2003-09-17 01:02:09 +00:00
|
|
|
/*
|
|
|
|
|
* qcaprovider.h - QCA Plugin API
|
2004-10-28 04:28:20 +00:00
|
|
|
* Copyright (C) 2003,2004 Justin Karneges
|
2003-09-17 01:02:09 +00:00
|
|
|
*
|
|
|
|
|
* This library is free software; you can redistribute it and/or
|
|
|
|
|
* modify it under the terms of the GNU Lesser General Public
|
|
|
|
|
* License as published by the Free Software Foundation; either
|
|
|
|
|
* version 2.1 of the License, or (at your option) any later version.
|
|
|
|
|
*
|
|
|
|
|
* This library is distributed in the hope that it will be useful,
|
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
|
|
|
* Lesser General Public License for more details.
|
|
|
|
|
*
|
|
|
|
|
* You should have received a copy of the GNU Lesser General Public
|
|
|
|
|
* License along with this library; if not, write to the Free Software
|
|
|
|
|
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
|
|
|
|
*
|
|
|
|
|
*/
|
|
|
|
|
|
2003-07-02 03:34:11 +00:00
|
|
|
#ifndef QCAPROVIDER_H
|
|
|
|
|
#define QCAPROVIDER_H
|
|
|
|
|
|
2004-10-28 04:28:20 +00:00
|
|
|
#include <qstring.h>
|
|
|
|
|
#include <qdatetime.h>
|
|
|
|
|
#include <qobject.h>
|
|
|
|
|
#include <qhostaddress.h>
|
|
|
|
|
#include "qca.h"
|
2003-07-02 03:34:11 +00:00
|
|
|
|
2004-11-09 08:02:13 +00:00
|
|
|
#include <limits>
|
|
|
|
|
|
2004-11-01 02:34:50 +00:00
|
|
|
#define QCA_PLUGIN_VERSION 2
|
2003-09-17 01:02:09 +00:00
|
|
|
|
2004-11-02 06:37:45 +00:00
|
|
|
#define QCA_EXPORT_PLUGIN(P) \
|
2004-11-02 06:47:42 +00:00
|
|
|
QCA_PLUGIN_EXPORT QCA::Provider *createProvider2() { return new P; } \
|
2004-11-02 06:37:45 +00:00
|
|
|
QCA_PLUGIN_EXPORT int version() { return QCA_PLUGIN_VERSION; }
|
|
|
|
|
|
2004-10-28 04:28:20 +00:00
|
|
|
namespace QCA {
|
|
|
|
|
|
|
|
|
|
class RandomContext : public Provider::Context
|
|
|
|
|
{
|
|
|
|
|
public:
|
|
|
|
|
RandomContext(Provider *p) : Provider::Context(p, "random") {}
|
|
|
|
|
virtual QSecureArray nextBytes(int size, Random::Quality q) = 0;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
class HashContext : public Provider::Context
|
|
|
|
|
{
|
|
|
|
|
public:
|
|
|
|
|
HashContext(Provider *p, const QString &type) : Provider::Context(p, type) {}
|
|
|
|
|
virtual void clear() = 0;
|
|
|
|
|
virtual void update(const QSecureArray &a) = 0;
|
|
|
|
|
virtual QSecureArray final() = 0;
|
|
|
|
|
};
|
|
|
|
|
|
2004-10-29 22:51:30 +00:00
|
|
|
class CipherContext : public Provider::Context
|
|
|
|
|
{
|
|
|
|
|
public:
|
2004-11-17 00:28:34 +00:00
|
|
|
enum Mode { CBC, CFB, ECB };
|
2004-10-29 22:51:30 +00:00
|
|
|
CipherContext(Provider *p, const QString &type) : Provider::Context(p, type) {}
|
|
|
|
|
virtual void setup(const SymmetricKey &key, Mode m, Direction dir, const InitializationVector &iv, bool pad) = 0;
|
|
|
|
|
virtual KeyLength keyLength() const = 0;
|
|
|
|
|
virtual int blockSize() const = 0;
|
|
|
|
|
|
|
|
|
|
virtual bool update(const QSecureArray &in, QSecureArray *out) = 0;
|
|
|
|
|
virtual bool final(QSecureArray *out) = 0;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
class MACContext : public Provider::Context
|
|
|
|
|
{
|
|
|
|
|
public:
|
|
|
|
|
MACContext(Provider *p, const QString &type) : Provider::Context(p, type) {}
|
|
|
|
|
virtual void setup(const SymmetricKey &key) = 0;
|
|
|
|
|
virtual KeyLength keyLength() const = 0;
|
|
|
|
|
|
|
|
|
|
virtual void update(const QSecureArray &in) = 0;
|
|
|
|
|
virtual void final(QSecureArray *out) = 0;
|
2004-11-09 08:02:13 +00:00
|
|
|
protected:
|
|
|
|
|
KeyLength anyKeyLength() const
|
|
|
|
|
{
|
|
|
|
|
// this is used instead of a default implementation to make sure that
|
|
|
|
|
// provider authors think about it, at least a bit.
|
|
|
|
|
// See Meyers, Effective C++, Effective C++ (2nd Ed), Item 36
|
|
|
|
|
return KeyLength( 0, std::numeric_limits<int>::max(), 1 );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2004-10-29 22:51:30 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
class PKeyBase : public Provider::Context
|
|
|
|
|
{
|
|
|
|
|
public:
|
|
|
|
|
PKeyBase(Provider *p, const QString &type) : Provider::Context(p, type) {}
|
|
|
|
|
virtual bool isNull() const = 0;
|
|
|
|
|
virtual bool isPrivate() const = 0;
|
|
|
|
|
virtual void convertToPublic() = 0;
|
|
|
|
|
|
|
|
|
|
// encrypt/decrypt
|
|
|
|
|
virtual int maximumEncryptSize() const;
|
|
|
|
|
virtual QSecureArray encrypt(const QSecureArray &in);
|
|
|
|
|
virtual bool decrypt(const QSecureArray &in, QSecureArray *out);
|
|
|
|
|
|
|
|
|
|
// sign / verify
|
|
|
|
|
virtual void startSign();
|
|
|
|
|
virtual void startVerify();
|
|
|
|
|
virtual void update(const QSecureArray &in);
|
|
|
|
|
virtual QSecureArray endSign();
|
|
|
|
|
virtual bool endVerify(const QSecureArray &sig);
|
|
|
|
|
|
|
|
|
|
// key agreement
|
2004-10-31 10:04:44 +00:00
|
|
|
virtual SymmetricKey deriveKey(const PKeyBase &theirs);
|
2004-10-29 22:51:30 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
class RSAContext : public PKeyBase
|
|
|
|
|
{
|
|
|
|
|
public:
|
|
|
|
|
RSAContext(Provider *p) : PKeyBase(p, "rsa") {}
|
|
|
|
|
virtual void createPrivate(int bits, int exp, void (*cb)(RSAContext *c)) = 0;
|
|
|
|
|
virtual void createPrivate(const QBigInteger &p, const QBigInteger &q, const QBigInteger &d, const QBigInteger &n, const QBigInteger &e) = 0;
|
|
|
|
|
virtual void createPublic(const QBigInteger &n, const QBigInteger &e) = 0;
|
|
|
|
|
virtual QBigInteger p() const = 0;
|
|
|
|
|
virtual QBigInteger q() const = 0;
|
|
|
|
|
virtual QBigInteger d() const = 0;
|
|
|
|
|
virtual QBigInteger n() const = 0;
|
|
|
|
|
virtual QBigInteger e() const = 0;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
class DSAContext : public PKeyBase
|
|
|
|
|
{
|
|
|
|
|
public:
|
|
|
|
|
DSAContext(Provider *p) : PKeyBase(p, "dsa") {}
|
|
|
|
|
virtual void createPrivate(DL_Group group, void (*cb)(DSAContext *c)) = 0;
|
|
|
|
|
virtual void createPrivate(DL_Group group, const QBigInteger &x, const QBigInteger &y) = 0;
|
|
|
|
|
virtual void createPublic(DL_Group group, const QBigInteger &y) = 0;
|
|
|
|
|
virtual DL_Group domain() const = 0;
|
|
|
|
|
virtual QBigInteger x() const = 0;
|
|
|
|
|
virtual QBigInteger y() const = 0;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
class DHContext : public PKeyBase
|
|
|
|
|
{
|
|
|
|
|
public:
|
|
|
|
|
DHContext(Provider *p) : PKeyBase(p, "dh") {}
|
|
|
|
|
virtual void createPrivate(DL_Group group, void (*cb)(DHContext *c)) = 0;
|
|
|
|
|
virtual void createPrivate(DL_Group group, const QBigInteger &x, const QBigInteger &y) = 0;
|
|
|
|
|
virtual void createPublic(DL_Group group, const QBigInteger &y) = 0;
|
|
|
|
|
virtual DL_Group domain() const = 0;
|
|
|
|
|
virtual QBigInteger x() const = 0;
|
|
|
|
|
virtual QBigInteger y() const = 0;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
class PKeyContext : public Provider::Context
|
|
|
|
|
{
|
|
|
|
|
public:
|
|
|
|
|
enum Type { RSA, DSA, DH };
|
|
|
|
|
enum ConvertResult { Good, ErrDecode, ErrPassphrase };
|
|
|
|
|
PKeyContext(Provider *p) : Provider::Context(p, "pkey") {}
|
|
|
|
|
|
|
|
|
|
virtual PKeyBase *key() const = 0;
|
|
|
|
|
virtual Type type() const = 0;
|
|
|
|
|
virtual void setKey(PKeyBase *key) = 0;
|
|
|
|
|
|
|
|
|
|
// import / export
|
|
|
|
|
virtual QSecureArray publicToDER() const = 0;
|
|
|
|
|
virtual QString publicToPEM() const = 0;
|
|
|
|
|
virtual ConvertResult publicFromDER(const QSecureArray &a) = 0;
|
|
|
|
|
virtual ConvertResult publicFromPEM(const QString &s) = 0;
|
|
|
|
|
virtual QSecureArray privateToDER(const QString &passphrase) const = 0;
|
|
|
|
|
virtual QString privateToPEM(const QString &passphrase) const = 0;
|
|
|
|
|
virtual ConvertResult privateFromDER(const QSecureArray &a, const QString &passphrase) = 0;
|
|
|
|
|
virtual ConvertResult privateFromPEM(const QString &s, const QString &passphrase) = 0;
|
|
|
|
|
};
|
|
|
|
|
|
2004-10-31 10:04:44 +00:00
|
|
|
class CertContext : public Provider::Context
|
2004-10-29 22:51:30 +00:00
|
|
|
{
|
|
|
|
|
public:
|
2004-10-31 10:04:44 +00:00
|
|
|
typedef QMap<QString, QString> Info;
|
2004-10-29 22:51:30 +00:00
|
|
|
enum ConvertResult { Good, ErrDecode };
|
2004-10-31 10:04:44 +00:00
|
|
|
CertContext(Provider *p) : Provider::Context(p, "cert") {}
|
2004-10-29 22:51:30 +00:00
|
|
|
|
|
|
|
|
virtual int version() const = 0;
|
|
|
|
|
virtual QDateTime notValidBefore() const = 0;
|
|
|
|
|
virtual QDateTime notValidAfter() const = 0;
|
|
|
|
|
|
2004-10-31 10:04:44 +00:00
|
|
|
virtual Info subjectInfo() const = 0;
|
|
|
|
|
virtual Info issuerInfo() const = 0;
|
2004-10-29 22:51:30 +00:00
|
|
|
|
|
|
|
|
virtual QString commonName() const = 0;
|
|
|
|
|
virtual QBigInteger serialNumber() const = 0;
|
2004-10-31 10:04:44 +00:00
|
|
|
virtual PKeyContext *subjectPublicKey() const = 0;
|
2004-10-29 22:51:30 +00:00
|
|
|
|
|
|
|
|
// import / export
|
|
|
|
|
virtual QSecureArray toDER() const = 0;
|
|
|
|
|
virtual QString toPEM() const = 0;
|
|
|
|
|
virtual ConvertResult fromDER(const QSecureArray &a) = 0;
|
|
|
|
|
virtual ConvertResult fromPEM(const QString &s) = 0;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
class CRLContext : public Provider::Context
|
|
|
|
|
{
|
|
|
|
|
public:
|
|
|
|
|
enum ConvertResult { Good, ErrDecode };
|
2004-10-31 10:04:44 +00:00
|
|
|
CRLContext(Provider *p) : Provider::Context(p, "crl") {}
|
2004-10-29 22:51:30 +00:00
|
|
|
|
|
|
|
|
// import / export
|
|
|
|
|
virtual QSecureArray toDER() const = 0;
|
|
|
|
|
virtual QString toPEM() const = 0;
|
|
|
|
|
virtual ConvertResult fromDER(const QSecureArray &a) = 0;
|
|
|
|
|
virtual ConvertResult fromPEM(const QString &s) = 0;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
class StoreContext : public Provider::Context
|
|
|
|
|
{
|
|
|
|
|
public:
|
2004-10-31 10:04:44 +00:00
|
|
|
StoreContext(Provider *p) : Provider::Context(p, "store") {}
|
2004-10-29 22:51:30 +00:00
|
|
|
|
2004-10-31 10:04:44 +00:00
|
|
|
virtual void addCertificate(const CertContext &cert, bool trusted) = 0;
|
|
|
|
|
virtual void addCRL(const CRLContext &crl) = 0;
|
|
|
|
|
virtual CertValidity validate(const CertContext &cert, CertUsage u) const = 0;
|
|
|
|
|
};
|
2004-10-29 22:51:30 +00:00
|
|
|
|
2004-10-31 10:04:44 +00:00
|
|
|
class TLSContext : public Provider::Context
|
2004-10-29 22:51:30 +00:00
|
|
|
{
|
|
|
|
|
public:
|
|
|
|
|
enum Result { Success, Error, Continue };
|
2004-10-31 10:04:44 +00:00
|
|
|
TLSContext(Provider *p) : Provider::Context(p, "tls") {}
|
2004-10-29 22:51:30 +00:00
|
|
|
|
|
|
|
|
virtual void reset() = 0;
|
2004-10-31 10:04:44 +00:00
|
|
|
virtual bool startClient(const StoreContext &store, const CertContext &cert, const PKeyContext &key) = 0;
|
|
|
|
|
virtual bool startServer(const StoreContext &store, const CertContext &cert, const PKeyContext &key) = 0;
|
2004-10-29 22:51:30 +00:00
|
|
|
|
|
|
|
|
virtual int handshake(const QByteArray &in, QByteArray *out) = 0;
|
|
|
|
|
virtual int shutdown(const QByteArray &in, QByteArray *out) = 0;
|
2004-10-31 10:04:44 +00:00
|
|
|
virtual bool encode(const QSecureArray &plain, QByteArray *to_net, int *encoded) = 0;
|
|
|
|
|
virtual bool decode(const QByteArray &from_net, QSecureArray *plain, QByteArray *to_net) = 0;
|
2004-10-29 22:51:30 +00:00
|
|
|
virtual bool eof() const = 0;
|
2004-10-31 10:04:44 +00:00
|
|
|
virtual QSecureArray unprocessed() = 0;
|
2004-10-29 22:51:30 +00:00
|
|
|
|
|
|
|
|
virtual CertValidity peerCertificateValidity() const = 0;
|
2004-10-31 10:04:44 +00:00
|
|
|
virtual CertContext *peerCertificate() const = 0;
|
2004-10-29 22:51:30 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
class SASLContext : public Provider::Context
|
|
|
|
|
{
|
|
|
|
|
public:
|
2004-10-31 10:04:44 +00:00
|
|
|
struct HostPort
|
|
|
|
|
{
|
|
|
|
|
QHostAddress addr;
|
|
|
|
|
Q_UINT16 port;
|
|
|
|
|
};
|
|
|
|
|
struct AuthParams
|
|
|
|
|
{
|
|
|
|
|
bool user, authzid, pass, realm;
|
|
|
|
|
};
|
|
|
|
|
enum Result
|
|
|
|
|
{
|
|
|
|
|
Success,
|
|
|
|
|
Error,
|
|
|
|
|
NeedParams,
|
|
|
|
|
AuthCheck,
|
|
|
|
|
Continue
|
|
|
|
|
};
|
|
|
|
|
enum AuthError
|
|
|
|
|
{
|
|
|
|
|
NoMech,
|
|
|
|
|
BadProto,
|
|
|
|
|
BadServ,
|
|
|
|
|
BadAuth,
|
|
|
|
|
NoAuthzid,
|
|
|
|
|
TooWeak,
|
|
|
|
|
NeedEncrypt,
|
|
|
|
|
Expired,
|
|
|
|
|
Disabled,
|
|
|
|
|
NoUser,
|
|
|
|
|
RemoteUnavail
|
|
|
|
|
};
|
|
|
|
|
SASLContext(Provider *p) : Provider::Context(p, "sasl") {}
|
2004-10-29 22:51:30 +00:00
|
|
|
|
|
|
|
|
// common
|
|
|
|
|
virtual void reset() = 0;
|
2004-10-31 10:04:44 +00:00
|
|
|
virtual void setCoreProps(const QString &service, const QString &host, HostPort *local, HostPort *remote) = 0;
|
2004-10-29 22:51:30 +00:00
|
|
|
virtual void setSecurityProps(bool noPlain, bool noActive, bool noDict, bool noAnon, bool reqForward, bool reqCreds, bool reqMutual, int ssfMin, int ssfMax, const QString &_ext_authid, int _ext_ssf) = 0;
|
|
|
|
|
virtual int security() const = 0;
|
2004-10-31 10:04:44 +00:00
|
|
|
virtual AuthError authError() const = 0;
|
2004-10-29 22:51:30 +00:00
|
|
|
|
|
|
|
|
// init / first step
|
|
|
|
|
virtual bool clientStart(const QStringList &mechlist) = 0;
|
|
|
|
|
virtual int clientFirstStep(bool allowClientSendFirst) = 0;
|
|
|
|
|
virtual bool serverStart(const QString &realm, QStringList *mechlist, const QString &name) = 0;
|
|
|
|
|
virtual int serverFirstStep(const QString &mech, const QByteArray *in) = 0;
|
|
|
|
|
|
|
|
|
|
// get / set params
|
2004-10-31 10:04:44 +00:00
|
|
|
virtual AuthParams clientParamsNeeded() const = 0;
|
|
|
|
|
virtual void setClientParams(const QString *user, const QString *authzid, const QSecureArray *pass, const QString *realm) = 0;
|
|
|
|
|
virtual QString username() const = 0;
|
|
|
|
|
virtual QString authzid() const = 0;
|
2004-10-29 22:51:30 +00:00
|
|
|
|
|
|
|
|
// continue steps
|
|
|
|
|
virtual int nextStep(const QByteArray &in) = 0;
|
|
|
|
|
virtual int tryAgain() = 0;
|
|
|
|
|
|
|
|
|
|
// results
|
|
|
|
|
virtual QString mech() const = 0;
|
|
|
|
|
virtual const QByteArray *clientInit() const = 0;
|
|
|
|
|
virtual QByteArray result() const = 0;
|
|
|
|
|
|
|
|
|
|
// security layer
|
2004-10-31 10:04:44 +00:00
|
|
|
virtual bool encode(const QSecureArray &in, QByteArray *out) = 0;
|
|
|
|
|
virtual bool decode(const QByteArray &in, QSecureArray *out) = 0;
|
|
|
|
|
};
|
2004-10-29 22:51:30 +00:00
|
|
|
|
2004-10-28 04:28:20 +00:00
|
|
|
}
|
|
|
|
|
|
2003-07-02 03:34:11 +00:00
|
|
|
#endif
|
