4. Encrypt and Decrypt the password entered in QLineEdit

Important: Please read the Qt Code of Conduct - https://forum.qt.io/topic/113070/qt-code-of-conduct

Encrypt and Decrypt the password entered in QLineEdit


  • Hi,

    I wan to encrypt and decrypt the value entered in QLineEdit,
    I used QCryptographicHash for encryption, can we have decryption using QCryptographicHash.

    Or any other method can i use,
    Please provide the guidance?.

    Thanks,

    0
  • Qt Champions 2017

    You can do it. U can use simple base64 encoding as well. Not sure how strong u wud like to have encryption. You can use simple one suggested in https://wiki.qt.io/Simple_encryption_with_SimpleCrypt

    3

  • Hi,

    Encryption example

    QString strValue = m_pQLineEdit->text();

    QByteArray pswNsalt (strValue.toStdString().c_str()) ;
pswNsalt.append(STR_SALT_KEY) ;
hashedSaltedPsw = QCryptographicHash::hash(pswNsalt, QCryptographicHash::Sha256).toHex() ;
qDebug() << "encrypted psw: " << hashedSaltedPsw << endl ;

    How can i decrypt the value of hashedSaltedPsw

    Thanks,

    0

  • I used

    ```

    QByteArray ba;
    ba.append(string);
    return ba.toBase64();

    
for encrypting.

and

    QByteArray ba;
    ba.append(string);
    return QByteArray::fromBase64(ba);

    
for decrypting.

Thanks,
    1

  • for decrypt how can it be done

    QByteArray pswNsalt (strValue.toStdString().c_str()) ;
    pswNsalt.append(STR_SALT_KEY) ;
    hashedSaltedPsw = QCryptographicHash::hash(pswNsalt, QCryptographicHash::Sha256).toHex() ;
    qDebug() << "encrypted psw: " << hashedSaltedPsw << endl ;

    for the value hashedSaltedPsw ?.

    Just want to know using QCryptographicHash?

    Thanks,

    0 1 Reply
  • Qt Champions 2017

    If you just want to use it for as password, use a QCryptographicHash generate Hash password, save to the file. During ycompare, hash the input and compare it to the saved password.

    5
  • Lifetime Qt Champion

    Hi,

    Just one important detail: base64 is by no mean related to encryption of cryptography. It just allows to represent binary data as text so you can for example send said binary data to a REST service using JSON.

    7
  • Moderators

    @Pradeep-Kumar Hash values are one way. It only can be encrypted not decrypted.

    Base64 like previously stated by @SGaist is not encryption at all. It is also easily recognizable so it would be quite obvious how it was "scrambled".

    The proper way to use a hash for passwords is to do it one way. So the user enters their password, you run the hash on it and save the hashed value. Then when you need to authenticate the password your get the user input again, hash it, and then compare the hash to the previously saved hash.

    This is how most operating systems save and validate user passwords.

    Hashing is best for encrypting passwords because they can't be decrypted. So nobody gets your password. If you want to encrypt where you can decrypt as well you will need to use an actual algorithm. Something like AES, blowfish, twofish, etc. There are many secure ones out there with public domain implementations.

    Be warned though that using a symmetrical algorithm like the ones above will require you to have a decrypt key or password. If this is part of an application storing that decrypt key will make it easy to hack and get the key with a debugger and/or hex editor. The only secure way is to use PPK encryption which is much harder to implement but you can google public/private key encryption for more info on that.

    Hope that helps.

    7
Log in to reply