encrypt and signature algorithm selection

svn path=/trunk/kdesupport/qca/; revision=373078

TODO

@@ -3,10 +3,7 @@
 * Threading consideration (safety, usability) in API and plugins
 
 * finish API:
-  pkey: ability to choose sign algorithm
-  pkey: ability to choose cipher for toDER/PEM passphrase
   cert: Distinguished Names (Botan has X509_DN)
-  cert: get signature algorithm
   cert: constraints, ex_constraints, policies, pathLimit, isCA, isSelfSigned
   crl: add functions
 
@@ -34,6 +31,8 @@
             pre-padded last block.
   Key wrapping - RFC3217 and RFC3394
   Password based key derivation functions - RFC2898
+  pkey: ability to choose cipher for toDER/PEM passphrase ?
+    - botan doesn't seem to allow this, but kiko wanted it...
 
 * qt 4 upgrade:
   new include styles

src/qca.h

@@ -693,6 +693,22 @@ namespace QCA
 		IETF_4096
 	};
 
+	enum EncAlgo
+	{
+		EME_PKCS1v15,
+		EME_PKCS1_OAEP
+	};
+
+	enum SignAlgo
+	{
+		SignUnknown,
+		EMSA1_SHA1, // usual dsa
+		EMSA3_SHA1,
+		EMSA3_MD5, // usual rsa
+		EMSA3_MD2,
+		EMSA3_RIPEMD160
+	};
+
 	enum CertValidity
 	{
 		Valid,
@@ -1564,7 +1580,7 @@ namespace QCA
 		/**
 		 * return the block size for the cipher object
 		 */
-		unsigned int blockSize() const;
+		uint blockSize() const;
 
 		/**
 		 * reset the cipher object, to allow re-use
@@ -2355,12 +2371,12 @@ namespace QCA
 		bool canVerify() const;
 
 		// encrypt / verify
-		int maximumEncryptSize() const;
-		QSecureArray encrypt(const QSecureArray &a);
-		void startVerify();
-		void update(const QSecureArray &);
+		int maximumEncryptSize(EncAlgo alg) const;
+		QSecureArray encrypt(EncAlgo alg, const QSecureArray &a);
+		void startVerify(SignAlgo alg);
+		void update(const QSecureArray &a);
 		bool validSignature(const QSecureArray &sig);
-		bool verifyMessage(const QSecureArray &a, const QSecureArray &sig);
+		bool verifyMessage(SignAlgo alg, const QSecureArray &a, const QSecureArray &sig);
 
 		// import / export
 		QSecureArray toDER() const;
@@ -2389,11 +2405,11 @@ namespace QCA
 		bool canSign() const;
 
 		// decrypt / sign / key agreement
-		bool decrypt(const QSecureArray &in, QSecureArray *out);
-		void startSign();
+		bool decrypt(EncAlgo alg, const QSecureArray &in, QSecureArray *out);
+		void startSign(SignAlgo alg);
 		void update(const QSecureArray &);
 		QSecureArray signature();
-		QSecureArray signMessage(const QSecureArray &a);
+		QSecureArray signMessage(SignAlgo alg, const QSecureArray &a);
 		SymmetricKey deriveKey(const PublicKey &theirs);
 
 		// import / export
@@ -2522,6 +2538,7 @@ namespace QCA
 		QString commonName() const;
 		QBigInteger serialNumber() const;
 		PublicKey subjectPublicKey() const;
+		SignAlgo signatureAlgorithm() const;
 
 		// import / export
 		QSecureArray toDER() const;

src/qca_cert.cpp

@@ -145,6 +145,11 @@ PublicKey Certificate::subjectPublicKey() const
 	return key;
 }
 
+SignAlgo Certificate::signatureAlgorithm() const
+{
+	return SignUnknown;
+}
+
 QSecureArray Certificate::toDER() const
 {
 	return ((CertContext *)context())->toDER();

src/qca_publickey.cpp

@@ -255,12 +255,12 @@ bool PublicKey::canVerify() const
 	return (isRSA() || isDSA());
 }
 
-int PublicKey::maximumEncryptSize() const
+int PublicKey::maximumEncryptSize(EncAlgo) const
 {
 	return ((PKeyContext *)context())->key()->maximumEncryptSize();
 }
 
-QSecureArray PublicKey::encrypt(const QSecureArray &a)
+QSecureArray PublicKey::encrypt(EncAlgo, const QSecureArray &a)
 {
 	PKeyContext *pc = (PKeyContext *)context();
 	RSAContext *rc = (RSAContext *)(pc->key());
@@ -273,7 +273,7 @@ QSecureArray PublicKey::encrypt(const QSecureArray &a)
 	return ((PKeyContext *)context())->key()->encrypt(a);
 }
 
-void PublicKey::startVerify()
+void PublicKey::startVerify(SignAlgo)
 {
 	((PKeyContext *)context())->key()->startVerify();
 }
@@ -288,9 +288,9 @@ bool PublicKey::validSignature(const QSecureArray &sig)
 	return ((PKeyContext *)context())->key()->endVerify(sig);
 }
 
-bool PublicKey::verifyMessage(const QSecureArray &a, const QSecureArray &sig)
+bool PublicKey::verifyMessage(SignAlgo alg, const QSecureArray &a, const QSecureArray &sig)
 {
-	startVerify();
+	startVerify(alg);
 	update(a);
 	return validSignature(sig);
 }
@@ -361,13 +361,13 @@ bool PrivateKey::canSign() const
 	return (isRSA() || isDSA());
 }
 
-bool PrivateKey::decrypt(const QSecureArray &in, QSecureArray *out)
+bool PrivateKey::decrypt(EncAlgo, const QSecureArray &in, QSecureArray *out)
 {
 	detach();
 	return ((PKeyContext *)context())->key()->decrypt(in, out);
 }
 
-void PrivateKey::startSign()
+void PrivateKey::startSign(SignAlgo)
 {
 	((PKeyContext *)context())->key()->startSign();
 }
@@ -382,9 +382,9 @@ QSecureArray PrivateKey::signature()
 	return ((PKeyContext *)context())->key()->endSign();
 }
 
-QSecureArray PrivateKey::signMessage(const QSecureArray &a)
+QSecureArray PrivateKey::signMessage(SignAlgo alg, const QSecureArray &a)
 {
-	startSign();
+	startSign(alg);
 	update(a);
 	return signature();
 }