include » QtCrypto

qca_securelayer.h

Go to the documentation of this file.
00001 /*
00002  * qca_securelayer.h - Qt Cryptographic Architecture
00003  * Copyright (C) 2003-2007  Justin Karneges <justin@affinix.com>
00004  * Copyright (C) 2004-2006  Brad Hards <bradh@frogmouth.net>
00005  *
00006  * This library is free software; you can redistribute it and/or
00007  * modify it under the terms of the GNU Lesser General Public
00008  * License as published by the Free Software Foundation; either
00009  * version 2.1 of the License, or (at your option) any later version.
00010  *
00011  * This library is distributed in the hope that it will be useful,
00012  * but WITHOUT ANY WARRANTY; without even the implied warranty of
00013  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
00014  * Lesser General Public License for more details.
00015  *
00016  * You should have received a copy of the GNU Lesser General Public
00017  * License along with this library; if not, write to the Free Software
00018  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA
00019  *
00020  */
00021 
00031 #ifndef QCA_SECURELAYER_H
00032 #define QCA_SECURELAYER_H
00033 
00034 #include <QObject>
00035 #include "qca_core.h"
00036 #include "qca_publickey.h"
00037 #include "qca_cert.h"
00038 
00039 namespace QCA {
00040 
00058 enum SecurityLevel
00059 {
00060         SL_None,      
00061         SL_Integrity, 
00062         SL_Export,    
00063         SL_Baseline,  
00064         SL_High,      
00065         SL_Highest    
00066 };
00067 
00103 class QCA_EXPORT SecureLayer : public QObject
00104 {
00105         Q_OBJECT
00106 public:
00113         SecureLayer(QObject *parent = 0);
00114 
00118         virtual bool isClosable() const;
00119 
00124         virtual int bytesAvailable() const = 0;
00125 
00130         virtual int bytesOutgoingAvailable() const = 0;
00131 
00139         virtual void close();
00140 
00146         virtual void write(const QByteArray &a) = 0;
00147 
00154         virtual QByteArray read() = 0;
00155 
00163         virtual void writeIncoming(const QByteArray &a) = 0;
00164 
00172         virtual QByteArray readOutgoing(int *plainBytes = 0) = 0;
00173 
00181         virtual QByteArray readUnprocessed();
00182 
00186         virtual int convertBytesWritten(qint64 encryptedBytes) = 0;
00187 
00188 Q_SIGNALS:
00195         void readyRead();
00196 
00203         void readyReadOutgoing();
00204 
00209         void closed();
00210 
00215         void error();
00216 
00217 private:
00218         Q_DISABLE_COPY(SecureLayer)
00219 };
00220 
00229 class QCA_EXPORT TLSSession : public Algorithm
00230 {
00231 public:
00232         TLSSession();
00233 
00239         TLSSession(const TLSSession &from);
00240 
00241         ~TLSSession();
00242 
00248         TLSSession & operator=(const TLSSession &from);
00249 
00253         bool isNull() const;
00254 };
00255 
00278 class QCA_EXPORT TLS : public SecureLayer, public Algorithm
00279 {
00280         Q_OBJECT
00281 public:
00285         enum Mode
00286         {
00287                 Stream,  
00288                 Datagram 
00289         };
00290 
00294         enum Version
00295         {
00296                 TLS_v1, 
00297                 SSL_v3, 
00298                 SSL_v2, 
00299                 DTLS_v1 
00300         };
00301 
00305         enum Error
00306         {
00307                 ErrorSignerExpired,   
00308                 ErrorSignerInvalid,   
00309                 ErrorCertKeyMismatch, 
00310                 ErrorInit,            
00311                 ErrorHandshake,       
00312                 ErrorCrypt            
00313         };
00314 
00318         enum IdentityResult
00319         {
00320                 Valid,              
00321                 HostMismatch,       
00322                 InvalidCertificate, 
00323                 NoCertificate       
00324         };
00325 
00337         explicit TLS(QObject *parent = 0, const QString &provider = QString());
00338 
00350         explicit TLS(Mode mode, QObject *parent = 0, const QString &provider = QString());
00351 
00355         ~TLS();
00356 
00360         void reset();
00361 
00376         QStringList supportedCipherSuites(const Version &version = TLS_v1) const;
00377 
00391         void setCertificate(const CertificateChain &cert, const PrivateKey &key);
00392 
00398         void setCertificate(const KeyBundle &kb);
00399 
00403         CertificateCollection trustedCertificates() const;
00404 
00416         void setTrustedCertificates(const CertificateCollection &trusted);
00417 
00423         void setConstraints(SecurityLevel s);
00424 
00433         void setConstraints(int minSSF, int maxSSF);
00434 
00445         void setConstraints(const QStringList &cipherSuiteList);
00446 
00469         QList<CertificateInfoOrdered> issuerList() const;
00470 
00475         void setIssuerList(const QList<CertificateInfoOrdered> &issuers);
00476 
00480         void setSession(const TLSSession &session);
00481 
00487         bool canCompress() const;
00488 
00495         bool canSetHostName() const;
00496 
00504         bool compressionEnabled() const;
00505 
00512         void setCompressionEnabled(bool b);
00513 
00518         QString hostName() const;
00519 
00539         void startClient(const QString &host = QString());
00540 
00544         void startServer();
00545 
00555         void continueAfterStep();
00556 
00564         bool isHandshaken() const;
00565 
00571         bool isCompressed() const;
00572 
00576         Version version() const;
00577 
00584         QString cipherSuite() const;
00585 
00595         int cipherBits() const;
00596 
00603         int cipherMaxBits() const;
00604 
00609         TLSSession session() const;
00610 
00616         Error errorCode() const;
00617 
00635         IdentityResult peerIdentityResult() const;
00636 
00645         Validity peerCertificateValidity() const;
00646 
00651         CertificateChain localCertificateChain() const;
00652 
00657         PrivateKey localPrivateKey() const;
00658 
00663         CertificateChain peerCertificateChain() const;
00664 
00665         // reimplemented
00666         virtual bool isClosable() const;
00667         virtual int bytesAvailable() const;
00668         virtual int bytesOutgoingAvailable() const;
00669         virtual void close();
00670         virtual void write(const QByteArray &a);
00671         virtual QByteArray read();
00672         virtual void writeIncoming(const QByteArray &a);
00673         virtual QByteArray readOutgoing(int *plainBytes = 0);
00674         virtual QByteArray readUnprocessed();
00675         virtual int convertBytesWritten(qint64 encryptedBytes);
00676 
00683         int packetsAvailable() const;
00684 
00691         int packetsOutgoingAvailable() const;
00692 
00698         int packetMTU() const;
00699 
00707         void setPacketMTU(int size) const;
00708 
00709 Q_SIGNALS:
00721         void hostNameReceived();
00722 
00734         void certificateRequested();
00735 
00746         void peerCertificateAvailable();
00747 
00759         void handshaken();
00760 
00761 protected:
00768         void connectNotify(const char *signal);
00769 
00776         void disconnectNotify(const char *signal);
00777 
00778 private:
00779         Q_DISABLE_COPY(TLS)
00780 
00781         class Private;
00782         friend class Private;
00783         Private *d;
00784 };
00785 
00813 class QCA_EXPORT SASL : public SecureLayer, public Algorithm
00814 {
00815         Q_OBJECT
00816 public:
00820         enum Error
00821         {
00822                 ErrorInit,      
00823                 ErrorHandshake, 
00824                 ErrorCrypt      
00825         };
00826 
00830         enum AuthCondition
00831         {
00832                 AuthFail,          
00833                 NoMechanism,       
00834                 BadProtocol,       
00835                 BadServer,         
00836                 BadAuth,           
00837                 NoAuthzid,         
00838                 TooWeak,           
00839                 NeedEncrypt,       
00840                 Expired,           
00841                 Disabled,          
00842                 NoUser,            
00843                 RemoteUnavailable  
00844         };
00845 
00849         enum AuthFlags
00850         {
00851                 AuthFlagsNone          = 0x00,
00852                 AllowPlain             = 0x01,
00853                 AllowAnonymous         = 0x02,
00854                 RequireForwardSecrecy  = 0x04,
00855                 RequirePassCredentials = 0x08,
00856                 RequireMutualAuth      = 0x10,
00857                 RequireAuthzidSupport  = 0x20  // server-only
00858         };
00859 
00863         enum ClientSendMode
00864         {
00865                 AllowClientSendFirst,
00866                 DisableClientSendFirst
00867         };
00868 
00872         enum ServerSendMode
00873         {
00874                 AllowServerSendLast,
00875                 DisableServerSendLast
00876         };
00877 
00888         class QCA_EXPORT Params
00889         {
00890         public:
00891                 Params();
00892 
00904                 Params(bool user, bool authzid, bool pass, bool realm);
00905 
00911                 Params(const Params &from);
00912                 ~Params();
00913 
00919                 Params & operator=(const Params &from);
00920 
00924                 bool needUsername() const;
00925 
00929                 bool canSendAuthzid() const;
00930 
00934                 bool needPassword() const;
00935 
00939                 bool canSendRealm() const;
00940 
00941         private:
00942                 class Private;
00943                 Private *d;
00944         };
00945 
00954         SASL(QObject *parent = 0, const QString &provider = QString());
00955         ~SASL();
00956 
00960         void reset();
00961 
00974         void setConstraints(AuthFlags f, SecurityLevel s = SL_None);
00975 
00991         void setConstraints(AuthFlags f, int minSSF, int maxSSF);
00992 
00999         void setLocalAddress(const QString &addr, quint16 port);
01000 
01007         void setRemoteAddress(const QString &addr, quint16 port);
01008 
01014         void setExternalAuthId(const QString &authid);
01015 
01022         void setExternalSSF(int strength);
01023 
01035         void startClient(const QString &service, const QString &host, const QStringList &mechlist, ClientSendMode mode = AllowClientSendFirst);
01036 
01048         void startServer(const QString &service, const QString &host, const QString &realm, ServerSendMode mode = DisableServerSendLast);
01049 
01057         void putServerFirstStep(const QString &mech);
01058 
01066         void putServerFirstStep(const QString &mech, const QByteArray &clientInit);
01067 
01075         void putStep(const QByteArray &stepData);
01076 
01080         QString mechanism() const;
01081 
01085         QStringList mechanismList() const;
01086 
01090         QStringList realmList() const;
01091 
01095         int ssf() const;
01096 
01100         Error errorCode() const;
01101 
01105         AuthCondition authCondition() const;
01106 
01112         void setUsername(const QString &user);
01113 
01119         void setAuthzid(const QString &auth);
01120 
01126         void setPassword(const SecureArray &pass);
01127 
01133         void setRealm(const QString &realm);
01134 
01138         void continueAfterParams();
01139 
01143         void continueAfterAuthCheck();
01144 
01145         // reimplemented
01146         virtual int bytesAvailable() const;
01147         virtual int bytesOutgoingAvailable() const;
01148         virtual void write(const QByteArray &a);
01149         virtual QByteArray read();
01150         virtual void writeIncoming(const QByteArray &a);
01151         virtual QByteArray readOutgoing(int *plainBytes = 0);
01152         virtual int convertBytesWritten(qint64 encryptedBytes);
01153 
01154 Q_SIGNALS:
01159         void clientStarted(bool clientInit, const QByteArray &clientInitData);
01160 
01165         void serverStarted();
01166 
01174         void nextStep(const QByteArray &stepData);
01175 
01183         void needParams(const QCA::SASL::Params &params);
01184 
01191         void authCheck(const QString &user, const QString &authzid);
01192 
01196         void authenticated();
01197 
01198 private:
01199         Q_DISABLE_COPY(SASL)
01200 
01201         class Private;
01202         friend class Private;
01203         Private *d;
01204 };
01205 
01206 }
01207 
01208 #endif
Generated on Tue Aug 28 08:19:59 2007 for Qt Cryptographic Architecture by  doxygen 1.5.2