[Interest] [Qt-interest] cryptography using qt

Daniel Bowen qtmailinglist1 at bowensite.com
Wed Nov 9 18:32:25 CET 2011 

If you already are using openssl for HTTPS support, there's several
encryption options.  Here's a little snippet that shows how to use blowfish
from openssl:

#include <openssl/evp.h>
#include <openssl/err.h>

..

Result EncryptBuffer(
	const UINT8* key,
	INT32 keyLength,
	const QByteArray& originalBuffer,
	QByteArray& encryptedBuffer)
{
	if(originalBuffer.size() < 1)
	{
		encryptedBuffer.resize(0);
		return OK;
	}
	if(key == NULL || keyLength < 1)
	{
		return INVALIDARG;
	}

	// Blowfish has a 256-bit max key length (which is 32 bytes).
	// If the key is bigger than that, just use the first 256 bits.
	int keyLengthUsed = qMin(keyLength, 32);

	EVP_CIPHER_CTX context;
	EVP_CIPHER_CTX_init(&context);
	// Use the Blowfish symmetric cipher.
	// Initialize w/o the key length so we can set it.
	if(!EVP_EncryptInit_ex(&context, EVP_bf_cbc(), NULL, NULL, NULL))
	{
		return ENCRYPT_FAILURE;
	}
	// Now set the key length (we don't set the cipher again)
	EVP_CIPHER_CTX_set_key_length(&context, keyLengthUsed);
	if(!EVP_EncryptInit_ex(&context, NULL, NULL, key, s_iv))
	{
		return ENCRYPT_FAILURE;
	}


	// Allow enough space in output buffer for additional block
	int bufferLength = originalBuffer.size();
	encryptedBuffer.fill(0, bufferLength + EVP_MAX_BLOCK_LENGTH);

	int outputLength=0;
	unsigned char* output = (unsigned char*)encryptedBuffer.data();
	if(!EVP_EncryptUpdate(&context,
		output, &outputLength,
		(const unsigned char*)originalBuffer.constData(),
bufferLength))
	{
		return ENCRYPT_FAILURE;
	}

	// Buffer passed to EVP_EncryptFinal() must be after data just
	// encrypted to avoid overwriting it.
	int tempLength = 0;
	if(!EVP_EncryptFinal_ex(&context, output + outputLength,
&tempLength))
	{
		return ENCRYPT_FAILURE;
	}
	outputLength += tempLength;
	// .resize should be == or less.
	Q_ASSERT(outputLength <= encryptedBuffer.size());
	encryptedBuffer.resize(outputLength);

	EVP_CIPHER_CTX_cleanup(&context);

	return OK;
}

Result DecryptBuffer(
	const UINT8* key,
	INT32 keyLength,
	const QByteArray& encryptedBuffer,
	QByteArray& originalBuffer)
{
	if(encryptedBuffer.size() < 1)
	{
		originalBuffer.resize(0);
		return OK;
	}
	if(key == NULL || keyLength < 1)
	{
		return INVALIDARG;
	}

	// Blowfish has a 256-bit max key length (which is 32 bytes).
	// If the key is bigger than that, just use the first 256 bits.
	int keyLengthUsed = qMin(keyLength, 32);

	EVP_CIPHER_CTX context;
	EVP_CIPHER_CTX_init(&context);
	// Use the Blowfish symmetric cipher
	// Initialize w/o the key length so we can set it.
	if(!EVP_DecryptInit_ex(&context, EVP_bf_cbc(), NULL, NULL, NULL))
	{
		return DECRYPT_FAILURE;
	}
	// Initialize w/o the key length so we can set it.
	EVP_CIPHER_CTX_set_key_length(&context, keyLengthUsed);
	if(!EVP_DecryptInit_ex(&context, NULL, NULL, key, s_iv))
	{
		return DECRYPT_FAILURE;
	}


	// Allow enough space in output buffer for additional block
	int bufferLength = encryptedBuffer.size();
	originalBuffer.fill(0, encryptedBuffer.size() +
EVP_MAX_BLOCK_LENGTH);

	int outputLength=0;
	unsigned char* output = (unsigned char*)originalBuffer.data();
	if(!EVP_DecryptUpdate(&context,
		output, &outputLength,
		(const unsigned char*)encryptedBuffer.constData(),
bufferLength))
	{
		return DECRYPT_FAILURE;
	}

	// Buffer passed to EVP_DecryptFinal_ex() must be after data just
	// encrypted to avoid overwriting it.
	int tempLength = 0;
	if(!EVP_DecryptFinal_ex(&context, output + outputLength,
&tempLength))
	{
		return DECRYPT_FAILURE;
	}
	outputLength += tempLength;
	// .resize should be == or less.
	Q_ASSERT(outputLength <= originalBuffer.size());
	originalBuffer.resize(outputLength);

	EVP_CIPHER_CTX_cleanup(&context);

	return OK;
}


-Daniel

-----Original Message-----
From: qt-interest-bounces+qtmailinglist1=bowensite.com at qt.nokia.com
[mailto:qt-interest-bounces+qtmailinglist1=bowensite.com at qt.nokia.com] On
Behalf Of Riccardo Roasio
Sent: Wednesday, November 09, 2011 10:01 AM
To: karl.ruetz at sototech.com
Cc: qt-interest at qt.nokia.com
Subject: Re: [Qt-interest] cryptography using qt

Ok,

so md5 is a wrong chioice..eheheh

To wncrypt and decrypt there are libreries normally used with qt?

2011/11/9 Karl Ruetz <karl.ruetz at sototech.com>:
> QCrptographicHash supports md5 but I don't think that's what you are
really
> asking for.
> In fact, I'm not sure what you're really asking for since md5 is a hashing
> algorithm not for encryption and decryption.
> As far as I am aware, you would need some third party library to actually
> encrypt and decrypt files.
>
> Karl
>
> On 11/9/2011 10:31 AM, Riccardo Roasio wrote:
>
> Hi,
>
> there are qt classes for crypt/decrypt files using md5 or i need to
> use external libraries?
>
> Thanks,
> Riccardo
> _______________________________________________
> Qt-interest mailing list
> Qt-interest at qt.nokia.com
> http://lists.qt.nokia.com/mailman/listinfo/qt-interest
>
>
>
> _______________________________________________
> Qt-interest mailing list
> Qt-interest at qt.nokia.com
> http://lists.qt.nokia.com/mailman/listinfo/qt-interest
>
>
_______________________________________________
Qt-interest mailing list
Qt-interest at qt.nokia.com
http://lists.qt.nokia.com/mailman/listinfo/qt-interest

More information about the Interest mailing list