[Qt-interest] QCA big string encryption
Brad Hards
bradh at frogmouth.net
Mon Apr 25 02:01:14 CEST 2011
On Mon, 25 Apr 2011 07:46:37 am Jeroen De Wachter wrote:
> PGP is a program (or suite, if you will) that provides access to the
> same algorithms that QCA uses... so it will not make things inherently
> more secure.
In this case, I think PGP is a much better choice than what you (appear) to be
trying to do. CMS is also an option. SSL/TLS may also work.
Its a common mistake to invent crypto. Lots of people have tried, and most of
those people get it wrong. Its just too easy to make a mistake. Use existing
tools wherever possible. Don't use low level algorithms like AES/3DES, hashing
or asymmetric crypto unless you _know_ what you are doing.
> However, I don't know if PGP (or GnuPG) has an API you can easily talk
> to...
There is a GnuPG "machine" interface that is used by a couple of tools,
including by QCA. Look for the QCA::SecureMessage class. There isn't a canned
example, but this is tested through the qcatool demo application.
HTH
Brad
More information about the Qt-interest-old
mailing list