Exemple #1
0
	QByteArray PgpManager::SignPresence (const QByteArray& status)
	{
		QCA::SecureMessageKey msgKey;
		if (PrivateKey_.isNull ())
		{
			warning (QString ("Cannot sign: private key is null"));
			return QByteArray();
		}

		msgKey.setPGPSecretKey (PrivateKey_);
		QCA::OpenPGP pgp;
		QCA::SecureMessage msg (&pgp);
		msg.setFormat (QCA::SecureMessage::Ascii);
		msg.setSigner (msgKey);
		msg.startSign (QCA::SecureMessage::Detached);
		msg.update (status);
		msg.end ();
		msg.waitForFinished ();

		if (msg.success ())
			return msg.signature ();
		else
		{
			info (QString { "Error signing: %1" }
						.arg (msg.errorCode ())
						.arg (msg.diagnosticText ()));
			return QByteArray ();
		}
	}
Exemple #2
0
	bool PgpManager::IsValidSignature (const QCA::PGPKey& pubkey,
			const QByteArray& message, const QByteArray& signature)
	{
		if (pubkey.isNull ())
		{
			warning (QString ("Cannot encrypt: public key is null"));
			return false;
		}

		QCA::OpenPGP pgp;
		QCA::SecureMessageKey key;
		QCA::SecureMessage msg (&pgp);
		key.setPGPPublicKey (pubkey);
		msg.setSigner (key);
		msg.setFormat (QCA::SecureMessage::Binary);
		msg.startVerify (WrapPGP (signature, PGPType::Signature).toUtf8 ());
		msg.update (message);
		msg.end ();
		msg.waitForFinished ();

		if (msg.verifySuccess ())
			return true;
		else
		{
			info (QString ("Invalid signature: %1").arg (msg.errorCode ()));
			return false;
		}
	}
Exemple #3
0
	QByteArray PgpManager::EncryptBody (const QCA::PGPKey& pubkey, const QByteArray& body)
	{
		if (pubkey.isNull ())
		{
			warning ("Cannot encrypt: public key is null");
			throw GPGExceptions::NullPubkey {};
		}

		QCA::SecureMessageKey msgKey;
		msgKey.setPGPPublicKey (pubkey);
		QCA::OpenPGP pgp;
		QCA::SecureMessage msg (&pgp);
		msg.setRecipient (msgKey);
		msg.setFormat (QCA::SecureMessage::Ascii);
		msg.startEncrypt ();
		msg.update (body);
		msg.end ();
		msg.waitForFinished ();

		if (!msg.success ())
		{
			info (QString { "Error encrypting: %1 (%2)." }
						.arg (msg.errorCode ())
						.arg (msg.diagnosticText ()));
			throw GPGExceptions::Encryption { msg.errorCode (), msg.diagnosticText () };
		}

		return msg.read ();
	}
Exemple #4
0
	QByteArray PgpManager::SignMessage (const QByteArray& body)
	{
		QCA::SecureMessageKey msgKey;
		if (PrivateKey_.isNull ())
		{
			warning (QString ("Cannot sign: private key is null"));
			return QByteArray ();
		}

		msgKey.setPGPSecretKey (PrivateKey_);
		QCA::OpenPGP pgp;
		QCA::SecureMessage msg (&pgp);
		msg.setFormat (QCA::SecureMessage::Ascii);
		msg.setSigner (msgKey);
		msg.startSign (QCA::SecureMessage::Detached);
		msg.update (body);
		msg.end ();
		msg.waitForFinished ();

		if (!msg.success ())
		{
			warning (QString { "Error signing: %1 (%2)." }
						.arg (msg.errorCode ())
						.arg (msg.diagnosticText ()));
			return QByteArray ();
		}

		const auto& sig = msg.signature ();
		const auto& arrs = sig.split ('\n');
		auto it = arrs.begin ();
		++it;
		if (it == arrs.end ())
			return sig;

		for (; it != arrs.end (); ++it)
			if (it->isEmpty ())
				break;

		if (++it >= arrs.end ())
			return sig;

		QByteArray result;
		for (; it != arrs.end (); ++it)
		{
			if (it->at (0) == '-')
				break;
			result += *it;
			result += '\n';
		}
		result.chop (1);
		return result;
	}
WP::err QCACryptoInterface::decryptAsymmetric(const QByteArray &input, QByteArray &plain,
                                 const QString &privateKey, const SecureArray &keyPassword,
                                 const QString &certificate)
{
    QCA::PrivateKey privKey;
    QCA::ConvertResult convRes;
    privKey = QCA::PrivateKey::fromPEM(privateKey, keyPassword, &convRes);
    if (convRes != QCA::ConvertGood) {
        std::cout << "Sorry, could not import Private Key" << std::endl;
        return (WP::err)convRes;
    }

    // Read in a matching public key cert
    // you could also build this using the fromPEMFile() method
    QCA::Certificate pubCert = QCA::Certificate::fromPEM(certificate, &convRes);
    if (convRes != QCA::ConvertGood) {
        std::cout << "Sorry, could not import public key certificate" << std::endl;
        return (WP::err)convRes;
    }
    // We are building the certificate into a SecureMessageKey object, via a
    // CertificateChain
    QCA::CertificateChain chain;
    chain += pubCert;

    QCA::SecureMessageKeyList skeys;
    QCA::SecureMessageKey skey;
    skey.setX509CertificateChain(chain);
    skey.setX509PrivateKey(privKey);
    skeys += skey;
    QCA::CMS sms;
    sms.setPrivateKeys(skeys);

    QCA::SecureMessage decryptedMessage(&sms);
    decryptedMessage.startDecrypt();
    decryptedMessage.update(input);
    decryptedMessage.end();
    decryptedMessage.waitForFinished(-1);

    plain = decryptedMessage.read();
    return WP::kOk;
}
WP::err QCACryptoInterface::encyrptAsymmetric(const QByteArray &input, QByteArray &encrypted,
                                 const QString &certificate)
{
    // Read in a matching public key cert
    // you could also build this using the fromPEMFile() method
    QCA::ConvertResult convRes;
    QCA::Certificate pubCert = QCA::Certificate::fromPEM(certificate, &convRes);
    if (convRes != QCA::ConvertGood) {
        std::cout << "Sorry, could not import public key certificate" << std::endl;
        return (WP::err)convRes;
    }
    // We are building the certificate into a SecureMessageKey object, via a
    // CertificateChain
    QCA::SecureMessageKey secMsgKey;
    QCA::CertificateChain chain;
    chain += pubCert;
    secMsgKey.setX509CertificateChain(chain);

    // build up a SecureMessage object, based on our public key certificate
    QCA::CMS cms;
    QCA::SecureMessage msg(&cms);
    msg.setRecipient(secMsgKey);

    // Now use the SecureMessage object to encrypt the plain text.
    msg.startEncrypt();
    msg.update(input);
    msg.end();
    // I think it is reasonable to wait for 1 second for this
    msg.waitForFinished(1000);

    // check to see if it worked
    if(!msg.success()) {
        std::cout << "Error encrypting: " << msg.errorCode() << std::endl;
        return (WP::err)msg.errorCode();
    }

    // get the result
    encrypted = msg.read();
    return WP::kOk;
}
Exemple #7
0
int main(int argc, char** argv)
{
    // the Initializer object sets things up, and
    // also does cleanup when it goes out of scope
    QCA::Initializer init;

    QCoreApplication app(argc, argv);

    // We need to ensure that we have certificate handling support
    if ( !QCA::isSupported( "cert" ) ) {
	std::cout << "Sorry, no PKI certificate support" << std::endl;
    	return 1;
    }

    // Read in a private key
    QCA::PrivateKey privKey;
    QCA::ConvertResult convRes;
    QCA::SecureArray passPhrase = "start";
    privKey = QCA::PrivateKey::fromPEMFile( "Userkey.pem", passPhrase, &convRes );
    if ( convRes != QCA::ConvertGood ) {
	std::cout << "Sorry, could not import Private Key" << std::endl;
	return 1;
    }

    // Read in a matching public key cert
    // you could also build this using the fromPEMFile() method
    QCA::Certificate pubCert( "User.pem" );
    if ( pubCert.isNull() ) {
	std::cout << "Sorry, could not import public key certificate" << std::endl;
	return 1;
    }
    // We are building the certificate into a SecureMessageKey object, via a
    // CertificateChain
    QCA::SecureMessageKey secMsgKey;
    QCA::CertificateChain chain;
    chain += pubCert;
    secMsgKey.setX509CertificateChain( chain );

    // build up a SecureMessage object, based on our public key certificate
    QCA::CMS cms;
    QCA::SecureMessage msg(&cms);
    msg.setRecipient(secMsgKey);

    // Some plain text - we use the first command line argument if provided
    QByteArray plainText = (argc >= 2) ? argv[1] : "What do ya want for nuthin'";

    // Now use the SecureMessage object to encrypt the plain text.
    msg.startEncrypt();
    msg.update(plainText);
    msg.end();
    // I think it is reasonable to wait for 1 second for this
    msg.waitForFinished(1000);

    // check to see if it worked
    if(!msg.success())
    {
	std::cout << "Error encrypting: " << msg.errorCode() << std::endl;
	return 1;
    }

    // get the result
    QCA::SecureArray cipherText = msg.read();
    QCA::Base64 enc;
    std::cout << plainText.data() << " encrypts to (in base 64): ";
    std::cout << qPrintable( enc.arrayToString( cipherText ) ) << std::endl;

    // Show we can decrypt it with the private key
    if ( !privKey.canDecrypt() ) {
	std::cout << "Private key cannot be used to decrypt" << std::endl;
	return 1;
    }
    QCA::SecureArray plainTextResult;
    if ( 0 == privKey.decrypt(cipherText, &plainTextResult, QCA::EME_PKCS1_OAEP ) ) {
	std::cout << "Decryption process failed" << std::endl;
	return 1;
    }

    std::cout << qPrintable( enc.arrayToString( cipherText ) );
    std::cout << " (in base 64) decrypts to: ";
    std::cout << plainTextResult.data() << std::endl;

    return 0;
}