QString Security::decrypt(QString input)
{
if(input.isEmpty())
{
return input;
}
QCA::Initializer init = QCA::Initializer();
QCA::SymmetricKey key = QCA::SymmetricKey(QCA::SecureArray(ENC_KEY));
QCA::InitializationVector iv = QCA::InitializationVector(QCA::SecureArray(ENC_INIT_VECTOR));
QCA::Cipher cipher = QCA::Cipher(QString("aes128"), QCA::Cipher::CBC,
QCA::Cipher::DefaultPadding, QCA::Encode,
key, iv);
if (!QCA::isSupported("aes128-cbc-pkcs7"))
{
qDebug() << "AES128 CBC PKCS7 not supported - "
"please check if qca-ossl plugin is"
"installed correctly !";
return "";
}
cipher.setup(QCA::Decode, key, iv);
QCA::SecureArray encryptedData = QCA::SecureArray(QCA::hexToArray(input));
QCA::SecureArray decryptedData = cipher.process(encryptedData);
//check if decryption succeded
if (!cipher.ok())
{
return "";
}
return QString(decryptedData.data());
}
QString Security::encrypt(QString input)
{
//This uses QCA to encrypt passwords for FPT/SFTP before saving them with QSettings
//This should probably have more randomness to be completely secure, but it's a bit better than plaintext.
QCA::Initializer init = QCA::Initializer();
QCA::SymmetricKey key = QCA::SymmetricKey(QCA::SecureArray(ENC_KEY));
QCA::InitializationVector iv = QCA::InitializationVector(QCA::SecureArray(ENC_INIT_VECTOR));
QCA::Cipher cipher = QCA::Cipher(QString("aes128"), QCA::Cipher::CBC,
QCA::Cipher::DefaultPadding, QCA::Encode,
key, iv);
//check if aes128 is available
if (!QCA::isSupported("aes128-cbc-pkcs7"))
{
qDebug() << "AES128 CBC PKCS7 not supported - "
"please check if qca-ossl plugin is"
"installed correctly !";
return "";
}
QCA::SecureArray secureData = input.toAscii();
QCA::SecureArray encryptedData = cipher.process(secureData);
//check if encryption succeded
if (!cipher.ok())
{
return "";
}
return QString(qPrintable(QCA::arrayToHex(encryptedData.toByteArray())));
}
/**
* @paragraph This method encrypts a data string and returns a map of the key, hash and vector
* @brief ServerPanel::EncryptEntity
* @param QString sData
* @return QVariantMap
*/
QVariantMap ServerPanel::EncryptEntity(QString sData) {
// Initialize the cryptographer
QCA::Initializer qiInitialization = QCA::Initializer();
// Generate the key
QCA::SymmetricKey qskKey = QCA::SymmetricKey(2048);
// Generate the vector
QCA::InitializationVector qivInitialization = QCA::InitializationVector(2048);
// Create the cipher
QCA::Cipher qcrCipher = QCA::Cipher("aes128", QCA::Cipher::CBC, QCA::Cipher::DefaultPadding, QCA::Encode, qskKey, qivInitialization);
// Make sure AES128 is supported
if (!QCA::isSupported("aes128-cbc-pkcs7")) {
qDebug("AES128 CBC PKCS7 not supported - please check if qca-ossl plugin installed correctly !");
}
// Encrypt the data
QCA::SecureArray qsaHash = qcrCipher.process(QCA::SecureArray(sData.toAscii()));
// Setup the map to resturn
QVariantMap qvmReturn;
// Add the key
qvmReturn.insert("qbaKey", qskKey.toByteArray());
// Add the vector
qvmReturn.insert("qbaVector", qivInitialization.toByteArray());
// Add the hash
qvmReturn.insert("qbaHash", qsaHash.toByteArray());
// Return the map
return qvmReturn;
}
QByteArray MessageContainerEncypted::bytes() {
QByteArray buf = MessageContainerWrapper::bytes();
if(!this->isEncryptionSupported()) {
return buf;
}
//buf.prepend(this->version);
QCA::Cipher* cipher = this->createCipher(QCA::Encode);
//qDebug("MessageContainerEncyptor::bytes: message raw '%s'", qPrintable(QCA::arrayToHex(buf)));
QCA::SecureArray secretText = cipher->process(buf);
//qDebug("MessageContainerEncyptor::bytes: message encryped '%s'", qPrintable(QCA::arrayToHex(secretText.toByteArray())));
return secretText.toByteArray();
}
bool MessageContainerEncypted::isValidFormat(const QByteArray& bytes) {
if(!this->isEncryptionSupported()) {
return MessageContainerWrapper::isValidFormat(bytes);
}
QByteArray myBytes = bytes;
//if (bytes.length() && (byte)bytes[0] == this->version) {
// int len = bytes.length() - 1;
// myBytes = bytes.right(len);
//
//}
QCA::Cipher* cipher = this->createCipher(QCA::Decode);
//qDebug("SteganoCore::decryptData: message raw '%s'", qPrintable(QCA::arrayToHex(buf)));
QCA::SecureArray clearText = cipher->process(myBytes);
//qDebug("SteganoCore::decryptData: message decryped '%s'", qPrintable(QCA::arrayToHex(clearText.toByteArray())));
return MessageContainerWrapper::isValidFormat(clearText.toByteArray());
}
/**
* @paragraph This method decrypts a system encrypted hash
* @brief ServerPanel::DecryptEntity
* @param QByteArray qbaKey
* @param QByteArray qbaVector
* @param QByteArray qbaHash
* @return QString
*/
QVariantMap ServerPanel::DecryptEntity(QByteArray qbaKey, QByteArray qbaVector, QByteArray qbaHash) {
// Initialize the cryptographer
QCA::Initializer qiInitializer = QCA::Initializer();
// Create the cipher
QCA::Cipher qcrCipher = QCA::Cipher("aes128", QCA::Cipher::CBC, QCA::Cipher::DefaultPadding, QCA::Decode, QCA::SymmetricKey(qbaKey), QCA::InitializationVector(qbaVector));
// Decode the hash
QCA::SecureArray qsaPlain = qcrCipher.process(QCA::SecureArray(qbaHash));
// Setup the return map
QVariantMap qvmReturn;
// Check the decryption status
if (qcrCipher.ok()) {
// Set the plain text entity
qvmReturn.insert("sPlainText", QString(qsaPlain.data()));
// Set the decryption status
qvmReturn.insert("bSuccess", true);
} else {
// Set the decryption status
qvmReturn.insert("bSuccess", false);
}
// Return the map
return qvmReturn;
}
QString QgsAuthCrypto::encryptdecrypt( QString passstr,
QString cipheriv,
QString textstr,
bool encrypt )
{
QString outtxt = QString();
if ( QgsAuthCrypto::isDisabled() )
return outtxt;
QCA::InitializationVector iv( QCA::hexToArray( cipheriv ) );
QCA::SymmetricKey key( QCA::SecureArray( QByteArray( passstr.toUtf8().constData() ) ) );
if ( encrypt )
{
QCA::Cipher cipher = QCA::Cipher( CIPHER_TYPE, CIPHER_MODE, CIPHER_PADDING,
QCA::Encode, key, iv,
CIPHER_PROVIDER );
QCA::SecureArray securedata( textstr.toUtf8() );
QCA::SecureArray encrypteddata( cipher.process( securedata ) );
if ( !cipher.ok() )
{
qDebug( "Encryption failed!" );
return outtxt;
}
outtxt = QCA::arrayToHex( encrypteddata.toByteArray() );
// qDebug( "Encrypted hex: %s", qPrintable( outtxt ) );
}
else
{
QCA::Cipher cipher = QCA::Cipher( CIPHER_TYPE, CIPHER_MODE, CIPHER_PADDING,
QCA::Decode, key, iv,
CIPHER_PROVIDER );
QCA::SecureArray ciphertext( QCA::hexToArray( textstr ) );
QCA::SecureArray decrypteddata( cipher.process( ciphertext ) );
if ( !cipher.ok() )
{
qDebug( "Decryption failed!" );
return outtxt;
}
outtxt = QString( decrypteddata.toByteArray() );
// qDebug( "Decrypted text %s", qPrintable( outtxt ) ); // DO NOT LEAVE THIS LINE UNCOMMENTED
}
return outtxt;
}
