Encrypt String (RSA x509) Android, iOS


  • Qt Champions 2016

    one of my customers wants to use RSA encryption to verify that the app can get access to server

    they want to give me a Public Key and then I have to encrypt the user password and send as base64 to server
    this only happens at user login
    I don't have to do any other kind of crypt stuff - only the encryption of the password

    my customer already has C# code where they tested client-side encryption:

    byte[] encryptedBytes = encryptString(password); 
    string encryptedPwdB64 = Convert.ToBase64String(encryptedBytes);
    string clientRequest = String.Concat(username, ":", encryptedPwdB64); 
    ….
    privte static byte[] encryptString(string textToEncrypt)
            {
                RSACryptoServiceProvider publicKeyProv = (RSACryptoServiceProvider)x509.PublicKey.Key;
                byte[] encryptedBytes = publicKeyProv.Encrypt(Encoding.UTF8.GetBytes(textToEncrypt), true);
                String encryptedText = System.Text.Encoding.UTF8.GetString(encryptedBytes);
                return encryptedBytes;
            }
    

    any ideas what would be the easiest way for me to do the same with Qt 5.7+ - QtQuickControls2 App running on Android and iOS ?

    never added 3rd party libs before

    thx



  • Since you are probably shipping OpenSSL with your code anyway (or at least I hope you are using SSL to connect over the network) you can use that to do the encryption, see http://hayageek.com/rsa-encryption-decryption-openssl-c/ for an example.

    P.S.
    Password encryption is a VERY BAD idea! Passwords should be stored as salted hashes (SHA3-512 is an option)


  • Moderators

    @ekkescorner
    RSA encryption is not supported directly by Qt. You need to use OpenSSL for this.

    This can be a very cumbersome task to compile OpenSSL for Android and iOS yourself.
    For Android see this, for iOS this.

    Use OpenSSL v1.0x (not v1.1.x)


  • Qt Champions 2016

    @VRonin customer doesn't use SSL because all is running with AndroidForWorks on BlackBerry Infrastructure where all is encrypted

    customer doesn't store the passwords encrypted - only uses this encryption as an extra step to verify app access


  • Moderators

    @ekkescorner
    this isn't a matter of SSL. OpenSSL is a cryptographic library you need to use to encrypt your data.

    To add up to @VRonin: for SHA hashes Qt has support via QCryptographicHash class.


  • Qt Champions 2016

    @raven-worx thx. had the fear I have to add OpenSSL ;-)
    it's already on my todo list because I'll need this for Android 7 for customers using SSL

    So I'll try to add OpenSSL - thx for the links


  • Moderators

    @ekkescorner said in Encrypt String (RSA x509) Android, iOS:

    @raven-worx thx. had the fear I have to add OpenSSL ;-)

    So I'll try to add OpenSSL - thx for the links

    ó.Ò



  • @ekkescorner said in Encrypt String (RSA x509) Android, iOS:

    customer doesn't use SSL

    I'm curious now... you encrypt locally, send over unsecure network and decrypt locally on the other side? If so how can you prevent men-in-the-middle?


  • Qt Champions 2016

    @VRonin the network is secure. it's AndroidForWork on BlackBerry Enterprise Server. you could think that it's something like a VPN.

    most of my mobile business apps are running on BlackBerry Server and 90% of the customers only use http because all is encxrypted: devices and traffic

    in this case where very sensible data can be accessed it's only an extra verification step.



  • @ekkescorner I only now read your username. Sorry for treating you as "not an expert" in network and/or password encryption.

    I think you still have 2 options apart from OpenSSL:


  • Qt Champions 2016

    @VRonin said in Encrypt String (RSA x509) Android, iOS:

    @ekkescorner I only now read your username. Sorry for treating you as "not an expert" in network and/or password encryption.

    I think you still have 2 options apart from OpenSSL:

    thx for this worthful info - will try CryptoC++ - need solution for Android and iOS


Log in to reply
 

Looks like your connection to Qt Forum was lost, please wait while we try to reconnect.