diff options
author | Ruslan Nigmatullin <euroelessar@yandex.ru> | 2013-01-11 16:10:53 +0400 |
---|---|---|
committer | The Qt Project <gerrit-noreply@qt-project.org> | 2013-01-14 23:44:15 +0100 |
commit | d4adcfb8cc1b22d85641d7e4aa03b67850a4c715 (patch) | |
tree | 75c10cecc453d79df7889e2590aa138c97e89eb5 /src | |
parent | 273713b81f5e580748c281c17e08e8b3e2e8ee70 (diff) |
Added QMessageAuthenticationCode
QMessageAuthenticationCode is HMAC implementation based on
QCryptographicHash abilities. HMAC is often used in OAuth and similar
authentication protocols.
Change-Id: Ifc73947ad06c36a1b770315b7e89ba5c01c5e79e
Reviewed-by: Richard J. Moore <rich@kde.org>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Diffstat (limited to 'src')
-rw-r--r-- | src/corelib/doc/snippets/qmessageauthenticationcode/main.cpp | 62 | ||||
-rw-r--r-- | src/corelib/tools/qmessageauthenticationcode.cpp | 275 | ||||
-rw-r--r-- | src/corelib/tools/qmessageauthenticationcode.h | 84 | ||||
-rw-r--r-- | src/corelib/tools/tools.pri | 2 |
4 files changed, 423 insertions, 0 deletions
diff --git a/src/corelib/doc/snippets/qmessageauthenticationcode/main.cpp b/src/corelib/doc/snippets/qmessageauthenticationcode/main.cpp new file mode 100644 index 0000000000..4441fbd9a1 --- /dev/null +++ b/src/corelib/doc/snippets/qmessageauthenticationcode/main.cpp @@ -0,0 +1,62 @@ +/**************************************************************************** +** +** Copyright (C) 2013 Ruslan Nigmatullin <euroelessar@yandex.ru> +** Contact: http://www.qt-project.org/legal +** +** This file is part of the documentation of the Qt Toolkit. +** +** $QT_BEGIN_LICENSE:BSD$ +** You may use this file under the terms of the BSD license as follows: +** +** "Redistribution and use in source and binary forms, with or without +** modification, are permitted provided that the following conditions are +** met: +** * Redistributions of source code must retain the above copyright +** notice, this list of conditions and the following disclaimer. +** * Redistributions in binary form must reproduce the above copyright +** notice, this list of conditions and the following disclaimer in +** the documentation and/or other materials provided with the +** distribution. +** * Neither the name of Digia Plc and its Subsidiary(-ies) nor the names +** of its contributors may be used to endorse or promote products derived +** from this software without specific prior written permission. +** +** +** THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +** "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +** LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +** A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +** OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +** SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +** LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +** DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +** THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +** (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +** OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE." +** +** $QT_END_LICENSE$ +** +****************************************************************************/ + +#include <QtCore> + +int main(int argc, char *argv[]) +{ + QCoreApplication app(argc, argv); + +//! [0] + QByteArray key = "key"; + QByteArray message = "The quick brown fox jumps over the lazy dog"; +//! [0] + +//! [1] + QMessageAuthenticationCode code(QCryptographicHash::Sha1); + code.setKey(key); + code.addData(message); + code.result().toHex(); // returns "de7c9b85b8b78aa6bc8a7a36f70a90701c9db4d9" +//! [1] + +//! [2] + QMessageAuthenticationCode::hash(message, key, QCryptographicHash::Sha1).toHex(); +//! [2] +} diff --git a/src/corelib/tools/qmessageauthenticationcode.cpp b/src/corelib/tools/qmessageauthenticationcode.cpp new file mode 100644 index 0000000000..3950f15502 --- /dev/null +++ b/src/corelib/tools/qmessageauthenticationcode.cpp @@ -0,0 +1,275 @@ +/**************************************************************************** +** +** Copyright (C) 2013 Ruslan Nigmatullin <euroelessar@yandex.ru> +** Contact: http://www.qt-project.org/legal +** +** This file is part of the QtCore module of the Qt Toolkit. +** +** $QT_BEGIN_LICENSE:LGPL$ +** Commercial License Usage +** Licensees holding valid commercial Qt licenses may use this file in +** accordance with the commercial license agreement provided with the +** Software or, alternatively, in accordance with the terms contained in +** a written agreement between you and Digia. For licensing terms and +** conditions see http://qt.digia.com/licensing. For further information +** use the contact form at http://qt.digia.com/contact-us. +** +** GNU Lesser General Public License Usage +** Alternatively, this file may be used under the terms of the GNU Lesser +** General Public License version 2.1 as published by the Free Software +** Foundation and appearing in the file LICENSE.LGPL included in the +** packaging of this file. Please review the following information to +** ensure the GNU Lesser General Public License version 2.1 requirements +** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html. +** +** In addition, as a special exception, Digia gives you certain additional +** rights. These rights are described in the Digia Qt LGPL Exception +** version 1.1, included in the file LGPL_EXCEPTION.txt in this package. +** +** GNU General Public License Usage +** Alternatively, this file may be used under the terms of the GNU +** General Public License version 3.0 as published by the Free Software +** Foundation and appearing in the file LICENSE.GPL included in the +** packaging of this file. Please review the following information to +** ensure the GNU General Public License version 3.0 requirements will be +** met: http://www.gnu.org/copyleft/gpl.html. +** +** +** $QT_END_LICENSE$ +** +****************************************************************************/ + +#include "qmessageauthenticationcode.h" +#include "qvarlengtharray.h" + +/* + These #defines replace the typedefs needed by the RFC6234 code. Normally + the typedefs would come from from stdint.h, but since this header is not + available on all platforms (MSVC 2008, for example), we #define them to the + Qt equivalents. +*/ +#define uint64_t QT_PREPEND_NAMESPACE(quint64) +#define uint32_t QT_PREPEND_NAMESPACE(quint32) +#define uint8_t QT_PREPEND_NAMESPACE(quint8) +#define int_least16_t QT_PREPEND_NAMESPACE(qint16) + +// Header from rfc6234 with 1 modification: +// sha1.h - commented out '#include <stdint.h>' on line 74 +#include "../../3rdparty/rfc6234/sha.h" + +#undef uint64_t +#undef uint32_t +#undef uint68_t +#undef int_least16_t + +QT_BEGIN_NAMESPACE + +static int qt_hash_block_size(QCryptographicHash::Algorithm method) +{ + switch (method) { + case QCryptographicHash::Md4: + return 64; + case QCryptographicHash::Md5: + return 64; + case QCryptographicHash::Sha1: + return SHA1_Message_Block_Size; + case QCryptographicHash::Sha224: + return SHA224_Message_Block_Size; + case QCryptographicHash::Sha256: + return SHA256_Message_Block_Size; + case QCryptographicHash::Sha384: + return SHA384_Message_Block_Size; + case QCryptographicHash::Sha512: + return SHA512_Message_Block_Size; + } + return 0; +} + +class QMessageAuthenticationCodePrivate +{ +public: + QMessageAuthenticationCodePrivate(QCryptographicHash::Algorithm m) + : messageHash(m), method(m), messageHashInited(false) + { + } + + QByteArray key; + QByteArray result; + QCryptographicHash messageHash; + QCryptographicHash::Algorithm method; + bool messageHashInited; + + void initMessageHash(); +}; + +void QMessageAuthenticationCodePrivate::initMessageHash() +{ + if (messageHashInited) + return; + messageHashInited = true; + + const int blockSize = qt_hash_block_size(method); + + if (key.size() > blockSize) { + QCryptographicHash hash(method); + hash.addData(key); + key = hash.result(); + hash.reset(); + } + + if (key.size() < blockSize) { + const int size = key.size(); + key.resize(blockSize); + memset(key.data() + size, 0, blockSize - size); + } + + QVarLengthArray<char> iKeyPad(blockSize); + const char * const keyData = key.constData(); + + for (int i = 0; i < blockSize; ++i) + iKeyPad[i] = keyData[i] ^ 0x36; + + messageHash.addData(iKeyPad.data(), iKeyPad.size()); +} + +/*! + \class QMessageAuthenticationCode + \inmodule QtCore + + \brief The QMessageAuthenticationCode class provides a way to generate + hash-based message authentication codes. + + \since 5.1 + + \ingroup tools + \reentrant + + QMessageAuthenticationCode supports all cryptographic hashes which are supported by + QCryptographicHash. + + To generate message authentication code, pass hash algorithm QCryptographicHash::Algorithm + to constructor, then set key and message by setKey() and addData() functions. Result + can be acquired by result() function. + \snippet qmessageauthenticationcode/main.cpp 0 + \dots + \snippet qmessageauthenticationcode/main.cpp 1 + + Alternatively, this effect can be achieved by providing message, + key and method to hash() method. + \snippet qmessageauthenticationcode/main.cpp 2 + + \sa QCryptographicHash +*/ + +/*! + Constructs an object that can be used to create a cryptographic hash from data + using method \a method and key \a key. +*/ +QMessageAuthenticationCode::QMessageAuthenticationCode(QCryptographicHash::Algorithm method, + const QByteArray &key) + : d(new QMessageAuthenticationCodePrivate(method)) +{ + d->key = key; +} + +/*! + Destroys the object. +*/ +QMessageAuthenticationCode::~QMessageAuthenticationCode() +{ + delete d; +} + +/*! + Resets message data. Calling this method doesn't affect the key. +*/ +void QMessageAuthenticationCode::reset() +{ + d->result.clear(); + d->messageHash.reset(); + d->messageHashInited = false; +} + +/*! + Sets secret \a key. Calling this method automatically resets the object state. +*/ +void QMessageAuthenticationCode::setKey(const QByteArray &key) +{ + reset(); + d->key = key; +} + +/*! + Adds the first \a length chars of \a data to the message. +*/ +void QMessageAuthenticationCode::addData(const char *data, int length) +{ + d->initMessageHash(); + d->messageHash.addData(data, length); +} + +/*! + \overload addData() +*/ +void QMessageAuthenticationCode::addData(const QByteArray &data) +{ + d->initMessageHash(); + d->messageHash.addData(data); +} + +/*! + Reads the data from the open QIODevice \a device until it ends + and adds it to message. Returns true if reading was successful. + + \note \a device must be already opened. + */ +bool QMessageAuthenticationCode::addData(QIODevice *device) +{ + d->initMessageHash(); + return d->messageHash.addData(device); +} + +/*! + Returns the final authentication code. + + \sa QByteArray::toHex() +*/ +QByteArray QMessageAuthenticationCode::result() const +{ + if (!d->result.isEmpty()) + return d->result; + + d->initMessageHash(); + + const int blockSize = qt_hash_block_size(d->method); + + QByteArray hashedMessage = d->messageHash.result(); + + QVarLengthArray<char> oKeyPad(blockSize); + const char * const keyData = d->key.constData(); + + for (int i = 0; i < blockSize; ++i) + oKeyPad[i] = keyData[i] ^ 0x5c; + + QCryptographicHash hash(d->method); + hash.addData(oKeyPad.data(), oKeyPad.size()); + hash.addData(hashedMessage); + + d->result = hash.result(); + return d->result; +} + +/*! + Returns the authentication code for the message \a message using + the key \a key and the method \a method. +*/ +QByteArray QMessageAuthenticationCode::hash(const QByteArray &message, const QByteArray &key, + QCryptographicHash::Algorithm method) +{ + QMessageAuthenticationCode mac(method); + mac.setKey(key); + mac.addData(message); + return mac.result(); +} + +QT_END_NAMESPACE diff --git a/src/corelib/tools/qmessageauthenticationcode.h b/src/corelib/tools/qmessageauthenticationcode.h new file mode 100644 index 0000000000..e84a1c84b4 --- /dev/null +++ b/src/corelib/tools/qmessageauthenticationcode.h @@ -0,0 +1,84 @@ +/**************************************************************************** +** +** Copyright (C) 2013 Ruslan Nigmatullin <euroelessar@yandex.ru> +** Contact: http://www.qt-project.org/legal +** +** This file is part of the QtCore module of the Qt Toolkit. +** +** $QT_BEGIN_LICENSE:LGPL$ +** Commercial License Usage +** Licensees holding valid commercial Qt licenses may use this file in +** accordance with the commercial license agreement provided with the +** Software or, alternatively, in accordance with the terms contained in +** a written agreement between you and Digia. For licensing terms and +** conditions see http://qt.digia.com/licensing. For further information +** use the contact form at http://qt.digia.com/contact-us. +** +** GNU Lesser General Public License Usage +** Alternatively, this file may be used under the terms of the GNU Lesser +** General Public License version 2.1 as published by the Free Software +** Foundation and appearing in the file LICENSE.LGPL included in the +** packaging of this file. Please review the following information to +** ensure the GNU Lesser General Public License version 2.1 requirements +** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html. +** +** In addition, as a special exception, Digia gives you certain additional +** rights. These rights are described in the Digia Qt LGPL Exception +** version 1.1, included in the file LGPL_EXCEPTION.txt in this package. +** +** GNU General Public License Usage +** Alternatively, this file may be used under the terms of the GNU +** General Public License version 3.0 as published by the Free Software +** Foundation and appearing in the file LICENSE.GPL included in the +** packaging of this file. Please review the following information to +** ensure the GNU General Public License version 3.0 requirements will be +** met: http://www.gnu.org/copyleft/gpl.html. +** +** +** $QT_END_LICENSE$ +** +****************************************************************************/ + +#ifndef QMESSAGEAUTHENTICATIONCODE_H +#define QMESSAGEAUTHENTICATIONCODE_H + +#include <QtCore/qcryptographichash.h> + +QT_BEGIN_HEADER + +QT_BEGIN_NAMESPACE + + +class QMessageAuthenticationCodePrivate; +class QIODevice; + +class Q_CORE_EXPORT QMessageAuthenticationCode +{ +public: + explicit QMessageAuthenticationCode(QCryptographicHash::Algorithm method, + const QByteArray &key = QByteArray()); + ~QMessageAuthenticationCode(); + + void reset(); + + void setKey(const QByteArray &key); + + void addData(const char *data, int length); + void addData(const QByteArray &data); + bool addData(QIODevice *device); + + QByteArray result() const; + + static QByteArray hash(const QByteArray &message, const QByteArray &key, + QCryptographicHash::Algorithm method); + +private: + Q_DISABLE_COPY(QMessageAuthenticationCode) + QMessageAuthenticationCodePrivate *d; +}; + +QT_END_NAMESPACE + +QT_END_HEADER + +#endif diff --git a/src/corelib/tools/tools.pri b/src/corelib/tools/tools.pri index 564aff9ab9..bed71c6d25 100644 --- a/src/corelib/tools/tools.pri +++ b/src/corelib/tools/tools.pri @@ -29,6 +29,7 @@ HEADERS += \ tools/qlocale_data_p.h \ tools/qmap.h \ tools/qmargins.h \ + tools/qmessageauthenticationcode.h \ tools/qcontiguouscache.h \ tools/qpodlist_p.h \ tools/qpair.h \ @@ -82,6 +83,7 @@ SOURCES += \ tools/qpoint.cpp \ tools/qmap.cpp \ tools/qmargins.cpp \ + tools/qmessageauthenticationcode.cpp \ tools/qcontiguouscache.cpp \ tools/qrect.cpp \ tools/qregexp.cpp \ |