New SimpleCrypt page
-
wrote on 4 Feb 2013, 16:58 last edited by
worked in QT 5?
-
wrote on 4 Feb 2013, 17:10 last edited by
good thing I changed was this:
@//QString cypherString = QString::fromAscii(cypher.toBase64());
QString cypherString = QString::fromUtf8(cypher.toBase64());//QString cypherString = QString::fromAscii(cypher.toBase64());
QString cypherString = QString::fromUtf8(cypher.toBase64());//QByteArray cyphertextArray = QByteArray::fromBase64(cyphertext.toAscii());
QByteArray cyphertextArray = QByteArray::fromBase64(cyphertext.toUtf8());//QByteArray cyphertextArray = QByteArray::fromBase64(cyphertext.toAscii());
QByteArray cyphertextArray = QByteArray::fromBase64(cyphertext.toUtf8());@there will be well done this.
-
wrote on 14 Feb 2013, 06:45 last edited by
I was getting SIGABRT's when attempting to decrypt an empty string with a Qt with debugging enabled. So I've added a little check. Doesn't seem possible to link to wiki history diffs, but you can see it there.
-
wrote on 14 Feb 2013, 07:24 last edited by
Thanks, good catch.
I assume you're talking about this snippet, right?
@
if( cypher.count() < 3 )
return QByteArray();
@A small problem is, that no error code is set. I think that needs to be added.
-
wrote on 14 Feb 2013, 22:50 last edited by
good, and in QT5 probe, and all good the only thing that was included # include <QDataStream>, and change QString :: fromutf8 () and QString :: toutf8 ().
Clearly only tried with 30 words, and it has worked well.
-
wrote on 28 Feb 2013, 14:12 last edited by
Hi Andre,
thanks for sharing this very useful code. Works perfectly, did save me quite some time. May I buy you a beer on next DevDays?
Nils
-
wrote on 28 Feb 2013, 15:53 last edited by
[quote author="njeisecke" date="1362060748"]Hi Andre,
thanks for sharing this very useful code. Works perfectly, did save me quite some time. May I buy you a beer on next DevDays?
Nils[/quote]
Good to hear that. If I'm able to go, you most certainly are welcome to buy me one :-) -
wrote on 1 Mar 2013, 17:00 last edited by
Hi,
I'm having some troubles using your code.
For the same binary the encryption/decryption of the string using a key works fine.
But if i change the source code and add something like: qWarning() << "what you want";
Then rebuild the app, the password is badly decrypted.Is this a normal behavior ??
Thanks for your help.
-
wrote on 2 Mar 2013, 10:20 last edited by
Well, no, of course not. However, your description is so vague that I have no idea what could be wrong.
-
wrote on 2 Mar 2013, 12:40 last edited by
Hi,
Thanks for your answer i found the problem.
I was using a stupid generated test key like: quint64 key( qHash( "the_test_key" ) );
When the binary change, the hash returned by this call was not identical as previously, resulting to badly decrypted content.
Using QString version fixed the problem: quint64 key( qHash( QString( "the_test_key" ) ) );thanks you!
-
wrote on 2 Mar 2013, 13:13 last edited by
I don't think qHash is guaranteed to give the same result between runs actually, so it seems unwise to me to use it in this way. Furthermore, it is not very secure. qHash returns a uint, while the key used is a quint64. So, you are only using a 32 bits key instead of a 64 bits one.
-
wrote on 2 Mar 2013, 15:18 last edited by
Right, it's not secure, as i told, it was a test project.
The problem of the qHash over a const char* is that it may be done differently depending the os / compiler.
A qHash around a QString is always giving the same result because it hash the string content - I did not read the code on what it does with const char*.
Anyway, yes using this way is not a good way, but it was a test.
By the way is there some repository to to track the code ? having to copy/paste it from a wiki page is not so natural.Thanks for your code, and the help.
-
wrote on 2 Mar 2013, 16:16 last edited by
No the code is not in a repo, but I probably should put it on Gitorious or something like that.
For generating a key out of a string, I think I'd just use QCryptographic hash with MD5 or SHA-1, and create a 64 bit key out of the 16 (MD5) or 20 (SHA-1) bytes these generate. The key you need is 8 bytes, but reducing the 16 or 20 bytes to 8 is just a simple XOR or two away...
-
wrote on 18 Mar 2014, 21:29 last edited by
Hey there, I am new to Qt and just came across your work ... great work by the way... could you tell me where your updated work might be? like the latest one?
cuz I seem to have a problem with this one - https://www.gitorious.org/qtdevnet-wiki-mvc/qtdevnet-simplecryptiodevide/source/a170750960820be4230ea1aff85148fc41f0dcf3:
-
wrote on 17 Nov 2014, 07:18 last edited by
Hi Andre,
Thanks for the code. It is really useful.
But is there any way to find out whether the file is encrypted or not? I would like to know if the input file is encrypted or not, if yes, then only I will decrypt it.
Thanks in advance,
Vrushali -
wrote on 23 Dec 2014, 09:26 last edited by
Hi Andre,
an example how to check it You got directly in the code:@
if (version !=3) { //we only work with version 3
m_lastError = ErrorUnknownVersion;
qWarning() << "Invalid version or not a cyphertext.";
return QByteArray();
}
@But is very useful thing that if You send to decryp function non-encypted data it will return the same string.
-
wrote on 23 Dec 2014, 09:26 last edited by
Hi Andre,
an example how to check it You got directly in the code:@
if (version !=3) { //we only work with version 3
m_lastError = ErrorUnknownVersion;
qWarning() << "Invalid version or not a cyphertext.";
return QByteArray();
}
@But is very useful thing that if You send to decryp function non-encypted data it will return the same string.
-
wrote on 23 Dec 2014, 14:35 last edited by
I disagree. I don't think the class should return the cyphertext as the plaintext if the cyphertext could not be decrypted. I think that it is the responsibility of the application to keep the conceptually very different plaintext and cypher text separate. If you don't know if a text is a cyphertext or a plaintext, I think you have design issues.
If you really want, you can work around this yourself by simply checking the returned string and the last error, and then using the original plain text on decryption error. I wouldn't recommend that though.
-
wrote on 23 Dec 2014, 14:35 last edited by
I disagree. I don't think the class should return the cyphertext as the plaintext if the cyphertext could not be decrypted. I think that it is the responsibility of the application to keep the conceptually very different plaintext and cypher text separate. If you don't know if a text is a cyphertext or a plaintext, I think you have design issues.
If you really want, you can work around this yourself by simply checking the returned string and the last error, and then using the original plain text on decryption error. I wouldn't recommend that though.
-
wrote on 24 Dec 2014, 01:57 last edited by
I could have this situation only when im switching between debug/release mode, because I decidated not to enrypt files when Im working on debug mode, thus when I go back to release all my files are not encrypted. At the moment I check result, and if its empty I put the orginal string.