// verify message
bool FugaCrypto::verify(string in_name, string in_pubkey, string in_msg, string in_sig) {
// pubkey for this name already in database?
QCA::PublicKey pubkey;
if (isPubkeyOf(in_name)) {
pubkey = getPubkeyOf(in_name);
} else {
pubkey = QCA::PublicKey::fromPEM(QByteArray(in_pubkey.c_str()));
savePubkeyOf(in_name, pubkey);
}
// cout << "in_sig1: " << in_sig << endl;
QByteArray signature = QByteArray::fromBase64(QByteArray(in_sig.c_str()));
// cout << "in_sig2: " << signature.data() << endl;
// verify
if (pubkey.verifyMessage(QCA::SecureArray(in_msg.c_str()),
signature,
QCA::EMSA1_SHA1
)
) {
cout << "IDENTITY VERIFIED" << endl;
} else {
cout << "FAILED TO VERIFY THE IDENTITY!!!!!!!!!"
<< "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" << endl;
}
return true;
}
WP::err QCACryptoInterface::generateKeyPair(QString &certificate, QString &publicKey,
QString &privateKey,
const SecureArray &keyPassword)
{
if(!QCA::isSupported("pkey") || !QCA::PKey::supportedIOTypes().contains(QCA::PKey::RSA)) {
qDebug() << "RSA not supported!\n";
return WP::kError;
}
QCA::PrivateKey secretKey = QCA::KeyGenerator().createRSA(2048);
if(secretKey.isNull()) {
qDebug() << "Failed to make private RSA key\n";
return WP::kError;
}
privateKey = secretKey.toPEM(keyPassword);
// public
QCA::CertificateOptions opts;
QCA::Certificate cert(opts, secretKey);
certificate = cert.toPEM();
QCA::PublicKey pubkey = secretKey.toPublicKey();
publicKey = pubkey.toPEM();
return WP::kOk;
}
void SpotifyBlobDownloader::ReplyFinished() {
QNetworkReply* reply = qobject_cast<QNetworkReply*>(sender());
if (reply->error() != QNetworkReply::NoError) {
// Handle network errors
ShowError(reply->errorString());
return;
}
// Is everything finished?
foreach (QNetworkReply* reply, replies_) {
if (!reply->isFinished()) {
return;
}
}
// Read files into memory first.
QMap<QString, QByteArray> file_data;
QStringList signature_filenames;
foreach (QNetworkReply* reply, replies_) {
const QString filename = reply->url().path().section('/', -1, -1);
if (filename.endsWith(kSignatureSuffix)) {
signature_filenames << filename;
}
file_data[filename] = reply->readAll();
}
#ifdef HAVE_QCA
// Load the public key
QCA::ConvertResult conversion_result;
QCA::PublicKey key = QCA::PublicKey::fromPEMFile(":/clementine-spotify-public.pem",
&conversion_result);
if (QCA::ConvertGood != conversion_result) {
ShowError("Failed to load Spotify public key");
return;
}
// Verify signatures
foreach (const QString& signature_filename, signature_filenames) {
QString actual_filename = signature_filename;
actual_filename.remove(kSignatureSuffix);
qLog(Debug) << "Verifying" << actual_filename << "against" << signature_filename;
if (!key.verifyMessage(file_data[actual_filename],
file_data[signature_filename],
QCA::EMSA3_SHA1)) {
ShowError("Invalid signature: " + actual_filename);
return;
}
}
bool QCACryptoInterface::verifySignatur(const QByteArray &message, const QByteArray &signature,
const QString &publicKeyString)
{
QCA::PublicKey publicKey;
QCA::ConvertResult convRes;
publicKey = QCA::PublicKey::fromPEM(publicKeyString, &convRes);
if (convRes != QCA::ConvertGood) {
std::cout << "Sorry, could not import Public Key" << std::endl;
return false;
}
// to check a signature, we must check that the key is
// appropriate
if(publicKey.canVerify()) {
publicKey.startVerify(QCA::EMSA3_MD5);
publicKey.update(message);
if (publicKey.validSignature(signature) )
return true;
else
return false;
}
return true;
}
void QCACryptoInterface::generateKeyPair(const char* certificateFile, const char *publicKeyFile, const char *privateKeyFile, const char *keyPassword)
{
if(!QCA::isSupported("pkey") || !QCA::PKey::supportedIOTypes().contains(QCA::PKey::RSA)) {
qDebug() << "RSA not supported!\n";
return;
}
QCA::PrivateKey secretKey = QCA::KeyGenerator().createRSA(2048);
if(secretKey.isNull()) {
qDebug() << "Failed to make private RSA key\n";
return;
}
secretKey.toPEMFile(privateKeyFile, keyPassword);
// public
QCA::CertificateOptions opts;
QCA::Certificate cert(opts, secretKey);
cert.toPEMFile(certificateFile);
QCA::PublicKey pubkey = secretKey.toPublicKey();
pubkey.toPEMFile(publicKeyFile);
}
void SpotifyBlobDownloader::ReplyFinished() {
QNetworkReply* reply = qobject_cast<QNetworkReply*>(sender());
if (reply->error() != QNetworkReply::NoError) {
// Handle network errors
ShowError(reply->errorString());
return;
}
// Is everything finished?
for (QNetworkReply* reply : replies_) {
if (!reply->isFinished()) {
return;
}
}
// Read files into memory first.
QMap<QString, QByteArray> file_data;
QStringList signature_filenames;
for (QNetworkReply* reply : replies_) {
const QString filename = reply->url().path().section('/', -1, -1);
if (filename.endsWith(kSignatureSuffix)) {
signature_filenames << filename;
}
file_data[filename] = reply->readAll();
}
#ifdef HAVE_QCA
// Load the public key
QCA::ConvertResult conversion_result;
QCA::PublicKey key = QCA::PublicKey::fromPEMFile(
":/clementine-spotify-public.pem", &conversion_result);
if (QCA::ConvertGood != conversion_result) {
ShowError("Failed to load Spotify public key");
return;
}
// Verify signatures
for (const QString& signature_filename : signature_filenames) {
QString actual_filename = signature_filename;
actual_filename.remove(kSignatureSuffix);
qLog(Debug) << "Verifying" << actual_filename << "against"
<< signature_filename;
if (!key.verifyMessage(file_data[actual_filename],
file_data[signature_filename], QCA::EMSA3_SHA1)) {
ShowError("Invalid signature: " + actual_filename);
return;
}
}
#endif // HAVE_QCA
// Make the destination directory and write the files into it
QDir().mkpath(path_);
for (const QString& filename : file_data.keys()) {
const QString dest_path = path_ + "/" + filename;
if (filename.endsWith(kSignatureSuffix)) continue;
qLog(Info) << "Writing" << dest_path;
QFile file(dest_path);
if (!file.open(QIODevice::WriteOnly)) {
ShowError("Failed to open " + dest_path + " for writing");
return;
}
file.write(file_data[filename]);
file.close();
file.setPermissions(QFile::Permissions(0x7755));
#ifdef Q_OS_UNIX
const int so_pos = filename.lastIndexOf(".so.");
if (so_pos != -1) {
QString link_path = path_ + "/" + filename.left(so_pos + 3);
QStringList version_parts = filename.mid(so_pos + 4).split('.');
while (!version_parts.isEmpty()) {
qLog(Debug) << "Linking" << dest_path << "to" << link_path;
int ret = symlink(dest_path.toLocal8Bit().constData(),
link_path.toLocal8Bit().constData());
if (ret != 0) {
qLog(Warning) << "Creating symlink failed with return code" << ret;
}
link_path += "." + version_parts.takeFirst();
}
}
#endif // Q_OS_UNIX
}
EmitFinished();
}