); diff --git a/security802_1xtab.cpp b/security802_1xtab.cpp index 3f2eb45..fd432e3 100644 --- a/security802_1xtab.cpp +++ b/security802_1xtab.cpp @@ -6,9 +6,23 @@ Security802_1xTab::Security802_1xTab(QWidget *parent) : ui(new Ui::Security802_1xTab) { ui->setupUi(this); + connect(ui->enable802_1xCheckBox, &QCheckBox::stateChanged, this, &Security802_1xTab::onEnable802_1xCheckBoxToggled); + onEnable802_1xCheckBoxToggled(Qt::Unchecked); } Security802_1xTab::~Security802_1xTab() { delete ui; } + +void Security802_1xTab::onEnable802_1xCheckBoxToggled(int state) +{ + switch (state) { + case Qt::Checked: + ui->authenticationModeTabs->setEnabled(true); + break; + case Qt::Unchecked: + ui->authenticationModeTabs->setEnabled(false); + break; + } +} diff --git a/security802_1xtab.h b/security802_1xtab.h index 28b4103..5dec9eb 100644 --- a/security802_1xtab.h +++ b/security802_1xtab.h @@ -15,6 +15,9 @@ public: explicit Security802_1xTab(QWidget *parent = nullptr); ~Security802_1xTab(); +private slots: + void onEnable802_1xCheckBoxToggled(int state); + private: Ui::Security802_1xTab *ui; }; diff --git a/security802_1xtab.ui b/security802_1xtab.ui index f2616ee..ca53b62 100644 --- a/security802_1xtab.ui +++ b/security802_1xtab.ui @@ -29,9 +29,9 @@ - + - 0 + 1 @@ -100,82 +100,89 @@ TLS - - - - Show passwords - - - - - - - - + + - CA certificate + User certificate Qt::AlignRight|Qt::AlignTrailing|Qt::AlignVCenter - - + + - Identity + User private key Qt::AlignRight|Qt::AlignTrailing|Qt::AlignVCenter + + + + Qt::Vertical + + + + 20 + 40 + + + + - - - - + - - + + - CA certificate password + CA certificate Qt::AlignRight|Qt::AlignTrailing|Qt::AlignVCenter - - + + - Domain + User key password Qt::AlignRight|Qt::AlignTrailing|Qt::AlignVCenter - - + + - User private key + Identity Qt::AlignRight|Qt::AlignTrailing|Qt::AlignVCenter + + + + Show passwords + + + - + - + - + Open file... @@ -183,33 +190,29 @@ - - - - User certificate - - - Qt::AlignRight|Qt::AlignTrailing|Qt::AlignVCenter - - + + - - + + + + + - User certificate password + Domain Qt::AlignRight|Qt::AlignTrailing|Qt::AlignVCenter - - + + - + - + Open file... @@ -217,22 +220,6 @@ - - - - - - - - - - User key password - - - Qt::AlignRight|Qt::AlignTrailing|Qt::AlignVCenter - - - @@ -247,19 +234,6 @@ - - - - Qt::Vertical - - - - 20 - 40 - - - -