/*
* qca.h - Qt Cryptographic Architecture
* Copyright (C) 2003 Justin Karneges
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*
*/
#ifndef QCA_H
#define QCA_H
#include<qstring.h>
#include<qcstring.h>
#include<qdatetime.h>
#include<qmap.h>
#include<qptrlist.h>
#include<qobject.h>
#ifdef Q_OS_WIN32
# ifndef QCA_STATIC
# ifdef QCA_MAKEDLL
# define QCA_EXPORT __declspec(dllexport)
# else
# define QCA_EXPORT __declspec(dllimport)
# endif
# endif
#endif
#ifndef QCA_EXPORT
#define QCA_EXPORT
#endif
#ifdef Q_OS_WIN32
# ifdef QCA_PLUGIN_DLL
# define QCA_PLUGIN_EXPORT extern "C" __declspec(dllexport)
# else
# define QCA_PLUGIN_EXPORT extern "C" __declspec(dllimport)
# endif
#endif
#ifndef QCA_PLUGIN_EXPORT
#define QCA_PLUGIN_EXPORT extern "C"
#endif
class QHostAddress;
class QStringList;
class QCAProvider;
class QCA_HashContext;
class QCA_CipherContext;
class QCA_CertContext;
namespace QCA
{
enum {
CAP_SHA1 = 0x0001,
CAP_SHA256 = 0x0002,
CAP_MD5 = 0x0004,
CAP_BlowFish = 0x0008,
CAP_TripleDES = 0x0010,
CAP_AES128 = 0x0020,
CAP_AES256 = 0x0040,
CAP_RSA = 0x0080,
CAP_X509 = 0x0100,
CAP_TLS = 0x0200,
CAP_SASL = 0x0400
};
enum {
CBC = 0x0001,
CFB = 0x0002
};
enum {
Encrypt = 0x0001,
Decrypt = 0x0002
};
QCA_EXPORT void init();
QCA_EXPORT bool isSupported(int capabilities);
QCA_EXPORT void insertProvider(QCAProvider *);
QCA_EXPORT void unloadAllPlugins();
QCA_EXPORT QString arrayToHex(const QByteArray &);
QCA_EXPORT QByteArray hexToArray(const QString &);
class QCA_EXPORT Hash
{
public:
Hash(const Hash &);
Hash & operator=(const Hash &);
~Hash();
void clear();
void update(const QByteArray &a);
QByteArray final();
protected:
Hash(QCA_HashContext *);
private:
class Private;
Private *d;
};
template <class T>
class QCA_EXPORT HashStatic
{
public:
HashStatic<T>() {}
static QByteArray hash(const QByteArray &a)
{
T obj;
obj.update(a);
return obj.final();
}
static QByteArray hash(const QCString &cs)
{
QByteArray a(cs.length());
memcpy(a.data(), cs.data(), a.size());
return hash(a);
}
static QString hashToString(const QByteArray &a)
{
return arrayToHex(hash(a));
}
static QString hashToString(const QCString &cs)
{
return arrayToHex(hash(cs));
}
};
class QCA_EXPORT Cipher
{
public:
Cipher(const Cipher &);
Cipher & operator=(const Cipher &);
~Cipher();
QByteArray dyn_generateKey(int size=-1) const;
QByteArray dyn_generateIV() const;
void reset(int dir, int mode, const QByteArray &key, const QByteArray &iv, bool pad=true);
bool update(const QByteArray &a);
QByteArray final(bool *ok=0);
protected:
Cipher(QCA_CipherContext *, int dir, int mode, const QByteArray &key, const QByteArray &iv, bool pad);
private:
class Private;
Private *d;
};
template <class T>
class QCA_EXPORT CipherStatic
{
public:
CipherStatic<T>() {}
static QByteArray generateKey(int size=-1)
{
T obj;
return obj.dyn_generateKey(size);
}
static QByteArray generateIV()
{
T obj;
return obj.dyn_generateIV();
}
};
class QCA_EXPORT SHA1 : public Hash, public HashStatic<SHA1>
{
public:
SHA1();
};
class QCA_EXPORT SHA256 : public Hash, public HashStatic<SHA256>
{
public:
SHA256();
};
class QCA_EXPORT MD5 : public Hash, public HashStatic<MD5>
{
public:
MD5();
};
class QCA_EXPORT BlowFish : public Cipher, public CipherStatic<BlowFish>
{
public:
BlowFish(int dir=Encrypt, int mode=CBC, const QByteArray &key=QByteArray(), const QByteArray &iv=QByteArray(), bool pad=true);
};
class QCA_EXPORT TripleDES : public Cipher, public CipherStatic<TripleDES>
{
public:
TripleDES(int dir=Encrypt, int mode=CBC, const QByteArray &key=QByteArray(), const QByteArray &iv=QByteArray(), bool pad=true);
};
class QCA_EXPORT AES128 : public Cipher, public CipherStatic<AES128>
{
public:
AES128(int dir=Encrypt, int mode=CBC, const QByteArray &key=QByteArray(), const QByteArray &iv=QByteArray(), bool pad=true);
};
class QCA_EXPORT AES256 : public Cipher, public CipherStatic<AES256>
{
public:
AES256(int dir=Encrypt, int mode=CBC, const QByteArray &key=QByteArray(), const QByteArray &iv=QByteArray(), bool pad=true);
};
class RSA;
class QCA_EXPORT RSAKey
{
public:
RSAKey();
RSAKey(const RSAKey &from);
RSAKey & operator=(const RSAKey &from);
~RSAKey();
bool isNull() const;
bool havePublic() const;
bool havePrivate() const;
QByteArray toDER(bool publicOnly=false) const;
bool fromDER(const QByteArray &a);
QString toPEM(bool publicOnly=false) const;
bool fromPEM(const QString &);
// only call if you know what you are doing
bool fromNative(void *);
private:
class Private;
Private *d;
friend class RSA;
friend class TLS;
bool encrypt(const QByteArray &a, QByteArray *out, bool oaep) const;
bool decrypt(const QByteArray &a, QByteArray *out, bool oaep) const;
bool generate(unsigned int bits);
};
class QCA_EXPORT RSA
{
public:
RSA();
~RSA();
RSAKey key() const;
void setKey(const RSAKey &);
bool encrypt(const QByteArray &a, QByteArray *out, bool oaep=false) const;
bool decrypt(const QByteArray &a, QByteArray *out, bool oaep=false) const;
static RSAKey generateKey(unsigned int bits);
private:
RSAKey v_key;
};
typedef QMap<QString, QString> CertProperties;
class QCA_EXPORT Cert
{
public:
Cert();
Cert(const Cert &);
Cert & operator=(const Cert &);
~Cert();
bool isNull() const;
QString commonName() const;
QString serialNumber() const;
QString subjectString() const;
QString issuerString() const;
CertProperties subject() const;
CertProperties issuer() const;
QDateTime notBefore() const;
QDateTime notAfter() const;
QByteArray toDER() const;
bool fromDER(const QByteArray &a);
QString toPEM() const;
bool fromPEM(const QString &);
private:
class Private;
Private *d;
friend class TLS;
void fromContext(QCA_CertContext *);
};
class QCA_EXPORT TLS : public QObject
{
Q_OBJECT
public:
enum Validity {
NoCert,
Valid,
HostMismatch,
Rejected,
Untrusted,
SignatureFailed,
InvalidCA,
InvalidPurpose,
SelfSigned,
Revoked,
PathLengthExceeded,
Expired,
Unknown
};
enum Error { ErrHandshake, ErrCrypt };
TLS(QObject *parent=0);
~TLS();
void setCertificate(const Cert &cert, const RSAKey &key);
void setCertificateStore(const QPtrList<Cert> &store); // note: store must persist
void reset();
bool startClient(const QString &host="");
bool startServer();
void close();
bool isHandshaken() const;
// plain (application side)
void write(const QByteArray &a);
QByteArray read();
// encoded (socket side)
void writeIncoming(const QByteArray &a);
QByteArray readOutgoing();
QByteArray readUnprocessed();
// cert related
const Cert & peerCertificate() const;
int certificateValidityResult() const;
signals:
void handshaken();
void readyRead();
void readyReadOutgoing(int plainBytes);
void closed();
void error(int);
private slots:
void update();
private:
class Private;
Private *d;
};
class QCA_EXPORT SASL : public QObject
{
Q_OBJECT
public:
enum Error { ErrAuth, ErrCrypt };
enum ErrorCond {
NoMech,
BadProto,
BadServ,
BadAuth,
NoAuthzid,
TooWeak,
NeedEncrypt,
Expired,
Disabled,
NoUser,
RemoteUnavail
};
SASL(QObject *parent=0);
~SASL();
static void setAppName(const QString &name);
void reset();
int errorCondition() const;
// options
void setAllowPlain(bool);
void setAllowAnonymous(bool);
void setAllowActiveVulnerable(bool);
void setAllowDictionaryVulnerable(bool);
void setRequireForwardSecrecy(bool);
void setRequirePassCredentials(bool);
void setRequireMutualAuth(bool);
void setMinimumSSF(int);
void setMaximumSSF(int);
void setExternalAuthID(const QString &authid);
void setExternalSSF(int);
void setLocalAddr(const QHostAddress &addr, Q_UINT16 port);
void setRemoteAddr(const QHostAddress &addr, Q_UINT16 port);
// initialize
bool startClient(const QString &service, const QString &host, const QStringList &mechlist, bool allowClientSendFirst=true);
bool startServer(const QString &service, const QString &host, const QString &realm, QStringList *mechlist);
// authentication
void putStep(const QByteArray &stepData);
void putServerFirstStep(const QString &mech);
void putServerFirstStep(const QString &mech, const QByteArray &clientInit);
void setUsername(const QString &user);
void setAuthzid(const QString &auth);
void setPassword(const QString &pass);
void setRealm(const QString &realm);
void continueAfterParams();
void continueAfterAuthCheck();
// security layer
int ssf() const;
void write(const QByteArray &a);
QByteArray read();
void writeIncoming(const QByteArray &a);
QByteArray readOutgoing();
signals:
// for authentication
void clientFirstStep(const QString &mech, const QByteArray *clientInit);
void nextStep(const QByteArray &stepData);
void needParams(bool user, bool authzid, bool pass, bool realm);
void authCheck(const QString &user, const QString &authzid);
void authenticated();
// for security layer
void readyRead();
void readyReadOutgoing(int plainBytes);
// error
void error(int);
private slots:
void tryAgain();
private:
class Private;
Private *d;
void handleServerFirstStep(int r);
};
};
#endif
syntax highlighted by Code2HTML, v. 0.9.1