From 37bd797e6f50957aa4a2395ebf7436083ea56030 Mon Sep 17 00:00:00 2001 From: EndrII Date: Sun, 2 Jul 2023 23:40:24 +0200 Subject: [PATCH 01/25] ref #1 add empty classes for * RSA SSL 1.1 * RSA SSL 3.0 * X509 --- CMakeLists.txt | 6 +++--- src/lib/CMakeLists.txt | 17 +++++++++++++++-- src/lib/src/public/easyssl/rsassl11.cpp | 6 ++++++ src/lib/src/public/easyssl/rsassl11.h | 11 +++++++++++ src/lib/src/public/easyssl/rsassl30.cpp | 6 ++++++ src/lib/src/public/easyssl/rsassl30.h | 11 +++++++++++ src/lib/src/public/easyssl/x509.cpp | 6 ++++++ src/lib/src/public/easyssl/x509.h | 11 +++++++++++ tests/CMakeLists.txt | 2 +- 9 files changed, 70 insertions(+), 6 deletions(-) create mode 100644 src/lib/src/public/easyssl/rsassl11.cpp create mode 100644 src/lib/src/public/easyssl/rsassl11.h create mode 100644 src/lib/src/public/easyssl/rsassl30.cpp create mode 100644 src/lib/src/public/easyssl/rsassl30.h create mode 100644 src/lib/src/public/easyssl/x509.cpp create mode 100644 src/lib/src/public/easyssl/x509.h diff --git a/CMakeLists.txt b/CMakeLists.txt index d346465..c3fe32e 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -20,14 +20,14 @@ set(CMAKE_AUTOUIC ON) set(CMAKE_CXX_STANDARD 17) set(CMAKE_CXX_STANDARD_REQUIRED ON) -if (ANDROID OR IOS) +if (ANDROID) set(BUILD_SHARED_LIBS ON) endif() if (NOT QT_VERSION_MAJOR) - find_package(QT NAMES Qt6 Qt5 COMPONENTS Core Test QUIET) + find_package(QT NAMES Qt6 Qt5 COMPONENTS Core Test REQUIRED) endif() -find_package(Qt${QT_VERSION_MAJOR} COMPONENTS Core Test QUIET) +find_package(Qt${QT_VERSION_MAJOR} COMPONENTS Core Test REQUIRED) include(submodules/CMake/QuasarApp.cmake) diff --git a/src/lib/CMakeLists.txt b/src/lib/CMakeLists.txt index 917ac25..9aca4a0 100644 --- a/src/lib/CMakeLists.txt +++ b/src/lib/CMakeLists.txt @@ -9,11 +9,11 @@ cmake_minimum_required(VERSION 3.19) get_filename_component(CURRENT_PROJECT_DIR ${CMAKE_CURRENT_SOURCE_DIR} NAME) -set(CURRENT_PROJECT "${PROJECT_NAME}${CURRENT_PROJECT_DIR}") +set(CURRENT_PROJECT "${PROJECT_NAME}") add_definitions(-DEASYSSL_LIBRARY) list(APPEND CMAKE_FIND_ROOT_PATH "$ENV{OPENSSL_ROOT_DIR}") -find_package(OpenSSL REQUIRED) +find_package(OpenSSL 3.0 REQUIRED) file(GLOB_RECURSE SOURCE_CPP "src/*.cpp" @@ -43,8 +43,21 @@ else() message("Use shared ssl ") target_link_libraries(${CURRENT_PROJECT} PRIVATE OpenSSL::Crypto OpenSSL::SSL) + + if (ANDROID) + set(OPENSSL_ROOT_PATH "$ENV{OPENSSL_ROOT_DIR}") + + set(ANDROID_EXTRA_LIBS + ${OPENSSL_ROOT_PATH}/lib/libcrypto_android.so + ${OPENSSL_ROOT_PATH}/lib/libssl_android.so + CACHE INTERNAL "") + + message(ANDROID_EXTRA_LIBS = ${ANDROID_EXTRA_LIBS}) + endif() endif() +message("Use the OpenSSL libraries: ${OPENSSL_LIBRARIES}") + target_include_directories(${CURRENT_PROJECT} PUBLIC ${PUBLIC_INCUDE_DIR}) target_include_directories(${CURRENT_PROJECT} PRIVATE ${PRIVATE_INCUDE_DIR}) diff --git a/src/lib/src/public/easyssl/rsassl11.cpp b/src/lib/src/public/easyssl/rsassl11.cpp new file mode 100644 index 0000000..045b03d --- /dev/null +++ b/src/lib/src/public/easyssl/rsassl11.cpp @@ -0,0 +1,6 @@ +#include "rsassl11.h" + +RSASSL11::RSASSL11() +{ + +} diff --git a/src/lib/src/public/easyssl/rsassl11.h b/src/lib/src/public/easyssl/rsassl11.h new file mode 100644 index 0000000..658452a --- /dev/null +++ b/src/lib/src/public/easyssl/rsassl11.h @@ -0,0 +1,11 @@ +#ifndef RSASSL11_H +#define RSASSL11_H + + +class RSASSL11 +{ +public: + RSASSL11(); +}; + +#endif // RSASSL11_H diff --git a/src/lib/src/public/easyssl/rsassl30.cpp b/src/lib/src/public/easyssl/rsassl30.cpp new file mode 100644 index 0000000..06c09f2 --- /dev/null +++ b/src/lib/src/public/easyssl/rsassl30.cpp @@ -0,0 +1,6 @@ +#include "rsassl30.h" + +RSASSL30::RSASSL30() +{ + +} diff --git a/src/lib/src/public/easyssl/rsassl30.h b/src/lib/src/public/easyssl/rsassl30.h new file mode 100644 index 0000000..18dc732 --- /dev/null +++ b/src/lib/src/public/easyssl/rsassl30.h @@ -0,0 +1,11 @@ +#ifndef RSASSL30_H +#define RSASSL30_H + + +class RSASSL30 +{ +public: + RSASSL30(); +}; + +#endif // RSASSL30_H diff --git a/src/lib/src/public/easyssl/x509.cpp b/src/lib/src/public/easyssl/x509.cpp new file mode 100644 index 0000000..a184a17 --- /dev/null +++ b/src/lib/src/public/easyssl/x509.cpp @@ -0,0 +1,6 @@ +#include "x509.h" + +X509::X509() +{ + +} diff --git a/src/lib/src/public/easyssl/x509.h b/src/lib/src/public/easyssl/x509.h new file mode 100644 index 0000000..11fad76 --- /dev/null +++ b/src/lib/src/public/easyssl/x509.h @@ -0,0 +1,11 @@ +#ifndef X509_H +#define X509_H + + +class X509 +{ +public: + X509(); +}; + +#endif // X509_H diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 8afd4c4..0760860 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -20,7 +20,7 @@ set(PUBLIC_INCUDE_DIR ${PUBLIC_INCUDE_DIR} "${CMAKE_CURRENT_SOURCE_DIR}/units") add_executable(${CURRENT_PROJECT} ${SOURCE_CPP}) -target_link_libraries(${CURRENT_PROJECT} PRIVATE Qt${QT_VERSION_MAJOR}::Test ${PROJECT_NAME}lib) +target_link_libraries(${CURRENT_PROJECT} PRIVATE Qt${QT_VERSION_MAJOR}::Test ${PROJECT_NAME}) target_include_directories(${CURRENT_PROJECT} PUBLIC ${PUBLIC_INCUDE_DIR}) From cc26a5cae4b0fa709b3cd4d490b746b3aacf98ca Mon Sep 17 00:00:00 2001 From: EndrII Date: Tue, 4 Jul 2023 00:12:56 +0200 Subject: [PATCH 02/25] added generation RSA keys --- src/lib/src/public/easyssl/ecdsassl11.h | 2 +- src/lib/src/public/easyssl/rsassl11.cpp | 97 ++++++++++++++++++++++++- src/lib/src/public/easyssl/rsassl11.h | 38 +++++++++- 3 files changed, 132 insertions(+), 5 deletions(-) diff --git a/src/lib/src/public/easyssl/ecdsassl11.h b/src/lib/src/public/easyssl/ecdsassl11.h index 8002e21..2e526dd 100644 --- a/src/lib/src/public/easyssl/ecdsassl11.h +++ b/src/lib/src/public/easyssl/ecdsassl11.h @@ -16,7 +16,7 @@ namespace EasySSL { /** * @brief The ECDSASSL11 class is ecdsa implementation of the Async authentication. This implementation based on Openssl library. - * @note This class compatibility only with ssl 1.1 and ssl 3.0 (depricated fundtions). + * @note This class compatibility only with ssl 1.1 */ class EASYSSL_EXPORT ECDSASSL11: public EasySSL::ICrypto { diff --git a/src/lib/src/public/easyssl/rsassl11.cpp b/src/lib/src/public/easyssl/rsassl11.cpp index 045b03d..71d1876 100644 --- a/src/lib/src/public/easyssl/rsassl11.cpp +++ b/src/lib/src/public/easyssl/rsassl11.cpp @@ -1,6 +1,99 @@ +//# +//# Copyright (C) 2021-2023 QuasarApp. +//# Distributed under the GPLv3 software license, see the accompanying +//# Everyone is permitted to copy and distribute verbatim copies +//# of this license document, but changing it is not allowed. +//# + + #include "rsassl11.h" +#include +#include +#include +#include + +namespace EasySSL { + +RSASSL11::RSASSL11() { + +} + +bool RSASSL11::makeKeys(QByteArray &pubKey, QByteArray &privKey) const { + EVP_PKEY *pkey = EVP_PKEY_new(); + + if (!pkey) { + return false; + } + + BIGNUM * bn = BN_new(); + + int rc = BN_set_word(bn, RSA_F4); + + if (rc != 1) { + BN_free(bn); + EVP_PKEY_free(pkey); + return false; + } + + RSA * rsa = RSA_new(); + + auto failed = [bn, rsa, pkey] () { + BN_free(bn); + RSA_free(rsa); + EVP_PKEY_free(pkey); + return false; + }; + + if (!RSA_generate_key_ex(rsa, 4196, bn, nullptr)) { + return failed(); + } + + q_check_ptr(rsa); + if (EVP_PKEY_assign_RSA(pkey, rsa) <= 0) { + return failed(); + } + + BIO *mem; + mem = BIO_new_mem_buf(pkey, -1); //pkey is of type char* + + auto key = PEM_read_bio_PrivateKey(mem, NULL, NULL, 0); + -RSASSL11::RSASSL11() -{ + BIO *private_key_bio = BIO_new(BIO_s_mem()); + PEM_write_bio_RSAPrivateKey(private_key_bio, rsa, NULL, NULL, 0, NULL, NULL); + char *private_key_data; + long private_key_size = BIO_get_mem_data(private_key_bio, &private_key_data); + privKey = QByteArray(private_key_data, private_key_size); + BIO_free(private_key_bio); + + BIO *public_key_bio = BIO_new(BIO_s_mem()); + PEM_write_bio_RSAPublicKey(public_key_bio, rsa); + char *public_key_data; + long public_key_size = BIO_get_mem_data(public_key_bio, &public_key_data); + pubKey = QByteArray(public_key_data, public_key_size); + BIO_free(public_key_bio); + + return true; +} + +ICrypto::Features RSASSL11::supportedFeatures() const { + return static_cast(Features::Encription | Features::Signing); +} + +QByteArray RSASSL11::signMessage(const QByteArray &inputData, const QByteArray &key) const { + +} + +bool RSASSL11::checkSign(const QByteArray &inputData, const QByteArray &signature, const QByteArray &key) const { + +} + +QByteArray RSASSL11::decrypt(const QByteArray &message, const QByteArray &key) { + +} + +QByteArray RSASSL11::encrypt(const QByteArray &message, const QByteArray &key) { + +} } diff --git a/src/lib/src/public/easyssl/rsassl11.h b/src/lib/src/public/easyssl/rsassl11.h index 658452a..9f5bb73 100644 --- a/src/lib/src/public/easyssl/rsassl11.h +++ b/src/lib/src/public/easyssl/rsassl11.h @@ -1,11 +1,45 @@ +//# +//# Copyright (C) 2021-2023 QuasarApp. +//# Distributed under the GPLv3 software license, see the accompanying +//# Everyone is permitted to copy and distribute verbatim copies +//# of this license document, but changing it is not allowed. +//# + + #ifndef RSASSL11_H #define RSASSL11_H +#include "global.h" +#include "icrypto.h" + +namespace EasySSL { -class RSASSL11 +/** + * @brief The RSASSL11 class This is wrapper of the openssl 1.1 implementation of the RSA alghorithm + */ +class EASYSSL_EXPORT RSASSL11: public EasySSL::ICrypto { public: RSASSL11(); -}; + bool makeKeys(QByteArray &pubKey, QByteArray &privKey) const override; + Features supportedFeatures() const override; + + + QByteArray signMessage(const QByteArray &inputData, const QByteArray &key) const override; + bool checkSign(const QByteArray &inputData, const QByteArray &signature, const QByteArray &key) const override; + + /** + * @brief decrypt This method has empty implementation. + * @return empty array. + */ + QByteArray decrypt(const QByteArray &message, const QByteArray &key) override; + + /** + * @brief encrypt This method has empty implementation. + * @return empty array. + */ + QByteArray encrypt(const QByteArray &message, const QByteArray &key) override; +}; +} #endif // RSASSL11_H From c472d04c875ea06c2991a21ea0d4b10ac276d96f Mon Sep 17 00:00:00 2001 From: EndrII Date: Tue, 4 Jul 2023 17:12:16 +0200 Subject: [PATCH 03/25] added rsa implementation for openssl 1.1 --- src/lib/src/private/easysslutils.cpp | 44 ++++++++++ src/lib/src/private/easysslutils.h | 44 ++++++++++ src/lib/src/public/easyssl/ecdsassl11.cpp | 59 ++++--------- src/lib/src/public/easyssl/rsassl11.cpp | 100 ++++++++++++++++++++++ 4 files changed, 203 insertions(+), 44 deletions(-) create mode 100644 src/lib/src/private/easysslutils.cpp create mode 100644 src/lib/src/private/easysslutils.h diff --git a/src/lib/src/private/easysslutils.cpp b/src/lib/src/private/easysslutils.cpp new file mode 100644 index 0000000..0c9ea28 --- /dev/null +++ b/src/lib/src/private/easysslutils.cpp @@ -0,0 +1,44 @@ +//# +//# Copyright (C) 2021-2023 QuasarApp. +//# Distributed under the GPLv3 software license, see the accompanying +//# Everyone is permitted to copy and distribute verbatim copies +//# of this license document, but changing it is not allowed. +//# + +#include "easysslutils.h" +#include +#include +#include +#include + +namespace EasySSL { + + +void EasySSLUtils::printlastOpenSSlError() { + int error = ERR_get_error(); + char buffer[256]; + ERR_error_string(error, buffer); +} + +QByteArray EasySSLUtils::bignumToArray(const BIGNUM *num) { + int length = BN_bn2mpi(num, nullptr); + QVector data(length); + BN_bn2mpi(num, data.data()); + QByteArray result; + result.insert(0, reinterpret_cast(data.data()), data.length()); + return result; +} + +BIGNUM *EasySSLUtils::bignumFromArray(const QByteArray &array) { + auto d = reinterpret_cast(array.data()); + BIGNUM* result = BN_mpi2bn(d, + array.length(), nullptr); + if (!result) { + printlastOpenSSlError(); + } + + return result; +} + + +} diff --git a/src/lib/src/private/easysslutils.h b/src/lib/src/private/easysslutils.h new file mode 100644 index 0000000..030b249 --- /dev/null +++ b/src/lib/src/private/easysslutils.h @@ -0,0 +1,44 @@ +//# +//# Copyright (C) 2021-2023 QuasarApp. +//# Distributed under the GPLv3 software license, see the accompanying +//# Everyone is permitted to copy and distribute verbatim copies +//# of this license document, but changing it is not allowed. +//# + +#include + +#include +namespace EasySSL { + +/** + * @brief The EasySSLUtils class This is base utils for work with opwnssl library. + */ +class EasySSLUtils { + +public: + + /** + * @brief printlastOpenSSlError This method print last ssl error message. + */ + static void printlastOpenSSlError(); + + /** + * @brief bignumToArray This method convert openssl BIGNUM into byteArray + * @param num This is big num of the openssl library + * @return bytes array. + */ + static QByteArray bignumToArray(const BIGNUM* num); + + /** + * @brief bignumFromArray This method convert Qt bytes array into opensll big num. + * @param array This is input array. + * @return big num pointer. + * @note This result pointer will not free automatically. Please free returned pointer after using. + */ + [[nodiscard("This pointer will not free automatically. Please free returned pointer after using.")]] + static BIGNUM* bignumFromArray(const QByteArray& array); +}; + + + +}; diff --git a/src/lib/src/public/easyssl/ecdsassl11.cpp b/src/lib/src/public/easyssl/ecdsassl11.cpp index 99948dd..e36688d 100644 --- a/src/lib/src/public/easyssl/ecdsassl11.cpp +++ b/src/lib/src/public/easyssl/ecdsassl11.cpp @@ -17,15 +17,10 @@ #include #include #include +#include namespace EasySSL { -void printlastOpenSSlError() { - int error = ERR_get_error(); - char buffer[256]; - ERR_error_string(error, buffer); -} - bool prepareKeyAdnGroupObjects(EC_KEY **eckey, EC_GROUP **ecgroup) { // input data should be valid pointers to pointers of key and group objects. @@ -46,7 +41,7 @@ bool prepareKeyAdnGroupObjects(EC_KEY **eckey, EC_GROUP **ecgroup) { *eckey = EC_KEY_new(); if (!*eckey) { - printlastOpenSSlError(); + EasySSLUtils::printlastOpenSSlError(); free(); return false; } @@ -54,13 +49,13 @@ bool prepareKeyAdnGroupObjects(EC_KEY **eckey, EC_GROUP **ecgroup) { *ecgroup = EC_GROUP_new_by_curve_name(NID_secp256k1); if (!*ecgroup) { - printlastOpenSSlError(); + EasySSLUtils::printlastOpenSSlError(); free(); return false; } if (!EC_KEY_set_group(*eckey, *ecgroup)) { - printlastOpenSSlError(); + EasySSLUtils::printlastOpenSSlError(); free(); return false; } @@ -69,33 +64,11 @@ bool prepareKeyAdnGroupObjects(EC_KEY **eckey, EC_GROUP **ecgroup) { } -ECDSASSL11::ECDSASSL11() { - -} - -QByteArray bignumToArray(const BIGNUM* num) { - int length = BN_bn2mpi(num, nullptr); - QVector data(length); - BN_bn2mpi(num, data.data()); - QByteArray result; - result.insert(0, reinterpret_cast(data.data()), data.length()); - return result; -} - -BIGNUM* bignumFromArray(const QByteArray& array) { - auto d = reinterpret_cast(array.data()); - BIGNUM* result = BN_mpi2bn(d, - array.length(), nullptr); - if (!result) { - printlastOpenSSlError(); - } - - return result; -} +ECDSASSL11::ECDSASSL11() {} QByteArray extractPrivateKey(EC_KEY* ec_key) { const BIGNUM* ec_priv = EC_KEY_get0_private_key(ec_key); - return bignumToArray(ec_priv); + return EasySSLUtils::bignumToArray(ec_priv); } QByteArray extractPublicKey(EC_KEY* key, EC_GROUP* group) { @@ -107,7 +80,7 @@ QByteArray extractPublicKey(EC_KEY* key, EC_GROUP* group) { size_t length = EC_KEY_key2buf(key, form, &pub_key_buffer, nullptr); if (length <= 0) { - printlastOpenSSlError(); + EasySSLUtils::printlastOpenSSlError(); return {}; } @@ -128,7 +101,7 @@ bool ECDSASSL11::makeKeys(QByteArray &pubKey, QByteArray &privKey) const { } if (!EC_KEY_generate_key(eckey)) { - printlastOpenSSlError(); + EasySSLUtils::printlastOpenSSlError(); EC_GROUP_free(ecgroup); EC_KEY_free(eckey); return false; @@ -157,9 +130,9 @@ QByteArray ECDSASSL11::signMessage(const QByteArray &inputData, auto hash = QCryptographicHash::hash(inputData, QCryptographicHash::Sha256); - BIGNUM* priv = bignumFromArray(key); + BIGNUM* priv = EasySSLUtils::bignumFromArray(key); if (!EC_KEY_set_private_key(eckey, priv)) { - printlastOpenSSlError(); + EasySSLUtils::printlastOpenSSlError(); EC_GROUP_free(ecgroup); EC_KEY_free(eckey); return {}; @@ -172,7 +145,7 @@ QByteArray ECDSASSL11::signMessage(const QByteArray &inputData, EC_GROUP_free(ecgroup); if (!signature) { - printlastOpenSSlError(); + EasySSLUtils::printlastOpenSSlError(); return {}; } @@ -182,8 +155,8 @@ QByteArray ECDSASSL11::signMessage(const QByteArray &inputData, QByteArray result; QDataStream stream(&result, QIODevice::WriteOnly); - stream << bignumToArray(R); - stream << bignumToArray(S); + stream << EasySSLUtils::bignumToArray(R); + stream << EasySSLUtils::bignumToArray(S); ECDSA_SIG_free(signature); @@ -203,8 +176,8 @@ bool ECDSASSL11::checkSign(const QByteArray &inputData, QByteArray rR,rS; stream >> rR; stream >> rS; - R = bignumFromArray(rR); - S = bignumFromArray(rS); + R = EasySSLUtils::bignumFromArray(rR); + S = EasySSLUtils::bignumFromArray(rS); ECDSA_SIG *sig = ECDSA_SIG_new(); ECDSA_SIG_set0(sig, R, S); @@ -212,7 +185,6 @@ bool ECDSASSL11::checkSign(const QByteArray &inputData, auto hash = QCryptographicHash::hash(inputData, QCryptographicHash::Sha256); - EC_KEY *eckey= nullptr; EC_GROUP *ecgroup = nullptr; @@ -221,7 +193,6 @@ bool ECDSASSL11::checkSign(const QByteArray &inputData, return {}; } - // extract key from raw array; EC_POINT* ec_point = EC_POINT_new(ecgroup); EC_POINT_oct2point(ecgroup, ec_point, diff --git a/src/lib/src/public/easyssl/rsassl11.cpp b/src/lib/src/public/easyssl/rsassl11.cpp index 71d1876..da3b05e 100644 --- a/src/lib/src/public/easyssl/rsassl11.cpp +++ b/src/lib/src/public/easyssl/rsassl11.cpp @@ -7,6 +7,7 @@ #include "rsassl11.h" +#include "qcryptographichash.h" #include #include #include @@ -81,19 +82,118 @@ ICrypto::Features RSASSL11::supportedFeatures() const { } QByteArray RSASSL11::signMessage(const QByteArray &inputData, const QByteArray &key) const { + QByteArray signature; + BIO* privateKeyBio = BIO_new_mem_buf(key.data(), key.size()); + + RSA* rsaPrivateKey = PEM_read_bio_RSAPrivateKey(privateKeyBio, nullptr, nullptr, nullptr); + BIO_free(privateKeyBio); + + if (!rsaPrivateKey) { + perror("Error reading private key"); + return {}; + } + + auto hash = QCryptographicHash::hash(inputData, + QCryptographicHash::Sha256); + + signature.resize(RSA_size(rsaPrivateKey)); + unsigned int signatureLength = 0; + int result = RSA_sign(NID_sha256, reinterpret_cast(hash.data()), + hash.size(), reinterpret_cast(signature.data()), + &signatureLength, rsaPrivateKey); + RSA_free(rsaPrivateKey); + + if (result != 1) { + perror("Error signing message"); + return {}; + } + + signature.resize(signatureLength); + return signature; } bool RSASSL11::checkSign(const QByteArray &inputData, const QByteArray &signature, const QByteArray &key) const { + BIO* publicKeyBio = BIO_new_mem_buf(key.data(), key.size()); + + RSA* rsaPublicKey = PEM_read_bio_RSA_PUBKEY(publicKeyBio, nullptr, nullptr, nullptr); + BIO_free(publicKeyBio); + + if (!rsaPublicKey) { + perror("Error reading public key"); + return false; + } + + auto hash = QCryptographicHash::hash(inputData, + QCryptographicHash::Sha256); + + int result = RSA_verify(NID_sha256, reinterpret_cast(hash.data()), + hash.size(), reinterpret_cast(signature.data()), + signature.size(), rsaPublicKey); + RSA_free(rsaPublicKey); + + if (result != 1) { + perror("Error verifying signature"); + return false; + } + return true; } QByteArray RSASSL11::decrypt(const QByteArray &message, const QByteArray &key) { + QByteArray decryptedMessage; + + BIO* privateKeyBio = BIO_new_mem_buf(key.data(), key.size()); + + RSA* rsaPrivateKey = PEM_read_bio_RSAPrivateKey(privateKeyBio, nullptr, nullptr, nullptr); + BIO_free(privateKeyBio); + + if (!rsaPrivateKey) { + perror("Error reading private key"); + return {}; + } + + decryptedMessage.resize(RSA_size(rsaPrivateKey)); + int result = RSA_private_decrypt(message.size(), + reinterpret_cast(message.data()), + reinterpret_cast(decryptedMessage.data()), + rsaPrivateKey, RSA_PKCS1_PADDING); + RSA_free(rsaPrivateKey); + + if (result == -1) { + perror("Error decrypting ciphertext"); + return {}; + } + return decryptedMessage; } QByteArray RSASSL11::encrypt(const QByteArray &message, const QByteArray &key) { + QByteArray encryptedMessage; + BIO* publicKeyBio = BIO_new_mem_buf(key.data(), key.size()); + + RSA* rsaPublicKey = PEM_read_bio_RSA_PUBKEY(publicKeyBio, nullptr, nullptr, nullptr); + BIO_free(publicKeyBio); + + if (!rsaPublicKey) { + perror("Error reading public key"); + return {}; + } + + encryptedMessage.resize(RSA_size(rsaPublicKey)); + + int result = RSA_public_encrypt(message.size(), + reinterpret_cast(message.data()), + reinterpret_cast(encryptedMessage.data()), + rsaPublicKey, RSA_PKCS1_PADDING); + RSA_free(rsaPublicKey); + + if (result == -1) { + perror("Error encrypting message"); + return {}; + } + return encryptedMessage; } } From 7ecb765d6edce27de1c87601a5783fd9954aa3b6 Mon Sep 17 00:00:00 2001 From: EndrII Date: Wed, 5 Jul 2023 22:24:41 +0200 Subject: [PATCH 04/25] added signing for RSA wrapper using EVP interface --- src/lib/src/private/easysslutils.cpp | 16 ++ src/lib/src/private/easysslutils.h | 16 ++ src/lib/src/public/easyssl/rsassl30.cpp | 200 +++++++++++++++++++++++- src/lib/src/public/easyssl/rsassl30.h | 29 +++- 4 files changed, 258 insertions(+), 3 deletions(-) diff --git a/src/lib/src/private/easysslutils.cpp b/src/lib/src/private/easysslutils.cpp index 0c9ea28..85bf5db 100644 --- a/src/lib/src/private/easysslutils.cpp +++ b/src/lib/src/private/easysslutils.cpp @@ -40,5 +40,21 @@ BIGNUM *EasySSLUtils::bignumFromArray(const QByteArray &array) { return result; } +QByteArray EasySSLUtils::bioToByteArray(BIO* bio) { + QByteArray byteArray; + + int dataSize = BIO_ctrl_pending(bio); + byteArray.resize(dataSize); + if (BIO_read(bio, byteArray.data(), dataSize) != dataSize) { + return {}; + } + + return byteArray; +} + +BIO* EasySSLUtils::byteArrayToBio(const QByteArray& byteArray) { + BIO* bio = BIO_new_mem_buf(byteArray.constData(), byteArray.length()); + return bio; +} } diff --git a/src/lib/src/private/easysslutils.h b/src/lib/src/private/easysslutils.h index 030b249..651099f 100644 --- a/src/lib/src/private/easysslutils.h +++ b/src/lib/src/private/easysslutils.h @@ -37,6 +37,22 @@ class EasySSLUtils { */ [[nodiscard("This pointer will not free automatically. Please free returned pointer after using.")]] static BIGNUM* bignumFromArray(const QByteArray& array); + + /** + * @brief bioToByteArray This method conver openssl BIO to QByteArry + * @param bio input arrary. + * @return Qt Array + */ + static QByteArray bioToByteArray(BIO *bio); + + /** + * @brief byteArrayToBio This method create BIO struct from the Qt QByteArray object. + * @param byteArray This is input Qt byte array. + * @return pointer tot the BIO. + * @note Do not forget free result pointer. + */ + [[nodiscard("This pointer will not free automatically. Please free returned pointer after using.")]] + static BIO *byteArrayToBio(const QByteArray &byteArray); }; diff --git a/src/lib/src/public/easyssl/rsassl30.cpp b/src/lib/src/public/easyssl/rsassl30.cpp index 06c09f2..c0cecb9 100644 --- a/src/lib/src/public/easyssl/rsassl30.cpp +++ b/src/lib/src/public/easyssl/rsassl30.cpp @@ -1,6 +1,202 @@ +//# +//# Copyright (C) 2021-2023 QuasarApp. +//# Distributed under the GPLv3 software license, see the accompanying +//# Everyone is permitted to copy and distribute verbatim copies +//# of this license document, but changing it is not allowed. +//# + + #include "rsassl30.h" +#include "qcryptographichash.h" +#include +#include +#include +#include +#include + +namespace EasySSL { + +RSASSL30::RSASSL30() { + +} + +bool RSASSL30::makeKeys(QByteArray &pubKey, QByteArray &privKey) const { + + EVP_PKEY *pkey = nullptr; + EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL); + EVP_PKEY_CTX_set_rsa_keygen_bits(pctx, 4096); + + EVP_PKEY_keygen_init(pctx); + EVP_PKEY_generate(pctx, &pkey); + EVP_PKEY_CTX_free(pctx); + + if (!pkey) { + return false; + } + + BIO* bio = BIO_new(BIO_s_mem()); + if (PEM_write_bio_PUBKEY(bio, pkey) != 1) { + EVP_PKEY_free(pkey); + return false; + } + pubKey = EasySSLUtils::bioToByteArray(bio); + + if (PEM_write_bio_PrivateKey(bio, pkey, nullptr, nullptr, 0, nullptr, nullptr) != 1) + { + EVP_PKEY_free(pkey); + return false; + } + + privKey = EasySSLUtils::bioToByteArray(bio); + + return true; + +} + +ICrypto::Features RSASSL30::supportedFeatures() const { + return static_cast(Features::Encription | Features::Signing); +} + +QByteArray RSASSL30::signMessage(const QByteArray &inputData, const QByteArray &key) const { + QByteArray signature; + + auto pkey = EasySSLUtils::byteArrayToBio(key); + auto rsaPrivateKey = PEM_read_bio_PrivateKey(pkey, nullptr, nullptr, nullptr); + BIO_free(pkey); + + if (!rsaPrivateKey) { + perror("Error reading private key"); + return {}; + } + + EVP_MD_CTX* mdctx = EVP_MD_CTX_new(); + if (mdctx == nullptr) { + return {}; + } + + // Initialize the signing operation + if (EVP_DigestSignInit(mdctx, nullptr, EVP_sha256(), nullptr, rsaPrivateKey) != 1) { + EVP_MD_CTX_free(mdctx); + return {}; + } + + auto hash = QCryptographicHash::hash(inputData, + QCryptographicHash::Sha256); + + // Provide the message to be signed + if (EVP_DigestSignUpdate(mdctx, hash.data(), hash.size()) != 1) { + EVP_MD_CTX_free(mdctx); + return {}; + } + + size_t signatureLength = 0; + // Determine the length of the signature + if (EVP_DigestSignFinal(mdctx, nullptr, &signatureLength) != 1) { + EVP_MD_CTX_free(mdctx); + return {}; + } + + signature.resize(signatureLength); -RSASSL30::RSASSL30() -{ + // Perform the final signing operation and obtain the signature + if (EVP_DigestSignFinal(mdctx, reinterpret_cast(signature.data()), &signatureLength) != 1) { + EVP_MD_CTX_free(mdctx); + return {}; + } + + EVP_MD_CTX_free(mdctx); + return signature; +} + +bool RSASSL30::checkSign(const QByteArray &inputData, const QByteArray &signature, const QByteArray &key) const { + EVP_MD_CTX* mdctx = EVP_MD_CTX_new(); + if (mdctx == nullptr) { + return false; + } + + auto pkey = EasySSLUtils::byteArrayToBio(key); + auto rsaPublickKey = PEM_read_bio_PUBKEY(pkey, nullptr, nullptr, nullptr); + BIO_free(pkey); + + // Initialize the verification operation + if (EVP_DigestVerifyInit(mdctx, NULL, EVP_sha256(), NULL, rsaPublickKey) != 1) { + EVP_MD_CTX_free(mdctx); + return false; + } + + auto hash = QCryptographicHash::hash(inputData, + QCryptographicHash::Sha256); + + // Provide the message to be verified + if (EVP_DigestVerifyUpdate(mdctx, hash.data(), hash.size()) != 1) { + EVP_MD_CTX_free(mdctx); + return false; + } + + // Perform the signature verification + int verificationResult = EVP_DigestVerifyFinal(mdctx, + reinterpret_cast(signature.data()), + signature.length()); + + EVP_MD_CTX_free(mdctx); + + return verificationResult == 1; +} + +QByteArray RSASSL30::decrypt(const QByteArray &message, const QByteArray &key) { + QByteArray decryptedMessage; + + BIO* privateKeyBio = BIO_new_mem_buf(key.data(), key.size()); + + RSA* rsaPrivateKey = PEM_read_bio_RSAPrivateKey(privateKeyBio, nullptr, nullptr, nullptr); + BIO_free(privateKeyBio); + + if (!rsaPrivateKey) { + perror("Error reading private key"); + return {}; + } + + decryptedMessage.resize(RSA_size(rsaPrivateKey)); + int result = RSA_private_decrypt(message.size(), + reinterpret_cast(message.data()), + reinterpret_cast(decryptedMessage.data()), + rsaPrivateKey, RSA_PKCS1_PADDING); + RSA_free(rsaPrivateKey); + + if (result == -1) { + perror("Error decrypting ciphertext"); + return {}; + } + + return decryptedMessage; +} + +QByteArray RSASSL30::encrypt(const QByteArray &message, const QByteArray &key) { + QByteArray encryptedMessage; + BIO* publicKeyBio = BIO_new_mem_buf(key.data(), key.size()); + + RSA* rsaPublicKey = PEM_read_bio_RSA_PUBKEY(publicKeyBio, nullptr, nullptr, nullptr); + BIO_free(publicKeyBio); + + if (!rsaPublicKey) { + perror("Error reading public key"); + return {}; + } + + encryptedMessage.resize(RSA_size(rsaPublicKey)); + + int result = RSA_public_encrypt(message.size(), + reinterpret_cast(message.data()), + reinterpret_cast(encryptedMessage.data()), + rsaPublicKey, RSA_PKCS1_PADDING); + RSA_free(rsaPublicKey); + + if (result == -1) { + perror("Error encrypting message"); + return {}; + } + + return encryptedMessage; +} } diff --git a/src/lib/src/public/easyssl/rsassl30.h b/src/lib/src/public/easyssl/rsassl30.h index 18dc732..25ecab0 100644 --- a/src/lib/src/public/easyssl/rsassl30.h +++ b/src/lib/src/public/easyssl/rsassl30.h @@ -1,11 +1,38 @@ #ifndef RSASSL30_H #define RSASSL30_H +#include "global.h" +#include "icrypto.h" -class RSASSL30 +namespace EasySSL { + +/** + * @brief The RSASSL30 class This is wrapper for RSA algorithm of openssl 3.0 libraryry. + */ +class EASYSSL_EXPORT RSASSL30: public EasySSL::ICrypto { public: RSASSL30(); + + bool makeKeys(QByteArray &pubKey, QByteArray &privKey) const override; + Features supportedFeatures() const override; + + + QByteArray signMessage(const QByteArray &inputData, const QByteArray &key) const override; + bool checkSign(const QByteArray &inputData, const QByteArray &signature, const QByteArray &key) const override; + + /** + * @brief decrypt This method has empty implementation. + * @return empty array. + */ + QByteArray decrypt(const QByteArray &message, const QByteArray &key) override; + + /** + * @brief encrypt This method has empty implementation. + * @return empty array. + */ + QByteArray encrypt(const QByteArray &message, const QByteArray &key) override; }; +} #endif // RSASSL30_H From fcbf42153572554d08df98ba5f47fb43acbbd907 Mon Sep 17 00:00:00 2001 From: EndrII Date: Thu, 6 Jul 2023 16:55:41 +0200 Subject: [PATCH 05/25] update rsa (ssl 3.0) --- src/lib/src/public/easyssl/rsassl30.cpp | 96 +++++++++++++++++-------- 1 file changed, 68 insertions(+), 28 deletions(-) diff --git a/src/lib/src/public/easyssl/rsassl30.cpp b/src/lib/src/public/easyssl/rsassl30.cpp index c0cecb9..56148ed 100644 --- a/src/lib/src/public/easyssl/rsassl30.cpp +++ b/src/lib/src/public/easyssl/rsassl30.cpp @@ -144,59 +144,99 @@ bool RSASSL30::checkSign(const QByteArray &inputData, const QByteArray &signatur } QByteArray RSASSL30::decrypt(const QByteArray &message, const QByteArray &key) { - QByteArray decryptedMessage; - BIO* privateKeyBio = BIO_new_mem_buf(key.data(), key.size()); - - RSA* rsaPrivateKey = PEM_read_bio_RSAPrivateKey(privateKeyBio, nullptr, nullptr, nullptr); - BIO_free(privateKeyBio); + auto pkey = EasySSLUtils::byteArrayToBio(key); + auto rsaPrivateKey = PEM_read_bio_PrivateKey(pkey, nullptr, nullptr, nullptr); + BIO_free(pkey); if (!rsaPrivateKey) { perror("Error reading private key"); return {}; } - decryptedMessage.resize(RSA_size(rsaPrivateKey)); - int result = RSA_private_decrypt(message.size(), - reinterpret_cast(message.data()), - reinterpret_cast(decryptedMessage.data()), - rsaPrivateKey, RSA_PKCS1_PADDING); - RSA_free(rsaPrivateKey); + EVP_PKEY_CTX* ctx = EVP_PKEY_CTX_new(rsaPrivateKey, nullptr); + if (ctx == nullptr) { + EVP_PKEY_free(rsaPrivateKey); + return {}; + } + + if (EVP_PKEY_decrypt_init(ctx) <= 0) { + EVP_PKEY_CTX_free(ctx); + EVP_PKEY_free(rsaPrivateKey); + return {}; + } + + if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_OAEP_PADDING) <= 0) { + EVP_PKEY_CTX_free(ctx); + EVP_PKEY_free(rsaPrivateKey); + return {}; + } + + size_t decryptedDataLength = 0; + if (EVP_PKEY_decrypt(ctx, nullptr, &decryptedDataLength, reinterpret_cast(message.constData()), message.length()) <= 0) { + EVP_PKEY_CTX_free(ctx); + EVP_PKEY_free(rsaPrivateKey); + return {}; + } - if (result == -1) { - perror("Error decrypting ciphertext"); + QByteArray decryptedData(decryptedDataLength, 0); + if (EVP_PKEY_decrypt(ctx, reinterpret_cast(decryptedData.data()), &decryptedDataLength, reinterpret_cast(message.constData()), message.length()) <= 0) { + EVP_PKEY_CTX_free(ctx); + EVP_PKEY_free(rsaPrivateKey); return {}; } - return decryptedMessage; + EVP_PKEY_CTX_free(ctx); + EVP_PKEY_free(rsaPrivateKey); + return decryptedData; + } QByteArray RSASSL30::encrypt(const QByteArray &message, const QByteArray &key) { - QByteArray encryptedMessage; - BIO* publicKeyBio = BIO_new_mem_buf(key.data(), key.size()); - - RSA* rsaPublicKey = PEM_read_bio_RSA_PUBKEY(publicKeyBio, nullptr, nullptr, nullptr); - BIO_free(publicKeyBio); + auto pkey = EasySSLUtils::byteArrayToBio(key); + auto rsaPublicKey = PEM_read_bio_PUBKEY(pkey, nullptr, nullptr, nullptr); + BIO_free(pkey); if (!rsaPublicKey) { perror("Error reading public key"); return {}; } - encryptedMessage.resize(RSA_size(rsaPublicKey)); + EVP_PKEY_CTX* ctx = EVP_PKEY_CTX_new(rsaPublicKey, nullptr); + if (ctx == nullptr) { + EVP_PKEY_free(rsaPublicKey); + return {}; + } + + if (EVP_PKEY_encrypt_init(ctx) <= 0) { + EVP_PKEY_CTX_free(ctx); + EVP_PKEY_free(rsaPublicKey); + return {}; + } - int result = RSA_public_encrypt(message.size(), - reinterpret_cast(message.data()), - reinterpret_cast(encryptedMessage.data()), - rsaPublicKey, RSA_PKCS1_PADDING); - RSA_free(rsaPublicKey); + if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_OAEP_PADDING) <= 0) { + EVP_PKEY_CTX_free(ctx); + EVP_PKEY_free(rsaPublicKey); + return {}; + } + + size_t encryptedDataLength = 0; + if (EVP_PKEY_encrypt(ctx, nullptr, &encryptedDataLength, reinterpret_cast(message.constData()), message.length()) <= 0) { + EVP_PKEY_CTX_free(ctx); + EVP_PKEY_free(rsaPublicKey); + return {}; + } - if (result == -1) { - perror("Error encrypting message"); + QByteArray encryptedData(encryptedDataLength, 0); + if (EVP_PKEY_encrypt(ctx, reinterpret_cast(encryptedData.data()), &encryptedDataLength, reinterpret_cast(message.constData()), message.length()) <= 0) { + EVP_PKEY_CTX_free(ctx); + EVP_PKEY_free(rsaPublicKey); return {}; } - return encryptedMessage; + EVP_PKEY_CTX_free(ctx); + EVP_PKEY_free(rsaPublicKey); + return encryptedData; } } From a84929b0695e758b9acbc811d8ad012fc10530b2 Mon Sep 17 00:00:00 2001 From: EndrII Date: Sat, 8 Jul 2023 11:58:18 +0200 Subject: [PATCH 06/25] added support x509 certificates for qt --- CMakeLists.txt | 4 +- src/lib/CMakeLists.txt | 2 +- src/lib/src/private/easysslutils.cpp | 33 ++++++++ src/lib/src/private/easysslutils.h | 15 ++++ src/lib/src/public/easyssl/icertificate.cpp | 23 ++++++ src/lib/src/public/easyssl/icertificate.h | 71 +++++++++++++++++ src/lib/src/public/easyssl/icrypto.cpp | 28 +++++++ src/lib/src/public/easyssl/icrypto.h | 16 +++- src/lib/src/public/easyssl/rsassl30.cpp | 26 +------ src/lib/src/public/easyssl/rsassl30.h | 11 ++- src/lib/src/public/easyssl/x509.cpp | 84 ++++++++++++++++++++- src/lib/src/public/easyssl/x509.h | 24 +++++- 12 files changed, 304 insertions(+), 33 deletions(-) create mode 100644 src/lib/src/public/easyssl/icertificate.cpp create mode 100644 src/lib/src/public/easyssl/icertificate.h create mode 100644 src/lib/src/public/easyssl/icrypto.cpp diff --git a/CMakeLists.txt b/CMakeLists.txt index c3fe32e..906c1ec 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -25,9 +25,9 @@ if (ANDROID) endif() if (NOT QT_VERSION_MAJOR) - find_package(QT NAMES Qt6 Qt5 COMPONENTS Core Test REQUIRED) + find_package(QT NAMES Qt6 Qt5 COMPONENTS Core Network Test REQUIRED) endif() -find_package(Qt${QT_VERSION_MAJOR} COMPONENTS Core Test REQUIRED) +find_package(Qt${QT_VERSION_MAJOR} COMPONENTS Core Network Test REQUIRED) include(submodules/CMake/QuasarApp.cmake) diff --git a/src/lib/CMakeLists.txt b/src/lib/CMakeLists.txt index 9aca4a0..a4911da 100644 --- a/src/lib/CMakeLists.txt +++ b/src/lib/CMakeLists.txt @@ -33,7 +33,7 @@ set(PRIVATE_INCUDE_DIR "${CMAKE_CURRENT_SOURCE_DIR}/src/private") add_library(${CURRENT_PROJECT} ${SOURCE_CPP} ${SOURCE_QRC}) -target_link_libraries(${CURRENT_PROJECT} PUBLIC Qt${QT_VERSION_MAJOR}::Core ) +target_link_libraries(${CURRENT_PROJECT} PUBLIC Qt${QT_VERSION_MAJOR}::Network Qt${QT_VERSION_MAJOR}::Core ) if (EASYSSL_STATIC_SSL) diff --git a/src/lib/src/private/easysslutils.cpp b/src/lib/src/private/easysslutils.cpp index 85bf5db..31f6b89 100644 --- a/src/lib/src/private/easysslutils.cpp +++ b/src/lib/src/private/easysslutils.cpp @@ -8,6 +8,7 @@ #include "easysslutils.h" #include #include +#include #include #include @@ -57,4 +58,36 @@ BIO* EasySSLUtils::byteArrayToBio(const QByteArray& byteArray) { return bio; } +QByteArray EasySSLUtils::extractPublcKey(EVP_PKEY *ssl_keys) { + if (!ssl_keys) + return {}; + + BIO* bio = BIO_new(BIO_s_mem()); + if (PEM_write_bio_PUBKEY(bio, ssl_keys) != 1) { + BIO_free(bio); + return {}; + } + + QByteArray pubKey = bioToByteArray(bio); + BIO_free(bio); + + return pubKey; +} + +QByteArray EasySSLUtils::extractPrivateKey(EVP_PKEY *ssl_keys) { + if (!ssl_keys) + return {}; + + BIO* bio = BIO_new(BIO_s_mem()); + if (PEM_write_bio_PrivateKey(bio, ssl_keys, nullptr, nullptr, 0, nullptr, nullptr) != 1) { + BIO_free(bio); + return {}; + } + + QByteArray pKey = bioToByteArray(bio); + BIO_free(bio); + + return pKey; +} + } diff --git a/src/lib/src/private/easysslutils.h b/src/lib/src/private/easysslutils.h index 651099f..aea9adc 100644 --- a/src/lib/src/private/easysslutils.h +++ b/src/lib/src/private/easysslutils.h @@ -53,6 +53,21 @@ class EasySSLUtils { */ [[nodiscard("This pointer will not free automatically. Please free returned pointer after using.")]] static BIO *byteArrayToBio(const QByteArray &byteArray); + + /** + * @brief extractPublcKey This method extracts publick key from the ssl (pem) structure. + * @param ssl_keys This is ssl keys objects. + * @return bytes array of the extracted key. + */ + static QByteArray extractPublcKey(EVP_PKEY* ssl_keys); + + /** + * @brief extractPrivateKey This method extracts private key from the ssl (pem) structure. + * @param ssl_keys This is ssl keys objects. + * @return bytes array of the extracted key. + */ + static QByteArray extractPrivateKey(EVP_PKEY* ssl_keys); + }; diff --git a/src/lib/src/public/easyssl/icertificate.cpp b/src/lib/src/public/easyssl/icertificate.cpp new file mode 100644 index 0000000..ec10073 --- /dev/null +++ b/src/lib/src/public/easyssl/icertificate.cpp @@ -0,0 +1,23 @@ +/* + * Copyright (C) 2021-2023 QuasarApp. + * Distributed under the GPLv3 software license, see the accompanying + * Everyone is permitted to copy and distribute verbatim copies + * of this license document, but changing it is not allowed. +*/ + + + +#include "icertificate.h" + + +namespace EasySSL { + +ICertificate::ICertificate(const QSharedPointer &generator) { + _keyGenerator = generator; +} + +const QSharedPointer &ICertificate::keyGenerator() const { + return _keyGenerator; +} + +} diff --git a/src/lib/src/public/easyssl/icertificate.h b/src/lib/src/public/easyssl/icertificate.h new file mode 100644 index 0000000..f8c663a --- /dev/null +++ b/src/lib/src/public/easyssl/icertificate.h @@ -0,0 +1,71 @@ +/* + * Copyright (C) 2021-2023 QuasarApp. + * Distributed under the GPLv3 software license, see the accompanying + * Everyone is permitted to copy and distribute verbatim copies + * of this license document, but changing it is not allowed. +*/ + +#ifndef ICERTIFICATE_H +#define ICERTIFICATE_H + +#include +#include +#include "easyssl/icrypto.h" +#include "global.h" +#include + +namespace EasySSL { + +/** + * @brief The SslSrtData struct This structure contains base information for generate self signed ssl certefication. + */ +struct SslSrtData { + QString country = "BY"; + QString organization = "QuasarApp"; + QString commonName = ""; + long long endTime = 31536000L; //1 year +}; + +/** + * @brief The SelfSignedSertificate struct contains qt certificate object and private key of them. + */ +struct EASYSSL_EXPORT SelfSignedSertificate { + SelfSignedSertificate(){} + SelfSignedSertificate(const SelfSignedSertificate & other) { + crt = other.crt; + key = other.key; + }; + QSslCertificate crt; + QSslKey key; +}; + +/** + * @brief The ICertificate class is base interface for all certificate generators classes. + * + */ +class EASYSSL_EXPORT ICertificate +{ +public: + + ICertificate(const QSharedPointer& generator); + + /** + * @brief create This method create a self signed certificate. + * @param certificateData This input extra data of certificate. + * @return certificate data with private key. + */ + virtual SelfSignedSertificate create(const SslSrtData& certificateData) const = 0; + +protected: + /** + * @brief generator This method return private key generator. + * @return private key generator. + */ + const QSharedPointer& keyGenerator() const; + +private: + QSharedPointer _keyGenerator; +}; + +} +#endif // ICERTIFICATE_H diff --git a/src/lib/src/public/easyssl/icrypto.cpp b/src/lib/src/public/easyssl/icrypto.cpp new file mode 100644 index 0000000..9ce0f49 --- /dev/null +++ b/src/lib/src/public/easyssl/icrypto.cpp @@ -0,0 +1,28 @@ +/* + * Copyright (C) 2021-2023 QuasarApp. + * Distributed under the GPLv3 software license, see the accompanying + * Everyone is permitted to copy and distribute verbatim copies + * of this license document, but changing it is not allowed. +*/ + +#include "icrypto.h" + +#include +#include +#include + +namespace EasySSL { + +bool EasySSL::ICrypto::makeKeys(QByteArray &pubKey, QByteArray &privKey) const +{ + EVP_PKEY *keys = makeRawKeys(); + if (!keys) + return false; + + pubKey = EasySSLUtils::extractPublcKey(keys); + privKey = EasySSLUtils::extractPrivateKey(keys); + return true; +} + + +} diff --git a/src/lib/src/public/easyssl/icrypto.h b/src/lib/src/public/easyssl/icrypto.h index 4a5938b..42c7a68 100644 --- a/src/lib/src/public/easyssl/icrypto.h +++ b/src/lib/src/public/easyssl/icrypto.h @@ -10,7 +10,9 @@ #define I_CRYPTO_H #include "global.h" +#include "qssl.h" #include +#include namespace EasySSL { @@ -38,7 +40,19 @@ class EASYSSL_EXPORT ICrypto * @param privKey This is result private key. * @return true if keys generated successful. */ - virtual bool makeKeys(QByteArray &pubKey, QByteArray &privKey) const = 0; + bool makeKeys(QByteArray &pubKey, QByteArray &privKey) const; + + /** + * @brief makeKeys This method generate the public and private keys of the ECDSA. + * @return pointer to generated keys. + */ + virtual EVP_PKEY * makeRawKeys() const = 0; + + /** + * @brief keyAlgorithm This method should be return Qt Key algorithm (needed for generate cetrificates.) + * @return + */ + virtual QSsl::KeyAlgorithm keyAlgorithm() const = 0; /** * @brief supportedFeatures This method should return supported featurs of the current encription alhorithm diff --git a/src/lib/src/public/easyssl/rsassl30.cpp b/src/lib/src/public/easyssl/rsassl30.cpp index 56148ed..01b4fed 100644 --- a/src/lib/src/public/easyssl/rsassl30.cpp +++ b/src/lib/src/public/easyssl/rsassl30.cpp @@ -20,37 +20,17 @@ RSASSL30::RSASSL30() { } -bool RSASSL30::makeKeys(QByteArray &pubKey, QByteArray &privKey) const { +EVP_PKEY * RSASSL30::makeRawKeys() const { EVP_PKEY *pkey = nullptr; - EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL); + EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_from_name(nullptr, "RSA", nullptr); EVP_PKEY_CTX_set_rsa_keygen_bits(pctx, 4096); EVP_PKEY_keygen_init(pctx); EVP_PKEY_generate(pctx, &pkey); EVP_PKEY_CTX_free(pctx); - if (!pkey) { - return false; - } - - BIO* bio = BIO_new(BIO_s_mem()); - if (PEM_write_bio_PUBKEY(bio, pkey) != 1) { - EVP_PKEY_free(pkey); - return false; - } - pubKey = EasySSLUtils::bioToByteArray(bio); - - if (PEM_write_bio_PrivateKey(bio, pkey, nullptr, nullptr, 0, nullptr, nullptr) != 1) - { - EVP_PKEY_free(pkey); - return false; - } - - privKey = EasySSLUtils::bioToByteArray(bio); - - return true; - + return pkey; } ICrypto::Features RSASSL30::supportedFeatures() const { diff --git a/src/lib/src/public/easyssl/rsassl30.h b/src/lib/src/public/easyssl/rsassl30.h index 25ecab0..951f2a1 100644 --- a/src/lib/src/public/easyssl/rsassl30.h +++ b/src/lib/src/public/easyssl/rsassl30.h @@ -1,3 +1,11 @@ +//# +//# Copyright (C) 2021-2023 QuasarApp. +//# Distributed under the GPLv3 software license, see the accompanying +//# Everyone is permitted to copy and distribute verbatim copies +//# of this license document, but changing it is not allowed. +//# + + #ifndef RSASSL30_H #define RSASSL30_H @@ -14,10 +22,9 @@ class EASYSSL_EXPORT RSASSL30: public EasySSL::ICrypto public: RSASSL30(); - bool makeKeys(QByteArray &pubKey, QByteArray &privKey) const override; + EVP_PKEY *makeRawKeys() const override; Features supportedFeatures() const override; - QByteArray signMessage(const QByteArray &inputData, const QByteArray &key) const override; bool checkSign(const QByteArray &inputData, const QByteArray &signature, const QByteArray &key) const override; diff --git a/src/lib/src/public/easyssl/x509.cpp b/src/lib/src/public/easyssl/x509.cpp index a184a17..fb2db39 100644 --- a/src/lib/src/public/easyssl/x509.cpp +++ b/src/lib/src/public/easyssl/x509.cpp @@ -1,6 +1,86 @@ +//# +//# Copyright (C) 2021-2023 QuasarApp. +//# Distributed under the GPLv3 software license, see the accompanying +//# Everyone is permitted to copy and distribute verbatim copies +//# of this license document, but changing it is not allowed. +//# + #include "x509.h" +#include +#include +#include +#include +namespace EasySSL { + +X509::X509(const QSharedPointer& generator): ICertificate(generator) { + +} + +SelfSignedSertificate X509::create(const SslSrtData &certificateData) const { + SelfSignedSertificate result; + if (!(keyGenerator()->supportedFeatures() & ICrypto::Features::Signing)) { + return {}; + } + + EVP_PKEY *pkey = keyGenerator()->makeRawKeys(); + + ::X509 * x509 = nullptr; + X509_NAME * name = nullptr; + + x509 = X509_new(); + q_check_ptr(x509); + ASN1_INTEGER_set(X509_get_serialNumber(x509), 1); + X509_gmtime_adj(X509_get_notBefore(x509), 0); // not before current time + X509_gmtime_adj(X509_get_notAfter(x509), certificateData.endTime); // not after a year from this point + X509_set_pubkey(x509, pkey); + name = X509_get_subject_name(x509); + q_check_ptr(name); + + unsigned char *C = reinterpret_cast(certificateData.country.toLatin1().data()); + X509_NAME_add_entry_by_txt(name, "C", MBSTRING_ASC, C, -1, -1, 0); -X509::X509() -{ + unsigned char *O = reinterpret_cast(certificateData.organization.toLatin1().data()); + X509_NAME_add_entry_by_txt(name, "O", MBSTRING_ASC, O, -1, -1, 0); + + unsigned char *CN = reinterpret_cast(certificateData.commonName.toLatin1().data()); + X509_NAME_add_entry_by_txt(name, "CN", MBSTRING_ASC, CN, -1, -1, 0); + + X509_set_issuer_name(x509, name); + X509_sign(x509, pkey, EVP_sha256()); + + result.key = QSslKey(EasySSLUtils::extractPrivateKey(pkey), keyGenerator()->keyAlgorithm()); + if(result.key.isNull()) { + EVP_PKEY_free(pkey); + X509_free(x509); + BIO_free_all(bp_public); + BIO_free_all(bp_private); + qCritical("Failed to generate a random private key"); + return {}; + } + EVP_PKEY_free(pkey); + BIO_free_all(bp_private); + + BIO * bp_public = BIO_new(BIO_s_mem()); + q_check_ptr(bp_public); + if(PEM_write_bio_X509(bp_public, x509) != 1){ + X509_free(x509); + BIO_free_all(bp_public); + qCritical("PEM_write_bio_PrivateKey"); + return {}; + } + + result.crt = QSslCertificate(EasySSLUtils::bioToByteArray(bp_public)); + if(result.crt.isNull()) { + X509_free(x509); + BIO_free_all(bp_public); + qCritical("Failed to generate a random client certificate"); + return {}; + } + + X509_free(x509); + BIO_free_all(bp_public); + + return result; +} } diff --git a/src/lib/src/public/easyssl/x509.h b/src/lib/src/public/easyssl/x509.h index 11fad76..737df3c 100644 --- a/src/lib/src/public/easyssl/x509.h +++ b/src/lib/src/public/easyssl/x509.h @@ -1,11 +1,31 @@ +//# +//# Copyright (C) 2021-2023 QuasarApp. +//# Distributed under the GPLv3 software license, see the accompanying +//# Everyone is permitted to copy and distribute verbatim copies +//# of this license document, but changing it is not allowed. +//# + #ifndef X509_H #define X509_H +#include "global.h" +#include "icertificate.h" +#include "icrypto.h" + +namespace EasySSL { -class X509 +/** + * @brief The X509 class This is wrapper of the ssl objects. + */ +class EASYSSL_EXPORT X509: public ICertificate { public: - X509(); + X509(const QSharedPointer& generator); + + // ICertificate interface +public: + SelfSignedSertificate create(const SslSrtData& certificateData) const override; }; +} #endif // X509_H From 1ab0cc87bffcdcc0af577df0be4fb37ac3049793 Mon Sep 17 00:00:00 2001 From: EndrII Date: Thu, 13 Jul 2023 23:41:51 +0200 Subject: [PATCH 07/25] drop support not EVP interfaces --- src/lib/src/private/easysslutils.cpp | 4 +- src/lib/src/public/easyssl/authecdsa.h | 4 +- src/lib/src/public/easyssl/ecdsassl.cpp | 154 ++++++++++++ .../easyssl/{ecdsassl11.h => ecdsassl.h} | 11 +- src/lib/src/public/easyssl/ecdsassl11.cpp | 223 ------------------ .../easyssl/{rsassl30.cpp => rsassl.cpp} | 96 +++++--- .../public/easyssl/{rsassl30.h => rsassl.h} | 6 +- src/lib/src/public/easyssl/rsassl11.cpp | 199 ---------------- src/lib/src/public/easyssl/rsassl11.h | 45 ---- src/lib/src/public/easyssl/x509.cpp | 3 - tests/tstMain.cpp | 6 +- tests/units/cryptotest.h | 23 +- tests/units/test.cpp | 1 - 13 files changed, 250 insertions(+), 525 deletions(-) create mode 100644 src/lib/src/public/easyssl/ecdsassl.cpp rename src/lib/src/public/easyssl/{ecdsassl11.h => ecdsassl.h} (85%) delete mode 100644 src/lib/src/public/easyssl/ecdsassl11.cpp rename src/lib/src/public/easyssl/{rsassl30.cpp => rsassl.cpp} (63%) rename src/lib/src/public/easyssl/{rsassl30.h => rsassl.h} (90%) delete mode 100644 src/lib/src/public/easyssl/rsassl11.cpp delete mode 100644 src/lib/src/public/easyssl/rsassl11.h diff --git a/src/lib/src/private/easysslutils.cpp b/src/lib/src/private/easysslutils.cpp index 31f6b89..f5a4d1e 100644 --- a/src/lib/src/private/easysslutils.cpp +++ b/src/lib/src/private/easysslutils.cpp @@ -16,9 +16,7 @@ namespace EasySSL { void EasySSLUtils::printlastOpenSSlError() { - int error = ERR_get_error(); - char buffer[256]; - ERR_error_string(error, buffer); + ERR_print_errors_fp(stderr); } QByteArray EasySSLUtils::bignumToArray(const BIGNUM *num) { diff --git a/src/lib/src/public/easyssl/authecdsa.h b/src/lib/src/public/easyssl/authecdsa.h index 43093ed..120805d 100644 --- a/src/lib/src/public/easyssl/authecdsa.h +++ b/src/lib/src/public/easyssl/authecdsa.h @@ -9,7 +9,7 @@ #ifndef AUTHECDSA_H #define AUTHECDSA_H -#include "ecdsassl11.h" +#include "ecdsassl.h" #include "asynckeysauth.h" namespace EasySSL { @@ -17,7 +17,7 @@ namespace EasySSL { /** * @brief The AuthECDSA class is ecdsa implementation of the Async authentication. This implementation based on Openssl library. */ -typedef AsyncKeysAuth AuthECDSA; +typedef AsyncKeysAuth AuthECDSA; } diff --git a/src/lib/src/public/easyssl/ecdsassl.cpp b/src/lib/src/public/easyssl/ecdsassl.cpp new file mode 100644 index 0000000..618ed8d --- /dev/null +++ b/src/lib/src/public/easyssl/ecdsassl.cpp @@ -0,0 +1,154 @@ +//# +//# Copyright (C) 2021-2023 QuasarApp. +//# Distributed under the GPLv3 software license, see the accompanying +//# Everyone is permitted to copy and distribute verbatim copies +//# of this license document, but changing it is not allowed. +//# + + +#include "ecdsassl.h" + +#include // for ECDSA_do_sign, ECDSA_do_verify +#include // for NID_secp192k1 +#include +#include + +#include +#include +#include +#include +#include +#include +#include + +namespace EasySSL { + + +ECDSASSL::ECDSASSL() {} + +EVP_PKEY * ECDSASSL::makeRawKeys() const { + + EVP_PKEY *pkey = nullptr; + EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_from_name(nullptr, "EC", nullptr); + if (!pctx) { + qCritical() << "Error reading public key"; + return nullptr; + } + + EVP_PKEY_keygen_init(pctx); + EVP_PKEY_generate(pctx, &pkey); + EVP_PKEY_CTX_free(pctx); + + return pkey; +} + +ICrypto::Features ECDSASSL::supportedFeatures() const { + return Features::Signing; +} + +QSsl::KeyAlgorithm ECDSASSL::keyAlgorithm() const { + return QSsl::KeyAlgorithm::Ec; +} + +QByteArray ECDSASSL::signMessage(const QByteArray &inputData, + const QByteArray &key) const { + + QByteArray signature; + + auto pkey = EasySSLUtils::byteArrayToBio(key); + auto ecPrivateKey = PEM_read_bio_PrivateKey(pkey, nullptr, nullptr, nullptr); + BIO_free(pkey); + + if (!ecPrivateKey) { + qCritical() << "Error reading private key"; + return {}; + } + + EVP_MD_CTX* mdctx = EVP_MD_CTX_new(); + if (mdctx == nullptr) { + return {}; + } + + // Initialize the signing operation + if (EVP_DigestSignInit(mdctx, nullptr, EVP_sha256(), nullptr, ecPrivateKey) != 1) { + EVP_MD_CTX_free(mdctx); + return {}; + } + + auto hash = QCryptographicHash::hash(inputData, + QCryptographicHash::Sha256); + + // Provide the message to be signed + if (EVP_DigestSignUpdate(mdctx, hash.data(), hash.size()) != 1) { + EVP_MD_CTX_free(mdctx); + return {}; + } + + size_t signatureLength = 0; + // Determine the length of the signature + if (EVP_DigestSignFinal(mdctx, nullptr, &signatureLength) != 1) { + EVP_MD_CTX_free(mdctx); + return {}; + } + + signature.resize(signatureLength); + + // Perform the final signing operation and obtain the signature + if (EVP_DigestSignFinal(mdctx, reinterpret_cast(signature.data()), &signatureLength) != 1) { + EVP_MD_CTX_free(mdctx); + return {}; + } + + EVP_MD_CTX_free(mdctx); + return signature; +} + +bool ECDSASSL::checkSign(const QByteArray &inputData, + const QByteArray &signature, + const QByteArray &key) const { + + + EVP_MD_CTX* mdctx = EVP_MD_CTX_new(); + if (mdctx == nullptr) { + return false; + } + + auto pkey = EasySSLUtils::byteArrayToBio(key); + auto rsaPublickKey = PEM_read_bio_PUBKEY(pkey, nullptr, nullptr, nullptr); + BIO_free(pkey); + + // Initialize the verification operation + if (EVP_DigestVerifyInit(mdctx, NULL, EVP_sha256(), NULL, rsaPublickKey) != 1) { + EVP_MD_CTX_free(mdctx); + return false; + } + + auto hash = QCryptographicHash::hash(inputData, + QCryptographicHash::Sha256); + + // Provide the message to be verified + if (EVP_DigestVerifyUpdate(mdctx, hash.data(), hash.size()) != 1) { + EVP_MD_CTX_free(mdctx); + return false; + } + + // Perform the signature verification + int verificationResult = EVP_DigestVerifyFinal(mdctx, + reinterpret_cast(signature.data()), + signature.length()); + + EVP_MD_CTX_free(mdctx); + + return verificationResult == 1; + +} + +QByteArray ECDSASSL::decrypt(const QByteArray &, const QByteArray &) { + return {}; +} + +QByteArray ECDSASSL::encrypt(const QByteArray &, const QByteArray &) { + return {}; +} + +} diff --git a/src/lib/src/public/easyssl/ecdsassl11.h b/src/lib/src/public/easyssl/ecdsassl.h similarity index 85% rename from src/lib/src/public/easyssl/ecdsassl11.h rename to src/lib/src/public/easyssl/ecdsassl.h index 2e526dd..8e16ab0 100644 --- a/src/lib/src/public/easyssl/ecdsassl11.h +++ b/src/lib/src/public/easyssl/ecdsassl.h @@ -16,16 +16,15 @@ namespace EasySSL { /** * @brief The ECDSASSL11 class is ecdsa implementation of the Async authentication. This implementation based on Openssl library. - * @note This class compatibility only with ssl 1.1 */ -class EASYSSL_EXPORT ECDSASSL11: public EasySSL::ICrypto +class EASYSSL_EXPORT ECDSASSL: public EasySSL::ICrypto { public: - ECDSASSL11(); - bool makeKeys(QByteArray &pubKey, QByteArray &privKey) const override; + ECDSASSL(); + EVP_PKEY * makeRawKeys() const override; Features supportedFeatures() const override; - + QSsl::KeyAlgorithm keyAlgorithm() const override; QByteArray signMessage(const QByteArray &inputData, const QByteArray &key) const override; bool checkSign(const QByteArray &inputData, const QByteArray &signature, const QByteArray &key) const override; @@ -42,7 +41,7 @@ class EASYSSL_EXPORT ECDSASSL11: public EasySSL::ICrypto */ QByteArray encrypt(const QByteArray &message, const QByteArray &key) override; - }; +}; } diff --git a/src/lib/src/public/easyssl/ecdsassl11.cpp b/src/lib/src/public/easyssl/ecdsassl11.cpp deleted file mode 100644 index e36688d..0000000 --- a/src/lib/src/public/easyssl/ecdsassl11.cpp +++ /dev/null @@ -1,223 +0,0 @@ -//# -//# Copyright (C) 2021-2023 QuasarApp. -//# Distributed under the GPLv3 software license, see the accompanying -//# Everyone is permitted to copy and distribute verbatim copies -//# of this license document, but changing it is not allowed. -//# - - -#include "ecdsassl11.h" - -#include // for ECDSA_do_sign, ECDSA_do_verify -#include // for NID_secp192k1 -#include -#include - -#include -#include -#include -#include -#include - -namespace EasySSL { - -bool prepareKeyAdnGroupObjects(EC_KEY **eckey, EC_GROUP **ecgroup) { - - // input data should be valid pointers to pointers of key and group objects. - if (!(eckey && ecgroup)) - return false; - - // input pointers should be nullptr; - if ((*eckey) || (*ecgroup)) - return false; - - auto free = [eckey, ecgroup] () { - if (*ecgroup) - EC_GROUP_free(*ecgroup); - - if (*eckey) - EC_KEY_free(*eckey); - }; - - *eckey = EC_KEY_new(); - if (!*eckey) { - EasySSLUtils::printlastOpenSSlError(); - free(); - return false; - } - - *ecgroup = EC_GROUP_new_by_curve_name(NID_secp256k1); - - if (!*ecgroup) { - EasySSLUtils::printlastOpenSSlError(); - free(); - return false; - } - - if (!EC_KEY_set_group(*eckey, *ecgroup)) { - EasySSLUtils::printlastOpenSSlError(); - free(); - return false; - } - - return true; -} - - -ECDSASSL11::ECDSASSL11() {} - -QByteArray extractPrivateKey(EC_KEY* ec_key) { - const BIGNUM* ec_priv = EC_KEY_get0_private_key(ec_key); - return EasySSLUtils::bignumToArray(ec_priv); -} - -QByteArray extractPublicKey(EC_KEY* key, EC_GROUP* group) { - - QByteArray data; - point_conversion_form_t form = EC_GROUP_get_point_conversion_form(group); - - unsigned char* pub_key_buffer; - size_t length = EC_KEY_key2buf(key, form, &pub_key_buffer, nullptr); - - if (length <= 0) { - EasySSLUtils::printlastOpenSSlError(); - return {}; - } - - data.insert(0, reinterpret_cast(pub_key_buffer), length); - - OPENSSL_free(pub_key_buffer); - - return data; -} - -bool ECDSASSL11::makeKeys(QByteArray &pubKey, QByteArray &privKey) const { - - EC_KEY *eckey= nullptr; - EC_GROUP *ecgroup = nullptr; - - if (!prepareKeyAdnGroupObjects(&eckey, &ecgroup)) { - return false; - } - - if (!EC_KEY_generate_key(eckey)) { - EasySSLUtils::printlastOpenSSlError(); - EC_GROUP_free(ecgroup); - EC_KEY_free(eckey); - return false; - } - - pubKey = extractPublicKey(eckey, ecgroup); - privKey = extractPrivateKey(eckey); - - return pubKey.length() && privKey.length(); -} - -ICrypto::Features ECDSASSL11::supportedFeatures() const { - return Features::Signing; -} - -QByteArray ECDSASSL11::signMessage(const QByteArray &inputData, - const QByteArray &key) const { - - EC_KEY *eckey= nullptr; - EC_GROUP *ecgroup = nullptr; - - if (!prepareKeyAdnGroupObjects(&eckey, &ecgroup)) { - return {}; - } - - auto hash = QCryptographicHash::hash(inputData, - QCryptographicHash::Sha256); - - BIGNUM* priv = EasySSLUtils::bignumFromArray(key); - if (!EC_KEY_set_private_key(eckey, priv)) { - EasySSLUtils::printlastOpenSSlError(); - EC_GROUP_free(ecgroup); - EC_KEY_free(eckey); - return {}; - }; - - ECDSA_SIG *signature = ECDSA_do_sign(reinterpret_cast(hash.data()), - hash.length(), eckey); - BN_free(priv); - EC_KEY_free(eckey); - EC_GROUP_free(ecgroup); - - if (!signature) { - EasySSLUtils::printlastOpenSSlError(); - return {}; - } - - const BIGNUM * R, *S; - ECDSA_SIG_get0(signature, &R, &S); - - QByteArray result; - QDataStream stream(&result, QIODevice::WriteOnly); - - stream << EasySSLUtils::bignumToArray(R); - stream << EasySSLUtils::bignumToArray(S); - - ECDSA_SIG_free(signature); - - return result; -} - -bool ECDSASSL11::checkSign(const QByteArray &inputData, - const QByteArray &signature, - const QByteArray &key) const { - - - // extract signature from raw array - - BIGNUM * R, *S; - QDataStream stream(signature); - - QByteArray rR,rS; - stream >> rR; - stream >> rS; - R = EasySSLUtils::bignumFromArray(rR); - S = EasySSLUtils::bignumFromArray(rS); - - ECDSA_SIG *sig = ECDSA_SIG_new(); - ECDSA_SIG_set0(sig, R, S); - - auto hash = QCryptographicHash::hash(inputData, - QCryptographicHash::Sha256); - - EC_KEY *eckey= nullptr; - EC_GROUP *ecgroup = nullptr; - - if (!prepareKeyAdnGroupObjects(&eckey, &ecgroup)) { - ECDSA_SIG_free(sig); - return {}; - } - - // extract key from raw array; - EC_POINT* ec_point = EC_POINT_new(ecgroup); - EC_POINT_oct2point(ecgroup, ec_point, - reinterpret_cast(key.data()), - key.length(), nullptr); - - EC_KEY_set_public_key(eckey, ec_point); - - - int verify_status = ECDSA_do_verify(reinterpret_cast(hash.data()), - hash.length(), sig, eckey); - - ECDSA_SIG_free(sig); - EC_POINT_free(ec_point); - - return verify_status == 1; - -} - -QByteArray ECDSASSL11::decrypt(const QByteArray &, const QByteArray &) { - return {}; -} - -QByteArray ECDSASSL11::encrypt(const QByteArray &, const QByteArray &) { - return {}; -} - -} diff --git a/src/lib/src/public/easyssl/rsassl30.cpp b/src/lib/src/public/easyssl/rsassl.cpp similarity index 63% rename from src/lib/src/public/easyssl/rsassl30.cpp rename to src/lib/src/public/easyssl/rsassl.cpp index 01b4fed..62b0721 100644 --- a/src/lib/src/public/easyssl/rsassl30.cpp +++ b/src/lib/src/public/easyssl/rsassl.cpp @@ -6,21 +6,22 @@ //# -#include "rsassl30.h" +#include "rsassl.h" #include "qcryptographichash.h" #include #include #include #include #include +#include namespace EasySSL { -RSASSL30::RSASSL30() { +RSASSL::RSASSL() { } -EVP_PKEY * RSASSL30::makeRawKeys() const { +EVP_PKEY * RSASSL::makeRawKeys() const { EVP_PKEY *pkey = nullptr; EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_from_name(nullptr, "RSA", nullptr); @@ -33,11 +34,15 @@ EVP_PKEY * RSASSL30::makeRawKeys() const { return pkey; } -ICrypto::Features RSASSL30::supportedFeatures() const { +ICrypto::Features RSASSL::supportedFeatures() const { return static_cast(Features::Encription | Features::Signing); } -QByteArray RSASSL30::signMessage(const QByteArray &inputData, const QByteArray &key) const { +QSsl::KeyAlgorithm RSASSL::keyAlgorithm() const { + return QSsl::KeyAlgorithm::Rsa; +} + +QByteArray RSASSL::signMessage(const QByteArray &inputData, const QByteArray &key) const { QByteArray signature; auto pkey = EasySSLUtils::byteArrayToBio(key); @@ -45,7 +50,7 @@ QByteArray RSASSL30::signMessage(const QByteArray &inputData, const QByteArray & BIO_free(pkey); if (!rsaPrivateKey) { - perror("Error reading private key"); + qCritical() << "Error reading private key"; return {}; } @@ -88,7 +93,7 @@ QByteArray RSASSL30::signMessage(const QByteArray &inputData, const QByteArray & return signature; } -bool RSASSL30::checkSign(const QByteArray &inputData, const QByteArray &signature, const QByteArray &key) const { +bool RSASSL::checkSign(const QByteArray &inputData, const QByteArray &signature, const QByteArray &key) const { EVP_MD_CTX* mdctx = EVP_MD_CTX_new(); if (mdctx == nullptr) { return false; @@ -123,17 +128,26 @@ bool RSASSL30::checkSign(const QByteArray &inputData, const QByteArray &signatur return verificationResult == 1; } -QByteArray RSASSL30::decrypt(const QByteArray &message, const QByteArray &key) { +QByteArray RSASSL::decrypt(const QByteArray &message, const QByteArray &key) { auto pkey = EasySSLUtils::byteArrayToBio(key); auto rsaPrivateKey = PEM_read_bio_PrivateKey(pkey, nullptr, nullptr, nullptr); BIO_free(pkey); if (!rsaPrivateKey) { - perror("Error reading private key"); + qCritical() << "Error reading private key"; return {}; } + const long long maxDencryptedSize = EVP_PKEY_size(rsaPrivateKey); + if (message.length() % maxDencryptedSize) { + qCritical() << "Error wrong encripted data size."; + qCritical() << "Your key requir size multiple " << maxDencryptedSize; + + return {}; + } + + EVP_PKEY_CTX* ctx = EVP_PKEY_CTX_new(rsaPrivateKey, nullptr); if (ctx == nullptr) { EVP_PKEY_free(rsaPrivateKey); @@ -152,18 +166,25 @@ QByteArray RSASSL30::decrypt(const QByteArray &message, const QByteArray &key) { return {}; } - size_t decryptedDataLength = 0; - if (EVP_PKEY_decrypt(ctx, nullptr, &decryptedDataLength, reinterpret_cast(message.constData()), message.length()) <= 0) { - EVP_PKEY_CTX_free(ctx); - EVP_PKEY_free(rsaPrivateKey); - return {}; - } + QByteArray decryptedData; - QByteArray decryptedData(decryptedDataLength, 0); - if (EVP_PKEY_decrypt(ctx, reinterpret_cast(decryptedData.data()), &decryptedDataLength, reinterpret_cast(message.constData()), message.length()) <= 0) { - EVP_PKEY_CTX_free(ctx); - EVP_PKEY_free(rsaPrivateKey); - return {}; + for (int index = 0; index < message.size(); index += maxDencryptedSize) { + + QByteArray decryptedDataPart(maxDencryptedSize, 0); + size_t realDecryptedDataPartSize = 0; + if (EVP_PKEY_decrypt(ctx, + reinterpret_cast(decryptedDataPart.data()), + &realDecryptedDataPartSize, + reinterpret_cast(&(message.constData()[index])), + maxDencryptedSize) <= 0) { + + EasySSLUtils::printlastOpenSSlError(); + EVP_PKEY_CTX_free(ctx); + EVP_PKEY_free(rsaPrivateKey); + return {}; + } + + decryptedData += decryptedDataPart.left(realDecryptedDataPartSize); } EVP_PKEY_CTX_free(ctx); @@ -172,13 +193,13 @@ QByteArray RSASSL30::decrypt(const QByteArray &message, const QByteArray &key) { } -QByteArray RSASSL30::encrypt(const QByteArray &message, const QByteArray &key) { +QByteArray RSASSL::encrypt(const QByteArray &message, const QByteArray &key) { auto pkey = EasySSLUtils::byteArrayToBio(key); auto rsaPublicKey = PEM_read_bio_PUBKEY(pkey, nullptr, nullptr, nullptr); BIO_free(pkey); if (!rsaPublicKey) { - perror("Error reading public key"); + qCritical() << "Error reading public key"; return {}; } @@ -200,18 +221,27 @@ QByteArray RSASSL30::encrypt(const QByteArray &message, const QByteArray &key) { return {}; } - size_t encryptedDataLength = 0; - if (EVP_PKEY_encrypt(ctx, nullptr, &encryptedDataLength, reinterpret_cast(message.constData()), message.length()) <= 0) { - EVP_PKEY_CTX_free(ctx); - EVP_PKEY_free(rsaPublicKey); - return {}; - } + const long long maxEncryptedSize = EVP_PKEY_size(rsaPublicKey); + QByteArray encryptedData; - QByteArray encryptedData(encryptedDataLength, 0); - if (EVP_PKEY_encrypt(ctx, reinterpret_cast(encryptedData.data()), &encryptedDataLength, reinterpret_cast(message.constData()), message.length()) <= 0) { - EVP_PKEY_CTX_free(ctx); - EVP_PKEY_free(rsaPublicKey); - return {}; + for (int index = 0; index < message.size();) { + + QByteArray encryptedDataPart(maxEncryptedSize, 0); + size_t realEncryptedDataPartSize = 0; + int currentPartSize = std::min(message.length() - index, maxEncryptedSize); + if (EVP_PKEY_encrypt(ctx, + reinterpret_cast(encryptedDataPart.data()), + &realEncryptedDataPartSize, + reinterpret_cast(&(message.constData()[index])), + currentPartSize) <= 0) { + + EVP_PKEY_CTX_free(ctx); + EVP_PKEY_free(rsaPublicKey); + return {}; + } + + encryptedData += encryptedDataPart.left(realEncryptedDataPartSize); + index += currentPartSize; } EVP_PKEY_CTX_free(ctx); diff --git a/src/lib/src/public/easyssl/rsassl30.h b/src/lib/src/public/easyssl/rsassl.h similarity index 90% rename from src/lib/src/public/easyssl/rsassl30.h rename to src/lib/src/public/easyssl/rsassl.h index 951f2a1..33a3bfb 100644 --- a/src/lib/src/public/easyssl/rsassl30.h +++ b/src/lib/src/public/easyssl/rsassl.h @@ -17,13 +17,14 @@ namespace EasySSL { /** * @brief The RSASSL30 class This is wrapper for RSA algorithm of openssl 3.0 libraryry. */ -class EASYSSL_EXPORT RSASSL30: public EasySSL::ICrypto +class EASYSSL_EXPORT RSASSL: public EasySSL::ICrypto { public: - RSASSL30(); + RSASSL(); EVP_PKEY *makeRawKeys() const override; Features supportedFeatures() const override; + QSsl::KeyAlgorithm keyAlgorithm() const override; QByteArray signMessage(const QByteArray &inputData, const QByteArray &key) const override; bool checkSign(const QByteArray &inputData, const QByteArray &signature, const QByteArray &key) const override; @@ -39,6 +40,7 @@ class EASYSSL_EXPORT RSASSL30: public EasySSL::ICrypto * @return empty array. */ QByteArray encrypt(const QByteArray &message, const QByteArray &key) override; + }; } diff --git a/src/lib/src/public/easyssl/rsassl11.cpp b/src/lib/src/public/easyssl/rsassl11.cpp deleted file mode 100644 index da3b05e..0000000 --- a/src/lib/src/public/easyssl/rsassl11.cpp +++ /dev/null @@ -1,199 +0,0 @@ -//# -//# Copyright (C) 2021-2023 QuasarApp. -//# Distributed under the GPLv3 software license, see the accompanying -//# Everyone is permitted to copy and distribute verbatim copies -//# of this license document, but changing it is not allowed. -//# - - -#include "rsassl11.h" -#include "qcryptographichash.h" -#include -#include -#include -#include - -namespace EasySSL { - -RSASSL11::RSASSL11() { - -} - -bool RSASSL11::makeKeys(QByteArray &pubKey, QByteArray &privKey) const { - EVP_PKEY *pkey = EVP_PKEY_new(); - - if (!pkey) { - return false; - } - - BIGNUM * bn = BN_new(); - - int rc = BN_set_word(bn, RSA_F4); - - if (rc != 1) { - BN_free(bn); - EVP_PKEY_free(pkey); - return false; - } - - RSA * rsa = RSA_new(); - - auto failed = [bn, rsa, pkey] () { - BN_free(bn); - RSA_free(rsa); - EVP_PKEY_free(pkey); - return false; - }; - - if (!RSA_generate_key_ex(rsa, 4196, bn, nullptr)) { - return failed(); - } - - q_check_ptr(rsa); - if (EVP_PKEY_assign_RSA(pkey, rsa) <= 0) { - return failed(); - } - - BIO *mem; - mem = BIO_new_mem_buf(pkey, -1); //pkey is of type char* - - auto key = PEM_read_bio_PrivateKey(mem, NULL, NULL, 0); - - - BIO *private_key_bio = BIO_new(BIO_s_mem()); - PEM_write_bio_RSAPrivateKey(private_key_bio, rsa, NULL, NULL, 0, NULL, NULL); - char *private_key_data; - long private_key_size = BIO_get_mem_data(private_key_bio, &private_key_data); - privKey = QByteArray(private_key_data, private_key_size); - BIO_free(private_key_bio); - - BIO *public_key_bio = BIO_new(BIO_s_mem()); - PEM_write_bio_RSAPublicKey(public_key_bio, rsa); - char *public_key_data; - long public_key_size = BIO_get_mem_data(public_key_bio, &public_key_data); - pubKey = QByteArray(public_key_data, public_key_size); - BIO_free(public_key_bio); - - return true; -} - -ICrypto::Features RSASSL11::supportedFeatures() const { - return static_cast(Features::Encription | Features::Signing); -} - -QByteArray RSASSL11::signMessage(const QByteArray &inputData, const QByteArray &key) const { - QByteArray signature; - - BIO* privateKeyBio = BIO_new_mem_buf(key.data(), key.size()); - - RSA* rsaPrivateKey = PEM_read_bio_RSAPrivateKey(privateKeyBio, nullptr, nullptr, nullptr); - BIO_free(privateKeyBio); - - if (!rsaPrivateKey) { - perror("Error reading private key"); - return {}; - } - - auto hash = QCryptographicHash::hash(inputData, - QCryptographicHash::Sha256); - - signature.resize(RSA_size(rsaPrivateKey)); - unsigned int signatureLength = 0; - int result = RSA_sign(NID_sha256, reinterpret_cast(hash.data()), - hash.size(), reinterpret_cast(signature.data()), - &signatureLength, rsaPrivateKey); - RSA_free(rsaPrivateKey); - - if (result != 1) { - perror("Error signing message"); - return {}; - } - - signature.resize(signatureLength); - return signature; -} - -bool RSASSL11::checkSign(const QByteArray &inputData, const QByteArray &signature, const QByteArray &key) const { - BIO* publicKeyBio = BIO_new_mem_buf(key.data(), key.size()); - - RSA* rsaPublicKey = PEM_read_bio_RSA_PUBKEY(publicKeyBio, nullptr, nullptr, nullptr); - BIO_free(publicKeyBio); - - if (!rsaPublicKey) { - perror("Error reading public key"); - return false; - } - - auto hash = QCryptographicHash::hash(inputData, - QCryptographicHash::Sha256); - - int result = RSA_verify(NID_sha256, reinterpret_cast(hash.data()), - hash.size(), reinterpret_cast(signature.data()), - signature.size(), rsaPublicKey); - RSA_free(rsaPublicKey); - - if (result != 1) { - perror("Error verifying signature"); - return false; - } - - return true; -} - -QByteArray RSASSL11::decrypt(const QByteArray &message, const QByteArray &key) { - QByteArray decryptedMessage; - - BIO* privateKeyBio = BIO_new_mem_buf(key.data(), key.size()); - - RSA* rsaPrivateKey = PEM_read_bio_RSAPrivateKey(privateKeyBio, nullptr, nullptr, nullptr); - BIO_free(privateKeyBio); - - if (!rsaPrivateKey) { - perror("Error reading private key"); - return {}; - } - - decryptedMessage.resize(RSA_size(rsaPrivateKey)); - int result = RSA_private_decrypt(message.size(), - reinterpret_cast(message.data()), - reinterpret_cast(decryptedMessage.data()), - rsaPrivateKey, RSA_PKCS1_PADDING); - RSA_free(rsaPrivateKey); - - if (result == -1) { - perror("Error decrypting ciphertext"); - return {}; - } - - return decryptedMessage; -} - -QByteArray RSASSL11::encrypt(const QByteArray &message, const QByteArray &key) { - QByteArray encryptedMessage; - BIO* publicKeyBio = BIO_new_mem_buf(key.data(), key.size()); - - RSA* rsaPublicKey = PEM_read_bio_RSA_PUBKEY(publicKeyBio, nullptr, nullptr, nullptr); - BIO_free(publicKeyBio); - - if (!rsaPublicKey) { - perror("Error reading public key"); - return {}; - } - - encryptedMessage.resize(RSA_size(rsaPublicKey)); - - int result = RSA_public_encrypt(message.size(), - reinterpret_cast(message.data()), - reinterpret_cast(encryptedMessage.data()), - rsaPublicKey, RSA_PKCS1_PADDING); - RSA_free(rsaPublicKey); - - if (result == -1) { - perror("Error encrypting message"); - return {}; - } - - return encryptedMessage; -} - -} diff --git a/src/lib/src/public/easyssl/rsassl11.h b/src/lib/src/public/easyssl/rsassl11.h deleted file mode 100644 index 9f5bb73..0000000 --- a/src/lib/src/public/easyssl/rsassl11.h +++ /dev/null @@ -1,45 +0,0 @@ -//# -//# Copyright (C) 2021-2023 QuasarApp. -//# Distributed under the GPLv3 software license, see the accompanying -//# Everyone is permitted to copy and distribute verbatim copies -//# of this license document, but changing it is not allowed. -//# - - -#ifndef RSASSL11_H -#define RSASSL11_H - -#include "global.h" -#include "icrypto.h" - -namespace EasySSL { - -/** - * @brief The RSASSL11 class This is wrapper of the openssl 1.1 implementation of the RSA alghorithm - */ -class EASYSSL_EXPORT RSASSL11: public EasySSL::ICrypto -{ -public: - RSASSL11(); - - bool makeKeys(QByteArray &pubKey, QByteArray &privKey) const override; - Features supportedFeatures() const override; - - - QByteArray signMessage(const QByteArray &inputData, const QByteArray &key) const override; - bool checkSign(const QByteArray &inputData, const QByteArray &signature, const QByteArray &key) const override; - - /** - * @brief decrypt This method has empty implementation. - * @return empty array. - */ - QByteArray decrypt(const QByteArray &message, const QByteArray &key) override; - - /** - * @brief encrypt This method has empty implementation. - * @return empty array. - */ - QByteArray encrypt(const QByteArray &message, const QByteArray &key) override; -}; -} -#endif // RSASSL11_H diff --git a/src/lib/src/public/easyssl/x509.cpp b/src/lib/src/public/easyssl/x509.cpp index fb2db39..3b629e0 100644 --- a/src/lib/src/public/easyssl/x509.cpp +++ b/src/lib/src/public/easyssl/x509.cpp @@ -52,13 +52,10 @@ SelfSignedSertificate X509::create(const SslSrtData &certificateData) const { if(result.key.isNull()) { EVP_PKEY_free(pkey); X509_free(x509); - BIO_free_all(bp_public); - BIO_free_all(bp_private); qCritical("Failed to generate a random private key"); return {}; } EVP_PKEY_free(pkey); - BIO_free_all(bp_private); BIO * bp_public = BIO_new(BIO_s_mem()); q_check_ptr(bp_public); diff --git a/tests/tstMain.cpp b/tests/tstMain.cpp index fff8538..d96354f 100644 --- a/tests/tstMain.cpp +++ b/tests/tstMain.cpp @@ -8,7 +8,8 @@ #include #include "cryptotest.h" #include "authtest.h" -#include +#include "easyssl/rsassl.h" +#include // Use This macros for initialize your own test classes. // Check exampletests @@ -35,7 +36,8 @@ private slots: // BEGIN TESTS CASES TestCase(authTest, AuthTest) - TestCase(cryptoTest, CryptoTest) + TestCase(cryptoTestESDSA, CryptoTest) + TestCase(cryptoTestRSA, CryptoTest) // END TEST CASES diff --git a/tests/units/cryptotest.h b/tests/units/cryptotest.h index 2f811c1..1e26e13 100644 --- a/tests/units/cryptotest.h +++ b/tests/units/cryptotest.h @@ -20,6 +20,18 @@ class CryptoTest: public Test, protected TestUtils public: void test() override { + // test short messges + testImpl("Test"); + + //test long messages + + const int Mb = 1024 * 1024 * 1024; //1 mb + testImpl(QByteArray(Mb, 'c')); + + } ; + + + void testImpl(const QByteArray& message) const { // create a publick and private keys array. QByteArray pub, priv; TestClass crypto; @@ -29,19 +41,18 @@ class CryptoTest: public Test, protected TestUtils QVERIFY2(priv.size(), "Private key should be generated successfull"); if (crypto.supportedFeatures() & EasySSL::ICrypto::Features::Signing) { - auto siganture = crypto.signMessage("Test", priv); + auto siganture = crypto.signMessage(message, priv); QVERIFY2(siganture.size(), "Siganture of the message should not be empty"); - QVERIFY2(crypto.checkSign("Test", siganture, pub), "failed to check message"); + QVERIFY2(crypto.checkSign(message, siganture, pub), "failed to check message"); } if (crypto.supportedFeatures() & EasySSL::ICrypto::Features::Encription) { - auto encriptedMsg = crypto.encrypt("Test", pub); + auto encriptedMsg = crypto.encrypt(message, pub); QVERIFY2(encriptedMsg.size(), "Encripted message should not be empty"); auto decryptedMsg = crypto.decrypt(encriptedMsg, priv); - QVERIFY2(decryptedMsg == "Test", "Failed to check message after decryption"); + QVERIFY2(decryptedMsg == message, "Failed to check message after decryption"); } - - } ; + } }; #endif // CRYPTO_TEST_H diff --git a/tests/units/test.cpp b/tests/units/test.cpp index ea1c3c3..f7b9320 100644 --- a/tests/units/test.cpp +++ b/tests/units/test.cpp @@ -6,4 +6,3 @@ //# -#include "test.h" From 73ed5b9b821ca39b9d2974e953ac5c7b6a572c87 Mon Sep 17 00:00:00 2001 From: EndrII Date: Fri, 14 Jul 2023 16:33:48 +0200 Subject: [PATCH 08/25] fix RSA --- src/lib/src/public/easyssl/rsassl.cpp | 57 ++++++++++++++++++++++---- src/lib/src/public/easyssl/rsassl.h | 58 ++++++++++++++++++++++++++- tests/units/cryptotest.h | 2 +- 3 files changed, 107 insertions(+), 10 deletions(-) diff --git a/src/lib/src/public/easyssl/rsassl.cpp b/src/lib/src/public/easyssl/rsassl.cpp index 62b0721..62a1a90 100644 --- a/src/lib/src/public/easyssl/rsassl.cpp +++ b/src/lib/src/public/easyssl/rsassl.cpp @@ -17,17 +17,20 @@ namespace EasySSL { -RSASSL::RSASSL() { - +RSASSL::RSASSL(RSAPadding padding) { + setPadding(padding); } EVP_PKEY * RSASSL::makeRawKeys() const { EVP_PKEY *pkey = nullptr; EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_from_name(nullptr, "RSA", nullptr); - EVP_PKEY_CTX_set_rsa_keygen_bits(pctx, 4096); - EVP_PKEY_keygen_init(pctx); + + if (EVP_PKEY_CTX_set_rsa_keygen_bits(pctx, _bits) <= 0) { + EasySSLUtils::printlastOpenSSlError(); + }; + EVP_PKEY_generate(pctx, &pkey); EVP_PKEY_CTX_free(pctx); @@ -160,7 +163,7 @@ QByteArray RSASSL::decrypt(const QByteArray &message, const QByteArray &key) { return {}; } - if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_OAEP_PADDING) <= 0) { + if (EVP_PKEY_CTX_set_rsa_padding(ctx, getRawOpenSSLPandingValue(_padding)) <= 0) { EVP_PKEY_CTX_free(ctx); EVP_PKEY_free(rsaPrivateKey); return {}; @@ -171,7 +174,7 @@ QByteArray RSASSL::decrypt(const QByteArray &message, const QByteArray &key) { for (int index = 0; index < message.size(); index += maxDencryptedSize) { QByteArray decryptedDataPart(maxDencryptedSize, 0); - size_t realDecryptedDataPartSize = 0; + size_t realDecryptedDataPartSize = maxDencryptedSize; // must be equals or large of private key size. if (EVP_PKEY_decrypt(ctx, reinterpret_cast(decryptedDataPart.data()), &realDecryptedDataPartSize, @@ -215,7 +218,7 @@ QByteArray RSASSL::encrypt(const QByteArray &message, const QByteArray &key) { return {}; } - if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_OAEP_PADDING) <= 0) { + if (EVP_PKEY_CTX_set_rsa_padding(ctx, getRawOpenSSLPandingValue(_padding)) <= 0) { EVP_PKEY_CTX_free(ctx); EVP_PKEY_free(rsaPublicKey); return {}; @@ -228,13 +231,14 @@ QByteArray RSASSL::encrypt(const QByteArray &message, const QByteArray &key) { QByteArray encryptedDataPart(maxEncryptedSize, 0); size_t realEncryptedDataPartSize = 0; - int currentPartSize = std::min(message.length() - index, maxEncryptedSize); + int currentPartSize = std::min(message.length() - index, maxEncryptedSize - getPandingSize(_padding)) ; if (EVP_PKEY_encrypt(ctx, reinterpret_cast(encryptedDataPart.data()), &realEncryptedDataPartSize, reinterpret_cast(&(message.constData()[index])), currentPartSize) <= 0) { + EasySSLUtils::printlastOpenSSlError(); EVP_PKEY_CTX_free(ctx); EVP_PKEY_free(rsaPublicKey); return {}; @@ -249,4 +253,41 @@ QByteArray RSASSL::encrypt(const QByteArray &message, const QByteArray &key) { return encryptedData; } +RSASSL::RSAPadding RSASSL::padding() const { + return _padding; +} + +void RSASSL::setPadding(RSAPadding newPadding) { + _padding = newPadding; +} + +int RSASSL::getRawOpenSSLPandingValue(RSAPadding panding) { + switch (panding) { + case NO_PADDING: return RSA_NO_PADDING; + case PKCS1_OAEP_PADDING: return RSA_PKCS1_OAEP_PADDING; + case PKCS1_PADDING: return RSA_PKCS1_PADDING; + + default: + return 0; + } +} + +int RSASSL::getPandingSize(RSAPadding panding) { + switch (panding) { + case PKCS1_OAEP_PADDING: return 42; + case PKCS1_PADDING: return 11; + + default: + return 0; + } +} + +RSASSL::RSABits RSASSL::bits() const { + return _bits; +} + +void RSASSL::setBits(RSABits newBits) { + _bits = newBits; +} + } diff --git a/src/lib/src/public/easyssl/rsassl.h b/src/lib/src/public/easyssl/rsassl.h index 33a3bfb..b3bb440 100644 --- a/src/lib/src/public/easyssl/rsassl.h +++ b/src/lib/src/public/easyssl/rsassl.h @@ -19,8 +19,32 @@ namespace EasySSL { */ class EASYSSL_EXPORT RSASSL: public EasySSL::ICrypto { + /** + * @brief The RsaPadding enum + * @see https://www.openssl.org/docs/man1.1.1/man3/RSA_public_encrypt.html + */ + enum RSAPadding { + + /// Raw RSA encryption. This mode should only be used to implement cryptographically sound padding modes in the application code. Encrypting user data directly with RSA is insecure. + NO_PADDING, + + /// EME-OAEP as defined in PKCS #1 v2.0 with SHA-1, MGF1 and an empty encoding parameter. This mode is recommended for all new applications. + PKCS1_OAEP_PADDING, + + ///PKCS #1 v1.5 padding. This currently is the most widely used mode. However, it is highly recommended to use RSA_PKCS1_OAEP_PADDING in new applications. SEE WARNING BELOW. + PKCS1_PADDING, + }; + + enum RSABits { + RSA_Base = 1024, + RSA_2048 = 2 * RSA_Base, + RSA_3072 = 3 * RSA_Base, + RSA_4096 = 4 * RSA_Base, + + }; + public: - RSASSL(); + RSASSL(RSAPadding padding = PKCS1_OAEP_PADDING); EVP_PKEY *makeRawKeys() const override; Features supportedFeatures() const override; @@ -41,6 +65,38 @@ class EASYSSL_EXPORT RSASSL: public EasySSL::ICrypto */ QByteArray encrypt(const QByteArray &message, const QByteArray &key) override; + /** + * @brief padding This is mode of pending data before icnription. + * @return encription pending mode. + */ + RSAPadding padding() const; + + /** + * @brief setPadding This method sets new mode for encription pendong. + * @param newPadding This is new new mode. + * @note You must change padding mode for both side (encryption and decryption) + */ + void setPadding(RSAPadding newPadding); + + /** + * @brief bits return cuurrent rsa keys size mode. Using oly for generate keys. + * @return size of the rsa keys. + */ + RSABits bits() const; + + /** + * @brief setBits sets new value of the rsa key generator. + * @param newBits this is new value of the key size of rsa. + */ + void setBits(RSABits newBits); + +private: + int getRawOpenSSLPandingValue(RSAPadding panding); + int getPandingSize(RSAPadding panding); + + RSAPadding _padding = PKCS1_OAEP_PADDING; + RSABits _bits = RSABits::RSA_3072; + }; } diff --git a/tests/units/cryptotest.h b/tests/units/cryptotest.h index 1e26e13..56e166f 100644 --- a/tests/units/cryptotest.h +++ b/tests/units/cryptotest.h @@ -25,7 +25,7 @@ class CryptoTest: public Test, protected TestUtils //test long messages - const int Mb = 1024 * 1024 * 1024; //1 mb + const int Mb = 1024 * 1024; //1 mb testImpl(QByteArray(Mb, 'c')); } ; From b0d1dd5a949d1ea07ce54753c7b2d3186fc522e5 Mon Sep 17 00:00:00 2001 From: EndrII Date: Sun, 16 Jul 2023 11:56:11 +0200 Subject: [PATCH 09/25] fix generate keys (ecdsa) --- src/lib/src/public/easyssl/ecdsassl.cpp | 51 ++++++++++++++++++++++++- src/lib/src/public/easyssl/ecdsassl.h | 33 +++++++++++++++- src/lib/src/public/easyssl/rsassl.cpp | 19 ++++++++- 3 files changed, 98 insertions(+), 5 deletions(-) diff --git a/src/lib/src/public/easyssl/ecdsassl.cpp b/src/lib/src/public/easyssl/ecdsassl.cpp index 618ed8d..8a59bfe 100644 --- a/src/lib/src/public/easyssl/ecdsassl.cpp +++ b/src/lib/src/public/easyssl/ecdsassl.cpp @@ -20,25 +20,39 @@ #include #include #include +#include namespace EasySSL { -ECDSASSL::ECDSASSL() {} +ECDSASSL::ECDSASSL(EllipticCurveStandart curveStandart) { + setCurve(curveStandart); +} EVP_PKEY * ECDSASSL::makeRawKeys() const { EVP_PKEY *pkey = nullptr; EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_from_name(nullptr, "EC", nullptr); if (!pctx) { - qCritical() << "Error reading public key"; + EasySSLUtils::printlastOpenSSlError(); return nullptr; } EVP_PKEY_keygen_init(pctx); + OSSL_PARAM params[2]; + params[0] = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME, + const_cast(getCStr(_curve)), + 0); + params[1] = OSSL_PARAM_construct_end(); + EVP_PKEY_CTX_set_params(pctx, params); + EVP_PKEY_generate(pctx, &pkey); EVP_PKEY_CTX_free(pctx); + if (!pkey) { + EasySSLUtils::printlastOpenSSlError(); + return nullptr; + } return pkey; } @@ -61,6 +75,7 @@ QByteArray ECDSASSL::signMessage(const QByteArray &inputData, if (!ecPrivateKey) { qCritical() << "Error reading private key"; + EasySSLUtils::printlastOpenSSlError(); return {}; } @@ -71,6 +86,8 @@ QByteArray ECDSASSL::signMessage(const QByteArray &inputData, // Initialize the signing operation if (EVP_DigestSignInit(mdctx, nullptr, EVP_sha256(), nullptr, ecPrivateKey) != 1) { + EasySSLUtils::printlastOpenSSlError(); + EVP_MD_CTX_free(mdctx); return {}; } @@ -80,6 +97,8 @@ QByteArray ECDSASSL::signMessage(const QByteArray &inputData, // Provide the message to be signed if (EVP_DigestSignUpdate(mdctx, hash.data(), hash.size()) != 1) { + EasySSLUtils::printlastOpenSSlError(); + EVP_MD_CTX_free(mdctx); return {}; } @@ -87,6 +106,8 @@ QByteArray ECDSASSL::signMessage(const QByteArray &inputData, size_t signatureLength = 0; // Determine the length of the signature if (EVP_DigestSignFinal(mdctx, nullptr, &signatureLength) != 1) { + EasySSLUtils::printlastOpenSSlError(); + EVP_MD_CTX_free(mdctx); return {}; } @@ -95,6 +116,8 @@ QByteArray ECDSASSL::signMessage(const QByteArray &inputData, // Perform the final signing operation and obtain the signature if (EVP_DigestSignFinal(mdctx, reinterpret_cast(signature.data()), &signatureLength) != 1) { + EasySSLUtils::printlastOpenSSlError(); + EVP_MD_CTX_free(mdctx); return {}; } @@ -119,6 +142,8 @@ bool ECDSASSL::checkSign(const QByteArray &inputData, // Initialize the verification operation if (EVP_DigestVerifyInit(mdctx, NULL, EVP_sha256(), NULL, rsaPublickKey) != 1) { + EasySSLUtils::printlastOpenSSlError(); + EVP_MD_CTX_free(mdctx); return false; } @@ -128,6 +153,8 @@ bool ECDSASSL::checkSign(const QByteArray &inputData, // Provide the message to be verified if (EVP_DigestVerifyUpdate(mdctx, hash.data(), hash.size()) != 1) { + EasySSLUtils::printlastOpenSSlError(); + EVP_MD_CTX_free(mdctx); return false; } @@ -151,4 +178,24 @@ QByteArray ECDSASSL::encrypt(const QByteArray &, const QByteArray &) { return {}; } +ECDSASSL::EllipticCurveStandart ECDSASSL::curve() const { + return _curve; +} + +void ECDSASSL::setCurve(EllipticCurveStandart newCurve) { + _curve = newCurve; +} + +const char *ECDSASSL::getCStr(EllipticCurveStandart value) const { + switch (value) { + case P_256: return "P-256"; + case P_384: return "P-384"; + case P_521: return "P-521"; + case X448: return "X448"; + case X25519: return "X25519"; + + default: return nullptr; + } +} + } diff --git a/src/lib/src/public/easyssl/ecdsassl.h b/src/lib/src/public/easyssl/ecdsassl.h index 8e16ab0..dbb580b 100644 --- a/src/lib/src/public/easyssl/ecdsassl.h +++ b/src/lib/src/public/easyssl/ecdsassl.h @@ -19,9 +19,24 @@ namespace EasySSL { */ class EASYSSL_EXPORT ECDSASSL: public EasySSL::ICrypto { + /** + * @brief The EllipticCurveStandart enum List of supported Elliptic Curve Standarts + */ + enum EllipticCurveStandart { + /// Private key (point on Elliptic Curve ) based on 256 bit prime number + P_256, + /// Private key (point on Elliptic Curve ) based on 384 bit prime number + P_384, + /// Private key (point on Elliptic Curve ) based on 521 bit prime number + P_521, + /// based on elliptic curve potentially offering 224 bits of security and designed for use with the elliptic-curve Diffie–Hellman (ECDH) key agreement scheme + X448, + /// base on an elliptic curve used in elliptic-curve cryptography (ECC) offering 128 bits of security (256-bit key size) and designed for use with the elliptic curve Diffie–Hellman (ECDH) key agreement scheme. It is one of the fastest curves in ECC, and is not covered by any known patents. + X25519 + }; public: - ECDSASSL(); + ECDSASSL(EllipticCurveStandart curveStandart = EllipticCurveStandart::P_256); EVP_PKEY * makeRawKeys() const override; Features supportedFeatures() const override; QSsl::KeyAlgorithm keyAlgorithm() const override; @@ -41,6 +56,22 @@ class EASYSSL_EXPORT ECDSASSL: public EasySSL::ICrypto */ QByteArray encrypt(const QByteArray &message, const QByteArray &key) override; + /** + * @brief curve This method return current curve method. using only for generate new pair keys. + * @return current cursve type. + * @see EllipticCurveStandart + */ + EllipticCurveStandart curve() const; + + /** + * @brief setCurve This method sets new curve standart value. + * @param newCurve this is new value of curve standart. + */ + void setCurve(EllipticCurveStandart newCurve); + +private: + const char *getCStr(EllipticCurveStandart value) const; + EllipticCurveStandart _curve = EllipticCurveStandart::P_256; }; } diff --git a/src/lib/src/public/easyssl/rsassl.cpp b/src/lib/src/public/easyssl/rsassl.cpp index 62a1a90..83e497f 100644 --- a/src/lib/src/public/easyssl/rsassl.cpp +++ b/src/lib/src/public/easyssl/rsassl.cpp @@ -54,6 +54,7 @@ QByteArray RSASSL::signMessage(const QByteArray &inputData, const QByteArray &ke if (!rsaPrivateKey) { qCritical() << "Error reading private key"; + EasySSLUtils::printlastOpenSSlError(); return {}; } @@ -64,6 +65,7 @@ QByteArray RSASSL::signMessage(const QByteArray &inputData, const QByteArray &ke // Initialize the signing operation if (EVP_DigestSignInit(mdctx, nullptr, EVP_sha256(), nullptr, rsaPrivateKey) != 1) { + EasySSLUtils::printlastOpenSSlError(); EVP_MD_CTX_free(mdctx); return {}; } @@ -73,6 +75,7 @@ QByteArray RSASSL::signMessage(const QByteArray &inputData, const QByteArray &ke // Provide the message to be signed if (EVP_DigestSignUpdate(mdctx, hash.data(), hash.size()) != 1) { + EasySSLUtils::printlastOpenSSlError(); EVP_MD_CTX_free(mdctx); return {}; } @@ -80,6 +83,7 @@ QByteArray RSASSL::signMessage(const QByteArray &inputData, const QByteArray &ke size_t signatureLength = 0; // Determine the length of the signature if (EVP_DigestSignFinal(mdctx, nullptr, &signatureLength) != 1) { + EasySSLUtils::printlastOpenSSlError(); EVP_MD_CTX_free(mdctx); return {}; } @@ -88,6 +92,7 @@ QByteArray RSASSL::signMessage(const QByteArray &inputData, const QByteArray &ke // Perform the final signing operation and obtain the signature if (EVP_DigestSignFinal(mdctx, reinterpret_cast(signature.data()), &signatureLength) != 1) { + EasySSLUtils::printlastOpenSSlError(); EVP_MD_CTX_free(mdctx); return {}; } @@ -108,6 +113,7 @@ bool RSASSL::checkSign(const QByteArray &inputData, const QByteArray &signature, // Initialize the verification operation if (EVP_DigestVerifyInit(mdctx, NULL, EVP_sha256(), NULL, rsaPublickKey) != 1) { + EasySSLUtils::printlastOpenSSlError(); EVP_MD_CTX_free(mdctx); return false; } @@ -117,6 +123,7 @@ bool RSASSL::checkSign(const QByteArray &inputData, const QByteArray &signature, // Provide the message to be verified if (EVP_DigestVerifyUpdate(mdctx, hash.data(), hash.size()) != 1) { + EasySSLUtils::printlastOpenSSlError(); EVP_MD_CTX_free(mdctx); return false; } @@ -137,8 +144,9 @@ QByteArray RSASSL::decrypt(const QByteArray &message, const QByteArray &key) { auto rsaPrivateKey = PEM_read_bio_PrivateKey(pkey, nullptr, nullptr, nullptr); BIO_free(pkey); - if (!rsaPrivateKey) { + if (!rsaPrivateKey) { qCritical() << "Error reading private key"; + EasySSLUtils::printlastOpenSSlError(); return {}; } @@ -158,12 +166,15 @@ QByteArray RSASSL::decrypt(const QByteArray &message, const QByteArray &key) { } if (EVP_PKEY_decrypt_init(ctx) <= 0) { + EasySSLUtils::printlastOpenSSlError(); + EVP_PKEY_CTX_free(ctx); - EVP_PKEY_free(rsaPrivateKey); + EVP_PKEY_free(rsaPrivateKey); return {}; } if (EVP_PKEY_CTX_set_rsa_padding(ctx, getRawOpenSSLPandingValue(_padding)) <= 0) { + EasySSLUtils::printlastOpenSSlError(); EVP_PKEY_CTX_free(ctx); EVP_PKEY_free(rsaPrivateKey); return {}; @@ -203,22 +214,26 @@ QByteArray RSASSL::encrypt(const QByteArray &message, const QByteArray &key) { if (!rsaPublicKey) { qCritical() << "Error reading public key"; + EasySSLUtils::printlastOpenSSlError(); return {}; } EVP_PKEY_CTX* ctx = EVP_PKEY_CTX_new(rsaPublicKey, nullptr); if (ctx == nullptr) { + EasySSLUtils::printlastOpenSSlError(); EVP_PKEY_free(rsaPublicKey); return {}; } if (EVP_PKEY_encrypt_init(ctx) <= 0) { + EasySSLUtils::printlastOpenSSlError(); EVP_PKEY_CTX_free(ctx); EVP_PKEY_free(rsaPublicKey); return {}; } if (EVP_PKEY_CTX_set_rsa_padding(ctx, getRawOpenSSLPandingValue(_padding)) <= 0) { + EasySSLUtils::printlastOpenSSlError(); EVP_PKEY_CTX_free(ctx); EVP_PKEY_free(rsaPublicKey); return {}; From 5d279991f41d9c9bfd8f6cdeabeeecf0226b5a25 Mon Sep 17 00:00:00 2001 From: EndrII Date: Sun, 16 Jul 2023 12:15:42 +0200 Subject: [PATCH 10/25] fix ecdsa --- src/lib/src/public/easyssl/ecdsassl.cpp | 12 +++--------- src/lib/src/public/easyssl/rsassl.cpp | 11 +++-------- 2 files changed, 6 insertions(+), 17 deletions(-) diff --git a/src/lib/src/public/easyssl/ecdsassl.cpp b/src/lib/src/public/easyssl/ecdsassl.cpp index 8a59bfe..4173e8e 100644 --- a/src/lib/src/public/easyssl/ecdsassl.cpp +++ b/src/lib/src/public/easyssl/ecdsassl.cpp @@ -103,15 +103,7 @@ QByteArray ECDSASSL::signMessage(const QByteArray &inputData, return {}; } - size_t signatureLength = 0; - // Determine the length of the signature - if (EVP_DigestSignFinal(mdctx, nullptr, &signatureLength) != 1) { - EasySSLUtils::printlastOpenSSlError(); - - EVP_MD_CTX_free(mdctx); - return {}; - } - + size_t signatureLength = EVP_PKEY_size(ecPrivateKey); signature.resize(signatureLength); // Perform the final signing operation and obtain the signature @@ -122,6 +114,8 @@ QByteArray ECDSASSL::signMessage(const QByteArray &inputData, return {}; } + signature.resize(signatureLength); + EVP_MD_CTX_free(mdctx); return signature; } diff --git a/src/lib/src/public/easyssl/rsassl.cpp b/src/lib/src/public/easyssl/rsassl.cpp index 83e497f..38c0174 100644 --- a/src/lib/src/public/easyssl/rsassl.cpp +++ b/src/lib/src/public/easyssl/rsassl.cpp @@ -80,14 +80,7 @@ QByteArray RSASSL::signMessage(const QByteArray &inputData, const QByteArray &ke return {}; } - size_t signatureLength = 0; - // Determine the length of the signature - if (EVP_DigestSignFinal(mdctx, nullptr, &signatureLength) != 1) { - EasySSLUtils::printlastOpenSSlError(); - EVP_MD_CTX_free(mdctx); - return {}; - } - + size_t signatureLength = EVP_PKEY_size(rsaPrivateKey); signature.resize(signatureLength); // Perform the final signing operation and obtain the signature @@ -97,6 +90,8 @@ QByteArray RSASSL::signMessage(const QByteArray &inputData, const QByteArray &ke return {}; } + signature.resize(signatureLength); + EVP_MD_CTX_free(mdctx); return signature; } From 5e1d48ce032c80f8a48a4a0bbc3600e62e961be2 Mon Sep 17 00:00:00 2001 From: EndrII Date: Sun, 16 Jul 2023 21:44:34 +0200 Subject: [PATCH 11/25] fix tests --- tests/tstMain.cpp | 10 +++++++-- tests/units/crttest.cpp | 0 tests/units/crttest.h | 48 +++++++++++++++++++++++++++++++++++++++++ 3 files changed, 56 insertions(+), 2 deletions(-) create mode 100644 tests/units/crttest.cpp create mode 100644 tests/units/crttest.h diff --git a/tests/tstMain.cpp b/tests/tstMain.cpp index d96354f..3a4770b 100644 --- a/tests/tstMain.cpp +++ b/tests/tstMain.cpp @@ -8,9 +8,11 @@ #include #include "cryptotest.h" #include "authtest.h" +#include "crttest.h" #include "easyssl/rsassl.h" #include + // Use This macros for initialize your own test classes. // Check exampletests #define TestCase(name, testClass) \ @@ -18,6 +20,9 @@ initTest(new testClass()); \ } +using CrtTestX509RSA = CrtTest; +using CrtTestX509ECDSA = CrtTest; + /** * @brief The tstMain class - this is main test class */ @@ -33,13 +38,14 @@ class tstMain : public QObject private slots: - // BEGIN TESTS CASES TestCase(authTest, AuthTest) TestCase(cryptoTestESDSA, CryptoTest) TestCase(cryptoTestRSA, CryptoTest) + TestCase(crtTestX509RSA, CrtTestX509RSA) + TestCase(crtTestX509ECDSA, CrtTestX509ECDSA) - // END TEST CASES + // END TEST CASESa private: diff --git a/tests/units/crttest.cpp b/tests/units/crttest.cpp new file mode 100644 index 0000000..e69de29 diff --git a/tests/units/crttest.h b/tests/units/crttest.h new file mode 100644 index 0000000..01ea6bd --- /dev/null +++ b/tests/units/crttest.h @@ -0,0 +1,48 @@ +//# +//# Copyright (C) 2020-2023 QuasarApp. +//# Distributed under the GPLv3 software license, see the accompanying +//# Everyone is permitted to copy and distribute verbatim copies +//# of this license document, but changing it is not allowed. +//# + + +#ifndef CRTTEST_H +#define CRTTEST_H + +#include "qtestcase.h" +#include "test.h" +#include "testutils.h" +#include +#include + + +/** + * @brief The CrtTest class is bse test class for the testin all certificate generators + * @tparam CrtGenerator This any class inheret of ICertificate interface. + * + * @example + * @code{cpp} + * #include "x509.h" + * #include "CrtTest" + * + * TestCase(cryptoTestRSA, CrtTest) + * @endcode + */ +template +class CrtTest: public Test, protected TestUtils +{ +public: + CrtTest() = default; + void test() override { + + CrtGenerator gen(QSharedPointer::create()); + EasySSL::SslSrtData data; + + auto crt = gen.create(data); + QVERIFY2(!crt.crt.isNull(), "Failed to generate certificate."); + QVERIFY2(!crt.key.isNull(), "Failed to generate private key for certificate."); + + } +}; + +#endif // CRTTEST_H From 06a9fd17d3d9fc43c4f8a5c9f5de20c9c7dd4bd3 Mon Sep 17 00:00:00 2001 From: Andrei Yankovich Date: Mon, 17 Jul 2023 10:19:06 +0300 Subject: [PATCH 12/25] Update tests/tstMain.cpp --- tests/tstMain.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/tstMain.cpp b/tests/tstMain.cpp index 3a4770b..7db8c42 100644 --- a/tests/tstMain.cpp +++ b/tests/tstMain.cpp @@ -45,7 +45,7 @@ private slots: TestCase(crtTestX509RSA, CrtTestX509RSA) TestCase(crtTestX509ECDSA, CrtTestX509ECDSA) - // END TEST CASESa + // END TEST CASES private: From 5ae4009840abbc5a6c83b9ea25352556b2c497b5 Mon Sep 17 00:00:00 2001 From: EndrII Date: Mon, 17 Jul 2023 22:52:15 +0200 Subject: [PATCH 13/25] simple changes --- README.md | 48 +++++++++++++++++++++-- doxygen.conf.in | 2 +- src/lib/src/public/easyssl/ecdsassl.h | 2 +- src/lib/src/public/easyssl/icertificate.h | 3 +- src/lib/src/public/easyssl/icrypto.h | 4 +- src/lib/src/public/easyssl/rsassl.h | 2 +- 6 files changed, 52 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index ce25c34..ee03390 100644 --- a/README.md +++ b/README.md @@ -1,9 +1,10 @@ # EasySSL -This is simple wrapper library that make using ssl simple. +This is wrapper library that make using OpenSSL library more simple. This library contains interfaces for the signing and encription data. ### Supported encription alhorithms: -* edsa based on sll 1.1 +* ECDSA +* RSA ### Supported features * encription @@ -33,7 +34,48 @@ This library contains interfaces for the signing and encription data. ## Usage -Authentication +### Encription + +```cpp +#include + +class ECDSA: public EasySSL::AuthECDSA { + +public: + + // AsyncKeysAuth interface + void setPrivateKey(const QByteArray &newPriv) { + _priv = newPriv; + } + + QByteArray getPrivateKey() const { + return _priv; + }; + +private: + QByteArray _priv; + +}; + +ECDSA edsa; +QByteArray pub, priv; +QString userID; + +// make public and private keys. +edsa.makeKeys(pub, priv); +edsa.setPrivateKey(priv); +edsa.setPublicKey(pub); + +// prepare an authentication object. +edsa.prepare(); +edsa.setPrivateKey({}); + +edsa.auth(1000, &userID) + +``` + + +### Authentication ```cpp #include diff --git a/doxygen.conf.in b/doxygen.conf.in index ccf7ce5..25cb8ad 100644 --- a/doxygen.conf.in +++ b/doxygen.conf.in @@ -51,7 +51,7 @@ PROJECT_BRIEF = EasySSL is base back end library for your c++ Qt projec # pixels and the maximum width should not exceed 200 pixels. Doxygen will copy # the logo to the output directory. -PROJECT_LOGO = res/Logo_Web_alpha.png +PROJECT_LOGO = # The OUTPUT_DIRECTORY tag is used to specify the (relative or absolute) path # into which the generated documentation will be written. If a relative path is diff --git a/src/lib/src/public/easyssl/ecdsassl.h b/src/lib/src/public/easyssl/ecdsassl.h index dbb580b..90ee0cd 100644 --- a/src/lib/src/public/easyssl/ecdsassl.h +++ b/src/lib/src/public/easyssl/ecdsassl.h @@ -15,7 +15,7 @@ namespace EasySSL { /** - * @brief The ECDSASSL11 class is ecdsa implementation of the Async authentication. This implementation based on Openssl library. + * @brief The ECDSASSL class is ecdsa implementation of the Async authentication. This implementation based on Openssl library. */ class EASYSSL_EXPORT ECDSASSL: public EasySSL::ICrypto { diff --git a/src/lib/src/public/easyssl/icertificate.h b/src/lib/src/public/easyssl/icertificate.h index f8c663a..ae7bf0b 100644 --- a/src/lib/src/public/easyssl/icertificate.h +++ b/src/lib/src/public/easyssl/icertificate.h @@ -17,7 +17,8 @@ namespace EasySSL { /** - * @brief The SslSrtData struct This structure contains base information for generate self signed ssl certefication. + * @brief The SslSrtData struct This structure contains base information to generate self-signed SSL certification. + * Use this interface for creating a new certificates algorithms. */ struct SslSrtData { QString country = "BY"; diff --git a/src/lib/src/public/easyssl/icrypto.h b/src/lib/src/public/easyssl/icrypto.h index 42c7a68..f211ae2 100644 --- a/src/lib/src/public/easyssl/icrypto.h +++ b/src/lib/src/public/easyssl/icrypto.h @@ -17,7 +17,7 @@ namespace EasySSL { /** - * @brief The ICrypto class This is base interface that provide encription functionality. +* @brief The ICrypto class, This is base interface that provide encryption functionality. */ class EASYSSL_EXPORT ICrypto { @@ -25,7 +25,7 @@ class EASYSSL_EXPORT ICrypto public: /** - * @brief The Features enum this is list of the supported ecription features + * @brief The Features enum this is list of the supported description features */ enum Features { /// Signin and check sign of the data. diff --git a/src/lib/src/public/easyssl/rsassl.h b/src/lib/src/public/easyssl/rsassl.h index b3bb440..9de70d4 100644 --- a/src/lib/src/public/easyssl/rsassl.h +++ b/src/lib/src/public/easyssl/rsassl.h @@ -15,7 +15,7 @@ namespace EasySSL { /** - * @brief The RSASSL30 class This is wrapper for RSA algorithm of openssl 3.0 libraryry. + * @brief The RSASSL class This is wrapper for RSA algorithm of openssl 3.0 libraryry. */ class EASYSSL_EXPORT RSASSL: public EasySSL::ICrypto { From f31b11e03ba396c6a2846432c687d08c35599934 Mon Sep 17 00:00:00 2001 From: EndrII Date: Mon, 17 Jul 2023 23:07:28 +0200 Subject: [PATCH 14/25] fix documentation --- CONTRIBUTING.md | 15 +++++++++++---- README.md | 50 +++++++++++++++++-------------------------------- doxygen.conf.in | 3 ++- 3 files changed, 30 insertions(+), 38 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index efc6609..c5ad762 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -1,17 +1,21 @@ # Contributing in to EeasySSL + This is a wrap library for the Qt developers. So if you think that is a good library, and you use it in your projects - you can add new improvements and create a pull request with new features. ## What can you do for this Library ? + 1. You can add a support of new encryption algorithms 2. You can implement new certificate generator. ## Adding new implementation of crypto algorithms + All Algorithms must be pass simple test. Encrypt, decrypt short and long data arrays. This simple test already implemented, and you just need to add it into main test file. ### Example Adding supporting RSA algorithm to this library. 1. Create implementation of the iCrypto interface. + ```cpp #include "icrypto.h" @@ -32,9 +36,11 @@ Adding supporting RSA algorithm to this library. } ``` -Full implementation of the RSA you can see here. + +Full implementation of the RSA you can see [here](https://github.com/QuasarApp/easyssl/blob/main/src/lib/src/public/easyssl/rsassl.h). 2. Add your class to the tests Using The Template class "[CryptoTest](https://github.com/QuasarApp/easyssl/blob/main/tests/units/cryptotest.h)". See The [tstMain.cpp](https://github.com/QuasarApp/easyssl/blob/main/tests/tstMain.cpp) file + ``` cpp TestCase(cryptoTestRSA, CryptoTest) ``` @@ -57,9 +63,9 @@ Full implementation of the RSA you can see here. }; ``` -Full implementation of x509 certificate format you can see here. +Full implementation of x509 certificate format you can see [here](https://github.com/QuasarApp/easyssl/blob/main/src/lib/src/public/easyssl/x509.h). -2. Add your class to the tests Using The Template class "[CrtTest]()". See The [tstMain.cpp](https://github.com/QuasarApp/easyssl/blob/main/tests/tstMain.cpp) file +2. Add your class to the tests Using The Template class "[CrtTest](https://github.com/QuasarApp/easyssl/blob/main/tests/units/crttest.h)". See The [tstMain.cpp](https://github.com/QuasarApp/easyssl/blob/main/tests/tstMain.cpp) file ```cpp #include "crttest.h" @@ -70,7 +76,8 @@ Full implementation of x509 certificate format you can see here. ``` ## Extra rools -1. All shared tools or useful functions located on the EasySSLUtils class. + +1. All shared tools or useful functions located on the [EasySSLUtils](https://github.com/QuasarApp/easyssl/blob/main/src/lib/src/private/easysslutils.h) class. 2. All implementation must contains goxygen xml comments (documentation) diff --git a/README.md b/README.md index ee03390..5c73651 100644 --- a/README.md +++ b/README.md @@ -37,40 +37,21 @@ This library contains interfaces for the signing and encription data. ### Encription ```cpp -#include - -class ECDSA: public EasySSL::AuthECDSA { - -public: - - // AsyncKeysAuth interface - void setPrivateKey(const QByteArray &newPriv) { - _priv = newPriv; - } - - QByteArray getPrivateKey() const { - return _priv; - }; - -private: - QByteArray _priv; +#include "easyssl/rsassl.h" + +// create a publick and private keys array. +int main() { + QByteArray pub, priv; + EasySSL::RSASSL crypto; + crypto.makeKeys(pub, priv) + + auto siganture = crypto.signMessage(message, priv); + crypto.checkSign(message, siganture, pub); + + auto encriptedMsg = crypto.encrypt(message, pub); + auto decryptedMsg = crypto.decrypt(encriptedMsg, priv); +} -}; - -ECDSA edsa; -QByteArray pub, priv; -QString userID; - -// make public and private keys. -edsa.makeKeys(pub, priv); -edsa.setPrivateKey(priv); -edsa.setPublicKey(pub); - -// prepare an authentication object. -edsa.prepare(); -edsa.setPrivateKey({}); - -edsa.auth(1000, &userID) ``` @@ -115,4 +96,7 @@ edsa.auth(1000, &userID) ``` +## Do not forget to help us make this library better... +See our main documentation about contributing to [EasySsl](https://github.com/QuasarApp/easyssl/blob/main/CONTRIBUTING.md) + Full documentation available [here](https://quasarapp.ddns.net:3031/docs/QuasarApp/easyssl/latest/index.html) diff --git a/doxygen.conf.in b/doxygen.conf.in index 25cb8ad..bd6f08d 100644 --- a/doxygen.conf.in +++ b/doxygen.conf.in @@ -791,7 +791,8 @@ WARN_LOGFILE = # Note: If this tag is empty the current directory is searched. INPUT = src \ - README.md + README.md \ + CONTRIBUTING.md # This tag can be used to specify the character encoding of the source files From 01c70bf7de38304f6862769b44132fa144696d7a Mon Sep 17 00:00:00 2001 From: EndrII Date: Tue, 18 Jul 2023 15:01:38 +0200 Subject: [PATCH 15/25] update contributed md --- CONTRIBUTING.md | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index c5ad762..f92c4f0 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -12,6 +12,7 @@ This is a wrap library for the Qt developers. So if you think that is a good lib All Algorithms must be pass simple test. Encrypt, decrypt short and long data arrays. This simple test already implemented, and you just need to add it into main test file. ### Example + Adding supporting RSA algorithm to this library. 1. Create implementation of the iCrypto interface. @@ -41,18 +42,20 @@ Full implementation of the RSA you can see [here](https://github.com/QuasarApp/e 2. Add your class to the tests Using The Template class "[CryptoTest](https://github.com/QuasarApp/easyssl/blob/main/tests/units/cryptotest.h)". See The [tstMain.cpp](https://github.com/QuasarApp/easyssl/blob/main/tests/tstMain.cpp) file -``` cpp +```cpp + TestCase(cryptoTestRSA, CryptoTest) ``` ## Adding new implementation of Certificate generator. 1. Create implementation of the iCrypto interface. And override the create method. + ```cpp /** * @brief The X509 class This is wrapper of the ssl objects. */ - class EASYSSL_EXPORT X509: public ICertificate + class EASYSSL_EXPORT X509: public EasySSL::ICertificate { public: X509(const QSharedPointer& generator); @@ -79,7 +82,7 @@ Full implementation of x509 certificate format you can see [here](https://github 1. All shared tools or useful functions located on the [EasySSLUtils](https://github.com/QuasarApp/easyssl/blob/main/src/lib/src/private/easysslutils.h) class. 2. All implementation must contains goxygen xml comments (documentation) - +3. All implementation must be inner EasySSL name space. # Thank you From afab7047c19517f0035bedfc6f834a82cfcf17bb Mon Sep 17 00:00:00 2001 From: EndrII Date: Tue, 18 Jul 2023 15:19:45 +0200 Subject: [PATCH 16/25] remove deprecated method --- src/lib/src/public/easyssl.cpp | 1 - src/lib/src/public/easyssl.h | 1 - 2 files changed, 2 deletions(-) diff --git a/src/lib/src/public/easyssl.cpp b/src/lib/src/public/easyssl.cpp index edf8116..0c3c870 100644 --- a/src/lib/src/public/easyssl.cpp +++ b/src/lib/src/public/easyssl.cpp @@ -10,7 +10,6 @@ namespace EasySSL { bool init() { - initeasysslResources(); return true; } diff --git a/src/lib/src/public/easyssl.h b/src/lib/src/public/easyssl.h index 5f34a1b..2e5f1ca 100644 --- a/src/lib/src/public/easyssl.h +++ b/src/lib/src/public/easyssl.h @@ -8,7 +8,6 @@ #include "easyssl/global.h" #include -inline void initeasysslResources() { Q_INIT_RESOURCE(easyssl); } namespace EasySSL { From 9d91f267b95fe5d7892a1dbc22e74f05523861f0 Mon Sep 17 00:00:00 2001 From: EndrII Date: Tue, 18 Jul 2023 15:28:58 +0200 Subject: [PATCH 17/25] remove EVP_PKEY struct frm public space --- src/lib/src/public/easyssl/ecdsassl.cpp | 3 ++- src/lib/src/public/easyssl/ecdsassl.h | 3 ++- src/lib/src/public/easyssl/icrypto.cpp | 2 +- src/lib/src/public/easyssl/icrypto.h | 13 ++++++------- src/lib/src/public/easyssl/rsassl.cpp | 2 +- src/lib/src/public/easyssl/rsassl.h | 2 +- src/lib/src/public/easyssl/x509.cpp | 2 +- 7 files changed, 14 insertions(+), 13 deletions(-) diff --git a/src/lib/src/public/easyssl/ecdsassl.cpp b/src/lib/src/public/easyssl/ecdsassl.cpp index 4173e8e..a629c3a 100644 --- a/src/lib/src/public/easyssl/ecdsassl.cpp +++ b/src/lib/src/public/easyssl/ecdsassl.cpp @@ -8,6 +8,7 @@ #include "ecdsassl.h" +#include #include // for ECDSA_do_sign, ECDSA_do_verify #include // for NID_secp192k1 #include @@ -29,7 +30,7 @@ ECDSASSL::ECDSASSL(EllipticCurveStandart curveStandart) { setCurve(curveStandart); } -EVP_PKEY * ECDSASSL::makeRawKeys() const { +void * ECDSASSL::makeRawKeys() const { EVP_PKEY *pkey = nullptr; EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_from_name(nullptr, "EC", nullptr); diff --git a/src/lib/src/public/easyssl/ecdsassl.h b/src/lib/src/public/easyssl/ecdsassl.h index 90ee0cd..ec96909 100644 --- a/src/lib/src/public/easyssl/ecdsassl.h +++ b/src/lib/src/public/easyssl/ecdsassl.h @@ -37,7 +37,6 @@ class EASYSSL_EXPORT ECDSASSL: public EasySSL::ICrypto public: ECDSASSL(EllipticCurveStandart curveStandart = EllipticCurveStandart::P_256); - EVP_PKEY * makeRawKeys() const override; Features supportedFeatures() const override; QSsl::KeyAlgorithm keyAlgorithm() const override; @@ -69,6 +68,8 @@ class EASYSSL_EXPORT ECDSASSL: public EasySSL::ICrypto */ void setCurve(EllipticCurveStandart newCurve); + void * makeRawKeys() const override; + private: const char *getCStr(EllipticCurveStandart value) const; EllipticCurveStandart _curve = EllipticCurveStandart::P_256; diff --git a/src/lib/src/public/easyssl/icrypto.cpp b/src/lib/src/public/easyssl/icrypto.cpp index 9ce0f49..dd024ce 100644 --- a/src/lib/src/public/easyssl/icrypto.cpp +++ b/src/lib/src/public/easyssl/icrypto.cpp @@ -15,7 +15,7 @@ namespace EasySSL { bool EasySSL::ICrypto::makeKeys(QByteArray &pubKey, QByteArray &privKey) const { - EVP_PKEY *keys = makeRawKeys(); + EVP_PKEY *keys = static_cast(makeRawKeys()); if (!keys) return false; diff --git a/src/lib/src/public/easyssl/icrypto.h b/src/lib/src/public/easyssl/icrypto.h index f211ae2..eb9d5f7 100644 --- a/src/lib/src/public/easyssl/icrypto.h +++ b/src/lib/src/public/easyssl/icrypto.h @@ -12,7 +12,6 @@ #include "global.h" #include "qssl.h" #include -#include namespace EasySSL { @@ -42,12 +41,6 @@ class EASYSSL_EXPORT ICrypto */ bool makeKeys(QByteArray &pubKey, QByteArray &privKey) const; - /** - * @brief makeKeys This method generate the public and private keys of the ECDSA. - * @return pointer to generated keys. - */ - virtual EVP_PKEY * makeRawKeys() const = 0; - /** * @brief keyAlgorithm This method should be return Qt Key algorithm (needed for generate cetrificates.) * @return @@ -98,6 +91,12 @@ class EASYSSL_EXPORT ICrypto virtual bool checkSign(const QByteArray& message, const QByteArray& signature, const QByteArray& key) const = 0; + + /** + * @brief makeKeys This method generate the public and private keys of the ECDSA. + * @return pointer to generated keys. This method must return EVP_PKEY* structure. + */ + virtual void * makeRawKeys() const = 0; }; } diff --git a/src/lib/src/public/easyssl/rsassl.cpp b/src/lib/src/public/easyssl/rsassl.cpp index 38c0174..6fa830f 100644 --- a/src/lib/src/public/easyssl/rsassl.cpp +++ b/src/lib/src/public/easyssl/rsassl.cpp @@ -21,7 +21,7 @@ RSASSL::RSASSL(RSAPadding padding) { setPadding(padding); } -EVP_PKEY * RSASSL::makeRawKeys() const { +void *RSASSL::makeRawKeys() const { EVP_PKEY *pkey = nullptr; EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_from_name(nullptr, "RSA", nullptr); diff --git a/src/lib/src/public/easyssl/rsassl.h b/src/lib/src/public/easyssl/rsassl.h index 9de70d4..3ec0e84 100644 --- a/src/lib/src/public/easyssl/rsassl.h +++ b/src/lib/src/public/easyssl/rsassl.h @@ -46,7 +46,7 @@ class EASYSSL_EXPORT RSASSL: public EasySSL::ICrypto public: RSASSL(RSAPadding padding = PKCS1_OAEP_PADDING); - EVP_PKEY *makeRawKeys() const override; + void *makeRawKeys() const override; Features supportedFeatures() const override; QSsl::KeyAlgorithm keyAlgorithm() const override; diff --git a/src/lib/src/public/easyssl/x509.cpp b/src/lib/src/public/easyssl/x509.cpp index 3b629e0..3a04a90 100644 --- a/src/lib/src/public/easyssl/x509.cpp +++ b/src/lib/src/public/easyssl/x509.cpp @@ -22,7 +22,7 @@ SelfSignedSertificate X509::create(const SslSrtData &certificateData) const { return {}; } - EVP_PKEY *pkey = keyGenerator()->makeRawKeys(); + EVP_PKEY *pkey = static_cast(keyGenerator()->makeRawKeys()); ::X509 * x509 = nullptr; X509_NAME * name = nullptr; From 9c9b0533697274d36584e198203a89da8c3f9ea0 Mon Sep 17 00:00:00 2001 From: EndrII Date: Tue, 18 Jul 2023 15:48:00 +0200 Subject: [PATCH 18/25] fix link ssl library --- src/lib/CMakeLists.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/lib/CMakeLists.txt b/src/lib/CMakeLists.txt index a4911da..14d6511 100644 --- a/src/lib/CMakeLists.txt +++ b/src/lib/CMakeLists.txt @@ -42,7 +42,7 @@ if (EASYSSL_STATIC_SSL) else() message("Use shared ssl ") - target_link_libraries(${CURRENT_PROJECT} PRIVATE OpenSSL::Crypto OpenSSL::SSL) + target_link_libraries(${CURRENT_PROJECT} PUBLIC OpenSSL::Crypto OpenSSL::SSL) if (ANDROID) set(OPENSSL_ROOT_PATH "$ENV{OPENSSL_ROOT_DIR}") From 820c04db170477ca4bd7692064df8ddaa1bad44e Mon Sep 17 00:00:00 2001 From: EndrII Date: Tue, 18 Jul 2023 22:01:06 +0200 Subject: [PATCH 19/25] fiw windows tests --- src/lib/src/public/easyssl/icrypto.h | 1 + tests/units/cryptotest.h | 4 ++++ 2 files changed, 5 insertions(+) diff --git a/src/lib/src/public/easyssl/icrypto.h b/src/lib/src/public/easyssl/icrypto.h index eb9d5f7..067ff5e 100644 --- a/src/lib/src/public/easyssl/icrypto.h +++ b/src/lib/src/public/easyssl/icrypto.h @@ -62,6 +62,7 @@ class EASYSSL_EXPORT ICrypto * @see IAsyncEncription::encript */ virtual QByteArray decrypt(const QByteArray& message, const QByteArray& key) = 0; + /** * @brief encrypt This method encript @a message using @a key. * @param message This is a message that should be decripted. diff --git a/tests/units/cryptotest.h b/tests/units/cryptotest.h index 56e166f..5b5b048 100644 --- a/tests/units/cryptotest.h +++ b/tests/units/cryptotest.h @@ -25,7 +25,11 @@ class CryptoTest: public Test, protected TestUtils //test long messages +#ifdef Q_OS_UNIX const int Mb = 1024 * 1024; //1 mb +#else + const int Mb = 1024 * 100; //100 kb +#endif testImpl(QByteArray(Mb, 'c')); } ; From c7508736dd263213a33712c7ec1ae94d8218b1cb Mon Sep 17 00:00:00 2001 From: EndrII Date: Tue, 18 Jul 2023 22:03:26 +0200 Subject: [PATCH 20/25] fix links in documentations --- CONTRIBUTING.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index f92c4f0..251d284 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -40,7 +40,7 @@ Adding supporting RSA algorithm to this library. Full implementation of the RSA you can see [here](https://github.com/QuasarApp/easyssl/blob/main/src/lib/src/public/easyssl/rsassl.h). -2. Add your class to the tests Using The Template class "[CryptoTest](https://github.com/QuasarApp/easyssl/blob/main/tests/units/cryptotest.h)". See The [tstMain.cpp](https://github.com/QuasarApp/easyssl/blob/main/tests/tstMain.cpp) file +2. Add your class to the tests Using The Template class [CryptoTest](https://github.com/QuasarApp/easyssl/blob/main/tests/units/cryptotest.h). See The [tstMain.cpp](https://github.com/QuasarApp/easyssl/blob/main/tests/tstMain.cpp) file ```cpp @@ -68,7 +68,7 @@ Full implementation of the RSA you can see [here](https://github.com/QuasarApp/e Full implementation of x509 certificate format you can see [here](https://github.com/QuasarApp/easyssl/blob/main/src/lib/src/public/easyssl/x509.h). -2. Add your class to the tests Using The Template class "[CrtTest](https://github.com/QuasarApp/easyssl/blob/main/tests/units/crttest.h)". See The [tstMain.cpp](https://github.com/QuasarApp/easyssl/blob/main/tests/tstMain.cpp) file +2. Add your class to the tests Using The Template class [CrtTest](https://github.com/QuasarApp/easyssl/blob/main/tests/units/crttest.h). See The [tstMain.cpp](https://github.com/QuasarApp/easyssl/blob/main/tests/tstMain.cpp) file ```cpp #include "crttest.h" From ad328f04472631b4f28875d30fc1912876aa3563 Mon Sep 17 00:00:00 2001 From: Andrei Yankovich Date: Wed, 19 Jul 2023 10:03:07 +0300 Subject: [PATCH 21/25] Apply suggestions from code review Co-authored-by: usermeme --- src/lib/src/private/easysslutils.h | 34 +++++++++++++-------------- src/lib/src/public/easyssl/ecdsassl.h | 2 +- 2 files changed, 18 insertions(+), 18 deletions(-) diff --git a/src/lib/src/private/easysslutils.h b/src/lib/src/private/easysslutils.h index aea9adc..632a275 100644 --- a/src/lib/src/private/easysslutils.h +++ b/src/lib/src/private/easysslutils.h @@ -11,59 +11,59 @@ namespace EasySSL { /** - * @brief The EasySSLUtils class This is base utils for work with opwnssl library. + * @brief The EasySSLUtils class These are basic utils for work with the opwnssl library. */ class EasySSLUtils { public: /** - * @brief printlastOpenSSlError This method print last ssl error message. + * @brief printlastOpenSSlError This method prints the latest ssl error message. */ static void printlastOpenSSlError(); /** - * @brief bignumToArray This method convert openssl BIGNUM into byteArray - * @param num This is big num of the openssl library + * @brief bignumToArray This method converts openssl BIGNUM into byteArray + * @param num This is a big num of the openssl library * @return bytes array. */ static QByteArray bignumToArray(const BIGNUM* num); /** - * @brief bignumFromArray This method convert Qt bytes array into opensll big num. - * @param array This is input array. + * @brief bignumFromArray This method converts the Qt bytes array into the opensll big num. + * @param array This is an input array. * @return big num pointer. - * @note This result pointer will not free automatically. Please free returned pointer after using. + * @note This result pointer will not be free automatically. Please free the returned pointer after use. */ - [[nodiscard("This pointer will not free automatically. Please free returned pointer after using.")]] + [[nodiscard("The result pointer will not be free automatically. Please free the returned pointer after using.")]] static BIGNUM* bignumFromArray(const QByteArray& array); /** - * @brief bioToByteArray This method conver openssl BIO to QByteArry + * @brief bioToByteArray This method converts the openssl BIO to the QByteArry * @param bio input arrary. * @return Qt Array */ static QByteArray bioToByteArray(BIO *bio); /** - * @brief byteArrayToBio This method create BIO struct from the Qt QByteArray object. - * @param byteArray This is input Qt byte array. - * @return pointer tot the BIO. - * @note Do not forget free result pointer. + * @brief byteArrayToBio This method creates the BIO struct from the Qt QByteArray object. + * @param byteArray This is an input Qt byte array. + * @return pointer to the BIO struct of OpenSLL library. + * @note Don't forget to free the result pointer. */ [[nodiscard("This pointer will not free automatically. Please free returned pointer after using.")]] static BIO *byteArrayToBio(const QByteArray &byteArray); /** - * @brief extractPublcKey This method extracts publick key from the ssl (pem) structure. - * @param ssl_keys This is ssl keys objects. + * @brief extractPublcKey This method extracts the public key from the ssl (pem) structure. + * @param ssl_keys These are objects of the ssl keys. * @return bytes array of the extracted key. */ static QByteArray extractPublcKey(EVP_PKEY* ssl_keys); /** - * @brief extractPrivateKey This method extracts private key from the ssl (pem) structure. - * @param ssl_keys This is ssl keys objects. + * @brief extractPrivateKey This method extracts the private key from the ssl (pem) structure. + * @param ssl_keys These are objects of the ssl keys. * @return bytes array of the extracted key. */ static QByteArray extractPrivateKey(EVP_PKEY* ssl_keys); diff --git a/src/lib/src/public/easyssl/ecdsassl.h b/src/lib/src/public/easyssl/ecdsassl.h index ec96909..edf4a30 100644 --- a/src/lib/src/public/easyssl/ecdsassl.h +++ b/src/lib/src/public/easyssl/ecdsassl.h @@ -56,7 +56,7 @@ class EASYSSL_EXPORT ECDSASSL: public EasySSL::ICrypto QByteArray encrypt(const QByteArray &message, const QByteArray &key) override; /** - * @brief curve This method return current curve method. using only for generate new pair keys. + * @brief curve This method returns the current curve method. Using only for generating new pair of keys. * @return current cursve type. * @see EllipticCurveStandart */ From 544d88baf0546f12a2afd6a56c86b27d7438fc91 Mon Sep 17 00:00:00 2001 From: EndrII Date: Fri, 21 Jul 2023 19:15:58 +0200 Subject: [PATCH 22/25] update cmake --- submodules/CMake | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/submodules/CMake b/submodules/CMake index 9188d41..5f11d27 160000 --- a/submodules/CMake +++ b/submodules/CMake @@ -1 +1 @@ -Subproject commit 9188d4124c1a9f5e01887ba5f969879f7c48922a +Subproject commit 5f11d2757817d62407573bb13adf60f2519272dc From 4ee3b7421d1ea4e3a5f572ff0bff83a7e83b286e Mon Sep 17 00:00:00 2001 From: EndrII Date: Fri, 21 Jul 2023 19:22:29 +0200 Subject: [PATCH 23/25] update cmake git --- submodules/CMake | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/submodules/CMake b/submodules/CMake index 5f11d27..da008d0 160000 --- a/submodules/CMake +++ b/submodules/CMake @@ -1 +1 @@ -Subproject commit 5f11d2757817d62407573bb13adf60f2519272dc +Subproject commit da008d0758fa9f1fad59b887c8f29c270332c1a2 From eb601bb52a8a41de90cff6d81dec3c469fc31d75 Mon Sep 17 00:00:00 2001 From: EndrII Date: Fri, 21 Jul 2023 19:30:45 +0200 Subject: [PATCH 24/25] update cmake --- submodules/CMake | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/submodules/CMake b/submodules/CMake index da008d0..9b510eb 160000 --- a/submodules/CMake +++ b/submodules/CMake @@ -1 +1 @@ -Subproject commit da008d0758fa9f1fad59b887c8f29c270332c1a2 +Subproject commit 9b510eb5b2c3502dd77c6a420c3f154ced493e42 From 6e60c3c092a658014164e13611eab7c8e7b1566d Mon Sep 17 00:00:00 2001 From: EndrII Date: Fri, 21 Jul 2023 19:38:00 +0200 Subject: [PATCH 25/25] update cmake --- submodules/CMake | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/submodules/CMake b/submodules/CMake index 9b510eb..8365c74 160000 --- a/submodules/CMake +++ b/submodules/CMake @@ -1 +1 @@ -Subproject commit 9b510eb5b2c3502dd77c6a420c3f154ced493e42 +Subproject commit 8365c74d6298bca83824bf407896418f3494301b