diff --git a/client/client.pro b/client/client.pro index 84a2d756..0b8cf83a 100644 --- a/client/client.pro +++ b/client/client.pro @@ -41,6 +41,7 @@ HEADERS += \ platforms/ios/MobileUtils.h \ platforms/linux/leakdetector.h \ protocols/protocols_defs.h \ + secure_qsettings.h \ secureformat.h \ settings.h \ ui/notificationhandler.h \ @@ -100,6 +101,7 @@ SOURCES += \ platforms/ios/MobileUtils.cpp \ platforms/linux/leakdetector.cpp \ protocols/protocols_defs.cpp \ + secure_qsettings.cpp \ secureformat.cpp \ settings.cpp \ ui/notificationhandler.cpp \ diff --git a/client/secure_qsettings.cpp b/client/secure_qsettings.cpp new file mode 100644 index 00000000..a9beb112 --- /dev/null +++ b/client/secure_qsettings.cpp @@ -0,0 +1,47 @@ +#include "secure_qsettings.h" +#include "secureformat.h" + +#include + +SecureQSettings::SecureQSettings(const QString &organization, const QString &application, QObject *parent) + : QObject{parent}, + m_setting(organization, application, parent) +{ + encrypted = m_setting.value("encrypted").toBool(); + + // convert settings to encrypted + if (! encrypted) { + // TODO: convert + // m_setting.sync(); + } +} + +QVariant SecureQSettings::value(const QString &key, const QVariant &defaultValue) const +{ + if (encrypted) { + QByteArray encryptedValue = m_setting.value(key, defaultValue).toByteArray(); + QByteArray decryptedValue = decryptText(encryptedValue); + + QDataStream ds(&decryptedValue, QIODevice::ReadOnly); + QVariant v; + ds >> v; + return v; + } + else { + return m_setting.value(key, defaultValue); + } +} + +void SecureQSettings::setValue(const QString &key, const QVariant &value) +{ + QByteArray decryptedValue; + { + QDataStream ds(&decryptedValue, QIODevice::WriteOnly); + ds << value; + } + + QByteArray encryptedValue = encryptText(decryptedValue); + m_setting.setValue(key, encryptedValue); +} + + diff --git a/client/secure_qsettings.h b/client/secure_qsettings.h new file mode 100644 index 00000000..a7f32f64 --- /dev/null +++ b/client/secure_qsettings.h @@ -0,0 +1,22 @@ +#ifndef SECUREQSETTINGS_H +#define SECUREQSETTINGS_H + +#include +#include + +class SecureQSettings : public QObject +{ +public: + explicit SecureQSettings(const QString &organization, const QString &application = QString(), QObject *parent = nullptr); + + QVariant value(const QString &key, const QVariant &defaultValue = QVariant()) const; + void setValue(const QString &key, const QVariant &value); + void sync() { m_setting.sync(); } + void remove(const QString &key) { m_setting.remove(key); } + +private: + QSettings m_setting; + bool encrypted {false}; +}; + +#endif // SECUREQSETTINGS_H diff --git a/client/secureformat.cpp b/client/secureformat.cpp index 5112a601..6dfe185c 100644 --- a/client/secureformat.cpp +++ b/client/secureformat.cpp @@ -17,6 +17,7 @@ int generate_key_and_iv(unsigned char *iv, unsigned char *key) { // NULL, // key_file_buf, key_size, 1, // const unsigned char *data, int datal, int count, // key, iv); + return 0; } int gcm_encrypt(unsigned char *plaintext, int plaintext_len, @@ -124,10 +125,10 @@ int gcm_decrypt(unsigned char *ciphertext, int ciphertext_len, unsigned char gcmkey[] = "12345qwerty"; unsigned char iv[] = "000000000000"; -QByteArray encryptText(const QString& value) { - int plainTextSize = value.toUtf8().size(); +QByteArray encryptText(const QByteArray& value) { + int plainTextSize = value.size(); unsigned char* plainText = new unsigned char[plainTextSize]; - std::memcpy(plainText, value.toUtf8().constData(), plainTextSize); + std::memcpy(plainText, value.constData(), plainTextSize); unsigned char chipherText[UINT16_MAX]; int chipherTextSize = gcm_encrypt(plainText, plainTextSize, @@ -138,13 +139,13 @@ QByteArray encryptText(const QString& value) { return QByteArray::fromRawData((const char *)chipherText, chipherTextSize); } -QString decryptText(const QByteArray& qEncryptArray) { +QByteArray decryptText(const QByteArray& qEncryptArray) { unsigned char decryptPlainText[UINT16_MAX]; gcm_decrypt((unsigned char*)qEncryptArray.data(), qEncryptArray.size(), gcmkey, iv, 12, decryptPlainText); - return QString::fromUtf8((const char *)decryptPlainText); + return QByteArray::fromRawData((const char *)decryptPlainText, qEncryptArray.size()); } SecureFormat::SecureFormat() @@ -176,40 +177,40 @@ bool SecureFormat::readSecureFile(QIODevice& device, QSettings::SettingsMap& map } bool SecureFormat::writeSecureFile(QIODevice& device, const QSettings::SettingsMap& map) { - if (!device.isOpen()) { - return false; - } +// if (!device.isOpen()) { +// return false; +// } - QTextStream outStream(&device); - auto keys = map.keys(); - for (auto key : keys) { - QString value = map.value(key).toString(); - QByteArray qEncryptArray = encryptText(value); - outStream << key << "<=>" << qEncryptArray << "\n"; +// QTextStream outStream(&device); +// auto keys = map.keys(); +// for (auto key : keys) { +// QString value = map.value(key).toString(); +// QByteArray qEncryptArray = encryptText(value); +// outStream << key << "<=>" << qEncryptArray << "\n"; - qDebug() << "SecureFormat::writeSecureFile: " << key << "<=>" << qEncryptArray; - } +// qDebug() << "SecureFormat::writeSecureFile: " << key << "<=>" << qEncryptArray; +// } return true; } void SecureFormat::chiperSettings(const QSettings &oldSetting, QSettings &newSetting) { - QVariantMap keysValuesPairs; - QStringList keys = oldSetting.allKeys(); - QStringListIterator it(keys); - while ( it.hasNext() ) { - QString currentKey = it.next(); - keysValuesPairs.insert(currentKey, oldSetting.value(currentKey)); - } +// QVariantMap keysValuesPairs; +// QStringList keys = oldSetting.allKeys(); +// QStringListIterator it(keys); +// while ( it.hasNext() ) { +// QString currentKey = it.next(); +// keysValuesPairs.insert(currentKey, oldSetting.value(currentKey)); +// } - for (const QString& key : keys) { - QString value = keysValuesPairs.value(key).toString(); - QByteArray qEncryptArray = encryptText(value); +// for (const QString& key : keys) { +// QString value = keysValuesPairs.value(key).toString(); +// QByteArray qEncryptArray = encryptText(value); - newSetting.setValue(key, qEncryptArray); - } +// newSetting.setValue(key, qEncryptArray); +// } - newSetting.sync(); +// newSetting.sync(); } const QSettings::Format& SecureFormat::format() const{ diff --git a/client/secureformat.h b/client/secureformat.h index 32e6d599..c49ed214 100644 --- a/client/secureformat.h +++ b/client/secureformat.h @@ -4,6 +4,9 @@ #include #include +QByteArray encryptText(const QByteArray &value); +QByteArray decryptText(const QByteArray& qEncryptArray); + class SecureFormat { public: diff --git a/client/settings.cpp b/client/settings.cpp index e35a14ac..c8069f70 100644 --- a/client/settings.cpp +++ b/client/settings.cpp @@ -8,15 +8,14 @@ const char Settings::cloudFlareNs1[] = "1.1.1.1"; const char Settings::cloudFlareNs2[] = "1.0.0.1"; -SecureFormat Settings::m_secureFormat; +//SecureFormat Settings::m_secureFormat; Settings::Settings(QObject* parent) : QObject(parent), - m_settings(m_secureFormat.format(), QSettings::UserScope, - ORGANIZATION_NAME, APPLICATION_NAME, this) + m_settings(ORGANIZATION_NAME, APPLICATION_NAME, this) { qDebug() << "Settings::Settings()" << this; - qDebug() << "Settings::Settings()" << m_settings.fileName(); +// qDebug() << "Settings::Settings()" << m_settings.fileName(); // Import old settings if (serversCount() == 0) { QString user = m_settings.value("Server/userName").toString(); diff --git a/client/settings.h b/client/settings.h index 7b0066b9..082db891 100644 --- a/client/settings.h +++ b/client/settings.h @@ -12,6 +12,7 @@ #include "core/defs.h" #include "containers/containers_defs.h" #include "secureformat.h" +#include "secure_qsettings.h" using namespace amnezia; @@ -112,8 +113,8 @@ public: // static constexpr char openNicNs13[] = "144.76.103.143"; private: - static SecureFormat m_secureFormat; - QSettings m_settings; + //static SecureFormat m_secureFormat; + SecureQSettings m_settings; }; #endif // SETTINGS_H