comparison ui/sslhelp.cpp @ 464:2e100d3e414a

Add helper functions for sha256 sum and rsa signing
author Andre Heinecke <aheinecke@intevation.de>
date Wed, 23 Apr 2014 15:33:42 +0000
parents f8b480b08532
children f9b0014cff97
comparison
equal deleted inserted replaced
463:5200b8e9b2ae 464:2e100d3e414a
4 * This file is Free Software under the GNU GPL (v>=2) 4 * This file is Free Software under the GNU GPL (v>=2)
5 * and comes with ABSOLUTELY NO WARRANTY! 5 * and comes with ABSOLUTELY NO WARRANTY!
6 * See LICENSE.txt for details. 6 * See LICENSE.txt for details.
7 */ 7 */
8 #include "sslhelp.h" 8 #include "sslhelp.h"
9 #include <polarssl/sha256.h>
10 #include <polarssl/pk.h>
11 #include <polarssl/entropy.h>
12 #include <polarssl/ctr_drbg.h>
13 #include <QApplication>
14 #include <QUuid>
15 #include <QDebug>
9 16
10 QString getPolarSSLErrorMsg(int ret) 17 QString getPolarSSLErrorMsg(int ret)
11 { 18 {
12 char errbuf[1020]; 19 char errbuf[1020];
13 polarssl_strerror(ret, errbuf, 1020); 20 polarssl_strerror(ret, errbuf, 1020);
14 errbuf[1020] = '\0'; /* Just to be sure */ 21 errbuf[1020] = '\0'; /* Just to be sure */
15 return QString::fromLatin1(errbuf); 22 return QString::fromLatin1(errbuf);
16 } 23 }
24
25 QByteArray sha256sum(const QByteArray& data)
26 {
27 unsigned char output[32];
28 sha256((unsigned char *)data.constData(), (size_t)data.size(), output, 0);
29 return QByteArray(data, 32);
30 }
31
32 QByteArray rsaSignSHA256Hash(const QByteArray& hash, pk_context *pk)
33 {
34 int ret = 0;
35 unsigned char sig[POLARSSL_MPI_MAX_SIZE];
36 size_t sig_len;
37 entropy_context entropy;
38 ctr_drbg_context ctr_drbg;
39
40 entropy_init(&entropy);
41
42 QUuid uuid = QUuid::createUuid();
43 QString personalString = QApplication::applicationName() + uuid.toString();
44 QByteArray personalBa = personalString.toLocal8Bit();
45
46 /*
47 * Initialize random generator.
48 * Personalisation string, does not need to be random but
49 * should be unique according to documentation.
50 *
51 * the ctr_drbg structure does not need to be freed explicitly.
52 */
53 ret = ctr_drbg_init(&ctr_drbg, entropy_func, &entropy,
54 (const unsigned char*) personalBa.constData(),
55 personalBa.size());
56 if (ret != 0) {
57 qDebug() << "Failed to initialize drbg: " << getPolarSSLErrorMsg(ret);
58 entropy_free (&entropy);
59 return QByteArray();
60 }
61
62 ret = pk_sign(pk, POLARSSL_MD_SHA256, (const unsigned char*) hash.constData(),
63 hash.size(), sig, &sig_len, ctr_drbg_random, &ctr_drbg);
64 entropy_free (&entropy);
65
66 if (ret != 0) {
67 qDebug() << "Failed to sign: " << getPolarSSLErrorMsg(ret);
68 return QByteArray();
69 }
70
71 if (sig_len != 3072 / 8) {
72 qDebug() << "Invalid size of signature: " << sig_len;
73 return QByteArray();
74 }
75
76 return QByteArray((const char *)sig, (int)sig_len);
77 }

http://wald.intevation.org/projects/trustbridge/