[Qt-interest] QCA big string encryption

Sean Harmer sean.harmer at maps-technology.com
Sun Apr 24 23:52:33 CEST 2011 

Hi,

On 24/04/2011 22:24, Nicholas Shatokhin wrote:
> I need to encrypt JSON string that contains fingerprint data in Base64 and
> a Public Key in Base 64 too.
>
> Is it safe to encrypt and send a symmetric key? Someone can get access to
> the application and try to get the key and send data to the server on
> behalf of the application.

I have used code like this in the past to encrypt data:

	QCA::SecureMessageKey secMsgKey;
         QCA::CertificateChain chain;
         chain += m_publicCert;
         secMsgKey.setX509CertificateChain( chain );

         // Build up a SecureMessage object
         QCA::CMS cms;
         QCA::SecureMessage msg( &cms );
         msg.setRecipient( secMsgKey );

         // Use the secure message to do the encryption
         msg.startEncrypt();
         msg.update( clearData );
         msg.end();
         msg.waitForFinished( 1000 );

         // Check to see if it worked
         if ( !msg.success() )
             throw QString( "Error encrypting: " + msg.errorCode() );

         // Get the result and base64 encode it so that we can save it
	// in an ascii text file
         QByteArray cipherText = msg.read();
	QCA::Base64 enc;
         QString encString = enc.arrayToString( cipherText );

Then this kind of thing to decrypt:

	// Get the encrypted data
         QString base64CipherText( myEncryptedText );
         QCA::Base64 encoder;
         QByteArray cipherText( encoder.stringToArray( base64CipherText 
).toByteArray() );

         // Build up a SecureMessage object, based on our private key.
	// This is done in a slightly different way to when we were
	// encrypting. We set the private key directly on the secure
	// messaging system object (cms2)
         QCA::CertificateChain chain;
         chain += m_publicCert;

         QCA::SecureMessageKey secMsgKey;
         secMsgKey.setX509PrivateKey( m_privateKey );
         secMsgKey.setX509CertificateChain( chain );
         QCA::CMS cms;
         cms.setPrivateKeys( QCA::SecureMessageKeyList() << secMsgKey );
         QCA::SecureMessage msg( &cms );

         // Do the decryption
         msg.startDecrypt();
         msg.update( cipherText );
         msg.end();
         msg.waitForFinished( 1000 );

         // Check to see if it worked
         if ( !msg.success() )
             throw QString( "Error decrypting: " + msg.errorCode() );

         // Get the decrypted data
         QByteArray clearData( msg.read() );

HTH,

Sean

More information about the Qt-interest-old mailing list