How to encrypt and decrypt text content on QT?

mrjj

@William.Tran

But how did u encrypt it in first place?
What software did use the private key ?

So are u sure crypto++ can decrypt it ?

William.Tran

@mrjj

Our server has encrypted the file with a private key. On our application download this content and stored to file.

I could use javascript to decrypt it as below:

    var key = CryptoJS.SHA256(__CRYPTO_AES_PRIVATE_KEY);
    var iv = CryptoJS.enc.Hex.parse(bin2hex(key.toString().substring(0, 16)))

    var decrypted = CryptoJS.AES.decrypt(encrypted, key, { iv: iv });

    return decrypted.toString(CryptoJS.enc.Utf8);

I am not sure crypto++ can do that or not but i tried to build my app with that library however it is not successful.

sierdzio

From that code alone I think you can use OpenSSL library to decrypt your data on Qt side.

VRonin

both libcrypto (part of OpenSSL) and cryptoc++ can handle AES encryption. Given you are talking about "server" I suppose you are using OpenSSL already so libcrypto is probably the easier way to go. You can see an example of how to do it here: https://gist.github.com/mythosil/1292328 (yes, it's in C as libcrypto is in C)

William.Tran

@VRonin, @sierdzio

Thank your for you answer. I am using QT 5.9 on MAC, could you tell me how to import openssl to project and how to integrate with your libs?

Many thanks.

VRonin

qmake: http://doc.qt.io/qt-5/third-party-libraries.html
Qt Creator: http://doc.qt.io/qtcreator/creator-project-qmake-libraries.html

William.Tran

@VRonin

I followed your links add this to .pro file but it does not help.

INCLUDEPATH += /usr/local/Cellar/openssl/1.0.2k/lib/
LIBS += -L/usr/local/Cellar/openssl/1.0.2k/lib/ -lcrypto

I could not use : #include <openssl/evp.h>

William.Tran

I could link openssl lib to my project by :

INCLUDEPATH += /usr/local/Cellar/openssl/1.0.2k/include
LIBS += -L/usr/local/Cellar/openssl/1.0.2k/lib -lcrypto

William.Tran

@VRonin

in this lib : https://gist.github.com/mythosil/1292328

I saw he used: EVP_aes_128_cbc and i got the error when my private key has length is 64. What EVP i should use?

VRonin

AES standards only supports 128, 192, and 256-bit key sizes. Are you maybe adding some padding to the key?

EDIT:

In fact, in your javascript code, you use CryptoJS.SHA256 so you are creating a 256 bit hash of your key. you can use QCryptographicHash to create such a thing

sierdzio

@VRonin said in How to encrypt and decrypt text content on QT?:

256 bit hash of your key. you can use QCryptographicHash to create such a thing

Careful with that, though: Qt had a bug in SHA calculation. See this

VRonin

@sierdzio I was not aware of that, but that bug relates to SHA3 while OP apparently is using Sha2.

Alternatively you can still use libcrypto for calculating the hash too, see https://stackoverflow.com/questions/2262386/generate-sha256-with-openssl-and-c

William.Tran

@VRonin @sierdzio

I tried to used key and iv key which is generated from my private key by javascript. but i still got the issue as i mentioned:

The key length required 16. But my key has length 64. I think it belongs to "EVP_aes_128_cbc" isn't it?

My code as below:

  const char *key, *iv;
  int key_length, iv_length, data_length;

  key = QByteArray::fromHex(strKey.toLatin1());
  key_length = strlen(key);

  iv = strIV.toLatin1().data();
  iv_length = strlen(iv);

  data_length = strlen(data);

  const EVP_CIPHER *cipher;
  int cipher_key_length, cipher_iv_length;
  cipher = EVP_aes_128_cbc();
  cipher_key_length = EVP_CIPHER_key_length(cipher);
  cipher_iv_length = EVP_CIPHER_iv_length(cipher);

  if (key_length != cipher_key_length) {
    fprintf(stderr, "Error: key length must be %d\n", cipher_key_length);
    fprintf(stderr, "current key length: %d\n", key_length);
    exit(EXIT_FAILURE);
  }
  if (iv_length != cipher_iv_length) {
    fprintf(stderr, "Error: iv length must be %d\n", cipher_iv_length);
    exit(EXIT_FAILURE);
  }

  const char *p;
  char *datax;
  int i, datax_length;

  datax = (char *)malloc(data_length);
  for (p = data, i = 0; *p != '\0'; p += 2, i++) {
    char buf[3];
    buf[0] = *p;
    buf[1] = *(p+1);
    buf[2] = '\0';
    datax[i] = strtol(buf, NULL, 16);
  }
  datax_length = i;

  EVP_CIPHER_CTX ctx;

  EVP_CIPHER_CTX_init(&ctx);
  EVP_DecryptInit_ex(&ctx, cipher, NULL, (unsigned char *)key, (unsigned char *)iv);

  int plain_length, final_length;
  unsigned char *plaintext;

  plain_length = datax_length;
  plaintext = (unsigned char *)malloc(plain_length + 1);

  EVP_DecryptUpdate(&ctx, plaintext, &plain_length, (unsigned char *)datax, datax_length);
  EVP_DecryptFinal_ex(&ctx, plaintext + plain_length, &final_length);

  plaintext[plain_length + final_length] = '\0';
  printf("%s\n", plaintext);

  free(plaintext);
  free(datax);

  EVP_CIPHER_CTX_cleanup(&ctx);

The log informations:

Error: key length must be 16
current key length: 17

VRonin

@William.Tran That's what we were discussing in the 3 posts above. In you javascript you don't use your key directly but you use a 256bit SHA2 hash of the key as input to the decrypter. To create that hash you can use key = QCryptographicHash::hash(strKey.toUtf8(),QCryptographicHash::Sha256);

P.S.

const char *key
key = QByteArray::fromHex(strKey.toLatin1());

Are you sure it compiles?

William.Tran

@VRonin said in How to encrypt and decrypt text content on QT?:

key = QCryptographicHash::hash(strKey.toUtf8(),QCryptographicHash::Sha256);

I already generated key by that code. But did not help at all.

I tried to use
key = QByteArray::fromHex(strKey.toLatin1());

Because the "strKey" is Hash Key which was generated by javascript.