QCA TripleDes

[ComaWhite]

Sorry if this doesn't belong in this one. Wasn't sure where do forgive me.

I'm trying to use QCA with 3DES. It works fine when using it for HMac(Sha1) but when I use it for 3DES. I get a segmentation fault. I have support for it. I've tried every combination. I've looked in the doc. But no luck. Unless I remove the des3key and iv from it. But I need that to be in it.

Qt Code:

Switch view

QString
MSNCrypto::mbiEncrypt ( QString& ssoKey, QString& nonce )
{
    QString magic1 = "WS-SecureConversationSESSION KEY HASH";
    QString magic2 = "WS-SecureConversationSESSION KEY ENCRYPTION";
    // three keys needed for the encryption process.
    QString key1, key2, key3;
    // hash object.
    QByteArray hash;
    const char* hmacsha1 = "hmac(sha1)";
    const char* tripledes = "tripledes-cbc";
    // create the base64 decoder.
    QCA::Base64 decoder(QCA::Decode);
 
    // decode the sso key.
    key1 = decoder.decodeString(ssoKey);
    // debugging purposes.
    qDebug() << "key1: " << key1;
    // get the derive key and encrypt it with the magic string.
    key2 = deriveKey(key1, magic1);
    // debugging purposes.
    qDebug() << "key2: " << key2;
    // get the derive key and encrypt it with the second magic string.
    key3 = deriveKey(key1, magic2);
    // debugging purposes.
    qDebug() << "key3: " << key3;
 
    if(!QCA::isSupported(hmacsha1) && !QCA::isSupported(tripledes)) {
        qFatal("[ERROR] Does not support HMAC SHA1 or TRIPLE DES CBC");
    } else {
        // create the hmac object.
        QCA::MessageAuthenticationCode hmac(hmacsha1, QCA::SecureArray());
        // create the key.
        QCA::SymmetricKey key(key1.toLatin1());
        // create the triple des key.
        QCA::SymmetricKey des3key(key3.toLatin1());
        // setup the key to be used.
        hmac.setup(key);
        // create the secure array.
        QCA::SecureArray data(nonce.toUtf8());
        // update the data.
        hmac.update(data);
        // no more updates after calling final.
        hash = hmac.final().toByteArray();
        // debugging purposes.
        qDebug() << "mbiHash: " << hash;
 
        // create the initalization vector with 8 random bytes.
        QCA::InitializationVector iv(8);
 
        // create the triple des cipher object.
        QCA::Cipher cipher(QString("tripledes"), QCA::Cipher::CBC, QCA::Cipher::DefaultPadding, QCA::Encode, des3key, iv);
        //cipher.setup(QCA::Decode, des3key, iv);
    }
    return "";
}

QString
MSNCrypto::mbiEncrypt ( QString& ssoKey, QString& nonce )
{
    QString magic1 = "WS-SecureConversationSESSION KEY HASH";
    QString magic2 = "WS-SecureConversationSESSION KEY ENCRYPTION";
    // three keys needed for the encryption process.
    QString key1, key2, key3;
    // hash object.
    QByteArray hash;
    const char* hmacsha1 = "hmac(sha1)";
    const char* tripledes = "tripledes-cbc";
    // create the base64 decoder.
    QCA::Base64 decoder(QCA::Decode);

    // decode the sso key.
    key1 = decoder.decodeString(ssoKey);
    // debugging purposes.
    qDebug() << "key1: " << key1;
    // get the derive key and encrypt it with the magic string.
    key2 = deriveKey(key1, magic1);
    // debugging purposes.
    qDebug() << "key2: " << key2;
    // get the derive key and encrypt it with the second magic string.
    key3 = deriveKey(key1, magic2);
    // debugging purposes.
    qDebug() << "key3: " << key3;

    if(!QCA::isSupported(hmacsha1) && !QCA::isSupported(tripledes)) {
        qFatal("[ERROR] Does not support HMAC SHA1 or TRIPLE DES CBC");
    } else {
        // create the hmac object.
        QCA::MessageAuthenticationCode hmac(hmacsha1, QCA::SecureArray());
        // create the key.
        QCA::SymmetricKey key(key1.toLatin1());
        // create the triple des key.
        QCA::SymmetricKey des3key(key3.toLatin1());
        // setup the key to be used.
        hmac.setup(key);
        // create the secure array.
        QCA::SecureArray data(nonce.toUtf8());
        // update the data.
        hmac.update(data);
        // no more updates after calling final.
        hash = hmac.final().toByteArray();
        // debugging purposes.
        qDebug() << "mbiHash: " << hash;

        // create the initalization vector with 8 random bytes.
        QCA::InitializationVector iv(8);

        // create the triple des cipher object.
        QCA::Cipher cipher(QString("tripledes"), QCA::Cipher::CBC, QCA::Cipher::DefaultPadding, QCA::Encode, des3key, iv);
        //cipher.setup(QCA::Decode, des3key, iv);
    }
    return "";
}

To copy to clipboard, switch view to plain text mode 

[jpn]

Could you provide a simple compilable example which produces the crash so we don't have to write a test application around provided code to test it...? Also, which version of QCA did you try with?

[ComaWhite]

I'm using the latest version in gentoo portage

qca-2.0.0-r2
qca-cyrus-sasl 2.0.0-beta3
qca-gnupg 2.0.0-beta2
qca-logger 2.0.0-beta2
qca-ossl 2.0.0-beta3
qca-pkcs11 2.0.0-beta2
qca-tls 1.0-r4

[xerror]

// the Initializer object sets things up, and
// also does cleanup when it goes out of scope
QCA::Initializer init;

[Naresh Palle]

set padding as QCA::Cipher::NoPadding instead of default( means PKCS7) padding .

QCA::Cipher cipher(QString("tripledes"), QCA::Cipher::CBC, QCA::Cipher::NoPadding, QCA::Encode, des3key, iv);