Mercurial > trustbridge
annotate ui/sslhelp.cpp @ 1380:77c9e35657ab
(issue83) Remove testversion note
author | Andre Heinecke <andre.heinecke@intevation.de> |
---|---|
date | Thu, 15 Jan 2015 15:28:40 +0100 |
parents | c8a6a3e6bdeb |
children | f3e2df6b49ba |
rev | line source |
---|---|
452
f8b480b08532
Factor out polarssl error handling and start new sslhelp file
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
1 /* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik |
f8b480b08532
Factor out polarssl error handling and start new sslhelp file
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
2 * Software engineering by Intevation GmbH |
f8b480b08532
Factor out polarssl error handling and start new sslhelp file
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
3 * |
f8b480b08532
Factor out polarssl error handling and start new sslhelp file
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
4 * This file is Free Software under the GNU GPL (v>=2) |
f8b480b08532
Factor out polarssl error handling and start new sslhelp file
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
5 * and comes with ABSOLUTELY NO WARRANTY! |
f8b480b08532
Factor out polarssl error handling and start new sslhelp file
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
6 * See LICENSE.txt for details. |
f8b480b08532
Factor out polarssl error handling and start new sslhelp file
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
7 */ |
f8b480b08532
Factor out polarssl error handling and start new sslhelp file
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
8 #include "sslhelp.h" |
464
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
9 #include <polarssl/sha256.h> |
1377
c8a6a3e6bdeb
(issue178) Show checksums after installer creation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
475
diff
changeset
|
10 #include <polarssl/sha1.h> |
464
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
11 #include <polarssl/pk.h> |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
12 #include <polarssl/entropy.h> |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
13 #include <polarssl/ctr_drbg.h> |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
14 #include <QApplication> |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
15 #include <QUuid> |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
16 #include <QDebug> |
452
f8b480b08532
Factor out polarssl error handling and start new sslhelp file
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
17 |
f8b480b08532
Factor out polarssl error handling and start new sslhelp file
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
18 QString getPolarSSLErrorMsg(int ret) |
f8b480b08532
Factor out polarssl error handling and start new sslhelp file
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
19 { |
f8b480b08532
Factor out polarssl error handling and start new sslhelp file
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
20 char errbuf[1020]; |
f8b480b08532
Factor out polarssl error handling and start new sslhelp file
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
21 polarssl_strerror(ret, errbuf, 1020); |
475
6c4f526a4c5b
Fix off by one error
Andre Heinecke <aheinecke@intevation.de>
parents:
469
diff
changeset
|
22 errbuf[1019] = '\0'; /* Just to be sure */ |
452
f8b480b08532
Factor out polarssl error handling and start new sslhelp file
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
23 return QString::fromLatin1(errbuf); |
f8b480b08532
Factor out polarssl error handling and start new sslhelp file
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
24 } |
464
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
25 |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
26 QByteArray sha256sum(const QByteArray& data) |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
27 { |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
28 unsigned char output[32]; |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
29 sha256((unsigned char *)data.constData(), (size_t)data.size(), output, 0); |
469
f9b0014cff97
Fix return value of sha256 sum
Andre Heinecke <aheinecke@intevation.de>
parents:
464
diff
changeset
|
30 return QByteArray((const char *)output, 32); |
464
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
31 } |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
32 |
1377
c8a6a3e6bdeb
(issue178) Show checksums after installer creation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
475
diff
changeset
|
33 QByteArray sha1sum(const QByteArray& data) |
c8a6a3e6bdeb
(issue178) Show checksums after installer creation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
475
diff
changeset
|
34 { |
c8a6a3e6bdeb
(issue178) Show checksums after installer creation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
475
diff
changeset
|
35 unsigned char output[20]; |
c8a6a3e6bdeb
(issue178) Show checksums after installer creation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
475
diff
changeset
|
36 sha1((unsigned char *)data.constData(), (size_t)data.size(), output); |
c8a6a3e6bdeb
(issue178) Show checksums after installer creation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
475
diff
changeset
|
37 return QByteArray((const char *)output, 20); |
c8a6a3e6bdeb
(issue178) Show checksums after installer creation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
475
diff
changeset
|
38 } |
c8a6a3e6bdeb
(issue178) Show checksums after installer creation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
475
diff
changeset
|
39 |
464
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
40 QByteArray rsaSignSHA256Hash(const QByteArray& hash, pk_context *pk) |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
41 { |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
42 int ret = 0; |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
43 unsigned char sig[POLARSSL_MPI_MAX_SIZE]; |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
44 size_t sig_len; |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
45 entropy_context entropy; |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
46 ctr_drbg_context ctr_drbg; |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
47 |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
48 entropy_init(&entropy); |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
49 |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
50 QUuid uuid = QUuid::createUuid(); |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
51 QString personalString = QApplication::applicationName() + uuid.toString(); |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
52 QByteArray personalBa = personalString.toLocal8Bit(); |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
53 |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
54 /* |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
55 * Initialize random generator. |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
56 * Personalisation string, does not need to be random but |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
57 * should be unique according to documentation. |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
58 * |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
59 * the ctr_drbg structure does not need to be freed explicitly. |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
60 */ |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
61 ret = ctr_drbg_init(&ctr_drbg, entropy_func, &entropy, |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
62 (const unsigned char*) personalBa.constData(), |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
63 personalBa.size()); |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
64 if (ret != 0) { |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
65 qDebug() << "Failed to initialize drbg: " << getPolarSSLErrorMsg(ret); |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
66 entropy_free (&entropy); |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
67 return QByteArray(); |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
68 } |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
69 |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
70 ret = pk_sign(pk, POLARSSL_MD_SHA256, (const unsigned char*) hash.constData(), |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
71 hash.size(), sig, &sig_len, ctr_drbg_random, &ctr_drbg); |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
72 entropy_free (&entropy); |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
73 |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
74 if (ret != 0) { |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
75 qDebug() << "Failed to sign: " << getPolarSSLErrorMsg(ret); |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
76 return QByteArray(); |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
77 } |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
78 |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
79 if (sig_len != 3072 / 8) { |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
80 qDebug() << "Invalid size of signature: " << sig_len; |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
81 return QByteArray(); |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
82 } |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
83 |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
84 return QByteArray((const char *)sig, (int)sig_len); |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
85 } |