Mercurial > trustbridge
changeset 464:2e100d3e414a
Add helper functions for sha256 sum and rsa signing
| author | Andre Heinecke <aheinecke@intevation.de> |
|---|---|
| date | Wed, 23 Apr 2014 15:33:42 +0000 |
| parents | 5200b8e9b2ae |
| children | 88dfe16a0bb9 |
| files | ui/sslhelp.cpp ui/sslhelp.h |
| diffstat | 2 files changed, 77 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- a/ui/sslhelp.cpp Wed Apr 23 15:33:09 2014 +0000 +++ b/ui/sslhelp.cpp Wed Apr 23 15:33:42 2014 +0000 @@ -6,6 +6,13 @@ * See LICENSE.txt for details. */ #include "sslhelp.h" +#include <polarssl/sha256.h> +#include <polarssl/pk.h> +#include <polarssl/entropy.h> +#include <polarssl/ctr_drbg.h> +#include <QApplication> +#include <QUuid> +#include <QDebug> QString getPolarSSLErrorMsg(int ret) { @@ -14,3 +21,57 @@ errbuf[1020] = '\0'; /* Just to be sure */ return QString::fromLatin1(errbuf); } + +QByteArray sha256sum(const QByteArray& data) +{ + unsigned char output[32]; + sha256((unsigned char *)data.constData(), (size_t)data.size(), output, 0); + return QByteArray(data, 32); +} + +QByteArray rsaSignSHA256Hash(const QByteArray& hash, pk_context *pk) +{ + int ret = 0; + unsigned char sig[POLARSSL_MPI_MAX_SIZE]; + size_t sig_len; + entropy_context entropy; + ctr_drbg_context ctr_drbg; + + entropy_init(&entropy); + + QUuid uuid = QUuid::createUuid(); + QString personalString = QApplication::applicationName() + uuid.toString(); + QByteArray personalBa = personalString.toLocal8Bit(); + + /* + * Initialize random generator. + * Personalisation string, does not need to be random but + * should be unique according to documentation. + * + * the ctr_drbg structure does not need to be freed explicitly. + */ + ret = ctr_drbg_init(&ctr_drbg, entropy_func, &entropy, + (const unsigned char*) personalBa.constData(), + personalBa.size()); + if (ret != 0) { + qDebug() << "Failed to initialize drbg: " << getPolarSSLErrorMsg(ret); + entropy_free (&entropy); + return QByteArray(); + } + + ret = pk_sign(pk, POLARSSL_MD_SHA256, (const unsigned char*) hash.constData(), + hash.size(), sig, &sig_len, ctr_drbg_random, &ctr_drbg); + entropy_free (&entropy); + + if (ret != 0) { + qDebug() << "Failed to sign: " << getPolarSSLErrorMsg(ret); + return QByteArray(); + } + + if (sig_len != 3072 / 8) { + qDebug() << "Invalid size of signature: " << sig_len; + return QByteArray(); + } + + return QByteArray((const char *)sig, (int)sig_len); +}
--- a/ui/sslhelp.h Wed Apr 23 15:33:09 2014 +0000 +++ b/ui/sslhelp.h Wed Apr 23 15:33:42 2014 +0000 @@ -12,6 +12,7 @@ * @brief Helper functions to combine Qt with Polarssl */ #include <polarssl/error.h> +#include <polarssl/pk.h> #include <QString> @@ -21,3 +22,18 @@ * @returns A QString representation of that error */ QString getPolarSSLErrorMsg(int ret); + +/** @brief calculate the sha256 of the bytearray data + * + * @param [in] data The data to hash + * @returns the sha256sum of the data + */ +QByteArray sha256sum(const QByteArray& data); + +/** @brief Create a RSA signature fur a sha256 hashsum + * + * @param [in] hash the hash to sign. + * @param [in] pk the key to use. + * @returns the signature of the data or an empty byte array on error + */ +QByteArray rsaSignSHA256Hash(const QByteArray& hash, pk_context *pk);