AZEN-SGG/amnezia-client
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Secure settings 2

Browse source
This commit is contained in:
pokamest 2022-08-05 14:31:12 +03:00
parent 870cb26e01
commit 71b57bfed1
7 changed files with 110 additions and 35 deletions
Download patch file Download diff file Expand all files Collapse all files

2
client/client.pro
View file

@ -41,6 +41,7 @@ HEADERS += \
platforms/ios/MobileUtils.h \ platforms/ios/MobileUtils.h \
platforms/linux/leakdetector.h \ platforms/linux/leakdetector.h \
protocols/protocols_defs.h \ protocols/protocols_defs.h \
secure_qsettings.h \
secureformat.h \ secureformat.h \
settings.h \ settings.h \
ui/notificationhandler.h \ ui/notificationhandler.h \
@ -100,6 +101,7 @@ SOURCES += \
platforms/ios/MobileUtils.cpp \ platforms/ios/MobileUtils.cpp \
platforms/linux/leakdetector.cpp \ platforms/linux/leakdetector.cpp \
protocols/protocols_defs.cpp \ protocols/protocols_defs.cpp \
secure_qsettings.cpp \
secureformat.cpp \ secureformat.cpp \
settings.cpp \ settings.cpp \
ui/notificationhandler.cpp \ ui/notificationhandler.cpp \

47
client/secure_qsettings.cpp Normal file
View file

@ -0,0 +1,47 @@
#include "secure_qsettings.h"
#include "secureformat.h"
#include <QDataStream>
SecureQSettings::SecureQSettings(const QString &organization, const QString &application, QObject *parent)
: QObject{parent},
m_setting(organization, application, parent)
{
encrypted = m_setting.value("encrypted").toBool();
// convert settings to encrypted
if (! encrypted) {
// TODO: convert
// m_setting.sync();
}
}
QVariant SecureQSettings::value(const QString &key, const QVariant &defaultValue) const
{
if (encrypted) {
QByteArray encryptedValue = m_setting.value(key, defaultValue).toByteArray();
QByteArray decryptedValue = decryptText(encryptedValue);
QDataStream ds(&decryptedValue, QIODevice::ReadOnly);
QVariant v;
ds >> v;
return v;
}
else {
return m_setting.value(key, defaultValue);
}
}
void SecureQSettings::setValue(const QString &key, const QVariant &value)
{
QByteArray decryptedValue;
{
QDataStream ds(&decryptedValue, QIODevice::WriteOnly);
ds << value;
}
QByteArray encryptedValue = encryptText(decryptedValue);
m_setting.setValue(key, encryptedValue);
}

22
client/secure_qsettings.h Normal file
View file

@ -0,0 +1,22 @@
#ifndef SECUREQSETTINGS_H
#define SECUREQSETTINGS_H
#include <QSettings>
#include <QObject>
class SecureQSettings : public QObject
{
public:
explicit SecureQSettings(const QString &organization, const QString &application = QString(), QObject *parent = nullptr);
QVariant value(const QString &key, const QVariant &defaultValue = QVariant()) const;
void setValue(const QString &key, const QVariant &value);
void sync() { m_setting.sync(); }
void remove(const QString &key) { m_setting.remove(key); }
private:
QSettings m_setting;
bool encrypted {false};
};
#endif // SECUREQSETTINGS_H

59
client/secureformat.cpp
View file

@ -17,6 +17,7 @@ int generate_key_and_iv(unsigned char *iv, unsigned char *key) {
// NULL, // NULL,
// key_file_buf, key_size, 1, // const unsigned char *data, int datal, int count, // key_file_buf, key_size, 1, // const unsigned char *data, int datal, int count,
// key, iv); // key, iv);
return 0;
} }
int gcm_encrypt(unsigned char *plaintext, int plaintext_len, int gcm_encrypt(unsigned char *plaintext, int plaintext_len,
@ -124,10 +125,10 @@ int gcm_decrypt(unsigned char *ciphertext, int ciphertext_len,
unsigned char gcmkey[] = "12345qwerty"; unsigned char gcmkey[] = "12345qwerty";
unsigned char iv[] = "000000000000"; unsigned char iv[] = "000000000000";
QByteArray encryptText(const QString& value) { QByteArray encryptText(const QByteArray& value) {
int plainTextSize = value.toUtf8().size(); int plainTextSize = value.size();
unsigned char* plainText = new unsigned char[plainTextSize]; unsigned char* plainText = new unsigned char[plainTextSize];
std::memcpy(plainText, value.toUtf8().constData(), plainTextSize); std::memcpy(plainText, value.constData(), plainTextSize);
unsigned char chipherText[UINT16_MAX]; unsigned char chipherText[UINT16_MAX];
int chipherTextSize = gcm_encrypt(plainText, plainTextSize, int chipherTextSize = gcm_encrypt(plainText, plainTextSize,
@ -138,13 +139,13 @@ QByteArray encryptText(const QString& value) {
return QByteArray::fromRawData((const char *)chipherText, chipherTextSize); return QByteArray::fromRawData((const char *)chipherText, chipherTextSize);
} }
QString decryptText(const QByteArray& qEncryptArray) { QByteArray decryptText(const QByteArray& qEncryptArray) {
unsigned char decryptPlainText[UINT16_MAX]; unsigned char decryptPlainText[UINT16_MAX];
gcm_decrypt((unsigned char*)qEncryptArray.data(), qEncryptArray.size(), gcm_decrypt((unsigned char*)qEncryptArray.data(), qEncryptArray.size(),
gcmkey, gcmkey,
iv, 12, iv, 12,
decryptPlainText); decryptPlainText);
return QString::fromUtf8((const char *)decryptPlainText); return QByteArray::fromRawData((const char *)decryptPlainText, qEncryptArray.size());
} }
SecureFormat::SecureFormat() SecureFormat::SecureFormat()
@ -176,40 +177,40 @@ bool SecureFormat::readSecureFile(QIODevice& device, QSettings::SettingsMap& map
} }
bool SecureFormat::writeSecureFile(QIODevice& device, const QSettings::SettingsMap& map) { bool SecureFormat::writeSecureFile(QIODevice& device, const QSettings::SettingsMap& map) {
if (!device.isOpen()) { // if (!device.isOpen()) {
return false; // return false;
} // }
QTextStream outStream(&device); // QTextStream outStream(&device);
auto keys = map.keys(); // auto keys = map.keys();
for (auto key : keys) { // for (auto key : keys) {
QString value = map.value(key).toString(); // QString value = map.value(key).toString();
QByteArray qEncryptArray = encryptText(value); // QByteArray qEncryptArray = encryptText(value);
outStream << key << "<=>" << qEncryptArray << "\n"; // outStream << key << "<=>" << qEncryptArray << "\n";
qDebug() << "SecureFormat::writeSecureFile: " << key << "<=>" << qEncryptArray; // qDebug() << "SecureFormat::writeSecureFile: " << key << "<=>" << qEncryptArray;
} // }
return true; return true;
} }
void SecureFormat::chiperSettings(const QSettings &oldSetting, QSettings &newSetting) { void SecureFormat::chiperSettings(const QSettings &oldSetting, QSettings &newSetting) {
QVariantMap keysValuesPairs; // QVariantMap keysValuesPairs;
QStringList keys = oldSetting.allKeys(); // QStringList keys = oldSetting.allKeys();
QStringListIterator it(keys); // QStringListIterator it(keys);
while ( it.hasNext() ) { // while ( it.hasNext() ) {
QString currentKey = it.next(); // QString currentKey = it.next();
keysValuesPairs.insert(currentKey, oldSetting.value(currentKey)); // keysValuesPairs.insert(currentKey, oldSetting.value(currentKey));
} // }
for (const QString& key : keys) { // for (const QString& key : keys) {
QString value = keysValuesPairs.value(key).toString(); // QString value = keysValuesPairs.value(key).toString();
QByteArray qEncryptArray = encryptText(value); // QByteArray qEncryptArray = encryptText(value);
newSetting.setValue(key, qEncryptArray); // newSetting.setValue(key, qEncryptArray);
} // }
newSetting.sync(); // newSetting.sync();
} }
const QSettings::Format& SecureFormat::format() const{ const QSettings::Format& SecureFormat::format() const{

3
client/secureformat.h
View file

@ -4,6 +4,9 @@
#include <QSettings> #include <QSettings>
#include <QIODevice> #include <QIODevice>
QByteArray encryptText(const QByteArray &value);
QByteArray decryptText(const QByteArray& qEncryptArray);
class SecureFormat class SecureFormat
{ {
public: public:

7
client/settings.cpp
View file

@ -8,15 +8,14 @@
const char Settings::cloudFlareNs1[] = "1.1.1.1"; const char Settings::cloudFlareNs1[] = "1.1.1.1";
const char Settings::cloudFlareNs2[] = "1.0.0.1"; const char Settings::cloudFlareNs2[] = "1.0.0.1";
SecureFormat Settings::m_secureFormat; //SecureFormat Settings::m_secureFormat;
Settings::Settings(QObject* parent) : Settings::Settings(QObject* parent) :
QObject(parent), QObject(parent),
m_settings(m_secureFormat.format(), QSettings::UserScope, m_settings(ORGANIZATION_NAME, APPLICATION_NAME, this)
ORGANIZATION_NAME, APPLICATION_NAME, this)
{ {
qDebug() << "Settings::Settings()" << this; qDebug() << "Settings::Settings()" << this;
qDebug() << "Settings::Settings()" << m_settings.fileName(); // qDebug() << "Settings::Settings()" << m_settings.fileName();
// Import old settings // Import old settings
if (serversCount() == 0) { if (serversCount() == 0) {
QString user = m_settings.value("Server/userName").toString(); QString user = m_settings.value("Server/userName").toString();

5
client/settings.h
View file

@ -12,6 +12,7 @@
#include "core/defs.h" #include "core/defs.h"
#include "containers/containers_defs.h" #include "containers/containers_defs.h"
#include "secureformat.h" #include "secureformat.h"
#include "secure_qsettings.h"
using namespace amnezia; using namespace amnezia;
@ -112,8 +113,8 @@ public:
// static constexpr char openNicNs13[] = "144.76.103.143"; // static constexpr char openNicNs13[] = "144.76.103.143";
private: private:
static SecureFormat m_secureFormat; //static SecureFormat m_secureFormat;
QSettings m_settings; SecureQSettings m_settings;
}; };
#endif // SETTINGS_H #endif // SETTINGS_H