// verify message bool FugaCrypto::verify(string in_name, string in_pubkey, string in_msg, string in_sig) { // pubkey for this name already in database? QCA::PublicKey pubkey; if (isPubkeyOf(in_name)) { pubkey = getPubkeyOf(in_name); } else { pubkey = QCA::PublicKey::fromPEM(QByteArray(in_pubkey.c_str())); savePubkeyOf(in_name, pubkey); } // cout << "in_sig1: " << in_sig << endl; QByteArray signature = QByteArray::fromBase64(QByteArray(in_sig.c_str())); // cout << "in_sig2: " << signature.data() << endl; // verify if (pubkey.verifyMessage(QCA::SecureArray(in_msg.c_str()), signature, QCA::EMSA1_SHA1 ) ) { cout << "IDENTITY VERIFIED" << endl; } else { cout << "FAILED TO VERIFY THE IDENTITY!!!!!!!!!" << "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" << endl; } return true; }
WP::err QCACryptoInterface::generateKeyPair(QString &certificate, QString &publicKey, QString &privateKey, const SecureArray &keyPassword) { if(!QCA::isSupported("pkey") || !QCA::PKey::supportedIOTypes().contains(QCA::PKey::RSA)) { qDebug() << "RSA not supported!\n"; return WP::kError; } QCA::PrivateKey secretKey = QCA::KeyGenerator().createRSA(2048); if(secretKey.isNull()) { qDebug() << "Failed to make private RSA key\n"; return WP::kError; } privateKey = secretKey.toPEM(keyPassword); // public QCA::CertificateOptions opts; QCA::Certificate cert(opts, secretKey); certificate = cert.toPEM(); QCA::PublicKey pubkey = secretKey.toPublicKey(); publicKey = pubkey.toPEM(); return WP::kOk; }
void SpotifyBlobDownloader::ReplyFinished() { QNetworkReply* reply = qobject_cast<QNetworkReply*>(sender()); if (reply->error() != QNetworkReply::NoError) { // Handle network errors ShowError(reply->errorString()); return; } // Is everything finished? foreach (QNetworkReply* reply, replies_) { if (!reply->isFinished()) { return; } } // Read files into memory first. QMap<QString, QByteArray> file_data; QStringList signature_filenames; foreach (QNetworkReply* reply, replies_) { const QString filename = reply->url().path().section('/', -1, -1); if (filename.endsWith(kSignatureSuffix)) { signature_filenames << filename; } file_data[filename] = reply->readAll(); } #ifdef HAVE_QCA // Load the public key QCA::ConvertResult conversion_result; QCA::PublicKey key = QCA::PublicKey::fromPEMFile(":/clementine-spotify-public.pem", &conversion_result); if (QCA::ConvertGood != conversion_result) { ShowError("Failed to load Spotify public key"); return; } // Verify signatures foreach (const QString& signature_filename, signature_filenames) { QString actual_filename = signature_filename; actual_filename.remove(kSignatureSuffix); qLog(Debug) << "Verifying" << actual_filename << "against" << signature_filename; if (!key.verifyMessage(file_data[actual_filename], file_data[signature_filename], QCA::EMSA3_SHA1)) { ShowError("Invalid signature: " + actual_filename); return; } }
bool QCACryptoInterface::verifySignatur(const QByteArray &message, const QByteArray &signature, const QString &publicKeyString) { QCA::PublicKey publicKey; QCA::ConvertResult convRes; publicKey = QCA::PublicKey::fromPEM(publicKeyString, &convRes); if (convRes != QCA::ConvertGood) { std::cout << "Sorry, could not import Public Key" << std::endl; return false; } // to check a signature, we must check that the key is // appropriate if(publicKey.canVerify()) { publicKey.startVerify(QCA::EMSA3_MD5); publicKey.update(message); if (publicKey.validSignature(signature) ) return true; else return false; } return true; }
void QCACryptoInterface::generateKeyPair(const char* certificateFile, const char *publicKeyFile, const char *privateKeyFile, const char *keyPassword) { if(!QCA::isSupported("pkey") || !QCA::PKey::supportedIOTypes().contains(QCA::PKey::RSA)) { qDebug() << "RSA not supported!\n"; return; } QCA::PrivateKey secretKey = QCA::KeyGenerator().createRSA(2048); if(secretKey.isNull()) { qDebug() << "Failed to make private RSA key\n"; return; } secretKey.toPEMFile(privateKeyFile, keyPassword); // public QCA::CertificateOptions opts; QCA::Certificate cert(opts, secretKey); cert.toPEMFile(certificateFile); QCA::PublicKey pubkey = secretKey.toPublicKey(); pubkey.toPEMFile(publicKeyFile); }
void SpotifyBlobDownloader::ReplyFinished() { QNetworkReply* reply = qobject_cast<QNetworkReply*>(sender()); if (reply->error() != QNetworkReply::NoError) { // Handle network errors ShowError(reply->errorString()); return; } // Is everything finished? for (QNetworkReply* reply : replies_) { if (!reply->isFinished()) { return; } } // Read files into memory first. QMap<QString, QByteArray> file_data; QStringList signature_filenames; for (QNetworkReply* reply : replies_) { const QString filename = reply->url().path().section('/', -1, -1); if (filename.endsWith(kSignatureSuffix)) { signature_filenames << filename; } file_data[filename] = reply->readAll(); } #ifdef HAVE_QCA // Load the public key QCA::ConvertResult conversion_result; QCA::PublicKey key = QCA::PublicKey::fromPEMFile( ":/clementine-spotify-public.pem", &conversion_result); if (QCA::ConvertGood != conversion_result) { ShowError("Failed to load Spotify public key"); return; } // Verify signatures for (const QString& signature_filename : signature_filenames) { QString actual_filename = signature_filename; actual_filename.remove(kSignatureSuffix); qLog(Debug) << "Verifying" << actual_filename << "against" << signature_filename; if (!key.verifyMessage(file_data[actual_filename], file_data[signature_filename], QCA::EMSA3_SHA1)) { ShowError("Invalid signature: " + actual_filename); return; } } #endif // HAVE_QCA // Make the destination directory and write the files into it QDir().mkpath(path_); for (const QString& filename : file_data.keys()) { const QString dest_path = path_ + "/" + filename; if (filename.endsWith(kSignatureSuffix)) continue; qLog(Info) << "Writing" << dest_path; QFile file(dest_path); if (!file.open(QIODevice::WriteOnly)) { ShowError("Failed to open " + dest_path + " for writing"); return; } file.write(file_data[filename]); file.close(); file.setPermissions(QFile::Permissions(0x7755)); #ifdef Q_OS_UNIX const int so_pos = filename.lastIndexOf(".so."); if (so_pos != -1) { QString link_path = path_ + "/" + filename.left(so_pos + 3); QStringList version_parts = filename.mid(so_pos + 4).split('.'); while (!version_parts.isEmpty()) { qLog(Debug) << "Linking" << dest_path << "to" << link_path; int ret = symlink(dest_path.toLocal8Bit().constData(), link_path.toLocal8Bit().constData()); if (ret != 0) { qLog(Warning) << "Creating symlink failed with return code" << ret; } link_path += "." + version_parts.takeFirst(); } } #endif // Q_OS_UNIX } EmitFinished(); }