How to encrypt and decrypt text content on QT?



  • Hi All,

    I am looking forward a solution on QT to encrypt and decrypt text content which is stored in a text file.

    Our text content was encrypted with a private key. Any body know any library for this? I saw that we have crypto++ at this link
    https://stackoverflow.com/questions/12306956/example-of-aes-using-crypto

    But i could not link crypto++ to our project. Could you please help me on this?

    Thank you very much!


  • Qt Champions 2016

    @William.Tran said in How to encrypt and decrypt text content on QT?:

    Our text content was encrypted with a private key.

    But then you should use the same API/tool/software to decrypt it again?



  • @mrjj

    I would like our application can read that content only. that's why we encrypted content and stored it to file.


  • Qt Champions 2016

    @William.Tran

    But how did u encrypt it in first place?
    What software did use the private key ?

    So are u sure crypto++ can decrypt it ?



  • @mrjj

    Our server has encrypted the file with a private key. On our application download this content and stored to file.

    I could use javascript to decrypt it as below:

        var key = CryptoJS.SHA256(__CRYPTO_AES_PRIVATE_KEY);
        var iv = CryptoJS.enc.Hex.parse(bin2hex(key.toString().substring(0, 16)))
    
        var decrypted = CryptoJS.AES.decrypt(encrypted, key, { iv: iv });
    
        return decrypted.toString(CryptoJS.enc.Utf8);
    

    I am not sure crypto++ can do that or not but i tried to build my app with that library however it is not successful.


  • Moderators

    From that code alone I think you can use OpenSSL library to decrypt your data on Qt side.



  • both libcrypto (part of OpenSSL) and cryptoc++ can handle AES encryption. Given you are talking about "server" I suppose you are using OpenSSL already so libcrypto is probably the easier way to go. You can see an example of how to do it here: https://gist.github.com/mythosil/1292328 (yes, it's in C as libcrypto is in C)



  • @VRonin, @sierdzio

    Thank your for you answer. I am using QT 5.9 on MAC, could you tell me how to import openssl to project and how to integrate with your libs?

    Many thanks.





  • @VRonin

    I followed your links add this to .pro file but it does not help.

    INCLUDEPATH += /usr/local/Cellar/openssl/1.0.2k/lib/
    LIBS += -L/usr/local/Cellar/openssl/1.0.2k/lib/ -lcrypto

    I could not use : #include <openssl/evp.h>



  • I could link openssl lib to my project by :

    INCLUDEPATH += /usr/local/Cellar/openssl/1.0.2k/include
    LIBS += -L/usr/local/Cellar/openssl/1.0.2k/lib -lcrypto



  • @VRonin

    in this lib : https://gist.github.com/mythosil/1292328

    I saw he used: EVP_aes_128_cbc and i got the error when my private key has length is 64. What EVP i should use?



  • AES standards only supports 128, 192, and 256-bit key sizes. Are you maybe adding some padding to the key?

    EDIT:

    In fact, in your javascript code, you use CryptoJS.SHA256 so you are creating a 256 bit hash of your key. you can use QCryptographicHash to create such a thing


  • Moderators

    @VRonin said in How to encrypt and decrypt text content on QT?:

    256 bit hash of your key. you can use QCryptographicHash to create such a thing

    Careful with that, though: Qt had a bug in SHA calculation. See this



  • @sierdzio I was not aware of that, but that bug relates to SHA3 while OP apparently is using Sha2.

    Alternatively you can still use libcrypto for calculating the hash too, see https://stackoverflow.com/questions/2262386/generate-sha256-with-openssl-and-c



  • @VRonin @sierdzio

    I tried to used key and iv key which is generated from my private key by javascript. but i still got the issue as i mentioned:

    The key length required 16. But my key has length 64. I think it belongs to "EVP_aes_128_cbc" isn't it?

    My code as below:

      const char *key, *iv;
      int key_length, iv_length, data_length;
    
      key = QByteArray::fromHex(strKey.toLatin1());
      key_length = strlen(key);
    
      iv = strIV.toLatin1().data();
      iv_length = strlen(iv);
    
      data_length = strlen(data);
    
      const EVP_CIPHER *cipher;
      int cipher_key_length, cipher_iv_length;
      cipher = EVP_aes_128_cbc();
      cipher_key_length = EVP_CIPHER_key_length(cipher);
      cipher_iv_length = EVP_CIPHER_iv_length(cipher);
    
      if (key_length != cipher_key_length) {
        fprintf(stderr, "Error: key length must be %d\n", cipher_key_length);
        fprintf(stderr, "current key length: %d\n", key_length);
        exit(EXIT_FAILURE);
      }
      if (iv_length != cipher_iv_length) {
        fprintf(stderr, "Error: iv length must be %d\n", cipher_iv_length);
        exit(EXIT_FAILURE);
      }
    
      const char *p;
      char *datax;
      int i, datax_length;
    
      datax = (char *)malloc(data_length);
      for (p = data, i = 0; *p != '\0'; p += 2, i++) {
        char buf[3];
        buf[0] = *p;
        buf[1] = *(p+1);
        buf[2] = '\0';
        datax[i] = strtol(buf, NULL, 16);
      }
      datax_length = i;
    
      EVP_CIPHER_CTX ctx;
    
      EVP_CIPHER_CTX_init(&ctx);
      EVP_DecryptInit_ex(&ctx, cipher, NULL, (unsigned char *)key, (unsigned char *)iv);
    
      int plain_length, final_length;
      unsigned char *plaintext;
    
      plain_length = datax_length;
      plaintext = (unsigned char *)malloc(plain_length + 1);
    
      EVP_DecryptUpdate(&ctx, plaintext, &plain_length, (unsigned char *)datax, datax_length);
      EVP_DecryptFinal_ex(&ctx, plaintext + plain_length, &final_length);
    
      plaintext[plain_length + final_length] = '\0';
      printf("%s\n", plaintext);
    
      free(plaintext);
      free(datax);
    
      EVP_CIPHER_CTX_cleanup(&ctx);
    

    The log informations:

    Error: key length must be 16
    current key length: 17



  • @William.Tran That's what we were discussing in the 3 posts above. In you javascript you don't use your key directly but you use a 256bit SHA2 hash of the key as input to the decrypter. To create that hash you can use key = QCryptographicHash::hash(strKey.toUtf8(),QCryptographicHash::Sha256);

    P.S.

    const char *key
    key = QByteArray::fromHex(strKey.toLatin1());

    Are you sure it compiles?



  • @VRonin said in How to encrypt and decrypt text content on QT?:

    key = QCryptographicHash::hash(strKey.toUtf8(),QCryptographicHash::Sha256);

    I already generated key by that code. But did not help at all.

    I tried to use
    key = QByteArray::fromHex(strKey.toLatin1());

    Because the "strKey" is Hash Key which was generated by javascript.


Log in to reply
 

Looks like your connection to Qt Forum was lost, please wait while we try to reconnect.