Add client side encrypt and decrypt for API communication

harbour-sailimgur.pro

@@ -16,11 +16,13 @@ CONFIG += sailfishapp
 
 HEADERS += \
     src/imageuploader.h \
-    src/sailimgur.h
+    src/sailimgur.h  \
+    src/simplecrypt.h
 
 SOURCES += main.cpp \
     src/imageuploader.cpp \
-    src/sailimgur.cpp
+    src/sailimgur.cpp \
+    src/simplecrypt.cpp
 
 OTHER_FILES = \
     rpm/harbour-sailimgur.changes \

main.cpp

@@ -9,9 +9,10 @@
 
 #include "src/imageuploader.h"
 #include "src/sailimgur.h"
+#include "src/simplecrypt.h"
 
 #define CLIENT_ID "44f3bd95ad7db12"
-#define CLIENT_SECRET ""
+#define CLIENT_SECRET "AwLij1UYyeMhkq3xUEvNu3DH9/1YEMbtcZb3pQ5GwLB5yviiARnO5X3N+6VS"
 
 /**
  * Clears the web cache, because Qt 5.2 WebView chokes on caches from older Qt versions.
@@ -42,6 +43,10 @@ void clearWebCache() {
 int main(int argc, char *argv[])
 {
 
+    SimpleCrypt *crypto = new SimpleCrypt();
+    crypto->setKey(0xd2fa13b37d936b07);
+    QString client_secret = crypto->decryptToString(QString(CLIENT_SECRET));
+
     QScopedPointer<QGuiApplication> app(SailfishApp::application(argc, argv));
 
     clearWebCache();
@@ -56,7 +61,7 @@ int main(int argc, char *argv[])
     view->rootContext()->setContextProperty("APP_RELEASE", APP_RELEASE);
 
     view->rootContext()->setContextProperty("CLIENT_ID", CLIENT_ID);
-    view->rootContext()->setContextProperty("CLIENT_SECRET", CLIENT_SECRET);
+    view->rootContext()->setContextProperty("CLIENT_SECRET", client_secret);
 
     Sailimgur mgr;
     view->rootContext()->setContextProperty("sailimgurMgr", &mgr);

src/simplecrypt.cpp

@@ -0,0 +1,252 @@
+/*
+Copyright (c) 2011, Andre Somers
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+    * Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+    * Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+    * Neither the name of the Rathenau Instituut, Andre Somers nor the
+      names of its contributors may be used to endorse or promote products
+      derived from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL ANDRE SOMERS BE LIABLE FOR ANY
+DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+LOSS OF USE, DATA, OR #######; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+*/
+#include "simplecrypt.h"
+#include <QByteArray>
+#include <QtDebug>
+#include <QtGlobal>
+#include <QDateTime>
+#include <QCryptographicHash>
+#include <QDataStream>
+
+SimpleCrypt::SimpleCrypt():
+    m_key(0),
+    m_compressionMode(CompressionAuto),
+    m_protectionMode(ProtectionChecksum),
+    m_lastError(ErrorNoError)
+{
+    qsrand(uint(QDateTime::currentMSecsSinceEpoch() & 0xFFFF));
+}
+
+SimpleCrypt::SimpleCrypt(quint64 key):
+    m_key(key),
+    m_compressionMode(CompressionAuto),
+    m_protectionMode(ProtectionChecksum),
+    m_lastError(ErrorNoError)
+{
+    qsrand(uint(QDateTime::currentMSecsSinceEpoch() & 0xFFFF));
+    splitKey();
+}
+
+void SimpleCrypt::setKey(quint64 key)
+{
+    m_key = key;
+    splitKey();
+}
+
+void SimpleCrypt::splitKey()
+{
+    m_keyParts.clear();
+    m_keyParts.resize(8);
+    for (int i=0;i<8;i++) {
+        quint64 part = m_key;
+        for (int j=i; j>0; j--)
+            part = part >> 8;
+        part = part & 0xff;
+        m_keyParts[i] = static_cast<char>(part);
+    }
+}
+
+QByteArray SimpleCrypt::encryptToByteArray(const QString& plaintext)
+{
+    QByteArray plaintextArray = plaintext.toUtf8();
+    return encryptToByteArray(plaintextArray);
+}
+
+QByteArray SimpleCrypt::encryptToByteArray(QByteArray plaintext)
+{
+    if (m_keyParts.isEmpty()) {
+        qWarning() << "No key set.";
+        m_lastError = ErrorNoKeySet;
+        return QByteArray();
+    }
+
+
+    QByteArray ba = plaintext;
+
+    CryptoFlags flags = CryptoFlagNone;
+    if (m_compressionMode == CompressionAlways) {
+        ba = qCompress(ba, 9); //maximum compression
+        flags |= CryptoFlagCompression;
+    } else if (m_compressionMode == CompressionAuto) {
+        QByteArray compressed = qCompress(ba, 9);
+        if (compressed.count() < ba.count()) {
+            ba = compressed;
+            flags |= CryptoFlagCompression;
+        }
+    }
+
+    QByteArray integrityProtection;
+    if (m_protectionMode == ProtectionChecksum) {
+        flags |= CryptoFlagChecksum;
+        QDataStream s(&integrityProtection, QIODevice::WriteOnly);
+        s << qChecksum(ba.constData(), ba.length());
+    } else if (m_protectionMode == ProtectionHash) {
+        flags |= CryptoFlagHash;
+        QCryptographicHash hash(QCryptographicHash::Sha1);
+        hash.addData(ba);
+
+        integrityProtection += hash.result();
+    }
+
+    //prepend a random char to the string
+    char randomChar = char(qrand() & 0xFF);
+    ba = randomChar + integrityProtection + ba;
+
+    int pos(0);
+    char lastChar(0);
+
+    int cnt = ba.count();
+
+    while (pos < cnt) {
+        ba[pos] = ba.at(pos) ^ m_keyParts.at(pos % 8) ^ lastChar;
+        lastChar = ba.at(pos);
+        ++pos;
+    }
+
+    QByteArray resultArray;
+    resultArray.append(char(0x03));  //version for future updates to algorithm
+    resultArray.append(char(flags)); //encryption flags
+    resultArray.append(ba);
+
+    m_lastError = ErrorNoError;
+    return resultArray;
+}
+
+QString SimpleCrypt::encryptToString(const QString& plaintext)
+{
+    QByteArray plaintextArray = plaintext.toUtf8();
+    QByteArray cypher = encryptToByteArray(plaintextArray);
+    QString cypherString = QString::fromLatin1(cypher.toBase64());
+    return cypherString;
+}
+
+QString SimpleCrypt::encryptToString(QByteArray plaintext)
+{
+    QByteArray cypher = encryptToByteArray(plaintext);
+    QString cypherString = QString::fromLatin1(cypher.toBase64());
+    return cypherString;
+}
+
+QString SimpleCrypt::decryptToString(const QString &cyphertext)
+{
+    QByteArray cyphertextArray = QByteArray::fromBase64(cyphertext.toLatin1());
+    QByteArray plaintextArray = decryptToByteArray(cyphertextArray);
+    QString plaintext = QString::fromUtf8(plaintextArray, plaintextArray.size());
+
+    return plaintext;
+}
+
+QString SimpleCrypt::decryptToString(QByteArray cypher)
+{
+    QByteArray ba = decryptToByteArray(cypher);
+    QString plaintext = QString::fromUtf8(ba, ba.size());
+
+    return plaintext;
+}
+
+QByteArray SimpleCrypt::decryptToByteArray(const QString& cyphertext)
+{
+    QByteArray cyphertextArray = QByteArray::fromBase64(cyphertext.toLatin1());
+    QByteArray ba = decryptToByteArray(cyphertextArray);
+
+    return ba;
+}
+
+QByteArray SimpleCrypt::decryptToByteArray(QByteArray cypher)
+{
+    if (m_keyParts.isEmpty()) {
+        qWarning() << "No key set.";
+        m_lastError = ErrorNoKeySet;
+        return QByteArray();
+    }
+
+    QByteArray ba = cypher;
+
+    if( cypher.count() < 3 )
+        return QByteArray();
+
+    char version = ba.at(0);
+
+    if (version !=3) {  //we only work with version 3
+        m_lastError = ErrorUnknownVersion;
+        qWarning() << "Invalid version or not a cyphertext.";
+        return QByteArray();
+    }
+
+    CryptoFlags flags = CryptoFlags(ba.at(1));
+
+    ba = ba.mid(2);
+    int pos(0);
+    int cnt(ba.count());
+    char lastChar = 0;
+
+    while (pos < cnt) {
+        char currentChar = ba[pos];
+        ba[pos] = ba.at(pos) ^ lastChar ^ m_keyParts.at(pos % 8);
+        lastChar = currentChar;
+        ++pos;
+    }
+
+    ba = ba.mid(1); //chop off the random number at the start
+
+    bool integrityOk(true);
+    if (flags.testFlag(CryptoFlagChecksum)) {
+        if (ba.length() < 2) {
+            m_lastError = ErrorIntegrityFailed;
+            return QByteArray();
+        }
+        quint16 storedChecksum;
+        {
+            QDataStream s(&ba, QIODevice::ReadOnly);
+            s >> storedChecksum;
+        }
+        ba = ba.mid(2);
+        quint16 checksum = qChecksum(ba.constData(), ba.length());
+        integrityOk = (checksum == storedChecksum);
+    } else if (flags.testFlag(CryptoFlagHash)) {
+        if (ba.length() < 20) {
+            m_lastError = ErrorIntegrityFailed;
+            return QByteArray();
+        }
+        QByteArray storedHash = ba.left(20);
+        ba = ba.mid(20);
+        QCryptographicHash hash(QCryptographicHash::Sha1);
+        hash.addData(ba);
+        integrityOk = (hash.result() == storedHash);
+    }
+
+    if (!integrityOk) {
+        m_lastError = ErrorIntegrityFailed;
+        return QByteArray();
+    }
+
+    if (flags.testFlag(CryptoFlagCompression))
+        ba = qUncompress(ba);
+
+    m_lastError = ErrorNoError;
+    return ba;
+}