Mercurial > trustbridge
comparison ui/sslhelp.cpp @ 464:2e100d3e414a
Add helper functions for sha256 sum and rsa signing
| author | Andre Heinecke <aheinecke@intevation.de> |
|---|---|
| date | Wed, 23 Apr 2014 15:33:42 +0000 |
| parents | f8b480b08532 |
| children | f9b0014cff97 |
comparison
equal
deleted
inserted
replaced
| 463:5200b8e9b2ae | 464:2e100d3e414a |
|---|---|
| 4 * This file is Free Software under the GNU GPL (v>=2) | 4 * This file is Free Software under the GNU GPL (v>=2) |
| 5 * and comes with ABSOLUTELY NO WARRANTY! | 5 * and comes with ABSOLUTELY NO WARRANTY! |
| 6 * See LICENSE.txt for details. | 6 * See LICENSE.txt for details. |
| 7 */ | 7 */ |
| 8 #include "sslhelp.h" | 8 #include "sslhelp.h" |
| 9 #include <polarssl/sha256.h> | |
| 10 #include <polarssl/pk.h> | |
| 11 #include <polarssl/entropy.h> | |
| 12 #include <polarssl/ctr_drbg.h> | |
| 13 #include <QApplication> | |
| 14 #include <QUuid> | |
| 15 #include <QDebug> | |
| 9 | 16 |
| 10 QString getPolarSSLErrorMsg(int ret) | 17 QString getPolarSSLErrorMsg(int ret) |
| 11 { | 18 { |
| 12 char errbuf[1020]; | 19 char errbuf[1020]; |
| 13 polarssl_strerror(ret, errbuf, 1020); | 20 polarssl_strerror(ret, errbuf, 1020); |
| 14 errbuf[1020] = '\0'; /* Just to be sure */ | 21 errbuf[1020] = '\0'; /* Just to be sure */ |
| 15 return QString::fromLatin1(errbuf); | 22 return QString::fromLatin1(errbuf); |
| 16 } | 23 } |
| 24 | |
| 25 QByteArray sha256sum(const QByteArray& data) | |
| 26 { | |
| 27 unsigned char output[32]; | |
| 28 sha256((unsigned char *)data.constData(), (size_t)data.size(), output, 0); | |
| 29 return QByteArray(data, 32); | |
| 30 } | |
| 31 | |
| 32 QByteArray rsaSignSHA256Hash(const QByteArray& hash, pk_context *pk) | |
| 33 { | |
| 34 int ret = 0; | |
| 35 unsigned char sig[POLARSSL_MPI_MAX_SIZE]; | |
| 36 size_t sig_len; | |
| 37 entropy_context entropy; | |
| 38 ctr_drbg_context ctr_drbg; | |
| 39 | |
| 40 entropy_init(&entropy); | |
| 41 | |
| 42 QUuid uuid = QUuid::createUuid(); | |
| 43 QString personalString = QApplication::applicationName() + uuid.toString(); | |
| 44 QByteArray personalBa = personalString.toLocal8Bit(); | |
| 45 | |
| 46 /* | |
| 47 * Initialize random generator. | |
| 48 * Personalisation string, does not need to be random but | |
| 49 * should be unique according to documentation. | |
| 50 * | |
| 51 * the ctr_drbg structure does not need to be freed explicitly. | |
| 52 */ | |
| 53 ret = ctr_drbg_init(&ctr_drbg, entropy_func, &entropy, | |
| 54 (const unsigned char*) personalBa.constData(), | |
| 55 personalBa.size()); | |
| 56 if (ret != 0) { | |
| 57 qDebug() << "Failed to initialize drbg: " << getPolarSSLErrorMsg(ret); | |
| 58 entropy_free (&entropy); | |
| 59 return QByteArray(); | |
| 60 } | |
| 61 | |
| 62 ret = pk_sign(pk, POLARSSL_MD_SHA256, (const unsigned char*) hash.constData(), | |
| 63 hash.size(), sig, &sig_len, ctr_drbg_random, &ctr_drbg); | |
| 64 entropy_free (&entropy); | |
| 65 | |
| 66 if (ret != 0) { | |
| 67 qDebug() << "Failed to sign: " << getPolarSSLErrorMsg(ret); | |
| 68 return QByteArray(); | |
| 69 } | |
| 70 | |
| 71 if (sig_len != 3072 / 8) { | |
| 72 qDebug() << "Invalid size of signature: " << sig_len; | |
| 73 return QByteArray(); | |
| 74 } | |
| 75 | |
| 76 return QByteArray((const char *)sig, (int)sig_len); | |
| 77 } |