--- a/ui/createcertlistdialog.cpp	Wed Apr 23 15:33:42 2014 +0000
+++ b/ui/createcertlistdialog.cpp	Wed Apr 23 15:34:53 2014 +0000
@@ -30,7 +30,11 @@
     setWindowTitle(tr("Save certificate list"));
     setupGUI();
     resize(500, 200);
-    mCertFile->setText(mAdminWindow->settings()->value("LastCert", QString()).toString());
+    mKeyFile->setText(mAdminWindow->settings()->value("LastKey", QString()).toString());
+    mSaveDir->setText(mAdminWindow->settings()->value("LastOutputDir", QString()).toString());
+    if (!mKeyFile->text().isEmpty()) {
+        loadKeyFile(mKeyFile->text());
+    }
 }
 
 void CreateCertListDialog::setupGUI()
@@ -58,15 +62,15 @@
     headerLayout->addWidget(headerSeparator);
     headerLayout->insertSpacing(3, 10);
 
-    QLabel *certLabel = new QLabel("Select signature certificate (secret key):");
+    QLabel *certLabel = new QLabel("Select signing key:");
     QLabel *saveLabel = new QLabel("Select output folder:");
     labelLayout->addWidget(certLabel);
     labelLayout->addWidget(saveLabel);
 
-    mCertFile = new QLineEdit();
-    mSaveFile = new QLineEdit();
-    fieldLayout->addWidget(mCertFile);
-    fieldLayout->addWidget(mSaveFile);
+    mKeyFile = new QLineEdit();
+    mSaveDir = new QLineEdit();
+    fieldLayout->addWidget(mKeyFile);
+    fieldLayout->addWidget(mSaveDir);
 
     QPushButton *certSelect = new QPushButton("...");
     certSelect->setFixedWidth(30);
@@ -117,15 +121,8 @@
     QMessageBox::warning(this, tr("Error!"), msg);
 }
 
-void CreateCertListDialog::openCertificateSelect()
+void CreateCertListDialog::loadKeyFile(const QString& fileName)
 {
-    QString certFile = QFileDialog::getOpenFileName(
-        this, tr("Select certificate"), mCertFile->text().isEmpty() ?
-        QDir::homePath() : mCertFile->text(), "*.pem");
-    mCertFile->setText(certFile);
-
-    mAdminWindow->settings()->setValue("LastCert", certFile);
-
     if (mPk != NULL) {
         pk_free(mPk);
         delete mPk;
@@ -134,29 +131,118 @@
 
     mPk = new pk_context;
     pk_init(mPk);
-    int ret = pk_parse_keyfile(mPk, mCertFile->text().toLocal8Bit().constData(), "");
+    int ret = pk_parse_keyfile(mPk, mKeyFile->text().toLocal8Bit().constData(), "");
 
     if (ret != 0) {
         showErrorMessage(tr("Failed to load certificate: %1")
                 .arg(getPolarSSLErrorMsg(ret)));
+        pk_free(mPk);
+        delete mPk;
+        mPk = NULL;
         return;
     }
+
+    /* Check that it is a 3072 bit RSA key as specified */
+    if (!mPk->pk_info || pk_get_size(mPk) != 3072 ||
+            mPk->pk_info->type != POLARSSL_PK_RSA) {
+        showErrorMessage(tr("Only 3072 bit RSA keys are supported by the current format."));
+        pk_free(mPk);
+        delete mPk;
+        mPk = NULL;
+        return;
+    }
+}
+
+void CreateCertListDialog::openCertificateSelect()
+{
+    QString keyFile = QFileDialog::getOpenFileName(
+        this, tr("Select certificate"), mKeyFile->text().isEmpty() ?
+        QDir::homePath() : mKeyFile->text(), "*.pem");
+    mKeyFile->setText(keyFile);
+
+    mAdminWindow->settings()->setValue("LastKey", keyFile);
+    loadKeyFile(keyFile);
+
+    return;
 }
 
 void CreateCertListDialog::openSaveLocation()
 {
-    QString saveFile = QFileDialog::getExistingDirectory(
-        this, tr("Select target location"), QDir::homePath());
-    mSaveFile->setText(saveFile);
+    QString saveDir = QFileDialog::getExistingDirectory(
+        this, tr("Select target location"),
+        mSaveDir->text().isEmpty() ? QDir::homePath() : mSaveDir->text());
+    mAdminWindow->settings()->setValue("LastOutputDir", saveDir);
+    mSaveDir->setText(saveDir);
+}
+
+CreateCertListDialog::~CreateCertListDialog()
+{
+    if (mPk) {
+        pk_free(mPk);
+        delete mPk;
+        mPk = NULL;
+    }
 }
 
 void CreateCertListDialog::createList()
 {
-    //entropy_context mEntropy;
-    //ctr_drbg_context mCtr_drbg;
+    if (!mPk) {
+        showErrorMessage(tr("Please select a valid rsa key."));
+    }
+    if (mSaveDir->text().isEmpty()) {
+        showErrorMessage(tr("Please select an output location first."));
+    }
 
-    qDebug() << "and now create the certificate list using:";
-    qDebug() << "certificate: " << mCertFile->text();
-    qDebug() << "target" << mSaveFile->text();
-    // TODO
+    QDateTime currentDateTimeUtc = QDateTime::currentDateTimeUtc();
+
+    /* Build up the list data */
+    QByteArray listData("F:1\r\n");
+    listData.append(currentDateTimeUtc.toString(Qt::ISODate) + "\r\n");
+
+    foreach (const Certificate& cert, mAdminWindow->certificates()) {
+        listData.append(QString::fromLatin1("D:") + cert.base64Line() + "\r\n");
+    }
+
+    QByteArray signature = rsaSignSHA256Hash(sha256sum(listData), mPk);
+    listData.prepend("\r\n");
+    listData.prepend(signature.toBase64());
+    listData.prepend("S:");
+
+    QString fileName = QString::fromLatin1("certificates-")
+            .append(currentDateTimeUtc.toString(("yyyyMMddHHmmss")))
+            .append(".txt");
+
+    QString filePath = mSaveDir->text().append("/").append(fileName);
+
+    QFile outputFile(filePath);
+
+    if (!outputFile.open(QIODevice::WriteOnly)) {
+        showErrorMessage(tr("Failed to open output file %1").arg(filePath));
+        return;
+    }
+
+    if (outputFile.write(listData) != listData.size()) {
+        showErrorMessage(tr("Failed to write certificate list."));
+        return;
+    }
+
+    /* Archive the list */
+    QDir archiveDir(QStandardPaths::writableLocation(QStandardPaths::DataLocation));
+    if (!archiveDir.mkpath(archiveDir.path())) {
+        showErrorMessage(tr("Failed to create archive location."));
+        return;
+    }
+
+    if (!outputFile.copy(archiveDir.filePath(fileName))) {
+        showErrorMessage(tr("Failed Archive a copy."));
+        return;
+    }
+
+    if (!outputFile.copy(archiveDir.filePath("current_certificates.txt"))) {
+        showErrorMessage(tr("Failed to write current_certificates file."));
+        return;
+    }
+
+    QMessageBox::information(this, "", tr("Saved certificate list:\n%1").arg(fileName));
+    close();
 }