[Qt-interest] QCA big string encryption

Jason H scorp1us at yahoo.com
Sun Apr 24 23:48:54 CEST 2011 

If you are encrypting and sending, then why not just use SSL?
Really, you only need to use your own crypto for storing on disk.





----- Original Message ----
From: Nicholas Shatokhin <n.shatokhin at gmail.com>
To: Jeroen De Wachter <jeroen.dewachter at elis.ugent.be>
Cc: qt-interest at qt.nokia.com
Sent: Sun, April 24, 2011 5:24:45 PM
Subject: Re: [Qt-interest] QCA big string encryption

I need to encrypt JSON string that contains fingerprint data in Base64 and  
a Public Key in Base 64 too.

Is it safe to encrypt and send a symmetric key? Someone can get access to  
the application and try to get the key and send data to the server on  
behalf of the application.

Mon, 25 Apr 2011 00:14:20 +0300 було написано Jeroen De Wachter  
<jeroen.dewachter at elis.ugent.be>:

> Hey Nicholas,
>
> Have you seen the maximumEncryptSize function in PublicKey?
> Your string might simply be too big...
>
>http://delta.affinix.com/docs/qca/classQCA_1_1PublicKey.html#175b61ba787f95146b5971295120f8b8
>8
>
> Also, AFAIK asymmetric encryption algorithms are usually used on small
> amounts of data because of their intense CPU load. IIRC, they are
> typically used to encrypt the key of a symmetric encryption algorithm,
> which is usually easier on the CPU (and thus faster for processing
> copious amounts of data). Can you tell us why you would need to process
> such a large string?
>
> Kind regards,
>
> Jeroen
>
> On Sun, 2011-04-24 at 22:15 +0300, Nicholas Shatokhin wrote:
>> I'm sorry, but I must finish it in few hours and I don't know how.
>>
>> Sun, 24 Apr 2011 22:06:22 +0300 було написано Jason H  
>> <scorp1us at yahoo.com>:
>>
>> > Generally you need an IV (Initialization vector) this then is fed to  
>> the
>> > routines with the keys. The IV is an important random number so that  
>> if
>> > you can
>> > encrypt the same message with the same keys multiple times and not get
>> > the same
>> > encrypted message (thus ruling out a dictionary attack)
>> >
>> > Anyway, there are two types of cyphers, block and stream. With block
>> > cyphers,
>> > you work a block at a time. The last block will usually be incomplete,
>> > and there
>> > is some final[ize[() method for handling this special block. Normally,
>> > the
>> > enc/decrypt functions in QCA will give you all complete blocks,  
>> leaving
>> > you to
>> > call finalize().
>> >
>> > QCA does have convince functions that will do it all without you  
>> having
>> > to call
>> > finalize(), HOWEVER this should only be used for messages of known,  
>> short
>> > lengths. The non-convenience functions are designed to be used in a
>> > streaming
>> > manner, which is better for memory and scalability.
>> >
>> >
>> >
>> > HTH, but AFAIAC, this is a QCA question, not a Qt question.
>> >
>> >
>> >
>> >
>> > ----- Original Message ----
>> > From: Nicholas Shatokhin <n.shatokhin at gmail.com>
>> > To: qt-interest at qt.nokia.com; Jason H <scorp1us at yahoo.com>
>> > Sent: Sun, April 24, 2011 2:52:53 PM
>> > Subject: Re: [Qt-interest] QCA big string encryption
>> >
>> > What do you mean?
>> >
>> > There is my code below. What must I add? (I use 1024bit rsa key and
>> > message
>> > truncate to 1024bit)
>> >
>> >
>> > bool CCryptor::generateKeys(int size)
>> > {
>> >     if(init())
>> >     {
>> >         QCA::PrivateKey seckey = QCA::KeyGenerator().createRSA(size);
>> >
>> >         if(seckey.isNull())
>> >         {
>> >             std::cout << "Failed to make private RSA key" <<  
>> std::endl;
>> >             return false;
>> >         }
>> >
>> >         QCA::PublicKey pubkey = seckey.toPublicKey();
>> >
>> >         privateKey = seckey;
>> >         publicKey = pubkey;
>> >
>> >         return true;
>> >     }
>> >     else
>> >         return false;
>> > }
>> >
>> > QByteArray CCryptor::dataEnrypt(QByteArray data)
>> > {
>> >     // check if the key can encrypt
>> >     if(!publicKey.canEncrypt())
>> >     {
>> >         std::cout << "Error: this kind of key cannot encrypt" <<
>> > std::endl;
>> >         return QByteArray();
>> >     }
>> >
>> >     QCA::SecureArray arg = data;
>> >
>> >     // encrypt some data - note that only the public key is required
>> >     // you must also choose the algorithm to be used
>> >     QCA::SecureArray result = publicKey.encrypt(arg,
>> > QCA::EME_PKCS1_OAEP);
>> >
>> >     if(result.isEmpty()) {
>> >         std::cout << "Error encrypting" << std::endl;
>> >         return QByteArray();
>> >     }
>> >
>> >     return result.toByteArray();
>> > }
>> >
>> > QByteArray CCryptor::dataDecrypt(QByteArray data)
>> > {
>> >     QCA::SecureArray encrypt = data;
>> >     QCA::SecureArray decrypt;
>> >     if(0 == privateKey.decrypt(encrypt, &decrypt,  
>> QCA::EME_PKCS1_OAEP))
>> >     {
>> >         std::cout << "Error decrypting.\n";
>> >         return QByteArray();
>> >     }
>> >
>> >     return decrypt.data();
>> > }
>> >
>> >
>> >
>> > Sun, 24 Apr 2011 21:31:38 +0300 було написано Jason H
>> > <scorp1us at yahoo.com>:
>> >
>> >> It's beena  while since I used QCA, but do you need to finalize() it
>> >> for the
>> >> last block?
>> >>
>> >>
>> >>
>> >>
>> >> ----- Original Message ----
>> >> From: Nicholas Shatokhin <n.shatokhin at gmail.com>
>> >> To: qt-interest at qt.nokia.com
>> >> Sent: Sun, April 24, 2011 1:12:41 PM
>> >> Subject: [Qt-interest] QCA big string encryption
>> >>
>> >> Hello.
>> >>
>> >> I'm trying to encrypt end decrypt long string. But after decryption,  
>> I
>> >> get
>> >> only part of string. What's wrong?
>> >>
>> >> Code:
>> >>
>> >>      QCA::SecureArray arg = data;
>> >>      qDebug() << arg.toByteArray();
>> >>      QCA::SecureArray result = publicKey.encrypt(arg,
>> >> QCA::EME_PKCS1_OAEP);
>> >>      privateKey.decrypt(result, &arg, QCA::EME_PKCS1_OAEP);
>> >>      qDebug() << arg.toByteArray();
>> >>
>> >> Output:
>> >>
>> >> "{"method": 1, "data": {"email": "dfgh", "usePassword": "false",
>> >> "password": "", "useFingerprint": false, "fingerprint": "",  
>> "publicKey":
>> >>  
>>"LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUlHZk1BMEdDU3FHU0liM0RRRUJBUVVBQTRHTkFEQ0JpUUtCZ1FDN05UNjd6R1pHajZpbDc5K3ErOWo5K2s5cApnVHJJOGxRVlFoQkxuVWxBNFArS01selBEOU9aOEk0UXRWNEdjT0ZOYWFyTjByZFlacllKaVF2VjBUQkdSSnRWCnNEOTVsZzNPMHFzVHBuSVdrYW5rUTVFUmdiTDlqQ0grb0taNFBrUEd0OW9MVjhCOGphNjFRazdhLytBVUZ1UUQKeDBMUGZvUyt5VkVoYXNjM0x3SURBUUFCCi0tLS0tRU5EIFBVQkxJQyBLRVktLS0tLQo="}
>>}
>> >> }
>> >> }"
>> >>
>> >> "{"method": 1, "data": {"email": "dfgh", "usePassword": "false",
>> >> "password": "", "useFi"
>> >>
>> >>
>> >> Best regards,
>> >> Nick.
>> >>
>> >
>> >
>> > --За використання революційного клієнта електронної пошти Opera:
>> > http://www.opera.com/mail/
>> >
>>
>>
>
>
>
>
>


-- 
За використання революційного клієнта електронної пошти Opera:  
http://www.opera.com/mail/
_______________________________________________
Qt-interest mailing list
Qt-interest at qt.nokia.com
http://lists.qt.nokia.com/mailman/listinfo/qt-interest

More information about the Qt-interest-old mailing list