Exemple #1
0
// verify message
bool FugaCrypto::verify(string in_name, string in_pubkey, string in_msg, string in_sig) {

    // pubkey for this name already in database?
    QCA::PublicKey pubkey;
    if (isPubkeyOf(in_name)) {
        pubkey = getPubkeyOf(in_name);
    } else {
        pubkey = QCA::PublicKey::fromPEM(QByteArray(in_pubkey.c_str()));
        savePubkeyOf(in_name, pubkey);
    }

   // cout << "in_sig1: " << in_sig << endl;
    QByteArray signature = QByteArray::fromBase64(QByteArray(in_sig.c_str()));
   // cout << "in_sig2: " << signature.data() << endl;

    // verify
    if (pubkey.verifyMessage(QCA::SecureArray(in_msg.c_str()),
                                signature,
                                QCA::EMSA1_SHA1
                                )
    ) {
        cout << "IDENTITY VERIFIED" << endl;
    } else {
        cout << "FAILED TO VERIFY THE IDENTITY!!!!!!!!!"
             << "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" << endl;
    }
    return true;
}
WP::err QCACryptoInterface::generateKeyPair(QString &certificate, QString &publicKey,
                                     QString &privateKey,
                                     const SecureArray &keyPassword)
{
    if(!QCA::isSupported("pkey") || !QCA::PKey::supportedIOTypes().contains(QCA::PKey::RSA)) {
        qDebug() << "RSA not supported!\n";
        return WP::kError;
    }

    QCA::PrivateKey secretKey = QCA::KeyGenerator().createRSA(2048);
    if(secretKey.isNull()) {
        qDebug() << "Failed to make private RSA key\n";
        return WP::kError;
    }

    privateKey = secretKey.toPEM(keyPassword);

    // public
    QCA::CertificateOptions opts;
    QCA::Certificate cert(opts, secretKey);

    certificate = cert.toPEM();

    QCA::PublicKey pubkey = secretKey.toPublicKey();
    publicKey = pubkey.toPEM();

    return WP::kOk;
}
void SpotifyBlobDownloader::ReplyFinished() {
  QNetworkReply* reply = qobject_cast<QNetworkReply*>(sender());
  if (reply->error() != QNetworkReply::NoError) {
    // Handle network errors
    ShowError(reply->errorString());
    return;
  }

  // Is everything finished?
  foreach (QNetworkReply* reply, replies_) {
    if (!reply->isFinished()) {
      return;
    }
  }

  // Read files into memory first.
  QMap<QString, QByteArray> file_data;
  QStringList signature_filenames;

  foreach (QNetworkReply* reply, replies_) {
    const QString filename = reply->url().path().section('/', -1, -1);

    if (filename.endsWith(kSignatureSuffix)) {
      signature_filenames << filename;
    }

    file_data[filename] = reply->readAll();
  }

#ifdef HAVE_QCA
  // Load the public key
  QCA::ConvertResult conversion_result;
  QCA::PublicKey key = QCA::PublicKey::fromPEMFile(":/clementine-spotify-public.pem",
                                                   &conversion_result);
  if (QCA::ConvertGood != conversion_result) {
    ShowError("Failed to load Spotify public key");
    return;
  }

  // Verify signatures
  foreach (const QString& signature_filename, signature_filenames) {
    QString actual_filename = signature_filename;
    actual_filename.remove(kSignatureSuffix);

    qLog(Debug) << "Verifying" << actual_filename << "against" << signature_filename;

    if (!key.verifyMessage(file_data[actual_filename],
                           file_data[signature_filename],
                           QCA::EMSA3_SHA1)) {
      ShowError("Invalid signature: " + actual_filename);
      return;
    }
  }
bool QCACryptoInterface::verifySignatur(const QByteArray &message, const QByteArray &signature,
                                     const QString &publicKeyString)
{
    QCA::PublicKey publicKey;
    QCA::ConvertResult convRes;
    publicKey = QCA::PublicKey::fromPEM(publicKeyString, &convRes);
    if (convRes != QCA::ConvertGood) {
        std::cout << "Sorry, could not import Public Key" << std::endl;
        return false;
    }
    // to check a signature, we must check that the key is
    // appropriate
    if(publicKey.canVerify()) {
        publicKey.startVerify(QCA::EMSA3_MD5);
        publicKey.update(message);
        if (publicKey.validSignature(signature) )
            return true;
        else
            return false;
    }
    return true;
}
void QCACryptoInterface::generateKeyPair(const char* certificateFile, const char *publicKeyFile, const char *privateKeyFile, const char *keyPassword)
{
    if(!QCA::isSupported("pkey") || !QCA::PKey::supportedIOTypes().contains(QCA::PKey::RSA)) {
        qDebug() << "RSA not supported!\n";
        return;
    }

    QCA::PrivateKey secretKey = QCA::KeyGenerator().createRSA(2048);
    if(secretKey.isNull()) {
        qDebug() << "Failed to make private RSA key\n";
        return;
    }

    secretKey.toPEMFile(privateKeyFile, keyPassword);

    // public
    QCA::CertificateOptions opts;
    QCA::Certificate cert(opts, secretKey);

    cert.toPEMFile(certificateFile);

    QCA::PublicKey pubkey = secretKey.toPublicKey();
    pubkey.toPEMFile(publicKeyFile);
}
void SpotifyBlobDownloader::ReplyFinished() {
  QNetworkReply* reply = qobject_cast<QNetworkReply*>(sender());
  if (reply->error() != QNetworkReply::NoError) {
    // Handle network errors
    ShowError(reply->errorString());
    return;
  }

  // Is everything finished?
  for (QNetworkReply* reply : replies_) {
    if (!reply->isFinished()) {
      return;
    }
  }

  // Read files into memory first.
  QMap<QString, QByteArray> file_data;
  QStringList signature_filenames;

  for (QNetworkReply* reply : replies_) {
    const QString filename = reply->url().path().section('/', -1, -1);

    if (filename.endsWith(kSignatureSuffix)) {
      signature_filenames << filename;
    }

    file_data[filename] = reply->readAll();
  }

#ifdef HAVE_QCA
  // Load the public key
  QCA::ConvertResult conversion_result;
  QCA::PublicKey key = QCA::PublicKey::fromPEMFile(
      ":/clementine-spotify-public.pem", &conversion_result);
  if (QCA::ConvertGood != conversion_result) {
    ShowError("Failed to load Spotify public key");
    return;
  }

  // Verify signatures
  for (const QString& signature_filename : signature_filenames) {
    QString actual_filename = signature_filename;
    actual_filename.remove(kSignatureSuffix);

    qLog(Debug) << "Verifying" << actual_filename << "against"
                << signature_filename;

    if (!key.verifyMessage(file_data[actual_filename],
                           file_data[signature_filename], QCA::EMSA3_SHA1)) {
      ShowError("Invalid signature: " + actual_filename);
      return;
    }
  }
#endif  // HAVE_QCA

  // Make the destination directory and write the files into it
  QDir().mkpath(path_);

  for (const QString& filename : file_data.keys()) {
    const QString dest_path = path_ + "/" + filename;

    if (filename.endsWith(kSignatureSuffix)) continue;

    qLog(Info) << "Writing" << dest_path;

    QFile file(dest_path);
    if (!file.open(QIODevice::WriteOnly)) {
      ShowError("Failed to open " + dest_path + " for writing");
      return;
    }

    file.write(file_data[filename]);
    file.close();
    file.setPermissions(QFile::Permissions(0x7755));

#ifdef Q_OS_UNIX
    const int so_pos = filename.lastIndexOf(".so.");
    if (so_pos != -1) {
      QString link_path = path_ + "/" + filename.left(so_pos + 3);
      QStringList version_parts = filename.mid(so_pos + 4).split('.');

      while (!version_parts.isEmpty()) {
        qLog(Debug) << "Linking" << dest_path << "to" << link_path;
        int ret = symlink(dest_path.toLocal8Bit().constData(),
                          link_path.toLocal8Bit().constData());

        if (ret != 0) {
          qLog(Warning) << "Creating symlink failed with return code" << ret;
        }

        link_path += "." + version_parts.takeFirst();
      }
    }
#endif  // Q_OS_UNIX
  }

  EmitFinished();
}