1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
|
/* This file is part of the KDE project
*
* Copyright (C) 2003 Stefan Rompf <[email protected]>
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Library General Public
* License as published by the Free Software Foundation; either
* version 2 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Library General Public License for more details.
*
* You should have received a copy of the GNU Library General Public License
* along with this library; see the file COPYING.LIB. If not, write to
* the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
* Boston, MA 02110-1301, USA.
*/
#ifndef __KSMIMECRYPTO_H
#define __KSMIMECRYPTO_H
#include <tqcstring.h>
#include <tqptrlist.h>
#include "ksslpkcs12.h"
#include "ksslcertificate.h"
class KOpenSSLProxy;
class KSMIMECryptoPrivate;
class KIO_EXPORT KSMIMECrypto {
public:
KSMIMECrypto();
~KSMIMECrypto();
enum algo { KSC_C_DES3_CBC = 1,
KSC_C_RC2_CBC_128,
KSC_C_RC2_CBC_64,
KSC_C_DES_CBC,
KSC_C_RC2_CBC_40 };
enum rc { KSC_R_OK, /* everything ok */
KSC_R_OTHER, /* unspecified error */
KSC_R_NO_SSL, /* No crypto lib / compiled without SSL */
KSC_R_NOCIPHER, /* encryption cipher n/a */
KSC_R_NOMEM, /* out of memory */
KSC_R_FORMAT, /* wrong input data format */
KSC_R_WRONGKEY, /* wrong decryption/signature key */
KSC_R_VERIFY /* data does not match signature */
};
/**
* Sign a message
* @param clearText MIME representation of the message (part) to sign
* @param cipherText signature to append or signature block
* @param privKey private key/certificate to sign with
* @param certs additional certificates (may be empty)
* @param detached create detached or opaque signature
* @return 0 on success
*/
rc signMessage(const TQCString &clearText,
TQByteArray &cipherText,
const KSSLPKCS12 &privKey,
const TQPtrList<KSSLCertificate> &certs,
bool detached);
/**
* Check a detached message signature
* Will check if messages matches signature and extract certificates
* Does not check certificates for validity!
* @param clearText MIME representation of signed message (without SIG)
* @param signature signature
* @param foundCerts certificates found in this message
* @return 0 on success
*/
rc checkDetachedSignature(const TQCString &clearText,
const TQByteArray &signature,
TQPtrList<KSSLCertificate> &foundCerts);
/**
* Check an opaque signed message
* Will check if signature matches and extract message
* Does not check certificates for validity!
* @param signedText signed message block
* @param clearText cleartext of signed message
* @param foundCerts certificates found in this mesasge
* @return 0 on success
*/
rc checkOpaqueSignature(const TQByteArray &signedText,
TQCString &clearText,
TQPtrList<KSSLCertificate> &foundCerts);
/**
* Encrypt a message
* encrypts a message for the given list of recipients and the
* selected algorithm. Note that any algorithm <128 bytes is
* insecure and should never be used, even if SMIME-2 requires
* only RC2-40
* @param clearText MIME representation of message to encrypt
* @param cipherText returned encrypted message
* @param algorithm encryption algorithm
* @param recip recipient certificates
* @return 0 on success
*/
rc encryptMessage(const TQCString &clearText,
TQByteArray &cipherText,
algo algorithm,
const TQPtrList<KSSLCertificate> &recip);
/**
* Decrypt a message
* @param cipherText encrypted message block
* @param clearText returns decrypted message
* @param privKey private key to use
* @return 0 on success
*/
rc decryptMessage(const TQByteArray &cipherText,
TQCString &clearText,
const KSSLPKCS12 &privKey);
private:
KSMIMECryptoPrivate *priv;
KOpenSSLProxy *kossl;
};
#endif
|