Mercurial > trustbridge

view ui/sslhelp.cpp @ 757:9bfaced5cf59

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
(issue56) Do not delete the certificate immediately When the selection changed the remove cert is triggered by a slection change event in the certificateitem. Deleting it immediately would delete the trigger of the call. Instead we deleteLater so that the widget get's cleaned up in the next mainloop iteration when it is no longer needed.
author Andre Heinecke <andre.heinecke@intevation.de>
date Mon, 07 Jul 2014 12:54:02 +0200
parents 6c4f526a4c5b
children c8a6a3e6bdeb
line wrap: on
line source
/* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik
 * Software engineering by Intevation GmbH
 *
 * This file is Free Software under the GNU GPL (v>=2)
 * and comes with ABSOLUTELY NO WARRANTY!
 * See LICENSE.txt for details.
 */
#include "sslhelp.h"
#include <polarssl/sha256.h>
#include <polarssl/pk.h>
#include <polarssl/entropy.h>
#include <polarssl/ctr_drbg.h>
#include <QApplication>
#include <QUuid>
#include <QDebug>

QString getPolarSSLErrorMsg(int ret)
{
    char errbuf[1020];
    polarssl_strerror(ret, errbuf, 1020);
    errbuf[1019] = '\0'; /* Just to be sure */
    return QString::fromLatin1(errbuf);
}

QByteArray sha256sum(const QByteArray& data)
{
    unsigned char output[32];
    sha256((unsigned char *)data.constData(), (size_t)data.size(), output, 0);
    return QByteArray((const char *)output, 32);
}

QByteArray rsaSignSHA256Hash(const QByteArray& hash, pk_context *pk)
{
    int ret = 0;
    unsigned char sig[POLARSSL_MPI_MAX_SIZE];
    size_t sig_len;
    entropy_context entropy;
    ctr_drbg_context ctr_drbg;

    entropy_init(&entropy);

    QUuid uuid = QUuid::createUuid();
    QString personalString = QApplication::applicationName() + uuid.toString();
    QByteArray personalBa = personalString.toLocal8Bit();

    /*
    * Initialize random generator.
    * Personalisation string, does not need to be random but
    * should be unique according to documentation.
    *
    * the ctr_drbg structure does not need to be freed explicitly.
    */
    ret = ctr_drbg_init(&ctr_drbg, entropy_func, &entropy,
                        (const unsigned char*) personalBa.constData(),
                        personalBa.size());
    if (ret != 0) {
        qDebug() << "Failed to initialize drbg: " << getPolarSSLErrorMsg(ret);
        entropy_free (&entropy);
        return QByteArray();
    }

    ret = pk_sign(pk, POLARSSL_MD_SHA256, (const unsigned char*) hash.constData(),
                  hash.size(), sig, &sig_len, ctr_drbg_random, &ctr_drbg);
    entropy_free (&entropy);

    if (ret != 0) {
        qDebug() << "Failed to sign: " << getPolarSSLErrorMsg(ret);
        return QByteArray();
    }

    if (sig_len != 3072 / 8) {
        qDebug() << "Invalid size of signature: " << sig_len;
        return QByteArray();
    }

    return QByteArray((const char *)sig, (int)sig_len);
}
http://wald.intevation.org/projects/trustbridge/