[PATCH 3 of 7] Add helper functions for sha256 sum and rsa signing
Wald Commits
scm-commit at wald.intevation.org
Wed Apr 23 18:21:55 CEST 2014
# HG changeset patch
# User Andre Heinecke <aheinecke at intevation.de>
# Date 1398267222 0
# Node ID 2e100d3e414a4efec186d0fdcb429219514f0892
# Parent 5200b8e9b2aed246dd9295deb6643ac38d92b589
Add helper functions for sha256 sum and rsa signing
diff -r 5200b8e9b2ae -r 2e100d3e414a ui/sslhelp.cpp
--- a/ui/sslhelp.cpp Wed Apr 23 15:33:09 2014 +0000
+++ b/ui/sslhelp.cpp Wed Apr 23 15:33:42 2014 +0000
@@ -6,6 +6,13 @@
* See LICENSE.txt for details.
*/
#include "sslhelp.h"
+#include <polarssl/sha256.h>
+#include <polarssl/pk.h>
+#include <polarssl/entropy.h>
+#include <polarssl/ctr_drbg.h>
+#include <QApplication>
+#include <QUuid>
+#include <QDebug>
QString getPolarSSLErrorMsg(int ret)
{
@@ -14,3 +21,57 @@
errbuf[1020] = '\0'; /* Just to be sure */
return QString::fromLatin1(errbuf);
}
+
+QByteArray sha256sum(const QByteArray& data)
+{
+ unsigned char output[32];
+ sha256((unsigned char *)data.constData(), (size_t)data.size(), output, 0);
+ return QByteArray(data, 32);
+}
+
+QByteArray rsaSignSHA256Hash(const QByteArray& hash, pk_context *pk)
+{
+ int ret = 0;
+ unsigned char sig[POLARSSL_MPI_MAX_SIZE];
+ size_t sig_len;
+ entropy_context entropy;
+ ctr_drbg_context ctr_drbg;
+
+ entropy_init(&entropy);
+
+ QUuid uuid = QUuid::createUuid();
+ QString personalString = QApplication::applicationName() + uuid.toString();
+ QByteArray personalBa = personalString.toLocal8Bit();
+
+ /*
+ * Initialize random generator.
+ * Personalisation string, does not need to be random but
+ * should be unique according to documentation.
+ *
+ * the ctr_drbg structure does not need to be freed explicitly.
+ */
+ ret = ctr_drbg_init(&ctr_drbg, entropy_func, &entropy,
+ (const unsigned char*) personalBa.constData(),
+ personalBa.size());
+ if (ret != 0) {
+ qDebug() << "Failed to initialize drbg: " << getPolarSSLErrorMsg(ret);
+ entropy_free (&entropy);
+ return QByteArray();
+ }
+
+ ret = pk_sign(pk, POLARSSL_MD_SHA256, (const unsigned char*) hash.constData(),
+ hash.size(), sig, &sig_len, ctr_drbg_random, &ctr_drbg);
+ entropy_free (&entropy);
+
+ if (ret != 0) {
+ qDebug() << "Failed to sign: " << getPolarSSLErrorMsg(ret);
+ return QByteArray();
+ }
+
+ if (sig_len != 3072 / 8) {
+ qDebug() << "Invalid size of signature: " << sig_len;
+ return QByteArray();
+ }
+
+ return QByteArray((const char *)sig, (int)sig_len);
+}
diff -r 5200b8e9b2ae -r 2e100d3e414a ui/sslhelp.h
--- a/ui/sslhelp.h Wed Apr 23 15:33:09 2014 +0000
+++ b/ui/sslhelp.h Wed Apr 23 15:33:42 2014 +0000
@@ -12,6 +12,7 @@
* @brief Helper functions to combine Qt with Polarssl
*/
#include <polarssl/error.h>
+#include <polarssl/pk.h>
#include <QString>
@@ -21,3 +22,18 @@
* @returns A QString representation of that error
*/
QString getPolarSSLErrorMsg(int ret);
+
+/** @brief calculate the sha256 of the bytearray data
+ *
+ * @param [in] data The data to hash
+ * @returns the sha256sum of the data
+ */
+QByteArray sha256sum(const QByteArray& data);
+
+/** @brief Create a RSA signature fur a sha256 hashsum
+ *
+ * @param [in] hash the hash to sign.
+ * @param [in] pk the key to use.
+ * @returns the signature of the data or an empty byte array on error
+ */
+QByteArray rsaSignSHA256Hash(const QByteArray& hash, pk_context *pk);
More information about the Trustbridge-commits
mailing list