cmsexample.cpp source code [qca/examples/cms/cmsexample.cpp]

1	/*
2	Copyright (C) 2003 Justin Karneges <justin@affinix.com>
3	Copyright (C) 2005-2006 Brad Hards <bradh@frogmouth.net>
4
5	Permission is hereby granted, free of charge, to any person obtaining a copy
6	of this software and associated documentation files (the "Software"), to deal
7	in the Software without restriction, including without limitation the rights
8	to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9	copies of the Software, and to permit persons to whom the Software is
10	furnished to do so, subject to the following conditions:
11
12	The above copyright notice and this permission notice shall be included in
13	all copies or substantial portions of the Software.
14
15	THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16	IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17	FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18	AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
19	AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
20	CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
21	*/
22
23	#include <QtCrypto>
24
25	#include <QCoreApplication>
26	#include <QDebug>
27
28	#ifdef QT_STATICPLUGIN
29	#include "import_plugins.h"
30	#endif
31
32	int main(int argc, char **argv)
33	{
34	// the Initializer object sets things up, and
35	// also does cleanup when it goes out of scope
36	QCA::Initializer init;
37
38	QCoreApplication app(argc, argv);
39
40	// We need to ensure that we have certificate handling support
41	if (!QCA::isSupported(features: "cert")) {
42	qWarning() << "Sorry, no PKI certificate support";
43	return `1`;
44	}
45
46	// Read in a public key cert
47	// you could also build this using the fromPEMFile() method
48	QCA::Certificate pubCert(QStringLiteral("User.pem"));
49	if (pubCert.isNull()) {
50	qWarning() << "Sorry, could not import public key certificate";
51	return `1`;
52	}
53	// We are building the certificate into a SecureMessageKey object, via a
54	// CertificateChain
55	QCA::SecureMessageKey secMsgKey;
56	QCA::CertificateChain chain;
57	chain += pubCert;
58	secMsgKey.setX509CertificateChain(chain);
59
60	// build up a SecureMessage object, based on our public key certificate
61	if (!QCA::isSupported(features: "cms")) {
62	qWarning() << "Sorry, no CMS support";
63	return `1`;
64	}
65	QCA::CMS cms;
66	QCA::SecureMessage msg(&cms);
67	msg.setRecipient(secMsgKey);
68
69	// Some plain text - we use the first command line argument if provided
70	QByteArray plainText = (argc >= `2`) ? argv[`1`] : "What do ya want for nuthin'";
71
72	// Now use the SecureMessage object to encrypt the plain text.
73	msg.startEncrypt();
74	msg.update(in: plainText);
75	msg.end();
76	// I think it is reasonable to wait for 1 second for this
77	msg.waitForFinished(msecs: `1000`);
78
79	// check to see if it worked
80	if (!msg.success()) {
81	qWarning() << "Error encrypting: " << msg.errorCode();
82	return `1`;
83	}
84
85	// get the result
86	QByteArray cipherText = msg.read();
87	QCA::Base64 enc;
88	qDebug() << "'" << plainText.data() << "' encrypts to (in base 64): ";
89	qDebug() << enc.arrayToString(a: cipherText);
90	qDebug() << "Message uses" << msg.hashName() << "hashing algorithm";
91	qDebug();
92
93	// Show we can decrypt it with the private key
94
95	// Read in a private key
96	QCA::PrivateKey privKey;
97	QCA::ConvertResult convRes;
98	QCA::SecureArray passPhrase = "start";
99	privKey = QCA::PrivateKey::fromPEMFile(QStringLiteral("Userkey.pem"), passphrase: passPhrase, result: &convRes);
100	if (convRes != QCA::ConvertGood) {
101	qWarning() << "Sorry, could not import Private Key";
102	return `1`;
103	}
104
105	QCA::SecureMessageKey secMsgKey2;
106	// needed?
107	secMsgKey2.setX509CertificateChain(chain);
108	secMsgKey2.setX509PrivateKey(privKey);
109	QCA::SecureMessageKeyList privKeyList;
110	privKeyList += secMsgKey2;
111
112	// build up a SecureMessage object, based on the private key
113	// you could re-use the existing QCA::CMS object (cms), but
114	// this example simulates encryption and one end, and decryption
115	// at the other
116	QCA::CMS anotherCms;
117	anotherCms.setPrivateKeys(privKeyList);
118
119	QCA::SecureMessage msg2(&anotherCms);
120
121	msg2.startDecrypt();
122	msg2.update(in: cipherText);
123	msg2.end();
124
125	// I think it is reasonable to wait for 1 second for this
126	msg2.waitForFinished(msecs: `1000`);
127
128	// check to see if it worked
129	if (!msg2.success()) {
130	qWarning() << "Error encrypting: " << msg2.errorCode();
131	return `1`;
132	}
133
134	QCA::SecureArray plainTextResult = msg2.read();
135
136	qDebug() << enc.arrayToString(a: cipherText) << " (in base 64) decrypts to: " << plainTextResult.data();
137
138	if (msg2.wasSigned()) {
139	qDebug() << "Message was signed at " << msg2.signer().timestamp();
140	} else {
141	qDebug() << "Message was not signed";
142	}
143
144	qDebug() << "Message used" << msg2.hashName() << "hashing algorithm";
145
146	qDebug();
147
148	// Now we want to try a signature
149	QByteArray text("Got your message");
150
151	// Re-use the CMS and SecureMessageKeyList objects from the decrypt...
152	QCA::SecureMessage signing(&anotherCms);
153	signing.setSigners(privKeyList);
154
155	signing.startSign(m: QCA::SecureMessage::Detached);
156	signing.update(in: text);
157	signing.end();
158
159	// I think it is reasonable to wait for 1 second for this
160	signing.waitForFinished(msecs: `1000`);
161
162	// check to see if it worked
163	if (!signing.success()) {
164	qWarning() << "Error signing: " << signing.errorCode();
165	return `1`;
166	}
167
168	// get the result
169	QByteArray signature = signing.signature();
170
171	qDebug() << "'" << text.data() << "', signature (converted to base 64), is: ";
172	qDebug() << enc.arrayToString(a: signature);
173	qDebug() << "Message uses" << signing.hashName() << "hashing algorithm";
174	qDebug();
175
176	// Now we go back to the first CMS, and re-use that.
177	QCA::SecureMessage verifying(&cms);
178
179	// You have to pass the signature to startVerify(),
180	// and the message to update()
181	verifying.startVerify(detachedSig: signature);
182	verifying.update(in: text);
183	verifying.end();
184
185	verifying.waitForFinished(msecs: `1000`);
186
187	// check to see if it worked
188	if (!verifying.success()) {
189	qWarning() << "Error verifying: " << verifying.errorCode();
190	return `1`;
191	}
192
193	QCA::SecureMessageSignature sign;
194	sign = verifying.signer();
195	// todo: dump some data out about the signer
196
197	if (verifying.verifySuccess()) {
198	qDebug() << "Message verified";
199	} else {
200	qDebug() << "Message failed to verify:" << verifying.errorCode();
201	}
202
203	return `0`;
204	}
205

source code of qca/examples/cms/cmsexample.cpp