switch to incremental operations

svn path=/trunk/kdesupport/qca/; revision=376655
2025-04-28 20:44:31 +00:00 · 2005-01-08 23:38:02 +00:00 · 2005-01-08 23:38:02 +00:00 · 94016e2c38
commit 94016e2c38
parent 6a0dd9cc2a
3 changed files with 164 additions and 41 deletions
--- a/5
+++ b/5
@ -10,7 +10,9 @@
  add Base64
  add QCA::systemStore() and haveSystemStore()

-* Threading consideration (safety, usability) in API and plugins
+* Considerations
+  threading (safety, usability) in API and plugins
+  smart cards, external keyring drives

 * finish API:
  cert/crl: Distinguished Names (Botan has X509_DN)
@ -20,6 +22,7 @@
  store: ability to combine stores, iterate over certs?
  openpgp: be sure to support key expiration and validity
  smime
+  pkcs12 format support

 * finish code for APIs:
  cipher - needs to handling padding
--- a/include/QtCrypto/qca_securemessage.h
+++ b/include/QtCrypto/qca_securemessage.h
@ -33,11 +33,17 @@ namespace QCA
 	class Certificate;
 	class Store;
 	class SecureMessageSystem;
+	typedef QValueList<Certificate> CertificateChain;

 	class SecureMessageKey
 	{
 	public:
-		enum Type { None, PGP, X509 };
+		enum Type
+		{
+			None,
+			PGP,
+			X509
+		};
 		SecureMessageKey();
 		SecureMessageKey(const SecureMessageKey &from);
 		~SecureMessageKey();
@ -52,9 +58,9 @@ namespace QCA
 		void setPGPSecretKey(const QString &id);

 		// x509
-		Certificate x509Certificate() const;
+		CertificateChain x509CertificateChain() const;
 		PrivateKey x509PrivateKey() const;
-		void setX509Certificate(const Certificate &c);
+		void setX509CertificateChain(const CertificateChain &c);
 		void setX509PrivateKey(const PrivateKey &k);

 		// generic
@ -72,32 +78,67 @@ namespace QCA
 	{
 		Q_OBJECT
 	public:
-		enum Mode { EncryptThenSign, SignThenEncrypt };
-		enum Error { ErrBadPassphrase, ErrUnknown };
-		enum VerifyResult { VerifyGood, VerifyBad, VerifyNoKey, VerifyError };
+		enum Order
+		{
+			EncryptThenSign,
+			SignThenEncrypt
+		};
+		enum Format
+		{
+			Binary, // DER/binary
+			Ascii   // PEM/ascii-armored
+		};
+		enum Error
+		{
+			ErrPassphrase, // passphrase was either wrong or not provided
+			ErrFormat,     // input format was bad
+			ErrSigner,     // signing key is expired or invalid
+			ErrUnknown     // other error
+		};
+		enum VerifyResult
+		{
+			Valid,   // indentity is verified, matches signature
+			Invalid, // valid key provided, but signature failed
+			BadKey,  // invalid key provided
+			NoKey,   // identity unknown
+		};
 		SecureMessage(SecureMessageSystem *system);
 		~SecureMessage();

-		bool canEncryptMultiple() const; // can smime do multiple?
-		void encrypt(const QSecureArray &in, const SecureMessageKey &key);
-		void encrypt(const QSecureArray &in, const SecureMessageKeyList &keys);
-		void encryptAndSign(const QSecureArray &in, const SecureMessageKey &key, const SecureMessageKey &signer, Mode m = EncryptThenSign);
-		void encryptAndSign(const QSecureArray &in, const SecureMessageKeyList &keys, const SecureMessageKey &signer, Mode m = EncryptThenSign);
-		void decrypt(const QString &in);
-		void sign(const QSecureArray &in, const SecureMessageKey &signer);
-		void verify(const QSecureArray &in, const QString &sig);
+		bool canSignMultiple() const;     // PGP can't sign multiple
+		void setEnableBundleSigner(bool); // Bundle S/MIME certificate chain (default true)
+		void setFormat(Format f);         // (default Binary)
+		void setRecipient(const SecureMessageKey &key);
+		void setRecipients(const SecureMessageKeyList &keys);
+		void setSigner(const SecureMessageKey &key);
+		void setSigners(const SecureMessageKeyList &keys);
+
+		void startEncrypt();
+		void startDecrypt();
+		void startSign(bool detachedSignature = true);
+		void startVerify(const QSecureArray &sig = QSecureArray());
+		void startEncryptAndSign(Order o = EncryptThenSign);
+		void startDecryptAndVerify(Order o = EncryptThenSign);
+		void update(const QSecureArray &in);
+		QSecureArray read(int size = -1);
+		int bytesAvailable() const;
+		void end();
 		bool waitForFinished();

 		bool success() const;
 		Error errorCode() const;
-		QString encrypted() const;
-		QSecureArray decrypted() const;
-		QString signature() const;
+
+		// sign
+		QSecureArray signature() const;
+
+		// verify
+		VerifyResult verifyResult() const;
+		CertValidity keyValidity() const;
 		SecureMessageKey key() const;
 		QDateTime timestamp() const;
-		VerifyResult verifyResult();

 	signals:
+		void readyRead();
 		void finished();

 	public:
@ -141,6 +182,7 @@ namespace QCA
 		~SMIME();

 		void setStore(const Store &store);
+		void setPrivateKeys(const QValueList<PrivateKey> &keys);
 	};
 }

--- a/src/qca_securemessage.cpp
+++ b/src/qca_securemessage.cpp
@ -75,9 +75,9 @@ void SecureMessageKey::setPGPSecretKey(const QString &id)
 	Q_UNUSED(id);
 }

-Certificate SecureMessageKey::x509Certificate() const
+CertificateChain SecureMessageKey::x509CertificateChain() const
 {
-	return Certificate();
+	return CertificateChain();
 }

 PrivateKey SecureMessageKey::x509PrivateKey() const
@ -85,7 +85,7 @@ PrivateKey SecureMessageKey::x509PrivateKey() const
 	return PrivateKey();
 }

-void SecureMessageKey::setX509Certificate(const Certificate &c)
+void SecureMessageKey::setX509CertificateChain(const CertificateChain &c)
 {
 	Q_UNUSED(c);
 }
@ -122,12 +122,7 @@ SecureMessage::~SecureMessage()
 {
 }

-bool SecureMessage::canEncryptMultiple() const
-{
-	return false;
-}
-
-void SecureMessage::encrypt(const QSecureArray &in, const SecureMessageKey &key)
+/*void SecureMessage::encrypt(const QSecureArray &in, const SecureMessageKey &key)
 {
 	Q_UNUSED(in);
 	Q_UNUSED(key);
@ -170,6 +165,89 @@ void SecureMessage::verify(const QSecureArray &in, const QString &sig)
 {
 	Q_UNUSED(in);
 	Q_UNUSED(sig);
+}*/
+
+bool SecureMessage::canSignMultiple() const
+{
+	return false;
+}
+
+void SecureMessage::setEnableBundleSigner(bool b)
+{
+	Q_UNUSED(b);
+}
+
+void SecureMessage::setFormat(Format f)
+{
+	Q_UNUSED(f);
+}
+
+void SecureMessage::setRecipient(const SecureMessageKey &key)
+{
+	Q_UNUSED(key);
+}
+
+void SecureMessage::setRecipients(const SecureMessageKeyList &keys)
+{
+	Q_UNUSED(keys);
+}
+
+void SecureMessage::setSigner(const SecureMessageKey &key)
+{
+	Q_UNUSED(key);
+}
+
+void SecureMessage::setSigners(const SecureMessageKeyList &keys)
+{
+	Q_UNUSED(keys);
+}
+
+void SecureMessage::startEncrypt()
+{
+}
+
+void SecureMessage::startDecrypt()
+{
+}
+
+void SecureMessage::startSign(bool detachedSignature)
+{
+	Q_UNUSED(detachedSignature);
+}
+
+void SecureMessage::startVerify(const QSecureArray &sig)
+{
+	Q_UNUSED(sig);
+}
+
+void SecureMessage::startEncryptAndSign(Order o)
+{
+	Q_UNUSED(o);
+}
+
+void SecureMessage::startDecryptAndVerify(Order o)
+{
+	Q_UNUSED(o);
+}
+
+void SecureMessage::update(const QSecureArray &in)
+{
+	Q_UNUSED(in);
+}
+
+QSecureArray SecureMessage::read(int size)
+{
+	Q_UNUSED(size);
+	return QSecureArray();
+}
+
+int SecureMessage::bytesAvailable() const
+{
+	return 0;
+}
+
+void SecureMessage::end()
+{
 }

 bool SecureMessage::waitForFinished()
@ -187,19 +265,19 @@ SecureMessage::Error SecureMessage::errorCode() const
 	return ErrUnknown;
 }

-QString SecureMessage::encrypted() const
-{
-	return QString();
-}
-
-QSecureArray SecureMessage::decrypted() const
+QSecureArray SecureMessage::signature() const
 {
 	return QSecureArray();
 }

-QString SecureMessage::signature() const
+SecureMessage::VerifyResult SecureMessage::verifyResult() const
 {
-	return QString();
+	return Invalid;
+}
+
+CertValidity SecureMessage::keyValidity() const
+{
+	return QCA::Valid;
 }

 SecureMessageKey SecureMessage::key() const
@ -212,11 +290,6 @@ QDateTime SecureMessage::timestamp() const
 	return QDateTime();
 }

-SecureMessage::VerifyResult SecureMessage::verifyResult()
-{
-	return VerifyError;
-}
-
 //----------------------------------------------------------------------------
 // SecureMessageSystem
 //----------------------------------------------------------------------------
@ -277,4 +350,9 @@ void SMIME::setStore(const Store &store)
 	Q_UNUSED(store);
 }

+void SMIME::setPrivateKeys(const QValueList<PrivateKey> &keys)
+{
+	Q_UNUSED(keys);
+}
+
 }