[Interest] [Qt-interest] cryptography using qt
Daniel Bowen
qtmailinglist1 at bowensite.com
Wed Nov 9 18:32:25 CET 2011
If you already are using openssl for HTTPS support, there's several
encryption options. Here's a little snippet that shows how to use blowfish
from openssl:
#include <openssl/evp.h>
#include <openssl/err.h>
..
Result EncryptBuffer(
const UINT8* key,
INT32 keyLength,
const QByteArray& originalBuffer,
QByteArray& encryptedBuffer)
{
if(originalBuffer.size() < 1)
{
encryptedBuffer.resize(0);
return OK;
}
if(key == NULL || keyLength < 1)
{
return INVALIDARG;
}
// Blowfish has a 256-bit max key length (which is 32 bytes).
// If the key is bigger than that, just use the first 256 bits.
int keyLengthUsed = qMin(keyLength, 32);
EVP_CIPHER_CTX context;
EVP_CIPHER_CTX_init(&context);
// Use the Blowfish symmetric cipher.
// Initialize w/o the key length so we can set it.
if(!EVP_EncryptInit_ex(&context, EVP_bf_cbc(), NULL, NULL, NULL))
{
return ENCRYPT_FAILURE;
}
// Now set the key length (we don't set the cipher again)
EVP_CIPHER_CTX_set_key_length(&context, keyLengthUsed);
if(!EVP_EncryptInit_ex(&context, NULL, NULL, key, s_iv))
{
return ENCRYPT_FAILURE;
}
// Allow enough space in output buffer for additional block
int bufferLength = originalBuffer.size();
encryptedBuffer.fill(0, bufferLength + EVP_MAX_BLOCK_LENGTH);
int outputLength=0;
unsigned char* output = (unsigned char*)encryptedBuffer.data();
if(!EVP_EncryptUpdate(&context,
output, &outputLength,
(const unsigned char*)originalBuffer.constData(),
bufferLength))
{
return ENCRYPT_FAILURE;
}
// Buffer passed to EVP_EncryptFinal() must be after data just
// encrypted to avoid overwriting it.
int tempLength = 0;
if(!EVP_EncryptFinal_ex(&context, output + outputLength,
&tempLength))
{
return ENCRYPT_FAILURE;
}
outputLength += tempLength;
// .resize should be == or less.
Q_ASSERT(outputLength <= encryptedBuffer.size());
encryptedBuffer.resize(outputLength);
EVP_CIPHER_CTX_cleanup(&context);
return OK;
}
Result DecryptBuffer(
const UINT8* key,
INT32 keyLength,
const QByteArray& encryptedBuffer,
QByteArray& originalBuffer)
{
if(encryptedBuffer.size() < 1)
{
originalBuffer.resize(0);
return OK;
}
if(key == NULL || keyLength < 1)
{
return INVALIDARG;
}
// Blowfish has a 256-bit max key length (which is 32 bytes).
// If the key is bigger than that, just use the first 256 bits.
int keyLengthUsed = qMin(keyLength, 32);
EVP_CIPHER_CTX context;
EVP_CIPHER_CTX_init(&context);
// Use the Blowfish symmetric cipher
// Initialize w/o the key length so we can set it.
if(!EVP_DecryptInit_ex(&context, EVP_bf_cbc(), NULL, NULL, NULL))
{
return DECRYPT_FAILURE;
}
// Initialize w/o the key length so we can set it.
EVP_CIPHER_CTX_set_key_length(&context, keyLengthUsed);
if(!EVP_DecryptInit_ex(&context, NULL, NULL, key, s_iv))
{
return DECRYPT_FAILURE;
}
// Allow enough space in output buffer for additional block
int bufferLength = encryptedBuffer.size();
originalBuffer.fill(0, encryptedBuffer.size() +
EVP_MAX_BLOCK_LENGTH);
int outputLength=0;
unsigned char* output = (unsigned char*)originalBuffer.data();
if(!EVP_DecryptUpdate(&context,
output, &outputLength,
(const unsigned char*)encryptedBuffer.constData(),
bufferLength))
{
return DECRYPT_FAILURE;
}
// Buffer passed to EVP_DecryptFinal_ex() must be after data just
// encrypted to avoid overwriting it.
int tempLength = 0;
if(!EVP_DecryptFinal_ex(&context, output + outputLength,
&tempLength))
{
return DECRYPT_FAILURE;
}
outputLength += tempLength;
// .resize should be == or less.
Q_ASSERT(outputLength <= originalBuffer.size());
originalBuffer.resize(outputLength);
EVP_CIPHER_CTX_cleanup(&context);
return OK;
}
-Daniel
-----Original Message-----
From: qt-interest-bounces+qtmailinglist1=bowensite.com at qt.nokia.com
[mailto:qt-interest-bounces+qtmailinglist1=bowensite.com at qt.nokia.com] On
Behalf Of Riccardo Roasio
Sent: Wednesday, November 09, 2011 10:01 AM
To: karl.ruetz at sototech.com
Cc: qt-interest at qt.nokia.com
Subject: Re: [Qt-interest] cryptography using qt
Ok,
so md5 is a wrong chioice..eheheh
To wncrypt and decrypt there are libreries normally used with qt?
2011/11/9 Karl Ruetz <karl.ruetz at sototech.com>:
> QCrptographicHash supports md5 but I don't think that's what you are
really
> asking for.
> In fact, I'm not sure what you're really asking for since md5 is a hashing
> algorithm not for encryption and decryption.
> As far as I am aware, you would need some third party library to actually
> encrypt and decrypt files.
>
> Karl
>
> On 11/9/2011 10:31 AM, Riccardo Roasio wrote:
>
> Hi,
>
> there are qt classes for crypt/decrypt files using md5 or i need to
> use external libraries?
>
> Thanks,
> Riccardo
> _______________________________________________
> Qt-interest mailing list
> Qt-interest at qt.nokia.com
> http://lists.qt.nokia.com/mailman/listinfo/qt-interest
>
>
>
> _______________________________________________
> Qt-interest mailing list
> Qt-interest at qt.nokia.com
> http://lists.qt.nokia.com/mailman/listinfo/qt-interest
>
>
_______________________________________________
Qt-interest mailing list
Qt-interest at qt.nokia.com
http://lists.qt.nokia.com/mailman/listinfo/qt-interest
More information about the Interest
mailing list