clean build file

.github/workflows/deploy.yml

@@ -10,12 +10,12 @@ env:
 
 jobs:
   Build-Linux-Ubuntu:
+    name: 'Build-Linux-Ubuntu'
     runs-on: ubuntu-20.04
 
     env:
       QT_VERSION: 6.6.2
       QIF_VERSION: 4.7
-      PROD_AGW_PUBLIC_KEY: ${{ secrets.PROD_AGW_PUBLIC_KEY }}
 
     steps:
     - name: 'Install Qt'
@@ -65,23 +65,16 @@ jobs:
         path: deploy/AppDir
         retention-days: 7
 
-    - name: 'Upload translations artifact'
-      uses: actions/upload-artifact@v4
-      with:
-        name: AmneziaVPN_translations
-        path: client/translations
-        retention-days: 7
-
 # ------------------------------------------------------
 
   Build-Windows:
+    name: Build-Windows
     runs-on: windows-latest
 
     env:
       QT_VERSION: 6.6.2
       QIF_VERSION: 4.7
       BUILD_ARCH: 64
-      PROD_AGW_PUBLIC_KEY: ${{ secrets.PROD_AGW_PUBLIC_KEY }}
 
     steps:
     - name: 'Get sources'
@@ -137,13 +130,13 @@ jobs:
 # ------------------------------------------------------
 
   Build-iOS:
+    name: 'Build-iOS'
     runs-on: macos-13
 
     env:
       QT_VERSION: 6.6.2
       CC: cc
       CXX: c++
-      PROD_AGW_PUBLIC_KEY: ${{ secrets.PROD_AGW_PUBLIC_KEY }}
 
     steps:
     - name: 'Setup xcode'
@@ -228,13 +221,13 @@ jobs:
 # ------------------------------------------------------
 
   Build-MacOS:
+    name: 'Build-MacOS'
     runs-on: macos-latest
 
     env:
       # Keep compat with MacOS 10.15 aka Catalina by Qt 6.4
       QT_VERSION: 6.4.3
       QIF_VERSION: 4.6
-      PROD_AGW_PUBLIC_KEY: ${{ secrets.PROD_AGW_PUBLIC_KEY }}
 
     steps:
     - name: 'Setup xcode'
@@ -293,13 +286,13 @@ jobs:
 # ------------------------------------------------------
 
   Build-Android:
+    name: 'Build-Android'
     runs-on: ubuntu-latest
 
     env:
       ANDROID_BUILD_PLATFORM: android-34
       QT_VERSION: 6.6.2
       QT_MODULES: 'qtremoteobjects qt5compat qtimageformats qtshadertools'
-      PROD_AGW_PUBLIC_KEY: ${{ secrets.PROD_AGW_PUBLIC_KEY }}
 
     steps:
     - name: 'Install desktop Qt'
@@ -439,21 +432,3 @@ jobs:
         path: deploy/build/AmneziaVPN-release.aab
         compression-level: 0
         retention-days: 7
-
-  Extra:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Search a corresponding PR
-        uses: octokit/request-action@v2.x
-        id: pull_request
-        with:
-          route: GET /repos/${{ github.repository }}/pulls
-          head: ${{ github.repository_owner }}:${{ github.ref_name }}
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Add PR link to build summary
-        if: ${{ fromJSON(steps.pull_request.outputs.data)[0].number != '' }}
-        run: | 
-          echo "Pull request:" >> $GITHUB_STEP_SUMMARY
-          echo "[[#${{ fromJSON(steps.pull_request.outputs.data)[0].number }}] ${{ fromJSON(steps.pull_request.outputs.data)[0].title }}](${{ fromJSON(steps.pull_request.outputs.data)[0].html_url }})" >> $GITHUB_STEP_SUMMARY

.github/workflows/tag-deploy.yml

@@ -15,7 +15,6 @@ jobs:
     env:
       QT_VERSION: 6.4.1
       QIF_VERSION: 4.5
-      PROD_AGW_PUBLIC_KEY: ${{ secrets.PROD_AGW_PUBLIC_KEY }}
 
     steps:
     - name: 'Install desktop Qt'

.gitignore

@@ -9,6 +9,8 @@ deploy/build_32/*
 deploy/build_64/*
 winbuild*.bat
 .cache/
+client/3rd-prebuilt/
+client/3rd/OpenVPNAdapter/
 
 
 # Qt-es
@@ -133,4 +135,4 @@ client/3rd/ShadowSocks/ss_ios.xcconfig
 out/
 
 # CMake files
-CMakeFiles/
+CMakeFiles/

.gitmodules

@@ -13,6 +13,3 @@
 [submodule "client/3rd/amneziawg-apple"]
 	path = client/3rd/amneziawg-apple
 	url = https://github.com/amnezia-vpn/amneziawg-apple
-[submodule "client/3rd/QSimpleCrypto"]
-	path = client/3rd/QSimpleCrypto
-	url = https://github.com/amnezia-vpn/QSimpleCrypto.git

CMakeLists.txt

@@ -2,7 +2,7 @@ cmake_minimum_required(VERSION 3.25.0 FATAL_ERROR)
 
 set(PROJECT AmneziaVPN)
 
-project(${PROJECT} VERSION 4.7.0.0
+project(${PROJECT} VERSION 4.6.0.1
         DESCRIPTION "AmneziaVPN"
         HOMEPAGE_URL "https://amnezia.org/"
 )
@@ -11,7 +11,7 @@ string(TIMESTAMP CURRENT_DATE "%Y-%m-%d")
 set(RELEASE_DATE "${CURRENT_DATE}")
 
 set(APP_MAJOR_VERSION ${CMAKE_PROJECT_VERSION_MAJOR}.${CMAKE_PROJECT_VERSION_MINOR}.${CMAKE_PROJECT_VERSION_PATCH})
-set(APP_ANDROID_VERSION_CODE 57)
+set(APP_ANDROID_VERSION_CODE 54)
 
 if(${CMAKE_SYSTEM_NAME} STREQUAL "Linux")
     set(MZ_PLATFORM_NAME "linux")
@@ -31,14 +31,9 @@ set(QT_BUILD_TOOLS_WHEN_CROSS_COMPILING ON)
 set(CMAKE_CXX_STANDARD 17)
 set(CMAKE_CXX_STANDARD_REQUIRED ON)
 
-if(APPLE AND NOT IOS)
-    set(CMAKE_OSX_ARCHITECTURES "x86_64")
-endif()
+
+set(CMAKE_OSX_ARCHITECTURES "x86_64")
+
 
 add_subdirectory(client)
 
-if(NOT IOS AND NOT ANDROID)
-    add_subdirectory(service)
-
-    include(${CMAKE_SOURCE_DIR}/deploy/installer/config.cmake)
-endif()

README.md

@@ -6,26 +6,6 @@
 
 Amnezia is an open-source VPN client, with a key feature that enables you to deploy your own VPN server on your server.
 
-![Image](https://github.com/amnezia-vpn/amnezia-client/blob/dev/metadata/img-readme/uipic4.png)
-
-<br>
-
-<a href="https://github.com/amnezia-vpn/amnezia-client/releases/download/4.6.0.3/AmneziaVPN_4.6.0.3_x64.exe"><img src="https://github.com/amnezia-vpn/amnezia-client/blob/dev/metadata/img-readme/win.png" width="150" style="max-width: 100%;"></a> 
-<a href="https://github.com/amnezia-vpn/amnezia-client/releases/download/4.6.0.3/AmneziaVPN_4.6.0.3.dmg"><img src="https://github.com/amnezia-vpn/amnezia-client/blob/dev/metadata/img-readme/mac.png" width="150" style="max-width: 100%;"></a> 
-<a href="https://github.com/amnezia-vpn/amnezia-client/releases/download/4.6.0.3/AmneziaVPN_Linux_4.6.0.3.tar.zip"><img src="https://github.com/amnezia-vpn/amnezia-client/blob/dev/metadata/img-readme/lin.png" width="150" style="max-width: 100%;"></a>
-<a href="https://github.com/amnezia-vpn/amnezia-client/releases/tag/4.6.0.3"><img src="https://github.com/amnezia-vpn/amnezia-client/blob/dev/metadata/img-readme/andr.png" width="150" style="max-width: 100%;"></a>
-
-<br>
-
-<a href="https://play.google.com/store/search?q=amnezia+vpn&c=apps"><img src="https://github.com/amnezia-vpn/amnezia-client/blob/dev/metadata/img-readme/play.png" width="150" style="max-width: 100%;"></a>
-<a href="https://apps.apple.com/us/app/amneziavpn/id1600529900"><img src="https://github.com/amnezia-vpn/amnezia-client/blob/dev/metadata/img-readme/apl.png" width="150" style="max-width: 100%;"></a>
-
-
-[All releases](https://github.com/amnezia-vpn/amnezia-client/releases)
-
-<br>
-
-
 ## Features
 
 - Very easy to use - enter your IP address, SSH login, and password, and Amnezia will automatically install VPN docker containers to your server and connect to the VPN.
@@ -36,12 +16,10 @@ Amnezia is an open-source VPN client, with a key feature that enables you to dep
 
 ## Links
 
-- [https://amnezia.org](https://amnezia.org) - project website  
-- [https://www.reddit.com/r/AmneziaVPN](https://www.reddit.com/r/AmneziaVPN) - Reddit  
-- [https://t.me/amnezia_vpn_en](https://t.me/amnezia_vpn_en) - Telegram support channel (English) 
-- [https://t.me/amnezia_vpn_ir](https://t.me/amnezia_vpn_ir) - Telegram support channel (Farsi) 
-- [https://t.me/amnezia_vpn_mm](https://t.me/amnezia_vpn_mm) - Telegram support channel (Myanmar)  
-- [https://t.me/amnezia_vpn](https://t.me/amnezia_vpn) - Telegram support channel (Russian)  
+[https://amnezia.org](https://amnezia.org) - project website  
+[https://www.reddit.com/r/AmneziaVPN](https://www.reddit.com/r/AmneziaVPN) - Reddit  
+[https://t.me/amnezia_vpn_en](https://t.me/amnezia_vpn_en) - Telegram support channel (English)  
+[https://t.me/amnezia_vpn](https://t.me/amnezia_vpn) - Telegram support channel (Russian)  
 
 ## Tech
 
@@ -66,19 +44,6 @@ git submodule update --init --recursive
 
 Want to contribute? Welcome!
 
-### Help with translations
-
-Download the most actual translation files.
-
-Go to ["Actions" tab](https://github.com/amnezia-vpn/amnezia-client/actions?query=is%3Asuccess+branch%3Adev), click on the first line.
-Then scroll down to the "Artifacts" section and download "AmneziaVPN_translations".
-
-Unzip this file.
-Each *.ts file contains strings for one corresponding language.
-
-Translate or correct some strings in one or multiple *.ts files and commit them back to this repository into the ``client/translations`` folder.
-You can do it via a web-interface or any other method you're familiar with.
-
 ### Building sources and deployment
 
 Check deploy folder for build scripts. 
@@ -87,7 +52,7 @@ Check deploy folder for build scripts.
 
 1. First, make sure you have [XCode](https://developer.apple.com/xcode/) installed, at least version 14 or higher.
 
-2. We use QT to generate the XCode project. We need QT version 6.6.2. Install QT for MacOS [here](https://doc.qt.io/qt-6/macos.html) or [QT Online Installer](https://www.qt.io/download-open-source). Required modules:
+2. We use QT to generate the XCode project. We need QT version 6.6.1. Install QT for MacOS [here](https://doc.qt.io/qt-6/macos.html) or [QT Online Installer](https://www.qt.io/download-open-source). Required modules:
    - MacOS
    - iOS
    - Qt 5 Compatibility Module
@@ -154,11 +119,9 @@ The Android app has the following requirements:
 * Android platform SDK 33
 * CMake 3.25.0
 
-After you have installed QT, QT Creator, and Android Studio, you need to configure QT Creator correctly.
-
-- Click in the top menu bar on `QT Creator` -> `Preferences` -> `Devices` and select the tab `Android`.
-- Set path to JDK 11
-- Set path to Android SDK (`$ANDROID_HOME`)
+After you have installed QT, QT Creator, and Android Studio, you need to configure QT Creator correctly. Click in the top menu bar on `QT Creator` -> `Preferences` -> `Devices` and select the tab `Android`. 
+    * set path to JDK 11
+    * set path to Android SDK ($ANDROID_HOME)
 
 In case you get errors regarding missing SDK or 'SDK manager not running', you cannot fix them by correcting the paths. If you have some spare GBs on your disk, you can let QT Creator install all requirements by choosing an empty folder for `Android SDK location` and clicking on `Set Up SDK`. Be aware: This will install a second Android SDK and NDK on your machine! 
 Double-check that the right CMake version is configured:  Click on `QT Creator` -> `Preferences` and click on the side menu on `Kits`. Under the center content view's `Kits` tab, you'll find an entry for `CMake Tool`. If the default selected CMake version is lower than 3.25.0, install on your system CMake >= 3.25.0 and choose `System CMake at <path>` from the drop-down list. If this entry is missing, you either have not installed CMake yet or QT Creator hasn't found the path to it. In that case, click in the preferences window on the side menu item `CMake`, then on the tab `Tools` in the center content view, and finally on the button `Add` to set the path to your installed CMake. 
@@ -179,12 +142,10 @@ GPL v3.0
 
 ## Donate
 
-Patreon: [https://www.patreon.com/amneziavpn](https://www.patreon.com/amneziavpn)
-
-Bitcoin: bc1q26eevjcg9j0wuyywd2e3uc9cs2w58lpkpjxq6p <br>
-USDT BEP20: 0x6abD576765a826f87D1D95183438f9408C901bE4 <br>
-USDT TRC20: TELAitazF1MZGmiNjTcnxDjEiH5oe7LC9d <br>
+Bitcoin: bc1qn9rhsffuxwnhcuuu4qzrwp4upkrq94xnh8r26u  
 XMR: 48spms39jt1L2L5vyw2RQW6CXD6odUd4jFu19GZcDyKKQV9U88wsJVjSbL4CfRys37jVMdoaWVPSvezCQPhHXUW5UKLqUp3  
+payeer.com: P2561305  
+ko-fi.com: [https://ko-fi.com/amnezia_vpn](https://ko-fi.com/amnezia_vpn)  
 
 ## Acknowledgments
 

Release.entitlements

@@ -0,0 +1,24 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+	<key>com.apple.developer.networking.networkextension</key>
+	<array>
+		<string>packet-tunnel-provider</string>
+	</array>
+	<key>com.apple.security.app-sandbox</key>
+	<true/>
+	<key>com.apple.security.application-groups</key>
+	<array>
+		<string>group.org.amnezia.AmneziaVPN</string>
+	</array>
+	<key>com.apple.security.network.client</key>
+	<true/>
+	<key>com.apple.security.network.server</key>
+	<true/>
+	<key>keychain-access-groups</key>
+	<array>
+		<string>$(AppIdentifierPrefix)org.amnezia.AmneziaVPN.network-extension</string>
+	</array>
+</dict>
+</plist>

client/3rd/QSimpleCrypto/QSimpleCrypto.cmake

@@ -0,0 +1,20 @@
+include_directories(${CMAKE_CURRENT_LIST_DIR})
+
+set(HEADERS ${HEADERS}
+    ${CMAKE_CURRENT_LIST_DIR}/include/QAead.h
+    ${CMAKE_CURRENT_LIST_DIR}/include/QBlockCipher.h
+    ${CMAKE_CURRENT_LIST_DIR}/include/QCryptoError.h
+    ${CMAKE_CURRENT_LIST_DIR}/include/QRsa.h
+    ${CMAKE_CURRENT_LIST_DIR}/include/QSimpleCrypto_global.h
+    ${CMAKE_CURRENT_LIST_DIR}/include/QX509.h
+    ${CMAKE_CURRENT_LIST_DIR}/include/QX509Store.h
+)
+
+set(SOURCES ${SOURCES}
+    ${CMAKE_CURRENT_LIST_DIR}/sources/QAead.cpp
+    ${CMAKE_CURRENT_LIST_DIR}/sources/QBlockCipher.cpp
+    ${CMAKE_CURRENT_LIST_DIR}/sources/QCryptoError.cpp
+    ${CMAKE_CURRENT_LIST_DIR}/sources/QRsa.cpp
+    ${CMAKE_CURRENT_LIST_DIR}/sources/QX509.cpp
+    ${CMAKE_CURRENT_LIST_DIR}/sources/QX509Store.cpp
+)

client/3rd/QSimpleCrypto/QSimpleCrypto.pri

@@ -0,0 +1,18 @@
+INCLUDEPATH  += $$PWD
+
+HEADERS += \
+    $$PWD/include/QAead.h \
+    $$PWD/include/QBlockCipher.h \
+    $$PWD/include/QCryptoError.h \
+    $$PWD/include/QRsa.h \
+    $$PWD/include/QSimpleCrypto_global.h \
+    $$PWD/include/QX509.h \
+    $$PWD/include/QX509Store.h
+
+SOURCES += \
+    $$PWD/sources/QAead.cpp \
+    $$PWD/sources/QBlockCipher.cpp \
+    $$PWD/sources/QCryptoError.cpp \
+    $$PWD/sources/QRsa.cpp \
+    $$PWD/sources/QX509.cpp \
+    $$PWD/sources/QX509Store.cpp

client/3rd/QSimpleCrypto/include/QAead.h

@@ -0,0 +1,87 @@
+/**
+ * Copyright 2021 BrutalWizard (https://github.com/bru74lw1z4rd). All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution
+**/
+
+#ifndef QAEAD_H
+#define QAEAD_H
+
+#include "QSimpleCrypto_global.h"
+
+#include <QObject>
+
+#include <memory>
+
+#include <openssl/aes.h>
+#include <openssl/err.h>
+#include <openssl/evp.h>
+#include <openssl/rand.h>
+
+#include "QCryptoError.h"
+
+// clang-format off
+namespace QSimpleCrypto
+{
+    class QSIMPLECRYPTO_EXPORT QAead {
+    public:
+        QAead();
+
+        ///
+        /// \brief encryptAesGcm - Function encrypts data with Gcm algorithm.
+        /// \param data - Data that will be encrypted.
+        /// \param key - AES key.
+        /// \param iv - Initialization vector.
+        /// \param tag - Authorization tag.
+        /// \param aad - Additional authenticated data. Must be nullptr, if not used.
+        /// \param cipher - Can be used with OpenSSL EVP_CIPHER (gcm) - 128, 192, 256. Example: EVP_aes_256_gcm().
+        /// \return Returns encrypted data or "", if error happened.
+        ///
+        QByteArray encryptAesGcm(QByteArray data, QByteArray key, QByteArray iv, QByteArray* tag, QByteArray aad = "", const EVP_CIPHER* cipher = EVP_aes_256_gcm());
+
+        ///
+        /// \brief decryptAesGcm - Function decrypts data with Gcm algorithm.
+        /// \param data - Data that will be decrypted
+        /// \param key - AES key
+        /// \param iv - Initialization vector
+        /// \param tag - Authorization tag
+        /// \param aad - Additional authenticated data. Must be nullptr, if not used
+        /// \param cipher - Can be used with OpenSSL EVP_CIPHER (gcm) - 128, 192, 256. Example: EVP_aes_256_gcm()
+        /// \return Returns decrypted data or "", if error happened.
+        ///
+        QByteArray decryptAesGcm(QByteArray data, QByteArray key, QByteArray iv, QByteArray* tag, QByteArray aad = "", const EVP_CIPHER* cipher = EVP_aes_256_gcm());
+
+        ///
+        /// \brief encryptAesCcm - Function encrypts data with Ccm algorithm.
+        /// \param data - Data that will be encrypted.
+        /// \param key - AES key.
+        /// \param iv - Initialization vector.
+        /// \param tag - Authorization tag.
+        /// \param aad - Additional authenticated data. Must be nullptr, if not used.
+        /// \param cipher - Can be used with OpenSSL EVP_CIPHER (ccm) - 128, 192, 256. Example: EVP_aes_256_ccm().
+        /// \return Returns encrypted data or "", if error happened.
+        ///
+        QByteArray encryptAesCcm(QByteArray data, QByteArray key, QByteArray iv, QByteArray* tag, QByteArray aad = "", const EVP_CIPHER* cipher = EVP_aes_256_ccm());
+
+        ///
+        /// \brief decryptAesCcm - Function decrypts data with Ccm algorithm.
+        /// \param data - Data that will be decrypted.
+        /// \param key - AES key.
+        /// \param iv - Initialization vector.
+        /// \param tag - Authorization tag.
+        /// \param aad - Additional authenticated data. Must be nullptr, if not used.
+        /// \param cipher - Can be used with OpenSSL EVP_CIPHER (ccm) - 128, 192, 256. Example: EVP_aes_256_ccm().
+        /// \return Returns decrypted data or "", if error happened.
+        ///
+        QByteArray decryptAesCcm(QByteArray data, QByteArray key, QByteArray iv, QByteArray* tag, QByteArray aad = "", const EVP_CIPHER* cipher = EVP_aes_256_ccm());
+
+        ///
+        /// \brief error - Error handler class.
+        ///
+        QCryptoError error;
+    };
+} // namespace QSimpleCrypto
+
+#endif // QAEAD_H

client/3rd/QSimpleCrypto/include/QBlockCipher.h

@@ -0,0 +1,84 @@
+/**
+ * Copyright 2021 BrutalWizard (https://github.com/bru74lw1z4rd). All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution
+**/
+
+#ifndef QBLOCKCIPHER_H
+#define QBLOCKCIPHER_H
+
+#include "QSimpleCrypto_global.h"
+
+#include <QObject>
+
+#include <memory>
+
+#include <openssl/aes.h>
+#include <openssl/err.h>
+#include <openssl/evp.h>
+#include <openssl/rand.h>
+
+#include "QCryptoError.h"
+
+// clang-format off
+namespace QSimpleCrypto
+{
+    class QSIMPLECRYPTO_EXPORT QBlockCipher {
+
+    #define Aes128Rounds 10
+    #define Aes192Rounds 12
+    #define Aes256Rounds 14
+
+    public:
+        QBlockCipher();
+
+        ///
+        /// \brief generateRandomBytes - Function generates random bytes by size.
+        /// \param size - Size of generated bytes.
+        /// \return Returns random bytes.
+        ///
+        QByteArray generateRandomBytes(const int& size);
+        QByteArray generateSecureRandomBytes(const int& size);
+
+        ///
+        /// \brief encryptAesBlockCipher - Function encrypts data with Aes Block Cipher algorithm.
+        /// \param data - Data that will be encrypted.
+        /// \param key - AES key.
+        /// \param iv - Initialization vector.
+        /// \param password - Encryption password.
+        /// \param salt - Random delta.
+        /// \param rounds - Transformation rounds.
+        /// \param chiper - Can be used with OpenSSL EVP_CIPHER (ecb, cbc, cfb, ofb, ctr) - 128, 192, 256. Example: EVP_aes_256_cbc().
+        /// \param md - Hash algroitm (OpenSSL EVP_MD). Example: EVP_sha512().
+        /// \return Returns decrypted data or "", if error happened.
+        ///
+        QByteArray encryptAesBlockCipher(QByteArray data, QByteArray key,
+            QByteArray iv = "", const int& rounds = Aes256Rounds,
+            const EVP_CIPHER* cipher = EVP_aes_256_cbc(), const EVP_MD* md = EVP_sha512());
+
+        ///
+        /// \brief decryptAesBlockCipher - Function decrypts data with Aes Block Cipher algorithm.
+        /// \param data - Data that will be decrypted.
+        /// \param key - AES key.
+        /// \param iv - Initialization vector.
+        /// \param password - Decryption password.
+        /// \param salt - Random delta.
+        /// \param rounds - Transformation rounds.
+        /// \param chiper - Can be used with OpenSSL EVP_CIPHER (ecb, cbc, cfb, ofb, ctr) - 128, 192, 256. Example: EVP_aes_256_cbc().
+        /// \param md - Hash algroitm (OpenSSL EVP_MD). Example: EVP_sha512().
+        /// \return Returns decrypted data or "", if error happened.
+        ///
+        QByteArray decryptAesBlockCipher(QByteArray data, QByteArray key,
+            QByteArray iv = "", const int& rounds = Aes256Rounds,
+            const EVP_CIPHER* cipher = EVP_aes_256_cbc(), const EVP_MD* md = EVP_sha512());
+
+        ///
+        /// \brief error - Error handler class.
+        ///
+        QCryptoError error;
+    };
+} // namespace QSimpleCrypto
+
+#endif // QBLOCKCIPHER_H

client/3rd/QSimpleCrypto/include/QCryptoError.h

@@ -0,0 +1,45 @@
+#ifndef QCRYPTOERROR_H
+#define QCRYPTOERROR_H
+
+#include <QObject>
+
+#include "QSimpleCrypto_global.h"
+
+/// TODO: Add Special error code for each error.
+
+// clang-format off
+namespace QSimpleCrypto
+{
+    class QSIMPLECRYPTO_EXPORT QCryptoError : public QObject {
+        Q_OBJECT
+
+    public:
+        explicit QCryptoError(QObject* parent = nullptr);
+
+        ///
+        /// \brief setError - Sets error information
+        /// \param errorCode - Error code.
+        /// \param errorSummary - Error summary.
+        ///
+        inline void setError(const quint8 errorCode, const QString& errorSummary)
+        {
+            m_currentErrorCode = errorCode;
+            m_errorSummary = errorSummary;
+        }
+
+        ///
+        /// \brief lastError - Returns last error.
+        /// \return Returns eror ID and error Text.
+        ///
+        inline QPair<quint8, QString> lastError() const
+        {
+            return QPair<quint8, QString>(m_currentErrorCode, m_errorSummary);
+        }
+
+    private:
+        quint8 m_currentErrorCode;
+        QString m_errorSummary;
+    };
+}
+
+#endif // QCRYPTOERROR_H

client/3rd/QSimpleCrypto/include/QRsa.h

@@ -0,0 +1,104 @@
+/**
+ * Copyright 2021 BrutalWizard (https://github.com/bru74lw1z4rd). All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution
+**/
+
+#ifndef QRSA_H
+#define QRSA_H
+
+#include "QSimpleCrypto_global.h"
+
+#include <QFile>
+#include <QObject>
+
+#include <memory>
+
+#include <openssl/err.h>
+#include <openssl/pem.h>
+#include <openssl/rsa.h>
+
+#include "QCryptoError.h"
+
+// clang-format off
+namespace QSimpleCrypto
+{
+    class QSIMPLECRYPTO_EXPORT QRsa {
+
+    #define PublicEncrypt 0
+    #define PrivateEncrypt 1
+    #define PublicDecrypt 2
+    #define PrivateDecrypt 3
+
+    public:
+        QRsa();
+
+        ///
+        /// \brief generateRsaKeys - Function generate Rsa Keys and returns them in OpenSSL structure.
+        /// \param bits - RSA key size.
+        /// \param rsaBigNumber - The exponent is an odd number, typically 3, 17 or 65537.
+        /// \return Returns 'OpenSSL RSA structure' or 'nullptr', if error happened. Returned value must be cleaned up with 'RSA_free()' to avoid memory leak.
+        ///
+        RSA* generateRsaKeys(const int& bits, const int& rsaBigNumber);
+
+        ///
+        /// \brief savePublicKey - Saves to file RSA public key.
+        /// \param rsa - OpenSSL RSA structure.
+        /// \param publicKeyFileName - Public key file name.
+        ///
+        void savePublicKey(RSA *rsa, const QByteArray& publicKeyFileName);
+
+        ///
+        /// \brief savePrivateKey - Saves to file RSA private key.
+        /// \param rsa - OpenSSL RSA structure.
+        /// \param privateKeyFileName - Private key file name.
+        /// \param password - Private key password.
+        /// \param cipher - Can be used with 'OpenSSL EVP_CIPHER' (ecb, cbc, cfb, ofb, ctr) - 128, 192, 256. Example: EVP_aes_256_cbc().
+        ///
+        void savePrivateKey(RSA* rsa, const QByteArray& privateKeyFileName, QByteArray password = "", const EVP_CIPHER* cipher = nullptr);
+
+        ///
+        /// \brief getPublicKeyFromFile - Gets RSA public key from a file.
+        /// \param filePath - File path to public key file.
+        /// \return Returns 'OpenSSL EVP_PKEY structure' or 'nullptr', if error happened. Returned value must be cleaned up with 'EVP_PKEY_free()' to avoid memory leak.
+        ///
+        EVP_PKEY* getPublicKeyFromFile(const QByteArray& filePath);
+
+        ///
+        /// \brief getPrivateKeyFromFile - Gets RSA private key from a file.
+        /// \param filePath - File path to private key file.
+        /// \param password - Private key password.
+        /// \return - Returns 'OpenSSL EVP_PKEY structure' or 'nullptr', if error happened. Returned value must be cleaned up with 'EVP_PKEY_free()' to avoid memory leak.
+        ///
+        EVP_PKEY* getPrivateKeyFromFile(const QByteArray& filePath, const QByteArray& password = "");
+
+        ///
+        /// \brief encrypt - Encrypt data with RSA algorithm.
+        /// \param plaintext - Text that must be encrypted.
+        /// \param rsa - OpenSSL RSA structure.
+        /// \param encryptType - Public or private encrypt type. (PUBLIC_ENCRYPT, PRIVATE_ENCRYPT).
+        /// \param padding - OpenSSL RSA padding can be used with: 'RSA_PKCS1_PADDING', 'RSA_NO_PADDING' and etc.
+        /// \return Returns encrypted data or "", if error happened.
+        ///
+        QByteArray encrypt(QByteArray plainText, RSA* rsa, const int& encryptType = PublicEncrypt, const int& padding = RSA_PKCS1_PADDING);
+
+        ///
+        /// \brief decrypt - Decrypt data with RSA algorithm.
+        /// \param cipherText - Text that must be decrypted.
+        /// \param rsa - OpenSSL RSA structure.
+        /// \param decryptType - Public or private type. (PUBLIC_DECRYPT, PRIVATE_DECRYPT).
+        /// \param padding  - RSA padding can be used with: 'RSA_PKCS1_PADDING', 'RSA_NO_PADDING' and etc.
+        /// \return - Returns decrypted data or "", if error happened.
+        ///
+        QByteArray decrypt(QByteArray cipherText, RSA* rsa, const int& decryptType = PrivateDecrypt, const int& padding = RSA_PKCS1_PADDING);
+
+        ///
+        /// \brief error - Error handler class.
+        ///
+        QCryptoError error;
+    };
+} // namespace QSimpleCrypto
+
+#endif // QRSA_H

client/3rd/QSimpleCrypto/include/QSimpleCrypto_global.h

@@ -0,0 +1,9 @@
+#ifndef QSIMPLECRYPTO_GLOBAL_H
+#define QSIMPLECRYPTO_GLOBAL_H
+
+#include <QtCore/qglobal.h>
+#include <stdexcept>
+
+#define QSIMPLECRYPTO_EXPORT
+
+#endif // QSIMPLECRYPTO_GLOBAL_H

client/3rd/QSimpleCrypto/include/QX509.h

@@ -0,0 +1,87 @@
+/**
+ * Copyright 2021 BrutalWizard (https://github.com/bru74lw1z4rd). All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution
+**/
+
+#ifndef QX509_H
+#define QX509_H
+
+#include "QSimpleCrypto_global.h"
+
+#include <QMap>
+#include <QObject>
+
+#include <memory>
+
+#include <openssl/bio.h>
+#include <openssl/err.h>
+#include <openssl/pem.h>
+#include <openssl/x509.h>
+#include <openssl/x509_vfy.h>
+
+#include "QCryptoError.h"
+
+// clang-format off
+namespace QSimpleCrypto
+{
+    class QSIMPLECRYPTO_EXPORT QX509 {
+
+    #define oneYear 31536000L
+    #define x509LastVersion 2
+
+    public:
+        QX509();
+
+        ///
+        /// \brief loadCertificateFromFile - Function load X509 from file and returns OpenSSL structure.
+        /// \param fileName - File path to certificate.
+        /// \return Returns OpenSSL X509 structure or nullptr, if error happened. Returned value must be cleaned up with 'X509_free' to avoid memory leak.
+        ///
+        X509* loadCertificateFromFile(const QByteArray& fileName);
+
+        ///
+        /// \brief signCertificate - Function signs X509 certificate and returns signed X509 OpenSSL structure.
+        /// \param endCertificate - Certificate that will be signed
+        /// \param caCertificate - CA certificate that will sign end certificate
+        /// \param caPrivateKey - CA certificate private key
+        /// \param fileName - With that name certificate will be saved. Leave "", if don't need to save it
+        /// \return Returns OpenSSL X509 structure or nullptr, if error happened.
+        ///
+        X509* signCertificate(X509* endCertificate, X509* caCertificate, EVP_PKEY* caPrivateKey, const QByteArray& fileName = "");
+
+        ///
+        /// \brief verifyCertificate - Function verifies X509 certificate and returns verified X509 OpenSSL structure.
+        /// \param x509 - OpenSSL X509. That certificate will be verified.
+        /// \param store - Trusted certificate must be added to X509_Store with 'addCertificateToStore(X509_STORE* ctx, X509* x509)'.
+        /// \return Returns OpenSSL X509 structure or nullptr, if error happened
+        ///
+        X509* verifyCertificate(X509* x509, X509_STORE* store);
+
+        ///
+        /// \brief generateSelfSignedCertificate - Function generatesand returns  self signed X509.
+        /// \param rsa - OpenSSL RSA.
+        /// \param additionalData - Certificate information.
+        /// \param certificateFileName - With that name certificate will be saved. Leave "", if don't need to save it.
+        /// \param md - OpenSSL EVP_MD structure. Example: EVP_sha512().
+        /// \param serialNumber - X509 certificate serial number.
+        /// \param version - X509 certificate version.
+        /// \param notBefore - X509 start date.
+        /// \param notAfter - X509 end date.
+        /// \return Returns OpenSSL X509 structure or nullptr, if error happened. Returned value must be cleaned up with 'X509_free' to avoid memory leak.
+        ///
+        X509* generateSelfSignedCertificate(RSA* rsa, const QMap<QByteArray, QByteArray>& additionalData,
+            const QByteArray& certificateFileName = "", const EVP_MD* md = EVP_sha512(),
+            const long& serialNumber = 1, const long& version = x509LastVersion,
+            const long& notBefore = 0, const long& notAfter = oneYear);
+
+        ///
+        /// \brief error - Error handler class.
+        ///
+        QCryptoError error;
+    };
+} // namespace QSimpleCrypto
+
+#endif // QX509_H

client/3rd/QSimpleCrypto/include/QX509Store.h

@@ -0,0 +1,120 @@
+/**
+ * Copyright 2021 BrutalWizard (https://github.com/bru74lw1z4rd). All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution
+**/
+
+#ifndef QX509STORE_H
+#define QX509STORE_H
+
+#include "QSimpleCrypto_global.h"
+
+#include <QDir>
+#include <QFile>
+#include <QFileInfo>
+
+#include <memory>
+
+#include <openssl/err.h>
+#include <openssl/x509_vfy.h>
+#include <openssl/x509v3.h>
+
+#include "QCryptoError.h"
+
+// clang-format off
+namespace QSimpleCrypto
+{
+    class QSIMPLECRYPTO_EXPORT QX509Store {
+    public:
+        QX509Store();
+
+        ///
+        /// \brief addCertificateToStore
+        /// \param store - OpenSSL X509_STORE.
+        /// \param x509 - OpenSSL X509.
+        /// \return Returns 'true' on success and 'false', if error happened.
+        ///
+        bool addCertificateToStore(X509_STORE* store, X509* x509);
+
+        ///
+        /// \brief addLookup
+        /// \param store - OpenSSL X509_STORE.
+        /// \param method - OpenSSL X509_LOOKUP_METHOD. Example: X509_LOOKUP_file.
+        /// \return Returns 'true' on success and 'false', if error happened.
+        ///
+        bool addLookup(X509_STORE* store, X509_LOOKUP_METHOD* method);
+
+        ///
+        /// \brief setCertificateDepth
+        /// \param store - OpenSSL X509_STORE.
+        /// \param depth - That is the maximum number of untrusted CA certificates that can appear in a chain. Example: 0.
+        /// \return Returns 'true' on success and 'false', if error happened.
+        ///
+        bool setDepth(X509_STORE* store, const int& depth);
+
+        ///
+        /// \brief setFlag
+        /// \param store - OpenSSL X509_STORE.
+        /// \param flag - The verification flags consists of zero or more of the following flags ored together. Example: X509_V_FLAG_CRL_CHECK.
+        /// \return Returns 'true' on success and 'false', if error happened.
+        ///
+        bool setFlag(X509_STORE* store, const unsigned long& flag);
+
+        ///
+        /// \brief setFlag
+        /// \param store - OpenSSL X509_STORE.
+        /// \param purpose - Verification purpose in param to purpose. Example: X509_PURPOSE_ANY.
+        /// \return Returns 'true' on success and 'false', if error happened.
+        ///
+        bool setPurpose(X509_STORE* store, const int& purpose);
+
+        ///
+        /// \brief setTrust
+        /// \param store - OpenSSL X509_STORE.
+        /// \param trust - Trust Level. Example: X509_TRUST_SSL_SERVER.
+        /// \return Returns 'true' on success and 'false', if error happened.
+        ///
+        bool setTrust(X509_STORE* store, const int& trust);
+
+        ///
+        /// \brief setDefaultPaths
+        /// \param store - OpenSSL X509_STORE.
+        /// \return Returns 'true' on success and 'false', if error happened.
+        ///
+        bool setDefaultPaths(X509_STORE* store);
+
+        ///
+        /// \brief loadLocations
+        /// \param store - OpenSSL X509_STORE.
+        /// \param fileName - File name. Example: "caCertificate.pem".
+        /// \param dirPath - Path to file. Example: "path/To/File".
+        /// \return Returns 'true' on success and 'false', if error happened.
+        ///
+        bool loadLocations(X509_STORE* store, const QByteArray& fileName, const QByteArray& dirPath);
+
+        ///
+        /// \brief loadLocations
+        /// \param store - OpenSSL X509_STORE.
+        /// \param file - Qt QFile that will be loaded.
+        /// \return Returns 'true' on success and 'false', if error happened.
+        ///
+        bool loadLocations(X509_STORE* store, const QFile& file);
+
+        ///
+        /// \brief loadLocations
+        /// \param store - OpenSSL X509_STORE.
+        /// \param fileInfo - Qt QFileInfo.
+        /// \return Returns 'true' on success and 'false', if error happened.
+        ///
+        bool loadLocations(X509_STORE* store, const QFileInfo& fileInfo);
+
+        ///
+        /// \brief error - Error handler class.
+        ///
+        QCryptoError error;
+    };
+}
+
+#endif // QX509STORE_H

client/3rd/QSimpleCrypto/sources/QAead.cpp

@@ -0,0 +1,364 @@
+/**
+ * Copyright 2021 BrutalWizard (https://github.com/bru74lw1z4rd). All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution
+**/
+
+#include "include/QAead.h"
+
+QSimpleCrypto::QAead::QAead()
+{
+}
+
+///
+/// \brief QSimpleCrypto::QAEAD::encryptAesGcm - Function encrypts data with Gcm algorithm.
+/// \param data - Data that will be encrypted.
+/// \param key - AES key.
+/// \param iv - Initialization vector.
+/// \param tag - Authorization tag.
+/// \param aad - Additional authenticated data. Must be nullptr, if not used.
+/// \param cipher - Can be used with OpenSSL EVP_CIPHER (gcm) - 128, 192, 256. Example: EVP_aes_256_gcm().
+/// \return Returns encrypted data or "", if error happened.
+///
+QByteArray QSimpleCrypto::QAead::encryptAesGcm(QByteArray data, QByteArray key, QByteArray iv, QByteArray* tag, QByteArray aad, const EVP_CIPHER* cipher)
+{
+    try {
+        /* Initialize EVP_CIPHER_CTX */
+        std::unique_ptr<EVP_CIPHER_CTX, void (*)(EVP_CIPHER_CTX*)> encryptionCipher { EVP_CIPHER_CTX_new(), EVP_CIPHER_CTX_free };
+        if (encryptionCipher == nullptr) {
+            throw std::runtime_error("Couldn't initialize \'encryptionCipher\'. EVP_CIPHER_CTX_new(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        /* Set data length */
+        int plainTextLength = data.size();
+        int cipherTextLength = 0;
+
+        /* Initialize cipherText. Here encrypted data will be stored */
+        std::unique_ptr<unsigned char[]> cipherText { new unsigned char[plainTextLength]() };
+        if (cipherText == nullptr) {
+            throw std::runtime_error("Couldn't allocate memory for 'ciphertext'.");
+        }
+
+        /* Initialize encryption operation. */
+        if (!EVP_EncryptInit_ex(encryptionCipher.get(), cipher, nullptr, reinterpret_cast<unsigned char*>(key.data()), reinterpret_cast<unsigned char*>(iv.data()))) {
+            throw std::runtime_error("Couldn't initialize encryption operation. EVP_EncryptInit_ex(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        /* Set IV length if default 12 bytes (96 bits) is not appropriate */
+        if (!EVP_CIPHER_CTX_ctrl(encryptionCipher.get(), EVP_CTRL_GCM_SET_IVLEN, iv.length(), nullptr)) {
+            throw std::runtime_error("Couldn't set IV length. EVP_CIPHER_CTX_ctrl(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+//        /* Check if aad need to be used */
+//        if (aad.length() > 0) {
+//            /* Provide any AAD data. This can be called zero or more times as required */
+//            if (!EVP_EncryptUpdate(encryptionCipher.get(), nullptr, &cipherTextLength, reinterpret_cast<unsigned char*>(aad.data()), aad.length())) {
+//                throw std::runtime_error("Couldn't provide aad data. EVP_EncryptUpdate(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+//            }
+//        }
+
+        /*
+         * Provide the message to be encrypted, and obtain the encrypted output.
+         * EVP_EncryptUpdate can be called multiple times if necessary
+        */
+        if (!EVP_EncryptUpdate(encryptionCipher.get(), cipherText.get(), &cipherTextLength, reinterpret_cast<const unsigned char*>(data.data()), plainTextLength)) {
+            throw std::runtime_error("Couldn't provide message to be encrypted. EVP_EncryptUpdate(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        /*
+         * Finalize the encryption. Normally cipher text bytes may be written at
+         * this stage, but this does not occur in GCM mode
+        */
+        if (!EVP_EncryptFinal_ex(encryptionCipher.get(), cipherText.get(), &plainTextLength)) {
+            throw std::runtime_error("Couldn't finalize encryption. EVP_EncryptFinal_ex(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+//        /* Get tag */
+//        if (!EVP_CIPHER_CTX_ctrl(encryptionCipher.get(), EVP_CTRL_GCM_GET_TAG, tag->length(), reinterpret_cast<unsigned char*>(tag->data()))) {
+//            throw std::runtime_error("Couldn't get tag. EVP_CIPHER_CTX_ctrl(. Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+//        }
+
+        /* Finilize data to be readable with qt */
+        QByteArray encryptedData = QByteArray(reinterpret_cast<char*>(cipherText.get()), cipherTextLength);
+
+        return encryptedData;
+
+    } catch (std::exception& exception) {
+        QSimpleCrypto::QAead::error.setError(1, exception.what());
+        return QByteArray();
+    } catch (...) {
+        QSimpleCrypto::QAead::error.setError(2, "Unknown error!");
+        return QByteArray();
+    }
+
+    return QByteArray();
+}
+
+///
+/// \brief QSimpleCrypto::QAEAD::decryptAesGcm - Function decrypts data with Gcm algorithm.
+/// \param data - Data that will be decrypted
+/// \param key - AES key
+/// \param iv - Initialization vector
+/// \param tag - Authorization tag
+/// \param aad - Additional authenticated data. Must be nullptr, if not used
+/// \param cipher - Can be used with OpenSSL EVP_CIPHER (gcm) - 128, 192, 256. Example: EVP_aes_256_gcm()
+/// \return Returns decrypted data or "", if error happened.
+///
+QByteArray QSimpleCrypto::QAead::decryptAesGcm(QByteArray data, QByteArray key, QByteArray iv, QByteArray* tag, QByteArray aad, const EVP_CIPHER* cipher)
+{
+    try {
+        /* Initialize EVP_CIPHER_CTX */
+        std::unique_ptr<EVP_CIPHER_CTX, void (*)(EVP_CIPHER_CTX*)> decryptionCipher { EVP_CIPHER_CTX_new(), EVP_CIPHER_CTX_free };
+        if (decryptionCipher.get() == nullptr) {
+            throw std::runtime_error("Couldn't initialize \'decryptionCipher\'. EVP_CIPHER_CTX_new(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        /* Set data length */
+        int cipherTextLength = data.size();
+        int plainTextLength = 0;
+
+        /* Initialize plainText. Here decrypted data will be stored */
+        std::unique_ptr<unsigned char[]> plainText { new unsigned char[cipherTextLength]() };
+        if (plainText == nullptr) {
+            throw std::runtime_error("Couldn't allocate memory for 'plaintext'.");
+        }
+
+        /* Initialize decryption operation. */
+        if (!EVP_DecryptInit_ex(decryptionCipher.get(), cipher, nullptr, reinterpret_cast<unsigned char*>(key.data()), reinterpret_cast<unsigned char*>(iv.data()))) {
+            throw std::runtime_error("Couldn't initialize decryption operation. EVP_DecryptInit_ex(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        /* Set IV length. Not necessary if this is 12 bytes (96 bits) */
+        if (!EVP_CIPHER_CTX_ctrl(decryptionCipher.get(), EVP_CTRL_GCM_SET_IVLEN, iv.length(), nullptr)) {
+            throw std::runtime_error("Couldn't set IV length. EVP_CIPHER_CTX_ctrl(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+//        /* Check if aad need to be used */
+//        if (aad.length() > 0) {
+//            /* Provide any AAD data. This can be called zero or more times as required */
+//            if (!EVP_DecryptUpdate(decryptionCipher.get(), nullptr, &plainTextLength, reinterpret_cast<unsigned char*>(aad.data()), aad.length())) {
+//                throw std::runtime_error("Couldn't provide aad data. EVP_DecryptUpdate(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+//            }
+//        }
+
+        /*
+         * Provide the message to be decrypted, and obtain the plain text output.
+         * EVP_DecryptUpdate can be called multiple times if necessary
+        */
+        if (!EVP_DecryptUpdate(decryptionCipher.get(), plainText.get(), &plainTextLength, reinterpret_cast<const unsigned char*>(data.data()), cipherTextLength)) {
+            throw std::runtime_error("Couldn't provide message to be decrypted. EVP_DecryptUpdate(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+//        /* Set expected tag value. Works in OpenSSL 1.0.1d and later */
+//        if (!EVP_CIPHER_CTX_ctrl(decryptionCipher.get(), EVP_CTRL_GCM_SET_TAG, tag->length(), reinterpret_cast<unsigned char*>(tag->data()))) {
+//            throw std::runtime_error("Coldn't set tag. EVP_CIPHER_CTX_ctrl(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+//        }
+
+        /*
+         * Finalize the decryption. A positive return value indicates success,
+         * anything else is a failure - the plain text is not trustworthy.
+        */
+        if (!EVP_DecryptFinal_ex(decryptionCipher.get(), plainText.get(), &cipherTextLength)) {
+            throw std::runtime_error("Couldn't finalize decryption. EVP_DecryptFinal_ex(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        /* Finilize data to be readable with qt */
+        QByteArray decryptedData = QByteArray(reinterpret_cast<char*>(plainText.get()), plainTextLength);
+
+        return decryptedData;
+
+    } catch (std::exception& exception) {
+        QSimpleCrypto::QAead::error.setError(1, exception.what());
+        return QByteArray();
+    } catch (...) {
+        QSimpleCrypto::QAead::error.setError(2, "Unknown error!");
+        return QByteArray();
+    }
+
+    return QByteArray();
+}
+
+///
+/// \brief QSimpleCrypto::QAEAD::encryptAesCcm - Function encrypts data with Ccm algorithm.
+/// \param data - Data that will be encrypted.
+/// \param key - AES key.
+/// \param iv - Initialization vector.
+/// \param tag - Authorization tag.
+/// \param aad - Additional authenticated data. Must be nullptr, if not used.
+/// \param cipher - Can be used with OpenSSL EVP_CIPHER (ccm) - 128, 192, 256. Example: EVP_aes_256_ccm().
+/// \return Returns encrypted data or "", if error happened.
+///
+QByteArray QSimpleCrypto::QAead::encryptAesCcm(QByteArray data, QByteArray key, QByteArray iv, QByteArray* tag, QByteArray aad, const EVP_CIPHER* cipher)
+{
+    try {
+        /* Initialize EVP_CIPHER_CTX */
+        std::unique_ptr<EVP_CIPHER_CTX, void (*)(EVP_CIPHER_CTX*)> encryptionCipher { EVP_CIPHER_CTX_new(), EVP_CIPHER_CTX_free };
+        if (encryptionCipher == nullptr) {
+            throw std::runtime_error("Couldn't initialize \'encryptionCipher\'. EVP_CIPHER_CTX_new(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        /* Set data length */
+        int plainTextLength = data.size();
+        int cipherTextLength = 0;
+
+        /* Initialize cipherText. Here encrypted data will be stored */
+        std::unique_ptr<unsigned char[]> cipherText { new unsigned char[plainTextLength]() };
+        if (cipherText.get() == nullptr) {
+            throw std::runtime_error("Couldn't allocate memory for 'ciphertext'.");
+        }
+
+        /* Initialize encryption operation. */
+        if (!EVP_EncryptInit_ex(encryptionCipher.get(), cipher, nullptr, reinterpret_cast<unsigned char*>(key.data()), reinterpret_cast<unsigned char*>(iv.data()))) {
+            throw std::runtime_error("Couldn't initialize encryption operation. EVP_EncryptInit_ex(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        /* Set IV length if default 12 bytes (96 bits) is not appropriate */
+        if (!EVP_CIPHER_CTX_ctrl(encryptionCipher.get(), EVP_CTRL_CCM_SET_IVLEN, iv.length(), nullptr)) {
+            throw std::runtime_error("Couldn't set IV length. EVP_CIPHER_CTX_ctrl(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        /* Set tag length */
+        if (!EVP_CIPHER_CTX_ctrl(encryptionCipher.get(), EVP_CTRL_CCM_SET_TAG, tag->length(), nullptr)) {
+            throw std::runtime_error("Coldn't set tag. EVP_CIPHER_CTX_ctrl(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        /* Check if aad need to be used */
+        if (aad.length() > 0) {
+            /* Provide the total plain text length */
+            if (!EVP_EncryptUpdate(encryptionCipher.get(), nullptr, &cipherTextLength, nullptr, plainTextLength)) {
+                throw std::runtime_error("Couldn't provide total plaintext length. EVP_EncryptUpdate(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+            }
+
+            /* Provide any AAD data. This can be called zero or more times as required */
+            if (!EVP_EncryptUpdate(encryptionCipher.get(), nullptr, &cipherTextLength, reinterpret_cast<unsigned char*>(aad.data()), aad.length())) {
+                throw std::runtime_error("Couldn't provide aad data. EVP_EncryptUpdate(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+            }
+        }
+
+        /*
+         * Provide the message to be encrypted, and obtain the encrypted output.
+         * EVP_EncryptUpdate can be called multiple times if necessary
+        */
+        if (!EVP_EncryptUpdate(encryptionCipher.get(), cipherText.get(), &cipherTextLength, reinterpret_cast<const unsigned char*>(data.data()), plainTextLength)) {
+            throw std::runtime_error("Couldn't provide message to be encrypted. EVP_EncryptUpdate(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        /*
+         * Finalize the encryption. Normally ciphertext bytes may be written at
+         * this stage, but this does not occur in GCM mode
+        */
+        if (!EVP_EncryptFinal_ex(encryptionCipher.get(), cipherText.get(), &plainTextLength)) {
+            throw std::runtime_error("Couldn't finalize encryption. EVP_EncryptFinal_ex(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        /* Get tag */
+        if (!EVP_CIPHER_CTX_ctrl(encryptionCipher.get(), EVP_CTRL_CCM_GET_TAG, tag->length(), reinterpret_cast<unsigned char*>(tag->data()))) {
+            throw std::runtime_error("Couldn't get tag. EVP_CIPHER_CTX_ctrl(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        /* Finilize data to be readable with qt */
+        QByteArray encryptedData = QByteArray(reinterpret_cast<char*>(cipherText.get()), cipherTextLength);
+
+        return encryptedData;
+
+    } catch (std::exception& exception) {
+        QSimpleCrypto::QAead::error.setError(1, exception.what());
+        return QByteArray();
+    } catch (...) {
+        QSimpleCrypto::QAead::error.setError(2, "Unknown error!");
+        return QByteArray();
+    }
+
+    return QByteArray();
+}
+
+///
+/// \brief QSimpleCrypto::QAEAD::decryptAesCcm - Function decrypts data with Ccm algorithm.
+/// \param data - Data that will be decrypted.
+/// \param key - AES key.
+/// \param iv - Initialization vector.
+/// \param tag - Authorization tag.
+/// \param aad - Additional authenticated data. Must be nullptr, if not used.
+/// \param cipher - Can be used with OpenSSL EVP_CIPHER (ccm) - 128, 192, 256. Example: EVP_aes_256_ccm().
+/// \return Returns decrypted data or "", if error happened.
+///
+QByteArray QSimpleCrypto::QAead::decryptAesCcm(QByteArray data, QByteArray key, QByteArray iv, QByteArray* tag, QByteArray aad, const EVP_CIPHER* cipher)
+{
+    try {
+        /* Initialize EVP_CIPHER_CTX */
+        std::unique_ptr<EVP_CIPHER_CTX, void (*)(EVP_CIPHER_CTX*)> decryptionCipher { EVP_CIPHER_CTX_new(), EVP_CIPHER_CTX_free };
+        if (decryptionCipher.get() == nullptr) {
+            throw std::runtime_error("Couldn't initialize \'decryptionCipher\'. EVP_CIPHER_CTX_new(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        /* Set data length */
+        int cipherTextLength = data.size();
+        int plainTextLength = 0;
+
+        /* Initialize plainText. Here decrypted data will be stored */
+        std::unique_ptr<unsigned char[]> plainText { new unsigned char[cipherTextLength]() };
+        if (plainText == nullptr) {
+            throw std::runtime_error("Couldn't allocate memory for 'plaintext'.");
+        }
+
+        /* Initialize decryption operation. */
+        if (!EVP_DecryptInit_ex(decryptionCipher.get(), cipher, nullptr, reinterpret_cast<unsigned char*>(key.data()), reinterpret_cast<unsigned char*>(iv.data()))) {
+            throw std::runtime_error("Couldn't initialize decryption operation. EVP_DecryptInit_ex(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        /* Set IV length. Not necessary if this is 12 bytes (96 bits) */
+        if (!EVP_CIPHER_CTX_ctrl(decryptionCipher.get(), EVP_CTRL_CCM_SET_IVLEN, iv.length(), nullptr)) {
+            throw std::runtime_error("Couldn't set IV length. EVP_CIPHER_CTX_ctrl(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        /* Set expected tag value. Works in OpenSSL 1.0.1d and later */
+        if (!EVP_CIPHER_CTX_ctrl(decryptionCipher.get(), EVP_CTRL_CCM_SET_TAG, tag->length(), reinterpret_cast<unsigned char*>(tag->data()))) {
+            throw std::runtime_error("Coldn't set tag. EVP_CIPHER_CTX_ctrl(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        /* Check if aad need to be used */
+        if (aad.length() > 0) {
+            /* Provide the total ciphertext length */
+            if (!EVP_DecryptUpdate(decryptionCipher.get(), nullptr, &plainTextLength, nullptr, cipherTextLength)) {
+                throw std::runtime_error("Couldn't provide total plaintext length. EVP_DecryptUpdate(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+            }
+
+            /* Provide any AAD data. This can be called zero or more times as required */
+            if (!EVP_DecryptUpdate(decryptionCipher.get(), nullptr, &plainTextLength, reinterpret_cast<unsigned char*>(aad.data()), aad.length())) {
+                throw std::runtime_error("Couldn't provide aad data. EVP_DecryptUpdate(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+            }
+        }
+
+        /*
+         * Provide the message to be decrypted, and obtain the plaintext output.
+         * EVP_DecryptUpdate can be called multiple times if necessary
+        */
+        if (!EVP_DecryptUpdate(decryptionCipher.get(), plainText.get(), &plainTextLength, reinterpret_cast<const unsigned char*>(data.data()), cipherTextLength)) {
+            throw std::runtime_error("Couldn't provide message to be decrypted. EVP_DecryptUpdate(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        /*
+         * Finalize the decryption. A positive return value indicates success,
+         * anything else is a failure - the plaintext is not trustworthy.
+        */
+        if (!EVP_DecryptFinal_ex(decryptionCipher.get(), plainText.get(), &cipherTextLength)) {
+            throw std::runtime_error("Couldn't finalize decryption. EVP_DecryptFinal_ex(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        /* Finilize data to be readable with qt */
+        QByteArray decryptedData = QByteArray(reinterpret_cast<char*>(plainText.get()), plainTextLength);
+
+        return decryptedData;
+
+    } catch (std::exception& exception) {
+        QSimpleCrypto::QAead::error.setError(1, exception.what());
+        return QByteArray();
+    } catch (...) {
+        QSimpleCrypto::QAead::error.setError(2, "Unknown error!");
+        return QByteArray();
+    }
+
+    return QByteArray();
+}

client/3rd/QSimpleCrypto/sources/QBlockCipher.cpp

@@ -0,0 +1,193 @@
+/**
+ * Copyright 2021 BrutalWizard (https://github.com/bru74lw1z4rd). All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution
+**/
+
+#include "include/QBlockCipher.h"
+
+QSimpleCrypto::QBlockCipher::QBlockCipher()
+{
+}
+
+///
+/// \brief QSimpleCrypto::QBlockCipher::generateRandomBytes - Function generates random bytes by size.
+/// \param size - Size of generated bytes.
+/// \return Returns random bytes.
+///
+QByteArray QSimpleCrypto::QBlockCipher::generateRandomBytes(const int& size)
+{
+    unsigned char arr[sizeof(size)];
+    RAND_bytes(arr, sizeof(size));
+
+    QByteArray buffer = QByteArray(reinterpret_cast<char*>(arr), size);
+    return buffer;
+}
+
+QByteArray QSimpleCrypto::QBlockCipher::generateSecureRandomBytes(const int &size)
+{
+    unsigned char arr[sizeof(size)];
+    RAND_priv_bytes(arr, sizeof(size));
+
+    QByteArray buffer = QByteArray(reinterpret_cast<char*>(arr), size);
+    return buffer;
+}
+
+///
+/// \brief QSimpleCrypto::QBlockCipher::encryptAesBlockCipher - Function encrypts data with Aes Block Cipher algorithm.
+/// \param data - Data that will be encrypted.
+/// \param key - AES key.
+/// \param iv - Initialization vector.
+/// \param password - Encryption password.
+/// \param salt - Random delta.
+/// \param rounds - Transformation rounds.
+/// \param chiper - Can be used with OpenSSL EVP_CIPHER (ecb, cbc, cfb, ofb, ctr) - 128, 192, 256. Example: EVP_aes_256_cbc().
+/// \param md - Hash algroitm (OpenSSL EVP_MD). Example: EVP_sha512().
+/// \return Returns decrypted data or "", if error happened.
+///
+QByteArray QSimpleCrypto::QBlockCipher::encryptAesBlockCipher(QByteArray data, QByteArray key,
+    QByteArray iv,
+    const int& rounds, const EVP_CIPHER* cipher, const EVP_MD* md)
+{
+    try {
+        /* Initialize EVP_CIPHER_CTX */
+        std::unique_ptr<EVP_CIPHER_CTX, void (*)(EVP_CIPHER_CTX*)> encryptionCipher { EVP_CIPHER_CTX_new(), EVP_CIPHER_CTX_free };
+        if (encryptionCipher == nullptr) {
+            throw std::runtime_error("Couldn't initialize \'encryptionCipher\'. EVP_CIPHER_CTX_new(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        /* Reinterpret values for multi use */
+        unsigned char* m_key = reinterpret_cast<unsigned char*>(key.data());
+        unsigned char* m_iv = reinterpret_cast<unsigned char*>(iv.data());
+
+        /* Set data length */
+        int cipherTextLength(data.size() + AES_BLOCK_SIZE);
+        int finalLength = 0;
+
+        /* Initialize cipcherText. Here encrypted data will be stored */
+        std::unique_ptr<unsigned char[]> cipherText { new unsigned char[cipherTextLength]() };
+        if (cipherText == nullptr) {
+            throw std::runtime_error("Couldn't allocate memory for 'cipherText'.");
+        }
+
+        // Bug here
+//        /* Start encryption with password based encryption routine */
+//        if (!EVP_BytesToKey(cipher, md, reinterpret_cast<unsigned char*>(salt.data()), reinterpret_cast<unsigned char*>(password.data()), password.length(), rounds, m_key, m_iv)) {
+//            throw std::runtime_error("Couldn't start encryption routine. EVP_BytesToKey(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+//        }
+
+        /* Initialize encryption operation. */
+        if (!EVP_EncryptInit_ex(encryptionCipher.get(), cipher, nullptr, m_key, m_iv)) {
+            throw std::runtime_error("Couldn't initialize encryption operation. EVP_EncryptInit_ex(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        /*
+         * Provide the message to be encrypted, and obtain the encrypted output.
+         * EVP_EncryptUpdate can be called multiple times if necessary
+        */
+        if (!EVP_EncryptUpdate(encryptionCipher.get(), cipherText.get(), &cipherTextLength, reinterpret_cast<const unsigned char*>(data.data()), data.size())) {
+            throw std::runtime_error("Couldn't provide message to be encrypted. EVP_EncryptUpdate(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        /* Finalize the encryption. Normally ciphertext bytes may be written at this stage */
+        if (!EVP_EncryptFinal(encryptionCipher.get(), cipherText.get() + cipherTextLength, &finalLength)) {
+            throw std::runtime_error("Couldn't finalize encryption. EVP_EncryptFinal(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        /* Finilize data to be readable with qt */
+        QByteArray encryptedData = QByteArray(reinterpret_cast<char*>(cipherText.get()), cipherTextLength + finalLength);
+
+        return encryptedData;
+
+    } catch (std::exception& exception) {
+        QSimpleCrypto::QBlockCipher::error.setError(1, exception.what());
+        return QByteArray();
+    } catch (...) {
+        QSimpleCrypto::QBlockCipher::error.setError(2, "Unknown error!");
+        return QByteArray();
+    }
+
+    return QByteArray();
+}
+
+///
+/// \brief QSimpleCrypto::QBlockCipher::encryptAesBlockCipher - Function decrypts data with Aes Block Cipher algorithm.
+/// \param data - Data that will be decrypted.
+/// \param key - AES key.
+/// \param iv - Initialization vector.
+/// \param password - Decryption password.
+/// \param salt - Random delta.
+/// \param rounds - Transformation rounds.
+/// \param chiper - Can be used with OpenSSL EVP_CIPHER (ecb, cbc, cfb, ofb, ctr) - 128, 192, 256. Example: EVP_aes_256_cbc().
+/// \param md - Hash algroitm (OpenSSL EVP_MD). Example: EVP_sha512().
+/// \return Returns decrypted data or "", if error happened.
+///
+QByteArray QSimpleCrypto::QBlockCipher::decryptAesBlockCipher(QByteArray data, QByteArray key,
+    QByteArray iv,
+    const int& rounds, const EVP_CIPHER* cipher, const EVP_MD* md)
+{
+    try {
+        /* Initialize EVP_CIPHER_CTX */
+        std::unique_ptr<EVP_CIPHER_CTX, void (*)(EVP_CIPHER_CTX*)> decryptionCipher { EVP_CIPHER_CTX_new(), EVP_CIPHER_CTX_free };
+        if (decryptionCipher == nullptr) {
+            throw std::runtime_error("Couldn't initialize \'decryptionCipher\'. EVP_CIPHER_CTX_new(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        /* Reinterpret values for multi use */
+        unsigned char* m_key = reinterpret_cast<unsigned char*>(key.data());
+        unsigned char* m_iv = reinterpret_cast<unsigned char*>(iv.data());
+
+        /* Set data length */
+        int plainTextLength(data.size());
+        int finalLength = 0;
+
+        /* Initialize plainText. Here decrypted data will be stored */
+        std::unique_ptr<unsigned char[]> plainText { new unsigned char[plainTextLength + AES_BLOCK_SIZE]() };
+        if (plainText == nullptr) {
+            throw std::runtime_error("Couldn't allocate memory for \'plainText\'. EVP_CIPHER_CTX_new(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        // Bug here
+//        /* Start encryption with password based encryption routine */
+//        if (!EVP_BytesToKey(cipher, md, reinterpret_cast<const unsigned char*>(salt.data()), reinterpret_cast<const unsigned char*>(password.data()), password.length(), rounds, m_key, m_iv)) {
+//            throw std::runtime_error("Couldn't start decryption routine. EVP_BytesToKey(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+//        }
+
+        /* Initialize decryption operation. */
+        if (!EVP_DecryptInit_ex(decryptionCipher.get(), cipher, nullptr, m_key, m_iv)) {
+            throw std::runtime_error("Couldn't initialize decryption operation. EVP_DecryptInit_ex(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        /*
+         * Provide the message to be decrypted, and obtain the plaintext output.
+         * EVP_DecryptUpdate can be called multiple times if necessary
+        */
+        if (!EVP_DecryptUpdate(decryptionCipher.get(), plainText.get(), &plainTextLength, reinterpret_cast<const unsigned char*>(data.data()), data.size())) {
+            throw std::runtime_error("Couldn't provide message to be decrypted. EVP_DecryptUpdate(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        /*
+         * Finalize the decryption. A positive return value indicates success,
+         * anything else is a failure - the plaintext is not trustworthy.
+        */
+        if (!EVP_DecryptFinal(decryptionCipher.get(), plainText.get() + plainTextLength, &finalLength)) {
+            throw std::runtime_error("Couldn't finalize decryption. EVP_DecryptFinal. Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        /* Finilize data to be readable with qt */
+        QByteArray decryptedData = QByteArray(reinterpret_cast<char*>(plainText.get()), plainTextLength + finalLength);
+
+        return decryptedData;
+
+    } catch (std::exception& exception) {
+        QSimpleCrypto::QBlockCipher::error.setError(1, exception.what());
+        return QByteArray(exception.what());
+    } catch (...) {
+        QSimpleCrypto::QBlockCipher::error.setError(2, "Unknown error!");
+        return QByteArray();
+    }
+
+    return QByteArray();
+}

client/3rd/QSimpleCrypto/sources/QCryptoError.cpp

@@ -0,0 +1,6 @@
+#include "include/QCryptoError.h"
+
+QSimpleCrypto::QCryptoError::QCryptoError(QObject* parent)
+    : QObject(parent)
+{
+}

client/3rd/QSimpleCrypto/sources/QRsa.cpp

@@ -0,0 +1,274 @@
+/**
+ * Copyright 2021 BrutalWizard (https://github.com/bru74lw1z4rd). All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution
+**/
+
+#include "include/QRsa.h"
+
+QSimpleCrypto::QRsa::QRsa()
+{
+}
+
+///
+/// \brief QSimpleCrypto::QRSA::generateRsaKeys - Function generate Rsa Keys and returns them in OpenSSL structure.
+/// \param bits - RSA key size.
+/// \param rsaBigNumber - The exponent is an odd number, typically 3, 17 or 65537.
+/// \return Returns 'OpenSSL RSA structure' or 'nullptr', if error happened. Returned value must be cleaned up with 'RSA_free()' to avoid memory leak.
+///
+RSA* QSimpleCrypto::QRsa::generateRsaKeys(const int& bits, const int& rsaBigNumber)
+{
+    try {
+        /* Initialize big number */
+        std::unique_ptr<BIGNUM, void (*)(BIGNUM*)> bigNumber { BN_new(), BN_free };
+        if (bigNumber == nullptr) {
+            throw std::runtime_error("Couldn't initialize \'bigNumber\'. BN_new(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+            return nullptr;
+        }
+
+        /* Set big number */
+        if (!BN_set_word(bigNumber.get(), rsaBigNumber)) {
+            throw std::runtime_error("Couldn't set bigNumber. BN_set_word(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        /* Initialize RSA */
+        RSA* rsa = nullptr;
+        if (!(rsa = RSA_new())) {
+            throw std::runtime_error("Couldn't initialize x509. X509_new(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        /* Generate key pair and store it in RSA */
+        if (!RSA_generate_key_ex(rsa, bits, bigNumber.get(), nullptr)) {
+            throw std::runtime_error("Couldn't generate RSA. RSA_generate_key_ex(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        return rsa;
+    } catch (std::exception& exception) {
+        QSimpleCrypto::QRsa::error.setError(1, exception.what());
+        return nullptr;
+    } catch (...) {
+        QSimpleCrypto::QRsa::error.setError(2, "Unknown error!");
+        return nullptr;
+    }
+}
+
+///
+/// \brief QSimpleCrypto::QRSA::savePublicKey - Saves to file RSA public key.
+/// \param rsa - OpenSSL RSA structure.
+/// \param publicKeyFileName - Public key file name.
+///
+void QSimpleCrypto::QRsa::savePublicKey(RSA* rsa, const QByteArray& publicKeyFileName)
+{
+    try {
+        /* Initialize BIO */
+        std::unique_ptr<BIO, void (*)(BIO*)> bioPublicKey { BIO_new_file(publicKeyFileName.data(), "w+"), BIO_free_all };
+        if (bioPublicKey == nullptr) {
+            throw std::runtime_error("Couldn't initialize \'bioPublicKey\'. BIO_new_file(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        /* Write public key on file */
+        if (!PEM_write_bio_RSA_PUBKEY(bioPublicKey.get(), rsa)) {
+            throw std::runtime_error("Couldn't save public key. PEM_write_bio_RSAPublicKey(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+    } catch (std::exception& exception) {
+        QSimpleCrypto::QRsa::error.setError(1, exception.what());
+        return;
+    } catch (...) {
+        QSimpleCrypto::QRsa::error.setError(2, "Unknown error!");
+        return;
+    }
+}
+
+///
+/// \brief QSimpleCrypto::QRSA::savePrivateKey - Saves to file RSA private key.
+/// \param rsa - OpenSSL RSA structure.
+/// \param privateKeyFileName - Private key file name.
+/// \param password - Private key password.
+/// \param cipher - Can be used with 'OpenSSL EVP_CIPHER' (ecb, cbc, cfb, ofb, ctr) - 128, 192, 256. Example: EVP_aes_256_cbc().
+///
+void QSimpleCrypto::QRsa::savePrivateKey(RSA* rsa, const QByteArray& privateKeyFileName, QByteArray password, const EVP_CIPHER* cipher)
+{
+    try {
+        /* Initialize BIO */
+        std::unique_ptr<BIO, void (*)(BIO*)> bioPrivateKey { BIO_new_file(privateKeyFileName.data(), "w+"), BIO_free_all };
+        if (bioPrivateKey == nullptr) {
+            throw std::runtime_error("Couldn't initialize bioPrivateKey. BIO_new_file(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        /* Write private key to file */
+        if (!PEM_write_bio_RSAPrivateKey(bioPrivateKey.get(), rsa, cipher, reinterpret_cast<unsigned char*>(password.data()), password.size(), nullptr, nullptr)) {
+            throw std::runtime_error("Couldn't save private key. PEM_write_bio_RSAPrivateKey(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+    } catch (std::exception& exception) {
+        QSimpleCrypto::QRsa::error.setError(1, exception.what());
+        return;
+    } catch (...) {
+        QSimpleCrypto::QRsa::error.setError(2, "Unknown error!");
+        return;
+    }
+}
+
+///
+/// \brief QSimpleCrypto::QRSA::getPublicKeyFromFile - Gets RSA public key from a file.
+/// \param filePath - File path to public key file.
+/// \return Returns 'OpenSSL EVP_PKEY structure' or 'nullptr', if error happened. Returned value must be cleaned up with 'EVP_PKEY_free()' to avoid memory leak.
+///
+EVP_PKEY* QSimpleCrypto::QRsa::getPublicKeyFromFile(const QByteArray& filePath)
+{
+    try {
+        /* Initialize BIO */
+        std::unique_ptr<BIO, void (*)(BIO*)> bioPublicKey { BIO_new_file(filePath.data(), "r"), BIO_free_all };
+        if (bioPublicKey == nullptr) {
+            throw std::runtime_error("Couldn't initialize bioPublicKey. BIO_new_file(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        /* Initialize EVP_PKEY */
+        EVP_PKEY* keyStore = nullptr;
+        if (!(keyStore = EVP_PKEY_new())) {
+            throw std::runtime_error("Couldn't initialize keyStore. EVP_PKEY_new(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        /* Write private key to file */
+        if (!PEM_read_bio_PUBKEY(bioPublicKey.get(), &keyStore, nullptr, nullptr)) {
+            throw std::runtime_error("Couldn't read private key. PEM_read_bio_PrivateKey(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        return keyStore;
+
+    } catch (std::exception& exception) {
+        QSimpleCrypto::QRsa::error.setError(1, exception.what());
+        return nullptr;
+    } catch (...) {
+        QSimpleCrypto::QRsa::error.setError(2, "Unknown error!");
+        return nullptr;
+    }
+}
+
+///
+/// \brief QSimpleCrypto::QRSA::getPrivateKeyFromFile - Gets RSA private key from a file.
+/// \param filePath - File path to private key file.
+/// \param password - Private key password.
+/// \return - Returns 'OpenSSL EVP_PKEY structure' or 'nullptr', if error happened. Returned value must be cleaned up with 'EVP_PKEY_free()' to avoid memory leak.
+///
+EVP_PKEY* QSimpleCrypto::QRsa::getPrivateKeyFromFile(const QByteArray& filePath, const QByteArray& password)
+{
+    try {
+        /* Initialize BIO */
+        std::unique_ptr<BIO, void (*)(BIO*)> bioPrivateKey { BIO_new_file(filePath.data(), "r"), BIO_free_all };
+        if (bioPrivateKey == nullptr) {
+            throw std::runtime_error("Couldn't initialize bioPrivateKey. BIO_new_file(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        /* Initialize EVP_PKEY */
+        EVP_PKEY* keyStore = nullptr;
+        if (!(keyStore = EVP_PKEY_new())) {
+            throw std::runtime_error("Couldn't initialize keyStore. EVP_PKEY_new(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        /* Write private key to file */
+        if (!PEM_read_bio_PrivateKey(bioPrivateKey.get(), &keyStore, nullptr, (void*)password.data())) {
+            throw std::runtime_error("Couldn't read private key. PEM_read_bio_PrivateKey(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        return keyStore;
+
+    } catch (std::exception& exception) {
+        QSimpleCrypto::QRsa::error.setError(1, exception.what());
+        return nullptr;
+    } catch (...) {
+        QSimpleCrypto::QRsa::error.setError(2, "Unknown error!");
+        return nullptr;
+    }
+}
+
+///
+/// \brief QSimpleCrypto::QRSA::encrypt - Encrypt data with RSA algorithm.
+/// \param plaintext - Text that must be encrypted.
+/// \param rsa - OpenSSL RSA structure.
+/// \param encryptType - Public or private encrypt type. (PUBLIC_ENCRYPT, PRIVATE_ENCRYPT).
+/// \param padding - OpenSSL RSA padding can be used with: 'RSA_PKCS1_PADDING', 'RSA_NO_PADDING' and etc.
+/// \return Returns encrypted data or "", if error happened.
+///
+QByteArray QSimpleCrypto::QRsa::encrypt(QByteArray plainText, RSA* rsa, const int& encryptType, const int& padding)
+{
+    try {
+        /* Initialize array. Here encrypted data will be saved */
+        std::unique_ptr<unsigned char[]> cipherText { new unsigned char[RSA_size(rsa)]() };
+        if (cipherText == nullptr) {
+            throw std::runtime_error("Couldn't allocate memory for 'cipherText'.");
+        }
+
+        /* Result of encryption operation */
+        short int result = 0;
+
+        /* Execute encryption operation */
+        if (encryptType == PublicDecrypt) {
+            result = RSA_public_encrypt(plainText.size(), reinterpret_cast<unsigned char*>(plainText.data()), cipherText.get(), rsa, padding);
+        } else if (encryptType == PrivateDecrypt) {
+            result = RSA_private_encrypt(plainText.size(), reinterpret_cast<unsigned char*>(plainText.data()), cipherText.get(), rsa, padding);
+        }
+
+        /* Check for result */
+        if (result <= -1) {
+            throw std::runtime_error("Couldn't encrypt data. Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        /* Get encrypted data */
+        const QByteArray& encryptedData = QByteArray(reinterpret_cast<char*>(cipherText.get()), RSA_size(rsa));
+
+        return encryptedData;
+    } catch (std::exception& exception) {
+        QSimpleCrypto::QRsa::error.setError(1, exception.what());
+        return "";
+    } catch (...) {
+        QSimpleCrypto::QRsa::error.setError(2, "Unknown error!");
+        return "";
+    }
+}
+
+///
+/// \brief QSimpleCrypto::QRSA::decrypt - Decrypt data with RSA algorithm.
+/// \param cipherText - Text that must be decrypted.
+/// \param rsa - OpenSSL RSA structure.
+/// \param decryptType - Public or private type. (PUBLIC_DECRYPT, PRIVATE_DECRYPT).
+/// \param padding  - RSA padding can be used with: 'RSA_PKCS1_PADDING', 'RSA_NO_PADDING' and etc.
+/// \return - Returns decrypted data or "", if error happened.
+///
+QByteArray QSimpleCrypto::QRsa::decrypt(QByteArray cipherText, RSA* rsa, const int& decryptType, const int& padding)
+{
+    try {
+        /* Initialize array. Here decrypted data will be saved */
+        std::unique_ptr<unsigned char[]> plainText { new unsigned char[cipherText.size()]() };
+        if (plainText == nullptr) {
+            throw std::runtime_error("Couldn't allocate memory for 'plainText'.");
+        }
+
+        /* Result of decryption operation */
+        short int result = 0;
+
+        /* Execute decryption operation */
+        if (decryptType == PublicDecrypt) {
+            result = RSA_public_decrypt(RSA_size(rsa), reinterpret_cast<unsigned char*>(cipherText.data()), plainText.get(), rsa, padding);
+        } else if (decryptType == PrivateDecrypt) {
+            result = RSA_private_decrypt(RSA_size(rsa), reinterpret_cast<unsigned char*>(cipherText.data()), plainText.get(), rsa, padding);
+        }
+
+        /* Check for result */
+        if (result <= -1) {
+            throw std::runtime_error("Couldn't decrypt data. Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        /* Get decrypted data */
+        const QByteArray& decryptedData = QByteArray(reinterpret_cast<char*>(plainText.get()));
+
+        return decryptedData;
+    } catch (std::exception& exception) {
+        QSimpleCrypto::QRsa::error.setError(1, exception.what());
+        return "";
+    } catch (...) {
+        QSimpleCrypto::QRsa::error.setError(2, "Unknown error!");
+        return "";
+    }
+}

client/3rd/QSimpleCrypto/sources/QX509.cpp

@@ -0,0 +1,234 @@
+/**
+ * Copyright 2021 BrutalWizard (https://github.com/bru74lw1z4rd). All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution
+**/
+
+#include "include/QX509.h"
+
+QSimpleCrypto::QX509::QX509()
+{
+}
+
+///
+/// \brief QSimpleCrypto::QX509::loadCertificateFromFile - Function load X509 from file and returns OpenSSL structure.
+/// \param fileName - File path to certificate.
+/// \return Returns OpenSSL X509 structure or nullptr, if error happened. Returned value must be cleaned up with 'X509_free' to avoid memory leak.
+///
+X509* QSimpleCrypto::QX509::loadCertificateFromFile(const QByteArray& fileName)
+{
+    try {
+        /* Initialize X509 */
+        X509* x509 = nullptr;
+        if (!(x509 = X509_new())) {
+            throw std::runtime_error("Couldn't initialize X509. X509_new(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        /* Initialize BIO */
+        std::unique_ptr<BIO, void (*)(BIO*)> certFile { BIO_new_file(fileName.data(), "r+"), BIO_free_all };
+        if (certFile == nullptr) {
+            throw std::runtime_error("Couldn't initialize certFile. BIO_new_file(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        /* Read file */
+        if (!PEM_read_bio_X509(certFile.get(), &x509, nullptr, nullptr)) {
+            throw std::runtime_error("Couldn't read certificate file from disk. PEM_read_bio_X509(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        return x509;
+    } catch (std::exception& exception) {
+        QSimpleCrypto::QX509::error.setError(1, exception.what());
+        return nullptr;
+    } catch (...) {
+        QSimpleCrypto::QX509::error.setError(2, "Unknown error!");
+        return nullptr;
+    }
+}
+
+///
+/// \brief QSimpleCrypto::QX509::signCertificate - Function signs X509 certificate and returns signed X509 OpenSSL structure.
+/// \param endCertificate - Certificate that will be signed
+/// \param caCertificate - CA certificate that will sign end certificate
+/// \param caPrivateKey - CA certificate private key
+/// \param fileName - With that name certificate will be saved. Leave "", if don't need to save it
+/// \return Returns OpenSSL X509 structure or nullptr, if error happened.
+///
+X509* QSimpleCrypto::QX509::signCertificate(X509* endCertificate, X509* caCertificate, EVP_PKEY* caPrivateKey, const QByteArray& fileName)
+{
+    try {
+        /* Set issuer to CA's subject. */
+        if (!X509_set_issuer_name(endCertificate, X509_get_subject_name(caCertificate))) {
+            throw std::runtime_error("Couldn't set issuer name for X509. X509_set_issuer_name(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        /* Sign the certificate with key. */
+        if (!X509_sign(endCertificate, caPrivateKey, EVP_sha256())) {
+            throw std::runtime_error("Couldn't sign X509. X509_sign(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        /* Write certificate file on disk. If needed */
+        if (!fileName.isEmpty()) {
+            /* Initialize BIO */
+            std::unique_ptr<BIO, void (*)(BIO*)> certFile { BIO_new_file(fileName.data(), "w+"), BIO_free_all };
+            if (certFile == nullptr) {
+                throw std::runtime_error("Couldn't initialize certFile. BIO_new_file(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+            }
+
+            /* Write file on disk */
+            if (!PEM_write_bio_X509(certFile.get(), endCertificate)) {
+                throw std::runtime_error("Couldn't write certificate file on disk. PEM_write_bio_X509(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+            }
+        }
+
+        return endCertificate;
+    } catch (std::exception& exception) {
+        QSimpleCrypto::QX509::error.setError(1, exception.what());
+        return nullptr;
+    } catch (...) {
+        QSimpleCrypto::QX509::error.setError(2, "Unknown error!");
+        return nullptr;
+    }
+}
+
+///
+/// \brief QSimpleCrypto::QX509::verifyCertificate - Function verifies X509 certificate and returns verified X509 OpenSSL structure.
+/// \param x509 - OpenSSL X509. That certificate will be verified.
+/// \param store - Trusted certificate must be added to X509_Store with 'addCertificateToStore(X509_STORE* ctx, X509* x509)'.
+/// \return Returns OpenSSL X509 structure or nullptr, if error happened
+///
+X509* QSimpleCrypto::QX509::verifyCertificate(X509* x509, X509_STORE* store)
+{
+    try {
+        /* Initialize X509_STORE_CTX */
+        std::unique_ptr<X509_STORE_CTX, void (*)(X509_STORE_CTX*)> ctx { X509_STORE_CTX_new(), X509_STORE_CTX_free };
+        if (ctx == nullptr) {
+            throw std::runtime_error("Couldn't initialize keyStore. EVP_PKEY_new(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        /* Set up CTX for a subsequent verification operation */
+        if (!X509_STORE_CTX_init(ctx.get(), store, x509, nullptr)) {
+            throw std::runtime_error("Couldn't initialize X509_STORE_CTX. X509_STORE_CTX_init(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        /* Verify X509 */
+        if (!X509_verify_cert(ctx.get())) {
+            throw std::runtime_error("Couldn't verify cert. X509_verify_cert(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        return x509;
+    } catch (std::exception& exception) {
+        QSimpleCrypto::QX509::error.setError(1, exception.what());
+        return nullptr;
+    } catch (...) {
+        QSimpleCrypto::QX509::error.setError(2, "Unknown error!");
+        return nullptr;
+    }
+}
+
+///
+/// \brief QSimpleCrypto::QX509::generateSelfSignedCertificate - Function generatesand returns  self signed X509.
+/// \param rsa - OpenSSL RSA.
+/// \param additionalData - Certificate information.
+/// \param certificateFileName - With that name certificate will be saved. Leave "", if don't need to save it.
+/// \param md - OpenSSL EVP_MD structure. Example: EVP_sha512().
+/// \param serialNumber - X509 certificate serial number.
+/// \param version - X509 certificate version.
+/// \param notBefore - X509 start date.
+/// \param notAfter - X509 end date.
+/// \return Returns OpenSSL X509 structure or nullptr, if error happened. Returned value must be cleaned up with 'X509_free' to avoid memory leak.
+///
+X509* QSimpleCrypto::QX509::generateSelfSignedCertificate(RSA* rsa, const QMap<QByteArray, QByteArray>& additionalData,
+    const QByteArray& certificateFileName, const EVP_MD* md,
+    const long& serialNumber, const long& version,
+    const long& notBefore, const long& notAfter)
+{
+    try {
+        /* Initialize X509 */
+        X509* x509 = nullptr;
+        if (!(x509 = X509_new())) {
+            throw std::runtime_error("Couldn't initialize X509. X509_new(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        /* Initialize EVP_PKEY */
+        std::unique_ptr<EVP_PKEY, void (*)(EVP_PKEY*)> keyStore { EVP_PKEY_new(), EVP_PKEY_free };
+        if (keyStore == nullptr) {
+            throw std::runtime_error("Couldn't initialize keyStore. EVP_PKEY_new(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        /* Sign rsa key */
+        if (!EVP_PKEY_assign_RSA(keyStore.get(), rsa)) {
+            throw std::runtime_error("Couldn't assign rsa. EVP_PKEY_assign_RSA(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        /* Set certificate serial number. */
+        if (!ASN1_INTEGER_set(X509_get_serialNumber(x509), serialNumber)) {
+            throw std::runtime_error("Couldn't set serial number. ASN1_INTEGER_set(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        /* Set certificate version */
+        if (!X509_set_version(x509, version)) {
+            throw std::runtime_error("Couldn't set version. X509_set_version(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        /* Set certificate creation and expiration date */
+        X509_gmtime_adj(X509_get_notBefore(x509), notBefore);
+        X509_gmtime_adj(X509_get_notAfter(x509), notAfter);
+
+        /* Set certificate public key */
+        if (!X509_set_pubkey(x509, keyStore.get())) {
+            throw std::runtime_error("Couldn't set public key. X509_set_pubkey(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        /* Initialize X509_NAME */
+        X509_NAME* x509Name = X509_get_subject_name(x509);
+        if (x509Name == nullptr) {
+            throw std::runtime_error("Couldn't initialize X509_NAME. X509_NAME(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        /* Add additional data to certificate */
+        QMapIterator<QByteArray, QByteArray> certificateInformationList(additionalData);
+        while (certificateInformationList.hasNext()) {
+            /* Read next item in list */
+            certificateInformationList.next();
+
+            /* Set additional data */
+            if (!X509_NAME_add_entry_by_txt(x509Name, certificateInformationList.key().data(), MBSTRING_UTF8, reinterpret_cast<const unsigned char*>(certificateInformationList.value().data()), -1, -1, 0)) {
+                throw std::runtime_error("Couldn't set additional information. X509_NAME_add_entry_by_txt(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+            }
+        }
+
+        /* Set certificate info */
+        if (!X509_set_issuer_name(x509, x509Name)) {
+            throw std::runtime_error("Couldn't set issuer name. X509_set_issuer_name(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        /* Sign certificate */
+        if (!X509_sign(x509, keyStore.get(), md)) {
+            throw std::runtime_error("Couldn't sign X509. X509_sign(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        }
+
+        /* Write certificate file on disk. If needed */
+        if (!certificateFileName.isEmpty()) {
+            /* Initialize BIO */
+            std::unique_ptr<BIO, void (*)(BIO*)> certFile { BIO_new_file(certificateFileName.data(), "w+"), BIO_free_all };
+            if (certFile == nullptr) {
+                throw std::runtime_error("Couldn't initialize certFile. BIO_new_file(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+            }
+
+            /* Write file on disk */
+            if (!PEM_write_bio_X509(certFile.get(), x509)) {
+                throw std::runtime_error("Couldn't write certificate file on disk. PEM_write_bio_X509(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+            }
+        }
+
+        return x509;
+    } catch (std::exception& exception) {
+        QSimpleCrypto::QX509::error.setError(1, exception.what());
+        return nullptr;
+    } catch (...) {
+        QSimpleCrypto::QX509::error.setError(2, "Unknown error!");
+        return nullptr;
+    }
+}

client/3rd/QSimpleCrypto/sources/QX509Store.cpp

@@ -0,0 +1,176 @@
+/**
+ * Copyright 2021 BrutalWizard (https://github.com/bru74lw1z4rd). All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution
+**/
+
+#include "include/QX509Store.h"
+
+QSimpleCrypto::QX509Store::QX509Store()
+{
+}
+
+///
+/// \brief QSimpleCrypto::QX509::addCertificateToStore
+/// \param store - OpenSSL X509_STORE.
+/// \param x509 - OpenSSL X509.
+/// \return Returns 'true' on success and 'false', if error happened.
+///
+bool QSimpleCrypto::QX509Store::addCertificateToStore(X509_STORE* store, X509* x509)
+{
+    if (!X509_STORE_add_cert(store, x509)) {
+        QSimpleCrypto::QX509Store::error.setError(1, "Couldn't add certificate to X509_STORE. X509_STORE_add_cert(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        return false;
+    }
+
+    return true;
+}
+
+///
+/// \brief QSimpleCrypto::QX509Store::addLookup
+/// \param store - OpenSSL X509_STORE.
+/// \param method - OpenSSL X509_LOOKUP_METHOD. Example: X509_LOOKUP_file.
+/// \return Returns 'true' on success and 'false', if error happened.
+///
+bool QSimpleCrypto::QX509Store::addLookup(X509_STORE* store, X509_LOOKUP_METHOD* method)
+{
+    if (!X509_STORE_add_lookup(store, method)) {
+        QSimpleCrypto::QX509Store::error.setError(1, "Couldn't add lookup to X509_STORE. X509_STORE_add_lookup(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        return false;
+    }
+
+    return true;
+}
+
+///
+/// \brief QSimpleCrypto::QX509Store::setCertificateDepth
+/// \param store - OpenSSL X509_STORE.
+/// \param depth - That is the maximum number of untrusted CA certificates that can appear in a chain. Example: 0.
+/// \return Returns 'true' on success and 'false', if error happened.
+///
+bool QSimpleCrypto::QX509Store::setDepth(X509_STORE* store, const int& depth)
+{
+    if (!X509_STORE_set_depth(store, depth)) {
+        QSimpleCrypto::QX509Store::error.setError(1, "Couldn't set depth for X509_STORE. X509_STORE_set_depth(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        return false;
+    }
+
+    return true;
+}
+
+///
+/// \brief QSimpleCrypto::QX509Store::setFlag
+/// \param store - OpenSSL X509_STORE.
+/// \param flag - The verification flags consists of zero or more of the following flags ored together. Example: X509_V_FLAG_CRL_CHECK.
+/// \return Returns 'true' on success and 'false', if error happened.
+///
+bool QSimpleCrypto::QX509Store::setFlag(X509_STORE* store, const unsigned long& flag)
+{
+    if (!X509_STORE_set_flags(store, flag)) {
+        QSimpleCrypto::QX509Store::error.setError(1, "Couldn't set flag for X509_STORE. X509_STORE_set_flags(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        return false;
+    }
+
+    return true;
+}
+
+///
+/// \brief QSimpleCrypto::QX509Store::setFlag
+/// \param store - OpenSSL X509_STORE.
+/// \param purpose - Verification purpose in param to purpose. Example: X509_PURPOSE_ANY.
+/// \return Returns 'true' on success and 'false', if error happened.
+///
+bool QSimpleCrypto::QX509Store::setPurpose(X509_STORE* store, const int& purpose)
+{
+    if (!X509_STORE_set_purpose(store, purpose)) {
+        QSimpleCrypto::QX509Store::error.setError(1, "Couldn't set purpose for X509_STORE. X509_STORE_set_purpose(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        return false;
+    }
+
+    return true;
+}
+
+///
+/// \brief QSimpleCrypto::QX509Store::setTrust
+/// \param store - OpenSSL X509_STORE.
+/// \param trust - Trust Level. Example: X509_TRUST_SSL_SERVER.
+/// \return Returns 'true' on success and 'false', if error happened.
+///
+bool QSimpleCrypto::QX509Store::setTrust(X509_STORE* store, const int& trust)
+{
+    if (!X509_STORE_set_trust(store, trust)) {
+        QSimpleCrypto::QX509Store::error.setError(1, "Couldn't set trust for X509_STORE. X509_STORE_set_trust(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        return false;
+    }
+
+    return true;
+}
+
+///
+/// \brief QSimpleCrypto::QX509Store::setDefaultPaths
+/// \param store - OpenSSL X509_STORE.
+/// \return Returns 'true' on success and 'false', if error happened.
+///
+bool QSimpleCrypto::QX509Store::setDefaultPaths(X509_STORE* store)
+{
+    if (!X509_STORE_set_default_paths(store)) {
+        QSimpleCrypto::QX509Store::error.setError(1, "Couldn't set default paths for X509_STORE. X509_STORE_set_default_paths(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        return false;
+    }
+
+    return true;
+}
+
+///
+/// \brief QSimpleCrypto::QX509Store::loadLocations
+/// \param store - OpenSSL X509_STORE.
+/// \param fileName - File name. Example: "caCertificate.pem".
+/// \param dirPath - Path to file. Example: "path/To/File".
+/// \return Returns 'true' on success and 'false', if error happened.
+///
+bool QSimpleCrypto::QX509Store::loadLocations(X509_STORE* store, const QByteArray& fileName, const QByteArray& dirPath)
+{
+    if (!X509_STORE_load_locations(store, fileName, dirPath)) {
+        QSimpleCrypto::QX509Store::error.setError(1, "Couldn't load locations for X509_STORE. X509_STORE_load_locations(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        return false;
+    }
+
+    return true;
+}
+
+///
+/// \brief QSimpleCrypto::QX509Store::loadLocations
+/// \param store - OpenSSL X509_STORE.
+/// \param file - Qt QFile that will be loaded.
+/// \return Returns 'true' on success and 'false', if error happened.
+///
+bool QSimpleCrypto::QX509Store::loadLocations(X509_STORE* store, const QFile& file)
+{
+    /* Initialize QFileInfo to read information about file */
+    QFileInfo info(file);
+
+    if (!X509_STORE_load_locations(store, info.fileName().toLocal8Bit(), info.absoluteDir().path().toLocal8Bit())) {
+        QSimpleCrypto::QX509Store::error.setError(1, "Couldn't load locations for X509_STORE. X509_STORE_load_locations(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        return false;
+    }
+
+    return true;
+}
+
+///
+/// \brief QSimpleCrypto::QX509Store::loadLocations
+/// \param store - OpenSSL X509_STORE.
+/// \param fileInfo - Qt QFileInfo.
+/// \return Returns 'true' on success and 'false', if error happened.
+///
+bool QSimpleCrypto::QX509Store::loadLocations(X509_STORE* store, const QFileInfo& fileInfo)
+{
+    if (!X509_STORE_load_locations(store, fileInfo.fileName().toLocal8Bit(), fileInfo.absoluteDir().path().toLocal8Bit())) {
+        QSimpleCrypto::QX509Store::error.setError(1, "Couldn't load locations for X509_STORE. X509_STORE_load_locations(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
+        return false;
+    }
+
+    return true;
+}

client/CMakeLists.txt

@@ -3,6 +3,7 @@ cmake_minimum_required(VERSION 3.25.0 FATAL_ERROR)
 set(PROJECT AmneziaVPN)
 project(${PROJECT})
 
+set(MACOX 1)
 
 set_property(GLOBAL PROPERTY USE_FOLDERS ON)
 set_property(GLOBAL PROPERTY AUTOGEN_TARGETS_FOLDER "Autogen")
@@ -24,38 +25,35 @@ execute_process(
 
 add_definitions(-DGIT_COMMIT_HASH="${GIT_COMMIT_HASH}")
 
-add_definitions(-DPROD_AGW_PUBLIC_KEY="$ENV{PROD_AGW_PUBLIC_KEY}")
-add_definitions(-DPROD_PROXY_STORAGE_KEY="$ENV{PROD_PROXY_STORAGE_KEY}")
-
-if(IOS)
+if(IOS OR MACOX)
     set(PACKAGES ${PACKAGES} Multimedia)
 endif()
 
-if(WIN32 OR (APPLE AND NOT IOS) OR (LINUX AND NOT ANDROID))
+if(WIN32 OR (MACOX AND NOT IOS) OR (LINUX AND NOT ANDROID))
     set(PACKAGES ${PACKAGES} Widgets)
 endif()
 
 find_package(Qt6 REQUIRED COMPONENTS ${PACKAGES})
 
-set(LIBS ${LIBS}
+set(LIBS ${LIBS} 
     Qt6::Core Qt6::Gui
     Qt6::Network Qt6::Xml Qt6::RemoteObjects
     Qt6::Quick Qt6::Svg Qt6::QuickControls2
     Qt6::Core5Compat Qt6::Concurrent
 )
 
-if(IOS)
+if(IOS OR MACOX)
     set(LIBS ${LIBS} Qt6::Multimedia)
 endif()
 
-if(WIN32 OR (APPLE AND NOT IOS) OR (LINUX AND NOT ANDROID))
+if(WIN32 OR (MACOX AND NOT IOS) OR (LINUX AND NOT ANDROID))
     set(LIBS ${LIBS} Qt6::Widgets)
 endif()
 
 qt_standard_project_setup()
 qt_add_executable(${PROJECT} MANUAL_FINALIZATION)
 
-if(WIN32 OR (APPLE AND NOT IOS) OR (LINUX AND NOT ANDROID))
+if(WIN32 OR (MACOX AND NOT IOS) OR (LINUX AND NOT ANDROID))
     qt_add_repc_replicas(${PROJECT} ${CMAKE_CURRENT_LIST_DIR}/../ipc/ipc_interface.rep)
     qt_add_repc_replicas(${PROJECT} ${CMAKE_CURRENT_LIST_DIR}/../ipc/ipc_process_interface.rep)
 endif()
@@ -64,7 +62,7 @@ qt6_add_resources(QRC ${QRC} ${CMAKE_CURRENT_LIST_DIR}/resources.qrc)
 
 # -- i18n begin
 set(CMAKE_AUTORCC ON)
-
+# module language
 set(AMNEZIAVPN_TS_FILES
     ${CMAKE_CURRENT_LIST_DIR}/translations/amneziavpn_ru_RU.ts
     ${CMAKE_CURRENT_LIST_DIR}/translations/amneziavpn_zh_CN.ts
@@ -92,10 +90,16 @@ qt6_add_resources(QRC ${I18NQRC} ${CMAKE_CURRENT_BINARY_DIR}/translations.qrc)
 # -- i18n end
 
 if(IOS)
+    message("Client >> Cmake build OpenVPN: iOS")
     execute_process(COMMAND bash ${CMAKE_CURRENT_LIST_DIR}/ios/scripts/openvpn.sh args
         WORKING_DIRECTORY ${CMAKE_CURRENT_LIST_DIR})
 endif()
 
+if(MACOX)
+    message("Client >> Cmake build OpenVPN: OSX build")
+    execute_process(COMMAND bash ${CMAKE_CURRENT_LIST_DIR}/macos/scripts/openvpn.sh args
+        WORKING_DIRECTORY ${CMAKE_CURRENT_LIST_DIR})
+
 set(IS_CI ${CI})
 if(IS_CI)
     message("Detected CI env")
@@ -105,7 +109,7 @@ if(IS_CI)
     endif()
 endif()
 
-
+message("Client >> Cmake build 3rdparty")
 include(${CMAKE_CURRENT_LIST_DIR}/cmake/3rdparty.cmake)
 
 include_directories(
@@ -139,7 +143,6 @@ set(HEADERS ${HEADERS}
     ${CMAKE_CURRENT_LIST_DIR}/core/networkUtilities.h
     ${CMAKE_CURRENT_LIST_DIR}/core/serialization/serialization.h
     ${CMAKE_CURRENT_LIST_DIR}/core/serialization/transfer.h
-    ${CMAKE_CURRENT_LIST_DIR}/core/enums/apiEnums.h
 )
 
 # Mozilla headres
@@ -155,7 +158,7 @@ include_directories(mozilla)
 include_directories(mozilla/shared)
 include_directories(mozilla/models)
 
-if(NOT IOS)
+if(NOT IOS OR NOT MACOX)
     set(HEADERS ${HEADERS}
         ${CMAKE_CURRENT_LIST_DIR}/platforms/ios/QRCodeReaderBase.h
     )
@@ -204,7 +207,7 @@ if(CMAKE_BUILD_TYPE STREQUAL "Debug")
     target_compile_definitions(${PROJECT} PRIVATE "MZ_DEBUG")
 endif()
 
-if(NOT IOS)
+if(NOT IOS OR NOT MACOX)
     set(SOURCES ${SOURCES}
         ${CMAKE_CURRENT_LIST_DIR}/platforms/ios/QRCodeReaderBase.cpp
     )
@@ -256,7 +259,7 @@ set(SOURCES ${SOURCES}
 
 if(WIN32)
     configure_file(
-        ${CMAKE_CURRENT_LIST_DIR}/platforms/windows/amneziavpn.rc.in
+        ${CMAKE_CURRENT_LIST_DIR}/platforms/windows/amneziavpn.rc.in 
         ${CMAKE_CURRENT_BINARY_DIR}/amneziavpn.rc
     )
 
@@ -284,7 +287,7 @@ if(WIN32)
     set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} /SUBSYSTEM:WINDOWS /ENTRY:mainCRTStartup")
 endif()
 
-if(APPLE)
+if(MACOX)
     cmake_policy(SET CMP0099 OLD)
     cmake_policy(SET CMP0114 NEW)
 
@@ -312,7 +315,8 @@ if(LINUX AND NOT ANDROID)
     link_directories(${CMAKE_CURRENT_LIST_DIR}/platforms/linux)
 endif()
 
-if(WIN32 OR (APPLE AND NOT IOS) OR (LINUX AND NOT ANDROID))
+# if(WIN32 OR (MACOX AND NOT IOS) OR (LINUX AND NOT ANDROID))
+if(WIN32 OR (LINUX AND NOT ANDROID))
     message("Client desktop build")
     add_compile_definitions(AMNEZIA_DESKTOP)
 
@@ -345,12 +349,15 @@ if(ANDROID)
     include(cmake/android.cmake)
 endif()
 
-if(IOS)
+if(IOS) # only for iOS or OSX
+    message("Client >> Cmake: iOS build")
     include(cmake/ios.cmake)
-    include(cmake/ios-arch-fixup.cmake)
-elseif(APPLE AND NOT IOS)
-    include(cmake/osxtools.cmake)
+    #include(cmake/ios-arch-fixup.cmake)
+elseif(MACOX AND NOT IOS) # all version
+    message("Client >> Cmake: OSX build")
     include(cmake/macos.cmake)
+    # include(cmake/osxtools.cmake)
+    # include(cmake/macos.cmake)
 endif()
 
 target_link_libraries(${PROJECT} PRIVATE ${LIBS})
@@ -365,11 +372,11 @@ if(WIN32)
     endif()
 elseif(LINUX)
     set(DEPLOY_PLATFORM_PATH "linux/client")
-elseif(APPLE AND NOT IOS)
-    set(DEPLOY_PLATFORM_PATH "macos")
+# elseif(MACOX AND NOT IOS)
+#     set(DEPLOY_PLATFORM_PATH "macos")
 endif()
 
-if(NOT IOS AND NOT ANDROID)
+if(NOT IOS AND NOT ANDROID AND NOT MACOX)
     add_custom_command(
         TARGET ${PROJECT} POST_BUILD
         COMMAND ${CMAKE_COMMAND} -E $<IF:$<CONFIG:Debug>,copy_directory,true>
@@ -388,4 +395,30 @@ if(NOT IOS AND NOT ANDROID)
 endif()
 
 target_sources(${PROJECT} PRIVATE ${SOURCES} ${HEADERS} ${RESOURCES} ${QRC} ${I18NQRC})
+# set(IOS 0)
+# Sao chép QtConcurrent.framework vào thư mục Frameworks
+add_custom_command(TARGET ${PROJECT} POST_BUILD
+    COMMAND ${CMAKE_COMMAND} -E make_directory
+    "$<TARGET_BUNDLE_DIR:AmneziaVPN>/Contents/Frameworks"
+    COMMAND ${CMAKE_COMMAND} -E copy_directory
+    "/Users/macbook/Qt/6.8.0/macos/lib/QtConcurrent.framework"
+    "$<TARGET_BUNDLE_DIR:AmneziaVPN>/Contents/Frameworks/QtConcurrent.framework"
+)
+
+# Triển khai ứng dụng với macdeployqt và ký mã (nếu cần)
+add_custom_command(TARGET ${PROJECT} POST_BUILD
+    COMMAND ${QT_BIN_DIR_DETECTED}/macdeployqt $<TARGET_BUNDLE_DIR:AmneziaVPN> -appstore-compliant -qmldir=${CMAKE_CURRENT_SOURCE_DIR}
+)
+
+# Nếu ở chế độ Release, ký mã gói ứng dụng
+if(CMAKE_BUILD_TYPE STREQUAL "Release")
+    SET(SIGN_CMD codesign --deep --force --sign 'MACOX Distribution: Privacy Technologies OU \(X7UJ388FXK\)' --timestamp --options runtime $<TARGET_BUNDLE_DIR:AmneziaVPN>)
+    message("Manual signing bundle...")
+    message(${SIGN_CMD})
+
+    add_custom_command(TARGET ${PROJECT} POST_BUILD
+        COMMAND ${SIGN_CMD}
+    )
+endif()
+
 qt_finalize_target(${PROJECT})

client/amnezia_application.cpp

@@ -3,13 +3,13 @@
 #include <QClipboard>
 #include <QFontDatabase>
 #include <QMimeData>
-#include <QQuickItem>
 #include <QQuickStyle>
 #include <QResource>
 #include <QStandardPaths>
 #include <QTextDocument>
 #include <QTimer>
 #include <QTranslator>
+#include <QQuickItem>
 
 #include "logger.h"
 #include "ui/models/installedAppsModel.h"
@@ -116,7 +116,7 @@ void AmneziaApplication::init()
     }
 
     connect(AndroidController::instance(), &AndroidController::importConfigFromOutside, [this](QString data) {
-        m_pageController->goToPageHome();
+        m_pageController->replaceStartPage();
         m_importController->extractConfigFromData(data);
         m_pageController->goToPageViewConfig();
     });
@@ -127,13 +127,13 @@ void AmneziaApplication::init()
 #ifdef Q_OS_IOS
     IosController::Instance()->initialize();
     connect(IosController::Instance(), &IosController::importConfigFromOutside, [this](QString data) {
-        m_pageController->goToPageHome();
+        m_pageController->replaceStartPage();
         m_importController->extractConfigFromData(data);
         m_pageController->goToPageViewConfig();
     });
 
     connect(IosController::Instance(), &IosController::importBackupFromOutside, [this](QString filePath) {
-        m_pageController->goToPageHome();
+        m_pageController->replaceStartPage();
         m_pageController->goToPageSettingsBackup();
         m_settingsController->importBackupFromOutside(filePath);
     });
@@ -157,19 +157,16 @@ void AmneziaApplication::init()
     connect(this, &AmneziaApplication::translationsUpdated, m_notificationHandler.get(), &NotificationHandler::onTranslationsUpdated);
 #endif
 
-    m_engine->addImportPath("qrc:/ui/qml/Modules/");
     m_engine->load(url);
     m_systemController->setQmlRoot(m_engine->rootObjects().value(0));
 
-    bool enabled = m_settings->isSaveLogs();
 #ifndef Q_OS_ANDROID
-    if (enabled) {
+    if (m_settings->isSaveLogs()) {
         if (!Logger::init()) {
             qWarning() << "Initialization of debug subsystem failed";
         }
     }
 #endif
-    Logger::setServiceLogsEnabled(enabled);
 
 #ifdef Q_OS_WIN
     if (m_parser.isSet("a"))
@@ -220,7 +217,7 @@ void AmneziaApplication::registerTypes()
     declareQmlProtocolEnum();
     declareQmlContainerEnum();
 
-    qmlRegisterType<QRCodeReader>("QRCodeReader", 1, 0, "QRCodeReader");
+   // qmlRegisterType<QRCodeReader>("QRCodeReader", 1, 0, "QRCodeReader");
 
     m_containerProps.reset(new ContainerProps());
     qmlRegisterSingletonInstance("ContainerProps", 1, 0, "ContainerProps", m_containerProps.get());
@@ -361,18 +358,6 @@ void AmneziaApplication::initModels()
     m_engine->rootContext()->setContextProperty("ClientManagementModel", m_clientManagementModel.get());
     connect(m_clientManagementModel.get(), &ClientManagementModel::adminConfigRevoked, m_serversModel.get(),
             &ServersModel::clearCachedProfile);
-
-    m_apiServicesModel.reset(new ApiServicesModel(this));
-    m_engine->rootContext()->setContextProperty("ApiServicesModel", m_apiServicesModel.get());
-
-    m_apiCountryModel.reset(new ApiCountryModel(this));
-    m_engine->rootContext()->setContextProperty("ApiCountryModel", m_apiCountryModel.get());
-    connect(m_serversModel.get(), &ServersModel::updateApiLanguageModel, this, [this]() {
-        m_apiCountryModel->updateModel(m_serversModel->getProcessedServerData("apiAvailableCountries").toJsonArray(),
-                                       m_serversModel->getProcessedServerData("apiServerCountryCode").toString());
-    });
-    connect(m_serversModel.get(), &ServersModel::updateApiServicesModel, this,
-            [this]() { m_apiServicesModel->updateModel(m_serversModel->getProcessedServerData("apiConfig").toJsonObject()); });
 }
 
 void AmneziaApplication::initControllers()
@@ -381,26 +366,25 @@ void AmneziaApplication::initControllers()
             new ConnectionController(m_serversModel, m_containersModel, m_clientManagementModel, m_vpnConnection, m_settings));
     m_engine->rootContext()->setContextProperty("ConnectionController", m_connectionController.get());
 
-    connect(m_connectionController.get(), qOverload<const QString &>(&ConnectionController::connectionErrorOccurred), this,
-            [this](const QString &errorMessage) {
-                emit m_pageController->showErrorMessage(errorMessage);
-                emit m_vpnConnection->connectionStateChanged(Vpn::ConnectionState::Disconnected);
-            });
+    connect(m_connectionController.get(), qOverload<const QString &>(&ConnectionController::connectionErrorOccurred), this, [this](const QString &errorMessage) {
+        emit m_pageController->showErrorMessage(errorMessage);
+        emit m_vpnConnection->connectionStateChanged(Vpn::ConnectionState::Disconnected);
+    });
 
-    connect(m_connectionController.get(), qOverload<ErrorCode>(&ConnectionController::connectionErrorOccurred), this,
-            [this](ErrorCode errorCode) {
-                emit m_pageController->showErrorMessage(errorCode);
-                emit m_vpnConnection->connectionStateChanged(Vpn::ConnectionState::Disconnected);
-            });
+    connect(m_connectionController.get(), qOverload<ErrorCode>(&ConnectionController::connectionErrorOccurred), this, [this](ErrorCode errorCode) {
+      emit m_pageController->showErrorMessage(errorCode);
+      emit m_vpnConnection->connectionStateChanged(Vpn::ConnectionState::Disconnected);
+    });
 
     connect(m_connectionController.get(), &ConnectionController::connectButtonClicked, m_connectionController.get(),
             &ConnectionController::toggleConnection, Qt::QueuedConnection);
 
+    connect(this, &AmneziaApplication::translationsUpdated, m_connectionController.get(), &ConnectionController::onTranslationsUpdated);
+
     m_pageController.reset(new PageController(m_serversModel, m_settings));
     m_engine->rootContext()->setContextProperty("PageController", m_pageController.get());
 
-    m_installController.reset(new InstallController(m_serversModel, m_containersModel, m_protocolsModel, m_clientManagementModel,
-                                                    m_apiServicesModel, m_settings));
+    m_installController.reset(new InstallController(m_serversModel, m_containersModel, m_protocolsModel, m_clientManagementModel, m_settings));
     m_engine->rootContext()->setContextProperty("InstallController", m_installController.get());
     connect(m_installController.get(), &InstallController::passphraseRequestStarted, m_pageController.get(),
             &PageController::showPassphraseRequestDrawer);
@@ -409,30 +393,6 @@ void AmneziaApplication::initControllers()
     connect(m_installController.get(), &InstallController::currentContainerUpdated, m_connectionController.get(),
             &ConnectionController::onCurrentContainerUpdated);
 
-    connect(m_installController.get(), &InstallController::updateServerFromApiFinished, this, [this]() {
-        disconnect(m_reloadConfigErrorOccurredConnection);
-        emit m_connectionController->configFromApiUpdated();
-    });
-
-    connect(m_connectionController.get(), &ConnectionController::updateApiConfigFromGateway, this, [this]() {
-        m_reloadConfigErrorOccurredConnection = connect(
-                m_installController.get(), qOverload<ErrorCode>(&InstallController::installationErrorOccurred), this,
-                [this]() { emit m_vpnConnection->connectionStateChanged(Vpn::ConnectionState::Disconnected); },
-                static_cast<Qt::ConnectionType>(Qt::AutoConnection || Qt::SingleShotConnection));
-        m_installController->updateServiceFromApi(m_serversModel->getDefaultServerIndex(), "", "");
-    });
-
-    connect(m_connectionController.get(), &ConnectionController::updateApiConfigFromTelegram, this, [this]() {
-        m_reloadConfigErrorOccurredConnection = connect(
-                m_installController.get(), qOverload<ErrorCode>(&InstallController::installationErrorOccurred), this,
-                [this]() { emit m_vpnConnection->connectionStateChanged(Vpn::ConnectionState::Disconnected); },
-                static_cast<Qt::ConnectionType>(Qt::AutoConnection || Qt::SingleShotConnection));
-        m_serversModel->removeApiConfig(m_serversModel->getDefaultServerIndex());
-        m_installController->updateServiceFromTelegram(m_serversModel->getDefaultServerIndex());
-    });
-
-    connect(this, &AmneziaApplication::translationsUpdated, m_connectionController.get(), &ConnectionController::onTranslationsUpdated);
-
     m_importController.reset(new ImportController(m_serversModel, m_containersModel, m_settings));
     m_engine->rootContext()->setContextProperty("ImportController", m_importController.get());
 

client/amnezia_application.h

@@ -1,6 +1,8 @@
 #ifndef AMNEZIA_APPLICATION_H
 #define AMNEZIA_APPLICATION_H
 
+#define Q_OS_IOS 1
+
 #include <QCommandLineParser>
 #include <QNetworkAccessManager>
 #include <QQmlApplicationEngine>
@@ -45,8 +47,6 @@
 #include "ui/models/sites_model.h"
 #include "ui/models/clientManagementModel.h"
 #include "ui/models/appSplitTunnelingModel.h"
-#include "ui/models/apiServicesModel.h"
-#include "ui/models/apiCountryModel.h"
 
 #define amnApp (static_cast<AmneziaApplication *>(QCoreApplication::instance()))
 
@@ -105,8 +105,6 @@ private:
     QSharedPointer<SitesModel> m_sitesModel;
     QSharedPointer<AppSplitTunnelingModel> m_appSplitTunnelingModel;
     QSharedPointer<ClientManagementModel> m_clientManagementModel;
-    QSharedPointer<ApiServicesModel> m_apiServicesModel;
-    QSharedPointer<ApiCountryModel> m_apiCountryModel;
 
     QScopedPointer<OpenVpnConfigModel> m_openVpnConfigModel;
     QScopedPointer<ShadowSocksConfigModel> m_shadowSocksConfigModel;
@@ -138,8 +136,6 @@ private:
     QScopedPointer<AppSplitTunnelingController> m_appSplitTunnelingController;
 
     QNetworkAccessManager *m_nam;
-
-    QMetaObject::Connection m_reloadConfigErrorOccurredConnection;
 };
 
 #endif // AMNEZIA_APPLICATION_H

client/android/AndroidManifest.xml

@@ -11,9 +11,6 @@
     <uses-feature android:name="android.hardware.camera" android:required="false" />
     <uses-feature android:name="android.hardware.camera.any" android:required="false" />
     <uses-feature android:name="android.hardware.camera.autofocus" android:required="false" />
-    <!-- for TV -->
-    <uses-feature android:name="android.software.leanback" android:required="false" />
-    <uses-feature android:name="android.hardware.touchscreen" android:required="false" />
 
     <!-- The following comment will be replaced upon deployment with default features based on the dependencies
     of the application. Remove the comment if you do not require these default features. -->
@@ -34,11 +31,9 @@
         android:label="-- %%INSERT_APP_NAME%% --"
         android:icon="@mipmap/icon"
         android:roundIcon="@mipmap/icon_round"
-        android:banner="@mipmap/ic_banner"
         android:theme="@style/NoActionBar"
         android:fullBackupContent="@xml/backup_content"
         android:dataExtractionRules="@xml/data_extraction_rules"
-        android:hasFragileUserData="false"
         tools:targetApi="s">
 
         <activity
@@ -52,7 +47,6 @@
             <intent-filter>
                 <action android:name="android.intent.action.MAIN" />
                 <category android:name="android.intent.category.LAUNCHER" />
-                <category android:name="android.intent.category.LEANBACK_LAUNCHER" />
             </intent-filter>
 
             <intent-filter>

client/android/res/mipmap-anydpi-v26/ic_banner.xml

@@ -1,5 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<adaptive-icon xmlns:android="http://schemas.android.com/apk/res/android">
-    <background android:drawable="@color/ic_banner_background"/>
-    <foreground android:drawable="@mipmap/ic_banner_foreground"/>
-</adaptive-icon>

client/android/res/values/ic_banner_background.xml

@@ -1,4 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<resources>
-    <color name="ic_banner_background">#1E1E1F</color>
-</resources>

client/android/src/org/amnezia/vpn/AmneziaActivity.kt

@@ -1,7 +1,6 @@
 package org.amnezia.vpn
 
 import android.Manifest
-import android.annotation.SuppressLint
 import android.app.AlertDialog
 import android.app.NotificationManager
 import android.content.BroadcastReceiver
@@ -231,10 +230,7 @@ class AmneziaActivity : QtActivity() {
     override fun onStop() {
         Log.d(TAG, "Stop Amnezia activity")
         doUnbindService()
-        mainScope.launch {
-            qtInitialized.await()
-            QtAndroidController.onServiceDisconnected()
-        }
+        QtAndroidController.onServiceDisconnected()
         super.onStop()
     }
 
@@ -388,8 +384,7 @@ class AmneziaActivity : QtActivity() {
         getVpnProto(vpnConfig)?.let { proto ->
             Log.d(TAG, "Proto from config: $proto, current proto: $vpnProto")
             if (isServiceConnected) {
-                if (proto.serviceClass == vpnProto?.serviceClass) {
-                    vpnProto = proto
+                if (proto == vpnProto) {
                     connectToVpn(vpnConfig)
                     return
                 }
@@ -546,7 +541,7 @@ class AmneziaActivity : QtActivity() {
                 }
             }.also {
                 startActivityForResult(it, OPEN_FILE_ACTION_CODE, ActivityResultHandler(
-                    onAny = {
+                    onSuccess = {
                         val uri = it?.data?.toString() ?: ""
                         Log.d(TAG, "Open file: $uri")
                         mainScope.launch {
@@ -560,12 +555,8 @@ class AmneziaActivity : QtActivity() {
     }
 
     @Suppress("unused")
-    @SuppressLint("UnsupportedChromeOsCameraSystemFeature")
     fun isCameraPresent(): Boolean = applicationContext.packageManager.hasSystemFeature(PackageManager.FEATURE_CAMERA)
 
-    @Suppress("unused")
-    fun isOnTv(): Boolean = applicationContext.packageManager.hasSystemFeature(PackageManager.FEATURE_LEANBACK)
-
     @Suppress("unused")
     fun startQrCodeReader() {
         Log.v(TAG, "Start camera")

client/android/src/org/amnezia/vpn/VpnProto.kt

@@ -49,15 +49,7 @@ enum class VpnProto(
         "org.amnezia.vpn:amneziaXrayService",
         XrayService::class.java
     ) {
-        override fun createProtocol(): Protocol = Xray.instance
-    },
-
-    SSXRAY(
-        "SSXRay",
-        "org.amnezia.vpn:amneziaXrayService",
-        XrayService::class.java
-    ) {
-        override fun createProtocol(): Protocol = Xray.instance
+        override fun createProtocol(): Protocol = Xray()
     };
 
     private var _protocol: Protocol? = null

client/android/utils/src/main/kotlin/net/NetworkState.kt

@@ -88,24 +88,16 @@ class NetworkState(
         if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.S) {
             connectivityManager.registerBestMatchingNetworkCallback(networkRequest, networkCallback, handler)
         } else if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.O) {
-            val numberAttempts = 3
-            var attemptCount = 0
-            while(true) {
-                try {
+            try {
+                connectivityManager.requestNetwork(networkRequest, networkCallback, handler)
+            } catch (e: SecurityException) {
+                Log.e(TAG, "Failed to bind network listener: $e")
+                // Android 11 bug: https://issuetracker.google.com/issues/175055271
+                if (e.message?.startsWith("Package android does not belong to") == true) {
+                    delay(1000)
                     connectivityManager.requestNetwork(networkRequest, networkCallback, handler)
-                    break
-                } catch (e: SecurityException) {
-                    Log.e(TAG, "Failed to bind network listener: $e")
-                    // Android 11 bug: https://issuetracker.google.com/issues/175055271
-                    if (e.message?.startsWith("Package android does not belong to") == true) {
-                        if (++attemptCount > numberAttempts) {
-                            throw e
-                        }
-                        delay(1000)
-                        continue
-                    } else {
-                        throw e
-                    }
+                } else {
+                    throw e
                 }
             }
         } else {

client/android/xray/src/main/kotlin/Xray.kt

@@ -5,7 +5,6 @@ import android.net.VpnService.Builder
 import java.io.File
 import java.io.IOException
 import go.Seq
-import org.amnezia.vpn.protocol.BadConfigException
 import org.amnezia.vpn.protocol.Protocol
 import org.amnezia.vpn.protocol.ProtocolState.CONNECTED
 import org.amnezia.vpn.protocol.ProtocolState.DISCONNECTED
@@ -115,14 +114,17 @@ class Xray : Protocol() {
             return
         }
 
-        val xrayJsonConfig = config.optJSONObject("xray_config_data")
-            ?: config.optJSONObject("ssxray_config_data")
-            ?: throw BadConfigException("config_data not found")
+        val xrayJsonConfig = config.getJSONObject("xray_config_data")
         val xrayConfig = parseConfig(config, xrayJsonConfig)
 
-        (xrayJsonConfig.optJSONObject("log") ?: JSONObject().also { xrayJsonConfig.put("log", it) })
-            .put("loglevel", "warning")
-            .put("access", "none") // disable access log
+        // for debug
+        // xrayJsonConfig.getJSONObject("log").put("loglevel", "debug")
+        xrayJsonConfig.getJSONObject("log").put("loglevel", "warning")
+        // disable access log
+        xrayJsonConfig.getJSONObject("log").put("access", "none")
+
+        // replace socks address
+        // (xrayJsonConfig.getJSONArray("inbounds")[0] as JSONObject).put("listen", "::1")
 
         start(xrayConfig, xrayJsonConfig.toString(), vpnBuilder, protect)
         state.value = CONNECTED
@@ -226,10 +228,6 @@ class Xray : Protocol() {
             throw VpnStartException("Failed to start tun2socks: $err")
         }
     }
-
-    companion object {
-        val instance: Xray by lazy { Xray() }
-    }
 }
 
 private fun String?.isNotNullOrBlank(block: (String) -> Unit) {

client/cmake/3rdparty.cmake

@@ -8,9 +8,9 @@ endif()
 
 add_subdirectory(${CLIENT_ROOT_DIR}/3rd/SortFilterProxyModel)
 set(LIBS ${LIBS} SortFilterProxyModel)
-include(${CLIENT_ROOT_DIR}/cmake/QSimpleCrypto.cmake)
 
 include(${CLIENT_ROOT_DIR}/3rd/qrcodegen/qrcodegen.cmake)
+include(${CLIENT_ROOT_DIR}/3rd/QSimpleCrypto/QSimpleCrypto.cmake)
 
 set(LIBSSH_ROOT_DIR "${CLIENT_ROOT_DIR}/3rd-prebuilt/3rd-prebuilt/libssh/")
 set(OPENSSL_ROOT_DIR "${CLIENT_ROOT_DIR}/3rd-prebuilt/3rd-prebuilt/openssl/")
@@ -38,12 +38,12 @@ elseif(APPLE AND NOT IOS)
     set(OPENSSL_LIB_SSL_PATH "${OPENSSL_ROOT_DIR}/macos/lib/libssl.a")
     set(OPENSSL_LIB_CRYPTO_PATH "${OPENSSL_ROOT_DIR}/macos/lib/libcrypto.a")
 elseif(IOS)
-    set(LIBSSH_INCLUDE_DIR "${LIBSSH_ROOT_DIR}/ios/arm64")
-    set(LIBSSH_LIB_PATH "${LIBSSH_ROOT_DIR}/ios/arm64/libssh.a")
-    set(ZLIB_LIB_PATH "${LIBSSH_ROOT_DIR}/ios/arm64/libz.a")
-    set(OPENSSL_INCLUDE_DIR "${OPENSSL_ROOT_DIR}/ios/iphone/include")
-    set(OPENSSL_LIB_SSL_PATH "${OPENSSL_ROOT_DIR}/ios/iphone/lib/libssl.a")
-    set(OPENSSL_LIB_CRYPTO_PATH "${OPENSSL_ROOT_DIR}/ios/iphone/lib/libcrypto.a")
+    set(LIBSSH_INCLUDE_DIR "${LIBSSH_ROOT_DIR}/macos/x86_64")
+    set(LIBSSH_LIB_PATH "${LIBSSH_ROOT_DIR}/macos/x86_64/libssh.a")
+    set(ZLIB_LIB_PATH "${LIBSSH_ROOT_DIR}/macos/x86_64/libz.a")
+    set(OPENSSL_INCLUDE_DIR "${OPENSSL_ROOT_DIR}/macos/include")
+    set(OPENSSL_LIB_SSL_PATH "${OPENSSL_ROOT_DIR}/macos/lib/libssl.a")
+    set(OPENSSL_LIB_CRYPTO_PATH "${OPENSSL_ROOT_DIR}/macos/lib/libcrypto.a")
 elseif(ANDROID)
     set(abi ${CMAKE_ANDROID_ARCH_ABI})
     set(LIBSSH_INCLUDE_DIR "${LIBSSH_ROOT_DIR}/android/${abi}")
@@ -83,12 +83,13 @@ set(BUILD_WITH_QT6 ON)
 add_subdirectory(${CLIENT_ROOT_DIR}/3rd/qtkeychain)
 set(LIBS ${LIBS} qt6keychain)
 
+
 include_directories(
     ${OPENSSL_INCLUDE_DIR}
     ${LIBSSH_INCLUDE_DIR}/include
     ${LIBSSH_ROOT_DIR}/include
     ${CLIENT_ROOT_DIR}/3rd/libssh/include
-    ${CLIENT_ROOT_DIR}/3rd/QSimpleCrypto/src/include
+    ${CLIENT_ROOT_DIR}/3rd/QSimpleCrypto/include
     ${CLIENT_ROOT_DIR}/3rd/qtkeychain/qtkeychain
     ${CMAKE_CURRENT_BINARY_DIR}/3rd/qtkeychain
     ${CMAKE_CURRENT_BINARY_DIR}/3rd/libssh/include

client/cmake/QSimpleCrypto.cmake

@@ -1,21 +0,0 @@
-set(CLIENT_ROOT_DIR ${CMAKE_CURRENT_LIST_DIR}/..)
-set(QSIMPLECRYPTO_DIR ${CLIENT_ROOT_DIR}/3rd/QSimpleCrypto/src)
-
-include_directories(${QSIMPLECRYPTO_DIR})
-
-set(HEADERS ${HEADERS}
-    ${QSIMPLECRYPTO_DIR}/include/QAead.h
-    ${QSIMPLECRYPTO_DIR}/include/QBlockCipher.h
-    ${QSIMPLECRYPTO_DIR}/include/QRsa.h
-    ${QSIMPLECRYPTO_DIR}/include/QSimpleCrypto_global.h
-    ${QSIMPLECRYPTO_DIR}/include/QX509.h
-    ${QSIMPLECRYPTO_DIR}/include/QX509Store.h
-)
-
-set(SOURCES ${SOURCES}
-    ${QSIMPLECRYPTO_DIR}/sources/QAead.cpp
-    ${QSIMPLECRYPTO_DIR}/sources/QBlockCipher.cpp
-    ${QSIMPLECRYPTO_DIR}/sources/QRsa.cpp
-    ${QSIMPLECRYPTO_DIR}/sources/QX509.cpp
-    ${QSIMPLECRYPTO_DIR}/sources/QX509Store.cpp
-)

client/cmake/apple.cmake

@@ -0,0 +1,197 @@
+message("Client ==> iOS build")
+
+# Đường dẫn tới thư mục chứa HevSocks5Tunnel.xcframework
+set(HEV_SOCKS5_TUNNEL_PATH "${CMAKE_CURRENT_SOURCE_DIR}/3rd-prebuilt/3rd-prebuilt/xray")
+
+# Đường dẫn tới thư viện .a
+set(HEV_SOCKS5_TUNNEL_LIB "${HEV_SOCKS5_TUNNEL_PATH}/ios/libhev-socks5-tunnel.a")
+
+# Đường dẫn tới tệp header
+set(HEV_SOCKS5_TUNNEL_INCLUDE_DIR "${HEV_SOCKS5_TUNNEL_PATH}/ios/Headers")
+
+# Thêm tệp header vào include directories
+target_include_directories(${PROJECT} PRIVATE ${HEV_SOCKS5_TUNNEL_INCLUDE_DIR})
+
+# Liên kết thư viện tĩnh vào mục tiêu (target) của bạn
+target_link_libraries(${PROJECT} PRIVATE ${HEV_SOCKS5_TUNNEL_LIB})
+
+set_target_properties(${PROJECT} PROPERTIES MACOSX_BUNDLE TRUE)
+set(CMAKE_OSX_ARCHITECTURES "x86_64" CACHE INTERNAL "" FORCE)
+set(CMAKE_OSX_DEPLOYMENT_TARGET 10.15)
+
+set(APPLE_PROJECT_VERSION ${CMAKE_PROJECT_VERSION_MAJOR}.${CMAKE_PROJECT_VERSION_MINOR}.${CMAKE_PROJECT_VERSION_PATCH})
+
+
+enable_language(OBJC)
+# enable_language(OBJCXX)
+enable_language(Swift)
+
+find_package(Qt6 REQUIRED COMPONENTS ShaderTools)
+set(LIBS ${LIBS} Qt6::ShaderTools)
+
+find_library(FW_AUTHENTICATIONSERVICES AuthenticationServices)
+#find_library(FW_UIKIT UIKit)
+find_library(FW_AVFOUNDATION AVFoundation)
+find_library(FW_FOUNDATION Foundation)
+find_library(FW_STOREKIT StoreKit)
+find_library(FW_USERNOTIFICATIONS UserNotifications)
+find_library(FW_NETWORKEXTENSION NetworkExtension)
+
+set(LIBS ${LIBS}
+    ${FW_AUTHENTICATIONSERVICES}
+#    ${FW_UIKIT}
+    ${FW_AVFOUNDATION}
+    ${FW_FOUNDATION}
+    ${FW_STOREKIT}
+    ${FW_USERNOTIFICATIONS}
+    ${FW_NETWORKEXTENSION}
+)
+
+
+set(HEADERS ${HEADERS}
+    ${CMAKE_CURRENT_SOURCE_DIR}/platforms/ios/ios_controller.h
+    ${CMAKE_CURRENT_SOURCE_DIR}/platforms/ios/ios_controller_wrapper.h
+    ${CMAKE_CURRENT_SOURCE_DIR}/platforms/ios/iosnotificationhandler.h
+    ${CMAKE_CURRENT_SOURCE_DIR}/platforms/ios/QtAppDelegate.h
+    ${CMAKE_CURRENT_SOURCE_DIR}/platforms/ios/QtAppDelegate-C-Interface.h
+)
+set_source_files_properties(${CMAKE_CURRENT_SOURCE_DIR}/platforms/ios/ios_controller.h PROPERTIES OBJECTIVE_CPP_HEADER TRUE)
+
+
+set(SOURCES ${SOURCES}
+    ${CMAKE_CURRENT_SOURCE_DIR}/platforms/ios/ios_controller.mm
+    ${CMAKE_CURRENT_SOURCE_DIR}/platforms/ios/ios_controller_wrapper.mm
+    ${CMAKE_CURRENT_SOURCE_DIR}/platforms/ios/iosnotificationhandler.mm
+    ${CMAKE_CURRENT_SOURCE_DIR}/platforms/ios/iosglue.mm
+    ${CMAKE_CURRENT_SOURCE_DIR}/platforms/ios/QRCodeReaderBase.mm
+    ${CMAKE_CURRENT_SOURCE_DIR}/platforms/ios/QtAppDelegate.mm
+)
+
+set(ICON_FILE ${CMAKE_CURRENT_SOURCE_DIR}/images/app.icns)
+set(MACOSX_BUNDLE_ICON_FILE app.icns)
+set_source_files_properties(${ICON_FILE} PROPERTIES MACOSX_PACKAGE_LOCATION Resources)
+set(SOURCES ${SOURCES} ${ICON_FILE})
+
+# set(HEADERS ${HEADERS}
+#     ${CMAKE_CURRENT_SOURCE_DIR}/ui/macos_util.h
+# )
+
+# set(SOURCES ${SOURCES}
+#     ${CMAKE_CURRENT_SOURCE_DIR}/ui/macos_util.mm
+# )
+
+
+target_include_directories(${PROJECT} PRIVATE ${Qt6Gui_PRIVATE_INCLUDE_DIRS})
+
+
+set_target_properties(${PROJECT} PROPERTIES
+    XCODE_LINK_BUILD_PHASE_MODE KNOWN_LOCATION
+    MACOSX_BUNDLE_INFO_PLIST ${CMAKE_CURRENT_SOURCE_DIR}/ios/app/Info.plist.in
+    #MACOSX_BUNDLE_ICON_FILE "AppIcon"
+    MACOSX_BUNDLE_INFO_STRING "AmneziaVPN"
+    MACOSX_BUNDLE_BUNDLE_NAME "AmneziaVPN"
+    MACOSX_BUNDLE_BUNDLE_VERSION "${CMAKE_PROJECT_VERSION_TWEAK}"
+    MACOSX_BUNDLE_LONG_VERSION_STRING "${APPLE_PROJECT_VERSION}-${CMAKE_PROJECT_VERSION_TWEAK}"
+    MACOSX_BUNDLE_SHORT_VERSION_STRING "${APPLE_PROJECT_VERSION}"
+    XCODE_ATTRIBUTE_PRODUCT_BUNDLE_IDENTIFIER "${BUILD_OSX_APP_IDENTIFIER}"
+    XCODE_ATTRIBUTE_CODE_SIGN_ENTITLEMENTS "${CMAKE_CURRENT_SOURCE_DIR}/ios/app/main.entitlements"
+    XCODE_ATTRIBUTE_MARKETING_VERSION "${APPLE_PROJECT_VERSION}"
+    XCODE_ATTRIBUTE_CURRENT_PROJECT_VERSION "${CMAKE_PROJECT_VERSION_TWEAK}"
+    XCODE_ATTRIBUTE_PRODUCT_NAME "AmneziaVPN"
+    XCODE_ATTRIBUTE_BUNDLE_INFO_STRING "AmneziaVPN"
+    XCODE_GENERATE_SCHEME TRUE
+    XCODE_ATTRIBUTE_ENABLE_BITCODE "NO"
+    #XCODE_ATTRIBUTE_ASSETCATALOG_COMPILER_APPICON_NAME "AppIcon"
+    XCODE_ATTRIBUTE_TARGETED_DEVICE_FAMILY "1,2"
+    XCODE_EMBED_FRAMEWORKS_CODE_SIGN_ON_COPY "NO"
+    XCODE_EMBED_FRAMEWORKS_REMOVE_HEADERS_ON_COPY "YES"
+
+    XCODE_LINK_BUILD_PHASE_MODE KNOWN_LOCATION
+    XCODE_ATTRIBUTE_LD_RUNPATH_SEARCH_PATHS "@executable_path/../Frameworks"
+    XCODE_EMBED_APP_EXTENSIONS networkextension
+
+    XCODE_ATTRIBUTE_CODE_SIGN_STYLE Automatic
+    #XCODE_ATTRIBUTE_CODE_SIGN_STYLE Manual
+
+    #XCODE_ATTRIBUTE_CODE_SIGN_IDENTITY "Apple Distribution: Privacy Technologies OU (X7UJ388FXK)"
+    #XCODE_ATTRIBUTE_CODE_SIGN_IDENTITY[variant=Debug] "Apple Development"
+
+
+    #XCODE_ATTRIBUTE_PROVISIONING_PROFILE_SPECIFIER "Mac AppStore AmneziaVPN"
+    #XCODE_ATTRIBUTE_PROVISIONING_PROFILE_SPECIFIER[variant=Debug] "Mac AppStore AmneziaVPN"
+
+)
+set_target_properties(${PROJECT} PROPERTIES
+    XCODE_ATTRIBUTE_SWIFT_VERSION "5.0"
+    XCODE_ATTRIBUTE_CLANG_ENABLE_MODULES "YES"
+    XCODE_ATTRIBUTE_SWIFT_PRECOMPILE_BRIDGING_HEADER "NO"
+    XCODE_ATTRIBUTE_SWIFT_OBJC_INTERFACE_HEADER_NAME "AmneziaVPN-Swift.h"
+    XCODE_ATTRIBUTE_SWIFT_OBJC_INTEROP_MODE "objcxx"
+)
+set_target_properties(${PROJECT} PROPERTIES
+    XCODE_ATTRIBUTE_DEVELOPMENT_TEAM "X7UJ388FXK"
+)
+target_include_directories(${PROJECT} PRIVATE ${CMAKE_CURRENT_LIST_DIR})
+target_compile_options(${PROJECT} PRIVATE
+    -DGROUP_ID=\"${BUILD_IOS_GROUP_IDENTIFIER}\"
+    -DVPN_NE_BUNDLEID=\"${BUILD_OSX_APP_IDENTIFIER}.network-extension\"
+)
+
+set(WG_APPLE_SOURCE_DIR ${CMAKE_CURRENT_SOURCE_DIR}/3rd/amneziawg-apple/Sources)
+
+target_sources(${PROJECT} PRIVATE
+#    ${CMAKE_CURRENT_SOURCE_DIR}/platforms/ios/iosvpnprotocol.swift
+    ${WG_APPLE_SOURCE_DIR}/WireGuardKitC/x25519.c
+    ${CLIENT_ROOT_DIR}/platforms/ios/LogController.swift
+    ${CLIENT_ROOT_DIR}/platforms/ios/Log.swift
+    ${CLIENT_ROOT_DIR}/platforms/ios/LogRecord.swift
+    ${CLIENT_ROOT_DIR}/platforms/ios/ScreenProtection.swift
+    ${CLIENT_ROOT_DIR}/platforms/ios/VPNCController.swift
+)
+
+target_sources(${PROJECT} PRIVATE
+    #${CMAKE_CURRENT_SOURCE_DIR}/ios/app/AmneziaVPNLaunchScreen.storyboard
+    ${CMAKE_CURRENT_SOURCE_DIR}/ios/app/Media.xcassets
+    ${CMAKE_CURRENT_SOURCE_DIR}/ios/app/PrivacyInfo.xcprivacy
+)
+
+set_property(TARGET ${PROJECT} APPEND PROPERTY RESOURCE
+    #${CMAKE_CURRENT_SOURCE_DIR}/ios/app/AmneziaVPNLaunchScreen.storyboard
+    ${CMAKE_CURRENT_SOURCE_DIR}/ios/app/Media.xcassets
+    ${CMAKE_CURRENT_SOURCE_DIR}/ios/app/PrivacyInfo.xcprivacy
+)
+
+message("Client ==> build networkextension")
+add_subdirectory(macos/networkextension)
+add_dependencies(${PROJECT} networkextension)
+
+set_property(TARGET ${PROJECT} PROPERTY XCODE_EMBED_FRAMEWORKS
+    "${CMAKE_CURRENT_SOURCE_DIR}/3rd/OpenVPNAdapter/build/Release-macos/OpenVPNAdapter.framework"
+)
+
+
+
+set(CMAKE_XCODE_ATTRIBUTE_FRAMEWORK_SEARCH_PATHS ${CMAKE_CURRENT_SOURCE_DIR}/3rd/OpenVPNAdapter/build/Release-macos)
+target_link_libraries("networkextension" PRIVATE "${CMAKE_CURRENT_SOURCE_DIR}/3rd/OpenVPNAdapter/build/Release-macos/OpenVPNAdapter.framework")
+
+get_target_property(QtCore_location Qt6::Core LOCATION)
+message("QtCore_location")
+message(${QtCore_location})
+
+get_filename_component(QT_BIN_DIR_DETECTED "${QtCore_location}/../../../../../bin" ABSOLUTE)
+
+
+# add_custom_command(TARGET ${PROJECT} POST_BUILD
+#     COMMAND ${QT_BIN_DIR_DETECTED}/macdeployqt $<TARGET_BUNDLE_DIR:AmneziaVPN> -appstore-compliant -qmldir=${CMAKE_CURRENT_SOURCE_DIR}
+# )
+
+# if(CMAKE_BUILD_TYPE STREQUAL "Release")
+#     SET(SIGN_CMD codesign --deep --force --sign 'Apple Distribution: Privacy Technologies OU \(X7UJ388FXK\)' --timestamp --options runtime $<TARGET_BUNDLE_DIR:AmneziaVPN>)
+#     message("Manual signing bundle...")
+#     message(${SIGN_CMD})
+
+
+#     add_custom_command(TARGET ${PROJECT} POST_BUILD
+#         COMMAND ${SIGN_CMD}
+#     )
+# endif()

client/cmake/ios-arch-fixup.cmake

@@ -37,7 +37,7 @@ while(IOS_TARGETS)
     ## I just want to say it's amazing this doesn't explode with syntax errors.
     message("Patching architectures for ${TARGET_NAME}")
     set_target_properties(${TARGET_NAME} PROPERTIES
-        XCODE_ATTRIBUTE_ARCHS[sdk=iphoneos*] "arm64"
+        XCODE_ATTRIBUTE_ARCHS[sdk=macosx*] "x86_64"
         XCODE_ATTRIBUTE_ARCHS[sdk=iphonesimulator*] "x86_64"
     )
 endwhile()

client/cmake/ios.cmake

@@ -1,17 +1,21 @@
-message("Client iOS build")
-set(CMAKE_OSX_DEPLOYMENT_TARGET 13.0)
+message("Client ==> iOS build")
+
+set_target_properties(${PROJECT} PROPERTIES MACOSX_BUNDLE TRUE)
+set(CMAKE_OSX_ARCHITECTURES "x86_64" CACHE INTERNAL "" FORCE)
+set(CMAKE_OSX_DEPLOYMENT_TARGET 10.15)
+
 set(APPLE_PROJECT_VERSION ${CMAKE_PROJECT_VERSION_MAJOR}.${CMAKE_PROJECT_VERSION_MINOR}.${CMAKE_PROJECT_VERSION_PATCH})
 
 
 enable_language(OBJC)
-enable_language(OBJCXX)
+# enable_language(OBJCXX)
 enable_language(Swift)
 
 find_package(Qt6 REQUIRED COMPONENTS ShaderTools)
 set(LIBS ${LIBS} Qt6::ShaderTools)
 
 find_library(FW_AUTHENTICATIONSERVICES AuthenticationServices)
-find_library(FW_UIKIT UIKit)
+#find_library(FW_UIKIT UIKit)
 find_library(FW_AVFOUNDATION AVFoundation)
 find_library(FW_FOUNDATION Foundation)
 find_library(FW_STOREKIT StoreKit)
@@ -20,7 +24,7 @@ find_library(FW_NETWORKEXTENSION NetworkExtension)
 
 set(LIBS ${LIBS}
     ${FW_AUTHENTICATIONSERVICES}
-    ${FW_UIKIT}
+#    ${FW_UIKIT}
     ${FW_AVFOUNDATION}
     ${FW_FOUNDATION}
     ${FW_STOREKIT}
@@ -48,6 +52,19 @@ set(SOURCES ${SOURCES}
     ${CMAKE_CURRENT_SOURCE_DIR}/platforms/ios/QtAppDelegate.mm
 )
 
+set(ICON_FILE ${CMAKE_CURRENT_SOURCE_DIR}/images/app.icns)
+set(MACOSX_BUNDLE_ICON_FILE app.icns)
+set_source_files_properties(${ICON_FILE} PROPERTIES MACOSX_PACKAGE_LOCATION Resources)
+set(SOURCES ${SOURCES} ${ICON_FILE})
+
+# set(HEADERS ${HEADERS}
+#     ${CMAKE_CURRENT_SOURCE_DIR}/ui/macos_util.h
+# )
+
+# set(SOURCES ${SOURCES}
+#     ${CMAKE_CURRENT_SOURCE_DIR}/ui/macos_util.mm
+# )
+
 
 target_include_directories(${PROJECT} PRIVATE ${Qt6Gui_PRIVATE_INCLUDE_DIRS})
 
@@ -55,10 +72,9 @@ target_include_directories(${PROJECT} PRIVATE ${Qt6Gui_PRIVATE_INCLUDE_DIRS})
 set_target_properties(${PROJECT} PROPERTIES
     XCODE_LINK_BUILD_PHASE_MODE KNOWN_LOCATION
     MACOSX_BUNDLE_INFO_PLIST ${CMAKE_CURRENT_SOURCE_DIR}/ios/app/Info.plist.in
-    MACOSX_BUNDLE_ICON_FILE "AppIcon"
+    #MACOSX_BUNDLE_ICON_FILE "AppIcon"
     MACOSX_BUNDLE_INFO_STRING "AmneziaVPN"
     MACOSX_BUNDLE_BUNDLE_NAME "AmneziaVPN"
-    MACOSX_BUNDLE_GUI_IDENTIFIER "${BUILD_IOS_APP_IDENTIFIER}"
     MACOSX_BUNDLE_BUNDLE_VERSION "${CMAKE_PROJECT_VERSION_TWEAK}"
     MACOSX_BUNDLE_LONG_VERSION_STRING "${APPLE_PROJECT_VERSION}-${CMAKE_PROJECT_VERSION_TWEAK}"
     MACOSX_BUNDLE_SHORT_VERSION_STRING "${APPLE_PROJECT_VERSION}"
@@ -70,17 +86,25 @@ set_target_properties(${PROJECT} PROPERTIES
     XCODE_ATTRIBUTE_BUNDLE_INFO_STRING "AmneziaVPN"
     XCODE_GENERATE_SCHEME TRUE
     XCODE_ATTRIBUTE_ENABLE_BITCODE "NO"
-    XCODE_ATTRIBUTE_ASSETCATALOG_COMPILER_APPICON_NAME "AppIcon"
+    #XCODE_ATTRIBUTE_ASSETCATALOG_COMPILER_APPICON_NAME "AppIcon"
     XCODE_ATTRIBUTE_TARGETED_DEVICE_FAMILY "1,2"
-    XCODE_EMBED_FRAMEWORKS_CODE_SIGN_ON_COPY ON
+    XCODE_EMBED_FRAMEWORKS_CODE_SIGN_ON_COPY "NO"
+    XCODE_EMBED_FRAMEWORKS_REMOVE_HEADERS_ON_COPY "YES"
+
     XCODE_LINK_BUILD_PHASE_MODE KNOWN_LOCATION
-    XCODE_ATTRIBUTE_LD_RUNPATH_SEARCH_PATHS "@executable_path/Frameworks"
+    XCODE_ATTRIBUTE_LD_RUNPATH_SEARCH_PATHS "@executable_path/../Frameworks"
     XCODE_EMBED_APP_EXTENSIONS networkextension
-    XCODE_ATTRIBUTE_CODE_SIGN_IDENTITY "Apple Distribution"
-    XCODE_ATTRIBUTE_CODE_SIGN_IDENTITY[variant=Debug] "Apple Development"
-    XCODE_ATTRIBUTE_CODE_SIGN_STYLE Manual
-    XCODE_ATTRIBUTE_PROVISIONING_PROFILE_SPECIFIER "match AppStore org.amnezia.AmneziaVPN"
-    XCODE_ATTRIBUTE_PROVISIONING_PROFILE_SPECIFIER[variant=Debug] "match Development org.amnezia.AmneziaVPN"
+
+    XCODE_ATTRIBUTE_CODE_SIGN_STYLE Automatic
+    #XCODE_ATTRIBUTE_CODE_SIGN_STYLE Manual
+
+    #XCODE_ATTRIBUTE_CODE_SIGN_IDENTITY "Apple Distribution: Privacy Technologies OU (X7UJ388FXK)"
+    #XCODE_ATTRIBUTE_CODE_SIGN_IDENTITY[variant=Debug] "Apple Development"
+
+
+    #XCODE_ATTRIBUTE_PROVISIONING_PROFILE_SPECIFIER "Mac AppStore AmneziaVPN"
+    #XCODE_ATTRIBUTE_PROVISIONING_PROFILE_SPECIFIER[variant=Debug] "Mac AppStore AmneziaVPN"
+
 )
 set_target_properties(${PROJECT} PROPERTIES
     XCODE_ATTRIBUTE_SWIFT_VERSION "5.0"
@@ -111,13 +135,13 @@ target_sources(${PROJECT} PRIVATE
 )
 
 target_sources(${PROJECT} PRIVATE
-    ${CMAKE_CURRENT_SOURCE_DIR}/ios/app/AmneziaVPNLaunchScreen.storyboard
+    #${CMAKE_CURRENT_SOURCE_DIR}/ios/app/AmneziaVPNLaunchScreen.storyboard
     ${CMAKE_CURRENT_SOURCE_DIR}/ios/app/Media.xcassets
     ${CMAKE_CURRENT_SOURCE_DIR}/ios/app/PrivacyInfo.xcprivacy
 )
 
 set_property(TARGET ${PROJECT} APPEND PROPERTY RESOURCE
-    ${CMAKE_CURRENT_SOURCE_DIR}/ios/app/AmneziaVPNLaunchScreen.storyboard
+    #${CMAKE_CURRENT_SOURCE_DIR}/ios/app/AmneziaVPNLaunchScreen.storyboard
     ${CMAKE_CURRENT_SOURCE_DIR}/ios/app/Media.xcassets
     ${CMAKE_CURRENT_SOURCE_DIR}/ios/app/PrivacyInfo.xcprivacy
 )
@@ -129,6 +153,29 @@ set_property(TARGET ${PROJECT} PROPERTY XCODE_EMBED_FRAMEWORKS
     "${CMAKE_CURRENT_SOURCE_DIR}/3rd/OpenVPNAdapter/build/Release-iphoneos/OpenVPNAdapter.framework"
 )
 
+
+
 set(CMAKE_XCODE_ATTRIBUTE_FRAMEWORK_SEARCH_PATHS ${CMAKE_CURRENT_SOURCE_DIR}/3rd/OpenVPNAdapter/build/Release-iphoneos)
 target_link_libraries("networkextension" PRIVATE "${CMAKE_CURRENT_SOURCE_DIR}/3rd/OpenVPNAdapter/build/Release-iphoneos/OpenVPNAdapter.framework")
 
+get_target_property(QtCore_location Qt6::Core LOCATION)
+message("QtCore_location")
+message(${QtCore_location})
+
+get_filename_component(QT_BIN_DIR_DETECTED "${QtCore_location}/../../../../../bin" ABSOLUTE)
+
+
+# add_custom_command(TARGET ${PROJECT} POST_BUILD
+#     COMMAND ${QT_BIN_DIR_DETECTED}/macdeployqt $<TARGET_BUNDLE_DIR:AmneziaVPN> -appstore-compliant -qmldir=${CMAKE_CURRENT_SOURCE_DIR}
+# )
+
+# if(CMAKE_BUILD_TYPE STREQUAL "Release")
+#     SET(SIGN_CMD codesign --deep --force --sign 'Apple Distribution: Privacy Technologies OU \(X7UJ388FXK\)' --timestamp --options runtime $<TARGET_BUNDLE_DIR:AmneziaVPN>)
+#     message("Manual signing bundle...")
+#     message(${SIGN_CMD})
+
+
+#     add_custom_command(TARGET ${PROJECT} POST_BUILD
+#         COMMAND ${SIGN_CMD}
+#     )
+# endif()

client/cmake/macos.cmake

@@ -1,34 +1,55 @@
-message("MAC build")
-
-find_library(FW_SYSTEMCONFIG SystemConfiguration)
-find_library(FW_SERVICEMGMT ServiceManagement)
-find_library(FW_SECURITY Security)
-find_library(FW_COREWLAN CoreWLAN)
-find_library(FW_NETWORK Network)
-find_library(FW_USER_NOTIFICATIONS UserNotifications)
-find_library(FW_NETWORK_EXTENSION NetworkExtension)
-
-set(LIBS ${LIBS}
-    ${FW_SYSTEMCONFIG}
-    ${FW_SERVICEMGMT}
-    ${FW_SECURITY}
-    ${FW_COREWLAN}
-    ${FW_NETWORK}
-    ${FW_USERNOTIFICATIONS}
-    ${FW_NETWORK_EXTENSION}
-)
+message("Client ==> iOS build")
 
 set_target_properties(${PROJECT} PROPERTIES MACOSX_BUNDLE TRUE)
 set(CMAKE_OSX_ARCHITECTURES "x86_64" CACHE INTERNAL "" FORCE)
 set(CMAKE_OSX_DEPLOYMENT_TARGET 10.15)
 
+set(APPLE_PROJECT_VERSION ${CMAKE_PROJECT_VERSION_MAJOR}.${CMAKE_PROJECT_VERSION_MINOR}.${CMAKE_PROJECT_VERSION_PATCH})
 
-set(HEADERS ${HEADERS}
-    ${CMAKE_CURRENT_SOURCE_DIR}/ui/macos_util.h
+
+enable_language(OBJC)
+# enable_language(OBJCXX)
+enable_language(Swift)
+
+find_package(Qt6 REQUIRED COMPONENTS ShaderTools)
+set(LIBS ${LIBS} Qt6::ShaderTools)
+
+find_library(FW_AUTHENTICATIONSERVICES AuthenticationServices)
+#find_library(FW_UIKIT UIKit)
+find_library(FW_AVFOUNDATION AVFoundation)
+find_library(FW_FOUNDATION Foundation)
+find_library(FW_STOREKIT StoreKit)
+find_library(FW_USERNOTIFICATIONS UserNotifications)
+find_library(FW_NETWORKEXTENSION NetworkExtension)
+
+set(LIBS ${LIBS}
+    ${FW_AUTHENTICATIONSERVICES}
+#    ${FW_UIKIT}
+    ${FW_AVFOUNDATION}
+    ${FW_FOUNDATION}
+    ${FW_STOREKIT}
+    ${FW_USERNOTIFICATIONS}
+    ${FW_NETWORKEXTENSION}
 )
 
+
+set(HEADERS ${HEADERS}
+    ${CMAKE_CURRENT_SOURCE_DIR}/platforms/macos/ios_controller.h
+    ${CMAKE_CURRENT_SOURCE_DIR}/platforms/macos/ios_controller_wrapper.h
+    ${CMAKE_CURRENT_SOURCE_DIR}/platforms/macos/iosnotificationhandler.h
+    ${CMAKE_CURRENT_SOURCE_DIR}/platforms/macos/QtAppDelegate.h
+    ${CMAKE_CURRENT_SOURCE_DIR}/platforms/macos/QtAppDelegate-C-Interface.h
+)
+set_source_files_properties(${CMAKE_CURRENT_SOURCE_DIR}/platforms/ios/ios_controller.h PROPERTIES OBJECTIVE_CPP_HEADER TRUE)
+
+
 set(SOURCES ${SOURCES}
-    ${CMAKE_CURRENT_SOURCE_DIR}/ui/macos_util.mm
+    ${CMAKE_CURRENT_SOURCE_DIR}/platforms/macos/ios_controller.mm
+    ${CMAKE_CURRENT_SOURCE_DIR}/platforms/macos/ios_controller_wrapper.mm
+    ${CMAKE_CURRENT_SOURCE_DIR}/platforms/macos/iosnotificationhandler.mm
+    ${CMAKE_CURRENT_SOURCE_DIR}/platforms/macos/iosglue.mm
+    ${CMAKE_CURRENT_SOURCE_DIR}/platforms/macos/QRCodeReaderBase.mm
+    ${CMAKE_CURRENT_SOURCE_DIR}/platforms/macos/QtAppDelegate.mm
 )
 
 set(ICON_FILE ${CMAKE_CURRENT_SOURCE_DIR}/images/app.icns)
@@ -36,17 +57,125 @@ set(MACOSX_BUNDLE_ICON_FILE app.icns)
 set_source_files_properties(${ICON_FILE} PROPERTIES MACOSX_PACKAGE_LOCATION Resources)
 set(SOURCES ${SOURCES} ${ICON_FILE})
 
+# set(HEADERS ${HEADERS}
+#     ${CMAKE_CURRENT_SOURCE_DIR}/ui/macos_util.h
+# )
+
+# set(SOURCES ${SOURCES}
+#     ${CMAKE_CURRENT_SOURCE_DIR}/ui/macos_util.mm
+# )
+
+
+target_include_directories(${PROJECT} PRIVATE ${Qt6Gui_PRIVATE_INCLUDE_DIRS})
+
+
+set_target_properties(${PROJECT} PROPERTIES
+    XCODE_LINK_BUILD_PHASE_MODE KNOWN_LOCATION
+    MACOSX_BUNDLE_INFO_PLIST ${CMAKE_CURRENT_SOURCE_DIR}/macos/app/Info.plist.in
+    #MACOSX_BUNDLE_ICON_FILE "AppIcon"
+    MACOSX_BUNDLE_INFO_STRING "AmneziaVPN"
+    MACOSX_BUNDLE_BUNDLE_NAME "AmneziaVPN"
+    MACOSX_BUNDLE_BUNDLE_VERSION "${CMAKE_PROJECT_VERSION_TWEAK}"
+    MACOSX_BUNDLE_LONG_VERSION_STRING "${APPLE_PROJECT_VERSION}-${CMAKE_PROJECT_VERSION_TWEAK}"
+    MACOSX_BUNDLE_SHORT_VERSION_STRING "${APPLE_PROJECT_VERSION}"
+    XCODE_ATTRIBUTE_PRODUCT_BUNDLE_IDENTIFIER "${BUILD_OSX_APP_IDENTIFIER}"
+    XCODE_ATTRIBUTE_CODE_SIGN_ENTITLEMENTS "${CMAKE_CURRENT_SOURCE_DIR}/macos/app/main.entitlements"
+    XCODE_ATTRIBUTE_MARKETING_VERSION "${APPLE_PROJECT_VERSION}"
+    XCODE_ATTRIBUTE_CURRENT_PROJECT_VERSION "${CMAKE_PROJECT_VERSION_TWEAK}"
+    XCODE_ATTRIBUTE_PRODUCT_NAME "AmneziaVPN"
+    XCODE_ATTRIBUTE_BUNDLE_INFO_STRING "AmneziaVPN"
+    XCODE_GENERATE_SCHEME TRUE
+    XCODE_ATTRIBUTE_ENABLE_BITCODE "NO"
+    #XCODE_ATTRIBUTE_ASSETCATALOG_COMPILER_APPICON_NAME "AppIcon"
+    XCODE_ATTRIBUTE_TARGETED_DEVICE_FAMILY "1,2"
+    XCODE_EMBED_FRAMEWORKS_CODE_SIGN_ON_COPY "NO"
+    XCODE_EMBED_FRAMEWORKS_REMOVE_HEADERS_ON_COPY "YES"
+
+    XCODE_LINK_BUILD_PHASE_MODE KNOWN_LOCATION
+    XCODE_ATTRIBUTE_LD_RUNPATH_SEARCH_PATHS "@executable_path/../Frameworks"
+    XCODE_EMBED_APP_EXTENSIONS networkextension
+
+    XCODE_ATTRIBUTE_CODE_SIGN_STYLE Automatic
+    #XCODE_ATTRIBUTE_CODE_SIGN_STYLE Manual
+
+    #XCODE_ATTRIBUTE_CODE_SIGN_IDENTITY "Apple Distribution: Privacy Technologies OU (X7UJ388FXK)"
+    #XCODE_ATTRIBUTE_CODE_SIGN_IDENTITY[variant=Debug] "Apple Development"
+
+
+    #XCODE_ATTRIBUTE_PROVISIONING_PROFILE_SPECIFIER "Mac AppStore AmneziaVPN"
+    #XCODE_ATTRIBUTE_PROVISIONING_PROFILE_SPECIFIER[variant=Debug] "Mac AppStore AmneziaVPN"
+
+)
+set_target_properties(${PROJECT} PROPERTIES
+    XCODE_ATTRIBUTE_SWIFT_VERSION "5.0"
+    XCODE_ATTRIBUTE_CLANG_ENABLE_MODULES "YES"
+    XCODE_ATTRIBUTE_SWIFT_PRECOMPILE_BRIDGING_HEADER "NO"
+    XCODE_ATTRIBUTE_SWIFT_OBJC_INTERFACE_HEADER_NAME "AmneziaVPN-Swift.h"
+    XCODE_ATTRIBUTE_SWIFT_OBJC_INTEROP_MODE "objcxx"
+)
+set_target_properties(${PROJECT} PROPERTIES
+    XCODE_ATTRIBUTE_DEVELOPMENT_TEAM "X7UJ388FXK"
+)
+target_include_directories(${PROJECT} PRIVATE ${CMAKE_CURRENT_LIST_DIR})
 target_compile_options(${PROJECT} PRIVATE
     -DGROUP_ID=\"${BUILD_IOS_GROUP_IDENTIFIER}\"
     -DVPN_NE_BUNDLEID=\"${BUILD_IOS_APP_IDENTIFIER}.network-extension\"
 )
 
-# Get SDK path
-execute_process(
-    COMMAND sh -c "xcrun --sdk macosx --show-sdk-path"
-    OUTPUT_VARIABLE OSX_SDK_PATH
-    OUTPUT_STRIP_TRAILING_WHITESPACE
+set(WG_APPLE_SOURCE_DIR ${CMAKE_CURRENT_SOURCE_DIR}/3rd/amneziawg-apple/Sources)
+
+target_sources(${PROJECT} PRIVATE
+#    ${CMAKE_CURRENT_SOURCE_DIR}/platforms/ios/iosvpnprotocol.swift
+    ${WG_APPLE_SOURCE_DIR}/WireGuardKitC/x25519.c
+    ${CLIENT_ROOT_DIR}/platforms/macos/LogController.swift
+    ${CLIENT_ROOT_DIR}/platforms/macos/Log.swift
+    ${CLIENT_ROOT_DIR}/platforms/macos/LogRecord.swift
+    ${CLIENT_ROOT_DIR}/platforms/macos/ScreenProtection.swift
+    ${CLIENT_ROOT_DIR}/platforms/macos/VPNCController.swift
 )
-message("OSX_SDK_PATH is: ${OSX_SDK_PATH}")
+
+target_sources(${PROJECT} PRIVATE
+    # ${CMAKE_CURRENT_SOURCE_DIR}/macos/app/AmneziaVPNLaunchScreen.storyboard
+    ${CMAKE_CURRENT_SOURCE_DIR}/macos/app/Media.xcassets
+    ${CMAKE_CURRENT_SOURCE_DIR}/macos/app/PrivacyInfo.xcprivacy
+)
+
+set_property(TARGET ${PROJECT} APPEND PROPERTY RESOURCE
+    # ${CMAKE_CURRENT_SOURCE_DIR}/macos/app/AmneziaVPNLaunchScreen.storyboard
+    ${CMAKE_CURRENT_SOURCE_DIR}/macos/app/Media.xcassets
+    ${CMAKE_CURRENT_SOURCE_DIR}/macos/app/PrivacyInfo.xcprivacy
+)
+
+add_subdirectory(macos/networkextension)
+add_dependencies(${PROJECT} networkextension)
+
+# set_property(TARGET ${PROJECT} PROPERTY XCODE_EMBED_FRAMEWORKS
+#     "${CMAKE_CURRENT_SOURCE_DIR}/3rd/OpenVPNAdapter/build/Release-macos/OpenVPNAdapter.framework"
+# )
 
 
+
+# set(CMAKE_XCODE_ATTRIBUTE_FRAMEWORK_SEARCH_PATHS ${CMAKE_CURRENT_SOURCE_DIR}/3rd/OpenVPNAdapter/build/Release-macos)
+# target_link_libraries("networkextension" PRIVATE "${CMAKE_CURRENT_SOURCE_DIR}/3rd/OpenVPNAdapter/build/Release-macos/OpenVPNAdapter.framework")
+
+get_target_property(QtCore_location Qt6::Core LOCATION)
+message("QtCore_location")
+message(${QtCore_location})
+
+get_filename_component(QT_BIN_DIR_DETECTED "${QtCore_location}/../../../../../bin" ABSOLUTE)
+
+
+# add_custom_command(TARGET ${PROJECT} POST_BUILD
+#     COMMAND ${QT_BIN_DIR_DETECTED}/macdeployqt $<TARGET_BUNDLE_DIR:AmneziaVPN> -appstore-compliant -qmldir=${CMAKE_CURRENT_SOURCE_DIR}
+# )
+
+# if(CMAKE_BUILD_TYPE STREQUAL "Release")
+#     SET(SIGN_CMD codesign --deep --force --sign 'Apple Distribution: Privacy Technologies OU \(X7UJ388FXK\)' --timestamp --options runtime $<TARGET_BUNDLE_DIR:AmneziaVPN>)
+#     message("Manual signing bundle...")
+#     message(${SIGN_CMD})
+
+
+#     add_custom_command(TARGET ${PROJECT} POST_BUILD
+#         COMMAND ${SIGN_CMD}
+#     )
+# endif()

client/configurators/openvpn_configurator.cpp

@@ -1,5 +1,7 @@
 #include "openvpn_configurator.h"
 
+#define Q_OS_IOS 1
+
 #include <QDebug>
 #include <QJsonDocument>
 #include <QJsonObject>
@@ -119,21 +121,18 @@ QString OpenVpnConfigurator::processConfigWithLocalSettings(const QPair<QString,
         
         if (!m_settings->isSitesSplitTunnelingEnabled()) {
             config.append("\nredirect-gateway def1 ipv6 bypass-dhcp\n");
-
-#if !defined(Q_OS_ANDROID) && !defined(Q_OS_IOS)
             // Prevent ipv6 leak
             config.append("ifconfig-ipv6 fd15:53b6:dead::2/64  fd15:53b6:dead::1\n");
-#endif
             config.append("block-ipv6\n");
         } else if (m_settings->routeMode() == Settings::VpnOnlyForwardSites) {
 
             // no redirect-gateway
         } else if (m_settings->routeMode() == Settings::VpnAllExceptSites) {
-#if !defined(Q_OS_ANDROID) && !defined(Q_OS_IOS)
+#ifndef Q_OS_ANDROID
             config.append("\nredirect-gateway ipv6 !ipv4 bypass-dhcp\n");
+#endif
             // Prevent ipv6 leak
             config.append("ifconfig-ipv6 fd15:53b6:dead::2/64  fd15:53b6:dead::1\n");
-#endif
             config.append("block-ipv6\n");
         }
     }

client/configurators/ssh_configurator.cpp

@@ -1,5 +1,7 @@
 #include "ssh_configurator.h"
 
+#define Q_OS_IOS 1
+
 #include <QDebug>
 #include <QObject>
 #include <QProcess>
@@ -101,8 +103,8 @@ QProcessEnvironment SshConfigurator::prepareEnv()
     pathEnvVar.clear();
     pathEnvVar.prepend(QDir::toNativeSeparators(QApplication::applicationDirPath()) + "\\cygwin;");
     pathEnvVar.prepend(QDir::toNativeSeparators(QApplication::applicationDirPath()) + "\\openvpn;");
-#elif defined(Q_OS_MACX)
-    pathEnvVar.prepend(QDir::toNativeSeparators(QApplication::applicationDirPath()) + "/Contents/MacOS");
+//#elif defined(Q_OS_MACX)
+//    pathEnvVar.prepend(QDir::toNativeSeparators(QApplication::applicationDirPath()) + "/Contents/MacOS");
 #endif
 
     env.insert("PATH", pathEnvVar);

client/containers/containers_defs.cpp

@@ -90,13 +90,13 @@ QMap<DockerContainer, QString> ContainerProps::containerHumanNames()
 {
     return { { DockerContainer::None, "Not installed" },
              { DockerContainer::OpenVpn, "OpenVPN" },
-             { DockerContainer::ShadowSocks, "OpenVPN over SS" },
+             { DockerContainer::ShadowSocks, "ShadowSocks" },
              { DockerContainer::Cloak, "OpenVPN over Cloak" },
              { DockerContainer::WireGuard, "WireGuard" },
              { DockerContainer::Awg, "AmneziaWG" },
              { DockerContainer::Xray, "XRay" },
              { DockerContainer::Ipsec, QObject::tr("IPsec") },
-             { DockerContainer::SSXray, "Shadowsocks"},
+             { DockerContainer::SSXray, "ShadowSocks"},
 
              { DockerContainer::TorWebSite, QObject::tr("Website in Tor network") },
              { DockerContainer::Dns, QObject::tr("AmneziaDNS") },
@@ -286,8 +286,8 @@ bool ContainerProps::isSupportedByCurrentPlatform(DockerContainer c)
     case DockerContainer::OpenVpn: return true;
     case DockerContainer::Awg: return true;
     case DockerContainer::Xray: return true;
-    case DockerContainer::Cloak: return true;
-    case DockerContainer::SSXray: return true;
+    case DockerContainer::Cloak:
+        return true;
         //    case DockerContainer::ShadowSocks: return true;
     default: return false;
     }
@@ -306,7 +306,6 @@ bool ContainerProps::isSupportedByCurrentPlatform(DockerContainer c)
     case DockerContainer::Awg: return true;
     case DockerContainer::Cloak: return true;
     case DockerContainer::Xray: return true;
-    case DockerContainer::SSXray: return true;
     default: return false;
     }
 

client/core/controllers/apiController.cpp

@@ -1,3 +1,5 @@
+#define Q_OS_IOS 1
+
 #include "apiController.h"
 
 #include <QEventLoop>
@@ -5,11 +7,7 @@
 #include <QNetworkReply>
 #include <QtConcurrent>
 
-#include "QBlockCipher.h"
-#include "QRsa.h"
-
 #include "amnezia_application.h"
-#include "core/enums/apiEnums.h"
 #include "configurators/wireguard_configurator.h"
 #include "version.h"
 
@@ -29,74 +27,25 @@ namespace
         constexpr char uuid[] = "installation_uuid";
         constexpr char osVersion[] = "os_version";
         constexpr char appVersion[] = "app_version";
-
-        constexpr char userCountryCode[] = "user_country_code";
-        constexpr char serverCountryCode[] = "server_country_code";
-        constexpr char serviceType[] = "service_type";
-
-        constexpr char aesKey[] = "aes_key";
-        constexpr char aesIv[] = "aes_iv";
-        constexpr char aesSalt[] = "aes_salt";
-
-        constexpr char apiPayload[] = "api_payload";
-        constexpr char keyPayload[] = "key_payload";
-    }
-
-    const QStringList proxyStorageUrl = {""};
-
-    ErrorCode checkErrors(const QList<QSslError> &sslErrors, QNetworkReply *reply)
-    {
-        if (!sslErrors.empty()) {
-            qDebug().noquote() << sslErrors;
-            return ErrorCode::ApiConfigSslError;
-        } else if (reply->error() == QNetworkReply::NoError) {
-            return ErrorCode::NoError;
-        } else if (reply->error() == QNetworkReply::NetworkError::OperationCanceledError
-                   || reply->error() == QNetworkReply::NetworkError::TimeoutError) {
-            return ErrorCode::ApiConfigTimeoutError;
-        } else {
-            QString err = reply->errorString();
-            qDebug() << QString::fromUtf8(reply->readAll());
-            qDebug() << reply->error();
-            qDebug() << err;
-            qDebug() << reply->attribute(QNetworkRequest::HttpStatusCodeAttribute);
-            return ErrorCode::ApiConfigDownloadError;
-        }
     }
 }
 
-ApiController::ApiController(const QString &gatewayEndpoint, QObject *parent) : QObject(parent), m_gatewayEndpoint(gatewayEndpoint)
+ApiController::ApiController(QObject *parent) : QObject(parent)
 {
 }
 
-void ApiController::fillServerConfig(const QString &protocol, const ApiController::ApiPayloadData &apiPayloadData,
-                                     const QByteArray &apiResponseBody, QJsonObject &serverConfig)
+void ApiController::processApiConfig(const QString &protocol, const ApiController::ApiPayloadData &apiPayloadData, QString &config)
 {
-    QString data = QJsonDocument::fromJson(apiResponseBody).object().value(config_key::config).toString();
-
-    data.replace("vpn://", "");
-    QByteArray ba = QByteArray::fromBase64(data.toUtf8(), QByteArray::Base64UrlEncoding | QByteArray::OmitTrailingEquals);
-
-    if (ba.isEmpty()) {
-        emit errorOccurred(ErrorCode::ApiConfigEmptyError);
-        return;
-    }
-
-    QByteArray ba_uncompressed = qUncompress(ba);
-    if (!ba_uncompressed.isEmpty()) {
-        ba = ba_uncompressed;
-    }
-
-    QString configStr = ba;
     if (protocol == configKey::cloak) {
-        configStr.replace("<key>", "<key>\n");
-        configStr.replace("$OPENVPN_PRIV_KEY", apiPayloadData.certRequest.privKey);
+        config.replace("<key>", "<key>\n");
+        config.replace("$OPENVPN_PRIV_KEY", apiPayloadData.certRequest.privKey);
+        return;
     } else if (protocol == configKey::awg) {
-        configStr.replace("$WIREGUARD_CLIENT_PRIVATE_KEY", apiPayloadData.wireGuardClientPrivKey);
-        auto serverConfig = QJsonDocument::fromJson(configStr.toUtf8()).object();
+        config.replace("$WIREGUARD_CLIENT_PRIVATE_KEY", apiPayloadData.wireGuardClientPrivKey);
+        auto serverConfig = QJsonDocument::fromJson(config.toUtf8()).object();
         auto containers = serverConfig.value(config_key::containers).toArray();
         if (containers.isEmpty()) {
-            return; // todo process error
+            return;
         }
         auto container = containers.at(0).toObject();
         QString containerName = ContainerProps::containerTypeToString(DockerContainer::Awg);
@@ -114,75 +63,11 @@ void ApiController::fillServerConfig(const QString &protocol, const ApiControlle
         container[containerName] = containerConfig;
         containers.replace(0, container);
         serverConfig[config_key::containers] = containers;
-        configStr = QString(QJsonDocument(serverConfig).toJson());
+        config = QString(QJsonDocument(serverConfig).toJson());
     }
-
-    QJsonObject apiConfig = QJsonDocument::fromJson(configStr.toUtf8()).object();
-    serverConfig[config_key::dns1] = apiConfig.value(config_key::dns1);
-    serverConfig[config_key::dns2] = apiConfig.value(config_key::dns2);
-    serverConfig[config_key::containers] = apiConfig.value(config_key::containers);
-    serverConfig[config_key::hostName] = apiConfig.value(config_key::hostName);
-
-    if (apiConfig.value(config_key::configVersion).toInt() == ApiConfigSources::AmneziaGateway) {
-        serverConfig[config_key::configVersion] = apiConfig.value(config_key::configVersion);
-        serverConfig[config_key::description] = apiConfig.value(config_key::description);
-        serverConfig[config_key::name] = apiConfig.value(config_key::name);
-    }
-
-    auto defaultContainer = apiConfig.value(config_key::defaultContainer).toString();
-    serverConfig[config_key::defaultContainer] = defaultContainer;
-
     return;
 }
 
-QStringList ApiController::getProxyUrls()
-{
-    QNetworkRequest request;
-    request.setTransferTimeout(7000);
-    request.setHeader(QNetworkRequest::ContentTypeHeader, "application/json");
-
-    QEventLoop wait;
-    QList<QSslError> sslErrors;
-    QNetworkReply* reply;
-
-    for (const auto &proxyStorageUrl : proxyStorageUrl) {
-        request.setUrl(proxyStorageUrl);
-        reply = amnApp->manager()->get(request);
-
-        connect(reply, &QNetworkReply::finished, &wait, &QEventLoop::quit);
-        connect(reply, &QNetworkReply::sslErrors, [this, &sslErrors](const QList<QSslError> &errors) { sslErrors = errors; });
-        wait.exec();
-
-        if (reply->error() == QNetworkReply::NetworkError::NoError) {
-            break;
-        }
-        reply->deleteLater();
-    }
-
-    auto encryptedResponseBody = reply->readAll();
-    reply->deleteLater();
-
-    EVP_PKEY *privateKey = nullptr;
-    QByteArray responseBody;
-    try {
-        QByteArray key = PROD_PROXY_STORAGE_KEY;
-        QSimpleCrypto::QRsa rsa;
-        privateKey = rsa.getPrivateKeyFromByteArray(key, "");
-        responseBody = rsa.decrypt(encryptedResponseBody, privateKey, RSA_PKCS1_PADDING);
-    } catch (...) {
-        qCritical() << "error loading private key from environment variables or decrypting payload";
-        return {};
-    }
-
-    auto endpointsArray = QJsonDocument::fromJson(responseBody).array();
-
-    QStringList endpoints;
-    for (const auto &endpoint : endpointsArray) {
-        endpoints.push_back(endpoint.toString());
-    }
-    return endpoints;
-}
-
 ApiController::ApiPayloadData ApiController::generateApiPayloadData(const QString &protocol)
 {
     ApiController::ApiPayloadData apiPayload;
@@ -218,6 +103,8 @@ void ApiController::updateServerConfigFromApi(const QString &installationUuid, c
     QThread::msleep(10);
 #endif
 
+    auto containerConfig = serverConfig.value(config_key::containers).toArray();
+
     if (serverConfig.value(config_key::configVersion).toInt()) {
         QNetworkRequest request;
         request.setTransferTimeout(7000);
@@ -235,13 +122,39 @@ void ApiController::updateServerConfigFromApi(const QString &installationUuid, c
 
         QByteArray requestBody = QJsonDocument(apiPayload).toJson();
 
-        QNetworkReply *reply = amnApp->manager()->post(request, requestBody);
+        QNetworkReply *reply = amnApp->manager()->post(request, requestBody); // ??
 
         QObject::connect(reply, &QNetworkReply::finished, [this, reply, protocol, apiPayloadData, serverIndex, serverConfig]() mutable {
             if (reply->error() == QNetworkReply::NoError) {
-                auto apiResponseBody = reply->readAll();
-                fillServerConfig(protocol, apiPayloadData, apiResponseBody, serverConfig);
-                emit finished(serverConfig, serverIndex);
+                QString contents = QString::fromUtf8(reply->readAll());
+                QString data = QJsonDocument::fromJson(contents.toUtf8()).object().value(config_key::config).toString();
+
+                data.replace("vpn://", "");
+                QByteArray ba = QByteArray::fromBase64(data.toUtf8(), QByteArray::Base64UrlEncoding | QByteArray::OmitTrailingEquals);
+
+                if (ba.isEmpty()) {
+                    emit errorOccurred(ErrorCode::ApiConfigEmptyError);
+                    return;
+                }
+
+                QByteArray ba_uncompressed = qUncompress(ba);
+                if (!ba_uncompressed.isEmpty()) {
+                    ba = ba_uncompressed;
+                }
+
+                QString configStr = ba;
+                processApiConfig(protocol, apiPayloadData, configStr);
+
+                QJsonObject apiConfig = QJsonDocument::fromJson(configStr.toUtf8()).object();
+                serverConfig[config_key::dns1] = apiConfig.value(config_key::dns1);
+                serverConfig[config_key::dns2] = apiConfig.value(config_key::dns2);
+                serverConfig[config_key::containers] = apiConfig.value(config_key::containers);
+                serverConfig[config_key::hostName] = apiConfig.value(config_key::hostName);
+
+                auto defaultContainer = apiConfig.value(config_key::defaultContainer).toString();
+                serverConfig[config_key::defaultContainer] = defaultContainer;
+
+                emit configUpdated(true, serverConfig, serverIndex);
             } else {
                 if (reply->error() == QNetworkReply::NetworkError::OperationCanceledError
                     || reply->error() == QNetworkReply::NetworkError::TimeoutError) {
@@ -267,154 +180,3 @@ void ApiController::updateServerConfigFromApi(const QString &installationUuid, c
         });
     }
 }
-
-ErrorCode ApiController::getServicesList(QByteArray &responseBody)
-{
-#ifdef Q_OS_IOS
-    IosController::Instance()->requestInetAccess();
-    QThread::msleep(10);
-#endif
-
-    QNetworkRequest request;
-    request.setTransferTimeout(7000);
-    request.setHeader(QNetworkRequest::ContentTypeHeader, "application/json");
-
-    request.setUrl(QString("%1v1/services").arg(m_gatewayEndpoint));
-
-    QNetworkReply* reply;
-    reply = amnApp->manager()->get(request);
-
-    QEventLoop wait;
-    QObject::connect(reply, &QNetworkReply::finished, &wait, &QEventLoop::quit);
-
-    QList<QSslError> sslErrors;
-    connect(reply, &QNetworkReply::sslErrors, [this, &sslErrors](const QList<QSslError> &errors) { sslErrors = errors; });
-    wait.exec();
-
-    if (reply->error() == QNetworkReply::NetworkError::TimeoutError || reply->error() == QNetworkReply::NetworkError::OperationCanceledError) {
-        m_proxyUrls = getProxyUrls();
-        for (const QString &proxyUrl : m_proxyUrls) {
-            request.setUrl(QString("%1v1/services").arg(proxyUrl));
-            reply = amnApp->manager()->get(request);
-
-            QObject::connect(reply, &QNetworkReply::finished, &wait, &QEventLoop::quit);
-            connect(reply, &QNetworkReply::sslErrors, [this, &sslErrors](const QList<QSslError> &errors) { sslErrors = errors; });
-            wait.exec();
-            if (reply->error() != QNetworkReply::NetworkError::TimeoutError && reply->error() != QNetworkReply::NetworkError::OperationCanceledError) {
-                break;
-            }
-            reply->deleteLater();
-        }
-    }
-
-    responseBody = reply->readAll();
-    auto errorCode = checkErrors(sslErrors, reply);
-    reply->deleteLater();
-    return errorCode;
-}
-
-ErrorCode ApiController::getConfigForService(const QString &installationUuid, const QString &userCountryCode, const QString &serviceType,
-                                             const QString &protocol, const QString &serverCountryCode, QJsonObject &serverConfig)
-{
-#ifdef Q_OS_IOS
-    IosController::Instance()->requestInetAccess();
-    QThread::msleep(10);
-#endif
-
-    QNetworkAccessManager manager;
-    QNetworkRequest request;
-    request.setTransferTimeout(7000);
-    request.setHeader(QNetworkRequest::ContentTypeHeader, "application/json");
-
-    request.setUrl(QString("%1v1/config").arg(m_gatewayEndpoint));
-
-    ApiPayloadData apiPayloadData = generateApiPayloadData(protocol);
-
-    QJsonObject apiPayload = fillApiPayload(protocol, apiPayloadData);
-    apiPayload[configKey::userCountryCode] = userCountryCode;
-    if (!serverCountryCode.isEmpty()) {
-        apiPayload[configKey::serverCountryCode] = serverCountryCode;
-    }
-    apiPayload[configKey::serviceType] = serviceType;
-    apiPayload[configKey::uuid] = installationUuid;
-
-    QSimpleCrypto::QBlockCipher blockCipher;
-    QByteArray key = blockCipher.generatePrivateSalt(32);
-    QByteArray iv = blockCipher.generatePrivateSalt(32);
-    QByteArray salt = blockCipher.generatePrivateSalt(8);
-
-    QJsonObject keyPayload;
-    keyPayload[configKey::aesKey] = QString(key.toBase64());
-    keyPayload[configKey::aesIv] = QString(iv.toBase64());
-    keyPayload[configKey::aesSalt] = QString(salt.toBase64());
-
-    QByteArray encryptedKeyPayload;
-    QByteArray encryptedApiPayload;
-    try {
-        QSimpleCrypto::QRsa rsa;
-
-        EVP_PKEY *publicKey = nullptr;
-        try {
-            QByteArray key = PROD_AGW_PUBLIC_KEY;
-            QSimpleCrypto::QRsa rsa;
-            publicKey = rsa.getPublicKeyFromByteArray(key);
-        } catch (...) {
-            qCritical() << "error loading public key from environment variables";
-            return ErrorCode::ApiMissingAgwPublicKey;
-        }
-
-        encryptedKeyPayload = rsa.encrypt(QJsonDocument(keyPayload).toJson(), publicKey, RSA_PKCS1_PADDING);
-        EVP_PKEY_free(publicKey);
-
-        encryptedApiPayload = blockCipher.encryptAesBlockCipher(QJsonDocument(apiPayload).toJson(), key, iv, "", salt);
-    } catch (...) { // todo change error handling in QSimpleCrypto?
-        qCritical() << "error when encrypting the request body";
-    }
-
-    QJsonObject requestBody;
-    requestBody[configKey::keyPayload] = QString(encryptedKeyPayload.toBase64());
-    requestBody[configKey::apiPayload] = QString(encryptedApiPayload.toBase64());
-
-    QNetworkReply* reply = manager.post(request, QJsonDocument(requestBody).toJson());
-
-    QEventLoop wait;
-    connect(reply, &QNetworkReply::finished, &wait, &QEventLoop::quit);
-
-    QList<QSslError> sslErrors;
-    connect(reply, &QNetworkReply::sslErrors, [this, &sslErrors](const QList<QSslError> &errors) { sslErrors = errors; });
-    wait.exec();
-
-    if (reply->error() == QNetworkReply::NetworkError::TimeoutError || reply->error() == QNetworkReply::NetworkError::OperationCanceledError) {
-        if (m_proxyUrls.isEmpty()) {
-            m_proxyUrls = getProxyUrls();
-        }
-        for (const QString &proxyUrl : m_proxyUrls) {
-            request.setUrl(QString("%1v1/config").arg(proxyUrl));
-            reply = manager.post(request, QJsonDocument(requestBody).toJson());
-
-            QObject::connect(reply, &QNetworkReply::finished, &wait, &QEventLoop::quit);
-            connect(reply, &QNetworkReply::sslErrors, [this, &sslErrors](const QList<QSslError> &errors) { sslErrors = errors; });
-            wait.exec();
-            if (reply->error() != QNetworkReply::NetworkError::TimeoutError && reply->error() != QNetworkReply::NetworkError::OperationCanceledError) {
-                break;
-            }
-            reply->deleteLater();
-        }
-    }
-
-    auto errorCode = checkErrors(sslErrors, reply);
-    if (errorCode) {
-        return errorCode;
-    }
-
-    auto encryptedResponseBody = reply->readAll();
-    reply->deleteLater();
-    try {
-        auto responseBody = blockCipher.decryptAesBlockCipher(encryptedResponseBody, key, iv, "", salt);
-        fillServerConfig(protocol, apiPayloadData, responseBody, serverConfig);
-    } catch (...) { // todo change error handling in QSimpleCrypto?
-        qCritical() << "error when decrypting the request body";
-    }
-
-    return errorCode;
-}

client/core/controllers/apiController.h

@@ -14,18 +14,14 @@ class ApiController : public QObject
     Q_OBJECT
 
 public:
-    explicit ApiController(const QString &gatewayEndpoint, QObject *parent = nullptr);
+    explicit ApiController(QObject *parent = nullptr);
 
 public slots:
     void updateServerConfigFromApi(const QString &installationUuid, const int serverIndex, QJsonObject serverConfig);
 
-    ErrorCode getServicesList(QByteArray &responseBody);
-    ErrorCode getConfigForService(const QString &installationUuid, const QString &userCountryCode, const QString &serviceType,
-                                  const QString &protocol, const QString &serverCountryCode, QJsonObject &serverConfig);
-
 signals:
     void errorOccurred(ErrorCode errorCode);
-    void finished(const QJsonObject &config, const int serverIndex);
+    void configUpdated(const bool updateConfig, const QJsonObject &config, const int serverIndex);
 
 private:
     struct ApiPayloadData
@@ -38,12 +34,7 @@ private:
 
     ApiPayloadData generateApiPayloadData(const QString &protocol);
     QJsonObject fillApiPayload(const QString &protocol, const ApiController::ApiPayloadData &apiPayloadData);
-    void fillServerConfig(const QString &protocol, const ApiController::ApiPayloadData &apiPayloadData, const QByteArray &apiResponseBody,
-                          QJsonObject &serverConfig);
-    QStringList getProxyUrls();
-
-    QString m_gatewayEndpoint;
-    QStringList m_proxyUrls;
+    void processApiConfig(const QString &protocol, const ApiController::ApiPayloadData &apiPayloadData, QString &config);
 };
 
 #endif // APICONTROLLER_H

client/core/controllers/serverController.cpp

@@ -569,7 +569,6 @@ ServerController::Vars ServerController::genVarsForScript(const ServerCredential
 
     // Xray vars
     vars.append({ { "$XRAY_SITE_NAME", xrayConfig.value(config_key::site).toString(protocols::xray::defaultSite) } });
-    vars.append({ { "$XRAY_SERVER_PORT", xrayConfig.value(config_key::port).toString(protocols::xray::defaultPort) } });
 
     // Wireguard vars
     vars.append({ { "$WIREGUARD_SUBNET_IP",

client/core/defs.h

@@ -106,7 +106,6 @@ namespace amnezia
         ApiConfigEmptyError = 1102,
         ApiConfigTimeoutError = 1103,
         ApiConfigSslError = 1104,
-        ApiMissingAgwPublicKey = 1105,
 
         // QFile errors
         OpenError = 1200,

client/core/enums/apiEnums.h

@@ -1,9 +0,0 @@
-#ifndef APIENUMS_H
-#define APIENUMS_H
-
-enum ApiConfigSources {
-    Telegram = 1,
-    AmneziaGateway
-};
-
-#endif // APIENUMS_H

client/core/errorstrings.cpp

@@ -60,7 +60,6 @@ QString errorString(ErrorCode code) {
     case (ErrorCode::ApiConfigEmptyError): errorMessage = QObject::tr("In the response from the server, an empty config was received"); break;
     case (ErrorCode::ApiConfigSslError): errorMessage = QObject::tr("SSL error occurred"); break;
     case (ErrorCode::ApiConfigTimeoutError): errorMessage = QObject::tr("Server response timeout on api request"); break;
-    case (ErrorCode::ApiMissingAgwPublicKey): errorMessage = QObject::tr("Missing AGW public key"); break;
       
     // QFile errors
     case(ErrorCode::OpenError): errorMessage = QObject::tr("QFile error: The file could not be opened"); break;

client/core/ipcclient.h

@@ -5,10 +5,12 @@
 #include <QObject>
 
 #include "ipc.h"
-#include "rep_ipc_interface_replica.h"
+//#include "rep_ipc_interface_replica.h"
 
 #include "privileged_process.h"
 
+/*
+
 class IpcClient : public QObject
 {
     Q_OBJECT
@@ -46,6 +48,6 @@ private:
     bool m_isSocketConnected {false};
 
     static IpcClient *m_instance;
-};
+}; */
 
 #endif // IPCCLIENT_H

client/core/privileged_process.h

@@ -3,21 +3,21 @@
 
 #include <QObject>
 
-#include "rep_ipc_process_interface_replica.h"
+// #include "rep_ipc_process_interface_replica.h"
 // This class is dangerous - instance of this class casted from base class,
 // so it support only functions
 // Do not add any members into it
 //
-class PrivilegedProcess : public IpcProcessInterfaceReplica
-{
-    Q_OBJECT
-public:
-    PrivilegedProcess();
-    ~PrivilegedProcess() override;
+//class PrivilegedProcess : public IpcProcessInterfaceReplica
+//{
+//    Q_OBJECT
+//public:
+//    PrivilegedProcess();
+//    ~PrivilegedProcess() override;
 
-    void waitForFinished(int msecs);
+//    void waitForFinished(int msecs);
 
-};
+//};
 
 #endif // PRIVILEGED_PROCESS_H
 

client/images/connectionOff.svg

@@ -0,0 +1,18 @@
+<svg width="280" height="280" viewBox="0 0 280 280" fill="none" xmlns="http://www.w3.org/2000/svg">
+<g filter="url(#filter0_f_1379_19114)">
+<circle cx="140" cy="140" r="107.5" stroke="#FBB36A"/>
+</g>
+<circle cx="140" cy="140" r="107" stroke="#FBB36A" stroke-width="2"/>
+<circle cx="140" cy="140" r="107" stroke="url(#paint0_linear_1379_19114)" stroke-width="2"/>
+<defs>
+<filter id="filter0_f_1379_19114" x="2" y="2" width="276" height="276" filterUnits="userSpaceOnUse" color-interpolation-filters="sRGB">
+<feFlood flood-opacity="0" result="BackgroundImageFix"/>
+<feBlend mode="normal" in="SourceGraphic" in2="BackgroundImageFix" result="shape"/>
+<feGaussianBlur stdDeviation="15" result="effect1_foregroundBlur_1379_19114"/>
+</filter>
+<linearGradient id="paint0_linear_1379_19114" x1="-2.43527" y1="89.3291" x2="192.652" y2="11.9798" gradientUnits="userSpaceOnUse">
+<stop stop-color="#E0AA84"/>
+<stop offset="1" stop-color="#DF7D37"/>
+</linearGradient>
+</defs>
+</svg>

client/images/connectionOn.svg

@@ -0,0 +1,17 @@
+<svg width="280" height="280" viewBox="0 0 280 280" fill="none" xmlns="http://www.w3.org/2000/svg">
+<g filter="url(#filter0_d_1379_19118)">
+<path d="M140 235C127.524 235 115.171 232.543 103.645 227.769C92.1191 222.994 81.6464 215.997 72.8248 207.175C64.0033 198.354 57.0056 187.881 52.2314 176.355C47.4572 164.829 45 152.476 45 140C45 127.524 47.4572 115.171 52.2314 103.645C57.0056 92.1191 64.0033 81.6464 72.8249 72.8248C81.6464 64.0033 92.1191 57.0056 103.645 52.2314C115.171 47.4572 127.524 45 140 45C152.476 45 164.829 47.4572 176.355 52.2314C187.881 57.0056 198.354 64.0033 207.175 72.8249C215.997 81.6464 222.994 92.1192 227.769 103.645C232.543 115.171 235 127.524 235 140C235 152.476 232.543 164.829 227.769 176.355C222.994 187.881 215.997 198.354 207.175 207.175C198.354 215.997 187.881 222.994 176.355 227.769C164.829 232.543 152.476 235 140 235L140 235Z" stroke="#D7D8DB" stroke-width="2" stroke-linecap="round"/>
+</g>
+<defs>
+<filter id="filter0_d_1379_19118" x="38" y="38" width="204" height="204" filterUnits="userSpaceOnUse" color-interpolation-filters="sRGB">
+<feFlood flood-opacity="0" result="BackgroundImageFix"/>
+<feColorMatrix in="SourceAlpha" type="matrix" values="0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 127 0" result="hardAlpha"/>
+<feOffset/>
+<feGaussianBlur stdDeviation="3"/>
+<feComposite in2="hardAlpha" operator="out"/>
+<feColorMatrix type="matrix" values="0 0 0 0 1 0 0 0 0 1 0 0 0 0 1 0 0 0 0.2 0"/>
+<feBlend mode="normal" in2="BackgroundImageFix" result="effect1_dropShadow_1379_19118"/>
+<feBlend mode="normal" in="SourceGraphic" in2="effect1_dropShadow_1379_19118" result="shape"/>
+</filter>
+</defs>
+</svg>

client/images/connectionProgress.svg

@@ -0,0 +1,30 @@
+<svg width="280" height="280" viewBox="0 0 280 280" fill="none" xmlns="http://www.w3.org/2000/svg">
+<g opacity="0.1" filter="url(#filter0_d_1379_19115)">
+<path d="M235 140C235 152.476 232.543 164.829 227.769 176.355C222.994 187.881 215.997 198.354 207.175 207.175C198.354 215.997 187.881 222.994 176.355 227.769C164.829 232.543 152.476 235 140 235C127.524 235 115.171 232.543 103.645 227.769C92.1191 222.994 81.6464 215.997 72.8249 207.175C64.0033 198.354 57.0056 187.881 52.2314 176.355C47.4572 164.829 45 152.476 45 140C45 127.524 47.4572 115.171 52.2314 103.645C57.0056 92.1191 64.0033 81.6464 72.8249 72.8248C81.6464 64.0033 92.1192 57.0056 103.645 52.2314C115.171 47.4572 127.524 45 140 45C152.476 45 164.829 47.4573 176.355 52.2314C187.881 57.0056 198.354 64.0033 207.175 72.8249C215.997 81.6464 222.994 92.1192 227.769 103.645C232.543 115.171 235 127.524 235 140L235 140Z" stroke="#FBB36A"/>
+</g>
+<g filter="url(#filter1_d_1379_19115)">
+<path d="M140 235C126.016 235 112.204 231.913 99.551 225.959C86.8977 220.004 75.7151 211.33 66.8012 200.555C57.8874 189.78 51.4623 177.17 47.9846 163.626C44.5069 150.081 44.0623 135.935 46.6827 122.199C49.3031 108.462 54.9237 95.4738 63.1434 84.1604C71.363 72.847 81.979 63.4878 94.2334 56.7509C106.488 50.014 120.078 46.0655 134.035 45.1875C147.991 44.3094 161.97 46.5233 174.972 51.6712" stroke="#D7D8DB" stroke-width="2" stroke-linecap="round"/>
+</g>
+<defs>
+<filter id="filter0_d_1379_19115" x="38.5" y="38.5" width="203" height="203" filterUnits="userSpaceOnUse" color-interpolation-filters="sRGB">
+<feFlood flood-opacity="0" result="BackgroundImageFix"/>
+<feColorMatrix in="SourceAlpha" type="matrix" values="0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 127 0" result="hardAlpha"/>
+<feOffset/>
+<feGaussianBlur stdDeviation="3"/>
+<feComposite in2="hardAlpha" operator="out"/>
+<feColorMatrix type="matrix" values="0 0 0 0 0.984314 0 0 0 0 0.717647 0 0 0 0 0.317647 0 0 0 1 0"/>
+<feBlend mode="normal" in2="BackgroundImageFix" result="effect1_dropShadow_1379_19115"/>
+<feBlend mode="normal" in="SourceGraphic" in2="effect1_dropShadow_1379_19115" result="shape"/>
+</filter>
+<filter id="filter1_d_1379_19115" x="38" y="38" width="143.973" height="204" filterUnits="userSpaceOnUse" color-interpolation-filters="sRGB">
+<feFlood flood-opacity="0" result="BackgroundImageFix"/>
+<feColorMatrix in="SourceAlpha" type="matrix" values="0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 127 0" result="hardAlpha"/>
+<feOffset/>
+<feGaussianBlur stdDeviation="3"/>
+<feComposite in2="hardAlpha" operator="out"/>
+<feColorMatrix type="matrix" values="0 0 0 0 0.988235 0 0 0 0 0.301961 0 0 0 0 0.0705883 0 0 0 0.49 0"/>
+<feBlend mode="normal" in2="BackgroundImageFix" result="effect1_dropShadow_1379_19115"/>
+<feBlend mode="normal" in="SourceGraphic" in2="effect1_dropShadow_1379_19115" result="shape"/>
+</filter>
+</defs>
+</svg>

client/images/controls/archive-restore.svg

@@ -1,7 +0,0 @@
-<svg width="24" height="24" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg">
-<path d="M20 4H4C2.89543 4 2 4.89543 2 6V7C2 8.10457 2.89543 9 4 9H20C21.1046 9 22 8.10457 22 7V6C22 4.89543 21.1046 4 20 4Z" stroke="#D7D8DB" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-<path d="M12 13V20" stroke="#D7D8DB" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-<path d="M9 16L12 13L15 16" stroke="#D7D8DB" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-<path d="M4 9V18C4 18.5304 4.21071 19.0391 4.58579 19.4142C4.96086 19.7893 5.46957 20 6 20H8" stroke="#D7D8DB" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-<path d="M20 9V18C20 18.5304 19.7893 19.0391 19.4142 19.4142C19.0391 19.7893 18.5304 20 18 20H16" stroke="#D7D8DB" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-</svg>

client/images/controls/bug.svg

@@ -1,11 +0,0 @@
-<svg width="24" height="24" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg">
-<path d="M16 10C16 7.79086 14.2091 6 12 6C9.79086 6 8 7.79086 8 10V16C8 18.2091 9.79086 20 12 20C14.2091 20 16 18.2091 16 16V10Z" stroke="#D7D8DB" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-<path d="M19 7L16 9" stroke="#D7D8DB" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-<path d="M5 7L8 9" stroke="#D7D8DB" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-<path d="M19 19L16 17" stroke="#D7D8DB" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-<path d="M5 19L8 17" stroke="#D7D8DB" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-<path d="M20 13H16" stroke="#D7D8DB" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-<path d="M4 13H8" stroke="#D7D8DB" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-<path d="M10 4L11 6" stroke="#D7D8DB" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-<path d="M14 4L13 6" stroke="#D7D8DB" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-</svg>

client/images/controls/folder-search-2.svg

@@ -1,5 +0,0 @@
-<svg width="24" height="24" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg">
-<path d="M4 20H20C20.5304 20 21.0391 19.7893 21.4142 19.4142C21.7893 19.0391 22 18.5304 22 18V8C22 7.46957 21.7893 6.96086 21.4142 6.58579C21.0391 6.21071 20.5304 6 20 6H12.07C11.7406 5.9983 11.4167 5.91525 11.1271 5.75824C10.8375 5.60123 10.5912 5.37512 10.41 5.1L9.59 3.9C9.40882 3.62488 9.1625 3.39877 8.8729 3.24176C8.58331 3.08475 8.25941 3.0017 7.93 3H4C3.46957 3 2.96086 3.21071 2.58579 3.58579C2.21071 3.96086 2 4.46957 2 5V18C2 19.1 2.9 20 4 20Z" stroke="#D7D8DB" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-<path d="M11.5 15C12.8807 15 14 13.8807 14 12.5C14 11.1193 12.8807 10 11.5 10C10.1193 10 9 11.1193 9 12.5C9 13.8807 10.1193 15 11.5 15Z" stroke="#D7D8DB" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-<path d="M13.27 14.27L15 16" stroke="#D7D8DB" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-</svg>

client/images/controls/gauge.svg

@@ -1,4 +0,0 @@
-<svg width="24" height="24" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg">
-<path d="M12 15L15.5 11.5" stroke="#D7D8DB" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-<path d="M20.3 18C20.7 17 21 15.8 21 14.6C21 9.8 17 6 12 6C7 6 3 9.8 3 14.6C3 15.8 3.3 17 3.7 18" stroke="#D7D8DB" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-</svg>

client/images/controls/help-circle.svg

@@ -1,5 +0,0 @@
-<svg width="24" height="24" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg">
-<path d="M12 22C17.5228 22 22 17.5228 22 12C22 6.47715 17.5228 2 12 2C6.47715 2 2 6.47715 2 12C2 17.5228 6.47715 22 12 22Z" stroke="#D7D8DB" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-<path d="M9.09009 9.00008C9.32519 8.33175 9.78924 7.76819 10.4 7.40921C11.0108 7.05024 11.729 6.91902 12.4273 7.03879C13.1255 7.15857 13.7589 7.52161 14.2152 8.06361C14.6714 8.60561 14.9211 9.2916 14.9201 10.0001C14.9201 12.0001 11.9201 13.0001 11.9201 13.0001" stroke="#D7D8DB" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-<path d="M12 17H12.01" stroke="#D7D8DB" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-</svg>

client/images/controls/history.svg

@@ -1,5 +0,0 @@
-<svg width="24" height="24" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg">
-<path d="M3 3V8H8" stroke="#D7D8DB" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-<path d="M3.05 13.0001C3.27151 15.0059 4.1607 16.8791 5.57478 18.3188C6.98886 19.7585 8.84577 20.6812 10.8473 20.9387C12.8488 21.1961 14.8788 20.7735 16.6112 19.7386C18.3436 18.7036 19.678 17.1165 20.3999 15.2321C21.1219 13.3476 21.1896 11.2752 20.5921 9.34766C19.9947 7.42012 18.7668 5.7493 17.1056 4.60353C15.4444 3.45776 13.4463 2.90354 11.4322 3.02987C9.41817 3.15619 7.50501 3.95574 6 5.30009L3 8.00009" stroke="#D7D8DB" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-<path d="M12 7V12L16 14" stroke="#D7D8DB" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-</svg>

client/images/controls/info.svg

@@ -1,5 +0,0 @@
-<svg width="24" height="24" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg">
-<path d="M12 22C17.5228 22 22 17.5228 22 12C22 6.47715 17.5228 2 12 2C6.47715 2 2 6.47715 2 12C2 17.5228 6.47715 22 12 22Z" stroke="#D7D8DB" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-<path d="M12 16V12" stroke="#D7D8DB" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-<path d="M12 8H12.01" stroke="#D7D8DB" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-</svg>

client/images/controls/map-pin.svg

@@ -1,4 +0,0 @@
-<svg width="24" height="24" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg">
-<path d="M20 10C20 16 12 22 12 22C12 22 4 16 4 10C4 7.87827 4.84285 5.84344 6.34315 4.34315C7.84344 2.84285 9.87827 2 12 2C14.1217 2 16.1566 2.84285 17.6569 4.34315C19.1571 5.84344 20 7.87827 20 10V10Z" stroke="#D7D8DB" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-<path d="M12 13C13.6569 13 15 11.6569 15 10C15 8.34315 13.6569 7 12 7C10.3431 7 9 8.34315 9 10C9 11.6569 10.3431 13 12 13Z" stroke="#D7D8DB" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-</svg>

client/images/controls/refresh-cw.svg

@@ -1,6 +0,0 @@
-<svg width="24" height="24" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg">
-<path d="M21 2V8H15" stroke="#D7D8DB" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-<path d="M3 12.0001C3.00158 10.2634 3.5056 8.56429 4.45125 7.10764C5.39691 5.651 6.74382 4.49907 8.32951 3.79079C9.9152 3.08252 11.6719 2.84815 13.3879 3.11596C15.1038 3.38377 16.7056 4.14232 18 5.30011L21 8.00011" stroke="#D7D8DB" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-<path d="M3 22V16H9" stroke="#D7D8DB" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-<path d="M21 12C20.9984 13.7367 20.4944 15.4358 19.5487 16.8925C18.6031 18.3491 17.2562 19.501 15.6705 20.2093C14.0848 20.9176 12.3281 21.152 10.6121 20.8841C8.89623 20.6163 7.29445 19.8578 6 18.7L3 16" stroke="#D7D8DB" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-</svg>

client/images/controls/scan-line.svg

@@ -1,7 +0,0 @@
-<svg width="24" height="24" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg">
-<path d="M3 7V5C3 4.46957 3.21071 3.96086 3.58579 3.58579C3.96086 3.21071 4.46957 3 5 3H7" stroke="#D7D8DB" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-<path d="M17 3H19C19.5304 3 20.0391 3.21071 20.4142 3.58579C20.7893 3.96086 21 4.46957 21 5V7" stroke="#D7D8DB" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-<path d="M21 17V19C21 19.5304 20.7893 20.0391 20.4142 20.4142C20.0391 20.7893 19.5304 21 19 21H17" stroke="#D7D8DB" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-<path d="M7 21H5C4.46957 21 3.96086 20.7893 3.58579 20.4142C3.21071 20.0391 3 19.5304 3 19V17" stroke="#D7D8DB" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-<path d="M7 12H17" stroke="#D7D8DB" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-</svg>

client/images/controls/tag.svg

@@ -1,4 +0,0 @@
-<svg width="24" height="24" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg">
-<path d="M12 2H2V12L11.29 21.29C12.23 22.23 13.77 22.23 14.71 21.29L21.29 14.71C22.23 13.77 22.23 12.23 21.29 11.29L12 2Z" stroke="#D7D8DB" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-<path d="M7 7H7.01" stroke="#D7D8DB" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-</svg>