[Qt-interest] RSA in QT

Serge mb0 at km.ru
Tue Jan 27 12:54:30 CET 2009 

Hi,

Konrad Rosenbaum wrote:
>> I need to encrypt/decrypt text using RSA method.
> 
> This sounds dangerous. What exactly do you want to achive? What is the 
> purpose of this encryption? What cryptographic protocol do you plan to use?
Why using RSA dangerous?

I want to use QCA example: rsatest.cpp

QCA::PrivateKey seckey = QCA::KeyGenerator().createRSA(2048);
// i'm using 2048 instead of 1024
..
QCA::SecureArray result = pubkey.encrypt(arg, QCA::EME_PKCS1_OAEP);

Encryption is needed for communication with web server while program 
activation using serial number. Program sends some secure data to web 
server and receives some secure data from server. Secure data - some XML 
text. It must be encrypted before transferring over internet. Program 
has only public key, which is used when data sent to server. Server 
knows private key and uses it for decryption. When server sends 
response, it uses another public key for encryption. Program knows 
private key and uses it for decryption.
So there are 2 pairs of keys. One pair is used when data sent to server. 
Another - when data sent to program. Program knows public key of first 
pair and private key of second.

Additionally i'm planning to maintain connection over https protocol.

Currently i'm having these problems:

1. when program receives response from web server, it must have ability 
ONLY to decrypt received data using private key, which is stored in its 
resources. Server response is cached in QSettings. And i need so that 
hacker could not emulate these data using same encryption. It will work, 
if hacker will not know public key. But as i see, it is possible to find 
out RSA public key, if we know private key:

pubkey = seckey.toPublicKey();

How to achieve the goal, when one side in communication can only decrypt 
using RSA, but can't encrypt?

2. On the web server PHP script is working. I'm using OpenSSL module in 
it. It contains these functions for encryption/decryption:

http://php.net/manual/en/function.openssl-seal.php
http://php.net/manual/en/function.openssl-open.php

 >openssl_open() opens (decrypts) sealed_data  using the private key 
 >associated with the key identifier priv_key_id  and the envelope key 
 >env_key , and fills open_data  with the decrypted data. The envelope 
 >key is generated when the data are sealed and can only be used by one 
 >specific private key.

But QCA encrypt method does not use envelope key. How to decrypt in PHP 
data, encrypted by QCA and vice versa?

Best regards,
Serge

More information about the Qt-interest-old mailing list