Qt encryption, QCA build error



  • Hello,
    Is there any simple encryption algorithm for mingw like:

    EncryptedData = Encrypt(DataToBeEncrypted, Key);

    EncryptedData, DataToBeEncrypted and Key should be 16 to 32 bytes long. There is no need of data decryption later.

    I tried to do this using Crypto++ AES, however, it's quite difficult to understand that library for me.

    Thank you



  • I can recall a previous post that one of the moderators linked his encryption class to someone. I dont know if this is what your looking for, but it might help.

    http://qt-project.org/forums/viewthread/4565
    http://qt-project.org/wiki/Simple_encryption



  • Thanks for the reference :-)

    Heed the warning at the top though: it does not count as strong encryption, but if you read the discussion it not trivial to break either.



  • I recommend you QCA (Qt Cryptographic Archetecture) to encrypt/decrypt in Qt.



  • Take a look at "PolarSSL":http://polarssl.org/.
    It's simple to build an simple to use.
    I also tried Crypto++ and decided for PolarSSL in the end.


  • Moderators

    If you don't want to decrypt again, then you basically want a hash. QCryptographicHash might be what you need then. The algorithmns offered are not the newest, but they might suffice for your needs. Just hash your key followed by your data and you should be fine.



  • Thank you all for your replies.

    Tobias Hunger: The hash is not what I want. There must be the key: EncryptedData = Encrypt(DataToBeEncrypted, Key);

    I tried to use QCA - I downloaded binaries http://delta.affinix.com/download/qca/2.0/qca-2.0.1-mingw.zip , but when I run simple test program (with libqcad2.a), it crashes: "During startup program exites with code 0xc0000135".

    I also tried to build QCA using this tutorial: http://www.essentialunix.org/index.php?option=com_content&view=article&id=48:qcatutorial&catid=34:qttutorials&Itemid=53

    I can run configure.exe and qmake.exe commands, but when running mingw32-make I get error (QtGlobal include file not found):

    In file included from botantools\botan/botan/util.h:37,
    from botantools\botan\util.cpp:34:
    botantools\botan/botan/types.h:38:20: error: QtGlobal: No such file or directory

    In file included from botantools\botan/botan/util.h:37,
    from botantools\botan\util.cpp:34:
    botantools\botan/botan/types.h:50: error: 'quint8' does not name a type
    botantools\botan/botan/types.h:51: error: 'quint16' does not name a type
    botantools\botan/botan/types.h:52: error: 'quint32' does not name a type
    botantools\botan/botan/types.h:53: error: 'qint32' does not name a type
    botantools\botan/botan/types.h:54: error: 'quint64' does not name a type
    botantools\botan/botan/types.h:80: error: 'byte' in namespace 'QCA::Botan' does
    not name a type
    botantools\botan/botan/types.h:81: error: 'u32bit' in namespace 'QCA::Botan' doe
    s not name a type

    Please can you advise?



  • OK, somehow I managed to build http://delta.affinix.com/download/qca/2.0/qca-2.0.3.tar.bz2.

    Now I need to build http://delta.affinix.com/download/qca/2.0/plugins/qca-ossl-2.0.0-beta3.tar.bz2 (because I need AES). I again use this tutorial: http://www.essentialunix.org/index.php?option=com_content&view=article&id=48:qcatutorial&catid=34:qttutorials&Itemid=53

    I installed OpenSSL, made directory tree:

    C:\local
    C:\local\bin
    C:\local\include
    C:\local\lib

    Copied and renamed the files.

    Ran:

    echo "WINLOCAL_PREFIX = C:/local" > %QTDIR%\mkspecs\features\winlocal.prf
    configwin rd
    qmake

    Then, ming32-make produces this error:

    C:\SOURCE\Library\Qt\qca\qca-ossl>C:\QtSDK\mingw\bin\mingw32-make.exe
    C:/QtSDK/mingw/bin/mingw32-make -f Makefile.Release all
    mingw32-make[1]: Entering directory C:/SOURCE/Library/Qt/qca/qca-ossl' C:\iwmake\build_mingw_opensource\bin\moc.exe -DUNICODE -DQT_LARGEFILE_SUPPORT -D OSSL_097 -DQT_NO_DEBUG -DQT_PLUGIN -DQT_CORE_LIB -DQT_THREAD_SUPPORT -DQT_NO_DYN AMIC_CAST -I"c:\iwmake\build_mingw_opensource\include\QtCore" -I"c:\iwmake\build _mingw_opensource\include" -I"c:\local\include" -I"..\include\QtCrypto" -I"c:\iw make\build_mingw_opensource\include\ActiveQt" -I"release" -I"c:\Qt\4.8.2\mkspecs \win32-g++" -D__GNUC__ -DWIN32 qca-ossl.cpp -o release\qca-ossl.moc Systém nemůže nalézt uvedenou cestu. = {translation: Can't find specified path} mingw32-make[1]: *** [release/qca-ossl.moc] Error 1 mingw32-make[1]: Leaving directoryC:/SOURCE/Library/Qt/qca/qca-ossl'
    mingw32-make: *** [release-all] Error 2

    There is "c:\iwmake" path mentioned in this error, but this path doesn't exist on my computer. Is this the source of the error? How to fix it?

    Thank you#



  • Spent 5 hours bulding QCA but finally did it! The problem was - Don't run C:\QtSDK\mingw\bin\mingw32-make.exe, simply type mingw32-make.

    I'm a windows user used to compile my programs in graphical IDEs by clicking Run button, so building sources using command prompt is quite exotic for me and I don't understand it very well. Is there any literature I can read about compiling from command prompt?



  • bq. Tobias Hunger: The hash is not what I want. There must be the key: EncryptedData = Encrypt(DataToBeEncrypted, Key);

    What's the difference between
    Encrypt(Data, Key)
    and
    Hash(Data+Key)
    When you don't need decryption?
    Looks to me as if you're using something wrong here, what's the overall purpose of this?



  • I made a TCP client and server and need client to authorize when connecting to server.

    1. When connection is established, server sends a question to client. The question is 256 bit long integer.
    2. Client receives the question and makes reply: ClientReply = Encrypt(Question, Key).
    3. Servers received ClientReply and if it is allright, the client is aurhorized. Server increments question.

    I think it is enough to satisfy my security demands :)



  • Well then a Hash is definetly the right thing and an encryption is definetly the wrong thing to use.
    Further one shouldn't make up own security/authorization protocols when not proficient in it. Your scheme looks like it's vulnerable to replay attacks (due to the determinism in "Server increments question").

    Make your application work with the standard mechanisms in the field:
    https://en.wikipedia.org/wiki/Cryptographic_nonce
    https://en.wikipedia.org/wiki/Cryptographic_salt


Log in to reply
 

Looks like your connection to Qt Forum was lost, please wait while we try to reconnect.