PDA

View Full Version : Howto: Qt and RSA crypto



jonks
17th March 2010, 15:07
Hi,

How do I add support for RSA to my Qt project? (MinGW compiler)
I'm trying to read a public key by calling PEM_read_RSAPublicKey.

This is what I've done so far, but it's not working for me:

I have OpenSSL 0.9.8m installed (binary redistributable).
I have added

INCLUDEPATH += "C:/OpenSSL/include";
LIBS += -L"C:/OpenSSL/lib/MinGW"
LIBS += -llibeay32

to my project file

I have the libeay32.dll from C:\OpenSSL\bin\ in my debug folder

When I run the program it always crashes when it calls PEM_read_RSAPublicKey

wysota
17th March 2010, 15:40
Can we see the exact code? What are you passing to PEM_read_RSAPublicKey()?

jonks
18th March 2010, 05:39
#include <openssl/pem.h>
#include <openssl/evp.h>
#include <openssl/applink.c>

int LoadPublicKey( const char* keyFile )
{
FILE* f = fopen( keyFile, "r" );
if (!f) return FALSE;

RSA* pRSA = PEM_read_RSAPublicKey( f, NULL, NULL, NULL );
if (!pRSA)
{
fclose( f );
return 0;
}
fclose( f );
return (int)pRSA;
}


int main()
{
CRYPTO_malloc_init();
EVP_add_cipher( EVP_aes_256_cbc() );

int keyPub = LoadPublicKey( "public.pem" );
....

}


The same code works fine when compiled by a VC6 compiler.

wysota
18th March 2010, 10:34
Do you have OpenSSL built for your compiler? Can you build and successfully run any of the examples or tests that come with OpenSSL?

What happens if you changt the call to:


RSA *rsa = new RSA;
PEM_read_RSAPublicKey( f, &rsa, NULL, NULL );

jonks
18th March 2010, 11:49
>> Do you have OpenSSL built for your compiler

No - I installed OpenSSL using Win32OpenSSL-0_9_8m.msi.
I assumed the last paragraph of this FAQ covered MinGW http://www.openssl.org/support/faq.html#PROG2

As per 0.9.8 the above limitation is eliminated for .DLLs. OpenSSL .DLLs compiled with some specific run-time option [we insist on the default /MD] can be deployed with application compiled with different option or even different compiler.

Using


RSA *rsa = new RSA;
PEM_read_RSAPublicKey( f, &rsa, NULL, NULL )
does not resolve the crash.

wysota
18th March 2010, 12:27
Can we see the full backtrace of the crash?

jonks
18th March 2010, 13:20
There is no backtrace.
The app just exits, gdb emits
Program exited with code 030000002027

I've seen this behaviour (crash no stack trace) before with VS compiled apps that use OpenSSL if the dll does not match the link time library.
However, I'm confident that the only libeay32 dll on my computer is the one installed into c:\openssl\.

I'm going to try using Crypto++ instead.

npclaudiu
18th March 2010, 19:32
To be sure, you can compile OpenSSL from source with the same compiler that you compile your qt app (mingw's g++ that comes with qt). The binary distribution that you use is probably compiled with msvc++ in which case you could also try to simply extract the import libraries directly from dlls.

jonks
21st March 2010, 02:34
Well I just gave up on Crypto++ - it's too difficult to use and wheres the docs?!
+ I think that was designed by an abstraction astronaut!

I rolled back to the original sources that use OpenSSL, recompiled and it worked first time!!! ???
I didn't need to recompile the OpenSSL dll using Qt's MinGW either, the binary distro worked.

Now I'm totally confused as to why it works today but not a few days ago.

Corinzio
21st March 2010, 11:52
The problem seem solved but maybe this information could be interesting:
There is a Qt Cryptographic architecture at the URL http://delta.affinix.com/qca/
i've used it under windows but only for md5crypt so i'm not sure it could be used in this case.
Bye.

Ubik
20th April 2010, 22:51
There is no backtrace.
The app just exits, gdb emits
> Program exited with code 030000002027


Hi, i'm having the very same problem with OpenSSL 0.9.8-m and Qt 4.6 (windows). The problem seems to be related to operations involving a FILE*, while every other function is working fine. I'm going to digg that way, nothing began to suddenly work in my case :(

jonks
21st April 2010, 04:42
Make sure you call OpenSSL_add_all_algorithms() before calling anything else.

Ubik
21st April 2010, 11:14
Make sure you call OpenSSL_add_all_algorithms() before calling anything else.

sure i do. in the end, i had to rebuild OpenSSL from source (version 0.9.8-h, not -m) downloaded from http://gnuwin32.sourceforge.net/packages/openssl.htm, and everything worked fine.

Ubik
21st April 2010, 15:54
by the way, anybody knows which version of OpenSSL Qt 4.6 for Windows was built and linked against ?

jonks
21st April 2010, 16:09
by the way, anybody knows which version of OpenSSL Qt 4.6 for Windows was built and linked against ?

I don't think it was.

Ubik
21st April 2010, 16:15
look at qt\configure.cache:


-debug-and-release
-confirm-license
-plugin-sql-sqlite
-plugin-sql-odbc
-qt-libpng
-qt-libjpeg
-openssl
-opensource
-no-incredibuild-xge
-dont-process