summaryrefslogtreecommitdiffstats
path: root/tdeio/kssl/ksmimecrypto.h
blob: 5f8e1da73f28f5ca2682906e338bc258fce28454 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
/* This file is part of the KDE project
 *
 * Copyright (C) 2003 Stefan Rompf <[email protected]>
 *
 * This library is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Library General Public
 * License as published by the Free Software Foundation; either
 * version 2 of the License, or (at your option) any later version.
 *
 * This library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * Library General Public License for more details.
 *
 * You should have received a copy of the GNU Library General Public License
 * along with this library; see the file COPYING.LIB.  If not, write to
 * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
 * Boston, MA 02110-1301, USA.
 */

#ifndef __KSMIMECRYPTO_H
#define __KSMIMECRYPTO_H


#include <tqcstring.h>
#include <tqptrlist.h>
#include "ksslpkcs12.h"
#include "ksslcertificate.h"

class KOpenSSLProxy;
class KSMIMECryptoPrivate;

class TDEIO_EXPORT KSMIMECrypto {
 public:
    KSMIMECrypto();
    ~KSMIMECrypto();

    enum algo { KSC_C_DES3_CBC = 1,
		KSC_C_RC2_CBC_128,
		KSC_C_RC2_CBC_64,
		KSC_C_DES_CBC,
		KSC_C_RC2_CBC_40 };

    enum rc { KSC_R_OK,        /* everything ok */
	      KSC_R_OTHER,     /* unspecified error */
	      KSC_R_NO_SSL,    /* No crypto lib / compiled without SSL */
	      KSC_R_NOCIPHER,  /* encryption cipher n/a */
	      KSC_R_NOMEM,     /* out of memory */
	      KSC_R_FORMAT,    /* wrong input data format */
	      KSC_R_WRONGKEY,  /* wrong decryption/signature key */
	      KSC_R_VERIFY     /* data does not match signature */
    };

    /**
     * Sign a message
     * @param clearText MIME representation of the message (part) to sign
     * @param cipherText signature to append or signature block
     * @param privKey private key/certificate to sign with
     * @param certs additional certificates (may be empty)
     * @param detached create detached or opaque signature
     * @return 0 on success
     */
    rc signMessage(const TQCString &clearText,
		   TQByteArray &cipherText,
		   const KSSLPKCS12 &privKey,
		   const TQPtrList<KSSLCertificate> &certs,
		   bool detached);

    /**
     * Check a detached message signature
     * Will check if messages matches signature and extract certificates
     * Does not check certificates for validity!
     * @param clearText MIME representation of signed message (without SIG)
     * @param signature signature
     * @param foundCerts certificates found in this message
     * @return 0 on success
     */
    rc checkDetachedSignature(const TQCString &clearText,
			      const TQByteArray &signature,
			      TQPtrList<KSSLCertificate> &foundCerts);

    /**
     * Check an opaque signed message
     * Will check if signature matches and extract message
     * Does not check certificates for validity!
     * @param signedText signed message block
     * @param clearText cleartext of signed message
     * @param foundCerts certificates found in this mesasge
     * @return 0 on success
     */
    rc checkOpaqueSignature(const TQByteArray &signedText,
			    TQCString &clearText,
			    TQPtrList<KSSLCertificate> &foundCerts);
    
    /**
     * Encrypt a message
     * encrypts a message for the given list of recipients and the
     * selected algorithm. Note that any algorithm <128 bytes is
     * insecure and should never be used, even if SMIME-2 requires
     * only RC2-40
     * @param clearText MIME representation of message to encrypt
     * @param cipherText returned encrypted message
     * @param algorithm encryption algorithm
     * @param recip recipient certificates
     * @return 0 on success
     */
    rc encryptMessage(const TQCString &clearText,
		      TQByteArray &cipherText,
		      algo algorithm,
		      const TQPtrList<KSSLCertificate> &recip);

    /**
     * Decrypt a message
     * @param cipherText encrypted message block
     * @param clearText returns decrypted message
     * @param privKey private key to use
     * @return 0 on success
     */
    rc decryptMessage(const TQByteArray &cipherText,
		      TQCString &clearText,
		      const KSSLPKCS12 &privKey);

 private:
    KSMIMECryptoPrivate *priv;
    KOpenSSLProxy *kossl;
};

#endif