Mercurial > trustbridge
annotate ui/sslhelp.cpp @ 502:e551de11d8b6
Properly handle the case that the file does not exist.
TRUNCATE makes create file fail if the file does not exist
but we need TRUNCATE in the case that the file already exists
author | Andre Heinecke <aheinecke@intevation.de> |
---|---|
date | Mon, 28 Apr 2014 09:18:07 +0000 |
parents | 6c4f526a4c5b |
children | c8a6a3e6bdeb |
rev | line source |
---|---|
452
f8b480b08532
Factor out polarssl error handling and start new sslhelp file
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
1 /* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik |
f8b480b08532
Factor out polarssl error handling and start new sslhelp file
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
2 * Software engineering by Intevation GmbH |
f8b480b08532
Factor out polarssl error handling and start new sslhelp file
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
3 * |
f8b480b08532
Factor out polarssl error handling and start new sslhelp file
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
4 * This file is Free Software under the GNU GPL (v>=2) |
f8b480b08532
Factor out polarssl error handling and start new sslhelp file
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
5 * and comes with ABSOLUTELY NO WARRANTY! |
f8b480b08532
Factor out polarssl error handling and start new sslhelp file
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
6 * See LICENSE.txt for details. |
f8b480b08532
Factor out polarssl error handling and start new sslhelp file
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
7 */ |
f8b480b08532
Factor out polarssl error handling and start new sslhelp file
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
8 #include "sslhelp.h" |
464
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
9 #include <polarssl/sha256.h> |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
10 #include <polarssl/pk.h> |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
11 #include <polarssl/entropy.h> |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
12 #include <polarssl/ctr_drbg.h> |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
13 #include <QApplication> |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
14 #include <QUuid> |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
15 #include <QDebug> |
452
f8b480b08532
Factor out polarssl error handling and start new sslhelp file
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
16 |
f8b480b08532
Factor out polarssl error handling and start new sslhelp file
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
17 QString getPolarSSLErrorMsg(int ret) |
f8b480b08532
Factor out polarssl error handling and start new sslhelp file
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
18 { |
f8b480b08532
Factor out polarssl error handling and start new sslhelp file
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
19 char errbuf[1020]; |
f8b480b08532
Factor out polarssl error handling and start new sslhelp file
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
20 polarssl_strerror(ret, errbuf, 1020); |
475
6c4f526a4c5b
Fix off by one error
Andre Heinecke <aheinecke@intevation.de>
parents:
469
diff
changeset
|
21 errbuf[1019] = '\0'; /* Just to be sure */ |
452
f8b480b08532
Factor out polarssl error handling and start new sslhelp file
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
22 return QString::fromLatin1(errbuf); |
f8b480b08532
Factor out polarssl error handling and start new sslhelp file
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
23 } |
464
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
24 |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
25 QByteArray sha256sum(const QByteArray& data) |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
26 { |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
27 unsigned char output[32]; |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
28 sha256((unsigned char *)data.constData(), (size_t)data.size(), output, 0); |
469
f9b0014cff97
Fix return value of sha256 sum
Andre Heinecke <aheinecke@intevation.de>
parents:
464
diff
changeset
|
29 return QByteArray((const char *)output, 32); |
464
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
30 } |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
31 |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
32 QByteArray rsaSignSHA256Hash(const QByteArray& hash, pk_context *pk) |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
33 { |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
34 int ret = 0; |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
35 unsigned char sig[POLARSSL_MPI_MAX_SIZE]; |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
36 size_t sig_len; |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
37 entropy_context entropy; |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
38 ctr_drbg_context ctr_drbg; |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
39 |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
40 entropy_init(&entropy); |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
41 |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
42 QUuid uuid = QUuid::createUuid(); |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
43 QString personalString = QApplication::applicationName() + uuid.toString(); |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
44 QByteArray personalBa = personalString.toLocal8Bit(); |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
45 |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
46 /* |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
47 * Initialize random generator. |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
48 * Personalisation string, does not need to be random but |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
49 * should be unique according to documentation. |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
50 * |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
51 * the ctr_drbg structure does not need to be freed explicitly. |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
52 */ |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
53 ret = ctr_drbg_init(&ctr_drbg, entropy_func, &entropy, |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
54 (const unsigned char*) personalBa.constData(), |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
55 personalBa.size()); |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
56 if (ret != 0) { |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
57 qDebug() << "Failed to initialize drbg: " << getPolarSSLErrorMsg(ret); |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
58 entropy_free (&entropy); |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
59 return QByteArray(); |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
60 } |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
61 |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
62 ret = pk_sign(pk, POLARSSL_MD_SHA256, (const unsigned char*) hash.constData(), |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
63 hash.size(), sig, &sig_len, ctr_drbg_random, &ctr_drbg); |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
64 entropy_free (&entropy); |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
65 |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
66 if (ret != 0) { |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
67 qDebug() << "Failed to sign: " << getPolarSSLErrorMsg(ret); |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
68 return QByteArray(); |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
69 } |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
70 |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
71 if (sig_len != 3072 / 8) { |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
72 qDebug() << "Invalid size of signature: " << sig_len; |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
73 return QByteArray(); |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
74 } |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
75 |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
76 return QByteArray((const char *)sig, (int)sig_len); |
2e100d3e414a
Add helper functions for sha256 sum and rsa signing
Andre Heinecke <aheinecke@intevation.de>
parents:
452
diff
changeset
|
77 } |